Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Rootkit found but can't be removed


  • This topic is locked This topic is locked
38 replies to this topic

#1 rjrossi88

rjrossi88

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:09:29 PM

Posted 04 July 2014 - 01:36 PM

Avast keeps finding rootkit mbr:\\.\physicaldrive0\partiton3 (rootkit name MBR:SST [Rtk]) but it returns even after being deleted.  I'm not sure how to remove it completely.  Any help would be greatly appreciated!



BC AdBot (Login to Remove)

 


m

#2 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,015 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:01:29 AM

Posted 04 July 2014 - 01:54 PM

Greetings and :welcome: to BleepingComputer,
My name is xXToffeeXx, but feel free to call me Toffee if it is easier for you. I will be helping you with your malware problems.
 
A few points to cover before we start:

  • Do not run any tools without being instructed to as this makes my job much harder in trying to figure out what you have done.
  • Make sure to read my instructions fully before attempting a step.
  • If you have problems or questions with any of the steps, feel free to ask me. I will be happy to answer any questions you have.
  • Please follow the topic by clicking on the "Follow this topic" button, and make sure a tick is in the "receive notifications" and is set to "Instantly". Any replies should be made in this topic by clicking the "Reply to this topic" button.
  • Important information in my posts will often be in bold, make sure to take note of these.
  • I will attempt to reply as soon as possible, and normally within 24 hours of your reply. If this is not possible or I have a delay then I will let you know.
  • I will bump a topic after 3 days of no activity, and then will give you another 2 days to reply before a topic is closed. If you need more time than this please let me know.
  • Lets get going now :thumbup2:

==========================
 
Hi rjrossi88,

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters
     
     
    tds2.jpg
  • Check Loaded Modules, Verify Driver Digital Signature, and Detect TDLFS file system
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now
     
     
    2012081514h0118.png
  • Click Start Scan and allow the scan process to run
     
     
    tds4-1.jpg
  • If threats are detected select Skip or Cure (if available) for all of them unless otherwise instructed.
    ***Do NOT select Delete!
  • Click Continue
     
     
    tds6.jpg
  • Click Reboot computer
  • Please copy the TDSSKiller.[Version]_[Date]_[Time]_log.txt file found in your root directory (typically c:\) and paste it into your next reply

--------------
 
To recap, in your next reply I would like to see the following. Make sure to copy & paste them unless I ask otherwise:

  • TDSSKiller log

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

~Currently in my last year of school, so replies might be more delayed~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#3 rjrossi88

rjrossi88
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:09:29 PM

Posted 04 July 2014 - 03:55 PM

16:34:02.0953 0x0d58  TDSS rootkit removing tool 3.0.0.39 Jun  5 2014 20:35:54
16:34:04.0669 0x0d58  ============================================================
16:34:04.0669 0x0d58  Current date / time: 2014/07/04 16:34:04.0669
16:34:04.0669 0x0d58  SystemInfo:
16:34:04.0669 0x0d58  
16:34:04.0669 0x0d58  OS Version: 6.0.6002 ServicePack: 2.0
16:34:04.0669 0x0d58  Product type: Workstation
16:34:04.0669 0x0d58  ComputerName: OWNER-PC
16:34:04.0669 0x0d58  UserName: Thomas
16:34:04.0669 0x0d58  Windows directory: C:\Windows
16:34:04.0669 0x0d58  System windows directory: C:\Windows
16:34:04.0669 0x0d58  Processor architecture: Intel x86
16:34:04.0669 0x0d58  Number of processors: 2
16:34:04.0669 0x0d58  Page size: 0x1000
16:34:04.0669 0x0d58  Boot type: Normal boot
16:34:04.0669 0x0d58  ============================================================
16:34:04.0685 0x0d58  BG loaded
16:34:07.0868 0x0d58  System UUID: {1CA44CFA-666A-CB0C-A716-C652915E6505}
16:34:12.0033 0x0d58  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:34:12.0065 0x0d58  ============================================================
16:34:12.0065 0x0d58  \Device\Harddisk0\DR0:
16:34:12.0252 0x0d58  MBR partitions:
16:34:12.0252 0x0d58  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC8889A2
16:34:12.0252 0x0d58  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC8889E1, BlocksNum 0x170ADE0
16:34:12.0252 0x0d58  ============================================================
16:34:12.0470 0x0d58  C: <-> \Device\Harddisk0\DR0\Partition1
16:34:12.0845 0x0d58  D: <-> \Device\Harddisk0\DR0\Partition2
16:34:12.0845 0x0d58  ============================================================
16:34:12.0845 0x0d58  Initialize success
16:34:12.0845 0x0d58  ============================================================
16:34:38.0143 0x0f54  ============================================================
16:34:38.0143 0x0f54  Scan started
16:34:38.0143 0x0f54  Mode: Manual; SigCheck; TDLFS;
16:34:38.0143 0x0f54  ============================================================
16:34:38.0143 0x0f54  KSN ping started
16:34:40.0795 0x0f54  KSN ping finished: true
16:34:45.0709 0x0f54  ================ Scan system memory ========================
16:34:45.0709 0x0f54  System memory - ok
16:34:45.0709 0x0f54  ================ Scan services =============================
16:34:46.0271 0x0f54  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
16:34:49.0016 0x0f54  ACPI - ok
16:34:49.0672 0x0f54  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
16:34:49.0734 0x0f54  AdobeARMservice - ok
16:34:50.0405 0x0f54  [ B5D8DE922237CEDDC7992297654A4BE4, 88EF0B5EBFB383C9069A29AEA8D76EDBE1E70DD6F7C18970EE01ECAE9F408B38 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:34:50.0561 0x0f54  AdobeFlashPlayerUpdateSvc - ok
16:34:50.0748 0x0f54  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
16:34:50.0935 0x0f54  adp94xx - ok
16:34:51.0216 0x0f54  [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
16:34:51.0528 0x0f54  adpahci - ok
16:34:51.0684 0x0f54  [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
16:34:51.0918 0x0f54  adpu160m - ok
16:34:52.0027 0x0f54  [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
16:34:52.0261 0x0f54  adpu320 - ok
16:34:52.0433 0x0f54  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:34:52.0963 0x0f54  AeLookupSvc - ok
16:34:53.0353 0x0f54  [ 3911B972B55FEA0478476B2E777B29FA, 62545B90C7DD3F73777E62CD8264E611A4D71B6956CABFD2D820D25F41F471FD ] AFD             C:\Windows\system32\drivers\afd.sys
16:34:53.0915 0x0f54  AFD - ok
16:34:54.0289 0x0f54  [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440          C:\Windows\system32\drivers\agp440.sys
16:34:54.0445 0x0f54  agp440 - ok
16:34:54.0773 0x0f54  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
16:34:55.0054 0x0f54  aic78xx - ok
16:34:55.0147 0x0f54  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
16:34:55.0412 0x0f54  ALG - ok
16:34:55.0522 0x0f54  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B40EB044A318319F ] aliide          C:\Windows\system32\drivers\aliide.sys
16:34:55.0615 0x0f54  aliide - ok
16:34:55.0787 0x0f54  [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
16:34:55.0974 0x0f54  amdagp - ok
16:34:56.0083 0x0f54  [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B613F5553B145C7B ] amdide          C:\Windows\system32\drivers\amdide.sys
16:34:56.0208 0x0f54  amdide - ok
16:34:56.0380 0x0f54  [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
16:34:56.0629 0x0f54  AmdK7 - ok
16:34:56.0723 0x0f54  [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
16:34:56.0988 0x0f54  AmdK8 - ok
16:34:57.0550 0x0f54  [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] Appinfo         C:\Windows\System32\appinfo.dll
16:34:57.0721 0x0f54  Appinfo - ok
16:34:58.0283 0x0f54  [ 3DEBBECF665DCDDE3A95D9B902010817, F56F4A7A36FAF5FC2306E108A24E75E13EE1F2D1002D9CB71E3327A55F8694CE ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:34:58.0376 0x0f54  Apple Mobile Device - ok
16:34:58.0501 0x0f54  [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc             C:\Windows\system32\drivers\arc.sys
16:34:58.0626 0x0f54  arc - ok
16:34:58.0751 0x0f54  [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
16:34:58.0844 0x0f54  arcsas - ok
16:35:00.0108 0x0f54  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
16:35:00.0592 0x0f54  aspnet_state - ok
16:35:00.0654 0x0f54  [ 3BFBB5DAE801CB893B8B46345FED6437, 2C2B71C1294585265D4871E74F17541500CA20DE34AC516F2A906DD81964C833 ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
16:35:14.0101 0x0f54  aswHwid - ok
16:35:14.0179 0x0f54  [ C3014C735F450FE822C97FFBB0627113, 1CCFE845AED1757B8C1F52D310933076FF1EC197D82E499DB4592B09D66137B0 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
16:35:14.0242 0x0f54  aswMonFlt - ok
16:35:14.0304 0x0f54  [ D6C9024F5D14843D33ADA8A6A10A1BE1, D40022D0A360FD4010D3D5D452BBC4CE9EE68224DEAB9584626E6F435E128857 ] aswRdr          C:\Windows\system32\drivers\aswRdr.sys
16:35:14.0382 0x0f54  aswRdr - ok
16:35:14.0429 0x0f54  [ B7750AF7EDFD95674EB7CA92BCDD3358, A097577004F3CF71E2F9465F02B073D39926D7DEE2E2A9516D888158A5CB19E9 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
16:35:14.0585 0x0f54  aswRvrt - ok
16:35:15.0131 0x0f54  [ 51FDE588D860857A97E4C4B560E40C9B, 8A3AC3E55249DAE6CCD95593989F8B100D5C4712A16681A36E5D0F2F08BD57AA ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
16:35:16.0598 0x0f54  aswSnx - ok
16:35:17.0378 0x0f54  [ 1AEB8CDB797666AF709A291B47AE81E0, 12AC4DBC6338BA5E5C04B449FF8362E7EC8EBFCA675C4F21BE847DFDCAE8F7C9 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
16:35:17.0877 0x0f54  aswSP - ok
16:35:18.0080 0x0f54  [ 26C51C289E39E8EE0F12B8B06B71E436, 81382FC3E836698432EE832A166F09251CC9164B17584E90F73037A1FA54E4F7 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
16:35:18.0158 0x0f54  aswTdi - ok
16:35:18.0423 0x0f54  [ 90BEE0170D70D6744CEF2355EEAF8086, 8F9FF53F529B854934020E2F8163605DC794FF48464D3D4439BAAF70ECE8E963 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
16:35:18.0657 0x0f54  aswVmm - ok
16:35:18.0735 0x0f54  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:35:18.0923 0x0f54  AsyncMac - ok
16:35:19.0063 0x0f54  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys
16:35:19.0094 0x0f54  atapi - ok
16:35:19.0531 0x0f54  [ 0437199C88F6E88A387CFEC8A8886A6E, 1A5520DEF4636E9B32AF8B9733688957BF6F26D850A71BB9C7B479A727755528 ] athr            C:\Windows\system32\DRIVERS\athr.sys
16:35:20.0779 0x0f54  athr - ok
16:35:21.0356 0x0f54  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:35:22.0167 0x0f54  AudioEndpointBuilder - ok
16:35:22.0433 0x0f54  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
16:35:22.0542 0x0f54  Audiosrv - ok
16:35:22.0979 0x0f54  [ 73F5C13B431915BAE35254B4E95DFB71, 393A045859382C44133C004598B1512048046BCC129FED2247A77FDBFCDB6DFF ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
16:35:23.0057 0x0f54  avast! Antivirus - ok
16:35:24.0212 0x0f54  [ CF6A67C90951E3E763D2135DEDE44B85, DD31F105665C6980D4CEF5C5C0F29590CF1DC0B4AEB3809C8659915E5E95931B ] BCM43XV         C:\Windows\system32\DRIVERS\bcmwl6.sys
16:35:25.0210 0x0f54  BCM43XV - ok
16:35:25.0320 0x0f54  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:35:25.0600 0x0f54  Beep - ok
16:35:25.0881 0x0f54  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
16:35:26.0209 0x0f54  BFE - ok
16:35:26.0583 0x0f54  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\System32\qmgr.dll
16:35:27.0254 0x0f54  BITS - ok
16:35:27.0301 0x0f54  [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
16:35:27.0426 0x0f54  blbdrive - ok
16:35:27.0535 0x0f54  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:35:27.0613 0x0f54  Bonjour Service - ok
16:35:27.0675 0x0f54  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:35:27.0816 0x0f54  bowser - ok
16:35:27.0862 0x0f54  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
16:35:27.0940 0x0f54  BrFiltLo - ok
16:35:27.0987 0x0f54  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
16:35:28.0081 0x0f54  BrFiltUp - ok
16:35:28.0705 0x0f54  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
16:35:28.0923 0x0f54  Browser - ok
16:35:28.0970 0x0f54  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
16:35:29.0157 0x0f54  Brserid - ok
16:35:29.0204 0x0f54  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
16:35:29.0376 0x0f54  BrSerWdm - ok
16:35:29.0454 0x0f54  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
16:35:29.0703 0x0f54  BrUsbMdm - ok
16:35:29.0766 0x0f54  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
16:35:30.0062 0x0f54  BrUsbSer - ok
16:35:30.0109 0x0f54  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
16:35:30.0327 0x0f54  BTHMODEM - ok
16:35:30.0531 0x0f54  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:35:30.0625 0x0f54  cdfs - ok
16:35:30.0734 0x0f54  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:35:30.0859 0x0f54  cdrom - ok
16:35:30.0937 0x0f54  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
16:35:31.0030 0x0f54  CertPropSvc - ok
16:35:31.0093 0x0f54  [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass        C:\Windows\system32\drivers\circlass.sys
16:35:31.0202 0x0f54  circlass - ok
16:35:31.0295 0x0f54  [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS            C:\Windows\system32\CLFS.sys
16:35:31.0374 0x0f54  CLFS - ok
16:35:31.0562 0x0f54  [ 8EE772032E2FE80A924F3B8DD5082194, B743DF91563A22CC15D9B44105804B5866A29D3DFC156DBE88DFAFEF903B94C0 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:35:31.0952 0x0f54  clr_optimization_v2.0.50727_32 - ok
16:35:32.0045 0x0f54  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:35:32.0342 0x0f54  clr_optimization_v4.0.30319_32 - ok
16:35:32.0451 0x0f54  [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
16:35:32.0607 0x0f54  CmBatt - ok
16:35:32.0700 0x0f54  [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC4652953091E5C5 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:35:33.0902 0x0f54  cmdide - ok
16:35:34.0167 0x0f54  [ B6E7991E3D6146C04C85CD31AF22A381, 808393C7C5E59F273D03C62745A2AF759F588C102EDB6A2B8DD94C9A6AAF3F10 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT32.sys
16:35:34.0604 0x0f54  CnxtHdAudService - ok
16:35:35.0228 0x0f54  [ C7A0E61D5714AC20DE52D4F66EC773B8, 53F0C91FD62E6787221EFB4BFDB087C2087CACD6B0C0605F58FC391F546EBA7A ] Com4QLBEx       C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
16:35:35.0446 0x0f54  Com4QLBEx - ok
16:35:35.0555 0x0f54  [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
16:35:35.0633 0x0f54  Compbatt - ok
16:35:35.0649 0x0f54  COMSysApp - ok
16:35:35.0820 0x0f54  [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
16:35:35.0992 0x0f54  crcdisk - ok
16:35:36.0070 0x0f54  [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
16:35:36.0382 0x0f54  Crusoe - ok
16:35:36.0569 0x0f54  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:35:37.0162 0x0f54  CryptSvc - ok
16:35:37.0864 0x0f54  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:35:38.0738 0x0f54  DcomLaunch - ok
16:35:38.0956 0x0f54  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:35:39.0221 0x0f54  DfsC - ok
16:35:41.0280 0x0f54  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
16:35:44.0463 0x0f54  DFSR - ok
16:35:44.0947 0x0f54  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
16:35:45.0337 0x0f54  Dhcp - ok
16:35:45.0478 0x0f54  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
16:35:45.0571 0x0f54  disk - ok
16:35:45.0774 0x0f54  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:35:45.0993 0x0f54  Dnscache - ok
16:35:46.0133 0x0f54  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
16:35:46.0429 0x0f54  dot3svc - ok
16:35:46.0633 0x0f54  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
16:35:49.0925 0x0f54  DPS - ok
16:35:50.0159 0x0f54  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:35:50.0408 0x0f54  drmkaud - ok
16:35:50.0814 0x0f54  [ 988670D8343EF9835FB3659DB71B2EFA, 5F5370FDD08C4BFF0828341952E98E95F722CB779EEC08C9DD6212C4DF3CD33B ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:35:52.0031 0x0f54  DXGKrnl - ok
16:35:52.0390 0x0f54  [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
16:35:52.0967 0x0f54  E1G60 - ok
16:35:53.0372 0x0f54  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
16:35:53.0528 0x0f54  EapHost - ok
16:35:53.0778 0x0f54  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache          C:\Windows\system32\drivers\ecache.sys
16:35:54.0059 0x0f54  Ecache - ok
16:35:54.0308 0x0f54  [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:35:57.0070 0x0f54  ehRecvr - ok
16:35:57.0319 0x0f54  [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched         C:\Windows\ehome\ehsched.exe
16:35:57.0569 0x0f54  ehSched - ok
16:35:57.0709 0x0f54  [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart         C:\Windows\ehome\ehstart.dll
16:36:02.0215 0x0f54  ehstart - ok
16:36:02.0309 0x0f54  [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
16:36:02.0403 0x0f54  elxstor - ok
16:36:02.0621 0x0f54  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
16:36:02.0980 0x0f54  EMDMgmt - ok
16:36:03.0073 0x0f54  [ 3DB974F3935483555D7148663F726C61, C288CFC04213B0340ABEC752C0A7B308B29122B5F51E68387BA1D9E9D7166FDD ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:36:03.0261 0x0f54  ErrDev - ok
16:36:03.0479 0x0f54  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
16:36:03.0573 0x0f54  EventSystem - ok
16:36:03.0744 0x0f54  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
16:36:04.0072 0x0f54  exfat - ok
16:36:04.0165 0x0f54  [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:36:04.0415 0x0f54  fastfat - ok
16:36:04.0633 0x0f54  [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
16:36:04.0774 0x0f54  fdc - ok
16:36:04.0836 0x0f54  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
16:36:04.0961 0x0f54  fdPHost - ok
16:36:05.0023 0x0f54  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:36:05.0195 0x0f54  FDResPub - ok
16:36:05.0304 0x0f54  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:36:05.0351 0x0f54  FileInfo - ok
16:36:05.0507 0x0f54  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:36:05.0772 0x0f54  Filetrace - ok
16:36:05.0835 0x0f54  [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
16:36:05.0959 0x0f54  flpydisk - ok
16:36:06.0037 0x0f54  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:36:06.0100 0x0f54  FltMgr - ok
16:36:06.0583 0x0f54  [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache       C:\Windows\system32\FntCache.dll
16:36:08.0580 0x0f54  FontCache - ok
16:36:08.0674 0x0f54  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:36:08.0721 0x0f54  FontCache3.0.0.0 - ok
16:36:08.0783 0x0f54  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:36:08.0845 0x0f54  Fs_Rec - ok
16:36:08.0908 0x0f54  [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
16:36:08.0955 0x0f54  gagp30kx - ok
16:36:09.0189 0x0f54  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll
16:36:09.0438 0x0f54  gpsvc - ok
16:36:09.0532 0x0f54  [ 93AEE3434935FC2F805FEFD8DC5ED1B4, EF4A76725B76FFB9EA14E6274A1FDE8482DA907A9B967E3D7EDD365BF132AD42 ] HBtnKey         C:\Windows\system32\DRIVERS\cpqbttn.sys
16:36:09.0594 0x0f54  HBtnKey - ok
16:36:09.0781 0x0f54  [ 7BE40BB4CD16D8760E18EA981FF452EC, D3F8378DFD5FBCE7FF7DFF068DF6ED7BE893767EC6107260B746E396A163D9C5 ] HdAudAddService C:\Windows\system32\drivers\CHDART.sys
16:36:11.0077 0x0f54  HdAudAddService - ok
16:36:11.0405 0x0f54  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
16:36:11.0982 0x0f54  HDAudBus - ok
16:36:12.0091 0x0f54  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
16:36:12.0294 0x0f54  HidBth - ok
16:36:12.0403 0x0f54  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
16:36:12.0590 0x0f54  HidIr - ok
16:36:12.0700 0x0f54  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\system32\hidserv.dll
16:36:12.0824 0x0f54  hidserv - ok
16:36:12.0918 0x0f54  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
16:36:13.0058 0x0f54  HidUsb - ok
16:36:13.0105 0x0f54  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:36:13.0292 0x0f54  hkmsvc - ok
16:36:13.0464 0x0f54  [ 0D26C438E2938A3E6BDD91173BC96FF0, 69FAB9328BC9B49F0A1A3758FDEC31E71C5ED0948D3F5D76992A2E15C2B96511 ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
16:36:13.0526 0x0f54  HP Health Check Service - detected UnsignedFile.Multi.Generic ( 1 )
16:36:16.0227 0x0f54  Detect skipped due to KSN trusted
16:36:16.0227 0x0f54  HP Health Check Service - ok
16:36:16.0305 0x0f54  [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
16:36:16.0399 0x0f54  HpCISSs - ok
16:36:16.0492 0x0f54  [ 1210960FF8928950D2A786895B0C424A, 22C8785E024CFDD3A43FAEAAA96B8332C37E9B6C765AB7AFBCD3DAA2DC9EFFC7 ] HpqKbFiltr      C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
16:36:16.0633 0x0f54  HpqKbFiltr - ok
16:36:16.0867 0x0f54  [ FDF273A845F1FFCCEADF363AAF47582F, 9BB99346A977225EF77261CD3CF4219A238EB06FFE2DB91D00A0037BDCFECEF1 ] hpqwmiex        C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
16:36:17.0413 0x0f54  hpqwmiex - ok
16:36:17.0818 0x0f54  [ 46D67209550973257601A533E2AC5785, 3C0D97781947BA8532344AA5D9F3B684761B5B3263A0A294F4593E76EE41DB0C ] HSFHWAZL        C:\Windows\system32\DRIVERS\VSTAZL3.SYS
16:36:19.0753 0x0f54  HSFHWAZL - ok
16:36:20.0611 0x0f54  [ CC267848CB3508E72762BE65734E764D, E7E39607A48E77544EE286EA678FC2ED8A6C20C9DCB8C901BC70140ECB2E7C2F ] HSF_DPV         C:\Windows\system32\DRIVERS\HSX_DPV.sys
16:36:21.0859 0x0f54  HSF_DPV - ok
16:36:22.0234 0x0f54  [ A2882945CC4B6E3E4E9E825590438888, C0B7E695BBFFB927A3A7122BCA41B454B27F285A0A380E82CEDF87CE573A5C60 ] HSXHWAZL        C:\Windows\system32\DRIVERS\HSXHWAZL.sys
16:36:22.0843 0x0f54  HSXHWAZL - ok
16:36:23.0420 0x0f54  [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:36:24.0169 0x0f54  HTTP - ok
16:36:24.0247 0x0f54  [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
16:36:24.0371 0x0f54  i2omp - ok
16:36:24.0559 0x0f54  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
16:36:24.0683 0x0f54  i8042prt - ok
16:36:24.0871 0x0f54  [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
16:36:25.0042 0x0f54  iaStorV - ok
16:36:25.0136 0x0f54  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
16:36:25.0183 0x0f54  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
16:36:35.0728 0x0f54  IDriverT ( UnsignedFile.Multi.Generic ) - warning
16:36:49.0691 0x0f54  [ 98477B08E61945F974ED9FDC4CB6BDAB, C7E8F661F6FBF6AB493E950D2E70363496E155B1838CE7B490B981BD840B04FC ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:36:50.0206 0x0f54  idsvc - ok
16:36:50.0409 0x0f54  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
16:36:50.0471 0x0f54  iirsp - ok
16:36:50.0643 0x0f54  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll
16:36:50.0970 0x0f54  IKEEXT - ok
16:36:51.0111 0x0f54  [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide        C:\Windows\system32\drivers\intelide.sys
16:36:51.0204 0x0f54  intelide - ok
16:36:51.0298 0x0f54  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
16:36:51.0485 0x0f54  intelppm - ok
16:36:51.0579 0x0f54  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:36:51.0735 0x0f54  IPBusEnum - ok
16:36:51.0782 0x0f54  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:36:52.0000 0x0f54  IpFilterDriver - ok
16:36:52.0125 0x0f54  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:36:52.0296 0x0f54  iphlpsvc - ok
16:36:52.0312 0x0f54  IpInIp - ok
16:36:52.0406 0x0f54  [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
16:36:52.0546 0x0f54  IPMIDRV - ok
16:36:52.0640 0x0f54  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
16:36:54.0231 0x0f54  IPNAT - ok
16:36:54.0278 0x0f54  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:36:54.0418 0x0f54  IRENUM - ok
16:36:54.0480 0x0f54  [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:36:54.0527 0x0f54  isapnp - ok
16:36:54.0652 0x0f54  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
16:36:54.0714 0x0f54  iScsiPrt - ok
16:36:54.0777 0x0f54  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
16:36:54.0933 0x0f54  iteatapi - ok
16:36:55.0120 0x0f54  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
16:36:55.0214 0x0f54  iteraid - ok
16:36:55.0338 0x0f54  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
16:36:55.0416 0x0f54  kbdclass - ok
16:36:55.0526 0x0f54  [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
16:36:55.0604 0x0f54  kbdhid - ok
16:36:55.0666 0x0f54  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe
16:36:55.0744 0x0f54  KeyIso - ok
16:36:55.0884 0x0f54  [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:36:55.0994 0x0f54  KSecDD - ok
16:36:56.0165 0x0f54  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:36:56.0415 0x0f54  KtmRm - ok
16:36:56.0493 0x0f54  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:36:56.0649 0x0f54  LanmanServer - ok
16:36:56.0820 0x0f54  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:36:57.0039 0x0f54  LanmanWorkstation - ok
16:36:57.0179 0x0f54  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:36:57.0273 0x0f54  lltdio - ok
16:36:57.0382 0x0f54  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:36:57.0554 0x0f54  lltdsvc - ok
16:36:57.0663 0x0f54  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:36:58.0037 0x0f54  lmhosts - ok
16:36:58.0193 0x0f54  [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
16:36:58.0334 0x0f54  LSI_FC - ok
16:36:58.0396 0x0f54  [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
16:36:58.0474 0x0f54  LSI_SAS - ok
16:36:58.0552 0x0f54  [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
16:36:58.0646 0x0f54  LSI_SCSI - ok
16:36:58.0692 0x0f54  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
16:36:58.0864 0x0f54  luafv - ok
16:36:58.0958 0x0f54  [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:36:59.0254 0x0f54  Mcx2Svc - ok
16:36:59.0332 0x0f54  [ 0CEA2D0D3FA284B85ED5B68365114F76, E6FF0EC98FDC3F628438B613C356C237E68686E3B5B17A58A60C16F4B9A2B968 ] mdmxsdk         C:\Windows\system32\DRIVERS\mdmxsdk.sys
16:36:59.0472 0x0f54  mdmxsdk - ok
16:36:59.0566 0x0f54  [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas         C:\Windows\system32\drivers\megasas.sys
16:36:59.0706 0x0f54  megasas - ok
16:36:59.0972 0x0f54  [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
16:37:00.0268 0x0f54  MegaSR - ok
16:37:00.0393 0x0f54  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
16:37:00.0580 0x0f54  MMCSS - ok
16:37:00.0720 0x0f54  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
16:37:00.0861 0x0f54  Modem - ok
16:37:01.0142 0x0f54  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:37:01.0329 0x0f54  monitor - ok
16:37:01.0422 0x0f54  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:37:01.0578 0x0f54  mouclass - ok
16:37:01.0625 0x0f54  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:37:01.0750 0x0f54  mouhid - ok
16:37:01.0890 0x0f54  [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
16:37:02.0015 0x0f54  MountMgr - ok
16:37:02.0140 0x0f54  [ 26EA1DAD601EE3ACAC301D66F07BA219, C9594BB15D53D4AC2156CCCD2DB65B2C20620F1F60DA85F48D1586FC10028096 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:37:02.0265 0x0f54  MozillaMaintenance - ok
16:37:02.0390 0x0f54  [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:37:02.0436 0x0f54  mpio - ok
16:37:02.0483 0x0f54  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:37:02.0608 0x0f54  mpsdrv - ok
16:37:02.0858 0x0f54  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:37:03.0294 0x0f54  MpsSvc - ok
16:37:03.0404 0x0f54  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
16:37:03.0466 0x0f54  Mraid35x - ok
16:37:03.0575 0x0f54  [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:37:03.0716 0x0f54  MRxDAV - ok
16:37:03.0809 0x0f54  [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:37:03.0996 0x0f54  mrxsmb - ok
16:37:04.0184 0x0f54  [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:37:04.0496 0x0f54  mrxsmb10 - ok
16:37:04.0574 0x0f54  [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:37:04.0714 0x0f54  mrxsmb20 - ok
16:37:04.0777 0x0f54  [ 28023E86F17001F7CD9B15A5BC9AE07D, FC7EAA592C5F796E3BCD7F7EF261709CD899B33FC8486E594A480F143D0D6320 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:37:04.0871 0x0f54  msahci - ok
16:37:04.0965 0x0f54  [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:37:05.0027 0x0f54  msdsm - ok
16:37:05.0261 0x0f54  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
16:37:06.0369 0x0f54  MSDTC - ok
16:37:06.0478 0x0f54  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:37:06.0743 0x0f54  Msfs - ok
16:37:06.0868 0x0f54  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:37:06.0930 0x0f54  msisadrv - ok
16:37:07.0055 0x0f54  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:37:07.0227 0x0f54  MSiSCSI - ok
16:37:07.0228 0x0f54  msiserver - ok
16:37:07.0352 0x0f54  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:37:07.0524 0x0f54  MSKSSRV - ok
16:37:07.0602 0x0f54  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:37:07.0711 0x0f54  MSPCLOCK - ok
16:37:07.0758 0x0f54  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:37:07.0883 0x0f54  MSPQM - ok
16:37:07.0976 0x0f54  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:37:08.0148 0x0f54  MsRPC - ok
16:37:08.0242 0x0f54  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
16:37:08.0321 0x0f54  mssmbios - ok
16:37:08.0352 0x0f54  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:37:08.0586 0x0f54  MSTEE - ok
16:37:08.0648 0x0f54  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
16:37:08.0726 0x0f54  Mup - ok
16:37:08.0867 0x0f54  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
16:37:09.0288 0x0f54  napagent - ok
16:37:09.0444 0x0f54  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:37:09.0647 0x0f54  NativeWifiP - ok
16:37:09.0865 0x0f54  [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:37:10.0177 0x0f54  NDIS - ok
16:37:10.0286 0x0f54  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:37:10.0364 0x0f54  NdisTapi - ok
16:37:10.0411 0x0f54  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:37:10.0520 0x0f54  Ndisuio - ok
16:37:10.0598 0x0f54  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:37:10.0754 0x0f54  NdisWan - ok
16:37:10.0817 0x0f54  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:37:10.0941 0x0f54  NDProxy - ok
16:37:10.0988 0x0f54  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:37:11.0129 0x0f54  NetBIOS - ok
16:37:11.0238 0x0f54  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
16:37:11.0378 0x0f54  netbt - ok
16:37:11.0409 0x0f54  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe
16:37:11.0472 0x0f54  Netlogon - ok
16:37:11.0737 0x0f54  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
16:37:12.0065 0x0f54  Netman - ok
16:37:12.0205 0x0f54  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:37:12.0486 0x0f54  NetMsmqActivator - ok
16:37:12.0626 0x0f54  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:37:12.0720 0x0f54  NetPipeActivator - ok
16:37:12.0829 0x0f54  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
16:37:13.0125 0x0f54  netprofm - ok
16:37:13.0203 0x0f54  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:37:13.0313 0x0f54  NetTcpActivator - ok
16:37:13.0391 0x0f54  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:37:13.0453 0x0f54  NetTcpPortSharing - ok
16:37:13.0515 0x0f54  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
16:37:13.0562 0x0f54  nfrd960 - ok
16:37:13.0656 0x0f54  [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:37:13.0905 0x0f54  NlaSvc - ok
16:37:13.0999 0x0f54  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:37:14.0077 0x0f54  Npfs - ok
16:37:14.0108 0x0f54  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
16:37:14.0202 0x0f54  nsi - ok
16:37:14.0311 0x0f54  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:37:14.0420 0x0f54  nsiproxy - ok
16:37:14.0701 0x0f54  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:37:15.0419 0x0f54  Ntfs - ok
16:37:15.0481 0x0f54  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
16:37:15.0668 0x0f54  ntrigdigi - ok
16:37:15.0684 0x0f54  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
16:37:15.0855 0x0f54  Null - ok
16:37:16.0261 0x0f54  [ D958A2B5F6AD5C3B8CCDC4D7DA62466C, 574DC2C4C1C46E3B6F53E0A14E0595493E73EEE03EA1FF9DD1D3266B414B9941 ] NVENETFD        C:\Windows\system32\DRIVERS\nvmfdx32.sys
16:37:16.0698 0x0f54  NVENETFD - ok
16:37:18.0273 0x0f54  [ D65BC32C1795191B7F2B028351AB4FE2, 16A345F3A0AC24EED2E55A47C0011CD4EB793EC3C81B2B36D8EAD9C60C949353 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:37:22.0298 0x0f54  nvlddmkm - ok
16:37:22.0563 0x0f54  [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:37:22.0641 0x0f54  nvraid - ok
16:37:22.0735 0x0f54  [ 9AEBC32F9D6E02EBEE0369AB296FE7C8, 4B13E58E93856C6FFDE971593E0FAACDEEF56C9463FA6EB654312A71D10DF042 ] nvsmu           C:\Windows\system32\DRIVERS\nvsmu.sys
16:37:22.0829 0x0f54  nvsmu - ok
16:37:22.0907 0x0f54  [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:37:22.0938 0x0f54  nvstor - ok
16:37:23.0063 0x0f54  [ A8C043670699C956D56B9F1F3DAEFC98, 1D951638546C426737872C1A64A11597DD02A736CEEE789024968437DAD2FC94 ] nvsvc           C:\Windows\system32\nvvsvc.exe
16:37:23.0219 0x0f54  nvsvc - ok
16:37:23.0297 0x0f54  [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:37:23.0359 0x0f54  nv_agp - ok
16:37:23.0406 0x0f54  NwlnkFlt - ok
16:37:23.0437 0x0f54  NwlnkFwd - ok
16:37:23.0609 0x0f54  [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:37:23.0780 0x0f54  odserv - ok
16:37:23.0843 0x0f54  [ BE32DA025A0BE1878F0EE8D6D9386CD5, B9D6CB4626FC67D108D713467C9ED8D0E2A071D98621B5531AD9D0C172FE7B89 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:37:24.0014 0x0f54  ohci1394 - ok
16:37:24.0123 0x0f54  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:37:24.0170 0x0f54  ose - ok
16:37:24.0342 0x0f54  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
16:37:24.0513 0x0f54  p2pimsvc - ok
16:37:24.0716 0x0f54  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
16:37:24.0841 0x0f54  p2psvc - ok
16:37:24.0903 0x0f54  [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport         C:\Windows\system32\drivers\parport.sys
16:37:25.0059 0x0f54  Parport - ok
16:37:25.0122 0x0f54  [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:37:25.0184 0x0f54  partmgr - ok
16:37:25.0247 0x0f54  [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
16:37:25.0449 0x0f54  Parvdm - ok
16:37:25.0574 0x0f54  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:37:25.0964 0x0f54  PcaSvc - ok
16:37:26.0058 0x0f54  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
16:37:26.0151 0x0f54  pci - ok
16:37:26.0261 0x0f54  [ 1636D43F10416AEB483BC6001097B26C, 36E61A993693A46538FE0F726D67BB28886F61D53384AD600D1282296A27662E ] pciide          C:\Windows\system32\drivers\pciide.sys
16:37:26.0323 0x0f54  pciide - ok
16:37:26.0448 0x0f54  [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
16:37:26.0510 0x0f54  pcmcia - ok
16:37:26.0775 0x0f54  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:37:27.0509 0x0f54  PEAUTH - ok
16:37:28.0179 0x0f54  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
16:37:28.0803 0x0f54  pla - ok
16:37:28.0913 0x0f54  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:37:29.0084 0x0f54  PlugPlay - ok
16:37:29.0225 0x0f54  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
16:37:29.0911 0x0f54  PNRPAutoReg - ok
16:37:30.0176 0x0f54  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
16:37:30.0410 0x0f54  PNRPsvc - ok
16:37:30.0597 0x0f54  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:37:31.0315 0x0f54  PolicyAgent - ok
16:37:31.0549 0x0f54  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:37:32.0001 0x0f54  PptpMiniport - ok
16:37:32.0173 0x0f54  [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor       C:\Windows\system32\drivers\processr.sys
16:37:32.0454 0x0f54  Processor - ok
16:37:32.0766 0x0f54  [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc         C:\Windows\system32\profsvc.dll
16:37:32.0953 0x0f54  ProfSvc - ok
16:37:32.0984 0x0f54  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
16:37:33.0047 0x0f54  ProtectedStorage - ok
16:37:33.0140 0x0f54  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
16:37:33.0281 0x0f54  PSched - ok
16:37:33.0686 0x0f54  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300          C:\Windows\system32\drivers\ql2300.sys
16:37:34.0544 0x0f54  ql2300 - ok
16:37:34.0591 0x0f54  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
16:37:34.0716 0x0f54  ql40xx - ok
16:37:34.0856 0x0f54  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
16:37:34.0997 0x0f54  QWAVE - ok
16:37:35.0028 0x0f54  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:37:35.0137 0x0f54  QWAVEdrv - ok
16:37:35.0231 0x0f54  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:37:35.0324 0x0f54  RasAcd - ok
16:37:35.0371 0x0f54  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
16:37:35.0511 0x0f54  RasAuto - ok
16:37:35.0558 0x0f54  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:37:35.0823 0x0f54  Rasl2tp - ok
16:37:36.0026 0x0f54  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
16:37:36.0167 0x0f54  RasMan - ok
16:37:36.0245 0x0f54  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:37:36.0354 0x0f54  RasPppoe - ok
16:37:36.0416 0x0f54  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:37:36.0510 0x0f54  RasSstp - ok
16:37:36.0619 0x0f54  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:37:36.0744 0x0f54  rdbss - ok
16:37:36.0806 0x0f54  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:37:36.0915 0x0f54  RDPCDD - ok
16:37:36.0993 0x0f54  [ FBC0BACD9C3D7F6956853F64A66E252D, 7672B10C7039295B152C02C96903E869FF2C0A88A2C3FA89BAE9F1D593B43569 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
16:37:37.0165 0x0f54  rdpdr - ok
16:37:37.0352 0x0f54  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:37:37.0477 0x0f54  RDPENCDD - ok
16:37:37.0664 0x0f54  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:37:37.0773 0x0f54  RDPWD - ok
16:37:37.0851 0x0f54  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:37:37.0992 0x0f54  RemoteAccess - ok
16:37:38.0085 0x0f54  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:37:38.0210 0x0f54  RemoteRegistry - ok
16:37:38.0366 0x0f54  [ 17E0BEF5CA5C9CE52CC8082AC6EBC449, F05A32DA0A62144AAE78A3A9173F21F52FAED4E39F9250B3E1B11066760B2576 ] RichVideo       C:\Program Files\CyberLink\Shared Files\RichVideo.exe
16:37:38.0475 0x0f54  RichVideo - ok
16:37:38.0569 0x0f54  [ C35CA13D3627EBD9DD12A23CE781BC3D, 2EFB90D13A0203CA7680ABC45618A0F6FD89DA49913D689C88C5EF5D7A0E2B45 ] rimmptsk        C:\Windows\system32\DRIVERS\rimmptsk.sys
16:37:38.0678 0x0f54  rimmptsk - ok
16:37:38.0756 0x0f54  [ C398BCA91216755B098679A8DA8A2300, 1FDDC3D927509AB10C3B0B7900DCE78DEC6B1C3CAE80F78EFCFBB628673B2143 ] rimsptsk        C:\Windows\system32\DRIVERS\rimsptsk.sys
16:37:38.0928 0x0f54  rimsptsk - ok
16:37:38.0959 0x0f54  [ 2A2554CB24506E0A0508FC395C4A1B42, B989AE65727C971D508E7284707258FCCC9213B510F4C2A257D3069A3DABE20B ] rismxdp         C:\Windows\system32\DRIVERS\rixdptsk.sys
16:37:39.0068 0x0f54  rismxdp - ok
16:37:39.0131 0x0f54  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
16:37:39.0302 0x0f54  RpcLocator - ok
16:37:39.0380 0x0f54  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll
16:37:39.0864 0x0f54  RpcSs - ok
16:37:39.0942 0x0f54  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:37:40.0035 0x0f54  rspndr - ok
16:37:40.0082 0x0f54  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe
16:37:40.0285 0x0f54  SamSs - ok
16:37:40.0379 0x0f54  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:37:40.0441 0x0f54  sbp2port - ok
16:37:40.0472 0x0f54  SBRE - ok
16:37:40.0581 0x0f54  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:37:40.0675 0x0f54  SCardSvr - ok
16:37:40.0831 0x0f54  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule        C:\Windows\system32\schedsvc.dll
16:37:41.0081 0x0f54  Schedule - ok
16:37:41.0112 0x0f54  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:37:41.0190 0x0f54  SCPolicySvc - ok
16:37:41.0283 0x0f54  [ 8F36B54688C31EED4580129040C6A3D3, DC150689CBAEEC94B9DE0CA6A633FAD16CDDDC452521232E0C2A44BAE61E08D9 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
16:37:41.0393 0x0f54  sdbus - ok
16:37:41.0471 0x0f54  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:37:41.0564 0x0f54  SDRSVC - ok
16:37:41.0642 0x0f54  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:37:41.0861 0x0f54  secdrv - ok
16:37:41.0985 0x0f54  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
16:37:42.0110 0x0f54  seclogon - ok
16:37:42.0173 0x0f54  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\System32\sens.dll
16:37:42.0297 0x0f54  SENS - ok
16:37:42.0360 0x0f54  [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum         C:\Windows\system32\drivers\serenum.sys
16:37:42.0594 0x0f54  Serenum - ok
16:37:42.0672 0x0f54  [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial          C:\Windows\system32\drivers\serial.sys
16:37:42.0890 0x0f54  Serial - ok
16:37:42.0968 0x0f54  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
16:37:43.0077 0x0f54  sermouse - ok
16:37:43.0202 0x0f54  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
16:37:43.0389 0x0f54  SessionEnv - ok
16:37:43.0483 0x0f54  [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:37:43.0545 0x0f54  sffdisk - ok
16:37:43.0608 0x0f54  [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:37:43.0717 0x0f54  sffp_mmc - ok
16:37:43.0764 0x0f54  [ 3D0EA348784B7AC9EA9BD9F317980979, 2500CE188C9B71C50E966FA575303AEFE50934E376C530AECEC7C7533C15EF08 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:37:43.0873 0x0f54  sffp_sd - ok
16:37:43.0920 0x0f54  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
16:37:44.0107 0x0f54  sfloppy - ok
16:37:44.0466 0x0f54  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:37:44.0793 0x0f54  SharedAccess - ok
16:37:44.0949 0x0f54  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:37:45.0090 0x0f54  ShellHWDetection - ok
16:37:45.0215 0x0f54  [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
16:37:45.0308 0x0f54  sisagp - ok
16:37:45.0371 0x0f54  [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
16:37:45.0417 0x0f54  SiSRaid2 - ok
16:37:45.0464 0x0f54  [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
16:37:45.0511 0x0f54  SiSRaid4 - ok
16:37:46.0494 0x0f54  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
16:37:47.0227 0x0f54  slsvc - ok
16:37:47.0367 0x0f54  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
16:37:47.0477 0x0f54  SLUINotify - ok
16:37:47.0555 0x0f54  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:37:47.0664 0x0f54  Smb - ok
16:37:47.0742 0x0f54  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:37:47.0835 0x0f54  SNMPTRAP - ok
16:37:47.0867 0x0f54  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:37:47.0913 0x0f54  spldr - ok
16:37:48.0007 0x0f54  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
16:37:48.0116 0x0f54  Spooler - ok
16:37:48.0210 0x0f54  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:37:48.0335 0x0f54  srv - ok
16:37:48.0413 0x0f54  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:37:48.0522 0x0f54  srv2 - ok
16:37:48.0584 0x0f54  [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:37:48.0662 0x0f54  srvnet - ok
16:37:48.0771 0x0f54  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:37:49.0068 0x0f54  SSDPSRV - ok
16:37:49.0146 0x0f54  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:37:49.0224 0x0f54  SstpSvc - ok
16:37:49.0427 0x0f54  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
16:37:49.0598 0x0f54  stisvc - ok
16:37:49.0661 0x0f54  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
16:37:49.0707 0x0f54  swenum - ok
16:37:49.0801 0x0f54  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
16:37:50.0066 0x0f54  swprv - ok
16:37:50.0129 0x0f54  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
16:37:50.0300 0x0f54  Symc8xx - ok
16:37:50.0316 0x0f54  SymIM - ok
16:37:50.0347 0x0f54  SymIMMP - ok
16:37:50.0441 0x0f54  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
16:37:50.0487 0x0f54  Sym_hi - ok
16:37:50.0737 0x0f54  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
16:37:50.0784 0x0f54  Sym_u3 - ok
16:37:51.0080 0x0f54  [ 6DD49E1A5FA0F01824652F1A0A8866FB, E8839AF50AAA06A51A24004D26562694286DF638C7F86AB8408E496A7FEE52A4 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
16:37:51.0174 0x0f54  SynTP - ok
16:37:51.0470 0x0f54  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
16:37:51.0657 0x0f54  SysMain - ok
16:37:51.0938 0x0f54  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:37:52.0313 0x0f54  TabletInputService - ok
16:37:52.0469 0x0f54  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:37:52.0593 0x0f54  TapiSrv - ok
16:37:52.0656 0x0f54  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
16:37:52.0796 0x0f54  TBS - ok
16:37:53.0108 0x0f54  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:37:53.0451 0x0f54  Tcpip - ok
16:37:53.0592 0x0f54  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
16:37:53.0810 0x0f54  Tcpip6 - ok
16:37:53.0888 0x0f54  [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:37:54.0075 0x0f54  tcpipreg - ok
16:37:54.0138 0x0f54  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:37:54.0263 0x0f54  TDPIPE - ok
16:37:54.0325 0x0f54  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:37:54.0434 0x0f54  TDTCP - ok
16:37:54.0497 0x0f54  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:37:54.0637 0x0f54  tdx - ok
16:37:54.0684 0x0f54  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
16:37:54.0731 0x0f54  TermDD - ok
16:37:54.0949 0x0f54  [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService     C:\Windows\System32\termsrv.dll
16:37:55.0152 0x0f54  TermService - ok
16:37:55.0230 0x0f54  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
16:37:55.0323 0x0f54  Themes - ok
16:37:55.0355 0x0f54  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
16:37:55.0448 0x0f54  THREADORDER - ok
16:37:55.0557 0x0f54  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
16:37:55.0667 0x0f54  TrkWks - ok
16:37:55.0791 0x0f54  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:37:55.0916 0x0f54  TrustedInstaller - ok
16:37:56.0072 0x0f54  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:37:56.0244 0x0f54  tssecsrv - ok
16:37:56.0306 0x0f54  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
16:37:56.0400 0x0f54  tunmp - ok
16:37:56.0478 0x0f54  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:37:56.0556 0x0f54  tunnel - ok
16:37:56.0618 0x0f54  [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
16:37:56.0681 0x0f54  uagp35 - ok
16:37:56.0790 0x0f54  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:37:56.0915 0x0f54  udfs - ok
16:37:57.0039 0x0f54  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:37:57.0180 0x0f54  UI0Detect - ok
16:37:57.0242 0x0f54  [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:37:57.0273 0x0f54  uliagpkx - ok
16:37:57.0383 0x0f54  [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
16:37:57.0461 0x0f54  uliahci - ok
16:37:57.0523 0x0f54  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
16:37:57.0601 0x0f54  UlSata - ok
16:37:57.0663 0x0f54  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
16:37:57.0741 0x0f54  ulsata2 - ok
16:37:57.0788 0x0f54  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
16:37:57.0882 0x0f54  umbus - ok
16:37:57.0975 0x0f54  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
16:37:58.0288 0x0f54  upnphost - ok
16:37:58.0398 0x0f54  [ 83CAFCB53201BBAC04D822F32438E244, E3F6FDE4D429FB630B19417DD9752A2CE9F6C9FD58918D714B5438A3D4136853 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
16:37:58.0756 0x0f54  USBAAPL - ok
16:37:58.0819 0x0f54  [ CAF811AE4C147FFCD5B51750C7F09142, BD670CF88D8F932AD1C6BA91FB68A7204BC473657C6A057C92AFB84D164D393C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:37:58.0928 0x0f54  usbccgp - ok
16:37:59.0022 0x0f54  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:37:59.0178 0x0f54  usbcir - ok
16:37:59.0240 0x0f54  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
16:37:59.0302 0x0f54  usbehci - ok
16:37:59.0412 0x0f54  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:37:59.0536 0x0f54  usbhub - ok
16:37:59.0630 0x0f54  [ D457EBD0C3A8B3A3A144355B5EE91CBC, 6AD52BDBB1607A48F0B02E663B97C3A00E3345B1B12C259608A5AE728C1C06B2 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
16:37:59.0724 0x0f54  usbohci - ok
16:37:59.0802 0x0f54  [ B51E52ACF758BE00EF3A58EA452FE360, 79E629EC5DE8AB7F31B0EE9AE94C71E8F703FED5C09A816228726974F7790C85 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
16:37:59.0942 0x0f54  usbprint - ok
16:38:00.0020 0x0f54  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:38:00.0114 0x0f54  USBSTOR - ok
16:38:00.0176 0x0f54  [ 814D653EFC4D48BE3B04A307ECEFF56F, D73D62F51AEFE2F8F2B938B20107C246F2AC2F62ED49112DBD092A5D2E4024B3 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
16:38:00.0285 0x0f54  usbuhci - ok
16:38:00.0379 0x0f54  [ E67998E8F14CB0627A769F6530BCB352, 60982F168E9BF13954328C728F55F4D3ADDC572CACB65289B0E895A63DAA08C1 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
16:38:00.0488 0x0f54  usbvideo - ok
16:38:00.0613 0x0f54  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
16:38:00.0706 0x0f54  UxSms - ok
16:38:01.0003 0x0f54  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
16:38:01.0252 0x0f54  vds - ok
16:38:01.0330 0x0f54  [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:38:01.0424 0x0f54  vga - ok
16:38:01.0471 0x0f54  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:38:01.0611 0x0f54  VgaSave - ok
16:38:01.0720 0x0f54  [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
16:38:01.0798 0x0f54  viaagp - ok
16:38:01.0845 0x0f54  [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
16:38:01.0986 0x0f54  ViaC7 - ok
16:38:02.0064 0x0f54  [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C1B76F0F994E06D ] viaide          C:\Windows\system32\drivers\viaide.sys
16:38:02.0142 0x0f54  viaide - ok
16:38:02.0173 0x0f54  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:38:02.0220 0x0f54  volmgr - ok
16:38:02.0469 0x0f54  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:38:02.0719 0x0f54  volmgrx - ok
16:38:02.0875 0x0f54  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:38:03.0093 0x0f54  volsnap - ok
16:38:03.0187 0x0f54  [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
16:38:03.0249 0x0f54  vsmraid - ok
16:38:03.0577 0x0f54  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
16:38:03.0858 0x0f54  VSS - ok
16:38:04.0060 0x0f54  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
16:38:04.0216 0x0f54  W32Time - ok
16:38:04.0294 0x0f54  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
16:38:04.0435 0x0f54  WacomPen - ok
16:38:04.0482 0x0f54  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
16:38:04.0560 0x0f54  Wanarp - ok
16:38:04.0591 0x0f54  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:38:04.0653 0x0f54  Wanarpv6 - ok
16:38:04.0918 0x0f54  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:38:05.0074 0x0f54  wcncsvc - ok
16:38:05.0184 0x0f54  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:38:05.0324 0x0f54  WcsPlugInService - ok
16:38:05.0371 0x0f54  [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd              C:\Windows\system32\drivers\wd.sys
16:38:05.0433 0x0f54  Wd - ok
16:38:05.0652 0x0f54  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:38:05.0948 0x0f54  Wdf01000 - ok
16:38:05.0995 0x0f54  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:38:06.0135 0x0f54  WdiServiceHost - ok
16:38:06.0182 0x0f54  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:38:06.0276 0x0f54  WdiSystemHost - ok
16:38:06.0432 0x0f54  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient       C:\Windows\System32\webclnt.dll
16:38:06.0572 0x0f54  WebClient - ok
16:38:06.0681 0x0f54  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:38:06.0822 0x0f54  Wecsvc - ok
16:38:06.0884 0x0f54  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:38:07.0024 0x0f54  wercplsupport - ok
16:38:07.0102 0x0f54  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:38:07.0196 0x0f54  WerSvc - ok
16:38:07.0555 0x0f54  [ 0ACD399F5DB3DF1B58903CF4949AB5A8, F8FA0A8F631AA8F34A0506F1E5E09DFB6CDA1E9E92207A73A74F1A0E7768C49A ] winachsf        C:\Windows\system32\DRIVERS\HSX_CNXT.sys
16:38:07.0804 0x0f54  winachsf - ok
16:38:08.0023 0x0f54  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
16:38:08.0101 0x0f54  WinDefend - ok
16:38:08.0132 0x0f54  WinHttpAutoProxySvc - ok
16:38:08.0320 0x0f54  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:38:08.0461 0x0f54  Winmgmt - ok
16:38:08.0663 0x0f54  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
16:38:08.0929 0x0f54  WinRM - ok
16:38:09.0194 0x0f54  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:38:09.0398 0x0f54  Wlansvc - ok
16:38:09.0897 0x0f54  [ 5144AE67D60EC653F97DDF3FEED29E77, F6238767284B2356A9F502E2ACCFAAC283FA13CBF238E98B5115A55179526B10 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:38:10.0131 0x0f54  wlidsvc - ok
16:38:10.0193 0x0f54  [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
16:38:10.0256 0x0f54  WmiAcpi - ok
16:38:10.0365 0x0f54  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:38:10.0474 0x0f54  wmiApSrv - ok
16:38:10.0864 0x0f54  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
16:38:11.0129 0x0f54  WMPNetworkSvc - ok
16:38:11.0270 0x0f54  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:38:11.0410 0x0f54  WPCSvc - ok
16:38:11.0472 0x0f54  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:38:11.0566 0x0f54  WPDBusEnum - ok
16:38:11.0628 0x0f54  [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
16:38:11.0675 0x0f54  WpdUsb - ok
16:38:12.0034 0x0f54  [ F8D3544ACBCE9110362119F7C10D848E, 31C49201A931751A36286874AC0B929D886F490D7CE48CCC9283850A56AD9FD9 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
16:38:12.0206 0x0f54  WPFFontCache_v0400 - ok
16:38:12.0268 0x0f54  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:38:12.0362 0x0f54  ws2ifsl - ok
16:38:12.0440 0x0f54  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\System32\wscsvc.dll
16:38:12.0549 0x0f54  wscsvc - ok
16:38:12.0580 0x0f54  WSearch - ok
16:38:13.0329 0x0f54  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:38:14.0702 0x0f54  wuauserv - ok
16:38:14.0795 0x0f54  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:38:14.0873 0x0f54  WudfPf - ok
16:38:14.0967 0x0f54  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:38:15.0060 0x0f54  WUDFRd - ok
16:38:15.0123 0x0f54  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:38:15.0185 0x0f54  wudfsvc - ok
16:38:15.0248 0x0f54  [ DAB33CFA9DD24251AAA389FF36B64D4B, 1C5D7C3D6C3552BDD52EB7E76031746D7DAAF64CA2432CC23329DA72BE7252D0 ] XAudio          C:\Windows\system32\DRIVERS\xaudio.sys
16:38:15.0310 0x0f54  XAudio - ok
16:38:15.0466 0x0f54  [ CD5F291A1161F15896D1A4D63DAFF5DF, 4F30DC454F255249431FCD14DE17858A79A088A4084F2CEDD0CF25382D427285 ] XAudioService   C:\Windows\system32\DRIVERS\xaudio.exe
16:38:15.0575 0x0f54  XAudioService - ok
16:38:15.0622 0x0f54  ================ Scan global ===============================
16:38:15.0716 0x0f54  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
16:38:15.0872 0x0f54  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
16:38:15.0996 0x0f54  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
16:38:16.0121 0x0f54  [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
16:38:16.0184 0x0f54  [ Global ] - ok
16:38:16.0184 0x0f54  ================ Scan MBR ==================================
16:38:16.0215 0x0f54  [ 1A1A06F62E891045814007163C1C76C3 ] \Device\Harddisk0\DR0
16:38:16.0262 0x0f54  \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b ( 0 )
16:38:16.0262 0x0f54  \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected
16:38:30.0333 0x0f54  \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
16:38:30.0333 0x0f54  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
16:38:32.0907 0x0f54  ================ Scan VBR ==================================
16:38:32.0938 0x0f54  [ F08906BD05CC304C90B6EF3E43884D79 ] \Device\Harddisk0\DR0\Partition1
16:38:32.0969 0x0f54  \Device\Harddisk0\DR0\Partition1 - ok
16:38:33.0016 0x0f54  [ 19AF96B62BCDCFCF596EF49795D085C1 ] \Device\Harddisk0\DR0\Partition2
16:38:33.0016 0x0f54  \Device\Harddisk0\DR0\Partition2 - ok
16:38:33.0016 0x0f54  ================ Scan active images ========================
16:38:33.0032 0x0f54  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] C:\WINDOWS\System32\drivers\atapi.sys
16:38:33.0032 0x0f54  C:\WINDOWS\System32\drivers\atapi.sys - ok
16:38:33.0047 0x0f54  [ 36975327EF03949CC378AB01E316B574, C64CEF47DE41486F4532B9A38EBB05F2043B1A84762B8A4749BB01573B7F8FB5 ] C:\WINDOWS\System32\drivers\crashdmp.sys
16:38:33.0047 0x0f54  C:\WINDOWS\System32\drivers\crashdmp.sys - ok
16:38:33.0078 0x0f54  [ C67EBF9C05531C406E1E079FF669A2E6, 5B457E9C981CB0FEB4A5C9FFA16412D129186CB090127FC517B827BC530CBBE3 ] C:\WINDOWS\System32\drivers\Dumpata.sys
16:38:33.0078 0x0f54  C:\WINDOWS\System32\drivers\Dumpata.sys - ok
16:38:33.0094 0x0f54  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] C:\WINDOWS\System32\drivers\tunnel.sys
16:38:33.0094 0x0f54  C:\WINDOWS\System32\drivers\tunnel.sys - ok
16:38:33.0125 0x0f54  [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] C:\WINDOWS\System32\drivers\amdk8.sys
16:38:33.0125 0x0f54  C:\WINDOWS\System32\drivers\amdk8.sys - ok
16:38:33.0125 0x0f54  [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] C:\WINDOWS\System32\drivers\CmBatt.sys
16:38:33.0125 0x0f54  C:\WINDOWS\System32\drivers\CmBatt.sys - ok
16:38:33.0156 0x0f54  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] C:\WINDOWS\System32\drivers\TUNMP.SYS
16:38:33.0156 0x0f54  C:\WINDOWS\System32\drivers\TUNMP.SYS - ok
16:38:33.0172 0x0f54  [ 93AEE3434935FC2F805FEFD8DC5ED1B4, EF4A76725B76FFB9EA14E6274A1FDE8482DA907A9B967E3D7EDD365BF132AD42 ] C:\WINDOWS\System32\drivers\CPQBTTN.sys
16:38:33.0172 0x0f54  C:\WINDOWS\System32\drivers\CPQBTTN.sys - ok
16:38:33.0203 0x0f54  [ 5961CADB7CAD938368D2028725EF771D, F688F8FF3B2F104295B779749977779BAAF79392965A92B33074B6088168DB46 ] C:\WINDOWS\System32\drivers\hidclass.sys
16:38:33.0203 0x0f54  C:\WINDOWS\System32\drivers\hidclass.sys - ok
16:38:33.0219 0x0f54  [ BE4AD4045D7A6C6AF4ECCBD5F6B7F8D8, 980EB88D5B52AA1E9BE7FC7B92BFF02578DD643928A1B14488F0729F0B762EEE ] C:\WINDOWS\System32\drivers\hidparse.sys
16:38:33.0219 0x0f54  C:\WINDOWS\System32\drivers\hidparse.sys - ok
16:38:33.0234 0x0f54  [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] C:\WINDOWS\System32\drivers\wmiacpi.sys
16:38:33.0234 0x0f54  C:\WINDOWS\System32\drivers\wmiacpi.sys - ok
16:38:33.0266 0x0f54  [ 9AEBC32F9D6E02EBEE0369AB296FE7C8, 4B13E58E93856C6FFDE971593E0FAACDEEF56C9463FA6EB654312A71D10DF042 ] C:\WINDOWS\System32\drivers\nvsmu.sys
16:38:33.0266 0x0f54  C:\WINDOWS\System32\drivers\nvsmu.sys - ok
16:38:33.0281 0x0f54  [ B09C74A41F26B08149707EA5E7F956C2, E6ECA1E437E5390A3A43DAA5E1B5C384D70C114707CA34018DB1A6AE37219E9B ] C:\WINDOWS\System32\drivers\usbport.sys
16:38:33.0281 0x0f54  C:\WINDOWS\System32\drivers\usbport.sys - ok
16:38:33.0312 0x0f54  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] C:\WINDOWS\System32\drivers\cdrom.sys
16:38:33.0312 0x0f54  C:\WINDOWS\System32\drivers\cdrom.sys - ok
16:38:33.0328 0x0f54  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] C:\WINDOWS\System32\drivers\usbehci.sys
16:38:33.0328 0x0f54  C:\WINDOWS\System32\drivers\usbehci.sys - ok
16:38:33.0359 0x0f54  [ D457EBD0C3A8B3A3A144355B5EE91CBC, 6AD52BDBB1607A48F0B02E663B97C3A00E3345B1B12C259608A5AE728C1C06B2 ] C:\WINDOWS\System32\drivers\usbohci.sys
16:38:33.0359 0x0f54  C:\WINDOWS\System32\drivers\usbohci.sys - ok
16:38:33.0375 0x0f54  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] C:\WINDOWS\System32\drivers\hdaudbus.sys
16:38:33.0375 0x0f54  C:\WINDOWS\System32\drivers\hdaudbus.sys - ok
16:38:33.0406 0x0f54  [ C35CA13D3627EBD9DD12A23CE781BC3D, 2EFB90D13A0203CA7680ABC45618A0F6FD89DA49913D689C88C5EF5D7A0E2B45 ] C:\WINDOWS\System32\drivers\rimmptsk.sys
16:38:33.0406 0x0f54  C:\WINDOWS\System32\drivers\rimmptsk.sys - ok
16:38:33.0422 0x0f54  [ 8F36B54688C31EED4580129040C6A3D3, DC150689CBAEEC94B9DE0CA6A633FAD16CDDDC452521232E0C2A44BAE61E08D9 ] C:\WINDOWS\System32\drivers\sdbus.sys
16:38:33.0422 0x0f54  C:\WINDOWS\System32\drivers\sdbus.sys - ok
16:38:33.0453 0x0f54  [ C398BCA91216755B098679A8DA8A2300, 1FDDC3D927509AB10C3B0B7900DCE78DEC6B1C3CAE80F78EFCFBB628673B2143 ] C:\WINDOWS\System32\drivers\rimsptsk.sys
16:38:33.0453 0x0f54  C:\WINDOWS\System32\drivers\rimsptsk.sys - ok
16:38:33.0468 0x0f54  [ 2A2554CB24506E0A0508FC395C4A1B42, B989AE65727C971D508E7284707258FCCC9213B510F4C2A257D3069A3DABE20B ] C:\WINDOWS\System32\drivers\rixdptsk.sys
16:38:33.0468 0x0f54  C:\WINDOWS\System32\drivers\rixdptsk.sys - ok
16:38:33.0500 0x0f54  [ D958A2B5F6AD5C3B8CCDC4D7DA62466C, 574DC2C4C1C46E3B6F53E0A14E0595493E73EEE03EA1FF9DD1D3266B414B9941 ] C:\WINDOWS\System32\drivers\nvmfdx32.sys
16:38:33.0500 0x0f54  C:\WINDOWS\System32\drivers\nvmfdx32.sys - ok
16:38:33.0515 0x0f54  [ 0437199C88F6E88A387CFEC8A8886A6E, 1A5520DEF4636E9B32AF8B9733688957BF6F26D850A71BB9C7B479A727755528 ] C:\WINDOWS\System32\drivers\athr.sys
16:38:33.0515 0x0f54  C:\WINDOWS\System32\drivers\athr.sys - ok
16:38:33.0546 0x0f54  [ D65BC32C1795191B7F2B028351AB4FE2, 16A345F3A0AC24EED2E55A47C0011CD4EB793EC3C81B2B36D8EAD9C60C949353 ] C:\WINDOWS\System32\drivers\nvlddmkm.sys
16:38:33.0546 0x0f54  C:\WINDOWS\System32\drivers\nvlddmkm.sys - ok
16:38:33.0562 0x0f54  [ 988670D8343EF9835FB3659DB71B2EFA, 5F5370FDD08C4BFF0828341952E98E95F722CB779EEC08C9DD6212C4DF3CD33B ] C:\WINDOWS\System32\drivers\dxgkrnl.sys
16:38:33.0562 0x0f54  C:\WINDOWS\System32\drivers\dxgkrnl.sys - ok
16:38:33.0578 0x0f54  [ 4A5C31E2C1646034E6A60EBA4C747FF6, CC5473E0B07014AAD4FCC2EE01C9E607FE43422A5A5851B2AD38E37C0AB7CDCF ] C:\WINDOWS\System32\drivers\watchdog.sys
16:38:33.0578 0x0f54  C:\WINDOWS\System32\drivers\watchdog.sys - ok
16:38:33.0609 0x0f54  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] C:\WINDOWS\System32\drivers\i8042prt.sys
16:38:33.0609 0x0f54  C:\WINDOWS\System32\drivers\i8042prt.sys - ok
16:38:33.0640 0x0f54  [ 1210960FF8928950D2A786895B0C424A, 22C8785E024CFDD3A43FAEAAA96B8332C37E9B6C765AB7AFBCD3DAA2DC9EFFC7 ] C:\WINDOWS\System32\drivers\HpqKbFiltr.sys
16:38:33.0640 0x0f54  C:\WINDOWS\System32\drivers\HpqKbFiltr.sys - ok
16:38:33.0656 0x0f54  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] C:\WINDOWS\System32\drivers\kbdclass.sys
16:38:33.0656 0x0f54  C:\WINDOWS\System32\drivers\kbdclass.sys - ok
16:38:33.0687 0x0f54  [ 6DD49E1A5FA0F01824652F1A0A8866FB, E8839AF50AAA06A51A24004D26562694286DF638C7F86AB8408E496A7FEE52A4 ] C:\WINDOWS\System32\drivers\SynTP.sys
16:38:33.0687 0x0f54  C:\WINDOWS\System32\drivers\SynTP.sys - ok
16:38:33.0702 0x0f54  [ FE619ED13CE12F5B43C04E3EA061BBD6, DDED6F0C5987CCF81AC1FA8C670D84153C8F7A3492C4139B273DA7F8C98BE55A ] C:\WINDOWS\System32\drivers\usbd.sys
16:38:33.0702 0x0f54  C:\WINDOWS\System32\drivers\usbd.sys - ok
16:38:33.0718 0x0f54  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] C:\WINDOWS\System32\drivers\mouclass.sys
16:38:33.0718 0x0f54  C:\WINDOWS\System32\drivers\mouclass.sys - ok
16:38:33.0749 0x0f54  [ 47E55AFE1ED1D5AFF09690DB226F4A7A, 6D9EF6C4A70BD9C5DD98F70516257C377D97C30AFD4ABA7E1C721D84672C9084 ] C:\WINDOWS\System32\drivers\Storport.sys
16:38:33.0749 0x0f54  C:\WINDOWS\System32\drivers\Storport.sys - ok
16:38:33.0765 0x0f54  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] C:\WINDOWS\System32\drivers\msiscsi.sys
16:38:33.0765 0x0f54  C:\WINDOWS\System32\drivers\msiscsi.sys - ok
16:38:33.0812 0x0f54  [ 77937EFF009AC696B90E09F671F9D0A4, EF51316C44529E17B2C09EA06D55B4EF7BCC8B6EB8FEC02DE64005F99AA32C95 ] C:\WINDOWS\System32\drivers\tdi.sys
16:38:33.0812 0x0f54  C:\WINDOWS\System32\drivers\tdi.sys - ok
16:38:33.0812 0x0f54  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] C:\WINDOWS\System32\drivers\ndistapi.sys
16:38:33.0812 0x0f54  C:\WINDOWS\System32\drivers\ndistapi.sys - ok
16:38:33.0858 0x0f54  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] C:\WINDOWS\System32\drivers\rasl2tp.sys
16:38:33.0858 0x0f54  C:\WINDOWS\System32\drivers\rasl2tp.sys - ok
16:38:33.0858 0x0f54  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] C:\WINDOWS\System32\drivers\ndiswan.sys
16:38:33.0858 0x0f54  C:\WINDOWS\System32\drivers\ndiswan.sys - ok
16:38:33.0890 0x0f54  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] C:\WINDOWS\System32\drivers\raspppoe.sys
16:38:33.0890 0x0f54  C:\WINDOWS\System32\drivers\raspppoe.sys - ok
16:38:33.0905 0x0f54  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] C:\WINDOWS\System32\drivers\raspptp.sys
16:38:33.0905 0x0f54  C:\WINDOWS\System32\drivers\raspptp.sys - ok
16:38:33.0936 0x0f54  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] C:\WINDOWS\System32\drivers\rassstp.sys
16:38:33.0936 0x0f54  C:\WINDOWS\System32\drivers\rassstp.sys - ok
16:38:33.0952 0x0f54  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] C:\WINDOWS\System32\drivers\termdd.sys
16:38:33.0952 0x0f54  C:\WINDOWS\System32\drivers\termdd.sys - ok
16:38:33.0983 0x0f54  [ EF73C1E29FBE7B0FD0274BF4394E346A, F0C0524E6FE2E0EB9230995230868A4FFAA510129B7464BD7DB8AE9C8EAE4CF5 ] C:\WINDOWS\System32\drivers\ks.sys
16:38:33.0983 0x0f54  C:\WINDOWS\System32\drivers\ks.sys - ok
16:38:33.0999 0x0f54  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] C:\WINDOWS\System32\drivers\mssmbios.sys
16:38:33.0999 0x0f54  C:\WINDOWS\System32\drivers\mssmbios.sys - ok
16:38:34.0014 0x0f54  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] C:\WINDOWS\System32\drivers\swenum.sys
16:38:34.0014 0x0f54  C:\WINDOWS\System32\drivers\swenum.sys - ok
16:38:34.0046 0x0f54  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] C:\WINDOWS\System32\drivers\umbus.sys
16:38:34.0046 0x0f54  C:\WINDOWS\System32\drivers\umbus.sys - ok
16:38:34.0061 0x0f54  [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] C:\WINDOWS\System32\drivers\kbdhid.sys
16:38:34.0061 0x0f54  C:\WINDOWS\System32\drivers\kbdhid.sys - ok
16:38:34.0077 0x0f54  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] C:\WINDOWS\System32\drivers\usbhub.sys
16:38:34.0077 0x0f54  C:\WINDOWS\System32\drivers\usbhub.sys - ok
16:38:34.0108 0x0f54  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] C:\WINDOWS\System32\drivers\ndproxy.sys
16:38:34.0108 0x0f54  C:\WINDOWS\System32\drivers\ndproxy.sys - ok
16:38:34.0124 0x0f54  [ B6E7991E3D6146C04C85CD31AF22A381, 808393C7C5E59F273D03C62745A2AF759F588C102EDB6A2B8DD94C9A6AAF3F10 ] C:\WINDOWS\System32\drivers\CHDRT32.sys
16:38:34.0124 0x0f54  C:\WINDOWS\System32\drivers\CHDRT32.sys - ok
16:38:34.0155 0x0f54  [ 2A63675F6FA8EF0FF9F5C72695584CAA, 35828A7FF9242EF161639E3B9E6D98EFCFE82D683F7E219FCAEF9F6D9C89007B ] C:\WINDOWS\System32\drivers\drmk.sys
16:38:34.0155 0x0f54  C:\WINDOWS\System32\drivers\drmk.sys - ok
16:38:34.0170 0x0f54  [ 6DBA75306DD9B242B6F1C343179AD201, DC20492A07685588E6FE9F7B7AE01CA23EC9315CEA198F3BC58EE1CB6D0A1FD4 ] C:\WINDOWS\System32\drivers\portcls.sys
16:38:34.0170 0x0f54  C:\WINDOWS\System32\drivers\portcls.sys - ok
16:38:34.0186 0x0f54  [ A2882945CC4B6E3E4E9E825590438888, C0B7E695BBFFB927A3A7122BCA41B454B27F285A0A380E82CEDF87CE573A5C60 ] C:\WINDOWS\System32\drivers\HSXHWAZL.sys
16:38:34.0186 0x0f54  C:\WINDOWS\System32\drivers\HSXHWAZL.sys - ok
16:38:34.0202 0x0f54  [ CC267848CB3508E72762BE65734E764D, E7E39607A48E77544EE286EA678FC2ED8A6C20C9DCB8C901BC70140ECB2E7C2F ] C:\WINDOWS\System32\drivers\HSX_DPV.sys
16:38:34.0202 0x0f54  C:\WINDOWS\System32\drivers\HSX_DPV.sys - ok
16:38:34.0233 0x0f54  [ 0ACD399F5DB3DF1B58903CF4949AB5A8, F8FA0A8F631AA8F34A0506F1E5E09DFB6CDA1E9E92207A73A74F1A0E7768C49A ] C:\WINDOWS\System32\drivers\HSX_CNXT.sys
16:38:34.0233 0x0f54  C:\WINDOWS\System32\drivers\HSX_CNXT.sys - ok
16:38:34.0248 0x0f54  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] C:\WINDOWS\System32\drivers\modem.sys
16:38:34.0248 0x0f54  C:\WINDOWS\System32\drivers\modem.sys - ok
16:38:34.0280 0x0f54  [ 51FDE588D860857A97E4C4B560E40C9B, 8A3AC3E55249DAE6CCD95593989F8B100D5C4712A16681A36E5D0F2F08BD57AA ] C:\WINDOWS\System32\drivers\aswSnx.sys
16:38:34.0280 0x0f54  C:\WINDOWS\System32\drivers\aswSnx.sys - ok
16:38:34.0295 0x0f54  [ 1AEB8CDB797666AF709A291B47AE81E0, 12AC4DBC6338BA5E5C04B449FF8362E7EC8EBFCA675C4F21BE847DFDCAE8F7C9 ] C:\WINDOWS\System32\drivers\aswsp.sys
16:38:34.0295 0x0f54  C:\WINDOWS\System32\drivers\aswsp.sys - ok
16:38:34.0326 0x0f54  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] C:\WINDOWS\System32\drivers\fs_rec.sys
16:38:34.0326 0x0f54  C:\WINDOWS\System32\drivers\fs_rec.sys - ok
16:38:34.0342 0x0f54  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] C:\WINDOWS\System32\drivers\null.sys
16:38:34.0342 0x0f54  C:\WINDOWS\System32\drivers\null.sys - ok
16:38:34.0373 0x0f54  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] C:\WINDOWS\System32\drivers\beep.sys
16:38:34.0373 0x0f54  C:\WINDOWS\System32\drivers\beep.sys - ok
16:38:34.0389 0x0f54  [ C048D2C33D27441A0CDCAAE2651EB03D, CD7F755400EF36C9EC689480AC425B8A8395F649B2843DE762997524C9B381DF ] C:\WINDOWS\System32\drivers\videoprt.sys
16:38:34.0389 0x0f54  C:\WINDOWS\System32\drivers\videoprt.sys - ok
16:38:34.0404 0x0f54  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] C:\WINDOWS\System32\drivers\vga.sys
16:38:34.0404 0x0f54  C:\WINDOWS\System32\drivers\vga.sys - ok
16:38:34.0436 0x0f54  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] C:\WINDOWS\System32\drivers\RDPCDD.sys
16:38:34.0436 0x0f54  C:\WINDOWS\System32\drivers\RDPCDD.sys - ok
16:38:34.0467 0x0f54  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] C:\WINDOWS\System32\drivers\msfs.sys
16:38:34.0467 0x0f54  C:\WINDOWS\System32\drivers\msfs.sys - ok
16:38:34.0482 0x0f54  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] C:\WINDOWS\System32\drivers\RDPENCDD.sys
16:38:34.0482 0x0f54  C:\WINDOWS\System32\drivers\RDPENCDD.sys - ok
16:38:34.0514 0x0f54  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] C:\WINDOWS\System32\drivers\npfs.sys
16:38:34.0514 0x0f54  C:\WINDOWS\System32\drivers\npfs.sys - ok
16:38:34.0529 0x0f54  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] C:\WINDOWS\System32\drivers\rasacd.sys
16:38:34.0529 0x0f54  C:\WINDOWS\System32\drivers\rasacd.sys - ok
16:38:34.0560 0x0f54  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] C:\WINDOWS\System32\drivers\tdx.sys
16:38:34.0560 0x0f54  C:\WINDOWS\System32\drivers\tdx.sys - ok
16:38:34.0576 0x0f54  [ 26C51C289E39E8EE0F12B8B06B71E436, 81382FC3E836698432EE832A166F09251CC9164B17584E90F73037A1FA54E4F7 ] C:\WINDOWS\System32\drivers\aswTdi.sys
16:38:34.0576 0x0f54  C:\WINDOWS\System32\drivers\aswTdi.sys - ok
16:38:34.0607 0x0f54  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] C:\WINDOWS\System32\drivers\smb.sys
16:38:34.0607 0x0f54  C:\WINDOWS\System32\drivers\smb.sys - ok
16:38:34.0623 0x0f54  [ 3911B972B55FEA0478476B2E777B29FA, 62545B90C7DD3F73777E62CD8264E611A4D71B6956CABFD2D820D25F41F471FD ] C:\WINDOWS\System32\drivers\afd.sys
16:38:34.0623 0x0f54  C:\WINDOWS\System32\drivers\afd.sys - ok
16:38:34.0638 0x0f54  [ D6C9024F5D14843D33ADA8A6A10A1BE1, D40022D0A360FD4010D3D5D452BBC4CE9EE68224DEAB9584626E6F435E128857 ] C:\WINDOWS\System32\drivers\aswRdr.sys
16:38:34.0638 0x0f54  C:\WINDOWS\System32\drivers\aswRdr.sys - ok
16:38:34.0670 0x0f54  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] C:\WINDOWS\System32\drivers\netbt.sys
16:38:34.0670 0x0f54  C:\WINDOWS\System32\drivers\netbt.sys - ok
16:38:34.0685 0x0f54  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] C:\WINDOWS\System32\drivers\pacer.sys
16:38:34.0685 0x0f54  C:\WINDOWS\System32\drivers\pacer.sys - ok
16:38:34.0701 0x0f54  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] C:\WINDOWS\System32\drivers\netbios.sys
16:38:34.0701 0x0f54  C:\WINDOWS\System32\drivers\netbios.sys - ok
16:38:34.0732 0x0f54  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] C:\WINDOWS\System32\drivers\wanarp.sys
16:38:34.0732 0x0f54  C:\WINDOWS\System32\drivers\wanarp.sys - ok
16:38:34.0748 0x0f54  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] C:\WINDOWS\System32\drivers\rdbss.sys
16:38:34.0748 0x0f54  C:\WINDOWS\System32\drivers\rdbss.sys - ok
16:38:34.0763 0x0f54  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] C:\WINDOWS\System32\drivers\nsiproxy.sys
16:38:34.0763 0x0f54  C:\WINDOWS\System32\drivers\nsiproxy.sys - ok
16:38:34.0779 0x0f54  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] C:\WINDOWS\System32\drivers\dfsc.sys
16:38:34.0779 0x0f54  C:\WINDOWS\System32\drivers\dfsc.sys - ok
16:38:34.0810 0x0f54  [ BE7480C91E89EB82FC080F772C220AE4, 31A63BAA21B73B7395A2271A219E0A9B100E9CDEB275FF906F5C05B0A433BAB5 ] C:\WINDOWS\System32\smss.exe
16:38:34.0810 0x0f54  C:\WINDOWS\System32\smss.exe - ok
16:38:34.0826 0x0f54  [ B9FDFF876B0E7B4FECBAA5708C6ED616, 588B9677758DB19186ABE59D256D7E7CF224CA1923A60E37BFBDD03E8DAB9DB7 ] C:\WINDOWS\System32\ntdll.dll
16:38:34.0826 0x0f54  C:\WINDOWS\System32\ntdll.dll - ok
16:38:34.0841 0x0f54  [ 10761177A6EBE45843F443E99509F5E7, BB51065931E61EDBC920924D96B502D46E2967FFAFCE589171FC0D3AD43463CB ] C:\WINDOWS\System32\autochk.exe
16:38:34.0841 0x0f54  C:\WINDOWS\System32\autochk.exe - ok
16:38:34.0857 0x0f54  [ A64AEBC6C78B4CFD7F41A7277879DF8F, 2283E1D5D5ACF66B6C71A7755577F0A03DB5FC213E5D7DB067C9B7B6E805C202 ] C:\WINDOWS\System32\nsi.dll
16:38:34.0857 0x0f54  C:\WINDOWS\System32\nsi.dll - ok
16:38:34.0872 0x0f54  [ 551F51B66E5EA87A38D8197EB3BDB57A, 2006D0418848EAA2361C26D18246D0BAA646B6F25F2C0035BDC82967E9BD73F1 ] C:\WINDOWS\System32\setupapi.dll
16:38:34.0872 0x0f54  C:\WINDOWS\System32\setupapi.dll - ok
16:38:34.0904 0x0f54  [ 75510147B94598407666F4802797C75A, D9F989669EB0AAF384AA5462DD632999BF9C5A6BDB75C4F8857A6E9BDBE82B64 ] C:\WINDOWS\System32\user32.dll
16:38:34.0904 0x0f54  C:\WINDOWS\System32\user32.dll - ok
16:38:34.0919 0x0f54  [ C394079EB162E812D682C73FA96AF6E4, 639F482DBC82E1E8E7254A5F6FF0F60661EA4BE44D86CA13238913DABFA522F8 ] C:\WINDOWS\System32\clbcatq.dll
16:38:34.0919 0x0f54  C:\WINDOWS\System32\clbcatq.dll - ok
16:38:34.0935 0x0f54  [ B304D47D5744BA20FCB99FB8B2C07B0B, 16AAD9264CAB5B5489E2CF8F118132EA46FE9066B4C4320C0259BE88EBD111C8 ] C:\WINDOWS\System32\ws2_32.dll
16:38:34.0935 0x0f54  C:\WINDOWS\System32\ws2_32.dll - ok
16:38:34.0950 0x0f54  [ FB3E5FD7F74BFC301AD3FB7DE670EDCB, 286EB6EA24FC2A29FE8ABBE84DDEDB1B1061ACA2C6CE2D3975CD55C477CD6944 ] C:\WINDOWS\System32\usp10.dll
16:38:34.0950 0x0f54  C:\WINDOWS\System32\usp10.dll - ok
16:38:34.0966 0x0f54  [ 4AA2A0E26CEF1A803741253DCF9A1503, 8718BF6DC8678BDC5AF627F82D14E2D857D94A760529FF00F1D7B066F46CA832 ] C:\WINDOWS\System32\comdlg32.dll
16:38:34.0966 0x0f54  C:\WINDOWS\System32\comdlg32.dll - ok
16:38:34.0982 0x0f54  [ 50CAA7072C171B9887215C83D52069E4, AA1961787F24A6AFF9DD5D0A6110686EA654595D2EB941F5DA702498A662880D ] C:\WINDOWS\System32\advapi32.dll
16:38:34.0982 0x0f54  C:\WINDOWS\System32\advapi32.dll - ok
16:38:34.0997 0x0f54  [ E3C3BD69701CE6B7B17101E4F7740534, 9D6A308A961A1942D7BF8ABEABE6CA87EB13F7710D40F2F767CE4545C18864C6 ] C:\WINDOWS\System32\msctf.dll
16:38:34.0997 0x0f54  C:\WINDOWS\System32\msctf.dll - ok
16:38:35.0028 0x0f54  [ 872363237F24BCB03D73E2A3B4FBF38D, E5A64299C4D4F501E0A55FC8FE6823949C98327BCB68507A7AF9EECC893A2378 ] C:\WINDOWS\System32\gdi32.dll
16:38:35.0028 0x0f54  C:\WINDOWS\System32\gdi32.dll - ok
16:38:35.0044 0x0f54  [ 695DB97B018FB06F693F37108322AA1E, 20F438F5B143944DEA74D77851AB7668893A816B1E43ED87273E1EECDB8B7704 ] C:\WINDOWS\System32\kernel32.dll
16:38:35.0044 0x0f54  C:\WINDOWS\System32\kernel32.dll - ok
16:38:35.0060 0x0f54  [ 9586E7CB2255A8B097A7E4538202585E, 7A65B6268940279D77CE08D695306150A8F8DD9A6878D2A322799AC576960C6B ] C:\WINDOWS\System32\ole32.dll
16:38:35.0060 0x0f54  C:\WINDOWS\System32\ole32.dll - ok
16:38:35.0075 0x0f54  [ CFD26829131439B71D0109F9D5345573, D79B316D1F931EF4F030AF89A16E22594EB1F0867B5F44F49CC0E9000D7BC62E ] C:\WINDOWS\System32\wininet.dll
16:38:35.0075 0x0f54  C:\WINDOWS\System32\wininet.dll - ok
16:38:35.0106 0x0f54  [ 420B075CD71AB9E58D15DD258958FBA3, EDD96EDD4D3F1C05E34C769F9C4A1D966DA9B51A3B01CF25E9C5E30281E01AE2 ] C:\WINDOWS\System32\shlwapi.dll
16:38:35.0106 0x0f54  C:\WINDOWS\System32\shlwapi.dll - ok
16:38:35.0122 0x0f54  [ B8A609FB5EFB4E44FC1355B1C01C64BC, BB84036F8F16C6E2069FD8B18078A7E6CC98B513285FB1A8DC727B395C9E3A12 ] C:\WINDOWS\System32\Wldap32.dll
16:38:35.0122 0x0f54  C:\WINDOWS\System32\Wldap32.dll - ok
16:38:35.0153 0x0f54  [ B218342214D9BBA0F54EA12BA2E9278C, 0B68D881F3B60068C250A97492B81DB8463FFB4FDADC26CD14E2255472A6A2A0 ] C:\WINDOWS\System32\oleaut32.dll
16:38:35.0153 0x0f54  C:\WINDOWS\System32\oleaut32.dll - ok
16:38:35.0169 0x0f54  [ 09EA40F4DAD2EDB3587E5E0BAA9C3E15, 45EDA279BD838BD65702762E4EFEDA8F4178F9478E21678B8C75D1AA4015906E ] C:\WINDOWS\System32\imagehlp.dll
16:38:35.0169 0x0f54  C:\WINDOWS\System32\imagehlp.dll - ok
16:38:35.0184 0x0f54  [ AA5456C16D7F4B73177FD46AD63A12C4, 8FFE91312B1252212E59E0EDE04F928AECAE5E501526D27E4023CFFCAEA0CB4A ] C:\WINDOWS\System32\iertutil.dll
16:38:35.0184 0x0f54  C:\WINDOWS\System32\iertutil.dll - ok
16:38:35.0216 0x0f54  [ 8C4836F71F2DB629A99CF5A774594C66, 4045FB24E7F90EEA07D011AF73B2A309A908795362AE85114276650F78AA607C ] C:\WINDOWS\System32\shell32.dll
16:38:35.0216 0x0f54  C:\WINDOWS\System32\shell32.dll - ok
16:38:35.0231 0x0f54  [ 9F5AC4090D7C9F2591060DAC310FD294, EDE40CCC3435E04BE53A33B247435B5E2188E1E0BBFDF1D1F7EA60DA14C01AF2 ] C:\WINDOWS\System32\urlmon.dll
16:38:35.0231 0x0f54  C:\WINDOWS\System32\urlmon.dll - ok
16:38:35.0262 0x0f54  [ E389C328AC7FE5673593ECAD269E7A54, 4EACF7F293D736941BC9F1FA5E70C11EF55CCF74664ECDEF56DA53BA043C0C38 ] C:\WINDOWS\System32\rpcrt4.dll
16:38:35.0262 0x0f54  C:\WINDOWS\System32\rpcrt4.dll - ok
16:38:35.0278 0x0f54  [ 17AF64D727545F2804F6E6D998327E3F, CAD50C5321BF522CA6CA74662D032A98705ADD04A8BE38576B8EF0B8CE6DBA8A ] C:\WINDOWS\System32\msvcrt.dll
16:38:35.0278 0x0f54  C:\WINDOWS\System32\msvcrt.dll - ok
16:38:35.0294 0x0f54  [ C8BDCECEE082B54F0BAC838BF0A34597, 8C451FA2BA8E38D83E50EBF1D9F56FCBCBC7E2C6898C15254FE9F337F279E0C1 ] C:\WINDOWS\System32\imm32.dll
16:38:35.0294 0x0f54  C:\WINDOWS\System32\imm32.dll - ok
16:38:35.0325 0x0f54  [ 6F29236AB5926100972924BD29D9D225, E8B517FC36F25C4AE07021473B0BCDCDDD4B6E3FE004E6B0AD449C030267674C ] C:\WINDOWS\System32\normaliz.dll
16:38:35.0340 0x0f54  C:\WINDOWS\System32\normaliz.dll - ok
16:38:35.0356 0x0f54  [ 58035212AB7869A5FC3AF186ACBA8F09, BCBEE41B2E65560A71D9D9199C0F8D7657085EEE4F73CD2F04D0474823ED4200 ] C:\WINDOWS\System32\comctl32.dll
16:38:35.0356 0x0f54  C:\WINDOWS\System32\comctl32.dll - ok
16:38:35.0372 0x0f54  [ EB0E02749CE5C488741C9A0ABEAB5DEC, 558C6304AFD4DA12F8976F699E39D6C1749F28A2AD4308B1C9E6D56288405FBD ] C:\WINDOWS\System32\lpk.dll
16:38:35.0372 0x0f54  C:\WINDOWS\System32\lpk.dll - ok
16:38:35.0387 0x0f54  [ 93A1732F7F997E36A5C3893539E2FF02, 40B6F7A67F90E5D9948385418BD22BBD29DE86A151B35D1001081A61CA5FC612 ] C:\WINDOWS\System32\psapi.dll
16:38:35.0387 0x0f54  C:\WINDOWS\System32\psapi.dll - ok
16:38:35.0418 0x0f54  [ EAAAFEF04FBB45665C9576E525D45A12, 3472378C4E150B158B1C4E16760E278B0564BA10563D2CB181EFD17091056D87 ] C:\WINDOWS\System32\drivers\dxapi.sys
16:38:35.0418 0x0f54  C:\WINDOWS\System32\drivers\dxapi.sys - ok
16:38:35.0450 0x0f54  [ 7DEEA31FD41B77B433C17903B3416507, DE424D824FF5AB4A32E5F4742C2BED562857821474F0685DCFCD83F68F4B90E6 ] C:\WINDOWS\System32\win32k.sys
16:38:35.0450 0x0f54  C:\WINDOWS\System32\win32k.sys - ok
16:38:35.0465 0x0f54  [ 33F84B64D4765BCDFA0AB8464122DA14, 89FBC019E656B36A3B87F3F546C45A8DD033799606B05532FAC3E695DFD9701A ] C:\WINDOWS\System32\csrsrv.dll
16:38:35.0465 0x0f54  C:\WINDOWS\System32\csrsrv.dll - ok
16:38:35.0481 0x0f54  [ ABCA209EBA02CB59233614DB83B4F50D, CF48E43B33B14234F5004F9F3BF0D973B17A501108F39FB42CF9548FD2124960 ] C:\WINDOWS\System32\csrss.exe
16:38:35.0481 0x0f54  C:\WINDOWS\System32\csrss.exe - ok
16:38:35.0512 0x0f54  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\WINDOWS\System32\basesrv.dll
16:38:35.0512 0x0f54  C:\WINDOWS\System32\basesrv.dll - ok
16:38:35.0528 0x0f54  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\WINDOWS\System32\winsrv.dll
16:38:35.0528 0x0f54  C:\WINDOWS\System32\winsrv.dll - ok
16:38:35.0543 0x0f54  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] C:\WINDOWS\System32\drivers\monitor.sys
16:38:35.0543 0x0f54  C:\WINDOWS\System32\drivers\monitor.sys - ok
16:38:35.0574 0x0f54  [ CC21507D246861671A0BF97E75CE1B00, C36089B27D80F4FFD208A807310413DE3DCC7850F14D1B56F97670CC10F5566D ] C:\WINDOWS\System32\tsddd.dll
16:38:35.0574 0x0f54  C:\WINDOWS\System32\tsddd.dll - ok
16:38:35.0590 0x0f54  [ 101BA3EA053480BB5D957EF37C06B5ED, 9A02771DA9C226552A1766C2DD0295ECA8B5B80AAE13076FFCE6A806FA5C21B8 ] C:\WINDOWS\System32\wininit.exe
16:38:35.0590 0x0f54  C:\WINDOWS\System32\wininit.exe - ok
16:38:35.0606 0x0f54  [ D602FEDBD9155FC2DED6863FB60C950F, 5EADF6A70F3BB8CCF758AD645C96AF4034D7E8EEFE44C5008499809C510691EE ] C:\WINDOWS\System32\secur32.dll
16:38:35.0606 0x0f54  C:\WINDOWS\System32\secur32.dll - ok
16:38:35.0637 0x0f54  [ 665417528489096BBCB8AEA46D3DA924, BB0D895B481EFA6ED024C979238F5F482DF0A53912575A47EB4E9C643919112A ] C:\WINDOWS\System32\userenv.dll
16:38:35.0637 0x0f54  C:\WINDOWS\System32\userenv.dll - ok
16:38:35.0652 0x0f54  [ 12C8D6C564702B0776512932290A3F6B, D7AC82B7307694B6FDB3AC08C83C415005DFA26FD92D3AA3043B3600984792DA ] C:\WINDOWS\System32\KBDUS.DLL
16:38:35.0652 0x0f54  C:\WINDOWS\System32\KBDUS.DLL - ok
16:38:35.0699 0x0f54  [ D6F0260D9051C0B60998F4CDBE9B2CC6, D5805D6170FA05A7A8A592F0FB6B0E7E83A725313B499DA2F3394EA6060D0BB1 ] C:\WINDOWS\System32\cdd.dll
16:38:35.0699 0x0f54  C:\WINDOWS\System32\cdd.dll - ok
16:38:35.0699 0x0f54  [ 92283D9E33EC5F41ECC0B430B7459241, 9BE390D924438950025842667924819E6EB1E821893C9EFE5E06AB30CBD037BF ] C:\WINDOWS\System32\WlS0WndH.dll
16:38:35.0699 0x0f54  C:\WINDOWS\System32\WlS0WndH.dll - ok
16:38:35.0715 0x0f54  [ 1107BD574A84367735FEC38B9BD64E6B, 682D5372B533817C810F1DCB1C7AE42C44A786ED114601E56DF85FE1C41D5989 ] C:\WINDOWS\System32\apphelp.dll
16:38:35.0715 0x0f54  C:\WINDOWS\System32\apphelp.dll - ok
16:38:35.0746 0x0f54  [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\WINDOWS\System32\services.exe
16:38:35.0746 0x0f54  C:\WINDOWS\System32\services.exe - ok
16:38:35.0777 0x0f54  [ BE6FAC6F0745C67DAE7522C96406D083, 5FBDE0193F6C6752C8BAB88D945F536D1259B3290073FE73E97FD4D9603D9AD6 ] C:\WINDOWS\System32\sxs.dll
16:38:35.0777 0x0f54  C:\WINDOWS\System32\sxs.dll - ok
16:38:35.0793 0x0f54  [ 898E7C06A350D4A1A64A9EA264D55452, 0530B49018B59D4DCD3ECBC19E95B81438208AF34BC876BD07129A79896B4D7E ] C:\WINDOWS\System32\winlogon.exe
16:38:35.0793 0x0f54  C:\WINDOWS\System32\winlogon.exe - ok
16:38:35.0840 0x0f54  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] C:\WINDOWS\System32\lsass.exe
16:38:35.0840 0x0f54  C:\WINDOWS\System32\lsass.exe - ok
16:38:35.0871 0x0f54  [ D90911B3FA05D7B930C1286084B404DE, 200577AD30F9B3FBEAA2988B6858ED6811F7E75B0183F5F35F18207A0C932694 ] C:\WINDOWS\System32\scesrv.dll
16:38:35.0871 0x0f54  C:\WINDOWS\System32\scesrv.dll - ok
16:38:35.0886 0x0f54  [ 4774AD6C447E02E954BD9A793614EBEC, 7BA75A26DA67FD10BB3E0A2404A7319F8D8938B0330BA0978A9E21EBC8CD9BA4 ] C:\WINDOWS\System32\lsm.exe
16:38:35.0886 0x0f54  C:\WINDOWS\System32\lsm.exe - ok
16:38:35.0902 0x0f54  [ 1AE011BB950A5E0B05023D2AFEC3666D, 4602DB22B7D1643780DBE7A34A4887C119A0516C65E4063A9C2074CF39A495DC ] C:\WINDOWS\System32\authz.dll
16:38:35.0902 0x0f54  C:\WINDOWS\System32\authz.dll - ok
16:38:35.0918 0x0f54  [ 4AAFC7461633848AA87A363B2CBEC522, F2A452B5B71293011EED8CD5ABFA8D0B0761A92D4579CF9D98B1D2DC06D16791 ] C:\WINDOWS\System32\winsta.dll
16:38:35.0918 0x0f54  C:\WINDOWS\System32\winsta.dll - ok
16:38:35.0949 0x0f54  [ 178FAC2B7C66E9A4400CE7AC37623E3F, 30BF99E3F6B02566A83DCC072F5654DA28311ACC5308CFB25BE02C1BD3B5CEE3 ] C:\WINDOWS\System32\lsasrv.dll
16:38:35.0949 0x0f54  C:\WINDOWS\System32\lsasrv.dll - ok
16:38:35.0964 0x0f54  [ 98B656EAF128CD06F625B09C84D959E1, 3E6502E629F15E697A813FC56A9B1F13F5A6F3D0C20550AB3459B2507F868156 ] C:\WINDOWS\System32\netapi32.dll
16:38:35.0964 0x0f54  C:\WINDOWS\System32\netapi32.dll - ok
16:38:35.0980 0x0f54  [ 71F5A7104FDF16C0AC5283A6CE666553, 481D688B87CC4155FB98AEB816B5F331F2EC8A1B409B01BA270A67660CE9564A ] C:\WINDOWS\System32\sysntfy.dll
16:38:35.0980 0x0f54  C:\WINDOWS\System32\sysntfy.dll - ok
16:38:36.0011 0x0f54  [ F0321DA5203F1E71917F3B7A13DC4912, 2F40733CBDD6491DAA3182AFDB3CA9FBAE5C3EE15CD9FCFF20E2D74E98CA374F ] C:\WINDOWS\System32\wmsgapi.dll
16:38:36.0011 0x0f54  C:\WINDOWS\System32\wmsgapi.dll - ok



#4 rjrossi88

rjrossi88
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:09:29 PM

Posted 04 July 2014 - 03:57 PM

16:38:36.0027 0x0f54  [ 2FA16465F64DB54B1F7F511395EB4FD7, 9BC7865CC2EC9CE08E2848F8E8FB9E73715858A31243CB280C317578DDD97EDA ] C:\WINDOWS\System32\ncobjapi.dll
16:38:36.0027 0x0f54  C:\WINDOWS\System32\ncobjapi.dll - ok
16:38:36.0042 0x0f54  [ 7808BF0E367ED7348808879CEF482AB3, BAC633E351F0A2CF69C288E7CD983ED5986FE0CC180BF769A5C2EB5F8CABBE8A ] C:\WINDOWS\System32\samsrv.dll
16:38:36.0042 0x0f54  C:\WINDOWS\System32\samsrv.dll - ok
16:38:36.0074 0x0f54  [ 459B48188494490707DCA8BAA91AA185, E108A46F446A273BF118A73D4790FC85D49D6CE8ECC581AAEB942A1558D21327 ] C:\WINDOWS\System32\cryptdll.dll
16:38:36.0074 0x0f54  C:\WINDOWS\System32\cryptdll.dll - ok
16:38:36.0089 0x0f54  [ 85E861D0B88DB2B54ACB0839654C09F7, 751E4F1F282C3798712AFF551D1525D5D65B5E8229689862AAB0BBDCC35A5925 ] C:\WINDOWS\System32\dnsapi.dll
16:38:36.0089 0x0f54  C:\WINDOWS\System32\dnsapi.dll - ok
16:38:36.0105 0x0f54  [ EE2FF9A3FC4404234BE3B7C6AA383AF8, 51BF3C48BE9BF81A800EF5B247E03C78980B3FFFF37688C42C0F253351EEF4C1 ] C:\WINDOWS\System32\msasn1.dll
16:38:36.0105 0x0f54  C:\WINDOWS\System32\msasn1.dll - ok
16:38:36.0136 0x0f54  [ 7F0F1D4B0D847696F8E309423D227DCE, 4460A2E8B27EB74E951DF328DABFC6C905DD1538D2F2BEE59B2FDA05482CE9F7 ] C:\WINDOWS\System32\ntdsapi.dll
16:38:36.0136 0x0f54  C:\WINDOWS\System32\ntdsapi.dll - ok
16:38:36.0152 0x0f54  [ 453DE2958C885527E20C79A3FEFE6AF7, AC40DC0D1224A2F6FAA1A3396345371CAE7312C6D7EF0923602B2E89ED22BA2B ] C:\WINDOWS\System32\samlib.dll
16:38:36.0152 0x0f54  C:\WINDOWS\System32\samlib.dll - ok
16:38:36.0167 0x0f54  [ 0317420D419E1885894B3ED9D375D245, 17F4C64CA4FE560F09DA4C1D13D62B525B5C7B6FDD44B846C6953D595D83CF3D ] C:\WINDOWS\System32\crypt32.dll
16:38:36.0167 0x0f54  C:\WINDOWS\System32\crypt32.dll - ok
16:38:36.0198 0x0f54  [ 965AC9FBF2C67231C157E99C03C58D24, 732E6307AE0C8916F47CB0E74562C7991CF44D5656C5E071D3FBDF31EA734409 ] C:\WINDOWS\System32\feclient.dll
16:38:36.0198 0x0f54  C:\WINDOWS\System32\feclient.dll - ok
16:38:36.0214 0x0f54  [ 1F94EA31C9543B855F53BDAC7792DA4E, 3697D031632C47FC5AAB4208C05A7C4098DF390103CFDE99A512F685AD057F40 ] C:\WINDOWS\System32\mpr.dll
16:38:36.0214 0x0f54  C:\WINDOWS\System32\mpr.dll - ok
16:38:36.0230 0x0f54  [ C6DF7A87063D006ECF1FD8156CB6DE3F, 921AB6B88444B364F05D8EDF0EDDFA0892353A862CD3580F7EDA311E4FDC26B6 ] C:\WINDOWS\System32\SLC.dll
16:38:36.0230 0x0f54  C:\WINDOWS\System32\SLC.dll - ok
16:38:36.0261 0x0f54  [ 4DE3C4D07BAFDE616EFA0ADE076CBAC2, 9088837534980C39A885BF9FE2B0945166A433F0263DE7F8E9D4F5E153A70DF3 ] C:\WINDOWS\System32\wevtapi.dll
16:38:36.0261 0x0f54  C:\WINDOWS\System32\wevtapi.dll - ok
16:38:36.0292 0x0f54  [ 4FE8425F21B3F0F8C4B4726351D43EAA, F45C1429BD60EEAB7BE8C2114B9C819CED7583249CEE1AB234A8A05A484528A9 ] C:\WINDOWS\System32\IPHLPAPI.DLL
16:38:36.0292 0x0f54  C:\WINDOWS\System32\IPHLPAPI.DLL - ok
16:38:36.0308 0x0f54  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] C:\WINDOWS\System32\dhcpcsvc.dll
16:38:36.0308 0x0f54  C:\WINDOWS\System32\dhcpcsvc.dll - ok
16:38:36.0323 0x0f54  [ DFB6B71CDABA9DFB49C9D2B318B97A1A, F380B9A28D56DEC902154A0251B58BD3576355EDE2CD13CF47D7F4DBE3D61C97 ] C:\WINDOWS\System32\dhcpcsvc6.dll
16:38:36.0323 0x0f54  C:\WINDOWS\System32\dhcpcsvc6.dll - ok
16:38:36.0354 0x0f54  [ 6B09105742C75DF80CEF21700F20F55A, D781C5F22BEBB5C51B7792EBB4421C170F2CC5FE28E9245E9D6B9D22E33423AB ] C:\WINDOWS\System32\winnsi.dll
16:38:36.0354 0x0f54  C:\WINDOWS\System32\winnsi.dll - ok
16:38:36.0370 0x0f54  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] C:\WINDOWS\System32\aelupsvc.dll
16:38:36.0370 0x0f54  C:\WINDOWS\System32\aelupsvc.dll - ok
16:38:36.0386 0x0f54  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] C:\WINDOWS\System32\alg.exe
16:38:36.0386 0x0f54  C:\WINDOWS\System32\alg.exe - ok
16:38:36.0417 0x0f54  [ 7F15B4953378C8B5161D65C26D5FED4D, 70C80736225273D083F071E625CC47E5C889E8D7426D8D3461F87D41286F06D0 ] C:\WINDOWS\System32\cngaudit.dll
16:38:36.0417 0x0f54  C:\WINDOWS\System32\cngaudit.dll - ok
16:38:36.0432 0x0f54  [ 13CC59C1B04E9F20A87987C68CD4BE3F, E65363E112CF58007CA650782997413EAFFFDAC25B66976BC7B3A2CBD5ED3933 ] C:\WINDOWS\System32\ncrypt.dll
16:38:36.0432 0x0f54  C:\WINDOWS\System32\ncrypt.dll - ok
16:38:36.0448 0x0f54  [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] C:\WINDOWS\System32\appinfo.dll
16:38:36.0448 0x0f54  C:\WINDOWS\System32\appinfo.dll - ok
16:38:36.0479 0x0f54  [ DE0DD9AE3430F84A96B5501112A696BE, 28ED17BCAE5DB58885547213B5241F8E6599ADE3BB7834A54AC2F10D3285C45F ] C:\WINDOWS\System32\bcrypt.dll
16:38:36.0479 0x0f54  C:\WINDOWS\System32\bcrypt.dll - ok
16:38:36.0495 0x0f54  [ 3464DAE0E801F5A81A23C571D86F30B2, A5C0256618215A96BC8CB68357E5278DBF01C3E2CFFDC77EB4A703F1342687D2 ] C:\WINDOWS\System32\rascfg.dll
16:38:36.0495 0x0f54  C:\WINDOWS\System32\rascfg.dll - ok
16:38:36.0510 0x0f54  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] C:\WINDOWS\System32\audiosrv.dll
16:38:36.0510 0x0f54  C:\WINDOWS\System32\audiosrv.dll - ok
16:38:36.0542 0x0f54  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] C:\WINDOWS\System32\BFE.DLL
16:38:36.0542 0x0f54  C:\WINDOWS\System32\BFE.DLL - ok
16:38:36.0557 0x0f54  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] C:\WINDOWS\System32\qmgr.dll
16:38:36.0557 0x0f54  C:\WINDOWS\System32\qmgr.dll - ok
16:38:36.0573 0x0f54  [ 26F139DDEC6407508071930D3D07337E, 90EF02DCA67C68AFBEB8E2BE2E1BD6E400F2A386C3CE8AF5573E9F89B7636688 ] C:\WINDOWS\System32\credssp.dll
16:38:36.0573 0x0f54  C:\WINDOWS\System32\credssp.dll - ok
16:38:36.0588 0x0f54  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] C:\WINDOWS\System32\browser.dll
16:38:36.0604 0x0f54  C:\WINDOWS\System32\browser.dll - ok
16:38:36.0620 0x0f54  [ ABE9EEA1EABEA0711610A637A7B1C25D, 973F8BE8E411E1037DFC3FE3F979412450D268E4D34C0F38F3F015D2E00CD8AC ] C:\WINDOWS\System32\msprivs.dll
16:38:36.0620 0x0f54  C:\WINDOWS\System32\msprivs.dll - ok
16:38:36.0635 0x0f54  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] C:\WINDOWS\System32\certprop.dll
16:38:36.0635 0x0f54  C:\WINDOWS\System32\certprop.dll - ok
16:38:36.0666 0x0f54  [ AA01497884F9CBAC89470120AF78D2B1, FACE3C2E7B0796A690B2E25175579575153453D90EB9B08FB164356575FA7614 ] C:\WINDOWS\System32\kerberos.dll
16:38:36.0666 0x0f54  C:\WINDOWS\System32\kerberos.dll - ok
16:38:36.0698 0x0f54  [ 4211249955AF9133E2E357CC92B54DFD, 5868F1B809783723C45D3A60DC6B2A21C216E9329D131B282A5851E38603DF55 ] C:\WINDOWS\System32\comres.dll
16:38:36.0698 0x0f54  C:\WINDOWS\System32\comres.dll - ok
16:38:36.0729 0x0f54  [ 22CFAEB9172F5F198048401485CD0571, 94E0B8590268BD21B035297F5B0C01A4E8958A1DB39A5AA654EA1805BD30CEC2 ] C:\WINDOWS\System32\WSHTCPIP.DLL
16:38:36.0729 0x0f54  C:\WINDOWS\System32\WSHTCPIP.DLL - ok
16:38:36.0744 0x0f54  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] C:\WINDOWS\System32\cryptsvc.dll
16:38:36.0744 0x0f54  C:\WINDOWS\System32\cryptsvc.dll - ok
16:38:36.0776 0x0f54  [ 08D6D1692B62C9EE4062E1FA04D8FE2F, 0DDB6D64524CDED04DE6521FC834BC4507ECF4C51C9F9BC407B510222E4F0343 ] C:\WINDOWS\System32\oleres.dll
16:38:36.0776 0x0f54  C:\WINDOWS\System32\oleres.dll - ok
16:38:36.0791 0x0f54  [ 9E80FF0752E365F97FD2D1D68C2AFDA1, 07924F0966A05A992130D29BBF634214D0DFE4081851ED18B1E334437DD008D0 ] C:\WINDOWS\System32\wship6.dll
16:38:36.0791 0x0f54  C:\WINDOWS\System32\wship6.dll - ok
16:38:36.0822 0x0f54  [ 74F380C8EC8813626C670D46E8A714D1, 25E20A08048DB18CB1B1071B6FF916561A809561F587E26306FB75A8AA173FE3 ] C:\WINDOWS\System32\dfsrres.dll
16:38:36.0822 0x0f54  C:\WINDOWS\System32\dfsrres.dll - ok
16:38:36.0838 0x0f54  [ 05C3B38DB95BA5585817A4F898EE5581, 227357221F00BA91D7907966FF251F6834D69ABD630174A56F9A6C98723C1625 ] C:\WINDOWS\System32\wshqos.dll
16:38:36.0838 0x0f54  C:\WINDOWS\System32\wshqos.dll - ok
16:38:36.0854 0x0f54  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] C:\WINDOWS\System32\dot3svc.dll
16:38:36.0854 0x0f54  C:\WINDOWS\System32\dot3svc.dll - ok
16:38:36.0885 0x0f54  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] C:\WINDOWS\System32\dps.dll
16:38:36.0885 0x0f54  C:\WINDOWS\System32\dps.dll - ok
16:38:36.0900 0x0f54  [ FC62A635063B762E1C3C60EA77279378, 9C7ADE37C9F2F9CC5A79D75260736C3791C7A73FB84BE6B7E575CA31A4B99667 ] C:\WINDOWS\System32\NapiNSP.dll
16:38:36.0900 0x0f54  C:\WINDOWS\System32\NapiNSP.dll - ok
16:38:36.0932 0x0f54  [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] C:\WINDOWS\System32\nlasvc.dll
16:38:36.0932 0x0f54  C:\WINDOWS\System32\nlasvc.dll - ok
16:38:36.0947 0x0f54  [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] C:\WINDOWS\ehome\ehrecvr.exe
16:38:36.0947 0x0f54  C:\WINDOWS\ehome\ehrecvr.exe - ok
16:38:36.0963 0x0f54  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] C:\WINDOWS\System32\eapsvc.dll
16:38:36.0963 0x0f54  C:\WINDOWS\System32\eapsvc.dll - ok
16:38:37.0010 0x0f54  [ 8617350C9B590B63E620881092751BCB, 4D16A2197F9ED9062CFD93061294FB8E1068071D03E72B6CF3C7256F1B454A9B ] C:\WINDOWS\System32\mswsock.dll
16:38:37.0010 0x0f54  C:\WINDOWS\System32\mswsock.dll - ok
16:38:37.0041 0x0f54  [ 690D41DF1D555F96D4898A0F54EBA065, 3A8C9304D49657765DF0FCCEAE2A529982025D8677CCA5930824921F77B8F404 ] C:\WINDOWS\System32\pnrpnsp.dll
16:38:37.0041 0x0f54  C:\WINDOWS\System32\pnrpnsp.dll - ok
16:38:37.0088 0x0f54  [ 4ABCE74D012971305249E45E095E9EA6, 6D53BB81F781694577ED8F6DBF41D0900C552DEC2F433206E5B087E80B239DE3 ] C:\WINDOWS\System32\msv1_0.dll
16:38:37.0088 0x0f54  C:\WINDOWS\System32\msv1_0.dll - ok
16:38:37.0103 0x0f54  [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] C:\WINDOWS\ehome\ehsched.exe
16:38:37.0103 0x0f54  C:\WINDOWS\ehome\ehsched.exe - ok
16:38:37.0134 0x0f54  [ 95DAECF0FB120A7B5DA679CC54E37DDE, 492129AB9AF4F11CDE46148F6CC3AB6841D0F715DEF5E387B33CD8C79F5298BC ] C:\WINDOWS\System32\netlogon.dll
16:38:37.0134 0x0f54  C:\WINDOWS\System32\netlogon.dll - ok
16:38:37.0150 0x0f54  [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] C:\WINDOWS\ehome\ehstart.dll
16:38:37.0150 0x0f54  C:\WINDOWS\ehome\ehstart.dll - ok
16:38:37.0166 0x0f54  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] C:\WINDOWS\System32\emdmgmt.dll
16:38:37.0166 0x0f54  C:\WINDOWS\System32\emdmgmt.dll - ok
16:38:37.0197 0x0f54  [ 72910BC4A218C49EA8E43D1FAEC403A5, AAC5026C440BA588D532703A582386EC33B2BCAE2D7A6EF7798498FDDF6F617A ] C:\WINDOWS\System32\winbrand.dll
16:38:37.0197 0x0f54  C:\WINDOWS\System32\winbrand.dll - ok
16:38:37.0212 0x0f54  [ A1B40A28F38D27A7E3229EE4C7064434, 76CD78FAFC99C472CDFCE848B1E31037811D4D645849C9FDA1B22161A1191A2D ] C:\WINDOWS\System32\wevtsvc.dll
16:38:37.0212 0x0f54  C:\WINDOWS\System32\wevtsvc.dll - ok
16:38:37.0228 0x0f54  [ 50E3E76B0901BB4FC029BB88BFA5CE79, 2633FB41F30C68EB68B6241F89C035B3F66CBF51EDB6B4E2FFFE562CE3EEA745 ] C:\WINDOWS\System32\schannel.dll
16:38:37.0228 0x0f54  C:\WINDOWS\System32\schannel.dll - ok
16:38:37.0259 0x0f54  [ 93620229F3CC3B67A3528BF39F064C30, BB5CD222902D528030DD6CB458691DD37BAFCCC0E35119F3C127DB5C55244780 ] C:\WINDOWS\System32\wdigest.dll
16:38:37.0259 0x0f54  C:\WINDOWS\System32\wdigest.dll - ok
16:38:37.0275 0x0f54  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] C:\WINDOWS\System32\fdPHost.dll
16:38:37.0275 0x0f54  C:\WINDOWS\System32\fdPHost.dll - ok
16:38:37.0290 0x0f54  [ E14170AEA125119B98FA2BDE3FF4F462, 939758ADA9D1A7E3B6BA1DB6D9E41D3FA27A7013C156F0B63010A0FB62DD64F8 ] C:\WINDOWS\System32\rsaenh.dll
16:38:37.0290 0x0f54  C:\WINDOWS\System32\rsaenh.dll - ok
16:38:37.0322 0x0f54  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] C:\WINDOWS\System32\FDResPub.dll
16:38:37.0322 0x0f54  C:\WINDOWS\System32\FDResPub.dll - ok
16:38:37.0337 0x0f54  [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] C:\WINDOWS\System32\FntCache.dll
16:38:37.0337 0x0f54  C:\WINDOWS\System32\FntCache.dll - ok
16:38:37.0353 0x0f54  [ F8873D15018F411588BEC02C1725BADA, 7E90B1D820733C80B438287D89FC3D4219B2C97BD878EB5BA2DBFF64BBF3938A ] C:\WINDOWS\System32\TSpkg.dll
16:38:37.0353 0x0f54  C:\WINDOWS\System32\TSpkg.dll - ok
16:38:37.0384 0x0f54  [ 0F420E81062757EA8363CBACD4D40D6D, 9FC3A7C512B065F18B520FE93B821717BB8B4C36BD976E8D014F71116073CF50 ] C:\WINDOWS\System32\gpapi.dll
16:38:37.0384 0x0f54  C:\WINDOWS\System32\gpapi.dll - ok
16:38:37.0415 0x0f54  [ 302964DCAC79D618CC7B72C778DA9FD2, 7F2980AA49592B308E5D4C1A311AE837F65E9FB35761734A936626E81F0A7F10 ] C:\WINDOWS\System32\PresentationHost.exe
16:38:37.0415 0x0f54  C:\WINDOWS\System32\PresentationHost.exe - ok
16:38:37.0431 0x0f54  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] C:\WINDOWS\System32\hidserv.dll
16:38:37.0431 0x0f54  C:\WINDOWS\System32\hidserv.dll - ok
16:38:37.0446 0x0f54  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] C:\WINDOWS\System32\KMSVC.DLL
16:38:37.0446 0x0f54  C:\WINDOWS\System32\KMSVC.DLL - ok
16:38:37.0524 0x0f54  [ 05586F5438AB0DA4F5149159E0E5FD4B, D022FF63300D88DE959EA1B415A5ADC6578059088B2B39DC9DB60A0D29F45935 ] C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
16:38:37.0524 0x0f54  C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok
16:38:37.0540 0x0f54  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] C:\WINDOWS\System32\IKEEXT.DLL
16:38:37.0540 0x0f54  C:\WINDOWS\System32\IKEEXT.DLL - ok
16:38:37.0556 0x0f54  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] C:\WINDOWS\System32\IPBusEnum.dll
16:38:37.0556 0x0f54  C:\WINDOWS\System32\IPBusEnum.dll - ok
16:38:37.0587 0x0f54  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] C:\WINDOWS\System32\iphlpsvc.dll
16:38:37.0587 0x0f54  C:\WINDOWS\System32\iphlpsvc.dll - ok
16:38:37.0602 0x0f54  [ 74C2F29CC612B2B34231BEBD824D2FB2, 0C0888AB3B2D8C8F17CA57A503C61F867C8F12A6E6F645DEFE7A2C299AA59AD8 ] C:\WINDOWS\System32\keyiso.dll
16:38:37.0602 0x0f54  C:\WINDOWS\System32\keyiso.dll - ok
16:38:37.0618 0x0f54  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] C:\WINDOWS\System32\srvsvc.dll
16:38:37.0618 0x0f54  C:\WINDOWS\System32\srvsvc.dll - ok
16:38:37.0634 0x0f54  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] C:\WINDOWS\System32\wkssvc.dll
16:38:37.0634 0x0f54  C:\WINDOWS\System32\wkssvc.dll - ok
16:38:37.0665 0x0f54  [ FA0593D936C9B95FB6FAA32AD1595D49, E7DEC36E708D62D6E95649F3F82DD1CB3E4A77934ABC86FD44FE1F37826901B0 ] C:\WINDOWS\System32\lltdres.dll
16:38:37.0665 0x0f54  C:\WINDOWS\System32\lltdres.dll - ok
16:38:37.0680 0x0f54  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] C:\WINDOWS\System32\lmhsvc.dll
16:38:37.0680 0x0f54  C:\WINDOWS\System32\lmhsvc.dll - ok
16:38:37.0696 0x0f54  [ 132F6237FA3BF3E9715F63A1CCF72BF1, E877AACC2DE4E93A00C76D537D471AA268DC3B983D48407C6707FC682982DBF5 ] C:\WINDOWS\ehome\ehres.dll
16:38:37.0696 0x0f54  C:\WINDOWS\ehome\ehres.dll - ok
16:38:37.0727 0x0f54  [ 95F1EB99B81CFD6F581C85F0A0AA9B2B, 65EE7016E6235880C4443119BF32CF12D4A9A9CA3810B974B575AD31D380A7FB ] C:\WINDOWS\System32\FirewallAPI.dll
16:38:37.0727 0x0f54  C:\WINDOWS\System32\FirewallAPI.dll - ok
16:38:37.0758 0x0f54  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] C:\WINDOWS\System32\mmcss.dll
16:38:37.0758 0x0f54  C:\WINDOWS\System32\mmcss.dll - ok
16:38:37.0774 0x0f54  [ EA822412BBBA9B7D2B1A3748AD50EFB8, 10BA6E240FEC5BB1A0A7C0D75E0495D99FD48D68CA69C0985DD921658835225C ] C:\WINDOWS\System32\iscsidsc.dll
16:38:37.0774 0x0f54  C:\WINDOWS\System32\iscsidsc.dll - ok
16:38:37.0805 0x0f54  [ ED21401F1E2F6BC2F54C462BB66D0D6B, 7E3874AFB57CA6B7CDA3833DB0E43E9D2BEE7C5C70AC1182260740CCA40291CA ] C:\WINDOWS\System32\msimsg.dll
16:38:37.0805 0x0f54  C:\WINDOWS\System32\msimsg.dll - ok
16:38:37.0821 0x0f54  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] C:\WINDOWS\System32\QAGENTRT.DLL
16:38:37.0821 0x0f54  C:\WINDOWS\System32\QAGENTRT.DLL - ok
16:38:37.0836 0x0f54  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] C:\WINDOWS\System32\netman.dll
16:38:37.0836 0x0f54  C:\WINDOWS\System32\netman.dll - ok
16:38:37.0868 0x0f54  [ 43DF1E019494642C3F7AED0FCB231D27, E79E4A431ABDF9F5E024558782981FFB3FE7D3648833ADD6F82CD62467800CAB ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll
16:38:37.0868 0x0f54  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll - ok
16:38:37.0883 0x0f54  [ ED640F4CE585058119B824CC76591D9C, B8FA63CEE5105DD034084F34D0FDB223EAC1228888EDBD9EB48BF1B64F720C0E ] C:\WINDOWS\System32\netprof.dll
16:38:37.0883 0x0f54  C:\WINDOWS\System32\netprof.dll - ok
16:38:37.0899 0x0f54  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] C:\WINDOWS\System32\nsisvc.dll
16:38:37.0899 0x0f54  C:\WINDOWS\System32\nsisvc.dll - ok
16:38:37.0914 0x0f54  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] C:\WINDOWS\System32\p2psvc.dll
16:38:37.0914 0x0f54  C:\WINDOWS\System32\p2psvc.dll - ok
16:38:37.0946 0x0f54  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] C:\WINDOWS\System32\pcasvc.dll
16:38:37.0946 0x0f54  C:\WINDOWS\System32\pcasvc.dll - ok
16:38:37.0946 0x0f54  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] C:\WINDOWS\System32\pla.dll
16:38:37.0946 0x0f54  C:\WINDOWS\System32\pla.dll - ok
16:38:37.0977 0x0f54  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] C:\WINDOWS\System32\umpnpmgr.dll
16:38:37.0977 0x0f54  C:\WINDOWS\System32\umpnpmgr.dll - ok
16:38:37.0992 0x0f54  [ 64B28D672B5B6A01E87B0C3096B1E047, D4E5875A25E0EBEFD4AE38A3BA508CF99DD7278E7D4E1C95C7E1B8E42F381A10 ] C:\WINDOWS\System32\polstore.dll
16:38:37.0992 0x0f54  C:\WINDOWS\System32\polstore.dll - ok
16:38:38.0008 0x0f54  [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] C:\WINDOWS\System32\profsvc.dll
16:38:38.0008 0x0f54  C:\WINDOWS\System32\profsvc.dll - ok
16:38:38.0039 0x0f54  [ 08F9134A2215B7ED985409A4DF60AC60, BAFFCA0BA71A11FE63AB8411D8951E9AE087E31E04E9D226CCB21E82B79F2DCE ] C:\WINDOWS\System32\psbase.dll
16:38:38.0039 0x0f54  C:\WINDOWS\System32\psbase.dll - ok
16:38:38.0055 0x0f54  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] C:\WINDOWS\System32\qwave.dll
16:38:38.0055 0x0f54  C:\WINDOWS\System32\qwave.dll - ok
16:38:38.0070 0x0f54  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] C:\WINDOWS\System32\drivers\qwavedrv.sys
16:38:38.0070 0x0f54  C:\WINDOWS\System32\drivers\qwavedrv.sys - ok
16:38:38.0102 0x0f54  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] C:\WINDOWS\System32\rasauto.dll
16:38:38.0102 0x0f54  C:\WINDOWS\System32\rasauto.dll - ok
16:38:38.0117 0x0f54  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] C:\WINDOWS\System32\rasmans.dll
16:38:38.0117 0x0f54  C:\WINDOWS\System32\rasmans.dll - ok
16:38:38.0133 0x0f54  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] C:\WINDOWS\System32\sstpsvc.dll
16:38:38.0133 0x0f54  C:\WINDOWS\System32\sstpsvc.dll - ok
16:38:38.0164 0x0f54  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] C:\WINDOWS\System32\mprdim.dll
16:38:38.0164 0x0f54  C:\WINDOWS\System32\mprdim.dll - ok
16:38:38.0180 0x0f54  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] C:\WINDOWS\System32\regsvc.dll
16:38:38.0180 0x0f54  C:\WINDOWS\System32\regsvc.dll - ok
16:38:38.0195 0x0f54  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] C:\WINDOWS\System32\Locator.exe
16:38:38.0195 0x0f54  C:\WINDOWS\System32\Locator.exe - ok
16:38:38.0226 0x0f54  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] C:\WINDOWS\System32\SCardSvr.dll
16:38:38.0226 0x0f54  C:\WINDOWS\System32\SCardSvr.dll - ok
16:38:38.0242 0x0f54  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] C:\WINDOWS\System32\schedsvc.dll
16:38:38.0242 0x0f54  C:\WINDOWS\System32\schedsvc.dll - ok
16:38:38.0258 0x0f54  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] C:\WINDOWS\System32\sdrsvc.dll
16:38:38.0258 0x0f54  C:\WINDOWS\System32\sdrsvc.dll - ok
16:38:38.0273 0x0f54  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] C:\WINDOWS\System32\seclogon.dll
16:38:38.0273 0x0f54  C:\WINDOWS\System32\seclogon.dll - ok
16:38:38.0304 0x0f54  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] C:\WINDOWS\System32\Sens.dll
16:38:38.0304 0x0f54  C:\WINDOWS\System32\Sens.dll - ok
16:38:38.0320 0x0f54  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] C:\WINDOWS\System32\ipnathlp.dll
16:38:38.0320 0x0f54  C:\WINDOWS\System32\ipnathlp.dll - ok
16:38:38.0351 0x0f54  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] C:\WINDOWS\System32\SessEnv.dll
16:38:38.0351 0x0f54  C:\WINDOWS\System32\SessEnv.dll - ok
16:38:38.0367 0x0f54  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] C:\WINDOWS\System32\shsvcs.dll
16:38:38.0367 0x0f54  C:\WINDOWS\System32\shsvcs.dll - ok
16:38:38.0382 0x0f54  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] C:\WINDOWS\System32\SLsvc.exe
16:38:38.0382 0x0f54  C:\WINDOWS\System32\SLsvc.exe - ok
16:38:38.0414 0x0f54  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] C:\WINDOWS\System32\SLUINotify.dll
16:38:38.0414 0x0f54  C:\WINDOWS\System32\SLUINotify.dll - ok
16:38:38.0429 0x0f54  [ E4060CFE50F87C72316CB0FDB20E4913, FC7D21327E5FAA424798097FBE5A2F7821BE8A1E54F80E81A620A52DC8E933AA ] C:\WINDOWS\System32\tcpipcfg.dll
16:38:38.0429 0x0f54  C:\WINDOWS\System32\tcpipcfg.dll - ok
16:38:38.0445 0x0f54  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] C:\WINDOWS\System32\snmptrap.exe
16:38:38.0445 0x0f54  C:\WINDOWS\System32\snmptrap.exe - ok
16:38:38.0476 0x0f54  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] C:\WINDOWS\System32\spoolsv.exe
16:38:38.0476 0x0f54  C:\WINDOWS\System32\spoolsv.exe - ok
16:38:38.0476 0x0f54  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] C:\WINDOWS\System32\ssdpsrv.dll
16:38:38.0476 0x0f54  C:\WINDOWS\System32\ssdpsrv.dll - ok
16:38:38.0507 0x0f54  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] C:\WINDOWS\System32\wiaservc.dll
16:38:38.0507 0x0f54  C:\WINDOWS\System32\wiaservc.dll - ok
16:38:38.0523 0x0f54  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] C:\WINDOWS\System32\swprv.dll
16:38:38.0523 0x0f54  C:\WINDOWS\System32\swprv.dll - ok
16:38:38.0538 0x0f54  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] C:\WINDOWS\System32\sysmain.dll
16:38:38.0538 0x0f54  C:\WINDOWS\System32\sysmain.dll - ok
16:38:38.0570 0x0f54  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] C:\WINDOWS\System32\TabSvc.dll
16:38:38.0570 0x0f54  C:\WINDOWS\System32\TabSvc.dll - ok
16:38:38.0585 0x0f54  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] C:\WINDOWS\System32\tapisrv.dll
16:38:38.0585 0x0f54  C:\WINDOWS\System32\tapisrv.dll - ok
16:38:38.0616 0x0f54  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] C:\WINDOWS\System32\tbssvc.dll
16:38:38.0616 0x0f54  C:\WINDOWS\System32\tbssvc.dll - ok
16:38:38.0632 0x0f54  [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] C:\WINDOWS\System32\termsrv.dll
16:38:38.0632 0x0f54  C:\WINDOWS\System32\termsrv.dll - ok
16:38:38.0648 0x0f54  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] C:\WINDOWS\System32\trkwks.dll
16:38:38.0648 0x0f54  C:\WINDOWS\System32\trkwks.dll - ok
16:38:38.0663 0x0f54  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] C:\WINDOWS\servicing\TrustedInstaller.exe
16:38:38.0663 0x0f54  C:\WINDOWS\servicing\TrustedInstaller.exe - ok
16:38:38.0694 0x0f54  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] C:\WINDOWS\System32\UI0Detect.exe
16:38:38.0694 0x0f54  C:\WINDOWS\System32\UI0Detect.exe - ok
16:38:38.0710 0x0f54  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] C:\WINDOWS\System32\upnphost.dll
16:38:38.0710 0x0f54  C:\WINDOWS\System32\upnphost.dll - ok
16:38:38.0726 0x0f54  [ 01DD1004181FD46ECDC3628228EB269D, 8AED6773AE1C8B65B4CAD6229BD05E224D348CF2A9D9F7D50F2513A9B1E14F66 ] C:\WINDOWS\System32\dwm.exe
16:38:38.0726 0x0f54  C:\WINDOWS\System32\dwm.exe - ok
16:38:38.0741 0x0f54  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] C:\WINDOWS\System32\vds.exe
16:38:38.0741 0x0f54  C:\WINDOWS\System32\vds.exe - ok
16:38:38.0757 0x0f54  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] C:\WINDOWS\System32\VSSVC.exe
16:38:38.0850 0x0f54  C:\WINDOWS\System32\VSSVC.exe - ok
16:38:38.0850 0x0f54  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] C:\WINDOWS\System32\w32time.dll
16:38:38.0850 0x0f54  C:\WINDOWS\System32\w32time.dll - ok
16:38:38.0866 0x0f54  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] C:\WINDOWS\System32\wcncsvc.dll
16:38:38.0866 0x0f54  C:\WINDOWS\System32\wcncsvc.dll - ok
16:38:38.0897 0x0f54  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] C:\WINDOWS\System32\WcsPlugInService.dll
16:38:38.0897 0x0f54  C:\WINDOWS\System32\WcsPlugInService.dll - ok
16:38:38.0913 0x0f54  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] C:\WINDOWS\System32\drivers\Wdf01000.sys
16:38:38.0913 0x0f54  C:\WINDOWS\System32\drivers\Wdf01000.sys - ok
16:38:38.0928 0x0f54  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] C:\WINDOWS\System32\wdi.dll
16:38:38.0928 0x0f54  C:\WINDOWS\System32\wdi.dll - ok
16:38:38.0960 0x0f54  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] C:\WINDOWS\System32\WebClnt.dll
16:38:38.0960 0x0f54  C:\WINDOWS\System32\WebClnt.dll - ok
16:38:38.0975 0x0f54  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] C:\WINDOWS\System32\wecsvc.dll
16:38:38.0975 0x0f54  C:\WINDOWS\System32\wecsvc.dll - ok
16:38:38.0991 0x0f54  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] C:\WINDOWS\System32\wercplsupport.dll
16:38:38.0991 0x0f54  C:\WINDOWS\System32\wercplsupport.dll - ok
16:38:39.0006 0x0f54  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] C:\WINDOWS\System32\wersvc.dll
16:38:39.0006 0x0f54  C:\WINDOWS\System32\wersvc.dll - ok
16:38:39.0022 0x0f54  [ 62DB790A860CDFC4278D2F03CC5675D8, FE5CA54BC7E89ED539BED3C578ADC745E42F3B5623A84FE52AF593CA24895F39 ] C:\Program Files\Windows Defender\MsMpRes.dll
16:38:39.0022 0x0f54  C:\Program Files\Windows Defender\MsMpRes.dll - ok
16:38:39.0053 0x0f54  [ DBD02E3E6F061EBBBF9B99A9D7CBA30B, 2C65C129BD1D4279B78E7EDF83F6FB398B705A56A99942F4CA61C9E52D21D25A ] C:\WINDOWS\System32\winhttp.dll
16:38:39.0053 0x0f54  C:\WINDOWS\System32\winhttp.dll - ok
16:38:39.0069 0x0f54  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] C:\WINDOWS\System32\wbem\WMIsvc.dll
16:38:39.0069 0x0f54  C:\WINDOWS\System32\wbem\WMIsvc.dll - ok
16:38:39.0084 0x0f54  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] C:\WINDOWS\System32\WsmSvc.dll
16:38:39.0084 0x0f54  C:\WINDOWS\System32\WsmSvc.dll - ok
16:38:39.0116 0x0f54  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] C:\WINDOWS\System32\wlansvc.dll
16:38:39.0116 0x0f54  C:\WINDOWS\System32\wlansvc.dll - ok
16:38:39.0131 0x0f54  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] C:\WINDOWS\System32\wbem\WmiApSrv.exe
16:38:39.0131 0x0f54  C:\WINDOWS\System32\wbem\WmiApSrv.exe - ok
16:38:39.0147 0x0f54  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] C:\Program Files\Windows Media Player\wmpnetwk.exe
16:38:39.0147 0x0f54  C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
16:38:39.0162 0x0f54  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] C:\WINDOWS\System32\wpcsvc.dll
16:38:39.0162 0x0f54  C:\WINDOWS\System32\wpcsvc.dll - ok
16:38:39.0194 0x0f54  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] C:\WINDOWS\System32\wpdbusenum.dll
16:38:39.0194 0x0f54  C:\WINDOWS\System32\wpdbusenum.dll - ok
16:38:39.0225 0x0f54  [ F8D3544ACBCE9110362119F7C10D848E, 31C49201A931751A36286874AC0B929D886F490D7CE48CCC9283850A56AD9FD9 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
16:38:39.0225 0x0f54  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe - ok
16:38:39.0240 0x0f54  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] C:\WINDOWS\System32\wscsvc.dll
16:38:39.0240 0x0f54  C:\WINDOWS\System32\wscsvc.dll - ok
16:38:39.0272 0x0f54  [ AED0DFF80C6B3914769407E78D7AB21A, 5B9779B163302F80A256AACBBE2E22B827EDDEC491F109C439184CBD5B343151 ] C:\WINDOWS\System32\SearchIndexer.exe
16:38:39.0272 0x0f54  C:\WINDOWS\System32\SearchIndexer.exe - ok
16:38:39.0272 0x0f54  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] C:\WINDOWS\System32\wuaueng.dll
16:38:39.0272 0x0f54  C:\WINDOWS\System32\wuaueng.dll - ok
16:38:39.0303 0x0f54  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] C:\WINDOWS\System32\drivers\WUDFPf.sys
16:38:39.0303 0x0f54  C:\WINDOWS\System32\drivers\WUDFPf.sys - ok
16:38:39.0334 0x0f54  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] C:\WINDOWS\System32\WUDFSvc.dll
16:38:39.0334 0x0f54  C:\WINDOWS\System32\WUDFSvc.dll - ok
16:38:39.0350 0x0f54  [ 8FC182167381E9915651267044105EE1, A0F0039496CA0755C07E7F249D4101D66FA64AFA5C8CE036428060AB106A1250 ] C:\WINDOWS\System32\scecli.dll
16:38:39.0350 0x0f54  C:\WINDOWS\System32\scecli.dll - ok
16:38:39.0365 0x0f54  [ CD08EEC61C591AF59A39F4363C567D30, 6A8413BE885A07235F59846FAD986B7A65CF009EAD78DD378114B6362DDDB371 ] C:\WINDOWS\System32\ntmarta.dll
16:38:39.0365 0x0f54  C:\WINDOWS\System32\ntmarta.dll - ok
16:38:39.0381 0x0f54  [ 3794B461C45882E06856F282EEF025AF, D4F79D7BC639FE86AC68961E6273836B9D7AF491773FD054395B33D317017BEB ] C:\WINDOWS\System32\svchost.exe
16:38:39.0381 0x0f54  C:\WINDOWS\System32\svchost.exe - ok
16:38:39.0396 0x0f54  [ 9A7F4B2EDACD11444D048AA19CBB26AF, 2CC3632D39484C959855B8A27DDED12A44765D7723CCF150E9F8B70015F1AA2E ] C:\WINDOWS\System32\powrprof.dll
16:38:39.0396 0x0f54  C:\WINDOWS\System32\powrprof.dll - ok
16:38:39.0428 0x0f54  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] C:\WINDOWS\System32\drivers\luafv.sys
16:38:39.0428 0x0f54  C:\WINDOWS\System32\drivers\luafv.sys - ok
16:38:39.0443 0x0f54  [ C3014C735F450FE822C97FFBB0627113, 1CCFE845AED1757B8C1F52D310933076FF1EC197D82E499DB4592B09D66137B0 ] C:\WINDOWS\System32\drivers\aswMonFlt.sys
16:38:39.0443 0x0f54  C:\WINDOWS\System32\drivers\aswMonFlt.sys - ok
16:38:39.0459 0x0f54  [ A8C043670699C956D56B9F1F3DAEFC98, 1D951638546C426737872C1A64A11597DD02A736CEEE789024968437DAD2FC94 ] C:\WINDOWS\System32\nvvsvc.exe
16:38:39.0459 0x0f54  C:\WINDOWS\System32\nvvsvc.exe - ok
16:38:39.0474 0x0f54  [ BE3C082837866C4C291ADAF163C10EA6, 9C65ABFE6E11B05C9309B86A87ADDD3557C043D4582E1A29530EBC36D470B13D ] C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
16:38:39.0474 0x0f54  C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll - ok
16:38:39.0506 0x0f54  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] C:\WINDOWS\System32\rpcss.dll
16:38:39.0506 0x0f54  C:\WINDOWS\System32\rpcss.dll - ok
16:38:39.0521 0x0f54  [ 69827805A221C21450BA22F4326A2EE3, 2580CEB58BE4AEF7DEB134F3AD251188CAED05BC992B4FA977CCD11BD583BE5E ] C:\WINDOWS\System32\version.dll
16:38:39.0521 0x0f54  C:\WINDOWS\System32\version.dll - ok
16:38:39.0537 0x0f54  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] C:\Program Files\Windows Defender\MpSvc.dll
16:38:39.0537 0x0f54  C:\Program Files\Windows Defender\MpSvc.dll - ok
16:38:39.0552 0x0f54  [ 62D577288B48998FC6667BF22DC5B690, 2AE9E184BA655EB56488A3DEFF1C7C37B1C99EEB821E961390FCE2EFCE6D7CBF ] C:\WINDOWS\System32\LogonUI.exe
16:38:39.0552 0x0f54  C:\WINDOWS\System32\LogonUI.exe - ok
16:38:39.0568 0x0f54  [ D16A740186870C32941C0E61DF4F1298, 070E994DC851F9E397CCABCB2227D3E4E096463E89BF34E3C09896BF9A08C91E ] C:\WINDOWS\System32\wintrust.dll
16:38:39.0568 0x0f54  C:\WINDOWS\System32\wintrust.dll - ok
16:38:39.0599 0x0f54  [ 1BD363738B672A394EBE3B8A78EAB9D3, 68D405EE3AE5A013E631892D6F4AAA8C654C2BCE30D749E9DAA3C49823006BA9 ] C:\Program Files\Windows Defender\MpClient.dll
16:38:39.0599 0x0f54  C:\Program Files\Windows Defender\MpClient.dll - ok
16:38:39.0615 0x0f54  [ 58C2521D87C494831A625202C80354AD, 6C5D9503E587904F5207E0AB470325DBEA0C32EB6693521DE669DF2D0BD935D4 ] C:\WINDOWS\System32\authui.dll
16:38:39.0615 0x0f54  C:\WINDOWS\System32\authui.dll - ok
16:38:39.0630 0x0f54  [ 2EC53B5A351C4D443896DBAD117F7E82, E158AD22F1905B41D7975E3725D7A870FB192D7258C4330DF06CD4AC02A7CFE4 ] C:\WINDOWS\System32\msimg32.dll
16:38:39.0630 0x0f54  C:\WINDOWS\System32\msimg32.dll - ok
16:38:39.0646 0x0f54  [ 999D69DEB576C2C424294DF025891CC6, ED634C9829E87F4D016446F2E2F44B542A263F166F69EF5759BBE964A457ECBE ] C:\WINDOWS\System32\uxtheme.dll
16:38:39.0646 0x0f54  C:\WINDOWS\System32\uxtheme.dll - ok
16:38:39.0677 0x0f54  [ 33F571D9F4B0B4107E60323075F64980, A5C8FE2BDED4C10D0CB4F0AF26F644C95C613EF49AAA44CF1A0047532652C92A ] C:\WINDOWS\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.19096_none_9e59a14eca0fa8de\GdiPlus.dll
16:38:39.0677 0x0f54  C:\WINDOWS\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.19096_none_9e59a14eca0fa8de\GdiPlus.dll - ok
16:38:39.0693 0x0f54  [ 75EB73E64F5B4655D9797D20F26DE320, 4AA94D039AC5BD7D39766C4E2A4F7DFCDD46782D3B2483677D722949A7B790FC ] C:\WINDOWS\System32\duser.dll
16:38:39.0693 0x0f54  C:\WINDOWS\System32\duser.dll - ok
16:38:39.0708 0x0f54  [ 1908CC7673F72601AFFDCA022689CEDF, 57E9F87421D7D7447F0BE5B6746D90DECFBCF82972E9A08E2F3943F6CDAE9F84 ] C:\WINDOWS\System32\xmllite.dll
16:38:39.0708 0x0f54  C:\WINDOWS\System32\xmllite.dll - ok
16:38:39.0740 0x0f54  [ DA887F28054D78EE8637BEBB924A2DB5, 59FD437C4DC766210A1111764EA0D88138F471851068E4660D989ECD42D92DF7 ] C:\WINDOWS\System32\slwga.dll
16:38:39.0818 0x0f54  C:\WINDOWS\System32\slwga.dll - ok
16:38:39.0833 0x0f54  [ 56B5914070B2C243DFB3D186070DA89D, 657EBC48F8AE297F76898C5417797C3542B086C40F84D32F7D76FA14893B2C08 ] C:\WINDOWS\System32\MMDevAPI.dll
16:38:39.0833 0x0f54  C:\WINDOWS\System32\MMDevAPI.dll - ok
16:38:39.0849 0x0f54  [ C9244BCAC83B259B920BBEE18A97BFE1, 9EA58407433F86BAAC3B4A6C334FB3BC59032FF4EB50EFA7CD639AA56D96E908 ] C:\WINDOWS\System32\avrt.dll
16:38:39.0849 0x0f54  C:\WINDOWS\System32\avrt.dll - ok
16:38:39.0864 0x0f54  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] C:\WINDOWS\System32\drivers\fltMgr.sys
16:38:39.0864 0x0f54  C:\WINDOWS\System32\drivers\fltMgr.sys - ok
16:38:39.0896 0x0f54  [ 57418956DDAE128D1023C508E7D07071, 94C77D511983CD139D909C3E157BA5DF579EB3D559C58CB69517B8895D591034 ] C:\WINDOWS\System32\PSHED.DLL
16:38:39.0896 0x0f54  C:\WINDOWS\System32\PSHED.DLL - ok
16:38:39.0911 0x0f54  [ EC43D9CC95C3BB5FEFDBCF22D375E1F5, 088BF98E433F7E25889262549DC1C27FB0DF8C26905B5BF4A0F69AA3DA0995E5 ] C:\WINDOWS\System32\adtschema.dll
16:38:39.0911 0x0f54  C:\WINDOWS\System32\adtschema.dll - ok
16:38:39.0927 0x0f54  [ B25DBBA6C63A61FF4AFDB5ADAB4E70CB, 272C4175900FD4DD36E863BF6658AA1DB863C01573E0C89E354754938AA32EDF ] C:\WINDOWS\System32\SmartcardCredentialProvider.dll
16:38:39.0927 0x0f54  C:\WINDOWS\System32\SmartcardCredentialProvider.dll - ok
16:38:39.0942 0x0f54  [ 9DC3723519F52B6BC63EACD4BD411313, 7EA9EC9AD518AA9E575100E052CAC44EC2443501C4E133E9C7C70A05A171D239 ] C:\WINDOWS\System32\rasplap.dll
16:38:39.0942 0x0f54  C:\WINDOWS\System32\rasplap.dll - ok
16:38:39.0974 0x0f54  [ 3CB863B78642405371CB3A71C07E2382, 571D43BBB0D0D54A7D508E9D0E70CDF5F1F3B147B4F6B15EB3D893401BB6F40F ] C:\WINDOWS\System32\rasapi32.dll
16:38:39.0974 0x0f54  C:\WINDOWS\System32\rasapi32.dll - ok
16:38:39.0989 0x0f54  [ 3A1DDA77F331D107BA40DB06E4D666E9, 544A63148756AD0E993DD79F0656E73E23386BF0DA54394000044FD0972C838D ] C:\WINDOWS\System32\rasman.dll
16:38:39.0989 0x0f54  C:\WINDOWS\System32\rasman.dll - ok
16:38:40.0005 0x0f54  [ 70F08ECE7A30A639D3F0C8C433685C7D, E7B852E949D0DB9C3D63C4F49DECF9C93781142EAC6F6D66C9FC8E0027E904F4 ] C:\WINDOWS\System32\tapi32.dll
16:38:40.0005 0x0f54  C:\WINDOWS\System32\tapi32.dll - ok
16:38:40.0020 0x0f54  [ 3D418A22A56471295AEB1CEB9027C3DA, C1D5E63B7400E6436E348AE1D9E2B3701174856DDAACE39C00134DC89497AACF ] C:\WINDOWS\System32\rtutils.dll
16:38:40.0036 0x0f54  C:\WINDOWS\System32\rtutils.dll - ok
16:38:40.0052 0x0f54  [ 14FF750EFE13B0C21E5A06507C3A97B1, 6962EE642FB635442D3E75CE022BAFE78FA453DD6E8E3DAC8B484C699454AF0F ] C:\WINDOWS\System32\winmm.dll
16:38:40.0052 0x0f54  C:\WINDOWS\System32\winmm.dll - ok
16:38:40.0067 0x0f54  [ DC15AB7168C0309D8F04FD95B6240422, C94550429403C710A2BD26EA67AEF698522CF4826C0A4C4A7D2CBC3145AB40A6 ] C:\WINDOWS\System32\oleacc.dll
16:38:40.0067 0x0f54  C:\WINDOWS\System32\oleacc.dll - ok
16:38:40.0083 0x0f54  [ 627920CFF5DFCF8CF54CF2D592D61307, 5339B6E9EA04AD8FCFF976E0DEBB62C1591980E50906DC0D11640EB6CD6CF183 ] C:\WINDOWS\System32\WinSCard.dll
16:38:40.0083 0x0f54  C:\WINDOWS\System32\WinSCard.dll - ok
16:38:40.0114 0x0f54  [ F42483814FC39170B3982A184EC5AAA2, DD8A1E7C6714DF07742EFDF6CA5AB93CDC547F56EB8C1066C56A68E83A818DD2 ] C:\WINDOWS\System32\wtsapi32.dll
16:38:40.0114 0x0f54  C:\WINDOWS\System32\wtsapi32.dll - ok
16:38:40.0145 0x0f54  [ 5CAAE5333EF36DB4A8D294418AB37E80, 0FAC92CDED62CEFDD44B3DC714FC3A453FEAAF44653F3AB75FB5A093A1DA71E9 ] C:\WINDOWS\System32\p2pcollab.dll
16:38:40.0145 0x0f54  C:\WINDOWS\System32\p2pcollab.dll - ok
16:38:40.0161 0x0f54  [ A99871BA522CB2539AE275AC18CACC8F, CBE1F5B357AAE3EA03E8E0AE2E1A1DE4EDF8F35AD056DCF1DC4E413284C86FC3 ] C:\WINDOWS\System32\cabinet.dll
16:38:40.0161 0x0f54  C:\WINDOWS\System32\cabinet.dll - ok
16:38:40.0176 0x0f54  [ 12A1DF1B84FB45A00D47B2CDE2CEEBBA, 66CE19049421B34597E201843577E8299462D9338B87461FDEC477D54C04DD36 ] C:\WINDOWS\System32\shgina.dll
16:38:40.0176 0x0f54  C:\WINDOWS\System32\shgina.dll - ok
16:38:40.0208 0x0f54  [ 70932D6C3D59B416CBD2BE5A3B3D4BE6, E2590A9E0343B5FE5CB68AFFB33D3DD5320002A5228B6316FC71468BABD19DC8 ] C:\WINDOWS\System32\shacct.dll
16:38:40.0208 0x0f54  C:\WINDOWS\System32\shacct.dll - ok
16:38:40.0223 0x0f54  [ 7DACD94118E2D8B6D72F47ADEB0367BF, 6467DE36C7DB6502AF17210148194F16BE76A9BA793105FAC763536CC14CE693 ] C:\WINDOWS\System32\propsys.dll
16:38:40.0223 0x0f54  C:\WINDOWS\System32\propsys.dll - ok
16:38:40.0239 0x0f54  [ A39E57CEEFB852AB5099AC6CF04C369D, 89C3138863460884610B09513EAFA21E40EEFB443818C274F2214FF6AA556745 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CCB23839-D4EB-423F-9604-31045C5900CE}\mpengine.dll
16:38:40.0239 0x0f54  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CCB23839-D4EB-423F-9604-31045C5900CE}\mpengine.dll - ok
16:38:40.0270 0x0f54  [ 3437B9E218A2E4586BEF4F7A3BD00777, 01FBFA70A741B1717430FCA58F675C2154B83907BD35D75A444C191FB2C2B1A2 ] C:\WINDOWS\System32\audiodg.exe
16:38:40.0270 0x0f54  C:\WINDOWS\System32\audiodg.exe - ok
16:38:40.0286 0x0f54  [ 4DF066ECEE5A7B20BF8B39EF4D646600, CA1859155E0187388E3C774B796A27B773C026E4D06C9193EF6B23C6990E4E8E ] C:\WINDOWS\System32\wdmaud.drv
16:38:40.0286 0x0f54  C:\WINDOWS\System32\wdmaud.drv - ok
16:38:40.0332 0x0f54  [ 919CC2A0476D5A6A4C935D4B88E29912, E9884E7565BAA72CEF0B805908B1B78C759074E9402CB5CC563A2F73B875DCBA ] C:\WINDOWS\System32\ksuser.dll
16:38:40.0332 0x0f54  C:\WINDOWS\System32\ksuser.dll - ok
16:38:40.0348 0x0f54  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] C:\WINDOWS\System32\gpsvc.dll
16:38:40.0348 0x0f54  C:\WINDOWS\System32\gpsvc.dll - ok
16:38:40.0364 0x0f54  [ D1A84F7D4CAFCFE2A32149FF418056E5, 1BF29E5E1C541F36DEDCD0DDCCCA0F35D19E94D2655055EE2477439940BAAFF1 ] C:\WINDOWS\System32\nlaapi.dll
16:38:40.0364 0x0f54  C:\WINDOWS\System32\nlaapi.dll - ok
16:38:40.0379 0x0f54  [ 409F36C8BD06FCE184631EB4142B009A, 5DEEA3B8937B9C3DD716060819E78A1C12AD00A7D0EC8CB47823B7EE856CCFE1 ] C:\WINDOWS\System32\atl.dll
16:38:40.0379 0x0f54  C:\WINDOWS\System32\atl.dll - ok
16:38:40.0410 0x0f54  [ 7258434974EA735725FD2D4A65C5E821, 4D4BCEEDAA3B293B599CED5777E3695C8B1A07805FE84223A72A5785CA68E6F4 ] C:\WINDOWS\System32\AudioSes.dll
16:38:40.0410 0x0f54  C:\WINDOWS\System32\AudioSes.dll - ok
16:38:40.0426 0x0f54  [ DB7F4AB85298F3FE522C5512B8B0F56D, A659963B55DBF26657920B718E6598F0B64975B292BA9AB5FCFB4485B5CF9DDF ] C:\WINDOWS\System32\AudioEng.dll
16:38:40.0426 0x0f54  C:\WINDOWS\System32\AudioEng.dll - ok
16:38:40.0442 0x0f54  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] C:\WINDOWS\System32\es.dll
16:38:40.0442 0x0f54  C:\WINDOWS\System32\es.dll - ok
16:38:40.0457 0x0f54  [ 4B555106290BD117334E9A08761C035A, 8A3808FBC197040BF0C65084514E8441E35FFFF8E31980F9CE1F41ED65E08437 ] C:\WINDOWS\System32\rundll32.exe
16:38:40.0473 0x0f54  C:\WINDOWS\System32\rundll32.exe - ok
16:38:40.0488 0x0f54  [ 166F004D73EA2CF4AC61800CA469458D, 7C1D83DC49505E452D7AFD843312B1B197BBB613D604BFF41FD4235B06F24EF3 ] C:\WINDOWS\System32\msacm32.drv
16:38:40.0488 0x0f54  C:\WINDOWS\System32\msacm32.drv - ok
16:38:40.0504 0x0f54  [ BDBB449425991154135E5ED1559927E6, C89AE8DD76EC8F669B5FFA9F8CBB4531743D3E1D8975B416EF2CB5AB35DB4EF2 ] C:\WINDOWS\System32\msacm32.dll
16:38:40.0504 0x0f54  C:\WINDOWS\System32\msacm32.dll - ok
16:38:40.0520 0x0f54  [ 1DACD1530C6E58AEAE9F6DE7DA851935, 923C936B935BDCCBE7DD0D6F2921CFA5980FC15F950E29B72E649AC0B9867EB2 ] C:\WINDOWS\System32\shimeng.dll
16:38:40.0520 0x0f54  C:\WINDOWS\System32\shimeng.dll - ok
16:38:40.0551 0x0f54  [ 83199EF88D691E730B80666E29F90D58, A7D3E5CA5AE7308201159A25BE59C0A90C079F88F0D588BEA7CE98BBD2838FB0 ] C:\WINDOWS\System32\midimap.dll
16:38:40.0551 0x0f54  C:\WINDOWS\System32\midimap.dll - ok
16:38:40.0566 0x0f54  [ D6804F089CBB6749E95124E7C4D80900, 262065CFC88A1E27996CA6B161A5B87B40B2ED1850EE928A2033D140C1A84F60 ] C:\WINDOWS\AppPatch\AcLayers.dll
16:38:40.0566 0x0f54  C:\WINDOWS\AppPatch\AcLayers.dll - ok
16:38:40.0613 0x0f54  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] C:\WINDOWS\System32\uxsms.dll
16:38:40.0613 0x0f54  C:\WINDOWS\System32\uxsms.dll - ok
16:38:40.0644 0x0f54  [ 296937202E4D930AAE98085B99D744D8, 65F569B7291307FD2B0F782888F18E23027A8F986CFB7B719CA53E93FA3B1367 ] C:\WINDOWS\System32\AUDIOKSE.dll
16:38:40.0644 0x0f54  C:\WINDOWS\System32\AUDIOKSE.dll - ok
16:38:40.0676 0x0f54  [ 8269CC01940A202BBB9FDF26705DBD67, 70DAB5CBEB5B2855784A9F6E3A52FD36C6FE18415FB01176481F85AEF5B3E67B ] C:\WINDOWS\System32\hid.dll
16:38:40.0676 0x0f54  C:\WINDOWS\System32\hid.dll - ok
16:38:40.0691 0x0f54  [ D5CF1536137026ACDED95BF6CBF849F6, 1F98483A28319F06716F4EC4E1F48DE3B2DC07783D6406EED9B4DBADC9C17E65 ] C:\WINDOWS\System32\WUDFPlatform.dll
16:38:40.0691 0x0f54  C:\WINDOWS\System32\WUDFPlatform.dll - ok
16:38:40.0707 0x0f54  [ A7F8BAD9590ADDC425B4003E94780DFA, 52F742BA0DF75CBD3625808FC38119C3F417A074AB65C6CC2B07610168D89CB7 ] C:\WINDOWS\System32\drivers\spsys.sys
16:38:40.0707 0x0f54  C:\WINDOWS\System32\drivers\spsys.sys - ok
16:38:40.0738 0x0f54  [ 6836D001FC733F205ACB80A7986CB6C9, C56ACEBA2597649BE1C5D00407C57FC8A9D5F9715491884E5DB0D58940CFEB34 ] C:\WINDOWS\System32\WindowsCodecs.dll
16:38:40.0738 0x0f54  C:\WINDOWS\System32\WindowsCodecs.dll - ok
16:38:40.0754 0x0f54  [ B9B4AEFBDD1B105A39312914C6F7F0A5, B77CB382CA70C1D7196E4B5088F54F20603E6EEF805D0CD1179A63573D92A02F ] C:\WINDOWS\System32\CnxtAp32.dll
16:38:40.0754 0x0f54  C:\WINDOWS\System32\CnxtAp32.dll - ok
16:38:40.0769 0x0f54  [ 5EC8FB83F31AA2D6F421F02C3F4F4475, CC325D32700AED6CEA6FA1190C04FEDA9A52DABB3E47D3923BA9BBE06A5EB556 ] C:\WINDOWS\System32\winspool.drv
16:38:40.0769 0x0f54  C:\WINDOWS\System32\winspool.drv - ok
16:38:40.0800 0x0f54  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] C:\WINDOWS\System32\drivers\lltdio.sys
16:38:40.0800 0x0f54  C:\WINDOWS\System32\drivers\lltdio.sys - ok
16:38:40.0816 0x0f54  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] C:\WINDOWS\System32\drivers\nwifi.sys
16:38:40.0816 0x0f54  C:\WINDOWS\System32\drivers\nwifi.sys - ok
16:38:40.0847 0x0f54  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] C:\WINDOWS\System32\drivers\ndisuio.sys
16:38:40.0847 0x0f54  C:\WINDOWS\System32\drivers\ndisuio.sys - ok
16:38:40.0894 0x0f54  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] C:\WINDOWS\System32\drivers\rspndr.sys
16:38:40.0894 0x0f54  C:\WINDOWS\System32\drivers\rspndr.sys - ok
16:38:40.0925 0x0f54  [ B9F65F4B9D8912764C8081AD05396EEF, 3AA65DCE3F2B23AB13EA8E0B2DEDD0085F3D67056C175158E65414F84F14F0F7 ] C:\WINDOWS\System32\nvsvc.dll
16:38:40.0925 0x0f54  C:\WINDOWS\System32\nvsvc.dll - ok
16:38:40.0941 0x0f54  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] C:\WINDOWS\System32\dnsrslvr.dll
16:38:40.0941 0x0f54  C:\WINDOWS\System32\dnsrslvr.dll - ok
16:38:40.0956 0x0f54  [ 3AB4023CBD406AC33AB8CDFF6C8079A0, BEAC47A3930E7E0A38540DAD16C934A45CD129251C621B1334715CF8FB6073CA ] C:\WINDOWS\System32\eapphost.dll
16:38:40.0956 0x0f54  C:\WINDOWS\System32\eapphost.dll - ok
16:38:40.0988 0x0f54  [ 3B0489DE8CC3058B48471660C60A7B75, A4EE12ACE2EB2E48E0D40A8845E3DCE8CF5A9D07EF29EE38F25A7F5BE3566919 ] C:\WINDOWS\System32\rastls.dll
16:38:40.0988 0x0f54  C:\WINDOWS\System32\rastls.dll - ok
16:38:40.0988 0x0f54  [ 82A79D5BE740D0AE9C91AA6DE4B3AC5A, C7E9FB7FE06626931A64846AE628655FC5469D840E42315E5E70C89810E622B3 ] C:\WINDOWS\System32\raschap.dll
16:38:40.0988 0x0f54  C:\WINDOWS\System32\raschap.dll - ok
16:38:41.0019 0x0f54  [ E8FF1BE138C11031706CB01C8BEF0239, F9338CE6FCF85E1CB6A9F8AD99040C204C6B5B7D25EF375B7625CA6F5E4F9677 ] C:\WINDOWS\System32\nvapi.dll
16:38:41.0019 0x0f54  C:\WINDOWS\System32\nvapi.dll - ok
16:38:41.0034 0x0f54  [ E45051C374F845EDF3DB02A35BA13193, A42F9E45F7B6733AE4FB9A10E8CEB30508CAE94AC0CFC4CDF352AC2D153A0957 ] C:\WINDOWS\System32\umb.dll
16:38:41.0034 0x0f54  C:\WINDOWS\System32\umb.dll - ok
16:38:41.0050 0x0f54  [ 3727F8B85E24BBDD325BFF75F029DDE3, 18772D32845D44D36A6257379942952B301CF8357B1C7A55387A4F2661CE3FBA ] C:\WINDOWS\System32\wlanmsm.dll
16:38:41.0050 0x0f54  C:\WINDOWS\System32\wlanmsm.dll - ok
16:38:41.0097 0x0f54  [ 41DFDCFCEF4878407AF1F6DCCA1CE905, A2EB1BAEDE62752C5705B37D0261D98CA65EA5A6FD6A94AFF1C73FF7D969D242 ] C:\WINDOWS\System32\WMALFXGFXDSP.dll
16:38:41.0097 0x0f54  C:\WINDOWS\System32\WMALFXGFXDSP.dll - ok
16:38:41.0097 0x0f54  [ 4662AF853DFAD5648CE3814E7D9EF3D6, 47AF7FAA6378FC1484521465EF3258E55530ADEF880454EA523B03B302166268 ] C:\WINDOWS\System32\wlansec.dll
16:38:41.0097 0x0f54  C:\WINDOWS\System32\wlansec.dll - ok
16:38:41.0128 0x0f54  [ 9B96F6952186336CC6E3D4E08BE2E0AF, B7DFB14DB60D84062B7E2A2293A4F3F5EF986108EF3C9C1E1CDC284F61981731 ] C:\WINDOWS\System32\dwmapi.dll
16:38:41.0128 0x0f54  C:\WINDOWS\System32\dwmapi.dll - ok
16:38:41.0144 0x0f54  [ B8CD57C8AAED177BFC12FBF03F5A1BE6, 9E76DAD6B5C841B497093AE31AB460FE3CDA8DBD8836B113297DB4BA3D6D6394 ] C:\WINDOWS\System32\nvsvcr.dll
16:38:41.0144 0x0f54  C:\WINDOWS\System32\nvsvcr.dll - ok
16:38:41.0175 0x0f54  [ B64AC7967D6B9FB2D6152AC768A1CB88, D4F46C3DCAE8A7578102961285BB90BFE1BDE31028CC56E2CEFE0DE8FF32FB85 ] C:\WINDOWS\System32\onex.dll
16:38:41.0175 0x0f54  C:\WINDOWS\System32\onex.dll - ok
16:38:41.0175 0x0f54  [ BF142D4F8C61ED3629A9CDD7BA867900, B7928A0143945CB5F19AE888BC1ED1B9C450807A5B8C65FDC139A46777B2827F ] C:\WINDOWS\System32\mfplat.dll
16:38:41.0175 0x0f54  C:\WINDOWS\System32\mfplat.dll - ok
16:38:41.0206 0x0f54  [ 8C8DCDA6E7834FC9268E6364F64DA167, 2495BC0B5D2BE574EC261DF4224321E569E45B207B7206D6077B12B1CC2A76E1 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CCB23839-D4EB-423F-9604-31045C5900CE}\mpasbase.vdm
16:38:41.0206 0x0f54  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CCB23839-D4EB-423F-9604-31045C5900CE}\mpasbase.vdm - ok
16:38:41.0237 0x0f54  [ 9D9FFC923FADBB575E0452EA0BBB15BD, 700A292EFEC71EDF2EF7F20D147F6E23E0FAA5BAF1D930CB96C40FC70D206D35 ] C:\WINDOWS\System32\eappprxy.dll
16:38:41.0237 0x0f54  C:\WINDOWS\System32\eappprxy.dll - ok
16:38:41.0253 0x0f54  [ 5D0FE613570CABE3992F7DBCD68E61D1, 68A6D6DA722E9A5120DE240194F9682ACBB485CEBDD8A6A099AE0E76359302B9 ] C:\WINDOWS\System32\eappcfg.dll
16:38:41.0253 0x0f54  C:\WINDOWS\System32\eappcfg.dll - ok
16:38:41.0284 0x0f54  [ 91D995A67D9447592A1BF21CBC15C628, B9C034997481150E3F6EB0EC83EA30AFE04CFF6B1273AC6EC6795C57DF853C64 ] C:\WINDOWS\System32\wlgpclnt.dll
16:38:41.0284 0x0f54  C:\WINDOWS\System32\wlgpclnt.dll - ok
16:38:41.0300 0x0f54  [ 19FFAD68A02AF1BF0BC336EE26CD6767, C3E6E79A1E6681CE988591F3CADB3F08E37ACAB2D8478A250D9D6881F6C716A6 ] C:\WINDOWS\System32\l2gpstore.dll
16:38:41.0300 0x0f54  C:\WINDOWS\System32\l2gpstore.dll - ok
16:38:41.0331 0x0f54  [ EB2170D0DDF3B2A92506AE16BC524B0B, 95E296024DC16657BA36DB72E7AB774C68A6F8029B2ACB18460FC50E44AE5DA9 ] C:\WINDOWS\System32\wlanutil.dll
16:38:41.0331 0x0f54  C:\WINDOWS\System32\wlanutil.dll - ok
16:38:41.0346 0x0f54  [ BE01E566D1F569AAB32D0335613E1EEA, 997B248BFBDB290206A8496722D6102903634EC0D397694569BC237A681C088F ] C:\WINDOWS\System32\dllhost.exe
16:38:41.0346 0x0f54  C:\WINDOWS\System32\dllhost.exe - ok
16:38:41.0378 0x0f54  [ 1E06779EDB55D035DD3F4A2B7432A291, 247E0A741C23D2C9CA1784CECF63211EA0D4ED924CDA866DAA6F51256230BB32 ] C:\WINDOWS\System32\msxml6.dll
16:38:41.0378 0x0f54  C:\WINDOWS\System32\msxml6.dll - ok
16:38:41.0393 0x0f54  [ 270337F977CE9DBFF114C0ADB666BC15, 945EAF571418DB2D8D2D8D18F9C66BD646BC6265C6D0752BC1CC7AEF6C5C0871 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CCB23839-D4EB-423F-9604-31045C5900CE}\mpasdlta.vdm
16:38:41.0393 0x0f54  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CCB23839-D4EB-423F-9604-31045C5900CE}\mpasdlta.vdm - ok
16:38:41.0424 0x0f54  [ 9474AD3584430D24DA87517F9DB0CBB2, 62AF2AD461E255B2B646F7462A7F2592BC7CE2FCAC980F09B5E8AC54F3C912D0 ] C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\comctl32.dll
16:38:41.0424 0x0f54  C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\comctl32.dll - ok
16:38:41.0440 0x0f54  [ AD00A8BD6E65B58E10AF96FD761813AE, DFA687539A81BC4DD208258AC38B30D5DFFC69415182999D49C303C47DBB5B9E ] C:\WINDOWS\System32\nvcpl.dll
16:38:41.0440 0x0f54  C:\WINDOWS\System32\nvcpl.dll - ok
16:38:41.0471 0x0f54  [ 73F5C13B431915BAE35254B4E95DFB71, 393A045859382C44133C004598B1512048046BCC129FED2247A77FDBFCDB6DFF ] C:\Program Files\AVAST Software\Avast\AvastSvc.exe
16:38:41.0471 0x0f54  C:\Program Files\AVAST Software\Avast\AvastSvc.exe - ok
16:38:41.0487 0x0f54  [ 3946A82CCD0F2086B3F4A909C05241C7, 10F04E8EAA4AEFED877028ABDFBF89A39DCEAEE401261D4ADBEC4A2F91A75910 ] C:\Program Files\AVAST Software\Avast\ashbase.dll
16:38:41.0487 0x0f54  C:\Program Files\AVAST Software\Avast\ashbase.dll - ok
16:38:41.0502 0x0f54  [ 6BC5FCEF351E4CB5A269C1E84B5A06DA, A5CAB1752E7AB7A37E1F8B943FBBDF6FACAFC228FF6D0321E61D2501D2653BB7 ] C:\WINDOWS\System32\netcfgx.dll
16:38:41.0502 0x0f54  C:\WINDOWS\System32\netcfgx.dll - ok
16:38:41.0518 0x0f54  [ E582816A4855914DEFFC212E12B3B744, B59C692FE8D19A2D9615D12C6026854C3467B25B3630183D766A32A9584C3115 ] C:\WINDOWS\System32\wsock32.dll
16:38:41.0518 0x0f54  C:\WINDOWS\System32\wsock32.dll - ok
16:38:41.0549 0x0f54  [ 0E135526E9785D085BCD9AEDE6FBCBF9, 75EEA7E5AE90D857B777361A0166F9A82E354F229FD5250AF8738364E6FB45DB ] C:\WINDOWS\System32\userinit.exe
16:38:41.0549 0x0f54  C:\WINDOWS\System32\userinit.exe - ok
16:38:41.0565 0x0f54  [ 1BA6666ED0C7B576088A36E911199033, AA36977AB3C3E06BDCED4A3E3D3A466F793F9858AFECE06B8B3818A363CF6DE8 ] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
16:38:41.0565 0x0f54  C:\Program Files\AVAST Software\Avast\aswCmnBS.dll - ok
16:38:41.0596 0x0f54  [ B57FD7DD0FAF85F737DC3D483A9D63BB, 6A34D5C7F63BF2B60F77A5BD52EC9704DBB58778F7403429C2D286FCFED3B2A0 ] C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
16:38:41.0596 0x0f54  C:\Program Files\AVAST Software\Avast\aswCmnIS.dll - ok
16:38:41.0612 0x0f54  [ 4BA25D2CBE1587A841DCFB8C8C4A6EA6, B30160E759115E24425B9BCDF606EF6EBCE4657487525EDE7F1AC40B90FF7E49 ] C:\WINDOWS\winsxs\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\msvcr110.dll
16:38:41.0612 0x0f54  C:\WINDOWS\winsxs\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\msvcr110.dll - ok
16:38:41.0643 0x0f54  [ D80C6539C00CB4F5D59066865479C308, 53AC27856FC65361FEA6FDF97A94ABEC530AB81113A64428E9F9F8618DCE6D4B ] C:\WINDOWS\System32\dwmredir.dll
16:38:41.0643 0x0f54  C:\WINDOWS\System32\dwmredir.dll - ok
16:38:41.0658 0x0f54  [ D07D4C3038F3578FFCE1C0237F2A1253, 135DD05678C8997B45982D77298DBDD98061C9D4FE43D77866846012EB061A04 ] C:\WINDOWS\explorer.exe
16:38:41.0658 0x0f54  C:\WINDOWS\explorer.exe - ok
16:38:41.0674 0x0f54  [ C99403A5B641520DAED0021DDA06F272, 5E337BDA9D4899A7102F35592766F24699F41BE27A18D0EDF4902B27BE9EA0AF ] C:\WINDOWS\System32\milcore.dll
16:38:41.0674 0x0f54  C:\WINDOWS\System32\milcore.dll - ok
16:38:41.0705 0x0f54  [ 3CED666BC61431DCD928E03ED4ABCAEA, C92FC8270B210566D4909032FFCA6D4D7332145120DEF8372C23B491BE128858 ] C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
16:38:41.0705 0x0f54  C:\Program Files\AVAST Software\Avast\aswCmnOS.dll - ok
16:38:41.0736 0x0f54  [ 3E29914113EC4B968BA5EB1F6D194A0A, C8D5572CA8D7624871188F0ACABC3AE60D4C5A4F6782D952B9038DE3BC28B39A ] C:\WINDOWS\winsxs\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\msvcp110.dll
16:38:41.0736 0x0f54  C:\WINDOWS\winsxs\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\msvcp110.dll - ok
16:38:41.0752 0x0f54  [ 7486BA75019D8C3A13EBA7867FAABE7D, 084A8973A9F7325241E156BD4D1218F732543C5707098F12273212B4E7A6BFE0 ] C:\Program Files\AVAST Software\Avast\avastIP.dll
16:38:41.0752 0x0f54  C:\Program Files\AVAST Software\Avast\avastIP.dll - ok
16:38:41.0768 0x0f54  [ 8D113C7490621FF50F9BA46C7D8C423E, 2DD3B7BBD1F849C1EE93AA3511D5D3673E5B554E06240A07EC5963BB7D7A33B6 ] C:\Program Files\AVAST Software\Avast\aswcommchannel.dll
16:38:41.0768 0x0f54  C:\Program Files\AVAST Software\Avast\aswcommchannel.dll - ok
16:38:41.0799 0x0f54  [ 8AAEEE8E59A70F37579993D118A34EE0, 9DC8618557B0D852EEA1163CF312EB68F8DF42486E4E76A74926CF99DB06AC92 ] C:\WINDOWS\System32\d3d9.dll
16:38:41.0799 0x0f54  C:\WINDOWS\System32\d3d9.dll - ok
16:38:41.0814 0x0f54  [ 77F8C2F976899F7656C5E34D145B13F2, C1D95B0BBE111420CE7A163E8AB90DA107BC5ADC44212EEF4CFE9D4722CC6FBC ] C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
16:38:41.0814 0x0f54  C:\Program Files\AVAST Software\Avast\aswEngLdr.dll - ok
16:38:41.0846 0x0f54  [ 167AC31450C0C53A01FA1491E94D7678, 951744503EF72C6D6DC49720C4E6E65DC1DBB9C8252C89FEE18B396E2ED67EA5 ] C:\WINDOWS\System32\shdocvw.dll
16:38:41.0846 0x0f54  C:\WINDOWS\System32\shdocvw.dll - ok
16:38:41.0861 0x0f54  [ E7FFA9306A4C10B22CA1F48B1BB72E05, 60A955ED7FEEC418C54FAF2E0C0F54216BC295074FA899114BCFF566D1D76C80 ] C:\Program Files\AVAST Software\Avast\avBugReport.exe
16:38:41.0861 0x0f54  C:\Program Files\AVAST Software\Avast\avBugReport.exe - ok
16:38:41.0892 0x0f54  [ E3AE23F5DFD42AE256EBDB0F3CA68D3E, 734B84DE8A8C610109839F42860DCBE662F825B4B6AD2A153150D6CBC3E0DD23 ] C:\WINDOWS\System32\nvd3dum.dll
16:38:41.0892 0x0f54  C:\WINDOWS\System32\nvd3dum.dll - ok
16:38:41.0908 0x0f54  [ 5C5E3AFD499E5146FEF1DA5EF8A23205, 9A26FFAFFB26FA6549C6DA75F76238A903CA723F9DAD356FBA8D91067FE312FD ] C:\Program Files\AVAST Software\Avast\dbghelp.dll
16:38:41.0908 0x0f54  C:\Program Files\AVAST Software\Avast\dbghelp.dll - ok
16:38:41.0924 0x0f54  [ CD6DA5770CAE9D5E6E86722E17B442E0, 9F0EE70460FFA43E869C3821F0AF6646D97E0F463A87B50B167ECAD44DF2E523 ] C:\WINDOWS\System32\d3d8thk.dll
16:38:41.0924 0x0f54  C:\WINDOWS\System32\d3d8thk.dll - ok
16:38:41.0955 0x0f54  [ 4504819D18FAC09B6108D8728467E5B2, 46736DE57B2A0592BE1DC53B337A607C8962C305F678E5899D5734D3D4630135 ] C:\WINDOWS\System32\browseui.dll
16:38:41.0955 0x0f54  C:\WINDOWS\System32\browseui.dll - ok
16:38:41.0970 0x0f54  [ 9EA93673394601DB13CF5519CF7F5DE7, 65727A233405EA4A8D8E48004B3A3025734B53BCA622503B747DDF8385A31E3C ] C:\Program Files\AVAST Software\Avast\1033\Base.dll
16:38:41.0970 0x0f54  C:\Program Files\AVAST Software\Avast\1033\Base.dll - ok
16:38:41.0986 0x0f54  [ 7A623F6B4C51F6F2BC1A31D5787FC0A7, 673A7F086251CC5CB6473BC392A7572566F58A11F4DE1B8D7B3C281A1A5AE11C ] C:\WINDOWS\System32\uDWM.dll
16:38:41.0986 0x0f54  C:\WINDOWS\System32\uDWM.dll - ok
16:38:42.0002 0x0f54  [ 10505F2B5A89B60971192505824A5EF3, D05CED486A0AEF2D36336AC0CC50F95D756DDD3A4BE741F88AEC8D43606186F4 ] C:\Program Files\AVAST Software\Avast\ssleay32.dll
16:38:42.0002 0x0f54  C:\Program Files\AVAST Software\Avast\ssleay32.dll - ok
16:38:42.0033 0x0f54  [ 2D44EBD52EC34E25DDA0EEE07032C418, FC2FFEF053CDAED588675E69A49AAA4202B2911C4462183AD70A8976C194FD05 ] C:\Program Files\AVAST Software\Avast\AavmRpch.dll
16:38:42.0033 0x0f54  C:\Program Files\AVAST Software\Avast\AavmRpch.dll - ok
16:38:42.0064 0x0f54  [ 0AA25A2F866FE94747B3EDE7FE9FAA77, D1C71E6CC8DBCD1D8770FEDD0DD281D0042978AE9A61A807CB44AB3A6A8DE8C8 ] C:\Program Files\AVAST Software\Avast\ashShell.dll
16:38:42.0064 0x0f54  C:\Program Files\AVAST Software\Avast\ashShell.dll - ok
16:38:42.0095 0x0f54  [ 401DFFDBBBD3F07C747ED1AE2BB88106, 596B0CDB80274D52BD631605FD74030DF1579AD7CF8CB209CB3983FEF3675114 ] C:\WINDOWS\System32\msi.dll
16:38:42.0095 0x0f54  C:\WINDOWS\System32\msi.dll - ok
16:38:42.0111 0x0f54  [ 62CC8C657AFFEA3D06FE2CA98883B5D8, BC7595D626C9D3F0769F90DC3DFF208FB807D8A20230B28EB3B9376D0D38952D ] C:\Program Files\AVAST Software\Avast\libeay32.dll
16:38:42.0111 0x0f54  C:\Program Files\AVAST Software\Avast\libeay32.dll - ok
16:38:42.0126 0x0f54  [ 14E4470BF8ACA69A85D741BA99F75F96, B9DA437B42D56FAF29EF8227A22D842A852F80D5611E114E27FC8A3864E6DEA5 ] C:\WINDOWS\System32\EhStorShell.dll
16:38:42.0126 0x0f54  C:\WINDOWS\System32\EhStorShell.dll - ok
16:38:42.0158 0x0f54  [ 111C47816F39A91EAAA18DA0A54E8E63, 6910253AA5DFD7E2656C65B7227E7D546648D6C55600552D79FA275D0331AA00 ] C:\WINDOWS\System32\imageres.dll
16:38:42.0158 0x0f54  C:\WINDOWS\System32\imageres.dll - ok
16:38:42.0173 0x0f54  [ 08578F3CA5365F896D90CE2BF97FD000, B081E6B39D69141B3AD31E127DA18756EBB68F47E649635D78D45B25EBDC2511 ] C:\WINDOWS\System32\IconCodecService.dll
16:38:42.0173 0x0f54  C:\WINDOWS\System32\IconCodecService.dll - ok
16:38:42.0189 0x0f54  [ BE37D90FA0349B08B036BD33E85141C9, D3BD67325C322CCE81B5C5130E46BCBACE516637F74E13EE6244190815DD4C0B ] C:\Program Files\AVAST Software\Avast\ashServ.dll
16:38:42.0189 0x0f54  C:\Program Files\AVAST Software\Avast\ashServ.dll - ok
16:38:42.0220 0x0f54  [ 29FE98D9412388243E41869143D1805B, 71CB5EE45086BF76597295C1677F9C84212ABBD1BA4BB37375A64EBB89FBEC46 ] C:\Program Files\AVAST Software\Avast\aswProperty.dll
16:38:42.0220 0x0f54  C:\Program Files\AVAST Software\Avast\aswProperty.dll - ok
16:38:42.0236 0x0f54  [ E4B7E7985CB75DE4E48E96D35A0DBF97, 07A2A8D51945B9C461738EC897269CE8746AC2980F7206FBA266D86BA4AB4E67 ] C:\Program Files\AVAST Software\Avast\ashTask.dll
16:38:42.0236 0x0f54  C:\Program Files\AVAST Software\Avast\ashTask.dll - ok
16:38:42.0251 0x0f54  [ 3211E20DA6C5EBE28CF7E4C3A55278E4, 304B5D66836B7797E6544A9996D635835A0CCBF061EB8C5537798A3B2D4C1CFF ] C:\Program Files\AVAST Software\Avast\aswAux.dll
16:38:42.0251 0x0f54  C:\Program Files\AVAST Software\Avast\aswAux.dll - ok
16:38:42.0282 0x0f54  [ 73FE2E5FA55088A241AA2732F5D387D6, EB8822FD08C0C85441BBE86FE55349BFE2D8297A042249B2934B44121D132CCB ] C:\WINDOWS\System32\wiarpc.dll
16:38:42.0282 0x0f54  C:\WINDOWS\System32\wiarpc.dll - ok
16:38:42.0298 0x0f54  [ 93541E4ED452A6B816A3C1595A7E01F0, B2EC0AACF315887211B0B4E2C12255D0E34B6FD8C4273EFAC5F322897355E872 ] C:\Program Files\AVAST Software\Avast\Aavm4h.dll
16:38:42.0298 0x0f54  C:\Program Files\AVAST Software\Avast\Aavm4h.dll - ok
16:38:42.0314 0x0f54  [ 44574EAFCDDA003A22E4DF3EA73840AF, DF7E7CEF8FB7A20C7BCDF3DBF841535EB596E1D015A6972CCD186A117E1BB033 ] C:\Program Files\AVAST Software\Avast\aswLog.dll
16:38:42.0314 0x0f54  C:\Program Files\AVAST Software\Avast\aswLog.dll - ok
16:38:42.0345 0x0f54  [ C30BEB2365677974EFA19B791E1AAD85, 17FCE54869DF45EDDA9989A9C0FBA4C94AF6F579EF78E6548E05ED20F8C0E849 ] C:\Program Files\AVAST Software\Avast\aswSqLt.dll
16:38:42.0345 0x0f54  C:\Program Files\AVAST Software\Avast\aswSqLt.dll - ok
16:38:42.0376 0x0f54  [ 95884E0E8EAE21F7DF7A8916A7E058CF, D9A76E7685408ADBBA755FB3DC39948799CEB330A8C774262733F09C27972F8B ] C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
16:38:42.0376 0x0f54  C:\Program Files\AVAST Software\Avast\ashTaskEx.dll - ok
16:38:42.0392 0x0f54  [ 5A9BD26D965F1E4DAC668C8F0C738FB7, 5359C2C8989C25195B3BE5B9F2FE5107F4860220AC16626F64AF2CCC606BC7CB ] C:\Program Files\AVAST Software\Avast\aswStrm.dll
16:38:42.0392 0x0f54  C:\Program Files\AVAST Software\Avast\aswStrm.dll - ok
16:38:42.0407 0x0f54  [ CA0B849566776A17F35F0339BE17DFD9, 527FFE08A427703F3620DB7C44E096A7F9D0C88AD1FD8F0623815B7E7D78687A ] C:\WINDOWS\System32\ktmw32.dll
16:38:42.0407 0x0f54  C:\WINDOWS\System32\ktmw32.dll - ok
16:38:42.0438 0x0f54  [ D0A95E567224B4C347CBDD6541E5D928, 6CF5AA0B5C48B783A8C300B95E8C75366BC0859B434ACBE5D334AC987462886E ] C:\WINDOWS\System32\wscisvif.dll
16:38:42.0438 0x0f54  C:\WINDOWS\System32\wscisvif.dll - ok
16:38:42.0454 0x0f54  [ 2A6A2C09ECC2CB495628E45F1379ECE8, 4E9232EB29AEA58C4EC5B505301F01F62EFB0C1BC5F8B5F9CE1B4C91284FD97D ] C:\WINDOWS\System32\taskcomp.dll
16:38:42.0454 0x0f54  C:\WINDOWS\System32\taskcomp.dll - ok
16:38:42.0485 0x0f54  [ A0F4852A5DB9754BEC06F84B400AE743, B233988541B738FC8082F6A286A88DE40679476D3914E9E541D75B89E451C476 ] C:\WINDOWS\System32\wscapi.dll
16:38:42.0485 0x0f54  C:\WINDOWS\System32\wscapi.dll - ok
16:38:42.0501 0x0f54  [ 68830DB22F858B7CE99AF9644C542E23, F91F7C4174A55E37D5C502FA398418422BBA3E8D2900F992A22B8C6E1780382B ] C:\Program Files\AVAST Software\Avast\defs\14070401\aswEngin.dll
16:38:42.0501 0x0f54  C:\Program Files\AVAST Software\Avast\defs\14070401\aswEngin.dll - ok
16:38:42.0516 0x0f54  [ 3D50C4B10352367D5CB20ED1F50F8DA2, 03C2732F2DF18CE8CC3CB9EBF2F811A2333C96D8BBC9111F6CCE15A09D8E63E6 ] C:\WINDOWS\System32\taskeng.exe
16:38:42.0516 0x0f54  C:\WINDOWS\System32\taskeng.exe - ok
16:38:42.0532 0x0f54  [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] C:\WINDOWS\System32\drivers\http.sys
16:38:42.0532 0x0f54  C:\WINDOWS\System32\drivers\http.sys - ok
16:38:42.0548 0x0f54  [ B11FDCA4410D6252964EF97F9A47DE74, 085EDBF22392265B35F0D8A73B1B5DFC0D1CEB4C3493F11361BF4CF6C2223FC5 ] C:\WINDOWS\System32\TSChannel.dll
16:38:42.0548 0x0f54  C:\WINDOWS\System32\TSChannel.dll - ok
16:38:42.0579 0x0f54  [ 782C8019C89920A77B1907AD3B4C8FF9, B38C1B9C022B2B2CCC860845ABC7CE2803A251477D07F1DE7B7F7AAB02376EDB ] C:\WINDOWS\System32\HotStartUserAgent.dll
16:38:42.0579 0x0f54  C:\WINDOWS\System32\HotStartUserAgent.dll - ok
16:38:42.0594 0x0f54  [ E5584546A9CBA7D9B9CCC9F20FC603B3, 59AF46153FD9AE10D94C6D3C63005A82A35ED3EAFFE1D67E52F65D7520AFC00D ] C:\Program Files\AVAST Software\Avast\defs\14070401\aswCmnIS.dll
16:38:42.0594 0x0f54  C:\Program Files\AVAST Software\Avast\defs\14070401\aswCmnIS.dll - ok
16:38:42.0610 0x0f54  [ 57125869A7B9638A5D11DD685AA65EB4, ADDEA7198DD1586D1D4E4DC1091369BC5702CED5E4FF8A0B42A06626D8DA28D7 ] C:\WINDOWS\System32\PlaySndSrv.dll
16:38:42.0610 0x0f54  C:\WINDOWS\System32\PlaySndSrv.dll - ok
16:38:42.0641 0x0f54  [ DB6BA64197E2C16916C32A16F379872B, F1700835E4797F7D46BDA9428A6911E98D0F4B105252D521BC113286C7FEC5E4 ] C:\Program Files\AVAST Software\Avast\defs\14070401\aswCmnOS.dll
16:38:42.0641 0x0f54  C:\Program Files\AVAST Software\Avast\defs\14070401\aswCmnOS.dll - ok
16:38:42.0657 0x0f54  [ E79FDA8D320147FDC347C504B3487F87, 7BAF7C9828A285875BCF92EF33E1F0F5A2ED8A25289333985A9428E2913DF3CC ] C:\WINDOWS\System32\spoolss.dll
16:38:42.0657 0x0f54  C:\WINDOWS\System32\spoolss.dll - ok
16:38:42.0672 0x0f54  [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] C:\WINDOWS\System32\drivers\srvnet.sys
16:38:42.0672 0x0f54  C:\WINDOWS\System32\drivers\srvnet.sys - ok
16:38:42.0704 0x0f54  [ 43E1054C713C48D252A1826C5E14AACA, 46B6A5011EC63F1B8DDC6A2BE013C2BBB59B81310644766C609CAAF4B9A18278 ] C:\WINDOWS\System32\MsCtfMonitor.dll
16:38:42.0704 0x0f54  C:\WINDOWS\System32\MsCtfMonitor.dll - ok
16:38:42.0719 0x0f54  [ F7075ED9BDDEA0939A22EF992D6B196D, E938C72BFEAEB37D26B37868608DDA91BC470B9F54879E4E5E3A42706FF5649F ] C:\Program Files\AVAST Software\Avast\defs\14070401\aswCmnBS.dll
16:38:42.0719 0x0f54  C:\Program Files\AVAST Software\Avast\defs\14070401\aswCmnBS.dll - ok
16:38:42.0750 0x0f54  [ C6DA42ADA0C5FC8CB05744229D632B47, 1C0FFD6B1CB0C72DF079F279E24243D2617F37D9DD5142140C3AB5AA3E4647BD ] C:\WINDOWS\System32\msutb.dll
16:38:42.0750 0x0f54  C:\WINDOWS\System32\msutb.dll - ok
16:38:42.0766 0x0f54  [ EE16F3E01C4A6C77383F1BBBD10AD6C2, 204BF3757B362EDBCEC29C0576B7F666D6B9422C72491F4C566B27D20F45A031 ] C:\WINDOWS\System32\FWPUCLNT.DLL
16:38:42.0766 0x0f54  C:\WINDOWS\System32\FWPUCLNT.DLL - ok
16:38:42.0766 0x0f54  [ 0928382FD5D6F0A8B2625986A0E305DA, 565308AB8BAC1FBD86B6514A985E942F602191C943F56AA408A9B16FF0298071 ] C:\Program Files\AVAST Software\Avast\defs\14070401\aswScan.dll
16:38:42.0766 0x0f54  C:\Program Files\AVAST Software\Avast\defs\14070401\aswScan.dll - ok
16:38:42.0797 0x0f54  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] C:\WINDOWS\System32\drivers\bowser.sys
16:38:42.0797 0x0f54  C:\WINDOWS\System32\drivers\bowser.sys - ok
16:38:42.0813 0x0f54  [ 56E6735F29BE7EA5512268A4E4E310FC, 8C5FA47DBFD2714E20FDBE650717BE467C103012D928C2FD65AC213F82B61A01 ] C:\Program Files\AVAST Software\Avast\defs\14070401\aswRep.dll
16:38:42.0813 0x0f54  C:\Program Files\AVAST Software\Avast\defs\14070401\aswRep.dll - ok
16:38:42.0828 0x0f54  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] C:\WINDOWS\System32\drivers\mpsdrv.sys
16:38:42.0828 0x0f54  C:\WINDOWS\System32\drivers\mpsdrv.sys - ok
16:38:42.0860 0x0f54  [ 5E32E7C5542D95E04E8ABE8B3F676D11, E1B5958ABE040C581A3B580F26372C7AC58A610877BB0C1D33A03D7C754AF172 ] C:\Program Files\AVAST Software\Avast\defs\14070401\aswFiDb.dll
16:38:42.0860 0x0f54  C:\Program Files\AVAST Software\Avast\defs\14070401\aswFiDb.dll - ok
16:38:42.0875 0x0f54  [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] C:\WINDOWS\System32\drivers\mrxdav.sys
16:38:42.0875 0x0f54  C:\WINDOWS\System32\drivers\mrxdav.sys - ok
16:38:42.0891 0x0f54  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] C:\WINDOWS\System32\MPSSVC.dll
16:38:42.0891 0x0f54  C:\WINDOWS\System32\MPSSVC.dll - ok
16:38:42.0922 0x0f54  [ 293C5CCD99D332ECC94637FEDA38D1F2, A220C2F2F2C2075B724EFBD15A3F354824859AE28C3A548E76306DD6AE1FB723 ] C:\WINDOWS\System32\TMM.dll
16:38:42.0922 0x0f54  C:\WINDOWS\System32\TMM.dll - ok
16:38:42.0938 0x0f54  [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] C:\WINDOWS\System32\drivers\mrxsmb.sys
16:38:42.0938 0x0f54  C:\WINDOWS\System32\drivers\mrxsmb.sys - ok
16:38:42.0953 0x0f54  [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] C:\WINDOWS\System32\drivers\mrxsmb10.sys
16:38:42.0953 0x0f54  C:\WINDOWS\System32\drivers\mrxsmb10.sys - ok
16:38:42.0969 0x0f54  [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] C:\WINDOWS\System32\drivers\mrxsmb20.sys
16:38:42.0984 0x0f54  C:\WINDOWS\System32\drivers\mrxsmb20.sys - ok
16:38:43.0000 0x0f54  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] C:\WINDOWS\System32\drivers\srv2.sys
16:38:43.0000 0x0f54  C:\WINDOWS\System32\drivers\srv2.sys - ok
16:38:43.0016 0x0f54  [ E50072916D828F4D83BD37CE30C2AE7A, FDD0836FDFF63061810BE8A4CC52D4709D267DFE30F3026125C29C2709B96EED ] C:\Program Files\AVAST Software\Avast\defs\14070401\algo.dll
16:38:43.0016 0x0f54  C:\Program Files\AVAST Software\Avast\defs\14070401\algo.dll - ok
16:38:43.0031 0x0f54  [ 0745D6EAD386710110817FBEC03F5161, FF725C5361087985973BA21DF9BD37B96377CB3305B8BBA99DD3368D440CEAD1 ] C:\WINDOWS\System32\wfapigp.dll
16:38:43.0031 0x0f54  C:\WINDOWS\System32\wfapigp.dll - ok
16:38:43.0047 0x0f54  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] C:\WINDOWS\System32\drivers\srv.sys
16:38:43.0047 0x0f54  C:\WINDOWS\System32\drivers\srv.sys - ok
16:38:43.0078 0x0f54  [ A324D72A06C110152E7607745F39BFA1, 7E33A108B090840FC98953358216A1D84C122D965E37B37335B0EF6152CA9FC0 ] C:\WINDOWS\System32\netmsg.dll
16:38:43.0078 0x0f54  C:\WINDOWS\System32\netmsg.dll - ok
16:38:43.0094 0x0f54  [ 452341E471D2D961229DFE0842957272, 43C3DEEFCD27F10DCFF81D8637EBDE5050ADC3E530A5DCC459D1CFF80BFD0067 ] C:\WINDOWS\System32\sscore.dll
16:38:43.0094 0x0f54  C:\WINDOWS\System32\sscore.dll - ok
16:38:43.0109 0x0f54  [ D333058925CE305E39DE8D5AD2B52A46, 29E40E6DCAB4F3559B34A848AEDA34B5D436C9167565856451028DE25A529EDF ] C:\WINDOWS\System32\clusapi.dll
16:38:43.0109 0x0f54  C:\WINDOWS\System32\clusapi.dll - ok
16:38:43.0140 0x0f54  [ 5F1DEC3824E566457F53F24F493FEF08, 8ED9B269E5195BD11FF7ED6EBBC19FA32027AD068DF357660C9E5084922329B5 ] C:\WINDOWS\System32\mscms.dll
16:38:43.0140 0x0f54  C:\WINDOWS\System32\mscms.dll - ok
16:38:43.0156 0x0f54  [ 6468C3FF6D0C7874FA8C619AF3E23B22, 2A8A01D5164453544A9DD1B850C24B82EFE6ACAABED56084B8A0388AC383802B ] C:\WINDOWS\System32\activeds.dll
16:38:43.0156 0x0f54  C:\WINDOWS\System32\activeds.dll - ok
16:38:43.0172 0x0f54  [ 4A1E806032413883BAF1E9A6047BC668, 4D8EA2B36B57C7ABF131193B9C23B1A7209A3464C2716C471C7F8C11E0FA9E62 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\ServiceModelEvents.dll
16:38:43.0172 0x0f54  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\ServiceModelEvents.dll - ok
16:38:43.0203 0x0f54  [ E9B9C1B98C8D6D48407E1C1203EAC659, A7B836B37935475E7D7277F9A7828E347B2EBD14958836499E5610AC5A922265 ] C:\WINDOWS\System32\adsldpc.dll
16:38:43.0203 0x0f54  C:\WINDOWS\System32\adsldpc.dll - ok
16:38:43.0218 0x0f54  [ 1311171CF8F6D2954441EF2A42693035, 516FFF8E8DCEE409EF525276EAEB62DB67BA63448D9ED4B53F412F70A587799C ] C:\WINDOWS\System32\WsmRes.dll
16:38:43.0218 0x0f54  C:\WINDOWS\System32\WsmRes.dll - ok
16:38:43.0234 0x0f54  [ E230F3776F373F4C5E788794B53101E4, 5E1B28C8A0EC67F1EC720AC7800021288A69B4E13C5DF3603EC4FCCDBE42DAFA ] C:\WINDOWS\System32\plasrv.exe
16:38:43.0234 0x0f54  C:\WINDOWS\System32\plasrv.exe - ok
16:38:43.0250 0x0f54  [ 93E317D7AD783D8EAEE2E3500BFE889D, 12D3ACCBF470E025EEBD77CF3407964950DADCF6991959A97B5319A9FAE219C1 ] C:\WINDOWS\System32\credui.dll
16:38:43.0250 0x0f54  C:\WINDOWS\System32\credui.dll - ok
16:38:43.0281 0x0f54  [ BDE89AB6F15F0093A2A7861D1FC413ED, CDD703B147DD2B49FB4DD3EF8E8E97A9496782462AF8D65AC70D3075E4E0514A ] C:\WINDOWS\System32\QAGENT.DLL
16:38:43.0281 0x0f54  C:\WINDOWS\System32\QAGENT.DLL - ok
16:38:43.0312 0x0f54  [ B9F3FF52B84FD9E3CAFB29B8EE385E5B, 3944E3C0FCD8E927A8A6470D8A603C96D298695AE62831DBE6DA656C5D74EC05 ] C:\WINDOWS\System32\resutils.dll
16:38:43.0312 0x0f54  C:\WINDOWS\System32\resutils.dll - ok
16:38:43.0328 0x0f54  [ 769D027B977CED05658C85E698D3C5B1, AD17B98BC2E2CEA59CC603264F171098AE77F16B7E9C61080F7E2DC50EE74637 ] C:\WINDOWS\System32\QUTIL.DLL
16:38:43.0328 0x0f54  C:\WINDOWS\System32\QUTIL.DLL - ok
16:38:43.0343 0x0f54  [ C411C80F90D6732380352B98B37BBD53, FC5A45F208072249CAA1CA9A602FEBAD24A87166628275AC15FE37B7EEF00A40 ] C:\WINDOWS\System32\winrnr.dll
16:38:43.0343 0x0f54  C:\WINDOWS\System32\winrnr.dll - ok
16:38:43.0359 0x0f54  [ 40947436A70E0034E41123DF5A0A7702, 5D40FD92DA5CA59C1BADB58AD509DB6A6D613F18660A9A270A53ECA85D34C3A9 ] C:\Program Files\Bonjour\mdnsNSP.dll
16:38:43.0359 0x0f54  C:\Program Files\Bonjour\mdnsNSP.dll - ok
16:38:43.0374 0x0f54  [ A7D525E5C0D91C8C1D84C6BCD25AD77D, BD3D51E302587E33901E5995367B6227743D2385F1420E12C712A62063150318 ] C:\WINDOWS\System32\rasadhlp.dll
16:38:43.0374 0x0f54  C:\WINDOWS\System32\rasadhlp.dll - ok
16:38:43.0406 0x0f54  [ A9542FF2E9A82CF100E5729EC79068F0, DE0E39246536BD63CC5DFF8CE9E379121126573AB284BAD3782E5B217239F858 ] C:\WINDOWS\System32\fltLib.dll
16:38:43.0406 0x0f54  C:\WINDOWS\System32\fltLib.dll - ok
16:38:43.0421 0x0f54  [ E693A3AC10F2FC6AA0DB865A04108022, D1286A49D82796831FE985E90CE35DCAB8A1DBCFFEF460CC9E5676730C693892 ] C:\Program Files\AVAST Software\Avast\AhResMai.dll
16:38:43.0421 0x0f54  C:\Program Files\AVAST Software\Avast\AhResMai.dll - ok
16:38:43.0437 0x0f54  [ 33EDF6CCC9DEB9E6EFD8D7FC423D6123, 272C775A6026CDD6A1E4FE7E6712E5BD39240C34929074AE0817FD9CD428A33E ] C:\Program Files\AVAST Software\Avast\AhResStd.dll
16:38:43.0437 0x0f54  C:\Program Files\AVAST Software\Avast\AhResStd.dll - ok
16:38:43.0468 0x0f54  [ 0ACFC95EE2AF5C5E568621D097CC4FA2, 99B94A7AAA24CFC276C518910FE69380A306AE435D7FE97BDF41D0B25E7F0A71 ] C:\Program Files\AVAST Software\Avast\AhResWS.dll
16:38:43.0468 0x0f54  C:\Program Files\AVAST Software\Avast\AhResWS.dll - ok
16:38:43.0484 0x0f54  [ 2122FEEF03BCB6CFE5C67483666B2A62, D4D8DA36518BD6BF338E5FB39EBB6F3851AC48CE6578B447BB1641637161526E ] C:\Program Files\AVAST Software\Avast\AhResWS2.dll
16:38:43.0484 0x0f54  C:\Program Files\AVAST Software\Avast\AhResWS2.dll - ok
16:38:43.0499 0x0f54  [ 17C0E094BEE5BC03CF491972F71AA6EF, 801E500A8B3C6DC7881E1C26AD3AFF4D105D5F2C8F58AFED84EF1A101F3AC10A ] C:\WINDOWS\System32\wlanapi.dll
16:38:43.0499 0x0f54  C:\WINDOWS\System32\wlanapi.dll - ok
16:38:43.0530 0x0f54  [ 8074FB74D7E599BAFEA3691DC1381E2F, 1690407E840CE567F7EA76B9826C7881486653847D5CC79701B1257414BCEEBE ] C:\Program Files\AVAST Software\Avast\ashmaisv.dll
16:38:43.0530 0x0f54  C:\Program Files\AVAST Software\Avast\ashmaisv.dll - ok
16:38:43.0546 0x0f54  [ E98E402067978DB38282158F9E8609CA, 63AA9BA292F5A62C0B6C668BE27E4B0BF1761CD5D961D405CAEDE2DC7C54A2E2 ] C:\WINDOWS\System32\netshell.dll
16:38:43.0546 0x0f54  C:\WINDOWS\System32\netshell.dll - ok
16:38:43.0562 0x0f54  [ 90EB173A54E28CA09B89D4AFDEBC2F1A, 3657D6E7BB40DAB75C2F06AA13C1EFB87EC1B9777792D821987162F30A1AA6AB ] C:\Program Files\AVAST Software\Avast\defs\14070401\exts.dll
16:38:43.0562 0x0f54  C:\Program Files\AVAST Software\Avast\defs\14070401\exts.dll - ok
16:38:43.0577 0x0f54  [ E67F6199A9AE98AB4A53150A6EB6DAC3, 1AD07FFF6249E381DB42C034509ECC3437A299239FBFFE7B235F0EE66B8978E6 ] C:\Program Files\AVAST Software\Avast\ashWebSv.dll
16:38:43.0577 0x0f54  C:\Program Files\AVAST Software\Avast\ashWebSv.dll - ok
16:38:43.0593 0x0f54  [ 0A990AFB9F2726323D61C8ECB8B70B17, 27BC7CBFFB211DE930C7FA97DCDCA783CC74987EDB5FC17D33C422E93BA91242 ] C:\WINDOWS\System32\security.dll
16:38:43.0593 0x0f54  C:\WINDOWS\System32\security.dll - ok
16:38:43.0624 0x0f54  [ C5164F0E10AAA9F38E90036FE9F3E99F, 7CCDF70DE476A6177F08F5A02B6CC3A100C6CDF6C146BEF9DAE77D3C3ACCD876 ] C:\Program Files\AVAST Software\Avast\ashWsFtr.dll
16:38:43.0624 0x0f54  C:\Program Files\AVAST Software\Avast\ashWsFtr.dll - ok
16:38:43.0640 0x0f54  [ 7D1F2AFE12BAFC4C18C5A0E3C6866E38, 29EB7EA1EFDF6048E6E2A82ED88C4F74777C88CCB6ED01818EE2CF3EB379EA11 ] C:\Program Files\Windows Defender\MpRtPlug.dll
16:38:43.0640 0x0f54  C:\Program Files\Windows Defender\MpRtPlug.dll - ok
16:38:43.0655 0x0f54  [ 8A38B5E8493A9D103083B8620AC5F3A1, E63EE1CF4DE179089F016B6D4598733B0536FE293B0E470D68368606E6ACEA24 ] C:\WINDOWS\System32\tdh.dll
16:38:43.0655 0x0f54  C:\WINDOWS\System32\tdh.dll - ok
16:38:43.0671 0x0f54  [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] C:\WINDOWS\System32\drivers\parport.sys
16:38:43.0671 0x0f54  C:\WINDOWS\System32\drivers\parport.sys - ok
16:38:43.0702 0x0f54  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
16:38:43.0702 0x0f54  C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
16:38:43.0718 0x0f54  [ 4D03CA609E68F4C90CF66515218017F8, CF420ACED0D810E1D75F6811DD986F2D9FDED2FBB8D61FC9A7024520C475FEBB ] C:\WINDOWS\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada\msvcr90.dll
16:38:43.0718 0x0f54  C:\WINDOWS\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada\msvcr90.dll - ok
16:38:43.0733 0x0f54  [ 3DEBBECF665DCDDE3A95D9B902010817, F56F4A7A36FAF5FC2306E108A24E75E13EE1F2D1002D9CB71E3327A55F8694CE ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:38:43.0733 0x0f54  C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
16:38:43.0764 0x0f54  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC, 372AF797353F9335915CD06D4076BAB8410775DCAF2DAC0593197D7C41BBFFB2 ] C:\WINDOWS\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
16:38:43.0764 0x0f54  C:\WINDOWS\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
16:38:43.0780 0x0f54  [ C9564CF4976E7E96B4052737AA2492B4, C3AC989C8489A23BB96400B1856F5325FFC67E844F04651EA5D61BC20A991C6D ] C:\WINDOWS\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
16:38:43.0780 0x0f54  C:\WINDOWS\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
16:38:43.0811 0x0f54  [ 848BC9A0BB2361E549FD4C22D7548FB8, 40D1B1DFE64A1FE256DEE7E911CD7D020F945E4E9D05C86609E7FB2880C2E3AA ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll
16:38:43.0811 0x0f54  C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
16:38:43.0827 0x0f54  [ 6D41F6AA35220E7A54543075B27E8F83, 3350373F3443954B4DABE39955FD9B3C7FC223B73CC1429793A920ED17FB8A06 ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll
16:38:43.0827 0x0f54  C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
16:38:43.0842 0x0f54  [ 6953E980ADCA0BE816C7FF463695499A, 86FF463C3997B790BC6CFE8D5605FE858BF0FF841A61481C8890C7EFCEE28351 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
16:38:43.0842 0x0f54  C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
16:38:43.0858 0x0f54  [ 0D75A1CFD1215875C8DD0BB9AFF4695C, A159D1827C2924FD67BBF30F4C380D4CFB77CB40656E503E38432B786AD3E68A ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
16:38:43.0858 0x0f54  C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
16:38:43.0874 0x0f54  [ 78865ABC5F5D13190F8B35BD9044714A, A16E0158129AE76AE459D9424D246C01ECECCC87A27C40D8DB0232330D2F5458 ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
16:38:43.0874 0x0f54  C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok
16:38:43.0905 0x0f54  [ FF9831030678C7B6D70BAC00F68F8976, BFA9DA98F93910B8FE09EA06F917AB1F5435FCE9F786EABDF1970E19B2C63FDC ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
16:38:43.0905 0x0f54  C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
16:38:43.0920 0x0f54  [ 5A963C340DE1A01BA6E24945CE05D16A, 0CC79B72D03621D6FA4E7A8F3B10125A531C1D19098189671FBE3687E3E70E33 ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
16:38:43.0920 0x0f54  C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok
16:38:43.0936 0x0f54  [ F4BC62990E7E5C29799A895B80FC3177, 57772AB986BA00B3C2730184D94A76E932CA94000119D0E63407F3DF9867238A ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
16:38:43.0936 0x0f54  C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
16:38:43.0967 0x0f54  [ 149D74E1128A86DC9CFB2851FBEA11EB, 95E2FF3379DEE729089CF85140C4D4C202B7FEFE239024D48DFFD5CB1E7415BC ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
16:38:43.0967 0x0f54  C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll - ok
16:38:43.0983 0x0f54  [ F6FD367C9EAAEDF90CD7A7952AE0B336, 65DF0688F18EC3DEC27E725DC3A2F0D656F321832BDFA45253C0933620214AAF ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
16:38:43.0983 0x0f54  C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok
16:38:44.0014 0x0f54  [ 1224BC6DE919F8CD8C1C945280E63852, 5A15E71CD3308F14C339749258C54AA6A0C956035389AC20AB4C577236E8142C ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
16:38:44.0014 0x0f54  C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
16:38:44.0030 0x0f54  [ 062373995EAE5F0EAC9EAA9192136BFB, 0392D5656BD677C4C5CB74C96E7B85B0867F2535A37950AEC7F5C4A1A70D19AE ] C:\WINDOWS\System32\dnssd.dll
16:38:44.0030 0x0f54  C:\WINDOWS\System32\dnssd.dll - ok
16:38:44.0045 0x0f54  [ 3BFBB5DAE801CB893B8B46345FED6437, 2C2B71C1294585265D4871E74F17541500CA20DE34AC516F2A906DD81964C833 ] C:\WINDOWS\System32\drivers\aswHwid.sys
16:38:44.0045 0x0f54  C:\WINDOWS\System32\drivers\aswHwid.sys - ok
16:38:44.0061 0x0f54  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] C:\Program Files\Bonjour\mDNSResponder.exe
16:38:44.0061 0x0f54  C:\Program Files\Bonjour\mDNSResponder.exe - ok
16:38:44.0092 0x0f54  [ 0CEA2D0D3FA284B85ED5B68365114F76, E6FF0EC98FDC3F628438B613C356C237E68686E3B5B17A58A60C16F4B9A2B968 ] C:\WINDOWS\System32\drivers\mdmxsdk.sys
16:38:44.0092 0x0f54  C:\WINDOWS\System32\drivers\mdmxsdk.sys - ok
16:38:44.0092 0x0f54  [ AD48183027CAFCEBC322CB9CAC60F9B8, 08ABF5E3E8ABAFEC30C97B59711DB1094A1A7C515B161856547FEFF95397C4B6 ] C:\WINDOWS\System32\WSDApi.dll
16:38:44.0092 0x0f54  C:\WINDOWS\System32\WSDApi.dll - ok
16:38:44.0123 0x0f54  [ E7D0F91E44D9D3B2116FA549BDCDB756, 96363C567D7BAE7F8D3DE763AF84A1DDD6F2B0B7C790FD1CC3D5D0197E64868F ] C:\WINDOWS\System32\wdscore.dll
16:38:44.0123 0x0f54  C:\WINDOWS\System32\wdscore.dll - ok
16:38:44.0139 0x0f54  [ 905B5BF5BE0A86E8412801BF20357195, 0E46D37F9B13110009BCE7315A27E07C98E2D41974793DA9B39B84841E1C0673 ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll
16:38:44.0139 0x0f54  C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
16:38:44.0154 0x0f54  [ 2E14406E05789F91C9282AE7CFCA3A07, BDB403FC7EDDF5B3F24F1E8232C6EEFE888C5D72A819567EEA73D0AF7D511095 ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
16:38:44.0154 0x0f54  C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok
16:38:44.0186 0x0f54  [ F86293D93760C70ADF4F19E66E3FA5E8, 444C1B9321D40A0EAB29BBBE72E400A47384D5ED60531441F7D0CDDFFB0244D2 ] C:\WINDOWS\System32\httpapi.dll
16:38:44.0186 0x0f54  C:\WINDOWS\System32\httpapi.dll - ok
16:38:44.0201 0x0f54  [ 17FC3EDA0162F513E858B8C8FA7FA6E0, 6A1EE9DA1AB4A038258B6343E28C6F288AAFBBF3075C88BFBADB98C763F906AC ] C:\WINDOWS\System32\vssapi.dll
16:38:44.0201 0x0f54  C:\WINDOWS\System32\vssapi.dll - ok
16:38:44.0217 0x0f54  [ 4EDA94333BDB75B1BC0A7610BED34F00, 093FBB55253B8B4168D64DC0518D812C90D6BCFBB2DFA5A441BF339F3634FF84 ] C:\WINDOWS\System32\fundisc.dll
16:38:44.0232 0x0f54  C:\WINDOWS\System32\fundisc.dll - ok
16:38:44.0248 0x0f54  [ 52E129522C1775DBB8CC252E7A0655C7, 5A3946551605380998FB83EBF6DC88279876F968754A0DFB9D5D91C906228E2A ] C:\WINDOWS\System32\taskschd.dll
16:38:44.0248 0x0f54  C:\WINDOWS\System32\taskschd.dll - ok
16:38:44.0264 0x0f54  [ A7DDDDE163F16AB49DF3DE9EEC715495, 00F83712F55C4B54F5B54595CDA2BCCDFCB72F0B31EED8274F87232106995EA6 ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
16:38:44.0264 0x0f54  C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
16:38:44.0279 0x0f54  [ D0D44370770D491E6BA472C855883422, 53DF6D40663F5FDF0C20D5561C64CC6C25876593C74F34B6275FA215BFA7CE44 ] C:\WINDOWS\System32\msxml3.dll
16:38:44.0279 0x0f54  C:\WINDOWS\System32\msxml3.dll - ok
16:38:44.0310 0x0f54  [ 1DFC366D2154EF2B381A7F2CB165C7F4, BE21632FD644AEFD6B608E7098F73705F82B65CBFD0FCE93C0AF2BF9DE02E063 ] C:\WINDOWS\System32\diagperf.dll
16:38:44.0310 0x0f54  C:\WINDOWS\System32\diagperf.dll - ok
16:38:44.0326 0x0f54  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] C:\WINDOWS\System32\drivers\PEAuth.sys
16:38:44.0326 0x0f54  C:\WINDOWS\System32\drivers\PEAuth.sys - ok
16:38:44.0342 0x0f54  [ DC3AE9F1554DCD97F90983DDBDACD83D, 9D3B4E273FDDA77B5B8A258525FA44616C184E58CE1312B47512AAAD5915E073 ] C:\WINDOWS\System32\vsstrace.dll
16:38:44.0342 0x0f54  C:\WINDOWS\System32\vsstrace.dll - ok
16:38:44.0357 0x0f54  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] C:\WINDOWS\System32\IPSECSVC.DLL
16:38:44.0357 0x0f54  C:\WINDOWS\System32\IPSECSVC.DLL - ok
16:38:44.0373 0x0f54  [ 71B479749F0F52C4FEC726C6FFA2CE1C, ED0F1D94620696941E9633F55AC4130EFBDA3B883CA356BB34D268F4FC7F94F1 ] C:\WINDOWS\System32\cryptnet.dll
16:38:44.0373 0x0f54  C:\WINDOWS\System32\cryptnet.dll - ok
16:38:44.0404 0x0f54  [ EC760B0B76A4353DE49D66520EB2141F, ADBF30D100D3837C35695B1ABE3E7EB03FD6B9200B9C1C337325D9E0A3A3ACE4 ] C:\WINDOWS\System32\SensApi.dll
16:38:44.0404 0x0f54  C:\WINDOWS\System32\SensApi.dll - ok
16:38:44.0420 0x0f54  [ F4D9ED6BD74AD7CC0BEC83C43A1CB76B, 18F167DEC8464AC42B9C7C2C69638D812C1C2CF867DBF3E833F4B880C26BD1D2 ] C:\WINDOWS\System32\ncsi.dll
16:38:44.0420 0x0f54  C:\WINDOWS\System32\ncsi.dll - ok
16:38:44.0435 0x0f54  [ 42608AE9AF2641EE473A1797C25CFFC2, 64FCAEDFAE7B530522A630BD41880180C3B5D78924DF80DC54862A0D666EBA5F ] C:\WINDOWS\System32\FwRemoteSvr.dll
16:38:44.0435 0x0f54  C:\WINDOWS\System32\FwRemoteSvr.dll - ok
16:38:44.0466 0x0f54  [ 1A09CB187440993FA5E24DE1EEB7B916, DE0ABF6A3D7AD303A10E2E114EAA0E8F064EF5298270FC9548028010DBE4FFAC ] C:\WINDOWS\System32\cfgmgr32.dll
16:38:44.0466 0x0f54  C:\WINDOWS\System32\cfgmgr32.dll - ok
16:38:44.0482 0x0f54  [ 21322832C99E8DE85BD047689A2A69DB, EDEA0659E65AD8C081BDF82A8AFF0999E7DD3B31F2AB0FBCEDDAEE893E90B9EB ] C:\WINDOWS\System32\pnpts.dll
16:38:44.0482 0x0f54  C:\WINDOWS\System32\pnpts.dll - ok
16:38:44.0498 0x0f54  [ 01BCD91CC2B0EFDA4890F547010750BD, 34B99B58AC2CEC8EF089C9B82D3ADEAD721B32B5F884399E8A9D2252B8AB5C02 ] C:\WINDOWS\System32\ssdpapi.dll
16:38:44.0498 0x0f54  C:\WINDOWS\System32\ssdpapi.dll - ok
16:38:44.0513 0x0f54  [ 72F1789EBA824BB977DB83B0A0B57B26, 829F5A160D81FA99204CC29CA14F49157B7E955A603DA78B2F80C948ACF24162 ] C:\WINDOWS\System32\whealogr.dll
16:38:44.0513 0x0f54  C:\WINDOWS\System32\whealogr.dll - ok
16:38:44.0544 0x0f54  [ C6FD3425B1ADD739B95DC4D661FF4DD3, 310C99B78305F9A0E33C7108477734D81DD9F7AA3C6FB6B735FD19CE939EDB10 ] C:\WINDOWS\System32\PresentationSettings.exe
16:38:44.0544 0x0f54  C:\WINDOWS\System32\PresentationSettings.exe - ok
16:38:44.0560 0x0f54  [ 8BA9851E671E8B5E49E303748FFD530C, A2CBF71C3449BA71739E9E805D2EB9F9242AD9D839AF5B4C4F7ADC00C239FB38 ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
16:38:44.0560 0x0f54  C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
16:38:44.0576 0x0f54  [ 2080DCEBE27D92F29AAB5FCFF77613A2, EBBBB3E92B01F1F1FF6330AFFA7D8C281AB5BB9AEE1C900F5CF1AAF1E6813E42 ] C:\Program Files\AVAST Software\Avast\setup\instup.exe
16:38:44.0576 0x0f54  C:\Program Files\AVAST Software\Avast\setup\instup.exe - ok
16:38:44.0607 0x0f54  [ 5E33C164DC7FA74728D8A83036C438BB, E8E19F3A8D2E91393146FB672478E3DB4F9AF8E87CD8C723B4AF0DBF16E32BB6 ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
16:38:44.0607 0x0f54  C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok
16:38:44.0622 0x0f54  [ 1A83FADD95E6C9B759DB861616604D44, 9C3C3CB3F2A36E3483AAEDE6C6286690C38C7C124E98289B2D6A723FE78A32EC ] C:\Program Files\AVAST Software\Avast\setup\Instup.dll
16:38:44.0622 0x0f54  C:\Program Files\AVAST Software\Avast\setup\Instup.dll - ok
16:38:44.0654 0x0f54  [ A352113489E1330E1670BF052BC7620A, 4D09327E6E118F4BF632C1BF772291CDADA16F672BF426D506C11955810EA96D ] C:\Program Files\AVAST Software\Avast\defs\14070401\aswAR.dll
16:38:44.0654 0x0f54  C:\Program Files\AVAST Software\Avast\defs\14070401\aswAR.dll - ok
16:38:44.0669 0x0f54  [ 17E0BEF5CA5C9CE52CC8082AC6EBC449, F05A32DA0A62144AAE78A3A9173F21F52FAED4E39F9250B3E1B11066760B2576 ] C:\Program Files\CyberLink\Shared Files\RichVideo.exe
16:38:44.0669 0x0f54  C:\Program Files\CyberLink\Shared Files\RichVideo.exe - ok
16:38:44.0685 0x0f54  [ 81D5C2D6232FCDBC7916AF659B12C8B7, F70F355E75AE0F1674BC31F743BD6D6B11DF90D37B5F6E19032ADCAD88FF6AE5 ] C:\Program Files\AVAST Software\Avast\defs\14070401\aswRawFS.dll
16:38:44.0685 0x0f54  C:\Program Files\AVAST Software\Avast\defs\14070401\aswRawFS.dll - ok
16:38:44.0700 0x0f54  [ 80BD4B26E2CBC0D65445D0463DFF6FC2, 3C36ACAABF7D0EE528424599E151DC9D19A1D2D50E97CAA141E427774F11076D ] C:\WINDOWS\System32\oledlg.dll
16:38:44.0700 0x0f54  C:\WINDOWS\System32\oledlg.dll - ok
16:38:44.0732 0x0f54  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] C:\WINDOWS\System32\drivers\secdrv.sys
16:38:44.0732 0x0f54  C:\WINDOWS\System32\drivers\secdrv.sys - ok
16:38:44.0747 0x0f54  [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] C:\WINDOWS\System32\drivers\tcpipreg.sys
16:38:44.0747 0x0f54  C:\WINDOWS\System32\drivers\tcpipreg.sys - ok
16:38:44.0763 0x0f54  [ 428FF21418ADCD6FAD6189CD9520A67B, E9021A9B74AC6C4F7317704DF6A66B1A5C3D05DD2535989942005D638340010D ] C:\WINDOWS\System32\wiatrace.dll
16:38:44.0763 0x0f54  C:\WINDOWS\System32\wiatrace.dll - ok
16:38:44.0794 0x0f54  [ 4DBA143F06BAD1DF935CB9603140CF2A, DE2D3A13993046CCC7691C9614702DCBC43C788282A2B722A8F3F4829281BC1A ] C:\WINDOWS\System32\wsdchngr.dll
16:38:44.0794 0x0f54  C:\WINDOWS\System32\wsdchngr.dll - ok
16:38:44.0810 0x0f54  [ 351FA1DF82CFFDEDA801604246E63E95, AD030032C0C4C0E2A8EEDA3E45338BE7DFD75AED330EBC266183C49687E7A3D0 ] C:\WINDOWS\System32\icaapi.dll
16:38:44.0810 0x0f54  C:\WINDOWS\System32\icaapi.dll - ok
16:38:44.0825 0x0f54  [ 5144AE67D60EC653F97DDF3FEED29E77, F6238767284B2356A9F502E2ACCFAAC283FA13CBF238E98B5115A55179526B10 ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
16:38:44.0825 0x0f54  C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE - ok
16:38:44.0856 0x0f54  [ 74B8C2EA72D43727142D12397D5A49F9, 37E8858211D7BF9DE90CBD22863B18A939C43BA64CAD06229E994A417BD46B0D ] C:\WINDOWS\System32\wbemcomn.dll
16:38:44.0856 0x0f54  C:\WINDOWS\System32\wbemcomn.dll - ok
16:38:44.0872 0x0f54  [ 1F18B9EA1BBFF033413414C3BEA13AD6, EC549203DD16A70F3275500CF1754198FDD4F619A0EC973FF8D4A9934DAACE6B ] C:\WINDOWS\System32\wbem\WinMgmtR.dll
16:38:44.0872 0x0f54  C:\WINDOWS\System32\wbem\WinMgmtR.dll - ok
16:38:44.0888 0x0f54  [ 5EB87BA0B93CA7E894FC8002E3CE4C2A, 3736FA95578D4833CDC2BDEE10CBBEAC6B4D4A8E3D89E50E8723BBA312FFE4F5 ] C:\Program Files\Common Files\microsoft shared\Windows Live\SQMAPI.DLL
16:38:44.0888 0x0f54  C:\Program Files\Common Files\microsoft shared\Windows Live\SQMAPI.DLL - ok
16:38:44.0919 0x0f54  [ 2205A220A264E8C8B86492BF3D112907, F3B702AE3242B8910260F2649D8B387B07AF8830FF5F495B6F713FCABD26A4E9 ] C:\WINDOWS\System32\PortableDeviceApi.dll
16:38:44.0919 0x0f54  C:\WINDOWS\System32\PortableDeviceApi.dll - ok
16:38:44.0934 0x0f54  [ DEDBE54276F8DAAD04C46299485FEFBF, 418190EBC5D0CAE41EC006A93084D1BEED20FEBFFE9F371EC020E6F63636AEAE ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
16:38:44.0934 0x0f54  C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
16:38:44.0950 0x0f54  [ 6D84FB1AFD4B6B0724CACF46B107045D, 3032418BD28B28734D0E52EEF3AFB08F934A4AA6C7212C20513E2FF9C53B1332 ] C:\ProgramData\Microsoft\IdentityCRL\production\wlidui.dll
16:38:44.0950 0x0f54  C:\ProgramData\Microsoft\IdentityCRL\production\wlidui.dll - ok
16:38:44.0981 0x0f54  [ B53BD9E63867CD9FD853F666CA172713, 08951AC63A257696F5F1FC79137C3FFBF0972B9AE43BD4BE02C2CACB9176C3DA ] C:\WINDOWS\System32\PortableDeviceConnectApi.dll
16:38:44.0981 0x0f54  C:\WINDOWS\System32\PortableDeviceConnectApi.dll - ok
16:38:44.0997 0x0f54  [ DEB9D08750423069647C3A066CEC7A1B, 5570DF2EFB4D3B6BD2F8839F8FDB89C107424F9C3113238A34F3384285AB940F ] C:\WINDOWS\System32\tquery.dll
16:38:44.0997 0x0f54  C:\WINDOWS\System32\tquery.dll - ok
16:38:45.0012 0x0f54  [ 218B73EA8341EA9FDF018D43052E790A, 35696A2107490EB6E81A442CBE0F3DE36DBED103A0A18677F2686DB2A157FE3C ] C:\WINDOWS\System32\mssrch.dll
16:38:45.0012 0x0f54  C:\WINDOWS\System32\mssrch.dll - ok
16:38:45.0028 0x0f54  [ 4934241CD20AC87D78121352E3BA8318, DACD7A7E0A41B011AD306972876568F27CDCF064EDFF71024BC0D4B595B666A7 ] C:\WINDOWS\System32\dbghelp.dll
16:38:45.0028 0x0f54  C:\WINDOWS\System32\dbghelp.dll - ok
16:38:45.0059 0x0f54  [ DAB33CFA9DD24251AAA389FF36B64D4B, 1C5D7C3D6C3552BDD52EB7E76031746D7DAAF64CA2432CC23329DA72BE7252D0 ] C:\WINDOWS\System32\drivers\XAudio.sys
16:38:45.0059 0x0f54  C:\WINDOWS\System32\drivers\XAudio.sys - ok
16:38:45.0075 0x0f54  [ AAB5FEAABF4CB6F76D794203831C8D94, 2E773665AEC22EAE334F4123F1B1D183790FA165E54C126246E32B8DAB4CD67F ] C:\WINDOWS\System32\msidle.dll
16:38:45.0075 0x0f54  C:\WINDOWS\System32\msidle.dll - ok
16:38:45.0106 0x0f54  [ 8D78BA30DB4AE040A52EDEE725782715, 15099FC7A90B2E8D718D46E02D56026D56B3F043124C3455E79B7B44A027DD11 ] C:\WINDOWS\System32\actxprxy.dll
16:38:45.0106 0x0f54  C:\WINDOWS\System32\actxprxy.dll - ok
16:38:45.0122 0x0f54  [ B458B58F7BB97C48D01AC3CF5805AAAC, C72F88E1CF47B3645177E8CC78E3AE3D098E6401EF7EF598E4C02F75A466B78C ] C:\WINDOWS\System32\Query.dll
16:38:45.0122 0x0f54  C:\WINDOWS\System32\Query.dll - ok
16:38:45.0137 0x0f54  [ BADC359C9A0D9C217B7E8DA17BF3F5BB, F3DAD07D80FFF1631AE21C66362757263BD9D6D2D6DE692A618191F84EE46827 ] C:\WINDOWS\System32\ntshrui.dll
16:38:45.0137 0x0f54  C:\WINDOWS\System32\ntshrui.dll - ok
16:38:45.0153 0x0f54  [ D922592AB65C5D9B88B30B4510A3464E, E6226CFD77C6DDAE5737C4CC6F8B347DF474CF8DFD93E32ABE6AE63D9AB0A586 ] C:\WINDOWS\System32\cscapi.dll
16:38:45.0153 0x0f54  C:\WINDOWS\System32\cscapi.dll - ok
16:38:45.0168 0x0f54  [ 8F58544719E1C435BC36A8B207096581, 8C228AA8EAE056B7E149C520D636F6B2AC2144F23211E2F2634148264484F150 ] C:\WINDOWS\System32\verclsid.exe
16:38:45.0168 0x0f54  C:\WINDOWS\System32\verclsid.exe - ok
16:38:45.0184 0x0f54  [ CD5F291A1161F15896D1A4D63DAFF5DF, 4F30DC454F255249431FCD14DE17858A79A088A4084F2CEDD0CF25382D427285 ] C:\WINDOWS\System32\drivers\XAudio.exe
16:38:45.0184 0x0f54  C:\WINDOWS\System32\drivers\XAudio.exe - ok
16:38:45.0215 0x0f54  [ BF7E4D6F60A6D9E866432855C6F8C262, 6E99AA4BD3867867C6DE1B37F0EA8A1332190D23CD72752889B7A5C90DDC610F ] C:\WINDOWS\System32\sqmapi.dll
16:38:45.0215 0x0f54  C:\WINDOWS\System32\sqmapi.dll - ok
16:38:45.0231 0x0f54  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] C:\WINDOWS\System32\netprofm.dll
16:38:45.0231 0x0f54  C:\WINDOWS\System32\netprofm.dll - ok
16:38:45.0246 0x0f54  [ DFCAB29E8FD38F95650CC1E203E8D318, 96B444CF2FA218447A29BC5BF4308E3A5A47203555A460E79056EE6AC4875F9A ] C:\WINDOWS\System32\npmproxy.dll
16:38:45.0246 0x0f54  C:\WINDOWS\System32\npmproxy.dll - ok
16:38:45.0278 0x0f54  [ 64B9B821CA1A2AB37E3780D743A29AEB, 4A2B438A913CACCA2BDC5C700D0429889B019943E0DD14B4424917F973E37E64 ] C:\Program Files\AVAST Software\Avast\aswjsscan.dll
16:38:45.0278 0x0f54  C:\Program Files\AVAST Software\Avast\aswjsscan.dll - ok
16:38:45.0293 0x0f54  [ FEA6D21F78922D641A0C9346D885133B, 258B920BFA67A5F5A85A455EC7CCF18119C786F94A708087F09F3B5660CD783C ] C:\WINDOWS\System32\mssprxy.dll
16:38:45.0293 0x0f54  C:\WINDOWS\System32\mssprxy.dll - ok
16:38:45.0309 0x0f54  [ F0062778F50838145AC46B384FFB4FA3, 7EC4509AB87062D2BA00E3B7AD59F3D6D2F01AF66E4AEFB70BFAFD1B89E7BFEF ] C:\WINDOWS\System32\pcadm.dll
16:38:45.0309 0x0f54  C:\WINDOWS\System32\pcadm.dll - ok
16:38:45.0340 0x0f54  [ A952D0DED445F26AEFCF593A935AB300, 3A5D7D33D6445B146C9F1ABAE7A705EB53E5C4800CE3F04A9392C42E0D9ECBBD ] C:\WINDOWS\System32\hnetcfg.dll
16:38:45.0340 0x0f54  C:\WINDOWS\System32\hnetcfg.dll - ok
16:38:45.0356 0x0f54  [ 30F0DC266B46118E9FBCF5B2A30EB1DB, 72C59BBD1590EAD91D92C07B3434BE308639CE773E8A2E72751E5396B4B10BA5 ] C:\WINDOWS\System32\wbem\wbemprox.dll
16:38:45.0356 0x0f54  C:\WINDOWS\System32\wbem\wbemprox.dll - ok
16:38:45.0371 0x0f54  [ 8E8D82756F3DDC86D53651E3FB432B9D, A99A1A7334BAE818D40E8323DBBC01BC66860D7005CDFFCF0BE84025FFBF0AEC ] C:\Program Files\AVAST Software\Avast\aswPatchMgt.dll
16:38:45.0371 0x0f54  C:\Program Files\AVAST Software\Avast\aswPatchMgt.dll - ok
16:38:45.0402 0x0f54  [ 997C9110D0D9F739D75B75AFF596C4EC, 2A9FE5E30F1BD60C2254367DD7C696EB803DAE328BD7F341AD86C44B09C969CF ] C:\Program Files\AVAST Software\Avast\defs\14070401\swhealthex.dll
16:38:45.0402 0x0f54  C:\Program Files\AVAST Software\Avast\defs\14070401\swhealthex.dll - ok
16:38:45.0418 0x0f54  [ 3192ED5E2FFDF5B630541B9643AE1AA3, 5F2A25A3B49E312D39CFD5C3D9E058AC3807016A09458F991894FABEFE029A56 ] C:\WINDOWS\System32\upnp.dll
16:38:45.0418 0x0f54  C:\WINDOWS\System32\upnp.dll - ok
16:38:45.0434 0x0f54  [ FC1EEE57EB9CD57279D70BA2A9131C38, 3154EF4F545CE40C7C67B8D5A4DF23D37B2A6F0CA8C5EC656CF81D96A7BE3CE9 ] C:\WINDOWS\System32\wbem\wbemcore.dll
16:38:45.0434 0x0f54  C:\WINDOWS\System32\wbem\wbemcore.dll - ok
16:38:45.0449 0x0f54  [ C10E13721B0AAEBEB5EBA914F1D18181, D30BA6FF257A840D67BFA6AF332ADBDC0E79C70EDCEFB10FAACD7071FB431458 ] C:\WINDOWS\System32\wbem\esscli.dll
16:38:45.0449 0x0f54  C:\WINDOWS\System32\wbem\esscli.dll - ok
16:38:45.0480 0x0f54  [ BC5A34B6A14C93BF04E3F4E8EA57090A, 55F71740FBA3A079B81A045C81088C39176D44358ED28F568C198F338400E017 ] C:\WINDOWS\System32\wbem\fastprox.dll
16:38:45.0480 0x0f54  C:\WINDOWS\System32\wbem\fastprox.dll - ok
16:38:45.0496 0x0f54  [ 9A6A653ADF28D9D69670B48F535E6B90, 72351645184693A879CFF7FD171A182F24B7F72EA313E8D42F2744D0421FE188 ] C:\WINDOWS\System32\runonce.exe
16:38:45.0496 0x0f54  C:\WINDOWS\System32\runonce.exe - ok
16:38:45.0512 0x0f54  [ DB0F37DBA4C245C61E5936DDBDE62438, 2DB2979BAF792DA74584E380055F233B9CEF51BCBF992CA84A79AD81A23C1663 ] C:\WINDOWS\System32\wbem\wbemsvc.dll
16:38:45.0512 0x0f54  C:\WINDOWS\System32\wbem\wbemsvc.dll - ok
16:38:45.0543 0x0f54  [ C8DBFEF835FF54467425C8F3ABCF7046, F9F20D4AD8144B17F53927AF4D901092B2047E1C4300620B6B31232703304356 ] C:\WINDOWS\System32\dssenh.dll
16:38:45.0543 0x0f54  C:\WINDOWS\System32\dssenh.dll - ok
16:38:45.0558 0x0f54  [ 2C3B09E586BDA2CC49A292BE7BADC589, E8AA356380E11A75DA0B51DA9C8BD9D3EA05885206AB9D4D1A69A96D8E9777AE ] C:\WINDOWS\System32\wbem\wmiutils.dll
16:38:45.0558 0x0f54  C:\WINDOWS\System32\wbem\wmiutils.dll - ok
16:38:45.0574 0x0f54  [ 834933F16EA839AC5AC7CBF88638DF27, 5A91A23ACD760F81E4DF7976DE1FA27E80EF8D35B680EEC859E08AF9588ACBE4 ] C:\WINDOWS\System32\wbem\repdrvfs.dll
16:38:45.0574 0x0f54  C:\WINDOWS\System32\wbem\repdrvfs.dll - ok
16:38:45.0605 0x0f54  [ B8A21907FE2F1A113F3487D9AB60BEF9, 00BC900F04C2594E177A5C13CF613194926292FF92A2E5320E98AFD94A9524D0 ] C:\WINDOWS\System32\en-US\tquery.dll.mui
16:38:45.0605 0x0f54  C:\WINDOWS\System32\en-US\tquery.dll.mui - ok
16:38:45.0621 0x0f54  [ 22DC784B32BEE306A99F50D6DC2460BC, 5144BDCEAFC593817545869E82A7D78104F310A8B0188E0EC49648F929F6E1C2 ] C:\WINDOWS\System32\esent.dll
16:38:45.0621 0x0f54  C:\WINDOWS\System32\esent.dll - ok
16:38:45.0636 0x0f54  [ 3606CE1AC3D6A9A9CB7DB35D7F5C54EC, 220911A88EF333BAC01062CC9E83566DBC12B1564D5B58C3A8A039DFDFDB7C6C ] C:\WINDOWS\System32\shfolder.dll
16:38:45.0636 0x0f54  C:\WINDOWS\System32\shfolder.dll - ok
16:38:45.0668 0x0f54  [ F21F255B91CA4F04E4250DECD2067CBB, F2EDAFA1C4CDF9608F16DD14C3D053A4E63673C6D16736E3F9691CA313D8C0D2 ] C:\WINDOWS\System32\bitsperf.dll
16:38:45.0668 0x0f54  C:\WINDOWS\System32\bitsperf.dll - ok
16:38:45.0683 0x0f54  [ 74F26FC01B180D4A99A168ED69C30A53, D2FD623D70340F650BFAC8C31102E1B9168FE1750C141A23ACCC1A21F9F93A94 ] C:\WINDOWS\System32\cmd.exe
16:38:45.0683 0x0f54  C:\WINDOWS\System32\cmd.exe - ok
16:38:45.0699 0x0f54  [ F85134BF76CB335A39F8D7BC4173D4FB, F6D1FA04D5BEA86625016FC460B9BF713C0D47694D84E9EA31AB927AD7527F37 ] C:\WINDOWS\System32\msscb.dll
16:38:45.0699 0x0f54  C:\WINDOWS\System32\msscb.dll - ok
16:38:45.0714 0x0f54  [ 632557F2495931D952161465AA177B3B, 6D45FBC384E0EE3B2C4E1119947BC5DD098F8A8CD55E59815661DC853FFF2C9A ] C:\WINDOWS\System32\bitsigd.dll
16:38:45.0714 0x0f54  C:\WINDOWS\System32\bitsigd.dll - ok
16:38:45.0730 0x0f54  [ C2C6C014B96581EC8BF0C8604DE1743E, 5641A4B4EEB85C247A6C5718D3DDBAC9BD8C00E1D474721E8F27CFC7E7C25FBC ] C:\WINDOWS\System32\wbem\WmiPrvSD.dll
16:38:45.0730 0x0f54  C:\WINDOWS\System32\wbem\WmiPrvSD.dll - ok
16:38:45.0761 0x0f54  [ A609A192E98934A8D352704C99AB8577, E4E4B8FEDBDFAC148E416190C7E88F8634269FFB2395E197D92BCB3CD7CDF662 ] C:\WINDOWS\System32\wbem\wbemess.dll
16:38:45.0761 0x0f54  C:\WINDOWS\System32\wbem\wbemess.dll - ok
16:38:45.0777 0x0f54  [ AD2C67A381CC7148BB98A66BB04DDF5B, 5AD11D1B1B3E60B79755630712FA70157E3240F09355A6EF9523845E1934251D ] C:\WINDOWS\System32\ieframe.dll
16:38:45.0777 0x0f54  C:\WINDOWS\System32\ieframe.dll - ok
16:38:45.0792 0x0f54  [ 10F13FFF542FEC4A2C4FA734EEBE56B9, 97D6F3009DAC29AABEC6063FE0AD676BFF92775602135B24D050E9E5D34807E0 ] C:\WINDOWS\System32\qmgrprxy.dll
16:38:45.0792 0x0f54  C:\WINDOWS\System32\qmgrprxy.dll - ok
16:38:45.0824 0x0f54  [ 898ABECCD5F0B9A8E8F1318DDB234685, CD9B0AE2FDF22B694FD2E3FD92C751AAECDDD85779D6F8CCD7EFCD3CC8C1161B ] C:\WINDOWS\System32\dot3api.dll
16:38:45.0824 0x0f54  C:\WINDOWS\System32\dot3api.dll - ok
16:38:45.0839 0x0f54  [ 8D544AC1B7AA7FB9DFF0C3E7DA6AD295, 745FA882709CCD6CEBD9881A001B9F26D9F09BE5D64582D61A6557E1C8E6C58F ] C:\WINDOWS\System32\wlanhlp.dll
16:38:45.0839 0x0f54  C:\WINDOWS\System32\wlanhlp.dll - ok
16:38:45.0870 0x0f54  [ 66EAA5E7C154F3C755CD9CEFAC5A7666, 38080D4E1E7ECD50B79A661E1E7C91E5E3A407370EC3CA3C33E0E0E6DA02ABDF ] C:\Program Files\Java\jre8\bin\java.exe
16:38:45.0870 0x0f54  C:\Program Files\Java\jre8\bin\java.exe - ok
16:38:45.0886 0x0f54  [ 94E3A2D6251A35ED69DB3221329E8584, EE55890F58C13E5A2540196ECFC0789EE027FCD4819B2040162D76F7AE2C6A68 ] C:\Users\Thomas\AppData\Local\Temp\{51EBF58A-28CC-42FA-ADA2-DB3E413501DB}.exe
16:38:45.0886 0x0f54  C:\Users\Thomas\AppData\Local\Temp\{51EBF58A-28CC-42FA-ADA2-DB3E413501DB}.exe - ok
16:38:45.0917 0x0f54  [ C8AE490A93C3CC2E537B6E06247785A1, AE4978ADCBBE8047B3409969752230DC1A2C10B7ADC876859A3965196B7F6203 ] C:\WINDOWS\System32\wbem\NCProv.dll
16:38:45.0917 0x0f54  C:\WINDOWS\System32\wbem\NCProv.dll - ok
16:38:45.0933 0x0f54  [ 7BA5B7DEDE25D44F3E664D5BA067E3CD, 57FEAE599516C86666DDF0F7D9C7368E516D3E73A5CCBC1C667F97916B9FF55A ] C:\Program Files\Internet Explorer\iexplore.exe
16:38:45.0933 0x0f54  C:\Program Files\Internet Explorer\iexplore.exe - ok
16:38:45.0948 0x0f54  [ E3F535656B5ABF249702EB64F3CF9AF0, 8669E7586FC1020E2C382997CF5A3B55BBF4A0135554921F1BC00CF9400FBC75 ] C:\WINDOWS\System32\wbem\wbemcons.dll
16:38:45.0948 0x0f54  C:\WINDOWS\System32\wbem\wbemcons.dll - ok
16:38:45.0964 0x0f54  [ 254AC97C9AF4DDF3F5F57855198527B7, 3F78B76BEC50B333ED9A4C0064EBCB573FFF885813A212407E32126F2167B5DE ] C:\WINDOWS\System32\wermgr.exe
16:38:45.0964 0x0f54  C:\WINDOWS\System32\wermgr.exe - ok
16:38:45.0980 0x0f54  [ E66587751D859A88FA61149C9CC2C15C, 92AFB5469AFCB0862CBE153AFC8A9D6F4F0D375A91852523F031781731A8D838 ] C:\WINDOWS\System32\wer.dll
16:38:45.0980 0x0f54  C:\WINDOWS\System32\wer.dll - ok
16:38:46.0011 0x0f54  [ E083ADCF3E6233473C122B9AA5ADBAA0, 812053B4EB9C5D62C600E82DAFD882D6B71422EF498EBCD789CFC4E5954B860D ] C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.dll
16:38:46.0011 0x0f54  C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.dll - ok
16:38:46.0026 0x0f54  [ E91B5FA739CCF7F0CE3282B0FCFA5108, A5B186028E038D4556127E242429783C0AB7659C8A48444941FE9F2E89E80A22 ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
16:38:46.0026 0x0f54  C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE - ok
16:38:46.0042 0x0f54  [ 7F1875210672BB9338B0F86955948ECB, 924DD66264528ACBAD40348A772D9F695A80D5D32FC79478F9D2FAAA760EB947 ] C:\Program Files\Java\jre6\bin\java.exe
16:38:46.0042 0x0f54  C:\Program Files\Java\jre6\bin\java.exe - ok
16:38:46.0073 0x0f54  [ F4E1AA5D59C849A4AB47E895DC76B9C8, 0C93E63372D619393D9DDD3EFCA2317A6652276A9FDE0530CD2A06135EE6B46D ] C:\WINDOWS\System32\sfc.dll
16:38:46.0073 0x0f54  C:\WINDOWS\System32\sfc.dll - ok
16:38:46.0089 0x0f54  [ 12BCF4DAD8E5A1B3D5FA7AB4A79DA105, 613F0D184E08CBE1FFEEB8F845ADCA79577FB3CF59EA1FEE6B2346D9930763AB ] C:\WINDOWS\System32\sfc_os.dll
16:38:46.0089 0x0f54  C:\WINDOWS\System32\sfc_os.dll - ok
16:38:46.0120 0x0f54  [ 9441A231C0AA0712F7CF3B10D9CFCF76, A1136DBCD62DCDEEA012CC97E7B6EFAE712267B94B8EA9B417E23CEC34FBDBA7 ] C:\WINDOWS\System32\wmploc.DLL
16:38:46.0120 0x0f54  C:\WINDOWS\System32\wmploc.DLL - ok
16:38:46.0136 0x0f54  [ C0B8B96D018849FD8CCF15FED84E8782, E107AA4ADE150DC309C39BBF47292E7A7F8DD439FAB30791676BC8A1133B9AFD ] C:\WINDOWS\System32\ie4uinit.exe
16:38:46.0136 0x0f54  C:\WINDOWS\System32\ie4uinit.exe - ok
16:38:46.0151 0x0f54  [ F0FEFB0B5D25A75D478A4317139D937E, CB6EB2891130A410A80F6A1BF0CAC66C429DB7D4ADD0D8484CA4F83D17856441 ] C:\WINDOWS\System32\iedkcs32.dll
16:38:46.0151 0x0f54  C:\WINDOWS\System32\iedkcs32.dll - ok
16:38:46.0182 0x0f54  [ DBD9448D06E67FE6F29261FFAD205B68, C1ACC264F7542464C5B6B80D3D9EAB82AF21BA624B1746DF98142D8D4C383C64 ] C:\WINDOWS\System32\themeui.dll
16:38:46.0182 0x0f54  C:\WINDOWS\System32\themeui.dll - ok
16:38:46.0198 0x0f54  [ 4B19A9A4191353007E9819A832B81186, 02B78FB11F80763CCB0E30E383247BD76FAC8A25DEE4971E8958EF19A08A719A ] C:\WINDOWS\System32\timedate.cpl
16:38:46.0198 0x0f54  C:\WINDOWS\System32\timedate.cpl - ok
16:38:46.0214 0x0f54  [ FF41E1AC301F51E16F61AD7C0F45467C, 8E8F7C932C4A6EE239BC6F48D064C55872ED309C8F77263159729D0C2EC675DA ] C:\WINDOWS\System32\msshsq.dll
16:38:46.0214 0x0f54  C:\WINDOWS\System32\msshsq.dll - ok
16:38:46.0229 0x0f54  [ 70C6489D56008D75DEDF73226FA63C11, 7AB4C89D7A259BB7DD6F24C5CA181749C3015A06B160B91593F2F1FC1E4AEDCE ] C:\WINDOWS\System32\dimsjob.dll
16:38:46.0245 0x0f54  C:\WINDOWS\System32\dimsjob.dll - ok
16:38:46.0260 0x0f54  [ 1CE4A2790EB4A96F4ED1E4264866AFE6, EA079AABE19E4E15674AB6EC0B92EFBB382CEDE1D43CFF8A118127F7FF891FDA ] C:\WINDOWS\System32\NaturalLanguage6.dll
16:38:46.0260 0x0f54  C:\WINDOWS\System32\NaturalLanguage6.dll - ok
16:38:46.0276 0x0f54  [ 98638A4CA187245C469DA0DEC4F04A45, AE352C68D11888AA27109F366BFFA308CA8EE8E222599C74E2C0B1A1AA9B60A3 ] C:\WINDOWS\System32\pautoenr.dll
16:38:46.0276 0x0f54  C:\WINDOWS\System32\pautoenr.dll - ok
16:38:46.0292 0x0f54  [ AC48FD62E22C4425879FCA5A63F50497, 36234D6835F8CCDE2DEF4AAD2C9AD42C47FC7A5BDD9CFC9BE8FFE6995FB3DE1B ] C:\WINDOWS\System32\certcli.dll
16:38:46.0292 0x0f54  C:\WINDOWS\System32\certcli.dll - ok
16:38:46.0323 0x0f54  [ 0053319C4438CDE659AA75C19BBD22F1, F0EE45AAB3DC43DECF7DA6B7A5DC4AAEF9A660D3BE1B571EA5FD2C6779A583FB ] C:\WINDOWS\System32\CertEnroll.dll
16:38:46.0323 0x0f54  C:\WINDOWS\System32\CertEnroll.dll - ok
16:38:46.0338 0x0f54  [ AA111488C03C58A2BF66509ABB4FDE60, E7E0E3305DB8ECE1E4312D8C664BE0C25B62236C97ABB19ABF5B4FD1E75C83E2 ] C:\WINDOWS\System32\NlsData0009.dll
16:38:46.0338 0x0f54  C:\WINDOWS\System32\NlsData0009.dll - ok
16:38:46.0354 0x0f54  [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\Users\Thomas\AppData\Local\Temp\{F06CE062-CE70-4887-A16E-7CC7BBD34BD2}\{D62FB397-1F02-4F1B-AB80-7371AC3F5F83}.tmp
16:38:46.0354 0x0f54  C:\Users\Thomas\AppData\Local\Temp\{F06CE062-CE70-4887-A16E-7CC7BBD34BD2}\{D62FB397-1F02-4F1B-AB80-7371AC3F5F83}.tmp - ok
16:38:46.0385 0x0f54  [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\Users\Thomas\AppData\Local\Temp\{F06CE062-CE70-4887-A16E-7CC7BBD34BD2}\{08DBCAF5-9DB7-44BD-B976-4D4EA3054802}.tmp
16:38:46.0385 0x0f54  C:\Users\Thomas\AppData\Local\Temp\{F06CE062-CE70-4887-A16E-7CC7BBD34BD2}\{08DBCAF5-9DB7-44BD-B976-4D4EA3054802}.tmp - ok
16:38:46.0401 0x0f54  [ 80808656078CFCC32CF8BFEB0DD66279, 383F37599ABF16EEDEB2A60242DB7EDCC3D210A2A59DD61169047059F7041C5C ] C:\Users\Thomas\AppData\Local\Temp\{F06CE062-CE70-4887-A16E-7CC7BBD34BD2}\{FA7ACBA0-64AE-41C9-8E67-BFDBFA388B59}.tmp
16:38:46.0401 0x0f54  C:\Users\Thomas\AppData\Local\Temp\{F06CE062-CE70-4887-A16E-7CC7BBD34BD2}\{FA7ACBA0-64AE-41C9-8E67-BFDBFA388B59}.tmp - ok
16:38:46.0432 0x0f54  [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\Users\Thomas\AppData\Local\Temp\{F06CE062-CE70-4887-A16E-7CC7BBD34BD2}\{283D22D9-EB6B-4395-85B4-4B086E288AA0}.tmp
16:38:46.0432 0x0f54  C:\Users\Thomas\AppData\Local\Temp\{F06CE062-CE70-4887-A16E-7CC7BBD34BD2}\{283D22D9-EB6B-4395-85B4-4B086E288AA0}.tmp - ok
16:38:46.0448 0x0f54  [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\Users\Thomas\AppData\Local\Temp\{F06CE062-CE70-4887-A16E-7CC7BBD34BD2}\{EEB1ADC4-C5A6-4967-81DE-36468F2E8ED9}.tmp
16:38:46.0448 0x0f54  C:\Users\Thomas\AppData\Local\Temp\{F06CE062-CE70-4887-A16E-7CC7BBD34BD2}\{EEB1ADC4-C5A6-4967-81DE-36468F2E8ED9}.tmp - ok
16:38:46.0463 0x0f54  [ 8629B71343F61E1140243581C63BC0C7, DF03E90AC77E2559294385B8502AF8F6BAF5B2B40BE843F1AD50CD5848538F0D ] C:\WINDOWS\System32\NlsLexicons0009.dll
16:38:46.0463 0x0f54  C:\WINDOWS\System32\NlsLexicons0009.dll - ok
16:38:46.0479 0x0f54  [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\Users\Thomas\AppData\Local\Temp\{F06CE062-CE70-4887-A16E-7CC7BBD34BD2}\{5AC06697-347B-4BF5-82D2-6A3296DB4B21}.tmp
16:38:46.0479 0x0f54  C:\Users\Thomas\AppData\Local\Temp\{F06CE062-CE70-4887-A16E-7CC7BBD34BD2}\{5AC06697-347B-4BF5-82D2-6A3296DB4B21}.tmp - ok
16:38:46.0510 0x0f54  [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\Users\Thomas\AppData\Local\Temp\{F06CE062-CE70-4887-A16E-7CC7BBD34BD2}\{6571738B-21CC-4EF8-A9B2-D26BBF543E9C}.tmp
16:38:46.0510 0x0f54  C:\Users\Thomas\AppData\Local\Temp\{F06CE062-CE70-4887-A16E-7CC7BBD34BD2}\{6571738B-21CC-4EF8-A9B2-D26BBF543E9C}.tmp - ok
16:38:46.0526 0x0f54  [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\Users\Thomas\AppData\Local\Temp\{F06CE062-CE70-4887-A16E-7CC7BBD34BD2}\{82D3C3B9-86E5-411E-A260-343C773F18C2}.tmp
16:38:46.0526 0x0f54  C:\Users\Thomas\AppData\Local\Temp\{F06CE062-CE70-4887-A16E-7CC7BBD34BD2}\{82D3C3B9-86E5-411E-A260-343C773F18C2}.tmp - ok
16:38:46.0541 0x0f54  [ 04044BF8E6989BE45FA718C24407CA28, C88D19AA791793313551B26DF2A33A59BEBE366F2F2930ABDE0865AE932BFD7E ] C:\WINDOWS\System32\networkexplorer.dll
16:38:46.0541 0x0f54  C:\WINDOWS\System32\networkexplorer.dll - ok
16:38:46.0572 0x0f54  [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\Users\Thomas\AppData\Local\Temp\{F06CE062-CE70-4887-A16E-7CC7BBD34BD2}\{0CC3E532-3228-47B3-BD5E-B97C486EE269}.tmp
16:38:46.0572 0x0f54  C:\Users\Thomas\AppData\Local\Temp\{F06CE062-CE70-4887-A16E-7CC7BBD34BD2}\{0CC3E532-3228-47B3-BD5E-B97C486EE269}.tmp - ok
16:38:46.0604 0x0f54  [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\Users\Thomas\AppData\Local\Temp\{F06CE062-CE70-4887-A16E-7CC7BBD34BD2}\{8D21707A-0E5B-4D02-B0FC-CE641FAD6141}.tmp
16:38:46.0604 0x0f54  C:\Users\Thomas\AppData\Local\Temp\{F06CE062-CE70-4887-A16E-7CC7BBD34BD2}\{8D21707A-0E5B-4D02-B0FC-CE641FAD6141}.tmp - ok
16:38:46.0619 0x0f54  [ 24F90AEFEBE601D427CB4511E74CDCB6, 0FEBBE1F81E6A48DA0D8967E256259B6F92F6E79804DF9CAC9422FEC47CB9BF2 ] C:\WINDOWS\System32\linkinfo.dll
16:38:46.0619 0x0f54  C:\WINDOWS\System32\linkinfo.dll - ok
16:38:46.0635 0x0f54  [ 0CFCDE5D9D074D96B78D1F1CBF1AAB1D, 15A579FDE0288BC732DF0C092A8269159D4D7B8AAC13E78B1D444899EE1CE478 ] C:\WINDOWS\System32\riched20.dll
16:38:46.0635 0x0f54  C:\WINDOWS\System32\riched20.dll - ok
16:38:46.0666 0x0f54  [ A3418E4D4A5EE636D44922DC2567FA18, 21F89584534A6A02284A6E1BD502A3530E372E6FCF1285BFD68DB074CCE655EA ] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
16:38:46.0666 0x0f54  C:\Program Files\Synaptics\SynTP\SynTPStart.exe - ok
16:38:46.0682 0x0f54  [ F08A76C5E56BDB6F98F41BD22A4692E1, E8D41172DC3E747B117BDA0713B292E18A8FFDD48DA1D9E61CAF74841FBC5555 ] C:\Program Files\HP\QuickPlay\QPService.exe
16:38:46.0682 0x0f54  C:\Program Files\HP\QuickPlay\QPService.exe - ok
16:38:46.0697 0x0f54  [ 5016B8FC59AD616F03813FBE63295081, D5141F87D456CBF12E7C227A9C5D3918A675D20953E7705A49ED1BE5426C69EB ] C:\WINDOWS\System32\thumbcache.dll
16:38:46.0697 0x0f54  C:\WINDOWS\System32\thumbcache.dll - ok
16:38:46.0728 0x0f54  [ 0D392EDE3B97E0B3131B2F63EF1DB94E, 3EDA280F91097293E00BF984D377E1111CFDE1FC81B30A3FDEB38F321EF82BB6 ] C:\Program Files\Windows Defender\MSASCui.exe
16:38:46.0728 0x0f54  C:\Program Files\Windows Defender\MSASCui.exe - ok
16:38:46.0744 0x0f54  [ 941A08CBDEEDF16B6C986B6BA7C9A5D0, D62C895432DD277DF2E738500649B49A706DC828174B7F58C87C3AB412F4034E ] C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
16:38:46.0744 0x0f54  C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe - ok
16:38:46.0760 0x0f54  [ 21293443961A4E2597453EE7A9347F22, FDA88181C975C251E56D5A38E5473F45B9CB4E1258A6E93320D34D656AB1E6ED ] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
16:38:46.0760 0x0f54  C:\Program Files\HP\HP Software Update\hpwuSchd2.exe - ok
16:38:46.0791 0x0f54  [ 61216539E55DDF2F78E421E7EF140650, 0897EEA53F8924441FD2F61EB0FCE96142A6526EDB857B1638FEDD9304AD3561 ] C:\WINDOWS\System32\ExplorerFrame.dll
16:38:46.0791 0x0f54  C:\WINDOWS\System32\ExplorerFrame.dll - ok
16:38:46.0806 0x0f54  [ CB4EE42EE2D33A58EFD48C276B683663, 45E8AC97B2D161543CBF92135120EB5112DA31BD2E7D11BF42C5154DBE494162 ] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
16:38:46.0806 0x0f54  C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe - ok
16:38:46.0822 0x0f54  [ B8AF02700299CD308046BB9339165813, E7E0BBB493DD2080EA0D12D5F88070BFADA962AA5EFA9A6145A58D8B8E779B39 ] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
16:38:46.0822 0x0f54  C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe - ok
16:38:46.0853 0x0f54  [ F7AD0BD4A944A97C13B196215981346C, 9CDE2D90E5BD7AF1387F8DBB9463FDE402955581CC0613AF50DFE8AF94D5FA5C ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
16:38:46.0853 0x0f54  C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok
16:38:46.0869 0x0f54  [ 027E5E14C9CFF810377701BDEAD8210F, 053BE912C3F536DFA8734603B9BDFB314B61934404C84B368ABC8CA8C68F2CE5 ] C:\WINDOWS\System32\control.exe
16:38:46.0869 0x0f54  C:\WINDOWS\System32\control.exe - ok
16:38:46.0884 0x0f54  [ FDF273A845F1FFCCEADF363AAF47582F, 9BB99346A977225EF77261CD3CF4219A238EB06FFE2DB91D00A0037BDCFECEF1 ] C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
16:38:46.0884 0x0f54  C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe - ok
16:38:46.0900 0x0f54  [ FA2A3AFADC4FB47DBC234A4E57F92CDB, D8394B8BD8919D3CACA73ECB23B156B460D18E463FCF7436E4856208F17434AF ] C:\WINDOWS\System32\ddraw.dll
16:38:46.0900 0x0f54  C:\WINDOWS\System32\ddraw.dll - ok
16:38:46.0931 0x0f54  [ DE7F813217EC88C0A6D4D8F2F39D7949, F749DA3DC87DDA8579B02F27951CC3BBEADFC25362D892E9484146616A0ACF47 ] C:\WINDOWS\System32\msiltcfg.dll
16:38:46.0931 0x0f54  C:\WINDOWS\System32\msiltcfg.dll - ok
16:38:46.0947 0x0f54  [ 94444693EA13A72F6820DFF844A1122E, DAB1D45F39CA196C6EF22F4E817C32558D87051B98FC525A07ABBAE1A52B59AB ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
16:38:46.0947 0x0f54  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
16:38:46.0962 0x0f54  ================ Scan generic autorun ======================
16:38:48.0257 0x0f54  [ A3418E4D4A5EE636D44922DC2567FA18, 21F89584534A6A02284A6E1BD502A3530E372E6FCF1285BFD68DB074CCE655EA ] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
16:38:48.0351 0x0f54  SynTPStart - ok
16:38:48.0710 0x0f54  [ F08A76C5E56BDB6F98F41BD22A4692E1, E8D41172DC3E747B117BDA0713B292E18A8FFDD48DA1D9E61CAF74841FBC5555 ] C:\Program Files\HP\QuickPlay\QPService.exe
16:38:48.0834 0x0f54  QPService - ok
16:38:49.0084 0x0f54  [ 0D392EDE3B97E0B3131B2F63EF1DB94E, 3EDA280F91097293E00BF984D377E1111CFDE1FC81B30A3FDEB38F321EF82BB6 ] C:\Program Files\Windows Defender\MSASCui.exe
16:38:49.0240 0x0f54  Windows Defender - ok
16:38:49.0287 0x0f54  [ 941A08CBDEEDF16B6C986B6BA7C9A5D0, D62C895432DD277DF2E738500649B49A706DC828174B7F58C87C3AB412F4034E ] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
16:38:49.0334 0x0f54  hpqSRMon - detected UnsignedFile.Multi.Generic ( 1 )
16:38:52.0313 0x0f54  Detect skipped due to KSN trusted
16:38:52.0313 0x0f54  hpqSRMon - ok
16:38:52.0329 0x0f54  HP Health Check Scheduler - ok
16:38:52.0422 0x0f54  [ 21293443961A4E2597453EE7A9347F22, FDA88181C975C251E56D5A38E5473F45B9CB4E1258A6E93320D34D656AB1E6ED ] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
16:38:52.0469 0x0f54  HP Software Update - ok
16:38:52.0672 0x0f54  [ CB4EE42EE2D33A58EFD48C276B683663, 45E8AC97B2D161543CBF92135120EB5112DA31BD2E7D11BF42C5154DBE494162 ] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
16:38:52.0766 0x0f54  hpWirelessAssistant - ok
16:38:52.0812 0x0f54  [ B8AF02700299CD308046BB9339165813, E7E0BBB493DD2080EA0D12D5F88070BFADA962AA5EFA9A6145A58D8B8E779B39 ] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
16:38:52.0859 0x0f54  WAWifiMessage - detected UnsignedFile.Multi.Generic ( 1 )
16:38:55.0559 0x0f54  Detect skipped due to KSN trusted
16:38:55.0559 0x0f54  WAWifiMessage - ok
16:38:55.0699 0x0f54  [ F7AD0BD4A944A97C13B196215981346C, 9CDE2D90E5BD7AF1387F8DBB9463FDE402955581CC0613AF50DFE8AF94D5FA5C ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
16:38:55.0746 0x0f54  SunJavaUpdateSched - ok
16:38:56.0105 0x0f54  [ 94444693EA13A72F6820DFF844A1122E, DAB1D45F39CA196C6EF22F4E817C32558D87051B98FC525A07ABBAE1A52B59AB ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
16:38:56.0417 0x0f54  SynTPEnh - ok
16:38:56.0448 0x0f54  MRT - ok
16:38:56.0542 0x0f54  [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
16:38:56.0573 0x0f54  APSDaemon - ok
16:38:57.0213 0x0f54  [ 26AFC1F16494FFE66F2197153B342A27, 817436E38F832500E120F196941F2F8392B192262E16D5E52CD5DFAC34749C15 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
16:38:57.0712 0x0f54  AvastUI.exe - ok
16:38:58.0008 0x0f54  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
16:38:58.0133 0x0f54  Adobe ARM - ok
16:38:58.0258 0x0f54  [ 08E7173D1B74095335052459200CB1EA, 5B6EB8A65B5F451BF6115EB7CD1355E5870E6D764F22D767D13216BF17C5668F ] C:\Program Files\QuickTime\QTTask.exe
16:38:58.0367 0x0f54  QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
16:39:00.0972 0x0f54  Detect skipped due to KSN trusted
16:39:00.0972 0x0f54  QuickTime Task - ok
16:39:01.0113 0x0f54  [ 8F89E6CB82E6DB45BC993D423CD0FDBD, 254DD6E7EBCD1BAEE8DB5AD34451B66241DCCE6496D440400DA092C9C867F165 ] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
16:39:01.0175 0x0f54  QlbCtrl.exe - ok
16:39:01.0191 0x0f54  NvCplDaemon - ok
16:39:01.0206 0x0f54  NvMediaCenter - ok
16:39:01.0409 0x0f54  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
16:39:01.0643 0x0f54  Sidebar - ok
16:39:01.0659 0x0f54  WindowsWelcomeCenter - ok
16:39:01.0846 0x0f54  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
16:39:02.0017 0x0f54  Sidebar - ok
16:39:02.0033 0x0f54  WindowsWelcomeCenter - ok
16:39:02.0251 0x0f54  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\sidebar.exe
16:39:02.0423 0x0f54  Sidebar - ok
16:39:02.0813 0x0f54  [ A75685AEE9F5BE8163A2074068BD6B54, 2AD87AD243CC4074EF995DFFBC78489B2F32294809FF002B41F0B0723B47B4E0 ] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
16:39:03.0141 0x0f54  HPAdvisor - ok
16:39:03.0187 0x0f54  [ 22BFD03DF51065A9ED8D17F8FB72296B, CE84699449BA15C6868F96F6A51515C008AD9B3C2B36BEFD95B09BD0B4A55D1E ] C:\WINDOWS\system32\ctfmon.exe
16:39:03.0265 0x0f54  ctfmon.exe - ok
16:39:03.0312 0x0f54  [ 35937EAD711207544E219C2A19A78A7D, EE6E5EAE00F577D7C3FFB8C0D8EE484552A337CEAA27FCB107174A9879FE7362 ] C:\Program Files\Windows Media Player\WMPNSCFG.exe
16:39:03.0390 0x0f54  WMPNSCFG - ok
16:39:03.0531 0x0f54  [ D72D08898E2BA14B8FD6E9533C714385, F4337D46BBB5886ED654157C3BB1B2779376E919F1C5D8E5FF2F8C6B7306F8C4 ] C:\Program Files\FileHippo.com\UpdateChecker.exe
16:39:03.0624 0x0f54  FileHippo.com - detected UnsignedFile.Multi.Generic ( 1 )
16:39:06.0089 0x0f54  Detect skipped due to KSN trusted
16:39:06.0089 0x0f54  FileHippo.com - ok
16:39:06.0089 0x0f54  Waiting for KSN requests completion. In queue: 7
16:39:07.0103 0x0f54  Waiting for KSN requests completion. In queue: 7
16:39:08.0117 0x0f54  Waiting for KSN requests completion. In queue: 7
16:39:09.0240 0x0f54  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2021.515 ), 0x41000 ( enabled : updated )
16:39:09.0256 0x0f54  Win FW state via NFP2: enabled
16:39:11.0814 0x0f54  ============================================================
16:39:11.0814 0x0f54  Scan finished
16:39:11.0814 0x0f54  ============================================================
16:39:11.0845 0x0f4c  Detected object count: 3
16:39:11.0845 0x0f4c  Actual detected object count: 3
16:42:23.0045 0x0f4c  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
16:42:23.0045 0x0f4c  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:42:23.0825 0x0f4c  \Device\Harddisk0\DR0\# - copied to quarantine
16:42:23.0825 0x0f4c  \Device\Harddisk0\DR0 - copied to quarantine
16:42:23.0903 0x0f4c  \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
16:42:23.0903 0x0f4c  \Device\Harddisk0\DR0\TDLFS\tdlcmd.dll - copied to quarantine
16:42:43.0827 0x0f4c  \Device\Harddisk0\DR0\TDLFS\tdlwsp.dll - copied to quarantine
16:42:44.0240 0x0f4c  \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - will be cured on reboot
16:42:44.0240 0x0f4c  \Device\Harddisk0\DR0 - ok
16:42:44.0925 0x0f4c  \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Cure
16:42:44.0926 0x0f4c  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
16:42:44.0926 0x0f4c  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
16:42:45.0350 0x0f4c  KLMD registered as C:\Windows\system32\drivers\00036703.sys
16:43:26.0476 0x0d30  Deinitialize success
 



#5 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,015 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:01:29 AM

Posted 05 July 2014 - 11:57 AM

Hi rjrossi88,

 

I must give you this warning (I've removed the rootkit now, but the warning still stands):
 
Looking through your logs, one or more of your infections has been identified as a Backdoor Trojan. These threats have backdoor functionality which allows hackers to remotely control your computer, steal critical system information, and download and execute files.
 
I highly suggest you to disconnect this PC from the Internet immediately, and if possible use a clean computer and a flash drive to transfer the programs I request for you to run. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable. It would be wise to contact those same financial institutions to notify them of your situation.
 
Due to the nature of this trojan, your computer is very likely to be compromised. There is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:
 
How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
When Should I Format, How Should I Reinstall
 
We can still clean this machine, but I can't guarantee that it will be 100% secure afterwards. If you decide to continue cleaning this machine, follow on with the rest of the steps posted below. If you do not want to clean this machine, please let me know.

 

--------------
 
Please re-run TDSSKiller using the instructions in my last post, but when you get to the detections select delete rather than skip in the drop down options for TDSS File System. Copy and paste the log produced into your next reply.

 
--------------

Please download Farbar Recovery Scan Tool and save it to your Desktop.
 
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right-click FRST then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).
  • When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • When finished, it will produce a log called FRST.txt in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.

Note 2: The first time the tool is run it generates another log (Addition.txt - also located in the same directory the tool was run from). Please also paste that, along with the FRST.txt into your next reply.

 
--------------
 
Does Avast still detect a rootkit after these steps?
 
--------------
 
To recap, in your next reply I would like to see the following. Make sure to copy & paste them unless I ask otherwise:

  • New TDSSKiller log
  • FRST.txt
  • Addition.txt

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

~Currently in my last year of school, so replies might be more delayed~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#6 rjrossi88

rjrossi88
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:09:29 PM

Posted 07 July 2014 - 02:01 PM

So if i were to install windows 7 or 8 OS while erasing everything currently on it, that would remove the backdoor trojan and the computer would be safe to use again?? 



#7 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,015 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:01:29 AM

Posted 07 July 2014 - 02:13 PM

Hi rjrossi88,

 

Yes, a complete wipe of the system and then reinstalling Windows would make sure the system has not been tampered with and is completely safe.

 

xXToffeeXx~ 


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

~Currently in my last year of school, so replies might be more delayed~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#8 rjrossi88

rjrossi88
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:09:29 PM

Posted 07 July 2014 - 04:15 PM

One more questions from someone with relatively little computer knowledge lol.  Everything will automatically be erased from the computer during the installation of the new OS, correct?  Or is there something more I would have to do prior to or during the installation?



#9 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,015 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:01:29 AM

Posted 09 July 2014 - 07:18 AM

Hi rjrossi88,

 

Sorry about the delay, some stuff came up yesterday which I had to attend to.

 

Reinstalling is quite simple, just follow the instructions on screen is normally all you need to do. Make sure you select the option to wipe everything when given how you want to reinstall.

If you let me know what model your computer is then I can try and find some instructions for you on how to reinstall.

 

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

~Currently in my last year of school, so replies might be more delayed~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#10 rjrossi88

rjrossi88
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:09:29 PM

Posted 09 July 2014 - 11:31 AM

No problem.  It's a compaq altec lansing laptop with windows vista home premium. 



#11 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,015 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:01:29 AM

Posted 09 July 2014 - 01:24 PM

Hi rjrossi88,

 

These instructions should work to restore your laptop to factory defaults:

  1. Power on the computer
  2. Press F10 repeatedly when you see the HP or Compaq logo.
  3. When the recovery screen appears, press Next and then click Advanced and then Yes.
  4. After the recovery is finished, the laptop will reboot.

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

~Currently in my last year of school, so replies might be more delayed~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#12 rjrossi88

rjrossi88
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:09:29 PM

Posted 11 July 2014 - 09:29 AM

when i hit f10 it brought up "PhoenixBIOS Setup Utility"   Im not sure where to go from there.   If its even the right screen to be on



#13 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,015 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:01:29 AM

Posted 11 July 2014 - 11:59 AM

Hi rjrossi88,

 

Yeah, that's the bios and not what we need. Try F11 instead.

 

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

~Currently in my last year of school, so replies might be more delayed~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#14 rjrossi88

rjrossi88
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:09:29 PM

Posted 11 July 2014 - 01:19 PM

ok.  F11 Gave me a blue screen that says:

 

STOP: C0000218 {REGISTRY FILE FAILURE}

the registry can not load the hive (file)

\systemroot\system32\config\software

or its log or alternate.

it is corrupt, absent, or not writable.



#15 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,015 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:01:29 AM

Posted 12 July 2014 - 07:44 AM

Hi rjrossi88,

 

If you can boot into windows then try search for recovery in the Search programs and files field after clicking on Windows Start flag and selecting HP Recovery Manager (or similar name).

 

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

~Currently in my last year of school, so replies might be more delayed~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users