Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Websearch Redirect Virus - Hijackthis log


  • Please log in to reply
24 replies to this topic

#1 Pseudorious

Pseudorious

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:12 PM

Posted 05 December 2013 - 03:35 PM

Helpful citizens of bleepingcomputer:

 

I have a websearch redirect virus that very impressively loads even in safemode with networking on Windows Vista.  

 

In normal mode, I have tried: Microsoft Security Essentials,  Spybot S&D, Malwarebytes Anti-Malware (chameleon), TDSSKiller, Roguekiller, NPE, Hitman Pro, ESET Online Scanner, and Combofix (sorry - I followed a guide somewhere else).

 

Below is my hijackthis log run in safemode with networking (I was getting errors in normal mode).  Since the virus loads in safemode with networking, it should still be relevant.

 

Thank you in advance.

 

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 2:23:49 PM, on 12/5/2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16520)
CHROME: 31.0.1650.63
FIREFOX: 24.0 (en-US)
Boot mode: Safe mode with network support
 
Running processes:
C:\Windows\Explorer.EXE
C:\Users\gerard\Downloads\fghfg.exe <- this is hijackthis.  I renamed it.
 
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [PAC207_Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKLM\..\RunOnce: [1] C:\Users\gerard\Downloads\mbam-chameleon-1.62.1.1000\mbam-chameleon.exe /r /p
O4 - Global Startup: WlanUtility.lnk = C:\Program Files\MicroStar\WLANUtility\WlanUtility.exe
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Broadcom ASF IP and SMBIOS Mailbox Monitor (ASFIPmon) - Broadcom Corporation - C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate1c9860f6878b2f) (gupdate1c9860f6878b2f) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
 
--
End of file - 6679 bytes
 


BC AdBot (Login to Remove)

 


#2 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,539 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:09:12 PM

Posted 05 December 2013 - 06:57 PM

:welcome:

 

thisisujrt.gif  Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

 

 

Download : ADWCleaner to your desktop.

NOTE: If using Internet Explorer and get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close  all programs and click on the AdwCleaner icon.

scan-results.jpg

Click on Scan  and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

The report will be saved in the C:\AdwCleaner folder. as AdwCleaner[S0].txt
 

bf_new.gif Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.
 

 


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#3 Pseudorious

Pseudorious
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:12 PM

Posted 06 December 2013 - 12:31 AM

Thank you for your response.

 

All instructions were followed.  Sadly, the virus persists.

 

Reports below:

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows Vista ™ Business x86
Ran by x on Thu 12/05/2013 at 22:29:40.93
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho.1
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dt soft\daemon tools toolbar

 

~~~ Files

 

~~~ Folders

 

~~~ FireFox

Successfully deleted: [File] C:\Users\gerard\AppData\Roaming\mozilla\firefox\profiles\tcaibtv2.default\extensions\iiwnsrpxmg@iiwnsrpxmg.org.xpi [Tracur]
Emptied folder: C:\Users\gerard\AppData\Roaming\mozilla\firefox\profiles\tcaibtv2.default\minidumps [23 files]

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 12/05/2013 at 22:32:05.72
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

# AdwCleaner v3.014 - Report created 05/12/2013 at 23:10:36
# Updated 01/12/2013 by Xplode
# Operating System : Windows Vista ™ Business Service Pack 2 (32 bits)
# Username : x
# Running from : C:\Users\x\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C5E67109-0C67-4287-A8A7-69F77F4DCB04}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16520

-\\ Mozilla Firefox v24.0 (en-US)

[ File : C:\Users\x\AppData\Roaming\Mozilla\Firefox\Profiles\tcaibtv2.default\prefs.js ]

[ File : C:\Users\administrator\AppData\Roaming\Mozilla\Firefox\Profiles\4d5w4n04.default\prefs.js ]

-\\ Google Chrome v

[ File : C:\Users\x\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [1489 octets] - [05/12/2013 22:34:25]
AdwCleaner[R1].txt - [1549 octets] - [05/12/2013 22:48:32]
AdwCleaner[S0].txt - [1484 octets] - [05/12/2013 23:10:36]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1544 octets] ##########

 

 

 

 

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.12.06.02

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
x :: x [administrator]

12/5/2013 11:17:12 PM
mbam-log-2013-12-05 (23-17-12).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 258706
Time elapsed: 7 minute(s),

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



#4 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,539 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:09:12 PM

Posted 06 December 2013 - 09:33 AM

Lets try Combofix.

Please download ComboFix from Here to your Desktop.

**Note:  In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

  • Please, never rename Combofix unless instructed.
  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

    -----------------------------------------------------------

    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link or this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

      -----------------------------------------------------------


    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

    -----------------------------------------------------------

  • Double click on combofix.exe & follow the prompts.
  • Install the Recovery Console if prompted.
  • When finished, it will produce a report for you.  
  • Please post the "C:\ComboFix.txt" .

**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security.

Please do not install any new programs or update anything (always allow your antivirus/antispyware to update) unless told to do so while we are fixing your problem. If combofix alerts to a new version and offers to update, please let it. It is essential we always use the latest version.

 

==============================

 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

 


Edited by JSntgRvr, 06 December 2013 - 09:35 AM.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#5 Pseudorious

Pseudorious
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:12 PM

Posted 06 December 2013 - 10:31 PM

Thank you once again.  All instructions were followed to the letter; however, the virus remains.

 

 

 

ComboFix 13-12-06.01 - x 12/06/2013  17:33:55.3.2 - x86
Microsoft® Windows Vista™ Business   6.0.6002.2.1252.1.1033.18.2045.689 [GMT -6:00]
Running from: c:\users\x\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((   Files Created from 2013-11-06 to 2013-12-06  )))))))))))))))))))))))))))))))
.
.
2013-12-06 23:42 . 2013-12-06 23:42 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-12-06 23:42 . 2013-12-06 23:42 -------- d-----w- c:\users\administrator\AppData\Local\temp
2013-12-06 04:40 . 2013-11-08 01:15 7772552 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{72822F32-E462-4345-A492-16189AE12C89}\mpengine.dll
2013-12-06 04:34 . 2013-12-06 05:10 -------- d-----w- C:\AdwCleaner
2013-12-06 04:29 . 2013-12-06 04:29 -------- d-----w- c:\windows\ERUNT
2013-12-05 04:03 . 2013-12-05 04:03 -------- d-----w- c:\program files\ESET
2013-12-05 03:48 . 2013-12-05 03:57 -------- d-----w- c:\programdata\HitmanPro
2013-12-04 22:51 . 2013-12-04 22:51 -------- d-----w- c:\users\x\AppData\Roaming\Malwarebytes
2013-12-04 22:51 . 2013-12-04 22:51 -------- d-----w- c:\programdata\Malwarebytes
2013-12-04 22:51 . 2013-12-04 22:51 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-12-04 22:51 . 2013-04-04 20:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-12-04 22:28 . 2013-12-04 22:45 -------- d-----w- c:\users\x\AppData\Local\NPE
2013-12-04 22:28 . 2013-12-04 22:28 -------- d-----w- c:\programdata\Norton
2013-12-04 21:48 . 2013-11-08 01:15 7772552 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-11-23 07:51 . 2013-12-06 23:42 -------- d-----w- c:\users\x\AppData\Local\temp
2013-11-15 20:33 . 2013-10-03 12:45 297984 ----a-w- c:\windows\system32\gdi32.dll
2013-11-15 20:33 . 2013-10-03 12:45 993792 ----a-w- c:\windows\system32\crypt32.dll
2013-11-15 20:33 . 2013-10-11 02:08 444928 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-11-15 20:33 . 2013-10-11 02:07 596480 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-11-07 13:53 . 2013-10-18 21:52 719224 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BBEC2FC8-646D-4FB7-B5C1-6719E76C9A70}\gapaengine.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-19 10:21 . 2011-08-27 17:31 230048 ------w- c:\windows\system32\MpSigStub.exe
2013-11-17 23:57 . 2011-05-25 21:17 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-18 21:52 . 2011-09-08 21:02 719224 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-09-27 15:53 . 2013-09-27 15:53 214696 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-09-27 15:53 . 2011-04-27 20:25 104768 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2009-02-24 19:34 . 2013-10-21 01:21 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-02-24 19:34 . 2013-10-21 01:21 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PAC207_Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2007-12-10 323584]
"StartCCC"="c:\program files\ATI\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-28 336384]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 948440]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-27 178712]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
WlanUtility.lnk - c:\program files\MicroStar\WLANUtility\WlanUtility.exe [2006-4-19 173568]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Google Updater.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Google Updater.lnk
backup=c:\windows\pss\Google Updater.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^gdegrandis.CSCINC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^BOINC Manager.lnk]
path=c:\users\gdegrandis.CSCINC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BOINC Manager.lnk
backup=c:\windows\pss\BOINC Manager.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^gdegrandis.CSCINC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\users\gdegrandis.CSCINC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^gdegrandis.CSCINC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Rainmeter.lnk]
path=c:\users\gdegrandis.CSCINC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
backup=c:\windows\pss\Rainmeter.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^x^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\users\x\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AvgUninstallURL]
start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=NFVZOVgtTlNWVkwtTzRCWlEtUUlNQ0wtUVREQ0gtNElKTUg&inst=NzctNjI3OTM4MjI3LVhPMTArMTItTElDKzIyLUZMMTArMS1TUDErMS1TUDFUQisxLVNVRCsxLVMxSSsxLVNVMysxLUREVCs1NDU2OS1ERDEwRisx&prod=90&ver=10.0.1392 [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
2011-08-30 18:24 624056 ----a-w- c:\program files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-03-30 02:59 937920 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-12-15 17:27 136176 ----atw- c:\users\x\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2008-10-24 13:14 79136 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2008-02-19 18:10 267048 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KeePass 2 PreLoad]
2011-01-02 17:16 1670656 ----a-w- c:\program files\KeePass Password Safe 2\KeePass.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSCRM]
2007-12-07 11:09 62488 ----a-w- c:\program files\Microsoft Dynamics CRM\Client\ConfigWizard\CrmForOutlookInstaller.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
2007-09-27 08:10 1282048 ----a-w- c:\program files\Analog Devices\Core\smax4pnp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-17 16:07 252296 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]
2007-05-31 14:21 648072 ----a-w- c:\windows\WindowsMobile\wmdcBase.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-19 07:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-115333722-87402179-3805670400-1001]
"EnableNotificationsRef"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ    PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ    BthServ
WindowsMobile REG_MULTI_SZ    wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ    WcesComm RapiMgr
HPZ12 REG_MULTI_SZ    Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ    hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ    FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2013-12-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-04 23:57]
.
2013-12-05 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-04-17 18:34]
.
2013-12-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-03 14:52]
.
2013-12-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-03 14:52]
.
2013-12-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-115333722-87402179-3805670400-1001Core.job
- c:\users\x\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-01 17:27]
.
2013-12-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-115333722-87402179-3805670400-1001UA.job
- c:\users\x\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-01 17:27]
.
2013-12-06 c:\windows\Tasks\User_Feed_Synchronization-{DB0FFED1-8C2C-4843-BE99-7B82B6BFFD4A}.job
- c:\windows\system32\msfeedssync.exe [2011-05-18 21:23]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=0080206
IE: Append to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.2
FF - ProfilePath - c:\users\x\AppData\Roaming\Mozilla\Firefox\Profiles\tcaibtv2.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig
FF - ExtSQL: !HIDDEN! 2009-07-13 13:58; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
.
**************************************************************************
scanning hidden processes ... 
.
scanning hidden autostart entries ...
.
scanning hidden files ... 
.
scan completed successfully
hidden files:
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MySQL]
"ImagePath"="\"c:\program files\MySQL\MySQL Server 5.5\bin\mysqld\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.5\my.ini\" MySQL"
.
Completion time: 2013-12-06  17:44:05
ComboFix-quarantined-files.txt  2013-12-06 23:44
ComboFix2.txt  2013-11-23 08:01
.
Pre-Run: 8,101,048,320 bytes free
Post-Run: 8,674,148,352 bytes free
.
- - End Of File - - AF27B9B36BF029231007D1713DA304EF
973E9BA32FDBB305C552ED3E1EBF0686
ComboFix 13-12-06.01 - x 12/06/2013  17:33:55.3.2 - x86
Microsoft® Windows Vista™ Business   6.0.6002.2.1252.1.1033.18.2045.689 [GMT -6:00]
Running from: c:\users\x\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((   Files Created from 2013-11-06 to 2013-12-06  )))))))))))))))))))))))))))))))
.
.
2013-12-06 23:42 . 2013-12-06 23:42 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-12-06 23:42 . 2013-12-06 23:42 -------- d-----w- c:\users\administrator\AppData\Local\temp
2013-12-06 04:40 . 2013-11-08 01:15 7772552 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{72822F32-E462-4345-A492-16189AE12C89}\mpengine.dll
2013-12-06 04:34 . 2013-12-06 05:10 -------- d-----w- C:\AdwCleaner
2013-12-06 04:29 . 2013-12-06 04:29 -------- d-----w- c:\windows\ERUNT
2013-12-05 04:03 . 2013-12-05 04:03 -------- d-----w- c:\program files\ESET
2013-12-05 03:48 . 2013-12-05 03:57 -------- d-----w- c:\programdata\HitmanPro
2013-12-04 22:51 . 2013-12-04 22:51 -------- d-----w- c:\users\x\AppData\Roaming\Malwarebytes
2013-12-04 22:51 . 2013-12-04 22:51 -------- d-----w- c:\programdata\Malwarebytes
2013-12-04 22:51 . 2013-12-04 22:51 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-12-04 22:51 . 2013-04-04 20:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-12-04 22:28 . 2013-12-04 22:45 -------- d-----w- c:\users\x\AppData\Local\NPE
2013-12-04 22:28 . 2013-12-04 22:28 -------- d-----w- c:\programdata\Norton
2013-12-04 21:48 . 2013-11-08 01:15 7772552 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-11-23 07:51 . 2013-12-06 23:42 -------- d-----w- c:\users\x\AppData\Local\temp
2013-11-15 20:33 . 2013-10-03 12:45 297984 ----a-w- c:\windows\system32\gdi32.dll
2013-11-15 20:33 . 2013-10-03 12:45 993792 ----a-w- c:\windows\system32\crypt32.dll
2013-11-15 20:33 . 2013-10-11 02:08 444928 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-11-15 20:33 . 2013-10-11 02:07 596480 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-11-07 13:53 . 2013-10-18 21:52 719224 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BBEC2FC8-646D-4FB7-B5C1-6719E76C9A70}\gapaengine.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-19 10:21 . 2011-08-27 17:31 230048 ------w- c:\windows\system32\MpSigStub.exe
2013-11-17 23:57 . 2011-05-25 21:17 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-18 21:52 . 2011-09-08 21:02 719224 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-09-27 15:53 . 2013-09-27 15:53 214696 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-09-27 15:53 . 2011-04-27 20:25 104768 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2009-02-24 19:34 . 2013-10-21 01:21 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-02-24 19:34 . 2013-10-21 01:21 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PAC207_Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2007-12-10 323584]
"StartCCC"="c:\program files\ATI\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-28 336384]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 948440]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-27 178712]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
WlanUtility.lnk - c:\program files\MicroStar\WLANUtility\WlanUtility.exe [2006-4-19 173568]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Google Updater.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Google Updater.lnk
backup=c:\windows\pss\Google Updater.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^gdegrandis.CSCINC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^BOINC Manager.lnk]
path=c:\users\gdegrandis.CSCINC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BOINC Manager.lnk
backup=c:\windows\pss\BOINC Manager.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^gdegrandis.CSCINC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\users\gdegrandis.CSCINC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^gdegrandis.CSCINC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Rainmeter.lnk]
path=c:\users\gdegrandis.CSCINC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
backup=c:\windows\pss\Rainmeter.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^x^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\users\x\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AvgUninstallURL]
start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=NFVZOVgtTlNWVkwtTzRCWlEtUUlNQ0wtUVREQ0gtNElKTUg&inst=NzctNjI3OTM4MjI3LVhPMTArMTItTElDKzIyLUZMMTArMS1TUDErMS1TUDFUQisxLVNVRCsxLVMxSSsxLVNVMysxLUREVCs1NDU2OS1ERDEwRisx&prod=90&ver=10.0.1392 [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
2011-08-30 18:24 624056 ----a-w- c:\program files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-03-30 02:59 937920 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-12-15 17:27 136176 ----atw- c:\users\x\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2008-10-24 13:14 79136 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2008-02-19 18:10 267048 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KeePass 2 PreLoad]
2011-01-02 17:16 1670656 ----a-w- c:\program files\KeePass Password Safe 2\KeePass.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSCRM]
2007-12-07 11:09 62488 ----a-w- c:\program files\Microsoft Dynamics CRM\Client\ConfigWizard\CrmForOutlookInstaller.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
2007-09-27 08:10 1282048 ----a-w- c:\program files\Analog Devices\Core\smax4pnp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-17 16:07 252296 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]
2007-05-31 14:21 648072 ----a-w- c:\windows\WindowsMobile\wmdcBase.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-19 07:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-115333722-87402179-3805670400-1001]
"EnableNotificationsRef"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ    PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ    BthServ
WindowsMobile REG_MULTI_SZ    wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ    WcesComm RapiMgr
HPZ12 REG_MULTI_SZ    Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ    hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ    FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2013-12-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-04 23:57]
.
2013-12-05 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-04-17 18:34]
.
2013-12-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-03 14:52]
.
2013-12-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-03 14:52]
.
2013-12-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-115333722-87402179-3805670400-1001Core.job
- c:\users\x\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-01 17:27]
.
2013-12-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-115333722-87402179-3805670400-1001UA.job
- c:\users\x\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-01 17:27]
.
2013-12-06 c:\windows\Tasks\User_Feed_Synchronization-{DB0FFED1-8C2C-4843-BE99-7B82B6BFFD4A}.job
- c:\windows\system32\msfeedssync.exe [2011-05-18 21:23]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=0080206
IE: Append to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.2
FF - ProfilePath - c:\users\x\AppData\Roaming\Mozilla\Firefox\Profiles\tcaibtv2.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig
FF - ExtSQL: !HIDDEN! 2009-07-13 13:58; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
.
**************************************************************************
scanning hidden processes ... 
.
scanning hidden autostart entries ...
.
scanning hidden files ... 
.
scan completed successfully
hidden files:
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MySQL]
"ImagePath"="\"c:\program files\MySQL\MySQL Server 5.5\bin\mysqld\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.5\my.ini\" MySQL"
.
Completion time: 2013-12-06  17:44:05
ComboFix-quarantined-files.txt  2013-12-06 23:44
ComboFix2.txt  2013-11-23 08:01
.
Pre-Run: 8,101,048,320 bytes free
Post-Run: 8,674,148,352 bytes free
.
- - End Of File - - AF27B9B36BF029231007D1713DA304EF
973E9BA32FDBB305C552ED3E1EBF0686
 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-12-2013
Ran by x (administrator) on xDESKTOP on 06-12-2013 21:25:03
Running from C:\Users\x\Desktop
Microsoft® Windows Vista™ Business  Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Broadcom Corporation) C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvr.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac207\Monitor.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
() C:\Program Files\MicroStar\WLANUtility\WlanUtility.exe
() C:\Program Files\MicroStar\WLANUtility\WLAN_Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI\ATI.ACE\Core-Static\MMLoadDrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSAS11.MSSQLSERVER\OLAP\bin\msmdsrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI\ATI.ACE\Core-Static\MMLoadDrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdhost.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_11_9_900_152_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [PAC207_Monitor] - C:\Windows\PixArt\Pac207\Monitor.exe [323584 2007-12-10] (PixArt Imaging Incorporation)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-07-28] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [178712 2007-07-26] (Intel Corporation)
HKU\administrator\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=0080206
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [147456] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.2

FireFox:
========
FF ProfilePath: C:\Users\x\AppData\Roaming\Mozilla\Firefox\Profiles\tcaibtv2.default
FF Homepage: hxxp://www.google.com/ig
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @java.com/DTPlugin,version=10.5.1 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.1 - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8064.0206 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\x\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\x\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Extension: Microsoft .NET Framework Assistant - C:\Users\x\AppData\Roaming\Mozilla\Firefox\Profiles\tcaibtv2.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: Adblock Plus - C:\Users\x\AppData\Roaming\Mozilla\Firefox\Profiles\tcaibtv2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\x\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\x\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\x\AppData\Local\Google\Chrome\Application\31.0.1650.63\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.10.8) - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll No File
CHR Plugin: (Java™ Platform SE 7 U1) - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll No File
CHR Plugin: (DivX Web Player) - C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll (DivX,Inc.)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Turner Media Plugin 1.0.0.10) - C:\Program Files\Mozilla Firefox\plugins\NPTURNMED.dll (CNN)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll No File
CHR Plugin: (Google Updater) - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (YouTube) - C:\Users\x\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\x\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Wallet) - C:\Users\x\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\x\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1

========================== Services (Whitelisted) =================

R2 ASFIPmon; C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe [79168 2007-06-20] (Broadcom Corporation)
S2 gupdate1c9860f6878b2f; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-02-03] (Google Inc.)
R2 MsDtsServer110; C:\Program Files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvr.exe [218552 2012-06-12] (Microsoft Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
R2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [160184 2012-06-12] (Microsoft Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe [3004416 2007-11-07] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation)
R2 ReportServer; C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [1610168 2012-06-12] (Microsoft Corporation)
S3 SQL Server Distributed Replay Client; C:\Program Files\Microsoft SQL Server\110\Tools\DReplayClient\DReplayClient.exe [137304 2012-02-11] (Microsoft Corporation)
S3 SQL Server Distributed Replay Controller; C:\Program Files\Microsoft SQL Server\110\Tools\DReplayController\DReplayController.exe [342104 2012-02-11] (Microsoft Corporation)
R2 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [445368 2012-06-12] (Microsoft Corporation)
S4 AcrSch2Svc; "C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe" [x]
R3 MSSQLFDLauncher; "C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe" -s MSSQL11.MSSQLSERVER [x]
R2 MSSQLServerOLAPService; "C:\Program Files\Microsoft SQL Server\MSAS11.MSSQLSERVER\OLAP\bin\msmdsrv.exe" -s "C:\Program Files\Microsoft SQL Server\MSAS11.MSSQLSERVER\OLAP\Config"
S2 MySQL; "C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld" --defaults-file="C:\Program Files\MySQL\MySQL Server 5.5\my.ini" MySQL
S2 RoxLiveShare9; "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe" [x]
S3 stllssvr; "C:\Program Files\Common Files\SureThing Shared\stllssvr.exe" [x]

==================== Drivers (Whitelisted) ====================

R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdLH3.sys [81936 2011-06-06] (Advanced Micro Devices)
R2 BASFND; C:\Program Files\Broadcom\ASFIPMon\BASFND.sys [10480 2007-06-20] (Broadcom Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [618112 2008-02-13] (PixArt Imaging Inc.)
S3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [16472 2009-09-28] ()
S3 R300; C:\Windows\System32\DRIVERS\atikmdag.sys [8913920 2011-11-10] (Advanced Micro Devices, Inc.)
S4 RsFx0200; C:\Windows\System32\DRIVERS\RsFx0200.sys [268888 2012-02-11] (Microsoft Corporation)
R3 rt70x86; C:\Windows\System32\DRIVERS\netr70.sys [306016 2010-04-27] (Ralink Technology Corp.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-03-13] ()
R2 tifsfilter; C:\Windows\System32\DRIVERS\tifsfilt.sys [44384 2009-12-30] (Acronis)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
R3 catchme; \??\C:\Users\x\AppData\Local\Temp\catchme.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 pgfilter; \??\C:\Program Files\PeerGuardian2\pgfilter.sys [x]
S3 RimUsb; System32\Drivers\RimUsb.sys [x]
U3 mbr; \??\C:\ComboFix\mbr.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-12-06 21:25 - 2013-12-06 21:25 - 00015061 _____ C:\Users\x\Desktop\FRST.txt
2013-12-06 21:24 - 2013-12-06 21:24 - 00000000 ____D C:\FRST
2013-12-06 21:22 - 2013-12-06 21:22 - 01060031 _____ (Farbar) C:\Users\x\Desktop\FRST.exe
2013-12-06 21:22 - 2013-12-06 21:22 - 00013342 _____ C:\Users\x\Desktop\ComboFix.txt
2013-12-06 17:44 - 2013-12-06 17:44 - 00013342 _____ C:\ComboFix.txt
2013-12-06 17:27 - 2013-12-06 17:26 - 05153080 ____R (Swearware) C:\Users\x\Desktop\ComboFix.exe
2013-12-06 17:26 - 2013-12-06 17:26 - 05153080 _____ (Swearware) C:\Users\x\Downloads\ComboFix.exe
2013-12-05 23:15 - 2013-12-05 23:31 - 00001593 _____ C:\Users\x\Desktop\AdwCleaner[S0].txt
2013-12-05 22:34 - 2013-12-05 23:10 - 00000000 ____D C:\AdwCleaner
2013-12-05 22:32 - 2013-12-05 23:29 - 00001271 _____ C:\Users\x\Desktop\JRT.txt
2013-12-05 22:29 - 2013-12-05 22:29 - 00000000 ____D C:\Windows\ERUNT
2013-12-05 22:22 - 2013-12-05 22:22 - 01110034 _____ C:\Users\x\Desktop\AdwCleaner.exe
2013-12-05 22:22 - 2013-12-05 22:22 - 01034531 _____ (Thisisu) C:\Users\x\Downloads\JRT.exe
2013-12-05 14:24 - 2013-12-05 14:24 - 00006718 _____ C:\Users\x\Desktop\hijackthis.log
2013-12-05 14:04 - 2013-12-05 14:23 - 00006680 _____ C:\Users\x\Downloads\hijackthis.log
2013-12-05 14:03 - 2013-12-05 14:03 - 00388608 _____ (Trend Micro Inc.) C:\Users\x\Downloads\fghfg.exe
2013-12-04 22:03 - 2013-12-04 22:03 - 02347384 _____ (ESET) C:\Users\x\Downloads\esetsmartinstaller_enu.exe
2013-12-04 22:03 - 2013-12-04 22:03 - 00000000 ____D C:\Program Files\ESET
2013-12-04 21:48 - 2013-12-04 21:57 - 00000000 ____D C:\ProgramData\HitmanPro
2013-12-04 21:48 - 2013-12-04 21:48 - 00002700 _____ C:\Users\x\Desktop\RKreport[0]_S_12042013_214818.txt
2013-12-04 21:47 - 2013-12-04 21:48 - 09452704 _____ (SurfRight B.V.) C:\Users\x\Downloads\HitmanPro.exe
2013-12-04 21:46 - 2013-12-04 21:46 - 00003227 _____ C:\Users\x\Desktop\RKreport[0]_D_12042013_214607.txt
2013-12-04 21:45 - 2013-12-04 21:45 - 00003155 _____ C:\Users\x\Desktop\RKreport[0]_S_12042013_214541.txt
2013-12-04 21:41 - 2013-12-04 21:48 - 00000000 ____D C:\Users\x\Desktop\RK_Quarantine
2013-12-04 21:41 - 2013-12-04 21:41 - 03580416 _____ C:\Users\x\Downloads\RogueKiller.exe
2013-12-04 16:51 - 2013-12-04 16:51 - 00000649 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-04 16:51 - 2013-12-04 16:51 - 00000000 ____D C:\Users\x\AppData\Roaming\Malwarebytes
2013-12-04 16:51 - 2013-12-04 16:51 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-04 16:51 - 2013-12-04 16:51 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-04 16:51 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-04 16:50 - 2013-12-04 16:51 - 00000000 ____D C:\Users\x\Downloads\mbam-chameleon-1.62.1.1000
2013-12-04 16:50 - 2013-12-04 16:50 - 01440846 _____ C:\Users\x\Downloads\mbam-chameleon-1.62.1.1000.zip
2013-12-04 16:47 - 2013-12-04 16:47 - 04101441 _____ C:\Users\x\Downloads\tdsskiller.zip
2013-12-04 16:46 - 2013-12-04 16:46 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\x\Downloads\tdjklkiller.exe
2013-12-04 16:28 - 2013-12-04 16:45 - 00000000 ____D C:\Users\x\AppData\Local\NPE
2013-12-04 16:28 - 2013-12-04 16:28 - 03053496 ____N (Symantec Corporation) C:\Users\x\Downloads\NPE.exe
2013-12-04 16:28 - 2013-12-04 16:28 - 00000000 ____D C:\ProgramData\Norton
2013-11-23 14:56 - 2013-10-13 04:42 - 12344832 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-23 14:56 - 2013-10-13 04:08 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-23 14:56 - 2013-10-13 03:48 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-23 14:56 - 2013-10-13 03:37 - 01104896 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-23 14:56 - 2013-10-13 03:35 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-23 14:56 - 2013-10-13 03:35 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-23 14:56 - 2013-10-13 03:33 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-23 14:56 - 2013-10-13 03:32 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-23 14:56 - 2013-10-13 03:30 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-23 14:56 - 2013-10-13 03:30 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-23 14:56 - 2013-10-13 03:29 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-23 14:56 - 2013-10-13 03:27 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-23 14:56 - 2013-10-13 03:27 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-23 14:56 - 2013-10-13 03:26 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-23 14:56 - 2013-10-13 03:25 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-23 14:56 - 2013-10-13 03:20 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-23 01:53 - 2013-11-23 01:53 - 00001178 _____ C:\Windows\PFRO.log
2013-11-23 01:22 - 2011-06-26 00:45 - 00256000 _____ C:\Windows\PEV.exe
2013-11-23 01:22 - 2010-11-07 11:20 - 00208896 _____ C:\Windows\MBR.exe
2013-11-23 01:22 - 2009-04-19 22:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-11-23 01:22 - 2000-08-30 18:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-11-23 01:22 - 2000-08-30 18:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-11-23 01:22 - 2000-08-30 18:00 - 00098816 _____ C:\Windows\sed.exe
2013-11-23 01:22 - 2000-08-30 18:00 - 00080412 _____ C:\Windows\grep.exe
2013-11-23 01:22 - 2000-08-30 18:00 - 00068096 _____ C:\Windows\zip.exe
2013-11-23 01:20 - 2013-12-06 17:44 - 00000000 ____D C:\Qoobox
2013-11-23 01:20 - 2013-11-23 01:55 - 00000000 ____D C:\Windows\erdnt
2013-11-18 09:28 - 2013-11-18 09:28 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\x\Downloads\rtydfh.exe
2013-11-15 14:33 - 2013-10-10 20:08 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-15 14:33 - 2013-10-10 20:07 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-15 14:33 - 2013-10-10 18:39 - 00218228 _____ C:\Windows\system32\WFP.TMF
2013-11-15 14:33 - 2013-10-03 06:45 - 00993792 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-15 14:33 - 2013-10-03 06:45 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

==================== One Month Modified Files and Folders =======

2013-12-06 21:25 - 2013-12-06 21:25 - 00015061 _____ C:\Users\x\Desktop\FRST.txt
2013-12-06 21:24 - 2013-12-06 21:24 - 00000000 ____D C:\FRST
2013-12-06 21:23 - 2008-02-08 11:18 - 00000428 ____H C:\Windows\Tasks\User_Feed_Synchronization-{DB0FFED1-8C2C-4843-BE99-7B82B6BFFD4A}.job
2013-12-06 21:22 - 2013-12-06 21:22 - 01060031 _____ (Farbar) C:\Users\x\Desktop\FRST.exe
2013-12-06 21:22 - 2013-12-06 21:22 - 00013342 _____ C:\Users\x\Desktop\ComboFix.txt
2013-12-06 21:20 - 2006-11-02 06:47 - 00003552 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-06 21:20 - 2006-11-02 06:47 - 00003552 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-06 20:56 - 2012-05-04 06:31 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-06 20:37 - 2009-07-01 06:02 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-06 20:28 - 2011-04-01 08:17 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-115333722-87402179-3805670400-1001UA.job
2013-12-06 20:25 - 2013-10-13 11:16 - 01184432 _____ C:\Windows\WindowsUpdate.log
2013-12-06 17:44 - 2013-12-06 17:44 - 00013342 _____ C:\ComboFix.txt
2013-12-06 17:44 - 2013-11-23 01:20 - 00000000 ____D C:\Qoobox
2013-12-06 17:42 - 2006-11-02 04:23 - 00000215 _____ C:\Windows\system.ini
2013-12-06 17:26 - 2013-12-06 17:27 - 05153080 ____R (Swearware) C:\Users\x\Desktop\ComboFix.exe
2013-12-06 17:26 - 2013-12-06 17:26 - 05153080 _____ (Swearware) C:\Users\x\Downloads\ComboFix.exe
2013-12-06 17:25 - 2006-11-02 04:33 - 00949940 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-06 17:20 - 2009-07-01 06:02 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-06 17:20 - 2006-11-02 07:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-05 23:34 - 2008-02-06 04:45 - 00000012 _____ C:\Windows\bthservsdp.dat
2013-12-05 23:34 - 2006-11-02 07:01 - 00032594 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-05 23:31 - 2013-12-05 23:15 - 00001593 _____ C:\Users\x\Desktop\AdwCleaner[S0].txt
2013-12-05 23:29 - 2013-12-05 22:32 - 00001271 _____ C:\Users\x\Desktop\JRT.txt
2013-12-05 23:10 - 2013-12-05 22:34 - 00000000 ____D C:\AdwCleaner
2013-12-05 22:29 - 2013-12-05 22:29 - 00000000 ____D C:\Windows\ERUNT
2013-12-05 22:22 - 2013-12-05 22:22 - 01110034 _____ C:\Users\x\Desktop\AdwCleaner.exe
2013-12-05 22:22 - 2013-12-05 22:22 - 01034531 _____ (Thisisu) C:\Users\x\Downloads\JRT.exe
2013-12-05 16:34 - 2011-08-25 17:43 - 00000000 ____D C:\Users\x\AppData\Roaming\.minecraft
2013-12-05 14:24 - 2013-12-05 14:24 - 00006718 _____ C:\Users\x\Desktop\hijackthis.log
2013-12-05 14:23 - 2013-12-05 14:04 - 00006680 _____ C:\Users\x\Downloads\hijackthis.log
2013-12-05 14:05 - 2013-10-20 19:21 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-05 14:03 - 2013-12-05 14:03 - 00388608 _____ (Trend Micro Inc.) C:\Users\x\Downloads\fghfg.exe
2013-12-05 12:59 - 2011-04-01 08:17 - 00000860 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-115333722-87402179-3805670400-1001Core.job
2013-12-05 12:59 - 2009-02-03 08:52 - 00000868 _____ C:\Windows\Tasks\Google Software Updater.job
2013-12-05 02:29 - 2011-04-01 08:18 - 00002094 _____ C:\Users\x\Desktop\Google Chrome.lnk
2013-12-04 23:12 - 2006-11-02 05:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-12-04 22:03 - 2013-12-04 22:03 - 02347384 _____ (ESET) C:\Users\x\Downloads\esetsmartinstaller_enu.exe
2013-12-04 22:03 - 2013-12-04 22:03 - 00000000 ____D C:\Program Files\ESET
2013-12-04 21:57 - 2013-12-04 21:48 - 00000000 ____D C:\ProgramData\HitmanPro
2013-12-04 21:48 - 2013-12-04 21:48 - 00002700 _____ C:\Users\x\Desktop\RKreport[0]_S_12042013_214818.txt
2013-12-04 21:48 - 2013-12-04 21:47 - 09452704 _____ (SurfRight B.V.) C:\Users\x\Downloads\HitmanPro.exe
2013-12-04 21:48 - 2013-12-04 21:41 - 00000000 ____D C:\Users\x\Desktop\RK_Quarantine
2013-12-04 21:46 - 2013-12-04 21:46 - 00003227 _____ C:\Users\x\Desktop\RKreport[0]_D_12042013_214607.txt
2013-12-04 21:45 - 2013-12-04 21:45 - 00003155 _____ C:\Users\x\Desktop\RKreport[0]_S_12042013_214541.txt
2013-12-04 21:41 - 2013-12-04 21:41 - 03580416 _____ C:\Users\x\Downloads\RogueKiller.exe
2013-12-04 16:51 - 2013-12-04 16:51 - 00000649 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-04 16:51 - 2013-12-04 16:51 - 00000000 ____D C:\Users\x\AppData\Roaming\Malwarebytes
2013-12-04 16:51 - 2013-12-04 16:51 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-04 16:51 - 2013-12-04 16:51 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-04 16:51 - 2013-12-04 16:50 - 00000000 ____D C:\Users\x\Downloads\mbam-chameleon-1.62.1.1000
2013-12-04 16:50 - 2013-12-04 16:50 - 01440846 _____ C:\Users\x\Downloads\mbam-chameleon-1.62.1.1000.zip
2013-12-04 16:47 - 2013-12-04 16:47 - 04101441 _____ C:\Users\x\Downloads\tdsskiller.zip
2013-12-04 16:46 - 2013-12-04 16:46 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\x\Downloads\tdjklkiller.exe
2013-12-04 16:45 - 2013-12-04 16:28 - 00000000 ____D C:\Users\x\AppData\Local\NPE
2013-12-04 16:41 - 2011-04-07 15:52 - 00000000 ____D C:\Users\x\AppData\Local\Apps\2.0
2013-12-04 16:28 - 2013-12-04 16:28 - 03053496 ____N (Symantec Corporation) C:\Users\x\Downloads\NPE.exe
2013-12-04 16:28 - 2013-12-04 16:28 - 00000000 ____D C:\ProgramData\Norton
2013-12-04 16:15 - 2006-11-02 05:18 - 00000000 ____D C:\Windows\rescache
2013-12-04 15:37 - 2006-11-02 06:47 - 00426848 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-04 15:30 - 2008-03-18 14:30 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-11-23 14:56 - 2008-02-08 10:58 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-23 14:53 - 2011-08-27 11:12 - 00001945 _____ C:\Windows\epplauncher.mif
2013-11-23 14:53 - 2011-08-27 11:11 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-11-23 14:29 - 2013-08-29 20:43 - 00000000 ____D C:\Windows\system32\MRT
2013-11-23 02:01 - 2006-11-02 05:18 - 00000000 __RHD C:\Users\Default
2013-11-23 02:01 - 2006-11-02 05:18 - 00000000 ___RD C:\Users\Public
2013-11-23 01:55 - 2013-11-23 01:20 - 00000000 ____D C:\Windows\erdnt
2013-11-23 01:53 - 2013-11-23 01:53 - 00001178 _____ C:\Windows\PFRO.log
2013-11-23 00:46 - 2009-07-01 11:59 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-11-19 04:21 - 2011-08-27 11:31 - 00230048 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-18 09:28 - 2013-11-18 09:28 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\x\Downloads\rtydfh.exe
2013-11-17 17:57 - 2011-05-25 15:17 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-11-11 16:49 - 2011-02-07 17:48 - 00000000 ____D C:\Users\x\AppData\Local\Microsoft Help
2013-11-07 15:50 - 2006-11-02 04:24 - 80340640 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-12-06 17:48

==================== End Of Log ============================

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 07-12-2013
Ran by x at 2013-12-06 21:25:32
Running from C:\Users\x\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958)
µTorrent (Version: 2.2.0)
32 Bit HP BiDi Channel Components Installer (Version: 1.1.0.2)
7-Zip 4.57
ActivePerl 5.10.1 Build 1006 (Version: 5.10.1006)
Adobe Acrobat 8 Professional (Version: 8.3.1)
Adobe Acrobat 8.3.1 - CPSID_83708
Adobe Acrobat 8.3.1 Professional (Version: 8.3.1)
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742) (Version: 8.1.2)
Adobe AIR (Version: 2.0.3.13070)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.152)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
AMD APP SDK Runtime (Version: 2.5.709.2)
AMD Catalyst Install Manager (Version: 3.0.838.0)
Apple Software Update (Version: 2.0.2.92)
Application Verifier (Version: 4.0.917)
Bonjour (Version: 1.0.104)
Broadcom ASF Management Applications (Version: 10.16.02)
Broadcom Management Programs (Version: 10.20.03)
Browser Address Error Redirector (Version: 1.00.0000)
BufferChm (Version: 100.0.170.000)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2011.0728.1756.30366)
Catalyst Control Center Core Implementation (Version: 2007.0914.2139.36828)
Catalyst Control Center Graphics Full Existing (Version: 2007.0914.2139.36828)
Catalyst Control Center Graphics Full New (Version: 2007.0914.2139.36828)
Catalyst Control Center Graphics Light (Version: 2007.0914.2139.36828)
Catalyst Control Center Graphics Previews Common (Version: 2011.0728.1756.30366)
Catalyst Control Center Graphics Previews Vista (Version: 2007.0914.2139.36828)
Catalyst Control Center InstallProxy (Version: 2011.0728.1756.30366)
Catalyst Control Center Localization Chinese Standard (Version: 2007.0914.2139.36828)
Catalyst Control Center Localization Chinese Traditional (Version: 2007.0914.2139.36828)
Catalyst Control Center Localization French (Version: 2007.0914.2139.36828)
Catalyst Control Center Localization German (Version: 2007.0914.2139.36828)
Catalyst Control Center Localization Italian (Version: 2007.0914.2139.36828)
Catalyst Control Center Localization Japanese (Version: 2007.0914.2139.36828)
Catalyst Control Center Localization Korean (Version: 2007.0914.2139.36828)
Catalyst Control Center Localization Polish (Version: 2007.0914.2139.36828)
Catalyst Control Center Localization Portuguese (Version: 2007.0914.2139.36828)
Catalyst Control Center Localization Spanish (Version: 2007.0914.2139.36828)
Catalyst Control Center Localization Thai (Version: 2007.0914.2139.36828)
CCC Help Chinese Standard (Version: 2007.0914.2138.36828)
CCC Help Chinese Traditional (Version: 2007.0914.2138.36828)
CCC Help English (Version: 2007.0914.2138.36828)
CCC Help English (Version: 2011.0728.1755.30366)
CCC Help French (Version: 2007.0914.2138.36828)
CCC Help German (Version: 2007.0914.2138.36828)
CCC Help Italian (Version: 2007.0914.2138.36828)
CCC Help Japanese (Version: 2007.0914.2138.36828)
CCC Help Korean (Version: 2007.0914.2138.36828)
CCC Help Polish (Version: 2007.0914.2138.36828)
CCC Help Portuguese (Version: 2007.0914.2138.36828)
CCC Help Spanish (Version: 2007.0914.2138.36828)
CCC Help Thai (Version: 2007.0914.2138.36828)
ccc-core-static (Version: 2007.0914.2139.36828)
ccc-utility (Version: 2007.0914.2139.36828)
ccc-utility (Version: 2011.0728.1756.30366)
CCleaner (Version: 3.03)
Choice Guard (Version: 1.2.87.0)
Crystal Reports Basic for Visual Studio 2008 (Version: 10.5.0.0)
Debugging Tools for Windows (x86) (Version: 6.11.1.404)
Defraggler (Version: 2.15)
Destination Component (Version: 100.0.0.0)
DeviceDiscovery (Version: 100.0.190.000)
DeviceManagementQFolder (Version: 1.00.0000)
DivX Web Player (Version: 1.4.3)
DVD Decrypter (Remove Only)
Eraser (Version: 5.86)
ESET Online Scanner v3
FFmpeg for Audacity on Windows
FTL version 1.03.1 (Version: 1.03.1)
GDR 2218 for SQL Server 2012 (KB2716442) (Version: 11.0.2218.0)
Google Chrome (HKCU Version: 31.0.1650.63)
Google Talk Plugin (Version: 1.8.0.0)
Google Update Helper (Version: 1.3.22.3)
Google Updater (Version: 2.4.2432.1652)
Gtk# for .Net 2.12.10 (Version: 2.12.10)
GTK+ Runtime 2.14.7 rev a (remove only)
GUIPDFTK
Historical Stock Price Collection (HKCU Version: 1.0.0.5)
HP Color LaserJet CM2320 MFP Series 2.0 (Version: 2.0)
HP Imaging Device Functions 10.0 (Version: 10.0)
hppCLJCM2320 (Version: 001.000.00071)
hppFaxUtilityCM2320 (Version: 001.000.00069)
hppManualsCM2320 (Version: 001.000.00071)
hppQFolderCM2320 (Version: 1.00.0000)
hppscanCM2320 (Version: 001.000.00071)
hppScanToCM2320 (Version: 001.000.00068)
IEEE802.11a/b/g Wireless LAN Software (Version: 2.1.2.11)
Intel® Matrix Storage Manager
iTunes (Version: 7.6.1.9)
Java Auto Updater (Version: 2.1.6.0)
Java™ 6 Update 29 (Version: 6.0.290)
Java™ 7 Update 5 (Version: 7.0.50)
Java™ SE Development Kit 7 Update 1 (Version: 1.7.0.10)
JavaFX 2.1.1 (Version: 2.1.1)
KeePass Password Safe 2.14
K-Lite Mega Codec Pack 6.9.0 (Version: 6.9.0)
Macromedia Flash MX (Version: 6)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Compact Framework 2.0 SP2 (Version: 2.0.7045)
Microsoft .NET Compact Framework 3.5 (Version: 3.5.7283)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 11.0.5510)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Device Emulator version 3.0 - ENU (Version: 9.0.21022)
Microsoft Document Explorer 2008
Microsoft Document Explorer 2008 (Version: 9.0.21022)
Microsoft Help Viewer 1.1 (Version: 1.1.40219)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Project 2007 Service Pack 3 (SP3)
Microsoft Office Project MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Project Professional 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
Microsoft Office Visio 2007 Service Pack 3 (SP3)
Microsoft Office Visio MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Visio Professional 2007 (Version: 12.0.6612.1000)
Microsoft Office Visual Web Developer 2007 (Version: 12.0.4518.1066)
Microsoft Office Visual Web Developer MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Report Viewer 2012 Runtime (Version: 11.0.2100.60)
Microsoft Security Client (Version: 4.4.0304.0)
Microsoft Security Essentials (Version: 4.4.304.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2008 R2 Management Objects (Version: 10.51.2500.0)
Microsoft SQL Server 2008 Setup Support Files  (Version: 10.1.2731.0)
Microsoft SQL Server 2012
Microsoft SQL Server 2012 Data-Tier App Framework  (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Management Objects  (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Native Client  (Version: 11.0.2218.0)
Microsoft SQL Server 2012 Policies  (Version: 11.0.2100.60)
Microsoft SQL Server 2012 RsFx Driver (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Setup (English) (Version: 11.1.3000.0)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (Version: 11.0.2218.0)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (Version: 11.0.2100.60)
Microsoft SQL Server 2012 T-SQL Language Service  (Version: 11.0.2100.60)
Microsoft SQL Server Data Tools – Database Projects – Web installer entry point (Version: 10.3.20116.0)
Microsoft SQL Server System CLR Types (Version: 10.51.2500.0)
Microsoft System CLR Types for SQL Server 2012 (Version: 11.0.2100.60)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (Version: 9.0.30729.4974)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ Compilers 2008 Standard Edition - enu - x86 (Version: 9.0.30729)
Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60940.0)
Microsoft Visual Studio 2008 Professional Edition - ENU
Microsoft Visual Studio 2008 Professional Edition - ENU (Version: 9.0.21022)
Microsoft Visual Studio 2010 Shell (Integrated) - ENU (Version: 10.0.40219)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (Version: 10.0.40219)
Microsoft Visual Studio Tools for Applications Design-Time 3.0 (Version: 10.0.40220)
Microsoft Visual Studio Tools for Applications x86 Runtime 3.0 (Version: 10.0.40220)
Microsoft Visual Studio Web Authoring Component (Version: 12.0.4518.1066)
Microsoft VSS Writer for SQL Server 2012 (Version: 11.0.2100.60)
Microsoft Windows SDK .NET Framework Tools (40715) (Version: 7.0.40715)
Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools (Version: 3.5.21022)
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (Version: 6.1.5288.17011)
Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense (Version: 6.1.5288.17011)
Microsoft Windows SDK for Visual Studio 2008 Tools (Version: 6.1.5288.17011)
Microsoft Windows SDK for Visual Studio 2008 Win32 Tools (Version: 6.1.5288.17011)
Microsoft Windows SDK for Windows 7 (7.0) (Version: 7.0.40715)
Microsoft Windows SDK for Windows 7 (7.0) (Version: 7.0.7600.16385.40715)
Microsoft Windows SDK for Windows 7 .NET Documentation (40715) (Version: 7.0.40715)
Microsoft Windows SDK for Windows 7 Common Utilities (40715) (Version: 7.0.40715)
Microsoft Windows SDK for Windows 7 Headers and Libraries (40715) (Version: 7.0.40715)
Microsoft Windows SDK for Windows 7 Redistributable Components for Application Verifier and Windows Debugging Tools (40715) (Version: 7.0.40715)
Microsoft Windows SDK for Windows 7 Samples (40715) (Version: 7.0.40715)
Microsoft Windows SDK for Windows 7 Utilities for Win32 Development (40715) (Version: 7.0.40715)
Microsoft Windows SDK for Windows 7 Win32 Documentation (40715) (Version: 7.0.40715)
Microsoft Windows SDK Intellisense and Reference Assemblies (40715) (Version: 7.0.40715)
Microsoft Windows SDK Net Fx Interop Headers And Libraries (40715) (Version: 7.0.40715)
Mozilla Firefox 24.0 (x86 en-US) (Version: 24.0)
Mozilla Maintenance Service (Version: 24.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyDefrag v4.3.1 (Version: 4.0.0.0)
Octoshape add-in for Adobe Flash Player
PeerBlock 1.0.0 (r181) (Version: 1.0.0.181)
Prerequisites for SSDT  (Version: 11.0.2100.60)
Python 2.6.5 (Version: 2.6.5150)
QuickPar 0.9 (Version: 0.9)
Recuva (Version: 1.38)
Scan (Version: 10.1.0.0)
Skins (Version: 2007.0914.2139.36828)
Skype™ 5.10 (Version: 5.10.116)
Sonic Activation Module (Version: 1.0)
Spybot - Search & Destroy (Version: 1.6.2)
SQL Server 2012 Analysis Services (Version: 11.0.2100.60)
SQL Server 2012 BI Development Studio (Version: 11.0.2100.60)
SQL Server 2012 Client Tools (Version: 11.0.2100.60)
SQL Server 2012 Common Files (Version: 11.0.2100.60)
SQL Server 2012 Data quality client (Version: 11.0.2100.60)
SQL Server 2012 Data quality service (Version: 11.0.2100.60)
SQL Server 2012 Database Engine Services (Version: 11.0.2100.60)
SQL Server 2012 Database Engine Shared (Version: 11.0.2100.60)
SQL Server 2012 Distributed Replay (Version: 11.0.2100.60)
SQL Server 2012 Documentation Components (Version: 11.0.2100.60)
SQL Server 2012 Full text search (Version: 11.0.2100.60)
SQL Server 2012 Integration Services (Version: 11.0.2100.60)
SQL Server 2012 Management Studio (Version: 11.0.2100.60)
SQL Server 2012 Reporting Services (Version: 11.0.2100.60)
SQL Server 2012 SQL Data Quality Common (Version: 11.0.2100.60)
SQL Server Browser for SQL Server 2012 (Version: 11.0.2100.60)
Sql Server Customer Experience Improvement Program (Version: 11.0.2100.60)
TBS WMP Plug-in (Version: 1.00.676)
TrayApp (Version: 100.0.170.000)
Update 4.0.2 for Microsoft .NET Framework 4 Client Profile (KB2544514) (Version: 1)
Update 4.0.2 for Microsoft .NET Framework 4 Extended (KB2544514) (Version: 1)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (Version: 3)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2825642) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Project 2007 Help (KB963668)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Visio 2007 Help (KB963666)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Microsoft Visual Studio 2008 Professional Edition - ENU (KB972221) (Version: 1)
VBA (2627.01) (Version: 6.03.00.9402)
VC Runtimes MSI (Version: 9.0.21022)
VC80CRTRedist - 8.0.50727.762 (Version: 1.0.0)
Visual Studio 2005 Tools for Office Second Edition Runtime
Visual Studio Tools for the Office system 3.0 Runtime
Visual Studio Tools for the Office system 3.0 Runtime (Version: 9.0.21022)
VLC media player 2.0.6 (Version: 2.0.6)
WBFS Manager 3.0 (Version: 3.0)
Winamp (Version: 5.52 )
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8064.0206)
Windows Live Essentials (Version: 14.0.8064.206)
Windows Live Photo Gallery (Version: 14.0.8064.206)
Windows Live Sync (Version: 14.0.8064.206)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Windows Mobile 5.0 SDK R2 for Pocket PC (Version: 5.00.1700.5.14343.06)
Windows Mobile 5.0 SDK R2 for Smartphone (Version: 5.00.1700.5.14343.06)
Windows SDK Intellidocs (Version: 9.0.30729)
Yahoo! Detect

==================== Restore Points  =========================

23-11-2013 20:26:23 Windows Update
04-12-2013 22:02:37 Windows Update
06-12-2013 23:30:25 ComboFix created restore point

==================== Hosts content: ==========================

2006-11-02 04:23 - 2013-11-23 01:55 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {155723BA-60E2-4354-93AF-84EAC8D3C2D8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\System32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: {2DE18FE4-6467-484F-8431-206702EC5546} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\System32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {2E5B7D97-F14C-4CFF-864E-620AABA892D1} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {2FFAD676-4B8F-4FED-90BB-8DD4F7865253} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3EECF078-E92F-4CC2-BEE7-F04867C6C9FB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-03] (Google Inc.)
Task: {4D72741E-769C-45DB-8604-CB8EBDADAA29} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {673BBBA7-C667-4B47-AA8E-67967A493F30} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-115333722-87402179-3805670400-1001UA => C:\Users\x\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-15] (Google Inc.)
Task: {701468BD-4381-45E0-BBE2-29C759A46BEE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-115333722-87402179-3805670400-1001Core => C:\Users\x\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-15] (Google Inc.)
Task: {84D5EA06-E34C-4339-8C69-79AB4E1C28E1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-03] (Google Inc.)
Task: {97697FEE-44FB-4ED0-933B-8C51C2C49270} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-17] (Adobe Systems Incorporated)
Task: {979DCDF9-97DB-4CDF-8E0D-3034F5C3B8AA} - System32\Tasks\Shutdown => shutdown
Task: {CCA129DE-FFB8-4861-AA33-4DF026739E8B} - System32\Tasks\Microsoft\Windows\Dovico => Iexplore.exe
Task: {EC36E608-5075-42AB-8FD3-2D7EEA7A9DC6} - System32\Tasks\Microsoft\Windows\PLA\New Data Collector Set => C:\Windows\System32\pla.dll [2008-01-19] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-115333722-87402179-3805670400-1001Core.job => C:\Users\x\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-115333722-87402179-3805670400-1001UA.job => C:\Users\x\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{DB0FFED1-8C2C-4843-BE99-7B82B6BFFD4A}.job => C:\Windows\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) =============

2011-07-28 14:52 - 2011-11-10 01:11 - 00037376 _____ () C:\Windows\system32\atitmpxx.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

==================== Faulty Device Manager Devices =============

Name: Microsoft Tun Miniport Adapter
Description: Microsoft Tun Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunmp
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

==================== Event log errors: =========================

Application errors:
==================
Error: (12/06/2013 05:21:33 PM) (Source: Report Server Windows Service (MSSQLSERVER)) (User: )
Description: Report Server Windows Service (MSSQLSERVER) cannot connect to the report server database.

Error: (12/06/2013 05:21:05 PM) (Source: SQLSERVERAGENT) (User: )
Description: OpenSQLServerInstanceRegKey:GetRegKeyAccessMask failed (reason: 2).

Error: (12/06/2013 05:21:05 PM) (Source: SQLSERVERAGENT) (User: )
Description: OpenSQLServerInstanceRegKey:GetRegKeyAccessMask failed (reason: 2).

Error: (12/05/2013 11:12:34 PM) (Source: Report Server Windows Service (MSSQLSERVER)) (User: )
Description: Report Server Windows Service (MSSQLSERVER) cannot connect to the report server database.

Error: (12/05/2013 11:12:14 PM) (Source: SQLSERVERAGENT) (User: )
Description: OpenSQLServerInstanceRegKey:GetRegKeyAccessMask failed (reason: 2).

Error: (12/05/2013 11:12:14 PM) (Source: SQLSERVERAGENT) (User: )
Description: OpenSQLServerInstanceRegKey:GetRegKeyAccessMask failed (reason: 2).

System errors:
=============
Error: (12/06/2013 05:42:12 PM) (Source: Service Control Manager) (User: )
Description: PEVSystemStart

Error: (12/06/2013 05:38:44 PM) (Source: Service Control Manager) (User: )
Description: PEVSystemStart

Error: (12/06/2013 05:33:11 PM) (Source: Service Control Manager) (User: )
Description: PEVSystemStart

Error: (12/06/2013 05:22:53 PM) (Source: Service Control Manager) (User: )
Description: HP CUE DeviceDiscovery Service

Error: (12/06/2013 05:22:24 PM) (Source: Service Control Manager) (User: )
Description: MySQL%%3

Error: (12/06/2013 05:20:46 PM) (Source: Microsoft-Windows-TaskScheduler) (User: NT AUTHORITY)
Description: 2147942402

Error: (12/05/2013 11:13:55 PM) (Source: Service Control Manager) (User: )
Description: HP CUE DeviceDiscovery Service

Error: (12/05/2013 11:13:34 PM) (Source: Service Control Manager) (User: )
Description: MySQL%%3

Error: (12/05/2013 11:11:57 PM) (Source: Microsoft-Windows-TaskScheduler) (User: NT AUTHORITY)
Description: 2147942402

Microsoft Office Sessions:
=========================
Error: (03/10/2013 10:56:22 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 122 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (11/04/2011 07:23:13 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 24 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (11/04/2011 07:17:53 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 25 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (10/24/2011 08:05:46 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 27 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (10/24/2011 08:00:57 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 22 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (10/24/2011 07:54:34 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 29 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (10/24/2011 07:30:57 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 18 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (10/24/2011 07:30:05 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 131 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (10/24/2011 07:19:08 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 147 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (09/14/2010 02:18:56 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 4 seconds with 0 seconds of active time.  This session ended with a crash.

CodeIntegrity Errors:
===================================
  Date: 2013-12-04 21:35:52.272
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-12-04 21:35:51.577
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-12-04 21:35:50.935
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-12-04 21:35:50.190
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-12-04 21:35:49.388
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-12-04 21:35:48.483
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-12-04 21:27:56.620
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\fveapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-12-04 21:27:55.912
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\fveapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-12-04 21:27:55.218
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\fveapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-12-04 21:27:54.449
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\fveapi.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Percentage of memory in use: 56%
Total physical RAM: 2045.24 MB
Available physical RAM: 895.42 MB
Total Pagefile: 4335.75 MB
Available Pagefile: 2985.86 MB
Total Virtual: 2047.88 MB
Available Virtual: 1905.96 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:72.46 GB) (Free:8.67 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:2 GB) (Free:1.39 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 75 GB) (Disk ID: 28000000)
Partition 1: (Not Active) - (Size=47 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=2 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=72 GB) - (Type=07 NTFS)

==================== End Of Log ============================


Edited by Pseudorious, 06 December 2013 - 10:34 PM.


#6 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,539 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:09:12 PM

Posted 07 December 2013 - 11:46 AM

GMER

Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror which will download a randomly named file
  • Zipped Mirror - Unzip the file to its own folder such as C:\gmer
  • Disconnect from the Internet and close all running programs
  • Temporarily disable any real-time active protection
  • It is very important you do not use your computer while GMER is running
  • Double-click on the randomly named GMER gmericon_zps951fd5aa.jpg icon
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan
  • If you receive a warning about rootkit activity and are asked to fully scan your system click NO
  • Please check in the Quick scan box
  • Please uncheck the following:
    • IAT/EAT
    • Show All <<< Important
    GMER2new_zpsdd936679.jpg
  • Click Scan
  • If you see a rootkit warning window click OK
  • When the scan is finished, Save the results to your desktop as gmer.log
  • Click Copy then paste the results in your reply
  • Exit GMER and be sure to re-enable your Antivirus, Firewall and any other security programs you had disabled
Note:
  • If you encounter any problems, try running GMER in Safe Mode
  • If GMER crashes or keeps resulting in a Blue Screen of Death, uncheck Devices on the right side before scanning

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#7 Pseudorious

Pseudorious
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:12 PM

Posted 07 December 2013 - 05:12 PM

Thank you again.  Results are below.  The virus remains.

 

GMER 2.1.19163 - http://www.gmer.net
Rootkit scan 2013-12-07 16:10:22
Windows 6.0.6002 Service Pack 2 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST380815 rev.3.AD 74.51GB
Running: usxce1fe.exe; Driver: C:\Users\x\AppData\Local\Temp\fwlyiaog.sys

---- System - GMER 2.1 ----

INT 0x62  ?                                                                                                     8696AF00
INT 0x82  ?                                                                                                     8696AF00
INT 0x92  ?                                                                                                     8696AF00
INT 0xA2  ?                                                                                                     8696AF00
INT 0xB2  ?                                                                                                     85020BF8

---- Kernel code sections - GMER 2.1 ----

?         System32\Drivers\spog.sys                                                                             The system cannot find the path specified. !
.text     C:\Windows\system32\DRIVERS\atikmdag.sys                                                              section is writeable [0x8C80B000, 0x3BEEC5, 0xE8000020]

---- Devices - GMER 2.1 ----

Device    \FileSystem\Ntfs \Ntfs                                                                                850221F8
Device    \Driver\volmgr \Device\VolMgrControl                                                                  8501E1F8
Device    \Driver\usbuhci \Device\USBPDO-0                                                                      868A81F8
Device    \Driver\usbuhci \Device\USBPDO-1                                                                      868A81F8
Device    \Driver\usbuhci \Device\USBPDO-2                                                                      868A81F8
Device    \Driver\usbuhci \Device\USBPDO-3                                                                      868A81F8
Device    \Driver\usbehci \Device\USBPDO-4                                                                      869071F8
Device    \Driver\volmgr \Device\HarddiskVolume1                                                                8501E1F8
Device    \Driver\volmgr \Device\HarddiskVolume2                                                                8501E1F8
Device    \Driver\cdrom \Device\CdRom0                                                                          869C81F8
Device    \Driver\volmgr \Device\HarddiskVolume3                                                                8501E1F8
Device    \Driver\iaStor \Device\Ide\iaStor0                                                                    [880CFA50] \SystemRoot\system32\drivers\iastor.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device    \Driver\iaStor \Device\Ide\IAAStorageDevice-0                                                         [880CFA50] \SystemRoot\system32\drivers\iastor.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device    \Driver\iaStor \Device\Ide\IAAStorageDevice-1                                                         [880CFA50] \SystemRoot\system32\drivers\iastor.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device    \Driver\netbt \Device\NetBt_Wins_Export                                                               86DE01F8
Device    \Driver\Smb \Device\NetbiosSmb                                                                        86DC01F8
Device    \Driver\iScsiPrt \Device\RaidPort0                                                                    869B31F8
Device    \Driver\usbuhci \Device\USBFDO-0                                                                      868A81F8
Device    \Driver\netbt \Device\NetBT_Tcpip_{568B33AC-BB9C-4932-86CF-857447F6CDF1}                              86DE01F8
Device    \Driver\usbuhci \Device\USBFDO-1                                                                      868A81F8
Device    \Driver\usbuhci \Device\USBFDO-2                                                                      868A81F8
Device    \Driver\usbuhci \Device\USBFDO-3                                                                      868A81F8
Device    \Driver\usbehci \Device\USBFDO-4                                                                      869071F8
Device    \FileSystem\cdfs \Cdfs                                                                                848FB1F8

---- Trace I/O - GMER 2.1 ----

Trace     ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys spog.sys hal.dll >>UNKNOWN [0x84fd5938]<<               84fd5938
Trace     1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86319ac8]                                               86319ac8
Trace     3 CLASSPNP.SYS[8879d8b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x85073030]            85073030

---- Registry - GMER 2.1 ----

Reg       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1                                                    771343423
Reg       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2                                                    285507792
Reg       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0                                                    1
Reg       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC                     
Reg       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                   0xD4 0xC3 0x97 0x02 ...
Reg       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                   0
Reg       HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                0xC1 0x0C 0xB0 0x20 ...
Reg       HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) 
Reg       HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                       0xD4 0xC3 0x97 0x02 ...
Reg       HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                       0
Reg       HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                    0xC1 0x0C 0xB0 0x20 ...

---- Disk sectors - GMER 2.1 ----

Disk      \Device\Harddisk0\DR0                                                                                 unknown MBR code

---- EOF - GMER 2.1 ----



#8 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,539 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:09:12 PM

Posted 07 December 2013 - 07:44 PM

Download aswMBR.exe ( 511KB ) to your desktop. If you already have this application, this is a new version I need you to download.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan

aswMBR1.png

On completion of the scan click save log, save it to your desktop and post in your next reply

aswMBR2.png

The tool will also produce a copy of the mbrdump labeled MBR.dat. Please upload that file here.


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#9 Pseudorious

Pseudorious
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:12 PM

Posted 12 December 2013 - 09:22 PM

The file was submitted and the log is shown below:

 

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-12-12 19:50:52
-----------------------------
19:50:52.992    OS Version: Windows 6.0.6002 Service Pack 2
19:50:52.992    Number of processors: 2 586 0xF0D
19:50:52.993    ComputerName: XDESKTOP  UserName: x
19:50:53.804    Initialize success
19:51:22.420    AVAST engine defs: 13121201
19:55:13.683    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:55:13.685    Disk 0 Vendor: ST380815 3.AD Size: 76293MB BusType: 3
19:55:13.942    Disk 0 MBR read successfully
19:55:13.945    Disk 0 MBR scan
19:55:13.950    Disk 0 unknown MBR code
19:55:13.959    Disk 0 Partition 1 00     DE Dell Utility                47 MB offset 63
19:55:13.979    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS         2048 MB offset 98304
19:55:13.998    Disk 0 Partition 3 80 (A) 07    HPFS/NTFS NTFS        74196 MB offset 4292608
19:55:14.029    Disk 0 scanning sectors +156247031
19:55:14.326    Disk 0 scanning C:\Windows\system32\drivers
19:55:34.607    Service scanning
19:55:44.797    Service MpKsl3b1e15fd c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C86E85C8-53C5-4D00-B3AF-C49A8FB752AE}\MpKsl3b1e15fd.sys **LOCKED** 32
19:55:58.369    Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
19:56:04.753    Modules scanning
19:56:37.359    Disk 0 trace - called modules:
19:56:37.416    ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys spve.sys hal.dll >>UNKNOWN [0x84fd5938]<<
19:56:37.421    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x861ce608]
19:56:37.425    3 CLASSPNP.SYS[887a68b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x85088030]
19:56:39.949    AVAST engine scan C:\Windows
19:56:49.329    AVAST engine scan C:\Windows\system32
20:00:04.715    File: C:\Windows\system32\FlashPlayerInstaller.exe **HIDDEN**
20:04:49.300    AVAST engine scan C:\Windows\system32\drivers
20:05:30.323    AVAST engine scan C:\Users\x
20:13:31.015    AVAST engine scan C:\ProgramData
20:16:31.043    Scan finished successfully
20:19:07.944    Disk 0 MBR has been saved successfully to "C:\Users\x\Desktop\MBR.dat"
20:19:07.953    The log file has been saved successfully to "C:\Users\x\Desktop\aswMBR.txt"


#10 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,539 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:09:12 PM

Posted 13 December 2013 - 09:12 AM

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    image000q.png
  • Put a checkmark beside loaded modules.
    2012081514h0118.png
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
    2012081517h0349.png
  • Click the Start Scan button.
    19695967.jpg
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
    67776163.jpg
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    62117367.jpg
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#11 Pseudorious

Pseudorious
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:12 PM

Posted 15 December 2013 - 02:42 PM

Hi.  I followed your instructions, however, the log is too long to post.  I'll try breaking it up.  The virus remains.

 

19:56:10.0983 0x0e5c  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
19:56:11.0443 0x0e5c  ============================================================
19:56:11.0443 0x0e5c  Current date / time: 2013/12/14 19:56:11.0443
19:56:11.0443 0x0e5c  SystemInfo:
19:56:11.0443 0x0e5c  
19:56:11.0443 0x0e5c  OS Version: 6.0.6002 ServicePack: 2.0
19:56:11.0443 0x0e5c  Product type: Workstation
19:56:11.0444 0x0e5c  ComputerName: xDESKTOP
19:56:11.0444 0x0e5c  UserName: x
19:56:11.0444 0x0e5c  Windows directory: C:\Windows
19:56:11.0444 0x0e5c  System windows directory: C:\Windows
19:56:11.0444 0x0e5c  Processor architecture: Intel x86
19:56:11.0444 0x0e5c  Number of processors: 2
19:56:11.0444 0x0e5c  Page size: 0x1000
19:56:11.0444 0x0e5c  Boot type: Normal boot
19:56:11.0444 0x0e5c  ============================================================
19:56:11.0445 0x0e5c  BG loaded
19:56:12.0111 0x0e5c  System UUID: {DB234856-FCCE-62B3-932A-4C5FA80164F3}
19:56:13.0377 0x0e5c  Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:56:13.0519 0x0e5c  ============================================================
19:56:13.0519 0x0e5c  \Device\Harddisk0\DR0:
19:56:13.0551 0x0e5c  MBR partitions:
19:56:13.0551 0x0e5c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x18000, BlocksNum 0x400000
19:56:13.0551 0x0e5c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x418000, BlocksNum 0x90EA3F7
19:56:13.0551 0x0e5c  ============================================================
19:56:13.0749 0x0e5c  C: <-> \Device\Harddisk0\DR0\Partition2
19:56:13.0977 0x0e5c  D: <-> \Device\Harddisk0\DR0\Partition1
19:56:13.0978 0x0e5c  ============================================================
19:56:13.0978 0x0e5c  Initialize success
19:56:13.0978 0x0e5c  ============================================================
19:58:31.0190 0x1490  ============================================================
19:58:31.0190 0x1490  Scan started
19:58:31.0190 0x1490  Mode: Manual; SigCheck; TDLFS; 
19:58:31.0190 0x1490  ============================================================
19:58:31.0190 0x1490  KSN ping started
19:58:33.0739 0x1490  KSN ping finished: true
19:58:34.0077 0x1490  ================ Scan system memory ========================
19:58:34.0077 0x1490  System memory - ok
19:58:34.0078 0x1490  ================ Scan services =============================
19:58:34.0279 0x1490  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
19:58:34.0385 0x1490  ACPI - ok
19:58:34.0430 0x1490  AcrSch2Svc - ok
19:58:34.0476 0x1490  [ 3DB3FB83217627D9A0CB8BAE6CC5B491, 20150F8D65EB8220ED98C5F984E42A74CDCC813DC0CD303F3E244FEA78BE38CB ] ADIHdAudAddService C:\Windows\system32\drivers\ADIHdAud.sys
19:58:34.0530 0x1490  ADIHdAudAddService - ok
19:58:34.0586 0x1490  [ 1BA1AB4141A92EB34DA99F1249CA2D4D, 43ADF35146E61E0DE58D2ACC2994538F6025135ECEB30073BEF05A804BB38107 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:58:34.0605 0x1490  AdobeFlashPlayerUpdateSvc - ok
19:58:34.0666 0x1490  [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB, 0342700760874683A6DF4F149DACACEF0569D40C45FC5958C67100B3C5D9BBBC ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
19:58:34.0716 0x1490  adp94xx - ok
19:58:34.0741 0x1490  [ B84088CA3CDCA97DA44A984C6CE1CCAD, 87009809FB101BF51483FA32318CBCD209386582880C82417BE4FFAD1B04C8C1 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
19:58:34.0764 0x1490  adpahci - ok
19:58:34.0787 0x1490  [ 7880C67BCCC27C86FD05AA2AFB5EA469, C8B06E203EEA6EAD19651F212432005ABADFF21E2AA5699E34040527394F2677 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
19:58:34.0803 0x1490  adpu160m - ok
19:58:34.0823 0x1490  [ 9AE713F8E30EFC2ABCCD84904333DF4D, B0C7801AC6E0811C38F0474703F34283914C8873D851F59EE232834F7C0D8087 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
19:58:34.0839 0x1490  adpu320 - ok
19:58:34.0876 0x1490  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:58:34.0968 0x1490  AeLookupSvc - ok
19:58:35.0046 0x1490  [ 3911B972B55FEA0478476B2E777B29FA, 62545B90C7DD3F73777E62CD8264E611A4D71B6956CABFD2D820D25F41F471FD ] AFD             C:\Windows\system32\drivers\afd.sys
19:58:35.0097 0x1490  AFD - ok
19:58:35.0147 0x1490  [ 8B10CE1C1F9F1D47E4DEB1A547A00CD4, 2E89838BD068314F4BE59753486E5D666FE2A3DD0A616E00EED4E0F83DB87401 ] agp440          C:\Windows\system32\drivers\agp440.sys
19:58:35.0161 0x1490  agp440 - ok
19:58:35.0194 0x1490  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
19:58:35.0211 0x1490  aic78xx - ok
19:58:35.0269 0x1490  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
19:58:35.0409 0x1490  ALG - ok
19:58:35.0432 0x1490  [ DC67A153FDB8105B25D05334B5E1D8E2, 95CD9ABE73EC1E5111F5D599FE16EB1B3A6A87B7FC54922254769032CD2BEF0E ] aliide          C:\Windows\system32\drivers\aliide.sys
19:58:35.0447 0x1490  aliide - ok
19:58:35.0485 0x1490  [ F970EA885AEFEB1B9EB97CA7F1EB226D, 19E3B7F62A474BA9CC3824500445F9F525A2D43A597660658B05977DC198679A ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:58:35.0552 0x1490  AMD External Events Utility - ok
19:58:35.0608 0x1490  [ 848F27E5B27C1C253F6CEFDC1A5D8F21, 0FE955D82CE68A1FC5DCA33626179005B90803821005A370EB36352817433089 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
19:58:35.0622 0x1490  amdagp - ok
19:58:35.0649 0x1490  [ 835C4C3355088298A5EBD818FA31430F, 947E587F016AD3B2B4606334E03372F34D806ED1AFF4860E7EA2E289D70FB79E ] amdide          C:\Windows\system32\drivers\amdide.sys
19:58:35.0663 0x1490  amdide - ok
19:58:35.0706 0x1490  [ DC487885BCEF9F28EECE6FAC0E5DDFC5, 24A62F6E628AD46273BC226F7BC3453A9C7B76F81ABB9FB801EBEFADB2AB7C9B ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
19:58:35.0849 0x1490  AmdK7 - ok
19:58:35.0867 0x1490  [ 0CA0071DA4315B00FC1328CA86B425DA, 4F816FA2197166A83A266084F9D5ED68876D0521D378F90F1314DD53C6FB8814 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
19:58:35.0939 0x1490  AmdK8 - ok
19:58:36.0305 0x1490  [ AB70F110143892EB41AA46500AA5CF00, D6A9C4231713EE4029ED301129B1AEB14E47228603F8BB2B40FAE245B6F2AE36 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
19:58:36.0752 0x1490  amdkmdag - ok
19:58:36.0817 0x1490  [ 32D68D05B871EED5572D0C2C764EA4EC, 45695582E3C84E3D684EA8A01492A6A0201D737545D0BBCEFCBE93DB790628EB ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
19:58:36.0849 0x1490  amdkmdap - ok
19:58:36.0889 0x1490  [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] Appinfo         C:\Windows\System32\appinfo.dll
19:58:36.0908 0x1490  Appinfo - ok
19:58:36.0949 0x1490  [ 0FE769CAE5855B53C90E23F85E7E89FF, 7163E364D33EDABCFC1E1B586D28FA906F34A764BF4B3031DF020043EAE0D3BF ] AppMgmt         C:\Windows\System32\appmgmts.dll
19:58:36.0982 0x1490  AppMgmt - ok
19:58:37.0023 0x1490  [ 5F673180268BB1FDB69C99B6619FE379, C4307A861163F96648109046A6C7D53AB1C9B10D0B841DD1A7D147D22F462649 ] arc             C:\Windows\system32\drivers\arc.sys
19:58:37.0038 0x1490  arc - ok
19:58:37.0060 0x1490  [ 957F7540B5E7F602E44648C7DE5A1C05, F03C7708A6C9D2579ECE5A7413AFA068E1067D7191EC653A78BA4FEDE76CFBD8 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
19:58:37.0074 0x1490  arcsas - ok
19:58:37.0111 0x1490  [ 6295DD28D0ECBC4E6E450C279FEF5ED9, D929970B3FF38E75C926DA9B425B7BFED19158328DFC7BF5E02F55E2BC69888C ] ASFIPmon        C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
19:58:37.0125 0x1490  ASFIPmon - ok
19:58:37.0216 0x1490  [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
19:58:37.0241 0x1490  aspnet_state - ok
19:58:37.0309 0x1490  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:58:37.0347 0x1490  AsyncMac - ok
19:58:37.0363 0x1490  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys
19:58:37.0378 0x1490  atapi - ok
19:58:37.0433 0x1490  [ F71B6EE018EADF4CFD52F3C83847E5F6, B352ABF13B1593E6D4CE61548DA298BF588765630759E9726553F2D29CC8158F ] AtiHDAudioService C:\Windows\system32\drivers\AtihdLH3.sys
19:58:37.0451 0x1490  AtiHDAudioService - ok
19:58:37.0809 0x1490  [ AB70F110143892EB41AA46500AA5CF00, D6A9C4231713EE4029ED301129B1AEB14E47228603F8BB2B40FAE245B6F2AE36 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
19:58:38.0276 0x1490  atikmdag - ok
19:58:38.0346 0x1490  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:58:38.0390 0x1490  AudioEndpointBuilder - ok
19:58:38.0413 0x1490  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
19:58:38.0443 0x1490  Audiosrv - ok
19:58:38.0494 0x1490  [ C7EA0E3E37FF1CD2BB65636448322572, E7DAC5E500BA093776B8CC378D5E65D737EA96CB51F85A1394D11E9D978A8B6D ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
19:58:38.0540 0x1490  b57nd60x - ok
19:58:38.0556 0x1490  [ 5C68AC6F3E5B3E6D6A78E97D05E42C3A, D783A4094F338CA0BB4E04EC918B157DDDE21291D58508A17BB6359893841340 ] BASFND          C:\Program Files\Broadcom\ASFIPMon\BASFND.sys
19:58:38.0572 0x1490  BASFND - detected UnsignedFile.Multi.Generic ( 1 )
19:58:41.0280 0x1490  Detect skipped due to KSN trusted
19:58:41.0280 0x1490  BASFND - ok
19:58:41.0323 0x1490  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:58:41.0360 0x1490  Beep - ok
19:58:41.0409 0x1490  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
19:58:41.0475 0x1490  BFE - ok
19:58:41.0546 0x1490  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\system32\qmgr.dll
19:58:41.0613 0x1490  BITS - ok
19:58:41.0618 0x1490  blbdrive - ok
19:58:41.0674 0x1490  [ CFD4C3352E29A8B729536648466E8DF5, EE2699697931C054A1C82E6FC1B2EA4881C2F9FBF2B7F7E24268450703ED6F9A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:58:41.0696 0x1490  Bonjour Service - detected UnsignedFile.Multi.Generic ( 1 )
19:58:44.0229 0x1490  Detect skipped due to KSN trusted
19:58:44.0229 0x1490  Bonjour Service - ok
19:58:44.0278 0x1490  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:58:44.0366 0x1490  bowser - ok
19:58:44.0417 0x1490  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
19:58:44.0450 0x1490  BrFiltLo - ok
19:58:44.0464 0x1490  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
19:58:44.0499 0x1490  BrFiltUp - ok
19:58:44.0523 0x1490  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
19:58:44.0580 0x1490  Browser - ok
19:58:44.0619 0x1490  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
19:58:44.0684 0x1490  Brserid - ok
19:58:44.0715 0x1490  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
19:58:44.0801 0x1490  BrSerWdm - ok
19:58:44.0820 0x1490  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
19:58:44.0893 0x1490  BrUsbMdm - ok
19:58:44.0914 0x1490  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
19:58:44.0970 0x1490  BrUsbSer - ok
19:58:45.0016 0x1490  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
19:58:45.0082 0x1490  BTHMODEM - ok
19:58:45.0134 0x1490  [ A4C8377FA4A994E07075107DBE2E3DCE, C3CDAA7B83D130100044341C23897CC6C257FA075A8D08B8551F4A28AE8CE6C4 ] BthServ         C:\Windows\System32\bthserv.dll
19:58:45.0170 0x1490  BthServ - ok
19:58:45.0464 0x1490  catchme - ok
19:58:45.0502 0x1490  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:58:45.0563 0x1490  cdfs - ok
19:58:45.0590 0x1490  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
19:58:45.0626 0x1490  cdrom - ok
19:58:45.0661 0x1490  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
19:58:45.0694 0x1490  CertPropSvc - ok
19:58:45.0716 0x1490  [ DA8E0AFC7BAA226C538EF53AC2F90897, 2BBB9966671A3B8325D215DBC29FBD7D912C13ADC562A0D4521D1FF9A6F445C0 ] circlass        C:\Windows\system32\drivers\circlass.sys
19:58:45.0763 0x1490  circlass - ok
19:58:45.0803 0x1490  [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS            C:\Windows\system32\CLFS.sys
19:58:45.0835 0x1490  CLFS - ok
19:58:45.0874 0x1490  [ 8EE772032E2FE80A924F3B8DD5082194, B743DF91563A22CC15D9B44105804B5866A29D3DFC156DBE88DFAFEF903B94C0 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:58:45.0903 0x1490  clr_optimization_v2.0.50727_32 - ok
19:58:45.0950 0x1490  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:58:45.0988 0x1490  clr_optimization_v4.0.30319_32 - ok
19:58:46.0019 0x1490  [ E79CBB2195E965F6E3256E2C1B23FD1C, 176819CEDE1BC16499B0E67EBDB46D7A627189D6B0DAF733B10FBE0DD3E030A2 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:58:46.0032 0x1490  cmdide - ok
19:58:46.0044 0x1490  [ 722936AFB75A7F509662B69B5632F48A, C386EA5E933C5D3F3FE162AE91F7D81C7C0765A1F790B1FF7B396A9DBDB4AD33 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
19:58:46.0057 0x1490  Compbatt - ok
19:58:46.0063 0x1490  COMSysApp - ok
19:58:46.0084 0x1490  [ 2A213AE086BBEC5E937553C7D9A2B22C, 1F91ACC0426E0ED1717555B282F65629EF15021375B24A63C29C89ADE916EE2A ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
19:58:46.0097 0x1490  crcdisk - ok
19:58:46.0126 0x1490  [ 22A7F883508176489F559EE745B5BF5D, D6341E3FBC8A46D2D1F0477FA60EC4828B585D35B14609CD02868FD04ECD14DB ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
19:58:46.0181 0x1490  Crusoe - ok
19:58:46.0254 0x1490  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:58:46.0309 0x1490  CryptSvc - ok
19:58:46.0371 0x1490  [ 9BDB2E89BE8D0EF37B1F25C3D3FC192C, 95E3AA76DAF3F9EDE1AAE9B85C779F2716097266F492E0A8D361C6ED9A9AC8CC ] CSC             C:\Windows\system32\drivers\csc.sys
19:58:46.0443 0x1490  CSC - ok
19:58:46.0487 0x1490  [ 0A2095F92F6AE4FE6484D911B0C21E95, 52E2E08107FEBD6B46E1C71B39ECA8AB1A0ECF18CA248D9172F831B6FAB99139 ] CscService      C:\Windows\System32\cscsvc.dll
19:58:46.0610 0x1490  CscService - ok
19:58:46.0672 0x1490  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:58:46.0773 0x1490  DcomLaunch - ok
19:58:46.0819 0x1490  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:58:46.0851 0x1490  DfsC - ok
19:58:46.0951 0x1490  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
19:58:47.0150 0x1490  DFSR - ok
19:58:47.0200 0x1490  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
19:58:47.0277 0x1490  Dhcp - ok
19:58:47.0304 0x1490  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
19:58:47.0320 0x1490  disk - ok
19:58:47.0362 0x1490  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:58:47.0410 0x1490  Dnscache - ok
19:58:47.0489 0x1490  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
19:58:47.0560 0x1490  dot3svc - ok
19:58:47.0605 0x1490  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
19:58:47.0640 0x1490  DPS - ok
19:58:47.0672 0x1490  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:58:47.0712 0x1490  drmkaud - ok
19:58:47.0943 0x1490  [ 988670D8343EF9835FB3659DB71B2EFA, 5F5370FDD08C4BFF0828341952E98E95F722CB779EEC08C9DD6212C4DF3CD33B ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:58:47.0979 0x1490  DXGKrnl - ok
19:58:48.0051 0x1490  [ 7505290504C8E2D172FA378CC0497BCC, 8DD69E1B27EC13E62529C87B6B796675681E6329C825E64EEC9134B15C08161C ] e1express       C:\Windows\system32\DRIVERS\e1e6032.sys
19:58:48.0104 0x1490  e1express - ok
19:58:48.0128 0x1490  [ F88FB26547FD2CE6D0A5AF2985892C48, F02E06E16830F5D3FAF61991F5A91E54BB3461F58AFE3BFB7A9066CD302B879F ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
19:58:48.0210 0x1490  E1G60 - ok
19:58:48.0282 0x1490  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
19:58:48.0337 0x1490  EapHost - ok
19:58:48.0392 0x1490  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache          C:\Windows\system32\drivers\ecache.sys
19:58:48.0423 0x1490  Ecache - ok
19:58:48.0476 0x1490  [ E8F3F21A71720C84BCF423B80028359F, 63114E6120F634224A0E83A5047B37C7D6F26CF99FE3C01CFC0AB8B1763BB084 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
19:58:48.0502 0x1490  elxstor - ok
19:58:48.0589 0x1490  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
19:58:48.0678 0x1490  EMDMgmt - ok
19:58:48.0809 0x1490  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
19:58:48.0868 0x1490  EventSystem - ok
19:58:48.0912 0x1490  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
19:58:48.0967 0x1490  exfat - ok
19:58:49.0032 0x1490  [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:58:49.0132 0x1490  fastfat - ok
19:58:49.0225 0x1490  [ DFBA0F60FA301E5B1BFB1403A93EE23E, 727A01AA77BFD6B6FEB394A4C4CCBDB785987A1904F8EED3739A5F6D03C15965 ] Fax             C:\Windows\system32\fxssvc.exe
19:58:49.0289 0x1490  Fax - ok
19:58:49.0331 0x1490  [ 63BDADA84951B9C03E641800E176898A, AD3EA20CAD0E0C438422D5D39AEA9E0AAD9E1DC866A696AE503C76F5FAC4BE6E ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
19:58:49.0402 0x1490  fdc - ok
19:58:49.0433 0x1490  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
19:58:49.0460 0x1490  fdPHost - ok
19:58:49.0499 0x1490  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:58:49.0571 0x1490  FDResPub - ok
19:58:49.0626 0x1490  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:58:49.0650 0x1490  FileInfo - ok
19:58:49.0683 0x1490  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:58:49.0733 0x1490  Filetrace - ok
19:58:49.0787 0x1490  [ 227846995AFEEFA70D328BF5334A86A5, B8EF22DE552B44E7DC352742C775BB6B4992B653AF4B66B231A60182CE7A7201 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:58:49.0821 0x1490  FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
19:58:52.0531 0x1490  Detect skipped due to KSN trusted
19:58:52.0531 0x1490  FLEXnet Licensing Service - ok
19:58:52.0575 0x1490  [ 6603957EFF5EC62D25075EA8AC27DE68, B52D112301A6BFBD60959D7D2502AB2E1EB6BB7F5DCED46899F1F006C7F1E887 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
19:58:52.0637 0x1490  flpydisk - ok
19:58:52.0663 0x1490  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:58:52.0682 0x1490  FltMgr - ok
19:58:52.0754 0x1490  [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache       C:\Windows\system32\FntCache.dll
19:58:52.0832 0x1490  FontCache - ok
19:58:52.0887 0x1490  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:58:52.0900 0x1490  FontCache3.0.0.0 - ok
19:58:52.0924 0x1490  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:58:52.0966 0x1490  Fs_Rec - ok
19:58:52.0993 0x1490  [ 4E1CD0A45C50A8882616CAE5BF82F3C5, 1B909AF150F7119A5685999451A85012F4A92F15F38390A281EA507E2D247BAE ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
19:58:53.0007 0x1490  gagp30kx - ok
19:58:53.0036 0x1490  [ 4AC51459805264AFFD5F6FDFB9D9235F, E97CB835B85F74FC0814D5E27739E0AABC888EAC3921FDD2AD0473F83BCFF5D9 ] GEARAspiWDM     C:\Windows\system32\Drivers\GEARAspiWDM.sys
19:58:53.0047 0x1490  GEARAspiWDM - ok
19:58:53.0100 0x1490  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll
19:58:53.0162 0x1490  gpsvc - ok
19:58:53.0232 0x1490  [ 626A24ED1228580B9518C01930936DF9, CBD94AB1E5477D7288799D17528CC43D572E711DA0F2B0C784A0B9FE105BF0F4 ] gupdate1c9860f6878b2f C:\Program Files\Google\Update\GoogleUpdate.exe
19:58:53.0246 0x1490  gupdate1c9860f6878b2f - ok
19:58:53.0253 0x1490  [ 626A24ED1228580B9518C01930936DF9, CBD94AB1E5477D7288799D17528CC43D572E711DA0F2B0C784A0B9FE105BF0F4 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
19:58:53.0266 0x1490  gupdatem - ok
19:58:53.0310 0x1490  [ 408DDD80EEDE47175F6844817B90213E, 836822885D90DAFFD25A7D7EE363F4DACD41AA4B59095243E2798B137DC55FE3 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
19:58:53.0325 0x1490  gusvc - ok
19:58:53.0376 0x1490  [ 3F90E001369A07243763BD5A523D8722, 25907F85787D879E75C3FE74C93567382AFB2D528BEEC61D71E3A6BE2D71DFBE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:58:53.0424 0x1490  HdAudAddService - ok
19:58:53.0624 0x1490  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
19:58:53.0701 0x1490  HDAudBus - ok
19:58:53.0752 0x1490  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
19:58:53.0809 0x1490  HidBth - ok
19:58:53.0832 0x1490  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
19:58:53.0909 0x1490  HidIr - ok
19:58:53.0956 0x1490  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\System32\hidserv.dll
19:58:54.0005 0x1490  hidserv - ok
19:58:54.0033 0x1490  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:58:54.0120 0x1490  HidUsb - ok
19:58:54.0197 0x1490  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:58:54.0226 0x1490  hkmsvc - ok
19:58:54.0278 0x1490  [ DF353B401001246853763C4B7AAA6F50, 05C043493BDD99DEFBB0F5C3D8C475B06C2BF5629565ACF6F3B754002519B836 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
19:58:54.0301 0x1490  HpCISSs - ok
19:58:54.0675 0x1490  [ F50F7984FDD151EDD8A70A8DBD9E2A44, 45E7ECA40298B233D124993D6C9D4FBBF05E9A843F4DE089317342B3D8A83696 ] hpqcxs08        C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
19:58:54.0753 0x1490  hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )
19:58:57.0449 0x1490  Detect skipped due to KSN trusted
19:58:57.0449 0x1490  hpqcxs08 - ok
19:58:57.0483 0x1490  [ DF446BA625CC441617843E87798CE048, B45C11EEA7EA792DE82E9BB283B9DCF30F891AAB8366075856BD84D10BCBCCD3 ] hpqddsvc        C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
19:58:57.0502 0x1490  hpqddsvc - detected UnsignedFile.Multi.Generic ( 1 )
19:59:00.0329 0x1490  Detect skipped due to KSN trusted
19:59:00.0329 0x1490  hpqddsvc - ok
19:59:00.0477 0x1490  [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:59:00.0543 0x1490  HTTP - ok
19:59:00.0598 0x1490  [ 324C2152FF2C61ABAE92D09F3CCA4D63, 2D09964C8003277F7DB1FFAA0DAEF15B205F3C4100FF601950BC9E544DC0B91F ] i2omp           C:\Windows\system32\drivers\i2omp.sys
19:59:00.0623 0x1490  i2omp - ok
19:59:00.0746 0x1490  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
19:59:00.0829 0x1490  i8042prt - ok
19:59:01.0122 0x1490  [ 6AC8AC8E3B413FA1EE8256E65FE0BA72, 189D2A3B6FA1B9B7CF2C1264D18B7F8EAA81849DBFA2289B3C57A928FA6A34A9 ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
19:59:01.0438 0x1490  IAANTMON - ok
19:59:01.0610 0x1490  [ BDC361489A7F22E568060FA6FB3C960E, 65F55A724CA71A8BBDA4DE04A68FC7C540F0CC978F86FFFE91C223F0C49DA1A1 ] iaStor          C:\Windows\system32\drivers\iastor.sys
19:59:01.0628 0x1490  iaStor - ok
19:59:01.0740 0x1490  [ C957BF4B5D80B46C5017BF0101E6C906, 6B9186335E50E7E0DBAF574A224E524EC526B57AA02F509E4A8D0F905C9CE880 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
19:59:01.0925 0x1490  iaStorV - ok
19:59:02.0238 0x1490  [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
19:59:02.0337 0x1490  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
19:59:05.0033 0x1490  Detect skipped due to KSN trusted
19:59:05.0033 0x1490  IDriverT - ok
19:59:05.0384 0x1490  [ 98477B08E61945F974ED9FDC4CB6BDAB, C7E8F661F6FBF6AB493E950D2E70363496E155B1838CE7B490B981BD840B04FC ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:59:06.0197 0x1490  idsvc - ok
19:59:06.0249 0x1490  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
19:59:06.0285 0x1490  iirsp - ok
19:59:06.0620 0x1490  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll
19:59:06.0880 0x1490  IKEEXT - ok
19:59:06.0982 0x1490  [ 0084046C084D68E494F8CF36BCF08186, 1A40542A8E7ADE1944892F11DFA85307F342965A31D5697425E0BB86874D45F5 ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
19:59:07.0026 0x1490  intelide - ok
19:59:07.0196 0x1490  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
19:59:07.0268 0x1490  intelppm - ok
19:59:07.0506 0x1490  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
19:59:07.0615 0x1490  IPBusEnum - ok
19:59:07.0694 0x1490  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:59:07.0799 0x1490  IpFilterDriver - ok
19:59:07.0923 0x1490  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:59:07.0990 0x1490  iphlpsvc - ok
19:59:07.0995 0x1490  IpInIp - ok
19:59:08.0051 0x1490  [ 40F34F8ABA2A015D780E4B09138B6C17, 22F86888C6B4F76836E863A90730D8F0DBD518305D87A399A159387E79E9D2F7 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
19:59:08.0134 0x1490  IPMIDRV - ok
19:59:08.0182 0x1490  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
19:59:08.0321 0x1490  IPNAT - ok
19:59:08.0465 0x1490  [ 1E9ED06A30FB0410CE94892F1BA6984B, F4DE0667281B627887A0C7BF14EAC576D84CDE60E20E1DB4D89790FC2841DF82 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
19:59:08.0522 0x1490  iPod Service - ok
19:59:08.0569 0x1490  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:59:08.0596 0x1490  IRENUM - ok
19:59:08.0629 0x1490  [ 2F8ECE2699E7E2070545E9B0960A8ED2, 40214A9220C6EC232C245939E4F40A9FF6D30497E180EDC809B87938A922E52D ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:59:08.0643 0x1490  isapnp - ok
19:59:08.0679 0x1490  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
19:59:08.0698 0x1490  iScsiPrt - ok
19:59:08.0720 0x1490  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
19:59:08.0734 0x1490  iteatapi - ok
19:59:08.0765 0x1490  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
19:59:08.0778 0x1490  iteraid - ok
19:59:08.0794 0x1490  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:59:08.0808 0x1490  kbdclass - ok
19:59:08.0831 0x1490  [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
19:59:08.0852 0x1490  kbdhid - ok
19:59:08.0877 0x1490  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe
19:59:08.0906 0x1490  KeyIso - ok
19:59:08.0946 0x1490  [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:59:09.0015 0x1490  KSecDD - ok
19:59:09.0075 0x1490  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:59:09.0117 0x1490  KtmRm - ok
19:59:09.0139 0x1490  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\System32\srvsvc.dll
19:59:09.0178 0x1490  LanmanServer - ok
19:59:09.0219 0x1490  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:59:09.0314 0x1490  LanmanWorkstation - ok
19:59:09.0354 0x1490  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:59:09.0381 0x1490  lltdio - ok
19:59:09.0413 0x1490  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:59:09.0459 0x1490  lltdsvc - ok
19:59:09.0487 0x1490  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:59:09.0541 0x1490  lmhosts - ok
19:59:09.0580 0x1490  [ A2262FB9F28935E862B4DB46438C80D2, 792684A68726BC007ACABB584682FDF4F059AE60888FB5B47ED68A97EA0BB5E6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
19:59:09.0594 0x1490  LSI_FC - ok
19:59:09.0610 0x1490  [ 30D73327D390F72A62F32C103DAF1D6D, 7BB5BFB0DCF33AF9907539B52DF7BA1943C1E75A17715B58DBC702ACA6D406EA ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
19:59:09.0624 0x1490  LSI_SAS - ok
19:59:09.0645 0x1490  [ E1E36FEFD45849A95F1AB81DE0159FE3, DA02B23A881D156A02D3874B41E6D042F84AD558B434280A6A6AC6B619668647 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
19:59:09.0660 0x1490  LSI_SCSI - ok
19:59:09.0688 0x1490  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
19:59:09.0725 0x1490  luafv - ok
19:59:09.0761 0x1490  [ D153B14FC6598EAE8422A2037553ADCE, D5408B07B6EBA0146A605F11106497DC3DF8EC72E0DCC44BE1366A2A58ABE478 ] megasas         C:\Windows\system32\drivers\megasas.sys
19:59:09.0774 0x1490  megasas - ok
19:59:09.0801 0x1490  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
19:59:09.0842 0x1490  MMCSS - ok
19:59:09.0875 0x1490  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
19:59:09.0917 0x1490  Modem - ok
19:59:09.0942 0x1490  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
19:59:09.0978 0x1490  monitor - ok
19:59:10.0004 0x1490  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:59:10.0017 0x1490  mouclass - ok
19:59:10.0033 0x1490  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:59:10.0073 0x1490  mouhid - ok
19:59:10.0100 0x1490  [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
19:59:10.0115 0x1490  MountMgr - ok
19:59:10.0169 0x1490  [ 0329A45C849C9D77901094B8FFE8BBB9, 2151C15A4185FABBC3367B8213017B45E08C43E26E1D8942E707E217C6A5EDA7 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:59:10.0185 0x1490  MozillaMaintenance - ok
19:59:10.0234 0x1490  [ E77DC03DD3C8E5A388BF9EED2A28F3D1, ED0DAA975D1EC35CE036F02596218E15CC6A054167628D12A0A5AD91B841F422 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
19:59:10.0256 0x1490  MpFilter - ok
19:59:10.0326 0x1490  [ 583A41F26278D9E0EA548163D6139397, 1F09D2FEEE1A8D4F1D9E53596158154099FD436A408F7E72E40F50778A3838A1 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:59:10.0341 0x1490  mpio - ok
19:59:10.0379 0x1490  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:59:10.0432 0x1490  mpsdrv - ok
19:59:10.0471 0x1490  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:59:10.0516 0x1490  MpsSvc - ok
19:59:10.0555 0x1490  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
19:59:10.0568 0x1490  Mraid35x - ok
19:59:10.0604 0x1490  [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:59:10.0635 0x1490  MRxDAV - ok
19:59:10.0682 0x1490  [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:59:10.0705 0x1490  mrxsmb - ok
19:59:10.0738 0x1490  [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:59:10.0758 0x1490  mrxsmb10 - ok
19:59:10.0776 0x1490  [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:59:10.0805 0x1490  mrxsmb20 - ok
19:59:10.0832 0x1490  [ D420BC42A637AC3CC4F411220549C0DC, D991D19030D29D03BAFA846C095F460F2F31D19793E5582239964F66A837C562 ] msahci          C:\Windows\system32\drivers\msahci.sys
19:59:10.0846 0x1490  msahci - ok
19:59:10.0865 0x1490  [ 3FC82A2AE4CC149165A94699183D3028, 8575BE62A209672A5D8C68D75BBBB4FF06220CA73A939B0793442DAD2272598C ] msdsm           C:\Windows\system32\drivers\msdsm.sys
19:59:10.0881 0x1490  msdsm - ok
19:59:10.0914 0x1490  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
19:59:10.0959 0x1490  MSDTC - ok
19:59:11.0076 0x1490  [ 64A3E2CE9336A9F8E25835F1C0A121BB, E3D7204BC2BD748631024C676CD6363DF13BA8EC01E6E003759C266B26275477 ] MsDtsServer110  C:\Program Files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvr.exe
19:59:11.0098 0x1490  MsDtsServer110 - ok
19:59:11.0134 0x1490  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:59:11.0173 0x1490  Msfs - ok
19:59:11.0211 0x1490  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:59:11.0226 0x1490  msisadrv - ok
19:59:11.0314 0x1490  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:59:11.0375 0x1490  MSiSCSI - ok
19:59:11.0382 0x1490  msiserver - ok
19:59:11.0434 0x1490  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:59:11.0486 0x1490  MSKSSRV - ok
19:59:11.0554 0x1490  [ B0F49DA36F30922F5DDC3B623B778FCE, EE025AEFA4A2095AFEABFB3A49639DA77D78068A3F5EEDA6C15D34853AFD5609 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
19:59:11.0572 0x1490  MsMpSvc - ok
19:59:11.0605 0x1490  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:59:11.0653 0x1490  MSPCLOCK - ok
19:59:11.0688 0x1490  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:59:11.0727 0x1490  MSPQM - ok
19:59:11.0764 0x1490  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:59:11.0786 0x1490  MsRPC - ok
19:59:11.0831 0x1490  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
19:59:11.0845 0x1490  mssmbios - ok
19:59:11.0902 0x1490  [ 531AF957359F8A202655AA9535EBD567, DE238B0857DBFC1B5B4A8CDB4B5C367A4D635E7DB0FE0C431AAD292BC3C94931 ] MSSQLFDLauncher C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe
19:59:11.0920 0x1490  MSSQLFDLauncher - ok
19:59:11.0959 0x1490  [ 56CEA86BE95D79C9365AF3B93EBD44E5, A04C7FD5B5AEE4C1502D214DF2CE7F1E0782C67FB86C980C749F230D58D4EE79 ] MSSQLSERVER     C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
19:59:11.0984 0x1490  MSSQLSERVER - ok
19:59:12.0032 0x1490  MSSQLServerOLAPService - ok
19:59:12.0051 0x1490  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:59:12.0087 0x1490  MSTEE - ok
19:59:12.0294 0x1490  [ E514D0493C272AECBAC7C6C1DAC635D1, EED0574A7B0914F5E4FA9DD92A90DEBBF9B711B7C66A5E949557848436EF30D8 ] msvsmon90       C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe
19:59:12.0450 0x1490  msvsmon90 - ok
19:59:12.0480 0x1490  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
19:59:12.0495 0x1490  Mup - ok
19:59:12.0504 0x1490  MySQL - ok
19:59:12.0538 0x1490  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
19:59:12.0581 0x1490  napagent - ok
19:59:12.0622 0x1490  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:59:12.0642 0x1490  NativeWifiP - ok
19:59:12.0691 0x1490  [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:59:12.0734 0x1490  NDIS - ok
19:59:12.0786 0x1490  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:59:12.0807 0x1490  NdisTapi - ok
19:59:12.0822 0x1490  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:59:12.0857 0x1490  Ndisuio - ok
19:59:12.0881 0x1490  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:59:12.0918 0x1490  NdisWan - ok
19:59:12.0940 0x1490  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:59:12.0968 0x1490  NDProxy - ok
19:59:12.0992 0x1490  [ 51C6D8BFBD4EA5B62A1BA7F4469250D3, 29ACA9D8A5426333F75858D9D3960A4DCDDA4ACC986B3E9E37D255E4FAECDB7C ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
19:59:13.0005 0x1490  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
19:59:15.0714 0x1490  Detect skipped due to KSN trusted
19:59:15.0714 0x1490  Net Driver HPZ12 - ok
19:59:15.0732 0x1490  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:59:15.0767 0x1490  NetBIOS - ok
19:59:15.0797 0x1490  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
19:59:15.0831 0x1490  netbt - ok
19:59:15.0849 0x1490  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe
19:59:15.0864 0x1490  Netlogon - ok
19:59:15.0897 0x1490  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
19:59:15.0940 0x1490  Netman - ok
19:59:15.0969 0x1490  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:59:15.0995 0x1490  NetMsmqActivator - ok
19:59:16.0010 0x1490  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:59:16.0024 0x1490  NetPipeActivator - ok
19:59:16.0059 0x1490  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
19:59:16.0096 0x1490  netprofm - ok
19:59:16.0119 0x1490  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:59:16.0132 0x1490  NetTcpActivator - ok
19:59:16.0144 0x1490  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:59:16.0158 0x1490  NetTcpPortSharing - ok
19:59:16.0181 0x1490  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
19:59:16.0196 0x1490  nfrd960 - ok
19:59:16.0229 0x1490  [ 32FF06EC6D946EF791D98D6C838A3090, 319BDD491CB22D0CCCCE76A2854CF469D7AF046289F9C56CD03AE3D3CBC0275E ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:59:16.0249 0x1490  NisDrv - ok
19:59:16.0277 0x1490  [ 42D33042371BFB1A7D40834590CAFD30, 53DA3618EC10293B2DF686E291A4EF6ACBBD41D116EC762D54106D201A784E87 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
19:59:16.0301 0x1490  NisSrv - ok
19:59:16.0366 0x1490  [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:59:16.0410 0x1490  NlaSvc - ok
19:59:16.0431 0x1490  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:59:16.0460 0x1490  Npfs - ok
19:59:16.0490 0x1490  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
19:59:16.0529 0x1490  nsi - ok
19:59:16.0547 0x1490  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:59:16.0593 0x1490  nsiproxy - ok
19:59:16.0657 0x1490  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:59:16.0725 0x1490  Ntfs - ok
19:59:16.0781 0x1490  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
19:59:16.0841 0x1490  ntrigdigi - ok
19:59:16.0862 0x1490  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
19:59:16.0888 0x1490  Null - ok
19:59:16.0908 0x1490  [ E69E946F80C1C31C53003BFBF50CBB7C, A0A4BC57822B2CBC75602A969E28DCEDE04B41CC084E1EF1532B1BCDAEAA43BB ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:59:16.0924 0x1490  nvraid - ok
19:59:16.0944 0x1490  [ 9E0BA19A28C498A6D323D065DB76DFFC, EA9E33ED2820ED39932FAE114A9CF1D87780ED6605D0260A6F22F920B48F34E9 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:59:16.0958 0x1490  nvstor - ok
19:59:16.0972 0x1490  [ 055081FD5076401C1EE1BCAB08D81911, E6621F2D24E7E2544AFD249660F2D1026B94698CA841E79B3F1199ACB2203995 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:59:16.0988 0x1490  nv_agp - ok
19:59:16.0993 0x1490  NwlnkFlt - ok
19:59:17.0000 0x1490  NwlnkFwd - ok
19:59:17.0070 0x1490  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:59:17.0128 0x1490  odserv - ok
19:59:17.0185 0x1490  [ BE32DA025A0BE1878F0EE8D6D9386CD5, B9D6CB4626FC67D108D713467C9ED8D0E2A071D98621B5531AD9D0C172FE7B89 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:59:17.0233 0x1490  ohci1394 - ok
19:59:17.0310 0x1490  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:59:17.0326 0x1490  ose - ok
19:59:17.0380 0x1490  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
19:59:17.0479 0x1490  p2pimsvc - ok
19:59:17.0522 0x1490  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
19:59:17.0561 0x1490  p2psvc - ok
19:59:17.0633 0x1490  [ 4A410C7AEA51123519C20D43A20BCE96, 27004FA834AA2600E250BC50DF7E85D21ED2871CA28332380F10328E13B4B1CF ] PAC207          C:\Windows\system32\DRIVERS\PFC027.SYS
19:59:17.0704 0x1490  PAC207 - ok
19:59:17.0771 0x1490  [ 8A79FDF04A73428597E2CAF9D0D67850, DB438FDE5510AB2F350ED1AC4CF0E99D3CC665FE46533A438A8FDA4DAF950F93 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
19:59:17.0800 0x1490  Parport - ok
19:59:17.0823 0x1490  [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:59:17.0839 0x1490  partmgr - ok
19:59:17.0850 0x1490  [ 6C580025C81CAF3AE9E3617C22CAD00E, 64F9061196462085E5DCD3ACB97A0D8FC67CA9A96DDD6E2103AFFF1593AE236A ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
19:59:17.0887 0x1490  Parvdm - ok
19:59:17.0943 0x1490  [ 4DFE4CEF1AEEC1025380D7EBF40E8E2B, F7BA7C76A242B831C6987E5AF26F2D35355FFE240943E1423C844E7294AD19DA ] pbfilter        C:\Program Files\PeerBlock\pbfilter.sys
19:59:17.0958 0x1490  pbfilter - ok
19:59:17.0988 0x1490  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:59:18.0018 0x1490  PcaSvc - ok
19:59:18.0044 0x1490  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
19:59:18.0062 0x1490  pci - ok
19:59:18.0088 0x1490  [ 1636D43F10416AEB483BC6001097B26C, 36E61A993693A46538FE0F726D67BB28886F61D53384AD600D1282296A27662E ] pciide          C:\Windows\system32\drivers\pciide.sys
19:59:18.0102 0x1490  pciide - ok
19:59:18.0144 0x1490  [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
19:59:18.0163 0x1490  pcmcia - ok
19:59:18.0222 0x1490  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:59:18.0386 0x1490  PEAUTH - ok
19:59:18.0439 0x1490  pgfilter - ok
19:59:18.0520 0x1490  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
19:59:18.0717 0x1490  pla - ok
19:59:18.0775 0x1490  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:59:18.0813 0x1490  PlugPlay - ok
19:59:18.0838 0x1490  [ 79834AA2FBF9FE81EEBB229024F6F7FC, 4E243765C11AE9B5D003C3220B8AA0C4671B2627221D2323F80189CA3A307FEF ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
19:59:18.0857 0x1490  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
19:59:21.0547 0x1490  Detect skipped due to KSN trusted
19:59:21.0547 0x1490  Pml Driver HPZ12 - ok
19:59:21.0595 0x1490  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
19:59:21.0634 0x1490  PNRPAutoReg - ok
19:59:21.0670 0x1490  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
19:59:21.0708 0x1490  PNRPsvc - ok
19:59:21.0760 0x1490  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:59:21.0814 0x1490  PolicyAgent - ok
19:59:21.0854 0x1490  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:59:21.0894 0x1490  PptpMiniport - ok
19:59:21.0925 0x1490  [ 0E3CEF5D28B40CF273281D620C50700A, 8ADA99B4563AE2129B95136295EE92A94102B035EBBC83D4C8587ECE8B0DEE60 ] Processor       C:\Windows\system32\drivers\processr.sys
19:59:21.0989 0x1490  Processor - ok
19:59:22.0031 0x1490  [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc         C:\Windows\system32\profsvc.dll
19:59:22.0075 0x1490  ProfSvc - ok
19:59:22.0112 0x1490  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
19:59:22.0128 0x1490  ProtectedStorage - ok
19:59:22.0157 0x1490  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
19:59:22.0189 0x1490  PSched - ok
19:59:22.0304 0x1490  [ CCDAC889326317792480C0A67156A1EC, 3D3B561B6D4E12DE442C98993C929765F002AF5CFB5A00EFACE6ABE957F7E8AF ] ql2300          C:\Windows\system32\drivers\ql2300.sys
19:59:22.0400 0x1490  ql2300 - ok
19:59:22.0447 0x1490  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
19:59:22.0463 0x1490  ql40xx - ok
19:59:22.0513 0x1490  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
19:59:22.0544 0x1490  QWAVE - ok
19:59:22.0575 0x1490  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:59:22.0590 0x1490  QWAVEdrv - ok
19:59:22.0937 0x1490  [ AB70F110143892EB41AA46500AA5CF00, D6A9C4231713EE4029ED301129B1AEB14E47228603F8BB2B40FAE245B6F2AE36 ] R300            C:\Windows\system32\DRIVERS\atikmdag.sys
19:59:23.0407 0x1490  R300 - ok
19:59:23.0490 0x1490  [ 8F97D374AD1857E1EED85A79F29A1D3D, 4B2D1DBB60C0890E3CB497F534D8DE74952AF8774579B62B0F4ED14912CA583C ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
19:59:23.0506 0x1490  RapiMgr - ok
19:59:23.0531 0x1490  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:59:23.0570 0x1490  RasAcd - ok
19:59:23.0602 0x1490  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
19:59:23.0642 0x1490  RasAuto - ok
19:59:23.0665 0x1490  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:59:23.0706 0x1490  Rasl2tp - ok
19:59:23.0740 0x1490  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
19:59:23.0781 0x1490  RasMan - ok
19:59:23.0806 0x1490  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:59:23.0828 0x1490  RasPppoe - ok
19:59:23.0864 0x1490  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:59:23.0889 0x1490  RasSstp - ok
19:59:23.0915 0x1490  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:59:23.0956 0x1490  rdbss - ok
19:59:23.0985 0x1490  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:59:24.0024 0x1490  RDPCDD - ok
19:59:24.0060 0x1490  [ 943B18305EAE3935598A9B4A3D560B4C, E083FA4B9CA1A24031FF23A54942372D7FB3F02F62EE3580F01BEC3229DB2101 ] rdpdr           C:\Windows\system32\DRIVERS\rdpdr.sys
19:59:24.0089 0x1490  rdpdr - ok
19:59:24.0095 0x1490  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:59:24.0130 0x1490  RDPENCDD - ok
19:59:24.0159 0x1490  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
19:59:24.0195 0x1490  RDPWD - ok
19:59:24.0258 0x1490  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:59:24.0288 0x1490  RemoteAccess - ok
19:59:24.0319 0x1490  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:59:24.0355 0x1490  RemoteRegistry - ok
19:59:24.0472 0x1490  [ BAB1710C565B636BEA89796FD7458548, 7B10C6437423A21C37355E61156AD1CAAEA5791CAD5219E48DB578E40D811754 ] ReportServer    C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe
19:59:24.0567 0x1490  ReportServer - ok
19:59:24.0611 0x1490  RimUsb - ok
19:59:24.0644 0x1490  [ 2C4FB2E9F039287767C384E46EE91030, 5290E9457256C007A3FCAE246D0C536179C54D9F4B365E3143B9D0764FCBFCDB ] RimVSerPort     C:\Windows\system32\DRIVERS\RimSerial.sys
19:59:24.0682 0x1490  RimVSerPort - ok
19:59:24.0705 0x1490  [ 75E8A6BFA7374ABA833AE92BF41AE4E6, 5A4CF4CDEFFCC4892D01FF4A5918D91193AA44AA29469B52E83824E6BCC877A5 ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys
19:59:24.0740 0x1490  ROOTMODEM - ok
19:59:24.0782 0x1490  RoxLiveShare9 - ok
19:59:24.0802 0x1490  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
19:59:24.0831 0x1490  RpcLocator - ok
19:59:24.0869 0x1490  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll
19:59:24.0927 0x1490  RpcSs - ok
19:59:24.0975 0x1490  [ AEB55A35DF1ACBE5634F1BA592BF7CF4, 8E6F84ED00CC79671D5187FD003983A22CB65439C62137000724F32BE71DC28F ] RsFx0200        C:\Windows\system32\DRIVERS\RsFx0200.sys
19:59:25.0009 0x1490  RsFx0200 - ok
19:59:25.0039 0x1490  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:59:25.0082 0x1490  rspndr - ok
19:59:25.0116 0x1490  [ 5A54D765D6092B23D47AD9DBF7F6D7E4, 39CE0A58F4A238688C4E420BB4A6E64B151EBB97B45D96CD87834883FBB47D5B ] rt70x86         C:\Windows\system32\DRIVERS\netr70.sys
19:59:25.0134 0x1490  rt70x86 - ok
19:59:25.0152 0x1490  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe
19:59:25.0168 0x1490  SamSs - ok
19:59:25.0204 0x1490  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:59:25.0222 0x1490  sbp2port - ok
19:59:25.0254 0x1490  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:59:25.0289 0x1490  SCardSvr - ok
19:59:25.0339 0x1490  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule        C:\Windows\system32\schedsvc.dll
19:59:25.0425 0x1490  Schedule - ok
19:59:25.0466 0x1490  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:59:25.0489 0x1490  SCPolicySvc - ok
19:59:25.0524 0x1490  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:59:25.0564 0x1490  SDRSVC - ok
19:59:25.0584 0x1490  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:59:25.0644 0x1490  secdrv - ok
19:59:25.0669 0x1490  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
19:59:25.0706 0x1490  seclogon - ok
19:59:25.0735 0x1490  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\system32\sens.dll
19:59:25.0777 0x1490  SENS - ok
19:59:25.0801 0x1490  [ CE9EC966638EF0B10B864DDEDF62A099, 2DEC5A8C947D87C12B342F15B8A552A0D49B979A2AC32D2C97FC7A3A76C34524 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
19:59:25.0828 0x1490  Serenum - ok
19:59:25.0838 0x1490  [ 6D663022DB3E7058907784AE14B69898, 54263888C64A7F010D3B5E399369B0F3FF3AF0A0DE8ADB502B98277533E4D45F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
19:59:25.0876 0x1490  Serial - ok
19:59:25.0910 0x1490  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
19:59:25.0938 0x1490  sermouse - ok
19:59:25.0974 0x1490  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
19:59:26.0004 0x1490  SessionEnv - ok
19:59:26.0034 0x1490  [ 51CF56AA8BCC241F134B420B8F850406, 41DA7438039C791C35BDA5BD255D2CCFA85E5250325FAE4D5A4182AD819E71F1 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
19:59:26.0077 0x1490  sffdisk - ok
19:59:26.0090 0x1490  [ 96DED8B20C734AC41641CE275250E55D, E88317D0B31A98917AD30AD9F8CF6B59C1141FFBF7A150D8675A29B95FF150F3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:59:26.0114 0x1490  sffp_mmc - ok
19:59:26.0131 0x1490  [ 8B08CAB1267B2C377883FC9E56981F90, 4444AC438E805129103FAA48F22D0D6893AC5BD8FCA2A6D4DA51EBD8C75B7529 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
19:59:26.0156 0x1490  sffp_sd - ok
19:59:26.0169 0x1490  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
19:59:26.0229 0x1490  sfloppy - ok
19:59:26.0272 0x1490  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:59:26.0308 0x1490  SharedAccess - ok
19:59:26.0347 0x1490  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:59:26.0389 0x1490  ShellHWDetection - ok
19:59:26.0423 0x1490  [ 08072B2FB92477FC813271A84B3A8698, A97ABDEB5E37F7B50DD6168FAAD524BE82418FC7818BB667C10951408FB6EB70 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
19:59:26.0437 0x1490  sisagp - ok
19:59:26.0458 0x1490  [ CEDD6F4E7D84E9F98B34B3FE988373AA, E102977E6FAC30B5ABEEC0B412A9F2A10C5C42F4D9C3AD69296BF9E1E88B6141 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
19:59:26.0473 0x1490  SiSRaid2 - ok
19:59:26.0491 0x1490  [ DF843C528C4F69D12CE41CE462E973A7, A2BEC74FCB8D8B6B9D8DD4746C013DFDF1DD662AEFE9B88CA495E5B83B4A76F9 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
19:59:26.0507 0x1490  SiSRaid4 - ok
19:59:26.0556 0x1490  [ F07AF60B152221472FBDB2FECEC4896D, A18FDCE8462A48429E249C44F0E49F844F2E3A4B5215349DE104F34D935EF983 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
19:59:26.0573 0x1490  SkypeUpdate - ok
19:59:26.0731 0x1490  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
19:59:26.0922 0x1490  slsvc - ok
19:59:26.0955 0x1490  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
19:59:26.0979 0x1490  SLUINotify - ok
19:59:27.0012 0x1490  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
19:59:27.0048 0x1490  Smb - ok
19:59:27.0079 0x1490  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:59:27.0095 0x1490  SNMPTRAP - ok
19:59:27.0118 0x1490  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
19:59:27.0133 0x1490  spldr - ok
19:59:27.0162 0x1490  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
19:59:27.0198 0x1490  Spooler - ok
19:59:27.0259 0x1490  [ CDDDEC541BC3C96F91ECB48759673505, B030FFA02832317AC5626BF1BF8A4A95A5992C9A6E81BC1C002D5F4D667C27FB ] sptd            C:\Windows\system32\Drivers\sptd.sys
19:59:27.0260 0x1490  Suspicious file ( NoAccess ): C:\Windows\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505, sha256: B030FFA02832317AC5626BF1BF8A4A95A5992C9A6E81BC1C002D5F4D667C27FB
19:59:27.0261 0x1490  sptd - detected LockedFile.Multi.Generic ( 1 )
19:59:29.0956 0x1490  Detect skipped due to KSN trusted
19:59:29.0956 0x1490  sptd - ok
19:59:30.0042 0x1490  [ BFBF5B7808B471D90A8E100463B80D34, A90CF68AE4F30EE8C97BEB7A45239EA56760B6F938E592E4DADDDB138A843DB2 ] SQL Server Distributed Replay Client C:\Program Files\Microsoft SQL Server\110\Tools\DReplayClient\DReplayClient.exe
19:59:30.0063 0x1490  SQL Server Distributed Replay Client - ok
19:59:30.0100 0x1490  [ 5BEF14CB9463370ECBA6E129C7F609C9, AEC598668EAAB1B9A9538515BFE463B8DE474E10446ACC75F68D0691AFEBD984 ] SQL Server Distributed Replay Controller C:\Program Files\Microsoft SQL Server\110\Tools\DReplayController\DReplayController.exe
19:59:30.0129 0x1490  SQL Server Distributed Replay Controller - ok
19:59:30.0222 0x1490  [ E9254892A2D74E537BAD3092F0F8EE40, BEB715404B799F3181C699E233F98B2A913BEB677E94ABE8E2872499FC755385 ] SQLBrowser      C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
19:59:30.0247 0x1490  SQLBrowser - ok
19:59:30.0307 0x1490  [ AC7780C7C6484F55EA1BA6CC9553EFA4, 845F1E088428D82DC3E5A89050ED4914B26F2BEE444A5FC0169910774058EE74 ] SQLSERVERAGENT  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE
19:59:30.0364 0x1490  SQLSERVERAGENT - ok
19:59:30.0428 0x1490  [ 90A07229992B24FC4C419D56E58CF075, 7B3D3ACBDFB5FCC2B73E166DCD594F9F193A24EB8937755FD684338811028846 ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
19:59:30.0447 0x1490  SQLWriter - ok
19:59:30.0489 0x1490  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:59:30.0521 0x1490  srv - ok
19:59:30.0541 0x1490  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:59:30.0580 0x1490  srv2 - ok
19:59:30.0605 0x1490  [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:59:30.0656 0x1490  srvnet - ok
19:59:30.0716 0x1490  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:59:30.0763 0x1490  SSDPSRV - ok
19:59:30.0847 0x1490  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:59:30.0867 0x1490  SstpSvc - ok
19:59:30.0940 0x1490  [ EF70B3D22B4BFFDA6EA851ECB063EFAA, 1666572F8F988805C3A2E949FA6B060B35B72DBB115B86F4CFC710FB6A86C3E3 ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
19:59:30.0971 0x1490  StillCam - ok
19:59:31.0150 0x1490  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
19:59:31.0238 0x1490  stisvc - ok
19:59:31.0279 0x1490  stllssvr - ok
19:59:31.0326 0x1490  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
19:59:31.0339 0x1490  swenum - ok
19:59:31.0470 0x1490  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
19:59:31.0528 0x1490  swprv - ok
19:59:31.0565 0x1490  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
19:59:31.0587 0x1490  Symc8xx - ok
19:59:31.0614 0x1490  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
19:59:31.0642 0x1490  Sym_hi - ok
19:59:31.0659 0x1490  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
19:59:31.0678 0x1490  Sym_u3 - ok
19:59:31.0867 0x1490  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
19:59:31.0912 0x1490  SysMain - ok
19:59:31.0982 0x1490  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:59:32.0023 0x1490  TabletInputService - ok
19:59:32.0110 0x1490  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:59:32.0158 0x1490  TapiSrv - ok
19:59:32.0195 0x1490  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
19:59:32.0376 0x1490  TBS - ok
19:59:32.0500 0x1490  [ 6D0D344F643E28B31262AC2682109A3C, 276736661876CE69A30CEED117AFCF26677221F278E234B9C7D03B85869B2C92 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:59:32.0694 0x1490  Tcpip - ok
19:59:32.0776 0x1490  [ 6D0D344F643E28B31262AC2682109A3C, 276736661876CE69A30CEED117AFCF26677221F278E234B9C7D03B85869B2C92 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
19:59:32.0820 0x1490  Tcpip6 - ok
19:59:32.0891 0x1490  [ 5877A786EF27E42C4E84D1356F922302, 1CDCC7D91086DC0FE80057EE8E1AE609A38DD9D241BC17145E7811C916E662C3 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:59:32.0916 0x1490  tcpipreg - ok
19:59:32.0948 0x1490  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:59:33.0013 0x1490  TDPIPE - ok
19:59:33.0055 0x1490  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
19:59:33.0091 0x1490  TDTCP - ok
19:59:33.0130 0x1490  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:59:33.0162 0x1490  tdx - ok
19:59:33.0185 0x1490  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
19:59:33.0201 0x1490  TermDD - ok
19:59:33.0257 0x1490  [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService     C:\Windows\System32\termsrv.dll
19:59:33.0364 0x1490  TermService - ok
19:59:33.0394 0x1490  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
19:59:33.0444 0x1490  Themes - ok
19:59:33.0472 0x1490  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
19:59:33.0506 0x1490  THREADORDER - ok
19:59:33.0533 0x1490  [ B0B3122BFF3910E0BA97014045467778, C4D8A2A9C18C24B609B084DD63F059E177B42D018C1975458857463239624156 ] tifsfilter      C:\Windows\system32\DRIVERS\tifsfilt.sys
19:59:33.0545 0x1490  tifsfilter - ok
19:59:33.0575 0x1490  [ 13BFE330880AC0CE8672D00AA5AFF738, 0A46BDDCA70109617779A11BAE6D30FEB84DE000D85C9ACD1E293B82C2E5BA64 ] timounter       C:\Windows\system32\DRIVERS\timntr.sys
19:59:33.0605 0x1490  timounter - ok
19:59:33.0629 0x1490  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
19:59:33.0659 0x1490  TrkWks - ok
19:59:33.0714 0x1490  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:59:33.0735 0x1490  TrustedInstaller - ok
19:59:33.0788 0x1490  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:59:33.0823 0x1490  tssecsrv - ok
19:59:33.0854 0x1490  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
19:59:33.0870 0x1490  tunmp - ok
19:59:33.0889 0x1490  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:59:33.0918 0x1490  tunnel - ok
19:59:33.0951 0x1490  [ C3ADE15414120033A36C0F293D4A4121, 74A002C4B5EBD94E33EDEACB6639AF44ED72A8DDE3083C6DE71C1EE937EF1A9C ] uagp35          C:\Windows\system32\drivers\uagp35.sys
19:59:33.0966 0x1490  uagp35 - ok
19:59:34.0005 0x1490  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:59:34.0035 0x1490  udfs - ok
19:59:34.0067 0x1490  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:59:34.0102 0x1490  UI0Detect - ok
19:59:34.0121 0x1490  [ 6D72EF05921ABDF59FC45C7EBFE7E8DD, 9102CB4B5E8B858B61DE1508C6A00D75584741891899966258E510173DBF7BB9 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:59:34.0135 0x1490  uliagpkx - ok
19:59:34.0163 0x1490  [ 3CD4EA35A6221B85DCC25DAA46313F8D, 100A7E12B8EA395F70A00874328E87B930CE88FF442F3576FE88B105A22E04C5 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
19:59:34.0183 0x1490  uliahci - ok
19:59:34.0204 0x1490  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
19:59:34.0222 0x1490  UlSata - ok
19:59:34.0272 0x1490  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
19:59:34.0291 0x1490  ulsata2 - ok
19:59:34.0465 0x1490  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
19:59:34.0523 0x1490  umbus - ok
19:59:34.0667 0x1490  [ 8A66360F38F81E960E2367B428CBD5D9, 349A39BD63E1FF3C3D0249A3BE834D62F3EFC5EA4416269421AF03F10356D3E5 ] UmRdpService    C:\Windows\System32\umrdp.dll
19:59:34.0898 0x1490  UmRdpService - ok
19:59:34.0980 0x1490  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
19:59:35.0091 0x1490  upnphost - ok
19:59:35.0410 0x1490  [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
19:59:35.0504 0x1490  usbccgp - ok
19:59:35.0760 0x1490  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:59:35.0983 0x1490  usbcir - ok
19:59:36.0008 0x1490  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
19:59:36.0067 0x1490  usbehci - ok
19:59:36.0406 0x1490  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:59:36.0484 0x1490  usbhub - ok
19:59:36.0524 0x1490  [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci         C:\Windows\system32\drivers\usbohci.sys
19:59:36.0608 0x1490  usbohci - ok
19:59:36.0780 0x1490  [ B51E52ACF758BE00EF3A58EA452FE360, 79E629EC5DE8AB7F31B0EE9AE94C71E8F703FED5C09A816228726974F7790C85 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
19:59:36.0876 0x1490  usbprint - ok
19:59:36.0925 0x1490  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:59:37.0066 0x1490  USBSTOR - ok
19:59:37.0198 0x1490  [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
19:59:37.0367 0x1490  usbuhci - ok
19:59:37.0681 0x1490  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
19:59:37.0707 0x1490  UxSms - ok
19:59:37.0749 0x1490  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
19:59:37.0853 0x1490  vds - ok
19:59:37.0885 0x1490  [ 7D92BE0028ECDEDEC74617009084B5EF, D0749CE6FA3415BA4364299F8D6D53F133E8D2F44C6F1057996243415A540A53 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
19:59:37.0941 0x1490  vga - ok
19:59:37.0972 0x1490  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
19:59:37.0998 0x1490  VgaSave - ok
19:59:38.0022 0x1490  [ D5929A28BDFF4367A12CAF06AF901971, DE2A60A9EE1ABACEE6221E4AD5D4AA4CBA12FED448EB36CA3B7A9A5F09A8DC8C ] viaagp          C:\Windows\system32\drivers\viaagp.sys
19:59:38.0050 0x1490  viaagp - ok
19:59:38.0177 0x1490  [ 56A4DE5F02F2E88182B0981119B4DD98, 36FC94BCFD41907838DBCB02E6EA24065FDED4224239CD19E90D14433BE9108B ] ViaC7           C:\Windows\system32\drivers\viac7.sys
19:59:38.0363 0x1490  ViaC7 - ok
19:59:38.0396 0x1490  [ F3B4762EB85A2AFF4999401F14C3262B, 462B3A61AE82307292C8C75041514789AD2D1E3CF31A8A35E39A19989FD394C3 ] viaide          C:\Windows\system32\drivers\viaide.sys
19:59:38.0410 0x1490  viaide - ok
19:59:38.0438 0x1490  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:59:38.0454 0x1490  volmgr - ok
19:59:38.0491 0x1490  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:59:38.0516 0x1490  volmgrx - ok
19:59:38.0564 0x1490  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:59:38.0586 0x1490  volsnap - ok
19:59:38.0614 0x1490  [ D984439746D42B30FC65A4C3546C6829, B134A9890638C2B4964A9C30812A2828A3E0CC641690CBF22D9FCE65EE3C2385 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
19:59:38.0647 0x1490  vsmraid - ok
19:59:38.0844 0x1490  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
19:59:38.0923 0x1490  VSS - ok
19:59:38.0964 0x1490  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
19:59:39.0031 0x1490  W32Time - ok
19:59:39.0094 0x1490  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
19:59:39.0154 0x1490  WacomPen - ok
19:59:39.0195 0x1490  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
19:59:39.0218 0x1490  Wanarp - ok
19:59:39.0262 0x1490  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:59:39.0285 0x1490  Wanarpv6 - ok
19:59:39.0349 0x1490  [ 20B23332885DFB93FE0185362EE811E9, 67B8026E8285FEB6E3939DEEE4E0F2FD0FA0917E0ED0F1FAE56B7841AF74C8F8 ] wbengine        C:\Windows\system32\wbengine.exe
19:59:39.0439 0x1490  wbengine - ok
19:59:39.0483 0x1490  [ 59E19BD13C3BDB857646B9E436BA27F7, CC84C607E15F5F29D93510387D5486BAF320BDAF79026A0BECE0D242F7B1DF3E ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
19:59:39.0515 0x1490  WcesComm - ok
19:59:39.0570 0x1490  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:59:39.0625 0x1490  wcncsvc - ok
19:59:39.0651 0x1490  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:59:39.0683 0x1490  WcsPlugInService - ok
19:59:39.0746 0x1490  [ AFC5AD65B991C1E205CF25CFDBF7A6F4, 544173AE85A11B99B9221DB30B6803DAEB3EB7FCA57FE62F0D13EF70B9C69A89 ] Wd              C:\Windows\system32\drivers\wd.sys
19:59:39.0768 0x1490  Wd - ok
19:59:39.0819 0x1490  [ D6EFAF429FD30C5DF613D220E344CCE7, 807D4563E8AD4073688691078EB13AF240E14BA5E0C8506A48B3060A20B90082 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam.sys
19:59:39.0849 0x1490  WDC_SAM - ok
19:59:40.0025 0x1490  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:59:40.0057 0x1490  Wdf01000 - ok
19:59:40.0104 0x1490  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:59:40.0157 0x1490  WdiServiceHost - ok
19:59:40.0163 0x1490  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:59:40.0194 0x1490  WdiSystemHost - ok
19:59:40.0237 0x1490  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient       C:\Windows\System32\webclnt.dll
19:59:40.0260 0x1490  WebClient - ok
19:59:40.0381 0x1490  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:59:40.0432 0x1490  Wecsvc - ok
19:59:40.0465 0x1490  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:59:40.0510 0x1490  wercplsupport - ok
19:59:40.0541 0x1490  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:59:40.0568 0x1490  WerSvc - ok
19:59:40.0721 0x1490  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
19:59:40.0744 0x1490  WinDefend - ok
19:59:40.0754 0x1490  WinHttpAutoProxySvc - ok
19:59:41.0159 0x1490  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:59:41.0184 0x1490  Winmgmt - ok
19:59:41.0265 0x1490  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
19:59:41.0326 0x1490  WinRM - ok
19:59:41.0553 0x1490  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
19:59:41.0635 0x1490  Wlansvc - ok
19:59:41.0675 0x1490  [ 17EAC0D023A65FA9B02114CC2BAACAD5, CD5856326959DA58B18E2AFD235552E25A410AC6F23F437E7708350833AD8657 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
19:59:41.0713 0x1490  WmiAcpi - ok
19:59:41.0750 0x1490  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:59:41.0774 0x1490  wmiApSrv - ok
19:59:42.0202 0x1490  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
19:59:42.0273 0x1490  WMPNetworkSvc - ok
19:59:42.0323 0x1490  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:59:42.0368 0x1490  WPDBusEnum - ok
19:59:42.0409 0x1490  [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
19:59:42.0424 0x1490  WpdUsb - ok
19:59:43.0289 0x1490  [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:59:43.0381 0x1490  WPFFontCache_v0400 - ok
19:59:43.0456 0x1490  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:59:43.0514 0x1490  ws2ifsl - ok
19:59:43.0559 0x1490  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\system32\wscsvc.dll
19:59:43.0578 0x1490  wscsvc - ok
19:59:43.0583 0x1490  WSearch - ok
19:59:44.0056 0x1490  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
19:59:44.0313 0x1490  wuauserv - ok
19:59:44.0391 0x1490  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:59:44.0455 0x1490  WudfPf - ok
19:59:44.0488 0x1490  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
19:59:44.0546 0x1490  WUDFRd - ok
19:59:44.0573 0x1490  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:59:44.0615 0x1490  wudfsvc - ok
19:59:44.0638 0x1490  ================ Scan global ===============================
19:59:44.0659 0x1490  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
19:59:44.0813 0x1490  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
19:59:44.0848 0x1490  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
19:59:45.0007 0x1490  [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
19:59:45.0015 0x1490  [ Global ] - ok
19:59:45.0015 0x1490  ================ Scan MBR ==================================
19:59:45.0042 0x1490  [ 973E9BA32FDBB305C552ED3E1EBF0686 ] \Device\Harddisk0\DR0
19:59:46.0323 0x1490  \Device\Harddisk0\DR0 - ok
19:59:46.0324 0x1490  ================ Scan VBR ==================================
19:59:46.0353 0x1490  [ E180F05576279A263135E621A52A0F23 ] \Device\Harddisk0\DR0\Partition1
19:59:46.0382 0x1490  \Device\Harddisk0\DR0\Partition1 - ok
19:59:46.0405 0x1490  [ F1A100C470DA097EA27C256C7608B2A4 ] \Device\Harddisk0\DR0\Partition2
19:59:46.0450 0x1490  \Device\Harddisk0\DR0\Partition2 - ok
19:59:46.0450 0x1490  ================ Scan active images ========================
19:59:46.0453 0x1490  [ 36975327EF03949CC378AB01E316B574, C64CEF47DE41486F4532B9A38EBB05F2043B1A84762B8A4749BB01573B7F8FB5 ] C:\Windows\System32\drivers\crashdmp.sys
19:59:46.0453 0x1490  C:\Windows\System32\drivers\crashdmp.sys - ok
19:59:46.0459 0x1490  [ BDC361489A7F22E568060FA6FB3C960E, 65F55A724CA71A8BBDA4DE04A68FC7C540F0CC978F86FFFE91C223F0C49DA1A1 ] C:\Windows\System32\drivers\iaStor.sys
19:59:46.0459 0x1490  C:\Windows\System32\drivers\iaStor.sys - ok
19:59:46.0464 0x1490  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] C:\Windows\System32\drivers\tunnel.sys
19:59:46.0464 0x1490  C:\Windows\System32\drivers\tunnel.sys - ok
19:59:46.0471 0x1490  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] C:\Windows\System32\drivers\TUNMP.SYS
19:59:46.0471 0x1490  C:\Windows\System32\drivers\TUNMP.SYS - ok
19:59:46.0476 0x1490  [ 32D68D05B871EED5572D0C2C764EA4EC, 45695582E3C84E3D684EA8A01492A6A0201D737545D0BBCEFCBE93DB790628EB ] C:\Windows\System32\drivers\atikmpag.sys
19:59:46.0476 0x1490  C:\Windows\System32\drivers\atikmpag.sys - ok
19:59:46.0482 0x1490  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] C:\Windows\System32\drivers\intelppm.sys
19:59:46.0482 0x1490  C:\Windows\System32\drivers\intelppm.sys - ok
19:59:46.0488 0x1490  [ AB70F110143892EB41AA46500AA5CF00, D6A9C4231713EE4029ED301129B1AEB14E47228603F8BB2B40FAE245B6F2AE36 ] C:\Windows\System32\drivers\atikmdag.sys
19:59:46.0488 0x1490  C:\Windows\System32\drivers\atikmdag.sys - ok
19:59:46.0494 0x1490  [ 988670D8343EF9835FB3659DB71B2EFA, 5F5370FDD08C4BFF0828341952E98E95F722CB779EEC08C9DD6212C4DF3CD33B ] C:\Windows\System32\drivers\dxgkrnl.sys
19:59:46.0494 0x1490  C:\Windows\System32\drivers\dxgkrnl.sys - ok
19:59:46.0499 0x1490  [ 4A5C31E2C1646034E6A60EBA4C747FF6, CC5473E0B07014AAD4FCC2EE01C9E607FE43422A5A5851B2AD38E37C0AB7CDCF ] C:\Windows\System32\drivers\watchdog.sys
19:59:46.0499 0x1490  C:\Windows\System32\drivers\watchdog.sys - ok
19:59:46.0505 0x1490  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] C:\Windows\System32\drivers\hdaudbus.sys
19:59:46.0505 0x1490  C:\Windows\System32\drivers\hdaudbus.sys - ok
19:59:46.0511 0x1490  [ C7EA0E3E37FF1CD2BB65636448322572, E7DAC5E500BA093776B8CC378D5E65D737EA96CB51F85A1394D11E9D978A8B6D ] C:\Windows\System32\drivers\b57nd60x.sys
19:59:46.0511 0x1490  C:\Windows\System32\drivers\b57nd60x.sys - ok
19:59:46.0517 0x1490  [ B09C74A41F26B08149707EA5E7F956C2, E6ECA1E437E5390A3A43DAA5E1B5C384D70C114707CA34018DB1A6AE37219E9B ] C:\Windows\System32\drivers\usbport.sys
19:59:46.0517 0x1490  C:\Windows\System32\drivers\usbport.sys - ok
19:59:46.0523 0x1490  [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] C:\Windows\System32\drivers\usbuhci.sys
19:59:46.0523 0x1490  C:\Windows\System32\drivers\usbuhci.sys - ok
19:59:46.0529 0x1490  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] C:\Windows\System32\drivers\usbehci.sys
19:59:46.0529 0x1490  C:\Windows\System32\drivers\usbehci.sys - ok
19:59:46.0535 0x1490  [ 8A79FDF04A73428597E2CAF9D0D67850, DB438FDE5510AB2F350ED1AC4CF0E99D3CC665FE46533A438A8FDA4DAF950F93 ] C:\Windows\System32\drivers\parport.sys
19:59:46.0535 0x1490  C:\Windows\System32\drivers\parport.sys - ok
19:59:46.0541 0x1490  [ CE9EC966638EF0B10B864DDEDF62A099, 2DEC5A8C947D87C12B342F15B8A552A0D49B979A2AC32D2C97FC7A3A76C34524 ] C:\Windows\System32\drivers\serenum.sys
19:59:46.0541 0x1490  C:\Windows\System32\drivers\serenum.sys - ok
19:59:46.0546 0x1490  [ 6D663022DB3E7058907784AE14B69898, 54263888C64A7F010D3B5E399369B0F3FF3AF0A0DE8ADB502B98277533E4D45F ] C:\Windows\System32\drivers\serial.sys
19:59:46.0546 0x1490  C:\Windows\System32\drivers\serial.sys - ok
19:59:46.0552 0x1490  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] C:\Windows\System32\drivers\cdrom.sys
19:59:46.0552 0x1490  C:\Windows\System32\drivers\cdrom.sys - ok
19:59:46.0558 0x1490  [ 4AC51459805264AFFD5F6FDFB9D9235F, E97CB835B85F74FC0814D5E27739E0AABC888EAC3921FDD2AD0473F83BCFF5D9 ] C:\Windows\System32\drivers\GEARAspiWDM.sys
19:59:46.0558 0x1490  C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
19:59:46.0564 0x1490  [ EF70B3D22B4BFFDA6EA851ECB063EFAA, 1666572F8F988805C3A2E949FA6B060B35B72DBB115B86F4CFC710FB6A86C3E3 ] C:\Windows\System32\drivers\serscan.sys
19:59:46.0564 0x1490  C:\Windows\System32\drivers\serscan.sys - ok
19:59:46.0570 0x1490  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] C:\Windows\System32\drivers\msiscsi.sys
19:59:46.0570 0x1490  C:\Windows\System32\drivers\msiscsi.sys - ok
19:59:46.0575 0x1490  [ 47E55AFE1ED1D5AFF09690DB226F4A7A, 6D9EF6C4A70BD9C5DD98F70516257C377D97C30AFD4ABA7E1C721D84672C9084 ] C:\Windows\System32\drivers\Storport.sys
19:59:46.0575 0x1490  C:\Windows\System32\drivers\Storport.sys - ok
19:59:46.0581 0x1490  [ 77937EFF009AC696B90E09F671F9D0A4, EF51316C44529E17B2C09EA06D55B4EF7BCC8B6EB8FEC02DE64005F99AA32C95 ] C:\Windows\System32\drivers\tdi.sys
19:59:46.0581 0x1490  C:\Windows\System32\drivers\tdi.sys - ok
19:59:46.0587 0x1490  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] C:\Windows\System32\drivers\rasl2tp.sys
19:59:46.0588 0x1490  C:\Windows\System32\drivers\rasl2tp.sys - ok
19:59:46.0593 0x1490  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] C:\Windows\System32\drivers\ndistapi.sys
19:59:46.0593 0x1490  C:\Windows\System32\drivers\ndistapi.sys - ok
19:59:46.0599 0x1490  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] C:\Windows\System32\drivers\ndiswan.sys
19:59:46.0599 0x1490  C:\Windows\System32\drivers\ndiswan.sys - ok
19:59:46.0605 0x1490  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] C:\Windows\System32\drivers\raspppoe.sys
19:59:46.0605 0x1490  C:\Windows\System32\drivers\raspppoe.sys - ok
19:59:46.0610 0x1490  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] C:\Windows\System32\drivers\raspptp.sys
19:59:46.0611 0x1490  C:\Windows\System32\drivers\raspptp.sys - ok
19:59:46.0616 0x1490  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] C:\Windows\System32\drivers\rassstp.sys
19:59:46.0616 0x1490  C:\Windows\System32\drivers\rassstp.sys - ok
19:59:46.0622 0x1490  [ 943B18305EAE3935598A9B4A3D560B4C, E083FA4B9CA1A24031FF23A54942372D7FB3F02F62EE3580F01BEC3229DB2101 ] C:\Windows\System32\drivers\rdpdr.sys
19:59:46.0622 0x1490  C:\Windows\System32\drivers\rdpdr.sys - ok
19:59:46.0628 0x1490  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] C:\Windows\System32\drivers\termdd.sys
19:59:46.0628 0x1490  C:\Windows\System32\drivers\termdd.sys - ok
19:59:46.0635 0x1490  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] C:\Windows\System32\drivers\kbdclass.sys
19:59:46.0635 0x1490  C:\Windows\System32\drivers\kbdclass.sys - ok
19:59:46.0640 0x1490  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] C:\Windows\System32\drivers\mouclass.sys
19:59:46.0640 0x1490  C:\Windows\System32\drivers\mouclass.sys - ok
19:59:46.0646 0x1490  [ EF73C1E29FBE7B0FD0274BF4394E346A, F0C0524E6FE2E0EB9230995230868A4FFAA510129B7464BD7DB8AE9C8EAE4CF5 ] C:\Windows\System32\drivers\ks.sys
19:59:46.0646 0x1490  C:\Windows\System32\drivers\ks.sys - ok
19:59:46.0652 0x1490  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] C:\Windows\System32\drivers\swenum.sys
19:59:46.0652 0x1490  C:\Windows\System32\drivers\swenum.sys - ok
19:59:46.0655 0x1490  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] C:\Windows\System32\drivers\mssmbios.sys
19:59:46.0656 0x1490  C:\Windows\System32\drivers\mssmbios.sys - ok
19:59:46.0661 0x1490  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] C:\Windows\System32\drivers\umbus.sys
19:59:46.0661 0x1490  C:\Windows\System32\drivers\umbus.sys - ok
19:59:46.0667 0x1490  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] C:\Windows\System32\drivers\usbhub.sys
19:59:46.0667 0x1490  C:\Windows\System32\drivers\usbhub.sys - ok
19:59:46.0673 0x1490  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] C:\Windows\System32\drivers\ndproxy.sys
19:59:46.0673 0x1490  C:\Windows\System32\drivers\ndproxy.sys - ok
19:59:46.0679 0x1490  [ F71B6EE018EADF4CFD52F3C83847E5F6, B352ABF13B1593E6D4CE61548DA298BF588765630759E9726553F2D29CC8158F ] C:\Windows\System32\drivers\AtihdLH3.sys
19:59:46.0679 0x1490  C:\Windows\System32\drivers\AtihdLH3.sys - ok
19:59:46.0685 0x1490  [ 2A63675F6FA8EF0FF9F5C72695584CAA, 35828A7FF9242EF161639E3B9E6D98EFCFE82D683F7E219FCAEF9F6D9C89007B ] C:\Windows\System32\drivers\drmk.sys
19:59:46.0685 0x1490  C:\Windows\System32\drivers\drmk.sys - ok
19:59:46.0690 0x1490  [ 6DBA75306DD9B242B6F1C343179AD201, DC20492A07685588E6FE9F7B7AE01CA23EC9315CEA198F3BC58EE1CB6D0A1FD4 ] C:\Windows\System32\drivers\portcls.sys
19:59:46.0690 0x1490  C:\Windows\System32\drivers\portcls.sys - ok
19:59:46.0696 0x1490  [ 3DB3FB83217627D9A0CB8BAE6CC5B491, 20150F8D65EB8220ED98C5F984E42A74CDCC813DC0CD303F3E244FEA78BE38CB ] C:\Windows\System32\drivers\ADIHdAud.sys
19:59:46.0696 0x1490  C:\Windows\System32\drivers\ADIHdAud.sys - ok
19:59:46.0702 0x1490  [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] C:\Windows\System32\drivers\usbccgp.sys
19:59:46.0702 0x1490  C:\Windows\System32\drivers\usbccgp.sys - ok
19:59:46.0708 0x1490  [ FE619ED13CE12F5B43C04E3EA061BBD6, DDED6F0C5987CCF81AC1FA8C670D84153C8F7A3492C4139B273DA7F8C98BE55A ] C:\Windows\System32\drivers\usbd.sys
19:59:46.0708 0x1490  C:\Windows\System32\drivers\usbd.sys - ok
19:59:46.0713 0x1490  [ 5961CADB7CAD938368D2028725EF771D, F688F8FF3B2F104295B779749977779BAAF79392965A92B33074B6088168DB46 ] C:\Windows\System32\drivers\hidclass.sys
19:59:46.0714 0x1490  C:\Windows\System32\drivers\hidclass.sys - ok
19:59:46.0720 0x1490  [ BE4AD4045D7A6C6AF4ECCBD5F6B7F8D8, 980EB88D5B52AA1E9BE7FC7B92BFF02578DD643928A1B14488F0729F0B762EEE ] C:\Windows\System32\drivers\hidparse.sys
19:59:46.0720 0x1490  C:\Windows\System32\drivers\hidparse.sys - ok
19:59:46.0725 0x1490  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] C:\Windows\System32\drivers\hidusb.sys
19:59:46.0725 0x1490  C:\Windows\System32\drivers\hidusb.sys - ok
19:59:46.0731 0x1490  [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] C:\Windows\System32\drivers\kbdhid.sys
19:59:46.0731 0x1490  C:\Windows\System32\drivers\kbdhid.sys - ok
19:59:46.0737 0x1490  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] C:\Windows\System32\drivers\mouhid.sys
19:59:46.0737 0x1490  C:\Windows\System32\drivers\mouhid.sys - ok
19:59:46.0743 0x1490  [ 5A54D765D6092B23D47AD9DBF7F6D7E4, 39CE0A58F4A238688C4E420BB4A6E64B151EBB97B45D96CD87834883FBB47D5B ] C:\Windows\System32\drivers\netr70.sys
19:59:46.0743 0x1490  C:\Windows\System32\drivers\netr70.sys - ok
19:59:46.0749 0x1490  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] C:\Windows\System32\drivers\fs_rec.sys
19:59:46.0749 0x1490  C:\Windows\System32\drivers\fs_rec.sys - ok
19:59:46.0755 0x1490  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] C:\Windows\System32\drivers\beep.sys
19:59:46.0755 0x1490  C:\Windows\System32\drivers\beep.sys - ok
19:59:46.0760 0x1490  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] C:\Windows\System32\drivers\null.sys
19:59:46.0760 0x1490  C:\Windows\System32\drivers\null.sys - ok
19:59:46.0766 0x1490  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] C:\Windows\System32\drivers\vga.sys
19:59:46.0766 0x1490  C:\Windows\System32\drivers\vga.sys - ok
19:59:46.0772 0x1490  [ C048D2C33D27441A0CDCAAE2651EB03D, CD7F755400EF36C9EC689480AC425B8A8395F649B2843DE762997524C9B381DF ] C:\Windows\System32\drivers\videoprt.sys
19:59:46.0772 0x1490  C:\Windows\System32\drivers\videoprt.sys - ok
19:59:46.0779 0x1490  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] C:\Windows\System32\drivers\RDPCDD.sys
19:59:46.0779 0x1490  C:\Windows\System32\drivers\RDPCDD.sys - ok
19:59:46.0785 0x1490  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] C:\Windows\System32\drivers\RDPENCDD.sys
19:59:46.0785 0x1490  C:\Windows\System32\drivers\RDPENCDD.sys - ok
19:59:46.0792 0x1490  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] C:\Windows\System32\drivers\msfs.sys
19:59:46.0792 0x1490  C:\Windows\System32\drivers\msfs.sys - ok
19:59:46.0798 0x1490  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] C:\Windows\System32\drivers\npfs.sys
19:59:46.0798 0x1490  C:\Windows\System32\drivers\npfs.sys - ok
19:59:46.0805 0x1490  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] C:\Windows\System32\drivers\rasacd.sys
19:59:46.0805 0x1490  C:\Windows\System32\drivers\rasacd.sys - ok
19:59:46.0811 0x1490  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] C:\Windows\System32\drivers\tdx.sys
19:59:46.0811 0x1490  C:\Windows\System32\drivers\tdx.sys - ok
19:59:46.0819 0x1490  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] C:\Windows\System32\drivers\smb.sys
19:59:46.0819 0x1490  C:\Windows\System32\drivers\smb.sys - ok
19:59:46.0824 0x1490  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] C:\Windows\System32\drivers\netbt.sys
19:59:46.0824 0x1490  C:\Windows\System32\drivers\netbt.sys - ok
19:59:46.0831 0x1490  [ 3911B972B55FEA0478476B2E777B29FA, 62545B90C7DD3F73777E62CD8264E611A4D71B6956CABFD2D820D25F41F471FD ] C:\Windows\System32\drivers\afd.sys
19:59:46.0831 0x1490  C:\Windows\System32\drivers\afd.sys - ok
19:59:46.0837 0x1490  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] C:\Windows\System32\drivers\ws2ifsl.sys
19:59:46.0837 0x1490  C:\Windows\System32\drivers\ws2ifsl.sys - ok
19:59:46.0844 0x1490  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] C:\Windows\System32\drivers\pacer.sys
19:59:46.0844 0x1490  C:\Windows\System32\drivers\pacer.sys - ok
19:59:46.0852 0x1490  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] C:\Windows\System32\drivers\netbios.sys
19:59:46.0852 0x1490  C:\Windows\System32\drivers\netbios.sys - ok
19:59:46.0857 0x1490  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] C:\Windows\System32\drivers\wanarp.sys
19:59:46.0857 0x1490  C:\Windows\System32\drivers\wanarp.sys - ok
19:59:46.0863 0x1490  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] C:\Windows\System32\drivers\nsiproxy.sys
19:59:46.0863 0x1490  C:\Windows\System32\drivers\nsiproxy.sys - ok
19:59:46.0870 0x1490  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] C:\Windows\System32\drivers\rdbss.sys
19:59:46.0870 0x1490  C:\Windows\System32\drivers\rdbss.sys - ok
19:59:46.0877 0x1490  [ 9BDB2E89BE8D0EF37B1F25C3D3FC192C, 95E3AA76DAF3F9EDE1AAE9B85C779F2716097266F492E0A8D361C6ED9A9AC8CC ] C:\Windows\System32\drivers\csc.sys
19:59:46.0877 0x1490  C:\Windows\System32\drivers\csc.sys - ok
19:59:46.0883 0x1490  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] C:\Windows\System32\drivers\dfsc.sys
19:59:46.0883 0x1490  C:\Windows\System32\drivers\dfsc.sys - ok
19:59:46.0890 0x1490  [ B9FDFF876B0E7B4FECBAA5708C6ED616, 588B9677758DB19186ABE59D256D7E7CF224CA1923A60E37BFBDD03E8DAB9DB7 ] C:\Windows\System32\ntdll.dll
19:59:46.0890 0x1490  C:\Windows\System32\ntdll.dll - ok
19:59:46.0896 0x1490  [ BE7480C91E89EB82FC080F772C220AE4, 31A63BAA21B73B7395A2271A219E0A9B100E9CDEB275FF906F5C05B0A433BAB5 ] C:\Windows\System32\smss.exe
19:59:46.0896 0x1490  C:\Windows\System32\smss.exe - ok
19:59:46.0902 0x1490  [ 10761177A6EBE45843F443E99509F5E7, BB51065931E61EDBC920924D96B502D46E2967FFAFCE589171FC0D3AD43463CB ] C:\Windows\System32\autochk.exe
19:59:46.0902 0x1490  C:\Windows\System32\autochk.exe - ok
19:59:46.0906 0x1490  [ 50CAA7072C171B9887215C83D52069E4, AA1961787F24A6AFF9DD5D0A6110686EA654595D2EB941F5DA702498A662880D ] C:\Windows\System32\advapi32.dll
19:59:46.0906 0x1490  C:\Windows\System32\advapi32.dll - ok
19:59:46.0912 0x1490  [ C8BDCECEE082B54F0BAC838BF0A34597, 8C451FA2BA8E38D83E50EBF1D9F56FCBCBC7E2C6898C15254FE9F337F279E0C1 ] C:\Windows\System32\imm32.dll
19:59:46.0912 0x1490  C:\Windows\System32\imm32.dll - ok
19:59:46.0919 0x1490  [ DC3105CC925A0D47F61B54E66AB730FC, 61098664C238830DCEDF6C0E1AA4B3822D7E777B1A09408C4221099820D3FAD4 ] C:\Windows\System32\kernel32.dll
19:59:46.0919 0x1490  C:\Windows\System32\kernel32.dll - ok
19:59:46.0925 0x1490  [ B304D47D5744BA20FCB99FB8B2C07B0B, 16AAD9264CAB5B5489E2CF8F118132EA46FE9066B4C4320C0259BE88EBD111C8 ] C:\Windows\System32\ws2_32.dll
19:59:46.0925 0x1490  C:\Windows\System32\ws2_32.dll - ok
19:59:46.0931 0x1490  [ 9586E7CB2255A8B097A7E4538202585E, 7A65B6268940279D77CE08D695306150A8F8DD9A6878D2A322799AC576960C6B ] C:\Windows\System32\ole32.dll
19:59:46.0931 0x1490  C:\Windows\System32\ole32.dll - ok
19:59:46.0938 0x1490  [ 80FFF14F1757B9AF8BE9D314FC1AE88B, 6DD6461D566920E92ED5D19D8A3450DC7EFC1D34F4ED474330D27F2713292C5F ] C:\Windows\System32\usp10.dll
19:59:46.0938 0x1490  C:\Windows\System32\usp10.dll - ok
19:59:46.0944 0x1490  [ EB0E02749CE5C488741C9A0ABEAB5DEC, 558C6304AFD4DA12F8976F699E39D6C1749F28A2AD4308B1C9E6D56288405FBD ] C:\Windows\System32\lpk.dll
19:59:46.0944 0x1490  C:\Windows\System32\lpk.dll - ok
19:59:46.0952 0x1490  [ 551F51B66E5EA87A38D8197EB3BDB57A, 2006D0418848EAA2361C26D18246D0BAA646B6F25F2C0035BDC82967E9BD73F1 ] C:\Windows\System32\setupapi.dll
19:59:46.0952 0x1490  C:\Windows\System32\setupapi.dll - ok
19:59:46.0957 0x1490  [ 872363237F24BCB03D73E2A3B4FBF38D, E5A64299C4D4F501E0A55FC8FE6823949C98327BCB68507A7AF9EECC893A2378 ] C:\Windows\System32\gdi32.dll
19:59:46.0957 0x1490  C:\Windows\System32\gdi32.dll - ok
19:59:46.0963 0x1490  [ 4AA2A0E26CEF1A803741253DCF9A1503, 8718BF6DC8678BDC5AF627F82D14E2D857D94A760529FF00F1D7B066F46CA832 ] C:\Windows\System32\comdlg32.dll
19:59:46.0963 0x1490  C:\Windows\System32\comdlg32.dll - ok
19:59:46.0970 0x1490  [ E3C3BD69701CE6B7B17101E4F7740534, 9D6A308A961A1942D7BF8ABEABE6CA87EB13F7710D40F2F767CE4545C18864C6 ] C:\Windows\System32\msctf.dll
19:59:46.0970 0x1490  C:\Windows\System32\msctf.dll - ok
19:59:46.0976 0x1490  [ 75510147B94598407666F4802797C75A, D9F989669EB0AAF384AA5462DD632999BF9C5A6BDB75C4F8857A6E9BDBE82B64 ] C:\Windows\System32\user32.dll
19:59:46.0976 0x1490  C:\Windows\System32\user32.dll - ok
19:59:46.0982 0x1490  [ 5AAFA41F2A09D68F43741EF13937650A, B0A668139508E6A9FC75FD529D1E091F0C8521436F38943A58A8379B1FFC7D84 ] C:\Windows\System32\urlmon.dll
19:59:46.0982 0x1490  C:\Windows\System32\urlmon.dll - ok
19:59:46.0989 0x1490  [ 420B075CD71AB9E58D15DD258958FBA3, EDD96EDD4D3F1C05E34C769F9C4A1D966DA9B51A3B01CF25E9C5E30281E01AE2 ] C:\Windows\System32\shlwapi.dll
19:59:46.0989 0x1490  C:\Windows\System32\shlwapi.dll - ok
19:59:46.0995 0x1490  [ C394079EB162E812D682C73FA96AF6E4, 639F482DBC82E1E8E7254A5F6FF0F60661EA4BE44D86CA13238913DABFA522F8 ] C:\Windows\System32\clbcatq.dll
19:59:46.0995 0x1490  C:\Windows\System32\clbcatq.dll - ok
19:59:47.0002 0x1490  [ 09EA40F4DAD2EDB3587E5E0BAA9C3E15, 45EDA279BD838BD65702762E4EFEDA8F4178F9478E21678B8C75D1AA4015906E ] C:\Windows\System32\imagehlp.dll
19:59:47.0002 0x1490  C:\Windows\System32\imagehlp.dll - ok
19:59:47.0008 0x1490  [ 4CC9DF09C3D915BA0A101A11DB684F26, C7D9525E8AFE0A484FB44EDADFBB3412D3C2BADC0F7237C87876FCB6B343A3C9 ] C:\Windows\System32\wininet.dll
19:59:47.0008 0x1490  C:\Windows\System32\wininet.dll - ok
19:59:47.0014 0x1490  [ AAF101900A23D75AE1AE00840FA6F3B8, E4E69C8B8B8AAA6833E3F60A1215A23E828FFF6E78ED14D5D616542B16DD97CA ] C:\Windows\System32\shell32.dll
19:59:47.0014 0x1490  C:\Windows\System32\shell32.dll - ok
19:59:47.0021 0x1490  [ B218342214D9BBA0F54EA12BA2E9278C, 0B68D881F3B60068C250A97492B81DB8463FFB4FDADC26CD14E2255472A6A2A0 ] C:\Windows\System32\oleaut32.dll
19:59:47.0021 0x1490  C:\Windows\System32\oleaut32.dll - ok
19:59:47.0026 0x1490  [ 17AF64D727545F2804F6E6D998327E3F, CAD50C5321BF522CA6CA74662D032A98705ADD04A8BE38576B8EF0B8CE6DBA8A ] C:\Windows\System32\msvcrt.dll
19:59:47.0026 0x1490  C:\Windows\System32\msvcrt.dll - ok
19:59:47.0032 0x1490  [ A64AEBC6C78B4CFD7F41A7277879DF8F, 2283E1D5D5ACF66B6C71A7755577F0A03DB5FC213E5D7DB067C9B7B6E805C202 ] C:\Windows\System32\nsi.dll
19:59:47.0032 0x1490  C:\Windows\System32\nsi.dll - ok
19:59:47.0038 0x1490  [ B8A609FB5EFB4E44FC1355B1C01C64BC, BB84036F8F16C6E2069FD8B18078A7E6CC98B513285FB1A8DC727B395C9E3A12 ] C:\Windows\System32\Wldap32.dll
19:59:47.0038 0x1490  C:\Windows\System32\Wldap32.dll - ok
19:59:47.0043 0x1490  [ B787EE3F327ABAC1EC47313B3A673598, AFFFACE1634C7E18E419A19A5892CB6AFE17E5A4D86FEBC492A7388BABFB1E05 ] C:\Windows\System32\iertutil.dll
19:59:47.0044 0x1490  C:\Windows\System32\iertutil.dll - ok
19:59:47.0049 0x1490  [ 6F29236AB5926100972924BD29D9D225, E8B517FC36F25C4AE07021473B0BCDCDDD4B6E3FE004E6B0AD449C030267674C ] C:\Windows\System32\normaliz.dll
19:59:47.0049 0x1490  C:\Windows\System32\normaliz.dll - ok
19:59:47.0055 0x1490  [ E389C328AC7FE5673593ECAD269E7A54, 4EACF7F293D736941BC9F1FA5E70C11EF55CCF74664ECDEF56DA53BA043C0C38 ] C:\Windows\System32\rpcrt4.dll
19:59:47.0055 0x1490  C:\Windows\System32\rpcrt4.dll - ok
19:59:47.0061 0x1490  [ 58035212AB7869A5FC3AF186ACBA8F09, BCBEE41B2E65560A71D9D9199C0F8D7657085EEE4F73CD2F04D0474823ED4200 ] C:\Windows\System32\comctl32.dll
19:59:47.0061 0x1490  C:\Windows\System32\comctl32.dll - ok
19:59:47.0066 0x1490  [ 93A1732F7F997E36A5C3893539E2FF02, 40B6F7A67F90E5D9948385418BD22BBD29DE86A151B35D1001081A61CA5FC612 ] C:\Windows\System32\psapi.dll
19:59:47.0066 0x1490  C:\Windows\System32\psapi.dll - ok
19:59:47.0072 0x1490  [ EAAAFEF04FBB45665C9576E525D45A12, 3472378C4E150B158B1C4E16760E278B0564BA10563D2CB181EFD17091056D87 ] C:\Windows\System32\drivers\dxapi.sys
19:59:47.0072 0x1490  C:\Windows\System32\drivers\dxapi.sys - ok
19:59:47.0077 0x1490  [ 69A702C66FA35445DCF7DBF9EF32812C, 10663E73BBA8E332AA8718F8FCA696F98725EA2DE51D5F8ACE469BFBE5CE38A5 ] C:\Windows\System32\win32k.sys
19:59:47.0078 0x1490  C:\Windows\System32\win32k.sys - ok
19:59:47.0083 0x1490  [ 33F84B64D4765BCDFA0AB8464122DA14, 89FBC019E656B36A3B87F3F546C45A8DD033799606B05532FAC3E695DFD9701A ] C:\Windows\System32\csrsrv.dll
19:59:47.0083 0x1490  C:\Windows\System32\csrsrv.dll - ok
19:59:47.0089 0x1490  [ ABCA209EBA02CB59233614DB83B4F50D, CF48E43B33B14234F5004F9F3BF0D973B17A501108F39FB42CF9548FD2124960 ] C:\Windows\System32\csrss.exe
19:59:47.0089 0x1490  C:\Windows\System32\csrss.exe - ok
19:59:47.0094 0x1490  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\System32\basesrv.dll
19:59:47.0094 0x1490  C:\Windows\System32\basesrv.dll - ok
19:59:47.0099 0x1490  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\System32\winsrv.dll
19:59:47.0099 0x1490  C:\Windows\System32\winsrv.dll - ok
19:59:47.0105 0x1490  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] C:\Windows\System32\drivers\monitor.sys
19:59:47.0106 0x1490  C:\Windows\System32\drivers\monitor.sys - ok
19:59:47.0111 0x1490  [ CC21507D246861671A0BF97E75CE1B00, C36089B27D80F4FFD208A807310413DE3DCC7850F14D1B56F97670CC10F5566D ] C:\Windows\System32\tsddd.dll
19:59:47.0111 0x1490  C:\Windows\System32\tsddd.dll - ok
19:59:47.0116 0x1490  [ D602FEDBD9155FC2DED6863FB60C950F, 5EADF6A70F3BB8CCF758AD645C96AF4034D7E8EEFE44C5008499809C510691EE ] C:\Windows\System32\secur32.dll
19:59:47.0116 0x1490  C:\Windows\System32\secur32.dll - ok
19:59:47.0122 0x1490  [ 665417528489096BBCB8AEA46D3DA924, BB0D895B481EFA6ED024C979238F5F482DF0A53912575A47EB4E9C643919112A ] C:\Windows\System32\userenv.dll
19:59:47.0122 0x1490  C:\Windows\System32\userenv.dll - ok
19:59:47.0128 0x1490  [ 101BA3EA053480BB5D957EF37C06B5ED, 9A02771DA9C226552A1766C2DD0295ECA8B5B80AAE13076FFCE6A806FA5C21B8 ] C:\Windows\System32\wininit.exe
19:59:47.0128 0x1490  C:\Windows\System32\wininit.exe - ok
19:59:47.0133 0x1490  [ 12C8D6C564702B0776512932290A3F6B, D7AC82B7307694B6FDB3AC08C83C415005DFA26FD92D3AA3043B3600984792DA ] C:\Windows\System32\KBDUS.DLL
19:59:47.0133 0x1490  C:\Windows\System32\KBDUS.DLL - ok
19:59:47.0140 0x1490  [ 1107BD574A84367735FEC38B9BD64E6B, 682D5372B533817C810F1DCB1C7AE42C44A786ED114601E56DF85FE1C41D5989 ] C:\Windows\System32\apphelp.dll
19:59:47.0140 0x1490  C:\Windows\System32\apphelp.dll - ok
19:59:47.0145 0x1490  [ 92283D9E33EC5F41ECC0B430B7459241, 9BE390D924438950025842667924819E6EB1E821893C9EFE5E06AB30CBD037BF ] C:\Windows\System32\WlS0WndH.dll
19:59:47.0145 0x1490  C:\Windows\System32\WlS0WndH.dll - ok
19:59:47.0152 0x1490  [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\System32\services.exe
19:59:47.0152 0x1490  C:\Windows\System32\services.exe - ok
19:59:47.0157 0x1490  [ BE6FAC6F0745C67DAE7522C96406D083, 5FBDE0193F6C6752C8BAB88D945F536D1259B3290073FE73E97FD4D9603D9AD6 ] C:\Windows\System32\sxs.dll
19:59:47.0157 0x1490  C:\Windows\System32\sxs.dll - ok
19:59:47.0163 0x1490  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] C:\Windows\System32\lsass.exe
19:59:47.0163 0x1490  C:\Windows\System32\lsass.exe - ok
19:59:47.0168 0x1490  [ 178FAC2B7C66E9A4400CE7AC37623E3F, 30BF99E3F6B02566A83DCC072F5654DA28311ACC5308CFB25BE02C1BD3B5CEE3 ] C:\Windows\System32\lsasrv.dll
19:59:47.0168 0x1490  C:\Windows\System32\lsasrv.dll - ok
19:59:47.0174 0x1490  [ 4774AD6C447E02E954BD9A793614EBEC, 7BA75A26DA67FD10BB3E0A2404A7319F8D8938B0330BA0978A9E21EBC8CD9BA4 ] C:\Windows\System32\lsm.exe
19:59:47.0174 0x1490  C:\Windows\System32\lsm.exe - ok
19:59:47.0179 0x1490  [ D90911B3FA05D7B930C1286084B404DE, 200577AD30F9B3FBEAA2988B6858ED6811F7E75B0183F5F35F18207A0C932694 ] C:\Windows\System32\scesrv.dll
19:59:47.0179 0x1490  C:\Windows\System32\scesrv.dll - ok
19:59:47.0185 0x1490  [ 71F5A7104FDF16C0AC5283A6CE666553, 481D688B87CC4155FB98AEB816B5F331F2EC8A1B409B01BA270A67660CE9564A ] C:\Windows\System32\sysntfy.dll
19:59:47.0185 0x1490  C:\Windows\System32\sysntfy.dll - ok
19:59:47.0190 0x1490  [ F0321DA5203F1E71917F3B7A13DC4912, 2F40733CBDD6491DAA3182AFDB3CA9FBAE5C3EE15CD9FCFF20E2D74E98CA374F ] C:\Windows\System32\wmsgapi.dll
19:59:47.0192 0x1490  C:\Windows\System32\wmsgapi.dll - ok
19:59:47.0196 0x1490  [ 1AE011BB950A5E0B05023D2AFEC3666D, 4602DB22B7D1643780DBE7A34A4887C119A0516C65E4063A9C2074CF39A495DC ] C:\Windows\System32\authz.dll
19:59:47.0196 0x1490  C:\Windows\System32\authz.dll - ok
19:59:47.0202 0x1490  [ D6F0260D9051C0B60998F4CDBE9B2CC6, D5805D6170FA05A7A8A592F0FB6B0E7E83A725313B499DA2F3394EA6060D0BB1 ] C:\Windows\System32\cdd.dll
19:59:47.0202 0x1490  C:\Windows\System32\cdd.dll - ok
19:59:47.0208 0x1490  [ 98B656EAF128CD06F625B09C84D959E1, 3E6502E629F15E697A813FC56A9B1F13F5A6F3D0C20550AB3459B2507F868156 ] C:\Windows\System32\netapi32.dll
19:59:47.0208 0x1490  C:\Windows\System32\netapi32.dll - ok
19:59:47.0213 0x1490  [ 2FA16465F64DB54B1F7F511395EB4FD7, 9BC7865CC2EC9CE08E2848F8E8FB9E73715858A31243CB280C317578DDD97EDA ] C:\Windows\System32\ncobjapi.dll
19:59:47.0213 0x1490  C:\Windows\System32\ncobjapi.dll - ok
19:59:47.0219 0x1490  [ 7808BF0E367ED7348808879CEF482AB3, BAC633E351F0A2CF69C288E7CD983ED5986FE0CC180BF769A5C2EB5F8CABBE8A ] C:\Windows\System32\samsrv.dll
19:59:47.0219 0x1490  C:\Windows\System32\samsrv.dll - ok
19:59:47.0224 0x1490  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] C:\Windows\System32\aelupsvc.dll
19:59:47.0224 0x1490  C:\Windows\System32\aelupsvc.dll - ok
19:59:47.0230 0x1490  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] C:\Windows\System32\alg.exe
19:59:47.0230 0x1490  C:\Windows\System32\alg.exe - ok
19:59:47.0235 0x1490  [ 459B48188494490707DCA8BAA91AA185, E108A46F446A273BF118A73D4790FC85D49D6CE8ECC581AAEB942A1558D21327 ] C:\Windows\System32\cryptdll.dll
19:59:47.0235 0x1490  C:\Windows\System32\cryptdll.dll - ok
19:59:47.0241 0x1490  [ 85E861D0B88DB2B54ACB0839654C09F7, 751E4F1F282C3798712AFF551D1525D5D65B5E8229689862AAB0BBDCC35A5925 ] C:\Windows\System32\dnsapi.dll
19:59:47.0241 0x1490  C:\Windows\System32\dnsapi.dll - ok
19:59:47.0246 0x1490  [ 965AC9FBF2C67231C157E99C03C58D24, 732E6307AE0C8916F47CB0E74562C7991CF44D5656C5E071D3FBDF31EA734409 ] C:\Windows\System32\feclient.dll
19:59:47.0247 0x1490  C:\Windows\System32\feclient.dll - ok
19:59:47.0252 0x1490  [ 1F94EA31C9543B855F53BDAC7792DA4E, 3697D031632C47FC5AAB4208C05A7C4098DF390103CFDE99A512F685AD057F40 ] C:\Windows\System32\mpr.dll
19:59:47.0252 0x1490  C:\Windows\System32\mpr.dll - ok
19:59:47.0258 0x1490  [ EE2FF9A3FC4404234BE3B7C6AA383AF8, 51BF3C48BE9BF81A800EF5B247E03C78980B3FFFF37688C42C0F253351EEF4C1 ] C:\Windows\System32\msasn1.dll
19:59:47.0258 0x1490  C:\Windows\System32\msasn1.dll - ok
19:59:47.0263 0x1490  [ 7F0F1D4B0D847696F8E309423D227DCE, 4460A2E8B27EB74E951DF328DABFC6C905DD1538D2F2BEE59B2FDA05482CE9F7 ] C:\Windows\System32\ntdsapi.dll
19:59:47.0263 0x1490  C:\Windows\System32\ntdsapi.dll - ok
19:59:47.0269 0x1490  [ 453DE2958C885527E20C79A3FEFE6AF7, AC40DC0D1224A2F6FAA1A3396345371CAE7312C6D7EF0923602B2E89ED22BA2B ] C:\Windows\System32\samlib.dll
19:59:47.0269 0x1490  C:\Windows\System32\samlib.dll - ok
19:59:47.0274 0x1490  [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] C:\Windows\System32\appinfo.dll
19:59:47.0275 0x1490  C:\Windows\System32\appinfo.dll - ok
19:59:47.0280 0x1490  [ 0FE769CAE5855B53C90E23F85E7E89FF, 7163E364D33EDABCFC1E1B586D28FA906F34A764BF4B3031DF020043EAE0D3BF ] C:\Windows\System32\appmgmts.dll
19:59:47.0280 0x1490  C:\Windows\System32\appmgmts.dll - ok
19:59:47.0286 0x1490  [ 0317420D419E1885894B3ED9D375D245, 17F4C64CA4FE560F09DA4C1D13D62B525B5C7B6FDD44B846C6953D595D83CF3D ] C:\Windows\System32\crypt32.dll
19:59:47.0286 0x1490  C:\Windows\System32\crypt32.dll - ok
19:59:47.0292 0x1490  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] C:\Windows\System32\audiosrv.dll
19:59:47.0292 0x1490  C:\Windows\System32\audiosrv.dll - ok
19:59:47.0297 0x1490  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] C:\Windows\System32\BFE.DLL
19:59:47.0297 0x1490  C:\Windows\System32\BFE.DLL - ok
19:59:47.0303 0x1490  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] C:\Windows\System32\qmgr.dll
19:59:47.0303 0x1490  C:\Windows\System32\qmgr.dll - ok
19:59:47.0309 0x1490  [ 898E7C06A350D4A1A64A9EA264D55452, 0530B49018B59D4DCD3ECBC19E95B81438208AF34BC876BD07129A79896B4D7E ] C:\Windows\System32\winlogon.exe
19:59:47.0309 0x1490  C:\Windows\System32\winlogon.exe - ok
19:59:47.0314 0x1490  [ 4AAFC7461633848AA87A363B2CBEC522, F2A452B5B71293011EED8CD5ABFA8D0B0761A92D4579CF9D98B1D2DC06D16791 ] C:\Windows\System32\winsta.dll
19:59:47.0314 0x1490  C:\Windows\System32\winsta.dll - ok
19:59:47.0320 0x1490  [ C6DF7A87063D006ECF1FD8156CB6DE3F, 921AB6B88444B364F05D8EDF0EDDFA0892353A862CD3580F7EDA311E4FDC26B6 ] C:\Windows\System32\SLC.dll
19:59:47.0320 0x1490  C:\Windows\System32\SLC.dll - ok
19:59:47.0326 0x1490  [ 4DE3C4D07BAFDE616EFA0ADE076CBAC2, 9088837534980C39A885BF9FE2B0945166A433F0263DE7F8E9D4F5E153A70DF3 ] C:\Windows\System32\wevtapi.dll
19:59:47.0326 0x1490  C:\Windows\System32\wevtapi.dll - ok
19:59:47.0331 0x1490  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] C:\Windows\System32\dhcpcsvc.dll
19:59:47.0331 0x1490  C:\Windows\System32\dhcpcsvc.dll - ok
19:59:47.0337 0x1490  [ 4FE8425F21B3F0F8C4B4726351D43EAA, F45C1429BD60EEAB7BE8C2114B9C819CED7583249CEE1AB234A8A05A484528A9 ] C:\Windows\System32\IPHLPAPI.DLL
19:59:47.0337 0x1490  C:\Windows\System32\IPHLPAPI.DLL - ok
19:59:47.0343 0x1490  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] C:\Windows\System32\browser.dll
19:59:47.0343 0x1490  C:\Windows\System32\browser.dll - ok
19:59:47.0348 0x1490  [ A4C8377FA4A994E07075107DBE2E3DCE, C3CDAA7B83D130100044341C23897CC6C257FA075A8D08B8551F4A28AE8CE6C4 ] C:\Windows\System32\bthserv.dll
19:59:47.0349 0x1490  C:\Windows\System32\bthserv.dll - ok
19:59:47.0354 0x1490  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] C:\Windows\System32\certprop.dll
19:59:47.0355 0x1490  C:\Windows\System32\certprop.dll - ok
19:59:47.0361 0x1490  [ DFB6B71CDABA9DFB49C9D2B318B97A1A, F380B9A28D56DEC902154A0251B58BD3576355EDE2CD13CF47D7F4DBE3D61C97 ] C:\Windows\System32\dhcpcsvc6.dll
19:59:47.0361 0x1490  C:\Windows\System32\dhcpcsvc6.dll - ok
19:59:47.0366 0x1490  [ 6B09105742C75DF80CEF21700F20F55A, D781C5F22BEBB5C51B7792EBB4421C170F2CC5FE28E9245E9D6B9D22E33423AB ] C:\Windows\System32\winnsi.dll
19:59:47.0366 0x1490  C:\Windows\System32\winnsi.dll - ok
19:59:47.0373 0x1490  [ DE0DD9AE3430F84A96B5501112A696BE, 28ED17BCAE5DB58885547213B5241F8E6599ADE3BB7834A54AC2F10D3285C45F ] C:\Windows\System32\bcrypt.dll
19:59:47.0373 0x1490  C:\Windows\System32\bcrypt.dll - ok
19:59:47.0379 0x1490  [ 7F15B4953378C8B5161D65C26D5FED4D, 70C80736225273D083F071E625CC47E5C889E8D7426D8D3461F87D41286F06D0 ] C:\Windows\System32\cngaudit.dll
19:59:47.0379 0x1490  C:\Windows\System32\cngaudit.dll - ok
19:59:47.0386 0x1490  [ 13CC59C1B04E9F20A87987C68CD4BE3F, E65363E112CF58007CA650782997413EAFFFDAC25B66976BC7B3A2CBD5ED3933 ] C:\Windows\System32\ncrypt.dll
19:59:47.0386 0x1490  C:\Windows\System32\ncrypt.dll - ok
19:59:47.0391 0x1490  [ 4211249955AF9133E2E357CC92B54DFD, 5868F1B809783723C45D3A60DC6B2A21C216E9329D131B282A5851E38603DF55 ] C:\Windows\System32\comres.dll
19:59:47.0391 0x1490  C:\Windows\System32\comres.dll - ok
19:59:47.0397 0x1490  [ 26F139DDEC6407508071930D3D07337E, 90EF02DCA67C68AFBEB8E2BE2E1BD6E400F2A386C3CE8AF5573E9F89B7636688 ] C:\Windows\System32\credssp.dll
19:59:47.0397 0x1490  C:\Windows\System32\credssp.dll - ok
19:59:47.0403 0x1490  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] C:\Windows\System32\cryptsvc.dll
19:59:47.0403 0x1490  C:\Windows\System32\cryptsvc.dll - ok
19:59:47.0406 0x1490  [ 0A2095F92F6AE4FE6484D911B0C21E95, 52E2E08107FEBD6B46E1C71B39ECA8AB1A0ECF18CA248D9172F831B6FAB99139 ] C:\Windows\System32\cscsvc.dll
19:59:47.0406 0x1490  C:\Windows\System32\cscsvc.dll - ok
19:59:47.0412 0x1490  [ AA01497884F9CBAC89470120AF78D2B1, FACE3C2E7B0796A690B2E25175579575153453D90EB9B08FB164356575FA7614 ] C:\Windows\System32\kerberos.dll
19:59:47.0412 0x1490  C:\Windows\System32\kerberos.dll - ok
19:59:47.0419 0x1490  [ ABE9EEA1EABEA0711610A637A7B1C25D, 973F8BE8E411E1037DFC3FE3F979412450D268E4D34C0F38F3F015D2E00CD8AC ] C:\Windows\System32\msprivs.dll
19:59:47.0419 0x1490  C:\Windows\System32\msprivs.dll - ok
19:59:47.0423 0x1490  [ 74F380C8EC8813626C670D46E8A714D1, 25E20A08048DB18CB1B1071B6FF916561A809561F587E26306FB75A8AA173FE3 ] C:\Windows\System32\dfsrres.dll
19:59:47.0423 0x1490  C:\Windows\System32\dfsrres.dll - ok
19:59:47.0429 0x1490  [ 08D6D1692B62C9EE4062E1FA04D8FE2F, 0DDB6D64524CDED04DE6521FC834BC4507ECF4C51C9F9BC407B510222E4F0343 ] C:\Windows\System32\oleres.dll
19:59:47.0429 0x1490  C:\Windows\System32\oleres.dll - ok
19:59:47.0435 0x1490  [ 9E80FF0752E365F97FD2D1D68C2AFDA1, 07924F0966A05A992130D29BBF634214D0DFE4081851ED18B1E334437DD008D0 ] C:\Windows\System32\wship6.dll
19:59:47.0435 0x1490  C:\Windows\System32\wship6.dll - ok
19:59:47.0440 0x1490  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] C:\Windows\System32\dot3svc.dll
19:59:47.0440 0x1490  C:\Windows\System32\dot3svc.dll - ok
19:59:47.0445 0x1490  [ 05C3B38DB95BA5585817A4F898EE5581, 227357221F00BA91D7907966FF251F6834D69ABD630174A56F9A6C98723C1625 ] C:\Windows\System32\wshqos.dll
19:59:47.0446 0x1490  C:\Windows\System32\wshqos.dll - ok
19:59:47.0452 0x1490  [ 22CFAEB9172F5F198048401485CD0571, 94E0B8590268BD21B035297F5B0C01A4E8958A1DB39A5AA654EA1805BD30CEC2 ] C:\Windows\System32\WSHTCPIP.DLL
19:59:47.0452 0x1490  C:\Windows\System32\WSHTCPIP.DLL - ok
19:59:47.0457 0x1490  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] C:\Windows\System32\dps.dll
19:59:47.0457 0x1490  C:\Windows\System32\dps.dll - ok
19:59:47.0462 0x1490  [ FC62A635063B762E1C3C60EA77279378, 9C7ADE37C9F2F9CC5A79D75260736C3791C7A73FB84BE6B7E575CA31A4B99667 ] C:\Windows\System32\NapiNSP.dll
19:59:47.0463 0x1490  C:\Windows\System32\NapiNSP.dll - ok
19:59:47.0468 0x1490  [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] C:\Windows\System32\nlasvc.dll
19:59:47.0468 0x1490  C:\Windows\System32\nlasvc.dll - ok
19:59:47.0474 0x1490  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] C:\Windows\System32\eapsvc.dll
19:59:47.0474 0x1490  C:\Windows\System32\eapsvc.dll - ok
19:59:47.0479 0x1490  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] C:\Windows\System32\emdmgmt.dll
19:59:47.0480 0x1490  C:\Windows\System32\emdmgmt.dll - ok
19:59:47.0485 0x1490  [ 8617350C9B590B63E620881092751BCB, 4D16A2197F9ED9062CFD93061294FB8E1068071D03E72B6CF3C7256F1B454A9B ] C:\Windows\System32\mswsock.dll
19:59:47.0485 0x1490  C:\Windows\System32\mswsock.dll - ok
19:59:47.0491 0x1490  [ 690D41DF1D555F96D4898A0F54EBA065, 3A8C9304D49657765DF0FCCEAE2A529982025D8677CCA5930824921F77B8F404 ] C:\Windows\System32\pnrpnsp.dll
19:59:47.0491 0x1490  C:\Windows\System32\pnrpnsp.dll - ok
19:59:47.0496 0x1490  [ 4ABCE74D012971305249E45E095E9EA6, 6D53BB81F781694577ED8F6DBF41D0900C552DEC2F433206E5B087E80B239DE3 ] C:\Windows\System32\msv1_0.dll
19:59:47.0496 0x1490  C:\Windows\System32\msv1_0.dll - ok
19:59:47.0502 0x1490  [ 95DAECF0FB120A7B5DA679CC54E37DDE, 492129AB9AF4F11CDE46148F6CC3AB6841D0F715DEF5E387B33CD8C79F5298BC ] C:\Windows\System32\netlogon.dll
19:59:47.0502 0x1490  C:\Windows\System32\netlogon.dll - ok
19:59:47.0508 0x1490  [ A1B40A28F38D27A7E3229EE4C7064434, 76CD78FAFC99C472CDFCE848B1E31037811D4D645849C9FDA1B22161A1191A2D ] C:\Windows\System32\wevtsvc.dll
19:59:47.0508 0x1490  C:\Windows\System32\wevtsvc.dll - ok
19:59:47.0513 0x1490  [ 72910BC4A218C49EA8E43D1FAEC403A5, AAC5026C440BA588D532703A582386EC33B2BCAE2D7A6EF7798498FDDF6F617A ] C:\Windows\System32\winbrand.dll
19:59:47.0513 0x1490  C:\Windows\System32\winbrand.dll - ok
19:59:47.0519 0x1490  [ 50E3E76B0901BB4FC029BB88BFA5CE79, 2633FB41F30C68EB68B6241F89C035B3F66CBF51EDB6B4E2FFFE562CE3EEA745 ] C:\Windows\System32\schannel.dll
19:59:47.0519 0x1490  C:\Windows\System32\schannel.dll - ok
19:59:47.0525 0x1490  [ 93620229F3CC3B67A3528BF39F064C30, BB5CD222902D528030DD6CB458691DD37BAFCCC0E35119F3C127DB5C55244780 ] C:\Windows\System32\wdigest.dll
19:59:47.0525 0x1490  C:\Windows\System32\wdigest.dll - ok
19:59:47.0530 0x1490  [ E14170AEA125119B98FA2BDE3FF4F462, 939758ADA9D1A7E3B6BA1DB6D9E41D3FA27A7013C156F0B63010A0FB62DD64F8 ] C:\Windows\System32\rsaenh.dll
19:59:47.0531 0x1490  C:\Windows\System32\rsaenh.dll - ok
19:59:47.0537 0x1490  [ F8873D15018F411588BEC02C1725BADA, 7E90B1D820733C80B438287D89FC3D4219B2C97BD878EB5BA2DBFF64BBF3938A ] C:\Windows\System32\TSpkg.dll
19:59:47.0537 0x1490  C:\Windows\System32\TSpkg.dll - ok
19:59:47.0542 0x1490  [ 0F420E81062757EA8363CBACD4D40D6D, 9FC3A7C512B065F18B520FE93B821717BB8B4C36BD976E8D014F71116073CF50 ] C:\Windows\System32\gpapi.dll
19:59:47.0542 0x1490  C:\Windows\System32\gpapi.dll - ok
19:59:47.0548 0x1490  [ 5C23BBF67E6C373926525367D29F6E0C, 546AA7D351126D322211945FCF1F5A18AD08FAED815BA575910B530815708F75 ] C:\Windows\System32\FXSRESM.dll
19:59:47.0548 0x1490  C:\Windows\System32\FXSRESM.dll - ok
19:59:47.0554 0x1490  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] C:\Windows\System32\fdPHost.dll
19:59:47.0554 0x1490  C:\Windows\System32\fdPHost.dll - ok
19:59:47.0560 0x1490  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] C:\Windows\System32\FDResPub.dll
19:59:47.0560 0x1490  C:\Windows\System32\FDResPub.dll - ok
19:59:47.0565 0x1490  [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] C:\Windows\System32\FntCache.dll
19:59:47.0565 0x1490  C:\Windows\System32\FntCache.dll - ok
19:59:47.0571 0x1490  [ 302964DCAC79D618CC7B72C778DA9FD2, 7F2980AA49592B308E5D4C1A311AE837F65E9FB35761734A936626E81F0A7F10 ] C:\Windows\System32\PresentationHost.exe
19:59:47.0571 0x1490  C:\Windows\System32\PresentationHost.exe - ok
19:59:47.0577 0x1490  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] C:\Windows\System32\hidserv.dll
19:59:47.0577 0x1490  C:\Windows\System32\hidserv.dll - ok
19:59:47.0582 0x1490  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] C:\Windows\System32\KMSVC.DLL
19:59:47.0582 0x1490  C:\Windows\System32\KMSVC.DLL - ok
19:59:47.0589 0x1490  [ 05586F5438AB0DA4F5149159E0E5FD4B, D022FF63300D88DE959EA1B415A5ADC6578059088B2B39DC9DB60A0D29F45935 ] C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
19:59:47.0589 0x1490  C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok
19:59:47.0595 0x1490  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] C:\Windows\System32\IKEEXT.DLL
19:59:47.0595 0x1490  C:\Windows\System32\IKEEXT.DLL - ok
19:59:47.0602 0x1490  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] C:\Windows\System32\IPBusEnum.dll
19:59:47.0602 0x1490  C:\Windows\System32\IPBusEnum.dll - ok
19:59:47.0607 0x1490  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] C:\Windows\System32\iphlpsvc.dll
19:59:47.0607 0x1490  C:\Windows\System32\iphlpsvc.dll - ok
19:59:47.0612 0x1490  [ 3464DAE0E801F5A81A23C571D86F30B2, A5C0256618215A96BC8CB68357E5278DBF01C3E2CFFDC77EB4A703F1342687D2 ] C:\Windows\System32\rascfg.dll
19:59:47.0612 0x1490  C:\Windows\System32\rascfg.dll - ok
19:59:47.0618 0x1490  [ 74C2F29CC612B2B34231BEBD824D2FB2, 0C0888AB3B2D8C8F17CA57A503C61F867C8F12A6E6F645DEFE7A2C299AA59AD8 ] C:\Windows\System32\keyiso.dll
19:59:47.0618 0x1490  C:\Windows\System32\keyiso.dll - ok
19:59:47.0624 0x1490  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] C:\Windows\System32\srvsvc.dll
19:59:47.0624 0x1490  C:\Windows\System32\srvsvc.dll - ok
19:59:47.0629 0x1490  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] C:\Windows\System32\wkssvc.dll
19:59:47.0629 0x1490  C:\Windows\System32\wkssvc.dll - ok
19:59:47.0635 0x1490  [ FA0593D936C9B95FB6FAA32AD1595D49, E7DEC36E708D62D6E95649F3F82DD1CB3E4A77934ABC86FD44FE1F37826901B0 ] C:\Windows\System32\lltdres.dll
19:59:47.0635 0x1490  C:\Windows\System32\lltdres.dll - ok
19:59:47.0641 0x1490  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] C:\Windows\System32\lmhsvc.dll
19:59:47.0641 0x1490  C:\Windows\System32\lmhsvc.dll - ok
19:59:47.0646 0x1490  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] C:\Windows\System32\mmcss.dll
19:59:47.0646 0x1490  C:\Windows\System32\mmcss.dll - ok
19:59:47.0652 0x1490  [ 95F1EB99B81CFD6F581C85F0A0AA9B2B, 65EE7016E6235880C4443119BF32CF12D4A9A9CA3810B974B575AD31D380A7FB ] C:\Windows\System32\FirewallAPI.dll
19:59:47.0652 0x1490  C:\Windows\System32\FirewallAPI.dll - ok
19:59:47.0655 0x1490  [ EA822412BBBA9B7D2B1A3748AD50EFB8, 10BA6E240FEC5BB1A0A7C0D75E0495D99FD48D68CA69C0985DD921658835225C ] C:\Windows\System32\iscsidsc.dll
19:59:47.0655 0x1490  C:\Windows\System32\iscsidsc.dll - ok
19:59:47.0661 0x1490  [ ED21401F1E2F6BC2F54C462BB66D0D6B, 7E3874AFB57CA6B7CDA3833DB0E43E9D2BEE7C5C70AC1182260740CCA40291CA ] C:\Windows\System32\msimsg.dll
19:59:47.0661 0x1490  C:\Windows\System32\msimsg.dll - ok
19:59:47.0669 0x1490  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] C:\Windows\System32\QAGENTRT.DLL
19:59:47.0669 0x1490  C:\Windows\System32\QAGENTRT.DLL - ok
19:59:47.0673 0x1490  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] C:\Windows\System32\netman.dll
19:59:47.0673 0x1490  C:\Windows\System32\netman.dll - ok
19:59:47.0679 0x1490  [ 4EF5DF1B011B05737ECB8F0B7B171510, CB497F4B8CF049CCC144E2445EC3BF7C41FF67521A40D7146543E59EE243BA77 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll
19:59:47.0679 0x1490  C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll - ok
19:59:47.0685 0x1490  [ ED640F4CE585058119B824CC76591D9C, B8FA63CEE5105DD034084F34D0FDB223EAC1228888EDBD9EB48BF1B64F720C0E ] C:\Windows\System32\netprof.dll
19:59:47.0685 0x1490  C:\Windows\System32\netprof.dll - ok
19:59:47.0691 0x1490  [ 30EDD6A7D7DD83648CC6B0A4ECDBF2FB, 3DD96CF11B877684EE86E8BACBBEE8E1BDAF027BA6CBC20FB818A9120E41AF28 ] C:\Program Files\Microsoft Security Client\MpAsDesc.dll
19:59:47.0691 0x1490  C:\Program Files\Microsoft Security Client\MpAsDesc.dll - ok
19:59:47.0697 0x1490  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] C:\Windows\System32\nsisvc.dll
19:59:47.0697 0x1490  C:\Windows\System32\nsisvc.dll - ok
19:59:47.0703 0x1490  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] C:\Windows\System32\p2psvc.dll
19:59:47.0703 0x1490  C:\Windows\System32\p2psvc.dll - ok
19:59:47.0708 0x1490  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] C:\Windows\System32\pcasvc.dll
19:59:47.0708 0x1490  C:\Windows\System32\pcasvc.dll - ok
19:59:47.0713 0x1490  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] C:\Windows\System32\pla.dll
19:59:47.0713 0x1490  C:\Windows\System32\pla.dll - ok
19:59:47.0719 0x1490  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] C:\Windows\System32\umpnpmgr.dll
19:59:47.0719 0x1490  C:\Windows\System32\umpnpmgr.dll - ok
19:59:47.0724 0x1490  [ 64B28D672B5B6A01E87B0C3096B1E047, D4E5875A25E0EBEFD4AE38A3BA508CF99DD7278E7D4E1C95C7E1B8E42F381A10 ] C:\Windows\System32\polstore.dll
19:59:47.0725 0x1490  C:\Windows\System32\polstore.dll - ok
19:59:47.0730 0x1490  [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] C:\Windows\System32\profsvc.dll
19:59:47.0730 0x1490  C:\Windows\System32\profsvc.dll - ok
19:59:47.0736 0x1490  [ 08F9134A2215B7ED985409A4DF60AC60, BAFFCA0BA71A11FE63AB8411D8951E9AE087E31E04E9D226CCB21E82B79F2DCE ] C:\Windows\System32\psbase.dll
19:59:47.0736 0x1490  C:\Windows\System32\psbase.dll - ok
19:59:47.0741 0x1490  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] C:\Windows\System32\drivers\qwavedrv.sys
19:59:47.0742 0x1490  C:\Windows\System32\drivers\qwavedrv.sys - ok
19:59:47.0747 0x1490  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] C:\Windows\System32\qwave.dll
19:59:47.0747 0x1490  C:\Windows\System32\qwave.dll - ok
19:59:47.0753 0x1490  [ 8F97D374AD1857E1EED85A79F29A1D3D, 4B2D1DBB60C0890E3CB497F534D8DE74952AF8774579B62B0F4ED14912CA583C ] C:\Windows\WindowsMobile\rapimgr.dll
19:59:47.0753 0x1490  C:\Windows\WindowsMobile\rapimgr.dll - ok
19:59:47.0759 0x1490  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] C:\Windows\System32\rasauto.dll
19:59:47.0759 0x1490  C:\Windows\System32\rasauto.dll - ok
19:59:47.0764 0x1490  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] C:\Windows\System32\rasmans.dll
19:59:47.0764 0x1490  C:\Windows\System32\rasmans.dll - ok
19:59:47.0770 0x1490  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] C:\Windows\System32\sstpsvc.dll
19:59:47.0770 0x1490  C:\Windows\System32\sstpsvc.dll - ok
19:59:47.0776 0x1490  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] C:\Windows\System32\mprdim.dll
19:59:47.0776 0x1490  C:\Windows\System32\mprdim.dll - ok
19:59:47.0781 0x1490  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] C:\Windows\System32\regsvc.dll
19:59:47.0781 0x1490  C:\Windows\System32\regsvc.dll - ok
19:59:47.0787 0x1490  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] C:\Windows\System32\Locator.exe
19:59:47.0787 0x1490  C:\Windows\System32\Locator.exe - ok
19:59:47.0793 0x1490  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] C:\Windows\System32\SCardSvr.dll
19:59:47.0793 0x1490  C:\Windows\System32\SCardSvr.dll - ok
19:59:47.0798 0x1490  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] C:\Windows\System32\schedsvc.dll
19:59:47.0798 0x1490  C:\Windows\System32\schedsvc.dll - ok
19:59:47.0804 0x1490  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] C:\Windows\System32\sdrsvc.dll
19:59:47.0804 0x1490  C:\Windows\System32\sdrsvc.dll - ok
19:59:47.0810 0x1490  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] C:\Windows\System32\seclogon.dll
19:59:47.0810 0x1490  C:\Windows\System32\seclogon.dll - ok
19:59:47.0815 0x1490  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] C:\Windows\System32\Sens.dll
19:59:47.0815 0x1490  C:\Windows\System32\Sens.dll - ok
19:59:47.0821 0x1490  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] C:\Windows\System32\SessEnv.dll
19:59:47.0821 0x1490  C:\Windows\System32\SessEnv.dll - ok
19:59:47.0826 0x1490  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] C:\Windows\System32\ipnathlp.dll
19:59:47.0827 0x1490  C:\Windows\System32\ipnathlp.dll - ok
19:59:47.0832 0x1490  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] C:\Windows\System32\shsvcs.dll
19:59:47.0832 0x1490  C:\Windows\System32\shsvcs.dll - ok
19:59:47.0838 0x1490  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] C:\Windows\System32\SLsvc.exe
19:59:47.0838 0x1490  C:\Windows\System32\SLsvc.exe - ok
19:59:47.0843 0x1490  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] C:\Windows\System32\SLUINotify.dll
19:59:47.0843 0x1490  C:\Windows\System32\SLUINotify.dll - ok
19:59:47.0849 0x1490  [ E4060CFE50F87C72316CB0FDB20E4913, FC7D21327E5FAA424798097FBE5A2F7821BE8A1E54F80E81A620A52DC8E933AA ] C:\Windows\System32\tcpipcfg.dll
19:59:47.0849 0x1490  C:\Windows\System32\tcpipcfg.dll - ok
19:59:47.0854 0x1490  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] C:\Windows\System32\snmptrap.exe
19:59:47.0855 0x1490  C:\Windows\System32\snmptrap.exe - ok
19:59:47.0860 0x1490  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] C:\Windows\System32\spoolsv.exe
19:59:47.0860 0x1490  C:\Windows\System32\spoolsv.exe - ok
19:59:47.0865 0x1490  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] C:\Windows\System32\ssdpsrv.dll
19:59:47.0865 0x1490  C:\Windows\System32\ssdpsrv.dll - ok


#12 Pseudorious

Pseudorious
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:12 PM

Posted 15 December 2013 - 02:55 PM

19:59:47.0871 0x1490  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] C:\Windows\System32\wiaservc.dll
19:59:47.0871 0x1490  C:\Windows\System32\wiaservc.dll - ok
19:59:47.0877 0x1490  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] C:\Windows\System32\swprv.dll
19:59:47.0877 0x1490  C:\Windows\System32\swprv.dll - ok
19:59:47.0882 0x1490  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] C:\Windows\System32\sysmain.dll
19:59:47.0882 0x1490  C:\Windows\System32\sysmain.dll - ok
19:59:47.0888 0x1490  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] C:\Windows\System32\TabSvc.dll
19:59:47.0888 0x1490  C:\Windows\System32\TabSvc.dll - ok
19:59:47.0893 0x1490  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] C:\Windows\System32\tapisrv.dll
19:59:47.0893 0x1490  C:\Windows\System32\tapisrv.dll - ok
19:59:47.0899 0x1490  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] C:\Windows\System32\tbssvc.dll
19:59:47.0899 0x1490  C:\Windows\System32\tbssvc.dll - ok
19:59:47.0904 0x1490  [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] C:\Windows\System32\termsrv.dll
19:59:47.0905 0x1490  C:\Windows\System32\termsrv.dll - ok
19:59:47.0908 0x1490  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] C:\Windows\servicing\TrustedInstaller.exe
19:59:47.0908 0x1490  C:\Windows\servicing\TrustedInstaller.exe - ok
19:59:47.0913 0x1490  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] C:\Windows\System32\trkwks.dll
19:59:47.0913 0x1490  C:\Windows\System32\trkwks.dll - ok
19:59:47.0919 0x1490  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] C:\Windows\System32\UI0Detect.exe
19:59:47.0919 0x1490  C:\Windows\System32\UI0Detect.exe - ok
19:59:47.0924 0x1490  [ 8A66360F38F81E960E2367B428CBD5D9, 349A39BD63E1FF3C3D0249A3BE834D62F3EFC5EA4416269421AF03F10356D3E5 ] C:\Windows\System32\umrdp.dll
19:59:47.0925 0x1490  C:\Windows\System32\umrdp.dll - ok
19:59:47.0930 0x1490  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] C:\Windows\System32\upnphost.dll
19:59:47.0930 0x1490  C:\Windows\System32\upnphost.dll - ok
19:59:47.0936 0x1490  [ 01DD1004181FD46ECDC3628228EB269D, 8AED6773AE1C8B65B4CAD6229BD05E224D348CF2A9D9F7D50F2513A9B1E14F66 ] C:\Windows\System32\dwm.exe
19:59:47.0936 0x1490  C:\Windows\System32\dwm.exe - ok
19:59:47.0941 0x1490  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] C:\Windows\System32\vds.exe
19:59:47.0941 0x1490  C:\Windows\System32\vds.exe - ok
19:59:47.0946 0x1490  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] C:\Windows\System32\VSSVC.exe
19:59:47.0946 0x1490  C:\Windows\System32\VSSVC.exe - ok
19:59:47.0952 0x1490  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] C:\Windows\System32\w32time.dll
19:59:47.0952 0x1490  C:\Windows\System32\w32time.dll - ok
19:59:47.0960 0x1490  [ 20B23332885DFB93FE0185362EE811E9, 67B8026E8285FEB6E3939DEEE4E0F2FD0FA0917E0ED0F1FAE56B7841AF74C8F8 ] C:\Windows\System32\wbengine.exe
19:59:47.0960 0x1490  C:\Windows\System32\wbengine.exe - ok
19:59:47.0963 0x1490  [ 59E19BD13C3BDB857646B9E436BA27F7, CC84C607E15F5F29D93510387D5486BAF320BDAF79026A0BECE0D242F7B1DF3E ] C:\Windows\WindowsMobile\wcescomm.dll
19:59:47.0963 0x1490  C:\Windows\WindowsMobile\wcescomm.dll - ok
19:59:47.0969 0x1490  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] C:\Windows\System32\wcncsvc.dll
19:59:47.0969 0x1490  C:\Windows\System32\wcncsvc.dll - ok
19:59:47.0974 0x1490  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] C:\Windows\System32\WcsPlugInService.dll
19:59:47.0974 0x1490  C:\Windows\System32\WcsPlugInService.dll - ok
19:59:47.0980 0x1490  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] C:\Windows\System32\drivers\Wdf01000.sys
19:59:47.0980 0x1490  C:\Windows\System32\drivers\Wdf01000.sys - ok
19:59:47.0986 0x1490  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] C:\Windows\System32\wdi.dll
19:59:47.0986 0x1490  C:\Windows\System32\wdi.dll - ok
19:59:47.0991 0x1490  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] C:\Windows\System32\WebClnt.dll
19:59:47.0991 0x1490  C:\Windows\System32\WebClnt.dll - ok
19:59:47.0996 0x1490  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] C:\Windows\System32\wecsvc.dll
19:59:47.0996 0x1490  C:\Windows\System32\wecsvc.dll - ok
19:59:48.0002 0x1490  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] C:\Windows\System32\wercplsupport.dll
19:59:48.0002 0x1490  C:\Windows\System32\wercplsupport.dll - ok
19:59:48.0008 0x1490  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] C:\Windows\System32\wersvc.dll
19:59:48.0008 0x1490  C:\Windows\System32\wersvc.dll - ok
19:59:48.0013 0x1490  [ DBD02E3E6F061EBBBF9B99A9D7CBA30B, 2C65C129BD1D4279B78E7EDF83F6FB398B705A56A99942F4CA61C9E52D21D25A ] C:\Windows\System32\winhttp.dll
19:59:48.0013 0x1490  C:\Windows\System32\winhttp.dll - ok
19:59:48.0019 0x1490  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] C:\Windows\System32\wbem\WMIsvc.dll
19:59:48.0019 0x1490  C:\Windows\System32\wbem\WMIsvc.dll - ok
19:59:48.0024 0x1490  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] C:\Windows\System32\WsmSvc.dll
19:59:48.0024 0x1490  C:\Windows\System32\WsmSvc.dll - ok
19:59:48.0030 0x1490  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] C:\Windows\System32\wlansvc.dll
19:59:48.0030 0x1490  C:\Windows\System32\wlansvc.dll - ok
19:59:48.0036 0x1490  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] C:\Windows\System32\wbem\WmiApSrv.exe
19:59:48.0036 0x1490  C:\Windows\System32\wbem\WmiApSrv.exe - ok
19:59:48.0042 0x1490  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] C:\Program Files\Windows Media Player\wmpnetwk.exe
19:59:48.0042 0x1490  C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
19:59:48.0047 0x1490  [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:59:48.0048 0x1490  C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe - ok
19:59:48.0054 0x1490  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] C:\Windows\System32\wpdbusenum.dll
19:59:48.0054 0x1490  C:\Windows\System32\wpdbusenum.dll - ok
19:59:48.0059 0x1490  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] C:\Windows\System32\wscsvc.dll
19:59:48.0059 0x1490  C:\Windows\System32\wscsvc.dll - ok
19:59:48.0065 0x1490  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] C:\Windows\System32\wuaueng.dll
19:59:48.0065 0x1490  C:\Windows\System32\wuaueng.dll - ok
19:59:48.0071 0x1490  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] C:\Windows\System32\drivers\WUDFPf.sys
19:59:48.0071 0x1490  C:\Windows\System32\drivers\WUDFPf.sys - ok
19:59:48.0076 0x1490  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] C:\Windows\System32\WUDFSvc.dll
19:59:48.0076 0x1490  C:\Windows\System32\WUDFSvc.dll - ok
19:59:48.0082 0x1490  [ 8FC182167381E9915651267044105EE1, A0F0039496CA0755C07E7F249D4101D66FA64AFA5C8CE036428060AB106A1250 ] C:\Windows\System32\scecli.dll
19:59:48.0082 0x1490  C:\Windows\System32\scecli.dll - ok
19:59:48.0088 0x1490  [ CD08EEC61C591AF59A39F4363C567D30, 6A8413BE885A07235F59846FAD986B7A65CF009EAD78DD378114B6362DDDB371 ] C:\Windows\System32\ntmarta.dll
19:59:48.0088 0x1490  C:\Windows\System32\ntmarta.dll - ok
19:59:48.0093 0x1490  [ 3794B461C45882E06856F282EEF025AF, D4F79D7BC639FE86AC68961E6273836B9D7AF491773FD054395B33D317017BEB ] C:\Windows\System32\svchost.exe
19:59:48.0093 0x1490  C:\Windows\System32\svchost.exe - ok
19:59:48.0098 0x1490  [ 9A7F4B2EDACD11444D048AA19CBB26AF, 2CC3632D39484C959855B8A27DDED12A44765D7723CCF150E9F8B70015F1AA2E ] C:\Windows\System32\powrprof.dll
19:59:48.0099 0x1490  C:\Windows\System32\powrprof.dll - ok
19:59:48.0104 0x1490  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] C:\Windows\System32\drivers\luafv.sys
19:59:48.0105 0x1490  C:\Windows\System32\drivers\luafv.sys - ok
19:59:48.0110 0x1490  [ B0B3122BFF3910E0BA97014045467778, C4D8A2A9C18C24B609B084DD63F059E177B42D018C1975458857463239624156 ] C:\Windows\System32\drivers\tifsfilt.sys
19:59:48.0110 0x1490  C:\Windows\System32\drivers\tifsfilt.sys - ok
19:59:48.0115 0x1490  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] C:\Windows\System32\rpcss.dll
19:59:48.0115 0x1490  C:\Windows\System32\rpcss.dll - ok
19:59:48.0121 0x1490  [ 69827805A221C21450BA22F4326A2EE3, 2580CEB58BE4AEF7DEB134F3AD251188CAED05BC992B4FA977CCD11BD583BE5E ] C:\Windows\System32\version.dll
19:59:48.0121 0x1490  C:\Windows\System32\version.dll - ok
19:59:48.0127 0x1490  [ EAF536CEFA2AD556160A9DDFDFB57488, B4E7E3EED21634E1417377692946D5843424C8B0DE315A2CF465EE8310C47BE1 ] C:\Program Files\Microsoft Security Client\MpSvc.dll
19:59:48.0127 0x1490  C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
19:59:48.0132 0x1490  [ B0F49DA36F30922F5DDC3B623B778FCE, EE025AEFA4A2095AFEABFB3A49639DA77D78068A3F5EEDA6C15D34853AFD5609 ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
19:59:48.0133 0x1490  C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
19:59:48.0138 0x1490  [ 9DE3C7E166C53DB99EC401F81991C9B0, 927713C28F34BF0F82400E87B766912EC0A4943611C927A19D14B29D8440B181 ] C:\Program Files\Microsoft Security Client\MpClient.dll
19:59:48.0139 0x1490  C:\Program Files\Microsoft Security Client\MpClient.dll - ok
19:59:48.0144 0x1490  [ 62D577288B48998FC6667BF22DC5B690, 2AE9E184BA655EB56488A3DEFF1C7C37B1C99EEB821E961390FCE2EFCE6D7CBF ] C:\Windows\System32\LogonUI.exe
19:59:48.0144 0x1490  C:\Windows\System32\LogonUI.exe - ok
19:59:48.0150 0x1490  [ F42483814FC39170B3982A184EC5AAA2, DD8A1E7C6714DF07742EFDF6CA5AB93CDC547F56EB8C1066C56A68E83A818DD2 ] C:\Windows\System32\wtsapi32.dll
19:59:48.0150 0x1490  C:\Windows\System32\wtsapi32.dll - ok
19:59:48.0156 0x1490  [ 58C2521D87C494831A625202C80354AD, 6C5D9503E587904F5207E0AB470325DBEA0C32EB6693521DE669DF2D0BD935D4 ] C:\Windows\System32\authui.dll
19:59:48.0156 0x1490  C:\Windows\System32\authui.dll - ok
19:59:48.0159 0x1490  [ D16A740186870C32941C0E61DF4F1298, 070E994DC851F9E397CCABCB2227D3E4E096463E89BF34E3C09896BF9A08C91E ] C:\Windows\System32\wintrust.dll
19:59:48.0159 0x1490  C:\Windows\System32\wintrust.dll - ok
19:59:48.0165 0x1490  [ BE3C082837866C4C291ADAF163C10EA6, 9C65ABFE6E11B05C9309B86A87ADDD3557C043D4582E1A29530EBC36D470B13D ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
19:59:48.0165 0x1490  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll - ok
19:59:48.0171 0x1490  [ 4A4374946B7884D24FFDFC76BB8B3BCC, A490330ACFE8F4A37C2F00B7C3876FC478F9285B8A803F375F96A8CB09719C15 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
19:59:48.0171 0x1490  C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
19:59:48.0177 0x1490  [ F970EA885AEFEB1B9EB97CA7F1EB226D, 19E3B7F62A474BA9CC3824500445F9F525A2D43A597660658B05977DC198679A ] C:\Windows\System32\atiesrxx.exe
19:59:48.0177 0x1490  C:\Windows\System32\atiesrxx.exe - ok
19:59:48.0182 0x1490  [ 66AACC19D629336B9915F5DB1A414799, FA5ED9B5B23032A064ACD970C7EC3E82B6AD1FF603895AF2D91B0446BDF5785D ] C:\Program Files\Microsoft Security Client\MpRTP.dll
19:59:48.0182 0x1490  C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
19:59:48.0188 0x1490  [ 50D08A9A4C181B9BC2F1ED2003C99269, 59AD161C1D2EC9A066BFC1D9DE54EA092A31CCE19356DAB873A7D00D904BA100 ] C:\Program Files\Microsoft Security Client\MsMpLics.dll
19:59:48.0188 0x1490  C:\Program Files\Microsoft Security Client\MsMpLics.dll - ok
19:59:48.0195 0x1490  [ E77DC03DD3C8E5A388BF9EED2A28F3D1, ED0DAA975D1EC35CE036F02596218E15CC6A054167628D12A0A5AD91B841F422 ] C:\Windows\System32\drivers\MpFilter.sys
19:59:48.0195 0x1490  C:\Windows\System32\drivers\MpFilter.sys - ok
19:59:48.0202 0x1490  [ A9542FF2E9A82CF100E5729EC79068F0, DE0E39246536BD63CC5DFF8CE9E379121126573AB284BAD3782E5B217239F858 ] C:\Windows\System32\fltLib.dll
19:59:48.0202 0x1490  C:\Windows\System32\fltLib.dll - ok
19:59:48.0206 0x1490  [ D21DEBAEBB3721D2F28324748059393C, 498BA10AD2FBB8D4EC760BE0D3779C7F6934ECA7D08AFCFBC6FFC40A7E1092C7 ] C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll
19:59:48.0207 0x1490  C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll - ok
19:59:48.0212 0x1490  [ 56B5914070B2C243DFB3D186070DA89D, 657EBC48F8AE297F76898C5417797C3542B086C40F84D32F7D76FA14893B2C08 ] C:\Windows\System32\MMDevAPI.dll
19:59:48.0212 0x1490  C:\Windows\System32\MMDevAPI.dll - ok
19:59:48.0218 0x1490  [ C9244BCAC83B259B920BBEE18A97BFE1, 9EA58407433F86BAAC3B4A6C334FB3BC59032FF4EB50EFA7CD639AA56D96E908 ] C:\Windows\System32\avrt.dll
19:59:48.0218 0x1490  C:\Windows\System32\avrt.dll - ok
19:59:48.0223 0x1490  [ EC43D9CC95C3BB5FEFDBCF22D375E1F5, 088BF98E433F7E25889262549DC1C27FB0DF8C26905B5BF4A0F69AA3DA0995E5 ] C:\Windows\System32\adtschema.dll
19:59:48.0223 0x1490  C:\Windows\System32\adtschema.dll - ok
19:59:48.0229 0x1490  [ B78D583E5C189C32BF2350F6D1F99800, E69D16080D7A4A26091AA0FABA7742C0F65F222A8F73E5E7F67D0ED307BEBEA3 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2FA7EECA-2CF0-4F3D-A10B-09848B58E24C}\mpengine.dll
19:59:48.0229 0x1490  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2FA7EECA-2CF0-4F3D-A10B-09848B58E24C}\mpengine.dll - ok
19:59:48.0235 0x1490  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] C:\Windows\System32\drivers\fltMgr.sys
19:59:48.0235 0x1490  C:\Windows\System32\drivers\fltMgr.sys - ok
19:59:48.0240 0x1490  [ 57418956DDAE128D1023C508E7D07071, 94C77D511983CD139D909C3E157BA5DF579EB3D559C58CB69517B8895D591034 ] C:\Windows\System32\PSHED.DLL
19:59:48.0241 0x1490  C:\Windows\System32\PSHED.DLL - ok
19:59:48.0246 0x1490  [ 1211F31E221ABEE09607913D612513B0, 4E50B30A2F49BBDF5BC0D05E8E7A019355231FAF523A6DAB106A1BE845E03E24 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2FA7EECA-2CF0-4F3D-A10B-09848B58E24C}\mpasbase.vdm
19:59:48.0246 0x1490  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2FA7EECA-2CF0-4F3D-A10B-09848B58E24C}\mpasbase.vdm - ok
19:59:48.0253 0x1490  [ D0EF6D308AB04D7B66E5F110A3A27536, 5B65C8B96FFBCF648F8FDC1B6AA94CA8E1067599EFDFBD91228F34C8EB090313 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2FA7EECA-2CF0-4F3D-A10B-09848B58E24C}\mpasdlta.vdm
19:59:48.0253 0x1490  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2FA7EECA-2CF0-4F3D-A10B-09848B58E24C}\mpasdlta.vdm - ok
19:59:48.0259 0x1490  [ 00000000000000000000000000000000, 0000000000000000000000000000000000000000000000000000000000000000 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2FA7EECA-2CF0-4F3D-A10B-09848B58E24C}\mpavbase.vdm
19:59:48.0259 0x1490  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2FA7EECA-2CF0-4F3D-A10B-09848B58E24C}\mpavbase.vdm - ok
19:59:48.0265 0x1490  [ 8AB1C7038A4470C9AB76A4620F291937, B60F98420099854DE0DAAEFD274F09F25CB55ED2B7AEBC05B951E8E3A98F044E ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2FA7EECA-2CF0-4F3D-A10B-09848B58E24C}\mpavdlta.vdm
19:59:48.0265 0x1490  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2FA7EECA-2CF0-4F3D-A10B-09848B58E24C}\mpavdlta.vdm - ok
19:59:48.0271 0x1490  [ C89906FA43A58FD4CFC7EA06D885A597, B741828D67A7CEED977A777B215AA24148F3C64167D0C928126ABC5F8DEDE8B0 ] C:\Windows\System32\mshtml.dll
19:59:48.0271 0x1490  C:\Windows\System32\mshtml.dll - ok
19:59:48.0276 0x1490  [ 2EC53B5A351C4D443896DBAD117F7E82, E158AD22F1905B41D7975E3725D7A870FB192D7258C4330DF06CD4AC02A7CFE4 ] C:\Windows\System32\msimg32.dll
19:59:48.0276 0x1490  C:\Windows\System32\msimg32.dll - ok
19:59:48.0282 0x1490  [ 999D69DEB576C2C424294DF025891CC6, ED634C9829E87F4D016446F2E2F44B542A263F166F69EF5759BBE964A457ECBE ] C:\Windows\System32\uxtheme.dll
19:59:48.0282 0x1490  C:\Windows\System32\uxtheme.dll - ok
19:59:48.0288 0x1490  [ 040015B18F6779C25160A7854113CF50, 712EECD49FFF2BAACFCB862CB91382E770F555FE8DCBB5A1240F4C94E97D7DF5 ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18813_none_9e51e050ca1696a4\GdiPlus.dll
19:59:48.0289 0x1490  C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18813_none_9e51e050ca1696a4\GdiPlus.dll - ok
19:59:48.0294 0x1490  [ A99871BA522CB2539AE275AC18CACC8F, CBE1F5B357AAE3EA03E8E0AE2E1A1DE4EDF8F35AD056DCF1DC4E413284C86FC3 ] C:\Windows\System32\cabinet.dll
19:59:48.0294 0x1490  C:\Windows\System32\cabinet.dll - ok
19:59:48.0300 0x1490  [ 75EB73E64F5B4655D9797D20F26DE320, 4AA94D039AC5BD7D39766C4E2A4F7DFCDD46782D3B2483677D722949A7B790FC ] C:\Windows\System32\duser.dll
19:59:48.0300 0x1490  C:\Windows\System32\duser.dll - ok
19:59:48.0306 0x1490  [ 1908CC7673F72601AFFDCA022689CEDF, 57E9F87421D7D7447F0BE5B6746D90DECFBCF82972E9A08E2F3943F6CDAE9F84 ] C:\Windows\System32\xmllite.dll
19:59:48.0306 0x1490  C:\Windows\System32\xmllite.dll - ok
19:59:48.0311 0x1490  [ B25DBBA6C63A61FF4AFDB5ADAB4E70CB, 272C4175900FD4DD36E863BF6658AA1DB863C01573E0C89E354754938AA32EDF ] C:\Windows\System32\SmartcardCredentialProvider.dll
19:59:48.0311 0x1490  C:\Windows\System32\SmartcardCredentialProvider.dll - ok
19:59:48.0318 0x1490  [ 9DC3723519F52B6BC63EACD4BD411313, 7EA9EC9AD518AA9E575100E052CAC44EC2443501C4E133E9C7C70A05A171D239 ] C:\Windows\System32\rasplap.dll
19:59:48.0319 0x1490  C:\Windows\System32\rasplap.dll - ok
19:59:48.0323 0x1490  [ 3CB863B78642405371CB3A71C07E2382, 571D43BBB0D0D54A7D508E9D0E70CDF5F1F3B147B4F6B15EB3D893401BB6F40F ] C:\Windows\System32\rasapi32.dll
19:59:48.0323 0x1490  C:\Windows\System32\rasapi32.dll - ok
19:59:48.0328 0x1490  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] C:\Windows\System32\drivers\drmkaud.sys
19:59:48.0328 0x1490  C:\Windows\System32\drivers\drmkaud.sys - ok
19:59:48.0335 0x1490  [ 3A1DDA77F331D107BA40DB06E4D666E9, 544A63148756AD0E993DD79F0656E73E23386BF0DA54394000044FD0972C838D ] C:\Windows\System32\rasman.dll
19:59:48.0335 0x1490  C:\Windows\System32\rasman.dll - ok
19:59:48.0340 0x1490  [ 70F08ECE7A30A639D3F0C8C433685C7D, E7B852E949D0DB9C3D63C4F49DECF9C93781142EAC6F6D66C9FC8E0027E904F4 ] C:\Windows\System32\tapi32.dll
19:59:48.0340 0x1490  C:\Windows\System32\tapi32.dll - ok
19:59:48.0345 0x1490  [ 3D418A22A56471295AEB1CEB9027C3DA, C1D5E63B7400E6436E348AE1D9E2B3701174856DDAACE39C00134DC89497AACF ] C:\Windows\System32\rtutils.dll
19:59:48.0345 0x1490  C:\Windows\System32\rtutils.dll - ok
19:59:48.0352 0x1490  [ 14FF750EFE13B0C21E5A06507C3A97B1, 6962EE642FB635442D3E75CE022BAFE78FA453DD6E8E3DAC8B484C699454AF0F ] C:\Windows\System32\winmm.dll
19:59:48.0352 0x1490  C:\Windows\System32\winmm.dll - ok
19:59:48.0357 0x1490  [ 3437B9E218A2E4586BEF4F7A3BD00777, 01FBFA70A741B1717430FCA58F675C2154B83907BD35D75A444C191FB2C2B1A2 ] C:\Windows\System32\audiodg.exe
19:59:48.0357 0x1490  C:\Windows\System32\audiodg.exe - ok
19:59:48.0362 0x1490  [ DC15AB7168C0309D8F04FD95B6240422, C94550429403C710A2BD26EA67AEF698522CF4826C0A4C4A7D2CBC3145AB40A6 ] C:\Windows\System32\oleacc.dll
19:59:48.0362 0x1490  C:\Windows\System32\oleacc.dll - ok
19:59:48.0368 0x1490  [ 627920CFF5DFCF8CF54CF2D592D61307, 5339B6E9EA04AD8FCFF976E0DEBB62C1591980E50906DC0D11640EB6CD6CF183 ] C:\Windows\System32\WinSCard.dll
19:59:48.0368 0x1490  C:\Windows\System32\WinSCard.dll - ok
19:59:48.0373 0x1490  [ 12A1DF1B84FB45A00D47B2CDE2CEEBBA, 66CE19049421B34597E201843577E8299462D9338B87461FDEC477D54C04DD36 ] C:\Windows\System32\shgina.dll
19:59:48.0374 0x1490  C:\Windows\System32\shgina.dll - ok
19:59:48.0379 0x1490  [ 7DACD94118E2D8B6D72F47ADEB0367BF, 6467DE36C7DB6502AF17210148194F16BE76A9BA793105FAC763536CC14CE693 ] C:\Windows\System32\propsys.dll
19:59:48.0379 0x1490  C:\Windows\System32\propsys.dll - ok
19:59:48.0385 0x1490  [ 70932D6C3D59B416CBD2BE5A3B3D4BE6, E2590A9E0343B5FE5CB68AFFB33D3DD5320002A5228B6316FC71468BABD19DC8 ] C:\Windows\System32\shacct.dll
19:59:48.0385 0x1490  C:\Windows\System32\shacct.dll - ok
19:59:48.0390 0x1490  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] C:\Windows\System32\gpsvc.dll
19:59:48.0390 0x1490  C:\Windows\System32\gpsvc.dll - ok
19:59:48.0396 0x1490  [ 409F36C8BD06FCE184631EB4142B009A, 5DEEA3B8937B9C3DD716060819E78A1C12AD00A7D0EC8CB47823B7EE856CCFE1 ] C:\Windows\System32\atl.dll
19:59:48.0396 0x1490  C:\Windows\System32\atl.dll - ok
19:59:48.0401 0x1490  [ D1A84F7D4CAFCFE2A32149FF418056E5, 1BF29E5E1C541F36DEDCD0DDCCCA0F35D19E94D2655055EE2477439940BAAFF1 ] C:\Windows\System32\nlaapi.dll
19:59:48.0402 0x1490  C:\Windows\System32\nlaapi.dll - ok
19:59:48.0409 0x1490  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] C:\Windows\System32\es.dll
19:59:48.0409 0x1490  C:\Windows\System32\es.dll - ok
19:59:48.0412 0x1490  [ A7F8BAD9590ADDC425B4003E94780DFA, 52F742BA0DF75CBD3625808FC38119C3F417A074AB65C6CC2B07610168D89CB7 ] C:\Windows\System32\drivers\spsys.sys
19:59:48.0413 0x1490  C:\Windows\System32\drivers\spsys.sys - ok
19:59:48.0418 0x1490  [ 4DF066ECEE5A7B20BF8B39EF4D646600, CA1859155E0187388E3C774B796A27B773C026E4D06C9193EF6B23C6990E4E8E ] C:\Windows\System32\wdmaud.drv
19:59:48.0418 0x1490  C:\Windows\System32\wdmaud.drv - ok
19:59:48.0424 0x1490  [ 919CC2A0476D5A6A4C935D4B88E29912, E9884E7565BAA72CEF0B805908B1B78C759074E9402CB5CC563A2F73B875DCBA ] C:\Windows\System32\ksuser.dll
19:59:48.0424 0x1490  C:\Windows\System32\ksuser.dll - ok
19:59:48.0429 0x1490  [ 77DB0743AC52223F7FE717866F92EB1F, C72CDAC48F2D034B47B353517590FEE78D1FF50BEF8EFAF4D30F50903AF6C892 ] C:\Windows\System32\atieclxx.exe
19:59:48.0429 0x1490  C:\Windows\System32\atieclxx.exe - ok
19:59:48.0435 0x1490  [ 7258434974EA735725FD2D4A65C5E821, 4D4BCEEDAA3B293B599CED5777E3695C8B1A07805FE84223A72A5785CA68E6F4 ] C:\Windows\System32\AudioSes.dll
19:59:48.0435 0x1490  C:\Windows\System32\AudioSes.dll - ok
19:59:48.0440 0x1490  [ DB7F4AB85298F3FE522C5512B8B0F56D, A659963B55DBF26657920B718E6598F0B64975B292BA9AB5FCFB4485B5CF9DDF ] C:\Windows\System32\AudioEng.dll
19:59:48.0441 0x1490  C:\Windows\System32\AudioEng.dll - ok
19:59:48.0446 0x1490  [ 6836D001FC733F205ACB80A7986CB6C9, C56ACEBA2597649BE1C5D00407C57FC8A9D5F9715491884E5DB0D58940CFEB34 ] C:\Windows\System32\WindowsCodecs.dll
19:59:48.0446 0x1490  C:\Windows\System32\WindowsCodecs.dll - ok
19:59:48.0452 0x1490  [ 166F004D73EA2CF4AC61800CA469458D, 7C1D83DC49505E452D7AFD843312B1B197BBB613D604BFF41FD4235B06F24EF3 ] C:\Windows\System32\msacm32.drv
19:59:48.0452 0x1490  C:\Windows\System32\msacm32.drv - ok
19:59:48.0457 0x1490  [ 9B96F6952186336CC6E3D4E08BE2E0AF, B7DFB14DB60D84062B7E2A2293A4F3F5EF986108EF3C9C1E1CDC284F61981731 ] C:\Windows\System32\dwmapi.dll
19:59:48.0457 0x1490  C:\Windows\System32\dwmapi.dll - ok
19:59:48.0463 0x1490  [ 83199EF88D691E730B80666E29F90D58, A7D3E5CA5AE7308201159A25BE59C0A90C079F88F0D588BEA7CE98BBD2838FB0 ] C:\Windows\System32\midimap.dll
19:59:48.0463 0x1490  C:\Windows\System32\midimap.dll - ok
19:59:48.0469 0x1490  [ BDBB449425991154135E5ED1559927E6, C89AE8DD76EC8F669B5FFA9F8CBB4531743D3E1D8975B416EF2CB5AB35DB4EF2 ] C:\Windows\System32\msacm32.dll
19:59:48.0469 0x1490  C:\Windows\System32\msacm32.dll - ok
19:59:48.0474 0x1490  [ E23F9D6D65B30E0C693D16067FD1ED24, 4D9B3F04D6E3284C6D9D8CC2A48EDC28CC98F70035D6AD22EFD45897ACD2D9BD ] C:\Windows\System32\atiadlxx.dll
19:59:48.0474 0x1490  C:\Windows\System32\atiadlxx.dll - ok
19:59:48.0479 0x1490  [ 296937202E4D930AAE98085B99D744D8, 65F569B7291307FD2B0F782888F18E23027A8F986CFB7B719CA53E93FA3B1367 ] C:\Windows\System32\AUDIOKSE.dll
19:59:48.0479 0x1490  C:\Windows\System32\AUDIOKSE.dll - ok
19:59:48.0485 0x1490  [ 8269CC01940A202BBB9FDF26705DBD67, 70DAB5CBEB5B2855784A9F6E3A52FD36C6FE18415FB01176481F85AEF5B3E67B ] C:\Windows\System32\hid.dll
19:59:48.0485 0x1490  C:\Windows\System32\hid.dll - ok
19:59:48.0491 0x1490  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] C:\Windows\System32\uxsms.dll
19:59:48.0491 0x1490  C:\Windows\System32\uxsms.dll - ok
19:59:48.0496 0x1490  [ D5CF1536137026ACDED95BF6CBF849F6, 1F98483A28319F06716F4EC4E1F48DE3B2DC07783D6406EED9B4DBADC9C17E65 ] C:\Windows\System32\WUDFPlatform.dll
19:59:48.0496 0x1490  C:\Windows\System32\WUDFPlatform.dll - ok
19:59:48.0502 0x1490  [ 41DFDCFCEF4878407AF1F6DCCA1CE905, A2EB1BAEDE62752C5705B37D0261D98CA65EA5A6FD6A94AFF1C73FF7D969D242 ] C:\Windows\System32\WMALFXGFXDSP.dll
19:59:48.0502 0x1490  C:\Windows\System32\WMALFXGFXDSP.dll - ok
19:59:48.0508 0x1490  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] C:\Windows\System32\drivers\lltdio.sys
19:59:48.0508 0x1490  C:\Windows\System32\drivers\lltdio.sys - ok
19:59:48.0513 0x1490  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] C:\Windows\System32\drivers\nwifi.sys
19:59:48.0513 0x1490  C:\Windows\System32\drivers\nwifi.sys - ok
19:59:48.0519 0x1490  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] C:\Windows\System32\drivers\ndisuio.sys
19:59:48.0519 0x1490  C:\Windows\System32\drivers\ndisuio.sys - ok
19:59:48.0524 0x1490  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] C:\Windows\System32\drivers\rspndr.sys
19:59:48.0525 0x1490  C:\Windows\System32\drivers\rspndr.sys - ok
19:59:48.0530 0x1490  [ BF142D4F8C61ED3629A9CDD7BA867900, B7928A0143945CB5F19AE888BC1ED1B9C450807A5B8C65FDC139A46777B2827F ] C:\Windows\System32\mfplat.dll
19:59:48.0530 0x1490  C:\Windows\System32\mfplat.dll - ok
19:59:48.0536 0x1490  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] C:\Windows\System32\dnsrslvr.dll
19:59:48.0536 0x1490  C:\Windows\System32\dnsrslvr.dll - ok
19:59:48.0541 0x1490  [ 3AB4023CBD406AC33AB8CDFF6C8079A0, BEAC47A3930E7E0A38540DAD16C934A45CD129251C621B1334715CF8FB6073CA ] C:\Windows\System32\eapphost.dll
19:59:48.0541 0x1490  C:\Windows\System32\eapphost.dll - ok
19:59:48.0547 0x1490  [ 3B0489DE8CC3058B48471660C60A7B75, A4EE12ACE2EB2E48E0D40A8845E3DCE8CF5A9D07EF29EE38F25A7F5BE3566919 ] C:\Windows\System32\rastls.dll
19:59:48.0547 0x1490  C:\Windows\System32\rastls.dll - ok
19:59:48.0554 0x1490  [ 82A79D5BE740D0AE9C91AA6DE4B3AC5A, C7E9FB7FE06626931A64846AE628655FC5469D840E42315E5E70C89810E622B3 ] C:\Windows\System32\raschap.dll
19:59:48.0554 0x1490  C:\Windows\System32\raschap.dll - ok
19:59:48.0560 0x1490  [ E45051C374F845EDF3DB02A35BA13193, A42F9E45F7B6733AE4FB9A10E8CEB30508CAE94AC0CFC4CDF352AC2D153A0957 ] C:\Windows\System32\umb.dll
19:59:48.0560 0x1490  C:\Windows\System32\umb.dll - ok
19:59:48.0566 0x1490  [ 3727F8B85E24BBDD325BFF75F029DDE3, 18772D32845D44D36A6257379942952B301CF8357B1C7A55387A4F2661CE3FBA ] C:\Windows\System32\wlanmsm.dll
19:59:48.0566 0x1490  C:\Windows\System32\wlanmsm.dll - ok
19:59:48.0572 0x1490  [ 4662AF853DFAD5648CE3814E7D9EF3D6, 47AF7FAA6378FC1484521465EF3258E55530ADEF880454EA523B03B302166268 ] C:\Windows\System32\wlansec.dll
19:59:48.0572 0x1490  C:\Windows\System32\wlansec.dll - ok
19:59:48.0577 0x1490  [ B64AC7967D6B9FB2D6152AC768A1CB88, D4F46C3DCAE8A7578102961285BB90BFE1BDE31028CC56E2CEFE0DE8FF32FB85 ] C:\Windows\System32\onex.dll
19:59:48.0577 0x1490  C:\Windows\System32\onex.dll - ok
19:59:48.0582 0x1490  [ 9D9FFC923FADBB575E0452EA0BBB15BD, 700A292EFEC71EDF2EF7F20D147F6E23E0FAA5BAF1D930CB96C40FC70D206D35 ] C:\Windows\System32\eappprxy.dll
19:59:48.0583 0x1490  C:\Windows\System32\eappprxy.dll - ok
19:59:48.0588 0x1490  [ 5D0FE613570CABE3992F7DBCD68E61D1, 68A6D6DA722E9A5120DE240194F9682ACBB485CEBDD8A6A099AE0E76359302B9 ] C:\Windows\System32\eappcfg.dll
19:59:48.0588 0x1490  C:\Windows\System32\eappcfg.dll - ok
19:59:48.0594 0x1490  [ BE01E566D1F569AAB32D0335613E1EEA, 997B248BFBDB290206A8496722D6102903634EC0D397694569BC237A681C088F ] C:\Windows\System32\dllhost.exe
19:59:48.0594 0x1490  C:\Windows\System32\dllhost.exe - ok
19:59:48.0599 0x1490  [ 91D995A67D9447592A1BF21CBC15C628, B9C034997481150E3F6EB0EC83EA30AFE04CFF6B1273AC6EC6795C57DF853C64 ] C:\Windows\System32\wlgpclnt.dll
19:59:48.0599 0x1490  C:\Windows\System32\wlgpclnt.dll - ok
19:59:48.0605 0x1490  [ 1DACD1530C6E58AEAE9F6DE7DA851935, 923C936B935BDCCBE7DD0D6F2921CFA5980FC15F950E29B72E649AC0B9867EB2 ] C:\Windows\System32\shimeng.dll
19:59:48.0605 0x1490  C:\Windows\System32\shimeng.dll - ok
19:59:48.0610 0x1490  [ 19FFAD68A02AF1BF0BC336EE26CD6767, C3E6E79A1E6681CE988591F3CADB3F08E37ACAB2D8478A250D9D6881F6C716A6 ] C:\Windows\System32\l2gpstore.dll
19:59:48.0610 0x1490  C:\Windows\System32\l2gpstore.dll - ok
19:59:48.0616 0x1490  [ EB2170D0DDF3B2A92506AE16BC524B0B, 95E296024DC16657BA36DB72E7AB774C68A6F8029B2ACB18460FC50E44AE5DA9 ] C:\Windows\System32\wlanutil.dll
19:59:48.0616 0x1490  C:\Windows\System32\wlanutil.dll - ok
19:59:48.0621 0x1490  [ 0296DAEB5555A248E8ABF7E5012A37A6, BF097B5E5C660265ED32E428B9F15BD48466FAE6C961B39A7472D625982A8988 ] C:\Windows\System32\msxml6.dll
19:59:48.0621 0x1490  C:\Windows\System32\msxml6.dll - ok
19:59:48.0627 0x1490  [ A0F4852A5DB9754BEC06F84B400AE743, B233988541B738FC8082F6A286A88DE40679476D3914E9E541D75B89E451C476 ] C:\Windows\System32\wscapi.dll
19:59:48.0627 0x1490  C:\Windows\System32\wscapi.dll - ok
19:59:48.0632 0x1490  [ 9474AD3584430D24DA87517F9DB0CBB2, 62AF2AD461E255B2B646F7462A7F2592BC7CE2FCAC980F09B5E8AC54F3C912D0 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\comctl32.dll
19:59:48.0633 0x1490  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\comctl32.dll - ok
19:59:48.0638 0x1490  [ CA0B849566776A17F35F0339BE17DFD9, 527FFE08A427703F3620DB7C44E096A7F9D0C88AD1FD8F0623815B7E7D78687A ] C:\Windows\System32\ktmw32.dll
19:59:48.0638 0x1490  C:\Windows\System32\ktmw32.dll - ok
19:59:48.0644 0x1490  [ 2A6A2C09ECC2CB495628E45F1379ECE8, 4E9232EB29AEA58C4EC5B505301F01F62EFB0C1BC5F8B5F9CE1B4C91284FD97D ] C:\Windows\System32\taskcomp.dll
19:59:48.0644 0x1490  C:\Windows\System32\taskcomp.dll - ok
19:59:48.0649 0x1490  [ 5CAAE5333EF36DB4A8D294418AB37E80, 0FAC92CDED62CEFDD44B3DC714FC3A453FEAAF44653F3AB75FB5A093A1DA71E9 ] C:\Windows\System32\p2pcollab.dll
19:59:48.0649 0x1490  C:\Windows\System32\p2pcollab.dll - ok
19:59:48.0655 0x1490  [ 6BC5FCEF351E4CB5A269C1E84B5A06DA, A5CAB1752E7AB7A37E1F8B943FBBDF6FACAFC228FF6D0321E61D2501D2653BB7 ] C:\Windows\System32\netcfgx.dll
19:59:48.0655 0x1490  C:\Windows\System32\netcfgx.dll - ok
19:59:48.0661 0x1490  [ 0E135526E9785D085BCD9AEDE6FBCBF9, 75EEA7E5AE90D857B777361A0166F9A82E354F229FD5250AF8738364E6FB45DB ] C:\Windows\System32\userinit.exe
19:59:48.0661 0x1490  C:\Windows\System32\userinit.exe - ok
19:59:48.0665 0x1490  [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] C:\Windows\System32\drivers\http.sys
19:59:48.0665 0x1490  C:\Windows\System32\drivers\http.sys - ok
19:59:48.0670 0x1490  [ 73FE2E5FA55088A241AA2732F5D387D6, EB8822FD08C0C85441BBE86FE55349BFE2D8297A042249B2934B44121D132CCB ] C:\Windows\System32\wiarpc.dll
19:59:48.0670 0x1490  C:\Windows\System32\wiarpc.dll - ok
19:59:48.0676 0x1490  [ D80C6539C00CB4F5D59066865479C308, 53AC27856FC65361FEA6FDF97A94ABEC530AB81113A64428E9F9F8618DCE6D4B ] C:\Windows\System32\dwmredir.dll
19:59:48.0676 0x1490  C:\Windows\System32\dwmredir.dll - ok
19:59:48.0681 0x1490  [ C99403A5B641520DAED0021DDA06F272, 5E337BDA9D4899A7102F35592766F24699F41BE27A18D0EDF4902B27BE9EA0AF ] C:\Windows\System32\milcore.dll
19:59:48.0681 0x1490  C:\Windows\System32\milcore.dll - ok
19:59:48.0687 0x1490  [ 3D50C4B10352367D5CB20ED1F50F8DA2, 03C2732F2DF18CE8CC3CB9EBF2F811A2333C96D8BBC9111F6CCE15A09D8E63E6 ] C:\Windows\System32\taskeng.exe
19:59:48.0687 0x1490  C:\Windows\System32\taskeng.exe - ok
19:59:48.0693 0x1490  [ 8AAEEE8E59A70F37579993D118A34EE0, 9DC8618557B0D852EEA1163CF312EB68F8DF42486E4E76A74926CF99DB06AC92 ] C:\Windows\System32\d3d9.dll
19:59:48.0693 0x1490  C:\Windows\System32\d3d9.dll - ok
19:59:48.0698 0x1490  [ E79FDA8D320147FDC347C504B3487F87, 7BAF7C9828A285875BCF92EF33E1F0F5A2ED8A25289333985A9428E2913DF3CC ] C:\Windows\System32\spoolss.dll
19:59:48.0698 0x1490  C:\Windows\System32\spoolss.dll - ok
19:59:48.0704 0x1490  [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] C:\Windows\System32\drivers\srvnet.sys
19:59:48.0704 0x1490  C:\Windows\System32\drivers\srvnet.sys - ok
19:59:48.0710 0x1490  [ CF368D8F3F585B044E35B625A5A56924, 496FAEE17D47D18065208E43D9B7CD45089B277AA29B12CF16A1E434B1162ADC ] C:\Windows\System32\aticfx32.dll
19:59:48.0710 0x1490  C:\Windows\System32\aticfx32.dll - ok
19:59:48.0715 0x1490  [ CD6DA5770CAE9D5E6E86722E17B442E0, 9F0EE70460FFA43E869C3821F0AF6646D97E0F463A87B50B167ECAD44DF2E523 ] C:\Windows\System32\d3d8thk.dll
19:59:48.0716 0x1490  C:\Windows\System32\d3d8thk.dll - ok
19:59:48.0721 0x1490  [ B11FDCA4410D6252964EF97F9A47DE74, 085EDBF22392265B35F0D8A73B1B5DFC0D1CEB4C3493F11361BF4CF6C2223FC5 ] C:\Windows\System32\TSChannel.dll
19:59:48.0721 0x1490  C:\Windows\System32\TSChannel.dll - ok
19:59:48.0727 0x1490  [ 8BB696F633F6FEC09F8C3CBBA218736E, C9273B19A3FA77A205876B59C99FF8F3D9BE76BDB113F9E6C09F1BC08B6DC44A ] C:\Windows\System32\atiu9pag.dll
19:59:48.0727 0x1490  C:\Windows\System32\atiu9pag.dll - ok
19:59:48.0732 0x1490  [ 77E3EE2BFA26052DC8273066DA77EF77, 793FCE6892B68D58E1568BE070216DCFC13FB0D1657F4208AE716ED915F393F8 ] C:\Windows\System32\atiumdag.dll
19:59:48.0732 0x1490  C:\Windows\System32\atiumdag.dll - ok
19:59:48.0738 0x1490  [ D07D4C3038F3578FFCE1C0237F2A1253, 135DD05678C8997B45982D77298DBDD98061C9D4FE43D77866846012EB061A04 ] C:\Windows\explorer.exe
19:59:48.0738 0x1490  C:\Windows\explorer.exe - ok
19:59:48.0743 0x1490  [ EE16F3E01C4A6C77383F1BBBD10AD6C2, 204BF3757B362EDBCEC29C0576B7F666D6B9422C72491F4C566B27D20F45A031 ] C:\Windows\System32\FWPUCLNT.DLL
19:59:48.0743 0x1490  C:\Windows\System32\FWPUCLNT.DLL - ok
19:59:48.0749 0x1490  [ 626A24ED1228580B9518C01930936DF9, CBD94AB1E5477D7288799D17528CC43D572E711DA0F2B0C784A0B9FE105BF0F4 ] C:\Program Files\Google\Update\GoogleUpdate.exe
19:59:48.0749 0x1490  C:\Program Files\Google\Update\GoogleUpdate.exe - ok
19:59:48.0755 0x1490  [ A7495E342A2EE0160812AC856C11F6CF, 3D67385DC3115BB1D8544E8596FECC972D205BC84BAD4F4DD01CBA9783B66199 ] C:\Program Files\Google\Update\1.3.22.3\goopdate.dll
19:59:48.0755 0x1490  C:\Program Files\Google\Update\1.3.22.3\goopdate.dll - ok
19:59:48.0760 0x1490  [ 401DFFDBBBD3F07C747ED1AE2BB88106, 596B0CDB80274D52BD631605FD74030DF1579AD7CF8CB209CB3983FEF3675114 ] C:\Windows\System32\msi.dll
19:59:48.0761 0x1490  C:\Windows\System32\msi.dll - ok
19:59:48.0766 0x1490  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] C:\Windows\System32\drivers\bowser.sys
19:59:48.0766 0x1490  C:\Windows\System32\drivers\bowser.sys - ok
19:59:48.0772 0x1490  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] C:\Windows\System32\drivers\mpsdrv.sys
19:59:48.0772 0x1490  C:\Windows\System32\drivers\mpsdrv.sys - ok
19:59:48.0780 0x1490  [ 782C8019C89920A77B1907AD3B4C8FF9, B38C1B9C022B2B2CCC860845ABC7CE2803A251477D07F1DE7B7F7AAB02376EDB ] C:\Windows\System32\HotStartUserAgent.dll
19:59:48.0780 0x1490  C:\Windows\System32\HotStartUserAgent.dll - ok
19:59:48.0785 0x1490  [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] C:\Windows\System32\drivers\mrxdav.sys
19:59:48.0785 0x1490  C:\Windows\System32\drivers\mrxdav.sys - ok
19:59:48.0790 0x1490  [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] C:\Windows\System32\drivers\mrxsmb.sys
19:59:48.0790 0x1490  C:\Windows\System32\drivers\mrxsmb.sys - ok
19:59:48.0795 0x1490  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] C:\Windows\System32\MPSSVC.dll
19:59:48.0795 0x1490  C:\Windows\System32\MPSSVC.dll - ok
19:59:48.0801 0x1490  [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] C:\Windows\System32\drivers\mrxsmb10.sys
19:59:48.0802 0x1490  C:\Windows\System32\drivers\mrxsmb10.sys - ok
19:59:48.0807 0x1490  [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] C:\Windows\System32\drivers\mrxsmb20.sys
19:59:48.0807 0x1490  C:\Windows\System32\drivers\mrxsmb20.sys - ok
19:59:48.0812 0x1490  [ 57125869A7B9638A5D11DD685AA65EB4, ADDEA7198DD1586D1D4E4DC1091369BC5702CED5E4FF8A0B42A06626D8DA28D7 ] C:\Windows\System32\PlaySndSrv.dll
19:59:48.0812 0x1490  C:\Windows\System32\PlaySndSrv.dll - ok
19:59:48.0818 0x1490  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] C:\Windows\System32\drivers\srv2.sys
19:59:48.0819 0x1490  C:\Windows\System32\drivers\srv2.sys - ok
19:59:48.0824 0x1490  [ 43E1054C713C48D252A1826C5E14AACA, 46B6A5011EC63F1B8DDC6A2BE013C2BBB59B81310644766C609CAAF4B9A18278 ] C:\Windows\System32\MsCtfMonitor.dll
19:59:48.0824 0x1490  C:\Windows\System32\MsCtfMonitor.dll - ok
19:59:48.0829 0x1490  [ C6DA42ADA0C5FC8CB05744229D632B47, 1C0FFD6B1CB0C72DF079F279E24243D2617F37D9DD5142140C3AB5AA3E4647BD ] C:\Windows\System32\msutb.dll
19:59:48.0830 0x1490  C:\Windows\System32\msutb.dll - ok
19:59:48.0835 0x1490  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] C:\Windows\System32\drivers\srv.sys
19:59:48.0835 0x1490  C:\Windows\System32\drivers\srv.sys - ok
19:59:48.0841 0x1490  [ A324D72A06C110152E7607745F39BFA1, 7E33A108B090840FC98953358216A1D84C122D965E37B37335B0EF6152CA9FC0 ] C:\Windows\System32\netmsg.dll
19:59:48.0841 0x1490  C:\Windows\System32\netmsg.dll - ok
19:59:48.0846 0x1490  [ 0745D6EAD386710110817FBEC03F5161, FF725C5361087985973BA21DF9BD37B96377CB3305B8BBA99DD3368D440CEAD1 ] C:\Windows\System32\wfapigp.dll
19:59:48.0846 0x1490  C:\Windows\System32\wfapigp.dll - ok
19:59:48.0852 0x1490  [ D922592AB65C5D9B88B30B4510A3464E, E6226CFD77C6DDAE5737C4CC6F8B347DF474CF8DFD93E32ABE6AE63D9AB0A586 ] C:\Windows\System32\cscapi.dll
19:59:48.0852 0x1490  C:\Windows\System32\cscapi.dll - ok
19:59:48.0855 0x1490  [ 5F1DEC3824E566457F53F24F493FEF08, 8ED9B269E5195BD11FF7ED6EBBC19FA32027AD068DF357660C9E5084922329B5 ] C:\Windows\System32\mscms.dll
19:59:48.0855 0x1490  C:\Windows\System32\mscms.dll - ok
19:59:48.0861 0x1490  [ D333058925CE305E39DE8D5AD2B52A46, 29E40E6DCAB4F3559B34A848AEDA34B5D436C9167565856451028DE25A529EDF ] C:\Windows\System32\clusapi.dll
19:59:48.0861 0x1490  C:\Windows\System32\clusapi.dll - ok
19:59:48.0866 0x1490  [ 167AC31450C0C53A01FA1491E94D7678, 951744503EF72C6D6DC49720C4E6E65DC1DBB9C8252C89FEE18B396E2ED67EA5 ] C:\Windows\System32\shdocvw.dll
19:59:48.0867 0x1490  C:\Windows\System32\shdocvw.dll - ok
19:59:48.0873 0x1490  [ 452341E471D2D961229DFE0842957272, 43C3DEEFCD27F10DCFF81D8637EBDE5050ADC3E530A5DCC459D1CFF80BFD0067 ] C:\Windows\System32\sscore.dll
19:59:48.0873 0x1490  C:\Windows\System32\sscore.dll - ok
19:59:48.0878 0x1490  [ 7A623F6B4C51F6F2BC1A31D5787FC0A7, 673A7F086251CC5CB6473BC392A7572566F58A11F4DE1B8D7B3C281A1A5AE11C ] C:\Windows\System32\uDWM.dll
19:59:48.0878 0x1490  C:\Windows\System32\uDWM.dll - ok
19:59:48.0881 0x1490  [ 6468C3FF6D0C7874FA8C619AF3E23B22, 2A8A01D5164453544A9DD1B850C24B82EFE6ACAABED56084B8A0388AC383802B ] C:\Windows\System32\activeds.dll
19:59:48.0881 0x1490  C:\Windows\System32\activeds.dll - ok
19:59:48.0887 0x1490  [ E9B9C1B98C8D6D48407E1C1203EAC659, A7B836B37935475E7D7277F9A7828E347B2EBD14958836499E5610AC5A922265 ] C:\Windows\System32\adsldpc.dll
19:59:48.0887 0x1490  C:\Windows\System32\adsldpc.dll - ok
19:59:48.0893 0x1490  [ 4934241CD20AC87D78121352E3BA8318, DACD7A7E0A41B011AD306972876568F27CDCF064EDFF71024BC0D4B595B666A7 ] C:\Windows\System32\dbghelp.dll
19:59:48.0893 0x1490  C:\Windows\System32\dbghelp.dll - ok
19:59:48.0896 0x1490  [ 293C5CCD99D332ECC94637FEDA38D1F2, A220C2F2F2C2075B724EFBD15A3F354824859AE28C3A548E76306DD6AE1FB723 ] C:\Windows\System32\TMM.dll
19:59:48.0896 0x1490  C:\Windows\System32\TMM.dll - ok
19:59:48.0902 0x1490  [ 96B3C4E20F02CA16AA1E3E425BFFCC8B, F94A548244071D406BDD6F770D4705B92F5485CA509B699A33472DFE7563BA39 ] C:\Windows\WindowsMobile\wmdcBase.exe
19:59:48.0902 0x1490  C:\Windows\WindowsMobile\wmdcBase.exe - ok
19:59:48.0908 0x1490  [ 93E317D7AD783D8EAEE2E3500BFE889D, 12D3ACCBF470E025EEBD77CF3407964950DADCF6991959A97B5319A9FAE219C1 ] C:\Windows\System32\credui.dll
19:59:48.0908 0x1490  C:\Windows\System32\credui.dll - ok
19:59:48.0913 0x1490  [ B9F3FF52B84FD9E3CAFB29B8EE385E5B, 3944E3C0FCD8E927A8A6470D8A603C96D298695AE62831DBE6DA656C5D74EC05 ] C:\Windows\System32\resutils.dll
19:59:48.0913 0x1490  C:\Windows\System32\resutils.dll - ok
19:59:48.0918 0x1490  [ 4504819D18FAC09B6108D8728467E5B2, 46736DE57B2A0592BE1DC53B337A607C8962C305F678E5899D5734D3D4630135 ] C:\Windows\System32\browseui.dll
19:59:48.0919 0x1490  C:\Windows\System32\browseui.dll - ok
19:59:48.0920 0x1490  [ 465680BDE344CE4FF6646626AA3A9125, DF762666DB5E7C31B0EC64976C85B5D6533805AF2D4FC9BCFF9FB94AAF823E8D ] C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler.exe
19:59:48.0921 0x1490  C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler.exe - ok
19:59:48.0926 0x1490  [ 6295DD28D0ECBC4E6E450C279FEF5ED9, D929970B3FF38E75C926DA9B425B7BFED19158328DFC7BF5E02F55E2BC69888C ] C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
19:59:48.0927 0x1490  C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe - ok
19:59:48.0932 0x1490  [ 6C580025C81CAF3AE9E3617C22CAD00E, 64F9061196462085E5DCD3ACB97A0D8FC67CA9A96DDD6E2103AFFF1593AE236A ] C:\Windows\System32\drivers\parvdm.sys
19:59:48.0932 0x1490  C:\Windows\System32\drivers\parvdm.sys - ok
19:59:48.0938 0x1490  [ 684A3B692602F8072EB8DA4D7793EED1, 4E1D9AC1C91D654CEA064EF2325BBF18BA871B0EA7B71B9BEDCBFD8B56B1FF47 ] C:\Program Files\Broadcom\ASFIPMon\BMAPI.dll
19:59:48.0938 0x1490  C:\Program Files\Broadcom\ASFIPMon\BMAPI.dll - ok
19:59:48.0944 0x1490  [ E223D2851906B84F52E1B75EA16198F9, 645E9CC72D5154E8BB8C15A23AC49B1EDD1A3E0569316A047824C11D1A10659A ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelEvents.dll
19:59:48.0944 0x1490  C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelEvents.dll - ok
19:59:48.0949 0x1490  [ 279A08B7F3E95EADC191402EA0A3B2A1, 212D123F273B1EFC8F5FDFF6BCE8F168C0CC60E957EF82A81C25BD7EA07BE3D4 ] C:\Windows\System32\atiumdva.dll
19:59:48.0949 0x1490  C:\Windows\System32\atiumdva.dll - ok
19:59:48.0955 0x1490  [ 73FD66B14D3C4252F7A524B8836A4359, 04656A6290E9DFE79FCCD427FC4BBCF65E5C6B9525953D780FF42966C93468CF ] C:\Windows\System32\mstask.dll
19:59:48.0955 0x1490  C:\Windows\System32\mstask.dll - ok
19:59:48.0961 0x1490  [ 1311171CF8F6D2954441EF2A42693035, 516FFF8E8DCEE409EF525276EAEB62DB67BA63448D9ED4B53F412F70A587799C ] C:\Windows\System32\WsmRes.dll
19:59:48.0961 0x1490  C:\Windows\System32\WsmRes.dll - ok
19:59:48.0966 0x1490  [ E230F3776F373F4C5E788794B53101E4, 5E1B28C8A0EC67F1EC720AC7800021288A69B4E13C5DF3603EC4FCCDBE42DAFA ] C:\Windows\System32\plasrv.exe
19:59:48.0966 0x1490  C:\Windows\System32\plasrv.exe - ok
19:59:48.0972 0x1490  [ 1A09CB187440993FA5E24DE1EEB7B916, DE0ABF6A3D7AD303A10E2E114EAA0E8F064EF5298270FC9548028010DBE4FFAC ] C:\Windows\System32\cfgmgr32.dll
19:59:48.0972 0x1490  C:\Windows\System32\cfgmgr32.dll - ok
19:59:48.0977 0x1490  [ 5C68AC6F3E5B3E6D6A78E97D05E42C3A, D783A4094F338CA0BB4E04EC918B157DDDE21291D58508A17BB6359893841340 ] C:\Program Files\Broadcom\ASFIPMon\BASFND.sys
19:59:48.0978 0x1490  C:\Program Files\Broadcom\ASFIPMon\BASFND.sys - ok
19:59:48.0985 0x1490  [ 52E129522C1775DBB8CC252E7A0655C7, 5A3946551605380998FB83EBF6DC88279876F968754A0DFB9D5D91C906228E2A ] C:\Windows\System32\taskschd.dll
19:59:48.0985 0x1490  C:\Windows\System32\taskschd.dll - ok
19:59:48.0989 0x1490  [ 17FC3EDA0162F513E858B8C8FA7FA6E0, 6A1EE9DA1AB4A038258B6343E28C6F288AAFBBF3075C88BFBADB98C763F906AC ] C:\Windows\System32\vssapi.dll
19:59:48.0989 0x1490  C:\Windows\System32\vssapi.dll - ok
19:59:48.0994 0x1490  [ E7D0F91E44D9D3B2116FA549BDCDB756, 96363C567D7BAE7F8D3DE763AF84A1DDD6F2B0B7C790FD1CC3D5D0197E64868F ] C:\Windows\System32\wdscore.dll
19:59:48.0994 0x1490  C:\Windows\System32\wdscore.dll - ok
19:59:49.0000 0x1490  [ AD48183027CAFCEBC322CB9CAC60F9B8, 08ABF5E3E8ABAFEC30C97B59711DB1094A1A7C515B161856547FEFF95397C4B6 ] C:\Windows\System32\WSDApi.dll
19:59:49.0000 0x1490  C:\Windows\System32\WSDApi.dll - ok
19:59:49.0006 0x1490  [ DF446BA625CC441617843E87798CE048, B45C11EEA7EA792DE82E9BB283B9DCF30F891AAB8366075856BD84D10BCBCCD3 ] C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
19:59:49.0006 0x1490  C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll - ok
19:59:49.0012 0x1490  [ 6AC8AC8E3B413FA1EE8256E65FE0BA72, 189D2A3B6FA1B9B7CF2C1264D18B7F8EAA81849DBFA2289B3C57A928FA6A34A9 ] C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
19:59:49.0012 0x1490  C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe - ok
19:59:49.0015 0x1490  [ 4EDA94333BDB75B1BC0A7610BED34F00, 093FBB55253B8B4168D64DC0518D812C90D6BCFBB2DFA5A441BF339F3634FF84 ] C:\Windows\System32\fundisc.dll
19:59:49.0015 0x1490  C:\Windows\System32\fundisc.dll - ok
19:59:49.0021 0x1490  [ F86293D93760C70ADF4F19E66E3FA5E8, 444C1B9321D40A0EAB29BBBE72E400A47384D5ED60531441F7D0CDDFFB0244D2 ] C:\Windows\System32\httpapi.dll
19:59:49.0021 0x1490  C:\Windows\System32\httpapi.dll - ok
19:59:49.0027 0x1490  [ 6ABD253226770EAE1292B4C945ED4B4B, 9A755124F8EA36EC3D8107977D1450D173697007548D736D9D12AF5C6C30B30F ] C:\Windows\System32\msxml3.dll
19:59:49.0027 0x1490  C:\Windows\System32\msxml3.dll - ok
19:59:49.0032 0x1490  [ C83C0791FC7FA3CBE9BE2825B8A47EAF, 8FE6A07B762986EDFE5BD4265826FED7C263D2521E818A35C17E63652F37D72F ] C:\Program Files\HP\Digital Imaging\bin\hpqddcmn.dll
19:59:49.0032 0x1490  C:\Program Files\HP\Digital Imaging\bin\hpqddcmn.dll - ok
19:59:49.0036 0x1490  [ 5EC8FB83F31AA2D6F421F02C3F4F4475, CC325D32700AED6CEA6FA1190C04FEDA9A52DABB3E47D3923BA9BBE06A5EB556 ] C:\Windows\System32\winspool.drv
19:59:49.0036 0x1490  C:\Windows\System32\winspool.drv - ok
19:59:49.0041 0x1490  [ 1DFC366D2154EF2B381A7F2CB165C7F4, BE21632FD644AEFD6B608E7098F73705F82B65CBFD0FCE93C0AF2BF9DE02E063 ] C:\Windows\System32\diagperf.dll
19:59:49.0041 0x1490  C:\Windows\System32\diagperf.dll - ok
19:59:49.0047 0x1490  [ 38E1A82EA77E591245FD7487A7E32FE8, 4ABB7B40D139D4E25A3C6150A48F935508D22A71CDF6C50029185FCDD79E3671 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6229_none_d089f796442de10e\msvcp80.dll
19:59:49.0047 0x1490  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6229_none_d089f796442de10e\msvcp80.dll - ok
19:59:49.0054 0x1490  [ 2A617261B0DE3B9AC1EE5F83CF1FD830, 0C11873EB674C72E41C9E89C42F5E45BB905BB4417EBBD1B3507355C4042ACC6 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6229_none_d089f796442de10e\msvcr80.dll
19:59:49.0054 0x1490  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6229_none_d089f796442de10e\msvcr80.dll - ok
19:59:49.0060 0x1490  [ 71B479749F0F52C4FEC726C6FFA2CE1C, ED0F1D94620696941E9633F55AC4130EFBDA3B883CA356BB34D268F4FC7F94F1 ] C:\Windows\System32\cryptnet.dll
19:59:49.0060 0x1490  C:\Windows\System32\cryptnet.dll - ok
19:59:49.0065 0x1490  [ EC760B0B76A4353DE49D66520EB2141F, ADBF30D100D3837C35695B1ABE3E7EB03FD6B9200B9C1C337325D9E0A3A3ACE4 ] C:\Windows\System32\SensApi.dll
19:59:49.0066 0x1490  C:\Windows\System32\SensApi.dll - ok
19:59:49.0071 0x1490  [ DC3AE9F1554DCD97F90983DDBDACD83D, 9D3B4E273FDDA77B5B8A258525FA44616C184E58CE1312B47512AAAD5915E073 ] C:\Windows\System32\vsstrace.dll
19:59:49.0071 0x1490  C:\Windows\System32\vsstrace.dll - ok
19:59:49.0075 0x1490  [ 14E4470BF8ACA69A85D741BA99F75F96, B9DA437B42D56FAF29EF8227A22D842A852F80D5611E114E27FC8A3864E6DEA5 ] C:\Windows\System32\EhStorShell.dll
19:59:49.0075 0x1490  C:\Windows\System32\EhStorShell.dll - ok
19:59:49.0080 0x1490  [ 22B81ADCA500945D8009EC615E760364, 89B3091350990CDD1FE72166095E7CB7D3FC42CF2794948DA350F4FA9F0DAC9E ] C:\Windows\System32\cscui.dll
19:59:49.0080 0x1490  C:\Windows\System32\cscui.dll - ok
19:59:49.0086 0x1490  [ 21322832C99E8DE85BD047689A2A69DB, EDEA0659E65AD8C081BDF82A8AFF0999E7DD3B31F2AB0FBCEDDAEE893E90B9EB ] C:\Windows\System32\pnpts.dll
19:59:49.0086 0x1490  C:\Windows\System32\pnpts.dll - ok
19:59:49.0091 0x1490  [ C1BB3EF5FAFCBC9573DEEB57E8DF9309, 1644CAE5C8E120D6D4E61965B21B1594EEF56020953C55928A43058D83D8596E ] C:\Windows\System32\cscdll.dll
19:59:49.0091 0x1490  C:\Windows\System32\cscdll.dll - ok
19:59:49.0097 0x1490  [ 111C47816F39A91EAAA18DA0A54E8E63, 6910253AA5DFD7E2656C65B7227E7D546648D6C55600552D79FA275D0331AA00 ] C:\Windows\System32\imageres.dll
19:59:49.0097 0x1490  C:\Windows\System32\imageres.dll - ok
19:59:49.0100 0x1490  [ F16C7C9D6E99EC684EA75AAB14F23E68, 38E82DFB6797940A9B5073B0FC7ED6A3258085ACC5A0BA092A631DBBBDA6175B ] C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll
19:59:49.0100 0x1490  C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll - ok
19:59:49.0107 0x1490  [ 64A3E2CE9336A9F8E25835F1C0A121BB, E3D7204BC2BD748631024C676CD6363DF13BA8EC01E6E003759C266B26275477 ] C:\Program Files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvr.exe
19:59:49.0107 0x1490  C:\Program Files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvr.exe - ok
19:59:49.0113 0x1490  [ EDDEC321B128328BC370A5447F7F8D69, DE8C0AC77C83750F22033C37090930D635DBC3350F183CB0EC6D880A76798409 ] C:\Program Files\Bonjour\mdnsNSP.dll
19:59:49.0113 0x1490  C:\Program Files\Bonjour\mdnsNSP.dll - ok
19:59:49.0116 0x1490  [ C411C80F90D6732380352B98B37BBD53, FC5A45F208072249CAA1CA9A602FEBAD24A87166628275AC15FE37B7EEF00A40 ] C:\Windows\System32\winrnr.dll
19:59:49.0116 0x1490  C:\Windows\System32\winrnr.dll - ok
19:59:49.0122 0x1490  [ A7D525E5C0D91C8C1D84C6BCD25AD77D, BD3D51E302587E33901E5995367B6227743D2385F1420E12C712A62063150318 ] C:\Windows\System32\rasadhlp.dll
19:59:49.0122 0x1490  C:\Windows\System32\rasadhlp.dll - ok
19:59:49.0127 0x1490  [ 63396CBB1365769D520E0FD89C2419F2, 897613C16C11E3836F75EA5E645DB2ECEF99B403F50F6E7361B4A7CC80C54904 ] C:\Windows\System32\localspl.dll
19:59:49.0127 0x1490  C:\Windows\System32\localspl.dll - ok
19:59:49.0132 0x1490  [ F4E1AA5D59C849A4AB47E895DC76B9C8, 0C93E63372D619393D9DDD3EFCA2317A6652276A9FDE0530CD2A06135EE6B46D ] C:\Windows\System32\sfc.dll
19:59:49.0132 0x1490  C:\Windows\System32\sfc.dll - ok
19:59:49.0136 0x1490  [ 22DC912B075F4D335EEF042F50FE4855, DF83A5085E3C38BFDBF3F0FF450626F900C14E529E4E089214CE8299D24E6F55 ] C:\Windows\System32\AdobePDF.dll
19:59:49.0136 0x1490  C:\Windows\System32\AdobePDF.dll - ok
19:59:49.0142 0x1490  [ 0003689ED763B8D3C47A573C4EAD9F5A, 1A3514D2D66C12F1132C62014936744B67F229B99EC02F1C0EFC22EACCF0DF85 ] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\adistres.dll
19:59:49.0142 0x1490  C:\Program Files\Adobe\Acrobat 8.0\Acrobat\adistres.dll - ok
19:59:49.0147 0x1490  [ 9842BE1F80A0C8C785409F04090DA52D, BB0B0CF7AEA7952D1E4A60613739751EFC64BE0E00C5198FC8081BF7EEDFCCD5 ] C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID_ENU.dll
19:59:49.0148 0x1490  C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID_ENU.dll - ok
19:59:49.0154 0x1490  [ 74B8C2EA72D43727142D12397D5A49F9, 37E8858211D7BF9DE90CBD22863B18A939C43BA64CAD06229E994A417BD46B0D ] C:\Windows\System32\wbemcomn.dll
19:59:49.0154 0x1490  C:\Windows\System32\wbemcomn.dll - ok
19:59:49.0162 0x1490  [ 30F0DC266B46118E9FBCF5B2A30EB1DB, 72C59BBD1590EAD91D92C07B3434BE308639CE773E8A2E72751E5396B4B10BA5 ] C:\Windows\System32\wbem\wbemprox.dll
19:59:49.0162 0x1490  C:\Windows\System32\wbem\wbemprox.dll - ok
19:59:49.0165 0x1490  [ 128DD9AF8640DBCC711940903C8B554F, 46E9715F3CD09F32FBEAA5379991E9E7DACCBD2407C2D061FDA3A04F05108133 ] C:\Windows\System32\mscoree.dll
19:59:49.0165 0x1490  C:\Windows\System32\mscoree.dll - ok
19:59:49.0169 0x1490  [ F5DF6846F30E9F54EA60CCAEB3FB2055, 07B71E3AA36F90D3D6B60D56F51A524AC769DFD1233BADB76B65874C7BCC5083 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
19:59:49.0169 0x1490  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
19:59:49.0175 0x1490  [ B20B18DF8EB3C821E071541FC3DFF1AB, 5E91F2DF8151B6292A7905BD19883C2E93415BA6CC0581C55C79B462B4CD32B5 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
19:59:49.0175 0x1490  C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll - ok
19:59:49.0178 0x1490  [ 215CEE8DE5C4BCFF12FD41116BC5B3AE, 59C0677615F12978694F1C1FB25EA9B782054C30227F0D6083DF081FB388B0FA ] C:\Windows\System32\HPTcpMon.dll
19:59:49.0178 0x1490  C:\Windows\System32\HPTcpMon.dll - ok
19:59:49.0185 0x1490  [ BDE89AB6F15F0093A2A7861D1FC413ED, CDD703B147DD2B49FB4DD3EF8E8E97A9496782462AF8D65AC70D3075E4E0514A ] C:\Windows\System32\QAGENT.DLL
19:59:49.0185 0x1490  C:\Windows\System32\QAGENT.DLL - ok
19:59:49.0190 0x1490  [ 2BE6BBDFC6783B68237B0659949A93D2, 8D80E352016C008B0DED02620A0F63D512F965CAD99D7E902A539B2DCCD70869 ] C:\Windows\System32\HPTcpMUI.dll
19:59:49.0190 0x1490  C:\Windows\System32\HPTcpMUI.dll - ok
19:59:49.0193 0x1490  [ 3584A093E8778C9E5F80CED99F0B7F35, 0FEDA737A8A42BD0B93C49823D571C3F961B6B43DC0D7EF3F5F089C95E650CC3 ] C:\Windows\System32\hpzjrd01.dll
19:59:49.0193 0x1490  C:\Windows\System32\hpzjrd01.dll - ok
19:59:49.0199 0x1490  [ 769D027B977CED05658C85E698D3C5B1, AD17B98BC2E2CEA59CC603264F171098AE77F16B7E9C61080F7E2DC50EE74637 ] C:\Windows\System32\QUTIL.DLL
19:59:49.0199 0x1490  C:\Windows\System32\QUTIL.DLL - ok
19:59:49.0205 0x1490  [ 3880C0DC4810245BDC42E47FCEF9B060, AB53BA1D4DB2992A1A3B13E25EDB57A6B1A729DD3DA8CC1D0E613827B60AB3F5 ] C:\Windows\System32\atitmpxx.dll
19:59:49.0205 0x1490  C:\Windows\System32\atitmpxx.dll - ok
19:59:49.0210 0x1490  [ 735CE2975646DEA1450440D77DB4F7F3, D67BCE8B0F108BF987D4540A34E0707CA257346179D9341E6685A6DD5392FC3A ] C:\Windows\System32\HPTcpMib.dll
19:59:49.0210 0x1490  C:\Windows\System32\HPTcpMib.dll - ok
19:59:49.0216 0x1490  [ B4F5DE3DAD8E6B97272F45DB97674878, 31136700BE3EDACBD1FC6E795F607950A5ECD8129898C57D74B3CE6573DD250E ] C:\Windows\System32\mgmtapi.dll
19:59:49.0216 0x1490  C:\Windows\System32\mgmtapi.dll - ok
19:59:49.0219 0x1490  [ AF24A9DF84637BF9858EC6FB88EBA7B2, 0F77BA28FACD1E0BD8C9C8AB7F89EBCF095C6A9D1522FA7158E848ACE3446B4C ] C:\Windows\System32\snmpapi.dll
19:59:49.0219 0x1490  C:\Windows\System32\snmpapi.dll - ok
19:59:49.0225 0x1490  [ 1EDE113859276E4B0F19B80F39E2CC95, 5467FBB97D1A192B720644A008752C27D14287998B328AF8FFF6DB4CB95D92EE ] C:\Windows\System32\wsnmp32.dll
19:59:49.0225 0x1490  C:\Windows\System32\wsnmp32.dll - ok
19:59:49.0230 0x1490  [ E5F7C30EDF0892667933BE879F067D67, E4BA45F4C6C74A0CDE9B12A00C91E2F5EF83536C89C9053DEC507CBB4F130A12 ] C:\Windows\System32\msvcr100_clr0400.dll
19:59:49.0230 0x1490  C:\Windows\System32\msvcr100_clr0400.dll - ok
19:59:49.0235 0x1490  [ 9CCDA677011F4A5C54376CF520575097, 8732D8736EDA47271164C0E6FD2CBDB7C7E0AAE728C53375A65FEAADA44E4AEE ] C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\cf58670896c5313b9b52f026f4455a5d\mscorlib.ni.dll
19:59:49.0235 0x1490  C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\cf58670896c5313b9b52f026f4455a5d\mscorlib.ni.dll - ok
19:59:49.0240 0x1490  [ 08578F3CA5365F896D90CE2BF97FD000, B081E6B39D69141B3AD31E127DA18756EBB68F47E649635D78D45B25EBDC2511 ] C:\Windows\System32\IconCodecService.dll
19:59:49.0240 0x1490  C:\Windows\System32\IconCodecService.dll - ok
19:59:49.0246 0x1490  [ BFDEDA37DE512BDEE122F8339DBFE711, 2FD3AF41B37301A9611A7870C31D364B0A7CFCC0A3B0B7B5A2CB4CAEDCBE6915 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\Culture.dll
19:59:49.0246 0x1490  C:\Windows\Microsoft.NET\Framework\v4.0.30319\Culture.dll - ok
19:59:49.0252 0x1490  [ A7A7DA4D6C44660852D058635B83B108, 566574ED7A7A5FC237D3D3ADEFACB889FCD450A7C7C827B242C7D57C8C9A5F5D ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
19:59:49.0252 0x1490  C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll - ok
19:59:49.0255 0x1490  [ DCBE1AFE0383E64FE4E789CA9E80CF79, 1011AB0C05D79D6CF0B149CBE7FC5C22A4D7F9DA68968FFF37D870C7E530BC7A ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System\de853615c8224ba5d9aa9b76276c6d98\System.ni.dll
19:59:49.0255 0x1490  C:\Windows\assembly\NativeImages_v4.0.30319_32\System\de853615c8224ba5d9aa9b76276c6d98\System.ni.dll - ok
19:59:49.0262 0x1490  [ B22F55C04C87BD1D59EE9074DC0F1C39, 2E55D337DDA624247D2E3C5D874037BBE1BBA91E6D1DB5FC6F3A30BD447C11B1 ] C:\Program Files\Microsoft SQL Server\110\DTS\Binn\Microsoft.SqlServer.DtsServer.Interop.dll
19:59:49.0262 0x1490  C:\Program Files\Microsoft SQL Server\110\DTS\Binn\Microsoft.SqlServer.DtsServer.Interop.dll - ok
19:59:49.0268 0x1490  [ A365E22BA80445FD94AC67A4DFDE7473, BF0A2DBF871D049EAD1F193C7904B97FBF443B9FBA6158D7396DA2D9C3DC674A ] C:\Windows\assembly\NativeImages_v4.0.30319_32\MsDtsSrvr\3a92aef0163fbf8115c9c13305aa3e64\MsDtsSrvr.ni.exe
19:59:49.0268 0x1490  C:\Windows\assembly\NativeImages_v4.0.30319_32\MsDtsSrvr\3a92aef0163fbf8115c9c13305aa3e64\MsDtsSrvr.ni.exe - ok
19:59:49.0272 0x1490  [ E643D96DAB88B5216B92121FE1369029, 30C9FD89E47D437FDFD0D2831E6EE82DFED04AA9A92D0C806992EC5F8CBB5955 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7bf3e4deef4483205017aa7b13194845\System.ServiceProcess.ni.dll
19:59:49.0272 0x1490  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7bf3e4deef4483205017aa7b13194845\System.ServiceProcess.ni.dll - ok
19:59:49.0278 0x1490  [ AC7897EC972502CABC842B967C3E42D5, 3045DB455E181625CE5FF36B2408930B4AFC354F8F15A3D57D68D34F1FA0228D ] C:\Program Files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvrUtil.dll
19:59:49.0278 0x1490  C:\Program Files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvrUtil.dll - ok
19:59:49.0285 0x1490  [ 0E37FBFA79D349D672456923EC5FBBE3, 8793353461826FBD48F25EA8B835BE204B758CE7510DB2AF631B28850355BD18 ] C:\Windows\System32\msvcr100.dll
19:59:49.0285 0x1490  C:\Windows\System32\msvcr100.dll - ok
19:59:49.0290 0x1490  [ C85670AB64068F8080998AEBA6C5019C, 87D88235F69C062E5B759F91253ABAF7BD055937DD119BD26858237F812D3DED ] C:\Windows\System32\atl100.dll
19:59:49.0290 0x1490  C:\Windows\System32\atl100.dll - ok
19:59:49.0295 0x1490  [ BC83108B18756547013ED443B8CDB31B, B2AD109C15EAA92079582787B7772BA0A2F034F7D075907FF87028DF0EAEA671 ] C:\Windows\System32\msvcp100.dll
19:59:49.0295 0x1490  C:\Windows\System32\msvcp100.dll - ok
19:59:49.0299 0x1490  [ 9CA9B77853199DBC7A5FFF2AD2F99E6A, 141578531042CEC51FED5663A033CF4CBD4B4CB3CDBC221BF8EF1F80152603A3 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\71d887ce964fb69b7f03c4fe7a3f28ff\System.Configuration.ni.dll
19:59:49.0299 0x1490  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\71d887ce964fb69b7f03c4fe7a3f28ff\System.Configuration.ni.dll - ok
19:59:49.0306 0x1490  [ ECAC4B0E50F934BD91DF150950D638FB, 622217CBF326FE528ACD29718BCCE62243A4D21B8A7A8AE85CAA6B0009ACB42D ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\884bcbd22130ebeb1211bc7bcc3910c9\System.Xml.ni.dll
19:59:49.0306 0x1490  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\884bcbd22130ebeb1211bc7bcc3910c9\System.Xml.ni.dll - ok
19:59:49.0312 0x1490  [ 377234A29D5C180FB8DC39C081941341, BC5CD6FCA975CB12998972516619C2885D40F4D07F0C5C7C954396E55EA58443 ] C:\Program Files\Microsoft SQL Server\110\DTS\Binn\DTS.dll
19:59:49.0312 0x1490  C:\Program Files\Microsoft SQL Server\110\DTS\Binn\DTS.dll - ok
19:59:49.0315 0x1490  [ C762FB85C327D53CC5C2D340F44EC7ED, 7F768A441173B6D36684E66CEE08913CED22AB88BCD8915AFB7B5E165E71B4E4 ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlos.dll
19:59:49.0315 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlos.dll - ok
19:59:49.0322 0x1490  [ 56CEA86BE95D79C9365AF3B93EBD44E5, A04C7FD5B5AEE4C1502D214DF2CE7F1E0782C67FB86C980C749F230D58D4EE79 ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
19:59:49.0322 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlservr.exe - ok
19:59:49.0327 0x1490  [ 295363D4317820AED0D527E15B90A8ED, 685282E64CA23FEEEE97795ED47520A5C2304B12E9F5DC7065C4D2055CD1A92D ] C:\Windows\System32\pdh.dll
19:59:49.0327 0x1490  C:\Windows\System32\pdh.dll - ok
19:59:49.0331 0x1490  [ 3BB059539D11BA4106EEA88901C31D7F, 75E578D10F22FED675316F74148A6155786AF04BB795E75223659CFE0ED8468F ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\opends60.dll
19:59:49.0331 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\opends60.dll - ok
19:59:49.0338 0x1490  [ EAD029162E80D66F88BDE7E0E97F94C4, DB0B920833649AEC05DE12B2199D5B0D6805B16822445286EC0E9F9BB9E74384 ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlmin.dll
19:59:49.0338 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlmin.dll - ok
19:59:49.0344 0x1490  [ CB49F6DE4D71C0855181DA4BEDA72426, BAAFB141E2BA7326C35859AFFA4573A03165FF6BF638CE04016FA21784E075DB ] C:\Program Files\Microsoft SQL Server\110\DTS\Binn\dtsmsg110.dll
19:59:49.0344 0x1490  C:\Program Files\Microsoft SQL Server\110\DTS\Binn\dtsmsg110.dll - ok
19:59:49.0350 0x1490  [ F9EE4C23A7BDBBB94BBFFF3DA087B431, FC988B3FAD95FD8AD36D829C9BFA2F36DCD517DE674705A3928AD3384354F34F ] C:\Program Files\Microsoft SQL Server\110\Shared\instapi110.dll
19:59:49.0350 0x1490  C:\Program Files\Microsoft SQL Server\110\Shared\instapi110.dll - ok
19:59:49.0356 0x1490  [ 8D36DE25F60C26ADCCCE922605F94914, 4EC9BFF6DEFE082C84468C8CE9A64870FA0CC7C4EA75DC0752A366F399DB5B1C ] C:\Program Files\Microsoft SQL Server\110\Shared\sqlboot.dll
19:59:49.0356 0x1490  C:\Program Files\Microsoft SQL Server\110\Shared\sqlboot.dll - ok
19:59:49.0362 0x1490  [ 08B3B7EB490A945E93FA2C340B139DD4, F5874D339AC4366D4A80653F767796C97354C58F8C2A0084ED8A5D6976D25531 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.SqlServer#\15a953a2a2aeeb17f7bfcfb9d756923e\Microsoft.SqlServer.DtsServer.Interop.ni.dll
19:59:49.0362 0x1490  C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.SqlServer#\15a953a2a2aeeb17f7bfcfb9d756923e\Microsoft.SqlServer.DtsServer.Interop.ni.dll - ok
19:59:49.0368 0x1490  [ 636F507B5A6D6D5C81E0A370095538B8, 76973F9DE2B3024E9B985F5BF8EB22F68F1A52BDB4D999370EC5587440C2441A ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.SqlServer#\8b795ccb9e09006d87b5529164f83c08\Microsoft.SqlServer.DTSRuntimeWrap.ni.dll
19:59:49.0368 0x1490  C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.SqlServer#\8b795ccb9e09006d87b5529164f83c08\Microsoft.SqlServer.DTSRuntimeWrap.ni.dll - ok
19:59:49.0374 0x1490  [ 4239F556B7A457FE3A9CB04B7BB4BFDB, 46E5C6349AED56006870391A6208B40013DD3D61549875236320F57B4E587739 ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqltses.dll
19:59:49.0375 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqltses.dll - ok
19:59:49.0380 0x1490  [ 46046A4A274242AA1A25EEA9D37DD00D, 5D314E7D3E099ADA64ED8D937D6C12BDF6566FC06A4E388A4E07B2E7D8C8E90E ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqldk.dll
19:59:49.0381 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqldk.dll - ok
19:59:49.0387 0x1490  [ B75B8713C61FFB3CBDA74943C0EC5B32, DF68E9C1396626578E56636E8E677D402BFBA64932EDC93F2D32DBCBAAC5DA09 ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqllang.dll
19:59:49.0387 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqllang.dll - ok
19:59:49.0393 0x1490  [ 40555318F380B0DB135C2FD27EE9B67E, 4F65F11392933AF00B9E820F6E4C3E8487D14C39E993F445A764DE3230693BD2 ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlboot.dll
19:59:49.0394 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlboot.dll - ok
19:59:49.0399 0x1490  [ CB5FFA86E9FB6EB8C4B6BB905C179816, F696665665D6A441ADE90B9385BFE2250531AD157EE079F7D3A93DC0E641E84F ] C:\Program Files\Microsoft SQL Server\MSAS11.MSSQLSERVER\OLAP\bin\msmdsrv.exe
19:59:49.0400 0x1490  C:\Program Files\Microsoft SQL Server\MSAS11.MSSQLSERVER\OLAP\bin\msmdsrv.exe - ok
19:59:49.0406 0x1490  [ 27D0D43F7EE9DAEFC96EEF48620BDB4C, 4790C4C828D21865B556B48BDBB0DC84FEC7E49E8FBCCFD5E75C9DCFB86CAE5A ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\Resources\1033\sqlevn70.rll
19:59:49.0406 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\Resources\1033\sqlevn70.rll - ok
19:59:49.0412 0x1490  [ 0A990AFB9F2726323D61C8ECB8B70B17, 27BC7CBFFB211DE930C7FA97DCDCA783CC74987EDB5FC17D33C422E93BA91242 ] C:\Windows\System32\security.dll
19:59:49.0412 0x1490  C:\Windows\System32\security.dll - ok
19:59:49.0418 0x1490  [ C8DBFEF835FF54467425C8F3ABCF7046, F9F20D4AD8144B17F53927AF4D901092B2047E1C4300620B6B31232703304356 ] C:\Windows\System32\dssenh.dll
19:59:49.0418 0x1490  C:\Windows\System32\dssenh.dll - ok
19:59:49.0424 0x1490  [ FD4F087A8E848BC2B7F08D63365A0EE1, 8BB6E33AA5EB8BB2EF3973236DD240EFC8DA9BD79EF890FD5C175B7648AABD78 ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlaccess.dll
19:59:49.0424 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlaccess.dll - ok
19:59:49.0430 0x1490  [ 8A3754F6D09B551FD10691259FBAA39E, C749BC38E5AEAFF0460E86AF3FB0A41FF5387F9F1AEF0968F1AC1D10F9F0B33E ] C:\Windows\System32\sqlncli11.dll
19:59:49.0430 0x1490  C:\Windows\System32\sqlncli11.dll - ok
19:59:49.0436 0x1490  [ 16CFA1D36714474C449E6CD7C5948E25, E4801A0D27AFD5FC3FBFA5C30B92D74BC613461B6D719133D912CEC28EE943D1 ] C:\Windows\System32\1033\sqlnclir11.rll
19:59:49.0436 0x1490  C:\Windows\System32\1033\sqlnclir11.rll - ok
19:59:49.0442 0x1490  [ B7873074934182839C5C7CD76008C846, 1E371B328805AB810D334CAC9BBB8D56CAA13C998E71DBCEF143535170884DDE ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlscriptupgrade.dll
19:59:49.0442 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlscriptupgrade.dll - ok
19:59:49.0448 0x1490  [ 1882E7F91C1CE26104D4EBB3E8A0BBCF, DDB4257CDF21BDEC4C41AD71CB9B0B224D47C35A784FC90D4986A10BC206623F ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\batchparser.dll
19:59:49.0448 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\batchparser.dll - ok
19:59:49.0455 0x1490  [ 07BBB3CBB86D2626B46BC1D210C4781B, DB46F6F7F1D5D6C5841665C86DCFF3DF9064879143B881E9089939FBE9182B8A ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
19:59:49.0455 0x1490  C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll - ok
19:59:49.0461 0x1490  [ F3222FC2C77F9CBCC5C33B50AD23B760, F7BBA6030185ABAF9E4DBFACD97BAD691E069D7322A17B54C240631BA5A9083D ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\ftimport.dll
19:59:49.0461 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\ftimport.dll - ok
19:59:49.0468 0x1490  [ 4B4FDF441B53E7EE4D9F0E25B7E64353, 362EA400687429DCDE43BFA646A3542FA03A6C9F704FB6B576CBC2655C84ED79 ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\msfte.dll
19:59:49.0468 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\msfte.dll - ok
19:59:49.0473 0x1490  [ 4003E34416EBD25E4C115D49DC15E1A7, C06430B8CB025BE506BE50A756488E1BCC3827C4F45158D93E4E3EEB98CE1E4F ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\DBGHELP.DLL
19:59:49.0473 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\DBGHELP.DLL - ok
19:59:49.0479 0x1490  [ 8D539F5E89BDFAF3E7EEA617692D678C, FCE0F8E1D82331A1458AAE715C80A66D32E2D37045A7C8D03AC0571437FD0117 ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\MsWb7.dll
19:59:49.0480 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\MsWb7.dll - ok
19:59:49.0486 0x1490  [ 4002358E76C1CF1E5DF101E5A398B146, BE57232771E3E7AD4B2DF2C1E32ADB32ED750C3C31D99B3A88E373FDD24787D7 ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\NaturalLanguage6.dll
19:59:49.0486 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\NaturalLanguage6.dll - ok
19:59:49.0492 0x1490  [ 93FD40DC39C59442DA31F97D1B89FEBC, 5E513C49B17812B548CDBDFCC60932D4135B6FF21AE6E09B91280168ADDCB022 ] C:\Program Files\Microsoft SQL Server\MSAS11.MSSQLSERVER\OLAP\bin\xmlrw.dll
19:59:49.0492 0x1490  C:\Program Files\Microsoft SQL Server\MSAS11.MSSQLSERVER\OLAP\bin\xmlrw.dll - ok
19:59:49.0498 0x1490  [ 9BF38222CD12029B8B51ADA8A3C6D441, 5E663C8389C5AB1C4E4CAD4328369F9AC7194DD873AA53C086FECC6B1E2ECA7A ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\MsWb70804.dll
19:59:49.0498 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\MsWb70804.dll - ok
19:59:49.0504 0x1490  [ 51C6D8BFBD4EA5B62A1BA7F4469250D3, 29ACA9D8A5426333F75858D9D3960A4DCDDA4ACC986B3E9E37D255E4FAECDB7C ] C:\Windows\System32\HPZinw12.dll
19:59:49.0504 0x1490  C:\Windows\System32\HPZinw12.dll - ok
19:59:49.0510 0x1490  [ 32FF06EC6D946EF791D98D6C838A3090, 319BDD491CB22D0CCCCE76A2854CF469D7AF046289F9C56CD03AE3D3CBC0275E ] C:\Windows\System32\drivers\NisDrvWFP.sys
19:59:49.0510 0x1490  C:\Windows\System32\drivers\NisDrvWFP.sys - ok
19:59:49.0516 0x1490  [ E582816A4855914DEFFC212E12B3B744, B59C692FE8D19A2D9615D12C6026854C3467B25B3630183D766A32A9584C3115 ] C:\Windows\System32\wsock32.dll
19:59:49.0516 0x1490  C:\Windows\System32\wsock32.dll - ok
19:59:49.0521 0x1490  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] C:\Windows\System32\drivers\PEAuth.sys
19:59:49.0522 0x1490  C:\Windows\System32\drivers\PEAuth.sys - ok
19:59:49.0527 0x1490  [ 0FF093396E70ACFE320E7EF3271390A2, 2CFC7F09B151FC9327CD1BA76D7F5DE4F70AEF80169DABB8EB2AF96B8A82DDE2 ] C:\Program Files\Microsoft SQL Server\MSAS11.MSSQLSERVER\OLAP\bin\xmlrwbin.dll
19:59:49.0527 0x1490  C:\Program Files\Microsoft SQL Server\MSAS11.MSSQLSERVER\OLAP\bin\xmlrwbin.dll - ok
19:59:49.0533 0x1490  [ F4D9ED6BD74AD7CC0BEC83C43A1CB76B, 18F167DEC8464AC42B9C7C2C69638D812C1C2CF867DBF3E833F4B880C26BD1D2 ] C:\Windows\System32\ncsi.dll
19:59:49.0533 0x1490  C:\Windows\System32\ncsi.dll - ok
19:59:49.0539 0x1490  [ 3EB6D30D82F0E300FCFBAD0498F654FD, 12A9CA74619AE147FC097A8A2142B6DF9318AE8ED0ADAF04A783BC0995039071 ] C:\Windows\System32\mlang.dll
19:59:49.0539 0x1490  C:\Windows\System32\mlang.dll - ok
19:59:49.0545 0x1490  [ C1B03D0B620558E45B87F082069F04F4, 8AC905DDAE646E1CE7BE5BCD7969F707BF76FDC4E07A685AED28AD12026C8A12 ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\MsWb70404.dll
19:59:49.0545 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\MsWb70404.dll - ok
19:59:49.0551 0x1490  [ 01BCD91CC2B0EFDA4890F547010750BD, 34B99B58AC2CEC8EF089C9B82D3ADEAD721B32B5F884399E8A9D2252B8AB5C02 ] C:\Windows\System32\ssdpapi.dll
19:59:49.0551 0x1490  C:\Windows\System32\ssdpapi.dll - ok
19:59:49.0557 0x1490  [ 40555318F380B0DB135C2FD27EE9B67E, 4F65F11392933AF00B9E820F6E4C3E8487D14C39E993F445A764DE3230693BD2 ] C:\Program Files\Microsoft SQL Server\MSAS11.MSSQLSERVER\OLAP\bin\sqlboot.dll
19:59:49.0557 0x1490  C:\Program Files\Microsoft SQL Server\MSAS11.MSSQLSERVER\OLAP\bin\sqlboot.dll - ok
19:59:49.0563 0x1490  [ CD2F4506973B235949F8E392D3CC880E, 952F965820F080251078A5E593D4A70DE5DA890D3078076F3929A7C240EC7601 ] C:\Program Files\Microsoft SQL Server\MSAS11.MSSQLSERVER\OLAP\bin\Resources\1033\msmdsrv.rll
19:59:49.0563 0x1490  C:\Program Files\Microsoft SQL Server\MSAS11.MSSQLSERVER\OLAP\bin\Resources\1033\msmdsrv.rll - ok
19:59:49.0569 0x1490  [ 79834AA2FBF9FE81EEBB229024F6F7FC, 4E243765C11AE9B5D003C3220B8AA0C4671B2627221D2323F80189CA3A307FEF ] C:\Windows\System32\HPZipm12.dll
19:59:49.0569 0x1490  C:\Windows\System32\HPZipm12.dll - ok
19:59:49.0575 0x1490  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] C:\Windows\System32\IPSECSVC.DLL
19:59:49.0575 0x1490  C:\Windows\System32\IPSECSVC.DLL - ok
19:59:49.0580 0x1490  [ BAB1710C565B636BEA89796FD7458548, 7B10C6437423A21C37355E61156AD1CAAEA5791CAD5219E48DB578E40D811754 ] C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe
19:59:49.0581 0x1490  C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe - ok
19:59:49.0587 0x1490  [ 42608AE9AF2641EE473A1797C25CFFC2, 64FCAEDFAE7B530522A630BD41880180C3B5D78924DF80DC54862A0D666EBA5F ] C:\Windows\System32\FwRemoteSvr.dll
19:59:49.0587 0x1490  C:\Windows\System32\FwRemoteSvr.dll - ok
19:59:49.0593 0x1490  [ C7C1809BD3DEB49EF03DE3BE5C14B516, 7559F8614DEDEBB64AE85C92C4022762E4D2D455026BE484634EFEBCC71BAC80 ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\MsWb70011.dll
19:59:49.0593 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\MsWb70011.dll - ok
19:59:49.0599 0x1490  [ 156F4A9D027359506824121474A1421B, D2E06B614235AB4C09D785434BBF91246A5EF1B22CFAA4019C531CD05EB6DD08 ] C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\SQLRSOS.dll
19:59:49.0599 0x1490  C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\SQLRSOS.dll - ok
19:59:49.0605 0x1490  [ 69B679CF025717F17CC5A8500FFBA7EB, 78CA23E4215CBC072E1296D53109B85602B509A75ED347C0FCCFB5C04BF14CB9 ] C:\Program Files\Microsoft SQL Server\MSAS11.MSSQLSERVER\OLAP\bin\msmgdsrv.dll
19:59:49.0605 0x1490  C:\Program Files\Microsoft SQL Server\MSAS11.MSSQLSERVER\OLAP\bin\msmgdsrv.dll - ok
19:59:49.0611 0x1490  [ 94C7E4368226E6C0A6012F59DB2B79AC, CACB1E441E23372D0E62D11D3BE110675BB7B29A678A272E2B63DAD4F3FB7367 ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\korwbrkr.dll
19:59:49.0611 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\korwbrkr.dll - ok
19:59:49.0618 0x1490  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] C:\Windows\System32\drivers\secdrv.sys
19:59:49.0618 0x1490  C:\Windows\System32\drivers\secdrv.sys - ok
19:59:49.0623 0x1490  [ F07AF60B152221472FBDB2FECEC4896D, A18FDCE8462A48429E249C44F0E49F844F2E3A4B5215349DE104F34D935EF983 ] C:\Program Files\Skype\Updater\Updater.exe
19:59:49.0623 0x1490  C:\Program Files\Skype\Updater\Updater.exe - ok
19:59:49.0629 0x1490  [ E58796B5088EDD61E5EF03D693EA0D67, 7E82952C754F69C533D36FB012F38FAE5F1139BE614740451A885F6F1EAE8CF6 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
19:59:49.0629 0x1490  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
19:59:49.0635 0x1490  [ 8D1C8C8FAF139AC42AF93216A559CA69, 5263D87D85B6D3000A6DB5498D9D861DC41EDBCCFA1D44AB2FB16918320EDDC6 ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\MsWb7001e.dll
19:59:49.0635 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\MsWb7001e.dll - ok
19:59:49.0641 0x1490  [ AC7780C7C6484F55EA1BA6CC9553EFA4, 845F1E088428D82DC3E5A89050ED4914B26F2BEE444A5FC0169910774058EE74 ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE
19:59:49.0641 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE - ok
19:59:49.0647 0x1490  [ 862363973DCBCC31DD161EF41A69153C, A2A27BC454A39093B8A68AFDF47C3572A97A6EC6790B7E6306EFDA6E3A03B97B ] C:\Windows\System32\odbc32.dll
19:59:49.0647 0x1490  C:\Windows\System32\odbc32.dll - ok
19:59:49.0653 0x1490  [ 10C4ADAE69454C0E24762828570CF2C0, 4012D91E5BBC285A51115763A3169BC01E1360E4F1277E82A660CB6A9B3A8A3C ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SqlResourceLoader.dll
19:59:49.0653 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SqlResourceLoader.dll - ok
19:59:49.0659 0x1490  [ D58A03FAA539BEFBC8AD27365569B413, EE7C646E09960471F4F7E455B093192483892D29CCC426330372D9C8A25C4C0B ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlsvc.dll
19:59:49.0659 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlsvc.dll - ok
19:59:49.0665 0x1490  [ 8A95777E6F7B94383806DE380BD1C84A, B319EC582AC903E83B30AB6D2F5AD4CA05CD2E246B38DEB5523F790189536EF5 ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlscm.dll
19:59:49.0665 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlscm.dll - ok
19:59:49.0668 0x1490  [ 0DAAF8032546D1B4543D7B101B53FD6C, B8872D5F3ED3F737C4F055E4E54B2107AD87E39960853835208198C75902CEE8 ] C:\Windows\System32\odbcint.dll
19:59:49.0669 0x1490  C:\Windows\System32\odbcint.dll - ok
19:59:49.0674 0x1490  [ 95377018131F36A0F40839C6E6C901FD, D0F9045E930E8AE66C76A9DECAA99896448348EEDBAEEAD3E5BA2F480F55122C ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\Resources\1033\sqlsvc.rll
19:59:49.0674 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\Resources\1033\sqlsvc.rll - ok
19:59:49.0680 0x1490  [ 0400029B0BAA4F98618060C26478CA5C, FB35A16CC0959301CED8B34711C5377FFD033ED27E248E7C0A507A17205FF670 ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\Resources\1033\SQLAGENT.RLL
19:59:49.0680 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\Resources\1033\SQLAGENT.RLL - ok
19:59:49.0687 0x1490  [ FAA633CE8D311E666E2F7253603C7C15, 5DA842AF43ACD5128DD24D21C19DA4F55B827CD3FA8FDB1439C23A84C9764F17 ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLAGENTLOG.DLL
19:59:49.0687 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLAGENTLOG.DLL - ok
19:59:49.0692 0x1490  [ 7B193BA3F0245D5867B71AD1CF631474, 8E25CBBD05438BB7CDC774AD4B76A440AAC5BD1B5EC8B4E1D6FCE5EA9AE2B7C9 ] C:\Program Files\Microsoft SQL Server\90\Shared\instapi.dll
19:59:49.0693 0x1490  C:\Program Files\Microsoft SQL Server\90\Shared\instapi.dll - ok
19:59:49.0698 0x1490  [ 90A07229992B24FC4C419D56E58CF075, 7B3D3ACBDFB5FCC2B73E166DCD594F9F193A24EB8937755FD684338811028846 ] C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
19:59:49.0698 0x1490  C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe - ok
19:59:49.0704 0x1490  [ 44DD73AC648C586E96A302924CE2388A, 247439FEC6FB6BBEC0754F5FE01D9DD0204B6A4BF74888E796B65F772E33F4B4 ] C:\Program Files\Microsoft SQL Server\90\Shared\sqlwvss.dll
19:59:49.0704 0x1490  C:\Program Files\Microsoft SQL Server\90\Shared\sqlwvss.dll - ok
19:59:49.0710 0x1490  [ 5877A786EF27E42C4E84D1356F922302, 1CDCC7D91086DC0FE80057EE8E1AE609A38DD9D241BC17145E7811C916E662C3 ] C:\Windows\System32\drivers\tcpipreg.sys
19:59:49.0710 0x1490  C:\Windows\System32\drivers\tcpipreg.sys - ok
19:59:49.0716 0x1490  [ 351FA1DF82CFFDEDA801604246E63E95, AD030032C0C4C0E2A8EEDA3E45338BE7DFD75AED330EBC266183C49687E7A3D0 ] C:\Windows\System32\icaapi.dll
19:59:49.0716 0x1490  C:\Windows\System32\icaapi.dll - ok
19:59:49.0721 0x1490  [ 428FF21418ADCD6FAD6189CD9520A67B, E9021A9B74AC6C4F7317704DF6A66B1A5C3D05DD2535989942005D638340010D ] C:\Windows\System32\wiatrace.dll
19:59:49.0721 0x1490  C:\Windows\System32\wiatrace.dll - ok
19:59:49.0727 0x1490  [ 4DBA143F06BAD1DF935CB9603140CF2A, DE2D3A13993046CCC7691C9614702DCBC43C788282A2B722A8F3F4829281BC1A ] C:\Windows\System32\wsdchngr.dll
19:59:49.0727 0x1490  C:\Windows\System32\wsdchngr.dll - ok
19:59:49.0732 0x1490  [ BF7E4D6F60A6D9E866432855C6F8C262, 6E99AA4BD3867867C6DE1B37F0EA8A1332190D23CD72752889B7A5C90DDC610F ] C:\Windows\System32\sqmapi.dll
19:59:49.0732 0x1490  C:\Windows\System32\sqmapi.dll - ok
19:59:49.0738 0x1490  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] C:\Windows\System32\netprofm.dll
19:59:49.0738 0x1490  C:\Windows\System32\netprofm.dll - ok
19:59:49.0744 0x1490  [ 2205A220A264E8C8B86492BF3D112907, F3B702AE3242B8910260F2649D8B387B07AF8830FF5F495B6F713FCABD26A4E9 ] C:\Windows\System32\PortableDeviceApi.dll
19:59:49.0744 0x1490  C:\Windows\System32\PortableDeviceApi.dll - ok
19:59:49.0749 0x1490  [ 1D6B95871DC006190964B04E5657E35F, 813F546ECB052166851B3E402DA13BF82CC83D36DA02AF3DED3780FEFFBA3277 ] C:\Windows\System32\rastapi.dll
19:59:49.0749 0x1490  C:\Windows\System32\rastapi.dll - ok
19:59:49.0755 0x1490  [ C6A94D4E2DD6E1C61818AC2186857AA8, 28D6E8E1C4B78EDB1C5A21B6A9A57CC77897D53FA1F2622ABFF84E75CFBE89B4 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\6a938df70a8b7996a3890b4f34c83906\mscorlib.ni.dll
19:59:49.0755 0x1490  C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\6a938df70a8b7996a3890b4f34c83906\mscorlib.ni.dll - ok
19:59:49.0761 0x1490  [ DFCAB29E8FD38F95650CC1E203E8D318, 96B444CF2FA218447A29BC5BF4308E3A5A47203555A460E79056EE6AC4875F9A ] C:\Windows\System32\npmproxy.dll
19:59:49.0761 0x1490  C:\Windows\System32\npmproxy.dll - ok
19:59:49.0768 0x1490  [ 1F18B9EA1BBFF033413414C3BEA13AD6, EC549203DD16A70F3275500CF1754198FDD4F619A0EC973FF8D4A9934DAACE6B ] C:\Windows\System32\wbem\WinMgmtR.dll
19:59:49.0768 0x1490  C:\Windows\System32\wbem\WinMgmtR.dll - ok
19:59:49.0773 0x1490  [ A952D0DED445F26AEFCF593A935AB300, 3A5D7D33D6445B146C9F1ABAE7A705EB53E5C4800CE3F04A9392C42E0D9ECBBD ] C:\Windows\System32\hnetcfg.dll
19:59:49.0773 0x1490  C:\Windows\System32\hnetcfg.dll - ok
19:59:49.0778 0x1490  [ B96B60EC821F86D445C9739A0F3DED59, 5BBB1C4AE7EB45403435D875598A8CC576698FD081977F5D51D438BA43140588 ] C:\Windows\System32\unimdm.tsp
19:59:49.0778 0x1490  C:\Windows\System32\unimdm.tsp - ok
19:59:49.0785 0x1490  [ B53BD9E63867CD9FD853F666CA172713, 08951AC63A257696F5F1FC79137C3FFBF0972B9AE43BD4BE02C2CACB9176C3DA ] C:\Windows\System32\PortableDeviceConnectApi.dll
19:59:49.0785 0x1490  C:\Windows\System32\PortableDeviceConnectApi.dll - ok
19:59:49.0790 0x1490  [ FC1EEE57EB9CD57279D70BA2A9131C38, 3154EF4F545CE40C7C67B8D5A4DF23D37B2A6F0CA8C5EC656CF81D96A7BE3CE9 ] C:\Windows\System32\wbem\wbemcore.dll
19:59:49.0790 0x1490  C:\Windows\System32\wbem\wbemcore.dll - ok
19:59:49.0796 0x1490  [ DFBAADF1B624DC71E88D34D86B3595BE, AFEEA1CF788DC67833C4FA14CCE681B5E30F480A8D9059B9192D636359F8D8DD ] C:\Windows\System32\uniplat.dll
19:59:49.0796 0x1490  C:\Windows\System32\uniplat.dll - ok
19:59:49.0801 0x1490  [ CF5F716CA0F96F3CC83A71604128B61E, 6FC5798E16FA5B2F31CD343ED6A92BEF5D868DC9F12938F8724B9CA72540E820 ] C:\Windows\System32\hpxp2320.dll
19:59:49.0801 0x1490  C:\Windows\System32\hpxp2320.dll - ok
19:59:49.0807 0x1490  [ 953193A9DEA40348C1086D171F6440AE, D09D2A3238A56C823010F7AB5A92C88D315F7A01093C3EB0CF70C0F058055C93 ] C:\Windows\System32\kmddsp.tsp
19:59:49.0807 0x1490  C:\Windows\System32\kmddsp.tsp - ok
19:59:49.0812 0x1490  [ 2F6776ACEFE41EE889C464EA407918F2, 67401F5B8B6DBA6E7478D1D05D1ED91680C8623E66CA66AFB44377D63DD5F13C ] C:\Windows\System32\ndptsp.tsp
19:59:49.0812 0x1490  C:\Windows\System32\ndptsp.tsp - ok
19:59:49.0818 0x1490  [ B4B59AC042EE3733A862F26CBC0B17FC, 4EB571061FF1C0CEF66C450FBB266D81A583B7EA2AFD4A32F3ED7079969D7949 ] C:\Windows\System32\hidphone.tsp
19:59:49.0818 0x1490  C:\Windows\System32\hidphone.tsp - ok
19:59:49.0823 0x1490  [ C10E13721B0AAEBEB5EBA914F1D18181, D30BA6FF257A840D67BFA6AF332ADBDC0E79C70EDCEFB10FAACD7071FB431458 ] C:\Windows\System32\wbem\esscli.dll
19:59:49.0824 0x1490  C:\Windows\System32\wbem\esscli.dll - ok
19:59:49.0832 0x1490  [ CE9D39F132E05973310E9452D55C3616, 01AA40E9C03AE1E113F1A6CFCE2A4FE55F8AD15C50FBB7318386FA02F5AF6A95 ] C:\Windows\System32\hpptsp05.dll
19:59:49.0832 0x1490  C:\Windows\System32\hpptsp05.dll - ok
19:59:49.0835 0x1490  [ BC5A34B6A14C93BF04E3F4E8EA57090A, 55F71740FBA3A079B81A045C81088C39176D44358ED28F568C198F338400E017 ] C:\Windows\System32\wbem\fastprox.dll
19:59:49.0835 0x1490  C:\Windows\System32\wbem\fastprox.dll - ok
19:59:49.0841 0x1490  [ DB0F37DBA4C245C61E5936DDBDE62438, 2DB2979BAF792DA74584E380055F233B9CEF51BCBF992CA84A79AD81A23C1663 ] C:\Windows\System32\wbem\wbemsvc.dll
19:59:49.0841 0x1490  C:\Windows\System32\wbem\wbemsvc.dll - ok
19:59:49.0846 0x1490  [ 2C3B09E586BDA2CC49A292BE7BADC589, E8AA356380E11A75DA0B51DA9C8BD9D3EA05885206AB9D4D1A69A96D8E9777AE ] C:\Windows\System32\wbem\wmiutils.dll
19:59:49.0846 0x1490  C:\Windows\System32\wbem\wmiutils.dll - ok
19:59:49.0852 0x1490  [ 8B645890A93F1FBBC7DA3E07CC72D762, 9D7054729CC860F2311060C236F7123567CBB2780966A72B6ADEB96185CB5D7B ] C:\Windows\System32\rasppp.dll
19:59:49.0852 0x1490  C:\Windows\System32\rasppp.dll - ok
19:59:49.0857 0x1490  [ 56E315ACFB08A177B4D01E42B9044DB5, 230B5AC4EB6654C854046CD210A80929345AA5D049EFA7C329048723A3A32345 ] C:\Windows\System32\mprapi.dll
19:59:49.0858 0x1490  C:\Windows\System32\mprapi.dll - ok
19:59:49.0863 0x1490  [ 4C593C2BA14C14A06DCDC7C2CD003E6C, 57A81CC79B15FC4FA90B4F9D213870FD981080902F815D2A9D088E9A89C1BFE8 ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\nlhtml.dll
19:59:49.0863 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\nlhtml.dll - ok
19:59:49.0869 0x1490  [ 834933F16EA839AC5AC7CBF88638DF27, 5A91A23ACD760F81E4DF7976DE1FA27E80EF8D35B680EEC859E08AF9588ACBE4 ] C:\Windows\System32\wbem\repdrvfs.dll
19:59:49.0869 0x1490  C:\Windows\System32\wbem\repdrvfs.dll - ok
19:59:49.0874 0x1490  [ 88225070DD2F7B0B2ED51E7935078641, 9DC31DE93783EBC7285B8CBEA50E73976AA221B9701C3AE6CED56960F19AB298 ] C:\Windows\System32\rasqec.dll
19:59:49.0875 0x1490  C:\Windows\System32\rasqec.dll - ok
19:59:49.0880 0x1490  [ 248A1F31ABB58DDDDC01490EF0BDC777, 5E5CF3FEAB07628BB1EAE37BED9207E231AB3AEE38907C58D909B1BA391D18A8 ] C:\Windows\System32\cryptui.dll
19:59:49.0880 0x1490  C:\Windows\System32\cryptui.dll - ok
19:59:49.0886 0x1490  [ 06588D3E301B53D24281DACEE3C34FE3, 97307BD217958C3093D1DE06EBDB80FCA31553EC16E7BCB63BBE461CA4C09684 ] C:\Windows\System32\offfilt.dll
19:59:49.0886 0x1490  C:\Windows\System32\offfilt.dll - ok
19:59:49.0891 0x1490  [ E98E402067978DB38282158F9E8609CA, 63AA9BA292F5A62C0B6C668BE27E4B0BF1761CD5D961D405CAEDE2DC7C54A2E2 ] C:\Windows\System32\netshell.dll
19:59:49.0891 0x1490  C:\Windows\System32\netshell.dll - ok
19:59:49.0897 0x1490  [ FAF53B680C7DE42328EAE23638934D10, 85F09E1B01165204402511240237DA831FD7D4308C47F1DE9F340D1BA8F7257C ] C:\Windows\System32\mimefilt.dll
19:59:49.0897 0x1490  C:\Windows\System32\mimefilt.dll - ok
19:59:49.0903 0x1490  [ C415CF82956C7188C8BCA61756532B74, 4BFA8E0BCCDB79FC5E3A0B413874A87399CDA88C6B5247E16A489588F00EFC9E ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\xmlfilt.dll
19:59:49.0904 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\xmlfilt.dll - ok
19:59:49.0909 0x1490  [ 68406DAEF98422B5F3E5BAE852145BC1, 073B43FE56758CC6ABF11D550E79B8A67BC2DE48408F4874F08A1793516A5775 ] C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesAppDomainManager.dll
19:59:49.0909 0x1490  C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesAppDomainManager.dll - ok
19:59:49.0915 0x1490  [ A6FA5D45ACF2E855F890FAC505EFEDB2, 1FCB38553A622E90FD41C19F9E6C3FFD13606867FF7D3AF494C1B003342773CA ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
19:59:49.0915 0x1490  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok
19:59:49.0919 0x1490  [ 0CFCDE5D9D074D96B78D1F1CBF1AAB1D, 15A579FDE0288BC732DF0C092A8269159D4D7B8AAC13E78B1D444899EE1CE478 ] C:\Windows\System32\riched20.dll
19:59:49.0919 0x1490  C:\Windows\System32\riched20.dll - ok
19:59:49.0925 0x1490  [ C2C6C014B96581EC8BF0C8604DE1743E, 5641A4B4EEB85C247A6C5718D3DDBAC9BD8C00E1D474721E8F27CFC7E7C25FBC ] C:\Windows\System32\wbem\WmiPrvSD.dll
19:59:49.0925 0x1490  C:\Windows\System32\wbem\WmiPrvSD.dll - ok
19:59:49.0930 0x1490  [ A609A192E98934A8D352704C99AB8577, E4E4B8FEDBDFAC148E416190C7E88F8634269FFB2395E197D92BCB3CD7CDF662 ] C:\Windows\System32\wbem\wbemess.dll
19:59:49.0930 0x1490  C:\Windows\System32\wbem\wbemess.dll - ok
19:59:49.0936 0x1490  [ 063CA314262D277A92189028A9E094FD, 0EC09CD7D58AEB260FE82CA79AD16C353D7053A665D98F4DEB26EBA5E2B6E9D3 ] C:\Program Files\Microsoft SQL Server\MSAS11.MSSQLSERVER\OLAP\bin\xe.dll
19:59:49.0937 0x1490  C:\Program Files\Microsoft SQL Server\MSAS11.MSSQLSERVER\OLAP\bin\xe.dll - ok
19:59:49.0942 0x1490  [ C0E5931BFF30B3D480B5907BBF1A077E, 96AD9F5E5D1F0D721F5BBC4F56391BD6E45814825AE4E1636EE6D29C66894826 ] C:\Program Files\Microsoft SQL Server\110\Shared\SqlDumper.exe
19:59:49.0942 0x1490  C:\Program Files\Microsoft SQL Server\110\Shared\SqlDumper.exe - ok
19:59:49.0948 0x1490  [ 4003E34416EBD25E4C115D49DC15E1A7, C06430B8CB025BE506BE50A756488E1BCC3827C4F45158D93E4E3EEB98CE1E4F ] C:\Program Files\Microsoft SQL Server\110\Shared\dbghelp.dll
19:59:49.0948 0x1490  C:\Program Files\Microsoft SQL Server\110\Shared\dbghelp.dll - ok
19:59:49.0954 0x1490  [ 32BFB50099749F73FF915FCC84E6A4E0, 104B3B624078E92C556FF2970B15676124C0A66A0BF16AC031D21E65E8E0EB32 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll
19:59:49.0955 0x1490  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll - ok
19:59:49.0960 0x1490  [ BD48229516FCDBECA202C6D3DB24CC14, E63DEBD154E2B54E76A557CB9253056761E720D4CEC106448430A178C8290057 ] C:\Program Files\Microsoft SQL Server\MSAS11.MSSQLSERVER\OLAP\bin\msmdspdm.dll
19:59:49.0961 0x1490  C:\Program Files\Microsoft SQL Server\MSAS11.MSSQLSERVER\OLAP\bin\msmdspdm.dll - ok
19:59:49.0968 0x1490  [ 02D9001CC182E37508D55BBBF32D8064, 8766D4F5AB499A9918AE75979BB51837A97FE4238B76A574CFEEF4B87DB5A6B9 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dac1208781fdd0b960afc12efff42944\System.Core.ni.dll
19:59:49.0968 0x1490  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dac1208781fdd0b960afc12efff42944\System.Core.ni.dll - ok
19:59:49.0973 0x1490  [ 94CF98D95A89E58498B2E6CBD63B6751, 5CAA5E3129E5D31DA0229CA9003385CE8E28700874667EDA055ED8BD27D15C56 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\fb1971b0524ef673327d37a4227beffa\System.Data.ni.dll
19:59:49.0974 0x1490  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\fb1971b0524ef673327d37a4227beffa\System.Data.ni.dll - ok
19:59:49.0980 0x1490  [ CA2897340C8D0FCD547E1F4DB3C5AA51, 80827D1F4B7D6C238EA0324BB654E23B65CC72D3B62567800E730509C6E2565E ] C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
19:59:49.0980 0x1490  C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll - ok
19:59:49.0986 0x1490  [ DB2D5F7BC4FF55F31C2FD1B086C26122, DBED2FB99094AD8080B0AD0C3AB1193798BDC42CACA43EDAF1445F21B133A78C ] C:\Program Files\Microsoft SQL Server\MSAS11.MSSQLSERVER\OLAP\bin\msmdvbanet.dll
19:59:49.0986 0x1490  C:\Program Files\Microsoft SQL Server\MSAS11.MSSQLSERVER\OLAP\bin\msmdvbanet.dll - ok
19:59:49.0992 0x1490  [ A8E2F76F136A0E664B68A48028D4AF93, DAEDB44FA71B60871D24EFD332A49F468532D06C411EB93E1A006C8E50391895 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
19:59:49.0992 0x1490  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
19:59:49.0998 0x1490  [ 81B4A8947E497A28B96A2426033FE66B, C2DC6A365B696A6B62F96EEAD941AAB6837F21BF571289C5147410F9D6FCF15C ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\d7153acb7b6ccb5a6a886d6f0ab732b1\System.ni.dll
19:59:49.0998 0x1490  C:\Windows\assembly\NativeImages_v2.0.50727_32\System\d7153acb7b6ccb5a6a886d6f0ab732b1\System.ni.dll - ok
19:59:50.0005 0x1490  [ 8C83B58A67574F768085FC89578CC336, 8F4F41EAB879B68DFFBE5D46467674266F033A16D4C2D9593ECB2EA5A698A6E5 ] C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\Microsoft.ReportingServices.Diagnostics.dll
19:59:50.0005 0x1490  C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\Microsoft.ReportingServices.Diagnostics.dll - ok
19:59:50.0011 0x1490  [ 629C6BFAE02D0E3521BB06B07B229153, D674B06C93EBB2230CD2053BD769F743FA6DE22B9E2B67516136B2F1A2A0D213 ] C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesLibrary.dll
19:59:50.0011 0x1490  C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesLibrary.dll - ok
19:59:50.0018 0x1490  [ 8ED5212422CC84B14C898E89F7F41B8B, B56399EA036492A917EF64CEB27B727CB0EF9A18E97CFBD7AE1D07062B7DA051 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\5974034f0f53755b11bde4c9698261cb\System.ServiceProcess.ni.dll
19:59:50.0018 0x1490  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\5974034f0f53755b11bde4c9698261cb\System.ServiceProcess.ni.dll - ok
19:59:50.0024 0x1490  [ E0C9C8101F43997DB87C3686E2A31B3D, 029FE282362E1538AC64A0E8C9417FA4E937BEE57CB55BEEFEC55CBF47BF641C ] C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesNativeServer.dll
19:59:50.0024 0x1490  C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesNativeServer.dll - ok
19:59:50.0030 0x1490  [ 50BFCC2A02CFB86550AF9BF92E8093E9, 6715F1B23ECF4ED2E60A2D41230B10314987ECF019A1009B40C35C01572E9599 ] C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6229_none_d1c3b2e2435ad752\ATL80.dll
19:59:50.0030 0x1490  C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6229_none_d1c3b2e2435ad752\ATL80.dll - ok
19:59:50.0037 0x1490  [ F417327561509E3FD06511900A883FB1, C61C57A77CF6903C453CB0D06B2EED86B5A4B8FA1FD3DE8625A6AC4159ADEEB2 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6229_none_d089f796442de10e\msvcm80.dll
19:59:50.0037 0x1490  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6229_none_d089f796442de10e\msvcm80.dll - ok
19:59:50.0043 0x1490  [ DB3FE74F4B156314A2FF5988B40307A1, 69120075CA0D7105093FC67F03236AE4CA8EE97302C4627E1A4B4BFC67C6D266 ] C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesNativeClient.dll
19:59:50.0044 0x1490  C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesNativeClient.dll - ok
19:59:50.0050 0x1490  [ F52B939C12F0946C25EE9E42C9BB326C, FFD44FD3972724F65DBE1289A78893156EA119A5AF9396BB6BD41BF58F45F744 ] C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\Microsoft.ReportingServices.Interfaces.dll
19:59:50.0050 0x1490  C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\Microsoft.ReportingServices.Interfaces.dll - ok
19:59:50.0057 0x1490  [ 97289924D704B061D9D38FFFF7A4AF8E, 8D449726CD282C629B41040CFB4D9627558240AEA96CCDF6D2D2BB1943F983FD ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09f5b3f7a363b742a73937e818595597\System.Xml.ni.dll
19:59:50.0057 0x1490  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09f5b3f7a363b742a73937e818595597\System.Xml.ni.dll - ok
19:59:50.0063 0x1490  [ B0CD7BB1D3BF26E165883A1DE4F4AC4E, 4712AB38E030684EC71C77E90B62028F554B3F39386D23AB6A5FEEBAA6A4F8B0 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\1eff630f4194c74287d1dd4a859693f7\System.Data.ni.dll
19:59:50.0063 0x1490  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\1eff630f4194c74287d1dd4a859693f7\System.Data.ni.dll - ok
19:59:50.0070 0x1490  [ 506B6592BF6116521F152DCCB39A6143, CFCCF15571E8B2AB15F77BDC2881A5CBE034E4FDF8AF435172ADCD20C3E723BD ] C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
19:59:50.0070 0x1490  C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - ok
19:59:50.0076 0x1490  [ 707BE9ACC449CDFEF8E3C435B633AECA, B7C63F2707EA470C3FA7C162ACAB7C0900E5BAF6C3AD24E4B108CC3DE256677A ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\f453ecc6bb7fc8d52d61247676944623\System.Configuration.ni.dll
19:59:50.0076 0x1490  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\f453ecc6bb7fc8d52d61247676944623\System.Configuration.ni.dll - ok
19:59:50.0082 0x1490  [ 6FC8773F3FC98F3458B2B39F042BA0FB, 1F7C3126F21EA5916F0B6BA9415091AC05524C3A1D708BD9C4D457F958A31AA1 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\9e0ade6fc2bcb5fbd4c8978bf92784a3\System.Transactions.ni.dll
19:59:50.0082 0x1490  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\9e0ade6fc2bcb5fbd4c8978bf92784a3\System.Transactions.ni.dll - ok
19:59:50.0089 0x1490  [ B74BB4FA1CB68892CAF2E3A586A55E23, 05449D0E7E31B9EB891E4471D901FE721F2DD1C4FC1E14E4FE900CF6768C6B06 ] C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
19:59:50.0089 0x1490  C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll - ok
19:59:50.0095 0x1490  [ C4304F5A2A9DE00DF1CE1DD9FB0B5072, 3C0B454BEDE01A1ACF941C561256FB9B9CED4CE9335518A66189A8D7B8C85EC7 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\5ba1ebef462c4f9cb1a8fe05c0419d0e\System.EnterpriseServices.ni.dll
19:59:50.0095 0x1490  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\5ba1ebef462c4f9cb1a8fe05c0419d0e\System.EnterpriseServices.ni.dll - ok
19:59:50.0101 0x1490  [ 18F9134278F8753694874A17870D531E, CB0B85BDE42DCC6BF850C0E9BB18C5700610B3BE9345AD8A741170378944294B ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\59eba2680c01c33b2b3f5385979e32c6\System.Web.ni.dll
19:59:50.0101 0x1490  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\59eba2680c01c33b2b3f5385979e32c6\System.Web.ni.dll - ok
19:59:50.0107 0x1490  [ CFCBA61BFCD17700242318F56A8CDE59, 15C2417D7A40565784640CD87899E750E6574B513E89090766B5B5E3C6D7E200 ] C:\Windows\assembly\GAC_32\Microsoft.SqlServer.MgdSqlDumper\11.0.0.0__89845dcd8080cc91\microsoft.sqlserver.mgdsqldumper.dll
19:59:50.0107 0x1490  C:\Windows\assembly\GAC_32\Microsoft.SqlServer.MgdSqlDumper\11.0.0.0__89845dcd8080cc91\microsoft.sqlserver.mgdsqldumper.dll - ok
19:59:50.0113 0x1490  [ 1CD379DEA582B44D5A367F73EEB79A81, E8A2B8811FA5AFE790C0171AF04A8AD21E54E7CCC924CDA6B4060EF77F8856A4 ] C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
19:59:50.0113 0x1490  C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll - ok
19:59:50.0120 0x1490  [ D2F18892FF6D2975881E863F1B3538F8, 1E2682424BD73F48C168FA972F9FE5A5F3FC181CD96D6D3E2471F708C0AAEBE2 ] C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
19:59:50.0120 0x1490  C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll - ok
19:59:50.0126 0x1490  [ C3366B92228B297D4DC054A70A724EF0, ED3DF50AB6016FC03F3B3513B76349E09E63AE2C902BD54A9C743DBDCC73F21A ] C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
19:59:50.0126 0x1490  C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll - ok
19:59:50.0132 0x1490  [ 70891F0ED183AC39BE4C5E43666A35C7, 1153941FC0A8E5A737E00918938E796AF1BF1F2492C5BC4B48D3614DCB588918 ] C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
19:59:50.0132 0x1490  C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll - ok
19:59:50.0138 0x1490  [ 5D9C765B672099500041A4C5A9F73CA1, 77C9F2F1627180ABD1C491B10BC8DF1A86732C362DE02240787BE66ED2D16F39 ] C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
19:59:50.0138 0x1490  C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll - ok
19:59:50.0144 0x1490  [ 41094DA59A3A406A7607F4E2DACE4BD7, E1C3B2F3DBD0DAF9951ACCDC234657FCAC78FDF6BFF0BD89A1A03CE873C48879 ] C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\Microsoft.ReportingServices.SharePoint.ObjectModel.dll
19:59:50.0145 0x1490  C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\Microsoft.ReportingServices.SharePoint.ObjectModel.dll - ok
19:59:50.0151 0x1490  [ 5B4E7D213E29EC04FF91970BCC177081, 60FBC2C60ECB9F69DE1F1B540EB6834DF0AD5B330F3A1C13772ECB5418B923BC ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\ae531e6e51247607c26263c079d36a1f\System.DirectoryServices.ni.dll
19:59:50.0151 0x1490  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\ae531e6e51247607c26263c079d36a1f\System.DirectoryServices.ni.dll - ok
19:59:50.0157 0x1490  [ 9441B446CB9C01BEA4BAF0C02830DF25, 2C06DB7D4CF205016E3ABE144E9CB69DAE0F5DF1189DD5B19DB2551F0F775080 ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\xpsqlbot.dll
19:59:50.0157 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\xpsqlbot.dll - ok
19:59:50.0163 0x1490  [ B5C8260D60C89604A647E825801C365A, C1379A44142955865517041CF9950B1EEDF8EFF8037290D3B5E5EC36B12B5B96 ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\XPStar.DLL
19:59:50.0163 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\XPStar.DLL - ok
19:59:50.0166 0x1490  [ 6ADEE2E414F36BD013EB03CB1FD1502F, 80395CC67CEF772FB03759BA30FB14C1A5FDD677624E3A1704DDBFA72752E269 ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\Resources\1033\XPStar.RLL
19:59:50.0166 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\Resources\1033\XPStar.RLL - ok
19:59:50.0173 0x1490  [ A3FD76E44C0A1BA2B71B237C3866C494, 06473166E06BAFE26C06E211742335CB052EAEDCA61ADBB6B0D1A7A347F10B16 ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\xplog70.dll
19:59:50.0173 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\xplog70.dll - ok
19:59:50.0180 0x1490  [ E8CD4BAEA8CDC5AEEA214761B25199DD, 7910A132B76703BE9A2BC75D3DAEC1453C0682158BB339DA9B577BCC231EC5FF ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\Resources\1033\xplog70.rll
19:59:50.0180 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\Resources\1033\xplog70.rll - ok
19:59:50.0186 0x1490  [ 4F7D0C24D7DE012E4A21473F7B53BB49, CB47B063F21F68B5088832D7F042776457F2C8B34C554493E2DC680E5C61DDE6 ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLATXSS.DLL
19:59:50.0186 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLATXSS.DLL - ok
19:59:50.0193 0x1490  [ 6F4CD62A81E2227FAA111557C8E41FE8, D7F146BACB48A1ADFD5318BF315473D6C58711E35C78E36A8823AE43C433B6A6 ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\atxcore.dll
19:59:50.0193 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\atxcore.dll - ok
19:59:50.0199 0x1490  [ D717B7ECAF2653C6FE11E04D7F9558EB, 0CCE1C5EC4C991D3978CED0A8C43083F240EFCA557FD7CD1BF4A85BDD73A9304 ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\Resources\1033\atxcore.rll
19:59:50.0199 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\Resources\1033\atxcore.rll - ok
19:59:50.0205 0x1490  [ CB1B999DF52BE17C0E05C2D4D8D472B0, F0848993E6EFE72270E27CBADDF4DDC9BAEB7C05DFA4A253CD7FC5299D1E8A7F ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\Resources\1033\SQLATXSS.RLL
19:59:50.0206 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\Resources\1033\SQLATXSS.RLL - ok
19:59:50.0211 0x1490  [ 740461BC8794DEE0A9B71DF7D1A013B5, 3F23AF086B14E35150AD0EDC58483B58E0EDBD669F664ADDDC7AAE194FE82D36 ] C:\Program Files\Microsoft SQL Server\110\COM\AXSCPHST.DLL
19:59:50.0211 0x1490  C:\Program Files\Microsoft SQL Server\110\COM\AXSCPHST.DLL - ok
19:59:50.0218 0x1490  [ A2AF2BB4891D3E7FA7448557E3681F2D, 54D5E884AFD909AA3FFE721C130FA82A98B234B8D5E5BBDA7D7DCDD691C0B552 ] C:\Program Files\Microsoft SQL Server\110\COM\Resources\1033\AXSCPHST.RLL
19:59:50.0218 0x1490  C:\Program Files\Microsoft SQL Server\110\COM\Resources\1033\AXSCPHST.RLL - ok
19:59:50.0224 0x1490  [ C97D0D0866ADC6E11D4F5DBBA7621789, 318FD51AF228E43537509CA5849EE44440C40A761AD8B8CCDD35DE5105DBD5B8 ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLCMDSS.DLL
19:59:50.0224 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLCMDSS.DLL - ok
19:59:50.0230 0x1490  [ 5C929F39727B135FAE9BDAB20C65B78A, B83C7016EBBB7FC88AA4E4B879163B84D530FD4448EE62EED9D8F2352C50BBD8 ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\Resources\1033\SQLCMDSS.RLL
19:59:50.0230 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\Resources\1033\SQLCMDSS.RLL - ok
19:59:50.0236 0x1490  [ 7B7D76F2983C98C1F4D8C8F7AE0932F9, E8EDB28FCF9367E017313E016E2E2DA07ACBEAE8306B64CAF7F255BC6978C9F8 ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLREPSS.DLL
19:59:50.0237 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLREPSS.DLL - ok
19:59:50.0242 0x1490  [ CAD997556FD8912FAAC4D16EDE7F2B75, 46F7AF9E27F6E87F8EF776C8FA9A373058C4C7279EF460AD93F6A6885FFCFF08 ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\Resources\1033\SQLREPSS.RLL
19:59:50.0243 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\Resources\1033\SQLREPSS.RLL - ok
19:59:50.0249 0x1490  [ D436A3ACA4E8F21F0115D86CAC7FBEA7, 77F90613931B496EAEAA691E8CE8DA1098B519BA77A377B14BF18DEC1A2AA57A ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLOLAPSS.DLL
19:59:50.0249 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLOLAPSS.DLL - ok
19:59:50.0255 0x1490  [ E7FBA129E7020A103B3CB7A37F771AE7, EFB666B1BA645E070835A577A09B830C590052B008658BE29A3F693AB83BA766 ] C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\Microsoft.ReportingServices.UpgradeScripts.dll
19:59:50.0255 0x1490  C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\Microsoft.ReportingServices.UpgradeScripts.dll - ok
19:59:50.0261 0x1490  [ 6617F24759BB1F3873C88AD9E0DF0435, 87B6E697760CE6EA7C6B0DD8BB11B39809FB7B70805AB66197AFC49BBED6A22C ] C:\Windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll
19:59:50.0261 0x1490  C:\Windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll - ok
19:59:50.0266 0x1490  [ 70C6489D56008D75DEDF73226FA63C11, 7AB4C89D7A259BB7DD6F24C5CA181749C3015A06B160B91593F2F1FC1E4AEDCE ] C:\Windows\System32\dimsjob.dll
19:59:50.0268 0x1490  C:\Windows\System32\dimsjob.dll - ok
19:59:50.0272 0x1490  [ 98638A4CA187245C469DA0DEC4F04A45, AE352C68D11888AA27109F366BFFA308CA8EE8E222599C74E2C0B1A1AA9B60A3 ] C:\Windows\System32\pautoenr.dll
19:59:50.0273 0x1490  C:\Windows\System32\pautoenr.dll - ok
19:59:50.0279 0x1490  [ AC48FD62E22C4425879FCA5A63F50497, 36234D6835F8CCDE2DEF4AAD2C9AD42C47FC7A5BDD9CFC9BE8FFE6995FB3DE1B ] C:\Windows\System32\certcli.dll
19:59:50.0298 0x1490  C:\Windows\System32\certcli.dll - ok
19:59:50.0301 0x1490  [ 0053319C4438CDE659AA75C19BBD22F1, F0EE45AAB3DC43DECF7DA6B7A5DC4AAEF9A660D3BE1B571EA5FD2C6779A583FB ] C:\Windows\System32\CertEnroll.dll
19:59:50.0301 0x1490  C:\Windows\System32\CertEnroll.dll - ok
19:59:50.0307 0x1490  [ 28CED6A679E517C0FF78E205E95E066E, D5644AFDD39BDCFA29C415F7781B458A1C523E898390FB44AC8787B157C42E87 ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\Resources\1033\SQLOLAPSS.RLL
19:59:50.0307 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\Resources\1033\SQLOLAPSS.RLL - ok
19:59:50.0313 0x1490  [ 8FE711FA7ADE689298C30E94E3E558C3, 89474315FDC2EB11D239B52D6CEF78C1CDCDE24FD960B8BC02300E8DD9DC73D8 ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLDTSSS.DLL
19:59:50.0313 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLDTSSS.DLL - ok
19:59:50.0320 0x1490  [ 502B2404E6D4A5C093028DC021C8B65F, D8757D46F14D5AC1740BD12E1A8D1C1720FC0FB92DE591EC19C9E937E459A531 ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\Resources\1033\SQLDTSSS.RLL
19:59:50.0320 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\Resources\1033\SQLDTSSS.RLL - ok
19:59:50.0326 0x1490  [ D7EA609FED4F147D8B8C9EC2C4782853, FCC5AAFA14D036212047D7030F0BDDFC1557B1BF70C96FC5F2402C35B48A02EE ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLPOWERSHELLSS.DLL
19:59:50.0326 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLPOWERSHELLSS.DLL - ok
19:59:50.0332 0x1490  [ D953A278737C555C65F58CD1708742EB, 21BCC7F82AEFDA825AEDA4D15DCA90B9D295532C716843B42FB988CE9E97DDB0 ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\Resources\1033\SQLPOWERSHELLSS.RLL
19:59:50.0332 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\Resources\1033\SQLPOWERSHELLSS.RLL - ok
19:59:50.0338 0x1490  [ B9FA05A29669FB030604FC65A06B3AB5, F4796BE744C8065C33CADCFFA57E7770B691AC9638A8166B045636E304A0869F ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLAgentMail.dll
19:59:50.0338 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLAgentMail.dll - ok
19:59:50.0344 0x1490  [ 22DC784B32BEE306A99F50D6DC2460BC, 5144BDCEAFC593817545869E82A7D78104F310A8B0188E0EC49648F929F6E1C2 ] C:\Windows\System32\esent.dll
19:59:50.0344 0x1490  C:\Windows\System32\esent.dll - ok
19:59:50.0349 0x1490  [ C8AE490A93C3CC2E537B6E06247785A1, AE4978ADCBBE8047B3409969752230DC1A2C10B7ADC876859A3965196B7F6203 ] C:\Windows\System32\wbem\NCProv.dll
19:59:50.0350 0x1490  C:\Windows\System32\wbem\NCProv.dll - ok
19:59:50.0356 0x1490  [ E3F535656B5ABF249702EB64F3CF9AF0, 8669E7586FC1020E2C382997CF5A3B55BBF4A0135554921F1BC00CF9400FBC75 ] C:\Windows\System32\wbem\wbemcons.dll
19:59:50.0356 0x1490  C:\Windows\System32\wbem\wbemcons.dll - ok
19:59:50.0361 0x1490  [ 1BA1AB4141A92EB34DA99F1249CA2D4D, 43ADF35146E61E0DE58D2ACC2994538F6025135ECEB30073BEF05A804BB38107 ] C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe
19:59:50.0361 0x1490  C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe - ok
19:59:50.0368 0x1490  [ 8BE000F9A0B0FF7194AAEFB02C9BDE99, C56F996F7672CA5A481E85EB014D5C4CFEDB57ED0B5C8432DB56B5AD3000EC27 ] C:\Windows\System32\wer.dll
19:59:50.0368 0x1490  C:\Windows\System32\wer.dll - ok
19:59:50.0373 0x1490  [ 3606CE1AC3D6A9A9CB7DB35D7F5C54EC, 220911A88EF333BAC01062CC9E83566DBC12B1564D5B58C3A8A039DFDFDB7C6C ] C:\Windows\System32\shfolder.dll
19:59:50.0373 0x1490  C:\Windows\System32\shfolder.dll - ok
19:59:50.0378 0x1490  [ 254AC97C9AF4DDF3F5F57855198527B7, 3F78B76BEC50B333ED9A4C0064EBCB573FFF885813A212407E32126F2167B5DE ] C:\Windows\System32\wermgr.exe
19:59:50.0378 0x1490  C:\Windows\System32\wermgr.exe - ok
19:59:50.0385 0x1490  [ BF2156D8D9866983B55D95382131DC4A, 51C0D5038A23BC81829B63505D5E2DCC304C1AEFA0443C7F0B4D65B734D544DB ] C:\Windows\System32\lsmproxy.dll
19:59:50.0385 0x1490  C:\Windows\System32\lsmproxy.dll - ok
19:59:50.0390 0x1490  [ A6250DF429D0D78DACFBC6B87074E584, 0C0FC4F1B5CADB8AE9D4182C732F01921979EB839E46462564181F87AE4376F6 ] C:\Windows\System32\regapi.dll
19:59:50.0390 0x1490  C:\Windows\System32\regapi.dll - ok
19:59:50.0395 0x1490  [ 42D33042371BFB1A7D40834590CAFD30, 53DA3618EC10293B2DF686E291A4EF6ACBBD41D116EC762D54106D201A784E87 ] C:\Program Files\Microsoft Security Client\NisSrv.exe
19:59:50.0395 0x1490  C:\Program Files\Microsoft Security Client\NisSrv.exe - ok
19:59:50.0401 0x1490  [ E67DAF21DDBE6D4B5771E12902902EEA, 247D7E77AC5B3F67B855C2F3518F543CABFEB39128B391E017A1F515E2F900B5 ] C:\Windows\System32\rdpwsx.dll
19:59:50.0401 0x1490  C:\Windows\System32\rdpwsx.dll - ok
19:59:50.0407 0x1490  [ EE60FC8F65B94C392DE0F75533C014FB, 28266E2F196363AC13D06421172A530E09FC5D4A8F23D9D2018D5DC580BB1673 ] C:\Windows\System32\mstlsapi.dll
19:59:50.0407 0x1490  C:\Windows\System32\mstlsapi.dll - ok
19:59:50.0412 0x1490  [ C65666EE6C56218B2C5FFB53BFB2FD37, 7DB747920001911A47A54CFE4EB0596345E39F03D2CEDF7BAAD1671CD6317C95 ] C:\Program Files\Microsoft Security Client\NisLog.dll
19:59:50.0412 0x1490  C:\Program Files\Microsoft Security Client\NisLog.dll - ok
19:59:50.0419 0x1490  [ 531AF957359F8A202655AA9535EBD567, DE238B0857DBFC1B5B4A8CDB4B5C367A4D635E7DB0FE0C431AAD292BC3C94931 ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe
19:59:50.0419 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe - ok
19:59:50.0424 0x1490  [ F0062778F50838145AC46B384FFB4FA3, 7EC4509AB87062D2BA00E3B7AD59F3D6D2F01AF66E4AEFB70BFAFD1B89E7BFEF ] C:\Windows\System32\pcadm.dll
19:59:50.0424 0x1490  C:\Windows\System32\pcadm.dll - ok
19:59:50.0430 0x1490  [ E21D3548D377151B82FD70E43039CF52, 00A7C29AB11D77CB8344E0BC8E52C5823FC50A6123C54F5219507A901A1826F0 ] C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID.pin
19:59:50.0430 0x1490  C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID.pin - ok
19:59:50.0437 0x1490  [ E34D075ACC022C117C215DFB4995F41D, C743597CEBF04EA639C0E05DA87AA62F09E793A8C8A9E2B1C136C60DD3D5AF6A ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizM.dll
19:59:50.0437 0x1490  C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizM.dll - ok
19:59:50.0443 0x1490  [ CF39C5CAFF192033C82DF6D493F7C522, CB8619C5AB9247BB2C3AC901C1DF4EC3F44A11236C4E0552EE06CD84C13D6868 ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizD.dll
19:59:50.0443 0x1490  C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizD.dll - ok
19:59:50.0449 0x1490  [ F50F7984FDD151EDD8A70A8DBD9E2A44, 45E7ECA40298B233D124993D6C9D4FBBF05E9A843F4DE089317342B3D8A83696 ] C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
19:59:50.0449 0x1490  C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll - ok
19:59:50.0455 0x1490  [ 8BB3E105E8881AD8467F71D5E22AAE43, 74D7B5E7FD9CB9D84529ABE5AFB42D928FF8B6E03377AEF37D95B160AD6FDC39 ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizR.dll
19:59:50.0455 0x1490  C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizR.dll - ok
19:59:50.0461 0x1490  [ 170159D6F26E4945A7234E1767A5D922, 7EDC9276E9D56CE4F33D737A3DFC9E94834C86BF2A837F62F32AB1D1166A1F8C ] C:\Program Files\Intel\Intel Matrix Storage Manager\RaidWizCnG.dll
19:59:50.0461 0x1490  C:\Program Files\Intel\Intel Matrix Storage Manager\RaidWizCnG.dll - ok
19:59:50.0468 0x1490  [ F878AB9978615A3C8F29C18B9BC6E5FD, 5CE5726DE549FA922D9C60CCE55346E0CBE962E685789D1C2CCB4742F716DA5F ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizC.dll
19:59:50.0468 0x1490  C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizC.dll - ok
19:59:50.0473 0x1490  [ EB91D67D8F0F4A262B133F118E840912, 4DB901728EDDA84C9D3132F8AF1A326EF56C9B38C5F38CB25A962DC69E8A2D9D ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizCFE.dll
19:59:50.0474 0x1490  C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizCFE.dll - ok
19:59:50.0480 0x1490  [ 90905E1ED2935F48B07952A74B718551, 70DEADC59BAB3EF1626F63B97926BBC373D2EFBD4A5F1EE512191567148E7038 ] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
19:59:50.0480 0x1490  C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe - ok
19:59:50.0485 0x1490  [ D6804F089CBB6749E95124E7C4D80900, 262065CFC88A1E27996CA6B161A5B87B40B2ED1850EE928A2033D140C1A84F60 ] C:\Windows\AppPatch\AcLayers.dll
19:59:50.0486 0x1490  C:\Windows\AppPatch\AcLayers.dll - ok
19:59:50.0491 0x1490  [ 9A6A653ADF28D9D69670B48F535E6B90, 72351645184693A879CFF7FD171A182F24B7F72EA313E8D42F2744D0421FE188 ] C:\Windows\System32\runonce.exe
19:59:50.0491 0x1490  C:\Windows\System32\runonce.exe - ok
19:59:50.0497 0x1490  [ BD60D8A113A22878BF024B06E1CBF72E, 632E15A5EFDACC9D753812C1592B6582B1A47694594A2C9DE64E97499F14C410 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B175FCEC-CCDF-4FB0-962A-71EBAA46CE56}\gapaengine.dll
19:59:50.0497 0x1490  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B175FCEC-CCDF-4FB0-962A-71EBAA46CE56}\gapaengine.dll - ok
19:59:50.0503 0x1490  [ 27D4C064D90473D4FA84F7D17E1A1D65, 285EA5563DD4EEF8BBD571799198E426076C57AEDCE45F1F86D6CB83C8A575DF ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B175FCEC-CCDF-4FB0-962A-71EBAA46CE56}\nisfull.vdm
19:59:50.0503 0x1490  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B175FCEC-CCDF-4FB0-962A-71EBAA46CE56}\nisfull.vdm - ok
19:59:50.0509 0x1490  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] C:\Windows\System32\drivers\tdtcp.sys
19:59:50.0509 0x1490  C:\Windows\System32\drivers\tdtcp.sys - ok
19:59:50.0515 0x1490  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] C:\Windows\System32\drivers\tssecsrv.sys
19:59:50.0515 0x1490  C:\Windows\System32\drivers\tssecsrv.sys - ok
19:59:50.0521 0x1490  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] C:\Windows\System32\drivers\rdpwd.sys
19:59:50.0521 0x1490  C:\Windows\System32\drivers\rdpwd.sys - ok
19:59:50.0526 0x1490  [ 74F26FC01B180D4A99A168ED69C30A53, D2FD623D70340F650BFAC8C31102E1B9168FE1750C141A23ACCC1A21F9F93A94 ] C:\Windows\System32\cmd.exe
19:59:50.0526 0x1490  C:\Windows\System32\cmd.exe - ok
19:59:50.0532 0x1490  [ 1A617835452EEE5060976C9B9F5FE635, DCCAAB049681BE876B73F0880EA32196CDA7EC954D452768A48D366096C5BD53 ] C:\Windows\System32\wuapi.dll
19:59:50.0532 0x1490  C:\Windows\System32\wuapi.dll - ok
19:59:50.0538 0x1490  [ 3458EDA96E30FBD0477A2800D3FB1909, BDF84362E4D8A102E7FB5F352D950B84D1A8E1E7928521B68E7671D4176803C5 ] C:\Windows\System32\wups.dll
19:59:50.0538 0x1490  C:\Windows\System32\wups.dll - ok
19:59:50.0544 0x1490  [ 7446AB80BD649C92B9B6E35D4CB1DB20, 7017482B896543D4447AAE112D9EAC299B00306B603854FA3F152BC802518EBF ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdhost.exe
19:59:50.0544 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdhost.exe - ok
19:59:50.0549 0x1490  [ B231416DD7569B5C16F2DD2D2D64BB5A, BC8C750C37C77D253EAEBCCC43F47A9703BCC2A2771493D8FB1395D75F359734 ] C:\Windows\System32\ieframe.dll
19:59:50.0549 0x1490  C:\Windows\System32\ieframe.dll - ok
19:59:50.0556 0x1490  [ 286458795960ECC30F143F012B192EBF, E7FAA8E8BD4636123F12193C87B3164DC38F04BB79106CB98E3FA77F30CA1B57 ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fd.dll
19:59:50.0556 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fd.dll - ok
19:59:50.0562 0x1490  [ 2B7215765E94E4F43EAFBAD9D4D5CF87, 4088219B7164DFA3D4EDC76148441BB654667166E275924869F98704B559C8FB ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\query.dll
19:59:50.0562 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\query.dll - ok
19:59:50.0568 0x1490  [ B9314C10AF08C3108F58CEDA7F47F46E, 6C1FB1558F56D51C01BEE88374D5DAB5D05753D2599598B7D3F05245D9A05E77 ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlft110ph.dll
19:59:50.0568 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlft110ph.dll - ok
19:59:50.0574 0x1490  [ C9560BBB239E0EA21EF4BEA39DD85F69, F30A82724F35BBFF445058AF46B86A7BFEA8E51813B72206A3EFA9D3CA7F3DCD ] C:\Users\x\AppData\Local\temp\{BC0F2C14-155A-43E0-A9B7-51632D435273}.exe
19:59:50.0574 0x1490  C:\Users\x\AppData\Local\temp\{BC0F2C14-155A-43E0-A9B7-51632D435273}.exe - ok
19:59:50.0580 0x1490  [ 12BCF4DAD8E5A1B3D5FA7AB4A79DA105, 613F0D184E08CBE1FFEEB8F845ADCA79577FB3CF59EA1FEE6B2346D9930763AB ] C:\Windows\System32\sfc_os.dll
19:59:50.0580 0x1490  C:\Windows\System32\sfc_os.dll - ok
19:59:50.0586 0x1490  [ C0B8B96D018849FD8CCF15FED84E8782, E107AA4ADE150DC309C39BBF47292E7A7F8DD439FAB30791676BC8A1133B9AFD ] C:\Windows\System32\ie4uinit.exe
19:59:50.0586 0x1490  C:\Windows\System32\ie4uinit.exe - ok
19:59:50.0591 0x1490  [ F0FEFB0B5D25A75D478A4317139D937E, CB6EB2891130A410A80F6A1BF0CAC66C429DB7D4ADD0D8484CA4F83D17856441 ] C:\Windows\System32\iedkcs32.dll
19:59:50.0591 0x1490  C:\Windows\System32\iedkcs32.dll - ok
19:59:50.0597 0x1490  [ 4B19A9A4191353007E9819A832B81186, 02B78FB11F80763CCB0E30E383247BD76FAC8A25DEE4971E8958EF19A08A719A ] C:\Windows\System32\timedate.cpl
19:59:50.0597 0x1490  C:\Windows\System32\timedate.cpl - ok
19:59:50.0602 0x1490  [ 8D78BA30DB4AE040A52EDEE725782715, 15099FC7A90B2E8D718D46E02D56026D56B3F043124C3455E79B7B44A027DD11 ] C:\Windows\System32\actxprxy.dll
19:59:50.0603 0x1490  C:\Windows\System32\actxprxy.dll - ok
19:59:50.0608 0x1490  [ FF41E1AC301F51E16F61AD7C0F45467C, 8E8F7C932C4A6EE239BC6F48D064C55872ED309C8F77263159729D0C2EC675DA ] C:\Windows\System32\msshsq.dll
19:59:50.0608 0x1490  C:\Windows\System32\msshsq.dll - ok
19:59:50.0613 0x1490  [ 1CE4A2790EB4A96F4ED1E4264866AFE6, EA079AABE19E4E15674AB6EC0B92EFBB382CEDE1D43CFF8A118127F7FF891FDA ] C:\Windows\System32\NaturalLanguage6.dll
19:59:50.0613 0x1490  C:\Windows\System32\NaturalLanguage6.dll - ok
19:59:50.0619 0x1490  [ AA111488C03C58A2BF66509ABB4FDE60, E7E0E3305DB8ECE1E4312D8C664BE0C25B62236C97ABB19ABF5B4FD1E75C83E2 ] C:\Windows\System32\NlsData0009.dll
19:59:50.0619 0x1490  C:\Windows\System32\NlsData0009.dll - ok
19:59:50.0625 0x1490  [ 8629B71343F61E1140243581C63BC0C7, DF03E90AC77E2559294385B8502AF8F6BAF5B2B40BE843F1AD50CD5848538F0D ] C:\Windows\System32\NlsLexicons0009.dll
19:59:50.0625 0x1490  C:\Windows\System32\NlsLexicons0009.dll - ok
19:59:50.0630 0x1490  [ 24F90AEFEBE601D427CB4511E74CDCB6, 0FEBBE1F81E6A48DA0D8967E256259B6F92F6E79804DF9CAC9422FEC47CB9BF2 ] C:\Windows\System32\linkinfo.dll
19:59:50.0630 0x1490  C:\Windows\System32\linkinfo.dll - ok
19:59:50.0636 0x1490  [ 04044BF8E6989BE45FA718C24407CA28, C88D19AA791793313551B26DF2A33A59BEBE366F2F2930ABDE0865AE932BFD7E ] C:\Windows\System32\networkexplorer.dll
19:59:50.0636 0x1490  C:\Windows\System32\networkexplorer.dll - ok
19:59:50.0642 0x1490  [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\Users\x\AppData\Local\temp\{4B545357-235E-4CD1-8B3A-70218BD707A4}\{115975AF-6627-4D57-8BBE-A2B14729F4D7}.tmp
19:59:50.0643 0x1490  C:\Users\x\AppData\Local\temp\{4B545357-235E-4CD1-8B3A-70218BD707A4}\{115975AF-6627-4D57-8BBE-A2B14729F4D7}.tmp - ok
19:59:50.0649 0x1490  [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\Users\x\AppData\Local\temp\{4B545357-235E-4CD1-8B3A-70218BD707A4}\{4DB6703E-AA5A-484B-B335-16063359C394}.tmp
19:59:50.0649 0x1490  C:\Users\x\AppData\Local\temp\{4B545357-235E-4CD1-8B3A-70218BD707A4}\{4DB6703E-AA5A-484B-B335-16063359C394}.tmp - ok
19:59:50.0655 0x1490  [ 55C11301579A42639736EA3B17A3A588, CBEBDD7C883EF47DB86060AF0F09FD2218161D5FEB0CECEB4A068B9CC63499F8 ] C:\Users\x\AppData\Local\temp\{4B545357-235E-4CD1-8B3A-70218BD707A4}\{0F6E0831-BC6B-45A8-AB87-50207829BF7D}.tmp
19:59:50.0655 0x1490  C:\Users\x\AppData\Local\temp\{4B545357-235E-4CD1-8B3A-70218BD707A4}\{0F6E0831-BC6B-45A8-AB87-50207829BF7D}.tmp - ok
19:59:50.0661 0x1490  [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\Users\x\AppData\Local\temp\{4B545357-235E-4CD1-8B3A-70218BD707A4}\{7A0BC250-71DE-4D58-BE43-1EA175DBEE64}.tmp
19:59:50.0661 0x1490  C:\Users\x\AppData\Local\temp\{4B545357-235E-4CD1-8B3A-70218BD707A4}\{7A0BC250-71DE-4D58-BE43-1EA175DBEE64}.tmp - ok
19:59:50.0668 0x1490  [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\Users\x\AppData\Local\temp\{4B545357-235E-4CD1-8B3A-70218BD707A4}\{AFCFD807-9F7C-4E93-8F7D-B3756F3C91BF}.tmp
19:59:50.0668 0x1490  C:\Users\x\AppData\Local\temp\{4B545357-235E-4CD1-8B3A-70218BD707A4}\{AFCFD807-9F7C-4E93-8F7D-B3756F3C91BF}.tmp - ok
19:59:50.0671 0x1490  [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\Users\x\AppData\Local\temp\{4B545357-235E-4CD1-8B3A-70218BD707A4}\{0686255F-3974-44D8-9751-ADB2F664F451}.tmp
19:59:50.0671 0x1490  C:\Users\x\AppData\Local\temp\{4B545357-235E-4CD1-8B3A-70218BD707A4}\{0686255F-3974-44D8-9751-ADB2F664F451}.tmp - ok
19:59:50.0677 0x1490  [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\Users\x\AppData\Local\temp\{4B545357-235E-4CD1-8B3A-70218BD707A4}\{D72F0942-205F-4BE4-B092-39DB827850A0}.tmp
19:59:50.0677 0x1490  C:\Users\x\AppData\Local\temp\{4B545357-235E-4CD1-8B3A-70218BD707A4}\{D72F0942-205F-4BE4-B092-39DB827850A0}.tmp - ok
19:59:50.0685 0x1490  [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\Users\x\AppData\Local\temp\{4B545357-235E-4CD1-8B3A-70218BD707A4}\{6FC5CE21-4117-4790-811B-8A61A7596BB2}.tmp
19:59:50.0685 0x1490  C:\Users\x\AppData\Local\temp\{4B545357-235E-4CD1-8B3A-70218BD707A4}\{6FC5CE21-4117-4790-811B-8A61A7596BB2}.tmp - ok
19:59:50.0690 0x1490  [ 5016B8FC59AD616F03813FBE63295081, D5141F87D456CBF12E7C227A9C5D3918A675D20953E7705A49ED1BE5426C69EB ] C:\Windows\System32\thumbcache.dll
19:59:50.0690 0x1490  C:\Windows\System32\thumbcache.dll - ok
19:59:50.0696 0x1490  [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\Users\x\AppData\Local\temp\{4B545357-235E-4CD1-8B3A-70218BD707A4}\{127D629B-63ED-4137-8C8F-9F0F27AADFFE}.tmp
19:59:50.0696 0x1490  C:\Users\x\AppData\Local\temp\{4B545357-235E-4CD1-8B3A-70218BD707A4}\{127D629B-63ED-4137-8C8F-9F0F27AADFFE}.tmp - ok
19:59:50.0702 0x1490  [ C72FB9CC856ECFF3B6459B27CB674638, 4D5FED8FD31E24A0BC52AE11C1FBCB9C08B1B7EB4A90771B0174117E8D84B966 ] C:\Windows\PixArt\Pac207\Monitor.exe
19:59:50.0702 0x1490  C:\Windows\PixArt\Pac207\Monitor.exe - ok
19:59:50.0708 0x1490  [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\Users\x\AppData\Local\temp\{4B545357-235E-4CD1-8B3A-70218BD707A4}\{11E0F776-6C5E-405E-AFE5-C1A8AD8193F8}.tmp
19:59:50.0708 0x1490  C:\Users\x\AppData\Local\temp\{4B545357-235E-4CD1-8B3A-70218BD707A4}\{11E0F776-6C5E-405E-AFE5-C1A8AD8193F8}.tmp - ok
19:59:50.0713 0x1490  [ 80BD4B26E2CBC0D65445D0463DFF6FC2, 3C36ACAABF7D0EE528424599E151DC9D19A1D2D50E97CAA141E427774F11076D ] C:\Windows\System32\oledlg.dll
19:59:50.0713 0x1490  C:\Windows\System32\oledlg.dll - ok
19:59:50.0719 0x1490  [ BADC359C9A0D9C217B7E8DA17BF3F5BB, F3DAD07D80FFF1631AE21C66362757263BD9D6D2D6DE692A618191F84EE46827 ] C:\Windows\System32\ntshrui.dll
19:59:50.0719 0x1490  C:\Windows\System32\ntshrui.dll - ok
19:59:50.0725 0x1490  [ C41ACDD329B400D6F67920681464E1BE, CD0AB8579D73419495D8390BFC15364B729546CFB0B111A8EC85618D048A1AF6 ] C:\Program Files\ATI\ATI.ACE\Core-Static\CLIStart.exe
19:59:50.0725 0x1490  C:\Program Files\ATI\ATI.ACE\Core-Static\CLIStart.exe - ok
19:59:50.0731 0x1490  [ 03396637E1E1B4E333D00AED86178918, CF582487E856D01C960392AC658E8D36A92F2B2B4B9AEA9BFC9E6F75FBAD6571 ] C:\Program Files\Microsoft Security Client\msseces.exe
19:59:50.0731 0x1490  C:\Program Files\Microsoft Security Client\msseces.exe - ok
19:59:50.0737 0x1490  [ 61216539E55DDF2F78E421E7EF140650, 0897EEA53F8924441FD2F61EB0FCE96142A6526EDB857B1638FEDD9304AD3561 ] C:\Windows\System32\ExplorerFrame.dll
19:59:50.0737 0x1490  C:\Windows\System32\ExplorerFrame.dll - ok
19:59:50.0743 0x1490  [ A42DB8F1EFB35F8BF91F4354573F2B96, BD32F9D79546B54C1911795A40FB0A92C230BB384A0AB6DC929958A1CEF34A75 ] C:\Program Files\Adobe\Acrobat 8.0\Designer 8.0\FormDesigner.exe
19:59:50.0743 0x1490  C:\Program Files\Adobe\Acrobat 8.0\Designer 8.0\FormDesigner.exe - ok
19:59:50.0749 0x1490  [ 81AC5268574856C96D83C4519446864A, 96C159A67356EEA3255A2CAF0074396EDF931184EDCA43F5E984E411341C85D1 ] C:\Program Files\Analog Devices\Core\smax4pnp.exe
19:59:50.0749 0x1490  C:\Program Files\Analog Devices\Core\smax4pnp.exe - ok
19:59:50.0755 0x1490  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] C:\Users\x\AppData\Local\Google\Update\GoogleUpdate.exe
19:59:50.0755 0x1490  C:\Users\x\AppData\Local\Google\Update\GoogleUpdate.exe - ok
19:59:50.0761 0x1490  [ DE7F813217EC88C0A6D4D8F2F39D7949, F749DA3DC87DDA8579B02F27951CC3BBEADFC25362D892E9484146616A0ACF47 ] C:\Windows\System32\msiltcfg.dll
19:59:50.0761 0x1490  C:\Windows\System32\msiltcfg.dll - ok
19:59:50.0766 0x1490  [ 027E5E14C9CFF810377701BDEAD8210F, 053BE912C3F536DFA8734603B9BDFB314B61934404C84B368ABC8CA8C68F2CE5 ] C:\Windows\System32\control.exe
19:59:50.0766 0x1490  C:\Windows\System32\control.exe - ok
19:59:50.0773 0x1490  [ 6DA7C93AB37B4A204BFCAE9FA07FF48D, 281EA846AA9C307CC5705AA5DD77E5F31CBFC55DAC2AEACEEC3C3A9B3B9461E7 ] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
19:59:50.0773 0x1490  C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe - ok
19:59:50.0779 0x1490  [ 790222D6CCFC576F0D07D418E6115D85, F1B1B9CC64822CE16629B1569121FB782A1A5F4E49E97AB9238BCBCD81E58AF9 ] C:\Program Files\Windows Calendar\WinCal.exe
19:59:50.0779 0x1490  C:\Program Files\Windows Calendar\WinCal.exe - ok
19:59:50.0785 0x1490  [ 06164026C38AA5366E4D127E2E36FDE8, 9E2D88DFF9906F929F0F4C343E818DE8FDF0B49DDFA8B0851CF3E1DB66462F2C ] C:\Program Files\Windows Mail\wab.exe
19:59:50.0785 0x1490  C:\Program Files\Windows Mail\wab.exe - ok
19:59:50.0790 0x1490  [ 9CB42FBFCEBE0E053BCFD20F0EACDC7F, BD71F29C7011A0C355CAAE8893D9E64D6B672E004BCB80D6E6B0BBB20D079DFF ] C:\Program Files\Debugging Tools for Windows (x86)\gflags.exe
19:59:50.0790 0x1490  C:\Program Files\Debugging Tools for Windows (x86)\gflags.exe - ok
19:59:50.0796 0x1490  [ 8AB90809C01511FB75EC606C9EEC5B9F, 26E28331B721A1C71AA7E3210112FFC9079C588E0FB511D544CF496EC6D543E6 ] C:\Windows\System32\WFS.exe
19:59:50.0796 0x1490  C:\Windows\System32\WFS.exe - ok
19:59:50.0802 0x1490  [ 52BC119E49F88F2A5D1466230B1275C7, 948EC013DBD86AC61FA3C0CEE4778866161383EF25AD715BD6160B5697BDF5A8 ] C:\Program Files\Windows Collaboration\WinCollab.exe
19:59:50.0802 0x1490  C:\Program Files\Windows Collaboration\WinCollab.exe - ok
19:59:50.0808 0x1490  [ B384681B7B435CC7D1518F5A31979AE1, CD2C9EBA3221601F4E4B742E16331F6577AE1EE8A8E4BA81FB4D3EF60962E3B0 ] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaamon_ENU.dll
19:59:50.0808 0x1490  C:\Program Files\Intel\Intel Matrix Storage Manager\Iaamon_ENU.dll - ok
19:59:50.0814 0x1490  [ F0B3AE75BC2A978441934CE1CFE37908, 5CB7BEA8B356FB770212DCB69E9F41F26E860851BD84D17EF35CAD79DE468724 ] C:\Program Files\MicroStar\WLANUtility\WlanUtility.exe
19:59:50.0814 0x1490  C:\Program Files\MicroStar\WLANUtility\WlanUtility.exe - ok
19:59:50.0825 0x1490  [ B5950DF243837D8217F4E597919B224A, 3E675AFDE75E4DB9C528343569F5A9DE495BBCCB699EBE3FE41A2B5199F25E97 ] C:\Windows\System32\stobject.dll
19:59:50.0825 0x1490  C:\Windows\System32\stobject.dll - ok
19:59:50.0828 0x1490  [ EC69B16644C613F41A57169F8D068F1D, 400CD49D44643CC72129A918B2E2B4FEDB5DD26A9709D7A686B01432F73F0474 ] C:\Windows\System32\batmeter.dll
19:59:50.0828 0x1490  C:\Windows\System32\batmeter.dll - ok
19:59:50.0834 0x1490  [ A16F81DBE03E8287AB0212419BBFC58A, 675332A4391558B583233F84814F9A37D6C0C2B7103732A68FCBED44CF8938CC ] C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\DQSInstaller.exe
19:59:50.0835 0x1490  C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\DQSInstaller.exe - ok
19:59:50.0840 0x1490  [ C4AB08459CD7B59B410ACFC04D90E87B, 503A3D8590246C9BE313AF0CA0A322509A27AFBAE33A1D0CE2173DBC48170154 ] C:\Program Files\Movie Maker\MOVIEMK.exe
19:59:50.0840 0x1490  C:\Program Files\Movie Maker\MOVIEMK.exe - ok
19:59:50.0846 0x1490  [ 7F5EC5D29B2086655F83AC4500502439, E966F8FE671ECA4009F5C82635C6B21EFF749BFF734751C84B82C6FFC1F53CCB ] C:\Program Files\Microsoft SDKs\Windows\v6.0A\bin\FUSLOGVW.exe
19:59:50.0846 0x1490  C:\Program Files\Microsoft SDKs\Windows\v6.0A\bin\FUSLOGVW.exe - ok
19:59:50.0852 0x1490  [ C03AC1FBCD625F93D2C245D97E06F270, C8B29DA440C32B305FDC734DFA02DBB50B6FD47BC94582A8FAF86B4674534B35 ] C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe
19:59:50.0852 0x1490  C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe - ok
19:59:50.0858 0x1490  [ C650A575F2B4FD4FFB5536B4218ADC5A, 0A253C4B60A7B125C70150ABB71BA6DBBA22B40E3527D68C23C7CFC59A71C162 ] C:\Program Files\Microsoft SDKs\Windows\v7.0\Bin\FUSLOGVW.exe
19:59:50.0858 0x1490  C:\Program Files\Microsoft SDKs\Windows\v7.0\Bin\FUSLOGVW.exe - ok
19:59:50.0864 0x1490  [ 069385484EA57B663D688894C88975C5, 878148BBC052241F5CA78EA4CF708D21F0B31F9EA67EE2BCE07D2BDAD9F67241 ] C:\Windows\System32\wuapp.exe
19:59:50.0864 0x1490  C:\Windows\System32\wuapp.exe - ok
19:59:50.0870 0x1490  [ 30F02D9C55053367E26A11482F51E255, A1CE545DBB8983BD71C82FAC1C3F2633E571FAC7EFDDD8E99E73C7A308A31861 ] C:\Windows\System32\SndVolSSO.dll
19:59:50.0870 0x1490  C:\Windows\System32\SndVolSSO.dll - ok
19:59:50.0875 0x1490  [ 75AD59B9B12EB194486BE8D97B062994, 603ECA45F49420EE4F8549FB11C6CB814990E0A562786E6DEB3AF434A1D42E39 ] C:\Windows\System32\pnidui.dll
19:59:50.0875 0x1490  C:\Windows\System32\pnidui.dll - ok
19:59:50.0881 0x1490  [ C836967A636DDC614FB7A191AA152262, C264386EC6DE8774C2100621A3BF4B5856BE4E6363355EB6896D5C13397F2763 ] C:\Program Files\Analog Devices\Core\smwdmif.dll
19:59:50.0881 0x1490  C:\Program Files\Analog Devices\Core\smwdmif.dll - ok
19:59:50.0887 0x1490  [ 2DD6AF8E97F59C9D39329BBC2A81F13F, 53D9DD827F010DFC555C330296B552276E2F0DB2ECFFB9578FA92F4D4DD77945 ] C:\Windows\System32\rasdlg.dll
19:59:50.0887 0x1490  C:\Windows\System32\rasdlg.dll - ok
19:59:50.0892 0x1490  [ 35937EAD711207544E219C2A19A78A7D, EE6E5EAE00F577D7C3FFB8C0D8EE484552A337CEAA27FCB107174A9879FE7362 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
19:59:50.0892 0x1490  C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
19:59:50.0898 0x1490  [ 17C0E094BEE5BC03CF491972F71AA6EF, 801E500A8B3C6DC7881E1C26AD3AFF4D105D5F2C8F58AFED84EF1A101F3AC10A ] C:\Windows\System32\wlanapi.dll
19:59:50.0898 0x1490  C:\Windows\System32\wlanapi.dll - ok
19:59:50.0904 0x1490  [ 4A839160ED1963F9A1526DDA2D1233B2, 1586B0D89994C37DF8DC045AEA91BA6A26B59DBDF9FB57C4BB7482922CC5B0F2 ] C:\Windows\System32\AltTab.dll
19:59:50.0904 0x1490  C:\Windows\System32\AltTab.dll - ok
19:59:50.0910 0x1490  [ 6B5C53E0932C510606D700B7A896EF73, 760ECED5F0CA82EBA3B346FEAF7C46543C5CF89A7B624E8AFD5B4A00D3D4EDE9 ] C:\Windows\System32\WPDShServiceObj.dll
19:59:50.0910 0x1490  C:\Windows\System32\WPDShServiceObj.dll - ok
19:59:50.0915 0x1490  [ 883D02AB5D350BC45E0F60E8CFA97FDC, 3F955D79F65DAE098B1F6AFC0475041C0C1A012195160E59C2D8C08287CE1D05 ] C:\Windows\System32\PortableDeviceTypes.dll
19:59:50.0915 0x1490  C:\Windows\System32\PortableDeviceTypes.dll - ok
19:59:50.0921 0x1490  [ 744F08CF9ACFFB1C715191D04DEEE907, 22FD4A3BA5F6424EEC0310AF9D0184599F1F820201CF643311FB6527A0BC2016 ] C:\Windows\System32\srchadmin.dll
19:59:50.0921 0x1490  C:\Windows\System32\srchadmin.dll - ok
19:59:50.0925 0x1490  [ 2CDAF8849A20D8DF8ACCE36BBB8849F3, A2A2D7D523D7E26EB14ECB70A8F1C45E6E27D8298B9385E4C6E17473EB0FEEBA ] C:\Windows\System32\cscobj.dll
19:59:50.0925 0x1490  C:\Windows\System32\cscobj.dll - ok
19:59:50.0930 0x1490  [ 5193DE33F3284C447E0D31DAFBF92570, EA0F12B0C2F9DD4EA651BD96FC88AE5584364F2C0D4138E8E3D4F18F226717FE ] C:\Windows\System32\webcheck.dll
19:59:50.0930 0x1490  C:\Windows\System32\webcheck.dll - ok
19:59:50.0936 0x1490  [ 4ACEA0C4BB15ACE55E3AE5EC4E88DD55, 3014464C3A1E4D653A378CE6DFB22911B1B0F98EA8D3F6AD9AAD7399E319795C ] C:\Windows\System32\SyncCenter.dll
19:59:50.0936 0x1490  C:\Windows\System32\SyncCenter.dll - ok
19:59:50.0941 0x1490  [ 0B5AC46982E77CAF3EC1D55C9AC6AB56, D13A98929C5A4F0BBC24F2C5DEC13D850563E6745EACA0196179D7DCBA0DE8DC ] C:\Windows\System32\wscntfy.dll
19:59:50.0941 0x1490  C:\Windows\System32\wscntfy.dll - ok
19:59:50.0947 0x1490  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] C:\Windows\System32\drivers\cdfs.sys
19:59:50.0947 0x1490  C:\Windows\System32\drivers\cdfs.sys - ok
19:59:50.0953 0x1490  [ 9B0726A03B790E5B82BED44D24009BEF, F82F3379C2D399B64BE4A9B10B85B4CE8D3C75F7BAA5BF3938A6E5DFC2826F13 ] C:\Windows\System32\imapi2.dll
19:59:50.0953 0x1490  C:\Windows\System32\imapi2.dll - ok
19:59:50.0958 0x1490  [ C861851A0BBD9903E324487011AA3705, D7A6092F0A2FECC08F19520A801084E821B4FCC4D588818A8D232AE9257E7EC0 ] C:\Program Files\ATI\ATI.ACE\Core-Static\MOM.exe
19:59:50.0959 0x1490  C:\Program Files\ATI\ATI.ACE\Core-Static\MOM.exe - ok
19:59:50.0964 0x1490  [ EF24642D5FB52A1EEF56DE9E47CBB993, C1B7EF50AC869BFA465C70BEC69F852C69DC51A5F82F183149322A06DF17FED4 ] C:\Windows\System32\mfc42.dll
19:59:50.0964 0x1490  C:\Windows\System32\mfc42.dll - ok
19:59:50.0971 0x1490  [ A7495E342A2EE0160812AC856C11F6CF, 3D67385DC3115BB1D8544E8596FECC972D205BC84BAD4F4DD01CBA9783B66199 ] C:\Users\x\AppData\Local\Google\Update\1.3.22.3\goopdate.dll
19:59:50.0971 0x1490  C:\Users\x\AppData\Local\Google\Update\1.3.22.3\goopdate.dll - ok
19:59:50.0976 0x1490  [ 84B8827562B005C118CADBA0F25DB2C6, 3AA79E62EDCFB994200B29A89C267E5391BBF4DA6E5508814DA52DB801C80FE2 ] C:\Windows\System32\dsound.dll
19:59:50.0976 0x1490  C:\Windows\System32\dsound.dll - ok
19:59:50.0982 0x1490  [ 621911535B11B0465F794BDB0301C63D, 9E0A072ECFE1FD4354AE895537123656DC8F672B4F071676D6F9A152B21AD43D ] C:\Windows\System32\W32N55.dll
19:59:50.0982 0x1490  C:\Windows\System32\W32N55.dll - ok
19:59:50.0988 0x1490  [ 465680BDE344CE4FF6646626AA3A9125, DF762666DB5E7C31B0EC64976C85B5D6533805AF2D4FC9BCFF9FB94AAF823E8D ] C:\Users\x\AppData\Local\Google\Update\1.3.22.3\GoogleCrashHandler.exe
19:59:50.0988 0x1490  C:\Users\x\AppData\Local\Google\Update\1.3.22.3\GoogleCrashHandler.exe - ok
19:59:50.0994 0x1490  [ B17480E284B378EDE987EEE032ED103E, 2630413BBCB3B10DA48C292274C32873513D1BEDFCA3AA56D5BC4A2E73787C43 ] C:\Program Files\Microsoft Security Client\MsMpRes.dll
19:59:50.0994 0x1490  C:\Program Files\Microsoft Security Client\MsMpRes.dll - ok
19:59:50.0999 0x1490  [ ACE70F0DFE469CD10252B5C251F60C8A, 204F6DC5FA68DD10AB0C68F9E99AE85FB4E697AE80EDCBE7EE256B19ECF06FAE ] C:\Program Files\MicroStar\WLANUtility\WLAN_Service.exe
19:59:51.0000 0x1490  C:\Program Files\MicroStar\WLANUtility\WLAN_Service.exe - ok
19:59:51.0006 0x1490  [ 3A72AB0BAF2DC1AE0BA6E1EE28FFCC0B, 18E49D5B2E0B055683FB63DD9A2CC1DECFA22C210C6C8F09C79D7E73C9B01451 ] C:\Windows\System32\msftedit.dll
19:59:51.0006 0x1490  C:\Windows\System32\msftedit.dll - ok
19:59:51.0011 0x1490  [ 4E50C77A7558367FCDD79F24C34FA4AB, 18FBC841EA0D62C6FF5B7724210E8D155998787F4775DA1787AD509BD36558FE ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\c0df7e124d8d5e2821fd7d3921d404f7\System.Drawing.ni.dll
19:59:51.0012 0x1490  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\c0df7e124d8d5e2821fd7d3921d404f7\System.Drawing.ni.dll - ok
19:59:51.0018 0x1490  [ 91DD75A62D5F1F63E08660001FE7AF13, C5CF1D58AC4590E68B768F65A8E24712D62D2F19BF69B03E2CD8AF58CD505A55 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\73d9bc894522543b561a0342dac87c06\System.Windows.Forms.ni.dll
19:59:51.0018 0x1490  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\73d9bc894522543b561a0342dac87c06\System.Windows.Forms.ni.dll - ok
19:59:51.0024 0x1490  [ D475BBD6FEF8DB2DDE0DA7CCFD2C9042, 8E9D77A216D8DD2BE2B304E60EDF85CE825309E67262FCFF1891AEDE63909599 ] C:\Program Files\Microsoft Security Client\sqmapi.dll
19:59:51.0024 0x1490  C:\Program Files\Microsoft Security Client\sqmapi.dll - ok
19:59:51.0030 0x1490  [ C0ABD66F31C0B84CD944802E6D3D02C2, FCB7316FBA1F37EAA0036CE6A075C55FBBCB58C4444B053963E540517E95D636 ] C:\Windows\System32\bthprops.cpl
19:59:51.0030 0x1490  C:\Windows\System32\bthprops.cpl - ok
19:59:51.0035 0x1490  [ E2554540B42EEAE89C17A708EA61854F, FD8999E1FEDF9FE4C3067877A0A5DA7F007B8F944FC2E43644F0533A1A544881 ] C:\Windows\System32\FXSST.dll
19:59:51.0035 0x1490  C:\Windows\System32\FXSST.dll - ok
19:59:51.0041 0x1490  [ A4CB04C22EC6D8BC799AE7E3C8290510, 19BFF62BBFAD669E83E797F2313E5289F9AE4EC296ED4CFFBF557EFCFA28AF8A ] C:\Windows\System32\FXSAPI.dll
19:59:51.0041 0x1490  C:\Windows\System32\FXSAPI.dll - ok
19:59:51.0046 0x1490  [ DFBA0F60FA301E5B1BFB1403A93EE23E, 727A01AA77BFD6B6FEB394A4C4CCBDB785987A1904F8EED3739A5F6D03C15965 ] C:\Windows\System32\FXSSVC.exe
19:59:51.0046 0x1490  C:\Windows\System32\FXSSVC.exe - ok
19:59:51.0052 0x1490  [ 58EAA4665D531F542BE546F92C06431B, 11EC24D47B264BEAB3DCA56629E9BD6CE86A812F1B5E5348AB37888BF2199654 ] C:\Program Files\ATI\ATI.ACE\Core-Static\MOM.Implementation.dll
19:59:51.0052 0x1490  C:\Program Files\ATI\ATI.ACE\Core-Static\MOM.Implementation.dll - ok
19:59:51.0058 0x1490  [ 76F7AEDCBDE7DE3E797C56A889747363, D779B3D9FDE15D630AAE5AEA79B965F6EF3A8DF15A205EE982EB1C49E3B52627 ] C:\Program Files\ATI\ATI.ACE\Core-Static\LOG.Foundation.dll
19:59:51.0058 0x1490  C:\Program Files\ATI\ATI.ACE\Core-Static\LOG.Foundation.dll - ok
19:59:51.0064 0x1490  [ AD08EF8F8324E41FA7C69C39729C0E79, 6818B60B6CC4370B591AD53AB5B6022F5AD5E99F0BC17F342887CA0D09E166CE ] C:\Program Files\ATI\ATI.ACE\Core-Static\LOG.Foundation.Private.dll
19:59:51.0064 0x1490  C:\Program Files\ATI\ATI.ACE\Core-Static\LOG.Foundation.Private.dll - ok
19:59:51.0071 0x1490  [ 0044AB272506597E2A27AC8FEC8D8093, 3E856B5083726CF1E405F697513B3E6F9A258FB1E90DA486E6A3118D50410C4E ] C:\Program Files\ATI\ATI.ACE\Core-Static\LOG.Foundation.Implementation.dll
19:59:51.0071 0x1490  C:\Program Files\ATI\ATI.ACE\Core-Static\LOG.Foundation.Implementation.dll - ok
19:59:51.0077 0x1490  [ 29DBE4457B7CA72C0EA1FFCED71504AB, 55273372B8ACE3B00AF4F009C62B4A4B916A0BFB60317ADEB6ACFC8A035910DB ] C:\Program Files\ATI\ATI.ACE\Core-Static\MOM.Foundation.dll
19:59:51.0077 0x1490  C:\Program Files\ATI\ATI.ACE\Core-Static\MOM.Foundation.dll - ok
19:59:51.0082 0x1490  [ 21DADC477AF85F85FB3E0A0B5691E1F5, 30B3560B5218692330BF61FD39B1B98104A4B8B9C3F6D852ABA41BE174CEC5F4 ] C:\Program Files\ATI\ATI.ACE\Core-Static\LOG.Foundation.Implementation.Private.dll
19:59:51.0083 0x1490  C:\Program Files\ATI\ATI.ACE\Core-Static\LOG.Foundation.Implementation.Private.dll - ok
19:59:51.0089 0x1490  [ 36056E713DE89344F4CDD6D1522721D9, 444C943A324E05AA44B27076A6E4B4D1568C2180998A72A6A3E69461D63E7B5C ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b167ef6967ad27503c6ac6aabcef1aff\System.Runtime.Remoting.ni.dll
19:59:51.0089 0x1490  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b167ef6967ad27503c6ac6aabcef1aff\System.Runtime.Remoting.ni.dll - ok
19:59:51.0095 0x1490  [ D28C5A1411BB0B47E05E0D6AAF896690, F2164C69C089E5F9A32207E6B36808861692FA923318BFF23447A34B2157CDEA ] C:\Program Files\ATI\ATI.ACE\Core-Static\CCC.exe
19:59:51.0095 0x1490  C:\Program Files\ATI\ATI.ACE\Core-Static\CCC.exe - ok
19:59:51.0101 0x1490  [ 1DB97A40843DFF6F743E269419FAA412, 40AD49C46B110089C4006C6470E7FC95243B82548F8F5E473F916A6F7ACA67D6 ] C:\Program Files\ATI\ATI.ACE\Core-Static\CCC.Implementation.dll
19:59:51.0101 0x1490  C:\Program Files\ATI\ATI.ACE\Core-Static\CCC.Implementation.dll - ok
19:59:51.0107 0x1490  [ 672630A60770116A36003FA9CA1E2D17, E4725E5D131918B1F601D0437BFE1E1C5999270400909DD673A900458E85557F ] C:\Program Files\ATI\ATI.ACE\Core-Static\CLI.Foundation.dll
19:59:51.0107 0x1490  C:\Program Files\ATI\ATI.ACE\Core-Static\CLI.Foundation.dll - ok
19:59:51.0113 0x1490  [ 5793DC788F187C802A56450107C5424A, B44ED7BE03C3738F8139A81F7471E601C4332DDC2E2DD65E376F228536D2FA34 ] C:\Program Files\ATI\ATI.ACE\Core-Static\MMLoadDrv.exe
19:59:51.0113 0x1490  C:\Program Files\ATI\ATI.ACE\Core-Static\MMLoadDrv.exe - ok
19:59:51.0119 0x1490  [ CF80F3DC76AB72099489AA6359930B5C, 8BFF4C0A46F441C060D4AE7C96079A3FE83A4A6F429C131E688D22E450276F25 ] C:\Program Files\ATI\ATI.ACE\Core-Static\CLI.Foundation.XManifest.dll
19:59:51.0119 0x1490  C:\Program Files\ATI\ATI.ACE\Core-Static\CLI.Foundation.XManifest.dll - ok
19:59:51.0125 0x1490  [ 67EC459E42D3081DD8FD34356F7CAFC1, 1221A09484964A6F38AF5E34EE292B9AFEFCCB3DC6E55435FD3AAF7C235D9067 ] C:\Program Files\ATI\ATI.ACE\Core-Static\msvcr100.dll
19:59:51.0125 0x1490  C:\Program Files\ATI\ATI.ACE\Core-Static\msvcr100.dll - ok
19:59:51.0131 0x1490  [ C43DECDAC58C0A43E0376A216590F40A, ABA49C9F5CE0E25E915CC8921794F20DBD6BAC8B1FF429D92C5CD4234FB9F2CB ] C:\Windows\System32\quartz.dll
19:59:51.0131 0x1490  C:\Windows\System32\quartz.dll - ok
19:59:51.0137 0x1490  [ EFD278F8129EE12F1D4AE0250494B791, DD8DA066EBFE938334BEBCDF70340F79C8FFB5AF328FE5DF2472AE6C7987FE1F ] C:\Windows\System32\dxva2.dll
19:59:51.0137 0x1490  C:\Windows\System32\dxva2.dll - ok
19:59:51.0143 0x1490  [ 9179F3EA138B0F4870BFBC5FCC1E250F, C6BDA16A0D2DF1EAD3A375AE93E0103A758BA69AE82E0DB9BF174AE2D08DC7D7 ] C:\Program Files\ATI\ATI.ACE\Core-Static\CLI.Component.Runtime.dll
19:59:51.0143 0x1490  C:\Program Files\ATI\ATI.ACE\Core-Static\CLI.Component.Runtime.dll - ok
19:59:51.0149 0x1490  [ CC03FFFAC346CFA50543A1361F7620F5, 651B7A3B8E2112FE9EE5DDA3949D26C2F111543ADB67B0A109DA3775634FF580 ] C:\Program Files\ATI\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.Private.dll
19:59:51.0149 0x1490  C:\Program Files\ATI\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.Private.dll - ok
19:59:51.0155 0x1490  [ DDECC310A1FBDAC44AC778FAF2B57935, 70753AC6EEEAFBDD11B4157148ADD068CE6E219D863677AC3800EA13959A4234 ] C:\Program Files\ATI\ATI.ACE\Core-Static\CLI.Foundation.Private.dll
19:59:51.0155 0x1490  C:\Program Files\ATI\ATI.ACE\Core-Static\CLI.Foundation.Private.dll - ok
19:59:51.0161 0x1490  [ F7AB9EB8D82C520C40DD8461735F3860, 4356D5CDF8C81FCC2087D397E5866BF15F229B45538CB4B49C1C7492DB1618B7 ] C:\Program Files\ATI\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.dll
19:59:51.0161 0x1490  C:\Program Files\ATI\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.dll - ok
19:59:51.0168 0x1490  [ A28FA964E7A6882568430BCBC60A6637, 104EB121108F1ED5F29EBD27887C87EEC1DFC9B003AAF44B22AFEE5357567744 ] C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.DLL
19:59:51.0168 0x1490  C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.DLL - ok
19:59:51.0173 0x1490  [ BD740E5B6B12BE039F34CD3075B8D0EC, FD215ED981EF4C00EF564A0B4E3A57125E11B2470B20ABDCE35EE41B35888AB9 ] C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2791.31988__90ba9c70f846762e\CLI.Foundation.DLL
19:59:51.0173 0x1490  C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2791.31988__90ba9c70f846762e\CLI.Foundation.DLL - ok
19:59:51.0177 0x1490  [ 219AF0F9A54EBEEB3E7E20025D801034, B1E5607C27A7475FFF843428F2FBFA85ACA9829D8AA218CB1AB7B8E108F74DD7 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
19:59:51.0177 0x1490  C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
19:59:51.0183 0x1490  [ 376A9B411BF8B77D5BF84B24D0C7DACD, D8AA789BF45ADBD7A61AA385A06C7F4081234AA2C3D8FB6B7C4C50DBD752A597 ] C:\Users\x\AppData\Local\Google\Chrome\Application\chrome.exe
19:59:51.0183 0x1490  C:\Users\x\AppData\Local\Google\Chrome\Application\chrome.exe - ok
19:59:51.0189 0x1490  [ F3CA098ED00C23968742ACA972F7D8D0, A63720E7FFAB2E9DC727FDD7CD1F427BF01A303188B8562E7590571960DA3C82 ] C:\Users\x\AppData\Local\Google\Chrome\Application\31.0.1650.63\chrome.dll
19:59:51.0190 0x1490  C:\Users\x\AppData\Local\Google\Chrome\Application\31.0.1650.63\chrome.dll - ok
19:59:51.0196 0x1490  [ 715E71C6F8181485994CAFC6DB6064AB, C3F5C5E473C715170842751B79D46CABA5F06C4D330E5623BEAC6FFF39A6E3FF ] C:\Users\x\AppData\Local\Google\Chrome\Application\31.0.1650.63\icudt.dll
19:59:51.0196 0x1490  C:\Users\x\AppData\Local\Google\Chrome\Application\31.0.1650.63\icudt.dll - ok
19:59:51.0203 0x1490  [ F4299318F24C49B1ABBE7276EECC99FC, 5A25763240757E44A3B116E4565D26B58EB6DFDD545655B9D6CB95F9164579D4 ] C:\Users\x\AppData\Local\Google\Chrome\Application\31.0.1650.63\chrome_child.dll
19:59:51.0203 0x1490  C:\Users\x\AppData\Local\Google\Chrome\Application\31.0.1650.63\chrome_child.dll - ok
19:59:51.0209 0x1490  [ FC59131E7DB17AEE3C326E63502D3E16, 6A7CAF53BA2D5CCF25B7BC56BF8D0F83AED493041693A02762BB201CC256BA50 ] C:\Users\x\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll
19:59:51.0209 0x1490  C:\Users\x\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll - ok
19:59:51.0215 0x1490  [ 4F5BBEFFA8E716DAD5FED3ED0160DC4D, 55ACAFF3B17B72A44CEDA0EB20E3CF40FF3FBA9624810025CCD18A2DC105E9DC ] C:\Users\x\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppgooglenaclpluginchrome.dll
19:59:51.0215 0x1490  C:\Users\x\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppgooglenaclpluginchrome.dll - ok
19:59:51.0221 0x1490  [ 56068EF06AA8F67CA3F4418F2C804B94, AE6FBEED89A3B9B8EFC954DAABD9D74F1D67268BA2BFE14AF5207D2F59749811 ] C:\Users\x\AppData\Local\Google\Chrome\Application\31.0.1650.63\libpeerconnection.dll
19:59:51.0221 0x1490  C:\Users\x\AppData\Local\Google\Chrome\Application\31.0.1650.63\libpeerconnection.dll - ok
19:59:51.0227 0x1490  [ DCC3AD3254D510114D95F40C93DE3D25, 55ADF5378B232D83D2C5EC657439FC83D6C1B8FA563580112E937136D4950C9C ] C:\Users\x\AppData\Local\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
19:59:51.0227 0x1490  C:\Users\x\AppData\Local\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll - ok
19:59:51.0233 0x1490  [ 3A2EEE8444A8E5C1A454C57B2198F5FC, 6B21A65BBCF9E86193BD8ABC3FAE897B4EB55758E52BE4B9F24BE1C98C73A333 ] C:\Windows\System32\ntlanman.dll
19:59:51.0233 0x1490  C:\Windows\System32\ntlanman.dll - ok
19:59:51.0239 0x1490  [ 582EFE56FC0858E58A6CEBA2A64B02C7, 569F05DC50651165FD734C19767C10E7C9DFF03157B8222C59544A35A38E1C75 ] C:\Windows\System32\drprov.dll
19:59:51.0239 0x1490  C:\Windows\System32\drprov.dll - ok
19:59:51.0245 0x1490  [ CFBD2E1FE18B50748A76703A2DC6D4E3, 5D553B3CBCC404555DEE7F58102B62A02A968EEDB99E1029624327F0A914D08E ] C:\Windows\System32\davclnt.dll
19:59:51.0245 0x1490  C:\Windows\System32\davclnt.dll - ok
19:59:51.0252 0x1490  [ 7BEDD051B53821B040EAD42DB0724848, 42C4495E5D524496A9FF879648B4D1B2998B2AAB49FA612E9630BCD5D629476A ] C:\Windows\System32\WerFault.exe
19:59:51.0252 0x1490  C:\Windows\System32\WerFault.exe - ok
19:59:51.0256 0x1490  [ 77784A2BD5912A4EC6284255865526BC, 51C71009141D86D1573FA85177F5A1FB64534BA39E6CB6E74B41FDF94206D2FC ] C:\Windows\System32\Faultrep.dll
19:59:51.0257 0x1490  C:\Windows\System32\Faultrep.dll - ok
19:59:51.0262 0x1490  [ 447983959A8CF49C4CC3B65DED69AF28, 666E60C496E7C319BDCE35A417D97520C229C6DD479F83C682D5F26C5B7160FA ] C:\Windows\System32\dbgeng.dll
19:59:51.0262 0x1490  C:\Windows\System32\dbgeng.dll - ok
19:59:51.0268 0x1490  [ 43E6F2A7FB182F2D7CB0CE5B8F1005CF, 2EF94DD41371274ABF2441B66AB5E0ECFD6B139120CA40CE306BD0E39779AFB7 ] C:\Program Files\Internet Explorer\iexplore.exe
19:59:51.0268 0x1490  C:\Program Files\Internet Explorer\iexplore.exe - ok
19:59:51.0273 0x1490  [ 602FF475B847C5B22D6D46FEA8B546C6, BCD0A0E7FE0EF9A662DAA5EE1A6973A6551D18B4EDDAEEDC410F120A6063B5A0 ] C:\Program Files\Internet Explorer\sqmapi.dll
19:59:51.0274 0x1490  C:\Program Files\Internet Explorer\sqmapi.dll - ok
19:59:51.0279 0x1490  [ E8F37AF4D09972684D9EE1786901F540, E663331CC633D93A99ED0DF879A4C7026643E3A4780939C8FC4E5F4FE21B2FBB ] C:\Windows\System32\ieui.dll
19:59:51.0279 0x1490  C:\Windows\System32\ieui.dll - ok
19:59:51.0285 0x1490  [ 73B5D37E60E8A7553EE707A45413CB84, B70D8F8B626DF7491B8936EC5BA3E753FB3759F7253E401C027D59459FF851CB ] C:\Program Files\Internet Explorer\IEShims.dll
19:59:51.0285 0x1490  C:\Program Files\Internet Explorer\IEShims.dll - ok
19:59:51.0291 0x1490  [ 7E4F5183A705FBE2884023A522ED1121, 2EE1FBC496C089398D7BD424384A0D408C77BB591D7CB2845AE13C43A969562C ] C:\Program Files\Internet Explorer\ieproxy.dll
19:59:51.0291 0x1490  C:\Program Files\Internet Explorer\ieproxy.dll - ok
19:59:51.0296 0x1490  [ E828C391BB999BD85C15DA20B51CDF9C, D6133176C868FEEA16169B4EBFF08A382650844726D21D78577E48C89BC35DD3 ] C:\Windows\System32\d2d1.dll
19:59:51.0297 0x1490  C:\Windows\System32\d2d1.dll - ok
19:59:51.0302 0x1490  [ 9BD443B52350D2784544B637F103EBCF, 5E776B7D469A4E7D4CCFD1B0A9340CC4BDDEA10561CFD829D96CD8E30EBCF241 ] C:\Windows\System32\DWrite.dll
19:59:51.0302 0x1490  C:\Windows\System32\DWrite.dll - ok
19:59:51.0308 0x1490  [ 32DB02F09B30C20EF2F66EF4EC3E816D, 69DD2329F3FBA0BE883AC30BCF219AF4E9E6F8FF8FA7EEF57900A2EF184F8748 ] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
19:59:51.0308 0x1490  C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll - ok
19:59:51.0313 0x1490  [ AAAE543C535ED596ECAD2AB8761C2C6F, E10E03D5E7A8A7257EA29EA3D045B9E169099BF7B224458806EC2918BD7AD161 ] C:\Windows\System32\dxgi.dll
19:59:51.0313 0x1490  C:\Windows\System32\dxgi.dll - ok
19:59:51.0319 0x1490  [ 1D1C3BBA2191F0F5B14555757DDB729A, 0050EEC0E8B4CFC7675E7C099CC379B1AEB36003ABB73E89435E1747DE171C93 ] C:\Windows\System32\d3d10_1.dll
19:59:51.0319 0x1490  C:\Windows\System32\d3d10_1.dll - ok
19:59:51.0325 0x1490  [ 2434237DFBC70483B63A667B9573891E, 35F4D31A947C4E843B63D1F4D5474B56C983AB2F84F2375753596FDD317AC7DB ] C:\Windows\System32\d3d10_1core.dll
19:59:51.0325 0x1490  C:\Windows\System32\d3d10_1core.dll - ok
19:59:51.0330 0x1490  [ E9C61D777972900DD8835762F159D2D9, 3904747020ADA764D6D30144DFDCE74542D6CA28CBC412EB3FA9D2391218B1ED ] C:\Windows\System32\atiuxpag.dll
19:59:51.0330 0x1490  C:\Windows\System32\atiuxpag.dll - ok
19:59:51.0336 0x1490  [ 804B5F3E4EDAB2EBC4A5704C102EE29F, EE70652B38BBF8D96705088AF71E32D5CFADC884C5104A1CC1A02E6FB6AEFCF8 ] C:\Windows\System32\atidxx32.dll
19:59:51.0337 0x1490  C:\Windows\System32\atidxx32.dll - ok
19:59:51.0342 0x1490  [ 897493762A427D94B66A30EE6AB35966, A1F7B4BA6CBDFE654CA2C307F983ACD3884E6D79E2304C238BF13206D9D43C4E ] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
19:59:51.0342 0x1490  C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll - ok
19:59:51.0348 0x1490  [ 49F948CC887587CA8F933CB0B6F2C8AC, C5A5191714A1B5D9406CE37201224E278AA460A096CAD7A4112031D28E21582F ] C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
19:59:51.0348 0x1490  C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll - ok
19:59:51.0355 0x1490  [ 67EC459E42D3081DD8FD34356F7CAFC1, 1221A09484964A6F38AF5E34EE292B9AFEFCCB3DC6E55435FD3AAF7C235D9067 ] C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\msvcr100.dll
19:59:51.0355 0x1490  C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\msvcr100.dll - ok
19:59:51.0360 0x1490  [ 9BD7053026B4435E882C7161DF5DADFA, D436FA6DE7DA11FFAB1FB2F137A720A4F3794A67ADCA5FB7B55F43D40878E91A ] C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\deploy.dll
19:59:51.0361 0x1490  C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\deploy.dll - ok
19:59:51.0366 0x1490  [ 795202EFA9ED73F99C96235C1DC6A1AC, CB6D51FD9C88BCA11D6FF2EA7C8EBC1AB86A2FF774C2E47A1788E50B31483569 ] C:\Windows\System32\jscript9.dll
19:59:51.0366 0x1490  C:\Windows\System32\jscript9.dll - ok
19:59:51.0372 0x1490  [ AC6B8F8058EE27932F9AF8A2D959D201, 64DA78BC39DFECCB74584BB795155EF13BE8A0F35C245FA967F38AC633FDD195 ] C:\Windows\System32\msimtf.dll
19:59:51.0372 0x1490  C:\Windows\System32\msimtf.dll - ok
19:59:51.0378 0x1490  [ CA493A92DA9880B6F1A89C3DBD54BA5B, F37E8A3C424AC15C85198692046ED98540F01CF5E96D91A887028EAAAE5B92A2 ] C:\Windows\System32\dxtrans.dll
19:59:51.0378 0x1490  C:\Windows\System32\dxtrans.dll - ok
19:59:51.0385 0x1490  [ 734DAA4FEAC6905BCFB30410D6C7E003, 885BDA2C8836EEDE2205E080E642BA547E4EC5F408E4BE9DEF2E6F958F6ECD7E ] C:\Windows\System32\ddrawex.dll
19:59:51.0385 0x1490  C:\Windows\System32\ddrawex.dll - ok
19:59:51.0389 0x1490  [ FA2A3AFADC4FB47DBC234A4E57F92CDB, D8394B8BD8919D3CACA73ECB23B156B460D18E463FCF7436E4856208F17434AF ] C:\Windows\System32\ddraw.dll
19:59:51.0389 0x1490  C:\Windows\System32\ddraw.dll - ok
19:59:51.0394 0x1490  [ EF764E33878B3A4A9E5A2FB5D0D031D0, 02D5A718AE02F07B304377B4A1FF7BC4456489F020CFE797B6E98A0344EA63DE ] C:\Windows\System32\dciman32.dll
19:59:51.0394 0x1490  C:\Windows\System32\dciman32.dll - ok
19:59:51.0402 0x1490  [ 4312DEBDACBE338F0B90E7F08E7672BE, 653890994337BE6503E789F2A55BBADBADB16379553FD5549D4A7AF5ED3F780B ] C:\Windows\System32\dxtmsft.dll
19:59:51.0402 0x1490  C:\Windows\System32\dxtmsft.dll - ok
19:59:51.0406 0x1490  [ E0F15C8A63D2FCC40D0A6F9354DF0118, 260866B0D1D3126E70EB93F8C434C2C0F5500AD06DA1C8CF667216C3CA4E2736 ] C:\Windows\System32\d3d10.dll
19:59:51.0406 0x1490  C:\Windows\System32\d3d10.dll - ok
19:59:51.0411 0x1490  [ 2067598D57CCD988A88BBBDDD6EAE13D, 7FC9F14149184100687CC716EBA0A1F66A5E4D8AE3499304B8C57B8B312CE844 ] C:\Windows\System32\d3d10core.dll
19:59:51.0411 0x1490  C:\Windows\System32\d3d10core.dll - ok
19:59:51.0418 0x1490  [ 62D52399F346C33FFAD007A7D6F3D863, 423B9CEA1EAE4016B7CEB4045AFD72A25A67855A548690C6CB1A5ECC0464A85F ] C:\Windows\System32\Macromed\Flash\Flash32_11_9_900_170.ocx
19:59:51.0418 0x1490  C:\Windows\System32\Macromed\Flash\Flash32_11_9_900_170.ocx - ok
19:59:51.0423 0x1490  [ 30A742FFCEA6661E501C44DC273C77B1, 444B26B20D942C572322B8922C8AB317A2187D300B4139CEA2EAF6D5CC3C7914 ] C:\Windows\System32\dinput8.dll
19:59:51.0423 0x1490  C:\Windows\System32\dinput8.dll - ok
19:59:51.0427 0x1490  [ 7D13F89BC5A69F92EDE0448CA7F34468, 88EC72B3FF7526F1EE7895721B7D7D76B6E5DDA816F9224BED2F176CDE84F1DC ] C:\Windows\System32\Macromed\Flash\FlashUtil32_11_9_900_170_ActiveX.exe
19:59:51.0427 0x1490  C:\Windows\System32\Macromed\Flash\FlashUtil32_11_9_900_170_ActiveX.exe - ok
19:59:51.0433 0x1490  [ 7E38DA8C11833B99766A97CEE3F80F07, 032D920A92E624D9CFEB337750E64D9890AA69D2A4FA215B157D9EAAF4DA491D ] C:\Windows\System32\oleaccrc.dll
19:59:51.0433 0x1490  C:\Windows\System32\oleaccrc.dll - ok
19:59:51.0441 0x1490  [ 394D4E41DF67636001D1C6D682B88214, 1ACDDB94C714F1AD2171E183179771AA3FAA6B511EC5D7EE13BA2ABE2A138429 ] C:\Windows\System32\Macromed\Flash\FlashUtil32_11_9_900_170_ActiveX.dll
19:59:51.0441 0x1490  C:\Windows\System32\Macromed\Flash\FlashUtil32_11_9_900_170_ActiveX.dll - ok
19:59:51.0444 0x1490  [ 35AAE2E841AA1A949775168E119482C9, 2457985F6113E565DCEBE58A14C644EAE1397CDB50393C03A2A94F279C053D93 ] C:\Windows\System32\msls31.dll
19:59:51.0444 0x1490  C:\Windows\System32\msls31.dll - ok
19:59:51.0451 0x1490  [ 6E724FBDF33F34B8E17854FF1E42E2F7, CA66909964BF8C08E1471F78639B6A07E70D91760F1082BAD574A478C734508B ] C:\Program Files\Common Files\microsoft shared\vgx\VGX.dll
19:59:51.0451 0x1490  C:\Program Files\Common Files\microsoft shared\vgx\VGX.dll - ok
19:59:51.0457 0x1490  [ BFA034AAC103D8A6F591AC9364688339, 89A2F271517474A4F6CEBED174052F5BEAA5034744B63914B1658E9EA617C590 ] C:\Windows\System32\t2embed.dll
19:59:51.0457 0x1490  C:\Windows\System32\t2embed.dll - ok
19:59:51.0463 0x1490  [ 012A965F34414458075EF4F0EDC11536, 2666E54A02434990667F69259213D6F4E9315EED0FC1148942371D3006089432 ] C:\Windows\System32\WindowsCodecsExt.dll
19:59:51.0463 0x1490  C:\Windows\System32\WindowsCodecsExt.dll - ok
19:59:51.0471 0x1490  [ 2424231BBD703A677D115C29983B4293, B33022D9BEE7B8B472A73C242578089D02CD683EBDD41CB519AEDC6C18E5D485 ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
19:59:51.0471 0x1490  C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL - ok
19:59:51.0476 0x1490  [ 68563AC389F92EE79F1C714288BA1DCE, 0C02C6832065E464F057C7095CF172D5FBDCABCE1AC7517F6B1498E625743F51 ] C:\Windows\System32\imgutil.dll
19:59:51.0477 0x1490  C:\Windows\System32\imgutil.dll - ok
19:59:51.0482 0x1490  [ A9182CE59CFC56F9C1DDE8B3C0AE8378, 2B25B1A408AAA36D60D8966F57EA99C832B7F602B27BB7C87659BB6634F7031E ] C:\Program Files\Mozilla Firefox\firefox.exe
19:59:51.0482 0x1490  C:\Program Files\Mozilla Firefox\firefox.exe - ok
19:59:51.0488 0x1490  [ 67EC459E42D3081DD8FD34356F7CAFC1, 1221A09484964A6F38AF5E34EE292B9AFEFCCB3DC6E55435FD3AAF7C235D9067 ] C:\Program Files\Mozilla Firefox\msvcr100.dll
19:59:51.0488 0x1490  C:\Program Files\Mozilla Firefox\msvcr100.dll - ok
19:59:51.0494 0x1490  [ 03E9314004F504A14A61C3D364B62F66, A3BA6421991241BEA9C8334B62C3088F8F131AB906C3CC52113945D05016A35F ] C:\Program Files\Mozilla Firefox\msvcp100.dll
19:59:51.0494 0x1490  C:\Program Files\Mozilla Firefox\msvcp100.dll - ok
19:59:51.0501 0x1490  [ 172968C1302A2A16E90E985A74D3851D, 0A6E019AB867AE4EAF682AE2AC06916B5462A2EB06165712F1B070347BF482C2 ] C:\Program Files\Mozilla Firefox\mozglue.dll
19:59:51.0501 0x1490  C:\Program Files\Mozilla Firefox\mozglue.dll - ok
19:59:51.0505 0x1490  [ 35C4E1E9F67A59F0B9A2A3B06502F7E2, DBAC0188C2613AA6C760053A2523214476CD8C56536B9DB7945EA00379463742 ] C:\Program Files\Mozilla Firefox\nss3.dll
19:59:51.0505 0x1490  C:\Program Files\Mozilla Firefox\nss3.dll - ok
19:59:51.0511 0x1490  [ 09A942074F0FC762A8B5C23B9797DBA2, FB55A823F7255AAFD469C8D733661BC7974291B89F8E28FD1419EFCBFD8C6D21 ] C:\Program Files\Mozilla Firefox\mozjs.dll
19:59:51.0511 0x1490  C:\Program Files\Mozilla Firefox\mozjs.dll - ok
19:59:51.0516 0x1490  [ 18FC46E6FD43A677AF58012B102B8A66, E654187C2D26D6EF6AA770486467BD0F2AB481A2D2BDB206DAABA2C98511E1C4 ] C:\Program Files\Mozilla Firefox\mozalloc.dll
19:59:51.0516 0x1490  C:\Program Files\Mozilla Firefox\mozalloc.dll - ok
19:59:51.0523 0x1490  [ B7D4270E5EC8AEBC7D3A9D8EA9121378, 49795BAC50A3A2A453D276F5230D7ED8166575E12745E36695B459326AD83E78 ] C:\Program Files\Mozilla Firefox\gkmedias.dll
19:59:51.0523 0x1490  C:\Program Files\Mozilla Firefox\gkmedias.dll - ok
19:59:51.0528 0x1490  [ D7FBD0F0DB1A368CDBD93A105D237FF1, 8BE1FD363016C88835A69A234D5DB7385A8314470A313E1699EF154655F0DD59 ] C:\Program Files\Mozilla Firefox\xul.dll
19:59:51.0528 0x1490  C:\Program Files\Mozilla Firefox\xul.dll - ok
19:59:51.0534 0x1490  [ 46CD0225CB4034F56D2EEBA950E6CF0A, 22E070DE8B2E6296A28C38763380CAFD76739571972A0118F301C99C4C2C4EFE ] C:\Program Files\Mozilla Firefox\browser\components\browsercomps.dll
19:59:51.0535 0x1490  C:\Program Files\Mozilla Firefox\browser\components\browsercomps.dll - ok
19:59:51.0541 0x1490  [ 7B22E33F0F082C7F101A1E873C8BD8D3, 2A77F4AC0E4E8E55DCAE3E88F8CF5147C907B9C943AA8977522A0A795D44C6CC ] C:\Program Files\Mozilla Firefox\softokn3.dll
19:59:51.0541 0x1490  C:\Program Files\Mozilla Firefox\softokn3.dll - ok
19:59:51.0546 0x1490  [ D86F17E1BCBB70193F8C303157FF3619, 95B6FC5B8022C3C58027F159D06864635A2E013421B22D5D4785E61BAF1D9B2A ] C:\Program Files\Mozilla Firefox\nssdbm3.dll
19:59:51.0546 0x1490  C:\Program Files\Mozilla Firefox\nssdbm3.dll - ok
19:59:51.0552 0x1490  [ 0F77540203F9B331DC4FDA4123330F01, FC61484E7BB815844068491E1789342A1375873FCDE8169A32562E70CBDCD7B2 ] C:\Program Files\Mozilla Firefox\freebl3.dll
19:59:51.0552 0x1490  C:\Program Files\Mozilla Firefox\freebl3.dll - ok
19:59:51.0557 0x1490  [ 107BC188698BFA88B4404D88D9C33C10, 0E4A2F55CEB727F4E214CFA486F021E5DF49E8D506E33A93A8D6C562A07D6CAD ] C:\Program Files\Mozilla Firefox\nssckbi.dll
19:59:51.0558 0x1490  C:\Program Files\Mozilla Firefox\nssckbi.dll - ok
19:59:51.0563 0x1490  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:59:51.0563 0x1490  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
19:59:51.0570 0x1490  [ 2830A9EFE11204426F429F4F2DFBCD10, 53585E252D220A5AC7827813B4D13004EF0191340A5104F368B61A2472CDE875 ] C:\Program Files\Google\Update\1.3.22.3\goopdateres_en.dll
19:59:51.0570 0x1490  C:\Program Files\Google\Update\1.3.22.3\goopdateres_en.dll - ok
19:59:51.0576 0x1490  [ 408DDD80EEDE47175F6844817B90213E, 836822885D90DAFFD25A7D7EE363F4DACD41AA4B59095243E2798B137DC55FE3 ] C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
19:59:51.0576 0x1490  C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe - ok
19:59:51.0581 0x1490  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] C:\Windows\System32\msdtckrm.dll
19:59:51.0581 0x1490  C:\Windows\System32\msdtckrm.dll - ok
19:59:51.0587 0x1490  [ B0B4C590C0CAE7741DA17E3DC86CC828, B0FD9C7D34B5EEA1346E98AC499E503AB67672FBD3A48CB482E139F1BC05D55E ] C:\Windows\System32\ceutil.dll
19:59:51.0587 0x1490  C:\Windows\System32\ceutil.dll - ok
19:59:51.0592 0x1490  [ 2310A32BB0164552A311BFA02102A3D6, D16930A8512AF0E7B0E5B52F9D84B65E0E79EBB08093A14AD658FD284FBE5CB7 ] C:\Windows\System32\msvcp60.dll
19:59:51.0593 0x1490  C:\Windows\System32\msvcp60.dll - ok
19:59:51.0598 0x1490  [ 5E41139EC6EFBCAFFD96D46925E544AB, 1A3C469A29D35CC0D66150B739EBF0BD551E8AF613E58270E0BB12B65D249090 ] C:\Windows\System32\mspatcha.dll
19:59:51.0598 0x1490  C:\Windows\System32\mspatcha.dll - ok
19:59:51.0604 0x1490  [ BDC0C99E472176C8C2C853A68ADC5073, 9A0A0CEE321C9BAF5545D6CB0BE3E725228B694F331FFACCEB770350AAF2C8C3 ] C:\Windows\System32\wups2.dll
19:59:51.0604 0x1490  C:\Windows\System32\wups2.dll - ok
19:59:51.0609 0x1490  [ 76FD230DEAB73D2826458617DBB56A63, 4ADF8C5379A6B9A4D486B75C1C6DD8A06C707AFDC2645C86EBF030655B5673E4 ] C:\Windows\System32\winusb.dll
19:59:51.0609 0x1490  C:\Windows\System32\winusb.dll - ok
19:59:51.0615 0x1490  [ 8C8C82633A7E90A33E8D7D9617B2B46C, 9EF4D24B904D773FC22D0C47E0CC9A30C6163BAB194A972D0570805763F7E866 ] C:\Windows\WindowsMobile\tcp2udp.dll
19:59:51.0615 0x1490  C:\Windows\WindowsMobile\tcp2udp.dll - ok
19:59:51.0621 0x1490  [ 3379989F06B31347792836DCF028A325, D1689EF16BF6419CD131FBA7683926608AAEBAA540302DCB067F8A60F37ABAF3 ] C:\Windows\System32\rapiproxystub.dll
19:59:51.0621 0x1490  C:\Windows\System32\rapiproxystub.dll - ok
19:59:51.0626 0x1490  [ 523DF3B590D8A353A49235B1B7C571AD, C615305AD3863479DBA95F90BD3F3164F09C437CD2BB747A885599DCC154D98F ] C:\Windows\WindowsMobile\dtptdns.dll
19:59:51.0626 0x1490  C:\Windows\WindowsMobile\dtptdns.dll - ok
19:59:51.0632 0x1490  [ 9B89B3BB79EA1ACF041F40A7B6FC5827, B84A1F43C19D596BC0AE11D3E2ADF0B70172648CB4A488BF3F2AB371E819632F ] C:\Windows\System32\mobsync.exe
19:59:51.0632 0x1490  C:\Windows\System32\mobsync.exe - ok
19:59:51.0638 0x1490  [ D0A95E567224B4C347CBDD6541E5D928, 6CF5AA0B5C48B783A8C300B95E8C75366BC0859B434ACBE5D334AC987462886E ] C:\Windows\System32\wscisvif.dll
19:59:51.0638 0x1490  C:\Windows\System32\wscisvif.dll - ok
19:59:51.0643 0x1490  [ FE3702015BE4D214808A2FBC07B8E5FF, D1C9254994D5266F54349A62B5DEB2C989ADFF65ED460D8B65C20F4063CFACD1 ] C:\Windows\System32\wscproxystub.dll
19:59:51.0643 0x1490  C:\Windows\System32\wscproxystub.dll - ok
19:59:51.0649 0x1490  [ D5D7C7CBDD63C5938C83846B313FCF3B, 710826FEA6E5DD61756F91CA430FC98DFDA661141786D615B11E064E4FCB140D ] C:\Windows\WindowsMobile\BthASPlugin.dll
19:59:51.0649 0x1490  C:\Windows\WindowsMobile\BthASPlugin.dll - ok
19:59:51.0655 0x1490  [ 5D71167F70EF5C1E541EC9F41BBF1306, 515F0E71E81B662645E372E68F8B8BBF61714D797B0D8235B983AF81A4BD9D3C ] C:\Program Files\Microsoft SQL Server\110\COM\replsync.dll
19:59:51.0655 0x1490  C:\Program Files\Microsoft SQL Server\110\COM\replsync.dll - ok
19:59:51.0661 0x1490  [ F9EE4C23A7BDBBB94BBFFF3DA087B431, FC988B3FAD95FD8AD36D829C9BFA2F36DCD517DE674705A3928AD3384354F34F ] C:\Program Files\Microsoft SQL Server\110\COM\instapi110.dll
19:59:51.0661 0x1490  C:\Program Files\Microsoft SQL Server\110\COM\instapi110.dll - ok
19:59:51.0668 0x1490  [ AED80D71E9A5F1BBB3448AEC9A6D8479, DE2763229E43DAD01E134ED6659DE87E0C801982AF2BE2170B9B26943D6CC208 ] C:\Program Files\Microsoft SQL Server\110\COM\Resources\1033\REPLRES.rll
19:59:51.0668 0x1490  C:\Program Files\Microsoft SQL Server\110\COM\Resources\1033\REPLRES.rll - ok
19:59:51.0673 0x1490  [ 7599E425947A595448DA778B610923BC, AA9D3DE8BC0BD8757F87B12B31EF74A1C7828F1686F79D2C2411D8A0939A301E ] C:\Program Files\Windows Media Player\wmpsyncmgr.dll
19:59:51.0673 0x1490  C:\Program Files\Windows Media Player\wmpsyncmgr.dll - ok
19:59:51.0676 0x1490  [ F8D8BB3F6173FFF00128612F33D3197A, 38B9344C0FD56AFCD7974C7B9608B74CD676D97C7F8C9B6ECAED7D5EB0D45810 ] C:\Windows\System32\wbem\WMIADAP.exe
19:59:51.0676 0x1490  C:\Windows\System32\wbem\WMIADAP.exe - ok
19:59:51.0682 0x1490  [ 8B2D61CA83825CEAD423228ACD40CFBC, 31E45FC797DDAD5D929DFF2EBCEA5CB3DA41D56DCDBAF916110B81AC36625F63 ] C:\Windows\System32\loadperf.dll
19:59:51.0682 0x1490  C:\Windows\System32\loadperf.dll - ok
19:59:51.0688 0x1490  [ 9495FCC01D7AB7B60E5B8BA7AEFE9E3D, 93F3EA0BAAD54B7ABF6558B15818BFD239BBFDA395BC909BF9D987C72BC1D1FB ] C:\Windows\System32\wbem\WmiPrvSE.exe
19:59:51.0688 0x1490  C:\Windows\System32\wbem\WmiPrvSE.exe - ok
19:59:51.0693 0x1490  [ 10DE220BDFE330073762F89974DB8403, DCE5F953C42B28552CD4FEF770CB87008F2A99AE11C9486EFA3C8F4F76E153D1 ] C:\Windows\System32\wbem\wmiprov.dll
19:59:51.0693 0x1490  C:\Windows\System32\wbem\wmiprov.dll - ok
19:59:51.0699 0x1490  [ 87CDFFCBD09C1CA03A068343D5D93250, 6689791268ACB44D02BBF0616E448CE20CF414E3A20E189441D0ED26F036394B ] C:\Windows\System32\wmi.dll
19:59:51.0699 0x1490  C:\Windows\System32\wmi.dll - ok
19:59:51.0704 0x1490  [ 95A5497D129D95D12A46F7848AFFE1DB, 1C73F21A9E55949875DE6604B24D2E6B463BE3CB7A0D1A371A4F6EEE2520B8BA ] C:\Windows\System32\comsvcs.dll
19:59:51.0705 0x1490  C:\Windows\System32\comsvcs.dll - ok
19:59:51.0710 0x1490  [ 27E7C315861C59FA3C347046A6E39882, D5B5797B7760E9E467E6E74A7A0EF533B47C89C0D64E032387D40517A59454F5 ] C:\Windows\System32\mtxoci.dll
19:59:51.0710 0x1490  C:\Windows\System32\mtxoci.dll - ok
19:59:51.0715 0x1490  [ E44C7D6F8D665DA2D9385E5E15EDEEF7, 4BEB421019D7D2177D46D08227103A930C6AE35B2EFF6D17217734ED0C8EE96F ] C:\Windows\System32\consent.exe
19:59:51.0715 0x1490  C:\Windows\System32\consent.exe - ok
19:59:51.0721 0x1490  [ F07FEAE5D9BFCF4BECD5A36F94C0A639, 381E0BF6FBB621BF600A822396089DF7AB669DAC6DD6E88979E02462FCD8D9CE ] C:\Program Files\Microsoft Security Client\MsMpCom.dll
19:59:51.0721 0x1490  C:\Program Files\Microsoft Security Client\MsMpCom.dll - ok
19:59:51.0741 0x1490  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.4.304.0 ), 0x60000 ( disabled : updated )
19:59:51.0747 0x1490  Win FW state via NFP2: disabled
19:59:54.0271 0x1490  ============================================================
19:59:54.0271 0x1490  Scan finished
19:59:54.0271 0x1490  ============================================================
19:59:54.0283 0x1488  Detected object count: 0
19:59:54.0283 0x1488  Actual detected object count: 0
20:00:45.0054 0x0c68  Deinitialize success


#13 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,539 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:09:12 PM

Posted 15 December 2013 - 03:59 PM

Are you still being redirected? I see no issues on these reports.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#14 Pseudorious

Pseudorious
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:12 PM

Posted 15 December 2013 - 07:02 PM

I am.  I test my browser after each run. 

 

 

Are you still being redirected? I see no issues on these reports.


Edited by Pseudorious, 15 December 2013 - 07:04 PM.


#15 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,539 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:09:12 PM

Posted 15 December 2013 - 09:55 PM

Lets take a deeper look.

Download OTS.exe by OldTimer to your Desktop. OTS can be detected as malware. Disable your security during this process.
  • Close any open browsers.
  • Double-click on OTS.exe to start the program.
  • Leave all settings as they appear as default, except for the following:
    • Under File Age, select 30.
    • Under Drivers, select "All".
    • Under Registry, select "All".
    • Under Additional Scans, click on the "Extras" button.
  • Now click the Run Scan button on the toolbar.
  • The program will be scanning huge amounts of data so depending on your system it could take a long time to complete. Let it run unhindered until it finishes.
  • When the scan is complete Notepad will open with the report file loaded in it.
  • Save that notepad file
Use the Reply button and attach the notepad file here (Do not copy and paste in a reply, rather attach it to it).

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users