Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with MEBROMI


  • This topic is locked This topic is locked
29 replies to this topic

#1 bigrobifer

bigrobifer

  • Members
  • 92 posts
  • OFFLINE
  •  
  • Local time:04:54 AM

Posted 13 July 2014 - 01:12 PM

This is how i found out and was able to get a gmer mbr log.

Since i opened the mbr log in notepad and it said mbr was corrupt, yet i was still booting the system, I decided to play around. So i uninstalled all the networking drivers and peripheral port drivers. Uninstalled the pci drivers and the plug and play drivers. Uinstalled the microsoft system manegment bios driver and the virtual drive enumerator driver, system timer, umbus drivers, high precision event timer, intel pci bridge and almost all the mandatory system drivers.  Then i set msconfig to stay booted into diagnostic mode. Soon as i booted into diagnostic mode the usb drivers started installing themselves- stopped these. Ran several scan - adwcleaner found a few insignificant thing and cleaned up, vba rootkit found alot of thing that seem relevent but i dont know how to go about it. Gmer found something but in the log for it nothing was apperant, then i noticed this log file that said only MBR. Since i never noticed it there before i opened it in notepad and here are the contents - 

 

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.1.7601 
 
device: opened successfully
user: error reading MBR 
error: Read  The handle is invalid.
kernel: error reading MBR 
 
 
During this i was also finally able to abtain the wmi trace log - these hadn't been available even though i had it configured to trace on ever boot. Not sure what it actually means but seems to show how it has been able to take over system files. -
 
 **************** Started trace for Module: [sti_ci.dll] in Executable [setup.exe] ProcessID: [736] at 2007/01/01 17:29:09:102 ****************
WIA: 736.740 0 0 0 [sti_ci.dll] ERROR: OnDIF_DESTROYPRIVATEDATA, Invalid argument.
 
**************** Started trace for Module: [sti_ci.dll] in Executable [sysprep.exe] ProcessID: [1588] at 2007/01/01 17:57:37:182 ****************
WIA: 1588.1828 0 0 0 [sti_ci.dll] ERROR: OnDIF_REMOVE, SetupDiGetClassInstallParams() failed. Err=0xe0000215.
 
**************** Started trace for Module: [sti_ci.dll] in Executable [setup.exe] ProcessID: [752] at 2011/04/08 10:05:03:615 ****************
WIA: 752.756 0 0 0 [sti_ci.dll] ERROR: OnDIF_DESTROYPRIVATEDATA, Invalid argument.
 
**************** Started trace for Module: [sti_ci.dll] in Executable [setup.exe] ProcessID: [732] at 2014/07/03 00:12:10:821 ****************
WIA: 732.736 0 0 0 [sti_ci.dll] ERROR: OnDIF_REMOVE, SetupDiGetClassInstallParams() failed. Err=0xe0000215.
 
**************** Started trace for Module: [sti_ci.dll] in Executable [setup.exe] ProcessID: [732] at 2014/07/03 00:13:24:484 ****************
WIA: 732.736 0 0 0 [sti_ci.dll] ERROR: OnDIF_DESTROYPRIVATEDATA, Invalid argument.
 
**************** Started trace for Module: [sti_ci.dll] in Executable [DrvInst.exe] ProcessID: [340] at 2014/07/10 18:00:22:227 ****************
WIA: 340.1284 0 0 0 [sti_ci.dll] ERROR: StartWiaService, StartService failed. Err=0x422.
 
**************** Started trace for Module: [sti_ci.dll] in Executable [DrvInst.exe] ProcessID: [904] at 2014/07/12 21:30:10:694 ****************
WIA: 904.936 0 0 0 [sti_ci.dll] ERROR: StartWiaService, StartService failed. Err=0x422.

Edited by hamluis, 13 July 2014 - 01:32 PM.
Moved from MRL to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 bigrobifer

bigrobifer
  • Topic Starter

  • Members
  • 92 posts
  • OFFLINE
  •  
  • Local time:04:54 AM

Posted 13 July 2014 - 01:18 PM

Still cant upload files to this site so here is the vbarootkit log link to google drive 

 

https://docs.google.com/viewer?pid=explorer&srcid=0B9obRWFhBqxhVHVaVkhiYmZ5MEU&docid=92f2b345d53ac1513763c1db9f9ce701%7Cc9b8f1228696665f5f0a9c2a6cc27034&chan=EgAAABYSjidaTqmvY7eOwWLbZJ6LlBc4ZA1%2Bt1i73dJtWnyy&a=v&rel=zip;z1;Vba32ArkitLog_2014-7-13_2-44-39.html

 

 

Please keep in my that i have nuked my drive twice with a fresh os install an it still came back. I need to know how to make it not come back after the next format and install.


Edited by bigrobifer, 13 July 2014 - 01:24 PM.


#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,040 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:54 AM

Posted 14 July 2014 - 09:53 PM

The above link fails. I moved this to the Virus, Trojan, Spyware, and Malware Removal Logs   forum as you will need their help.           


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,936 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:54 AM

Posted 18 July 2014 - 08:51 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

Read carefully and follow these steps.
TDSS
  • Download TDSSKiller and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application.
  • Then click on Start Scan.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.

    TDSSKillerSuspicious-1.png
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • Important: Do NOT change the default action on your own unless instructed by a malware Helper! Doing so may render your computer unbootable.
    TDSSKillerMal-1.png
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.

    TDSSKillerCompleted.png
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
===

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it.
  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please paste the contents of that log in your next reply.
There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.
===

Post the logs here for my review.

#5 bigrobifer

bigrobifer
  • Topic Starter

  • Members
  • 92 posts
  • OFFLINE
  •  
  • Local time:04:54 AM

Posted 19 July 2014 - 12:46 AM

 I am working right now on a fresh windows install. Not activated yet as i only have so many times to run the key for it. I was going to update earlier but it said i needed to install one update first in order to install or even check for updates. And the way its been i dont trust that entirely so there shouldnt be any updates installed at all - checking - now there are either two or one depending on whether i look at "installed updates" or "update history". under installed updates it lists kb958488 with no publisher and KB976902 signed by MS. When i look under view update history i see the unsigned KB958488.

 When i was installing this earlier i wasnt given the option to format so now there is a "windows.old" folder. After going through the steps to take ownership then change persmission on the folder (windows.old) and its contents i was still unable to delete it. 

 Even when I have autoplay off and the option to auto download device drivers turned off, if i disable sound, webcam, and usb ports they will start to install automatically on their own. If i try doing this with the pci i get the same result, same with any networking drivers like the wwan or lan drivers (I'll end up with 11 different "internet" drivers), same with any pcie controllers and the cardreader. Sometimes while I'm in the process of disabling the usb ports i hear the sound that it makes when a flash drive is pulled out, sometimes while in the process of disabling these mentioned drivers they will start installing even while the device manager is opened and Its like a race to disable them all, which, if i go all the way to the system devices trying to stop it  I end up disabling the pci bus and other thing. 

 When this first started last month, I once erased the entire windows32 folder and then rebooted an the computer started like nothing was wrong. I'm tempted to call myself a dumbass and chalk it up to faulty settings, but then i go an check my settings , again, and there it is. Network drivers shouldnt reinstall themselves if the option to do so is disabled. Services arent supposed to start after they've been disabled. I know if I disable a dependency service then the service down the line just wont start. 

 I dont have access to the default trace path "C:\BVTBin\Tests\installpackage\csilogfile.log" . Not even visible, and folder options are set to show everything , hidden and system files. I can't trace, If i set any tasks to start at shutdown or boot time, if they are set with admin priveleges they wont run. I am admin on this computer and there are no other profiles ( I know this is a security concern and when , if, this current problem gets fixed then theres several security steps I plan on taking. Most of which I've only recently educated myself on.) 

I haven't installed the windows updates yet because from the past three reinstalls I've learned that this exacerbates the problems. I was waiting to get someone here on my thread before i did that. 

 There is also a problem of booting from a cd being hit and miss. I really feel crazy like i'm chasing a ghost but if you want i can take a screen capture video of the usb ports reinstalling themselves.

  In the folder path "C:\Users\JR\AppData\Local\ApllicationData" I am listed as having full permissions and SYSTEM is owner. Yet i cant view it, i get a warning saying i dont have permission to view it. I can provide other examples like that where the default permissions aren't correct and the permissions shown aren't in fact being followed. Other than setting the folder options to show hidden and system files i havent done nothing.

More in next post sorry i have to get off right now. Logs in next post also although they pick up nothing.



#6 bigrobifer

bigrobifer
  • Topic Starter

  • Members
  • 92 posts
  • OFFLINE
  •  
  • Local time:04:54 AM

Posted 19 July 2014 - 03:07 AM

aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-07-18 22:42:07
-----------------------------
22:42:07.300    OS Version: Windows x64 6.1.7601 Service Pack 1
22:42:07.300    Number of processors: 2 586 0x170A
22:42:07.300    ComputerName: JR-PC  UserName: JR
22:42:08.127    Initialize success
22:42:08.127    VM: initialized successfully
22:42:08.361    VM: Intel CPU virtualization not supported 
22:42:14.086    AVAST engine defs: 14071801
22:42:23.431    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
22:42:23.431    Disk 0 Vendor: TOSHIBA_MK3261GSYN MH000A Size: 305245MB BusType: 11
22:42:23.899    Disk 0 MBR read successfully
22:42:23.899    Disk 0 MBR scan
22:42:23.899    Disk 0 Windows 7 default MBR code
22:42:23.930    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
22:42:23.961    Disk 0 default boot code
22:42:23.992    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       205144 MB offset 206848
22:42:24.039    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        99998 MB offset 420341760
22:42:24.538    Disk 0 scanning C:\Windows\system32\drivers
22:42:46.909    Service scanning
22:43:00.122    Modules scanning
22:43:00.122    Disk 0 trace - called modules:
22:43:00.231    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys 
22:43:00.231    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800331c5d0]
22:43:00.247    3 CLASSPNP.SYS[fffff880019b543f] -> nt!IofCallDriver -> [0xfffffa8002f4a520]
22:43:00.247    5 ACPI.sys[fffff88000fa67a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8002dfa060]
22:43:00.699    AVAST engine scan C:\Windows
22:43:19.872    AVAST engine scan C:\Windows\system32
22:47:52.997    AVAST engine scan C:\Windows\system32\drivers
22:48:08.706    AVAST engine scan C:\Users\JR
22:50:24.333    AVAST engine scan C:\ProgramData
22:50:37.999    Scan finished successfully
22:50:55.705    Disk 0 MBR has been saved successfully to "C:\Users\JR\Desktop\MBR.dat"
22:50:55.705    The log file has been saved successfully to "C:\Users\JR\Desktop\aswMBR.txt"
 
 
 
 
And i can;t upload the tdsskiller in txt or zip.
 
 
19:59:21.0886 0x094c  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
19:59:23.0908 0x094c  ============================================================
19:59:23.0908 0x094c  Current date / time: 2014/07/18 19:59:23.0908
19:59:23.0908 0x094c  SystemInfo:
19:59:23.0908 0x094c  
19:59:23.0908 0x094c  OS Version: 6.1.7601 ServicePack: 1.0
19:59:23.0908 0x094c  Product type: Workstation
19:59:23.0908 0x094c  ComputerName: JR-PC
19:59:23.0908 0x094c  UserName: JR
19:59:23.0908 0x094c  Windows directory: C:\Windows
19:59:23.0908 0x094c  System windows directory: C:\Windows
19:59:23.0908 0x094c  Running under WOW64
19:59:23.0908 0x094c  Processor architecture: Intel x64
19:59:23.0908 0x094c  Number of processors: 2
19:59:23.0908 0x094c  Page size: 0x1000
19:59:23.0908 0x094c  Boot type: Normal boot
19:59:23.0908 0x094c  ============================================================
19:59:23.0908 0x094c  BG loaded
19:59:24.0108 0x094c  System UUID: {06EE8C4C-9ACB-2B13-6445-A06656C2F224}
19:59:24.0622 0x094c  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:59:24.0722 0x094c  ============================================================
19:59:24.0722 0x094c  \Device\Harddisk0\DR0:
19:59:24.0732 0x094c  MBR partitions:
19:59:24.0732 0x094c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:59:24.0732 0x094c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x190AC000
19:59:24.0732 0x094c  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x190DE800, BlocksNum 0xC34F000
19:59:24.0732 0x094c  ============================================================
19:59:24.0762 0x094c  C: <-> \Device\Harddisk0\DR0\Partition2
19:59:24.0832 0x094c  D: <-> \Device\Harddisk0\DR0\Partition3
19:59:24.0832 0x094c  ============================================================
19:59:24.0832 0x094c  Initialize success
19:59:24.0832 0x094c  ============================================================
19:59:26.0724 0x0b00  ============================================================
19:59:26.0724 0x0b00  Scan started
19:59:26.0724 0x0b00  Mode: Manual; 
19:59:26.0724 0x0b00  ============================================================
19:59:26.0724 0x0b00  KSN ping started
19:59:29.0538 0x0b00  KSN ping finished: true
19:59:32.0362 0x0b00  ================ Scan system memory ========================
19:59:32.0362 0x0b00  System memory - ok
19:59:32.0362 0x0b00  ================ Scan services =============================
19:59:32.0518 0x0b00  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
19:59:32.0518 0x0b00  1394ohci - ok
19:59:32.0565 0x0b00  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:59:32.0580 0x0b00  ACPI - ok
19:59:32.0580 0x0b00  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
19:59:32.0580 0x0b00  AcpiPmi - ok
19:59:32.0627 0x0b00  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
19:59:32.0627 0x0b00  adp94xx - ok
19:59:32.0658 0x0b00  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
19:59:32.0658 0x0b00  adpahci - ok
19:59:32.0674 0x0b00  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
19:59:32.0690 0x0b00  adpu320 - ok
19:59:32.0721 0x0b00  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:59:32.0721 0x0b00  AeLookupSvc - ok
19:59:32.0752 0x0b00  [ D31DC7A16DEA4A9BAF179F3D6FBDB38C, 532678D86E3E667F2E789C4873565E0B92C549A93F10802BB6D5B505CA3238CE ] AFD             C:\Windows\system32\drivers\afd.sys
19:59:32.0768 0x0b00  AFD - ok
19:59:32.0814 0x0b00  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
19:59:32.0814 0x0b00  agp440 - ok
19:59:32.0814 0x0b00  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
19:59:32.0814 0x0b00  ALG - ok
19:59:32.0830 0x0b00  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:59:32.0830 0x0b00  aliide - ok
19:59:32.0846 0x0b00  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
19:59:32.0846 0x0b00  amdide - ok
19:59:32.0846 0x0b00  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
19:59:32.0861 0x0b00  AmdK8 - ok
19:59:32.0861 0x0b00  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
19:59:32.0861 0x0b00  AmdPPM - ok
19:59:32.0877 0x0b00  [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
19:59:32.0877 0x0b00  amdsata - ok
19:59:32.0892 0x0b00  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
19:59:32.0892 0x0b00  amdsbs - ok
19:59:32.0908 0x0b00  [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
19:59:32.0908 0x0b00  amdxata - ok
19:59:32.0924 0x0b00  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
19:59:32.0924 0x0b00  AppID - ok
19:59:32.0939 0x0b00  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:59:32.0939 0x0b00  AppIDSvc - ok
19:59:32.0955 0x0b00  [ 3977D4A871CA0D4F2ED1E7DB46829731, 2AF1C3225994769C3FD25CD7E9603964B035576F25B0B6D91545566E0722FFAA ] Appinfo         C:\Windows\System32\appinfo.dll
19:59:32.0970 0x0b00  Appinfo - ok
19:59:32.0970 0x0b00  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
19:59:32.0970 0x0b00  arc - ok
19:59:32.0986 0x0b00  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
19:59:32.0986 0x0b00  arcsas - ok
19:59:33.0033 0x0b00  [ D95E64416A4A3ED6986E0F474DA934BD, DBB4A0DED0DABE1F8FF0DB8C0E9EC4EC906A85A45DC0AEC013A8744F9BF5D40E ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
19:59:33.0033 0x0b00  aswHwid - ok
19:59:33.0064 0x0b00  [ FF1E537A3632CBB9A0BF72B9FD0878D5, B26E6A1F6E6FA5280A12861EFAD44D8F49353F47B21843EBA73E149CF613DCBC ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
19:59:33.0064 0x0b00  aswMonFlt - ok
19:59:33.0095 0x0b00  [ A5757DE5F9C83AB40667A53D5126EA40, 58B72B1B126CF641188703CE82E26BEB0C41AD7587CFFCCCE9E3C64CC7AACC90 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
19:59:33.0095 0x0b00  aswRdr - ok
19:59:33.0111 0x0b00  [ 645D97385F3F284FB5604F9B970F4D24, 15A9D7F0F4C1062210E4E744A9069B8645177D19F35B8740D74022639DC05F2E ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
19:59:33.0111 0x0b00  aswRvrt - ok
19:59:33.0142 0x0b00  [ B8FDEDE963B82CFD23B3A53A3084666D, 3537E5B684FB6F0AA589A5FA7CD111E1744DF384AB1A266D4114100F104ED11B ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
19:59:33.0173 0x0b00  aswSnx - ok
19:59:33.0204 0x0b00  [ 0DEDC041DF594AEC2C3BD00417CFAF60, 0D3A8924503986546EE256D185225C0B080FDB6B0C8B0BED7516B07A7334371B ] aswSP           C:\Windows\system32\drivers\aswSP.sys
19:59:33.0220 0x0b00  aswSP - ok
19:59:33.0251 0x0b00  [ 48DED912CDE54FC0923B9858512366E1, 9B216B934408A7CB3CE2B41240B7EF01EAA3BC066211B784064FF8AC97A29B4E ] aswStm          C:\Windows\system32\drivers\aswStm.sys
19:59:33.0251 0x0b00  aswStm - ok
19:59:33.0282 0x0b00  [ 471A311745848B80339436688A8286E6, E51C57236CEC19AC38E85D115DB97875517D837811188AD2E53FA49055B53890 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
19:59:33.0282 0x0b00  aswVmm - ok
19:59:33.0314 0x0b00  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:59:33.0314 0x0b00  AsyncMac - ok
19:59:33.0345 0x0b00  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
19:59:33.0345 0x0b00  atapi - ok
19:59:33.0392 0x0b00  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:59:33.0407 0x0b00  AudioEndpointBuilder - ok
19:59:33.0438 0x0b00  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
19:59:33.0454 0x0b00  AudioSrv - ok
19:59:33.0516 0x0b00  [ 73F5C13B431915BAE35254B4E95DFB71, 393A045859382C44133C004598B1512048046BCC129FED2247A77FDBFCDB6DFF ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:59:33.0516 0x0b00  avast! Antivirus - ok
19:59:33.0548 0x0b00  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:59:33.0548 0x0b00  AxInstSV - ok
19:59:33.0579 0x0b00  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
19:59:33.0594 0x0b00  b06bdrv - ok
19:59:33.0641 0x0b00  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
19:59:33.0641 0x0b00  b57nd60a - ok
19:59:33.0672 0x0b00  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
19:59:33.0672 0x0b00  BDESVC - ok
19:59:33.0704 0x0b00  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:59:33.0704 0x0b00  Beep - ok
19:59:33.0766 0x0b00  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
19:59:33.0782 0x0b00  BFE - ok
19:59:33.0844 0x0b00  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
19:59:33.0875 0x0b00  BITS - ok
19:59:33.0891 0x0b00  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
19:59:33.0891 0x0b00  blbdrive - ok
19:59:33.0906 0x0b00  [ 91CE0D3DC57DD377E690A2D324022B08, 61874463956C0BCA5139522F34E974E5F638A092E0FD5C59DD30DE61D9AB8B0E ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:59:33.0906 0x0b00  bowser - ok
19:59:33.0922 0x0b00  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
19:59:33.0938 0x0b00  BrFiltLo - ok
19:59:33.0938 0x0b00  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
19:59:33.0938 0x0b00  BrFiltUp - ok
19:59:33.0953 0x0b00  [ 8EF0D5C41EC907751B8429162B1239ED, 9CC25F1F93FACA6F6CE23F78EB58590C39A2E3C8A3ACDF400E8A9DE0757EADAE ] Browser         C:\Windows\System32\browser.dll
19:59:33.0953 0x0b00  Browser - ok
19:59:33.0969 0x0b00  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
19:59:33.0969 0x0b00  Brserid - ok
19:59:33.0984 0x0b00  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
19:59:33.0984 0x0b00  BrSerWdm - ok
19:59:33.0984 0x0b00  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
19:59:34.0000 0x0b00  BrUsbMdm - ok
19:59:34.0000 0x0b00  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
19:59:34.0000 0x0b00  BrUsbSer - ok
19:59:34.0016 0x0b00  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
19:59:34.0016 0x0b00  BTHMODEM - ok
19:59:34.0031 0x0b00  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
19:59:34.0031 0x0b00  bthserv - ok
19:59:34.0062 0x0b00  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:59:34.0062 0x0b00  cdfs - ok
19:59:34.0094 0x0b00  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
19:59:34.0094 0x0b00  cdrom - ok
19:59:34.0125 0x0b00  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
19:59:34.0125 0x0b00  CertPropSvc - ok
19:59:34.0140 0x0b00  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
19:59:34.0140 0x0b00  circlass - ok
19:59:34.0172 0x0b00  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
19:59:34.0187 0x0b00  CLFS - ok
19:59:34.0234 0x0b00  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:59:34.0234 0x0b00  clr_optimization_v2.0.50727_32 - ok
19:59:34.0265 0x0b00  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:59:34.0281 0x0b00  clr_optimization_v2.0.50727_64 - ok
19:59:34.0328 0x0b00  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:59:34.0343 0x0b00  clr_optimization_v4.0.30319_32 - ok
19:59:34.0359 0x0b00  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:59:34.0359 0x0b00  clr_optimization_v4.0.30319_64 - ok
19:59:34.0390 0x0b00  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
19:59:34.0390 0x0b00  CmBatt - ok
19:59:34.0406 0x0b00  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:59:34.0406 0x0b00  cmdide - ok
19:59:34.0421 0x0b00  [ D5FEA92400F12412B3922087C09DA6A5, C8CD9215D26D3295FE487C96A4FC3F4C8AFED764AE9445D9858D7489823A8A2B ] CNG             C:\Windows\system32\Drivers\cng.sys
19:59:34.0437 0x0b00  CNG - ok
19:59:34.0452 0x0b00  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
19:59:34.0452 0x0b00  Compbatt - ok
19:59:34.0468 0x0b00  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
19:59:34.0468 0x0b00  CompositeBus - ok
19:59:34.0468 0x0b00  COMSysApp - ok
19:59:34.0484 0x0b00  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
19:59:34.0484 0x0b00  crcdisk - ok
19:59:34.0530 0x0b00  [ 15597883FBE9B056F276ADA3AD87D9AF, B347E0B11228E38313C59C8ED984253A8A1FF482ED137CF5F488C4AFD6B08857 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:59:34.0546 0x0b00  CryptSvc - ok
19:59:34.0577 0x0b00  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:59:34.0593 0x0b00  DcomLaunch - ok
19:59:34.0624 0x0b00  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
19:59:34.0624 0x0b00  defragsvc - ok
19:59:34.0655 0x0b00  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:59:34.0655 0x0b00  DfsC - ok
19:59:34.0671 0x0b00  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:59:34.0686 0x0b00  Dhcp - ok
19:59:34.0702 0x0b00  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
19:59:34.0702 0x0b00  discache - ok
19:59:34.0733 0x0b00  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
19:59:34.0733 0x0b00  Disk - ok
19:59:34.0764 0x0b00  [ CD55F5355D8F55D44C9F4ED875705BD6, 321C26E3CD9F376D30F05FBDF00E96399512ED705D867E8B14793D9CE69A1C1F ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:59:34.0780 0x0b00  Dnscache - ok
19:59:34.0796 0x0b00  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:59:34.0796 0x0b00  dot3svc - ok
19:59:34.0811 0x0b00  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
19:59:34.0811 0x0b00  DPS - ok
19:59:34.0842 0x0b00  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:59:34.0842 0x0b00  drmkaud - ok
19:59:34.0874 0x0b00  [ F5BEE30450E18E6B83A5012C100616FD, 44D0577D159FC2BDF4EAD1DC2C7FD14925D075225EF97608CAC52DEE405B08FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:59:34.0905 0x0b00  DXGKrnl - ok
19:59:34.0920 0x0b00  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
19:59:34.0920 0x0b00  EapHost - ok
19:59:35.0045 0x0b00  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
19:59:35.0139 0x0b00  ebdrv - ok
19:59:35.0170 0x0b00  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] EFS             C:\Windows\System32\lsass.exe
19:59:35.0170 0x0b00  EFS - ok
19:59:35.0232 0x0b00  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
19:59:35.0248 0x0b00  ehRecvr - ok
19:59:35.0279 0x0b00  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
19:59:35.0279 0x0b00  ehSched - ok
19:59:35.0326 0x0b00  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
19:59:35.0342 0x0b00  elxstor - ok
19:59:35.0357 0x0b00  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:59:35.0373 0x0b00  ErrDev - ok
19:59:35.0420 0x0b00  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
19:59:35.0435 0x0b00  EventSystem - ok
19:59:35.0466 0x0b00  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
19:59:35.0482 0x0b00  exfat - ok
19:59:35.0482 0x0b00  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:59:35.0498 0x0b00  fastfat - ok
19:59:35.0498 0x0b00  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
19:59:35.0498 0x0b00  fdc - ok
19:59:35.0529 0x0b00  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
19:59:35.0529 0x0b00  fdPHost - ok
19:59:35.0529 0x0b00  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:59:35.0529 0x0b00  FDResPub - ok
19:59:35.0544 0x0b00  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:59:35.0544 0x0b00  FileInfo - ok
19:59:35.0560 0x0b00  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:59:35.0560 0x0b00  Filetrace - ok
19:59:35.0560 0x0b00  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
19:59:35.0560 0x0b00  flpydisk - ok
19:59:35.0591 0x0b00  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:59:35.0591 0x0b00  FltMgr - ok
19:59:35.0638 0x0b00  [ B4447F606BB19FD8AD0BAFB59B90F5D9, 043E686029DE2710305852E3A416176E400F9FD5FB98E4F2A6F14C060FAABED5 ] FontCache       C:\Windows\system32\FntCache.dll
19:59:35.0669 0x0b00  FontCache - ok
19:59:35.0716 0x0b00  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:59:35.0732 0x0b00  FontCache3.0.0.0 - ok
19:59:35.0732 0x0b00  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
19:59:35.0732 0x0b00  FsDepends - ok
19:59:35.0747 0x0b00  [ E95EF8547DE20CF0603557C0CF7A9462, 55540B06B7B380CA2DA6EEE2D76C6CD6131ADB02B2D0B172A36536863A0C57B6 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:59:35.0747 0x0b00  Fs_Rec - ok
19:59:35.0778 0x0b00  [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:59:35.0778 0x0b00  fvevol - ok
19:59:35.0810 0x0b00  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
19:59:35.0810 0x0b00  gagp30kx - ok
19:59:35.0856 0x0b00  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
19:59:35.0872 0x0b00  gpsvc - ok
19:59:35.0950 0x0b00  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:59:35.0950 0x0b00  gupdate - ok
19:59:35.0966 0x0b00  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:59:35.0966 0x0b00  gupdatem - ok
19:59:35.0966 0x0b00  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
19:59:35.0966 0x0b00  hcw85cir - ok
19:59:36.0012 0x0b00  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:59:36.0012 0x0b00  HdAudAddService - ok
19:59:36.0059 0x0b00  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
19:59:36.0059 0x0b00  HDAudBus - ok
19:59:36.0075 0x0b00  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
19:59:36.0075 0x0b00  HidBatt - ok
19:59:36.0090 0x0b00  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
19:59:36.0090 0x0b00  HidBth - ok
19:59:36.0090 0x0b00  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
19:59:36.0090 0x0b00  HidIr - ok
19:59:36.0122 0x0b00  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
19:59:36.0122 0x0b00  hidserv - ok
19:59:36.0137 0x0b00  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
19:59:36.0137 0x0b00  HidUsb - ok
19:59:36.0168 0x0b00  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:59:36.0184 0x0b00  hkmsvc - ok
19:59:36.0200 0x0b00  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:59:36.0215 0x0b00  HomeGroupListener - ok
19:59:36.0246 0x0b00  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:59:36.0246 0x0b00  HomeGroupProvider - ok
19:59:36.0246 0x0b00  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:59:36.0262 0x0b00  HpSAMD - ok
19:59:36.0309 0x0b00  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:59:36.0324 0x0b00  HTTP - ok
19:59:36.0340 0x0b00  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:59:36.0340 0x0b00  hwpolicy - ok
19:59:36.0356 0x0b00  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
19:59:36.0356 0x0b00  i8042prt - ok
19:59:36.0387 0x0b00  [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
19:59:36.0402 0x0b00  iaStorV - ok
19:59:36.0465 0x0b00  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:59:36.0480 0x0b00  idsvc - ok
19:59:36.0699 0x0b00  [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
19:59:36.0824 0x0b00  igfx - ok
19:59:36.0902 0x0b00  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
19:59:36.0902 0x0b00  iirsp - ok
19:59:36.0964 0x0b00  [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT          C:\Windows\System32\ikeext.dll
19:59:36.0980 0x0b00  IKEEXT - ok
19:59:36.0995 0x0b00  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
19:59:36.0995 0x0b00  intelide - ok
19:59:37.0026 0x0b00  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
19:59:37.0026 0x0b00  intelppm - ok
19:59:37.0042 0x0b00  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
19:59:37.0042 0x0b00  IPBusEnum - ok
19:59:37.0058 0x0b00  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:59:37.0073 0x0b00  IpFilterDriver - ok
19:59:37.0089 0x0b00  [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:59:37.0104 0x0b00  iphlpsvc - ok
19:59:37.0104 0x0b00  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
19:59:37.0120 0x0b00  IPMIDRV - ok
19:59:37.0120 0x0b00  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
19:59:37.0136 0x0b00  IPNAT - ok
19:59:37.0136 0x0b00  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:59:37.0136 0x0b00  IRENUM - ok
19:59:37.0136 0x0b00  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:59:37.0151 0x0b00  isapnp - ok
19:59:37.0167 0x0b00  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
19:59:37.0167 0x0b00  iScsiPrt - ok
19:59:37.0182 0x0b00  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:59:37.0182 0x0b00  kbdclass - ok
19:59:37.0182 0x0b00  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
19:59:37.0198 0x0b00  kbdhid - ok
19:59:37.0214 0x0b00  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] KeyIso          C:\Windows\system32\lsass.exe
19:59:37.0214 0x0b00  KeyIso - ok
19:59:37.0229 0x0b00  [ CCD53B5BD33CE0C889E830D839C8B66E, 51B7556DA7DAA0BC75E00E53099776016A55FAA115D5A4E6830E12A0A0869C10 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:59:37.0229 0x0b00  KSecDD - ok
19:59:37.0245 0x0b00  [ 9FF918A261752C12639E8AD4208D2C2F, B60F7A730C92F2BF7E85A6CA14DD7671AEECEE154CEC83B1E23EF268C25C9E5E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
19:59:37.0245 0x0b00  KSecPkg - ok
19:59:37.0245 0x0b00  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
19:59:37.0260 0x0b00  ksthunk - ok
19:59:37.0292 0x0b00  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:59:37.0307 0x0b00  KtmRm - ok
19:59:37.0338 0x0b00  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:59:37.0338 0x0b00  LanmanServer - ok
19:59:37.0385 0x0b00  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:59:37.0416 0x0b00  LanmanWorkstation - ok
19:59:37.0448 0x0b00  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:59:37.0448 0x0b00  lltdio - ok
19:59:37.0494 0x0b00  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:59:37.0510 0x0b00  lltdsvc - ok
19:59:37.0526 0x0b00  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:59:37.0541 0x0b00  lmhosts - ok
19:59:37.0572 0x0b00  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
19:59:37.0588 0x0b00  LSI_FC - ok
19:59:37.0588 0x0b00  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
19:59:37.0604 0x0b00  LSI_SAS - ok
19:59:37.0604 0x0b00  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
19:59:37.0604 0x0b00  LSI_SAS2 - ok
19:59:37.0619 0x0b00  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
19:59:37.0619 0x0b00  LSI_SCSI - ok
19:59:37.0635 0x0b00  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
19:59:37.0635 0x0b00  luafv - ok
19:59:37.0666 0x0b00  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
19:59:37.0666 0x0b00  Mcx2Svc - ok
19:59:37.0666 0x0b00  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
19:59:37.0682 0x0b00  megasas - ok
19:59:37.0682 0x0b00  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
19:59:37.0697 0x0b00  MegaSR - ok
19:59:37.0728 0x0b00  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
19:59:37.0728 0x0b00  MMCSS - ok
19:59:37.0760 0x0b00  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
19:59:37.0760 0x0b00  Modem - ok
19:59:37.0775 0x0b00  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
19:59:37.0775 0x0b00  monitor - ok
19:59:37.0791 0x0b00  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:59:37.0791 0x0b00  mouclass - ok
19:59:37.0806 0x0b00  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\drivers\mouhid.sys
19:59:37.0806 0x0b00  mouhid - ok
19:59:37.0806 0x0b00  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:59:37.0822 0x0b00  mountmgr - ok
19:59:37.0822 0x0b00  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:59:37.0838 0x0b00  mpio - ok
19:59:37.0853 0x0b00  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:59:37.0853 0x0b00  mpsdrv - ok
19:59:37.0900 0x0b00  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:59:37.0916 0x0b00  MpsSvc - ok
19:59:37.0947 0x0b00  [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:59:37.0947 0x0b00  MRxDAV - ok
19:59:37.0978 0x0b00  [ FAF015B07E3A2874A790A39B7D2C579F, C614B0E80B38EBF7C670EEB833F5E476B33042097DA07206D6C5EE3E52B9A427 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:59:37.0994 0x0b00  mrxsmb - ok
19:59:38.0009 0x0b00  [ 08E2345DF129082BCDFFDC1440F9C00D, 2ADF69F49DF8C43D4440B6C8A62085C51518CA895A88D37264C60A0B4B1EC55F ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:59:38.0009 0x0b00  mrxsmb10 - ok
19:59:38.0025 0x0b00  [ 108D87409C5812EF47D81E22843E8C9D, CAE9B91B6BD1DF1552463BD63A06288F5D3E0B81B040BC1C7EC0C2A0119CCECA ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:59:38.0025 0x0b00  mrxsmb20 - ok
19:59:38.0025 0x0b00  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
19:59:38.0040 0x0b00  msahci - ok
19:59:38.0040 0x0b00  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
19:59:38.0056 0x0b00  msdsm - ok
19:59:38.0072 0x0b00  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
19:59:38.0072 0x0b00  MSDTC - ok
19:59:38.0087 0x0b00  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:59:38.0087 0x0b00  Msfs - ok
19:59:38.0118 0x0b00  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
19:59:38.0118 0x0b00  mshidkmdf - ok
19:59:38.0118 0x0b00  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:59:38.0118 0x0b00  msisadrv - ok
19:59:38.0165 0x0b00  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:59:38.0181 0x0b00  MSiSCSI - ok
19:59:38.0181 0x0b00  msiserver - ok
19:59:38.0196 0x0b00  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:59:38.0196 0x0b00  MSKSSRV - ok
19:59:38.0228 0x0b00  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:59:38.0228 0x0b00  MSPCLOCK - ok
19:59:38.0259 0x0b00  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:59:38.0259 0x0b00  MSPQM - ok
19:59:38.0274 0x0b00  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:59:38.0290 0x0b00  MsRPC - ok
19:59:38.0306 0x0b00  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
19:59:38.0306 0x0b00  mssmbios - ok
19:59:38.0321 0x0b00  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:59:38.0321 0x0b00  MSTEE - ok
19:59:38.0337 0x0b00  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
19:59:38.0352 0x0b00  MTConfig - ok
19:59:38.0352 0x0b00  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
19:59:38.0352 0x0b00  Mup - ok
19:59:38.0415 0x0b00  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
19:59:38.0430 0x0b00  napagent - ok
19:59:38.0477 0x0b00  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:59:38.0477 0x0b00  NativeWifiP - ok
19:59:38.0508 0x0b00  [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:59:38.0540 0x0b00  NDIS - ok
19:59:38.0555 0x0b00  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
19:59:38.0555 0x0b00  NdisCap - ok
19:59:38.0586 0x0b00  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:59:38.0586 0x0b00  NdisTapi - ok
19:59:38.0586 0x0b00  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:59:38.0586 0x0b00  Ndisuio - ok
19:59:38.0602 0x0b00  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:59:38.0602 0x0b00  NdisWan - ok
19:59:38.0618 0x0b00  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:59:38.0618 0x0b00  NDProxy - ok
19:59:38.0618 0x0b00  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:59:38.0633 0x0b00  NetBIOS - ok
19:59:38.0633 0x0b00  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
19:59:38.0649 0x0b00  NetBT - ok
19:59:38.0664 0x0b00  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] Netlogon        C:\Windows\system32\lsass.exe
19:59:38.0664 0x0b00  Netlogon - ok
19:59:38.0696 0x0b00  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
19:59:38.0711 0x0b00  Netman - ok
19:59:38.0727 0x0b00  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
19:59:38.0742 0x0b00  netprofm - ok
19:59:38.0774 0x0b00  [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:59:38.0774 0x0b00  NetTcpPortSharing - ok
19:59:38.0805 0x0b00  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
19:59:38.0820 0x0b00  nfrd960 - ok
19:59:38.0836 0x0b00  [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:59:38.0852 0x0b00  NlaSvc - ok
19:59:38.0867 0x0b00  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:59:38.0867 0x0b00  Npfs - ok
19:59:38.0898 0x0b00  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
19:59:38.0898 0x0b00  nsi - ok
19:59:38.0914 0x0b00  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:59:38.0914 0x0b00  nsiproxy - ok
19:59:38.0976 0x0b00  [ 05D78AA5CB5F3F5C31160BDB955D0B7C, E3CD3FAF52ED11A8FB96D667510F1EDCA49053705AA3A13F560F8F6EC995CA45 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:59:39.0008 0x0b00  Ntfs - ok
19:59:39.0023 0x0b00  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
19:59:39.0023 0x0b00  Null - ok
19:59:39.0039 0x0b00  [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:59:39.0054 0x0b00  nvraid - ok
19:59:39.0054 0x0b00  [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:59:39.0070 0x0b00  nvstor - ok
19:59:39.0086 0x0b00  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:59:39.0086 0x0b00  nv_agp - ok
19:59:39.0101 0x0b00  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:59:39.0101 0x0b00  ohci1394 - ok
19:59:39.0132 0x0b00  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:59:39.0148 0x0b00  p2pimsvc - ok
19:59:39.0179 0x0b00  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
19:59:39.0195 0x0b00  p2psvc - ok
19:59:39.0210 0x0b00  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
19:59:39.0210 0x0b00  Parport - ok
19:59:39.0226 0x0b00  [ 871EADAC56B0A4C6512BBE32753CCF79, F9FD9DBA55274BB72B897550988DCDFD0F2D9367BE641DFDE07D240052DDC180 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:59:39.0226 0x0b00  partmgr - ok
19:59:39.0242 0x0b00  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:59:39.0257 0x0b00  PcaSvc - ok
19:59:39.0288 0x0b00  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
19:59:39.0288 0x0b00  pci - ok
19:59:39.0288 0x0b00  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
19:59:39.0288 0x0b00  pciide - ok
19:59:39.0320 0x0b00  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
19:59:39.0335 0x0b00  pcmcia - ok
19:59:39.0335 0x0b00  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
19:59:39.0351 0x0b00  pcw - ok
19:59:39.0366 0x0b00  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:59:39.0382 0x0b00  PEAUTH - ok
19:59:39.0476 0x0b00  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
19:59:39.0476 0x0b00  PerfHost - ok
19:59:39.0538 0x0b00  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
19:59:39.0585 0x0b00  pla - ok
19:59:39.0632 0x0b00  [ B806E50427511BCF4AD8E8239C3E25FA, AB89B48ECCF90F701B314D18BE531CDA5ABE1636C17B994A5E4BE5AAC136B4E3 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:59:39.0647 0x0b00  PlugPlay - ok
19:59:39.0678 0x0b00  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
19:59:39.0678 0x0b00  PNRPAutoReg - ok
19:59:39.0710 0x0b00  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
19:59:39.0710 0x0b00  PNRPsvc - ok
19:59:39.0756 0x0b00  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:59:39.0772 0x0b00  PolicyAgent - ok
19:59:39.0788 0x0b00  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
19:59:39.0803 0x0b00  Power - ok
19:59:39.0834 0x0b00  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:59:39.0834 0x0b00  PptpMiniport - ok
19:59:39.0850 0x0b00  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
19:59:39.0850 0x0b00  Processor - ok
19:59:39.0881 0x0b00  [ 5C78838B4D166D1A27DB3A8A820C799A, BBF7E1D0B6754CF06BF3936671FDF5BF6E845CA5678D0940EA54E9212B539B7F ] ProfSvc         C:\Windows\system32\profsvc.dll
19:59:39.0897 0x0b00  ProfSvc - ok
19:59:39.0912 0x0b00  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] ProtectedStorage C:\Windows\system32\lsass.exe
19:59:39.0912 0x0b00  ProtectedStorage - ok
19:59:39.0944 0x0b00  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:59:39.0944 0x0b00  Psched - ok
19:59:39.0990 0x0b00  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
19:59:40.0037 0x0b00  ql2300 - ok
19:59:40.0053 0x0b00  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
19:59:40.0053 0x0b00  ql40xx - ok
19:59:40.0084 0x0b00  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
19:59:40.0100 0x0b00  QWAVE - ok
19:59:40.0115 0x0b00  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:59:40.0115 0x0b00  QWAVEdrv - ok
19:59:40.0115 0x0b00  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:59:40.0115 0x0b00  RasAcd - ok
19:59:40.0146 0x0b00  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
19:59:40.0146 0x0b00  RasAgileVpn - ok
19:59:40.0178 0x0b00  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
19:59:40.0178 0x0b00  RasAuto - ok
19:59:40.0193 0x0b00  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:59:40.0193 0x0b00  Rasl2tp - ok
19:59:40.0209 0x0b00  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
19:59:40.0224 0x0b00  RasMan - ok
19:59:40.0240 0x0b00  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:59:40.0240 0x0b00  RasPppoe - ok
19:59:40.0256 0x0b00  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:59:40.0256 0x0b00  RasSstp - ok
19:59:40.0271 0x0b00  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:59:40.0271 0x0b00  rdbss - ok
19:59:40.0302 0x0b00  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
19:59:40.0302 0x0b00  rdpbus - ok
19:59:40.0318 0x0b00  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:59:40.0318 0x0b00  RDPCDD - ok
19:59:40.0349 0x0b00  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:59:40.0349 0x0b00  RDPENCDD - ok
19:59:40.0380 0x0b00  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
19:59:40.0380 0x0b00  RDPREFMP - ok
19:59:40.0396 0x0b00  [ 15B66C206B5CB095BAB980553F38ED23, 3CA50786A8D3D6BAF145AFD22C1ED92C2EB39F5D6AF4F6B09B69610FDE0C5B24 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
19:59:40.0396 0x0b00  RDPWD - ok
19:59:40.0412 0x0b00  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:59:40.0427 0x0b00  rdyboost - ok
19:59:40.0458 0x0b00  [ EA569D48B2E755AF6D96F03F3335D98A, EED2DCDF187A69F36A38129C8A1E0D6FE0EBF9232DEAF68A116E9A26E40AB636 ] RealtekSE       C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlService.exe
19:59:40.0474 0x0b00  RealtekSE - ok
19:59:40.0490 0x0b00  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:59:40.0505 0x0b00  RemoteAccess - ok
19:59:40.0521 0x0b00  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:59:40.0536 0x0b00  RemoteRegistry - ok
19:59:40.0568 0x0b00  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:59:40.0583 0x0b00  RpcEptMapper - ok
19:59:40.0599 0x0b00  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
19:59:40.0599 0x0b00  RpcLocator - ok
19:59:40.0630 0x0b00  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
19:59:40.0646 0x0b00  RpcSs - ok
19:59:40.0677 0x0b00  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:59:40.0677 0x0b00  rspndr - ok
19:59:40.0739 0x0b00  [ 177963A6EEBAA9EF3B56A2DBE9D5D0FC, 908E71F2F2CB6595B2E14EF6BB526114CFFBBFCB1D6AB6672DE9917F4C515419 ] RTL8192Ce       C:\Windows\system32\DRIVERS\rtl8192Ce.sys
19:59:40.0755 0x0b00  RTL8192Ce - ok
19:59:40.0786 0x0b00  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] SamSs           C:\Windows\system32\lsass.exe
19:59:40.0786 0x0b00  SamSs - ok
19:59:40.0802 0x0b00  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:59:40.0802 0x0b00  sbp2port - ok
19:59:40.0833 0x0b00  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:59:40.0848 0x0b00  SCardSvr - ok
19:59:40.0880 0x0b00  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:59:40.0880 0x0b00  scfilter - ok
19:59:40.0926 0x0b00  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
19:59:40.0958 0x0b00  Schedule - ok
19:59:40.0989 0x0b00  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:59:40.0989 0x0b00  SCPolicySvc - ok
19:59:41.0020 0x0b00  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:59:41.0020 0x0b00  SDRSVC - ok
19:59:41.0036 0x0b00  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:59:41.0036 0x0b00  secdrv - ok
19:59:41.0067 0x0b00  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
19:59:41.0082 0x0b00  seclogon - ok
19:59:41.0098 0x0b00  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
19:59:41.0098 0x0b00  SENS - ok
19:59:41.0129 0x0b00  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:59:41.0129 0x0b00  SensrSvc - ok
19:59:41.0145 0x0b00  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
19:59:41.0160 0x0b00  Serenum - ok
19:59:41.0160 0x0b00  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
19:59:41.0160 0x0b00  Serial - ok
19:59:41.0192 0x0b00  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
19:59:41.0192 0x0b00  sermouse - ok
19:59:41.0223 0x0b00  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
19:59:41.0223 0x0b00  SessionEnv - ok
19:59:41.0238 0x0b00  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
19:59:41.0238 0x0b00  sffdisk - ok
19:59:41.0238 0x0b00  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:59:41.0238 0x0b00  sffp_mmc - ok
19:59:41.0254 0x0b00  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
19:59:41.0254 0x0b00  sffp_sd - ok
19:59:41.0254 0x0b00  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
19:59:41.0270 0x0b00  sfloppy - ok
19:59:41.0285 0x0b00  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:59:41.0301 0x0b00  SharedAccess - ok
19:59:41.0348 0x0b00  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:59:41.0348 0x0b00  ShellHWDetection - ok
19:59:41.0379 0x0b00  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
19:59:41.0379 0x0b00  SiSRaid2 - ok
19:59:41.0394 0x0b00  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
19:59:41.0394 0x0b00  SiSRaid4 - ok
19:59:41.0410 0x0b00  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
19:59:41.0426 0x0b00  Smb - ok
19:59:41.0441 0x0b00  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:59:41.0441 0x0b00  SNMPTRAP - ok
19:59:41.0457 0x0b00  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
19:59:41.0457 0x0b00  spldr - ok
19:59:41.0488 0x0b00  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler         C:\Windows\System32\spoolsv.exe
19:59:41.0504 0x0b00  Spooler - ok
19:59:41.0628 0x0b00  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
19:59:41.0722 0x0b00  sppsvc - ok
19:59:41.0738 0x0b00  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
19:59:41.0753 0x0b00  sppuinotify - ok
19:59:41.0800 0x0b00  [ 2098B8556D1CEC2ACA9A29CD479E3692, D5826407C64F18C16EB36E6F00787CFAFCD9B24B5BD8AD126AD01E6E4134966F ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:59:41.0816 0x0b00  srv - ok
19:59:41.0831 0x0b00  [ D0F73A42040F21F92FD314B42AC5C9E7, A021C4318C9CFA594305458B2643BB0C22DDE1F3D51C93C9F3E7F7AB75B31278 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:59:41.0847 0x0b00  srv2 - ok
19:59:41.0862 0x0b00  [ 2BA8F3250828CCDB4204ECF2C6F40B6A, 22C4FBF9A87C46E69C48B681FF733D68D9CB7B7D73FB14C8C2A06E9009F9860E ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:59:41.0862 0x0b00  srvnet - ok
19:59:41.0878 0x0b00  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:59:41.0894 0x0b00  SSDPSRV - ok
19:59:41.0909 0x0b00  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:59:41.0925 0x0b00  SstpSvc - ok
19:59:41.0925 0x0b00  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
19:59:41.0925 0x0b00  stexstor - ok
19:59:41.0972 0x0b00  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
19:59:42.0003 0x0b00  stisvc - ok
19:59:42.0003 0x0b00  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
19:59:42.0003 0x0b00  swenum - ok
19:59:42.0050 0x0b00  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
19:59:42.0065 0x0b00  swprv - ok
19:59:42.0128 0x0b00  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
19:59:42.0174 0x0b00  SysMain - ok
19:59:42.0206 0x0b00  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:59:42.0221 0x0b00  TabletInputService - ok
19:59:42.0237 0x0b00  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:59:42.0252 0x0b00  TapiSrv - ok
19:59:42.0268 0x0b00  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
19:59:42.0268 0x0b00  TBS - ok
19:59:42.0362 0x0b00  [ 509383E505C973ED7534A06B3D19688D, 520AE434CCE1D365A45B2035283A4AD915E98D28D06BD73822F6FF865C2AE7DF ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:59:42.0408 0x0b00  Tcpip - ok
19:59:42.0486 0x0b00  [ 509383E505C973ED7534A06B3D19688D, 520AE434CCE1D365A45B2035283A4AD915E98D28D06BD73822F6FF865C2AE7DF ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:59:42.0518 0x0b00  TCPIP6 - ok
19:59:42.0533 0x0b00  [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:59:42.0533 0x0b00  tcpipreg - ok
19:59:42.0580 0x0b00  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:59:42.0580 0x0b00  TDPIPE - ok
19:59:42.0580 0x0b00  [ E4245BDA3190A582D55ED09E137401A9, F59C983882997D68CC7B1B2080AEE9EBE2AE90D478F877559BD2AAA97158A116 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
19:59:42.0596 0x0b00  TDTCP - ok
19:59:42.0627 0x0b00  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:59:42.0627 0x0b00  tdx - ok
19:59:42.0627 0x0b00  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
19:59:42.0627 0x0b00  TermDD - ok
19:59:42.0674 0x0b00  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
19:59:42.0689 0x0b00  TermService - ok
19:59:42.0720 0x0b00  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
19:59:42.0720 0x0b00  Themes - ok
19:59:42.0736 0x0b00  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
19:59:42.0736 0x0b00  THREADORDER - ok
19:59:42.0752 0x0b00  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
19:59:42.0767 0x0b00  TrkWks - ok
19:59:42.0798 0x0b00  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:59:42.0814 0x0b00  TrustedInstaller - ok
19:59:42.0845 0x0b00  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30, CA302C2ED6A6BF4670BAAA4F5C14C0238CF0C80316856AA0DB053F4D593033AC ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:59:42.0845 0x0b00  tssecsrv - ok
19:59:42.0861 0x0b00  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:59:42.0861 0x0b00  TsUsbFlt - ok
19:59:42.0876 0x0b00  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
19:59:42.0876 0x0b00  TsUsbGD - ok
19:59:42.0892 0x0b00  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:59:42.0892 0x0b00  tunnel - ok
19:59:42.0908 0x0b00  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
19:59:42.0908 0x0b00  uagp35 - ok
19:59:42.0923 0x0b00  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:59:42.0939 0x0b00  udfs - ok
19:59:42.0970 0x0b00  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:59:42.0970 0x0b00  UI0Detect - ok
19:59:42.0986 0x0b00  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:59:42.0986 0x0b00  uliagpkx - ok
19:59:43.0017 0x0b00  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
19:59:43.0017 0x0b00  umbus - ok
19:59:43.0017 0x0b00  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
19:59:43.0017 0x0b00  UmPass - ok
19:59:43.0048 0x0b00  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
19:59:43.0064 0x0b00  upnphost - ok
19:59:43.0079 0x0b00  [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829, 5D6E404FE0AB875202CA1A3E8E9D2F4368DF6ACCFA1C872ECFAF8399CBA3A485 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
19:59:43.0079 0x0b00  usbccgp - ok
19:59:43.0095 0x0b00  [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:59:43.0095 0x0b00  usbcir - ok
19:59:43.0110 0x0b00  [ 74EE782B1D9C241EFE425565854C661C, E8258EA65B0FCAD4E077B176E9D9324646B652D6E651241E397346A39770D065 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
19:59:43.0110 0x0b00  usbehci - ok
19:59:43.0126 0x0b00  [ DC96BD9CCB8403251BCF25047573558E, 66EBF8A6B3BC0634F32DDCC8BA31F1EB5987E8C6853E1DC26005E3EED0945565 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:59:43.0142 0x0b00  usbhub - ok
19:59:43.0157 0x0b00  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
19:59:43.0157 0x0b00  usbohci - ok
19:59:43.0157 0x0b00  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
19:59:43.0157 0x0b00  usbprint - ok
19:59:43.0188 0x0b00  [ D76510CFA0FC09023077F22C2F979D86, 5662281C6D515423255D3C262EA368DBAFC250235E535FBFA3E59D3487695439 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
19:59:43.0204 0x0b00  USBSTOR - ok
19:59:43.0220 0x0b00  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
19:59:43.0220 0x0b00  usbuhci - ok
19:59:43.0235 0x0b00  [ 454800C2BC7F3927CE030141EE4F4C50, 10901E62DAA70657C499AD590DECCCA6E46FDDF4A193B2F19279E1B8ED7B1E44 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
19:59:43.0251 0x0b00  usbvideo - ok
19:59:43.0266 0x0b00  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
19:59:43.0282 0x0b00  UxSms - ok
19:59:43.0298 0x0b00  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] VaultSvc        C:\Windows\system32\lsass.exe
19:59:43.0313 0x0b00  VaultSvc - ok
19:59:43.0344 0x0b00  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:59:43.0344 0x0b00  vdrvroot - ok
19:59:43.0391 0x0b00  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
19:59:43.0422 0x0b00  vds - ok
19:59:43.0438 0x0b00  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
19:59:43.0438 0x0b00  vga - ok
19:59:43.0454 0x0b00  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
19:59:43.0454 0x0b00  VgaSave - ok
19:59:43.0469 0x0b00  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
19:59:43.0485 0x0b00  vhdmp - ok
19:59:43.0485 0x0b00  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
19:59:43.0485 0x0b00  viaide - ok
19:59:43.0500 0x0b00  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:59:43.0500 0x0b00  volmgr - ok
19:59:43.0516 0x0b00  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:59:43.0516 0x0b00  volmgrx - ok
19:59:43.0532 0x0b00  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:59:43.0547 0x0b00  volsnap - ok
19:59:43.0563 0x0b00  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
19:59:43.0563 0x0b00  vsmraid - ok
19:59:43.0641 0x0b00  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
19:59:43.0672 0x0b00  VSS - ok
19:59:43.0688 0x0b00  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
19:59:43.0703 0x0b00  vwifibus - ok
19:59:43.0719 0x0b00  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
19:59:43.0719 0x0b00  vwififlt - ok
19:59:43.0750 0x0b00  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
19:59:43.0766 0x0b00  W32Time - ok
19:59:43.0781 0x0b00  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
19:59:43.0781 0x0b00  WacomPen - ok
19:59:43.0812 0x0b00  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
19:59:43.0812 0x0b00  WANARP - ok
19:59:43.0828 0x0b00  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:59:43.0828 0x0b00  Wanarpv6 - ok
19:59:43.0890 0x0b00  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
19:59:43.0937 0x0b00  wbengine - ok
19:59:43.0937 0x0b00  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:59:43.0953 0x0b00  WbioSrvc - ok
19:59:43.0984 0x0b00  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:59:43.0984 0x0b00  wcncsvc - ok
19:59:44.0015 0x0b00  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:59:44.0015 0x0b00  WcsPlugInService - ok
19:59:44.0031 0x0b00  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
19:59:44.0031 0x0b00  Wd - ok
19:59:44.0062 0x0b00  [ 441BD2D7B4F98134C3A4F9FA570FD250, FF20815273014C5A27C2B75E2C70FE674809293627056199F502DFDF4CECFCA1 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:59:44.0078 0x0b00  Wdf01000 - ok
19:59:44.0093 0x0b00  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:59:44.0109 0x0b00  WdiServiceHost - ok
19:59:44.0109 0x0b00  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:59:44.0124 0x0b00  WdiSystemHost - ok
19:59:44.0140 0x0b00  [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient       C:\Windows\System32\webclnt.dll
19:59:44.0156 0x0b00  WebClient - ok
19:59:44.0171 0x0b00  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:59:44.0187 0x0b00  Wecsvc - ok
19:59:44.0202 0x0b00  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:59:44.0202 0x0b00  wercplsupport - ok
19:59:44.0218 0x0b00  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:59:44.0234 0x0b00  WerSvc - ok
19:59:44.0249 0x0b00  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
19:59:44.0249 0x0b00  WfpLwf - ok
19:59:44.0265 0x0b00  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:59:44.0265 0x0b00  WIMMount - ok
19:59:44.0280 0x0b00  WinDefend - ok
19:59:44.0280 0x0b00  WinHttpAutoProxySvc - ok
19:59:44.0343 0x0b00  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:59:44.0343 0x0b00  Winmgmt - ok
19:59:44.0530 0x0b00  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
19:59:44.0592 0x0b00  WinRM - ok
19:59:44.0670 0x0b00  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
19:59:44.0686 0x0b00  Wlansvc - ok
19:59:44.0717 0x0b00  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
19:59:44.0717 0x0b00  WmiAcpi - ok
19:59:44.0748 0x0b00  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:59:44.0748 0x0b00  wmiApSrv - ok
19:59:44.0780 0x0b00  WMPNetworkSvc - ok
19:59:44.0795 0x0b00  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:59:44.0811 0x0b00  WPCSvc - ok
19:59:44.0826 0x0b00  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:59:44.0842 0x0b00  WPDBusEnum - ok
19:59:44.0858 0x0b00  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:59:44.0858 0x0b00  ws2ifsl - ok
19:59:44.0873 0x0b00  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
19:59:44.0873 0x0b00  wscsvc - ok
19:59:44.0889 0x0b00  WSearch - ok
19:59:44.0998 0x0b00  [ 9DF12EDBC698B0BC353B3EF84861E430, 5777972DC6242096EE2D4DAEEFC822DE9077560322DED7B9696BB23B7C240403 ] wuauserv        C:\Windows\system32\wuaueng.dll
19:59:45.0060 0x0b00  wuauserv - ok
19:59:45.0076 0x0b00  [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:59:45.0076 0x0b00  WudfPf - ok
19:59:45.0107 0x0b00  [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:59:45.0107 0x0b00  wudfsvc - ok
19:59:45.0138 0x0b00  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
19:59:45.0154 0x0b00  WwanSvc - ok
19:59:45.0154 0x0b00  ================ Scan global ===============================
19:59:45.0185 0x0b00  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
19:59:45.0216 0x0b00  [ E0406AEF04B088D1C49FC78D0546F689, 7ADD4D1C174FAA5405BD94BAF104A5DD56BE00DBDC1ED9F069A95430A7B264AA ] C:\Windows\system32\winsrv.dll
19:59:45.0232 0x0b00  [ E0406AEF04B088D1C49FC78D0546F689, 7ADD4D1C174FAA5405BD94BAF104A5DD56BE00DBDC1ED9F069A95430A7B264AA ] C:\Windows\system32\winsrv.dll
19:59:45.0279 0x0b00  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
19:59:45.0326 0x0b00  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
19:59:45.0341 0x0b00  [ Global ] - ok
19:59:45.0341 0x0b00  ================ Scan MBR ==================================
19:59:45.0357 0x0b00  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:59:45.0700 0x0b00  \Device\Harddisk0\DR0 - ok
19:59:45.0700 0x0b00  ================ Scan VBR ==================================
19:59:45.0700 0x0b00  [ 093B6CA8F3CF2AF58C794265C6024111 ] \Device\Harddisk0\DR0\Partition1
19:59:45.0700 0x0b00  \Device\Harddisk0\DR0\Partition1 - ok
19:59:45.0700 0x0b00  [ 844E81EC7685E5535947C70FC247EDB8 ] \Device\Harddisk0\DR0\Partition2
19:59:45.0700 0x0b00  \Device\Harddisk0\DR0\Partition2 - ok
19:59:45.0716 0x0b00  [ 6767B760E56FA20F0950829F193AEEA6 ] \Device\Harddisk0\DR0\Partition3
19:59:45.0716 0x0b00  \Device\Harddisk0\DR0\Partition3 - ok
19:59:45.0716 0x0b00  ================ Scan active images ========================
19:59:45.0716 0x0b00  [ 3E588B60EC061686BA05D33574A344C6, 19D2D863F95CCC4493A2328B6BEB04248B6A80F957532E58C1D1D868C19FDCCB ] C:\Windows\System32\drivers\crashdmp.sys
19:59:45.0716 0x0b00  C:\Windows\System32\drivers\crashdmp.sys - ok
19:59:45.0731 0x0b00  [ 839B5FE3D48E9F35B22C21A3D5103F6C, A9CEA695E43092B72B0E988063E00A7C0BCE90095344E9A2F380218482BCE77F ] C:\Windows\System32\drivers\Dumpata.sys
19:59:45.0731 0x0b00  C:\Windows\System32\drivers\Dumpata.sys - ok
19:59:45.0731 0x0b00  [ 814DB88F2641691575A455CF25354098, 79C50F0CD72612733217A0316BEFEA0B6D819C3159D9452EAB89AC26A18A0F89 ] C:\Windows\System32\drivers\dumpfve.sys
19:59:45.0731 0x0b00  C:\Windows\System32\drivers\dumpfve.sys - ok
19:59:45.0731 0x0b00  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] C:\Windows\System32\drivers\msahci.sys
19:59:45.0731 0x0b00  C:\Windows\System32\drivers\msahci.sys - ok
19:59:45.0747 0x0b00  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] C:\Windows\System32\drivers\cdrom.sys
19:59:45.0747 0x0b00  C:\Windows\System32\drivers\cdrom.sys - ok
19:59:45.0747 0x0b00  [ B8FDEDE963B82CFD23B3A53A3084666D, 3537E5B684FB6F0AA589A5FA7CD111E1744DF384AB1A266D4114100F104ED11B ] C:\Windows\System32\drivers\aswSnx.sys
19:59:45.0747 0x0b00  C:\Windows\System32\drivers\aswSnx.sys - ok
19:59:45.0762 0x0b00  [ 0DEDC041DF594AEC2C3BD00417CFAF60, 0D3A8924503986546EE256D185225C0B080FDB6B0C8B0BED7516B07A7334371B ] C:\Windows\System32\drivers\aswsp.sys
19:59:45.0762 0x0b00  C:\Windows\System32\drivers\aswsp.sys - ok
19:59:45.0762 0x0b00  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] C:\Windows\System32\drivers\beep.sys
19:59:45.0762 0x0b00  C:\Windows\System32\drivers\beep.sys - ok
19:59:45.0778 0x0b00  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] C:\Windows\System32\drivers\null.sys
19:59:45.0778 0x0b00  C:\Windows\System32\drivers\null.sys - ok
19:59:45.0778 0x0b00  [ FC438D1430B28618E2D0C7C332A710AD, 873957B202E454E2C8F625E5799F278CAC16EC5EEAEE2C33E2FE5D1FF0408CB2 ] C:\Windows\System32\drivers\watchdog.sys
19:59:45.0778 0x0b00  C:\Windows\System32\drivers\watchdog.sys - ok
19:59:45.0778 0x0b00  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] C:\Windows\System32\drivers\RDPCDD.sys
19:59:45.0778 0x0b00  C:\Windows\System32\drivers\RDPCDD.sys - ok
19:59:45.0794 0x0b00  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] C:\Windows\System32\drivers\RDPENCDD.sys
19:59:45.0794 0x0b00  C:\Windows\System32\drivers\RDPENCDD.sys - ok
19:59:45.0794 0x0b00  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] C:\Windows\System32\drivers\RDPREFMP.sys
19:59:45.0794 0x0b00  C:\Windows\System32\drivers\RDPREFMP.sys - ok
19:59:45.0809 0x0b00  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] C:\Windows\System32\drivers\vga.sys
19:59:45.0809 0x0b00  C:\Windows\System32\drivers\vga.sys - ok
19:59:45.0809 0x0b00  [ E7353D59C9842BC7299FAEB7E7E09340, C37ED1025E07BAC2F535DCFED6C6C509515D95722EADE5AF94F1FC5D8B1DC783 ] C:\Windows\System32\drivers\videoprt.sys
19:59:45.0809 0x0b00  C:\Windows\System32\drivers\videoprt.sys - ok
19:59:45.0825 0x0b00  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] C:\Windows\System32\drivers\msfs.sys
19:59:45.0825 0x0b00  C:\Windows\System32\drivers\msfs.sys - ok
19:59:45.0825 0x0b00  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] C:\Windows\System32\drivers\npfs.sys
19:59:45.0825 0x0b00  C:\Windows\System32\drivers\npfs.sys - ok
19:59:45.0825 0x0b00  [ 6F020A220388ECA0AB6062DC27BD16B6, 48655230E482DEB7B4B50EF05818EBB29CA61E780AEFCD9D31B02DE4DF9D9540 ] C:\Windows\System32\drivers\tdi.sys
19:59:45.0825 0x0b00  C:\Windows\System32\drivers\tdi.sys - ok
19:59:45.0840 0x0b00  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] C:\Windows\System32\drivers\tdx.sys
19:59:45.0840 0x0b00  C:\Windows\System32\drivers\tdx.sys - ok
19:59:45.0840 0x0b00  [ D31DC7A16DEA4A9BAF179F3D6FBDB38C, 532678D86E3E667F2E789C4873565E0B92C549A93F10802BB6D5B505CA3238CE ] C:\Windows\System32\drivers\afd.sys
19:59:45.0840 0x0b00  C:\Windows\System32\drivers\afd.sys - ok
19:59:45.0856 0x0b00  [ A5757DE5F9C83AB40667A53D5126EA40, 58B72B1B126CF641188703CE82E26BEB0C41AD7587CFFCCCE9E3C64CC7AACC90 ] C:\Windows\System32\drivers\aswRdr2.sys
19:59:45.0856 0x0b00  C:\Windows\System32\drivers\aswRdr2.sys - ok
19:59:45.0856 0x0b00  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] C:\Windows\System32\drivers\netbt.sys
19:59:45.0856 0x0b00  C:\Windows\System32\drivers\netbt.sys - ok
19:59:45.0872 0x0b00  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] C:\Windows\System32\drivers\pacer.sys
19:59:45.0872 0x0b00  C:\Windows\System32\drivers\pacer.sys - ok
19:59:45.0872 0x0b00  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] C:\Windows\System32\drivers\vwififlt.sys
19:59:45.0872 0x0b00  C:\Windows\System32\drivers\vwififlt.sys - ok
19:59:45.0872 0x0b00  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] C:\Windows\System32\drivers\wfplwf.sys
19:59:45.0872 0x0b00  C:\Windows\System32\drivers\wfplwf.sys - ok
19:59:45.0887 0x0b00  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] C:\Windows\System32\drivers\netbios.sys
19:59:45.0887 0x0b00  C:\Windows\System32\drivers\netbios.sys - ok
19:59:45.0887 0x0b00  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] C:\Windows\System32\drivers\termdd.sys
19:59:45.0887 0x0b00  C:\Windows\System32\drivers\termdd.sys - ok
19:59:45.0903 0x0b00  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] C:\Windows\System32\drivers\wanarp.sys
19:59:45.0903 0x0b00  C:\Windows\System32\drivers\wanarp.sys - ok
19:59:45.0903 0x0b00  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] C:\Windows\System32\drivers\nsiproxy.sys
19:59:45.0903 0x0b00  C:\Windows\System32\drivers\nsiproxy.sys - ok
19:59:45.0903 0x0b00  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] C:\Windows\System32\drivers\rdbss.sys
19:59:45.0918 0x0b00  C:\Windows\System32\drivers\rdbss.sys - ok
19:59:45.0918 0x0b00  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] C:\Windows\System32\drivers\discache.sys
19:59:45.0918 0x0b00  C:\Windows\System32\drivers\discache.sys - ok
19:59:45.0918 0x0b00  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] C:\Windows\System32\drivers\mssmbios.sys
19:59:45.0918 0x0b00  C:\Windows\System32\drivers\mssmbios.sys - ok
19:59:45.0934 0x0b00  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] C:\Windows\System32\drivers\dfsc.sys
19:59:45.0934 0x0b00  C:\Windows\System32\drivers\dfsc.sys - ok
19:59:45.0934 0x0b00  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] C:\Windows\System32\drivers\blbdrive.sys
19:59:45.0934 0x0b00  C:\Windows\System32\drivers\blbdrive.sys - ok
19:59:45.0950 0x0b00  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] C:\Windows\System32\drivers\intelppm.sys
19:59:45.0950 0x0b00  C:\Windows\System32\drivers\intelppm.sys - ok
19:59:45.0950 0x0b00  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] C:\Windows\System32\drivers\tunnel.sys
19:59:45.0950 0x0b00  C:\Windows\System32\drivers\tunnel.sys - ok
19:59:45.0965 0x0b00  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] C:\Windows\System32\drivers\CmBatt.sys
19:59:45.0965 0x0b00  C:\Windows\System32\drivers\CmBatt.sys - ok
19:59:45.0965 0x0b00  [ 3556D5A8BF2CC508BDAB51DEC38D7C61, 91E3D98AD3119E8ADDF8D2AA1DD6795162842FFF7101E4C70C5137E847B4FF50 ] C:\Windows\System32\ntdll.dll
19:59:45.0965 0x0b00  C:\Windows\System32\ntdll.dll - ok
19:59:45.0965 0x0b00  [ 1911A3356FA3F77CCC825CCBAC038C2A, 6ED135B792C81D78B33A57F0F4770DB6105C9ED3E2193629CB3EC38BFD5B7E1B ] C:\Windows\System32\smss.exe
19:59:45.0965 0x0b00  C:\Windows\System32\smss.exe - ok
19:59:45.0981 0x0b00  [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] C:\Windows\System32\drivers\igdkmd64.sys
19:59:45.0981 0x0b00  C:\Windows\System32\drivers\igdkmd64.sys - ok
19:59:45.0981 0x0b00  [ F5BEE30450E18E6B83A5012C100616FD, 44D0577D159FC2BDF4EAD1DC2C7FD14925D075225EF97608CAC52DEE405B08FD ] C:\Windows\System32\drivers\dxgkrnl.sys
19:59:45.0981 0x0b00  C:\Windows\System32\drivers\dxgkrnl.sys - ok
19:59:45.0996 0x0b00  [ 9CD68BDDF322535C02ADC8331013D13D, B887338E0C1033C93C9F157C69D5C47B05C7B27A91C9481CA8B72BDD514E9651 ] C:\Windows\System32\drivers\dxgmms1.sys
19:59:45.0996 0x0b00  C:\Windows\System32\drivers\dxgmms1.sys - ok
19:59:45.0996 0x0b00  [ B6D64EE607637301FF8C33139B4950DE, E7FE3EC3DA3CABDBBE2C23BAA5FE3CD64DA01FF73B4B4C2F077224A607E688DD ] C:\Windows\System32\drivers\usbport.sys
19:59:45.0996 0x0b00  C:\Windows\System32\drivers\usbport.sys - ok
19:59:46.0012 0x0b00  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] C:\Windows\System32\drivers\hdaudbus.sys
19:59:46.0012 0x0b00  C:\Windows\System32\drivers\hdaudbus.sys - ok
19:59:46.0012 0x0b00  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] C:\Windows\System32\drivers\usbuhci.sys
19:59:46.0012 0x0b00  C:\Windows\System32\drivers\usbuhci.sys - ok
19:59:46.0012 0x0b00  [ 3B536A8BEC3B4F23FFDFD78B11A2AB93, 7BC847CE6C2D29C334F0D1600BBBDE3933FF45F6BEE5186F442E6270A3F9EC4E ] C:\Windows\System32\autochk.exe
19:59:46.0012 0x0b00  C:\Windows\System32\autochk.exe - ok
19:59:46.0028 0x0b00  [ 177963A6EEBAA9EF3B56A2DBE9D5D0FC, 908E71F2F2CB6595B2E14EF6BB526114CFFBBFCB1D6AB6672DE9917F4C515419 ] C:\Windows\System32\drivers\rtl8192ce.sys
19:59:46.0028 0x0b00  C:\Windows\System32\drivers\rtl8192ce.sys - ok
19:59:46.0028 0x0b00  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] C:\Windows\System32\drivers\vwifibus.sys
19:59:46.0028 0x0b00  C:\Windows\System32\drivers\vwifibus.sys - ok
19:59:46.0043 0x0b00  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] C:\Windows\System32\drivers\i8042prt.sys
19:59:46.0043 0x0b00  C:\Windows\System32\drivers\i8042prt.sys - ok
19:59:46.0043 0x0b00  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] C:\Windows\System32\drivers\kbdclass.sys
19:59:46.0043 0x0b00  C:\Windows\System32\drivers\kbdclass.sys - ok
19:59:46.0059 0x0b00  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] C:\Windows\System32\drivers\mouclass.sys
19:59:46.0059 0x0b00  C:\Windows\System32\drivers\mouclass.sys - ok
19:59:46.0059 0x0b00  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] C:\Windows\System32\drivers\agilevpn.sys
19:59:46.0059 0x0b00  C:\Windows\System32\drivers\agilevpn.sys - ok
19:59:46.0059 0x0b00  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] C:\Windows\System32\drivers\CompositeBus.sys
19:59:46.0059 0x0b00  C:\Windows\System32\drivers\CompositeBus.sys - ok
19:59:46.0074 0x0b00  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] C:\Windows\System32\drivers\rasl2tp.sys
19:59:46.0074 0x0b00  C:\Windows\System32\drivers\rasl2tp.sys - ok
19:59:46.0074 0x0b00  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] C:\Windows\System32\drivers\wmiacpi.sys
19:59:46.0074 0x0b00  C:\Windows\System32\drivers\wmiacpi.sys - ok
19:59:46.0090 0x0b00  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] C:\Windows\System32\drivers\ndistapi.sys
19:59:46.0090 0x0b00  C:\Windows\System32\drivers\ndistapi.sys - ok
19:59:46.0090 0x0b00  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] C:\Windows\System32\drivers\ndiswan.sys
19:59:46.0090 0x0b00  C:\Windows\System32\drivers\ndiswan.sys - ok
19:59:46.0106 0x0b00  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] C:\Windows\System32\drivers\raspppoe.sys
19:59:46.0106 0x0b00  C:\Windows\System32\drivers\raspppoe.sys - ok
19:59:46.0106 0x0b00  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] C:\Windows\System32\drivers\raspptp.sys
19:59:46.0106 0x0b00  C:\Windows\System32\drivers\raspptp.sys - ok
19:59:46.0121 0x0b00  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] C:\Windows\System32\drivers\rassstp.sys
19:59:46.0121 0x0b00  C:\Windows\System32\drivers\rassstp.sys - ok
19:59:46.0121 0x0b00  [ 24FBF5CC5C04150073C315A7C83521EE, 581BD5F15B5E57B3BAA762E421FFD859FDA46DDB8515C2A7AAFF208D784E906C ] C:\Windows\System32\drivers\ks.sys
19:59:46.0121 0x0b00  C:\Windows\System32\drivers\ks.sys - ok
19:59:46.0137 0x0b00  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] C:\Windows\System32\drivers\swenum.sys
19:59:46.0137 0x0b00  C:\Windows\System32\drivers\swenum.sys - ok
19:59:46.0137 0x0b00  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] C:\Windows\System32\drivers\umbus.sys
19:59:46.0137 0x0b00  C:\Windows\System32\drivers\umbus.sys - ok
19:59:46.0152 0x0b00  [ 1084AA52CCC324EA54C7121FA24C2221, 6E972CF624F7C0DE8190434B3B30279A01C551713109F97B9EBB77FAC9364754 ] C:\Windows\System32\gdi32.dll
19:59:46.0152 0x0b00  C:\Windows\System32\gdi32.dll - ok
19:59:46.0152 0x0b00  [ FE70103391A64039A921DBFFF9C7AB1B, F7D219D75037BC98F6C69143B00AB6000A31F8B5E211E0AF514F4F4B681522A0 ] C:\Windows\System32\user32.dll
19:59:46.0152 0x0b00  C:\Windows\System32\user32.dll - ok
19:59:46.0168 0x0b00  [ DC96BD9CCB8403251BCF25047573558E, 66EBF8A6B3BC0634F32DDCC8BA31F1EB5987E8C6853E1DC26005E3EED0945565 ] C:\Windows\System32\drivers\usbhub.sys
19:59:46.0168 0x0b00  C:\Windows\System32\drivers\usbhub.sys - ok
19:59:46.0168 0x0b00  [ 5D8E6C95156ED1F79A63D1EADE6F9ED5, 12130837D7F89A2C7E9D25747A8E5B9001E0A38D545178B49B450C23AE62664A ] C:\Windows\System32\setupapi.dll
19:59:46.0168 0x0b00  C:\Windows\System32\setupapi.dll - ok
19:59:46.0184 0x0b00  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] C:\Windows\System32\drivers\ndproxy.sys
19:59:46.0184 0x0b00  C:\Windows\System32\drivers\ndproxy.sys - ok
19:59:46.0184 0x0b00  [ B8509DCFCFD577F568BE4026BFD982C0, E3608E6DE15C400FA437349E7295FEF10A1A0213CA3B532A58964B8C89749110 ] C:\Windows\System32\imagehlp.dll
19:59:46.0184 0x0b00  C:\Windows\System32\imagehlp.dll - ok
19:59:46.0184 0x0b00  [ 25983DE69B57142039AC8D95E71CD9C9, A677DA7EBCBCB6073D27E8A38809F51E971E83ED379BC599AAAD6EF4216348DA ] C:\Windows\System32\clbcatq.dll
19:59:46.0184 0x0b00  C:\Windows\System32\clbcatq.dll - ok
19:59:46.0199 0x0b00  [ D202223587518B13D72D68937B7E3F70, 9DB971B866D058ADBB518DD99B87C5DB8DD1E7C9073755B989AE7E9FB62901E8 ] C:\Windows\System32\lpk.dll
19:59:46.0199 0x0b00  C:\Windows\System32\lpk.dll - ok
19:59:46.0199 0x0b00  [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65, 2A3EC01F3BAFE7D7D656886437F7FFECCE440C0D3F3467804769AB4BF1FF7A99 ] C:\Windows\System32\usp10.dll
19:59:46.0199 0x0b00  C:\Windows\System32\usp10.dll - ok
19:59:46.0215 0x0b00  [ 42F05F980F164E084DB65B2E8CD8430F, 0813749847B08F6577791D18AD9ECA6DFF5B41C2F727AB5EE9E5BF9602ED50CB ] C:\Windows\System32\oleaut32.dll
19:59:46.0215 0x0b00  C:\Windows\System32\oleaut32.dll - ok
19:59:46.0215 0x0b00  [ 7319BB10FA1F86E49E3DCF4136F6C957, 60DE43AB267FD41C9804369B569139ADD30ED4E295C425F44FC04D3FCC95FCA2 ] C:\Windows\System32\msvcrt.dll
19:59:46.0215 0x0b00  C:\Windows\System32\msvcrt.dll - ok
19:59:46.0230 0x0b00  [ 7A6326D96D53048FDEC542DF23D875A0, 182351570856CD6EEDD9DF7E2FB8AB76BD4D8FC70BE11AD5DE6484CFD70C21C6 ] C:\Windows\System32\kernel32.dll
19:59:46.0230 0x0b00  C:\Windows\System32\kernel32.dll - ok
19:59:46.0230 0x0b00  [ AA2C08CE85653B1A0D2E4AB407FA176C, 83DFD0C119B20AEDB07114C9D1CF9CE2DFA938D0F1070256B0591A9E2C3997FA ] C:\Windows\System32\imm32.dll
19:59:46.0230 0x0b00  C:\Windows\System32\imm32.dll - ok
19:59:46.0230 0x0b00  [ 5FADA8B707318E1BD63A7E2B81E6C8CB, 2590E88CAB52FCC1B24CB262D293131C6280A5F234E0C130E77AA8697EFA3B5F ] C:\Windows\System32\urlmon.dll
19:59:46.0230 0x0b00  C:\Windows\System32\urlmon.dll - ok
19:59:46.0246 0x0b00  [ 6DF46D2BD74E3DA1B45F08F10D172732, 2DC945F6F2C4A82189BC7DA2FCBB7D9A0E2588A909539249E55BA82468E0C677 ] C:\Windows\System32\advapi32.dll
19:59:46.0246 0x0b00  C:\Windows\System32\advapi32.dll - ok
19:59:46.0246 0x0b00  [ 0611473C1AD9E2D991CD9482068417F7, 90AFCC2A60350ECE27E75E76459132EF0FA28EF283CE88FCED4B82735A93ECDA ] C:\Windows\System32\rpcrt4.dll
19:59:46.0246 0x0b00  C:\Windows\System32\rpcrt4.dll - ok
19:59:46.0262 0x0b00  [ 9835E63E09F824D22B689D2BB789BAB9, 5BCFFAFB894D69FBCDDB91E64D30A356F4BD57098E8B4C51B98AFAF6581BDB63 ] C:\Windows\System32\comdlg32.dll
19:59:46.0262 0x0b00  C:\Windows\System32\comdlg32.dll - ok
19:59:46.0262 0x0b00  [ 5180380D353277D395D3B36D790AA93E, 89B894ECCF65704D00D30EA3BD45B184BFAB8345B779F9AE2BE66B9FC7226F72 ] C:\Windows\System32\iertutil.dll
19:59:46.0262 0x0b00  C:\Windows\System32\iertutil.dll - ok
19:59:46.0277 0x0b00  [ D87E1E59C73C1F98D5DED5B3850C40F5, 536419BFF9F877D4314B5D0C045D9A6E729489C389863FADF07E382050BC84FD ] C:\Windows\System32\psapi.dll
19:59:46.0277 0x0b00  C:\Windows\System32\psapi.dll - ok
19:59:46.0277 0x0b00  [ F6C5302E1F4813D552F41A0AC82455E5, E3EBF44621EFC6381BAAE0F0EFC13C356DCB6EE31BB258137EDB3CC3E18549B5 ] C:\Windows\System32\wininet.dll
19:59:46.0277 0x0b00  C:\Windows\System32\wininet.dll - ok
19:59:46.0277 0x0b00  [ 26E716ED95DC48CF6E5AC046089366AF, F686D557B7AC1688EFC7CB48311290D713D3DB2E9E61E947098A7C80E3A1B9E9 ] C:\Windows\System32\shell32.dll
19:59:46.0277 0x0b00  C:\Windows\System32\shell32.dll - ok
19:59:46.0293 0x0b00  [ 21D26064AEDB4988F785BB4A3A2C051E, F6FA2CA351B24DA19645EB542596C82F9A68D84CC7CCFE6F9FC15CE2CE4D1961 ] C:\Windows\System32\drivers\drmk.sys
19:59:46.0293 0x0b00  C:\Windows\System32\drivers\drmk.sys - ok
19:59:46.0293 0x0b00  [ 4E4FFB09D895AA000DD56D1404F69A7E, D999E04BB35780088480EAB322176570591A21E311D204BDCAB010A63B34D24C ] C:\Windows\System32\Wldap32.dll
19:59:46.0293 0x0b00  C:\Windows\System32\Wldap32.dll - ok
19:59:46.0308 0x0b00  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] C:\Windows\System32\drivers\HdAudio.sys
19:59:46.0308 0x0b00  C:\Windows\System32\drivers\HdAudio.sys - ok
19:59:46.0308 0x0b00  [ 32E11315B5126921FFD9074840EF13D3, FC7C0E1CC447FDD89C0FA5EBFD04CCEABFB27751AB57A7176F12BD0D35306E1C ] C:\Windows\System32\drivers\portcls.sys
19:59:46.0308 0x0b00  C:\Windows\System32\drivers\portcls.sys - ok
19:59:46.0324 0x0b00  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] C:\Windows\System32\drivers\ksthunk.sys
19:59:46.0324 0x0b00  C:\Windows\System32\drivers\ksthunk.sys - ok
19:59:46.0324 0x0b00  [ 6C60B5ACA7442EFB794082CDACFC001C, FC1D9124856A70FF232EF3057D66BEE803295847624CE23B4D0217F23AF52C75 ] C:\Windows\System32\ole32.dll
19:59:46.0324 0x0b00  C:\Windows\System32\ole32.dll - ok
19:59:46.0340 0x0b00  [ F7CE0C81C545364020ED8203CF0A633E, 24B47A7492B7048096AF87E26786E8108455ADBD1A374B6A0466DE008505B8A9 ] C:\Windows\System32\difxapi.dll
19:59:46.0340 0x0b00  C:\Windows\System32\difxapi.dll - ok
19:59:46.0340 0x0b00  [ 28C0B5024F5C5A438E78B188CFC81B7F, AB81FB63F2908CE316B45609077ACBD85F4B2AAD1606B1E9030F06DB82EDDFAD ] C:\Windows\System32\normaliz.dll
19:59:46.0340 0x0b00  C:\Windows\System32\normaliz.dll - ok
19:59:46.0340 0x0b00  [ 83404DCBCE4925B6A5A77C5170F46D86, D669614D0B4461DB244AD99FBE1BA92CEB9B4ED5EC8E987E23764E77D9AC7074 ] C:\Windows\System32\sechost.dll
19:59:46.0340 0x0b00  C:\Windows\System32\sechost.dll - ok
19:59:46.0355 0x0b00  [ 4BBFA57F594F7E8A8EDC8F377184C3F0, 9F3AC5DEA5A6250C3DBB97AF79C81C0A48429486521F807355A1D7D3D861B75F ] C:\Windows\System32\ws2_32.dll
19:59:46.0355 0x0b00  C:\Windows\System32\ws2_32.dll - ok
19:59:46.0355 0x0b00  [ EAF32CB8C1F810E4715B4DFBE785C7FF, DB6AD07FDED42433E669508AB73FAFF6DAFF04575D6F1D016FE3EB6ECEC4DD5D ] C:\Windows\System32\shlwapi.dll
19:59:46.0355 0x0b00  C:\Windows\System32\shlwapi.dll - ok
19:59:46.0371 0x0b00  [ C431EAF5CAA1C82CAC2534A2EAB348A3, ADDF850128DC675E67FABA9A3D0D27E684F01F733962CA22927BB94503549E44 ] C:\Windows\System32\msctf.dll
19:59:46.0371 0x0b00  C:\Windows\System32\msctf.dll - ok
19:59:46.0371 0x0b00  [ 044FE45FFD6AD40E3BBBE60B7F41BABE, A1688A5E6E0F7037C850699462C2655006A7D873C97F9AB406C59D81749B6F09 ] C:\Windows\System32\nsi.dll
19:59:46.0371 0x0b00  C:\Windows\System32\nsi.dll - ok
19:59:46.0386 0x0b00  [ 14DFDEAF4E589ED3F1FF187A86B9408C, 86D383D5B90A86556521C62C50F7BE0306FCD24FD86A8A37E8320FAE948531EB ] C:\Windows\System32\comctl32.dll
19:59:46.0386 0x0b00  C:\Windows\System32\comctl32.dll - ok
19:59:46.0386 0x0b00  [ DA68C291B4EF2DEC9C5963266BCAE454, 21AA4779FC21E762178517268C95467238C92851AD9160BFFC36B2379C58337F ] C:\Windows\System32\KernelBase.dll
19:59:46.0386 0x0b00  C:\Windows\System32\KernelBase.dll - ok
19:59:46.0402 0x0b00  [ 2477A28081BDAEE622CF045ACF8EE124, 00A09CAF9129E84FEEA98FA03CE9012C9F961B64FEE15C4F268822C0F82ACC3C ] C:\Windows\System32\cfgmgr32.dll
19:59:46.0402 0x0b00  C:\Windows\System32\cfgmgr32.dll - ok
19:59:46.0402 0x0b00  [ 06FEC9E8117103BB1141A560E98077DA, C5E61B11DDBBBBBA3D9488970524F0975EA5FBDF16E2FA31F579F8BFA48353B1 ] C:\Windows\System32\devobj.dll
19:59:46.0402 0x0b00  C:\Windows\System32\devobj.dll - ok
19:59:46.0418 0x0b00  [ EB3F9C2DE1236B5D46B2291D82970E43, 8A43D335F3D573BED98AF54BB51E82546C2ACC025DA8A48D801213EB14E9D5D4 ] C:\Windows\System32\wintrust.dll
19:59:46.0418 0x0b00  C:\Windows\System32\wintrust.dll - ok
19:59:46.0418 0x0b00  [ 3F9F2AFA135F0663946A006DD5FFD897, 276D1C9C78C529625C2EF3D77079324628686EA184767971901A1DE93681C133 ] C:\Windows\System32\crypt32.dll
19:59:46.0418 0x0b00  C:\Windows\System32\crypt32.dll - ok
19:59:46.0433 0x0b00  [ 884415BD4269C02EAF8E2613BF85500D, EFE771709EC942694FD206AC8D0A48ED7DCD35036F074268E4AECD68AC982CEA ] C:\Windows\System32\msasn1.dll
19:59:46.0433 0x0b00  C:\Windows\System32\msasn1.dll - ok
19:59:46.0433 0x0b00  [ 9C278785347BCC991F8EA2999D90F58D, EA680C3642A6ABF627415AEE019956FAC702DC6A8F4B4D0FC8A4FB21EADD3896 ] C:\Windows\SysWOW64\normaliz.dll
19:59:46.0433 0x0b00  C:\Windows\SysWOW64\normaliz.dll - ok
19:59:46.0449 0x0b00  [ BF24D6F2ED97FE830BFD52B246F98E67, 6BBF4C4221A245462EF653798F6B416EEB12594AD1CB4E8BC8908A8CB2F53384 ] C:\Windows\System32\drivers\dxapi.sys
19:59:46.0449 0x0b00  C:\Windows\System32\drivers\dxapi.sys - ok
19:59:46.0449 0x0b00  [ A89392A32BA98468710FD7E38318934B, 20ADA396709E694B47976A269FE0C1C640192EED9E39EC288157AEFFA8E9AD4B ] C:\Windows\System32\win32k.sys
19:59:46.0449 0x0b00  C:\Windows\System32\win32k.sys - ok
19:59:46.0464 0x0b00  [ 0D7598360DF6C8637E6D678C20B5C47C, 0EC86D578C0B1703B89C24AE0FEE2CD91DD869BD4A97949A4B29AE57D490F890 ] C:\Windows\System32\csrsrv.dll
19:59:46.0464 0x0b00  C:\Windows\System32\csrsrv.dll - ok
19:59:46.0464 0x0b00  [ 60C2862B4BF0FD9F582EF344C2B1EC72, CB1C6018FC5C15483AC5BB96E5C2E2E115BB0C0E1314837D77201BAB37E8C03A ] C:\Windows\System32\csrss.exe
19:59:46.0464 0x0b00  C:\Windows\System32\csrss.exe - ok
19:59:46.0480 0x0b00  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\System32\basesrv.dll
19:59:46.0480 0x0b00  C:\Windows\System32\basesrv.dll - ok
19:59:46.0480 0x0b00  [ E0406AEF04B088D1C49FC78D0546F689, 7ADD4D1C174FAA5405BD94BAF104A5DD56BE00DBDC1ED9F069A95430A7B264AA ] C:\Windows\System32\winsrv.dll
19:59:46.0480 0x0b00  C:\Windows\System32\winsrv.dll - ok
19:59:46.0480 0x0b00  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] C:\Windows\System32\drivers\monitor.sys
19:59:46.0480 0x0b00  C:\Windows\System32\drivers\monitor.sys - ok
19:59:46.0496 0x0b00  [ F29FE765E1448EF371CFE05BFAC74ADB, F251581222D78543272FD4B14A6A59F4B0E0CC44A5FCBCF56DE4CA5783F78A75 ] C:\Windows\System32\tsddd.dll
19:59:46.0496 0x0b00  C:\Windows\System32\tsddd.dll - ok
19:59:46.0496 0x0b00  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\System32\sxssrv.dll
19:59:46.0496 0x0b00  C:\Windows\System32\sxssrv.dll - ok
19:59:46.0511 0x0b00  [ 94355C28C1970635A31B3FE52EB7CEBA, C4E98F07170CEC69CACDD5CEDB8927E48A2A299CB1B8CDA87526E768AF6174F0 ] C:\Windows\System32\wininit.exe
19:59:46.0511 0x0b00  C:\Windows\System32\wininit.exe - ok
19:59:46.0511 0x0b00  [ 05569A79BF4693670B709144382D02D4, 3B13C569EE4FBC63C6989A7A12A50DCCC945FAB26C6E659DEB0614640E8F40C3 ] C:\Windows\System32\cdd.dll
19:59:46.0511 0x0b00  C:\Windows\System32\cdd.dll - ok
19:59:46.0527 0x0b00  [ 2C942733A5983DD4502219FF37C7EBC7, 34B20B6B0D7274E4B5B783F1D2345BC3DD9888964D5C2C65712F041A00CF5B45 ] C:\Windows\System32\profapi.dll
19:59:46.0527 0x0b00  C:\Windows\System32\profapi.dll - ok
19:59:46.0527 0x0b00  [ C2A8CB1275ECB85D246A9ECC02A728E3, 3603FADCA0060BD201148F9D59E4E2627F024609A6463AB525B5D1AD17BDCD10 ] C:\Windows\System32\RpcRtRemote.dll
19:59:46.0527 0x0b00  C:\Windows\System32\RpcRtRemote.dll - ok
19:59:46.0542 0x0b00  [ 78523A26F5604C0568FE9D1CE86E36F4, 534A7228BF69719106F581616A32EAEF0B770DDB36DCE94F84E7D52FDB1382B5 ] C:\Windows\System32\KBDUS.DLL
19:59:46.0542 0x0b00  C:\Windows\System32\KBDUS.DLL - ok
19:59:46.0542 0x0b00  [ B26B1801356760841C3BC69F9F91537F, 83B9DF333E36C09E81D44E12AE5BE14650126FDA0CF4A0EA853BF40C5780EF81 ] C:\Windows\System32\WlS0WndH.dll
19:59:46.0542 0x0b00  C:\Windows\System32\WlS0WndH.dll - ok
19:59:46.0542 0x0b00  [ 9CEAD32E79A62150FE9F8557E58E008B, AFE4C1725EE94D7DE0749AE1495A4E5CC33C369F29B2A589DA66FFE27FF9777E ] C:\Windows\System32\sxs.dll
19:59:46.0542 0x0b00  C:\Windows\System32\sxs.dll - ok
19:59:46.0558 0x0b00  [ 1151B1BAA6F350B1DB6598E0FEA7C457, B1506E0A7E826EFF0F5252EF5026070C46E2235438403A9A24D73EE69C0B8A49 ] C:\Windows\System32\winlogon.exe
19:59:46.0558 0x0b00  C:\Windows\System32\winlogon.exe - ok
19:59:46.0558 0x0b00  [ 784FA3DF338E2E8F5F0389D6FAC428AF, 9C8AA0CFDEB9E38AAF8EB08626070E0F0364F4F8A793CFE3532EC6C007980C34 ] C:\Windows\System32\cryptbase.dll
19:59:46.0558 0x0b00  C:\Windows\System32\cryptbase.dll - ok
19:59:46.0558 0x0b00  [ 0D9764D58C5EFD672B7184854B152E5E, 9827B43DABBEC39AB2E2294408D9C5304EF27A684903C5234C6070387723D49E ] C:\Windows\System32\winsta.dll
19:59:46.0558 0x0b00  C:\Windows\System32\winsta.dll - ok
19:59:46.0574 0x0b00  [ 90499F3163A9F815CF196A205EA3CD5D, 29B4ED3795CEC1177EB367132914CE21C194CDEC5DB9DC923FD928C85E94D821 ] C:\Windows\System32\apphelp.dll
19:59:46.0574 0x0b00  C:\Windows\System32\apphelp.dll - ok
19:59:46.0574 0x0b00  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] C:\Windows\System32\lsass.exe
19:59:46.0574 0x0b00  C:\Windows\System32\lsass.exe - ok
19:59:46.0589 0x0b00  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\System32\services.exe
19:59:46.0589 0x0b00  C:\Windows\System32\services.exe - ok
19:59:46.0589 0x0b00  [ D8A79180614C14F87DA1038FFEB56F71, 60142DC3795FC7C7F24D1742A9475F67416695CA7EB1A64C57E42367AC0998E3 ] C:\Windows\System32\sspisrv.dll
19:59:46.0589 0x0b00  C:\Windows\System32\sspisrv.dll - ok
19:59:46.0605 0x0b00  [ E914A50A151DFFE63D3935226DB5E2C1, 7DCCE4060344E1C771679F1C20378A0BEB3C1F06DB684072F07B98921A62A299 ] C:\Windows\System32\scext.dll
19:59:46.0605 0x0b00  C:\Windows\System32\scext.dll - ok
19:59:46.0605 0x0b00  [ 858DF0795CB5B4BACE0F33708925A414, A9063AF8D5C73A722BD269D144D8A65C98DB4CFDD9F626E3A8283754E22C8C9C ] C:\Windows\System32\secur32.dll
19:59:46.0605 0x0b00  C:\Windows\System32\secur32.dll - ok
19:59:46.0620 0x0b00  [ 2A86E54B441AD41557F75DC5609B9793, 8FEDE6909413C0FA5B63D58D39AFFD0F6C3BEEAF19B7B2F8674913ABFD79A912 ] C:\Windows\System32\sspicli.dll
19:59:46.0620 0x0b00  C:\Windows\System32\sspicli.dll - ok
19:59:46.0620 0x0b00  [ 9662EE182644511439F1C53745DC1C88, D205B2C163E78AB42A5D67D7664EF6B75EA0374FF0924467D624F9DB0611F0AD ] C:\Windows\System32\lsm.exe
19:59:46.0620 0x0b00  C:\Windows\System32\lsm.exe - ok
19:59:46.0636 0x0b00  [ 68083118797CAF30FB2EA3E71494D67E, 5F1BCDFCB00A20CD60CBC70A2FD97405EF0F7173DD0E404BBA7B06D39DB37364 ] C:\Windows\System32\sysntfy.dll
19:59:46.0636 0x0b00  C:\Windows\System32\sysntfy.dll - ok
19:59:46.0636 0x0b00  [ 9F84806B3991D338FFDFC4ECF86A6923, 642FF3B8EE8BD6597AABE74E106A65F0C5551786CEB18BC69946F9608B5CAF64 ] C:\Windows\System32\lsasrv.dll
19:59:46.0636 0x0b00  C:\Windows\System32\lsasrv.dll - ok
19:59:46.0652 0x0b00  [ A744BA6E04C8AA4592818178DBF89521, 9E7C85D842DF16F9B8FED7B06AF309B5ECCBFD465F5552347D4C3F1FEFDC6F7A ] C:\Windows\System32\samsrv.dll
19:59:46.0652 0x0b00  C:\Windows\System32\samsrv.dll - ok
19:59:46.0652 0x0b00  [ 3A061472B38233BAFF9CFEFF2E49C46B, DF29B14C8D22A8A16AA336A09A6152E2C7FCA6CAF4E76F0C5DCB55BEF9D00515 ] C:\Windows\System32\cryptdll.dll
19:59:46.0652 0x0b00  C:\Windows\System32\cryptdll.dll - ok
19:59:46.0667 0x0b00  [ BBCDF350817BA86416C0F06B6981BE8D, D064438F97852B9BD6015C8B19377C61C671E0969E09506B8359FE7B1F373A61 ] C:\Windows\System32\scesrv.dll
19:59:46.0667 0x0b00  C:\Windows\System32\scesrv.dll - ok
19:59:46.0667 0x0b00  [ DEE7267C5D232A3B816866872CE199E6, A1994FD37667C52E7CBF873514C190DA61A3D1349786D187BFAE0006F61799AE ] C:\Windows\System32\wmsgapi.dll
19:59:46.0667 0x0b00  C:\Windows\System32\wmsgapi.dll - ok
19:59:46.0683 0x0b00  [ 3A9C9BAF610B0DD4967086040B3B62A9, E8E9A0F42B1EE7806EDCEED08AA024D037215D06CA317E3678BD5364AD513D23 ] C:\Windows\System32\srvcli.dll
19:59:46.0683 0x0b00  C:\Windows\System32\srvcli.dll - ok
19:59:46.0683 0x0b00  [ 3C073B0C596A0AF84933E7406766B040, 4698BBA678F553E15AD4B07AD7FB236281F872DEFEE97BFD637114476C8F97B3 ] C:\Windows\System32\wevtapi.dll
19:59:46.0683 0x0b00  C:\Windows\System32\wevtapi.dll - ok
19:59:46.0698 0x0b00  [ 7FBEBD2229EA5FD48D41B199EC2D541C, A465975D445A8D50CAF3EF29BD33354B320D11173C127BE30D5EBBFF7008CDCE ] C:\Windows\System32\authz.dll
19:59:46.0698 0x0b00  C:\Windows\System32\authz.dll - ok
19:59:46.0698 0x0b00  [ 86FE1B1F8FD42CD0DB641AB1CDB13093, 8C4BB4415105CE82FFFE658879EAE9D259A24C0F6DFC7D25507352DC99241BE2 ] C:\Windows\System32\cngaudit.dll
19:59:46.0698 0x0b00  C:\Windows\System32\cngaudit.dll - ok
19:59:46.0714 0x0b00  [ 2E8C52A0EC788D90FA35D9507D828771, DD5AAA10E075F209D9827C7A192AD5645D1156C149DB9B5AC1EF7B5E0B5F11DE ] C:\Windows\System32\ncrypt.dll
19:59:46.0714 0x0b00  C:\Windows\System32\ncrypt.dll - ok
19:59:46.0714 0x0b00  [ B9A95365E52F421A20E1501935FADDA5, DDB4CB575139233EFAF2C59B7E9B04AF36BBCCC63190181F3B2A7E6BFC86E77E ] C:\Windows\System32\bcrypt.dll
19:59:46.0714 0x0b00  C:\Windows\System32\bcrypt.dll - ok
19:59:46.0730 0x0b00  [ 02B64609F865A39365FF88580DF11738, 2F676B93898E1B6131AF6227BB7AB731EB9C29477F9BD4C2C60F0FC1E35CD968 ] C:\Windows\System32\msprivs.dll
19:59:46.0730 0x0b00  C:\Windows\System32\msprivs.dll - ok
19:59:46.0730 0x0b00  [ C6505DE3561537BA1004D638C2F93F2F, 3E4FDF374B1A9E43A8F61FD2D79E0515390ECABFDAF72C4BD44A7B6429039AF6 ] C:\Windows\System32\netjoin.dll
19:59:46.0730 0x0b00  C:\Windows\System32\netjoin.dll - ok
19:59:46.0745 0x0b00  [ 50532FCD7ECF02DD169CE5C485F02534, 8EE5D9D0EA53DC72BCC300692E521ACADD56AB09BFA3E78149D8B5A90648512C ] C:\Windows\System32\negoexts.dll
19:59:46.0745 0x0b00  C:\Windows\System32\negoexts.dll - ok
19:59:46.0745 0x0b00  [ 65D57212965A93FE78E41E3998BB97AD, A44EAED256EA8F39C28D7019AF2C1FB20C0A63EFE03C9A069CFA730E787FB179 ] C:\Windows\System32\kerberos.dll
19:59:46.0745 0x0b00  C:\Windows\System32\kerberos.dll - ok
19:59:46.0745 0x0b00  [ D0C2FBB6D97416B0166478FC7AE2B212, 7EAB6C37F0A845E645CA44CC060AC6C56E386C7EF7A64716C6786C9602AD8C9D ] C:\Windows\System32\cryptsp.dll
19:59:46.0745 0x0b00  C:\Windows\System32\cryptsp.dll - ok
19:59:46.0761 0x0b00  [ 1D5185A4C7E6695431AE4B55C3D7D333, 16F3906C54F1D71559836FDFCF4E83E7C9F454463D78FD577AD2D7022E0BCB51 ] C:\Windows\System32\mswsock.dll
19:59:46.0761 0x0b00  C:\Windows\System32\mswsock.dll - ok
19:59:46.0761 0x0b00  [ EF12B8385AA2849999008A977918F96B, ADEF9F5D2B0C2A30CB1B395C774E7FE75437135A09D3D4E6F97EE8656CE139B4 ] C:\Windows\System32\msv1_0.dll
19:59:46.0761 0x0b00  C:\Windows\System32\msv1_0.dll - ok
19:59:46.0776 0x0b00  [ EC7CBFF96B05ECF3D366355B3C64ADCF, F69ED45EBEDCA9CF000AC03281F0EC2C351F98513FBA90E63394E4E561D6C7A2 ] C:\Windows\System32\wship6.dll
19:59:46.0776 0x0b00  C:\Windows\System32\wship6.dll - ok
19:59:46.0776 0x0b00  [ AA339DD8BB128EF66660DFBBB59043D3, 76D9F849AFDDA38E04549EB67B4163478776F1B6EF46434168278F84FEB8FC5C ] C:\Windows\System32\netlogon.dll
19:59:46.0776 0x0b00  C:\Windows\System32\netlogon.dll - ok
19:59:46.0776 0x0b00  [ A52B6CC24063CC83C78C0E6F24DEEC01, 77E0D2B2356E71F9BE52FA479C9DDE17C453C198BB49CD4A97F2309628D82E3B ] C:\Windows\System32\dnsapi.dll
19:59:46.0776 0x0b00  C:\Windows\System32\dnsapi.dll - ok
19:59:46.0792 0x0b00  [ 8FFE297B8449386E7B6851458B6E474E, E149B37E11091D69D926242517E5655596594A6F01FEF06EB65D6BA5B354E326 ] C:\Windows\System32\logoncli.dll
19:59:46.0792 0x0b00  C:\Windows\System32\logoncli.dll - ok
19:59:46.0792 0x0b00  [ A199DE544BF5C61C134B22C7592226FC, AF0CC2DA847036F5FE6DD9FBEDA7C3D05AF291873D4EAE121676DC6E8841A78F ] C:\Windows\System32\schannel.dll
19:59:46.0792 0x0b00  C:\Windows\System32\schannel.dll - ok
19:59:46.0808 0x0b00  [ 95FB6CA4374E343DDD653FCC43F9D26B, 911A240F9C1DD155C2B1CD85FE4A8044EB2816AF166CD8CB66EEB905CA352881 ] C:\Windows\System32\wdigest.dll
19:59:46.0808 0x0b00  C:\Windows\System32\wdigest.dll - ok
19:59:46.0808 0x0b00  [ 5D8874A8C11DDDDE29E12DE0E2013493, 3E9A57137BF622AF83E3E4D58971E2C0200559CCA7545D16CF263AA03EE9C7D2 ] C:\Windows\System32\rsaenh.dll
19:59:46.0808 0x0b00  C:\Windows\System32\rsaenh.dll - ok
19:59:46.0823 0x0b00  [ 8A25506B6948EFBD5A7F37E53CCD36D9, 2A20562ED33ABD1D15C7BE9F4F1E623E3604BCC0F7214D067CD8C3D16B9EC6A7 ] C:\Windows\System32\TSpkg.dll
19:59:46.0823 0x0b00  C:\Windows\System32\TSpkg.dll - ok
19:59:46.0823 0x0b00  [ E08088A97F95345E181C3DFCE2C615EF, DEF3B087DF5E10E4F8418029DB6E82546E62FEFA39694B7BD6A48CE8AAFD1B96 ] C:\Windows\System32\pku2u.dll
19:59:46.0823 0x0b00  C:\Windows\System32\pku2u.dll - ok
19:59:46.0839 0x0b00  [ D6C7780A364C6BBACFA796BAB9F1B374, 3B5ED1A030BFD0BB73D4FFCD67A6A0B8501EF70293F223EFAA12F430ADF270F9 ] C:\Windows\System32\bcryptprimitives.dll
19:59:46.0839 0x0b00  C:\Windows\System32\bcryptprimitives.dll - ok
19:59:46.0839 0x0b00  [ 52D3D5E3586988D4D9E34ACAAC33105C, C61B60BA962B25B8334F0941C3535EA4ACA1CC060B8A196E396CA3E11CEEF8A1 ] C:\Windows\System32\credssp.dll
19:59:46.0839 0x0b00  C:\Windows\System32\credssp.dll - ok
19:59:46.0839 0x0b00  [ 90BDEFC5DF334E5100EAA781D798DE1A, F48B650D811B6D57D2252E326C0C9CC74534BE9D510E7D3403F91D1C5C36281E ] C:\Windows\System32\efslsaext.dll
19:59:46.0839 0x0b00  C:\Windows\System32\efslsaext.dll - ok
19:59:46.0854 0x0b00  [ ED78427259134C63ED69804D2132B86C, F6F51B8B35881ABCA5580ED111AAC80E466E6474ABAE31EC8BE46C23EDCA77B2 ] C:\Windows\System32\scecli.dll
19:59:46.0854 0x0b00  C:\Windows\System32\scecli.dll - ok
19:59:46.0854 0x0b00  [ 7CC7DF5B654DA579613F811D8C637E29, 70EAC059C1ED814810C75DBB9F4D188428CB942FFD8869D692158D384EB6BB35 ] C:\Windows\System32\ubpm.dll
19:59:46.0870 0x0b00  C:\Windows\System32\ubpm.dll - ok
19:59:46.0870 0x0b00  [ C78655BC80301D76ED4FEF1C1EA40A7D, 93B2ED4004ED5F7F3039DD7ECBD22C7E4E24B6373B4D9EF8D6E45A179B13A5E8 ] C:\Windows\System32\svchost.exe
19:59:46.0870 0x0b00  C:\Windows\System32\svchost.exe - ok
19:59:46.0886 0x0b00  [ B806E50427511BCF4AD8E8239C3E25FA, AB89B48ECCF90F701B314D18BE531CDA5ABE1636C17B994A5E4BE5AAC136B4E3 ] C:\Windows\System32\umpnpmgr.dll
19:59:46.0886 0x0b00  C:\Windows\System32\umpnpmgr.dll - ok
19:59:46.0886 0x0b00  [ CD1B5AD07E5F7FEF30E055DCC9E96180, 63C58551F32B0B09377F64A6AE1FA81AF93B8A707A57A8C18722086906AD3046 ] C:\Windows\System32\devrtl.dll
19:59:46.0886 0x0b00  C:\Windows\System32\devrtl.dll - ok
19:59:46.0901 0x0b00  [ E6EB44ABAAF1F330119F854856C53EBE, 77279972FFBFA984578DD4F17EB615F5D2D93590AF3A9FEFEFDB9128206C9887 ] C:\Windows\System32\SPInf.dll
19:59:46.0901 0x0b00  C:\Windows\System32\SPInf.dll - ok
19:59:46.0901 0x0b00  [ 7A17485DC7D8A7AC81321A42CD034519, 88D8705FA901793FC8C1CFD0175E49A6502BF0FC94A066BA573D2FD13AA5F04A ] C:\Windows\System32\userenv.dll
19:59:46.0901 0x0b00  C:\Windows\System32\userenv.dll - ok
19:59:46.0901 0x0b00  [ 9C9307C95671AC962F3D6EB3A4A89BAE, D1433791C9B8BCEEAD8937EC18D33E89E4E2012B5975228A8500FD141BC30078 ] C:\Windows\System32\gpapi.dll
19:59:46.0901 0x0b00  C:\Windows\System32\gpapi.dll - ok
19:59:46.0917 0x0b00  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] C:\Windows\System32\umpo.dll
19:59:46.0917 0x0b00  C:\Windows\System32\umpo.dll - ok
19:59:46.0917 0x0b00  [ F6C011B46FAEEF33536B2E80F48B5CBE, BDD149D3D6F9F6C8F6F34C311219BE5618CEEFBC7D35E37473A47F1D5D015067 ] C:\Windows\System32\pcwum.dll
19:59:46.0917 0x0b00  C:\Windows\System32\pcwum.dll - ok
19:59:46.0932 0x0b00  [ 716175021BDA290504CE434273F666BC, FA18CA2D8A5F4335E051E2933147D3C1E7308F7D446E2AEB6596CDEF6E2AFC88 ] C:\Windows\System32\powrprof.dll
19:59:46.0932 0x0b00  C:\Windows\System32\powrprof.dll - ok
19:59:46.0932 0x0b00  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] C:\Windows\System32\drivers\luafv.sys
19:59:46.0932 0x0b00  C:\Windows\System32\drivers\luafv.sys - ok
19:59:46.0948 0x0b00  [ FF1E537A3632CBB9A0BF72B9FD0878D5, B26E6A1F6E6FA5280A12861EFAD44D8F49353F47B21843EBA73E149CF613DCBC ] C:\Windows\System32\drivers\aswMonFlt.sys
19:59:46.0948 0x0b00  C:\Windows\System32\drivers\aswMonFlt.sys - ok
19:59:46.0948 0x0b00  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] C:\Windows\System32\rpcss.dll
19:59:46.0948 0x0b00  C:\Windows\System32\rpcss.dll - ok
19:59:46.0964 0x0b00  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] C:\Windows\System32\RpcEpMap.dll
19:59:46.0964 0x0b00  C:\Windows\System32\RpcEpMap.dll - ok
19:59:46.0964 0x0b00  [ 16E964ABF6D1E0F0CC7822FCA9BA754D, 0E461387ACFD641DA22EE542A3C68AF5F7D3A7F967D974E3B198143D461ABE39 ] C:\Windows\System32\wshqos.dll
19:59:46.0964 0x0b00  C:\Windows\System32\wshqos.dll - ok
19:59:46.0979 0x0b00  [ 31559F3244C6BC00A52030CAA83B6B91, B2025742B5F0025ACE9821D5722DE3F997EEEAB21D2F381C9E307882DF422579 ] C:\Windows\System32\WSHTCPIP.DLL
19:59:46.0979 0x0b00  C:\Windows\System32\WSHTCPIP.DLL - ok
19:59:46.0979 0x0b00  [ 9AD9E06F8656F296D91FAE8EE5B95A27, 53384747D5864D699BCC4F48E0A5E656430EDAA65DCDAB4B11EA68FC7106459E ] C:\Windows\System32\FirewallAPI.dll
19:59:46.0979 0x0b00  C:\Windows\System32\FirewallAPI.dll - ok
19:59:46.0995 0x0b00  [ 94E026870A55AAEAFF7853C1754091E9, B2F5D5629D12BDFA98DBED3898368F37D9009C7531B6909C7285A2C11C9A0F93 ] C:\Windows\System32\version.dll
19:59:46.0995 0x0b00  C:\Windows\System32\version.dll - ok
19:59:46.0995 0x0b00  [ 715F03B4C7223349768013EA95D9E5B7, 09AB0535A54C2E2962F0FD06988D99060F8CECA39B07AC00A63204C773B95893 ] C:\Windows\System32\LogonUI.exe
19:59:46.0995 0x0b00  C:\Windows\System32\LogonUI.exe - ok
19:59:46.0995 0x0b00  [ 6011714C8C5C55CBFFAD24D61E879FBD, 75D615082A1C71C6ED3ABB49EDAF660EE538D112CF79B9C8AF0A583D1CE1BBB0 ] C:\Windows\System32\wevtsvc.dll
19:59:46.0995 0x0b00  C:\Windows\System32\wevtsvc.dll - ok
19:59:47.0010 0x0b00  [ 0BEE002C68E28CE6DA161DCF1376D7D7, 1D4EE0B9CE22D139478008D5591B8C9F027C235CBA601F95A96547CF98159D4B ] C:\Windows\System32\authui.dll
19:59:47.0010 0x0b00  C:\Windows\System32\authui.dll - ok
19:59:47.0010 0x0b00  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] C:\Windows\System32\audiosrv.dll
19:59:47.0010 0x0b00  C:\Windows\System32\audiosrv.dll - ok
19:59:47.0026 0x0b00  [ 227E2C382A1E02F8D4965E664D3BBE43, 1CFF20A8BF87ACE4FA4935EBEED72BFB1A1FE902A754899E2F50798D67DF5642 ] C:\Windows\System32\MMDevAPI.dll
19:59:47.0026 0x0b00  C:\Windows\System32\MMDevAPI.dll - ok
19:59:47.0026 0x0b00  [ F06BB4E336EA57511FDBAFAFCC47DE62, BE43EC62548E9FF89A9495A1722E22DBB76EEC3764F86E64057B636F27D15765 ] C:\Windows\System32\propsys.dll
19:59:47.0026 0x0b00  C:\Windows\System32\propsys.dll - ok
19:59:47.0042 0x0b00  [ 78A1E65207484B7F8D3217507745F47C, 35F413ADB9D157F3666DD15DD58104D629CD9143198A1AB914B73A4A3C9903DD ] C:\Windows\System32\avrt.dll
19:59:47.0042 0x0b00  C:\Windows\System32\avrt.dll - ok
19:59:47.0042 0x0b00  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] C:\Windows\System32\mmcss.dll
19:59:47.0042 0x0b00  C:\Windows\System32\mmcss.dll - ok
19:59:47.0057 0x0b00  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] C:\Windows\System32\wlansvc.dll
19:59:47.0057 0x0b00  C:\Windows\System32\wlansvc.dll - ok
19:59:47.0057 0x0b00  [ D5CCA1453B98A5801E6D5FF0FF89DC6C, 85F2C2480AAC31B6092187B431A562D79D4CFB1324F925C85055ABAB2483264B ] C:\Windows\System32\audiodg.exe
19:59:47.0057 0x0b00  C:\Windows\System32\audiodg.exe - ok
19:59:47.0057 0x0b00  [ B3BFBD758506ECB50C5804AAA76318F9, 34E079A6AB2D41D1E0B3887B6AE31C43941061B7176FFF2801C3F465C2C89578 ] C:\Windows\System32\cryptui.dll
19:59:47.0057 0x0b00  C:\Windows\System32\cryptui.dll - ok
19:59:47.0073 0x0b00  [ 7FA8FDC2C2A27817FD0F624E78D3B50C, 7B63F6AA2CD6D4D07EA3C595B868B1A0749BB11620027A2BD9B935E3055481E4 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
19:59:47.0073 0x0b00  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
19:59:47.0073 0x0b00  [ 5B3EBFC3DA142324B388DDCC4465E1FF, 5D58642305311F9BC9B779C9598BFC4E7433B3EA58404BF1FF9466838A2328C7 ] C:\Windows\System32\samlib.dll
19:59:47.0073 0x0b00  C:\Windows\System32\samlib.dll - ok
19:59:47.0088 0x0b00  [ 4E9C2DB10F7E6AE91BF761139D4B745B, 8F63F78294F5585D599A114AF449DCC447CCB239D0F0B490BFE6B34A2146E730 ] C:\Windows\System32\shacct.dll
19:59:47.0088 0x0b00  C:\Windows\System32\shacct.dll - ok
19:59:47.0088 0x0b00  [ D29E998E8277666982B4F0303BF4E7AF, 4F19AB5DC173E278EBE45832F6CEAA40E2DF6A2EDDC81B2828122442FE5D376C ] C:\Windows\System32\uxtheme.dll
19:59:47.0088 0x0b00  C:\Windows\System32\uxtheme.dll - ok
19:59:47.0088 0x0b00  [ 497BFEDDAF3950DD909C3B0C5558A25D, 980EA189929D95EB36E35980FFF0C81F7B78DE9422771FDE8F4AC7A779F5BD89 ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_2b24536c71ed437a\GdiPlus.dll
19:59:47.0088 0x0b00  C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_2b24536c71ed437a\GdiPlus.dll - ok
19:59:47.0104 0x0b00  [ 3CB6A7286422C72C34DAB54A5DFF1A34, 98D21EFFF511E407336A226420701E82554DA01FA05661303836B6860D63749D ] C:\Windows\System32\dui70.dll
19:59:47.0104 0x0b00  C:\Windows\System32\dui70.dll - ok
19:59:47.0104 0x0b00  [ 8CCDE014A4CDF84564E03ACE064CA753, DD663029B2EB7B12FDB00FCE403D8326141E540E3B9CE84CD5871473D3E2E2CF ] C:\Windows\System32\duser.dll
19:59:47.0104 0x0b00  C:\Windows\System32\duser.dll - ok
19:59:47.0120 0x0b00  [ D7F1EF374A90709B31591823B002F918, 05FD2837C9B03D14BB2A969C1AD77CAEF047D93DC5D0F6C2ACBF0888E8F7B359 ] C:\Windows\System32\SndVolSSO.dll
19:59:47.0120 0x0b00  C:\Windows\System32\SndVolSSO.dll - ok
19:59:47.0120 0x0b00  [ DA1B7075260F3872585BFCDD668C648B, 3E10EF6E1A5C341B478322CB78A0AB7BFC70AD8023779B8B4542A7CB4CA756AB ] C:\Windows\System32\dwmapi.dll
19:59:47.0120 0x0b00  C:\Windows\System32\dwmapi.dll - ok
19:59:47.0135 0x0b00  [ 896F15A6434D93EDB42519D5E18E6B50, 9263F0CEC58D45EBE3FB9C3061FB9392C55A7933B84B4592E6EE13CFC86D5A50 ] C:\Windows\System32\hid.dll
19:59:47.0135 0x0b00  C:\Windows\System32\hid.dll - ok
19:59:47.0135 0x0b00  [ D6F630C1FD7F436316093AE500363B19, 73A94B4938430396EA4240B1A6676B4E6C19CFAF8C52EFB9A69B4B2175A86307 ] C:\Windows\System32\xmllite.dll
19:59:47.0135 0x0b00  C:\Windows\System32\xmllite.dll - ok
19:59:47.0135 0x0b00  [ 1F4492FE41767CDB8B89D17655847CDD, 184547FAC0C3D7148FAA3F601929A7089DE393BD19929A137DAD743331DD3F77 ] C:\Windows\System32\ntmarta.dll
19:59:47.0135 0x0b00  C:\Windows\System32\ntmarta.dll - ok
19:59:47.0151 0x0b00  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] C:\Windows\System32\gpsvc.dll
19:59:47.0151 0x0b00  C:\Windows\System32\gpsvc.dll - ok
19:59:47.0151 0x0b00  [ 2DF36F15B2BC1571A6A542A3C2107920, A918F1EE95269DF973421AF2F5713DEEAF15EF0F77BAA7E8C515FFB69896FB7A ] C:\Windows\System32\nlaapi.dll
19:59:47.0151 0x0b00  C:\Windows\System32\nlaapi.dll - ok
19:59:47.0166 0x0b00  [ 5C78838B4D166D1A27DB3A8A820C799A, BBF7E1D0B6754CF06BF3936671FDF5BF6E845CA5678D0940EA54E9212B539B7F ] C:\Windows\System32\profsvc.dll
19:59:47.0166 0x0b00  C:\Windows\System32\profsvc.dll - ok
19:59:47.0182 0x0b00  [ 26B73A85855681500BCC25C7CD9FF5B1, 94D134A6AF53AD629A4505B8B0EA37F61BB43AF4DB71874E7E87853163A9282A ] C:\Windows\System32\WindowsCodecs.dll
19:59:47.0182 0x0b00  C:\Windows\System32\WindowsCodecs.dll - ok
19:59:47.0182 0x0b00  [ 58775492FFD419248B08325E583C527F, DBB013971F5894F25C222C2D4D50A29DB6DF3C413792EE9CCC1A9E6D85469093 ] C:\Windows\System32\atl.dll
19:59:47.0182 0x0b00  C:\Windows\System32\atl.dll - ok
19:59:47.0198 0x0b00  [ 50544D04AD845C43130B70212EC05CCD, B2E6B558DE7D273512226685FF53ED17C9B4BF81B739FBCA5D3FC82DF8D2BCF7 ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
19:59:47.0198 0x0b00  C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
19:59:47.0198 0x0b00  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] C:\Windows\System32\themeservice.dll
19:59:47.0198 0x0b00  C:\Windows\System32\themeservice.dll - ok
19:59:47.0198 0x0b00  [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D, 19959D18601712901F03B83150D15E34EBCAB355BB4692C9A28511A72F57FC66 ] C:\Windows\System32\winbrand.dll
19:59:47.0198 0x0b00  C:\Windows\System32\winbrand.dll - ok
19:59:47.0213 0x0b00  [ BD3674BE7FC9D8D3732C83E8499576ED, E6716A5895D629263A4D21959F48840429AB6F4B55A5FA2663EE5E86C9CA2BF1 ] C:\Windows\System32\wtsapi32.dll
19:59:47.0213 0x0b00  C:\Windows\System32\wtsapi32.dll - ok
19:59:47.0213 0x0b00  [ C2762A57DF0EE85E63CE4893C5215313, DDE22212D78353633CEDE27D7210469DE674563991105563CF64CCCE2D0743BD ] C:\Windows\System32\VaultCredProvider.dll
19:59:47.0213 0x0b00  C:\Windows\System32\VaultCredProvider.dll - ok
19:59:47.0229 0x0b00  [ A77BE7CB3222B4FB0AC6C71D1C2698D4, 73566223914BF670DF6B5931FA213E546713531B10391ED65B5256BBD7ABDE7F ] C:\Windows\System32\dsrole.dll
19:59:47.0229 0x0b00  C:\Windows\System32\dsrole.dll - ok
19:59:47.0229 0x0b00  [ BE097F5BB10F9079FCEB2DC4E7E20F02, 90A88986C8C5F30FB153EC803FEDA6572B2C2630A6C9578FCC017800692694D5 ] C:\Windows\System32\slc.dll
19:59:47.0229 0x0b00  C:\Windows\System32\slc.dll - ok
19:59:47.0244 0x0b00  [ 588CD0C78A7FAAE4186B5EEA0AF3ED67, E957E4463D318A44BA5109EE3428624DE901C5FF2BA358986DF6C6F059DDBCC2 ] C:\Windows\System32\adtschema.dll
19:59:47.0244 0x0b00  C:\Windows\System32\adtschema.dll - ok
19:59:47.0244 0x0b00  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] C:\Windows\System32\drivers\fltMgr.sys
19:59:47.0244 0x0b00  C:\Windows\System32\drivers\fltMgr.sys - ok
19:59:47.0260 0x0b00  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] C:\Windows\System32\netprofm.dll
19:59:47.0260 0x0b00  C:\Windows\System32\netprofm.dll - ok
19:59:47.0260 0x0b00  [ A3DB3C17EE6CAE65D53602B4E80BCCBC, D802A7C6161F937DC42A6E45FE1BB2C8272819F92C294C180EBCDF8FF72CBFDC ] C:\Windows\System32\PSHED.DLL
19:59:47.0260 0x0b00  C:\Windows\System32\PSHED.DLL - ok
19:59:47.0276 0x0b00  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] C:\Windows\System32\MPSSVC.dll
19:59:47.0276 0x0b00  C:\Windows\System32\MPSSVC.dll - ok
19:59:47.0276 0x0b00  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] C:\Windows\System32\es.dll
19:59:47.0276 0x0b00  C:\Windows\System32\es.dll - ok
19:59:47.0276 0x0b00  [ 1A47D52E303B7543E4E6026595B95422, C577CD3837546A7CED5D2E8E97FA2EDACA133B4A8595770EF96CAE519BFE280F ] C:\Windows\System32\comres.dll
19:59:47.0276 0x0b00  C:\Windows\System32\comres.dll - ok
19:59:47.0291 0x0b00  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] C:\Windows\System32\Sens.dll
19:59:47.0291 0x0b00  C:\Windows\System32\Sens.dll - ok
19:59:47.0291 0x0b00  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] C:\Windows\System32\uxsms.dll
19:59:47.0291 0x0b00  C:\Windows\System32\uxsms.dll - ok
19:59:47.0307 0x0b00  [ 48DED912CDE54FC0923B9858512366E1, 9B216B934408A7CB3CE2B41240B7EF01EAA3BC066211B784064FF8AC97A29B4E ] C:\Windows\System32\drivers\aswStm.sys
19:59:47.0307 0x0b00  C:\Windows\System32\drivers\aswStm.sys - ok
19:59:47.0307 0x0b00  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] C:\Windows\System32\drivers\lltdio.sys
19:59:47.0307 0x0b00  C:\Windows\System32\drivers\lltdio.sys - ok
19:59:47.0322 0x0b00  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] C:\Windows\System32\drivers\nwifi.sys
19:59:47.0322 0x0b00  C:\Windows\System32\drivers\nwifi.sys - ok
19:59:47.0322 0x0b00  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] C:\Windows\System32\drivers\ndisuio.sys
19:59:47.0322 0x0b00  C:\Windows\System32\drivers\ndisuio.sys - ok
19:59:47.0338 0x0b00  [ CA2985996BB49924B677113DF95CFEA7, 91F63863B1B597AE421CD2C3D8A3E00578B17876E5F5B828D25C2C9B349ECCCD ] C:\Windows\System32\SmartcardCredentialProvider.dll
19:59:47.0338 0x0b00  C:\Windows\System32\SmartcardCredentialProvider.dll - ok
19:59:47.0338 0x0b00  [ BF352E73615F5461AA6884472435A544, 4B059E79325C5F08CD6FBBE6352E17ADB64B9608CC9EDB36A2DF4D148060C309 ] C:\Windows\System32\BioCredProv.dll
19:59:47.0338 0x0b00  C:\Windows\System32\BioCredProv.dll - ok
19:59:47.0338 0x0b00  [ CC0AB40F02D2C2A12209715A3C1B07B8, 90EB303A4E151340DB382248361FEFC5346C31394791DF83663086C8219C2B20 ] C:\Windows\System32\credui.dll
19:59:47.0338 0x0b00  C:\Windows\System32\credui.dll - ok
19:59:47.0354 0x0b00  [ 796B8123A7859AFD3A4AE10514DBAEB5, E76F69FAFEC3D66263ED95F3FA9EE309BDDACB287E30583A147DC97F6EEB8844 ] C:\Windows\System32\winbio.dll
19:59:47.0354 0x0b00  C:\Windows\System32\winbio.dll - ok
19:59:47.0354 0x0b00  [ 764908FE1FA96F93C95B1B67A0FCED29, 26EF25AB307903C5E806A8CC3B750A491049E5D1225CEDDFCE64DD51AA6F592B ] C:\Windows\System32\netapi32.dll
19:59:47.0354 0x0b00  C:\Windows\System32\netapi32.dll - ok
 
 
 

Attached Files

  • Attached File  MBR.zip   571bytes   7 downloads


#7 bigrobifer

bigrobifer
  • Topic Starter

  • Members
  • 92 posts
  • OFFLINE
  •  
  • Local time:04:54 AM

Posted 19 July 2014 - 03:08 AM

19:59:47.0354 0x0b00  [ 6CECA4C6A489C9B2E6073AFDAAE3F607, 127506D1DB38275614CBEB047C133718EF9D03266BA9C98BE55EC7847CFC9C3D ] C:\Windows\System32\netutils.dll
19:59:47.0354 0x0b00  C:\Windows\System32\netutils.dll - ok
19:59:47.0369 0x0b00  [ 44B9C66177651F3F53C87B665D58D17A, 3FC426115FF87570889DB28D71970B82B525D2A4B9A00EDD273BF083B77A05CE ] C:\Windows\System32\vaultcli.dll
19:59:47.0369 0x0b00  C:\Windows\System32\vaultcli.dll - ok
19:59:47.0369 0x0b00  [ 3C91392D448F6E5D525A85B7550D8BA9, 6FD0DC73DBE7519E2C643554C2A7F8FBE4F9A678C4241BB54B3C6E65D2ABCF3A ] C:\Windows\System32\wkscli.dll
19:59:47.0369 0x0b00  C:\Windows\System32\wkscli.dll - ok
19:59:47.0385 0x0b00  [ FC51229C7D4AFA0D6F186133728B95AB, 37E58C8E1C8437D1981725A5DCDACA7316CEFBB570370CEFC8D122F523B96AC0 ] C:\Windows\System32\samcli.dll
19:59:47.0385 0x0b00  C:\Windows\System32\samcli.dll - ok
19:59:47.0385 0x0b00  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] C:\Windows\System32\drivers\rspndr.sys
19:59:47.0385 0x0b00  C:\Windows\System32\drivers\rspndr.sys - ok
19:59:47.0400 0x0b00  [ 2B81776DA02017A37FE26C662827470E, A656353C50EE08422145D00DB9CFD9F6D3E664753B3C454B171E2A56A8AA94DC ] C:\Windows\System32\IPHLPAPI.DLL
19:59:47.0400 0x0b00  C:\Windows\System32\IPHLPAPI.DLL - ok
19:59:47.0400 0x0b00  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] C:\Windows\System32\lmhsvc.dll
19:59:47.0400 0x0b00  C:\Windows\System32\lmhsvc.dll - ok
19:59:47.0400 0x0b00  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] C:\Windows\System32\nsisvc.dll
19:59:47.0400 0x0b00  C:\Windows\System32\nsisvc.dll - ok
19:59:47.0416 0x0b00  [ CD55F5355D8F55D44C9F4ED875705BD6, 321C26E3CD9F376D30F05FBDF00E96399512ED705D867E8B14793D9CE69A1C1F ] C:\Windows\System32\dnsrslvr.dll
19:59:47.0416 0x0b00  C:\Windows\System32\dnsrslvr.dll - ok
19:59:47.0416 0x0b00  [ F9EC845C5EECF20E9A67F9F805F2EF1F, C3DBA8CF93DBF50954B1BF6D7EF3F6F5DD1A56DC62B7EB2749C54D9B65D9BB43 ] C:\Windows\System32\keyiso.dll
19:59:47.0416 0x0b00  C:\Windows\System32\keyiso.dll - ok
19:59:47.0432 0x0b00  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] C:\Windows\System32\eapsvc.dll
19:59:47.0432 0x0b00  C:\Windows\System32\eapsvc.dll - ok
19:59:47.0432 0x0b00  [ 972C3301DB3DA91AE06A95F6B4160B1B, 678B533A06C306295FE97DC26CE9BAFFC8EAF1FB7405ACB040719099717744D5 ] C:\Windows\System32\certCredProvider.dll
19:59:47.0432 0x0b00  C:\Windows\System32\certCredProvider.dll - ok
19:59:47.0447 0x0b00  [ 87FA0C48C3B2E9FEE518818FE26B15B5, DA4042DE9897397AEDCEFF9F69746726237305DDE64464309B6DCC45E05E42F4 ] C:\Windows\System32\rasplap.dll
19:59:47.0447 0x0b00  C:\Windows\System32\rasplap.dll - ok
19:59:47.0447 0x0b00  [ 019CD868461B646E09BDF04474C19341, 01837EFACB02E52BC6E90C90C4CB01B11D56E449A37EA4FC2695507FF85EA9FE ] C:\Windows\System32\rasapi32.dll
19:59:47.0447 0x0b00  C:\Windows\System32\rasapi32.dll - ok
19:59:47.0447 0x0b00  [ B28DEEC597C8DEB70C744C7CF9210E3E, E777F192D822990CA6301B3FEA2AEA213FA7901438EB3328914ADF02B6C39DB9 ] C:\Windows\System32\rasman.dll
19:59:47.0447 0x0b00  C:\Windows\System32\rasman.dll - ok
19:59:47.0463 0x0b00  [ B53C4B69B695EDA1B7E41D35CA4244E2, 3D98E9B263CADA576E4057E059AFC867F6E3F1001F3B73C8BCF9066763A45D9D ] C:\Windows\System32\rtutils.dll
19:59:47.0463 0x0b00  C:\Windows\System32\rtutils.dll - ok
19:59:47.0463 0x0b00  [ B0945E538CF906BBDDC5A11C8EE868CC, 5F3459F6512918835F7C9400905EC7C1FAEAA7114E0D28C522040C359E3B93F7 ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
19:59:47.0463 0x0b00  C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
19:59:47.0478 0x0b00  [ B73A6E4B319AFFE64582AC5C1801BB3F, 274EEA0743DC659180E691654CBB17136E9E9D83B07E302B47EA5B103EA57710 ] C:\Windows\System32\nrpsrv.dll
19:59:47.0478 0x0b00  C:\Windows\System32\nrpsrv.dll - ok
19:59:47.0478 0x0b00  [ 4C9210E8F4E052F6A4EB87716DA0C24C, 460F7990BDADB7D58D6DC95B094D30A2EFDC4CEED444B18A2F36E8D9076FB8B9 ] C:\Windows\System32\winnsi.dll
19:59:47.0478 0x0b00  C:\Windows\System32\winnsi.dll - ok
19:59:47.0494 0x0b00  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] C:\Windows\System32\dhcpcore.dll
19:59:47.0494 0x0b00  C:\Windows\System32\dhcpcore.dll - ok
19:59:47.0494 0x0b00  [ 0040C486584A8E582C861CFB57AB5387, 5EE17B55CB702D14AE75B19226DE21CD2498BDA6C6EF5872FDB8A718F401FED1 ] C:\Windows\System32\FWPUCLNT.DLL
19:59:47.0494 0x0b00  C:\Windows\System32\FWPUCLNT.DLL - ok
19:59:47.0510 0x0b00  [ 71C7B65B6557B75B99907E76956AE4B8, 38AD0E96D6AD36C0643761D5F5DB7A2802E059008C0984ABF61F4D8703DE4B3B ] C:\Windows\System32\dhcpcore6.dll
19:59:47.0510 0x0b00  C:\Windows\System32\dhcpcore6.dll - ok
19:59:47.0510 0x0b00  [ 87356377F31DA5F20A833811CD59499C, 4FEC1FD3AC4E4E34DCBC0109B248952604F438C84B1604EB9E2359FA721E23C4 ] C:\Windows\System32\eapphost.dll
19:59:47.0510 0x0b00  C:\Windows\System32\eapphost.dll - ok
19:59:47.0510 0x0b00  [ 885D0942E0F28DB90919BE3129ECF279, 5A10D90EE656ECE3DCA174D6F924641509819FC20CB6EF46B5E1723E52DE85BE ] C:\Windows\System32\dnsext.dll
19:59:47.0510 0x0b00  C:\Windows\System32\dnsext.dll - ok
19:59:47.0525 0x0b00  [ F568F7C08458D69E4FCD8675BBB107E4, A5FA25ECF248999A68CCECFBB508BFA1ADD18A23E20A9A9081A87C41CAAA36C0 ] C:\Windows\System32\dhcpcsvc.dll
19:59:47.0525 0x0b00  C:\Windows\System32\dhcpcsvc.dll - ok
19:59:47.0525 0x0b00  [ 4CBCC37856EA2039C27A2FB661DDA0E5, 74CBFAB3092A9564BDDFCB84DB3E3F8BCFD1492938ADF187423D3355D73D21C6 ] C:\Windows\System32\dhcpcsvc6.dll
19:59:47.0525 0x0b00  C:\Windows\System32\dhcpcsvc6.dll - ok
19:59:47.0541 0x0b00  [ 9FCA3A84338ADEF2AFF67CDA46EF8539, 087DF72096852AE98C56990EE6E68835BE95E7E49ECDDE8B54DAC11C9E07FE94 ] C:\Windows\System32\umb.dll
19:59:47.0541 0x0b00  C:\Windows\System32\umb.dll - ok
19:59:47.0541 0x0b00  [ A648C4A06DE367065B24056D067B4460, 2412487D65A833DDD9AB17D039515CC08DA22D006259EC4B03E42475FAFFD2AD ] C:\Windows\System32\wlanmsm.dll
19:59:47.0541 0x0b00  C:\Windows\System32\wlanmsm.dll - ok
19:59:47.0556 0x0b00  [ 06A1386B6E3A0CBC368665C1840906F4, C10BCA5092A0B3F9435CE4D65C7449528C89F5C5243B410878D2EBF516DA2FB2 ] C:\Windows\System32\wlansec.dll
19:59:47.0556 0x0b00  C:\Windows\System32\wlansec.dll - ok
19:59:47.0556 0x0b00  [ 65522E77A1360DBC8D199DA3BF5EFFE4, E9D748070FA478A3D37F15049F998D340885C0DC5FCE03BFCE5D521C9EBA7350 ] C:\Windows\System32\eappprxy.dll
19:59:47.0556 0x0b00  C:\Windows\System32\eappprxy.dll - ok
19:59:47.0572 0x0b00  [ 73FCB7919DEE80EE556F2E498594EBAE, D0F7A0AD3BC33263E9C2CF9787DD326436F9E0C9F5031D769F8A43C64C08A762 ] C:\Windows\System32\onex.dll
19:59:47.0572 0x0b00  C:\Windows\System32\onex.dll - ok
19:59:47.0572 0x0b00  [ 0D753307D274F3688BD21C377B616700, 5DD08E77A11F2561FB96BA212FDDFE21D4394C69C34C3EB88F7F5CD068EE55BF ] C:\Windows\System32\eappcfg.dll
19:59:47.0572 0x0b00  C:\Windows\System32\eappcfg.dll - ok
19:59:47.0572 0x0b00  [ 730BF204A595D5B6D7DC57A247CC741C, 264C6901F4A49B738BBD04BCA1783DEE892885BADE9085B0AEA40BAE7CC0A218 ] C:\Windows\System32\wlgpclnt.dll
19:59:47.0572 0x0b00  C:\Windows\System32\wlgpclnt.dll - ok
19:59:47.0588 0x0b00  [ 97E43F324BE1503CB2FFB058534688DA, 50C781DF38D0D38C9A5420AB1FFF8672DC13FD1ED8E9F5432B4BA3077A7435D5 ] C:\Windows\System32\l2gpstore.dll
19:59:47.0588 0x0b00  C:\Windows\System32\l2gpstore.dll - ok
19:59:47.0588 0x0b00  [ 7F1B4C6FF3B85F9ADF74055187B8A22C, CC95DA5662638AACBE9643DCB236464C2C2095A8D5CDC8A747045870BE9D0E7D ] C:\Windows\System32\wlanutil.dll
19:59:47.0588 0x0b00  C:\Windows\System32\wlanutil.dll - ok
19:59:47.0603 0x0b00  [ 7D5645EE0EA77D539828433D9B95F5EB, EEF81E9B2205FC456DB6095AD0AEAB38BB131D3BCD090EA6CD91D5568ACAFB7F ] C:\Windows\System32\WinSCard.dll
19:59:47.0603 0x0b00  C:\Windows\System32\WinSCard.dll - ok
19:59:47.0603 0x0b00  [ 9BC8610C32C96A2983A65DC21CAFA921, 2A4195F663C9D55939E3D8FEAA208090FDB0B8801A60164A7325B53104797CBC ] C:\Windows\System32\UXInit.dll
19:59:47.0603 0x0b00  C:\Windows\System32\UXInit.dll - ok
19:59:47.0603 0x0b00  [ 5C29199C9F0EDE64F17F268084EC4392, EA9FD588A8C89399DD287399A912B356A4234CFE418239B227D255749F5DDDE2 ] C:\Windows\System32\msxml6.dll
19:59:47.0603 0x0b00  C:\Windows\System32\msxml6.dll - ok
19:59:47.0619 0x0b00  [ 5AA945234E9D4CCE4F715276B9AA712C, 65165BD131056816F009D987FC78AC86FFE0C3C38A27E73F873586B7FF4D59CF ] C:\Windows\System32\imageres.dll
19:59:47.0619 0x0b00  C:\Windows\System32\imageres.dll - ok
19:59:47.0619 0x0b00  [ 03706015DB44368375AEBE6339490E66, 02EB28B5156E320C1EBABC03D37E94EB770A721B99E1DD276F8DC2A50D76C381 ] C:\Windows\System32\netcfgx.dll
19:59:47.0619 0x0b00  C:\Windows\System32\netcfgx.dll - ok
19:59:47.0634 0x0b00  [ 73F5C13B431915BAE35254B4E95DFB71, 393A045859382C44133C004598B1512048046BCC129FED2247A77FDBFCDB6DFF ] C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:59:47.0634 0x0b00  C:\Program Files\AVAST Software\Avast\AvastSvc.exe - ok
19:59:47.0634 0x0b00  [ D124F55B9393C976963407DFF51FFA79, EA1E16247C848C8C171C4CD1FA17BC5A018A1FCB0C0DAC25009066B6667B8EEF ] C:\Windows\SysWOW64\ntdll.dll
19:59:47.0634 0x0b00  C:\Windows\SysWOW64\ntdll.dll - ok
19:59:47.0650 0x0b00  [ 098EF40B77F88148349AAEBFE38E87C7, 4E3CDF9FEDBC2C2C031B5B52C20B0DDD7FAF0672D0B35469E239D93F1BD4BC1F ] C:\Windows\System32\wow64.dll
19:59:47.0650 0x0b00  C:\Windows\System32\wow64.dll - ok
19:59:47.0650 0x0b00  [ 99F5AEDBA338CE63F047D86E07DA36F6, B21DDAC8568058E02743FFBDB76557BF76F133D3981298E0634D1D2620AFCE2D ] C:\Windows\System32\wow64cpu.dll
19:59:47.0650 0x0b00  C:\Windows\System32\wow64cpu.dll - ok
19:59:47.0666 0x0b00  [ C742077774E78A388F11EC943AD717FC, 1D062803F758D7093608441EDFF72625E5333D2C47B4FC101463148B9A8F685C ] C:\Windows\System32\wow64win.dll
19:59:47.0666 0x0b00  C:\Windows\System32\wow64win.dll - ok
19:59:47.0666 0x0b00  [ E80758CF485DB142FCA1EE03A34EAD05, 3F94F8630C7603F9DA79BF021CB56AC5357502BADF6CB12F6CE11E5B2B244153 ] C:\Windows\SysWOW64\kernel32.dll
19:59:47.0666 0x0b00  C:\Windows\SysWOW64\kernel32.dll - ok
19:59:47.0681 0x0b00  [ 95E2376B3323F062EB562B8586D0F14A, BD3FA8750123D00AA0967FBA44372C46EA002681DA9C9B77A4F9261553E26017 ] C:\Windows\SysWOW64\advapi32.dll
19:59:47.0681 0x0b00  C:\Windows\SysWOW64\advapi32.dll - ok
19:59:47.0681 0x0b00  [ 61EABC3358D869519D851B08C8FA512D, 00F4AEB2C0FBEDFBAFAC5E7DA17A5B7328E96216597153D3E7FAC219A284282B ] C:\Windows\SysWOW64\KernelBase.dll
19:59:47.0681 0x0b00  C:\Windows\SysWOW64\KernelBase.dll - ok
19:59:47.0681 0x0b00  [ E46D48A7FE961401F1CBF85531CDF05D, 24CA38641020FF9E07E16CE3992212E2BFD2759E902D12744D4989ADF11995BF ] C:\Windows\SysWOW64\msvcrt.dll
19:59:47.0681 0x0b00  C:\Windows\SysWOW64\msvcrt.dll - ok
19:59:47.0697 0x0b00  [ C5AD8083CF94201F1F8084ECC696A8B7, 9F9A23DC2587E88C1BF671E9E147F134242002288E22E1C57881F3ED721F4296 ] C:\Windows\SysWOW64\rpcrt4.dll
19:59:47.0697 0x0b00  C:\Windows\SysWOW64\rpcrt4.dll - ok
19:59:47.0697 0x0b00  [ CFC97F07904067A1E5FAE195D534DA3A, EB4D2D127312EB09E2ACCA3276779E80F90FAF77322684BABF72B8EC6E1F906C ] C:\Windows\SysWOW64\sechost.dll
19:59:47.0697 0x0b00  C:\Windows\SysWOW64\sechost.dll - ok
19:59:47.0712 0x0b00  [ F08F6FCD09F9BE94C37ACC1B344685FF, DE48D766258B46EFEAB16579421C4BD97ACC6883F782D00E9857F4A0CE7E8A34 ] C:\Windows\SysWOW64\cryptbase.dll
19:59:47.0712 0x0b00  C:\Windows\SysWOW64\cryptbase.dll - ok
19:59:47.0712 0x0b00  [ 7224D964A6D657374C551C878EB2C386, C6F56D05CFBC06ECEF8CF44DCDE939AB25C3D3C01CA43323F827EE3086836CD9 ] C:\Windows\SysWOW64\sspicli.dll
19:59:47.0712 0x0b00  C:\Windows\SysWOW64\sspicli.dll - ok
19:59:47.0728 0x0b00  [ 3946A82CCD0F2086B3F4A909C05241C7, 10F04E8EAA4AEFED877028ABDFBF89A39DCEAEE401261D4ADBEC4A2F91A75910 ] C:\Program Files\AVAST Software\Avast\ashbase.dll
19:59:47.0728 0x0b00  C:\Program Files\AVAST Software\Avast\ashbase.dll - ok
19:59:47.0728 0x0b00  [ 7FF15A4F092CD4A96055BA69F903E3E9, 1B594E6D057C632ABB3A8CF838157369024BD6B9F515CA8E774B22FE71A11627 ] C:\Windows\SysWOW64\ws2_32.dll
19:59:47.0728 0x0b00  C:\Windows\SysWOW64\ws2_32.dll - ok
19:59:47.0728 0x0b00  [ DF13A51A5C591887D2EC6AE64CEED0FA, DFD503AEBCAA056B2B0E669ACA52F6D26F4E6892F2DCFCCD902752C23A621653 ] C:\Windows\SysWOW64\wsock32.dll
19:59:47.0728 0x0b00  C:\Windows\SysWOW64\wsock32.dll - ok
19:59:47.0744 0x0b00  [ 6377051C63D5552A311935C67E9FDFDC, 3FB82988AAB66813567E8DB951D4EE87F156201070F005FDBF52EF998A323E65 ] C:\Windows\SysWOW64\nsi.dll
19:59:47.0744 0x0b00  C:\Windows\SysWOW64\nsi.dll - ok
19:59:47.0744 0x0b00  [ 454E292861A4EF1D72F43F42BBAF6917, 9179657AA2928627D73608D7EBA5A9A8D7507F9F67DD8EC1011C76AEE4914043 ] C:\Windows\SysWOW64\crypt32.dll
19:59:47.0744 0x0b00  C:\Windows\SysWOW64\crypt32.dll - ok
19:59:47.0759 0x0b00  [ A543AC1F7138376D778D630A35FCBC4C, 2D824C66A97FC8C39DAFA397CC47495B712D175EEF393486946DA8936BDD466A ] C:\Windows\SysWOW64\psapi.dll
19:59:47.0759 0x0b00  C:\Windows\SysWOW64\psapi.dll - ok
19:59:47.0759 0x0b00  [ 702254574E7E52052DE39408457B7149, 645CA9E88DA21C63710A04A0F54421018DF415A3D612112C71A255C49325C082 ] C:\Windows\SysWOW64\version.dll
19:59:47.0759 0x0b00  C:\Windows\SysWOW64\version.dll - ok
19:59:47.0775 0x0b00  [ 938F39B50BAFE13D6F58C7790682C010, 902000EE51EFEABAF6A4B30F880AA37083D2232C6FC622CA513C4A823390FEDA ] C:\Windows\SysWOW64\msasn1.dll
19:59:47.0775 0x0b00  C:\Windows\SysWOW64\msasn1.dll - ok
19:59:47.0775 0x0b00  [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3, 01EB95FA3943CF3C6B1A21E473A5C3CB9FCBCE46913B15C96CAC14E4F04075B4 ] C:\Windows\SysWOW64\user32.dll
19:59:47.0775 0x0b00  C:\Windows\SysWOW64\user32.dll - ok
19:59:47.0775 0x0b00  [ D6D3AD7BF1D6F6CE9547613ED5E170A2, EA3BD7FEC193A8CFE1D5736301ACADC476FB6AAC5475A45776D0A638E9845445 ] C:\Windows\SysWOW64\gdi32.dll
19:59:47.0775 0x0b00  C:\Windows\SysWOW64\gdi32.dll - ok
19:59:47.0790 0x0b00  [ 384721EF4024890092625E20CADFAF85, 32FB012437C271CA4408EC60E6858485C2F9489107BBDB7011F728A0D2A26D2C ] C:\Windows\SysWOW64\lpk.dll
19:59:47.0790 0x0b00  C:\Windows\SysWOW64\lpk.dll - ok
19:59:47.0790 0x0b00  [ 804AAAFEBB3AD5F49334DD906BCB1DE5, EB5DA86810D405555C84F4D452A604665250AB5D01714E0FBECF81CC8E791AC5 ] C:\Windows\SysWOW64\usp10.dll
19:59:47.0790 0x0b00  C:\Windows\SysWOW64\usp10.dll - ok
19:59:47.0806 0x0b00  [ 10FB16B50AFFDA6D44588F3C445DC273, 6CDA17DA9B44D11E69F7C6682FA633EA75731623BB21B429A0FE2086ED4495A7 ] C:\Windows\SysWOW64\setupapi.dll
19:59:47.0806 0x0b00  C:\Windows\SysWOW64\setupapi.dll - ok
19:59:47.0806 0x0b00  [ 3FFAEA12666E565FF51BF2FCA674F543, 95BA8DBDA495C170E075F48627D7DD89C6B29BE0CE0D0D8316B0236692675060 ] C:\Windows\SysWOW64\cfgmgr32.dll
19:59:47.0806 0x0b00  C:\Windows\SysWOW64\cfgmgr32.dll - ok
19:59:47.0806 0x0b00  [ 028D74F61952756C9DFFF7969162BB39, 045887F7424A0FAE471BD285ED7A3507EFDCEF986313651E462323ACE3312173 ] C:\Windows\SysWOW64\oleaut32.dll
19:59:47.0806 0x0b00  C:\Windows\SysWOW64\oleaut32.dll - ok
19:59:47.0822 0x0b00  [ 928CF7268086631F54C3D8E17238C6DD, F058FAFB04E7EBD5CADE9B48195B7AA7C3508F332A89F5E6E5F3F071E8CADD4A ] C:\Windows\SysWOW64\ole32.dll
19:59:47.0822 0x0b00  C:\Windows\SysWOW64\ole32.dll - ok
19:59:47.0822 0x0b00  [ CC4ED8BEA78B0DCA6F217E014C3291A7, 01104182E4E6FB3CF6397936D30B2CE3486967586D1B94187B59A8232DAE39FF ] C:\Windows\SysWOW64\devobj.dll
19:59:47.0822 0x0b00  C:\Windows\SysWOW64\devobj.dll - ok
19:59:47.0837 0x0b00  [ 1BA6666ED0C7B576088A36E911199033, AA36977AB3C3E06BDCED4A3E3D3A466F793F9858AFECE06B8B3818A363CF6DE8 ] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
19:59:47.0837 0x0b00  C:\Program Files\AVAST Software\Avast\aswCmnBS.dll - ok
19:59:47.0837 0x0b00  [ B57FD7DD0FAF85F737DC3D483A9D63BB, 6A34D5C7F63BF2B60F77A5BD52EC9704DBB58778F7403429C2D286FCFED3B2A0 ] C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
19:59:47.0837 0x0b00  C:\Program Files\AVAST Software\Avast\aswCmnIS.dll - ok
19:59:47.0853 0x0b00  [ 4BA25D2CBE1587A841DCFB8C8C4A6EA6, B30160E759115E24425B9BCDF606EF6EBCE4657487525EDE7F1AC40B90FF7E49 ] C:\Windows\winsxs\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\msvcr110.dll
19:59:47.0853 0x0b00  C:\Windows\winsxs\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\msvcr110.dll - ok
19:59:47.0853 0x0b00  [ 3CED666BC61431DCD928E03ED4ABCAEA, C92FC8270B210566D4909032FFCA6D4D7332145120DEF8372C23B491BE128858 ] C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
19:59:47.0853 0x0b00  C:\Program Files\AVAST Software\Avast\aswCmnOS.dll - ok
19:59:47.0853 0x0b00  [ 3E29914113EC4B968BA5EB1F6D194A0A, C8D5572CA8D7624871188F0ACABC3AE60D4C5A4F6782D952B9038DE3BC28B39A ] C:\Windows\winsxs\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\msvcp110.dll
19:59:47.0868 0x0b00  C:\Windows\winsxs\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\msvcp110.dll - ok
19:59:47.0868 0x0b00  [ 7486BA75019D8C3A13EBA7867FAABE7D, 084A8973A9F7325241E156BD4D1218F732543C5707098F12273212B4E7A6BFE0 ] C:\Program Files\AVAST Software\Avast\avastIP.dll
19:59:47.0868 0x0b00  C:\Program Files\AVAST Software\Avast\avastIP.dll - ok
19:59:47.0868 0x0b00  [ A90DC9ABD65DB1A8902F361103029952, 26798758976CE53251AC342B966BE0363AE1794BD965C452F5DEBC33E18969F0 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
19:59:47.0868 0x0b00  C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
19:59:47.0884 0x0b00  [ CFF35B879D1618D42C86644C717BA947, 1837275202628D3320867A3BF8CFDA15491730C4B74215F7C0D7E140BF01AC3C ] C:\Windows\SysWOW64\winnsi.dll
19:59:47.0884 0x0b00  C:\Windows\SysWOW64\winnsi.dll - ok
19:59:47.0884 0x0b00  [ 8D113C7490621FF50F9BA46C7D8C423E, 2DD3B7BBD1F849C1EE93AA3511D5D3673E5B554E06240A07EC5963BB7D7A33B6 ] C:\Program Files\AVAST Software\Avast\aswcommchannel.dll
19:59:47.0884 0x0b00  C:\Program Files\AVAST Software\Avast\aswcommchannel.dll - ok
19:59:47.0900 0x0b00  [ CA9F7888B524D8100B977C81F44C3234, 57F3353F89724147D8AC8B69B12C1303DF26978309776F5F8CCF074526A915D3 ] C:\Windows\SysWOW64\winhttp.dll
19:59:47.0900 0x0b00  C:\Windows\SysWOW64\winhttp.dll - ok
19:59:47.0900 0x0b00  [ 02C61D8AD469417F5508225C75DE3236, 579555AB92DA532D69E14B62064B7D415338A963099BB84B599E1FF55D933787 ] C:\Windows\SysWOW64\webio.dll
19:59:47.0900 0x0b00  C:\Windows\SysWOW64\webio.dll - ok
19:59:47.0900 0x0b00  [ 44214C94911C7CFB1D52CB64D5E8368D, 4B01872788057ECF5A1AC6647512F5671213F76651FF8E808F1310A1240F35A2 ] C:\Windows\SysWOW64\wininet.dll
19:59:47.0900 0x0b00  C:\Windows\SysWOW64\wininet.dll - ok
19:59:47.0915 0x0b00  [ 8CC3C111D653E96F3EA1590891491D71, 1D326D7D116D76876EE2B14A5BFB7B4328E21DB9B5AAAB9CB67F8EFB93924230 ] C:\Windows\SysWOW64\shlwapi.dll
19:59:47.0915 0x0b00  C:\Windows\SysWOW64\shlwapi.dll - ok
19:59:47.0915 0x0b00  [ EBB431C6332107651CD2E2715A707994, 669BED2F3A2CFFB5E25FE6CF6956E61036FA1D9127AE59F05B22CFD57CEA3E2A ] C:\Windows\SysWOW64\urlmon.dll
19:59:47.0915 0x0b00  C:\Windows\SysWOW64\urlmon.dll - ok
19:59:47.0931 0x0b00  [ 683E0C9DA9E1EB9E4691DFAE0EC83E36, F5CD7DE4B315F318D495C4E28292FA47B96640D044502131934190EC58F3D1D5 ] C:\Windows\SysWOW64\iertutil.dll
19:59:47.0931 0x0b00  C:\Windows\SysWOW64\iertutil.dll - ok
19:59:47.0931 0x0b00  [ 59DF156711A76BCB993253EC6C9BBF41, F8BCA0D764CD78A6B455268B9C5BA655D8A95B3E0939CC0AB5A493610C0058B9 ] C:\Windows\SysWOW64\dnsapi.dll
19:59:47.0931 0x0b00  C:\Windows\SysWOW64\dnsapi.dll - ok
19:59:47.0931 0x0b00  [ 77F8C2F976899F7656C5E34D145B13F2, C1D95B0BBE111420CE7A163E8AB90DA107BC5ADC44212EEF4CFE9D4722CC6FBC ] C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
19:59:47.0931 0x0b00  C:\Program Files\AVAST Software\Avast\aswEngLdr.dll - ok
19:59:47.0946 0x0b00  [ A6F09E5669D9A19035F6D942CAA15882, 68C8AF0CC1923E3A7245392F2480EE665D265DF300A609D2540BF7C6D9C1A1BE ] C:\Windows\SysWOW64\imm32.dll
19:59:47.0946 0x0b00  C:\Windows\SysWOW64\imm32.dll - ok
19:59:47.0946 0x0b00  [ C9618BC9B2B0FD7C1138D8774795A79B, 0AC170669C2626519FA7A745C56BFBA6B83B8537488F5B9EB7BA72448E5E7A43 ] C:\Windows\SysWOW64\msctf.dll
19:59:47.0946 0x0b00  C:\Windows\SysWOW64\msctf.dll - ok
19:59:47.0962 0x0b00  [ E7FFA9306A4C10B22CA1F48B1BB72E05, 60A955ED7FEEC418C54FAF2E0C0F54216BC295074FA899114BCFF566D1D76C80 ] C:\Program Files\AVAST Software\Avast\avBugReport.exe
19:59:47.0962 0x0b00  C:\Program Files\AVAST Software\Avast\avBugReport.exe - ok
19:59:47.0962 0x0b00  [ 863F793D15B4026B1A5FDECA873D4D84, AF7ABD95BB5467551562F129F03C7AC9D52A021F7E547609F40A80E66932C942 ] C:\Windows\SysWOW64\apphelp.dll
19:59:47.0962 0x0b00  C:\Windows\SysWOW64\apphelp.dll - ok
19:59:47.0978 0x0b00  [ 5C5E3AFD499E5146FEF1DA5EF8A23205, 9A26FFAFFB26FA6549C6DA75F76238A903CA723F9DAD356FBA8D91067FE312FD ] C:\Program Files\AVAST Software\Avast\dbghelp.dll
19:59:47.0978 0x0b00  C:\Program Files\AVAST Software\Avast\dbghelp.dll - ok
19:59:47.0978 0x0b00  [ 9EA93673394601DB13CF5519CF7F5DE7, 65727A233405EA4A8D8E48004B3A3025734B53BCA622503B747DDF8385A31E3C ] C:\Program Files\AVAST Software\Avast\1033\Base.dll
19:59:47.0978 0x0b00  C:\Program Files\AVAST Software\Avast\1033\Base.dll - ok
19:59:47.0993 0x0b00  [ 10505F2B5A89B60971192505824A5EF3, D05CED486A0AEF2D36336AC0CC50F95D756DDD3A4BE741F88AEC8D43606186F4 ] C:\Program Files\AVAST Software\Avast\ssleay32.dll
19:59:47.0993 0x0b00  C:\Program Files\AVAST Software\Avast\ssleay32.dll - ok
19:59:47.0993 0x0b00  [ 62CC8C657AFFEA3D06FE2CA98883B5D8, BC7595D626C9D3F0769F90DC3DFF208FB807D8A20230B28EB3B9376D0D38952D ] C:\Program Files\AVAST Software\Avast\libeay32.dll
19:59:47.0993 0x0b00  C:\Program Files\AVAST Software\Avast\libeay32.dll - ok
19:59:48.0009 0x0b00  [ 8CE1A6D16B9077E91E192499EB611C5F, 68BB66B40383F7CA04F314FECC12A346914139A64F72CAE791B882B6CB8DC314 ] C:\Windows\SysWOW64\netapi32.dll
19:59:48.0009 0x0b00  C:\Windows\SysWOW64\netapi32.dll - ok
19:59:48.0009 0x0b00  [ 20B3934DB73EABA2B49B7177873CB81F, 492EAC5C51472B43DE11825358AEC4B9E3A081DACFD7513C696D6FE40F302EE5 ] C:\Windows\SysWOW64\netutils.dll
19:59:48.0009 0x0b00  C:\Windows\SysWOW64\netutils.dll - ok
19:59:48.0009 0x0b00  [ 5CCDCD40E732D54E0F7451AC66AC1C87, 66F4DA105BD72E41250CD59E2B3CD931B47AC9FDB6C784B9E33C5EE1AC29841F ] C:\Windows\SysWOW64\srvcli.dll
19:59:48.0009 0x0b00  C:\Windows\SysWOW64\srvcli.dll - ok
19:59:48.0024 0x0b00  [ 7321F18D1F820612ED0E9F2D4B578A7E, 612BD7DE1DFBD100BD6ACB37A38565D88C39842D990D296B9B8E1FB75C3A94E7 ] C:\Windows\SysWOW64\cryptsp.dll
19:59:48.0024 0x0b00  C:\Windows\SysWOW64\cryptsp.dll - ok
19:59:48.0024 0x0b00  [ E5A4A1326A02F8E7B59E6C3270CE7202, DCB76016F9AC47E631540874DA208A089F9D529DA9628705A2869B954526BFE0 ] C:\Windows\SysWOW64\wkscli.dll
19:59:48.0024 0x0b00  C:\Windows\SysWOW64\wkscli.dll - ok
19:59:48.0040 0x0b00  [ BD51024FB014064BC9FE8C715C18392F, 23F7AB98268F88E6CA9EE96B3DDBC6AA745BFFACD2E5F80A211CE48D976EB9A4 ] C:\Windows\System32\conhost.exe
19:59:48.0040 0x0b00  C:\Windows\System32\conhost.exe - ok
19:59:48.0040 0x0b00  [ 16AB4BD2ACC52109F43739BF0E89E18F, 8BF53004F8A413598B46C2ECFBA1EA581836E0E0839047471622F31A4A065DD7 ] C:\Windows\SysWOW64\shell32.dll
19:59:48.0040 0x0b00  C:\Windows\SysWOW64\shell32.dll - ok
19:59:48.0056 0x0b00  [ ED8EC63F7522DF4852147C84EC62C36A, 75633011CD28DCBD4834211A9D415F17DE15BFCD80FB9FF6CE25CBBD4E9899AF ] C:\Windows\SysWOW64\rsaenh.dll
19:59:48.0056 0x0b00  C:\Windows\SysWOW64\rsaenh.dll - ok
19:59:48.0056 0x0b00  [ A8EDB86FC2A4D6D1285E4C70384AC35A, 61B8955CE0A2AA9D0719920B30216717B349B6FBE11C697C31CFA84F859CC1AE ] C:\Windows\System32\dllhost.exe
19:59:48.0056 0x0b00  C:\Windows\System32\dllhost.exe - ok
19:59:48.0056 0x0b00  [ C733D233B623B7FFCE5031E4B756EE26, 33CC8B140B0E4A9B702E3468BE2646AEE4273F20C6EA5BAC6C3D8FC8EDEF0881 ] C:\Windows\SysWOW64\profapi.dll
19:59:48.0056 0x0b00  C:\Windows\SysWOW64\profapi.dll - ok
19:59:48.0071 0x0b00  [ 14DFDEAF4E589ED3F1FF187A86B9408C, 86D383D5B90A86556521C62C50F7BE0306FCD24FD86A8A37E8320FAE948531EB ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
19:59:48.0071 0x0b00  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
19:59:48.0071 0x0b00  [ 2D44EBD52EC34E25DDA0EEE07032C418, FC2FFEF053CDAED588675E69A49AAA4202B2911C4462183AD70A8976C194FD05 ] C:\Program Files\AVAST Software\Avast\AavmRpch.dll
19:59:48.0071 0x0b00  C:\Program Files\AVAST Software\Avast\AavmRpch.dll - ok
19:59:48.0087 0x0b00  [ BE37D90FA0349B08B036BD33E85141C9, D3BD67325C322CCE81B5C5130E46BCBACE516637F74E13EE6244190815DD4C0B ] C:\Program Files\AVAST Software\Avast\ashServ.dll
19:59:48.0087 0x0b00  C:\Program Files\AVAST Software\Avast\ashServ.dll - ok
19:59:48.0087 0x0b00  [ 839F96DBAAFD3353E0B248A5E0BD2A51, 11DA5AD3EA5FF4766C12B99FB520B3CBE08581ECAF1A2FD1DC5AC835CA78FAC2 ] C:\Windows\SysWOW64\rasapi32.dll
19:59:48.0087 0x0b00  C:\Windows\SysWOW64\rasapi32.dll - ok
19:59:48.0102 0x0b00  [ FFA7172354B9256DBB2CDD75F16F33FE, 85B2F014C67C2E52540F17D561793C6633C9E98F12639CCD3854EB1EC34DD035 ] C:\Windows\SysWOW64\rasman.dll
19:59:48.0102 0x0b00  C:\Windows\SysWOW64\rasman.dll - ok
19:59:48.0102 0x0b00  [ 29FE98D9412388243E41869143D1805B, 71CB5EE45086BF76597295C1677F9C84212ABBD1BA4BB37375A64EBB89FBEC46 ] C:\Program Files\AVAST Software\Avast\aswProperty.dll
19:59:48.0102 0x0b00  C:\Program Files\AVAST Software\Avast\aswProperty.dll - ok
19:59:48.0102 0x0b00  [ E4B7E7985CB75DE4E48E96D35A0DBF97, 07A2A8D51945B9C461738EC897269CE8746AC2980F7206FBA266D86BA4AB4E67 ] C:\Program Files\AVAST Software\Avast\ashTask.dll
19:59:48.0102 0x0b00  C:\Program Files\AVAST Software\Avast\ashTask.dll - ok
19:59:48.0118 0x0b00  [ 3211E20DA6C5EBE28CF7E4C3A55278E4, 304B5D66836B7797E6544A9996D635835A0CCBF061EB8C5537798A3B2D4C1CFF ] C:\Program Files\AVAST Software\Avast\aswAux.dll
19:59:48.0118 0x0b00  C:\Program Files\AVAST Software\Avast\aswAux.dll - ok
19:59:48.0118 0x0b00  [ 93541E4ED452A6B816A3C1595A7E01F0, B2EC0AACF315887211B0B4E2C12255D0E34B6FD8C4273EFAC5F322897355E872 ] C:\Program Files\AVAST Software\Avast\Aavm4h.dll
19:59:48.0118 0x0b00  C:\Program Files\AVAST Software\Avast\Aavm4h.dll - ok
19:59:48.0134 0x0b00  [ D15618A0FF8DBC2C5BF3726BACC75A0B, ADD81EA1D208907D67802F0E96EC0327BA89021F870BA22B9C7E3A19013A6AE7 ] C:\Windows\SysWOW64\userenv.dll
19:59:48.0134 0x0b00  C:\Windows\SysWOW64\userenv.dll - ok
19:59:48.0134 0x0b00  [ 44574EAFCDDA003A22E4DF3EA73840AF, DF7E7CEF8FB7A20C7BCDF3DBF841535EB596E1D015A6972CCD186A117E1BB033 ] C:\Program Files\AVAST Software\Avast\aswLog.dll
19:59:48.0134 0x0b00  C:\Program Files\AVAST Software\Avast\aswLog.dll - ok
19:59:48.0134 0x0b00  [ C30BEB2365677974EFA19B791E1AAD85, 17FCE54869DF45EDDA9989A9C0FBA4C94AF6F579EF78E6548E05ED20F8C0E849 ] C:\Program Files\AVAST Software\Avast\aswSqLt.dll
19:59:48.0134 0x0b00  C:\Program Files\AVAST Software\Avast\aswSqLt.dll - ok
19:59:48.0149 0x0b00  [ 95884E0E8EAE21F7DF7A8916A7E058CF, D9A76E7685408ADBBA755FB3DC39948799CEB330A8C774262733F09C27972F8B ] C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
19:59:48.0149 0x0b00  C:\Program Files\AVAST Software\Avast\ashTaskEx.dll - ok
19:59:48.0149 0x0b00  [ 5A9BD26D965F1E4DAC668C8F0C738FB7, 5359C2C8989C25195B3BE5B9F2FE5107F4860220AC16626F64AF2CCC606BC7CB ] C:\Program Files\AVAST Software\Avast\aswStrm.dll
19:59:48.0149 0x0b00  C:\Program Files\AVAST Software\Avast\aswStrm.dll - ok
19:59:48.0165 0x0b00  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] C:\Windows\System32\schedsvc.dll
19:59:48.0165 0x0b00  C:\Windows\System32\schedsvc.dll - ok
19:59:48.0165 0x0b00  [ 5997D769CDB108390DCFAEBF442BF816, 0E25CA984C0EEB629184423FAA9BC6D4356DF9A93F281E06DC83B4AC638AEC4A ] C:\Windows\SysWOW64\RpcRtRemote.dll
19:59:48.0165 0x0b00  C:\Windows\SysWOW64\RpcRtRemote.dll - ok
19:59:48.0180 0x0b00  [ BC414631876B2F28B8DAB08E849C12C5, 5973654AA3E90E6B699B0A43F645B893D95BAA803129B6967D746C8239AB26E3 ] C:\Windows\System32\ktmw32.dll
19:59:48.0180 0x0b00  C:\Windows\System32\ktmw32.dll - ok
19:59:48.0180 0x0b00  [ A8CDF3768604FF95B54669E20053D569, 2DB85B86C839341F2A879A6D25F787D17EE665D425C1BAC3E1F82BAC61F89F94 ] C:\Windows\SysWOW64\wscapi.dll
19:59:48.0180 0x0b00  C:\Windows\SysWOW64\wscapi.dll - ok
19:59:48.0180 0x0b00  [ 8258362DDB18B644A82D8B5061AD9426, 87CA586B2B1B0089BFF6A259A0743D184AE383B3B12C4BC5986D72ADFFBE9EDA ] C:\Windows\SysWOW64\wscisvif.dll
19:59:48.0180 0x0b00  C:\Windows\SysWOW64\wscisvif.dll - ok
19:59:48.0196 0x0b00  [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7, 4BC5A1279885EEFBEB27333AF719622A5FCDD9606697692C1978E434CE264D80 ] C:\Windows\System32\taskcomp.dll
19:59:48.0196 0x0b00  C:\Windows\System32\taskcomp.dll - ok
19:59:48.0196 0x0b00  [ 01CC54AE7B3F034F8F97B99E75FD4EFD, 611048A49642DEFE65019ECD773DB31C2863C9A2E03DEA097DBB35791D3FB15C ] C:\Program Files\AVAST Software\Avast\defs\14071801\aswEngin.dll
19:59:48.0196 0x0b00  C:\Program Files\AVAST Software\Avast\defs\14071801\aswEngin.dll - ok
19:59:48.0212 0x0b00  [ A62B51FFEAAD6178B815E0035CD3588A, 14E05EA00355CC5FD7CFEB33069741CFBB1718A6F2DCA7412B67EBD0384A0C74 ] C:\Program Files\AVAST Software\Avast\defs\14071801\aswCmnIS.dll
19:59:48.0212 0x0b00  C:\Program Files\AVAST Software\Avast\defs\14071801\aswCmnIS.dll - ok
19:59:48.0212 0x0b00  [ 0D472A236395AA3B4F209D45A14FDE6A, 44E5977D4D410D8DF6C918A9C6316DC5292198E7E6A2F0EA78EC0820295CE291 ] C:\Program Files\AVAST Software\Avast\defs\14071801\aswCmnOS.dll
19:59:48.0212 0x0b00  C:\Program Files\AVAST Software\Avast\defs\14071801\aswCmnOS.dll - ok
19:59:48.0227 0x0b00  [ F7075ED9BDDEA0939A22EF992D6B196D, E938C72BFEAEB37D26B37868608DDA91BC470B9F54879E4E5E3A42706FF5649F ] C:\Program Files\AVAST Software\Avast\defs\14071801\aswCmnBS.dll
19:59:48.0227 0x0b00  C:\Program Files\AVAST Software\Avast\defs\14071801\aswCmnBS.dll - ok
19:59:48.0227 0x0b00  [ C29A65B1A518F8B7BFE1344DC9796E65, CB28310A89D0AA96DD65675EF5C7D33BA20472B71DB2F508DC8340D497045917 ] C:\Program Files\AVAST Software\Avast\defs\14071801\aswScan.dll
19:59:48.0227 0x0b00  C:\Program Files\AVAST Software\Avast\defs\14071801\aswScan.dll - ok
19:59:48.0227 0x0b00  [ FB1FE9CE7C1ED670A70274016C41D5C3, B4F5A8AE9BDF6EB370340E7C5494C36AF22FF1A5170C6480EFA08B96084C30B9 ] C:\Program Files\AVAST Software\Avast\defs\14071801\aswRep.dll
19:59:48.0227 0x0b00  C:\Program Files\AVAST Software\Avast\defs\14071801\aswRep.dll - ok
19:59:48.0243 0x0b00  [ 5E32E7C5542D95E04E8ABE8B3F676D11, E1B5958ABE040C581A3B580F26372C7AC58A610877BB0C1D33A03D7C754AF172 ] C:\Program Files\AVAST Software\Avast\defs\14071801\aswFiDb.dll
19:59:48.0243 0x0b00  C:\Program Files\AVAST Software\Avast\defs\14071801\aswFiDb.dll - ok
19:59:48.0243 0x0b00  [ 54C858C71C4CE9ED968372B5F6120C24, A0D421F37A24FE908E9F758EC3CE880E9510FC099F64DDA48824E2533CB94673 ] C:\Program Files\AVAST Software\Avast\defs\14071801\algo.dll
19:59:48.0243 0x0b00  C:\Program Files\AVAST Software\Avast\defs\14071801\algo.dll - ok
19:59:48.0258 0x0b00  [ A8CE0C7F1D37E0B8082608A148B6B976, 29F667E4DEA45C95E15ED54E9C37585E450325370F6011FFB667886F2FF0ABEB ] C:\Windows\SysWOW64\secur32.dll
19:59:48.0258 0x0b00  C:\Windows\SysWOW64\secur32.dll - ok
19:59:48.0258 0x0b00  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] C:\Windows\System32\BFE.DLL
19:59:48.0258 0x0b00  C:\Windows\System32\BFE.DLL - ok
19:59:48.0274 0x0b00  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] C:\Windows\System32\drivers\mpsdrv.sys
19:59:48.0274 0x0b00  C:\Windows\System32\drivers\mpsdrv.sys - ok
19:59:48.0274 0x0b00  [ D95E64416A4A3ED6986E0F474DA934BD, DBB4A0DED0DABE1F8FF0DB8C0E9EC4EC906A85A45DC0AEC013A8744F9BF5D40E ] C:\Windows\System32\drivers\aswHwid.sys
19:59:48.0274 0x0b00  C:\Windows\System32\drivers\aswHwid.sys - ok
19:59:48.0290 0x0b00  [ C67F8A962B2534224D5908D16D2AD3CE, CAC1821F5E867285638AEE7AE33CE574BCCF16277AC5AD805650B48F7759B4B4 ] C:\Windows\System32\wfapigp.dll
19:59:48.0290 0x0b00  C:\Windows\System32\wfapigp.dll - ok
19:59:48.0290 0x0b00  [ 15597883FBE9B056F276ADA3AD87D9AF, B347E0B11228E38313C59C8ED984253A8A1FF482ED137CF5F488C4AFD6B08857 ] C:\Windows\System32\cryptsvc.dll
19:59:48.0290 0x0b00  C:\Windows\System32\cryptsvc.dll - ok
19:59:48.0290 0x0b00  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] C:\Windows\System32\dps.dll
19:59:48.0305 0x0b00  C:\Windows\System32\dps.dll - ok
19:59:48.0305 0x0b00  [ BAAFAF9CEAEC0B73C2A3550A01F6CECB, 018CB95A43CEA2063EA24691C71D51EF60D522C21502ABA8AD93876363D4B857 ] C:\Windows\System32\taskschd.dll
19:59:48.0305 0x0b00  C:\Windows\System32\taskschd.dll - ok
19:59:48.0305 0x0b00  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] C:\Windows\System32\drivers\PEAuth.sys
19:59:48.0305 0x0b00  C:\Windows\System32\drivers\PEAuth.sys - ok
19:59:48.0321 0x0b00  [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] C:\Windows\System32\nlasvc.dll
19:59:48.0321 0x0b00  C:\Windows\System32\nlasvc.dll - ok
19:59:48.0321 0x0b00  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] C:\Windows\System32\pcasvc.dll
19:59:48.0321 0x0b00  C:\Windows\System32\pcasvc.dll - ok
19:59:48.0336 0x0b00  [ 1727B2A2F379A32B864C096FA794AADC, 87B77A5DF95F3A1C5ED6DEF820C7E384BEFCBAA2FE1BB4781AC6F777A081E5CC ] C:\Windows\System32\aepic.dll
19:59:48.0336 0x0b00  C:\Windows\System32\aepic.dll - ok
19:59:48.0336 0x0b00  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] C:\Windows\System32\drivers\secdrv.sys
19:59:48.0336 0x0b00  C:\Windows\System32\drivers\secdrv.sys - ok
19:59:48.0336 0x0b00  [ 4A435F95B940E93A88FEC144BD409789, 12775F6F54AD9BCBCD4F91F371D8911772CA7B14316DAFFDC28B971D1FDCC182 ] C:\Windows\System32\ncsi.dll
19:59:48.0336 0x0b00  C:\Windows\System32\ncsi.dll - ok
19:59:48.0352 0x0b00  [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] C:\Windows\System32\drivers\tcpipreg.sys
19:59:48.0352 0x0b00  C:\Windows\System32\drivers\tcpipreg.sys - ok
19:59:48.0352 0x0b00  [ C6DCD1D11ED6827F05C00773C3E7053C, EA23BE261C9C04F44215D254D7A80FD0AEE84C6F192D0FEE49A7CF74ED3CB1A6 ] C:\Windows\System32\sfc.dll
19:59:48.0352 0x0b00  C:\Windows\System32\sfc.dll - ok
19:59:48.0368 0x0b00  [ 895C9AB0A855547445C4181195230757, 89BDA385D8CCB75C3D7B1BDFA567AC441A931F4E499C0835FEE9D010343FABB6 ] C:\Windows\System32\sfc_os.dll
19:59:48.0368 0x0b00  C:\Windows\System32\sfc_os.dll - ok
19:59:48.0368 0x0b00  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] C:\Windows\System32\sysmain.dll
19:59:48.0368 0x0b00  C:\Windows\System32\sysmain.dll - ok
19:59:48.0383 0x0b00  [ 58F4493BF748A3A89689997B7BD00E95, EC5DEEC73E357C7C87B001275C4E635011A9CF39419F2B86E2C2B8D7E388C551 ] C:\Windows\System32\winhttp.dll
19:59:48.0383 0x0b00  C:\Windows\System32\winhttp.dll - ok
19:59:48.0383 0x0b00  [ BC9489DF517C426D4044D99F14449134, CABD014BA29A548252BB8D5BD46D047DBFC445489492D9DF75B29CEDE0AC9F8B ] C:\Windows\System32\webio.dll
19:59:48.0383 0x0b00  C:\Windows\System32\webio.dll - ok
19:59:48.0383 0x0b00  [ 1834B31C749B86DAC233BBBA1C03BC48, 27FCA9196842C0BB53CCAD895870A0EB10D2F8ED67E5486A4437067BD4BC4448 ] C:\Windows\System32\mscms.dll
19:59:48.0383 0x0b00  C:\Windows\System32\mscms.dll - ok
19:59:48.0399 0x0b00  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] C:\Windows\System32\snmptrap.exe
19:59:48.0399 0x0b00  C:\Windows\System32\snmptrap.exe - ok
19:59:48.0399 0x0b00  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] C:\Windows\System32\trkwks.dll
19:59:48.0399 0x0b00  C:\Windows\System32\trkwks.dll - ok
19:59:48.0399 0x0b00  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] C:\Windows\System32\wbem\WMIsvc.dll
19:59:48.0399 0x0b00  C:\Windows\System32\wbem\WMIsvc.dll - ok
19:59:48.0414 0x0b00  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] C:\Windows\System32\sstpsvc.dll
19:59:48.0414 0x0b00  C:\Windows\System32\sstpsvc.dll - ok
19:59:48.0414 0x0b00  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] C:\Windows\System32\provsvc.dll
19:59:48.0414 0x0b00  C:\Windows\System32\provsvc.dll - ok
19:59:48.0430 0x0b00  [ 0E2F58F6E698EDCB9E58FAD0CBCD0567, 426FB40A065FEF61980C803EF72D0D326C623340C3AE99CA8AFFDEFB81E8D49D ] C:\Windows\System32\vssapi.dll
19:59:48.0430 0x0b00  C:\Windows\System32\vssapi.dll - ok
19:59:48.0430 0x0b00  [ 2BBF3FDB70B8965DFA0258CBAB41ECCE, 4EFA41765E46E90C6CBDB0DC1E0CD375D7AB3307C477171EBAA6A16AC32E5211 ] C:\Windows\System32\ssdpapi.dll
19:59:48.0430 0x0b00  C:\Windows\System32\ssdpapi.dll - ok
19:59:48.0446 0x0b00  [ 287923557447D7E4BDD7E65B1F0F5428, 14D85A0F036F28D77AA9723C3D7E8C4DA9BDFF8A1AD9BEA6FE5756DBF5D00F08 ] C:\Windows\System32\vsstrace.dll
19:59:48.0446 0x0b00  C:\Windows\System32\vsstrace.dll - ok
19:59:48.0446 0x0b00  [ 7DB5AA22A8A8E5C2D335F44853C1F6DE, A734A20357026C42950394682A52CBC3AF956D09F1949E1B4E95467E999BC428 ] C:\Windows\System32\wbemcomn.dll
19:59:48.0446 0x0b00  C:\Windows\System32\wbemcomn.dll - ok
19:59:48.0446 0x0b00  [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] C:\Windows\System32\iphlpsvc.dll
19:59:48.0446 0x0b00  C:\Windows\System32\iphlpsvc.dll - ok
19:59:48.0461 0x0b00  [ 27B9E163740A226B65E4B9E186117911, 17411C6A6C1E699BC4B0C04D782FD9AA09CF577DBA41E743F7588904D489CB9F ] C:\Windows\System32\sqmapi.dll
19:59:48.0461 0x0b00  C:\Windows\System32\sqmapi.dll - ok
19:59:48.0461 0x0b00  [ 7B38D7916A7CD058C16A0A6CA5077901, 3F6DD990E2DA5D3BD6D65A72CBFB0FE79EB30B118A8AD71B6C9BB5581A622DCE ] C:\Windows\System32\wdscore.dll
19:59:48.0461 0x0b00  C:\Windows\System32\wdscore.dll - ok
19:59:48.0477 0x0b00  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] C:\Windows\System32\wdi.dll
19:59:48.0477 0x0b00  C:\Windows\System32\wdi.dll - ok
19:59:48.0477 0x0b00  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] C:\Windows\System32\wpdbusenum.dll
19:59:48.0477 0x0b00  C:\Windows\System32\wpdbusenum.dll - ok
19:59:48.0492 0x0b00  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] C:\Windows\System32\IPSECSVC.DLL
19:59:48.0492 0x0b00  C:\Windows\System32\IPSECSVC.DLL - ok
19:59:48.0492 0x0b00  [ 0C52762C606BCF6A377D5E4688191A6B, C58C9A73AD07E3B93AB186D0D47C5F1CB7197771DBEE40646C3B801645BB388F ] C:\Windows\System32\wbem\WmiDcPrv.dll
19:59:48.0492 0x0b00  C:\Windows\System32\wbem\WmiDcPrv.dll - ok
19:59:48.0492 0x0b00  [ A3F5E8EC1316C3E2562B82694A251C9E, F3DC6AA6A9D3B5BBC730668FC52C1D4BB5D515D404578BDDD3D4869A7ED58822 ] C:\Windows\System32\wbem\fastprox.dll
19:59:48.0492 0x0b00  C:\Windows\System32\wbem\fastprox.dll - ok
19:59:48.0508 0x0b00  [ EE26D130808D16C0E417BBBED0451B34, 4886DCE4FAEF146A40BABD492A8000A2022FEA542A6135A9BAFD4CD09297B4E5 ] C:\Windows\System32\ntdsapi.dll
19:59:48.0508 0x0b00  C:\Windows\System32\ntdsapi.dll - ok
19:59:48.0508 0x0b00  [ 666A60F6F5E719856FF6254E0966EFF7, 58C072E7E215991E19C1CA062C476081982F7B9F039714539AE7FEB4981C200F ] C:\Windows\System32\wbem\wbemprox.dll
19:59:48.0508 0x0b00  C:\Windows\System32\wbem\wbemprox.dll - ok
19:59:48.0524 0x0b00  [ 0255C22D99602534F15CBB8D9B6F152F, 43CD89D6CA56E0B633142F7C86DA9E072EE0723B5EBC4CE8CCBCA58C396ECF54 ] C:\Windows\System32\wbem\WinMgmtR.dll
19:59:48.0524 0x0b00  C:\Windows\System32\wbem\WinMgmtR.dll - ok
19:59:48.0524 0x0b00  [ 104A1070E90F1C530328E69B49718841, C5EBDD404F92E185467C390CC30DB4BD7BE0193536DD5708277662D4B0EA38D1 ] C:\Windows\SysWOW64\nlaapi.dll
19:59:48.0524 0x0b00  C:\Windows\SysWOW64\nlaapi.dll - ok
19:59:48.0539 0x0b00  [ 0B7E85364CB878E2AD531DB7B601A9E5, F5AD3018427F1CD68450EE5CB55AA9572546322580E0FB1E7888702A291C2380 ] C:\Windows\SysWOW64\NapiNSP.dll
19:59:48.0539 0x0b00  C:\Windows\SysWOW64\NapiNSP.dll - ok
19:59:48.0539 0x0b00  [ 5CF640EDDB1E40A5AB1BB743BCDEC610, 0313AA3F713C9F5B84DBB0B4DE78A96B173E9F7B4CF61C10FDC7DAE952DB04E5 ] C:\Windows\SysWOW64\pnrpnsp.dll
19:59:48.0539 0x0b00  C:\Windows\SysWOW64\pnrpnsp.dll - ok
19:59:48.0539 0x0b00  [ 1EBE9524683C7C4EED8B8BC93FB6FBCC, 78AF098E270EDE62466557091F14B2D37BDAB488F02E7CC769251FD17C02BA4A ] C:\Windows\SysWOW64\fltLib.dll
19:59:48.0539 0x0b00  C:\Windows\SysWOW64\fltLib.dll - ok
19:59:48.0555 0x0b00  [ 8999B8631C7FD9F7F9EC3CAFD953BA24, 4E96D3EACCB1EF7DC429CAF433C2D4A0A129333B9AB10A05C32CA33C67DC26FA ] C:\Windows\SysWOW64\mswsock.dll
19:59:48.0555 0x0b00  C:\Windows\SysWOW64\mswsock.dll - ok
19:59:48.0555 0x0b00  [ 5DF5D8CFD9B9573FA3B2C89D9061A240, 990EA273B640DF2D7E800C0CFF18550259C605A4951CD82CD9F1E7B6FF0C9533 ] C:\Windows\SysWOW64\winrnr.dll
19:59:48.0555 0x0b00  C:\Windows\SysWOW64\winrnr.dll - ok
19:59:48.0570 0x0b00  [ 6A6B2EE4565A178035BE2A4FF6F2C968, E2E231F1C2E2CE19583483ACC53318651FA7CA2DE46BCB89B4CBF97CA0525122 ] C:\Windows\SysWOW64\wtsapi32.dll
19:59:48.0570 0x0b00  C:\Windows\SysWOW64\wtsapi32.dll - ok
19:59:48.0570 0x0b00  [ 418E881201583A3039D81F43E39E6C78, C96AAC161E09BE12815A4E931E65F66DB1A456C03253EF1111AE66F44B1515FF ] C:\Windows\SysWOW64\winsta.dll
19:59:48.0570 0x0b00  C:\Windows\SysWOW64\winsta.dll - ok
19:59:48.0586 0x0b00  [ E693A3AC10F2FC6AA0DB865A04108022, D1286A49D82796831FE985E90CE35DCAB8A1DBCFFEF460CC9E5676730C693892 ] C:\Program Files\AVAST Software\Avast\AhResMai.dll
19:59:48.0586 0x0b00  C:\Program Files\AVAST Software\Avast\AhResMai.dll - ok
19:59:48.0586 0x0b00  [ 33EDF6CCC9DEB9E6EFD8D7FC423D6123, 272C775A6026CDD6A1E4FE7E6712E5BD39240C34929074AE0817FD9CD428A33E ] C:\Program Files\AVAST Software\Avast\AhResStd.dll
19:59:48.0586 0x0b00  C:\Program Files\AVAST Software\Avast\AhResStd.dll - ok
19:59:48.0586 0x0b00  [ 0ACFC95EE2AF5C5E568621D097CC4FA2, 99B94A7AAA24CFC276C518910FE69380A306AE435D7FE97BDF41D0B25E7F0A71 ] C:\Program Files\AVAST Software\Avast\AhResWS.dll
19:59:48.0586 0x0b00  C:\Program Files\AVAST Software\Avast\AhResWS.dll - ok
19:59:48.0602 0x0b00  [ 2122FEEF03BCB6CFE5C67483666B2A62, D4D8DA36518BD6BF338E5FB39EBB6F3851AC48CE6578B447BB1641637161526E ] C:\Program Files\AVAST Software\Avast\AhResWS2.dll
19:59:48.0602 0x0b00  C:\Program Files\AVAST Software\Avast\AhResWS2.dll - ok
19:59:48.0602 0x0b00  [ E64D9EC8018C55873B40FDEE9DBEF5B3, 2DB11E7C631A9887CB75AFEAD2C79EC65F82C51F5F073CEFC8CDDF664EFF29C1 ] C:\Windows\System32\PortableDeviceApi.dll
19:59:48.0602 0x0b00  C:\Windows\System32\PortableDeviceApi.dll - ok
19:59:48.0617 0x0b00  [ AFA79C343F9D1555F7E5D5FA70BB2A14, 440EF3ADC1F5C7A5ED3E872C8D8DFA61B039454C3CA67F8A51CA8BDCFDC4BA4A ] C:\Windows\System32\PortableDeviceConnectApi.dll
19:59:48.0617 0x0b00  C:\Windows\System32\PortableDeviceConnectApi.dll - ok
19:59:48.0617 0x0b00  [ 210FCACAF902B2CD47CF9FD17D846146, 3F77AC721E084864C5966FF5337A90185F62203DC19C685328675500D629CB87 ] C:\Windows\System32\aeevts.dll
19:59:48.0617 0x0b00  C:\Windows\System32\aeevts.dll - ok
19:59:48.0633 0x0b00  [ 3B367397320C26DBA890B260F80D1B1B, 50BBE71B4380B5E86E197AF86F5C08266DD6B12344BA4ABDEA604B8C774C4147 ] C:\Windows\System32\hnetcfg.dll
19:59:48.0633 0x0b00  C:\Windows\System32\hnetcfg.dll - ok
19:59:48.0633 0x0b00  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] C:\Windows\System32\shsvcs.dll
19:59:48.0633 0x0b00  C:\Windows\System32\shsvcs.dll - ok
19:59:48.0648 0x0b00  [ 4449D23E8F197862F1B16F1E6C89C36C, 93AF52BF8E870C0381F027D3BB8F6829E449242074472F1593EB8172D7EB6559 ] C:\Windows\System32\diagperf.dll
19:59:48.0648 0x0b00  C:\Windows\System32\diagperf.dll - ok
19:59:48.0648 0x0b00  [ 5EB55F661DEBF156E126160BCD4D89F8, 948D1F627AA55D55FB3B558BA61B8366C5481A6041820631F24408F75EA5D2CC ] C:\Windows\System32\wbem\wbemcore.dll
19:59:48.0648 0x0b00  C:\Windows\System32\wbem\wbemcore.dll - ok
19:59:48.0664 0x0b00  [ 087D8668C71634A3A3761135ABF16EEE, B7348A63299CFF4FFBF375E645A4850AE0F108D48D13AB25434CFAE7CF3D61FD ] C:\Windows\System32\wbem\esscli.dll
19:59:48.0664 0x0b00  C:\Windows\System32\wbem\esscli.dll - ok
19:59:48.0664 0x0b00  [ 718B6F51AB7F6FE2988A36868F9AD3AB, 76141B4E94C2766E2C34CEF523092948771A7893212EFADBE88D2171B85FF012 ] C:\Windows\System32\wbem\wbemsvc.dll
19:59:48.0664 0x0b00  C:\Windows\System32\wbem\wbemsvc.dll - ok
19:59:48.0664 0x0b00  [ 0143DB80DACFB7C2B5B7009ED9063353, 252885CF7C1BAB89B86908373546E5F5D674BEF7AACBDDCF321AD877CB9150A9 ] C:\Windows\System32\wbem\wmiutils.dll
19:59:48.0664 0x0b00  C:\Windows\System32\wbem\wmiutils.dll - ok
19:59:48.0680 0x0b00  [ 0AB34456654C283DAA13B8D2BA21439B, 4B70FC5195DE39564E951C8542020BA3D4257E3D4488F69825F67A6099CB7549 ] C:\Windows\System32\wbem\repdrvfs.dll
19:59:48.0680 0x0b00  C:\Windows\System32\wbem\repdrvfs.dll - ok
19:59:48.0680 0x0b00  [ E1B22739C933BE33F53DB58C5393ADD3, 26EE0DD091D2E00DECC774DC1EEDFFDE69AF74B0C769CCBE091AFC32C66E4207 ] C:\Windows\System32\Apphlpdm.dll
19:59:48.0680 0x0b00  C:\Windows\System32\Apphlpdm.dll - ok
19:59:48.0695 0x0b00  [ 9719E3D834F5C8C43F56A93DFA497023, 4D78D4BD4835C0A237821967156C19DF4B90384A6BCB1F48CEAF35D003A0099A ] C:\Windows\System32\pnpts.dll
19:59:48.0695 0x0b00  C:\Windows\System32\pnpts.dll - ok
19:59:48.0695 0x0b00  [ BF4AC709BE5BF64F331F5D67773A0C82, 96E5A2A12D386B8A7976FEC76FD350E6A3EEBDF5763F4BBF4AB18880E9F269E0 ] C:\Windows\System32\perftrack.dll
19:59:48.0695 0x0b00  C:\Windows\System32\perftrack.dll - ok
19:59:48.0711 0x0b00  [ 945E54F23C72D37B8CD1987AF0DB63BF, C2B217C94DBCA0A31ED834B9D492B53B25B235DDD02B1D1200E76609D32772EA ] C:\Windows\System32\fveapi.dll
19:59:48.0711 0x0b00  C:\Windows\System32\fveapi.dll - ok
19:59:48.0711 0x0b00  [ 891ECFD08E2C538B7948CBC45106D697, 628D0D618FF3A70E9FBE3B2C7206C9365ED2297784A5F10FFA05BD2C56657013 ] C:\Windows\System32\fvecerts.dll
19:59:48.0711 0x0b00  C:\Windows\System32\fvecerts.dll - ok
19:59:48.0726 0x0b00  [ 694865362F0965779F92BCFE97712323, 825EB75E37AFE9B738869FB5D95020D4F44AD419C2F6C5A658F82A5242FDEF6C ] C:\Windows\System32\tbs.dll
19:59:48.0726 0x0b00  C:\Windows\System32\tbs.dll - ok
19:59:48.0726 0x0b00  [ 8269210DAF3B12BC8300631B28A2A442, EABEB792C2EA8D4A1A7B13281CF557C194D5667AE0BA2A2D5664908D8269113D ] C:\Windows\System32\wiarpc.dll
19:59:48.0726 0x0b00  C:\Windows\System32\wiarpc.dll - ok
19:59:48.0742 0x0b00  [ 9689A9C7F7C2A1A423CDA2C3B43FFF65, 914AD22D98975578BC14D821F72E8DFCE24F2092F9C299D24EBBAF5408FE8B8B ] C:\Windows\System32\wer.dll
19:59:48.0742 0x0b00  C:\Windows\System32\wer.dll - ok
19:59:48.0742 0x0b00  [ F7073C962C4FB7C415565DDE109DE49F, 781E7088DCEFBC34A808C3E7DA41A56112B3F23ABE9F54B5EF4D5CD9CD016B1D ] C:\Windows\System32\npmproxy.dll
19:59:48.0742 0x0b00  C:\Windows\System32\npmproxy.dll - ok
19:59:48.0758 0x0b00  [ 9BC93C9ACFA34DB5A41B89357B31E4ED, C3B9DDCB31970F91F8CAF85D2431903DB1738872775EEFD6712B7646BDE1250C ] C:\Windows\System32\FwRemoteSvr.dll
19:59:48.0758 0x0b00  C:\Windows\System32\FwRemoteSvr.dll - ok
19:59:48.0758 0x0b00  [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C, 78889511D6F471009674CC958F8BB77B4A79C952634B18E8AFF4A75AA6A60E87 ] C:\Windows\System32\ndiscapCfg.dll
19:59:48.0758 0x0b00  C:\Windows\System32\ndiscapCfg.dll - ok
19:59:48.0773 0x0b00  [ 3D6AF45673C4B31CDECD7F80AF09D443, 7D711D138C107816155AFA5E5FDC6892734074BEFF604B5904177B5D9ACE4670 ] C:\Windows\System32\rascfg.dll
19:59:48.0773 0x0b00  C:\Windows\System32\rascfg.dll - ok
19:59:48.0773 0x0b00  [ 2DF29664ED261F0FC448E58F338F0671, 4EFE79C383D0AF126FC4EE668D822563F8F037B1E61D73747A35FE11AAFDB8CE ] C:\Windows\System32\mprapi.dll
19:59:48.0773 0x0b00  C:\Windows\System32\mprapi.dll - ok
19:59:48.0789 0x0b00  [ 1CF21800E337F4039AAD4C94B4280EE4, EF434CEF6E62A202B85E8EC7916EB998E20B10675437CDE90084CDA938C0AA3F ] C:\Windows\System32\mprmsg.dll
19:59:48.0789 0x0b00  C:\Windows\System32\mprmsg.dll - ok
19:59:48.0789 0x0b00  [ 55DE45B116711881C852D2841E4C84DD, 18E5021530BB44042C85087BAE4FEDA633E01CDCBA09C90A5941B74C75133A35 ] C:\Windows\System32\tcpipcfg.dll
19:59:48.0789 0x0b00  C:\Windows\System32\tcpipcfg.dll - ok
19:59:48.0789 0x0b00  [ 03A03A453F1AAAE0C73AAAF895321C7A, BB46C581347EDA9CAF287E24163A593F07BD723E1C250ADD8E5C46BB349B668C ] C:\Windows\SysWOW64\FWPUCLNT.DLL
19:59:48.0789 0x0b00  C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
19:59:48.0804 0x0b00  [ 58A0CDABEA255616827B1C22C9994466, 4FE1140AA8D3995579DE8CDF4ECAD1978804D05351EABB4079A63B303EF1B451 ] C:\Windows\System32\NapiNSP.dll
19:59:48.0804 0x0b00  C:\Windows\System32\NapiNSP.dll - ok
19:59:48.0804 0x0b00  [ 613C8CE10A5FDE582BA5FA64C4D56AAA, 30507B6BA79E1A271B07BBA58B4FF463678BE0960266A1D5E88031E932D768B6 ] C:\Windows\System32\pnrpnsp.dll
19:59:48.0804 0x0b00  C:\Windows\System32\pnrpnsp.dll - ok
19:59:48.0820 0x0b00  [ 88351B29B622B30962D2FEB6CA8D860B, A16CAD7D94C1C9807083BB36E9B4C3C14E6482C4CA2BDFACBCC86E737DDCE42E ] C:\Windows\System32\rasadhlp.dll
19:59:48.0820 0x0b00  C:\Windows\System32\rasadhlp.dll - ok
19:59:48.0820 0x0b00  [ 2E2072EB48238FCA8FBB7A9F5FABAC45, AC70B9FC24847EEC2E18008F2894DCDAC19A9C90D5D88729326E493CA524F5C3 ] C:\Windows\System32\winrnr.dll
19:59:48.0820 0x0b00  C:\Windows\System32\winrnr.dll - ok
19:59:48.0836 0x0b00  [ 46863C4CC5B68EB09EA2D5EEF0F1193A, 9B5593E1F484AC8F96F89A5995FB1FE9C51CB2F0F545607F6850751191150CFE ] C:\Windows\System32\radardt.dll
19:59:48.0836 0x0b00  C:\Windows\System32\radardt.dll - ok
19:59:48.0836 0x0b00  [ FEB91B4DA0D540865260A33838654FA3, 8636B008BA329D3E6CC235D08BA4C914EFF45DBFCB9297C893CCDA8D907BA946 ] C:\Windows\System32\nci.dll
19:59:48.0836 0x0b00  C:\Windows\System32\nci.dll - ok
19:59:48.0836 0x0b00  [ E811F8510B133E70CF6E509FB809824F, 82541F2B15748250462B67B6C77530D4F7C45A1482237EC49B28F9FA5A414108 ] C:\Windows\System32\wdiasqmmodule.dll
19:59:48.0851 0x0b00  C:\Windows\System32\wdiasqmmodule.dll - ok
19:59:48.0851 0x0b00  [ AC0C9CEA1218DAB1994AF8B28E680BD9, 7C79144AD91C5B578B48DD6412884A58F4E6C23732612655A73486FC7BCE68A0 ] C:\Windows\System32\wlaninst.dll
19:59:48.0851 0x0b00  C:\Windows\System32\wlaninst.dll - ok
19:59:48.0851 0x0b00  [ 5A406C9C8E0880D3EABADC5DFD1ACDAE, D3228D81B30A37DDDBF2E9FECC8885404FB95DBD11C5F55A425B27BD361BC2C1 ] C:\Windows\System32\wwaninst.dll
19:59:48.0851 0x0b00  C:\Windows\System32\wwaninst.dll - ok
19:59:48.0867 0x0b00  [ ED6EE83D61EBC683C2CD8E899EA6FEBE, F82592908D038C44D9F2E5C5B7BC663A2D370FC565F40420E1138A9E55F0E7EB ] C:\Windows\SysWOW64\rasadhlp.dll
19:59:48.0867 0x0b00  C:\Windows\SysWOW64\rasadhlp.dll - ok
19:59:48.0867 0x0b00  [ A0A2C1D812C231C9BFE119FDC68E341B, F94446594EE17505956A715DFB28B51D09F00A7A65E56950661B889A57DE8FA8 ] C:\Windows\System32\IDStore.dll
19:59:48.0867 0x0b00  C:\Windows\System32\IDStore.dll - ok
19:59:48.0882 0x0b00  [ EE5C8E27C37B79CB54A2FCEEED2DC262, 0A5E200FD65A491756B951A4A0ED39B88B7B313E97C2BBF3C91AC4C290772BB7 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
19:59:48.0882 0x0b00  C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
19:59:48.0882 0x0b00  [ 73E8667A19FEEDD856DF2695E9E511D4, 68D66C36D1F293D10ADCC6A33C870F989A29743537592CF172F02E794BEAFD1C ] C:\Windows\SysWOW64\wship6.dll
19:59:48.0882 0x0b00  C:\Windows\SysWOW64\wship6.dll - ok
19:59:48.0898 0x0b00  [ 517110BD83835338C037269E603DB55D, 499A803DE14905F2FF7BCA56D81CC983E16A8D9CEA93EC4B84A06A366E7CB939 ] C:\Windows\System32\taskhost.exe
19:59:48.0898 0x0b00  C:\Windows\System32\taskhost.exe - ok
19:59:48.0898 0x0b00  [ 6CEF7856A3EFAC59470F6208F0F585CE, 0F7A80DB821FDE6580E9481B6DA44844F717DDB4983B0E3D562BE43726153951 ] C:\Windows\System32\mpr.dll
19:59:48.0898 0x0b00  C:\Windows\System32\mpr.dll - ok
19:59:48.0898 0x0b00  [ 9BB99503D6A4DD62569EDE9E5E2672A5, 6F4EA5BC50B1F929735246485263078BEF1B3BEB33F78CB1F483F13AA226C27E ] C:\Windows\System32\HotStartUserAgent.dll
19:59:48.0898 0x0b00  C:\Windows\System32\HotStartUserAgent.dll - ok
19:59:48.0914 0x0b00  [ 65EA57712340C09B1B0C427B4848AE05, 5FDCF73191BFF9DBB03886755FFCF0BC15849F0E216884A5A8B9BB375FA7C1A5 ] C:\Windows\System32\taskeng.exe
19:59:48.0914 0x0b00  C:\Windows\System32\taskeng.exe - ok
19:59:48.0914 0x0b00  [ BAFE84E637BF7388C96EF48D4D3FDD53, 11C194D9ADCE90027272C627D7FBF3BA5025FF0F7B26A8333F764E11E1382CF9 ] C:\Windows\System32\userinit.exe
19:59:48.0914 0x0b00  C:\Windows\System32\userinit.exe - ok
19:59:48.0929 0x0b00  [ 94EEAC26F57811BD1AEFC164412F7FCE, 7390BCD7709D48DE75D7D6E06AA7356D1C58EE63F3CC2E07ABCD2E2FF6CC81CF ] C:\Windows\System32\PlaySndSrv.dll
19:59:48.0929 0x0b00  C:\Windows\System32\PlaySndSrv.dll - ok
19:59:48.0929 0x0b00  [ F162D5F5E845B9DC352DD1BAD8CEF1BC, 8A7B7528DB30AB123B060D8E41954D95913C07BB40CDAE32E97F9EDB0BAF79C7 ] C:\Windows\System32\dwm.exe
19:59:48.0929 0x0b00  C:\Windows\System32\dwm.exe - ok
19:59:48.0929 0x0b00  [ 4BA77A5EF71C14C764B0ED4701683E3E, 066A064CDBE09BF8BE1DF5B259F30FF6C124A1C3D637800D3E19E8E25EDB950E ] C:\Windows\System32\dwmcore.dll
19:59:48.0929 0x0b00  C:\Windows\System32\dwmcore.dll - ok
19:59:48.0945 0x0b00  [ FCFCD1101C5DA23B4B95F93D02B2C169, 040A086875B6C5475490A2F8B0CF4FF20DDB4FEDFE5FCABBA49692AA05F40527 ] C:\Windows\System32\dwmredir.dll
19:59:48.0945 0x0b00  C:\Windows\System32\dwmredir.dll - ok
19:59:48.0945 0x0b00  [ E629F1A051C82795DDFFD3E8D4855811, 6E4DFFEAB2795C98EA6DCAF10EA6D97413D0F8CA0C04869CB20B74FF4D6FE679 ] C:\Windows\System32\dimsjob.dll
19:59:48.0945 0x0b00  C:\Windows\System32\dimsjob.dll - ok
19:59:48.0960 0x0b00  [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA, 8A6ACEFAB95E5275CBFBE6CCB5A6C3A6A471260B279B9063E86B9C7765E18656 ] C:\Windows\System32\MsCtfMonitor.dll
19:59:48.0960 0x0b00  C:\Windows\System32\MsCtfMonitor.dll - ok
19:59:48.0960 0x0b00  [ F09A9A1AD21FE618C4C8B0A0D830C886, 29831DDAB2AB105358FBC067CDF96428220B6743CD6019F6FE74BAC7AF325E7E ] C:\Windows\System32\msutb.dll
19:59:48.0960 0x0b00  C:\Windows\System32\msutb.dll - ok
19:59:48.0976 0x0b00  [ D63BEE2A8B22482F7080A8D3F2E1A733, 20E2CC793E55548CA8F6EB7F02D51EEA7632E16302C9213705F3A9684AD9F41F ] C:\Windows\System32\d3d10_1.dll
19:59:48.0976 0x0b00  C:\Windows\System32\d3d10_1.dll - ok
19:59:48.0976 0x0b00  [ 426BA4E737A7988FD1202AF2F2B2F4A6, 3E84B1EF044C157B7B228AE86A4466BC7E24B2D85F07636D0119041E3D630A2F ] C:\Windows\System32\d3d10_1core.dll
19:59:48.0976 0x0b00  C:\Windows\System32\d3d10_1core.dll - ok
19:59:48.0976 0x0b00  [ F404E59DB6A0F122AB26BF4F3E2FD0FA, 47F30401D86006821475F911A3D5E9B23571F6A8B4A9942891298E33D070D5D5 ] C:\Windows\System32\dxgi.dll
19:59:48.0976 0x0b00  C:\Windows\System32\dxgi.dll - ok
19:59:48.0992 0x0b00  [ 805A52C5AE26C28E88FDD9BCCFE6F312, 4FF28D3658C31722B7DD036DED9D544B14841C0E0B94D31A8EC5AB92128DA020 ] C:\Windows\System32\TSChannel.dll
19:59:48.0992 0x0b00  C:\Windows\System32\TSChannel.dll - ok
19:59:48.0992 0x0b00  [ EF2AE43BCD46ABB13FC3E5B2B1935C73, 81FC06F306F620845D7DD8D06E706309E70BC89B589C81F3478302A3F5F73431 ] C:\Windows\System32\winmm.dll
19:59:48.0992 0x0b00  C:\Windows\System32\winmm.dll - ok
19:59:49.0007 0x0b00  [ AC4C51EB24AA95B77F705AB159189E24, 6A671B92A69755DE6FD063FCBE4BA926D83B49F78C42DBAEED8CDB6BBC57576A ] C:\Windows\explorer.exe
19:59:49.0007 0x0b00  C:\Windows\explorer.exe - ok
19:59:49.0007 0x0b00  [ 94DFBB481BF51158B216E23C5C1C9D6E, 0199086A70B9B63E48A7A15C8AE5442E9C6BC0173BD80A104DE1BE6A6C25F202 ] C:\Windows\System32\certcli.dll
19:59:49.0007 0x0b00  C:\Windows\System32\certcli.dll - ok
19:59:49.0023 0x0b00  [ 35CB97CBC3EDC463418ED4997AAB29B6, EE60EABE2D87CEDD68FB8985B6C5D70930015FB2B8DB9FDCB4044587BC6ECA4C ] C:\Windows\System32\pautoenr.dll
19:59:49.0023 0x0b00  C:\Windows\System32\pautoenr.dll - ok
19:59:49.0023 0x0b00  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:59:49.0023 0x0b00  C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
19:59:49.0023 0x0b00  [ 263B26106606A010CF877472B535E4BB, 43ECE89E428D2BB34244894BEBA1B946B0767649D15B1C715223E4E471A9E504 ] C:\Windows\System32\CertEnroll.dll
19:59:49.0023 0x0b00  C:\Windows\System32\CertEnroll.dll - ok
19:59:49.0038 0x0b00  [ 77E585EDD4C7EB7AB2ACC36BC1DC32A5, 57BF4D683CA66AAC2A4B7FEDF9F7FB254860BE77E1F4A6DD2C40410783B5C113 ] C:\Program Files (x86)\Google\Update\1.3.24.15\goopdate.dll
19:59:49.0038 0x0b00  C:\Program Files (x86)\Google\Update\1.3.24.15\goopdate.dll - ok
19:59:49.0038 0x0b00  [ 57F5DB25A31C09A57BBC20FA330F70B1, E59D3820CA54A36EBFF7AC9B81851F47ABCF9F0DCD0EE5C39F630E252E455C2C ] C:\Windows\System32\igd10umd64.dll
19:59:49.0038 0x0b00  C:\Windows\System32\igd10umd64.dll - ok
19:59:49.0054 0x0b00  [ EED05D42D91835064703E2318552ED25, E9EE1E2253445B207B76F5D3073C612ED979A982522C1515E0FE8FA9641AE568 ] C:\Windows\System32\ExplorerFrame.dll
19:59:49.0054 0x0b00  C:\Windows\System32\ExplorerFrame.dll - ok
19:59:49.0054 0x0b00  [ 352B3DC62A0D259A82A052238425C872, 393B24E0D6007C74AEE2FB2EE2C18623D37DF64E279B6767952DCFEE0EACBB10 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
19:59:49.0054 0x0b00  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
19:59:49.0070 0x0b00  [ 0CE4D3BD306DA6D1F6F233C403F5B667, 6428AD0BD3732A2038CD372A06563E84F33DCDAB4E2B203B3F75BE678690DCAD ] C:\Windows\SysWOW64\msi.dll
19:59:49.0070 0x0b00  C:\Windows\SysWOW64\msi.dll - ok
19:59:49.0070 0x0b00  [ 29CA5974FAB0E8AE4AA7814FE05CF832, ADE54D406AAB7C364851AAD278A569426C9ADD4F7FB543BB08428CED963BF541 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
19:59:49.0070 0x0b00  C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
19:59:49.0070 0x0b00  [ 9A85ABCE0FDD1AF8E79E731EB0B679F3, 2A610BEB16610FE2F2E9A50477A62A05481E8A5843A814955A0EDFF45D0304B3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
19:59:49.0070 0x0b00  C:\Windows\SysWOW64\dhcpcsvc.dll - ok
19:59:49.0085 0x0b00  [ 18AB2E5A40064ED5F7791AC5946A90F3, B7536CE56702C23B1CEC3E1B6C78866E0A76808B85A92AF3733D9ED9429E004C ] C:\Windows\SysWOW64\msimg32.dll
19:59:49.0085 0x0b00  C:\Windows\SysWOW64\msimg32.dll - ok
19:59:49.0085 0x0b00  [ 43964FA89CCF97BA6BE34D69455AC65F, 10E3B89A5470E1BB6F73382135DD2352F5073C1EE8485D7476CFB5122D4AAA2F ] C:\Windows\SysWOW64\uxtheme.dll
19:59:49.0085 0x0b00  C:\Windows\SysWOW64\uxtheme.dll - ok
19:59:49.0101 0x0b00  [ 2D0D2DA87BEA7144F2A17F19D0D17E4C, F47B1A6B2284E9B1B664F835D9498C8D11FD411C524877F29783CDA71FB15BB9 ] C:\Windows\SysWOW64\wintrust.dll
19:59:49.0101 0x0b00  C:\Windows\SysWOW64\wintrust.dll - ok
19:59:49.0101 0x0b00  [ B010CF886420EE29C2C276646721D255, CBCD032D679ADE3A9942A1D116648D6A9ECC71F66F8630629E724E5EE23F9F73 ] C:\Windows\SysWOW64\wlanapi.dll
19:59:49.0101 0x0b00  C:\Windows\SysWOW64\wlanapi.dll - ok
19:59:49.0116 0x0b00  [ 1D6A771D1D702AE07919DB52C889A249, E5F3378AC40AEE6114EEAF3BF11DC1059466891CAE353E80C08622A60485C954 ] C:\Windows\SysWOW64\wlanutil.dll
19:59:49.0116 0x0b00  C:\Windows\SysWOW64\wlanutil.dll - ok
19:59:49.0116 0x0b00  [ 465BEA35F7ED4A4A57686DEA7EA10F47, 7F1B3CA09AB045F805DA5765BE7DD270F5DDACE3073017F7386FF1E2FA82D6FB ] C:\Windows\SysWOW64\cscapi.dll
19:59:49.0116 0x0b00  C:\Windows\SysWOW64\cscapi.dll - ok
19:59:49.0116 0x0b00  [ 3FD15B4611D9BDA3F8013548C0ECAECA, B47A8D9985D9B71EB870816A0AB2B6403D394CCBDF7DE5378D5721D58D68D28D ] C:\Windows\SysWOW64\ntmarta.dll
19:59:49.0116 0x0b00  C:\Windows\SysWOW64\ntmarta.dll - ok
19:59:49.0132 0x0b00  [ EAB975DB4C2805927FE5BD047D05C9AA, 8F5497B1A2652B5EAA5D35BD314B5F90C5140207427DAE6068D665FA44D3FD56 ] C:\Windows\SysWOW64\netshell.dll
19:59:49.0132 0x0b00  C:\Windows\SysWOW64\netshell.dll - ok
19:59:49.0132 0x0b00  [ A8BB45F9ECAD993461E0FEF8E2A99152, ACB756EA54E71F124D928829666B5B439785593877FF7C0C76ADCF954F4E6C94 ] C:\Windows\SysWOW64\Wldap32.dll
19:59:49.0132 0x0b00  C:\Windows\SysWOW64\Wldap32.dll - ok
19:59:49.0148 0x0b00  [ 53223B673A3FA2F9A4D1C31C8D3F6CD8, B07A12E3ECD5E418A3F99F00C56E7F482F68CADE330E7C079DCCDFFAD2E21299 ] C:\Windows\SysWOW64\dbghelp.dll
19:59:49.0148 0x0b00  C:\Windows\SysWOW64\dbghelp.dll - ok
19:59:49.0148 0x0b00  [ FF5688D309347F2720911D8796912834, 3B0D73C50D40A6F42629B7750F99F656BF5C1C50237D5F98B6C0F2CE5E2DA359 ] C:\Windows\SysWOW64\clbcatq.dll
19:59:49.0148 0x0b00  C:\Windows\SysWOW64\clbcatq.dll - ok
19:59:49.0163 0x0b00  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] C:\Windows\System32\netman.dll
19:59:49.0163 0x0b00  C:\Windows\System32\netman.dll - ok
19:59:49.0163 0x0b00  [ A352113489E1330E1670BF052BC7620A, 4D09327E6E118F4BF632C1BF772291CDADA16F672BF426D506C11955810EA96D ] C:\Program Files\AVAST Software\Avast\defs\14071801\aswAR.dll
19:59:49.0163 0x0b00  C:\Program Files\AVAST Software\Avast\defs\14071801\aswAR.dll - ok
19:59:49.0163 0x0b00  [ 81D5C2D6232FCDBC7916AF659B12C8B7, F70F355E75AE0F1674BC31F743BD6D6B11DF90D37B5F6E19032ADCAD88FF6AE5 ] C:\Program Files\AVAST Software\Avast\defs\14071801\aswRawFS.dll
19:59:49.0163 0x0b00  C:\Program Files\AVAST Software\Avast\defs\14071801\aswRawFS.dll - ok
19:59:49.0179 0x0b00  [ 2080DCEBE27D92F29AAB5FCFF77613A2, EBBBB3E92B01F1F1FF6330AFFA7D8C281AB5BB9AEE1C900F5CF1AAF1E6813E42 ] C:\Program Files\AVAST Software\Avast\setup\instup.exe
19:59:49.0179 0x0b00  C:\Program Files\AVAST Software\Avast\setup\instup.exe - ok
19:59:49.0179 0x0b00  [ 4E5FE39C1076D115EC8BFCFE14D75B80, F1D02BCA6F664DCDD0CCDE269D31787C7553CD38C7208A8DD8B80B9EA09FEB1C ] C:\Windows\SysWOW64\credssp.dll
19:59:49.0179 0x0b00  C:\Windows\SysWOW64\credssp.dll - ok
19:59:49.0194 0x0b00  [ 64B9B821CA1A2AB37E3780D743A29AEB, 4A2B438A913CACCA2BDC5C700D0429889B019943E0DD14B4424917F973E37E64 ] C:\Program Files\AVAST Software\Avast\aswjsscan.dll
19:59:49.0194 0x0b00  C:\Program Files\AVAST Software\Avast\aswjsscan.dll - ok
19:59:49.0194 0x0b00  [ 1A83FADD95E6C9B759DB861616604D44, 9C3C3CB3F2A36E3483AAEDE6C6286690C38C7C124E98289B2D6A723FE78A32EC ] C:\Program Files\AVAST Software\Avast\setup\Instup.dll
19:59:49.0194 0x0b00  C:\Program Files\AVAST Software\Avast\setup\Instup.dll - ok
19:59:49.0194 0x0b00  [ 936F728E04ACCF3F38801CFFCF1E3F40, 59CA86096F4B928E364B6A3C0408615F068BB8BC02DCFC5EAF4873EC6D6E0797 ] C:\Windows\SysWOW64\oledlg.dll
19:59:49.0194 0x0b00  C:\Windows\SysWOW64\oledlg.dll - ok
19:59:49.0210 0x0b00  [ 8E8D82756F3DDC86D53651E3FB432B9D, A99A1A7334BAE818D40E8323DBBC01BC66860D7005CDFFCF0BE84025FFBF0AEC ] C:\Program Files\AVAST Software\Avast\aswPatchMgt.dll
19:59:49.0210 0x0b00  C:\Program Files\AVAST Software\Avast\aswPatchMgt.dll - ok
19:59:49.0210 0x0b00  [ CBD010BFBED9657C3813400AAD03CF8A, 2DD60A291D8F4A44D7D638C83A46CFA618525A72B9D975FB81F8F403699B9AE6 ] C:\Windows\SysWOW64\oleacc.dll
19:59:49.0210 0x0b00  C:\Windows\SysWOW64\oleacc.dll - ok
19:59:49.0226 0x0b00  [ D5AEFAD57C08349A4393D987DF7C715D, C36A45BC2448DF30CD17BD2F8A17FC196FAFB685612CACCEB22DC7B58515C201 ] C:\Windows\SysWOW64\winmm.dll
19:59:49.0226 0x0b00  C:\Windows\SysWOW64\winmm.dll - ok
19:59:49.0226 0x0b00  [ 08DFDBD2FD4EA951DC46B1C7661ED35A, D926530C659DDAF80770663F46F1EFD94FFB4AAB475C4E3367CB531AF4A734E1 ] C:\Windows\SysWOW64\powrprof.dll
19:59:49.0226 0x0b00  C:\Windows\SysWOW64\powrprof.dll - ok
19:59:49.0241 0x0b00  [ 0029EBA325F2FC9B6BA46BEE33F32A09, C07A936009FB275D56DC451C7D05B5F5A3F4DCD985C7F02DEE57D674034C602B ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\GdiPlus.dll
19:59:49.0241 0x0b00  C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\GdiPlus.dll - ok
19:59:49.0241 0x0b00  [ 397D14958D6C9C2B365469A857B2AC4E, 1465D7DC50A27A2C75FFC477E8A453B0884D1E298F804233483B63A47634B7EA ] C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
19:59:49.0241 0x0b00  C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe - ok
19:59:49.0257 0x0b00  [ AA0E4F73727BFC8BA404884B1C1DB719, 0DEB88BBBC3DD37824B484FA38487280CB6A049D235519584DA562C3C91F18A7 ] C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
19:59:49.0257 0x0b00  C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe - ok
19:59:49.0257 0x0b00  [ C5A99A4C0DC9F0F5A95BA0C83D30A549, F99CCCE303F0FC07D82D3BBA223E8CCE41FB7FA8FB5C2A9214C161826537C7C9 ] C:\Windows\SysWOW64\mstask.dll
19:59:49.0257 0x0b00  C:\Windows\SysWOW64\mstask.dll - ok
19:59:49.0272 0x0b00  [ 1BF0CB861A48FEB1638228760750F3CB, 37C781A8C546EAD8B4D28BD7D730B9AC78EB799599AD69DAD9054B6F9F1DD6BD ] C:\Windows\System32\cscapi.dll
19:59:49.0272 0x0b00  C:\Windows\System32\cscapi.dll - ok
19:59:49.0272 0x0b00  [ A7A8CA53D9C9FD90C07AB0EB38E5316B, B98722E76601A98F038F40703C4B8BD21B5EC3B65DC1B07B7C367C06448F8A0E ] C:\Windows\System32\dbghelp.dll
19:59:49.0272 0x0b00  C:\Windows\System32\dbghelp.dll - ok
19:59:49.0272 0x0b00  [ A42F2C1EB3B66C54FB3C7B79D30C1A6D, A63836DB3B01835DC1311526A95198D6EBCCB1DC9DDAFBC38EC36C128CDB98B9 ] C:\Windows\System32\netshell.dll
19:59:49.0272 0x0b00  C:\Windows\System32\netshell.dll - ok
19:59:49.0288 0x0b00  [ 49E5753D923F1AC63B22D3DCB0B47E00, 14CEC0BF5F625FF839A8D79B4A6B7C4AC0CBB705FD197C6B7FF8617C6C3E34FE ] C:\Windows\System32\uDWM.dll
19:59:49.0288 0x0b00  C:\Windows\System32\uDWM.dll - ok
19:59:49.0288 0x0b00  [ DDD0357A92FA843EFF8915ED17253D6C, 0C78B1D41F0A7821186ADF653504F2BFF067CB512CB0E932047C301378BBADB6 ] C:\Windows\System32\wbem\WmiPrvSD.dll
19:59:49.0288 0x0b00  C:\Windows\System32\wbem\WmiPrvSD.dll - ok
19:59:49.0304 0x0b00  [ D41FEBD098234F02485A4EA98D4730A4, 462DC8168C444F35B43BA3B8F7D77734665D84F1C6D25CAD7391C0145961628F ] C:\Windows\System32\ncobjapi.dll
19:59:49.0304 0x0b00  C:\Windows\System32\ncobjapi.dll - ok
19:59:49.0304 0x0b00  [ 6F40D6FB05E0C1E5402812B426971AF0, E41F138F0F2DB057F8DBB1587237C6FA8A2059B3D64EC894D1DC492A18DBBDED ] C:\Windows\System32\wbem\wbemess.dll
19:59:49.0304 0x0b00  C:\Windows\System32\wbem\wbemess.dll - ok
19:59:49.0319 0x0b00  [ 68ECCA523ED760AAFC03C5D587569859, CDD734279C8F9F24EA2538BAD8E91EB8C3DD74C33032DB6B2D85C19576B42707 ] C:\Windows\SysWOW64\samcli.dll
19:59:49.0319 0x0b00  C:\Windows\SysWOW64\samcli.dll - ok
19:59:49.0319 0x0b00  [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2, E8ACB693B1A78FAEF292111BE3F9B10BA95C76833C06C931A08EAAAE39A21334 ] C:\Windows\System32\dot3api.dll
19:59:49.0319 0x0b00  C:\Windows\System32\dot3api.dll - ok
19:59:49.0319 0x0b00  [ D0DAC9A9E5382EDC79E0F83C0FA6D1AB, 4CD83BBA78F6EC3A712CFC78ABA782262B3B3D3C3BA389164E9426F6CADBFEA8 ] C:\Program Files\AVAST Software\Avast\defs\14071801\swhealthex.dll
19:59:49.0319 0x0b00  C:\Program Files\AVAST Software\Avast\defs\14071801\swhealthex.dll - ok
19:59:49.0335 0x0b00  [ 198803E5E93E29967DFB0BCFD0186151, 72C3B0FA35578A71E9988FA31A7AD91A9CF31A6BA6EC00EA1F153E99277807BF ] C:\Windows\System32\spfileq.dll
19:59:49.0335 0x0b00  C:\Windows\System32\spfileq.dll - ok
19:59:49.0335 0x0b00  [ 244C6722289F4869068992FD7D8A8832, 8644D0A55C46C3F081F0AB43D253D13E56E77D89336A87108DB8C47D6EDC3A64 ] C:\Windows\SysWOW64\wbem\wbemdisp.dll
19:59:49.0335 0x0b00  C:\Windows\SysWOW64\wbem\wbemdisp.dll - ok
19:59:49.0350 0x0b00  [ 704314FD398C81D5F342CAA5DF7B7F21, CDA660E1E8AAE0789780B6B9604B138E67B2BDD1404A5E4C2354B35879D43085 ] C:\Windows\SysWOW64\wbemcomn.dll
19:59:49.0350 0x0b00  C:\Windows\SysWOW64\wbemcomn.dll - ok
19:59:49.0350 0x0b00  [ C5B0324DB461559ADD070E632A6919FA, AB09CACB5B7DD372B27921A5E01220552A611CECA27EF87961001FA467FDED45 ] C:\Windows\SysWOW64\wbem\wbemprox.dll
19:59:49.0350 0x0b00  C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
19:59:49.0350 0x0b00  [ 919001D2BB17DF06CA3F8AC16AD039F6, 5169ACFBE9E9D4C4012773ECDD28231C952675EF0C272A40F226E7B5D671B18B ] C:\Windows\SysWOW64\sxs.dll
19:59:49.0350 0x0b00  C:\Windows\SysWOW64\sxs.dll - ok
19:59:49.0366 0x0b00  [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8, B1A9B2EF000917214C0198958CBD239D1D91B1720EC40DF041262A34D302AD74 ] C:\Windows\SysWOW64\winspool.drv
19:59:49.0366 0x0b00  C:\Windows\SysWOW64\winspool.drv - ok
19:59:49.0366 0x0b00  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] C:\Windows\System32\qmgr.dll
19:59:49.0366 0x0b00  C:\Windows\System32\qmgr.dll - ok
19:59:49.0382 0x0b00  [ 5610B0425518D185331CB8E968D060E6, E235186C3BF266EE9EC733D2CFF35E3A65DE039C19B14260F4054F34B5E8AD41 ] C:\Windows\SysWOW64\wbem\wmiutils.dll
19:59:49.0382 0x0b00  C:\Windows\SysWOW64\wbem\wmiutils.dll - ok
19:59:49.0382 0x0b00  [ D9431DCF90B0253773F51FDEFE7FD42F, E53C40CC0EC603CF67305F0AA81389124CF6E709A22DABF13563CBAD15897422 ] C:\Windows\System32\bitsigd.dll
19:59:49.0382 0x0b00  C:\Windows\System32\bitsigd.dll - ok
19:59:49.0397 0x0b00  [ 29409ED7400CA5BCCC30C0EE5147A60D, FCC41E4308A1648CE810105AACED08295C53E25178D6C40C9DF61E9397C579D6 ] C:\Windows\System32\bitsperf.dll
19:59:49.0397 0x0b00  C:\Windows\System32\bitsperf.dll - ok
19:59:49.0397 0x0b00  [ 776AE0564F8B1C282E331FD95A1BDC5F, 601CFCA3922FFEA46A54AD323845A76A12FC6AF9FF64E9B0AE294FBB1AFCF4CB ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
19:59:49.0397 0x0b00  C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
19:59:49.0397 0x0b00  [ 96DB78C9C50CEED9DA5050EFFEE272A2, 51CF3E1F96555A4E4B5BC0DE2598CE5A0199F495644A91C2105F25A5A4CF10E3 ] C:\Windows\System32\upnp.dll
19:59:49.0397 0x0b00  C:\Windows\System32\upnp.dll - ok
19:59:49.0413 0x0b00  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] C:\Windows\System32\drivers\http.sys
19:59:49.0413 0x0b00  C:\Windows\System32\drivers\http.sys - ok
19:59:49.0413 0x0b00  [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A, 61B4D669C692775EF361445293163E84FAD8636AC49C8047BE806DB4E4093291 ] C:\Windows\SysWOW64\wbem\fastprox.dll
19:59:49.0413 0x0b00  C:\Windows\SysWOW64\wbem\fastprox.dll - ok
19:59:49.0428 0x0b00  [ E3E811471DE781900FF21C1FD84E941E, 2A47FF52D1D6480AAD1919382E783EA184BF926311F8C7E466FEBE9F6FB88FD6 ] C:\Windows\SysWOW64\ntdsapi.dll
19:59:49.0428 0x0b00  C:\Windows\SysWOW64\ntdsapi.dll - ok
19:59:49.0428 0x0b00  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] C:\Windows\System32\ssdpsrv.dll
19:59:49.0428 0x0b00  C:\Windows\System32\ssdpsrv.dll - ok
19:59:49.0444 0x0b00  [ 619A67C9F617B7E69315BB28ECD5E1DF, F34F231D117CCDFEBB9CB35C8D6FDFA7051DA27FDC1204FCCFF361FC0B13A0FF ] C:\Windows\System32\wbem\WmiPrvSE.exe
19:59:49.0444 0x0b00  C:\Windows\System32\wbem\WmiPrvSE.exe - ok
19:59:49.0444 0x0b00  [ 357BE883C5236BFC7341CB9E82308908, 4DDB697FD9B7C516CF99D73C8799EA35BB97E2431216CD7C1045F17B06109FBF ] C:\Windows\System32\wlanapi.dll
19:59:49.0444 0x0b00  C:\Windows\System32\wlanapi.dll - ok
19:59:49.0444 0x0b00  [ E4FCA0F99A41E460C84016DEFD31E6EF, 8EB14AF2025EADC7C86280E8417D8F286E8271B4F88B31696E33DFD72B3A0EF2 ] C:\Windows\System32\wlanhlp.dll
19:59:49.0444 0x0b00  C:\Windows\System32\wlanhlp.dll - ok
19:59:49.0460 0x0b00  [ 6607C2182C6A53ED983813AFE2F85768, FC9E718ABC4E0FBC7B0DD145F9C377A1800A7776AD832AB645796E13B1E15A1F ] C:\Windows\System32\wbem\cimwin32.dll
19:59:49.0460 0x0b00  C:\Windows\System32\wbem\cimwin32.dll - ok
19:59:49.0460 0x0b00  [ AC5DF873913B00E554D8F553459BC431, 86FC6E15BD67AEB714E44C088EDA1C17BAC25A1EC67A518A05878D594F293394 ] C:\Windows\System32\qmgrprxy.dll
19:59:49.0460 0x0b00  C:\Windows\System32\qmgrprxy.dll - ok
19:59:49.0475 0x0b00  [ 85B45B4B285B159ACDB355FC8C1E8925, EBB4A5472306A284D3A845347E2A79B13EFCCBA86705E1D49DE8AC44D8D06112 ] C:\Windows\SysWOW64\qmgrprxy.dll
19:59:49.0475 0x0b00  C:\Windows\SysWOW64\qmgrprxy.dll - ok
19:59:49.0475 0x0b00  [ 135F7AC9BE35AB1DF727FAF2E60E92F8, F4E55CC11513B17F0909F57BE9C71BB77F3BDE0B63F5A4AB737124A6C1CA40AC ] C:\Windows\SysWOW64\schannel.dll
19:59:49.0475 0x0b00  C:\Windows\SysWOW64\schannel.dll - ok
19:59:49.0491 0x0b00  [ F11A57E91FDAECFB41A5CB21EB1EBC8E, 904DA963F2274ADF521660E3131DAC781E59C6FAEB393E57802A3B5638C09283 ] C:\Windows\System32\dssenh.dll
19:59:49.0491 0x0b00  C:\Windows\System32\dssenh.dll - ok
19:59:49.0491 0x0b00  [ D1DE1EAFDE97BE41CF6585027FF3E732, 76F17D4DF440D6734DC8157092D94EB18C2A73A0A49BEEA289E7B3EDE30E86A2 ] C:\Windows\SysWOW64\comdlg32.dll
19:59:49.0491 0x0b00  C:\Windows\SysWOW64\comdlg32.dll - ok
19:59:49.0491 0x0b00  [ B43E68B8A022FB00FF54360D408E871B, 414F8F45729CAEC81A09A72A473EB12DC2ED861C39DFD343ECE79652F65DCEA8 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
19:59:49.0491 0x0b00  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - ok
19:59:49.0506 0x0b00  [ C20FF1A17726C357461A7AC5B3BFC3AD, 970558642CC14837B77B48257E3171ACC84466888875927314ACD6D79176F967 ] C:\Windows\SysWOW64\ncrypt.dll
19:59:49.0506 0x0b00  C:\Windows\SysWOW64\ncrypt.dll - ok
19:59:49.0506 0x0b00  [ CE71B9119A258EDD0A05B37D7B0F92E3, D9310C5BBFE089B8C81E259C462EC1E6D7A7A87FA59FC1F174ED5C58D409AE7A ] C:\Windows\SysWOW64\bcrypt.dll
19:59:49.0506 0x0b00  C:\Windows\SysWOW64\bcrypt.dll - ok
19:59:49.0522 0x0b00  [ E8449FE262D7406BCB2AC2A45C53EC5F, 6C118C9FB26404D1943824CF3990F36E12986547FFACB7CC0DF975A913065D78 ] C:\Windows\SysWOW64\bcryptprimitives.dll
19:59:49.0522 0x0b00  C:\Windows\SysWOW64\bcryptprimitives.dll - ok
19:59:49.0522 0x0b00  [ 1097F3035BAF46CED8B332B3564C5108, C69781683CA963A1335780DABBBC60E2C3CEF0888738D3425D358D12E8D0AF58 ] C:\Windows\SysWOW64\gpapi.dll
19:59:49.0522 0x0b00  C:\Windows\SysWOW64\gpapi.dll - ok
19:59:49.0538 0x0b00  [ D67E744681F891F895FD2CE24635EFF8, 05121D4BA832435E438A8661C53F2A0B4C78EA95766A04287FF5DDF936D64A04 ] C:\Program Files\WinRAR\WinRAR.exe
19:59:49.0538 0x0b00  C:\Program Files\WinRAR\WinRAR.exe - ok
19:59:49.0538 0x0b00  [ 1484B9EBF567346582DE571B0E164AE0, 9862BF22B2E32DABE7A82ACEE5B4EA1F0A93BDC3C71B20A6A4E568CCCD76A7A6 ] C:\Windows\System32\framedynos.dll
19:59:49.0538 0x0b00  C:\Windows\System32\framedynos.dll - ok
19:59:49.0553 0x0b00  [ E1CF79243D8262F935366ADFA253A0C1, A594504BB1FBB9B286A447F559BC3F5BC2E28D7D407BE619C66653BDCD7AEFA3 ] C:\Windows\System32\wmi.dll
19:59:49.0553 0x0b00  C:\Windows\System32\wmi.dll - ok
19:59:49.0553 0x0b00  [ 9A65E75CD7626E4D2E024776FB632814, 59E382F0746A2448CAB66D8FE263766A9056089A2A083F21B28DD6D0C2355C19 ] C:\Program Files\AVAST Software\Avast\ashShA64.dll
19:59:49.0553 0x0b00  C:\Program Files\AVAST Software\Avast\ashShA64.dll - ok
19:59:49.0569 0x0b00  [ 6A16BCE3C09496650BE881C467611653, 4E63CCC81461183863DE467C79452E5A5214DD142E4077C39F542D55BD238C59 ] C:\Windows\System32\msi.dll
19:59:49.0569 0x0b00  C:\Windows\System32\msi.dll - ok
19:59:49.0569 0x0b00  [ 024352FEEC9042260BB4CFB4D79A206B, 60CB39086E10C5B66EBC15E4DF219620B344B4358D2918AB6BB3448A0AC8BE36 ] C:\Windows\System32\EhStorShell.dll
19:59:49.0569 0x0b00  C:\Windows\System32\EhStorShell.dll - ok
19:59:49.0584 0x0b00  [ 7BBF670114373CE6A203FA155A9E0D0A, 36EF0A36C679E53B1B169289BD3C05D7C2839DC20C8C87BF520B633911FDE198 ] C:\Windows\System32\ntshrui.dll
19:59:49.0584 0x0b00  C:\Windows\System32\ntshrui.dll - ok
19:59:49.0584 0x0b00  [ 1D63F4366288B8A7595397E27010FD44, 99EA4DDD88D9C4A4CC9B238F533CB4D2C062D46239173997E8594D8A75811A01 ] C:\Windows\System32\IconCodecService.dll
19:59:49.0584 0x0b00  C:\Windows\System32\IconCodecService.dll - ok
19:59:49.0600 0x0b00  [ 3977D4A871CA0D4F2ED1E7DB46829731, 2AF1C3225994769C3FD25CD7E9603964B035576F25B0B6D91545566E0722FFAA ] C:\Windows\System32\appinfo.dll
19:59:49.0600 0x0b00  C:\Windows\System32\appinfo.dll - ok
19:59:49.0600 0x0b00  [ 025E7DBDB98866ED3CB2D4DDA70B364D, 78962F23F066E362AF1A4B98FA7D5E30AF30C561307438503031D30C944B6A6E ] C:\Windows\System32\runonce.exe
19:59:49.0600 0x0b00  C:\Windows\System32\runonce.exe - ok
19:59:49.0616 0x0b00  [ D44741F65A1D71F65814A12CF6E2400A, C6721F830675ADC7E7FDE2B5E822E56F6A063146F5066F1E25EBFE86F0A87136 ] C:\Windows\SysWOW64\runonce.exe
19:59:49.0616 0x0b00  C:\Windows\SysWOW64\runonce.exe - ok
19:59:49.0616 0x0b00  [ 12C45E3CB6D65F73209549E2D02ECA7A, 9DFD9C58B90257C34D52B7156C1D2566BE32EE7BD4699DDE164A5F190EC4D44A ] C:\Windows\SysWOW64\propsys.dll
19:59:49.0616 0x0b00  C:\Windows\SysWOW64\propsys.dll - ok
19:59:49.0631 0x0b00  [ AD7B9C14083B52BC532FBA5948342B98, 17F746D82695FA9B35493B41859D39D786D32B23A9D2E00F4011DEC7A02402AE ] C:\Windows\SysWOW64\cmd.exe
19:59:49.0631 0x0b00  C:\Windows\SysWOW64\cmd.exe - ok
19:59:49.0631 0x0b00  [ 326C7F76A29897A892AA7726E91C1C67, 64305346B06EC14976130B0B80F14B4D5AB63E5B2A6A7B872EC9CE2BF8FADCD2 ] C:\Windows\SysWOW64\winbrand.dll
19:59:49.0631 0x0b00  C:\Windows\SysWOW64\winbrand.dll - ok
19:59:49.0647 0x0b00  [ 4619E14B2DF4137907CD988ACA4B30A5, B8D451CC8B23108931D657FA7895CD97734567135F40F061D1F34F9C613B004C ] C:\Windows\SysWOW64\ieframe.dll
19:59:49.0647 0x0b00  C:\Windows\SysWOW64\ieframe.dll - ok
19:59:49.0647 0x0b00  [ BE247AE996A9FDE007A27B51413A6C79, A4280BE9BDCB51E50A0E302F59ACDF866EFAC8035D766172D06C15019CC57476 ] C:\Windows\SysWOW64\shdocvw.dll
19:59:49.0647 0x0b00  C:\Windows\SysWOW64\shdocvw.dll - ok
19:59:49.0647 0x0b00  [ D40E7B5FBB8E0EAA7C5C294389AF95AB, 8EFD521DF1F335AF416DEC15D5C0C6538903803AA1A8ED93AA704B384A29876B ] C:\Users\JR\AppData\Local\Temp\{A170C1D7-952C-4110-859C-38A047503719}.exe
19:59:49.0647 0x0b00  C:\Users\JR\AppData\Local\Temp\{A170C1D7-952C-4110-859C-38A047503719}.exe - ok
19:59:49.0662 0x0b00  [ B2FD31E20B423335FE3273B4BF95813C, C576DA89C6B5D19427B755122CA3D7CB6E166B0D12EAABFB4D30820B861CAFF6 ] C:\Windows\SysWOW64\imagehlp.dll
19:59:49.0662 0x0b00  C:\Windows\SysWOW64\imagehlp.dll - ok
19:59:49.0662 0x0b00  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] C:\Windows\System32\aelupsvc.dll
19:59:49.0662 0x0b00  C:\Windows\System32\aelupsvc.dll - ok
19:59:49.0678 0x0b00  [ 04D16553664796613FE98D441A0C35D7, EC9D4B3B8F8B0C3EE01D18CDF5BE9EF216AC9BBB1FB64A63D5013BD9AFB2A606 ] C:\Windows\SysWOW64\cryptnet.dll
19:59:49.0678 0x0b00  C:\Windows\SysWOW64\cryptnet.dll - ok
19:59:49.0678 0x0b00  [ 6F8E3B7B70E1BBA871212940C1FBDF60, 3F9D4EE64E4210340C6FEE0DE81BFE3C613DDBE608EC09D63817D24CE24BFC5E ] C:\Windows\SysWOW64\SensApi.dll
19:59:49.0678 0x0b00  C:\Windows\SysWOW64\SensApi.dll - ok
19:59:49.0694 0x0b00  [ 7A6986DD659B96398A11AF5173892715, FB7818952B9015F433418E7DC656A2C20CD682056AB981A55C1722020142D578 ] C:\Windows\SysWOW64\cabinet.dll
19:59:49.0694 0x0b00  C:\Windows\SysWOW64\cabinet.dll - ok
19:59:49.0694 0x0b00  [ FD07F21E0A19C27ED4E1EEC2B07452B3, DF54C00B021AF64BB04EDEBCA6F41CCF48F1959DD53ADE545FAFC565F1243392 ] C:\Windows\SysWOW64\devrtl.dll
19:59:49.0694 0x0b00  C:\Windows\SysWOW64\devrtl.dll - ok
19:59:49.0709 0x0b00  [ 39C5F32747B3414D1BB216FDB1DEFC58, 6FAE64CB9748304090113903A5AE9E7154BE16BA2EEA7AB3EF04AB9D79B81380 ] C:\Windows\SysWOW64\dwmapi.dll
19:59:49.0709 0x0b00  C:\Windows\SysWOW64\dwmapi.dll - ok
19:59:49.0709 0x0b00  [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5, ADD7B965D6D4F1FB4DABF8E40E0322E1FDC4652CA8FD670F487D1E875B770759 ] C:\Windows\SysWOW64\WindowsCodecs.dll
19:59:49.0709 0x0b00  C:\Windows\SysWOW64\WindowsCodecs.dll - ok
19:59:49.0725 0x0b00  [ 846D0E4DB261CFAF363902E41498E961, D7E5591B7604FD583AF7FDA19E30928B24A6145318A3944E7D207F0CCEEB30D0 ] C:\Windows\SysWOW64\EhStorShell.dll
19:59:49.0725 0x0b00  C:\Windows\SysWOW64\EhStorShell.dll - ok
19:59:49.0725 0x0b00  [ EB77DB354791A5932CA559B6F6374E95, 113816D464941C92A952F5593552E889CFDA7E0389DC1B64031C3077C3CF7043 ] C:\Windows\SysWOW64\ntshrui.dll
19:59:49.0725 0x0b00  C:\Windows\SysWOW64\ntshrui.dll - ok
19:59:49.0725 0x0b00  [ 8B74CEC6980D4816B0037AE9A27E538F, 8721EDB4C51BF6020002FA5DDB1987C68590F9F433A2F18D9756B2DAC7542CB6 ] C:\Windows\SysWOW64\slc.dll
19:59:49.0725 0x0b00  C:\Windows\SysWOW64\slc.dll - ok
19:59:49.0740 0x0b00  [ 827CB0D6C3F8057EA037FF271F8E9795, 82760DBDDD38D2A31CAAF51D065DF4E7E1D0F0C22733A0AF653776EBF7B79470 ] C:\Windows\SysWOW64\imageres.dll
19:59:49.0740 0x0b00  C:\Windows\SysWOW64\imageres.dll - ok
19:59:49.0740 0x0b00  [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9, E18D66455D00A6D2A2D7CC0833C233FE8A6DD910B59D6B5B5F82EF91450858DF ] C:\Windows\SysWOW64\sfc.dll
19:59:49.0740 0x0b00  C:\Windows\SysWOW64\sfc.dll - ok
19:59:49.0756 0x0b00  [ 84799328D87B3091A3BDD251E1AD31F9, F85521215924388830DBB13580688DB70B46AF4C7D82D549D09086438F8D237B ] C:\Windows\SysWOW64\sfc_os.dll
19:59:49.0756 0x0b00  C:\Windows\SysWOW64\sfc_os.dll - ok
19:59:49.0756 0x0b00  [ B9A8CBCFCD3EC9D2EA4740AF347BF108, 97FA304E3880BC863D999F441AE47CB8ADF00D2DEC2A52ACD8FBD02CC096786A ] C:\Windows\SysWOW64\mpr.dll
19:59:49.0756 0x0b00  C:\Windows\SysWOW64\mpr.dll - ok
19:59:49.0772 0x0b00  [ D56C13F26ADCB3BC0455DB42883F6E7D, D4FED452DB714614EC362DCC56EFA66777FBCFB49037D9B3C1FFE09A91ADA2D0 ] C:\Windows\System32\iedkcs32.dll
19:59:49.0772 0x0b00  C:\Windows\System32\iedkcs32.dll - ok
19:59:49.0772 0x0b00  [ 6D220604AA4240303DD8DEAEAB428377, 0AC013CFA8F8040017969B3110BBD3B9A4827E0DFC4BE65F334F607248DF9550 ] C:\Windows\System32\ie4uinit.exe
19:59:49.0772 0x0b00  C:\Windows\System32\ie4uinit.exe - ok
19:59:49.0787 0x0b00  [ 1FCB1A72BF5C784F7358E6BEF38E4571, 12DA4240F8C964EDA6223257BD9723FD9372E63AE86F00509163B1DE12A5F6C5 ] C:\Windows\System32\timedate.cpl
19:59:49.0787 0x0b00  C:\Windows\System32\timedate.cpl - ok
19:59:49.0787 0x0b00  [ E6F0F82788E8BD0F7A616350EFA0761C, 13091DCB3E3F4F52C3FF210E93AAF1DCE142CFC09F671AEAC5B922393B23E67B ] C:\Windows\System32\actxprxy.dll
19:59:49.0787 0x0b00  C:\Windows\System32\actxprxy.dll - ok
19:59:49.0803 0x0b00  [ C4F40F6CACD796A8E16671D0E9A2F319, 44853C645915D910ED0CC6D38F68B6C222528EC5FCBE990E238010F41204E682 ] C:\Windows\System32\shdocvw.dll
19:59:49.0803 0x0b00  C:\Windows\System32\shdocvw.dll - ok
19:59:49.0803 0x0b00  [ A0A65D306A5490D2EB8E7DE66898ECFD, CE5DA408F4EDD5E81CE0925867F03C9A35172CF1571FE4C4C052E45AB69822BB ] C:\Windows\System32\linkinfo.dll
19:59:49.0803 0x0b00  C:\Windows\System32\linkinfo.dll - ok
19:59:49.0818 0x0b00  [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86, E15ED4FEFC3010C213694331DDFDC03767682325C898D773AB243E2DC8B08461 ] C:\Windows\System32\msftedit.dll
19:59:49.0818 0x0b00  C:\Windows\System32\msftedit.dll - ok
19:59:49.0818 0x0b00  [ 7CB3ACB163DE051169095DC6507B8977, 45D4DEB0695440D8B5E959945B3F7A773E02E2AB305E316123A1064FC1905402 ] C:\Windows\System32\msls31.dll
19:59:49.0818 0x0b00  C:\Windows\System32\msls31.dll - ok
19:59:49.0818 0x0b00  [ 3504B34CD2DE00BA3CC1A195F1B739BD, C08B5AD0C59FF393658CB08130A138CDBC16C1BF2672611CD2C5C93ED40EBA21 ] C:\Windows\System32\gameux.dll
19:59:49.0818 0x0b00  C:\Windows\System32\gameux.dll - ok
19:59:49.0834 0x0b00  [ 4C2C4640BF23AAFCF90519E0F34436CE, 8ACCDA77C2DC5BE2DAED05134310122AFECC872A8D118612E55DD229BFE4D844 ] C:\Windows\System32\DeviceCenter.dll
19:59:49.0834 0x0b00  C:\Windows\System32\DeviceCenter.dll - ok
19:59:49.0834 0x0b00  [ 405F4D32D2185F1F1BD753D8EEAFFB3A, CAC42C3E09C43BE96592B670D70821386014DB22D8239A9CFB9E33E54FB5C3D5 ] C:\Windows\System32\networkexplorer.dll
19:59:49.0834 0x0b00  C:\Windows\System32\networkexplorer.dll - ok
19:59:49.0850 0x0b00  [ 26AFC1F16494FFE66F2197153B342A27, 817436E38F832500E120F196941F2F8392B192262E16D5E52CD5DFAC34749C15 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
19:59:49.0850 0x0b00  C:\Program Files\AVAST Software\Avast\AvastUI.exe - ok
19:59:49.0850 0x0b00  [ 1473768973453DE50DC738C2955FC4DD, 14BC5DA2442CB726ACC1F277DDBECCF5D61E3A0A3E083A55A0BB610191E35220 ] C:\Windows\System32\wdmaud.drv
19:59:49.0850 0x0b00  C:\Windows\System32\wdmaud.drv - ok
19:59:49.0865 0x0b00  [ 8560FFFC8EB3A806DCD4F82252CFC8C6, CC27BC092369A89D6147B16568FEDEB68B584D5738CD686C31F7FAE22ED17B3B ] C:\Windows\System32\ksuser.dll
19:59:49.0865 0x0b00  C:\Windows\System32\ksuser.dll - ok
19:59:49.0865 0x0b00  [ DC220AE6F64819099F7EBD6F137E32E7, B8FE13B859FA83500DD95637FA6D4A5B8392C2A363E41D014D3B5374F636E1DE ] C:\Windows\System32\AudioSes.dll
19:59:49.0865 0x0b00  C:\Windows\System32\AudioSes.dll - ok
19:59:49.0881 0x0b00  [ 10AC5CE9F78DC281A1BBD9B8CC587B8A, 72288C0A88916D3C3828DBD948DBDB0928F26106319F8E60102D6C9004514D60 ] C:\Windows\System32\msacm32.dll
19:59:49.0881 0x0b00  C:\Windows\System32\msacm32.dll - ok
19:59:49.0881 0x0b00  [ 1B7C3A37362C7B2890168C5FC61C8D9B, 03727930E5BB5F9D91BAB901FC9A2E3B795D68E2AEE6A2CC3477F356C45A9C54 ] C:\Windows\System32\msacm32.drv
19:59:49.0881 0x0b00  C:\Windows\System32\msacm32.drv - ok
19:59:49.0896 0x0b00  [ CA2A0750ED830678997695FF61B04C30, E84860CD97AA3C4565ABB2D5D406A5C42B1AD2D8BA1B8CF81FE564D91F15F976 ] C:\Windows\System32\midimap.dll
19:59:49.0896 0x0b00  C:\Windows\System32\midimap.dll - ok
19:59:49.0896 0x0b00  [ 5EDBB34736DD7AC1A73CF8792A835E10, 15E87C449AAF2095273341DD9355D8DF2690340D1DEFAF0DFF034F1CDF4316F8 ] C:\Windows\System32\AudioEng.dll
19:59:49.0896 0x0b00  C:\Windows\System32\AudioEng.dll - ok
19:59:49.0912 0x0b00  [ 0E3DBAB333B4DAB6E423B21DF63EE963, 9796607B93972F57D800C1751B8692357D9CC85AE92F00E32E92AFD197CCD5D9 ] C:\Program Files\AVAST Software\Avast\libcef.dll
19:59:49.0912 0x0b00  C:\Program Files\AVAST Software\Avast\libcef.dll - ok
19:59:49.0912 0x0b00  [ C1395286B822E306B4FE1568A8A77813, 0642B6C793BE0EED5E7D1D2533FC5A01417C50040FC60A8E89BD97CE4A119388 ] C:\Windows\System32\AUDIOKSE.dll
19:59:49.0912 0x0b00  C:\Windows\System32\AUDIOKSE.dll - ok
19:59:49.0928 0x0b00  [ 6F3C559B82F2912354BE5B098744CC8C, EB64E5C02C81588921A65194E1256E80699A1317E7D9A57395CD38C2639C8B08 ] C:\Windows\System32\WMALFXGFXDSP.dll
19:59:49.0928 0x0b00  C:\Windows\System32\WMALFXGFXDSP.dll - ok
19:59:49.0928 0x0b00  [ 54B5DCD55B223BC5DF50B82E1E9E86B1, 025294DD69A421FE4EACAA463F8CB797610D8F3A7A3C61656AE83D0CEE07A9BF ] C:\Windows\System32\mfplat.dll
19:59:49.0928 0x0b00  C:\Windows\System32\mfplat.dll - ok
19:59:49.0943 0x0b00  [ BDAC1AA64495D0F7E1FF810EBBF1F018, 7920E2381307574C5C4562CF1FF8F79F91204102051FCD708FA4E6A941422084 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
19:59:49.0943 0x0b00  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
19:59:49.0943 0x0b00  [ 28CA821606669BB9215CE010767720FA, C8A1F0D6704F8F37CF8AADDFAD511FF27E56E8BCFFD4AC948DFA0329DB1F3A1E ] C:\Windows\SysWOW64\cryptui.dll
19:59:49.0943 0x0b00  C:\Windows\SysWOW64\cryptui.dll - ok
19:59:49.0959 0x0b00  [ B60FF0CC532B9D3E28610F614CDEDB64, C3FCDB73C3F4C3FD823D803CB8AE829458EBD8FAA84FC8BB3739BC4DFAF15C0F ] C:\Program Files\AVAST Software\Avast\aswUtil.dll
19:59:49.0959 0x0b00  C:\Program Files\AVAST Software\Avast\aswUtil.dll - ok
19:59:49.0959 0x0b00  [ B8DE851298E99A005BFD34AA906B3FE8, 33F631C0B561199B5FEB9020FAA99E50EFA9F421D7484FFA640C5561494726DA ] C:\Windows\winsxs\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\mfc110u.dll
19:59:49.0959 0x0b00  C:\Windows\winsxs\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\mfc110u.dll - ok
19:59:49.0959 0x0b00  [ A9FF57EC69F8C593AA3712B3C8F02002, 880E429951D21FE28E2A644B40C267CDF590321EE5EEAC3B3EB56547746BF65F ] C:\Program Files\AVAST Software\Avast\HTMLayout.dll
19:59:49.0959 0x0b00  C:\Program Files\AVAST Software\Avast\HTMLayout.dll - ok
19:59:49.0974 0x0b00  [ 12B437CAD5FC07B3B33CE1C1355BBCC6, 5801749490920DD8CA14C0FC39E8738E5C4024304B639B30983F0B67B317A62E ] C:\Program Files\AVAST Software\Avast\aswAra.dll
19:59:49.0974 0x0b00  C:\Program Files\AVAST Software\Avast\aswAra.dll - ok
19:59:49.0990 0x0b00  [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\Users\JR\AppData\Local\Temp\{D6217D87-8035-484B-BCD8-C7E443B0784E}\{B8F77F7C-6BC0-4C28-BAAF-BEBA70214553}.tmp
19:59:49.0990 0x0b00  C:\Users\JR\AppData\Local\Temp\{D6217D87-8035-484B-BCD8-C7E443B0784E}\{B8F77F7C-6BC0-4C28-BAAF-BEBA70214553}.tmp - ok
19:59:49.0990 0x0b00  [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\Users\JR\AppData\Local\Temp\{D6217D87-8035-484B-BCD8-C7E443B0784E}\{847283C7-7868-4183-BAEE-BA375967F548}.tmp
19:59:49.0990 0x0b00  C:\Users\JR\AppData\Local\Temp\{D6217D87-8035-484B-BCD8-C7E443B0784E}\{847283C7-7868-4183-BAEE-BA375967F548}.tmp - ok
19:59:49.0990 0x0b00  [ 80808656078CFCC32CF8BFEB0DD66279, 383F37599ABF16EEDEB2A60242DB7EDCC3D210A2A59DD61169047059F7041C5C ] C:\Users\JR\AppData\Local\Temp\{D6217D87-8035-484B-BCD8-C7E443B0784E}\{CA99496B-F367-4C70-9314-53AFA94BC9C3}.tmp
19:59:49.0990 0x0b00  C:\Users\JR\AppData\Local\Temp\{D6217D87-8035-484B-BCD8-C7E443B0784E}\{CA99496B-F367-4C70-9314-53AFA94BC9C3}.tmp - ok
19:59:50.0006 0x0b00  [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\Users\JR\AppData\Local\Temp\{D6217D87-8035-484B-BCD8-C7E443B0784E}\{58552F5A-ED36-47C9-A4B7-F2E3A3446EE8}.tmp
19:59:50.0006 0x0b00  C:\Users\JR\AppData\Local\Temp\{D6217D87-8035-484B-BCD8-C7E443B0784E}\{58552F5A-ED36-47C9-A4B7-F2E3A3446EE8}.tmp - ok
19:59:50.0021 0x0b00  [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\Users\JR\AppData\Local\Temp\{D6217D87-8035-484B-BCD8-C7E443B0784E}\{ED9BDC0C-A2F3-46B0-B11D-FA1E5163A5F8}.tmp
19:59:50.0021 0x0b00  C:\Users\JR\AppData\Local\Temp\{D6217D87-8035-484B-BCD8-C7E443B0784E}\{ED9BDC0C-A2F3-46B0-B11D-FA1E5163A5F8}.tmp - ok
19:59:50.0021 0x0b00  [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\Users\JR\AppData\Local\Temp\{D6217D87-8035-484B-BCD8-C7E443B0784E}\{A7806278-DF45-479D-8784-B19A34BDCC0D}.tmp
19:59:50.0021 0x0b00  C:\Users\JR\AppData\Local\Temp\{D6217D87-8035-484B-BCD8-C7E443B0784E}\{A7806278-DF45-479D-8784-B19A34BDCC0D}.tmp - ok
19:59:50.0037 0x0b00  [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\Users\JR\AppData\Local\Temp\{D6217D87-8035-484B-BCD8-C7E443B0784E}\{1159F061-3DBA-4685-A13C-9BD6CBEFDCBD}.tmp
19:59:50.0037 0x0b00  C:\Users\JR\AppData\Local\Temp\{D6217D87-8035-484B-BCD8-C7E443B0784E}\{1159F061-3DBA-4685-A13C-9BD6CBEFDCBD}.tmp - ok
19:59:50.0037 0x0b00  [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\Users\JR\AppData\Local\Temp\{D6217D87-8035-484B-BCD8-C7E443B0784E}\{C73F22C5-30B2-4E41-80CE-E8A02A4A9C7B}.tmp
19:59:50.0037 0x0b00  C:\Users\JR\AppData\Local\Temp\{D6217D87-8035-484B-BCD8-C7E443B0784E}\{C73F22C5-30B2-4E41-80CE-E8A02A4A9C7B}.tmp - ok
19:59:50.0052 0x0b00  [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\Users\JR\AppData\Local\Temp\{D6217D87-8035-484B-BCD8-C7E443B0784E}\{C48C3892-FC78-4784-81F5-5EE720689123}.tmp
19:59:50.0052 0x0b00  C:\Users\JR\AppData\Local\Temp\{D6217D87-8035-484B-BCD8-C7E443B0784E}\{C48C3892-FC78-4784-81F5-5EE720689123}.tmp - ok
19:59:50.0052 0x0b00  [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\Users\JR\AppData\Local\Temp\{D6217D87-8035-484B-BCD8-C7E443B0784E}\{59CDB048-B799-42D4-9678-3E1CF0BFE7B0}.tmp
19:59:50.0052 0x0b00  C:\Users\JR\AppData\Local\Temp\{D6217D87-8035-484B-BCD8-C7E443B0784E}\{59CDB048-B799-42D4-9678-3E1CF0BFE7B0}.tmp - ok
19:59:50.0068 0x0b00  [ 7EBD87A09658779205891D08F37AB234, 7A65E37BCA021422851110E0C06E8A60F94F4E954FDF86E6DC19E53FBCC0FD8A ] C:\Program Files\AVAST Software\Avast\aswData.dll
19:59:50.0068 0x0b00  C:\Program Files\AVAST Software\Avast\aswData.dll - ok
19:59:50.0068 0x0b00  [ 1AD8512A5C40AD1A0558498D8E0AC2AA, 7DCA8A7C130243FF41B1E04F50D0BA3EBB48E6A37C275FD0FF0AA8509FD2A555 ] C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
19:59:50.0068 0x0b00  C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe - ok
19:59:50.0084 0x0b00  [ 38C2DFFAF625F42EAD1B79F6B3C80EA8, 41C29D59EC1E83F973A6A6F9B7114C739A3BAE86745766A68B7FB560EE5B560B ] C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll
19:59:50.0084 0x0b00  C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll - ok
19:59:50.0084 0x0b00  [ 59FD0296E32362CD7A3E66A028B56B9A, 1D1BFCCDAFCAC4EF522067B098A4EF336BD4E7785B43FBCCAC8B74C9B262B72D ] C:\Program Files\AVAST Software\Avast\CommonRes.dll
19:59:50.0084 0x0b00  C:\Program Files\AVAST Software\Avast\CommonRes.dll - ok
19:59:50.0099 0x0b00  [ 544EFF88AC6C85DF5A4D6F18DFE08CFC, D688381F42062FD5D868E7770857C5951C41BA20A1B6E6F60B5D9536C02CD293 ] C:\Windows\SysWOW64\taskschd.dll
19:59:50.0099 0x0b00  C:\Windows\SysWOW64\taskschd.dll - ok
19:59:50.0099 0x0b00  [ 7BF5EA753D4CC056B9462A02AC51B160, 34AC885FA8C9D982D3A9FC139BEB031320FDD8AFA06FF5DDDDC8BA4CA1F09EEF ] C:\Windows\SysWOW64\xmllite.dll
19:59:50.0099 0x0b00  C:\Windows\SysWOW64\xmllite.dll - ok
19:59:50.0099 0x0b00  [ 1C9279122415243F236D337A09BF5360, AF7948C239B28F38491907CEE5CDE17D1CE66CB1D62F8CF7377A1C33C02016CF ] C:\Program Files\AVAST Software\Avast\aswRemoteCache.dll
19:59:50.0099 0x0b00  C:\Program Files\AVAST Software\Avast\aswRemoteCache.dll - ok
19:59:50.0115 0x0b00  [ 6C636F85AE27B1B2C789599BB1136F9D, ECF094DEA718A6FDA4AA35F4030AD705B6FDF560FAD2249B48A93BE5A394E259 ] C:\Program Files\AVAST Software\Avast\aswResourceLib.dll
19:59:50.0115 0x0b00  C:\Program Files\AVAST Software\Avast\aswResourceLib.dll - ok
19:59:50.0115 0x0b00  [ 102CF6879887BBE846A00C459E6D4ABC, A4C51C79CF95D5C79DCEFB02946A09A987FEAF83CE2EE1BA7677EBA90869AC80 ] C:\Windows\SysWOW64\riched20.dll
19:59:50.0115 0x0b00  C:\Windows\SysWOW64\riched20.dll - ok
19:59:50.0130 0x0b00  [ E2A17BCC08D92F42E08AF6BA2F93ABA7, 5FC9D47BF4B1094BECC0C0DDCD5CD4318DD3E4495D982F8785331616D5B82599 ] C:\Windows\SysWOW64\ExplorerFrame.dll
19:59:50.0130 0x0b00  C:\Windows\SysWOW64\ExplorerFrame.dll - ok
19:59:50.0130 0x0b00  [ 5BE1CD443E2D6495E22CBB40D532E1F0, 4C7CE9A5C2FC18EE5A58F88EBEA209138DFBB9721BE91611FB5C613AA64CABAE ] C:\Program Files\AVAST Software\Avast\icudt.dll
19:59:50.0130 0x0b00  C:\Program Files\AVAST Software\Avast\icudt.dll - ok
19:59:50.0146 0x0b00  [ 6E1F8165C365D35C8E3C045AF0CDD481, B861360D0A014265A0BEB4CC2FE31EA05AE95120E8B07820C13A044D64C00E2B ] C:\Windows\SysWOW64\duser.dll
19:59:50.0146 0x0b00  C:\Windows\SysWOW64\duser.dll - ok
19:59:50.0146 0x0b00  [ EE06B85BC69F18826302348A2AD089E0, 417205797CC9F6C986A863A61179784D9ADCAF1961EF8A4D9042D73C5A86509A ] C:\Windows\SysWOW64\dui70.dll
19:59:50.0146 0x0b00  C:\Windows\SysWOW64\dui70.dll - ok
19:59:50.0162 0x0b00  [ 521202AA6F2B74FCCC6BC7E162109D71, 3B2F41EFDA68C82D9D50AF329AC9B403C806CBE74F87917CDB350E542ADDA017 ] C:\Windows\System32\wbem\unsecapp.exe
19:59:50.0162 0x0b00  C:\Windows\System32\wbem\unsecapp.exe - ok
19:59:50.0162 0x0b00  [ 465B48A225A741F723DF9773914E5613, BDEC778E29C1C3ECD8CEBA65AB988C43B4703B8EF9C7A7FFB07DB718317F32E1 ] C:\Program Files\AVAST Software\Avast\setup\aswOfferTool.exe
19:59:50.0162 0x0b00  C:\Program Files\AVAST Software\Avast\setup\aswOfferTool.exe - ok
19:59:50.0177 0x0b00  [ 3630722DCAA17C8B40C226C202D8D682, F51429F170E4292985CA11C7CA8E02BFD0E3BCA21666634FBB516A5542C79C20 ] C:\Program Files\AVAST Software\Avast\setup\gcapi_14057315652708.dll
19:59:50.0177 0x0b00  C:\Program Files\AVAST Software\Avast\setup\gcapi_14057315652708.dll - ok
19:59:50.0177 0x0b00  [ 220159496484D34009DE71CA1A68E0D4, 94BD3DEB4E84F95D80BE5775E5A612EFF181ECB212FB668674C67AD19194DE69 ] C:\Windows\System32\wbem\NCProv.dll
19:59:50.0177 0x0b00  C:\Windows\System32\wbem\NCProv.dll - ok
19:59:50.0193 0x0b00  [ E8A514DBCA8CD38B7566835610CE1D63, 1FAA087CB48DE151FDC750E476706F27ACAE3516C3B0E421B7C69BDFF5654C3F ] C:\Program Files\AVAST Software\Avast\defs\14071801\uiext.dll
19:59:50.0193 0x0b00  C:\Program Files\AVAST Software\Avast\defs\14071801\uiext.dll - ok
19:59:50.0193 0x0b00  [ 521B748A7F9923302CA18B7E6AA2EEAE, 6243D4F29B28242E308359624B5E68AC8A57D811521193487973794EDCE55787 ] C:\Windows\SysWOW64\activeds.dll
19:59:50.0193 0x0b00  C:\Windows\SysWOW64\activeds.dll - ok
19:59:50.0208 0x0b00  [ 51F5CC1E7DA3D9C664C2D0D61F315E06, 0A50A35863C9679E8DFC0783D5F1F6411010873738C6B1D90B7E993D2C6CFB06 ] C:\Windows\SysWOW64\adsldpc.dll
19:59:50.0208 0x0b00  C:\Windows\SysWOW64\adsldpc.dll - ok
19:59:50.0224 0x0b00  [ F10E5311E5093FA3C00FF88C54C32FCA, B557F5B00D77F030850D9AAC0FFEFC4C2A759EC4081C8459C9DEAE51BAAACC65 ] C:\Windows\SysWOW64\atl.dll
19:59:50.0224 0x0b00  C:\Windows\SysWOW64\atl.dll - ok
19:59:50.0224 0x0b00  [ 3E709F7BFA217CD3B6FC338780465E20, 16A9E500285CEF2C1CCFA71DDFCC1F3B0E6E03711780F5B3764FF855FC8250AF ] C:\Windows\SysWOW64\adsldp.dll
19:59:50.0224 0x0b00  C:\Windows\SysWOW64\adsldp.dll - ok
19:59:50.0240 0x0b00  [ 8EA53101FF2B15BDFF934B62A8FB326D, E28536A4AC6764C2480EF047AF2312AE2600819899C3E33B486CFE19F25AC464 ] C:\Windows\SysWOW64\logoncli.dll
19:59:50.0240 0x0b00  C:\Windows\SysWOW64\logoncli.dll - ok
19:59:50.0240 0x0b00  [ C3761661C17C2248A9379A8FB89E3DE1, CE3477FA2B4058EB80739E0161FE957545F13CF86D313F6422732901D35F75F2 ] C:\Windows\System32\stobject.dll
19:59:50.0240 0x0b00  C:\Windows\System32\stobject.dll - ok
19:59:50.0255 0x0b00  [ F832EEEA97CDDA1AF577E721F652A0D1, EBBB7CA199BA4DF231123922BD310D43DE0104C6185B70FE0281B938D5336F2E ] C:\Windows\System32\batmeter.dll
19:59:50.0255 0x0b00  C:\Windows\System32\batmeter.dll - ok
19:59:50.0255 0x0b00  [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122, E7EA375A3BDE8FC764CB09524344370B9EE25F98AD6C83E6F37A569EB8D277D6 ] C:\Windows\System32\prnfldr.dll
19:59:50.0255 0x0b00  C:\Windows\System32\prnfldr.dll - ok
19:59:50.0271 0x0b00  [ 0015ACFBBDD164A8A730009908868CA7, E1FF243AD2CF959FAB81EFE701592414991C03416FF296ADC93906E76B707C4D ] C:\Windows\System32\winspool.drv
19:59:50.0271 0x0b00  C:\Windows\System32\winspool.drv - ok
19:59:50.0271 0x0b00  [ 42A9CB6906D9A8BEDC83B57163E62924, E18522D3137653140757829EFBFCE624A5BAA5842E2BBA10B9E5AB6C84BE49E1 ] C:\Windows\System32\DXP.dll
19:59:50.0271 0x0b00  C:\Windows\System32\DXP.dll - ok
19:59:50.0286 0x0b00  [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891, 0A82A475301202791A7C10F978F952EAB7DB146A702D4EA67E24E2C98BC19638 ] C:\Windows\System32\Syncreg.dll
19:59:50.0286 0x0b00  C:\Windows\System32\Syncreg.dll - ok
19:59:50.0286 0x0b00  [ C836175870E00ACC546066632E15BD10, 4347F3319C26DA1C38F395C74DBD67AF886149C8F29EDE765DD96C8480A3054A ] C:\Windows\ehome\ehSSO.dll
19:59:50.0286 0x0b00  C:\Windows\ehome\ehSSO.dll - ok
19:59:50.0302 0x0b00  [ E7368F0A8D19445EAF5C5D0DBB8B8DAB, CF9082360E32A7C3E13A67AC2C6192F4A76870D43DA9FF2936993A637F712761 ] C:\Windows\System32\AltTab.dll
19:59:50.0302 0x0b00  C:\Windows\System32\AltTab.dll - ok
19:59:50.0302 0x0b00  [ C8FDF0FA9E97E2FAAF3F814716AAA881, DD24A1CAB44D943B0E1A795A347AD25D9305FC7F012A2566A6A14BD47221831F ] C:\Windows\System32\WPDShServiceObj.dll
19:59:50.0302 0x0b00  C:\Windows\System32\WPDShServiceObj.dll - ok
19:59:50.0318 0x0b00  [ 4F3CD1C59EA71401E155C432BCECE180, 6D4118A627CAE509E43D0CC0062EECAA0990C955BB15AE24834460551B2F51A2 ] C:\Windows\System32\PortableDeviceTypes.dll
19:59:50.0318 0x0b00  C:\Windows\System32\PortableDeviceTypes.dll - ok
19:59:50.0318 0x0b00  [ 10F815BE90A66AAFC6C713D1BD626064, 01139FC04BC53594296F6A0E16B8D20B940F64BC8119FE7705C03C4947958F39 ] C:\Windows\System32\pnidui.dll
19:59:50.0333 0x0b00  C:\Windows\System32\pnidui.dll - ok
19:59:50.0333 0x0b00  [ B9F0A4020AA98B7A20287BF7FE99A1FD, 21138F161EEEA46198890C7A2D073F2C82829E15676131BDAD9F237EDC7477CD ] C:\Windows\System32\QUTIL.DLL
19:59:50.0333 0x0b00  C:\Windows\System32\QUTIL.DLL - ok
19:59:50.0349 0x0b00  [ AD31942BDF3D594C404874613BC2FE4D, 704F4A48FA91B8A22604FF740B506C3B28766F8DFADB9D11814602FAA00EDFAB ] C:\Windows\System32\SearchIndexer.exe
19:59:50.0349 0x0b00  C:\Windows\System32\SearchIndexer.exe - ok
19:59:50.0349 0x0b00  [ 8569E35D00F45972E506502EEE622BA4, 01FE851C03DB88C8373099C279F995A559D962B08932E193032FA3EAD522FB01 ] C:\Windows\System32\srchadmin.dll
19:59:50.0349 0x0b00  C:\Windows\System32\srchadmin.dll - ok
19:59:50.0364 0x0b00  [ 6C597496AB646EB9F31C68241050F771, 4107FC16395C80443B999DB547EA6DA5D511D70B49901F97E29858B35C046E8F ] C:\Windows\System32\tquery.dll
19:59:50.0364 0x0b00  C:\Windows\System32\tquery.dll - ok
19:59:50.0364 0x0b00  [ D2155709E336C3BC15729EB87FEC6064, 682A84C0F2D892E7A6CEE4E5937B4799E352AAE3B71E7037F2A343373467443C ] C:\Windows\System32\rasdlg.dll
19:59:50.0364 0x0b00  C:\Windows\System32\rasdlg.dll - ok
19:59:50.0380 0x0b00  [ 017F5CE9BC2333FE0FB738B0A9C13C2F, AA4F0C8AE81E9FA9FB198D9EDB3BBBF1FC4C0FB03388089C0F7E96D496038218 ] C:\Windows\System32\mssrch.dll
19:59:50.0380 0x0b00  C:\Windows\System32\mssrch.dll - ok
19:59:50.0380 0x0b00  [ 5DA219F57A9076FB6FBD3C9C3713A672, 274FE616625B336D81841FDC752C8053D4CD6926565B899760D298D145CBA1A3 ] C:\Windows\System32\WWanAPI.dll
19:59:50.0380 0x0b00  C:\Windows\System32\WWanAPI.dll - ok
19:59:50.0380 0x0b00  [ 62C7AACC746C9723468A8F2169ED3E85, 40E901F3EAFE52DF11D6BC4EF0E79F666EBDACE0B3C090CAD2358076E893EA47 ] C:\Windows\System32\wwapi.dll
19:59:50.0380 0x0b00  C:\Windows\System32\wwapi.dll - ok
19:59:50.0396 0x0b00  [ D63F0353F632FB1EDE724173BE6DB5B5, 82FC79B99BD5D99231CE6701CBACA94ED6F6EC5B7EC0F00F63FC942B2D06568E ] C:\Windows\System32\esent.dll
19:59:50.0396 0x0b00  C:\Windows\System32\esent.dll - ok
19:59:50.0396 0x0b00  [ 6B851E682A36453E1B1EE297FFB6E2AB, A641D3FD9463C4788B45B8B5584EA4489C1F63A71B4B595AE85FF3482CD5EDA6 ] C:\Windows\System32\QAGENT.DLL
19:59:50.0396 0x0b00  C:\Windows\System32\QAGENT.DLL - ok
19:59:50.0411 0x0b00  [ F7A256EC899C72B4ECDD2C02CB592EFD, 9C1AA9322E83CABB94AEA4375EAEB0C44700E1F33B8BE98649BA1DF4DDFAD326 ] C:\Windows\System32\bthprops.cpl
19:59:50.0411 0x0b00  C:\Windows\System32\bthprops.cpl - ok
19:59:50.0411 0x0b00  [ F1115299B9F4C983BC4523B33E3A506C, 01A1D8B3E5CF727F92F4A43D5C5F81022127D58A850D29D3F084AD411EFBC9DD ] C:\Windows\System32\ieframe.dll
19:59:50.0411 0x0b00  C:\Windows\System32\ieframe.dll - ok
19:59:50.0427 0x0b00  [ 3121A79D13A61562BE9CC902CD46B542, 00A5833A48338A4A9A5530844924AF4F1FAB618DA46D7EBBC6E2165C32ED376C ] C:\Windows\System32\msidle.dll
19:59:50.0427 0x0b00  C:\Windows\System32\msidle.dll - ok
19:59:50.0427 0x0b00  [ ACE1BB07E0377E37A2C514CD2EC119B1, A9AFA4774DFA875496764D6E541A6333A3ACD3C5D2BBEF753C2D80BA83B4AC15 ] C:\Windows\System32\mssprxy.dll
19:59:50.0427 0x0b00  C:\Windows\System32\mssprxy.dll - ok
19:59:50.0442 0x0b00  [ C9FB9038B15036CA28CF0B4BE2BED9BD, 0F56384E798B3F725FFEFC6E31A980DA31F620DB847F601273EF19E8CE74A226 ] C:\Windows\System32\en-US\tquery.dll.mui
19:59:50.0442 0x0b00  C:\Windows\System32\en-US\tquery.dll.mui - ok
19:59:50.0442 0x0b00  [ 9869A4A10B90546DBD56947839FB4B87, 66C84DCF39D9F6896D55B1623184A028891A0A98ABE6044DE1D4BAD60C3C8D72 ] C:\Windows\System32\oleacc.dll
19:59:50.0442 0x0b00  C:\Windows\System32\oleacc.dll - ok
19:59:50.0442 0x0b00  [ 92DBF0A4C9239169010FC6E07859C82E, 00FB2CF4420F0FFEF519AFE732A708CF249640121E2A891CAA164313ABD7F804 ] C:\Windows\System32\ActionCenter.dll
19:59:50.0442 0x0b00  C:\Windows\System32\ActionCenter.dll - ok
19:59:50.0458 0x0b00  [ 47B8DEBEC68FACCD026F99CAE8698C93, 99EEFC2B43402E59A48BEC326A811B25E25DCDA3ECA12D5C2D9B529DA74564DA ] C:\Windows\System32\webcheck.dll
19:59:50.0458 0x0b00  C:\Windows\System32\webcheck.dll - ok
19:59:50.0458 0x0b00  [ 42EC9065D9BF266ADE924B066C783A56, 4AC002E90A52CB0998DA78F2995294EE77B89FB2BE709B0E3C8E1627212BCCDC ] C:\Windows\System32\SearchProtocolHost.exe
19:59:50.0458 0x0b00  C:\Windows\System32\SearchProtocolHost.exe - ok
19:59:50.0474 0x0b00  [ 8494E126F0B10180F3293AF861CE1F7A, 538B1F30423DB2398E611BC46C80150C090698E633BABF7362F7060DBF0C3064 ] C:\Windows\System32\mlang.dll
19:59:50.0474 0x0b00  C:\Windows\System32\mlang.dll - ok
19:59:50.0474 0x0b00  [ D2A5B2B09F2AF5ED13BF494508B09788, 3FA04E84EC5A575E7804E44BA3BF1C4143E53C4ACF6C823CD029711529B0BE2C ] C:\Windows\System32\msshooks.dll
19:59:50.0474 0x0b00  C:\Windows\System32\msshooks.dll - ok
19:59:50.0489 0x0b00  [ 52D56D1013D4F1B99102679314CC5325, F8F6C41FEC774C71A85C91DFEB057076D018E5A64CE1D7B7D9D202CA65B34758 ] C:\Windows\System32\SearchFilterHost.exe
19:59:50.0489 0x0b00  C:\Windows\System32\SearchFilterHost.exe - ok
19:59:50.0489 0x0b00  [ A08C010D859F8EB42BDD7E1D55B8CA27, F86EAFBF7AA41D8425156C07398EDC3BD42F1690BD3E15D27AEF2EDA86549F15 ] C:\Windows\System32\mscoree.dll
19:59:50.0489 0x0b00  C:\Windows\System32\mscoree.dll - ok
19:59:50.0489 0x0b00  [ 101797BA603D227946B4B5109867EB19, EBF2B48D1A4FE148F455EA32023ABC0D479215D48C7CE76E765F199CD3C80AF8 ] C:\Windows\System32\SyncCenter.dll
19:59:50.0489 0x0b00  C:\Windows\System32\SyncCenter.dll - ok
19:59:50.0505 0x0b00  [ 667224FF4FD48B182F574AA96E93267C, C57AEB2BBA9088507DE319C65FB2D71ECA346D40A16911742FC10E05133EC583 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
19:59:50.0505 0x0b00  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
19:59:50.0505 0x0b00  [ ABDBABE3A7D2222B3A0DB1B8B9CAD16E, C1852121F9ADB5D2B46C73334C6E8B3CF6B7BB431520C6937F1CAFAD19AA194E ] C:\Windows\System32\mssph.dll
19:59:50.0505 0x0b00  C:\Windows\System32\mssph.dll - ok
19:59:50.0520 0x0b00  [ 8130391F82D52D36C0441F714136957F, 1FD4FEE7CAF63E450F27729E07EA2A2F09288629FD872DBB6E8710B16D8DBD5D ] C:\Windows\System32\imapi2.dll
19:59:50.0520 0x0b00  C:\Windows\System32\imapi2.dll - ok
19:59:50.0520 0x0b00  [ 8F4BB0CFECED925D440ABC2481278360, 0A87E7E1B38300E211F2ECA10BFB9831CF79B128DEB9D7AB0AA6A715197FF2DD ] C:\Windows\System32\mapi32.dll
19:59:50.0520 0x0b00  C:\Windows\System32\mapi32.dll - ok
19:59:50.0536 0x0b00  [ 01E2855FB06C422E721D890AF201C2D7, 9CAA197D5CE95AABFC8C09EA2137E73C7A0EF37CE0459508C663F7B2D758E57F ] C:\Windows\System32\NaturalLanguage6.dll
19:59:50.0536 0x0b00  C:\Windows\System32\NaturalLanguage6.dll - ok
19:59:50.0536 0x0b00  [ 6A5C1A8AC0B572679361026D0E900420, B5E693B48B462E97738A3D4E58B60846159649EB15F4D11074B4BC107CC88562 ] C:\Windows\System32\hgcpl.dll
19:59:50.0536 0x0b00  C:\Windows\System32\hgcpl.dll - ok
19:59:50.0552 0x0b00  [ 701D9F5F3F21580936638D5C5F86B460, 2F187684F61C72AACF8274EA29B48DAAC6C8377F791843914AABF5DAB3760980 ] C:\Windows\System32\NlsData0009.dll
19:59:50.0552 0x0b00  C:\Windows\System32\NlsData0009.dll - ok
19:59:50.0552 0x0b00  ================ Scan generic autorun ======================
19:59:50.0848 0x0b00  [ 26AFC1F16494FFE66F2197153B342A27, 817436E38F832500E120F196941F2F8392B192262E16D5E52CD5DFAC34749C15 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
19:59:50.0942 0x0b00  AvastUI.exe - ok
19:59:50.0942 0x0b00  Sidebar - ok
19:59:50.0973 0x0b00  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:59:50.0973 0x0b00  mctadmin - ok
19:59:50.0973 0x0b00  Sidebar - ok
19:59:50.0988 0x0b00  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:59:50.0988 0x0b00  mctadmin - ok
19:59:50.0988 0x0b00  Waiting for KSN requests completion. In queue: 296
19:59:52.0002 0x0b00  Waiting for KSN requests completion. In queue: 3
19:59:53.0016 0x0b00  Waiting for KSN requests completion. In queue: 3
19:59:54.0030 0x0b00  Waiting for KSN requests completion. In queue: 3
19:59:55.0044 0x0b00  Waiting for KSN requests completion. In queue: 3
19:59:56.0121 0x0b00  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2021.515 ), 0x42000 ( disabled : updated )
19:59:56.0168 0x0b00  Win FW state via NFP2: enabled
19:59:59.0210 0x0b00  ============================================================
19:59:59.0210 0x0b00  Scan finished
19:59:59.0210 0x0b00  ============================================================
19:59:59.0210 0x0af8  Detected object count: 0
19:59:59.0210 0x0af8  Actual detected object count: 0
20:00:21.0830 0x0918  Deinitialize success


#8 bigrobifer

bigrobifer
  • Topic Starter

  • Members
  • 92 posts
  • OFFLINE
  •  
  • Local time:04:54 AM

Posted 19 July 2014 - 03:24 AM

I just seen this, my recycle bin has the "dont move files to the recycle bin, delete files immediatly" option checked. But when i deleted a few thing just now ( a folder and zip file and txt file) they go to the recycle bin. 

found the panther folder and its in drive x: or something is. Probably where my missing 3gb of hard drive space went. My fonts and screen res are normal at the moment as well. I think its dormant or something until i update. Waiting on you to tell me that. I'm running a shutdown/bootup full system scan with avast if it finds anything i'll post results. Or at least what it finds since the forum might not allow that tool.

Feel like i'm chasing something that aint here an really wish there was another answer to how the computer behaves.


Edited by bigrobifer, 19 July 2014 - 04:19 AM.


#9 nasdaq

nasdaq

  • Malware Response Team
  • 38,936 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:54 AM

Posted 19 July 2014 - 07:55 AM

When i was installing this earlier i wasnt given the option to format so now there is a "windows.old" folder. After going through the steps to take ownership then change persmission on the folder (windows.old) and its contents i was still unable to delete it.


Follow the instructions on this page.

http://windows.microsoft.com/en-ca/windows7/how-do-i-remove-the-windows-old-folder

If you do this cleanup and your computer is not running correctly you will not be able to restore this windows.old folder.
You may want to wait a week or so.

#10 bigrobifer

bigrobifer
  • Topic Starter

  • Members
  • 92 posts
  • OFFLINE
  •  
  • Local time:04:54 AM

Posted 19 July 2014 - 02:40 PM

Running disk clean as elevated cleaned it out. 

Last night i disabled usb ports before i shut down. They're still in disabled state. I just ran a bios run-in test this morning and everything passed. However during the startup afterwards my speakers started started crackiling again, from one speaker to the other. When this happens muting doesnt stop it but disabling the driver will. At the moment though my disabled drivers are staying disabled. 

I'm wondering if it could be flash player thats the problem because i've seen before the "flashplayer x mui" in the all programs list where before - without adding any downloads or installs and all the auto updates off- this appeared out of nowhere and after looking at the adobe site for it, it's a zip file language pack for abobe reader 10. So this file downloaded itself and unzipped itself and installed itself. Odd things like that make me know i'm not just being weird. 

After looking over the avast log there are missing services that are directly related to what i have seen as going on. I dont know what it means but i dont see how its good either. I thought i was being placed in a domain and it seems like the domain services are missing. I thought it strange that the DTC was starting out of disablement at one time and the DTCBRIGDE service is missing. The LSA service is missing.Several other important services are question marked with no file path. Is it ok if i post the log.

 I have made no changes to computer and other than the avast computer scan last night i've ran no other scan. Except the startup test which tells me i have a total of 3,109,068,800 bytes but in disk man i only have a total of 298.09 gb. I did a blind erase of x: drive in the alt shell before this reinstall and that seemed to really cause problems. The system reserve i named F: and it's bootlog.txt is being used by another process??? 

Also i have a cursor blinking as soon as i power up. Once at the hp start screen where i hit esc to go to bios options and then there two blinks after that first screen while i have option open to go into f8 options. I'm looking at intel to find out what these means but since my gpu is integreated with the chip doesnt that mean theres memory in the gpu.



#11 bigrobifer

bigrobifer
  • Topic Starter

  • Members
  • 92 posts
  • OFFLINE
  •  
  • Local time:04:54 AM

Posted 19 July 2014 - 02:56 PM

Wasn't going to post this until requested. Then i went and googled what it means and wanted to show you. This came from the scan last night.

 

FilterEngine.log

AswNsfBFEStateThread::ThreadProcedure - QueryBFEServiceState Unable detect trensition from 0x4 to 0x4 state!
Not All buffers (2) from pool freed!!!
 
AswNsfBFEStateThread::ThreadProcedure - QueryBFEServiceState Unable detect trensition from 0x4 to 0x4 state!
AswNsfBFEStateThread::ThreadProcedure - QueryBFEServiceState Unable detect trensition from 0x4 to 0x4 state!
AswNsfBFEStateThread::ThreadProcedure - QueryBFEServiceState Unable detect trensition from 0x4 to 0x4 state!


#12 bigrobifer

bigrobifer
  • Topic Starter

  • Members
  • 92 posts
  • OFFLINE
  •  
  • Local time:04:54 AM

Posted 19 July 2014 - 03:18 PM

List of services the avast scan couldn't pick up on.

 

Service .NETFramework [???] 
Service BattC [???] 
Service BTHPORT [???]
Service crypt32 [???]
Service DCLocator [???] 
Service ESENT [???]
Service inetaccs [???] 
Service ldap [???] 
Service Lsa [???]
Service MSDTC Bridge 3.0.0.0 [???] 
Service MSDTC Bridge 4.0.0.0 [???]
Service MSSCNTRS [???]
Service NTDS [???]
Service PerfDisk [???] 
Service PerfNet [???] 
Service PerfOS [???] 
Service PerfProc [???] 
Service PortProxy [???]
Service RDPDD [???]
Service RDPNP [???]
Service ServiceModelEndpoint 3.0.0.0 [???] 
Service ServiceModelOperation 3.0.0.0 [???] 
Service ServiceModelService 3.0.0.0 [???] 
Service SMSvcHost 3.0.0.0 [???] 
Service SMSvcHost 4.0.0.0 [???] 
Service TCPIP6TUNNEL [???] 
Service TCPIPTUNNEL [???]
Service TSDDD [???] 
Service UGatherer [???] 
Service UGTHRSVC [???] 
Service W3SVC [???]
Service Windows Workflow Foundation 3.0.0.0 [???] 
Service WinSock2 [???] 
Service WmiApRpl [???]
Service WSearchIdxPi [???]
Service xmlprov [???] 
Service {C0E6CD13-BB00-493E-B217-05E079AF5480} [???] 


#13 nasdaq

nasdaq

  • Malware Response Team
  • 38,936 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:54 AM

Posted 20 July 2014 - 08:16 AM

--RogueKiller--
  • Download & SAVE to your Desktop For 32bit system or For 64bit system
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+
=======

Download the correct version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
===

Wait for further instructions.

#14 bigrobifer

bigrobifer
  • Topic Starter

  • Members
  • 92 posts
  • OFFLINE
  •  
  • Local time:04:54 AM

Posted 20 July 2014 - 02:40 PM

I looked these over and couldnt really find nothing that seemed out of the ordinary. Except the Webpages being list as "hxxp". And the fact that the cd in the tray is 4.7gb large and got formatted last night.

 

RogueKiller V9.2.3.0 (x64) [Jul 11 2014] by Adlice Software
 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : JR [Admin rights]
Mode : Scan -- Date : 07/20/2014  13:49:44
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 17 ¤¤¤
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\aswVmm -> FOUND
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswVmm -> FOUND
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\aswVmm -> FOUND
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-503078625-2848256228-344015782-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyDocs : 2  -> FOUND
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-503078625-2848256228-344015782-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowDownloads : 2  -> FOUND
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-503078625-2848256228-344015782-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0  -> FOUND
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-503078625-2848256228-344015782-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyMusic : 0  -> FOUND
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-503078625-2848256228-344015782-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyPics : 0  -> FOUND
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-503078625-2848256228-344015782-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyDocs : 2  -> FOUND
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-503078625-2848256228-344015782-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowDownloads : 2  -> FOUND
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-503078625-2848256228-344015782-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0  -> FOUND
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-503078625-2848256228-344015782-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyMusic : 0  -> FOUND
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-503078625-2848256228-344015782-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyPics : 0  -> FOUND
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> FOUND
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> FOUND
 
¤¤¤ Scheduled tasks : 0 ¤¤¤
 
¤¤¤ Files : 0 ¤¤¤
 
¤¤¤ HOSTS File : 0 ¤¤¤
 
¤¤¤ Antirootkit : 0 (Driver: LOADED) ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: TOSHIBA MK3261GSYN ATA Device +++++
--- User ---
[MBR] 5df23ee9a2f87968179c04210cb4ed3d
[BSP] 2d9a4dd91beed54005e24057450319fe : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 205144 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 420341760 | Size: 99998 MB
User = LL1 ... OK
User = LL2 ... OK
____________________________________________________________________________________________________________________________________________________
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-07-2014
Ran by JR (administrator) on JR-PC on 20-07-2014 13:55:22
Running from C:\Users\JR\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-07-18] (AVAST Software)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun 
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun 
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x83A4E229C5A2CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-18]
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR Extension: (Angry Birds) - C:\Users\JR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-07-18]
CHR Extension: (Google Docs) - C:\Users\JR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-18]
CHR Extension: (Google Drive) - C:\Users\JR\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-18]
CHR Extension: (Website Protection) - C:\Users\JR\AppData\Local\Google\Chrome\User Data\Default\Extensions\beiopafefbkbokhfglgppmhpeobgpmed [2014-07-18]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\JR\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-18]
CHR Extension: (YouTube) - C:\Users\JR\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-18]
CHR Extension: (Google Search) - C:\Users\JR\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-18]
CHR Extension: (AdPend Exchange Network) - C:\Users\JR\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfjdkdceleofajflfmefffopfpodglfd [2014-07-18]
CHR Extension: (Turkopticon) - C:\Users\JR\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgefbojfgdddnignhmfmnencgiloojpe [2014-07-18]
CHR Extension: (Tampermonkey) - C:\Users\JR\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2014-07-18]
CHR Extension: (MindMup - Free Mind Map web site) - C:\Users\JR\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnenaecjcgeppfpaokiifokeieopppej [2014-07-18]
CHR Extension: (Sumo Paint) - C:\Users\JR\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpgjihldbpodlmnjolekemlfbcajnmod [2014-07-18]
CHR Extension: (Authy) - C:\Users\JR\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaedmjdfmmahhbjefcbgaolhhanlaolb [2014-07-18]
CHR Extension: (avast! Online Security) - C:\Users\JR\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-07-18]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\JR\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-07-18]
CHR Extension: (CoinURL) - C:\Users\JR\AppData\Local\Google\Chrome\User Data\Default\Extensions\hioofbdebnagjphoejaimfoklbcemnfh [2014-07-18]
CHR Extension: (Seymour: Personal Typist) - C:\Users\JR\AppData\Local\Google\Chrome\User Data\Default\Extensions\iakakkmhombdnngelgjejblefgljkded [2014-07-18]
CHR Extension: (Pixlr Editor) - C:\Users\JR\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmaknaampgiegkcjlimdiidlhopknpk [2014-07-18]
CHR Extension: (KryptoKit Bitcoin Wallet) - C:\Users\JR\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhhipingoaiddcoalochnbjlkifbpmoj [2014-07-18]
CHR Extension: (Google Wallet) - C:\Users\JR\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-18]
CHR Extension: (Context Menu Search) - C:\Users\JR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocpcmghnefmdhljkoiapafejjohldoga [2014-07-18]
CHR Extension: (ScriptSafe) - C:\Users\JR\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf [2014-07-18]
CHR Extension: (Gmail) - C:\Users\JR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-18]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-18]
 
==================== Services (Whitelisted) =================
 
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-18] (AVAST Software)
S3 RealtekSE; C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlService.exe [36864 2010-04-16] (Realtek) [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-18] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-18] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-18] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-18] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-18] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-18] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-18] (AVAST Software)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 aswVmm; \??\C:\Users\JR\AppData\Local\Temp\aswVmm.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-07-20 13:55 - 2014-07-20 13:55 - 00008095 _____ () C:\Users\JR\Desktop\FRST.txt
2014-07-20 13:53 - 2014-07-20 13:53 - 00003961 _____ () C:\Users\JR\Desktop\RKreport_SCN_07202014_134944.log
2014-07-20 13:31 - 2014-07-20 13:31 - 00019794 _____ () C:\Users\JR\Desktop\smAddition.txt
2014-07-20 13:30 - 2014-07-20 13:55 - 00000000 ____D () C:\FRST
2014-07-20 13:30 - 2014-07-20 13:31 - 00029664 _____ () C:\Users\JR\Desktop\smFRST.txt
2014-07-20 13:29 - 2014-07-20 13:29 - 00003896 _____ () C:\Users\JR\Desktop\smRKreport_SCN_07202014_132651.log
2014-07-20 13:23 - 2014-07-20 13:43 - 00030312 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-07-20 13:23 - 2014-07-20 13:23 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-07-20 13:20 - 2014-07-20 13:20 - 05336664 _____ () C:\Users\JR\Desktop\RogueKillerX64.exe
2014-07-20 13:20 - 2014-07-20 13:20 - 02089984 _____ (Farbar) C:\Users\JR\Desktop\FRST64.exe
2014-07-20 13:17 - 2014-07-20 13:21 - 743904068 _____ () C:\Users\JR\Downloads\ubuntu-14.04-desktop-amd64.iso.crdownload
2014-07-20 01:11 - 2014-07-20 01:12 - 00000000 ____D () C:\Users\JR\Desktop\New folder
2014-07-19 18:42 - 2014-07-19 18:42 - 00000000 ____D () C:\Users\JR\AppData\Roaming\Boredom Software
2014-07-19 18:40 - 2014-07-19 18:40 - 00000000 _____ () C:\Windows\system32\SQL.LOG
2014-07-19 18:21 - 2014-07-19 18:21 - 00000017 _____ () C:\Users\JR\AppData\Local\resmon.resmoncfg
2014-07-19 13:23 - 2014-07-20 13:41 - 00000784 _____ () C:\Windows\setupact.log
2014-07-19 13:23 - 2014-07-19 13:23 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-19 02:36 - 2014-07-19 02:36 - 00102044 _____ () C:\Users\JR\Desktop\Possible mebroot HelpAssistant virus, but not sure - Am I infected  What do I do .htm
2014-07-19 02:06 - 2014-07-19 02:06 - 00000000 ____D () C:\Program Files (x86)\Boredom Software
2014-07-19 02:04 - 2014-07-19 02:04 - 00000000 ____D () C:\Users\JR\Downloads\vtHash
2014-07-18 20:17 - 2014-07-18 20:42 - 00000000 ____D () C:\Users\JR\Downloads\Hercules.Reborn.2014.HDRip.XviD.AC3-EVO
2014-07-18 20:15 - 2014-07-18 20:18 - 00000000 ____D () C:\Users\JR\Downloads\Transcendence (2014) [1080p]
2014-07-18 20:14 - 2014-07-18 20:16 - 00000000 ____D () C:\Users\JR\Downloads\Brick Mansions 2014 DVDRip x264 AC3-MiLLENiUM
2014-07-18 20:13 - 2014-07-18 20:36 - 00000000 ____D () C:\Users\JR\Downloads\Noah (2014) [1080p]
2014-07-18 20:12 - 2014-07-18 20:15 - 00000000 ____D () C:\Users\JR\Downloads\torrents
2014-07-18 20:12 - 2014-07-18 20:12 - 00021784 _____ () C:\Users\JR\Downloads\[kickass.to]noah.2014.1080p.brrip.x264.yify.torrent
2014-07-18 20:08 - 2014-07-18 20:09 - 01859152 _____ (BitTorrent Inc.) C:\Users\JR\Downloads\uTorrent.exe
2014-07-18 16:19 - 2014-07-18 13:28 - 00000000 ____D () C:\Windows\Panther
2014-07-18 16:02 - 2014-07-18 19:35 - 00000000 ____D () C:\Windows\pss
2014-07-18 15:34 - 2014-07-20 13:09 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-07-18 15:34 - 2014-07-18 15:34 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-07-18 15:34 - 2014-07-18 15:34 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-18 15:34 - 2014-07-18 15:34 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-07-18 15:34 - 2014-07-18 15:34 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-07-18 15:34 - 2014-07-18 15:34 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-07-18 15:34 - 2014-07-18 15:34 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-07-18 15:34 - 2014-07-18 15:34 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-07-18 15:34 - 2014-07-18 15:34 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-07-18 15:34 - 2014-07-18 15:34 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-18 15:34 - 2014-07-18 15:34 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-07-18 15:34 - 2014-07-18 15:34 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-07-18 15:34 - 2014-07-18 15:34 - 00000000 ____D () C:\Users\JR\AppData\Roaming\AVAST Software
2014-07-18 15:34 - 2014-07-18 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-07-18 15:31 - 2014-07-18 15:31 - 00000000 ____D () C:\Program Files\AVAST Software
2014-07-18 15:30 - 2014-07-18 15:31 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-07-18 15:28 - 2014-07-18 15:28 - 04862664 _____ (AVAST Software) C:\Users\JR\Downloads\avast_free_antivirus_setup_online.exe
2014-07-18 15:27 - 2014-07-18 15:27 - 00085139 _____ () C:\Users\JR\Desktop\Infected with MEBROMI - Virus, Trojan, Spyware, and Malware Removal Logs.htm
2014-07-18 15:25 - 2014-07-18 15:25 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\JR\Desktop\tdsskiller .exe
2014-07-18 15:23 - 2014-07-19 01:49 - 00131212 _____ () C:\Windows\WindowsUpdate.log
2014-07-18 15:23 - 2014-07-18 15:23 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\JR\Downloads\tdsskiller.exe
2014-07-18 15:23 - 2014-07-18 15:23 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2014-07-18 15:23 - 2014-07-18 15:23 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2014-07-18 15:22 - 2014-07-18 15:22 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-07-18 15:21 - 2014-07-18 15:22 - 04161313 _____ () C:\Users\JR\Downloads\tdsskiller.zip
2014-07-18 15:18 - 2014-07-20 13:42 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-18 15:18 - 2014-07-20 04:28 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-18 15:18 - 2014-07-18 15:23 - 00003886 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-07-18 15:18 - 2014-07-18 15:23 - 00003634 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-07-18 15:18 - 2014-07-18 15:19 - 00000000 ____D () C:\Users\JR\AppData\Local\Google
2014-07-18 15:18 - 2014-07-18 15:18 - 00002766 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-07-18 15:18 - 2014-07-18 15:18 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-18 15:18 - 2014-07-18 15:18 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-07-18 15:18 - 2014-07-18 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-18 15:18 - 2014-07-18 15:18 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-18 15:18 - 2014-07-18 15:18 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-18 15:04 - 2014-07-18 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REALTEK PCIE Wireless LAN Utility
2014-07-18 15:03 - 2009-04-02 10:27 - 00188416 _____ (Realtek Semiconductor Corp. ) C:\Windows\SysWOW64\RTLExtUI.dll
2014-07-18 15:03 - 2009-03-31 14:31 - 00380928 _____ (Realtek) C:\Windows\RtlUI2.exe
2014-07-18 15:03 - 2009-01-05 20:31 - 00000901 _____ () C:\Windows\RtlUI2.exe.manifest
2014-07-18 15:03 - 2008-07-01 12:31 - 00614400 _____ (Realtek Semiconductor Corp. ) C:\Windows\SysWOW64\Rtlihvs.dll
2014-07-18 14:38 - 2014-07-18 15:03 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-18 14:38 - 2014-07-18 15:03 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-07-18 14:38 - 2014-07-18 14:38 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-07-18 14:38 - 2011-06-15 11:25 - 01145960 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\rtl8192ce.sys
2014-07-18 14:38 - 2010-12-01 09:31 - 00451072 _____ () C:\Windows\SysWOW64\ISSRemoveSP.exe
2014-07-18 14:37 - 2014-07-18 14:37 - 00000000 ____D () C:\SWSetup
2014-07-18 14:27 - 2014-07-18 14:27 - 00057560 _____ () C:\Users\JR\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-18 14:19 - 2014-07-18 14:19 - 00000000 ____D () C:\Users\JR\AppData\Roaming\WinRAR
2014-07-18 14:18 - 2014-07-18 14:19 - 00000000 ____D () C:\Users\JR\Desktop\mebroot
2014-07-18 14:15 - 2014-07-18 14:15 - 00000000 ____D () C:\Users\JR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-07-18 14:15 - 2014-07-18 14:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-07-18 14:15 - 2014-07-18 14:15 - 00000000 ____D () C:\Program Files\WinRAR
2014-07-18 14:14 - 2014-07-18 14:14 - 00000000 _____ () C:\Windows\system32\mbr.dat
2014-07-18 14:12 - 2014-07-11 18:31 - 14725120 _____ () C:\Users\JR\Downloads\IPDT_Installer_2.8.0.0-1_x86_2.10.0.0.MP-1_x64.exe
2014-07-18 14:09 - 2014-07-20 00:58 - 00000000 ____D () C:\Users\JR\Desktop\texts
2014-07-18 14:09 - 2014-07-18 15:08 - 00000000 ____D () C:\Users\JR\Desktop\Shortcuts
2014-07-18 14:05 - 2014-07-18 14:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyFinder
2014-07-18 14:05 - 2014-07-18 14:05 - 00000000 ____D () C:\Program Files (x86)\Magical Jelly Bean
2014-07-18 13:58 - 2014-07-11 18:53 - 24168352 _____ (Hewlett-Packard Company ) C:\Users\JR\Downloads\sp53753.exe
2014-07-18 13:28 - 2014-07-18 13:28 - 00001443 _____ () C:\Users\JR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-18 13:28 - 2014-07-18 13:28 - 00001409 _____ () C:\Users\JR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-07-18 13:28 - 2014-07-18 13:28 - 00000020 ___SH () C:\Users\JR\ntuser.ini
2014-07-18 13:28 - 2014-07-18 13:28 - 00000000 ____D () C:\Users\JR\AppData\Local\VirtualStore
2014-07-18 13:28 - 2014-07-18 13:28 - 00000000 ____D () C:\Users\JR
2014-07-18 13:28 - 2009-07-13 23:54 - 00000000 ___RD () C:\Users\JR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-07-18 13:28 - 2009-07-13 23:49 - 00000000 ___RD () C:\Users\JR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-07-18 01:36 - 2014-07-18 14:14 - 00000374 _____ () C:\HelpAsst.log
2014-07-18 00:03 - 2014-07-18 13:28 - 00000000 __SHD () C:\Recovery
 
==================== One Month Modified Files and Folders =======
 
2014-07-20 13:55 - 2014-07-20 13:55 - 00008095 _____ () C:\Users\JR\Desktop\FRST.txt
2014-07-20 13:55 - 2014-07-20 13:30 - 00000000 ____D () C:\FRST
2014-07-20 13:53 - 2014-07-20 13:53 - 00003961 _____ () C:\Users\JR\Desktop\RKreport_SCN_07202014_134944.log
2014-07-20 13:48 - 2009-07-14 00:13 - 00727766 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-20 13:43 - 2014-07-20 13:23 - 00030312 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-07-20 13:42 - 2014-07-18 15:18 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-20 13:41 - 2014-07-19 13:23 - 00000784 _____ () C:\Windows\setupact.log
2014-07-20 13:41 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-20 13:31 - 2014-07-20 13:31 - 00019794 _____ () C:\Users\JR\Desktop\smAddition.txt
2014-07-20 13:31 - 2014-07-20 13:30 - 00029664 _____ () C:\Users\JR\Desktop\smFRST.txt
2014-07-20 13:29 - 2014-07-20 13:29 - 00003896 _____ () C:\Users\JR\Desktop\smRKreport_SCN_07202014_132651.log
2014-07-20 13:23 - 2014-07-20 13:23 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-07-20 13:21 - 2014-07-20 13:17 - 743904068 _____ () C:\Users\JR\Downloads\ubuntu-14.04-desktop-amd64.iso.crdownload
2014-07-20 13:21 - 2009-07-13 23:45 - 00016640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-20 13:21 - 2009-07-13 23:45 - 00016640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-20 13:20 - 2014-07-20 13:20 - 05336664 _____ () C:\Users\JR\Desktop\RogueKillerX64.exe
2014-07-20 13:20 - 2014-07-20 13:20 - 02089984 _____ (Farbar) C:\Users\JR\Desktop\FRST64.exe
2014-07-20 13:09 - 2014-07-18 15:34 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-07-20 04:28 - 2014-07-18 15:18 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-20 01:12 - 2014-07-20 01:11 - 00000000 ____D () C:\Users\JR\Desktop\New folder
2014-07-20 01:04 - 2010-11-20 22:47 - 00006410 _____ () C:\Windows\PFRO.log
2014-07-20 00:58 - 2014-07-18 14:09 - 00000000 ____D () C:\Users\JR\Desktop\texts
2014-07-19 23:43 - 2010-11-21 02:06 - 00000000 ____D () C:\Windows\system32\0409
2014-07-19 18:42 - 2014-07-19 18:42 - 00000000 ____D () C:\Users\JR\AppData\Roaming\Boredom Software
2014-07-19 18:40 - 2014-07-19 18:40 - 00000000 _____ () C:\Windows\system32\SQL.LOG
2014-07-19 18:21 - 2014-07-19 18:21 - 00000017 _____ () C:\Users\JR\AppData\Local\resmon.resmoncfg
2014-07-19 13:23 - 2014-07-19 13:23 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-19 02:36 - 2014-07-19 02:36 - 00102044 _____ () C:\Users\JR\Desktop\Possible mebroot HelpAssistant virus, but not sure - Am I infected  What do I do .htm
2014-07-19 02:06 - 2014-07-19 02:06 - 00000000 ____D () C:\Program Files (x86)\Boredom Software
2014-07-19 02:04 - 2014-07-19 02:04 - 00000000 ____D () C:\Users\JR\Downloads\vtHash
2014-07-19 01:49 - 2014-07-18 15:23 - 00131212 _____ () C:\Windows\WindowsUpdate.log
2014-07-18 20:42 - 2014-07-18 20:17 - 00000000 ____D () C:\Users\JR\Downloads\Hercules.Reborn.2014.HDRip.XviD.AC3-EVO
2014-07-18 20:36 - 2014-07-18 20:13 - 00000000 ____D () C:\Users\JR\Downloads\Noah (2014) [1080p]
2014-07-18 20:18 - 2014-07-18 20:15 - 00000000 ____D () C:\Users\JR\Downloads\Transcendence (2014) [1080p]
2014-07-18 20:16 - 2014-07-18 20:14 - 00000000 ____D () C:\Users\JR\Downloads\Brick Mansions 2014 DVDRip x264 AC3-MiLLENiUM
2014-07-18 20:15 - 2014-07-18 20:12 - 00000000 ____D () C:\Users\JR\Downloads\torrents
2014-07-18 20:12 - 2014-07-18 20:12 - 00021784 _____ () C:\Users\JR\Downloads\[kickass.to]noah.2014.1080p.brrip.x264.yify.torrent
2014-07-18 20:09 - 2014-07-18 20:08 - 01859152 _____ (BitTorrent Inc.) C:\Users\JR\Downloads\uTorrent.exe
2014-07-18 19:35 - 2014-07-18 16:02 - 00000000 ____D () C:\Windows\pss
2014-07-18 16:54 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-07-18 16:19 - 2009-07-14 00:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-07-18 16:19 - 2009-07-14 00:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-07-18 15:34 - 2014-07-18 15:34 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-07-18 15:34 - 2014-07-18 15:34 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-18 15:34 - 2014-07-18 15:34 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-07-18 15:34 - 2014-07-18 15:34 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-07-18 15:34 - 2014-07-18 15:34 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-07-18 15:34 - 2014-07-18 15:34 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-07-18 15:34 - 2014-07-18 15:34 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-07-18 15:34 - 2014-07-18 15:34 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-07-18 15:34 - 2014-07-18 15:34 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-18 15:34 - 2014-07-18 15:34 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-07-18 15:34 - 2014-07-18 15:34 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-07-18 15:34 - 2014-07-18 15:34 - 00000000 ____D () C:\Users\JR\AppData\Roaming\AVAST Software
2014-07-18 15:34 - 2014-07-18 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-07-18 15:34 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-07-18 15:31 - 2014-07-18 15:31 - 00000000 ____D () C:\Program Files\AVAST Software
2014-07-18 15:31 - 2014-07-18 15:30 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-07-18 15:28 - 2014-07-18 15:28 - 04862664 _____ (AVAST Software) C:\Users\JR\Downloads\avast_free_antivirus_setup_online.exe
2014-07-18 15:27 - 2014-07-18 15:27 - 00085139 _____ () C:\Users\JR\Desktop\Infected with MEBROMI - Virus, Trojan, Spyware, and Malware Removal Logs.htm
2014-07-18 15:26 - 2009-07-13 23:45 - 00274320 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-18 15:25 - 2014-07-18 15:25 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\JR\Desktop\tdsskiller .exe
2014-07-18 15:23 - 2014-07-18 15:23 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\JR\Downloads\tdsskiller.exe
2014-07-18 15:23 - 2014-07-18 15:23 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2014-07-18 15:23 - 2014-07-18 15:23 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2014-07-18 15:23 - 2014-07-18 15:18 - 00003886 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-07-18 15:23 - 2014-07-18 15:18 - 00003634 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-07-18 15:22 - 2014-07-18 15:22 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-07-18 15:22 - 2014-07-18 15:21 - 04161313 _____ () C:\Users\JR\Downloads\tdsskiller.zip
2014-07-18 15:22 - 2009-07-13 23:46 - 00002790 _____ () C:\Windows\DtcInstall.log
2014-07-18 15:22 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-07-18 15:19 - 2014-07-18 15:18 - 00000000 ____D () C:\Users\JR\AppData\Local\Google
2014-07-18 15:18 - 2014-07-18 15:18 - 00002766 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-07-18 15:18 - 2014-07-18 15:18 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-18 15:18 - 2014-07-18 15:18 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-07-18 15:18 - 2014-07-18 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-18 15:18 - 2014-07-18 15:18 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-18 15:18 - 2014-07-18 15:18 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-18 15:08 - 2014-07-18 14:09 - 00000000 ____D () C:\Users\JR\Desktop\Shortcuts
2014-07-18 15:04 - 2014-07-18 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REALTEK PCIE Wireless LAN Utility
2014-07-18 15:03 - 2014-07-18 14:38 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-18 15:03 - 2014-07-18 14:38 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-07-18 14:41 - 2009-07-13 22:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-07-18 14:40 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-18 14:38 - 2014-07-18 14:38 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-07-18 14:37 - 2014-07-18 14:37 - 00000000 ____D () C:\SWSetup
2014-07-18 14:27 - 2014-07-18 14:27 - 00057560 _____ () C:\Users\JR\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-18 14:19 - 2014-07-18 14:19 - 00000000 ____D () C:\Users\JR\AppData\Roaming\WinRAR
2014-07-18 14:19 - 2014-07-18 14:18 - 00000000 ____D () C:\Users\JR\Desktop\mebroot
2014-07-18 14:15 - 2014-07-18 14:15 - 00000000 ____D () C:\Users\JR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-07-18 14:15 - 2014-07-18 14:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-07-18 14:15 - 2014-07-18 14:15 - 00000000 ____D () C:\Program Files\WinRAR
2014-07-18 14:14 - 2014-07-18 14:14 - 00000000 _____ () C:\Windows\system32\mbr.dat
2014-07-18 14:14 - 2014-07-18 01:36 - 00000374 _____ () C:\HelpAsst.log
2014-07-18 14:05 - 2014-07-18 14:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyFinder
2014-07-18 14:05 - 2014-07-18 14:05 - 00000000 ____D () C:\Program Files (x86)\Magical Jelly Bean
2014-07-18 13:41 - 2009-07-14 00:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-07-18 13:41 - 2009-07-13 22:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-07-18 13:41 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\spool
2014-07-18 13:35 - 2009-07-14 00:32 - 00000000 ____D () C:\Windows\system32\restore
2014-07-18 13:28 - 2014-07-18 16:19 - 00000000 ____D () C:\Windows\Panther
2014-07-18 13:28 - 2014-07-18 13:28 - 00001443 _____ () C:\Users\JR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-18 13:28 - 2014-07-18 13:28 - 00001409 _____ () C:\Users\JR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-07-18 13:28 - 2014-07-18 13:28 - 00000020 ___SH () C:\Users\JR\ntuser.ini
2014-07-18 13:28 - 2014-07-18 13:28 - 00000000 ____D () C:\Users\JR\AppData\Local\VirtualStore
2014-07-18 13:28 - 2014-07-18 13:28 - 00000000 ____D () C:\Users\JR
2014-07-18 13:28 - 2014-07-18 00:03 - 00000000 __SHD () C:\Recovery
2014-07-11 18:53 - 2014-07-18 13:58 - 24168352 _____ (Hewlett-Packard Company ) C:\Users\JR\Downloads\sp53753.exe
2014-07-11 18:31 - 2014-07-18 14:12 - 14725120 _____ () C:\Users\JR\Downloads\IPDT_Installer_2.8.0.0-1_x86_2.10.0.0.MP-1_x64.exe
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-07-18 16:47
 
==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-07-2014
Ran by JR at 2014-07-20 13:57:17
Running from C:\Users\JR\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.10.10 - Magical Jelly Bean)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.11.0706 - REALTEK Semiconductor Corp.)
REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{556BEFE2-30FF-4113-98F4-01234396DF2B}) (Version: 1.00.11.0706 - REALTEK Semiconductor Corp.)
VT Hash Check 1.47 (HKLM-x32\...\{1E579B65-503B-4184-B481-5138124BEE1D}_is1) (Version: 1.47 - Boredom Software)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
 
==================== Restore Points  =========================
 
18-07-2014 18:35:53 Windows Modules Installer
18-07-2014 19:37:54 Installed REALTEK PCIE Wireless LAN Driver
18-07-2014 19:43:02 Windows Update
18-07-2014 19:51:02 Installed Intel Processor Diagnostic Tool 64bit.
18-07-2014 20:03:40 Installed REALTEK PCIE Wireless LAN Driver and Utility
18-07-2014 20:31:17 avast! antivirus system restore point
 
==================== Hosts content: ==========================
 
2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {41ABA92D-FC9C-4165-B608-8028077F64EF} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-18] (AVAST Software)
Task: {5F550492-BCC7-4675-9694-FFB471C4681F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-18] (Google Inc.)
Task: {9ABB7F0F-F60D-4769-B87D-7D8780299C35} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {CF0BC27C-AEA2-4975-B1E9-6B1E16E0A063} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-18] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-07-18 15:34 - 2014-07-18 15:34 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-07-20 13:09 - 2014-07-20 13:09 - 02793472 _____ () C:\Program Files\AVAST Software\Avast\defs\14072001\algo.dll
2014-07-18 15:34 - 2014-07-18 15:34 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\59166212.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\99143894.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\59166212.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\99143894.sys => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
 
==================== Faulty Device Manager Devices =============
 
Name: Intel® ICH9 Family USB2 Enhanced Host Controller - 293A
Description: Intel® ICH9 Family USB2 Enhanced Host Controller - 293A
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbehci
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Intel® ICH9 Family USB2 Enhanced Host Controller - 293C
Description: Intel® ICH9 Family USB2 Enhanced Host Controller - 293C
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbehci
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: PCI Device
Description: PCI Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Intel® ICH9 Family USB Universal Host Controller - 2934
Description: Intel® ICH9 Family USB Universal Host Controller - 2934
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Ethernet Controller
Description: Ethernet Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Intel® ICH9 Family USB Universal Host Controller - 2935
Description: Intel® ICH9 Family USB Universal Host Controller - 2935
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Intel® ICH9 Family USB Universal Host Controller - 2936
Description: Intel® ICH9 Family USB Universal Host Controller - 2936
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Intel® ICH9 Family USB Universal Host Controller - 2937
Description: Intel® ICH9 Family USB Universal Host Controller - 2937
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Intel® ICH9 Family USB Universal Host Controller - 2938
Description: Intel® ICH9 Family USB Universal Host Controller - 2938
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Intel® ICH9 Family USB Universal Host Controller - 2939
Description: Intel® ICH9 Family USB Universal Host Controller - 2939
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/20/2014 01:42:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/20/2014 01:25:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/20/2014 01:09:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/20/2014 01:07:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/19/2014 09:59:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/19/2014 09:24:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
Error: (07/19/2014 09:24:05 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
Error: (07/19/2014 09:24:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
Error: (07/19/2014 09:23:58 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
Error: (07/19/2014 09:23:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
 
System errors:
=============
Error: (07/20/2014 01:23:27 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (07/20/2014 01:23:27 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (07/20/2014 01:23:27 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (07/20/2014 01:23:27 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (07/20/2014 01:23:27 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (07/20/2014 01:23:27 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (07/20/2014 01:23:26 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (07/20/2014 01:23:26 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
 
Error: (07/20/2014 01:23:26 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
Error: (07/20/2014 01:23:25 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
 
Microsoft Office Sessions:
=========================
Error: (07/20/2014 01:42:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/20/2014 01:25:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/20/2014 01:09:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/20/2014 01:07:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/19/2014 09:59:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/19/2014 09:24:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (07/19/2014 09:24:05 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (07/19/2014 09:24:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (07/19/2014 09:23:58 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (07/19/2014 09:23:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 38%
Total physical RAM: 3001.89 MB
Available physical RAM: 1832.3 MB
Total Pagefile: 6001.98 MB
Available Pagefile: 5167.8 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:200.34 GB) (Free:174.7 GB) NTFS
Drive d: (linux) (Fixed) (Total:97.65 GB) (Free:94.99 GB) NTFS
Drive e: (Apr 11 2014) (CDROM) (Total:4.38 GB) (Free:1.8 GB) UDF
Drive f: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: EB327C5A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=200 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=98 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

Edited by bigrobifer, 20 July 2014 - 02:41 PM.


#15 nasdaq

nasdaq

  • Malware Response Team
  • 38,936 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:54 AM

Posted 21 July 2014 - 06:58 AM

Run the RogueKiller tool and fix these entries.

[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\aswVmm -> FOUND
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswVmm -> FOUND
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\aswVmm -> FOUND


===

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
 
start

S3 aswVmm; \??\C:\Users\JR\AppData\Local\Temp\aswVmm.sys [X]

End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.
===

How is the computer running now?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users