Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Audio Muting/Unmuting Unknown Infection


  • This topic is locked This topic is locked
30 replies to this topic

#1 mjbeach

mjbeach

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:03:42 PM

Posted 10 October 2013 - 02:56 AM

Hello there, 

 

I am working to cleanse my mother's computer for her. Every few hours or so the computer will experience several problems and then continue to work fine until the next episode. The symptoms during that time are, the volume muting and unmuting itself rapidly unprompted, when a text field is selected the apostrophe symbol will be typed as if held down, and the cursor will exhibit sluggish lag. I ran a few tools to try to remedy this myself and while though some were successful in removing something (or part of something) the problem reappears the next day. Also I was wondering if you might know if a quarantine folder for these antivirus programs can be safely deleted or moved to a new directory at least. I will also post logs of my updated malwarebytes scan below the dds logs.

 

Thanks in advance for any help you might be able to offer, -Michael

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16686
Run by Brenda at 2:06:04 on 2013-10-10
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.5886.3799 [GMT -4:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ibmpmsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bradford Networks\Persistent Agent\bndaemon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Common Files\BS&A Shared\EmailServer\EmailService.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.BSA\MSSQL\Binn\sqlservr.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\PVSW\bin\psql_svc.exe
C:\PVSW\bin\w3dbsmgr.exe
C:\Windows\System32\svchost.exe -k HPZ12
c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
C:\Program Files\LENOVO\HOTKEY\tposdsvc.exe
C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\HP\HP Color LaserJet CM2320 MFP Series\hppfaxprintersrv.exe
C:\Program Files (x86)\RingCentral\RingCentral Call Controller\RCUI.exe
C:\Program Files (x86)\RingCentral\RingCentral Call Controller\RCHotKey.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\Brenda\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\msdtc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe
C:\Users\Brenda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Brenda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Brenda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Brenda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Brenda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Brenda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\Brenda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Brenda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Brenda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Brenda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Brenda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.yahoo.com?type=293224&fr=spigot-yhp-ie
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - 
uRun: [RCUI] "C:\PROGRA~2\RINGCE~1\RINGCE~1\RCUI.exe"
uRun: [RCHotKey] "C:\Program Files (x86)\RingCentral\RingCentral Call Controller\RCHotKey.exe"
uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
mRun: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
dRunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f
dRunOnce: [adaware_XP] reg.exe delete "HKCU\Software\adaware" /f
StartupFolder: C:\Users\Brenda\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Brenda\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Brenda\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\EVERNO~1.LNK - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {816BE035-1450-40D0-8A3B-BA7825A83A77} - hxxp://support.lenovo.com/Resources/Lenovo/AutoDetect/Lenovo_AutoDetect2.cab
DPF: {CAFEEFAC-0017-0000-0040-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_40-windows-i586.cab
TCP: NameServer = 8.8.8.8 8.8.4.4
TCP: Interfaces\{005FBC6E-A981-4D8F-AB50-FEC1A76C58E5} : DHCPNameServer = 8.8.8.8 8.8.4.4
TCP: Interfaces\{B73078F5-C8C9-4D39-A016-89585C43D670} : DHCPNameServer = 8.8.8.8 8.8.4.4
TCP: Interfaces\{B73078F5-C8C9-4D39-A016-89585C43D670}\163786C616E646 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{B73078F5-C8C9-4D39-A016-89585C43D670}\2456E6F6E616457707 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{B73078F5-C8C9-4D39-A016-89585C43D670}\3457C667562737 : DHCPNameServer = 216.185.192.38 216.185.192.43
TCP: Interfaces\{B73078F5-C8C9-4D39-A016-89585C43D670}\3547574656E647 : DHCPNameServer = 10.22.1.1 198.111.130.1
TCP: Interfaces\{B73078F5-C8C9-4D39-A016-89585C43D670}\64562727963775966496 : DHCPNameServer = 161.57.5.2 161.57.5.6 161.57.5.210 198.108.1.42
TCP: Interfaces\{B73078F5-C8C9-4D39-A016-89585C43D670}\74F6F63756 : DHCPNameServer = 192.168.1.1 24.247.15.53 66.189.0.100
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - 
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [LENOVO.TPKNRRES] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [HP Color LaserJet CM2320 MFP Series Fax] C:\Program Files (x86)\HP\HP Color LaserJet CM2320 MFP Series\hppfaxprintersrv.exe "HP Color LaserJet CM2320 MFP Series Fax"
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 TPDIGIMN;TPDIGIMN;C:\Windows\System32\drivers\ApsHM64.sys [2011-1-13 23664]
R1 lenovo.smi;Lenovo System Interface Driver;C:\Windows\System32\drivers\smiifx64.sys [2012-11-25 15472]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-2-24 202752]
R2 BNPagent;Bradford Persistent Agent Service;C:\Program Files (x86)\Bradford Networks\Persistent Agent\bndaemon.exe [2011-3-7 3079960]
R2 BS&A Software Email Service;BS&A Software Email Service;C:\Program Files (x86)\Common Files\BS&A Shared\EmailServer\EmailService.exe [2010-12-22 21504]
R2 LENOVO.CAMMUTE;Lenovo Camera Mute;C:\Program Files\Lenovo\Communications Utility\CamMute.exe [2011-2-24 50536]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute;C:\Program Files\Lenovo\HOTKEY\micmute.exe [2012-11-25 101736]
R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2011-2-24 74088]
R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe [2012-11-25 133992]
R2 MSSQL$BSA;SQL Server (BSA);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.BSA\MSSQL\Binn\sqlservr.exe [2011-9-22 43028328]
R2 Pervasive Workgroup Engine;Pervasive Workgroup Engine;C:\PVSW\bin\psql_svc.exe [2011-3-11 73728]
R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2011-2-24 199272]
R2 SSPORT;SSPORT;C:\Windows\System32\drivers\SSPORT.SYS [2011-7-14 11576]
R2 TPHKLOAD;Lenovo Hotkey Client Loader;C:\Program Files\Lenovo\HOTKEY\tphkload.exe [2012-11-25 145256]
R2 TPHKSVC;On Screen Display;C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe [2012-11-25 142696]
R3 5U877;USB Video Device;C:\Windows\System32\drivers\5U877.sys [2011-2-24 161664]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\Windows\System32\drivers\rtl8192se.sys [2011-2-24 1107488]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2011-2-24 38528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 PCDSRVC{127174DC-C366ED8B-06020200}_0;PCDSRVC{127174DC-C366ED8B-06020200}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\PC-Doctor\pcdsrvc_x64.pkms [2011-3-31 25584]
S3 Power Manager DBC Service;Power Manager DBC Service;C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe [2011-2-24 1662560]
S3 PwmEWSvc;Cisco EnergyWise Enabler;C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.exe [2012-11-25 1665120]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-2-24 239136]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-5-25 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-3-10 1255736]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files (x86)\Microsoft SQL Server\100\Shared\sqladhlp.exe [2008-7-10 47128]
S4 SQLAgent$BSA;SQL Server Agent (BSA);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.BSA\MSSQL\Binn\SQLAGENT.EXE [2011-9-22 370024]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-10-06 18:56:02 -------- d-sh--w- C:\$RECYCLE.BIN
2013-10-06 18:42:17 -------- d-----w- C:\ComboFix
2013-10-05 18:07:56 98816 ----a-w- C:\Windows\sed.exe
2013-10-05 18:07:56 256000 ----a-w- C:\Windows\PEV.exe
2013-10-05 18:07:56 208896 ----a-w- C:\Windows\MBR.exe
2013-10-05 18:05:56 9694160 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F23EFE58-452F-46A7-9385-A8658C87F215}\mpengine.dll
2013-10-05 18:05:55 278800 ------w- C:\Windows\System32\MpSigStub.exe
2013-10-05 17:52:28 -------- d-----w- C:\Windows\ERUNT
2013-10-05 17:42:38 -------- d-----w- C:\Users\Brenda\AppData\Roaming\TuneUp Software
2013-10-05 17:22:11 -------- d-----w- C:\AdwCleaner
2013-10-02 01:50:41 -------- d-----w- C:\Users\Brenda\AppData\Roaming\Malwarebytes
2013-10-02 01:50:34 -------- d-----w- C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE
2013-10-02 01:50:33 -------- d-----w- C:\ProgramData\Malwarebytes
2013-10-02 01:50:32 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-10-02 01:50:32 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-02 01:50:15 -------- d-----w- C:\Users\Brenda\AppData\Local\Programs
2013-10-01 18:08:34 -------- d-----w- C:\Users\Brenda\AppData\Roaming\uTorrent
2013-09-28 13:47:24 262552 ----a-w- C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
2013-09-25 02:26:52 -------- d-----w- C:\ProgramData\Oracle
2013-09-17 20:24:38 -------- d-----w- C:\Program Files\CCleaner
2013-09-17 19:32:18 -------- d-----w- C:\Users\Brenda\AppData\Local\ElevatedDiagnostics
2013-09-12 18:37:59 775256 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
2013-09-12 15:36:29 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys
.
==================== Find3M  ====================
.
2013-10-09 18:34:25 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-09 18:34:25 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-09-25 02:26:17 868264 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-09-25 02:26:17 790440 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-09-25 02:06:22 59 ----a-w- C:\Windows\wpd99.drv
2013-08-10 05:22:18 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-08-10 05:20:59 3959296 ----a-w- C:\Windows\System32\jscript9.dll
2013-08-10 05:20:55 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-08-10 05:20:55 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-08-10 03:59:10 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-08-10 03:58:09 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-08-10 03:58:06 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-08-10 03:58:06 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-08-10 03:17:38 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-08-10 03:07:50 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-08-10 02:27:59 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-08-10 02:17:19 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-08-08 01:20:43 3155456 ----a-w- C:\Windows\System32\win32k.sys
2013-08-02 02:23:53 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-08-02 02:15:44 1732032 ----a-w- C:\Windows\System32\ntdll.dll
2013-08-02 02:15:03 362496 ----a-w- C:\Windows\System32\wow64win.dll
2013-08-02 02:15:03 243712 ----a-w- C:\Windows\System32\wow64.dll
2013-08-02 02:15:03 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2013-08-02 02:14:57 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-08-02 02:14:11 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2013-08-02 02:13:34 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2013-08-02 01:59:30 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-08-02 01:59:30 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-08-02 01:51:23 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
2013-08-02 01:50:42 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-08-02 01:50:42 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2013-08-02 01:09:17 338432 ----a-w- C:\Windows\System32\conhost.exe
2013-08-02 00:59:09 112640 ----a-w- C:\Windows\System32\smss.exe
2013-08-02 00:45:37 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-08-02 00:45:36 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-08-02 00:45:35 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-08-02 00:45:34 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-08-02 00:43:05 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43:05 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43:05 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43:05 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2013-07-19 01:58:42 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-07-19 01:41:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
.
============= FINISH:  2:07:25.23 ===============
 
 
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.10.10.01
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16686
Brenda :: BRENDA-THINKPAD [administrator]
 
10/10/2013 2:06:57 AM
mbam-log-2013-10-10 (02-06-57).txt
 
Scan type: Full scan (C:\|E:\|Q:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 455730
Time elapsed: 1 hour(s), 18 minute(s), 6 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)
 

 

Attached Files



BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:42 PM

Posted 10 October 2013 - 09:02 AM


Hello mjbeach

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.


Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.


These are the programs I would like you to run next, if you have any problems with one of these just skip it and move on to the next one.

-AdwCleaner-

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
-Junkware-Removal-Tool-

Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
When they are complete let me have the two reports and let me know how things are running.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 mjbeach

mjbeach
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:03:42 PM

Posted 10 October 2013 - 03:50 PM

# AdwCleaner v3.007 - Report created 10/10/2013 at 16:29:38
# Updated 09/10/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Brenda - BRENDA-THINKPAD
# Running from : C:\Users\Brenda\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16686
 
 
-\\ Google Chrome v
 
[ File : C:\Users\Brenda\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [838 octets] - [10/10/2013 16:28:57]
AdwCleaner[S0].txt - [762 octets] - [10/10/2013 16:29:38]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [821 octets] ##########
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.4 (10.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by Brenda on Thu 10/10/2013 at 16:35:51.59
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 10/10/2013 at 16:43:57.47
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
The computer appears to be running normally as of now but the symptoms are normally only occur a couple times a day and I haven't had much opportunity to use it yet today so its tough to say (based on my past experiences I'd say its likely still infected). Thanks again for your work. 


#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:42 PM

Posted 10 October 2013 - 11:29 PM


Hello mjbeach

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"
  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 mjbeach

mjbeach
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:03:42 PM

Posted 11 October 2013 - 10:42 AM

ComboFix 13-10-09.01 - Brenda 10/11/2013  11:10:13.4.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.5886.4444 [GMT -4:00]
Running from: c:\users\Brenda\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-- Previous Run --
.
Infected copy of c:\windows\SysWow64\userinit.exe was found and disinfected 
Restored copy from - c:\windows\erdnt\cache86\userinit.exe 
.
--------
.
.
(((((((((((((((((((((((((   Files Created from 2013-09-11 to 2013-10-11  )))))))))))))))))))))))))))))))
.
.
2013-10-11 15:18 . 2013-10-11 15:18 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-11 12:47 . 2013-09-16 04:50 9694160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{00D2C51B-8AE0-4171-B482-6D4320B57C31}\mpengine.dll
2013-10-10 20:28 . 2013-10-10 20:29 -------- d-----w- C:\AdwCleaner
2013-10-10 19:04 . 2013-10-10 19:04 -------- d-----r- c:\users\Brenda\Copy gilden1990@yahoo.com
2013-10-10 18:35 . 2013-10-10 18:35 -------- d-----r- c:\users\Brenda\Copy michaeljohnbeach@gmail.com
2013-10-10 18:11 . 2013-10-10 18:13 -------- d-----r- c:\users\Brenda\Copy
2013-10-10 18:10 . 2013-10-10 20:10 -------- d-----w- c:\users\Brenda\AppData\Roaming\Copy
2013-10-05 22:37 . 2013-10-05 22:37 -------- d-----w- c:\program files\WinRAR
2013-10-05 18:05 . 2013-08-07 08:22 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-10-05 17:52 . 2013-10-05 17:52 -------- d-----w- c:\windows\ERUNT
2013-10-05 17:42 . 2013-10-05 17:42 -------- d-----w- c:\users\Brenda\AppData\Roaming\TuneUp Software
2013-10-02 01:50 . 2013-10-02 01:50 -------- d-----w- c:\users\Brenda\AppData\Roaming\Malwarebytes
2013-10-02 01:50 . 2013-10-04 18:40 -------- d-----w- c:\program files (x86)\MALWAREBYTES ANTI-MALWARE
2013-10-02 01:50 . 2013-10-02 02:13 -------- d-----w- c:\programdata\Malwarebytes
2013-10-02 01:50 . 2013-10-02 01:50 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-10-02 01:50 . 2013-04-04 18:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-10-02 01:50 . 2013-10-02 01:50 -------- d-----w- c:\users\Brenda\AppData\Local\Programs
2013-10-01 18:08 . 2013-10-10 20:05 -------- d-----w- c:\users\Brenda\AppData\Roaming\uTorrent
2013-09-25 02:26 . 2013-09-25 02:26 -------- d-----w- c:\programdata\Oracle
2013-09-17 20:24 . 2013-10-06 19:19 -------- d-----w- c:\program files\CCleaner
2013-09-17 19:32 . 2013-10-10 18:42 -------- d-----w- c:\users\Brenda\AppData\Local\ElevatedDiagnostics
2013-09-12 17:14 . 2013-09-12 17:14 18612928 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE14\MSO.DLL
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-10 22:10 . 2011-03-10 22:27 80541720 ----a-w- c:\windows\system32\MRT.exe
2013-10-09 18:34 . 2013-02-28 13:17 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-10-09 18:34 . 2012-01-10 14:38 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-25 02:26 . 2012-07-18 16:04 868264 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-09-25 02:26 . 2011-03-11 04:33 790440 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-08-29 01:48 . 2013-10-10 18:18 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-07-25 09:25 . 2013-08-14 19:09 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-25 08:57 . 2013-08-14 19:09 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-07-19 01:58 . 2013-08-14 19:09 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-19 01:41 . 2013-08-14 19:09 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Brenda\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Brenda\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Brenda\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RCUI"="c:\progra~2\RINGCE~1\RINGCE~1\RCUI.exe" [2013-04-08 493872]
"RCHotKey"="c:\program files (x86)\RingCentral\RingCentral Call Controller\RCHotKey.exe" [2013-04-08 39216]
"RESTART_STICKY_NOTES"="c:\windows\System32\StikyNot.exe" [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"PWMTRV"="c:\progra~2\ThinkPad\UTILIT~1\PWMTR64V.DLL" [2012-05-16 5941344]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"adaware"="reg.exe delete HKCU\Software\AppDataLow\Software\adaware" [X]
"adaware_XP"="reg.exe delete HKCU\Software\adaware" [X]
.
c:\users\Brenda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Brenda\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-24 27776968]
EvernoteClipper.lnk - c:\program files (x86)\Evernote\Evernote\EvernoteClipper.exe [2012-8-14 1014624]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 PCDSRVC{127174DC-C366ED8B-06020200}_0;PCDSRVC{127174DC-C366ED8B-06020200}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor\pcdsrvc_x64.pkms;c:\program files\pc-doctor\pcdsrvc_x64.pkms [x]
R3 Power Manager DBC Service;Power Manager DBC Service;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [x]
R3 PwmEWSvc;Cisco EnergyWise Enabler;c:\program files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE;c:\program files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 SQLAgent$BSA;SQL Server Agent (BSA);c:\program files (x86)\Microsoft SQL Server\MSSQL10.BSA\MSSQL\Binn\SQLAGENT.EXE;c:\program files (x86)\Microsoft SQL Server\MSSQL10.BSA\MSSQL\Binn\SQLAGENT.EXE [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM64.sys;c:\windows\SYSNATIVE\DRIVERS\ApsHM64.sys [x]
S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiifx64.sys;c:\windows\SYSNATIVE\DRIVERS\smiifx64.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 BNPagent;Bradford Persistent Agent Service;c:\program files (x86)\Bradford Networks\Persistent Agent\bndaemon.exe;c:\program files (x86)\Bradford Networks\Persistent Agent\bndaemon.exe [x]
S2 BS&A Software Email Service;BS&A Software Email Service;c:\program files (x86)\Common Files\BS&A Shared\EmailServer\EmailService.exe;c:\program files (x86)\Common Files\BS&A Shared\EmailServer\EmailService.exe [x]
S2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe [x]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [x]
S2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe [x]
S2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe [x]
S2 MSSQL$BSA;SQL Server (BSA);c:\program files (x86)\Microsoft SQL Server\MSSQL10.BSA\MSSQL\Binn\sqlservr.exe;c:\program files (x86)\Microsoft SQL Server\MSSQL10.BSA\MSSQL\Binn\sqlservr.exe [x]
S2 Pervasive Workgroup Engine;Pervasive Workgroup Engine;c:\pvsw\bin\psql_svc.exe run;c:\pvsw\bin\psql_svc.exe run [x]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
S2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe [x]
S2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [x]
S3 5U877;USB Video Device;c:\windows\system32\DRIVERS\5U877.sys;c:\windows\SYSNATIVE\DRIVERS\5U877.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192se.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ   hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2013-10-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-28 18:34]
.
2013-10-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-24 16:22]
.
2013-10-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-24 16:22]
.
2013-10-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2582758472-1218205146-2151914082-1000Core.job
- c:\users\Brenda\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-04 02:01]
.
2013-10-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2582758472-1218205146-2151914082-1000UA.job
- c:\users\Brenda\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-04 02:01]
.
2013-09-25 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\PC-Doctor\uaclauncher.exe [2011-03-31 15:06]
.
2013-10-10 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\PC-Doctor\uaclauncher.exe [2011-03-31 15:06]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Brenda\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Brenda\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Brenda\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Brenda\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-07-15 11049576]
"LENOVO.TPKNRRES"="c:\program files\Lenovo\Communications Utility\TPKNRRES.exe" [2010-04-20 62312]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"HP Color LaserJet CM2320 MFP Series Fax"="c:\program files (x86)\HP\HP Color LaserJet CM2320 MFP Series\hppfaxprintersrv.exe" [2009-09-23 3700736]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.yahoo.com?type=293224&fr=spigot-yhp-ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
TCP: Interfaces\{B73078F5-C8C9-4D39-A016-89585C43D670}: NameServer = 8.8.8.8,8.8.4.4
DPF: {816BE035-1450-40D0-8A3B-BA7825A83A77} - hxxp://support.lenovo.com/Resources/Lenovo/AutoDetect/Lenovo_AutoDetect2.cab
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKU-Default-Run-Copy - c:\users\Brenda\AppData\Roaming\Copy\CopyAgent.exe
ShellIconOverlayIdentifiers-{83BEA36E-7680-4598-A4DF-994426F6E78D} - c:\users\Brenda\AppData\Roaming\Copy\overlay\CopyShExt.dll
ShellIconOverlayIdentifiers-{845B7388-6F85-4F32-9FD5-F02DC7882B89} - c:\users\Brenda\AppData\Roaming\Copy\overlay\CopyShExt.dll
ShellIconOverlayIdentifiers-{F6378A7A-F753-449B-AE1B-997A96132E61} - c:\users\Brenda\AppData\Roaming\Copy\overlay\CopyShExt.dll
ShellIconOverlayIdentifiers-{3A511828-777D-46F8-82F4-5B530C1B3D9E} - c:\users\Brenda\AppData\Roaming\Copy\overlay\CopyShExt.dll
ShellIconOverlayIdentifiers-{C8C88204-5B14-40EC-BA72-8AEBC762047E} - c:\users\Brenda\AppData\Roaming\Copy\overlay\CopyShExt.dll
ShellIconOverlayIdentifiers-{ACFF45C3-3EEB-4351-86C2-6696BA264239} - c:\users\Brenda\AppData\Roaming\Copy\overlay\CopyShExt.dll
ShellIconOverlayIdentifiers-{29AF997F-488B-46F0-AE78-7146F1B89CC3} - c:\users\Brenda\AppData\Roaming\Copy\overlay\CopyShExt.dll
ShellIconOverlayIdentifiers-{03F9AD29-1C78-4B66-8890-B177B5430C53} - c:\users\Brenda\AppData\Roaming\Copy\overlay\CopyShExt.dll
AddRemove-Coupon Printer for Windows5.0.0.1 - c:\program files (x86)\Coupons\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{127174DC-C366ED8B-06020200}_0]
"ImagePath"="\??\c:\program files\pc-doctor\pcdsrvc_x64.pkms"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-10-11  11:20:29
ComboFix-quarantined-files.txt  2013-10-11 15:20
ComboFix2.txt  2013-10-06 18:04
ComboFix3.txt  2013-10-05 18:23
.
Pre-Run: 334,982,316,032 bytes free
Post-Run: 334,998,781,952 bytes free
.
- - End Of File - - 734B40D36C3E338896908A0C90BAC16C
5C616939100B85E558DA92B899A0FC36
 
 
The computer has been running smoothly thus far with limited use.


#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:42 PM

Posted 11 October 2013 - 12:24 PM


Hello mjbeach

I would like you to try and run these next.

TDSSKiller

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • more than one report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". The one that I need is the larger one. Please copy and paste the contents of that file here.

    Note** this report can be very long - so if the website gives you an error saying it is to long you may attache it

    If the forum still complains about it being to long send me everything that is at the end of the report after where it says

    ==================
    Scan finished
    ==================
and I will see if I want to see the whole report

--RogueKiller--

Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit
  • Quit all programs that you may have started.
  • Please disconnect any external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • the scan will make two reports the one I would like to see is called RKreport[2].txt on your Desktop
  • Exit/Close RogueKiller+
send me the reports made from TDSSKiller and Roguekiller and also let me know how the computer is doing at this time.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:42 PM

Posted 15 October 2013 - 09:18 PM



Hello

48 Hour bump

It has been more than 48 hours since my last post.
  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:42 PM

Posted 22 October 2013 - 08:09 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:42 PM

Posted 11 November 2013 - 08:23 PM

This topic has been re-opened at the request of the person who originally posted.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 mjbeach

mjbeach
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:03:42 PM

Posted 11 November 2013 - 11:27 PM

Thanks for reopening the thread. The infection seemed to be fine for a while hence why I stopped responding (I know very stupid and I have seen the errors of my way). The problem seemed to reappear after a new hard drive was put into the computer (cloned over HD info). 
 
I have rerun all the steps of the thread again (in order) in an attempt to remedy the problem logs as follows. 
 
When I ran Combofix I noticed that the log file did not seem to generate. I checked the C drive for log but it came up empty, an additional scan of the PC showed no log.
 
After all of the utilities the original problem of the audio muting/unmuting unprompted, mouse lag, and unwanted keystokes continued ( the severity, duration, and frequency of these attacks seems in consistent)
 
The BS&A email is a legitimate program used by my mother for her work.
 
Thanks for all your work on this, and I can promise that I will be seeing this to its close. Means a lot to us over here.
Thanks, Michael.
 
 
 
ADW Cleaner
 
# AdwCleaner v3.012 - Report created 11/11/2013 at 14:34:45
# Updated 11/11/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Brenda - BRENDA-THINKPAD
# Running from : C:\Users\Brenda\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Program Files (x86)\Toolbar Cleaner
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\Software\Toolbar Cleaner
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16720
 
 
-\\ Google Chrome v
 
[ File : C:\Users\Brenda\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [838 octets] - [10/10/2013 15:28:57]
AdwCleaner[R1].txt - [1224 octets] - [11/11/2013 14:33:43]
AdwCleaner[S0].txt - [900 octets] - [10/10/2013 15:29:38]
AdwCleaner[S1].txt - [1153 octets] - [11/11/2013 14:34:45]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1213 octets] ##########
 
 
JRT
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Brenda on Mon 11/11/2013 at 14:41:38.32
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 11/11/2013 at 14:49:18.26
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
Combofix
No log generated


#11 mjbeach

mjbeach
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:03:42 PM

Posted 11 November 2013 - 11:37 PM

TDSSKiler Log Part 1/3

 

15:29:42.0970 0x0884  TDSS rootkit removing tool 3.0.0.16 Nov  1 2013 15:53:38
15:29:43.0422 0x0884  ============================================================
15:29:43.0422 0x0884  Current date / time: 2013/11/11 15:29:43.0422
15:29:43.0422 0x0884  SystemInfo:
15:29:43.0422 0x0884  
15:29:43.0422 0x0884  OS Version: 6.1.7601 ServicePack: 1.0
15:29:43.0422 0x0884  Product type: Workstation
15:29:43.0422 0x0884  ComputerName: BRENDA-THINKPAD
15:29:43.0500 0x0884  UserName: Brenda
15:29:43.0500 0x0884  Windows directory: C:\Windows
15:29:43.0500 0x0884  System windows directory: C:\Windows
15:29:43.0500 0x0884  Running under WOW64
15:29:43.0500 0x0884  Processor architecture: Intel x64
15:29:43.0500 0x0884  Number of processors: 2
15:29:43.0500 0x0884  Page size: 0x1000
15:29:43.0500 0x0884  Boot type: Normal boot
15:29:43.0500 0x0884  ============================================================
15:29:43.0500 0x0884  BG loaded
15:29:44.0405 0x0884  System UUID: {86674C38-4A4D-D900-638F-1491C83B0729}
15:29:45.0091 0x0884  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:29:45.0107 0x0884  ============================================================
15:29:45.0107 0x0884  \Device\Harddisk0\DR0:
15:29:45.0107 0x0884  MBR partitions:
15:29:45.0107 0x0884  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x258000
15:29:45.0107 0x0884  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x258828, BlocksNum 0x23E4CFFF
15:29:45.0107 0x0884  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x240A5828, BlocksNum 0x1388000
15:29:45.0107 0x0884  ============================================================
15:29:45.0122 0x0884  C: <-> \Device\Harddisk0\DR0\Partition2
15:29:45.0263 0x0884  Q: <-> \Device\Harddisk0\DR0\Partition3
15:29:45.0263 0x0884  ============================================================
15:29:45.0263 0x0884  Initialize success
15:29:45.0263 0x0884  ============================================================
15:33:35.0711 0x14f4  ============================================================
15:33:35.0711 0x14f4  Scan started
15:33:35.0711 0x14f4  Mode: Manual; SigCheck; TDLFS; 
15:33:35.0711 0x14f4  ============================================================
15:33:35.0711 0x14f4  KSN ping started
15:33:38.0350 0x14f4  KSN ping finished: true
15:33:41.0227 0x14f4  ================ Scan system memory ========================
15:33:41.0227 0x14f4  System memory - ok
15:33:41.0232 0x14f4  ================ Scan services =============================
15:33:41.0452 0x14f4  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:33:41.0561 0x14f4  1394ohci - ok
15:33:41.0620 0x14f4  [ 0FC813D822BFC06169CE4E0D00669021, 59ECCD1F338E529254C3B9102F6684E35EAA01A7E4D24A2E5FC8F15370162F32 ] 5U877           C:\Windows\system32\DRIVERS\5U877.sys
15:33:41.0679 0x14f4  5U877 - ok
15:33:41.0713 0x14f4  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:33:41.0746 0x14f4  ACPI - ok
15:33:41.0792 0x14f4  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:33:41.0878 0x14f4  AcpiPmi - ok
15:33:42.0044 0x14f4  [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:33:42.0077 0x14f4  AdobeARMservice - ok
15:33:42.0277 0x14f4  [ A283108E14F3970432C21AF4C0CB1BCE, 1D3219EF916D54232838870EDE557296AACB714B456ED0AAE0DE3CE3822F4643 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:33:42.0335 0x14f4  AdobeFlashPlayerUpdateSvc - ok
15:33:42.0410 0x14f4  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
15:33:42.0492 0x14f4  adp94xx - ok
15:33:42.0539 0x14f4  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
15:33:42.0569 0x14f4  adpahci - ok
15:33:42.0591 0x14f4  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
15:33:42.0609 0x14f4  adpu320 - ok
15:33:42.0660 0x14f4  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:33:42.0803 0x14f4  AeLookupSvc - ok
15:33:42.0842 0x14f4  [ 314C17917AC8523EC77A710215012A65, 725CF2D5F63C06F7704C24FE0CFA696215DADC6C0EC445D9671E82F8E23E56AD ] AFD             C:\Windows\system32\drivers\afd.sys
15:33:44.0835 0x14f4  AFD - ok
15:33:44.0885 0x14f4  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
15:33:44.0902 0x14f4  agp440 - ok
15:33:44.0937 0x14f4  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
15:33:44.0989 0x14f4  ALG - ok
15:33:45.0042 0x14f4  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:33:45.0057 0x14f4  aliide - ok
15:33:45.0105 0x14f4  [ EC803C6CA6D6FDEE5DE77641426E72BE, 5BFD662ADC2922005F22DEA51DA3BFB327F1A4163B3464A862FD1AF73195B536 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:33:45.0178 0x14f4  AMD External Events Utility - ok
15:33:45.0222 0x14f4  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
15:33:45.0238 0x14f4  amdide - ok
15:33:45.0279 0x14f4  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
15:33:45.0324 0x14f4  AmdK8 - ok
15:33:45.0577 0x14f4  [ 09FBE3B09F9A8B5EEA6A10D3C1D55888, 72173B2E83A98FB75908214D7FFFA36A491BDBA3F6D6B41D9435F63E5009BEBD ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
15:33:45.0829 0x14f4  amdkmdag - ok
15:33:45.0866 0x14f4  [ 63B54A51E9BF3645063A1A0709F0E52A, 01D5E901839C82CFA41200494D6F1C423A23CD98F7738D79E7EE13161FA83538 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
15:33:45.0905 0x14f4  amdkmdap - ok
15:33:45.0937 0x14f4  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
15:33:45.0961 0x14f4  AmdPPM - ok
15:33:46.0019 0x14f4  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:33:49.0599 0x14f4  amdsata - ok
15:33:49.0647 0x14f4  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
15:33:49.0682 0x14f4  amdsbs - ok
15:33:49.0713 0x14f4  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:33:49.0725 0x14f4  amdxata - ok
15:33:49.0798 0x14f4  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
15:33:50.0000 0x14f4  AppID - ok
15:33:50.0025 0x14f4  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:33:50.0087 0x14f4  AppIDSvc - ok
15:33:50.0139 0x14f4  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
15:33:50.0246 0x14f4  Appinfo - ok
15:33:50.0441 0x14f4  [ 4FE5C6D40664AE07BE5105874357D2ED, 70DD05EE80B77EB2F781E0919885D1BBB1119EA1A8955935AF5AECD05E30F14A ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:33:50.0473 0x14f4  Apple Mobile Device - ok
15:33:50.0531 0x14f4  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
15:33:50.0545 0x14f4  arc - ok
15:33:50.0556 0x14f4  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
15:33:50.0571 0x14f4  arcsas - ok
15:33:50.0714 0x14f4  [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:33:50.0794 0x14f4  aspnet_state - ok
15:33:50.0834 0x14f4  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:33:50.0924 0x14f4  AsyncMac - ok
15:33:51.0033 0x14f4  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
15:33:51.0062 0x14f4  atapi - ok
15:33:51.0125 0x14f4  [ C07A040D6B5A42DD41EE386CF90974C8, 8D47815F99C79B795504C3172B5FBBDBA6AFACC004B17AA3954A06BE713FACAE ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie.sys
15:33:51.0153 0x14f4  AtiPcie - ok
15:33:51.0229 0x14f4  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:33:51.0342 0x14f4  AudioEndpointBuilder - ok
15:33:51.0446 0x14f4  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:33:51.0511 0x14f4  AudioSrv - ok
15:33:51.0579 0x14f4  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:33:51.0665 0x14f4  AxInstSV - ok
15:33:51.0726 0x14f4  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
15:33:51.0798 0x14f4  b06bdrv - ok
15:33:51.0840 0x14f4  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:33:51.0889 0x14f4  b57nd60a - ok
15:33:51.0935 0x14f4  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:33:51.0975 0x14f4  BDESVC - ok
15:33:51.0988 0x14f4  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:33:52.0039 0x14f4  Beep - ok
15:33:52.0150 0x14f4  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
15:33:52.0241 0x14f4  BFE - ok
15:33:52.0423 0x14f4  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\system32\qmgr.dll
15:33:52.0500 0x14f4  BITS - ok
15:33:52.0534 0x14f4  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:33:52.0559 0x14f4  blbdrive - ok
15:33:53.0031 0x14f4  [ 2DF7274105329AC0A27718DE705BCDAE, 9B70D765EEC393C64A14BB1CE6EB9161D28BAFE71001111012320474A4FC6AE9 ] BNPagent        C:\Program Files (x86)\Bradford Networks\Persistent Agent\bndaemon.exe
15:33:53.0129 0x14f4  BNPagent - ok
15:33:53.0254 0x14f4  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:33:53.0292 0x14f4  Bonjour Service - ok
15:33:53.0325 0x14f4  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:33:53.0367 0x14f4  bowser - ok
15:33:53.0399 0x14f4  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:33:53.0485 0x14f4  BrFiltLo - ok
15:33:53.0498 0x14f4  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:33:53.0543 0x14f4  BrFiltUp - ok
15:33:53.0589 0x14f4  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
15:33:53.0655 0x14f4  BridgeMP - ok
15:33:53.0697 0x14f4  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
15:33:53.0761 0x14f4  Browser - ok
15:33:53.0796 0x14f4  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:33:53.0875 0x14f4  Brserid - ok
15:33:53.0904 0x14f4  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:33:53.0941 0x14f4  BrSerWdm - ok
15:33:53.0961 0x14f4  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:33:53.0999 0x14f4  BrUsbMdm - ok
15:33:54.0015 0x14f4  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:33:54.0037 0x14f4  BrUsbSer - ok
15:33:54.0096 0x14f4  [ 3BBF8D284B830D4385958CE93D348DB4, 2F6025527A4EA04463531F123C0EB41719F678D74777EBCD306F54EB14AB55C6 ] BS&A Software Email Service C:\Program Files (x86)\Common Files\BS&A Shared\EmailServer\EmailService.exe
15:33:54.0131 0x14f4  BS&A Software Email Service - detected UnsignedFile.Multi.Generic ( 1 )
15:33:57.0130 0x14f4  BS&A Software Email Service ( UnsignedFile.Multi.Generic ) - warning
15:33:59.0716 0x14f4  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
15:33:59.0787 0x14f4  BthEnum - ok
15:33:59.0820 0x14f4  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
15:33:59.0865 0x14f4  BTHMODEM - ok
15:33:59.0894 0x14f4  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
15:33:59.0931 0x14f4  BthPan - ok
15:34:00.0092 0x14f4  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
15:34:00.0163 0x14f4  BTHPORT - ok
15:34:00.0186 0x14f4  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
15:34:00.0236 0x14f4  bthserv - ok
15:34:00.0288 0x14f4  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
15:34:00.0309 0x14f4  BTHUSB - ok
15:34:01.0014 0x14f4  catchme - ok
15:34:01.0045 0x14f4  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:34:01.0113 0x14f4  cdfs - ok
15:34:01.0180 0x14f4  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
15:34:01.0214 0x14f4  cdrom - ok
15:34:01.0260 0x14f4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
15:34:01.0312 0x14f4  CertPropSvc - ok
15:34:01.0347 0x14f4  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
15:34:01.0370 0x14f4  circlass - ok
15:34:01.0407 0x14f4  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
15:34:01.0430 0x14f4  CLFS - ok
15:34:01.0497 0x14f4  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:34:01.0525 0x14f4  clr_optimization_v2.0.50727_32 - ok
15:34:01.0603 0x14f4  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:34:01.0636 0x14f4  clr_optimization_v2.0.50727_64 - ok
15:34:01.0724 0x14f4  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:34:01.0824 0x14f4  clr_optimization_v4.0.30319_32 - ok
15:34:01.0859 0x14f4  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:34:01.0911 0x14f4  clr_optimization_v4.0.30319_64 - ok
15:34:01.0948 0x14f4  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
15:34:01.0965 0x14f4  CmBatt - ok
15:34:02.0023 0x14f4  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:34:02.0039 0x14f4  cmdide - ok
15:34:02.0097 0x14f4  [ 9AC4F97C2D3E93367E2148EA940CD2CD, 530E089E5CF868AECDB2B5548EBE76E0CA98FC74A72897292AB2485734402E3B ] CNG             C:\Windows\system32\Drivers\cng.sys
15:34:02.0136 0x14f4  CNG - ok
15:34:02.0151 0x14f4  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
15:34:02.0163 0x14f4  Compbatt - ok
15:34:02.0215 0x14f4  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
15:34:02.0267 0x14f4  CompositeBus - ok
15:34:02.0286 0x14f4  COMSysApp - ok
15:34:02.0309 0x14f4  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
15:34:02.0325 0x14f4  crcdisk - ok
15:34:02.0383 0x14f4  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:34:02.0431 0x14f4  CryptSvc - ok
15:34:02.0498 0x14f4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:34:02.0594 0x14f4  DcomLaunch - ok
15:34:02.0655 0x14f4  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
15:34:02.0798 0x14f4  defragsvc - ok
15:34:02.0835 0x14f4  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:34:02.0920 0x14f4  DfsC - ok
15:34:02.0974 0x14f4  [ 2D589A2C024B2FB238535DB9F7B3597D, 1EB47F73BC890D67A50C72E30BFE139AA1747C88E2FA8029A7382B203C37B512 ] DgiVecp         C:\Windows\system32\Drivers\DgiVecp.sys
15:34:02.0984 0x14f4  DgiVecp - ok
15:34:03.0048 0x14f4  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:34:03.0100 0x14f4  Dhcp - ok
15:34:03.0126 0x14f4  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
15:34:03.0173 0x14f4  discache - ok
15:34:03.0208 0x14f4  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
15:34:03.0222 0x14f4  Disk - ok
15:34:03.0250 0x14f4  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:34:03.0316 0x14f4  Dnscache - ok
15:34:03.0439 0x14f4  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:34:03.0550 0x14f4  dot3svc - ok
15:34:03.0615 0x14f4  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
15:34:03.0684 0x14f4  Dot4 - ok
15:34:03.0746 0x14f4  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
15:34:03.0802 0x14f4  Dot4Print - ok
15:34:03.0858 0x14f4  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
15:34:03.0894 0x14f4  dot4usb - ok
15:34:03.0948 0x14f4  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
15:34:04.0016 0x14f4  DPS - ok
15:34:04.0048 0x14f4  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:34:04.0076 0x14f4  drmkaud - ok
15:34:04.0138 0x14f4  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:34:04.0178 0x14f4  DXGKrnl - ok
15:34:04.0223 0x14f4  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
15:34:04.0288 0x14f4  EapHost - ok
15:34:05.0144 0x14f4  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
15:34:05.0388 0x14f4  ebdrv - ok
15:34:05.0493 0x14f4  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS             C:\Windows\System32\lsass.exe
15:34:05.0572 0x14f4  EFS - ok
15:34:05.0846 0x14f4  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:34:05.0933 0x14f4  ehRecvr - ok
15:34:05.0970 0x14f4  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
15:34:06.0039 0x14f4  ehSched - ok
15:34:06.0106 0x14f4  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
15:34:06.0188 0x14f4  elxstor - ok
15:34:06.0255 0x14f4  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:34:06.0332 0x14f4  ErrDev - ok
15:34:06.0404 0x14f4  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
15:34:06.0463 0x14f4  EventSystem - ok
15:34:06.0547 0x14f4  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
15:34:06.0633 0x14f4  exfat - ok
15:34:06.0715 0x14f4  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:34:06.0804 0x14f4  fastfat - ok
15:34:06.0955 0x14f4  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
15:34:07.0072 0x14f4  Fax - ok
15:34:07.0092 0x14f4  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
15:34:07.0119 0x14f4  fdc - ok
15:34:07.0153 0x14f4  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
15:34:07.0222 0x14f4  fdPHost - ok
15:34:07.0262 0x14f4  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:34:07.0346 0x14f4  FDResPub - ok
15:34:07.0409 0x14f4  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:34:07.0443 0x14f4  FileInfo - ok
15:34:07.0471 0x14f4  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:34:07.0554 0x14f4  Filetrace - ok
15:34:07.0574 0x14f4  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
15:34:07.0598 0x14f4  flpydisk - ok
15:34:07.0666 0x14f4  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:34:07.0707 0x14f4  FltMgr - ok
15:34:07.0963 0x14f4  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
15:34:08.0082 0x14f4  FontCache - ok
15:34:08.0245 0x14f4  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:34:08.0270 0x14f4  FontCache3.0.0.0 - ok
15:34:08.0358 0x14f4  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:34:08.0408 0x14f4  FsDepends - ok
15:34:08.0469 0x14f4  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:34:08.0481 0x14f4  Fs_Rec - ok
15:34:08.0567 0x14f4  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:34:08.0589 0x14f4  fvevol - ok
15:34:08.0626 0x14f4  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
15:34:08.0639 0x14f4  gagp30kx - ok
15:34:08.0703 0x14f4  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:34:08.0726 0x14f4  GEARAspiWDM - ok
15:34:08.0842 0x14f4  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
15:34:08.0979 0x14f4  gpsvc - ok
15:34:09.0132 0x14f4  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:34:09.0162 0x14f4  gupdate - ok
15:34:09.0200 0x14f4  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:34:09.0212 0x14f4  gupdatem - ok
15:34:09.0241 0x14f4  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:34:09.0288 0x14f4  hcw85cir - ok
15:34:09.0354 0x14f4  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:34:09.0417 0x14f4  HdAudAddService - ok
15:34:09.0443 0x14f4  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
15:34:09.0477 0x14f4  HDAudBus - ok
15:34:09.0497 0x14f4  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
15:34:09.0519 0x14f4  HidBatt - ok
15:34:09.0538 0x14f4  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
15:34:09.0591 0x14f4  HidBth - ok
15:34:09.0606 0x14f4  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
15:34:09.0648 0x14f4  HidIr - ok
15:34:09.0674 0x14f4  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
15:34:09.0722 0x14f4  hidserv - ok
15:34:09.0763 0x14f4  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
15:34:09.0802 0x14f4  HidUsb - ok
15:34:09.0857 0x14f4  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:34:09.0991 0x14f4  hkmsvc - ok
15:34:10.0020 0x14f4  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:34:10.0116 0x14f4  HomeGroupListener - ok
15:34:10.0140 0x14f4  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:34:10.0175 0x14f4  HomeGroupProvider - ok
15:34:10.0356 0x14f4  [ F50F7984FDD151EDD8A70A8DBD9E2A44, 45E7ECA40298B233D124993D6C9D4FBBF05E9A843F4DE089317342B3D8A83696 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
15:34:10.0426 0x14f4  hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )
15:34:13.0264 0x14f4  Detect skipped due to KSN trusted
15:34:13.0264 0x14f4  hpqcxs08 - ok
15:34:13.0294 0x14f4  [ DF446BA625CC441617843E87798CE048, B45C11EEA7EA792DE82E9BB283B9DCF30F891AAB8366075856BD84D10BCBCCD3 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
15:34:13.0333 0x14f4  hpqddsvc - detected UnsignedFile.Multi.Generic ( 1 )
15:34:16.0166 0x14f4  Detect skipped due to KSN trusted
15:34:16.0166 0x14f4  hpqddsvc - ok
15:34:16.0232 0x14f4  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:34:16.0259 0x14f4  HpSAMD - ok
15:34:16.0370 0x14f4  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:34:16.0461 0x14f4  HTTP - ok
15:34:16.0501 0x14f4  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:34:16.0513 0x14f4  hwpolicy - ok
15:34:16.0564 0x14f4  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
15:34:16.0579 0x14f4  i8042prt - ok
15:34:16.0632 0x14f4  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:34:16.0668 0x14f4  iaStorV - ok
15:34:16.0707 0x14f4  [ 22FEF6D8DDC3452EE5EC6FBD9920C74D, B9F0D3C3008C6B6281D4BA0A60FBAB4C3B9C555CC758EDD04C5AF63708C9948B ] IBMPMDRV        C:\Windows\system32\DRIVERS\ibmpmdrv.sys
15:34:16.0736 0x14f4  IBMPMDRV - ok
15:34:16.0757 0x14f4  [ 8D61BB5A7D6E08E278C84F852D07D516, 1F201A99075C3070AE245EA9B2631ECC028E4B05B809442AAB45A8491CCDC8FA ] IBMPMSVC        C:\Windows\system32\ibmpmsvc.exe
15:34:16.0772 0x14f4  IBMPMSVC - ok
15:34:16.0945 0x14f4  [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
15:34:16.0973 0x14f4  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
15:34:19.0818 0x14f4  Detect skipped due to KSN trusted
15:34:19.0818 0x14f4  IDriverT - ok
15:34:19.0916 0x14f4  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:34:19.0971 0x14f4  idsvc - ok
15:34:20.0225 0x14f4  [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
15:34:20.0557 0x14f4  igfx - ok
15:34:20.0598 0x14f4  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
15:34:20.0611 0x14f4  iirsp - ok
15:34:20.0725 0x14f4  [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT          C:\Windows\System32\ikeext.dll
15:34:20.0821 0x14f4  IKEEXT - ok
15:34:21.0007 0x14f4  [ 1C11E5D258BC374E7FBD598D75E49B75, E5A03972750809C41F6AE183476DE9E4831B9B10D9D178BF644258021D9937C4 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:34:21.0087 0x14f4  IntcAzAudAddService - ok
15:34:21.0137 0x14f4  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
15:34:21.0160 0x14f4  intelide - ok
15:34:21.0206 0x14f4  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:34:21.0253 0x14f4  intelppm - ok
15:34:21.0287 0x14f4  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:34:21.0353 0x14f4  IPBusEnum - ok
15:34:21.0394 0x14f4  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:34:21.0443 0x14f4  IpFilterDriver - ok
15:34:21.0499 0x14f4  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:34:21.0553 0x14f4  iphlpsvc - ok
15:34:21.0597 0x14f4  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:34:21.0645 0x14f4  IPMIDRV - ok
15:34:21.0686 0x14f4  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:34:21.0741 0x14f4  IPNAT - ok
15:34:21.0850 0x14f4  [ 4EFFC8FF6D349E971E94B1C670C0C66A, E92DA19CE9725BB4CC34DF94873C6B441AE61679A8C615780E1A1E9404C8FA26 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
15:34:21.0901 0x14f4  iPod Service - ok
15:34:21.0932 0x14f4  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:34:21.0983 0x14f4  IRENUM - ok
15:34:21.0997 0x14f4  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:34:22.0009 0x14f4  isapnp - ok
15:34:22.0059 0x14f4  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:34:22.0080 0x14f4  iScsiPrt - ok
15:34:22.0101 0x14f4  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:34:22.0114 0x14f4  kbdclass - ok
15:34:22.0159 0x14f4  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:34:22.0200 0x14f4  kbdhid - ok
15:34:22.0222 0x14f4  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso          C:\Windows\system32\lsass.exe
15:34:22.0240 0x14f4  KeyIso - ok
15:34:22.0312 0x14f4  [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:34:22.0345 0x14f4  KSecDD - ok
15:34:22.0391 0x14f4  [ 26C43A7C2862447EC59DEDA188D1DA07, 5363BF87E650FE2010ACA9417D6920FF4ED752256FF47732882E9B2BA1ED154B ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:34:22.0414 0x14f4  KSecPkg - ok
15:34:22.0477 0x14f4  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:34:22.0571 0x14f4  ksthunk - ok
15:34:22.0711 0x14f4  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:34:22.0843 0x14f4  KtmRm - ok
15:34:22.0922 0x14f4  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
15:34:23.0019 0x14f4  LanmanServer - ok
15:34:23.0070 0x14f4  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:34:23.0130 0x14f4  LanmanWorkstation - ok
15:34:23.0197 0x14f4  [ 70481DABD9ADAB51A6933C5893B82925, 058690744CF783456DFCAAFDA853D020446C479DADBA38DF92EDFBC96F79D241 ] LENOVO.CAMMUTE  C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
15:34:23.0215 0x14f4  LENOVO.CAMMUTE - ok
15:34:23.0291 0x14f4  [ 340288B3B2EDC8AFD5FF127DF85142A7, 595103B5CCDC83D8E4617D2C3E8ED91C88A78ACF11BC9478E9244C510DD50A80 ] LENOVO.MICMUTE  C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
15:34:23.0318 0x14f4  LENOVO.MICMUTE - ok
15:34:23.0355 0x14f4  [ 2B9D8555DC004E240082D18E7725CE20, 9DEF9463CB099C0BC8782C1E5FCE62F038B971ABC12966774D1F83569B081A42 ] lenovo.smi      C:\Windows\system32\DRIVERS\smiifx64.sys
15:34:23.0378 0x14f4  lenovo.smi - ok
15:34:23.0410 0x14f4  [ D0DAF6A22037F6DEE706A095C647AA41, 26FC2E6F423E19879C37D565C8C025EFBB2165C40E96078B4ECD2A77F3CEA55D ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
15:34:23.0423 0x14f4  LENOVO.TPKNRSVC - ok
15:34:23.0511 0x14f4  [ F7DE50781DC4D162C1005EB30D98F931, CDD07CD2E300DCD818CF97AC05CAFD2BA5568CEA10622D69E156CFC936DD4769 ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
15:34:23.0540 0x14f4  Lenovo.VIRTSCRLSVC - ok
15:34:23.0580 0x14f4  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:34:23.0647 0x14f4  lltdio - ok
15:34:23.0796 0x14f4  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:34:23.0883 0x14f4  lltdsvc - ok
15:34:23.0899 0x14f4  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:34:23.0952 0x14f4  lmhosts - ok
15:34:24.0001 0x14f4  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
15:34:24.0030 0x14f4  LSI_FC - ok
15:34:24.0041 0x14f4  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
15:34:24.0059 0x14f4  LSI_SAS - ok
15:34:24.0081 0x14f4  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:34:24.0095 0x14f4  LSI_SAS2 - ok
15:34:24.0103 0x14f4  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:34:24.0119 0x14f4  LSI_SCSI - ok
15:34:24.0150 0x14f4  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
15:34:24.0205 0x14f4  luafv - ok
15:34:24.0241 0x14f4  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:34:24.0267 0x14f4  Mcx2Svc - ok
15:34:24.0282 0x14f4  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
15:34:24.0295 0x14f4  megasas - ok
15:34:24.0318 0x14f4  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
15:34:24.0338 0x14f4  MegaSR - ok
15:34:24.0370 0x14f4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
15:34:24.0426 0x14f4  MMCSS - ok
15:34:24.0442 0x14f4  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
15:34:24.0481 0x14f4  Modem - ok
15:34:24.0510 0x14f4  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:34:24.0538 0x14f4  monitor - ok
15:34:24.0590 0x14f4  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:34:24.0618 0x14f4  mouclass - ok
15:34:24.0648 0x14f4  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:34:24.0676 0x14f4  mouhid - ok
15:34:24.0713 0x14f4  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:34:24.0748 0x14f4  mountmgr - ok
15:34:24.0784 0x14f4  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:34:24.0812 0x14f4  mpio - ok
15:34:24.0838 0x14f4  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:34:24.0888 0x14f4  mpsdrv - ok
15:34:24.0986 0x14f4  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:34:25.0065 0x14f4  MpsSvc - ok
15:34:25.0174 0x14f4  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:34:25.0249 0x14f4  MRxDAV - ok
15:34:25.0333 0x14f4  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:34:25.0409 0x14f4  mrxsmb - ok
15:34:25.0540 0x14f4  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:34:25.0592 0x14f4  mrxsmb10 - ok
15:34:25.0618 0x14f4  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:34:25.0650 0x14f4  mrxsmb20 - ok
15:34:25.0683 0x14f4  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:34:25.0698 0x14f4  msahci - ok
15:34:25.0787 0x14f4  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:34:25.0825 0x14f4  msdsm - ok
15:34:25.0860 0x14f4  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
15:34:25.0895 0x14f4  MSDTC - ok
15:34:25.0939 0x14f4  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:34:25.0997 0x14f4  Msfs - ok
15:34:26.0017 0x14f4  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:34:26.0079 0x14f4  mshidkmdf - ok
15:34:26.0099 0x14f4  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:34:26.0115 0x14f4  msisadrv - ok
15:34:26.0160 0x14f4  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:34:26.0228 0x14f4  MSiSCSI - ok
15:34:26.0234 0x14f4  msiserver - ok
15:34:26.0266 0x14f4  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:34:26.0326 0x14f4  MSKSSRV - ok
15:34:26.0347 0x14f4  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:34:26.0433 0x14f4  MSPCLOCK - ok
15:34:26.0463 0x14f4  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:34:26.0512 0x14f4  MSPQM - ok
15:34:26.0665 0x14f4  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:34:26.0708 0x14f4  MsRPC - ok
15:34:26.0739 0x14f4  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
15:34:26.0751 0x14f4  mssmbios - ok
15:34:26.0824 0x14f4  MSSQL$BSA - ok
15:34:26.0886 0x14f4  [ F1761C8FB2B25A32C6D63E36BB88C3AE, C88F5EF7B547DAA2394888362916FA18F07241E0BF2B938297428A1C04FFD806 ] MSSQLServerADHelper100 c:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
15:34:26.0917 0x14f4  MSSQLServerADHelper100 - ok
15:34:26.0944 0x14f4  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:34:27.0002 0x14f4  MSTEE - ok
15:34:27.0021 0x14f4  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
15:34:27.0038 0x14f4  MTConfig - ok
15:34:27.0063 0x14f4  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
15:34:27.0077 0x14f4  Mup - ok
15:34:27.0155 0x14f4  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
15:34:27.0252 0x14f4  napagent - ok
15:34:27.0293 0x14f4  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:34:27.0333 0x14f4  NativeWifiP - ok
15:34:27.0665 0x14f4  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:34:27.0726 0x14f4  NDIS - ok
15:34:27.0763 0x14f4  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:34:27.0811 0x14f4  NdisCap - ok
15:34:27.0839 0x14f4  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:34:27.0917 0x14f4  NdisTapi - ok
15:34:27.0974 0x14f4  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:34:28.0043 0x14f4  Ndisuio - ok
15:34:28.0128 0x14f4  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:34:28.0221 0x14f4  NdisWan - ok
15:34:28.0251 0x14f4  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:34:28.0297 0x14f4  NDProxy - ok
15:34:28.0362 0x14f4  [ DC6530A291D4BDF6DF399F1F128E7F8F, 85123D802063383646EEBC60F4ABBCDBA2AE3180E99A8A99C024B1EBB0C6690E ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
15:34:28.0378 0x14f4  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
15:34:31.0223 0x14f4  Detect skipped due to KSN trusted
15:34:31.0224 0x14f4  Net Driver HPZ12 - ok
15:34:31.0276 0x14f4  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:34:31.0357 0x14f4  NetBIOS - ok
15:34:31.0458 0x14f4  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:34:31.0539 0x14f4  NetBT - ok
15:34:31.0561 0x14f4  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon        C:\Windows\system32\lsass.exe
15:34:31.0579 0x14f4  Netlogon - ok
15:34:31.0654 0x14f4  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
15:34:31.0753 0x14f4  Netman - ok
15:34:31.0816 0x14f4  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:34:31.0837 0x14f4  NetMsmqActivator - ok
15:34:31.0851 0x14f4  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:34:31.0868 0x14f4  NetPipeActivator - ok
15:34:31.0915 0x14f4  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
15:34:31.0991 0x14f4  netprofm - ok
15:34:32.0020 0x14f4  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:34:32.0032 0x14f4  NetTcpActivator - ok
15:34:32.0040 0x14f4  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:34:32.0053 0x14f4  NetTcpPortSharing - ok
15:34:33.0027 0x14f4  [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
15:34:33.0325 0x14f4  netw5v64 - ok
15:34:33.0387 0x14f4  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
15:34:33.0415 0x14f4  nfrd960 - ok
15:34:33.0531 0x14f4  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:34:33.0572 0x14f4  NlaSvc - ok
15:34:33.0599 0x14f4  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:34:33.0638 0x14f4  Npfs - ok
15:34:33.0726 0x14f4  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
15:34:33.0818 0x14f4  nsi - ok
15:34:33.0902 0x14f4  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:34:34.0039 0x14f4  nsiproxy - ok
15:34:34.0318 0x14f4  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:34:34.0384 0x14f4  Ntfs - ok
15:34:34.0423 0x14f4  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
15:34:34.0506 0x14f4  Null - ok
15:34:34.0597 0x14f4  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:34:34.0636 0x14f4  nvraid - ok
15:34:34.0703 0x14f4  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:34:34.0738 0x14f4  nvstor - ok
15:34:34.0761 0x14f4  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:34:34.0781 0x14f4  nv_agp - ok
15:34:34.0827 0x14f4  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:34:34.0858 0x14f4  ohci1394 - ok
15:34:34.0964 0x14f4  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:34:34.0999 0x14f4  ose - ok
15:34:35.0329 0x14f4  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:34:35.0557 0x14f4  osppsvc - ok
15:34:35.0605 0x14f4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:34:35.0653 0x14f4  p2pimsvc - ok
15:34:35.0683 0x14f4  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
15:34:35.0722 0x14f4  p2psvc - ok
15:34:35.0755 0x14f4  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
15:34:35.0784 0x14f4  Parport - ok
15:34:35.0822 0x14f4  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:34:35.0836 0x14f4  partmgr - ok
15:34:35.0853 0x14f4  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:34:35.0891 0x14f4  PcaSvc - ok
15:34:35.0955 0x14f4  [ 4B5F5774FF1C577B9515FDD2B5C535C5, 1D053020079124AC526D84AFFB17BF4A1563ECD872C83B4B6299C9AA6A732557 ] PCDSRVC{127174DC-C366ED8B-06020200}_0 c:\program files\pc-doctor\pcdsrvc_x64.pkms
15:34:36.0001 0x14f4  PCDSRVC{127174DC-C366ED8B-06020200}_0 - ok
15:34:36.0060 0x14f4  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
15:34:36.0094 0x14f4  pci - ok
15:34:36.0112 0x14f4  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
15:34:36.0128 0x14f4  pciide - ok
15:34:36.0166 0x14f4  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
15:34:36.0185 0x14f4  pcmcia - ok
15:34:36.0205 0x14f4  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:34:36.0218 0x14f4  pcw - ok
15:34:36.0248 0x14f4  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:34:36.0317 0x14f4  PEAUTH - ok
15:34:36.0434 0x14f4  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:34:36.0473 0x14f4  PerfHost - ok
15:34:36.0608 0x14f4  [ 6B2BF4052C88E7A6AD20459CFC057589, BA52C74E97B271B3C7266945335BD487D2B5919251D9E7F5EABDE33A1078118D ] Pervasive Workgroup Engine C:\PVSW\bin\psql_svc.exe
15:34:36.0633 0x14f4  Pervasive Workgroup Engine - detected UnsignedFile.Multi.Generic ( 1 )
15:34:39.0497 0x14f4  Detect skipped due to KSN trusted
15:34:39.0497 0x14f4  Pervasive Workgroup Engine - ok
15:34:39.0666 0x14f4  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
15:34:39.0788 0x14f4  pla - ok
15:34:39.0874 0x14f4  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:34:39.0929 0x14f4  PlugPlay - ok
15:34:39.0999 0x14f4  [ 71F62C51DFDFBC04C83C5C64B2B8058E, CAB12E6D27BE421BD5A3CB04066EA50303A3210332ECC4B5C03B5F19735FC857 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
15:34:40.0017 0x14f4  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
15:34:42.0862 0x14f4  Detect skipped due to KSN trusted
15:34:42.0863 0x14f4  Pml Driver HPZ12 - ok
15:34:42.0910 0x14f4  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:34:42.0943 0x14f4  PNRPAutoReg - ok
15:34:42.0972 0x14f4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:34:42.0998 0x14f4  PNRPsvc - ok
15:34:43.0076 0x14f4  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:34:43.0135 0x14f4  PolicyAgent - ok
15:34:43.0160 0x14f4  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
15:34:43.0203 0x14f4  Power - ok
15:34:43.0580 0x14f4  [ DEED60F99C5B8E386D507860F600D509, 1662F4F7C2CB305C6794B0FF546550393DC7C7FCC709C2D342A7092B446830AA ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
15:34:43.0665 0x14f4  Power Manager DBC Service - ok
15:34:43.0738 0x14f4  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:34:43.0838 0x14f4  PptpMiniport - ok
15:34:43.0946 0x14f4  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
15:34:44.0014 0x14f4  Processor - ok
15:34:44.0128 0x14f4  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:34:44.0209 0x14f4  ProfSvc - ok
15:34:44.0225 0x14f4  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] ProtectedStorage C:\Windows\system32\lsass.exe
15:34:44.0251 0x14f4  ProtectedStorage - ok
15:34:44.0289 0x14f4  [ 05A4779E4994B21473EDBE85AABE8030, AFD597461B036FDE42013648A4D542B02AE1D7E128BF0B193BA4B478432F0C72 ] psadd           C:\Windows\system32\DRIVERS\psadd.sys
15:34:44.0301 0x14f4  psadd - ok
15:34:44.0362 0x14f4  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:34:44.0428 0x14f4  Psched - ok
15:34:44.0596 0x14f4  [ 68DCE950DCD2ABBB82362D383EC5836E, 5A3E0ABE32BA53A0D719757222455BE9308844C4968CA27B178C86BCF6FDC4DC ] PwmEWSvc        C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
15:34:44.0699 0x14f4  PwmEWSvc - ok
15:34:45.0046 0x14f4  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
15:34:45.0113 0x14f4  ql2300 - ok
15:34:45.0135 0x14f4  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
15:34:45.0150 0x14f4  ql40xx - ok
15:34:45.0185 0x14f4  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
15:34:45.0212 0x14f4  QWAVE - ok
15:34:45.0225 0x14f4  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:34:45.0260 0x14f4  QWAVEdrv - ok
15:34:45.0273 0x14f4  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:34:45.0311 0x14f4  RasAcd - ok
15:34:45.0338 0x14f4  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:34:45.0388 0x14f4  RasAgileVpn - ok
15:34:45.0409 0x14f4  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
15:34:45.0450 0x14f4  RasAuto - ok
15:34:45.0498 0x14f4  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:34:45.0562 0x14f4  Rasl2tp - ok
15:34:45.0621 0x14f4  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
15:34:45.0668 0x14f4  RasMan - ok
15:34:45.0701 0x14f4  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:34:45.0754 0x14f4  RasPppoe - ok
15:34:45.0783 0x14f4  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:34:45.0838 0x14f4  RasSstp - ok
15:34:45.0885 0x14f4  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:34:45.0949 0x14f4  rdbss - ok
15:34:45.0972 0x14f4  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
15:34:46.0006 0x14f4  rdpbus - ok
15:34:46.0023 0x14f4  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:34:46.0060 0x14f4  RDPCDD - ok
15:34:46.0100 0x14f4  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:34:46.0148 0x14f4  RDPENCDD - ok
15:34:46.0179 0x14f4  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:34:46.0215 0x14f4  RDPREFMP - ok
15:34:46.0316 0x14f4  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:34:46.0389 0x14f4  RDPWD - ok
15:34:46.0443 0x14f4  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:34:46.0477 0x14f4  rdyboost - ok
15:34:46.0521 0x14f4  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:34:46.0611 0x14f4  RemoteAccess - ok
15:34:46.0647 0x14f4  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:34:46.0704 0x14f4  RemoteRegistry - ok
15:34:46.0758 0x14f4  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
15:34:46.0821 0x14f4  RFCOMM - ok
15:34:46.0842 0x14f4  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:34:46.0909 0x14f4  RpcEptMapper - ok
15:34:46.0937 0x14f4  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
15:34:46.0966 0x14f4  RpcLocator - ok
15:34:47.0035 0x14f4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
15:34:47.0095 0x14f4  RpcSs - ok
15:34:47.0117 0x14f4  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:34:47.0171 0x14f4  rspndr - ok
15:34:47.0226 0x14f4  [ 3CEEE53BBF8BA284FF44585CEC0162FE, 5725A47BE8B7A9116983895FCB82CB2808B7B9C57BC285F3DFD7352E72DBC1FE ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
15:34:47.0268 0x14f4  RSUSBSTOR - ok
15:34:47.0314 0x14f4  [ D6D381B76056C668679723938F06F16C, A26C35EB588BF32F5CD22554BE5A05380D50FF1B7D399687EE50DC24C32DA341 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
15:34:47.0334 0x14f4  RTHDMIAzAudService - ok
15:34:47.0394 0x14f4  [ 24452CCCC3808B5AB0341A384BB72200, 11FFDB0219127AB6F84E2391DEADBDC07163A1A44A8443D1A938117D95B6C92C ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
15:34:47.0425 0x14f4  RtkAudioService - ok
15:34:47.0541 0x14f4  [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
15:34:47.0594 0x14f4  RTL8167 - ok
15:34:47.0736 0x14f4  [ 2D83CAF21A2FD27A534DCCBC29B448A6, 478C44196AEE1310716638AE5B94AA576EE590BFA34BF7472B0808ACA53F9FCA ] rtl8192se       C:\Windows\system32\DRIVERS\rtl8192se.sys
15:34:47.0781 0x14f4  rtl8192se - ok
15:34:47.0807 0x14f4  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] SamSs           C:\Windows\system32\lsass.exe
15:34:47.0820 0x14f4  SamSs - ok
15:34:47.0883 0x14f4  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:34:47.0919 0x14f4  sbp2port - ok
15:34:47.0955 0x14f4  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:34:48.0024 0x14f4  SCardSvr - ok
15:34:48.0060 0x14f4  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:34:48.0097 0x14f4  scfilter - ok
15:34:48.0186 0x14f4  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
15:34:48.0275 0x14f4  Schedule - ok
15:34:48.0328 0x14f4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:34:48.0387 0x14f4  SCPolicySvc - ok
15:34:48.0438 0x14f4  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\drivers\sdbus.sys
15:34:48.0494 0x14f4  sdbus - ok
15:34:48.0550 0x14f4  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:34:48.0633 0x14f4  SDRSVC - ok
15:34:48.0670 0x14f4  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:34:48.0759 0x14f4  secdrv - ok
15:34:48.0797 0x14f4  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
15:34:48.0875 0x14f4  seclogon - ok
15:34:48.0904 0x14f4  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
15:34:48.0944 0x14f4  SENS - ok
15:34:48.0962 0x14f4  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:34:48.0990 0x14f4  SensrSvc - ok
15:34:49.0003 0x14f4  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
15:34:49.0030 0x14f4  Serenum - ok
15:34:49.0079 0x14f4  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
15:34:49.0111 0x14f4  Serial - ok
15:34:49.0174 0x14f4  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
15:34:49.0220 0x14f4  sermouse - ok
15:34:49.0289 0x14f4  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
15:34:49.0419 0x14f4  SessionEnv - ok
15:34:49.0457 0x14f4  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:34:49.0501 0x14f4  sffdisk - ok
15:34:49.0525 0x14f4  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:34:49.0553 0x14f4  sffp_mmc - ok
15:34:49.0563 0x14f4  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:34:49.0600 0x14f4  sffp_sd - ok
15:34:49.0676 0x14f4  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
15:34:49.0724 0x14f4  sfloppy - ok
15:34:49.0790 0x14f4  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:34:49.0859 0x14f4  SharedAccess - ok
15:34:49.0910 0x14f4  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:34:49.0970 0x14f4  ShellHWDetection - ok
15:34:50.0010 0x14f4  [ 380B52126E62C6C2D3C8BA805AADFDC7, 7F59B04A7449523838D9746AA8E3B38E8860FB8D0B62A0CA02358DC9A980BD18 ] Shockprf        C:\Windows\system32\DRIVERS\Apsx64.sys
15:34:50.0024 0x14f4  Shockprf - ok
15:34:50.0067 0x14f4  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:34:50.0095 0x14f4  SiSRaid2 - ok
15:34:50.0116 0x14f4  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
15:34:50.0130 0x14f4  SiSRaid4 - ok
15:34:50.0165 0x14f4  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:34:50.0205 0x14f4  Smb - ok
15:34:50.0238 0x14f4  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:34:50.0266 0x14f4  SNMPTRAP - ok
15:34:50.0285 0x14f4  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:34:50.0297 0x14f4  spldr - ok
15:34:50.0355 0x14f4  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
15:34:50.0400 0x14f4  Spooler - ok
15:34:50.0577 0x14f4  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
15:34:50.0741 0x14f4  sppsvc - ok
15:34:50.0779 0x14f4  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:34:50.0827 0x14f4  sppuinotify - ok
15:34:51.0214 0x14f4  [ A892134C28777978ECDE8283DC57AC0F, 00D3663C38C82AC8EFF1E2731E7BCD1F3F16B126DDF7FC0DC88C4A5136F05D2D ] SQLAgent$BSA    c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.BSA\MSSQL\Binn\SQLAGENT.EXE
15:34:51.0251 0x14f4  SQLAgent$BSA - ok
15:34:51.0308 0x14f4  [ 10D936DCED9EACD1A1B3FCDDA6D7A4EB, EE66162AEAF6A583A04BB5AF1220318C9ADD3A62987CDCEE0505C6FF37AB30FF ] SQLBrowser      c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
15:34:51.0337 0x14f4  SQLBrowser - ok
15:34:51.0506 0x14f4  [ F92E5F93BE572B512DA3C016B675EDE0, 3BBE8B952A329E4BCD6F0C8D6225F809B99217A196301B6FE543B26C3689A37B ] SQLWriter       c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
15:34:51.0536 0x14f4  SQLWriter - ok
15:34:51.0705 0x14f4  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:34:51.0763 0x14f4  srv - ok
15:34:51.0798 0x14f4  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:34:51.0844 0x14f4  srv2 - ok
15:34:51.0891 0x14f4  [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
15:34:51.0936 0x14f4  SrvHsfHDA - ok
15:34:52.0012 0x14f4  [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
15:34:52.0119 0x14f4  SrvHsfV92 - ok
15:34:52.0364 0x14f4  [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
15:34:52.0462 0x14f4  SrvHsfWinac - ok
15:34:52.0514 0x14f4  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:34:52.0570 0x14f4  srvnet - ok
15:34:52.0623 0x14f4  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:34:52.0689 0x14f4  SSDPSRV - ok
15:34:52.0738 0x14f4  [ 0211AB46B73A2623B86C1CFCB30579AB, 7CC9BA2DF7B9EA6BB17EE342898EDD7F54703B93B6DED6A819E83A7EE9F938B4 ] SSPORT          C:\Windows\system32\Drivers\SSPORT.sys
15:34:52.0765 0x14f4  SSPORT - ok
15:34:52.0801 0x14f4  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:34:52.0861 0x14f4  SstpSvc - ok
15:34:52.0917 0x14f4  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
15:34:52.0944 0x14f4  stexstor - ok
15:34:52.0979 0x14f4  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\drivers\serscan.sys
15:34:53.0026 0x14f4  StillCam - ok
15:34:53.0098 0x14f4  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
15:34:53.0142 0x14f4  stisvc - ok
15:34:53.0256 0x14f4  [ B4351A27305C7C009B92C40102BC9161, 3955C9DAC488166E5B6DC1FD8110F1FA1A111A128DAEF89CD5835CB59A307ADA ] SUService       C:\Program Files (x86)\Lenovo\System Update\SUService.exe
15:34:53.0280 0x14f4  SUService - ok
15:34:53.0316 0x14f4  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
15:34:53.0345 0x14f4  swenum - ok
15:34:53.0543 0x14f4  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
15:34:53.0634 0x14f4  swprv - ok
15:34:53.0671 0x14f4  [ 868DFB220A18312A12CEF01BA9AC069B, D4C002963E236CEA8BF1FDC0B3333176693B41B8B3F2DD9469AA8B74C1F38E9C ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
15:34:53.0690 0x14f4  SynTP - ok
15:34:54.0149 0x14f4  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
15:34:54.0226 0x14f4  SysMain - ok
15:34:54.0279 0x14f4  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:34:54.0352 0x14f4  TabletInputService - ok
15:34:54.0395 0x14f4  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:34:54.0476 0x14f4  TapiSrv - ok
15:34:54.0524 0x14f4  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
15:34:54.0564 0x14f4  TBS - ok
15:34:54.0660 0x14f4  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:34:54.0748 0x14f4  Tcpip - ok
15:34:54.0820 0x14f4  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:34:54.0886 0x14f4  TCPIP6 - ok
15:34:55.0118 0x14f4  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:34:55.0168 0x14f4  tcpipreg - ok
15:34:55.0209 0x14f4  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:34:55.0269 0x14f4  TDPIPE - ok
15:34:55.0312 0x14f4  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:34:55.0341 0x14f4  TDTCP - ok
15:34:55.0361 0x14f4  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:34:55.0432 0x14f4  tdx - ok
15:34:55.0470 0x14f4  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
15:34:55.0487 0x14f4  TermDD - ok
15:34:55.0720 0x14f4  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
15:34:55.0823 0x14f4  TermService - ok
15:34:55.0854 0x14f4  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
15:34:55.0884 0x14f4  Themes - ok
15:34:55.0909 0x14f4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
15:34:55.0948 0x14f4  THREADORDER - ok
15:34:55.0965 0x14f4  [ 5523C729F1ED31B63C88490AF3D220FA, 3172801BD47E053B2D6F94843342A7BB58EF3A5196F5F35E6A5FA331793C7004 ] TPDIGIMN        C:\Windows\system32\DRIVERS\ApsHM64.sys
15:34:55.0975 0x14f4  TPDIGIMN - ok
15:34:56.0000 0x14f4  [ ECB098A3404ACB8A05F0673DC086BB43, 46DC9CA4670A0A5D16703023CF40C82CDBF1789DD4AA664744E0941BD2FE9A2D ] TPHDEXLGSVC     C:\Windows\system32\TPHDEXLG64.exe
15:34:56.0013 0x14f4  TPHDEXLGSVC - ok
15:34:56.0085 0x14f4  [ 83415782D47F8064FCAFEA308ABB2246, 24D407FFF78EB48A440E4929918C92AEF6F5CF8170A14019C22D36B30BB01A23 ] TPHKLOAD        C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
15:34:56.0115 0x14f4  TPHKLOAD - ok
15:34:56.0198 0x14f4  [ C04BB65441913AB621C58A8BD3169B23, 2EC3DD6A154CA9751F560960F5CD9659C8EFF7DF57505A165AFBB0EF45137082 ] TPHKSVC         C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
15:34:56.0220 0x14f4  TPHKSVC - ok
15:34:56.0273 0x14f4  [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM             C:\Windows\system32\drivers\tpm.sys
15:34:56.0316 0x14f4  TPM - ok
15:34:56.0335 0x14f4  [ 1DF6E6C026AD1D428687FE3B427A87BC, DA8F17A1030A0DEC81F5356B4DC99EC1F93FAD1292779191FDD53FEE530F9520 ] TPPWRIF         C:\Windows\system32\drivers\Tppwr64v.sys
15:34:56.0349 0x14f4  TPPWRIF - ok
15:34:56.0415 0x14f4  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
15:34:56.0528 0x14f4  TrkWks - ok
15:34:56.0659 0x14f4  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:34:56.0767 0x14f4  TrustedInstaller - ok
15:34:56.0823 0x14f4  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:34:56.0882 0x14f4  tssecsrv - ok
15:34:56.0942 0x14f4  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:34:56.0998 0x14f4  TsUsbFlt - ok
15:34:57.0051 0x14f4  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:34:57.0123 0x14f4  tunnel - ok
15:34:57.0151 0x14f4  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
15:34:57.0164 0x14f4  uagp35 - ok
15:34:57.0283 0x14f4  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:34:57.0360 0x14f4  udfs - ok
15:34:57.0413 0x14f4  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:34:57.0464 0x14f4  UI0Detect - ok
15:34:57.0542 0x14f4  [ BE788A747457E6916586C410EC0111E7, 525F9065270AF40FED854C5B3C7E690783F5169C2F9286EE225F6C817ED1E237 ] UleadBurningHelper C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
15:34:57.0573 0x14f4  UleadBurningHelper - detected UnsignedFile.Multi.Generic ( 1 )
15:35:00.0438 0x14f4  Detect skipped due to KSN trusted
15:35:00.0438 0x14f4  UleadBurningHelper - ok
15:35:00.0496 0x14f4  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:35:00.0530 0x14f4  uliagpkx - ok
15:35:00.0584 0x14f4  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
15:35:00.0619 0x14f4  umbus - ok
15:35:00.0648 0x14f4  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
15:35:00.0677 0x14f4  UmPass - ok
15:35:00.0724 0x14f4  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
15:35:00.0803 0x14f4  upnphost - ok
15:35:00.0853 0x14f4  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
15:35:00.0894 0x14f4  USBAAPL64 - ok
15:35:00.0935 0x14f4  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
15:35:00.0972 0x14f4  usbaudio - ok
15:35:01.0012 0x14f4  [ EBF228A52517042DE4F38A40285BC8D9, 75CF3D58B05E2AB00457514BEAA0437288EF0C43927F0C55CFD49D85A719E49C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:35:01.0075 0x14f4  usbccgp - ok
15:35:01.0114 0x14f4  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:35:01.0178 0x14f4  usbcir - ok
15:35:01.0228 0x14f4  [ 6B3D5E6A9DA786EC755B00BC180C700B, 25A8DE9939BD3858CD2322BD9DAFC9A1BD0DAE5291792FAE3236DD36FB10B169 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
15:35:01.0256 0x14f4  usbehci - ok
15:35:01.0299 0x14f4  [ DC2B306861F42EEEB92EF525F4119F08, D16CF4EA03F6D0C3F6008E9ECB56AC170E39B137A83AA713972FC33168ACF1BC ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
15:35:01.0313 0x14f4  usbfilter - ok
15:35:01.0402 0x14f4  [ 94ABE9DA48E466BBE84C73E0C6652ED1, A50B096C76D63B9241F0137028C8F256BCDA9BC1CD5F6FC25B2E383BB2A8718A ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:35:01.0448 0x14f4  usbhub - ok
15:35:01.0483 0x14f4  [ 660B2C08CE7103E71EAA26F85B0B0A56, C899806D97503C6EC6E1109653D86A35FDBE372F04CEE498CAB749CC6393BCA6 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
15:35:01.0517 0x14f4  usbohci - ok
15:35:01.0547 0x14f4  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:35:01.0574 0x14f4  usbprint - ok
15:35:01.0617 0x14f4  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:35:01.0676 0x14f4  USBSTOR - ok
15:35:01.0715 0x14f4  [ 1529632FC96032D337B298F8A285D640, 86994DC2AB263617F2CA601E5749222E9DF71917B76A12B0CD4E2A351C737207 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
15:35:01.0746 0x14f4  usbuhci - ok
15:35:01.0783 0x14f4  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
15:35:01.0814 0x14f4  usbvideo - ok
15:35:01.0842 0x14f4  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
15:35:01.0881 0x14f4  UxSms - ok
15:35:01.0892 0x14f4  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] VaultSvc        C:\Windows\system32\lsass.exe
15:35:01.0906 0x14f4  VaultSvc - ok
15:35:01.0926 0x14f4  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:35:01.0939 0x14f4  vdrvroot - ok
15:35:02.0005 0x14f4  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
15:35:02.0067 0x14f4  vds - ok
15:35:02.0093 0x14f4  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:35:02.0109 0x14f4  vga - ok
15:35:02.0130 0x14f4  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:35:02.0183 0x14f4  VgaSave - ok
15:35:02.0272 0x14f4  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:35:02.0317 0x14f4  vhdmp - ok
15:35:02.0366 0x14f4  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:35:02.0396 0x14f4  viaide - ok
15:35:02.0412 0x14f4  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:35:02.0430 0x14f4  volmgr - ok
15:35:02.0489 0x14f4  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:35:02.0512 0x14f4  volmgrx - ok
15:35:02.0531 0x14f4  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:35:02.0552 0x14f4  volsnap - ok
15:35:02.0591 0x14f4  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
15:35:02.0608 0x14f4  vsmraid - ok
15:35:02.0718 0x14f4  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
15:35:02.0864 0x14f4  VSS - ok
15:35:02.0878 0x14f4  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
15:35:02.0902 0x14f4  vwifibus - ok
15:35:02.0919 0x14f4  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
15:35:02.0951 0x14f4  vwififlt - ok
15:35:02.0985 0x14f4  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
15:35:03.0053 0x14f4  W32Time - ok
15:35:03.0079 0x14f4  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
15:35:03.0103 0x14f4  WacomPen - ok
15:35:03.0161 0x14f4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:35:03.0230 0x14f4  WANARP - ok
15:35:03.0253 0x14f4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:35:03.0290 0x14f4  Wanarpv6 - ok
15:35:03.0441 0x14f4  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
15:35:03.0511 0x14f4  WatAdminSvc - ok
15:35:04.0032 0x14f4  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
15:35:04.0184 0x14f4  wbengine - ok
15:35:04.0216 0x14f4  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:35:04.0252 0x14f4  WbioSrvc - ok
15:35:04.0364 0x14f4  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:35:04.0410 0x14f4  wcncsvc - ok
15:35:04.0431 0x14f4  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:35:04.0473 0x14f4  WcsPlugInService - ok
15:35:04.0499 0x14f4  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
15:35:04.0514 0x14f4  Wd - ok
15:35:04.0564 0x14f4  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:35:04.0615 0x14f4  Wdf01000 - ok
15:35:04.0630 0x14f4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:35:04.0736 0x14f4  WdiServiceHost - ok
15:35:04.0744 0x14f4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:35:04.0770 0x14f4  WdiSystemHost - ok
15:35:04.0841 0x14f4  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
15:35:04.0888 0x14f4  WebClient - ok
15:35:04.0924 0x14f4  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:35:04.0992 0x14f4  Wecsvc - ok
15:35:05.0007 0x14f4  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:35:05.0048 0x14f4  wercplsupport - ok
15:35:05.0083 0x14f4  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:35:05.0136 0x14f4  WerSvc - ok
15:35:05.0178 0x14f4  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:35:05.0229 0x14f4  WfpLwf - ok
15:35:05.0256 0x14f4  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:35:05.0268 0x14f4  WIMMount - ok
15:35:05.0295 0x14f4  WinDefend - ok
15:35:05.0304 0x14f4  WinHttpAutoProxySvc - ok
15:35:05.0357 0x14f4  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:35:05.0411 0x14f4  Winmgmt - ok
15:35:05.0885 0x14f4  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
15:35:06.0008 0x14f4  WinRM - ok
15:35:06.0079 0x14f4  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
15:35:06.0114 0x14f4  WinUsb - ok
15:35:06.0174 0x14f4  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:35:06.0231 0x14f4  Wlansvc - ok
15:35:06.0272 0x14f4  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:35:06.0283 0x14f4  wlcrasvc - ok
15:35:06.0420 0x14f4  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:35:06.0495 0x14f4  wlidsvc - ok
15:35:06.0556 0x14f4  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
15:35:06.0595 0x14f4  WmiAcpi - ok
15:35:06.0633 0x14f4  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:35:06.0670 0x14f4  wmiApSrv - ok
15:35:06.0697 0x14f4  WMPNetworkSvc - ok
15:35:06.0731 0x14f4  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:35:06.0757 0x14f4  WPCSvc - ok
15:35:06.0800 0x14f4  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:35:06.0838 0x14f4  WPDBusEnum - ok
15:35:06.0875 0x14f4  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:35:06.0944 0x14f4  ws2ifsl - ok
15:35:06.0960 0x14f4  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
15:35:06.0981 0x14f4  wscsvc - ok
15:35:06.0986 0x14f4  WSearch - ok
15:35:07.0212 0x14f4  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:35:07.0296 0x14f4  wuauserv - ok
15:35:07.0357 0x14f4  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:35:07.0415 0x14f4  WudfPf - ok
15:35:07.0449 0x14f4  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:35:07.0471 0x14f4  WUDFRd - ok
15:35:07.0519 0x14f4  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:35:07.0568 0x14f4  wudfsvc - ok
15:35:07.0679 0x14f4  [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:35:07.0758 0x14f4  WwanSvc - ok
15:35:07.0788 0x14f4  ================ Scan global ===============================
15:35:07.0811 0x14f4  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
15:35:07.0866 0x14f4  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
15:35:07.0887 0x14f4  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
15:35:07.0944 0x14f4  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
15:35:08.0018 0x14f4  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
15:35:08.0036 0x14f4  [ Global ] - ok
15:35:08.0036 0x14f4  ================ Scan MBR ==================================
15:35:08.0051 0x14f4  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
15:35:11.0415 0x14f4  \Device\Harddisk0\DR0 - ok
15:35:11.0416 0x14f4  ================ Scan VBR ==================================
15:35:11.0458 0x14f4  [ C853E32CF21B5D25D8568150C1335843 ] \Device\Harddisk0\DR0\Partition1
15:35:11.0463 0x14f4  \Device\Harddisk0\DR0\Partition1 - ok
15:35:11.0480 0x14f4  [ FC849EDB49352C74BECCE151A54C5363 ] \Device\Harddisk0\DR0\Partition2
15:35:11.0484 0x14f4  \Device\Harddisk0\DR0\Partition2 - ok
15:35:11.0526 0x14f4  [ 47C8512B25B7BAC42731BA5AFD1B6D2D ] \Device\Harddisk0\DR0\Partition3
15:35:11.0530 0x14f4  \Device\Harddisk0\DR0\Partition3 - ok
15:35:11.0531 0x14f4  ================ Scan active images ========================
15:35:11.0537 0x14f4  [ 3E588B60EC061686BA05D33574A344C6, 19D2D863F95CCC4493A2328B6BEB04248B6A80F957532E58C1D1D868C19FDCCB ] C:\Windows\System32\drivers\crashdmp.sys
15:35:11.0538 0x14f4  C:\Windows\System32\drivers\crashdmp.sys - ok
15:35:11.0550 0x14f4  [ 839B5FE3D48E9F35B22C21A3D5103F6C, A9CEA695E43092B72B0E988063E00A7C0BCE90095344E9A2F380218482BCE77F ] C:\Windows\System32\drivers\Dumpata.sys
15:35:11.0550 0x14f4  C:\Windows\System32\drivers\Dumpata.sys - ok
15:35:11.0563 0x14f4  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] C:\Windows\System32\drivers\msahci.sys
15:35:11.0563 0x14f4  C:\Windows\System32\drivers\msahci.sys - ok
15:35:11.0574 0x14f4  [ 814DB88F2641691575A455CF25354098, 79C50F0CD72612733217A0316BEFEA0B6D819C3159D9452EAB89AC26A18A0F89 ] C:\Windows\System32\drivers\dumpfve.sys
15:35:11.0574 0x14f4  C:\Windows\System32\drivers\dumpfve.sys - ok
15:35:11.0582 0x14f4  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] C:\Windows\System32\drivers\beep.sys
15:35:11.0582 0x14f4  C:\Windows\System32\drivers\beep.sys - ok
15:35:11.0590 0x14f4  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] C:\Windows\System32\drivers\cdrom.sys
15:35:11.0590 0x14f4  C:\Windows\System32\drivers\cdrom.sys - ok
15:35:11.0595 0x14f4  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] C:\Windows\System32\drivers\null.sys
15:35:11.0595 0x14f4  C:\Windows\System32\drivers\null.sys - ok
15:35:11.0603 0x14f4  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] C:\Windows\System32\drivers\RDPCDD.sys
15:35:11.0603 0x14f4  C:\Windows\System32\drivers\RDPCDD.sys - ok
15:35:11.0610 0x14f4  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] C:\Windows\System32\drivers\RDPENCDD.sys
15:35:11.0610 0x14f4  C:\Windows\System32\drivers\RDPENCDD.sys - ok
15:35:11.0626 0x14f4  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] C:\Windows\System32\drivers\vga.sys
15:35:11.0626 0x14f4  C:\Windows\System32\drivers\vga.sys - ok
15:35:11.0633 0x14f4  [ E7353D59C9842BC7299FAEB7E7E09340, C37ED1025E07BAC2F535DCFED6C6C509515D95722EADE5AF94F1FC5D8B1DC783 ] C:\Windows\System32\drivers\videoprt.sys
15:35:11.0633 0x14f4  C:\Windows\System32\drivers\videoprt.sys - ok
15:35:11.0639 0x14f4  [ FC438D1430B28618E2D0C7C332A710AD, 873957B202E454E2C8F625E5799F278CAC16EC5EEAEE2C33E2FE5D1FF0408CB2 ] C:\Windows\System32\drivers\watchdog.sys
15:35:11.0639 0x14f4  C:\Windows\System32\drivers\watchdog.sys - ok
15:35:11.0645 0x14f4  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] C:\Windows\System32\drivers\msfs.sys
15:35:11.0645 0x14f4  C:\Windows\System32\drivers\msfs.sys - ok
15:35:11.0651 0x14f4  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] C:\Windows\System32\drivers\npfs.sys
15:35:11.0651 0x14f4  C:\Windows\System32\drivers\npfs.sys - ok
15:35:11.0657 0x14f4  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] C:\Windows\System32\drivers\RDPREFMP.sys
15:35:11.0657 0x14f4  C:\Windows\System32\drivers\RDPREFMP.sys - ok
15:35:11.0664 0x14f4  [ 6F020A220388ECA0AB6062DC27BD16B6, 48655230E482DEB7B4B50EF05818EBB29CA61E780AEFCD9D31B02DE4DF9D9540 ] C:\Windows\System32\drivers\tdi.sys
15:35:11.0664 0x14f4  C:\Windows\System32\drivers\tdi.sys - ok
15:35:11.0670 0x14f4  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] C:\Windows\System32\drivers\tdx.sys
15:35:11.0670 0x14f4  C:\Windows\System32\drivers\tdx.sys - ok
15:35:11.0677 0x14f4  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] C:\Windows\System32\drivers\netbt.sys
15:35:11.0677 0x14f4  C:\Windows\System32\drivers\netbt.sys - ok
15:35:11.0686 0x14f4  [ 314C17917AC8523EC77A710215012A65, 725CF2D5F63C06F7704C24FE0CFA696215DADC6C0EC445D9671E82F8E23E56AD ] C:\Windows\System32\drivers\afd.sys
15:35:11.0686 0x14f4  C:\Windows\System32\drivers\afd.sys - ok
15:35:11.0690 0x14f4  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] C:\Windows\System32\drivers\pacer.sys
15:35:11.0690 0x14f4  C:\Windows\System32\drivers\pacer.sys - ok
15:35:11.0697 0x14f4  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] C:\Windows\System32\drivers\vwififlt.sys
15:35:11.0697 0x14f4  C:\Windows\System32\drivers\vwififlt.sys - ok
15:35:11.0703 0x14f4  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] C:\Windows\System32\drivers\wfplwf.sys
15:35:11.0703 0x14f4  C:\Windows\System32\drivers\wfplwf.sys - ok
15:35:11.0710 0x14f4  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] C:\Windows\System32\drivers\ws2ifsl.sys
15:35:11.0710 0x14f4  C:\Windows\System32\drivers\ws2ifsl.sys - ok
15:35:11.0716 0x14f4  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] C:\Windows\System32\drivers\netbios.sys
15:35:11.0716 0x14f4  C:\Windows\System32\drivers\netbios.sys - ok
15:35:11.0722 0x14f4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] C:\Windows\System32\drivers\wanarp.sys
15:35:11.0722 0x14f4  C:\Windows\System32\drivers\wanarp.sys - ok
15:35:11.0728 0x14f4  [ 1DF6E6C026AD1D428687FE3B427A87BC, DA8F17A1030A0DEC81F5356B4DC99EC1F93FAD1292779191FDD53FEE530F9520 ] C:\Windows\System32\drivers\TPPWR64V.SYS
15:35:11.0728 0x14f4  C:\Windows\System32\drivers\TPPWR64V.SYS - ok
15:35:11.0734 0x14f4  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] C:\Windows\System32\drivers\termdd.sys
15:35:11.0735 0x14f4  C:\Windows\System32\drivers\termdd.sys - ok
15:35:11.0741 0x14f4  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] C:\Windows\System32\drivers\rdbss.sys
15:35:11.0741 0x14f4  C:\Windows\System32\drivers\rdbss.sys - ok
15:35:11.0748 0x14f4  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] C:\Windows\System32\drivers\mssmbios.sys
15:35:11.0748 0x14f4  C:\Windows\System32\drivers\mssmbios.sys - ok
15:35:11.0754 0x14f4  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] C:\Windows\System32\drivers\nsiproxy.sys
15:35:11.0754 0x14f4  C:\Windows\System32\drivers\nsiproxy.sys - ok
15:35:11.0761 0x14f4  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] C:\Windows\System32\drivers\dfsc.sys
15:35:11.0761 0x14f4  C:\Windows\System32\drivers\dfsc.sys - ok
15:35:11.0768 0x14f4  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] C:\Windows\System32\drivers\discache.sys
15:35:11.0768 0x14f4  C:\Windows\System32\drivers\discache.sys - ok
15:35:11.0774 0x14f4  [ 2B9D8555DC004E240082D18E7725CE20, 9DEF9463CB099C0BC8782C1E5FCE62F038B971ABC12966774D1F83569B081A42 ] C:\Windows\System32\drivers\smiifx64.sys
15:35:11.0774 0x14f4  C:\Windows\System32\drivers\smiifx64.sys - ok
15:35:11.0781 0x14f4  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] C:\Windows\System32\drivers\blbdrive.sys
15:35:11.0781 0x14f4  C:\Windows\System32\drivers\blbdrive.sys - ok
15:35:11.0787 0x14f4  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] C:\Windows\System32\drivers\tunnel.sys
15:35:11.0787 0x14f4  C:\Windows\System32\drivers\tunnel.sys - ok
15:35:11.0793 0x14f4  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] C:\Windows\System32\drivers\amdppm.sys
15:35:11.0794 0x14f4  C:\Windows\System32\drivers\amdppm.sys - ok
15:35:11.0800 0x14f4  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] C:\Windows\System32\drivers\wmiacpi.sys
15:35:11.0800 0x14f4  C:\Windows\System32\drivers\wmiacpi.sys - ok
15:35:11.0807 0x14f4  [ 63B54A51E9BF3645063A1A0709F0E52A, 01D5E901839C82CFA41200494D6F1C423A23CD98F7738D79E7EE13161FA83538 ] C:\Windows\System32\drivers\atikmpag.sys
15:35:11.0807 0x14f4  C:\Windows\System32\drivers\atikmpag.sys - ok
15:35:11.0813 0x14f4  [ 09FBE3B09F9A8B5EEA6A10D3C1D55888, 72173B2E83A98FB75908214D7FFFA36A491BDBA3F6D6B41D9435F63E5009BEBD ] C:\Windows\System32\drivers\atikmdag.sys
15:35:11.0813 0x14f4  C:\Windows\System32\drivers\atikmdag.sys - ok
15:35:11.0819 0x14f4  [ CAAAC014C5C56A69F710B5F1B836DE22, DA98EF2EBF9A7F180344A88CC2C74F69101E17BBAB58B1C46176FD6EE7AA2E6A ] C:\Windows\System32\ntdll.dll
15:35:11.0819 0x14f4  C:\Windows\System32\ntdll.dll - ok
15:35:11.0825 0x14f4  [ F0970A4BC8395659C22BF53D0FADF16F, 23BE3066D89A5ACBF8130899640D377476E78B6C3D19E2D13C32238464A83E21 ] C:\Windows\System32\smss.exe
15:35:11.0825 0x14f4  C:\Windows\System32\smss.exe - ok
15:35:11.0831 0x14f4  [ 3B536A8BEC3B4F23FFDFD78B11A2AB93, 7BC847CE6C2D29C334F0D1600BBBDE3933FF45F6BEE5186F442E6270A3F9EC4E ] C:\Windows\System32\autochk.exe
15:35:11.0831 0x14f4  C:\Windows\System32\autochk.exe - ok
15:35:11.0837 0x14f4  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] C:\Windows\System32\drivers\dxgkrnl.sys
15:35:11.0837 0x14f4  C:\Windows\System32\drivers\dxgkrnl.sys - ok
15:35:11.0841 0x14f4  [ 1F04CFB79DD5FB7694468CE3FB3DCC31, A40C0BF6D1EC6C4281611A830EA7B22FEF523A3E197E5A8F59332D64E90376B6 ] C:\Windows\System32\drivers\dxgmms1.sys
15:35:11.0841 0x14f4  C:\Windows\System32\drivers\dxgmms1.sys - ok
15:35:11.0848 0x14f4  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] C:\Windows\System32\drivers\hdaudbus.sys
15:35:11.0848 0x14f4  C:\Windows\System32\drivers\hdaudbus.sys - ok
15:35:11.0855 0x14f4  [ 2D83CAF21A2FD27A534DCCBC29B448A6, 478C44196AEE1310716638AE5B94AA576EE590BFA34BF7472B0808ACA53F9FCA ] C:\Windows\System32\drivers\rtl8192se.sys
15:35:11.0855 0x14f4  C:\Windows\System32\drivers\rtl8192se.sys - ok
15:35:11.0861 0x14f4  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] C:\Windows\System32\drivers\vwifibus.sys
15:35:11.0861 0x14f4  C:\Windows\System32\drivers\vwifibus.sys - ok
15:35:11.0867 0x14f4  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] C:\Windows\System32\drivers\GEARAspiWDM.sys
15:35:11.0868 0x14f4  C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
15:35:11.0873 0x14f4  [ 35458F338FDEBB43AF246D494C9573B8, 253793A69E7ACF394D01D391B7E02102322273A81C3494F8893DD9B8FBB00F1F ] C:\Windows\System32\drivers\usbport.sys
15:35:11.0873 0x14f4  C:\Windows\System32\drivers\usbport.sys - ok
15:35:11.0880 0x14f4  [ 6B3D5E6A9DA786EC755B00BC180C700B, 25A8DE9939BD3858CD2322BD9DAFC9A1BD0DAE5291792FAE3236DD36FB10B169 ] C:\Windows\System32\drivers\usbehci.sys
15:35:11.0880 0x14f4  C:\Windows\System32\drivers\usbehci.sys - ok
15:35:11.0887 0x14f4  [ DC2B306861F42EEEB92EF525F4119F08, D16CF4EA03F6D0C3F6008E9ECB56AC170E39B137A83AA713972FC33168ACF1BC ] C:\Windows\System32\drivers\usbfilter.sys
15:35:11.0887 0x14f4  C:\Windows\System32\drivers\usbfilter.sys - ok
15:35:11.0893 0x14f4  [ 660B2C08CE7103E71EAA26F85B0B0A56, C899806D97503C6EC6E1109653D86A35FDBE372F04CEE498CAB749CC6393BCA6 ] C:\Windows\System32\drivers\usbohci.sys
15:35:11.0893 0x14f4  C:\Windows\System32\drivers\usbohci.sys - ok
15:35:11.0900 0x14f4  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] C:\Windows\System32\drivers\i8042prt.sys
15:35:11.0900 0x14f4  C:\Windows\System32\drivers\i8042prt.sys - ok
15:35:11.0906 0x14f4  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] C:\Windows\System32\drivers\kbdclass.sys
15:35:11.0906 0x14f4  C:\Windows\System32\drivers\kbdclass.sys - ok
15:35:11.0912 0x14f4  [ 868DFB220A18312A12CEF01BA9AC069B, D4C002963E236CEA8BF1FDC0B3333176693B41B8B3F2DD9469AA8B74C1F38E9C ] C:\Windows\System32\drivers\SynTP.sys
15:35:11.0912 0x14f4  C:\Windows\System32\drivers\SynTP.sys - ok
15:35:11.0918 0x14f4  [ 8638E1A8695AC9AD275C198EE5D7773A, 32025B1036D0D68B66B43DEF9C48C7C7F2718D4D540C91E8B1E156E728D0C985 ] C:\Windows\System32\drivers\usbd.sys
15:35:11.0918 0x14f4  C:\Windows\System32\drivers\usbd.sys - ok
15:35:11.0924 0x14f4  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] C:\Windows\System32\drivers\mouclass.sys
15:35:11.0925 0x14f4  C:\Windows\System32\drivers\mouclass.sys - ok
15:35:11.0931 0x14f4  [ 22FEF6D8DDC3452EE5EC6FBD9920C74D, B9F0D3C3008C6B6281D4BA0A60FBAB4C3B9C555CC758EDD04C5AF63708C9948B ] C:\Windows\System32\drivers\ibmpmdrv.sys
15:35:11.0931 0x14f4  C:\Windows\System32\drivers\ibmpmdrv.sys - ok
15:35:11.0938 0x14f4  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] C:\Windows\System32\drivers\CmBatt.sys
15:35:11.0938 0x14f4  C:\Windows\System32\drivers\CmBatt.sys - ok
15:35:11.0944 0x14f4  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] C:\Windows\System32\drivers\CompositeBus.sys
15:35:11.0944 0x14f4  C:\Windows\System32\drivers\CompositeBus.sys - ok
15:35:11.0950 0x14f4  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] C:\Windows\System32\drivers\serscan.sys
15:35:11.0950 0x14f4  C:\Windows\System32\drivers\serscan.sys - ok
15:35:11.0956 0x14f4  [ 24FBF5CC5C04150073C315A7C83521EE, 581BD5F15B5E57B3BAA762E421FFD859FDA46DDB8515C2A7AAFF208D784E906C ] C:\Windows\System32\drivers\ks.sys
15:35:11.0956 0x14f4  C:\Windows\System32\drivers\ks.sys - ok
15:35:11.0963 0x14f4  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] C:\Windows\System32\drivers\agilevpn.sys
15:35:11.0963 0x14f4  C:\Windows\System32\drivers\agilevpn.sys - ok
15:35:11.0969 0x14f4  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] C:\Windows\System32\drivers\ksthunk.sys
15:35:11.0969 0x14f4  C:\Windows\System32\drivers\ksthunk.sys - ok
15:35:11.0975 0x14f4  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] C:\Windows\System32\drivers\rasl2tp.sys
15:35:11.0975 0x14f4  C:\Windows\System32\drivers\rasl2tp.sys - ok
15:35:11.0982 0x14f4  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] C:\Windows\System32\drivers\ndistapi.sys
15:35:11.0982 0x14f4  C:\Windows\System32\drivers\ndistapi.sys - ok
15:35:11.0988 0x14f4  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] C:\Windows\System32\drivers\ndiswan.sys
15:35:11.0988 0x14f4  C:\Windows\System32\drivers\ndiswan.sys - ok
15:35:11.0995 0x14f4  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] C:\Windows\System32\drivers\raspppoe.sys
15:35:11.0995 0x14f4  C:\Windows\System32\drivers\raspppoe.sys - ok
15:35:12.0001 0x14f4  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] C:\Windows\System32\drivers\raspptp.sys
15:35:12.0001 0x14f4  C:\Windows\System32\drivers\raspptp.sys - ok
15:35:12.0008 0x14f4  [ 05A4779E4994B21473EDBE85AABE8030, AFD597461B036FDE42013648A4D542B02AE1D7E128BF0B193BA4B478432F0C72 ] C:\Windows\System32\drivers\psadd.sys
15:35:12.0008 0x14f4  C:\Windows\System32\drivers\psadd.sys - ok
15:35:12.0015 0x14f4  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] C:\Windows\System32\drivers\rassstp.sys
15:35:12.0015 0x14f4  C:\Windows\System32\drivers\rassstp.sys - ok
15:35:12.0021 0x14f4  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] C:\Windows\System32\drivers\swenum.sys
15:35:12.0021 0x14f4  C:\Windows\System32\drivers\swenum.sys - ok
15:35:12.0027 0x14f4  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] C:\Windows\System32\drivers\umbus.sys
15:35:12.0027 0x14f4  C:\Windows\System32\drivers\umbus.sys - ok
15:35:12.0034 0x14f4  [ 83404DCBCE4925B6A5A77C5170F46D86, D669614D0B4461DB244AD99FBE1BA92CEB9B4ED5EC8E987E23764E77D9AC7074 ] C:\Windows\System32\sechost.dll
15:35:12.0034 0x14f4  C:\Windows\System32\sechost.dll - ok
15:35:12.0040 0x14f4  [ 199BD40B1890E1EEFF7438B59787534F, 80F413195E8B8310AAC6F061B352ECAB683D70E0594B5999BB575A3BA5F8B16F ] C:\Windows\System32\iertutil.dll
15:35:12.0040 0x14f4  C:\Windows\System32\iertutil.dll - ok
15:35:12.0047 0x14f4  [ 28C0B5024F5C5A438E78B188CFC81B7F, AB81FB63F2908CE316B45609077ACBD85F4B2AAD1606B1E9030F06DB82EDDFAD ] C:\Windows\System32\normaliz.dll
15:35:12.0047 0x14f4  C:\Windows\System32\normaliz.dll - ok
15:35:12.0053 0x14f4  [ 6C60B5ACA7442EFB794082CDACFC001C, FC1D9124856A70FF232EF3057D66BEE803295847624CE23B4D0217F23AF52C75 ] C:\Windows\System32\ole32.dll
15:35:12.0053 0x14f4  C:\Windows\System32\ole32.dll - ok
15:35:12.0059 0x14f4  [ 1084AA52CCC324EA54C7121FA24C2221, 6E972CF624F7C0DE8190434B3B30279A01C551713109F97B9EBB77FAC9364754 ] C:\Windows\System32\gdi32.dll
15:35:12.0059 0x14f4  C:\Windows\System32\gdi32.dll - ok


#12 mjbeach

mjbeach
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:03:42 PM

Posted 11 November 2013 - 11:39 PM

TDSSKiler Log Part 2/3

 

15:35:12.0065 0x14f4  [ 94ABE9DA48E466BBE84C73E0C6652ED1, A50B096C76D63B9241F0137028C8F256BCDA9BC1CD5F6FC25B2E383BB2A8718A ] C:\Windows\System32\drivers\usbhub.sys

15:35:12.0065 0x14f4  C:\Windows\System32\drivers\usbhub.sys - ok
15:35:12.0071 0x14f4  [ 9835E63E09F824D22B689D2BB789BAB9, 5BCFFAFB894D69FBCDDB91E64D30A356F4BD57098E8B4C51B98AFAF6581BDB63 ] C:\Windows\System32\comdlg32.dll
15:35:12.0071 0x14f4  C:\Windows\System32\comdlg32.dll - ok
15:35:12.0077 0x14f4  [ DBF99FD9CAF75CA66D042BD8D050FF71, D11A863EAEDE80A731FD7A63F744E518D3921043CC3982BAA87992F9E82F044F ] C:\Windows\System32\usp10.dll
15:35:12.0078 0x14f4  C:\Windows\System32\usp10.dll - ok
15:35:12.0084 0x14f4  [ 4BBFA57F594F7E8A8EDC8F377184C3F0, 9F3AC5DEA5A6250C3DBB97AF79C81C0A48429486521F807355A1D7D3D861B75F ] C:\Windows\System32\ws2_32.dll
15:35:12.0084 0x14f4  C:\Windows\System32\ws2_32.dll - ok
15:35:12.0090 0x14f4  [ 882AC0DD997CFC90FBB468D698BD55C6, 127909B8C20EAB0A692ECDB50E9D3DF2B568C43F58E38655DEFA4F2831EAA92C ] C:\Windows\System32\urlmon.dll
15:35:12.0090 0x14f4  C:\Windows\System32\urlmon.dll - ok
15:35:12.0094 0x14f4  [ C431EAF5CAA1C82CAC2534A2EAB348A3, ADDF850128DC675E67FABA9A3D0D27E684F01F733962CA22927BB94503549E44 ] C:\Windows\System32\msctf.dll
15:35:12.0094 0x14f4  C:\Windows\System32\msctf.dll - ok
15:35:12.0100 0x14f4  [ AA2C08CE85653B1A0D2E4AB407FA176C, 83DFD0C119B20AEDB07114C9D1CF9CE2DFA938D0F1070256B0591A9E2C3997FA ] C:\Windows\System32\imm32.dll
15:35:12.0100 0x14f4  C:\Windows\System32\imm32.dll - ok
15:35:12.0106 0x14f4  [ 25983DE69B57142039AC8D95E71CD9C9, A677DA7EBCBCB6073D27E8A38809F51E971E83ED379BC599AAAD6EF4216348DA ] C:\Windows\System32\clbcatq.dll
15:35:12.0106 0x14f4  C:\Windows\System32\clbcatq.dll - ok
15:35:12.0113 0x14f4  [ 044FE45FFD6AD40E3BBBE60B7F41BABE, A1688A5E6E0F7037C850699462C2655006A7D873C97F9AB406C59D81749B6F09 ] C:\Windows\System32\nsi.dll
15:35:12.0113 0x14f4  C:\Windows\System32\nsi.dll - ok
15:35:12.0119 0x14f4  [ C391FC68282A000CDF953F8B6B55D2EF, 1CB0DAB84545D9FDEA5A7865A1E7132CEAC91DECF8B100285B63098D7B09E584 ] C:\Windows\System32\msvcrt.dll
15:35:12.0119 0x14f4  C:\Windows\System32\msvcrt.dll - ok
15:35:12.0125 0x14f4  [ A1BE6A720D02E37F72E9CD89AE9CB3CF, 80721B622AC1EEF1F534B9C8948E2226B733123B14ABE63894D5788E4F0D6B8B ] C:\Windows\System32\imagehlp.dll
15:35:12.0125 0x14f4  C:\Windows\System32\imagehlp.dll - ok
15:35:12.0131 0x14f4  [ 4E4FFB09D895AA000DD56D1404F69A7E, D999E04BB35780088480EAB322176570591A21E311D204BDCAB010A63B34D24C ] C:\Windows\System32\Wldap32.dll
15:35:12.0131 0x14f4  C:\Windows\System32\Wldap32.dll - ok
15:35:12.0137 0x14f4  [ D28B35DE88D27EFB27DF4B1E8319E3C0, 15188D68ADAD41422E0F0AFB03BD21A8DD8521D9284E3253E5434893D869E091 ] C:\Windows\System32\wininet.dll
15:35:12.0137 0x14f4  C:\Windows\System32\wininet.dll - ok
15:35:12.0143 0x14f4  [ FE70103391A64039A921DBFFF9C7AB1B, F7D219D75037BC98F6C69143B00AB6000A31F8B5E211E0AF514F4F4B681522A0 ] C:\Windows\System32\user32.dll
15:35:12.0143 0x14f4  C:\Windows\System32\user32.dll - ok
15:35:12.0150 0x14f4  [ D87E1E59C73C1F98D5DED5B3850C40F5, 536419BFF9F877D4314B5D0C045D9A6E729489C389863FADF07E382050BC84FD ] C:\Windows\System32\psapi.dll
15:35:12.0150 0x14f4  C:\Windows\System32\psapi.dll - ok
15:35:12.0156 0x14f4  [ AD662B34B161198B9D66A564EDDA7D43, 335807AA4E88234BF2C639781E92D0DBC41D973754D61AB1DA6C8BA4E108AEBD ] C:\Windows\System32\shell32.dll
15:35:12.0156 0x14f4  C:\Windows\System32\shell32.dll - ok
15:35:12.0162 0x14f4  [ 26036E228D2467DE6975AD819C22C043, B4A30EC7ABAEFFF55DE662F4A17415F2BD737BD563215638C86C580B8F3EA907 ] C:\Windows\System32\rpcrt4.dll
15:35:12.0162 0x14f4  C:\Windows\System32\rpcrt4.dll - ok
15:35:12.0168 0x14f4  [ C06B32165E23A72A898B7A89679AD754, 721405158F6E9F1A7FE7BB33EF642D91332726629D0D3B07DF3CF3152A91C85D ] C:\Windows\System32\oleaut32.dll
15:35:12.0168 0x14f4  C:\Windows\System32\oleaut32.dll - ok
15:35:12.0174 0x14f4  [ 63A580C88CFAF72A92550940054569EF, A66C89123D1833446ACC31D5CF536B0D0EC24D2F805C022A637596CF98429D9F ] C:\Windows\System32\advapi32.dll
15:35:12.0174 0x14f4  C:\Windows\System32\advapi32.dll - ok
15:35:12.0181 0x14f4  [ 5D8E6C95156ED1F79A63D1EADE6F9ED5, 12130837D7F89A2C7E9D25747A8E5B9001E0A38D545178B49B450C23AE62664A ] C:\Windows\System32\setupapi.dll
15:35:12.0181 0x14f4  C:\Windows\System32\setupapi.dll - ok
15:35:12.0187 0x14f4  [ F7CE0C81C545364020ED8203CF0A633E, 24B47A7492B7048096AF87E26786E8108455ADBD1A374B6A0466DE008505B8A9 ] C:\Windows\System32\difxapi.dll
15:35:12.0187 0x14f4  C:\Windows\System32\difxapi.dll - ok
15:35:12.0193 0x14f4  [ EAF32CB8C1F810E4715B4DFBE785C7FF, DB6AD07FDED42433E669508AB73FAFF6DAFF04575D6F1D016FE3EB6ECEC4DD5D ] C:\Windows\System32\shlwapi.dll
15:35:12.0193 0x14f4  C:\Windows\System32\shlwapi.dll - ok
15:35:12.0199 0x14f4  [ D8973E71F1B35CD3F3DEA7C12D49D0F0, 23CAE14BF9D7208CD2A0B2691B1A64313A24A23E6D70F40AA0572ED37E8B542C ] C:\Windows\System32\kernel32.dll
15:35:12.0199 0x14f4  C:\Windows\System32\kernel32.dll - ok
15:35:12.0205 0x14f4  [ 796B47A4B82EF1C39F13435B88834C48, AFC3E89476BAAD8A71663F0DB8D15E00FF9D131F1306A2F69D728E3AD1184602 ] C:\Windows\System32\lpk.dll
15:35:12.0205 0x14f4  C:\Windows\System32\lpk.dll - ok
15:35:12.0211 0x14f4  [ 0E6FBF19D9DFBB77316C23DF91F8A101, 680F88E1BC55EA3342AACE6F2E3511BF877AC8F03276D028FEE84EEFE8B5611A ] C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
15:35:12.0211 0x14f4  C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
15:35:12.0217 0x14f4  [ AFC3DB5C6EB8CA8017DDB81D6C0AD02A, 445C2857398252756FD25BB94DAFCCEFF573DE55F1F8BF9094C191F409FE6437 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
15:35:12.0218 0x14f4  C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
15:35:12.0223 0x14f4  [ 9028D1621C43DF8DFBD1C76860412A11, A1D48D9B33180BDE50D2FA9BB07E9520B7B7788C39B3AABB4A06AE4B1AACA755 ] C:\Windows\System32\comctl32.dll
15:35:12.0224 0x14f4  C:\Windows\System32\comctl32.dll - ok
15:35:12.0230 0x14f4  [ 06FEC9E8117103BB1141A560E98077DA, C5E61B11DDBBBBBA3D9488970524F0975EA5FBDF16E2FA31F579F8BFA48353B1 ] C:\Windows\System32\devobj.dll
15:35:12.0230 0x14f4  C:\Windows\System32\devobj.dll - ok
15:35:12.0235 0x14f4  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] C:\Windows\System32\drivers\ndproxy.sys
15:35:12.0236 0x14f4  C:\Windows\System32\drivers\ndproxy.sys - ok
15:35:12.0242 0x14f4  [ F49E92B50CED5C9F1725D3C0329FD933, 6155FA4D8242F07FC578FF746890C2EE19FC3D6A20ED8AE4C6F021DB2DAC184F ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
15:35:12.0242 0x14f4  C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
15:35:12.0249 0x14f4  [ 64A4AB126E24FD3F58EBE64852773DB5, ED425BBC91EB8BEF54C363036A770C551C97EF324F1AE31049CA750D0E2D6776 ] C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
15:35:12.0249 0x14f4  C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
15:35:12.0255 0x14f4  [ 21D26064AEDB4988F785BB4A3A2C051E, F6FA2CA351B24DA19645EB542596C82F9A68D84CC7CCFE6F9FC15CE2CE4D1961 ] C:\Windows\System32\drivers\drmk.sys
15:35:12.0255 0x14f4  C:\Windows\System32\drivers\drmk.sys - ok
15:35:12.0261 0x14f4  [ 32E11315B5126921FFD9074840EF13D3, FC7C0E1CC447FDD89C0FA5EBFD04CCEABFB27751AB57A7176F12BD0D35306E1C ] C:\Windows\System32\drivers\portcls.sys
15:35:12.0262 0x14f4  C:\Windows\System32\drivers\portcls.sys - ok
15:35:12.0268 0x14f4  [ D6D381B76056C668679723938F06F16C, A26C35EB588BF32F5CD22554BE5A05380D50FF1B7D399687EE50DC24C32DA341 ] C:\Windows\System32\drivers\RtHDMIVX.sys
15:35:12.0268 0x14f4  C:\Windows\System32\drivers\RtHDMIVX.sys - ok
15:35:12.0275 0x14f4  [ 1C11E5D258BC374E7FBD598D75E49B75, E5A03972750809C41F6AE183476DE9E4831B9B10D9D178BF644258021D9937C4 ] C:\Windows\System32\drivers\RTKVHD64.sys
15:35:12.0275 0x14f4  C:\Windows\System32\drivers\RTKVHD64.sys - ok
15:35:12.0281 0x14f4  [ 959041D7014C97133D859B45BCA0FC58, 282D34828DA7404470949483CB9789A8B4861D188093F0FBD07138A37F60B94B ] C:\Windows\System32\wintrust.dll
15:35:12.0281 0x14f4  C:\Windows\System32\wintrust.dll - ok
15:35:12.0288 0x14f4  [ B22C00ED0491FD7B8803D7DDE2849F4C, 11AB01BF17A4130A3C4EF493A42406DF106B0923DD6DCBFF5958F5C886B9DA93 ] C:\Windows\System32\KernelBase.dll
15:35:12.0288 0x14f4  C:\Windows\System32\KernelBase.dll - ok
15:35:12.0294 0x14f4  [ 2477A28081BDAEE622CF045ACF8EE124, 00A09CAF9129E84FEEA98FA03CE9012C9F961B64FEE15C4F268822C0F82ACC3C ] C:\Windows\System32\cfgmgr32.dll
15:35:12.0294 0x14f4  C:\Windows\System32\cfgmgr32.dll - ok
15:35:12.0300 0x14f4  [ 72723D3E4781BADC62C3180C137E7B23, 0BDA5292928578C5DA79C761E15B8A892B9D4A3DA26D3635E714797C653CF492 ] C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
15:35:12.0300 0x14f4  C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll - ok
15:35:12.0307 0x14f4  [ 287998A9BA0140ABB59792CDEB2F8483, 68187C80008BFF6C778B0163AC95A91B1EC98B811E2D4E818F385DD12C01A141 ] C:\Windows\System32\crypt32.dll
15:35:12.0307 0x14f4  C:\Windows\System32\crypt32.dll - ok
15:35:12.0314 0x14f4  [ 9094039A00485F71C4DE64BF51F64C46, 4ACFEF4C747ADF806A4FDEDDFD9CC48168DFB05075306C77D3F3927749DD7484 ] C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
15:35:12.0314 0x14f4  C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll - ok
15:35:12.0320 0x14f4  [ 884415BD4269C02EAF8E2613BF85500D, EFE771709EC942694FD206AC8D0A48ED7DCD35036F074268E4AECD68AC982CEA ] C:\Windows\System32\msasn1.dll
15:35:12.0320 0x14f4  C:\Windows\System32\msasn1.dll - ok
15:35:12.0326 0x14f4  [ 9C278785347BCC991F8EA2999D90F58D, EA680C3642A6ABF627415AEE019956FAC702DC6A8F4B4D0FC8A4FB21EADD3896 ] C:\Windows\SysWOW64\normaliz.dll
15:35:12.0326 0x14f4  C:\Windows\SysWOW64\normaliz.dll - ok
15:35:12.0332 0x14f4  [ BF24D6F2ED97FE830BFD52B246F98E67, 6BBF4C4221A245462EF653798F6B416EEB12594AD1CB4E8BC8908A8CB2F53384 ] C:\Windows\System32\drivers\dxapi.sys
15:35:12.0332 0x14f4  C:\Windows\System32\drivers\dxapi.sys - ok
15:35:12.0338 0x14f4  [ 19320B121BFE7462EADD50A42C81AFD0, 410C34396C52DD3D915915DF49664AAE11090CE85A840E1853EBDB101A9ED745 ] C:\Windows\System32\win32k.sys
15:35:12.0338 0x14f4  C:\Windows\System32\win32k.sys - ok
15:35:12.0344 0x14f4  [ EBF228A52517042DE4F38A40285BC8D9, 75CF3D58B05E2AB00457514BEAA0437288EF0C43927F0C55CFD49D85A719E49C ] C:\Windows\System32\drivers\usbccgp.sys
15:35:12.0345 0x14f4  C:\Windows\System32\drivers\usbccgp.sys - ok
15:35:12.0348 0x14f4  [ 216BABD555BC550952320EEA89C25DDF, 1BBB92415280032CD18F361382A69D0D91266AAD56FC88A99C804B0053743D72 ] C:\Windows\System32\csrsrv.dll
15:35:12.0348 0x14f4  C:\Windows\System32\csrsrv.dll - ok
15:35:12.0354 0x14f4  [ 60C2862B4BF0FD9F582EF344C2B1EC72, CB1C6018FC5C15483AC5BB96E5C2E2E115BB0C0E1314837D77201BAB37E8C03A ] C:\Windows\System32\csrss.exe
15:35:12.0354 0x14f4  C:\Windows\System32\csrss.exe - ok
15:35:12.0361 0x14f4  [ F85FB5BF61FBA9830512B9ED8239F681, 548D75E55CC8255E00A823CF8481C74BC2EF61DD90352F745568CD519B1C8B9E ] C:\Windows\System32\drivers\stream.sys
15:35:12.0362 0x14f4  C:\Windows\System32\drivers\stream.sys - ok
15:35:12.0368 0x14f4  [ 0FC813D822BFC06169CE4E0D00669021, 59ECCD1F338E529254C3B9102F6684E35EAA01A7E4D24A2E5FC8F15370162F32 ] C:\Windows\System32\drivers\5U877.sys
15:35:12.0368 0x14f4  C:\Windows\System32\drivers\5U877.sys - ok
15:35:12.0374 0x14f4  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\System32\basesrv.dll
15:35:12.0374 0x14f4  C:\Windows\System32\basesrv.dll - ok
15:35:12.0381 0x14f4  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\System32\winsrv.dll
15:35:12.0381 0x14f4  C:\Windows\System32\winsrv.dll - ok
15:35:12.0387 0x14f4  [ 3CEEE53BBF8BA284FF44585CEC0162FE, 5725A47BE8B7A9116983895FCB82CB2808B7B9C57BC285F3DFD7352E72DBC1FE ] C:\Windows\System32\drivers\RtsUStor.sys
15:35:12.0387 0x14f4  C:\Windows\System32\drivers\RtsUStor.sys - ok
15:35:12.0394 0x14f4  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] C:\Windows\System32\drivers\monitor.sys
15:35:12.0394 0x14f4  C:\Windows\System32\drivers\monitor.sys - ok
15:35:12.0400 0x14f4  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\System32\sxssrv.dll
15:35:12.0400 0x14f4  C:\Windows\System32\sxssrv.dll - ok
15:35:12.0406 0x14f4  [ F29FE765E1448EF371CFE05BFAC74ADB, F251581222D78543272FD4B14A6A59F4B0E0CC44A5FCBCF56DE4CA5783F78A75 ] C:\Windows\System32\tsddd.dll
15:35:12.0406 0x14f4  C:\Windows\System32\tsddd.dll - ok
15:35:12.0412 0x14f4  [ 94355C28C1970635A31B3FE52EB7CEBA, C4E98F07170CEC69CACDD5CEDB8927E48A2A299CB1B8CDA87526E768AF6174F0 ] C:\Windows\System32\wininit.exe
15:35:12.0412 0x14f4  C:\Windows\System32\wininit.exe - ok
15:35:12.0418 0x14f4  [ 943F527DF79E6B400104341AA7023C75, 53C7B9426181D3D172E6B1A07E6DF8A0CB8FCA27D3A03CE5F544D3209B5F4651 ] C:\Windows\System32\cdd.dll
15:35:12.0418 0x14f4  C:\Windows\System32\cdd.dll - ok
15:35:12.0424 0x14f4  [ 2C942733A5983DD4502219FF37C7EBC7, 34B20B6B0D7274E4B5B783F1D2345BC3DD9888964D5C2C65712F041A00CF5B45 ] C:\Windows\System32\profapi.dll
15:35:12.0424 0x14f4  C:\Windows\System32\profapi.dll - ok
15:35:12.0431 0x14f4  [ 78523A26F5604C0568FE9D1CE86E36F4, 534A7228BF69719106F581616A32EAEF0B770DDB36DCE94F84E7D52FDB1382B5 ] C:\Windows\System32\KBDUS.DLL
15:35:12.0431 0x14f4  C:\Windows\System32\KBDUS.DLL - ok
15:35:12.0437 0x14f4  [ C2A8CB1275ECB85D246A9ECC02A728E3, 3603FADCA0060BD201148F9D59E4E2627F024609A6463AB525B5D1AD17BDCD10 ] C:\Windows\System32\RpcRtRemote.dll
15:35:12.0437 0x14f4  C:\Windows\System32\RpcRtRemote.dll - ok
15:35:12.0443 0x14f4  [ B26B1801356760841C3BC69F9F91537F, 83B9DF333E36C09E81D44E12AE5BE14650126FDA0CF4A0EA853BF40C5780EF81 ] C:\Windows\System32\WlS0WndH.dll
15:35:12.0443 0x14f4  C:\Windows\System32\WlS0WndH.dll - ok
15:35:12.0449 0x14f4  [ 9CEAD32E79A62150FE9F8557E58E008B, AFE4C1725EE94D7DE0749AE1495A4E5CC33C369F29B2A589DA66FFE27FF9777E ] C:\Windows\System32\sxs.dll
15:35:12.0449 0x14f4  C:\Windows\System32\sxs.dll - ok
15:35:12.0455 0x14f4  [ 784FA3DF338E2E8F5F0389D6FAC428AF, 9C8AA0CFDEB9E38AAF8EB08626070E0F0364F4F8A793CFE3532EC6C007980C34 ] C:\Windows\System32\cryptbase.dll
15:35:12.0455 0x14f4  C:\Windows\System32\cryptbase.dll - ok
15:35:12.0461 0x14f4  [ 90499F3163A9F815CF196A205EA3CD5D, 29B4ED3795CEC1177EB367132914CE21C194CDEC5DB9DC923FD928C85E94D821 ] C:\Windows\System32\apphelp.dll
15:35:12.0461 0x14f4  C:\Windows\System32\apphelp.dll - ok
15:35:12.0468 0x14f4  [ 66A6063D0BAAD3F7B2B9868859E0743B, EEAABD90410864E2992E1A3AB2C29D0E8EF955AD49AF72A6A8EAA3D3AE9EE33E ] C:\Windows\System32\lsasrv.dll
15:35:12.0468 0x14f4  C:\Windows\System32\lsasrv.dll - ok
15:35:12.0473 0x14f4  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] C:\Windows\System32\lsass.exe
15:35:12.0473 0x14f4  C:\Windows\System32\lsass.exe - ok
15:35:12.0480 0x14f4  [ 9662EE182644511439F1C53745DC1C88, D205B2C163E78AB42A5D67D7664EF6B75EA0374FF0924467D624F9DB0611F0AD ] C:\Windows\System32\lsm.exe
15:35:12.0480 0x14f4  C:\Windows\System32\lsm.exe - ok
15:35:12.0485 0x14f4  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\System32\services.exe
15:35:12.0486 0x14f4  C:\Windows\System32\services.exe - ok
15:35:12.0491 0x14f4  [ 3A0CE5FE781708CD6ABD55313607EC8B, D7B4137ABFED3A46304605A83C1E5012E7D1C811E5C74A9F20E359988EFCD7A9 ] C:\Windows\System32\sspisrv.dll
15:35:12.0491 0x14f4  C:\Windows\System32\sspisrv.dll - ok
15:35:12.0498 0x14f4  [ B66BC8B20B7F33975865B1DF99783FD8, 7CB446AAA2F1232AAA0178F90CEA857015CC21A9A615601F7DBFB7130CD0858B ] C:\Windows\System32\sspicli.dll
15:35:12.0498 0x14f4  C:\Windows\System32\sspicli.dll - ok
15:35:12.0504 0x14f4  [ 68083118797CAF30FB2EA3E71494D67E, 5F1BCDFCB00A20CD60CBC70A2FD97405EF0F7173DD0E404BBA7B06D39DB37364 ] C:\Windows\System32\sysntfy.dll
15:35:12.0504 0x14f4  C:\Windows\System32\sysntfy.dll - ok
15:35:12.0510 0x14f4  [ DEE7267C5D232A3B816866872CE199E6, A1994FD37667C52E7CBF873514C190DA61A3D1349786D187BFAE0006F61799AE ] C:\Windows\System32\wmsgapi.dll
15:35:12.0510 0x14f4  C:\Windows\System32\wmsgapi.dll - ok
15:35:12.0517 0x14f4  [ A744BA6E04C8AA4592818178DBF89521, 9E7C85D842DF16F9B8FED7B06AF309B5ECCBFD465F5552347D4C3F1FEFDC6F7A ] C:\Windows\System32\samsrv.dll
15:35:12.0517 0x14f4  C:\Windows\System32\samsrv.dll - ok
15:35:12.0523 0x14f4  [ E914A50A151DFFE63D3935226DB5E2C1, 7DCCE4060344E1C771679F1C20378A0BEB3C1F06DB684072F07B98921A62A299 ] C:\Windows\System32\scext.dll
15:35:12.0523 0x14f4  C:\Windows\System32\scext.dll - ok
15:35:12.0529 0x14f4  [ 0144D8D75A0B12938AEEE859E3310A46, C3FB240B62F736230BAC81DE8315C9236300474B189A599DBC6437AB341F166B ] C:\Windows\System32\secur32.dll
15:35:12.0529 0x14f4  C:\Windows\System32\secur32.dll - ok
15:35:12.0535 0x14f4  [ BBCDF350817BA86416C0F06B6981BE8D, D064438F97852B9BD6015C8B19377C61C671E0969E09506B8359FE7B1F373A61 ] C:\Windows\System32\scesrv.dll
15:35:12.0535 0x14f4  C:\Windows\System32\scesrv.dll - ok
15:35:12.0541 0x14f4  [ 3A061472B38233BAFF9CFEFF2E49C46B, DF29B14C8D22A8A16AA336A09A6152E2C7FCA6CAF4E76F0C5DCB55BEF9D00515 ] C:\Windows\System32\cryptdll.dll
15:35:12.0541 0x14f4  C:\Windows\System32\cryptdll.dll - ok
15:35:12.0547 0x14f4  [ 3C073B0C596A0AF84933E7406766B040, 4698BBA678F553E15AD4B07AD7FB236281F872DEFEE97BFD637114476C8F97B3 ] C:\Windows\System32\wevtapi.dll
15:35:12.0547 0x14f4  C:\Windows\System32\wevtapi.dll - ok
15:35:12.0553 0x14f4  [ 7FBEBD2229EA5FD48D41B199EC2D541C, A465975D445A8D50CAF3EF29BD33354B320D11173C127BE30D5EBBFF7008CDCE ] C:\Windows\System32\authz.dll
15:35:12.0554 0x14f4  C:\Windows\System32\authz.dll - ok
15:35:12.0559 0x14f4  [ 86FE1B1F8FD42CD0DB641AB1CDB13093, 8C4BB4415105CE82FFFE658879EAE9D259A24C0F6DFC7D25507352DC99241BE2 ] C:\Windows\System32\cngaudit.dll
15:35:12.0559 0x14f4  C:\Windows\System32\cngaudit.dll - ok
15:35:12.0565 0x14f4  [ 3A9C9BAF610B0DD4967086040B3B62A9, E8E9A0F42B1EE7806EDCEED08AA024D037215D06CA317E3678BD5364AD513D23 ] C:\Windows\System32\srvcli.dll
15:35:12.0566 0x14f4  C:\Windows\System32\srvcli.dll - ok
15:35:12.0572 0x14f4  [ 5F3307352216618221A17CFEF273EEE2, 8EE55E9869FAF89EFDCADDDA74E9CAA072330CEF96C9DA2B8F8093FE5DAA5837 ] C:\Windows\System32\ncrypt.dll
15:35:12.0572 0x14f4  C:\Windows\System32\ncrypt.dll - ok
15:35:12.0579 0x14f4  [ B9A95365E52F421A20E1501935FADDA5, DDB4CB575139233EFAF2C59B7E9B04AF36BBCCC63190181F3B2A7E6BFC86E77E ] C:\Windows\System32\bcrypt.dll
15:35:12.0579 0x14f4  C:\Windows\System32\bcrypt.dll - ok
15:35:12.0585 0x14f4  [ 02B64609F865A39365FF88580DF11738, 2F676B93898E1B6131AF6227BB7AB731EB9C29477F9BD4C2C60F0FC1E35CD968 ] C:\Windows\System32\msprivs.dll
15:35:12.0585 0x14f4  C:\Windows\System32\msprivs.dll - ok
15:35:12.0591 0x14f4  [ C6505DE3561537BA1004D638C2F93F2F, 3E4FDF374B1A9E43A8F61FD2D79E0515390ECABFDAF72C4BD44A7B6429039AF6 ] C:\Windows\System32\netjoin.dll
15:35:12.0591 0x14f4  C:\Windows\System32\netjoin.dll - ok
15:35:12.0598 0x14f4  [ 44E1A196DFCB53B01FE4B855C3B56A15, EDC31276EC325B642D07EE79F6E9021CBB7F8AFC32F9A408C91844175BF6B6E2 ] C:\Windows\System32\kerberos.dll
15:35:12.0598 0x14f4  C:\Windows\System32\kerberos.dll - ok
15:35:12.0601 0x14f4  [ 50532FCD7ECF02DD169CE5C485F02534, 8EE5D9D0EA53DC72BCC300692E521ACADD56AB09BFA3E78149D8B5A90648512C ] C:\Windows\System32\negoexts.dll
15:35:12.0601 0x14f4  C:\Windows\System32\negoexts.dll - ok
15:35:12.0607 0x14f4  [ D0C2FBB6D97416B0166478FC7AE2B212, 7EAB6C37F0A845E645CA44CC060AC6C56E386C7EF7A64716C6786C9602AD8C9D ] C:\Windows\System32\cryptsp.dll
15:35:12.0608 0x14f4  C:\Windows\System32\cryptsp.dll - ok
15:35:12.0613 0x14f4  [ 9A9F9F1A77D6A80EE28B57664F00013E, 0D441638E086EF1342FCDC43E826BF9E9CC6B2E8AE100D89BFC70163F987DE91 ] C:\Windows\System32\mswsock.dll
15:35:12.0614 0x14f4  C:\Windows\System32\mswsock.dll - ok
15:35:12.0620 0x14f4  [ EF12B8385AA2849999008A977918F96B, ADEF9F5D2B0C2A30CB1B395C774E7FE75437135A09D3D4E6F97EE8656CE139B4 ] C:\Windows\System32\msv1_0.dll
15:35:12.0620 0x14f4  C:\Windows\System32\msv1_0.dll - ok
15:35:12.0626 0x14f4  [ EC7CBFF96B05ECF3D366355B3C64ADCF, F69ED45EBEDCA9CF000AC03281F0EC2C351F98513FBA90E63394E4E561D6C7A2 ] C:\Windows\System32\wship6.dll
15:35:12.0626 0x14f4  C:\Windows\System32\wship6.dll - ok
15:35:12.0632 0x14f4  [ AA339DD8BB128EF66660DFBBB59043D3, 76D9F849AFDDA38E04549EB67B4163478776F1B6EF46434168278F84FEB8FC5C ] C:\Windows\System32\netlogon.dll
15:35:12.0632 0x14f4  C:\Windows\System32\netlogon.dll - ok
15:35:12.0638 0x14f4  [ 492D07D79E7024CA310867B526D9636D, F2FE647AB85C6C3C1AA3DF4BCE6E4D42B9676C9D837E11388C235AE8DB20044F ] C:\Windows\System32\dnsapi.dll
15:35:12.0638 0x14f4  C:\Windows\System32\dnsapi.dll - ok
15:35:12.0644 0x14f4  [ E1BB958681BE311E7CFF06CFEC5F1F2B, C2FDFC6C7350788A07DCB99A6A54FB9A96A6A578013DF46D0E5094A3CBF6E862 ] C:\Windows\System32\atmfd.dll
15:35:12.0644 0x14f4  C:\Windows\System32\atmfd.dll - ok
15:35:12.0650 0x14f4  [ 8FFE297B8449386E7B6851458B6E474E, E149B37E11091D69D926242517E5655596594A6F01FEF06EB65D6BA5B354E326 ] C:\Windows\System32\logoncli.dll
15:35:12.0650 0x14f4  C:\Windows\System32\logoncli.dll - ok
15:35:12.0656 0x14f4  [ 1573C45E65DE32B1BC3572634F8F1E8E, 8B3D9636470ADCEEEAA83E69033487E270AB1AE58F4D44BB4B024B95F59C3CC9 ] C:\Windows\System32\schannel.dll
15:35:12.0656 0x14f4  C:\Windows\System32\schannel.dll - ok
15:35:12.0663 0x14f4  [ 95FB6CA4374E343DDD653FCC43F9D26B, 911A240F9C1DD155C2B1CD85FE4A8044EB2816AF166CD8CB66EEB905CA352881 ] C:\Windows\System32\wdigest.dll
15:35:12.0663 0x14f4  C:\Windows\System32\wdigest.dll - ok
15:35:12.0669 0x14f4  [ 5D8874A8C11DDDDE29E12DE0E2013493, 3E9A57137BF622AF83E3E4D58971E2C0200559CCA7545D16CF263AA03EE9C7D2 ] C:\Windows\System32\rsaenh.dll
15:35:12.0669 0x14f4  C:\Windows\System32\rsaenh.dll - ok
15:35:12.0675 0x14f4  [ E08088A97F95345E181C3DFCE2C615EF, DEF3B087DF5E10E4F8418029DB6E82546E62FEFA39694B7BD6A48CE8AAFD1B96 ] C:\Windows\System32\pku2u.dll
15:35:12.0675 0x14f4  C:\Windows\System32\pku2u.dll - ok
15:35:12.0682 0x14f4  [ 8A25506B6948EFBD5A7F37E53CCD36D9, 2A20562ED33ABD1D15C7BE9F4F1E623E3604BCC0F7214D067CD8C3D16B9EC6A7 ] C:\Windows\System32\TSpkg.dll
15:35:12.0682 0x14f4  C:\Windows\System32\TSpkg.dll - ok
15:35:12.0691 0x14f4  [ 55C892560C1B42BC57FB61AEFCED2F22, 9A15D6559B4FD2FE3A5C5CE13F3C1AD01D9576F6023BDBD12336A1654D33EC63 ] C:\Windows\System32\LIVESSP.DLL
15:35:12.0691 0x14f4  C:\Windows\System32\LIVESSP.DLL - ok
15:35:12.0699 0x14f4  [ D6C7780A364C6BBACFA796BAB9F1B374, 3B5ED1A030BFD0BB73D4FFCD67A6A0B8501EF70293F223EFAA12F430ADF270F9 ] C:\Windows\System32\bcryptprimitives.dll
15:35:12.0699 0x14f4  C:\Windows\System32\bcryptprimitives.dll - ok
15:35:12.0705 0x14f4  [ 90BDEFC5DF334E5100EAA781D798DE1A, F48B650D811B6D57D2252E326C0C9CC74534BE9D510E7D3403F91D1C5C36281E ] C:\Windows\System32\efslsaext.dll
15:35:12.0705 0x14f4  C:\Windows\System32\efslsaext.dll - ok
15:35:12.0712 0x14f4  [ 52D3D5E3586988D4D9E34ACAAC33105C, C61B60BA962B25B8334F0941C3535EA4ACA1CC060B8A196E396CA3E11CEEF8A1 ] C:\Windows\System32\credssp.dll
15:35:12.0712 0x14f4  C:\Windows\System32\credssp.dll - ok
15:35:12.0719 0x14f4  [ ED78427259134C63ED69804D2132B86C, F6F51B8B35881ABCA5580ED111AAC80E466E6474ABAE31EC8BE46C23EDCA77B2 ] C:\Windows\System32\scecli.dll
15:35:12.0719 0x14f4  C:\Windows\System32\scecli.dll - ok
15:35:12.0725 0x14f4  [ 7CC7DF5B654DA579613F811D8C637E29, 70EAC059C1ED814810C75DBB9F4D188428CB942FFD8869D692158D384EB6BB35 ] C:\Windows\System32\ubpm.dll
15:35:12.0725 0x14f4  C:\Windows\System32\ubpm.dll - ok
15:35:12.0731 0x14f4  [ 1151B1BAA6F350B1DB6598E0FEA7C457, B1506E0A7E826EFF0F5252EF5026070C46E2235438403A9A24D73EE69C0B8A49 ] C:\Windows\System32\winlogon.exe
15:35:12.0731 0x14f4  C:\Windows\System32\winlogon.exe - ok
15:35:12.0737 0x14f4  [ 0D9764D58C5EFD672B7184854B152E5E, 9827B43DABBEC39AB2E2294408D9C5304EF27A684903C5234C6070387723D49E ] C:\Windows\System32\winsta.dll
15:35:12.0737 0x14f4  C:\Windows\System32\winsta.dll - ok
15:35:12.0743 0x14f4  [ C78655BC80301D76ED4FEF1C1EA40A7D, 93B2ED4004ED5F7F3039DD7ECBD22C7E4E24B6373B4D9EF8D6E45A179B13A5E8 ] C:\Windows\System32\svchost.exe
15:35:12.0743 0x14f4  C:\Windows\System32\svchost.exe - ok
15:35:12.0749 0x14f4  [ E6EB44ABAAF1F330119F854856C53EBE, 77279972FFBFA984578DD4F17EB615F5D2D93590AF3A9FEFEFDB9128206C9887 ] C:\Windows\System32\SPInf.dll
15:35:12.0749 0x14f4  C:\Windows\System32\SPInf.dll - ok
15:35:12.0755 0x14f4  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] C:\Windows\System32\umpnpmgr.dll
15:35:12.0755 0x14f4  C:\Windows\System32\umpnpmgr.dll - ok
15:35:12.0761 0x14f4  [ CD1B5AD07E5F7FEF30E055DCC9E96180, 63C58551F32B0B09377F64A6AE1FA81AF93B8A707A57A8C18722086906AD3046 ] C:\Windows\System32\devrtl.dll
15:35:12.0761 0x14f4  C:\Windows\System32\devrtl.dll - ok
15:35:12.0767 0x14f4  [ 7A17485DC7D8A7AC81321A42CD034519, 88D8705FA901793FC8C1CFD0175E49A6502BF0FC94A066BA573D2FD13AA5F04A ] C:\Windows\System32\userenv.dll
15:35:12.0767 0x14f4  C:\Windows\System32\userenv.dll - ok
15:35:12.0773 0x14f4  [ 9C9307C95671AC962F3D6EB3A4A89BAE, D1433791C9B8BCEEAD8937EC18D33E89E4E2012B5975228A8500FD141BC30078 ] C:\Windows\System32\gpapi.dll
15:35:12.0773 0x14f4  C:\Windows\System32\gpapi.dll - ok
15:35:12.0779 0x14f4  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] C:\Windows\System32\umpo.dll
15:35:12.0780 0x14f4  C:\Windows\System32\umpo.dll - ok
15:35:12.0785 0x14f4  [ F6C011B46FAEEF33536B2E80F48B5CBE, BDD149D3D6F9F6C8F6F34C311219BE5618CEEFBC7D35E37473A47F1D5D015067 ] C:\Windows\System32\pcwum.dll
15:35:12.0785 0x14f4  C:\Windows\System32\pcwum.dll - ok
15:35:12.0791 0x14f4  [ 716175021BDA290504CE434273F666BC, FA18CA2D8A5F4335E051E2933147D3C1E7308F7D446E2AEB6596CDEF6E2AFC88 ] C:\Windows\System32\powrprof.dll
15:35:12.0791 0x14f4  C:\Windows\System32\powrprof.dll - ok
15:35:12.0798 0x14f4  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] C:\Windows\System32\drivers\luafv.sys
15:35:12.0798 0x14f4  C:\Windows\System32\drivers\luafv.sys - ok
15:35:12.0804 0x14f4  [ 8D61BB5A7D6E08E278C84F852D07D516, 1F201A99075C3070AE245EA9B2631ECC028E4B05B809442AAB45A8491CCDC8FA ] C:\Windows\System32\ibmpmsvc.exe
15:35:12.0804 0x14f4  C:\Windows\System32\ibmpmsvc.exe - ok
15:35:12.0810 0x14f4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] C:\Windows\System32\rpcss.dll
15:35:12.0810 0x14f4  C:\Windows\System32\rpcss.dll - ok
15:35:12.0816 0x14f4  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] C:\Windows\System32\RpcEpMap.dll
15:35:12.0816 0x14f4  C:\Windows\System32\RpcEpMap.dll - ok
15:35:12.0822 0x14f4  [ 16E964ABF6D1E0F0CC7822FCA9BA754D, 0E461387ACFD641DA22EE542A3C68AF5F7D3A7F967D974E3B198143D461ABE39 ] C:\Windows\System32\wshqos.dll
15:35:12.0822 0x14f4  C:\Windows\System32\wshqos.dll - ok
15:35:12.0828 0x14f4  [ 31559F3244C6BC00A52030CAA83B6B91, B2025742B5F0025ACE9821D5722DE3F997EEEAB21D2F381C9E307882DF422579 ] C:\Windows\System32\WSHTCPIP.DLL
15:35:12.0828 0x14f4  C:\Windows\System32\WSHTCPIP.DLL - ok
15:35:12.0838 0x14f4  [ EC803C6CA6D6FDEE5DE77641426E72BE, 5BFD662ADC2922005F22DEA51DA3BFB327F1A4163B3464A862FD1AF73195B536 ] C:\Windows\System32\atiesrxx.exe
15:35:12.0838 0x14f4  C:\Windows\System32\atiesrxx.exe - ok
15:35:12.0842 0x14f4  [ 9AD9E06F8656F296D91FAE8EE5B95A27, 53384747D5864D699BCC4F48E0A5E656430EDAA65DCDAB4B11EA68FC7106459E ] C:\Windows\System32\FirewallAPI.dll
15:35:12.0842 0x14f4  C:\Windows\System32\FirewallAPI.dll - ok
15:35:12.0848 0x14f4  [ 94E026870A55AAEAFF7853C1754091E9, B2F5D5629D12BDFA98DBED3898368F37D9009C7531B6909C7285A2C11C9A0F93 ] C:\Windows\System32\version.dll
15:35:12.0848 0x14f4  C:\Windows\System32\version.dll - ok
15:35:12.0852 0x14f4  [ BD3674BE7FC9D8D3732C83E8499576ED, E6716A5895D629263A4D21959F48840429AB6F4B55A5FA2663EE5E86C9CA2BF1 ] C:\Windows\System32\wtsapi32.dll
15:35:12.0852 0x14f4  C:\Windows\System32\wtsapi32.dll - ok
15:35:12.0858 0x14f4  [ 715F03B4C7223349768013EA95D9E5B7, 09AB0535A54C2E2962F0FD06988D99060F8CECA39B07AC00A63204C773B95893 ] C:\Windows\System32\LogonUI.exe
15:35:12.0858 0x14f4  C:\Windows\System32\LogonUI.exe - ok
15:35:12.0864 0x14f4  [ 3EF480BFED1B5947A32585E30A58D4ED, 798FECC095721EFB1C2B1DF3438DDABEEEA668EA00CB702164F2A0A0C30F1726 ] C:\Windows\System32\authui.dll
15:35:12.0864 0x14f4  C:\Windows\System32\authui.dll - ok
15:35:12.0870 0x14f4  [ 6011714C8C5C55CBFFAD24D61E879FBD, 75D615082A1C71C6ED3ABB49EDAF660EE538D112CF79B9C8AF0A583D1CE1BBB0 ] C:\Windows\System32\wevtsvc.dll
15:35:12.0870 0x14f4  C:\Windows\System32\wevtsvc.dll - ok
15:35:12.0877 0x14f4  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] C:\Windows\System32\audiosrv.dll
15:35:12.0877 0x14f4  C:\Windows\System32\audiosrv.dll - ok
15:35:12.0883 0x14f4  [ 227E2C382A1E02F8D4965E664D3BBE43, 1CFF20A8BF87ACE4FA4935EBEED72BFB1A1FE902A754899E2F50798D67DF5642 ] C:\Windows\System32\MMDevAPI.dll
15:35:12.0883 0x14f4  C:\Windows\System32\MMDevAPI.dll - ok
15:35:12.0889 0x14f4  [ F06BB4E336EA57511FDBAFAFCC47DE62, BE43EC62548E9FF89A9495A1722E22DBB76EEC3764F86E64057B636F27D15765 ] C:\Windows\System32\propsys.dll
15:35:12.0889 0x14f4  C:\Windows\System32\propsys.dll - ok
15:35:12.0895 0x14f4  [ 78A1E65207484B7F8D3217507745F47C, 35F413ADB9D157F3666DD15DD58104D629CD9143198A1AB914B73A4A3C9903DD ] C:\Windows\System32\avrt.dll
15:35:12.0895 0x14f4  C:\Windows\System32\avrt.dll - ok
15:35:12.0902 0x14f4  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] C:\Windows\System32\FntCache.dll
15:35:12.0902 0x14f4  C:\Windows\System32\FntCache.dll - ok
15:35:12.0908 0x14f4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] C:\Windows\System32\mmcss.dll
15:35:12.0908 0x14f4  C:\Windows\System32\mmcss.dll - ok
15:35:12.0915 0x14f4  [ B3BFBD758506ECB50C5804AAA76318F9, 34E079A6AB2D41D1E0B3887B6AE31C43941061B7176FFF2801C3F465C2C89578 ] C:\Windows\System32\cryptui.dll
15:35:12.0915 0x14f4  C:\Windows\System32\cryptui.dll - ok
15:35:12.0921 0x14f4  [ 7FA8FDC2C2A27817FD0F624E78D3B50C, 7B63F6AA2CD6D4D07EA3C595B868B1A0749BB11620027A2BD9B935E3055481E4 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
15:35:12.0921 0x14f4  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
15:35:12.0927 0x14f4  [ 4E9C2DB10F7E6AE91BF761139D4B745B, 8F63F78294F5585D599A114AF449DCC447CCB239D0F0B490BFE6B34A2146E730 ] C:\Windows\System32\shacct.dll
15:35:12.0928 0x14f4  C:\Windows\System32\shacct.dll - ok
15:35:12.0934 0x14f4  [ 5B3EBFC3DA142324B388DDCC4465E1FF, 5D58642305311F9BC9B779C9598BFC4E7433B3EA58404BF1FF9466838A2328C7 ] C:\Windows\System32\samlib.dll
15:35:12.0934 0x14f4  C:\Windows\System32\samlib.dll - ok
15:35:12.0940 0x14f4  [ D29E998E8277666982B4F0303BF4E7AF, 4F19AB5DC173E278EBE45832F6CEAA40E2DF6A2EDDC81B2828122442FE5D376C ] C:\Windows\System32\uxtheme.dll
15:35:12.0940 0x14f4  C:\Windows\System32\uxtheme.dll - ok
15:35:12.0946 0x14f4  [ 18CAAF21CBA3EAEE17BBA5D3807F29B8, 59C4FE015CCBE922F7AB3838D7F34CACC08DD437B2BAD62926BF4A9C416F7C19 ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_2b25b14c71ebf230\GdiPlus.dll
15:35:12.0946 0x14f4  C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_2b25b14c71ebf230\GdiPlus.dll - ok
15:35:12.0953 0x14f4  [ 3CB6A7286422C72C34DAB54A5DFF1A34, 98D21EFFF511E407336A226420701E82554DA01FA05661303836B6860D63749D ] C:\Windows\System32\dui70.dll
15:35:12.0953 0x14f4  C:\Windows\System32\dui70.dll - ok
15:35:12.0959 0x14f4  [ 8CCDE014A4CDF84564E03ACE064CA753, DD663029B2EB7B12FDB00FCE403D8326141E540E3B9CE84CD5871473D3E2E2CF ] C:\Windows\System32\duser.dll
15:35:12.0959 0x14f4  C:\Windows\System32\duser.dll - ok
15:35:12.0965 0x14f4  [ D7F1EF374A90709B31591823B002F918, 05FD2837C9B03D14BB2A969C1AD77CAEF047D93DC5D0F6C2ACBF0888E8F7B359 ] C:\Windows\System32\SndVolSSO.dll
15:35:12.0965 0x14f4  C:\Windows\System32\SndVolSSO.dll - ok
15:35:12.0971 0x14f4  [ DA1B7075260F3872585BFCDD668C648B, 3E10EF6E1A5C341B478322CB78A0AB7BFC70AD8023779B8B4542A7CB4CA756AB ] C:\Windows\System32\dwmapi.dll
15:35:12.0971 0x14f4  C:\Windows\System32\dwmapi.dll - ok
15:35:12.0977 0x14f4  [ 896F15A6434D93EDB42519D5E18E6B50, 9263F0CEC58D45EBE3FB9C3061FB9392C55A7933B84B4592E6EE13CFC86D5A50 ] C:\Windows\System32\hid.dll
15:35:12.0977 0x14f4  C:\Windows\System32\hid.dll - ok
15:35:12.0983 0x14f4  [ 6F8B48F3D343E4B186AB6A9E302B7E16, 54DB52FC56509E61DF68BD251B3286E6CBE1A91D9BC4D950940A61FE2DA04DF8 ] C:\Windows\System32\xmllite.dll
15:35:12.0983 0x14f4  C:\Windows\System32\xmllite.dll - ok
15:35:12.0989 0x14f4  [ D5CCA1453B98A5801E6D5FF0FF89DC6C, 85F2C2480AAC31B6092187B431A562D79D4CFB1324F925C85055ABAB2483264B ] C:\Windows\System32\audiodg.exe
15:35:12.0989 0x14f4  C:\Windows\System32\audiodg.exe - ok
15:35:12.0995 0x14f4  [ 3D7BB6DD7A87B3E36E44CA94444247A8, 8EC25387910A85624A76C0312A7A8C2A4624E9B7A546FD071F70FE3C2F7F7333 ] C:\Windows\System32\WindowsCodecs.dll
15:35:12.0995 0x14f4  C:\Windows\System32\WindowsCodecs.dll - ok
15:35:13.0002 0x14f4  [ 1F4492FE41767CDB8B89D17655847CDD, 184547FAC0C3D7148FAA3F601929A7089DE393BD19929A137DAD743331DD3F77 ] C:\Windows\System32\ntmarta.dll
15:35:13.0002 0x14f4  C:\Windows\System32\ntmarta.dll - ok
15:35:13.0008 0x14f4  [ EF2AE43BCD46ABB13FC3E5B2B1935C73, 81FC06F306F620845D7DD8D06E706309E70BC89B589C81F3478302A3F5F73431 ] C:\Windows\System32\winmm.dll
15:35:13.0008 0x14f4  C:\Windows\System32\winmm.dll - ok
15:35:13.0014 0x14f4  [ 8560FFFC8EB3A806DCD4F82252CFC8C6, CC27BC092369A89D6147B16568FEDEB68B584D5738CD686C31F7FAE22ED17B3B ] C:\Windows\System32\ksuser.dll
15:35:13.0014 0x14f4  C:\Windows\System32\ksuser.dll - ok
15:35:13.0020 0x14f4  [ 1473768973453DE50DC738C2955FC4DD, 14BC5DA2442CB726ACC1F277DDBECCF5D61E3A0A3E083A55A0BB610191E35220 ] C:\Windows\System32\wdmaud.drv
15:35:13.0020 0x14f4  C:\Windows\System32\wdmaud.drv - ok
15:35:13.0026 0x14f4  [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D, 19959D18601712901F03B83150D15E34EBCAB355BB4692C9A28511A72F57FC66 ] C:\Windows\System32\winbrand.dll
15:35:13.0026 0x14f4  C:\Windows\System32\winbrand.dll - ok
15:35:13.0033 0x14f4  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] C:\Windows\System32\gpsvc.dll
15:35:13.0033 0x14f4  C:\Windows\System32\gpsvc.dll - ok
15:35:13.0039 0x14f4  [ 46BB91A169B9B31FF44EB04C48EC1D41, 8115B533D3A5BE07633FA54FA8847E3DEC00C5BEB193CF2FBE88428D23E2B3D6 ] C:\Windows\System32\nlaapi.dll
15:35:13.0039 0x14f4  C:\Windows\System32\nlaapi.dll - ok
15:35:13.0045 0x14f4  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] C:\Windows\System32\profsvc.dll
15:35:13.0045 0x14f4  C:\Windows\System32\profsvc.dll - ok
15:35:13.0051 0x14f4  [ 588CD0C78A7FAAE4186B5EEA0AF3ED67, E957E4463D318A44BA5109EE3428624DE901C5FF2BA358986DF6C6F059DDBCC2 ] C:\Windows\System32\adtschema.dll
15:35:13.0051 0x14f4  C:\Windows\System32\adtschema.dll - ok
15:35:13.0057 0x14f4  [ 58775492FFD419248B08325E583C527F, DBB013971F5894F25C222C2D4D50A29DB6DF3C413792EE9CCC1A9E6D85469093 ] C:\Windows\System32\atl.dll
15:35:13.0057 0x14f4  C:\Windows\System32\atl.dll - ok
15:35:13.0063 0x14f4  [ A77BE7CB3222B4FB0AC6C71D1C2698D4, 73566223914BF670DF6B5931FA213E546713531B10391ED65B5256BBD7ABDE7F ] C:\Windows\System32\dsrole.dll
15:35:13.0064 0x14f4  C:\Windows\System32\dsrole.dll - ok
15:35:13.0069 0x14f4  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] C:\Windows\System32\es.dll
15:35:13.0069 0x14f4  C:\Windows\System32\es.dll - ok
15:35:13.0075 0x14f4  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] C:\Windows\System32\themeservice.dll
15:35:13.0075 0x14f4  C:\Windows\System32\themeservice.dll - ok
15:35:13.0081 0x14f4  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] C:\Windows\System32\Sens.dll
15:35:13.0082 0x14f4  C:\Windows\System32\Sens.dll - ok
15:35:13.0087 0x14f4  [ BE097F5BB10F9079FCEB2DC4E7E20F02, 90A88986C8C5F30FB153EC803FEDA6572B2C2630A6C9578FCC017800692694D5 ] C:\Windows\System32\slc.dll
15:35:13.0088 0x14f4  C:\Windows\System32\slc.dll - ok
15:35:13.0093 0x14f4  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] C:\Windows\System32\uxsms.dll
15:35:13.0093 0x14f4  C:\Windows\System32\uxsms.dll - ok
15:35:13.0100 0x14f4  [ 24452CCCC3808B5AB0341A384BB72200, 11FFDB0219127AB6F84E2391DEADBDC07163A1A44A8443D1A938117D95B6C92C ] C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
15:35:13.0100 0x14f4  C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe - ok
15:35:13.0104 0x14f4  [ 1A47D52E303B7543E4E6026595B95422, C577CD3837546A7CED5D2E8E97FA2EDACA133B4A8595770EF96CAE519BFE280F ] C:\Windows\System32\comres.dll
15:35:13.0104 0x14f4  C:\Windows\System32\comres.dll - ok
15:35:13.0110 0x14f4  [ FE05D03B73000CFF476E1D29109F3A84, 7880B025413338A7B114BECB5DC67605FC7A97142C26FD12F765A64A21805842 ] C:\Program Files\Windows Defender\MpEvMsg.dll
15:35:13.0110 0x14f4  C:\Program Files\Windows Defender\MpEvMsg.dll - ok
15:35:13.0117 0x14f4  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] C:\Windows\System32\netprofm.dll
15:35:13.0117 0x14f4  C:\Windows\System32\netprofm.dll - ok
15:35:13.0123 0x14f4  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] C:\Windows\System32\wlansvc.dll
15:35:13.0123 0x14f4  C:\Windows\System32\wlansvc.dll - ok
15:35:13.0129 0x14f4  [ 436CB96009091CA3F96B0115A4A4F738, 052B717BF6FFA0429D715DF85A499F3FCBD7D17C960F809F88F12BADD678D222 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
15:35:13.0129 0x14f4  C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe - ok
15:35:13.0136 0x14f4  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] C:\Windows\System32\drivers\lltdio.sys
15:35:13.0136 0x14f4  C:\Windows\System32\drivers\lltdio.sys - ok
15:35:13.0142 0x14f4  [ 585FED4CDB8034B8B58AEB8008255817, 13D1055929D79598C04A4AB66EF3DBAADD265F9D1C3F43E84531238D2526A1AE ] C:\Windows\System32\opengl32.dll
15:35:13.0142 0x14f4  C:\Windows\System32\opengl32.dll - ok
15:35:13.0148 0x14f4  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] C:\Windows\System32\drivers\ndisuio.sys
15:35:13.0148 0x14f4  C:\Windows\System32\drivers\ndisuio.sys - ok
15:35:13.0154 0x14f4  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] C:\Windows\System32\drivers\nwifi.sys
15:35:13.0155 0x14f4  C:\Windows\System32\drivers\nwifi.sys - ok
15:35:13.0161 0x14f4  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] C:\Windows\System32\drivers\rspndr.sys
15:35:13.0161 0x14f4  C:\Windows\System32\drivers\rspndr.sys - ok
15:35:13.0167 0x14f4  [ F2967C0A97C0EA67D79D7F557213950D, 65516C83DCB3F952CD4454636B61CC2F153AF6BEEBC352463791D92F7F500F52 ] C:\Windows\System32\glu32.dll
15:35:13.0167 0x14f4  C:\Windows\System32\glu32.dll - ok
15:35:13.0173 0x14f4  [ A6C09924C6730DE8DEED9890A12AA691, 46EACBC27D15FD43431812D6CA770982178C07246AF3A1C2E0D40D745A1D5758 ] C:\Windows\System32\ddraw.dll
15:35:13.0173 0x14f4  C:\Windows\System32\ddraw.dll - ok
15:35:13.0179 0x14f4  [ A5ED9421B8D09ED4F57CDA386307713E, EC2EE043E94A53302A9721220AA42D29BE72AF3448B7AA01F7EB911ECF7DC6AE ] C:\Windows\System32\dciman32.dll
15:35:13.0179 0x14f4  C:\Windows\System32\dciman32.dll - ok
15:35:13.0185 0x14f4  [ E424B3EF666B184CEE0B6871AAA8C9F6, D182D9B3A813C75F88CA16A9C236AB6167DF5861D155B5DC016B90918C4BD579 ] C:\Windows\System32\msimg32.dll
15:35:13.0185 0x14f4  C:\Windows\System32\msimg32.dll - ok
15:35:13.0191 0x14f4  [ DC220AE6F64819099F7EBD6F137E32E7, B8FE13B859FA83500DD95637FA6D4A5B8392C2A363E41D014D3B5374F636E1DE ] C:\Windows\System32\AudioSes.dll
15:35:13.0191 0x14f4  C:\Windows\System32\AudioSes.dll - ok
15:35:13.0198 0x14f4  [ C2762A57DF0EE85E63CE4893C5215313, DDE22212D78353633CEDE27D7210469DE674563991105563CF64CCCE2D0743BD ] C:\Windows\System32\VaultCredProvider.dll
15:35:13.0198 0x14f4  C:\Windows\System32\VaultCredProvider.dll - ok
15:35:13.0204 0x14f4  [ CA2985996BB49924B677113DF95CFEA7, 91F63863B1B597AE421CD2C3D8A3E00578B17876E5F5B828D25C2C9B349ECCCD ] C:\Windows\System32\SmartcardCredentialProvider.dll
15:35:13.0204 0x14f4  C:\Windows\System32\SmartcardCredentialProvider.dll - ok
15:35:13.0210 0x14f4  [ BF352E73615F5461AA6884472435A544, 4B059E79325C5F08CD6FBBE6352E17ADB64B9608CC9EDB36A2DF4D148060C309 ] C:\Windows\System32\BioCredProv.dll
15:35:13.0210 0x14f4  C:\Windows\System32\BioCredProv.dll - ok
15:35:13.0216 0x14f4  [ 796B8123A7859AFD3A4AE10514DBAEB5, E76F69FAFEC3D66263ED95F3FA9EE309BDDACB287E30583A147DC97F6EEB8844 ] C:\Windows\System32\winbio.dll
15:35:13.0216 0x14f4  C:\Windows\System32\winbio.dll - ok
15:35:13.0222 0x14f4  [ CC0AB40F02D2C2A12209715A3C1B07B8, 90EB303A4E151340DB382248361FEFC5346C31394791DF83663086C8219C2B20 ] C:\Windows\System32\credui.dll
15:35:13.0222 0x14f4  C:\Windows\System32\credui.dll - ok
15:35:13.0228 0x14f4  [ EEEA40F0EDB0A6E5359E539E15D0BC77, BFCBF777239C29C6AC4BC5B59591308571647B7C7FDB5571903F7403DD241E8E ] C:\Windows\System32\netapi32.dll
15:35:13.0228 0x14f4  C:\Windows\System32\netapi32.dll - ok
15:35:13.0235 0x14f4  [ 44B9C66177651F3F53C87B665D58D17A, 3FC426115FF87570889DB28D71970B82B525D2A4B9A00EDD273BF083B77A05CE ] C:\Windows\System32\vaultcli.dll
15:35:13.0235 0x14f4  C:\Windows\System32\vaultcli.dll - ok
15:35:13.0241 0x14f4  [ 6CECA4C6A489C9B2E6073AFDAAE3F607, 127506D1DB38275614CBEB047C133718EF9D03266BA9C98BE55EC7847CFC9C3D ] C:\Windows\System32\netutils.dll
15:35:13.0241 0x14f4  C:\Windows\System32\netutils.dll - ok
15:35:13.0247 0x14f4  [ 3C91392D448F6E5D525A85B7550D8BA9, 6FD0DC73DBE7519E2C643554C2A7F8FBE4F9A678C4241BB54B3C6E65D2ABCF3A ] C:\Windows\System32\wkscli.dll
15:35:13.0247 0x14f4  C:\Windows\System32\wkscli.dll - ok
15:35:13.0253 0x14f4  [ FC51229C7D4AFA0D6F186133728B95AB, 37E58C8E1C8437D1981725A5DCDACA7316CEFBB570370CEFC8D122F523B96AC0 ] C:\Windows\System32\samcli.dll
15:35:13.0253 0x14f4  C:\Windows\System32\samcli.dll - ok
15:35:13.0260 0x14f4  [ 7097425051CE67B450EBF2B1390AE492, 45354BA04E383B65D13A073F63EA5EA185D8B0C1E208B6671ED8EBC64711D109 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
15:35:13.0260 0x14f4  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
15:35:13.0266 0x14f4  [ 972C3301DB3DA91AE06A95F6B4160B1B, 678B533A06C306295FE97DC26CE9BAFFC8EAF1FB7405ACB040719099717744D5 ] C:\Windows\System32\certCredProvider.dll
15:35:13.0266 0x14f4  C:\Windows\System32\certCredProvider.dll - ok
15:35:13.0272 0x14f4  [ 87FA0C48C3B2E9FEE518818FE26B15B5, DA4042DE9897397AEDCEFF9F69746726237305DDE64464309B6DCC45E05E42F4 ] C:\Windows\System32\rasplap.dll
15:35:13.0272 0x14f4  C:\Windows\System32\rasplap.dll - ok
15:35:13.0278 0x14f4  [ 019CD868461B646E09BDF04474C19341, 01837EFACB02E52BC6E90C90C4CB01B11D56E449A37EA4FC2695507FF85EA9FE ] C:\Windows\System32\rasapi32.dll
15:35:13.0278 0x14f4  C:\Windows\System32\rasapi32.dll - ok
15:35:13.0284 0x14f4  [ B28DEEC597C8DEB70C744C7CF9210E3E, E777F192D822990CA6301B3FEA2AEA213FA7901438EB3328914ADF02B6C39DB9 ] C:\Windows\System32\rasman.dll
15:35:13.0284 0x14f4  C:\Windows\System32\rasman.dll - ok
15:35:13.0290 0x14f4  [ B53C4B69B695EDA1B7E41D35CA4244E2, 3D98E9B263CADA576E4057E059AFC867F6E3F1001F3B73C8BCF9066763A45D9D ] C:\Windows\System32\rtutils.dll
15:35:13.0290 0x14f4  C:\Windows\System32\rtutils.dll - ok
15:35:13.0296 0x14f4  [ 9BC8610C32C96A2983A65DC21CAFA921, 2A4195F663C9D55939E3D8FEAA208090FDB0B8801A60164A7325B53104797CBC ] C:\Windows\System32\UXInit.dll
15:35:13.0296 0x14f4  C:\Windows\System32\UXInit.dll - ok
15:35:13.0303 0x14f4  [ CF636C92B762B26F0B39B38E92380A09, F7B8B0EA4536CE3BA33EE1BD0783F6AAD8C0EF69714E874D4A30B720A04C7A18 ] C:\Windows\System32\oleacc.dll
15:35:13.0303 0x14f4  C:\Windows\System32\oleacc.dll - ok
15:35:13.0309 0x14f4  [ 019BDD35DE269CB98B22DE8923C2AA3B, 68B216D5331B128CF1BCB3A3F82FD85B119FFDBCB796C907461CDD6248995817 ] C:\Windows\System32\UIAutomationCore.dll
15:35:13.0309 0x14f4  C:\Windows\System32\UIAutomationCore.dll - ok
15:35:13.0315 0x14f4  [ 0015ACFBBDD164A8A730009908868CA7, E1FF243AD2CF959FAB81EFE701592414991C03416FF296ADC93906E76B707C4D ] C:\Windows\System32\winspool.drv
15:35:13.0315 0x14f4  C:\Windows\System32\winspool.drv - ok
15:35:13.0321 0x14f4  [ 263E9A047D17CD50BAA9D3C02910D18D, F526648358AD121001D2776E0ACC333EC4AC168CA07B40A3D3C06C5CE6A361C3 ] C:\Windows\System32\oledlg.dll
15:35:13.0321 0x14f4  C:\Windows\System32\oledlg.dll - ok
15:35:13.0327 0x14f4  [ 2B81776DA02017A37FE26C662827470E, A656353C50EE08422145D00DB9CFD9F6D3E664753B3C454B171E2A56A8AA94DC ] C:\Windows\System32\IPHLPAPI.DLL
15:35:13.0327 0x14f4  C:\Windows\System32\IPHLPAPI.DLL - ok
15:35:13.0334 0x14f4  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] C:\Windows\System32\lmhsvc.dll
15:35:13.0334 0x14f4  C:\Windows\System32\lmhsvc.dll - ok
15:35:13.0340 0x14f4  [ CA2A0750ED830678997695FF61B04C30, E84860CD97AA3C4565ABB2D5D406A5C42B1AD2D8BA1B8CF81FE564D91F15F976 ] C:\Windows\System32\midimap.dll
15:35:13.0340 0x14f4  C:\Windows\System32\midimap.dll - ok
15:35:13.0346 0x14f4  [ 10AC5CE9F78DC281A1BBD9B8CC587B8A, 72288C0A88916D3C3828DBD948DBDB0928F26106319F8E60102D6C9004514D60 ] C:\Windows\System32\msacm32.dll
15:35:13.0346 0x14f4  C:\Windows\System32\msacm32.dll - ok
15:35:13.0352 0x14f4  [ 1B7C3A37362C7B2890168C5FC61C8D9B, 03727930E5BB5F9D91BAB901FC9A2E3B795D68E2AEE6A2CC3477F356C45A9C54 ] C:\Windows\System32\msacm32.drv
15:35:13.0352 0x14f4  C:\Windows\System32\msacm32.drv - ok
15:35:13.0356 0x14f4  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] C:\Windows\System32\nsisvc.dll
15:35:13.0356 0x14f4  C:\Windows\System32\nsisvc.dll - ok
15:35:13.0362 0x14f4  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] C:\Windows\System32\MPSSVC.dll
15:35:13.0362 0x14f4  C:\Windows\System32\MPSSVC.dll - ok
15:35:13.0368 0x14f4  [ B73A6E4B319AFFE64582AC5C1801BB3F, 274EEA0743DC659180E691654CBB17136E9E9D83B07E302B47EA5B103EA57710 ] C:\Windows\System32\nrpsrv.dll
15:35:13.0368 0x14f4  C:\Windows\System32\nrpsrv.dll - ok
15:35:13.0374 0x14f4  [ 4C9210E8F4E052F6A4EB87716DA0C24C, 460F7990BDADB7D58D6DC95B094D30A2EFDC4CEED444B18A2F36E8D9076FB8B9 ] C:\Windows\System32\winnsi.dll
15:35:13.0374 0x14f4  C:\Windows\System32\winnsi.dll - ok
15:35:13.0380 0x14f4  [ 6C00E1F758D1E728951FAB15A3DF8418, 16967F098271BA3E6C969D1566CA883CA948216660F9D04ABAD2D10BEB66D9DF ] C:\Windows\System32\RtkCfg64.dll
15:35:13.0380 0x14f4  C:\Windows\System32\RtkCfg64.dll - ok
15:35:13.0386 0x14f4  [ 50544D04AD845C43130B70212EC05CCD, B2E6B558DE7D273512226685FF53ED17C9B4BF81B739FBCA5D3FC82DF8D2BCF7 ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
15:35:13.0387 0x14f4  C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
15:35:13.0394 0x14f4  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] C:\Windows\System32\dhcpcore.dll
15:35:13.0394 0x14f4  C:\Windows\System32\dhcpcore.dll - ok
15:35:13.0399 0x14f4  [ F52F260F8EE5F85E7A17A23A0D9C7854, B80ECA0693D42B3E16C7507F92B0E2AD75B2459EEF6AAFA02638E1A6D2FE53E9 ] C:\Windows\System32\RtkAPO64.dll
15:35:13.0399 0x14f4  C:\Windows\System32\RtkAPO64.dll - ok
15:35:13.0405 0x14f4  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] C:\Windows\System32\dnsrslvr.dll
15:35:13.0405 0x14f4  C:\Windows\System32\dnsrslvr.dll - ok
15:35:13.0411 0x14f4  [ 87356377F31DA5F20A833811CD59499C, 4FEC1FD3AC4E4E34DCBC0109B248952604F438C84B1604EB9E2359FA721E23C4 ] C:\Windows\System32\eapphost.dll
15:35:13.0411 0x14f4  C:\Windows\System32\eapphost.dll - ok
15:35:13.0418 0x14f4  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] C:\Windows\System32\eapsvc.dll
15:35:13.0418 0x14f4  C:\Windows\System32\eapsvc.dll - ok
15:35:13.0423 0x14f4  [ F9EC845C5EECF20E9A67F9F805F2EF1F, C3DBA8CF93DBF50954B1BF6D7EF3F6F5DD1A56DC62B7EB2749C54D9B65D9BB43 ] C:\Windows\System32\keyiso.dll
15:35:13.0423 0x14f4  C:\Windows\System32\keyiso.dll - ok
15:35:13.0429 0x14f4  [ 0040C486584A8E582C861CFB57AB5387, 5EE17B55CB702D14AE75B19226DE21CD2498BDA6C6EF5872FDB8A718F401FED1 ] C:\Windows\System32\FWPUCLNT.DLL
15:35:13.0429 0x14f4  C:\Windows\System32\FWPUCLNT.DLL - ok
15:35:13.0436 0x14f4  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] C:\Windows\System32\drivers\fltMgr.sys
15:35:13.0436 0x14f4  C:\Windows\System32\drivers\fltMgr.sys - ok
15:35:13.0442 0x14f4  [ 9FCA3A84338ADEF2AFF67CDA46EF8539, 087DF72096852AE98C56990EE6E68835BE95E7E49ECDDE8B54DAC11C9E07FE94 ] C:\Windows\System32\umb.dll
15:35:13.0442 0x14f4  C:\Windows\System32\umb.dll - ok
15:35:13.0448 0x14f4  [ 3C06D5A929B798D0B13F6481242A0FD2, CE6127A31AB09E21A912CA16E4BDF663E9D05C254CCF9090A8B5A9A2E055EFF3 ] C:\Windows\System32\dhcpcsvc6.dll
15:35:13.0448 0x14f4  C:\Windows\System32\dhcpcsvc6.dll - ok
15:35:13.0454 0x14f4  [ 885D0942E0F28DB90919BE3129ECF279, 5A10D90EE656ECE3DCA174D6F924641509819FC20CB6EF46B5E1723E52DE85BE ] C:\Windows\System32\dnsext.dll
15:35:13.0454 0x14f4  C:\Windows\System32\dnsext.dll - ok
15:35:13.0460 0x14f4  [ 3CC16A849E6092E43909F48EF0E60306, 610B576654A69415E4F2FEDB6BA384C77715944E4F89BD2821B311968CA8D810 ] C:\Windows\System32\dhcpcore6.dll
15:35:13.0460 0x14f4  C:\Windows\System32\dhcpcore6.dll - ok
15:35:13.0467 0x14f4  [ A3DB3C17EE6CAE65D53602B4E80BCCBC, D802A7C6161F937DC42A6E45FE1BB2C8272819F92C294C180EBCDF8FF72CBFDC ] C:\Windows\System32\PSHED.DLL
15:35:13.0467 0x14f4  C:\Windows\System32\PSHED.DLL - ok
15:35:13.0473 0x14f4  [ F568F7C08458D69E4FCD8675BBB107E4, A5FA25ECF248999A68CCECFBB508BFA1ADD18A23E20A9A9081A87C41CAAA36C0 ] C:\Windows\System32\dhcpcsvc.dll
15:35:13.0473 0x14f4  C:\Windows\System32\dhcpcsvc.dll - ok
15:35:13.0479 0x14f4  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] C:\Windows\System32\provsvc.dll
15:35:13.0479 0x14f4  C:\Windows\System32\provsvc.dll - ok
15:35:13.0485 0x14f4  [ B0945E538CF906BBDDC5A11C8EE868CC, 5F3459F6512918835F7C9400905EC7C1FAEAA7114E0D28C522040C359E3B93F7 ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
15:35:13.0486 0x14f4  C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
15:35:13.0492 0x14f4  [ ADF703173D3209E52A36BA8581172C32, 5BE12BF02790FC6F34A1E4A66C2A9414E28876454377C325414A36EE2432E3E0 ] C:\Windows\System32\RtkHDM64.dll
15:35:13.0492 0x14f4  C:\Windows\System32\RtkHDM64.dll - ok
15:35:13.0498 0x14f4  [ A648C4A06DE367065B24056D067B4460, 2412487D65A833DDD9AB17D039515CC08DA22D006259EC4B03E42475FAFFD2AD ] C:\Windows\System32\wlanmsm.dll
15:35:13.0498 0x14f4  C:\Windows\System32\wlanmsm.dll - ok
15:35:13.0504 0x14f4  [ 06A1386B6E3A0CBC368665C1840906F4, C10BCA5092A0B3F9435CE4D65C7449528C89F5C5243B410878D2EBF516DA2FB2 ] C:\Windows\System32\wlansec.dll
15:35:13.0504 0x14f4  C:\Windows\System32\wlansec.dll - ok
15:35:13.0510 0x14f4  [ 73FCB7919DEE80EE556F2E498594EBAE, D0F7A0AD3BC33263E9C2CF9787DD326436F9E0C9F5031D769F8A43C64C08A762 ] C:\Windows\System32\onex.dll
15:35:13.0510 0x14f4  C:\Windows\System32\onex.dll - ok
15:35:13.0516 0x14f4  [ 65522E77A1360DBC8D199DA3BF5EFFE4, E9D748070FA478A3D37F15049F998D340885C0DC5FCE03BFCE5D521C9EBA7350 ] C:\Windows\System32\eappprxy.dll
15:35:13.0516 0x14f4  C:\Windows\System32\eappprxy.dll - ok
15:35:13.0522 0x14f4  [ 0D753307D274F3688BD21C377B616700, 5DD08E77A11F2561FB96BA212FDDFE21D4394C69C34C3EB88F7F5CD068EE55BF ] C:\Windows\System32\eappcfg.dll
15:35:13.0522 0x14f4  C:\Windows\System32\eappcfg.dll - ok
15:35:13.0528 0x14f4  [ 730BF204A595D5B6D7DC57A247CC741C, 264C6901F4A49B738BBD04BCA1783DEE892885BADE9085B0AEA40BAE7CC0A218 ] C:\Windows\System32\wlgpclnt.dll
15:35:13.0528 0x14f4  C:\Windows\System32\wlgpclnt.dll - ok
15:35:13.0535 0x14f4  [ 97E43F324BE1503CB2FFB058534688DA, 50C781DF38D0D38C9A5420AB1FFF8672DC13FD1ED8E9F5432B4BA3077A7435D5 ] C:\Windows\System32\l2gpstore.dll
15:35:13.0535 0x14f4  C:\Windows\System32\l2gpstore.dll - ok
15:35:13.0541 0x14f4  [ 7F1B4C6FF3B85F9ADF74055187B8A22C, CC95DA5662638AACBE9643DCB236464C2C2095A8D5CDC8A747045870BE9D0E7D ] C:\Windows\System32\wlanutil.dll
15:35:13.0541 0x14f4  C:\Windows\System32\wlanutil.dll - ok
15:35:13.0547 0x14f4  [ 7D5645EE0EA77D539828433D9B95F5EB, EEF81E9B2205FC456DB6095AD0AEAB38BB131D3BCD090EA6CD91D5568ACAFB7F ] C:\Windows\System32\WinSCard.dll
15:35:13.0547 0x14f4  C:\Windows\System32\WinSCard.dll - ok
15:35:13.0553 0x14f4  [ 99B91C5D2FCEF218CAD3600ECB62A799, E28F2903F86D39C5A69B5F89CCD6594E93A1BF1E4ACD613A0F2E2348DFA88D65 ] C:\Windows\System32\msxml6.dll
15:35:13.0553 0x14f4  C:\Windows\System32\msxml6.dll - ok
15:35:13.0559 0x14f4  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] C:\Windows\System32\shsvcs.dll
15:35:13.0559 0x14f4  C:\Windows\System32\shsvcs.dll - ok
15:35:13.0565 0x14f4  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] C:\Windows\System32\schedsvc.dll
15:35:13.0565 0x14f4  C:\Windows\System32\schedsvc.dll - ok
15:35:13.0572 0x14f4  [ BC414631876B2F28B8DAB08E849C12C5, 5973654AA3E90E6B699B0A43F645B893D95BAA803129B6967D746C8239AB26E3 ] C:\Windows\System32\ktmw32.dll
15:35:13.0572 0x14f4  C:\Windows\System32\ktmw32.dll - ok
15:35:13.0581 0x14f4  [ 5EDBB34736DD7AC1A73CF8792A835E10, 15E87C449AAF2095273341DD9355D8DF2690340D1DEFAF0DFF034F1CDF4316F8 ] C:\Windows\System32\AudioEng.dll
15:35:13.0581 0x14f4  C:\Windows\System32\AudioEng.dll - ok
15:35:13.0589 0x14f4  [ C1395286B822E306B4FE1568A8A77813, 0642B6C793BE0EED5E7D1D2533FC5A01417C50040FC60A8E89BD97CE4A119388 ] C:\Windows\System32\AUDIOKSE.dll
15:35:13.0589 0x14f4  C:\Windows\System32\AUDIOKSE.dll - ok
15:35:13.0594 0x14f4  [ 945E54F23C72D37B8CD1987AF0DB63BF, C2B217C94DBCA0A31ED834B9D492B53B25B235DDD02B1D1200E76609D32772EA ] C:\Windows\System32\fveapi.dll
15:35:13.0594 0x14f4  C:\Windows\System32\fveapi.dll - ok
15:35:13.0600 0x14f4  [ 891ECFD08E2C538B7948CBC45106D697, 628D0D618FF3A70E9FBE3B2C7206C9365ED2297784A5F10FFA05BD2C56657013 ] C:\Windows\System32\fvecerts.dll
15:35:13.0600 0x14f4  C:\Windows\System32\fvecerts.dll - ok
15:35:13.0603 0x14f4  [ 694865362F0965779F92BCFE97712323, 825EB75E37AFE9B738869FB5D95020D4F44AD419C2F6C5A658F82A5242FDEF6C ] C:\Windows\System32\tbs.dll
15:35:13.0604 0x14f4  C:\Windows\System32\tbs.dll - ok
15:35:13.0609 0x14f4  [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7, 4BC5A1279885EEFBEB27333AF719622A5FCDD9606697692C1978E434CE264D80 ] C:\Windows\System32\taskcomp.dll
15:35:13.0610 0x14f4  C:\Windows\System32\taskcomp.dll - ok
15:35:13.0616 0x14f4  [ 4DAEF13323C2AC77A6C17CAB27679536, E7A33EC4EA000848E4E54E1A481EC3F46A6948AE3B4C0CE39826EE0920D0D7A5 ] C:\Windows\System32\atieclxx.exe
15:35:13.0616 0x14f4  C:\Windows\System32\atieclxx.exe - ok
15:35:13.0622 0x14f4  [ 36A187DE5E8FD896409F071411D2B211, B1180A1B109210FA860B7BB0585D73D0ADE2AC9347121395A8F5E4DDFBF34F0F ] C:\Windows\System32\atiadlxx.dll
15:35:13.0622 0x14f4  C:\Windows\System32\atiadlxx.dll - ok
15:35:13.0628 0x14f4  [ 8269210DAF3B12BC8300631B28A2A442, EABEB792C2EA8D4A1A7B13281CF557C194D5667AE0BA2A2D5664908D8269113D ] C:\Windows\System32\wiarpc.dll
15:35:13.0628 0x14f4  C:\Windows\System32\wiarpc.dll - ok
15:35:13.0634 0x14f4  [ 5DA343389DCE09243F104AA1E8C67DF6, DD1CE197FFC4A15CDF248CD7BABDC13E6934B685B6CE7138843E2A3E36FE5CC4 ] C:\Windows\System32\atimuixx.dll
15:35:13.0634 0x14f4  C:\Windows\System32\atimuixx.dll - ok
15:35:13.0640 0x14f4  [ 5AA945234E9D4CCE4F715276B9AA712C, 65165BD131056816F009D987FC78AC86FFE0C3C38A27E73F873586B7FF4D59CF ] C:\Windows\System32\imageres.dll
15:35:13.0640 0x14f4  C:\Windows\System32\imageres.dll - ok
15:35:13.0650 0x14f4  [ 6F3C559B82F2912354BE5B098744CC8C, EB64E5C02C81588921A65194E1256E80699A1317E7D9A57395CD38C2639C8B08 ] C:\Windows\System32\WMALFXGFXDSP.dll
15:35:13.0650 0x14f4  C:\Windows\System32\WMALFXGFXDSP.dll - ok
15:35:13.0657 0x14f4  [ 54B5DCD55B223BC5DF50B82E1E9E86B1, 025294DD69A421FE4EACAA463F8CB797610D8F3A7A3C61656AE83D0CEE07A9BF ] C:\Windows\System32\mfplat.dll
15:35:13.0657 0x14f4  C:\Windows\System32\mfplat.dll - ok
15:35:13.0661 0x14f4  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] C:\Windows\System32\drivers\http.sys
15:35:13.0661 0x14f4  C:\Windows\System32\drivers\http.sys - ok
15:35:13.0667 0x14f4  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] C:\Windows\System32\spoolsv.exe
15:35:13.0667 0x14f4  C:\Windows\System32\spoolsv.exe - ok
15:35:13.0673 0x14f4  [ 03706015DB44368375AEBE6339490E66, 02EB28B5156E320C1EBABC03D37E94EB770A721B99E1DD276F8DC2A50D76C381 ] C:\Windows\System32\netcfgx.dll
15:35:13.0673 0x14f4  C:\Windows\System32\netcfgx.dll - ok
15:35:13.0679 0x14f4  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] C:\Windows\System32\BFE.DLL
15:35:13.0679 0x14f4  C:\Windows\System32\BFE.DLL - ok
15:35:13.0686 0x14f4  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] C:\Windows\System32\drivers\bowser.sys
15:35:13.0686 0x14f4  C:\Windows\System32\drivers\bowser.sys - ok
15:35:13.0692 0x14f4  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] C:\Windows\System32\drivers\mpsdrv.sys
15:35:13.0692 0x14f4  C:\Windows\System32\drivers\mpsdrv.sys - ok
15:35:13.0698 0x14f4  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] C:\Windows\System32\drivers\mrxsmb.sys
15:35:13.0699 0x14f4  C:\Windows\System32\drivers\mrxsmb.sys - ok
15:35:13.0705 0x14f4  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] C:\Windows\System32\drivers\mrxsmb10.sys
15:35:13.0705 0x14f4  C:\Windows\System32\drivers\mrxsmb10.sys - ok
15:35:13.0711 0x14f4  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] C:\Windows\System32\drivers\mrxsmb20.sys
15:35:13.0711 0x14f4  C:\Windows\System32\drivers\mrxsmb20.sys - ok
15:35:13.0717 0x14f4  [ C67F8A962B2534224D5908D16D2AD3CE, CAC1821F5E867285638AEE7AE33CE574BCCF16277AC5AD805650B48F7759B4B4 ] C:\Windows\System32\wfapigp.dll
15:35:13.0717 0x14f4  C:\Windows\System32\wfapigp.dll - ok
15:35:13.0723 0x14f4  [ 1834B31C749B86DAC233BBBA1C03BC48, 27FCA9196842C0BB53CCAD895870A0EB10D2F8ED67E5486A4437067BD4BC4448 ] C:\Windows\System32\mscms.dll
15:35:13.0723 0x14f4  C:\Windows\System32\mscms.dll - ok
15:35:13.0729 0x14f4  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] C:\Windows\System32\pcasvc.dll
15:35:13.0729 0x14f4  C:\Windows\System32\pcasvc.dll - ok
15:35:13.0736 0x14f4  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] C:\Windows\System32\snmptrap.exe
15:35:13.0736 0x14f4  C:\Windows\System32\snmptrap.exe - ok
15:35:13.0742 0x14f4  [ 10EAB90C1AE8271B5FE5A8930987EE5C, 53E72964AA75526B161F859A509CB046809AE47C65DC998F0E49AC8AED9066EA ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll
15:35:13.0742 0x14f4  C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok
15:35:13.0749 0x14f4  [ 7C00C608FE4C8EDE9E30940837B9AC8B, 3F85DE6487722960E8ED71B23EE0535FA2C07B2FA7ABFE4DEB1B35DCE5E44642 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
15:35:13.0749 0x14f4  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
15:35:13.0755 0x14f4  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] C:\Windows\System32\wkssvc.dll
15:35:13.0755 0x14f4  C:\Windows\System32\wkssvc.dll - ok
15:35:13.0762 0x14f4  [ 83415782D47F8064FCAFEA308ABB2246, 24D407FFF78EB48A440E4929918C92AEF6F5CF8170A14019C22D36B30BB01A23 ] C:\Program Files\Lenovo\HOTKEY\tphkload.exe
15:35:13.0762 0x14f4  C:\Program Files\Lenovo\HOTKEY\tphkload.exe - ok
15:35:13.0768 0x14f4  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] C:\Windows\System32\sstpsvc.dll
15:35:13.0768 0x14f4  C:\Windows\System32\sstpsvc.dll - ok
15:35:13.0774 0x14f4  [ C04BB65441913AB621C58A8BD3169B23, 2EC3DD6A154CA9751F560960F5CD9659C8EFF7DF57505A165AFBB0EF45137082 ] C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
15:35:13.0774 0x14f4  C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe - ok
15:35:13.0780 0x14f4  [ 749584902AE80A53EFDA4F8FA03E1713, D82049156621BC18787FB0746B2CA0A7C78E3AB75D4318DB92795F0A781792F1 ] C:\Windows\System32\atibtmon.exe
15:35:13.0781 0x14f4  C:\Windows\System32\atibtmon.exe - ok
15:35:13.0787 0x14f4  [ A2B0924D50F4435FD389499047CE553A, 8D16D5CAAD71AAAAA1479F8477D2928B66581C79932A49A21EDF93DB2803AB9C ] C:\Windows\SysWOW64\ntdll.dll
15:35:13.0787 0x14f4  C:\Windows\SysWOW64\ntdll.dll - ok
15:35:13.0793 0x14f4  [ 70833F5A59F65908698093889C34BCA2, 25777B910664827FC5C8258E4956CC936E0A1E42A9C7F2F390A83025E685D728 ] C:\Windows\System32\wow64.dll
15:35:13.0793 0x14f4  C:\Windows\System32\wow64.dll - ok
15:35:13.0799 0x14f4  [ 5674E21E82CFBEA36DDAD5DB285D6DBC, FBD2AC69D3E66E39651C5F2C88C0087EDC3CD1FD999FC2A574C97E9DDF2C1441 ] C:\Windows\System32\wow64win.dll
15:35:13.0799 0x14f4  C:\Windows\System32\wow64win.dll - ok
15:35:13.0805 0x14f4  [ 3EE3AA76D8AB6D5644C4C8F34471CEB3, FCF173B0A324FA4780824CBD8C8FE4E402F27EACF1A41AAFEA636FA0B3AE7B35 ] C:\Windows\System32\wow64cpu.dll
15:35:13.0805 0x14f4  C:\Windows\System32\wow64cpu.dll - ok
15:35:13.0811 0x14f4  [ 365A5034093AD9E04F433046C4CDF6AB, 5D5B30A883B273D59C6C64286E0BA79DA0BDF1B7EBC791278248A9196701DDDF ] C:\Windows\SysWOW64\kernel32.dll
15:35:13.0811 0x14f4  C:\Windows\SysWOW64\kernel32.dll - ok
15:35:13.0818 0x14f4  [ D67472125471784DE7147946EDA25FEB, F41960118F412B6CA5E80AE5E8DB9AECDD043A7DB34388FF57C6F9C5A0056F91 ] C:\Windows\SysWOW64\advapi32.dll
15:35:13.0818 0x14f4  C:\Windows\SysWOW64\advapi32.dll - ok
15:35:13.0824 0x14f4  [ 1B7343C3765638D4D17CB925F84F8ABE, FDD4F8B409A6C6870C56BBCDCD07902D825FCB13ABB316FD804B6AAAF996600B ] C:\Windows\SysWOW64\KernelBase.dll
15:35:13.0824 0x14f4  C:\Windows\SysWOW64\KernelBase.dll - ok
15:35:13.0830 0x14f4  [ D1BBE227367ED791D5FCF08E132D2956, 34349B7FB46BB89D59CC9CC6CD3F790870AB96642254C0374D97AFAC6121B945 ] C:\Windows\SysWOW64\opengl32.dll
15:35:13.0830 0x14f4  C:\Windows\SysWOW64\opengl32.dll - ok
15:35:13.0836 0x14f4  [ 9DC80A8AAAAAC397BDAB3C67165A824E, 051636BFDFF7AB0E4191354E846BD0DACCA1A01FCC13C1AFED91D8DBFE17127A ] C:\Windows\SysWOW64\msvcrt.dll
15:35:13.0837 0x14f4  C:\Windows\SysWOW64\msvcrt.dll - ok
15:35:13.0842 0x14f4  [ CFC97F07904067A1E5FAE195D534DA3A, EB4D2D127312EB09E2ACCA3276779E80F90FAF77322684BABF72B8EC6E1F906C ] C:\Windows\SysWOW64\sechost.dll
15:35:13.0842 0x14f4  C:\Windows\SysWOW64\sechost.dll - ok
15:35:13.0849 0x14f4  [ 4DC999CED9429939D75682EBD7D48901, 4E2DB6E4C500980488010AF1125A73D0F958889379F05DB304A220B4BB2D1834 ] C:\Windows\SysWOW64\rpcrt4.dll
15:35:13.0849 0x14f4  C:\Windows\SysWOW64\rpcrt4.dll - ok
15:35:13.0855 0x14f4  [ F08F6FCD09F9BE94C37ACC1B344685FF, DE48D766258B46EFEAB16579421C4BD97ACC6883F782D00E9857F4A0CE7E8A34 ] C:\Windows\SysWOW64\cryptbase.dll
15:35:13.0855 0x14f4  C:\Windows\SysWOW64\cryptbase.dll - ok
15:35:13.0859 0x14f4  [ D6D3AD7BF1D6F6CE9547613ED5E170A2, EA3BD7FEC193A8CFE1D5736301ACADC476FB6AAC5475A45776D0A638E9845445 ] C:\Windows\SysWOW64\gdi32.dll
15:35:13.0859 0x14f4  C:\Windows\SysWOW64\gdi32.dll - ok
15:35:13.0867 0x14f4  [ EDA7AD21DF8945528F01F0A86D69E524, 8FF2CC12AF30F1DC367ABD19FA9CB0F42EC6EE820F6E755BEFCEFE952C22E2F6 ] C:\Windows\SysWOW64\sspicli.dll
15:35:13.0867 0x14f4  C:\Windows\SysWOW64\sspicli.dll - ok
15:35:13.0872 0x14f4  [ E02781D4871844DCD30DF1D69A650F78, DC77302F06CD6CF7FC2C3B0F433A4AE41DF869B9F342C0656CCD8A125B3D3318 ] C:\Windows\SysWOW64\shell32.dll
15:35:13.0872 0x14f4  C:\Windows\SysWOW64\shell32.dll - ok
15:35:13.0880 0x14f4  [ 6A6B2EE4565A178035BE2A4FF6F2C968, E2E231F1C2E2CE19583483ACC53318651FA7CA2DE46BCB89B4CBF97CA0525122 ] C:\Windows\SysWOW64\wtsapi32.dll
15:35:13.0881 0x14f4  C:\Windows\SysWOW64\wtsapi32.dll - ok
15:35:13.0885 0x14f4  [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3, 01EB95FA3943CF3C6B1A21E473A5C3CB9FCBCE46913B15C96CAC14E4F04075B4 ] C:\Windows\SysWOW64\user32.dll
15:35:13.0885 0x14f4  C:\Windows\SysWOW64\user32.dll - ok
15:35:13.0892 0x14f4  [ CC23295DA8F7B5C53F93804D2F5D30EB, B290D96C40FBA934DE6CFF82D9BBA6780922CC5012C61599BD5006DAEDC82DDB ] C:\Windows\SysWOW64\lpk.dll
15:35:13.0892 0x14f4  C:\Windows\SysWOW64\lpk.dll - ok
15:35:13.0898 0x14f4  [ B7230010D97787AF3D25E4C82F2B06B9, C795E9811CD461F8E98D1738667EB0C265A57065EA3420CE596D5038E7430C1E ] C:\Windows\SysWOW64\usp10.dll
15:35:13.0898 0x14f4  C:\Windows\SysWOW64\usp10.dll - ok
15:35:13.0904 0x14f4  [ DE3897365B04C4DA1CF8FF725577C082, 44703E2D6C7219714C929D8ED096C8E044A3EDCA73198870A5CC4EF5CE16C397 ] C:\Windows\SysWOW64\glu32.dll
15:35:13.0904 0x14f4  C:\Windows\SysWOW64\glu32.dll - ok
15:35:13.0910 0x14f4  [ 198552AEFECA69D646867EC8D792DE95, 6978D5205387391748EE7E9FACF1AE607C37FBFD83B77CB632DD772F8D71A165 ] C:\Windows\SysWOW64\ddraw.dll
15:35:13.0910 0x14f4  C:\Windows\SysWOW64\ddraw.dll - ok
15:35:13.0917 0x14f4  [ 2342EC9254F4C60CA98441BD65C89E12, 7FDCAEB5D021E291A1C9B94DD4D49913CE363BF94D37518E466DB3DD72C41D05 ] C:\Windows\SysWOW64\dciman32.dll
15:35:13.0917 0x14f4  C:\Windows\SysWOW64\dciman32.dll - ok
15:35:13.0923 0x14f4  [ 10FB16B50AFFDA6D44588F3C445DC273, 6CDA17DA9B44D11E69F7C6682FA633EA75731623BB21B429A0FE2086ED4495A7 ] C:\Windows\SysWOW64\setupapi.dll
15:35:13.0923 0x14f4  C:\Windows\SysWOW64\setupapi.dll - ok
15:35:13.0929 0x14f4  [ F436E847FA799ECD75AD8C313673F450, 3C8BF3F0C08C7FA8DE5CD9C60AD9D00B742E84EB1FEBEEBA0F7159844BAAA471 ] C:\Windows\SysWOW64\cfgmgr32.dll
15:35:13.0929 0x14f4  C:\Windows\SysWOW64\cfgmgr32.dll - ok
15:35:13.0935 0x14f4  [ 6C765E82B57F2E66CE9C54AC238471D9, 97F410023F5C08B4BC5DBF89A642200E76F4025ADD9707C24FD89D673675BB43 ] C:\Windows\SysWOW64\oleaut32.dll
15:35:13.0935 0x14f4  C:\Windows\SysWOW64\oleaut32.dll - ok
15:35:13.0941 0x14f4  [ 928CF7268086631F54C3D8E17238C6DD, F058FAFB04E7EBD5CADE9B48195B7AA7C3508F332A89F5E6E5F3F071E8CADD4A ] C:\Windows\SysWOW64\ole32.dll
15:35:13.0941 0x14f4  C:\Windows\SysWOW64\ole32.dll - ok
15:35:13.0948 0x14f4  [ A24B7F2A3AE43298F7953D4FF0496B03, D1987EED1F563F8B065245F631A6630D9428A047CF6F3CDB37FC8FAC4A537DF5 ] C:\Program Files\Lenovo\HOTKEY\enlpu.dll
15:35:13.0948 0x14f4  C:\Program Files\Lenovo\HOTKEY\enlpu.dll - ok
15:35:13.0954 0x14f4  [ 2EEFF4502F5E13B1BED4A04CCAD64C08, 209FF1B6D46D1AC99518FCF54F2F726143B2DBF2C5FDA90212FBEF7526F7CBF5 ] C:\Windows\SysWOW64\devobj.dll
15:35:13.0954 0x14f4  C:\Windows\SysWOW64\devobj.dll - ok
15:35:13.0960 0x14f4  [ 39C5F32747B3414D1BB216FDB1DEFC58, 6FAE64CB9748304090113903A5AE9E7154BE16BA2EEA7AB3EF04AB9D79B81380 ] C:\Windows\SysWOW64\dwmapi.dll
15:35:13.0960 0x14f4  C:\Windows\SysWOW64\dwmapi.dll - ok
15:35:13.0966 0x14f4  [ A6F09E5669D9A19035F6D942CAA15882, 68C8AF0CC1923E3A7245392F2480EE665D265DF300A609D2540BF7C6D9C1A1BE ] C:\Windows\SysWOW64\imm32.dll
15:35:13.0966 0x14f4  C:\Windows\SysWOW64\imm32.dll - ok
15:35:13.0972 0x14f4  [ C9618BC9B2B0FD7C1138D8774795A79B, 0AC170669C2626519FA7A745C56BFBA6B83B8537488F5B9EB7BA72448E5E7A43 ] C:\Windows\SysWOW64\msctf.dll
15:35:13.0972 0x14f4  C:\Windows\SysWOW64\msctf.dll - ok
15:35:13.0978 0x14f4  [ 275D68C13A4639C851443531761D672E, C5B80E490C1BB03B40A5A7DDE8AE231A58A8C8B6DB7D80FF2E0E5A50845C9E85 ] C:\Windows\SysWOW64\atipdlxx.dll
15:35:13.0978 0x14f4  C:\Windows\SysWOW64\atipdlxx.dll - ok
15:35:13.0984 0x14f4  [ 43964FA89CCF97BA6BE34D69455AC65F, 10E3B89A5470E1BB6F73382135DD2352F5073C1EE8485D7476CFB5122D4AAA2F ] C:\Windows\SysWOW64\uxtheme.dll
15:35:13.0984 0x14f4  C:\Windows\SysWOW64\uxtheme.dll - ok
15:35:13.0990 0x14f4  [ CF829C1C00B9F4F288F5DBF821B507C6, AF523E017CFCA37EE7019976DD4074F539327AD048C16FDDBA4174C0C1A12038 ] C:\Windows\SysWOW64\atiglpxx.dll
15:35:13.0990 0x14f4  C:\Windows\SysWOW64\atiglpxx.dll - ok
15:35:13.0996 0x14f4  [ CDAC4D9A60491F1EFEA59224909DF26E, 7C4134E8DB425A42AA47EEA5863E3C580AE7953E4DE7A8022FEAF4F60AA0644D ] C:\Windows\SysWOW64\atioglxx.dll
15:35:13.0996 0x14f4  C:\Windows\SysWOW64\atioglxx.dll - ok
15:35:14.0003 0x14f4  [ 702254574E7E52052DE39408457B7149, 645CA9E88DA21C63710A04A0F54421018DF415A3D612112C71A255C49325C082 ] C:\Windows\SysWOW64\version.dll
15:35:14.0003 0x14f4  C:\Windows\SysWOW64\version.dll - ok
15:35:14.0009 0x14f4  [ 7FF15A4F092CD4A96055BA69F903E3E9, 1B594E6D057C632ABB3A8CF838157369024BD6B9F515CA8E774B22FE71A11627 ] C:\Windows\SysWOW64\ws2_32.dll
15:35:14.0009 0x14f4  C:\Windows\SysWOW64\ws2_32.dll - ok
15:35:14.0015 0x14f4  [ 6377051C63D5552A311935C67E9FDFDC, 3FB82988AAB66813567E8DB951D4EE87F156201070F005FDBF52EF998A323E65 ] C:\Windows\SysWOW64\nsi.dll
15:35:14.0015 0x14f4  C:\Windows\SysWOW64\nsi.dll - ok
15:35:14.0022 0x14f4  [ 9F01CD4D5FC0498F3AF31C8CC8959874, 389863785D00FC5C422F765D55B606BE7CE0BF7BF47185225EB186798C6F3405 ] C:\Windows\SysWOW64\atigktxx.dll
15:35:14.0022 0x14f4  C:\Windows\SysWOW64\atigktxx.dll - ok
15:35:14.0028 0x14f4  [ C4B30A6DC84444CF5B21685B8C247CCD, 2B68F733965EDF0A41258669AB1440CD3A4605D71DC5E9433602BF3AE8A8C0DB ] C:\Windows\SysWOW64\atiadlxy.dll
15:35:14.0028 0x14f4  C:\Windows\SysWOW64\atiadlxy.dll - ok
15:35:14.0034 0x14f4  [ AE8EB083B050E17A7D6EB5E28AECDDD6, CC57A9AAA9E89A2F15F64C0F23D6CA7F7D0C5CE435DFAB2993A73F42764AC6B3 ] C:\Windows\SysWOW64\crypt32.dll
15:35:14.0035 0x14f4  C:\Windows\SysWOW64\crypt32.dll - ok
15:35:14.0040 0x14f4  [ 68EAAEDF0365168B804E8728368FA946, 1FA25087E8B247B099B729F780DBF24F77FD34F58186A1C94329261CF3D18B8E ] C:\Windows\SysWOW64\wintrust.dll
15:35:14.0040 0x14f4  C:\Windows\SysWOW64\wintrust.dll - ok
15:35:14.0046 0x14f4  [ 938F39B50BAFE13D6F58C7790682C010, 902000EE51EFEABAF6A4B30F880AA37083D2232C6FC622CA513C4A823390FEDA ] C:\Windows\SysWOW64\msasn1.dll
15:35:14.0046 0x14f4  C:\Windows\SysWOW64\msasn1.dll - ok
15:35:14.0053 0x14f4  [ 8CC3C111D653E96F3EA1590891491D71, 1D326D7D116D76876EE2B14A5BFB7B4328E21DB9B5AAAB9CB67F8EFB93924230 ] C:\Windows\SysWOW64\shlwapi.dll
15:35:14.0053 0x14f4  C:\Windows\SysWOW64\shlwapi.dll - ok
15:35:14.0060 0x14f4  [ D15618A0FF8DBC2C5BF3726BACC75A0B, ADD81EA1D208907D67802F0E96EC0327BA89021F870BA22B9C7E3A19013A6AE7 ] C:\Windows\SysWOW64\userenv.dll
15:35:14.0060 0x14f4  C:\Windows\SysWOW64\userenv.dll - ok
15:35:14.0066 0x14f4  [ C733D233B623B7FFCE5031E4B756EE26, 33CC8B140B0E4A9B702E3468BE2646AEE4273F20C6EA5BAC6C3D8FC8EDEF0881 ] C:\Windows\SysWOW64\profapi.dll
15:35:14.0066 0x14f4  C:\Windows\SysWOW64\profapi.dll - ok
15:35:14.0073 0x14f4  [ 7BDE508C03F9E1A7569101F29EFB86E0, AF45AD7A8582664BD48E341F764B43C7689EE7095EB8FD3088C6E55E8F2E183F ] C:\Program Files\Lenovo\HOTKEY\enlpu32.dll
15:35:14.0073 0x14f4  C:\Program Files\Lenovo\HOTKEY\enlpu32.dll - ok
15:35:14.0080 0x14f4  [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:35:14.0080 0x14f4  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
15:35:14.0087 0x14f4  [ 7321F18D1F820612ED0E9F2D4B578A7E, 612BD7DE1DFBD100BD6ACB37A38565D88C39842D990D296B9B8E1FB75C3A94E7 ] C:\Windows\SysWOW64\cryptsp.dll
15:35:14.0087 0x14f4  C:\Windows\SysWOW64\cryptsp.dll - ok
15:35:14.0093 0x14f4  [ ED8EC63F7522DF4852147C84EC62C36A, 75633011CD28DCBD4834211A9D415F17DE15BFCD80FB9FF6CE25CBBD4E9899AF ] C:\Windows\SysWOW64\rsaenh.dll
15:35:14.0093 0x14f4  C:\Windows\SysWOW64\rsaenh.dll - ok
15:35:14.0100 0x14f4  [ B2DB6ABA2E292235749B80A9C3DFA867, 92BCB678E2D0A7A9C15A74B41846D8723B96E37181407C0E8A56C7105659AAF3 ] C:\Windows\SysWOW64\imagehlp.dll
15:35:14.0100 0x14f4  C:\Windows\SysWOW64\imagehlp.dll - ok
15:35:14.0106 0x14f4  [ CDBE9690CF2B8409FACAD94FAC9479C9, 8E7FE1A1F3550C479FFD86A77BC9D10686D47F8727025BB891D8F4F0259354C8 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
15:35:14.0106 0x14f4  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
15:35:14.0110 0x14f4  [ BF6D6ED5FADCEEE885BD0144ECF1BA27, 269EE4B920F16ECAA6838078C984210F7E6997B4A1B7BAEEB11515B8D6AF3575 ] C:\Windows\SysWOW64\ncrypt.dll
15:35:14.0110 0x14f4  C:\Windows\SysWOW64\ncrypt.dll - ok
15:35:14.0116 0x14f4  [ CE71B9119A258EDD0A05B37D7B0F92E3, D9310C5BBFE089B8C81E259C462EC1E6D7A7A87FA59FC1F174ED5C58D409AE7A ] C:\Windows\SysWOW64\bcrypt.dll
15:35:14.0116 0x14f4  C:\Windows\SysWOW64\bcrypt.dll - ok
15:35:14.0123 0x14f4  [ E8449FE262D7406BCB2AC2A45C53EC5F, 6C118C9FB26404D1943824CF3990F36E12986547FFACB7CC0DF975A913065D78 ] C:\Windows\SysWOW64\bcryptprimitives.dll
15:35:14.0123 0x14f4  C:\Windows\SysWOW64\bcryptprimitives.dll - ok
15:35:14.0129 0x14f4  [ 4FE5C6D40664AE07BE5105874357D2ED, 70DD05EE80B77EB2F781E0919885D1BBB1119EA1A8955935AF5AECD05E30F14A ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:35:14.0129 0x14f4  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
15:35:14.0136 0x14f4  [ 1097F3035BAF46CED8B332B3564C5108, C69781683CA963A1335780DABBBC60E2C3CEF0888738D3425D358D12E8D0AF58 ] C:\Windows\SysWOW64\gpapi.dll
15:35:14.0136 0x14f4  C:\Windows\SysWOW64\gpapi.dll - ok
15:35:14.0143 0x14f4  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC, 372AF797353F9335915CD06D4076BAB8410775DCAF2DAC0593197D7C41BBFFB2 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
15:35:14.0143 0x14f4  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
15:35:14.0150 0x14f4  [ 3FD15B4611D9BDA3F8013548C0ECAECA, B47A8D9985D9B71EB870816A0AB2B6403D394CCBDF7DE5378D5721D58D68D28D ] C:\Windows\SysWOW64\ntmarta.dll
15:35:14.0150 0x14f4  C:\Windows\SysWOW64\ntmarta.dll - ok
15:35:14.0156 0x14f4  [ C9564CF4976E7E96B4052737AA2492B4, C3AC989C8489A23BB96400B1856F5325FFC67E844F04651EA5D61BC20A991C6D ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
15:35:14.0156 0x14f4  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
15:35:14.0162 0x14f4  [ A8BB45F9ECAD993461E0FEF8E2A99152, ACB756EA54E71F124D928829666B5B439785593877FF7C0C76ADCF954F4E6C94 ] C:\Windows\SysWOW64\Wldap32.dll
15:35:14.0162 0x14f4  C:\Windows\SysWOW64\Wldap32.dll - ok
15:35:14.0169 0x14f4  [ 418E881201583A3039D81F43E39E6C78, C96AAC161E09BE12815A4E931E65F66DB1A456C03253EF1111AE66F44B1515FF ] C:\Windows\SysWOW64\winsta.dll
15:35:14.0169 0x14f4  C:\Windows\SysWOW64\winsta.dll - ok
15:35:14.0175 0x14f4  [ 848BC9A0BB2361E549FD4C22D7548FB8, 40D1B1DFE64A1FE256DEE7E911CD7D020F945E4E9D05C86609E7FB2880C2E3AA ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
15:35:14.0175 0x14f4  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
15:35:14.0182 0x14f4  [ 64894527838C86454E2F378FF39FA336, 3A380A9677AF622761FB0793B30E112A94FF5ED958463CD736E8F925341CCFA9 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
15:35:14.0182 0x14f4  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
15:35:14.0188 0x14f4  [ 863F793D15B4026B1A5FDECA873D4D84, AF7ABD95BB5467551562F129F03C7AC9D52A021F7E547609F40A80E66932C942 ] C:\Windows\SysWOW64\apphelp.dll
15:35:14.0188 0x14f4  C:\Windows\SysWOW64\apphelp.dll - ok
15:35:14.0196 0x14f4  [ EF8CD3C64EE9C08980D6D06CCCE46C68, 7DC061E0552BE776DC79662364DA1D90A4FF6D795002865DD1B1C3DEB77E4B98 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
15:35:14.0196 0x14f4  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
15:35:14.0201 0x14f4  [ 99641AFB55830D222D8B1BF7D3B47FF0, EDC8C3F599D03AE06FA16C425708D4C25796A893F37301030810459FE5B320B8 ] C:\PROGRA~1\Lenovo\HOTKEY\tpnumlk.exe
15:35:14.0201 0x14f4  C:\PROGRA~1\Lenovo\HOTKEY\tpnumlk.exe - ok
15:35:14.0208 0x14f4  [ 152F8772D5A5CD7883305C3B8D28470E, 8353B56461E889D277B6FB7DBF97D7C60AD11748C0818FBA9D80DCE5D89C6CC4 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
15:35:14.0208 0x14f4  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
15:35:14.0214 0x14f4  [ 78865ABC5F5D13190F8B35BD9044714A, A16E0158129AE76AE459D9424D246C01ECECCC87A27C40D8DB0232330D2F5458 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
15:35:14.0214 0x14f4  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
15:35:14.0221 0x14f4  [ DF13A51A5C591887D2EC6AE64CEED0FA, DFD503AEBCAA056B2B0E669ACA52F6D26F4E6892F2DCFCCD902752C23A621653 ] C:\Windows\SysWOW64\wsock32.dll
15:35:14.0221 0x14f4  C:\Windows\SysWOW64\wsock32.dll - ok
15:35:14.0227 0x14f4  [ FF9831030678C7B6D70BAC00F68F8976, BFA9DA98F93910B8FE09EA06F917AB1F5435FCE9F786EABDF1970E19B2C63FDC ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
15:35:14.0227 0x14f4  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
15:35:14.0233 0x14f4  [ D5AEFAD57C08349A4393D987DF7C715D, C36A45BC2448DF30CD17BD2F8A17FC196FAFB685612CACCEB22DC7B58515C201 ] C:\Windows\SysWOW64\winmm.dll
15:35:14.0234 0x14f4  C:\Windows\SysWOW64\winmm.dll - ok
15:35:14.0240 0x14f4  [ 5A963C340DE1A01BA6E24945CE05D16A, 0CC79B72D03621D6FA4E7A8F3B10125A531C1D19098189671FBE3687E3E70E33 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
15:35:14.0240 0x14f4  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
15:35:14.0247 0x14f4  [ F4BC62990E7E5C29799A895B80FC3177, 57772AB986BA00B3C2730184D94A76E932CA94000119D0E63407F3DF9867238A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
15:35:14.0247 0x14f4  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
15:35:14.0254 0x14f4  [ 149D74E1128A86DC9CFB2851FBEA11EB, 95E2FF3379DEE729089CF85140C4D4C202B7FEFE239024D48DFFD5CB1E7415BC ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
15:35:14.0254 0x14f4  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
15:35:14.0260 0x14f4  [ F6FD367C9EAAEDF90CD7A7952AE0B336, 65DF0688F18EC3DEC27E725DC3A2F0D656F321832BDFA45253C0933620214AAF ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
15:35:14.0260 0x14f4  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
15:35:14.0267 0x14f4  [ 4327CF9A9D0864CA0FFC97FCDA97315A, 90C9B0120998719F8C8B084658C326E1A06BEE9E836A8BDBED17C0FD498DCCE1 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
15:35:14.0267 0x14f4  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
15:35:14.0273 0x14f4  [ 062373995EAE5F0EAC9EAA9192136BFB, 0392D5656BD677C4C5CB74C96E7B85B0867F2535A37950AEC7F5C4A1A70D19AE ] C:\Windows\SysWOW64\dnssd.dll
15:35:14.0273 0x14f4  C:\Windows\SysWOW64\dnssd.dll - ok
15:35:14.0279 0x14f4  [ 2DF7274105329AC0A27718DE705BCDAE, 9B70D765EEC393C64A14BB1CE6EB9161D28BAFE71001111012320474A4FC6AE9 ] C:\Program Files (x86)\Bradford Networks\Persistent Agent\bndaemon.exe
15:35:14.0279 0x14f4  C:\Program Files (x86)\Bradford Networks\Persistent Agent\bndaemon.exe - ok
15:35:14.0286 0x14f4  [ E94C583CDE2348950155F2AF2876F34D, D00C7E0D665E467B712C68A446CC5BE14FDA743A2301878B3CEB72CDD0A8B8E7 ] C:\Windows\SysWOW64\mswsock.dll
15:35:14.0286 0x14f4  C:\Windows\SysWOW64\mswsock.dll - ok
15:35:14.0292 0x14f4  [ EE5C8E27C37B79CB54A2FCEEED2DC262, 0A5E200FD65A491756B951A4A0ED39B88B7B313E97C2BBF3C91AC4C290772BB7 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
15:35:14.0292 0x14f4  C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
15:35:14.0299 0x14f4  [ 24665B221424FFD7B71F0D2C398F2F4F, DFA6264E489CF53B4CACDF0F06BDF2537EFDA252C6DE66EB5E2B9BFC7F17ECD7 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
15:35:14.0299 0x14f4  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
15:35:14.0305 0x14f4  [ E4FEB264B47360B7296AEA4E052F88D8, D2326390D0DD0B871BD4CC6787D8C958738D1B9DF180F31A7DF1075F4CD049BF ] C:\Windows\SysWOW64\wininet.dll
15:35:14.0305 0x14f4  C:\Windows\SysWOW64\wininet.dll - ok
15:35:14.0312 0x14f4  [ 589CBC4989F750E1DA35625AB481CF43, B93E1B8C3775F9C995FD5451C685A06DEFD24AE1DF0DD99D19D5E4B9AC0010F9 ] C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
15:35:14.0312 0x14f4  C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll - ok
15:35:14.0318 0x14f4  [ 6A13B4F3B3F575F1E24B877B9359AABA, 676AD5F8F709D4A9DCE9938D82DEEE329C9A385A6969C169B3DF37AA75F1E4C7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
15:35:14.0318 0x14f4  C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
15:35:14.0325 0x14f4  [ 2E33DFD10F28F86C3FC40EE123CC3904, 57C65671A04EFCA437A69E8E97B2FCA17897EE4608C7DB69F77D44FBD3490B50 ] C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
15:35:14.0325 0x14f4  C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
15:35:14.0331 0x14f4  [ 6951562DC4625EEFC6EACD52AD165866, 44A0B3EA0232D613A5B4115492DF2A7CEF25B35300E6A3E3E50C9544C5D1049E ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
15:35:14.0331 0x14f4  C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
15:35:14.0338 0x14f4  [ 3BE0D923AA45A4DBE091C2D84F0B4FE7, 603EEC55D6F646150FC3F0F2C939CFE434C02FC7A7AB23B1FEC8B5C77E4C8381 ] C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
15:35:14.0338 0x14f4  C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll - ok
15:35:14.0344 0x14f4  [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8, B1A9B2EF000917214C0198958CBD239D1D91B1720EC40DF041262A34D302AD74 ] C:\Windows\SysWOW64\winspool.drv
15:35:14.0344 0x14f4  C:\Windows\SysWOW64\winspool.drv - ok
15:35:14.0350 0x14f4  [ 8E01332CC4B68BC6B5B7EFFE374442AA, A4AD1D2FD3EC2F26949DBBC388F9FFF3713AD7EB4E9220AF817EBB5223E467C6 ] C:\Windows\SysWOW64\oleacc.dll
15:35:14.0351 0x14f4  C:\Windows\SysWOW64\oleacc.dll - ok
15:35:14.0356 0x14f4  [ 122B216B091D06F672CC8D331128FB06, AB2CFCF646785A2B171F81B08B25BABF0B7D9065D45C564B36E97E6A0CAE4744 ] C:\Windows\SysWOW64\iertutil.dll
15:35:14.0357 0x14f4  C:\Windows\SysWOW64\iertutil.dll - ok
15:35:14.0363 0x14f4  [ 2E14406E05789F91C9282AE7CFCA3A07, BDB403FC7EDDF5B3F24F1E8232C6EEFE888C5D72A819567EEA73D0AF7D511095 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
15:35:14.0363 0x14f4  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
15:35:14.0370 0x14f4  [ 2FCA0D2C59A855C54BAFA22AA329DF0F, ED9D26F539065D62FCCEDEEC8E509B30F4D15F8DA586C1F657ACEFE9DABAACD0 ] C:\Windows\SysWOW64\netapi32.dll
15:35:14.0370 0x14f4  C:\Windows\SysWOW64\netapi32.dll - ok
15:35:14.0376 0x14f4  [ 20B3934DB73EABA2B49B7177873CB81F, 492EAC5C51472B43DE11825358AEC4B9E3A081DACFD7513C696D6FE40F302EE5 ] C:\Windows\SysWOW64\netutils.dll
15:35:14.0376 0x14f4  C:\Windows\SysWOW64\netutils.dll - ok
15:35:14.0382 0x14f4  [ 5CCDCD40E732D54E0F7451AC66AC1C87, 66F4DA105BD72E41250CD59E2B3CD931B47AC9FDB6C784B9E33C5EE1AC29841F ] C:\Windows\SysWOW64\srvcli.dll
15:35:14.0382 0x14f4  C:\Windows\SysWOW64\srvcli.dll - ok
15:35:14.0389 0x14f4  [ AF54247F97CCF3539DE7505C09972FF9, AAF2FD5EC083756DAD782E0EB04637E3C2B191E20BFC0707EDED4F36DA88B5A1 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
15:35:14.0389 0x14f4  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
15:35:14.0395 0x14f4  [ A90DC9ABD65DB1A8902F361103029952, 26798758976CE53251AC342B966BE0363AE1794BD965C452F5DEBC33E18969F0 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
15:35:14.0395 0x14f4  C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
15:35:14.0402 0x14f4  [ CFF35B879D1618D42C86644C717BA947, 1837275202628D3320867A3BF8CFDA15491730C4B74215F7C0D7E140BF01AC3C ] C:\Windows\SysWOW64\winnsi.dll
15:35:14.0402 0x14f4  C:\Windows\SysWOW64\winnsi.dll - ok
15:35:14.0408 0x14f4  [ E5A4A1326A02F8E7B59E6C3270CE7202, DCB76016F9AC47E631540874DA208A089F9D529DA9628705A2869B954526BFE0 ] C:\Windows\SysWOW64\wkscli.dll
15:35:14.0408 0x14f4  C:\Windows\SysWOW64\wkscli.dll - ok
15:35:14.0414 0x14f4  [ FF5688D309347F2720911D8796912834, 3B0D73C50D40A6F42629B7750F99F656BF5C1C50237D5F98B6C0F2CE5E2DA359 ] C:\Windows\SysWOW64\clbcatq.dll
15:35:14.0414 0x14f4  C:\Windows\SysWOW64\clbcatq.dll - ok
15:35:14.0425 0x14f4  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] C:\Program Files\Bonjour\mDNSResponder.exe
15:35:14.0425 0x14f4  C:\Program Files\Bonjour\mDNSResponder.exe - ok
15:35:14.0433 0x14f4  [ 3F50200237961034FACE602373838980, F97D72CC75D921CF8F8E0544614407358AEFF97A8F48E4A89F82689EE8F2FC86 ] C:\Windows\SysWOW64\FirewallAPI.dll
15:35:14.0433 0x14f4  C:\Windows\SysWOW64\FirewallAPI.dll - ok
15:35:14.0442 0x14f4  [ 3BBF8D284B830D4385958CE93D348DB4, 2F6025527A4EA04463531F123C0EB41719F678D74777EBCD306F54EB14AB55C6 ] C:\Program Files (x86)\Common Files\BS&A Shared\EmailServer\EmailService.exe
15:35:14.0442 0x14f4  C:\Program Files (x86)\Common Files\BS&A Shared\EmailServer\EmailService.exe - ok
15:35:14.0446 0x14f4  [ D83947A58613E9091B4C9CC0F1546A8D, C71DF6E18E2099FC462717B8658D39C607A62C7E7A1E5CD0E258C17434535AD0 ] C:\Windows\SysWOW64\mscoree.dll
15:35:14.0446 0x14f4  C:\Windows\SysWOW64\mscoree.dll - ok
15:35:14.0452 0x14f4  [ F5DF6846F30E9F54EA60CCAEB3FB2055, 07B71E3AA36F90D3D6B60D56F51A524AC769DFD1233BADB76B65874C7BCC5083 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
15:35:14.0453 0x14f4  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
15:35:14.0459 0x14f4  [ 8BA9851E671E8B5E49E303748FFD530C, A2CBF71C3449BA71739E9E805D2EB9F9242AD9D839AF5B4C4F7ADC00C239FB38 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
15:35:14.0459 0x14f4  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
15:35:14.0465 0x14f4  [ 9A85ABCE0FDD1AF8E79E731EB0B679F3, 2A610BEB16610FE2F2E9A50477A62A05481E8A5843A814955A0EDFF45D0304B3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
15:35:14.0465 0x14f4  C:\Windows\SysWOW64\dhcpcsvc.dll - ok
15:35:14.0472 0x14f4  [ 0BA65122FFA7E37564EE86422DBF7AE8, 3A37FC503D3228D021473AECA285427382518CC36C197E4C9912745BDF3AB757 ] C:\Windows\SysWOW64\nlaapi.dll
15:35:14.0472 0x14f4  C:\Windows\SysWOW64\nlaapi.dll - ok
15:35:14.0478 0x14f4  [ 73862FF693168369A90F046E7F227B83, 938D71674C8856A0F7FE5A096F92D71977F5ABA62374287F49394F25B67713BA ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
15:35:14.0478 0x14f4  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
15:35:14.0485 0x14f4  [ 37B6EBA4E783A0B25F3FE05EF86722CB, 9C1CBA725A2E3EF7DEA9877049966DF75A1D6D68649F69B6027BAA06CDF077FA ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
15:35:14.0485 0x14f4  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
15:35:14.0491 0x14f4  [ 0B7E85364CB878E2AD531DB7B601A9E5, F5AD3018427F1CD68450EE5CB55AA9572546322580E0FB1E7888702A291C2380 ] C:\Windows\SysWOW64\NapiNSP.dll
15:35:14.0491 0x14f4  C:\Windows\SysWOW64\NapiNSP.dll - ok
15:35:14.0497 0x14f4  [ 5CF640EDDB1E40A5AB1BB743BCDEC610, 0313AA3F713C9F5B84DBB0B4DE78A96B173E9F7B4CF61C10FDC7DAE952DB04E5 ] C:\Windows\SysWOW64\pnrpnsp.dll
15:35:14.0497 0x14f4  C:\Windows\SysWOW64\pnrpnsp.dll - ok
15:35:14.0504 0x14f4  [ AC122407B29378FF9646F03404AC7C54, 01F03A11C4419665557C3CB7E712B8AD59B13703115CB10C9F39FBE82D177BE6 ] C:\Windows\SysWOW64\wshbth.dll
15:35:14.0504 0x14f4  C:\Windows\SysWOW64\wshbth.dll - ok
15:35:14.0510 0x14f4  [ 9D4A1690AF93F233E15380398BEC7431, 8CC99491880DBC444651EB7D245EEE46FE77F4FA74FECFCD29E734AA21AF9D75 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
15:35:14.0510 0x14f4  C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
15:35:14.0516 0x14f4  [ A543AC1F7138376D778D630A35FCBC4C, 2D824C66A97FC8C39DAFA397CC47495B712D175EEF393486946DA8936BDD466A ] C:\Windows\SysWOW64\psapi.dll
15:35:14.0516 0x14f4  C:\Windows\SysWOW64\psapi.dll - ok
15:35:14.0523 0x14f4  [ 40947436A70E0034E41123DF5A0A7702, 5D40FD92DA5CA59C1BADB58AD509DB6A6D613F18660A9A270A53ECA85D34C3A9 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
15:35:14.0523 0x14f4  C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
15:35:14.0529 0x14f4  [ B40420876B9288E0A1C8CCA8A84E5DC9, 0D3C73B45BC708D7B1E26DFB6D4F64031A998548FEA0FB5CE198ED716F7DC9A0 ] C:\Windows\SysWOW64\dnsapi.dll
15:35:14.0529 0x14f4  C:\Windows\SysWOW64\dnsapi.dll - ok
15:35:14.0535 0x14f4  [ 5DF5D8CFD9B9573FA3B2C89D9061A240, 990EA273B640DF2D7E800C0CFF18550259C605A4951CD82CD9F1E7B6FF0C9533 ] C:\Windows\SysWOW64\winrnr.dll
15:35:14.0535 0x14f4  C:\Windows\SysWOW64\winrnr.dll - ok
15:35:14.0541 0x14f4  [ 03A03A453F1AAAE0C73AAAF895321C7A, BB46C581347EDA9CAF287E24163A593F07BD723E1C250ADD8E5C46BB349B668C ] C:\Windows\SysWOW64\FWPUCLNT.DLL
15:35:14.0541 0x14f4  C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
15:35:14.0547 0x14f4  [ ED6EE83D61EBC683C2CD8E899EA6FEBE, F82592908D038C44D9F2E5C5B7BC663A2D370FC565F40420E1138A9E55F0E7EB ] C:\Windows\SysWOW64\rasadhlp.dll
15:35:14.0547 0x14f4  C:\Windows\SysWOW64\rasadhlp.dll - ok
15:35:14.0554 0x14f4  [ 33A77D477EF9D7A5C65A950129DF2E47, 4276E3DA2966785530F1538CEA8BA6D8DDA2A0310722679028857AF70AD71A44 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
15:35:14.0554 0x14f4  C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll - ok
15:35:14.0560 0x14f4  [ 09A116FB06C5E362EF8938D29CDAB27B, 887B39388C39FF262FBBE3047FA1F5F47EB649AF3D760865AFE614DE64160D33 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
15:35:14.0560 0x14f4  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
15:35:14.0568 0x14f4  [ D144849E9B48A7DFB942281ED7EDB1C1, 425988980C080FF07DFC4713170BA1049BAB052ADC62CEEF2C85CE83E926C399 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
15:35:14.0568 0x14f4  C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll - ok
15:35:14.0575 0x14f4  [ C390305AC2688E281945D203992A9B44, BFA9D1CA241E88D91B27564C8392BC14D3E28976F521709811DD2074D17253BE ] C:\Program Files (x86)\Common Files\BS&A Shared\EmailServer\BSASoftware.BSAObjects.dll
15:35:14.0575 0x14f4  C:\Program Files (x86)\Common Files\BS&A Shared\EmailServer\BSASoftware.BSAObjects.dll - ok
15:35:14.0582 0x14f4  [ 3AEC3366E299CBCBC3C18CCD62AD6B13, A2F6EC64144A965297273398AFB8F40CE8C1186E019C7A430DCD831AB0D4AC2E ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\c664f44617c6a89edcc171fa8596c89d\System.ServiceProcess.ni.dll
15:35:14.0582 0x14f4  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\c664f44617c6a89edcc171fa8596c89d\System.ServiceProcess.ni.dll - ok
15:35:14.0589 0x14f4  [ 2D589A2C024B2FB238535DB9F7B3597D, 1EB47F73BC890D67A50C72E30BFE139AA1747C88E2FA8029A7382B203C37B512 ] C:\Windows\System32\drivers\DGIVECP.SYS
15:35:14.0589 0x14f4  C:\Windows\System32\drivers\DGIVECP.SYS - ok
15:35:14.0595 0x14f4  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
15:35:14.0595 0x14f4  C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe - ok
15:35:14.0601 0x14f4  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] C:\Windows\System32\cryptsvc.dll
15:35:14.0601 0x14f4  C:\Windows\System32\cryptsvc.dll - ok
15:35:14.0607 0x14f4  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] C:\Windows\System32\dps.dll
15:35:14.0607 0x14f4  C:\Windows\System32\dps.dll - ok
15:35:14.0611 0x14f4  [ 7F8E83B9466A0A002D4AB15C104062A7, D2D64B95079243F04479A7950AFB9DD086C43BF0236E72E74FC45C6945A765E4 ] C:\Windows\System32\efscore.dll
15:35:14.0611 0x14f4  C:\Windows\System32\efscore.dll - ok
15:35:14.0617 0x14f4  [ 0C043B0ABBB5E14E68906AB80365395B, A57A6FAF713EA4F46566A941DE7C2273ED4EB50F9E30B70276E810873AF6900B ] C:\Windows\System32\efssvc.dll
15:35:14.0617 0x14f4  C:\Windows\System32\efssvc.dll - ok
15:35:14.0623 0x14f4  [ A08C010D859F8EB42BDD7E1D55B8CA27, F86EAFBF7AA41D8425156C07398EDC3BD42F1690BD3E15D27AEF2EDA86549F15 ] C:\Windows\System32\mscoree.dll
15:35:14.0623 0x14f4  C:\Windows\System32\mscoree.dll - ok
15:35:14.0631 0x14f4  [ A6B726DCA228F7878E38368A1BDC68BE, 30E8300B09B876E3D4B2A9215C9CC070EADF915E1268F425B6F8E0596A0D3539 ] C:\Windows\System32\cryptnet.dll
15:35:14.0631 0x14f4  C:\Windows\System32\cryptnet.dll - ok
15:35:14.0640 0x14f4  [ 58283053C781AD3A579C95D7765C1FA0, 9F7641C9B5E64797E14A2E307D94E31D6F51A721964BD5CE8CEFF6B523A69DB8 ] C:\Windows\System32\efsutil.dll
15:35:14.0640 0x14f4  C:\Windows\System32\efsutil.dll - ok
15:35:14.0645 0x14f4  [ 0E2F58F6E698EDCB9E58FAD0CBCD0567, 426FB40A065FEF61980C803EF72D0D326C623340C3AE99CA8AFFDEFB81E8D49D ] C:\Windows\System32\vssapi.dll
15:35:14.0646 0x14f4  C:\Windows\System32\vssapi.dll - ok
15:35:14.0651 0x14f4  [ 287923557447D7E4BDD7E65B1F0F5428, 14D85A0F036F28D77AA9723C3D7E8C4DA9BDFF8A1AD9BEA6FE5756DBF5D00F08 ] C:\Windows\System32\vsstrace.dll
15:35:14.0652 0x14f4  C:\Windows\System32\vsstrace.dll - ok
15:35:14.0658 0x14f4  [ AA794B099F776B37ACCDEAD00E0FBFC9, CB6DA7F6A8BB09BBCFCB37E96FBA44F989DD7485535801CB9B6BD7F5A9C838E0 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
15:35:14.0658 0x14f4  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
15:35:14.0664 0x14f4  [ BAAFAF9CEAEC0B73C2A3550A01F6CECB, 018CB95A43CEA2063EA24691C71D51EF60D522C21502ABA8AD93876363D4B857 ] C:\Windows\System32\taskschd.dll
15:35:14.0664 0x14f4  C:\Windows\System32\taskschd.dll - ok
15:35:14.0671 0x14f4  [ C0FAAE8EC1B4760D3D04844F708DA0F0, 190F92877C880A9115DB957755850CE6E81F3F428AB7B6B6BF4EC99668C1DA14 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
15:35:14.0671 0x14f4  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
15:35:14.0678 0x14f4  [ EC6BA7C92FA5B2AA4AFDF4DF22AEDAB7, 690F12C490BEE2BF17AB7B6804E6E9B96F51C304350CCDE80FE5C7EEFA89720E ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll
15:35:14.0678 0x14f4  C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok
15:35:14.0684 0x14f4  [ 7F9C912B2817076DC0C9C129C90D8914, 439197E39E96782723B2894FEB21785139E3AC273DC4E10CC88B27D25FBA4E6F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\88744044294787b99dd4a8704ab75a79\mscorlib.ni.dll
15:35:14.0684 0x14f4  C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\88744044294787b99dd4a8704ab75a79\mscorlib.ni.dll - ok
15:35:14.0691 0x14f4  [ 8A525B8D583D067C5AAAC1AF5F91B89A, D92F558E83463FEEDD105F7D5968EAABA2F1F6C83FEE5F7B4E4913AD5E5CB60C ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\af0a0b96a02f9925eb84392ee65a5cfa\System.ni.dll
15:35:14.0691 0x14f4  C:\Windows\assembly\NativeImages_v2.0.50727_64\System\af0a0b96a02f9925eb84392ee65a5cfa\System.ni.dll - ok
15:35:14.0698 0x14f4  [ 20F79A90C76651A17A9B211BC33743A7, 361F587A07E555A34D94C17CF5C4EF5FBC285929E706D03F8340C92EEF90A344 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\bcdc7d59f3f8ed743115a7e706e6232a\System.ServiceProcess.ni.dll
15:35:14.0698 0x14f4  C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\bcdc7d59f3f8ed743115a7e706e6232a\System.ServiceProcess.ni.dll - ok
15:35:14.0705 0x14f4  [ 1B1431D9520C7578AD5633ED2A70625F, 6852FAC1355CA69226B727A1355D6DA8C0865F5EEDA45D7690701CFED7C542A1 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
15:35:14.0705 0x14f4  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
15:35:14.0711 0x14f4  [ 5C997FB34FBA9CD15637890048F1EB0B, E62EBA0A5900576DAF9EC754AE6CCF0853FC09745C8E5407FA103444F5C19D34 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\fd08d5ddc926ae51bf653620202e8d19\WindowsBase.ni.dll
15:35:14.0711 0x14f4  C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\fd08d5ddc926ae51bf653620202e8d19\WindowsBase.ni.dll - ok
15:35:14.0718 0x14f4  [ 99269DEE97D87DED45D05A3257493D8D, 66CEBA406F0FCDA98D0CC93F880DE1C5CCFA7C9B998B7E8D7823A3FCD42AC42F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\4ea564f9fd06e0fb40a42acf7693b81a\PresentationCore.ni.dll
15:35:14.0718 0x14f4  C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\4ea564f9fd06e0fb40a42acf7693b81a\PresentationCore.ni.dll - ok
15:35:14.0725 0x14f4  [ AE098D9D3BD83440C59A0C3386F4F5DD, 13CFA7323349A2746D7FE662A7FCFC678F4E7AA9E12B45C62328022E3272384F ] C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
15:35:14.0725 0x14f4  C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok
15:35:14.0731 0x14f4  [ 6E656C325A5519A3A9D951709958CF6F, 1DC1D4BDF42F40A381D569297FEFB79B53CBD87088BA61A9EEA5AE4526B6182E ] C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll
15:35:14.0731 0x14f4  C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll - ok
15:35:14.0738 0x14f4  [ 54A47F6B5E09A77E61649109C6A08866, 121118A0F5E0E8C933EFD28C9901E54E42792619A8A3A6D11E1F0025A7324BC2 ] C:\Windows\SysWOW64\svchost.exe
15:35:14.0738 0x14f4  C:\Windows\SysWOW64\svchost.exe - ok
15:35:14.0744 0x14f4  [ DF446BA625CC441617843E87798CE048, B45C11EEA7EA792DE82E9BB283B9DCF30F891AAB8366075856BD84D10BCBCCD3 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
15:35:14.0744 0x14f4  C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll - ok
15:35:14.0750 0x14f4  [ 70481DABD9ADAB51A6933C5893B82925, 058690744CF783456DFCAAFDA853D020446C479DADBA38DF92EDFBC96F79D241 ] C:\Program Files\Lenovo\Communications Utility\CamMute.exe
15:35:14.0751 0x14f4  C:\Program Files\Lenovo\Communications Utility\CamMute.exe - ok
15:35:14.0757 0x14f4  [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] C:\Windows\System32\IKEEXT.DLL
15:35:14.0757 0x14f4  C:\Windows\System32\IKEEXT.DLL - ok
15:35:14.0763 0x14f4  [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8, C0B22B8C402EEEAF68F5380BC265C15418934D2F702F0A43674EC93853E26040 ] C:\Windows\System32\shfolder.dll
15:35:14.0763 0x14f4  C:\Windows\System32\shfolder.dll - ok
15:35:14.0770 0x14f4  [ C83C0791FC7FA3CBE9BE2825B8A47EAF, 8FE6A07B762986EDFE5BD4265826FED7C263D2521E818A35C17E63652F37D72F ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddcmn.dll
15:35:14.0770 0x14f4  C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddcmn.dll - ok
15:35:14.0776 0x14f4  [ BA95238A03A8371E09985EF2F2C30DC7, 1B3717AC041D68EB646F22FA9EB2FE3CCB19F4C8D0F287441EDD5A959D600E52 ] C:\Program Files\Lenovo\Communications Utility\CamDll.dll
15:35:14.0776 0x14f4  C:\Program Files\Lenovo\Communications Utility\CamDll.dll - ok
15:35:14.0782 0x14f4  [ 340288B3B2EDC8AFD5FF127DF85142A7, 595103B5CCDC83D8E4617D2C3E8ED91C88A78ACF11BC9478E9244C510DD50A80 ] C:\Program Files\Lenovo\HOTKEY\micmute.exe
15:35:14.0782 0x14f4  C:\Program Files\Lenovo\HOTKEY\micmute.exe - ok
15:35:14.0789 0x14f4  [ D0DAF6A22037F6DEE706A095C647AA41, 26FC2E6F423E19879C37D565C8C025EFBB2165C40E96078B4ECD2A77F3CEA55D ] C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
15:35:14.0789 0x14f4  C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe - ok
15:35:14.0795 0x14f4  [ 5BB8C06EB5EA4BA22EE8A678F2D79B25, 019E9274DE2F5BAB16B4632B8A2E93DFC8DF0C08EC4EEA947B337FD29EB2E0CC ] C:\Windows\SysWOW64\devenum.dll
15:35:14.0795 0x14f4  C:\Windows\SysWOW64\devenum.dll - ok
15:35:14.0801 0x14f4  [ F7DE50781DC4D162C1005EB30D98F931, CDD07CD2E300DCD818CF97AC05CAFD2BA5568CEA10622D69E156CFC936DD4769 ] C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
15:35:14.0801 0x14f4  C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe - ok
15:35:14.0807 0x14f4  [ 7757AC47B8F83831DA40DA10A1FC4587, CE4F34E419A8AD4747CA0B481DDA1FE863CB1BFFA21848CE95DC9653CB8E8821 ] C:\Program Files\Lenovo\VIRTSCRL\enlpu.dll
15:35:14.0808 0x14f4  C:\Program Files\Lenovo\VIRTSCRL\enlpu.dll - ok
15:35:14.0813 0x14f4  [ E24FE90E9DE8D8AE70E59F7B01675DEF, DDB0691488DB424CC203505E27364B24E4410E599A972CF2C1AFF4E2F3E3C04F ] C:\Windows\SysWOW64\avicap32.dll
15:35:14.0814 0x14f4  C:\Windows\SysWOW64\avicap32.dll - ok
15:35:14.0819 0x14f4  [ 7069AAB8536F29ED7323140973A2894B, 04B7FB6C64BFA3B80549F35CEF36D5DAE5D19A40E42444B3665B6BEFDF98EB5F ] C:\Windows\SysWOW64\msdmo.dll
15:35:14.0820 0x14f4  C:\Windows\SysWOW64\msdmo.dll - ok
15:35:14.0826 0x14f4  [ C335EC1182AC10B188705554E0BC1186, 963CD11CEF7A79559361134FDF9C07B8EA829A40D3996D77E95C291DD17AAD2B ] C:\Windows\SysWOW64\msvfw32.dll
15:35:14.0826 0x14f4  C:\Windows\SysWOW64\msvfw32.dll - ok
15:35:14.0831 0x14f4  [ 5997D769CDB108390DCFAEBF442BF816, 0E25CA984C0EEB629184423FAA9BC6D4356DF9A93F281E06DC83B4AC638AEC4A ] C:\Windows\SysWOW64\RpcRtRemote.dll
15:35:14.0831 0x14f4  C:\Windows\SysWOW64\RpcRtRemote.dll - ok
15:35:14.0838 0x14f4  [ 77B5035BC6EDF4D1B6265391AECEE4C0, FE69B715F04446BD42AF1B672E6AC54E954CFE0C847BFD2056CB11CF017B1844 ] C:\Windows\System32\vpnikeapi.dll
15:35:14.0838 0x14f4  C:\Windows\System32\vpnikeapi.dll - ok
15:35:14.0844 0x14f4  [ 75F5E1FE8D55CF8E577E0EC5F2290D3F, F4E2C81F0834018052A481AE8D7DF4780302A6844160CCDC09F7D82D3B992BDE ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll
15:35:14.0845 0x14f4  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll - ok
15:35:14.0851 0x14f4  [ 24498D084FAA7A459C91066EC241E1CE, 5214A26D8B441F7A55414DC2935AF6C76DB8C8D55F8677DA97D19943C69D765E ] C:\Windows\SysWOW64\vfwwdm32.dll
15:35:14.0851 0x14f4  C:\Windows\SysWOW64\vfwwdm32.dll - ok
15:35:14.0857 0x14f4  [ 28AD5E311996A34025CFB07E131058DD, 89C8B29105DE5917A33A7682C8A62CB543609F1227A4890D7130646A0F54D946 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
15:35:14.0857 0x14f4  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
15:35:14.0861 0x14f4  [ C140F86932B5B61F54A4D836E2D34AB2, 94821597EC70F27BF11A747D5EED474C57F389F20A2E0C3F1D0CB3F00974A53B ] C:\Windows\SysWOW64\ksproxy.ax
15:35:14.0861 0x14f4  C:\Windows\SysWOW64\ksproxy.ax - ok
15:35:14.0868 0x14f4  [ F9D908DE6B166DAC9B89BF62FA291CE8, D0A918AD60221623BB0278EA94CD6938744617FDBB2054968AFAFC2940648F02 ] C:\Program Files\Bonjour\mdnsNSP.dll
15:35:14.0868 0x14f4  C:\Program Files\Bonjour\mdnsNSP.dll - ok
15:35:14.0874 0x14f4  [ 6EF5F3F18413C367195F06E503AB86A6, 6F8B87FB4D67F9E76A51EF759B58A95D903C4AAC9C789A65A3FA1FC4F253D978 ] C:\Windows\SysWOW64\d3d9.dll
15:35:14.0874 0x14f4  C:\Windows\SysWOW64\d3d9.dll - ok
15:35:14.0880 0x14f4  [ 9C67F6BBDA3881CFD02095160CF91576, 6CE97C6F0AD8BE183DE935A7AAB7D46821E8DE9E55A4BFF54ACB49D056826A94 ] C:\Windows\SysWOW64\ksuser.dll
15:35:14.0880 0x14f4  C:\Windows\SysWOW64\ksuser.dll - ok
15:35:14.0887 0x14f4  [ 8086459BE80B4844C4152264490127C3, 6C6408B29A833D9008E04B616D20D36DBD7D29FEDE3B5F92DCA686BF14803F52 ] C:\Program Files\Lenovo\HOTKEY\micmute6.dll
15:35:14.0887 0x14f4  C:\Program Files\Lenovo\HOTKEY\micmute6.dll - ok
15:35:14.0892 0x14f4  [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051, 8EFD0A6DE6F4E335D342782190008FB5AC84A6ADE49170B310DEC9AC48E623E8 ] C:\Windows\System32\localspl.dll
15:35:14.0893 0x14f4  C:\Windows\System32\localspl.dll - ok
15:35:14.0898 0x14f4  [ 88351B29B622B30962D2FEB6CA8D860B, A16CAD7D94C1C9807083BB36E9B4C3C14E6482C4CA2BDFACBCC86E737DDCE42E ] C:\Windows\System32\rasadhlp.dll
15:35:14.0899 0x14f4  C:\Windows\System32\rasadhlp.dll - ok
15:35:14.0905 0x14f4  [ 3285481F5C12305CA104A6C493CA5A0B, ADB39B15D26A954B0F347C7BAFCC76DE5E3CF3CF05736E8987E0832AA7F8563C ] C:\Windows\System32\spoolss.dll
15:35:14.0905 0x14f4  C:\Windows\System32\spoolss.dll - ok
15:35:14.0910 0x14f4  [ 243974EC02F7AE49E4179C54624143AB, 755FA67F7BF10E3C6336788D297FBAA70F28F630852A43A78D3F7D7E3A7ECED0 ] C:\Windows\SysWOW64\MMDevAPI.dll
15:35:14.0911 0x14f4  C:\Windows\SysWOW64\MMDevAPI.dll - ok
15:35:14.0916 0x14f4  [ 12C45E3CB6D65F73209549E2D02ECA7A, 9DFD9C58B90257C34D52B7156C1D2566BE32EE7BD4699DDE164A5F190EC4D44A ] C:\Windows\SysWOW64\propsys.dll
15:35:14.0916 0x14f4  C:\Windows\SysWOW64\propsys.dll - ok
15:35:14.0923 0x14f4  [ 14AD65F69F2D4F78F9AF7711590EB7E7, 18D7ED00F0E5DE339B992D84104D8A91838652D9738B30BB5CA6B7F57912E24C ] C:\Windows\System32\hppfaxprintermon5.dll
15:35:14.0923 0x14f4  C:\Windows\System32\hppfaxprintermon5.dll - ok
15:35:14.0929 0x14f4  [ 72C8DC01C5918D80F9643B8B2AA5FC8B, 796299B68884F9576E5CE28601D0B9BF05CBE39736773DDC66754737DDE9B4AF ] C:\Windows\System32\HPTcpMon.dll
15:35:14.0929 0x14f4  C:\Windows\System32\HPTcpMon.dll - ok
15:35:14.0935 0x14f4  [ C5AC93CF3BA30D367FB49148A2B673B9, 07B556039BBA841BC9F28979C3AD5D238B55391F921C9C805F3AFC9EFB437766 ] C:\Windows\System32\PrintIsolationProxy.dll
15:35:14.0935 0x14f4  C:\Windows\System32\PrintIsolationProxy.dll - ok
15:35:14.0941 0x14f4  [ FD78C89938EA8EA98D9D0A309F2FDDA7, 90CA460C9619E46C19102366C129BE78B711EF6C6C7B2F2AEF56EEA53C69F6E6 ] C:\Windows\System32\HPTcpMUI.dll
15:35:14.0941 0x14f4  C:\Windows\System32\HPTcpMUI.dll - ok
15:35:14.0947 0x14f4  [ C940F2F5C60B3727C5F18840735B229C, EFC3F465FD6C570505C214A92644357ACD01B1843ED25B5FCCCE10533403485C ] C:\Windows\SysWOW64\AudioSes.dll
15:35:14.0947 0x14f4  C:\Windows\SysWOW64\AudioSes.dll - ok
15:35:14.0953 0x14f4  [ 77B1471A490B53B24EFE136F09F76550, A650C3A244306F8E605BDA8E74BFE438356BA4403B0CB61E980D3183E3F0A7C7 ] C:\Windows\SysWOW64\d3d8thk.dll
15:35:14.0953 0x14f4  C:\Windows\SysWOW64\d3d8thk.dll - ok
15:35:14.0960 0x14f4  [ D6EA06724FB70C98C43EAB1F9A7E541A, 32B42B71F49E9EC78A7F421D411F3A5866F0FC45DAA783F186E09A17D29C5733 ] C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.BSA\MSSQL\Binn\sqlservr.exe
15:35:14.0960 0x14f4  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.BSA\MSSQL\Binn\sqlservr.exe - ok
15:35:14.0966 0x14f4  [ 4C11433EA1EEB8F6BFABC1F9EEC7AEE6, 26F38598E434A738E53BE5CC3F91CCB17970ECF2AA8697F857C66A4FE1BF020C ] C:\Windows\SysWOW64\5U877.ax
15:35:14.0966 0x14f4  C:\Windows\SysWOW64\5U877.ax - ok
15:35:14.0972 0x14f4  [ D1DE1EAFDE97BE41CF6585027FF3E732, 76F17D4DF440D6734DC8157092D94EB18C2A73A0A49BEEA289E7B3EDE30E86A2 ] C:\Windows\SysWOW64\comdlg32.dll
15:35:14.0972 0x14f4  C:\Windows\SysWOW64\comdlg32.dll - ok
15:35:14.0978 0x14f4  [ 630A31F277349109299E590856A4B004, E686938BE16163976BA048C19E0F23F27CFFBDEB044C0C038176BA3435C67C0B ] C:\Windows\SysWOW64\Kswdmcap.ax
15:35:14.0978 0x14f4  C:\Windows\SysWOW64\Kswdmcap.ax - ok
15:35:14.0984 0x14f4  [ DC6612A9EE015A36BA2A27BC9CC12537, F4456A3E4028BE3BDE46363290CCC1E8420034A122596D86272CE4B554C78DB5 ] C:\Windows\SysWOW64\mfc42.dll
15:35:14.0984 0x14f4  C:\Windows\SysWOW64\mfc42.dll - ok
15:35:14.0990 0x14f4  [ 7D34AF98A706230CC2DEDFE0CABF87AB, 93237B839C2BC6E84C2C675BB211CA0FB781B348A033EF648A9AA5BDAC1EFDAE ] C:\Windows\SysWOW64\odbc32.dll
15:35:14.0990 0x14f4  C:\Windows\SysWOW64\odbc32.dll - ok
15:35:14.0996 0x14f4  [ ABA457BFC7EC0B5E130B2F1E0F549DFF, C944C75C351A276952D0A869F9ED3DF8674E9479797EE7B03D13E8FDCDEB2DC4 ] C:\Windows\SysWOW64\odbcint.dll
15:35:14.0996 0x14f4  C:\Windows\SysWOW64\odbcint.dll - ok
15:35:15.0002 0x14f4  [ 0AE0C4955E1DE29CCDC9DA1B816FE5EE, 93FDF0B256BCF62FEF1BF64775F5C19460D0269C1F4A11FBC3FF118851E75033 ] C:\Windows\SysWOW64\quartz.dll
15:35:15.0002 0x14f4  C:\Windows\SysWOW64\quartz.dll - ok
15:35:15.0008 0x14f4  [ CC5BF60E9D3F181C0B62AC91AD8634B8, AFF680E62D989A62CBDEC2BF70B6D17F7615F9826EAEE0C8A524AF80F9FF862D ] C:\Windows\SysWOW64\qcap.dll
15:35:15.0009 0x14f4  C:\Windows\SysWOW64\qcap.dll - ok
15:35:15.0014 0x14f4  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] C:\Windows\System32\drivers\mspqm.sys
15:35:15.0014 0x14f4  C:\Windows\System32\drivers\mspqm.sys - ok
15:35:15.0021 0x14f4  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] C:\Windows\System32\drivers\mspclock.sys
15:35:15.0021 0x14f4  C:\Windows\System32\drivers\mspclock.sys - ok
15:35:15.0027 0x14f4  [ 9028D1621C43DF8DFBD1C76860412A11, A1D48D9B33180BDE50D2FA9BB07E9520B7B7788C39B3AABB4A06AE4B1AACA755 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll
15:35:15.0027 0x14f4  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll - ok
15:35:15.0033 0x14f4  [ EAE1BC3F0A324751E87A3FE32BCF4A08, D9188C0D7ED0F21FB6DE93F10A88067689F8080A3886D9C0098A8DB84AE2FDEB ] C:\Windows\System32\hpzjrd01.dll
15:35:15.0033 0x14f4  C:\Windows\System32\hpzjrd01.dll - ok
15:35:15.0039 0x14f4  [ 4B8B0B4A2246092803326076E5C3F02C, F057AFA28D594953B340F91079B85484F0DA8083F072FABDE0C2A12CF9DC3710 ] C:\Windows\System32\HpTcpMib.dll
15:35:15.0040 0x14f4  C:\Windows\System32\HpTcpMib.dll - ok
15:35:15.0045 0x14f4  [ EFEC3847B47CC9357D5C33BBAB59B7EB, C093AF387AC9B7C5FA92D90DB1C3EC228A2C64CE4229539A25C8A47AD7E6D133 ] C:\Windows\System32\mgmtapi.dll
15:35:15.0045 0x14f4  C:\Windows\System32\mgmtapi.dll - ok
15:35:15.0051 0x14f4  [ 93518C6EDE0B61BCBD02BDB02BD05FEE, 3637F5E5F15093AFB501EE910368CF900B422AC22669391FFA4198BBAE6F8FCB ] C:\Windows\System32\snmpapi.dll
15:35:15.0051 0x14f4  C:\Windows\System32\snmpapi.dll - ok
15:35:15.0058 0x14f4  [ FFF9D00CF16397C64317F213484F94BD, 94D0584E14BDB27F61F59A7BCEA529A1594261BE0CE74502C13E8865843BA414 ] C:\Windows\System32\wsnmp32.dll
15:35:15.0058 0x14f4  C:\Windows\System32\wsnmp32.dll - ok
15:35:15.0063 0x14f4  [ 19E41CCCEE697CC9465396B370929792, A9FC4C33C71C3677FE57779380E55FDE2AC0B0C70A9DBCBA0D0B6FA92C709A7F ] C:\Windows\System32\FXSMON.dll
15:35:15.0063 0x14f4  C:\Windows\System32\FXSMON.dll - ok
15:35:15.0069 0x14f4  [ F33DC4433E8C55FE66CED8CE037F1097, DBB25F57791DB505C9C28000DC8F4BA6458B26260FB2C0C3E7A9BD51F983218F ] C:\Windows\System32\pdf995mon64.dll
15:35:15.0069 0x14f4  C:\Windows\System32\pdf995mon64.dll - ok
15:35:15.0076 0x14f4  [ 0BF28DEE7BFB7F2D787756A2009AD5F8, 1C94E0FE3CB594B790418347F12FDC90098E95C5B6195B3EA224FC64E5E1A702 ] C:\Windows\System32\ssk3mlm.dll
15:35:15.0076 0x14f4  C:\Windows\System32\ssk3mlm.dll - ok
15:35:15.0082 0x14f4  [ 32A3C8600AF124CBAAD845F13CFAE3CB, F36FE9E57D5C509FEECE890F9F8717F9CC6F762E32AE0B7DB7E0153370CE0B9D ] C:\Windows\System32\tcpmon.dll
15:35:15.0082 0x14f4  C:\Windows\System32\tcpmon.dll - ok
15:35:15.0088 0x14f4  [ DF72A9936D0C3F517083119648814B09, 6BA4DCAC2F55A393A266ED0B2AF92B38141654D1666E3E143D85BBAF21663E1E ] C:\Windows\System32\usbmon.dll
15:35:15.0088 0x14f4  C:\Windows\System32\usbmon.dll - ok
15:35:15.0094 0x14f4  [ A1D7E3ADCDB07DDB6F423862DCB1A52B, 6191C33D2AE090F6F055D6AE211096CE8F003EC5518A5333EE1E376052176BAB ] C:\Windows\System32\WSDMon.dll
15:35:15.0094 0x14f4  C:\Windows\System32\WSDMon.dll - ok
15:35:15.0100 0x14f4  [ F1B205F932F62F94506A5F332C895DAF, F02F01F20F655DD919C71AE814E4C3DD43330AAD1425FC5B1497F1613917CCDE ] C:\Windows\System32\WSDApi.dll
15:35:15.0100 0x14f4  C:\Windows\System32\WSDApi.dll - ok
15:35:15.0107 0x14f4  [ C55516D98DD5D8F0153C2A9B4227DA86, DBC62B776CF06D0873A4C7CFCDF5B6F5C6E6C41917C326C090BCE58DC66EE09C ] C:\Windows\System32\webservices.dll
15:35:15.0107 0x14f4  C:\Windows\System32\webservices.dll - ok
15:35:15.0113 0x14f4  [ B5055B51BAA0FD0A736A88653DA3C1C0, A3BD057C7E8C926930BA7E9D11427D26FB37267026A0B72AB4021101EE424F74 ] C:\Windows\System32\fundisc.dll
15:35:15.0113 0x14f4  C:\Windows\System32\fundisc.dll - ok
15:35:15.0116 0x14f4  [ 4581716B4BF76ACFD8E167EB0B26D82A, 39D822527114EEED68044CCE4D542767F53978D9E0A7F72638F1CA9A016DE13B ] C:\Windows\System32\fdPnp.dll
15:35:15.0117 0x14f4  C:\Windows\System32\fdPnp.dll - ok
15:35:15.0123 0x14f4  [ 1D626FE2E13C1CE49CA0136CFF214E93, 4F02DD92045CF244979FFD074B2BDE6925A909227A474C60DCABE4384D916218 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
15:35:15.0123 0x14f4  C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
15:35:15.0129 0x14f4  [ 58A0CDABEA255616827B1C22C9994466, 4FE1140AA8D3995579DE8CDF4ECAD1978804D05351EABB4079A63B303EF1B451 ] C:\Windows\System32\NapiNSP.dll
15:35:15.0129 0x14f4  C:\Windows\System32\NapiNSP.dll - ok
15:35:15.0135 0x14f4  [ 613C8CE10A5FDE582BA5FA64C4D56AAA, 30507B6BA79E1A271B07BBA58B4FF463678BE0960266A1D5E88031E932D768B6 ] C:\Windows\System32\pnrpnsp.dll
15:35:15.0135 0x14f4  C:\Windows\System32\pnrpnsp.dll - ok
15:35:15.0141 0x14f4  [ 2E2072EB48238FCA8FBB7A9F5FABAC45, AC70B9FC24847EEC2E18008F2894DCDAC19A9C90D5D88729326E493CA524F5C3 ] C:\Windows\System32\winrnr.dll
15:35:15.0141 0x14f4  C:\Windows\System32\winrnr.dll - ok
15:35:15.0147 0x14f4  [ 748849C42DEA24C723048E24BCA1BD55, 517DDE70E7CB8E94C6E8B9B05CCD4BC6490A8837FD8BB874C9E1186D8EF07659 ] C:\Windows\System32\wshbth.dll
15:35:15.0147 0x14f4  C:\Windows\System32\wshbth.dll - ok
15:35:15.0153 0x14f4  [ BB051435B59FAE151829B0315A22D347, EA14BDA91CA900FC81DB9C0288F85CBCE65D32F39A4EB865F9E477442317832A ] C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.BSA\MSSQL\Binn\sqlos.dll
15:35:15.0153 0x14f4  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.BSA\MSSQL\Binn\sqlos.dll - ok
15:35:15.0159 0x14f4  [ 487F44B08EFEAF5AD087878357B9403D, B02C99850940588D52B3E6DB30DB64582F294E0BD62101067BECFEA1483010C6 ] C:\Windows\SysWOW64\pdh.dll
15:35:15.0159 0x14f4  C:\Windows\SysWOW64\pdh.dll - ok
15:35:15.0165 0x14f4  [ F93674263F6B07C77956E966953242D9, 0BEE8864DB2925A2B3B7CD76FCF9A4CA3757F4E4670BB2C3A3105D5A591740CB ] C:\Windows\SysWOW64\secur32.dll
15:35:15.0165 0x14f4  C:\Windows\SysWOW64\secur32.dll - ok


#13 mjbeach

mjbeach
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:03:42 PM

Posted 11 November 2013 - 11:41 PM

TDSSKiler Log Part 3/3

 

15:35:15.0172 0x14f4  [ B88613BE5B9939BD5DD63F9E196413AD, 1501A1CC224A194C440372392D4F9305944F6725F3B7BD849476197AA0839137 ] C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.BSA\MSSQL\Binn\opends60.dll

15:35:15.0172 0x14f4  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.BSA\MSSQL\Binn\opends60.dll - ok
15:35:15.0178 0x14f4  [ 8EA53101FF2B15BDFF934B62A8FB326D, E28536A4AC6764C2480EF047AF2312AE2600819899C3E33B486CFE19F25AC464 ] C:\Windows\SysWOW64\logoncli.dll
15:35:15.0178 0x14f4  C:\Windows\SysWOW64\logoncli.dll - ok
15:35:15.0184 0x14f4  [ 68ECCA523ED760AAFC03C5D587569859, CDD734279C8F9F24EA2538BAD8E91EB8C3DD74C33032DB6B2D85C19576B42707 ] C:\Windows\SysWOW64\samcli.dll
15:35:15.0184 0x14f4  C:\Windows\SysWOW64\samcli.dll - ok
15:35:15.0191 0x14f4  [ 0FB5AA33D26F7212963D832083CD0C5C, A5DDCD9B315A96631C7AE32CF79455DCAC48F2B5C3916153E252D99A19451A14 ] C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.BSA\MSSQL\Binn\batchparser.dll
15:35:15.0191 0x14f4  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.BSA\MSSQL\Binn\batchparser.dll - ok
15:35:15.0197 0x14f4  [ E31E4E9F644FBFE79DCA532D9781F71D, 8A06B14C315A0E9E1366A4AEF63FD61D7DFCB89680E551A704E3CB4EDA6C0A56 ] C:\Program Files (x86)\Microsoft SQL Server\100\Shared\instapi10.dll
15:35:15.0197 0x14f4  C:\Program Files (x86)\Microsoft SQL Server\100\Shared\instapi10.dll - ok
15:35:15.0204 0x14f4  [ AF4E7DF007D5D469BCC5C13CE1C2DEC1, 43ABAE705F3B401502A7F31A84BDB0A61A9EBC53CB3949DA325765C78FD3FFAA ] C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.BSA\MSSQL\Binn\sqlboot.dll
15:35:15.0204 0x14f4  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.BSA\MSSQL\Binn\sqlboot.dll - ok
15:35:15.0211 0x14f4  [ E126A008A908051FBE9671CD0806B8F0, 1E7F49CFCD0E3100D373DFA9B46FD78A98911AAD1AF48C533F2E73055AC2FC77 ] C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.BSA\MSSQL\Binn\Resources\1033\sqlevn70.rll
15:35:15.0211 0x14f4  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.BSA\MSSQL\Binn\Resources\1033\sqlevn70.rll - ok
15:35:15.0217 0x14f4  [ DC6530A291D4BDF6DF399F1F128E7F8F, 85123D802063383646EEBC60F4ABBCDBA2AE3180E99A8A99C024B1EBB0C6690E ] C:\Windows\System32\HPZinw12.dll
15:35:15.0217 0x14f4  C:\Windows\System32\HPZinw12.dll - ok
15:35:15.0223 0x14f4  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] C:\Windows\System32\netman.dll
15:35:15.0223 0x14f4  C:\Windows\System32\netman.dll - ok
15:35:15.0229 0x14f4  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] C:\Windows\System32\nlasvc.dll
15:35:15.0229 0x14f4  C:\Windows\System32\nlasvc.dll - ok
15:35:15.0235 0x14f4  [ E36112A8A6C7F840169A7E92C12F4203, 52795B2E6ECCE751EEF5074AF52FDE376A382D0A1C43B90DD4F77A397C00FBC5 ] C:\Windows\System32\wsock32.dll
15:35:15.0235 0x14f4  C:\Windows\System32\wsock32.dll - ok
15:35:15.0241 0x14f4  [ 465BEA35F7ED4A4A57686DEA7EA10F47, 7F1B3CA09AB045F805DA5765BE7DD270F5DDACE3073017F7386FF1E2FA82D6FB ] C:\Windows\SysWOW64\cscapi.dll
15:35:15.0241 0x14f4  C:\Windows\SysWOW64\cscapi.dll - ok
15:35:15.0247 0x14f4  [ 1727B2A2F379A32B864C096FA794AADC, 87B77A5DF95F3A1C5ED6DEF820C7E384BEFCBAA2FE1BB4781AC6F777A081E5CC ] C:\Windows\System32\aepic.dll
15:35:15.0247 0x14f4  C:\Windows\System32\aepic.dll - ok
15:35:15.0253 0x14f4  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] C:\Windows\System32\drivers\PEAuth.sys
15:35:15.0253 0x14f4  C:\Windows\System32\drivers\PEAuth.sys - ok
15:35:15.0259 0x14f4  [ D4FAC263861BAE06971C7F7D0A8EBF15, D494DEF0024288B9CC56EC6B500FF5828144BE9B8E7033340509EC5E68F8DED0 ] C:\Windows\System32\ncsi.dll
15:35:15.0259 0x14f4  C:\Windows\System32\ncsi.dll - ok
15:35:15.0265 0x14f4  [ 58F4493BF748A3A89689997B7BD00E95, EC5DEEC73E357C7C87B001275C4E635011A9CF39419F2B86E2C2B8D7E388C551 ] C:\Windows\System32\winhttp.dll
15:35:15.0265 0x14f4  C:\Windows\System32\winhttp.dll - ok
15:35:15.0271 0x14f4  [ 6B2BF4052C88E7A6AD20459CFC057589, BA52C74E97B271B3C7266945335BD487D2B5919251D9E7F5EABDE33A1078118D ] C:\PVSW\bin\psql_svc.exe
15:35:15.0271 0x14f4  C:\PVSW\bin\psql_svc.exe - ok
15:35:15.0277 0x14f4  [ C6DCD1D11ED6827F05C00773C3E7053C, EA23BE261C9C04F44215D254D7A80FD0AEE84C6F192D0FEE49A7CF74ED3CB1A6 ] C:\Windows\System32\sfc.dll
15:35:15.0277 0x14f4  C:\Windows\System32\sfc.dll - ok
15:35:15.0283 0x14f4  [ 895C9AB0A855547445C4181195230757, 89BDA385D8CCB75C3D7B1BDFA567AC441A931F4E499C0835FEE9D010343FABB6 ] C:\Windows\System32\sfc_os.dll
15:35:15.0283 0x14f4  C:\Windows\System32\sfc_os.dll - ok
15:35:15.0289 0x14f4  [ 603EBD34E216C5654A2D774EAC98D278, ACE0171BB780DB2C1B1A8BF6FA8CF51C529D7E09141FA504C7199AF764FD9A36 ] C:\Windows\System32\webio.dll
15:35:15.0289 0x14f4  C:\Windows\System32\webio.dll - ok
15:35:15.0295 0x14f4  [ 352B3DC62A0D259A82A052238425C872, 393B24E0D6007C74AEE2FB2EE2C18623D37DF64E279B6767952DCFEE0EACBB10 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
15:35:15.0295 0x14f4  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
15:35:15.0302 0x14f4  [ 2BBF3FDB70B8965DFA0258CBAB41ECCE, 4EFA41765E46E90C6CBDB0DC1E0CD375D7AB3307C477171EBAA6A16AC32E5211 ] C:\Windows\System32\ssdpapi.dll
15:35:15.0302 0x14f4  C:\Windows\System32\ssdpapi.dll - ok
15:35:15.0308 0x14f4  [ F5B08437906E07A5EA4C2BCC756A998C, 6695E8F65A6CE6BFD02EB6C93C9E64460AF49A514D109B35B32AE983AAF0E962 ] C:\PVSW\bin\w3dbsmgr.exe
15:35:15.0308 0x14f4  C:\PVSW\bin\w3dbsmgr.exe - ok
15:35:15.0314 0x14f4  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] C:\Windows\System32\drivers\secdrv.sys
15:35:15.0314 0x14f4  C:\Windows\System32\drivers\secdrv.sys - ok
15:35:15.0320 0x14f4  [ 71F62C51DFDFBC04C83C5C64B2B8058E, CAB12E6D27BE421BD5A3CB04066EA50303A3210332ECC4B5C03B5F19735FC857 ] C:\Windows\System32\HPZipm12.dll
15:35:15.0320 0x14f4  C:\Windows\System32\HPZipm12.dll - ok
15:35:15.0326 0x14f4  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] C:\Windows\System32\seclogon.dll
15:35:15.0327 0x14f4  C:\Windows\System32\seclogon.dll - ok
15:35:15.0332 0x14f4  [ FB4EB9352B7D698E6B3C2AA2ED724DAD, 534AB280ACD29E88FD1BD8838E1231D9364E649C917547A838F51EC8AB941EE2 ] C:\Windows\SysWOW64\authz.dll
15:35:15.0333 0x14f4  C:\Windows\SysWOW64\authz.dll - ok
15:35:15.0339 0x14f4  [ 72910F1DEB838E6E08A9017BFB7D4F0B, A2EAE06069778605765ECB4734760BA296707ED6E166F85F31603F5D79ACC125 ] C:\Windows\SysWOW64\browcli.dll
15:35:15.0339 0x14f4  C:\Windows\SysWOW64\browcli.dll - ok
15:35:15.0345 0x14f4  [ 10D936DCED9EACD1A1B3FCDDA6D7A4EB, EE66162AEAF6A583A04BB5AF1220318C9ADD3A62987CDCEE0505C6FF37AB30FF ] C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
15:35:15.0345 0x14f4  C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe - ok
15:35:15.0351 0x14f4  [ 6DBAA7F096BE2942E2EFF663DFF35796, 23087922A138570C14578952F729EFF73628840D3A7CC5A53B461FA560FBA0AC ] C:\PVSW\bin\w3scmv7.dll
15:35:15.0351 0x14f4  C:\PVSW\bin\w3scmv7.dll - ok
15:35:15.0357 0x14f4  [ 4E5FE39C1076D115EC8BFCFE14D75B80, F1D02BCA6F664DCDD0CCDE269D31787C7553CD38C7208A8DD8B80B9EA09FEB1C ] C:\Windows\SysWOW64\credssp.dll
15:35:15.0357 0x14f4  C:\Windows\SysWOW64\credssp.dll - ok
15:35:15.0363 0x14f4  [ 73E8667A19FEEDD856DF2695E9E511D4, 68D66C36D1F293D10ADCC6A33C870F989A29743537592CF172F02E794BEAFD1C ] C:\Windows\SysWOW64\wship6.dll
15:35:15.0363 0x14f4  C:\Windows\SysWOW64\wship6.dll - ok
15:35:15.0367 0x14f4  [ 81F08948A0F1475894C99D4D19A158A8, 93334DA369BF976E498265E432CAF63D898D378C6B32947DF355366ABE2A0FAC ] C:\Windows\SysWOW64\wshqos.dll
15:35:15.0367 0x14f4  C:\Windows\SysWOW64\wshqos.dll - ok
15:35:15.0373 0x14f4  [ 71AAC1BD6D5A2A2F6DAD025B6451FCA3, FAB7FB0B42ACDBEDB7F5D1D605DA471BE4D10D45487AAE8894593B62B7F2517B ] C:\Windows\System32\spool\prtprocs\x64\hpcpp083.DLL
15:35:15.0373 0x14f4  C:\Windows\System32\spool\prtprocs\x64\hpcpp083.DLL - ok
15:35:15.0379 0x14f4  [ 13EC96C913078B8D0005683218512CF9, 6E24B77EFF0FC4E01220FECE77135C1C2DB89C6A09D2047B1BAC55F480D1B4DC ] C:\Windows\System32\spool\prtprocs\x64\hpcpp093.DLL
15:35:15.0379 0x14f4  C:\Windows\System32\spool\prtprocs\x64\hpcpp093.DLL - ok
15:35:15.0386 0x14f4  [ F92E5F93BE572B512DA3C016B675EDE0, 3BBE8B952A329E4BCD6F0C8D6225F809B99217A196301B6FE543B26C3689A37B ] C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
15:35:15.0386 0x14f4  C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe - ok
15:35:15.0392 0x14f4  [ C30A50449EA4B611484A5F1F1F016774, 92A7799326EE3E889938E35408F8F9B831B6EA8A90691757445BFBE5080AFD46 ] C:\Windows\System32\spool\prtprocs\x64\HPZPPLHN.DLL
15:35:15.0392 0x14f4  C:\Windows\System32\spool\prtprocs\x64\HPZPPLHN.DLL - ok
15:35:15.0402 0x14f4  [ 568206B102959F5875C2A5DF2C9FD819, DEE5F437037AE5442FE7C29DEB40BD1341EE4AF182ABB5B3E07F62511B061185 ] C:\Windows\System32\spool\prtprocs\x64\SSGR1pc.dll
15:35:15.0402 0x14f4  C:\Windows\System32\spool\prtprocs\x64\SSGR1pc.dll - ok
15:35:15.0410 0x14f4  [ A1C238B70EE4BB4A6E5F4155FFF895F3, 00836B91C326690A9E8B5BCB51D11F256C5A18C315E08473BBC574666AE361D9 ] C:\Program Files\Microsoft SQL Server\90\Shared\sqlwvss.dll
15:35:15.0410 0x14f4  C:\Program Files\Microsoft SQL Server\90\Shared\sqlwvss.dll - ok
15:35:15.0417 0x14f4  [ 4881BB872DB40A3D9CFF67ADF8212A66, 5615B3F0F30EFE861BFBC5FF39B33030B53EC208B571D6152C4A7CEC732B4828 ] C:\Windows\System32\spool\prtprocs\x64\ssk3mpc.dll
15:35:15.0417 0x14f4  C:\Windows\System32\spool\prtprocs\x64\ssk3mpc.dll - ok
15:35:15.0423 0x14f4  [ 67CF11E00D026A5C0C88EA5F84D501E5, 5081A87466116232CF07F58229967B6C0CD3738B64A56EFC6BB3EBDA62E378F6 ] C:\Windows\System32\win32spl.dll
15:35:15.0423 0x14f4  C:\Windows\System32\win32spl.dll - ok
15:35:15.0427 0x14f4  [ 507D5567A0A4EE86C4B0CE2CE1777025, 408770B00CED498BF7782054F17A5CB361CF65429B0C816403D70E416E0EEF23 ] C:\Windows\System32\inetpp.dll
15:35:15.0427 0x14f4  C:\Windows\System32\inetpp.dll - ok
15:35:15.0433 0x14f4  [ EDEEFA5C093F04C9896FC10599EF498D, B65EC428DFD140EBB93EFDDD936474E4295E673D69A5F51F4D7F8048C1079D95 ] C:\PVSW\bin\pscore2.dll
15:35:15.0433 0x14f4  C:\PVSW\bin\pscore2.dll - ok
15:35:15.0439 0x14f4  [ 44BFC565BE5B8034A5835CA30CDF93CA, F0D14C199ED3DE10436EDC10AB3AB8BE4E74A30F17D255DEC9F03404C5613D84 ] C:\PVSW\bin\w3aif110.dll
15:35:15.0439 0x14f4  C:\PVSW\bin\w3aif110.dll - ok
15:35:15.0445 0x14f4  [ 1BF0CB861A48FEB1638228760750F3CB, 37C781A8C546EAD8B4D28BD7D730B9AC78EB799599AD69DAD9054B6F9F1DD6BD ] C:\Windows\System32\cscapi.dll
15:35:15.0445 0x14f4  C:\Windows\System32\cscapi.dll - ok
15:35:15.0451 0x14f4  [ AF46BD1AF8EB7CE5387293790BCB40C9, FD7774EB26282F7F3179BF8AF62D7A6E4B0B078D5DFA41D212B017EF5BC29B51 ] C:\PVSW\bin\w3sqlmgr.dll
15:35:15.0451 0x14f4  C:\PVSW\bin\w3sqlmgr.dll - ok
15:35:15.0458 0x14f4  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] C:\Windows\System32\drivers\srvnet.sys
15:35:15.0458 0x14f4  C:\Windows\System32\drivers\srvnet.sys - ok
15:35:15.0464 0x14f4  [ 0211AB46B73A2623B86C1CFCB30579AB, 7CC9BA2DF7B9EA6BB17EE342898EDD7F54703B93B6DED6A819E83A7EE9F938B4 ] C:\Windows\System32\drivers\SSPORT.SYS
15:35:15.0464 0x14f4  C:\Windows\System32\drivers\SSPORT.SYS - ok
15:35:15.0470 0x14f4  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] C:\Windows\System32\drivers\tcpipreg.sys
15:35:15.0470 0x14f4  C:\Windows\System32\drivers\tcpipreg.sys - ok
15:35:15.0477 0x14f4  [ BCEA9AB347E53BC03B2E36BE0B8BA0EF, 868DEFB78767E91694E83F931725257DF3FF79A4BFED3B914D27F3493EB7A8D0 ] C:\Windows\System32\httpapi.dll
15:35:15.0477 0x14f4  C:\Windows\System32\httpapi.dll - ok
15:35:15.0483 0x14f4  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] C:\Windows\System32\wiaservc.dll
15:35:15.0483 0x14f4  C:\Windows\System32\wiaservc.dll - ok
15:35:15.0493 0x14f4  [ A8704A10FFDE468F4AB18EBF82A9A86F, 40F6502679CEE0B657B0005278FBE7213BDDA6DEAACF868058E17737C182E1B4 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll
15:35:15.0493 0x14f4  C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll - ok
15:35:15.0499 0x14f4  [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5, BDA403E6CACC249C467671FB1FAF7B77FB019326BC18F9F6CF377104520E2654 ] C:\Windows\System32\wiatrace.dll
15:35:15.0499 0x14f4  C:\Windows\System32\wiatrace.dll - ok
15:35:15.0508 0x14f4  [ DB94F520B4330889057E03F354CDB289, 429253FC3B470873E948209BAA4EB4E9EAC1F54DA4240494AF5BD4D86D1857CF ] C:\PVSW\bin\w3odbcei.dll
15:35:15.0508 0x14f4  C:\PVSW\bin\w3odbcei.dll - ok
15:35:15.0515 0x14f4  [ 4C1244FEF74C60A4B1B151C76609CBE2, 3E500204A9232D5B332BE16C281A32B957D03BBA836851BE7754F030872FAC83 ] C:\Windows\System32\wsdchngr.dll
15:35:15.0515 0x14f4  C:\Windows\System32\wsdchngr.dll - ok
15:35:15.0518 0x14f4  [ F245E1954DD7AC5FB389F07F0E39FE4F, 487DEA26C19428FF84ADC57B780741BB51E09B4657163B64609057103798432D ] C:\Windows\System32\hpxp2320_x64.dll
15:35:15.0518 0x14f4  C:\Windows\System32\hpxp2320_x64.dll - ok
15:35:15.0525 0x14f4  [ 210FCACAF902B2CD47CF9FD17D846146, 3F77AC721E084864C5966FF5337A90185F62203DC19C685328675500D629CB87 ] C:\Windows\System32\aeevts.dll
15:35:15.0525 0x14f4  C:\Windows\System32\aeevts.dll - ok
15:35:15.0531 0x14f4  [ FCB91A4C0EEC9A75E33C45AB0E1A9DB5, AD7CC336529670BF0BB121B4AC7B035756FAD2DA1E14C88B89A6DE792FFBD12F ] C:\PVSW\bin\pscl2.dll
15:35:15.0531 0x14f4  C:\PVSW\bin\pscl2.dll - ok
15:35:15.0537 0x14f4  [ 9699DB0085C06D5E1D03089D88CA13B9, A6D30D8B0E7E05EEBD741208DB189FF791ECB9669BC9D36E28555701B3D51A64 ] C:\Windows\System32\spool\drivers\x64\3\PS5UI.DLL
15:35:15.0537 0x14f4  C:\Windows\System32\spool\drivers\x64\3\PS5UI.DLL - ok
15:35:15.0544 0x14f4  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] C:\Windows\System32\sysmain.dll
15:35:15.0544 0x14f4  C:\Windows\System32\sysmain.dll - ok
15:35:15.0550 0x14f4  [ 22F020C76E339EB2B2187BA73A7E4173, 4605BF0C708441D146D2F902BB340858E314FCA70A4C88EB31CF3544C865C123 ] C:\Windows\System32\PrintIsolationHost.exe
15:35:15.0550 0x14f4  C:\Windows\System32\PrintIsolationHost.exe - ok
15:35:15.0556 0x14f4  [ E81F5A2F6D52215C0E84F2849503EBA8, D372F90035F38A91703E8C017A26D6BB91FDF9B65B7B6DA24BB9D25485A91942 ] C:\Windows\System32\tcpmib.dll
15:35:15.0556 0x14f4  C:\Windows\System32\tcpmib.dll - ok
15:35:15.0562 0x14f4  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] C:\Windows\System32\trkwks.dll
15:35:15.0562 0x14f4  C:\Windows\System32\trkwks.dll - ok
15:35:15.0568 0x14f4  [ 4C1E16B9A53102C8D6FBA587CBCB95DE, F982ABB2353E45E3E09B30EA99EFDC2A905AD75B43CDB0A34DB33D91AADDAB17 ] C:\Windows\SysWOW64\msv1_0.dll
15:35:15.0568 0x14f4  C:\Windows\SysWOW64\msv1_0.dll - ok
15:35:15.0575 0x14f4  [ BE788A747457E6916586C410EC0111E7, 525F9065270AF40FED854C5B3C7E690783F5169C2F9286EE225F6C817ED1E237 ] C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
15:35:15.0575 0x14f4  C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe - ok
15:35:15.0581 0x14f4  [ 1128637CAD49A8E3C8B5FA5D0A061525, 6B80E50D8296F9E2C978CC6BC002B964ACFD8F4BCF623F4770513792845B5278 ] C:\Windows\SysWOW64\cryptdll.dll
15:35:15.0581 0x14f4  C:\Windows\SysWOW64\cryptdll.dll - ok
15:35:15.0588 0x14f4  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] C:\Windows\System32\wbem\WMIsvc.dll
15:35:15.0588 0x14f4  C:\Windows\System32\wbem\WMIsvc.dll - ok
15:35:15.0595 0x14f4  [ 7DB5AA22A8A8E5C2D335F44853C1F6DE, A734A20357026C42950394682A52CBC3AF956D09F1949E1B4E95467E999BC428 ] C:\Windows\System32\wbemcomn.dll
15:35:15.0595 0x14f4  C:\Windows\System32\wbemcomn.dll - ok
15:35:15.0601 0x14f4  [ 0255C22D99602534F15CBB8D9B6F152F, 43CD89D6CA56E0B633142F7C86DA9E072EE0723B5EBC4CE8CCBCA58C396ECF54 ] C:\Windows\System32\wbem\WinMgmtR.dll
15:35:15.0601 0x14f4  C:\Windows\System32\wbem\WinMgmtR.dll - ok
15:35:15.0608 0x14f4  [ 0C52762C606BCF6A377D5E4688191A6B, C58C9A73AD07E3B93AB186D0D47C5F1CB7197771DBEE40646C3B801645BB388F ] C:\Windows\System32\wbem\WmiDcPrv.dll
15:35:15.0608 0x14f4  C:\Windows\System32\wbem\WmiDcPrv.dll - ok
15:35:15.0614 0x14f4  [ 211A1CFF92CF7F70EB61606ABB729615, 9FE3E91A81F8DF0996063BA3BB24C2F915EAB583035F1D219DF3FCBDADAC8D66 ] C:\Windows\System32\spool\drivers\x64\3\PSCRIPT5.DLL
15:35:15.0614 0x14f4  C:\Windows\System32\spool\drivers\x64\3\PSCRIPT5.DLL - ok
15:35:15.0618 0x14f4  [ B9A8CBCFCD3EC9D2EA4740AF347BF108, 97FA304E3880BC863D999F441AE47CB8ADF00D2DEC2A52ACD8FBD02CC096786A ] C:\Windows\SysWOW64\mpr.dll
15:35:15.0618 0x14f4  C:\Windows\SysWOW64\mpr.dll - ok
15:35:15.0625 0x14f4  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:35:15.0625 0x14f4  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
15:35:15.0630 0x14f4  [ 7CBB1D4D13DC62D7F529D87151FD3CD3, DA75C5E64777F6ACE6F77A72D3362A40F8BE59DF3E6BC83550A81D9E20730401 ] C:\Program Files\Windows Defender\MpSvc.dll
15:35:15.0630 0x14f4  C:\Program Files\Windows Defender\MpSvc.dll - ok
15:35:15.0637 0x14f4  [ 662BA98309818AF2C17D4E48BF4021C4, 57B3FFAECE3DF5E22B6764A95D2B8523AA02CCCB4BD0779025C11D02EEBF4B1E ] C:\Program Files\Windows Defender\MpClient.dll
15:35:15.0637 0x14f4  C:\Program Files\Windows Defender\MpClient.dll - ok
15:35:15.0643 0x14f4  [ BC0D6FA75F0119E56E157D247ACF96BE, 33589459263A9B215DD75B80500743C5D88B9B70D64E07E2C393CD39B60D1D64 ] C:\Windows\System32\spool\drivers\x64\3\x2upAY.dll
15:35:15.0643 0x14f4  C:\Windows\System32\spool\drivers\x64\3\x2upAY.dll - ok
15:35:15.0650 0x14f4  [ 6D5E65AB0CD01BCC3C138A8FCC86ADE0, 10C7917CBC55CC131ECC59CE4EF4B5EDC3AD6CDEFFAEA54D6F2F9FD0E5FB8789 ] C:\Windows\System32\spool\drivers\x64\3\x2utilAY.dll
15:35:15.0650 0x14f4  C:\Windows\System32\spool\drivers\x64\3\x2utilAY.dll - ok
15:35:15.0656 0x14f4  [ FA43D418BC945D27D0625B697B8442B5, 035DE0FEA440D2E3AD255EE84B388DDA538E778877033FDB54B8A61BB0AADE56 ] C:\Windows\System32\cabinet.dll
15:35:15.0656 0x14f4  C:\Windows\System32\cabinet.dll - ok
15:35:15.0662 0x14f4  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] C:\Windows\System32\tapisrv.dll
15:35:15.0662 0x14f4  C:\Windows\System32\tapisrv.dll - ok
15:35:15.0668 0x14f4  [ 1A9ED1FA0B548A988CBCFBBBD7F8E064, B59E54310152D52D1233A870382CBD6F487CC7E13DE7B204AE41B043D38CF654 ] C:\PVSW\bin\w3mif183.dll
15:35:15.0668 0x14f4  C:\PVSW\bin\w3mif183.dll - ok
15:35:15.0675 0x14f4  [ A03D3D12FB51C640CB99EDF5F09B2A2D, 00A5CFC86B4C785BBCFFE68FE22B5BC39ADB8E1C4FD83B0EEAE5F011B63ECC9B ] C:\PVSW\bin\clientrb.dll
15:35:15.0675 0x14f4  C:\PVSW\bin\clientrb.dll - ok
15:35:15.0681 0x14f4  [ BDA0B954A30498B5A7EDC6204CBA07ED, B14AC33E649F02AEC7ED9237DF6EB1801506C3066B0DACC8EBC4660D408AF614 ] C:\Windows\SysWOW64\kerberos.dll
15:35:15.0681 0x14f4  C:\Windows\SysWOW64\kerberos.dll - ok
15:35:15.0687 0x14f4  [ 3D3CBD1847F980FB03343A63671E7886, 6FCC7D869106DFF85B251C1593E2DA2C165D71F854ED32360FC7DB16327AF663 ] C:\Windows\SysWOW64\schannel.dll
15:35:15.0687 0x14f4  C:\Windows\SysWOW64\schannel.dll - ok
15:35:15.0693 0x14f4  [ 4F6E72B34ED3DC53DCC5E8708E60B61F, CB79F4EBCE11ECCFA167498F329F95D545F8D4E5CCE4006B2A03B595733AEBC2 ] C:\Windows\SysWOW64\security.dll
15:35:15.0693 0x14f4  C:\Windows\SysWOW64\security.dll - ok
15:35:15.0699 0x14f4  [ F11A57E91FDAECFB41A5CB21EB1EBC8E, 904DA963F2274ADF521660E3131DAC781E59C6FAEB393E57802A3B5638C09283 ] C:\Windows\System32\dssenh.dll
15:35:15.0700 0x14f4  C:\Windows\System32\dssenh.dll - ok
15:35:15.0706 0x14f4  [ A3F5E8EC1316C3E2562B82694A251C9E, F3DC6AA6A9D3B5BBC730668FC52C1D4BB5D515D404578BDDD3D4869A7ED58822 ] C:\Windows\System32\wbem\fastprox.dll
15:35:15.0706 0x14f4  C:\Windows\System32\wbem\fastprox.dll - ok
15:35:15.0712 0x14f4  [ EE26D130808D16C0E417BBBED0451B34, 4886DCE4FAEF146A40BABD492A8000A2022FEA542A6135A9BAFD4CD09297B4E5 ] C:\Windows\System32\ntdsapi.dll
15:35:15.0712 0x14f4  C:\Windows\System32\ntdsapi.dll - ok
15:35:15.0718 0x14f4  [ 666A60F6F5E719856FF6254E0966EFF7, 58C072E7E215991E19C1CA062C476081982F7B9F039714539AE7FEB4981C200F ] C:\Windows\System32\wbem\wbemprox.dll
15:35:15.0718 0x14f4  C:\Windows\System32\wbem\wbemprox.dll - ok
15:35:15.0725 0x14f4  [ FDC385A0F7D7DD880C4622D1DF08ABE9, D9596264D98B09A5C44DD63B69B7253377B5FF237B6F2C4F97258E86FFAD055A ] C:\Windows\System32\ntprint.dll
15:35:15.0725 0x14f4  C:\Windows\System32\ntprint.dll - ok
15:35:15.0731 0x14f4  [ 5EB55F661DEBF156E126160BCD4D89F8, 948D1F627AA55D55FB3B558BA61B8366C5481A6041820631F24408F75EA5D2CC ] C:\Windows\System32\wbem\wbemcore.dll
15:35:15.0731 0x14f4  C:\Windows\System32\wbem\wbemcore.dll - ok
15:35:15.0737 0x14f4  [ 087D8668C71634A3A3761135ABF16EEE, B7348A63299CFF4FFBF375E645A4850AE0F108D48D13AB25434CFAE7CF3D61FD ] C:\Windows\System32\wbem\esscli.dll
15:35:15.0737 0x14f4  C:\Windows\System32\wbem\esscli.dll - ok
15:35:15.0744 0x14f4  [ 718B6F51AB7F6FE2988A36868F9AD3AB, 76141B4E94C2766E2C34CEF523092948771A7893212EFADBE88D2171B85FF012 ] C:\Windows\System32\wbem\wbemsvc.dll
15:35:15.0744 0x14f4  C:\Windows\System32\wbem\wbemsvc.dll - ok
15:35:15.0750 0x14f4  [ 0143DB80DACFB7C2B5B7009ED9063353, 252885CF7C1BAB89B86908373546E5F5D674BEF7AACBDDCF321AD877CB9150A9 ] C:\Windows\System32\wbem\wmiutils.dll
15:35:15.0750 0x14f4  C:\Windows\System32\wbem\wmiutils.dll - ok
15:35:15.0756 0x14f4  [ 0AB34456654C283DAA13B8D2BA21439B, 4B70FC5195DE39564E951C8542020BA3D4257E3D4488F69825F67A6099CB7549 ] C:\Windows\System32\wbem\repdrvfs.dll
15:35:15.0756 0x14f4  C:\Windows\System32\wbem\repdrvfs.dll - ok
15:35:15.0762 0x14f4  [ 522B0466ED967A0762E9AF5B37D8F40A, B14C62D059BC7CF430E1B0F6E18E31EFD1959EFB3025A2B0EBB11751F38DD6D4 ] C:\Windows\System32\esent.dll
15:35:15.0763 0x14f4  C:\Windows\System32\esent.dll - ok
15:35:15.0768 0x14f4  [ 31D81EB989195E02116DA07CEFA7E1ED, 7AAA0ABE2A3E022541AE62B425EAB75EB4A0CA904E75A9BCAAA70C485B3AED53 ] C:\PVSW\bin\w3enc108.dll
15:35:15.0769 0x14f4  C:\PVSW\bin\w3enc108.dll - ok
15:35:15.0775 0x14f4  [ 93812FDC01AA864195816CD814445F95, E5CB2576DA2905177AFD342DBE63E17CF626F93F430DEBC55155C18C60166BEE ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
15:35:15.0775 0x14f4  C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
15:35:15.0781 0x14f4  [ B837D1528CE2E3CB79F09496BC08DDC6, ACD54CE61CFE94F23DC283537AD8FFBEB3D6041BD30317B60BA7A10FCB240A27 ] C:\Windows\System32\SensApi.dll
15:35:15.0781 0x14f4  C:\Windows\System32\SensApi.dll - ok
15:35:15.0787 0x14f4  [ 9689A9C7F7C2A1A423CDA2C3B43FFF65, 914AD22D98975578BC14D821F72E8DFCE24F2092F9C299D24EBBAF5408FE8B8B ] C:\Windows\System32\wer.dll
15:35:15.0788 0x14f4  C:\Windows\System32\wer.dll - ok
15:35:15.0794 0x14f4  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] C:\Windows\System32\drivers\srv2.sys
15:35:15.0794 0x14f4  C:\Windows\System32\drivers\srv2.sys - ok
15:35:15.0800 0x14f4  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] C:\Windows\System32\iphlpsvc.dll
15:35:15.0800 0x14f4  C:\Windows\System32\iphlpsvc.dll - ok
15:35:15.0810 0x14f4  [ 7523E7D2AB0C49585C0C199264B2BD73, C8E2E0DE2DB7CBC3DD86D4A4A7CB36848B38F8D108DA260C4165F154297BE6DA ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
15:35:15.0810 0x14f4  C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
15:35:15.0816 0x14f4  [ 371948BC5911ABA06168FAC91ED25F06, 3DBBBC961627033613338418987F163C390750E2C5C64FF8B49E7E5B3BE92506 ] C:\Windows\System32\msxml3.dll
15:35:15.0816 0x14f4  C:\Windows\System32\msxml3.dll - ok
15:35:15.0820 0x14f4  [ 27B9E163740A226B65E4B9E186117911, 17411C6A6C1E699BC4B0C04D782FD9AA09CF577DBA41E743F7588904D489CB9F ] C:\Windows\System32\sqmapi.dll
15:35:15.0820 0x14f4  C:\Windows\System32\sqmapi.dll - ok
15:35:15.0826 0x14f4  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] C:\Windows\System32\drivers\srv.sys
15:35:15.0827 0x14f4  C:\Windows\System32\drivers\srv.sys - ok
15:35:15.0831 0x14f4  [ 7B38D7916A7CD058C16A0A6CA5077901, 3F6DD990E2DA5D3BD6D65A72CBFB0FE79EB30B118A8AD71B6C9BB5581A622DCE ] C:\Windows\System32\wdscore.dll
15:35:15.0831 0x14f4  C:\Windows\System32\wdscore.dll - ok
15:35:15.0838 0x14f4  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] C:\Windows\System32\rasmans.dll
15:35:15.0838 0x14f4  C:\Windows\System32\rasmans.dll - ok
15:35:15.0844 0x14f4  [ 44C96B48112EB24AE7764EBF1C527000, 6691D008C834686906B4841EF27604B0F0E70E668C09CEE19369426BF168AF44 ] C:\Windows\System32\rastapi.dll
15:35:15.0845 0x14f4  C:\Windows\System32\rastapi.dll - ok
15:35:15.0851 0x14f4  [ FAFAE01E889DC9C05A6CA2138CFC220B, 192CFDE3593ED0A9B397461D912074C0F062015C23E6F6658571C7C2864D9A51 ] C:\Windows\System32\tapi32.dll
15:35:15.0851 0x14f4  C:\Windows\System32\tapi32.dll - ok
15:35:15.0857 0x14f4  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] C:\Windows\System32\srvsvc.dll
15:35:15.0857 0x14f4  C:\Windows\System32\srvsvc.dll - ok
15:35:15.0863 0x14f4  [ 70A176BF2ED362862944C371838262F8, 7F54164AB73160826991B565D1B1804BA9F6223830503B5A4F84B7E8AEFAF6A1 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
15:35:15.0864 0x14f4  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
15:35:15.0867 0x14f4  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] C:\Windows\System32\browser.dll
15:35:15.0867 0x14f4  C:\Windows\System32\browser.dll - ok
15:35:15.0874 0x14f4  [ 3B367397320C26DBA890B260F80D1B1B, 50BBE71B4380B5E86E197AF86F5C08266DD6B12344BA4ABDEA604B8C774C4147 ] C:\Windows\System32\hnetcfg.dll
15:35:15.0874 0x14f4  C:\Windows\System32\hnetcfg.dll - ok
15:35:15.0880 0x14f4  [ CFEFA40DDE34659BE5211966EAD86437, AC0A3AD8AA47012C40785013E2273FC571F416BC9C9FFDA418FE72B3123C1FB0 ] C:\Windows\System32\netmsg.dll
15:35:15.0880 0x14f4  C:\Windows\System32\netmsg.dll - ok
15:35:15.0886 0x14f4  [ 81749E073AC5857B044A686B406E5244, 3884EE705CA34235B29942FEDA8FEA654A21139B8C2A1D5E009C7D07D6E6ADF1 ] C:\Windows\System32\clusapi.dll
15:35:15.0886 0x14f4  C:\Windows\System32\clusapi.dll - ok
15:35:15.0893 0x14f4  [ FF80CAD87555E8E4D2CFD7B9058343F8, 07653773FBEC1996408B8507B08E0E1E812830063F932F897F4B39EE63DDCDC4 ] C:\Windows\System32\sscore.dll
15:35:15.0893 0x14f4  C:\Windows\System32\sscore.dll - ok
15:35:15.0899 0x14f4  [ D2A0FFA75AB181B19B5EB93BB29C7686, AC282D5EFFB191492F14638EB80F18E53C4A3D26C94A00A949366B3564D6C3E2 ] C:\Windows\System32\unimdm.tsp
15:35:15.0899 0x14f4  C:\Windows\System32\unimdm.tsp - ok
15:35:15.0905 0x14f4  [ 94B7DF336815B47236724019FAB24B7C, 43549F1FB89D0585A0E0333BB8E1DDED2EBD0F3C0EC3EA93B238EA037188AA41 ] C:\Windows\System32\uniplat.dll
15:35:15.0905 0x14f4  C:\Windows\System32\uniplat.dll - ok
15:35:15.0911 0x14f4  [ 7C1BAE7D23D4874FEE256A2B9C00E019, 4EE87C2F0CACE557AA159349133474A5857B6667DDB976BA5A18489A3333F798 ] C:\Windows\System32\hidphone.tsp
15:35:15.0911 0x14f4  C:\Windows\System32\hidphone.tsp - ok
15:35:15.0917 0x14f4  [ 41326DD08ACC0CDC5F8177AF96C066E8, 9C21BB553EEDD28272E865396C9EF94655EC1CF216290A56581AEF7908B7AFDD ] C:\Windows\System32\kmddsp.tsp
15:35:15.0917 0x14f4  C:\Windows\System32\kmddsp.tsp - ok
15:35:15.0923 0x14f4  [ 1D6BC2769DA66C1145F4DA5A65F52E61, B38EFF16652E751BF3B3BD85DA6EA33AB9B7F4228C59F741074E33085DB66ED0 ] C:\Windows\System32\ndptsp.tsp
15:35:15.0923 0x14f4  C:\Windows\System32\ndptsp.tsp - ok
15:35:15.0929 0x14f4  [ 344FCC9850C3A8A3B4D3C65151AF8E4C, C38853454E153B1AB4AEAE1AAFB7CB4B2E6234208CF24C09F3B2AFE25E271C5C ] C:\Windows\System32\resutils.dll
15:35:15.0929 0x14f4  C:\Windows\System32\resutils.dll - ok
15:35:15.0936 0x14f4  [ A717A35120DBAB5AB707AB40662AF9DD, DE117E70D0AC7FC26BBCEAAB45A0270A1065B36CC8B062B4128B561F2AAA9E04 ] C:\Windows\System32\rasppp.dll
15:35:15.0936 0x14f4  C:\Windows\System32\rasppp.dll - ok
15:35:15.0941 0x14f4  [ 0FE5CD5F9C9248F42D1EF56E495B182E, 1EBD40C119A3D3251A19A8D15669D9DCB5D3CFBC3AFCF1CD00101C31320243E1 ] C:\Windows\System32\vpnike.dll
15:35:15.0941 0x14f4  C:\Windows\System32\vpnike.dll - ok
15:35:15.0947 0x14f4  [ 6A84E68B538B8B04608BF2F0D426CE6F, 59CE1C06364D1BBEE853DA4AEC1E8B678D6E181723ACCF6DB9F9776CAD47BBDA ] C:\Windows\System32\raschap.dll
15:35:15.0947 0x14f4  C:\Windows\System32\raschap.dll - ok
15:35:15.0957 0x14f4  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] C:\Windows\System32\ipnathlp.dll
15:35:15.0957 0x14f4  C:\Windows\System32\ipnathlp.dll - ok
15:35:15.0964 0x14f4  [ 2DF29664ED261F0FC448E58F338F0671, 4EFE79C383D0AF126FC4EE668D822563F8F037B1E61D73747A35FE11AAFDB8CE ] C:\Windows\System32\mprapi.dll
15:35:15.0964 0x14f4  C:\Windows\System32\mprapi.dll - ok
15:35:15.0969 0x14f4  [ A42F2C1EB3B66C54FB3C7B79D30C1A6D, A63836DB3B01835DC1311526A95198D6EBCCB1DC9DDAFBC38EC36C128CDB98B9 ] C:\Windows\System32\netshell.dll
15:35:15.0969 0x14f4  C:\Windows\System32\netshell.dll - ok
15:35:15.0976 0x14f4  [ 1C3B7C36945E690C6A67303629C597C6, 2F039690679A355D9CC72C89ED1BF18FE809298554E5FA939A5C1A7FC94BF437 ] C:\PVSW\bin\w3mkde.dll
15:35:15.0976 0x14f4  C:\PVSW\bin\w3mkde.dll - ok
15:35:15.0982 0x14f4  [ 58E24349391215778F2C83CF1DB1A6BB, 2789687A09AA76195E1991DF5263CC65C863EBBE3EA74694F87FAE74E73C82CB ] C:\PVSW\bin\enginelm.dll
15:35:15.0982 0x14f4  C:\PVSW\bin\enginelm.dll - ok
15:35:15.0987 0x14f4  [ 165B314007C759BF60A044351B0EB6E5, A9B54BC553749275E4745A63979F491DD3C0830F503BE0A63803CA207EF457DA ] C:\PVSW\bin\mkderb.dll
15:35:15.0987 0x14f4  C:\PVSW\bin\mkderb.dll - ok
15:35:15.0994 0x14f4  [ C34BDE18082DE98FE7BFE6FBCBA81704, DA22DC5CEB8D684BF68C205EBE6555D93BB07BC8FBCA4D1515AAD74D3562E41D ] C:\PVSW\bin\w3nsl251.dll
15:35:15.0994 0x14f4  C:\PVSW\bin\w3nsl251.dll - ok
15:35:16.0000 0x14f4  [ 3A0B196CA213F506BB32A0A088986B87, D0EBCB360C588CA28E761A823ECBA91BF95DB41505DC0A20439DDCD10B4239A6 ] C:\PVSW\bin\W3csm100.dll
15:35:16.0000 0x14f4  C:\PVSW\bin\W3csm100.dll - ok
15:35:16.0006 0x14f4  [ 807B6562009E5858C93E1C0F435C0382, 7E523EC452BEDBDA6164B28F43B6210E07F32EC5A8663609B59FD75B8529BABB ] C:\Windows\SysWOW64\netbios.dll
15:35:16.0006 0x14f4  C:\Windows\SysWOW64\netbios.dll - ok
15:35:16.0012 0x14f4  [ CB21D826D9C39AED19DD431C1880F5DE, F1FD0F1A54F196B19A6F21044092C89C02353DAD173C236D80F6474CB8A7EA7F ] C:\PVSW\bin\msvcp60.dll
15:35:16.0012 0x14f4  C:\PVSW\bin\msvcp60.dll - ok
15:35:16.0019 0x14f4  [ 2EF6D2725C8A7108BB10DB14F70E0ECD, 277FFE68C5FA00147A6441D0C681D5D2200B5181B3197C5B893E0AEDED567110 ] C:\PVSW\bin\w3csp100.dll
15:35:16.0019 0x14f4  C:\PVSW\bin\w3csp100.dll - ok
15:35:16.0024 0x14f4  [ 8150A07BDE191CCCDB68CD04A25FF353, 781B3B61D11CA6E5CD4D749C889536043C63C887EC34EEABBFCB33338FB3379D ] C:\PVSW\bin\legacylm.dll
15:35:16.0024 0x14f4  C:\PVSW\bin\legacylm.dll - ok
15:35:16.0030 0x14f4  [ 64593943172BB0FBAC213435FA086610, 84C871E668BA55C3ED8EDE9391372DBDAE5AB8C5ABDE9A2B1239A454CD3EB0F2 ] C:\PVSW\bin\w3exp010.dll
15:35:16.0031 0x14f4  C:\PVSW\bin\w3exp010.dll - ok
15:35:16.0036 0x14f4  [ 8E1F1BBDFCC343BF9DE180376B9FCA35, 591FF9EDFCD9C1A87C6067A28ACA2E5C6811CEABC3481D3B01E1CB1C46AE6112 ] C:\PVSW\bin\dbcsipxy.dll
15:35:16.0036 0x14f4  C:\PVSW\bin\dbcsipxy.dll - ok
15:35:16.0042 0x14f4  [ FD41F1B0506B5B8BA8FBD525E51A9594, 8908BC0A1FA41C9FC4C0A70186567B9AA11033F31A83CABFE14E9F3BC4B55AD8 ] C:\PVSW\bin\w3csi100.dll
15:35:16.0042 0x14f4  C:\PVSW\bin\w3csi100.dll - ok
15:35:16.0048 0x14f4  [ DBBFC38C5533A95452AEF2B45138235E, 244FD064B777338317293805D5451B4370C8212AA6BE8DEFB23BC5F9A4BE831D ] C:\PVSW\bin\w3dcm100.dll
15:35:16.0048 0x14f4  C:\PVSW\bin\w3dcm100.dll - ok
15:35:16.0054 0x14f4  [ 0789F6E83D3F7381843AF21D35AF2AB9, 4CC63585415A5AE8487D9C223E30ADB46BB257B455652B592A2E03F68E3DA2E6 ] C:\PVSW\bin\w3comsrv.dll
15:35:16.0054 0x14f4  C:\PVSW\bin\w3comsrv.dll - ok
15:35:16.0061 0x14f4  [ CC19D5C677D333A7E32DF9C1579C7E9E, 2B5FD5CB185555F266B2EC430FA09A6059D4D2C5925D3A171000BBCE9201EA45 ] C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.BSA\MSSQL\Binn\sqlscriptupgrade.dll
15:35:16.0061 0x14f4  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.BSA\MSSQL\Binn\sqlscriptupgrade.dll - ok
15:35:16.0067 0x14f4  [ DDD0357A92FA843EFF8915ED17253D6C, 0C78B1D41F0A7821186ADF653504F2BFF067CB512CB0E932047C301378BBADB6 ] C:\Windows\System32\wbem\WmiPrvSD.dll
15:35:16.0067 0x14f4  C:\Windows\System32\wbem\WmiPrvSD.dll - ok
15:35:16.0074 0x14f4  [ D41FEBD098234F02485A4EA98D4730A4, 462DC8168C444F35B43BA3B8F7D77734665D84F1C6D25CAD7391C0145961628F ] C:\Windows\System32\ncobjapi.dll
15:35:16.0074 0x14f4  C:\Windows\System32\ncobjapi.dll - ok
15:35:16.0080 0x14f4  [ 6F40D6FB05E0C1E5402812B426971AF0, E41F138F0F2DB057F8DBB1587237C6FA8A2059B3D64EC894D1DC492A18DBBDED ] C:\Windows\System32\wbem\wbemess.dll
15:35:16.0080 0x14f4  C:\Windows\System32\wbem\wbemess.dll - ok
15:35:16.0086 0x14f4  [ 6C885DD270446B351257FF0216AB1586, 8ACC7057F983AF29A8791461C87A57441862D913927472B07DD90ACCE2F908C0 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
15:35:16.0086 0x14f4  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll - ok
15:35:16.0093 0x14f4  [ ED22407FA2414237B39F13539FBCC79A, 0C3A3933297B3F087C25F73A6C62A14FB424D844BBBDD893014377CD38CE48C2 ] C:\PVSW\bin\w3mgrres.dll
15:35:16.0093 0x14f4  C:\PVSW\bin\w3mgrres.dll - ok
15:35:16.0099 0x14f4  [ 90EB7ABB474FCA07B1B71B8EE8B0A37D, AC969AB9686DE7DD60D92CCC38799A8826E3D1EE2B84AF04395D1AA80EABFAFB ] C:\PVSW\bin\w3mgrrsx.dll
15:35:16.0099 0x14f4  C:\PVSW\bin\w3mgrrsx.dll - ok
15:35:16.0105 0x14f4  [ 33E8BE80F5A3CBD4166C482B4E2C72B2, 01C2F5C0AA72ACCF0DC9AEE71C0E46982851B789BD51206EBA30FD06F6752E75 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
15:35:16.0105 0x14f4  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll - ok
15:35:16.0112 0x14f4  [ E3E811471DE781900FF21C1FD84E941E, 2A47FF52D1D6480AAD1919382E783EA184BF926311F8C7E466FEBE9F6FB88FD6 ] C:\Windows\SysWOW64\ntdsapi.dll
15:35:16.0112 0x14f4  C:\Windows\SysWOW64\ntdsapi.dll - ok
15:35:16.0118 0x14f4  [ 3FE8B1FBE7792C27BD4F6BFAB66D306E, 889497F15BB0758D51E64E08F07CCDDB036E57D64FF10F0D469C2F1DB9F31800 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\0a7b20934d7587787e7dae923d1614f4\System.Deployment.ni.dll
15:35:16.0118 0x14f4  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\0a7b20934d7587787e7dae923d1614f4\System.Deployment.ni.dll - ok
15:35:16.0122 0x14f4  [ 539C49CEBB3C50957AC8A09D95ECD880, 49E75CDB556FBCE72C44648F8930CF2209C1360F9311C5B4CEB19E13B11E6B75 ] C:\Windows\SysWOW64\shfolder.dll
15:35:16.0122 0x14f4  C:\Windows\SysWOW64\shfolder.dll - ok
15:35:16.0129 0x14f4  [ 4FD693D4B9AA64EE32BAA9B8D9956ACF, 3A64BB2E1BBDD3289F13BB06D5DE9A326C8D622966AD054A9958056B11A239C0 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
15:35:16.0129 0x14f4  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll - ok
15:35:16.0136 0x14f4  [ 555F35AF3B56EAAE367D767B9E2F1E8B, CB399AB961612318D244D51B90D30A24B0E76CC95ED4E73CFF2807EE799CCC04 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
15:35:16.0136 0x14f4  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll - ok
15:35:16.0142 0x14f4  [ E71F9A4A48C2F720E725AA68577616BB, 938019FB9CEF0EF18E1DE30F8D08E89B4EF61DD4D145756BC6EFBFDA6190696D ] C:\Program Files (x86)\Common Files\BS&A Shared\EmailServer\BSASoftware.BSAObjects.XmlSerializers.dll
15:35:16.0142 0x14f4  C:\Program Files (x86)\Common Files\BS&A Shared\EmailServer\BSASoftware.BSAObjects.XmlSerializers.dll - ok
15:35:16.0149 0x14f4  [ 3D7D2E825C63FF501E896CF008C70D75, 037FC52B8FC6089338EB456F2B45638ED36C42A4DCA7ACE391D166B2329838A1 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
15:35:16.0149 0x14f4  C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe - ok
15:35:16.0155 0x14f4  [ BF95EA5809E3BBF55370F7CB309FEBD0, 62ADBA6E1A7DDDEFA971580161F30896DFFC27EB4EB82E3CC72062D57DA66500 ] C:\Windows\System32\conhost.exe
15:35:16.0155 0x14f4  C:\Windows\System32\conhost.exe - ok
15:35:16.0161 0x14f4  [ C1B5307377C98F87E0152C44E9FF8DEE, E4B8CACDD50A9A6457708E3D15DDFA3CF23B444582FD37BA50444B53802FF0C7 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
15:35:16.0161 0x14f4  C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll - ok
15:35:16.0168 0x14f4  [ 24FCC3CDAE327F632CB8696E1E40F772, 1EA38207DE7DCBB6199708E5043A7D2DB290933BF963910206E2576566442003 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
15:35:16.0168 0x14f4  C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll - ok
15:35:16.0175 0x14f4  [ E955300DF949977878C705EC8681009A, 8DF0532317D5A00DF1A1CED769D1944EA5C29FED35C1038C5C9E5486EDA6CCBC ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
15:35:16.0175 0x14f4  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll - ok
15:35:16.0181 0x14f4  [ ED797D8DC2C92401985D162E42FFA450, B746362010A101CB5931BC066F0F4D3FC740C02A68C1F37FC3C8E6C87FD7CB1E ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
15:35:16.0181 0x14f4  C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - ok
15:35:16.0188 0x14f4  [ A0617B5753E31126AD29C03154F4F329, 3BC10C0A54D1D60B0C670D901944D3F115E2EBB406C989409145E7151AA55EFE ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
15:35:16.0188 0x14f4  C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
15:35:16.0195 0x14f4  [ 4FDFA3F219692D17011BF1B428857C1E, 0422101F9D47633DFF47DF022031C4221B9D395F3E23C0C6E0A54CE55D76565D ] C:\Program Files\Windows Defender\MpRTP.dll
15:35:16.0195 0x14f4  C:\Program Files\Windows Defender\MpRTP.dll - ok
15:35:16.0201 0x14f4  [ A3FCC4F97551087D65F8FEE879FEF736, 000EA00FD2644531F38D215972C22FE2BCE5B01CF483071398053099A342BF74 ] C:\Windows\System32\tdh.dll
15:35:16.0201 0x14f4  C:\Windows\System32\tdh.dll - ok
15:35:16.0208 0x14f4  [ E2700D2EDBF11D21C0782A01BC0CEE72, 7C340EBE07D5FCAA60E8C33D211804C1C130FC41D05F471B5EC432B98BB52113 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CC6ABDB6-BC24-4A00-8222-49097EB14AE5}\mpengine.dll
15:35:16.0208 0x14f4  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CC6ABDB6-BC24-4A00-8222-49097EB14AE5}\mpengine.dll - ok
15:35:16.0215 0x14f4  [ 840817432DE1FF7F8260AFA3A39E5AEB, A04449572D13F9C5BF60CE79C0A305C008EDE9A894AD84F4BFBFF124EFEC9363 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CC6ABDB6-BC24-4A00-8222-49097EB14AE5}\mpasbase.vdm
15:35:16.0215 0x14f4  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CC6ABDB6-BC24-4A00-8222-49097EB14AE5}\mpasbase.vdm - ok
15:35:16.0221 0x14f4  [ AF1642EF08945DA3F52F2AFFB3E7271A, A6FA78248F6BFDE3BBFBAEB9F6DBA9856BEC8FFE6F10CD7C7DC6527E8018604D ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CC6ABDB6-BC24-4A00-8222-49097EB14AE5}\mpasdlta.vdm
15:35:16.0221 0x14f4  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CC6ABDB6-BC24-4A00-8222-49097EB14AE5}\mpasdlta.vdm - ok
15:35:16.0228 0x14f4  [ 93BB66044FA76734E882C6F3E8EE1900, E00FE1028C999FFED3F8335F9D760929CB3A11B6EEF8D8D2F2CA4A32DEC56B26 ] C:\Program Files\Windows Defender\MsMpLics.dll
15:35:16.0228 0x14f4  C:\Program Files\Windows Defender\MsMpLics.dll - ok
15:35:16.0234 0x14f4  [ 218A400108F280428FA22282D3268BBC, 7712687ABAEF6616E90AE5A321044C102E79EC23F4A1EAFB4278C93724873CB3 ] C:\Windows\System32\wscapi.dll
15:35:16.0234 0x14f4  C:\Windows\System32\wscapi.dll - ok
15:35:16.0241 0x14f4  [ F5CEF064C7E6D95DA86B9D064A56A969, F118CD4364690F37A07AE458E043E8CFBA98F332DC9E7228C83409CF26F6EF6D ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
15:35:16.0241 0x14f4  C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
15:35:16.0247 0x14f4  [ B84E2D174DC84916A536572BB8F691A8, 94E3D68F102439D3A585D2D796F3F3FC27CB41C640058DDC14AF99A723B2CD99 ] C:\Windows\System32\wscisvif.dll
15:35:16.0247 0x14f4  C:\Windows\System32\wscisvif.dll - ok
15:35:16.0253 0x14f4  [ 6C1E3C43B35268C17833244C8ED96430, 9C571AA762E71177B6FF486D1DB500E3530E13CAFD87316AD2C64F5A55EB4A93 ] C:\Windows\System32\wscproxystub.dll
15:35:16.0253 0x14f4  C:\Windows\System32\wscproxystub.dll - ok
15:35:16.0259 0x14f4  [ A8EDB86FC2A4D6D1285E4C70384AC35A, 61B8955CE0A2AA9D0719920B30216717B349B6FBE11C697C31CFA84F859CC1AE ] C:\Windows\System32\dllhost.exe
15:35:16.0259 0x14f4  C:\Windows\System32\dllhost.exe - ok
15:35:16.0265 0x14f4  [ A0A2C1D812C231C9BFE119FDC68E341B, F94446594EE17505956A715DFB28B51D09F00A7A65E56950661B889A57DE8FA8 ] C:\Windows\System32\IDStore.dll
15:35:16.0266 0x14f4  C:\Windows\System32\IDStore.dll - ok
15:35:16.0272 0x14f4  [ 639774C9ACD063F028F6084ABF5593AD, 9DFD80610CBBC9188F6C6BC85C87016B0AE42254FC289C2B578E85282BDD9C23 ] C:\Windows\System32\taskhost.exe
15:35:16.0272 0x14f4  C:\Windows\System32\taskhost.exe - ok
15:35:16.0278 0x14f4  [ 23566F9723771108D2E6CD768AC27407, FAC0293DD1061B151E779BF4B245E6652C951FEDEBC602A166156DFBD38B5D67 ] C:\Windows\System32\AtBroker.exe
15:35:16.0279 0x14f4  C:\Windows\System32\AtBroker.exe - ok
15:35:16.0284 0x14f4  [ 5F639198C4137075DA50E61C23963C11, 3D03B3BF62B3469069AD6BE2AAEE152CB6722D36C001B8197FEBC2F3EB9ADBE0 ] C:\Windows\System32\drprov.dll
15:35:16.0284 0x14f4  C:\Windows\System32\drprov.dll - ok
15:35:16.0291 0x14f4  [ 6CEF7856A3EFAC59470F6208F0F585CE, 0F7A80DB821FDE6580E9481B6DA44844F717DDB4983B0E3D562BE43726153951 ] C:\Windows\System32\mpr.dll
15:35:16.0291 0x14f4  C:\Windows\System32\mpr.dll - ok
15:35:16.0297 0x14f4  [ BC566D17914B07ABAAB3A5A385CC3300, DCE0A1D26312AA6441FB7122C6EED980AE350D58B2B4B166CB62F983306268E9 ] C:\Windows\System32\ntlanman.dll
15:35:16.0297 0x14f4  C:\Windows\System32\ntlanman.dll - ok
15:35:16.0303 0x14f4  [ 94EEAC26F57811BD1AEFC164412F7FCE, 7390BCD7709D48DE75D7D6E06AA7356D1C58EE63F3CC2E07ABCD2E2FF6CC81CF ] C:\Windows\System32\PlaySndSrv.dll
15:35:16.0303 0x14f4  C:\Windows\System32\PlaySndSrv.dll - ok
15:35:16.0310 0x14f4  [ AC3F31BD1FC98903A03A7231829DC4CA, 8ED3842E549138F851BF506E09BFBE74911C6EC9244D6618A34B2E5E486FA695 ] C:\PROGRA~1\Lenovo\VIRTSCRL\virtscrl.exe
15:35:16.0310 0x14f4  C:\PROGRA~1\Lenovo\VIRTSCRL\virtscrl.exe - ok
15:35:16.0316 0x14f4  [ B32AB94A432289AC2DF77A3DCAD32EED, B1021C78F940E6FA7A8992B2733B593B89DA57325A0A0D13D2767F193A78D90F ] C:\Windows\System32\davclnt.dll
15:35:16.0316 0x14f4  C:\Windows\System32\davclnt.dll - ok
15:35:16.0322 0x14f4  [ 45B24A357C801CE62052FE0CDC8BD4D2, 00602E41B78473825253F6B2557A5C43FBDDCCF713D806929AE7C039FF8F185C ] C:\Windows\System32\davhlpr.dll
15:35:16.0322 0x14f4  C:\Windows\System32\davhlpr.dll - ok
15:35:16.0328 0x14f4  [ 9BB99503D6A4DD62569EDE9E5E2672A5, 6F4EA5BC50B1F929735246485263078BEF1B3BEB33F78CB1F483F13AA226C27E ] C:\Windows\System32\HotStartUserAgent.dll
15:35:16.0328 0x14f4  C:\Windows\System32\HotStartUserAgent.dll - ok
15:35:16.0334 0x14f4  [ 65EA57712340C09B1B0C427B4848AE05, 5FDCF73191BFF9DBB03886755FFCF0BC15849F0E216884A5A8B9BB375FA7C1A5 ] C:\Windows\System32\taskeng.exe
15:35:16.0334 0x14f4  C:\Windows\System32\taskeng.exe - ok
15:35:16.0341 0x14f4  [ 5183322D039A66569D27FD00987390E6, FDCF69CA879FB39816CDADE5DC4BD90A71D895DEF5FFE69BA153732027F08E29 ] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
15:35:16.0341 0x14f4  C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe - ok
15:35:16.0347 0x14f4  [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA, 8A6ACEFAB95E5275CBFBE6CCB5A6C3A6A471260B279B9063E86B9C7765E18656 ] C:\Windows\System32\MsCtfMonitor.dll
15:35:16.0347 0x14f4  C:\Windows\System32\MsCtfMonitor.dll - ok
15:35:16.0353 0x14f4  [ F09A9A1AD21FE618C4C8B0A0D830C886, 29831DDAB2AB105358FBC067CDF96428220B6743CD6019F6FE74BAC7AF325E7E ] C:\Windows\System32\msutb.dll
15:35:16.0353 0x14f4  C:\Windows\System32\msutb.dll - ok
15:35:16.0359 0x14f4  [ 7D8D43682A25A69F38F13D11AE0DD07B, 1AF5C90BB0E4ECA99E26C6E30640ED849CDB844D698DD30D76B51E048E753254 ] C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe
15:35:16.0359 0x14f4  C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe - ok
15:35:16.0365 0x14f4  [ 117945B8FE1952723B1E73BA4FB45DF1, 7227380FD6FF01136173344CCECED5F7159922561ECD643D2067EDFD26ACF51D ] C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.dll
15:35:16.0365 0x14f4  C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.dll - ok
15:35:16.0369 0x14f4  [ 254A8D98E103E06CF86CB2DA8708620F, 894769D3349BDF448B0A88C0BD3AEB7ADEEF1CFE4D4AEB2E39C1F6793586B944 ] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.dll
15:35:16.0369 0x14f4  C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.dll - ok
15:35:16.0377 0x14f4  [ 805A52C5AE26C28E88FDD9BCCFE6F312, 4FF28D3658C31722B7DD036DED9D544B14841C0E0B94D31A8EC5AB92128DA020 ] C:\Windows\System32\TSChannel.dll
15:35:16.0377 0x14f4  C:\Windows\System32\TSChannel.dll - ok
15:35:16.0382 0x14f4  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:35:16.0382 0x14f4  C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
15:35:16.0388 0x14f4  [ 61DC3F2BE3093FE22CD717260946D7AD, 51C24E1F01D239EAD7254F759E213FC6CDBB74EAA466392FF1441A9D5A300A5D ] C:\Windows\SysWOW64\urlmon.dll
15:35:16.0388 0x14f4  C:\Windows\SysWOW64\urlmon.dll - ok
15:35:16.0395 0x14f4  [ 6D6B5D52BB81F82F5D0103E6175D1F4F, 14DE1E4C28FC5F8CFFA7D925561DC1F237D55DD663836E20AA4D7485B01C261D ] C:\Program Files (x86)\Google\Update\1.3.21.165\goopdate.dll
15:35:16.0395 0x14f4  C:\Program Files (x86)\Google\Update\1.3.21.165\goopdate.dll - ok
15:35:16.0401 0x14f4  [ 1C60E09CA1C3A045BC4D367F67C915B7, DF1ED88CB57DA1AB1A4245AE0D5B42AFA3396EBF67B99411FFFB0DD06DE1AEAF ] C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
15:35:16.0401 0x14f4  C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
15:35:16.0408 0x14f4  [ 49ACA548B2423F1C67898E6AC719A9A6, 23D84137EAB9AFDD31CBB6776B6B25AD135A120AF7F7885EB5BBF9E0A2CCC4C1 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
15:35:16.0408 0x14f4  C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
15:35:16.0414 0x14f4  [ A6C29DB53ECA94FA8591C5388D604B82, F25E95BA669422286A8FA3A68E0C639A2F06319B6DC8FA641C965CFB27A50BD6 ] C:\Windows\SysWOW64\msi.dll
15:35:16.0414 0x14f4  C:\Windows\SysWOW64\msi.dll - ok
15:35:16.0420 0x14f4  [ F10454A577C8FB6CC529FDFFB7B04E9F, BCDB8F3B20FF8DD3DD26FC5EE98D5B9FF8350575638F0F72B3053FD0871F5306 ] C:\Program Files\Lenovo\HOTKEY\HKVOLKEY.dll
15:35:16.0420 0x14f4  C:\Program Files\Lenovo\HOTKEY\HKVOLKEY.dll - ok
15:35:16.0427 0x14f4  [ E07CF32207C7BD95AA04A982755CDFA8, B5BE97695613A60DA57DCFE22B65EDA69776C210D1A4587E4BB3AAD3FAE6DA32 ] C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
15:35:16.0427 0x14f4  C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe - ok
15:35:16.0433 0x14f4  [ 18AB2E5A40064ED5F7791AC5946A90F3, B7536CE56702C23B1CEC3E1B6C78866E0A76808B85A92AF3733D9ED9429E004C ] C:\Windows\SysWOW64\msimg32.dll
15:35:16.0433 0x14f4  C:\Windows\SysWOW64\msimg32.dll - ok
15:35:16.0439 0x14f4  [ 71650FBFB6342529979729EC2F4168D9, D32C88F5885D5464CBA7316BC9F447EB1EF28FA272FA0987C60C89379DED6038 ] C:\Program Files\Lenovo\HOTKEY\TPLHMM.dll
15:35:16.0439 0x14f4  C:\Program Files\Lenovo\HOTKEY\TPLHMM.dll - ok
15:35:16.0445 0x14f4  [ 53223B673A3FA2F9A4D1C31C8D3F6CD8, B07A12E3ECD5E418A3F99F00C56E7F482F68CADE330E7C079DCCDFFAD2E21299 ] C:\Windows\SysWOW64\dbghelp.dll
15:35:16.0445 0x14f4  C:\Windows\SysWOW64\dbghelp.dll - ok
15:35:16.0452 0x14f4  [ CF7B0E597C1F34E528285495721DEEE9, 59D8590D487F31DF38E389DF41D96951D14FC759E14F683465C17C0CAABD568F ] C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
15:35:16.0452 0x14f4  C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe - ok
15:35:16.0459 0x14f4  [ 0DC0DE2966A6DBA4CFBF6639DF44F5BA, 815055681F21099CC227124E5A2F971F0E3C2FD0917DC40E78283F139766F25F ] C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
15:35:16.0459 0x14f4  C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe - ok
15:35:16.0465 0x14f4  [ C5A99A4C0DC9F0F5A95BA0C83D30A549, F99CCCE303F0FC07D82D3BBA223E8CCE41FB7FA8FB5C2A9214C161826537C7C9 ] C:\Windows\SysWOW64\mstask.dll
15:35:16.0465 0x14f4  C:\Windows\SysWOW64\mstask.dll - ok
15:35:16.0471 0x14f4  [ A7A8CA53D9C9FD90C07AB0EB38E5316B, B98722E76601A98F038F40703C4B8BD21B5EC3B65DC1B07B7C367C06448F8A0E ] C:\Windows\System32\dbghelp.dll
15:35:16.0471 0x14f4  C:\Windows\System32\dbghelp.dll - ok
15:35:16.0477 0x14f4  [ FCE23E27F62989AD0BB88E256E847A41, 80F7C8747EF15F2637BDB428E2AB6E80D3F591D2EFC9D40D444F156EF036BF51 ] C:\Windows\System32\CertPolEng.dll
15:35:16.0477 0x14f4  C:\Windows\System32\CertPolEng.dll - ok
15:35:16.0483 0x14f4  [ BAFE84E637BF7388C96EF48D4D3FDD53, 11C194D9ADCE90027272C627D7FBF3BA5025FF0F7B26A8333F764E11E1382CF9 ] C:\Windows\System32\userinit.exe
15:35:16.0483 0x14f4  C:\Windows\System32\userinit.exe - ok
15:35:16.0489 0x14f4  [ F162D5F5E845B9DC352DD1BAD8CEF1BC, 8A7B7528DB30AB123B060D8E41954D95913C07BB40CDAE32E97F9EDB0BAF79C7 ] C:\Windows\System32\dwm.exe
15:35:16.0490 0x14f4  C:\Windows\System32\dwm.exe - ok
15:35:16.0496 0x14f4  [ FCFCD1101C5DA23B4B95F93D02B2C169, 040A086875B6C5475490A2F8B0CF4FF20DDB4FEDFE5FCABBA49692AA05F40527 ] C:\Windows\System32\dwmredir.dll
15:35:16.0496 0x14f4  C:\Windows\System32\dwmredir.dll - ok
15:35:16.0502 0x14f4  [ 4BA77A5EF71C14C764B0ED4701683E3E, 066A064CDBE09BF8BE1DF5B259F30FF6C124A1C3D637800D3E19E8E25EDB950E ] C:\Windows\System32\dwmcore.dll
15:35:16.0502 0x14f4  C:\Windows\System32\dwmcore.dll - ok
15:35:16.0508 0x14f4  [ 9AE80F6A66B30E3ED8CDF858CF28B11B, A93E470DC54E3C74C10979D49CABB9A34893F9E847F88491F935DB44EEC3541A ] C:\Windows\System32\d3d10_1.dll
15:35:16.0508 0x14f4  C:\Windows\System32\d3d10_1.dll - ok
15:35:16.0514 0x14f4  [ 63F72417CA38D8FC8F53709649B589E3, 39AE8AFFCFB8A9E345FC4C6F11926F25552C464380F88CDECD299FD27AF7866B ] C:\Windows\System32\d3d10_1core.dll
15:35:16.0514 0x14f4  C:\Windows\System32\d3d10_1core.dll - ok
15:35:16.0520 0x14f4  [ 8DFB5752FCE145A6B295093C0A8BE131, F38029C8B36EFD46B1F6CCA0089FF4EFB0AB246497E38EDFF6A67FAC804D4A97 ] C:\Windows\System32\dxgi.dll
15:35:16.0520 0x14f4  C:\Windows\System32\dxgi.dll - ok
15:35:16.0526 0x14f4  [ 4C92EB7535CAA1681A77D928FBF9771F, 7D02B2357CA02393CA711C3C499AAD86B792EEFFDC67F2CE52F7F7BB8A28DE79 ] C:\Windows\System32\d3d11.dll
15:35:16.0526 0x14f4  C:\Windows\System32\d3d11.dll - ok
15:35:16.0532 0x14f4  [ 332FEAB1435662FC6C672E25BEB37BE3, 6BED1A3A956A859EF4420FEB2466C040800EAF01EF53214EF9DAB53AEFF1CFF0 ] C:\Windows\explorer.exe
15:35:16.0532 0x14f4  C:\Windows\explorer.exe - ok
15:35:16.0538 0x14f4  [ 4A7FE21F55C24E49C7AAB4AB99F29303, 684335B0D6DEF93C34D90EEBB63CF7EFA45CA56DB460645566D675C0C3C59889 ] C:\Windows\System32\aticfx64.dll
15:35:16.0538 0x14f4  C:\Windows\System32\aticfx64.dll - ok
15:35:16.0545 0x14f4  [ 1B3A6410BF0B1D50D0D0C1644396970F, F488ED4D5663D4490C49C2455F1556517B752ECE719360322D3C94010CCCDFA9 ] C:\Windows\System32\atidxx64.dll
15:35:16.0545 0x14f4  C:\Windows\System32\atidxx64.dll - ok
15:35:16.0551 0x14f4  [ 9F913BEC08ADA836ECA33A26B2A07413, 7CFB39E5F55B2803E9C2DE24AA605BE3E8D2C667B1D230EFAD2AF6BC7507E90D ] C:\Windows\System32\atiuxp64.dll
15:35:16.0551 0x14f4  C:\Windows\System32\atiuxp64.dll - ok
15:35:16.0557 0x14f4  [ EED05D42D91835064703E2318552ED25, E9EE1E2253445B207B76F5D3073C612ED979A982522C1515E0FE8FA9641AE568 ] C:\Windows\System32\ExplorerFrame.dll
15:35:16.0557 0x14f4  C:\Windows\System32\ExplorerFrame.dll - ok
15:35:16.0563 0x14f4  [ 49E5753D923F1AC63B22D3DCB0B47E00, 14CEC0BF5F625FF839A8D79B4A6B7C4AC0CBB705FD197C6B7FF8617C6C3E34FE ] C:\Windows\System32\uDWM.dll
15:35:16.0563 0x14f4  C:\Windows\System32\uDWM.dll - ok
15:35:16.0569 0x14f4  [ 6F8EB694504B5A797317BDAB5DBA6B45, 4D0ADFBA37BC1FB1AAD0D47B809A8AA06D8FD758E228228110AA323A67F36098 ] C:\Users\Brenda\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
15:35:16.0570 0x14f4  C:\Users\Brenda\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll - ok
15:35:16.0576 0x14f4  [ 241AF87821FDA0F5792037B779F49BE0, B3F4FDA27430ACC6D6BC1C3CBD518B9CAE5BA0F22AB8917578A7F16270F94C8B ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
15:35:16.0576 0x14f4  C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
15:35:16.0583 0x14f4  [ D233C7FEAE3FAA25F93A9E6B46815ADC, 5330682AE9C08E5F2E30C5E256B91028389BBBDDAA8C38950DF76616FCA854FF ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
15:35:16.0583 0x14f4  C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
15:35:16.0589 0x14f4  [ 024352FEEC9042260BB4CFB4D79A206B, 60CB39086E10C5B66EBC15E4DF219620B344B4358D2918AB6BB3448A0AC8BE36 ] C:\Windows\System32\EhStorShell.dll
15:35:16.0589 0x14f4  C:\Windows\System32\EhStorShell.dll - ok
15:35:16.0596 0x14f4  [ 037A719DAD50603202C978CD802623E4, BD4C222913D32D7CF5FE0201FEBE7BD67FC39DF47A7A672C2D6C228A6E13B5DE ] C:\Windows\System32\ntshrui.dll
15:35:16.0596 0x14f4  C:\Windows\System32\ntshrui.dll - ok
15:35:16.0602 0x14f4  [ 1D63F4366288B8A7595397E27010FD44, 99EA4DDD88D9C4A4CC9B238F533CB4D2C062D46239173997E8594D8A75811A01 ] C:\Windows\System32\IconCodecService.dll
15:35:16.0602 0x14f4  C:\Windows\System32\IconCodecService.dll - ok
15:35:16.0609 0x14f4  [ 220159496484D34009DE71CA1A68E0D4, 94BD3DEB4E84F95D80BE5775E5A612EFF181ECB212FB668674C67AD19194DE69 ] C:\Windows\System32\wbem\NCProv.dll
15:35:16.0609 0x14f4  C:\Windows\System32\wbem\NCProv.dll - ok
15:35:16.0615 0x14f4  [ 41DF7355A5A907E2C1D7804EC028965D, 207BFEC939E7C017C4704BA76172EE2C954F485BA593BC1BC8C7666E78251861 ] C:\Windows\System32\wermgr.exe
15:35:16.0615 0x14f4  C:\Windows\System32\wermgr.exe - ok
15:35:16.0621 0x14f4  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] C:\Windows\System32\appinfo.dll
15:35:16.0621 0x14f4  C:\Windows\System32\appinfo.dll - ok
15:35:16.0625 0x14f4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] C:\Windows\System32\wdi.dll
15:35:16.0625 0x14f4  C:\Windows\System32\wdi.dll - ok
15:35:16.0632 0x14f4  [ F7073C962C4FB7C415565DDE109DE49F, 781E7088DCEFBC34A808C3E7DA41A56112B3F23ABE9F54B5EF4D5CD9CD016B1D ] C:\Windows\System32\npmproxy.dll
15:35:16.0632 0x14f4  C:\Windows\System32\npmproxy.dll - ok
15:35:16.0638 0x14f4  [ F50F7984FDD151EDD8A70A8DBD9E2A44, 45E7ECA40298B233D124993D6C9D4FBBF05E9A843F4DE089317342B3D8A83696 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
15:35:16.0638 0x14f4  C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll - ok
15:35:16.0644 0x14f4  [ 919001D2BB17DF06CA3F8AC16AD039F6, 5169ACFBE9E9D4C4012773ECDD28231C952675EF0C272A40F226E7B5D671B18B ] C:\Windows\SysWOW64\sxs.dll
15:35:16.0645 0x14f4  C:\Windows\SysWOW64\sxs.dll - ok
15:35:16.0650 0x14f4  [ C8E8B8239FCF17BEA10E751BE5854631, CB869195E78AB613CEF50AE3B247F0E4E42F233A7AAF5B2BFC5ADEA2C45C5F8D ] C:\Windows\System32\FXSRESM.dll
15:35:16.0651 0x14f4  C:\Windows\System32\FXSRESM.dll - ok
15:35:16.0656 0x14f4  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] C:\Windows\System32\IPSECSVC.DLL
15:35:16.0656 0x14f4  C:\Windows\System32\IPSECSVC.DLL - ok
15:35:16.0662 0x14f4  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] C:\Windows\System32\aelupsvc.dll
15:35:16.0663 0x14f4  C:\Windows\System32\aelupsvc.dll - ok
15:35:16.0669 0x14f4  [ 9BC93C9ACFA34DB5A41B89357B31E4ED, C3B9DDCB31970F91F8CAF85D2431903DB1738872775EEFD6712B7646BDE1250C ] C:\Windows\System32\FwRemoteSvr.dll
15:35:16.0669 0x14f4  C:\Windows\System32\FwRemoteSvr.dll - ok
15:35:16.0675 0x14f4  [ BF4AC709BE5BF64F331F5D67773A0C82, 96E5A2A12D386B8A7976FEC76FD350E6A3EEBDF5763F4BBF4AB18880E9F269E0 ] C:\Windows\System32\perftrack.dll
15:35:16.0675 0x14f4  C:\Windows\System32\perftrack.dll - ok
15:35:16.0681 0x14f4  [ 4449D23E8F197862F1B16F1E6C89C36C, 93AF52BF8E870C0381F027D3BB8F6829E449242074472F1593EB8172D7EB6559 ] C:\Windows\System32\diagperf.dll
15:35:16.0681 0x14f4  C:\Windows\System32\diagperf.dll - ok
15:35:16.0687 0x14f4  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] C:\Windows\System32\wpdbusenum.dll
15:35:16.0687 0x14f4  C:\Windows\System32\wpdbusenum.dll - ok
15:35:16.0693 0x14f4  [ 025E7DBDB98866ED3CB2D4DDA70B364D, 78962F23F066E362AF1A4B98FA7D5E30AF30C561307438503031D30C944B6A6E ] C:\Windows\System32\runonce.exe
15:35:16.0693 0x14f4  C:\Windows\System32\runonce.exe - ok
15:35:16.0700 0x14f4  [ E64D9EC8018C55873B40FDEE9DBEF5B3, 2DB11E7C631A9887CB75AFEAD2C79EC65F82C51F5F073CEFC8CDDF664EFF29C1 ] C:\Windows\System32\PortableDeviceApi.dll
15:35:16.0700 0x14f4  C:\Windows\System32\PortableDeviceApi.dll - ok
15:35:16.0706 0x14f4  [ 9719E3D834F5C8C43F56A93DFA497023, 4D78D4BD4835C0A237821967156C19DF4B90384A6BCB1F48CEAF35D003A0099A ] C:\Windows\System32\pnpts.dll
15:35:16.0706 0x14f4  C:\Windows\System32\pnpts.dll - ok
15:35:16.0712 0x14f4  [ D44741F65A1D71F65814A12CF6E2400A, C6721F830675ADC7E7FDE2B5E822E56F6A063146F5066F1E25EBFE86F0A87136 ] C:\Windows\SysWOW64\runonce.exe
15:35:16.0712 0x14f4  C:\Windows\SysWOW64\runonce.exe - ok
15:35:16.0718 0x14f4  [ E1B22739C933BE33F53DB58C5393ADD3, 26EE0DD091D2E00DECC774DC1EEDFFDE69AF74B0C769CCBE091AFC32C66E4207 ] C:\Windows\System32\Apphlpdm.dll
15:35:16.0718 0x14f4  C:\Windows\System32\Apphlpdm.dll - ok
15:35:16.0724 0x14f4  [ E811F8510B133E70CF6E509FB809824F, 82541F2B15748250462B67B6C77530D4F7C45A1482237EC49B28F9FA5A414108 ] C:\Windows\System32\wdiasqmmodule.dll
15:35:16.0724 0x14f4  C:\Windows\System32\wdiasqmmodule.dll - ok
15:35:16.0731 0x14f4  [ AFA79C343F9D1555F7E5D5FA70BB2A14, 440EF3ADC1F5C7A5ED3E872C8D8DFA61B039454C3CA67F8A51CA8BDCFDC4BA4A ] C:\Windows\System32\PortableDeviceConnectApi.dll
15:35:16.0731 0x14f4  C:\Windows\System32\PortableDeviceConnectApi.dll - ok
15:35:16.0737 0x14f4  [ 46863C4CC5B68EB09EA2D5EEF0F1193A, 9B5593E1F484AC8F96F89A5995FB1FE9C51CB2F0F545607F6850751191150CFE ] C:\Windows\System32\radardt.dll
15:35:16.0737 0x14f4  C:\Windows\System32\radardt.dll - ok
15:35:16.0743 0x14f4  [ AD7B9C14083B52BC532FBA5948342B98, 17F746D82695FA9B35493B41859D39D786D32B23A9D2E00F4011DEC7A02402AE ] C:\Windows\SysWOW64\cmd.exe
15:35:16.0743 0x14f4  C:\Windows\SysWOW64\cmd.exe - ok
15:35:16.0749 0x14f4  [ E629F1A051C82795DDFFD3E8D4855811, 6E4DFFEAB2795C98EA6DCAF10EA6D97413D0F8CA0C04869CB20B74FF4D6FE679 ] C:\Windows\System32\dimsjob.dll
15:35:16.0749 0x14f4  C:\Windows\System32\dimsjob.dll - ok
15:35:16.0755 0x14f4  [ 35CB97CBC3EDC463418ED4997AAB29B6, EE60EABE2D87CEDD68FB8985B6C5D70930015FB2B8DB9FDCB4044587BC6ECA4C ] C:\Windows\System32\pautoenr.dll
15:35:16.0755 0x14f4  C:\Windows\System32\pautoenr.dll - ok
15:35:16.0762 0x14f4  [ 94DFBB481BF51158B216E23C5C1C9D6E, 0199086A70B9B63E48A7A15C8AE5442E9C6BC0173BD80A104DE1BE6A6C25F202 ] C:\Windows\System32\certcli.dll
15:35:16.0762 0x14f4  C:\Windows\System32\certcli.dll - ok
15:35:16.0768 0x14f4  [ 263B26106606A010CF877472B535E4BB, 43ECE89E428D2BB34244894BEBA1B946B0767649D15B1C715223E4E471A9E504 ] C:\Windows\System32\CertEnroll.dll
15:35:16.0768 0x14f4  C:\Windows\System32\CertEnroll.dll - ok
15:35:16.0774 0x14f4  [ 326C7F76A29897A892AA7726E91C1C67, 64305346B06EC14976130B0B80F14B4D5AB63E5B2A6A7B872EC9CE2BF8FADCD2 ] C:\Windows\SysWOW64\winbrand.dll
15:35:16.0774 0x14f4  C:\Windows\SysWOW64\winbrand.dll - ok
15:35:16.0781 0x14f4  [ 8F5EAAF76A6811332A8C67DB0D4C395F, 37A1491E3129E61B71838364E2703650A14C3D42DAC980CBBE2C910EE90CF21F ] C:\Windows\SysWOW64\ieframe.dll
15:35:16.0781 0x14f4  C:\Windows\SysWOW64\ieframe.dll - ok
15:35:16.0787 0x14f4  [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C, 78889511D6F471009674CC958F8BB77B4A79C952634B18E8AFF4A75AA6A60E87 ] C:\Windows\System32\ndiscapCfg.dll
15:35:16.0787 0x14f4  C:\Windows\System32\ndiscapCfg.dll - ok
15:35:16.0793 0x14f4  [ 3D6AF45673C4B31CDECD7F80AF09D443, 7D711D138C107816155AFA5E5FDC6892734074BEFF604B5904177B5D9ACE4670 ] C:\Windows\System32\rascfg.dll
15:35:16.0793 0x14f4  C:\Windows\System32\rascfg.dll - ok
15:35:16.0799 0x14f4  [ 1CF21800E337F4039AAD4C94B4280EE4, EF434CEF6E62A202B85E8EC7916EB998E20B10675437CDE90084CDA938C0AA3F ] C:\Windows\System32\mprmsg.dll
15:35:16.0799 0x14f4  C:\Windows\System32\mprmsg.dll - ok
15:35:16.0805 0x14f4  [ 55DE45B116711881C852D2841E4C84DD, 18E5021530BB44042C85087BAE4FEDA633E01CDCBA09C90A5941B74C75133A35 ] C:\Windows\System32\tcpipcfg.dll
15:35:16.0805 0x14f4  C:\Windows\System32\tcpipcfg.dll - ok
15:35:16.0812 0x14f4  [ FEB91B4DA0D540865260A33838654FA3, 8636B008BA329D3E6CC235D08BA4C914EFF45DBFCB9297C893CCDA8D907BA946 ] C:\Windows\System32\nci.dll
15:35:16.0812 0x14f4  C:\Windows\System32\nci.dll - ok
15:35:16.0818 0x14f4  [ AC0C9CEA1218DAB1994AF8B28E680BD9, 7C79144AD91C5B578B48DD6412884A58F4E6C23732612655A73486FC7BCE68A0 ] C:\Windows\System32\wlaninst.dll
15:35:16.0818 0x14f4  C:\Windows\System32\wlaninst.dll - ok
15:35:16.0824 0x14f4  [ 5A406C9C8E0880D3EABADC5DFD1ACDAE, D3228D81B30A37DDDBF2E9FECC8885404FB95DBD11C5F55A425B27BD361BC2C1 ] C:\Windows\System32\wwaninst.dll
15:35:16.0824 0x14f4  C:\Windows\System32\wwaninst.dll - ok
15:35:16.0830 0x14f4  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\System32\rundll32.exe
15:35:16.0830 0x14f4  C:\Windows\System32\rundll32.exe - ok
15:35:16.0836 0x14f4  [ 007863E45F25AA47A4C30D0930BBFD85, 60F2ABA40D520FCA2C57FA2DB72E111C14F21821DA17F662837506B80C269634 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
15:35:16.0836 0x14f4  C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
15:35:16.0843 0x14f4  [ E6F0F82788E8BD0F7A616350EFA0761C, 13091DCB3E3F4F52C3FF210E93AAF1DCE142CFC09F671AEAC5B922393B23E67B ] C:\Windows\System32\actxprxy.dll
15:35:16.0843 0x14f4  C:\Windows\System32\actxprxy.dll - ok
15:35:16.0849 0x14f4  [ 60F4AEFA103D421EA4A40E31409B4756, 037A8605CA504A4FF43E9D4DE9017CEA1E26D3556C975872C747E24D8B0835EF ] C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
15:35:16.0849 0x14f4  C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
15:35:16.0855 0x14f4  [ 2C4A87CA8C00E98EFDCFA2E8EC9A3503, DA59CE662E98E56D89E2894D2AC8B9F324C16DA23C860640EDC2C82E0AD06097 ] C:\Windows\SysWOW64\shdocvw.dll
15:35:16.0855 0x14f4  C:\Windows\SysWOW64\shdocvw.dll - ok
15:35:16.0861 0x14f4  [ 1BB66A40744622E60E802B39F013DC64, 67A23F1E9E6123A3D7248213384D51D6166D146CACD679E244CE0F891A344B97 ] C:\Users\Brenda\AppData\Local\Temp\{F198311A-2E16-4CB1-AA46-CA115D59E538}.exe
15:35:16.0861 0x14f4  C:\Users\Brenda\AppData\Local\Temp\{F198311A-2E16-4CB1-AA46-CA115D59E538}.exe - ok
15:35:16.0867 0x14f4  [ 7B851A8018B1EA00A69707A390004884, DAE654713EF1DC66C8C2D27752B659081794063A7D522D1F680AA9A6E7FBA9FD ] C:\Windows\SysWOW64\cryptnet.dll
15:35:16.0868 0x14f4  C:\Windows\SysWOW64\cryptnet.dll - ok
15:35:16.0873 0x14f4  [ 6F8E3B7B70E1BBA871212940C1FBDF60, 3F9D4EE64E4210340C6FEE0DE81BFE3C613DDBE608EC09D63817D24CE24BFC5E ] C:\Windows\SysWOW64\SensApi.dll
15:35:16.0873 0x14f4  C:\Windows\SysWOW64\SensApi.dll - ok
15:35:16.0878 0x14f4  [ 5B2E4E90C04FB9AE9F2C5E99FF59B283, 69DC06F246C3983934CA92149B4010A51868667D6E9A54A36338B1953B4CB21E ] C:\Windows\SysWOW64\WindowsCodecs.dll
15:35:16.0878 0x14f4  C:\Windows\SysWOW64\WindowsCodecs.dll - ok
15:35:16.0883 0x14f4  [ 846D0E4DB261CFAF363902E41498E961, D7E5591B7604FD583AF7FDA19E30928B24A6145318A3944E7D207F0CCEEB30D0 ] C:\Windows\SysWOW64\EhStorShell.dll
15:35:16.0884 0x14f4  C:\Windows\SysWOW64\EhStorShell.dll - ok
15:35:16.0889 0x14f4  [ 03F3B770DFBED6131653CEDA8CA780F0, 77373919DCA647F09851E7E460AE78FBD89F21516B961F84AC4446304E51E09C ] C:\Windows\SysWOW64\ntshrui.dll
15:35:16.0889 0x14f4  C:\Windows\SysWOW64\ntshrui.dll - ok
15:35:16.0896 0x14f4  [ 8B74CEC6980D4816B0037AE9A27E538F, 8721EDB4C51BF6020002FA5DDB1987C68590F9F433A2F18D9756B2DAC7542CB6 ] C:\Windows\SysWOW64\slc.dll
15:35:16.0896 0x14f4  C:\Windows\SysWOW64\slc.dll - ok
15:35:16.0902 0x14f4  [ 827CB0D6C3F8057EA037FF271F8E9795, 82760DBDDD38D2A31CAAF51D065DF4E7E1D0F0C22733A0AF653776EBF7B79470 ] C:\Windows\SysWOW64\imageres.dll
15:35:16.0902 0x14f4  C:\Windows\SysWOW64\imageres.dll - ok
15:35:16.0908 0x14f4  [ 198803E5E93E29967DFB0BCFD0186151, 72C3B0FA35578A71E9988FA31A7AD91A9CF31A6BA6EC00EA1F153E99277807BF ] C:\Windows\System32\spfileq.dll
15:35:16.0908 0x14f4  C:\Windows\System32\spfileq.dll - ok
15:35:16.0914 0x14f4  [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9, E18D66455D00A6D2A2D7CC0833C233FE8A6DD910B59D6B5B5F82EF91450858DF ] C:\Windows\SysWOW64\sfc.dll
15:35:16.0914 0x14f4  C:\Windows\SysWOW64\sfc.dll - ok
15:35:16.0920 0x14f4  [ 84799328D87B3091A3BDD251E1AD31F9, F85521215924388830DBB13580688DB70B46AF4C7D82D549D09086438F8D237B ] C:\Windows\SysWOW64\sfc_os.dll
15:35:16.0920 0x14f4  C:\Windows\SysWOW64\sfc_os.dll - ok
15:35:16.0926 0x14f4  [ 162D247E995EAEBF3EF4289069E1111C, 19E858E9902E2D570FFD24AE2CB4165273F5BAB1FF7B04758B11AB5CD41FD752 ] C:\Windows\SysWOW64\devrtl.dll
15:35:16.0926 0x14f4  C:\Windows\SysWOW64\devrtl.dll - ok
15:35:16.0932 0x14f4  [ CA9F7888B524D8100B977C81F44C3234, 57F3353F89724147D8AC8B69B12C1303DF26978309776F5F8CCF074526A915D3 ] C:\Windows\SysWOW64\winhttp.dll
15:35:16.0932 0x14f4  C:\Windows\SysWOW64\winhttp.dll - ok
15:35:16.0938 0x14f4  [ FB19FC5951A88F3C523E35C2C98D23C0, FF0DB8BF0C68DA0D09272E8181D2B5409C8850BB2F31AEA3AC4CD14C5A420A59 ] C:\Windows\SysWOW64\webio.dll
15:35:16.0938 0x14f4  C:\Windows\SysWOW64\webio.dll - ok
15:35:16.0944 0x14f4  [ FB10715E4099AF9FA389C71873245226, 6A4CB43880B822A0C4714D6E52EB3EB2CE1E69C3AA9CA65EAAD6B131AE43F274 ] C:\Windows\System32\timedate.cpl
15:35:16.0944 0x14f4  C:\Windows\System32\timedate.cpl - ok
15:35:16.0950 0x14f4  [ 23B001185B7C3CB1F4BDEB143E6B45B7, AB3A5AB346F6353B43B06FBE20B7785DA988975E2C8B73A6588F107FFAAACC47 ] C:\Windows\System32\shdocvw.dll
15:35:16.0950 0x14f4  C:\Windows\System32\shdocvw.dll - ok
15:35:16.0956 0x14f4  [ A0A65D306A5490D2EB8E7DE66898ECFD, CE5DA408F4EDD5E81CE0925867F03C9A35172CF1571FE4C4C052E45AB69822BB ] C:\Windows\System32\linkinfo.dll
15:35:16.0956 0x14f4  C:\Windows\System32\linkinfo.dll - ok
15:35:16.0963 0x14f4  [ 69754747274B76E7FAF287239333D7E6, A0BAEC1E56E4B1A17C0D41B317526AF5BB11E7E488C7016067A6229346A23B16 ] C:\Windows\System32\msiltcfg.dll
15:35:16.0963 0x14f4  C:\Windows\System32\msiltcfg.dll - ok
15:35:16.0969 0x14f4  [ 5EB6E9C8BE1ACC5830780E0F9A846255, AC5EDC6DBC9CA204584E35878E18F6524DE002CE3D90657C37599790A5DDD1F1 ] C:\Windows\System32\msi.dll
15:35:16.0969 0x14f4  C:\Windows\System32\msi.dll - ok
15:35:16.0975 0x14f4  [ DB371427A1F347D3F7DAA2DBBAD79DC0, D58DF1EB99BD26973548BC086F1DCF52391D11DBD5D8F280B4E3AB80F7AA67ED ] C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL
15:35:16.0975 0x14f4  C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL - ok
15:35:16.0981 0x14f4  [ 8637D5B8B6865CB241DB7E1331327211, F49967E233BE3141C74BE6C981C5C29E481F6927C6B25E6F5AD6C8D57B4CA633 ] C:\PROGRA~2\ThinkPad\UTILIT~1\US\PWMRT64V.DLL
15:35:16.0982 0x14f4  C:\PROGRA~2\ThinkPad\UTILIT~1\US\PWMRT64V.DLL - ok
15:35:16.0988 0x14f4  [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\Users\Brenda\AppData\Local\Temp\{DBCCCD19-0C14-4A81-A336-7C03E9D71496}\{10DF2568-AF79-4BF8-A9DC-56F3802374D6}.tmp
15:35:16.0988 0x14f4  C:\Users\Brenda\AppData\Local\Temp\{DBCCCD19-0C14-4A81-A336-7C03E9D71496}\{10DF2568-AF79-4BF8-A9DC-56F3802374D6}.tmp - ok
15:35:16.0998 0x14f4  [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\Users\Brenda\AppData\Local\Temp\{DBCCCD19-0C14-4A81-A336-7C03E9D71496}\{85433D34-D99F-4BA0-BE56-2D8A429DDEEE}.tmp
15:35:16.0998 0x14f4  C:\Users\Brenda\AppData\Local\Temp\{DBCCCD19-0C14-4A81-A336-7C03E9D71496}\{85433D34-D99F-4BA0-BE56-2D8A429DDEEE}.tmp - ok
15:35:17.0002 0x14f4  [ 55C11301579A42639736EA3B17A3A588, CBEBDD7C883EF47DB86060AF0F09FD2218161D5FEB0CECEB4A068B9CC63499F8 ] C:\Users\Brenda\AppData\Local\Temp\{DBCCCD19-0C14-4A81-A336-7C03E9D71496}\{D57D7BC4-9FFA-4D59-BA53-732FF7DB9FE5}.tmp
15:35:17.0002 0x14f4  C:\Users\Brenda\AppData\Local\Temp\{DBCCCD19-0C14-4A81-A336-7C03E9D71496}\{D57D7BC4-9FFA-4D59-BA53-732FF7DB9FE5}.tmp - ok
15:35:17.0009 0x14f4  [ 02515DA58BCE97C39DE21DEF87D4A8E5, 7ECB1E29DC46F8D6CFFF708C031AF77B06A9BCF73822204EEFA3A579239E91A7 ] C:\PROGRA~2\ThinkPad\UTILIT~1\PWMIF64V.DLL
15:35:17.0009 0x14f4  C:\PROGRA~2\ThinkPad\UTILIT~1\PWMIF64V.DLL - ok
15:35:17.0015 0x14f4  [ C5B0324DB461559ADD070E632A6919FA, AB09CACB5B7DD372B27921A5E01220552A611CECA27EF87961001FA467FDED45 ] C:\Windows\SysWOW64\wbem\wbemprox.dll
15:35:17.0015 0x14f4  C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
15:35:17.0021 0x14f4  [ 704314FD398C81D5F342CAA5DF7B7F21, CDA660E1E8AAE0789780B6B9604B138E67B2BDD1404A5E4C2354B35879D43085 ] C:\Windows\SysWOW64\wbemcomn.dll
15:35:17.0022 0x14f4  C:\Windows\SysWOW64\wbemcomn.dll - ok
15:35:17.0028 0x14f4  [ 776AE0564F8B1C282E331FD95A1BDC5F, 601CFCA3922FFEA46A54AD323845A76A12FC6AF9FF64E9B0AE294FBB1AFCF4CB ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
15:35:17.0028 0x14f4  C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
15:35:17.0034 0x14f4  [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A, 61B4D669C692775EF361445293163E84FAD8636AC49C8047BE806DB4E4093291 ] C:\Windows\SysWOW64\wbem\fastprox.dll
15:35:17.0034 0x14f4  C:\Windows\SysWOW64\wbem\fastprox.dll - ok
15:35:17.0040 0x14f4  [ BFAE01819DED46ED3C07B26622B22FCE, 140FE5C838CF1ED7532A1BC35816791D49A2E62A8C726DFDF02E8741F694309C ] C:\Windows\System32\Sensor64.DLL
15:35:17.0040 0x14f4  C:\Windows\System32\Sensor64.DLL - ok
15:35:17.0046 0x14f4  [ 619A67C9F617B7E69315BB28ECD5E1DF, F34F231D117CCDFEBB9CB35C8D6FDFA7051DA27FDC1204FCCFF361FC0B13A0FF ] C:\Windows\System32\wbem\WmiPrvSE.exe
15:35:17.0047 0x14f4  C:\Windows\System32\wbem\WmiPrvSE.exe - ok
15:35:17.0053 0x14f4  [ 754A0C324ECA95AE4F708D01EF27060E, 14CCE8BF5502B4DAF1B9B99406B450AF6D260F480EF22B8FCF500822A2AF5BF2 ] C:\Windows\System32\wbem\wbemdisp.dll
15:35:17.0053 0x14f4  C:\Windows\System32\wbem\wbemdisp.dll - ok
15:35:17.0059 0x14f4  [ 6607C2182C6A53ED983813AFE2F85768, FC9E718ABC4E0FBC7B0DD145F9C377A1800A7776AD832AB645796E13B1E15A1F ] C:\Windows\System32\wbem\cimwin32.dll
15:35:17.0059 0x14f4  C:\Windows\System32\wbem\cimwin32.dll - ok
15:35:17.0065 0x14f4  [ 07AD88DF9EF73215458867EFC1BFFE9E, 8C659B6F31111C09448B68889623886658C96467E7E5C95C1714E18AD3924463 ] C:\Windows\System32\wbem\wmiprov.dll
15:35:17.0065 0x14f4  C:\Windows\System32\wbem\wmiprov.dll - ok
15:35:17.0071 0x14f4  [ 1484B9EBF567346582DE571B0E164AE0, 9862BF22B2E32DABE7A82ACEE5B4EA1F0A93BDC3C71B20A6A4E568CCCD76A7A6 ] C:\Windows\System32\framedynos.dll
15:35:17.0072 0x14f4  C:\Windows\System32\framedynos.dll - ok
15:35:17.0078 0x14f4  [ C00DB14550E4BD49737F311C644E45FF, 7085C47DADEED82B6F98ED3903197D76B648E9D6CC67D40C789E236264D9A0DC ] C:\Windows\System32\wmi.dll
15:35:17.0078 0x14f4  C:\Windows\System32\wmi.dll - ok
15:35:17.0084 0x14f4  [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\Users\Brenda\AppData\Local\Temp\{DBCCCD19-0C14-4A81-A336-7C03E9D71496}\{1F2EFC19-8EB0-433E-B069-C58B9CB7EB8F}.tmp
15:35:17.0084 0x14f4  C:\Users\Brenda\AppData\Local\Temp\{DBCCCD19-0C14-4A81-A336-7C03E9D71496}\{1F2EFC19-8EB0-433E-B069-C58B9CB7EB8F}.tmp - ok
15:35:17.0091 0x14f4  [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\Users\Brenda\AppData\Local\Temp\{DBCCCD19-0C14-4A81-A336-7C03E9D71496}\{E3CA28FD-6B0C-4ACE-A321-B15EDAF84B50}.tmp
15:35:17.0091 0x14f4  C:\Users\Brenda\AppData\Local\Temp\{DBCCCD19-0C14-4A81-A336-7C03E9D71496}\{E3CA28FD-6B0C-4ACE-A321-B15EDAF84B50}.tmp - ok
15:35:17.0098 0x14f4  [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\Users\Brenda\AppData\Local\Temp\{DBCCCD19-0C14-4A81-A336-7C03E9D71496}\{8C88CCD1-B64C-4851-B1C4-A337A67C7126}.tmp
15:35:17.0098 0x14f4  C:\Users\Brenda\AppData\Local\Temp\{DBCCCD19-0C14-4A81-A336-7C03E9D71496}\{8C88CCD1-B64C-4851-B1C4-A337A67C7126}.tmp - ok
15:35:17.0104 0x14f4  [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\Users\Brenda\AppData\Local\Temp\{DBCCCD19-0C14-4A81-A336-7C03E9D71496}\{AB45F241-5D41-4CCA-9CDC-803007CB447C}.tmp
15:35:17.0104 0x14f4  C:\Users\Brenda\AppData\Local\Temp\{DBCCCD19-0C14-4A81-A336-7C03E9D71496}\{AB45F241-5D41-4CCA-9CDC-803007CB447C}.tmp - ok
15:35:17.0111 0x14f4  [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\Users\Brenda\AppData\Local\Temp\{DBCCCD19-0C14-4A81-A336-7C03E9D71496}\{98C1EE3C-BA24-47CD-B659-9319AD89854E}.tmp
15:35:17.0111 0x14f4  C:\Users\Brenda\AppData\Local\Temp\{DBCCCD19-0C14-4A81-A336-7C03E9D71496}\{98C1EE3C-BA24-47CD-B659-9319AD89854E}.tmp - ok
15:35:17.0117 0x14f4  [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\Users\Brenda\AppData\Local\Temp\{DBCCCD19-0C14-4A81-A336-7C03E9D71496}\{9AC173A8-91F1-4981-A6A1-8BABD05CACD3}.tmp
15:35:17.0117 0x14f4  C:\Users\Brenda\AppData\Local\Temp\{DBCCCD19-0C14-4A81-A336-7C03E9D71496}\{9AC173A8-91F1-4981-A6A1-8BABD05CACD3}.tmp - ok
15:35:17.0124 0x14f4  [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\Users\Brenda\AppData\Local\Temp\{DBCCCD19-0C14-4A81-A336-7C03E9D71496}\{D359A301-3598-4FB8-830E-269949B17AE3}.tmp
15:35:17.0124 0x14f4  C:\Users\Brenda\AppData\Local\Temp\{DBCCCD19-0C14-4A81-A336-7C03E9D71496}\{D359A301-3598-4FB8-830E-269949B17AE3}.tmp - ok
15:35:17.0128 0x14f4  [ 102CF6879887BBE846A00C459E6D4ABC, A4C51C79CF95D5C79DCEFB02946A09A987FEAF83CE2EE1BA7677EBA90869AC80 ] C:\Windows\SysWOW64\riched20.dll
15:35:17.0128 0x14f4  C:\Windows\SysWOW64\riched20.dll - ok
15:35:17.0134 0x14f4  [ FA752544EE1EE59E8AD938CBB43CAC93, EA633416EF79F5FC1C841D46F3AAEC6A56BD09D2FD8B9CD8584E4AF65B890974 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll
15:35:17.0135 0x14f4  C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok
15:35:17.0141 0x14f4  [ E2A17BCC08D92F42E08AF6BA2F93ABA7, 5FC9D47BF4B1094BECC0C0DDCD5CD4318DD3E4495D982F8785331616D5B82599 ] C:\Windows\SysWOW64\ExplorerFrame.dll
15:35:17.0141 0x14f4  C:\Windows\SysWOW64\ExplorerFrame.dll - ok
15:35:17.0147 0x14f4  [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86, E15ED4FEFC3010C213694331DDFDC03767682325C898D773AB243E2DC8B08461 ] C:\Windows\System32\msftedit.dll
15:35:17.0147 0x14f4  C:\Windows\System32\msftedit.dll - ok
15:35:17.0153 0x14f4  [ 112183DF91C9BAECB498E4A86ECDE598, 33E9256ACC4EA747177FF0922FCA679849F89F695E469BB8C8F25BD5B5B1A583 ] C:\Windows\System32\msls31.dll
15:35:17.0153 0x14f4  C:\Windows\System32\msls31.dll - ok
15:35:17.0160 0x14f4  [ 7DBA84667DC18877AEF693E3543DFAD7, 499306CE72EB8B873C547C600FD1093B7A79122D656407E69879041690AE588F ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
15:35:17.0160 0x14f4  C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
15:35:17.0166 0x14f4  [ 6E1F8165C365D35C8E3C045AF0CDD481, B861360D0A014265A0BEB4CC2FE31EA05AE95120E8B07820C13A044D64C00E2B ] C:\Windows\SysWOW64\duser.dll
15:35:17.0166 0x14f4  C:\Windows\SysWOW64\duser.dll - ok
15:35:17.0172 0x14f4  [ EE06B85BC69F18826302348A2AD089E0, 417205797CC9F6C986A863A61179784D9ADCAF1961EF8A4D9042D73C5A86509A ] C:\Windows\SysWOW64\dui70.dll
15:35:17.0172 0x14f4  C:\Windows\SysWOW64\dui70.dll - ok
15:35:17.0178 0x14f4  [ 2BCBA6052374959A30BD7948444DBB79, 46224A2B729026FEEBC3C6A09E69919D477097848DB2CA0C2F5B166CDF379660 ] C:\Windows\System32\gameux.dll
15:35:17.0178 0x14f4  C:\Windows\System32\gameux.dll - ok
15:35:17.0184 0x14f4  [ 4C2C4640BF23AAFCF90519E0F34436CE, 8ACCDA77C2DC5BE2DAED05134310122AFECC872A8D118612E55DD229BFE4D844 ] C:\Windows\System32\DeviceCenter.dll
15:35:17.0184 0x14f4  C:\Windows\System32\DeviceCenter.dll - ok
15:35:17.0191 0x14f4  [ 21DABCD4A7AF0F0F33CB6DD5BE640391, 78BC3FECCF6AF82B7D4CF3F385F81C55B8DB7042EB2257301624036827281973 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
15:35:17.0191 0x14f4  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok
15:35:17.0197 0x14f4  [ 914D0CE4733662B477E41478081A26EF, 4E7FD4720226BD2F240EEBB95399D7608FE9FC45D28A8D842D7B1BC45F3DE312 ] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
15:35:17.0197 0x14f4  C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe - ok
15:35:17.0203 0x14f4  [ E24810944B2EB49862D835CA5B7E6E43, B3DD421497D9630DAC9B2CCD269F13D415FF10F7F0CE1A66320F13A9DA5301C4 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
15:35:17.0203 0x14f4  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
15:35:17.0210 0x14f4  [ FA24437E1FB6A348B8748B816E44379A, B3AF96C1F5D384E48958F18A731A09F17B2E24AD41194D63E6350E654D7084EA ] C:\Program Files\Lenovo\Communications Utility\TPKNRDLL.DLL
15:35:17.0210 0x14f4  C:\Program Files\Lenovo\Communications Utility\TPKNRDLL.DLL - ok
15:35:17.0217 0x14f4  [ 4EC5E852A5E67B33966614A9B2C56D95, B2878AC44303CAB9A532D83E4F030238EAA9E2D133BA2C3F100B5206E9FE1423 ] C:\Program Files (x86)\HP\HP Color LaserJet CM2320 MFP Series\hppfaxprintersrv.exe
15:35:17.0217 0x14f4  C:\Program Files (x86)\HP\HP Color LaserJet CM2320 MFP Series\hppfaxprintersrv.exe - ok
15:35:17.0223 0x14f4  [ 49761B7E50CC76B2FB25F99BF243323F, 578A4CE587AF4F6373322CAACFB0024AB27C74A85B14B1258F899253B8AD22BD ] C:\Windows\System32\SynCOM.dll
15:35:17.0223 0x14f4  C:\Windows\System32\SynCOM.dll - ok
15:35:17.0229 0x14f4  [ F1475C9B509A8643358C6C7F97F4BAB8, 5B9ABF8C18EFD73540D07BB344AC05D454B9765AF957E3E30660C08C1955275F ] C:\Windows\System32\SynTPAPI.dll
15:35:17.0229 0x14f4  C:\Windows\System32\SynTPAPI.dll - ok
15:35:17.0235 0x14f4  [ F333A699C8F43048659F0E201CB7268D, 7FC06EC012C976E801A0E2400B049A20499AC0C3573E5F9F24F4772F43B9A032 ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
15:35:17.0235 0x14f4  C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok
15:35:17.0241 0x14f4  [ E948D1D42DC68923ABD75EEB5BCCD1D3, 74218AE72B6B9940315F17D297E97F9F5CE4962C956AF8049367E14769D6EDD5 ] C:\Windows\System32\consent.exe
15:35:17.0241 0x14f4  C:\Windows\System32\consent.exe - ok
15:35:17.0248 0x14f4  [ 405F4D32D2185F1F1BD753D8EEAFFB3A, CAC42C3E09C43BE96592B670D70821386014DB22D8239A9CFB9E33E54FB5C3D5 ] C:\Windows\System32\networkexplorer.dll
15:35:17.0248 0x14f4  C:\Windows\System32\networkexplorer.dll - ok
15:35:17.0254 0x14f4  [ 9110FFAD124283F37D38771BB60556AF, BB495FDF86B7C3DD7878C496090A624CE8FE68F61166C91A4C99EF1140F0AD23 ] C:\Windows\System32\dsound.dll
15:35:17.0254 0x14f4  C:\Windows\System32\dsound.dll - ok
15:35:17.0260 0x14f4  [ F325E0E24373C03B15029FE7C03AB130, BE6F0EAE8EB686AF27ADE30817FF64C5D07B91EBB770D18ABAF8F3CEBDCA4901 ] C:\Program Files (x86)\RingCentral\RingCentral Call Controller\RCUI.exe
15:35:17.0260 0x14f4  C:\Program Files (x86)\RingCentral\RingCentral Call Controller\RCUI.exe - ok
15:35:17.0267 0x14f4  [ AC012AD7539A8F9FFD31CF80BAA06CC7, 330A52D02ECBC4808D87B6758B34A0B4C2DBAA2965E9F1474D1706BD8945195E ] C:\Windows\System32\LogiLDA.DLL
15:35:17.0267 0x14f4  C:\Windows\System32\LogiLDA.DLL - ok
15:35:17.0273 0x14f4  [ 24F4B480F335A6C724AF352253C5D98B, 011413B236CAD7B78CE0A0EEC3E3085D48C7576A3205D025BA6EBFDF590538E4 ] C:\Windows\System32\thumbcache.dll
15:35:17.0273 0x14f4  C:\Windows\System32\thumbcache.dll - ok
15:35:17.0280 0x14f4  [ E92707822BC38546B2C683D8D0C3C89A, 6EF5F08C932454D750D9F8652A810A42C910D5F9BA300D90C25DB6F478E76FF7 ] C:\Program Files (x86)\RingCentral\RingCentral Call Controller\RCHotKey.exe
15:35:17.0280 0x14f4  C:\Program Files (x86)\RingCentral\RingCentral Call Controller\RCHotKey.exe - ok
15:35:17.0287 0x14f4  [ 9656FA91ABAF0FE5ED9592883F2024C9, 9326CACFCF52FBB49694E1296F528D524245EB5AF7CBBE6E3B8ECE496D0027A8 ] C:\Program Files (x86)\RingCentral\RingCentral Call Controller\RCMH.dll
15:35:17.0287 0x14f4  C:\Program Files (x86)\RingCentral\RingCentral Call Controller\RCMH.dll - ok
15:35:17.0293 0x14f4  [ B22CB67919EBAD88B0E8BB9CDA446010, 2F744FEAC48EDE7D6B6D2727F7DDFA80B26D9E3B0009741B00992B19AD85E128 ] C:\Windows\System32\StikyNot.exe
15:35:17.0293 0x14f4  C:\Windows\System32\StikyNot.exe - ok
15:35:17.0299 0x14f4  [ AAC2BBE20E8AB7B049AEBA38B8858ADC, C981635D9E50B4C0FB496D04B58B3EA18C9BD6D9A21BC7DFBF14489929837942 ] C:\Program Files (x86)\RingCentral\RingCentral Call Controller\RCLog.dll
15:35:17.0299 0x14f4  C:\Program Files (x86)\RingCentral\RingCentral Call Controller\RCLog.dll - ok
15:35:17.0306 0x14f4  [ 1F1E89A31CF9CDCDADA81EFAEB303948, F5AEF85079A969B50D261EBC82777D2F90D9E6610D12C35BD048B400042536A0 ] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
15:35:17.0306 0x14f4  C:\Program Files\Synaptics\SynTP\SynTPLpr.exe - ok
15:35:17.0312 0x14f4  [ BE716766899F44F7B1674919ED19FBCE, E2AC3ACA787E235CC35729AAA9D9C9A0545FECD036D290DC9E845FC53D3CF29C ] C:\Program Files (x86)\RingCentral\RingCentral Call Controller\Config.dll
15:35:17.0312 0x14f4  C:\Program Files (x86)\RingCentral\RingCentral Call Controller\Config.dll - ok
15:35:17.0319 0x14f4  [ F8B28A009FD9B76F062B48CFC00ADCD4, E12322D31838E9B3971B6D4F93B2AD3D1D3E95FE638B46BCF936B7859ACAB357 ] C:\Program Files (x86)\RingCentral\RingCentral Call Controller\RCHotKeyHook.dll
15:35:17.0319 0x14f4  C:\Program Files (x86)\RingCentral\RingCentral Call Controller\RCHotKeyHook.dll - ok
15:35:17.0325 0x14f4  [ D9335549EAE48B14FB66EFCB6FFAE736, 911B1360818979ED983F5F0C0BAEAC3C29FC454C91F79644BAB8124B5D9A9D8D ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
15:35:17.0325 0x14f4  C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe - ok
15:35:17.0332 0x14f4  [ 51138BEEA3E2C21EC44D0932C71762A8, 5AD3C37E6F2B9DB3EE8B5AEEDC474645DE90C66E3D95F8620C48102F1EBA4124 ] C:\Windows\SysWOW64\rundll32.exe
15:35:17.0332 0x14f4  C:\Windows\SysWOW64\rundll32.exe - ok
15:35:17.0338 0x14f4  [ 87080AE969C2EA57D36EACF006557224, B99FC3C052DCCF4557E1A354B4D7D76F5E24AF86D23A9146E6246EED7B7E6834 ] C:\Program Files (x86)\RingCentral\RingCentral Call Controller\ResMgr.dll
15:35:17.0338 0x14f4  C:\Program Files (x86)\RingCentral\RingCentral Call Controller\ResMgr.dll - ok
15:35:17.0345 0x14f4  [ AFAFD74780A0BB4EBE76CDE10C9CCE43, 2496060BC3ACCBB9F469821C78C2AE40617E97CB479CEB14441B7A81C1C250E9 ] C:\Program Files\Common Files\Microsoft Shared\ink\InkObj.dll
15:35:17.0345 0x14f4  C:\Program Files\Common Files\Microsoft Shared\ink\InkObj.dll - ok
15:35:17.0351 0x14f4  [ 273653EE7F9201F31834A9E6C5CDCF62, D71D818D54F1F866C3A66230E4BB25CE925C1E8746B0F9FE035521CE072C179E ] C:\Users\Brenda\AppData\Roaming\Dropbox\bin\Dropbox.exe
15:35:17.0351 0x14f4  C:\Users\Brenda\AppData\Roaming\Dropbox\bin\Dropbox.exe - ok
15:35:17.0358 0x14f4  [ 91C28FA8A91A8A6049BED53030D36989, D57288D7B3645F5D3DA5EA94DF840D1786AC3635666DAEC8981B6019DCE01838 ] C:\Program Files (x86)\RingCentral\RingCentral Call Controller\RCTH.dll
15:35:17.0358 0x14f4  C:\Program Files (x86)\RingCentral\RingCentral Call Controller\RCTH.dll - ok
15:35:17.0365 0x14f4  [ 1F5AFD468EB5E09E9ED75A087529EAB5, 8204DBCC054C1E54B6065BACB78C55716681AD91759E25111B4E4797E51D0AA3 ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll
15:35:17.0365 0x14f4  C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll - ok
15:35:17.0372 0x14f4  [ 3B6ACE8A4562B8181188E015D23A39EE, 6FC7873B3CEC20DD1C8470FCE010DED147A7F03B5C07F5525DE8354DED792DCE ] C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
15:35:17.0372 0x14f4  C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe - ok
15:35:17.0375 0x14f4  [ 96C70BD48D49B87475F4572DEDC62EB9, DA841CEBDFF2C5821D4D3396BD9299940A4A2927C161554B66AB8F58CBF04467 ] C:\Windows\AppPatch\AcLayers.dll
15:35:17.0375 0x14f4  C:\Windows\AppPatch\AcLayers.dll - ok
15:35:17.0382 0x14f4  [ 46DA8E7484AC7A52CE1D6E428398724B, 540BBAB567E98D0A6810919CA7B2DB95CE3146BB4DFCF9E501228ADEE85F80B9 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
15:35:17.0382 0x14f4  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
15:35:17.0389 0x14f4  [ BA32509D9B340162327B341013DE6522, 478A96ED44326BFAA3CFA9C721A6B00D4C52965909E166D7208F714890BF6CF3 ] C:\Windows\SysWOW64\tapi32.dll
15:35:17.0389 0x14f4  C:\Windows\SysWOW64\tapi32.dll - ok
15:35:17.0395 0x14f4  [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
15:35:17.0395 0x14f4  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
15:35:17.0401 0x14f4  [ F1278B3514EA6FA9BC39B20D26139AAC, 7FA1B8CCBB4771F3105EEACE2C13F949FA65C7F53817C783BDF9770F94FF12B5 ] C:\Windows\SysWOW64\msiltcfg.dll
15:35:17.0401 0x14f4  C:\Windows\SysWOW64\msiltcfg.dll - ok
15:35:17.0408 0x14f4  [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
15:35:17.0408 0x14f4  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
15:35:17.0414 0x14f4  [ 839F96DBAAFD3353E0B248A5E0BD2A51, 11DA5AD3EA5FF4766C12B99FB520B3CBE08581ECAF1A2FD1DC5AC835CA78FAC2 ] C:\Windows\SysWOW64\rasapi32.dll
15:35:17.0414 0x14f4  C:\Windows\SysWOW64\rasapi32.dll - ok
15:35:17.0420 0x14f4  [ 566D1F57F5C422BE44C5E4A08D778901, 37C9D9ADA884EB62CA60A9B5A60F8D2E7B4D4119E33660D03C4C9AF34FEDDFA9 ] C:\Program Files (x86)\Evernote\Evernote\encrashrep.dll
15:35:17.0421 0x14f4  C:\Program Files (x86)\Evernote\Evernote\encrashrep.dll - ok
15:35:17.0426 0x14f4  [ 7E067D5C3EF2BB87B3E07DCD61286390, 6733450A35282D912E9A506562B89D6BB6C4204A0D8F765F4E099A18DE6A8E62 ] C:\Windows\AppPatch\acwow64.dll
15:35:17.0426 0x14f4  C:\Windows\AppPatch\acwow64.dll - ok
15:35:17.0433 0x14f4  [ E0B340996A41C9A75DFA3B99BBA9C500, D029AD8ABBD2267B1E44DF5172B93C3F832B4C21F930F5512C24E800F5CE4F8B ] C:\Windows\System32\SearchIndexer.exe
15:35:17.0433 0x14f4  C:\Windows\System32\SearchIndexer.exe - ok
15:35:17.0439 0x14f4  [ FFA7172354B9256DBB2CDD75F16F33FE, 85B2F014C67C2E52540F17D561793C6633C9E98F12639CCD3854EB1EC34DD035 ] C:\Windows\SysWOW64\rasman.dll
15:35:17.0439 0x14f4  C:\Windows\SysWOW64\rasman.dll - ok
15:35:17.0445 0x14f4  [ 715AB41A22E0DE693CB101639070D3BE, FB63E7DDEE8D53F8F89EB95E73C9C03BF85CDEE60F1F1689190F510F878DBBF9 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpquio08.dll
15:35:17.0445 0x14f4  C:\Program Files (x86)\HP\Digital Imaging\bin\hpquio08.dll - ok
15:35:17.0452 0x14f4  [ D758E0360BA31A98B4E174E30309ED7C, 9929233274CD1C33395036717DDA8DA45D5A3A3C880A4AEFF6DEABAC3407ECC2 ] C:\Program Files (x86)\RingCentral\RingCentral Call Controller\zlib.dll
15:35:17.0452 0x14f4  C:\Program Files (x86)\RingCentral\RingCentral Call Controller\zlib.dll - ok
15:35:17.0458 0x14f4  [ F89E2E5B554CCEB5FCD344349C78FDED, 9AA0D4DCC9E96BCE96FF7268D3EA8E66075214139B5739CAFED29F631B07805C ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc
15:35:17.0458 0x14f4  C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc - ok
15:35:17.0465 0x14f4  [ 79034F9070EAE9DD869AA5841E6A591B, 8CB5B0B7E3AE3292BCD62D675052B34CD17FB7D37E1ABB44F2D73A0718B5F238 ] C:\Program Files (x86)\RingCentral\RingCentral Call Controller\RCPhoneParser.dll
15:35:17.0465 0x14f4  C:\Program Files (x86)\RingCentral\RingCentral Call Controller\RCPhoneParser.dll - ok
15:35:17.0472 0x14f4  [ DAB8C1971354B1A55D271066674ED734, 61CE50FBEE2068D462F5E4F0EB1CB52FBC8D62CDF24F5064297E60A3A2783859 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtao08.dll
15:35:17.0472 0x14f4  C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtao08.dll - ok
15:35:17.0479 0x14f4  [ 28A09777D2D952122567A8A82F1A2C7B, 772260DF36AE85A0619C51402DE416E0C329976B724C8E9C4F8C013CBB7C7289 ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll
15:35:17.0479 0x14f4  C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll - ok
15:35:17.0486 0x14f4  [ 3F533D75631178A880AEFFDF117213BE, 45956F7FB7C95D73715E5BC4F8BF8B277A928BCCDC52CFE510A2487C430E27E5 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
15:35:17.0486 0x14f4  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
15:35:17.0492 0x14f4  [ 85683DF1F917E4D7F6BE1A04986BF1C8, D68D9F525D31C1843B6EC8FA950166FA1F34DB71222716E7B22DD33981C152B6 ] C:\Windows\SysWOW64\msacm32.dll
15:35:17.0492 0x14f4  C:\Windows\SysWOW64\msacm32.dll - ok
15:35:17.0499 0x14f4  [ 634B0FF32D335759CA5129CB1E928302, 8DFD677F59F43C22650F29B9D47C2A41754A7657007F67DB6E2E7ED9075ABECD ] C:\Program Files (x86)\RingCentral\RingCentral Call Controller\RCCommon.dll
15:35:17.0499 0x14f4  C:\Program Files (x86)\RingCentral\RingCentral Call Controller\RCCommon.dll - ok
15:35:17.0505 0x14f4  [ 589DF683A6C81424A6CECE52ABF98A50, 8CE0D07B2FC1F1BF8C07434FAFCDC63FDD3B75007C3B2EED130DB69D2D16E90A ] C:\Windows\System32\tquery.dll
15:35:17.0505 0x14f4  C:\Windows\System32\tquery.dll - ok
15:35:17.0511 0x14f4  [ 84174CA0E190BB9D1EFD0F005FE13B35, B0146E651DAD4A8050FAF70026F1B7CE16EF454EB6E31088CDEBE3CD57E6591C ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\GdiPlus.dll
15:35:17.0511 0x14f4  C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\GdiPlus.dll - ok
15:35:17.0517 0x14f4  [ 714445FBC09B4D8A791FFCF8EA0E7320, F0B81EF01E36377A43BF4CA0CB08BCF9F82493133BF6782693C257D117FB9D18 ] C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
15:35:17.0517 0x14f4  C:\Program Files (x86)\Evernote\Evernote\libxml2.dll - ok
15:35:17.0524 0x14f4  [ 88ABC210A3854821832CB0F60B5AF129, 904E693355BF6C53450C50842181C664BEFED3497CA145BD75D69901C77D5A74 ] C:\Program Files (x86)\RingCentral\RingCentral Call Controller\RCMenu.Dll
15:35:17.0524 0x14f4  C:\Program Files (x86)\RingCentral\RingCentral Call Controller\RCMenu.Dll - ok
15:35:17.0530 0x14f4  [ 40EEDE4EE98C716827148172ECC898D4, DE13E0E4C7EC0A1D5E8634AC2D227426B16333B5502F7530ED1E8A2F4D299F87 ] C:\Windows\Installer\{0225AD21-F3E2-4916-BFF3-65D3F9052582}\iTunesIco.exe
15:35:17.0530 0x14f4  C:\Windows\Installer\{0225AD21-F3E2-4916-BFF3-65D3F9052582}\iTunesIco.exe - ok
15:35:17.0537 0x14f4  [ 34B625F015AE82C284B1B0782B6C397C, 7EAF63D8BDD04D87ED16D23604FCD5C6839D5F5F86BD5CF353B67341C2775903 ] C:\Program Files (x86)\RingCentral\RingCentral Call Controller\ToolkitPro1040vc80.dll
15:35:17.0537 0x14f4  C:\Program Files (x86)\RingCentral\RingCentral Call Controller\ToolkitPro1040vc80.dll - ok
15:35:17.0543 0x14f4  [ 7C93A120A68DE45DA9794D5765C81F88, 793A987C297F0BDB63E53808900CD7120E00A4E480E59C005B40A21242855A9E ] C:\Program Files (x86)\Evernote\Evernote\libpcre.dll
15:35:17.0543 0x14f4  C:\Program Files (x86)\Evernote\Evernote\libpcre.dll - ok
15:35:17.0549 0x14f4  [ FC76BA1586610470603EA50F9EAB6B76, 4AA0F38B91C5A72223CE837359FDDD5240BBF4CED2FA9F7C15F5BB8BBB401874 ] C:\Program Files\Calibre2\calibre.exe
15:35:17.0549 0x14f4  C:\Program Files\Calibre2\calibre.exe - ok
15:35:17.0555 0x14f4  [ 7568CC720ACE4D03B84AF97817E745EF, 7155144CB0B260B969C398A36BC277C97BEADB5DB137D19A4F7E5AF61C3E24D4 ] C:\Windows\System32\mssrch.dll
15:35:17.0555 0x14f4  C:\Windows\System32\mssrch.dll - ok
15:35:17.0562 0x14f4  [ BE3F2025B87338524FF4331B9D31D02D, 4524BA3F1A15006C2CEAAE74EC1CFB859DE71824B78A11E4FC05787CB9294194 ] C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
15:35:17.0562 0x14f4  C:\Program Files (x86)\Evernote\Evernote\libtidy.dll - ok
15:35:17.0568 0x14f4  [ 5046E55184021406C27E8D48A1B2C9D2, DA592E05F2BA21A540B409FD2156A5BDF253EB3B50B30EEDCAE325DD026993D7 ] C:\Windows\System32\l3codeca.acm
15:35:17.0568 0x14f4  C:\Windows\System32\l3codeca.acm - ok
15:35:17.0574 0x14f4  [ 8130391F82D52D36C0441F714136957F, 1FD4FEE7CAF63E450F27729E07EA2A2F09288629FD872DBB6E8710B16D8DBD5D ] C:\Windows\System32\imapi2.dll
15:35:17.0574 0x14f4  C:\Windows\System32\imapi2.dll - ok
15:35:17.0580 0x14f4  [ 3121A79D13A61562BE9CC902CD46B542, 00A5833A48338A4A9A5530844924AF4F1FAB618DA46D7EBBC6E2165C32ED376C ] C:\Windows\System32\msidle.dll
15:35:17.0580 0x14f4  C:\Windows\System32\msidle.dll - ok
15:35:17.0586 0x14f4  [ D23764551068293A44E4D05609818025, 19C99297393CB0953BCC77015459A22D9DFAA2ACB1917EAC4308707524B0209E ] C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\wordicon.exe
15:35:17.0586 0x14f4  C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\wordicon.exe - ok
15:35:17.0594 0x14f4  [ 0990F7AD85225503BC4651585DAC7203, 4766048BFF54AC3B90706F76477492A7D089C15EA7D71DED09C5919FC3D30B11 ] C:\Program Files\Lenovo\HOTKEY\TpFnF5.exe
15:35:17.0594 0x14f4  C:\Program Files\Lenovo\HOTKEY\TpFnF5.exe - ok
15:35:17.0599 0x14f4  [ 92219F72FAC2E32F7FC2348F4930D7A3, 638E2F7C7272454BEA34F93B95A886039D626CC3D51630F72780E112F869696B ] C:\Program Files\Lenovo\HOTKEY\GlWrap.dll
15:35:17.0599 0x14f4  C:\Program Files\Lenovo\HOTKEY\GlWrap.dll - ok
15:35:17.0605 0x14f4  [ 703FFD301AB900B047337C5D40FD6F96, C09909B89183B89BA87CAC8C5BEBD0E995C5CB08CC9B9D1E88352103EE958857 ] C:\Windows\SysWOW64\olepro32.dll
15:35:17.0605 0x14f4  C:\Windows\SysWOW64\olepro32.dll - ok
15:35:17.0611 0x14f4  [ 46A6BA9274D075A2C30025C4E96D875A, 5A7D7335EC2E5E08DC459E2C972A2A8D62AEC500452F1773ADE272B56C12EC56 ] C:\Windows\SysWOW64\msvcp60.dll
15:35:17.0612 0x14f4  C:\Windows\SysWOW64\msvcp60.dll - ok
15:35:17.0618 0x14f4  [ 1D5A24F2CE3A4764C3B2F330A196CC94, CF538F8942D0C1883C349514702208542256DE08DC47C515A294542B9566A677 ] C:\Program Files\Lenovo\HOTKEY\tpwrpc.dll
15:35:17.0618 0x14f4  C:\Program Files\Lenovo\HOTKEY\tpwrpc.dll - ok
15:35:17.0624 0x14f4  [ 69A7998B4BCD9C3BC1F7E9A74D974957, 9307756BA992C71B2332374C6E3A8A7BA86259C051D94BF77F00604C875C3ADC ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
15:35:17.0624 0x14f4  C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe - ok
15:35:17.0628 0x14f4  [ D41EC0A7A364F0BADA9C959D9C976F3E, 450634E2395D846706B2F448FCDDD848FAAE42A0B7AC39A912698FC10499C87A ] C:\Program Files (x86)\RingCentral\RingCentral Call Controller\RCSPSC.dll
15:35:17.0628 0x14f4  C:\Program Files (x86)\RingCentral\RingCentral Call Controller\RCSPSC.dll - ok
15:35:17.0635 0x14f4  [ 50D6658B264C3A3BDFB16BA5E35B6084, 57AFE58B1DA1D75C9A83A13041C3B6FDA5C2C3D204DC190668077002A6A9B487 ] C:\Program Files (x86)\RingCentral\RingCentral Call Controller\RCABEx.dll
15:35:17.0635 0x14f4  C:\Program Files (x86)\RingCentral\RingCentral Call Controller\RCABEx.dll - ok
15:35:17.0645 0x14f4  [ 9472C8A5C1CE7C34B50FD88EE73BC7C1, C901BEA890EB73394BB68E848278FD1404ED9EFC234C41BDBB7753E8A7C2501A ] C:\Program Files\Lenovo\HOTKEY\RES\FnF50009.dll
15:35:17.0645 0x14f4  C:\Program Files\Lenovo\HOTKEY\RES\FnF50009.dll - ok
15:35:17.0652 0x14f4  [ F3351E3CD685E7A83BE82E09C52E9907, 037F2460722A4314B40E8AE1ACFB41F54C5C757CBDB34F24716D470FE19DD4B4 ] C:\Program Files (x86)\RingCentral\RingCentral Call Controller\RCMAPI.dll
15:35:17.0652 0x14f4  C:\Program Files (x86)\RingCentral\RingCentral Call Controller\RCMAPI.dll - ok
15:35:17.0658 0x14f4  [ ACE1BB07E0377E37A2C514CD2EC119B1, A9AFA4774DFA875496764D6E541A6333A3ACD3C5D2BBEF753C2D80BA83B4AC15 ] C:\Windows\System32\mssprxy.dll
15:35:17.0658 0x14f4  C:\Windows\System32\mssprxy.dll - ok
15:35:17.0665 0x14f4  [ 1D184F8F73CE110ECF659AA87D581E1F, FEB6A23D6BE1949902AE1BC3923EC5320D60EB649D3E4B5E639A239CA6422F34 ] C:\Program Files (x86)\RingCentral\RingCentral Call Controller\RCSPKernel.dll
15:35:17.0665 0x14f4  C:\Program Files (x86)\RingCentral\RingCentral Call Controller\RCSPKernel.dll - ok
15:35:17.0671 0x14f4  [ C3761661C17C2248A9379A8FB89E3DE1, CE3477FA2B4058EB80739E0161FE957545F13CF86D313F6422732901D35F75F2 ] C:\Windows\System32\stobject.dll
15:35:17.0671 0x14f4  C:\Windows\System32\stobject.dll - ok
15:35:17.0678 0x14f4  [ F832EEEA97CDDA1AF577E721F652A0D1, EBBB7CA199BA4DF231123922BD310D43DE0104C6185B70FE0281B938D5336F2E ] C:\Windows\System32\batmeter.dll
15:35:17.0678 0x14f4  C:\Windows\System32\batmeter.dll - ok
15:35:17.0684 0x14f4  [ D966B6376C162C41BEE57E4AA40FDA92, 35CEE55206DC671F4D5ED4C390BFC1CC85EED03A14BB1CD9B75C5A24E7855BF4 ] C:\Program Files (x86)\RingCentral\RingCentral Call Controller\localstorage.dll
15:35:17.0684 0x14f4  C:\Program Files (x86)\RingCentral\RingCentral Call Controller\localstorage.dll - ok
15:35:17.0690 0x14f4  [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122, E7EA375A3BDE8FC764CB09524344370B9EE25F98AD6C83E6F37A569EB8D277D6 ] C:\Windows\System32\prnfldr.dll
15:35:17.0690 0x14f4  C:\Windows\System32\prnfldr.dll - ok
15:35:17.0697 0x14f4  [ 0C18568BE622D14A796AC683B88425DE, B2BFE014A0D8D09DAF3E05A42951838683C95DAD3943C21DDC0C3DB231F9C02F ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe
15:35:17.0697 0x14f4  C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe - ok
15:35:17.0703 0x14f4  [ BF3EECF48F166C61A6FF83CD536213EB, A852AB0645228D2600B8DB0174334300B06B85EEB40E4EA365A8EB3C4DED452B ] C:\Windows\System32\atipdl64.dll
15:35:17.0703 0x14f4  C:\Windows\System32\atipdl64.dll - ok
15:35:17.0709 0x14f4  [ 4C39358EBDD2FFCD9132A30E1EC31E16, 06918CF99AD26CD6CF106881C0D5BDB212DC0BAC4549805C9F5906E3D03D152C ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
15:35:17.0710 0x14f4  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
15:35:17.0716 0x14f4  [ 7EE6475E39BD52BE3E7CCD788A7B1F03, 3325126C3152660F4C2600BA5EABBBD857366C42AB3B50458C08E507322B6E90 ] C:\Program Files (x86)\RingCentral\RingCentral Call Controller\RCMessages.dll
15:35:17.0716 0x14f4  C:\Program Files (x86)\RingCentral\RingCentral Call Controller\RCMessages.dll - ok
15:35:17.0723 0x14f4  [ 33A98D07D9C71D8DCAB2C3CD87594BCC, 1F4737BBB178C967174BEC9C3E29F8DF76A0EAF3247CFB1E0B4611E080773E42 ] C:\Program Files (x86)\RingCentral\RingCentral Call Controller\RCSPSkin.dll
15:35:17.0723 0x14f4  C:\Program Files (x86)\RingCentral\RingCentral Call Controller\RCSPSkin.dll - ok
15:35:17.0729 0x14f4  [ 7C74C407EEFE30A423B49E2D10850281, EA882365ECD55EF6C2CADE6AB85483F1EB093348028001C9AF7398741BD7E0F8 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll
15:35:17.0729 0x14f4  C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll - ok
15:35:17.0735 0x14f4  [ 18A8A788009DAE9E2403BAD6BD512729, 0A8868CDA6CF08EE1F90DEBD51E84EFAB574BBD9F01F083E9EAE5591EFD17AB1 ] C:\Program Files\WinRAR\WinRAR.exe
15:35:17.0735 0x14f4  C:\Program Files\WinRAR\WinRAR.exe - ok
15:35:17.0742 0x14f4  [ 797A342CD8DEA52E330B1859951C673F, F4E43A5F2CA6BA309566CE3AF5895245D2CC96D02E0F572C7D8A335D0F3DE65D ] C:\Program Files (x86)\RingCentral\RingCentral Call Controller\LangEngUS.dll
15:35:17.0742 0x14f4  C:\Program Files (x86)\RingCentral\RingCentral Call Controller\LangEngUS.dll - ok
15:35:17.0748 0x14f4  [ 04CB7C8FDC6D9640DD82A527208F72C4, 0F8A327B0234A29EAB1F03D9102A3DF7DB4515BF580163198C5A8C174C98DE4F ] C:\Windows\System32\UIAnimation.dll
15:35:17.0749 0x14f4  C:\Windows\System32\UIAnimation.dll - ok
15:35:17.0755 0x14f4  [ FB0BCD1913964A5CC8C9F9FE167C34E7, 6A9F43E611B0C48112F34D3363CBFB5BA4DC4F0AF2758B260F822AB60C7594EB ] C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\xlicons.exe
15:35:17.0755 0x14f4  C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\xlicons.exe - ok
15:35:17.0761 0x14f4  [ 21D3A18769EC2C4E56756D04E989A221, 89F03143F662514957ADB513C16BA1F4CB15EF67A46037EEAAD09F2F3DD0841B ] C:\Windows\SysWOW64\msxml3.dll
15:35:17.0761 0x14f4  C:\Windows\SysWOW64\msxml3.dll - ok
15:35:17.0767 0x14f4  [ 42A9CB6906D9A8BEDC83B57163E62924, E18522D3137653140757829EFBFCE624A5BAA5842E2BBA10B9E5AB6C84BE49E1 ] C:\Windows\System32\DXP.dll
15:35:17.0767 0x14f4  C:\Windows\System32\DXP.dll - ok
15:35:17.0773 0x14f4  [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891, 0A82A475301202791A7C10F978F952EAB7DB146A702D4EA67E24E2C98BC19638 ] C:\Windows\System32\Syncreg.dll
15:35:17.0773 0x14f4  C:\Windows\System32\Syncreg.dll - ok
15:35:17.0779 0x14f4  [ 3AB46601C373AABB5687593F1FFBD529, 34AC607C34312EEE91F7FA8BBD18DB56005874AC5B478190C84CDB2448303D3B ] C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.EXE
15:35:17.0779 0x14f4  C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.EXE - ok
15:35:17.0785 0x14f4  [ C836175870E00ACC546066632E15BD10, 4347F3319C26DA1C38F395C74DBD67AF886149C8F29EDE765DD96C8480A3054A ] C:\Windows\ehome\ehSSO.dll
15:35:17.0785 0x14f4  C:\Windows\ehome\ehSSO.dll - ok
15:35:17.0792 0x14f4  [ 81E7E920312D372CF57A817049AC7C76, FF9A2E7FE46937B34F8E61F58DF1F6108742CCE58505F212E8666CB4AB7B74F9 ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
15:35:17.0792 0x14f4  C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL - ok
15:35:17.0799 0x14f4  [ C9FB9038B15036CA28CF0B4BE2BED9BD, 0F56384E798B3F725FFEFC6E31A980DA31F620DB847F601273EF19E8CE74A226 ] C:\Windows\System32\en-US\tquery.dll.mui
15:35:17.0799 0x14f4  C:\Windows\System32\en-US\tquery.dll.mui - ok
15:35:17.0805 0x14f4  [ E7368F0A8D19445EAF5C5D0DBB8B8DAB, CF9082360E32A7C3E13A67AC2C6192F4A76870D43DA9FF2936993A637F712761 ] C:\Windows\System32\AltTab.dll
15:35:17.0805 0x14f4  C:\Windows\System32\AltTab.dll - ok
15:35:17.0811 0x14f4  [ E3CD8CA170EBFE8ABAC23E7CA44B6292, CB3922E37CDFECC2693FC64285B403AB9C0FE99A2D8A48EE41091F16D5547709 ] C:\Users\Brenda\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
15:35:17.0811 0x14f4  C:\Users\Brenda\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll - ok
15:35:17.0817 0x14f4  [ C8FDF0FA9E97E2FAAF3F814716AAA881, DD24A1CAB44D943B0E1A795A347AD25D9305FC7F012A2566A6A14BD47221831F ] C:\Windows\System32\WPDShServiceObj.dll
15:35:17.0817 0x14f4  C:\Windows\System32\WPDShServiceObj.dll - ok
15:35:17.0823 0x14f4  [ 10F815BE90A66AAFC6C713D1BD626064, 01139FC04BC53594296F6A0E16B8D20B940F64BC8119FE7705C03C4947958F39 ] C:\Windows\System32\pnidui.dll
15:35:17.0823 0x14f4  C:\Windows\System32\pnidui.dll - ok
15:35:17.0829 0x14f4  [ B9F0A4020AA98B7A20287BF7FE99A1FD, 21138F161EEEA46198890C7A2D073F2C82829E15676131BDAD9F237EDC7477CD ] C:\Windows\System32\QUTIL.DLL
15:35:17.0829 0x14f4  C:\Windows\System32\QUTIL.DLL - ok
15:35:17.0835 0x14f4  [ 4F3CD1C59EA71401E155C432BCECE180, 6D4118A627CAE509E43D0CC0062EECAA0990C955BB15AE24834460551B2F51A2 ] C:\Windows\System32\PortableDeviceTypes.dll
15:35:17.0835 0x14f4  C:\Windows\System32\PortableDeviceTypes.dll - ok
15:35:17.0842 0x14f4  [ 8FD238F2DBDB3CE2F8ED4F6451647B4A, 0AFA0FF6555ABA6ABB9C34829DD089FEE956EB655CCE8345D9E4A4911B6EE5E3 ] C:\Program Files (x86)\RingCentral\RingCentral Call Controller\Characters\RCSPSkSPBlue.dll
15:35:17.0842 0x14f4  C:\Program Files (x86)\RingCentral\RingCentral Call Controller\Characters\RCSPSkSPBlue.dll - ok
15:35:17.0848 0x14f4  [ 92DBF0A4C9239169010FC6E07859C82E, 00FB2CF4420F0FFEF519AFE732A708CF249640121E2A891CAA164313ABD7F804 ] C:\Windows\System32\ActionCenter.dll
15:35:17.0849 0x14f4  C:\Windows\System32\ActionCenter.dll - ok
15:35:17.0854 0x14f4  [ 8569E35D00F45972E506502EEE622BA4, 01FE851C03DB88C8373099C279F995A559D962B08932E193032FA3EAD522FB01 ] C:\Windows\System32\srchadmin.dll
15:35:17.0854 0x14f4  C:\Windows\System32\srchadmin.dll - ok
15:35:17.0861 0x14f4  [ 457B20E2175F571649082BCC541A8BAF, CDA57061E048232BB0E009ED1A3A66C14CC20D471DCBEFE187D7D9829376285F ] C:\Program Files (x86)\RingCentral\RingCentral Call Controller\RCTSISipClient.dll
15:35:17.0861 0x14f4  C:\Program Files (x86)\RingCentral\RingCentral Call Controller\RCTSISipClient.dll - ok
15:35:17.0868 0x14f4  [ 8B980DEB2BF3E978C2F7831E0735B75A, 4F7CD6D24F205F782EB43320840ACD4FBC5D862F274EACB0E58588FFFC35C3DD ] C:\Program Files (x86)\RingCentral\RingCentral Call Controller\SipManager.dll
15:35:17.0868 0x14f4  C:\Program Files (x86)\RingCentral\RingCentral Call Controller\SipManager.dll - ok
15:35:17.0874 0x14f4  [ 21BFA433415377C6C9E428202BDFA9F9, EB48ED040F5446F2B6318A56E7C6647FFBD2CA19F95BBE94AC2E47F411486DA8 ] C:\Users\Brenda\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
15:35:17.0874 0x14f4  C:\Users\Brenda\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll - ok
15:35:17.0879 0x14f4  [ F7A256EC899C72B4ECDD2C02CB592EFD, 9C1AA9322E83CABB94AEA4375EAEB0C44700E1F33B8BE98649BA1DF4DDFAD326 ] C:\Windows\System32\bthprops.cpl
15:35:17.0879 0x14f4  C:\Windows\System32\bthprops.cpl - ok
15:35:17.0885 0x14f4  [ D2155709E336C3BC15729EB87FEC6064, 682A84C0F2D892E7A6CEE4E5937B4799E352AAE3B71E7037F2A343373467443C ] C:\Windows\System32\rasdlg.dll
15:35:17.0885 0x14f4  C:\Windows\System32\rasdlg.dll - ok
15:35:17.0891 0x14f4  [ 59D7519FAF0415F3E93DAFCCABD43D3E, 1199B82C74058A7CAC3E94D7D8BA345B6CF0F250B3B88D611493404CCF3E4CEC ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotradd.dll
15:35:17.0891 0x14f4  C:\Program Files (x86)\HP\Digital Imaging\bin\hpotradd.dll - ok
15:35:17.0897 0x14f4  [ 0E85C11F8850D524B02181C6E02BA9AE, 8703566931067CCF949E9779E4D328DD21210329DD687459300C83DDD06390A8 ] C:\Windows\SysWOW64\dsound.dll
15:35:17.0898 0x14f4  C:\Windows\SysWOW64\dsound.dll - ok
15:35:17.0903 0x14f4  [ E4FCA0F99A41E460C84016DEFD31E6EF, 8EB14AF2025EADC7C86280E8417D8F286E8271B4F88B31696E33DFD72B3A0EF2 ] C:\Windows\System32\wlanhlp.dll
15:35:17.0903 0x14f4  C:\Windows\System32\wlanhlp.dll - ok
15:35:17.0909 0x14f4  [ 357BE883C5236BFC7341CB9E82308908, 4DDB697FD9B7C516CF99D73C8799EA35BB97E2431216CD7C1045F17B06109FBF ] C:\Windows\System32\wlanapi.dll
15:35:17.0909 0x14f4  C:\Windows\System32\wlanapi.dll - ok
15:35:17.0916 0x14f4  [ 08DFDBD2FD4EA951DC46B1C7661ED35A, D926530C659DDAF80770663F46F1EFD94FFB4AAB475C4E3367CB531AF4A734E1 ] C:\Windows\SysWOW64\powrprof.dll
15:35:17.0916 0x14f4  C:\Windows\SysWOW64\powrprof.dll - ok
15:35:17.0922 0x14f4  [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2, E8ACB693B1A78FAEF292111BE3F9B10BA95C76833C06C931A08EAAAE39A21334 ] C:\Windows\System32\dot3api.dll
15:35:17.0922 0x14f4  C:\Windows\System32\dot3api.dll - ok
15:35:17.0929 0x14f4  [ 8F48362B61A6637D1B064278E549EF40, FFDB8F27F2158B62E6EE3C020D27AD7CAD9BE5A42F5A99093AF68FDC44A97FD0 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddusr.dll
15:35:17.0929 0x14f4  C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddusr.dll - ok
15:35:17.0935 0x14f4  [ 81F6C1AE23B1C493D9E996C3103915D7, E22408B4D2EDE2F89E686A4FDCD4057BE27B86D050E9CB489F0FFB39C72AEC1D ] C:\Windows\SysWOW64\dhcpcsvc6.dll
15:35:17.0935 0x14f4  C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
15:35:17.0941 0x14f4  [ 6699A112A3BDC9B52338512894EBA9D6, 10888BB9C3799E1E8B010C0F9088CED376AAD63A509FCE1727C457B022CDC717 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
15:35:17.0941 0x14f4  C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
15:35:17.0948 0x14f4  [ D205C24A9D069049FE2DF2A1B38726A7, B98F420B57A34FDA24F9A655319245EEF86EF4A952014FFA018070A01D5CBC4C ] C:\Windows\SysWOW64\wdmaud.drv
15:35:17.0948 0x14f4  C:\Windows\SysWOW64\wdmaud.drv - ok
15:35:17.0954 0x14f4  [ 5DA219F57A9076FB6FBD3C9C3713A672, 274FE616625B336D81841FDC752C8053D4CD6926565B899760D298D145CBA1A3 ] C:\Windows\System32\WWanAPI.dll
15:35:17.0954 0x14f4  C:\Windows\System32\WWanAPI.dll - ok
15:35:17.0960 0x14f4  [ 139D3AB6AA920C34C50CBFFB9EB7D222, 5A5D205E16E6AFDCC965E4144FE6E104157DE7541D31727520363F2670513940 ] C:\Windows\SysWOW64\avrt.dll
15:35:17.0960 0x14f4  C:\Windows\SysWOW64\avrt.dll - ok
15:35:17.0966 0x14f4  [ 07393A09C46083588E751B63B03C8301, 36E2351CF5FA05FEAAEB340B5E04B107B53C8174F8333559D8AEA40BEB94F678 ] C:\Windows\SysWOW64\msacm32.drv
15:35:17.0966 0x14f4  C:\Windows\SysWOW64\msacm32.drv - ok
15:35:17.0972 0x14f4  [ 62C7AACC746C9723468A8F2169ED3E85, 40E901F3EAFE52DF11D6BC4EF0E79F666EBDACE0B3C090CAD2358076E893EA47 ] C:\Windows\System32\wwapi.dll
15:35:17.0972 0x14f4  C:\Windows\System32\wwapi.dll - ok
15:35:17.0979 0x14f4  [ 5A12C364AD1D4FCC0AD0E56DBBC34462, 5FDF434BE4E15311AC83754CF85B5451F5A219D768A5DE3DC4FD9AE0B57B0AD9 ] C:\Windows\SysWOW64\midimap.dll
15:35:17.0979 0x14f4  C:\Windows\SysWOW64\midimap.dll - ok
15:35:17.0984 0x14f4  [ 6B851E682A36453E1B1EE297FFB6E2AB, A641D3FD9463C4788B45B8B5584EA4489C1F63A71B4B595AE85FF3482CD5EDA6 ] C:\Windows\System32\QAGENT.DLL
15:35:17.0984 0x14f4  C:\Windows\System32\QAGENT.DLL - ok
15:35:17.0990 0x14f4  [ C7494C67A6BF6FE914808E42F8265FEF, 3A3871983F2D9A57739C70365DC3F417D9BF02F5C0C4CC3272EA9F3D380EF962 ] C:\Program Files\Windows Media Player\wmpnssci.dll
15:35:17.0990 0x14f4  C:\Program Files\Windows Media Player\wmpnssci.dll - ok
15:35:17.0997 0x14f4  [ A9F3BFC9345F49614D5859EC95B9E994, 306467D280E99D0616E839278A4DB5BED684F002AE284C3678CABB5251459CB3 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
15:35:17.0997 0x14f4  C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
15:35:18.0003 0x14f4  [ 08C99C8EBF2C0ED3BA6A144ABB6CCDC8, CFAD6568F12B0E726E176D4358B0AD361394A43FF9D16C347607D219A2D9BF57 ] C:\Program Files (x86)\RingCentral\RingCentral Call Controller\RCABExport.dll
15:35:18.0003 0x14f4  C:\Program Files (x86)\RingCentral\RingCentral Call Controller\RCABExport.dll - ok
15:35:18.0010 0x14f4  [ 95D9F26B079B627D66392140D5B8B9C4, 366192007EBE63AACD9C90904665556516E8C6385D8A57299C0B0F3CB26601B4 ] C:\Program Files (x86)\RingCentral\RingCentral Call Controller\inimngr.dll
15:35:18.0010 0x14f4  C:\Program Files (x86)\RingCentral\RingCentral Call Controller\inimngr.dll - ok
15:35:18.0016 0x14f4  [ C746F3BF98E92FB137B5BD2B8B5925BD, 67A8990F3D491D149E65C90042909259793C65E671DC953FDA1F7590FAC23D9E ] C:\Windows\System32\FXSST.dll
15:35:18.0016 0x14f4  C:\Windows\System32\FXSST.dll - ok
15:35:18.0022 0x14f4  [ 650CAEA856943E29F25A25D31E004B18, DCA63D2AF4C6F14B27EA006F200E58A5C13AC940A51947A40F668908A446CC4E ] C:\Windows\System32\FXSAPI.dll
15:35:18.0022 0x14f4  C:\Windows\System32\FXSAPI.dll - ok
15:35:18.0028 0x14f4  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] C:\Windows\System32\FXSSVC.exe
15:35:18.0028 0x14f4  C:\Windows\System32\FXSSVC.exe - ok
15:35:18.0035 0x14f4  [ 50EE5F0AF1BAEBA3EF31894F58A286EC, 6417CB048132B4F5F7904AC03441DBC554EB078FBF18DCC9C86A06A8E7BD5927 ] C:\Users\Brenda\AppData\Roaming\Dropbox\bin\libcef.dll
15:35:18.0035 0x14f4  C:\Users\Brenda\AppData\Roaming\Dropbox\bin\libcef.dll - ok
15:35:18.0041 0x14f4  [ 161EFB45DE0744802FBE88F50B57EB86, EA518AA1500B8D687028080420B89B35897CA6023CF971809E9223D0F0DCF2A5 ] C:\Program Files\Internet Explorer\sqmapi.dll
15:35:18.0041 0x14f4  C:\Program Files\Internet Explorer\sqmapi.dll - ok
15:35:18.0048 0x14f4  [ BC0D4AFBE94D8E1F81C8926D805C3366, 05734F888CEC5CCA81B81C959EF11C6D32740A512C785D42A497CC09C23796C9 ] C:\Windows\System32\webcheck.dll
15:35:18.0048 0x14f4  C:\Windows\System32\webcheck.dll - ok
15:35:18.0054 0x14f4  [ CCDB8FDC289AA9AFA5F8827A2ADB21AD, 5FD10FC9B3EE71889624D9C8020A18AF039D0BCF581331B45CAE82F3DA782901 ] C:\Windows\System32\ieframe.dll
15:35:18.0054 0x14f4  C:\Windows\System32\ieframe.dll - ok
15:35:18.0060 0x14f4  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] C:\Windows\SysWOW64\netprofm.dll
15:35:18.0060 0x14f4  C:\Windows\SysWOW64\netprofm.dll - ok
15:35:18.0066 0x14f4  [ 15E298B5EC5B89C5994A59863969D9FF, 8D38B2E023462D0804F72E907D11FF72CE84540EA3B8D83F411C602C3F6A1177 ] C:\Windows\SysWOW64\npmproxy.dll
15:35:18.0066 0x14f4  C:\Windows\SysWOW64\npmproxy.dll - ok
15:35:18.0072 0x14f4  [ 5434E18B933E03F274D8DA59FDA4C676, EF080AD7436D544C285D026131AD0FAA0B54D7E2F098D5C6C5920BBF88B3F6A7 ] C:\Users\Brenda\AppData\Roaming\Dropbox\bin\icudt.dll
15:35:18.0072 0x14f4  C:\Users\Brenda\AppData\Roaming\Dropbox\bin\icudt.dll - ok
15:35:18.0079 0x14f4  [ 423982DD851406A52B6399DDB196C606, 5FFBA6D1E9398E7C5D18553EE1C485F59174013622332F7BD8D461F707F1EC93 ] C:\Windows\System32\wmdrmdev.dll
15:35:18.0079 0x14f4  C:\Windows\System32\wmdrmdev.dll - ok
15:35:18.0085 0x14f4  [ 2C1055E2C6D42753241FB2A129136994, A8E858B4CB8E1E13C7574330C703E0060AEE8B7B19B682F9AE5B4A02BDC659E2 ] C:\Windows\System32\drmv2clt.dll
15:35:18.0085 0x14f4  C:\Windows\System32\drmv2clt.dll - ok
15:35:18.0093 0x14f4  [ FB4045578F5180BDB1963AB352B78548, 8E645A63436EE6CDDB78E6064AEB04ECE39208F760A3EF13A3F49FDF41505E21 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
15:35:18.0093 0x14f4  C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
15:35:18.0102 0x14f4  [ 9108540E866F75C7AF2B91DD921A8091, 7208C8E05E818781D7F2703B86848FC90651E0D8BE10362863250F2283CEC511 ] C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
15:35:18.0103 0x14f4  C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
15:35:18.0108 0x14f4  [ 8494E126F0B10180F3293AF861CE1F7A, 538B1F30423DB2398E611BC46C80150C090698E633BABF7362F7060DBF0C3064 ] C:\Windows\System32\mlang.dll
15:35:18.0108 0x14f4  C:\Windows\System32\mlang.dll - ok
15:35:18.0114 0x14f4  [ 101797BA603D227946B4B5109867EB19, EBF2B48D1A4FE148F455EA32023ABC0D479215D48C7CE76E765F199CD3C80AF8 ] C:\Windows\System32\SyncCenter.dll
15:35:18.0114 0x14f4  C:\Windows\System32\SyncCenter.dll - ok
15:35:18.0119 0x14f4  [ A0E0DD0AF2FE0800A48EFFAD837E3DA8, 3E33A4A46C73EBAA62F0DD1E508FA414EB12CD709CB41D0FA224C3D251019323 ] C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key
15:35:18.0120 0x14f4  C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key - ok
15:35:18.0126 0x14f4  [ 1EB82516F21F27EED1833B4F9FD9614E, 601A529EB775D0034C9F98755AA9E9191D546BCF4A7493D08294649120E96C52 ] C:\Windows\System32\wmp.dll
15:35:18.0126 0x14f4  C:\Windows\System32\wmp.dll - ok
15:35:18.0133 0x14f4  [ AB11CEFE591909A85E98E27A230807C7, 6BC521BC1DE4CDB47972A3C1AF86D594F60FD451CA8E62D982CBC00F69D637C8 ] C:\Program Files\Windows Sidebar\sbdrop.dll
15:35:18.0133 0x14f4  C:\Program Files\Windows Sidebar\sbdrop.dll - ok
15:35:18.0139 0x14f4  [ DDAC02CDECCB81D4FC3A906C3A250DC7, 7F1BA93D2A0FE30C42A7EB8800393AF6110F9C56815C26BA4034AA12B4F1BC11 ] C:\PROGRA~2\RINGCE~1\RINGCE~1\RCSPOptions.dll
15:35:18.0139 0x14f4  C:\PROGRA~2\RINGCE~1\RINGCE~1\RCSPOptions.dll - ok
15:35:18.0146 0x14f4  [ 13A7AD035AFBE3C11E00CEA327C95122, 283E49850920ED3F27AA15277974F48AFA3EB737D5D5361DE65CE0F97C1D5C15 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll
15:35:18.0146 0x14f4  C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll - ok
15:35:18.0152 0x14f4  [ 8558E98996953D7A0468EE6069F5568C, 02F16600D5410804A279E11EC7BACC058E76C5ED4E15478AA041CF8AEA3E161B ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamenu.dll
15:35:18.0152 0x14f4  C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamenu.dll - ok
15:35:18.0159 0x14f4  [ FB52552E2350D0AA939F88965C422070, D62E3FA51B491F73B96E806054E9BE0E49FA331A710BCFA4AD0F1813EF52BA77 ] C:\PROGRA~2\RINGCE~1\RINGCE~2\RCMSOExt.dll
15:35:18.0159 0x14f4  C:\PROGRA~2\RINGCE~1\RINGCE~2\RCMSOExt.dll - ok
15:35:18.0164 0x14f4  [ 96DB78C9C50CEED9DA5050EFFEE272A2, 51CF3E1F96555A4E4B5BC0DE2598CE5A0199F495644A91C2105F25A5A4CF10E3 ] C:\Windows\System32\upnp.dll
15:35:18.0165 0x14f4  C:\Windows\System32\upnp.dll - ok
15:35:18.0171 0x14f4  [ 6A5C1A8AC0B572679361026D0E900420, B5E693B48B462E97738A3D4E58B60846159649EB15F4D11074B4BC107CC88562 ] C:\Windows\System32\hgcpl.dll
15:35:18.0171 0x14f4  C:\Windows\System32\hgcpl.dll - ok
15:35:18.0177 0x14f4  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] C:\Windows\System32\fdPHost.dll
15:35:18.0177 0x14f4  C:\Windows\System32\fdPHost.dll - ok
15:35:18.0183 0x14f4  [ F0074CEB72EA93608037C98A1F187DB5, CB32124357FC7251BB056425549F4918E02FC848CDB8D984806B7EC15CF9D132 ] C:\Windows\System32\Display.dll
15:35:18.0183 0x14f4  C:\Windows\System32\Display.dll - ok
15:35:18.0189 0x14f4  [ E19AD0D49BFF5938B3E374873AC174DE, 4D66BC57AC6FB03B9FC9A554CB039FAA8460CDA9D25C078AE9421A9648809566 ] C:\Windows\System32\wmploc.DLL
15:35:18.0189 0x14f4  C:\Windows\System32\wmploc.DLL - ok
15:35:18.0194 0x14f4  [ 171D7DB433314A868507C4326E8209DC, 254E0D9F99CE47104CF21D8E968D89D6A09B9CE47168E760BAB28AD5A1E9E6A3 ] C:\Windows\System32\fdWSD.dll
15:35:18.0195 0x14f4  C:\Windows\System32\fdWSD.dll - ok
15:35:18.0202 0x14f4  [ A2E5B2D20954210DCE1A75A1FC8CC36D, 1EA240AC37ECA4EC3E542F9E6DF72753EBA1DF76CBA8691EC61ABCC51EE6FCB2 ] C:\Windows\System32\fdSSDP.dll
15:35:18.0202 0x14f4  C:\Windows\System32\fdSSDP.dll - ok
15:35:18.0207 0x14f4  [ D603FEF78F2993567CB34B61FBB0BD09, 6AE6011D2D05119755A7F82E23469A3D308EE298E1E2FFE584168CE651C460A6 ] C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
15:35:18.0207 0x14f4  C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE - ok
15:35:18.0213 0x14f4  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
15:35:18.0213 0x14f4  C:\Program Files\Windows Sidebar\sidebar.exe - ok
15:35:18.0220 0x14f4  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] C:\Windows\System32\FDResPub.dll
15:35:18.0220 0x14f4  C:\Windows\System32\FDResPub.dll - ok
15:35:18.0225 0x14f4  [ CFA6B4D4A70D67C6387C29FA6FD703D0, 88E6D08F37B219F1B79F71FE61ECAADEB8498D3D65913BC3F083FBC986BE06E2 ] C:\Windows\System32\themecpl.dll
15:35:18.0225 0x14f4  C:\Windows\System32\themecpl.dll - ok
15:35:18.0232 0x14f4  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] C:\Windows\System32\ssdpsrv.dll
15:35:18.0232 0x14f4  C:\Windows\System32\ssdpsrv.dll - ok
15:35:18.0238 0x14f4  [ 2A436796758BF2555A26C770FE8A6FEE, 9E42AF3A3CB05E323CBB7F93FE7C454CD251672C5D9F5E94909131A5D8F9204A ] C:\Windows\System32\fdProxy.dll
15:35:18.0238 0x14f4  C:\Windows\System32\fdProxy.dll - ok
15:35:18.0244 0x14f4  [ F479C4B55B70A27E509113273DC1E67B, 8AB8B400E1D012A872DF8B99523D7B8654A4C1A631B66698E1A6020574FD5BBD ] C:\Program Files\Internet Explorer\ieproxy.dll
15:35:18.0245 0x14f4  C:\Program Files\Internet Explorer\ieproxy.dll - ok
15:35:18.0252 0x14f4  [ 828879B74A42CDECA064B1F496067D56, 8B81468B95DBFEB705CF7A762E620485FB14551F0FD9827D38DE6A00C935D576 ] C:\Program Files (x86)\RingCentral\RingCentral Call Controller\RCMSODIAL.DLL
15:35:18.0252 0x14f4  C:\Program Files (x86)\RingCentral\RingCentral Call Controller\RCMSODIAL.DLL - ok
15:35:18.0257 0x14f4  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] C:\Windows\System32\ListSvc.dll
15:35:18.0257 0x14f4  C:\Windows\System32\ListSvc.dll - ok
15:35:18.0263 0x14f4  [ B6411CED931AFD059E48C52DBFBA95B4, 4E275A691E6A1C07D72DC8DA16B58B6634286A5058C3F4AC0ABD92B9A57FB5D5 ] C:\Windows\System32\P2P.dll
15:35:18.0263 0x14f4  C:\Windows\System32\P2P.dll - ok
15:35:18.0269 0x14f4  [ 92E0508D924512F63FFEEFE498CBD11F, 1158011E4A1298DEC79133B40888AA87B06F5B64BA2AB461B58C22F5F9211D0C ] C:\Windows\System32\p2pcollab.dll
15:35:18.0269 0x14f4  C:\Windows\System32\p2pcollab.dll - ok
15:35:18.0275 0x14f4  [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159, ACE7F85685EB92FC3AB4215122B0469E32F23B196C49F08CDA7791D3122C45DC ] C:\Windows\SysWOW64\rtutils.dll
15:35:18.0275 0x14f4  C:\Windows\SysWOW64\rtutils.dll - ok
15:35:18.0282 0x14f4  [ 355A138ABDFD43FBABCAE3A1B06AB93D, 26015CE72D27E2F7FA7322203CDF236896A079F8325F1B24975CA12C57FD4B7B ] C:\Windows\System32\wmpps.dll
15:35:18.0282 0x14f4  C:\Windows\System32\wmpps.dll - ok
15:35:18.0288 0x14f4  [ 4A82EA2807B16FF577AEAF8ADB8779FF, C7F9A45FF80DFDE804D81BEE23C748A465AEB729DF2C9E327374CDD94E300547 ] C:\Windows\System32\IdListen.dll
15:35:18.0288 0x14f4  C:\Windows\System32\IdListen.dll - ok
15:35:18.0293 0x14f4  [ F149E8CAE538DBF7059B00326673F602, 8B576A68AE43B506D0C7E91C63E8EF1DB9E73F0E87E48CF57086BCE51E5F8C36 ] C:\Windows\System32\wmpmde.dll
15:35:18.0293 0x14f4  C:\Windows\System32\wmpmde.dll - ok
15:35:18.0301 0x14f4  [ A0524499F4C63CADA7E1529FC77F5DC1, DCAF3C89B7363139EB128C6240CA2B301090BF18C57688B0990FC2BBF680752F ] C:\Windows\System32\hgprint.dll
15:35:18.0301 0x14f4  C:\Windows\System32\hgprint.dll - ok
15:35:18.0306 0x14f4  [ 021287C2050FD5DB4A8B084E2C38139C, EA27C640FE0F1E8BAE70BEF98E663E68A35336BB6D52D56B2367297D22C50648 ] C:\Windows\System32\WinSATAPI.dll
15:35:18.0306 0x14f4  C:\Windows\System32\WinSATAPI.dll - ok
15:35:18.0312 0x14f4  [ 66C87DB880052104808507D6FA84D68E, 46BD5C16225B3D0BF786FDA6461CE9A549DAA9FA38C8BDADAA0AF08FA6A24260 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
15:35:18.0312 0x14f4  C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL - ok
15:35:18.0319 0x14f4  [ 28A7D7C7E2FDD1D55F12F750CD6331EC, 0CC0159D3F5682307439D8F3651A080430C7EAB8EFA25BA246AADF4665297E8D ] C:\Windows\System32\MSMPEG2ENC.DLL
15:35:18.0319 0x14f4  C:\Windows\System32\MSMPEG2ENC.DLL - ok
15:35:18.0326 0x14f4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] C:\Windows\System32\pnrpsvc.dll
15:35:18.0326 0x14f4  C:\Windows\System32\pnrpsvc.dll - ok
15:35:18.0331 0x14f4  [ 46767946E7B559D981C1DC04EC0AB36F, 69137AA9AEF9727FFD1B65AA4D658C6E8AAD3A062717B447260502B4D7DB90C6 ] C:\Windows\System32\devenum.dll
15:35:18.0331 0x14f4  C:\Windows\System32\devenum.dll - ok
15:35:18.0338 0x14f4  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] C:\Windows\System32\QAGENTRT.DLL
15:35:18.0338 0x14f4  C:\Windows\System32\QAGENTRT.DLL - ok
15:35:18.0343 0x14f4  [ 558C42D165DB5799B4072DC0A9C27C0B, 2385E16ACF07252D5567EC091C1B39D39BB8199F60854D5A91EDC948C57B3A3F ] C:\Windows\System32\msdmo.dll
15:35:18.0343 0x14f4  C:\Windows\System32\msdmo.dll - ok
15:35:18.0349 0x14f4  [ 506A83A3BEEE9FCA09F0170DE9FC7D1B, 2DFBD792B68F3EBEF0843183CAE5D52B6FA04163808AFACF6C0D738455898C36 ] C:\Windows\System32\fveui.dll
15:35:18.0349 0x14f4  C:\Windows\System32\fveui.dll - ok
15:35:18.0355 0x14f4  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] C:\Windows\System32\p2psvc.dll
15:35:18.0355 0x14f4  C:\Windows\System32\p2psvc.dll - ok
15:35:18.0362 0x14f4  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] C:\Windows\System32\upnphost.dll
15:35:18.0362 0x14f4  C:\Windows\System32\upnphost.dll - ok
15:35:18.0367 0x14f4  [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1, 13E0350F82C61ED03E9A09FF991610EEDA214B2EBAF042396F29D3D49A6298A9 ] C:\Windows\System32\P2PGraph.dll
15:35:18.0367 0x14f4  C:\Windows\System32\P2PGraph.dll - ok
15:35:18.0374 0x14f4  [ 71E68F2443A80BD4DA89181889C457EA, 8665D3DDF92B05EF287FB6EC43782512C23A1437764CF6F4DE0B00547F3C696B ] C:\Windows\System32\udhisapi.dll
15:35:18.0374 0x14f4  C:\Windows\System32\udhisapi.dll - ok
15:35:18.0380 0x14f4  [ D9E21CBF9E6A87847AFFD39EA3FA28EE, B2AE0BBF907D4108DE3485E6059DF8D10C39707CD508A55A2D9627A66D01AE78 ] C:\Windows\System32\SearchProtocolHost.exe
15:35:18.0380 0x14f4  C:\Windows\System32\SearchProtocolHost.exe - ok
15:35:18.0386 0x14f4  [ D2A5B2B09F2AF5ED13BF494508B09788, 3FA04E84EC5A575E7804E44BA3BF1C4143E53C4ACF6C823CD029711529B0BE2C ] C:\Windows\System32\msshooks.dll
15:35:18.0386 0x14f4  C:\Windows\System32\msshooks.dll - ok
15:35:18.0392 0x14f4  [ 49A3AD5CE578CD77F445F3D244AEAB2D, 1D200547C6277C4A878A9ADD94045F7ACCC583609985C592AAE9B9B9CA7B812A ] C:\Windows\System32\SearchFilterHost.exe
15:35:18.0392 0x14f4  C:\Windows\System32\SearchFilterHost.exe - ok
15:35:18.0399 0x14f4  [ 48041BAEB60CE5F34F13CC2A1361E49C, AF82355A4C0D872F1F45261381C23C1510C2C77DD5F040B706FD7A3D63D4BAA4 ] C:\Windows\System32\mssph.dll
15:35:18.0399 0x14f4  C:\Windows\System32\mssph.dll - ok
15:35:18.0405 0x14f4  [ 8F4BB0CFECED925D440ABC2481278360, 0A87E7E1B38300E211F2ECA10BFB9831CF79B128DEB9D7AB0AA6A715197FF2DD ] C:\Windows\System32\mapi32.dll
15:35:18.0405 0x14f4  C:\Windows\System32\mapi32.dll - ok
15:35:18.0411 0x14f4  [ FF2B106909EED48C536DA04742C0324A, 7FEE709C0E37747412C3420EC2622F23F1CD87473D0A5890F2752E8F0B76D3E0 ] C:\Windows\System32\Query.dll
15:35:18.0411 0x14f4  C:\Windows\System32\Query.dll - ok
15:35:18.0416 0x14f4  [ F2C7BB8ACC97F92E987A2D4087D021B1, 142E1D688EF0568370C37187FD9F2351D7DDEDA574F8BFA9B0FA4EF42DB85AA2 ] C:\Windows\System32\notepad.exe
15:35:18.0417 0x14f4  C:\Windows\System32\notepad.exe - ok
15:35:18.0422 0x14f4  [ 2E7ADF9B0389CD94605717784D7E416A, A8E478A2FAE9013921B41E8929F92006AC17B7961FA60D807E9BA6C1C66E1DC6 ] C:\Windows\System32\drttransport.dll
15:35:18.0422 0x14f4  C:\Windows\System32\drttransport.dll - ok
15:35:18.0428 0x14f4  [ C57BC99A4467B3E8F1CC2184A3F46729, 5DF1CFE59E597CEC6E6C1C3945D5FA4DE487E811F08D4E1A6ACC83932D5FDB42 ] C:\Windows\System32\drt.dll
15:35:18.0428 0x14f4  C:\Windows\System32\drt.dll - ok
15:35:18.0435 0x14f4  [ 3206A288014B1207F4E86336385CB41D, BCB425FD2BE11E59D4DD7F62B571C1F244970636858ACEC8FE4F791924DE208C ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL
15:35:18.0435 0x14f4  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL - ok
15:35:18.0442 0x14f4  [ 81953836F678A7353A797E3F7DE69B55, 89A051CBD6E8EA1904F3F98C982DC227F0286499D98FE2DA3F51F9FDF2303E93 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll
15:35:18.0442 0x14f4  C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll - ok
15:35:18.0448 0x14f4  [ FC3001B4B9DF50B61F3CCA615759EFE7, 9AAE3665AD2893E7DB41965D430A7230B826AC4580603F20102E21C19C15535F ] C:\Windows\System32\PhotoMetadataHandler.dll
15:35:18.0448 0x14f4  C:\Windows\System32\PhotoMetadataHandler.dll - ok
15:35:18.0454 0x14f4  [ F1C19F0AA151B90A7416FA1D50DDB582, A4AE6B056BF65A12CE5BEDFC3ADE156F088AEAC7196EB5741C9573C64552A7C0 ] C:\Windows\System32\WindowsCodecsExt.dll
15:35:18.0454 0x14f4  C:\Windows\System32\WindowsCodecsExt.dll - ok
15:35:18.0460 0x14f4  [ AA18AB71FD525B6CF757F4A912BEA654, 88547FDB74F47DB8D6462D192D2788970D4658E3BB912CACE9CEC198D8414E3A ] C:\PROGRA~2\ThinkPad\UTILIT~1\ATM64.DLL
15:35:18.0460 0x14f4  C:\PROGRA~2\ThinkPad\UTILIT~1\ATM64.DLL - ok
15:35:18.0467 0x14f4  [ 20ECAC7791DCBA69121631CB627E5A96, DBF0458BED308078EDD82C81E6D1209E111C5BFA5D64DD068CEDFD9E0A6C05AB ] C:\Windows\System32\mf.dll
15:35:18.0467 0x14f4  C:\Windows\System32\mf.dll - ok
15:35:18.0474 0x14f4  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:35:18.0474 0x14f4  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
15:35:18.0480 0x14f4  [ E5F7C30EDF0892667933BE879F067D67, E4BA45F4C6C74A0CDE9B12A00C91E2F5EF83536C89C9053DEC507CBB4F130A12 ] C:\Windows\SysWOW64\msvcr100_clr0400.dll
15:35:18.0480 0x14f4  C:\Windows\SysWOW64\msvcr100_clr0400.dll - ok
15:35:18.0485 0x14f4  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:35:18.0485 0x14f4  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
15:35:18.0492 0x14f4  [ CB21CD39637AC13F3455454B2F648257, 50DC43323D529B48B9BD236A813F2BCDE55455B75EEE7DD6369AA47599B47A49 ] C:\Windows\System32\msvcr100_clr0400.dll
15:35:18.0492 0x14f4  C:\Windows\System32\msvcr100_clr0400.dll - ok
15:35:18.0498 0x14f4  [ 2FEE18A796A25970BC339B7E5AA9C683, 106C6F57B08D411BF58B1494FAE3D811C68D646F34CA30E2077AD8097710A159 ] C:\Program Files (x86)\Google\Update\1.3.21.165\goopdateres_en.dll
15:35:18.0498 0x14f4  C:\Program Files (x86)\Google\Update\1.3.21.165\goopdateres_en.dll - ok
15:35:18.0504 0x14f4  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] C:\Windows\System32\msdtc.exe
15:35:18.0504 0x14f4  C:\Windows\System32\msdtc.exe - ok
15:35:18.0510 0x14f4  [ 80F720E3C6B85A5FA9F359F881510880, B3C241A26580F26AFC82BC46B2785B9BD91E4F2E11DFEEAAB349C78A1B907579 ] C:\Windows\System32\msdtctm.dll
15:35:18.0510 0x14f4  C:\Windows\System32\msdtctm.dll - ok
15:35:18.0517 0x14f4  [ 60A92D87B1473294574C331F9D0E8C20, 07C176B896E61119CC398F73406F4DCB48E4BD77C1954B84E56A1575D65FE096 ] C:\Windows\System32\msdtcprx.dll
15:35:18.0517 0x14f4  C:\Windows\System32\msdtcprx.dll - ok
15:35:18.0522 0x14f4  [ ACB4F32174EB5066D4684369CEA925E9, 350212A002DBC2FCEB27D7F11032E36AB4D04F2B1EBFEB10F78879DD3F839FD7 ] C:\Windows\System32\mtxclu.dll
15:35:18.0522 0x14f4  C:\Windows\System32\mtxclu.dll - ok
15:35:18.0528 0x14f4  [ 163E9DEDD2B588FB55AA9FFF73A16971, 3D38B44900BFF9D85CDAA8BA97E3A4E3916977262B6274D9CBA41E774D81760F ] C:\Windows\System32\msdtclog.dll
15:35:18.0528 0x14f4  C:\Windows\System32\msdtclog.dll - ok
15:35:18.0535 0x14f4  [ 14768274399730DC93EB2BA4E51C507D, C46716CFFB26D7DDB12F08A743076B5D027AE6765AD9B3230E8E1B633A640F8D ] C:\Windows\System32\xolehlp.dll
15:35:18.0535 0x14f4  C:\Windows\System32\xolehlp.dll - ok
15:35:18.0541 0x14f4  [ 03AAA0FB8F01E4502EAAD38CD9571F8E, 673E1C995991C2B96D8EC58A1C36734066853647B5916C00A9CDF53A16510079 ] C:\Windows\System32\msdtcVSp1res.dll
15:35:18.0541 0x14f4  C:\Windows\System32\msdtcVSp1res.dll - ok
15:35:18.0547 0x14f4  [ 2FDD2ED3AF3B3C14922C2F7A6C94C14E, 0FCD1FD35C52068907F9BB13D5B6C80373BA3872176118F70D73F1BF5672A24C ] C:\Windows\System32\mtxoci.dll
15:35:18.0547 0x14f4  C:\Windows\System32\mtxoci.dll - ok
15:35:18.0553 0x14f4  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] C:\Windows\System32\sppsvc.exe
15:35:18.0553 0x14f4  C:\Windows\System32\sppsvc.exe - ok
15:35:18.0559 0x14f4  [ FFF95479C7AB1550F0750A5D01744211, FF67F892AABCE1C2B695FF4C0816339566F5745C1498D48FAC050E5196C1CE09 ] C:\Windows\System32\drivers\spsys.sys
15:35:18.0559 0x14f4  C:\Windows\System32\drivers\spsys.sys - ok
15:35:18.0565 0x14f4  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] C:\Windows\System32\wscsvc.dll
15:35:18.0565 0x14f4  C:\Windows\System32\wscsvc.dll - ok
15:35:18.0571 0x14f4  [ C47F35CC6FA4F1BDBEF8F87AC1A46537, 82EC7041317666D5370690BD2176CF00F5957036C29429319F45045BFFAE9EC2 ] C:\Windows\System32\wuapi.dll
15:35:18.0571 0x14f4  C:\Windows\System32\wuapi.dll - ok
15:35:18.0577 0x14f4  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] C:\Windows\System32\wuaueng.dll
15:35:18.0577 0x14f4  C:\Windows\System32\wuaueng.dll - ok
15:35:18.0583 0x14f4  [ E746ED90132C6B6313CE9179F56BD31D, CCE0367148E54AA1413C52CCE752CC75EA9E3A8232ECFC263C62A634B8CAEF5F ] C:\Windows\System32\wups.dll
15:35:18.0584 0x14f4  C:\Windows\System32\wups.dll - ok
15:35:18.0590 0x14f4  [ 617F6EC0AC677C685479C1D0D1E76C6F, 77B22C0817558CE70EF7D3BBE04A275FFA35ED2E4AFB17DBDF353DF9932DC693 ] C:\Windows\System32\mspatcha.dll
15:35:18.0590 0x14f4  C:\Windows\System32\mspatcha.dll - ok
15:35:18.0595 0x14f4  [ F6F22291024906E43D135A4B1705FEAC, C1B66012799D247033E8AB8386B51BC86A4E2255E6D0B163AC000B215C51B42A ] C:\Windows\System32\sppwinob.dll
15:35:18.0595 0x14f4  C:\Windows\System32\sppwinob.dll - ok
15:35:18.0602 0x14f4  [ 7FE0D0C8F53735EA17C9AE93EFE7AD5A, 7F67FE1E0453CCCFA5097BFC9087BA5F4B213CCA8AC17FC05D7ED02A52112E05 ] C:\Windows\System32\wups2.dll
15:35:18.0602 0x14f4  C:\Windows\System32\wups2.dll - ok
15:35:18.0607 0x14f4  [ 2B373B5F7E36B5ED5DA176D4400EF091, A7E220CC3661429D786693B277A7F39D5D9E24284B1D9E55DB6295AF7D97D104 ] C:\Windows\System32\sppobjs.dll
15:35:18.0608 0x14f4  C:\Windows\System32\sppobjs.dll - ok
15:35:18.0614 0x14f4  [ 4E81439902079C348B61D7FF027FE147, E652C9EC77745504689532B3C394959F9B5BC29E9C008CB9EE09CDA818514FA9 ] C:\Windows\System32\StructuredQuery.dll
15:35:18.0614 0x14f4  C:\Windows\System32\StructuredQuery.dll - ok
15:35:18.0620 0x14f4  [ B0F69B9DE0AEBFD7E4CEADE6758DF627, 60235E6D0614ED72CDF05E9A62B2B264614CAB29C47246ED408B85BEBE602CCD ] C:\Windows\System32\SearchFolder.dll
15:35:18.0620 0x14f4  C:\Windows\System32\SearchFolder.dll - ok
15:35:18.0627 0x14f4  [ 4715F8F8CDBFFF2728BA38B789A1D7C7, 70E6F51636CFF04FCB5AD95968AC4771BEFE2D205DB7E34681F02DBE24C9CF39 ] C:\Windows\System32\wpdshext.dll
15:35:18.0627 0x14f4  C:\Windows\System32\wpdshext.dll - ok
15:35:18.0632 0x14f4  [ 81252AA3B13743020BCF2089A5A0D911, BFFB1A5917EC1EDAF6B58EAFD888575299365D09C734FACF5A7D1843680DDFD8 ] C:\Windows\System32\wscinterop.dll
15:35:18.0632 0x14f4  C:\Windows\System32\wscinterop.dll - ok
15:35:18.0636 0x14f4  [ DF50DAE4C547285E4997A0C61063B632, 24F1B66CD2C5188609F936E7F4947E29EB120C59731E7028285CE6791F31B580 ] C:\Windows\System32\wscui.cpl
15:35:18.0636 0x14f4  C:\Windows\System32\wscui.cpl - ok
15:35:18.0642 0x14f4  [ 03AB2A2E426C2AD400AC8315226347F8, 71B2628163471D3D8C5681CA7BBAFC03C6EAA499707513FDBDEC009F0EB32E77 ] C:\Windows\System32\EhStorAPI.dll
15:35:18.0642 0x14f4  C:\Windows\System32\EhStorAPI.dll - ok
15:35:18.0648 0x14f4  [ F9959237F106F2B2609E61A290C0652E, FCCC12E5AAE1773BF87B1C4BCE71D017DB1A5A7AC189559058EA1ECC72075A82 ] C:\Windows\System32\werconcpl.dll
15:35:18.0648 0x14f4  C:\Windows\System32\werconcpl.dll - ok
15:35:18.0654 0x14f4  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] C:\Windows\System32\wercplsupport.dll
15:35:18.0654 0x14f4  C:\Windows\System32\wercplsupport.dll - ok
15:35:18.0661 0x14f4  [ 809AE7D4ACE06BBCF621E5C504BF6FC8, 0BAAB89FB57468F27446947D75CBD6DDFC92D9B8F040144A12656803B2F7BF65 ] C:\Windows\System32\hcproviders.dll
15:35:18.0661 0x14f4  C:\Windows\System32\hcproviders.dll - ok
15:35:18.0668 0x14f4  [ 005247E3057BC5D5C3F8C6F886FFC10C, FCB27F89EC36856A4A225744CE5EE3A30CBC8A447868B165D95E8AB2C17F5671 ] C:\Windows\System32\wbem\WMIADAP.exe
15:35:18.0668 0x14f4  C:\Windows\System32\wbem\WMIADAP.exe - ok
15:35:18.0674 0x14f4  [ 9FE3ED67345F0FF829A4A53B90E09672, F70CD131DCF101B26CD55A57876DB3765B3E15C9D3A8B508FF041C91226EC504 ] C:\Windows\System32\loadperf.dll
15:35:18.0674 0x14f4  C:\Windows\System32\loadperf.dll - ok
15:35:18.0680 0x14f4  [ 534D84434D9DB1D1E1E865F64E52AA8E, 7E2AF0C13C90C222227FF4CAB94E2E11FB18B0FE915A63072EE3B8B3D5F42EF0 ] C:\Windows\System32\twext.dll
15:35:18.0680 0x14f4  C:\Windows\System32\twext.dll - ok
15:35:18.0687 0x14f4  [ 0D893F8D145D3B125B0226727C243A69, B344A18C5D5324A891B6E2121EC375AFB9E83D4C59D64EDD2E63854ABEC5D734 ] C:\Windows\System32\security.dll
15:35:18.0687 0x14f4  C:\Windows\System32\security.dll - ok
15:35:18.0693 0x14f4  [ 012787CEB35505EB78DF82E0A0072888, FE082EF9F8462589F8C8BEEFB1D10AB06E1E3D6F4494CABF34097328C109C03E ] C:\Windows\System32\browcli.dll
15:35:18.0693 0x14f4  C:\Windows\System32\browcli.dll - ok
15:35:18.0699 0x14f4  [ C4BFE4B61086416B0529212F92BCE081, A5EE6FB81229885C7A4A4EF0A9C3E9EE9E7F85C1EDE9BEEE236EB0503093D8F3 ] C:\Windows\System32\schedcli.dll
15:35:18.0699 0x14f4  C:\Windows\System32\schedcli.dll - ok
15:35:18.0706 0x14f4  [ 5EA9A0950F322BFA382AF277801C0307, A2C00A3E22A484A00620FF801E0B6EB475C9593C80AF321564E5A0DD2B1C38B7 ] C:\Windows\System32\wbem\wmipcima.dll
15:35:18.0706 0x14f4  C:\Windows\System32\wbem\wmipcima.dll - ok
15:35:18.0711 0x14f4  [ B6D6886149573278CBA6ABD44C4317F5, 273C05C8504CA050FE6C50B50D15F32064EC6672AE85CDE038976027CA4B14D3 ] C:\Windows\System32\slwga.dll
15:35:18.0711 0x14f4  C:\Windows\System32\slwga.dll - ok
15:35:18.0719 0x14f4  [ DB76DB15EFC6E4D1153A6C5BC895948D, 71DDF02C7EE2DF66A08F1A2A08DA39802C354624880A2BE93A706EA7476422A3 ] C:\Windows\System32\sppc.dll
15:35:18.0719 0x14f4  C:\Windows\System32\sppc.dll - ok
15:35:18.0724 0x14f4  [ 3E399A1328181C2A352472369DE2A93A, A730378E6BCD6C6A2BFD00E1EA5D3B49A16AD94E01AE491CDF6750EC5DCF62C6 ] C:\Users\Brenda\AppData\Local\Google\Chrome\Application\chrome.exe
15:35:18.0724 0x14f4  C:\Users\Brenda\AppData\Local\Google\Chrome\Application\chrome.exe - ok
15:35:18.0731 0x14f4  [ 293D5F8CB59093DA5935F9B7DC9EB8CF, 0830C42C246D8A592C58051CFE5F3DA16214642D053BD592FE2248FC801304ED ] C:\Users\Brenda\AppData\Local\Google\Chrome\Application\30.0.1599.101\chrome.dll
15:35:18.0731 0x14f4  C:\Users\Brenda\AppData\Local\Google\Chrome\Application\30.0.1599.101\chrome.dll - ok
15:35:18.0738 0x14f4  [ CB72DF94C7AFABCC2C1EF24BC5CA004D, BC873B9732FF9C5C336F68778B58A034CB224C7146B514CDC3B9FE6F45678652 ] C:\Users\Brenda\AppData\Local\Google\Chrome\Application\30.0.1599.101\icudt.dll
15:35:18.0738 0x14f4  C:\Users\Brenda\AppData\Local\Google\Chrome\Application\30.0.1599.101\icudt.dll - ok
15:35:18.0745 0x14f4  [ 71C4F42DC8DB668E826DA79462EA741E, 69452DBC1CD4E09B27A42A535827B359FA9A2762A106E91653DDB7BF00A9C029 ] C:\Windows\SysWOW64\KBDUS.DLL
15:35:18.0745 0x14f4  C:\Windows\SysWOW64\KBDUS.DLL - ok
15:35:18.0750 0x14f4  [ 088B6F5F40EB2F161DDE3F6A6C6FA2DD, 76C5416E839C9320E8610376FE28102AAF24D59F0EDCC703A361E7A8CDC02CD3 ] C:\Windows\SysWOW64\aticfx32.dll
15:35:18.0750 0x14f4  C:\Windows\SysWOW64\aticfx32.dll - ok
15:35:18.0756 0x14f4  [ 1F27643C4C626457FCE8F047AE1CD7E1, 68E2367B9AA21C1BDE7FEA566D5F0DBDF1E246CB53E949622F8EDC810AA95956 ] C:\Windows\SysWOW64\dxva2.dll
15:35:18.0756 0x14f4  C:\Windows\SysWOW64\dxva2.dll - ok
15:35:18.0762 0x14f4  [ 1CBF15FDB0310345A68972EB5C5B948F, E1EDCE6216B24037B243AC68CEEBD510646B2EFD70BC118E68303F9ED85D1973 ] C:\Windows\SysWOW64\mssprxy.dll
15:35:18.0763 0x14f4  C:\Windows\SysWOW64\mssprxy.dll - ok
15:35:18.0770 0x14f4  [ FDBA1DEC4F9BE4274A00B9B850C63484, 045846267BCB1D9C4931A4871C887D8496E92DF655936DD5D40375E09C950510 ] C:\Windows\SysWOW64\mf.dll
15:35:18.0770 0x14f4  C:\Windows\SysWOW64\mf.dll - ok
15:35:18.0775 0x14f4  [ 43C9CF6825CEA58F1815B7C3DBBB385C, C79DB405D588C77E4ACAE3BC26080213BEEB604C0A109AFDF88031FC46B4CBC0 ] C:\Windows\SysWOW64\Wpc.dll
15:35:18.0775 0x14f4  C:\Windows\SysWOW64\Wpc.dll - ok
15:35:18.0781 0x14f4  [ 82C089EA2A3EEFADF3588EA71E8BDADA, 2F3BB32EE2C0673058A74DEEB2D405E5E79F833F33C4D289A93EB3C618A86E75 ] C:\Windows\SysWOW64\wevtapi.dll
15:35:18.0781 0x14f4  C:\Windows\SysWOW64\wevtapi.dll - ok
15:35:18.0787 0x14f4  [ C30A3E5DEEEBA22E782AC54C5AF5F352, 80939A7B5354032256706C6CA0C3CCC7E67CD1C1C81EAEA2CBC74997C0863662 ] C:\Windows\SysWOW64\samlib.dll
15:35:18.0787 0x14f4  C:\Windows\SysWOW64\samlib.dll - ok
15:35:18.0794 0x14f4  [ F10E5311E5093FA3C00FF88C54C32FCA, B557F5B00D77F030850D9AAC0FFEFC4C2A759EC4081C8459C9DEAE51BAAACC65 ] C:\Windows\SysWOW64\atl.dll
15:35:18.0794 0x14f4  C:\Windows\SysWOW64\atl.dll - ok
15:35:18.0799 0x14f4  [ 40B82688907A7DBA4DB3B5ADDE3EAB3B, 7A8A051F414A0A11252A361461A086890BCE9F49CE1AF794061184AE16517EF1 ] C:\Windows\SysWOW64\mfplat.dll
15:35:18.0799 0x14f4  C:\Windows\SysWOW64\mfplat.dll - ok
15:35:18.0806 0x14f4  [ F9CF7CA48B5D3A070F534CCA4EEC220A, EC4416340EAC617B122FD2D21F6364759CF58D7F4315859309093842E8870AFF ] C:\Users\Brenda\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll
15:35:18.0806 0x14f4  C:\Users\Brenda\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll - ok
15:35:18.0813 0x14f4  [ 600A65F922CCDCBB2D11467914241556, 9AE430D8CB346B43073E78886EF765199497F820D3295683167CD7FEBDDEE316 ] C:\Windows\SysWOW64\msmpeg2vdec.dll
15:35:18.0813 0x14f4  C:\Windows\SysWOW64\msmpeg2vdec.dll - ok
15:35:18.0819 0x14f4  [ 9174E09AF734124E3A68B862DBF9C706, F13DD5529AE914F15F5FEDC4DBF9AA880ED29566FF01BF8BCD782FE6557CCD1B ] C:\Users\Brenda\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppgooglenaclpluginchrome.dll
15:35:18.0819 0x14f4  C:\Users\Brenda\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppgooglenaclpluginchrome.dll - ok
15:35:18.0825 0x14f4  [ 7F8678C59F188528D60104E697C2361E, 9B4D262B10CB09543ACA9A78482F4EDD905791D2C8C518B574EBA440A71A85B7 ] C:\Windows\SysWOW64\mscms.dll
15:35:18.0825 0x14f4  C:\Windows\SysWOW64\mscms.dll - ok
15:35:18.0832 0x14f4  [ BA551F659E36FE4FB419E5899279E4EF, 0B506914CAACC34A0EC0818ABC4CE8397E9F5F8D24D2AE7CD2D8B220EBF3FA17 ] C:\Users\Brenda\AppData\Local\Google\Chrome\Application\30.0.1599.101\libpeerconnection.dll
15:35:18.0832 0x14f4  C:\Users\Brenda\AppData\Local\Google\Chrome\Application\30.0.1599.101\libpeerconnection.dll - ok
15:35:18.0838 0x14f4  [ 53AF1750FD45DDD705C9B68C7DC58827, A379F7B8289DB02FE336EE09D02C9FED9B407DD173AEECAE98B5551FAB9D1CEB ] C:\Windows\SysWOW64\evr.dll
15:35:18.0838 0x14f4  C:\Windows\SysWOW64\evr.dll - ok
15:35:18.0845 0x14f4  [ 5B46C01A840E3F23CBE6E6C2EEA60481, 5EBACBAB6B093DE14871B385F3E9F6925B03B3EECA954CEBC35A74460A3BC14F ] C:\Windows\SysWOW64\atiu9pag.dll
15:35:18.0845 0x14f4  C:\Windows\SysWOW64\atiu9pag.dll - ok
15:35:18.0850 0x14f4  [ 7C7ADAB22E8132612092C91970E3B0CB, 8979E7899B6AE7C4678AB1BEF451977B404C04CAB33980838F7BAAAB7A49A2E3 ] C:\Windows\SysWOW64\atiumdag.dll
15:35:18.0850 0x14f4  C:\Windows\SysWOW64\atiumdag.dll - ok
15:35:18.0857 0x14f4  [ AAF7C4C78E07660241EB1230638DE2F6, 6318AB859AF0BA7D80B768E49A7EE49411F57B74240A269D371C14504D091713 ] C:\Users\Brenda\AppData\Local\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll
15:35:18.0857 0x14f4  C:\Users\Brenda\AppData\Local\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll - ok
15:35:18.0863 0x14f4  [ 2CC3056E7F6340581D074763425669C2, 828C9D2CF4A31AA225A6EB8519E46A8B6B1D99A027BE8BE42E75D202E2451199 ] C:\Windows\SysWOW64\atiumdva.dll
15:35:18.0863 0x14f4  C:\Windows\SysWOW64\atiumdva.dll - ok
15:35:18.0869 0x14f4  [ 5BF8E37FA1E25227480F9CD2ACA21FB6, 58D9A00888AF693B2A5222FE74CFDED32CE83E74F85B474F1CBE5987217B5A9D ] C:\Users\Brenda\AppData\Local\Google\Chrome\Application\30.0.1599.101\d3dcompiler_46.dll
15:35:18.0869 0x14f4  C:\Users\Brenda\AppData\Local\Google\Chrome\Application\30.0.1599.101\d3dcompiler_46.dll - ok
15:35:18.0877 0x14f4  [ 0647EA3B93A0D321C58639E0E2AB9757, C278C762CBE63023163F3CBA65DDC3CFD8EA330FFF15C7A26F15A074FD188C90 ] C:\Users\Brenda\AppData\Local\Google\Chrome\Application\30.0.1599.101\libglesv2.dll
15:35:18.0877 0x14f4  C:\Users\Brenda\AppData\Local\Google\Chrome\Application\30.0.1599.101\libglesv2.dll - ok
15:35:18.0882 0x14f4  [ 2E0BADE9AA58501AF69E39A1D3DB4A19, 4FA2E21C1D073FD4518C19F2D7A280F26767F2867FFF061855FEE13A5291A509 ] C:\Users\Brenda\AppData\Local\Google\Chrome\Application\30.0.1599.101\libegl.dll
15:35:18.0882 0x14f4  C:\Users\Brenda\AppData\Local\Google\Chrome\Application\30.0.1599.101\libegl.dll - ok
15:35:18.0886 0x14f4  [ 77B09C2C6F407531447DA75E3ACD1C5B, A272EFAC23733F6ED987C7599762CADF36BFDA9ECC759118A6DEB46544AD2C68 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
15:35:18.0886 0x14f4  C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll - ok
15:35:18.0893 0x14f4  [ 419680FCE774976FD752EB425D91AEDF, 0A5E216C67612C8C13B96DC6DCC2175153350925A4CC5650CECD7EC70BE2B6A6 ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin.dll
15:35:18.0893 0x14f4  C:\Program Files (x86)\QuickTime\Plugins\npqtplugin.dll - ok
15:35:18.0899 0x14f4  [ DE5507DBA44CC5B6869205871B64A587, 85545EC08E3A35B76700A45CA4AB0E945B6AB37F5FB3F4B8426C36728F3A0B5B ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin2.dll
15:35:18.0899 0x14f4  C:\Program Files (x86)\QuickTime\Plugins\npqtplugin2.dll - ok
15:35:18.0907 0x14f4  [ 2DA7883A884BE60F9EB2810F67E0E361, F9DA0AE82F8CDA413C1E61A026512877131F1EFEE4E1A2A84F591D61DFF171B6 ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin3.dll
15:35:18.0907 0x14f4  C:\Program Files (x86)\QuickTime\Plugins\npqtplugin3.dll - ok
15:35:18.0912 0x14f4  [ BB28A86CDFFFBB041C72AD9EFEAA00D0, DC51B0DF94036C4746D89B10D42256D57A1174A696FDFB7EDDBD2322191BF50D ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin4.dll
15:35:18.0912 0x14f4  C:\Program Files (x86)\QuickTime\Plugins\npqtplugin4.dll - ok
15:35:18.0919 0x14f4  [ 16112E74A62381C69456566D35F9E51E, 5899656DF4844D2C8D51E07EF4CC805186C6013D857B35191D58EA7901B9A760 ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin5.dll
15:35:18.0919 0x14f4  C:\Program Files (x86)\QuickTime\Plugins\npqtplugin5.dll - ok
15:35:18.0925 0x14f4  [ BB7F5F4966E76578A3EC0D11C444C545, 64866D1072AA374B9192E5045C67672DF0B60EE4B0462810915A3FEF961675EA ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin6.dll
15:35:18.0925 0x14f4  C:\Program Files (x86)\QuickTime\Plugins\npqtplugin6.dll - ok
15:35:18.0932 0x14f4  [ 11EF47BE3D8A4A943E10A63870C1F2C6, 3CE2B654AEFDE823380C4C93299F465D4439542AC8A6AE62DE13306903E39676 ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin7.dll
15:35:18.0932 0x14f4  C:\Program Files (x86)\QuickTime\Plugins\npqtplugin7.dll - ok
15:35:18.0938 0x14f4  [ AE5E8753DDFD97C7B15BB542A431F396, 292B9A26E20C37397774A7985126835A1920B15EB0EB582778B1A194F43950D6 ] C:\Users\Brenda\AppData\Local\Google\Chrome\Application\plugins\NPcol400.dll
15:35:18.0938 0x14f4  C:\Users\Brenda\AppData\Local\Google\Chrome\Application\plugins\NPcol400.dll - ok
15:35:18.0945 0x14f4  [ E42FDEEF5B02B5FB9676D0F1EE6BAAE8, 28FC17CED292B53ED2B9BF1911C4F4ABFE0F2039E3F002802F093699A71708F3 ] C:\Users\Brenda\AppData\Local\Google\Chrome\Application\plugins\npMozCouponPrinter.dll
15:35:18.0945 0x14f4  C:\Users\Brenda\AppData\Local\Google\Chrome\Application\plugins\npMozCouponPrinter.dll - ok
15:35:18.0951 0x14f4  [ 7E2B763CF671ADB558D5F7110889D469, 9B221926165A8C577994D2992B5410BD9699E41BF4B92241624B7C69B5EB8707 ] C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
15:35:18.0951 0x14f4  C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL - ok
15:35:18.0957 0x14f4  [ 7B882AEBC5F6DBEA4E0361C0FC3E36D4, 97E18C7997F1394AC5CCA44AC287603B427AC1D55E3C5336B38E8B375B638635 ] C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
15:35:18.0957 0x14f4  C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL - ok
15:35:18.0964 0x14f4  [ 04ACC61B47857E779CD92D1D88770BF1, 58382244694093F7552BA317890C7A528D26CF2D76A12F684878EA984283C9E4 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
15:35:18.0964 0x14f4  C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - ok
15:35:18.0970 0x14f4  [ EBD27B24F7925C686D2EB59BC3BC3BA2, 212896DF83F24846AFF4224337909BDF9CD10D3D7C2D1A6D2DC658D98F62B24B ] C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll
15:35:18.0970 0x14f4  C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll - ok
15:35:18.0977 0x14f4  [ 7550FC1ADE982582D5920BEA6430E3D4, 6ACA3515D59FAE394990F21829CD0E608774C4D634B358D61630726E13828945 ] C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
15:35:18.0977 0x14f4  C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll - ok
15:35:18.0983 0x14f4  [ CFAF7B67C78D09D79688AEDCA3D090E2, 5C9939DFE64E9BE7EC4A806EE285F186F0DE3FDB1BE02C4E9BA7D3CB5172B947 ] C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll
15:35:18.0983 0x14f4  C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll - ok
15:35:18.0991 0x14f4  [ F1CD6E22E5AE5CEEB7712E546A5FC853, 1B119DAAA510C65D7367F4E19C605FCB36081F21E2B20F6C0281E8AABFDDF549 ] C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
15:35:18.0991 0x14f4  C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll - ok
15:35:18.0996 0x14f4  [ 6768C724599214E4F9ADD9F8FF5097EB, 16D7358F6F96D396A10B8835E9279329081BF05C19550C1107B53F8820677673 ] C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
15:35:18.0996 0x14f4  C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll - ok
15:35:19.0003 0x14f4  [ C47920B4F36C19F97BD2EC19481387E5, C6044AB1E27133474279D913AD3489B0EB9FC63D7BFE4298EBAB4BA9F7BC9238 ] C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
15:35:19.0003 0x14f4  C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll - ok
15:35:19.0009 0x14f4  [ AC421A44DE902F2627F1E63793ED89CD, 0DCDA9F5BAF4D3DE2978692924C3811C4A14D120D95EED417109851A6F539EFC ] C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
15:35:19.0009 0x14f4  C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll - ok
15:35:19.0016 0x14f4  [ F00A0EF5835E1B96F783D617F1948704, 442537C8A6301A1DF6793720E9E65365E038AA924408CEB3B51844EC8175581E ] C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
15:35:19.0016 0x14f4  C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll - ok
15:35:19.0022 0x14f4  [ CFAF7B67C78D09D79688AEDCA3D090E2, 5C9939DFE64E9BE7EC4A806EE285F186F0DE3FDB1BE02C4E9BA7D3CB5172B947 ] C:\Users\Brenda\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll
15:35:19.0022 0x14f4  C:\Users\Brenda\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll - ok
15:35:19.0029 0x14f4  [ 8FE7BA502945BE735D09D5703BD76FDA, 1A7DDB144D974F679F549B64B258D084A563F58365502C1B52EF262F5DF4F7C6 ] C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll
15:35:19.0029 0x14f4  C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll - ok
15:35:19.0035 0x14f4  [ 4BF70B35B943BD73BD6E13EB7C1BA4B3, 5450EC4B012401A06A78F92F69530BA720405B4D1A0BBD271C41E911C55803EC ] C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
15:35:19.0036 0x14f4  C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll - ok
15:35:19.0043 0x14f4  [ BE501CBC29B2025A263D80D399F1797A, 27AEF22333E5143186BCEE71DA459ADAC962535069286999D4A29FC2F5280814 ] C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll
15:35:19.0043 0x14f4  C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll - ok
15:35:19.0049 0x14f4  [ 816B681CC308FAA128EDCB90643DCED7, C2C6295F59F00F4D47673C361F1965BA62F9ADF6897A6A0BE224509628A27D7E ] C:\Windows\SysWOW64\icm32.dll
15:35:19.0049 0x14f4  C:\Windows\SysWOW64\icm32.dll - ok
15:35:19.0054 0x14f4  [ 5987EA8A82C53359BCD2C29D6588583E, 59E2DF91F8DA9E33DE65FA67A6A49A7C3F524618A87EAEFC8A28C5304E7FAB85 ] C:\Windows\SysWOW64\linkinfo.dll
15:35:19.0055 0x14f4  C:\Windows\SysWOW64\linkinfo.dll - ok
15:35:19.0060 0x14f4  [ 3D57FFBAD3ED16B63DE3879BAB0FB56F, 6BEAF5AFC98961190B004E8DE57CD5F9F39117287AE18D59DDB2EC5C0A0C6622 ] C:\Windows\SysWOW64\networkexplorer.dll
15:35:19.0060 0x14f4  C:\Windows\SysWOW64\networkexplorer.dll - ok
15:35:19.0067 0x14f4  [ D6692338B985D4A0CA52B828314D897D, CB0B7C84C1E2782A95489E2F4D2AF4CFDAC02676B76F49FF7D6A7091739EA25D ] C:\Windows\SysWOW64\drprov.dll
15:35:19.0067 0x14f4  C:\Windows\SysWOW64\drprov.dll - ok
15:35:19.0073 0x14f4  [ D7B7159BC8374E87D8C45A30377A3440, 0B68B6E7C35280D502BF05177ADADE2EE35D4D5307C3D1EE2635879BA06D904D ] C:\Windows\SysWOW64\ntlanman.dll
15:35:19.0073 0x14f4  C:\Windows\SysWOW64\ntlanman.dll - ok
15:35:19.0079 0x14f4  [ EAF4712B706936C0B10D3B5319B37E81, 1A356A3AB52DC8A13F41D2B7F26B6B0E23663D7C9DD6DF6E464EF29460EF2602 ] C:\Windows\SysWOW64\davclnt.dll
15:35:19.0079 0x14f4  C:\Windows\SysWOW64\davclnt.dll - ok
15:35:19.0085 0x14f4  [ 179BECE8D1A4C488DDB7191FF9BE3FB0, F91ABCB67A2AFD471A9B94AA2B9C46AAEF606266DC2276E81A6D0832566162A5 ] C:\Windows\SysWOW64\davhlpr.dll
15:35:19.0085 0x14f4  C:\Windows\SysWOW64\davhlpr.dll - ok
15:35:19.0091 0x14f4  [ 01E2855FB06C422E721D890AF201C2D7, 9CAA197D5CE95AABFC8C09EA2137E73C7A0EF37CE0459508C663F7B2D758E57F ] C:\Windows\System32\NaturalLanguage6.dll
15:35:19.0091 0x14f4  C:\Windows\System32\NaturalLanguage6.dll - ok
15:35:19.0097 0x14f4  [ 701D9F5F3F21580936638D5C5F86B460, 2F187684F61C72AACF8274EA29B48DAAC6C8377F791843914AABF5DAB3760980 ] C:\Windows\System32\NlsData0009.dll
15:35:19.0097 0x14f4  C:\Windows\System32\NlsData0009.dll - ok
15:35:19.0103 0x14f4  [ 148A733B93A2AC104280495DA09D3CC2, 443E46865090C610B84A82DB23DF8D1F22001FEA8B10F5619A10D25D7FEA29CC ] C:\Windows\System32\NlsLexicons0009.dll
15:35:19.0103 0x14f4  C:\Windows\System32\NlsLexicons0009.dll - ok
15:35:19.0110 0x14f4  [ 5FBD7BEC6CD3DCAA6A87A7F70CE8AF44, 24031667D5F437AAD5BA9BA6B14B0A939723F054096BBE19AB1EAE4F489528E0 ] C:\Windows\System32\advpack.dll
15:35:19.0110 0x14f4  C:\Windows\System32\advpack.dll - ok
15:35:19.0116 0x14f4  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] C:\Windows\servicing\TrustedInstaller.exe
15:35:19.0116 0x14f4  C:\Windows\servicing\TrustedInstaller.exe - ok
15:35:19.0123 0x14f4  [ 288ADDED26C80FDC135CAB4340161686, FEA5CBCD061E6F347670E9ED7261F1FF3433480158A2FF0AEBC8DF53930B7000 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\CbsCore.dll
15:35:19.0123 0x14f4  C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\CbsCore.dll - ok
15:35:19.0129 0x14f4  [ 6369F960C28A16F4502C480EEDE3652C, 43712222F1DEF7277EC6A99BEA6FB9C7E0E1FCAB2AD35C0208747D70301D0E47 ] C:\Windows\System32\dpx.dll
15:35:19.0129 0x14f4  C:\Windows\System32\dpx.dll - ok
15:35:19.0135 0x14f4  [ 76D86E65FF7D10292886A1F2DB93A911, D83CF27E338FEF4967CE0B1D28FE60CEF986D275781FC013531E54B328C4B9A3 ] C:\Windows\System32\ELSCore.dll
15:35:19.0135 0x14f4  C:\Windows\System32\ELSCore.dll - ok
15:35:19.0139 0x14f4  [ 12929BDE96189F4E968AD035573424F0, 27FBB49F6ED6722A0C43E270E7678EFE9950BD913760DB33D5C10AFAB99417FC ] C:\Windows\System32\elsTrans.dll
15:35:19.0139 0x14f4  C:\Windows\System32\elsTrans.dll - ok
15:35:19.0145 0x14f4  [ 7957A194B8421BC070FABBF1C55DB68B, 782389F39C4CD9E13D5F9847AC33DF82BBFAEF6CF8E6150698D462F1DC270559 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wcp.dll
15:35:19.0145 0x14f4  C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wcp.dll - ok
15:35:19.0151 0x14f4  [ AEE087CF7423BA44CC2DE03CC565E399, 8C1C59D438C0C28E1B7B078C3EA030F6C4A7CBC3B1306D673B0A2EA0AAB2B953 ] C:\Windows\System32\elslad.dll
15:35:19.0151 0x14f4  C:\Windows\System32\elslad.dll - ok
15:35:19.0157 0x14f4  [ 9297F004FCE79FB7B26DAC6968FB5FEB, 797B4501823123FB6530F613CE996E77C3D323CD7B2365836504BD622F4CEFC2 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\DrUpdate.dll
15:35:19.0157 0x14f4  C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\DrUpdate.dll - ok
15:35:19.0163 0x14f4  [ FC6C5D860CDB82411DA626821201BDF0, E062B9AFBEE5BEC64C7DC9C6C57CD31EE3148388055C4B66D208BF604C703560 ] C:\Windows\System32\srclient.dll
15:35:19.0163 0x14f4  C:\Windows\System32\srclient.dll - ok
15:35:19.0170 0x14f4  [ B7AC66C1CCD87D7C49256B5451DED4FA, 2BA412A69605D75CF10B9446725917B850A29369BD3970CA14796CC24C9BFD72 ] C:\Windows\System32\spp.dll
15:35:19.0170 0x14f4  C:\Windows\System32\spp.dll - ok
15:35:19.0176 0x14f4  [ 943F48CC3A59169E52A054946C2F59B8, 0F98177902498B251F573613EFEAC1052B9BE23115A58EF2740363BC5DE99F61 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wrpint.dll
15:35:19.0176 0x14f4  C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wrpint.dll - ok
15:35:19.0182 0x14f4  [ 6685DD5CC357D45EEE30FD089E8A111A, FA261701D1E81029ADBE431AD740BBB00185ADD9A2E226374B9C0A0992A157D5 ] C:\Windows\System32\sxsstore.dll
15:35:19.0182 0x14f4  C:\Windows\System32\sxsstore.dll - ok
15:35:19.0188 0x14f4  [ D485D1BE97777617B186FC8095F58421, 6F4947E651D1D8FA4DA006AE874E91D5D87813BA84EE71C91FF6F92833B921FF ] C:\Windows\servicing\CbsApi.dll
15:35:19.0188 0x14f4  C:\Windows\servicing\CbsApi.dll - ok
15:35:19.0194 0x14f4  [ D2958325C1AE1AE37A83334C6229E3BC, D8263CB39A25447442B75A8D8E8111DF671D645DA90A33865C089DEDA9706904 ] C:\Windows\SysWOW64\actxprxy.dll
15:35:19.0194 0x14f4  C:\Windows\SysWOW64\actxprxy.dll - ok
15:35:19.0202 0x14f4  [ 3B376496187AB240FAC6ECD7BD1251F6, 2E8C5EEAB01261301260FFE4FC82DAA69344D1FE538D60895AF22AEFECED5C89 ] C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
15:35:19.0202 0x14f4  C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe - ok
15:35:19.0220 0x14f4  Win FW state via NFP2: enabled
15:35:21.0768 0x14f4  ============================================================
15:35:21.0768 0x14f4  Scan finished
15:35:21.0768 0x14f4  ============================================================
15:35:21.0794 0x14ec  Detected object count: 1
15:35:21.0794 0x14ec  Actual detected object count: 1
15:44:39.0703 0x14ec  BS&A Software Email Service ( UnsignedFile.Multi.Generic ) - skipped by user
15:44:39.0704 0x14ec  BS&A Software Email Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:47:06.0089 0x0464  Deinitialize success
 
RogueKiller
 
RogueKiller V8.7.7 _x64_ [Nov 11 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Brenda [Admin rights]
Mode : Remove -- Date : 11/11/2013 16:04:19
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 2 ¤¤¤
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> [0x2] The system cannot find the file specified. 
 
¤¤¤ Scheduled tasks : 0 ¤¤¤
 
¤¤¤ Startup Entries : 0 ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
 
¤¤¤ External Hives: ¤¤¤
 
¤¤¤ Infection :  ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
 
 
127.0.0.1       localhost
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD3200BEKT-00PVMT0 ATA Device +++++
--- User ---
[MBR] ec941bd7afe8ea7d53df795742437495
[BSP] d0a3aeb80d8fd8708e232b4104826cba : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1200 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2459688 | Size: 294042 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 604657704 | Size: 10000 Mo
User = LL1 ... OK!
User = LL2 ... OK!
 
Finished : << RKreport[0]_D_11112013_160419.txt >>
RKreport[0]_S_11112013_155316.txt
 
 
Hope you can help. Thanks again Michael.


#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:42 PM

Posted 12 November 2013 - 12:29 AM


Hello Michael.

Ok lets try this, I want you to run combofix in safe mode but it is very important that when combofix reboots the computer for you to direct it back into safe mode so it can finish the scan.

Boot into Safe Mode

Reboot your computer in Safe Mode.
  • If the computer is running, shut down Windows, and then turn off the power.
  • Wait 30 seconds, and then turn the computer on.
  • Start tapping the F8 key. The Windows Advanced Options Menu appears. If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. To resolve this, restart the computer and try again.
  • Ensure that the Safe Mode option is selected.
  • Press Enter. The computer then begins to start in Safe mode.
  • Login on your usual account.
after combofix has finished its scan please post the report back here.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 mjbeach

mjbeach
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:03:42 PM

Posted 12 November 2013 - 11:06 AM

Ran Combofix in safe mode however it didn't reboot the pc. A log file was generated and is below. The computer seems fine as of now but it always seems to be fine for a period before it starts acting up again. Thanks again for your help - Michael

 

  ComboFix 13-11-11.01 - Brenda 11/12/2013  10:46:52.7.2 - x64 MINIMAL

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.5886.4713 [GMT -5:00]
Running from: c:\users\Brenda\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\windows\SysWow64\FlashPlayerApp.exe
.
.
(((((((((((((((((((((((((   Files Created from 2013-10-12 to 2013-11-12  )))))))))))))))))))))))))))))))
.
.
2013-11-12 15:55 . 2013-11-12 15:55 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-11-12 15:55 . 2013-11-12 15:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-09 01:47 . 2013-10-14 07:12 10280728 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CC6ABDB6-BC24-4A00-8222-49097EB14AE5}\mpengine.dll
2013-10-21 00:33 . 2013-10-21 00:33 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-10-21 00:33 . 2013-10-21 00:33 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-19 01:47 . 2013-10-19 02:04 -------- d-----w- c:\users\Brenda\AppData\Local\Reviewer
2013-10-19 01:47 . 2013-10-19 01:47 -------- d-----w- c:\programdata\Sorna
2013-10-16 21:02 . 2013-10-16 21:02 -------- d-----w- c:\users\Brenda\AppData\Local\calibre-cache
2013-10-16 21:01 . 2013-10-16 21:09 -------- d-----w- c:\users\Brenda\AppData\Roaming\calibre
2013-10-16 21:00 . 2013-10-16 21:00 -------- d-----w- c:\program files\Calibre2
2013-10-16 15:29 . 2013-10-16 15:29 -------- d-----w- c:\program files (x86)\Microsoft Reader
2013-10-16 15:29 . 2003-06-05 21:15 57436 ----a-w- c:\windows\DASShp.dll
2013-10-16 15:29 . 2003-05-23 04:15 217174 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ClearType\ctras.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-10 22:10 . 2011-03-10 22:27 80541720 ----a-w- c:\windows\system32\MRT.exe
2013-10-09 18:34 . 2012-01-10 14:38 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-22 23:28 . 2013-10-10 22:19 1767936 ----a-w- c:\windows\SysWow64\wininet.dll
2013-09-22 23:27 . 2013-10-10 22:19 2876928 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-09-22 23:27 . 2013-10-10 22:19 61440 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-09-22 23:27 . 2013-10-10 22:19 109056 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-09-22 22:55 . 2013-10-10 22:19 51712 ----a-w- c:\windows\system32\ie4uinit.exe
2013-09-22 22:55 . 2013-10-10 22:19 2241024 ----a-w- c:\windows\system32\wininet.dll
2013-09-22 22:55 . 2013-10-10 22:19 1365504 ----a-w- c:\windows\system32\urlmon.dll
2013-09-22 22:54 . 2013-10-10 22:19 603136 ----a-w- c:\windows\system32\msfeeds.dll
2013-09-22 22:54 . 2013-10-10 22:19 19252224 ----a-w- c:\windows\system32\mshtml.dll
2013-09-22 22:54 . 2013-10-10 22:19 855552 ----a-w- c:\windows\system32\jscript.dll
2013-09-22 22:54 . 2013-10-10 22:19 3959296 ----a-w- c:\windows\system32\jscript9.dll
2013-09-22 22:54 . 2013-10-10 22:19 53248 ----a-w- c:\windows\system32\jsproxy.dll
2013-09-22 22:54 . 2013-10-10 22:19 526336 ----a-w- c:\windows\system32\ieui.dll
2013-09-22 22:54 . 2013-10-10 22:19 67072 ----a-w- c:\windows\system32\iesetup.dll
2013-09-22 22:54 . 2013-10-10 22:19 39936 ----a-w- c:\windows\system32\iernonce.dll
2013-09-22 22:54 . 2013-10-10 22:19 136704 ----a-w- c:\windows\system32\iesysprep.dll
2013-09-22 22:54 . 2013-10-10 22:19 2647552 ----a-w- c:\windows\system32\iertutil.dll
2013-09-22 22:54 . 2013-10-10 22:19 15404544 ----a-w- c:\windows\system32\ieframe.dll
2013-09-21 03:38 . 2013-10-10 22:19 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-09-21 03:30 . 2013-10-10 22:19 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-09-21 02:48 . 2013-10-10 22:19 89600 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-09-21 02:39 . 2013-10-10 22:19 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-09-14 01:10 . 2013-10-10 18:18 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2013-09-08 02:30 . 2013-10-10 18:18 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-09-08 02:27 . 2013-10-10 18:18 327168 ----a-w- c:\windows\system32\mswsock.dll
2013-09-08 02:03 . 2013-10-10 18:18 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2013-09-03 18:35 . 2013-10-05 18:05 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-08-29 02:17 . 2013-10-10 18:18 5549504 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-29 02:16 . 2013-10-10 18:18 1732032 ----a-w- c:\windows\system32\ntdll.dll
2013-08-29 02:16 . 2013-10-10 18:18 243712 ----a-w- c:\windows\system32\wow64.dll
2013-08-29 02:16 . 2013-10-10 18:18 859648 ----a-w- c:\windows\system32\tdh.dll
2013-08-29 02:13 . 2013-10-10 18:18 878080 ----a-w- c:\windows\system32\advapi32.dll
2013-08-29 01:51 . 2013-10-10 18:18 3969472 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51 . 2013-10-10 18:18 3914176 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50 . 2013-10-10 18:18 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-08-29 01:50 . 2013-10-10 18:18 1292192 ----a-w- c:\windows\SysWow64\ntdll.dll
2013-08-29 01:50 . 2013-10-10 18:18 619520 ----a-w- c:\windows\SysWow64\tdh.dll
2013-08-29 01:48 . 2013-10-10 18:18 640512 ----a-w- c:\windows\SysWow64\advapi32.dll
2013-08-29 01:48 . 2013-10-10 18:18 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-08-29 00:49 . 2013-10-10 18:18 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-08-29 00:49 . 2013-10-10 18:18 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-08-29 00:49 . 2013-10-10 18:18 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-08-29 00:49 . 2013-10-10 18:18 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-08-28 01:21 . 2013-10-10 18:18 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-08-28 01:12 . 2013-10-10 18:18 461312 ----a-w- c:\windows\system32\scavengeui.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Brenda\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Brenda\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Brenda\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RCUI"="c:\progra~2\RINGCE~1\RINGCE~1\RCUI.exe" [2013-04-08 493872]
"RCHotKey"="c:\program files (x86)\RingCentral\RingCentral Call Controller\RCHotKey.exe" [2013-04-08 39216]
"RESTART_STICKY_NOTES"="c:\windows\System32\StikyNot.exe" [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"PWMTRV"="c:\progra~2\ThinkPad\UTILIT~1\PWMTR64V.DLL" [2012-05-16 5941344]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"adaware"="reg.exe delete HKCU\Software\AppDataLow\Software\adaware" [X]
"adaware_XP"="reg.exe delete HKCU\Software\adaware" [X]
.
c:\users\Brenda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Brenda\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-11-1 29769432]
EvernoteClipper.lnk - c:\program files (x86)\Evernote\Evernote\EvernoteClipper.exe [2012-8-14 1014624]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiifx64.sys;c:\windows\SYSNATIVE\DRIVERS\smiifx64.sys [x]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
R2 BNPagent;Bradford Persistent Agent Service;c:\program files (x86)\Bradford Networks\Persistent Agent\bndaemon.exe;c:\program files (x86)\Bradford Networks\Persistent Agent\bndaemon.exe [x]
R2 BS&A Software Email Service;BS&A Software Email Service;c:\program files (x86)\Common Files\BS&A Shared\EmailServer\EmailService.exe;c:\program files (x86)\Common Files\BS&A Shared\EmailServer\EmailService.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe [x]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [x]
R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe [x]
R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe [x]
R2 MSSQL$BSA;SQL Server (BSA);c:\program files (x86)\Microsoft SQL Server\MSSQL10.BSA\MSSQL\Binn\sqlservr.exe;c:\program files (x86)\Microsoft SQL Server\MSSQL10.BSA\MSSQL\Binn\sqlservr.exe [x]
R2 Pervasive Workgroup Engine;Pervasive Workgroup Engine;c:\pvsw\bin\psql_svc.exe run;c:\pvsw\bin\psql_svc.exe run [x]
R2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [x]
R2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
R2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe [x]
R2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [x]
R3 5U877;USB Video Device;c:\windows\system32\DRIVERS\5U877.sys;c:\windows\SYSNATIVE\DRIVERS\5U877.sys [x]
R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 PCDSRVC{127174DC-C366ED8B-06020200}_0;PCDSRVC{127174DC-C366ED8B-06020200}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor\pcdsrvc_x64.pkms;c:\program files\pc-doctor\pcdsrvc_x64.pkms [x]
R3 Power Manager DBC Service;Power Manager DBC Service;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [x]
R3 PwmEWSvc;Cisco EnergyWise Enabler;c:\program files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE;c:\program files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192se.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 SQLAgent$BSA;SQL Server Agent (BSA);c:\program files (x86)\Microsoft SQL Server\MSSQL10.BSA\MSSQL\Binn\SQLAGENT.EXE;c:\program files (x86)\Microsoft SQL Server\MSSQL10.BSA\MSSQL\Binn\SQLAGENT.EXE [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM64.sys;c:\windows\SYSNATIVE\DRIVERS\ApsHM64.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ   hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2013-11-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-28 18:34]
.
2013-11-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-24 16:22]
.
2013-11-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-24 16:22]
.
2013-11-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2582758472-1218205146-2151914082-1000Core.job
- c:\users\Brenda\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-04 02:01]
.
2013-11-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2582758472-1218205146-2151914082-1000UA.job
- c:\users\Brenda\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-04 02:01]
.
2013-10-25 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\PC-Doctor\uaclauncher.exe [2011-03-31 15:06]
.
2013-11-11 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\PC-Doctor\uaclauncher.exe [2011-03-31 15:06]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1aCopyShExtError]
@="{83BEA36E-7680-4598-A4DF-994426F6E78D}"
[HKEY_CLASSES_ROOT\CLSID\{83BEA36E-7680-4598-A4DF-994426F6E78D}]
c:\users\Brenda\AppData\Roaming\Copy\overlay\CopyShExt.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2aCopyShExtSynced]
@="{845B7388-6F85-4F32-9FD5-F02DC7882B89}"
[HKEY_CLASSES_ROOT\CLSID\{845B7388-6F85-4F32-9FD5-F02DC7882B89}]
c:\users\Brenda\AppData\Roaming\Copy\overlay\CopyShExt.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3aCopyShExtSyncing]
@="{F6378A7A-F753-449B-AE1B-997A96132E61}"
[HKEY_CLASSES_ROOT\CLSID\{F6378A7A-F753-449B-AE1B-997A96132E61}]
c:\users\Brenda\AppData\Roaming\Copy\overlay\CopyShExt.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4aCopyShExtSyncingProg1]
@="{3A511828-777D-46F8-82F4-5B530C1B3D9E}"
[HKEY_CLASSES_ROOT\CLSID\{3A511828-777D-46F8-82F4-5B530C1B3D9E}]
c:\users\Brenda\AppData\Roaming\Copy\overlay\CopyShExt.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5aCopyShExtSyncingProg2]
@="{C8C88204-5B14-40EC-BA72-8AEBC762047E}"
[HKEY_CLASSES_ROOT\CLSID\{C8C88204-5B14-40EC-BA72-8AEBC762047E}]
c:\users\Brenda\AppData\Roaming\Copy\overlay\CopyShExt.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6aCopyShExtSyncingProg3]
@="{ACFF45C3-3EEB-4351-86C2-6696BA264239}"
[HKEY_CLASSES_ROOT\CLSID\{ACFF45C3-3EEB-4351-86C2-6696BA264239}]
c:\users\Brenda\AppData\Roaming\Copy\overlay\CopyShExt.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7aCopyShExtSyncingProg4]
@="{29AF997F-488B-46F0-AE78-7146F1B89CC3}"
[HKEY_CLASSES_ROOT\CLSID\{29AF997F-488B-46F0-AE78-7146F1B89CC3}]
c:\users\Brenda\AppData\Roaming\Copy\overlay\CopyShExt.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8aCopyShExtSyncingProg5]
@="{03F9AD29-1C78-4B66-8890-B177B5430C53}"
[HKEY_CLASSES_ROOT\CLSID\{03F9AD29-1C78-4B66-8890-B177B5430C53}]
c:\users\Brenda\AppData\Roaming\Copy\overlay\CopyShExt.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Brenda\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Brenda\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Brenda\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Brenda\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-07-15 11049576]
"LENOVO.TPKNRRES"="c:\program files\Lenovo\Communications Utility\TPKNRRES.exe" [2010-04-20 62312]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"HP Color LaserJet CM2320 MFP Series Fax"="c:\program files (x86)\HP\HP Color LaserJet CM2320 MFP Series\hppfaxprintersrv.exe" [2009-09-23 3700736]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.yahoo.com?type=293224&fr=spigot-yhp-ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 8.8.8.8 8.8.4.4
DPF: {816BE035-1450-40D0-8A3B-BA7825A83A77} - hxxp://support.lenovo.com/Resources/Lenovo/AutoDetect/Lenovo_AutoDetect2.cab
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
SafeBoot-70754498.sys
AddRemove-Coupon Printer for Windows5.0.0.1 - c:\program files (x86)\Coupons\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{127174DC-C366ED8B-06020200}_0]
"ImagePath"="\??\c:\program files\pc-doctor\pcdsrvc_x64.pkms"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-11-12  10:58:23
ComboFix-quarantined-files.txt  2013-11-12 15:58
ComboFix2.txt  2013-11-07 22:13
ComboFix3.txt  2013-10-11 15:20
ComboFix4.txt  2013-10-06 18:04
ComboFix5.txt  2013-11-11 19:51
.
Pre-Run: 155,272,130,560 bytes free
Post-Run: 155,140,030,464 bytes free
.
- - End Of File - - 9AEBFB4491CBCDCAC87443284A1DA835
5C616939100B85E558DA92B899A0FC36





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users