Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Removal of Win64/Rovnix.gen!C logs


  • This topic is locked This topic is locked
23 replies to this topic

#1 gillybean

gillybean

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Canada
  • Local time:08:41 AM

Posted 03 March 2014 - 10:12 PM

Hello,

 

I have a Dell Inspiron 1545 with Windows 7 Home Premium 64 bit.
I have had this virus "Win64/Rovnix.gen!C" show up during a Windows Live Essentials today. I have also ran a full scan using Malwarebytes Anti-Malware but it isn't show up on there. I ran Windows Defender offline this am and nothing showed up anywhere.

 

Please help! I use my pc for business and trying to get rid of this virus once and for all. I do not have the install CD for this laptop as it came pre-installed.

 

Thanks,

Gillybean

 

I followed the instructions on a similar post and here are my logs;

 

Security Check

 

Results of screen317's Security Check version 0.99.79  
   x64   
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Security Center service is not running! This report may not be accurate!
Microsoft Security Essentials   
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware version 1.75.0.1300  
 TuneUp Utilities 2012   
 TuneUp Utilities Language Pack (en-US)
 Duplicate File Cleaner v2.6

 

FSS

 

Farbar Service Scanner Version: 25-02-2014
Ran by Admin (administrator) on 03-03-2014 at 18:25:27
Running from "C:\Users\Admin\Documents\My Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

 

Mini Tool Bar

 

MiniToolBox by Farbar  Version: 23-01-2014
Ran by Admin (administrator) on 03-03-2014 at 18:30:13
Running from "C:\Users\Admin\Documents\My Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================



127.0.0.1 secure.tune-up.com
127.0.0.1 activate.adobe.com

========================= IP Configuration: ================================

Belkin Wireless Adapter = Wireless Network Connection 2 (Connected)
Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller = Local Area Connection (Media disconnected)
Intel® WiFi Link 5100 AGN = Wireless Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Jill
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Mixed
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : Belkin

Wireless LAN adapter Wireless Network Connection 2:

   Connection-specific DNS Suffix  . : Belkin
   Description . . . . . . . . . . . : Belkin Wireless Adapter
   Physical Address. . . . . . . . . : EC-1A-59-10-75-A8
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 192.168.2.2(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, March 03, 2014 5:26:49 PM
   Lease Expires . . . . . . . . . . : Wednesday, March 01, 2023 5:26:49 PM
   Default Gateway . . . . . . . . . : 192.168.2.1
   DHCP Server . . . . . . . . . . . : 192.168.2.1
   DNS Servers . . . . . . . . . . . : 192.168.2.1
                                       208.122.23.22
                                       208.122.23.23
                                       192.168.2.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 00-24-D6-42-AA-ED
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel® WiFi Link 5100 AGN
   Physical Address. . . . . . . . . : 00-24-D6-42-AA-EC
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : Belkin
   Description . . . . . . . . . . . : Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
   Physical Address. . . . . . . . . : A4-BA-DB-99-BB-8C
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.Belkin:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{AEB85D3F-BE17-41B3-9097-A031D67E1D43}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{74FE138B-415D-49DF-B2BD-38F37B2C15E0}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  192.168.2.1

Name:    google.com
Addresses:  2607:f8b0:400b:807::1007
      173.194.43.97
      173.194.43.98
      173.194.43.99
      173.194.43.100
      173.194.43.101
      173.194.43.102
      173.194.43.103
      173.194.43.104
      173.194.43.105
      173.194.43.110
      173.194.43.96


Pinging google.com [173.194.43.96] with 32 bytes of data:
Reply from 173.194.43.96: bytes=32 time=20ms TTL=57
Reply from 173.194.43.96: bytes=32 time=17ms TTL=57

Ping statistics for 173.194.43.96:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 17ms, Maximum = 20ms, Average = 18ms
Server:  UnKnown
Address:  192.168.2.1

Name:    yahoo.com
Addresses:  206.190.36.45
      98.138.253.109
      98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=55ms TTL=46
Reply from 98.139.183.24: bytes=32 time=51ms TTL=46

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 51ms, Maximum = 55ms, Average = 53ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 17...ec 1a 59 10 75 a8 ......Belkin Wireless Adapter
 16...00 24 d6 42 aa ed ......Microsoft Virtual WiFi Miniport Adapter
 15...00 24 d6 42 aa ec ......Intel® WiFi Link 5100 AGN
 10...a4 ba db 99 bb 8c ......Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
  1...........................Software Loopback Interface 1
 19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.2.1      192.168.2.2     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.2.0    255.255.255.0         On-link       192.168.2.2    281
      192.168.2.2  255.255.255.255         On-link       192.168.2.2    281
    192.168.2.255  255.255.255.255         On-link       192.168.2.2    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.2.2    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.2.2    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
  1    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/03/2014 05:25:38 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (03/03/2014 05:25:38 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (03/03/2014 05:24:49 PM) (Source: MsiInstaller) (User: JILL)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Admin\AppData\Local\Akamai\admintool.exe.  System error 0.  Verify that you have access to that directory.

Error: (03/03/2014 05:24:20 PM) (Source: MsiInstaller) (User: JILL)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Admin\AppData\Local\Akamai\admintool.exe.  System error 0.  Verify that you have access to that directory.

Error: (03/03/2014 05:23:13 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = c:\Program Files\Microsoft Security Client\MsMpEng.exe Files\Microsoft Security Client\MsMpEng.exe"; Description = Microsoft Antimalware Checkpoint; Error = 0x80042302).

Error: (03/03/2014 05:23:13 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine GetProviderMgmtInterface.  hr = 0x8004230f, The shadow copy provider had an unexpected error while trying to process the specified operation.
.

Error: (03/03/2014 05:23:13 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Error creating the Shadow Copy Provider COM class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
].


Operation:
   Obtain a callable interface for this provider
   Obtaining provider management interface

Context:
   Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Class ID: {00000000-0000-0000-0000-000000000000}
   Snapshot Context: -1
   Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}

Error: (03/03/2014 05:23:13 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} and name SW_PROV cannot be started. [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
]


Operation:
   Obtain a callable interface for this provider
   Obtaining provider management interface

Context:
   Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Class ID: {00000000-0000-0000-0000-000000000000}
   Snapshot Context: -1
   Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}

Error: (03/03/2014 03:38:21 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (03/03/2014 03:38:21 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.


System errors:
=============
Error: (03/03/2014 05:26:54 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1058

Error: (03/03/2014 05:24:39 PM) (Source: Microsoft Antimalware) (User: )
Description: %%860 has encountered an error trying to download and configure Windows Defender Offline.

    Error code: 0x80070002

    Error description: The system cannot find the file specified.

Error: (03/03/2014 05:23:56 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1058

Error: (03/03/2014 05:23:14 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1058

Error: (03/03/2014 05:21:11 PM) (Source: Service Control Manager) (User: )
Description: The Windows Image Acquisition (WIA) service depends on the Shell Hardware Detection service which failed to start because of the following error:
%%1058

Error: (03/03/2014 05:20:39 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT AUTHORITY)
Description: Performance power management features on processor 0 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

Error: (03/03/2014 05:19:34 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (03/03/2014 05:19:34 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (03/03/2014 05:19:34 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (03/03/2014 05:14:12 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (03/03/2014 05:25:38 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (03/03/2014 05:25:38 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000

Error: (03/03/2014 05:24:49 PM) (Source: MsiInstaller)(User: JILL)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Admin\AppData\Local\Akamai\admintool.exe.  System error 0.  Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (03/03/2014 05:24:20 PM) (Source: MsiInstaller)(User: JILL)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Admin\AppData\Local\Akamai\admintool.exe.  System error 0.  Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (03/03/2014 05:23:13 PM) (Source: System Restore)(User: )
Description: c:\Program Files\Microsoft Security Client\MsMpEng.exe Files\Microsoft Security Client\MsMpEng.exe"Microsoft Antimalware Checkpoint0x80042302

Error: (03/03/2014 05:23:13 PM) (Source: VSS)(User: )
Description: GetProviderMgmtInterface0x8004230f, The shadow copy provider had an unexpected error while trying to process the specified operation.

Error: (03/03/2014 05:23:13 PM) (Source: VSS)(User: )
Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


Operation:
   Obtain a callable interface for this provider
   Obtaining provider management interface

Context:
   Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Class ID: {00000000-0000-0000-0000-000000000000}
   Snapshot Context: -1
   Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}

Error: (03/03/2014 05:23:13 PM) (Source: VSS)(User: )
Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}SW_PROV0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


Operation:
   Obtain a callable interface for this provider
   Obtaining provider management interface

Context:
   Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Class ID: {00000000-0000-0000-0000-000000000000}
   Snapshot Context: -1
   Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}

Error: (03/03/2014 03:38:21 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (03/03/2014 03:38:21 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000


CodeIntegrity Errors:
===================================
  Date: 2012-07-14 18:00:47.057
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-07-14 18:00:46.983
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


=========================== Installed Programs ============================

µTorrent (Version: 3.3.0.29420)
7-Zip 9.20
Adobe Acrobat X Pro - English, Français, Deutsch (Version: 10.1.7)
Adobe AIR (Version: 3.1.0.4880)
Adobe Download Assistant (Version: 1.2)
Adobe Flash Player 12 Plugin (Version: 12.0.0.70)
Adobe Photoshop CS (Version: CS)
Akamai NetSession Interface
Apple Application Support (Version: 3.0)
Apple Mobile Device Support (Version: 7.1.0.32)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Install Manager (Version: 3.0.732.0)
Belkin N300 Micro USB Wireless Adapter (Version: 1.00.0155)
Bonjour (Version: 3.0.0.10)
ConvertXtoDVD 4.1.19.364 (Version: 4.1.19.364)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell System Detect (Version: 3.3.2.1)
Dell Touchpad (Version: 7.1107.115.102)
DriverTuner 3.1.0.0 (Version: 3.1.0.0)
Dropbox (Version: 2.0.10)
Duplicate File Cleaner v2.6
EximiousSoft Logo Designer V2.58
Free FLAC to MP3 Converter 1.0
HP FWUpdateEDO2 (Version: 1.2.0.0)
HP Photo Creations (Version: 1.0.0.5192)
HP Photosmart 5510 series Basic Device Software (Version: 24.0.342.0)
HP Photosmart 5510 series Help (Version: 140.0.2.2)
HP Photosmart 5510 series Product Improvement Study (Version: 24.0.342.0)
HP Update (Version: 5.005.000.002)
HPDiagnosticAlert (Version: 1.00.0000)
IDT Audio (Version: 1.0.6272.0)
Intel® Rapid Storage Technology (Version: 10.5.0.1029)
iTunes (Version: 11.1.4.62)
Java 7 Update 51 (Version: 7.0.510)
Java Auto Updater (Version: 2.1.9.8)
Java™ 6 Update 31 (Version: 6.0.310)
K-Lite Codec Pack 8.7.0 (Basic) (Version: 8.7.0)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Media Player Utilities 4.36 (Version: 4.36)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Outlook Connector (Version: 14.0.6106.5001)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Security Client (Version: 4.4.0304.0)
Microsoft Security Essentials (Version: 4.4.304.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 27.0.1 (x86 en-US) (Version: 27.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Paint.NET v3.5.10 (Version: 3.60.0)
Pazera Free MP4 to AVI Converter 1.7 (Version: 1.7)
Picasa 3 (Version: 3.9)
QuickTime (Version: 7.74.80.86)
RoboForm 7-9-5-5 (All Users) (Version: 7-9-5-5)
SeaTools for Windows (Version: 1.2.0.7)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
System Requirements Lab for Intel (Version: 4.5.13.0)
TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)
TuneUp Utilities 2012 (Version: 12.0.3600.181)
TuneUp Utilities Language Pack (en-US) (Version: 12.0.3600.181)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition
Video Converter Fox
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
VLC media player 2.1.3 (Version: 2.1.3)
WeatherEye
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
WinRAR 4.10 (64-bit) (Version: 4.10.0)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 92%
Total physical RAM: 2008.36 MB
Available physical RAM: 158.03 MB
Total Pagefile: 4016.73 MB
Available Pagefile: 1874.11 MB
Total Virtual: 4095.88 MB
Available Virtual: 3970.64 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:232.79 GB) (Free:71.12 GB) NTFS
2 Drive d: (WDO_Media64) (CDROM) (Total:0.26 GB) (Free:0 GB) UDF

========================= Users: ========================================

User accounts for \\JILL

Admin                    Administrator            Guest                    


**** End of log ****
 

MalwareBytes

 

2014/03/03 00:08:06 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 00:08:06 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 00:08:48 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 00:08:48 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 00:08:56 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 00:08:56 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 00:16:14 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 00:16:14 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 00:16:30 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 00:16:30 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 00:17:11 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 00:24:37 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 00:25:01 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 00:25:10 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 00:25:26 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 00:31:25 -0500    JILL    Admin    IP-BLOCK    93.115.83.250 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 00:32:46 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 00:33:02 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 00:33:18 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 00:40:50 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 00:41:06 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 00:41:30 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 00:41:54 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 00:42:51 -0500    JILL    Admin    IP-BLOCK    89.28.29.6 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 00:42:51 -0500    JILL    Admin    IP-BLOCK    89.28.29.6 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 00:49:51 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 00:49:51 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 00:49:51 -0500    JILL    Admin    IP-BLOCK    218.9.47.81 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 00:49:51 -0500    JILL    Admin    IP-BLOCK    218.9.47.81 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 00:50:08 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 00:50:08 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 00:50:24 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 00:50:24 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 00:50:40 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 00:50:40 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 00:51:21 -0500    JILL    Admin    IP-BLOCK    178.90.89.165 (Type: incoming, Port: 17973, Process: utorrent.exe)
2014/03/03 00:57:00 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 00:57:00 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 00:57:48 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 00:57:48 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 00:58:12 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 00:58:12 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 00:58:12 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 00:58:12 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 00:58:29 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 00:58:45 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 00:58:45 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 00:58:45 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 00:59:01 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 00:59:25 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 00:59:25 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 01:03:36 -0500    JILL    Admin    IP-BLOCK    89.28.29.6 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 01:03:36 -0500    JILL    Admin    IP-BLOCK    89.28.29.6 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 01:06:10 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 01:06:34 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 01:07:06 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 01:07:14 -0500    JILL    Admin    IP-BLOCK    121.127.133.79 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 01:07:23 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 01:13:50 -0500    JILL    Admin    IP-BLOCK    218.10.86.158 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 01:14:54 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 01:15:18 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 01:15:50 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 01:16:15 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 01:17:11 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 01:17:11 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 01:17:19 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 01:17:19 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 01:17:19 -0500    JILL    Admin    IP-BLOCK    193.169.12.65 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 01:17:19 -0500    JILL    Admin    IP-BLOCK    193.169.12.65 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 01:17:59 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 01:17:59 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 01:18:08 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 01:18:08 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 01:18:16 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 01:18:16 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 01:18:16 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 01:18:16 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 01:18:24 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 01:18:24 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 01:19:12 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 01:19:28 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 01:22:50 -0500    JILL    Admin    IP-BLOCK    218.7.241.243 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 01:24:10 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 01:24:10 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 01:24:10 -0500    JILL    Admin    IP-BLOCK    89.28.29.6 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 01:24:10 -0500    JILL    Admin    IP-BLOCK    89.28.29.6 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 01:24:43 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 01:24:43 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 01:25:23 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 01:25:23 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 01:25:55 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 01:25:55 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 01:26:20 -0500    JILL    Admin    IP-BLOCK    219.152.177.96 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 01:32:40 -0500    JILL    Admin    IP-BLOCK    89.28.118.90 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 01:33:05 -0500    JILL    Admin    IP-BLOCK    222.186.19.18 (Type: incoming, Port: 17973, Process: utorrent.exe)
2014/03/03 01:33:05 -0500    JILL    Admin    IP-BLOCK    222.186.19.18 (Type: incoming, Port: 17973, Process: svchost.exe)
2014/03/03 01:33:29 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 01:33:37 -0500    JILL    Admin    IP-BLOCK    222.186.19.18 (Type: incoming, Port: 17973, Process: utorrent.exe)
2014/03/03 01:33:53 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 01:34:01 -0500    JILL    Admin    IP-BLOCK    222.186.19.18 (Type: incoming, Port: 17973, Process: utorrent.exe)
2014/03/03 01:34:01 -0500    JILL    Admin    IP-BLOCK    94.102.48.42 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 01:34:09 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 01:34:33 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 01:37:15 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 01:37:39 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 01:43:09 -0500    JILL    Admin    IP-BLOCK    222.186.19.15 (Type: incoming, Port: 17973, Process: utorrent.exe)
2014/03/03 01:43:26 -0500    JILL    Admin    IP-BLOCK    222.186.19.15 (Type: incoming, Port: 17973, Process: utorrent.exe)
2014/03/03 01:43:26 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 01:43:42 -0500    JILL    Admin    IP-BLOCK    222.186.19.15 (Type: incoming, Port: 17973, Process: utorrent.exe)
2014/03/03 01:43:50 -0500    JILL    Admin    IP-BLOCK    222.186.19.15 (Type: incoming, Port: 17973, Process: utorrent.exe)
2014/03/03 01:43:50 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 01:44:54 -0500    JILL    Admin    IP-BLOCK    218.7.209.35 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 01:48:00 -0500    JILL    Admin    IP-BLOCK    88.85.71.165 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 01:49:45 -0500    JILL    Admin    IP-BLOCK    218.9.47.81 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 01:51:30 -0500    JILL    Admin    IP-BLOCK    218.10.226.119 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 01:53:55 -0500    JILL    Admin    IP-BLOCK    89.28.29.6 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 01:53:55 -0500    JILL    Admin    IP-BLOCK    89.28.29.6 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 02:01:59 -0500    JILL    Admin    IP-BLOCK    89.28.6.207 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 02:03:44 -0500    JILL    Admin    IP-BLOCK    121.10.252.85 (Type: incoming, Port: 17973, Process: utorrent.exe)
2014/03/03 02:03:44 -0500    JILL    Admin    IP-BLOCK    121.10.252.85 (Type: incoming, Port: 17973, Process: utorrent.exe)
2014/03/03 02:04:40 -0500    JILL    Admin    IP-BLOCK    121.10.252.85 (Type: incoming, Port: 17973, Process: utorrent.exe)
2014/03/03 02:04:41 -0500    JILL    Admin    IP-BLOCK    121.10.252.85 (Type: incoming, Port: 17973, Process: utorrent.exe)
2014/03/03 02:12:12 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:12:12 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:12:12 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:12:12 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 02:12:12 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:12:12 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 02:12:28 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:12:28 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 02:12:28 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:12:28 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 02:12:28 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:12:29 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 02:12:45 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:12:45 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 02:12:45 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:12:45 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 02:12:53 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:12:53 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 02:13:01 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:13:01 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 02:13:01 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:13:01 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 02:13:25 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:13:25 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 02:13:25 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:13:25 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 02:13:49 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:13:49 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 02:13:58 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:13:58 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 02:13:58 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:13:58 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 02:14:14 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:14:30 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:14:30 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:14:54 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:15:02 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:15:02 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:15:02 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:15:10 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:15:10 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:15:10 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:15:18 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:15:19 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:15:19 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:15:19 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:15:35 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:15:35 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:15:35 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:15:35 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:15:43 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:15:51 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:15:51 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:15:51 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:15:59 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:16:07 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:16:15 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:16:23 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:16:23 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:16:31 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:16:31 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:16:48 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:16:48 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:17:04 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:17:04 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:17:20 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:17:20 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:17:36 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:17:36 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:17:44 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:17:44 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:18:00 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:18:08 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:18:08 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:18:08 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:18:17 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:18:17 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:18:33 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:18:33 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:18:41 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:18:41 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:18:41 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:18:41 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:18:41 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:18:49 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:18:57 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:18:57 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:19:05 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:19:05 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:19:05 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:19:05 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:19:05 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:24:20 -0500    JILL    Admin    IP-BLOCK    219.146.4.68 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 02:43:25 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:43:25 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:43:33 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:43:57 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:43:58 -0500    JILL    Admin    IP-BLOCK    219.152.1.220 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:49:36 -0500    JILL    Admin    IP-BLOCK    194.44.235.67 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 02:49:36 -0500    JILL    Admin    IP-BLOCK    194.44.235.67 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 02:51:05 -0500    JILL    Admin    IP-BLOCK    222.186.19.18 (Type: incoming, Port: 17973, Process: utorrent.exe)
2014/03/03 02:52:58 -0500    JILL    Admin    IP-BLOCK    109.107.83.167 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 03:01:47 -0500    JILL    Admin    MESSAGE    Executing scheduled update:  Daily
2014/03/03 03:02:03 -0500    JILL    Admin    MESSAGE    Scheduled update executed successfully:  database updated from version v2014.03.02.06 to version v2014.03.03.02
2014/03/03 03:02:03 -0500    JILL    Admin    MESSAGE    Starting database refresh
2014/03/03 03:02:04 -0500    JILL    Admin    MESSAGE    Stopping IP protection
2014/03/03 03:02:07 -0500    JILL    Admin    MESSAGE    IP Protection stopped successfully
2014/03/03 03:03:07 -0500    JILL    Admin    MESSAGE    Database refreshed successfully
2014/03/03 03:03:07 -0500    JILL    Admin    MESSAGE    Starting IP protection
2014/03/03 03:03:17 -0500    JILL    Admin    MESSAGE    IP Protection started successfully
2014/03/03 03:15:41 -0500    JILL    Admin    IP-BLOCK    222.186.119.45 (Type: outgoing, Port: 17973, Process: utorrent.exe)
2014/03/03 03:25:14 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 03:25:31 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 03:25:55 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 03:27:32 -0500    JILL    Admin    IP-BLOCK    218.7.209.35 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 03:30:37 -0500    JILL    Admin    IP-BLOCK    109.230.220.86 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 03:30:37 -0500    JILL    Admin    IP-BLOCK    109.230.220.86 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 03:33:27 -0500    JILL    Admin    IP-BLOCK    89.28.98.225 (Type: incoming, Port: 17973, Process: utorrent.exe)
2014/03/03 03:35:28 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 03:35:28 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 03:35:28 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 03:35:36 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 58873, Process: explorer.exe)
2014/03/03 03:37:29 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 59035, Process: explorer.exe)
2014/03/03 03:40:26 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 59252, Process: explorer.exe)
2014/03/03 03:40:34 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 03:41:31 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 03:41:47 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 03:42:11 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 03:42:19 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 03:43:32 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 59489, Process: explorer.exe)
2014/03/03 03:44:12 -0500    JILL    Admin    IP-BLOCK    41.233.124.97 (Type: outgoing, Port: 17973, Process: utorrent.exe)
2014/03/03 03:46:29 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 59728, Process: explorer.exe)
2014/03/03 03:47:01 -0500    JILL    Admin    IP-BLOCK    89.28.18.210 (Type: incoming, Port: 17973, Process: utorrent.exe)
2014/03/03 03:50:31 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 60014, Process: explorer.exe)
2014/03/03 03:54:33 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 60276, Process: explorer.exe)
2014/03/03 03:58:27 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 60559, Process: explorer.exe)
2014/03/03 04:01:24 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 04:03:25 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 61102, Process: explorer.exe)
2014/03/03 04:06:15 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 04:06:15 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 04:06:31 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 04:06:31 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 04:06:48 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 04:06:48 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 04:07:44 -0500    JILL    Admin    IP-BLOCK    213.55.114.3 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 04:19:17 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 04:19:17 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 04:19:42 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 04:19:42 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 04:19:50 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 04:19:50 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 04:26:41 -0500    JILL    Admin    IP-BLOCK    219.146.215.118 (Type: outgoing, Port: 17973, Process: utorrent.exe)
2014/03/03 04:28:58 -0500    JILL    Admin    IP-BLOCK    89.28.100.164 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 04:33:00 -0500    JILL    Admin    IP-BLOCK    89.28.100.164 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 04:37:59 -0500    JILL    Admin    IP-BLOCK    89.28.100.164 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 04:39:19 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 04:42:57 -0500    JILL    Admin    IP-BLOCK    89.28.100.164 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 04:47:15 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 04:47:15 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 04:47:39 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 04:47:39 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 04:47:55 -0500    JILL    Admin    IP-BLOCK    89.28.100.164 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 04:47:55 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 04:47:55 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 04:48:12 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 04:48:12 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 04:51:41 -0500    JILL    Admin    IP-BLOCK    115.43.229.150 (Type: incoming, Port: 17973, Process: utorrent.exe)
2014/03/03 04:52:54 -0500    JILL    Admin    IP-BLOCK    89.28.100.164 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 04:55:19 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 04:55:19 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 04:55:51 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 04:55:51 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 04:56:24 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 04:56:40 -0500    JILL    Admin    IP-BLOCK    219.147.0.8 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 04:57:52 -0500    JILL    Admin    IP-BLOCK    89.28.100.164 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 05:02:59 -0500    JILL    Admin    IP-BLOCK    89.28.100.164 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 05:03:23 -0500    JILL    Admin    IP-BLOCK    91.200.224.195 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 05:03:55 -0500    JILL    Admin    IP-BLOCK    89.28.118.86 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 05:08:22 -0500    JILL    Admin    IP-BLOCK    88.85.71.181 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 05:17:30 -0500    JILL    Admin    IP-BLOCK    219.147.0.13 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 05:19:23 -0500    JILL    Admin    IP-BLOCK    89.28.100.164 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 05:23:25 -0500    JILL    Admin    IP-BLOCK    89.28.100.164 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 05:28:07 -0500    JILL    Admin    IP-BLOCK    89.209.91.204 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 05:28:31 -0500    JILL    Admin    IP-BLOCK    89.28.19.35 (Type: incoming, Port: 17973, Process: utorrent.exe)
2014/03/03 05:28:31 -0500    JILL    Admin    IP-BLOCK    89.28.100.164 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 05:28:47 -0500    JILL    Admin    IP-BLOCK    89.28.14.30 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 05:29:03 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 05:29:27 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 05:29:27 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 05:29:44 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 05:29:44 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 05:29:52 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 05:29:52 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 05:29:52 -0500    JILL    Admin    IP-BLOCK    77.78.238.154 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 05:29:52 -0500    JILL    Admin    IP-BLOCK    77.78.238.154 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 05:29:52 -0500    JILL    Admin    IP-BLOCK    91.200.224.195 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 05:30:24 -0500    JILL    Admin    IP-BLOCK    212.113.44.242 (Type: outgoing, Port: 17973, Process: utorrent.exe)
2014/03/03 05:31:53 -0500    JILL    Admin    IP-BLOCK    195.216.185.84 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 05:33:30 -0500    JILL    Admin    IP-BLOCK    89.28.100.164 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 05:38:04 -0500    JILL    Admin    IP-BLOCK    89.28.100.164 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 05:39:41 -0500    JILL    Admin    IP-BLOCK    222.186.19.15 (Type: incoming, Port: 17973, Process: utorrent.exe)
2014/03/03 05:40:05 -0500    JILL    Admin    IP-BLOCK    222.186.19.15 (Type: incoming, Port: 17973, Process: utorrent.exe)
2014/03/03 05:40:29 -0500    JILL    Admin    IP-BLOCK    222.186.19.15 (Type: incoming, Port: 17973, Process: utorrent.exe)
2014/03/03 05:40:37 -0500    JILL    Admin    IP-BLOCK    222.186.19.15 (Type: incoming, Port: 17973, Process: utorrent.exe)
2014/03/03 05:43:02 -0500    JILL    Admin    IP-BLOCK    89.28.100.164 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 05:48:01 -0500    JILL    Admin    IP-BLOCK    89.28.100.164 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 05:51:06 -0500    JILL    Admin    IP-BLOCK    219.147.0.11 (Type: incoming, Port: 17973, Process: utorrent.exe)
2014/03/03 05:51:06 -0500    JILL    Admin    IP-BLOCK    219.147.0.11 (Type: incoming, Port: 17973, Process: svchost.exe)
2014/03/03 05:53:31 -0500    JILL    Admin    IP-BLOCK    89.28.100.164 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 05:58:54 -0500    JILL    Admin    IP-BLOCK    109.163.233.137 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 06:01:19 -0500    JILL    Admin    IP-BLOCK    109.163.233.137 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 06:01:35 -0500    JILL    Admin    IP-BLOCK    109.163.233.137 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 06:03:12 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 06:03:12 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 06:03:28 -0500    JILL    Admin    IP-BLOCK    89.28.100.164 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 06:04:00 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 06:04:00 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 06:04:32 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 06:04:32 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 06:04:48 -0500    JILL    Admin    IP-BLOCK    109.163.226.170 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 06:04:48 -0500    JILL    Admin    IP-BLOCK    109.163.226.170 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 06:08:34 -0500    JILL    Admin    IP-BLOCK    89.28.100.164 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 06:13:32 -0500    JILL    Admin    IP-BLOCK    89.28.100.164 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 06:14:29 -0500    JILL    Admin    IP-BLOCK    219.152.27.75 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 06:16:46 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 06:16:46 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 06:16:46 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 06:16:46 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 59844, Process: explorer.exe)
2014/03/03 06:18:31 -0500    JILL    Admin    IP-BLOCK    89.28.100.164 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 06:18:47 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 59999, Process: explorer.exe)
2014/03/03 06:19:11 -0500    JILL    Admin    IP-BLOCK    109.163.233.137 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 06:20:08 -0500    JILL    Admin    IP-BLOCK    109.163.233.137 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 06:21:12 -0500    JILL    Admin    IP-BLOCK    85.85.66.243 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 06:21:44 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 60230, Process: explorer.exe)
2014/03/03 06:22:33 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 06:22:49 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 06:23:05 -0500    JILL    Admin    IP-BLOCK    222.186.19.15 (Type: incoming, Port: 17973, Process: utorrent.exe)
2014/03/03 06:23:05 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 06:23:29 -0500    JILL    Admin    IP-BLOCK    89.28.100.164 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 06:23:53 -0500    JILL    Admin    IP-BLOCK    222.186.19.15 (Type: incoming, Port: 17973, Process: utorrent.exe)
2014/03/03 06:24:34 -0500    JILL    Admin    IP-BLOCK    222.186.19.15 (Type: incoming, Port: 17973, Process: utorrent.exe)
2014/03/03 06:24:34 -0500    JILL    Admin    IP-BLOCK    222.186.19.15 (Type: incoming, Port: 17973, Process: svchost.exe)
2014/03/03 06:24:42 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 60508, Process: explorer.exe)
2014/03/03 06:25:06 -0500    JILL    Admin    IP-BLOCK    222.186.19.15 (Type: incoming, Port: 17973, Process: utorrent.exe)
2014/03/03 06:25:06 -0500    JILL    Admin    IP-BLOCK    222.186.19.15 (Type: incoming, Port: 17973, Process: svchost.exe)
2014/03/03 06:27:47 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 60772, Process: explorer.exe)
2014/03/03 06:28:28 -0500    JILL    Admin    IP-BLOCK    89.28.100.164 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 06:28:36 -0500    JILL    Admin    IP-BLOCK    37.221.165.196 (Type: outgoing, Port: 17973, Process: utorrent.exe)
2014/03/03 06:29:56 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 06:30:37 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 06:30:45 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 06:31:41 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 61118, Process: explorer.exe)
2014/03/03 06:35:43 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 61418, Process: explorer.exe)
2014/03/03 06:38:00 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 06:38:16 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 06:38:40 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 06:40:41 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 61775, Process: explorer.exe)
2014/03/03 06:45:07 -0500    JILL    Admin    IP-BLOCK    212.117.179.52 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 06:45:24 -0500    JILL    Admin    IP-BLOCK    93.115.83.250 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 06:45:40 -0500    JILL    Admin    IP-BLOCK    85.85.66.243 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 06:46:12 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 06:46:12 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 06:46:36 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 06:46:36 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 06:47:01 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 06:47:01 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 06:53:27 -0500    JILL    Admin    IP-BLOCK    212.113.46.41 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 06:54:24 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 06:54:24 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 06:54:48 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 06:55:20 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 06:57:05 -0500    JILL    Admin    IP-BLOCK    213.186.115.237 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 06:59:38 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 06:59:38 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 07:00:02 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 07:00:02 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 07:00:35 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 07:00:35 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 07:00:51 -0500    JILL    Admin    IP-BLOCK    81.163.138.129 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 07:00:51 -0500    JILL    Admin    IP-BLOCK    81.163.138.129 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 07:01:07 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 07:01:07 -0500    JILL    Admin    IP-BLOCK    59.34.140.96 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 07:02:52 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 07:03:08 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 07:03:24 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 07:03:32 -0500    JILL    Admin    IP-BLOCK    213.55.114.177 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 07:08:22 -0500    JILL    Admin    IP-BLOCK    85.85.66.243 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 07:08:23 -0500    JILL    Admin    IP-BLOCK    85.85.66.243 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 07:11:20 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 07:11:36 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 07:11:36 -0500    JILL    Admin    IP-BLOCK    218.9.120.107 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 07:11:36 -0500    JILL    Admin    IP-BLOCK    218.9.120.107 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 07:12:00 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 07:12:25 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 07:16:18 -0500    JILL    Admin    IP-BLOCK    77.78.246.29 (Type: outgoing, Port: 17973, Process: utorrent.exe)
2014/03/03 07:20:45 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 07:23:02 -0500    JILL    Admin    IP-BLOCK    98.142.249.159 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 07:27:35 -0500    JILL    Admin    IP-BLOCK    218.9.120.107 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 07:27:35 -0500    JILL    Admin    IP-BLOCK    218.9.120.107 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 07:29:36 -0500    JILL    Admin    IP-BLOCK    85.85.66.243 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 07:29:36 -0500    JILL    Admin    IP-BLOCK    85.85.66.243 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 07:35:23 -0500    JILL    Admin    IP-BLOCK    81.163.138.110 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 07:37:40 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 07:44:15 -0500    JILL    Admin    IP-BLOCK    212.113.35.171 (Type: outgoing, Port: 17973, Process: utorrent.exe)
2014/03/03 07:47:21 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 07:47:53 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 07:48:49 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 07:56:31 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 07:57:04 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 07:57:04 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 07:57:36 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 07:57:36 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 07:57:53 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 07:57:53 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 07:58:57 -0500    JILL    Admin    IP-BLOCK    89.28.3.73 (Type: outgoing, Port: 17973, Process: utorrent.exe)
2014/03/03 07:59:54 -0500    JILL    Admin    IP-BLOCK    109.163.233.137 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 08:00:18 -0500    JILL    Admin    IP-BLOCK    81.163.138.110 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 08:02:19 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 08:02:19 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 08:02:27 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 08:02:27 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 55278, Process: explorer.exe)
2014/03/03 08:04:28 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 55573, Process: explorer.exe)
2014/03/03 08:04:52 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 08:04:52 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 08:05:49 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 08:05:49 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 08:07:26 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 55857, Process: explorer.exe)
2014/03/03 08:10:47 -0500    JILL    Admin    IP-BLOCK    218.9.120.107 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 08:10:47 -0500    JILL    Admin    IP-BLOCK    218.9.120.107 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 08:11:27 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 56295, Process: explorer.exe)
2014/03/03 08:11:27 -0500    JILL    Admin    IP-BLOCK    218.9.120.107 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 08:11:27 -0500    JILL    Admin    IP-BLOCK    218.9.120.107 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 08:12:56 -0500    JILL    Admin    IP-BLOCK    218.9.120.107 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 08:12:56 -0500    JILL    Admin    IP-BLOCK    218.9.120.107 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 08:14:41 -0500    JILL    Admin    IP-BLOCK    218.10.141.215 (Type: outgoing, Port: 17973, Process: utorrent.exe)
2014/03/03 08:14:57 -0500    JILL    Admin    IP-BLOCK    89.28.34.147 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 08:15:30 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 56874, Process: explorer.exe)
2014/03/03 08:15:30 -0500    JILL    Admin    IP-BLOCK    222.186.19.15 (Type: incoming, Port: 17973, Process: utorrent.exe)
2014/03/03 08:16:10 -0500    JILL    Admin    IP-BLOCK    222.186.19.15 (Type: incoming, Port: 17973, Process: utorrent.exe)
2014/03/03 08:16:34 -0500    JILL    Admin    IP-BLOCK    222.186.19.15 (Type: incoming, Port: 17973, Process: utorrent.exe)
2014/03/03 08:16:50 -0500    JILL    Admin    IP-BLOCK    222.186.19.15 (Type: incoming, Port: 17973, Process: utorrent.exe)
2014/03/03 08:20:28 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 57539, Process: explorer.exe)
2014/03/03 08:22:05 -0500    JILL    Admin    IP-BLOCK    109.163.233.137 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 08:25:43 -0500    JILL    Admin    IP-BLOCK    89.28.17.7 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 08:26:31 -0500    JILL    Admin    IP-BLOCK    61.146.118.3 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 08:26:31 -0500    JILL    Admin    IP-BLOCK    61.146.118.3 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 08:29:12 -0500    JILL    Admin    IP-BLOCK    59.34.163.163 (Type: incoming, Port: 17973, Process: utorrent.exe)
2014/03/03 08:29:37 -0500    JILL    Admin    IP-BLOCK    218.9.120.107 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 08:29:37 -0500    JILL    Admin    IP-BLOCK    218.9.120.107 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 08:29:37 -0500    JILL    Admin    IP-BLOCK    218.9.120.107 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 08:29:37 -0500    JILL    Admin    IP-BLOCK    218.9.120.107 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 08:30:09 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 08:30:33 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 08:30:42 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 08:37:41 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 08:38:21 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 08:38:29 -0500    JILL    Admin    IP-BLOCK    109.163.233.137 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 08:38:29 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 08:44:08 -0500    JILL    Admin    IP-BLOCK    219.146.215.118 (Type: outgoing, Port: 17973, Process: utorrent.exe)
2014/03/03 08:48:27 -0500    JILL    Admin    IP-BLOCK    89.28.17.7 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 08:54:21 -0500    JILL    Admin    IP-BLOCK    93.170.50.251 (Type: incoming, Port: 17973, Process: utorrent.exe)
2014/03/03 08:54:22 -0500    JILL    Admin    IP-BLOCK    93.170.50.251 (Type: incoming, Port: 17973, Process: svchost.exe)
2014/03/03 08:54:38 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 08:54:38 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 08:54:54 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 08:54:54 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 08:55:18 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 08:55:19 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 08:55:35 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 08:55:35 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 08:59:45 -0500    JILL    Admin    IP-BLOCK    219.146.215.118 (Type: outgoing, Port: 17973, Process: utorrent.exe)
2014/03/03 09:00:49 -0500    JILL    Admin    IP-BLOCK    109.163.233.137 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:01:06 -0500    JILL    Admin    IP-BLOCK    109.163.233.137 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:01:06 -0500    JILL    Admin    IP-BLOCK    109.163.233.137 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:01:22 -0500    JILL    Admin    IP-BLOCK    109.163.233.137 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:01:22 -0500    JILL    Admin    IP-BLOCK    109.163.233.137 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 09:02:26 -0500    JILL    Admin    IP-BLOCK    109.163.233.137 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:02:26 -0500    JILL    Admin    IP-BLOCK    109.163.233.137 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 09:02:59 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:02:59 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 09:03:07 -0500    JILL    Admin    IP-BLOCK    218.9.120.107 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:03:07 -0500    JILL    Admin    IP-BLOCK    218.9.120.107 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 09:03:07 -0500    JILL    Admin    IP-BLOCK    218.9.120.107 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:03:07 -0500    JILL    Admin    IP-BLOCK    218.9.120.107 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 09:03:23 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:03:39 -0500    JILL    Admin    IP-BLOCK    89.28.102.19 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 09:03:47 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:06:45 -0500    JILL    Admin    IP-BLOCK    41.233.121.176 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:11:27 -0500    JILL    Admin    IP-BLOCK    218.9.120.107 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:11:27 -0500    JILL    Admin    IP-BLOCK    218.9.120.107 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:11:36 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:11:52 -0500    JILL    Admin    IP-BLOCK    218.9.120.107 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:12:00 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:12:16 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:12:32 -0500    JILL    Admin    IP-BLOCK    212.117.167.208 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 09:13:21 -0500    JILL    Admin    IP-BLOCK    218.9.120.107 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:13:29 -0500    JILL    Admin    IP-BLOCK    218.9.120.107 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:13:29 -0500    JILL    Admin    IP-BLOCK    218.9.120.107 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:13:29 -0500    JILL    Admin    IP-BLOCK    218.9.120.107 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:13:37 -0500    JILL    Admin    IP-BLOCK    93.170.147.42 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:14:09 -0500    JILL    Admin    IP-BLOCK    218.9.120.107 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:14:33 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 09:14:33 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 09:14:33 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 09:14:33 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 51377, Process: explorer.exe)
2014/03/03 09:15:38 -0500    JILL    Admin    IP-BLOCK    93.170.50.251 (Type: outgoing, Port: 17973, Process: utorrent.exe)
2014/03/03 09:19:16 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:21:01 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:26:40 -0500    JILL    Admin    IP-BLOCK    91.188.46.122 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:27:36 -0500    JILL    Admin    IP-BLOCK    212.117.167.208 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 09:28:33 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:28:49 -0500    JILL    Admin    IP-BLOCK    222.186.19.5 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:29:05 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:29:13 -0500    JILL    Admin    IP-BLOCK    222.186.19.5 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:29:30 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:29:30 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 09:29:30 -0500    JILL    Admin    IP-BLOCK    222.186.19.5 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:29:30 -0500    JILL    Admin    IP-BLOCK    222.186.19.5 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 09:29:30 -0500    JILL    Admin    IP-BLOCK    59.34.5.243 (Type: outgoing, Port: 17973, Process: utorrent.exe)
2014/03/03 09:29:38 -0500    JILL    Admin    IP-BLOCK    121.10.76.250 (Type: outgoing, Port: 17973, Process: utorrent.exe)
2014/03/03 09:29:46 -0500    JILL    Admin    IP-BLOCK    222.186.19.5 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:29:46 -0500    JILL    Admin    IP-BLOCK    222.186.19.5 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 09:30:50 -0500    JILL    Admin    IP-BLOCK    80.82.70.202 (Type: incoming, Port: 17973, Process: utorrent.exe)
2014/03/03 09:30:51 -0500    JILL    Admin    IP-BLOCK    80.82.70.202 (Type: incoming, Port: 17973, Process: svchost.exe)
2014/03/03 09:31:07 -0500    JILL    Admin    IP-BLOCK    121.10.60.89 (Type: outgoing, Port: 17973, Process: utorrent.exe)
2014/03/03 09:31:23 -0500    JILL    Admin    IP-BLOCK    93.170.147.50 (Type: outgoing, Port: 17973, Process: utorrent.exe)
2014/03/03 09:31:23 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 09:31:31 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 09:31:39 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 09:31:39 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 53699, Process: explorer.exe)
2014/03/03 09:33:40 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 54149, Process: explorer.exe)
2014/03/03 09:34:29 -0500    JILL    Admin    IP-BLOCK    213.55.114.3 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 09:35:49 -0500    JILL    Admin    IP-BLOCK    222.186.19.15 (Type: incoming, Port: 17973, Process: utorrent.exe)
2014/03/03 09:35:49 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 54548, Process: explorer.exe)
2014/03/03 09:36:14 -0500    JILL    Admin    IP-BLOCK    222.186.19.15 (Type: incoming, Port: 17973, Process: utorrent.exe)
2014/03/03 09:36:30 -0500    JILL    Admin    IP-BLOCK    222.186.19.15 (Type: incoming, Port: 17973, Process: utorrent.exe)
2014/03/03 09:36:46 -0500    JILL    Admin    IP-BLOCK    222.186.19.15 (Type: incoming, Port: 17973, Process: utorrent.exe)
2014/03/03 09:36:46 -0500    JILL    Admin    IP-BLOCK    222.186.19.15 (Type: incoming, Port: 17973, Process: svchost.exe)
2014/03/03 09:37:26 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:37:26 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 09:37:50 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:37:50 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 09:38:15 -0500    JILL    Admin    IP-BLOCK    41.233.121.176 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:38:15 -0500    JILL    Admin    IP-BLOCK    41.233.121.176 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 09:38:55 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 54977, Process: explorer.exe)
2014/03/03 09:39:03 -0500    JILL    Admin    IP-BLOCK    109.163.233.137 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:40:00 -0500    JILL    Admin    IP-BLOCK    109.163.233.137 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:40:56 -0500    JILL    Admin    IP-BLOCK    109.163.233.137 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:40:56 -0500    JILL    Admin    IP-BLOCK    109.163.233.137 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:41:20 -0500    JILL    Admin    IP-BLOCK    109.163.233.137 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:41:28 -0500    JILL    Admin    IP-BLOCK    109.163.233.137 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:41:36 -0500    JILL    Admin    IP-BLOCK    109.163.233.137 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:41:53 -0500    JILL    Admin    IP-BLOCK    109.163.233.137 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:42:01 -0500    JILL    Admin    IP-BLOCK    109.163.233.137 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:42:57 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 55535, Process: explorer.exe)
2014/03/03 09:44:18 -0500    JILL    Admin    IP-BLOCK    219.146.215.118 (Type: outgoing, Port: 17973, Process: utorrent.exe)
2014/03/03 09:44:34 -0500    JILL    Admin    IP-BLOCK    176.120.38.238 (Type: incoming, Port: 17973, Process: utorrent.exe)
2014/03/03 09:44:34 -0500    JILL    Admin    IP-BLOCK    176.120.38.238 (Type: incoming, Port: 17973, Process: svchost.exe)
2014/03/03 09:45:22 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:45:22 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 09:45:39 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:45:39 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 09:46:03 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:46:19 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:47:56 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 56245, Process: explorer.exe)
2014/03/03 09:49:57 -0500    JILL    Admin    IP-BLOCK    93.170.131.91 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:53:43 -0500    JILL    Admin    IP-BLOCK    222.186.19.5 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:54:23 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:54:39 -0500    JILL    Admin    IP-BLOCK    222.186.19.5 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:54:39 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:54:55 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:55:03 -0500    JILL    Admin    IP-BLOCK    222.186.19.5 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:55:11 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 09:55:20 -0500    JILL    Admin    IP-BLOCK    89.28.14.30 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 10:00:26 -0500    JILL    Admin    IP-BLOCK    219.146.215.118 (Type: outgoing, Port: 17973, Process: utorrent.exe)
2014/03/03 10:02:11 -0500    JILL    Admin    IP-BLOCK    222.186.19.5 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 10:02:35 -0500    JILL    Admin    IP-BLOCK    222.186.19.5 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 10:02:35 -0500    JILL    Admin    IP-BLOCK    222.186.19.5 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 10:02:51 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 10:03:24 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 10:03:56 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 10:04:20 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 10:09:19 -0500    JILL    Admin    IP-BLOCK    222.186.19.5 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 10:09:35 -0500    JILL    Admin    IP-BLOCK    222.186.19.5 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 10:10:15 -0500    JILL    Admin    IP-BLOCK    222.186.19.5 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 10:10:40 -0500    JILL    Admin    IP-BLOCK    222.186.19.5 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 10:11:36 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 10:12:00 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 10:12:00 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 10:12:49 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 10:12:49 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 10:13:53 -0500    JILL    Admin    IP-BLOCK    222.186.19.18 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 10:14:18 -0500    JILL    Admin    IP-BLOCK    222.186.19.18 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 10:14:42 -0500    JILL    Admin    IP-BLOCK    222.186.19.18 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 10:15:06 -0500    JILL    Admin    IP-BLOCK    222.186.19.18 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 10:19:11 -0500    JILL    Admin    IP-BLOCK    109.163.233.137 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 10:19:11 -0500    JILL    Admin    IP-BLOCK    109.163.233.137 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 10:19:51 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 10:19:51 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 10:19:59 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 10:19:59 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 10:20:23 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 10:20:23 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 10:20:31 -0500    JILL    Admin    IP-BLOCK    109.196.136.182 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 10:20:40 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 10:20:40 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 10:21:28 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 10:21:28 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 10:21:28 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 10:21:28 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 61271, Process: explorer.exe)
2014/03/03 10:23:29 -0500    JILL    Admin    IP-BLOCK    150.70.97.124 (Type: outgoing, Port: 61562, Process: explorer.exe)
2014/03/03 10:32:45 -0500    JILL    Admin    IP-BLOCK    93.170.50.251 (Type: outgoing, Port: 17973, Process: utorrent.exe)
2014/03/03 10:35:19 -0500    JILL    Admin    IP-BLOCK    41.203.84.188 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 10:37:20 -0500    JILL    Admin    IP-BLOCK    77.78.218.160 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 10:38:25 -0500    JILL    Admin    IP-BLOCK    89.28.43.194 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 10:44:35 -0500    JILL    Admin    IP-BLOCK    188.130.176.3 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 10:49:59 -0500    JILL    Admin    IP-BLOCK    109.196.141.202 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 10:51:04 -0500    JILL    Admin    IP-BLOCK    109.196.141.202 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 10:56:03 -0500    JILL    Admin    IP-BLOCK    109.196.141.202 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 10:58:28 -0500    JILL    Admin    IP-BLOCK    109.163.233.137 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 10:58:44 -0500    JILL    Admin    IP-BLOCK    109.163.233.137 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 11:01:17 -0500    JILL    Admin    IP-BLOCK    219.146.215.118 (Type: outgoing, Port: 17973, Process: utorrent.exe)
2014/03/03 11:02:06 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 11:06:40 -0500    JILL    Admin    IP-BLOCK    98.142.245.242 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 11:11:06 -0500    JILL    Admin    IP-BLOCK    109.196.141.202 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 11:16:05 -0500    JILL    Admin    IP-BLOCK    218.10.7.216 (Type: outgoing, Port: 17973, Process: utorrent.exe)
2014/03/03 11:17:25 -0500    JILL    Admin    IP-BLOCK    93.115.83.250 (Type: incoming, Port: 6881, Process: explorer.exe)
2014/03/03 11:17:25 -0500    JILL    Admin    IP-BLOCK    93.115.83.250 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 11:28:42 -0500    JILL    (null)    MESSAGE    Starting protection
2014/03/03 11:28:43 -0500    JILL    (null)    MESSAGE    Protection started successfully
2014/03/03 11:28:43 -0500    JILL    (null)    MESSAGE    Starting IP protection
2014/03/03 11:28:56 -0500    JILL    (null)    MESSAGE    IP Protection started successfully
2014/03/03 11:29:46 -0500    JILL    Admin    IP-BLOCK    222.186.19.20 (Type: incoming, Port: 6881, Process: svchost.exe)
2014/03/03 11:41:14 -0500    JILL    Admin    MESSAGE    Stopping protection
2014/03/03 11:41:15 -0500    JILL    Admin    MESSAGE    Protection stopped successfully
2014/03/03 11:41:15 -0500    JILL    Admin    MESSAGE    Stopping IP protection
2014/03/03 11:41:15 -0500    JILL    Admin    MESSAGE    IP Protection stopped successfully
2014/03/03 11:41:36 -0500    JILL    Admin    MESSAGE    Protection stopped
2014/03/03 17:21:24 -0500    JILL    Admin    MESSAGE    Starting protection
2014/03/03 17:21:29 -0500    JILL    Admin    MESSAGE    Protection started successfully
2014/03/03 17:21:29 -0500    JILL    Admin    MESSAGE    Starting IP protection
2014/03/03 17:21:36 -0500    JILL    Admin    MESSAGE    IP Protection started successfully
2014/03/03 17:22:28 -0500    JILL    Admin    IP-BLOCK    91.200.224.195 (Type: outgoing, Port: 49169, Process: explorer.exe)
2014/03/03 17:24:09 -0500    JILL    Admin    IP-BLOCK    91.200.224.195 (Type: outgoing, Port: 49332, Process: explorer.exe)
2014/03/03 17:27:18 -0500    JILL    Admin    IP-BLOCK    213.186.115.226 (Type: outgoing, Port: 6881, Process: explorer.exe)
2014/03/03 17:38:01 -0500    JILL    Admin    IP-BLOCK    91.200.224.195 (Type: outgoing, Port: 55481, Process: explorer.exe)
2014/03/03 17:39:23 -0500    JILL    Admin    MESSAGE    Stopping protection
2014/03/03 17:39:23 -0500    JILL    Admin    MESSAGE    Protection stopped successfully
2014/03/03 17:39:23 -0500    JILL    Admin    MESSAGE    Stopping IP protection
2014/03/03 17:39:24 -0500    JILL    Admin    MESSAGE    IP Protection stopped successfully
2014/03/03 17:40:03 -0500    JILL    Admin    MESSAGE    Protection stopped
 

MBAR Log

 

Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org

Database version: v2013.10.02.12

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
Admin :: JILL [administrator]

3/3/2014 7:55:21 PM
mbar-log-2014-03-03 (19-55-21).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Kernel memory modifications detected. Deep Anti-Rootkit Scan engaged.
Objects scanned: 51989
Time elapsed: 18 minute(s), 41 second(s) [aborted]

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 1
Physical Sector #1 on Drive #0 (Forged physical sector) -> No action taken.

(end)
 

 

System Log

 

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009

© Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.16518

Java version: 1.6.0_31

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.194000 GHz
Memory total: 2105921536, free: 423124992

No address found
=======================================
Initializing...
------------ Kernel report ------------
     03/03/2014 19:55:04
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\DRIVERS\MpFilter.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\drivers\cdrom.sys
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{038947F0-5F49-4341-B77F-906DCA2C9F0B}\MpKslaca62661.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\NETwNs64.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\yk62x64.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\Apfiltr.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\stwrt64.sys
\SystemRoot\system32\DRIVERS\portcls.sys
\SystemRoot\system32\DRIVERS\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\udfs.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\NisDrvWFP.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\System32\drivers\ipnat.sys
\??\C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys
\??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{038947F0-5F49-4341-B77F-906DCA2C9F0B}\MpKsl6cf9210c.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\setupapi.dll
\Windows\System32\sechost.dll
\Windows\System32\wininet.dll
\Windows\System32\msctf.dll
\Windows\System32\shell32.dll
\Windows\System32\lpk.dll
\Windows\System32\ole32.dll
\Windows\System32\imagehlp.dll
\Windows\System32\user32.dll
\Windows\System32\normaliz.dll
\Windows\System32\nsi.dll
\Windows\System32\advapi32.dll
\Windows\System32\oleaut32.dll
\Windows\System32\iertutil.dll
\Windows\System32\Wldap32.dll
\Windows\System32\msvcrt.dll
\Windows\System32\kernel32.dll
\Windows\System32\urlmon.dll
\Windows\System32\difxapi.dll
\Windows\System32\shlwapi.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\usp10.dll
\Windows\System32\imm32.dll
\Windows\System32\comdlg32.dll
\Windows\System32\clbcatq.dll
\Windows\System32\ws2_32.dll
\Windows\System32\gdi32.dll
\Windows\System32\psapi.dll
\Windows\System32\crypt32.dll
\Windows\System32\KernelBase.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\wintrust.dll
\Windows\System32\devobj.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\comctl32.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\msasn1.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xfffffa80050c4790
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\0000006d\
Lower Device Object: 0xfffffa800571e060
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa800276b6b0
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xfffffa80022d2050
Lower Device Driver Name: \Driver\iaStor\
IRP handler 15 of \Driver\iaStor is hooked
Unhooking enabled.
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xfffffa80050c4790
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\0000006d\
Lower Device Object: 0xfffffa800571e060
Lower Device Driver Name: \Driver\USBSTOR\
Driver name found: USBSTOR
Initialization returned 0x0
Load Function returned 0x0
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa800276b6b0
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xfffffa80022d2050
Lower Device Driver Name: \Driver\iaStor\
Driver name found: iaStor
Initialization returned 0x0
Load Function returned 0x0
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa800276b6b0, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800276b100, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800276b6b0, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80022d2050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0xfffff8a00ee3e850, 0xfffffa800276b6b0, 0xfffffa8008382090
Lower DeviceData: 0xfffff8a005c3eb10, 0xfffffa80022d2050, 0xfffffa80019ed090
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 983F7C98

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 204800
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 206848  Numsec = 488187904

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 250059350016 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-488377168-488397168)...
Sectors 1 - 549 --> [Forged physical sectors]
Done!
Physical Sector Size: 0
Drive: 1, DevicePointer: 0xfffffa80050c4790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8005b99380, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80050c4790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800571e060, DeviceName: \Device\0000006d\, DriverName: \Driver\USBSTOR\
------------ End ----------
Scan Interrupted
Scan was aborted.
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\LBA-0-1-u.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\LBA-0-1-k.mbam...
Removal finished
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009

© Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.16518

Java version: 1.6.0_31

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.194000 GHz
Memory total: 2105921536, free: 473432064

=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009

© Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.16518

Java version: 1.6.0_31

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.194000 GHz
Memory total: 2105921536, free: 358400000

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009

© Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.16518

Java version: 1.6.0_31

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.194000 GHz
Memory total: 2105921536, free: 250675200

Downloaded database version: v2014.03.03.08
Downloaded database version: v2014.02.20.01
=======================================
Initializing...
------------ Kernel report ------------
     03/03/2014 20:30:06
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\DRIVERS\MpFilter.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\drivers\cdrom.sys
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{038947F0-5F49-4341-B77F-906DCA2C9F0B}\MpKsl6cf9210c.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\NETwNs64.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\yk62x64.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\Apfiltr.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\stwrt64.sys
\SystemRoot\system32\DRIVERS\portcls.sys
\SystemRoot\system32\DRIVERS\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\udfs.sys
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\RTL8192cu.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\NisDrvWFP.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\System32\drivers\ipnat.sys
\??\C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys
\??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{038947F0-5F49-4341-B77F-906DCA2C9F0B}\MpKsld20d81a8.sys
\SystemRoot\system32\drivers\spsys.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\advapi32.dll
\Windows\System32\usp10.dll
\Windows\System32\psapi.dll
\Windows\System32\oleaut32.dll
\Windows\System32\gdi32.dll
\Windows\System32\sechost.dll
\Windows\System32\ole32.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\normaliz.dll
\Windows\System32\nsi.dll
\Windows\System32\user32.dll
\Windows\System32\lpk.dll
\Windows\System32\shell32.dll
\Windows\System32\msvcrt.dll
\Windows\System32\clbcatq.dll
\Windows\System32\difxapi.dll
\Windows\System32\msctf.dll
\Windows\System32\comdlg32.dll
\Windows\System32\ws2_32.dll
\Windows\System32\imm32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\wininet.dll
\Windows\System32\iertutil.dll
\Windows\System32\setupapi.dll
\Windows\System32\urlmon.dll
\Windows\System32\kernel32.dll
\Windows\System32\imagehlp.dll
\Windows\System32\Wldap32.dll
\Windows\System32\crypt32.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\wintrust.dll
\Windows\System32\comctl32.dll
\Windows\System32\KernelBase.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\devobj.dll
\Windows\System32\msasn1.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xfffffa8005045060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\0000006d\
Lower Device Object: 0xfffffa8004dfb940
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa80026eb730
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xfffffa8002259050
Lower Device Driver Name: \Driver\iaStor\
IRP handler 15 of \Driver\iaStor is hooked
Unhooking enabled.
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xfffffa8005045060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\0000006d\
Lower Device Object: 0xfffffa8004dfb940
Lower Device Driver Name: \Driver\USBSTOR\
Driver name found: USBSTOR
Initialization returned 0x0
Load Function returned 0x0
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa80026eb730
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xfffffa8002259050
Lower Device Driver Name: \Driver\iaStor\
Driver name found: iaStor
Initialization returned 0x0
Load Function returned 0x0
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa80026eb730, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80026eb180, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80026eb730, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8002259050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0xfffff8a00bad3640, 0xfffffa80026eb730, 0xfffffa8001fc0790
Lower DeviceData: 0xfffff8a00b09fd90, 0xfffffa8002259050, 0xfffffa8001a35bc0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 983F7C98

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 204800
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 206848  Numsec = 488187904

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 250059350016 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-488377168-488397168)...
Sectors 1 - 549 --> [Forged physical sectors]
Done!
Physical Sector Size: 0
Drive: 1, DevicePointer: 0xfffffa8005045060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8004e6f1e0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8005045060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8004dfb940, DeviceName: \Device\0000006d\, DriverName: \Driver\USBSTOR\
------------ End ----------
=======================================


rkill.text

 

Rkill 2.6.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 03/03/2014 08:55:32 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\Users\Admin\Documents\My Downloads\unblock-us.exe (PID: 2360) [UP-HEUR]
 * C:\Users\Admin\AppData\Roaming\ABBYY\WmiPrv\WmiPrvSE.exe (PID: 2388) [SFI]
 * C:\Users\Admin\AppData\Roaming\ABBYY\WmiPrv\WmiPrvSE.exe (PID: 2388) [UP-HEUR]

3 proccesses terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * No issues found.

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * HOSTS file entries found:

  127.0.0.1 secure.tune-up.com
  127.0.0.1 activate.adobe.com

Program finished at: 03/03/2014 09:21:23 PM
Execution time: 0 hours(s), 25 minute(s), and 50 seconds(s)

 Thanks in advance!!



BC AdBot (Login to Remove)

 


#2 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:41 PM

Posted 04 March 2014 - 02:51 AM

Hello,
 
please run the following scans:


Step 1

Please download TDSSKiller and save it to your Desktop.

  • Start tdsskiller.exe with administrator privileges.
  • Accept the EULA and the KSN Statement.
  • Click on Change parameters.
  • Make sure that all available options (except "Loaded modules") are checked and click OK.
  • Click on Start scan.
  • If any threats are found don't delete them but choose the Skip option for all of them.
  • Click on Report to open the log file. (It is also saved at C:\TDSSKiller.<version_date_time>_log.txt).
    Copy and paste its contents in your next reply.

 

 

 

Step 2

Please download Farbar Recovery Scan Tool and save it to your Desktop.

  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.


#3 gillybean

gillybean
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Canada
  • Local time:08:41 AM

Posted 04 March 2014 - 12:50 PM

tdsskiller

 

12:21:19.0864 0x1044  TDSS rootkit removing

tool 3.0.0.25 Feb 27 2014 15:23:02
12:21:35.0565 0x1044  

===========================================

=================
12:21:35.0565 0x1044  Current date / time:

2014/03/04 12:21:35.0565
12:21:35.0565 0x1044  SystemInfo:
12:21:35.0565 0x1044  
12:21:35.0565 0x1044  OS Version: 6.1.7601

ServicePack: 1.0
12:21:35.0565 0x1044  Product type:

Workstation
12:21:35.0566 0x1044  ComputerName: JILL
12:21:35.0566 0x1044  UserName: Admin
12:21:35.0566 0x1044  Windows directory:

C:\Windows
12:21:35.0566 0x1044  System windows

directory: C:\Windows
12:21:35.0566 0x1044  Running under WOW64
12:21:35.0566 0x1044  Processor

architecture: Intel x64
12:21:35.0566 0x1044  Number of processors:

1
12:21:35.0566 0x1044  Page size: 0x1000
12:21:35.0566 0x1044  Boot type: Normal

boot
12:21:35.0566 0x1044  

===========================================

=================
12:21:36.0338 0x1044  KLMD registered as

C:\Windows\system32\drivers\63749802.sys
12:21:38.0250 0x1044  System UUID:

{1A22E0AE-CE1B-D738-2E9F-B10CD60081B3}
12:21:43.0192 0x1044  Drive \Device

\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89

Gb), SectorSize: 0x200, Cylinders: 0x76C1,

SectorsPerTrack: 0x3F, TracksPerCylinder:

0xFF, Type 'K0', Flags 0x00000040
12:21:43.0207 0x1044  

===========================================

=================
12:21:43.0207 0x1044  \Device

\Harddisk0\DR0:
12:21:43.0207 0x1044  MBR partitions:
12:21:43.0207 0x1044  \Device

\Harddisk0\DR0\Partition1: MBR, Type 0x7,

StartLBA 0x800, BlocksNum 0x32000
12:21:43.0207 0x1044  \Device

\Harddisk0\DR0\Partition2: MBR, Type 0x7,

StartLBA 0x32800, BlocksNum 0x1D192800
12:21:43.0207 0x1044  

===========================================

=================
12:21:43.0326 0x1044  C: <-> \Device

\Harddisk0\DR0\Partition2
12:21:43.0326 0x1044  

===========================================

=================
12:21:43.0326 0x1044  Initialize success
12:21:43.0326 0x1044  

===========================================

=================
12:23:14.0009 0x0e10  

===========================================

=================
12:23:14.0174 0x0e10  Scan started
12:23:14.0174 0x0e10  Mode: Manual;

SigCheck; TDLFS;
12:23:14.0174 0x0e10  

===========================================

=================
12:23:14.0174 0x0e10  KSN ping started
12:23:26.0591 0x0e10  KSN ping finished:

true
12:23:35.0211 0x0e10  ================ Scan

system memory ========================
12:23:35.0211 0x0e10  System memory - ok
12:23:35.0215 0x0e10  ================ Scan

services =============================
12:23:36.0382 0x0e10  [

A87D604AEA360176311474C87A63BB88,

B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E

3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:

\Windows\system32\drivers\1394ohci.sys
12:23:39.0011 0x0e10  1394ohci - ok
12:23:40.0209 0x0e10  [

D81D9E70B8A6DD14D42D7B4EFA65D5F2,

FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A07

2C250E21C68E18B22E002 ] ACPI            C:

\Windows\system32\drivers\ACPI.sys
12:23:40.0239 0x0e10  ACPI - ok
12:23:40.0370 0x0e10  [

99F8E788246D495CE3794D7E7821D2CA,

F91615463270AD2601F882CAED43B88E7EDA115B9FD

03FC56320E48119F15F76 ] AcpiPmi         C:

\Windows\system32\drivers\acpipmi.sys
12:23:41.0321 0x0e10  AcpiPmi - ok
12:23:41.0524 0x0e10  [

5DDC0A8D2CD60BDA593DDAF45821CE08,

5A1599702C132C71F043576F50A4115647754FA5F7A

01D17B72E147958A06383 ] Adobe LM Service

C:\Program Files (x86)\Common Files\Adobe

Systems Shared\Service\Adobelmsvc.exe
12:23:41.0763 0x0e10  Adobe LM Service -

detected UnsignedFile.Multi.Generic ( 1 )
12:23:44.0454 0x0e10  Detect skipped due to

KSN trusted
12:23:44.0454 0x0e10  Adobe LM Service - ok
12:23:44.0729 0x0e10  [

ADDA5E1951B90D3D23C56D3CF0622ADC,

E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E1680

9BB55406875F0DA88551E ] AdobeARMservice C:

\Program Files (x86)\Common Files\Adobe

\ARM\1.0\armsvc.exe
12:23:44.0917 0x0e10  AdobeARMservice - ok
12:23:44.0989 0x0e10  [

2F6B34B83843F0C5118B63AC634F5BF4,

43E3F5FBFB5D33981AC503DEE476868EC029815D459

E7C36C4ABC2D2F75B5735 ] adp94xx         C:

\Windows\system32\DRIVERS\adp94xx.sys
12:23:45.0066 0x0e10  adp94xx - ok
12:23:45.0132 0x0e10  [

597F78224EE9224EA1A13D6350CED962,

DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240

617570B46FE4605E59BDC ] adpahci         C:

\Windows\system32\DRIVERS\adpahci.sys
12:23:45.0463 0x0e10  adpahci - ok
12:23:45.0516 0x0e10  [

E109549C90F62FB570B9540C4B148E54,

E804563735153EA00A00641814244BC8A347B578E7D

63A16F43FB17566EE5559 ] adpu320         C:

\Windows\system32\DRIVERS\adpu320.sys
12:23:45.0584 0x0e10  adpu320 - ok
12:23:45.0685 0x0e10  [

4B78B431F225FD8624C5655CB1DE7B61,

198A5AF2125C7C41F531A652D200C083A55A97DC541

E3C0B5B253C7329949156 ] AeLookupSvc     C:

\Windows\System32\aelupsvc.dll
12:23:46.0162 0x0e10  AeLookupSvc - ok
12:23:46.0334 0x0e10  [

A6FB9DB8F1A86861D955FD6975977AE0,

788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23

A1021A5093D2E8368F696 ] AESTFilters     C:

\Windows\System32\DriverStore

\FileRepository

\stwrt64.inf_amd64_neutral_7f58c91b65c73836

\AESTSr64.exe
12:23:46.0702 0x0e10  AESTFilters - ok
12:23:46.0817 0x0e10  [

79059559E89D06E8B80CE2944BE20228,

6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5

BDC9A4AA30598D1C8E6EE ] AFD             C:

\Windows\system32\drivers\afd.sys
12:23:47.0320 0x0e10  AFD - ok
12:23:47.0363 0x0e10  [

608C14DBA7299D8CB6ED035A68A15799,

45360F89640BF1127C82A32393BD76205E4FA067889

C40C491602F370C09282A ] agp440          C:

\Windows\system32\drivers\agp440.sys
12:23:47.0423 0x0e10  agp440 - ok
12:23:47.0474 0x0e10  [

3290D6946B5E30E70414990574883DDB,

0E9294E1991572256B3CDA6B031DB9F39CA60138551

5EE59F1F601725B889663 ] ALG             C:

\Windows\System32\alg.exe
12:23:47.0771 0x0e10  ALG - ok
12:23:47.0845 0x0e10  [

5812713A477A3AD7363C7438CA2EE038,

A7316299470D2E57A11499C752A711BF4A71EB11C9C

BA731ED0945FF6A966721 ] aliide          C:

\Windows\system32\drivers\aliide.sys
12:23:47.0907 0x0e10  aliide - ok
12:23:47.0959 0x0e10  [

1FF8B4431C353CE385C875F194924C0C,

3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5

B728D1EA1346EA0A02720 ] amdide          C:

\Windows\system32\drivers\amdide.sys
12:23:47.0977 0x0e10  amdide - ok
12:23:48.0042 0x0e10  [

7024F087CFF1833A806193EF9D22CDA9,

E7F27E488C38338388103D3B7EEDD61D05E14FB1409

92AEE6F492FFC821BF529 ] AmdK8           C:

\Windows\system32\DRIVERS\amdk8.sys
12:23:48.0395 0x0e10  AmdK8 - ok
12:23:48.0861 0x0e10  [

1E56388B3FE0D031C44144EB8C4D6217,

E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62

D03A8D622624531D27487 ] AmdPPM          C:

\Windows\system32\DRIVERS\amdppm.sys
12:23:49.0081 0x0e10  AmdPPM - ok
12:23:49.0183 0x0e10  [

D4121AE6D0C0E7E13AA221AA57EF2D49,

626F43C099BD197BE56648C367B711143C2BCCE9649

6BBDEF19F391D52FA01D0 ] amdsata         C:

\Windows\system32\drivers\amdsata.sys
12:23:49.0251 0x0e10  amdsata - ok
12:23:49.0296 0x0e10  [

F67F933E79241ED32FF46A4F29B5120B,

D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325

C823C7A2DD21FEF1DC1A8 ] amdsbs          C:

\Windows\system32\DRIVERS\amdsbs.sys
12:23:49.0333 0x0e10  amdsbs - ok
12:23:49.0500 0x0e10  [

540DAF1CEA6094886D72126FD7C33048,

296578572A93F5B74E1AD443E000B79DC99D1CBD250

82E02704800F886A3065F ] amdxata         C:

\Windows\system32\drivers\amdxata.sys
12:23:49.0563 0x0e10  amdxata - ok
12:23:49.0692 0x0e10  [

98449A2957778A6F025C418438A380F4,

19AE7F1BCF1051A6804A17A8957AC6B30BD9538AB42

7D069240217DF24A496FA ] ApfiltrService  C:

\Windows\system32\DRIVERS\Apfiltr.sys
12:23:50.0269 0x0e10  ApfiltrService - ok
12:23:50.0303 0x0e10  [

89A69C3F2F319B43379399547526D952,

8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7

BA5644ED2E50CF9BB491A ] AppID           C:

\Windows\system32\drivers\appid.sys
12:23:51.0067 0x0e10  AppID - ok
12:23:51.0105 0x0e10  [

0BC381A15355A3982216F7172F545DE1,

C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF

99229794FEF07C4BBE725 ] AppIDSvc        C:

\Windows\System32\appidsvc.dll
12:23:51.0304 0x0e10  AppIDSvc - ok
12:23:51.0389 0x0e10  [

9D2A2369AB4B08A4905FE72DB104498F,

D6FA1705018BABABFA2362E05691A0D6408D14DE7B7

6129B16D0A1DAD6378E58 ] Appinfo         C:

\Windows\System32\appinfo.dll
12:23:51.0689 0x0e10  Appinfo - ok
12:23:51.0839 0x0e10  [

F518545E5B7623AD49ABE7F8776EFA46,

CD39B6EC0D80C6DB857F34D4AC5C31085271B51B885

1A56FEFC052B20B7CC40C ] Apple Mobile Device

C:\Program Files (x86)\Common Files\Apple

\Mobile Device Support

\AppleMobileDeviceService.exe
12:23:51.0874 0x0e10  Apple Mobile Device -

ok
12:23:51.0913 0x0e10  [

C484F8CEB1717C540242531DB7845C4E,

C507CE26716EB923B864ED85E8FA0B24591E2784A2F

4F0E78AEED7E9953311F6 ] arc             C:

\Windows\system32\DRIVERS\arc.sys
12:23:51.0973 0x0e10  arc - ok
12:23:52.0011 0x0e10  [

019AF6924AEFE7839F61C830227FE79C,

5926B9DDFC9198043CDD6EA0B384C83B001EC225A81

25628C4A45A3E6C42C72A ] arcsas          C:

\Windows\system32\DRIVERS\arcsas.sys
12:23:52.0051 0x0e10  arcsas - ok
12:23:52.0217 0x0e10  [

9A262EDD17F8473B91B333D6B031A901,

05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17

DDD88B82E5D25469ADD23 ] aspnet_state    C:

\Windows\Microsoft.NET

\Framework64\v4.0.30319\aspnet_state.exe
12:23:52.0334 0x0e10  aspnet_state - ok
12:23:52.0367 0x0e10  [

769765CE2CC62867468CEA93969B2242,

0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DA

E8917D368E292043D4D26 ] AsyncMac        C:

\Windows\system32\DRIVERS\asyncmac.sys
12:23:52.0641 0x0e10  AsyncMac - ok
12:23:52.0692 0x0e10  [

02062C0B390B7729EDC9E69C680A6F3C,

0261683C6DC2706DCE491A1CDC954AC9C9E649376EC

30760BB4E225E18DC5273 ] atapi           C:

\Windows\system32\drivers\atapi.sys
12:23:52.0728 0x0e10  atapi - ok
12:23:52.0805 0x0e10  [

F23FEF6D569FCE88671949894A8BECF1,

FCE7B156ED663471CF9A736915F00302E93B50FC647

563D235313A37FCE8F0F6 ]

AudioEndpointBuilder C:\Windows

\System32\Audiosrv.dll
12:23:53.0027 0x0e10  AudioEndpointBuilder

- ok
12:23:53.0140 0x0e10  [

F23FEF6D569FCE88671949894A8BECF1,

FCE7B156ED663471CF9A736915F00302E93B50FC647

563D235313A37FCE8F0F6 ] AudioSrv        C:

\Windows\System32\Audiosrv.dll
12:23:53.0254 0x0e10  AudioSrv - ok
12:23:53.0305 0x0e10  [

A6BF31A71B409DFA8CAC83159E1E2AFF,

CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05

417FA49E575E95628753F ] AxInstSV        C:

\Windows\System32\AxInstSV.dll
12:23:53.0614 0x0e10  AxInstSV - ok
12:23:53.0681 0x0e10  [

3E5B191307609F7514148C6832BB0842,

DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44

E9A7864D59F3D51D8D580 ] b06bdrv         C:

\Windows\system32\DRIVERS\bxvbda.sys
12:23:53.0862 0x0e10  b06bdrv - ok
12:23:53.0911 0x0e10  [

B5ACE6968304A3900EEB1EBFD9622DF2,

1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699F

EABE89D331AE0CB7679FA ] b57nd60a        C:

\Windows\system32\DRIVERS\b57nd60a.sys
12:23:54.0109 0x0e10  b57nd60a - ok
12:23:54.0154 0x0e10  [

FDE360167101B4E45A96F939F388AEB0,

8D1457E866BBD645C4B9710DFBFF93405CC1193BF9A

E42326F2382500B713B82 ] BDESVC          C:

\Windows\System32\bdesvc.dll
12:23:54.0384 0x0e10  BDESVC - ok
12:23:54.0444 0x0e10  [

16A47CE2DECC9B099349A5F840654746,

77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E

9EF9C8F4130336B838024 ] Beep            C:

\Windows\system32\drivers\Beep.sys
12:23:54.0670 0x0e10  Beep - ok
12:23:54.0741 0x0e10  [

82974D6A2FD19445CC5171FC378668A4,

075D25F47C0D2277E40AF8615571DAA5EB16B182456

3632A9A7EC62505C29A4A ] BFE             C:

\Windows\System32\bfe.dll
12:23:55.0055 0x0e10  BFE - ok
12:23:55.0321 0x0e10  [

1EA7969E3271CBC59E1730697DC74682,

D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936

B2EA8CDDAD9F79D60FA04 ] BITS            C:

\Windows\System32\qmgr.dll
12:23:55.0523 0x0e10  BITS - ok
12:23:55.0566 0x0e10  [

61583EE3C3A17003C4ACD0475646B4D3,

17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFB

A65B8F198A00BB47A9811 ] blbdrive        C:

\Windows\system32\DRIVERS\blbdrive.sys
12:23:55.0722 0x0e10  blbdrive - ok
12:23:55.0932 0x0e10  [

EBBCD5DFBB1DE70E8F4AF8FA59E401FD,

17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD861

16A47E90B2BB7D8954122 ] Bonjour Service C:

\Program Files\Bonjour\mDNSResponder.exe
12:23:56.0021 0x0e10  Bonjour Service - ok
12:23:56.0152 0x0e10  [

6C02A83164F5CC0A262F4199F0871CF5,

AD4632A6A203CB40970D848315D8ADB9C898349E20D

8DF4107C2AE2703A2CF28 ] bowser          C:

\Windows\system32\DRIVERS\bowser.sys
12:23:56.0412 0x0e10  bowser - ok
12:23:56.0479 0x0e10  [

F09EEE9EDC320B5E1501F749FDE686C8,

66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF

1B59D17383487180E84E3 ] BrFiltLo        C:

\Windows\system32\DRIVERS\BrFiltLo.sys
12:23:56.0874 0x0e10  BrFiltLo - ok
12:23:56.0904 0x0e10  [

B114D3098E9BDB8BEA8B053685831BE6,

0ED23C1897F35FA00B9C2848DE4ED200E18688AA782

5674888054BBC3A3EB92C ] BrFiltUp        C:

\Windows\system32\DRIVERS\BrFiltUp.sys
12:23:57.0059 0x0e10  BrFiltUp - ok
12:23:57.0106 0x0e10  [

05F5A0D14A2EE1D8255C2AA0E9E8E694,

40011138869F5496A3E78D38C9900B466B6F3877526

AC22952DCD528173F4645 ] Browser         C:

\Windows\System32\browser.dll
12:23:57.0431 0x0e10  Browser - ok
12:23:57.0718 0x0e10  [

43BEA8D483BF1870F018E2D02E06A5BD,

4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1

C840EF61BABD58AB10272 ] Brserid         C:

\Windows\System32\Drivers\Brserid.sys
12:23:58.0037 0x0e10  Brserid - ok
12:23:58.0170 0x0e10  [

A6ECA2151B08A09CACECA35C07F05B42,

E2875BB7768ABAF38C3377007AA0A3C281503474D18

31E396FB6599721586B0C ] BrSerWdm        C:

\Windows\System32\Drivers\BrSerWdm.sys
12:23:58.0385 0x0e10  BrSerWdm - ok
12:23:58.0406 0x0e10  [

B79968002C277E869CF38BD22CD61524,

50631836502237AF4893ECDCEA43B9031C3DE97433F

594D46AF7C3C77F331983 ] BrUsbMdm        C:

\Windows\System32\Drivers\BrUsbMdm.sys
12:23:58.0565 0x0e10  BrUsbMdm - ok
12:23:58.0608 0x0e10  [

A87528880231C54E75EA7A44943B38BF,

4C8BBB29FDA76A96840AA47A8613C15D4466F9273A1

3941C19507008629709C9 ] BrUsbSer        C:

\Windows\System32\Drivers\BrUsbSer.sys
12:23:58.0725 0x0e10  BrUsbSer - ok
12:23:58.0756 0x0e10  [

9DA669F11D1F894AB4EB69BF546A42E8,

B498B8B6CEF957B73179D1ADAF084BBB57BB3735D81

0F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:

\Windows\system32\DRIVERS\bthmodem.sys
12:23:58.0926 0x0e10  BTHMODEM - ok
12:23:58.0966 0x0e10  [

95F9C2976059462CBBF227F7AAB10DE9,

2797AE919FF7606B070FB039CECDB0707CD2131DCAC

09C5DF14F443D881C9F34 ] bthserv         C:

\Windows\system32\bthserv.dll
12:23:59.0241 0x0e10  bthserv - ok
12:23:59.0276 0x0e10  [

B8BD2BB284668C84865658C77574381A,

6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20

AB55160D7C7DC6E717D65 ] cdfs            C:

\Windows\system32\DRIVERS\cdfs.sys
12:23:59.0538 0x0e10  cdfs - ok
12:23:59.0589 0x0e10  [

F036CE71586E93D94DAB220D7BDF4416,

BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682

AC70B9B9A2199B6713D5B ] cdrom           C:

\Windows\system32\drivers\cdrom.sys
12:23:59.0683 0x0e10  cdrom - ok
12:23:59.0726 0x0e10  [

F17D1D393BBC69C5322FBFAFACA28C7F,

62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F

1786F7EAEAA63F274B3E8 ] CertPropSvc     C:

\Windows\System32\certprop.dll
12:23:59.0880 0x0e10  CertPropSvc - ok
12:23:59.0931 0x0e10  [

D7CD5C4E1B71FA62050515314CFB52CF,

513B5A849899F379F0BC6AB3A8A05C3493C2393C95F

036612B96EC6E252E1C64 ] circlass        C:

\Windows\system32\DRIVERS\circlass.sys
12:24:00.0299 0x0e10  circlass - ok
12:24:00.0355 0x0e10  [

FE1EC06F2253F691FE36217C592A0206,

B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95

769D6C5C1924C87FE70CE ] CLFS            C:

\Windows\system32\CLFS.sys
12:24:00.0420 0x0e10  CLFS - ok
12:24:00.0499 0x0e10  [

D88040F816FDA31C3B466F0FA0918F29,

39D3630E623DA25B8444B6D3AAAB16B98E7E289C561

9E19A85D47B74C71449F3 ]

clr_optimization_v2.0.50727_32 C:\Windows

\Microsoft.NET\Framework

\v2.0.50727\mscorsvw.exe
12:24:00.0531 0x0e10  

clr_optimization_v2.0.50727_32 - ok
12:24:00.0617 0x0e10  [

D1CEEA2B47CB998321C579651CE3E4F8,

654013B8FD229A50017B08DEC6CA19C7DDA8CE07712

60E057A92625201D539B1 ]

clr_optimization_v2.0.50727_64 C:\Windows

\Microsoft.NET

\Framework64\v2.0.50727\mscorsvw.exe
12:24:00.0679 0x0e10  

clr_optimization_v2.0.50727_64 - ok
12:24:00.0810 0x0e10  [

E87213F37A13E2B54391E40934F071D0,

7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1

FE69C01D70DBED02C87E5 ]

clr_optimization_v4.0.30319_32 C:\Windows

\Microsoft.NET\Framework

\v4.0.30319\mscorsvw.exe
12:24:01.0182 0x0e10  

clr_optimization_v4.0.30319_32 - ok
12:24:01.0224 0x0e10  [

4AEDAB50F83580D0B4D6CF78191F92AA,

D113C47013B018B45161911B96E93AF96A2F3B34FA4

7061BF6E7A71FBA03194A ]

clr_optimization_v4.0.30319_64 C:\Windows

\Microsoft.NET

\Framework64\v4.0.30319\mscorsvw.exe
12:24:01.0387 0x0e10  

clr_optimization_v4.0.30319_64 - ok
12:24:01.0459 0x0e10  [

0840155D0BDDF1190F84A663C284BD33,

696039FA63CFEB33487FAA8FD7BBDB220141E9C6E52

9355D768DFC87999A9C3A ] CmBatt          C:

\Windows\system32\DRIVERS\CmBatt.sys
12:24:01.0614 0x0e10  CmBatt - ok
12:24:01.0665 0x0e10  [

E19D3F095812725D88F9001985B94EDD,

46243C5CCC4981CAC6FA6452FFCEC33329BF172448F

1852D52592C9342E0E18B ] cmdide          C:

\Windows\system32\drivers\cmdide.sys
12:24:01.0776 0x0e10  cmdide - ok
12:24:01.0889 0x0e10  [

EBF28856F69CF094A902F884CF989706,

AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B6320

8C5FFB03C9D7F5B59765F ] CNG             C:

\Windows\system32\Drivers\cng.sys
12:24:02.0142 0x0e10  CNG - ok
12:24:02.0193 0x0e10  [

102DE219C3F61415F964C88E9085AD14,

CD74CB703381F1382C32CF892FF2F908F4C9412E1BC

77234F8FEA5D4666E1BF1 ] Compbatt        C:

\Windows\system32\DRIVERS\compbatt.sys
12:24:02.0300 0x0e10  Compbatt - ok
12:24:02.0347 0x0e10  [

03EDB043586CCEBA243D689BDDA370A8,

0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A

7E512505FC2B6CC224959 ] CompositeBus    C:

\Windows\system32\drivers\CompositeBus.sys
12:24:02.0600 0x0e10  CompositeBus - ok
12:24:02.0612 0x0e10  COMSysApp - ok
12:24:02.0779 0x0e10  [

3CA734CE373E5675FBC15CA2C45228E5,

A6C6E9FABDE5EA18D266DB71C0CC6B51D682116D189

8CCB4E9BA730F15C44B32 ] cpudrv64        C:

\Program Files (x86)\SystemRequirementsLab

\cpudrv64.sys
12:24:02.0903 0x0e10  cpudrv64 - ok
12:24:02.0949 0x0e10  [

1C827878A998C18847245FE1F34EE597,

41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3

936B69EC38E2DC3972E60 ] crcdisk         C:

\Windows\system32\DRIVERS\crcdisk.sys
12:24:03.0024 0x0e10  crcdisk - ok
12:24:03.0086 0x0e10  [

6B400F211BEE880A37A1ED0368776BF4,

2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB0

94B13397DDD30114295BD ] CryptSvc        C:

\Windows\system32\cryptsvc.dll
12:24:03.0388 0x0e10  CryptSvc - ok
12:24:03.0401 0x0e10  Csdsbsssyin - ok
12:24:03.0488 0x0e10  [

5C627D1B1138676C0A7AB2C2C190D123,

C5003F2C912C5CA990E634818D3B4FD72F871900AF2

948BD6C4D6400B354B401 ] DcomLaunch      C:

\Windows\system32\rpcss.dll
12:24:03.0722 0x0e10  DcomLaunch - ok
12:24:03.0772 0x0e10  [

3CEC7631A84943677AA8FA8EE5B6B43D,

32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DC

F794EC39D086D32503AC5 ] defragsvc       C:

\Windows\System32\defragsvc.dll
12:24:03.0886 0x0e10  defragsvc - ok
12:24:03.0949 0x0e10  [

9BB2EF44EAA163B29C4A4587887A0FE4,

03667BC3EA5003F4236929C10F23D8F108AFCB29DB5

559E751FB26DFB318636F ] DfsC            C:

\Windows\system32\Drivers\dfsc.sys
12:24:04.0158 0x0e10  DfsC - ok
12:24:04.0212 0x0e10  [

43D808F5D9E1A18E5EEB5EBC83969E4E,

C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A

8FBB92D52D173430972B8 ] Dhcp            C:

\Windows\system32\dhcpcore.dll
12:24:04.0697 0x0e10  Dhcp - ok
12:24:04.0756 0x0e10  [

13096B05847EC78F0977F2C0F79E9AB3,

1E44981B684F3E56F5D2439BB7FA78BD1BC876BB226

5AE089AEC68F241B05B26 ] discache        C:

\Windows\system32\drivers\discache.sys
12:24:04.0989 0x0e10  discache - ok
12:24:05.0074 0x0e10  [

9819EEE8B5EA3784EC4AF3B137A5244C,

571BC886E87C888DA96282E381A746D273B58B9074E

84D4CA91275E26056D427 ] Disk            C:

\Windows\system32\DRIVERS\disk.sys
12:24:05.0184 0x0e10  Disk - ok
12:24:05.0252 0x0e10  [

16835866AAA693C7D7FCEBA8FFF706E4,

15891558F7C1F2BB57A98769601D447ED0D952354A8

BB347312D034DC03E0242 ] Dnscache        C:

\Windows\System32\dnsrslvr.dll
12:24:05.0638 0x0e10  Dnscache - ok
12:24:05.0682 0x0e10  [

B1FB3DDCA0FDF408750D5843591AFBC6,

AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B127

16397657C7ADEEE807304 ] dot3svc         C:

\Windows\System32\dot3svc.dll
12:24:05.0839 0x0e10  dot3svc - ok
12:24:05.0881 0x0e10  [

B26F4F737E8F9DF4F31AF6CF31D05820,

394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6

C741C69407B26402311C7 ] DPS             C:

\Windows\system32\dps.dll
12:24:06.0047 0x0e10  DPS - ok
12:24:06.0109 0x0e10  [

9B19F34400D24DF84C858A421C205754,

967AF267B4124BADA8F507CEBF25F2192D146A4D63B

E71B45BFC03C5DA7F21A7 ] drmkaud         C:

\Windows\system32\drivers\drmkaud.sys
12:24:06.0407 0x0e10  drmkaud - ok
12:24:06.0521 0x0e10  [

88612F1CE3BF42256913BF6E61C70D52,

7CF190F83FA8F15C33008EB381D3E345CEF37CBC046

227DED26B36799EF4D9A7 ] DXGKrnl         C:

\Windows\System32\drivers\dxgkrnl.sys
12:24:06.0620 0x0e10  DXGKrnl - ok
12:24:06.0664 0x0e10  [

E2DDA8726DA9CB5B2C4000C9018A9633,

0C967DBC3636A76A696997192A158AA92A1AF19F01E

3C66D5BF91818A8FAEA76 ] EapHost         C:

\Windows\System32\eapsvc.dll
12:24:06.0796 0x0e10  EapHost - ok
12:24:06.0963 0x0e10  [

DC5D737F51BE844D8C82C695EB17372F,

6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C

0180D24FF9E38E8853017 ] ebdrv           C:

\Windows\system32\DRIVERS\evbda.sys
12:24:07.0298 0x0e10  ebdrv - ok
12:24:07.0345 0x0e10  [

4D71227301DD8D09097B9E4CC6527E5A,

193D47ADCB722B581CC0F29B794AB3E455B6E9BEA36

7CE9A5216A09E055B7F1E ] EFS             C:

\Windows\System32\lsass.exe
12:24:07.0585 0x0e10  EFS - ok
12:24:07.0918 0x0e10  [

C4002B6B41975F057D98C439030CEA07,

3D2484FBB832EFB90504DD406ED1CF3065139B1FE16

46471811F3A5679EF75F1 ] ehRecvr         C:

\Windows\ehome\ehRecvr.exe
12:24:08.0302 0x0e10  ehRecvr - ok
12:24:08.0419 0x0e10  [

4705E8EF9934482C5BB488CE28AFC681,

359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010

FF0CB45C11E3CFE30637D ] ehSched         C:

\Windows\ehome\ehsched.exe
12:24:08.0688 0x0e10  ehSched - ok
12:24:08.0969 0x0e10  [

0E5DA5369A0FCAEA12456DD852545184,

9A64AC5396F978C3B92794EDCE84DCA938E46628682

50F8C18FA7C2C172233F8 ] elxstor         C:

\Windows\system32\DRIVERS\elxstor.sys
12:24:09.0009 0x0e10  elxstor - ok
12:24:09.0050 0x0e10  [

34A3C54752046E79A126E15C51DB409B,

7D5B5E150C7C73666F99CBAFF759029716C86F16B92

7E0078D77F8A696616D75 ] ErrDev          C:

\Windows\system32\drivers\errdev.sys
12:24:09.0170 0x0e10  ErrDev - ok
12:24:09.0348 0x0e10  [

4166F82BE4D24938977DD1746BE9B8A0,

24121751B7306225AD1C808442D7B030DEF377E9316

AA0A3C5C7460E87317881 ] EventSystem     C:

\Windows\system32\es.dll
12:24:09.0758 0x0e10  EventSystem - ok
12:24:09.0869 0x0e10  [

A510C654EC00C1E9BDD91EEB3A59823B,

76CD277730F7B08D375770CD373D786160F34D1481A

F0536BA1A5D2727E255F5 ] exfat           C:

\Windows\system32\drivers\exfat.sys
12:24:09.0975 0x0e10  exfat - ok
12:24:10.0042 0x0e10  [

0ADC83218B66A6DB380C330836F3E36D,

798D6F83B5DBCC1656595E0A96CF12087FCCBE19D19

82890D0CE5F629B328B29 ] fastfat         C:

\Windows\system32\drivers\fastfat.sys
12:24:10.0209 0x0e10  fastfat - ok
12:24:10.0392 0x0e10  [

DBEFD454F8318A0EF691FDD2EAAB44EB,

7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF

4B577D3DE474C24366099 ] Fax             C:

\Windows\system32\fxssvc.exe
12:24:10.0918 0x0e10  Fax - ok
12:24:11.0052 0x0e10  [

D765D19CD8EF61F650C384F62FAC00AB,

9F0A483A043D3BA873232AD3BA5F7BF9173832550A2

7AF3E8BD433905BD2A0EE ] fdc             C:

\Windows\system32\DRIVERS\fdc.sys
12:24:11.0313 0x0e10  fdc - ok
12:24:11.0446 0x0e10  [

0438CAB2E03F4FB61455A7956026FE86,

6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA68

3F62162AE317C6F1D8DFE ] fdPHost         C:

\Windows\system32\fdPHost.dll
12:24:11.0695 0x0e10  fdPHost - ok
12:24:11.0745 0x0e10  [

802496CB59A30349F9A6DD22D6947644,

52D59D3D628D5661F83F090F33F744F6916E0CC1F76

E5A33983E06EB66AE19F8 ] FDResPub        C:

\Windows\system32\fdrespub.dll
12:24:11.0830 0x0e10  FDResPub - ok
12:24:11.0990 0x0e10  [

655661BE46B5F5F3FD454E2C3095B930,

549C8E2A2A37757E560D55FFA6BFDD838205F17E405

61E67F0124C934272CD1A ] FileInfo        C:

\Windows\system32\drivers\fileinfo.sys
12:24:12.0136 0x0e10  FileInfo - ok
12:24:12.0179 0x0e10  [

5F671AB5BC87EEA04EC38A6CD5962A47,

6B61D3363FF3F9C439BD51102C284972EAE96ACC068

3B9DC7E12D25D0ADC51B6 ] Filetrace       C:

\Windows\system32\drivers\filetrace.sys
12:24:12.0370 0x0e10  Filetrace - ok
12:24:12.0417 0x0e10  [

C172A0F53008EAEB8EA33FE10E177AF5,

9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021

E6C18E2F81009B169D77B ] flpydisk        C:

\Windows\system32\DRIVERS\flpydisk.sys
12:24:12.0483 0x0e10  flpydisk - ok
12:24:12.0533 0x0e10  [

DA6B67270FD9DB3697B20FCE94950741,

F621A4462C9F2904063578C427FAF22D7D66AE99676

05C11C798099817CE5331 ] FltMgr          C:

\Windows\system32\drivers\fltmgr.sys
12:24:12.0602 0x0e10  FltMgr - ok
12:24:12.0893 0x0e10  [

C4C183E6551084039EC862DA1C945E3D,

0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A

2E07ED932EE404585CEE6 ] FontCache       C:

\Windows\system32\FntCache.dll
12:24:13.0367 0x0e10  FontCache - ok
12:24:13.0548 0x0e10  [

A8B7F3818AB65695E3A0BB3279F6DCE6,

89FCF10F599767E67A1E011753E34DA44EAA311F105

DBF69549009ED932A60F0 ] FontCache3.0.0.0

C:\Windows\Microsoft.Net

\Framework64\v3.0\WPF

\PresentationFontCache.exe
12:24:13.0616 0x0e10  FontCache3.0.0.0 - ok
12:24:13.0659 0x0e10  [

D43703496149971890703B4B1B723EAC,

F06397B2EDCA61629249D2EF1CBB7827A8BEAB84882

46BD85EF6AE1363C0DA6E ] FsDepends       C:

\Windows\system32\drivers\FsDepends.sys
12:24:13.0681 0x0e10  FsDepends - ok
12:24:13.0847 0x0e10  [

6BD9295CC032DD3077C671FCCF579A7B,

83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF

7F0FA35880FF34D1DFE33 ] Fs_Rec          C:

\Windows\system32\drivers\Fs_Rec.sys
12:24:13.0872 0x0e10  Fs_Rec - ok
12:24:13.0955 0x0e10  [

8F6322049018354F45F05A2FD2D4E5E0,

73BF0FB4EBD7887E992DDEBB79E906958D6678F8D11

07E8C368F5A0514D80359 ] fvevol          C:

\Windows\system32\DRIVERS\fvevol.sys
12:24:13.0993 0x0e10  fvevol - ok
12:24:14.0031 0x0e10  [

8C778D335C9D272CFD3298AB02ABE3B6,

85F0B13926B0F693FA9E70AA58DE47100E4B6F89377

2EBE4300C37D9A36E6005 ] gagp30kx        C:

\Windows\system32\DRIVERS\gagp30kx.sys
12:24:14.0058 0x0e10  gagp30kx - ok
12:24:14.0231 0x0e10  [

8E98D21EE06192492A5671A6144D092F,

B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8

CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:

\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:24:14.0254 0x0e10  GEARAspiWDM - ok
12:24:14.0357 0x0e10  [

277BBC7E1AA1EE957F573A10ECA7EF3A,

2EE60B924E583E847CC24E78B401EF95C69DB777A5B

74E1EC963E18D47B94D24 ] gpsvc           C:

\Windows\System32\gpsvc.dll
12:24:14.0479 0x0e10  gpsvc - ok
12:24:14.0670 0x0e10  [

C1B577B2169900F4CF7190C39F085794,

73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C2

51B57C168F90D60316447 ] gusvc           C:

\Program Files (x86)\Google\Common\Google

Updater\GoogleUpdaterService.exe
12:24:14.0709 0x0e10  gusvc - ok
12:24:14.0809 0x0e10  [

F2523EF6460FC42405B12248338AB2F0,

B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC0

7627C5F88B65024928E19 ] hcw85cir        C:

\Windows\system32\drivers\hcw85cir.sys
12:24:15.0162 0x0e10  hcw85cir - ok
12:24:15.0311 0x0e10  [

975761C778E33CD22498059B91E7373A,

8304E15FBE6876BE57263A03621365DA8C88005EAC5

32A770303C06799D915D9 ] HdAudAddService C:

\Windows\system32\drivers\HdAudio.sys
12:24:15.0425 0x0e10  HdAudAddService - ok
12:24:15.0475 0x0e10  [

97BFED39B6B79EB12CDDBFEED51F56BB,

3CF981D668FB2381E52AF2E51E296C6CFB47B0D6224

9645278479D0111A47955 ] HDAudBus        C:

\Windows\system32\drivers\HDAudBus.sys
12:24:15.0538 0x0e10  HDAudBus - ok
12:24:15.0632 0x0e10  [

78E86380454A7B10A5EB255DC44A355F,

11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A42

5E8BADF7132EFEDB9BD64 ] HidBatt         C:

\Windows\system32\DRIVERS\HidBatt.sys
12:24:15.0748 0x0e10  HidBatt - ok
12:24:15.0889 0x0e10  [

7FD2A313F7AFE5C4DAB14798C48DD104,

94CBFD4506CBDE4162CEB3367BAB042D19ACA678595

4DC0B554D4164B9FCD0D4 ] HidBth          C:

\Windows\system32\DRIVERS\hidbth.sys
12:24:16.0034 0x0e10  HidBth - ok
12:24:16.0070 0x0e10  [

0A77D29F311B88CFAE3B13F9C1A73825,

8615DC6CEFB591505CE16E054A71A4F371B827DDFD5

E980777AB4233DCFDA01D ] HidIr           C:

\Windows\system32\DRIVERS\hidir.sys
12:24:16.0192 0x0e10  HidIr - ok
12:24:16.0442 0x0e10  [

BD9EB3958F213F96B97B1D897DEE006D,

4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB

51F1A7891B1B545499631 ] hidserv         C:

\Windows\system32\hidserv.dll
12:24:16.0741 0x0e10  hidserv - ok
12:24:16.0807 0x0e10  [

9592090A7E2B61CD582B612B6DF70536,

FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D7

4C82AE0F0B6C67B568A0F ] HidUsb          C:

\Windows\system32\drivers\hidusb.sys
12:24:17.0071 0x0e10  HidUsb - ok
12:24:17.0157 0x0e10  [

387E72E739E15E3D37907A86D9FF98E2,

9935BE2E58788E79328293AF2F202CB0F6042441B17

6F75ACC5AEA93C8E05531 ] hkmsvc          C:

\Windows\system32\kmsvc.dll
12:24:17.0789 0x0e10  hkmsvc - ok
12:24:17.0838 0x0e10  [

EFDFB3DD38A4376F93E7985173813ABD,

70402FA73A5A2A8BB557AAC8F531E373077D28DE5F4

0A1F3F14B940BE01CD2E1 ] HomeGroupListener

C:\Windows\system32\ListSvc.dll
12:24:18.0066 0x0e10  HomeGroupListener -

ok
12:24:18.0110 0x0e10  [

908ACB1F594274965A53926B10C81E89,

7D34A742AC486294D82676F8465A3EF26C8AC3317C3

2B63F62031CB007CFC208 ] HomeGroupProvider

C:\Windows\system32\provsvc.dll
12:24:18.0215 0x0e10  HomeGroupProvider -

ok
12:24:18.0280 0x0e10  [

39D2ABCD392F3D8A6DCE7B60AE7B8EFC,

E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9

772EE8AA3354664B1E205 ] HpSAMD          C:

\Windows\system32\drivers\HpSAMD.sys
12:24:18.0299 0x0e10  HpSAMD - ok
12:24:18.0431 0x0e10  [

0EA7DE1ACB728DD5A369FD742D6EEE28,

21C489412EB33A12B22290EB701C19BA57006E8702E

76F730954F0784DDE9779 ] HTTP            C:

\Windows\system32\drivers\HTTP.sys
12:24:18.0562 0x0e10  HTTP - ok
12:24:18.0669 0x0e10  [

A5462BD6884960C9DC85ED49D34FF392,

53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4

BFC89B3B5CAFB592A3D53 ] hwpolicy        C:

\Windows\system32\drivers\hwpolicy.sys
12:24:18.0684 0x0e10  hwpolicy - ok
12:24:18.0724 0x0e10  [

FA55C73D4AFFA7EE23AC4BE53B4592D3,

65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B

4A2E54978154B314531CD ] i8042prt        C:

\Windows\system32\DRIVERS\i8042prt.sys
12:24:18.0815 0x0e10  i8042prt - ok
12:24:18.0944 0x0e10  [

4F6FB2CDBDEEFC47E7D2066E78254580,

F2B722FBF9C8216CCA42A6910D72FE5532B2B99BAA1

815C24D852873F778072A ] iaStor          C:

\Windows\system32\DRIVERS\iaStor.sys
12:24:19.0073 0x0e10  iaStor - ok
12:24:19.0159 0x0e10  [

AAAF44DB3BD0B9D1FB6969B23ECC8366,

805AA4A9464002D1AB3832E4106B2AAA1331F428136

7E75956062AAE99699385 ] iaStorV         C:

\Windows\system32\drivers\iaStorV.sys
12:24:19.0188 0x0e10  iaStorV - ok
12:24:19.0433 0x0e10  [

5988FC40F8DB5B0739CD1E3A5D0D78BD,

2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F

6CB4209AFC22A34D2BE99 ] idsvc           C:

\Windows\Microsoft.NET

\Framework64\v3.0\Windows Communication

Foundation\infocard.exe
12:24:19.0632 0x0e10  idsvc - ok
12:24:19.0805 0x0e10  IEEtwCollectorService

- ok
12:24:21.0579 0x0e10  [

C6238C6ABD6AC99F5D152DA4E9439A3D,

6FC490B94CEF523C7C099AEA3D36AB75C9896B1D83D

4467D237E698A8E0D9E7B ] igfx            C:

\Windows\system32\DRIVERS\igdkmd64.sys
12:24:22.0502 0x0e10  igfx - ok
12:24:22.0579 0x0e10  [

5C18831C61933628F5BB0EA2675B9D21,

5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C

3C83BB3D9886C2FBDA4E4 ] iirsp           C:

\Windows\system32\DRIVERS\iirsp.sys
12:24:22.0596 0x0e10  iirsp - ok
12:24:22.0844 0x0e10  [

344789398EC3EE5A4E00C52B31847946,

3DA5F08E4B46F4E63456AA588D49E39A6A09A97D050

9880C00F327623DB6122D ] IKEEXT          C:

\Windows\System32\ikeext.dll
12:24:23.0066 0x0e10  IKEEXT - ok
12:24:23.0128 0x0e10  [

F00F20E70C6EC3AA366910083A0518AA,

E2F3E9FFD82C802C8BAC309893A3664ACF16A279959

C0FDECCA64C3D3C60FD22 ] intelide        C:

\Windows\system32\drivers\intelide.sys
12:24:23.0143 0x0e10  intelide - ok
12:24:23.0274 0x0e10  [

ADA036632C664CAA754079041CF1F8C1,

F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13F

AE8BA5B579ACF99FCC610 ] intelppm        C:

\Windows\system32\DRIVERS\intelppm.sys
12:24:23.0357 0x0e10  intelppm - ok
12:24:23.0864 0x0e10  [

098A91C54546A3B878DAD6A7E90A455B,

044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA35

8CF4B2E3A1CFD872823AA ] IPBusEnum       C:

\Windows\system32\ipbusenum.dll
12:24:24.0013 0x0e10  IPBusEnum - ok
12:24:24.0086 0x0e10  [

C9F0E1BD74365A8771590E9008D22AB6,

728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B099

36DD2A89C01E074BA8E51 ] IpFilterDriver  C:

\Windows\system32\DRIVERS\ipfltdrv.sys
12:24:24.0236 0x0e10  IpFilterDriver - ok
12:24:24.0404 0x0e10  [

08C2957BB30058E663720C5606885653,

E13EDF6701512E2A9977A531454932CA5023087CB50

E1D2F416B8BCDD92B67BE ] iphlpsvc        C:

\Windows\System32\iphlpsvc.dll
12:24:25.0203 0x0e10  iphlpsvc - ok
12:24:25.0286 0x0e10  [

0FC1AEA580957AA8817B8F305D18CA3A,

7161E4DE91AAFC3FA8BF24FAE4636390C2627DB9315

05247C0D52C75A31473D9 ] IPMIDRV         C:

\Windows\system32\drivers\IPMIDrv.sys
12:24:25.0361 0x0e10  IPMIDRV - ok
12:24:25.0472 0x0e10  [

AF9B39A7E7B6CAA203B3862582E9F2D0,

67128BE7EADBE6BD0205B050F96E268948E8660C4BA

B259FB0BE03935153D04E ] IPNAT           C:

\Windows\system32\drivers\ipnat.sys
12:24:25.0556 0x0e10  IPNAT - ok
12:24:25.0983 0x0e10  [

F7ED08D4BC89D7AC6135C1556A89157F,

8F15F1E528F6513FCEF5D966880CBA8A2C7A4816393

393F4B201CDD6227F36A3 ] iPod Service    C:

\Program Files\iPod\bin\iPodService.exe
12:24:26.0145 0x0e10  iPod Service - ok
12:24:26.0392 0x0e10  [

3ABF5E7213EB28966D55D58B515D5CE9,

A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394

F88C03089EB157D6188AE ] IRENUM          C:

\Windows\system32\drivers\irenum.sys
12:24:26.0552 0x0e10  IRENUM - ok
12:24:26.0578 0x0e10  [

2F7B28DC3E1183E5EB418DF55C204F38,

D40410A760965925D6F10959B2043F7BD4F68EAFCF5

E743AF11AD860BD136548 ] isapnp          C:

\Windows\system32\drivers\isapnp.sys
12:24:26.0596 0x0e10  isapnp - ok
12:24:26.0695 0x0e10  [

D931D7309DEB2317035B07C9F9E6B0BD,

13AD84172ED8C6153F8A98499C01733B74E48464CE0

7D099508E38D409913ED3 ] iScsiPrt        C:

\Windows\system32\drivers\msiscsi.sys
12:24:26.0718 0x0e10  iScsiPrt - ok
12:24:26.0766 0x0e10  [

BC02336F1CBA7DCC7D1213BB588A68A5,

450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF

9D36C29A8F848048AAD93 ] kbdclass        C:

\Windows\system32\DRIVERS\kbdclass.sys
12:24:26.0783 0x0e10  kbdclass - ok
12:24:26.0947 0x0e10  [

0705EFF5B42A9DB58548EEC3B26BB484,

86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE5

71262F9D8E96A32225E99 ] kbdhid          C:

\Windows\system32\DRIVERS\kbdhid.sys
12:24:26.0996 0x0e10  kbdhid - ok
12:24:27.0168 0x0e10  [

4D71227301DD8D09097B9E4CC6527E5A,

193D47ADCB722B581CC0F29B794AB3E455B6E9BEA36

7CE9A5216A09E055B7F1E ] KeyIso          C:

\Windows\system32\lsass.exe
12:24:27.0190 0x0e10  KeyIso - ok
12:24:27.0243 0x0e10  [

8F489706472F7E9A06BAAA198703FA64,

F020406690FB38EABD82D63B91D33039CC93ED52A54

97AE12BAF475F22D0B08A ] KSecDD          C:

\Windows\system32\Drivers\ksecdd.sys
12:24:27.0263 0x0e10  KSecDD - ok
12:24:27.0377 0x0e10  [

868A2CAAB12EFC7A021682BCA0EEC54C,

12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF

445F8B04ED9899720C2DD ] KSecPkg         C:

\Windows\system32\Drivers\ksecpkg.sys
12:24:27.0426 0x0e10  KSecPkg - ok
12:24:27.0498 0x0e10  [

6869281E78CB31A43E969F06B57347C4,

866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C

9F68C8C3F988DF417044B ] ksthunk         C:

\Windows\system32\drivers\ksthunk.sys
12:24:27.0649 0x0e10  ksthunk - ok
12:24:27.0761 0x0e10  [

6AB66E16AA859232F64DEB66887A8C9C,

5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F0

9645737B9F28BEEA77FFF ] KtmRm           C:

\Windows\system32\msdtckrm.dll
12:24:27.0900 0x0e10  KtmRm - ok
12:24:28.0040 0x0e10  [

D9F42719019740BAA6D1C6D536CBDAA6,

8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD9

16FD5404133688CDFCC40 ] LanmanServer    C:

\Windows\system32\srvsvc.dll
12:24:28.0169 0x0e10  LanmanServer - ok
12:24:28.0216 0x0e10  [

851A1382EED3E3A7476DB004F4EE3E1A,

B1C67F47DD594D092E6E258F01DF5E7150227CE3131

A908A244DEE9F8A1FABF9 ] LanmanWorkstation

C:\Windows\System32\wkssvc.dll
12:24:28.0406 0x0e10  LanmanWorkstation -

ok
12:24:28.0680 0x0e10  [

1538831CF8AD2979A04C423779465827,

E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB02

3566EF0BC71A090262C0C ] lltdio          C:

\Windows\system32\DRIVERS\lltdio.sys
12:24:28.0768 0x0e10  lltdio - ok
12:24:28.0847 0x0e10  [

C1185803384AB3FEED115F79F109427F,

0414FE73532DCAB17E906438A14711E928CECCD5F57

9255410C62984DD652700 ] lltdsvc         C:

\Windows\System32\lltdsvc.dll
12:24:28.0957 0x0e10  lltdsvc - ok
12:24:29.0047 0x0e10  [

F993A32249B66C9D622EA5592A8B76B8,

EE64672A990C6145DC5601E2B8CDBE089272A72732F

59AF9865DCBA8B1717E70 ] lmhosts         C:

\Windows\System32\lmhsvc.dll
12:24:29.0094 0x0e10  lmhosts - ok
12:24:29.0148 0x0e10  [

1A93E54EB0ECE102495A51266DCDB6A6,

DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE

8F894D9DC2E267FE3255B ] LSI_FC          C:

\Windows\system32\DRIVERS\lsi_fc.sys
12:24:29.0166 0x0e10  LSI_FC - ok
12:24:29.0217 0x0e10  [

1047184A9FDC8BDBFF857175875EE810,

F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E

3800993554CB21D81AE4B ] LSI_SAS         C:

\Windows\system32\DRIVERS\lsi_sas.sys
12:24:29.0241 0x0e10  LSI_SAS - ok
12:24:29.0280 0x0e10  [

30F5C0DE1EE8B5BC9306C1F0E4A75F93,

88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D

666BFDAA525CC9686BD06 ] LSI_SAS2        C:

\Windows\system32\DRIVERS\lsi_sas2.sys
12:24:29.0297 0x0e10  LSI_SAS2 - ok
12:24:29.0350 0x0e10  [

0504EACAFF0D3C8AED161C4B0D369D4A,

4D272237C189646F5C80822FD3CBA7C2728E482E2DA

AF7A09C8AEF811C89C54D ] LSI_SCSI        C:

\Windows\system32\DRIVERS\lsi_scsi.sys
12:24:29.0370 0x0e10  LSI_SCSI - ok
12:24:29.0527 0x0e10  [

43D0F98E1D56CCDDB0D5254CFF7B356E,

5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C9

1BEB9F305486FCC3B7B22 ] luafv           C:

\Windows\system32\drivers\luafv.sys
12:24:29.0670 0x0e10  luafv - ok
12:24:29.0770 0x0e10  [

0BB97D43299910CBFBA59C461B99B910,

27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38D

CE06E85E45C5E24C067DE ] MBAMProtector   C:

\Windows\system32\drivers\mbam.sys
12:24:29.0784 0x0e10  MBAMProtector - ok
12:24:30.0261 0x0e10  [

65085456FD9A74D7F1A999520C299ECB,

EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA4

62F63B0B7215B93FE8530 ] MBAMScheduler   C:

\Program Files (x86)\Malwarebytes' Anti-

Malware\mbamscheduler.exe
12:24:30.0451 0x0e10  MBAMScheduler - ok
12:24:30.0714 0x0e10  [

E0D7732F2D2E24B2DB3F67B6750295B8,

AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB9

9186005A7ABE67B7D66FC ] MBAMService     C:

\Program Files (x86)\Malwarebytes' Anti-

Malware\mbamservice.exe
12:24:30.0796 0x0e10  MBAMService - ok
12:24:30.0913 0x0e10  [

0BE09CD858ABF9DF6ED259D57A1A1663,

2FD28889B93C8E801F74C1D0769673A461671E0189D

0A22C94509E3F0EEB7428 ] Mcx2Svc         C:

\Windows\system32\Mcx2Svc.dll
12:24:30.0976 0x0e10  Mcx2Svc - ok
12:24:31.0084 0x0e10  [

A55805F747C6EDB6A9080D7C633BD0F4,

2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC6

0413BA1767C4DE425A728 ] megasas         C:

\Windows\system32\DRIVERS\megasas.sys
12:24:31.0100 0x0e10  megasas - ok
12:24:31.0144 0x0e10  [

BAF74CE0072480C3B6B7C13B2A94D6B3,

85CBB4949C090A904464F79713A3418338753D20D7F

B811E68F287FDAC1DD834 ] MegaSR          C:

\Windows\system32\DRIVERS\MegaSR.sys
12:24:31.0167 0x0e10  MegaSR - ok
12:24:31.0673 0x0e10  Microsoft SharePoint

Workspace Audit Service - ok
12:24:31.0765 0x0e10  [

E40E80D0304A73E8D269F7141D77250B,

0DB4AC13A264F19A84DC0BCED54E8E404014CC09C99

3B172002B1561EC7E265A ] MMCSS           C:

\Windows\system32\mmcss.dll
12:24:31.0843 0x0e10  MMCSS - ok
12:24:31.0894 0x0e10  [

800BA92F7010378B09F9ED9270F07137,

94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011

D07DFA8D6A1DDC8A93342 ] Modem           C:

\Windows\system32\drivers\modem.sys
12:24:31.0984 0x0e10  Modem - ok
12:24:32.0048 0x0e10  [

B03D591DC7DA45ECE20B3B467E6AADAA,

701FB0CAD8138C58507BE28845D3E24CE269A040737

C29885944A0D851238732 ] monitor         C:

\Windows\system32\DRIVERS\monitor.sys
12:24:32.0280 0x0e10  monitor - ok
12:24:32.0315 0x0e10  [

7D27EA49F3C1F687D357E77A470AEA99,

7FE7CAF95959F127C6D932C01D539C06D80273C49A0

9761F6E8331C05B1A7EE7 ] mouclass        C:

\Windows\system32\DRIVERS\mouclass.sys
12:24:32.0330 0x0e10  mouclass - ok
12:24:32.0533 0x0e10  [

D3BF052C40B0C4166D9FD86A4288C1E6,

5E65264354CD94E844BF1838CA1B8E49080EFA34605

A32CF2F6A47A2B97FC183 ] mouhid          C:

\Windows\system32\DRIVERS\mouhid.sys
12:24:32.0603 0x0e10  mouhid - ok
12:24:32.0650 0x0e10  [

32E7A3D591D671A6DF2DB515A5CBE0FA,

47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4C

B460B7BFBC12BB9A69E63 ] mountmgr        C:

\Windows\system32\drivers\mountmgr.sys
12:24:32.0667 0x0e10  mountmgr - ok
12:24:32.0760 0x0e10  [

C6B88D62F20AC646C6BD5C032EC2FAF9,

111A07939F3C5A46F0C51B9D6F5C1D8478099E32EFD

88BC260467109ADD975F8 ] MpFilter        C:

\Windows\system32\DRIVERS\MpFilter.sys
12:24:32.0792 0x0e10  MpFilter - ok
12:24:32.0846 0x0e10  [

A44B420D30BD56E145D6A2BC8768EC58,

B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3

D44F124E89B1037AF09B8 ] mpio            C:

\Windows\system32\drivers\mpio.sys
12:24:32.0869 0x0e10  mpio - ok
12:24:33.0402 0x0e10  [

6DDB2BEFF00EA756FF0F65132330D4F4,

A50749C3FDB57B686F91109CC55DF05300A6DF224B5

8649CE514506D074EADC9 ] MpKsl603788cb   c:

\ProgramData\Microsoft\Microsoft

Antimalware\Definition Updates\{038947F0-

5F49-4341-B77F-

906DCA2C9F0B}\MpKsl603788cb.sys
12:24:35.0327 0x0e10  MpKsl603788cb - ok
12:24:35.0364 0x0e10  [

6C38C9E45AE0EA2FA5E551F2ED5E978F,

5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E

01B897FB684F8956EAD20 ] mpsdrv          C:

\Windows\system32\drivers\mpsdrv.sys
12:24:35.0410 0x0e10  mpsdrv - ok
12:24:35.0498 0x0e10  [

54FFC9C8898113ACE189D4AA7199D2C1,

65F585C87F3F710FD5793FDFA96B740AD8D4317B0C1

20F4435CCF777300EA4F2 ] MpsSvc          C:

\Windows\system32\mpssvc.dll
12:24:35.0614 0x0e10  MpsSvc - ok
12:24:35.0747 0x0e10  [

1A4F75E63C9FB84B85DFFC6B63FD5404,

01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA

1EE01DB79F5126780C21F ] MRxDAV          C:

\Windows\system32\drivers\mrxdav.sys
12:24:35.0828 0x0e10  MRxDAV - ok
12:24:35.0900 0x0e10  [

A5D9106A73DC88564C825D317CAC68AC,

0457B2AEA4E05A91D0E43F317894A614434D8CEBE35

020785387F307E231FBE4 ] mrxsmb          C:

\Windows\system32\DRIVERS\mrxsmb.sys
12:24:36.0048 0x0e10  mrxsmb - ok
12:24:36.0106 0x0e10  [

D711B3C1D5F42C0C2415687BE09FC163,

9B3013AC60BD2D0FF52086658BA5FF486ADE15954A5

52D7DD590580E8BAE3EFF ] mrxsmb10        C:

\Windows\system32\DRIVERS\mrxsmb10.sys
12:24:36.0237 0x0e10  mrxsmb10 - ok
12:24:36.0315 0x0e10  [

9423E9D355C8D303E76B8CFBD8A5C30C,

220B33F120C2DD937FE4D5664F4B581DC0ACF78D62E

B56B7720888F67B9644CC ] mrxsmb20        C:

\Windows\system32\DRIVERS\mrxsmb20.sys
12:24:36.0345 0x0e10  mrxsmb20 - ok
12:24:36.0396 0x0e10  [

C25F0BAFA182CBCA2DD3C851C2E75796,

643E158A0948DF331807AEAA391F23960362E46C0A0

CF6D22A99020EAE7B10F8 ] msahci          C:

\Windows\system32\drivers\msahci.sys
12:24:36.0414 0x0e10  msahci - ok
12:24:36.0794 0x0e10  [

DB801A638D011B9633829EB6F663C900,

B34FD33A215ACCF2905F4B7D061686CDB1CB9C65214

7AF56AE14686C1F6E3C74 ] msdsm           C:

\Windows\system32\drivers\msdsm.sys
12:24:36.0814 0x0e10  msdsm - ok
12:24:36.0876 0x0e10  [

DE0ECE52236CFA3ED2DBFC03F28253A8,

2FBBEC4CACB5161F68D7C2935852A5888945CA0F107

CF8A1C01F4528CE407DE3 ] MSDTC           C:

\Windows\System32\msdtc.exe
12:24:37.0001 0x0e10  MSDTC - ok
12:24:37.0146 0x0e10  [

AA3FB40E17CE1388FA1BEDAB50EA8F96,

69F93E15536644C8FD679A20190CFE577F4985D3B1B

4A4AA250A168615AE1E99 ] Msfs            C:

\Windows\system32\drivers\Msfs.sys
12:24:37.0189 0x0e10  Msfs - ok
12:24:37.0238 0x0e10  [

F9D215A46A8B9753F61767FA72A20326,

6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B

76D43FCB88987C2174141 ] mshidkmdf       C:

\Windows\System32\drivers\mshidkmdf.sys
12:24:37.0369 0x0e10  mshidkmdf - ok
12:24:37.0481 0x0e10  [

D916874BBD4F8B07BFB7FA9B3CCAE29D,

B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F

3081E88311AB73BC992A1 ] msisadrv        C:

\Windows\system32\drivers\msisadrv.sys
12:24:37.0496 0x0e10  msisadrv - ok
12:24:37.0591 0x0e10  [

808E98FF49B155C522E6400953177B08,

F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5A

D17013A0091CA33A1A3D5 ] MSiSCSI         C:

\Windows\system32\iscsiexe.dll
12:24:37.0741 0x0e10  MSiSCSI - ok
12:24:37.0769 0x0e10  msiserver - ok
12:24:37.0810 0x0e10  [

49CCF2C4FEA34FFAD8B1B59D49439366,

E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE5

6234684FB8789A20396C7 ] MSKSSRV         C:

\Windows\system32\drivers\MSKSSRV.sys
12:24:37.0885 0x0e10  MSKSSRV - ok
12:24:37.0966 0x0e10  [

7675E15D1B2180745E4DA4D26AAD7385,

729AA6C610F67028CFFFF64B772FFA1CAE7581D37F8

909BDA423D52AF85C92C8 ] MsMpSvc         c:

\Program Files\Microsoft Security Client

\MsMpEng.exe
12:24:37.0985 0x0e10  MsMpSvc - ok
12:24:38.0053 0x0e10  [

BDD71ACE35A232104DDD349EE70E1AB3,

27464A66868513BE6A01B75D7FC5B0D6B71842E4E20

CE3F76B15C071A0618BBB ] MSPCLOCK        C:

\Windows\system32\drivers\MSPCLOCK.sys
12:24:38.0122 0x0e10  MSPCLOCK - ok
12:24:38.0171 0x0e10  [

4ED981241DB27C3383D72092B618A1D0,

E12F121E641249DB3491141851B59E1496F4413EDF5

8E863388F1C229838DFCC ] MSPQM           C:

\Windows\system32\drivers\MSPQM.sys
12:24:38.0247 0x0e10  MSPQM - ok
12:24:38.0367 0x0e10  [

759A9EEB0FA9ED79DA1FB7D4EF78866D,

64E3BC613EC4872B1B344CBF71EE15BE195592E3244

C1EE099C6F8B95A40F133 ] MsRPC           C:

\Windows\system32\drivers\MsRPC.sys
12:24:38.0393 0x0e10  MsRPC - ok
12:24:38.0613 0x0e10  [

0EED230E37515A0EAEE3C2E1BC97B288,

B1D8F8A75006B6E99214CA36D27A8594EF8D952F315

BEB201E9BAC9DE3E64D42 ] mssmbios        C:

\Windows\system32\drivers\mssmbios.sys
12:24:38.0728 0x0e10  mssmbios - ok
12:24:39.0782 0x0e10  [

2E66F9ECB30B4221A318C92AC2250779,

DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3

E352A64F6A5F1301586CD ] MSTEE           C:

\Windows\system32\drivers\MSTEE.sys
12:24:41.0086 0x0e10  MSTEE - ok
12:24:41.0353 0x0e10  [

7EA404308934E675BFFDE8EDF0757BCD,

306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43

B7D2977AE960F9AEC3232 ] MTConfig        C:

\Windows\system32\DRIVERS\MTConfig.sys
12:24:41.0420 0x0e10  MTConfig - ok
12:24:41.0573 0x0e10  [

F9A18612FD3526FE473C1BDA678D61C8,

32F7975B5BAA447917F832D9E3499B4B6D3E90D73F4

78375D0B70B36C524693A ] Mup             C:

\Windows\system32\Drivers\mup.sys
12:24:41.0595 0x0e10  Mup - ok
12:24:41.0680 0x0e10  [

582AC6D9873E31DFA28A4547270862DD,

BD540499F74E8F59A020D935D18E36A3A97C1A6EC59

C8208436469A31B16B260 ] napagent        C:

\Windows\system32\qagentRT.dll
12:24:41.0792 0x0e10  napagent - ok
12:24:41.0942 0x0e10  [

1EA3749C4114DB3E3161156FFFFA6B33,

54C2E77BCE1037711A11313AC25B8706109098C10A3

1AA03AEB7A185E97800D7 ] NativeWifiP     C:

\Windows\system32\DRIVERS\nwifi.sys
12:24:42.0055 0x0e10  NativeWifiP - ok
12:24:42.0212 0x0e10  [

760E38053BF56E501D562B70AD796B88,

F856E81A975D44F8684A6F2466549CEEDFAEB395019

1698555A93A1206E0A42D ] NDIS            C:

\Windows\system32\drivers\ndis.sys
12:24:42.0274 0x0e10  NDIS - ok
12:24:42.0375 0x0e10  [

9F9A1F53AAD7DA4D6FEF5BB73AB811AC,

D7E5446E83909AE25506BB98FBDD878A529C87963E3

C1125C4ABAB25823572BC ] NdisCap         C:

\Windows\system32\DRIVERS\ndiscap.sys
12:24:42.0434 0x0e10  NdisCap - ok
12:24:42.0476 0x0e10  [

30639C932D9FEF22B31268FE25A1B6E5,

32873D95339600F6EEFA51847D12C563FF01F320DC5

9055B242FA2887C99F9D6 ] NdisTapi        C:

\Windows\system32\DRIVERS\ndistapi.sys
12:24:42.0557 0x0e10  NdisTapi - ok
12:24:42.0748 0x0e10  [

136185F9FB2CC61E573E676AA5402356,

BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6

C11DD3094F2E8EB56E683 ] Ndisuio         C:

\Windows\system32\DRIVERS\ndisuio.sys
12:24:42.0853 0x0e10  Ndisuio - ok
12:24:42.0899 0x0e10  [

53F7305169863F0A2BDDC49E116C2E11,

881E9346D3C02405B7850ADC37E720990712EC9C666

A0CE96E252A487FD2CE77 ] NdisWan         C:

\Windows\system32\DRIVERS\ndiswan.sys
12:24:43.0037 0x0e10  NdisWan - ok
12:24:43.0168 0x0e10  [

015C0D8E0E0421B4CFD48CFFE2825879,

4242E2D42CCFC859B2C0275C5331798BC0BDA68E51C

F4650B6E64B1332071023 ] NDProxy         C:

\Windows\system32\drivers\NDProxy.sys
12:24:43.0209 0x0e10  NDProxy - ok
12:24:43.0262 0x0e10  [

86743D9F5D2B1048062B14B1D84501C4,

DBF6D6A60AB774FCB0F464FF2D285A7521D0A240066

87B243AB46B17D8032062 ] NetBIOS         C:

\Windows\system32\DRIVERS\netbios.sys
12:24:43.0322 0x0e10  NetBIOS - ok
12:24:43.0451 0x0e10  [

09594D1089C523423B32A4229263F068,

7426A9B8BA27D3225928DDEFBD399650ABB90798212

F56B7D12158AC22CCCE37 ] NetBT           C:

\Windows\system32\DRIVERS\netbt.sys
12:24:43.0506 0x0e10  NetBT - ok
12:24:43.0547 0x0e10  [

4D71227301DD8D09097B9E4CC6527E5A,

193D47ADCB722B581CC0F29B794AB3E455B6E9BEA36

7CE9A5216A09E055B7F1E ] Netlogon        C:

\Windows\system32\lsass.exe
12:24:43.0574 0x0e10  Netlogon - ok
12:24:43.0636 0x0e10  [

847D3AE376C0817161A14A82C8922A9E,

37AE692B3481323134125EF58F2C3CBC20177371AF2

F5874F53DD32A827CB936 ] Netman          C:

\Windows\System32\netman.dll
12:24:43.0976 0x0e10  Netman - ok
12:24:44.0070 0x0e10  [

21318671BCAD3ACF16638F98D4D00973,

CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398

E2EBC04D7910109CACA11 ] NetMsmqActivator

C:\Windows\Microsoft.NET

\Framework64\v4.0.30319\SMSvcHost.exe
12:24:44.0186 0x0e10  NetMsmqActivator - ok
12:24:44.0204 0x0e10  [

21318671BCAD3ACF16638F98D4D00973,

CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398

E2EBC04D7910109CACA11 ] NetPipeActivator

C:\Windows\Microsoft.NET

\Framework64\v4.0.30319\SMSvcHost.exe
12:24:44.0230 0x0e10  NetPipeActivator - ok
12:24:44.0313 0x0e10  [

5F28111C648F1E24F7DBC87CDEB091B8,

2E8645285921EDB98BB2173E11E57459C888D52E80D

85791D169C869DE8813B9 ] netprofm        C:

\Windows\System32\netprofm.dll
12:24:44.0430 0x0e10  netprofm - ok
12:24:44.0502 0x0e10  [

21318671BCAD3ACF16638F98D4D00973,

CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398

E2EBC04D7910109CACA11 ] NetTcpActivator C:

\Windows\Microsoft.NET

\Framework64\v4.0.30319\SMSvcHost.exe
12:24:44.0521 0x0e10  NetTcpActivator - ok
12:24:44.0546 0x0e10  [

21318671BCAD3ACF16638F98D4D00973,

CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398

E2EBC04D7910109CACA11 ] NetTcpPortSharing

C:\Windows\Microsoft.NET

\Framework64\v4.0.30319\SMSvcHost.exe
12:24:44.0570 0x0e10  NetTcpPortSharing -

ok
12:24:45.0916 0x0e10  [

64428DFDAF6E88366CB51F45A79C5F69,

31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F0

6B9A9610C0065DD4E7B13 ] netw5v64        C:

\Windows\system32\DRIVERS\netw5v64.sys
12:24:46.0345 0x0e10  netw5v64 - ok
12:24:47.0805 0x0e10  [

1D974430131627AD97BD28E5746C2EC1,

0F4F5CDE462DA5BCEE6DE144BE33DBD2CA79AE8E9C1

915ADAD731E62BC289D2E ] NETwNs64        C:

\Windows\system32\DRIVERS\NETwNs64.sys
12:24:48.0427 0x0e10  NETwNs64 - ok
12:24:48.0501 0x0e10  [

77889813BE4D166CDAB78DDBA990DA92,

2EF531AE502B943632EEC66A309A8BFCDD36120A5E1

473F4AAF3C2393AD0E6A3 ] nfrd960         C:

\Windows\system32\DRIVERS\nfrd960.sys
12:24:48.0536 0x0e10  nfrd960 - ok
12:24:48.0633 0x0e10  [

ACE8C64C57E4A711473C8BC10ADF692B,

53D8083CE78DB5527080B4570AC28ABAA262667744A

319707AE0C46E46B297F9 ] NisDrv          C:

\Windows\system32\DRIVERS\NisDrvWFP.sys
12:24:48.0657 0x0e10  NisDrv - ok
12:24:48.0784 0x0e10  [

6247E8B31ED0A9D6BC5A26276E49BEB3,

230C0C560492C454B9EB14B50EB4A78DC74FAB6B662

449A0EA3114B3E671BFF3 ] NisSrv          c:

\Program Files\Microsoft Security Client

\NisSrv.exe
12:24:48.0829 0x0e10  NisSrv - ok
12:24:48.0876 0x0e10  [

8AD77806D336673F270DB31645267293,

E23F324913554A23CD043DD27D4305AF62F48C0561A

0FC7B7811E55B74B1BE79 ] NlaSvc          C:

\Windows\System32\nlasvc.dll
12:24:48.0980 0x0e10  NlaSvc - ok
12:24:49.0019 0x0e10  [

1E4C4AB5C9B8DD13179BBDC75A2A01F7,

D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018

471E17AC04668157DC67F ] Npfs            C:

\Windows\system32\drivers\Npfs.sys
12:24:49.0089 0x0e10  Npfs - ok
12:24:49.0153 0x0e10  [

D54BFDF3E0C953F823B3D0BFE4732528,

497A1DCC5646EC22119273216DF10D5442D16F83E43

63770F507518CF6EAA53A ] nsi             C:

\Windows\system32\nsisvc.dll
12:24:49.0288 0x0e10  nsi - ok
12:24:49.0335 0x0e10  [

E7F5AE18AF4168178A642A9247C63001,

133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC

3B820C7F981D292689D76 ] nsiproxy        C:

\Windows\system32\drivers\nsiproxy.sys
12:24:49.0717 0x0e10  nsiproxy - ok
12:24:50.0081 0x0e10  [

B98F8C6E31CD07B2E6F71F7F648E38C0,

2FEA100B80680FBBF644CB6763738804155DF1E94A6

542CAE2B2786D770D554E ] Ntfs            C:

\Windows\system32\drivers\Ntfs.sys
12:24:50.0248 0x0e10  Ntfs - ok
12:24:50.0449 0x0e10  [

9899284589F75FA8724FF3D16AED75C1,

181188599FD5D4DE33B97010D9E0CAEABAB9A3EF507

12FE7F9AA0735CD0666D6 ] Null            C:

\Windows\system32\drivers\Null.sys
12:24:50.0516 0x0e10  Null - ok
12:24:50.0585 0x0e10  [

0A92CB65770442ED0DC44834632F66AD,

581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4

F0656B680AFB51A35ACE7 ] nvraid          C:

\Windows\system32\drivers\nvraid.sys
12:24:50.0604 0x0e10  nvraid - ok
12:24:50.0735 0x0e10  [

DAB0E87525C10052BF65F06152F37E4A,

AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC

71EB5070D292FEAAEDF37 ] nvstor          C:

\Windows\system32\drivers\nvstor.sys
12:24:50.0855 0x0e10  nvstor - ok
12:24:50.0900 0x0e10  [

270D7CD42D6E3979F6DD0146650F0E05,

752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2

DDE6B3E0D63ECA996F76F ] nv_agp          C:

\Windows\system32\drivers\nv_agp.sys
12:24:50.0931 0x0e10  nv_agp - ok
12:24:51.0032 0x0e10  [

3589478E4B22CE21B41FA1BFC0B8B8A0,

AD2469FC753FE552CB809FF405A9AB23E7561292FE8

9117E3B3B62057EFF0203 ] ohci1394        C:

\Windows\system32\drivers\ohci1394.sys
12:24:51.0067 0x0e10  ohci1394 - ok
12:24:51.0239 0x0e10  [

9D10F99A6712E28F8ACD5641E3A7EA6B,

70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8

E03A3721FF007E69595CC ] ose             C:

\Program Files (x86)\Common Files\Microsoft

Shared\Source Engine\OSE.EXE
12:24:51.0278 0x0e10  ose - ok
12:24:52.0660 0x0e10  [

61BFFB5F57AD12F83AB64B7181829B34,

1DD0DD35E4158F95765EE6639F217DF03A0A19E624E

020DBA609268C08A13846 ] osppsvc         C:

\Program Files\Common Files\Microsoft

Shared\OfficeSoftwareProtectionPlatform

\OSPPSVC.EXE
12:24:53.0032 0x0e10  osppsvc - ok
12:24:53.0143 0x0e10  [

3EAC4455472CC2C97107B5291E0DCAFE,

E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323

E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:

\Windows\system32\pnrpsvc.dll
12:24:53.0418 0x0e10  p2pimsvc - ok
12:24:53.0552 0x0e10  [

927463ECB02179F88E4B9A17568C63C3,

FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26

E973675549628408B94CE ] p2psvc          C:

\Windows\system32\p2psvc.dll
12:24:53.0598 0x0e10  p2psvc - ok
12:24:53.0702 0x0e10  [

0086431C29C35BE1DBC43F52CC273887,

0D116D49EF9ABB57DA005764F25E692622210627FC2

048F06A989B12FA8D0A80 ] Parport         C:

\Windows\system32\DRIVERS\parport.sys
12:24:53.0727 0x0e10  Parport - ok
12:24:53.0961 0x0e10  [

E9766131EEADE40A27DC27D2D68FBA9C,

63C295EC96DBD25F1A8B908295CCB86B54F2A77A02A

AA11E5D9160C2C1A492B6 ] partmgr         C:

\Windows\system32\drivers\partmgr.sys
12:24:53.0997 0x0e10  partmgr - ok
12:24:54.0109 0x0e10  [

3AEAA8B561E63452C655DC0584922257,

04C072969B58657602EB0C21CEDF24FCEE14E61B90A

0F758F93925EF2C9FC32D ] PcaSvc          C:

\Windows\System32\pcasvc.dll
12:24:54.0172 0x0e10  PcaSvc - ok
12:24:54.0223 0x0e10  [

94575C0571D1462A0F70BDE6BD6EE6B3,

7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2

BAABDAA27E4C3C8B27FC9 ] pci             C:

\Windows\system32\drivers\pci.sys
12:24:54.0259 0x0e10  pci - ok
12:24:54.0372 0x0e10  [

B5B8B5EF2E5CB34DF8DCF8831E3534FA,

F2A7CC645B96946CC65BF60E14E70DC09C848D27C79

43CE5DEA0C01A6B863480 ] pciide          C:

\Windows\system32\drivers\pciide.sys
12:24:54.0391 0x0e10  pciide - ok
12:24:54.0490 0x0e10  [

B2E81D4E87CE48589F98CB8C05B01F2F,

6763BEE7270A4873B3E131BFB92313E2750FCBD0AD7

3C23D1C4F98F7DF73DE14 ] pcmcia          C:

\Windows\system32\DRIVERS\pcmcia.sys
12:24:54.0557 0x0e10  pcmcia - ok
12:24:54.0854 0x0e10  [

D6B9C2E1A11A3A4B26A182FFEF18F603,

BBA5FE08B1DDD6243118E11358FD61B10E850F090F0

61711C3CB207CE5FBBD36 ] pcw             C:

\Windows\system32\drivers\pcw.sys
12:24:54.0890 0x0e10  pcw - ok
12:24:55.0371 0x0e10  [

68769C3356B3BE5D1C732C97B9A80D6E,

FB2D61145980A2899D1B7729184C54070315B0E63C9

A22400A76CCD39E00029C ] PEAUTH          C:

\Windows\system32\drivers\peauth.sys
12:24:55.0751 0x0e10  PEAUTH - ok
12:24:56.0032 0x0e10  [

E495E408C93141E8FC72DC0C6046DDFA,

489B957DADA0DC128A09468F1AD082DCC657E860532

08EA06A12937BE86FB919 ] PerfHost        C:

\Windows\SysWow64\perfhost.exe
12:24:56.0190 0x0e10  PerfHost - ok
12:24:56.0399 0x0e10  [

C7CF6A6E137463219E1259E3F0F0DD6C,

08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887

DE422509C1F83EC85F3DD ] pla             C:

\Windows\system32\pla.dll
12:24:56.0606 0x0e10  pla - ok
12:24:56.0847 0x0e10  [

25FBDEF06C4D92815B353F6E792C8129,

57D9764AE6BCE33B242C399CDFC10DD405975BD6411

CA8C75FBCD06EEB8442A9 ] PlugPlay        C:

\Windows\system32\umpnpmgr.dll
12:24:57.0139 0x0e10  PlugPlay - ok
12:24:57.0237 0x0e10  [

7195581CEC9BB7D12ABE54036ACC2E38,

9C4E5D6EA984148F2663DC529083408B2248DFF6DAA

C85D9195F80A722782315 ] PNRPAutoReg     C:

\Windows\system32\pnrpauto.dll
12:24:57.0341 0x0e10  PNRPAutoReg - ok
12:24:57.0524 0x0e10  [

3EAC4455472CC2C97107B5291E0DCAFE,

E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323

E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:

\Windows\system32\pnrpsvc.dll
12:24:57.0553 0x0e10  PNRPsvc - ok
12:24:57.0622 0x0e10  [

4F15D75ADF6156BF56ECED6D4A55C389,

2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B

0070D654D9F7A5C12A044 ] PolicyAgent     C:

\Windows\System32\ipsecsvc.dll
12:24:57.0775 0x0e10  PolicyAgent - ok
12:24:57.0836 0x0e10  [

6BA9D927DDED70BD1A9CADED45F8B184,

66203CE70A5EDE053929A940F38924C6792239CCCE1

0DD2C1D90D5B4D6748B55 ] Power           C:

\Windows\system32\umpo.dll
12:24:57.0943 0x0e10  Power - ok
12:24:57.0990 0x0e10  [

F92A2C41117A11A00BE01CA01A7FCDE9,

38ADC6052696D110CA5F393BC586791920663F5DA66

934C2A824DDA9CD89C763 ] PptpMiniport    C:

\Windows\system32\DRIVERS\raspptp.sys
12:24:58.0118 0x0e10  PptpMiniport - ok
12:24:58.0167 0x0e10  [

0D922E23C041EFB1C3FAC2A6F943C9BF,

855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9

D26D0C521F9F613B4EAD5 ] Processor       C:

\Windows\system32\DRIVERS\processr.sys
12:24:58.0248 0x0e10  Processor - ok
12:24:58.0295 0x0e10  [

53E83F1F6CF9D62F32801CF66D8352A8,

1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF2

47834400F9B72D05ACE48 ] ProfSvc         C:

\Windows\system32\profsvc.dll
12:24:58.0430 0x0e10  ProfSvc - ok
12:24:58.0469 0x0e10  [

4D71227301DD8D09097B9E4CC6527E5A,

193D47ADCB722B581CC0F29B794AB3E455B6E9BEA36

7CE9A5216A09E055B7F1E ] ProtectedStorage

C:\Windows\system32\lsass.exe
12:24:58.0508 0x0e10  ProtectedStorage - ok
12:24:58.0560 0x0e10  [

0557CF5A2556BD58E26384169D72438D,

F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36

518B8676C619AB74957B4 ] Psched          C:

\Windows\system32\DRIVERS\pacer.sys
12:24:58.0694 0x0e10  Psched - ok
12:25:01.0108 0x0e10  [

A53A15A11EBFD21077463EE2C7AFEEF0,

6002B012A75045DEA62640A864A8721EADE2F8B65BE

B5F5BA76D8CD819774489 ] ql2300          C:

\Windows\system32\DRIVERS\ql2300.sys
12:25:01.0235 0x0e10  ql2300 - ok
12:25:01.0288 0x0e10  [

4F6D12B51DE1AAEFF7DC58C4D75423C8,

FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77

209B5296F789F6F7D08DE ] ql40xx          C:

\Windows\system32\DRIVERS\ql40xx.sys
12:25:01.0325 0x0e10  ql40xx - ok
12:25:01.0742 0x0e10  [

906191634E99AEA92C4816150BDA3732,

A0305436384104C3B559F9C73902DA19B96B5184133

79E397C5CDAB0B2B9418F ] QWAVE           C:

\Windows\system32\qwave.dll
12:25:01.0821 0x0e10  QWAVE - ok
12:25:02.0110 0x0e10  [

76707BB36430888D9CE9D705398ADB6C,

35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25

FE1F28F574E40DDF70535 ] QWAVEdrv        C:

\Windows\system32\drivers\qwavedrv.sys
12:25:02.0245 0x0e10  QWAVEdrv - ok
12:25:02.0284 0x0e10  [

5A0DA8AD5762FA2D91678A8A01311704,

8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199

892D7F8C69B48E8A255EF ] RasAcd          C:

\Windows\system32\DRIVERS\rasacd.sys
12:25:02.0431 0x0e10  RasAcd - ok
12:25:02.0479 0x0e10  [

7ECFF9B22276B73F43A99A15A6094E90,

62C70DA127F48F796F8897BBFA23AB6EB080CC923F0

F091DFA384A93F5C90CA1 ] RasAgileVpn     C:

\Windows\system32\DRIVERS\AgileVpn.sys
12:25:02.0609 0x0e10  RasAgileVpn - ok
12:25:02.0650 0x0e10  [

8F26510C5383B8DBE976DE1CD00FC8C7,

60E618C010E8A723960636415573FA17EA0BBEF7964

7196B3BC0B8DEE680E090 ] RasAuto         C:

\Windows\System32\rasauto.dll
12:25:02.0805 0x0e10  RasAuto - ok
12:25:02.0906 0x0e10  [

471815800AE33E6F1C32FB1B97C490CA,

27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458

E0B1177593141EE072698 ] Rasl2tp         C:

\Windows\system32\DRIVERS\rasl2tp.sys
12:25:03.0002 0x0e10  Rasl2tp - ok
12:25:03.0383 0x0e10  [

EE867A0870FC9E4972BA9EAAD35651E2,

1B848D81705081FD2E18AC762DA7F51455657DAF860

BF363DC15925A148BCADA ] RasMan          C:

\Windows\System32\rasmans.dll
12:25:03.0629 0x0e10  RasMan - ok
12:25:03.0710 0x0e10  [

855C9B1CD4756C5E9A2AA58A15F58C25,

A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CA

AF6D2B58CFD55E9561F72 ] RasPppoe        C:

\Windows\system32\DRIVERS\raspppoe.sys
12:25:03.0824 0x0e10  RasPppoe - ok
12:25:03.0872 0x0e10  [

E8B1E447B008D07FF47D016C2B0EEECB,

FEC789F82B912F3E14E49524D40FEAA4373B221156F

14045E645D7C37859258C ] RasSstp         C:

\Windows\system32\DRIVERS\rassstp.sys
12:25:04.0011 0x0e10  RasSstp - ok
12:25:04.0204 0x0e10  [

77F665941019A1594D887A74F301FA2F,

1FDC6F6853400190C086042933F157814D915C54F26

793CAD36CD2607D8810DA ] rdbss           C:

\Windows\system32\DRIVERS\rdbss.sys
12:25:04.0285 0x0e10  rdbss - ok
12:25:04.0335 0x0e10  [

302DA2A0539F2CF54D7C6CC30C1F2D8D,

1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208C

E22428B8C4967E5DE9D17 ] rdpbus          C:

\Windows\system32\DRIVERS\rdpbus.sys
12:25:04.0398 0x0e10  rdpbus - ok
12:25:04.0449 0x0e10  [

CEA6CC257FC9B7715F1C2B4849286D24,

A78144D18352EA802C39D9D42921CF97A3E0211766B

2169B6755C6FC2D77A804 ] RDPCDD          C:

\Windows\system32\DRIVERS\RDPCDD.sys
12:25:04.0619 0x0e10  RDPCDD - ok
12:25:04.0863 0x0e10  [

BB5971A4F00659529A5C44831AF22365,

9AAA5C0D448E821FD85589505D99DF7749715A046BB

D211F139E4E652ADDE41F ] RDPENCDD        C:

\Windows\system32\drivers\rdpencdd.sys
12:25:05.0053 0x0e10  RDPENCDD - ok
12:25:05.0092 0x0e10  [

216F3FA57533D98E1F74DED70113177A,

60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB

499F6E10A612540F173F4 ] RDPREFMP        C:

\Windows\system32\drivers\rdprefmp.sys
12:25:05.0139 0x0e10  RDPREFMP - ok
12:25:05.0265 0x0e10  [

313F68E1A3E6345A4F47A36B07062F34,

B8318A0AE06BDE278931CA52F960B9FE226FD9894B0

76858DDB755AE26E1E66F ] RdpVideoMiniport

C:\Windows\system32\drivers

\rdpvideominiport.sys
12:25:05.0546 0x0e10  RdpVideoMiniport - ok
12:25:05.0688 0x0e10  [

E61608AA35E98999AF9AAEEEA6114B0A,

F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE

3C0CBF927436DE90C04A6 ] RDPWD           C:

\Windows\system32\drivers\RDPWD.sys
12:25:05.0814 0x0e10  RDPWD - ok
12:25:05.0884 0x0e10  [

34ED295FA0121C241BFEF24764FC4520,

AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5

601490E3EC3FFF929BB5F ] rdyboost        C:

\Windows\system32\drivers\rdyboost.sys
12:25:05.0905 0x0e10  rdyboost - ok
12:25:06.0049 0x0e10  [

254FB7A22D74E5511C73A3F6D802F192,

3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF2

8A41656EE72287F3D3836 ] RemoteAccess    C:

\Windows\System32\mprdim.dll
12:25:06.0210 0x0e10  RemoteAccess - ok
12:25:06.0301 0x0e10  [

E4D94F24081440B5FC5AA556C7C62702,

147CAA03568DC480F9506E30B84891AB7E433B5EBC0

5F34FF10F72B00E1C6B22 ] RemoteRegistry  C:

\Windows\system32\regsvc.dll
12:25:06.0410 0x0e10  RemoteRegistry - ok
12:25:06.0487 0x0e10  [

6D850FAD4CC9498D1F382B77BA4035CC,

689B8D90BFA404F2ABEF3F7CD098382DAA81A4CF6BF

3784C9CC24DAF33F10660 ] RimUsb          C:

\Windows\system32\Drivers\RimUsb_AMD64.sys
12:25:06.0675 0x0e10  RimUsb - ok
12:25:06.0771 0x0e10  [

344604E6913BD6E4EAEC34AF2E0943D7,

4ADFE13AFECD0F263A27F647FC6BA1AB47B2A28F9D7

0FCAC90F23D0A2FB8C493 ] RimVSerPort     C:

\Windows\system32\DRIVERS

\RimSerial_AMD64.sys
12:25:07.0047 0x0e10  RimVSerPort - ok
12:25:07.0111 0x0e10  [

388D3DD1A6457280F3BADBA9F3ACD6B1,

5C534EA15195B1301C917904627AF09FE2ABA3FEE16

41B5C87E8F3191BC49058 ] ROOTMODEM       C:

\Windows\system32\Drivers\RootMdm.sys
12:25:07.0261 0x0e10  ROOTMODEM - ok
12:25:07.0632 0x0e10  [

E4DC58CF7B3EA515AE917FF0D402A7BB,

665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729

877D8584349754C2867E8 ] RpcEptMapper    C:

\Windows\System32\RpcEpMap.dll
12:25:07.0728 0x0e10  RpcEptMapper - ok
12:25:07.0760 0x0e10  [

D5BA242D4CF8E384DB90E6A8ED850B8C,

CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB23

1B2116F95938D7577334E ] RpcLocator      C:

\Windows\system32\locator.exe
12:25:07.0962 0x0e10  RpcLocator - ok
12:25:08.0016 0x0e10  [

5C627D1B1138676C0A7AB2C2C190D123,

C5003F2C912C5CA990E634818D3B4FD72F871900AF2

948BD6C4D6400B354B401 ] RpcSs           C:

\Windows\system32\rpcss.dll
12:25:08.0090 0x0e10  RpcSs - ok
12:25:08.0225 0x0e10  [

DDC86E4F8E7456261E637E3552E804FF,

D250C69CCC75F2D88E7E624FCC51300E75637333317

D53908CCA7E0F117173DD ] rspndr          C:

\Windows\system32\DRIVERS\rspndr.sys
12:25:08.0281 0x0e10  rspndr - ok
12:25:08.0593 0x0e10  [

665BA29357882A8C5980B15B3A0123A4,

C03D5140E4C8B469D30E3D82CDAEB2F1BA2EB671F14

6094166222B40993185C6 ] RTL8192cu       C:

\Windows\system32\DRIVERS\RTL8192cu.sys
12:25:08.0801 0x0e10  RTL8192cu - ok
12:25:08.0836 0x0e10  [

4D71227301DD8D09097B9E4CC6527E5A,

193D47ADCB722B581CC0F29B794AB3E455B6E9BEA36

7CE9A5216A09E055B7F1E ] SamSs           C:

\Windows\system32\lsass.exe
12:25:08.0885 0x0e10  SamSs - ok
12:25:09.0191 0x0e10  [

AC03AF3329579FFFB455AA2DAABBE22B,

7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED730814

2BF8F5269E6EAA5E0A656 ] sbp2port        C:

\Windows\system32\drivers\sbp2port.sys
12:25:09.0210 0x0e10  sbp2port - ok
12:25:09.0309 0x0e10  [

9B7395789E3791A3B6D000FE6F8B131E,

E5F067F3F212BF5481668BE1779CBEF053F511F8967

589BE2E865ACB9A620024 ] SCardSvr        C:

\Windows\System32\SCardSvr.dll
12:25:09.0436 0x0e10  SCardSvr - ok
12:25:09.0630 0x0e10  [

253F38D0D7074C02FF8DEB9836C97D2B,

CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A7

4DA7FE94BBBA584889116 ] scfilter        C:

\Windows\system32\DRIVERS\scfilter.sys
12:25:09.0781 0x0e10  scfilter - ok
12:25:10.0496 0x0e10  [

262F6592C3299C005FD6BEC90FC4463A,

54095E37F0B6CC677A3E9BDD40F4647C713273D197D

B341063AA7F342A60C4A7 ] Schedule        C:

\Windows\system32\schedsvc.dll
12:25:10.0751 0x0e10  Schedule - ok
12:25:11.0019 0x0e10  [

F17D1D393BBC69C5322FBFAFACA28C7F,

62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F

1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:

\Windows\System32\certprop.dll
12:25:11.0070 0x0e10  SCPolicySvc - ok
12:25:11.0252 0x0e10  [

6EA4234DC55346E0709560FE7C2C1972,

64011E044C16E2F92689E5F7E4666A075E27BBFA61F

3264E5D51CE1656C1D5B8 ] SDRSVC          C:

\Windows\System32\SDRSVC.dll
12:25:11.0749 0x0e10  SDRSVC - ok
12:25:11.0798 0x0e10  [

3EA8A16169C26AFBEB544E0E48421186,

34BBB0459C96B3DE94CCB0D73461562935C583D7BF9

3828DA4E20A6BC9B7301D ] secdrv          C:

\Windows\system32\drivers\secdrv.sys
12:25:11.0846 0x0e10  secdrv - ok
12:25:12.0036 0x0e10  [

BC617A4E1B4FA8DF523A061739A0BD87,

10C4057F6B321EB5237FF619747B74F5401BC17D15A

8C7060829E8204A2297F9 ] seclogon        C:

\Windows\system32\seclogon.dll
12:25:12.0108 0x0e10  seclogon - ok
12:25:12.0184 0x0e10  [

C32AB8FA018EF34C0F113BD501436D21,

E0EB8E80B51E45CA7EB061E705DA0BC07878759418A

8519AE6E12326FE79E7C7 ] SENS            C:

\Windows\System32\sens.dll
12:25:12.0229 0x0e10  SENS - ok
12:25:12.0331 0x0e10  [

0336CFFAFAAB87A11541F1CF1594B2B2,

8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF

88748D65E690A07B10B8D ] SensrSvc        C:

\Windows\system32\sensrsvc.dll
12:25:12.0483 0x0e10  SensrSvc - ok
12:25:12.0570 0x0e10  [

CB624C0035412AF0DEBEC78C41F5CA1B,

A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80

321E360EA1ABD6726F8D4 ] Serenum         C:

\Windows\system32\DRIVERS\serenum.sys
12:25:12.0650 0x0e10  Serenum - ok
12:25:12.0735 0x0e10  [

C1D8E28B2C2ADFAEC4BA89E9FDA69BD6,

8F9776FB84C5D11068EAF1FF1D1A46466C655D64D25

6A8B1E31DC0C23B5DD22D ] Serial          C:

\Windows\system32\DRIVERS\serial.sys
12:25:12.0757 0x0e10  Serial - ok
12:25:12.0824 0x0e10  [

1C545A7D0691CC4A027396535691C3E3,

065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5

404B42EBBB867A3FFED6D ] sermouse        C:

\Windows\system32\DRIVERS\sermouse.sys
12:25:12.0880 0x0e10  sermouse - ok
12:25:13.0011 0x0e10  [

0B6231BF38174A1628C4AC812CC75804,

E569BF1F7F5689E2E917FA6516DB53388A5B8B1C669

9DEE030147E853218811D ] SessionEnv      C:

\Windows\system32\sessenv.dll
12:25:13.0107 0x0e10  SessionEnv - ok
12:25:13.0380 0x0e10  [

A554811BCD09279536440C964AE35BBF,

DA8F893722F803E189D7D4D6C6232ED34505B63A64E

D3A0132A5BB7A2BABDE55 ] sffdisk         C:

\Windows\system32\drivers\sffdisk.sys
12:25:13.0515 0x0e10  sffdisk - ok
12:25:13.0605 0x0e10  [

FF414F0BAEFEBA59BC6C04B3DB0B87BF,

B81EF5D26AEB572CAB590F7AD7CA8C89F296420089E

F5E6148E972F2DBCA1042 ] sffp_mmc        C:

\Windows\system32\drivers\sffp_mmc.sys
12:25:13.0677 0x0e10  sffp_mmc - ok
12:25:13.0732 0x0e10  [

DD85B78243A19B59F0637DCF284DA63C,

6730D4F2BAE7E24615746ACC41B42D01DB6068D6504

982008ADA1890DE900197 ] sffp_sd         C:

\Windows\system32\drivers\sffp_sd.sys
12:25:13.0770 0x0e10  sffp_sd - ok
12:25:14.0038 0x0e10  [

A9D601643A1647211A1EE2EC4E433FF4,

7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30F

ABC564A24394310E9A5F9 ] sfloppy         C:

\Windows\system32\DRIVERS\sfloppy.sys
12:25:14.0084 0x0e10  sfloppy - ok
12:25:14.0322 0x0e10  [

B95F6501A2F8B2E78C697FEC401970CE,

758B73A32902299A313348CE7EC189B20EB4CB398D0

180E4EE24B84DAD55F291 ] SharedAccess    C:

\Windows\System32\ipnathlp.dll
12:25:14.0390 0x0e10  SharedAccess - ok
12:25:16.0724 0x0e10  [

AAF932B4011D14052955D4B212A4DA8D,

2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E64

73CE51157E0F138257923 ] ShellHWDetection

C:\Windows\System32\shsvcs.dll
12:25:16.0811 0x0e10  ShellHWDetection - ok
12:25:17.0032 0x0e10  [

843CAF1E5FDE1FFD5FF768F23A51E2E1,

89CA9F516E42A6B905474D738CDA2C121020A07DBD4

E66CFE569DD77D79D7820 ] SiSRaid2        C:

\Windows\system32\DRIVERS\SiSRaid2.sys
12:25:17.0048 0x0e10  SiSRaid2 - ok
12:25:17.0196 0x0e10  [

6A6C106D42E9FFFF8B9FCB4F754F6DA4,

87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCF

C63F0E4A03824F1E33E5E ] SiSRaid4        C:

\Windows\system32\DRIVERS\sisraid4.sys
12:25:17.0217 0x0e10  SiSRaid4 - ok
12:25:17.0335 0x0e10  [

548260A7B8654E024DC30BF8A7C5BAA4,

4A7E58331D7765A12F53DC2371739DC9A463940B13E

16157CE10DB80E958D740 ] Smb             C:

\Windows\system32\DRIVERS\smb.sys
12:25:17.0409 0x0e10  Smb - ok
12:25:17.0496 0x0e10  [

6313F223E817CC09AA41811DAA7F541D,

D787061043BEEDB9386B048CB9E680E6A88A1CBAE9B

D4A8C0209155BFB76C630 ] SNMPTRAP        C:

\Windows\System32\snmptrap.exe
12:25:17.0563 0x0e10  SNMPTRAP - ok
12:25:17.0638 0x0e10  [

B9E31E5CACDFE584F34F730A677803F9,

21A5130BD00089C609522A372018A719F8E37103D2D

D22C59EACB393BE35A063 ] spldr           C:

\Windows\system32\drivers\spldr.sys
12:25:17.0653 0x0e10  spldr - ok
12:25:17.0782 0x0e10  [

85DAA09A98C9286D4EA2BA8D0E644377,

F9C324E2EF81193FE831C7EECC44A100CA06F82FA73

1BF555D9EA4D91DA13329 ] Spooler         C:

\Windows\System32\spoolsv.exe
12:25:18.0124 0x0e10  Spooler - ok
12:25:18.0868 0x0e10  [

E17E0188BB90FAE42D83E98707EFA59C,

FC075F7B39E86CC8EF6DA4E339FE946917E319C347A

C70FB0C50AAF36F97E27F ] sppsvc          C:

\Windows\system32\sppsvc.exe
12:25:19.0165 0x0e10  sppsvc - ok
12:25:19.0246 0x0e10  [

93D7D61317F3D4BC4F4E9F8A96A7DE45,

36D48B23B8243BE5229707375FCD11C2DCAC9698319

9345365F065A0CBF33314 ] sppuinotify     C:

\Windows\system32\sppuinotify.dll
12:25:19.0305 0x0e10  sppuinotify - ok
12:25:19.0519 0x0e10  [

441FBA48BFF01FDB9D5969EBC1838F0B,

306128F1AD489F87161A089D1BDC1542A4CB742D91A

0C12A7CD1863FDB8932C0 ] srv             C:

\Windows\system32\DRIVERS\srv.sys
12:25:19.0841 0x0e10  srv - ok
12:25:19.0924 0x0e10  [

B4ADEBBF5E3677CCE9651E0F01F7CC28,

726DB2283113AB2A9681E8E9F61132303D6D86E9CD0

34C40EE4A8C9DB29E87F7 ] srv2            C:

\Windows\system32\DRIVERS\srv2.sys
12:25:20.0019 0x0e10  srv2 - ok
12:25:20.0068 0x0e10  [

27E461F0BE5BFF5FC737328F749538C3,

AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF

54DDAF39FF9AF3646D9E6 ] srvnet          C:

\Windows\system32\DRIVERS\srvnet.sys
12:25:20.0137 0x0e10  srvnet - ok
12:25:20.0225 0x0e10  [

51B52FBD583CDE8AA9BA62B8B4298F33,

2E2403F8AA39E79D1281CA006B51B43139C32A5FDD6

4BD34DAA4B935338BD740 ] SSDPSRV         C:

\Windows\System32\ssdpsrv.dll
12:25:20.0448 0x0e10  SSDPSRV - ok
12:25:20.0619 0x0e10  [

AB7AEBF58DAD8DAAB7A6C45E6A8885CB,

D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9

035708F212CC094569D9D ] SstpSvc         C:

\Windows\system32\sstpsvc.dll
12:25:20.0666 0x0e10  SstpSvc - ok
12:25:20.0985 0x0e10  [

5697FB5DCF36ADA09C153378E88AE6AD,

5D9ABCA3CA4D2355CD7FA243633ADB11003B2E8478E

7B2216ADBF84401107AFA ] STacSV          C:

\Windows\System32\DriverStore

\FileRepository

\stwrt64.inf_amd64_neutral_7f58c91b65c73836

\STacSV64.exe
12:25:21.0054 0x0e10  STacSV - ok
12:25:21.0195 0x0e10  [

F3817967ED533D08327DC73BC4D5542A,

1B204454408A690C0A86447F3E4AA9E7C58A9CFB567

C94C17C21920BA648B4D5 ] stexstor        C:

\Windows\system32\DRIVERS\stexstor.sys
12:25:21.0210 0x0e10  stexstor - ok
12:25:21.0314 0x0e10  [

F3F6C17F70EBA268CDBE4F9704E3EAC5,

3B24ED5C3F1E056F86E9DDB8FC5709249BE481D6F23

A0C3611AB3620A799F764 ] STHDA           C:

\Windows\system32\DRIVERS\stwrt64.sys
12:25:21.0378 0x0e10  STHDA - ok
12:25:21.0822 0x0e10  [

8DD52E8E6128F4B2DA92CE27402871C1,

1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE

2B584DFE62B88B11DEF92 ] stisvc          C:

\Windows\System32\wiaservc.dll
12:25:22.0429 0x0e10  stisvc - ok
12:25:22.0498 0x0e10  [

D01EC09B6711A5F8E7E6564A4D0FBC90,

3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E745

18EC9522B58B998E1F969 ] swenum          C:

\Windows\system32\drivers\swenum.sys
12:25:22.0549 0x0e10  swenum - ok
12:25:22.0776 0x0e10  [

E08E46FDD841B7184194011CA1955A0B,

9C3725BB1F08F92744C980A22ED5C874007D3B5863C

7E1F140F50061052AC418 ] swprv           C:

\Windows\System32\swprv.dll
12:25:22.0879 0x0e10  swprv - ok
12:25:23.0040 0x0e10  [

BF9CCC0BF39B418C8D0AE8B05CF95B7D,

3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE

17241C335B9807EB3DBB8 ] SysMain         C:

\Windows\system32\sysmain.dll
12:25:23.0148 0x0e10  SysMain - ok
12:25:23.0523 0x0e10  [

E3C61FD7B7C2557E1F1B0B4CEC713585,

01F0E116606D185BF93B540868075BFB1A398197F6A

ABD994983DBFF56B3A8A0 ] TabletInputService

C:\Windows\System32\TabSvc.dll
12:25:23.0660 0x0e10  TabletInputService -

ok
12:25:23.0816 0x0e10  [

40F0849F65D13EE87B9A9AE3C1DD6823,

E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208

F811F52455F7C2426121F ] TapiSrv         C:

\Windows\System32\tapisrv.dll
12:25:23.0891 0x0e10  TapiSrv - ok
12:25:24.0117 0x0e10  [

1BE03AC720F4D302EA01D40F588162F6,

AB644862BF1D2E824FD846180DEC4E2C0FAFCC51745

1486DE5A92E5E78A952E4 ] TBS             C:

\Windows\System32\tbssvc.dll
12:25:24.0168 0x0e10  TBS - ok
12:25:24.0394 0x0e10  [

40AF23633D197905F03AB5628C558C51,

644656A15236E964E4BE57B42225EAA5643C4CF1FFF

6D306813A000716F9D72C ] Tcpip           C:

\Windows\system32\drivers\tcpip.sys
12:25:24.0592 0x0e10  Tcpip - ok
12:25:24.0836 0x0e10  [

40AF23633D197905F03AB5628C558C51,

644656A15236E964E4BE57B42225EAA5643C4CF1FFF

6D306813A000716F9D72C ] TCPIP6          C:

\Windows\system32\DRIVERS\tcpip.sys
12:25:24.0961 0x0e10  TCPIP6 - ok
12:25:25.0066 0x0e10  [

1B16D0BD9841794A6E0CDE0CEF744ABC,

7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D45

98D42CF86415D67CD674C ] tcpipreg        C:

\Windows\system32\drivers\tcpipreg.sys
12:25:25.0121 0x0e10  tcpipreg - ok
12:25:25.0216 0x0e10  [

3371D21011695B16333A3934340C4E7C,

7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A86

5D67E3F9C4E18A965082D ] TDPIPE          C:

\Windows\system32\drivers\tdpipe.sys
12:25:25.0553 0x0e10  TDPIPE - ok
12:25:25.0627 0x0e10  [

51C5ECEB1CDEE2468A1748BE550CFBC8,

4E8F83877330B421F7B5D8393D34BC44C6450E69209

DAA95B29CB298166A5DF9 ] TDTCP           C:

\Windows\system32\drivers\tdtcp.sys
12:25:25.0662 0x0e10  TDTCP - ok
12:25:25.0831 0x0e10  [

DDAD5A7AB24D8B65F8D724F5C20FD806,

B71F2967A4EE7395E4416C1526CB85368AEA988BDD1

F2C9719C48B08FAFA9661 ] tdx             C:

\Windows\system32\DRIVERS\tdx.sys
12:25:25.0875 0x0e10  tdx - ok
12:25:26.0019 0x0e10  [

561E7E1F06895D78DE991E01DD0FB6E5,

83BFA50A528762EC52A011302AC3874636FB7E26628

CD7ACFBF2BDC9FAA8110D ] TermDD          C:

\Windows\system32\drivers\termdd.sys
12:25:26.0035 0x0e10  TermDD - ok
12:25:26.0188 0x0e10  [

2E648163254233755035B46DD7B89123,

6FA0D07CE18A3A69D82EE49D875F141E39406E92C34

EAC76AC4EB052E6EBCBCD ] TermService     C:

\Windows\System32\termsrv.dll
12:25:26.0266 0x0e10  TermService - ok
12:25:26.0541 0x0e10  [

F0344071948D1A1FA732231785A0664C,

DB9886C2C858FAF45AEA15F8E42860343F73EB8685C

53EC2E8CCC10586CB0832 ] Themes          C:

\Windows\system32\themeservice.dll
12:25:26.0656 0x0e10  Themes - ok
12:25:26.0756 0x0e10  [

E40E80D0304A73E8D269F7141D77250B,

0DB4AC13A264F19A84DC0BCED54E8E404014CC09C99

3B172002B1561EC7E265A ] THREADORDER     C:

\Windows\system32\mmcss.dll
12:25:26.0801 0x0e10  THREADORDER - ok
12:25:26.0867 0x0e10  [

7E7AFD841694F6AC397E99D75CEAD49D,

DE87F203FD8E6BDCCFCA1860A85F283301A365846FB

703D9BB86278D8AC96B07 ] TrkWks          C:

\Windows\System32\trkwks.dll
12:25:26.0999 0x0e10  TrkWks - ok
12:25:27.0208 0x0e10  [

773212B2AAA24C1E31F10246B15B276C,

F2EF85F5ABA307976D9C649D710B408952089458DDE

97D4DEF321DF14E46A046 ] TrustedInstaller

C:\Windows\servicing\TrustedInstaller.exe
12:25:27.0446 0x0e10  TrustedInstaller - ok
12:25:27.0538 0x0e10  [

4CE278FC9671BA81A138D70823FCAA09,

CBE501436696E32A3701B9F377B823AC36647B66265

95F76CC63E2396AD7D300 ] tssecsrv        C:

\Windows\system32\DRIVERS\tssecsrv.sys
12:25:27.0710 0x0e10  tssecsrv - ok
12:25:27.0783 0x0e10  [

17C6B51CBCCDED95B3CC14E22791F85E,

EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD624

81CAA08F5B6A3439C1D7C ] TsUsbFlt        C:

\Windows\system32\drivers\tsusbflt.sys
12:25:27.0868 0x0e10  TsUsbFlt - ok
12:25:29.0116 0x0e10  [

7A0E9E476396572ADD3BFC7639998299,

91C20075C2A3F55A080EC34C75E7B4653ABF48C7565

14DEBE60599FDF550AE71 ] TuneUp.UtilitiesSvc

C:\Program Files (x86)\TuneUp Utilities

2012\TuneUpUtilitiesService64.exe
12:25:29.0310 0x0e10  TuneUp.UtilitiesSvc -

ok
12:25:29.0573 0x0e10  [

DCC94C51D27C7EC0DADECA8F64C94FCF,

90C978C2284C9BDE3EFA1124616D824E0C361C38829

3FA22DBC8C3B70C920574 ] TuneUpUtilitiesDrv

C:\Program Files (x86)\TuneUp Utilities

2012\TuneUpUtilitiesDriver64.sys
12:25:29.0611 0x0e10  TuneUpUtilitiesDrv -

ok
12:25:29.0713 0x0e10  [

3566A8DAAFA27AF944F5D705EAA64894,

AE9D8B648DA08AF667B9456C3FE315489859C157510

A258559F18238F2CC92B8 ] tunnel          C:

\Windows\system32\DRIVERS\tunnel.sys
12:25:29.0897 0x0e10  tunnel - ok
12:25:30.0640 0x0e10  [

B4DD609BD7E282BFC683CEC7EAAAAD67,

EF131DB6F6411CAD36A989A421AF93F89DD61601AC5

24D2FF11C10FF6E3E9123 ] uagp35          C:

\Windows\system32\DRIVERS\uagp35.sys
12:25:30.0667 0x0e10  uagp35 - ok
12:25:31.0774 0x0e10  [

FF4232A1A64012BAA1FD97C7B67DF593,

D8591B4EB056899C7B604E4DD852D82D4D9809F508A

BCED4A03E1BE6D5D456E3 ] udfs            C:

\Windows\system32\DRIVERS\udfs.sys
12:25:31.0848 0x0e10  udfs - ok
12:25:31.0950 0x0e10  [

3CBDEC8D06B9968ABA702EBA076364A1,

B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA2

1CC008E26D1C084972F9B ] UI0Detect       C:

\Windows\system32\UI0Detect.exe
12:25:31.0984 0x0e10  UI0Detect - ok
12:25:32.0083 0x0e10  [

4BFE1BC28391222894CBF1E7D0E42320,

5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7

003AF1D72050D8B102B3A ] uliagpkx        C:

\Windows\system32\drivers\uliagpkx.sys
12:25:32.0178 0x0e10  uliagpkx - ok
12:25:32.0277 0x0e10  [

DC54A574663A895C8763AF0FA1FF7561,

09A3F3597E91CBEB2F38E96E75134312B60CAE5574B

2AD4606C2D3E992AEDDFE ] umbus           C:

\Windows\system32\DRIVERS\umbus.sys
12:25:32.0352 0x0e10  umbus - ok
12:25:32.0422 0x0e10  [

B2E8E8CB557B156DA5493BBDDCC1474D,

F547509A08C0679ACB843E20C9C0CF51BED1B06530B

BC529DFB0944504564A43 ] UmPass          C:

\Windows\system32\DRIVERS\umpass.sys
12:25:32.0522 0x0e10  UmPass - ok
12:25:32.0641 0x0e10  [

D47EC6A8E81633DD18D2436B19BAF6DE,

0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930

542609BCAF574941AA7AE ] upnphost        C:

\Windows\System32\upnphost.dll
12:25:32.0745 0x0e10  upnphost - ok
12:25:32.0854 0x0e10  [

C9E9D59C0099A9FF51697E9306A44240,

78D9A7A5E5742962B6978F475BF06CB32262F1D2146

99D3D40538476A58012A1 ] USBAAPL64       C:

\Windows\system32\Drivers\usbaapl64.sys
12:25:32.0985 0x0e10  USBAAPL64 - ok
12:25:33.0004 0x0e10  usbbus - ok
12:25:33.0109 0x0e10  [

DCA68B0943D6FA415F0C56C92158A83A,

BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38

AD5A20F0A49E5C6766C57 ] usbccgp         C:

\Windows\system32\drivers\usbccgp.sys
12:25:33.0365 0x0e10  usbccgp - ok
12:25:33.0502 0x0e10  [

80B0F7D5CCF86CEB5D402EAAF61FEC31,

140C62116A425DEAD25FE8D82DE283BC92C482A9F64

3658D512F9F67061F28AD ] usbcir          C:

\Windows\system32\drivers\usbcir.sys
12:25:33.0650 0x0e10  usbcir - ok
12:25:33.0670 0x0e10  UsbDiag - ok
12:25:33.0717 0x0e10  [

18A85013A3E0F7E1755365D287443965,

811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5

EF1846240EA0052F34C33 ] usbehci         C:

\Windows\system32\DRIVERS\usbehci.sys
12:25:33.0751 0x0e10  usbehci - ok
12:25:33.0774 0x0e10  UsbGps - ok
12:25:33.0817 0x0e10  [

8D1196CFBB223621F2C67D45710F25BA,

B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060

E73F9FFFAC1890A8B6003 ] usbhub          C:

\Windows\system32\DRIVERS\usbhub.sys
12:25:35.0477 0x0e10  usbhub - ok
12:25:35.0499 0x0e10  USBModem - ok
12:25:35.0550 0x0e10  [

765A92D428A8DB88B960DA5A8D6089DC,

56DE8A2ED58E53B202C399CA7BACB1551136303C2EE

0AB426BDBBF880E3C542C ] usbohci         C:

\Windows\system32\drivers\usbohci.sys
12:25:35.0955 0x0e10  usbohci - ok
12:25:36.0114 0x0e10  [

73188F58FB384E75C4063D29413CEE3D,

B485463933306036B1D490722CB1674DC85670753D7

9FA0EF7EBCA7BBAAD9F7C ] usbprint        C:

\Windows\system32\DRIVERS\usbprint.sys
12:25:38.0077 0x0e10  usbprint - ok
12:25:38.0120 0x0e10  [

AAA2513C8AED8B54B189FD0C6B1634C0,

02FEE0B756AA559C29477A19861AC16D5A3152DC3C8

97C7D466423438B6A5E42 ] usbscan         C:

\Windows\system32\DRIVERS\usbscan.sys
12:25:38.0306 0x0e10  usbscan - ok
12:25:38.0342 0x0e10  [

FED648B01349A3C8395A5169DB5FB7D6,

DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB

284248D5711D9C19DEB96 ] USBSTOR         C:

\Windows\system32\DRIVERS\USBSTOR.SYS
12:25:39.0044 0x0e10  USBSTOR - ok
12:25:39.0190 0x0e10  [

DD253AFC3BC6CBA412342DE60C3647F3,

146F8613F1057AC054DC3593E84BC52899DA27EA33B

0E72ACFB78C3699ADCDE7 ] usbuhci         C:

\Windows\system32\DRIVERS\usbuhci.sys
12:25:39.0360 0x0e10  usbuhci - ok
12:25:39.0403 0x0e10  [

7B28E2FBE75115660FAB31079C0A9F29,

81BB5A3E64B652A672A0782A88ABF6DDD729D38712D

0706CE0FB9DE6D1EE1515 ] usb_rndisx      C:

\Windows\system32\drivers\usb8023x.sys
12:25:39.0652 0x0e10  usb_rndisx - ok
12:25:39.0740 0x0e10  [

EDBB23CBCF2CDF727D64FF9B51A6070E,

7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27

572877A0A7B337AE5AE42 ] UxSms           C:

\Windows\System32\uxsms.dll
12:25:39.0967 0x0e10  UxSms - ok
12:25:40.0337 0x0e10  [

15A1BDD1446F4A10D357019106799306,

8FA6F0E2F44557963279D7E524F42337EDE3C53ACFB

2AF786661B50B97771E32 ] UxTuneUp        C:

\Windows\System32\uxtuneup.dll
12:25:41.0161 0x0e10  UxTuneUp - ok
12:25:41.0204 0x0e10  [

4D71227301DD8D09097B9E4CC6527E5A,

193D47ADCB722B581CC0F29B794AB3E455B6E9BEA36

7CE9A5216A09E055B7F1E ] VaultSvc        C:

\Windows\system32\lsass.exe
12:25:41.0429 0x0e10  VaultSvc - ok
12:25:41.0485 0x0e10  [

C5C876CCFC083FF3B128F933823E87BD,

6FE0FBB6C3207E09300E0789E2168F76668D87C317F

E9F263E733827ADCFBE0D ] vdrvroot        C:

\Windows\system32\drivers\vdrvroot.sys
12:25:41.0511 0x0e10  vdrvroot - ok
12:25:41.0609 0x0e10  [

8D6B481601D01A456E75C3210F1830BE,

A2CEF483F4231367138EEF7E67FD5BE5364FC0780C4

4CA1368E36CE4AA3D0633 ] vds             C:

\Windows\System32\vds.exe
12:25:42.0357 0x0e10  vds - ok
12:25:42.0688 0x0e10  [

DA4DA3F5E02943C2DC8C6ED875DE68DD,

EDE604536DB78C512D68C92B26DA77C8811AC109D1F

0A473673F0A82D15A2838 ] vga             C:

\Windows\system32\DRIVERS\vgapnp.sys
12:25:43.0362 0x0e10  vga - ok
12:25:43.0394 0x0e10  [

53E92A310193CB3C03BEA963DE7D9CFC,

45898604375B42EB1246C17A22D91C2440F11C746FF

6459AD38027C1BC2E3125 ] VgaSave         C:

\Windows\System32\drivers\vga.sys
12:25:43.0978 0x0e10  VgaSave - ok
12:25:44.0081 0x0e10  [

2CE2DF28C83AEAF30084E1B1EB253CBB,

D1946816A1CB89F825CBEA58F94A4C9D0CE7249355C

D3915563F54054EE564BF ] vhdmp           C:

\Windows\system32\drivers\vhdmp.sys
12:25:44.0120 0x0e10  vhdmp - ok
12:25:44.0251 0x0e10  [

E5689D93FFE4E5D66C0178761240DD54,

6D35CED80681B12AAF63BFA0DA1C386E71D3838839B

68A686990AA8031949D27 ] viaide          C:

\Windows\system32\drivers\viaide.sys
12:25:44.0278 0x0e10  viaide - ok
12:25:44.0360 0x0e10  [

D2AAFD421940F640B407AEFAAEBD91B0,

31EF342A60AF04F4108759A71F8FB7B8C8819216CF3

D16A95B2BA0E33A8A9161 ] volmgr          C:

\Windows\system32\drivers\volmgr.sys
12:25:44.0464 0x0e10  volmgr - ok
12:25:44.0628 0x0e10  [

A255814907C89BE58B79EF2F189B843B,

463DB771851352185B6AC323BD93B9084D47291E53C

1F7B628B65D6918B2E28F ] volmgrx         C:

\Windows\system32\drivers\volmgrx.sys
12:25:44.0658 0x0e10  volmgrx - ok
12:25:44.0741 0x0e10  [

0D08D2F3B3FF84E433346669B5E0F639,

3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E5

7A3C8757FC675154EBDEC ] volsnap         C:

\Windows\system32\drivers\volsnap.sys
12:25:44.0774 0x0e10  volsnap - ok
12:25:44.0842 0x0e10  [

5E2016EA6EBACA03C04FEAC5F330D997,

53106EB877459FE55A459111F7AB0EE320BB3B4C954

D3DB6FA1642396001F2AC ] vsmraid         C:

\Windows\system32\DRIVERS\vsmraid.sys
12:25:44.0863 0x0e10  vsmraid - ok
12:25:47.0771 0x0e10  [

B60BA0BC31B0CB414593E169F6F21CC2,

47B801E623254CF0202B3591CB5C019CABFB52F123C

7D47E29D19B32F1F2B915 ] VSS             C:

\Windows\system32\vssvc.exe
12:25:48.0165 0x0e10  VSS - ok
12:25:48.0335 0x0e10  [

36D4720B72B5C5D9CB2B9C29E9DF67A1,

3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F39

0F7C21F96458FB6B2E3D7 ] vwifibus        C:

\Windows\system32\DRIVERS\vwifibus.sys
12:25:48.0489 0x0e10  vwifibus - ok
12:25:48.0571 0x0e10  [

6A3D66263414FF0D6FA754C646612F3F,

30F6BA594B0D3B94113064015A16D97811CD989DF17

15CCE21CEAB9894C1B4FB ] VWiFiFlt        C:

\Windows\system32\DRIVERS\vwififlt.sys
12:25:48.0843 0x0e10  VWiFiFlt - ok
12:25:48.0899 0x0e10  [

6A638FC4BFDDC4D9B186C28C91BD1A01,

5521F1DC515586777EC4837E0AEAA3E613CC178AF10

74031C4D0D0C695A93168 ] vwifimp         C:

\Windows\system32\DRIVERS\vwifimp.sys
12:25:48.0970 0x0e10  vwifimp - ok
12:25:49.0044 0x0e10  [

1C9D80CC3849B3788048078C26486E1A,

34A89F31E53F6B6C209B286F580CC2257AE6D057E4E

20741F241C9C167947962 ] W32Time         C:

\Windows\system32\w32time.dll
12:25:49.0162 0x0e10  W32Time - ok
12:25:49.0232 0x0e10  [

4E9440F4F152A7B944CB1663D3935A3E,

8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA

6044048181DAD81816D53 ] WacomPen        C:

\Windows\system32\DRIVERS\wacompen.sys
12:25:49.0266 0x0e10  WacomPen - ok
12:25:49.0326 0x0e10  [

356AFD78A6ED4457169241AC3965230C,

CE4D1EE3525C10AC658B20776C3E444DE44874C8377

13DC5311386EDFCB18399 ] WANARP          C:

\Windows\system32\DRIVERS\wanarp.sys
12:25:49.0438 0x0e10  WANARP - ok
12:25:49.0460 0x0e10  [

356AFD78A6ED4457169241AC3965230C,

CE4D1EE3525C10AC658B20776C3E444DE44874C8377

13DC5311386EDFCB18399 ] Wanarpv6        C:

\Windows\system32\DRIVERS\wanarp.sys
12:25:49.0508 0x0e10  Wanarpv6 - ok
12:25:49.0693 0x0e10  [

3CEC96DE223E49EAAE3651FCF8FAEA6C,

4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD

4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:

\Windows\system32\Wat\WatAdminSvc.exe
12:25:49.0845 0x0e10  WatAdminSvc - ok
12:25:50.0134 0x0e10  [

78F4E7F5C56CB9716238EB57DA4B6A75,

46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E

390A82A1611C3F6E0C9AF ] wbengine        C:

\Windows\system32\wbengine.exe
12:25:50.0454 0x0e10  wbengine - ok
12:25:50.0539 0x0e10  [

3AA101E8EDAB2DB4131333F4325C76A3,

4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D43

3C695BA23EC80827E49DE ] WbioSrvc        C:

\Windows\System32\wbiosrvc.dll
12:25:50.0571 0x0e10  WbioSrvc - ok
12:25:50.0680 0x0e10  [

7368A2AFD46E5A4481D1DE9D14848EDD,

8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4

AA74F07C88445F90DED57 ] wcncsvc         C:

\Windows\System32\wcncsvc.dll
12:25:50.0804 0x0e10  wcncsvc - ok
12:25:50.0869 0x0e10  [

20F7441334B18CEE52027661DF4A6129,

7B8E0247234B740FED2BE9B833E9CE8DD7453340123

AB43F6B495A7E6A27B0DD ] WcsPlugInService

C:\Windows\System32\WcsPlugInService.dll
12:25:51.0221 0x0e10  WcsPlugInService - ok
12:25:51.0322 0x0e10  [

72889E16FF12BA0F235467D6091B17DC,

F2FD0BBD075E33608D93F350D216F97442AB89ABD54

0513C2D568C78096E12A8 ] Wd              C:

\Windows\system32\DRIVERS\wd.sys
12:25:51.0338 0x0e10  Wd - ok
12:25:51.0428 0x0e10  [

A3D04EBF5227886029B4532F20D026F7,

D90F7B9C176008675DA0B5FD7E4973CBC2A04172CED

F8FB7D3B3B4F27B5440D7 ] WDC_SAM         C:

\Windows\system32\DRIVERS\wdcsam64.sys
12:25:51.0490 0x0e10  WDC_SAM - ok
12:25:52.0685 0x0e10  [

E2C933EDBC389386EBE6D2BA953F43D8,

AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A96

45A36F5D111F758AF2F07 ] Wdf01000        C:

\Windows\system32\drivers\Wdf01000.sys
12:25:52.0775 0x0e10  Wdf01000 - ok
12:25:52.0840 0x0e10  [

BF1FC3F79B863C914687A737C2F3D681,

B2DF47AC4931ACFB243775767B77065CC0D98778FC0

243C793A3E219EB961209 ] WdiServiceHost  C:

\Windows\system32\wdi.dll
12:25:55.0378 0x0e10  WdiServiceHost - ok
12:25:55.0492 0x0e10  [

BF1FC3F79B863C914687A737C2F3D681,

B2DF47AC4931ACFB243775767B77065CC0D98778FC0

243C793A3E219EB961209 ] WdiSystemHost   C:

\Windows\system32\wdi.dll
12:25:55.0518 0x0e10  WdiSystemHost - ok
12:25:55.0839 0x0e10  [

0EB0E5D22B1760F2DBCE632F2DD7A54D,

B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037

B5475DF192982DE035C22 ] WebClient       C:

\Windows\System32\webclnt.dll
12:25:55.0958 0x0e10  WebClient - ok
12:25:56.0013 0x0e10  [

C749025A679C5103E575E3B48E092C43,

B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE6

95F6A90640E6EE8EB55C1 ] Wecsvc          C:

\Windows\system32\wecsvc.dll
12:25:56.0099 0x0e10  Wecsvc - ok
12:25:56.0139 0x0e10  [

7E591867422DC788B9E5BD337A669A08,

484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90

D94B14D80C607784F6C75 ] wercplsupport   C:

\Windows\System32\wercplsupport.dll
12:25:56.0187 0x0e10  wercplsupport - ok
12:25:56.0253 0x0e10  [

6D137963730144698CBD10F202E9F251,

A9F522A125158D94F540544CCD4DBF47B9DCE2EA878

C33675AFE40F80E8F4979 ] WerSvc          C:

\Windows\System32\WerSvc.dll
12:25:56.0351 0x0e10  WerSvc - ok
12:25:56.0413 0x0e10  [

611B23304BF067451A9FDEE01FBDD725,

0AF2734B978165FC6FD22B64862132CCE32528A21C6

98A49D176129446E099C8 ] WfpLwf          C:

\Windows\system32\DRIVERS\wfplwf.sys
12:25:56.0589 0x0e10  WfpLwf - ok
12:25:56.0690 0x0e10  [

05ECAEC3E4529A7153B3136CEB49F0EC,

9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41

E9444BDAB9E75744C9A50 ] WIMMount        C:

\Windows\system32\drivers\wimmount.sys
12:25:56.0715 0x0e10  WIMMount - ok
12:25:56.0773 0x0e10  WinDefend - ok
12:25:56.0976 0x0e10  WinHttpAutoProxySvc -

ok
12:25:57.0073 0x0e10  [

19B07E7E8915D701225DA41CB3877306,

D6555E8D276DBB11358246E0FE215F76F1FB358791C

76B88D82C2A66A42DA19F ] Winmgmt         C:

\Windows\system32\wbem\WMIsvc.dll
12:25:57.0153 0x0e10  Winmgmt - ok
12:25:57.0478 0x0e10  [

BCB1310604AA415C4508708975B3931E,

9D943F086D454345153A0DD426B4432532A44FD8795

0386B186E1CAD2AC70565 ] WinRM           C:

\Windows\system32\WsmSvc.dll
12:25:57.0708 0x0e10  WinRM - ok
12:25:57.0799 0x0e10  [

FE88B288356E7B47B74B13372ADD906D,

A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC9157

99783CF4C40E525BC9E03 ] WinUsb          C:

\Windows\system32\DRIVERS\WinUsb.sys
12:25:58.0228 0x0e10  WinUsb - ok
12:25:58.0316 0x0e10  [

4FADA86E62F18A1B2F42BA18AE24E6AA,

CE1683386886BF34862681A46199EA7E7FB4232A186

047DA7FBD8EC240AF6726 ] Wlansvc         C:

\Windows\System32\wlansvc.dll
12:25:58.0547 0x0e10  Wlansvc - ok
12:25:58.0809 0x0e10  [

2BACD71123F42CEA603F4E205E1AE337,

1FEF20554110371D738F462ECFFA999158EFEED0206

2414C58C1B61C422BF0B9 ] wlidsvc         C:

\Program Files\Common Files\Microsoft

Shared\Windows Live\WLIDSVC.EXE
12:25:58.0940 0x0e10  wlidsvc - ok
12:25:58.0991 0x0e10  [

F6FF8944478594D0E414D3F048F0D778,

6F75E0AE6127B33A92A88E59D4B048FD4C15F997807

BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:

\Windows\system32\drivers\wmiacpi.sys
12:25:59.0088 0x0e10  WmiAcpi - ok
12:25:59.0205 0x0e10  [

38B84C94C5A8AF291ADFEA478AE54F93,

1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C

843742B21FDB90D102B2A ] wmiApSrv        C:

\Windows\system32\wbem\WmiApSrv.exe
12:25:59.0455 0x0e10  wmiApSrv - ok
12:25:59.0511 0x0e10  WMPNetworkSvc - ok
12:25:59.0633 0x0e10  [

96C6E7100D724C69FCF9E7BF590D1DCA,

2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F36

43467829B5A573FD7655B ] WPCSvc          C:

\Windows\System32\wpcsvc.dll
12:26:00.0057 0x0e10  WPCSvc - ok
12:26:00.0168 0x0e10  [

93221146D4EBBF314C29B23CD6CC391D,

C0750858A65BF51E210CD244C825C121D67E025CD2D

2455139991AAC289A90FE ] WPDBusEnum      C:

\Windows\system32\wpdbusenum.dll
12:26:00.0400 0x0e10  WPDBusEnum - ok
12:26:00.0572 0x0e10  [

6BCC1D7D2FD2453957C5479A32364E52,

E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B7

9064F8F5E2562D517F090 ] ws2ifsl         C:

\Windows\system32\drivers\ws2ifsl.sys
12:26:00.0789 0x0e10  ws2ifsl - ok
12:26:00.0850 0x0e10  [

E8B1FE6669397D1772D8196DF0E57A9E,

39FE0819360719F756BD31A1884A0508A1E2371ACC7

23E25E005CBEC0A7B02FA ] wscsvc          C:

\Windows\System32\wscsvc.dll
12:26:00.0890 0x0e10  wscsvc - ok
12:26:01.0022 0x0e10  [

8D918B1DB190A4D9B1753A66FA8C96E8,

DB7D2714DC04D2D6999A207D7399A5647C8653E5A1A

D80856A65C5B6065AEDFE ] WSDPrintDevice  C:

\Windows\system32\DRIVERS\WSDPrint.sys
12:26:01.0067 0x0e10  WSDPrintDevice - ok
12:26:01.0088 0x0e10  WSearch - ok
12:26:01.0457 0x0e10  [

D9EF901DCA379CFE914E9FA13B73B4C4,

3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC1

8ACB7D3DE3DDFC5AE0004 ] wuauserv        C:

\Windows\system32\wuaueng.dll
12:26:01.0645 0x0e10  wuauserv - ok
12:26:01.0772 0x0e10  [

AB886378EEB55C6C75B4F2D14B6C869F,

D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E79

9C2D8D74AA4F5477CAED6 ] WudfPf          C:

\Windows\system32\drivers\WudfPf.sys
12:26:01.0907 0x0e10  WudfPf - ok
12:26:01.0978 0x0e10  [

DDA4CAF29D8C0A297F886BFE561E6659,

94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E

626111458ADF66BFBE978 ] WUDFRd          C:

\Windows\system32\DRIVERS\WUDFRd.sys
12:26:02.0024 0x0e10  WUDFRd - ok
12:26:02.0113 0x0e10  [

B20F051B03A966392364C83F009F7D17,

88ECEB55AE91F58F592B96EBC10B572747D5A2F9B76

29E8F371761E4F7408A65 ] wudfsvc         C:

\Windows\System32\WUDFSvc.dll
12:26:02.0196 0x0e10  wudfsvc - ok
12:26:02.0332 0x0e10  [

FE90B750AB808FB9DD8FBB428B5FF83B,

3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610

612D9871F209A17326AA8 ] WwanSvc         C:

\Windows\System32\wwansvc.dll
12:26:02.0646 0x0e10  WwanSvc - ok
12:26:02.0752 0x0e10  [

64F88AF327AA74E03658AE32B48CCB8B,

52C8941D96F2EF89BBC4A4268DC59E5BC89AE2DAB19

9C13BBFF11C2606BE7FFA ] yukonw7         C:

\Windows\system32\DRIVERS\yk62x64.sys
12:26:02.0913 0x0e10  yukonw7 - ok
12:26:03.0188 0x0e10  ================ Scan

global ===============================
12:26:03.0501 0x0e10  [

BA0CD8C393E8C9F83354106093832C7B,

18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E5

78A618DD5859E8ADBF1A8 ] C:\Windows

\system32\basesrv.dll
12:26:03.0575 0x0e10  [

88EDD0B34EED542745931E581AD21A32,

DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BD

C08858407ED92F6FFA031 ] C:\Windows

\system32\winsrv.dll
12:26:03.0595 0x0e10  [

88EDD0B34EED542745931E581AD21A32,

DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BD

C08858407ED92F6FFA031 ] C:\Windows

\system32\winsrv.dll
12:26:03.0641 0x0e10  [

D6160F9D869BA3AF0B787F971DB56368,

0033E6212DD8683E4EE611B290931FDB227B4795F0B

17C309DC686C696790529 ] C:\Windows

\system32\sxssrv.dll
12:26:03.0683 0x0e10  [

24ACB7E5BE595468E3B9AA488B9B4FCB,

63541E3432FCE953F266AE553E7A394978D6EE3DB52

388D885F668CF42C5E7E2 ] C:\Windows

\system32\services.exe
12:26:03.0693 0x0e10  [ Global ] - ok
12:26:03.0697 0x0e10  ================ Scan

MBR ==================================
12:26:03.0784 0x0e10  [

A36C5E4F47E84449FF07ED3517B43A31 ] \Device

\Harddisk0\DR0
12:26:05.0263 0x0e10  \Device\Harddisk0\DR0

- detected TDSS File System ( 1 )
12:26:05.0263 0x0e10  \Device\Harddisk0\DR0

( TDSS File System ) - warning
12:26:09.0048 0x0e10  ================ Scan

VBR ==================================
12:26:09.0063 0x0e10  [

6F4D1F63D8140A72B7DE90EC3449E2D2 ] \Device

\Harddisk0\DR0\Partition1
12:26:09.0065 0x0e10  \Device

\Harddisk0\DR0\Partition1 - detected

Rootkit.Boot.Cidox.b ( 0 )
12:26:09.0065 0x0e10  \Device

\Harddisk0\DR0\Partition1 (

Rootkit.Boot.Cidox.b ) - infected
12:26:11.0617 0x0e10  [

4ECBBFE23C4EB6BE0F4587931E276B32 ] \Device

\Harddisk0\DR0\Partition2
12:26:11.0618 0x0e10  \Device

\Harddisk0\DR0\Partition2 - ok
12:26:12.0620 0x0e10  AV detected via SS2:

Microsoft Security Essentials, C:\Program

Files\Microsoft Security Client\msseces.exe

( 4.4.304.0 ), 0x61000 ( enabled : updated

)
12:26:13.0216 0x0e10  Win FW state via

NFP2: enabled
12:26:16.0604 0x0e10  

===========================================

=================
12:26:16.0604 0x0e10  Scan finished
12:26:16.0604 0x0e10  

===========================================

=================
12:26:16.0620 0x0824  Detected object

count: 2
12:26:16.0620 0x0824  Actual detected

object count: 2
12:26:42.0275 0x0824  \Device\Harddisk0\DR0

( TDSS File System ) - skipped by user
12:26:42.0284 0x0824  \Device\Harddisk0\DR0

( TDSS File System ) - User select action:

Skip
12:26:42.0746 0x0824  \Device

\Harddisk0\DR0\Partition1 - copied to

quarantine
12:26:43.0024 0x0824  \Device

\Harddisk0\DR0\Partition1 (

Rootkit.Boot.Cidox.b ) - will be cured on

reboot
12:26:43.0278 0x0824  \Device

\Harddisk0\DR0\Partition1 - ok
12:26:43.0278 0x0824  \Device

\Harddisk0\DR0\Partition1 (

Rootkit.Boot.Cidox.b ) - User select

action: Cure
12:26:44.0270 0x0824  KLMD registered as

C:\Windows\system32\drivers\03328347.sys
 



#4 gillybean

gillybean
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Canada
  • Local time:08:41 AM

Posted 04 March 2014 - 12:51 PM

FRST log

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-03-2014
Ran by Admin (administrator) on JILL on 04-03-2014 12:32:17
Running from C:\Users\Admin\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\STacSV64.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Pelmorex Media Inc.) C:\Users\Admin\AppData\Local\TheWeatherNetwork\WeatherEye\WeatherEye.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft) C:\Users\Admin\AppData\Roaming\ABBYY\WmiPrv\WmiPrvSE.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
() C:\Users\Admin\Documents\My Downloads\unblock-us.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Akamai Technologies, Inc.) C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe
(Kaspersky Lab ZAO) C:\Users\Admin\Desktop\tdsskiller.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\sysWow64\SearchProtocolHost.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [384296 2010-04-05] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-02-26] (IDT, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [] - [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2872217846-2366721368-2158741004-1000\...\Run: [Akamai NetSession Interface] - C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe [4480768 2013-01-26] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2872217846-2366721368-2158741004-1000\...\Run: [WeatherEye] - C:\Users\Admin\AppData\Local\TheWeatherNetwork\WeatherEye\WeatherEye.exe [311584 2011-08-22] (Pelmorex Media Inc.)
HKU\S-1-5-21-2872217846-2366721368-2158741004-1000\...\Run: [WmiPrv] - C:\Users\Admin\AppData\Roaming\ABBYY\WmiPrv\WmiPrvSE.exe [580096 2014-02-28] (Microsoft)
HKU\S-1-5-21-2872217846-2366721368-2158741004-1000\...\Run: [RoboForm] - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [109784 2014-02-28] (Siber Systems)
IFEO\rim.desktop.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IFEO\tomtomhome.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?rd=1&ucc=CA&dcc=CA&opt=0
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE8412F5506E2CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
SearchScopes: HKCU - {21A02620-5D0E-4252-9884-358CF944EAB9} URL = http://websearch.ask.com/redirect?client=ie&tb=HIP&o=102874&src=crm&q={searchTerms}&locale=&apn_ptnrs=6E&apn_dtid=YYYYYYCLUS&apn_uid=b2971d51-f011-4a09-96d4-966336f06bc3&apn_sauid=9BFE1E10-374F-460C-BD26-4A0C130FCAF7
SearchScopes: HKCU - {52D9C336-5D99-4B05-8F76-54AB70B87F72} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3308528&CUI=UN13047350157561401&UM=2
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
BHO: RoboForm Toolbar Helper - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: RoboForm Toolbar Helper - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 208.122.23.22 208.122.23.23 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cri7fvy7.default-1386448882172
FF user.js: detected! => C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cri7fvy7.default-1386448882172\user.js
FF Homepage: hxxp://ca.msn.com/|hxxp://ca.yahoo.com/|https://www.google.ca/|https://www.facebook.com/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Extension: TinEye Reverse Image Search - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cri7fvy7.default-1386448882172\Extensions\tineye@ideeinc.com.xpi [2013-12-15]
FF HKLM-x32\...\Firefox\Extensions: [fbphotozoom@installdaddy.com] - C:\Program Files (x86)\fbphotozoom\fbphotozoom13.xpi
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-04-04]
FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
FF Extension: RoboForm Toolbar for Firefox - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2012-04-25]

Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-02-08]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-02-08]
CHR Extension: (No Name) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp [2013-04-03]
CHR Extension: (No Name) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjohejgigkmiclpgnilojffhiohcglib [2012-02-08]
CHR Extension: (Google Search) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-02-08]
CHR Extension: (Twitter) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfkogbicoohcjbjlppcaeiggjomjkkem [2012-02-08]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-02-08]
CHR HKCU\...\Chrome\Extension: [cflheckfmhopnialghigdlggahiomebp] - C:\Users\Admin\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx [2013-03-26]
CHR HKLM-x32\...\Chrome\Extension: [cflheckfmhopnialghigdlggahiomebp] - C:\Users\Admin\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx [2013-03-26]
CHR HKLM-x32\...\Chrome\Extension: [mpieaakhacmfleokhjcjnpcnmnmpfkid] - C:\Program Files (x86)\fbphotozoom\fbphotozoom13.crx [2013-03-26]
CHR HKLM-x32\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\Admin\AppData\Local\Temp\ccex.crx [2013-03-26]
CHR StartMenuInternet: Google Chrome - C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2012-08-23] ()
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\STacSV64.exe [244736 2010-02-26] (IDT, Inc.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2144056 2013-12-11] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

U0 98987031; C:\Windows\System32\drivers\03328347.sys [233056 2014-03-04] (Kaspersky Lab, Yury Parshin)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
U4 Csdsbsssyin; No ImagePath
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [78336 2013-01-03] (Research In Motion Limited)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [848384 2011-05-13] (Realtek Semiconductor Corporation                           )
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [11856 2012-05-08] (TuneUp Software)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
S3 usbbus; system32\DRIVERS\lgx64bus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X]
S3 UsbGps; system32\DRIVERS\lgx64gps.sys [X]
S3 USBModem; system32\DRIVERS\lgx64modem.sys [X]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\03328347.sys 4A4D0DCA1375F18937DEC406D95B19BC
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 79059559E89D06E8B80CE2944BE20228
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\System32\DRIVERS\Apfiltr.sys 98449A2957778A6F025C418438A380F4
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys 3CA734CE373E5675FBC15CA2C45228E5
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 88612F1CE3BF42256913BF6E61C70D52
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iaStor.sys 4F6FB2CDBDEEFC47E7D2066E78254580
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\igdkmd64.sys C6238C6ABD6AC99F5D152DA4E9439A3D
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 8F489706472F7E9A06BAAA198703FA64
C:\Windows\System32\Drivers\ksecpkg.sys 868A2CAAB12EFC7A021682BCA0EEC54C
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mbam.sys 0BB97D43299910CBFBA59C461B99B910
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\MpFilter.sys C6B88D62F20AC646C6BD5C032EC2FAF9
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netw5v64.sys 64428DFDAF6E88366CB51F45A79C5F69
C:\Windows\System32\DRIVERS\NETwNs64.sys 1D974430131627AD97BD28E5746C2EC1
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NisDrvWFP.sys ACE8C64C57E4A711473C8BC10ADF692B
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys B98F8C6E31CD07B2E6F71F7F648E38C0
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RimUsb_AMD64.sys 6D850FAD4CC9498D1F382B77BA4035CC
C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys 344604E6913BD6E4EAEC34AF2E0943D7
C:\Windows\System32\Drivers\RootMdm.sys 388D3DD1A6457280F3BADBA9F3ACD6B1
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RTL8192cu.sys 665BA29357882A8C5980B15B3A0123A4
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\stwrt64.sys F3F6C17F70EBA268CDBE4F9704E3EAC5
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\DRIVERS\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09
C:\Windows\System32\drivers\tsusbflt.sys 17C6B51CBCCDED95B3CC14E22791F85E
C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys DCC94C51D27C7EC0DADECA8F64C94FCF
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl64.sys C9E9D59C0099A9FF51697E9306A44240
C:\Windows\system32\drivers\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\System32\DRIVERS\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\System32\DRIVERS\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\system32\drivers\usb8023x.sys 7B28E2FBE75115660FAB31079C0A9F29
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wdcsam64.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WSDPrint.sys 8D918B1DB190A4D9B1753A66FA8C96E8
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\System32\DRIVERS\yk62x64.sys ==> MD5 is legit

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-04 12:32 - 2014-03-04 12:34 - 00032869 _____ () C:\Users\Admin\Desktop\FRST.txt
2014-03-04 12:31 - 2014-03-04 12:32 - 00000000 ___DC () C:\FRST
2014-03-04 12:26 - 2014-03-04 12:26 - 00233056 _____ (Kaspersky Lab, Yury Parshin) C:\Windows\system32\Drivers\03328347.sys
2014-03-04 12:26 - 2014-03-04 12:26 - 00000000 ___DC () C:\TDSSKiller_Quarantine
2014-03-04 12:15 - 2014-03-04 12:16 - 02156544 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2014-03-04 12:14 - 2014-03-04 12:14 - 04130656 _____ (Kaspersky Lab ZAO) C:\Users\Admin\Desktop\tdsskiller.exe
2014-03-03 20:55 - 2014-03-03 21:21 - 00002652 _____ () C:\Users\Admin\Desktop\Rkill.txt
2014-03-03 19:55 - 2014-03-03 22:25 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-03 19:55 - 2014-03-03 20:30 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-03 19:43 - 2014-03-03 20:25 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-03 19:41 - 2014-03-03 22:25 - 00000000 ____D () C:\Users\Admin\Desktop\mbar
2014-03-03 18:37 - 2014-03-03 18:37 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Admin\Desktop\rkill.exe
2014-03-03 18:34 - 2014-03-03 18:35 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Admin\Desktop\mbar-1.07.0.1009.exe
2014-03-03 18:33 - 2014-03-03 18:33 - 00005772 _____ () C:\Users\Public\Documents\dell chat.txt
2014-03-03 18:31 - 2014-03-03 18:31 - 00030264 _____ () C:\Users\Public\Documents\minitoolbox.txt
2014-03-03 18:26 - 2014-03-03 18:26 - 00002496 _____ () C:\Users\Public\Documents\FSS.txt
2014-03-03 17:42 - 2014-03-03 17:55 - 00001026 _____ () C:\Users\Public\Documents\checkup.txt
2014-03-03 17:35 - 2014-03-03 17:36 - 00987425 _____ () C:\Users\Admin\Desktop\SecurityCheck.exe
2014-03-03 16:02 - 2014-03-03 16:02 - 00000376 _____ () C:\Windows\Tasks\Run RoboForm TaskBar Icon.job
2014-03-03 15:43 - 2014-03-03 15:43 - 00000246 _____ () C:\Users\Public\Documents\script not responding.txt
2014-03-03 15:43 - 2014-03-03 15:43 - 00000149 _____ () C:\Users\Public\Documents\shockwave flash not responding.txt
2014-03-03 15:27 - 2014-03-03 15:27 - 00000000 ____D () C:\Windows\system32\MpEngineStore
2014-03-03 14:49 - 2014-03-03 14:49 - 00000000 ____D () C:\Windows\Microsoft Antimalware
2014-03-02 19:18 - 2014-03-02 19:18 - 00117336 _____ () C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-02 19:17 - 2014-03-04 12:07 - 00000616 _____ () C:\Windows\setupact.log
2014-03-02 19:17 - 2014-03-03 11:28 - 00001206 _____ () C:\Windows\PFRO.log
2014-03-02 19:17 - 2014-03-02 19:17 - 00437424 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-02 19:17 - 2014-03-02 19:17 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-01 20:14 - 2014-03-01 20:14 - 00000000 ____D () C:\Users\Admin\Doctor Web
2014-03-01 10:13 - 2014-03-01 10:13 - 00001533 _____ () C:\Users\Admin\Desktop\aswMBR.txt
2014-03-01 10:13 - 2014-03-01 10:13 - 00000512 _____ () C:\Users\Admin\Desktop\MBR.dat
2014-02-28 20:25 - 2014-02-28 20:26 - 04745728 _____ (AVAST Software) C:\Users\Admin\Desktop\aswMBR.exe
2014-02-23 22:12 - 2014-02-27 19:00 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-23 22:12 - 2014-02-27 19:00 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-23 20:05 - 2014-02-23 20:05 - 00000000 __SHD () C:\found.003
2014-02-15 14:32 - 2014-02-15 14:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-14 21:37 - 2013-12-21 04:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-14 21:37 - 2013-12-21 03:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-14 21:36 - 2014-02-06 06:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-14 21:36 - 2014-02-06 06:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-14 21:36 - 2014-02-06 06:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-14 21:36 - 2014-02-06 06:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-14 21:36 - 2014-02-06 05:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-14 21:36 - 2014-02-06 05:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-14 21:36 - 2014-02-06 05:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-14 21:36 - 2014-02-06 05:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-14 21:36 - 2014-02-06 05:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-14 21:36 - 2014-02-06 05:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-14 21:36 - 2014-02-06 05:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-14 21:36 - 2014-02-06 05:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-14 21:36 - 2014-02-06 05:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-14 21:36 - 2014-02-06 05:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-14 21:36 - 2014-02-06 04:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-14 21:36 - 2014-02-06 04:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-14 21:36 - 2014-02-06 04:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-14 21:36 - 2014-02-06 04:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-14 21:36 - 2014-02-06 04:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-14 21:36 - 2014-02-06 04:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-14 21:36 - 2014-02-06 04:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-14 21:35 - 2014-02-06 07:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-14 21:35 - 2014-02-06 06:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-14 21:35 - 2014-02-06 05:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-14 21:35 - 2014-02-06 05:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-14 21:35 - 2014-02-06 05:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-14 21:35 - 2014-02-06 04:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-14 21:35 - 2014-02-06 04:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-14 21:35 - 2014-02-06 04:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-14 21:35 - 2014-02-06 04:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-14 21:35 - 2014-02-06 04:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-14 21:35 - 2014-02-06 04:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-14 21:35 - 2014-02-06 04:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-14 21:35 - 2014-02-06 04:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-14 21:35 - 2014-02-06 03:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-14 21:35 - 2014-02-06 03:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-14 21:35 - 2014-02-06 03:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-14 21:35 - 2014-02-06 03:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-14 21:35 - 2014-02-06 03:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-14 11:12 - 2013-12-31 18:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-14 11:12 - 2013-12-31 18:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-14 11:12 - 2013-12-05 21:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-14 11:12 - 2013-12-05 21:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-14 11:12 - 2013-12-05 21:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-14 11:12 - 2013-12-05 21:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-14 11:11 - 2013-12-03 21:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-14 11:11 - 2013-12-03 21:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-14 11:11 - 2013-12-03 21:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-14 11:11 - 2013-12-03 21:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-14 11:11 - 2013-12-03 21:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-14 11:11 - 2013-12-03 21:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-14 11:11 - 2013-12-03 21:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-14 11:11 - 2013-12-03 21:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-14 11:11 - 2013-12-03 21:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-14 11:11 - 2013-12-03 21:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-14 11:11 - 2013-12-03 21:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-14 11:11 - 2013-12-03 21:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-14 11:11 - 2013-12-03 21:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-14 11:11 - 2013-12-03 21:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-14 11:11 - 2013-12-03 20:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-14 11:11 - 2013-12-03 20:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-14 11:11 - 2013-12-03 20:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-14 11:11 - 2013-12-03 20:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-14 11:09 - 2013-12-24 18:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-14 11:09 - 2013-12-24 17:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-14 11:09 - 2013-11-26 03:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-14 11:09 - 2013-11-22 17:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-07 14:20 - 2014-02-07 14:32 - 00000000 ____D () C:\Users\Admin\Silhouette4.5
2014-02-07 14:07 - 2014-02-07 14:07 - 00000000 ___DC () C:\Program Files\SilhouetteFX
2014-02-07 14:01 - 2014-02-07 14:01 - 00000000 ____D () C:\Users\Admin\AppData\Local\PackageAware
2014-02-06 12:51 - 2014-02-06 12:51 - 00000059 _____ () C:\Users\Public\Documents\cogeco appt feb 12 2014.txt
2014-02-05 18:31 - 2014-02-23 19:06 - 00000000 ____D () C:\Windows\SysWOW64\WNLT
2014-02-05 18:31 - 2014-02-05 18:31 - 00000000 ____D () C:\Windows\SysWOW64\ARFC
2014-02-05 18:31 - 2013-12-29 05:12 - 01833776 _____ () C:\Windows\system32\dmwu.exe
2014-02-05 18:31 - 2013-12-29 05:08 - 00033792 _____ (IncrediMail, Ltd.) C:\Windows\system32\ImHttpComm.dll
2014-02-05 16:16 - 2014-02-05 16:19 - 00000000 ___HD () C:\ProgramData\ArcSoft
2014-02-05 16:16 - 2014-02-05 16:16 - 00000000 ____D () C:\Users\Admin\AppData\Local\ArcSoft
2014-02-05 16:15 - 2014-02-06 08:56 - 00000000 ___DC () C:\Program Files (x86)\ArcSoft
2014-02-05 16:15 - 2014-02-05 16:19 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\ArcSoft
2014-02-05 14:26 - 2014-02-05 14:26 - 00000108 _____ () C:\Users\Admin\Documents\Telus payments Feb and March 2014.txt
2014-02-02 12:59 - 2014-02-02 12:59 - 00000039 ____H () C:\Users\Admin\Documents\.picasa.ini
2014-02-02 12:59 - 2014-02-02 12:59 - 00000000 ___HD () C:\Users\Admin\Documents\.picasaoriginals

==================== One Month Modified Files and Folders =======

2014-03-04 12:34 - 2014-03-04 12:32 - 00032869 _____ () C:\Users\Admin\Desktop\FRST.txt
2014-03-04 12:32 - 2014-03-04 12:31 - 00000000 ___DC () C:\FRST
2014-03-04 12:30 - 2013-06-16 17:36 - 01376902 _____ () C:\Windows\WindowsUpdate.log
2014-03-04 12:26 - 2014-03-04 12:26 - 00233056 _____ (Kaspersky Lab, Yury Parshin) C:\Windows\system32\Drivers\03328347.sys
2014-03-04 12:26 - 2014-03-04 12:26 - 00000000 ___DC () C:\TDSSKiller_Quarantine
2014-03-04 12:19 - 2009-07-13 23:45 - 00016000 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-04 12:19 - 2009-07-13 23:45 - 00016000 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-04 12:17 - 2009-07-14 00:13 - 00006446 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-04 12:16 - 2014-03-04 12:15 - 02156544 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2014-03-04 12:14 - 2014-03-04 12:14 - 04130656 _____ (Kaspersky Lab ZAO) C:\Users\Admin\Desktop\tdsskiller.exe
2014-03-04 12:11 - 2013-05-14 10:53 - 00000000 ____D () C:\Users\Admin\AppData\Local\Akamai
2014-03-04 12:10 - 2013-08-12 11:45 - 00003290 _____ () C:\Windows\System32\Tasks\Unblock-us
2014-03-04 12:09 - 2013-05-14 16:13 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-03-04 12:08 - 2012-09-19 13:56 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\ABBYY
2014-03-04 12:07 - 2014-03-02 19:17 - 00000616 _____ () C:\Windows\setupact.log
2014-03-04 12:07 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-03 22:28 - 2013-06-10 12:32 - 00000000 ____D () C:\Users\Admin\Documents\Outlook Files
2014-03-03 22:25 - 2014-03-03 19:55 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-03 22:25 - 2014-03-03 19:41 - 00000000 ____D () C:\Users\Admin\Desktop\mbar
2014-03-03 22:01 - 2012-08-21 13:23 - 00000256 _____ () C:\Windows\Tasks\HP Photo Creations Messager.job
2014-03-03 21:21 - 2014-03-03 20:55 - 00002652 _____ () C:\Users\Admin\Desktop\Rkill.txt
2014-03-03 20:30 - 2014-03-03 19:55 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-03 20:25 - 2014-03-03 19:43 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-03 20:15 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-03 19:32 - 2013-04-03 17:03 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\uTorrent
2014-03-03 18:37 - 2014-03-03 18:37 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Admin\Desktop\rkill.exe
2014-03-03 18:35 - 2014-03-03 18:34 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Admin\Desktop\mbar-1.07.0.1009.exe
2014-03-03 18:33 - 2014-03-03 18:33 - 00005772 _____ () C:\Users\Public\Documents\dell chat.txt
2014-03-03 18:31 - 2014-03-03 18:31 - 00030264 _____ () C:\Users\Public\Documents\minitoolbox.txt
2014-03-03 18:26 - 2014-03-03 18:26 - 00002496 _____ () C:\Users\Public\Documents\FSS.txt
2014-03-03 17:55 - 2014-03-03 17:42 - 00001026 _____ () C:\Users\Public\Documents\checkup.txt
2014-03-03 17:36 - 2014-03-03 17:35 - 00987425 _____ () C:\Users\Admin\Desktop\SecurityCheck.exe
2014-03-03 16:02 - 2014-03-03 16:02 - 00000376 _____ () C:\Windows\Tasks\Run RoboForm TaskBar Icon.job
2014-03-03 15:43 - 2014-03-03 15:43 - 00000246 _____ () C:\Users\Public\Documents\script not responding.txt
2014-03-03 15:43 - 2014-03-03 15:43 - 00000149 _____ () C:\Users\Public\Documents\shockwave flash not responding.txt
2014-03-03 15:27 - 2014-03-03 15:27 - 00000000 ____D () C:\Windows\system32\MpEngineStore
2014-03-03 14:49 - 2014-03-03 14:49 - 00000000 ____D () C:\Windows\Microsoft Antimalware
2014-03-03 11:28 - 2014-03-02 19:17 - 00001206 _____ () C:\Windows\PFRO.log
2014-03-02 19:18 - 2014-03-02 19:18 - 00117336 _____ () C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-02 19:17 - 2014-03-02 19:17 - 00437424 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-02 19:17 - 2014-03-02 19:17 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-02 13:46 - 2012-03-10 09:41 - 00000000 ____D () C:\Users\Admin\Documents\Applications
2014-03-02 13:25 - 2012-02-03 17:01 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Vso
2014-03-02 11:00 - 2013-06-30 21:20 - 00002772 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012
2014-03-02 10:51 - 2012-02-15 13:36 - 00000000 ____D () C:\Users\Admin\AppData\Local\Research In Motion
2014-03-02 10:47 - 2012-02-15 13:28 - 00007167 _____ () C:\Users\Admin\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2014-03-01 20:14 - 2014-03-01 20:14 - 00000000 ____D () C:\Users\Admin\Doctor Web
2014-03-01 20:14 - 2012-02-02 18:48 - 00000000 ____D () C:\Users\Admin
2014-03-01 20:12 - 2013-12-22 22:20 - 00240640 ___SH () C:\Users\Admin\Documents\Thumbs.db
2014-03-01 11:31 - 2013-07-27 15:17 - 00000000 ____D () C:\Users\Admin\Documents\ConvertXToDVD
2014-03-01 11:26 - 2012-02-03 17:01 - 00001057 _____ () C:\Users\Admin\AppData\Roaming\vso_ts_preview.xml
2014-03-01 10:13 - 2014-03-01 10:13 - 00001533 _____ () C:\Users\Admin\Desktop\aswMBR.txt
2014-03-01 10:13 - 2014-03-01 10:13 - 00000512 _____ () C:\Users\Admin\Desktop\MBR.dat
2014-02-28 20:26 - 2014-02-28 20:25 - 04745728 _____ (AVAST Software) C:\Users\Admin\Desktop\aswMBR.exe
2014-02-28 17:45 - 2012-02-03 17:58 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\vlc
2014-02-28 17:10 - 2012-02-02 21:47 - 00004108 _____ () C:\Windows\System32\Tasks\Open URL by RoboForm
2014-02-28 17:10 - 2012-02-02 21:47 - 00003484 _____ () C:\Windows\System32\Tasks\Run RoboForm TaskBar Icon
2014-02-28 15:26 - 2012-02-03 16:34 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Adobe
2014-02-28 13:20 - 2012-02-02 18:48 - 00000000 ___RD () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-27 20:32 - 2012-02-06 12:40 - 00000000 ____D () C:\Users\Admin\AppData\Local\Adobe
2014-02-27 19:00 - 2014-02-23 22:12 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-27 19:00 - 2014-02-23 22:12 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-24 22:30 - 2013-07-25 20:04 - 00000000 ____D () C:\Users\Admin\Documents\Resumes
2014-02-23 21:54 - 2012-02-11 15:05 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-23 21:48 - 2012-02-02 22:49 - 00000000 ____D () C:\ProgramData\Skype
2014-02-23 21:42 - 2013-04-25 18:12 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Samsung
2014-02-23 21:42 - 2013-04-25 17:52 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-02-23 21:41 - 2013-04-25 17:52 - 00000000 ____D () C:\ProgramData\Samsung
2014-02-23 21:41 - 2012-03-04 12:09 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-23 21:34 - 2012-02-08 09:07 - 00000000 ____D () C:\Users\Admin\AppData\Local\Google
2014-02-23 20:09 - 2013-08-14 17:07 - 00000000 ___RD () C:\Users\Admin\Google Drive
2014-02-23 20:05 - 2014-02-23 20:05 - 00000000 __SHD () C:\found.003
2014-02-23 19:06 - 2014-02-05 18:31 - 00000000 ____D () C:\Windows\SysWOW64\WNLT
2014-02-21 20:35 - 2013-07-26 19:27 - 00000000 ____D () C:\Windows\Minidump
2014-02-19 11:52 - 2012-06-19 19:05 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler
2014-02-16 18:32 - 2012-02-06 12:25 - 00000000 ____D () C:\ProgramData\Adobe
2014-02-16 12:06 - 2012-02-02 18:59 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-15 19:09 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-02-15 14:33 - 2014-02-15 14:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-15 13:35 - 2012-05-30 12:41 - 00000000 ____D () C:\Users\Jillz
2014-02-14 21:51 - 2013-08-02 13:29 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-14 21:37 - 2009-07-13 21:34 - 00000532 _____ () C:\Windows\win.ini
2014-02-14 13:13 - 2013-09-06 18:46 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-02-09 21:22 - 2013-07-10 14:11 - 00000000 ____D () C:\Users\Admin\Documents\Oddz and Trendz
2014-02-07 14:32 - 2014-02-07 14:20 - 00000000 ____D () C:\Users\Admin\Silhouette4.5
2014-02-07 14:07 - 2014-02-07 14:07 - 00000000 ___DC () C:\Program Files\SilhouetteFX
2014-02-07 14:01 - 2014-02-07 14:01 - 00000000 ____D () C:\Users\Admin\AppData\Local\PackageAware
2014-02-06 12:51 - 2014-02-06 12:51 - 00000059 _____ () C:\Users\Public\Documents\cogeco appt feb 12 2014.txt
2014-02-06 08:56 - 2014-02-05 16:15 - 00000000 ___DC () C:\Program Files (x86)\ArcSoft
2014-02-06 07:16 - 2014-02-14 21:35 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 06:30 - 2014-02-14 21:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 06:30 - 2014-02-14 21:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 06:12 - 2014-02-14 21:35 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 06:07 - 2014-02-14 21:36 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 06:06 - 2014-02-14 21:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 05:57 - 2014-02-14 21:36 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 05:56 - 2014-02-14 21:36 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 05:52 - 2014-02-14 21:36 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 05:49 - 2014-02-14 21:36 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 05:48 - 2014-02-14 21:36 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 05:48 - 2014-02-14 21:35 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 05:38 - 2014-02-14 21:35 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 05:32 - 2014-02-14 21:36 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 05:20 - 2014-02-14 21:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 05:17 - 2014-02-14 21:36 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 05:11 - 2014-02-14 21:35 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 05:01 - 2014-02-14 21:36 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 05:00 - 2014-02-14 21:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 04:57 - 2014-02-14 21:36 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 04:57 - 2014-02-14 21:35 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 04:52 - 2014-02-14 21:36 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 04:52 - 2014-02-14 21:36 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 04:50 - 2014-02-14 21:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 04:49 - 2014-02-14 21:36 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 04:47 - 2014-02-14 21:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 04:46 - 2014-02-14 21:35 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 04:25 - 2014-02-14 21:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 04:25 - 2014-02-14 21:35 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 04:24 - 2014-02-14 21:35 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 04:22 - 2014-02-14 21:35 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 04:13 - 2014-02-14 21:36 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 04:09 - 2014-02-14 21:35 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 04:03 - 2014-02-14 21:35 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 03:55 - 2014-02-14 21:35 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 03:41 - 2014-02-14 21:35 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 03:40 - 2014-02-14 21:35 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 03:36 - 2014-02-14 21:35 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 03:34 - 2014-02-14 21:35 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-05 18:31 - 2014-02-05 18:31 - 00000000 ____D () C:\Windows\SysWOW64\ARFC
2014-02-05 16:19 - 2014-02-05 16:16 - 00000000 ___HD () C:\ProgramData\ArcSoft
2014-02-05 16:19 - 2014-02-05 16:15 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\ArcSoft
2014-02-05 16:17 - 2012-02-02 18:48 - 00000000 ___RD () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-05 16:16 - 2014-02-05 16:16 - 00000000 ____D () C:\Users\Admin\AppData\Local\ArcSoft
2014-02-05 14:26 - 2014-02-05 14:26 - 00000108 _____ () C:\Users\Admin\Documents\Telus payments Feb and March 2014.txt
2014-02-04 19:09 - 2012-02-03 11:34 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-02 12:59 - 2014-02-02 12:59 - 00000039 ____H () C:\Users\Admin\Documents\.picasa.ini
2014-02-02 12:59 - 2014-02-02 12:59 - 00000000 ___HD () C:\Users\Admin\Documents\.picasaoriginals

Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\{A4720692-7F4F-4566-A947-DA165CFE8BC8}.exe
C:\Users\Jillz\AppData\Local\Temp\avguidx.dll
C:\Users\Jillz\AppData\Local\Temp\CommonInstaller.exe
C:\Users\Jillz\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\Jillz\AppData\Local\Temp\MSN1595.exe
C:\Users\Jillz\AppData\Local\Temp\oi_{B66FB08C-D4A3-46B3-A43E-5D7AD5047B74}.exe
C:\Users\Jillz\AppData\Local\Temp\ToolbarInstaller.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== BCD ================================

Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=\Device\HarddiskVolume1
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {current}
resumeobject            {ba20f464-4e0a-11e1-8292-972096e528b3}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30

Windows Boot Loader
-------------------
identifier              {07c8b3f7-c1d3-4e16-b8ee-1a6de1abe9a7}
device                  ramdisk=[C:]\ProgramData\Microsoft\Microsoft Antimalware\Offline Scanner\sources\boot.wim,{327749da-8a23-4324-9c4c-999ce29f5ee9}
path                    \Windows\System32\boot\winload.exe
description             Windows Defender Offline
osdevice                ramdisk=[C:]\ProgramData\Microsoft\Microsoft Antimalware\Offline Scanner\sources\boot.wim,{327749da-8a23-4324-9c4c-999ce29f5ee9}
systemroot              \Windows
detecthal               Yes
winpe                   Yes

Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {ba20f466-4e0a-11e1-8292-972096e528b3}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {ba20f464-4e0a-11e1-8292-972096e528b3}
nx                      OptIn

Windows Boot Loader
-------------------
identifier              {ba20f466-4e0a-11e1-8292-972096e528b3}
device                  ramdisk=[C:]\Recovery\ba20f466-4e0a-11e1-8292-972096e528b3\Winre.wim,{ba20f467-4e0a-11e1-8292-972096e528b3}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\ba20f466-4e0a-11e1-8292-972096e528b3\Winre.wim,{ba20f467-4e0a-11e1-8292-972096e528b3}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Resume from Hibernate
---------------------
identifier              {ba20f464-4e0a-11e1-8292-972096e528b3}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=\Device\HarddiskVolume1
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS Settings
------------
identifier              {emssettings}
bootems                 Yes

Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM Defects
-----------
identifier              {badmemory}

Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}

Device options
--------------
identifier              {327749da-8a23-4324-9c4c-999ce29f5ee9}
ramdisksdidevice        partition=C:
ramdisksdipath          \ProgramData\Microsoft\Microsoft Antimalware\Offline Scanner\boot\boot.sdi

Device options
--------------
identifier              {ba20f467-4e0a-11e1-8292-972096e528b3}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\ba20f466-4e0a-11e1-8292-972096e528b3\boot.sdi



LastRegBack: 2014-03-03 02:56

==================== End Of Log ============================



#5 gillybean

gillybean
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Canada
  • Local time:08:41 AM

Posted 04 March 2014 - 12:54 PM

Addition log

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-03-2014
Ran by Admin at 2014-03-04 12:36:05
Running from C:\Users\Admin\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

µTorrent (HKLM-x32\...\uTorrent) (Version: 3.3.0.29420 - BitTorrent Inc.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.7 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Photoshop CS (HKLM-x32\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{64FBA03C-575C-D688-1C80-A5773CE471F9}) (Version: 3.0.732.0 - ATI Technologies, Inc.)
Belkin N300 Micro USB Wireless Adapter (HKLM-x32\...\{B20F9D1C-A0A5-4cd8-8306-DA03872311B1}) (Version: 1.00.0155 - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
ConvertXtoDVD 4.1.19.364 (HKLM-x32\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.1.19.364 - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{81FB7C60-565A-4869-9D90-3BE1D270E8B7}) (Version:  - Microsoft)
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 3.3.2.1 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1107.115.102 - ALPS ELECTRIC CO., LTD.)
DriverTuner 3.1.0.0 (HKLM-x32\...\{520C1D80-935C-42B9-9340-E883849D804F}_is1) (Version: 3.1.0.0 - LionSea SoftWare)
Dropbox (HKCU\...\Dropbox) (Version: 2.0.10 - Dropbox, Inc.)
Duplicate File Cleaner v2.6 (HKLM-x32\...\Duplicate File Cleaner_is1) (Version:  - Cheese Software Ltd.)
EximiousSoft Logo Designer V2.58 (HKLM-x32\...\EximiousSoft Logo Designer_is1) (Version:  - EximiousSoft)
Free FLAC to MP3 Converter 1.0 (HKLM-x32\...\{A54C01BD-1277-4722-B42B-EC9800A90B1E}_is1) (Version:  - PolySoft Solutions)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.5192 - HP Photo Creations)
HP Photosmart 5510 series Basic Device Software (HKLM\...\{EBF97BCD-7BA6-44B6-A8A7-358BA3592B09}) (Version: 24.0.342.0 - Hewlett-Packard Co.)
HP Photosmart 5510 series Help (HKLM-x32\...\{E02964EA-0E1B-4620-A26E-CBAB0341B1BB}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photosmart 5510 series Product Improvement Study (HKLM\...\{9174E097-FF65-4733-AA1E-E3067D3BF379}) (Version: 24.0.342.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6272.0 - IDT)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1029 - Intel Corporation)
iTunes (HKLM\...\{0D924CB2-2EA4-4044-BAF7-770202D6BD0D}) (Version: 11.1.4.62 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
K-Lite Codec Pack 8.7.0 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 8.7.0 - )
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Media Player Utilities 4.36 (HKLM-x32\...\{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}) (Version: 4.36 -  )
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0080-0409-0000-0000000FF1CE}) (Version: 14.0.6106.5001 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 27.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
Pazera Free MP4 to AVI Converter 1.7 (HKLM-x32\...\{42442BC6-5A92-4BC2-9E0C-3D359D548A21}_is1) (Version: 1.7 - Pazera Jacek)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
RoboForm 7-9-5-5 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-9-5-5 - Siber Systems)
SeaTools for Windows (HKLM-x32\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.7 - Seagate Technology)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
TuneUp Utilities 2012 (HKLM-x32\...\TuneUp Utilities 2012) (Version: 12.0.3600.181 - TuneUp Software)
TuneUp Utilities 2012 (x32 Version: 12.0.3600.181 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (en-US) (x32 Version: 12.0.3600.181 - TuneUp Software) Hidden
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{E21274CE-CA0C-49FA-93F4-DC292A052264}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{B5C70C99-B109-42FD-B219-FF12CA543F19}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{DA2F7ECE-6629-4A80-9CDE-EC95261B75E2}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{E78E2B68-8FD1-42EE-BB74-99A4D9E6222D}) (Version:  - Microsoft)
Video Converter Fox (HKLM-x32\...\Video Converter Fox) (Version:  - )
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WeatherEye (HKCU\...\WeatherEye) (Version:  - )
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
WinRAR 4.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-13 21:34 - 2013-04-04 19:22 - 00000886 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 secure.tune-up.com
127.0.0.1 activate.adobe.com


==================== Scheduled Tasks (whitelisted) =============

Task: {24B75D3F-0823-4E45-ABC4-51C6CA6CE914} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {47BEB07C-7E6C-456D-B264-72132AC12EE3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {502FCD84-F6F7-4D32-B171-EFF3DC9CF2E2} - System32\Tasks\HP Photo Creations Messager => C:\ProgramData\HP Photo Creations\MessageCheck.exe [2011-02-15] ()
Task: {5E674279-EC59-43BB-901E-CB5D841901E3} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012 => C:\Program Files (x86)\TuneUp Utilities 2012\OneClick.exe [2013-12-11] (TuneUp Software)
Task: {7E2578BD-2DAF-43A0-AC7D-9A1848865594} - System32\Tasks\Unblock-us => C:\Users\Admin\Documents\My Downloads\unblock-us.exe [2013-08-12] ()
Task: {81064CA8-DC25-4B08-BBC6-5BBF39F77299} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {852B6D4C-0714-4EEF-B87F-FC91EDB5FC48} - \ParetoLogic Update Version3 No Task File
Task: {884E3C2A-83ED-4B60-8F31-7EF1BB45C6A1} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2014-02-28] (Siber Systems)
Task: {A7BF0B13-6EDB-4C8B-AF76-A0F7BBF45502} - System32\Tasks\HP online update program => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28] (Hewlett-Packard)
Task: {CA3C4E41-5F61-4B8E-A9E1-0391EE590AEA} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {D36040B2-4292-4CCF-85FE-899AD4EABC90} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/test-pass.html?aaa=KICMKMOJKJNMIMGMGMMJCNJJKJJMGMCNLMNJJMNJCNGMJMMMMMCNOMOJKMJMPMMJHMJMOMMMKJJMJNJICMIMCNGMCNKMFMOMOMCNPMCNGMJMPMPMFMJMCNOMCNIMJMPMOMCNNMJNPICMOMFMMJBJKJLIMJFMIMKMJMJNHICMMJBJKJLIMJJNBJCMOLLJCJGJBJJNKJCMJNNICMJNDJCMKJBJJNMJCMNMLMJMFMGMNMNMFMPMJNFICMGJLJKJBJLIGJLIGJKJMIBNKJHIKJ"
Task: {E2BA7F55-E787-48C5-8208-ABC1D939173C} - System32\Tasks\HPCustParticipation HP Photosmart 5510 series => C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe [2011-05-25] (Hewlett-Packard Co.)
Task: {F94A54BA-AEE1-41E2-987D-9E9A83A83494} - \ParetoLogic Registration3 No Task File
Task: C:\Windows\Tasks\HP Photo Creations Messager.job => C:\ProgramData\HP Photo Creations\MessageCheck.exe
Task: C:\Windows\Tasks\Run RoboForm TaskBar Icon.job => C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe

==================== Loaded Modules (whitelisted) =============

2012-03-21 15:57 - 2009-06-19 08:01 - 00189440 _____ () C:\Windows\system32\spool\PRTPROCS\x64\dlebdrpp.dll
2013-08-12 11:44 - 2013-08-12 11:45 - 00318243 _____ () C:\Users\Admin\Documents\My Downloads\unblock-us.exe
2014-02-21 19:52 - 2014-02-21 19:52 - 02967040 _____ () C:\ProgramData\Microsoft\Crypto\RSA64\CryptoProvider.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 ____C () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-02-21 19:52 - 2014-02-21 19:52 - 02278912 _____ () C:\ProgramData\Microsoft\Crypto\RSA64\rsa64.dll
2012-02-10 15:13 - 2012-01-09 19:44 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-02-15 14:32 - 2014-02-15 14:32 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-02-23 22:12 - 2014-02-27 19:00 - 16265096 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:07BF512B
AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4
AlternateDataStreams: C:\ProgramData\TEMP:7578EF04

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\98987031.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\98987031.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
MSCONFIG\startupreg: uTorrent => "C:\Program Files (x86)\uTorrent\uTorrent.exe"  /MINIMIZED

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/04/2014 00:36:12 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Error creating the Shadow Copy Provider COM class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
].


Operation:
   Obtain a callable interface for this provider
   List interfaces for all providers supporting this context
   Query Shadow Copies

Context:
   Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Class ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshot Context: 13
   Snapshot Context: 13
   Execution Context: Coordinator

Error: (03/04/2014 00:36:12 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} and name SW_PROV cannot be started. [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
]


Operation:
   Obtain a callable interface for this provider
   List interfaces for all providers supporting this context
   Query Shadow Copies

Context:
   Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Class ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshot Context: 13
   Snapshot Context: 13
   Execution Context: Coordinator

Error: (03/04/2014 00:28:52 PM) (Source: Application Error) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000008
Fault offset: 0x00000000000cd7e8
Faulting process id: 0x620
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3

Error: (03/04/2014 00:28:31 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\svchost.exe -k netsvcs; Description = Windows Update; Error = 0x80042302).

Error: (03/04/2014 00:28:31 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine GetProviderMgmtInterface.  hr = 0x8004230f, The shadow copy provider had an unexpected error while trying to process the specified operation.
.

Error: (03/04/2014 00:28:31 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Error creating the Shadow Copy Provider COM class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
].


Operation:
   Obtain a callable interface for this provider
   Obtaining provider management interface

Context:
   Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Class ID: {00000000-0000-0000-0000-000000000000}
   Snapshot Context: -1
   Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}

Error: (03/04/2014 00:28:31 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} and name SW_PROV cannot be started. [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
]


Operation:
   Obtain a callable interface for this provider
   Obtaining provider management interface

Context:
   Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Class ID: {00000000-0000-0000-0000-000000000000}
   Snapshot Context: -1
   Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}

Error: (03/04/2014 00:17:32 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (03/04/2014 00:17:32 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (03/04/2014 00:11:31 PM) (Source: MsiInstaller) (User: JILL)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Admin\AppData\Local\Akamai\admintool.exe.  System error 0.  Verify that you have access to that directory.


System errors:
=============
Error: (03/04/2014 00:30:07 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1058

Error: (03/04/2014 00:16:50 PM) (Source: Service Control Manager) (User: )
Description: The Windows Modules Installer service failed to start due to the following error:
%%1053

Error: (03/04/2014 00:16:50 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Modules Installer service to connect.

Error: (03/04/2014 00:16:50 PM) (Source: DCOM) (User: )
Description: 1053TrustedInstaller{752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (03/04/2014 00:13:58 PM) (Source: Service Control Manager) (User: )
Description: The Windows Update service hung on starting.

Error: (03/04/2014 00:10:30 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1058

Error: (03/04/2014 00:09:22 PM) (Source: Service Control Manager) (User: )
Description: The Microsoft Network Inspection service failed to start due to the following error:
%%1053

Error: (03/04/2014 00:09:22 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft Network Inspection service to connect.

Error: (03/04/2014 00:09:22 PM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

    Feature: %%886

    Error Code: 0x8007041d

    Error description: The service did not respond to the start or control request in a timely fashion.

    Reason: %%892

Error: (03/04/2014 00:07:47 PM) (Source: Service Control Manager) (User: )
Description: The Windows Image Acquisition (WIA) service depends on the Shell Hardware Detection service which failed to start because of the following error:
%%1058


Microsoft Office Sessions:
=========================
Error: (03/04/2014 00:36:12 PM) (Source: VSS)(User: )
Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


Operation:
   Obtain a callable interface for this provider
   List interfaces for all providers supporting this context
   Query Shadow Copies

Context:
   Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Class ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshot Context: 13
   Snapshot Context: 13
   Execution Context: Coordinator

Error: (03/04/2014 00:36:12 PM) (Source: VSS)(User: )
Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}SW_PROV0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


Operation:
   Obtain a callable interface for this provider
   List interfaces for all providers supporting this context
   Query Shadow Copies

Context:
   Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Class ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshot Context: 13
   Snapshot Context: 13
   Execution Context: Coordinator

Error: (03/04/2014 00:28:52 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c000000800000000000cd7e862001cf37cc3caddbc6C:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dll73b3f4e9-a3c2-11e3-b034-a4badb99bb8c

Error: (03/04/2014 00:28:31 PM) (Source: System Restore)(User: )
Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x80042302

Error: (03/04/2014 00:28:31 PM) (Source: VSS)(User: )
Description: GetProviderMgmtInterface0x8004230f, The shadow copy provider had an unexpected error while trying to process the specified operation.

Error: (03/04/2014 00:28:31 PM) (Source: VSS)(User: )
Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


Operation:
   Obtain a callable interface for this provider
   Obtaining provider management interface

Context:
   Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Class ID: {00000000-0000-0000-0000-000000000000}
   Snapshot Context: -1
   Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}

Error: (03/04/2014 00:28:31 PM) (Source: VSS)(User: )
Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}SW_PROV0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


Operation:
   Obtain a callable interface for this provider
   Obtaining provider management interface

Context:
   Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Class ID: {00000000-0000-0000-0000-000000000000}
   Snapshot Context: -1
   Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}

Error: (03/04/2014 00:17:32 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (03/04/2014 00:17:32 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000

Error: (03/04/2014 00:11:31 PM) (Source: MsiInstaller)(User: JILL)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Admin\AppData\Local\Akamai\admintool.exe.  System error 0.  Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL)


CodeIntegrity Errors:
===================================
  Date: 2012-07-14 18:00:47.057
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-07-14 18:00:46.983
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Percentage of memory in use: 96%
Total physical RAM: 2008.36 MB
Available physical RAM: 76.29 MB
Total Pagefile: 4016.73 MB
Available Pagefile: 1283 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.79 GB) (Free:69.73 GB) NTFS
Drive d: (WDO_Media64) (CDROM) (Total:0.26 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 983F7C98)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=233 GB) - (Type=07 NTFS)

==================== End Of Log ============================



#6 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:41 PM

Posted 04 March 2014 - 12:56 PM

Great, one of the nasties was deleted.

Please repeat the TDSSKiller scan, but this time also selecte the Cure (or Delete) option for TDSS File System. Please post up the new log when this is done.



#7 gillybean

gillybean
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Canada
  • Local time:08:41 AM

Posted 04 March 2014 - 02:12 PM

I tried to post the log in one post but kept getting the error that my post is too long, so here is first half;

 

13:29:00.0573 0x077c  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:29:00.0573 0x077c  ============================================================
13:29:00.0573 0x077c  \Device\Harddisk0\DR0:
13:29:00.0589 0x077c  MBR partitions:
13:29:00.0589 0x077c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:29:00.0589 0x077c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D192800
13:29:00.0589 0x077c  ============================================================
13:29:00.0604 0x077c  C: <-> \Device\Harddisk0\DR0\Partition2
13:29:00.0604 0x077c  ============================================================
13:29:00.0604 0x077c  Initialize success
13:29:00.0604 0x077c  ============================================================
13:29:23.0474 0x0a38  ============================================================
13:29:23.0474 0x0a38  Scan started
13:29:23.0474 0x0a38  Mode: Manual; SigCheck; TDLFS;
13:29:23.0474 0x0a38  ============================================================
13:29:23.0474 0x0a38  KSN ping started
13:29:29.0043 0x0a38  KSN ping finished: true
13:29:30.0447 0x0a38  ================ Scan system memory ========================
13:29:30.0447 0x0a38  System memory - ok
13:29:30.0447 0x0a38  ================ Scan services =============================
13:29:30.0619 0x0a38  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
13:29:30.0931 0x0a38  1394ohci - ok
13:29:30.0977 0x0a38  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
13:29:31.0009 0x0a38  ACPI - ok
13:29:31.0040 0x0a38  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
13:29:31.0118 0x0a38  AcpiPmi - ok
13:29:31.0180 0x0a38  [ 5DDC0A8D2CD60BDA593DDAF45821CE08, 5A1599702C132C71F043576F50A4115647754FA5F7A01D17B72E147958A06383 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
13:29:31.0227 0x0a38  Adobe LM Service - detected UnsignedFile.Multi.Generic ( 1 )
13:29:35.0189 0x0a38  Detect skipped due to KSN trusted
13:29:35.0189 0x0a38  Adobe LM Service - ok
13:29:35.0267 0x0a38  [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:29:35.0299 0x0a38  AdobeARMservice - ok
13:29:35.0361 0x0a38  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
13:29:35.0392 0x0a38  adp94xx - ok
13:29:35.0501 0x0a38  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
13:29:35.0517 0x0a38  adpahci - ok
13:29:35.0564 0x0a38  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
13:29:35.0579 0x0a38  adpu320 - ok
13:29:35.0642 0x0a38  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:29:35.0798 0x0a38  AeLookupSvc - ok
13:29:35.0891 0x0a38  [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters     C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe
13:29:35.0985 0x0a38  AESTFilters - ok
13:29:36.0047 0x0a38  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
13:29:36.0125 0x0a38  AFD - ok
13:29:36.0157 0x0a38  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
13:29:36.0172 0x0a38  agp440 - ok
13:29:36.0219 0x0a38  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
13:29:36.0297 0x0a38  ALG - ok
13:29:36.0344 0x0a38  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
13:29:36.0359 0x0a38  aliide - ok
13:29:36.0391 0x0a38  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
13:29:36.0406 0x0a38  amdide - ok
13:29:36.0453 0x0a38  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
13:29:36.0515 0x0a38  AmdK8 - ok
13:29:36.0531 0x0a38  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
13:29:36.0640 0x0a38  AmdPPM - ok
13:29:36.0671 0x0a38  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
13:29:36.0703 0x0a38  amdsata - ok
13:29:36.0796 0x0a38  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
13:29:36.0827 0x0a38  amdsbs - ok
13:29:36.0859 0x0a38  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
13:29:36.0874 0x0a38  amdxata - ok
13:29:36.0921 0x0a38  [ 98449A2957778A6F025C418438A380F4, 19AE7F1BCF1051A6804A17A8957AC6B30BD9538AB427D069240217DF24A496FA ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
13:29:37.0046 0x0a38  ApfiltrService - ok
13:29:37.0093 0x0a38  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
13:29:37.0264 0x0a38  AppID - ok
13:29:37.0295 0x0a38  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:29:37.0358 0x0a38  AppIDSvc - ok
13:29:37.0405 0x0a38  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
13:29:37.0467 0x0a38  Appinfo - ok
13:29:37.0529 0x0a38  [ F518545E5B7623AD49ABE7F8776EFA46, CD39B6EC0D80C6DB857F34D4AC5C31085271B51B8851A56FEFC052B20B7CC40C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:29:37.0561 0x0a38  Apple Mobile Device - ok
13:29:37.0592 0x0a38  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
13:29:37.0607 0x0a38  arc - ok
13:29:37.0623 0x0a38  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
13:29:37.0639 0x0a38  arcsas - ok
13:29:37.0795 0x0a38  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:29:37.0841 0x0a38  aspnet_state - ok
13:29:37.0857 0x0a38  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:29:37.0935 0x0a38  AsyncMac - ok
13:29:37.0982 0x0a38  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
13:29:37.0997 0x0a38  atapi - ok
13:29:38.0060 0x0a38  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:29:38.0169 0x0a38  AudioEndpointBuilder - ok
13:29:38.0216 0x0a38  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
13:29:38.0294 0x0a38  AudioSrv - ok
13:29:38.0325 0x0a38  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:29:38.0403 0x0a38  AxInstSV - ok
13:29:38.0450 0x0a38  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
13:29:38.0543 0x0a38  b06bdrv - ok
13:29:38.0590 0x0a38  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
13:29:38.0621 0x0a38  b57nd60a - ok
13:29:38.0668 0x0a38  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
13:29:38.0746 0x0a38  BDESVC - ok
13:29:38.0777 0x0a38  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
13:29:38.0855 0x0a38  Beep - ok
13:29:38.0902 0x0a38  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
13:29:38.0996 0x0a38  BFE - ok
13:29:39.0074 0x0a38  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
13:29:39.0167 0x0a38  BITS - ok
13:29:39.0199 0x0a38  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
13:29:39.0245 0x0a38  blbdrive - ok
13:29:39.0339 0x0a38  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:29:39.0370 0x0a38  Bonjour Service - ok
13:29:39.0417 0x0a38  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:29:39.0495 0x0a38  bowser - ok
13:29:39.0542 0x0a38  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:29:39.0635 0x0a38  BrFiltLo - ok
13:29:39.0651 0x0a38  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:29:39.0667 0x0a38  BrFiltUp - ok
13:29:39.0713 0x0a38  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
13:29:39.0776 0x0a38  Browser - ok
13:29:39.0823 0x0a38  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
13:29:39.0901 0x0a38  Brserid - ok
13:29:39.0947 0x0a38  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
13:29:39.0994 0x0a38  BrSerWdm - ok
13:29:40.0010 0x0a38  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
13:29:40.0072 0x0a38  BrUsbMdm - ok
13:29:40.0103 0x0a38  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
13:29:40.0135 0x0a38  BrUsbSer - ok
13:29:40.0166 0x0a38  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
13:29:40.0213 0x0a38  BTHMODEM - ok
13:29:40.0259 0x0a38  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
13:29:40.0322 0x0a38  bthserv - ok
13:29:40.0337 0x0a38  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:29:40.0415 0x0a38  cdfs - ok
13:29:40.0462 0x0a38  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
13:29:40.0509 0x0a38  cdrom - ok
13:29:40.0540 0x0a38  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
13:29:40.0603 0x0a38  CertPropSvc - ok
13:29:40.0634 0x0a38  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
13:29:40.0665 0x0a38  circlass - ok
13:29:40.0712 0x0a38  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
13:29:40.0743 0x0a38  CLFS - ok
13:29:40.0821 0x0a38  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:29:40.0852 0x0a38  clr_optimization_v2.0.50727_32 - ok
13:29:40.0915 0x0a38  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:29:40.0930 0x0a38  clr_optimization_v2.0.50727_64 - ok
13:29:41.0008 0x0a38  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:29:41.0180 0x0a38  clr_optimization_v4.0.30319_32 - ok
13:29:41.0195 0x0a38  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:29:41.0336 0x0a38  clr_optimization_v4.0.30319_64 - ok
13:29:41.0383 0x0a38  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
13:29:41.0429 0x0a38  CmBatt - ok
13:29:41.0476 0x0a38  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
13:29:41.0492 0x0a38  cmdide - ok
13:29:41.0539 0x0a38  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
13:29:41.0585 0x0a38  CNG - ok
13:29:41.0632 0x0a38  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
13:29:41.0648 0x0a38  Compbatt - ok
13:29:41.0679 0x0a38  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
13:29:41.0741 0x0a38  CompositeBus - ok
13:29:41.0757 0x0a38  COMSysApp - ok
13:29:41.0804 0x0a38  [ 3CA734CE373E5675FBC15CA2C45228E5, A6C6E9FABDE5EA18D266DB71C0CC6B51D682116D1898CCB4E9BA730F15C44B32 ] cpudrv64        C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys
13:29:41.0819 0x0a38  cpudrv64 - ok
13:29:41.0851 0x0a38  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
13:29:41.0866 0x0a38  crcdisk - ok
13:29:41.0913 0x0a38  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:29:41.0991 0x0a38  CryptSvc - ok
13:29:42.0007 0x0a38  Csdsbsssyin - ok
13:29:42.0053 0x0a38  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:29:42.0147 0x0a38  DcomLaunch - ok
13:29:42.0194 0x0a38  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
13:29:42.0272 0x0a38  defragsvc - ok
13:29:42.0319 0x0a38  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:29:42.0381 0x0a38  DfsC - ok
13:29:42.0428 0x0a38  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:29:42.0506 0x0a38  Dhcp - ok
13:29:42.0553 0x0a38  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
13:29:42.0615 0x0a38  discache - ok
13:29:42.0646 0x0a38  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
13:29:42.0662 0x0a38  Disk - ok
13:29:42.0709 0x0a38  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:29:42.0802 0x0a38  Dnscache - ok
13:29:42.0849 0x0a38  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
13:29:42.0943 0x0a38  dot3svc - ok
13:29:42.0989 0x0a38  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
13:29:43.0052 0x0a38  DPS - ok
13:29:43.0099 0x0a38  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:29:43.0161 0x0a38  drmkaud - ok
13:29:43.0239 0x0a38  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:29:43.0286 0x0a38  DXGKrnl - ok
13:29:43.0317 0x0a38  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
13:29:43.0364 0x0a38  EapHost - ok
13:29:43.0504 0x0a38  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
13:29:43.0723 0x0a38  ebdrv - ok
13:29:43.0754 0x0a38  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
13:29:43.0816 0x0a38  EFS - ok
13:29:43.0879 0x0a38  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:29:43.0988 0x0a38  ehRecvr - ok
13:29:44.0019 0x0a38  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
13:29:44.0081 0x0a38  ehSched - ok
13:29:44.0144 0x0a38  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
13:29:44.0175 0x0a38  elxstor - ok
13:29:44.0206 0x0a38  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
13:29:44.0253 0x0a38  ErrDev - ok
13:29:44.0315 0x0a38  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
13:29:44.0393 0x0a38  EventSystem - ok
13:29:44.0440 0x0a38  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
13:29:44.0503 0x0a38  exfat - ok
13:29:44.0534 0x0a38  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:29:44.0612 0x0a38  fastfat - ok
13:29:44.0674 0x0a38  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
13:29:44.0783 0x0a38  Fax - ok
13:29:44.0830 0x0a38  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
13:29:44.0893 0x0a38  fdc - ok
13:29:44.0924 0x0a38  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
13:29:45.0002 0x0a38  fdPHost - ok
13:29:45.0033 0x0a38  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:29:45.0111 0x0a38  FDResPub - ok
13:29:45.0158 0x0a38  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:29:45.0173 0x0a38  FileInfo - ok
13:29:45.0220 0x0a38  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:29:45.0298 0x0a38  Filetrace - ok
13:29:45.0329 0x0a38  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
13:29:45.0345 0x0a38  flpydisk - ok
13:29:45.0392 0x0a38  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:29:45.0423 0x0a38  FltMgr - ok
13:29:45.0517 0x0a38  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
13:29:45.0610 0x0a38  FontCache - ok
13:29:45.0657 0x0a38  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:29:45.0673 0x0a38  FontCache3.0.0.0 - ok
13:29:45.0704 0x0a38  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
13:29:45.0719 0x0a38  FsDepends - ok
13:29:45.0766 0x0a38  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:29:45.0782 0x0a38  Fs_Rec - ok
13:29:45.0813 0x0a38  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:29:45.0844 0x0a38  fvevol - ok
13:29:45.0875 0x0a38  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
13:29:45.0907 0x0a38  gagp30kx - ok
13:29:45.0938 0x0a38  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:29:45.0953 0x0a38  GEARAspiWDM - ok
13:29:46.0016 0x0a38  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
13:29:46.0078 0x0a38  gpsvc - ok
13:29:46.0141 0x0a38  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
13:29:46.0156 0x0a38  gusvc - ok
13:29:46.0187 0x0a38  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
13:29:46.0250 0x0a38  hcw85cir - ok
13:29:46.0297 0x0a38  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:29:46.0359 0x0a38  HdAudAddService - ok
13:29:46.0406 0x0a38  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
13:29:46.0437 0x0a38  HDAudBus - ok
13:29:46.0484 0x0a38  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
13:29:46.0515 0x0a38  HidBatt - ok
13:29:46.0546 0x0a38  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
13:29:46.0609 0x0a38  HidBth - ok
13:29:46.0640 0x0a38  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
13:29:46.0687 0x0a38  HidIr - ok
13:29:46.0733 0x0a38  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
13:29:46.0796 0x0a38  hidserv - ok
13:29:46.0827 0x0a38  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
13:29:46.0858 0x0a38  HidUsb - ok
13:29:46.0905 0x0a38  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:29:46.0983 0x0a38  hkmsvc - ok
13:29:47.0045 0x0a38  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:29:47.0108 0x0a38  HomeGroupListener - ok
13:29:47.0155 0x0a38  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:29:47.0217 0x0a38  HomeGroupProvider - ok
13:29:47.0264 0x0a38  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
13:29:47.0279 0x0a38  HpSAMD - ok
13:29:47.0373 0x0a38  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:29:47.0467 0x0a38  HTTP - ok
13:29:47.0513 0x0a38  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:29:47.0529 0x0a38  hwpolicy - ok
13:29:47.0560 0x0a38  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
13:29:47.0576 0x0a38  i8042prt - ok
13:29:47.0654 0x0a38  [ 4F6FB2CDBDEEFC47E7D2066E78254580, F2B722FBF9C8216CCA42A6910D72FE5532B2B99BAA1815C24D852873F778072A ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
13:29:47.0685 0x0a38  iaStor - ok
13:29:47.0732 0x0a38  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
13:29:47.0763 0x0a38  iaStorV - ok
13:29:47.0825 0x0a38  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:29:47.0872 0x0a38  idsvc - ok
13:29:47.0950 0x0a38  IEEtwCollectorService - ok
13:29:48.0356 0x0a38  [ C6238C6ABD6AC99F5D152DA4E9439A3D, 6FC490B94CEF523C7C099AEA3D36AB75C9896B1D83D4467D237E698A8E0D9E7B ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
13:29:49.0011 0x0a38  igfx - ok
13:29:49.0089 0x0a38  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
13:29:49.0105 0x0a38  iirsp - ok
13:29:49.0167 0x0a38  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
13:29:49.0229 0x0a38  IKEEXT - ok
13:29:49.0261 0x0a38  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
13:29:49.0276 0x0a38  intelide - ok
13:29:49.0323 0x0a38  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
13:29:49.0370 0x0a38  intelppm - ok
13:29:49.0417 0x0a38  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:29:49.0526 0x0a38  IPBusEnum - ok
13:29:49.0557 0x0a38  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:29:49.0619 0x0a38  IpFilterDriver - ok
13:29:49.0682 0x0a38  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:29:49.0744 0x0a38  iphlpsvc - ok
13:29:49.0775 0x0a38  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
13:29:49.0916 0x0a38  IPMIDRV - ok
13:29:49.0963 0x0a38  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
13:29:50.0009 0x0a38  IPNAT - ok
13:29:50.0119 0x0a38  [ F7ED08D4BC89D7AC6135C1556A89157F, 8F15F1E528F6513FCEF5D966880CBA8A2C7A4816393393F4B201CDD6227F36A3 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
13:29:50.0165 0x0a38  iPod Service - ok
13:29:50.0197 0x0a38  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:29:50.0321 0x0a38  IRENUM - ok
13:29:50.0353 0x0a38  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
13:29:50.0368 0x0a38  isapnp - ok
13:29:50.0415 0x0a38  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
13:29:50.0431 0x0a38  iScsiPrt - ok
13:29:50.0462 0x0a38  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:29:50.0493 0x0a38  kbdclass - ok
13:29:50.0524 0x0a38  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
13:29:50.0571 0x0a38  kbdhid - ok
13:29:50.0602 0x0a38  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
13:29:50.0618 0x0a38  KeyIso - ok
13:29:50.0665 0x0a38  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:29:50.0680 0x0a38  KSecDD - ok
13:29:50.0711 0x0a38  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
13:29:50.0727 0x0a38  KSecPkg - ok
13:29:50.0758 0x0a38  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
13:29:50.0821 0x0a38  ksthunk - ok
13:29:50.0883 0x0a38  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:29:50.0961 0x0a38  KtmRm - ok
13:29:51.0008 0x0a38  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
13:29:51.0070 0x0a38  LanmanServer - ok
13:29:51.0117 0x0a38  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:29:51.0226 0x0a38  LanmanWorkstation - ok
13:29:51.0273 0x0a38  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:29:51.0335 0x0a38  lltdio - ok
13:29:51.0382 0x0a38  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:29:51.0445 0x0a38  lltdsvc - ok
13:29:51.0476 0x0a38  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:29:51.0523 0x0a38  lmhosts - ok
13:29:51.0569 0x0a38  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
13:29:51.0585 0x0a38  LSI_FC - ok
13:29:51.0616 0x0a38  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
13:29:51.0647 0x0a38  LSI_SAS - ok
13:29:51.0663 0x0a38  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:29:51.0679 0x0a38  LSI_SAS2 - ok
13:29:51.0710 0x0a38  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:29:51.0725 0x0a38  LSI_SCSI - ok
13:29:51.0757 0x0a38  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
13:29:51.0819 0x0a38  luafv - ok
13:29:51.0866 0x0a38  [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
13:29:51.0881 0x0a38  MBAMProtector - ok
13:29:51.0928 0x0a38  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
13:29:51.0959 0x0a38  MBAMScheduler - ok
13:29:52.0022 0x0a38  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
13:29:52.0053 0x0a38  MBAMService - ok
13:29:52.0100 0x0a38  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:29:52.0131 0x0a38  Mcx2Svc - ok
13:29:52.0178 0x0a38  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
13:29:52.0193 0x0a38  megasas - ok
13:29:52.0225 0x0a38  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
13:29:52.0256 0x0a38  MegaSR - ok
13:29:52.0318 0x0a38  Microsoft SharePoint Workspace Audit Service - ok
13:29:52.0349 0x0a38  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
13:29:52.0412 0x0a38  MMCSS - ok
13:29:52.0459 0x0a38  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
13:29:52.0521 0x0a38  Modem - ok
13:29:52.0568 0x0a38  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:29:52.0599 0x0a38  monitor - ok
13:29:52.0646 0x0a38  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:29:52.0661 0x0a38  mouclass - ok
13:29:52.0693 0x0a38  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:29:52.0755 0x0a38  mouhid - ok
13:29:52.0802 0x0a38  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:29:52.0817 0x0a38  mountmgr - ok
13:29:52.0880 0x0a38  [ C6B88D62F20AC646C6BD5C032EC2FAF9, 111A07939F3C5A46F0C51B9D6F5C1D8478099E32EFD88BC260467109ADD975F8 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
13:29:52.0911 0x0a38  MpFilter - ok
13:29:52.0958 0x0a38  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
13:29:52.0973 0x0a38  mpio - ok
13:29:53.0020 0x0a38  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:29:53.0067 0x0a38  mpsdrv - ok
13:29:53.0129 0x0a38  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:29:53.0207 0x0a38  MpsSvc - ok
13:29:53.0301 0x0a38  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:29:53.0348 0x0a38  MRxDAV - ok
13:29:53.0395 0x0a38  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:29:53.0457 0x0a38  mrxsmb - ok
13:29:53.0504 0x0a38  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:29:53.0566 0x0a38  mrxsmb10 - ok
13:29:53.0582 0x0a38  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:29:53.0613 0x0a38  mrxsmb20 - ok
13:29:53.0660 0x0a38  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
13:29:53.0675 0x0a38  msahci - ok
13:29:53.0707 0x0a38  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
13:29:53.0722 0x0a38  msdsm - ok
13:29:53.0753 0x0a38  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
13:29:53.0800 0x0a38  MSDTC - ok
13:29:53.0878 0x0a38  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:29:53.0909 0x0a38  Msfs - ok
13:29:53.0941 0x0a38  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
13:29:54.0019 0x0a38  mshidkmdf - ok
13:29:54.0050 0x0a38  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
13:29:54.0065 0x0a38  msisadrv - ok
13:29:54.0112 0x0a38  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:29:54.0175 0x0a38  MSiSCSI - ok
13:29:54.0206 0x0a38  msiserver - ok
13:29:54.0237 0x0a38  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:29:54.0315 0x0a38  MSKSSRV - ok
13:29:54.0377 0x0a38  [ 7675E15D1B2180745E4DA4D26AAD7385, 729AA6C610F67028CFFFF64B772FFA1CAE7581D37F8909BDA423D52AF85C92C8 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
13:29:54.0393 0x0a38  MsMpSvc - ok
13:29:54.0424 0x0a38  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:29:54.0487 0x0a38  MSPCLOCK - ok
13:29:54.0518 0x0a38  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:29:54.0580 0x0a38  MSPQM - ok
13:29:54.0643 0x0a38  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:29:54.0674 0x0a38  MsRPC - ok
13:29:54.0721 0x0a38  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
13:29:54.0736 0x0a38  mssmbios - ok
13:29:54.0783 0x0a38  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:29:54.0830 0x0a38  MSTEE - ok
13:29:54.0877 0x0a38  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
13:29:54.0923 0x0a38  MTConfig - ok
13:29:54.0939 0x0a38  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
13:29:54.0955 0x0a38  Mup - ok
13:29:55.0001 0x0a38  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
13:29:55.0079 0x0a38  napagent - ok
13:29:55.0142 0x0a38  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:29:55.0189 0x0a38  NativeWifiP - ok
13:29:55.0267 0x0a38  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:29:55.0313 0x0a38  NDIS - ok
13:29:55.0360 0x0a38  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
13:29:55.0407 0x0a38  NdisCap - ok
13:29:55.0469 0x0a38  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:29:55.0532 0x0a38  NdisTapi - ok
13:29:55.0579 0x0a38  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:29:55.0641 0x0a38  Ndisuio - ok
13:29:55.0688 0x0a38  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:29:55.0766 0x0a38  NdisWan - ok
13:29:55.0813 0x0a38  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:29:55.0859 0x0a38  NDProxy - ok
13:29:55.0906 0x0a38  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:29:55.0953 0x0a38  NetBIOS - ok
13:29:56.0015 0x0a38  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
13:29:56.0062 0x0a38  NetBT - ok
13:29:56.0093 0x0a38  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
13:29:56.0109 0x0a38  Netlogon - ok
13:29:56.0156 0x0a38  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
13:29:56.0249 0x0a38  Netman - ok
13:29:56.0281 0x0a38  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:29:56.0327 0x0a38  NetMsmqActivator - ok
13:29:56.0343 0x0a38  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:29:56.0374 0x0a38  NetPipeActivator - ok
13:29:56.0437 0x0a38  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
13:29:56.0499 0x0a38  netprofm - ok
13:29:56.0546 0x0a38  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:29:56.0561 0x0a38  NetTcpActivator - ok
13:29:56.0577 0x0a38  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:29:56.0608 0x0a38  NetTcpPortSharing - ok
13:29:56.0858 0x0a38  [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
13:29:57.0217 0x0a38  netw5v64 - ok
13:29:57.0575 0x0a38  [ 1D974430131627AD97BD28E5746C2EC1, 0F4F5CDE462DA5BCEE6DE144BE33DBD2CA79AE8E9C1915ADAD731E62BC289D2E ] NETwNs64        C:\Windows\system32\DRIVERS\NETwNs64.sys
13:29:58.0137 0x0a38  NETwNs64 - ok
13:29:58.0199 0x0a38  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
13:29:58.0215 0x0a38  nfrd960 - ok
13:29:58.0262 0x0a38  [ ACE8C64C57E4A711473C8BC10ADF692B, 53D8083CE78DB5527080B4570AC28ABAA262667744A319707AE0C46E46B297F9 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
13:29:58.0277 0x0a38  NisDrv - ok
13:29:58.0324 0x0a38  [ 6247E8B31ED0A9D6BC5A26276E49BEB3, 230C0C560492C454B9EB14B50EB4A78DC74FAB6B662449A0EA3114B3E671BFF3 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
13:29:58.0355 0x0a38  NisSrv - ok
13:29:58.0402 0x0a38  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:29:58.0449 0x0a38  NlaSvc - ok
13:29:58.0496 0x0a38  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:29:58.0527 0x0a38  Npfs - ok
13:29:58.0574 0x0a38  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
13:29:58.0636 0x0a38  nsi - ok
13:29:58.0667 0x0a38  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:29:58.0714 0x0a38  nsiproxy - ok
13:29:58.0823 0x0a38  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:29:58.0917 0x0a38  Ntfs - ok
13:29:58.0948 0x0a38  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
13:29:59.0026 0x0a38  Null - ok
13:29:59.0073 0x0a38  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:29:59.0104 0x0a38  nvraid - ok
13:29:59.0151 0x0a38  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:29:59.0167 0x0a38  nvstor - ok
13:29:59.0198 0x0a38  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
13:29:59.0229 0x0a38  nv_agp - ok
13:29:59.0260 0x0a38  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
13:29:59.0276 0x0a38  ohci1394 - ok
13:29:59.0354 0x0a38  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:29:59.0369 0x0a38  ose - ok
13:29:59.0603 0x0a38  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:29:59.0915 0x0a38  osppsvc - ok
13:30:00.0009 0x0a38  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
13:30:00.0087 0x0a38  p2pimsvc - ok
13:30:00.0181 0x0a38  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
13:30:00.0305 0x0a38  p2psvc - ok
13:30:00.0352 0x0a38  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
13:30:00.0430 0x0a38  Parport - ok
13:30:00.0477 0x0a38  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:30:00.0493 0x0a38  partmgr - ok
13:30:00.0539 0x0a38  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:30:00.0586 0x0a38  PcaSvc - ok
13:30:00.0633 0x0a38  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
13:30:00.0649 0x0a38  pci - ok
13:30:00.0695 0x0a38  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
13:30:00.0711 0x0a38  pciide - ok
13:30:00.0758 0x0a38  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
13:30:00.0773 0x0a38  pcmcia - ok
13:30:00.0805 0x0a38  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
13:30:00.0820 0x0a38  pcw - ok
13:30:00.0898 0x0a38  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:30:00.0976 0x0a38  PEAUTH - ok
13:30:01.0070 0x0a38  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
13:30:01.0148 0x0a38  PerfHost - ok
13:30:01.0273 0x0a38  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
13:30:01.0397 0x0a38  pla - ok
13:30:01.0491 0x0a38  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:30:01.0569 0x0a38  PlugPlay - ok
13:30:01.0616 0x0a38  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
13:30:01.0663 0x0a38  PNRPAutoReg - ok
13:30:01.0709 0x0a38  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
13:30:01.0725 0x0a38  PNRPsvc - ok
13:30:01.0787 0x0a38  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:30:01.0865 0x0a38  PolicyAgent - ok
13:30:01.0912 0x0a38  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
13:30:01.0990 0x0a38  Power - ok
13:30:02.0037 0x0a38  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:30:02.0115 0x0a38  PptpMiniport - ok
13:30:02.0162 0x0a38  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
13:30:02.0209 0x0a38  Processor - ok
13:30:02.0271 0x0a38  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
13:30:02.0365 0x0a38  ProfSvc - ok
13:30:02.0396 0x0a38  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
13:30:02.0411 0x0a38  ProtectedStorage - ok
13:30:02.0458 0x0a38  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:30:02.0536 0x0a38  Psched - ok
13:30:02.0614 0x0a38  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
13:30:02.0708 0x0a38  ql2300 - ok
13:30:02.0755 0x0a38  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
13:30:02.0770 0x0a38  ql40xx - ok
13:30:02.0817 0x0a38  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
13:30:02.0848 0x0a38  QWAVE - ok
13:30:02.0864 0x0a38  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:30:02.0895 0x0a38  QWAVEdrv - ok
13:30:02.0926 0x0a38  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:30:02.0989 0x0a38  RasAcd - ok
13:30:03.0035 0x0a38  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
13:30:03.0082 0x0a38  RasAgileVpn - ok
13:30:03.0113 0x0a38  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
13:30:03.0191 0x0a38  RasAuto - ok
13:30:03.0238 0x0a38  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:30:03.0301 0x0a38  Rasl2tp - ok
13:30:03.0347 0x0a38  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
13:30:03.0394 0x0a38  RasMan - ok
13:30:03.0441 0x0a38  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:30:03.0519 0x0a38  RasPppoe - ok
13:30:03.0550 0x0a38  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:30:03.0628 0x0a38  RasSstp - ok
13:30:03.0706 0x0a38  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:30:03.0800 0x0a38  rdbss - ok
13:30:03.0847 0x0a38  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
13:30:03.0893 0x0a38  rdpbus - ok
13:30:03.0925 0x0a38  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:30:03.0987 0x0a38  RDPCDD - ok
13:30:04.0049 0x0a38  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:30:04.0127 0x0a38  RDPENCDD - ok
13:30:04.0174 0x0a38  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
13:30:04.0221 0x0a38  RDPREFMP - ok
13:30:04.0268 0x0a38  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
13:30:04.0346 0x0a38  RdpVideoMiniport - ok
13:30:04.0393 0x0a38  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:30:04.0439 0x0a38  RDPWD - ok
13:30:04.0486 0x0a38  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:30:04.0517 0x0a38  rdyboost - ok
13:30:04.0564 0x0a38  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:30:04.0642 0x0a38  RemoteAccess - ok
13:30:04.0720 0x0a38  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:30:04.0783 0x0a38  RemoteRegistry - ok
13:30:04.0829 0x0a38  [ 6D850FAD4CC9498D1F382B77BA4035CC, 689B8D90BFA404F2ABEF3F7CD098382DAA81A4CF6BF3784C9CC24DAF33F10660 ] RimUsb          C:\Windows\system32\Drivers\RimUsb_AMD64.sys
13:30:05.0079 0x0a38  RimUsb - ok
13:30:05.0126 0x0a38  [ 344604E6913BD6E4EAEC34AF2E0943D7, 4ADFE13AFECD0F263A27F647FC6BA1AB47B2A28F9D70FCAC90F23D0A2FB8C493 ] RimVSerPort     C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
13:30:05.0188 0x0a38  RimVSerPort - ok
13:30:05.0235 0x0a38  [ 388D3DD1A6457280F3BADBA9F3ACD6B1, 5C534EA15195B1301C917904627AF09FE2ABA3FEE1641B5C87E8F3191BC49058 ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys
13:30:05.0297 0x0a38  ROOTMODEM - ok
13:30:05.0360 0x0a38  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:30:05.0422 0x0a38  RpcEptMapper - ok
13:30:05.0469 0x0a38  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
13:30:05.0516 0x0a38  RpcLocator - ok
13:30:05.0563 0x0a38  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
13:30:05.0625 0x0a38  RpcSs - ok
13:30:05.0656 0x0a38  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:30:05.0703 0x0a38  rspndr - ok
13:30:05.0781 0x0a38  [ 665BA29357882A8C5980B15B3A0123A4, C03D5140E4C8B469D30E3D82CDAEB2F1BA2EB671F146094166222B40993185C6 ] RTL8192cu       C:\Windows\system32\DRIVERS\RTL8192cu.sys
13:30:05.0859 0x0a38  RTL8192cu - ok
13:30:05.0890 0x0a38  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
13:30:05.0906 0x0a38  SamSs - ok
13:30:05.0953 0x0a38  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
13:30:05.0968 0x0a38  sbp2port - ok
13:30:06.0015 0x0a38  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:30:06.0093 0x0a38  SCardSvr - ok
13:30:06.0140 0x0a38  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:30:06.0202 0x0a38  scfilter - ok
13:30:06.0280 0x0a38  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
13:30:06.0467 0x0a38  Schedule - ok
13:30:06.0530 0x0a38  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:30:06.0561 0x0a38  SCPolicySvc - ok
13:30:06.0608 0x0a38  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:30:06.0670 0x0a38  SDRSVC - ok
13:30:06.0701 0x0a38  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:30:06.0748 0x0a38  secdrv - ok
13:30:06.0779 0x0a38  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
13:30:06.0842 0x0a38  seclogon - ok
13:30:06.0904 0x0a38  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
13:30:06.0951 0x0a38  SENS - ok
13:30:06.0967 0x0a38  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:30:07.0029 0x0a38  SensrSvc - ok
13:30:07.0076 0x0a38  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
13:30:07.0107 0x0a38  Serenum - ok
13:30:07.0169 0x0a38  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
13:30:07.0185 0x0a38  Serial - ok
13:30:07.0201 0x0a38  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
13:30:07.0232 0x0a38  sermouse - ok
13:30:07.0310 0x0a38  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
13:30:07.0403 0x0a38  SessionEnv - ok
13:30:07.0435 0x0a38  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
13:30:07.0481 0x0a38  sffdisk - ok
13:30:07.0528 0x0a38  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
13:30:07.0559 0x0a38  sffp_mmc - ok
13:30:07.0622 0x0a38  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
13:30:07.0653 0x0a38  sffp_sd - ok
13:30:07.0700 0x0a38  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
13:30:07.0731 0x0a38  sfloppy - ok
13:30:07.0793 0x0a38  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:30:07.0856 0x0a38  SharedAccess - ok
13:30:07.0903 0x0a38  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:30:07.0965 0x0a38  ShellHWDetection - ok
13:30:08.0027 0x0a38  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:30:08.0043 0x0a38  SiSRaid2 - ok
13:30:08.0074 0x0a38  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
13:30:08.0090 0x0a38  SiSRaid4 - ok
13:30:08.0121 0x0a38  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:30:08.0183 0x0a38  Smb - ok
13:30:08.0293 0x0a38  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:30:08.0324 0x0a38  SNMPTRAP - ok
13:30:08.0386 0x0a38  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
13:30:08.0402 0x0a38  spldr - ok
13:30:08.0480 0x0a38  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
13:30:08.0558 0x0a38  Spooler - ok
13:30:08.0729 0x0a38  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
13:30:08.0979 0x0a38  sppsvc - ok
13:30:09.0041 0x0a38  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
13:30:09.0119 0x0a38  sppuinotify - ok
13:30:09.0182 0x0a38  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:30:09.0260 0x0a38  srv - ok
13:30:09.0291 0x0a38  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:30:09.0338 0x0a38  srv2 - ok
13:30:09.0385 0x0a38  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:30:09.0447 0x0a38  srvnet - ok
13:30:09.0494 0x0a38  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:30:09.0587 0x0a38  SSDPSRV - ok
13:30:09.0634 0x0a38  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:30:09.0681 0x0a38  SstpSvc - ok
13:30:09.0775 0x0a38  [ 5697FB5DCF36ADA09C153378E88AE6AD, 5D9ABCA3CA4D2355CD7FA243633ADB11003B2E8478E7B2216ADBF84401107AFA ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\STacSV64.exe
13:30:09.0821 0x0a38  STacSV - ok
13:30:09.0868 0x0a38  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
13:30:09.0884 0x0a38  stexstor - ok
13:30:09.0946 0x0a38  [ F3F6C17F70EBA268CDBE4F9704E3EAC5, 3B24ED5C3F1E056F86E9DDB8FC5709249BE481D6F23A0C3611AB3620A799F764 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
13:30:10.0009 0x0a38  STHDA - ok
13:30:10.0087 0x0a38  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
13:30:10.0133 0x0a38  stisvc - ok
13:30:10.0196 0x0a38  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
13:30:10.0211 0x0a38  swenum - ok
13:30:10.0274 0x0a38  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
13:30:10.0367 0x0a38  swprv - ok
13:30:10.0477 0x0a38  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
13:30:10.0586 0x0a38  SysMain - ok
13:30:10.0633 0x0a38  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:30:10.0664 0x0a38  TabletInputService - ok
13:30:10.0711 0x0a38  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:30:10.0789 0x0a38  TapiSrv - ok
13:30:10.0851 0x0a38  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
13:30:10.0898 0x0a38  TBS - ok
13:30:11.0038 0x0a38  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:30:11.0132 0x0a38  Tcpip - ok
13:30:11.0225 0x0a38  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:30:11.0303 0x0a38  TCPIP6 - ok
13:30:11.0366 0x0a38  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:30:11.0397 0x0a38  tcpipreg - ok
13:30:11.0459 0x0a38  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:30:11.0569 0x0a38  TDPIPE - ok
13:30:11.0600 0x0a38  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:30:11.0647 0x0a38  TDTCP - ok
13:30:11.0693 0x0a38  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:30:11.0740 0x0a38  tdx - ok
13:30:11.0787 0x0a38  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
13:30:11.0803 0x0a38  TermDD - ok
13:30:11.0849 0x0a38  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
13:30:11.0912 0x0a38  TermService - ok
13:30:11.0974 0x0a38  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
13:30:12.0005 0x0a38  Themes - ok
13:30:12.0052 0x0a38  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
13:30:12.0099 0x0a38  THREADORDER - ok
13:30:12.0146 0x0a38  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
13:30:12.0208 0x0a38  TrkWks - ok
13:30:12.0286 0x0a38  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:30:12.0349 0x0a38  TrustedInstaller - ok
13:30:12.0427 0x0a38  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:30:12.0505 0x0a38  tssecsrv - ok
13:30:12.0551 0x0a38  [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
13:30:12.0614 0x0a38  TsUsbFlt - ok
13:30:12.0785 0x0a38  [ 7A0E9E476396572ADD3BFC7639998299, 91C20075C2A3F55A080EC34C75E7B4653ABF48C756514DEBE60599FDF550AE71 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
13:30:12.0895 0x0a38  TuneUp.UtilitiesSvc - ok
13:30:12.0957 0x0a38  [ DCC94C51D27C7EC0DADECA8F64C94FCF, 90C978C2284C9BDE3EFA1124616D824E0C361C388293FA22DBC8C3B70C920574 ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys
13:30:12.0973 0x0a38  TuneUpUtilitiesDrv - ok
13:30:13.0051 0x0a38  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:30:13.0113 0x0a38  tunnel - ok
13:30:13.0160 0x0a38  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
13:30:13.0175 0x0a38  uagp35 - ok
13:30:13.0238 0x0a38  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:30:13.0300 0x0a38  udfs - ok
13:30:13.0363 0x0a38  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:30:13.0394 0x0a38  UI0Detect - ok
13:30:13.0441 0x0a38  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
13:30:13.0456 0x0a38  uliagpkx - ok
13:30:13.0503 0x0a38  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
13:30:13.0565 0x0a38  umbus - ok
13:30:13.0612 0x0a38  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
13:30:13.0643 0x0a38  UmPass - ok
13:30:13.0706 0x0a38  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
13:30:13.0784 0x0a38  upnphost - ok
13:30:13.0831 0x0a38  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
13:30:13.0893 0x0a38  USBAAPL64 - ok
13:30:13.0909 0x0a38  usbbus - ok
13:30:13.0955 0x0a38  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
13:30:14.0018 0x0a38  usbccgp - ok
13:30:14.0080 0x0a38  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
13:30:14.0111 0x0a38  usbcir - ok
13:30:14.0127 0x0a38  UsbDiag - ok
13:30:14.0174 0x0a38  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
13:30:14.0189 0x0a38  usbehci - ok
13:30:14.0205 0x0a38  UsbGps - ok
13:30:14.0252 0x0a38  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:30:14.0377 0x0a38  usbhub - ok
13:30:14.0392 0x0a38  USBModem - ok
13:30:14.0439 0x0a38  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
13:30:14.0470 0x0a38  usbohci - ok
13:30:14.0564 0x0a38  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
13:30:14.0595 0x0a38  usbprint - ok
13:30:14.0642 0x0a38  [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
13:30:14.0704 0x0a38  usbscan - ok
13:30:14.0751 0x0a38  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:30:14.0845 0x0a38  USBSTOR - ok
13:30:14.0891 0x0a38  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
13:30:14.0923 0x0a38  usbuhci - ok
13:30:14.0969 0x0a38  [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx      C:\Windows\system32\drivers\usb8023x.sys
13:30:15.0032 0x0a38  usb_rndisx - ok
13:30:15.0079 0x0a38  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
13:30:15.0157 0x0a38  UxSms - ok
13:30:15.0250 0x0a38  [ 15A1BDD1446F4A10D357019106799306, 8FA6F0E2F44557963279D7E524F42337EDE3C53ACFB2AF786661B50B97771E32 ] UxTuneUp        C:\Windows\System32\uxtuneup.dll
13:30:15.0344 0x0a38  UxTuneUp - ok
13:30:15.0391 0x0a38  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
13:30:15.0406 0x0a38  VaultSvc - ok
13:30:15.0437 0x0a38  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
13:30:15.0453 0x0a38  vdrvroot - ok
13:30:15.0515 0x0a38  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
13:30:15.0593 0x0a38  vds - ok
13:30:15.0640 0x0a38  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:30:15.0671 0x0a38  vga - ok
13:30:15.0703 0x0a38  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:30:15.0749 0x0a38  VgaSave - ok
13:30:15.0796 0x0a38  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
13:30:15.0812 0x0a38  vhdmp - ok
13:30:15.0874 0x0a38  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
13:30:15.0890 0x0a38  viaide - ok
13:30:15.0921 0x0a38  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
13:30:15.0937 0x0a38  volmgr - ok
13:30:15.0983 0x0a38  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:30:16.0015 0x0a38  volmgrx - ok
13:30:16.0046 0x0a38  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:30:16.0077 0x0a38  volsnap - ok
13:30:16.0108 0x0a38  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
13:30:16.0139 0x0a38  vsmraid - ok
13:30:16.0217 0x0a38  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
13:30:16.0373 0x0a38  VSS - ok
13:30:16.0405 0x0a38  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
13:30:16.0451 0x0a38  vwifibus - ok
13:30:16.0483 0x0a38  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] VWiFiFlt        C:\Windows\system32\DRIVERS\vwififlt.sys
13:30:16.0529 0x0a38  VWiFiFlt - ok
13:30:16.0576 0x0a38  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
13:30:16.0607 0x0a38  vwifimp - ok
13:30:16.0670 0x0a38  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
13:30:16.0748 0x0a38  W32Time - ok
13:30:16.0810 0x0a38  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
13:30:16.0841 0x0a38  WacomPen - ok
13:30:16.0888 0x0a38  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
13:30:16.0935 0x0a38  WANARP - ok
13:30:16.0966 0x0a38  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:30:17.0013 0x0a38  Wanarpv6 - ok
13:30:17.0091 0x0a38  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
13:30:17.0169 0x0a38  WatAdminSvc - ok
13:30:17.0263 0x0a38  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
13:30:17.0372 0x0a38  wbengine - ok
13:30:17.0434 0x0a38  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:30:17.0465 0x0a38  WbioSrvc - ok
13:30:17.0512 0x0a38  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:30:17.0559 0x0a38  wcncsvc - ok
13:30:17.0606 0x0a38  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:30:17.0637 0x0a38  WcsPlugInService - ok
13:30:17.0684 0x0a38  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
13:30:17.0699 0x0a38  Wd - ok
13:30:17.0731 0x0a38  [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
13:30:17.0762 0x0a38  WDC_SAM - ok
13:30:17.0887 0x0a38  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:30:17.0918 0x0a38  Wdf01000 - ok
13:30:17.0949 0x0a38  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:30:18.0043 0x0a38  WdiServiceHost - ok
13:30:18.0074 0x0a38  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:30:18.0105 0x0a38  WdiSystemHost - ok
13:30:18.0199 0x0a38  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
13:30:18.0214 0x0a38  WebClient - ok
13:30:18.0292 0x0a38  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:30:18.0355 0x0a38  Wecsvc - ok
13:30:18.0401 0x0a38  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:30:18.0448 0x0a38  wercplsupport - ok
13:30:18.0495 0x0a38  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
13:30:18.0542 0x0a38  WerSvc - ok
13:30:18.0589 0x0a38  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
13:30:18.0635 0x0a38  WfpLwf - ok
13:30:18.0667 0x0a38  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:30:18.0682 0x0a38  WIMMount - ok
13:30:18.0745 0x0a38  WinDefend - ok
13:30:18.0807 0x0a38  WinHttpAutoProxySvc - ok
13:30:18.0885 0x0a38  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:30:18.0963 0x0a38  Winmgmt - ok
13:30:19.0088 0x0a38  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
13:30:19.0275 0x0a38  WinRM - ok
13:30:19.0353 0x0a38  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
13:30:19.0400 0x0a38  WinUsb - ok
13:30:19.0493 0x0a38  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:30:19.0556 0x0a38  Wlansvc - ok
13:30:19.0790 0x0a38  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:30:19.0930 0x0a38  wlidsvc - ok
13:30:19.0977 0x0a38  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
13:30:20.0008 0x0a38  WmiAcpi - ok
13:30:20.0071 0x0a38  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:30:20.0133 0x0a38  wmiApSrv - ok
13:30:20.0180 0x0a38  WMPNetworkSvc - ok
13:30:20.0227 0x0a38  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:30:20.0258 0x0a38  WPCSvc - ok
13:30:20.0305 0x0a38  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:30:20.0351 0x0a38  WPDBusEnum - ok
13:30:20.0398 0x0a38  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:30:20.0445 0x0a38  ws2ifsl - ok
13:30:20.0492 0x0a38  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
13:30:20.0554 0x0a38  wscsvc - ok
13:30:20.0601 0x0a38  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
13:30:20.0632 0x0a38  WSDPrintDevice - ok
13:30:20.0663 0x0a38  WSearch - ok
13:30:20.0804 0x0a38  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
13:30:20.0913 0x0a38  wuauserv - ok
13:30:20.0960 0x0a38  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:30:21.0069 0x0a38  WudfPf - ok
13:30:21.0131 0x0a38  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:30:21.0147 0x0a38  WUDFRd - ok
13:30:21.0194 0x0a38  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:30:21.0256 0x0a38  wudfsvc - ok
13:30:21.0319 0x0a38  [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc         C:\Windows\System32\wwansvc.dll
13:30:21.0412 0x0a38  WwanSvc - ok
13:30:21.0490 0x0a38  [ 64F88AF327AA74E03658AE32B48CCB8B, 52C8941D96F2EF89BBC4A4268DC59E5BC89AE2DAB199C13BBFF11C2606BE7FFA ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
13:30:21.0631 0x0a38  yukonw7 - ok



#8 gillybean

gillybean
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Canada
  • Local time:08:41 AM

Posted 04 March 2014 - 02:15 PM

TDSSKiller log part 2

 

13:30:21.0787 0x0a38  ================ Scan global ===============================
13:30:21.0927 0x0a38  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
13:30:21.0974 0x0a38  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
13:30:22.0005 0x0a38  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
13:30:22.0052 0x0a38  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
13:30:22.0083 0x0a38  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
13:30:22.0099 0x0a38  [ Global ] - ok
13:30:22.0114 0x0a38  ================ Scan MBR ==================================
13:30:22.0114 0x0a38  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:30:23.0144 0x0a38  \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
13:30:23.0144 0x0a38  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
13:30:26.0389 0x0a38  ================ Scan VBR ==================================
13:30:26.0420 0x0a38  [ 54C2907F76B62360225ED8A80ACA8D14 ] \Device\Harddisk0\DR0\Partition1
13:30:26.0435 0x0a38  \Device\Harddisk0\DR0\Partition1 - ok
13:30:26.0451 0x0a38  [ 4ECBBFE23C4EB6BE0F4587931E276B32 ] \Device\Harddisk0\DR0\Partition2
13:30:26.0451 0x0a38  \Device\Harddisk0\DR0\Partition2 - ok
13:30:26.0467 0x0a38  ================ Scan active images ========================
13:30:26.0467 0x0a38  [ 3E588B60EC061686BA05D33574A344C6, 19D2D863F95CCC4493A2328B6BEB04248B6A80F957532E58C1D1D868C19FDCCB ] C:\Windows\System32\drivers\crashdmp.sys
13:30:26.0467 0x0a38  C:\Windows\System32\drivers\crashdmp.sys - ok
13:30:26.0467 0x0a38  [ 4F6FB2CDBDEEFC47E7D2066E78254580, F2B722FBF9C8216CCA42A6910D72FE5532B2B99BAA1815C24D852873F778072A ] C:\Windows\System32\drivers\iaStor.sys
13:30:26.0467 0x0a38  C:\Windows\System32\drivers\iaStor.sys - ok
13:30:26.0482 0x0a38  [ 814DB88F2641691575A455CF25354098, 79C50F0CD72612733217A0316BEFEA0B6D819C3159D9452EAB89AC26A18A0F89 ] C:\Windows\System32\drivers\dumpfve.sys
13:30:26.0482 0x0a38  C:\Windows\System32\drivers\dumpfve.sys - ok
13:30:26.0482 0x0a38  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] C:\Windows\System32\drivers\cdrom.sys
13:30:26.0482 0x0a38  C:\Windows\System32\drivers\cdrom.sys - ok
13:30:26.0498 0x0a38  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] C:\Windows\System32\drivers\beep.sys
13:30:26.0498 0x0a38  C:\Windows\System32\drivers\beep.sys - ok
13:30:26.0498 0x0a38  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] C:\Windows\System32\drivers\null.sys
13:30:26.0498 0x0a38  C:\Windows\System32\drivers\null.sys - ok
13:30:26.0513 0x0a38  [ FC438D1430B28618E2D0C7C332A710AD, 873957B202E454E2C8F625E5799F278CAC16EC5EEAEE2C33E2FE5D1FF0408CB2 ] C:\Windows\System32\drivers\watchdog.sys
13:30:26.0513 0x0a38  C:\Windows\System32\drivers\watchdog.sys - ok
13:30:26.0513 0x0a38  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] C:\Windows\System32\drivers\vga.sys
13:30:26.0513 0x0a38  C:\Windows\System32\drivers\vga.sys - ok
13:30:26.0529 0x0a38  [ E7353D59C9842BC7299FAEB7E7E09340, C37ED1025E07BAC2F535DCFED6C6C509515D95722EADE5AF94F1FC5D8B1DC783 ] C:\Windows\System32\drivers\videoprt.sys
13:30:26.0529 0x0a38  C:\Windows\System32\drivers\videoprt.sys - ok
13:30:26.0529 0x0a38  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] C:\Windows\System32\drivers\RDPCDD.sys
13:30:26.0529 0x0a38  C:\Windows\System32\drivers\RDPCDD.sys - ok
13:30:26.0545 0x0a38  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] C:\Windows\System32\drivers\RDPENCDD.sys
13:30:26.0545 0x0a38  C:\Windows\System32\drivers\RDPENCDD.sys - ok
13:30:26.0545 0x0a38  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] C:\Windows\System32\drivers\msfs.sys
13:30:26.0545 0x0a38  C:\Windows\System32\drivers\msfs.sys - ok
13:30:26.0560 0x0a38  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] C:\Windows\System32\drivers\npfs.sys
13:30:26.0560 0x0a38  C:\Windows\System32\drivers\npfs.sys - ok
13:30:26.0560 0x0a38  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] C:\Windows\System32\drivers\RDPREFMP.sys
13:30:26.0560 0x0a38  C:\Windows\System32\drivers\RDPREFMP.sys - ok
13:30:26.0576 0x0a38  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] C:\Windows\System32\drivers\netbt.sys
13:30:26.0576 0x0a38  C:\Windows\System32\drivers\netbt.sys - ok
13:30:26.0576 0x0a38  [ 6F020A220388ECA0AB6062DC27BD16B6, 48655230E482DEB7B4B50EF05818EBB29CA61E780AEFCD9D31B02DE4DF9D9540 ] C:\Windows\System32\drivers\tdi.sys
13:30:26.0576 0x0a38  C:\Windows\System32\drivers\tdi.sys - ok
13:30:26.0591 0x0a38  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] C:\Windows\System32\drivers\tdx.sys
13:30:26.0591 0x0a38  C:\Windows\System32\drivers\tdx.sys - ok
13:30:26.0591 0x0a38  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] C:\Windows\System32\drivers\afd.sys
13:30:26.0591 0x0a38  C:\Windows\System32\drivers\afd.sys - ok
13:30:26.0607 0x0a38  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] C:\Windows\System32\drivers\wfplwf.sys
13:30:26.0607 0x0a38  C:\Windows\System32\drivers\wfplwf.sys - ok
13:30:26.0607 0x0a38  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] C:\Windows\System32\drivers\netbios.sys
13:30:26.0607 0x0a38  C:\Windows\System32\drivers\netbios.sys - ok
13:30:26.0623 0x0a38  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] C:\Windows\System32\drivers\pacer.sys
13:30:26.0623 0x0a38  C:\Windows\System32\drivers\pacer.sys - ok
13:30:26.0623 0x0a38  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] C:\Windows\System32\drivers\vwififlt.sys
13:30:26.0623 0x0a38  C:\Windows\System32\drivers\vwififlt.sys - ok
13:30:26.0638 0x0a38  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] C:\Windows\System32\drivers\wanarp.sys
13:30:26.0638 0x0a38  C:\Windows\System32\drivers\wanarp.sys - ok
13:30:26.0638 0x0a38  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] C:\Windows\System32\drivers\termdd.sys
13:30:26.0638 0x0a38  C:\Windows\System32\drivers\termdd.sys - ok
13:30:26.0654 0x0a38  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] C:\Windows\System32\drivers\nsiproxy.sys
13:30:26.0654 0x0a38  C:\Windows\System32\drivers\nsiproxy.sys - ok
13:30:26.0654 0x0a38  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] C:\Windows\System32\drivers\rdbss.sys
13:30:26.0654 0x0a38  C:\Windows\System32\drivers\rdbss.sys - ok
13:30:26.0669 0x0a38  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] C:\Windows\System32\drivers\discache.sys
13:30:26.0669 0x0a38  C:\Windows\System32\drivers\discache.sys - ok
13:30:26.0669 0x0a38  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] C:\Windows\System32\drivers\mssmbios.sys
13:30:26.0669 0x0a38  C:\Windows\System32\drivers\mssmbios.sys - ok
13:30:26.0685 0x0a38  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] C:\Windows\System32\drivers\dfsc.sys
13:30:26.0685 0x0a38  C:\Windows\System32\drivers\dfsc.sys - ok
13:30:26.0685 0x0a38  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] C:\Windows\System32\drivers\blbdrive.sys
13:30:26.0685 0x0a38  C:\Windows\System32\drivers\blbdrive.sys - ok
13:30:26.0701 0x0a38  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] C:\Windows\System32\drivers\tunnel.sys
13:30:26.0701 0x0a38  C:\Windows\System32\drivers\tunnel.sys - ok
13:30:26.0701 0x0a38  [ CAAAC014C5C56A69F710B5F1B836DE22, DA98EF2EBF9A7F180344A88CC2C74F69101E17BBAB58B1C46176FD6EE7AA2E6A ] C:\Windows\System32\ntdll.dll
13:30:26.0701 0x0a38  C:\Windows\System32\ntdll.dll - ok
13:30:26.0716 0x0a38  [ F0970A4BC8395659C22BF53D0FADF16F, 23BE3066D89A5ACBF8130899640D377476E78B6C3D19E2D13C32238464A83E21 ] C:\Windows\System32\smss.exe
13:30:26.0716 0x0a38  C:\Windows\System32\smss.exe - ok
13:30:26.0716 0x0a38  [ C6238C6ABD6AC99F5D152DA4E9439A3D, 6FC490B94CEF523C7C099AEA3D36AB75C9896B1D83D4467D237E698A8E0D9E7B ] C:\Windows\System32\drivers\igdkmd64.sys
13:30:26.0716 0x0a38  C:\Windows\System32\drivers\igdkmd64.sys - ok
13:30:26.0732 0x0a38  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] C:\Windows\System32\drivers\dxgkrnl.sys
13:30:26.0732 0x0a38  C:\Windows\System32\drivers\dxgkrnl.sys - ok
13:30:26.0747 0x0a38  [ 1F04CFB79DD5FB7694468CE3FB3DCC31, A40C0BF6D1EC6C4281611A830EA7B22FEF523A3E197E5A8F59332D64E90376B6 ] C:\Windows\System32\drivers\dxgmms1.sys
13:30:26.0747 0x0a38  C:\Windows\System32\drivers\dxgmms1.sys - ok
13:30:26.0763 0x0a38  [ 12FEB33791920678F8433701C822BCFD, 7D1AD944CF0532D5AF951ACCE064EA9288F068964603674854CD7658D2B96039 ] C:\Windows\System32\drivers\usbport.sys
13:30:26.0763 0x0a38  C:\Windows\System32\drivers\usbport.sys - ok
13:30:26.0763 0x0a38  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] C:\Windows\System32\drivers\hdaudbus.sys
13:30:26.0763 0x0a38  C:\Windows\System32\drivers\hdaudbus.sys - ok
13:30:26.0779 0x0a38  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] C:\Windows\System32\drivers\usbehci.sys
13:30:26.0779 0x0a38  C:\Windows\System32\drivers\usbehci.sys - ok
13:30:26.0779 0x0a38  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] C:\Windows\System32\drivers\usbuhci.sys
13:30:26.0779 0x0a38  C:\Windows\System32\drivers\usbuhci.sys - ok
13:30:26.0794 0x0a38  [ 3B536A8BEC3B4F23FFDFD78B11A2AB93, 7BC847CE6C2D29C334F0D1600BBBDE3933FF45F6BEE5186F442E6270A3F9EC4E ] C:\Windows\System32\autochk.exe
13:30:26.0794 0x0a38  C:\Windows\System32\autochk.exe - ok
13:30:26.0794 0x0a38  [ 83404DCBCE4925B6A5A77C5170F46D86, D669614D0B4461DB244AD99FBE1BA92CEB9B4ED5EC8E987E23764E77D9AC7074 ] C:\Windows\System32\sechost.dll
13:30:26.0794 0x0a38  C:\Windows\System32\sechost.dll - ok
13:30:26.0810 0x0a38  [ EAF32CB8C1F810E4715B4DFBE785C7FF, DB6AD07FDED42433E669508AB73FAFF6DAFF04575D6F1D016FE3EB6ECEC4DD5D ] C:\Windows\System32\shlwapi.dll
13:30:26.0810 0x0a38  C:\Windows\System32\shlwapi.dll - ok
13:30:26.0810 0x0a38  [ 1D974430131627AD97BD28E5746C2EC1, 0F4F5CDE462DA5BCEE6DE144BE33DBD2CA79AE8E9C1915ADAD731E62BC289D2E ] C:\Windows\System32\drivers\NETwNs64.sys
13:30:26.0810 0x0a38  C:\Windows\System32\drivers\NETwNs64.sys - ok
13:30:26.0825 0x0a38  [ 263B6E451526A90FF8B1CEC759F22956, 8225A6B0A31A68D3CB11A7A274A7E2153E98F7DF657195408A365A0AF789BD72 ] C:\Windows\System32\wininet.dll
13:30:26.0825 0x0a38  C:\Windows\System32\wininet.dll - ok
13:30:26.0825 0x0a38  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] C:\Windows\System32\drivers\vwifibus.sys
13:30:26.0825 0x0a38  C:\Windows\System32\drivers\vwifibus.sys - ok
13:30:26.0841 0x0a38  [ 64F88AF327AA74E03658AE32B48CCB8B, 52C8941D96F2EF89BBC4A4268DC59E5BC89AE2DAB199C13BBFF11C2606BE7FFA ] C:\Windows\System32\drivers\yk62x64.sys
13:30:26.0841 0x0a38  C:\Windows\System32\drivers\yk62x64.sys - ok
13:30:26.0841 0x0a38  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] C:\Windows\System32\drivers\i8042prt.sys
13:30:26.0841 0x0a38  C:\Windows\System32\drivers\i8042prt.sys - ok
13:30:26.0857 0x0a38  [ 98449A2957778A6F025C418438A380F4, 19AE7F1BCF1051A6804A17A8957AC6B30BD9538AB427D069240217DF24A496FA ] C:\Windows\System32\drivers\Apfiltr.sys
13:30:26.0857 0x0a38  C:\Windows\System32\drivers\Apfiltr.sys - ok
13:30:26.0857 0x0a38  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] C:\Windows\System32\drivers\mouclass.sys
13:30:26.0857 0x0a38  C:\Windows\System32\drivers\mouclass.sys - ok
13:30:26.0872 0x0a38  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] C:\Windows\System32\drivers\kbdclass.sys
13:30:26.0872 0x0a38  C:\Windows\System32\drivers\kbdclass.sys - ok
13:30:26.0872 0x0a38  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] C:\Windows\System32\drivers\GEARAspiWDM.sys
13:30:26.0872 0x0a38  C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
13:30:26.0888 0x0a38  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] C:\Windows\System32\drivers\CmBatt.sys
13:30:26.0888 0x0a38  C:\Windows\System32\drivers\CmBatt.sys - ok
13:30:26.0888 0x0a38  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] C:\Windows\System32\drivers\wmiacpi.sys
13:30:26.0888 0x0a38  C:\Windows\System32\drivers\wmiacpi.sys - ok
13:30:26.0903 0x0a38  [ 28C0B5024F5C5A438E78B188CFC81B7F, AB81FB63F2908CE316B45609077ACBD85F4B2AAD1606B1E9030F06DB82EDDFAD ] C:\Windows\System32\normaliz.dll
13:30:26.0903 0x0a38  C:\Windows\System32\normaliz.dll - ok
13:30:26.0903 0x0a38  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] C:\Windows\System32\drivers\intelppm.sys
13:30:26.0903 0x0a38  C:\Windows\System32\drivers\intelppm.sys - ok
13:30:26.0919 0x0a38  [ 6C60B5ACA7442EFB794082CDACFC001C, FC1D9124856A70FF232EF3057D66BEE803295847624CE23B4D0217F23AF52C75 ] C:\Windows\System32\ole32.dll
13:30:26.0919 0x0a38  C:\Windows\System32\ole32.dll - ok
13:30:26.0919 0x0a38  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] C:\Windows\System32\drivers\CompositeBus.sys
13:30:26.0919 0x0a38  C:\Windows\System32\drivers\CompositeBus.sys - ok
13:30:26.0935 0x0a38  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] C:\Windows\System32\drivers\agilevpn.sys
13:30:26.0935 0x0a38  C:\Windows\System32\drivers\agilevpn.sys - ok
13:30:26.0935 0x0a38  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] C:\Windows\System32\drivers\rasl2tp.sys
13:30:26.0935 0x0a38  C:\Windows\System32\drivers\rasl2tp.sys - ok
13:30:26.0950 0x0a38  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] C:\Windows\System32\drivers\ndistapi.sys
13:30:26.0950 0x0a38  C:\Windows\System32\drivers\ndistapi.sys - ok
13:30:26.0950 0x0a38  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] C:\Windows\System32\drivers\ndiswan.sys
13:30:26.0950 0x0a38  C:\Windows\System32\drivers\ndiswan.sys - ok
13:30:26.0966 0x0a38  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] C:\Windows\System32\drivers\raspppoe.sys
13:30:26.0966 0x0a38  C:\Windows\System32\drivers\raspppoe.sys - ok
13:30:26.0997 0x0a38  [ C431EAF5CAA1C82CAC2534A2EAB348A3, ADDF850128DC675E67FABA9A3D0D27E684F01F733962CA22927BB94503549E44 ] C:\Windows\System32\msctf.dll
13:30:26.0997 0x0a38  C:\Windows\System32\msctf.dll - ok
13:30:26.0997 0x0a38  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] C:\Windows\System32\drivers\raspptp.sys
13:30:26.0997 0x0a38  C:\Windows\System32\drivers\raspptp.sys - ok
13:30:27.0013 0x0a38  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] C:\Windows\System32\drivers\rassstp.sys
13:30:27.0013 0x0a38  C:\Windows\System32\drivers\rassstp.sys - ok
13:30:27.0013 0x0a38  [ 6300AD525D639CECBB3D144B6D7B30F9, 9A7BA443CC0A40215AC99599F4DF6A852D1DE3BD7AD1FBBCEBCCFD7F86062FA6 ] C:\Windows\System32\iertutil.dll
13:30:27.0013 0x0a38  C:\Windows\System32\iertutil.dll - ok
13:30:27.0028 0x0a38  [ 24FBF5CC5C04150073C315A7C83521EE, 581BD5F15B5E57B3BAA762E421FFD859FDA46DDB8515C2A7AAFF208D784E906C ] C:\Windows\System32\drivers\ks.sys
13:30:27.0028 0x0a38  C:\Windows\System32\drivers\ks.sys - ok
13:30:27.0028 0x0a38  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] C:\Windows\System32\drivers\swenum.sys
13:30:27.0028 0x0a38  C:\Windows\System32\drivers\swenum.sys - ok
13:30:27.0044 0x0a38  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] C:\Windows\System32\drivers\umbus.sys
13:30:27.0044 0x0a38  C:\Windows\System32\drivers\umbus.sys - ok
13:30:27.0044 0x0a38  [ DBF99FD9CAF75CA66D042BD8D050FF71, D11A863EAEDE80A731FD7A63F744E518D3921043CC3982BAA87992F9E82F044F ] C:\Windows\System32\usp10.dll
13:30:27.0044 0x0a38  C:\Windows\System32\usp10.dll - ok
13:30:27.0059 0x0a38  [ 22874047B810B5B174C68ACD7C0B6510, D3DC88210DBC13A2F3B41960C6C0E59A16D1AE20FC24AD059DF3B46A40A77095 ] C:\Windows\System32\urlmon.dll
13:30:27.0059 0x0a38  C:\Windows\System32\urlmon.dll - ok
13:30:27.0059 0x0a38  [ C06B32165E23A72A898B7A89679AD754, 721405158F6E9F1A7FE7BB33EF642D91332726629D0D3B07DF3CF3152A91C85D ] C:\Windows\System32\oleaut32.dll
13:30:27.0059 0x0a38  C:\Windows\System32\oleaut32.dll - ok
13:30:27.0075 0x0a38  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] C:\Windows\System32\drivers\usbhub.sys
13:30:27.0075 0x0a38  C:\Windows\System32\drivers\usbhub.sys - ok
13:30:27.0075 0x0a38  [ 25983DE69B57142039AC8D95E71CD9C9, A677DA7EBCBCB6073D27E8A38809F51E971E83ED379BC599AAAD6EF4216348DA ] C:\Windows\System32\clbcatq.dll
13:30:27.0075 0x0a38  C:\Windows\System32\clbcatq.dll - ok
13:30:27.0091 0x0a38  [ 4E4FFB09D895AA000DD56D1404F69A7E, D999E04BB35780088480EAB322176570591A21E311D204BDCAB010A63B34D24C ] C:\Windows\System32\Wldap32.dll
13:30:27.0091 0x0a38  C:\Windows\System32\Wldap32.dll - ok
13:30:27.0091 0x0a38  [ AD662B34B161198B9D66A564EDDA7D43, 335807AA4E88234BF2C639781E92D0DBC41D973754D61AB1DA6C8BA4E108AEBD ] C:\Windows\System32\shell32.dll
13:30:27.0091 0x0a38  C:\Windows\System32\shell32.dll - ok
13:30:27.0106 0x0a38  [ AA2C08CE85653B1A0D2E4AB407FA176C, 83DFD0C119B20AEDB07114C9D1CF9CE2DFA938D0F1070256B0591A9E2C3997FA ] C:\Windows\System32\imm32.dll
13:30:27.0106 0x0a38  C:\Windows\System32\imm32.dll - ok
13:30:27.0106 0x0a38  [ F7CE0C81C545364020ED8203CF0A633E, 24B47A7492B7048096AF87E26786E8108455ADBD1A374B6A0466DE008505B8A9 ] C:\Windows\System32\difxapi.dll
13:30:27.0106 0x0a38  C:\Windows\System32\difxapi.dll - ok
13:30:27.0122 0x0a38  [ 26036E228D2467DE6975AD819C22C043, B4A30EC7ABAEFFF55DE662F4A17415F2BD737BD563215638C86C580B8F3EA907 ] C:\Windows\System32\rpcrt4.dll
13:30:27.0122 0x0a38  C:\Windows\System32\rpcrt4.dll - ok
13:30:27.0122 0x0a38  [ C391FC68282A000CDF953F8B6B55D2EF, 1CB0DAB84545D9FDEA5A7865A1E7132CEAC91DECF8B100285B63098D7B09E584 ] C:\Windows\System32\msvcrt.dll
13:30:27.0122 0x0a38  C:\Windows\System32\msvcrt.dll - ok
13:30:27.0137 0x0a38  [ 63A580C88CFAF72A92550940054569EF, A66C89123D1833446ACC31D5CF536B0D0EC24D2F805C022A637596CF98429D9F ] C:\Windows\System32\advapi32.dll
13:30:27.0137 0x0a38  C:\Windows\System32\advapi32.dll - ok
13:30:27.0137 0x0a38  [ FE70103391A64039A921DBFFF9C7AB1B, F7D219D75037BC98F6C69143B00AB6000A31F8B5E211E0AF514F4F4B681522A0 ] C:\Windows\System32\user32.dll
13:30:27.0137 0x0a38  C:\Windows\System32\user32.dll - ok
13:30:27.0153 0x0a38  [ 9835E63E09F824D22B689D2BB789BAB9, 5BCFFAFB894D69FBCDDB91E64D30A356F4BD57098E8B4C51B98AFAF6581BDB63 ] C:\Windows\System32\comdlg32.dll
13:30:27.0153 0x0a38  C:\Windows\System32\comdlg32.dll - ok
13:30:27.0153 0x0a38  [ 4BBFA57F594F7E8A8EDC8F377184C3F0, 9F3AC5DEA5A6250C3DBB97AF79C81C0A48429486521F807355A1D7D3D861B75F ] C:\Windows\System32\ws2_32.dll
13:30:27.0153 0x0a38  C:\Windows\System32\ws2_32.dll - ok
13:30:27.0169 0x0a38  [ 044FE45FFD6AD40E3BBBE60B7F41BABE, A1688A5E6E0F7037C850699462C2655006A7D873C97F9AB406C59D81749B6F09 ] C:\Windows\System32\nsi.dll
13:30:27.0169 0x0a38  C:\Windows\System32\nsi.dll - ok
13:30:27.0169 0x0a38  [ 56325BB1FF19F2A5AC8713756AC41140, B2124E57783312EE37D2621E689D8FB4C43A04BDBD4F481225C21038605A28CE ] C:\Windows\System32\gdi32.dll
13:30:27.0169 0x0a38  C:\Windows\System32\gdi32.dll - ok
13:30:27.0184 0x0a38  [ 5D8E6C95156ED1F79A63D1EADE6F9ED5, 12130837D7F89A2C7E9D25747A8E5B9001E0A38D545178B49B450C23AE62664A ] C:\Windows\System32\setupapi.dll
13:30:27.0184 0x0a38  C:\Windows\System32\setupapi.dll - ok
13:30:27.0184 0x0a38  [ B4F29F65AD3114051F01E9403346047F, 7EB58545211C51E95B3F45C47C1F7CCE05B707D168E7C20F46D36E19EE3D8DFC ] C:\Windows\System32\imagehlp.dll
13:30:27.0184 0x0a38  C:\Windows\System32\imagehlp.dll - ok
13:30:27.0200 0x0a38  [ 796B47A4B82EF1C39F13435B88834C48, AFC3E89476BAAD8A71663F0DB8D15E00FF9D131F1306A2F69D728E3AD1184602 ] C:\Windows\System32\lpk.dll
13:30:27.0200 0x0a38  C:\Windows\System32\lpk.dll - ok
13:30:27.0200 0x0a38  [ D8973E71F1B35CD3F3DEA7C12D49D0F0, 23CAE14BF9D7208CD2A0B2691B1A64313A24A23E6D70F40AA0572ED37E8B542C ] C:\Windows\System32\kernel32.dll
13:30:27.0200 0x0a38  C:\Windows\System32\kernel32.dll - ok
13:30:27.0215 0x0a38  [ D87E1E59C73C1F98D5DED5B3850C40F5, 536419BFF9F877D4314B5D0C045D9A6E729489C389863FADF07E382050BC84FD ] C:\Windows\System32\psapi.dll
13:30:27.0215 0x0a38  C:\Windows\System32\psapi.dll - ok
13:30:27.0215 0x0a38  [ 06FEC9E8117103BB1141A560E98077DA, C5E61B11DDBBBBBA3D9488970524F0975EA5FBDF16E2FA31F579F8BFA48353B1 ] C:\Windows\System32\devobj.dll
13:30:27.0215 0x0a38  C:\Windows\System32\devobj.dll - ok
13:30:27.0231 0x0a38  [ 64A4AB126E24FD3F58EBE64852773DB5, ED425BBC91EB8BEF54C363036A770C551C97EF324F1AE31049CA750D0E2D6776 ] C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
13:30:27.0231 0x0a38  C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
13:30:27.0231 0x0a38  [ 9094039A00485F71C4DE64BF51F64C46, 4ACFEF4C747ADF806A4FDEDDFD9CC48168DFB05075306C77D3F3927749DD7484 ] C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
13:30:27.0231 0x0a38  C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll - ok
13:30:27.0247 0x0a38  [ 9028D1621C43DF8DFBD1C76860412A11, A1D48D9B33180BDE50D2FA9BB07E9520B7B7788C39B3AABB4A06AE4B1AACA755 ] C:\Windows\System32\comctl32.dll
13:30:27.0247 0x0a38  C:\Windows\System32\comctl32.dll - ok
13:30:27.0247 0x0a38  [ 72723D3E4781BADC62C3180C137E7B23, 0BDA5292928578C5DA79C761E15B8A892B9D4A3DA26D3635E714797C653CF492 ] C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
13:30:27.0247 0x0a38  C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll - ok
13:30:27.0262 0x0a38  [ B22C00ED0491FD7B8803D7DDE2849F4C, 11AB01BF17A4130A3C4EF493A42406DF106B0923DD6DCBFF5958F5C886B9DA93 ] C:\Windows\System32\KernelBase.dll
13:30:27.0262 0x0a38  C:\Windows\System32\KernelBase.dll - ok
13:30:27.0262 0x0a38  [ F49E92B50CED5C9F1725D3C0329FD933, 6155FA4D8242F07FC578FF746890C2EE19FC3D6A20ED8AE4C6F021DB2DAC184F ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
13:30:27.0262 0x0a38  C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
13:30:27.0278 0x0a38  [ 780F6ECC4F55D76C9730E6B6C9B31913, 1AEA642AFA210A672A92AAA49CFDE52D9E48ED41248F7644FAADE760E8A0E72E ] C:\Windows\System32\crypt32.dll
13:30:27.0278 0x0a38  C:\Windows\System32\crypt32.dll - ok
13:30:27.0278 0x0a38  [ 2477A28081BDAEE622CF045ACF8EE124, 00A09CAF9129E84FEEA98FA03CE9012C9F961B64FEE15C4F268822C0F82ACC3C ] C:\Windows\System32\cfgmgr32.dll
13:30:27.0278 0x0a38  C:\Windows\System32\cfgmgr32.dll - ok
13:30:27.0293 0x0a38  [ AFC3DB5C6EB8CA8017DDB81D6C0AD02A, 445C2857398252756FD25BB94DAFCCEFF573DE55F1F8BF9094C191F409FE6437 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
13:30:27.0293 0x0a38  C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
13:30:27.0293 0x0a38  [ 959041D7014C97133D859B45BCA0FC58, 282D34828DA7404470949483CB9789A8B4861D188093F0FBD07138A37F60B94B ] C:\Windows\System32\wintrust.dll
13:30:27.0293 0x0a38  C:\Windows\System32\wintrust.dll - ok
13:30:27.0309 0x0a38  [ 0E6FBF19D9DFBB77316C23DF91F8A101, 680F88E1BC55EA3342AACE6F2E3511BF877AC8F03276D028FEE84EEFE8B5611A ] C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
13:30:27.0309 0x0a38  C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
13:30:27.0309 0x0a38  [ 884415BD4269C02EAF8E2613BF85500D, EFE771709EC942694FD206AC8D0A48ED7DCD35036F074268E4AECD68AC982CEA ] C:\Windows\System32\msasn1.dll
13:30:27.0309 0x0a38  C:\Windows\System32\msasn1.dll - ok
13:30:27.0325 0x0a38  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] C:\Windows\System32\drivers\ndproxy.sys
13:30:27.0325 0x0a38  C:\Windows\System32\drivers\ndproxy.sys - ok
13:30:27.0325 0x0a38  [ 9C278785347BCC991F8EA2999D90F58D, EA680C3642A6ABF627415AEE019956FAC702DC6A8F4B4D0FC8A4FB21EADD3896 ] C:\Windows\SysWOW64\normaliz.dll
13:30:27.0325 0x0a38  C:\Windows\SysWOW64\normaliz.dll - ok
13:30:27.0340 0x0a38  [ E0D3CD5841E5C7BE7B94BA946AF1E498, 4EAE1B226255623DA41A047633994D6902F6D4CA5757BF5D85E227378336227F ] C:\Windows\System32\drivers\drmk.sys
13:30:27.0340 0x0a38  C:\Windows\System32\drivers\drmk.sys - ok
13:30:27.0340 0x0a38  [ 1E0B4CBBA91C6B041A14ECC2186F7E24, 63039A317F906454A0652704DA2D646658A148B9B55BFB5D2F4B27997F357DF9 ] C:\Windows\System32\drivers\portcls.sys
13:30:27.0340 0x0a38  C:\Windows\System32\drivers\portcls.sys - ok
13:30:27.0356 0x0a38  [ F3F6C17F70EBA268CDBE4F9704E3EAC5, 3B24ED5C3F1E056F86E9DDB8FC5709249BE481D6F23A0C3611AB3620A799F764 ] C:\Windows\System32\drivers\stwrt64.sys
13:30:27.0356 0x0a38  C:\Windows\System32\drivers\stwrt64.sys - ok
13:30:27.0356 0x0a38  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] C:\Windows\System32\drivers\ksthunk.sys
13:30:27.0356 0x0a38  C:\Windows\System32\drivers\ksthunk.sys - ok
13:30:27.0371 0x0a38  [ BF24D6F2ED97FE830BFD52B246F98E67, 6BBF4C4221A245462EF653798F6B416EEB12594AD1CB4E8BC8908A8CB2F53384 ] C:\Windows\System32\drivers\dxapi.sys
13:30:27.0371 0x0a38  C:\Windows\System32\drivers\dxapi.sys - ok
13:30:27.0371 0x0a38  [ F2BF71FCEAB8FB8A691408C478E2FF4C, B271A8B43FFC29C9CFEA2B50A2370760A38274D491CD2BA02A0EA4D0A3998DE6 ] C:\Windows\System32\win32k.sys
13:30:27.0371 0x0a38  C:\Windows\System32\win32k.sys - ok
13:30:27.0387 0x0a38  [ 60C2862B4BF0FD9F582EF344C2B1EC72, CB1C6018FC5C15483AC5BB96E5C2E2E115BB0C0E1314837D77201BAB37E8C03A ] C:\Windows\System32\csrss.exe
13:30:27.0387 0x0a38  C:\Windows\System32\csrss.exe - ok
13:30:27.0387 0x0a38  [ 216BABD555BC550952320EEA89C25DDF, 1BBB92415280032CD18F361382A69D0D91266AAD56FC88A99C804B0053743D72 ] C:\Windows\System32\csrsrv.dll
13:30:27.0387 0x0a38  C:\Windows\System32\csrsrv.dll - ok
13:30:27.0403 0x0a38  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\System32\basesrv.dll
13:30:27.0403 0x0a38  C:\Windows\System32\basesrv.dll - ok
13:30:27.0403 0x0a38  [ 665BA29357882A8C5980B15B3A0123A4, C03D5140E4C8B469D30E3D82CDAEB2F1BA2EB671F146094166222B40993185C6 ] C:\Windows\System32\drivers\rtl8192cu.sys
13:30:27.0403 0x0a38  C:\Windows\System32\drivers\rtl8192cu.sys - ok
13:30:27.0418 0x0a38  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\System32\winsrv.dll
13:30:27.0418 0x0a38  C:\Windows\System32\winsrv.dll - ok
13:30:27.0418 0x0a38  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] C:\Windows\System32\drivers\monitor.sys
13:30:27.0418 0x0a38  C:\Windows\System32\drivers\monitor.sys - ok
13:30:27.0434 0x0a38  [ FFA06EF43987ED0DD42AD59B260C0C78, 260518D5E077E55E0F2099037DBEFA93016FD4D4655456DDB3147AF9CBE7BF6B ] C:\Windows\System32\drivers\usbd.sys
13:30:27.0434 0x0a38  C:\Windows\System32\drivers\usbd.sys - ok
13:30:27.0434 0x0a38  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] C:\Windows\System32\drivers\USBSTOR.SYS
13:30:27.0434 0x0a38  C:\Windows\System32\drivers\USBSTOR.SYS - ok
13:30:27.0449 0x0a38  [ F29FE765E1448EF371CFE05BFAC74ADB, F251581222D78543272FD4B14A6A59F4B0E0CC44A5FCBCF56DE4CA5783F78A75 ] C:\Windows\System32\tsddd.dll
13:30:27.0449 0x0a38  C:\Windows\System32\tsddd.dll - ok
13:30:27.0449 0x0a38  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\System32\sxssrv.dll
13:30:27.0449 0x0a38  C:\Windows\System32\sxssrv.dll - ok
13:30:27.0465 0x0a38  [ 94355C28C1970635A31B3FE52EB7CEBA, C4E98F07170CEC69CACDD5CEDB8927E48A2A299CB1B8CDA87526E768AF6174F0 ] C:\Windows\System32\wininit.exe
13:30:27.0465 0x0a38  C:\Windows\System32\wininit.exe - ok
13:30:27.0465 0x0a38  [ 943F527DF79E6B400104341AA7023C75, 53C7B9426181D3D172E6B1A07E6DF8A0CB8FCA27D3A03CE5F544D3209B5F4651 ] C:\Windows\System32\cdd.dll
13:30:27.0465 0x0a38  C:\Windows\System32\cdd.dll - ok
13:30:27.0481 0x0a38  [ 1151B1BAA6F350B1DB6598E0FEA7C457, B1506E0A7E826EFF0F5252EF5026070C46E2235438403A9A24D73EE69C0B8A49 ] C:\Windows\System32\winlogon.exe
13:30:27.0481 0x0a38  C:\Windows\System32\winlogon.exe - ok
13:30:27.0481 0x0a38  [ 2C942733A5983DD4502219FF37C7EBC7, 34B20B6B0D7274E4B5B783F1D2345BC3DD9888964D5C2C65712F041A00CF5B45 ] C:\Windows\System32\profapi.dll
13:30:27.0481 0x0a38  C:\Windows\System32\profapi.dll - ok
13:30:27.0496 0x0a38  [ C2A8CB1275ECB85D246A9ECC02A728E3, 3603FADCA0060BD201148F9D59E4E2627F024609A6463AB525B5D1AD17BDCD10 ] C:\Windows\System32\RpcRtRemote.dll
13:30:27.0496 0x0a38  C:\Windows\System32\RpcRtRemote.dll - ok
13:30:27.0496 0x0a38  [ 0D9764D58C5EFD672B7184854B152E5E, 9827B43DABBEC39AB2E2294408D9C5304EF27A684903C5234C6070387723D49E ] C:\Windows\System32\winsta.dll
13:30:27.0496 0x0a38  C:\Windows\System32\winsta.dll - ok
13:30:27.0512 0x0a38  [ 78523A26F5604C0568FE9D1CE86E36F4, 534A7228BF69719106F581616A32EAEF0B770DDB36DCE94F84E7D52FDB1382B5 ] C:\Windows\System32\KBDUS.DLL
13:30:27.0512 0x0a38  C:\Windows\System32\KBDUS.DLL - ok
13:30:27.0512 0x0a38  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] C:\Windows\System32\drivers\udfs.sys
13:30:27.0512 0x0a38  C:\Windows\System32\drivers\udfs.sys - ok
13:30:27.0527 0x0a38  [ B26B1801356760841C3BC69F9F91537F, 83B9DF333E36C09E81D44E12AE5BE14650126FDA0CF4A0EA853BF40C5780EF81 ] C:\Windows\System32\WlS0WndH.dll
13:30:27.0527 0x0a38  C:\Windows\System32\WlS0WndH.dll - ok
13:30:27.0527 0x0a38  [ 9CEAD32E79A62150FE9F8557E58E008B, AFE4C1725EE94D7DE0749AE1495A4E5CC33C369F29B2A589DA66FFE27FF9777E ] C:\Windows\System32\sxs.dll
13:30:27.0527 0x0a38  C:\Windows\System32\sxs.dll - ok
13:30:27.0543 0x0a38  [ 784FA3DF338E2E8F5F0389D6FAC428AF, 9C8AA0CFDEB9E38AAF8EB08626070E0F0364F4F8A793CFE3532EC6C007980C34 ] C:\Windows\System32\cryptbase.dll
13:30:27.0543 0x0a38  C:\Windows\System32\cryptbase.dll - ok
13:30:27.0543 0x0a38  [ 90499F3163A9F815CF196A205EA3CD5D, 29B4ED3795CEC1177EB367132914CE21C194CDEC5DB9DC923FD928C85E94D821 ] C:\Windows\System32\apphelp.dll
13:30:27.0543 0x0a38  C:\Windows\System32\apphelp.dll - ok
13:30:27.0559 0x0a38  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\System32\services.exe
13:30:27.0559 0x0a38  C:\Windows\System32\services.exe - ok
13:30:27.0559 0x0a38  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] C:\Windows\System32\lsass.exe
13:30:27.0559 0x0a38  C:\Windows\System32\lsass.exe - ok
13:30:27.0574 0x0a38  [ B08EA91C774AA734E0B9881F85CD9F42, C0757F98D190D426EBF5B0B6C151BFFD0A128344BAA4A1BA36DB28C16BB4A0F2 ] C:\Windows\System32\sspicli.dll
13:30:27.0574 0x0a38  C:\Windows\System32\sspicli.dll - ok
13:30:27.0574 0x0a38  [ 7C46EC9CCDE6E793713FA01DB2EB918E, 36647EF5E68B39A972AE2EDBE446F4CCC59ADAC5C4C172F2A66D79139E66BB30 ] C:\Windows\System32\sspisrv.dll
13:30:27.0574 0x0a38  C:\Windows\System32\sspisrv.dll - ok
13:30:27.0590 0x0a38  [ 9662EE182644511439F1C53745DC1C88, D205B2C163E78AB42A5D67D7664EF6B75EA0374FF0924467D624F9DB0611F0AD ] C:\Windows\System32\lsm.exe
13:30:27.0590 0x0a38  C:\Windows\System32\lsm.exe - ok
13:30:27.0590 0x0a38  [ E914A50A151DFFE63D3935226DB5E2C1, 7DCCE4060344E1C771679F1C20378A0BEB3C1F06DB684072F07B98921A62A299 ] C:\Windows\System32\scext.dll
13:30:27.0590 0x0a38  C:\Windows\System32\scext.dll - ok
13:30:27.0605 0x0a38  [ 68083118797CAF30FB2EA3E71494D67E, 5F1BCDFCB00A20CD60CBC70A2FD97405EF0F7173DD0E404BBA7B06D39DB37364 ] C:\Windows\System32\sysntfy.dll
13:30:27.0605 0x0a38  C:\Windows\System32\sysntfy.dll - ok
13:30:27.0605 0x0a38  [ DEE7267C5D232A3B816866872CE199E6, A1994FD37667C52E7CBF873514C190DA61A3D1349786D187BFAE0006F61799AE ] C:\Windows\System32\wmsgapi.dll
13:30:27.0605 0x0a38  C:\Windows\System32\wmsgapi.dll - ok
13:30:27.0621 0x0a38  [ 086F906B1D30C0A5D35FE0F6362DAB21, C4C8CD9C60C6426E0402A4BE1D30CE30792D0A5FE1057266467E0C143DD1050C ] C:\Windows\System32\lsasrv.dll
13:30:27.0621 0x0a38  C:\Windows\System32\lsasrv.dll - ok
13:30:27.0621 0x0a38  [ 208EAAFF40DA400190AA0605C797BEA2, 24C349881E7102267D1648F9CA6A9AF871F1CAA3290AC96CEABCC3724D833C5B ] C:\Windows\System32\secur32.dll
13:30:27.0621 0x0a38  C:\Windows\System32\secur32.dll - ok
13:30:27.0637 0x0a38  [ BBCDF350817BA86416C0F06B6981BE8D, D064438F97852B9BD6015C8B19377C61C671E0969E09506B8359FE7B1F373A61 ] C:\Windows\System32\scesrv.dll
13:30:27.0637 0x0a38  C:\Windows\System32\scesrv.dll - ok
13:30:27.0637 0x0a38  [ 3A9C9BAF610B0DD4967086040B3B62A9, E8E9A0F42B1EE7806EDCEED08AA024D037215D06CA317E3678BD5364AD513D23 ] C:\Windows\System32\srvcli.dll
13:30:27.0637 0x0a38  C:\Windows\System32\srvcli.dll - ok
13:30:27.0652 0x0a38  [ A744BA6E04C8AA4592818178DBF89521, 9E7C85D842DF16F9B8FED7B06AF309B5ECCBFD465F5552347D4C3F1FEFDC6F7A ] C:\Windows\System32\samsrv.dll
13:30:27.0652 0x0a38  C:\Windows\System32\samsrv.dll - ok
13:30:27.0652 0x0a38  [ 3A061472B38233BAFF9CFEFF2E49C46B, DF29B14C8D22A8A16AA336A09A6152E2C7FCA6CAF4E76F0C5DCB55BEF9D00515 ] C:\Windows\System32\cryptdll.dll
13:30:27.0652 0x0a38  C:\Windows\System32\cryptdll.dll - ok
13:30:27.0668 0x0a38  [ 3C073B0C596A0AF84933E7406766B040, 4698BBA678F553E15AD4B07AD7FB236281F872DEFEE97BFD637114476C8F97B3 ] C:\Windows\System32\wevtapi.dll
13:30:27.0668 0x0a38  C:\Windows\System32\wevtapi.dll - ok
13:30:27.0668 0x0a38  [ 86FE1B1F8FD42CD0DB641AB1CDB13093, 8C4BB4415105CE82FFFE658879EAE9D259A24C0F6DFC7D25507352DC99241BE2 ] C:\Windows\System32\cngaudit.dll
13:30:27.0668 0x0a38  C:\Windows\System32\cngaudit.dll - ok
13:30:27.0683 0x0a38  [ 7FBEBD2229EA5FD48D41B199EC2D541C, A465975D445A8D50CAF3EF29BD33354B320D11173C127BE30D5EBBFF7008CDCE ] C:\Windows\System32\authz.dll
13:30:27.0683 0x0a38  C:\Windows\System32\authz.dll - ok
13:30:27.0683 0x0a38  [ 747B9BA5412422F27934CB21131F0A3E, 2441F925C3B46A15141A0A1E1AA9DFCCA2891D823D55C6E6DA0E30C2DE3A7341 ] C:\Windows\System32\ncrypt.dll
13:30:27.0683 0x0a38  C:\Windows\System32\ncrypt.dll - ok
13:30:27.0699 0x0a38  [ B9A95365E52F421A20E1501935FADDA5, DDB4CB575139233EFAF2C59B7E9B04AF36BBCCC63190181F3B2A7E6BFC86E77E ] C:\Windows\System32\bcrypt.dll
13:30:27.0699 0x0a38  C:\Windows\System32\bcrypt.dll - ok
13:30:27.0699 0x0a38  [ 02B64609F865A39365FF88580DF11738, 2F676B93898E1B6131AF6227BB7AB731EB9C29477F9BD4C2C60F0FC1E35CD968 ] C:\Windows\System32\msprivs.dll
13:30:27.0699 0x0a38  C:\Windows\System32\msprivs.dll - ok
13:30:27.0715 0x0a38  [ C6505DE3561537BA1004D638C2F93F2F, 3E4FDF374B1A9E43A8F61FD2D79E0515390ECABFDAF72C4BD44A7B6429039AF6 ] C:\Windows\System32\netjoin.dll
13:30:27.0715 0x0a38  C:\Windows\System32\netjoin.dll - ok
13:30:27.0715 0x0a38  [ 50532FCD7ECF02DD169CE5C485F02534, 8EE5D9D0EA53DC72BCC300692E521ACADD56AB09BFA3E78149D8B5A90648512C ] C:\Windows\System32\negoexts.dll
13:30:27.0715 0x0a38  C:\Windows\System32\negoexts.dll - ok
13:30:27.0730 0x0a38  [ 44E1A196DFCB53B01FE4B855C3B56A15, EDC31276EC325B642D07EE79F6E9021CBB7F8AFC32F9A408C91844175BF6B6E2 ] C:\Windows\System32\kerberos.dll
13:30:27.0730 0x0a38  C:\Windows\System32\kerberos.dll - ok
13:30:27.0730 0x0a38  [ D0C2FBB6D97416B0166478FC7AE2B212, 7EAB6C37F0A845E645CA44CC060AC6C56E386C7EF7A64716C6786C9602AD8C9D ] C:\Windows\System32\cryptsp.dll
13:30:27.0730 0x0a38  C:\Windows\System32\cryptsp.dll - ok
13:30:27.0746 0x0a38  [ 9A9F9F1A77D6A80EE28B57664F00013E, 0D441638E086EF1342FCDC43E826BF9E9CC6B2E8AE100D89BFC70163F987DE91 ] C:\Windows\System32\mswsock.dll
13:30:27.0746 0x0a38  C:\Windows\System32\mswsock.dll - ok
13:30:27.0746 0x0a38  [ EC7CBFF96B05ECF3D366355B3C64ADCF, F69ED45EBEDCA9CF000AC03281F0EC2C351F98513FBA90E63394E4E561D6C7A2 ] C:\Windows\System32\wship6.dll
13:30:27.0746 0x0a38  C:\Windows\System32\wship6.dll - ok
13:30:27.0761 0x0a38  [ EF12B8385AA2849999008A977918F96B, ADEF9F5D2B0C2A30CB1B395C774E7FE75437135A09D3D4E6F97EE8656CE139B4 ] C:\Windows\System32\msv1_0.dll
13:30:27.0761 0x0a38  C:\Windows\System32\msv1_0.dll - ok
13:30:27.0761 0x0a38  [ AA339DD8BB128EF66660DFBBB59043D3, 76D9F849AFDDA38E04549EB67B4163478776F1B6EF46434168278F84FEB8FC5C ] C:\Windows\System32\netlogon.dll
13:30:27.0761 0x0a38  C:\Windows\System32\netlogon.dll - ok
13:30:27.0777 0x0a38  [ 492D07D79E7024CA310867B526D9636D, F2FE647AB85C6C3C1AA3DF4BCE6E4D42B9676C9D837E11388C235AE8DB20044F ] C:\Windows\System32\dnsapi.dll
13:30:27.0777 0x0a38  C:\Windows\System32\dnsapi.dll - ok
13:30:27.0777 0x0a38  [ 8FFE297B8449386E7B6851458B6E474E, E149B37E11091D69D926242517E5655596594A6F01FEF06EB65D6BA5B354E326 ] C:\Windows\System32\logoncli.dll
13:30:27.0777 0x0a38  C:\Windows\System32\logoncli.dll - ok
13:30:27.0793 0x0a38  [ 31FFED18C7B836CEC1B559347E32E151, 80BA8E74EC60BF50240D95FC526485FD6A18F2316A4C4E2804C451164676EDEE ] C:\Windows\System32\schannel.dll
13:30:27.0793 0x0a38  C:\Windows\System32\schannel.dll - ok
13:30:27.0793 0x0a38  [ 95FB6CA4374E343DDD653FCC43F9D26B, 911A240F9C1DD155C2B1CD85FE4A8044EB2816AF166CD8CB66EEB905CA352881 ] C:\Windows\System32\wdigest.dll
13:30:27.0793 0x0a38  C:\Windows\System32\wdigest.dll - ok
13:30:27.0808 0x0a38  [ 5D8874A8C11DDDDE29E12DE0E2013493, 3E9A57137BF622AF83E3E4D58971E2C0200559CCA7545D16CF263AA03EE9C7D2 ] C:\Windows\System32\rsaenh.dll
13:30:27.0808 0x0a38  C:\Windows\System32\rsaenh.dll - ok
13:30:27.0808 0x0a38  [ 8A25506B6948EFBD5A7F37E53CCD36D9, 2A20562ED33ABD1D15C7BE9F4F1E623E3604BCC0F7214D067CD8C3D16B9EC6A7 ] C:\Windows\System32\TSpkg.dll
13:30:27.0808 0x0a38  C:\Windows\System32\TSpkg.dll - ok
13:30:27.0824 0x0a38  [ E08088A97F95345E181C3DFCE2C615EF, DEF3B087DF5E10E4F8418029DB6E82546E62FEFA39694B7BD6A48CE8AAFD1B96 ] C:\Windows\System32\pku2u.dll
13:30:27.0824 0x0a38  C:\Windows\System32\pku2u.dll - ok
13:30:27.0824 0x0a38  [ 7DBA64AD70C2E2481C68D9E0F7CD7840, 52EE57E9A8D3C28336BB8E7536ECE77A9FB4BAF93B9651F9A897F79F873D66BE ] C:\Windows\System32\LIVESSP.DLL
13:30:27.0824 0x0a38  C:\Windows\System32\LIVESSP.DLL - ok
13:30:27.0839 0x0a38  [ D6C7780A364C6BBACFA796BAB9F1B374, 3B5ED1A030BFD0BB73D4FFCD67A6A0B8501EF70293F223EFAA12F430ADF270F9 ] C:\Windows\System32\bcryptprimitives.dll
13:30:27.0839 0x0a38  C:\Windows\System32\bcryptprimitives.dll - ok
13:30:27.0839 0x0a38  [ 90BDEFC5DF334E5100EAA781D798DE1A, F48B650D811B6D57D2252E326C0C9CC74534BE9D510E7D3403F91D1C5C36281E ] C:\Windows\System32\efslsaext.dll
13:30:27.0839 0x0a38  C:\Windows\System32\efslsaext.dll - ok
13:30:27.0855 0x0a38  [ 52D3D5E3586988D4D9E34ACAAC33105C, C61B60BA962B25B8334F0941C3535EA4ACA1CC060B8A196E396CA3E11CEEF8A1 ] C:\Windows\System32\credssp.dll
13:30:27.0855 0x0a38  C:\Windows\System32\credssp.dll - ok
13:30:27.0855 0x0a38  [ 7CC7DF5B654DA579613F811D8C637E29, 70EAC059C1ED814810C75DBB9F4D188428CB942FFD8869D692158D384EB6BB35 ] C:\Windows\System32\ubpm.dll
13:30:27.0855 0x0a38  C:\Windows\System32\ubpm.dll - ok
13:30:27.0871 0x0a38  [ ED78427259134C63ED69804D2132B86C, F6F51B8B35881ABCA5580ED111AAC80E466E6474ABAE31EC8BE46C23EDCA77B2 ] C:\Windows\System32\scecli.dll
13:30:27.0871 0x0a38  C:\Windows\System32\scecli.dll - ok
13:30:27.0871 0x0a38  [ C78655BC80301D76ED4FEF1C1EA40A7D, 93B2ED4004ED5F7F3039DD7ECBD22C7E4E24B6373B4D9EF8D6E45A179B13A5E8 ] C:\Windows\System32\svchost.exe
13:30:27.0871 0x0a38  C:\Windows\System32\svchost.exe - ok
13:30:27.0886 0x0a38  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] C:\Windows\System32\umpnpmgr.dll
13:30:27.0886 0x0a38  C:\Windows\System32\umpnpmgr.dll - ok
13:30:27.0886 0x0a38  [ CD1B5AD07E5F7FEF30E055DCC9E96180, 63C58551F32B0B09377F64A6AE1FA81AF93B8A707A57A8C18722086906AD3046 ] C:\Windows\System32\devrtl.dll
13:30:27.0886 0x0a38  C:\Windows\System32\devrtl.dll - ok
13:30:27.0886 0x0a38  [ E6EB44ABAAF1F330119F854856C53EBE, 77279972FFBFA984578DD4F17EB615F5D2D93590AF3A9FEFEFDB9128206C9887 ] C:\Windows\System32\SPInf.dll
13:30:27.0886 0x0a38  C:\Windows\System32\SPInf.dll - ok
13:30:27.0902 0x0a38  [ 7A17485DC7D8A7AC81321A42CD034519, 88D8705FA901793FC8C1CFD0175E49A6502BF0FC94A066BA573D2FD13AA5F04A ] C:\Windows\System32\userenv.dll
13:30:27.0902 0x0a38  C:\Windows\System32\userenv.dll - ok
13:30:27.0917 0x0a38  [ 9C9307C95671AC962F3D6EB3A4A89BAE, D1433791C9B8BCEEAD8937EC18D33E89E4E2012B5975228A8500FD141BC30078 ] C:\Windows\System32\gpapi.dll
13:30:27.0917 0x0a38  C:\Windows\System32\gpapi.dll - ok
13:30:27.0917 0x0a38  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] C:\Windows\System32\umpo.dll
13:30:27.0917 0x0a38  C:\Windows\System32\umpo.dll - ok
13:30:27.0933 0x0a38  [ F6C011B46FAEEF33536B2E80F48B5CBE, BDD149D3D6F9F6C8F6F34C311219BE5618CEEFBC7D35E37473A47F1D5D015067 ] C:\Windows\System32\pcwum.dll
13:30:27.0933 0x0a38  C:\Windows\System32\pcwum.dll - ok
13:30:27.0933 0x0a38  [ 716175021BDA290504CE434273F666BC, FA18CA2D8A5F4335E051E2933147D3C1E7308F7D446E2AEB6596CDEF6E2AFC88 ] C:\Windows\System32\powrprof.dll
13:30:27.0933 0x0a38  C:\Windows\System32\powrprof.dll - ok
13:30:27.0949 0x0a38  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] C:\Windows\System32\drivers\luafv.sys
13:30:27.0949 0x0a38  C:\Windows\System32\drivers\luafv.sys - ok
13:30:27.0949 0x0a38  [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] C:\Windows\System32\drivers\mbam.sys
13:30:27.0949 0x0a38  C:\Windows\System32\drivers\mbam.sys - ok
13:30:27.0949 0x0a38  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] C:\Windows\System32\rpcss.dll
13:30:27.0949 0x0a38  C:\Windows\System32\rpcss.dll - ok
13:30:27.0964 0x0a38  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] C:\Windows\System32\RpcEpMap.dll
13:30:27.0964 0x0a38  C:\Windows\System32\RpcEpMap.dll - ok
13:30:27.0964 0x0a38  [ 16E964ABF6D1E0F0CC7822FCA9BA754D, 0E461387ACFD641DA22EE542A3C68AF5F7D3A7F967D974E3B198143D461ABE39 ] C:\Windows\System32\wshqos.dll
13:30:27.0964 0x0a38  C:\Windows\System32\wshqos.dll - ok
13:30:27.0980 0x0a38  [ 31559F3244C6BC00A52030CAA83B6B91, B2025742B5F0025ACE9821D5722DE3F997EEEAB21D2F381C9E307882DF422579 ] C:\Windows\System32\WSHTCPIP.DLL
13:30:27.0980 0x0a38  C:\Windows\System32\WSHTCPIP.DLL - ok
13:30:27.0980 0x0a38  [ 9AD9E06F8656F296D91FAE8EE5B95A27, 53384747D5864D699BCC4F48E0A5E656430EDAA65DCDAB4B11EA68FC7106459E ] C:\Windows\System32\FirewallAPI.dll
13:30:27.0980 0x0a38  C:\Windows\System32\FirewallAPI.dll - ok
13:30:27.0995 0x0a38  [ 7675E15D1B2180745E4DA4D26AAD7385, 729AA6C610F67028CFFFF64B772FFA1CAE7581D37F8909BDA423D52AF85C92C8 ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
13:30:27.0995 0x0a38  C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
13:30:27.0995 0x0a38  [ 94E026870A55AAEAFF7853C1754091E9, B2F5D5629D12BDFA98DBED3898368F37D9009C7531B6909C7285A2C11C9A0F93 ] C:\Windows\System32\version.dll
13:30:27.0995 0x0a38  C:\Windows\System32\version.dll - ok
13:30:28.0011 0x0a38  [ 8077537B1600AF493E7EE1A7A5C90799, 67A03A1AF801C8C7FB48EA19DB5FA64A030F7691596BABCB9DCC64AF371B2526 ] C:\Program Files\Microsoft Security Client\MpSvc.dll
13:30:28.0011 0x0a38  C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
13:30:28.0011 0x0a38  [ 715F03B4C7223349768013EA95D9E5B7, 09AB0535A54C2E2962F0FD06988D99060F8CECA39B07AC00A63204C773B95893 ] C:\Windows\System32\LogonUI.exe
13:30:28.0011 0x0a38  C:\Windows\System32\LogonUI.exe - ok
13:30:28.0027 0x0a38  [ BD3674BE7FC9D8D3732C83E8499576ED, E6716A5895D629263A4D21959F48840429AB6F4B55A5FA2663EE5E86C9CA2BF1 ] C:\Windows\System32\wtsapi32.dll
13:30:28.0027 0x0a38  C:\Windows\System32\wtsapi32.dll - ok
13:30:28.0027 0x0a38  [ 8DFA1541F3386CD02A148B88A2EFCE44, 0065771D64AE99C24B936451CF06D9529D72F17117FF72B17E9FF5480FD2A7EA ] C:\Windows\System32\authuitu.dll
13:30:28.0027 0x0a38  C:\Windows\System32\authuitu.dll - ok
13:30:28.0042 0x0a38  [ 1C3588802EE33660E620A046A505A337, EDE374A8328C56AC9A5B6468323927A534286B3ECE898230C44535B14DEEFE76 ] C:\Program Files\Microsoft Security Client\MpClient.dll
13:30:28.0042 0x0a38  C:\Program Files\Microsoft Security Client\MpClient.dll - ok
13:30:28.0042 0x0a38  [ A7A8CA53D9C9FD90C07AB0EB38E5316B, B98722E76601A98F038F40703C4B8BD21B5EC3B65DC1B07B7C367C06448F8A0E ] C:\Windows\System32\dbghelp.dll
13:30:28.0042 0x0a38  C:\Windows\System32\dbghelp.dll - ok
13:30:28.0058 0x0a38  [ 34152997FB906895290E0199AC94B85F, 6AEEB989FA6E4354F96F70D0169CC6CAAA56EEE3056F1CD20F5FE846EAC058C1 ] C:\Windows\System32\authui.dll
13:30:28.0058 0x0a38  C:\Windows\System32\authui.dll - ok
13:30:28.0058 0x0a38  [ 1F4492FE41767CDB8B89D17655847CDD, 184547FAC0C3D7148FAA3F601929A7089DE393BD19929A137DAD743331DD3F77 ] C:\Windows\System32\ntmarta.dll
13:30:28.0058 0x0a38  C:\Windows\System32\ntmarta.dll - ok
13:30:28.0073 0x0a38  [ B3BFBD758506ECB50C5804AAA76318F9, 34E079A6AB2D41D1E0B3887B6AE31C43941061B7176FFF2801C3F465C2C89578 ] C:\Windows\System32\cryptui.dll
13:30:28.0073 0x0a38  C:\Windows\System32\cryptui.dll - ok
13:30:28.0073 0x0a38  [ 7FA8FDC2C2A27817FD0F624E78D3B50C, 7B63F6AA2CD6D4D07EA3C595B868B1A0749BB11620027A2BD9B935E3055481E4 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
13:30:28.0073 0x0a38  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
13:30:28.0089 0x0a38  [ D68424A84A531FFA39FD8574AFBA9EE4, AE782C50AFA2E11C91E4B94AB82ED47B2F41828B4EC1F11E7E59793A9B846960 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
13:30:28.0089 0x0a38  C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
13:30:28.0089 0x0a38  [ 4E9C2DB10F7E6AE91BF761139D4B745B, 8F63F78294F5585D599A114AF449DCC447CCB239D0F0B490BFE6B34A2146E730 ] C:\Windows\System32\shacct.dll
13:30:28.0089 0x0a38  C:\Windows\System32\shacct.dll - ok
13:30:28.0105 0x0a38  [ 5B3EBFC3DA142324B388DDCC4465E1FF, 5D58642305311F9BC9B779C9598BFC4E7433B3EA58404BF1FF9466838A2328C7 ] C:\Windows\System32\samlib.dll
13:30:28.0105 0x0a38  C:\Windows\System32\samlib.dll - ok
13:30:28.0105 0x0a38  [ 6011714C8C5C55CBFFAD24D61E879FBD, 75D615082A1C71C6ED3ABB49EDAF660EE538D112CF79B9C8AF0A583D1CE1BBB0 ] C:\Windows\System32\wevtsvc.dll
13:30:28.0105 0x0a38  C:\Windows\System32\wevtsvc.dll - ok
13:30:28.0120 0x0a38  [ F06BB4E336EA57511FDBAFAFCC47DE62, BE43EC62548E9FF89A9495A1722E22DBB76EEC3764F86E64057B636F27D15765 ] C:\Windows\System32\propsys.dll
13:30:28.0120 0x0a38  C:\Windows\System32\propsys.dll - ok
13:30:28.0120 0x0a38  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] C:\Windows\System32\wlansvc.dll
13:30:28.0120 0x0a38  C:\Windows\System32\wlansvc.dll - ok
13:30:28.0136 0x0a38  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] C:\Windows\System32\audiosrv.dll
13:30:28.0136 0x0a38  C:\Windows\System32\audiosrv.dll - ok
13:30:28.0136 0x0a38  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] C:\Windows\System32\mmcss.dll
13:30:28.0136 0x0a38  C:\Windows\System32\mmcss.dll - ok
13:30:28.0151 0x0a38  [ 78A1E65207484B7F8D3217507745F47C, 35F413ADB9D157F3666DD15DD58104D629CD9143198A1AB914B73A4A3C9903DD ] C:\Windows\System32\avrt.dll
13:30:28.0151 0x0a38  C:\Windows\System32\avrt.dll - ok
13:30:28.0151 0x0a38  [ D29E998E8277666982B4F0303BF4E7AF, 4F19AB5DC173E278EBE45832F6CEAA40E2DF6A2EDDC81B2828122442FE5D376C ] C:\Windows\System32\uxtheme.dll
13:30:28.0151 0x0a38  C:\Windows\System32\uxtheme.dll - ok
13:30:28.0167 0x0a38  [ 5697FB5DCF36ADA09C153378E88AE6AD, 5D9ABCA3CA4D2355CD7FA243633ADB11003B2E8478E7B2216ADBF84401107AFA ] C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\stacsv64.exe
13:30:28.0167 0x0a38  C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\stacsv64.exe - ok
13:30:28.0167 0x0a38  [ 227E2C382A1E02F8D4965E664D3BBE43, 1CFF20A8BF87ACE4FA4935EBEED72BFB1A1FE902A754899E2F50798D67DF5642 ] C:\Windows\System32\MMDevAPI.dll
13:30:28.0167 0x0a38  C:\Windows\System32\MMDevAPI.dll - ok
13:30:28.0183 0x0a38  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] C:\Windows\System32\MPSSVC.dll
13:30:28.0183 0x0a38  C:\Windows\System32\MPSSVC.dll - ok
13:30:28.0183 0x0a38  [ 9110FFAD124283F37D38771BB60556AF, BB495FDF86B7C3DD7878C496090A624CE8FE68F61166C91A4C99EF1140F0AD23 ] C:\Windows\System32\dsound.dll
13:30:28.0183 0x0a38  C:\Windows\System32\dsound.dll - ok
13:30:28.0198 0x0a38  [ 18CAAF21CBA3EAEE17BBA5D3807F29B8, 59C4FE015CCBE922F7AB3838D7F34CACC08DD437B2BAD62926BF4A9C416F7C19 ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_2b25b14c71ebf230\GdiPlus.dll
13:30:28.0198 0x0a38  C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_2b25b14c71ebf230\GdiPlus.dll - ok
13:30:28.0198 0x0a38  [ EF2AE43BCD46ABB13FC3E5B2B1935C73, 81FC06F306F620845D7DD8D06E706309E70BC89B589C81F3478302A3F5F73431 ] C:\Windows\System32\winmm.dll
13:30:28.0198 0x0a38  C:\Windows\System32\winmm.dll - ok
13:30:28.0214 0x0a38  [ 588CD0C78A7FAAE4186B5EEA0AF3ED67, E957E4463D318A44BA5109EE3428624DE901C5FF2BA358986DF6C6F059DDBCC2 ] C:\Windows\System32\adtschema.dll
13:30:28.0214 0x0a38  C:\Windows\System32\adtschema.dll - ok
13:30:28.0214 0x0a38  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] C:\Windows\System32\drivers\fltMgr.sys
13:30:28.0214 0x0a38  C:\Windows\System32\drivers\fltMgr.sys - ok
13:30:28.0229 0x0a38  [ 47232CB3941B68B0E70FB053C42CBCE0, D89CC4BDFCA668F8E8D1CA89AF20C4B7B46B272B9FD76496B19A1BA20EE6935B ] C:\Windows\System32\stapi64.dll
13:30:28.0229 0x0a38  C:\Windows\System32\stapi64.dll - ok
13:30:28.0229 0x0a38  [ D5CCA1453B98A5801E6D5FF0FF89DC6C, 85F2C2480AAC31B6092187B431A562D79D4CFB1324F925C85055ABAB2483264B ] C:\Windows\System32\audiodg.exe
13:30:28.0229 0x0a38  C:\Windows\System32\audiodg.exe - ok
13:30:28.0245 0x0a38  [ A3DB3C17EE6CAE65D53602B4E80BCCBC, D802A7C6161F937DC42A6E45FE1BB2C8272819F92C294C180EBCDF8FF72CBFDC ] C:\Windows\System32\PSHED.DLL
13:30:28.0245 0x0a38  C:\Windows\System32\PSHED.DLL - ok
13:30:28.0245 0x0a38  [ DC220AE6F64819099F7EBD6F137E32E7, B8FE13B859FA83500DD95637FA6D4A5B8392C2A363E41D014D3B5374F636E1DE ] C:\Windows\System32\AudioSes.dll
13:30:28.0245 0x0a38  C:\Windows\System32\AudioSes.dll - ok
13:30:28.0261 0x0a38  [ 50544D04AD845C43130B70212EC05CCD, B2E6B558DE7D273512226685FF53ED17C9B4BF81B739FBCA5D3FC82DF8D2BCF7 ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
13:30:28.0261 0x0a38  C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
13:30:28.0261 0x0a38  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] C:\Windows\System32\gpsvc.dll
13:30:28.0261 0x0a38  C:\Windows\System32\gpsvc.dll - ok
13:30:28.0276 0x0a38  [ 3CB6A7286422C72C34DAB54A5DFF1A34, 98D21EFFF511E407336A226420701E82554DA01FA05661303836B6860D63749D ] C:\Windows\System32\dui70.dll
13:30:28.0276 0x0a38  C:\Windows\System32\dui70.dll - ok
13:30:28.0276 0x0a38  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] C:\Windows\System32\profsvc.dll
13:30:28.0276 0x0a38  C:\Windows\System32\profsvc.dll - ok
13:30:28.0292 0x0a38  [ 4E0BDA8060201CA9AB68545E68C1E029, 8C5A1CFF28A40C863723D29B8C5D07C652C3409613A621047825F5370F4E14AC ] C:\Program Files\Microsoft Security Client\MpRTP.dll
13:30:28.0292 0x0a38  C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
13:30:28.0292 0x0a38  [ 8CCDE014A4CDF84564E03ACE064CA753, DD663029B2EB7B12FDB00FCE403D8326141E540E3B9CE84CD5871473D3E2E2CF ] C:\Windows\System32\duser.dll
13:30:28.0292 0x0a38  C:\Windows\System32\duser.dll - ok
13:30:28.0307 0x0a38  [ 58775492FFD419248B08325E583C527F, DBB013971F5894F25C222C2D4D50A29DB6DF3C413792EE9CCC1A9E6D85469093 ] C:\Windows\System32\atl.dll
13:30:28.0307 0x0a38  C:\Windows\System32\atl.dll - ok
13:30:28.0307 0x0a38  [ B0945E538CF906BBDDC5A11C8EE868CC, 5F3459F6512918835F7C9400905EC7C1FAEAA7114E0D28C522040C359E3B93F7 ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
13:30:28.0307 0x0a38  C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
13:30:28.0323 0x0a38  [ F3D202F53A222D5F6944D459B73CF967, E9F1D48EB333D32331BCFD0348FE07BEE7D5352292E6020571DA395F596AFFE7 ] C:\Windows\System32\fltLib.dll
13:30:28.0323 0x0a38  C:\Windows\System32\fltLib.dll - ok
13:30:28.0323 0x0a38  [ 46BB91A169B9B31FF44EB04C48EC1D41, 8115B533D3A5BE07633FA54FA8847E3DEC00C5BEB193CF2FBE88428D23E2B3D6 ] C:\Windows\System32\nlaapi.dll
13:30:28.0323 0x0a38  C:\Windows\System32\nlaapi.dll - ok
13:30:28.0339 0x0a38  [ E17D455BD1FC7E99994E5C19B1BC3A64, A21610971EABE8C24AFABE9518C44A5EF71CEE206FB59062B5CE0A70A1F8FFAC ] C:\Program Files\Microsoft Security Client\MsMpLics.dll
13:30:28.0339 0x0a38  C:\Program Files\Microsoft Security Client\MsMpLics.dll - ok
13:30:28.0339 0x0a38  [ A77BE7CB3222B4FB0AC6C71D1C2698D4, 73566223914BF670DF6B5931FA213E546713531B10391ED65B5256BBD7ABDE7F ] C:\Windows\System32\dsrole.dll
13:30:28.0339 0x0a38  C:\Windows\System32\dsrole.dll - ok
13:30:28.0354 0x0a38  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] C:\Windows\System32\themeservice.dll
13:30:28.0354 0x0a38  C:\Windows\System32\themeservice.dll - ok
13:30:28.0354 0x0a38  [ D7F1EF374A90709B31591823B002F918, 05FD2837C9B03D14BB2A969C1AD77CAEF047D93DC5D0F6C2ACBF0888E8F7B359 ] C:\Windows\System32\SndVolSSO.dll
13:30:28.0354 0x0a38  C:\Windows\System32\SndVolSSO.dll - ok
13:30:28.0370 0x0a38  [ C6B88D62F20AC646C6BD5C032EC2FAF9, 111A07939F3C5A46F0C51B9D6F5C1D8478099E32EFD88BC260467109ADD975F8 ] C:\Windows\System32\drivers\MpFilter.sys
13:30:28.0370 0x0a38  C:\Windows\System32\drivers\MpFilter.sys - ok
13:30:28.0370 0x0a38  [ BE097F5BB10F9079FCEB2DC4E7E20F02, 90A88986C8C5F30FB153EC803FEDA6572B2C2630A6C9578FCC017800692694D5 ] C:\Windows\System32\slc.dll
13:30:28.0370 0x0a38  C:\Windows\System32\slc.dll - ok
13:30:28.0385 0x0a38  [ A3786D1D86945AB951848607C7324DF4, D69E7FACF563A2BFDCC9F8242D28028F19DAFCC684DA3FBB671851B67925EA70 ] C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll
13:30:28.0385 0x0a38  C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll - ok
13:30:28.0385 0x0a38  [ 896F15A6434D93EDB42519D5E18E6B50, 9263F0CEC58D45EBE3FB9C3061FB9392C55A7933B84B4592E6EE13CFC86D5A50 ] C:\Windows\System32\hid.dll
13:30:28.0385 0x0a38  C:\Windows\System32\hid.dll - ok
13:30:28.0401 0x0a38  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] C:\Windows\System32\es.dll
13:30:28.0401 0x0a38  C:\Windows\System32\es.dll - ok
13:30:28.0401 0x0a38  [ DA1B7075260F3872585BFCDD668C648B, 3E10EF6E1A5C341B478322CB78A0AB7BFC70AD8023779B8B4542A7CB4CA756AB ] C:\Windows\System32\dwmapi.dll
13:30:28.0401 0x0a38  C:\Windows\System32\dwmapi.dll - ok
13:30:28.0417 0x0a38  [ 15A1BDD1446F4A10D357019106799306, 8FA6F0E2F44557963279D7E524F42337EDE3C53ACFB2AF786661B50B97771E32 ] C:\Windows\System32\uxtuneup.dll
13:30:28.0417 0x0a38  C:\Windows\System32\uxtuneup.dll - ok
13:30:28.0417 0x0a38  [ 1A47D52E303B7543E4E6026595B95422, C577CD3837546A7CED5D2E8E97FA2EDACA133B4A8595770EF96CAE519BFE280F ] C:\Windows\System32\comres.dll
13:30:28.0417 0x0a38  C:\Windows\System32\comres.dll - ok
13:30:28.0432 0x0a38  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] C:\Windows\System32\Sens.dll
13:30:28.0432 0x0a38  C:\Windows\System32\Sens.dll - ok
13:30:28.0432 0x0a38  [ 6F8B48F3D343E4B186AB6A9E302B7E16, 54DB52FC56509E61DF68BD251B3286E6CBE1A91D9BC4D950940A61FE2DA04DF8 ] C:\Windows\System32\xmllite.dll
13:30:28.0432 0x0a38  C:\Windows\System32\xmllite.dll - ok
13:30:28.0448 0x0a38  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] C:\Windows\System32\drivers\lltdio.sys
13:30:28.0448 0x0a38  C:\Windows\System32\drivers\lltdio.sys - ok
13:30:28.0448 0x0a38  [ 3D7BB6DD7A87B3E36E44CA94444247A8, 8EC25387910A85624A76C0312A7A8C2A4624E9B7A546FD071F70FE3C2F7F7333 ] C:\Windows\System32\WindowsCodecs.dll
13:30:28.0448 0x0a38  C:\Windows\System32\WindowsCodecs.dll - ok
13:30:28.0463 0x0a38  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] C:\Windows\System32\drivers\nwifi.sys
13:30:28.0463 0x0a38  C:\Windows\System32\drivers\nwifi.sys - ok
13:30:28.0463 0x0a38  [ F30A16105C6C685390074EE69BC175B0, 71C9DA63B4C60488A6AE2D4CB6055736705EEEEB079CEF4351EAE9B9FA8BCA91 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2EBCADD8-8635-49BB-A3D1-B3309D9A0718}\mpengine.dll
13:30:28.0463 0x0a38  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2EBCADD8-8635-49BB-A3D1-B3309D9A0718}\mpengine.dll - ok
13:30:28.0479 0x0a38  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] C:\Windows\System32\drivers\ndisuio.sys
13:30:28.0479 0x0a38  C:\Windows\System32\drivers\ndisuio.sys - ok
13:30:28.0479 0x0a38  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] C:\Windows\System32\drivers\rspndr.sys
13:30:28.0479 0x0a38  C:\Windows\System32\drivers\rspndr.sys - ok
13:30:28.0495 0x0a38  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] C:\Windows\System32\lmhsvc.dll
13:30:28.0495 0x0a38  C:\Windows\System32\lmhsvc.dll - ok
13:30:28.0495 0x0a38  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] C:\Windows\System32\nsisvc.dll
13:30:28.0495 0x0a38  C:\Windows\System32\nsisvc.dll - ok
13:30:28.0510 0x0a38  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] C:\Windows\System32\dnsrslvr.dll
13:30:28.0510 0x0a38  C:\Windows\System32\dnsrslvr.dll - ok
13:30:28.0510 0x0a38  [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D, 19959D18601712901F03B83150D15E34EBCAB355BB4692C9A28511A72F57FC66 ] C:\Windows\System32\winbrand.dll
13:30:28.0510 0x0a38  C:\Windows\System32\winbrand.dll - ok
13:30:28.0510 0x0a38  [ 4C9210E8F4E052F6A4EB87716DA0C24C, 460F7990BDADB7D58D6DC95B094D30A2EFDC4CEED444B18A2F36E8D9076FB8B9 ] C:\Windows\System32\winnsi.dll
13:30:28.0526 0x0a38  C:\Windows\System32\winnsi.dll - ok
13:30:28.0526 0x0a38  [ F9EC845C5EECF20E9A67F9F805F2EF1F, C3DBA8CF93DBF50954B1BF6D7EF3F6F5DD1A56DC62B7EB2749C54D9B65D9BB43 ] C:\Windows\System32\keyiso.dll
13:30:28.0526 0x0a38  C:\Windows\System32\keyiso.dll - ok
13:30:28.0541 0x0a38  [ D07EB640618F96490DB88C3CE58DB608, 0C553971259632031E6856A94EEB937D571627FC7CF061CCFC040F4BF0CFF259 ] C:\Windows\System32\FWPUCLNT.DLL
13:30:28.0541 0x0a38  C:\Windows\System32\FWPUCLNT.DLL - ok
13:30:28.0541 0x0a38  [ 2B81776DA02017A37FE26C662827470E, A656353C50EE08422145D00DB9CFD9F6D3E664753B3C454B171E2A56A8AA94DC ] C:\Windows\System32\IPHLPAPI.DLL
13:30:28.0541 0x0a38  C:\Windows\System32\IPHLPAPI.DLL - ok
13:30:28.0541 0x0a38  [ C2762A57DF0EE85E63CE4893C5215313, DDE22212D78353633CEDE27D7210469DE674563991105563CF64CCCE2D0743BD ] C:\Windows\System32\VaultCredProvider.dll
13:30:28.0541 0x0a38  C:\Windows\System32\VaultCredProvider.dll - ok
13:30:28.0557 0x0a38  [ 8563BA40DF4F1E93A61B70E2C8B60CF8, E5CAA520CBE61FAF3EAA784A51ED30E0CB2FD78EFD8AE1D5C6B0FE43A1009F39 ] C:\Windows\System32\SmartcardCredentialProvider.dll
13:30:28.0557 0x0a38  C:\Windows\System32\SmartcardCredentialProvider.dll - ok
13:30:28.0573 0x0a38  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] C:\Windows\System32\eapsvc.dll
13:30:28.0573 0x0a38  C:\Windows\System32\eapsvc.dll - ok
13:30:28.0573 0x0a38  [ 885D0942E0F28DB90919BE3129ECF279, 5A10D90EE656ECE3DCA174D6F924641509819FC20CB6EF46B5E1723E52DE85BE ] C:\Windows\System32\dnsext.dll
13:30:28.0573 0x0a38  C:\Windows\System32\dnsext.dll - ok
13:30:28.0573 0x0a38  [ B73A6E4B319AFFE64582AC5C1801BB3F, 274EEA0743DC659180E691654CBB17136E9E9D83B07E302B47EA5B103EA57710 ] C:\Windows\System32\nrpsrv.dll
13:30:28.0573 0x0a38  C:\Windows\System32\nrpsrv.dll - ok
13:30:28.0588 0x0a38  [ BF352E73615F5461AA6884472435A544, 4B059E79325C5F08CD6FBBE6352E17ADB64B9608CC9EDB36A2DF4D148060C309 ] C:\Windows\System32\BioCredProv.dll
13:30:28.0588 0x0a38  C:\Windows\System32\BioCredProv.dll - ok
13:30:28.0588 0x0a38  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] C:\Windows\System32\dhcpcore.dll
13:30:28.0588 0x0a38  C:\Windows\System32\dhcpcore.dll - ok
13:30:28.0604 0x0a38  [ F568F7C08458D69E4FCD8675BBB107E4, A5FA25ECF248999A68CCECFBB508BFA1ADD18A23E20A9A9081A87C41CAAA36C0 ] C:\Windows\System32\dhcpcsvc.dll
13:30:28.0604 0x0a38  C:\Windows\System32\dhcpcsvc.dll - ok
13:30:28.0604 0x0a38  [ 87356377F31DA5F20A833811CD59499C, 4FEC1FD3AC4E4E34DCBC0109B248952604F438C84B1604EB9E2359FA721E23C4 ] C:\Windows\System32\eapphost.dll
13:30:28.0604 0x0a38  C:\Windows\System32\eapphost.dll - ok
13:30:28.0619 0x0a38  [ 796B8123A7859AFD3A4AE10514DBAEB5, E76F69FAFEC3D66263ED95F3FA9EE309BDDACB287E30583A147DC97F6EEB8844 ] C:\Windows\System32\winbio.dll
13:30:28.0619 0x0a38  C:\Windows\System32\winbio.dll - ok
13:30:28.0619 0x0a38  [ 3C06D5A929B798D0B13F6481242A0FD2, CE6127A31AB09E21A912CA16E4BDF663E9D05C254CCF9090A8B5A9A2E055EFF3 ] C:\Windows\System32\dhcpcsvc6.dll
13:30:28.0619 0x0a38  C:\Windows\System32\dhcpcsvc6.dll - ok
13:30:28.0635 0x0a38  [ 4403D5ECE7D8323CAF1207D1AA38FA01, BD0B34DCF658D3CB91C1B55E9E730C5F7C571AFC2BFA09270C377B72B6830D48 ] C:\Windows\System32\credui.dll
13:30:28.0635 0x0a38  C:\Windows\System32\credui.dll - ok
13:30:28.0635 0x0a38  [ 3CC16A849E6092E43909F48EF0E60306, 610B576654A69415E4F2FEDB6BA384C77715944E4F89BD2821B311968CA8D810 ] C:\Windows\System32\dhcpcore6.dll
13:30:28.0635 0x0a38  C:\Windows\System32\dhcpcore6.dll - ok
13:30:28.0651 0x0a38  [ 44B9C66177651F3F53C87B665D58D17A, 3FC426115FF87570889DB28D71970B82B525D2A4B9A00EDD273BF083B77A05CE ] C:\Windows\System32\vaultcli.dll
13:30:28.0651 0x0a38  C:\Windows\System32\vaultcli.dll - ok
13:30:28.0651 0x0a38  [ EEEA40F0EDB0A6E5359E539E15D0BC77, BFCBF777239C29C6AC4BC5B59591308571647B7C7FDB5571903F7403DD241E8E ] C:\Windows\System32\netapi32.dll
13:30:28.0651 0x0a38  C:\Windows\System32\netapi32.dll - ok
13:30:28.0666 0x0a38  [ 6CECA4C6A489C9B2E6073AFDAAE3F607, 127506D1DB38275614CBEB047C133718EF9D03266BA9C98BE55EC7847CFC9C3D ] C:\Windows\System32\netutils.dll
13:30:28.0666 0x0a38  C:\Windows\System32\netutils.dll - ok
13:30:28.0666 0x0a38  [ 3C91392D448F6E5D525A85B7550D8BA9, 6FD0DC73DBE7519E2C643554C2A7F8FBE4F9A678C4241BB54B3C6E65D2ABCF3A ] C:\Windows\System32\wkscli.dll
13:30:28.0666 0x0a38  C:\Windows\System32\wkscli.dll - ok
13:30:28.0682 0x0a38  [ A648C4A06DE367065B24056D067B4460, 2412487D65A833DDD9AB17D039515CC08DA22D006259EC4B03E42475FAFFD2AD ] C:\Windows\System32\wlanmsm.dll
13:30:28.0682 0x0a38  C:\Windows\System32\wlanmsm.dll - ok
13:30:28.0682 0x0a38  [ 9FCA3A84338ADEF2AFF67CDA46EF8539, 087DF72096852AE98C56990EE6E68835BE95E7E49ECDDE8B54DAC11C9E07FE94 ] C:\Windows\System32\umb.dll
13:30:28.0682 0x0a38  C:\Windows\System32\umb.dll - ok
13:30:28.0697 0x0a38  [ FC51229C7D4AFA0D6F186133728B95AB, 37E58C8E1C8437D1981725A5DCDACA7316CEFBB570370CEFC8D122F523B96AC0 ] C:\Windows\System32\samcli.dll
13:30:28.0697 0x0a38  C:\Windows\System32\samcli.dll - ok
13:30:28.0697 0x0a38  [ 06A1386B6E3A0CBC368665C1840906F4, C10BCA5092A0B3F9435CE4D65C7449528C89F5C5243B410878D2EBF516DA2FB2 ] C:\Windows\System32\wlansec.dll
13:30:28.0697 0x0a38  C:\Windows\System32\wlansec.dll - ok
13:30:28.0713 0x0a38  [ 972C3301DB3DA91AE06A95F6B4160B1B, 678B533A06C306295FE97DC26CE9BAFFC8EAF1FB7405ACB040719099717744D5 ] C:\Windows\System32\certCredProvider.dll
13:30:28.0713 0x0a38  C:\Windows\System32\certCredProvider.dll - ok
13:30:28.0729 0x0a38  [ 032229246107C5C7211E6D1498B52D3D, 8B492A0621BA88EBF3ABFC072C9023B2162C59AA6E9C61DA6D4762DB6C6C7B4A ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
13:30:28.0729 0x0a38  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
13:30:28.0729 0x0a38  [ 73FCB7919DEE80EE556F2E498594EBAE, D0F7A0AD3BC33263E9C2CF9787DD326436F9E0C9F5031D769F8A43C64C08A762 ] C:\Windows\System32\onex.dll
13:30:28.0729 0x0a38  C:\Windows\System32\onex.dll - ok
13:30:28.0729 0x0a38  [ 87FA0C48C3B2E9FEE518818FE26B15B5, DA4042DE9897397AEDCEFF9F69746726237305DDE64464309B6DCC45E05E42F4 ] C:\Windows\System32\rasplap.dll
13:30:28.0729 0x0a38  C:\Windows\System32\rasplap.dll - ok
13:30:28.0744 0x0a38  [ 019CD868461B646E09BDF04474C19341, 01837EFACB02E52BC6E90C90C4CB01B11D56E449A37EA4FC2695507FF85EA9FE ] C:\Windows\System32\rasapi32.dll
13:30:28.0744 0x0a38  C:\Windows\System32\rasapi32.dll - ok
13:30:28.0760 0x0a38  [ 65522E77A1360DBC8D199DA3BF5EFFE4, E9D748070FA478A3D37F15049F998D340885C0DC5FCE03BFCE5D521C9EBA7350 ] C:\Windows\System32\eappprxy.dll
13:30:28.0760 0x0a38  C:\Windows\System32\eappprxy.dll - ok
13:30:28.0760 0x0a38  [ B28DEEC597C8DEB70C744C7CF9210E3E, E777F192D822990CA6301B3FEA2AEA213FA7901438EB3328914ADF02B6C39DB9 ] C:\Windows\System32\rasman.dll
13:30:28.0760 0x0a38  C:\Windows\System32\rasman.dll - ok
13:30:28.0760 0x0a38  [ 0D753307D274F3688BD21C377B616700, 5DD08E77A11F2561FB96BA212FDDFE21D4394C69C34C3EB88F7F5CD068EE55BF ] C:\Windows\System32\eappcfg.dll
13:30:28.0760 0x0a38  C:\Windows\System32\eappcfg.dll - ok
13:30:28.0775 0x0a38  [ B53C4B69B695EDA1B7E41D35CA4244E2, 3D98E9B263CADA576E4057E059AFC867F6E3F1001F3B73C8BCF9066763A45D9D ] C:\Windows\System32\rtutils.dll
13:30:28.0775 0x0a38  C:\Windows\System32\rtutils.dll - ok
13:30:28.0775 0x0a38  [ 730BF204A595D5B6D7DC57A247CC741C, 264C6901F4A49B738BBD04BCA1783DEE892885BADE9085B0AEA40BAE7CC0A218 ] C:\Windows\System32\wlgpclnt.dll
13:30:28.0775 0x0a38  C:\Windows\System32\wlgpclnt.dll - ok
13:30:28.0791 0x0a38  [ 97E43F324BE1503CB2FFB058534688DA, 50C781DF38D0D38C9A5420AB1FFF8672DC13FD1ED8E9F5432B4BA3077A7435D5 ] C:\Windows\System32\l2gpstore.dll
13:30:28.0791 0x0a38  C:\Windows\System32\l2gpstore.dll - ok
13:30:28.0791 0x0a38  [ 7F1B4C6FF3B85F9ADF74055187B8A22C, CC95DA5662638AACBE9643DCB236464C2C2095A8D5CDC8A747045870BE9D0E7D ] C:\Windows\System32\wlanutil.dll
13:30:28.0791 0x0a38  C:\Windows\System32\wlanutil.dll - ok
13:30:28.0807 0x0a38  [ 7D5645EE0EA77D539828433D9B95F5EB, EEF81E9B2205FC456DB6095AD0AEAB38BB131D3BCD090EA6CD91D5568ACAFB7F ] C:\Windows\System32\WinSCard.dll
13:30:28.0807 0x0a38  C:\Windows\System32\WinSCard.dll - ok
13:30:28.0807 0x0a38  [ 99B91C5D2FCEF218CAD3600ECB62A799, E28F2903F86D39C5A69B5F89CCD6594E93A1BF1E4ACD613A0F2E2348DFA88D65 ] C:\Windows\System32\msxml6.dll
13:30:28.0807 0x0a38  C:\Windows\System32\msxml6.dll - ok
13:30:28.0822 0x0a38  [ 9BC8610C32C96A2983A65DC21CAFA921, 2A4195F663C9D55939E3D8FEAA208090FDB0B8801A60164A7325B53104797CBC ] C:\Windows\System32\UXInit.dll
13:30:28.0822 0x0a38  C:\Windows\System32\UXInit.dll - ok
13:30:28.0822 0x0a38  [ CF636C92B762B26F0B39B38E92380A09, F7B8B0EA4536CE3BA33EE1BD0783F6AAD8C0EF69714E874D4A30B720A04C7A18 ] C:\Windows\System32\oleacc.dll
13:30:28.0822 0x0a38  C:\Windows\System32\oleacc.dll - ok
13:30:28.0838 0x0a38  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] C:\Windows\System32\schedsvc.dll
13:30:28.0838 0x0a38  C:\Windows\System32\schedsvc.dll - ok
13:30:28.0838 0x0a38  [ 019BDD35DE269CB98B22DE8923C2AA3B, 68B216D5331B128CF1BCB3A3F82FD85B119FFDBCB796C907461CDD6248995817 ] C:\Windows\System32\UIAutomationCore.dll
13:30:28.0838 0x0a38  C:\Windows\System32\UIAutomationCore.dll - ok
13:30:28.0853 0x0a38  [ BC414631876B2F28B8DAB08E849C12C5, 5973654AA3E90E6B699B0A43F645B893D95BAA803129B6967D746C8239AB26E3 ] C:\Windows\System32\ktmw32.dll
13:30:28.0853 0x0a38  C:\Windows\System32\ktmw32.dll - ok
13:30:28.0853 0x0a38  [ 5AA945234E9D4CCE4F715276B9AA712C, 65165BD131056816F009D987FC78AC86FFE0C3C38A27E73F873586B7FF4D59CF ] C:\Windows\System32\imageres.dll
13:30:28.0853 0x0a38  C:\Windows\System32\imageres.dll - ok
13:30:28.0869 0x0a38  [ 03706015DB44368375AEBE6339490E66, 02EB28B5156E320C1EBABC03D37E94EB770A721B99E1DD276F8DC2A50D76C381 ] C:\Windows\System32\netcfgx.dll
13:30:28.0869 0x0a38  C:\Windows\System32\netcfgx.dll - ok
13:30:28.0869 0x0a38  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] C:\Windows\System32\drivers\vwifimp.sys
13:30:28.0869 0x0a38  C:\Windows\System32\drivers\vwifimp.sys - ok
13:30:28.0885 0x0a38  [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7, 4BC5A1279885EEFBEB27333AF719622A5FCDD9606697692C1978E434CE264D80 ] C:\Windows\System32\taskcomp.dll
13:30:28.0885 0x0a38  C:\Windows\System32\taskcomp.dll - ok
13:30:28.0885 0x0a38  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] C:\Windows\System32\drivers\http.sys
13:30:28.0885 0x0a38  C:\Windows\System32\drivers\http.sys - ok
13:30:28.0900 0x0a38  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] C:\Windows\System32\spoolsv.exe
13:30:28.0900 0x0a38  C:\Windows\System32\spoolsv.exe - ok
13:30:28.0900 0x0a38  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] C:\Windows\System32\BFE.DLL
13:30:28.0900 0x0a38  C:\Windows\System32\BFE.DLL - ok
13:30:28.0916 0x0a38  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] C:\Windows\System32\drivers\bowser.sys
13:30:28.0916 0x0a38  C:\Windows\System32\drivers\bowser.sys - ok
13:30:28.0916 0x0a38  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] C:\Windows\System32\drivers\mpsdrv.sys
13:30:28.0916 0x0a38  C:\Windows\System32\drivers\mpsdrv.sys - ok
13:30:28.0931 0x0a38  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] C:\Windows\System32\drivers\mrxsmb.sys
13:30:28.0931 0x0a38  C:\Windows\System32\drivers\mrxsmb.sys - ok
13:30:28.0931 0x0a38  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] C:\Windows\System32\drivers\mrxsmb10.sys
13:30:28.0931 0x0a38  C:\Windows\System32\drivers\mrxsmb10.sys - ok
13:30:28.0947 0x0a38  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] C:\Windows\System32\drivers\mrxsmb20.sys
13:30:28.0947 0x0a38  C:\Windows\System32\drivers\mrxsmb20.sys - ok
13:30:28.0947 0x0a38  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] C:\Windows\System32\wkssvc.dll
13:30:28.0947 0x0a38  C:\Windows\System32\wkssvc.dll - ok
13:30:28.0963 0x0a38  [ C67F8A962B2534224D5908D16D2AD3CE, CAC1821F5E867285638AEE7AE33CE574BCCF16277AC5AD805650B48F7759B4B4 ] C:\Windows\System32\wfapigp.dll
13:30:28.0963 0x0a38  C:\Windows\System32\wfapigp.dll - ok
13:30:28.0963 0x0a38  [ 1834B31C749B86DAC233BBBA1C03BC48, 27FCA9196842C0BB53CCAD895870A0EB10D2F8ED67E5486A4437067BD4BC4448 ] C:\Windows\System32\mscms.dll
13:30:28.0963 0x0a38  C:\Windows\System32\mscms.dll - ok
13:30:28.0978 0x0a38  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] C:\Windows\System32\pcasvc.dll
13:30:28.0978 0x0a38  C:\Windows\System32\pcasvc.dll - ok
13:30:28.0978 0x0a38  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] C:\Windows\System32\snmptrap.exe
13:30:28.0978 0x0a38  C:\Windows\System32\snmptrap.exe - ok
13:30:28.0994 0x0a38  [ 3B367397320C26DBA890B260F80D1B1B, 50BBE71B4380B5E86E197AF86F5C08266DD6B12344BA4ABDEA604B8C774C4147 ] C:\Windows\System32\hnetcfg.dll
13:30:28.0994 0x0a38  C:\Windows\System32\hnetcfg.dll - ok
13:30:28.0994 0x0a38  [ 4004299B7AF4CBFF6540F1798899A11F, 5DD3AE149B7228A769F2FE95355795AC98ACD8CDFB78954A423A357F717203C3 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
13:30:28.0994 0x0a38  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
13:30:29.0009 0x0a38  [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:30:29.0009 0x0a38  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
13:30:29.0009 0x0a38  [ A2B0924D50F4435FD389499047CE553A, 8D16D5CAAD71AAAAA1479F8477D2928B66581C79932A49A21EDF93DB2803AB9C ] C:\Windows\SysWOW64\ntdll.dll
13:30:29.0009 0x0a38  C:\Windows\SysWOW64\ntdll.dll - ok
13:30:29.0025 0x0a38  [ 009220ECDCCDB2A4423F2C8CDA2C223F, E46B676F424B3144334E1C1C8344D9D0801DA0ACE0535E3E614699699CD7CE3A ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2EBCADD8-8635-49BB-A3D1-B3309D9A0718}\mpasbase.vdm
13:30:29.0025 0x0a38  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2EBCADD8-8635-49BB-A3D1-B3309D9A0718}\mpasbase.vdm - ok
13:30:29.0025 0x0a38  [ 70833F5A59F65908698093889C34BCA2, 25777B910664827FC5C8258E4956CC936E0A1E42A9C7F2F390A83025E685D728 ] C:\Windows\System32\wow64.dll
13:30:29.0025 0x0a38  C:\Windows\System32\wow64.dll - ok
13:30:29.0041 0x0a38  [ E9A0777DCA9148157E0EF9B71D7DE353, 954A9A1BC2EF83705AFF479DAFD51C18752AEEB2DE7A7DADD1A0E5A1971868DB ] C:\Windows\System32\RdpGroupPolicyExtension.dll
13:30:29.0041 0x0a38  C:\Windows\System32\RdpGroupPolicyExtension.dll - ok
13:30:29.0041 0x0a38  [ 5674E21E82CFBEA36DDAD5DB285D6DBC, FBD2AC69D3E66E39651C5F2C88C0087EDC3CD1FD999FC2A574C97E9DDF2C1441 ] C:\Windows\System32\wow64win.dll
13:30:29.0041 0x0a38  C:\Windows\System32\wow64win.dll - ok
13:30:29.0056 0x0a38  [ 3EE3AA76D8AB6D5644C4C8F34471CEB3, FCF173B0A324FA4780824CBD8C8FE4E402F27EACF1A41AAFEA636FA0B3AE7B35 ] C:\Windows\System32\wow64cpu.dll
13:30:29.0056 0x0a38  C:\Windows\System32\wow64cpu.dll - ok
13:30:29.0056 0x0a38  [ 365A5034093AD9E04F433046C4CDF6AB, 5D5B30A883B273D59C6C64286E0BA79DA0BDF1B7EBC791278248A9196701DDDF ] C:\Windows\SysWOW64\kernel32.dll
13:30:29.0056 0x0a38  C:\Windows\SysWOW64\kernel32.dll - ok
13:30:29.0072 0x0a38  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] C:\Windows\System32\provsvc.dll
13:30:29.0072 0x0a38  C:\Windows\System32\provsvc.dll - ok
13:30:29.0072 0x0a38  [ 1B7343C3765638D4D17CB925F84F8ABE, FDD4F8B409A6C6870C56BBCDCD07902D825FCB13ABB316FD804B6AAAF996600B ] C:\Windows\SysWOW64\KernelBase.dll
13:30:29.0072 0x0a38  C:\Windows\SysWOW64\KernelBase.dll - ok
13:30:29.0087 0x0a38  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] C:\Windows\System32\sstpsvc.dll
13:30:29.0087 0x0a38  C:\Windows\System32\sstpsvc.dll - ok
13:30:29.0087 0x0a38  [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3, 01EB95FA3943CF3C6B1A21E473A5C3CB9FCBCE46913B15C96CAC14E4F04075B4 ] C:\Windows\SysWOW64\user32.dll
13:30:29.0087 0x0a38  C:\Windows\SysWOW64\user32.dll - ok
13:30:29.0103 0x0a38  [ 56E3313690866F99CD17AA1342F64AE1, 4AD4E105C1A6E9BAB9568CA21B15A38C59702EF605AA9058490C56DA070CF846 ] C:\Windows\SysWOW64\gdi32.dll
13:30:29.0103 0x0a38  C:\Windows\SysWOW64\gdi32.dll - ok
13:30:29.0103 0x0a38  [ CC23295DA8F7B5C53F93804D2F5D30EB, B290D96C40FBA934DE6CFF82D9BBA6780922CC5012C61599BD5006DAEDC82DDB ] C:\Windows\SysWOW64\lpk.dll
13:30:29.0103 0x0a38  C:\Windows\SysWOW64\lpk.dll - ok
13:30:29.0119 0x0a38  [ B7230010D97787AF3D25E4C82F2B06B9, C795E9811CD461F8E98D1738667EB0C265A57065EA3420CE596D5038E7430C1E ] C:\Windows\SysWOW64\usp10.dll
13:30:29.0119 0x0a38  C:\Windows\SysWOW64\usp10.dll - ok
13:30:29.0119 0x0a38  [ 9DC80A8AAAAAC397BDAB3C67165A824E, 051636BFDFF7AB0E4191354E846BD0DACCA1A01FCC13C1AFED91D8DBFE17127A ] C:\Windows\SysWOW64\msvcrt.dll
13:30:29.0119 0x0a38  C:\Windows\SysWOW64\msvcrt.dll - ok
13:30:29.0134 0x0a38  [ D67472125471784DE7147946EDA25FEB, F41960118F412B6CA5E80AE5E8DB9AECDD043A7DB34388FF57C6F9C5A0056F91 ] C:\Windows\SysWOW64\advapi32.dll
13:30:29.0134 0x0a38  C:\Windows\SysWOW64\advapi32.dll - ok
13:30:29.0134 0x0a38  [ A8EDB86FC2A4D6D1285E4C70384AC35A, 61B8955CE0A2AA9D0719920B30216717B349B6FBE11C697C31CFA84F859CC1AE ] C:\Windows\System32\dllhost.exe
13:30:29.0134 0x0a38  C:\Windows\System32\dllhost.exe - ok
13:30:29.0150 0x0a38  [ CFC97F07904067A1E5FAE195D534DA3A, EB4D2D127312EB09E2ACCA3276779E80F90FAF77322684BABF72B8EC6E1F906C ] C:\Windows\SysWOW64\sechost.dll
13:30:29.0150 0x0a38  C:\Windows\SysWOW64\sechost.dll - ok
13:30:29.0150 0x0a38  [ 4DC999CED9429939D75682EBD7D48901, 4E2DB6E4C500980488010AF1125A73D0F958889379F05DB304A220B4BB2D1834 ] C:\Windows\SysWOW64\rpcrt4.dll
13:30:29.0150 0x0a38  C:\Windows\SysWOW64\rpcrt4.dll - ok
13:30:29.0165 0x0a38  [ 9028D1621C43DF8DFBD1C76860412A11, A1D48D9B33180BDE50D2FA9BB07E9520B7B7788C39B3AABB4A06AE4B1AACA755 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll
13:30:29.0165 0x0a38  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll - ok
13:30:29.0165 0x0a38  [ 42B924C5F3924C1EB2539F22C10D7DF1, 5C922A6B9F4B5320ECEF67E81B37E6736BF01AF964A6966E24C8B29D0DDDDA3B ] C:\Windows\SysWOW64\sspicli.dll
13:30:29.0165 0x0a38  C:\Windows\SysWOW64\sspicli.dll - ok
13:30:29.0181 0x0a38  [ A0A2C1D812C231C9BFE119FDC68E341B, F94446594EE17505956A715DFB28B51D09F00A7A65E56950661B889A57DE8FA8 ] C:\Windows\System32\IDStore.dll
13:30:29.0181 0x0a38  C:\Windows\System32\IDStore.dll - ok
13:30:29.0181 0x0a38  [ F08F6FCD09F9BE94C37ACC1B344685FF, DE48D766258B46EFEAB16579421C4BD97ACC6883F782D00E9857F4A0CE7E8A34 ] C:\Windows\SysWOW64\cryptbase.dll
13:30:29.0181 0x0a38  C:\Windows\SysWOW64\cryptbase.dll - ok
13:30:29.0197 0x0a38  [ E02781D4871844DCD30DF1D69A650F78, DC77302F06CD6CF7FC2C3B0F433A4AE41DF869B9F342C0656CCD8A125B3D3318 ] C:\Windows\SysWOW64\shell32.dll
13:30:29.0197 0x0a38  C:\Windows\SysWOW64\shell32.dll - ok
13:30:29.0197 0x0a38  [ 23566F9723771108D2E6CD768AC27407, FAC0293DD1061B151E779BF4B245E6652C951FEDEBC602A166156DFBD38B5D67 ] C:\Windows\System32\AtBroker.exe
13:30:29.0197 0x0a38  C:\Windows\System32\AtBroker.exe - ok
13:30:29.0212 0x0a38  [ 639774C9ACD063F028F6084ABF5593AD, 9DFD80610CBBC9188F6C6BC85C87016B0AE42254FC289C2B578E85282BDD9C23 ] C:\Windows\System32\taskhost.exe
13:30:29.0212 0x0a38  C:\Windows\System32\taskhost.exe - ok
13:30:29.0212 0x0a38  [ 6CEF7856A3EFAC59470F6208F0F585CE, 0F7A80DB821FDE6580E9481B6DA44844F717DDB4983B0E3D562BE43726153951 ] C:\Windows\System32\mpr.dll
13:30:29.0212 0x0a38  C:\Windows\System32\mpr.dll - ok
13:30:29.0228 0x0a38  [ F9D908DE6B166DAC9B89BF62FA291CE8, D0A918AD60221623BB0278EA94CD6938744617FDBB2054968AFAFC2940648F02 ] C:\Program Files\Bonjour\mdnsNSP.dll
13:30:29.0228 0x0a38  C:\Program Files\Bonjour\mdnsNSP.dll - ok
13:30:29.0228 0x0a38  [ AFB5B500AD69E24ED1BC15D1161641EF, C8EE01224FA8020DAE6F9BCE2FD88EDC2441164393ED6E68DAA1EA0B8190276F ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
13:30:29.0228 0x0a38  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
13:30:29.0243 0x0a38  [ 88351B29B622B30962D2FEB6CA8D860B, A16CAD7D94C1C9807083BB36E9B4C3C14E6482C4CA2BDFACBCC86E737DDCE42E ] C:\Windows\System32\rasadhlp.dll
13:30:29.0243 0x0a38  C:\Windows\System32\rasadhlp.dll - ok
13:30:29.0243 0x0a38  [ BAFE84E637BF7388C96EF48D4D3FDD53, 11C194D9ADCE90027272C627D7FBF3BA5025FF0F7B26A8333F764E11E1382CF9 ] C:\Windows\System32\userinit.exe
13:30:29.0243 0x0a38  C:\Windows\System32\userinit.exe - ok
13:30:29.0259 0x0a38  [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051, 8EFD0A6DE6F4E335D342782190008FB5AC84A6ADE49170B310DEC9AC48E623E8 ] C:\Windows\System32\localspl.dll
13:30:29.0259 0x0a38  C:\Windows\System32\localspl.dll - ok
13:30:29.0259 0x0a38  [ 332FEAB1435662FC6C672E25BEB37BE3, 6BED1A3A956A859EF4420FEB2466C040800EAF01EF53214EF9DAB53AEFF1CFF0 ] C:\Windows\explorer.exe
13:30:29.0259 0x0a38  C:\Windows\explorer.exe - ok
13:30:29.0275 0x0a38  [ 94EEAC26F57811BD1AEFC164412F7FCE, 7390BCD7709D48DE75D7D6E06AA7356D1C58EE63F3CC2E07ABCD2E2FF6CC81CF ] C:\Windows\System32\PlaySndSrv.dll
13:30:29.0275 0x0a38  C:\Windows\System32\PlaySndSrv.dll - ok
13:30:29.0275 0x0a38  [ 9BB99503D6A4DD62569EDE9E5E2672A5, 6F4EA5BC50B1F929735246485263078BEF1B3BEB33F78CB1F483F13AA226C27E ] C:\Windows\System32\HotStartUserAgent.dll
13:30:29.0275 0x0a38  C:\Windows\System32\HotStartUserAgent.dll - ok
13:30:29.0290 0x0a38  [ 3285481F5C12305CA104A6C493CA5A0B, ADB39B15D26A954B0F347C7BAFCC76DE5E3CF3CF05736E8987E0832AA7F8563C ] C:\Windows\System32\spoolss.dll
13:30:29.0290 0x0a38  C:\Windows\System32\spoolss.dll - ok
13:30:29.0290 0x0a38  [ EED05D42D91835064703E2318552ED25, E9EE1E2253445B207B76F5D3073C612ED979A982522C1515E0FE8FA9641AE568 ] C:\Windows\System32\ExplorerFrame.dll
13:30:29.0290 0x0a38  C:\Windows\System32\ExplorerFrame.dll - ok
13:30:29.0306 0x0a38  [ 0015ACFBBDD164A8A730009908868CA7, E1FF243AD2CF959FAB81EFE701592414991C03416FF296ADC93906E76B707C4D ] C:\Windows\System32\winspool.drv
13:30:29.0306 0x0a38  C:\Windows\System32\winspool.drv - ok
13:30:29.0306 0x0a38  [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA, 8A6ACEFAB95E5275CBFBE6CCB5A6C3A6A471260B279B9063E86B9C7765E18656 ] C:\Windows\System32\MsCtfMonitor.dll
13:30:29.0306 0x0a38  C:\Windows\System32\MsCtfMonitor.dll - ok
13:30:29.0321 0x0a38  [ F09A9A1AD21FE618C4C8B0A0D830C886, 29831DDAB2AB105358FBC067CDF96428220B6743CD6019F6FE74BAC7AF325E7E ] C:\Windows\System32\msutb.dll
13:30:29.0321 0x0a38  C:\Windows\System32\msutb.dll - ok
13:30:29.0321 0x0a38  [ F5CEF064C7E6D95DA86B9D064A56A969, F118CD4364690F37A07AE458E043E8CFBA98F332DC9E7228C83409CF26F6EF6D ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
13:30:29.0321 0x0a38  C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
13:30:29.0337 0x0a38  [ 522B0466ED967A0762E9AF5B37D8F40A, B14C62D059BC7CF430E1B0F6E18E31EFD1959EFB3025A2B0EBB11751F38DD6D4 ] C:\Windows\System32\esent.dll
13:30:29.0337 0x0a38  C:\Windows\System32\esent.dll - ok
13:30:29.0337 0x0a38  [ C5AC93CF3BA30D367FB49148A2B673B9, 07B556039BBA841BC9F28979C3AD5D238B55391F921C9C805F3AFC9EFB437766 ] C:\Windows\System32\PrintIsolationProxy.dll
13:30:29.0337 0x0a38  C:\Windows\System32\PrintIsolationProxy.dll - ok
13:30:29.0353 0x0a38  [ B91BAB2B9086CF4B15DA08AA139C1A2F, B4094B9EE06FFD6B577BC0CD3E8BE7322CA7D2986C7F66F4649D07A193FF07E2 ] C:\Windows\System32\AdobePDF.dll
13:30:29.0353 0x0a38  C:\Windows\System32\AdobePDF.dll - ok
13:30:29.0353 0x0a38  [ 8CC3C111D653E96F3EA1590891491D71, 1D326D7D116D76876EE2B14A5BFB7B4328E21DB9B5AAAB9CB67F8EFB93924230 ] C:\Windows\SysWOW64\shlwapi.dll
13:30:29.0353 0x0a38  C:\Windows\SysWOW64\shlwapi.dll - ok
13:30:29.0368 0x0a38  [ 145E3449B84429729E42F396A982B4A8, E45B4542056FBF890BF0A895DD21D7247FB3591F3B77F9FAB19187BCB0572464 ] C:\ProgramData\Microsoft\Crypto\RSA64\CryptoProvider.dll
13:30:29.0368 0x0a38  C:\ProgramData\Microsoft\Crypto\RSA64\CryptoProvider.dll - ok
13:30:29.0368 0x0a38  [ B775C53B74FBEB945914B08FB86DBF8D, 94373D280C90500C7ADF8F6F1B6B7F8F89A56161F368A4D7FBD0AFF7F1DDA51A ] C:\Windows\System32\hpinkstsa111LM.dll
13:30:29.0368 0x0a38  C:\Windows\System32\hpinkstsa111LM.dll - ok
13:30:29.0384 0x0a38  [ 928CF7268086631F54C3D8E17238C6DD, F058FAFB04E7EBD5CADE9B48195B7AA7C3508F332A89F5E6E5F3F071E8CADD4A ] C:\Windows\SysWOW64\ole32.dll
13:30:29.0384 0x0a38  C:\Windows\SysWOW64\ole32.dll - ok
13:30:29.0384 0x0a38  [ 27CA6EAD43882762310F0A348773A164, C2326E9C0C7AFF355788CB9163F4969ABDD142A036632D0F1B3585745881942C ] C:\Windows\System32\HPDiscoPMa111.dll
13:30:29.0384 0x0a38  C:\Windows\System32\HPDiscoPMa111.dll - ok
13:30:29.0399 0x0a38  [ FFF9D00CF16397C64317F213484F94BD, 94D0584E14BDB27F61F59A7BCEA529A1594261BE0CE74502C13E8865843BA414 ] C:\Windows\System32\wsnmp32.dll
13:30:29.0399 0x0a38  C:\Windows\System32\wsnmp32.dll - ok
13:30:29.0399 0x0a38  [ 6C765E82B57F2E66CE9C54AC238471D9, 97F410023F5C08B4BC5DBF89A642200E76F4025ADD9707C24FD89D673675BB43 ] C:\Windows\SysWOW64\oleaut32.dll
13:30:29.0399 0x0a38  C:\Windows\SysWOW64\oleaut32.dll - ok
13:30:29.0415 0x0a38  [ 19E41CCCEE697CC9465396B370929792, A9FC4C33C71C3677FE57779380E55FDE2AC0B0C70A9DBCBA0D0B6FA92C709A7F ] C:\Windows\System32\FXSMON.dll
13:30:29.0415 0x0a38  C:\Windows\System32\FXSMON.dll - ok
13:30:29.0415 0x0a38  [ E16C433D8D23B08A40A664A9D8348649, 52FFB6FECF5D4EAFDF6F924484FE0F908376E27251DA0CE215C0D3F11278BC24 ] C:\Windows\System32\hpz3lw72.dll
13:30:29.0415 0x0a38  C:\Windows\System32\hpz3lw72.dll - ok
13:30:29.0431 0x0a38  [ CC09E0C9A2D89C6E71D093DC8BD121B7, 5F92457E27D817541EBA92FED984D2E6C1E35AD4E4E4CAE0F0778B795C260FAA ] C:\Windows\SysWOW64\crypt32.dll
13:30:29.0431 0x0a38  C:\Windows\SysWOW64\crypt32.dll - ok
13:30:29.0431 0x0a38  [ 32A3C8600AF124CBAAD845F13CFAE3CB, F36FE9E57D5C509FEECE890F9F8717F9CC6F762E32AE0B7DB7E0153370CE0B9D ] C:\Windows\System32\tcpmon.dll
13:30:29.0431 0x0a38  C:\Windows\System32\tcpmon.dll - ok
13:30:29.0446 0x0a38  [ 58F4493BF748A3A89689997B7BD00E95, EC5DEEC73E357C7C87B001275C4E635011A9CF39419F2B86E2C2B8D7E388C551 ] C:\Windows\System32\winhttp.dll
13:30:29.0446 0x0a38  C:\Windows\System32\winhttp.dll - ok
13:30:29.0446 0x0a38  [ 603EBD34E216C5654A2D774EAC98D278, ACE0171BB780DB2C1B1A8BF6FA8CF51C529D7E09141FA504C7199AF764FD9A36 ] C:\Windows\System32\webio.dll
13:30:29.0446 0x0a38  C:\Windows\System32\webio.dll - ok
13:30:29.0462 0x0a38  [ 93518C6EDE0B61BCBD02BDB02BD05FEE, 3637F5E5F15093AFB501EE910368CF900B422AC22669391FFA4198BBAE6F8FCB ] C:\Windows\System32\snmpapi.dll
13:30:29.0462 0x0a38  C:\Windows\System32\snmpapi.dll - ok
13:30:29.0462 0x0a38  [ 938F39B50BAFE13D6F58C7790682C010, 902000EE51EFEABAF6A4B30F880AA37083D2232C6FC622CA513C4A823390FEDA ] C:\Windows\SysWOW64\msasn1.dll
13:30:29.0462 0x0a38  C:\Windows\SysWOW64\msasn1.dll - ok
13:30:29.0477 0x0a38  [ 68EAAEDF0365168B804E8728368FA946, 1FA25087E8B247B099B729F780DBF24F77FD34F58186A1C94329261CF3D18B8E ] C:\Windows\SysWOW64\wintrust.dll
13:30:29.0477 0x0a38  C:\Windows\SysWOW64\wintrust.dll - ok
13:30:29.0477 0x0a38  [ 58A0CDABEA255616827B1C22C9994466, 4FE1140AA8D3995579DE8CDF4ECAD1978804D05351EABB4079A63B303EF1B451 ] C:\Windows\System32\NapiNSP.dll
13:30:29.0477 0x0a38  C:\Windows\System32\NapiNSP.dll - ok
13:30:29.0493 0x0a38  [ 613C8CE10A5FDE582BA5FA64C4D56AAA, 30507B6BA79E1A271B07BBA58B4FF463678BE0960266A1D5E88031E932D768B6 ] C:\Windows\System32\pnrpnsp.dll
13:30:29.0493 0x0a38  C:\Windows\System32\pnrpnsp.dll - ok
13:30:29.0493 0x0a38  [ 7AACDCCE2CF59AD950139A91C6B29F44, 20AEFB13894C77490159CB0270CD4F52E21A7CB1273D4E753FAE539091EB2C14 ] C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
13:30:29.0493 0x0a38  C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll - ok
13:30:29.0509 0x0a38  [ B1F025D7F1A50AE32F301C2942274E35, FC4D2594DF2A9515E156D7A1970187F9871A5035BC55D2B8BCA8D4B15D5E1654 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2EBCADD8-8635-49BB-A3D1-B3309D9A0718}\mpasdlta.vdm
13:30:29.0509 0x0a38  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2EBCADD8-8635-49BB-A3D1-B3309D9A0718}\mpasdlta.vdm - ok
13:30:29.0509 0x0a38  [ DF72A9936D0C3F517083119648814B09, 6BA4DCAC2F55A393A266ED0B2AF92B38141654D1666E3E143D85BBAF21663E1E ] C:\Windows\System32\usbmon.dll
13:30:29.0509 0x0a38  C:\Windows\System32\usbmon.dll - ok
13:30:29.0524 0x0a38  [ CDBE9690CF2B8409FACAD94FAC9479C9, 8E7FE1A1F3550C479FFD86A77BC9D10686D47F8727025BB891D8F4F0259354C8 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
13:30:29.0524 0x0a38  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
13:30:29.0524 0x0a38  [ A1D7E3ADCDB07DDB6F423862DCB1A52B, 6191C33D2AE090F6F055D6AE211096CE8F003EC5518A5333EE1E376052176BAB ] C:\Windows\System32\WSDMon.dll
13:30:29.0524 0x0a38  C:\Windows\System32\WSDMon.dll - ok
13:30:29.0540 0x0a38  [ A6F09E5669D9A19035F6D942CAA15882, 68C8AF0CC1923E3A7245392F2480EE665D265DF300A609D2540BF7C6D9C1A1BE ] C:\Windows\SysWOW64\imm32.dll
13:30:29.0540 0x0a38  C:\Windows\SysWOW64\imm32.dll - ok
13:30:29.0540 0x0a38  [ C9618BC9B2B0FD7C1138D8774795A79B, 0AC170669C2626519FA7A745C56BFBA6B83B8537488F5B9EB7BA72448E5E7A43 ] C:\Windows\SysWOW64\msctf.dll
13:30:29.0540 0x0a38  C:\Windows\SysWOW64\msctf.dll - ok
13:30:29.0555 0x0a38  [ F1B205F932F62F94506A5F332C895DAF, F02F01F20F655DD919C71AE814E4C3DD43330AAD1425FC5B1497F1613917CCDE ] C:\Windows\System32\WSDApi.dll
13:30:29.0555 0x0a38  C:\Windows\System32\WSDApi.dll - ok
13:30:29.0555 0x0a38  [ 241AF87821FDA0F5792037B779F49BE0, B3F4FDA27430ACC6D6BC1C3CBD518B9CAE5BA0F22AB8917578A7F16270F94C8B ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
13:30:29.0555 0x0a38  C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
13:30:29.0571 0x0a38  [ C55516D98DD5D8F0153C2A9B4227DA86, DBC62B776CF06D0873A4C7CFCDF5B6F5C6E6C41917C326C090BCE58DC66EE09C ] C:\Windows\System32\webservices.dll
13:30:29.0571 0x0a38  C:\Windows\System32\webservices.dll - ok
13:30:29.0571 0x0a38  [ D233C7FEAE3FAA25F93A9E6B46815ADC, 5330682AE9C08E5F2E30C5E256B91028389BBBDDAA8C38950DF76616FCA854FF ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
13:30:29.0571 0x0a38  C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
13:30:29.0587 0x0a38  [ 00000000000000000000000000000000, 0000000000000000000000000000000000000000000000000000000000000000 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2EBCADD8-8635-49BB-A3D1-B3309D9A0718}\mpavbase.vdm
13:30:29.0587 0x0a38  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2EBCADD8-8635-49BB-A3D1-B3309D9A0718}\mpavbase.vdm - ok
13:30:29.0587 0x0a38  [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe
13:30:29.0587 0x0a38  C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe - ok
13:30:29.0602 0x0a38  [ DE6145710F7BFE3D2E1CCE6B84F3400F, A6E661F55B554F11ADE8F35AB5B509D5FF011B73BCECF7E91E233114A3EF9892 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2EBCADD8-8635-49BB-A3D1-B3309D9A0718}\mpavdlta.vdm
13:30:29.0602 0x0a38  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2EBCADD8-8635-49BB-A3D1-B3309D9A0718}\mpavdlta.vdm - ok
13:30:29.0602 0x0a38  [ 024352FEEC9042260BB4CFB4D79A206B, 60CB39086E10C5B66EBC15E4DF219620B344B4358D2918AB6BB3448A0AC8BE36 ] C:\Windows\System32\EhStorShell.dll
13:30:29.0602 0x0a38  C:\Windows\System32\EhStorShell.dll - ok
13:30:29.0618 0x0a38  [ 2E2072EB48238FCA8FBB7A9F5FABAC45, AC70B9FC24847EEC2E18008F2894DCDAC19A9C90D5D88729326E493CA524F5C3 ] C:\Windows\System32\winrnr.dll
13:30:29.0618 0x0a38  C:\Windows\System32\winrnr.dll - ok
13:30:29.0618 0x0a38  [ F518545E5B7623AD49ABE7F8776EFA46, CD39B6EC0D80C6DB857F34D4AC5C31085271B51B8851A56FEFC052B20B7CC40C ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:30:29.0618 0x0a38  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
13:30:29.0633 0x0a38  [ B5055B51BAA0FD0A736A88653DA3C1C0, A3BD057C7E8C926930BA7E9D11427D26FB37267026A0B72AB4021101EE424F74 ] C:\Windows\System32\fundisc.dll
13:30:29.0633 0x0a38  C:\Windows\System32\fundisc.dll - ok
13:30:29.0633 0x0a38  [ 3704B79027CA15E907BA320824D0069B, 5F8486AF38CADB107D70C675F981C07F1BAB000EAB045BE6904F744F64688558 ] C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
13:30:29.0633 0x0a38  C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL - ok
13:30:29.0649 0x0a38  [ 4581716B4BF76ACFD8E167EB0B26D82A, 39D822527114EEED68044CCE4D542767F53978D9E0A7F72638F1CA9A016DE13B ] C:\Windows\System32\fdPnp.dll
13:30:29.0649 0x0a38  C:\Windows\System32\fdPnp.dll - ok
13:30:29.0649 0x0a38  [ 1D626FE2E13C1CE49CA0136CFF214E93, 4F02DD92045CF244979FFD074B2BDE6925A909227A474C60DCABE4384D916218 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
13:30:29.0649 0x0a38  C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
13:30:29.0665 0x0a38  [ E3C817F7FE44CC870ECDBCBC3EA36132, D769FAFA2B3232DE9FA7153212BA287F68E745257F1C00FAFB511E7A02DE7ADF ] C:\Windows\SysWOW64\msvcp100.dll
13:30:29.0665 0x0a38  C:\Windows\SysWOW64\msvcp100.dll - ok
13:30:29.0665 0x0a38  [ BF38660A9125935658CFA3E53FDC7D65, 60C06E0FA4449314DA3A0A87C1A9D9577DF99226F943637E06F61188E5862EFA ] C:\Windows\SysWOW64\msvcr100.dll
13:30:29.0665 0x0a38  C:\Windows\SysWOW64\msvcr100.dll - ok
13:30:29.0680 0x0a38  [ E9C88CE65FEF829C242CDD4BB81BFB0C, D07B530A22712153CF174C17B913BC39005E0877DC7CC8A0FE54241F1EA13D8A ] C:\Windows\System32\spool\prtprocs\x64\dlebdrpp.dll
13:30:29.0680 0x0a38  C:\Windows\System32\spool\prtprocs\x64\dlebdrpp.dll - ok
13:30:29.0680 0x0a38  [ 62FD1461C7C88D9927CAFF8FA827DAA8, 132FDA338E786423CA47B94BE4E8A6DA82615C867415B9E3B2D487565D83995F ] C:\Windows\System32\spool\prtprocs\x64\hpzppw72.dll
13:30:29.0680 0x0a38  C:\Windows\System32\spool\prtprocs\x64\hpzppw72.dll - ok
13:30:29.0696 0x0a38  [ 67CF11E00D026A5C0C88EA5F84D501E5, 5081A87466116232CF07F58229967B6C0CD3738B64A56EFC6BB3EBDA62E378F6 ] C:\Windows\System32\win32spl.dll
13:30:29.0696 0x0a38  C:\Windows\System32\win32spl.dll - ok
13:30:29.0696 0x0a38  [ 29158B1DC3F86D4B0D6A127FE586ADFF, 03C17FA518200CE5C53AED55C5AF22D0A2D483110FB1E7EA6F990C56936570E6 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
13:30:29.0696 0x0a38  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
13:30:29.0711 0x0a38  [ 507D5567A0A4EE86C4B0CE2CE1777025, 408770B00CED498BF7782054F17A5CB361CF65429B0C816403D70E416E0EEF23 ] C:\Windows\System32\inetpp.dll
13:30:29.0711 0x0a38  C:\Windows\System32\inetpp.dll - ok
13:30:29.0711 0x0a38  [ 702254574E7E52052DE39408457B7149, 645CA9E88DA21C63710A04A0F54421018DF415A3D612112C71A255C49325C082 ] C:\Windows\SysWOW64\version.dll
13:30:29.0711 0x0a38  C:\Windows\SysWOW64\version.dll - ok
13:30:29.0727 0x0a38  [ B18663FEBCDF060FCD182CBE1C1C6F1A, 3E0AA063E0322E74CD250653365F425F2BF9EE020C3FC0C2A9540011A7912E72 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
13:30:29.0727 0x0a38  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
13:30:29.0727 0x0a38  [ 461299398E15909598B7002B3FAABCE8, 1965E672088268C91848A100D77A6CD6E689589185B528DD9E0907ED1AD60771 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
13:30:29.0727 0x0a38  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
13:30:29.0743 0x0a38  [ 7FF15A4F092CD4A96055BA69F903E3E9, 1B594E6D057C632ABB3A8CF838157369024BD6B9F515CA8E774B22FE71A11627 ] C:\Windows\SysWOW64\ws2_32.dll
13:30:29.0743 0x0a38  C:\Windows\SysWOW64\ws2_32.dll - ok
13:30:29.0758 0x0a38  [ 1BF0CB861A48FEB1638228760750F3CB, 37C781A8C546EAD8B4D28BD7D730B9AC78EB799599AD69DAD9054B6F9F1DD6BD ] C:\Windows\System32\cscapi.dll
13:30:29.0758 0x0a38  C:\Windows\System32\cscapi.dll - ok
13:30:29.0758 0x0a38  [ 6377051C63D5552A311935C67E9FDFDC, 3FB82988AAB66813567E8DB951D4EE87F156201070F005FDBF52EF998A323E65 ] C:\Windows\SysWOW64\nsi.dll
13:30:29.0758 0x0a38  C:\Windows\SysWOW64\nsi.dll - ok
13:30:29.0774 0x0a38  [ 5AC3CB53406CB9AABB25D46B3385528F, D5213E1C8CBD9E82922CE7F0E49611119EC6C2C1A0DC3F5912199AF5F39830C0 ] C:\Windows\System32\spool\drivers\x64\3\unidrvui.dll
13:30:29.0774 0x0a38  C:\Windows\System32\spool\drivers\x64\3\unidrvui.dll - ok
13:30:29.0774 0x0a38  [ EA6C35EBF9F3ED65724E1D65F09E6E7F, D39DD2D98277B0136C47E3C762E76EB12D6BDB79151F673E681B7EA49EBC6A6F ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
13:30:29.0774 0x0a38  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
13:30:29.0789 0x0a38  [ E81F5A2F6D52215C0E84F2849503EBA8, D372F90035F38A91703E8C017A26D6BB91FDF9B65B7B6DA24BB9D25485A91942 ] C:\Windows\System32\tcpmib.dll
13:30:29.0789 0x0a38  C:\Windows\System32\tcpmib.dll - ok
13:30:29.0789 0x0a38  [ EFEC3847B47CC9357D5C33BBAB59B7EB, C093AF387AC9B7C5FA92D90DB1C3EC228A2C64CE4229539A25C8A47AD7E6D133 ] C:\Windows\System32\mgmtapi.dll
13:30:29.0789 0x0a38  C:\Windows\System32\mgmtapi.dll - ok
13:30:29.0805 0x0a38  [ 8EAEB0ED23A98DE0F0C812D756E47CE9, D49AB526C0B0356AB1F778E3B6AFC4D148742942F8561C9C4C2183A649661A86 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
13:30:29.0805 0x0a38  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
13:30:29.0805 0x0a38  [ 22F020C76E339EB2B2187BA73A7E4173, 4605BF0C708441D146D2F902BB340858E314FCA70A4C88EB31CF3544C865C123 ] C:\Windows\System32\PrintIsolationHost.exe
13:30:29.0805 0x0a38  C:\Windows\System32\PrintIsolationHost.exe - ok
13:30:29.0821 0x0a38  [ 5760B2B5BAA3449C045B6FA222205F60, AC566245868530F6A8F80BEA9C6AB532DB2280F280CA4889C09BCCA9D057C1D4 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
13:30:29.0821 0x0a38  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
13:30:29.0821 0x0a38  [ D5AEFAD57C08349A4393D987DF7C715D, C36A45BC2448DF30CD17BD2F8A17FC196FAFB685612CACCEB22DC7B58515C201 ] C:\Windows\SysWOW64\winmm.dll
13:30:29.0821 0x0a38  C:\Windows\SysWOW64\winmm.dll - ok
13:30:29.0836 0x0a38  [ ADE2BCD1FDE5C9669FCE1F4541AB46DD, 1C12491CDC2C91BC24F560CFCA82A1459F6FC96D13C92A68CB9D67213F5AA779 ] C:\Windows\System32\spool\drivers\x64\3\unidrv.dll
13:30:29.0836 0x0a38  C:\Windows\System32\spool\drivers\x64\3\unidrv.dll - ok
13:30:29.0836 0x0a38  [ BCE7DD8098CE6DD28EE2B0D5D5028B47, C48E1E455A0C6FC351CA2A8938C78D6D278B753FA7A621628B4E843C3A8F02FE ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
13:30:29.0836 0x0a38  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
13:30:29.0852 0x0a38  [ 57AC86AC664CC774C861DAB2B1D1E978, A3BB9203BA7B31A9E419F03C8902C656B0597B312B4E58A2B2D0163ECC9CEE67 ] C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll
13:30:29.0852 0x0a38  C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll - ok
13:30:29.0852 0x0a38  [ 4213C13D04AC31B7CE1FB802C3A35A7F, 9BAAF61F2FB59A53AB50B9E8308966384D8F7609D96D9AE73146FA567B616FC0 ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF
13:30:29.0852 0x0a38  C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok
13:30:29.0867 0x0a38  [ FDC385A0F7D7DD880C4622D1DF08ABE9, D9596264D98B09A5C44DD63B69B7253377B5FF237B6F2C4F97258E86FFAD055A ] C:\Windows\System32\ntprint.dll
13:30:29.0867 0x0a38  C:\Windows\System32\ntprint.dll - ok
13:30:29.0883 0x0a38  [ 9D79D26CAB5B538523A3E739B6A27373, FD511A4592719693384B3DD71D4BAEE9D3B854B14693FB0F441152AFA07F3EB2 ] C:\Windows\System32\spool\drivers\x64\3\hpzuiw72.dll
13:30:29.0883 0x0a38  C:\Windows\System32\spool\drivers\x64\3\hpzuiw72.dll - ok
13:30:29.0883 0x0a38  [ 922563953E405AA9762F90778B711F77, 3DD35372DFC79F309BF419E9BF0043D1B1E00EDC47DCFF4D669416BDD5B094C5 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
13:30:29.0883 0x0a38  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
13:30:29.0883 0x0a38  [ E424B3EF666B184CEE0B6871AAA8C9F6, D182D9B3A813C75F88CA16A9C236AB6167DF5861D155B5DC016B90918C4BD579 ] C:\Windows\System32\msimg32.dll
13:30:29.0899 0x0a38  C:\Windows\System32\msimg32.dll - ok
13:30:29.0899 0x0a38  [ C8E5840F206004ECD6F71E3F1D5AA1D0, D0B749EE9DD67625C1B8DCF3510ECACD994BA935E0CF65309B683388F8550E28 ] C:\Windows\System32\spool\drivers\x64\3\hpzstw72.dll
13:30:29.0899 0x0a38  C:\Windows\System32\spool\drivers\x64\3\hpzstw72.dll - ok
13:30:29.0914 0x0a38  [ 54023DF1A9A7D481B4762B09ECCA330F, 271B46804B2E944B7ABF707939CB498AE78B0EE6DDCE318E26BE0C7BA826DFA3 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt49.dll
13:30:29.0914 0x0a38  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt49.dll - ok
13:30:29.0914 0x0a38  [ 66E3C667D853DF349E310568F60B9B6A, 49623B6E56219D254EC0B89E180C774B681CF6675DEF888A675265BCCD84B432 ] C:\PROGRA~1\MICROS~2\Office14\1033\GrooveIntlResource.dll
13:30:29.0914 0x0a38  C:\PROGRA~1\MICROS~2\Office14\1033\GrooveIntlResource.dll - ok
13:30:29.0930 0x0a38  [ 037A719DAD50603202C978CD802623E4, BD4C222913D32D7CF5FE0201FEBE7BD67FC39DF47A7A672C2D6C228A6E13B5DE ] C:\Windows\System32\ntshrui.dll
13:30:29.0930 0x0a38  C:\Windows\System32\ntshrui.dll - ok
13:30:29.0930 0x0a38  [ 1D63F4366288B8A7595397E27010FD44, 99EA4DDD88D9C4A4CC9B238F533CB4D2C062D46239173997E8594D8A75811A01 ] C:\Windows\System32\IconCodecService.dll
13:30:29.0930 0x0a38  C:\Windows\System32\IconCodecService.dll - ok
13:30:29.0945 0x0a38  [ D016F5092E4FFC41147E8555A71D2DDE, 9051A354B68F7B81A8680835E92DFB00D8C2A878E6EAEEAA93A5DB390B965409 ] C:\Windows\System32\mshtml.dll
13:30:29.0945 0x0a38  C:\Windows\System32\mshtml.dll - ok
13:30:29.0945 0x0a38  [ C733D233B623B7FFCE5031E4B756EE26, 33CC8B140B0E4A9B702E3468BE2646AEE4273F20C6EA5BAC6C3D8FC8EDEF0881 ] C:\Windows\SysWOW64\profapi.dll
13:30:29.0945 0x0a38  C:\Windows\SysWOW64\profapi.dll - ok
13:30:29.0961 0x0a38  [ 3452419032093CAB86ED6F5885B01F89, 8CB0919181741359D4D9B8F9B0390DE4D8339DD6DA22BA5F6754DD595B60C475 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
13:30:29.0961 0x0a38  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
13:30:29.0961 0x0a38  [ 78B5B7A7932CFED6BE0DE992D8D94746, AC5EBE90DA16B3887CE7D8DD1684D3F5126BF4753213A12A37FB5ABC35DC533C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
13:30:29.0961 0x0a38  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
13:30:29.0977 0x0a38  [ 10FB16B50AFFDA6D44588F3C445DC273, 6CDA17DA9B44D11E69F7C6682FA633EA75731623BB21B429A0FE2086ED4495A7 ] C:\Windows\SysWOW64\setupapi.dll
13:30:29.0977 0x0a38  C:\Windows\SysWOW64\setupapi.dll - ok
13:30:29.0977 0x0a38  [ F436E847FA799ECD75AD8C313673F450, 3C8BF3F0C08C7FA8DE5CD9C60AD9D00B742E84EB1FEBEEBA0F7159844BAAA471 ] C:\Windows\SysWOW64\cfgmgr32.dll
13:30:29.0977 0x0a38  C:\Windows\SysWOW64\cfgmgr32.dll - ok
13:30:29.0992 0x0a38  [ 2EEFF4502F5E13B1BED4A04CCAD64C08, 209FF1B6D46D1AC99518FCF54F2F726143B2DBF2C5FDA90212FBEF7526F7CBF5 ] C:\Windows\SysWOW64\devobj.dll
13:30:29.0992 0x0a38  C:\Windows\SysWOW64\devobj.dll - ok
13:30:29.0992 0x0a38  [ D15618A0FF8DBC2C5BF3726BACC75A0B, ADD81EA1D208907D67802F0E96EC0327BA89021F870BA22B9C7E3A19013A6AE7 ] C:\Windows\SysWOW64\userenv.dll
13:30:29.0992 0x0a38  C:\Windows\SysWOW64\userenv.dll - ok
13:30:30.0008 0x0a38  [ DF13A51A5C591887D2EC6AE64CEED0FA, DFD503AEBCAA056B2B0E669ACA52F6D26F4E6892F2DCFCCD902752C23A621653 ] C:\Windows\SysWOW64\wsock32.dll
13:30:30.0008 0x0a38  C:\Windows\SysWOW64\wsock32.dll - ok
13:30:30.0008 0x0a38  [ 6A6B2EE4565A178035BE2A4FF6F2C968, E2E231F1C2E2CE19583483ACC53318651FA7CA2DE46BCB89B4CBF97CA0525122 ] C:\Windows\SysWOW64\wtsapi32.dll
13:30:30.0008 0x0a38  C:\Windows\SysWOW64\wtsapi32.dll - ok
13:30:30.0008 0x0a38  [ 062373995EAE5F0EAC9EAA9192136BFB, 0392D5656BD677C4C5CB74C96E7B85B0867F2535A37950AEC7F5C4A1A70D19AE ] C:\Windows\SysWOW64\dnssd.dll
13:30:30.0008 0x0a38  C:\Windows\SysWOW64\dnssd.dll - ok
13:30:30.0023 0x0a38  [ 0C043B0ABBB5E14E68906AB80365395B, A57A6FAF713EA4F46566A941DE7C2273ED4EB50F9E30B70276E810873AF6900B ] C:\Windows\System32\efssvc.dll
13:30:30.0023 0x0a38  C:\Windows\System32\efssvc.dll - ok
13:30:30.0039 0x0a38  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] C:\Windows\System32\cryptsvc.dll
13:30:30.0039 0x0a38  C:\Windows\System32\cryptsvc.dll - ok
13:30:30.0039 0x0a38  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] C:\Windows\System32\dps.dll
13:30:30.0039 0x0a38  C:\Windows\System32\dps.dll - ok
13:30:30.0039 0x0a38  [ A6B726DCA228F7878E38368A1BDC68BE, 30E8300B09B876E3D4B2A9215C9CC070EADF915E1268F425B6F8E0596A0D3539 ] C:\Windows\System32\cryptnet.dll
13:30:30.0039 0x0a38  C:\Windows\System32\cryptnet.dll - ok
13:30:30.0055 0x0a38  [ E94C583CDE2348950155F2AF2876F34D, D00C7E0D665E467B712C68A446CC5BE14FDA743A2301878B3CEB72CDD0A8B8E7 ] C:\Windows\SysWOW64\mswsock.dll
13:30:30.0055 0x0a38  C:\Windows\SysWOW64\mswsock.dll - ok
13:30:30.0055 0x0a38  [ 7F8E83B9466A0A002D4AB15C104062A7, D2D64B95079243F04479A7950AFB9DD086C43BF0236E72E74FC45C6945A765E4 ] C:\Windows\System32\efscore.dll
13:30:30.0055 0x0a38  C:\Windows\System32\efscore.dll - ok
13:30:30.0070 0x0a38  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
13:30:30.0070 0x0a38  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
13:30:30.0070 0x0a38  [ EF39CCCC9AD927A25334AE0B41A8A343, EC5FB376F84697F42B632BC9775D362CF6C54A68E26A0CF027D90F5A419BEA74 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
13:30:30.0070 0x0a38  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll - ok
13:30:30.0086 0x0a38  [ BAAFAF9CEAEC0B73C2A3550A01F6CECB, 018CB95A43CEA2063EA24691C71D51EF60D522C21502ABA8AD93876363D4B857 ] C:\Windows\System32\taskschd.dll
13:30:30.0086 0x0a38  C:\Windows\System32\taskschd.dll - ok
13:30:30.0086 0x0a38  [ 0E2F58F6E698EDCB9E58FAD0CBCD0567, 426FB40A065FEF61980C803EF72D0D326C623340C3AE99CA8AFFDEFB81E8D49D ] C:\Windows\System32\vssapi.dll
13:30:30.0086 0x0a38  C:\Windows\System32\vssapi.dll - ok
13:30:30.0101 0x0a38  [ EE5C8E27C37B79CB54A2FCEEED2DC262, 0A5E200FD65A491756B951A4A0ED39B88B7B313E97C2BBF3C91AC4C290772BB7 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
13:30:30.0101 0x0a38  C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
13:30:30.0101 0x0a38  [ 58283053C781AD3A579C95D7765C1FA0, 9F7641C9B5E64797E14A2E307D94E31D6F51A721964BD5CE8CEFF6B523A69DB8 ] C:\Windows\System32\efsutil.dll
13:30:30.0101 0x0a38  C:\Windows\System32\efsutil.dll - ok
13:30:30.0117 0x0a38  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] C:\Windows\System32\IKEEXT.DLL
13:30:30.0117 0x0a38  C:\Windows\System32\IKEEXT.DLL - ok
13:30:30.0117 0x0a38  [ 9C8E85B318BE2619170D7A9D684CDFB5, F0F75AD61EB038A1A2CFA24D1D06E98E2EFB35A7F749B11F70505481E7AE5F8B ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
13:30:30.0117 0x0a38  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok



#9 gillybean

gillybean
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Canada
  • Local time:08:41 AM

Posted 04 March 2014 - 02:19 PM

TDSSKiller log part 3

 

13:30:30.0133 0x0a38  [ 9C89246184979A070B0C6CCF61C68136, 409D5CB32E803B623F79A0CBAB094D33B078ED164002687B1CEA236E2B77C7D8 ] C:\Windows\SysWOW64\wininet.dll
13:30:30.0133 0x0a38  C:\Windows\SysWOW64\wininet.dll - ok
13:30:30.0133 0x0a38  [ 9275F02BEA644F43A459E316A932658F, A4B9A716BEF1ADFDDA4C44D4838EC57BD77DEE29C4B4737B58A9375C2366A87F ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll
13:30:30.0133 0x0a38  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll - ok
13:30:30.0148 0x0a38  [ 77B5035BC6EDF4D1B6265391AECEE4C0, FE69B715F04446BD42AF1B672E6AC54E954CFE0C847BFD2056CB11CF017B1844 ] C:\Windows\System32\vpnikeapi.dll
13:30:30.0148 0x0a38  C:\Windows\System32\vpnikeapi.dll - ok
13:30:30.0164 0x0a38  [ 6951562DC4625EEFC6EACD52AD165866, 44A0B3EA0232D613A5B4115492DF2A7CEF25B35300E6A3E3E50C9544C5D1049E ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
13:30:30.0164 0x0a38  C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
13:30:30.0164 0x0a38  [ 589CBC4989F750E1DA35625AB481CF43, B93E1B8C3775F9C995FD5451C685A06DEFD24AE1DF0DD99D19D5E4B9AC0010F9 ] C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
13:30:30.0164 0x0a38  C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll - ok
13:30:30.0179 0x0a38  [ 3BE0D923AA45A4DBE091C2D84F0B4FE7, 603EEC55D6F646150FC3F0F2C939CFE434C02FC7A7AB23B1FEC8B5C77E4C8381 ] C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
13:30:30.0179 0x0a38  C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll - ok
13:30:30.0179 0x0a38  [ 2E33DFD10F28F86C3FC40EE123CC3904, 57C65671A04EFCA437A69E8E97B2FCA17897EE4608C7DB69F77D44FBD3490B50 ] C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
13:30:30.0179 0x0a38  C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
13:30:30.0195 0x0a38  [ 34CBED7698D557DDB43F8732FBC2ACB9, 2406E009E037F0C577984792FD41CECD96078AA8B6EAC9207051CDE8DBED89CD ] C:\Windows\SysWOW64\iertutil.dll
13:30:30.0195 0x0a38  C:\Windows\SysWOW64\iertutil.dll - ok
13:30:30.0195 0x0a38  [ 287923557447D7E4BDD7E65B1F0F5428, 14D85A0F036F28D77AA9723C3D7E8C4DA9BDFF8A1AD9BEA6FE5756DBF5D00F08 ] C:\Windows\System32\vsstrace.dll
13:30:30.0195 0x0a38  C:\Windows\System32\vsstrace.dll - ok
13:30:30.0211 0x0a38  [ A90DC9ABD65DB1A8902F361103029952, 26798758976CE53251AC342B966BE0363AE1794BD965C452F5DEBC33E18969F0 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
13:30:30.0211 0x0a38  C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
13:30:30.0211 0x0a38  [ CFF35B879D1618D42C86644C717BA947, 1837275202628D3320867A3BF8CFDA15491730C4B74215F7C0D7E140BF01AC3C ] C:\Windows\SysWOW64\winnsi.dll
13:30:30.0211 0x0a38  C:\Windows\SysWOW64\winnsi.dll - ok
13:30:30.0226 0x0a38  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
13:30:30.0226 0x0a38  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe - ok
13:30:30.0226 0x0a38  [ 6A13B4F3B3F575F1E24B877B9359AABA, 676AD5F8F709D4A9DCE9938D82DEEE329C9A385A6969C169B3DF37AA75F1E4C7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
13:30:30.0226 0x0a38  C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
13:30:30.0242 0x0a38  [ 725AB72D5DD462F2EDAF1A6C59C8CFB5, 2420B0D7D132444E79B646787B1B6D89F45C6188E03FC1A4467B154D4774EFC3 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
13:30:30.0242 0x0a38  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
13:30:30.0242 0x0a38  [ 80D8679BF84A9383BFF33E07D5D9FC35, 0986806F2504C8A66FA8DEF7923A69E90A2390DD447BE53AD1824240CE68EC1E ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll
13:30:30.0242 0x0a38  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll - ok
13:30:30.0257 0x0a38  [ B9A8CBCFCD3EC9D2EA4740AF347BF108, 97FA304E3880BC863D999F441AE47CB8ADF00D2DEC2A52ACD8FBD02CC096786A ] C:\Windows\SysWOW64\mpr.dll
13:30:30.0257 0x0a38  C:\Windows\SysWOW64\mpr.dll - ok
13:30:30.0257 0x0a38  [ A543AC1F7138376D778D630A35FCBC4C, 2D824C66A97FC8C39DAFA397CC47495B712D175EEF393486946DA8936BDD466A ] C:\Windows\SysWOW64\psapi.dll
13:30:30.0257 0x0a38  C:\Windows\SysWOW64\psapi.dll - ok
13:30:30.0273 0x0a38  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] C:\Windows\System32\netman.dll
13:30:30.0273 0x0a38  C:\Windows\System32\netman.dll - ok
13:30:30.0273 0x0a38  [ 7321F18D1F820612ED0E9F2D4B578A7E, 612BD7DE1DFBD100BD6ACB37A38565D88C39842D990D296B9B8E1FB75C3A94E7 ] C:\Windows\SysWOW64\cryptsp.dll
13:30:30.0273 0x0a38  C:\Windows\SysWOW64\cryptsp.dll - ok
13:30:30.0289 0x0a38  [ 7F5061210C2B7A91F4B58602DFE32E6C, 9F7BDFD6CAA9B24C166C12799C8D9650C219F2DDE52A84745CFED6177B595E40 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
13:30:30.0289 0x0a38  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
13:30:30.0289 0x0a38  [ ACE8C64C57E4A711473C8BC10ADF692B, 53D8083CE78DB5527080B4570AC28ABAA262667744A319707AE0C46E46B297F9 ] C:\Windows\System32\drivers\NisDrvWFP.sys
13:30:30.0289 0x0a38  C:\Windows\System32\drivers\NisDrvWFP.sys - ok
13:30:30.0304 0x0a38  [ ED8EC63F7522DF4852147C84EC62C36A, 75633011CD28DCBD4834211A9D415F17DE15BFCD80FB9FF6CE25CBBD4E9899AF ] C:\Windows\SysWOW64\rsaenh.dll
13:30:30.0304 0x0a38  C:\Windows\SysWOW64\rsaenh.dll - ok
13:30:30.0304 0x0a38  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] C:\Windows\System32\drivers\PEAuth.sys
13:30:30.0304 0x0a38  C:\Windows\System32\drivers\PEAuth.sys - ok
13:30:30.0320 0x0a38  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] C:\Windows\System32\nlasvc.dll
13:30:30.0320 0x0a38  C:\Windows\System32\nlasvc.dll - ok
13:30:30.0320 0x0a38  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] C:\Windows\System32\drivers\secdrv.sys
13:30:30.0320 0x0a38  C:\Windows\System32\drivers\secdrv.sys - ok
13:30:30.0335 0x0a38  [ D4FAC263861BAE06971C7F7D0A8EBF15, D494DEF0024288B9CC56EC6B500FF5828144BE9B8E7033340509EC5E68F8DED0 ] C:\Windows\System32\ncsi.dll
13:30:30.0335 0x0a38  C:\Windows\System32\ncsi.dll - ok
13:30:30.0335 0x0a38  [ 3FD15B4611D9BDA3F8013548C0ECAECA, B47A8D9985D9B71EB870816A0AB2B6403D394CCBDF7DE5378D5721D58D68D28D ] C:\Windows\SysWOW64\ntmarta.dll
13:30:30.0335 0x0a38  C:\Windows\SysWOW64\ntmarta.dll - ok
13:30:30.0351 0x0a38  [ A8BB45F9ECAD993461E0FEF8E2A99152, ACB756EA54E71F124D928829666B5B439785593877FF7C0C76ADCF954F4E6C94 ] C:\Windows\SysWOW64\Wldap32.dll
13:30:30.0351 0x0a38  C:\Windows\SysWOW64\Wldap32.dll - ok
13:30:30.0351 0x0a38  [ 2BBF3FDB70B8965DFA0258CBAB41ECCE, 4EFA41765E46E90C6CBDB0DC1E0CD375D7AB3307C477171EBAA6A16AC32E5211 ] C:\Windows\System32\ssdpapi.dll
13:30:30.0351 0x0a38  C:\Windows\System32\ssdpapi.dll - ok
13:30:30.0367 0x0a38  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] C:\Windows\System32\drivers\srvnet.sys
13:30:30.0367 0x0a38  C:\Windows\System32\drivers\srvnet.sys - ok
13:30:30.0367 0x0a38  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] C:\Windows\System32\drivers\tcpipreg.sys
13:30:30.0367 0x0a38  C:\Windows\System32\drivers\tcpipreg.sys - ok
13:30:30.0382 0x0a38  [ BCEA9AB347E53BC03B2E36BE0B8BA0EF, 868DEFB78767E91694E83F931725257DF3FF79A4BFED3B914D27F3493EB7A8D0 ] C:\Windows\System32\httpapi.dll
13:30:30.0382 0x0a38  C:\Windows\System32\httpapi.dll - ok
13:30:30.0382 0x0a38  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] C:\Windows\System32\sysmain.dll
13:30:30.0382 0x0a38  C:\Windows\System32\sysmain.dll - ok
13:30:30.0398 0x0a38  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] C:\Windows\System32\tapisrv.dll
13:30:30.0398 0x0a38  C:\Windows\System32\tapisrv.dll - ok
13:30:30.0398 0x0a38  [ 418E881201583A3039D81F43E39E6C78, C96AAC161E09BE12815A4E931E65F66DB1A456C03253EF1111AE66F44B1515FF ] C:\Windows\SysWOW64\winsta.dll
13:30:30.0398 0x0a38  C:\Windows\SysWOW64\winsta.dll - ok
13:30:30.0413 0x0a38  [ 4EDB186C455CDEADA24A708AAB884AE3, 836B3176A4A1B57F89D5B950BDA2F6C6F785899ED54632D8CF35DF55B364DB81 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
13:30:30.0413 0x0a38  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
13:30:30.0413 0x0a38  [ 7A0E9E476396572ADD3BFC7639998299, 91C20075C2A3F55A080EC34C75E7B4653ABF48C756514DEBE60599FDF550AE71 ] C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
13:30:30.0413 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe - ok
13:30:30.0429 0x0a38  [ 863F793D15B4026B1A5FDECA873D4D84, AF7ABD95BB5467551562F129F03C7AC9D52A021F7E547609F40A80E66932C942 ] C:\Windows\SysWOW64\apphelp.dll
13:30:30.0429 0x0a38  C:\Windows\SysWOW64\apphelp.dll - ok
13:30:30.0429 0x0a38  [ D1D5DAB39DCB4BE0359943738D87409B, 0BA45FE28568E852502879AE83C081517BB8103359BD5783328833EC59A54681 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
13:30:30.0429 0x0a38  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe - ok
13:30:30.0445 0x0a38  [ 57A6362D71B5003C48EE21F2DBB624B1, E6480D1F219BF3F8E7AC8347A8C50E48632B7BBC9618EEB36DAEA1079AA770B5 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
13:30:30.0445 0x0a38  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
13:30:30.0445 0x0a38  [ 352B3DC62A0D259A82A052238425C872, 393B24E0D6007C74AEE2FB2EE2C18623D37DF64E279B6767952DCFEE0EACBB10 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
13:30:30.0445 0x0a38  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
13:30:30.0460 0x0a38  [ 5EB6E9C8BE1ACC5830780E0F9A846255, AC5EDC6DBC9CA204584E35878E18F6524DE002CE3D90657C37599790A5DDD1F1 ] C:\Windows\System32\msi.dll
13:30:30.0460 0x0a38  C:\Windows\System32\msi.dll - ok
13:30:30.0460 0x0a38  [ 43964FA89CCF97BA6BE34D69455AC65F, 10E3B89A5470E1BB6F73382135DD2352F5073C1EE8485D7476CFB5122D4AAA2F ] C:\Windows\SysWOW64\uxtheme.dll
13:30:30.0460 0x0a38  C:\Windows\SysWOW64\uxtheme.dll - ok
13:30:30.0476 0x0a38  [ 39C5F32747B3414D1BB216FDB1DEFC58, 6FAE64CB9748304090113903A5AE9E7154BE16BA2EEA7AB3EF04AB9D79B81380 ] C:\Windows\SysWOW64\dwmapi.dll
13:30:30.0476 0x0a38  C:\Windows\SysWOW64\dwmapi.dll - ok
13:30:30.0476 0x0a38  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] C:\Windows\System32\wbem\WMIsvc.dll
13:30:30.0476 0x0a38  C:\Windows\System32\wbem\WMIsvc.dll - ok
13:30:30.0491 0x0a38  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:30:30.0491 0x0a38  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
13:30:30.0491 0x0a38  [ 7DB5AA22A8A8E5C2D335F44853C1F6DE, A734A20357026C42950394682A52CBC3AF956D09F1949E1B4E95467E999BC428 ] C:\Windows\System32\wbemcomn.dll
13:30:30.0491 0x0a38  C:\Windows\System32\wbemcomn.dll - ok
13:30:30.0507 0x0a38  [ 93812FDC01AA864195816CD814445F95, E5CB2576DA2905177AFD342DBE63E17CF626F93F430DEBC55155C18C60166BEE ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
13:30:30.0507 0x0a38  C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
13:30:30.0507 0x0a38  [ B837D1528CE2E3CB79F09496BC08DDC6, ACD54CE61CFE94F23DC283537AD8FFBEB3D6041BD30317B60BA7A10FCB240A27 ] C:\Windows\System32\SensApi.dll
13:30:30.0507 0x0a38  C:\Windows\System32\SensApi.dll - ok
13:30:30.0523 0x0a38  [ 9689A9C7F7C2A1A423CDA2C3B43FFF65, 914AD22D98975578BC14D821F72E8DFCE24F2092F9C299D24EBBAF5408FE8B8B ] C:\Windows\System32\wer.dll
13:30:30.0523 0x0a38  C:\Windows\System32\wer.dll - ok
13:30:30.0523 0x0a38  [ A0A65D306A5490D2EB8E7DE66898ECFD, CE5DA408F4EDD5E81CE0925867F03C9A35172CF1571FE4C4C052E45AB69822BB ] C:\Windows\System32\linkinfo.dll
13:30:30.0523 0x0a38  C:\Windows\System32\linkinfo.dll - ok
13:30:30.0538 0x0a38  [ 0255C22D99602534F15CBB8D9B6F152F, 43CD89D6CA56E0B633142F7C86DA9E072EE0723B5EBC4CE8CCBCA58C396ECF54 ] C:\Windows\System32\wbem\WinMgmtR.dll
13:30:30.0538 0x0a38  C:\Windows\System32\wbem\WinMgmtR.dll - ok
13:30:30.0538 0x0a38  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] C:\Windows\System32\drivers\srv2.sys
13:30:30.0538 0x0a38  C:\Windows\System32\drivers\srv2.sys - ok
13:30:30.0554 0x0a38  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] C:\Windows\System32\rasmans.dll
13:30:30.0554 0x0a38  C:\Windows\System32\rasmans.dll - ok
13:30:30.0554 0x0a38  [ 0C52762C606BCF6A377D5E4688191A6B, C58C9A73AD07E3B93AB186D0D47C5F1CB7197771DBEE40646C3B801645BB388F ] C:\Windows\System32\wbem\WmiDcPrv.dll
13:30:30.0554 0x0a38  C:\Windows\System32\wbem\WmiDcPrv.dll - ok
13:30:30.0569 0x0a38  [ 65EA57712340C09B1B0C427B4848AE05, 5FDCF73191BFF9DBB03886755FFCF0BC15849F0E216884A5A8B9BB375FA7C1A5 ] C:\Windows\System32\taskeng.exe
13:30:30.0569 0x0a38  C:\Windows\System32\taskeng.exe - ok
13:30:30.0569 0x0a38  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] C:\Windows\System32\drivers\srv.sys
13:30:30.0569 0x0a38  C:\Windows\System32\drivers\srv.sys - ok
13:30:30.0585 0x0a38  [ A3F5E8EC1316C3E2562B82694A251C9E, F3DC6AA6A9D3B5BBC730668FC52C1D4BB5D515D404578BDDD3D4869A7ED58822 ] C:\Windows\System32\wbem\fastprox.dll
13:30:30.0585 0x0a38  C:\Windows\System32\wbem\fastprox.dll - ok
13:30:30.0585 0x0a38  [ 44C96B48112EB24AE7764EBF1C527000, 6691D008C834686906B4841EF27604B0F0E70E668C09CEE19369426BF168AF44 ] C:\Windows\System32\rastapi.dll
13:30:30.0585 0x0a38  C:\Windows\System32\rastapi.dll - ok
13:30:30.0601 0x0a38  [ 7523E7D2AB0C49585C0C199264B2BD73, C8E2E0DE2DB7CBC3DD86D4A4A7CB36848B38F8D108DA260C4165F154297BE6DA ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
13:30:30.0601 0x0a38  C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
13:30:30.0601 0x0a38  [ FAFAE01E889DC9C05A6CA2138CFC220B, 192CFDE3593ED0A9B397461D912074C0F062015C23E6F6658571C7C2864D9A51 ] C:\Windows\System32\tapi32.dll
13:30:30.0601 0x0a38  C:\Windows\System32\tapi32.dll - ok
13:30:30.0616 0x0a38  [ F0D0E883EBBDC7615DC9EDEA0FFB2817, 58F1395445018CB16ED4D3710443FB5B0E087043F6A69F7B10D72D0455958954 ] C:\Windows\SysWOW64\FWPUCLNT.DLL
13:30:30.0616 0x0a38  C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
13:30:30.0616 0x0a38  [ 659E04E74135927CA6D7BC5E75C84417, 635CAF4AA78ACFBA30F855C82EFA696E826D710011E960E39817EE0CB6975149 ] C:\Windows\SysWOW64\TSChannel.dll
13:30:30.0616 0x0a38  C:\Windows\SysWOW64\TSChannel.dll - ok
13:30:30.0632 0x0a38  [ E3E811471DE781900FF21C1FD84E941E, 2A47FF52D1D6480AAD1919382E783EA184BF926311F8C7E466FEBE9F6FB88FD6 ] C:\Windows\SysWOW64\ntdsapi.dll
13:30:30.0632 0x0a38  C:\Windows\SysWOW64\ntdsapi.dll - ok
13:30:30.0632 0x0a38  [ E4561704CBFA193761743E5AF746C669, DCABD67A2B988BEF70BDD0613B4271BCFD572FAF8018CFA2EA60B8AEFE08C73B ] C:\Windows\SysWOW64\msxml3.dll
13:30:30.0632 0x0a38  C:\Windows\SysWOW64\msxml3.dll - ok
13:30:30.0647 0x0a38  [ EE26D130808D16C0E417BBBED0451B34, 4886DCE4FAEF146A40BABD492A8000A2022FEA542A6135A9BAFD4CD09297B4E5 ] C:\Windows\System32\ntdsapi.dll
13:30:30.0647 0x0a38  C:\Windows\System32\ntdsapi.dll - ok
13:30:30.0647 0x0a38  [ 805A52C5AE26C28E88FDD9BCCFE6F312, 4FF28D3658C31722B7DD036DED9D544B14841C0E0B94D31A8EC5AB92128DA020 ] C:\Windows\System32\TSChannel.dll
13:30:30.0647 0x0a38  C:\Windows\System32\TSChannel.dll - ok
13:30:30.0663 0x0a38  [ 0D298133C359AB8CB9EB4FA178BF3947, C876CE5E463BB116E41D1C90105D75F2DFCAEBF5FDE2A68AED0D2988470CEB31 ] C:\Windows\System32\msxml3.dll
13:30:30.0663 0x0a38  C:\Windows\System32\msxml3.dll - ok
13:30:30.0663 0x0a38  [ 377F0C1DDBFA6A43CB7E7568BC0ECED0, 51C080068A3943B2950E16828EBBB181EF27BD007251916A556FA4B8FF64A826 ] C:\Windows\SysWOW64\unimdm.tsp
13:30:30.0663 0x0a38  C:\Windows\SysWOW64\unimdm.tsp - ok
13:30:30.0679 0x0a38  [ C5B0324DB461559ADD070E632A6919FA, AB09CACB5B7DD372B27921A5E01220552A611CECA27EF87961001FA467FDED45 ] C:\Windows\SysWOW64\wbem\wbemprox.dll
13:30:30.0679 0x0a38  C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
13:30:30.0679 0x0a38  [ 666A60F6F5E719856FF6254E0966EFF7, 58C072E7E215991E19C1CA062C476081982F7B9F039714539AE7FEB4981C200F ] C:\Windows\System32\wbem\wbemprox.dll
13:30:30.0679 0x0a38  C:\Windows\System32\wbem\wbemprox.dll - ok
13:30:30.0694 0x0a38  [ D2A0FFA75AB181B19B5EB93BB29C7686, AC282D5EFFB191492F14638EB80F18E53C4A3D26C94A00A949366B3564D6C3E2 ] C:\Windows\System32\unimdm.tsp
13:30:30.0694 0x0a38  C:\Windows\System32\unimdm.tsp - ok
13:30:30.0694 0x0a38  [ 13337A3FB17F2242487FD45488ED0485, C174F8652118876494336AB88A65D594E0E6CCBAB20CC6BA08E6B253855A01CA ] C:\Windows\SysWOW64\vssapi.dll
13:30:30.0694 0x0a38  C:\Windows\SysWOW64\vssapi.dll - ok
13:30:30.0710 0x0a38  [ EDF2A5E96BEC469DA3F64E9BDD386111, 63C91BBDFA2E087293B010A4E45625FBD1BFCAF655BFADE2F8B1C36CF804B118 ] C:\Windows\SysWOW64\xmllite.dll
13:30:30.0710 0x0a38  C:\Windows\SysWOW64\xmllite.dll - ok
13:30:30.0710 0x0a38  [ B940289C83121046BD6A60ACC6028593, EBD1C2C0A8EBB201924536AB5C6E032C12B9E081A153CC079748E1D6D625F0DF ] C:\Windows\SysWOW64\vsstrace.dll
13:30:30.0710 0x0a38  C:\Windows\SysWOW64\vsstrace.dll - ok
13:30:30.0725 0x0a38  [ 18241B306D544664895626E945C91FC6, 83F9E7BB7E3673B2B4B774BC97FE8C878D3261E7A0FD7B7A0CA552A9BA8737DF ] C:\Users\Admin\Documents\My Downloads\unblock-us.exe
13:30:30.0725 0x0a38  C:\Users\Admin\Documents\My Downloads\unblock-us.exe - ok
13:30:30.0725 0x0a38  [ 68ECCA523ED760AAFC03C5D587569859, CDD734279C8F9F24EA2538BAD8E91EB8C3DD74C33032DB6B2D85C19576B42707 ] C:\Windows\SysWOW64\samcli.dll
13:30:30.0725 0x0a38  C:\Windows\SysWOW64\samcli.dll - ok
13:30:30.0741 0x0a38  [ C30A3E5DEEEBA22E782AC54C5AF5F352, 80939A7B5354032256706C6CA0C3CCC7E67CD1C1C81EAEA2CBC74997C0863662 ] C:\Windows\SysWOW64\samlib.dll
13:30:30.0741 0x0a38  C:\Windows\SysWOW64\samlib.dll - ok
13:30:30.0741 0x0a38  [ 5EB55F661DEBF156E126160BCD4D89F8, 948D1F627AA55D55FB3B558BA61B8366C5481A6041820631F24408F75EA5D2CC ] C:\Windows\System32\wbem\wbemcore.dll
13:30:30.0741 0x0a38  C:\Windows\System32\wbem\wbemcore.dll - ok
13:30:30.0757 0x0a38  [ 5AE88135C6A86FCD67BA16AFBB1C8389, 0FC750B5C84F1AFBE93E8A23410360F4B068D367A9AF6FF2E3F6160DA5005DE5 ] C:\Windows\SysWOW64\wbem\esscli.dll
13:30:30.0757 0x0a38  C:\Windows\SysWOW64\wbem\esscli.dll - ok
13:30:30.0757 0x0a38  [ 087D8668C71634A3A3761135ABF16EEE, B7348A63299CFF4FFBF375E645A4850AE0F108D48D13AB25434CFAE7CF3D61FD ] C:\Windows\System32\wbem\esscli.dll
13:30:30.0757 0x0a38  C:\Windows\System32\wbem\esscli.dll - ok
13:30:30.0772 0x0a38  [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A, 61B4D669C692775EF361445293163E84FAD8636AC49C8047BE806DB4E4093291 ] C:\Windows\SysWOW64\wbem\fastprox.dll
13:30:30.0772 0x0a38  C:\Windows\SysWOW64\wbem\fastprox.dll - ok
13:30:30.0772 0x0a38  [ 776AE0564F8B1C282E331FD95A1BDC5F, 601CFCA3922FFEA46A54AD323845A76A12FC6AF9FF64E9B0AE294FBB1AFCF4CB ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
13:30:30.0772 0x0a38  C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
13:30:30.0788 0x0a38  [ 718B6F51AB7F6FE2988A36868F9AD3AB, 76141B4E94C2766E2C34CEF523092948771A7893212EFADBE88D2171B85FF012 ] C:\Windows\System32\wbem\wbemsvc.dll
13:30:30.0788 0x0a38  C:\Windows\System32\wbem\wbemsvc.dll - ok
13:30:30.0788 0x0a38  [ 5610B0425518D185331CB8E968D060E6, E235186C3BF266EE9EC733D2CFF35E3A65DE039C19B14260F4054F34B5E8AD41 ] C:\Windows\SysWOW64\wbem\wmiutils.dll
13:30:30.0788 0x0a38  C:\Windows\SysWOW64\wbem\wmiutils.dll - ok
13:30:30.0803 0x0a38  [ 0143DB80DACFB7C2B5B7009ED9063353, 252885CF7C1BAB89B86908373546E5F5D674BEF7AACBDDCF321AD877CB9150A9 ] C:\Windows\System32\wbem\wmiutils.dll
13:30:30.0803 0x0a38  C:\Windows\System32\wbem\wmiutils.dll - ok
13:30:30.0819 0x0a38  [ 0AB34456654C283DAA13B8D2BA21439B, 4B70FC5195DE39564E951C8542020BA3D4257E3D4488F69825F67A6099CB7549 ] C:\Windows\System32\wbem\repdrvfs.dll
13:30:30.0819 0x0a38  C:\Windows\System32\wbem\repdrvfs.dll - ok
13:30:30.0819 0x0a38  [ 372948BB5E41CE42341C4398DE572E56, A12A3CB0C04FD02A17E202FEE79EA1B4009DAE4B5DB8B9B9D4919D1FFB270CF3 ] C:\Windows\SysWOW64\secur32.dll
13:30:30.0819 0x0a38  C:\Windows\SysWOW64\secur32.dll - ok
13:30:30.0835 0x0a38  [ E675DE8CF57D8814218733B3DAE896D7, 7B3A8E43E77017C49E4FDC0B0085B8FE7F187B1050C8779EEFD4FAE693AD3E04 ] C:\Windows\SysWOW64\uniplat.dll
13:30:30.0835 0x0a38  C:\Windows\SysWOW64\uniplat.dll - ok
13:30:30.0835 0x0a38  [ 94B7DF336815B47236724019FAB24B7C, 43549F1FB89D0585A0E0333BB8E1DDED2EBD0F3C0EC3EA93B238EA037188AA41 ] C:\Windows\System32\uniplat.dll
13:30:30.0835 0x0a38  C:\Windows\System32\uniplat.dll - ok
13:30:30.0850 0x0a38  [ DDD0357A92FA843EFF8915ED17253D6C, 0C78B1D41F0A7821186ADF653504F2BFF067CB512CB0E932047C301378BBADB6 ] C:\Windows\System32\wbem\WmiPrvSD.dll
13:30:30.0850 0x0a38  C:\Windows\System32\wbem\WmiPrvSD.dll - ok
13:30:30.0850 0x0a38  [ 2A46FFE841EC43001D5A293A54DB34DE, 8ED96FA434B48B0C1772195ED477536960C84CAFCE9A9A43543DFFA85483B00D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
13:30:30.0850 0x0a38  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
13:30:30.0866 0x0a38  [ F3FB146CDBDD26FCD0CF7941C547BEE4, 5C2EB4AAE09DA490D9581DB389B19E371A617E4A4C747DA4C11F641473A8B622 ] C:\Windows\SysWOW64\kmddsp.tsp
13:30:30.0866 0x0a38  C:\Windows\SysWOW64\kmddsp.tsp - ok
13:30:30.0866 0x0a38  [ 704314FD398C81D5F342CAA5DF7B7F21, CDA660E1E8AAE0789780B6B9604B138E67B2BDD1404A5E4C2354B35879D43085 ] C:\Windows\SysWOW64\wbemcomn.dll
13:30:30.0866 0x0a38  C:\Windows\SysWOW64\wbemcomn.dll - ok
13:30:30.0881 0x0a38  [ A4CC7227A452C4909F9499D91B184364, 56111E57D17553BE3EAB8DA2DC42C7132E4458549AFFC08975B7A7204D8F5E76 ] C:\Windows\SysWOW64\ncobjapi.dll
13:30:30.0881 0x0a38  C:\Windows\SysWOW64\ncobjapi.dll - ok
13:30:30.0881 0x0a38  [ D41FEBD098234F02485A4EA98D4730A4, 462DC8168C444F35B43BA3B8F7D77734665D84F1C6D25CAD7391C0145961628F ] C:\Windows\System32\ncobjapi.dll
13:30:30.0881 0x0a38  C:\Windows\System32\ncobjapi.dll - ok
13:30:30.0897 0x0a38  [ 4E5FE39C1076D115EC8BFCFE14D75B80, F1D02BCA6F664DCDD0CCDE269D31787C7553CD38C7208A8DD8B80B9EA09FEB1C ] C:\Windows\SysWOW64\credssp.dll
13:30:30.0897 0x0a38  C:\Windows\SysWOW64\credssp.dll - ok
13:30:30.0897 0x0a38  [ 41326DD08ACC0CDC5F8177AF96C066E8, 9C21BB553EEDD28272E865396C9EF94655EC1CF216290A56581AEF7908B7AFDD ] C:\Windows\System32\kmddsp.tsp
13:30:30.0897 0x0a38  C:\Windows\System32\kmddsp.tsp - ok
13:30:30.0913 0x0a38  [ 6F40D6FB05E0C1E5402812B426971AF0, E41F138F0F2DB057F8DBB1587237C6FA8A2059B3D64EC894D1DC492A18DBBDED ] C:\Windows\System32\wbem\wbemess.dll
13:30:30.0913 0x0a38  C:\Windows\System32\wbem\wbemess.dll - ok
13:30:30.0913 0x0a38  [ 919001D2BB17DF06CA3F8AC16AD039F6, 5169ACFBE9E9D4C4012773ECDD28231C952675EF0C272A40F226E7B5D671B18B ] C:\Windows\SysWOW64\sxs.dll
13:30:30.0913 0x0a38  C:\Windows\SysWOW64\sxs.dll - ok
13:30:30.0928 0x0a38  [ 5997D769CDB108390DCFAEBF442BF816, 0E25CA984C0EEB629184423FAA9BC6D4356DF9A93F281E06DC83B4AC638AEC4A ] C:\Windows\SysWOW64\RpcRtRemote.dll
13:30:30.0928 0x0a38  C:\Windows\SysWOW64\RpcRtRemote.dll - ok
13:30:30.0928 0x0a38  [ B26B5EB92C3D91885CC8595B03DFB3DB, 673BE03CC0D943D1289D0322AA6E3CF8FF747BF41957F5001287297BE6AF413C ] C:\Program Files\Microsoft Security Client\MpAsDesc.dll
13:30:30.0928 0x0a38  C:\Program Files\Microsoft Security Client\MpAsDesc.dll - ok
13:30:30.0944 0x0a38  [ AA11A26692E0DB2996CAEFE9EC61F61F, 16E3858BC3F82196888AC8F1EDB3EA71F10CC2E7381C5EDB28AAAE7464BA2101 ] C:\Windows\SysWOW64\ndptsp.tsp
13:30:30.0944 0x0a38  C:\Windows\SysWOW64\ndptsp.tsp - ok
13:30:30.0944 0x0a38  [ 99B9343280AF6A4C0F27CF2E28E94BBF, 0E29E05E893B2516A1BB5B1D5B7AC91BB55E2B5D463C8C50765328C10BCEA67E ] C:\Windows\SysWOW64\dssenh.dll
13:30:30.0944 0x0a38  C:\Windows\SysWOW64\dssenh.dll - ok
13:30:30.0959 0x0a38  [ 1D6BC2769DA66C1145F4DA5A65F52E61, B38EFF16652E751BF3B3BD85DA6EA33AB9B7F4228C59F741074E33085DB66ED0 ] C:\Windows\System32\ndptsp.tsp
13:30:30.0959 0x0a38  C:\Windows\System32\ndptsp.tsp - ok
13:30:30.0959 0x0a38  [ 9A85ABCE0FDD1AF8E79E731EB0B679F3, 2A610BEB16610FE2F2E9A50477A62A05481E8A5843A814955A0EDFF45D0304B3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
13:30:30.0959 0x0a38  C:\Windows\SysWOW64\dhcpcsvc.dll - ok
13:30:30.0975 0x0a38  [ F11A57E91FDAECFB41A5CB21EB1EBC8E, 904DA963F2274ADF521660E3131DAC781E59C6FAEB393E57802A3B5638C09283 ] C:\Windows\System32\dssenh.dll
13:30:30.0975 0x0a38  C:\Windows\System32\dssenh.dll - ok
13:30:30.0975 0x0a38  [ 81F6C1AE23B1C493D9E996C3103915D7, E22408B4D2EDE2F89E686A4FDCD4057BE27B86D050E9CB489F0FFB39C72AEC1D ] C:\Windows\SysWOW64\dhcpcsvc6.dll
13:30:30.0975 0x0a38  C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
13:30:30.0991 0x0a38  [ E2F6CC0D191361EE94FEA3957653F531, 381EF83253C85F3C27592578F965EA831C878A71835B25F1E3478C0F8B8B0F06 ] C:\Windows\SysWOW64\hidphone.tsp
13:30:30.0991 0x0a38  C:\Windows\SysWOW64\hidphone.tsp - ok
13:30:30.0991 0x0a38  [ A8CDF3768604FF95B54669E20053D569, 2DB85B86C839341F2A879A6D25F787D17EE665D425C1BAC3E1F82BAC61F89F94 ] C:\Windows\SysWOW64\wscapi.dll
13:30:30.0991 0x0a38  C:\Windows\SysWOW64\wscapi.dll - ok
13:30:31.0006 0x0a38  [ 218A400108F280428FA22282D3268BBC, 7712687ABAEF6616E90AE5A321044C102E79EC23F4A1EAFB4278C93724873CB3 ] C:\Windows\System32\wscapi.dll
13:30:31.0006 0x0a38  C:\Windows\System32\wscapi.dll - ok
13:30:31.0006 0x0a38  [ 73E8667A19FEEDD856DF2695E9E511D4, 68D66C36D1F293D10ADCC6A33C870F989A29743537592CF172F02E794BEAFD1C ] C:\Windows\SysWOW64\wship6.dll
13:30:31.0006 0x0a38  C:\Windows\SysWOW64\wship6.dll - ok
13:30:31.0022 0x0a38  [ B40420876B9288E0A1C8CCA8A84E5DC9, 0D3C73B45BC708D7B1E26DFB6D4F64031A998548FEA0FB5CE198ED716F7DC9A0 ] C:\Windows\SysWOW64\dnsapi.dll
13:30:31.0022 0x0a38  C:\Windows\SysWOW64\dnsapi.dll - ok
13:30:31.0022 0x0a38  [ 7C1BAE7D23D4874FEE256A2B9C00E019, 4EE87C2F0CACE557AA159349133474A5857B6667DDB976BA5A18489A3333F798 ] C:\Windows\System32\hidphone.tsp
13:30:31.0022 0x0a38  C:\Windows\System32\hidphone.tsp - ok
13:30:31.0037 0x0a38  [ 63DF770DF74ACB370EF5A16727069AAF, B8F96336BF87F1153C245D19606CBD10FBE7CF2795BCC762F2A1B57CB7C39116 ] C:\Windows\SysWOW64\hid.dll
13:30:31.0037 0x0a38  C:\Windows\SysWOW64\hid.dll - ok
13:30:31.0037 0x0a38  [ ED6EE83D61EBC683C2CD8E899EA6FEBE, F82592908D038C44D9F2E5C5B7BC663A2D370FC565F40420E1138A9E55F0E7EB ] C:\Windows\SysWOW64\rasadhlp.dll
13:30:31.0037 0x0a38  C:\Windows\SysWOW64\rasadhlp.dll - ok
13:30:31.0053 0x0a38  [ 67F9B5C7E215B48F9256757E9CC09A7B, 77AA3D9978B78073EF82765CC6F0EBF0E6A08FD30E8E6D2FBF01B21F2B695F25 ] C:\Windows\SysWOW64\rasppp.dll
13:30:31.0053 0x0a38  C:\Windows\SysWOW64\rasppp.dll - ok
13:30:31.0053 0x0a38  [ A717A35120DBAB5AB707AB40662AF9DD, DE117E70D0AC7FC26BBCEAAB45A0270A1065B36CC8B062B4128B561F2AAA9E04 ] C:\Windows\System32\rasppp.dll
13:30:31.0053 0x0a38  C:\Windows\System32\rasppp.dll - ok
13:30:31.0069 0x0a38  [ 839F96DBAAFD3353E0B248A5E0BD2A51, 11DA5AD3EA5FF4766C12B99FB520B3CBE08581ECAF1A2FD1DC5AC835CA78FAC2 ] C:\Windows\SysWOW64\rasapi32.dll
13:30:31.0069 0x0a38  C:\Windows\SysWOW64\rasapi32.dll - ok
13:30:31.0069 0x0a38  [ FFA7172354B9256DBB2CDD75F16F33FE, 85B2F014C67C2E52540F17D561793C6633C9E98F12639CCD3854EB1EC34DD035 ] C:\Windows\SysWOW64\rasman.dll
13:30:31.0069 0x0a38  C:\Windows\SysWOW64\rasman.dll - ok
13:30:31.0084 0x0a38  [ AA6F6457116B559B76BC6A012CB4C293, 87888451759EECCEA178BDB23AE48EEA534202AC40ED0DD83474ED7CE557C9F1 ] C:\Windows\SysWOW64\schannel.dll
13:30:31.0084 0x0a38  C:\Windows\SysWOW64\schannel.dll - ok
13:30:31.0084 0x0a38  [ 5A5FEDDF02588B8F9FE4A95E5E7EAE97, 364A2DC446E9AB091A216D0EED559CEA334AA46EC0BC693CBD6CE1DE0F89317B ] C:\Windows\SysWOW64\eappcfg.dll
13:30:31.0084 0x0a38  C:\Windows\SysWOW64\eappcfg.dll - ok
13:30:31.0100 0x0a38  [ 2F040CF0613A6D64DCBBA9EE81F5A5AE, DA16117429AF47230CD7C136407C81951B8D2E45A8B7A9DC6948407AA2EC4ADD ] C:\Windows\SysWOW64\dsrole.dll
13:30:31.0100 0x0a38  C:\Windows\SysWOW64\dsrole.dll - ok
13:30:31.0100 0x0a38  [ 0FE5CD5F9C9248F42D1EF56E495B182E, 1EBD40C119A3D3251A19A8D15669D9DCB5D3CFBC3AFCF1CD00101C31320243E1 ] C:\Windows\System32\vpnike.dll
13:30:31.0100 0x0a38  C:\Windows\System32\vpnike.dll - ok
13:30:31.0115 0x0a38  [ AD7FB087A238883D1618F29F7BBBD584, D9541CA4D2AADFEEEC195863133B16C2EC94CA63F842F5646F7834F2D0E85FF3 ] C:\Windows\SysWOW64\ncrypt.dll
13:30:31.0115 0x0a38  C:\Windows\SysWOW64\ncrypt.dll - ok
13:30:31.0115 0x0a38  [ CE71B9119A258EDD0A05B37D7B0F92E3, D9310C5BBFE089B8C81E259C462EC1E6D7A7A87FA59FC1F174ED5C58D409AE7A ] C:\Windows\SysWOW64\bcrypt.dll
13:30:31.0115 0x0a38  C:\Windows\SysWOW64\bcrypt.dll - ok
13:30:31.0131 0x0a38  [ BDA0B954A30498B5A7EDC6204CBA07ED, B14AC33E649F02AEC7ED9237DF6EB1801506C3066B0DACC8EBC4660D408AF614 ] C:\Windows\SysWOW64\kerberos.dll
13:30:31.0131 0x0a38  C:\Windows\SysWOW64\kerberos.dll - ok
13:30:31.0131 0x0a38  [ E8449FE262D7406BCB2AC2A45C53EC5F, 6C118C9FB26404D1943824CF3990F36E12986547FFACB7CC0DF975A913065D78 ] C:\Windows\SysWOW64\bcryptprimitives.dll
13:30:31.0131 0x0a38  C:\Windows\SysWOW64\bcryptprimitives.dll - ok
13:30:31.0147 0x0a38  [ 1128637CAD49A8E3C8B5FA5D0A061525, 6B80E50D8296F9E2C978CC6BC002B964ACFD8F4BCF623F4770513792845B5278 ] C:\Windows\SysWOW64\cryptdll.dll
13:30:31.0147 0x0a38  C:\Windows\SysWOW64\cryptdll.dll - ok
13:30:31.0147 0x0a38  [ 207CF171B1C6B8AE50C1FBF87363EEBC, C1ACACB32A63B52A08AF2A52B4736B9D737116AEEBD51C28EAE804A03497642A ] C:\Windows\SysWOW64\raschap.dll
13:30:31.0147 0x0a38  C:\Windows\SysWOW64\raschap.dll - ok
13:30:31.0162 0x0a38  [ 6A84E68B538B8B04608BF2F0D426CE6F, 59CE1C06364D1BBEE853DA4AEC1E8B678D6E181723ACCF6DB9F9776CAD47BBDA ] C:\Windows\System32\raschap.dll
13:30:31.0162 0x0a38  C:\Windows\System32\raschap.dll - ok
13:30:31.0162 0x0a38  [ E9BB0CD09DA17C71FD1B9954D75AEEF7, FF5E2F04F1FD56FDD19368150B5750275F0A44E9EA9820C8087E84ECBBF45286 ] C:\Windows\SysWOW64\credui.dll
13:30:31.0162 0x0a38  C:\Windows\SysWOW64\credui.dll - ok
13:30:31.0178 0x0a38  [ 8EA53101FF2B15BDFF934B62A8FB326D, E28536A4AC6764C2480EF047AF2312AE2600819899C3E33B486CFE19F25AC464 ] C:\Windows\SysWOW64\logoncli.dll
13:30:31.0178 0x0a38  C:\Windows\SysWOW64\logoncli.dll - ok
13:30:31.0178 0x0a38  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] C:\Windows\System32\srvsvc.dll
13:30:31.0178 0x0a38  C:\Windows\System32\srvsvc.dll - ok
13:30:31.0193 0x0a38  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] C:\Windows\System32\browser.dll
13:30:31.0193 0x0a38  C:\Windows\System32\browser.dll - ok
13:30:31.0193 0x0a38  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] C:\Windows\System32\ipnathlp.dll
13:30:31.0193 0x0a38  C:\Windows\System32\ipnathlp.dll - ok
13:30:31.0193 0x0a38  [ D4191EFAB91E00FC09257AA5EBAF503B, 161B572CF4C65984EAFDBA95357373BC712AA414B52DDA23523F84151240E337 ] C:\Windows\SysWOW64\mprapi.dll
13:30:31.0209 0x0a38  C:\Windows\SysWOW64\mprapi.dll - ok
13:30:31.0209 0x0a38  [ 2DF29664ED261F0FC448E58F338F0671, 4EFE79C383D0AF126FC4EE668D822563F8F037B1E61D73747A35FE11AAFDB8CE ] C:\Windows\System32\mprapi.dll
13:30:31.0209 0x0a38  C:\Windows\System32\mprapi.dll - ok
13:30:31.0209 0x0a38  [ EAB975DB4C2805927FE5BD047D05C9AA, 8F5497B1A2652B5EAA5D35BD314B5F90C5140207427DAE6068D665FA44D3FD56 ] C:\Windows\SysWOW64\netshell.dll
13:30:31.0225 0x0a38  C:\Windows\SysWOW64\netshell.dll - ok
13:30:31.0225 0x0a38  [ A42F2C1EB3B66C54FB3C7B79D30C1A6D, A63836DB3B01835DC1311526A95198D6EBCCB1DC9DDAFBC38EC36C128CDB98B9 ] C:\Windows\System32\netshell.dll
13:30:31.0225 0x0a38  C:\Windows\System32\netshell.dll - ok
13:30:31.0225 0x0a38  [ 0BA65122FFA7E37564EE86422DBF7AE8, 3A37FC503D3228D021473AECA285427382518CC36C197E4C9912745BDF3AB757 ] C:\Windows\SysWOW64\nlaapi.dll
13:30:31.0225 0x0a38  C:\Windows\SysWOW64\nlaapi.dll - ok
13:30:31.0240 0x0a38  [ E4B72E71EC37A59FE574A998A0C0EB9B, C17B06C936FC47B6AA5221ABF1DDE283F59E5751BEE9CDBCCBAF25CD4E7232AD ] C:\Windows\SysWOW64\netmsg.dll
13:30:31.0240 0x0a38  C:\Windows\SysWOW64\netmsg.dll - ok
13:30:31.0240 0x0a38  [ CFEFA40DDE34659BE5211966EAD86437, AC0A3AD8AA47012C40785013E2273FC571F416BC9C9FFDA418FE72B3123C1FB0 ] C:\Windows\System32\netmsg.dll
13:30:31.0240 0x0a38  C:\Windows\System32\netmsg.dll - ok
13:30:31.0256 0x0a38  [ 6383C60EC0133B14F5705F96369421B2, EAB3FA2344B853148F199F744E716FBB8E9331B9DB588F784274599B6BCE2335 ] C:\Windows\SysWOW64\hnetcfg.dll
13:30:31.0256 0x0a38  C:\Windows\SysWOW64\hnetcfg.dll - ok
13:30:31.0256 0x0a38  [ 89E783711AF91AF09E1EF30EF3107446, CA91DABED7508A86A4AFA5F99A4A78D0BA3577168B04C8E3462FC4D55FA33FFD ] C:\Windows\SysWOW64\sscore.dll
13:30:31.0256 0x0a38  C:\Windows\SysWOW64\sscore.dll - ok
13:30:31.0271 0x0a38  [ FF80CAD87555E8E4D2CFD7B9058343F8, 07653773FBEC1996408B8507B08E0E1E812830063F932F897F4B39EE63DDCDC4 ] C:\Windows\System32\sscore.dll
13:30:31.0271 0x0a38  C:\Windows\System32\sscore.dll - ok
13:30:31.0271 0x0a38  [ 3F50200237961034FACE602373838980, F97D72CC75D921CF8F8E0544614407358AEFF97A8F48E4A89F82689EE8F2FC86 ] C:\Windows\SysWOW64\FirewallAPI.dll
13:30:31.0271 0x0a38  C:\Windows\SysWOW64\FirewallAPI.dll - ok
13:30:31.0287 0x0a38  [ AE9898D5600A232CD8AE3298692162E5, 8B94BA9C404B8A21CE023335960E77C73245FB30015161EEFF48573DDB7E6922 ] C:\Windows\SysWOW64\clusapi.dll
13:30:31.0287 0x0a38  C:\Windows\SysWOW64\clusapi.dll - ok
13:30:31.0287 0x0a38  [ 81749E073AC5857B044A686B406E5244, 3884EE705CA34235B29942FEDA8FEA654A21139B8C2A1D5E009C7D07D6E6ADF1 ] C:\Windows\System32\clusapi.dll
13:30:31.0287 0x0a38  C:\Windows\System32\clusapi.dll - ok
13:30:31.0303 0x0a38  [ 2AF094C822BD6094F14A8E85FB51D52A, F70A4FEC66E64245237D9D1A4C2C87168A26F224FCE648A3D7065E95259887D2 ] C:\Windows\SysWOW64\resutils.dll
13:30:31.0303 0x0a38  C:\Windows\SysWOW64\resutils.dll - ok
13:30:31.0303 0x0a38  [ 344FCC9850C3A8A3B4D3C65151AF8E4C, C38853454E153B1AB4AEAE1AAFB7CB4B2E6234208CF24C09F3B2AFE25E271C5C ] C:\Windows\System32\resutils.dll
13:30:31.0303 0x0a38  C:\Windows\System32\resutils.dll - ok
13:30:31.0318 0x0a38  [ 04B88428A872390D235BE52D38A9D4EF, F6954D514B67547738EB012456342D65289B0B18A0304BBAD5BDAA3436181C77 ] C:\Windows\SysWOW64\dot3api.dll
13:30:31.0318 0x0a38  C:\Windows\SysWOW64\dot3api.dll - ok
13:30:31.0318 0x0a38  [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2, E8ACB693B1A78FAEF292111BE3F9B10BA95C76833C06C931A08EAAAE39A21334 ] C:\Windows\System32\dot3api.dll
13:30:31.0318 0x0a38  C:\Windows\System32\dot3api.dll - ok
13:30:31.0334 0x0a38  [ F10E5311E5093FA3C00FF88C54C32FCA, B557F5B00D77F030850D9AAC0FFEFC4C2A759EC4081C8459C9DEAE51BAAACC65 ] C:\Windows\SysWOW64\atl.dll
13:30:31.0334 0x0a38  C:\Windows\SysWOW64\atl.dll - ok
13:30:31.0334 0x0a38  [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8, B1A9B2EF000917214C0198958CBD239D1D91B1720EC40DF041262A34D302AD74 ] C:\Windows\SysWOW64\winspool.drv
13:30:31.0334 0x0a38  C:\Windows\SysWOW64\winspool.drv - ok
13:30:31.0349 0x0a38  [ 8063046AA70B97CA9985672B8848FB2E, C7A7F2D216D1F0D7F28A22E4933DB3D821AC52CC2EF7AE8BA08D18104FCF8B81 ] C:\Windows\SysWOW64\wlanhlp.dll
13:30:31.0349 0x0a38  C:\Windows\SysWOW64\wlanhlp.dll - ok
13:30:31.0349 0x0a38  [ E4FCA0F99A41E460C84016DEFD31E6EF, 8EB14AF2025EADC7C86280E8417D8F286E8271B4F88B31696E33DFD72B3A0EF2 ] C:\Windows\System32\wlanhlp.dll
13:30:31.0349 0x0a38  C:\Windows\System32\wlanhlp.dll - ok
13:30:31.0365 0x0a38  [ B010CF886420EE29C2C276646721D255, CBCD032D679ADE3A9942A1D116648D6A9ECC71F66F8630629E724E5EE23F9F73 ] C:\Windows\SysWOW64\wlanapi.dll
13:30:31.0365 0x0a38  C:\Windows\SysWOW64\wlanapi.dll - ok
13:30:31.0365 0x0a38  [ 357BE883C5236BFC7341CB9E82308908, 4DDB697FD9B7C516CF99D73C8799EA35BB97E2431216CD7C1045F17B06109FBF ] C:\Windows\System32\wlanapi.dll
13:30:31.0365 0x0a38  C:\Windows\System32\wlanapi.dll - ok
13:30:31.0381 0x0a38  [ 8B74CEC6980D4816B0037AE9A27E538F, 8721EDB4C51BF6020002FA5DDB1987C68590F9F433A2F18D9756B2DAC7542CB6 ] C:\Windows\SysWOW64\slc.dll
13:30:31.0381 0x0a38  C:\Windows\SysWOW64\slc.dll - ok
13:30:31.0381 0x0a38  [ 1097F3035BAF46CED8B332B3564C5108, C69781683CA963A1335780DABBBC60E2C3CEF0888738D3425D358D12E8D0AF58 ] C:\Windows\SysWOW64\gpapi.dll
13:30:31.0381 0x0a38  C:\Windows\SysWOW64\gpapi.dll - ok
13:30:31.0396 0x0a38  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] C:\Windows\System32\drivers\ipnat.sys
13:30:31.0396 0x0a38  C:\Windows\System32\drivers\ipnat.sys - ok
13:30:31.0396 0x0a38  [ 6247E8B31ED0A9D6BC5A26276E49BEB3, 230C0C560492C454B9EB14B50EB4A78DC74FAB6B662449A0EA3114B3E671BFF3 ] C:\Program Files\Microsoft Security Client\NisSrv.exe
13:30:31.0396 0x0a38  C:\Program Files\Microsoft Security Client\NisSrv.exe - ok
13:30:31.0412 0x0a38  [ 2E86A86838D79D3CED428162BBDAE80C, 85AC24FD55541173FD690139427BE6BDC75B5717B319098CAB3ABF813FFEB49E ] C:\Program Files\Microsoft Security Client\NisLog.dll
13:30:31.0412 0x0a38  C:\Program Files\Microsoft Security Client\NisLog.dll - ok
13:30:31.0412 0x0a38  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] C:\Windows\System32\appinfo.dll
13:30:31.0412 0x0a38  C:\Windows\System32\appinfo.dll - ok
13:30:31.0427 0x0a38  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] C:\Windows\SysWOW64\wdi.dll
13:30:31.0427 0x0a38  C:\Windows\SysWOW64\wdi.dll - ok
13:30:31.0443 0x0a38  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] C:\Windows\System32\alg.exe
13:30:31.0443 0x0a38  C:\Windows\System32\alg.exe - ok
13:30:31.0443 0x0a38  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] C:\Windows\System32\wdi.dll
13:30:31.0443 0x0a38  C:\Windows\System32\wdi.dll - ok
13:30:31.0459 0x0a38  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] C:\Windows\SysWOW64\netprofm.dll
13:30:31.0459 0x0a38  C:\Windows\SysWOW64\netprofm.dll - ok
13:30:31.0459 0x0a38  [ E36112A8A6C7F840169A7E92C12F4203, 52795B2E6ECCE751EEF5074AF52FDE376A382D0A1C43B90DD4F77A397C00FBC5 ] C:\Windows\System32\wsock32.dll
13:30:31.0459 0x0a38  C:\Windows\System32\wsock32.dll - ok
13:30:31.0474 0x0a38  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] C:\Windows\System32\netprofm.dll
13:30:31.0474 0x0a38  C:\Windows\System32\netprofm.dll - ok
13:30:31.0474 0x0a38  [ 49ACA548B2423F1C67898E6AC719A9A6, 23D84137EAB9AFDD31CBB6776B6B25AD135A120AF7F7885EB5BBF9E0A2CCC4C1 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
13:30:31.0474 0x0a38  C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
13:30:31.0490 0x0a38  [ A63DC5C2EA944E6657203E0C8EDEAF61, F7AD4B09AFB301CE46DF695B22114331A57D52E6D4163FF74787BF68CCF44C78 ] C:\Windows\SysWOW64\dllhost.exe
13:30:31.0490 0x0a38  C:\Windows\SysWOW64\dllhost.exe - ok
13:30:31.0490 0x0a38  [ 7B851A8018B1EA00A69707A390004884, DAE654713EF1DC66C8C2D27752B659081794063A7D522D1F680AA9A6E7FBA9FD ] C:\Windows\SysWOW64\cryptnet.dll
13:30:31.0490 0x0a38  C:\Windows\SysWOW64\cryptnet.dll - ok
13:30:31.0505 0x0a38  [ 54A47F6B5E09A77E61649109C6A08866, 121118A0F5E0E8C933EFD28C9901E54E42792619A8A3A6D11E1F0025A7324BC2 ] C:\Windows\SysWOW64\svchost.exe
13:30:31.0505 0x0a38  C:\Windows\SysWOW64\svchost.exe - ok
13:30:31.0505 0x0a38  [ F14A9B1778376D0B1788E402AC1F831A, 6110F29669E03F8163B5CD7124BE0FF329F36C18529FA3B8FF70FC00B2D8AA02 ] C:\Windows\SysWOW64\shacct.dll
13:30:31.0505 0x0a38  C:\Windows\SysWOW64\shacct.dll - ok
13:30:31.0521 0x0a38  [ D1DE1EAFDE97BE41CF6585027FF3E732, 76F17D4DF440D6734DC8157092D94EB18C2A73A0A49BEEA289E7B3EDE30E86A2 ] C:\Windows\SysWOW64\comdlg32.dll
13:30:31.0521 0x0a38  C:\Windows\SysWOW64\comdlg32.dll - ok
13:30:31.0521 0x0a38  [ 9719E3D834F5C8C43F56A93DFA497023, 4D78D4BD4835C0A237821967156C19DF4B90384A6BCB1F48CEAF35D003A0099A ] C:\Windows\System32\pnpts.dll
13:30:31.0521 0x0a38  C:\Windows\System32\pnpts.dll - ok
13:30:31.0537 0x0a38  [ C5C867CD7EFAC60D5021223E374DEEC5, 197FEE8F02DE348E75771AC9AD748EFB29939F1AAF02DA6555181EEF787FD099 ] C:\Windows\SysWOW64\dimsjob.dll
13:30:31.0537 0x0a38  C:\Windows\SysWOW64\dimsjob.dll - ok
13:30:31.0537 0x0a38  [ 15E298B5EC5B89C5994A59863969D9FF, 8D38B2E023462D0804F72E907D11FF72CE84540EA3B8D83F411C602C3F6A1177 ] C:\Windows\SysWOW64\npmproxy.dll
13:30:31.0537 0x0a38  C:\Windows\SysWOW64\npmproxy.dll - ok
13:30:31.0552 0x0a38  [ F7073C962C4FB7C415565DDE109DE49F, 781E7088DCEFBC34A808C3E7DA41A56112B3F23ABE9F54B5EF4D5CD9CD016B1D ] C:\Windows\System32\npmproxy.dll
13:30:31.0552 0x0a38  C:\Windows\System32\npmproxy.dll - ok
13:30:31.0552 0x0a38  [ E629F1A051C82795DDFFD3E8D4855811, 6E4DFFEAB2795C98EA6DCAF10EA6D97413D0F8CA0C04869CB20B74FF4D6FE679 ] C:\Windows\System32\dimsjob.dll
13:30:31.0552 0x0a38  C:\Windows\System32\dimsjob.dll - ok
13:30:31.0568 0x0a38  [ D99621C0735B21DCC8BC4FEF02F379EF, C9FAD74DD80B6CCA95B83B767BB55644E775E8DC3FFC05CD89AEF16686F902FD ] C:\Windows\SysWOW64\Apphlpdm.dll
13:30:31.0568 0x0a38  C:\Windows\SysWOW64\Apphlpdm.dll - ok
13:30:31.0568 0x0a38  [ BF4AC709BE5BF64F331F5D67773A0C82, 96E5A2A12D386B8A7976FEC76FD350E6A3EEBDF5763F4BBF4AB18880E9F269E0 ] C:\Windows\System32\perftrack.dll
13:30:31.0568 0x0a38  C:\Windows\System32\perftrack.dll - ok
13:30:31.0583 0x0a38  [ E1B22739C933BE33F53DB58C5393ADD3, 26EE0DD091D2E00DECC774DC1EEDFFDE69AF74B0C769CCBE091AFC32C66E4207 ] C:\Windows\System32\Apphlpdm.dll
13:30:31.0583 0x0a38  C:\Windows\System32\Apphlpdm.dll - ok
13:30:31.0583 0x0a38  [ 4449D23E8F197862F1B16F1E6C89C36C, 93AF52BF8E870C0381F027D3BB8F6829E449242074472F1593EB8172D7EB6559 ] C:\Windows\System32\diagperf.dll
13:30:31.0583 0x0a38  C:\Windows\System32\diagperf.dll - ok
13:30:31.0599 0x0a38  [ 7A865523E3E0F4FA421787FAED4A04CD, E8A3F10D44E1EB704BFAB5B69C541AC80F52E16061AA7ADF1AB0827860D3FE90 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9EA535AA-E8A0-4CE6-A79F-858803172D4D}\gapaengine.dll
13:30:31.0599 0x0a38  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9EA535AA-E8A0-4CE6-A79F-858803172D4D}\gapaengine.dll - ok
13:30:31.0599 0x0a38  [ 5EFC185FDA24F4D6C025752B1F21C71E, D464D73DE5F962F2593D77BFC317CC2C5D6BF6A9B821A31C1D1756AF5FD534A8 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9EA535AA-E8A0-4CE6-A79F-858803172D4D}\nisfull.vdm
13:30:31.0599 0x0a38  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9EA535AA-E8A0-4CE6-A79F-858803172D4D}\nisfull.vdm - ok
13:30:31.0615 0x0a38  [ 544EFF88AC6C85DF5A4D6F18DFE08CFC, D688381F42062FD5D868E7770857C5951C41BA20A1B6E6F60B5D9536C02CD293 ] C:\Windows\SysWOW64\taskschd.dll
13:30:31.0615 0x0a38  C:\Windows\SysWOW64\taskschd.dll - ok
13:30:31.0615 0x0a38  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] C:\Windows\System32\IPSECSVC.DLL
13:30:31.0615 0x0a38  C:\Windows\System32\IPSECSVC.DLL - ok
13:30:31.0630 0x0a38  [ 590D5C506044FE02FF7643E32FF9BDAC, B8178A45E1DB6A39501E95CE4A2B2A1A88119367EC8DA7877120575A3EA47D16 ] C:\Windows\SysWOW64\wer.dll
13:30:31.0630 0x0a38  C:\Windows\SysWOW64\wer.dll - ok
13:30:31.0630 0x0a38  [ 7FFD52D73352806969D424EF327D10A7, DD44B084F052EF798997D7A8578E98DD4EF3F0E2A0C522DA2CC169D362C7B900 ] C:\Windows\SysWOW64\radardt.dll
13:30:31.0630 0x0a38  C:\Windows\SysWOW64\radardt.dll - ok
13:30:31.0630 0x0a38  [ 945E54F23C72D37B8CD1987AF0DB63BF, C2B217C94DBCA0A31ED834B9D492B53B25B235DDD02B1D1200E76609D32772EA ] C:\Windows\System32\fveapi.dll
13:30:31.0630 0x0a38  C:\Windows\System32\fveapi.dll - ok
13:30:31.0646 0x0a38  [ 92E0508D924512F63FFEEFE498CBD11F, 1158011E4A1298DEC79133B40888AA87B06F5B64BA2AB461B58C22F5F9211D0C ] C:\Windows\System32\p2pcollab.dll
13:30:31.0646 0x0a38  C:\Windows\System32\p2pcollab.dll - ok
13:30:31.0646 0x0a38  [ 46863C4CC5B68EB09EA2D5EEF0F1193A, 9B5593E1F484AC8F96F89A5995FB1FE9C51CB2F0F545607F6850751191150CFE ] C:\Windows\System32\radardt.dll
13:30:31.0661 0x0a38  C:\Windows\System32\radardt.dll - ok
13:30:31.0661 0x0a38  [ 276D4E87929599B0EBD1651F3B7609CE, 39F12E1E6B3AD4F5F3DB44C79DD58C680342AA36D56D30D21F13B45B9FE66B0D ] C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe
13:30:31.0661 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe - ok
13:30:31.0661 0x0a38  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] C:\Windows\System32\QAGENTRT.DLL
13:30:31.0661 0x0a38  C:\Windows\System32\QAGENTRT.DLL - ok
13:30:31.0677 0x0a38  [ FB4EB9352B7D698E6B3C2AA2ED724DAD, 534AB280ACD29E88FD1BD8838E1231D9364E649C917547A838F51EC8AB941EE2 ] C:\Windows\SysWOW64\authz.dll
13:30:31.0677 0x0a38  C:\Windows\SysWOW64\authz.dll - ok
13:30:31.0677 0x0a38  [ 0B31464B7B2D616BD5F7036673588EC1, AAC717D7FB02D5F7CC11AECC5C87FE6B7224340C569EBF7B77BD8C9F79FAA190 ] C:\Windows\SysWOW64\IDStore.dll
13:30:31.0677 0x0a38  C:\Windows\SysWOW64\IDStore.dll - ok
13:30:31.0693 0x0a38  [ 506A83A3BEEE9FCA09F0170DE9FC7D1B, 2DFBD792B68F3EBEF0843183CAE5D52B6FA04163808AFACF6C0D738455898C36 ] C:\Windows\System32\fveui.dll
13:30:31.0693 0x0a38  C:\Windows\System32\fveui.dll - ok
13:30:31.0693 0x0a38  [ EAFC149CD3BD78C443E31BB157841197, 9045425B0C7A23D5A96D1084FB3B1DED35852B3FB1DCB942DEB4A5B906126CA4 ] C:\Windows\SysWOW64\tbs.dll
13:30:31.0693 0x0a38  C:\Windows\SysWOW64\tbs.dll - ok
13:30:31.0708 0x0a38  [ DCC94C51D27C7EC0DADECA8F64C94FCF, 90C978C2284C9BDE3EFA1124616D824E0C361C388293FA22DBC8C3B70C920574 ] C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys
13:30:31.0708 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys - ok
13:30:31.0724 0x0a38  [ 694865362F0965779F92BCFE97712323, 825EB75E37AFE9B738869FB5D95020D4F44AD419C2F6C5A658F82A5242FDEF6C ] C:\Windows\System32\tbs.dll
13:30:31.0724 0x0a38  C:\Windows\System32\tbs.dll - ok
13:30:31.0724 0x0a38  [ 1727B2A2F379A32B864C096FA794AADC, 87B77A5DF95F3A1C5ED6DEF820C7E384BEFCBAA2FE1BB4781AC6F777A081E5CC ] C:\Windows\System32\aepic.dll
13:30:31.0724 0x0a38  C:\Windows\System32\aepic.dll - ok
13:30:31.0724 0x0a38  [ 891ECFD08E2C538B7948CBC45106D697, 628D0D618FF3A70E9FBE3B2C7206C9365ED2297784A5F10FFA05BD2C56657013 ] C:\Windows\System32\fvecerts.dll
13:30:31.0724 0x0a38  C:\Windows\System32\fvecerts.dll - ok
13:30:31.0739 0x0a38  [ E811F8510B133E70CF6E509FB809824F, 82541F2B15748250462B67B6C77530D4F7C45A1482237EC49B28F9FA5A414108 ] C:\Windows\System32\wdiasqmmodule.dll
13:30:31.0739 0x0a38  C:\Windows\System32\wdiasqmmodule.dll - ok
13:30:31.0755 0x0a38  [ 2FCA0D2C59A855C54BAFA22AA329DF0F, ED9D26F539065D62FCCEDEEC8E509B30F4D15F8DA586C1F657ACEFE9DABAACD0 ] C:\Windows\SysWOW64\netapi32.dll
13:30:31.0755 0x0a38  C:\Windows\SysWOW64\netapi32.dll - ok
13:30:31.0755 0x0a38  [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9, E18D66455D00A6D2A2D7CC0833C233FE8A6DD910B59D6B5B5F82EF91450858DF ] C:\Windows\SysWOW64\sfc.dll
13:30:31.0755 0x0a38  C:\Windows\SysWOW64\sfc.dll - ok
13:30:31.0771 0x0a38  [ C6DCD1D11ED6827F05C00773C3E7053C, EA23BE261C9C04F44215D254D7A80FD0AEE84C6F192D0FEE49A7CF74ED3CB1A6 ] C:\Windows\System32\sfc.dll
13:30:31.0771 0x0a38  C:\Windows\System32\sfc.dll - ok
13:30:31.0771 0x0a38  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] C:\Windows\System32\aelupsvc.dll
13:30:31.0771 0x0a38  C:\Windows\System32\aelupsvc.dll - ok
13:30:31.0786 0x0a38  [ DB603D3FD090C66F9709EF6493C26BA3, A9D9A3309DAEFC5AED885AC729B1E9DE8BA5454A0C83FD4F61BCAC935F6CBB4A ] C:\Windows\SysWOW64\FwRemoteSvr.dll
13:30:31.0786 0x0a38  C:\Windows\SysWOW64\FwRemoteSvr.dll - ok
13:30:31.0786 0x0a38  [ D44741F65A1D71F65814A12CF6E2400A, C6721F830675ADC7E7FDE2B5E822E56F6A063146F5066F1E25EBFE86F0A87136 ] C:\Windows\SysWOW64\runonce.exe
13:30:31.0786 0x0a38  C:\Windows\SysWOW64\runonce.exe - ok
13:30:31.0802 0x0a38  [ B01EE9F5C752A9228DD19A8443B17C40, 4B2AC6ADC5A879EC3DB391D41F233F961E52FD5E22661F807F67F9C244A67E76 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2EBCADD8-8635-49BB-A3D1-B3309D9A0718}\offreg.dll
13:30:31.0802 0x0a38  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2EBCADD8-8635-49BB-A3D1-B3309D9A0718}\offreg.dll - ok
13:30:31.0802 0x0a38  [ 9BC93C9ACFA34DB5A41B89357B31E4ED, C3B9DDCB31970F91F8CAF85D2431903DB1738872775EEFD6712B7646BDE1250C ] C:\Windows\System32\FwRemoteSvr.dll
13:30:31.0802 0x0a38  C:\Windows\System32\FwRemoteSvr.dll - ok
13:30:31.0864 0x0a38  [ 20B3934DB73EABA2B49B7177873CB81F, 492EAC5C51472B43DE11825358AEC4B9E3A081DACFD7513C696D6FE40F302EE5 ] C:\Windows\SysWOW64\netutils.dll
13:30:31.0864 0x0a38  C:\Windows\SysWOW64\netutils.dll - ok
13:30:31.0864 0x0a38  [ 84799328D87B3091A3BDD251E1AD31F9, F85521215924388830DBB13580688DB70B46AF4C7D82D549D09086438F8D237B ] C:\Windows\SysWOW64\sfc_os.dll
13:30:31.0864 0x0a38  C:\Windows\SysWOW64\sfc_os.dll - ok
13:30:31.0880 0x0a38  [ 025E7DBDB98866ED3CB2D4DDA70B364D, 78962F23F066E362AF1A4B98FA7D5E30AF30C561307438503031D30C944B6A6E ] C:\Windows\System32\runonce.exe
13:30:31.0880 0x0a38  C:\Windows\System32\runonce.exe - ok
13:30:31.0880 0x0a38  [ 895C9AB0A855547445C4181195230757, 89BDA385D8CCB75C3D7B1BDFA567AC441A931F4E499C0835FEE9D010343FABB6 ] C:\Windows\System32\sfc_os.dll
13:30:31.0880 0x0a38  C:\Windows\System32\sfc_os.dll - ok
13:30:31.0895 0x0a38  [ 5CCDCD40E732D54E0F7451AC66AC1C87, 66F4DA105BD72E41250CD59E2B3CD931B47AC9FDB6C784B9E33C5EE1AC29841F ] C:\Windows\SysWOW64\srvcli.dll
13:30:31.0895 0x0a38  C:\Windows\SysWOW64\srvcli.dll - ok
13:30:31.0895 0x0a38  [ E5A4A1326A02F8E7B59E6C3270CE7202, DCB76016F9AC47E631540874DA208A089F9D529DA9628705A2869B954526BFE0 ] C:\Windows\SysWOW64\wkscli.dll
13:30:31.0895 0x0a38  C:\Windows\SysWOW64\wkscli.dll - ok
13:30:31.0911 0x0a38  [ EAADD6E47ED2A7003ACE1793B98CF63F, EE090284CA4595B6A140949A41025926CEC3CCACCD2931B6AC77A1E14D20E5B4 ] C:\Windows\SysWOW64\msxml6.dll
13:30:31.0911 0x0a38  C:\Windows\SysWOW64\msxml6.dll - ok
13:30:31.0911 0x0a38  [ 55C94597A258D86ACF61C951ED5C5062, 51E580A54DB96D38BF8D8A48F4839119AB05C2F2830442A86772B6E9FBDF624F ] C:\ProgramData\Microsoft\Crypto\RSA64\rsa64.dll
13:30:31.0911 0x0a38  C:\ProgramData\Microsoft\Crypto\RSA64\rsa64.dll - ok
13:30:31.0927 0x0a38  [ 1FF7E4F548C7C372C804938F0D5B36AE, F20409733F67853CBF51FD83E4DB73260FED7B7A4F361C6B3482D78C990E16FC ] C:\Windows\SysWOW64\netcfgx.dll
13:30:31.0927 0x0a38  C:\Windows\SysWOW64\netcfgx.dll - ok
13:30:31.0927 0x0a38  [ 162D247E995EAEBF3EF4289069E1111C, 19E858E9902E2D570FFD24AE2CB4165273F5BAB1FF7B04758B11AB5CD41FD752 ] C:\Windows\SysWOW64\devrtl.dll
13:30:31.0927 0x0a38  C:\Windows\SysWOW64\devrtl.dll - ok
13:30:31.0942 0x0a38  [ FF5688D309347F2720911D8796912834, 3B0D73C50D40A6F42629B7750F99F656BF5C1C50237D5F98B6C0F2CE5E2DA359 ] C:\Windows\SysWOW64\clbcatq.dll
13:30:31.0942 0x0a38  C:\Windows\SysWOW64\clbcatq.dll - ok
13:30:31.0942 0x0a38  [ 12C45E3CB6D65F73209549E2D02ECA7A, 9DFD9C58B90257C34D52B7156C1D2566BE32EE7BD4699DDE164A5F190EC4D44A ] C:\Windows\SysWOW64\propsys.dll
13:30:31.0942 0x0a38  C:\Windows\SysWOW64\propsys.dll - ok
13:30:31.0958 0x0a38  [ CA9F7888B524D8100B977C81F44C3234, 57F3353F89724147D8AC8B69B12C1303DF26978309776F5F8CCF074526A915D3 ] C:\Windows\SysWOW64\winhttp.dll
13:30:31.0958 0x0a38  C:\Windows\SysWOW64\winhttp.dll - ok
13:30:31.0958 0x0a38  [ 14486EB6AF542F2BD3239F7FC3E713F7, C084C653CF6C63D7B4DB08CBDE2CAF059019D276BCACD923A29D22E69055012C ] C:\Windows\SysWOW64\pautoenr.dll
13:30:31.0958 0x0a38  C:\Windows\SysWOW64\pautoenr.dll - ok
13:30:31.0973 0x0a38  [ 0B7E85364CB878E2AD531DB7B601A9E5, F5AD3018427F1CD68450EE5CB55AA9572546322580E0FB1E7888702A291C2380 ] C:\Windows\SysWOW64\NapiNSP.dll
13:30:31.0973 0x0a38  C:\Windows\SysWOW64\NapiNSP.dll - ok
13:30:31.0973 0x0a38  [ 35CB97CBC3EDC463418ED4997AAB29B6, EE60EABE2D87CEDD68FB8985B6C5D70930015FB2B8DB9FDCB4044587BC6ECA4C ] C:\Windows\System32\pautoenr.dll
13:30:31.0973 0x0a38  C:\Windows\System32\pautoenr.dll - ok
13:30:31.0989 0x0a38  [ 5CF640EDDB1E40A5AB1BB743BCDEC610, 0313AA3F713C9F5B84DBB0B4DE78A96B173E9F7B4CF61C10FDC7DAE952DB04E5 ] C:\Windows\SysWOW64\pnrpnsp.dll
13:30:31.0989 0x0a38  C:\Windows\SysWOW64\pnrpnsp.dll - ok
13:30:31.0989 0x0a38  [ 61B1ED5F429EFAC7E2036769870AB93E, 628CF28434C5DFB81B76B90BEA4CDD9EB1E4B0971BEE24136A09490F9439E00E ] C:\Windows\SysWOW64\certcli.dll
13:30:31.0989 0x0a38  C:\Windows\SysWOW64\certcli.dll - ok
13:30:32.0005 0x0a38  [ 94DFBB481BF51158B216E23C5C1C9D6E, 0199086A70B9B63E48A7A15C8AE5442E9C6BC0173BD80A104DE1BE6A6C25F202 ] C:\Windows\System32\certcli.dll
13:30:32.0005 0x0a38  C:\Windows\System32\certcli.dll - ok
13:30:32.0005 0x0a38  [ 5DF5D8CFD9B9573FA3B2C89D9061A240, 990EA273B640DF2D7E800C0CFF18550259C605A4951CD82CD9F1E7B6FF0C9533 ] C:\Windows\SysWOW64\winrnr.dll
13:30:32.0005 0x0a38  C:\Windows\SysWOW64\winrnr.dll - ok
13:30:32.0020 0x0a38  [ 29BC473072568C072EC8B176498DE996, D3A4DB88BECA8AB3F8722E499548EFEC63022C1CE38F526AFBDA76DDBA8E9064 ] C:\Windows\SysWOW64\CertEnroll.dll
13:30:32.0020 0x0a38  C:\Windows\SysWOW64\CertEnroll.dll - ok
13:30:32.0020 0x0a38  [ 263B26106606A010CF877472B535E4BB, 43ECE89E428D2BB34244894BEBA1B946B0767649D15B1C715223E4E471A9E504 ] C:\Windows\System32\CertEnroll.dll
13:30:32.0020 0x0a38  C:\Windows\System32\CertEnroll.dll - ok
13:30:32.0036 0x0a38  [ 30F88258703D26127258F4B23B150D41, 61DA544E19701705B2B9D20BD4CB9C54A2D0648E968F8CE9BFC2EBCEE304A900 ] C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
13:30:32.0036 0x0a38  C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL - ok
13:30:32.0036 0x0a38  [ 4C39358EBDD2FFCD9132A30E1EC31E16, 06918CF99AD26CD6CF106881C0D5BDB212DC0BAC4549805C9F5906E3D03D152C ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
13:30:32.0036 0x0a38  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
13:30:32.0051 0x0a38  [ 58A14C45A5CD2528F10A889E7B0C3FC2, 81521B27F6DE4F2451C5441DFA93781B6687EE8F9AE62A8FE76D61DE7965E6EF ] C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll
13:30:32.0051 0x0a38  C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll - ok
13:30:32.0051 0x0a38  [ 883D87AA9D3C15C3D57B11BABC180B4E, D1AAC11A9D4145F9DB01386D1B5D048CF052171FFF52AF083288677974F31A0F ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
13:30:32.0051 0x0a38  C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF - ok
13:30:32.0067 0x0a38  [ AD7B9C14083B52BC532FBA5948342B98, 17F746D82695FA9B35493B41859D39D786D32B23A9D2E00F4011DEC7A02402AE ] C:\Windows\SysWOW64\cmd.exe
13:30:32.0067 0x0a38  C:\Windows\SysWOW64\cmd.exe - ok
13:30:32.0067 0x0a38  [ BF95EA5809E3BBF55370F7CB309FEBD0, 62ADBA6E1A7DDDEFA971580161F30896DFFC27EB4EB82E3CC72062D57DA66500 ] C:\Windows\System32\conhost.exe
13:30:32.0067 0x0a38  C:\Windows\System32\conhost.exe - ok
13:30:32.0083 0x0a38  [ 7D4DC95A1F5E0818E74A399960569EA1, C2C3B735D5FA128B192C97E237F39CF084F64A2F455E678028ABCA3E2A1E40F6 ] C:\Windows\SysWOW64\wuapi.dll
13:30:32.0083 0x0a38  C:\Windows\SysWOW64\wuapi.dll - ok
13:30:32.0083 0x0a38  [ C47F35CC6FA4F1BDBEF8F87AC1A46537, 82EC7041317666D5370690BD2176CF00F5957036C29429319F45045BFFAE9EC2 ] C:\Windows\System32\wuapi.dll
13:30:32.0083 0x0a38  C:\Windows\System32\wuapi.dll - ok
13:30:32.0098 0x0a38  [ 7A6986DD659B96398A11AF5173892715, FB7818952B9015F433418E7DC656A2C20CD682056AB981A55C1722020142D578 ] C:\Windows\SysWOW64\cabinet.dll
13:30:32.0098 0x0a38  C:\Windows\SysWOW64\cabinet.dll - ok
13:30:32.0098 0x0a38  [ FA43D418BC945D27D0625B697B8442B5, 035DE0FEA440D2E3AD255EE84B388DDA538E778877033FDB54B8A61BB0AADE56 ] C:\Windows\System32\cabinet.dll
13:30:32.0098 0x0a38  C:\Windows\System32\cabinet.dll - ok
13:30:32.0114 0x0a38  [ 812A161FC470FA832C3F0CC3D7ACA2F9, E4117C9023AE3193F22316A48F2B1B2C05373CCA64226D91190C17EBED9AFD26 ] C:\Windows\SysWOW64\apisetschema.dll
13:30:32.0114 0x0a38  C:\Windows\SysWOW64\apisetschema.dll - ok
13:30:32.0114 0x0a38  [ 662BA98309818AF2C17D4E48BF4021C4, 57B3FFAECE3DF5E22B6764A95D2B8523AA02CCCB4BD0779025C11D02EEBF4B1E ] C:\Program Files\Windows Defender\MpClient.dll
13:30:32.0114 0x0a38  C:\Program Files\Windows Defender\MpClient.dll - ok
13:30:32.0129 0x0a38  [ FB633DCC8664E4CCACF562DB5BAE38CF, F2AF7C52717BBBE3A45D58B60A0D947497634F9F6DB23D64AE18F817CC0019A5 ] C:\Windows\SysWOW64\wups.dll
13:30:32.0129 0x0a38  C:\Windows\SysWOW64\wups.dll - ok
13:30:32.0129 0x0a38  [ E746ED90132C6B6313CE9179F56BD31D, CCE0367148E54AA1413C52CCE752CC75EA9E3A8232ECFC263C62A634B8CAEF5F ] C:\Windows\System32\wups.dll
13:30:32.0129 0x0a38  C:\Windows\System32\wups.dll - ok
13:30:32.0145 0x0a38  [ 326C7F76A29897A892AA7726E91C1C67, 64305346B06EC14976130B0B80F14B4D5AB63E5B2A6A7B872EC9CE2BF8FADCD2 ] C:\Windows\SysWOW64\winbrand.dll
13:30:32.0145 0x0a38  C:\Windows\SysWOW64\winbrand.dll - ok
13:30:32.0145 0x0a38  [ 5C3F9DBA818CD93379D1A0F215270374, 6A4D96AC83989D47D80332E41E627F2607A3B2167E1A5D8E21361136C4424633 ] C:\Windows\SysWOW64\esent.dll
13:30:32.0145 0x0a38  C:\Windows\SysWOW64\esent.dll - ok
13:30:32.0161 0x0a38  [ 2003E9B15E1C502B146DAD2E383AC1E3, 15018D0093BEFABBA8B927743191030D1F8C17BB97FDB48C2FC3EAB20E2D4B3D ] C:\Windows\SysWOW64\schtasks.exe
13:30:32.0161 0x0a38  C:\Windows\SysWOW64\schtasks.exe - ok
13:30:32.0161 0x0a38  [ 97E0EC3D6D99E8CC2B17EF2D3760E8FC, 6DCE7D58EBB0D705FCB4179349C441B45E160C94E43934C5ED8FA1964E2CD031 ] C:\Windows\System32\schtasks.exe
13:30:32.0161 0x0a38  C:\Windows\System32\schtasks.exe - ok
13:30:32.0176 0x0a38  [ 38B13C0DF479DBA23ECFA815159BA86E, C289C65AF3FB689AD6B770AB0E815860D9EA36FB2A8DE9F1818C63AD0FE47CBD ] C:\Windows\SysWOW64\ktmw32.dll
13:30:32.0176 0x0a38  C:\Windows\SysWOW64\ktmw32.dll - ok
13:30:32.0176 0x0a38  [ 40947436A70E0034E41123DF5A0A7702, 5D40FD92DA5CA59C1BADB58AD509DB6A6D613F18660A9A270A53ECA85D34C3A9 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
13:30:32.0176 0x0a38  C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
13:30:32.0192 0x0a38  [ 79FA7D8B488F90EDE325963379A6F738, 90E0F2022D1697D5FEBE00AAB7D7E232AE42EA2AB243CD132B3BB739A6987CDD ] C:\Windows\SysWOW64\ieframe.dll
13:30:32.0192 0x0a38  C:\Windows\SysWOW64\ieframe.dll - ok
13:30:32.0192 0x0a38  [ 60F4AEFA103D421EA4A40E31409B4756, 037A8605CA504A4FF43E9D4DE9017CEA1E26D3556C975872C747E24D8B0835EF ] C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
13:30:32.0192 0x0a38  C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
13:30:32.0207 0x0a38  [ 2C4A87CA8C00E98EFDCFA2E8EC9A3503, DA59CE662E98E56D89E2894D2AC8B9F324C16DA23C860640EDC2C82E0AD06097 ] C:\Windows\SysWOW64\shdocvw.dll
13:30:32.0207 0x0a38  C:\Windows\SysWOW64\shdocvw.dll - ok
13:30:32.0207 0x0a38  [ 12B79422A23814429CDA9E734C58F78F, 88D8EBB4815896921ED88BC46E8C37844FB8C62CD05F507BFCF9825EBC9607DE ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
13:30:32.0207 0x0a38  C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
13:30:32.0223 0x0a38  [ F672155776ABADF6A23C59E74491C9F2, B623F7901B85BA72808EC4AF9A195236C601A6B965F9202DB557746AE3FFC327 ] C:\Users\Admin\AppData\Local\Temp\{A4720692-7F4F-4566-A947-DA165CFE8BC8}.exe
13:30:32.0223 0x0a38  C:\Users\Admin\AppData\Local\Temp\{A4720692-7F4F-4566-A947-DA165CFE8BC8}.exe - ok
13:30:32.0223 0x0a38  [ 1C60E09CA1C3A045BC4D367F67C915B7, DF1ED88CB57DA1AB1A4245AE0D5B42AFA3396EBF67B99411FFFB0DD06DE1AEAF ] C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
13:30:32.0223 0x0a38  C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
13:30:32.0239 0x0a38  [ FB19FC5951A88F3C523E35C2C98D23C0, FF0DB8BF0C68DA0D09272E8181D2B5409C8850BB2F31AEA3AC4CD14C5A420A59 ] C:\Windows\SysWOW64\webio.dll
13:30:32.0239 0x0a38  C:\Windows\SysWOW64\webio.dll - ok
13:30:32.0239 0x0a38  [ 007863E45F25AA47A4C30D0930BBFD85, 60F2ABA40D520FCA2C57FA2DB72E111C14F21821DA17F662837506B80C269634 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
13:30:32.0239 0x0a38  C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
13:30:32.0254 0x0a38  [ 5D9DC6332A4FC66388B09BBE7CF53750, 497961D2ED6C83E1198C3706E4A6CB8B01FE55FCD96E19EEB279352CF56679C1 ] C:\Windows\SysWOW64\urlmon.dll
13:30:32.0254 0x0a38  C:\Windows\SysWOW64\urlmon.dll - ok
13:30:32.0254 0x0a38  [ 2CFA4569350B7F84F815E9EC34E85766, 8DE5F880F23435256E697C24BDDFA9B8994ACC3FAA063AF274BEC918FE012788 ] C:\Windows\SysWOW64\SndVolSSO.dll
13:30:32.0254 0x0a38  C:\Windows\SysWOW64\SndVolSSO.dll - ok
13:30:32.0270 0x0a38  [ 243974EC02F7AE49E4179C54624143AB, 755FA67F7BF10E3C6336788D297FBAA70F28F630852A43A78D3F7D7E3A7ECED0 ] C:\Windows\SysWOW64\MMDevAPI.dll
13:30:32.0270 0x0a38  C:\Windows\SysWOW64\MMDevAPI.dll - ok
13:30:32.0270 0x0a38  [ 7E9917D5309A90E7576653BFE39F80D8, 3525795CA69EF165AAAA20C878A20DF5A5F183CF6F8358A0132A88153E6459C6 ] C:\Windows\SysWOW64\timedate.cpl
13:30:32.0270 0x0a38  C:\Windows\SysWOW64\timedate.cpl - ok
13:30:32.0285 0x0a38  [ FB10715E4099AF9FA389C71873245226, 6A4CB43880B822A0C4714D6E52EB3EB2CE1E69C3AA9CA65EAAD6B131AE43F274 ] C:\Windows\System32\timedate.cpl
13:30:32.0285 0x0a38  C:\Windows\System32\timedate.cpl - ok
13:30:32.0285 0x0a38  [ 23B001185B7C3CB1F4BDEB143E6B45B7, AB3A5AB346F6353B43B06FBE20B7785DA988975E2C8B73A6588F107FFAAACC47 ] C:\Windows\System32\shdocvw.dll
13:30:32.0285 0x0a38  C:\Windows\System32\shdocvw.dll - ok
13:30:32.0301 0x0a38  [ F1278B3514EA6FA9BC39B20D26139AAC, 7FA1B8CCBB4771F3105EEACE2C13F949FA65C7F53817C783BDF9770F94FF12B5 ] C:\Windows\SysWOW64\msiltcfg.dll
13:30:32.0301 0x0a38  C:\Windows\SysWOW64\msiltcfg.dll - ok
13:30:32.0301 0x0a38  [ 69754747274B76E7FAF287239333D7E6, A0BAEC1E56E4B1A17C0D41B317526AF5BB11E7E488C7016067A6229346A23B16 ] C:\Windows\System32\msiltcfg.dll
13:30:32.0301 0x0a38  C:\Windows\System32\msiltcfg.dll - ok
13:30:32.0317 0x0a38  [ A6C29DB53ECA94FA8591C5388D604B82, F25E95BA669422286A8FA3A68E0C639A2F06319B6DC8FA641C965CFB27A50BD6 ] C:\Windows\SysWOW64\msi.dll
13:30:32.0317 0x0a38  C:\Windows\SysWOW64\msi.dll - ok
13:30:32.0317 0x0a38  [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\Users\Admin\AppData\Local\Temp\{AA530D5B-C933-4F18-B140-88C3E8A51309}\{6688E973-D506-46E4-A28B-13A37573320A}.tmp
13:30:32.0317 0x0a38  C:\Users\Admin\AppData\Local\Temp\{AA530D5B-C933-4F18-B140-88C3E8A51309}\{6688E973-D506-46E4-A28B-13A37573320A}.tmp - ok
13:30:32.0332 0x0a38  [ 65AF88D89E9F1F43198EB7D4DBF2E34B, F1E3BC3A4AF6D8481ACC2C20AAF99D63DC96B3B8163E4E503A1336188879367F ] C:\Program Files\Internet Explorer\sqmapi.dll
13:30:32.0332 0x0a38  C:\Program Files\Internet Explorer\sqmapi.dll - ok
13:30:32.0332 0x0a38  [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\Users\Admin\AppData\Local\Temp\{AA530D5B-C933-4F18-B140-88C3E8A51309}\{19D8D990-EC8A-410E-A29A-4EB4AE288C18}.tmp
13:30:32.0332 0x0a38  C:\Users\Admin\AppData\Local\Temp\{AA530D5B-C933-4F18-B140-88C3E8A51309}\{19D8D990-EC8A-410E-A29A-4EB4AE288C18}.tmp - ok
13:30:32.0348 0x0a38  [ 5987EA8A82C53359BCD2C29D6588583E, 59E2DF91F8DA9E33DE65FA67A6A49A7C3F524618A87EAEFC8A28C5304E7FAB85 ] C:\Windows\SysWOW64\linkinfo.dll
13:30:32.0348 0x0a38  C:\Windows\SysWOW64\linkinfo.dll - ok
13:30:32.0348 0x0a38  [ 80808656078CFCC32CF8BFEB0DD66279, 383F37599ABF16EEDEB2A60242DB7EDCC3D210A2A59DD61169047059F7041C5C ] C:\Users\Admin\AppData\Local\Temp\{AA530D5B-C933-4F18-B140-88C3E8A51309}\{30C342FA-5812-4A86-B731-24872264A82D}.tmp
13:30:32.0348 0x0a38  C:\Users\Admin\AppData\Local\Temp\{AA530D5B-C933-4F18-B140-88C3E8A51309}\{30C342FA-5812-4A86-B731-24872264A82D}.tmp - ok
13:30:32.0363 0x0a38  [ E6DD15E668DAF0A02470CF551B0A0105, 3AF2BE87974A9AF7F7F43DB9E39F35BF93F893844F03F77780EDC174AF5F49ED ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll
13:30:32.0363 0x0a38  C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok
13:30:32.0363 0x0a38  [ 3A16EA01FCFAAB40882DB5BFEE632322, 04ED66BEFDB822181EBD1D84CBF0B17AAADF8455AE742F44D7ADCB26AB07BDAD ] C:\Windows\SysWOW64\msftedit.dll
13:30:32.0379 0x0a38  C:\Windows\SysWOW64\msftedit.dll - ok
13:30:32.0379 0x0a38  [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86, E15ED4FEFC3010C213694331DDFDC03767682325C898D773AB243E2DC8B08461 ] C:\Windows\System32\msftedit.dll
13:30:32.0379 0x0a38  C:\Windows\System32\msftedit.dll - ok
13:30:32.0379 0x0a38  [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\Users\Admin\AppData\Local\Temp\{AA530D5B-C933-4F18-B140-88C3E8A51309}\{E473CA3C-F8C0-4589-B464-F0F514FF51E5}.tmp
13:30:32.0379 0x0a38  C:\Users\Admin\AppData\Local\Temp\{AA530D5B-C933-4F18-B140-88C3E8A51309}\{E473CA3C-F8C0-4589-B464-F0F514FF51E5}.tmp - ok
13:30:32.0395 0x0a38  [ 298FDE634538B62CEEEC266D8773B21A, E6E445282D17CEAFEAB66A5A1E0124DD50F2438205BCE5649DB998BDAED06CB7 ] C:\Windows\SysWOW64\msls31.dll
13:30:32.0395 0x0a38  C:\Windows\SysWOW64\msls31.dll - ok
13:30:32.0410 0x0a38  [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\Users\Admin\AppData\Local\Temp\{AA530D5B-C933-4F18-B140-88C3E8A51309}\{CCB0920E-C76F-4974-BA1C-E4A7658B68ED}.tmp
13:30:32.0410 0x0a38  C:\Users\Admin\AppData\Local\Temp\{AA530D5B-C933-4F18-B140-88C3E8A51309}\{CCB0920E-C76F-4974-BA1C-E4A7658B68ED}.tmp - ok
13:30:32.0410 0x0a38  [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\Users\Admin\AppData\Local\Temp\{AA530D5B-C933-4F18-B140-88C3E8A51309}\{754F7FF9-61BC-41EA-A019-92594E5FE707}.tmp
13:30:32.0410 0x0a38  C:\Users\Admin\AppData\Local\Temp\{AA530D5B-C933-4F18-B140-88C3E8A51309}\{754F7FF9-61BC-41EA-A019-92594E5FE707}.tmp - ok
13:30:32.0426 0x0a38  [ 81F08948A0F1475894C99D4D19A158A8, 93334DA369BF976E498265E432CAF63D898D378C6B32947DF355366ABE2A0FAC ] C:\Windows\SysWOW64\wshqos.dll
13:30:32.0426 0x0a38  C:\Windows\SysWOW64\wshqos.dll - ok
13:30:32.0426 0x0a38  [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\Users\Admin\AppData\Local\Temp\{AA530D5B-C933-4F18-B140-88C3E8A51309}\{AB39FE80-6E34-4B78-B928-C1985A0C7854}.tmp
13:30:32.0426 0x0a38  C:\Users\Admin\AppData\Local\Temp\{AA530D5B-C933-4F18-B140-88C3E8A51309}\{AB39FE80-6E34-4B78-B928-C1985A0C7854}.tmp - ok
13:30:32.0441 0x0a38  [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\Users\Admin\AppData\Local\Temp\{AA530D5B-C933-4F18-B140-88C3E8A51309}\{C220A5D2-FFC2-4D39-97AD-DB94AE0839AC}.tmp
13:30:32.0441 0x0a38  C:\Users\Admin\AppData\Local\Temp\{AA530D5B-C933-4F18-B140-88C3E8A51309}\{C220A5D2-FFC2-4D39-97AD-DB94AE0839AC}.tmp - ok
13:30:32.0441 0x0a38  [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\Users\Admin\AppData\Local\Temp\{AA530D5B-C933-4F18-B140-88C3E8A51309}\{22ED8C48-6D52-4507-84D4-E2C070D0A44E}.tmp
13:30:32.0441 0x0a38  C:\Users\Admin\AppData\Local\Temp\{AA530D5B-C933-4F18-B140-88C3E8A51309}\{22ED8C48-6D52-4507-84D4-E2C070D0A44E}.tmp - ok
13:30:32.0457 0x0a38  [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\Users\Admin\AppData\Local\Temp\{AA530D5B-C933-4F18-B140-88C3E8A51309}\{F694E1B5-801E-4701-8685-677A5DBBD8E9}.tmp
13:30:32.0457 0x0a38  C:\Users\Admin\AppData\Local\Temp\{AA530D5B-C933-4F18-B140-88C3E8A51309}\{F694E1B5-801E-4701-8685-677A5DBBD8E9}.tmp - ok
13:30:32.0457 0x0a38  [ 2EBD0C5B090125AECF017C57344C45AB, 4FF8F2460115C60AD164EE0DC2079E1601B8AA21A1BA8033B7B731FAF85411B6 ] C:\Windows\System32\msls31.dll
13:30:32.0457 0x0a38  C:\Windows\System32\msls31.dll - ok
13:30:32.0473 0x0a38  [ 102CF6879887BBE846A00C459E6D4ABC, A4C51C79CF95D5C79DCEFB02946A09A987FEAF83CE2EE1BA7677EBA90869AC80 ] C:\Windows\SysWOW64\riched20.dll
13:30:32.0473 0x0a38  C:\Windows\SysWOW64\riched20.dll - ok
13:30:32.0473 0x0a38  [ E2A17BCC08D92F42E08AF6BA2F93ABA7, 5FC9D47BF4B1094BECC0C0DDCD5CD4318DD3E4495D982F8785331616D5B82599 ] C:\Windows\SysWOW64\ExplorerFrame.dll
13:30:32.0473 0x0a38  C:\Windows\SysWOW64\ExplorerFrame.dll - ok
13:30:32.0488 0x0a38  [ 6E1F8165C365D35C8E3C045AF0CDD481, B861360D0A014265A0BEB4CC2FE31EA05AE95120E8B07820C13A044D64C00E2B ] C:\Windows\SysWOW64\duser.dll
13:30:32.0488 0x0a38  C:\Windows\SysWOW64\duser.dll - ok
13:30:32.0488 0x0a38  [ EE06B85BC69F18826302348A2AD089E0, 417205797CC9F6C986A863A61179784D9ADCAF1961EF8A4D9042D73C5A86509A ] C:\Windows\SysWOW64\dui70.dll
13:30:32.0488 0x0a38  C:\Windows\SysWOW64\dui70.dll - ok
13:30:32.0504 0x0a38  [ 64E211E0FDFCE4D186DF58BB7D0503BC, 6B9E12979119BAD721D493A9CEFDC7B4150121D5590222069FD1B8D80F9AC5C0 ] C:\Windows\SysWOW64\gameux.dll
13:30:32.0504 0x0a38  C:\Windows\SysWOW64\gameux.dll - ok
13:30:32.0504 0x0a38  [ 2BCBA6052374959A30BD7948444DBB79, 46224A2B729026FEEBC3C6A09E69919D477097848DB2CA0C2F5B166CDF379660 ] C:\Windows\System32\gameux.dll
13:30:32.0504 0x0a38  C:\Windows\System32\gameux.dll - ok
13:30:32.0519 0x0a38  [ 7DBA84667DC18877AEF693E3543DFAD7, 499306CE72EB8B873C547C600FD1093B7A79122D656407E69879041690AE588F ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
13:30:32.0519 0x0a38  C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
13:30:32.0519 0x0a38  [ EE7CB55F77465CDAC4C80F587FF7C278, 9DB3FC61275BA78A0A4E66440024341F0C6863659937A78E6224D3C42D7E57E7 ] C:\Windows\SysWOW64\authui.dll
13:30:32.0519 0x0a38  C:\Windows\SysWOW64\authui.dll - ok
13:30:32.0535 0x0a38  [ 28CA821606669BB9215CE010767720FA, C8A1F0D6704F8F37CF8AADDFAD511FF27E56E8BCFFD4AC948DFA0329DB1F3A1E ] C:\Windows\SysWOW64\cryptui.dll
13:30:32.0535 0x0a38  C:\Windows\SysWOW64\cryptui.dll - ok
13:30:32.0535 0x0a38  [ 56CEED370508F69A1BA04939BD1BADDA, C84F383F2B3C9581F635E51DA39567F0B5ED2D847B18CCE51022BA4B2FA7EA8D ] C:\Windows\SysWOW64\msutb.dll
13:30:32.0535 0x0a38  C:\Windows\SysWOW64\msutb.dll - ok
13:30:32.0551 0x0a38  [ 4C2C4640BF23AAFCF90519E0F34436CE, 8ACCDA77C2DC5BE2DAED05134310122AFECC872A8D118612E55DD229BFE4D844 ] C:\Windows\System32\DeviceCenter.dll
13:30:32.0551 0x0a38  C:\Windows\System32\DeviceCenter.dll - ok
13:30:32.0551 0x0a38  [ 842683D8F1A58A76E5A03DA35B4962EE, 7D1B1918D69566694D7D0E82A8A1C7537A5C3A1533DC80F60FE212DD2DBC6099 ] C:\Windows\System32\hkcmd.exe
13:30:32.0551 0x0a38  C:\Windows\System32\hkcmd.exe - ok
13:30:32.0566 0x0a38  [ 82BD1656314D2FA949A0E8522828F837, 746A98E68D8FC05B7C577A0BC7DD9C197E80F0B73614F5A2CA84B01C2EF433D1 ] C:\Windows\System32\hccutils.dll
13:30:32.0566 0x0a38  C:\Windows\System32\hccutils.dll - ok
13:30:32.0566 0x0a38  [ 7CB55ECF3860D14DEA2DED97461A08B0, 3322D1A9BF2DBF509E0A891B815FFF2FFF9CCE23E2D29C1CA9E8EB714C3EEF99 ] C:\Windows\System32\igfxsrvc.exe
13:30:32.0566 0x0a38  C:\Windows\System32\igfxsrvc.exe - ok
13:30:32.0582 0x0a38  [ 6860E32B7335EC62295673AA2106A407, B375BFA92FB733347BF0A83DA55BA5E82D151C879B2E9B04FE926D2601462EC0 ] C:\Program Files\Microsoft Security Client\msseces.exe
13:30:32.0582 0x0a38  C:\Program Files\Microsoft Security Client\msseces.exe - ok
13:30:32.0582 0x0a38  [ B95E9630242E2154A320F042EBF20DB1, 40DDCE3A5C2503E72DF6899D790220779ADBE7831ED4E544B268C5CF5458C4E0 ] C:\Windows\System32\igfxsrvc.dll
13:30:32.0582 0x0a38  C:\Windows\System32\igfxsrvc.dll - ok
13:30:32.0597 0x0a38  [ 026E1B4D80750DC88357694443724729, 0D5838226BC9A731B40C5C73203EA713D2FFCB191853E226A2FD77E92A3FACC7 ] C:\Windows\System32\igfxdev.dll
13:30:32.0597 0x0a38  C:\Windows\System32\igfxdev.dll - ok
13:30:32.0597 0x0a38  [ 5BF94D45E79C5FADDFC8A92E4BE28A48, 8F6238BF8A10A5F72A4B098349763BDA0F17B0C54E013DEB3906FB19CFC7B05A ] C:\Program Files\DellTPad\Apoint.exe
13:30:32.0597 0x0a38  C:\Program Files\DellTPad\Apoint.exe - ok
13:30:32.0613 0x0a38  [ AAB979089E192ACC0FE1E3C018F8B591, 78C2231B067564C797571834756AF092D49FB3210E2450EDB4AF7FE0F675AFE2 ] C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe
13:30:32.0613 0x0a38  C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe - ok
13:30:32.0613 0x0a38  [ D4F264FE23F8953D840904418220C15E, 72EAF30265A0CC88DEC0FCA7869734D8C93572457C61A2BF1BDFFB20C061DBCD ] C:\Windows\SysWOW64\dxgi.dll
13:30:32.0613 0x0a38  C:\Windows\SysWOW64\dxgi.dll - ok
13:30:32.0629 0x0a38  [ 08DFDBD2FD4EA951DC46B1C7661ED35A, D926530C659DDAF80770663F46F1EFD94FFB4AAB475C4E3367CB531AF4A734E1 ] C:\Windows\SysWOW64\powrprof.dll
13:30:32.0629 0x0a38  C:\Windows\SysWOW64\powrprof.dll - ok
13:30:32.0629 0x0a38  [ 492AC8FE997E8CA937A0A6199AA05DB0, F980A0E29DDD02F688DBD8DA17DEAAA75B67248271286F4D2EF6C1145D5141E8 ] C:\Program Files\DellTPad\Apoint.dll
13:30:32.0629 0x0a38  C:\Program Files\DellTPad\Apoint.dll - ok
13:30:32.0644 0x0a38  [ 8DFB5752FCE145A6B295093C0A8BE131, F38029C8B36EFD46B1F6CCA0089FF4EFB0AB246497E38EDFF6A67FAC804D4A97 ] C:\Windows\System32\dxgi.dll
13:30:32.0644 0x0a38  C:\Windows\System32\dxgi.dll - ok
13:30:32.0644 0x0a38  [ 74FCBCDB4FC5B74EBE996AE66E8CBD9B, 88CAC63308861B1FC37497A5D27E382224D25E34D48C97779B93A08887574462 ] C:\Windows\System32\Vxdif.dll
13:30:32.0644 0x0a38  C:\Windows\System32\Vxdif.dll - ok
13:30:32.0660 0x0a38  [ C9AEBF3A8363AC7FF23ACE4DFA9B6D82, 3FC0378D17E8B201E64E89E86555200E92470B32D3EE72FE1F7A735901421561 ] C:\Program Files\Microsoft Security Client\MsMpRes.dll
13:30:32.0660 0x0a38  C:\Program Files\Microsoft Security Client\MsMpRes.dll - ok
13:30:32.0660 0x0a38  [ 383027DC95B381904BE9AED58B34461E, 0194E0D4D80DB085A7F9762C964F4A69826734C18E4A49067C92327FDF673005 ] C:\Program Files\DellTPad\EzAuto.dll
13:30:32.0660 0x0a38  C:\Program Files\DellTPad\EzAuto.dll - ok
13:30:32.0675 0x0a38  [ 340ACAAD76DE94000DCEAC541349A27C, 053D7C1797DEE1D98B62B54688CF747A2E0E440FDF428EDFF91D8295E1886E9A ] C:\Program Files\DellTPad\ApMsgFwd.exe
13:30:32.0675 0x0a38  C:\Program Files\DellTPad\ApMsgFwd.exe - ok
13:30:32.0675 0x0a38  [ 487F44B08EFEAF5AD087878357B9403D, B02C99850940588D52B3E6DB30DB64582F294E0BD62101067BECFEA1483010C6 ] C:\Windows\SysWOW64\pdh.dll
13:30:32.0675 0x0a38  C:\Windows\SysWOW64\pdh.dll - ok
13:30:32.0691 0x0a38  [ 5B2E4E90C04FB9AE9F2C5E99FF59B283, 69DC06F246C3983934CA92149B4010A51868667D6E9A54A36338B1953B4CB21E ] C:\Windows\SysWOW64\WindowsCodecs.dll
13:30:32.0691 0x0a38  C:\Windows\SysWOW64\WindowsCodecs.dll - ok
13:30:32.0691 0x0a38  [ 912649A1B3F9E6ACB3899FBDABA2ED5F, 049DFA9EA45A888B984E459B927A0F8AA4C10B9D36C6C0A0FE57F6329BEAF555 ] C:\Windows\SysWOW64\stobject.dll
13:30:32.0691 0x0a38  C:\Windows\SysWOW64\stobject.dll - ok
13:30:32.0707 0x0a38  [ C3761661C17C2248A9379A8FB89E3DE1, CE3477FA2B4058EB80739E0161FE957545F13CF86D313F6422732901D35F75F2 ] C:\Windows\System32\stobject.dll
13:30:32.0707 0x0a38  C:\Windows\System32\stobject.dll - ok
13:30:32.0707 0x0a38  [ 67C1B58706B47EEBA4E117AC197289E6, 9213E55DA854563E3A99369A4FAD853C0A97241A4F6D93F98444C57ADEEF89C1 ] C:\Windows\SysWOW64\batmeter.dll
13:30:32.0707 0x0a38  C:\Windows\SysWOW64\batmeter.dll - ok
13:30:32.0722 0x0a38  [ F832EEEA97CDDA1AF577E721F652A0D1, EBBB7CA199BA4DF231123922BD310D43DE0104C6185B70FE0281B938D5336F2E ] C:\Windows\System32\batmeter.dll
13:30:32.0722 0x0a38  C:\Windows\System32\batmeter.dll - ok
13:30:32.0722 0x0a38  [ 672D7C5080ACB003343006405DA2E621, 5F28C83A20ECB1F20894B60725477BEF0D672817DFDB9822FB345A3270A0C095 ] C:\Windows\SysWOW64\thumbcache.dll
13:30:32.0722 0x0a38  C:\Windows\SysWOW64\thumbcache.dll - ok
13:30:32.0738 0x0a38  [ 4EC2C3B15B9EC41AD0D6CD918D20376E, 3B570DF35051A0AD79EA9B66BB2355E44BF9232472102361615F6E1F5E8D67CA ] C:\Windows\SysWOW64\tzres.dll
13:30:32.0738 0x0a38  C:\Windows\SysWOW64\tzres.dll - ok
13:30:32.0738 0x0a38  [ 24F4B480F335A6C724AF352253C5D98B, 011413B236CAD7B78CE0A0EEC3E3085D48C7576A3205D025BA6EBFDF590538E4 ] C:\Windows\System32\thumbcache.dll
13:30:32.0738 0x0a38  C:\Windows\System32\thumbcache.dll - ok
13:30:32.0753 0x0a38  [ 220159496484D34009DE71CA1A68E0D4, 94BD3DEB4E84F95D80BE5775E5A612EFF181ECB212FB668674C67AD19194DE69 ] C:\Windows\System32\wbem\NCProv.dll
13:30:32.0753 0x0a38  C:\Windows\System32\wbem\NCProv.dll - ok
13:30:32.0753 0x0a38  [ 93812FDC01AA864195816CD814445F95, E5CB2576DA2905177AFD342DBE63E17CF626F93F430DEBC55155C18C60166BEE ] C:\Program Files\Microsoft Security Client\sqmapi.dll
13:30:32.0753 0x0a38  C:\Program Files\Microsoft Security Client\sqmapi.dll - ok
13:30:32.0769 0x0a38  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ]


TDSSKiller log part 4

 

C:\Windows\SysWOW64\es.dll
13:30:32.0769 0x0a38  C:\Windows\SysWOW64\es.dll - ok
13:30:32.0769 0x0a38  [ E948D1D42DC68923ABD75EEB5BCCD1D3, 74218AE72B6B9940315F17D297E97F9F5CE4962C956AF8049367E14769D6EDD5 ] C:\Windows\System32\consent.exe
13:30:32.0769 0x0a38  C:\Windows\System32\consent.exe - ok
13:30:32.0785 0x0a38  [ 6F8E3B7B70E1BBA871212940C1FBDF60, 3F9D4EE64E4210340C6FEE0DE81BFE3C613DDBE608EC09D63817D24CE24BFC5E ] C:\Windows\SysWOW64\SensApi.dll
13:30:32.0785 0x0a38  C:\Windows\SysWOW64\SensApi.dll - ok
13:30:32.0785 0x0a38  [ C8333F1F77A1B2E25F2202E892CAF634, 7A614AA4353ECE8175B6AB7B25EE26FAB22DF2A53C9A5A694B3A3B56F6C783A7 ] C:\Windows\SysWOW64\prnfldr.dll
13:30:32.0785 0x0a38  C:\Windows\SysWOW64\prnfldr.dll - ok
13:30:32.0800 0x0a38  [ 18AB2E5A40064ED5F7791AC5946A90F3, B7536CE56702C23B1CEC3E1B6C78866E0A76808B85A92AF3733D9ED9429E004C ] C:\Windows\SysWOW64\msimg32.dll
13:30:32.0800 0x0a38  C:\Windows\SysWOW64\msimg32.dll - ok
13:30:32.0800 0x0a38  [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122, E7EA375A3BDE8FC764CB09524344370B9EE25F98AD6C83E6F37A569EB8D277D6 ] C:\Windows\System32\prnfldr.dll
13:30:32.0800 0x0a38  C:\Windows\System32\prnfldr.dll - ok
13:30:32.0816 0x0a38  [ D412B1B72C5AB020218E9A047D90CA05, A9CF8134DB968D259DF4DCC736159841BCB8DF309BEED4FB44F99033B8D31B39 ] C:\Windows\SysWOW64\wmsgapi.dll
13:30:32.0816 0x0a38  C:\Windows\SysWOW64\wmsgapi.dll - ok
13:30:32.0831 0x0a38  [ 3D57FFBAD3ED16B63DE3879BAB0FB56F, 6BEAF5AFC98961190B004E8DE57CD5F9F39117287AE18D59DDB2EC5C0A0C6622 ] C:\Windows\SysWOW64\networkexplorer.dll
13:30:32.0831 0x0a38  C:\Windows\SysWOW64\networkexplorer.dll - ok
13:30:32.0847 0x0a38  [ B43687C534A49700BF4B3C9898763752, B4C371CB2C0EAC1803E6C845F629814B2CE4C568022EB6A1C9AC1F293BF74F40 ] C:\Windows\SysWOW64\MsCtfMonitor.dll
13:30:32.0847 0x0a38  C:\Windows\SysWOW64\MsCtfMonitor.dll - ok
13:30:32.0847 0x0a38  [ 405F4D32D2185F1F1BD753D8EEAFFB3A, CAC42C3E09C43BE96592B670D70821386014DB22D8239A9CFB9E33E54FB5C3D5 ] C:\Windows\System32\networkexplorer.dll
13:30:32.0847 0x0a38  C:\Windows\System32\networkexplorer.dll - ok
13:30:32.0863 0x0a38  [ 42A9CB6906D9A8BEDC83B57163E62924, E18522D3137653140757829EFBFCE624A5BAA5842E2BBA10B9E5AB6C84BE49E1 ] C:\Windows\System32\DXP.dll
13:30:32.0863 0x0a38  C:\Windows\System32\DXP.dll - ok
13:30:32.0909 0x0a38  [ DB02F4D37E5F7F07A0D0F9FAA68249EE, E5CD7EEA5019D6F7A52E33C3C30800EEE360B9787388E16411FD9057E2918BDA ] C:\Windows\System32\ieframe.dll
13:30:32.0909 0x0a38  C:\Windows\System32\ieframe.dll - ok
13:30:32.0925 0x0a38  [ 4F6E72B34ED3DC53DCC5E8708E60B61F, CB79F4EBCE11ECCFA167498F329F95D545F8D4E5CCE4006B2A03B595733AEBC2 ] C:\Windows\SysWOW64\security.dll
13:30:32.0925 0x0a38  C:\Windows\SysWOW64\security.dll - ok
13:30:32.0925 0x0a38  [ 856CFFCD835528136367BB1A8FE1DB87, 97EE0B243F460BE737D18B634559BC6389064BA013890E69B650E5152AB873C8 ] C:\Windows\SysWOW64\Syncreg.dll
13:30:32.0925 0x0a38  C:\Windows\SysWOW64\Syncreg.dll - ok
13:30:32.0941 0x0a38  [ 4C1E16B9A53102C8D6FBA587CBCB95DE, F982ABB2353E45E3E09B30EA99EFDC2A905AD75B43CDB0A34DB33D91AADDAB17 ] C:\Windows\SysWOW64\msv1_0.dll
13:30:32.0941 0x0a38  C:\Windows\SysWOW64\msv1_0.dll - ok
13:30:32.0941 0x0a38  [ 4D842C5081F06E61BFF461CF87D13525, DAEAAC69D12DCC86891E88B22D130900F2AD4AA8D3CABA6F6059C38D4BF03498 ] C:\Windows\ehome\ehtrace.dll
13:30:32.0941 0x0a38  C:\Windows\ehome\ehtrace.dll - ok
13:30:32.0956 0x0a38  [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891, 0A82A475301202791A7C10F978F952EAB7DB146A702D4EA67E24E2C98BC19638 ] C:\Windows\System32\Syncreg.dll
13:30:32.0956 0x0a38  C:\Windows\System32\Syncreg.dll - ok
13:30:32.0956 0x0a38  [ C836175870E00ACC546066632E15BD10, 4347F3319C26DA1C38F395C74DBD67AF886149C8F29EDE765DD96C8480A3054A ] C:\Windows\ehome\ehSSO.dll
13:30:32.0956 0x0a38  C:\Windows\ehome\ehSSO.dll - ok
13:30:32.0972 0x0a38  [ 9A39A2A5F443A756C568C6ED5748AFE4, 13C2790985CBA9CD325BA20364A665DB50B769B7DDE93E6BE20F25427BDB34F8 ] C:\Windows\SysWOW64\ActionCenter.dll
13:30:32.0972 0x0a38  C:\Windows\SysWOW64\ActionCenter.dll - ok
13:30:32.0972 0x0a38  [ EE38D491D51FB79B7CA55500F20CD802, A5D338DF7EE9BA539BBBE99B507B20CCBCDB507A0EB5A78D9E4424C9A0354BC5 ] C:\Users\Admin\AppData\Local\TheWeatherNetwork\WeatherEye\WeatherEye.exe
13:30:32.0972 0x0a38  C:\Users\Admin\AppData\Local\TheWeatherNetwork\WeatherEye\WeatherEye.exe - ok
13:30:32.0987 0x0a38  [ 9108540E866F75C7AF2B91DD921A8091, 7208C8E05E818781D7F2703B86848FC90651E0D8BE10362863250F2283CEC511 ] C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
13:30:32.0987 0x0a38  C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
13:30:32.0987 0x0a38  [ 92DBF0A4C9239169010FC6E07859C82E, 00FB2CF4420F0FFEF519AFE732A708CF249640121E2A891CAA164313ABD7F804 ] C:\Windows\System32\ActionCenter.dll
13:30:32.0987 0x0a38  C:\Windows\System32\ActionCenter.dll - ok
13:30:33.0003 0x0a38  [ 82C089EA2A3EEFADF3588EA71E8BDADA, 2F3BB32EE2C0673058A74DEEB2D405E5E79F833F33C4D289A93EB3C618A86E75 ] C:\Windows\SysWOW64\wevtapi.dll
13:30:33.0003 0x0a38  C:\Windows\SysWOW64\wevtapi.dll - ok
13:30:33.0003 0x0a38  [ 4E8E3880A3E0632AA5C8F7EF8B37E2B2, F05D2C1B3B015F8486AF5EBA4E6A91E511E01162071B3E1F2A2305503A4B6BC7 ] C:\Windows\System32\GfxUI.exe
13:30:33.0003 0x0a38  C:\Windows\System32\GfxUI.exe - ok
13:30:33.0019 0x0a38  [ 8EC00CCCBB3436D534FC8DA85FF943BF, EC6A635D25784D6DDCF47FC78F7EF562106E7C1DDD1ED5DF198ABD3D3F506863 ] C:\Windows\SysWOW64\appwiz.cpl
13:30:33.0019 0x0a38  C:\Windows\SysWOW64\appwiz.cpl - ok
13:30:33.0019 0x0a38  [ 587BB0FA7D11F81251539A630C097C8C, 592BB33E4995FC41C76584D677BFEA95C21BC0B62879199D4759CB612DA5A14F ] C:\Windows\System32\appwiz.cpl
13:30:33.0019 0x0a38  C:\Windows\System32\appwiz.cpl - ok
13:30:33.0019 0x0a38  [ C746F3BF98E92FB137B5BD2B8B5925BD, 67A8990F3D491D149E65C90042909259793C65E671DC953FDA1F7590FAC23D9E ] C:\Windows\System32\FXSST.dll
13:30:33.0019 0x0a38  C:\Windows\System32\FXSST.dll - ok
13:30:33.0034 0x0a38  [ 942E57152F1CD0533644AB30EF1A4728, 4F72510BECFAFDBB06C9CAAC66BA9E95225DE1EA12B4D2FD5B67492A2E628ABD ] C:\Windows\SysWOW64\FXSAPI.dll
13:30:33.0034 0x0a38  C:\Windows\SysWOW64\FXSAPI.dll - ok
13:30:33.0050 0x0a38  [ 4160FCCC8F8DE0A7A1C507A55936BAC5, 3A603D18E4A264C871431E338C644C9C1859C2028E7216A0C829263A9DAFCD15 ] C:\Windows\SysWOW64\osbaseln.dll
13:30:33.0050 0x0a38  C:\Windows\SysWOW64\osbaseln.dll - ok
13:30:33.0050 0x0a38  [ 650CAEA856943E29F25A25D31E004B18, DCA63D2AF4C6F14B27EA006F200E58A5C13AC940A51947A40F668908A446CC4E ] C:\Windows\System32\FXSAPI.dll
13:30:33.0050 0x0a38  C:\Windows\System32\FXSAPI.dll - ok
13:30:33.0065 0x0a38  [ D83947A58613E9091B4C9CC0F1546A8D, C71DF6E18E2099FC462717B8658D39C607A62C7E7A1E5CD0E258C17434535AD0 ] C:\Windows\SysWOW64\mscoree.dll
13:30:33.0065 0x0a38  C:\Windows\SysWOW64\mscoree.dll - ok
13:30:33.0065 0x0a38  [ A08C010D859F8EB42BDD7E1D55B8CA27, F86EAFBF7AA41D8425156C07398EDC3BD42F1690BD3E15D27AEF2EDA86549F15 ] C:\Windows\System32\mscoree.dll
13:30:33.0065 0x0a38  C:\Windows\System32\mscoree.dll - ok
13:30:33.0081 0x0a38  [ ECEC505F96DC60024B5C3384B180D07C, EDF9A783009F98529EE727A6E62D2ADEE3FD08797F4BB9C0BD7B749F2A37D224 ] C:\Windows\System32\osbaseln.dll
13:30:33.0081 0x0a38  C:\Windows\System32\osbaseln.dll - ok
13:30:33.0097 0x0a38  [ 703FFD301AB900B047337C5D40FD6F96, C09909B89183B89BA87CAC8C5BEBD0E995C5CB08CC9B9D1E88352103EE958857 ] C:\Windows\SysWOW64\olepro32.dll
13:30:33.0097 0x0a38  C:\Windows\SysWOW64\olepro32.dll - ok
13:30:33.0097 0x0a38  [ 735263DA17BF5BAF9CCD483843BF9D5A, A493F9191EA3F37A53474E94B3917EA038B29545FC62B1634CE47F05EA2FF5C6 ] C:\Windows\SysWOW64\WPDShServiceObj.dll
13:30:33.0097 0x0a38  C:\Windows\SysWOW64\WPDShServiceObj.dll - ok
13:30:33.0112 0x0a38  [ 135255E6557AD2B342A4BB4D892AE2DB, FDAE657C5CB268F14F3326900B998BBB4EEA16D301B75ED40145F439ABCAA8FE ] C:\Windows\System32\igfxrenu.lrc
13:30:33.0112 0x0a38  C:\Windows\System32\igfxrenu.lrc - ok
13:30:33.0112 0x0a38  [ D44067027714CC58B8AB0AC38FDA1A0B, 56E96A58B5A53A68485F8D2F7BA286F2B174AB910BD45145258D48251F489F02 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
13:30:33.0112 0x0a38  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
13:30:33.0128 0x0a38  [ C8FDF0FA9E97E2FAAF3F814716AAA881, DD24A1CAB44D943B0E1A795A347AD25D9305FC7F012A2566A6A14BD47221831F ] C:\Windows\System32\WPDShServiceObj.dll
13:30:33.0128 0x0a38  C:\Windows\System32\WPDShServiceObj.dll - ok
13:30:33.0128 0x0a38  [ C940F2F5C60B3727C5F18840735B229C, EFC3F465FD6C570505C214A92644357ACD01B1843ED25B5FCCCE10533403485C ] C:\Windows\SysWOW64\AudioSes.dll
13:30:33.0128 0x0a38  C:\Windows\SysWOW64\AudioSes.dll - ok
13:30:33.0143 0x0a38  [ C4096CA42199428B3D63DC206C197F0E, 76336CD81608650E5AAD02D59D2AC752E7BDD057314BBC7334CECF74D1EAB587 ] C:\Windows\SysWOW64\FXSRESM.dll
13:30:33.0143 0x0a38  C:\Windows\SysWOW64\FXSRESM.dll - ok
13:30:33.0143 0x0a38  [ B24232BCA42AA784A5C951B74B7789D3, CE9706D8E92DAB71D3AC6177DF13C300B680A003418B56EF1C1052C3E9B6C0D0 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
13:30:33.0143 0x0a38  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
13:30:33.0159 0x0a38  [ C8E8B8239FCF17BEA10E751BE5854631, CB869195E78AB613CEF50AE3B247F0E4E42F233A7AAF5B2BFC5ADEA2C45C5F8D ] C:\Windows\System32\FXSRESM.dll
13:30:33.0159 0x0a38  C:\Windows\System32\FXSRESM.dll - ok
13:30:33.0159 0x0a38  [ 85A112B729EFF69669461ED39A5213FE, 442E2178F0CDFE68FB80B6408AF040F325E57D76E4DB03BC6B6686D901561FE4 ] C:\Program Files\DellTPad\ApntEx.exe
13:30:33.0159 0x0a38  C:\Program Files\DellTPad\ApntEx.exe - ok
13:30:33.0175 0x0a38  [ D7FCD621FC17B4EDD453D0F5C22A7DA6, E6321173DD9F07BA538B02D9B79D584F61E905652996D432655C78E264281966 ] C:\Program Files\DellTPad\hidfind.exe
13:30:33.0175 0x0a38  C:\Program Files\DellTPad\hidfind.exe - ok
13:30:33.0175 0x0a38  [ ADB45A977BD9E45790CA496DB84BA148, BB251C9A5D2F5C6BDFB22C6BA235748472FC28AF2ADAF1CE7948352301DDE3C1 ] C:\Windows\SysWOW64\PortableDeviceTypes.dll
13:30:33.0175 0x0a38  C:\Windows\SysWOW64\PortableDeviceTypes.dll - ok
13:30:33.0190 0x0a38  [ EC6BA7C92FA5B2AA4AFDF4DF22AEDAB7, 690F12C490BEE2BF17AB7B6804E6E9B96F51C304350CCDE80FE5C7EEFA89720E ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll
13:30:33.0190 0x0a38  C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok
13:30:33.0190 0x0a38  [ 4F3CD1C59EA71401E155C432BCECE180, 6D4118A627CAE509E43D0CC0062EECAA0990C955BB15AE24834460551B2F51A2 ] C:\Windows\System32\PortableDeviceTypes.dll
13:30:33.0190 0x0a38  C:\Windows\System32\PortableDeviceTypes.dll - ok
13:30:33.0206 0x0a38  [ B2B3DAE040F6B5AE1DF52B0CD7631A18, 062680EFF24EB83FF34DDD76043DB9ABB476C8FEE7BBE869A1E7F7FC8891314F ] C:\Windows\SysWOW64\AltTab.dll
13:30:33.0206 0x0a38  C:\Windows\SysWOW64\AltTab.dll - ok
13:30:33.0206 0x0a38  [ E7368F0A8D19445EAF5C5D0DBB8B8DAB, CF9082360E32A7C3E13A67AC2C6192F4A76870D43DA9FF2936993A637F712761 ] C:\Windows\System32\AltTab.dll
13:30:33.0206 0x0a38  C:\Windows\System32\AltTab.dll - ok
13:30:33.0221 0x0a38  [ E98278865E8DABA21CFE5FE4BE34210A, 3BB431A9F6476EA98C17DF46BA5DFA265E74328D84875E402236ED12E50B6330 ] C:\Windows\SysWOW64\PortableDeviceApi.dll
13:30:33.0221 0x0a38  C:\Windows\SysWOW64\PortableDeviceApi.dll - ok
13:30:33.0221 0x0a38  [ 0F04A6F894C2C7333BC213854E4E6995, 20945AF77D7BF63F82938AEAE2D29CC69737D882DCAFB74EF57E5E696F946FB2 ] C:\Users\Admin\AppData\Local\TheWeatherNetwork\WeatherEye\weathereye.dll
13:30:33.0221 0x0a38  C:\Users\Admin\AppData\Local\TheWeatherNetwork\WeatherEye\weathereye.dll - ok
13:30:33.0237 0x0a38  [ A726248C6A1FF862B026B954649A6DA3, 2067A224D3FD3FEB256E7C4C288525F7969132725A06DCB8FFAF9756194C7386 ] C:\Users\Admin\AppData\Roaming\ABBYY\WmiPrv\WmiPrvSE.exe
13:30:33.0237 0x0a38  C:\Users\Admin\AppData\Roaming\ABBYY\WmiPrv\WmiPrvSE.exe - ok
13:30:33.0237 0x0a38  [ E64D9EC8018C55873B40FDEE9DBEF5B3, 2DB11E7C631A9887CB75AFEAD2C79EC65F82C51F5F073CEFC8CDDF664EFF29C1 ] C:\Windows\System32\PortableDeviceApi.dll
13:30:33.0237 0x0a38  C:\Windows\System32\PortableDeviceApi.dll - ok
13:30:33.0253 0x0a38  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] C:\Windows\System32\FXSSVC.exe
13:30:33.0253 0x0a38  C:\Windows\System32\FXSSVC.exe - ok
13:30:33.0253 0x0a38  [ 3D6F22551D422F97AACB0BB927E4C846, 9AB7C9F2E7F3D1CEC4553D0DF57E074121957055A9A4349946D354ACB6FC4579 ] C:\Windows\SysWOW64\pnidui.dll
13:30:33.0253 0x0a38  C:\Windows\SysWOW64\pnidui.dll - ok
13:30:33.0268 0x0a38  [ 10F815BE90A66AAFC6C713D1BD626064, 01139FC04BC53594296F6A0E16B8D20B940F64BC8119FE7705C03C4947958F39 ] C:\Windows\System32\pnidui.dll
13:30:33.0268 0x0a38  C:\Windows\System32\pnidui.dll - ok
13:30:33.0268 0x0a38  [ AB44EE3B916F1626B9C4222F2B6F2DE4, 9203116FF307FA6B37D0FCC7460BBF441CEBAE510C78967359EDB43A9FE2448E ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\bb750d3baf928f94ea3977e96af9769f\mscorlib.ni.dll
13:30:33.0268 0x0a38  C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\bb750d3baf928f94ea3977e96af9769f\mscorlib.ni.dll - ok
13:30:33.0284 0x0a38  [ BD626EF05967D14C772B8096292731A3, FE3838B41DCAFC52089D909E7F411186D993C08AC149E093352D691D57C9BE71 ] C:\Windows\SysWOW64\QUTIL.DLL
13:30:33.0284 0x0a38  C:\Windows\SysWOW64\QUTIL.DLL - ok
13:30:33.0284 0x0a38  [ B9F0A4020AA98B7A20287BF7FE99A1FD, 21138F161EEEA46198890C7A2D073F2C82829E15676131BDAD9F237EDC7477CD ] C:\Windows\System32\QUTIL.DLL
13:30:33.0284 0x0a38  C:\Windows\System32\QUTIL.DLL - ok
13:30:33.0299 0x0a38  [ 674B0C0F6A448EB185CAAB9C51D44032, 6722351F46BF70BA967844D3239CD801DFC4538A4EB6C478D8497F27F7FD9F1D ] C:\Windows\SysWOW64\srchadmin.dll
13:30:33.0299 0x0a38  C:\Windows\SysWOW64\srchadmin.dll - ok
13:30:33.0299 0x0a38  [ 8569E35D00F45972E506502EEE622BA4, 01FE851C03DB88C8373099C279F995A559D962B08932E193032FA3EAD522FB01 ] C:\Windows\System32\srchadmin.dll
13:30:33.0299 0x0a38  C:\Windows\System32\srchadmin.dll - ok
13:30:33.0315 0x0a38  [ E3D5E244807AD655787FCD25477CC1BC, 8A378249C936914DBFEDAE310D6ACB93D488C8F490EC4AAB435861C413A5BB0F ] C:\Windows\SysWOW64\bthprops.cpl
13:30:33.0315 0x0a38  C:\Windows\SysWOW64\bthprops.cpl - ok
13:30:33.0315 0x0a38  [ DE9EC2C90DA5A74ACA19AF8CF564748E, B640D88884262526842779A3A891F225BA52F34E18E27B25152DB018C00F598E ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\350ed175b92e48f5249a1bab538872e5\System.ni.dll
13:30:33.0315 0x0a38  C:\Windows\assembly\NativeImages_v2.0.50727_64\System\350ed175b92e48f5249a1bab538872e5\System.ni.dll - ok
13:30:33.0331 0x0a38  [ F7A256EC899C72B4ECDD2C02CB592EFD, 9C1AA9322E83CABB94AEA4375EAEB0C44700E1F33B8BE98649BA1DF4DDFAD326 ] C:\Windows\System32\bthprops.cpl
13:30:33.0331 0x0a38  C:\Windows\System32\bthprops.cpl - ok
13:30:33.0331 0x0a38  [ 140D9F911182357626165EA0BEB98C4F, 9B24047BF104895FCFDB68694934BDDD92DE98A0E6334A62E987C6DCBFFB9C5B ] C:\Windows\SysWOW64\ncsi.dll
13:30:33.0331 0x0a38  C:\Windows\SysWOW64\ncsi.dll - ok
13:30:33.0346 0x0a38  [ E4ABBB85979453BCFF2A2F4EECFDDFC6, EFFE95A3AAAED0D94977D06CCCAD1037529A68EE82E93CA1F92A27EAEEB3C43B ] C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
13:30:33.0346 0x0a38  C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe - ok
13:30:33.0362 0x0a38  [ 236F286E103FD44BD85FDD93097FD5DD, C369C98E76FEFBB05A12ABEECCF89C75132419B56866ED9AB77F61F84BA62785 ] C:\Windows\SysWOW64\SearchIndexer.exe
13:30:33.0362 0x0a38  C:\Windows\SysWOW64\SearchIndexer.exe - ok
13:30:33.0362 0x0a38  [ E0B340996A41C9A75DFA3B99BBA9C500, D029AD8ABBD2267B1E44DF5172B93C3F832B4C21F930F5512C24E800F5CE4F8B ] C:\Windows\System32\SearchIndexer.exe
13:30:33.0362 0x0a38  C:\Windows\System32\SearchIndexer.exe - ok
13:30:33.0377 0x0a38  [ C2FF17734176CD15221C10044EF0BA1A, B0D83215E105E2CC88AAA556B1DF380B2E67500A21077F83447199DB8E8CB7BD ] C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
13:30:33.0377 0x0a38  C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe - ok
13:30:33.0377 0x0a38  [ D39DA70FEA6BD713682F70635587DA9E, FF18C97642F48C711D75F32115B1260FE0BDF6072403E5A9226E9BE780AF1969 ] C:\Windows\SysWOW64\rasdlg.dll
13:30:33.0377 0x0a38  C:\Windows\SysWOW64\rasdlg.dll - ok
13:30:33.0393 0x0a38  [ 593AD9042E84A7BADB7E84C6A97D6494, 9D7B6868DFEA9D67C3FCDE1E10B6194161B40D2CBAB72EAFAE431A7CFE3BCECF ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\860cfb90fd4dd4eccb26488e10e0f42e\WindowsBase.ni.dll
13:30:33.0393 0x0a38  C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\860cfb90fd4dd4eccb26488e10e0f42e\WindowsBase.ni.dll - ok
13:30:33.0393 0x0a38  [ D2155709E336C3BC15729EB87FEC6064, 682A84C0F2D892E7A6CEE4E5937B4799E352AAE3B71E7037F2A343373467443C ] C:\Windows\System32\rasdlg.dll
13:30:33.0393 0x0a38  C:\Windows\System32\rasdlg.dll - ok
13:30:33.0409 0x0a38  [ 62AB523ECBC68D8137DE446B3DE49386, F8C705D1737D33FB77D1AF28426B370DF3E465C7D670F5DD4F2484C2F1ECEF05 ] C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
13:30:33.0409 0x0a38  C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll - ok
13:30:33.0409 0x0a38  [ D9B9FA5132E0868911737E44536536EB, A32F1827DD93CA74CA13EBD0EE2A244448454598EFB7099A975AA7C5436D812B ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\496c66c1ec949738d092aab42ea40325\PresentationCore.ni.dll
13:30:33.0409 0x0a38  C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\496c66c1ec949738d092aab42ea40325\PresentationCore.ni.dll - ok
13:30:33.0424 0x0a38  [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159, ACE7F85685EB92FC3AB4215122B0469E32F23B196C49F08CDA7791D3122C45DC ] C:\Windows\SysWOW64\rtutils.dll
13:30:33.0424 0x0a38  C:\Windows\SysWOW64\rtutils.dll - ok
13:30:33.0424 0x0a38  [ C5A99A4C0DC9F0F5A95BA0C83D30A549, F99CCCE303F0FC07D82D3BBA223E8CCE41FB7FA8FB5C2A9214C161826537C7C9 ] C:\Windows\SysWOW64\mstask.dll
13:30:33.0424 0x0a38  C:\Windows\SysWOW64\mstask.dll - ok
13:30:33.0440 0x0a38  [ 7F8678C59F188528D60104E697C2361E, 9B4D262B10CB09543ACA9A78482F4EDD905791D2C8C518B574EBA440A71A85B7 ] C:\Windows\SysWOW64\mscms.dll
13:30:33.0440 0x0a38  C:\Windows\SysWOW64\mscms.dll - ok
13:30:33.0440 0x0a38  [ 862596399AAFD2A21DB2AF9270CD4F70, 24CAA19EE791FB3440CE742C9064FCE0CB755EF0789D3CE62058A2CFEF0FF6D2 ] C:\Windows\System32\mstask.dll
13:30:33.0440 0x0a38  C:\Windows\System32\mstask.dll - ok
13:30:33.0455 0x0a38  [ 8E01332CC4B68BC6B5B7EFFE374442AA, A4AD1D2FD3EC2F26949DBBC388F9FFF3713AD7EB4E9220AF817EBB5223E467C6 ] C:\Windows\SysWOW64\oleacc.dll
13:30:33.0455 0x0a38  C:\Windows\SysWOW64\oleacc.dll - ok
13:30:33.0455 0x0a38  [ C4F8E5684A636D4D16BE409FD5E5AF6F, 4D7C5236ADF622EDFC2A59B17442875248B6D3C4A079BE9CCAA1DF5E1754A427 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\f11b76fe8e17836118d9589f35845091\PresentationFramework.ni.dll
13:30:33.0455 0x0a38  C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\f11b76fe8e17836118d9589f35845091\PresentationFramework.ni.dll - ok
13:30:33.0471 0x0a38  [ 9419ABF3163B6F0E3AD3DD2B381C879F, 75029AFDB5F8A8F74A63B6C8165E77110E2FBAEC0021A9613035BFFEC646A54E ] C:\Windows\SysWOW64\WinSCard.dll
13:30:33.0471 0x0a38  C:\Windows\SysWOW64\WinSCard.dll - ok
13:30:33.0471 0x0a38  [ AE098D9D3BD83440C59A0C3386F4F5DD, 13CFA7323349A2746D7FE662A7FCFC678F4E7AA9E12B45C62328022E3272384F ] C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
13:30:33.0471 0x0a38  C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok
13:30:33.0487 0x0a38  [ 0241CB16136B9A4939CA0395768AE286, E7A3A0BDB4AC4BD718C93BE650541F96603739BDB3DB6860665DCC073DA8007D ] C:\Windows\SysWOW64\mssrch.dll
13:30:33.0487 0x0a38  C:\Windows\SysWOW64\mssrch.dll - ok
13:30:33.0487 0x0a38  [ F2A24E4AEC0F8D5DBAB10CB87A8EFED2, 1E2084BB76072596AB2E846DB45318453E1C82C1141385B7D73A1AD5EB30E8BD ] C:\Windows\SysWOW64\sti.dll
13:30:33.0487 0x0a38  C:\Windows\SysWOW64\sti.dll - ok
13:30:33.0502 0x0a38  [ EE1111977B9995D5E8CBB72C0591EA0E, E96503B78041412EEBE639FFCFBEF81EF900EA5AA4D8D8744CF5711007CEDF56 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
13:30:33.0502 0x0a38  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
13:30:33.0502 0x0a38  [ 6E656C325A5519A3A9D951709958CF6F, 1DC1D4BDF42F40A381D569297FEFB79B53CBD87088BA61A9EEA5AE4526B6182E ] C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll
13:30:33.0502 0x0a38  C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll - ok
13:30:33.0518 0x0a38  [ 1B1431D9520C7578AD5633ED2A70625F, 6852FAC1355CA69226B727A1355D6DA8C0865F5EEDA45D7690701CFED7C542A1 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
13:30:33.0518 0x0a38  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
13:30:33.0518 0x0a38  [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
13:30:33.0518 0x0a38  C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe - ok
13:30:33.0533 0x0a38  [ 81600E2E27ED61427AAD865B9BCDDB9D, 0D7D39C0A5A2C24FAADCA41658A1C62D13180B462C78103BDF6DBD76B64DD79A ] C:\Windows\SysWOW64\msidle.dll
13:30:33.0533 0x0a38  C:\Windows\SysWOW64\msidle.dll - ok
13:30:33.0549 0x0a38  [ D64D99EC088B54FFE8EE67A480386C20, A6D1E4CA40843B0B9B32019E69479457D46CA99A2804E937CDC385C9DEDFDE62 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll
13:30:33.0549 0x0a38  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok
13:30:33.0549 0x0a38  [ 71C4F42DC8DB668E826DA79462EA741E, 69452DBC1CD4E09B27A42A535827B359FA9A2762A106E91653DDB7BF00A9C029 ] C:\Windows\SysWOW64\KBDUS.DLL
13:30:33.0549 0x0a38  C:\Windows\SysWOW64\KBDUS.DLL - ok
13:30:33.0565 0x0a38  [ A18C3579512D96D02C8BEC1400454BE8, B42BBB8F1C629F69AE4227F6D9CCBA2C33147CCBD974BC053DFC7021D7EBF8F7 ] C:\Windows\System32\gfxSrvc.dll
13:30:33.0565 0x0a38  C:\Windows\System32\gfxSrvc.dll - ok
13:30:33.0565 0x0a38  [ 465DBF63A5049E4DB4BC5C12FFE781CB, D12F6A9FB92144B2CFFD28BD72C234BA42F882EF22122DB83CE5EB1B8EBE9017 ] C:\Windows\SysWOW64\tquery.dll
13:30:33.0565 0x0a38  C:\Windows\SysWOW64\tquery.dll - ok
13:30:33.0580 0x0a38  [ 90E03A12E4BAD479257ACB33E7BDE9DC, 48FD11F9118CA8CE09D3053A4A1534E5F25A774ED24E1D288A47D599BAEEAB71 ] C:\Windows\System32\IGFXDEVLib.dll
13:30:33.0580 0x0a38  C:\Windows\System32\IGFXDEVLib.dll - ok
13:30:33.0580 0x0a38  [ 6699A112A3BDC9B52338512894EBA9D6, 10888BB9C3799E1E8B010C0F9088CED376AAD63A509FCE1727C457B022CDC717 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
13:30:33.0580 0x0a38  C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
13:30:33.0580 0x0a38  [ 1CBF15FDB0310345A68972EB5C5B948F, E1EDCE6216B24037B243AC68CEEBD510646B2EFD70BC118E68303F9ED85D1973 ] C:\Windows\SysWOW64\mssprxy.dll
13:30:33.0596 0x0a38  C:\Windows\SysWOW64\mssprxy.dll - ok
13:30:33.0596 0x0a38  [ 1D6A771D1D702AE07919DB52C889A249, E5F3378AC40AEE6114EEAF3BF11DC1059466891CAE353E80C08622A60485C954 ] C:\Windows\SysWOW64\wlanutil.dll
13:30:33.0596 0x0a38  C:\Windows\SysWOW64\wlanutil.dll - ok
13:30:33.0611 0x0a38  [ 6EF5F3F18413C367195F06E503AB86A6, 6F8B87FB4D67F9E76A51EF759B58A95D903C4AAC9C789A65A3FA1FC4F253D978 ] C:\Windows\SysWOW64\d3d9.dll
13:30:33.0611 0x0a38  C:\Windows\SysWOW64\d3d9.dll - ok
13:30:33.0611 0x0a38  [ C02AA67276FEE0C15CC4D6D616BDE95E, 24B0FFA2903CC77FEDE6B491647BB759C4AE054E38A19EFA0D2662AC2959570B ] C:\Windows\SysWOW64\WWanAPI.dll
13:30:33.0611 0x0a38  C:\Windows\SysWOW64\WWanAPI.dll - ok
13:30:33.0627 0x0a38  [ 4C3DAEE652B005B483F16B8E9131C99D, 188DFF96F3B18A610C52775C8F95C99ABF27FF2E1D52B50EDF9F80FE337239CD ] C:\Windows\System32\d3d9.dll
13:30:33.0627 0x0a38  C:\Windows\System32\d3d9.dll - ok
13:30:33.0627 0x0a38  [ 5DA219F57A9076FB6FBD3C9C3713A672, 274FE616625B336D81841FDC752C8053D4CD6926565B899760D298D145CBA1A3 ] C:\Windows\System32\WWanAPI.dll
13:30:33.0627 0x0a38  C:\Windows\System32\WWanAPI.dll - ok
13:30:33.0643 0x0a38  [ 5E3C0E5FFDA48C5DA35BBFB8EFFF8066, E2BBCC111DB1CE6072CB796F21677E4529029CE66DDC471EC793278F81F1FCF6 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
13:30:33.0643 0x0a38  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
13:30:33.0643 0x0a38  [ F2ED6D00921CA138289E5E0CCB9ABF87, 528F249CE0835CA4D8B7C4940F5132DF1155EB344177BEA4CD7FCF9B8DCCCA4B ] C:\Windows\SysWOW64\wwapi.dll
13:30:33.0643 0x0a38  C:\Windows\SysWOW64\wwapi.dll - ok
13:30:33.0658 0x0a38  [ 62C7AACC746C9723468A8F2169ED3E85, 40E901F3EAFE52DF11D6BC4EF0E79F666EBDACE0B3C090CAD2358076E893EA47 ] C:\Windows\System32\wwapi.dll
13:30:33.0658 0x0a38  C:\Windows\System32\wwapi.dll - ok
13:30:33.0658 0x0a38  [ C7494C67A6BF6FE914808E42F8265FEF, 3A3871983F2D9A57739C70365DC3F417D9BF02F5C0C4CC3272EA9F3D380EF962 ] C:\Program Files\Windows Media Player\wmpnssci.dll
13:30:33.0658 0x0a38  C:\Program Files\Windows Media Player\wmpnssci.dll - ok
13:30:33.0674 0x0a38  [ 77B1471A490B53B24EFE136F09F76550, A650C3A244306F8E605BDA8E74BFE438356BA4403B0CB61E980D3183E3F0A7C7 ] C:\Windows\SysWOW64\d3d8thk.dll
13:30:33.0674 0x0a38  C:\Windows\SysWOW64\d3d8thk.dll - ok
13:30:33.0674 0x0a38  [ 02530B0B7E048DD5AC8D52DAEACAEB2B, 2DEB454F8B71EC54C59185E2F1D679F7EC1C7AEFCD1D59761FDD3D70CABE0254 ] C:\Windows\SysWOW64\QAGENT.DLL
13:30:33.0674 0x0a38  C:\Windows\SysWOW64\QAGENT.DLL - ok
13:30:33.0689 0x0a38  [ 3044D07ABDF4BBEA27E2EE7B1E0C0C65, D99A8C10CC4E5C778D063E56A131DB549F01CA7F9605F6596406606BB12C0269 ] C:\Windows\System32\d3d8thk.dll
13:30:33.0689 0x0a38  C:\Windows\System32\d3d8thk.dll - ok
13:30:33.0689 0x0a38  [ D14E4D144BDC10A907897E5EAB810E5F, A2B5A010F2256563FCE47F71EA251412D89FEA159CEF9269D6F76877D7970F48 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
13:30:33.0689 0x0a38  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
13:30:33.0705 0x0a38  [ 6B851E682A36453E1B1EE297FFB6E2AB, A641D3FD9463C4788B45B8B5584EA4489C1F63A71B4B595AE85FF3482CD5EDA6 ] C:\Windows\System32\QAGENT.DLL
13:30:33.0705 0x0a38  C:\Windows\System32\QAGENT.DLL - ok
13:30:33.0705 0x0a38  [ 7D631675030CE69C78FB131912E0E3DF, C042686A2402EE28B34F83A7020E332DBCD0AFDFDBEDCCDD67BC6BD86F2A1AD1 ] C:\Windows\System32\igdumd64.dll
13:30:33.0705 0x0a38  C:\Windows\System32\igdumd64.dll - ok
13:30:33.0721 0x0a38  [ 589DF683A6C81424A6CECE52ABF98A50, 8CE0D07B2FC1F1BF8C07434FAFCDC63FDD3B75007C3B2EED130DB69D2D16E90A ] C:\Windows\System32\tquery.dll
13:30:33.0721 0x0a38  C:\Windows\System32\tquery.dll - ok
13:30:33.0721 0x0a38  [ 7568CC720ACE4D03B84AF97817E745EF, 7155144CB0B260B969C398A36BC277C97BEADB5DB137D19A4F7E5AF61C3E24D4 ] C:\Windows\System32\mssrch.dll
13:30:33.0721 0x0a38  C:\Windows\System32\mssrch.dll - ok
13:30:33.0736 0x0a38  [ 8106983F4D5C609A6211A28F70AD2946, 46E142F640B5DDE186417C98069643127D6764320F62EBA4884A0682F9EEB469 ] C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
13:30:33.0736 0x0a38  C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll - ok
13:30:33.0736 0x0a38  [ 53223B673A3FA2F9A4D1C31C8D3F6CD8, B07A12E3ECD5E418A3F99F00C56E7F482F68CADE330E7C079DCCDFFAD2E21299 ] C:\Windows\SysWOW64\dbghelp.dll
13:30:33.0736 0x0a38  C:\Windows\SysWOW64\dbghelp.dll - ok
13:30:33.0752 0x0a38  [ 3121A79D13A61562BE9CC902CD46B542, 00A5833A48338A4A9A5530844924AF4F1FAB618DA46D7EBBC6E2165C32ED376C ] C:\Windows\System32\msidle.dll
13:30:33.0752 0x0a38  C:\Windows\System32\msidle.dll - ok
13:30:33.0752 0x0a38  [ A9F3BFC9345F49614D5859EC95B9E994, 306467D280E99D0616E839278A4DB5BED684F002AE284C3678CABB5251459CB3 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
13:30:33.0752 0x0a38  C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
13:30:33.0767 0x0a38  [ 846D0E4DB261CFAF363902E41498E961, D7E5591B7604FD583AF7FDA19E30928B24A6145318A3944E7D207F0CCEEB30D0 ] C:\Windows\SysWOW64\EhStorShell.dll
13:30:33.0767 0x0a38  C:\Windows\SysWOW64\EhStorShell.dll - ok
13:30:33.0783 0x0a38  [ ACE1BB07E0377E37A2C514CD2EC119B1, A9AFA4774DFA875496764D6E541A6333A3ACD3C5D2BBEF753C2D80BA83B4AC15 ] C:\Windows\System32\mssprxy.dll
13:30:33.0783 0x0a38  C:\Windows\System32\mssprxy.dll - ok
13:30:33.0783 0x0a38  [ 547BE09D331BBCF57F3AF5B4FC02C310, DF89E703C87E735BE80960CDCF003155D85F1BE765336DBD88CD387884788A5A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\210e87c409d2f08e7503e9ab1e12db11\System.Xml.ni.dll
13:30:33.0783 0x0a38  C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\210e87c409d2f08e7503e9ab1e12db11\System.Xml.ni.dll - ok
13:30:33.0799 0x0a38  [ B63E24E9271E99FD4540E3CA22A937DA, A9E75FBF482C4447E887E5B6EBAD96FE827F0BBD1101F1D8B54EE178D3AEAA7E ] C:\Windows\SysWOW64\en-US\tquery.dll.mui
13:30:33.0799 0x0a38  C:\Windows\SysWOW64\en-US\tquery.dll.mui - ok
13:30:33.0799 0x0a38  [ C9FB9038B15036CA28CF0B4BE2BED9BD, 0F56384E798B3F725FFEFC6E31A980DA31F620DB847F601273EF19E8CE74A226 ] C:\Windows\System32\en-US\tquery.dll.mui
13:30:33.0799 0x0a38  C:\Windows\System32\en-US\tquery.dll.mui - ok
13:30:33.0814 0x0a38  [ 676CCC08D9E9A3F4CA39CB04E97048DF, AD7361AB05A6169705C57C36AAF015130124737720B13BA6102102299B49D629 ] C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
13:30:33.0814 0x0a38  C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll - ok
13:30:33.0814 0x0a38  [ 0B9D8AAD5B9694985D2422C8D35E5B6C, 6743545F35EDFBB44B05DC3A209835D1185B724C92C6C9871C0DB9E1E6625E22 ] C:\Program Files (x86)\TuneUp Utilities 2012\TUTuningIndex64.dll
13:30:33.0814 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\TUTuningIndex64.dll - ok
13:30:33.0830 0x0a38  [ 1FD1215C4B622EB21D50BC6F80821023, F3606881CA5A906AE82ABDA5349AD559B280ED1C46BB4362B4BF9B8363747E4A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\d6a43130081227fd48defe1a87040123\System.Configuration.ni.dll
13:30:33.0830 0x0a38  C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\d6a43130081227fd48defe1a87040123\System.Configuration.ni.dll - ok
13:30:33.0845 0x0a38  [ 03F3B770DFBED6131653CEDA8CA780F0, 77373919DCA647F09851E7E460AE78FBD89F21516B961F84AC4446304E51E09C ] C:\Windows\SysWOW64\ntshrui.dll
13:30:33.0845 0x0a38  C:\Windows\SysWOW64\ntshrui.dll - ok
13:30:33.0845 0x0a38  [ 62A6EB5771580CAE445804389F3F7432, CC529625540204E82794E5494C063371BF7A5164823E6C3B2CCAAC030AE4D5AE ] C:\Windows\SysWOW64\WindowsCodecsExt.dll
13:30:33.0845 0x0a38  C:\Windows\SysWOW64\WindowsCodecsExt.dll - ok
13:30:33.0861 0x0a38  [ 465BEA35F7ED4A4A57686DEA7EA10F47, 7F1B3CA09AB045F805DA5765BE7DD270F5DDACE3073017F7386FF1E2FA82D6FB ] C:\Windows\SysWOW64\cscapi.dll
13:30:33.0861 0x0a38  C:\Windows\SysWOW64\cscapi.dll - ok
13:30:33.0861 0x0a38  [ F1C19F0AA151B90A7416FA1D50DDB582, A4AE6B056BF65A12CE5BEDFC3ADE156F088AEAC7196EB5741C9573C64552A7C0 ] C:\Windows\System32\WindowsCodecsExt.dll
13:30:33.0861 0x0a38  C:\Windows\System32\WindowsCodecsExt.dll - ok
13:30:33.0877 0x0a38  [ 827CB0D6C3F8057EA037FF271F8E9795, 82760DBDDD38D2A31CAAF51D065DF4E7E1D0F0C22733A0AF653776EBF7B79470 ] C:\Windows\SysWOW64\imageres.dll
13:30:33.0877 0x0a38  C:\Windows\SysWOW64\imageres.dll - ok
13:30:33.0877 0x0a38  [ 816B681CC308FAA128EDCB90643DCED7, C2C6295F59F00F4D47673C361F1965BA62F9ADF6897A6A0BE224509628A27D7E ] C:\Windows\SysWOW64\icm32.dll
13:30:33.0877 0x0a38  C:\Windows\SysWOW64\icm32.dll - ok
13:30:33.0892 0x0a38  [ 1D296F090ED401967B30BD2B970DC306, 9D83B54050E7BD6D807E437CFD22FF803D450194ABA4FD0EDEBF27BEC90521AC ] C:\Windows\System32\icm32.dll
13:30:33.0892 0x0a38  C:\Windows\System32\icm32.dll - ok
13:30:33.0892 0x0a38  [ 90C98B905CF3A4E60C537AE37C95B1A5, 184BBF8A0874F24FBC854648A338F94F5DB6D009BFFD7930C26D43EA57530F11 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\7dd846e826e689fce547aefb6e6f16ac\WindowsFormsIntegration.ni.dll
13:30:33.0892 0x0a38  C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\7dd846e826e689fce547aefb6e6f16ac\WindowsFormsIntegration.ni.dll - ok
13:30:33.0908 0x0a38  [ 5CF15474FFDB5005E54958DF6EDD97AB, D4DBB3AACBB7679948258FFC53472FE8B5D0B3EC06D572EE2BDBF45CE608D86D ] C:\Windows\SysWOW64\wmdrmdev.dll
13:30:33.0908 0x0a38  C:\Windows\SysWOW64\wmdrmdev.dll - ok
13:30:33.0908 0x0a38  [ 47D052D9EE1FD3BA2A55D13F61E3EF24, 8DB44BA6FC0C49039F3E95D6137CFFF9EE0E0B24CA4E25342B7EFA897737DFAC ] C:\Windows\SysWOW64\drmv2clt.dll
13:30:33.0908 0x0a38  C:\Windows\SysWOW64\drmv2clt.dll - ok
13:30:33.0923 0x0a38  [ 40B82688907A7DBA4DB3B5ADDE3EAB3B, 7A8A051F414A0A11252A361461A086890BCE9F49CE1AF794061184AE16517EF1 ] C:\Windows\SysWOW64\mfplat.dll
13:30:33.0923 0x0a38  C:\Windows\SysWOW64\mfplat.dll - ok
13:30:33.0923 0x0a38  [ 139D3AB6AA920C34C50CBFFB9EB7D222, 5A5D205E16E6AFDCC965E4144FE6E104157DE7541D31727520363F2670513940 ] C:\Windows\SysWOW64\avrt.dll
13:30:33.0923 0x0a38  C:\Windows\SysWOW64\avrt.dll - ok
13:30:33.0939 0x0a38  [ EA2B00551F3E7B3D5F7FB730A55F8246, E45CD49CE2D3FF1F3CDB116F8F18EFB09A575021480E45CF9650C837D72272DC ] C:\Windows\SysWOW64\blackbox.dll
13:30:33.0939 0x0a38  C:\Windows\SysWOW64\blackbox.dll - ok
13:30:33.0939 0x0a38  [ 7D33B37BB6E53A9368904C5EEA1778C0, 8774A92DFB8D624CD4E73015A5DBBD575363D18A724DC4109E27346F713E343D ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\9fb53c000500919c5c98fd3c749a2393\PresentationFramework.Aero.ni.dll
13:30:33.0939 0x0a38  C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\9fb53c000500919c5c98fd3c749a2393\PresentationFramework.Aero.ni.dll - ok
13:30:33.0955 0x0a38  [ 423982DD851406A52B6399DDB196C606, 5FFBA6D1E9398E7C5D18553EE1C485F59174013622332F7BD8D461F707F1EC93 ] C:\Windows\System32\wmdrmdev.dll
13:30:33.0955 0x0a38  C:\Windows\System32\wmdrmdev.dll - ok
13:30:33.0955 0x0a38  [ 2C1055E2C6D42753241FB2A129136994, A8E858B4CB8E1E13C7574330C703E0060AEE8B7B19B682F9AE5B4A02BDC659E2 ] C:\Windows\System32\drmv2clt.dll
13:30:33.0955 0x0a38  C:\Windows\System32\drmv2clt.dll - ok
13:30:33.0970 0x0a38  [ 6C4B2E1A25841077084EB9F76FF6FFA7, 777D9E5D81409A54BF387BDDF4E471932FFB636406E390EC29EDF1FFFE3D8880 ] C:\Windows\SysWOW64\wmp.dll
13:30:33.0970 0x0a38  C:\Windows\SysWOW64\wmp.dll - ok
13:30:33.0970 0x0a38  [ 54B5DCD55B223BC5DF50B82E1E9E86B1, 025294DD69A421FE4EACAA463F8CB797610D8F3A7A3C61656AE83D0CEE07A9BF ] C:\Windows\System32\mfplat.dll
13:30:33.0970 0x0a38  C:\Windows\System32\mfplat.dll - ok
13:30:33.0986 0x0a38  [ 8CBBB27369F9F07BC5E874E750EAF9D0, 4C4BEA5AD454692E0A56ACFC83C495CA44B7BB2393388A5582CE3EBE5D81E2E1 ] C:\Windows\System32\wmp.dll
13:30:33.0986 0x0a38  C:\Windows\System32\wmp.dll - ok
13:30:33.0986 0x0a38  [ F0E839CDE31A9FF7F2D77A901099D334, B4FA1F7D4616FD90AB12963729C11BED0989D862871C8A115F3E97464A510BCE ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\981815c04012453ded108530fbdc4646\System.Drawing.ni.dll
13:30:33.0986 0x0a38  C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\981815c04012453ded108530fbdc4646\System.Drawing.ni.dll - ok
13:30:34.0001 0x0a38  [ 97A891E2BF7FDA830BCFC6269DA3F5E9, 7C8D68F0B0A7E4FF93820CC37D666FBA5400F8689860CFEB215E4A204F2C216B ] C:\Windows\System32\blackbox.dll
13:30:34.0001 0x0a38  C:\Windows\System32\blackbox.dll - ok
13:30:34.0001 0x0a38  [ 02DF0628BE8B64B84D50FBE53549AA3B, AED50B07451F14D0C0682EDDC11ED5BBAD63D6DB11A91826B0ADBDBE411F0084 ] C:\Windows\SysWOW64\wmploc.DLL
13:30:34.0001 0x0a38  C:\Windows\SysWOW64\wmploc.DLL - ok
13:30:34.0017 0x0a38  [ AB272BBFB05A8585C3405EFA9F605774, 2E019FB20769BDBAAC5C55B0055602A5AAEC4F93494F4B2A686756ADA3B3D4E2 ] C:\Windows\System32\wmploc.DLL
13:30:34.0017 0x0a38  C:\Windows\System32\wmploc.DLL - ok
13:30:34.0017 0x0a38  [ 954EA9B34F155C844B11F4047A8F6F89, 44703118AE57D44C802DFA5619DC1CA55C5C046D666CE546E5870D722786E395 ] C:\Windows\SysWOW64\upnp.dll
13:30:34.0017 0x0a38  C:\Windows\SysWOW64\upnp.dll - ok
13:30:34.0033 0x0a38  [ 96DB78C9C50CEED9DA5050EFFEE272A2, 51CF3E1F96555A4E4B5BC0DE2598CE5A0199F495644A91C2105F25A5A4CF10E3 ] C:\Windows\System32\upnp.dll
13:30:34.0033 0x0a38  C:\Windows\System32\upnp.dll - ok
13:30:34.0033 0x0a38  [ 28E2231BD34A39C854BDF3923AB2FF86, A95179068F7B86E04F976B724F155DA86253B7F4414F43DBD95F2058282B99E4 ] C:\Windows\SysWOW64\ssdpapi.dll
13:30:34.0033 0x0a38  C:\Windows\SysWOW64\ssdpapi.dll - ok
13:30:34.0048 0x0a38  [ 03B3541AE6986602CF9CB5B3AD169C33, FC4B0ABA53EDB19DCBA00B8FEBE807643A4AB2D6B8337EE05CE2D0283BEF0F4E ] C:\Windows\SysWOW64\webcheck.dll
13:30:34.0048 0x0a38  C:\Windows\SysWOW64\webcheck.dll - ok
13:30:34.0048 0x0a38  [ F00AE7B953ABEF1B53FBBA187DFC8238, 6FFA160FB6821A725A7D81E1BECE1DE89E3E022B33E56A7468E2E0B4C8B2AE31 ] C:\Windows\System32\webcheck.dll
13:30:34.0048 0x0a38  C:\Windows\System32\webcheck.dll - ok
13:30:34.0064 0x0a38  [ E1AC89F6C5252057E6062843E36A6701, 32BE52836F2A011D46957AD60ABA48986B87026FD50ED09D8495460C7F1AB23E ] C:\Windows\SysWOW64\SearchProtocolHost.exe
13:30:34.0064 0x0a38  C:\Windows\SysWOW64\SearchProtocolHost.exe - ok
13:30:34.0064 0x0a38  [ 2DDEA2C345DA5BC589EFD398F220DB0E, B515B15BE7CB66F94B7A9B802719DAF7D50E1FE2832B66B6883AC0023060800D ] C:\Windows\SysWOW64\SyncCenter.dll
13:30:34.0064 0x0a38  C:\Windows\SysWOW64\SyncCenter.dll - ok
13:30:34.0079 0x0a38  [ D9E21CBF9E6A87847AFFD39EA3FA28EE, B2AE0BBF907D4108DE3485E6059DF8D10C39707CD508A55A2D9627A66D01AE78 ] C:\Windows\System32\SearchProtocolHost.exe
13:30:34.0079 0x0a38  C:\Windows\System32\SearchProtocolHost.exe - ok
13:30:34.0079 0x0a38  [ 101797BA603D227946B4B5109867EB19, EBF2B48D1A4FE148F455EA32023ABC0D479215D48C7CE76E765F199CD3C80AF8 ] C:\Windows\System32\SyncCenter.dll
13:30:34.0079 0x0a38  C:\Windows\System32\SyncCenter.dll - ok
13:30:34.0095 0x0a38  [ A5D237B8673025B052C0E6FDB6A883E8, 0DAE34965C08F7450938A5145D2B53C68AA917744B8C6FCB130A35C03C5CEF6F ] C:\Windows\SysWOW64\msshooks.dll
13:30:34.0095 0x0a38  C:\Windows\SysWOW64\msshooks.dll - ok
13:30:34.0095 0x0a38  [ D2A5B2B09F2AF5ED13BF494508B09788, 3FA04E84EC5A575E7804E44BA3BF1C4143E53C4ACF6C823CD029711529B0BE2C ] C:\Windows\System32\msshooks.dll
13:30:34.0095 0x0a38  C:\Windows\System32\msshooks.dll - ok
13:30:34.0111 0x0a38  [ 5893EBDCE371174AC89ECD7731DD6D77, 31CC55F4724CFD95E48954B38C0A04D674399FD243083A816893ED5E5A770086 ] C:\Windows\SysWOW64\pcwum.dll
13:30:34.0111 0x0a38  C:\Windows\SysWOW64\pcwum.dll - ok
13:30:34.0111 0x0a38  [ 2D11BC8B460957E62E4420373A0D8BDA, 56105E84333998D43DFCDA9E8A4D70EAC43076CFF8389B2E525EC5C3017DC5FD ] C:\Windows\SysWOW64\imapi2.dll
13:30:34.0111 0x0a38  C:\Windows\SysWOW64\imapi2.dll - ok
13:30:34.0126 0x0a38  [ 8130391F82D52D36C0441F714136957F, 1FD4FEE7CAF63E450F27729E07EA2A2F09288629FD872DBB6E8710B16D8DBD5D ] C:\Windows\System32\imapi2.dll
13:30:34.0126 0x0a38  C:\Windows\System32\imapi2.dll - ok
13:30:34.0126 0x0a38  [ C7952D0A4C43A965A1741916BB134751, 84EF222159E8C444A1D9D2E6509245716E4106C8032861DBFF399001A529BF94 ] C:\Windows\SysWOW64\hgcpl.dll
13:30:34.0126 0x0a38  C:\Windows\SysWOW64\hgcpl.dll - ok
13:30:34.0142 0x0a38  [ 6A5C1A8AC0B572679361026D0E900420, B5E693B48B462E97738A3D4E58B60846159649EB15F4D11074B4BC107CC88562 ] C:\Windows\System32\hgcpl.dll
13:30:34.0142 0x0a38  C:\Windows\System32\hgcpl.dll - ok
13:30:34.0157 0x0a38  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] C:\Windows\SysWOW64\provsvc.dll
13:30:34.0157 0x0a38  C:\Windows\SysWOW64\provsvc.dll - ok
13:30:34.0157 0x0a38  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] C:\Windows\System32\FDResPub.dll
13:30:34.0157 0x0a38  C:\Windows\System32\FDResPub.dll - ok
13:30:34.0173 0x0a38  [ 73F6C5223F7E9B5780DD4A6C30FCF569, 121A361A572EFC6AC964300DA93BF28DC11E55DDCA29A7C6E6FD12955FBA68B8 ] C:\Windows\SysWOW64\WSDApi.dll
13:30:34.0173 0x0a38  C:\Windows\SysWOW64\WSDApi.dll - ok
13:30:34.0173 0x0a38  [ DB846EECA70EE9D2E2FF31147C57B0F4, 1086310477697F43EB156314804B7E9100E04966EF3934F9F5E37112C5129954 ] C:\Windows\SysWOW64\webservices.dll
13:30:34.0173 0x0a38  C:\Windows\SysWOW64\webservices.dll - ok
13:30:34.0189 0x0a38  [ 89D90579E5FB1469CB0464F6512E42B7, 0E85C6935FEAA219C923FF63D17F7C3AF72FF5028E0FF95B66092C6DF64C665C ] C:\Windows\SysWOW64\fundisc.dll
13:30:34.0189 0x0a38  C:\Windows\SysWOW64\fundisc.dll - ok
13:30:34.0189 0x0a38  [ 8CD1DEE212E52B9C22E66DBA44991D32, 7FCD0E7964368616434E3B3B080E783658B86524C26F3DB57503414204713E6D ] C:\Windows\SysWOW64\httpapi.dll
13:30:34.0189 0x0a38  C:\Windows\SysWOW64\httpapi.dll - ok
13:30:34.0204 0x0a38  [ CE7803953FE7314061B3F9188D310EB2, 75078CCE3A7277B5B60E806FA000FC437C4B06E2AD80EAB5BC99C8960810F295 ] C:\Windows\SysWOW64\en-US\KernelBase.dll.mui
13:30:34.0204 0x0a38  C:\Windows\SysWOW64\en-US\KernelBase.dll.mui - ok
13:30:34.0204 0x0a38  [ C2A9093E56551AACD417926F14F848E8, 7405CD8FD230173F344E0607A9223FA95329EE5134B8B95CA13F5E502999A6A8 ] C:\Windows\SysWOW64\msxml6r.dll
13:30:34.0204 0x0a38  C:\Windows\SysWOW64\msxml6r.dll - ok
13:30:34.0220 0x0a38  [ D2958325C1AE1AE37A83334C6229E3BC, D8263CB39A25447442B75A8D8E8111DF671D645DA90A33865C089DEDA9706904 ] C:\Windows\SysWOW64\actxprxy.dll
13:30:34.0220 0x0a38  C:\Windows\SysWOW64\actxprxy.dll - ok
13:30:34.0220 0x0a38  [ E6F0F82788E8BD0F7A616350EFA0761C, 13091DCB3E3F4F52C3FF210E93AAF1DCE142CFC09F671AEAC5B922393B23E67B ] C:\Windows\System32\actxprxy.dll
13:30:34.0220 0x0a38  C:\Windows\System32\actxprxy.dll - ok
13:30:34.0235 0x0a38  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] C:\Windows\System32\qmgr.dll
13:30:34.0235 0x0a38  C:\Windows\System32\qmgr.dll - ok
13:30:34.0235 0x0a38  [ 0552A8684BF7566F744D5B19FF6AEC6B, D1EB44C75A0AE0C9ABFE3B1B7AD648DF77B56B4358E522DFF732911906B20B49 ] C:\Windows\SysWOW64\bitsperf.dll
13:30:34.0235 0x0a38  C:\Windows\SysWOW64\bitsperf.dll - ok
13:30:34.0251 0x0a38  [ 29409ED7400CA5BCCC30C0EE5147A60D, FCC41E4308A1648CE810105AACED08295C53E25178D6C40C9DF61E9397C579D6 ] C:\Windows\System32\bitsperf.dll
13:30:34.0251 0x0a38  C:\Windows\System32\bitsperf.dll - ok
13:30:34.0251 0x0a38  [ D9431DCF90B0253773F51FDEFE7FD42F, E53C40CC0EC603CF67305F0AA81389124CF6E709A22DABF13563CBAD15897422 ] C:\Windows\System32\bitsigd.dll
13:30:34.0251 0x0a38  C:\Windows\System32\bitsigd.dll - ok
13:30:34.0267 0x0a38  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:30:34.0267 0x0a38  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
13:30:34.0267 0x0a38  [ 0DCA5F8AF83975061D9D8340DC471B5C, 71C8549419F46ABB4826B1847BF325374FA5C237CE14DB8B1DD8BB6FDABF6138 ] C:\Windows\SysWOW64\msvcr110_clr0400.dll
13:30:34.0267 0x0a38  C:\Windows\SysWOW64\msvcr110_clr0400.dll - ok
13:30:34.0282 0x0a38  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:30:34.0282 0x0a38  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
13:30:34.0282 0x0a38  [ 81FB155132AE12BA18119D5B36A85476, B135C87752B20C98CD5D4B9BE47316F785EC41FD5E391D8609F06EDA29B05BBF ] C:\Windows\System32\msvcr110_clr0400.dll
13:30:34.0282 0x0a38  C:\Windows\System32\msvcr110_clr0400.dll - ok
13:30:34.0298 0x0a38  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] C:\Windows\System32\sppsvc.exe
13:30:34.0298 0x0a38  C:\Windows\System32\sppsvc.exe - ok
13:30:34.0298 0x0a38  [ FB4045578F5180BDB1963AB352B78548, 8E645A63436EE6CDDB78E6064AEB04ECE39208F760A3EF13A3F49FDF41505E21 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
13:30:34.0298 0x0a38  C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
13:30:34.0313 0x0a38  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] C:\Windows\System32\wscsvc.dll
13:30:34.0313 0x0a38  C:\Windows\System32\wscsvc.dll - ok
13:30:34.0313 0x0a38  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] C:\Windows\System32\wuaueng.dll
13:30:34.0313 0x0a38  C:\Windows\System32\wuaueng.dll - ok
13:30:34.0329 0x0a38  [ 387A8A473ECC5BA02CF453277C1F3274, 3F36D3088B0F7CB0CC2C31E8F908527EC5502F0D3153D20332745B7BBF8B04D7 ] C:\Windows\SysWOW64\mspatcha.dll
13:30:34.0329 0x0a38  C:\Windows\SysWOW64\mspatcha.dll - ok
13:30:34.0329 0x0a38  [ 617F6EC0AC677C685479C1D0D1E76C6F, 77B22C0817558CE70EF7D3BBE04A275FFA35ED2E4AFB17DBDF353DF9932DC693 ] C:\Windows\System32\mspatcha.dll
13:30:34.0329 0x0a38  C:\Windows\System32\mspatcha.dll - ok
13:30:34.0345 0x0a38  [ 244C6722289F4869068992FD7D8A8832, 8644D0A55C46C3F081F0AB43D253D13E56E77D89336A87108DB8C47D6EDC3A64 ] C:\Windows\SysWOW64\wbem\wbemdisp.dll
13:30:34.0345 0x0a38  C:\Windows\SysWOW64\wbem\wbemdisp.dll - ok
13:30:34.0345 0x0a38  [ A6CD6B3F71E13E2E45B727FB8A47EA87, 4D84F6B03185DA961543ADFB927CBC17A1A9F216AC24E9A9228780AD7DD0222E ] C:\Windows\SysWOW64\SearchFilterHost.exe
13:30:34.0345 0x0a38  C:\Windows\SysWOW64\SearchFilterHost.exe - ok
13:30:34.0360 0x0a38  [ FFF95479C7AB1550F0750A5D01744211, FF67F892AABCE1C2B695FF4C0816339566F5745C1498D48FAC050E5196C1CE09 ] C:\Windows\System32\drivers\spsys.sys
13:30:34.0360 0x0a38  C:\Windows\System32\drivers\spsys.sys - ok
13:30:34.0360 0x0a38  [ 49A3AD5CE578CD77F445F3D244AEAB2D, 1D200547C6277C4A878A9ADD94045F7ACCC583609985C592AAE9B9B9CA7B812A ] C:\Windows\System32\SearchFilterHost.exe
13:30:34.0360 0x0a38  C:\Windows\System32\SearchFilterHost.exe - ok
13:30:34.0376 0x0a38  [ 4FB491AC8D46AAF22BA8BC5C73DABEF7, CBE2392792D209E15E44AC29E906FFDD5FBF6EED8BAB0D97D66E109AB2C5C56E ] C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
13:30:34.0376 0x0a38  C:\Windows\SysWOW64\wbem\WmiPrvSE.exe - ok
13:30:34.0376 0x0a38  [ 619A67C9F617B7E69315BB28ECD5E1DF, F34F231D117CCDFEBB9CB35C8D6FDFA7051DA27FDC1204FCCFF361FC0B13A0FF ] C:\Windows\System32\wbem\WmiPrvSE.exe
13:30:34.0376 0x0a38  C:\Windows\System32\wbem\WmiPrvSE.exe - ok
13:30:34.0391 0x0a38  [ DB67C7C62038BDE813CB6486581A7611, DC0ACAA2795BBF4C8C35CE9DD9C14636ACFD94296CDC103696B64357CC2C84BB ] C:\Windows\SysWOW64\mssph.dll
13:30:34.0391 0x0a38  C:\Windows\SysWOW64\mssph.dll - ok
13:30:34.0391 0x0a38  [ 8258362DDB18B644A82D8B5061AD9426, 87CA586B2B1B0089BFF6A259A0743D184AE383B3B12C4BC5986D72ADFFBE9EDA ] C:\Windows\SysWOW64\wscisvif.dll
13:30:34.0391 0x0a38  C:\Windows\SysWOW64\wscisvif.dll - ok
13:30:34.0407 0x0a38  [ 48041BAEB60CE5F34F13CC2A1361E49C, AF82355A4C0D872F1F45261381C23C1510C2C77DD5F040B706FD7A3D63D4BAA4 ] C:\Windows\System32\mssph.dll
13:30:34.0407 0x0a38  C:\Windows\System32\mssph.dll - ok
13:30:34.0407 0x0a38  [ B84E2D174DC84916A536572BB8F691A8, 94E3D68F102439D3A585D2D796F3F3FC27CB41C640058DDC14AF99A723B2CD99 ] C:\Windows\System32\wscisvif.dll
13:30:34.0407 0x0a38  C:\Windows\System32\wscisvif.dll - ok
13:30:34.0423 0x0a38  [ 7DF186D86CF8C571A12AAB788C777F84, A2C1064BFDEF2A85CB12A11E55728BCC09933C115C278403F07B27DB2C36C710 ] C:\Windows\SysWOW64\wscproxystub.dll
13:30:34.0423 0x0a38  C:\Windows\SysWOW64\wscproxystub.dll - ok
13:30:34.0423 0x0a38  [ 6C1E3C43B35268C17833244C8ED96430, 9C571AA762E71177B6FF486D1DB500E3530E13CAFD87316AD2C64F5A55EB4A93 ] C:\Windows\System32\wscproxystub.dll
13:30:34.0423 0x0a38  C:\Windows\System32\wscproxystub.dll - ok
13:30:34.0438 0x0a38  [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6, 4F40D5CCE264290C8DD73A5766062A55ED4CF77D8F6B59D453DDB6F88B640D7E ] C:\Windows\SysWOW64\mapi32.dll
13:30:34.0438 0x0a38  C:\Windows\SysWOW64\mapi32.dll - ok
13:30:34.0438 0x0a38  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] C:\Windows\System32\drivers\ndis.sys
13:30:34.0438 0x0a38  C:\Windows\System32\drivers\ndis.sys - ok
13:30:34.0454 0x0a38  [ 72910F1DEB838E6E08A9017BFB7D4F0B, A2EAE06069778605765ECB4734760BA296707ED6E166F85F31603F5D79ACC125 ] C:\Windows\SysWOW64\browcli.dll
13:30:34.0454 0x0a38  C:\Windows\SysWOW64\browcli.dll - ok
13:30:34.0454 0x0a38  [ 8F4BB0CFECED925D440ABC2481278360, 0A87E7E1B38300E211F2ECA10BFB9831CF79B128DEB9D7AB0AA6A715197FF2DD ] C:\Windows\System32\mapi32.dll
13:30:34.0454 0x0a38  C:\Windows\System32\mapi32.dll - ok
13:30:34.0469 0x0a38  [ 6607C2182C6A53ED983813AFE2F85768, FC9E718ABC4E0FBC7B0DD145F9C377A1800A7776AD832AB645796E13B1E15A1F ] C:\Windows\System32\wbem\cimwin32.dll
13:30:34.0469 0x0a38  C:\Windows\System32\wbem\cimwin32.dll - ok
13:30:34.0469 0x0a38  [ 5EA9A0950F322BFA382AF277801C0307, A2C00A3E22A484A00620FF801E0B6EB475C9593C80AF321564E5A0DD2B1C38B7 ] C:\Windows\System32\wbem\wmipcima.dll
13:30:34.0469 0x0a38  C:\Windows\System32\wbem\wmipcima.dll - ok
13:30:34.0485 0x0a38  [ D0481FB85BEEDD30A0884BE327880F80, D28D53F8FFE4F6D728281BC0FBEF4EB435C153774855AE6348D0B75C80C2EC78 ] C:\Windows\SysWOW64\framedynos.dll
13:30:34.0485 0x0a38  C:\Windows\SysWOW64\framedynos.dll - ok
13:30:34.0485 0x0a38  [ 1484B9EBF567346582DE571B0E164AE0, 9862BF22B2E32DABE7A82ACEE5B4EA1F0A93BDC3C71B20A6A4E568CCCD76A7A6 ] C:\Windows\System32\framedynos.dll
13:30:34.0485 0x0a38  C:\Windows\System32\framedynos.dll - ok
13:30:34.0501 0x0a38  [ F6F22291024906E43D135A4B1705FEAC, C1B66012799D247033E8AB8386B51BC86A4E2255E6D0B163AC000B215C51B42A ] C:\Windows\System32\sppwinob.dll
13:30:34.0501 0x0a38  C:\Windows\System32\sppwinob.dll - ok
13:30:34.0501 0x0a38  [ 0D893F8D145D3B125B0226727C243A69, B344A18C5D5324A891B6E2121EC375AFB9E83D4C59D64EDD2E63854ABEC5D734 ] C:\Windows\System32\security.dll
13:30:34.0501 0x0a38  C:\Windows\System32\security.dll - ok
13:30:34.0516 0x0a38  [ 012787CEB35505EB78DF82E0A0072888, FE082EF9F8462589F8C8BEEFB1D10AB06E1E3D6F4494CABF34097328C109C03E ] C:\Windows\System32\browcli.dll
13:30:34.0516 0x0a38  C:\Windows\System32\browcli.dll - ok
13:30:34.0516 0x0a38  [ A42E7748BE906434C5FD17161D168C20, 883A263ED30F9D83A788C484FE61BDB3A518FE489CF97DA4AE9599A8E39E6AE7 ] C:\Windows\SysWOW64\schedcli.dll
13:30:34.0516 0x0a38  C:\Windows\SysWOW64\schedcli.dll - ok
13:30:34.0532 0x0a38  [ C4BFE4B61086416B0529212F92BCE081, A5EE6FB81229885C7A4A4EF0A9C3E9EE9E7F85C1EDE9BEEE236EB0503093D8F3 ] C:\Windows\System32\schedcli.dll
13:30:34.0532 0x0a38  C:\Windows\System32\schedcli.dll - ok
13:30:34.0532 0x0a38  [ C863E5A2417DF0F2A31ED32C3B2CB23F, EC77B4DB94CF2D13304240CA7056C56BFFFF17BD7B93ADA4CA978723AEE3102C ] C:\Windows\SysWOW64\mshtml.dll
13:30:34.0532 0x0a38  C:\Windows\SysWOW64\mshtml.dll - ok
13:30:34.0547 0x0a38  [ 8EE6BDE1D572677AA35707C52C585F75, 588A08C0FC3881186CD673F749E46A154F58BE39CA7AE8A2E1F25539B2299752 ] C:\Windows\SysWOW64\mlang.dll
13:30:34.0547 0x0a38  C:\Windows\SysWOW64\mlang.dll - ok
13:30:34.0547 0x0a38  [ 2B373B5F7E36B5ED5DA176D4400EF091, A7E220CC3661429D786693B277A7F39D5D9E24284B1D9E55DB6295AF7D97D104 ] C:\Windows\System32\sppobjs.dll
13:30:34.0547 0x0a38  C:\Windows\System32\sppobjs.dll - ok
13:30:34.0563 0x0a38  [ 7FE0D0C8F53735EA17C9AE93EFE7AD5A, 7F67FE1E0453CCCFA5097BFC9087BA5F4B213CCA8AC17FC05D7ED02A52112E05 ] C:\Windows\System32\wups2.dll
13:30:34.0563 0x0a38  C:\Windows\System32\wups2.dll - ok
13:30:34.0563 0x0a38  [ C6E1178294BDEAB1CACF50427688DF05, D9D5DE54D255C2E4D04C37DF8CD1DFB927AB5A05E4BB1A881427B832E7A8DACD ] C:\Program Files\Internet Explorer\iexplore.exe
13:30:34.0563 0x0a38  C:\Program Files\Internet Explorer\iexplore.exe - ok
13:30:34.0579 0x0a38  [ 98F1C94E108DF0811CC5EF098ECFB842, 4D3F1B38654C870645C9F3DDC8B3D11E910F2897A60ECC4A1FA2F46474E168CF ] C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe
13:30:34.0579 0x0a38  C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe - ok
13:30:34.0579 0x0a38  [ 9D9C0DD19ED1D36E1FAB8805EA5CE1AF, 4DFA951D86898EB6E1377EDC4BC3370E5985AF8BE61DA6BFA9F862AC07DC3288 ] C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe
13:30:34.0579 0x0a38  C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe - ok
13:30:34.0594 0x0a38  [ 2DC0C4DE960A20BC2840D72E7B98A144, A62DA7BFE92E6BB9E957A1210B0A29C75F836AAAE1D701E2C2FB5CD7343D56A6 ] C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe
13:30:34.0594 0x0a38  C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe - ok
13:30:34.0594 0x0a38  [ 1C09858449980D64577E377EB262C9D7, 23DD82AD6EF5B00BCAABC3BEB3937B736E13B849C544B8A6F48C09F914013634 ] C:\Program Files\Windows Journal\Journal.exe
13:30:34.0594 0x0a38  C:\Program Files\Windows Journal\Journal.exe - ok
13:30:34.0610 0x0a38  [ 715BFF236158F61C042928A53C0D5AA8, D05369E606122090468137DFBCE4D6054BF35BCF1684E96074C22BD890551A8B ] C:\Program Files\Windows NT\Accessories\wordpad.exe
13:30:34.0610 0x0a38  C:\Program Files\Windows NT\Accessories\wordpad.exe - ok
13:30:34.0610 0x0a38  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
13:30:34.0610 0x0a38  C:\Program Files\Windows Sidebar\sidebar.exe - ok
13:30:34.0625 0x0a38  [ 60236C8C3B8C2D8B9A59326890533EB8, BADF0F5023BA9D7E5D7FEA762E8F01EE2D8F41F7785FA6ADB9D93AF1F2181F8F ] C:\Windows\SysWOW64\sqlceqp30.dll
13:30:34.0625 0x0a38  C:\Windows\SysWOW64\sqlceqp30.dll - ok
13:30:34.0625 0x0a38  [ 198366199A9F342EF87978D79308B49F, 359E58BE784D93A5D954F856DB4DCD496FE4D0A6002A9343AA8EFFD332A13FF1 ] C:\Windows\SysWOW64\RacEngn.dll
13:30:34.0625 0x0a38  C:\Windows\SysWOW64\RacEngn.dll - ok
13:30:34.0641 0x0a38  [ B24450E38722F69F338533A36ECFFC29, B1516252A211F0D402F402D1E10821503533F674568F1A57BC6DA0DC507A3F5A ] C:\Windows\System32\RacEngn.dll
13:30:34.0641 0x0a38  C:\Windows\System32\RacEngn.dll - ok
13:30:34.0641 0x0a38  [ CE292C4C10B8DB6070F262EA2733F0DC, 0A685263DA0277F2D215C4C22BF39E2F869B632B42B8C992E068129F57177BE1 ] C:\Windows\SysWOW64\sqmapi.dll
13:30:34.0641 0x0a38  C:\Windows\SysWOW64\sqmapi.dll - ok
13:30:34.0657 0x0a38  [ 27B9E163740A226B65E4B9E186117911, 17411C6A6C1E699BC4B0C04D782FD9AA09CF577DBA41E743F7588904D489CB9F ] C:\Windows\System32\sqmapi.dll
13:30:34.0657 0x0a38  C:\Windows\System32\sqmapi.dll - ok
13:30:34.0657 0x0a38  [ B6C756FA661C5EB7B3547E60647F87A7, DA48178C01D23A5756BE1BD84C8A3BE185522414001D23EB9154DACC0F1F26E0 ] C:\Windows\SysWOW64\sqlceoledb30.dll
13:30:34.0657 0x0a38  C:\Windows\SysWOW64\sqlceoledb30.dll - ok
13:30:34.0672 0x0a38  [ AA61A7047E854A9E914FDD17C2F35675, F07AC1271BDB6346540ADC685DE25EE16B9F5C6655C716573421413114B7E074 ] C:\Windows\System32\sqlceoledb30.dll
13:30:34.0672 0x0a38  C:\Windows\System32\sqlceoledb30.dll - ok
13:30:34.0688 0x0a38  [ 13CDD3FF0961A2EC6D9829A1640DD6DC, 087E53B60FE1F87779389EBF1BF9F083760D8E3D6EA9269BFE2A1545AF2F2587 ] C:\Windows\SysWOW64\sqlcese30.dll
13:30:34.0688 0x0a38  C:\Windows\SysWOW64\sqlcese30.dll - ok
13:30:34.0688 0x0a38  [ 9C75CB8B98610F0CD85D99BB5876308B, 54F0449E8E44F5B47A6A087AFAC1A10CD19B6513D9846CB306EFFA576551AAE9 ] C:\Windows\System32\sqlcese30.dll
13:30:34.0688 0x0a38  C:\Windows\System32\sqlcese30.dll - ok
13:30:34.0703 0x0a38  [ E5744D18C88737C6356D0A8D6D49D512, 4FF86DDF0BDCE0E4D73114CD027621C8FD48591992C3424CF77B354BB252EB26 ] C:\Windows\System32\sqlceqp30.dll
13:30:34.0703 0x0a38  C:\Windows\System32\sqlceqp30.dll - ok
13:30:34.0703 0x0a38  [ 81C0FA250EF6DC1C6B3FA2BCE81D6C2E, B1F7FCDA2C8D81CB3661F014745E00423CDDA99AD7909C7BB52DBFA414F2F23D ] C:\Windows\SysWOW64\WinSATAPI.dll
13:30:34.0703 0x0a38  C:\Windows\SysWOW64\WinSATAPI.dll - ok
13:30:34.0719 0x0a38  [ 021287C2050FD5DB4A8B084E2C38139C, EA27C640FE0F1E8BAE70BEF98E663E68A35336BB6D52D56B2367297D22C50648 ] C:\Windows\System32\WinSATAPI.dll
13:30:34.0719 0x0a38  C:\Windows\System32\WinSATAPI.dll - ok
13:30:34.0719 0x0a38  [ 66C87DB880052104808507D6FA84D68E, 46BD5C16225B3D0BF786FDA6461CE9A549DAA9FA38C8BDADAA0AF08FA6A24260 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
13:30:34.0719 0x0a38  C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL - ok
13:30:34.0735 0x0a38  [ E83D2495D5867E224FBF42EF40D8856C, 2C806D9B932F24C4BC84E86CED7962A75C0161FF732F77EB1827A3A14976B2C1 ] C:\Program Files\DVD Maker\DVDMaker.exe
13:30:34.0735 0x0a38  C:\Program Files\DVD Maker\DVDMaker.exe - ok
13:30:34.0735 0x0a38  [ 8B57A1AD493653BB57F281FE75DD175B, 65A54DDCA45CED94F7CF079632F127C247DD9E5E4D2B074593F89621F8CC6C55 ] C:\Windows\SysWOW64\NaturalLanguage6.dll
13:30:34.0735 0x0a38  C:\Windows\SysWOW64\NaturalLanguage6.dll - ok
13:30:34.0750 0x0a38  [ 01E2855FB06C422E721D890AF201C2D7, 9CAA197D5CE95AABFC8C09EA2137E73C7A0EF37CE0459508C663F7B2D758E57F ] C:\Windows\System32\NaturalLanguage6.dll
13:30:34.0750 0x0a38  C:\Windows\System32\NaturalLanguage6.dll - ok
13:30:34.0750 0x0a38  [ 393096D08F4405EAE9318D24F93D6DD8, 94F8DFA147F66FF35A20A0D342F08DC65B540A7938A4FF79FABE062658598CF4 ] C:\Users\Admin\Desktop\FRST64.exe
13:30:34.0750 0x0a38  C:\Users\Admin\Desktop\FRST64.exe - ok
13:30:34.0766 0x0a38  [ 2992932C1AB1D29A1A4A9E8CB8530CBF, 894FB2246F09FAC7E78FA1DC0159E888944AD3F4E66844BCE01A967B789CC82B ] C:\Windows\SysWOW64\NlsData0009.dll
13:30:34.0766 0x0a38  C:\Windows\SysWOW64\NlsData0009.dll - ok
13:30:34.0766 0x0a38  [ 701D9F5F3F21580936638D5C5F86B460, 2F187684F61C72AACF8274EA29B48DAAC6C8377F791843914AABF5DAB3760980 ] C:\Windows\System32\NlsData0009.dll
13:30:34.0766 0x0a38  C:\Windows\System32\NlsData0009.dll - ok
13:30:34.0781 0x0a38  [ C8CB301BF896C7C556BBE963FADF5BB6, 94ABF348C70E4BE391B9344CC730A0A98D6EB042EA1D031840DA3DB74A76849C ] C:\Windows\SysWOW64\NlsLexicons0009.dll
13:30:34.0781 0x0a38  C:\Windows\SysWOW64\NlsLexicons0009.dll - ok
13:30:34.0781 0x0a38  [ 148A733B93A2AC104280495DA09D3CC2, 443E46865090C610B84A82DB23DF8D1F22001FEA8B10F5619A10D25D7FEA29CC ] C:\Windows\System32\NlsLexicons0009.dll
13:30:34.0781 0x0a38  C:\Windows\System32\NlsLexicons0009.dll - ok
13:30:34.0797 0x0a38  [ 99280392987A1A96C756A9F38C4CE396, E3E5A5D28BBE171B4ED7276335E75013ABB6CB01519E1B67DAD2B26C6F06CD4A ] C:\Windows\SysWOW64\jscript9.dll
13:30:34.0797 0x0a38  C:\Windows\SysWOW64\jscript9.dll - ok
13:30:34.0797 0x0a38  [ 8444A7364D6877922049E99BF4B78C5C, 8BA2EEE84D61743CAA6286D59839963C5ED9AB7C857A4B9926EB640BBE43C425 ] C:\Windows\SysWOW64\ELSCore.dll
13:30:34.0797 0x0a38  C:\Windows\SysWOW64\ELSCore.dll - ok
13:30:34.0813 0x0a38  [ 76D86E65FF7D10292886A1F2DB93A911, D83CF27E338FEF4967CE0B1D28FE60CEF986D275781FC013531E54B328C4B9A3 ] C:\Windows\System32\ELSCore.dll
13:30:34.0813 0x0a38  C:\Windows\System32\ELSCore.dll - ok
13:30:34.0813 0x0a38  [ 7B3FD36359DE5D2EE49D213CCAD13427, 1903FAB91028CCE19AF4B88154EBE2B175F3C4535B0FAE8F2DBB5A83E74C7DD1 ] C:\Windows\SysWOW64\elsTrans.dll
13:30:34.0813 0x0a38  C:\Windows\SysWOW64\elsTrans.dll - ok
13:30:34.0828 0x0a38  [ 12929BDE96189F4E968AD035573424F0, 27FBB49F6ED6722A0C43E270E7678EFE9950BD913760DB33D5C10AFAB99417FC ] C:\Windows\System32\elsTrans.dll
13:30:34.0828 0x0a38  C:\Windows\System32\elsTrans.dll - ok
13:30:34.0828 0x0a38  [ 02A2ED8497F437EA200DF3ACED255AFE, 228EF857617715297C31349C9A568E9759D5AA58D5800E9C048AD3F1B9482777 ] C:\Windows\SysWOW64\elslad.dll
13:30:34.0828 0x0a38  C:\Windows\SysWOW64\elslad.dll - ok
13:30:34.0844 0x0a38  [ AEE087CF7423BA44CC2DE03CC565E399, 8C1C59D438C0C28E1B7B078C3EA030F6C4A7CBC3B1306D673B0A2EA0AAB2B953 ] C:\Windows\System32\elslad.dll
13:30:34.0844 0x0a38  C:\Windows\System32\elslad.dll - ok
13:30:34.0844 0x0a38  [ 28CAAA8B3DAC4604B6871F311C6B9F49, 27552F9FF89C48275FA430190F9E8281F2A83A26C9F9CDE2E7D3B4DD1C199B6A ] C:\Windows\SysWOW64\NlsData0000.dll
13:30:34.0844 0x0a38  C:\Windows\SysWOW64\NlsData0000.dll - ok
13:30:34.0859 0x0a38  [ 11542EC1F1C53EDB3CCF5AADF4C9972F, 3458A80698836B5ECD1F5E61FA1525C4646DDA4CDAF11BE80E6F11425D8C3674 ] C:\Windows\System32\NlsData0000.dll
13:30:34.0859 0x0a38  C:\Windows\System32\NlsData0000.dll - ok
13:30:34.0859 0x0a38  [ 1D1EAA16D193C6A2D45981ED3914D22A, 587228942AA867FBA0D2A04F52A3431F33453B2C2735E4C45D621A4358BB9BB0 ] C:\Windows\SysWOW64\msimtf.dll
13:30:34.0859 0x0a38  C:\Windows\SysWOW64\msimtf.dll - ok
13:30:34.0875 0x0a38  [ 14800BD31701A5047AC3145BB1E698AE, 05B4E33B14B9623EE065634708D9C4CDC7226146F9614C4F374E6B097BB35A50 ] C:\Windows\SysWOW64\d2d1.dll
13:30:34.0875 0x0a38  C:\Windows\SysWOW64\d2d1.dll - ok
13:30:34.0875 0x0a38  [ 1C0E369575F387460E2A5F28269B2CC4, 96F26EF7483F9EB7B79DFCF50BB0261B981322BF8FB9F239D617FEACCEC466C8 ] C:\Windows\SysWOW64\DWrite.dll
13:30:34.0891 0x0a38  C:\Windows\SysWOW64\DWrite.dll - ok
13:30:34.0891 0x0a38  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] C:\Windows\System32\drivers\asyncmac.sys
13:30:34.0891 0x0a38  C:\Windows\System32\drivers\asyncmac.sys - ok
13:30:34.0891 0x0a38  [ F5ECEAF5132D00B3DA565DBDD14E430F, 210689FA1967B007B9884D275100AA366F9197CF8EA3EE07BC3F75F48DE994FD ] C:\Windows\SysWOW64\igdumdx32.dll
13:30:34.0891 0x0a38  C:\Windows\SysWOW64\igdumdx32.dll - ok
13:30:34.0906 0x0a38  [ A648AB50A6FE18002C762674F4E0F41C, 7D5230AE3346277896E13D5B40FFDB91ED3ECE655F0643BBEEFDA78B26488301 ] C:\Windows\SysWOW64\igd10umd32.dll
13:30:34.0906 0x0a38  C:\Windows\SysWOW64\igd10umd32.dll - ok
13:30:34.0922 0x0a38  [ 6DE66FE7C526637E74CD066461C7C871, 7E8980A3751762180D795EAC38458303BEAF8D1F85AB5F2D10D9CE7013090CBE ] C:\Windows\SysWOW64\d3d11.dll
13:30:34.0922 0x0a38  C:\Windows\SysWOW64\d3d11.dll - ok
13:30:34.0922 0x0a38  [ D96106CF60505734B14F6AE80AAA4B07, 900B5186D665FBDCFB2F367C30013F07D16EE65EC959528D72E9C5339007CF2E ] C:\Windows\SysWOW64\d3d10warp.dll
13:30:34.0922 0x0a38  C:\Windows\SysWOW64\d3d10warp.dll - ok
13:30:34.0922 0x0a38  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] C:\Windows\System32\FntCache.dll
13:30:34.0922 0x0a38  C:\Windows\System32\FntCache.dll - ok
13:30:34.0937 0x0a38  [ 07DD9DCD1CC2840751A1F8772F3C0195, 9B39147E1BA781EA8E463C22700F6CE354AC5E775E36657FD87BF41074835602 ] C:\Program Files\Microsoft Games\Chess\Chess.exe
13:30:34.0937 0x0a38  C:\Program Files\Microsoft Games\Chess\Chess.exe - ok
13:30:34.0953 0x0a38  [ BEF8BE93965EC65C51D70030B9B6B058, 93609F1C460FB778E4AE7809455FEBBA3476DCCA7C14A461066767442E166F8A ] C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe
13:30:34.0953 0x0a38  C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe - ok
13:30:34.0953 0x0a38  [ A8524F6C3AFF774911BCA26AB8322602, A5BF1CC9DAD3F2C8F6212F7BF7E98DDD65528C1243B2B1F697FDD12FBFBE9E7B ] C:\Program Files\Microsoft Games\Hearts\Hearts.exe
13:30:34.0953 0x0a38  C:\Program Files\Microsoft Games\Hearts\Hearts.exe - ok
13:30:34.0969 0x0a38  [ 9AAADE86A4659A69CF5AA298C8AEEC22, C59F21A65DCEBB5E4195087C21E71E055061763C80FD9C681C6A4C0E4B276BCF ] C:\Program Files\Microsoft Games\Mahjong\Mahjong.exe
13:30:34.0969 0x0a38  C:\Program Files\Microsoft Games\Mahjong\Mahjong.exe - ok
13:30:34.0969 0x0a38  [ B3EE7BD189C5925D4C0D2BBFCA00FDD1, F46BEABB222D534A11FC3F88B295F9E20962FC8A75CBC19CA25EBFB9B89013AC ] C:\Program Files\Microsoft Games\Minesweeper\MineSweeper.exe
13:30:34.0969 0x0a38  C:\Program Files\Microsoft Games\Minesweeper\MineSweeper.exe - ok
13:30:34.0984 0x0a38  [ 34EF6F776C62011ABFAAF3BF577A0E78, A2AE790BE28FCC7A8ED78EBF4EE8B77E1023F8191928019F697D5CE5D17BDDD5 ] C:\Program Files\Microsoft Security Client\MpCmdRun.exe
13:30:34.0984 0x0a38  C:\Program Files\Microsoft Security Client\MpCmdRun.exe - ok
13:30:34.0984 0x0a38  [ EB596E72F63B7C31BE8DF75FA8829B3F, E10F315021EEF7585B086547741C3B78DA85E1220C161A063FE0126B17938112 ] C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe
13:30:34.0984 0x0a38  C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe - ok
13:30:35.0000 0x0a38  [ B7206EC0AD3DF541B1E3EF97145BE6EA, 200F65CE659ABB22898F7B3135E180A157708844829F3155620C9CF18D4439CC ] C:\Program Files\Microsoft Security Client\MpCommu.dll
13:30:35.0000 0x0a38  C:\Program Files\Microsoft Security Client\MpCommu.dll - ok
13:30:35.0000 0x0a38  [ 5BACFD51D926774C8DD8028BEC9B4374, FD8A8FCF5C1D869864145FBBED7C2DABADD368E4E5B755821FFC4812C0EACF9F ] C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe
13:30:35.0000 0x0a38  C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe - ok
13:30:35.0015 0x0a38  [ 53534F0BC0BEFFD60FC13864B3034984, 59AC7A6BEC0C00352FD321D7375E143DB940A77C4E1CADE30EB9A6D38B6355F5 ] C:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaire.exe
13:30:35.0015 0x0a38  C:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaire.exe - ok
13:30:35.0015 0x0a38  [ 7AE299BC0A183A37A5A2F7FC7AFF083C, 3A8A857140A9B6E1E8ECD8C48E5D938B759285EC7D0B5EF95E61CB0856E2CC4F ] C:\Program Files\Windows Mail\wab.exe
13:30:35.0015 0x0a38  C:\Program Files\Windows Mail\wab.exe - ok
13:30:35.0031 0x0a38  [ E62605314A3CEAC54B15684AB442E1FE, 138A962BCBC6860E798C89C7DCE6043638D46224547AE6D0D5B8AA23F16311F7 ] C:\Program Files (x86)\Internet Explorer\ieproxy.dll
13:30:35.0031 0x0a38  C:\Program Files (x86)\Internet Explorer\ieproxy.dll - ok
13:30:35.0031 0x0a38  [ 9B8701A380CEE1B05D651B4ED4048C8F, F6ABBA0CAB38C05F16ACDEC68F7B37943334C1F62C8A70CFF43DC76CC2E844CC ] C:\Windows\SysWOW64\jsIntl.dll
13:30:35.0031 0x0a38  C:\Windows\SysWOW64\jsIntl.dll - ok
13:30:35.0047 0x0a38  [ F175E53C7C3B25A9029A131FB578B155, 474286F3070D37B418FDEC34B27B027618B025FA5EEA9AA6C8546E0CA8B34133 ] C:\Windows\SysWOW64\wscinterop.dll
13:30:35.0047 0x0a38  C:\Windows\SysWOW64\wscinterop.dll - ok
13:30:35.0047 0x0a38  [ 81252AA3B13743020BCF2089A5A0D911, BFFB1A5917EC1EDAF6B58EAFD888575299365D09C734FACF5A7D1843680DDFD8 ] C:\Windows\System32\wscinterop.dll
13:30:35.0047 0x0a38  C:\Windows\System32\wscinterop.dll - ok
13:30:35.0062 0x0a38  [ 7FD5532C142DB6C9CC47AA4DCF71FDEC, 16BBC7ABBEC24B66A4824D8A4FFDB76A488E6F07182103F5292A3033542BF77A ] C:\Windows\SysWOW64\wscui.cpl
13:30:35.0062 0x0a38  C:\Windows\SysWOW64\wscui.cpl - ok
13:30:35.0062 0x0a38  [ DF50DAE4C547285E4997A0C61063B632, 24F1B66CD2C5188609F936E7F4947E29EB120C59731E7028285CE6791F31B580 ] C:\Windows\System32\wscui.cpl
13:30:35.0062 0x0a38  C:\Windows\System32\wscui.cpl - ok
13:30:35.0078 0x0a38  [ F9959237F106F2B2609E61A290C0652E, FCCC12E5AAE1773BF87B1C4BCE71D017DB1A5A7AC189559058EA1ECC72075A82 ] C:\Windows\System32\werconcpl.dll
13:30:35.0078 0x0a38  C:\Windows\System32\werconcpl.dll - ok
13:30:35.0078 0x0a38  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] C:\Windows\System32\wercplsupport.dll
13:30:35.0078 0x0a38  C:\Windows\System32\wercplsupport.dll - ok
13:30:35.0093 0x0a38  [ 57CE9D8350B1DD76EEC596C423C3C0BC, 289BB8EFEB2CA0E6905DD83F3F0156EA7B215221F675F6EA93ABF87DF61C8D3D ] C:\Windows\SysWOW64\hcproviders.dll
13:30:35.0093 0x0a38  C:\Windows\SysWOW64\hcproviders.dll - ok
13:30:35.0093 0x0a38  [ 809AE7D4ACE06BBCF621E5C504BF6FC8, 0BAAB89FB57468F27446947D75CBD6DDFC92D9B8F040144A12656803B2F7BF65 ] C:\Windows\System32\hcproviders.dll
13:30:35.0093 0x0a38  C:\Windows\System32\hcproviders.dll - ok
13:30:35.0109 0x0a38  [ FB7784A74CAA1DECE064954E73408F59, DC3FEAAEEB3C82B67A0CEAFF6A11043BF73256E6BED8FB6C9595FAC6DDA6304C ] C:\Program Files\Internet Explorer\ieproxy.dll
13:30:35.0109 0x0a38  C:\Program Files\Internet Explorer\ieproxy.dll - ok
13:30:35.0109 0x0a38  [ 4B9A1F72E35953048603D8D3250201B1, FC2687DE83E3171FC67FE69B54C8A1670945AEA7A365246B390031D96DAA10E8 ] C:\Users\Admin\AppData\Roaming\ABBYY\WmiPrv\lsmass.exe
13:30:35.0109 0x0a38  C:\Users\Admin\AppData\Roaming\ABBYY\WmiPrv\lsmass.exe - ok
13:30:35.0125 0x0a38  [ 6A0CC85134AA269EA7C73390AF6C0E72, 18B8443D48B3113549379FB418D0762C629A234D5ACC519983B35B4EC5F6E3F4 ] C:\Users\Admin\AppData\Roaming\ABBYY\WmiPrv\libcurl.dll
13:30:35.0125 0x0a38  C:\Users\Admin\AppData\Roaming\ABBYY\WmiPrv\libcurl.dll - ok
13:30:35.0125 0x0a38  [ F5DF3E2EA8201F68C356317DE75EF4E1, 925D17AF96E3FB52B881E4A2C575AC69C492A4AB05D7498DA9B3D7C8C98F99AA ] C:\Users\Admin\AppData\Roaming\ABBYY\WmiPrv\zlib1.dll
13:30:35.0125 0x0a38  C:\Users\Admin\AppData\Roaming\ABBYY\WmiPrv\zlib1.dll - ok
13:30:35.0140 0x0a38  [ 7C7A6B7623B4B7F8AC5C0AF88EBC2A62, AAFF6239D8044B2A6292DB7E51007E1AD45014D177465D3B0591342FCFCB5C45 ] C:\Users\Admin\AppData\Roaming\ABBYY\WmiPrv\pthreadGC2.dll
13:30:35.0140 0x0a38  C:\Users\Admin\AppData\Roaming\ABBYY\WmiPrv\pthreadGC2.dll - ok
13:30:35.0140 0x0a38  [ 52799EAD792B0E9AE7FD4BA5BD18FE5C, BE4838F4DB23D56CF75730DD36451C5F0F2ACA36B8A74844E7675DC5D5AD0C58 ] C:\Windows\SysWOW64\wbem\WMIADAP.exe
13:30:35.0140 0x0a38  C:\Windows\SysWOW64\wbem\WMIADAP.exe - ok
13:30:35.0156 0x0a38  [ 005247E3057BC5D5C3F8C6F886FFC10C, FCB27F89EC36856A4A225744CE5EE3A30CBC8A447868B165D95E8AB2C17F5671 ] C:\Windows\System32\wbem\WMIADAP.exe
13:30:35.0156 0x0a38  C:\Windows\System32\wbem\WMIADAP.exe - ok
13:30:35.0156 0x0a38  [ 529879612A7FAE235914E3AA6A9A669C, 715843BDDCB7BFB9C6A968F6DC7BBDE0844883FD57CB72608E2D7352F385C7A8 ] C:\Windows\SysWOW64\loadperf.dll
13:30:35.0156 0x0a38  C:\Windows\SysWOW64\loadperf.dll - ok
13:30:35.0171 0x0a38  [ 9FE3ED67345F0FF829A4A53B90E09672, F70CD131DCF101B26CD55A57876DB3765B3E15C9D3A8B508FF041C91226EC504 ] C:\Windows\System32\loadperf.dll
13:30:35.0171 0x0a38  C:\Windows\System32\loadperf.dll - ok
13:30:35.0171 0x0a38  [ 07AD88DF9EF73215458867EFC1BFFE9E, 8C659B6F31111C09448B68889623886658C96467E7E5C95C1714E18AD3924463 ] C:\Windows\System32\wbem\wmiprov.dll
13:30:35.0171 0x0a38  C:\Windows\System32\wbem\wmiprov.dll - ok
13:30:35.0187 0x0a38  [ 907281ED4AD35D41B29FFDC211EBAD80, 42171AE21B62F07511D8AEE66FF8AC6D40D53290BD01BA6125D886EC70CD3B8D ] C:\Windows\SysWOW64\wmi.dll
13:30:35.0187 0x0a38  C:\Windows\SysWOW64\wmi.dll - ok
13:30:35.0187 0x0a38  [ C00DB14550E4BD49737F311C644E45FF, 7085C47DADEED82B6F98ED3903197D76B648E9D6CC67D40C789E236264D9A0DC ] C:\Windows\System32\wmi.dll
13:30:35.0187 0x0a38  C:\Windows\System32\wmi.dll - ok
13:30:35.0203 0x0a38  [ CDEBD55FFBDA3889AA2A8CE52B9DC097, 61BD24487C389FC2B939CE000721677CC173BDE0EDCAFCCFF81069BBD9987BFD ] C:\Windows\System32\sdclt.exe
13:30:35.0203 0x0a38  C:\Windows\System32\sdclt.exe - ok
13:30:35.0218 0x0a38  [ 3CC04CB09FAFAD87942437FDDEE11EE3, 9A5023058ABA16EDD42DE38447888BBBCCED803C32297E21376E24A9DEFEFF1E ] C:\Windows\SysWOW64\ReAgent.dll
13:30:35.0218 0x0a38  C:\Windows\SysWOW64\ReAgent.dll - ok
13:30:35.0218 0x0a38  [ 8CE1C165396F2453012B3E23ADD9DF76, 3716A374A44C73F3C961F5100B20D6531B8E83444C6245A4CDDF0B806E62F1B6 ] C:\Windows\System32\ReAgent.dll
13:30:35.0218 0x0a38  C:\Windows\System32\ReAgent.dll - ok
13:30:35.0234 0x0a38  [ A399514D3B28C9A3453A486BBAAFF1C7, 487CAA68CF4EE0C9DC26975C694A2780ADEFB687D1EDF929CE6E1C7E3722FFE9 ] C:\Windows\SysWOW64\wdscore.dll
13:30:35.0234 0x0a38  C:\Windows\SysWOW64\wdscore.dll - ok
13:30:35.0234 0x0a38  [ 7B38D7916A7CD058C16A0A6CA5077901, 3F6DD990E2DA5D3BD6D65A72CBFB0FE79EB30B118A8AD71B6C9BB5581A622DCE ] C:\Windows\System32\wdscore.dll
13:30:35.0234 0x0a38  C:\Windows\System32\wdscore.dll - ok
13:30:35.0234 0x0a38  [ 971A36C4827AD1AE2A54E6407478921A, 22FC1DD7476F6A9E8C6272D982F2F10600AE97D2157C8531EA2F4C7874E6D24D ] C:\Windows\SysWOW64\spp.dll
13:30:35.0234 0x0a38  C:\Windows\SysWOW64\spp.dll - ok
13:30:35.0249 0x0a38  [ B7AC66C1CCD87D7C49256B5451DED4FA, 2BA412A69605D75CF10B9446725917B850A29369BD3970CA14796CC24C9BFD72 ] C:\Windows\System32\spp.dll
13:30:35.0249 0x0a38  C:\Windows\System32\spp.dll - ok
13:30:35.0249 0x0a38  [ 11C405A2DCF38E098316FD904A4FB662, E544F5218102BC9557A75293461F8550A42471F1E77B7A64FB9CF53EB45CA3A4 ] C:\Windows\System32\sdengin2.dll
13:30:35.0249 0x0a38  C:\Windows\System32\sdengin2.dll - ok
13:30:35.0265 0x0a38  [ 9BF7BDBD1EC69D44EA8D9BE222FC93BB, E9918C543AEAD80E6F18E3B9E5F974CD04A3F36374564CE7AB0DC8ADA820D592 ] C:\Windows\SysWOW64\sxshared.dll
13:30:35.0265 0x0a38  C:\Windows\SysWOW64\sxshared.dll - ok
13:30:35.0265 0x0a38  [ DD7596A0BC60AFFCCEB07E64F876FB59, 2A844F511E4308BB23D25D9F456E8C58475F0F5255DC39596F281B551950B800 ] C:\Windows\SysWOW64\sxproxy.dll
13:30:35.0265 0x0a38  C:\Windows\SysWOW64\sxproxy.dll - ok
13:30:35.0281 0x0a38  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] C:\Windows\System32\sdrsvc.dll
13:30:35.0281 0x0a38  C:\Windows\System32\sdrsvc.dll - ok
13:30:35.0281 0x0a38  [ E7FBBF3193E248EE05CBC9562810C44A, D894C492C63E20EC613D3D154FBD82DC5BC8C1A250DBDEA7DDA14BF407691968 ] C:\Windows\System32\sxshared.dll
13:30:35.0281 0x0a38  C:\Windows\System32\sxshared.dll - ok
13:30:35.0296 0x0a38  [ 55BA6C87FFB2C478E1C9351FA631CC1A, F773D20745034F3A2D0F9AE832BDFCD47F0DC9AE0E9AC3236407DB953EC4C12C ] C:\Windows\System32\sxproxy.dll
13:30:35.0296 0x0a38  C:\Windows\System32\sxproxy.dll - ok
13:30:35.0296 0x0a38  [ D566091BFA849214EE17419A93B13094, C253F24D7BD593AD0582AEAC63C134CF3BF91D8F39152D3A1E2480E8451A7AF0 ] C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpSystemStatusCheck.exe
13:30:35.0296 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpSystemStatusCheck.exe - ok
13:30:35.0312 0x0a38  [ 0400CBB7558638933661984791398CA2, D91952B185B4A32069BA72A5C835A18BC8B2A2C410BEB19531C82DE2401771F6 ] C:\Program Files (x86)\TuneUp Utilities 2012\rtl120.bpl
13:30:35.0312 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\rtl120.bpl - ok
13:30:35.0312 0x0a38  [ E7B9D5FF20FFDD4AAE2EF1D1B8C27A37, 689D126B1B42140D5049015E3E324268E6542D4BC6CC14E31D8B89A25B94BAA5 ] C:\Windows\SysWOW64\imagehlp.dll
13:30:35.0312 0x0a38  C:\Windows\SysWOW64\imagehlp.dll - ok
13:30:35.0327 0x0a38  [ 6650FDAFF0EF4E13BF0798A0513B7819, D9A451188A110FEA51E44BB26ABED9DCC5EC27F02E1C6E64DA7ED0FD4744F845 ] C:\Program Files (x86)\TuneUp Utilities 2012\ProgramRating.bpl
13:30:35.0327 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\ProgramRating.bpl - ok
13:30:35.0327 0x0a38  [ 066589820A4A17EA2D0A0D0C070D2E90, E4F56AB2713BFA4CEDB82ACC3327FB795557E4E2BB62AB89308E6402939FFD03 ] C:\Program Files (x86)\TuneUp Utilities 2012\vcl120.bpl
13:30:35.0327 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\vcl120.bpl - ok
13:30:35.0343 0x0a38  [ 936F728E04ACCF3F38801CFFCF1E3F40, 59CA86096F4B928E364B6A3C0408615F068BB8BC02DCFC5EAF4873EC6D6E0797 ] C:\Windows\SysWOW64\oledlg.dll
13:30:35.0343 0x0a38  C:\Windows\SysWOW64\oledlg.dll - ok
13:30:35.0343 0x0a38  [ A4BACC37435651A4E7CB42F9C288CFD3, 453A2CDA5AD7A1B8CBEE77027F3A0A0D75DEF1B2BF0E7A9D3B2511A4D598DAAF ] C:\Program Files (x86)\TuneUp Utilities 2012\MainControls.bpl
13:30:35.0343 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\MainControls.bpl - ok
13:30:35.0359 0x0a38  [ E87017398263763BAB48B82E6C9A20EC, 4416403B974D4438BBC77480CCB6480153AC09D5A321D67CC2AC014836FF0FDD ] C:\Program Files (x86)\TuneUp Utilities 2012\GR32_D6.bpl
13:30:35.0359 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\GR32_D6.bpl - ok
13:30:35.0359 0x0a38  [ 139EAE714653D55F83C1DD3DDE22A1AA, 0DF7F48BBC9E59F4A9D8B1FB074C5957F7732BB1B7D4E6DCF8543B8997D117D2 ] C:\Program Files (x86)\TuneUp Utilities 2012\vclimg120.bpl
13:30:35.0359 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\vclimg120.bpl - ok
13:30:35.0374 0x0a38  [ CCA6D917A1DF8E9BF4827AEA743095BE, 193C29834B9F80EA529F431FD2FB21FE7C456F10CDADEE519D76C170A7619B9F ] C:\Program Files (x86)\TuneUp Utilities 2012\RegExp.bpl
13:30:35.0374 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\RegExp.bpl - ok
13:30:35.0374 0x0a38  [ AEFB476EA69595D4C99DB7F10F6CEA18, EC2D85F965D1D987CEEC66CCA7CA53BE7239C6CBE3D5B79611E340340BAC9AB4 ] C:\Program Files (x86)\TuneUp Utilities 2012\xmlrtl120.bpl
13:30:35.0390 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\xmlrtl120.bpl - ok
13:30:35.0390 0x0a38  [ B65606B8B894FDF6EB2B243C1F959546, 04243F95282686512E9B85FB5D61C2F0A30C008814B7BD8680A25B5E0DE201A3 ] C:\Program Files (x86)\TuneUp Utilities 2012\TUTransl.bpl
13:30:35.0390 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\TUTransl.bpl - ok
13:30:35.0390 0x0a38  [ 36E088C90B68143BEA4471AD06491622, BC92AE2DB5C095258C6F7AE93157D31A223DA3DB421AFC7888486DE147A5C4CF ] C:\Program Files (x86)\TuneUp Utilities 2012\TUKernel.bpl
13:30:35.0390 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\TUKernel.bpl - ok
13:30:35.0405 0x0a38  [ 7E7CF82D31803BDA6A9287DBCD0EA2FB, 27E34A76A8CD3EF5EF7474AD86E6C206C3FE5C8D303F74045C6C750FE1D1C553 ] C:\Program Files (x86)\TuneUp Utilities 2012\TUBasic.bpl
13:30:35.0405 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\TUBasic.bpl - ok
13:30:35.0421 0x0a38  [ 6C1EFC4D2394001C3AEE4290134DC1BB, B80B8944812B42CCE47E003C8974F7EAE4BEAE2F89312CBD235723D092CCAA66 ] C:\Program Files (x86)\TuneUp Utilities 2012\DEC.bpl
13:30:35.0421 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\DEC.bpl - ok
13:30:35.0421 0x0a38  [ 0B4BADEC01449E6956761426C223C271, 5118E9A96290E012EB0394160E1BD67B6FB3FC99FF1909C1FEB4CCD5CD952036 ] C:\Program Files (x86)\TuneUp Utilities 2012\TUBase.bpl
13:30:35.0421 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\TUBase.bpl - ok
13:30:35.0437 0x0a38  [ 88A93871339EA966DA1B2D7E65DA3A01, 005353ECA722E80839B6E379236444A4EE8929E6BC61A43E32DC337170530665 ] C:\Program Files (x86)\TuneUp Utilities 2012\TUCompression.bpl
13:30:35.0437 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\TUCompression.bpl - ok
13:30:35.0437 0x0a38  [ 3EF12AEADEDE65065CD3F7E74B04ACEF, E2E564CA0E66B1B838F8F0CE253CA387D2D6AE5DED773BB47519DF66B9E25F3F ] C:\Program Files (x86)\TuneUp Utilities 2012\Html.bpl
13:30:35.0437 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\Html.bpl - ok
13:30:35.0452 0x0a38  [ C904C0B1E34FC61C6A77184625EF1027, 9E6A6188C29FC5A73B65ACEEC93465E890D15842F06E219F8F59582361C80012 ] C:\Program Files (x86)\TuneUp Utilities 2012\ntrtl60.bpl
13:30:35.0452 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\ntrtl60.bpl - ok
13:30:35.0452 0x0a38  [ 7EC13D1D5224351CA9F8B90D2A4B6A87, ED3BBDB4B66766B4FE6B650F493D4CA61FC49094CA2BBC21164D3F8997DFBF63 ] C:\Program Files (x86)\TuneUp Utilities 2012\SchedAgent_2007.bpl
13:30:35.0452 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\SchedAgent_2007.bpl - ok
13:30:35.0468 0x0a38  [ 49CC4DF731077EC986BEFDE0920252C1, 4A6075498A95A373D7C092B16A84CFD91BF27E6AB25A48002EBC1C1C63C36474 ] C:\Program Files (x86)\TuneUp Utilities 2012\VisControls.bpl
13:30:35.0468 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\VisControls.bpl - ok
13:30:35.0468 0x0a38  [ C5DD319F618701CC42FAB19E42D4084A, A1BA6FF4FA8DCBA2372002B8094CC40B6C099349BE62D6143D53F827D88906A2 ] C:\Program Files (x86)\TuneUp Utilities 2012\dxBarD12.bpl
13:30:35.0468 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\dxBarD12.bpl - ok
13:30:35.0483 0x0a38  [ 0B09666F1A4D312F988EF3C62295C35E, 62AB42E5186BE86BB555FCB59A693EF2350C55D51CD849313E1596F7D33E5C5A ] C:\Program Files (x86)\TuneUp Utilities 2012\dxCoreD12.bpl
13:30:35.0483 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\dxCoreD12.bpl - ok
13:30:35.0483 0x0a38  [ 2A52C3E8A12FE41A6E8A88DB530C2B80, 51AA7A012C0CB0203EC5A2D65998BA0A95172D9C817AC69B902076F67C3C19C9 ] C:\Program Files (x86)\TuneUp Utilities 2012\dxComnD12.bpl
13:30:35.0483 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\dxComnD12.bpl - ok
13:30:35.0499 0x0a38  [ 7F229270742A020454C395A930197F0A, F7D9E667E02BD4E5F0FD969856573E36B3A75A00ABFD3BA3EE2513DF9E80B84E ] C:\Program Files (x86)\TuneUp Utilities 2012\dxThemeD12.bpl
13:30:35.0499 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\dxThemeD12.bpl - ok
13:30:35.0499 0x0a38  [ 04CD41D00E5A34C53B663E96BA1B64FF, A71BECED3791B4DA2DA2B22B72009912C247A6D69D7AD85AB10E8C267F52197F ] C:\Program Files (x86)\TuneUp Utilities 2012\cxLibraryD12.bpl
13:30:35.0499 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\cxLibraryD12.bpl - ok
13:30:35.0515 0x0a38  [ 2D0C1A57B1808EF0399E7A69D2F09EB3, 9DE4CFB4897F6CFD37D91A1CE2DF16888EF7CB914182B49457F6C0299A2205C7 ] C:\Program Files (x86)\TuneUp Utilities 2012\dxGDIPlusD12.bpl
13:30:35.0515 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\dxGDIPlusD12.bpl - ok
13:30:35.0515 0x0a38  [ E48FC61594DC679D7F7D436B942530AB, 0C45B8543497CC1C3C779145E145D26EE08D89DC98BC1F5181402BE70256C652 ] C:\Program Files (x86)\TuneUp Utilities 2012\SysControls.bpl
13:30:35.0515 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\SysControls.bpl - ok
13:30:35.0530 0x0a38  [ EE6F830BF8768CDE02E43EEF4976F937, 2976A5754E62704A5D95B3FE2BFFE8066FB668C8083D58F5171BB569DA808F97 ] C:\Program Files (x86)\TuneUp Utilities 2012\TUIcoEngineerDirTree.bpl
13:30:35.0530 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\TUIcoEngineerDirTree.bpl - ok
13:30:35.0546 0x0a38  [ A5F90765CD9567A1111854E2AE0C24BC, 7AEF2FC7F8E2C0A8CBDF403BFF17D2410B08755B44808E28B167CAB46AFEC090 ] C:\Program Files (x86)\TuneUp Utilities 2012\TUShell.bpl
13:30:35.0546 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\TUShell.bpl - ok
13:30:35.0546 0x0a38  [ 5CC9C62780C1C5B928F94B19A796DA23, 1F3EE4F979C3FF7B5B9E49A9E06E3A50B8EBA1D3823B0376C5FB73B76ED57508 ] C:\Program Files (x86)\TuneUp Utilities 2012\cefcomponent.bpl
13:30:35.0546 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\cefcomponent.bpl - ok
13:30:35.0546 0x0a38  [ 277537279F93893E2B404197F5B6C78C, E189E6C6B8F84BBC628D7C012E9F564F24711A141B0F93B3F15C500658EBBA3B ] C:\Program Files (x86)\TuneUp Utilities 2012\ehs_d6.bpl
13:30:35.0546 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\ehs_d6.bpl - ok
13:30:35.0561 0x0a38  [ 1E8D06AAE74FED674C1156B3FEA911C2, C1999BA9E436F9E0B9302DC82DF8B214E66372899FD4C0C60C56EE5340BADB9F ] C:\Windows\SysWOW64\Faultrep.dll
13:30:35.0561 0x0a38  C:\Windows\SysWOW64\Faultrep.dll - ok
13:30:35.0577 0x0a38  [ F099820360DA0B8F0C85504DE9A18992, B31BAD4D5F2534AB82C9090B0404B75C8C4175D9A432661E5E13B74C373ED491 ] C:\Program Files (x86)\TuneUp Utilities 2012\AppInitialization.bpl
13:30:35.0577 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\AppInitialization.bpl - ok
13:30:35.0577 0x0a38  [ 2140029FF5D388950F18C79CFB755C15, EA43E7B12A232CCBAC05408C205249E3E6D84440553FC3172D4B3B9E51817676 ] C:\Program Files (x86)\TuneUp Utilities 2012\tulic.dll
13:30:35.0577 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\tulic.dll - ok
13:30:35.0593 0x0a38  [ 539C49CEBB3C50957AC8A09D95ECD880, 49E75CDB556FBCE72C44648F8930CF2209C1360F9311C5B4CEB19E13B11E6B75 ] C:\Windows\SysWOW64\shfolder.dll
13:30:35.0593 0x0a38  C:\Windows\SysWOW64\shfolder.dll - ok
13:30:35.0593 0x0a38  [ 2259C9880A76DA8A0B20A0CED9434857, 9CB46FD4D708C481C61D4C03A47FF3ACD2683F5F17A92F85032270529B7AC44E ] C:\Program Files (x86)\TuneUp Utilities 2012\TUShredder.bpl
13:30:35.0593 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\TUShredder.bpl - ok
13:30:35.0608 0x0a38  [ 8D609FB2840298B6163E3E20DFA98822, 72CAC8A10E0206BC2AF83917AB3EC64190CA560AD00545A77F75E888A179304F ] C:\Program Files (x86)\TuneUp Utilities 2012\PowerManager.bpl
13:30:35.0608 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\PowerManager.bpl - ok
13:30:35.0608 0x0a38  [ A0ABBB64BEB8833D67E439D103CDC0BA, 903DBA6830B121979C9ABC9CE587F80AE2BA04C6586159D4B00289791569C6F8 ] C:\Program Files (x86)\TuneUp Utilities 2012\SysInfo.bpl
13:30:35.0608 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\SysInfo.bpl - ok
13:30:35.0624 0x0a38  [ D5165AEFEB7999F5E0FCED2FB4F1E531, C57251791C959BF3E91817B0A5E531440805D7B00AC47B61AC2D60B488D19E22 ] C:\Program Files (x86)\TuneUp Utilities 2012\MSI_D6.bpl
13:30:35.0624 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\MSI_D6.bpl - ok
13:30:35.0624 0x0a38  [ 946B5BA8931779BA021052FF9AD53C6E, 312C640B0F823C4595A7910A86EC807929803163BFE2751A80524E08642426D5 ] C:\Program Files (x86)\TuneUp Utilities 2012\XMLComponents.bpl
13:30:35.0624 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\XMLComponents.bpl - ok
13:30:35.0639 0x0a38  [ 75F5E1FE8D55CF8E577E0EC5F2290D3F, F4E2C81F0834018052A481AE8D7DF4780302A6844160CCDC09F7D82D3B992BDE ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll
13:30:35.0639 0x0a38  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll - ok
13:30:35.0639 0x0a38  [ A8146AAE0A17E08DA6723FECE512BFD0, 2A1BAFA21165846C592F68B13C05EB862F421EE38C709602FB380D5A4F1D773B ] C:\Program Files (x86)\TuneUp Utilities 2012\TUDiskCleanerClass.bpl
13:30:35.0639 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\TUDiskCleanerClass.bpl - ok
13:30:35.0655 0x0a38  [ DA97FC57471A6F3D29DEF4574672C18B, F965FE0840B299F3A9694FDA5CB99C8E25C555B83415BE578CF5F4FE70590327 ] C:\Program Files (x86)\TuneUp Utilities 2012\TUApps.bpl
13:30:35.0655 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\TUApps.bpl - ok
13:30:35.0655 0x0a38  [ C76103C86C8D978C31F4AA28832E3EC9, D9EC8D4FABE90D29F7A9AE9D52B8B30982C727C9485354EFAABC7B64D0B3D2EE ] C:\Program Files (x86)\TuneUp Utilities 2012\TURar.bpl
13:30:35.0655 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\TURar.bpl - ok
13:30:35.0671 0x0a38  [ 364A737C35F52421EAF0CC72866BBB8B, 3EC177AB7073CD3BDB81F4E74F4B53835882E1B0E2652FA3F1D9D4139D388199 ] C:\Program Files (x86)\TuneUp Utilities 2012\IEControl.bpl
13:30:35.0671 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\IEControl.bpl - ok
13:30:35.0671 0x0a38  [ 29F6D1D4F76DE3729FCEAB0BE3175372, BD5835DC89F271AE7627DE2D1A0B6DFB86011E6D1D64FAC88B3A1169634B7C92 ] C:\Program Files (x86)\TuneUp Utilities 2012\Traces.bpl
13:30:35.0671 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\Traces.bpl - ok
13:30:35.0686 0x0a38  [ 9A71E409D2E1E79589599BB840A005BC, 4EF9A534334B3A2486D98375CBFCC26C8C55E18E73E68764AB08A70D70A05F83 ] C:\Program Files (x86)\TuneUp Utilities 2012\TUTMSComponents.bpl
13:30:35.0686 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\TUTMSComponents.bpl - ok
13:30:35.0686 0x0a38  [ 84174CA0E190BB9D1EFD0F005FE13B35, B0146E651DAD4A8050FAF70026F1B7CE16EF454EB6E31088CDEBE3CD57E6591C ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\GdiPlus.dll
13:30:35.0686 0x0a38  C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\GdiPlus.dll - ok
13:30:35.0702 0x0a38  [ C152629447732B74272D011C0B8AA20C, 73A29E81732E7A0082AA938E1849B364DFAECDA16B5B9E379C10927FB2E3E920 ] C:\Program Files (x86)\TuneUp Utilities 2012\dbrtl120.bpl
13:30:35.0702 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\dbrtl120.bpl - ok
13:30:35.0702 0x0a38  [ C7EFCDEAE5CE3E30ACF135020D67A0A8, 167ABDBB20CF44070BB1D8570FB337CECFA2659B139103B70468D040268CE90D ] C:\Program Files (x86)\TuneUp Utilities 2012\vcldb120.bpl
13:30:35.0702 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\vcldb120.bpl - ok
13:30:35.0717 0x0a38  [ E31A518350F8D5A5F0F42EEB49346593, B14ED9ED331ED689BECF4F836ECB890D836BBD30A4E5BFB3CD770FD91286A27D ] C:\Program Files (x86)\TuneUp Utilities 2012\TUOperaClass.bpl
13:30:35.0717 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\TUOperaClass.bpl - ok
13:30:35.0717 0x0a38  [ 0AD50B41742B8B7B64A6D38CE91F5E2D, 609698999394191EAFDE5C6BFF90E41B88518570E48F9C53264C56B2914ABE5D ] C:\Program Files (x86)\TuneUp Utilities 2012\TUSafariClass.bpl
13:30:35.0717 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\TUSafariClass.bpl - ok
13:30:35.0733 0x0a38  [ 29BC9501AE77DA3C47B1034E6BC42676, B759B76F4505CCC61A5C4BB906CBFA313C4E440BAEA4B5B7D90DC1C083AE80C7 ] C:\Program Files (x86)\TuneUp Utilities 2012\TuningWizard.bpl
13:30:35.0733 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\TuningWizard.bpl - ok
13:30:35.0749 0x0a38  [ E4102A28B128D97CFAACEAE37CD93779, BEA72A23B5A869865CC1E32F0FA4EBCA0C98DF28AFC4371AFA50E263DDAD48DD ] C:\Program Files (x86)\TuneUp Utilities 2012\TuApplications.bpl
13:30:35.0749 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\TuApplications.bpl - ok
13:30:35.0749 0x0a38  [ 46AC7FB331E9B393AFDA58F7D8CF449B, 51D71C4769D0F8B004848064663C15614709939DA690EAA8A63496CA35A5355F ] C:\Program Files (x86)\TuneUp Utilities 2012\Internet.bpl
13:30:35.0749 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\Internet.bpl - ok
13:30:35.0764 0x0a38  [ D236F23065211857FD1F5A3EA4C1D154, 0AD3065A12ADE7F84DAB5545F4091DD89D6B143D8032466C104A16A3D432C397 ] C:\Program Files (x86)\TuneUp Utilities 2012\CommonForms.bpl
13:30:35.0764 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\CommonForms.bpl - ok
13:30:35.0764 0x0a38  [ 1D7828406C07FA2B4C90BB40CD28FFB2, C2974B74D6E521A8A48F67220F00A6771E93E3864DCE136E8587C25CC576D13D ] C:\Program Files (x86)\TuneUp Utilities 2012\vclx120.bpl
13:30:35.0764 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\vclx120.bpl - ok
13:30:35.0780 0x0a38  [ 09DEF3ABB6A196749299359AC5578DD8, 056D88D5A6E7C3D0C5EB1CB0C3EF3B03AB5E34D48E53121B674040804620A6FB ] C:\Windows\SysWOW64\msxml4.dll
13:30:35.0780 0x0a38  C:\Windows\SysWOW64\msxml4.dll - ok
13:30:35.0780 0x0a38  [ F87EAF29C38913728E14EF9645EED92F, 40BF0483D6DF0BFD508D91C87561080537D9AE469661D20776B617456BA4BB4F ] C:\Program Files (x86)\Mozilla Firefox\nss3.dll
13:30:35.0780 0x0a38  C:\Program Files (x86)\Mozilla Firefox\nss3.dll - ok
13:30:35.0795 0x0a38  [ 67EC459E42D3081DD8FD34356F7CAFC1, 1221A09484964A6F38AF5E34EE292B9AFEFCCB3DC6E55435FD3AAF7C235D9067 ] C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll
13:30:35.0795 0x0a38  C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll - ok
13:30:35.0795 0x0a38  [ EFCD571D096682970EF998DD7154EBC3, AA32C806841251C2528DD81225EBC072BC4509CC586D0B8A65319F0BDA22D92F ] C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
13:30:35.0795 0x0a38  C:\Program Files (x86)\Mozilla Firefox\mozglue.dll - ok
13:30:35.0811 0x0a38  [ 03E9314004F504A14A61C3D364B62F66, A3BA6421991241BEA9C8334B62C3088F8F131AB906C3CC52113945D05016A35F ] C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll
13:30:35.0811 0x0a38  C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll - ok
13:30:35.0827 0x0a38  [ 1809DA81564C5537A277957EB0F833F6, 7511213CEDBDA1D448ED75DD9CBF329DA3B11FF2C344FF50BF783BBCC7964BE5 ] C:\Program Files (x86)\TuneUp Utilities 2012\TUSqlDB32.dll
13:30:35.0827 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\TUSqlDB32.dll - ok
13:30:35.0827 0x0a38  [ 0608FB7A4517C357A51EDE42E2C0937D, B4850B8BFFC206DFD161181A62BE58A87028BB0F22FF9F10DC3BCC1AE8344C3A ] C:\Program Files (x86)\TuneUp Utilities 2012\TUPSAPI.dll
13:30:35.0827 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\TUPSAPI.dll - ok
13:30:35.0842 0x0a38  [ BC5525C19F79B6099B085D0C00C4EF46, A429C160FD829EFBF2F825068643499EDC8EA8D7B57C49B0BC0934CB8BB18BBE ] C:\Windows\SysWOW64\irprops.cpl
13:30:35.0842 0x0a38  C:\Windows\SysWOW64\irprops.cpl - ok
13:30:35.0842 0x0a38  [ 75AAB603BCFDB77B1C05813E266D06AA, 6763078A01DFF4CA21C714775074184C5A1E11A57E1961F1F870D951CE492584 ] C:\Program Files (x86)\TuneUp Utilities 2012\TUTuningIndex.dll
13:30:35.0842 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\TUTuningIndex.dll - ok
13:30:35.0858 0x0a38  [ D6692338B985D4A0CA52B828314D897D, CB0B7C84C1E2782A95489E2F4D2AF4CFDAC02676B76F49FF7D6A7091739EA25D ] C:\Windows\SysWOW64\drprov.dll
13:30:35.0858 0x0a38  C:\Windows\SysWOW64\drprov.dll - ok
13:30:35.0858 0x0a38  [ D7B7159BC8374E87D8C45A30377A3440, 0B68B6E7C35280D502BF05177ADADE2EE35D4D5307C3D1EE2635879BA06D904D ] C:\Windows\SysWOW64\ntlanman.dll
13:30:35.0858 0x0a38  C:\Windows\SysWOW64\ntlanman.dll - ok
13:30:35.0873 0x0a38  [ EAF4712B706936C0B10D3B5319B37E81, 1A356A3AB52DC8A13F41D2B7F26B6B0E23663D7C9DD6DF6E464EF29460EF2602 ] C:\Windows\SysWOW64\davclnt.dll
13:30:35.0873 0x0a38  C:\Windows\SysWOW64\davclnt.dll - ok
13:30:35.0873 0x0a38  [ 179BECE8D1A4C488DDB7191FF9BE3FB0, F91ABCB67A2AFD471A9B94AA2B9C46AAEF606266DC2276E81A6D0832566162A5 ] C:\Windows\SysWOW64\davhlpr.dll
13:30:35.0873 0x0a38  C:\Windows\SysWOW64\davhlpr.dll - ok
13:30:35.0889 0x0a38  [ 593569F826ED1829ADC4CA7C030DE70D, D0787104E3C621955C0382575B048A2800F8F7C0229AD3C4C81B9DDC7BE13060 ] C:\Program Files\IDT\WDM\sttray64.exe
13:30:35.0889 0x0a38  C:\Program Files\IDT\WDM\sttray64.exe - ok
13:30:35.0889 0x0a38  [ 181F69BC9C406B7FB5C0ADE8031630AC, 4625B362246EC092B4162836BBD4A1748BA2698FC49CAD634A01377FC1BDA29C ] C:\Windows\SysWOW64\wpdshext.dll
13:30:35.0889 0x0a38  C:\Windows\SysWOW64\wpdshext.dll - ok
13:30:35.0905 0x0a38  [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
13:30:35.0905 0x0a38  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
13:30:35.0920 0x0a38  [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
13:30:35.0920 0x0a38  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
13:30:35.0920 0x0a38  [ 9ACCBC5891BA51B5B29C1A88F80D4CE3, 4EA3D9CB239874232AE0D7F824AF8CC7AD9BB4657CB9978B41067B4447FBE71B ] C:\Program Files (x86)\QuickTime\QTTask.exe
13:30:35.0920 0x0a38  C:\Program Files (x86)\QuickTime\QTTask.exe - ok
13:30:35.0936 0x0a38  [ 085BE68B52CE5A5FA4621507AD518CF3, A1761157760F68FE00F34B0182D1D8629EFE7753F4582C6F5ECD422627A8489E ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
13:30:35.0936 0x0a38  C:\Program Files (x86)\iTunes\iTunesHelper.exe - ok
13:30:35.0936 0x0a38  [ CE5C9977DA751DDC30952AC4DCBCA788, 295172C4681E9AC27121122CDD2BA6F2A62435917A083CC8490D584CA0164BE6 ] C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
13:30:35.0936 0x0a38  C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe - ok
13:30:35.0951 0x0a38  [ B06B80A4C0324ACF89E73E9BEE2AD64D, 438E72D7A9865A038E9319E1CF326143B5C757282BA112125734017FBE9AA506 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrobat_sl.exe
13:30:35.0951 0x0a38  C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrobat_sl.exe - ok
13:30:35.0951 0x0a38  [ C9905EA4C326DAB778B9297BA5BD1889, 1CBBC8AE8152A055E2D1EF5B9ED9B6A4D0FD8080ED1256845376AF66F993EBCA ] C:\Windows\SysWOW64\wermgr.exe
13:30:35.0951 0x0a38  C:\Windows\SysWOW64\wermgr.exe - ok
13:30:35.0967 0x0a38  [ C1EF4900EAC105E0139764C3E4469061, 69A38A86024BEA4A25BB95CC310BD7509B58645A36516B117DA3B36C14611BAB ] C:\Program Files (x86)\Windows Live\Installer\wlsres.dll
13:30:35.0967 0x0a38  C:\Program Files (x86)\Windows Live\Installer\wlsres.dll - ok
13:30:35.0967 0x0a38  [ 905045778EDCABF6644A1FA1399C5A71, 958B921B1E1015D5C09CEA5EA23869C62D58F109DC071691A359A30AE1931BA5 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\uninstall\Setup.exe
13:30:35.0967 0x0a38  C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\uninstall\Setup.exe - ok
13:30:35.0983 0x0a38  [ 24B1666FD14CC71C7B0679AC61625B90, 4243F0B91BF9EAB365BBC724F5984FEB3AD74DF91EAF15F36A44DEA0AEDB7D20 ] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
13:30:35.0983 0x0a38  C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe - ok
13:30:35.0983 0x0a38  [ 5992A9DF57FD5E6960FDCC2DB69867F7, 9BE3A7BEDB18AB9399D2B665EE9EDC553E63599F51D98A1B43E6AEB0C1E1B166 ] C:\Windows\SysWOW64\themeui.dll
13:30:35.0983 0x0a38  C:\Windows\SysWOW64\themeui.dll - ok
13:30:35.0998 0x0a38  [ C9D1131E2163CE932DF3EAAF0EEA3673, 5A5C729BF8CBD942B3D7E4800A5FAC502BBFD4D779E178E0805C7BFB7090B482 ] C:\Windows\SysWOW64\msfeeds.dll
13:30:35.0998 0x0a38  C:\Windows\SysWOW64\msfeeds.dll - ok
13:30:36.0014 0x0a38  [ D9184C5FF3FD526761D518A95ABA74A3, 0C1162320A7F6CD5DC0D55046310CDD755F37FBF0E079CB8A1579AABBB449C9D ] C:\Program Files (x86)\Mozilla Firefox\firefox.exe
13:30:36.0014 0x0a38  C:\Program Files (x86)\Mozilla Firefox\firefox.exe - ok
13:30:36.0014 0x0a38  [ 5F639198C4137075DA50E61C23963C11, 3D03B3BF62B3469069AD6BE2AAEE152CB6722D36C001B8197FEBC2F3EB9ADBE0 ] C:\Windows\System32\drprov.dll
13:30:36.0014 0x0a38  C:\Windows\System32\drprov.dll - ok
13:30:36.0029 0x0a38  [ BC566D17914B07ABAAB3A5A385CC3300, DCE0A1D26312AA6441FB7122C6EED980AE350D58B2B4B166CB62F983306268E9 ] C:\Windows\System32\ntlanman.dll
13:30:36.0029 0x0a38  C:\Windows\System32\ntlanman.dll - ok
13:30:36.0029 0x0a38  [ B32AB94A432289AC2DF77A3DCAD32EED, B1021C78F940E6FA7A8992B2733B593B89DA57325A0A0D13D2767F193A78D90F ] C:\Windows\System32\davclnt.dll
13:30:36.0029 0x0a38  C:\Windows\System32\davclnt.dll - ok
13:30:36.0045 0x0a38  [ 45B24A357C801CE62052FE0CDC8BD4D2, 00602E41B78473825253F6B2557A5C43FBDDCCF713D806929AE7C039FF8F185C ] C:\Windows\System32\davhlpr.dll
13:30:36.0045 0x0a38  C:\Windows\System32\davhlpr.dll - ok
13:30:36.0045 0x0a38  [ 9AED8E824CF5FAAB67957EDBC5512060, 2AEE03C5BFD9151C8F304A4A62F12884761E0F2E1611AE91B9CB0CC390A90212 ] C:\Program Files (x86)\Windows Media Player\wmplayer.exe
13:30:36.0045 0x0a38  C:\Program Files (x86)\Windows Media Player\wmplayer.exe - ok
13:30:36.0061 0x0a38  [ 7E5EEECD068A1508C3CE5D83BF5C50E0, AF4BF7D0A9A24DD901C127015F36946073E48315503134677E4F442FFBB9BEC3 ] C:\Windows\SysWOW64\dskquota.dll
13:30:36.0061 0x0a38  C:\Windows\SysWOW64\dskquota.dll - ok
13:30:36.0061 0x0a38  [ F1387F5674697F2D8EB6DE2266477860, 4F0F66E2EEED2D627627979CC32AE7E527095E9A53559EE967CC8D046025557D ] C:\Windows\System32\dskquota.dll
13:30:36.0061 0x0a38  C:\Windows\System32\dskquota.dll - ok
13:30:36.0076 0x0a38  [ 7919F90EAE0C6B6085E7AF7F47B14C0F, DF54FF05291A1A177AB57CF8FD0C311EAF14BD5039223F81280F004209A47369 ] C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
13:30:36.0076 0x0a38  C:\Program Files (x86)\Mozilla Firefox\mozjs.dll - ok
13:30:36.0076 0x0a38  [ 80537057E6EFDC1272F8AF572DAF0FBB, EF925907D18D82795C54245DE1ED0B9EC13553F64C1A7969C3CCFDEF8F40A1D9 ] C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
13:30:36.0076 0x0a38  C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll - ok
13:30:36.0092 0x0a38  [ 0A09A781B1A209BDCC8E7431055E4C45, 69D439327B5436517424EE9119E3FD2477BE90ADC82EBFD4C857D7B0B28FC52E ] C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
13:30:36.0092 0x0a38  C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll - ok
13:30:36.0092 0x0a38  [ DA7214AF0526F182E5AB0244358AE365, 2F39A3E47221CBA6B18A78E8A77DA6B07D4FBA92545BFBE9E235A6F5475EDE10 ] C:\Program Files (x86)\Mozilla Firefox\xul.dll
13:30:36.0092 0x0a38  C:\Program Files (x86)\Mozilla Firefox\xul.dll - ok
13:30:36.0107 0x0a38  [ C6097B864F628594ED3E53BA55FE0E0C, 8E3F147436F0E903023EE6DB4A426FBC7F566935DE997C1374CC76F73B229884 ] C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
13:30:36.0107 0x0a38  C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll - ok
13:30:36.0107 0x0a38  [ 3C1936A12C62254F914A01BBC6A8DC69, 0068F7A8B0D9E9776B44EAD99007B0CE5A5600633F2B477E9EFAAC644408C70E ] C:\Windows\SysWOW64\d3d10_1.dll
13:30:36.0107 0x0a38  C:\Windows\SysWOW64\d3d10_1.dll - ok
13:30:36.0123 0x0a38  [ D4212AB475A3B25EC4DF574536C3EDC5, F8BBEECB66BA6DDE5A64ED41D8BF95A1C81470552B4BFD5B11D888156289CCDD ] C:\Windows\SysWOW64\d3d10_1core.dll
13:30:36.0123 0x0a38  C:\Windows\SysWOW64\d3d10_1core.dll - ok
13:30:36.0123 0x0a38  [ A916790060389ABE8CB043A7248DAEBF, 515BF40EF935CF82962B4388EAF493DBDACD0ABDAFABC2EC17EF91E419AFF52D ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe
13:30:36.0123 0x0a38  C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe - ok
13:30:36.0139 0x0a38  [ D0E1A5B7F08590802FA7E95D4537BDC8, 2C672692C6ADAFF827557BA6C69C1212D2A3E4E83BD0A2BE662A5F3A6674384D ] C:\Program Files (x86)\TuneUp Utilities 2012\OneClickStarter.exe
13:30:36.0139 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\OneClickStarter.exe - ok
13:30:36.0139 0x0a38  [ 7B882AEBC5F6DBEA4E0361C0FC3E36D4, 97E18C7997F1394AC5CCA44AC287603B427AC1D55E3C5336B38E8B375B638635 ] C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL
13:30:36.0139 0x0a38  C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL - ok
13:30:36.0154 0x0a38  [ C6BCC1BE95AE7258D013EEA1C9159C8D, C04369023EC1FAA55B2FE0F1B773F709E0F33E764C677E8D3D50503BA0BFD011 ] C:\Program Files (x86)\Mozilla Firefox\softokn3.dll
13:30:36.0154 0x0a38  C:\Program Files (x86)\Mozilla Firefox\softokn3.dll - ok
13:30:36.0154 0x0a38  [ 193A0626CA65A5AEDDDD161560615D24, CA94E62AE7324DC28C4AB55E0233D5471AE396C73E67CC21E365237D2505DB83 ] C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll
13:30:36.0154 0x0a38  C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll - ok
13:30:36.0170 0x0a38  [ CAD0B60DF3E790FA7DDD205C117BA5C0, 24F5AA7A81739E8D8ACAC1BC256A7AE8BDFE76EEB53830BDD389B5DFB916D22B ] C:\Program Files (x86)\Mozilla Firefox\freebl3.dll
13:30:36.0170 0x0a38  C:\Program Files (x86)\Mozilla Firefox\freebl3.dll - ok
13:30:36.0170 0x0a38  [ 463DADBE8F36AB3C8906D5BE6012659D, A63BE9AF340D2C5A95D97D2F97587F610D51B33D7829C422D0EB42B06548C64D ] C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll
13:30:36.0170 0x0a38  C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll - ok
13:30:36.0185 0x0a38  [ 8A7FF48898DF0C03C0CEFAA51C89D486, 88834D26AFC1302D962886CF7E6C6A2F50241586C208CF900428DA546998109D ] C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox\rf-firefox-22.dll
13:30:36.0185 0x0a38  C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox\rf-firefox-22.dll - ok
13:30:36.0185 0x0a38  [ F043FE6A119ACEAA0C0209E01ADA8230, 575F0B7C6ABE4DA64FA83DEC12F7CAC2361F15054DCE348B5CF7170B4D6EF70A ] C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe
13:30:36.0185 0x0a38  C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe - ok
13:30:36.0201 0x0a38  [ B5C5DCAD3899512020D135600129D665, F6B4D18FA0D3C4958711AC0D476C21A6FDF2897F989A0AD290B43F463DD8B5B0 ] C:\Windows\SysWOW64\wininit.exe
13:30:36.0201 0x0a38  C:\Windows\SysWOW64\wininit.exe - ok
13:30:36.0201 0x0a38  [ 8B88EBBB05A0E56B7DCC708498C02B3E, 9E1EC8B43A88E68767FD8FED2F38E7984357B3F4186D0F907E62F8B6C9FF56AD ] C:\Windows\SysWOW64\explorer.exe
13:30:36.0201 0x0a38  C:\Windows\SysWOW64\explorer.exe - ok
13:30:36.0217 0x0a38  [ 4F2659160AFCCA990305816946F69407, 9E70685B73B3EAB78C55863BABCEECC7CCA89475B508B2A9C651ADE6FDE0751A ] C:\Windows\SysWOW64\taskeng.exe
13:30:36.0217 0x0a38  C:\Windows\SysWOW64\taskeng.exe - ok
13:30:36.0217 0x0a38  [ 968A289C99775F86964385748867B2AF, 23F3E749A578197705AF92DC4B8DF00F96D8D8FEB4101B738E941C474C6EFD11 ] C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox\rf-firefox.dll
13:30:36.0217 0x0a38  C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox\rf-firefox.dll - ok
13:30:36.0232 0x0a38  [ E1EF320CBB1A6623DF040D5539DDA8F4, 8BEEB1F5726907CD91A6F7BCED3A775981376C73970767E22B051337723AD674 ] C:\Windows\SysWOW64\TaskSchdPS.dll
13:30:36.0232 0x0a38  C:\Windows\SysWOW64\TaskSchdPS.dll - ok
13:30:36.0232 0x0a38  [ 51138BEEA3E2C21EC44D0932C71762A8, 5AD3C37E6F2B9DB3EE8B5AEEDC474645DE90C66E3D95F8620C48102F1EBA4124 ] C:\Windows\SysWOW64\rundll32.exe
13:30:36.0232 0x0a38  C:\Windows\SysWOW64\rundll32.exe - ok
13:30:36.0248 0x0a38  [ DF26B0F18A702629068D7AA59AA122DC, F47637072B6FEE050621E93B358D4B2D36A9163C5119FABD430E096458EEC262 ] C:\Program Files (x86)\Windows Live\SOXE\wlsoxe.dll
13:30:36.0248 0x0a38  C:\Program Files (x86)\Windows Live\SOXE\wlsoxe.dll - ok
13:30:36.0248 0x0a38  [ C3D545F4646303A864C8DFA85B33F476, 9FE93A6B4EFB5FA5A9B3EF82159F2712A11AA2494959F8F65B49FB262FBDAB2F ] C:\Windows\System32\TaskSchdPS.dll
13:30:36.0248 0x0a38  C:\Windows\System32\TaskSchdPS.dll - ok
13:30:36.0263 0x0a38  [ 21F82D80FC4551A502123C4B2CA1C9C1, DAA94692D5EC230842DA32039DFB3E46BD1778B9ED7F0DC8A44338D3471FF3C7 ] C:\Program Files (x86)\Microsoft Office\Office14\MAPIPH.DLL
13:30:36.0263 0x0a38  C:\Program Files (x86)\Microsoft Office\Office14\MAPIPH.DLL - ok
13:30:36.0263 0x0a38  [ 6F8BEC6CF2E2576897FE22D5D88D2135, 742B0051E8A3CC1BB0295CD688C9340CD1366C2A703121B496DFA64F6C0855DD ] C:\Program Files (x86)\Microsoft Office\Office14\OLMAPI32.DLL
13:30:36.0263 0x0a38  C:\Program Files (x86)\Microsoft Office\Office14\OLMAPI32.DLL - ok
13:30:36.0279 0x0a38  [ AB4FCBFEFA5C1C1689DC46C82D87AD90, 2BB1CF09721C0F07096408520B42B9B3B251EF88139E55A047A8CFD54A1B9677 ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSO.DLL
13:30:36.0279 0x0a38  C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSO.DLL - ok
13:30:36.0295 0x0a38  [ C9708C9F3DBA3DBFB1D2FEE1E9DABAD0, 7913CE825562662F2B58DEA0A083B8FCDA3D6137CB021E0EF78D6716193DF06A ] C:\Windows\SysWOW64\twext.dll
13:30:36.0295 0x0a38  C:\Windows\SysWOW64\twext.dll - ok
13:30:36.0295 0x0a38  [ 534D84434D9DB1D1E1E865F64E52AA8E, 7E2AF0C13C90C222227FF4CAB94E2E11FB18B0FE915A63072EE3B8B3D5F42EF0 ] C:\Windows\System32\twext.dll
13:30:36.0295 0x0a38  C:\Windows\System32\twext.dll - ok
13:30:36.0310 0x0a38  [ A2F0B6A45EF5B68173AAA2A39690904E, 92B346ACD035D2E6060F5D51F1ABAC3AFE902D3D8742860BD4935A63B9573C9D ] C:\Windows\SysWOW64\zipfldr.dll
13:30:36.0310 0x0a38  C:\Windows\SysWOW64\zipfldr.dll - ok
13:30:36.0310 0x0a38  [ BBAAE027C176402E221CADBFCAEB5407, 42408790DD435B5625E33C53013DB080FC3F583F2D54A71A866F70090E45CCA2 ] C:\Windows\System32\zipfldr.dll
13:30:36.0310 0x0a38  C:\Windows\System32\zipfldr.dll - ok
13:30:36.0326 0x0a38  [ 0B1C3C977F5C7261E6C569C3CF40D6D1, 37979173915908359E9A092229F929BB0324040A758426A59B10FB451A3C273B ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll
13:30:36.0326 0x0a38  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll - ok
13:30:36.0326 0x0a38  [ A1EAE71FBB4A7FA7848AD9E981B936C9, FF47545A2D765911917D3650163FB7A7FC5307130F88D0B56476425A70C05214 ] C:\Program Files\WinRAR\RarExt.dll
13:30:36.0326 0x0a38  C:\Program Files\WinRAR\RarExt.dll - ok
13:30:36.0326 0x0a38  [ 5F91B70935E73C6D2EC4245EF863D1B8, 8322888E215975E570F72C34CC382636A4880A1F27A5D831B6EBD7CC602D3E57 ] C:\Program Files\WinRAR\Formats\tar.fmt
13:30:36.0326 0x0a38  C:\Program Files\WinRAR\Formats\tar.fmt - ok
13:30:36.0341 0x0a38  [ 49C8CBD27EB5482E3135B3058CA5C0E9, F910BA116AFCE5B6970726029E6515A374168D64F41E56496C4283994086CA54 ] C:\Program Files\WinRAR\Formats\z.fmt
13:30:36.0341 0x0a38  C:\Program Files\WinRAR\Formats\z.fmt - ok
13:30:36.0357 0x0a38  [ D334B61F2629248967C30F036B88A549, D09ADF8C24E27B0549BB94DB4235385DA8CC0113698CA2CA253CE757D185562A ] C:\Program Files\WinRAR\Formats\arj.fmt
13:30:36.0357 0x0a38  C:\Program Files\WinRAR\Formats\arj.fmt - ok
13:30:36.0357 0x0a38  [ 526B2B0A68CB5A8C04536108F59019EC, F56D0A1349CE73660E98B8B0E201704437CB5F8EBA44188E796826F0A9C8DA74 ] C:\Program Files\WinRAR\Formats\gz.fmt
13:30:36.0357 0x0a38  C:\Program Files\WinRAR\Formats\gz.fmt - ok
13:30:36.0357 0x0a38  [ 0492FA4F911C813C2526BF6320615196, 349DCBFDC0C33001AF0E195DD4584268A291EE49A6CDA7EC02398FFF8A0C2F72 ] C:\Program Files (x86)\TuneUp Utilities 2012\SDShelEx-x64.dll
13:30:36.0357 0x0a38  C:\Program Files (x86)\TuneUp Utilities 2012\SDShelEx-x64.dll - ok
13:30:36.0373 0x0a38  [ 500E99B03EDC2748F3C09B8FF0B6E8FB, 0273EB3A012C3760198E3A9504AC01046E66827B8F29EFB4B5BF68F6AD704CD3 ] C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSShellConverter64.dll
13:30:36.0373 0x0a38  C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSShellConverter64.dll - ok
13:30:36.0388 0x0a38  [ B95F748C4F100DD0F6E8115CC0968670, 9A306E9C79DF259187839EC74B7A9F2FCEBFA5EE54184BB46C48E605B4120C36 ] C:\Windows\winsxs\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8a1dd9552ed7f8d8\ATL80.dll
13:30:36.0388 0x0a38  C:\Windows\winsxs\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8a1dd9552ed7f8d8\ATL80.dll - ok
13:30:36.0388 0x0a38  [ 3FDB52FD16CA9ABA63D6C0D9D2CB5DE4, 8FA5C96AC0F3E173BD03EE4338EB13E5097267C3421B2532681E91BFCFC20766 ] C:\Program Files\Microsoft Security Client\shellext.dll
13:30:36.0388 0x0a38  C:\Program Files\Microsoft Security Client\shellext.dll - ok
13:30:36.0404 0x0a38  [ 20A20A911CD79A6F6839167149A05668, D197F6EB8F716A53F3F3240BDA977736874F4E83C86389867DF8C060D7C7BC01 ] C:\Windows\SysWOW64\syncui.dll
13:30:36.0404 0x0a38  C:\Windows\SysWOW64\syncui.dll - ok
13:30:36.0404 0x0a38  [ A10B048B681C38E26CA90CD1BC123604, 4DA549D159D22650D8E83F9F76E8849F1126B0CB93E88F196409080200C48433 ] C:\Windows\System32\syncui.dll
13:30:36.0404 0x0a38  C:\Windows\System32\syncui.dll - ok
13:30:36.0419 0x0a38  [ D23E615E0969AECC1134E372B0B295D1, 0467D67FD8245CA0C49DBF34C52A3BDB6CDAE0CBE84B42D44100E4E4E52B16F2 ] C:\Windows\SysWOW64\synceng.dll
13:30:36.0419 0x0a38  C:\Windows\SysWOW64\synceng.dll - ok
13:30:36.0419 0x0a38  [ 8699D17DFCFCD327784034DB6BD3A422, 649FA1885F04E48FDD1B3F8C5769112F29BBE880A2FAEF44A22F6051737FF8B8 ] C:\Windows\System32\synceng.dll
13:30:36.0419 0x0a38  C:\Windows\System32\synceng.dll - ok
13:30:36.0435 0x0a38  [ 05F44FFCE9B6C2A5C4FD98ACD169414F, ADD79BFE5AD09F20D803A59256559B60B0918A775B490F9AE255861EE61AD01E ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat Elements\ContextMenu64.dll
13:30:36.0435 0x0a38  C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat Elements\ContextMenu64.dll - ok
13:30:36.0435 0x0a38  [ B57053CD59114D36952461EE638D3784, F5C54321A7A8119215E525CAD44B723DD9699A13F754669D29761833C3936575 ] C:\Windows\SysWOW64\acppage.dll
13:30:36.0435 0x0a38  C:\Windows\SysWOW64\acppage.dll - ok
13:30:36.0451 0x0a38  [ 8B22B0CF8912F810B28AFBFC8B42727F, 3E65AE302C177DB3496B38B698C825C22BEF406809DDC3DFF46A3B86F58B6808 ] C:\Windows\System32\acppage.dll
13:30:36.0451 0x0a38  C:\Windows\System32\acppage.dll - ok
13:30:36.0451 0x0a38  [ 50BB4FBC720D23497EEB5C9DAC497405, 8A995BE77F41F8FAD0D8E32B9D90CE0D83B794C9F54AC04A5E69B31C39FBDAA0 ] C:\Windows\SysWOW64\mydocs.dll
13:30:36.0451 0x0a38  C:\Windows\SysWOW64\mydocs.dll - ok
13:30:36.0466 0x0a38  [ C8994E2703410F8DFE19DE5BF82994C0, 90DEF413CCF71888DDBB6AE9F28DEB3CD477B1187F87A79B02791FB8247472FD ] C:\Windows\System32\mydocs.dll
13:30:36.0466 0x0a38  C:\Windows\System32\mydocs.dll - ok
13:30:36.0466 0x0a38  [ 4715F8F8CDBFFF2728BA38B789A1D7C7, 70E6F51636CFF04FCB5AD95968AC4771BEFE2D205DB7E34681F02DBE24C9CF39 ] C:\Windows\System32\wpdshext.dll
13:30:36.0466 0x0a38  C:\Windows\System32\wpdshext.dll - ok
13:30:36.0482 0x0a38  [ 1060D60CCA69A8136A87DBE3C8F4A467, EA246BD5EBA5C593A6D1CB8A300CCA13E575A2E1DF79BCD524B4C84866E4BE8D ] C:\Windows\SysWOW64\EhStorAPI.dll
13:30:36.0482 0x0a38  C:\Windows\SysWOW64\EhStorAPI.dll - ok
13:30:36.0482 0x0a38  [ 03AB2A2E426C2AD400AC8315226347F8, 71B2628163471D3D8C5681CA7BBAFC03C6EAA499707513FDBDEC009F0EB32E77 ] C:\Windows\System32\EhStorAPI.dll
13:30:36.0482 0x0a38  C:\Windows\System32\EhStorAPI.dll - ok
13:30:36.0497 0x0a38  [ F672155776ABADF6A23C59E74491C9F2, B623F7901B85BA72808EC4AF9A195236C601A6B965F9202DB557746AE3FFC327 ] C:\Users\Admin\Desktop\tdsskiller.exe
13:30:36.0497 0x0a38  C:\Users\Admin\Desktop\tdsskiller.exe - ok
13:30:36.0497 0x0a38  [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\Users\Admin\AppData\Local\Temp\{2CD59E37-7153-429D-9B41-51ED14A61F37}\{47EAA7AA-C2A4-48C1-9FBE-7A111AFE8FE0}.tmp
13:30:36.0497 0x0a38  C:\Users\Admin\AppData\Local\Temp\{2CD59E37-7153-429D-9B41-51ED14A61F37}\{47EAA7AA-C2A4-48C1-9FBE-7A111AFE8FE0}.tmp - ok
13:30:36.0513 0x0a38  [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\Users\Admin\AppData\Local\Temp\{2CD59E37-7153-429D-9B41-51ED14A61F37}\{DE4600C8-2426-494C-B7F6-95522AC52C96}.tmp
13:30:36.0513 0x0a38  C:\Users\Admin\AppData\Local\Temp\{2CD59E37-7153-429D-9B41-51ED14A61F37}\{DE4600C8-2426-494C-B7F6-95522AC52C96}.tmp - ok
13:30:36.0529 0x0a38  [ 80808656078CFCC32CF8BFEB0DD66279, 383F37599ABF16EEDEB2A60242DB7EDCC3D210A2A59DD61169047059F7041C5C ] C:\Users\Admin\AppData\Local\Temp\{2CD59E37-7153-429D-9B41-51ED14A61F37}\{92D4E104-BC07-40BA-AF68-E3932E25DA0E}.tmp
13:30:36.0529 0x0a38  C:\Users\Admin\AppData\Local\Temp\{2CD59E37-7153-429D-9B41-51ED14A61F37}\{92D4E104-BC07-40BA-AF68-E3932E25DA0E}.tmp - ok
13:30:36.0529 0x0a38  [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\Users\Admin\AppData\Local\Temp\{2CD59E37-7153-429D-9B41-51ED14A61F37}\{23275827-5F24-4E20-88D6-22C762D74411}.tmp
13:30:36.0529 0x0a38  C:\Users\Admin\AppData\Local\Temp\{2CD59E37-7153-429D-9B41-51ED14A61F37}\{23275827-5F24-4E20-88D6-22C762D74411}.tmp - ok
13:30:36.0544 0x0a38  [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\Users\Admin\AppData\Local\Temp\{2CD59E37-7153-429D-9B41-51ED14A61F37}\{60655451-F70D-4B63-8966-C3905EC96FC8}.tmp
13:30:36.0544 0x0a38  C:\Users\Admin\AppData\Local\Temp\{2CD59E37-7153-429D-9B41-51ED14A61F37}\{60655451-F70D-4B63-8966-C3905EC96FC8}.tmp - ok
13:30:36.0544 0x0a38  [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\Users\Admin\AppData\Local\Temp\{2CD59E37-7153-429D-9B41-51ED14A61F37}\{30817FE0-E4C8-4221-B1D2-CED4ECC19EBA}.tmp
13:30:36.0544 0x0a38  C:\Users\Admin\AppData\Local\Temp\{2CD59E37-7153-429D-9B41-51ED14A61F37}\{30817FE0-E4C8-4221-B1D2-CED4ECC19EBA}.tmp - ok
13:30:36.0560 0x0a38  [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\Users\Admin\AppData\Local\Temp\{2CD59E37-7153-429D-9B41-51ED14A61F37}\{00FD737B-680F-4D82-8A2F-FFBF66F0067C}.tmp
13:30:36.0560 0x0a38  C:\Users\Admin\AppData\Local\Temp\{2CD59E37-7153-429D-9B41-51ED14A61F37}\{00FD737B-680F-4D82-8A2F-FFBF66F0067C}.tmp - ok
13:30:36.0560 0x0a38  [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\Users\Admin\AppData\Local\Temp\{2CD59E37-7153-429D-9B41-51ED14A61F37}\{15D8D1A7-FB4D-45D7-B71A-B6D1B66C4217}.tmp
13:30:36.0560 0x0a38  C:\Users\Admin\AppData\Local\Temp\{2CD59E37-7153-429D-9B41-51ED14A61F37}\{15D8D1A7-FB4D-45D7-B71A-B6D1B66C4217}.tmp - ok
13:30:36.0575 0x0a38  [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\Users\Admin\AppData\Local\Temp\{2CD59E37-7153-429D-9B41-51ED14A61F37}\{1731B2C2-7421-4607-97D1-2982D54FBBD7}.tmp
13:30:36.0575 0x0a38  C:\Users\Admin\AppData\Local\Temp\{2CD59E37-7153-429D-9B41-51ED14A61F37}\{1731B2C2-7421-4607-97D1-2982D54FBBD7}.tmp - ok
13:30:36.0575 0x0a38  [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\Users\Admin\AppData\Local\Temp\{2CD59E37-7153-429D-9B41-51ED14A61F37}\{790B5AB5-4BA6-4EAB-B59D-93D2D5292026}.tmp
13:30:36.0575 0x0a38  C:\Users\Admin\AppData\Local\Temp\{2CD59E37-7153-429D-9B41-51ED14A61F37}\{790B5AB5-4BA6-4EAB-B59D-93D2D5292026}.tmp - ok
13:30:36.0591 0x0a38  Waiting for KSN requests completion. In queue: 95
13:30:37.0605 0x0a38  Waiting for KSN requests completion. In queue: 95
13:30:38.0744 0x0a38  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.4.304.0 ), 0x61000 ( enabled : updated )
13:30:38.0759 0x0a38  Win FW state via NFP2: enabled
13:30:46.0747 0x0a38  ============================================================
13:30:46.0747 0x0a38  Scan finished
13:30:46.0747 0x0a38  ============================================================
13:30:46.0762 0x0df4  Detected object count: 1
13:30:46.0762 0x0df4  Actual detected object count: 1
13:32:34.0933 0x0df4  \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
13:32:35.0432 0x0df4  \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
13:32:44.0371 0x0df4  \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
13:32:44.0636 0x0df4  \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
13:32:44.0714 0x0df4  \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
13:32:44.0777 0x0df4  \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
13:32:45.0151 0x0df4  \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
13:32:45.0323 0x0df4  \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
13:32:45.0385 0x0df4  \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
13:32:45.0432 0x0df4  \Device\Harddisk0\DR0\TDLFS - deleted
13:32:45.0432 0x0df4  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete



#10 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:41 PM

Posted 04 March 2014 - 02:45 PM

That worked well. But we're not done yet!


Step 1

Please download this attached Attached File  fixlist.txt   1.42KB   7 downloads and save it in the same directory as FRST.

  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
    Please copy and paste its contents in your next reply.

 

 

 

Step 2

Please download Combofix (by sUBs) and save it to your Desktop.

  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start Combofix.exe and follow its instructions.
  • Do not use the computer while the scan is running. This may cause the program to stall.
  • When finished, a log file will be displayed (that can also be found at C:\Combofix.txt).
    Please copy and paste the contents of this file into your next post.

Note: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." after the scan, just restart the computer.
(You can find more detailed instructions in this guide on using Combofix.)



Step 3

Start FRST with administator privileges.

  • Make sure the option Addition.txt (under Optional Scan) is checked.
  • Press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
    Please copy and paste these logs in your next reply.


#11 gillybean

gillybean
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Canada
  • Local time:08:41 AM

Posted 04 March 2014 - 03:38 PM

It is stating I do not have permission to post the log on this post?



#12 gillybean

gillybean
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Canada
  • Local time:08:41 AM

Posted 04 March 2014 - 05:11 PM

FRST log


FRST log

Attached Files

  • Attached File  FRST.txt   42.17KB   1 downloads


#13 gillybean

gillybean
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Canada
  • Local time:08:41 AM

Posted 04 March 2014 - 05:16 PM

fixlog

Attached Files



#14 gillybean

gillybean
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Canada
  • Local time:08:41 AM

Posted 04 March 2014 - 05:19 PM

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-03-2014
Ran by Admin at 2014-03-04 16:48:08
Running from C:\Users\Admin\Desktop\New folder
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

µTorrent (HKLM-x32\...\uTorrent) (Version: 3.3.0.29420 - BitTorrent Inc.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.7 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Photoshop CS (HKLM-x32\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{64FBA03C-575C-D688-1C80-A5773CE471F9}) (Version: 3.0.732.0 - ATI Technologies, Inc.)
Belkin N300 Micro USB Wireless Adapter (HKLM-x32\...\{B20F9D1C-A0A5-4cd8-8306-DA03872311B1}) (Version: 1.00.0155 - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
ConvertXtoDVD 4.1.19.364 (HKLM-x32\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.1.19.364 - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{81FB7C60-565A-4869-9D90-3BE1D270E8B7}) (Version:  - Microsoft)
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 3.3.2.1 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1107.115.102 - ALPS ELECTRIC CO., LTD.)
DriverTuner 3.1.0.0 (HKLM-x32\...\{520C1D80-935C-42B9-9340-E883849D804F}_is1) (Version: 3.1.0.0 - LionSea SoftWare)
Dropbox (HKCU\...\Dropbox) (Version: 2.0.10 - Dropbox, Inc.)
Duplicate File Cleaner v2.6 (HKLM-x32\...\Duplicate File Cleaner_is1) (Version:  - Cheese Software Ltd.)
EximiousSoft Logo Designer V2.58 (HKLM-x32\...\EximiousSoft Logo Designer_is1) (Version:  - EximiousSoft)
Free FLAC to MP3 Converter 1.0 (HKLM-x32\...\{A54C01BD-1277-4722-B42B-EC9800A90B1E}_is1) (Version:  - PolySoft Solutions)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.5192 - HP Photo Creations)
HP Photosmart 5510 series Basic Device Software (HKLM\...\{EBF97BCD-7BA6-44B6-A8A7-358BA3592B09}) (Version: 24.0.342.0 - Hewlett-Packard Co.)
HP Photosmart 5510 series Help (HKLM-x32\...\{E02964EA-0E1B-4620-A26E-CBAB0341B1BB}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photosmart 5510 series Product Improvement Study (HKLM\...\{9174E097-FF65-4733-AA1E-E3067D3BF379}) (Version: 24.0.342.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6272.0 - IDT)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1029 - Intel Corporation)
iTunes (HKLM\...\{0D924CB2-2EA4-4044-BAF7-770202D6BD0D}) (Version: 11.1.4.62 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
K-Lite Codec Pack 8.7.0 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 8.7.0 - )
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Media Player Utilities 4.36 (HKLM-x32\...\{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}) (Version: 4.36 -  )
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0080-0409-0000-0000000FF1CE}) (Version: 14.0.6106.5001 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 27.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
Pazera Free MP4 to AVI Converter 1.7 (HKLM-x32\...\{42442BC6-5A92-4BC2-9E0C-3D359D548A21}_is1) (Version: 1.7 - Pazera Jacek)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
RoboForm 7-9-5-5 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-9-5-5 - Siber Systems)
SeaTools for Windows (HKLM-x32\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.7 - Seagate Technology)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
TuneUp Utilities 2012 (HKLM-x32\...\TuneUp Utilities 2012) (Version: 12.0.3600.181 - TuneUp Software)
TuneUp Utilities 2012 (x32 Version: 12.0.3600.181 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (en-US) (x32 Version: 12.0.3600.181 - TuneUp Software) Hidden
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-00000