Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Temporary Internet Files keeps auto-refilling. Malware Detected Consistently.


  • Please log in to reply
8 replies to this topic

#1 BillPax2000

BillPax2000

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:01 AM

Posted 07 September 2014 - 02:25 PM

Hello,

 

First-time poster here. For the last 3 days I have been suffereing from windows seemingly popping up in the background quickly and then closing. My temporary internet files are also recurringly filling up even though I am not using Intenet Explorer. When I select and delete the files, only half of them delete, and then my folder refreshes and all of a sudden several hundred items appear again. My folder for Temporary Internet files is also hidden, even though it is supposed to be revealed. I can only access it by going through 'Tools' in the 'Internet Options' area. I ran several scans with ESET NOD 32 Anti-virus and the last thing it picked up was this: Operating Memory firefox.exe(2200) A variant of Win32/PSW.Papras.DR trojan.

 

It says it was cleaned by quarantine and deletion. However, I have noticed lag, computer crashes and more windows popping up in the background briefly before disappearing. I ran several malware scans, using Malwarbytes in the last 2 days since, and I have picked up new items. Here is a list of them.

 

Trojan.Ransom.Gen x3

Spyware.Zbot.VXGen x1

Backdoor.0Access x2

 

and everytime I scan, a new one seems to pop up.

 

Here is the DDS log.

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17239  BrowserJavaVersion: 11.20.2
Run by John at 14:03:43 on 2014-09-07
Microsoft Windows 7 Professional   6.1.7601.1.932.81.1033.18.8159.5500 [GMT -5:00]
.
AV: ESET NOD32 Antivirus 5.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 5.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\UnsignedThemesSvc.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\PnkBstrA.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
svchost.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
svchost.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
C:\Program Files (x86)\TESORO Gaming\DURANDAL ULTIMATE Gaming Keyboard\HID.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\SysWOW64\ctfmon.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.search.yahoo.com/?fr=w3i&type=W3i_SP,204,0_0,StartPage,20111249,16897,0,6,0
uProxyOverride = <local>
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_20\bin\ssv.dll
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: FlashGetBHO: {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\John\AppData\Roaming\FlashGetBHO\FlashGetBHO.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_20\bin\jp2ssv.dll
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
mRun: [ione] C:\Program Files (x86)\TESORO Gaming\DURANDAL ULTIMATE Gaming Keyboard\HID.exe
mRun: [NCUpdateHelper] C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Download all links by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgetallurl.htm
IE: Download by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgeturl.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
IE: {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_20-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0018-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_20-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{08376160-414D-464C-8EF6-D92D6E2440B8} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll
x64-Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ve0xze9a.default\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_20\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_20\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\John\AppData\Local\Citrix\Plugins\104\npappdetector.dll
FF - plugin: C:\Users\John\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\John\AppData\Roaming\RCKR\plugins\nprcplugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll
.
============= SERVICES / DRIVERS ===============
.
R0 RzFilter;RzFilter;C:\Windows\System32\drivers\RzFilter.sys [2013-7-19 74456]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2011-12-4 279616]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2014-1-31 240128]
R2 cpuz135;cpuz135;C:\Windows\System32\drivers\cpuz135_x64.sys [2011-12-3 21992]
R2 eamonm;eamonm;C:\Windows\System32\drivers\eamonm.sys [2011-8-9 202576]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-9-22 974944]
R2 epfwwfpr;epfwwfpr;C:\Windows\System32\drivers\epfwwfpr.sys [2011-8-4 137144]
R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service;C:\Program Files (x86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe [2014-3-31 242216]
R2 UnsignedThemes;Unsigned Themes;C:\Windows\UnsignedThemesSvc.exe [2009-7-13 24168]
R2 uxpatch;uxpatch;C:\Windows\System32\drivers\uxpatch.sys [2009-7-13 30568]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-12-19 94720]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2011-3-13 28832]
R3 I1KBFLTR;T1 Gaming Keyboard;C:\Windows\System32\drivers\I1KBFLTR.sys [2013-2-15 29440]
R3 ICCWDT;Intel® Watchdog Timer Driver (Intel® WDT);C:\Windows\System32\drivers\ICCWDT.sys [2013-7-10 26136]
R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-1-18 351136]
R3 LVUVC64;Logitech Webcam Pro 9000(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-1-18 4865568]
R3 RzDxgk;RzDxgk;C:\Windows\System32\drivers\RzDxgk.sys [2013-7-19 128856]
R3 rzudd;Razer Keyboard Driver;C:\Windows\System32\drivers\rzudd.sys [2012-7-31 105984]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-4-3 315008]
S3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2011-3-13 36000]
S3 ATHDFU;Atheros Valkyrie USB BootROM;C:\Windows\System32\drivers\AthDfu.sys [2011-3-13 51872]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2011-3-13 298656]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2011-3-13 201376]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2011-3-13 55456]
S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2011-3-13 154272]
S3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2011-3-13 280224]
S3 CorsairCAHS1;CA-HS1 Interface;C:\Windows\System32\drivers\CAHS164.sys [2011-6-16 1308160]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 HtcVCom32;HTC Diagnostic Port;C:\Windows\System32\drivers\HtcVComV64.sys [2010-3-8 121800]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-8-13 111616]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\System32\GameMon.des -service --> C:\Windows\System32\GameMon.des -service [?]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-12-21 19456]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 Te.Service;Te.Service;C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [2012-7-25 126976]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-2-25 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-12-21 30208]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-8-2 51712]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-12-3 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S4 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe [2013-7-10 918448]
S4 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.18\aaHMSvc.exe [2013-7-10 950912]
S4 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2013-7-10 586880]
S4 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2011-3-13 74912]
S4 BrlAPI;BrlAPI;C:\cygwin\bin\cygrunsrv.exe --> C:\cygwin\bin\cygrunsrv.exe [?]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2010-4-3 59744]
S4 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-11-27 398176]
S4 RsFx0153;RsFx0153 Driver;C:\Windows\System32\drivers\RsFx0153.sys [2014-7-10 322736]
S4 RzOvlMon;Razer Overlay Subsystem Emergency Service;C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe [2013-7-10 32984]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2014-7-10 442536]
S4 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]
.
=============== Created Last 30 ================
.
2014-09-07 03:00:19    --------    d-----w-    C:\Program Files (x86)\TomBrennanSoftware
2014-09-06 02:10:52    --------    d-----w-    C:\ProgramData\EvezNexn
2014-09-05 16:32:54    11319192    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4D9F9938-33C5-4CA0-B8D7-20F91915D968}\mpengine.dll
2014-09-05 15:01:27    --------    d-sh--w-    C:\$RECYCLE.BIN
2014-09-03 13:39:01    3231696    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\d3dcompiler_46.dll
2014-09-03 13:38:20    --------    d-----w-    C:\Users\John\AppData\Local\Adobe
2014-09-02 11:34:21    972712    ----a-w-    C:\Windows\System32\deployJava1.dll
2014-09-02 11:34:21    1093032    ----a-w-    C:\Windows\System32\npDeployJava1.dll
2014-09-02 03:59:26    98216    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-09-02 03:58:52    --------    d-----w-    C:\ProgramData\Oracle
2014-09-01 13:03:05    0    ----a-w-    C:\Windows\System32\uwabq.dll
2014-09-01 13:02:59    79360    ----a-w-    C:\Windows\System32\lctxjkp.dll
2014-09-01 12:56:47    --------    d-----w-    C:\Users\John\AppData\Roaming\Wireshark
2014-09-01 12:25:05    --------    d-----w-    C:\Program Files (x86)\WinPcap
2014-09-01 12:24:38    --------    d-----w-    C:\Program Files\Wireshark
2014-08-27 23:49:28    404480    ----a-w-    C:\Windows\System32\gdi32.dll
2014-08-27 23:49:28    3163648    ----a-w-    C:\Windows\System32\win32k.sys
2014-08-27 23:49:28    311808    ----a-w-    C:\Windows\SysWow64\gdi32.dll
2014-08-20 19:35:41    2620928    ----a-w-    C:\Windows\System32\wucltux.dll
2014-08-20 19:35:27    97792    ----a-w-    C:\Windows\System32\wudriver.dll
2014-08-20 19:35:27    92672    ----a-w-    C:\Windows\SysWow64\wudriver.dll
2014-08-20 19:34:38    36864    ----a-w-    C:\Windows\System32\wuapp.exe
2014-08-20 19:34:38    33792    ----a-w-    C:\Windows\SysWow64\wuapp.exe
2014-08-20 19:34:38    198600    ----a-w-    C:\Windows\System32\wuwebv.dll
2014-08-20 19:34:38    179656    ----a-w-    C:\Windows\SysWow64\wuwebv.dll
2014-08-13 07:56:32    89264    ----a-w-    C:\Windows\System32\perf-MSSQL$SQLEXPRESS-sqlctr10.52.4033.0.dll
2014-08-13 07:56:32    83632    ----a-w-    C:\Windows\SysWow64\perf-MSSQL$SQLEXPRESS-sqlctr10.52.4033.0.dll
2014-08-13 07:56:31    115888    ----a-w-    C:\Windows\System32\SQSRVRES.DLL
2014-08-13 07:45:53    99480    ----a-w-    C:\Windows\SysWow64\infocardapi.dll
2014-08-13 07:45:53    619672    ----a-w-    C:\Windows\SysWow64\icardagt.exe
2014-08-13 07:45:53    171160    ----a-w-    C:\Windows\System32\infocardapi.dll
2014-08-13 07:45:53    1389208    ----a-w-    C:\Windows\System32\icardagt.exe
2014-08-13 07:45:41    8856    ----a-w-    C:\Windows\SysWow64\icardres.dll
2014-08-13 07:45:41    8856    ----a-w-    C:\Windows\System32\icardres.dll
2014-08-13 07:45:18    35480    ----a-w-    C:\Windows\SysWow64\TsWpfWrp.exe
2014-08-13 07:45:18    35480    ----a-w-    C:\Windows\System32\TsWpfWrp.exe
2014-08-13 07:41:48    7168    ----a-w-    C:\Windows\SysWow64\KBDYAK.DLL
2014-08-13 07:40:50    985536    ----a-w-    C:\Windows\System32\drivers\dxgkrnl.sys
2014-08-13 07:39:33    529920    ----a-w-    C:\Windows\System32\aepdu.dll
2014-08-13 07:39:33    424448    ----a-w-    C:\Windows\System32\aeinv.dll
.
==================== Find3M  ====================
.
2014-09-07 18:15:50    122584    ----a-w-    C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-09-05 15:17:40    215416    ----a-w-    C:\Windows\SysWow64\PnkBstrB.exe
2014-09-05 15:17:35    214392    ----a-w-    C:\Windows\SysWow64\PnkBstrB.ex0
2014-09-03 13:38:53    71344    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-03 13:38:53    699568    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2014-09-02 03:59:59    111016    ----a-w-    C:\Windows\System32\WindowsAccessBridge-64.dll
2014-08-05 14:20:00    270496    ------w-    C:\Windows\System32\MpSigStub.exe
2014-07-25 14:02:12    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2014-07-25 14:01:41    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2014-07-25 13:30:30    66048    ----a-w-    C:\Windows\System32\iesetup.dll
2014-07-25 13:28:35    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2014-07-25 13:28:27    548352    ----a-w-    C:\Windows\System32\vbscript.dll
2014-07-25 13:25:45    83968    ----a-w-    C:\Windows\System32\MshtmlDac.dll
2014-07-25 13:04:40    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2014-07-25 13:00:51    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe
2014-07-25 13:00:25    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2014-07-25 12:59:28    758272    ----a-w-    C:\Windows\System32\jscript9diag.dll
2014-07-25 12:47:25    940032    ----a-w-    C:\Windows\System32\MsSpellCheckingFacility.exe
2014-07-25 12:34:49    61952    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2014-07-25 12:34:03    455168    ----a-w-    C:\Windows\SysWow64\vbscript.dll
2014-07-25 12:33:08    51200    ----a-w-    C:\Windows\SysWow64\ieetwproxystub.dll
2014-07-25 12:30:32    61952    ----a-w-    C:\Windows\SysWow64\MshtmlDac.dll
2014-07-25 12:28:15    5824512    ----a-w-    C:\Windows\System32\jscript9.dll
2014-07-25 12:28:05    72704    ----a-w-    C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-07-25 12:10:15    112128    ----a-w-    C:\Windows\SysWow64\ieUnatt.exe
2014-07-25 12:08:47    597504    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2014-07-25 12:06:47    4204032    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2014-07-25 11:43:16    60416    ----a-w-    C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-07-25 11:39:29    2087936    ----a-w-    C:\Windows\System32\inetcpl.cpl
2014-07-25 11:39:25    1249280    ----a-w-    C:\Windows\System32\mshtmlmedia.dll
2014-07-25 11:07:49    2001920    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2014-07-25 11:07:10    1068032    ----a-w-    C:\Windows\SysWow64\mshtmlmedia.dll
2014-07-25 10:52:06    2266624    ----a-w-    C:\Windows\System32\wininet.dll
2014-07-25 10:05:23    1792512    ----a-w-    C:\Windows\SysWow64\wininet.dll
2014-07-16 03:23:41    2048    ----a-w-    C:\Windows\System32\tzres.dll
2014-07-16 02:46:02    2048    ----a-w-    C:\Windows\SysWow64\tzres.dll
2014-07-14 02:02:45    1216000    ----a-w-    C:\Windows\System32\rpcrt4.dll
2014-07-14 01:40:58    664064    ----a-w-    C:\Windows\SysWow64\rpcrt4.dll
2014-07-10 16:30:58    322736    ----a-w-    C:\Windows\System32\drivers\RsFx0153.sys
2014-07-10 16:28:12    52400    ----a-w-    C:\Windows\System32\DTSPipelinePerf100.dll
2014-07-10 16:23:12    2596536    ----a-w-    C:\Windows\SysWow64\sqlncli10.dll
2014-07-10 16:22:34    2863272    ----a-w-    C:\Windows\System32\sqlncli10.dll
2014-07-10 16:22:30    474792    ----a-w-    C:\Windows\System32\SqlServerSpatial.dll
2014-07-09 02:03:23    7168    ----a-w-    C:\Windows\System32\KBDYAK.DLL
2014-07-09 02:03:22    7168    ----a-w-    C:\Windows\System32\KBDBASH.DLL
2014-07-09 01:31:41    6656    ----a-w-    C:\Windows\SysWow64\KBDBASH.DLL
2014-07-06 03:39:54    76152    ----a-w-    C:\Windows\System32\PnkBstrA.exe
2014-07-05 20:26:06    76888    ----a-w-    C:\Windows\SysWow64\PnkBstrA.exe
2014-06-18 02:18:30    692736    ----a-w-    C:\Windows\System32\osk.exe
2014-06-18 01:51:32    646144    ----a-w-    C:\Windows\SysWow64\osk.exe
.
============= FINISH: 14:05:13.09 ===============
 

Attached Files


Edited by BillPax2000, 07 September 2014 - 02:29 PM.


BC AdBot (Login to Remove)

 


#2 shelf life

shelf life

  • Malware Response Team
  • 2,649 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:09:01 AM

Posted 08 September 2014 - 02:11 PM

Hi,

 

If you still need help:

 

We will get two downloads to use. The first one is Malwarebytes. Download, install update and do a full scan. These direction are old as the GUI has changed but you can figure it out:

 

Please download the free version of Malwarebytes to your desktop.

Double-click mbam-setup.exe and follow the prompts to install the program.

Be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.

If an update is found, it will download and install the latest version.

Once the program has loaded, select Perform FULL SCAN, then click Scan.
When the scan is complete, click OK, then Show Results to view the results.

Be sure that everything is checked, and click  *Remove Selected.*

*A restart of your computer may be required to remove some items. If prompted please restart your computer to complete the fix.*

When completed, a log will open in Notepad. Please save it to a convenient location. The log can also be opened by going to Start > All Programs > Malwarebytes' Anti-Malware > Logs > log-date.txt
Post the log in your reply.

 

Next download is FRST.exe:

Please download Farbar Recovery Scan Tool and save it to your Desktop.

http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, that will be the right version. Looks like you can run the 64 bit version.

    Right-click FRST then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).
    When the tool opens
    click Yes to disclaimer.
    Press the Scan button.
    When finished, it will produce a log called FRST.txt in the same directory the tool was run from, your desktop
    Please copy and paste the log in your next reply.

The first time the tool is run it generates another log (Addition.txt - also located in the same directory the tool was run from). Please also paste that, along with the FRST.txt into your next reply.

 


How Can I Reduce My Risk to Malware?


#3 BillPax2000

BillPax2000
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:01 AM

Posted 09 September 2014 - 03:34 AM

Thank you for your help and time shelf life! I followed all of your instructions and have provided all the text files you asked of me below. I'd also like to offer a quick update on some new developments.

 

For starters I ran MalwareBytes and it didn't seem to find anything. (maybe the log says differently, but  I didn't have to quarantine or remove anything).

 

Also, now I am having video files that will pop up and run from seemingly nowhere. It just seems to be getting worse. The other things mentioned in the first post are still the same as well. I hope these logs help.

 

Again, thank you for your time and help!

 

 

Malwarebytes Log below:

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 9/8/2014
Scan Time: 11:28:57 PM
Logfile: mbam-log--2014-09-08 (23-28-31).txt
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.09.08.10
Rootkit Database: v2014.08.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: John
 
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 783529
Time Elapsed: 3 hr, 38 min, 38 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
 
FRST.txt log below:
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-09-2014 01
Ran by John (administrator) on JOHN-PC on 09-09-2014 03:15:24
Running from C:\Users\John\Downloads
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(The Within Network, LLC) C:\Windows\UnsignedThemesSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Foxit Corporation) C:\Program Files (x86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe
() C:\Windows\System32\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
() C:\Program Files (x86)\TESORO Gaming\DURANDAL ULTIMATE Gaming Keyboard\HID.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [4035152 2011-09-22] (ESET)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ione] => C:\Program Files (x86)\TESORO Gaming\DURANDAL ULTIMATE Gaming Keyboard\HID.exe [2019840 2011-11-05] ()
HKLM-x32\...\Run: [NCUpdateHelper] => C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exe
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-01-31] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files (x86)\Malwarebytes' Anti-Malware <====== ATTENTION
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4149445323-100481788-2190966186-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3514176 2011-11-10] (DT Soft Ltd)
HKU\S-1-5-21-4149445323-100481788-2190966186-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2014-01-31] (AMD)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.yahoo.com/?fr=w3i&type=W3i_SP,204,0_0,StartPage,20111249,16897,0,6,0
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x6EE8838512B2CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {DE27BAB6-AA84-44B0-BADF-1855564449F1} URL = http://search.yahoo.com/search?p={searchterms}&ei=UTF-8&fr=w3i&type=W3i_DS,105,0_0,Search,20111249,6900,0,6,0
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: FlashGetBHO -> {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} -> C:\Users\John\AppData\Roaming\FlashGetBHO\FlashGetBHO.dll (Trend Media Group)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/select/asusTek_sys_ctrl3.cab
DPF: HKLM-x32 {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: HKLM-x32 {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 01 %SystemRoot%\System32\mswsock.dll [327168] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ve0xze9a.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/esnlaunch,version=1.132.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.140.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @raidcall.com/RCplugin -> C:\Users\John\AppData\LocalLow\raidcall\plugins\webplugin.dll (Raidcall)
FF Plugin-x32: @raidcall.kr/RCplugin -> C:\Users\John\AppData\Roaming\RCKR\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @real.com/nppl3260;version=15.0.5.109 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.5.109 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.5.109 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin -> C:\Users\John\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\John\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
FF Extension: MEGA - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ve0xze9a.default\Extensions\firefox@mega.co.nz.xpi [2014-03-25]
FF Extension: Enhanced Steam - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ve0xze9a.default\Extensions\jid0-SmvlvxGpvCyG252KbVMqIKR79Uc@jetpack.xpi [2013-12-19]
FF Extension: Prevent Tab Overflow - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ve0xze9a.default\Extensions\noverflow@sdrocking.com.xpi [2013-10-16]
FF Extension: Tab Scope - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ve0xze9a.default\Extensions\tabscope@xuldev.org.xpi [2013-10-16]
FF Extension: YouTube High Definition - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ve0xze9a.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2014-07-09]
FF Extension: Download YouTube Videos as MP4 - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ve0xze9a.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2013-10-16]
FF Extension: Adblock Plus - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ve0xze9a.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-16]
FF Extension: Tab Mix Plus - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ve0xze9a.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2013-10-16]
FF Extension: DownThemAll! - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\ve0xze9a.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-04-26]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-11-02]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR DefaultSearchKeyword: Default -> 1C03C85D6C478B566E5D25972DBDD02DCC410D58041C76ACD7CC94ECF9B062A8
CHR DefaultSearchURL: Default -> C8C650C85626CF12D6851D9D3D2AE45C2DB15E8AC0DF1B062E0BCED9F6C3E672
CHR Profile: C:\Users\John\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-26]
CHR Extension: (Adblock Plus) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-10-03]
CHR Extension: (OneTab) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2013-10-04]
CHR Extension: (Adblock for Youtube™) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2013-10-01]
CHR Extension: (Stylish) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2013-02-11]
CHR Extension: (EditThisCookie) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2013-10-02]
CHR Extension: (Google Wallet) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Battlelog Emblem Editor Extended) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\noagedoiolkfaoaknohhepocfeooibjb [2014-01-09]
CHR Extension: (PS4 Community) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjjpckogcnandicdbgalnnemhkaobabb [2013-10-04]
CHR Extension: (No Name) - C:\Users\John\Local Settings\Application Data\Google\Chrome\User Data\Default\Default\aagddjgedgdcgggcddgddbgededidige [2012-12-17]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S4 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe [918448 2011-10-29] () [File not signed]
S4 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.18\aaHMSvc.exe [950912 2011-12-29] (ASUSTeK Computer Inc.)
S4 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
S4 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [74912 2011-03-13] (Atheros Commnucations) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [974944 2011-09-22] (ESET)
R2 FoxitCloudUpdateService; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe [242216 2014-06-17] (Foxit Corporation)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-23] (Hewlett-Packard Co.) [File not signed]
S3 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [62379184 2014-07-10] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4323256 2011-03-28] (INCA Internet Co., Ltd.) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-07-05] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-07-05] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
S4 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [32984 2013-07-10] (Razer)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [442536 2014-07-10] (Microsoft Corporation)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [File not signed]
R2 UnsignedThemes; C:\Windows\UnsignedThemesSvc.exe [24168 2009-07-13] (The Within Network, LLC)
S4 BrlAPI; C:\cygwin\bin\cygrunsrv.exe [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R3 CorsairCAHS1; C:\Windows\System32\drivers\CAHS164.sys [1308160 2011-06-16] (C-Media Electronics Inc)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2011-12-04] (DT Soft Ltd)
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [202576 2011-08-09] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [146432 2011-08-04] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [137144 2011-08-04] (ESET)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-08] (QUALCOMM Incorporated)
R3 I1KBFLTR; C:\Windows\System32\drivers\I1KBFLTR.sys [29440 2011-10-19] ()
S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
S4 RsFx0153; C:\Windows\System32\DRIVERS\RsFx0153.sys [322736 2014-07-10] (Microsoft Corporation)
R3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [128856 2013-07-10] (Razer USA Ltd)
R0 RzFilter; C:\Windows\System32\drivers\RzFilter.sys [74456 2013-07-10] (Razer USA Ltd)
R2 uxpatch; C:\Windows\system32\drivers\uxpatch.sys [30568 2009-07-13] ()
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\John\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 dump_wmimmc; \??\C:\Program Files (x86)\NCsoft\Lineage II\system\GameGuard\dump_wmimmc.sys [X]
S3 NPPTNT2; \??\C:\Windows\system32\npptNT2.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-09 03:15 - 2014-09-09 03:16 - 00023354 _____ () C:\Users\John\Downloads\FRST.txt
2014-09-09 03:15 - 2014-09-09 03:15 - 00000000 ____D () C:\FRST
2014-09-09 03:14 - 2014-09-09 03:14 - 02105344 _____ (Farbar) C:\Users\John\Downloads\FRST64.exe
2014-09-08 23:27 - 2014-09-08 23:28 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-08 23:27 - 2014-09-08 23:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-08 23:27 - 2014-09-08 23:27 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-08 23:27 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-08 23:27 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-08 23:27 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-08 21:24 - 2014-09-08 21:24 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\John\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-08 21:15 - 2014-09-08 21:15 - 00021249 _____ () C:\Users\John\Documents\KC03P66.lab2.txt
2014-09-07 16:21 - 2014-09-07 16:21 - 00008281 _____ () C:\Users\John\Downloads\SMTP_Capture.pcap
2014-09-07 16:21 - 2014-09-07 16:21 - 00008172 _____ () C:\Users\John\Downloads\POP3_Capture.pcap
2014-09-07 14:05 - 2014-09-07 14:06 - 00023626 _____ () C:\Users\John\Desktop\dds.txt
2014-09-07 14:05 - 2014-09-07 14:06 - 00018679 _____ () C:\Users\John\Desktop\attach.txt
2014-09-07 14:02 - 2014-09-07 14:02 - 00688992 ____R (Swearware) C:\Users\John\Downloads\dds.com
2014-09-07 09:40 - 2014-09-07 09:40 - 00000000 ____D () C:\Users\John\Downloads\P8Z68-V-GEN3-ASUS-3603-win7_8
2014-09-07 09:14 - 2014-09-07 09:14 - 00276824 _____ () C:\Windows\Minidump\090714-80168-01.dmp
2014-09-06 22:00 - 2014-09-06 22:00 - 01844903 _____ ( ) C:\Users\John\Downloads\vista127_2012-11-06.exe
2014-09-06 22:00 - 2014-09-06 22:00 - 00000000 ____D () C:\Users\John\Documents\TomBrennanSoftware
2014-09-06 22:00 - 2014-09-06 22:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vista TN3270
2014-09-06 22:00 - 2014-09-06 22:00 - 00000000 ____D () C:\Program Files (x86)\TomBrennanSoftware
2014-09-05 21:10 - 2014-09-06 01:27 - 00000000 ____D () C:\ProgramData\EvezNexn
2014-09-05 12:18 - 2014-09-05 12:19 - 00000000 ____D () C:\Users\John\Downloads\Kiara's Debut
2014-09-05 10:19 - 2014-09-05 10:19 - 00000027 _____ () C:\Windows\SysWOW64\u
2014-09-05 10:01 - 2014-09-05 10:01 - 00043187 _____ () C:\ComboFix.txt
2014-09-04 17:00 - 2014-09-07 10:33 - 00003336 _____ () C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4149445323-100481788-2190966186-1000
2014-09-04 17:00 - 2014-09-07 10:33 - 00003200 _____ () C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4149445323-100481788-2190966186-1000
2014-09-03 08:38 - 2014-09-03 08:38 - 00000000 ____D () C:\Users\John\AppData\Local\Adobe
2014-09-03 08:33 - 2014-09-03 08:33 - 00000000 ____D () C:\Users\John\Downloads\Dead.Space.Duology.2008-2011.720p.BluRay.x264-Pack
2014-09-02 06:34 - 2013-08-23 12:04 - 01093032 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2014-09-02 06:34 - 2013-08-23 12:04 - 00972712 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2014-09-01 22:59 - 2014-09-01 22:59 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-09-01 22:58 - 2014-09-01 22:58 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-01 21:28 - 2014-09-01 21:28 - 02399708 _____ () C:\Users\John\Desktop\Jonathan Koger Assingment 1 CIS 4348.pcapng
2014-09-01 08:47 - 2014-09-01 08:47 - 01913344 _____ () C:\Users\John\Desktop\CIS4348_ch01.ppt
2014-09-01 08:03 - 2014-09-01 08:03 - 00000000 _____ () C:\Windows\system32\uwabq.dll
2014-09-01 08:02 - 2014-09-01 08:02 - 00079360 _____ () C:\Windows\system32\lctxjkp.dll
2014-09-01 08:02 - 2014-09-01 08:02 - 00003860 _____ () C:\Windows\System32\Tasks\{3BFAA245-BA2C-EF9D-8139-5FBA05A29A93}
2014-09-01 07:56 - 2014-09-01 07:56 - 00000000 ____D () C:\Users\John\AppData\Roaming\Wireshark
2014-09-01 07:25 - 2014-09-01 07:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2014-09-01 07:25 - 2014-09-01 07:25 - 00000000 ____D () C:\Program Files (x86)\WinPcap
2014-09-01 07:24 - 2014-09-01 07:57 - 00001819 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2014-09-01 07:24 - 2014-09-01 07:25 - 00000000 ____D () C:\Program Files\Wireshark
2014-08-29 10:53 - 2014-08-29 10:53 - 00000022 _____ () C:\Users\John\Desktop\BF4 servers cant play.txt
2014-08-29 09:12 - 2014-08-29 10:03 - 218793246 _____ () C:\Users\John\Downloads\Ryuta,_Chichi_Nikurin_(www.hentairules.net)_(English).zip
2014-08-28 19:23 - 2014-08-28 19:23 - 00276824 _____ () C:\Windows\Minidump\082814-56706-01.dmp
2014-08-27 18:49 - 2014-08-22 21:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 18:49 - 2014-08-22 20:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 18:49 - 2014-08-22 19:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 11:34 - 2014-08-27 11:34 - 00000000 ____D () C:\Users\John\Desktop\Books
2014-08-25 22:28 - 2014-08-25 22:28 - 00000000 ____D () C:\Users\John\Downloads\MM-F4F
2014-08-25 22:27 - 2014-08-25 22:28 - 07085788 _____ () C:\Users\John\Downloads\MM-F4F.rar
2014-08-21 12:32 - 2014-08-21 20:22 - 00000000 ____D () C:\Users\John\Downloads\[gg]_Valvrave_The _Liberator_[ep01-24][720p]
2014-08-20 14:35 - 2014-05-14 11:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-20 14:35 - 2014-05-14 11:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-20 14:35 - 2014-05-14 11:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-20 14:35 - 2014-05-14 11:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-20 14:35 - 2014-05-14 11:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-20 14:35 - 2014-05-14 11:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-20 14:35 - 2014-05-14 11:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-20 14:35 - 2014-05-14 11:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-20 14:35 - 2014-05-14 11:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-20 14:35 - 2014-05-14 11:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-20 14:34 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-20 14:34 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-20 14:34 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-20 14:34 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-19 14:50 - 2014-08-19 14:50 - 00001092 _____ () C:\Users\John\Desktop\Milftoon Beach V3.91.lnk
2014-08-17 14:02 - 2014-08-17 14:02 - 00000711 _____ () C:\Users\John\Desktop\Final fantasy xiv guide.txt
2014-08-13 02:56 - 2014-07-10 11:23 - 00083632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perf-MSSQL$SQLEXPRESS-sqlctr10.52.4033.0.dll
2014-08-13 02:56 - 2014-07-10 11:22 - 00115888 _____ (Microsoft Corporation) C:\Windows\system32\SQSRVRES.DLL
2014-08-13 02:56 - 2014-07-10 11:22 - 00089264 _____ (Microsoft Corporation) C:\Windows\system32\perf-MSSQL$SQLEXPRESS-sqlctr10.52.4033.0.dll
2014-08-13 02:45 - 2014-06-30 17:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-13 02:45 - 2014-06-30 17:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-13 02:45 - 2014-06-06 01:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-13 02:45 - 2014-06-06 01:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 02:45 - 2014-03-09 16:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-13 02:45 - 2014-03-09 16:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-13 02:45 - 2014-03-09 16:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-13 02:45 - 2014-03-09 16:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-13 02:42 - 2014-07-31 18:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 02:42 - 2014-07-31 18:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 02:42 - 2014-07-25 09:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 02:42 - 2014-07-25 09:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 02:42 - 2014-07-25 09:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 02:42 - 2014-07-25 08:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 02:42 - 2014-07-25 08:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 02:42 - 2014-07-25 08:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 02:42 - 2014-07-25 08:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 02:42 - 2014-07-25 08:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 02:42 - 2014-07-25 08:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 02:42 - 2014-07-25 08:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 02:42 - 2014-07-25 08:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 02:42 - 2014-07-25 08:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 02:42 - 2014-07-25 08:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 02:42 - 2014-07-25 08:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 02:42 - 2014-07-25 08:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 02:42 - 2014-07-25 07:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 02:42 - 2014-07-25 07:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 02:42 - 2014-07-25 07:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 02:42 - 2014-07-25 07:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 02:42 - 2014-07-25 07:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 02:42 - 2014-07-25 07:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 02:42 - 2014-07-25 07:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 02:42 - 2014-07-25 07:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 02:42 - 2014-07-25 07:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 02:42 - 2014-07-25 07:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 02:42 - 2014-07-25 07:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 02:42 - 2014-07-25 07:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 02:42 - 2014-07-25 07:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 02:42 - 2014-07-25 07:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 02:42 - 2014-07-25 07:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 02:42 - 2014-07-25 07:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 02:42 - 2014-07-25 07:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 02:42 - 2014-07-25 07:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 02:42 - 2014-07-25 07:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 02:42 - 2014-07-25 06:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 02:42 - 2014-07-25 06:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 02:42 - 2014-07-25 06:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 02:42 - 2014-07-25 06:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 02:42 - 2014-07-25 06:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 02:42 - 2014-07-25 06:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 02:42 - 2014-07-25 06:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 02:42 - 2014-07-25 06:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 02:42 - 2014-07-25 06:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 02:42 - 2014-07-25 06:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 02:42 - 2014-07-25 06:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 02:42 - 2014-07-25 06:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 02:42 - 2014-07-25 06:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 02:42 - 2014-07-25 06:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 02:42 - 2014-07-25 05:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 02:42 - 2014-07-25 05:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 02:42 - 2014-07-25 05:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 02:42 - 2014-07-25 05:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 02:42 - 2014-07-25 05:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 02:42 - 2014-07-25 05:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 02:42 - 2014-07-15 22:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 02:42 - 2014-07-15 21:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 02:41 - 2014-07-13 21:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 02:41 - 2014-07-13 20:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 02:41 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 02:41 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 02:41 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 02:41 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 02:41 - 2014-07-08 21:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 02:41 - 2014-07-08 20:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 02:41 - 2014-07-08 20:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 02:41 - 2014-07-08 20:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 02:41 - 2014-07-08 20:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 02:41 - 2014-07-08 20:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 02:41 - 2014-07-08 17:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 02:41 - 2014-07-08 17:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 02:41 - 2014-06-03 05:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 02:41 - 2014-06-03 05:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 02:41 - 2014-06-03 05:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 02:41 - 2014-06-03 05:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 02:41 - 2014-06-03 04:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 02:41 - 2014-06-03 04:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 02:41 - 2014-06-03 04:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 02:40 - 2014-06-24 21:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 02:40 - 2014-06-24 20:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 02:40 - 2014-06-15 21:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 02:39 - 2014-08-06 21:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 02:39 - 2014-08-06 21:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-11 14:07 - 2014-08-11 14:17 - 481281902 _____ () C:\Users\John\Downloads\[HorribleSubs] Space Dandy 2 - 05 [720p].mkv
2014-08-11 14:07 - 2014-08-11 14:16 - 481336957 _____ () C:\Users\John\Downloads\[HorribleSubs] Space Dandy 2 - 06 [720p].mkv
2014-08-11 10:22 - 2014-08-11 11:59 - 00000000 ____D () C:\Users\John\Downloads\10fdzjjfngsho
2014-08-10 16:08 - 2014-08-10 16:23 - 1036398217 _____ () C:\Users\John\Downloads\incase.rar
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-09 03:16 - 2014-09-09 03:15 - 00023354 _____ () C:\Users\John\Downloads\FRST.txt
2014-09-09 03:15 - 2014-09-09 03:15 - 00000000 ____D () C:\FRST
2014-09-09 03:14 - 2014-09-09 03:14 - 02105344 _____ (Farbar) C:\Users\John\Downloads\FRST64.exe
2014-09-09 02:51 - 2012-07-13 09:24 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-09 00:26 - 2011-12-17 13:48 - 00000000 ____D () C:\Users\John\AppData\Local\CrashDumps
2014-09-08 23:28 - 2014-09-08 23:27 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-08 23:27 - 2014-09-08 23:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-08 23:27 - 2014-09-08 23:27 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-08 22:56 - 2011-12-03 04:45 - 00000000 ____D () C:\Users\John\AppData\Roaming\Skype
2014-09-08 21:24 - 2014-09-08 21:24 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\John\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-08 21:15 - 2014-09-08 21:15 - 00021249 _____ () C:\Users\John\Documents\KC03P66.lab2.txt
2014-09-08 11:57 - 2014-06-04 22:18 - 00000000 ____D () C:\Users\John\Desktop\Management 3303
2014-09-08 10:46 - 2009-07-13 23:51 - 00272898 _____ () C:\Windows\setupact.log
2014-09-08 09:51 - 2012-07-13 09:24 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-08 07:13 - 2009-07-13 23:45 - 00032032 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-08 07:13 - 2009-07-13 23:45 - 00032032 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-08 07:09 - 2011-12-03 19:44 - 01883690 _____ () C:\Windows\WindowsUpdate.log
2014-09-08 07:06 - 2011-12-03 18:40 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2014-09-08 07:06 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-07 16:21 - 2014-09-07 16:21 - 00008281 _____ () C:\Users\John\Downloads\SMTP_Capture.pcap
2014-09-07 16:21 - 2014-09-07 16:21 - 00008172 _____ () C:\Users\John\Downloads\POP3_Capture.pcap
2014-09-07 14:06 - 2014-09-07 14:05 - 00023626 _____ () C:\Users\John\Desktop\dds.txt
2014-09-07 14:06 - 2014-09-07 14:05 - 00018679 _____ () C:\Users\John\Desktop\attach.txt
2014-09-07 14:02 - 2014-09-07 14:02 - 00688992 ____R (Swearware) C:\Users\John\Downloads\dds.com
2014-09-07 13:34 - 2011-12-03 18:15 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-07 13:34 - 2011-12-03 05:21 - 00000000 ____D () C:\Program Files (x86)\NCsoft
2014-09-07 13:33 - 2013-09-24 06:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCWest
2014-09-07 13:33 - 2013-09-24 06:27 - 00000000 ____D () C:\Program Files (x86)\NCWest
2014-09-07 10:33 - 2014-09-04 17:00 - 00003336 _____ () C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4149445323-100481788-2190966186-1000
2014-09-07 10:33 - 2014-09-04 17:00 - 00003200 _____ () C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4149445323-100481788-2190966186-1000
2014-09-07 10:13 - 2011-12-03 18:16 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-09-07 09:45 - 2009-07-14 00:13 - 00879956 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-07 09:42 - 2011-12-03 18:14 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-09-07 09:40 - 2014-09-07 09:40 - 00000000 ____D () C:\Users\John\Downloads\P8Z68-V-GEN3-ASUS-3603-win7_8
2014-09-07 09:14 - 2014-09-07 09:14 - 00276824 _____ () C:\Windows\Minidump\090714-80168-01.dmp
2014-09-07 09:14 - 2012-02-12 13:32 - 00000000 ____D () C:\Windows\Minidump
2014-09-07 09:14 - 2012-02-12 13:31 - 746133723 _____ () C:\Windows\MEMORY.DMP
2014-09-07 08:45 - 2010-11-20 22:47 - 00252586 _____ () C:\Windows\PFRO.log
2014-09-06 22:00 - 2014-09-06 22:00 - 01844903 _____ ( ) C:\Users\John\Downloads\vista127_2012-11-06.exe
2014-09-06 22:00 - 2014-09-06 22:00 - 00000000 ____D () C:\Users\John\Documents\TomBrennanSoftware
2014-09-06 22:00 - 2014-09-06 22:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vista TN3270
2014-09-06 22:00 - 2014-09-06 22:00 - 00000000 ____D () C:\Program Files (x86)\TomBrennanSoftware
2014-09-06 10:50 - 2014-03-03 09:47 - 00000639 _____ () C:\Users\John\Desktop\Destiny Trading Cards.txt
2014-09-06 01:27 - 2014-09-05 21:10 - 00000000 ____D () C:\ProgramData\EvezNexn
2014-09-05 14:47 - 2011-12-03 05:14 - 00000000 ____D () C:\Users\John\AppData\Roaming\uTorrent
2014-09-05 12:19 - 2014-09-05 12:18 - 00000000 ____D () C:\Users\John\Downloads\Kiara's Debut
2014-09-05 11:13 - 2012-07-18 10:08 - 00000000 ____D () C:\ProgramData\Origin
2014-09-05 10:19 - 2014-09-05 10:19 - 00000027 _____ () C:\Windows\SysWOW64\u
2014-09-05 10:17 - 2013-06-23 17:01 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-09-05 10:17 - 2013-06-23 17:01 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-09-05 10:15 - 2012-07-18 10:07 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-05 10:14 - 2012-07-18 16:57 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-09-05 10:07 - 2012-07-07 10:05 - 00000000 ____D () C:\Users\John\AppData\Local\{DE0965C9-D483-4DE4-AC6D-EF66ADDCB23B}
2014-09-05 10:01 - 2014-09-05 10:01 - 00043187 _____ () C:\ComboFix.txt
2014-09-05 10:01 - 2012-10-04 21:58 - 00000000 ____D () C:\Qoobox
2014-09-05 09:58 - 2009-07-13 21:34 - 00000215 _____ () C:\Windows\system.ini
2014-09-05 09:39 - 2014-07-19 15:02 - 05576440 ____R (Swearware) C:\Users\John\Downloads\ComboFix.exe
2014-09-05 09:30 - 2013-11-10 08:59 - 00000000 ____D () C:\Users\John\Downloads\Windows 7 Professional 32bit {HMP}
2014-09-05 09:30 - 2013-11-03 09:46 - 00000000 ____D () C:\Users\John\Downloads\Windows 8 theme
2014-09-04 05:32 - 2013-10-30 07:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-03 08:39 - 2014-04-29 11:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-03 08:38 - 2014-09-03 08:38 - 00000000 ____D () C:\Users\John\AppData\Local\Adobe
2014-09-03 08:38 - 2012-03-31 20:13 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-03 08:38 - 2011-12-03 04:44 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-03 08:33 - 2014-09-03 08:33 - 00000000 ____D () C:\Users\John\Downloads\Dead.Space.Duology.2008-2011.720p.BluRay.x264-Pack
2014-09-02 06:34 - 2012-01-25 00:22 - 00000000 ____D () C:\Program Files\Java
2014-09-01 23:01 - 2012-03-09 20:31 - 00000000 ____D () C:\Program Files (x86)\Java
2014-09-01 22:59 - 2014-09-01 22:59 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-09-01 22:59 - 2014-08-06 11:51 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-09-01 22:59 - 2014-08-06 11:51 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-09-01 22:59 - 2014-08-06 11:51 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-09-01 22:59 - 2013-08-23 12:04 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-09-01 22:59 - 2012-03-09 20:32 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-09-01 22:59 - 2012-03-09 20:32 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-09-01 22:59 - 2012-03-09 20:32 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-09-01 22:58 - 2014-09-01 22:58 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-01 21:28 - 2014-09-01 21:28 - 02399708 _____ () C:\Users\John\Desktop\Jonathan Koger Assingment 1 CIS 4348.pcapng
2014-09-01 09:34 - 2013-08-29 07:31 - 00000000 ____D () C:\Users\John\Documents\Visual Studio 2012
2014-09-01 08:47 - 2014-09-01 08:47 - 01913344 _____ () C:\Users\John\Desktop\CIS4348_ch01.ppt
2014-09-01 08:03 - 2014-09-01 08:03 - 00000000 _____ () C:\Windows\system32\uwabq.dll
2014-09-01 08:02 - 2014-09-01 08:02 - 00079360 _____ () C:\Windows\system32\lctxjkp.dll
2014-09-01 08:02 - 2014-09-01 08:02 - 00003860 _____ () C:\Windows\System32\Tasks\{3BFAA245-BA2C-EF9D-8139-5FBA05A29A93}
2014-09-01 07:57 - 2014-09-01 07:24 - 00001819 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2014-09-01 07:56 - 2014-09-01 07:56 - 00000000 ____D () C:\Users\John\AppData\Roaming\Wireshark
2014-09-01 07:25 - 2014-09-01 07:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2014-09-01 07:25 - 2014-09-01 07:25 - 00000000 ____D () C:\Program Files (x86)\WinPcap
2014-09-01 07:25 - 2014-09-01 07:24 - 00000000 ____D () C:\Program Files\Wireshark
2014-08-29 10:53 - 2014-08-29 10:53 - 00000022 _____ () C:\Users\John\Desktop\BF4 servers cant play.txt
2014-08-29 10:03 - 2014-08-29 09:12 - 218793246 _____ () C:\Users\John\Downloads\Ryuta,_Chichi_Nikurin_(www.hentairules.net)_(English).zip
2014-08-28 19:23 - 2014-08-28 19:23 - 00276824 _____ () C:\Windows\Minidump\082814-56706-01.dmp
2014-08-28 05:51 - 2009-07-13 23:45 - 05045072 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 11:34 - 2014-08-27 11:34 - 00000000 ____D () C:\Users\John\Desktop\Books
2014-08-25 22:28 - 2014-08-25 22:28 - 00000000 ____D () C:\Users\John\Downloads\MM-F4F
2014-08-25 22:28 - 2014-08-25 22:27 - 07085788 _____ () C:\Users\John\Downloads\MM-F4F.rar
2014-08-23 06:05 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-08-22 21:07 - 2014-08-27 18:49 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-22 20:45 - 2014-08-27 18:49 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-22 19:59 - 2014-08-27 18:49 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-21 20:22 - 2014-08-21 12:32 - 00000000 ____D () C:\Users\John\Downloads\[gg]_Valvrave_The _Liberator_[ep01-24][720p]
2014-08-19 14:50 - 2014-08-19 14:50 - 00001092 _____ () C:\Users\John\Desktop\Milftoon Beach V3.91.lnk
2014-08-17 14:02 - 2014-08-17 14:02 - 00000711 _____ () C:\Users\John\Desktop\Final fantasy xiv guide.txt
2014-08-15 08:28 - 2014-08-09 21:06 - 00000000 ____D () C:\Users\John\Downloads\Naruto Complete Series + Movies Uncut
2014-08-15 00:03 - 2013-01-30 01:36 - 00000000 ____D () C:\Steam
2014-08-13 08:25 - 2012-04-15 11:20 - 00000000 ___RD () C:\Users\John\Podcasts
2014-08-13 04:48 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-13 03:09 - 2011-12-04 09:27 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-13 03:02 - 2013-08-21 01:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-13 02:56 - 2011-12-03 04:41 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-13 02:53 - 2013-08-29 07:15 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-08-13 02:53 - 2013-05-04 13:07 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2014-08-13 02:44 - 2014-05-07 00:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-11 14:17 - 2014-08-11 14:07 - 481281902 _____ () C:\Users\John\Downloads\[HorribleSubs] Space Dandy 2 - 05 [720p].mkv
2014-08-11 14:16 - 2014-08-11 14:07 - 481336957 _____ () C:\Users\John\Downloads\[HorribleSubs] Space Dandy 2 - 06 [720p].mkv
2014-08-11 11:59 - 2014-08-11 10:22 - 00000000 ____D () C:\Users\John\Downloads\10fdzjjfngsho
2014-08-10 16:23 - 2014-08-10 16:08 - 1036398217 _____ () C:\Users\John\Downloads\incase.rar
 
Some content of TEMP:
====================
C:\Users\John\AppData\Local\Temp\_is9CCB.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!
 
 
LastRegBack: 2014-09-06 00:18
 
==================== End Of Log ============================
 
Addition.txt log below:
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-09-2014 01
Ran by John at 2014-09-09 03:16:22
Running from C:\Users\John\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: ESET NOD32 Antivirus 5.0 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET NOD32 Antivirus 5.0 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
 Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.3.0.29625 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ACDSee Pro 6 (HKLM\...\{CAF674E0-808C-4CF4-8868-A755EBABA228}) (Version: 6.1.197 - ACD Systems International Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Reader X (10.1.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.4.634 - Adobe Systems, Inc.)
Alien Swarm (HKLM-x32\...\Steam App 630) (Version:  - Valve)
Aliens vs. Predator (HKLM-x32\...\Steam App 10680) (Version:  - Rebellion)
AMD Accelerated Video Transcoding (Version: 13.30.100.40131 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0131.1535.27922 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{8D2C98CB-7D5D-25CE-C72B-3F2C257F0284}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80830.1925 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{75104836-CAC7-444E-A39E-3F54151942F5}) (Version: 4.0.0.97 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.3.2.3825 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.5.1 - EA Digital Illusions CE AB)
Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2012 ENU resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.65 - Atheros Communications)
BOOK☆WALKER Viewer for PC β (HKLM-x32\...\jp.bookwalker.PCViewer) (Version: 0.9.6 - BOOKWALKER Co. Ltd.)
BOOK☆WALKER Viewer for PC β (x32 Version: 0.9.6 - BOOKWALKER Co. Ltd.) Hidden
BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)
bpd_scan_ent (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden
CameraHelperMsi (x32 Version: 13.31.1038.0 - Logitech) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0131.1535.27922 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0405.2205.37728 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0611.1251.21046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0928.1532.26058 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0131.1535.27922 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0131.1535.27922 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0131.1535.27922 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.03 - Piriform)
CDisplay 1.8 (HKLM-x32\...\CDisplay_is1) (Version:  - dvd8n)
Citrix Online Launcher (HKLM-x32\...\{3E7E6F1E-7376-475A-8BC9-E3126B20CF5F}) (Version: 1.0.198 - Citrix)
Combined Community Codec Pack 2013-05-30 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2013.05.30.0 - CCCP Project)
Core Temp 1.0 RC2 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Corsair USB Headset (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392DDDFB7}) (Version: 1.00.0007 - )
CPUID CPU-Z 1.59 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CPUID HWMonitor 1.23 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.1.0236 - DT Soft Ltd)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{132D27B8-C656-44BD-8C16-73C54EA8A85F}) (Version:  - Microsoft)
Deus Ex: Human Revolution (HKLM-x32\...\Steam App 28050) (Version:  - Eidos Montreal)
DiskCheckup v3.1 (HKLM-x32\...\DiskCheckup_is1) (Version: 3.1.1005 - PassMark Software)
Divinity: Original Sin (HKLM-x32\...\Steam App 230230) (Version:  - Larian Studios)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Driver Sweeper version 3.2.0 (HKLM-x32\...\{5A67D2EA-FB70-4033-A6F3-606AD85B2015}_is1) (Version: 3.2.0 - Phyxion.net)
DURANDAL ULTIMATE Gaming Keyboard (HKLM-x32\...\{0A44DD90-F172-4D9E-8ED5-06950691A0E0}_is1) (Version:  - )
Endless Space (HKLM-x32\...\Steam App 208140) (Version:  - Amplitude Studios)
Enterprise (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{0A1A1D48-DB23-443A-BC7B-49255D138020}) (Version: 11.1.20702.00 - Microsoft Corporation)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET NOD32 Antivirus (HKLM\...\{587F20B7-4193-4400-B404-C6E3E1919BCA}) (Version: 5.0.95.0 - ESET, spol. s r.o.)
FlashGet3.7 (HKLM-x32\...\FlashGet3.7) (Version: 3.7.0.1203 - http://www.FlashGet.com)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.5.129.617 - Foxit Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.1.618 - Foxit Corporation)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
GDR 4033 for SQL Server 2008 R2 (KB2977320) (64-bit) (HKLM\...\KB2977320) (Version: 10.52.4033.0 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Happy Cloud Client (HKCU\...\HappyCloud) (Version: 4.54 - Happy Cloud, Inc.)
HP Officejet 6500 E709 Series Corporate Edition 14.0 (HKLM\...\{35E408D1-4C4B-41cb-8C1C-AA39CC2FC0EA}) (Version: 14.0 - HP)
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
ICQ7M (HKLM-x32\...\{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}) (Version: 7.8 - ICQ)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 15.4 - Intel)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
IntelliJ IDEA Community Edition 13.1.4 (HKLM-x32\...\IntelliJ IDEA Community Edition 13.1.4) (Version: 135.1230 - JetBrains s.r.o.)
iTunes (HKLM\...\{6CFB1B20-ECAE-488F-9FFB-6AD420882E71}) (Version: 10.5.1.42 - Apple Inc.)
Java 8 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418020F0}) (Version: 8.0.200 - Oracle Corporation)
Java 8 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218020F0}) (Version: 8.0.200 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.20.26 - Oracle Corporation) Hidden
Java SE Development Kit 7 Update 17 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170170}) (Version: 1.7.0.170 - Oracle)
Java SE Development Kit 8 Update 11 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180110}) (Version: 8.0.110 - Oracle Corporation)
Java™ SE Development Kit 7 Update 2 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170020}) (Version: 1.7.0.20 - Oracle)
JavaFX 2.0.2 (64-bit) (HKLM\...\{1111706F-666A-4037-7777-202648764D10}) (Version: 2.0.2 - Oracle Corporation)
JavaFX 2.0.2 SDK (64-bit) (HKLM\...\{2222706F-666A-4037-7777-202648764D10}) (Version: 2.0.2 - Oracle Corporation)
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.58.2 - JMicron Technology Corp.)
LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
LocalESPCui for en-us (x32 Version: 8.59.25584 - Microsoft) Hidden
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.30 - Logitech Inc.)
LWS Facebook (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Gallery (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Help_main (x32 Version: 13.31.1044.0 - Logitech) Hidden
LWS Launcher (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Motion Detection (x32 Version: 13.30.1395.0 - Logitech) Hidden
LWS Pictures And Video (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Twitter (x32 Version: 13.30.1346.0 - Logitech) Hidden
LWS Video Mask Maker (x32 Version: 13.30.1379.0 - Logitech) Hidden
LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden
LWS Webcam Software (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS WLM Plugin (x32 Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (x32 Version: 13.31.1038.0 - Logitech) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mars: War Logs (HKLM-x32\...\Steam App 232750) (Version:  - Spiders)
MegaTrainer eXperience V1.2.1.3 (HKLM-x32\...\MegaTrainer eXperience_is1) (Version:  - )
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft AppLocale (HKLM-x32\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)
Microsoft ASP.NET MVC 3 - Visual Studio 2012 Tools Update (x32 Version: 3.0.30710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{DCDEC776-BADD-48B9-8F9A-DFF513C3D7FA}) (Version: 3.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools (x32 Version: 4.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (x32 Version: 4.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools (x32 Version: 1.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools (x32 Version: 2.0.20710.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages 2 Runtime (x32 Version: 2.0.20710.0 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE  (HKLM-x32\...\{4D243BA7-9AC4-46D1-90E5-EEB88974F501}) (Version: 2.0.687.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2012 Core (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2012 CoreRes - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft NuGet - Visual Studio 2012 (x32 Version: 2.0.30625.9003 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4029.0217 - Microsoft Corporation)
Microsoft Portable Library Multi-Targeting Pack (x32 Version: 11.0.50709.17929 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - enu (x32 Version: 11.0.50709.17929 - Microsoft Corporation) Hidden
Microsoft Report Viewer Add-On for Visual Studio 2012 (x32 Version: 11.1.2802.16 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK (HKLM-x32\...\{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (Version:  - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{E8F7904A-4780-4F3F-B153-21BE32857120}) (Version: 10.52.4033.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 RsFx Driver (Version: 10.52.4033.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{1D4A3734-9328-440F-960C-42B4CE481EB4}) (Version: 10.52.4033.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20627.00) (HKLM-x32\...\{FA804794-2CCB-4301-954F-2C2894698876}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) (HKLM-x32\...\{790E9425-8570-493F-9AE7-81AFC9E46930}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{877B76B2-F83F-4F5A-B28D-3F398641ADB6}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012  x64 Designtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers - ENU Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Core Libraries (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Extended Libraries (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Microsoft Foundation Class Libraries (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50701 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50706 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Devenv (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Devenv Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Performance Collection Tools - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Performance Collection Tools (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Preparation (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 SharePoint Developer Tools (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 SharePoint Developer Tools ENU Language Pack (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU (x32 Version: 4.0.8876.1 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2012 - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2012 (HKLM-x32\...\{20fc1ec7-3058-48d4-80f8-e1cfd52391c7}) (Version: 11.0.50727.26 - Microsoft Corporation)
Microsoft Visual Studio Professional 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Web Deploy 3.0 (HKLM\...\{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}) (Version: 3.1236.1631 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Developer Tools - Visual Studio 2012 (x32 Version: 1.0.30710.0 - Microsoft Corporation) Hidden
Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version:  - )
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0 (x86 en-US)) (Version: 32.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Network64 (Version: 130.0.579.000 - Hewlett-Packard) Hidden
NVIDIA Install Application (Version: 2.1002.75.420 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}) (Version: 9.12.0213 - NVIDIA Corporation)
Oblivion mod manager 1.1.12 (HKLM-x32\...\Oblivion mod manager_is1) (Version:  - Timeslip)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Opera 12.15 (HKLM-x32\...\Opera 12.15.1748) (Version: 12.15.1748 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5350) (Version:  - )
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.5.02.12220 - Sony Corporation)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Rags Suite (HKLM-x32\...\{4BC51DFE-96B7-45DC-ADDE-BD062DFF0265}) (Version: 2.3.0 - RagsGame)
Razer Core (HKLM-x32\...\Razer Core) (Version: 1.0.1.16 - Razer Inc)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.4.13 - Razer USA Ltd.)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: 15.0.5 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Resident Evil 5 (HKLM-x32\...\Steam App 21690) (Version:  - Capcom)
RGSS-RTP Standard (HKLM-x32\...\{5A9FE525-8B8F-4701-A937-7F6745A4E9C7}) (Version: 1.0.0 - Enterbrain)
RPG MAKER VX Ace (HKLM-x32\...\RPGVXAce_E_is1) (Version: 1.01a - Enterbrain)
RPG MAKER VX Ace RTP (HKLM-x32\...\RPGVXAce_RTP_is1) (Version: 1.00 - Enterbrain)
RPG Maker VX RTP (HKLM-x32\...\RPG Maker VX RTP_is1) (Version: 1.02 - Enterbrain)
RPGXP (HKLM-x32\...\{9B34CAC6-738F-4A20-B428-A115C3E3474C}) (Version: 1.0.0 - Enterbrain)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Service Pack 2 for SQL Server 2008 R2 (KB2630458) (64-bit) (HKLM\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation)
Shugo Console (HKLM\...\{7757771B-6EFE-42BA-B1ED-80B6A5F0D266}) (Version: 1.0.0.0 - wearecheaters)
Sins of a Solar Empire: Rebellion (HKLM-x32\...\Steam App 204880) (Version:  - )
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
SQL Server 2008 R2 SP2 Common Files (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - )
TERA (HKCU\...\teraenmasse) (Version:  - )
The Elder Scrolls IV: Oblivion  (HKLM-x32\...\Steam App 22330) (Version:  - Bethesda Game Studios)
Titan Quest (HKLM-x32\...\Steam App 4540) (Version:  - Iron Lore Entertainment)
Unity (HKLM-x32\...\Unity) (Version: 4.5.2f1 - Unity Technologies ApS)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Visual Studio 2012 (KB2781514) (HKLM-x32\...\{56ef8912-352f-4fab-9c73-6f1c92a7127f}) (Version: 11.0.51219 - Microsoft Corporation)
UxStyle Core Beta (HKLM\...\{8E363055-15E5-4D8A-9C69-A0A9DE9A3337}) (Version: 0.2.1.1 - The Within Network, LLC)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
Vista TN3270 (HKLM-x32\...\Vista TN3270 1.27_is1) (Version:  - )
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
Visual Studio 2012 Prerequisites - ENU Language Pack (Version: 11.0.50727 - Microsoft Corporation) Hidden
Visual Studio 2012 Prerequisites (Version: 11.0.50727 - Microsoft Corporation) Hidden
Visual Studio Extensions for Windows Library for JavaScript (x32 Version: 1.0.8514.0 - Microsoft Corporation) Hidden
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows App Certification Kit Native Components (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows App Certification Kit x64 (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Mobile Device Updater Component (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Windows Runtime Intellisense Content - en-us (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Wireshark 1.12.0 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.12.0 - The Wireshark developer community, http://www.wireshark.org)
Wrye Bash (HKLM-x32\...\Wrye Bash) (Version: 0.3.0.3 - Wrye & Wrye Bash Development Team)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)
Zune (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CHS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CHT) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CSY) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (DAN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (DEU) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ELL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ESP) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (FIN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (FRA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (HUN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (IND) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ITA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (JPN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (KOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (MSL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (NLD) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (NOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PLK) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PTB) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PTG) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (RUS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (SVE) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-4149445323-100481788-2190966186-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\John\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
CustomCLSID: HKU\S-1-5-21-4149445323-100481788-2190966186-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\John\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4149445323-100481788-2190966186-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\John\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4149445323-100481788-2190966186-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\John\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4149445323-100481788-2190966186-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\John\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4149445323-100481788-2190966186-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\John\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64\FileSyncApi64.dll (Microsoft Corporation)
 
==================== Restore Points  =========================
 
05-09-2014 14:39:29 ComboFix created restore point
05-09-2014 16:32:06 Windows Update
07-09-2014 18:33:23 Removed NCsoft Launcher
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2014-09-05 09:58 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0901D4D4-A46A-4645-A0D3-72AA9D16F583} - System32\Tasks\{529CC083-FCA4-4C91-914A-C71A92176F66} => Firefox.exe http://ui.skype.com/ui/0/6.10.0.104/en/abandoninstall?page=tsMain
Task: {19CB60F8-4F8A-4158-99E5-78200DCC556C} - System32\Tasks\{A1DE519C-FB33-4CCC-BBE7-C74B23CCFD59} => Firefox.exe http://ui.skype.com/ui/0/6.9.0.106/en/abandoninstall?page=tsMain
Task: {1A821EE2-96FA-40ED-999D-84BF9B761C2C} - System32\Tasks\{8F11AED6-4E64-4738-8022-9169C9CC9160} => Firefox.exe http://ui.skype.com/ui/0/6.9.0.106/en/abandoninstall?page=tsMain
Task: {329055A9-154A-4B8B-B4D4-F261D445DE44} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4149445323-100481788-2190966186-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-06-21] (RealNetworks, Inc.)
Task: {32A6105C-66C4-4F4E-99E2-9421B28119F1} - System32\Tasks\{DF27BC4E-A7F7-4DC6-B820-CC1D71A16F56} => Firefox.exe http://ui.skype.com/ui/0/6.9.0.106/en/abandoninstall?page=tsMain
Task: {3D874EA0-163F-4C32-A6C2-8F3411F54CE0} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4149445323-100481788-2190966186-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-06-21] (RealNetworks, Inc.)
Task: {44AF8E5B-3777-4E22-9E2D-466B923EA26B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-13] (Google Inc.)
Task: {4A375B4A-7EF9-45CB-BB9E-87A43E1AB100} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: {654952C9-B91F-410E-8773-0391EB006DFD} - System32\Tasks\{16A5589B-1B15-4396-B156-B7490CF7FDF1} => Firefox.exe http://ui.skype.com/ui/0/6.9.0.106/en/abandoninstall?page=tsMain
Task: {6ED29C1B-1379-488B-ABF9-9040645EE19E} - System32\Tasks\{C623BE75-1044-4476-89B6-2F98F36E07AA} => Firefox.exe http://ui.skype.com/ui/0/6.9.0.106/en/abandoninstall?page=tsMain
Task: {79033401-A219-41D9-8B89-9580BD41DBE3} - System32\Tasks\{EC2CF961-DBEF-4A51-B534-C04190D6B611} => Firefox.exe http://ui.skype.com/ui/0/6.9.0.106/en/abandoninstall?page=tsMain
Task: {7C0E02AA-5602-41A0-AD37-EFFBF7577BAF} - System32\Tasks\{3BFAA245-BA2C-EF9D-8139-5FBA05A29A93} => C:\Windows\system32\lctxjkp.dll [2014-09-01] ()
Task: {9B07EF67-B6AC-4679-BEAB-B725671E1DCB} - System32\Tasks\{7CF56797-95E2-4877-A09C-3961F802B005} => Firefox.exe http://ui.skype.com/ui/0/6.9.0.106/en/abandoninstall?page=tsMain
Task: {AFA3EBD0-0657-46FE-8B30-A184B84DAAB5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-13] (Google Inc.)
Task: {F7B2CD14-F61B-4545-A1AA-FA04AF663B45} - System32\Tasks\{84341983-0EA3-473D-9B7F-1AC368F6E33B} => Firefox.exe http://ui.skype.com/ui/0/6.10.0.104/en/abandoninstall?page=tsMain
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-07-05 22:39 - 2014-07-05 22:39 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2010-01-09 21:17 - 2010-01-09 21:17 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 02:40 - 2010-01-21 02:40 - 08794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2011-12-03 05:20 - 2011-05-28 23:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2013-02-15 14:10 - 2011-11-05 18:08 - 02019840 _____ () C:\Program Files (x86)\TESORO Gaming\DURANDAL ULTIMATE Gaming Keyboard\HID.exe
2010-01-09 21:18 - 2010-01-09 21:18 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 02:34 - 2010-01-21 02:34 - 08793952 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-09-04 05:52 - 2014-08-29 21:49 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libglesv2.dll
2014-09-04 05:52 - 2014-08-29 21:49 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libegl.dll
2014-09-04 05:52 - 2014-08-29 21:49 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\pdf.dll
2014-09-04 05:52 - 2014-08-29 21:49 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ppGoogleNaClPluginChrome.dll
2014-09-04 05:52 - 2014-08-29 21:49 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: asComSvc => 2
MSCONFIG\Services: asHmComSvc => 2
MSCONFIG\Services: AsSysCtrlService => 2
MSCONFIG\Services: AtherosSvc => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: BrlAPI => 3
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: PMBDeviceInfoProvider => 2
MSCONFIG\Services: RzOvlMon => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: UMVPFSrv => 2
MSCONFIG\startupreg: ACPW06EN => "C:\Program Files\ACD Systems\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe" /pid ACPW06EN
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\John\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ASUS ShellProcess Execute => C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CAHS1Sound => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\CAHS1.dll,CMICtrlWnd
MSCONFIG\startupreg: CrashDumps => rundll32.exe "C:\Users\John\AppData\Local\Diagnostics\CrashDumps\iodogynlo.dll",DllRegisterServerW
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: JMB36X IDE Setup => C:\Windows\RaidTool\xInsIDE.exe
MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: NCUpdateHelper => C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
MSCONFIG\startupreg: Razer Synapse => "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
MSCONFIG\startupreg: Viber => "C:\Users\John\AppData\Local\Viber\Viber.exe"
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"
MSCONFIG\startupreg: Zune Launcher => "C:\Program Files\Zune\ZuneLauncher.exe"
 
==================== Faulty Device Manager Devices =============
 
Name: Officejet 6500 E709n
Description: Officejet 6500 E709n
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Officejet 6500 E709n
Description: Officejet 6500 E709n
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: ASUS Bluetooth
Description: ASUS Bluetooth
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/09/2014 00:19:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: netprofm.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdfd0
Exception code: 0xc0000005
Fault offset: 0x0000000000008785
Faulting process id: 0x764
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3
 
Error: (09/08/2014 07:07:40 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/07/2014 01:27:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/07/2014 10:34:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/07/2014 10:09:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/07/2014 09:28:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/07/2014 09:25:27 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )
Description: The Cryptographic Services service failed to initialize the VSS backup "System Writer" object.
 
 
Details:
Could not query the status of the EventSystem service.
 
System Error:
A system shutdown is in progress.
.
 
Error: (09/07/2014 09:15:52 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/07/2014 08:47:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/06/2014 08:41:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 32.0.0.5350, time stamp: 0x53fc3d9f
Faulting module name: mozalloc.dll, version: 32.0.0.5350, time stamp: 0x53fc0a56
Exception code: 0x80000003
Fault offset: 0x0000141b
Faulting process id: 0x3a75c
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
 
 
System errors:
=============
Error: (09/08/2014 08:45:55 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.
 
Error: (09/08/2014 08:45:35 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.
 
Error: (09/08/2014 08:45:14 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.
 
Error: (09/07/2014 09:23:57 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (09/07/2014 09:23:57 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (09/07/2014 09:23:57 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (09/07/2014 09:21:51 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (09/07/2014 09:21:51 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (09/07/2014 09:21:51 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (09/07/2014 09:18:45 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
 
Microsoft Office Sessions:
=========================
Error: (09/09/2014 00:19:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe6.1.7600.163854a5bc3c1netprofm.dll6.1.7600.163854a5bdfd0c0000005000000000000878576401cfcb5f7ef20972C:\Windows\system32\svchost.exeC:\Windows\System32\netprofm.dllefd9be0f-37e0-11e4-887b-5404a61bb046
 
Error: (09/08/2014 07:07:40 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/07/2014 01:27:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/07/2014 10:34:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/07/2014 10:09:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/07/2014 09:28:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/07/2014 09:25:27 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )
Description: 
Details:
Could not query the status of the EventSystem service.
 
System Error:
A system shutdown is in progress.
 
Error: (09/07/2014 09:15:52 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/07/2014 08:47:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/06/2014 08:41:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe32.0.0.535053fc3d9fmozalloc.dll32.0.0.535053fc0a56800000030000141b3a75c01cfca3cb67916d3C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll1559c842-3630-11e4-beaa-5404a61bb046
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-09-05 09:55:37.901
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-09-05 09:55:37.838
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-09-05 09:55:37.776
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-09-05 09:55:37.714
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-03-26 16:05:35.709
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-03-26 16:05:35.677
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-03-26 16:05:35.646
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-03-26 16:05:35.615
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-01-12 22:14:43.824
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\193991b.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-01-12 22:14:43.793
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\193991b.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-2600K CPU @ 3.40GHz
Percentage of memory in use: 45%
Total physical RAM: 8159.14 MB
Available physical RAM: 4439.19 MB
Total Pagefile: 16316.46 MB
Available Pagefile: 12397.13 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:698.63 GB) (Free:341.39 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (System Reserved) (Fixed) (Total:931.51 GB) (Free:515.99 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 583BC2D8)
Partition 1: (Active) - (Size=698.6 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 28FE5CAC)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

 



#4 shelf life

shelf life

  • Malware Response Team
  • 2,649 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:09:01 AM

Posted 09 September 2014 - 08:30 PM

ok thanks for all the info. Did you download and install WireShark and Winpcap yourself? You have some outgoing and incoming mail packet captures. If this is all you its ok.

 

I wouldnt be using this machine until its cleaned up. If powered up make sure it has no networking (internet), or just keep it powered off. Of course to check this thread it will have to be networked. After that I would disconnect.

 

Lets start with TDSSkiller.exe:

 

http://media.kaspersky.com/utilities/VirusUtilities/EN/tdsskiller.exe

Download it to your desktop. Right click and chose run as admin

Doubleclick to run, accept the disclaimers:

at the final screen click on change parameters.

Check all the boxes in the next window, click ok and finally click: Start Scan button

 

If a suspicious object is detected, the default action will be Skip, click on Continue.

 

If malicious objects are found, they will show in the Scan results
Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete

 

Once the scan is done you will find a .txt file in your root drive Local Disk, usually © labeled as: TDSSKILLER.2.8.13.0_15.10.2013_17.34.06_log.txt (version,date time) Please post the log in your reply.

 

Then we will move on from here.


How Can I Reduce My Risk to Malware?


#5 BillPax2000

BillPax2000
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:01 AM

Posted 09 September 2014 - 09:22 PM

I recently installed wireshark and winpcap on my system for a project in one of my classes.

 

I downloaded and ran the TDS killer from Kasperky Labs. It found 2 items that recommended being cured as well as a few others that were defaulted to skip. I left the ones defaulted as skip alone. I restarted my computer and hope that it has now cleaned off whatever was there. I did have another development though. Logging into my profile for the first time a command prompt window opened like it was trying to execute soemthing and then closed quickly. I am not sure if this is part of the rboot process after the TDS killer runs or not. Thought I would mention it.

 

I have to post the log in parts because it is so big. I hope that is ok.

 

 

20:47:59.0978 0x0fac  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
20:48:03.0582 0x0fac  ============================================================
20:48:03.0582 0x0fac  Current date / time: 2014/09/09 20:48:03.0582
20:48:03.0582 0x0fac  SystemInfo:
20:48:03.0582 0x0fac  
20:48:03.0582 0x0fac  OS Version: 6.1.7601 ServicePack: 1.0
20:48:03.0582 0x0fac  Product type: Workstation
20:48:03.0582 0x0fac  ComputerName: JOHN-PC
20:48:03.0582 0x0fac  UserName: John
20:48:03.0582 0x0fac  Windows directory: C:\Windows
20:48:03.0582 0x0fac  System windows directory: C:\Windows
20:48:03.0582 0x0fac  Running under WOW64
20:48:03.0582 0x0fac  Processor architecture: Intel x64
20:48:03.0582 0x0fac  Number of processors: 8
20:48:03.0582 0x0fac  Page size: 0x1000
20:48:03.0582 0x0fac  Boot type: Normal boot
20:48:03.0582 0x0fac  ============================================================
20:48:03.0582 0x0fac  BG loaded
20:48:06.0904 0x0fac  System UUID: {642F3185-EE2C-A56E-E25A-615F3E3E3736}
20:48:08.0792 0x0fac  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:48:08.0792 0x0fac  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:48:08.0808 0x0fac  ============================================================
20:48:08.0808 0x0fac  \Device\Harddisk0\DR0:
20:48:08.0823 0x0fac  MBR partitions:
20:48:08.0823 0x0fac  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x57541401
20:48:08.0823 0x0fac  \Device\Harddisk1\DR1:
20:48:08.0823 0x0fac  MBR partitions:
20:48:08.0823 0x0fac  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705000
20:48:08.0823 0x0fac  ============================================================
20:48:08.0948 0x0fac  C: <-> \Device\Harddisk0\DR0\Partition1
20:48:08.0964 0x0fac  D: <-> \Device\Harddisk1\DR1\Partition1
20:48:08.0964 0x0fac  ============================================================
20:48:08.0964 0x0fac  Initialize success
20:48:08.0964 0x0fac  ============================================================
20:48:30.0772 0x0db8  ============================================================
20:48:30.0772 0x0db8  Scan started
20:48:30.0772 0x0db8  Mode: Manual; SigCheck; TDLFS;
20:48:30.0772 0x0db8  ============================================================
20:48:30.0772 0x0db8  KSN ping started
20:48:30.0897 0x0db8  KSN ping finished: false
20:48:37.0543 0x0db8  ================ Scan system memory ========================
20:48:37.0543 0x0db8  System memory - ok
20:48:37.0543 0x0db8  ================ Scan services =============================
20:48:37.0683 0x0db8  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
20:48:37.0839 0x0db8  1394ohci - ok
20:48:37.0870 0x0db8  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
20:48:37.0886 0x0db8  ACPI - ok
20:48:37.0902 0x0db8  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
20:48:37.0995 0x0db8  AcpiPmi - ok
20:48:38.0120 0x0db8  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:48:38.0151 0x0db8  AdobeARMservice - ok
20:48:38.0214 0x0db8  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
20:48:38.0276 0x0db8  adp94xx - ok
20:48:38.0323 0x0db8  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
20:48:38.0385 0x0db8  adpahci - ok
20:48:38.0432 0x0db8  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
20:48:38.0463 0x0db8  adpu320 - ok
20:48:38.0494 0x0db8  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:48:38.0666 0x0db8  AeLookupSvc - ok
20:48:38.0728 0x0db8  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
20:48:38.0822 0x0db8  AFD - ok
20:48:38.0838 0x0db8  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
20:48:38.0853 0x0db8  agp440 - ok
20:48:38.0869 0x0db8  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
20:48:38.0931 0x0db8  ALG - ok
20:48:38.0994 0x0db8  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
20:48:39.0025 0x0db8  aliide - ok
20:48:39.0165 0x0db8  ALSysIO - ok
20:48:39.0243 0x0db8  [ 09F1332EA1955D4C5CEBFA82499C7361, E12E143FB545E09F23FE535E8027FA28C41DC92D51AF910E5E7A884DB55AE400 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:48:39.0321 0x0db8  AMD External Events Utility - ok
20:48:39.0337 0x0db8  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
20:48:39.0399 0x0db8  amdide - ok
20:48:39.0430 0x0db8  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
20:48:39.0477 0x0db8  AmdK8 - ok
20:48:39.0914 0x0db8  [ 755D08758837EB5E54875C17531D0FEE, 9BAA7E45E9C344B16AA9E79989EF28E423E4C0F9ABD0B640B737B781F1EA5736 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
20:48:40.0179 0x0db8  amdkmdag - ok
20:48:40.0242 0x0db8  [ E72EEF6B0FF8872538FF4A37AB112206, 32D7023C36C9A572E7383D1FA247C868E2A8D5B1F99FC8C672282E1FCD3F2472 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
20:48:40.0366 0x0db8  amdkmdap - ok
20:48:40.0413 0x0db8  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
20:48:40.0460 0x0db8  AmdPPM - ok
20:48:40.0476 0x0db8  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
20:48:40.0507 0x0db8  amdsata - ok
20:48:40.0569 0x0db8  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
20:48:40.0600 0x0db8  amdsbs - ok
20:48:40.0616 0x0db8  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
20:48:40.0616 0x0db8  amdxata - ok
20:48:40.0663 0x0db8  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
20:48:40.0834 0x0db8  AppID - ok
20:48:40.0866 0x0db8  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
20:48:40.0928 0x0db8  AppIDSvc - ok
20:48:40.0959 0x0db8  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
20:48:41.0006 0x0db8  Appinfo - ok
20:48:41.0084 0x0db8  [ 3DEBBECF665DCDDE3A95D9B902010817, F56F4A7A36FAF5FC2306E108A24E75E13EE1F2D1002D9CB71E3327A55F8694CE ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:48:41.0115 0x0db8  Apple Mobile Device - ok
20:48:41.0162 0x0db8  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
20:48:41.0209 0x0db8  AppMgmt - ok
20:48:41.0256 0x0db8  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
20:48:41.0271 0x0db8  arc - ok
20:48:41.0302 0x0db8  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
20:48:41.0334 0x0db8  arcsas - ok
20:48:41.0412 0x0db8  [ F7692E60147E56A1CEEE144974F41830, C6FFD77A5BCB1FDD4814FAC599ADDA91CA8C92AD26BDD21930B6BC20FB5F6DE4 ] asComSvc        C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe
20:48:41.0536 0x0db8  asComSvc - detected UnsignedFile.Multi.Generic ( 1 )
20:48:41.0568 0x0db8  asComSvc ( UnsignedFile.Multi.Generic ) - warning
20:48:41.0646 0x0db8  [ F709A4D50B19A84A8D06579C193CCA5E, 9D86F8E96D92FC8A688F0C3884C0F2583AEBBFCF614AF1F61534E60C8AE3884E ] asHmComSvc      C:\Program Files (x86)\ASUS\AAHM\1.00.18\aaHMSvc.exe
20:48:41.0724 0x0db8  asHmComSvc - ok
20:48:41.0802 0x0db8  [ FEF9DD9EA587F8886ADE43C1BEFBDAFE, DDE6F28B3F7F2ABBEE59D4864435108791631E9CB4CDFB1F178E5AA9859956D8 ] AsIO            C:\Windows\syswow64\drivers\AsIO.sys
20:48:41.0817 0x0db8  AsIO - ok
20:48:41.0911 0x0db8  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:48:42.0067 0x0db8  aspnet_state - ok
20:48:42.0145 0x0db8  [ 5C31DFB196CB3A488A041881634D86D2, 419ABEED7FB7CEBBA264802D2F727D18F999CEDA566A0830C38A69AC1680F3EA ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
20:48:42.0238 0x0db8  AsSysCtrlService - ok
20:48:42.0270 0x0db8  [ 1392B92179B07B672720763D9B1028A5, B4D47EA790920A4531E3DF5A4B4B0721B7FEA6B49A35679F0652F1E590422602 ] AsUpIO          C:\Windows\syswow64\drivers\AsUpIO.sys
20:48:42.0285 0x0db8  AsUpIO - ok
20:48:42.0316 0x0db8  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:48:42.0379 0x0db8  AsyncMac - ok
20:48:42.0410 0x0db8  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
20:48:42.0426 0x0db8  atapi - ok
20:48:42.0472 0x0db8  [ CBE61B4494165F458BD87E37181EE934, E95654DCC0F977A3604B6BE435BEE109AC8F9F7494FD3A132F5FB477BBF7B105 ] AthBTPort       C:\Windows\system32\DRIVERS\btath_flt.sys
20:48:42.0519 0x0db8  AthBTPort - ok
20:48:42.0550 0x0db8  [ 4119870B90E1B5E7797D6433D21F9216, 5CDA3748A6C89B1046173F20D857D164F4170A5028370B5BB9843212CEA86C8F ] ATHDFU          C:\Windows\system32\Drivers\AthDfu.sys
20:48:42.0597 0x0db8  ATHDFU - ok
20:48:42.0628 0x0db8  [ 21753130331188C4B474E1D3B396E629, F0FBE5F3281121DEF634F8273A2F43C5ADE538D9F280D6C9560D212B8B027A38 ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
20:48:42.0644 0x0db8  AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
20:48:42.0644 0x0db8  AtherosSvc ( UnsignedFile.Multi.Generic ) - warning
20:48:42.0722 0x0db8  [ C22D4905DDDF73EB0349D3B0604234A2, F86220290663FA95F3D8181D41F9D105634A62D50856BCEB174B9675F8DD7669 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
20:48:42.0769 0x0db8  AtiHDAudioService - ok
20:48:42.0816 0x0db8  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:48:42.0878 0x0db8  AudioEndpointBuilder - ok
20:48:42.0909 0x0db8  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
20:48:42.0925 0x0db8  AudioSrv - ok
20:48:42.0956 0x0db8  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
20:48:43.0003 0x0db8  AxInstSV - ok
20:48:43.0050 0x0db8  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
20:48:43.0128 0x0db8  b06bdrv - ok
20:48:43.0174 0x0db8  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
20:48:43.0237 0x0db8  b57nd60a - ok
20:48:43.0268 0x0db8  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
20:48:43.0330 0x0db8  BDESVC - ok
20:48:43.0346 0x0db8  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:48:43.0408 0x0db8  Beep - ok
20:48:43.0486 0x0db8  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
20:48:43.0549 0x0db8  BFE - ok
20:48:43.0596 0x0db8  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
20:48:43.0642 0x0db8  BITS - ok
20:48:43.0658 0x0db8  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
20:48:43.0674 0x0db8  blbdrive - ok
20:48:43.0705 0x0db8  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:48:43.0783 0x0db8  bowser - ok
20:48:43.0798 0x0db8  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
20:48:43.0830 0x0db8  BrFiltLo - ok
20:48:43.0861 0x0db8  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
20:48:43.0892 0x0db8  BrFiltUp - ok
20:48:43.0908 0x0db8  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
20:48:43.0970 0x0db8  BridgeMP - ok
20:48:44.0017 0x0db8  BrlAPI - ok
20:48:44.0064 0x0db8  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
20:48:44.0110 0x0db8  Browser - ok
20:48:44.0142 0x0db8  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
20:48:44.0204 0x0db8  Brserid - ok
20:48:44.0251 0x0db8  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
20:48:44.0282 0x0db8  BrSerWdm - ok
20:48:44.0298 0x0db8  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
20:48:44.0344 0x0db8  BrUsbMdm - ok
20:48:44.0360 0x0db8  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
20:48:44.0422 0x0db8  BrUsbSer - ok
20:48:44.0485 0x0db8  [ FE70889A85C57A9268101B2DB0474509, 9E957390A52BE4E5642724FEC06A201682F93DD1C6F2C00A5F57351460CF5AE0 ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
20:48:44.0516 0x0db8  BTATH_A2DP - ok
20:48:44.0532 0x0db8  [ A83A91D07D1FE6BBE7A9DB46CA00434B, 9EF851047189E13954C0F6A325E4843914C423C0D1EDAE21A34AB3A962BBD5AC ] BTATH_BUS       C:\Windows\system32\DRIVERS\btath_bus.sys
20:48:44.0594 0x0db8  BTATH_BUS - ok
20:48:44.0610 0x0db8  [ C864FF85EE16D61C2BDD5EF76824625F, 6D2FE57688D9E8B4277BF6DA9C219DEB367274364FBE17EFC353CEDB2D7EA35D ] BTATH_HCRP      C:\Windows\system32\DRIVERS\btath_hcrp.sys
20:48:44.0641 0x0db8  BTATH_HCRP - ok
20:48:44.0688 0x0db8  [ 0DEA505EFB5D771826D177EF8B8A208F, FD8027DA791F04077490749AC5A08F73CCBA1731462579AA9008CD8DD82FBBBC ] BTATH_LWFLT     C:\Windows\system32\DRIVERS\btath_lwflt.sys
20:48:44.0734 0x0db8  BTATH_LWFLT - ok
20:48:44.0750 0x0db8  [ 724C8088C96EFE7A3E63FEC21D4681C0, 4F9B258BE0FEA634A0D93B3892F2F039A7CAD184C9A81DFC2B67B0D4B39C5035 ] BTATH_RCP       C:\Windows\system32\DRIVERS\btath_rcp.sys
20:48:44.0797 0x0db8  BTATH_RCP - ok
20:48:44.0859 0x0db8  [ AA0F5AFCF077C5246589B32ECEEAE566, 158C44C53B054890574B32F7D10E507902CCFB006323A850A2E6F78B2565E518 ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
20:48:44.0906 0x0db8  BtFilter - ok
20:48:44.0937 0x0db8  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
20:48:44.0984 0x0db8  BthEnum - ok
20:48:45.0000 0x0db8  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
20:48:45.0031 0x0db8  BTHMODEM - ok
20:48:45.0046 0x0db8  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
20:48:45.0109 0x0db8  BthPan - ok
20:48:45.0171 0x0db8  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
20:48:45.0234 0x0db8  BTHPORT - ok
20:48:45.0265 0x0db8  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
20:48:45.0327 0x0db8  bthserv - ok
20:48:45.0343 0x0db8  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
20:48:45.0405 0x0db8  BTHUSB - ok
20:48:45.0436 0x0db8  catchme - ok
20:48:45.0452 0x0db8  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:48:45.0530 0x0db8  cdfs - ok
20:48:45.0561 0x0db8  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
20:48:45.0592 0x0db8  cdrom - ok
20:48:45.0639 0x0db8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
20:48:45.0702 0x0db8  CertPropSvc - ok
20:48:45.0733 0x0db8  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
20:48:45.0780 0x0db8  circlass - ok
20:48:45.0811 0x0db8  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
20:48:45.0842 0x0db8  CLFS - ok
20:48:45.0904 0x0db8  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:48:45.0936 0x0db8  clr_optimization_v2.0.50727_32 - ok
20:48:45.0982 0x0db8  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:48:45.0998 0x0db8  clr_optimization_v2.0.50727_64 - ok
20:48:46.0076 0x0db8  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:48:47.0152 0x0db8  clr_optimization_v4.0.30319_32 - ok
20:48:47.0230 0x0db8  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:48:47.0402 0x0db8  clr_optimization_v4.0.30319_64 - ok
20:48:47.0418 0x0db8  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
20:48:47.0449 0x0db8  CmBatt - ok
20:48:47.0496 0x0db8  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:48:47.0558 0x0db8  cmdide - ok
20:48:47.0652 0x0db8  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
20:48:47.0792 0x0db8  CNG - ok
20:48:47.0839 0x0db8  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
20:48:47.0854 0x0db8  Compbatt - ok
20:48:47.0901 0x0db8  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
20:48:48.0026 0x0db8  CompositeBus - ok
20:48:48.0057 0x0db8  COMSysApp - ok
20:48:48.0478 0x0db8  [ 984CC82169360EA26076A77949254A1B, A5278D332BFCAF0EBD1CD4E6A07CA5B7331BC9123A7E7EA9709A5C89A520B705 ] CorsairCAHS1    C:\Windows\system32\drivers\CAHS164.sys
20:48:48.0837 0x0db8  CorsairCAHS1 - ok
20:48:50.0756 0x0db8  [ F08C6020E57F5E5BF2FD034DB10BEDFB, 288EA64A57057EAD135685F2C46CA53BA0319EA28B7B7A2ECBE29E50ED807FCA ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
20:48:50.0943 0x0db8  cphs - ok
20:48:51.0021 0x0db8  [ C08063F052308B6F5882482615387F30, 523D1D43E896077F32CD9ACAA8E85B513BFB7B013A625E56F0D4E9675D9822BA ] cpuz135         C:\Windows\system32\drivers\cpuz135_x64.sys
20:48:51.0068 0x0db8  cpuz135 - ok
20:48:51.0115 0x0db8  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
20:48:51.0177 0x0db8  crcdisk - ok
20:48:51.0302 0x0db8  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:48:51.0380 0x0db8  CryptSvc - ok
20:48:51.0489 0x0db8  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
20:48:51.0598 0x0db8  CSC - ok
20:48:51.0661 0x0db8  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
20:48:51.0708 0x0db8  CscService - ok
20:48:51.0832 0x0db8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:48:51.0879 0x0db8  DcomLaunch - ok
20:48:51.0988 0x0db8  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
20:48:52.0113 0x0db8  defragsvc - ok
20:48:52.0129 0x0db8  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:48:52.0207 0x0db8  DfsC - ok
20:48:52.0347 0x0db8  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
20:48:52.0456 0x0db8  Dhcp - ok
20:48:52.0472 0x0db8  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
20:48:52.0534 0x0db8  discache - ok
20:48:52.0597 0x0db8  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
20:48:52.0628 0x0db8  Disk - ok
20:48:52.0659 0x0db8  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
20:48:52.0753 0x0db8  dmvsc - ok
20:48:52.0831 0x0db8  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:48:52.0924 0x0db8  Dnscache - ok
20:48:53.0002 0x0db8  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
20:48:53.0049 0x0db8  dot3svc - ok
20:48:53.0112 0x0db8  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
20:48:53.0174 0x0db8  DPS - ok
20:48:53.0268 0x0db8  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:48:53.0346 0x0db8  drmkaud - ok
20:48:53.0486 0x0db8  [ 400582B09E0BB557D0EC28A945150EEB, 605AC0DF14F9F64B72604968CC4C02725E8D5C879D6DB1B2B5D9598B902FC9D0 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
20:48:53.0517 0x0db8  dtsoftbus01 - ok
20:48:53.0689 0x0db8  dump_wmimmc - ok
20:48:53.0814 0x0db8  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:48:53.0876 0x0db8  DXGKrnl - ok
20:48:53.0970 0x0db8  [ 6BAFD9819D9FEC2EDBAEBC8493C711A4, 689A30C9F881D8C49F90A6C75DA816055B43B84776E815C1DE80B3933ADBB174 ] e1cexpress      C:\Windows\system32\DRIVERS\e1c62x64.sys
20:48:54.0032 0x0db8  e1cexpress - ok
20:48:54.0126 0x0db8  [ 13533557D01B88C83110D5CF749F14D7, 58E0ED5EE156E871182DF8E0079DEAE36EFADA4810ED84A5CAB7CC41B7B79CD4 ] eamonm          C:\Windows\system32\DRIVERS\eamonm.sys
20:48:54.0188 0x0db8  eamonm - ok
20:48:54.0219 0x0db8  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
20:48:54.0344 0x0db8  EapHost - ok
20:48:54.0906 0x0db8  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
20:48:55.0140 0x0db8  ebdrv - ok
20:48:55.0186 0x0db8  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
20:48:55.0233 0x0db8  EFS - ok
20:48:55.0327 0x0db8  [ E097728129E7B79BF1089D7AEF42332B, D470F05F8F7005C77BBDC01B499F4E3DEA6BDBCA182BA7064ABFB576980EE858 ] ehdrv           C:\Windows\system32\DRIVERS\ehdrv.sys
20:48:55.0420 0x0db8  ehdrv - ok
20:48:55.0576 0x0db8  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
20:48:55.0717 0x0db8  ehRecvr - ok
20:48:55.0764 0x0db8  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
20:48:55.0795 0x0db8  ehSched - ok
20:48:56.0154 0x0db8  [ C7BB95CF9631AA401E4ADED1648F6AF7, BE011DEC328AB543BD401E49FD3BE8462C40FD5EEDB4E1332B27240813127F89 ] ekrn            C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
20:48:56.0169 0x0db8  ekrn - ok
20:48:56.0294 0x0db8  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
20:48:56.0434 0x0db8  elxstor - ok
20:48:56.0481 0x0db8  [ 2380976CF8A4A56611F35633ACD2A74F, E8829CA2743DBE457E1BB6C5BFCE64E4DA9E65A2EC67FFC7FB7E767B592AC1F6 ] epfwwfpr        C:\Windows\system32\DRIVERS\epfwwfpr.sys
20:48:56.0559 0x0db8  epfwwfpr - ok
20:48:56.0590 0x0db8  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
20:48:56.0622 0x0db8  ErrDev - ok
20:48:56.0668 0x0db8  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
20:48:56.0731 0x0db8  EventSystem - ok
20:48:56.0778 0x0db8  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
20:48:56.0840 0x0db8  exfat - ok
20:48:56.0871 0x0db8  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:48:56.0918 0x0db8  fastfat - ok
20:48:57.0027 0x0db8  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
20:48:57.0074 0x0db8  Fax - ok
20:48:57.0105 0x0db8  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
20:48:57.0152 0x0db8  fdc - ok
20:48:57.0183 0x0db8  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
20:48:57.0277 0x0db8  fdPHost - ok
20:48:57.0292 0x0db8  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
20:48:57.0324 0x0db8  FDResPub - ok
20:48:57.0339 0x0db8  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:48:57.0355 0x0db8  FileInfo - ok
20:48:57.0370 0x0db8  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:48:57.0433 0x0db8  Filetrace - ok
20:48:57.0433 0x0db8  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
20:48:57.0480 0x0db8  flpydisk - ok
20:48:57.0526 0x0db8  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:48:57.0558 0x0db8  FltMgr - ok
20:48:57.0745 0x0db8  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
20:48:57.0854 0x0db8  FontCache - ok
20:48:57.0948 0x0db8  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:48:57.0994 0x0db8  FontCache3.0.0.0 - ok
20:48:58.0260 0x0db8  [ 26EABEEA7F30DCF21DA0577C4EE26FAA, 20C3CD2579ED6853249B1EAEF23DF2904779BA2E806D00C30F81EA9A1612AE0F ] FoxitCloudUpdateService C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe
20:48:58.0291 0x0db8  FoxitCloudUpdateService - ok
20:48:58.0306 0x0db8  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
20:48:58.0322 0x0db8  FsDepends - ok
20:48:58.0353 0x0db8  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:48:58.0416 0x0db8  Fs_Rec - ok
20:48:58.0665 0x0db8  [ 895BA1CFF25E867CE5A52073E905C93B, A417065E831B768BD76364EC1E5FEDAADF172DCD1E6C2A134CB311EDDC2DC477 ] fussvc          C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe
20:48:58.0728 0x0db8  fussvc - detected UnsignedFile.Multi.Generic ( 1 )
20:48:58.0728 0x0db8  fussvc ( UnsignedFile.Multi.Generic ) - warning
20:48:58.0821 0x0db8  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
20:48:58.0868 0x0db8  fvevol - ok
20:48:58.0884 0x0db8  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
20:48:58.0930 0x0db8  gagp30kx - ok
20:48:58.0993 0x0db8  [ E403AACF8C7BB11375122D2464560311, 0427B8FFD999D256EA1A5135F218692959A7577CB32354D3087CF0FB4F0577DF ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:48:59.0055 0x0db8  GEARAspiWDM - ok
20:48:59.0211 0x0db8  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
20:48:59.0274 0x0db8  gpsvc - ok
20:48:59.0383 0x0db8  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:48:59.0398 0x0db8  gupdate - ok
20:48:59.0414 0x0db8  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:48:59.0430 0x0db8  gupdatem - ok
20:48:59.0461 0x0db8  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
20:48:59.0508 0x0db8  hcw85cir - ok
20:48:59.0601 0x0db8  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:48:59.0742 0x0db8  HdAudAddService - ok
20:48:59.0773 0x0db8  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
20:48:59.0804 0x0db8  HDAudBus - ok
20:48:59.0820 0x0db8  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
20:48:59.0851 0x0db8  HidBatt - ok
20:48:59.0866 0x0db8  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
20:48:59.0913 0x0db8  HidBth - ok
20:48:59.0944 0x0db8  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
20:49:00.0007 0x0db8  HidIr - ok
20:49:00.0038 0x0db8  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
20:49:00.0069 0x0db8  hidserv - ok
20:49:00.0116 0x0db8  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
20:49:00.0225 0x0db8  HidUsb - ok
20:49:00.0256 0x0db8  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:49:00.0366 0x0db8  hkmsvc - ok
20:49:00.0381 0x0db8  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:49:00.0428 0x0db8  HomeGroupListener - ok
20:49:00.0475 0x0db8  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:49:00.0506 0x0db8  HomeGroupProvider - ok
20:49:00.0553 0x0db8  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
20:49:00.0584 0x0db8  HpSAMD - ok
20:49:00.0818 0x0db8  [ 2ADF33F93991C4E24E86FFA5F906417B, 426FFE6DF9E1B779DA52D7361C8ED03C25F8F8EF30BF3BAAE07D488C3A96C74F ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
20:49:00.0865 0x0db8  HPSLPSVC - detected UnsignedFile.Multi.Generic ( 1 )
20:49:00.0865 0x0db8  HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
20:49:00.0865 0x0db8  Force sending object to P2P due to detect: HPSLPSVC
20:49:00.0880 0x0db8  Object send P2P result: false
20:49:00.0943 0x0db8  [ 7C7C986776D00E575BFBDE5DCBDC615D, 4CF12851A5A45917C3A9139B19D79434F2038611B617F83A714506CC7A1A6C61 ] HtcVCom32       C:\Windows\system32\DRIVERS\HtcVComV64.sys
20:49:01.0052 0x0db8  HtcVCom32 - ok
20:49:01.0286 0x0db8  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:49:01.0333 0x0db8  HTTP - ok
20:49:01.0348 0x0db8  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
20:49:01.0364 0x0db8  hwpolicy - ok
20:49:01.0395 0x0db8  [ 839C97ED7FF07F1C457B7F1751C82C9D, 2C38B7F03E29A163F6F2D8A2BBFB69D3FC5C44B7EA7B662D5A0B5F37D7D0F1C3 ] I1KBFLTR        C:\Windows\system32\drivers\I1KBFLTR.sys
20:49:02.0534 0x0db8  I1KBFLTR - ok
20:49:02.0659 0x0db8  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
20:49:02.0721 0x0db8  i8042prt - ok
20:49:02.0768 0x0db8  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
20:49:02.0815 0x0db8  iaStorV - ok
20:49:02.0877 0x0db8  [ C1010ADD3DDAE1196ED21057AF7B2AAE, 68196851855AD395008D7F29FCEB28BA4BEB1F062B1844A60813E7DD102ACB1C ] ICCWDT          C:\Windows\system32\DRIVERS\ICCWDT.sys
20:49:02.0893 0x0db8  ICCWDT - ok
20:49:03.0018 0x0db8  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:49:03.0096 0x0db8  idsvc - ok
20:49:03.0189 0x0db8  IEEtwCollectorService - ok
20:49:05.0779 0x0db8  [ 371D7F91C0D2314EB984A4A6CBEABC92, DD4B04308596C1E6C75B8772D4421137F3A83285DBCFD4DF54166D2B0B45A317 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
20:49:06.0512 0x0db8  igfx - ok
20:49:06.0621 0x0db8  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
20:49:06.0808 0x0db8  iirsp - ok
20:49:07.0105 0x0db8  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
20:49:07.0167 0x0db8  IKEEXT - ok
20:49:07.0635 0x0db8  [ 589B94A9B73A0E819FF873743A480834, 49FA8EC38F1C78F38F818CC28F2734802739247F0B89A971D65FDAF3110041A8 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:49:07.0760 0x0db8  IntcAzAudAddService - ok
20:49:07.0854 0x0db8  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
20:49:08.0056 0x0db8  intelide - ok
20:49:08.0166 0x0db8  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
20:49:08.0259 0x0db8  intelppm - ok
20:49:08.0290 0x0db8  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:49:08.0368 0x0db8  IPBusEnum - ok
20:49:08.0384 0x0db8  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:49:08.0431 0x0db8  IpFilterDriver - ok
20:49:08.0587 0x0db8  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:49:09.0024 0x0db8  iphlpsvc - ok
20:49:09.0055 0x0db8  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
20:49:09.0148 0x0db8  IPMIDRV - ok
20:49:09.0242 0x0db8  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
20:49:09.0492 0x0db8  IPNAT - ok
20:49:09.0913 0x0db8  [ 4472C8825B5E41D8697D5962F47AB1C9, 0AAC0E52E767EAF43C689919B27670179086657D4193A093C4DD5DD79E0A525A ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
20:49:10.0162 0x0db8  iPod Service - ok
20:49:10.0272 0x0db8  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:49:10.0428 0x0db8  IRENUM - ok
20:49:10.0474 0x0db8  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:49:10.0537 0x0db8  isapnp - ok
20:49:10.0646 0x0db8  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
20:49:10.0958 0x0db8  iScsiPrt - ok
20:49:11.0098 0x0db8  [ A577F5DB30F70ECA9708C07C2EACBD9D, F301D6779BE81F3778417EAAE6D950BF95822EC6426FF3F516D383ADE08DF8CA ] JRAID           C:\Windows\system32\DRIVERS\jraid.sys
20:49:11.0286 0x0db8  JRAID - ok
20:49:11.0379 0x0db8  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
20:49:11.0426 0x0db8  kbdclass - ok
20:49:11.0535 0x0db8  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
20:49:11.0644 0x0db8  kbdhid - ok
20:49:11.0691 0x0db8  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
20:49:11.0722 0x0db8  KeyIso - ok
20:49:11.0800 0x0db8  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:49:11.0878 0x0db8  KSecDD - ok
20:49:12.0003 0x0db8  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
20:49:12.0066 0x0db8  KSecPkg - ok
20:49:12.0175 0x0db8  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
20:49:12.0300 0x0db8  ksthunk - ok
20:49:12.0424 0x0db8  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:49:13.0282 0x0db8  KtmRm - ok
20:49:13.0407 0x0db8  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
20:49:13.0626 0x0db8  LanmanServer - ok
20:49:13.0688 0x0db8  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:49:13.0766 0x0db8  LanmanWorkstation - ok
20:49:13.0844 0x0db8  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:49:13.0984 0x0db8  lltdio - ok
20:49:14.0078 0x0db8  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:49:14.0406 0x0db8  lltdsvc - ok
20:49:14.0421 0x0db8  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:49:14.0468 0x0db8  lmhosts - ok
20:49:14.0546 0x0db8  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
20:49:14.0702 0x0db8  LSI_FC - ok
20:49:14.0796 0x0db8  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
20:49:14.0920 0x0db8  LSI_SAS - ok
20:49:14.0967 0x0db8  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
20:49:15.0061 0x0db8  LSI_SAS2 - ok
20:49:15.0154 0x0db8  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
20:49:15.0373 0x0db8  LSI_SCSI - ok
20:49:15.0482 0x0db8  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
20:49:15.0591 0x0db8  luafv - ok
20:49:15.0700 0x0db8  [ 0C85B2B6FB74B36A251792D45E0EF860, 2E04204560C1159ABC25F273B0B7F81FDF9BA5E88C17929FD924C4E945DE5020 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
20:49:15.0950 0x0db8  LVRS64 - ok
20:49:17.0198 0x0db8  [ FF3A488924B0032B1A9CA6948C1FA9E8, 6F05852B75498210926F5CDF49D2A6DD97C39CD93D32E3200D7240AADA3E7BEE ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
20:49:17.0401 0x0db8  LVUVC64 - ok
20:49:17.0479 0x0db8  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
20:49:17.0697 0x0db8  Mcx2Svc - ok
20:49:17.0931 0x0db8  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
20:49:18.0025 0x0db8  megasas - ok
20:49:18.0103 0x0db8  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
20:49:18.0274 0x0db8  MegaSR - ok
20:49:18.0352 0x0db8  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
20:49:18.0430 0x0db8  MEIx64 - ok
20:49:19.0179 0x0db8  Microsoft SharePoint Workspace Audit Service - ok
20:49:19.0242 0x0db8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
20:49:19.0320 0x0db8  MMCSS - ok
20:49:19.0366 0x0db8  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
20:49:19.0507 0x0db8  Modem - ok
20:49:19.0600 0x0db8  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:49:19.0647 0x0db8  monitor - ok
20:49:19.0741 0x0db8  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:49:19.0928 0x0db8  mouclass - ok
20:49:19.0990 0x0db8  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:49:20.0053 0x0db8  mouhid - ok
20:49:20.0100 0x0db8  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
20:49:20.0115 0x0db8  mountmgr - ok
20:49:20.0318 0x0db8  [ 43BCA4038E290F75B5B6FECBFF5288A2, 52076DC16CDBD5A86AF2157528E56B52442489C45429B5EE39D7B34863414682 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:49:20.0614 0x0db8  MozillaMaintenance - ok
20:49:20.0692 0x0db8  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
20:49:20.0880 0x0db8  mpio - ok
20:49:20.0911 0x0db8  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:49:20.0973 0x0db8  mpsdrv - ok
20:49:21.0160 0x0db8  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:49:21.0254 0x0db8  MpsSvc - ok
20:49:21.0301 0x0db8  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:49:21.0426 0x0db8  MRxDAV - ok
20:49:21.0488 0x0db8  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:49:21.0566 0x0db8  mrxsmb - ok
20:49:21.0597 0x0db8  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:49:21.0613 0x0db8  mrxsmb10 - ok
20:49:21.0644 0x0db8  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:49:21.0675 0x0db8  mrxsmb20 - ok
20:49:21.0706 0x0db8  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
20:49:21.0738 0x0db8  msahci - ok
20:49:21.0753 0x0db8  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
20:49:21.0769 0x0db8  msdsm - ok
20:49:21.0784 0x0db8  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
20:49:21.0816 0x0db8  MSDTC - ok
20:49:21.0847 0x0db8  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:49:21.0862 0x0db8  Msfs - ok
20:49:21.0909 0x0db8  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
20:49:22.0003 0x0db8  mshidkmdf - ok
20:49:22.0034 0x0db8  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:49:22.0034 0x0db8  msisadrv - ok
20:49:22.0081 0x0db8  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:49:22.0190 0x0db8  MSiSCSI - ok
20:49:22.0190 0x0db8  msiserver - ok
20:49:22.0221 0x0db8  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:49:22.0330 0x0db8  MSKSSRV - ok
20:49:22.0377 0x0db8  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:49:22.0408 0x0db8  MSPCLOCK - ok
20:49:22.0440 0x0db8  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:49:22.0502 0x0db8  MSPQM - ok
20:49:22.0533 0x0db8  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:49:22.0549 0x0db8  MsRPC - ok
20:49:22.0580 0x0db8  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
20:49:22.0596 0x0db8  mssmbios - ok
20:49:22.0705 0x0db8  MSSQL$SQLEXPRESS - ok
20:49:22.0814 0x0db8  [ 04EF36EAF5C4DBCE424D81B76F1E9231, ABA97C3004903852357264291613649D823F5BB24806E6CF9952AB3AA0E97C15 ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
20:49:22.0861 0x0db8  MSSQLServerADHelper100 - ok
20:49:22.0892 0x0db8  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:49:22.0939 0x0db8  MSTEE - ok
20:49:22.0986 0x0db8  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
20:49:23.0017 0x0db8  MTConfig - ok
20:49:23.0032 0x0db8  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
20:49:23.0064 0x0db8  Mup - ok
20:49:23.0126 0x0db8  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
20:49:23.0188 0x0db8  napagent - ok
20:49:23.0235 0x0db8  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:49:23.0298 0x0db8  NativeWifiP - ok
20:49:23.0376 0x0db8  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:49:23.0407 0x0db8  NDIS - ok
20:49:23.0422 0x0db8  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
20:49:23.0454 0x0db8  NdisCap - ok
20:49:23.0469 0x0db8  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:49:23.0500 0x0db8  NdisTapi - ok
20:49:23.0516 0x0db8  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:49:23.0532 0x0db8  Ndisuio - ok
20:49:23.0547 0x0db8  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:49:23.0610 0x0db8  NdisWan - ok
20:49:23.0625 0x0db8  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:49:23.0672 0x0db8  NDProxy - ok
20:49:23.0734 0x0db8  [ D5AC41AE382738483FAFFBD7E373D49A, 68793D15566F387650E9C5010E1CA73BDE3EB4BA431EA0A1673004CAE08413B0 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
20:49:23.0781 0x0db8  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
20:49:23.0781 0x0db8  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
20:49:23.0797 0x0db8  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:49:23.0844 0x0db8  NetBIOS - ok
20:49:23.0859 0x0db8  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
20:49:23.0890 0x0db8  NetBT - ok
20:49:23.0922 0x0db8  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
20:49:23.0922 0x0db8  Netlogon - ok
20:49:23.0953 0x0db8  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
20:49:24.0000 0x0db8  Netman - ok
20:49:24.0078 0x0db8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:49:24.0124 0x0db8  NetMsmqActivator - ok
20:49:24.0156 0x0db8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:49:24.0156 0x0db8  NetPipeActivator - ok
20:49:24.0249 0x0db8  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
20:49:24.0327 0x0db8  netprofm - ok
20:49:24.0327 0x0db8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:49:24.0358 0x0db8  NetTcpActivator - ok
20:49:24.0358 0x0db8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:49:24.0374 0x0db8  NetTcpPortSharing - ok
20:49:24.0405 0x0db8  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
20:49:24.0405 0x0db8  nfrd960 - ok
20:49:24.0452 0x0db8  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:49:24.0499 0x0db8  NlaSvc - ok
20:49:24.0561 0x0db8  [ DE7FCC77F4A503AF4CA6A47D49B3713D, 4BFAA99393F635CD05D91A64DE73EDB5639412C129E049F0FE34F88517A10FC6 ] NPF             C:\Windows\system32\drivers\npf.sys
20:49:24.0608 0x0db8  NPF - ok
20:49:24.0624 0x0db8  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:49:24.0655 0x0db8  Npfs - ok
20:49:24.0655 0x0db8  npggsvc - ok
20:49:24.0655 0x0db8  NPPTNT2 - ok
20:49:24.0686 0x0db8  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
20:49:24.0702 0x0db8  nsi - ok
20:49:24.0717 0x0db8  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:49:24.0748 0x0db8  nsiproxy - ok
20:49:24.0998 0x0db8  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:49:25.0107 0x0db8  Ntfs - ok
20:49:25.0123 0x0db8  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
20:49:25.0201 0x0db8  Null - ok
20:49:25.0216 0x0db8  NVHDA - ok
20:49:25.0341 0x0db8  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:49:25.0372 0x0db8  nvraid - ok
20:49:25.0435 0x0db8  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:49:25.0466 0x0db8  nvstor - ok
20:49:25.0482 0x0db8  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:49:25.0513 0x0db8  nv_agp - ok
20:49:25.0528 0x0db8  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
20:49:25.0575 0x0db8  ohci1394 - ok
20:49:25.0684 0x0db8  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:49:25.0731 0x0db8  ose - ok
20:49:26.0230 0x0db8  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:49:26.0433 0x0db8  osppsvc - ok
20:49:26.0480 0x0db8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
20:49:26.0511 0x0db8  p2pimsvc - ok
20:49:26.0542 0x0db8  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
20:49:26.0558 0x0db8  p2psvc - ok
20:49:26.0589 0x0db8  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
20:49:26.0589 0x0db8  Parport - ok
20:49:26.0620 0x0db8  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:49:26.0683 0x0db8  partmgr - ok
20:49:26.0698 0x0db8  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:49:26.0745 0x0db8  PcaSvc - ok
20:49:26.0761 0x0db8  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
20:49:26.0776 0x0db8  pci - ok
20:49:26.0792 0x0db8  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
20:49:26.0808 0x0db8  pciide - ok
20:49:26.0839 0x0db8  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
20:49:26.0870 0x0db8  pcmcia - ok
20:49:26.0870 0x0db8  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
20:49:26.0901 0x0db8  pcw - ok
20:49:26.0932 0x0db8  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:49:26.0995 0x0db8  PEAUTH - ok
20:49:27.0198 0x0db8  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
20:49:27.0322 0x0db8  PeerDistSvc - ok
20:49:27.0416 0x0db8  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
20:49:27.0447 0x0db8  PerfHost - ok
20:49:27.0728 0x0db8  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
20:49:27.0837 0x0db8  pla - ok
20:49:27.0884 0x0db8  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:49:27.0915 0x0db8  PlugPlay - ok
20:49:28.0024 0x0db8  [ 63694C307273062A2167AE4CE80730EF, 788E762D02A8BE9802143361A5768364A994B20E769A9733FA5827F526432893 ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
20:49:28.0212 0x0db8  PMBDeviceInfoProvider - ok
20:49:28.0290 0x0db8  [ 37F6046CDC630442D7DC087501FF6FC6, EFC0F3DA49839CA263CD95AE5015F4FC554D9D845A58A699C542C8C96E70ED3C ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
20:49:28.0305 0x0db8  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
20:49:28.0305 0x0db8  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
20:49:28.0368 0x0db8  [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA        C:\Windows\system32\PnkBstrA.exe
20:49:28.0430 0x0db8  PnkBstrA - ok
20:49:28.0446 0x0db8  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
20:49:28.0492 0x0db8  PNRPAutoReg - ok
20:49:28.0570 0x0db8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
20:49:28.0602 0x0db8  PNRPsvc - ok
20:49:28.0695 0x0db8  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:49:28.0789 0x0db8  PolicyAgent - ok
20:49:28.0883 0x0db8  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
20:49:28.0945 0x0db8  Power - ok
20:49:28.0992 0x0db8  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:49:29.0039 0x0db8  PptpMiniport - ok
20:49:29.0085 0x0db8  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
20:49:29.0132 0x0db8  Processor - ok
20:49:29.0163 0x0db8  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
20:49:29.0210 0x0db8  ProfSvc - ok
20:49:29.0241 0x0db8  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:49:29.0257 0x0db8  ProtectedStorage - ok
20:49:29.0288 0x0db8  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
20:49:29.0351 0x0db8  Psched - ok
20:49:29.0429 0x0db8  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
20:49:29.0553 0x0db8  ql2300 - ok
20:49:29.0569 0x0db8  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
20:49:29.0585 0x0db8  ql40xx - ok
20:49:29.0631 0x0db8  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
20:49:29.0663 0x0db8  QWAVE - ok
20:49:29.0678 0x0db8  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:49:29.0741 0x0db8  QWAVEdrv - ok
20:49:29.0756 0x0db8  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:49:29.0787 0x0db8  RasAcd - ok
20:49:29.0803 0x0db8  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
20:49:29.0819 0x0db8  RasAgileVpn - ok
20:49:29.0850 0x0db8  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
20:49:29.0943 0x0db8  RasAuto - ok
20:49:29.0959 0x0db8  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:49:29.0975 0x0db8  Rasl2tp - ok
20:49:30.0006 0x0db8  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
20:49:30.0037 0x0db8  RasMan - ok
20:49:30.0053 0x0db8  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:49:30.0084 0x0db8  RasPppoe - ok
20:49:30.0099 0x0db8  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:49:30.0146 0x0db8  RasSstp - ok
20:49:30.0193 0x0db8  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:49:30.0271 0x0db8  rdbss - ok
20:49:30.0271 0x0db8  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
20:49:30.0302 0x0db8  rdpbus - ok
20:49:30.0318 0x0db8  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:49:30.0365 0x0db8  RDPCDD - ok
20:49:30.0380 0x0db8  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
20:49:30.0411 0x0db8  RDPDR - ok
20:49:30.0427 0x0db8  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:49:30.0458 0x0db8  RDPENCDD - ok
20:49:30.0474 0x0db8  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
20:49:30.0489 0x0db8  RDPREFMP - ok
20:49:30.0552 0x0db8  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:49:30.0599 0x0db8  RdpVideoMiniport - ok
20:49:30.0661 0x0db8  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:49:30.0708 0x0db8  RDPWD - ok
20:49:30.0770 0x0db8  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
20:49:30.0801 0x0db8  rdyboost - ok
20:49:30.0848 0x0db8  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:49:30.0911 0x0db8  RemoteAccess - ok
20:49:31.0035 0x0db8  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:49:31.0082 0x0db8  RemoteRegistry - ok
20:49:31.0145 0x0db8  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
20:49:31.0207 0x0db8  RFCOMM - ok
20:49:31.0269 0x0db8  [ 83A6C2CAFE236652D1559640594A0EA8, 52360F17C9C70C9CEA3316560B40C4D89FD705ED7E6B6088C99FC54D4CC35EB5 ] rpcapd          C:\Program Files (x86)\WinPcap\rpcapd.exe
20:49:31.0301 0x0db8  rpcapd - ok
20:49:31.0347 0x0db8  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
20:49:31.0410 0x0db8  RpcEptMapper - ok
20:49:31.0425 0x0db8  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
20:49:31.0457 0x0db8  RpcLocator - ok
20:49:31.0488 0x0db8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
20:49:31.0519 0x0db8  RpcSs - ok
20:49:31.0659 0x0db8  [ 8415D92661B147BA54BE05AD18B82186, EA1A31887332273D81CF0C1D4C1AD3D735A6EB24E80B838F6D7B501439BD49B5 ] RsFx0153        C:\Windows\system32\DRIVERS\RsFx0153.sys
20:49:31.0722 0x0db8  RsFx0153 - ok
20:49:31.0753 0x0db8  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:49:31.0800 0x0db8  rspndr - ok
20:49:31.0862 0x0db8  [ EFF6DE9E131F911B8599BE6C9A915904, F6C48F9E642D1D0850ABE19ED62441283B90B2007A4C79B2E863B309C6AF17D7 ] RzDxgk          C:\Windows\system32\drivers\RzDxgk.sys
20:49:31.0909 0x0db8  RzDxgk - ok
20:49:31.0971 0x0db8  [ 8DD6EF98914CB8AE825CF302071428D5, 07BFB5D44B7F69A58AE8C50C0A366492D0C361432E84792C296A486252CABCAA ] RzFilter        C:\Windows\system32\drivers\RzFilter.sys
20:49:32.0003 0x0db8  RzFilter - ok
20:49:32.0143 0x0db8  [ D7031B2D6901D72248028791D406EC12, 9BCD471744A6C313D202E81C03F6F78BF3A1A78EAD57B69A92CBC1CA3985697E ] RzOvlMon        C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe
20:49:32.0190 0x0db8  RzOvlMon - ok
20:49:32.0237 0x0db8  [ C5E1A5C17FA2CC83C2BB2167B0895100, 7F4D40B440877C4E0D5123D21A2BB67568FECB61750D6ED89AD0C4ABB15F66CE ] rzudd           C:\Windows\system32\DRIVERS\rzudd.sys
20:49:32.0268 0x0db8  rzudd - ok
20:49:32.0283 0x0db8  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
20:49:32.0315 0x0db8  s3cap - ok
20:49:32.0346 0x0db8  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
20:49:32.0377 0x0db8  SamSs - ok
20:49:32.0408 0x0db8  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:49:32.0439 0x0db8  sbp2port - ok
20:49:32.0471 0x0db8  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:49:32.0549 0x0db8  SCardSvr - ok
20:49:32.0564 0x0db8  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
20:49:32.0642 0x0db8  scfilter - ok
20:49:32.0892 0x0db8  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
20:49:32.0954 0x0db8  Schedule - ok
20:49:32.0985 0x0db8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:49:33.0048 0x0db8  SCPolicySvc - ok
20:49:33.0095 0x0db8  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:49:33.0141 0x0db8  SDRSVC - ok
20:49:33.0173 0x0db8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:49:33.0235 0x0db8  secdrv - ok
20:49:33.0235 0x0db8  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
20:49:33.0266 0x0db8  seclogon - ok
20:49:33.0282 0x0db8  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
20:49:33.0313 0x0db8  SENS - ok
20:49:33.0329 0x0db8  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
20:49:33.0344 0x0db8  SensrSvc - ok
20:49:33.0360 0x0db8  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
20:49:33.0407 0x0db8  Serenum - ok
20:49:33.0422 0x0db8  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
20:49:33.0438 0x0db8  Serial - ok
20:49:33.0469 0x0db8  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
20:49:33.0485 0x0db8  sermouse - ok
20:49:33.0531 0x0db8  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
20:49:33.0594 0x0db8  SessionEnv - ok
20:49:33.0609 0x0db8  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
20:49:33.0625 0x0db8  sffdisk - ok
20:49:33.0625 0x0db8  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
20:49:33.0672 0x0db8  sffp_mmc - ok
20:49:33.0687 0x0db8  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
20:49:33.0719 0x0db8  sffp_sd - ok
20:49:33.0734 0x0db8  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
20:49:33.0750 0x0db8  sfloppy - ok
20:49:33.0812 0x0db8  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:49:33.0875 0x0db8  SharedAccess - ok
20:49:33.0937 0x0db8  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:49:34.0015 0x0db8  ShellHWDetection - ok
20:49:34.0031 0x0db8  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
20:49:34.0031 0x0db8  SiSRaid2 - ok
20:49:34.0077 0x0db8  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
20:49:34.0109 0x0db8  SiSRaid4 - ok
20:49:34.0202 0x0db8  [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
20:49:34.0249 0x0db8  SkypeUpdate - ok
20:49:34.0280 0x0db8  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
20:49:34.0358 0x0db8  Smb - ok
20:49:34.0389 0x0db8  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:49:34.0421 0x0db8  SNMPTRAP - ok
20:49:34.0436 0x0db8  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
20:49:34.0483 0x0db8  spldr - ok
20:49:34.0592 0x0db8  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
20:49:34.0639 0x0db8  Spooler - ok
20:49:34.0857 0x0db8  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
20:49:34.0951 0x0db8  sppsvc - ok
20:49:34.0967 0x0db8  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
20:49:34.0998 0x0db8  sppuinotify - ok
20:49:35.0169 0x0db8  [ F6057BCA087F571DE25267C7FC0FCB7E, 7D804277F3615CB759A62431906F5ABFC0C30DFD4AC42F3EE22735063B15E8AE ] SQLAgent$SQLEXPRESS C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
20:49:35.0279 0x0db8  SQLAgent$SQLEXPRESS - ok
20:49:35.0388 0x0db8  [ D2A6E9DBC3247613568D86DAC599DB52, 69B0DFD7C02FCF1FE0EA2A91EDE7F15843846A97EA91DB895143CF8D7693C1F5 ] SQLBrowser      C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
20:49:35.0450 0x0db8  SQLBrowser - ok
20:49:35.0559 0x0db8  [ F98DDFBFE0EE66D4C4B00693512B9527, 322FF75D1CA460368FD72ADCD93273F1D5AA5CF2C4DF65A94BF9ABAA2E695150 ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
20:49:35.0591 0x0db8  SQLWriter - ok
20:49:35.0637 0x0db8  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:49:35.0700 0x0db8  srv - ok
20:49:35.0731 0x0db8  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:49:35.0793 0x0db8  srv2 - ok
20:49:35.0840 0x0db8  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:49:35.0871 0x0db8  srvnet - ok
20:49:35.0887 0x0db8  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:49:35.0918 0x0db8  SSDPSRV - ok
20:49:35.0934 0x0db8  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:49:35.0949 0x0db8  SstpSvc - ok
20:49:36.0059 0x0db8  Steam Client Service - ok
20:49:36.0090 0x0db8  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
20:49:36.0105 0x0db8  stexstor - ok
20:49:36.0168 0x0db8  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\drivers\serscan.sys
20:49:36.0199 0x0db8  StillCam - ok
20:49:36.0246 0x0db8  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
20:49:36.0277 0x0db8  stisvc - ok
20:49:36.0308 0x0db8  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
20:49:36.0324 0x0db8  storflt - ok
20:49:36.0339 0x0db8  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
20:49:36.0371 0x0db8  StorSvc - ok
20:49:36.0386 0x0db8  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
20:49:36.0402 0x0db8  storvsc - ok
20:49:36.0464 0x0db8  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
20:49:36.0480 0x0db8  swenum - ok
20:49:36.0573 0x0db8  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
20:49:36.0636 0x0db8  swprv - ok
20:49:36.0807 0x0db8  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
20:49:36.0870 0x0db8  SysMain - ok
20:49:36.0885 0x0db8  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:49:36.0885 0x0db8  TabletInputService - ok
20:49:36.0948 0x0db8  [ 4F0C42022BB83B275FDB724AE476B686, 5B1BA742B3F166353B4A480968135D0615031A135116420D02E1C5AFB8D9A3F0 ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
20:49:36.0995 0x0db8  tap0901 - ok
20:49:37.0026 0x0db8  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:49:37.0057 0x0db8  TapiSrv - ok
20:49:37.0073 0x0db8  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
20:49:37.0104 0x0db8  TBS - ok
20:49:37.0260 0x0db8  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:49:37.0338 0x0db8  Tcpip - ok
20:49:37.0416 0x0db8  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
20:49:37.0478 0x0db8  TCPIP6 - ok
20:49:37.0509 0x0db8  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:49:37.0541 0x0db8  tcpipreg - ok
20:49:37.0572 0x0db8  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:49:37.0619 0x0db8  TDPIPE - ok
20:49:37.0681 0x0db8  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
20:49:37.0712 0x0db8  TDTCP - ok
20:49:37.0728 0x0db8  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:49:37.0775 0x0db8  tdx - ok
20:49:37.0915 0x0db8  [ BB676D2C7AD5E7131D12417E4691F9B9, C6DE7D8C08C2F059C696E9D63FC55692C8CB37FECF92F5A863D7D2C5AF3B425F ] Te.Service      C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe
20:49:37.0946 0x0db8  Te.Service - detected UnsignedFile.Multi.Generic ( 1 )
20:49:37.0946 0x0db8  Te.Service ( UnsignedFile.Multi.Generic ) - warning
20:49:37.0977 0x0db8  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
20:49:37.0993 0x0db8  TermDD - ok
20:49:38.0071 0x0db8  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
20:49:38.0133 0x0db8  TermService - ok
20:49:38.0149 0x0db8  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
20:49:38.0165 0x0db8  Themes - ok
20:49:38.0180 0x0db8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
20:49:38.0211 0x0db8  THREADORDER - ok
20:49:38.0258 0x0db8  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
20:49:38.0913 0x0db8  TrkWks - ok
20:49:38.0960 0x0db8  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:49:39.0007 0x0db8  TrustedInstaller - ok
20:49:39.0038 0x0db8  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:49:39.0116 0x0db8  tssecsrv - ok
20:49:39.0147 0x0db8  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
20:49:39.0179 0x0db8  TsUsbFlt - ok
20:49:39.0210 0x0db8  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
20:49:39.0225 0x0db8  TsUsbGD - ok
20:49:39.0257 0x0db8  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:49:39.0303 0x0db8  tunnel - ok
20:49:39.0319 0x0db8  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
20:49:39.0335 0x0db8  uagp35 - ok
20:49:39.0366 0x0db8  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:49:39.0413 0x0db8  udfs - ok
20:49:39.0444 0x0db8  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:49:39.0491 0x0db8  UI0Detect - ok
20:49:39.0506 0x0db8  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:49:39.0537 0x0db8  uliagpkx - ok
20:49:39.0553 0x0db8  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
20:49:39.0584 0x0db8  umbus - ok
20:49:39.0600 0x0db8  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
20:49:39.0615 0x0db8  UmPass - ok
20:49:39.0647 0x0db8  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
20:49:39.0740 0x0db8  UmRdpService - ok
20:49:39.0834 0x0db8  [ 67A95B9D129ED5399E7965CD09CF30E7, F1F2F684146F1CCB293BB9871117B8CFC1D04588A830F67CE5D3F0D034D93B2A ] UMVPFSrv        C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
20:49:39.0927 0x0db8  UMVPFSrv - ok
20:49:39.0959 0x0db8  [ 8F387A1CC015A3F5020700C657A0FC85, 6C3585887858F357C353102CAE5915A26B812C35374BF0126CE2AB1EF4A58EF8 ] UnsignedThemes  C:\Windows\UnsignedThemesSvc.exe
20:49:39.0974 0x0db8  UnsignedThemes - ok
20:49:40.0021 0x0db8  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
20:49:40.0130 0x0db8  upnphost - ok
20:49:40.0177 0x0db8  [ AA33FC47ED58C34E6E9261E4F850B7EB, C6388127CAA695434ABFB6C59A53C8544E67E414012DE5F21B36D035BB1BACC8 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
20:49:40.0208 0x0db8  USBAAPL64 - ok
20:49:40.0255 0x0db8  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
20:49:40.0317 0x0db8  usbaudio - ok
20:49:40.0364 0x0db8  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
20:49:40.0411 0x0db8  usbccgp - ok
20:49:40.0458 0x0db8  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
20:49:40.0505 0x0db8  usbcir - ok
20:49:40.0520 0x0db8  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
20:49:40.0567 0x0db8  usbehci - ok
20:49:40.0598 0x0db8  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
20:49:40.0645 0x0db8  usbhub - ok
20:49:40.0692 0x0db8  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
20:49:40.0723 0x0db8  usbohci - ok
20:49:40.0739 0x0db8  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
20:49:40.0785 0x0db8  usbprint - ok
20:49:40.0832 0x0db8  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
20:49:40.0863 0x0db8  usbscan - ok
20:49:40.0926 0x0db8  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:49:40.0957 0x0db8  USBSTOR - ok
20:49:40.0973 0x0db8  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
20:49:41.0019 0x0db8  usbuhci - ok
20:49:41.0082 0x0db8  [ 297EE9C666FC8BB96A232DB0DDBA1E49, C4A3BC7495034E32BB2E0100DB0D9A64EE70F65B0F629F4F099412D03ABE8178 ] uxpatch         C:\Windows\system32\drivers\uxpatch.sys
20:49:41.0097 0x0db8  uxpatch - ok
20:49:41.0113 0x0db8  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
20:49:41.0175 0x0db8  UxSms - ok
20:49:41.0207 0x0db8  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
20:49:41.0238 0x0db8  VaultSvc - ok
20:49:41.0269 0x0db8  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
20:49:41.0285 0x0db8  vdrvroot - ok
20:49:41.0331 0x0db8  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
20:49:41.0425 0x0db8  vds - ok
20:49:41.0456 0x0db8  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
20:49:41.0472 0x0db8  vga - ok
20:49:41.0519 0x0db8  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
20:49:41.0597 0x0db8  VgaSave - ok
20:49:41.0628 0x0db8  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
20:49:41.0659 0x0db8  vhdmp - ok
20:49:41.0690 0x0db8  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
20:49:41.0706 0x0db8  viaide - ok
20:49:41.0753 0x0db8  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
20:49:41.0799 0x0db8  vmbus - ok
20:49:41.0815 0x0db8  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
20:49:41.0862 0x0db8  VMBusHID - ok
20:49:41.0877 0x0db8  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:49:41.0893 0x0db8  volmgr - ok
20:49:41.0924 0x0db8  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:49:41.0955 0x0db8  volmgrx - ok
20:49:41.0987 0x0db8  [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:49:42.0002 0x0db8  volsnap - ok
20:49:42.0033 0x0db8  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
20:49:42.0049 0x0db8  vsmraid - ok
20:49:42.0314 0x0db8  [ F972436B5ED08069A1E7D623B77C226A, FA01505B5EC392ADE55019C22588D2F3608CBF9A6B03A44203F3587D372F8342 ] VSPerfDrv110    C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys
20:49:42.0345 0x0db8  VSPerfDrv110 - ok
20:49:42.0548 0x0db8  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
20:49:42.0704 0x0db8  VSS - ok
20:49:42.0735 0x0db8  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
20:49:42.0798 0x0db8  vwifibus - ok
20:49:42.0845 0x0db8  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
20:49:42.0938 0x0db8  W32Time - ok
20:49:42.0969 0x0db8  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
20:49:43.0001 0x0db8  WacomPen - ok
20:49:43.0032 0x0db8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
20:49:43.0110 0x0db8  WANARP - ok
20:49:43.0125 0x0db8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:49:43.0172 0x0db8  Wanarpv6 - ok
20:49:43.0235 0x0db8  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
20:49:43.0359 0x0db8  WatAdminSvc - ok
20:49:43.0453 0x0db8  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
20:49:43.0547 0x0db8  wbengine - ok
20:49:43.0578 0x0db8  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
20:49:43.0625 0x0db8  WbioSrvc - ok
20:49:43.0703 0x0db8  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:49:43.0749 0x0db8  wcncsvc - ok
20:49:43.0781 0x0db8  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:49:43.0796 0x0db8  WcsPlugInService - ok
20:49:43.0827 0x0db8  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
20:49:43.0827 0x0db8  Wd - ok
20:49:43.0874 0x0db8  [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
20:49:43.0905 0x0db8  WDC_SAM - ok
20:49:44.0015 0x0db8  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:49:44.0077 0x0db8  Wdf01000 - ok
20:49:44.0093 0x0db8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:49:44.0124 0x0db8  WdiServiceHost - ok
20:49:44.0139 0x0db8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:49:44.0155 0x0db8  WdiSystemHost - ok
20:49:44.0186 0x0db8  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
20:49:44.0233 0x0db8  WebClient - ok
20:49:44.0264 0x0db8  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:49:44.0327 0x0db8  Wecsvc - ok
20:49:44.0342 0x0db8  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:49:44.0373 0x0db8  wercplsupport - ok
20:49:44.0389 0x0db8  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:49:44.0405 0x0db8  WerSvc - ok
20:49:44.0420 0x0db8  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
20:49:44.0451 0x0db8  WfpLwf - ok
20:49:44.0483 0x0db8  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
20:49:44.0529 0x0db8  WIMMount - ok
20:49:44.0545 0x0db8  WinDefend - ok
20:49:44.0561 0x0db8  WinHttpAutoProxySvc - ok
20:49:44.0592 0x0db8  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:49:44.0639 0x0db8  Winmgmt - ok
20:49:44.0732 0x0db8  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
20:49:44.0873 0x0db8  WinRM - ok
20:49:44.0935 0x0db8  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUSB          C:\Windows\system32\DRIVERS\WinUSB.sys
20:49:44.0951 0x0db8  WinUSB - ok
20:49:44.0997 0x0db8  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
20:49:45.0044 0x0db8  Wlansvc - ok
20:49:45.0185 0x0db8  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:49:45.0231 0x0db8  wlidsvc - ok
20:49:45.0247 0x0db8  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
20:49:45.0263 0x0db8  WmiAcpi - ok
20:49:45.0294 0x0db8  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:49:45.0341 0x0db8  wmiApSrv - ok
20:49:45.0356 0x0db8  WMPNetworkSvc - ok
20:49:45.0450 0x0db8  [ 83B6CA03C846FCD47F9883D77D1EB27B, 1616DBBC95085B6618B7F884383507E2A54D561A41288E79FA6DC99218C02802 ] WMZuneComm      C:\Program Files\Zune\WMZuneComm.exe
20:49:45.0481 0x0db8  WMZuneComm - ok
20:49:45.0512 0x0db8  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:49:45.0512 0x0db8  WPCSvc - ok
20:49:45.0528 0x0db8  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:49:45.0559 0x0db8  WPDBusEnum - ok
20:49:45.0575 0x0db8  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:49:45.0606 0x0db8  ws2ifsl - ok
20:49:45.0653 0x0db8  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
20:49:45.0668 0x0db8  wscsvc - ok
20:49:45.0668 0x0db8  WSearch - ok
20:49:45.0777 0x0db8  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
20:49:45.0824 0x0db8  wuauserv - ok
20:49:45.0855 0x0db8  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:49:45.0918 0x0db8  WudfPf - ok
20:49:45.0965 0x0db8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
20:49:46.0011 0x0db8  WUDFRd - ok
20:49:46.0043 0x0db8  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:49:46.0074 0x0db8  wudfsvc - ok
20:49:46.0121 0x0db8  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
20:49:46.0167 0x0db8  WwanSvc - ok
20:49:46.0479 0x0db8  [ 67B787C34FB2888D01B130AE007042D8, E44878E53F265C89F271B08B81C129105E42D1C78C14467B2D96E28A9A428B1A ] ZuneNetworkSvc  C:\Program Files\Zune\ZuneNss.exe
20:49:46.0776 0x0db8  ZuneNetworkSvc - ok
20:49:46.0838 0x0db8  [ 4D89FC1C20CF655739EFAC5DA81A67BC, 788D0A5B9972ED6D80242C0C5E80AB0FAB44A708B896D5F724AC1559A291C8DD ] ZuneWlanCfgSvc  C:\Program Files\Zune\ZuneWlanCfgSvc.exe
20:49:46.0916 0x0db8  ZuneWlanCfgSvc - ok
20:49:46.0916 0x0db8  ================ Scan global ===============================
20:49:46.0932 0x0db8  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
20:49:47.0010 0x0db8  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
20:49:47.0057 0x0db8  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
20:49:47.0088 0x0db8  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
20:49:47.0150 0x0db8  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
20:49:47.0181 0x0db8  [ Global ] - ok
20:49:47.0181 0x0db8  ================ Scan MBR ==================================
20:49:47.0197 0x0db8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:49:47.0228 0x0db8  \Device\Harddisk0\DR0 - detected Rootkit.Boot.Sinowal.b ( 0 )
20:49:47.0228 0x0db8  \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - infected
20:49:47.0228 0x0db8  \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
20:49:47.0228 0x0db8  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
20:49:47.0244 0x0db8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
20:49:47.0478 0x0db8  \Device\Harddisk1\DR1 - ok
20:49:47.0478 0x0db8  ================ Scan VBR ==================================
20:49:47.0478 0x0db8  [ 7AA4656E7BF80A604C32924851B6C82A ] \Device\Harddisk0\DR0\Partition1
20:49:47.0478 0x0db8  \Device\Harddisk0\DR0\Partition1 - ok
20:49:47.0493 0x0db8  [ 0BF4D03E5BCF90362BE0F661A173F98E ] \Device\Harddisk1\DR1\Partition1
20:49:47.0509 0x0db8  \Device\Harddisk1\DR1\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
20:49:47.0509 0x0db8  \Device\Harddisk1\DR1\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
20:49:47.0509 0x0db8  ================ Scan active images ========================
20:49:47.0509 0x0db8  [ 3E588B60EC061686BA05D33574A344C6, 19D2D863F95CCC4493A2328B6BEB04248B6A80F957532E58C1D1D868C19FDCCB ] C:\Windows\System32\drivers\crashdmp.sys
20:49:47.0509 0x0db8  C:\Windows\System32\drivers\crashdmp.sys - ok
20:49:47.0525 0x0db8  [ 839B5FE3D48E9F35B22C21A3D5103F6C, A9CEA695E43092B72B0E988063E00A7C0BCE90095344E9A2F380218482BCE77F ] C:\Windows\System32\drivers\Dumpata.sys
20:49:47.0525 0x0db8  C:\Windows\System32\drivers\Dumpata.sys - ok
20:49:47.0525 0x0db8  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] C:\Windows\System32\drivers\msahci.sys
20:49:47.0525 0x0db8  C:\Windows\System32\drivers\msahci.sys - ok
20:49:47.0525 0x0db8  [ 814DB88F2641691575A455CF25354098, 79C50F0CD72612733217A0316BEFEA0B6D819C3159D9452EAB89AC26A18A0F89 ] C:\Windows\System32\drivers\dumpfve.sys
20:49:47.0525 0x0db8  C:\Windows\System32\drivers\dumpfve.sys - ok
20:49:47.0525 0x0db8  [ 400582B09E0BB557D0EC28A945150EEB, 605AC0DF14F9F64B72604968CC4C02725E8D5C879D6DB1B2B5D9598B902FC9D0 ] C:\Windows\System32\drivers\dtsoftbus01.sys
20:49:47.0525 0x0db8  C:\Windows\System32\drivers\dtsoftbus01.sys - ok
20:49:47.0540 0x0db8  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] C:\Windows\System32\drivers\beep.sys
20:49:47.0540 0x0db8  C:\Windows\System32\drivers\beep.sys - ok
20:49:47.0540 0x0db8  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] C:\Windows\System32\drivers\cdrom.sys
20:49:47.0540 0x0db8  C:\Windows\System32\drivers\cdrom.sys - ok
20:49:47.0540 0x0db8  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] C:\Windows\System32\drivers\null.sys
20:49:47.0540 0x0db8  C:\Windows\System32\drivers\null.sys - ok
20:49:47.0540 0x0db8  [ E097728129E7B79BF1089D7AEF42332B, D470F05F8F7005C77BBDC01B499F4E3DEA6BDBCA182BA7064ABFB576980EE858 ] C:\Windows\System32\drivers\ehdrv.sys
20:49:47.0540 0x0db8  C:\Windows\System32\drivers\ehdrv.sys - ok
20:49:47.0556 0x0db8  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] C:\Windows\System32\drivers\vga.sys
20:49:47.0556 0x0db8  C:\Windows\System32\drivers\vga.sys - ok
20:49:47.0556 0x0db8  [ E7353D59C9842BC7299FAEB7E7E09340, C37ED1025E07BAC2F535DCFED6C6C509515D95722EADE5AF94F1FC5D8B1DC783 ] C:\Windows\System32\drivers\videoprt.sys
20:49:47.0556 0x0db8  C:\Windows\System32\drivers\videoprt.sys - ok
20:49:47.0556 0x0db8  [ FC438D1430B28618E2D0C7C332A710AD, 873957B202E454E2C8F625E5799F278CAC16EC5EEAEE2C33E2FE5D1FF0408CB2 ] C:\Windows\System32\drivers\watchdog.sys
20:49:47.0556 0x0db8  C:\Windows\System32\drivers\watchdog.sys - ok
20:49:47.0556 0x0db8  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] C:\Windows\System32\drivers\RDPCDD.sys
20:49:47.0556 0x0db8  C:\Windows\System32\drivers\RDPCDD.sys - ok
20:49:47.0556 0x0db8  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] C:\Windows\System32\drivers\RDPENCDD.sys
20:49:47.0556 0x0db8  C:\Windows\System32\drivers\RDPENCDD.sys - ok
20:49:47.0556 0x0db8  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] C:\Windows\System32\drivers\RDPREFMP.sys
20:49:47.0556 0x0db8  C:\Windows\System32\drivers\RDPREFMP.sys - ok
20:49:47.0556 0x0db8  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] C:\Windows\System32\drivers\msfs.sys
20:49:47.0556 0x0db8  C:\Windows\System32\drivers\msfs.sys - ok
20:49:47.0571 0x0db8  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] C:\Windows\System32\drivers\npfs.sys
20:49:47.0571 0x0db8  C:\Windows\System32\drivers\npfs.sys - ok
20:49:47.0571 0x0db8  [ 6F020A220388ECA0AB6062DC27BD16B6, 48655230E482DEB7B4B50EF05818EBB29CA61E780AEFCD9D31B02DE4DF9D9540 ] C:\Windows\System32\drivers\tdi.sys
20:49:47.0571 0x0db8  C:\Windows\System32\drivers\tdi.sys - ok
20:49:47.0571 0x0db8  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] C:\Windows\System32\drivers\tdx.sys
20:49:47.0571 0x0db8  C:\Windows\System32\drivers\tdx.sys - ok
20:49:47.0571 0x0db8  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] C:\Windows\System32\drivers\afd.sys
20:49:47.0571 0x0db8  C:\Windows\System32\drivers\afd.sys - ok
20:49:47.0571 0x0db8  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] C:\Windows\System32\drivers\netbt.sys
20:49:47.0571 0x0db8  C:\Windows\System32\drivers\netbt.sys - ok
20:49:47.0571 0x0db8  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] C:\Windows\System32\drivers\netbios.sys
20:49:47.0571 0x0db8  C:\Windows\System32\drivers\netbios.sys - ok
20:49:47.0571 0x0db8  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] C:\Windows\System32\drivers\pacer.sys
20:49:47.0571 0x0db8  C:\Windows\System32\drivers\pacer.sys - ok
20:49:47.0587 0x0db8  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] C:\Windows\System32\drivers\rdbss.sys
20:49:47.0587 0x0db8  C:\Windows\System32\drivers\rdbss.sys - ok
20:49:47.0587 0x0db8  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] C:\Windows\System32\drivers\termdd.sys
20:49:47.0587 0x0db8  C:\Windows\System32\drivers\termdd.sys - ok
20:49:47.0587 0x0db8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] C:\Windows\System32\drivers\wanarp.sys
20:49:47.0587 0x0db8  C:\Windows\System32\drivers\wanarp.sys - ok
20:49:47.0587 0x0db8  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] C:\Windows\System32\drivers\wfplwf.sys
20:49:47.0587 0x0db8  C:\Windows\System32\drivers\wfplwf.sys - ok
20:49:47.0587 0x0db8  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] C:\Windows\System32\drivers\ws2ifsl.sys
20:49:47.0587 0x0db8  C:\Windows\System32\drivers\ws2ifsl.sys - ok
20:49:47.0587 0x0db8  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] C:\Windows\System32\drivers\csc.sys
20:49:47.0587 0x0db8  C:\Windows\System32\drivers\csc.sys - ok
20:49:47.0587 0x0db8  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] C:\Windows\System32\drivers\discache.sys
20:49:47.0587 0x0db8  C:\Windows\System32\drivers\discache.sys - ok
20:49:47.0603 0x0db8  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] C:\Windows\System32\drivers\mssmbios.sys
20:49:47.0603 0x0db8  C:\Windows\System32\drivers\mssmbios.sys - ok
20:49:47.0603 0x0db8  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] C:\Windows\System32\drivers\nsiproxy.sys
20:49:47.0603 0x0db8  C:\Windows\System32\drivers\nsiproxy.sys - ok
20:49:47.0603 0x0db8  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] C:\Windows\System32\drivers\blbdrive.sys
20:49:47.0603 0x0db8  C:\Windows\System32\drivers\blbdrive.sys - ok
20:49:47.0603 0x0db8  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] C:\Windows\System32\drivers\dfsc.sys
20:49:47.0603 0x0db8  C:\Windows\System32\drivers\dfsc.sys - ok
20:49:47.0603 0x0db8  [ EFF6DE9E131F911B8599BE6C9A915904, F6C48F9E642D1D0850ABE19ED62441283B90B2007A4C79B2E863B309C6AF17D7 ] C:\Windows\System32\drivers\RzDxgk.sys
20:49:47.0603 0x0db8  C:\Windows\System32\drivers\RzDxgk.sys - ok
20:49:47.0603 0x0db8  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] C:\Windows\System32\drivers\tunnel.sys
20:49:47.0603 0x0db8  C:\Windows\System32\drivers\tunnel.sys - ok
20:49:47.0603 0x0db8  [ CAAAC014C5C56A69F710B5F1B836DE22, DA98EF2EBF9A7F180344A88CC2C74F69101E17BBAB58B1C46176FD6EE7AA2E6A ] C:\Windows\System32\ntdll.dll
20:49:47.0603 0x0db8  C:\Windows\System32\ntdll.dll - ok
20:49:47.0618 0x0db8  [ F0970A4BC8395659C22BF53D0FADF16F, 23BE3066D89A5ACBF8130899640D377476E78B6C3D19E2D13C32238464A83E21 ] C:\Windows\System32\smss.exe
20:49:47.0618 0x0db8  C:\Windows\System32\smss.exe - ok
20:49:47.0618 0x0db8  [ FEF9DD9EA587F8886ADE43C1BEFBDAFE, DDE6F28B3F7F2ABBEE59D4864435108791631E9CB4CDFB1F178E5AA9859956D8 ] C:\Windows\SysWOW64\drivers\AsIO.sys
20:49:47.0618 0x0db8  C:\Windows\SysWOW64\drivers\AsIO.sys - ok
20:49:47.0618 0x0db8  [ 1392B92179B07B672720763D9B1028A5, B4D47EA790920A4531E3DF5A4B4B0721B7FEA6B49A35679F0652F1E590422602 ] C:\Windows\SysWOW64\drivers\AsUpIO.sys
20:49:47.0618 0x0db8  C:\Windows\SysWOW64\drivers\AsUpIO.sys - ok
20:49:47.0618 0x0db8  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] C:\Windows\System32\drivers\dxgkrnl.sys
20:49:47.0618 0x0db8  C:\Windows\System32\drivers\dxgkrnl.sys - ok
20:49:47.0618 0x0db8  [ 1F04CFB79DD5FB7694468CE3FB3DCC31, A40C0BF6D1EC6C4281611A830EA7B22FEF523A3E197E5A8F59332D64E90376B6 ] C:\Windows\System32\drivers\dxgmms1.sys
20:49:47.0618 0x0db8  C:\Windows\System32\drivers\dxgmms1.sys - ok
20:49:47.0618 0x0db8  [ 3B536A8BEC3B4F23FFDFD78B11A2AB93, 7BC847CE6C2D29C334F0D1600BBBDE3933FF45F6BEE5186F442E6270A3F9EC4E ] C:\Windows\System32\autochk.exe
20:49:47.0618 0x0db8  C:\Windows\System32\autochk.exe - ok
20:49:47.0618 0x0db8  [ E72EEF6B0FF8872538FF4A37AB112206, 32D7023C36C9A572E7383D1FA247C868E2A8D5B1F99FC8C672282E1FCD3F2472 ] C:\Windows\System32\drivers\atikmpag.sys
20:49:47.0618 0x0db8  C:\Windows\System32\drivers\atikmpag.sys - ok
20:49:47.0634 0x0db8  [ 755D08758837EB5E54875C17531D0FEE, 9BAA7E45E9C344B16AA9E79989EF28E423E4C0F9ABD0B640B737B781F1EA5736 ] C:\Windows\System32\drivers\atikmdag.sys
20:49:47.0634 0x0db8  C:\Windows\System32\drivers\atikmdag.sys - ok
20:49:47.0634 0x0db8  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] C:\Windows\System32\drivers\hdaudbus.sys
20:49:47.0634 0x0db8  C:\Windows\System32\drivers\hdaudbus.sys - ok
20:49:47.0634 0x0db8  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] C:\Windows\System32\drivers\HECIx64.sys
20:49:47.0634 0x0db8  C:\Windows\System32\drivers\HECIx64.sys - ok
20:49:47.0634 0x0db8  [ 6BAFD9819D9FEC2EDBAEBC8493C711A4, 689A30C9F881D8C49F90A6C75DA816055B43B84776E815C1DE80B3933ADBB174 ] C:\Windows\System32\drivers\e1c62x64.sys
20:49:47.0634 0x0db8  C:\Windows\System32\drivers\e1c62x64.sys - ok
20:49:47.0634 0x0db8  [ 12FEB33791920678F8433701C822BCFD, 7D1AD944CF0532D5AF951ACCE064EA9288F068964603674854CD7658D2B96039 ] C:\Windows\System32\drivers\usbport.sys
20:49:47.0634 0x0db8  C:\Windows\System32\drivers\usbport.sys - ok
20:49:47.0634 0x0db8  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] C:\Windows\System32\drivers\agilevpn.sys
20:49:47.0634 0x0db8  C:\Windows\System32\drivers\agilevpn.sys - ok
20:49:47.0634 0x0db8  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] C:\Windows\System32\drivers\CompositeBus.sys
20:49:47.0634 0x0db8  C:\Windows\System32\drivers\CompositeBus.sys - ok
20:49:47.0649 0x0db8  [ E403AACF8C7BB11375122D2464560311, 0427B8FFD999D256EA1A5135F218692959A7577CB32354D3087CF0FB4F0577DF ] C:\Windows\System32\drivers\GEARAspiWDM.sys
20:49:47.0649 0x0db8  C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
20:49:47.0649 0x0db8  [ C1010ADD3DDAE1196ED21057AF7B2AAE, 68196851855AD395008D7F29FCEB28BA4BEB1F062B1844A60813E7DD102ACB1C ] C:\Windows\System32\drivers\ICCWDT.sys
20:49:47.0649 0x0db8  C:\Windows\System32\drivers\ICCWDT.sys - ok
20:49:47.0649 0x0db8  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] C:\Windows\System32\drivers\intelppm.sys
20:49:47.0649 0x0db8  C:\Windows\System32\drivers\intelppm.sys - ok
20:49:47.0649 0x0db8  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] C:\Windows\System32\drivers\usbehci.sys
20:49:47.0649 0x0db8  C:\Windows\System32\drivers\usbehci.sys - ok
20:49:47.0649 0x0db8  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] C:\Windows\System32\drivers\wmiacpi.sys
20:49:47.0649 0x0db8  C:\Windows\System32\drivers\wmiacpi.sys - ok
20:49:47.0649 0x0db8  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] C:\Windows\System32\drivers\ndistapi.sys
20:49:47.0649 0x0db8  C:\Windows\System32\drivers\ndistapi.sys - ok
20:49:47.0649 0x0db8  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] C:\Windows\System32\drivers\ndiswan.sys
20:49:47.0649 0x0db8  C:\Windows\System32\drivers\ndiswan.sys - ok
20:49:47.0665 0x0db8  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] C:\Windows\System32\drivers\rasl2tp.sys
20:49:47.0665 0x0db8  C:\Windows\System32\drivers\rasl2tp.sys - ok
20:49:47.0665 0x0db8  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] C:\Windows\System32\drivers\raspppoe.sys
20:49:47.0665 0x0db8  C:\Windows\System32\drivers\raspppoe.sys - ok
20:49:47.0665 0x0db8  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] C:\Windows\System32\drivers\raspptp.sys
20:49:47.0665 0x0db8  C:\Windows\System32\drivers\raspptp.sys - ok
20:49:47.0665 0x0db8  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] C:\Windows\System32\drivers\rassstp.sys
20:49:47.0665 0x0db8  C:\Windows\System32\drivers\rassstp.sys - ok
20:49:47.0665 0x0db8  [ A83A91D07D1FE6BBE7A9DB46CA00434B, 9EF851047189E13954C0F6A325E4843914C423C0D1EDAE21A34AB3A962BBD5AC ] C:\Windows\System32\drivers\btath_bus.sys
20:49:47.0665 0x0db8  C:\Windows\System32\drivers\btath_bus.sys - ok
20:49:47.0665 0x0db8  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] C:\Windows\System32\drivers\kbdclass.sys
20:49:47.0665 0x0db8  C:\Windows\System32\drivers\kbdclass.sys - ok
20:49:47.0665 0x0db8  [ 24FBF5CC5C04150073C315A7C83521EE, 581BD5F15B5E57B3BAA762E421FFD859FDA46DDB8515C2A7AAFF208D784E906C ] C:\Windows\System32\drivers\ks.sys
20:49:47.0665 0x0db8  C:\Windows\System32\drivers\ks.sys - ok
20:49:47.0681 0x0db8  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] C:\Windows\System32\drivers\mouclass.sys
20:49:47.0681 0x0db8  C:\Windows\System32\drivers\mouclass.sys - ok
20:49:47.0681 0x0db8  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] C:\Windows\System32\drivers\rdpbus.sys
20:49:47.0681 0x0db8  C:\Windows\System32\drivers\rdpbus.sys - ok
20:49:47.0681 0x0db8  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] C:\Windows\System32\drivers\swenum.sys
20:49:47.0681 0x0db8  C:\Windows\System32\drivers\swenum.sys - ok
20:49:47.0681 0x0db8  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] C:\Windows\System32\drivers\umbus.sys
20:49:47.0681 0x0db8  C:\Windows\System32\drivers\umbus.sys - ok
20:49:47.0681 0x0db8  [ 796B47A4B82EF1C39F13435B88834C48, AFC3E89476BAAD8A71663F0DB8D15E00FF9D131F1306A2F69D728E3AD1184602 ] C:\Windows\System32\lpk.dll
20:49:47.0681 0x0db8  C:\Windows\System32\lpk.dll - ok
20:49:47.0681 0x0db8  [ C391FC68282A000CDF953F8B6B55D2EF, 1CB0DAB84545D9FDEA5A7865A1E7132CEAC91DECF8B100285B63098D7B09E584 ] C:\Windows\System32\msvcrt.dll
20:49:47.0681 0x0db8  C:\Windows\System32\msvcrt.dll - ok
20:49:47.0681 0x0db8  [ 9835E63E09F824D22B689D2BB789BAB9, 5BCFFAFB894D69FBCDDB91E64D30A356F4BD57098E8B4C51B98AFAF6581BDB63 ] C:\Windows\System32\comdlg32.dll
20:49:47.0681 0x0db8  C:\Windows\System32\comdlg32.dll - ok
20:49:47.0681 0x0db8  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] C:\Windows\System32\drivers\usbhub.sys
20:49:47.0681 0x0db8  C:\Windows\System32\drivers\usbhub.sys - ok
20:49:47.0696 0x0db8  [ C431EAF5CAA1C82CAC2534A2EAB348A3, ADDF850128DC675E67FABA9A3D0D27E684F01F733962CA22927BB94503549E44 ] C:\Windows\System32\msctf.dll
20:49:47.0696 0x0db8  C:\Windows\System32\msctf.dll - ok
20:49:47.0696 0x0db8  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] C:\Windows\System32\drivers\ndproxy.sys
20:49:47.0696 0x0db8  C:\Windows\System32\drivers\ndproxy.sys - ok
20:49:47.0696 0x0db8  [ E0D3CD5841E5C7BE7B94BA946AF1E498, 4EAE1B226255623DA41A047633994D6902F6D4CA5757BF5D85E227378336227F ] C:\Windows\System32\drivers\drmk.sys
20:49:47.0696 0x0db8  C:\Windows\System32\drivers\drmk.sys - ok
20:49:47.0696 0x0db8  [ 1E0B4CBBA91C6B041A14ECC2186F7E24, 63039A317F906454A0652704DA2D646658A148B9B55BFB5D2F4B27997F357DF9 ] C:\Windows\System32\drivers\portcls.sys
20:49:47.0696 0x0db8  C:\Windows\System32\drivers\portcls.sys - ok
20:49:47.0696 0x0db8  [ C22D4905DDDF73EB0349D3B0604234A2, F86220290663FA95F3D8181D41F9D105634A62D50856BCEB174B9675F8DD7669 ] C:\Windows\System32\drivers\AtihdW76.sys
20:49:47.0696 0x0db8  C:\Windows\System32\drivers\AtihdW76.sys - ok
20:49:47.0696 0x0db8  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] C:\Windows\System32\drivers\ksthunk.sys
20:49:47.0696 0x0db8  C:\Windows\System32\drivers\ksthunk.sys - ok
20:49:47.0696 0x0db8  [ FE70103391A64039A921DBFFF9C7AB1B, F7D219D75037BC98F6C69143B00AB6000A31F8B5E211E0AF514F4F4B681522A0 ] C:\Windows\System32\user32.dll
20:49:47.0696 0x0db8  C:\Windows\System32\user32.dll - ok
20:49:47.0712 0x0db8  [ 5D8E6C95156ED1F79A63D1EADE6F9ED5, 12130837D7F89A2C7E9D25747A8E5B9001E0A38D545178B49B450C23AE62664A ] C:\Windows\System32\setupapi.dll
20:49:47.0712 0x0db8  C:\Windows\System32\setupapi.dll - ok
20:49:47.0712 0x0db8  [ 044FE45FFD6AD40E3BBBE60B7F41BABE, A1688A5E6E0F7037C850699462C2655006A7D873C97F9AB406C59D81749B6F09 ] C:\Windows\System32\nsi.dll
20:49:47.0712 0x0db8  C:\Windows\System32\nsi.dll - ok
20:49:47.0712 0x0db8  [ 63A580C88CFAF72A92550940054569EF, A66C89123D1833446ACC31D5CF536B0D0EC24D2F805C022A637596CF98429D9F ] C:\Windows\System32\advapi32.dll
20:49:47.0712 0x0db8  C:\Windows\System32\advapi32.dll - ok
20:49:47.0712 0x0db8  [ F947D57534E01E3CA597BCF2AD8AE65B, 498A87443CE3344F82B19D4903F128337B5B3DA49D3C208F796394DA6B3A8946 ] C:\Windows\System32\rpcrt4.dll
20:49:47.0712 0x0db8  C:\Windows\System32\rpcrt4.dll - ok
20:49:47.0712 0x0db8  [ C06B32165E23A72A898B7A89679AD754, 721405158F6E9F1A7FE7BB33EF642D91332726629D0D3B07DF3CF3152A91C85D ] C:\Windows\System32\oleaut32.dll
20:49:47.0712 0x0db8  C:\Windows\System32\oleaut32.dll - ok
20:49:47.0712 0x0db8  [ 83404DCBCE4925B6A5A77C5170F46D86, D669614D0B4461DB244AD99FBE1BA92CEB9B4ED5EC8E987E23764E77D9AC7074 ] C:\Windows\System32\sechost.dll
20:49:47.0712 0x0db8  C:\Windows\System32\sechost.dll - ok
20:49:47.0712 0x0db8  [ B4F29F65AD3114051F01E9403346047F, 7EB58545211C51E95B3F45C47C1F7CCE05B707D168E7C20F46D36E19EE3D8DFC ] C:\Windows\System32\imagehlp.dll
20:49:47.0712 0x0db8  C:\Windows\System32\imagehlp.dll - ok
20:49:47.0712 0x0db8  [ AE57F6C7AB3ED244B5F14151C4EA0057, 60BAF0909C60B2387E2972EBBC77140E9E982549F0746EE26AF4EFB4E9FD77A4 ] C:\Windows\System32\shell32.dll
20:49:47.0712 0x0db8  C:\Windows\System32\shell32.dll - ok
20:49:47.0727 0x0db8  [ 25983DE69B57142039AC8D95E71CD9C9, A677DA7EBCBCB6073D27E8A38809F51E971E83ED379BC599AAAD6EF4216348DA ] C:\Windows\System32\clbcatq.dll
20:49:47.0727 0x0db8  C:\Windows\System32\clbcatq.dll - ok
20:49:47.0727 0x0db8  [ 28C0B5024F5C5A438E78B188CFC81B7F, AB81FB63F2908CE316B45609077ACBD85F4B2AAD1606B1E9030F06DB82EDDFAD ] C:\Windows\System32\normaliz.dll
20:49:47.0727 0x0db8  C:\Windows\System32\normaliz.dll - ok
20:49:47.0727 0x0db8  [ EAF32CB8C1F810E4715B4DFBE785C7FF, DB6AD07FDED42433E669508AB73FAFF6DAFF04575D6F1D016FE3EB6ECEC4DD5D ] C:\Windows\System32\shlwapi.dll
20:49:47.0727 0x0db8  C:\Windows\System32\shlwapi.dll - ok
20:49:47.0727 0x0db8  [ F7CE0C81C545364020ED8203CF0A633E, 24B47A7492B7048096AF87E26786E8108455ADBD1A374B6A0466DE008505B8A9 ] C:\Windows\System32\difxapi.dll
20:49:47.0727 0x0db8  C:\Windows\System32\difxapi.dll - ok
20:49:47.0727 0x0db8  [ DB382D89D8004F40BD2C55BAE6A15B30, DC67D4B9C19F4217EB53483BB662688BAE9561ED7621F14F82F949E232C1B7B9 ] C:\Windows\System32\iertutil.dll
20:49:47.0727 0x0db8  C:\Windows\System32\iertutil.dll - ok
20:49:47.0727 0x0db8  [ AA2C08CE85653B1A0D2E4AB407FA176C, 83DFD0C119B20AEDB07114C9D1CF9CE2DFA938D0F1070256B0591A9E2C3997FA ] C:\Windows\System32\imm32.dll
20:49:47.0727 0x0db8  C:\Windows\System32\imm32.dll - ok
20:49:47.0727 0x0db8  [ 4E4FFB09D895AA000DD56D1404F69A7E, D999E04BB35780088480EAB322176570591A21E311D204BDCAB010A63B34D24C ] C:\Windows\System32\Wldap32.dll
20:49:47.0727 0x0db8  C:\Windows\System32\Wldap32.dll - ok
20:49:47.0727 0x0db8  [ 4BBFA57F594F7E8A8EDC8F377184C3F0, 9F3AC5DEA5A6250C3DBB97AF79C81C0A48429486521F807355A1D7D3D861B75F ] C:\Windows\System32\ws2_32.dll
20:49:47.0727 0x0db8  C:\Windows\System32\ws2_32.dll - ok
20:49:47.0743 0x0db8  [ 8E71A5CB5312B8392D4DA4CA37BB5868, 11D195DCD05BF99591D3AA8D8B7F5580F0546C87F89A69955B9E7DC035E45049 ] C:\Windows\System32\wininet.dll
20:49:47.0743 0x0db8  C:\Windows\System32\wininet.dll - ok
20:49:47.0743 0x0db8  [ 860528C9E50AB84935843B23A80E665E, 1BBC4FC384A2C9B2E30DC8D84C435A6A8E1993F074CDBF0A6A3AC774A3E62AD4 ] C:\Windows\System32\gdi32.dll
20:49:47.0743 0x0db8  C:\Windows\System32\gdi32.dll - ok
20:49:47.0743 0x0db8  [ 088CF6AFCD5CDD44E40C0ACDE3C1A5E0, AC6AFCAE3A58AAABC972B3D6A1ED383A59910C689F38D9D4A059A0A535BA1039 ] C:\Windows\System32\usp10.dll
20:49:47.0743 0x0db8  C:\Windows\System32\usp10.dll - ok
20:49:47.0743 0x0db8  [ 6C60B5ACA7442EFB794082CDACFC001C, FC1D9124856A70FF232EF3057D66BEE803295847624CE23B4D0217F23AF52C75 ] C:\Windows\System32\ole32.dll
20:49:47.0743 0x0db8  C:\Windows\System32\ole32.dll - ok
20:49:47.0743 0x0db8  [ FE7D99399F7761AA2695A7B1AD30DAAF, 5389FFA5780DDA99A29F8BDFC8938EFDC10335B2B70449B9E9A7D4B122314479 ] C:\Windows\System32\urlmon.dll
20:49:47.0743 0x0db8  C:\Windows\System32\urlmon.dll - ok
20:49:47.0743 0x0db8  [ D2A513EE880D71BDE7F0257F38B9D019, 7BDBFEA312061C0498E4C09EF5E4B3AAA23309E7448028F67EAA6F8F7188E871 ] C:\Windows\System32\kernel32.dll
20:49:47.0743 0x0db8  C:\Windows\System32\kernel32.dll - ok
20:49:47.0743 0x0db8  [ 589B94A9B73A0E819FF873743A480834, 49FA8EC38F1C78F38F818CC28F2734802739247F0B89A971D65FDAF3110041A8 ] C:\Windows\System32\drivers\RTKVHD64.sys
20:49:47.0743 0x0db8  C:\Windows\System32\drivers\RTKVHD64.sys - ok
20:49:47.0743 0x0db8  [ F49E92B50CED5C9F1725D3C0329FD933, 6155FA4D8242F07FC578FF746890C2EE19FC3D6A20ED8AE4C6F021DB2DAC184F ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
20:49:47.0743 0x0db8  C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
20:49:47.0759 0x0db8  [ D87E1E59C73C1F98D5DED5B3850C40F5, 536419BFF9F877D4314B5D0C045D9A6E729489C389863FADF07E382050BC84FD ] C:\Windows\System32\psapi.dll
20:49:47.0759 0x0db8  C:\Windows\System32\psapi.dll - ok
20:49:47.0759 0x0db8  [ 9028D1621C43DF8DFBD1C76860412A11, A1D48D9B33180BDE50D2FA9BB07E9520B7B7788C39B3AABB4A06AE4B1AACA755 ] C:\Windows\System32\comctl32.dll
20:49:47.0759 0x0db8  C:\Windows\System32\comctl32.dll - ok
20:49:47.0759 0x0db8  [ AFC3DB5C6EB8CA8017DDB81D6C0AD02A, 445C2857398252756FD25BB94DAFCCEFF573DE55F1F8BF9094C191F409FE6437 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
20:49:47.0759 0x0db8  C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
20:49:47.0759 0x0db8  [ 780F6ECC4F55D76C9730E6B6C9B31913, 1AEA642AFA210A672A92AAA49CFDE52D9E48ED41248F7644FAADE760E8A0E72E ] C:\Windows\System32\crypt32.dll
20:49:47.0759 0x0db8  C:\Windows\System32\crypt32.dll - ok
20:49:47.0759 0x0db8  [ 64A4AB126E24FD3F58EBE64852773DB5, ED425BBC91EB8BEF54C363036A770C551C97EF324F1AE31049CA750D0E2D6776 ] C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
20:49:47.0759 0x0db8  C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
20:49:47.0759 0x0db8  [ 0E6FBF19D9DFBB77316C23DF91F8A101, 680F88E1BC55EA3342AACE6F2E3511BF877AC8F03276D028FEE84EEFE8B5611A ] C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
20:49:47.0759 0x0db8  C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
20:49:47.0759 0x0db8  [ 72723D3E4781BADC62C3180C137E7B23, 0BDA5292928578C5DA79C761E15B8A892B9D4A3DA26D3635E714797C653CF492 ] C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
20:49:47.0759 0x0db8  C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll - ok
20:49:47.0774 0x0db8  [ 9094039A00485F71C4DE64BF51F64C46, 4ACFEF4C747ADF806A4FDEDDFD9CC48168DFB05075306C77D3F3927749DD7484 ] C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
20:49:47.0774 0x0db8  C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll - ok
20:49:47.0774 0x0db8  [ 06FEC9E8117103BB1141A560E98077DA, C5E61B11DDBBBBBA3D9488970524F0975EA5FBDF16E2FA31F579F8BFA48353B1 ] C:\Windows\System32\devobj.dll
20:49:47.0774 0x0db8  C:\Windows\System32\devobj.dll - ok
20:49:47.0774 0x0db8  [ 959041D7014C97133D859B45BCA0FC58, 282D34828DA7404470949483CB9789A8B4861D188093F0FBD07138A37F60B94B ] C:\Windows\System32\wintrust.dll
20:49:47.0774 0x0db8  C:\Windows\System32\wintrust.dll - ok
20:49:47.0774 0x0db8  [ 2477A28081BDAEE622CF045ACF8EE124, 00A09CAF9129E84FEEA98FA03CE9012C9F961B64FEE15C4F268822C0F82ACC3C ] C:\Windows\System32\cfgmgr32.dll
20:49:47.0774 0x0db8  C:\Windows\System32\cfgmgr32.dll - ok
20:49:47.0774 0x0db8  [ 851BB346CD59D9B3BC8854384C7DD5C3, 0CA1BCBDA6CB8CAC1186B3BE13C3937EDF46264FDFFCEBDF94C7EB10DE957DC6 ] C:\Windows\System32\KernelBase.dll
20:49:47.0774 0x0db8  C:\Windows\System32\KernelBase.dll - ok
20:49:47.0774 0x0db8  [ 7A17485DC7D8A7AC81321A42CD034519, 88D8705FA901793FC8C1CFD0175E49A6502BF0FC94A066BA573D2FD13AA5F04A ] C:\Windows\System32\userenv.dll
20:49:47.0774 0x0db8  C:\Windows\System32\userenv.dll - ok
20:49:47.0774 0x0db8  [ 884415BD4269C02EAF8E2613BF85500D, EFE771709EC942694FD206AC8D0A48ED7DCD35036F074268E4AECD68AC982CEA ] C:\Windows\System32\msasn1.dll
20:49:47.0774 0x0db8  C:\Windows\System32\msasn1.dll - ok
20:49:47.0774 0x0db8  [ 2C942733A5983DD4502219FF37C7EBC7, 34B20B6B0D7274E4B5B783F1D2345BC3DD9888964D5C2C65712F041A00CF5B45 ] C:\Windows\System32\profapi.dll
20:49:47.0774 0x0db8  C:\Windows\System32\profapi.dll - ok
20:49:47.0790 0x0db8  [ 9C278785347BCC991F8EA2999D90F58D, EA680C3642A6ABF627415AEE019956FAC702DC6A8F4B4D0FC8A4FB21EADD3896 ] C:\Windows\SysWOW64\normaliz.dll
20:49:47.0790 0x0db8  C:\Windows\SysWOW64\normaliz.dll - ok
20:49:47.0790 0x0db8  [ BF24D6F2ED97FE830BFD52B246F98E67, 6BBF4C4221A245462EF653798F6B416EEB12594AD1CB4E8BC8908A8CB2F53384 ] C:\Windows\System32\drivers\dxapi.sys
20:49:47.0790 0x0db8  C:\Windows\System32\drivers\dxapi.sys - ok
20:49:47.0790 0x0db8  [ A347EF56B7CD8360B3EF7772FEA597B9, 29FD47110ED21C4F0178C065AD05789A8387B6704CE1BA94C851C9785662CF95 ] C:\Windows\System32\win32k.sys
20:49:47.0790 0x0db8  C:\Windows\System32\win32k.sys - ok
20:49:47.0790 0x0db8  [ 216BABD555BC550952320EEA89C25DDF, 1BBB92415280032CD18F361382A69D0D91266AAD56FC88A99C804B0053743D72 ] C:\Windows\System32\csrsrv.dll
20:49:47.0790 0x0db8  C:\Windows\System32\csrsrv.dll - ok
20:49:47.0790 0x0db8  [ 60C2862B4BF0FD9F582EF344C2B1EC72, CB1C6018FC5C15483AC5BB96E5C2E2E115BB0C0E1314837D77201BAB37E8C03A ] C:\Windows\System32\csrss.exe
20:49:47.0790 0x0db8  C:\Windows\System32\csrss.exe - ok
20:49:47.0790 0x0db8  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\System32\basesrv.dll
20:49:47.0790 0x0db8  C:\Windows\System32\basesrv.dll - ok
20:49:47.0790 0x0db8  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\System32\winsrv.dll
20:49:47.0790 0x0db8  C:\Windows\System32\winsrv.dll - ok
20:49:47.0790 0x0db8  [ FFA06EF43987ED0DD42AD59B260C0C78, 260518D5E077E55E0F2099037DBEFA93016FD4D4655456DDB3147AF9CBE7BF6B ] C:\Windows\System32\drivers\usbd.sys
20:49:47.0790 0x0db8  C:\Windows\System32\drivers\usbd.sys - ok
20:49:47.0805 0x0db8  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] C:\Windows\System32\drivers\usbccgp.sys
20:49:47.0805 0x0db8  C:\Windows\System32\drivers\usbccgp.sys - ok
20:49:47.0805 0x0db8  [ 597C3699384E53CC59587ED50CCE5CA2, 4F61E9B5BEB3BD1634D733983381E516664BD7E250DF4B0150B168E05EFD652A ] C:\Windows\System32\drivers\hidclass.sys
20:49:47.0805 0x0db8  C:\Windows\System32\drivers\hidclass.sys - ok
20:49:47.0805 0x0db8  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] C:\Windows\System32\drivers\hidusb.sys
20:49:47.0805 0x0db8  C:\Windows\System32\drivers\hidusb.sys - ok
20:49:47.0805 0x0db8  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] C:\Windows\System32\drivers\mouhid.sys
20:49:47.0805 0x0db8  C:\Windows\System32\drivers\mouhid.sys - ok
20:49:47.0805 0x0db8  [ 839C97ED7FF07F1C457B7F1751C82C9D, 2C38B7F03E29A163F6F2D8A2BBFB69D3FC5C44B7EA7B662D5A0B5F37D7D0F1C3 ] C:\Windows\System32\drivers\I1KBFLTR.sys
20:49:47.0805 0x0db8  C:\Windows\System32\drivers\I1KBFLTR.sys - ok
20:49:47.0805 0x0db8  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] C:\Windows\System32\drivers\kbdhid.sys
20:49:47.0805 0x0db8  C:\Windows\System32\drivers\kbdhid.sys - ok
20:49:47.0805 0x0db8  [ C5E1A5C17FA2CC83C2BB2167B0895100, 7F4D40B440877C4E0D5123D21A2BB67568FECB61750D6ED89AD0C4ABB15F66CE ] C:\Windows\System32\drivers\rzudd.sys
20:49:47.0805 0x0db8  C:\Windows\System32\drivers\rzudd.sys - ok
20:49:47.0821 0x0db8  [ FF3A488924B0032B1A9CA6948C1FA9E8, 6F05852B75498210926F5CDF49D2A6DD97C39CD93D32E3200D7240AADA3E7BEE ] C:\Windows\System32\drivers\lvuvc64.sys
20:49:47.0821 0x0db8  C:\Windows\System32\drivers\lvuvc64.sys - ok
20:49:47.0821 0x0db8  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] C:\Windows\System32\drivers\USBAUDIO.sys
20:49:47.0821 0x0db8  C:\Windows\System32\drivers\USBAUDIO.sys - ok
20:49:47.0821 0x0db8  [ 0C85B2B6FB74B36A251792D45E0EF860, 2E04204560C1159ABC25F273B0B7F81FDF9BA5E88C17929FD924C4E945DE5020 ] C:\Windows\System32\drivers\lvrs64.sys
20:49:47.0821 0x0db8  C:\Windows\System32\drivers\lvrs64.sys - ok
20:49:47.0821 0x0db8  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] C:\Windows\System32\drivers\monitor.sys
20:49:47.0821 0x0db8  C:\Windows\System32\drivers\monitor.sys - ok
20:49:47.0821 0x0db8  [ F29FE765E1448EF371CFE05BFAC74ADB, F251581222D78543272FD4B14A6A59F4B0E0CC44A5FCBCF56DE4CA5783F78A75 ] C:\Windows\System32\tsddd.dll
20:49:47.0821 0x0db8  C:\Windows\System32\tsddd.dll - ok
20:49:47.0821 0x0db8  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\System32\sxssrv.dll
20:49:47.0821 0x0db8  C:\Windows\System32\sxssrv.dll - ok
20:49:47.0821 0x0db8  [ 94355C28C1970635A31B3FE52EB7CEBA, C4E98F07170CEC69CACDD5CEDB8927E48A2A299CB1B8CDA87526E768AF6174F0 ] C:\Windows\System32\wininit.exe
20:49:47.0821 0x0db8  C:\Windows\System32\wininit.exe - ok
20:49:47.0837 0x0db8  [ 78523A26F5604C0568FE9D1CE86E36F4, 534A7228BF69719106F581616A32EAEF0B770DDB36DCE94F84E7D52FDB1382B5 ] C:\Windows\System32\KBDUS.DLL
20:49:47.0837 0x0db8  C:\Windows\System32\KBDUS.DLL - ok
20:49:47.0837 0x0db8  [ C2A8CB1275ECB85D246A9ECC02A728E3, 3603FADCA0060BD201148F9D59E4E2627F024609A6463AB525B5D1AD17BDCD10 ] C:\Windows\System32\RpcRtRemote.dll
20:49:47.0837 0x0db8  C:\Windows\System32\RpcRtRemote.dll - ok
20:49:47.0837 0x0db8  [ 943F527DF79E6B400104341AA7023C75, 53C7B9426181D3D172E6B1A07E6DF8A0CB8FCA27D3A03CE5F544D3209B5F4651 ] C:\Windows\System32\cdd.dll
20:49:47.0837 0x0db8  C:\Windows\System32\cdd.dll - ok
20:49:47.0837 0x0db8  [ 9CEAD32E79A62150FE9F8557E58E008B, AFE4C1725EE94D7DE0749AE1495A4E5CC33C369F29B2A589DA66FFE27FF9777E ] C:\Windows\System32\sxs.dll
20:49:47.0837 0x0db8  C:\Windows\System32\sxs.dll - ok
20:49:47.0837 0x0db8  [ B26B1801356760841C3BC69F9F91537F, 83B9DF333E36C09E81D44E12AE5BE14650126FDA0CF4A0EA853BF40C5780EF81 ] C:\Windows\System32\WlS0WndH.dll
20:49:47.0837 0x0db8  C:\Windows\System32\WlS0WndH.dll - ok
20:49:47.0837 0x0db8  [ 784FA3DF338E2E8F5F0389D6FAC428AF, 9C8AA0CFDEB9E38AAF8EB08626070E0F0364F4F8A793CFE3532EC6C007980C34 ] C:\Windows\System32\cryptbase.dll
20:49:47.0837 0x0db8  C:\Windows\System32\cryptbase.dll - ok
20:49:47.0837 0x0db8  [ 90499F3163A9F815CF196A205EA3CD5D, 29B4ED3795CEC1177EB367132914CE21C194CDEC5DB9DC923FD928C85E94D821 ] C:\Windows\System32\apphelp.dll
20:49:47.0837 0x0db8  C:\Windows\System32\apphelp.dll - ok
20:49:47.0837 0x0db8  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\System32\services.exe
20:49:47.0837 0x0db8  C:\Windows\System32\services.exe - ok
20:49:47.0852 0x0db8  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] C:\Windows\System32\lsass.exe
20:49:47.0852 0x0db8  C:\Windows\System32\lsass.exe - ok
20:49:47.0852 0x0db8  [ 9662EE182644511439F1C53745DC1C88, D205B2C163E78AB42A5D67D7664EF6B75EA0374FF0924467D624F9DB0611F0AD ] C:\Windows\System32\lsm.exe
20:49:47.0852 0x0db8  C:\Windows\System32\lsm.exe - ok
20:49:47.0852 0x0db8  [ 8098627D0AA1706D69C5AF3F74332ABB, 9582F6162A8405DC568FFBEA08A9090FE92FE2C9DB640077BD7F23AC4FABF700 ] C:\Windows\System32\sspisrv.dll
20:49:47.0852 0x0db8  C:\Windows\System32\sspisrv.dll - ok
20:49:47.0852 0x0db8  [ D4CCE15190269486A5E6D4D4E597F798, B3F1D01526BE95F0384CFB459D220EBA61BAC50D5A4B5E9417840713EC98DCC3 ] C:\Windows\System32\lsasrv.dll
20:49:47.0852 0x0db8  C:\Windows\System32\lsasrv.dll - ok
20:49:47.0852 0x0db8  [ C072064F95579C0D6D86AF5B3DC53192, CF4A088DF97F4D4963BEAB9CBDBF69FEA2D4773159054A0AF8B8DFFDF83E18DA ] C:\Windows\System32\sspicli.dll
20:49:47.0852 0x0db8  C:\Windows\System32\sspicli.dll - ok
20:49:47.0852 0x0db8  [ 68083118797CAF30FB2EA3E71494D67E, 5F1BCDFCB00A20CD60CBC70A2FD97405EF0F7173DD0E404BBA7B06D39DB37364 ] C:\Windows\System32\sysntfy.dll
20:49:47.0852 0x0db8  C:\Windows\System32\sysntfy.dll - ok
20:49:47.0852 0x0db8  [ 88AB9B72B4BF3963A0DE0820B4B0B06C, 29EFEADCB26E408CD41492FCEC6D411A018099D6FF5ECA9526ED59564975F3E6 ] C:\Windows\System32\winlogon.exe
20:49:47.0852 0x0db8  C:\Windows\System32\winlogon.exe - ok
20:49:47.0852 0x0db8  [ DEE7267C5D232A3B816866872CE199E6, A1994FD37667C52E7CBF873514C190DA61A3D1349786D187BFAE0006F61799AE ] C:\Windows\System32\wmsgapi.dll
20:49:47.0852 0x0db8  C:\Windows\System32\wmsgapi.dll - ok
20:49:47.0868 0x0db8  [ E914A50A151DFFE63D3935226DB5E2C1, 7DCCE4060344E1C771679F1C20378A0BEB3C1F06DB684072F07B98921A62A299 ] C:\Windows\System32\scext.dll
20:49:47.0868 0x0db8  C:\Windows\System32\scext.dll - ok
20:49:47.0868 0x0db8  [ BBCDF350817BA86416C0F06B6981BE8D, D064438F97852B9BD6015C8B19377C61C671E0969E09506B8359FE7B1F373A61 ] C:\Windows\System32\scesrv.dll
20:49:47.0868 0x0db8  C:\Windows\System32\scesrv.dll - ok
20:49:47.0868 0x0db8  [ 39312B37C5FE5138F99680A49ACD3AEA, B9566B4117FBBECF77A0D3F49E9DF302088B9D483F817720B22E4F9C5754264A ] C:\Windows\System32\secur32.dll
20:49:47.0868 0x0db8  C:\Windows\System32\secur32.dll - ok
20:49:47.0868 0x0db8  [ 3A9C9BAF610B0DD4967086040B3B62A9, E8E9A0F42B1EE7806EDCEED08AA024D037215D06CA317E3678BD5364AD513D23 ] C:\Windows\System32\srvcli.dll
20:49:47.0868 0x0db8  C:\Windows\System32\srvcli.dll - ok
20:49:47.0868 0x0db8  [ 0D9764D58C5EFD672B7184854B152E5E, 9827B43DABBEC39AB2E2294408D9C5304EF27A684903C5234C6070387723D49E ] C:\Windows\System32\winsta.dll
20:49:47.0868 0x0db8  C:\Windows\System32\winsta.dll - ok
20:49:47.0868 0x0db8  [ A744BA6E04C8AA4592818178DBF89521, 9E7C85D842DF16F9B8FED7B06AF309B5ECCBFD465F5552347D4C3F1FEFDC6F7A ] C:\Windows\System32\samsrv.dll
20:49:47.0868 0x0db8  C:\Windows\System32\samsrv.dll - ok
20:49:47.0868 0x0db8  [ 3A061472B38233BAFF9CFEFF2E49C46B, DF29B14C8D22A8A16AA336A09A6152E2C7FCA6CAF4E76F0C5DCB55BEF9D00515 ] C:\Windows\System32\cryptdll.dll
20:49:47.0868 0x0db8  C:\Windows\System32\cryptdll.dll - ok
20:49:47.0868 0x0db8  [ 3C073B0C596A0AF84933E7406766B040, 4698BBA678F553E15AD4B07AD7FB236281F872DEFEE97BFD637114476C8F97B3 ] C:\Windows\System32\wevtapi.dll
20:49:47.0868 0x0db8  C:\Windows\System32\wevtapi.dll - ok
20:49:47.0883 0x0db8  [ 86FE1B1F8FD42CD0DB641AB1CDB13093, 8C4BB4415105CE82FFFE658879EAE9D259A24C0F6DFC7D25507352DC99241BE2 ] C:\Windows\System32\cngaudit.dll
20:49:47.0883 0x0db8  C:\Windows\System32\cngaudit.dll - ok
20:49:47.0883 0x0db8  [ 7FBEBD2229EA5FD48D41B199EC2D541C, A465975D445A8D50CAF3EF29BD33354B320D11173C127BE30D5EBBFF7008CDCE ] C:\Windows\System32\authz.dll
20:49:47.0883 0x0db8  C:\Windows\System32\authz.dll - ok
20:49:47.0883 0x0db8  [ E23BA7A7BD97FC6B8AB5EA32A46D05CD, 593564F84B36451A5CDCA9B04DCFC7886DB124F7CA95464B67B1E65E041A1EC6 ] C:\Windows\System32\ncrypt.dll
20:49:47.0883 0x0db8  C:\Windows\System32\ncrypt.dll - ok
20:49:47.0883 0x0db8  [ B9A95365E52F421A20E1501935FADDA5, DDB4CB575139233EFAF2C59B7E9B04AF36BBCCC63190181F3B2A7E6BFC86E77E ] C:\Windows\System32\bcrypt.dll
20:49:47.0883 0x0db8  C:\Windows\System32\bcrypt.dll - ok
20:49:47.0883 0x0db8  [ 02B64609F865A39365FF88580DF11738, 2F676B93898E1B6131AF6227BB7AB731EB9C29477F9BD4C2C60F0FC1E35CD968 ] C:\Windows\System32\msprivs.dll
20:49:47.0883 0x0db8  C:\Windows\System32\msprivs.dll - ok
20:49:47.0883 0x0db8  [ C6505DE3561537BA1004D638C2F93F2F, 3E4FDF374B1A9E43A8F61FD2D79E0515390ECABFDAF72C4BD44A7B6429039AF6 ] C:\Windows\System32\netjoin.dll
20:49:47.0883 0x0db8  C:\Windows\System32\netjoin.dll - ok
20:49:47.0883 0x0db8  [ 50532FCD7ECF02DD169CE5C485F02534, 8EE5D9D0EA53DC72BCC300692E521ACADD56AB09BFA3E78149D8B5A90648512C ] C:\Windows\System32\negoexts.dll
20:49:47.0883 0x0db8  C:\Windows\System32\negoexts.dll - ok
20:49:47.0883 0x0db8  [ A805B5E68262302D1A60BE3DED5846C9, 425301E7014D386EB4591A7785CF782FF2155BCB4EF68592790A99FD9B43F20E ] C:\Windows\System32\kerberos.dll
20:49:47.0883 0x0db8  C:\Windows\System32\kerberos.dll - ok
20:49:47.0899 0x0db8  [ D0C2FBB6D97416B0166478FC7AE2B212, 7EAB6C37F0A845E645CA44CC060AC6C56E386C7EF7A64716C6786C9602AD8C9D ] C:\Windows\System32\cryptsp.dll
20:49:47.0899 0x0db8  C:\Windows\System32\cryptsp.dll - ok
20:49:47.0899 0x0db8  [ 9A9F9F1A77D6A80EE28B57664F00013E, 0D441638E086EF1342FCDC43E826BF9E9CC6B2E8AE100D89BFC70163F987DE91 ] C:\Windows\System32\mswsock.dll
20:49:47.0899 0x0db8  C:\Windows\System32\mswsock.dll - ok
20:49:47.0899 0x0db8  [ E1BB958681BE311E7CFF06CFEC5F1F2B, C2FDFC6C7350788A07DCB99A6A54FB9A96A6A578013DF46D0E5094A3CBF6E862 ] C:\Windows\System32\atmfd.dll
20:49:47.0899 0x0db8  C:\Windows\System32\atmfd.dll - ok
20:49:47.0899 0x0db8  [ 7D1017ED11B7C3B162628069742B5E58, 0553ABF5C84469370748CA2496BA82655039E5048980C675742A88B761DED967 ] C:\Windows\System32\msv1_0.dll
20:49:47.0899 0x0db8  C:\Windows\System32\msv1_0.dll - ok
20:49:47.0899 0x0db8  [ EC7CBFF96B05ECF3D366355B3C64ADCF, F69ED45EBEDCA9CF000AC03281F0EC2C351F98513FBA90E63394E4E561D6C7A2 ] C:\Windows\System32\wship6.dll
20:49:47.0899 0x0db8  C:\Windows\System32\wship6.dll - ok
20:49:47.0899 0x0db8  [ AA339DD8BB128EF66660DFBBB59043D3, 76D9F849AFDDA38E04549EB67B4163478776F1B6EF46434168278F84FEB8FC5C ] C:\Windows\System32\netlogon.dll
20:49:47.0899 0x0db8  C:\Windows\System32\netlogon.dll - ok
20:49:47.0899 0x0db8  [ 492D07D79E7024CA310867B526D9636D, F2FE647AB85C6C3C1AA3DF4BCE6E4D42B9676C9D837E11388C235AE8DB20044F ] C:\Windows\System32\dnsapi.dll
20:49:47.0899 0x0db8  C:\Windows\System32\dnsapi.dll - ok
20:49:47.0915 0x0db8  [ 8FFE297B8449386E7B6851458B6E474E, E149B37E11091D69D926242517E5655596594A6F01FEF06EB65D6BA5B354E326 ] C:\Windows\System32\logoncli.dll
20:49:47.0915 0x0db8  C:\Windows\System32\logoncli.dll - ok
20:49:47.0915 0x0db8  [ E8E98B3B7A6E1250F4AA7AF8FA17D5BB, 36EA8779A04E40B93961C8F4B1B6FF7E26254D38B30EA9B1031066B3FC02A776 ] C:\Windows\System32\schannel.dll
20:49:47.0915 0x0db8  C:\Windows\System32\schannel.dll - ok
20:49:47.0915 0x0db8  [ BFC98590EAB40C785D6134B1FA818A62, 3A0136DE59815C36ADD2E960D610371733B119635D2EBA15588DB62A05B928C8 ] C:\Windows\System32\wdigest.dll
20:49:47.0915 0x0db8  C:\Windows\System32\wdigest.dll - ok
20:49:47.0915 0x0db8  [ 5D8874A8C11DDDDE29E12DE0E2013493, 3E9A57137BF622AF83E3E4D58971E2C0200559CCA7545D16CF263AA03EE9C7D2 ] C:\Windows\System32\rsaenh.dll
20:49:47.0915 0x0db8  C:\Windows\System32\rsaenh.dll - ok
20:49:47.0915 0x0db8  [ E08088A97F95345E181C3DFCE2C615EF, DEF3B087DF5E10E4F8418029DB6E82546E62FEFA39694B7BD6A48CE8AAFD1B96 ] C:\Windows\System32\pku2u.dll
20:49:47.0915 0x0db8  C:\Windows\System32\pku2u.dll - ok
20:49:47.0915 0x0db8  [ 79EE13A5A406E4603874686B8005DA72, 3FC9C9463AFF70D9778C9CEDFCE6CEFDEE342A13BDE8EF2FF0420FE48421412B ] C:\Windows\System32\TSpkg.dll
20:49:47.0915 0x0db8  C:\Windows\System32\TSpkg.dll - ok
20:49:47.0915 0x0db8  [ 94AA2DFFF94DF789AAA0081333A6CADA, 07A3F01F06D27D1582642A165533649B83895304928AFE3DAC09924FBE22F7B3 ] C:\Windows\System32\LIVESSP.DLL
20:49:47.0915 0x0db8  C:\Windows\System32\LIVESSP.DLL - ok
20:49:47.0915 0x0db8  [ D6C7780A364C6BBACFA796BAB9F1B374, 3B5ED1A030BFD0BB73D4FFCD67A6A0B8501EF70293F223EFAA12F430ADF270F9 ] C:\Windows\System32\bcryptprimitives.dll
20:49:47.0915 0x0db8  C:\Windows\System32\bcryptprimitives.dll - ok
20:49:47.0930 0x0db8  [ 90BDEFC5DF334E5100EAA781D798DE1A, F48B650D811B6D57D2252E326C0C9CC74534BE9D510E7D3403F91D1C5C36281E ] C:\Windows\System32\efslsaext.dll
20:49:47.0930 0x0db8  C:\Windows\System32\efslsaext.dll - ok
20:49:47.0930 0x0db8  [ C9DD5C0D5AF2D7A54BA32E8FBD3B67F1, 1EDB25297A9C8A87A7F33A9E9C5148F476D74BBDBF272036E5ACA46355D4A866 ] C:\Windows\System32\credssp.dll
20:49:47.0930 0x0db8  C:\Windows\System32\credssp.dll - ok
20:49:47.0930 0x0db8  [ 7CC7DF5B654DA579613F811D8C637E29, 70EAC059C1ED814810C75DBB9F4D188428CB942FFD8869D692158D384EB6BB35 ] C:\Windows\System32\ubpm.dll
20:49:47.0930 0x0db8  C:\Windows\System32\ubpm.dll - ok
20:49:47.0930 0x0db8  [ ED78427259134C63ED69804D2132B86C, F6F51B8B35881ABCA5580ED111AAC80E466E6474ABAE31EC8BE46C23EDCA77B2 ] C:\Windows\System32\scecli.dll
20:49:47.0930 0x0db8  C:\Windows\System32\scecli.dll - ok
20:49:47.0930 0x0db8  [ C78655BC80301D76ED4FEF1C1EA40A7D, 93B2ED4004ED5F7F3039DD7ECBD22C7E4E24B6373B4D9EF8D6E45A179B13A5E8 ] C:\Windows\System32\svchost.exe
20:49:47.0930 0x0db8  C:\Windows\System32\svchost.exe - ok
20:49:47.0930 0x0db8  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] C:\Windows\System32\umpnpmgr.dll
20:49:47.0930 0x0db8  C:\Windows\System32\umpnpmgr.dll - ok
20:49:47.0930 0x0db8  [ E6EB44ABAAF1F330119F854856C53EBE, 77279972FFBFA984578DD4F17EB615F5D2D93590AF3A9FEFEFDB9128206C9887 ] C:\Windows\System32\SPInf.dll
20:49:47.0930 0x0db8  C:\Windows\System32\SPInf.dll - ok
20:49:47.0930 0x0db8  [ CD1B5AD07E5F7FEF30E055DCC9E96180, 63C58551F32B0B09377F64A6AE1FA81AF93B8A707A57A8C18722086906AD3046 ] C:\Windows\System32\devrtl.dll
20:49:47.0930 0x0db8  C:\Windows\System32\devrtl.dll - ok
20:49:47.0946 0x0db8  [ 9C9307C95671AC962F3D6EB3A4A89BAE, D1433791C9B8BCEEAD8937EC18D33E89E4E2012B5975228A8500FD141BC30078 ] C:\Windows\System32\gpapi.dll
20:49:47.0946 0x0db8  C:\Windows\System32\gpapi.dll - ok
20:49:47.0946 0x0db8  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] C:\Windows\System32\umpo.dll
20:49:47.0946 0x0db8  C:\Windows\System32\umpo.dll - ok
20:49:47.0946 0x0db8  [ F6C011B46FAEEF33536B2E80F48B5CBE, BDD149D3D6F9F6C8F6F34C311219BE5618CEEFBC7D35E37473A47F1D5D015067 ] C:\Windows\System32\pcwum.dll
20:49:47.0946 0x0db8  C:\Windows\System32\pcwum.dll - ok
20:49:47.0946 0x0db8  [ 716175021BDA290504CE434273F666BC, FA18CA2D8A5F4335E051E2933147D3C1E7308F7D446E2AEB6596CDEF6E2AFC88 ] C:\Windows\System32\powrprof.dll
20:49:47.0946 0x0db8  C:\Windows\System32\powrprof.dll - ok
20:49:47.0946 0x0db8  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] C:\Windows\System32\drivers\luafv.sys
20:49:47.0946 0x0db8  C:\Windows\System32\drivers\luafv.sys - ok
20:49:47.0946 0x0db8  [ 13533557D01B88C83110D5CF749F14D7, 58E0ED5EE156E871182DF8E0079DEAE36EFADA4810ED84A5CAB7CC41B7B79CD4 ] C:\Windows\System32\drivers\eamonm.sys
20:49:47.0946 0x0db8  C:\Windows\System32\drivers\eamonm.sys - ok
20:49:47.0946 0x0db8  [ 297EE9C666FC8BB96A232DB0DDBA1E49, C4A3BC7495034E32BB2E0100DB0D9A64EE70F65B0F629F4F099412D03ABE8178 ] C:\Windows\System32\drivers\uxpatch.sys
20:49:47.0946 0x0db8  C:\Windows\System32\drivers\uxpatch.sys - ok
20:49:47.0946 0x0db8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] C:\Windows\System32\rpcss.dll
20:49:47.0946 0x0db8  C:\Windows\System32\rpcss.dll - ok
20:49:47.0961 0x0db8  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] C:\Windows\System32\RpcEpMap.dll
20:49:47.0961 0x0db8  C:\Windows\System32\RpcEpMap.dll - ok
20:49:47.0961 0x0db8  [ 16E964ABF6D1E0F0CC7822FCA9BA754D, 0E461387ACFD641DA22EE542A3C68AF5F7D3A7F967D974E3B198143D461ABE39 ] C:\Windows\System32\wshqos.dll
20:49:47.0961 0x0db8  C:\Windows\System32\wshqos.dll - ok
20:49:47.0961 0x0db8  [ 31559F3244C6BC00A52030CAA83B6B91, B2025742B5F0025ACE9821D5722DE3F997EEEAB21D2F381C9E307882DF422579 ] C:\Windows\System32\WSHTCPIP.DLL
20:49:47.0961 0x0db8  C:\Windows\System32\WSHTCPIP.DLL - ok
20:49:47.0961 0x0db8  [ 09F1332EA1955D4C5CEBFA82499C7361, E12E143FB545E09F23FE535E8027FA28C41DC92D51AF910E5E7A884DB55AE400 ] C:\Windows\System32\atiesrxx.exe
20:49:47.0961 0x0db8  C:\Windows\System32\atiesrxx.exe - ok
20:49:47.0961 0x0db8  [ 9AD9E06F8656F296D91FAE8EE5B95A27, 53384747D5864D699BCC4F48E0A5E656430EDAA65DCDAB4B11EA68FC7106459E ] C:\Windows\System32\FirewallAPI.dll
20:49:47.0961 0x0db8  C:\Windows\System32\FirewallAPI.dll - ok
20:49:47.0961 0x0db8  [ 715F03B4C7223349768013EA95D9E5B7, 09AB0535A54C2E2962F0FD06988D99060F8CECA39B07AC00A63204C773B95893 ] C:\Windows\System32\LogonUI.exe
20:49:47.0961 0x0db8  C:\Windows\System32\LogonUI.exe - ok
20:49:47.0961 0x0db8  [ 5DFFC12BF7DB53BDB401804A3C3A475E, DEACB4BFF904AD77389A8326BFCF12A490E1A7A10B68049D253552F1FC630FA3 ] C:\Windows\System32\authui.dll
20:49:47.0961 0x0db8  C:\Windows\System32\authui.dll - ok
20:49:47.0961 0x0db8  [ BD3674BE7FC9D8D3732C83E8499576ED, E6716A5895D629263A4D21959F48840429AB6F4B55A5FA2663EE5E86C9CA2BF1 ] C:\Windows\System32\wtsapi32.dll
20:49:47.0961 0x0db8  C:\Windows\System32\wtsapi32.dll - ok
20:49:47.0977 0x0db8  [ 94E026870A55AAEAFF7853C1754091E9, B2F5D5629D12BDFA98DBED3898368F37D9009C7531B6909C7285A2C11C9A0F93 ] C:\Windows\System32\version.dll
20:49:47.0977 0x0db8  C:\Windows\System32\version.dll - ok
20:49:47.0977 0x0db8  [ 6011714C8C5C55CBFFAD24D61E879FBD, 75D615082A1C71C6ED3ABB49EDAF660EE538D112CF79B9C8AF0A583D1CE1BBB0 ] C:\Windows\System32\wevtsvc.dll
20:49:47.0977 0x0db8  C:\Windows\System32\wevtsvc.dll - ok
20:49:47.0977 0x0db8  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] C:\Windows\System32\audiosrv.dll
20:49:47.0977 0x0db8  C:\Windows\System32\audiosrv.dll - ok
20:49:47.0977 0x0db8  [ 78A1E65207484B7F8D3217507745F47C, 35F413ADB9D157F3666DD15DD58104D629CD9143198A1AB914B73A4A3C9903DD ] C:\Windows\System32\avrt.dll
20:49:47.0977 0x0db8  C:\Windows\System32\avrt.dll - ok
20:49:47.0977 0x0db8  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] C:\Windows\System32\FntCache.dll
20:49:47.0977 0x0db8  C:\Windows\System32\FntCache.dll - ok
20:49:47.0977 0x0db8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] C:\Windows\System32\mmcss.dll
20:49:47.0977 0x0db8  C:\Windows\System32\mmcss.dll - ok
20:49:47.0977 0x0db8  [ 227E2C382A1E02F8D4965E664D3BBE43, 1CFF20A8BF87ACE4FA4935EBEED72BFB1A1FE902A754899E2F50798D67DF5642 ] C:\Windows\System32\MMDevAPI.dll
20:49:47.0977 0x0db8  C:\Windows\System32\MMDevAPI.dll - ok
20:49:47.0977 0x0db8  [ F06BB4E336EA57511FDBAFAFCC47DE62, BE43EC62548E9FF89A9495A1722E22DBB76EEC3764F86E64057B636F27D15765 ] C:\Windows\System32\propsys.dll
20:49:47.0977 0x0db8  C:\Windows\System32\propsys.dll - ok
20:49:47.0993 0x0db8  [ 8F387A1CC015A3F5020700C657A0FC85, 6C3585887858F357C353102CAE5915A26B812C35374BF0126CE2AB1EF4A58EF8 ] C:\Windows\UnsignedThemesSvc.exe
20:49:47.0993 0x0db8  C:\Windows\UnsignedThemesSvc.exe - ok
20:49:47.0993 0x0db8  [ 1F4492FE41767CDB8B89D17655847CDD, 184547FAC0C3D7148FAA3F601929A7089DE393BD19929A137DAD743331DD3F77 ] C:\Windows\System32\ntmarta.dll
20:49:47.0993 0x0db8  C:\Windows\System32\ntmarta.dll - ok
20:49:47.0993 0x0db8  [ 50544D04AD845C43130B70212EC05CCD, B2E6B558DE7D273512226685FF53ED17C9B4BF81B739FBCA5D3FC82DF8D2BCF7 ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
20:49:47.0993 0x0db8  C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
20:49:47.0993 0x0db8  [ 588CD0C78A7FAAE4186B5EEA0AF3ED67, E957E4463D318A44BA5109EE3428624DE901C5FF2BA358986DF6C6F059DDBCC2 ] C:\Windows\System32\adtschema.dll
20:49:47.0993 0x0db8  C:\Windows\System32\adtschema.dll - ok
20:49:47.0993 0x0db8  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] C:\Windows\System32\drivers\fltMgr.sys
20:49:47.0993 0x0db8  C:\Windows\System32\drivers\fltMgr.sys - ok
20:49:47.0993 0x0db8  [ A3DB3C17EE6CAE65D53602B4E80BCCBC, D802A7C6161F937DC42A6E45FE1BB2C8272819F92C294C180EBCDF8FF72CBFDC ] C:\Windows\System32\PSHED.DLL
20:49:47.0993 0x0db8  C:\Windows\System32\PSHED.DLL - ok
20:49:47.0993 0x0db8  [ B3BFBD758506ECB50C5804AAA76318F9, 34E079A6AB2D41D1E0B3887B6AE31C43941061B7176FFF2801C3F465C2C89578 ] C:\Windows\System32\cryptui.dll
20:49:47.0993 0x0db8  C:\Windows\System32\cryptui.dll - ok
20:49:48.0008 0x0db8  [ 7FA8FDC2C2A27817FD0F624E78D3B50C, 7B63F6AA2CD6D4D07EA3C595B868B1A0749BB11620027A2BD9B935E3055481E4 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
20:49:48.0008 0x0db8  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
20:49:48.0008 0x0db8  [ 5B3EBFC3DA142324B388DDCC4465E1FF, 5D58642305311F9BC9B779C9598BFC4E7433B3EA58404BF1FF9466838A2328C7 ] C:\Windows\System32\samlib.dll
20:49:48.0008 0x0db8  C:\Windows\System32\samlib.dll - ok
20:49:48.0008 0x0db8  [ 4E9C2DB10F7E6AE91BF761139D4B745B, 8F63F78294F5585D599A114AF449DCC447CCB239D0F0B490BFE6B34A2146E730 ] C:\Windows\System32\shacct.dll
20:49:48.0008 0x0db8  C:\Windows\System32\shacct.dll - ok
20:49:48.0008 0x0db8  [ D29E998E8277666982B4F0303BF4E7AF, 4F19AB5DC173E278EBE45832F6CEAA40E2DF6A2EDDC81B2828122442FE5D376C ] C:\Windows\System32\uxtheme.dll
20:49:48.0008 0x0db8  C:\Windows\System32\uxtheme.dll - ok
20:49:48.0008 0x0db8  [ A9A87481B1A6589898C1DAB37C03E4AB, 803DB46E9FEE4E45B63A13A8CE3E589D7498532B8A7D8C3424E210E6A9AAC61F ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18455_none_2b283fd671e9bf4d\GdiPlus.dll
20:49:48.0008 0x0db8  C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18455_none_2b283fd671e9bf4d\GdiPlus.dll - ok
20:49:48.0008 0x0db8  [ 3CB6A7286422C72C34DAB54A5DFF1A34, 98D21EFFF511E407336A226420701E82554DA01FA05661303836B6860D63749D ] C:\Windows\System32\dui70.dll
20:49:48.0008 0x0db8  C:\Windows\System32\dui70.dll - ok
20:49:48.0008 0x0db8  [ 8CCDE014A4CDF84564E03ACE064CA753, DD663029B2EB7B12FDB00FCE403D8326141E540E3B9CE84CD5871473D3E2E2CF ] C:\Windows\System32\duser.dll
20:49:48.0008 0x0db8  C:\Windows\System32\duser.dll - ok
20:49:48.0008 0x0db8  [ D7F1EF374A90709B31591823B002F918, 05FD2837C9B03D14BB2A969C1AD77CAEF047D93DC5D0F6C2ACBF0888E8F7B359 ] C:\Windows\System32\SndVolSSO.dll
20:49:48.0008 0x0db8  C:\Windows\System32\SndVolSSO.dll - ok
20:49:48.0024 0x0db8  [ DA1B7075260F3872585BFCDD668C648B, 3E10EF6E1A5C341B478322CB78A0AB7BFC70AD8023779B8B4542A7CB4CA756AB ] C:\Windows\System32\dwmapi.dll
20:49:48.0024 0x0db8  C:\Windows\System32\dwmapi.dll - ok
20:49:48.0024 0x0db8  [ 896F15A6434D93EDB42519D5E18E6B50, 9263F0CEC58D45EBE3FB9C3061FB9392C55A7933B84B4592E6EE13CFC86D5A50 ] C:\Windows\System32\hid.dll
20:49:48.0024 0x0db8  C:\Windows\System32\hid.dll - ok
20:49:48.0024 0x0db8  [ 6F8B48F3D343E4B186AB6A9E302B7E16, 54DB52FC56509E61DF68BD251B3286E6CBE1A91D9BC4D950940A61FE2DA04DF8 ] C:\Windows\System32\xmllite.dll
20:49:48.0024 0x0db8  C:\Windows\System32\xmllite.dll - ok
20:49:48.0024 0x0db8  [ AFCA5C1ECEAF948FC815178BC077680E, D052C18EF455E1A272332F2E11FD4F36DA071FAB3B81CA312FB75BF8702ED72D ] C:\Windows\System32\WindowsCodecs.dll
20:49:48.0024 0x0db8  C:\Windows\System32\WindowsCodecs.dll - ok
20:49:48.0024 0x0db8  [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D, 19959D18601712901F03B83150D15E34EBCAB355BB4692C9A28511A72F57FC66 ] C:\Windows\System32\winbrand.dll
20:49:48.0024 0x0db8  C:\Windows\System32\winbrand.dll - ok
20:49:48.0024 0x0db8  [ B0945E538CF906BBDDC5A11C8EE868CC, 5F3459F6512918835F7C9400905EC7C1FAEAA7114E0D28C522040C359E3B93F7 ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
20:49:48.0024 0x0db8  C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
20:49:48.0024 0x0db8  [ C2762A57DF0EE85E63CE4893C5215313, DDE22212D78353633CEDE27D7210469DE674563991105563CF64CCCE2D0743BD ] C:\Windows\System32\VaultCredProvider.dll
20:49:48.0024 0x0db8  C:\Windows\System32\VaultCredProvider.dll - ok
20:49:48.0024 0x0db8  [ 8563BA40DF4F1E93A61B70E2C8B60CF8, E5CAA520CBE61FAF3EAA784A51ED30E0CB2FD78EFD8AE1D5C6B0FE43A1009F39 ] C:\Windows\System32\SmartcardCredentialProvider.dll
20:49:48.0024 0x0db8  C:\Windows\System32\SmartcardCredentialProvider.dll - ok
20:49:48.0039 0x0db8  [ BF352E73615F5461AA6884472435A544, 4B059E79325C5F08CD6FBBE6352E17ADB64B9608CC9EDB36A2DF4D148060C309 ] C:\Windows\System32\BioCredProv.dll
20:49:48.0039 0x0db8  C:\Windows\System32\BioCredProv.dll - ok
20:49:48.0039 0x0db8  [ 4403D5ECE7D8323CAF1207D1AA38FA01, BD0B34DCF658D3CB91C1B55E9E730C5F7C571AFC2BFA09270C377B72B6830D48 ] C:\Windows\System32\credui.dll
20:49:48.0039 0x0db8  C:\Windows\System32\credui.dll - ok
20:49:48.0039 0x0db8  [ 796B8123A7859AFD3A4AE10514DBAEB5, E76F69FAFEC3D66263ED95F3FA9EE309BDDACB287E30583A147DC97F6EEB8844 ] C:\Windows\System32\winbio.dll
20:49:48.0039 0x0db8  C:\Windows\System32\winbio.dll - ok
20:49:48.0039 0x0db8  [ 972C3301DB3DA91AE06A95F6B4160B1B, 678B533A06C306295FE97DC26CE9BAFFC8EAF1FB7405ACB040719099717744D5 ] C:\Windows\System32\certCredProvider.dll
20:49:48.0039 0x0db8  C:\Windows\System32\certCredProvider.dll - ok
20:49:48.0039 0x0db8  [ EEEA40F0EDB0A6E5359E539E15D0BC77, BFCBF777239C29C6AC4BC5B59591308571647B7C7FDB5571903F7403DD241E8E ] C:\Windows\System32\netapi32.dll
20:49:48.0039 0x0db8  C:\Windows\System32\netapi32.dll - ok
20:49:48.0039 0x0db8  [ 6CECA4C6A489C9B2E6073AFDAAE3F607, 127506D1DB38275614CBEB047C133718EF9D03266BA9C98BE55EC7847CFC9C3D ] C:\Windows\System32\netutils.dll
20:49:48.0039 0x0db8  C:\Windows\System32\netutils.dll - ok
20:49:48.0039 0x0db8  [ FC51229C7D4AFA0D6F186133728B95AB, 37E58C8E1C8437D1981725A5DCDACA7316CEFBB570370CEFC8D122F523B96AC0 ] C:\Windows\System32\samcli.dll
20:49:48.0039 0x0db8  C:\Windows\System32\samcli.dll - ok
20:49:48.0039 0x0db8  [ 44B9C66177651F3F53C87B665D58D17A, 3FC426115FF87570889DB28D71970B82B525D2A4B9A00EDD273BF083B77A05CE ] C:\Windows\System32\vaultcli.dll
20:49:48.0039 0x0db8  C:\Windows\System32\vaultcli.dll - ok
20:49:48.0055 0x0db8  [ 3C91392D448F6E5D525A85B7550D8BA9, 6FD0DC73DBE7519E2C643554C2A7F8FBE4F9A678C4241BB54B3C6E65D2ABCF3A ] C:\Windows\System32\wkscli.dll
20:49:48.0055 0x0db8  C:\Windows\System32\wkscli.dll - ok
20:49:48.0055 0x0db8  [ 1ECB3FFBF22B8A7C958CCF8F96119FC0, 9DF42A27F486CD55F8141DAC4335B2A98764ED05E3F2342255854A35AB8A32FF ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
20:49:48.0055 0x0db8  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
20:49:48.0055 0x0db8  [ 87FA0C48C3B2E9FEE518818FE26B15B5, DA4042DE9897397AEDCEFF9F69746726237305DDE64464309B6DCC45E05E42F4 ] C:\Windows\System32\rasplap.dll
20:49:48.0055 0x0db8  C:\Windows\System32\rasplap.dll - ok
20:49:48.0055 0x0db8  [ 019CD868461B646E09BDF04474C19341, 01837EFACB02E52BC6E90C90C4CB01B11D56E449A37EA4FC2695507FF85EA9FE ] C:\Windows\System32\rasapi32.dll
20:49:48.0055 0x0db8  C:\Windows\System32\rasapi32.dll - ok
20:49:48.0055 0x0db8  [ B28DEEC597C8DEB70C744C7CF9210E3E, E777F192D822990CA6301B3FEA2AEA213FA7901438EB3328914ADF02B6C39DB9 ] C:\Windows\System32\rasman.dll
20:49:48.0055 0x0db8  C:\Windows\System32\rasman.dll - ok
20:49:48.0055 0x0db8  [ B53C4B69B695EDA1B7E41D35CA4244E2, 3D98E9B263CADA576E4057E059AFC867F6E3F1001F3B73C8BCF9066763A45D9D ] C:\Windows\System32\rtutils.dll
20:49:48.0055 0x0db8  C:\Windows\System32\rtutils.dll - ok
20:49:48.0055 0x0db8  [ A7A8CA53D9C9FD90C07AB0EB38E5316B, B98722E76601A98F038F40703C4B8BD21B5EC3B65DC1B07B7C367C06448F8A0E ] C:\Windows\System32\dbghelp.dll
20:49:48.0055 0x0db8  C:\Windows\System32\dbghelp.dll - ok
20:49:48.0071 0x0db8  [ CF636C92B762B26F0B39B38E92380A09, F7B8B0EA4536CE3BA33EE1BD0783F6AAD8C0EF69714E874D4A30B720A04C7A18 ] C:\Windows\System32\oleacc.dll
20:49:48.0071 0x0db8  C:\Windows\System32\oleacc.dll - ok
20:49:48.0071 0x0db8  [ 019BDD35DE269CB98B22DE8923C2AA3B, 68B216D5331B128CF1BCB3A3F82FD85B119FFDBCB796C907461CDD6248995817 ] C:\Windows\System32\UIAutomationCore.dll
20:49:48.0071 0x0db8  C:\Windows\System32\UIAutomationCore.dll - ok
20:49:48.0071 0x0db8  [ D233C7FEAE3FAA25F93A9E6B46815ADC, 5330682AE9C08E5F2E30C5E256B91028389BBBDDAA8C38950DF76616FCA854FF ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
20:49:48.0071 0x0db8  C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
20:49:48.0071 0x0db8  [ D5CCA1453B98A5801E6D5FF0FF89DC6C, 85F2C2480AAC31B6092187B431A562D79D4CFB1324F925C85055ABAB2483264B ] C:\Windows\System32\audiodg.exe
20:49:48.0071 0x0db8  C:\Windows\System32\audiodg.exe - ok
20:49:48.0071 0x0db8  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] C:\Windows\System32\themeservice.dll
20:49:48.0071 0x0db8  C:\Windows\System32\themeservice.dll - ok
20:49:48.0071 0x0db8  [ 2C647ABE9A424E55B5F3DAE4629B4277, 7B33009D253BAFFF87535C075E75498B6A06F334035DDC0DF51E10A142B4DF9E ] C:\Windows\System32\themeui.dll
20:49:48.0071 0x0db8  C:\Windows\System32\themeui.dll - ok
20:49:48.0071 0x0db8  [ 1473768973453DE50DC738C2955FC4DD, 14BC5DA2442CB726ACC1F277DDBECCF5D61E3A0A3E083A55A0BB610191E35220 ] C:\Windows\System32\wdmaud.drv
20:49:48.0071 0x0db8  C:\Windows\System32\wdmaud.drv - ok
20:49:48.0071 0x0db8  [ EF2AE43BCD46ABB13FC3E5B2B1935C73, 81FC06F306F620845D7DD8D06E706309E70BC89B589C81F3478302A3F5F73431 ] C:\Windows\System32\winmm.dll
20:49:48.0071 0x0db8  C:\Windows\System32\winmm.dll - ok


Edited by BillPax2000, 09 September 2014 - 09:27 PM.


#6 BillPax2000

BillPax2000
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:01 AM

Posted 09 September 2014 - 09:31 PM

Here is he 2nd half!

 

20:49:48.0086 0x0db8  [ 8560FFFC8EB3A806DCD4F82252CFC8C6, CC27BC092369A89D6147B16568FEDEB68B584D5738CD686C31F7FAE22ED17B3B ] C:\Windows\System32\ksuser.dll
20:49:48.0086 0x0db8  C:\Windows\System32\ksuser.dll - ok
20:49:48.0086 0x0db8  [ DC220AE6F64819099F7EBD6F137E32E7, B8FE13B859FA83500DD95637FA6D4A5B8392C2A363E41D014D3B5374F636E1DE ] C:\Windows\System32\AudioSes.dll
20:49:48.0086 0x0db8  C:\Windows\System32\AudioSes.dll - ok
20:49:48.0086 0x0db8  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] C:\Windows\System32\cscsvc.dll
20:49:48.0086 0x0db8  C:\Windows\System32\cscsvc.dll - ok
20:49:48.0086 0x0db8  [ BE097F5BB10F9079FCEB2DC4E7E20F02, 90A88986C8C5F30FB153EC803FEDA6572B2C2630A6C9578FCC017800692694D5 ] C:\Windows\System32\slc.dll
20:49:48.0086 0x0db8  C:\Windows\System32\slc.dll - ok
20:49:48.0086 0x0db8  [ 58775492FFD419248B08325E583C527F, DBB013971F5894F25C222C2D4D50A29DB6DF3C413792EE9CCC1A9E6D85469093 ] C:\Windows\System32\atl.dll
20:49:48.0086 0x0db8  C:\Windows\System32\atl.dll - ok
20:49:48.0086 0x0db8  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] C:\Windows\System32\gpsvc.dll
20:49:48.0086 0x0db8  C:\Windows\System32\gpsvc.dll - ok
20:49:48.0086 0x0db8  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] C:\Windows\System32\profsvc.dll
20:49:48.0086 0x0db8  C:\Windows\System32\profsvc.dll - ok
20:49:48.0086 0x0db8  [ 10AC5CE9F78DC281A1BBD9B8CC587B8A, 72288C0A88916D3C3828DBD948DBDB0928F26106319F8E60102D6C9004514D60 ] C:\Windows\System32\msacm32.dll
20:49:48.0086 0x0db8  C:\Windows\System32\msacm32.dll - ok
20:49:48.0102 0x0db8  [ 1B7C3A37362C7B2890168C5FC61C8D9B, 03727930E5BB5F9D91BAB901FC9A2E3B795D68E2AEE6A2CC3477F356C45A9C54 ] C:\Windows\System32\msacm32.drv
20:49:48.0102 0x0db8  C:\Windows\System32\msacm32.drv - ok
20:49:48.0102 0x0db8  [ CA2A0750ED830678997695FF61B04C30, E84860CD97AA3C4565ABB2D5D406A5C42B1AD2D8BA1B8CF81FE564D91F15F976 ] C:\Windows\System32\midimap.dll
20:49:48.0102 0x0db8  C:\Windows\System32\midimap.dll - ok
20:49:48.0102 0x0db8  [ 5EDBB34736DD7AC1A73CF8792A835E10, 15E87C449AAF2095273341DD9355D8DF2690340D1DEFAF0DFF034F1CDF4316F8 ] C:\Windows\System32\AudioEng.dll
20:49:48.0102 0x0db8  C:\Windows\System32\AudioEng.dll - ok
20:49:48.0102 0x0db8  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] C:\Windows\System32\es.dll
20:49:48.0102 0x0db8  C:\Windows\System32\es.dll - ok
20:49:48.0102 0x0db8  [ 1A47D52E303B7543E4E6026595B95422, C577CD3837546A7CED5D2E8E97FA2EDACA133B4A8595770EF96CAE519BFE280F ] C:\Windows\System32\comres.dll
20:49:48.0102 0x0db8  C:\Windows\System32\comres.dll - ok
20:49:48.0102 0x0db8  [ A77BE7CB3222B4FB0AC6C71D1C2698D4, 73566223914BF670DF6B5931FA213E546713531B10391ED65B5256BBD7ABDE7F ] C:\Windows\System32\dsrole.dll
20:49:48.0102 0x0db8  C:\Windows\System32\dsrole.dll - ok
20:49:48.0102 0x0db8  [ 46BB91A169B9B31FF44EB04C48EC1D41, 8115B533D3A5BE07633FA54FA8847E3DEC00C5BEB193CF2FBE88428D23E2B3D6 ] C:\Windows\System32\nlaapi.dll
20:49:48.0102 0x0db8  C:\Windows\System32\nlaapi.dll - ok
20:49:48.0102 0x0db8  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] C:\Windows\System32\Sens.dll
20:49:48.0102 0x0db8  C:\Windows\System32\Sens.dll - ok
20:49:48.0117 0x0db8  [ C1395286B822E306B4FE1568A8A77813, 0642B6C793BE0EED5E7D1D2533FC5A01417C50040FC60A8E89BD97CE4A119388 ] C:\Windows\System32\AUDIOKSE.dll
20:49:48.0117 0x0db8  C:\Windows\System32\AUDIOKSE.dll - ok
20:49:48.0117 0x0db8  [ 29910D50542B1AA0F162EF3339C61B6D, 018F0922384A5757390652865BB2DF876E9DA08B0858BC619B41D2CD14533ED4 ] C:\Windows\System32\PeerDist.dll
20:49:48.0117 0x0db8  C:\Windows\System32\PeerDist.dll - ok
20:49:48.0117 0x0db8  [ BAAFAF9CEAEC0B73C2A3550A01F6CECB, 018CB95A43CEA2063EA24691C71D51EF60D522C21502ABA8AD93876363D4B857 ] C:\Windows\System32\taskschd.dll
20:49:48.0117 0x0db8  C:\Windows\System32\taskschd.dll - ok
20:49:48.0117 0x0db8  [ 9BC8610C32C96A2983A65DC21CAFA921, 2A4195F663C9D55939E3D8FEAA208090FDB0B8801A60164A7325B53104797CBC ] C:\Windows\System32\UXInit.dll
20:49:48.0117 0x0db8  C:\Windows\System32\UXInit.dll - ok
20:49:48.0117 0x0db8  [ 9EFAE006B2AE8ACB6BA0E75DFD317F26, 08281F50EB7AEEFDD34E32A9D73FC7AF1B853D0FA94B32109121F5DF12FA2861 ] C:\Windows\System32\RtkAPO64.dll
20:49:48.0117 0x0db8  C:\Windows\System32\RtkAPO64.dll - ok
20:49:48.0117 0x0db8  [ 5AA945234E9D4CCE4F715276B9AA712C, 65165BD131056816F009D987FC78AC86FFE0C3C38A27E73F873586B7FF4D59CF ] C:\Windows\System32\imageres.dll
20:49:48.0117 0x0db8  C:\Windows\System32\imageres.dll - ok
20:49:48.0117 0x0db8  [ 360BA8E58DB77EC9E16502BF96168014, AD26838FD027A8F0F930AA514CA9004B72C782830040AC0C309A472E56DD443A ] C:\Windows\System32\atieclxx.exe
20:49:48.0117 0x0db8  C:\Windows\System32\atieclxx.exe - ok
20:49:48.0117 0x0db8  [ 862596399AAFD2A21DB2AF9270CD4F70, 24CAA19EE791FB3440CE742C9064FCE0CB755EF0789D3CE62058A2CFEF0FF6D2 ] C:\Windows\System32\mstask.dll
20:49:48.0117 0x0db8  C:\Windows\System32\mstask.dll - ok
20:49:48.0133 0x0db8  [ 75C8C9B395BE100332C27F1C2D52E059, EAB6A3950BFC16C552374C1F2694E764A583AD1F4994F5B27BE1D9E70241B85D ] C:\Windows\System32\atiadlxx.dll
20:49:48.0133 0x0db8  C:\Windows\System32\atiadlxx.dll - ok
20:49:48.0133 0x0db8  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] C:\Windows\System32\drivers\lltdio.sys
20:49:48.0133 0x0db8  C:\Windows\System32\drivers\lltdio.sys - ok
20:49:48.0133 0x0db8  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] C:\Windows\System32\drivers\rspndr.sys
20:49:48.0133 0x0db8  C:\Windows\System32\drivers\rspndr.sys - ok
20:49:48.0133 0x0db8  [ 2B81776DA02017A37FE26C662827470E, A656353C50EE08422145D00DB9CFD9F6D3E664753B3C454B171E2A56A8AA94DC ] C:\Windows\System32\IPHLPAPI.DLL
20:49:48.0133 0x0db8  C:\Windows\System32\IPHLPAPI.DLL - ok
20:49:48.0133 0x0db8  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] C:\Windows\System32\lmhsvc.dll
20:49:48.0133 0x0db8  C:\Windows\System32\lmhsvc.dll - ok
20:49:48.0133 0x0db8  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] C:\Windows\System32\nsisvc.dll
20:49:48.0133 0x0db8  C:\Windows\System32\nsisvc.dll - ok
20:49:48.0133 0x0db8  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] C:\Windows\System32\uxsms.dll
20:49:48.0133 0x0db8  C:\Windows\System32\uxsms.dll - ok
20:49:48.0133 0x0db8  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] C:\Windows\System32\dhcpcore.dll
20:49:48.0133 0x0db8  C:\Windows\System32\dhcpcore.dll - ok
20:49:48.0149 0x0db8  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] C:\Windows\System32\dnsrslvr.dll
20:49:48.0149 0x0db8  C:\Windows\System32\dnsrslvr.dll - ok
20:49:48.0149 0x0db8  [ B73A6E4B319AFFE64582AC5C1801BB3F, 274EEA0743DC659180E691654CBB17136E9E9D83B07E302B47EA5B103EA57710 ] C:\Windows\System32\nrpsrv.dll
20:49:48.0149 0x0db8  C:\Windows\System32\nrpsrv.dll - ok
20:49:48.0149 0x0db8  [ 4C9210E8F4E052F6A4EB87716DA0C24C, 460F7990BDADB7D58D6DC95B094D30A2EFDC4CEED444B18A2F36E8D9076FB8B9 ] C:\Windows\System32\winnsi.dll
20:49:48.0149 0x0db8  C:\Windows\System32\winnsi.dll - ok
20:49:48.0149 0x0db8  [ 3CC16A849E6092E43909F48EF0E60306, 610B576654A69415E4F2FEDB6BA384C77715944E4F89BD2821B311968CA8D810 ] C:\Windows\System32\dhcpcore6.dll
20:49:48.0149 0x0db8  C:\Windows\System32\dhcpcore6.dll - ok
20:49:48.0149 0x0db8  [ D07EB640618F96490DB88C3CE58DB608, 0C553971259632031E6856A94EEB937D571627FC7CF061CCFC040F4BF0CFF259 ] C:\Windows\System32\FWPUCLNT.DLL
20:49:48.0149 0x0db8  C:\Windows\System32\FWPUCLNT.DLL - ok
20:49:48.0149 0x0db8  [ F568F7C08458D69E4FCD8675BBB107E4, A5FA25ECF248999A68CCECFBB508BFA1ADD18A23E20A9A9081A87C41CAAA36C0 ] C:\Windows\System32\dhcpcsvc.dll
20:49:48.0149 0x0db8  C:\Windows\System32\dhcpcsvc.dll - ok
20:49:48.0149 0x0db8  [ 885D0942E0F28DB90919BE3129ECF279, 5A10D90EE656ECE3DCA174D6F924641509819FC20CB6EF46B5E1723E52DE85BE ] C:\Windows\System32\dnsext.dll
20:49:48.0149 0x0db8  C:\Windows\System32\dnsext.dll - ok
20:49:48.0164 0x0db8  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] C:\Windows\System32\shsvcs.dll
20:49:48.0164 0x0db8  C:\Windows\System32\shsvcs.dll - ok
20:49:48.0164 0x0db8  [ 3C06D5A929B798D0B13F6481242A0FD2, CE6127A31AB09E21A912CA16E4BDF663E9D05C254CCF9090A8B5A9A2E055EFF3 ] C:\Windows\System32\dhcpcsvc6.dll
20:49:48.0164 0x0db8  C:\Windows\System32\dhcpcsvc6.dll - ok
20:49:48.0164 0x0db8  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] C:\Windows\System32\schedsvc.dll
20:49:48.0164 0x0db8  C:\Windows\System32\schedsvc.dll - ok
20:49:48.0164 0x0db8  [ BC414631876B2F28B8DAB08E849C12C5, 5973654AA3E90E6B699B0A43F645B893D95BAA803129B6967D746C8239AB26E3 ] C:\Windows\System32\ktmw32.dll
20:49:48.0164 0x0db8  C:\Windows\System32\ktmw32.dll - ok
20:49:48.0164 0x0db8  [ 6F3C559B82F2912354BE5B098744CC8C, EB64E5C02C81588921A65194E1256E80699A1317E7D9A57395CD38C2639C8B08 ] C:\Windows\System32\WMALFXGFXDSP.dll
20:49:48.0164 0x0db8  C:\Windows\System32\WMALFXGFXDSP.dll - ok
20:49:48.0164 0x0db8  [ 945E54F23C72D37B8CD1987AF0DB63BF, C2B217C94DBCA0A31ED834B9D492B53B25B235DDD02B1D1200E76609D32772EA ] C:\Windows\System32\fveapi.dll
20:49:48.0164 0x0db8  C:\Windows\System32\fveapi.dll - ok
20:49:48.0164 0x0db8  [ 891ECFD08E2C538B7948CBC45106D697, 628D0D618FF3A70E9FBE3B2C7206C9365ED2297784A5F10FFA05BD2C56657013 ] C:\Windows\System32\fvecerts.dll
20:49:48.0164 0x0db8  C:\Windows\System32\fvecerts.dll - ok
20:49:48.0164 0x0db8  [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7, 4BC5A1279885EEFBEB27333AF719622A5FCDD9606697692C1978E434CE264D80 ] C:\Windows\System32\taskcomp.dll
20:49:48.0164 0x0db8  C:\Windows\System32\taskcomp.dll - ok
20:49:48.0180 0x0db8  [ 694865362F0965779F92BCFE97712323, 825EB75E37AFE9B738869FB5D95020D4F44AD419C2F6C5A658F82A5242FDEF6C ] C:\Windows\System32\tbs.dll
20:49:48.0180 0x0db8  C:\Windows\System32\tbs.dll - ok
20:49:48.0180 0x0db8  [ 54B5DCD55B223BC5DF50B82E1E9E86B1, 025294DD69A421FE4EACAA463F8CB797610D8F3A7A3C61656AE83D0CEE07A9BF ] C:\Windows\System32\mfplat.dll
20:49:48.0180 0x0db8  C:\Windows\System32\mfplat.dll - ok
20:49:48.0180 0x0db8  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] C:\Windows\System32\drivers\http.sys
20:49:48.0180 0x0db8  C:\Windows\System32\drivers\http.sys - ok
20:49:48.0180 0x0db8  [ 8269210DAF3B12BC8300631B28A2A442, EABEB792C2EA8D4A1A7B13281CF557C194D5667AE0BA2A2D5664908D8269113D ] C:\Windows\System32\wiarpc.dll
20:49:48.0180 0x0db8  C:\Windows\System32\wiarpc.dll - ok
20:49:48.0180 0x0db8  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] C:\Windows\System32\spoolsv.exe
20:49:48.0180 0x0db8  C:\Windows\System32\spoolsv.exe - ok
20:49:48.0180 0x0db8  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] C:\Windows\System32\BFE.DLL
20:49:48.0180 0x0db8  C:\Windows\System32\BFE.DLL - ok
20:49:48.0180 0x0db8  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] C:\Windows\System32\drivers\srvnet.sys
20:49:48.0180 0x0db8  C:\Windows\System32\drivers\srvnet.sys - ok
20:49:48.0180 0x0db8  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] C:\Windows\System32\drivers\bowser.sys
20:49:48.0180 0x0db8  C:\Windows\System32\drivers\bowser.sys - ok
20:49:48.0195 0x0db8  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] C:\Windows\System32\drivers\mpsdrv.sys
20:49:48.0195 0x0db8  C:\Windows\System32\drivers\mpsdrv.sys - ok
20:49:48.0195 0x0db8  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] C:\Windows\System32\drivers\mrxsmb.sys
20:49:48.0195 0x0db8  C:\Windows\System32\drivers\mrxsmb.sys - ok
20:49:48.0195 0x0db8  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] C:\Windows\System32\MPSSVC.dll
20:49:48.0195 0x0db8  C:\Windows\System32\MPSSVC.dll - ok
20:49:48.0195 0x0db8  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] C:\Windows\System32\drivers\mrxsmb10.sys
20:49:48.0195 0x0db8  C:\Windows\System32\drivers\mrxsmb10.sys - ok
20:49:48.0195 0x0db8  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] C:\Windows\System32\drivers\mrxsmb20.sys
20:49:48.0195 0x0db8  C:\Windows\System32\drivers\mrxsmb20.sys - ok
20:49:48.0195 0x0db8  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] C:\Windows\System32\drivers\srv2.sys
20:49:48.0195 0x0db8  C:\Windows\System32\drivers\srv2.sys - ok
20:49:48.0195 0x0db8  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] C:\Windows\System32\drivers\srv.sys
20:49:48.0195 0x0db8  C:\Windows\System32\drivers\srv.sys - ok
20:49:48.0211 0x0db8  [ C67F8A962B2534224D5908D16D2AD3CE, CAC1821F5E867285638AEE7AE33CE574BCCF16277AC5AD805650B48F7759B4B4 ] C:\Windows\System32\wfapigp.dll
20:49:48.0211 0x0db8  C:\Windows\System32\wfapigp.dll - ok
20:49:48.0211 0x0db8  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] C:\Windows\System32\wkssvc.dll
20:49:48.0211 0x0db8  C:\Windows\System32\wkssvc.dll - ok
20:49:48.0211 0x0db8  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] C:\Windows\System32\srvsvc.dll
20:49:48.0211 0x0db8  C:\Windows\System32\srvsvc.dll - ok
20:49:48.0211 0x0db8  [ 1834B31C749B86DAC233BBBA1C03BC48, 27FCA9196842C0BB53CCAD895870A0EB10D2F8ED67E5486A4437067BD4BC4448 ] C:\Windows\System32\mscms.dll
20:49:48.0211 0x0db8  C:\Windows\System32\mscms.dll - ok
20:49:48.0211 0x0db8  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] C:\Windows\System32\browser.dll
20:49:48.0211 0x0db8  C:\Windows\System32\browser.dll - ok
20:49:48.0211 0x0db8  [ 81749E073AC5857B044A686B406E5244, 3884EE705CA34235B29942FEDA8FEA654A21139B8C2A1D5E009C7D07D6E6ADF1 ] C:\Windows\System32\clusapi.dll
20:49:48.0211 0x0db8  C:\Windows\System32\clusapi.dll - ok
20:49:48.0211 0x0db8  [ CFEFA40DDE34659BE5211966EAD86437, AC0A3AD8AA47012C40785013E2273FC571F416BC9C9FFDA418FE72B3123C1FB0 ] C:\Windows\System32\netmsg.dll
20:49:48.0211 0x0db8  C:\Windows\System32\netmsg.dll - ok
20:49:48.0211 0x0db8  [ FF80CAD87555E8E4D2CFD7B9058343F8, 07653773FBEC1996408B8507B08E0E1E812830063F932F897F4B39EE63DDCDC4 ] C:\Windows\System32\sscore.dll
20:49:48.0211 0x0db8  C:\Windows\System32\sscore.dll - ok
20:49:48.0227 0x0db8  [ 344FCC9850C3A8A3B4D3C65151AF8E4C, C38853454E153B1AB4AEAE1AAFB7CB4B2E6234208CF24C09F3B2AFE25E271C5C ] C:\Windows\System32\resutils.dll
20:49:48.0227 0x0db8  C:\Windows\System32\resutils.dll - ok
20:49:48.0227 0x0db8  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] C:\Windows\System32\pcasvc.dll
20:49:48.0227 0x0db8  C:\Windows\System32\pcasvc.dll - ok
20:49:48.0227 0x0db8  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] C:\Windows\System32\snmptrap.exe
20:49:48.0227 0x0db8  C:\Windows\System32\snmptrap.exe - ok
20:49:48.0227 0x0db8  [ 2147C5330F983D76A36B73F4A804F778, 4B201E86B701FEA4754139BB3873DEB132932732F1B8EEEAE7C9DB891CC64D2E ] C:\Windows\System32\RdpGroupPolicyExtension.dll
20:49:48.0227 0x0db8  C:\Windows\System32\RdpGroupPolicyExtension.dll - ok
20:49:48.0227 0x0db8  [ 91A8E32B00BF7899EDAB6783287DDDA6, 49451722317AB42B3DE407EFCB9CC560C1455217AC3E2F11F74D08C1708473C5 ] C:\Windows\System32\PeerDistSh.dll
20:49:48.0227 0x0db8  C:\Windows\System32\PeerDistSh.dll - ok
20:49:48.0227 0x0db8  [ AF528B4ECA925F63D437F76E87D8971D, 8BA0A8343AF6499A121B8B8E6D0C42E9CBCE069919F7E5DD41F1AA64899E190C ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
20:49:48.0227 0x0db8  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
20:49:48.0227 0x0db8  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] C:\Windows\System32\provsvc.dll
20:49:48.0227 0x0db8  C:\Windows\System32\provsvc.dll - ok
20:49:48.0227 0x0db8  [ 88351B29B622B30962D2FEB6CA8D860B, A16CAD7D94C1C9807083BB36E9B4C3C14E6482C4CA2BDFACBCC86E737DDCE42E ] C:\Windows\System32\rasadhlp.dll
20:49:48.0227 0x0db8  C:\Windows\System32\rasadhlp.dll - ok
20:49:48.0242 0x0db8  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] C:\Windows\System32\sstpsvc.dll
20:49:48.0242 0x0db8  C:\Windows\System32\sstpsvc.dll - ok
20:49:48.0242 0x0db8  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:49:48.0242 0x0db8  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
20:49:48.0242 0x0db8  [ A2B0924D50F4435FD389499047CE553A, 8D16D5CAAD71AAAAA1479F8477D2928B66581C79932A49A21EDF93DB2803AB9C ] C:\Windows\SysWOW64\ntdll.dll
20:49:48.0242 0x0db8  C:\Windows\SysWOW64\ntdll.dll - ok
20:49:48.0242 0x0db8  [ 2A107B611C91CD256466C58C0D776E9D, 58EA4F6E0FE7EFB8D3024AE71EE16848C2A00BA5224C8054C80134F99D9A72AB ] C:\Windows\System32\wow64.dll
20:49:48.0242 0x0db8  C:\Windows\System32\wow64.dll - ok
20:49:48.0242 0x0db8  [ 7434E01FBCA3CB86539C39412A31D5E1, E40D5AEBB3A5D8F53C76E3FBF0C07B9C0227914C869F57622EA44A212383EE6D ] C:\Windows\System32\wow64win.dll
20:49:48.0242 0x0db8  C:\Windows\System32\wow64win.dll - ok
20:49:48.0242 0x0db8  [ 0F090A77E664CB0F70AB8D3B230B760C, A08EA0409B3BF88AB12792F721FA3A692BBE640DF2A06641E142843A7044EC5E ] C:\Windows\System32\wow64cpu.dll
20:49:48.0242 0x0db8  C:\Windows\System32\wow64cpu.dll - ok
20:49:48.0242 0x0db8  [ 76161B9D78A275F8F28DD67436013110, E4AE9648BDED9035D39DF20C3A6F453F67D49D7899038B21D88FFD4EFFCC4C08 ] C:\Windows\SysWOW64\kernel32.dll
20:49:48.0242 0x0db8  C:\Windows\SysWOW64\kernel32.dll - ok
20:49:48.0258 0x0db8  [ 461B713DE7F353C6447B744F1A049930, 3551C57128DAFA009C9DB3EE0D798D94B269D1605F74897566D7E79E5FDD437B ] C:\Windows\SysWOW64\KernelBase.dll
20:49:48.0258 0x0db8  C:\Windows\SysWOW64\KernelBase.dll - ok
20:49:48.0258 0x0db8  [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3, 01EB95FA3943CF3C6B1A21E473A5C3CB9FCBCE46913B15C96CAC14E4F04075B4 ] C:\Windows\SysWOW64\user32.dll
20:49:48.0258 0x0db8  C:\Windows\SysWOW64\user32.dll - ok
20:49:48.0258 0x0db8  [ 980305AC3AF53C1964A11190451ABB32, D0FE0845F9FB51B1F556E3A1D327F30603033A1FAFC17DFA3D5047B93C7D4D82 ] C:\Windows\SysWOW64\gdi32.dll
20:49:48.0258 0x0db8  C:\Windows\SysWOW64\gdi32.dll - ok
20:49:48.0258 0x0db8  [ CC23295DA8F7B5C53F93804D2F5D30EB, B290D96C40FBA934DE6CFF82D9BBA6780922CC5012C61599BD5006DAEDC82DDB ] C:\Windows\SysWOW64\lpk.dll
20:49:48.0258 0x0db8  C:\Windows\SysWOW64\lpk.dll - ok
20:49:48.0258 0x0db8  [ A5F833506BF6A1B5D693E1499DEE2444, 045874B7D37F49216E37D551076FF440E29DB5196564E714207DF753DF7FDDEE ] C:\Windows\SysWOW64\usp10.dll
20:49:48.0258 0x0db8  C:\Windows\SysWOW64\usp10.dll - ok
20:49:48.0258 0x0db8  [ 9DC80A8AAAAAC397BDAB3C67165A824E, 051636BFDFF7AB0E4191354E846BD0DACCA1A01FCC13C1AFED91D8DBFE17127A ] C:\Windows\SysWOW64\msvcrt.dll
20:49:48.0258 0x0db8  C:\Windows\SysWOW64\msvcrt.dll - ok
20:49:48.0258 0x0db8  [ D67472125471784DE7147946EDA25FEB, F41960118F412B6CA5E80AE5E8DB9AECDD043A7DB34388FF57C6F9C5A0056F91 ] C:\Windows\SysWOW64\advapi32.dll
20:49:48.0258 0x0db8  C:\Windows\SysWOW64\advapi32.dll - ok
20:49:48.0258 0x0db8  [ D8BED6BA298DBAAF6F3D746739FCD333, 83A40845EC448943F4737B730F95860983919677D84922E44EED4BECDFA71A31 ] C:\Windows\SysWOW64\rpcrt4.dll
20:49:48.0258 0x0db8  C:\Windows\SysWOW64\rpcrt4.dll - ok
20:49:48.0273 0x0db8  [ CFC97F07904067A1E5FAE195D534DA3A, EB4D2D127312EB09E2ACCA3276779E80F90FAF77322684BABF72B8EC6E1F906C ] C:\Windows\SysWOW64\sechost.dll
20:49:48.0273 0x0db8  C:\Windows\SysWOW64\sechost.dll - ok
20:49:48.0273 0x0db8  [ F08F6FCD09F9BE94C37ACC1B344685FF, DE48D766258B46EFEAB16579421C4BD97ACC6883F782D00E9857F4A0CE7E8A34 ] C:\Windows\SysWOW64\cryptbase.dll
20:49:48.0273 0x0db8  C:\Windows\SysWOW64\cryptbase.dll - ok
20:49:48.0273 0x0db8  [ 386BF6FD9FC562B1A5558C49E1C3A6FB, 6ED5A61C911845027D0A67B2473603D87E79DB88F0C0C699CBB2D1639C1DFDA5 ] C:\Windows\SysWOW64\shell32.dll
20:49:48.0273 0x0db8  C:\Windows\SysWOW64\shell32.dll - ok
20:49:48.0273 0x0db8  [ 230AAF45031E87638CA4053C0399C1E6, 2ABEA493D8B4EC6A4C72546644D8311F0B9A88D6879942CFB2A8A5175260400F ] C:\Windows\SysWOW64\sspicli.dll
20:49:48.0273 0x0db8  C:\Windows\SysWOW64\sspicli.dll - ok
20:49:48.0273 0x0db8  [ 8CC3C111D653E96F3EA1590891491D71, 1D326D7D116D76876EE2B14A5BFB7B4328E21DB9B5AAAB9CB67F8EFB93924230 ] C:\Windows\SysWOW64\shlwapi.dll
20:49:48.0273 0x0db8  C:\Windows\SysWOW64\shlwapi.dll - ok
20:49:48.0273 0x0db8  [ 928CF7268086631F54C3D8E17238C6DD, F058FAFB04E7EBD5CADE9B48195B7AA7C3508F332A89F5E6E5F3F071E8CADD4A ] C:\Windows\SysWOW64\ole32.dll
20:49:48.0273 0x0db8  C:\Windows\SysWOW64\ole32.dll - ok
20:49:48.0273 0x0db8  [ 6C765E82B57F2E66CE9C54AC238471D9, 97F410023F5C08B4BC5DBF89A642200E76F4025ADD9707C24FD89D673675BB43 ] C:\Windows\SysWOW64\oleaut32.dll
20:49:48.0273 0x0db8  C:\Windows\SysWOW64\oleaut32.dll - ok
20:49:48.0273 0x0db8  [ CC09E0C9A2D89C6E71D093DC8BD121B7, 5F92457E27D817541EBA92FED984D2E6C1E35AD4E4E4CAE0F0778B795C260FAA ] C:\Windows\SysWOW64\crypt32.dll
20:49:48.0273 0x0db8  C:\Windows\SysWOW64\crypt32.dll - ok
20:49:48.0289 0x0db8  [ 938F39B50BAFE13D6F58C7790682C010, 902000EE51EFEABAF6A4B30F880AA37083D2232C6FC622CA513C4A823390FEDA ] C:\Windows\SysWOW64\msasn1.dll
20:49:48.0289 0x0db8  C:\Windows\SysWOW64\msasn1.dll - ok
20:49:48.0289 0x0db8  [ 68EAAEDF0365168B804E8728368FA946, 1FA25087E8B247B099B729F780DBF24F77FD34F58186A1C94329261CF3D18B8E ] C:\Windows\SysWOW64\wintrust.dll
20:49:48.0289 0x0db8  C:\Windows\SysWOW64\wintrust.dll - ok
20:49:48.0289 0x0db8  [ CDBE9690CF2B8409FACAD94FAC9479C9, 8E7FE1A1F3550C479FFD86A77BC9D10686D47F8727025BB891D8F4F0259354C8 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
20:49:48.0289 0x0db8  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
20:49:48.0289 0x0db8  [ A6F09E5669D9A19035F6D942CAA15882, 68C8AF0CC1923E3A7245392F2480EE665D265DF300A609D2540BF7C6D9C1A1BE ] C:\Windows\SysWOW64\imm32.dll
20:49:48.0289 0x0db8  C:\Windows\SysWOW64\imm32.dll - ok
20:49:48.0289 0x0db8  [ C9618BC9B2B0FD7C1138D8774795A79B, 0AC170669C2626519FA7A745C56BFBA6B83B8537488F5B9EB7BA72448E5E7A43 ] C:\Windows\SysWOW64\msctf.dll
20:49:48.0289 0x0db8  C:\Windows\SysWOW64\msctf.dll - ok
20:49:48.0289 0x0db8  [ C08063F052308B6F5882482615387F30, 523D1D43E896077F32CD9ACAA8E85B513BFB7B013A625E56F0D4E9675D9822BA ] C:\Windows\System32\drivers\cpuz135_x64.sys
20:49:48.0289 0x0db8  C:\Windows\System32\drivers\cpuz135_x64.sys - ok
20:49:48.0289 0x0db8  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] C:\Windows\System32\cryptsvc.dll
20:49:48.0289 0x0db8  C:\Windows\System32\cryptsvc.dll - ok
20:49:48.0289 0x0db8  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] C:\Windows\System32\dps.dll
20:49:48.0289 0x0db8  C:\Windows\System32\dps.dll - ok
20:49:48.0305 0x0db8  [ C7BB95CF9631AA401E4ADED1648F6AF7, BE011DEC328AB543BD401E49FD3BE8462C40FD5EEDB4E1332B27240813127F89 ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
20:49:48.0305 0x0db8  C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe - ok
20:49:48.0305 0x0db8  [ 7FF15A4F092CD4A96055BA69F903E3E9, 1B594E6D057C632ABB3A8CF838157369024BD6B9F515CA8E774B22FE71A11627 ] C:\Windows\SysWOW64\ws2_32.dll
20:49:48.0305 0x0db8  C:\Windows\SysWOW64\ws2_32.dll - ok
20:49:48.0305 0x0db8  [ 6377051C63D5552A311935C67E9FDFDC, 3FB82988AAB66813567E8DB951D4EE87F156201070F005FDBF52EF998A323E65 ] C:\Windows\SysWOW64\nsi.dll
20:49:48.0305 0x0db8  C:\Windows\SysWOW64\nsi.dll - ok
20:49:48.0305 0x0db8  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC, 372AF797353F9335915CD06D4076BAB8410775DCAF2DAC0593197D7C41BBFFB2 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
20:49:48.0305 0x0db8  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
20:49:48.0305 0x0db8  [ C9564CF4976E7E96B4052737AA2492B4, C3AC989C8489A23BB96400B1856F5325FFC67E844F04651EA5D61BC20A991C6D ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
20:49:48.0305 0x0db8  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
20:49:48.0305 0x0db8  [ 7321F18D1F820612ED0E9F2D4B578A7E, 612BD7DE1DFBD100BD6ACB37A38565D88C39842D990D296B9B8E1FB75C3A94E7 ] C:\Windows\SysWOW64\cryptsp.dll
20:49:48.0305 0x0db8  C:\Windows\SysWOW64\cryptsp.dll - ok
20:49:48.0305 0x0db8  [ A0E053D8D97ED0F913D56E6AF21DD26F, 99B8A1DABDDD28E3C0D377D3245C15B1B788FBE444BD625252E4E513B1DD4F17 ] C:\Windows\SysWOW64\secur32.dll
20:49:48.0305 0x0db8  C:\Windows\SysWOW64\secur32.dll - ok
20:49:48.0320 0x0db8  [ E3ECF5FFE3DEDF61DC6877B6A99ACBBF, 2944FE9035882830799F18B7A98112BA66F16994694CA0CFFC77306775F5EDB2 ] C:\Windows\SysWOW64\credssp.dll
20:49:48.0320 0x0db8  C:\Windows\SysWOW64\credssp.dll - ok
20:49:48.0320 0x0db8  [ F95E1E9D97D25C11F29CA34C843A6F4D, 97DF01FA582425B72EFE54BE1CE8B28C4A8BA680A081F4D32797C5A0425FFB41 ] C:\Windows\SysWOW64\schannel.dll
20:49:48.0320 0x0db8  C:\Windows\SysWOW64\schannel.dll - ok
20:49:48.0320 0x0db8  [ F11A57E91FDAECFB41A5CB21EB1EBC8E, 904DA963F2274ADF521660E3131DAC781E59C6FAEB393E57802A3B5638C09283 ] C:\Windows\System32\dssenh.dll
20:49:48.0320 0x0db8  C:\Windows\System32\dssenh.dll - ok
20:49:48.0320 0x0db8  [ A6B726DCA228F7878E38368A1BDC68BE, 30E8300B09B876E3D4B2A9215C9CC070EADF915E1268F425B6F8E0596A0D3539 ] C:\Windows\System32\cryptnet.dll
20:49:48.0320 0x0db8  C:\Windows\System32\cryptnet.dll - ok
20:49:48.0320 0x0db8  [ 0E2F58F6E698EDCB9E58FAD0CBCD0567, 426FB40A065FEF61980C803EF72D0D326C623340C3AE99CA8AFFDEFB81E8D49D ] C:\Windows\System32\vssapi.dll
20:49:48.0320 0x0db8  C:\Windows\System32\vssapi.dll - ok
20:49:48.0320 0x0db8  [ A90DC9ABD65DB1A8902F361103029952, 26798758976CE53251AC342B966BE0363AE1794BD965C452F5DEBC33E18969F0 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
20:49:48.0320 0x0db8  C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
20:49:48.0320 0x0db8  [ 6A6B2EE4565A178035BE2A4FF6F2C968, E2E231F1C2E2CE19583483ACC53318651FA7CA2DE46BCB89B4CBF97CA0525122 ] C:\Windows\SysWOW64\wtsapi32.dll
20:49:48.0320 0x0db8  C:\Windows\SysWOW64\wtsapi32.dll - ok
20:49:48.0320 0x0db8  [ B9A8CBCFCD3EC9D2EA4740AF347BF108, 97FA304E3880BC863D999F441AE47CB8ADF00D2DEC2A52ACD8FBD02CC096786A ] C:\Windows\SysWOW64\mpr.dll
20:49:48.0320 0x0db8  C:\Windows\SysWOW64\mpr.dll - ok
20:49:48.0336 0x0db8  [ CFF35B879D1618D42C86644C717BA947, 1837275202628D3320867A3BF8CFDA15491730C4B74215F7C0D7E140BF01AC3C ] C:\Windows\SysWOW64\winnsi.dll
20:49:48.0336 0x0db8  C:\Windows\SysWOW64\winnsi.dll - ok
20:49:48.0336 0x0db8  [ 90FF511B751A0327D07C4073760F1578, C370796065FEDB95F2D91B0C533C2108A822ACECCC3BA0CA3E38129532EC4690 ] C:\Windows\SysWOW64\ieframe.dll
20:49:48.0336 0x0db8  C:\Windows\SysWOW64\ieframe.dll - ok
20:49:48.0336 0x0db8  [ 287923557447D7E4BDD7E65B1F0F5428, 14D85A0F036F28D77AA9723C3D7E8C4DA9BDFF8A1AD9BEA6FE5756DBF5D00F08 ] C:\Windows\System32\vsstrace.dll
20:49:48.0336 0x0db8  C:\Windows\System32\vsstrace.dll - ok
20:49:48.0336 0x0db8  [ 2380976CF8A4A56611F35633ACD2A74F, E8829CA2743DBE457E1BB6C5BFCE64E4DA9E65A2EC67FFC7FB7E767B592AC1F6 ] C:\Windows\System32\drivers\epfwwfpr.sys
20:49:48.0336 0x0db8  C:\Windows\System32\drivers\epfwwfpr.sys - ok
20:49:48.0336 0x0db8  [ 26EABEEA7F30DCF21DA0577C4EE26FAA, 20C3CD2579ED6853249B1EAEF23DF2904779BA2E806D00C30F81EA9A1612AE0F ] C:\Program Files (x86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe
20:49:48.0336 0x0db8  C:\Program Files (x86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe - ok
20:49:48.0336 0x0db8  [ C733D233B623B7FFCE5031E4B756EE26, 33CC8B140B0E4A9B702E3468BE2646AEE4273F20C6EA5BAC6C3D8FC8EDEF0881 ] C:\Windows\SysWOW64\profapi.dll
20:49:48.0336 0x0db8  C:\Windows\SysWOW64\profapi.dll - ok
20:49:48.0336 0x0db8  [ D15618A0FF8DBC2C5BF3726BACC75A0B, ADD81EA1D208907D67802F0E96EC0327BA89021F870BA22B9C7E3A19013A6AE7 ] C:\Windows\SysWOW64\userenv.dll
20:49:48.0336 0x0db8  C:\Windows\SysWOW64\userenv.dll - ok
20:49:48.0351 0x0db8  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] C:\Windows\System32\IKEEXT.DLL
20:49:48.0351 0x0db8  C:\Windows\System32\IKEEXT.DLL - ok
20:49:48.0351 0x0db8  [ D5AC41AE382738483FAFFBD7E373D49A, 68793D15566F387650E9C5010E1CA73BDE3EB4BA431EA0A1673004CAE08413B0 ] C:\Windows\System32\HPZinw12.dll
20:49:48.0351 0x0db8  C:\Windows\System32\HPZinw12.dll - ok
20:49:48.0351 0x0db8  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] C:\Windows\System32\netman.dll
20:49:48.0351 0x0db8  C:\Windows\System32\netman.dll - ok
20:49:48.0351 0x0db8  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] C:\Windows\System32\nlasvc.dll
20:49:48.0351 0x0db8  C:\Windows\System32\nlasvc.dll - ok
20:49:48.0351 0x0db8  [ E36112A8A6C7F840169A7E92C12F4203, 52795B2E6ECCE751EEF5074AF52FDE376A382D0A1C43B90DD4F77A397C00FBC5 ] C:\Windows\System32\wsock32.dll
20:49:48.0351 0x0db8  C:\Windows\System32\wsock32.dll - ok
20:49:48.0351 0x0db8  [ 6A13B4F3B3F575F1E24B877B9359AABA, 676AD5F8F709D4A9DCE9938D82DEEE329C9A385A6969C169B3DF37AA75F1E4C7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
20:49:48.0351 0x0db8  C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
20:49:48.0351 0x0db8  [ 2E33DFD10F28F86C3FC40EE123CC3904, 57C65671A04EFCA437A69E8E97B2FCA17897EE4608C7DB69F77D44FBD3490B50 ] C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
20:49:48.0351 0x0db8  C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
20:49:48.0351 0x0db8  [ 60F4AEFA103D421EA4A40E31409B4756, 037A8605CA504A4FF43E9D4DE9017CEA1E26D3556C975872C747E24D8B0835EF ] C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
20:49:48.0351 0x0db8  C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
20:49:48.0367 0x0db8  [ 6951562DC4625EEFC6EACD52AD165866, 44A0B3EA0232D613A5B4115492DF2A7CEF25B35300E6A3E3E50C9544C5D1049E ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
20:49:48.0367 0x0db8  C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
20:49:48.0367 0x0db8  [ 589CBC4989F750E1DA35625AB481CF43, B93E1B8C3775F9C995FD5451C685A06DEFD24AE1DF0DD99D19D5E4B9AC0010F9 ] C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
20:49:48.0367 0x0db8  C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll - ok
20:49:48.0367 0x0db8  [ 3BE0D923AA45A4DBE091C2D84F0B4FE7, 603EEC55D6F646150FC3F0F2C939CFE434C02FC7A7AB23B1FEC8B5C77E4C8381 ] C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
20:49:48.0367 0x0db8  C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll - ok
20:49:48.0367 0x0db8  [ FF4A917DD7C387BD2715A5F67307FED1, 4D11039C75409C87D1DAB5FDE9E2DA4D080BE7A3ADF739316906BB85E74C81FD ] C:\Windows\SysWOW64\iertutil.dll
20:49:48.0367 0x0db8  C:\Windows\SysWOW64\iertutil.dll - ok
20:49:48.0367 0x0db8  [ 702254574E7E52052DE39408457B7149, 645CA9E88DA21C63710A04A0F54421018DF415A3D612112C71A255C49325C082 ] C:\Windows\SysWOW64\version.dll
20:49:48.0367 0x0db8  C:\Windows\SysWOW64\version.dll - ok
20:49:48.0367 0x0db8  [ 77B5035BC6EDF4D1B6265391AECEE4C0, FE69B715F04446BD42AF1B672E6AC54E954CFE0C847BFD2056CB11CF017B1844 ] C:\Windows\System32\vpnikeapi.dll
20:49:48.0367 0x0db8  C:\Windows\System32\vpnikeapi.dll - ok
20:49:48.0367 0x0db8  [ 1727B2A2F379A32B864C096FA794AADC, 87B77A5DF95F3A1C5ED6DEF820C7E384BEFCBAA2FE1BB4781AC6F777A081E5CC ] C:\Windows\System32\aepic.dll
20:49:48.0367 0x0db8  C:\Windows\System32\aepic.dll - ok
20:49:48.0367 0x0db8  [ C6DCD1D11ED6827F05C00773C3E7053C, EA23BE261C9C04F44215D254D7A80FD0AEE84C6F192D0FEE49A7CF74ED3CB1A6 ] C:\Windows\System32\sfc.dll
20:49:48.0367 0x0db8  C:\Windows\System32\sfc.dll - ok
20:49:48.0383 0x0db8  [ 895C9AB0A855547445C4181195230757, 89BDA385D8CCB75C3D7B1BDFA567AC441A931F4E499C0835FEE9D010343FABB6 ] C:\Windows\System32\sfc_os.dll
20:49:48.0383 0x0db8  C:\Windows\System32\sfc_os.dll - ok
20:49:48.0383 0x0db8  [ 352B3DC62A0D259A82A052238425C872, 393B24E0D6007C74AEE2FB2EE2C18623D37DF64E279B6767952DCFEE0EACBB10 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
20:49:48.0383 0x0db8  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
20:49:48.0383 0x0db8  [ DF13A51A5C591887D2EC6AE64CEED0FA, DFD503AEBCAA056B2B0E669ACA52F6D26F4E6892F2DCFCCD902752C23A621653 ] C:\Windows\SysWOW64\wsock32.dll
20:49:48.0383 0x0db8  C:\Windows\SysWOW64\wsock32.dll - ok
20:49:48.0383 0x0db8  [ D4FAC263861BAE06971C7F7D0A8EBF15, D494DEF0024288B9CC56EC6B500FF5828144BE9B8E7033340509EC5E68F8DED0 ] C:\Windows\System32\ncsi.dll
20:49:48.0383 0x0db8  C:\Windows\System32\ncsi.dll - ok
20:49:48.0383 0x0db8  [ 58F4493BF748A3A89689997B7BD00E95, EC5DEEC73E357C7C87B001275C4E635011A9CF39419F2B86E2C2B8D7E388C551 ] C:\Windows\System32\winhttp.dll
20:49:48.0383 0x0db8  C:\Windows\System32\winhttp.dll - ok
20:49:48.0383 0x0db8  [ 603EBD34E216C5654A2D774EAC98D278, ACE0171BB780DB2C1B1A8BF6FA8CF51C529D7E09141FA504C7199AF764FD9A36 ] C:\Windows\System32\webio.dll
20:49:48.0383 0x0db8  C:\Windows\System32\webio.dll - ok
20:49:48.0383 0x0db8  [ 2BBF3FDB70B8965DFA0258CBAB41ECCE, 4EFA41765E46E90C6CBDB0DC1E0CD375D7AB3307C477171EBAA6A16AC32E5211 ] C:\Windows\System32\ssdpapi.dll
20:49:48.0383 0x0db8  C:\Windows\System32\ssdpapi.dll - ok
20:49:48.0398 0x0db8  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] C:\Windows\System32\drivers\PEAuth.sys
20:49:48.0398 0x0db8  C:\Windows\System32\drivers\PEAuth.sys - ok
20:49:48.0398 0x0db8  [ 37F6046CDC630442D7DC087501FF6FC6, EFC0F3DA49839CA263CD95AE5015F4FC554D9D845A58A699C542C8C96E70ED3C ] C:\Windows\System32\HPZipm12.dll
20:49:48.0398 0x0db8  C:\Windows\System32\HPZipm12.dll - ok
20:49:48.0398 0x0db8  [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] C:\Windows\System32\PnkBstrA.exe
20:49:48.0398 0x0db8  C:\Windows\System32\PnkBstrA.exe - ok
20:49:48.0398 0x0db8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] C:\Windows\System32\drivers\secdrv.sys
20:49:48.0398 0x0db8  C:\Windows\System32\drivers\secdrv.sys - ok
20:49:48.0398 0x0db8  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] C:\Windows\System32\seclogon.dll
20:49:48.0398 0x0db8  C:\Windows\System32\seclogon.dll - ok
20:49:48.0398 0x0db8  [ A543AC1F7138376D778D630A35FCBC4C, 2D824C66A97FC8C39DAFA397CC47495B712D175EEF393486946DA8936BDD466A ] C:\Windows\SysWOW64\psapi.dll
20:49:48.0398 0x0db8  C:\Windows\SysWOW64\psapi.dll - ok
20:49:48.0398 0x0db8  [ E94C583CDE2348950155F2AF2876F34D, D00C7E0D665E467B712C68A446CC5BE14FDA743A2301878B3CEB72CDD0A8B8E7 ] C:\Windows\SysWOW64\mswsock.dll
20:49:48.0398 0x0db8  C:\Windows\SysWOW64\mswsock.dll - ok
20:49:48.0398 0x0db8  [ EE5C8E27C37B79CB54A2FCEEED2DC262, 0A5E200FD65A491756B951A4A0ED39B88B7B313E97C2BBF3C91AC4C290772BB7 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
20:49:48.0398 0x0db8  C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
20:49:48.0414 0x0db8  [ 28CA821606669BB9215CE010767720FA, C8A1F0D6704F8F37CF8AADDFAD511FF27E56E8BCFFD4AC948DFA0329DB1F3A1E ] C:\Windows\SysWOW64\cryptui.dll
20:49:48.0414 0x0db8  C:\Windows\SysWOW64\cryptui.dll - ok
20:49:48.0414 0x0db8  [ 210FCACAF902B2CD47CF9FD17D846146, 3F77AC721E084864C5966FF5337A90185F62203DC19C685328675500D629CB87 ] C:\Windows\System32\aeevts.dll
20:49:48.0414 0x0db8  C:\Windows\System32\aeevts.dll - ok
20:49:48.0414 0x0db8  [ 4F8CCD3E7D9F17A7C60FA0AE2466CACF, 77849DD78145EA879E63A42AE1481C0DEA3E16D89BB067229203317E9EDD340D ] C:\Windows\SysWOW64\wer.dll
20:49:48.0414 0x0db8  C:\Windows\SysWOW64\wer.dll - ok
20:49:48.0414 0x0db8  [ 2FCA0D2C59A855C54BAFA22AA329DF0F, ED9D26F539065D62FCCEDEEC8E509B30F4D15F8DA586C1F657ACEFE9DABAACD0 ] C:\Windows\SysWOW64\netapi32.dll
20:49:48.0414 0x0db8  C:\Windows\SysWOW64\netapi32.dll - ok
20:49:48.0414 0x0db8  [ 20B3934DB73EABA2B49B7177873CB81F, 492EAC5C51472B43DE11825358AEC4B9E3A081DACFD7513C696D6FE40F302EE5 ] C:\Windows\SysWOW64\netutils.dll
20:49:48.0414 0x0db8  C:\Windows\SysWOW64\netutils.dll - ok
20:49:48.0414 0x0db8  [ 5CCDCD40E732D54E0F7451AC66AC1C87, 66F4DA105BD72E41250CD59E2B3CD931B47AC9FDB6C784B9E33C5EE1AC29841F ] C:\Windows\SysWOW64\srvcli.dll
20:49:48.0414 0x0db8  C:\Windows\SysWOW64\srvcli.dll - ok
20:49:48.0414 0x0db8  [ E5A4A1326A02F8E7B59E6C3270CE7202, DCB76016F9AC47E631540874DA208A089F9D529DA9628705A2869B954526BFE0 ] C:\Windows\SysWOW64\wkscli.dll
20:49:48.0414 0x0db8  C:\Windows\SysWOW64\wkscli.dll - ok
20:49:48.0414 0x0db8  [ 839F96DBAAFD3353E0B248A5E0BD2A51, 11DA5AD3EA5FF4766C12B99FB520B3CBE08581ECAF1A2FD1DC5AC835CA78FAC2 ] C:\Windows\SysWOW64\rasapi32.dll
20:49:48.0414 0x0db8  C:\Windows\SysWOW64\rasapi32.dll - ok
20:49:48.0429 0x0db8  [ C212A43AA83A717AD38505F23ACDCB33, 52BFF0FB72D2C4543ECB2C2F6E1DA63E548BAFCE553EECBB18F287AC2CF5EF28 ] C:\Windows\SysWOW64\msi.dll
20:49:48.0429 0x0db8  C:\Windows\SysWOW64\msi.dll - ok
20:49:48.0429 0x0db8  [ FFA7172354B9256DBB2CDD75F16F33FE, 85B2F014C67C2E52540F17D561793C6633C9E98F12639CCD3854EB1EC34DD035 ] C:\Windows\SysWOW64\rasman.dll
20:49:48.0429 0x0db8  C:\Windows\SysWOW64\rasman.dll - ok
20:49:48.0429 0x0db8  [ 1E8D06AAE74FED674C1156B3FEA911C2, C1999BA9E436F9E0B9302DC82DF8B214E66372899FD4C0C60C56EE5340BADB9F ] C:\Windows\SysWOW64\Faultrep.dll
20:49:48.0429 0x0db8  C:\Windows\SysWOW64\Faultrep.dll - ok
20:49:48.0429 0x0db8  [ 10FB16B50AFFDA6D44588F3C445DC273, 6CDA17DA9B44D11E69F7C6682FA633EA75731623BB21B429A0FE2086ED4495A7 ] C:\Windows\SysWOW64\setupapi.dll
20:49:48.0429 0x0db8  C:\Windows\SysWOW64\setupapi.dll - ok
20:49:48.0429 0x0db8  [ F436E847FA799ECD75AD8C313673F450, 3C8BF3F0C08C7FA8DE5CD9C60AD9D00B742E84EB1FEBEEBA0F7159844BAAA471 ] C:\Windows\SysWOW64\cfgmgr32.dll
20:49:48.0429 0x0db8  C:\Windows\SysWOW64\cfgmgr32.dll - ok
20:49:48.0429 0x0db8  [ 2EEFF4502F5E13B1BED4A04CCAD64C08, 209FF1B6D46D1AC99518FCF54F2F726143B2DBF2C5FDA90212FBEF7526F7CBF5 ] C:\Windows\SysWOW64\devobj.dll
20:49:48.0429 0x0db8  C:\Windows\SysWOW64\devobj.dll - ok
20:49:48.0429 0x0db8  [ 3FD15B4611D9BDA3F8013548C0ECAECA, B47A8D9985D9B71EB870816A0AB2B6403D394CCBDF7DE5378D5721D58D68D28D ] C:\Windows\SysWOW64\ntmarta.dll
20:49:48.0429 0x0db8  C:\Windows\SysWOW64\ntmarta.dll - ok
20:49:48.0429 0x0db8  [ A8BB45F9ECAD993461E0FEF8E2A99152, ACB756EA54E71F124D928829666B5B439785593877FF7C0C76ADCF954F4E6C94 ] C:\Windows\SysWOW64\Wldap32.dll
20:49:48.0429 0x0db8  C:\Windows\SysWOW64\Wldap32.dll - ok
20:49:48.0445 0x0db8  [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] C:\Program Files (x86)\Skype\Updater\Updater.exe
20:49:48.0445 0x0db8  C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
20:49:48.0445 0x0db8  [ FF5688D309347F2720911D8796912834, 3B0D73C50D40A6F42629B7750F99F656BF5C1C50237D5F98B6C0F2CE5E2DA359 ] C:\Windows\SysWOW64\clbcatq.dll
20:49:48.0445 0x0db8  C:\Windows\SysWOW64\clbcatq.dll - ok
20:49:48.0445 0x0db8  [ 5997D769CDB108390DCFAEBF442BF816, 0E25CA984C0EEB629184423FAA9BC6D4356DF9A93F281E06DC83B4AC638AEC4A ] C:\Windows\SysWOW64\RpcRtRemote.dll
20:49:48.0445 0x0db8  C:\Windows\SysWOW64\RpcRtRemote.dll - ok
20:49:48.0445 0x0db8  [ ED8EC63F7522DF4852147C84EC62C36A, 75633011CD28DCBD4834211A9D415F17DE15BFCD80FB9FF6CE25CBBD4E9899AF ] C:\Windows\SysWOW64\rsaenh.dll
20:49:48.0445 0x0db8  C:\Windows\SysWOW64\rsaenh.dll - ok
20:49:48.0445 0x0db8  [ F98DDFBFE0EE66D4C4B00693512B9527, 322FF75D1CA460368FD72ADCD93273F1D5AA5CF2C4DF65A94BF9ABAA2E695150 ] C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
20:49:48.0445 0x0db8  C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe - ok
20:49:48.0445 0x0db8  [ A42E7748BE906434C5FD17161D168C20, 883A263ED30F9D83A788C484FE61BDB3A518FE489CF97DA4AE9599A8E39E6AE7 ] C:\Windows\SysWOW64\schedcli.dll
20:49:48.0445 0x0db8  C:\Windows\SysWOW64\schedcli.dll - ok
20:49:48.0445 0x0db8  [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9, E18D66455D00A6D2A2D7CC0833C233FE8A6DD910B59D6B5B5F82EF91450858DF ] C:\Windows\SysWOW64\sfc.dll
20:49:48.0445 0x0db8  C:\Windows\SysWOW64\sfc.dll - ok
20:49:48.0461 0x0db8  [ 84799328D87B3091A3BDD251E1AD31F9, F85521215924388830DBB13580688DB70B46AF4C7D82D549D09086438F8D237B ] C:\Windows\SysWOW64\sfc_os.dll
20:49:48.0461 0x0db8  C:\Windows\SysWOW64\sfc_os.dll - ok
20:49:48.0461 0x0db8  [ EC6BA7C92FA5B2AA4AFDF4DF22AEDAB7, 690F12C490BEE2BF17AB7B6804E6E9B96F51C304350CCDE80FE5C7EEFA89720E ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll
20:49:48.0461 0x0db8  C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok
20:49:48.0461 0x0db8  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] C:\Windows\System32\drivers\tcpipreg.sys
20:49:48.0461 0x0db8  C:\Windows\System32\drivers\tcpipreg.sys - ok
20:49:48.0461 0x0db8  [ BCEA9AB347E53BC03B2E36BE0B8BA0EF, 868DEFB78767E91694E83F931725257DF3FF79A4BFED3B914D27F3493EB7A8D0 ] C:\Windows\System32\httpapi.dll
20:49:48.0461 0x0db8  C:\Windows\System32\httpapi.dll - ok
20:49:48.0461 0x0db8  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] C:\Windows\System32\sysmain.dll
20:49:48.0461 0x0db8  C:\Windows\System32\sysmain.dll - ok
20:49:48.0461 0x0db8  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] C:\Windows\System32\tapisrv.dll
20:49:48.0461 0x0db8  C:\Windows\System32\tapisrv.dll - ok
20:49:48.0461 0x0db8  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] C:\Windows\System32\wiaservc.dll
20:49:48.0461 0x0db8  C:\Windows\System32\wiaservc.dll - ok
20:49:48.0476 0x0db8  [ 24F4D0FD29F0D6291905019E64DD1D92, 81A0B9223A000FC8FCEE2E5C1B11981BCA0AD7CF9408EEE6217609AE3B3B0290 ] C:\Program Files\Microsoft SQL Server\90\Shared\sqlwvss.dll
20:49:48.0476 0x0db8  C:\Program Files\Microsoft SQL Server\90\Shared\sqlwvss.dll - ok
20:49:48.0476 0x0db8  [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5, BDA403E6CACC249C467671FB1FAF7B77FB019326BC18F9F6CF377104520E2654 ] C:\Windows\System32\wiatrace.dll
20:49:48.0476 0x0db8  C:\Windows\System32\wiatrace.dll - ok
20:49:48.0476 0x0db8  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] C:\Windows\System32\trkwks.dll
20:49:48.0476 0x0db8  C:\Windows\System32\trkwks.dll - ok
20:49:48.0476 0x0db8  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] C:\Windows\System32\wbem\WMIsvc.dll
20:49:48.0476 0x0db8  C:\Windows\System32\wbem\WMIsvc.dll - ok
20:49:48.0476 0x0db8  [ A8704A10FFDE468F4AB18EBF82A9A86F, 40F6502679CEE0B657B0005278FBE7213BDDA6DEAACF868058E17737C182E1B4 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll
20:49:48.0476 0x0db8  C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll - ok
20:49:48.0476 0x0db8  [ 7DB5AA22A8A8E5C2D335F44853C1F6DE, A734A20357026C42950394682A52CBC3AF956D09F1949E1B4E95467E999BC428 ] C:\Windows\System32\wbemcomn.dll
20:49:48.0476 0x0db8  C:\Windows\System32\wbemcomn.dll - ok
20:49:48.0476 0x0db8  [ 0255C22D99602534F15CBB8D9B6F152F, 43CD89D6CA56E0B633142F7C86DA9E072EE0723B5EBC4CE8CCBCA58C396ECF54 ] C:\Windows\System32\wbem\WinMgmtR.dll
20:49:48.0476 0x0db8  C:\Windows\System32\wbem\WinMgmtR.dll - ok
20:49:48.0476 0x0db8  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:49:48.0476 0x0db8  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
20:49:48.0492 0x0db8  [ 0C52762C606BCF6A377D5E4688191A6B, C58C9A73AD07E3B93AB186D0D47C5F1CB7197771DBEE40646C3B801645BB388F ] C:\Windows\System32\wbem\WmiDcPrv.dll
20:49:48.0492 0x0db8  C:\Windows\System32\wbem\WmiDcPrv.dll - ok
20:49:48.0492 0x0db8  [ A3F5E8EC1316C3E2562B82694A251C9E, F3DC6AA6A9D3B5BBC730668FC52C1D4BB5D515D404578BDDD3D4869A7ED58822 ] C:\Windows\System32\wbem\fastprox.dll
20:49:48.0492 0x0db8  C:\Windows\System32\wbem\fastprox.dll - ok
20:49:48.0492 0x0db8  [ EE26D130808D16C0E417BBBED0451B34, 4886DCE4FAEF146A40BABD492A8000A2022FEA542A6135A9BAFD4CD09297B4E5 ] C:\Windows\System32\ntdsapi.dll
20:49:48.0492 0x0db8  C:\Windows\System32\ntdsapi.dll - ok
20:49:48.0492 0x0db8  [ 666A60F6F5E719856FF6254E0966EFF7, 58C072E7E215991E19C1CA062C476081982F7B9F039714539AE7FEB4981C200F ] C:\Windows\System32\wbem\wbemprox.dll
20:49:48.0492 0x0db8  C:\Windows\System32\wbem\wbemprox.dll - ok
20:49:48.0492 0x0db8  [ 5EB55F661DEBF156E126160BCD4D89F8, 948D1F627AA55D55FB3B558BA61B8366C5481A6041820631F24408F75EA5D2CC ] C:\Windows\System32\wbem\wbemcore.dll
20:49:48.0492 0x0db8  C:\Windows\System32\wbem\wbemcore.dll - ok
20:49:48.0492 0x0db8  [ 087D8668C71634A3A3761135ABF16EEE, B7348A63299CFF4FFBF375E645A4850AE0F108D48D13AB25434CFAE7CF3D61FD ] C:\Windows\System32\wbem\esscli.dll
20:49:48.0492 0x0db8  C:\Windows\System32\wbem\esscli.dll - ok
20:49:48.0492 0x0db8  [ 718B6F51AB7F6FE2988A36868F9AD3AB, 76141B4E94C2766E2C34CEF523092948771A7893212EFADBE88D2171B85FF012 ] C:\Windows\System32\wbem\wbemsvc.dll
20:49:48.0492 0x0db8  C:\Windows\System32\wbem\wbemsvc.dll - ok
20:49:48.0507 0x0db8  [ 0143DB80DACFB7C2B5B7009ED9063353, 252885CF7C1BAB89B86908373546E5F5D674BEF7AACBDDCF321AD877CB9150A9 ] C:\Windows\System32\wbem\wmiutils.dll
20:49:48.0507 0x0db8  C:\Windows\System32\wbem\wmiutils.dll - ok
20:49:48.0507 0x0db8  [ 93812FDC01AA864195816CD814445F95, E5CB2576DA2905177AFD342DBE63E17CF626F93F430DEBC55155C18C60166BEE ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
20:49:48.0507 0x0db8  C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
20:49:48.0507 0x0db8  [ B837D1528CE2E3CB79F09496BC08DDC6, ACD54CE61CFE94F23DC283537AD8FFBEB3D6041BD30317B60BA7A10FCB240A27 ] C:\Windows\System32\SensApi.dll
20:49:48.0507 0x0db8  C:\Windows\System32\SensApi.dll - ok
20:49:48.0507 0x0db8  [ 1075AB2C077B415760C0E948856B5126, D67804B4A038FC06BD84CBF9C047DD4C13073622027F825371DB98867EF4E9B9 ] C:\Windows\System32\wer.dll
20:49:48.0507 0x0db8  C:\Windows\System32\wer.dll - ok
20:49:48.0507 0x0db8  [ 7D5645EE0EA77D539828433D9B95F5EB, EEF81E9B2205FC456DB6095AD0AEAB38BB131D3BCD090EA6CD91D5568ACAFB7F ] C:\Windows\System32\WinSCard.dll
20:49:48.0507 0x0db8  C:\Windows\System32\WinSCard.dll - ok
20:49:48.0507 0x0db8  [ 2ABDEC2F3EDB5A15808713C08A21BF7E, 9C125841824D1376495EC7D1E1D3DF20635B9E8215FDECE25FAB70E874B8D9DB ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
20:49:48.0507 0x0db8  C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
20:49:48.0507 0x0db8  [ ECA6AC33BD9E441F7B47D173D715D268, 5B9017F80BD8C7823CFE1AB4C21D91388E1B31BF0D77058A98791D2FACA11EB6 ] C:\Windows\System32\msxml3.dll
20:49:48.0507 0x0db8  C:\Windows\System32\msxml3.dll - ok
20:49:48.0523 0x0db8  [ D790CAFEFF0291D0AF8C76F5A1EE2E4E, 135EC003E17E290FFC3BBE93E9136BCAD003D1E2C649EC03DF4688740CC009DC ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
20:49:48.0523 0x0db8  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
20:49:48.0523 0x0db8  [ 0AB34456654C283DAA13B8D2BA21439B, 4B70FC5195DE39564E951C8542020BA3D4257E3D4488F69825F67A6099CB7549 ] C:\Windows\System32\wbem\repdrvfs.dll
20:49:48.0523 0x0db8  C:\Windows\System32\wbem\repdrvfs.dll - ok
20:49:48.0523 0x0db8  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] C:\Windows\System32\iphlpsvc.dll
20:49:48.0523 0x0db8  C:\Windows\System32\iphlpsvc.dll - ok
20:49:48.0523 0x0db8  [ 27B9E163740A226B65E4B9E186117911, 17411C6A6C1E699BC4B0C04D782FD9AA09CF577DBA41E743F7588904D489CB9F ] C:\Windows\System32\sqmapi.dll
20:49:48.0523 0x0db8  C:\Windows\System32\sqmapi.dll - ok
20:49:48.0523 0x0db8  [ 7B38D7916A7CD058C16A0A6CA5077901, 3F6DD990E2DA5D3BD6D65A72CBFB0FE79EB30B118A8AD71B6C9BB5581A622DCE ] C:\Windows\System32\wdscore.dll
20:49:48.0523 0x0db8  C:\Windows\System32\wdscore.dll - ok
20:49:48.0523 0x0db8  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] C:\Windows\System32\rasmans.dll
20:49:48.0523 0x0db8  C:\Windows\System32\rasmans.dll - ok
20:49:48.0523 0x0db8  [ 65522E77A1360DBC8D199DA3BF5EFFE4, E9D748070FA478A3D37F15049F998D340885C0DC5FCE03BFCE5D521C9EBA7350 ] C:\Windows\System32\eappprxy.dll
20:49:48.0523 0x0db8  C:\Windows\System32\eappprxy.dll - ok
20:49:48.0539 0x0db8  [ 44C96B48112EB24AE7764EBF1C527000, 6691D008C834686906B4841EF27604B0F0E70E668C09CEE19369426BF168AF44 ] C:\Windows\System32\rastapi.dll
20:49:48.0539 0x0db8  C:\Windows\System32\rastapi.dll - ok
20:49:48.0539 0x0db8  [ FAFAE01E889DC9C05A6CA2138CFC220B, 192CFDE3593ED0A9B397461D912074C0F062015C23E6F6658571C7C2864D9A51 ] C:\Windows\System32\tapi32.dll
20:49:48.0539 0x0db8  C:\Windows\System32\tapi32.dll - ok
20:49:48.0539 0x0db8  [ 03706015DB44368375AEBE6339490E66, 02EB28B5156E320C1EBABC03D37E94EB770A721B99E1DD276F8DC2A50D76C381 ] C:\Windows\System32\netcfgx.dll
20:49:48.0539 0x0db8  C:\Windows\System32\netcfgx.dll - ok
20:49:48.0539 0x0db8  [ 3B367397320C26DBA890B260F80D1B1B, 50BBE71B4380B5E86E197AF86F5C08266DD6B12344BA4ABDEA604B8C774C4147 ] C:\Windows\System32\hnetcfg.dll
20:49:48.0539 0x0db8  C:\Windows\System32\hnetcfg.dll - ok
20:49:48.0539 0x0db8  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] C:\Windows\System32\netprofm.dll
20:49:48.0539 0x0db8  C:\Windows\System32\netprofm.dll - ok
20:49:48.0539 0x0db8  [ D2A0FFA75AB181B19B5EB93BB29C7686, AC282D5EFFB191492F14638EB80F18E53C4A3D26C94A00A949366B3564D6C3E2 ] C:\Windows\System32\unimdm.tsp
20:49:48.0539 0x0db8  C:\Windows\System32\unimdm.tsp - ok
20:49:48.0539 0x0db8  [ 7C1BAE7D23D4874FEE256A2B9C00E019, 4EE87C2F0CACE557AA159349133474A5857B6667DDB976BA5A18489A3333F798 ] C:\Windows\System32\hidphone.tsp
20:49:48.0539 0x0db8  C:\Windows\System32\hidphone.tsp - ok
20:49:48.0539 0x0db8  [ 41326DD08ACC0CDC5F8177AF96C066E8, 9C21BB553EEDD28272E865396C9EF94655EC1CF216290A56581AEF7908B7AFDD ] C:\Windows\System32\kmddsp.tsp
20:49:48.0539 0x0db8  C:\Windows\System32\kmddsp.tsp - ok
20:49:48.0554 0x0db8  [ 1D6BC2769DA66C1145F4DA5A65F52E61, B38EFF16652E751BF3B3BD85DA6EA33AB9B7F4228C59F741074E33085DB66ED0 ] C:\Windows\System32\ndptsp.tsp
20:49:48.0554 0x0db8  C:\Windows\System32\ndptsp.tsp - ok
20:49:48.0554 0x0db8  [ 94B7DF336815B47236724019FAB24B7C, 43549F1FB89D0585A0E0333BB8E1DDED2EBD0F3C0EC3EA93B238EA037188AA41 ] C:\Windows\System32\uniplat.dll
20:49:48.0554 0x0db8  C:\Windows\System32\uniplat.dll - ok
20:49:48.0554 0x0db8  [ 0D753307D274F3688BD21C377B616700, 5DD08E77A11F2561FB96BA212FDDFE21D4394C69C34C3EB88F7F5CD068EE55BF ] C:\Windows\System32\eappcfg.dll
20:49:48.0554 0x0db8  C:\Windows\System32\eappcfg.dll - ok
20:49:48.0554 0x0db8  [ FEB91B4DA0D540865260A33838654FA3, 8636B008BA329D3E6CC235D08BA4C914EFF45DBFCB9297C893CCDA8D907BA946 ] C:\Windows\System32\nci.dll
20:49:48.0554 0x0db8  C:\Windows\System32\nci.dll - ok
20:49:48.0554 0x0db8  [ A717A35120DBAB5AB707AB40662AF9DD, DE117E70D0AC7FC26BBCEAAB45A0270A1065B36CC8B062B4128B561F2AAA9E04 ] C:\Windows\System32\rasppp.dll
20:49:48.0554 0x0db8  C:\Windows\System32\rasppp.dll - ok
20:49:48.0554 0x0db8  [ 0FE5CD5F9C9248F42D1EF56E495B182E, 1EBD40C119A3D3251A19A8D15669D9DCB5D3CFBC3AFCF1CD00101C31320243E1 ] C:\Windows\System32\vpnike.dll
20:49:48.0554 0x0db8  C:\Windows\System32\vpnike.dll - ok
20:49:48.0554 0x0db8  [ 6A84E68B538B8B04608BF2F0D426CE6F, 59CE1C06364D1BBEE853DA4AEC1E8B678D6E181723ACCF6DB9F9776CAD47BBDA ] C:\Windows\System32\raschap.dll
20:49:48.0554 0x0db8  C:\Windows\System32\raschap.dll - ok
20:49:48.0554 0x0db8  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] C:\Windows\System32\ipnathlp.dll
20:49:48.0554 0x0db8  C:\Windows\System32\ipnathlp.dll - ok
20:49:48.0570 0x0db8  [ 2DF29664ED261F0FC448E58F338F0671, 4EFE79C383D0AF126FC4EE668D822563F8F037B1E61D73747A35FE11AAFDB8CE ] C:\Windows\System32\mprapi.dll
20:49:48.0570 0x0db8  C:\Windows\System32\mprapi.dll - ok
20:49:48.0570 0x0db8  [ A42F2C1EB3B66C54FB3C7B79D30C1A6D, A63836DB3B01835DC1311526A95198D6EBCCB1DC9DDAFBC38EC36C128CDB98B9 ] C:\Windows\System32\netshell.dll
20:49:48.0570 0x0db8  C:\Windows\System32\netshell.dll - ok
20:49:48.0570 0x0db8  [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C, 78889511D6F471009674CC958F8BB77B4A79C952634B18E8AFF4A75AA6A60E87 ] C:\Windows\System32\ndiscapCfg.dll
20:49:48.0570 0x0db8  C:\Windows\System32\ndiscapCfg.dll - ok
20:49:48.0570 0x0db8  [ 3D6AF45673C4B31CDECD7F80AF09D443, 7D711D138C107816155AFA5E5FDC6892734074BEFF604B5904177B5D9ACE4670 ] C:\Windows\System32\rascfg.dll
20:49:48.0570 0x0db8  C:\Windows\System32\rascfg.dll - ok
20:49:48.0570 0x0db8  [ 1CF21800E337F4039AAD4C94B4280EE4, EF434CEF6E62A202B85E8EC7916EB998E20B10675437CDE90084CDA938C0AA3F ] C:\Windows\System32\mprmsg.dll
20:49:48.0570 0x0db8  C:\Windows\System32\mprmsg.dll - ok
20:49:48.0570 0x0db8  [ DDD0357A92FA843EFF8915ED17253D6C, 0C78B1D41F0A7821186ADF653504F2BFF067CB512CB0E932047C301378BBADB6 ] C:\Windows\System32\wbem\WmiPrvSD.dll
20:49:48.0570 0x0db8  C:\Windows\System32\wbem\WmiPrvSD.dll - ok
20:49:48.0570 0x0db8  [ D41FEBD098234F02485A4EA98D4730A4, 462DC8168C444F35B43BA3B8F7D77734665D84F1C6D25CAD7391C0145961628F ] C:\Windows\System32\ncobjapi.dll
20:49:48.0570 0x0db8  C:\Windows\System32\ncobjapi.dll - ok
20:49:48.0570 0x0db8  [ 6F40D6FB05E0C1E5402812B426971AF0, E41F138F0F2DB057F8DBB1587237C6FA8A2059B3D64EC894D1DC492A18DBBDED ] C:\Windows\System32\wbem\wbemess.dll
20:49:48.0570 0x0db8  C:\Windows\System32\wbem\wbemess.dll - ok
20:49:48.0585 0x0db8  [ 55DE45B116711881C852D2841E4C84DD, 18E5021530BB44042C85087BAE4FEDA633E01CDCBA09C90A5941B74C75133A35 ] C:\Windows\System32\tcpipcfg.dll
20:49:48.0585 0x0db8  C:\Windows\System32\tcpipcfg.dll - ok
20:49:48.0585 0x0db8  [ 748849C42DEA24C723048E24BCA1BD55, 517DDE70E7CB8E94C6E8B9B05CCD4BC6490A8837FD8BB874C9E1186D8EF07659 ] C:\Windows\System32\wshbth.dll
20:49:48.0585 0x0db8  C:\Windows\System32\wshbth.dll - ok
20:49:48.0585 0x0db8  [ D23BBC0827B1D8730C8C1CFA1D82CCD5, 9BF9D1A29D9BF3E640973196339C75CC9FBAC1CDA576AC812FAD5DB9D2E17C86 ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnHips.dll
20:49:48.0585 0x0db8  C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnHips.dll - ok
20:49:48.0585 0x0db8  [ 2E70A8B199AED648B2568BBABC7CA9D0, EB5D3A9E355FB0942D1F01646D2C0DF52EFC17FD1C465CCBB2D33D22F6377A57 ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnAmon.dll
20:49:48.0585 0x0db8  C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnAmon.dll - ok
20:49:48.0585 0x0db8  [ AA7F66B5D4B20A8BF4D0607ECFA0D274, D5F403EC96609549856057FCCBB84886788A98A8C439CDF1DA36D6BF0AC14109 ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnScan.dll
20:49:48.0585 0x0db8  C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnScan.dll - ok
20:49:48.0585 0x0db8  [ 56A494AF81A76498E93ED0091F9557E4, B127BD29D9A1874DCE1D25684D9E9DD3A28914E48E914BB9A362DAAD73F99082 ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnEmon.dll
20:49:48.0585 0x0db8  C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnEmon.dll - ok
20:49:48.0601 0x0db8  [ 3629D654B61C49EE199B6C7822D5645D, EBB5815FAC2AE9A8F5A68A059F009BD2163D645C0A9C5CF4266129BABAB023AE ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnDmon.dll
20:49:48.0601 0x0db8  C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnDmon.dll - ok
20:49:48.0601 0x0db8  [ F1F2E1983D5A32590002702C634F9AD2, 7D6331F39C6C06AB8D25C156F86F2203B97C10769C5FEF959867F977A7DED263 ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnEpfw.dll
20:49:48.0601 0x0db8  C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnEpfw.dll - ok
20:49:48.0601 0x0db8  [ 8BD055A8EB90193B72F5175FA8506156, 753238BFB2C7C226026829E838ABB594A43F0308B746939E197B0B0A28E480B2 ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnUpdate.dll
20:49:48.0601 0x0db8  C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnUpdate.dll - ok
20:49:48.0601 0x0db8  [ F26102500A90E72FA73E9AB40C1DFB81, 7F9ED1C2C115D2A5348C17678676B3133389087810A3B91D5285503C1E32D719 ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\updater.dll
20:49:48.0601 0x0db8  C:\Program Files\ESET\ESET NOD32 Antivirus\x86\updater.dll - ok
20:49:48.0601 0x0db8  [ 225B0DFB3490FD7860B0C12A8103031A, 7A2E098ADCD363146313F408BBD61B1364584D92F8428E41750876286410CB9C ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnMailPlugins.dll
20:49:48.0601 0x0db8  C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnMailPlugins.dll - ok
20:49:48.0601 0x0db8  [ DB9003592DB92B0D59C78A638715DE23, 70899A0DD36C987C3848B5EEC83F3BA753963906AB49C84454500C164450BAE5 ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\eplgOE.dll
20:49:48.0601 0x0db8  C:\Program Files\ESET\ESET NOD32 Antivirus\x86\eplgOE.dll - ok
20:49:48.0601 0x0db8  [ 75F5E1FE8D55CF8E577E0EC5F2290D3F, F4E2C81F0834018052A481AE8D7DF4780302A6844160CCDC09F7D82D3B992BDE ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll
20:49:48.0601 0x0db8  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll - ok
20:49:48.0617 0x0db8  [ 863F793D15B4026B1A5FDECA873D4D84, AF7ABD95BB5467551562F129F03C7AC9D52A021F7E547609F40A80E66932C942 ] C:\Windows\SysWOW64\apphelp.dll
20:49:48.0617 0x0db8  C:\Windows\SysWOW64\apphelp.dll - ok
20:49:48.0617 0x0db8  [ 51138BEEA3E2C21EC44D0932C71762A8, 5AD3C37E6F2B9DB3EE8B5AEEDC474645DE90C66E3D95F8620C48102F1EBA4124 ] C:\Windows\SysWOW64\rundll32.exe
20:49:48.0617 0x0db8  C:\Windows\SysWOW64\rundll32.exe - ok
20:49:48.0617 0x0db8  [ E7B9D5FF20FFDD4AAE2EF1D1B8C27A37, 689D126B1B42140D5049015E3E324268E6542D4BC6CC14E31D8B89A25B94BAA5 ] C:\Windows\SysWOW64\imagehlp.dll
20:49:48.0617 0x0db8  C:\Windows\SysWOW64\imagehlp.dll - ok
20:49:48.0617 0x0db8  [ 96C70BD48D49B87475F4572DEDC62EB9, DA841CEBDFF2C5821D4D3396BD9299940A4A2927C161554B66AB8F58CBF04467 ] C:\Windows\AppPatch\AcLayers.dll
20:49:48.0617 0x0db8  C:\Windows\AppPatch\AcLayers.dll - ok
20:49:48.0617 0x0db8  [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8, B1A9B2EF000917214C0198958CBD239D1D91B1720EC40DF041262A34D302AD74 ] C:\Windows\SysWOW64\winspool.drv
20:49:48.0617 0x0db8  C:\Windows\SysWOW64\winspool.drv - ok
20:49:48.0617 0x0db8  [ B149AC1FDD748E4DD0599A1C2D302418, 2A8EE3B14690CE0EDB0FA61624257220B167D9D4B08F85C4BEDE69D300B534C2 ] C:\Windows\AppPatch\acwow64.dll
20:49:48.0617 0x0db8  C:\Windows\AppPatch\acwow64.dll - ok
20:49:48.0617 0x0db8  [ 5FD76F63A05518826D4823B56BB9619B, F5023286D7EF63D48A88E955F1545C8661C2DA104BC2C117C806501C081BE47C ] C:\Program Files\ESET\ESET NOD32 Antivirus\eplgOE.dll
20:49:48.0617 0x0db8  C:\Program Files\ESET\ESET NOD32 Antivirus\eplgOE.dll - ok
20:49:48.0632 0x0db8  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\System32\rundll32.exe
20:49:48.0632 0x0db8  C:\Windows\System32\rundll32.exe - ok
20:49:48.0632 0x0db8  [ 9028D1621C43DF8DFBD1C76860412A11, A1D48D9B33180BDE50D2FA9BB07E9520B7B7788C39B3AABB4A06AE4B1AACA755 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll
20:49:48.0632 0x0db8  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll - ok
20:49:48.0632 0x0db8  [ 9A85ABCE0FDD1AF8E79E731EB0B679F3, 2A610BEB16610FE2F2E9A50477A62A05481E8A5843A814955A0EDFF45D0304B3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
20:49:48.0632 0x0db8  C:\Windows\SysWOW64\dhcpcsvc.dll - ok
20:49:48.0632 0x0db8  [ 81F6C1AE23B1C493D9E996C3103915D7, E22408B4D2EDE2F89E686A4FDCD4057BE27B86D050E9CB489F0FFB39C72AEC1D ] C:\Windows\SysWOW64\dhcpcsvc6.dll
20:49:48.0632 0x0db8  C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
20:49:48.0632 0x0db8  [ 8258362DDB18B644A82D8B5061AD9426, 87CA586B2B1B0089BFF6A259A0743D184AE383B3B12C4BC5986D72ADFFBE9EDA ] C:\Windows\SysWOW64\wscisvif.dll
20:49:48.0632 0x0db8  C:\Windows\SysWOW64\wscisvif.dll - ok
20:49:48.0632 0x0db8  [ A8CDF3768604FF95B54669E20053D569, 2DB85B86C839341F2A879A6D25F787D17EE665D425C1BAC3E1F82BAC61F89F94 ] C:\Windows\SysWOW64\wscapi.dll
20:49:48.0632 0x0db8  C:\Windows\SysWOW64\wscapi.dll - ok
20:49:48.0632 0x0db8  [ 6D017C0E499443ACDE3D9B5DCD753F32, F87D32C4D38C9182B5641E49CC4D3D350EF3D98E3E8144FB8BF9E822B1DC4862 ] C:\Windows\SysWOW64\urlmon.dll
20:49:48.0632 0x0db8  C:\Windows\SysWOW64\urlmon.dll - ok
20:49:48.0632 0x0db8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] C:\Windows\System32\wdi.dll
20:49:48.0632 0x0db8  C:\Windows\System32\wdi.dll - ok
20:49:48.0648 0x0db8  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] C:\Windows\System32\hidserv.dll
20:49:48.0648 0x0db8  C:\Windows\System32\hidserv.dll - ok
20:49:48.0648 0x0db8  [ 1C60E09CA1C3A045BC4D367F67C915B7, DF1ED88CB57DA1AB1A4245AE0D5B42AFA3396EBF67B99411FFFB0DD06DE1AEAF ] C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
20:49:48.0648 0x0db8  C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
20:49:48.0648 0x0db8  [ 4449D23E8F197862F1B16F1E6C89C36C, 93AF52BF8E870C0381F027D3BB8F6829E449242074472F1593EB8172D7EB6559 ] C:\Windows\System32\diagperf.dll
20:49:48.0648 0x0db8  C:\Windows\System32\diagperf.dll - ok
20:49:48.0648 0x0db8  [ B945BAA81B4805AD6BDDF4D026DCFB47, 1D19849DD58CDBF8BE5DDFE79CFF6FA6F98B34EF454FF248D3A569F94DC683E2 ] C:\Windows\SysWOW64\wininet.dll
20:49:48.0648 0x0db8  C:\Windows\SysWOW64\wininet.dll - ok
20:49:48.0648 0x0db8  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] C:\Windows\System32\aelupsvc.dll
20:49:48.0648 0x0db8  C:\Windows\System32\aelupsvc.dll - ok
20:49:48.0648 0x0db8  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] C:\Windows\System32\wpdbusenum.dll
20:49:48.0648 0x0db8  C:\Windows\System32\wpdbusenum.dll - ok
20:49:48.0648 0x0db8  [ 49ACA548B2423F1C67898E6AC719A9A6, 23D84137EAB9AFDD31CBB6776B6B25AD135A120AF7F7885EB5BBF9E0A2CCC4C1 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
20:49:48.0648 0x0db8  C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
20:49:48.0648 0x0db8  [ BF4AC709BE5BF64F331F5D67773A0C82, 96E5A2A12D386B8A7976FEC76FD350E6A3EEBDF5763F4BBF4AB18880E9F269E0 ] C:\Windows\System32\perftrack.dll
20:49:48.0648 0x0db8  C:\Windows\System32\perftrack.dll - ok
20:49:48.0663 0x0db8  [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159, ACE7F85685EB92FC3AB4215122B0469E32F23B196C49F08CDA7791D3122C45DC ] C:\Windows\SysWOW64\rtutils.dll
20:49:48.0663 0x0db8  C:\Windows\SysWOW64\rtutils.dll - ok
20:49:48.0663 0x0db8  [ E64D9EC8018C55873B40FDEE9DBEF5B3, 2DB11E7C631A9887CB75AFEAD2C79EC65F82C51F5F073CEFC8CDDF664EFF29C1 ] C:\Windows\System32\PortableDeviceApi.dll
20:49:48.0663 0x0db8  C:\Windows\System32\PortableDeviceApi.dll - ok
20:49:48.0663 0x0db8  [ 9719E3D834F5C8C43F56A93DFA497023, 4D78D4BD4835C0A237821967156C19DF4B90384A6BCB1F48CEAF35D003A0099A ] C:\Windows\System32\pnpts.dll
20:49:48.0663 0x0db8  C:\Windows\System32\pnpts.dll - ok
20:49:48.0663 0x0db8  [ E811F8510B133E70CF6E509FB809824F, 82541F2B15748250462B67B6C77530D4F7C45A1482237EC49B28F9FA5A414108 ] C:\Windows\System32\wdiasqmmodule.dll
20:49:48.0663 0x0db8  C:\Windows\System32\wdiasqmmodule.dll - ok
20:49:48.0663 0x0db8  [ E1B22739C933BE33F53DB58C5393ADD3, 26EE0DD091D2E00DECC774DC1EEDFFDE69AF74B0C769CCBE091AFC32C66E4207 ] C:\Windows\System32\Apphlpdm.dll
20:49:48.0663 0x0db8  C:\Windows\System32\Apphlpdm.dll - ok
20:49:48.0663 0x0db8  [ 46863C4CC5B68EB09EA2D5EEF0F1193A, 9B5593E1F484AC8F96F89A5995FB1FE9C51CB2F0F545607F6850751191150CFE ] C:\Windows\System32\radardt.dll
20:49:48.0663 0x0db8  C:\Windows\System32\radardt.dll - ok
20:49:48.0663 0x0db8  [ AFA79C343F9D1555F7E5D5FA70BB2A14, 440EF3ADC1F5C7A5ED3E872C8D8DFA61B039454C3CA67F8A51CA8BDCFDC4BA4A ] C:\Windows\System32\PortableDeviceConnectApi.dll
20:49:48.0663 0x0db8  C:\Windows\System32\PortableDeviceConnectApi.dll - ok
20:49:48.0679 0x0db8  [ F7073C962C4FB7C415565DDE109DE49F, 781E7088DCEFBC34A808C3E7DA41A56112B3F23ABE9F54B5EF4D5CD9CD016B1D ] C:\Windows\System32\npmproxy.dll
20:49:48.0679 0x0db8  C:\Windows\System32\npmproxy.dll - ok
20:49:48.0679 0x0db8  [ A8EDB86FC2A4D6D1285E4C70384AC35A, 61B8955CE0A2AA9D0719920B30216717B349B6FBE11C697C31CFA84F859CC1AE ] C:\Windows\System32\dllhost.exe
20:49:48.0679 0x0db8  C:\Windows\System32\dllhost.exe - ok
20:49:48.0679 0x0db8  [ A0A2C1D812C231C9BFE119FDC68E341B, F94446594EE17505956A715DFB28B51D09F00A7A65E56950661B889A57DE8FA8 ] C:\Windows\System32\IDStore.dll
20:49:48.0679 0x0db8  C:\Windows\System32\IDStore.dll - ok
20:49:48.0679 0x0db8  [ 639774C9ACD063F028F6084ABF5593AD, 9DFD80610CBBC9188F6C6BC85C87016B0AE42254FC289C2B578E85282BDD9C23 ] C:\Windows\System32\taskhost.exe
20:49:48.0679 0x0db8  C:\Windows\System32\taskhost.exe - ok
20:49:48.0679 0x0db8  [ 6D707786D7163383C64F07263BB9478E, 2A97D0F3EE6E100C8942ED55C86B64882E7524F3BA8990AD8EBFFB6FE9958A66 ] C:\Windows\System32\KBDJPN.DLL
20:49:48.0679 0x0db8  C:\Windows\System32\KBDJPN.DLL - ok
20:49:48.0679 0x0db8  [ 65EA57712340C09B1B0C427B4848AE05, 5FDCF73191BFF9DBB03886755FFCF0BC15849F0E216884A5A8B9BB375FA7C1A5 ] C:\Windows\System32\taskeng.exe
20:49:48.0679 0x0db8  C:\Windows\System32\taskeng.exe - ok
20:49:48.0679 0x0db8  [ 94EEAC26F57811BD1AEFC164412F7FCE, 7390BCD7709D48DE75D7D6E06AA7356D1C58EE63F3CC2E07ABCD2E2FF6CC81CF ] C:\Windows\System32\PlaySndSrv.dll
20:49:48.0679 0x0db8  C:\Windows\System32\PlaySndSrv.dll - ok
20:49:48.0679 0x0db8  [ 001D7099C3DB8E53A955FF4D66E25AA2, 70B857DB1B8B03D317722D5868C5012947C0C791632C878D60BF16D0EF889A78 ] C:\Windows\System32\kbd101.dll
20:49:48.0679 0x0db8  C:\Windows\System32\kbd101.dll - ok
20:49:48.0695 0x0db8  [ A1D990022654CFE37E2561E540F0253B, 3966DF44B840F7C2ECB760472AC8397B78CBFC2E72FEA3C1BA7649103B39CF28 ] C:\Windows\System32\kbd106.dll
20:49:48.0695 0x0db8  C:\Windows\System32\kbd106.dll - ok
20:49:48.0695 0x0db8  [ 117865AD39587EB4DA218AAF2E559B8C, F645D1A3FFDBD16D06942E9B80A1AF6FE14ACA1D5041731B5C5BCA74E20C02F5 ] C:\Windows\System32\kbdnec.dll
20:49:48.0695 0x0db8  C:\Windows\System32\kbdnec.dll - ok
20:49:48.0695 0x0db8  [ 805A52C5AE26C28E88FDD9BCCFE6F312, 4FF28D3658C31722B7DD036DED9D544B14841C0E0B94D31A8EC5AB92128DA020 ] C:\Windows\System32\TSChannel.dll
20:49:48.0695 0x0db8  C:\Windows\System32\TSChannel.dll - ok
20:49:48.0695 0x0db8  [ 9FCA3A84338ADEF2AFF67CDA46EF8539, 087DF72096852AE98C56990EE6E68835BE95E7E49ECDDE8B54DAC11C9E07FE94 ] C:\Windows\System32\umb.dll
20:49:48.0695 0x0db8  C:\Windows\System32\umb.dll - ok
20:49:48.0695 0x0db8  [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051, 8EFD0A6DE6F4E335D342782190008FB5AC84A6ADE49170B310DEC9AC48E623E8 ] C:\Windows\System32\localspl.dll
20:49:48.0695 0x0db8  C:\Windows\System32\localspl.dll - ok
20:49:48.0695 0x0db8  [ 9BB99503D6A4DD62569EDE9E5E2672A5, 6F4EA5BC50B1F929735246485263078BEF1B3BEB33F78CB1F483F13AA226C27E ] C:\Windows\System32\HotStartUserAgent.dll
20:49:48.0695 0x0db8  C:\Windows\System32\HotStartUserAgent.dll - ok
20:49:48.0695 0x0db8  [ 3285481F5C12305CA104A6C493CA5A0B, ADB39B15D26A954B0F347C7BAFCC76DE5E3CF3CF05736E8987E0832AA7F8563C ] C:\Windows\System32\spoolss.dll
20:49:48.0695 0x0db8  C:\Windows\System32\spoolss.dll - ok
20:49:48.0695 0x0db8  [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA, 8A6ACEFAB95E5275CBFBE6CCB5A6C3A6A471260B279B9063E86B9C7765E18656 ] C:\Windows\System32\MsCtfMonitor.dll
20:49:48.0695 0x0db8  C:\Windows\System32\MsCtfMonitor.dll - ok
20:49:48.0710 0x0db8  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:49:48.0710 0x0db8  C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
20:49:48.0710 0x0db8  [ F09A9A1AD21FE618C4C8B0A0D830C886, 29831DDAB2AB105358FBC067CDF96428220B6743CD6019F6FE74BAC7AF325E7E ] C:\Windows\System32\msutb.dll
20:49:48.0710 0x0db8  C:\Windows\System32\msutb.dll - ok
20:49:48.0710 0x0db8  [ 0015ACFBBDD164A8A730009908868CA7, E1FF243AD2CF959FAB81EFE701592414991C03416FF296ADC93906E76B707C4D ] C:\Windows\System32\winspool.drv
20:49:48.0710 0x0db8  C:\Windows\System32\winspool.drv - ok
20:49:48.0710 0x0db8  [ C5AC93CF3BA30D367FB49148A2B673B9, 07B556039BBA841BC9F28979C3AD5D238B55391F921C9C805F3AFC9EFB437766 ] C:\Windows\System32\PrintIsolationProxy.dll
20:49:48.0710 0x0db8  C:\Windows\System32\PrintIsolationProxy.dll - ok
20:49:48.0710 0x0db8  [ 19E41CCCEE697CC9465396B370929792, A9FC4C33C71C3677FE57779380E55FDE2AC0B0C70A9DBCBA0D0B6FA92C709A7F ] C:\Windows\System32\FXSMON.dll
20:49:48.0710 0x0db8  C:\Windows\System32\FXSMON.dll - ok
20:49:48.0710 0x0db8  [ 77E585EDD4C7EB7AB2ACC36BC1DC32A5, 57BF4D683CA66AAC2A4B7FEDF9F7FB254860BE77E1F4A6DD2C40410783B5C113 ] C:\Program Files (x86)\Google\Update\1.3.24.15\goopdate.dll
20:49:48.0710 0x0db8  C:\Program Files (x86)\Google\Update\1.3.24.15\goopdate.dll - ok
20:49:48.0710 0x0db8  [ B3D8A0D4BDE95FAA6CA2ABAA3A7C2C20, D28C71995BD4C4E94106CEBB9D5A5420DADE5961F1457A50D9931847227A7312 ] C:\Windows\System32\hpf3l082.dll
20:49:48.0710 0x0db8  C:\Windows\System32\hpf3l082.dll - ok
20:49:48.0726 0x0db8  [ F5CEF064C7E6D95DA86B9D064A56A969, F118CD4364690F37A07AE458E043E8CFBA98F332DC9E7228C83409CF26F6EF6D ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
20:49:48.0726 0x0db8  C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
20:49:48.0726 0x0db8  [ 32A3C8600AF124CBAAD845F13CFAE3CB, F36FE9E57D5C509FEECE890F9F8717F9CC6F762E32AE0B7DB7E0153370CE0B9D ] C:\Windows\System32\tcpmon.dll
20:49:48.0726 0x0db8  C:\Windows\System32\tcpmon.dll - ok
20:49:48.0726 0x0db8  [ 59BCE9F07985F8A4204F4D6554CFF708, CA24AEF558647274D019DFB4D7FD1506D84EC278795C30BA53B81BB36130DC57 ] C:\Windows\System32\regsvr32.exe
20:49:48.0726 0x0db8  C:\Windows\System32\regsvr32.exe - ok
20:49:48.0726 0x0db8  [ 522B0466ED967A0762E9AF5B37D8F40A, B14C62D059BC7CF430E1B0F6E18E31EFD1959EFB3025A2B0EBB11751F38DD6D4 ] C:\Windows\System32\esent.dll
20:49:48.0726 0x0db8  C:\Windows\System32\esent.dll - ok
20:49:48.0726 0x0db8  [ 23566F9723771108D2E6CD768AC27407, FAC0293DD1061B151E779BF4B245E6652C951FEDEBC602A166156DFBD38B5D67 ] C:\Windows\System32\AtBroker.exe
20:49:48.0726 0x0db8  C:\Windows\System32\AtBroker.exe - ok
20:49:48.0726 0x0db8  [ 93518C6EDE0B61BCBD02BDB02BD05FEE, 3637F5E5F15093AFB501EE910368CF900B422AC22669391FFA4198BBAE6F8FCB ] C:\Windows\System32\snmpapi.dll
20:49:48.0726 0x0db8  C:\Windows\System32\snmpapi.dll - ok
20:49:48.0726 0x0db8  [ F6CC2FD47787F6E7045D544E1B568458, 33C5AED3E7E2FDA5AE3A64166C2AFF6965005E38598BFC2D7D86708262FA1993 ] C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe
20:49:48.0726 0x0db8  C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe - ok
20:49:48.0726 0x0db8  [ FFF9D00CF16397C64317F213484F94BD, 94D0584E14BDB27F61F59A7BCEA529A1594261BE0CE74502C13E8865843BA414 ] C:\Windows\System32\wsnmp32.dll
20:49:48.0726 0x0db8  C:\Windows\System32\wsnmp32.dll - ok
20:49:48.0741 0x0db8  [ 6CEF7856A3EFAC59470F6208F0F585CE, 0F7A80DB821FDE6580E9481B6DA44844F717DDB4983B0E3D562BE43726153951 ] C:\Windows\System32\mpr.dll
20:49:48.0741 0x0db8  C:\Windows\System32\mpr.dll - ok
20:49:48.0741 0x0db8  [ 0E3A7EC2B9590EA7767BBB1823630DEA, 6858B7050465DB8505CF9E932868B123B925376C05363EA5A9198B2AE15CF728 ] C:\Windows\System32\msxml6.dll
20:49:48.0741 0x0db8  C:\Windows\System32\msxml6.dll - ok
20:49:48.0741 0x0db8  [ BAFE84E637BF7388C96EF48D4D3FDD53, 11C194D9ADCE90027272C627D7FBF3BA5025FF0F7B26A8333F764E11E1382CF9 ] C:\Windows\System32\userinit.exe
20:49:48.0741 0x0db8  C:\Windows\System32\userinit.exe - ok
20:49:48.0741 0x0db8  [ B6A17555D2CB159A47E910670DE6F7AF, DA548471F6FF5CD4FEC8E592C5C94AF7041AE79ED6ACBF07E9E818E24EB383D1 ] C:\Windows\AppPatch\AppPatch64\AcGenral.dll
20:49:48.0741 0x0db8  C:\Windows\AppPatch\AppPatch64\AcGenral.dll - ok
20:49:48.0741 0x0db8  [ 43964FA89CCF97BA6BE34D69455AC65F, 10E3B89A5470E1BB6F73382135DD2352F5073C1EE8485D7476CFB5122D4AAA2F ] C:\Windows\SysWOW64\uxtheme.dll
20:49:48.0741 0x0db8  C:\Windows\SysWOW64\uxtheme.dll - ok
20:49:48.0741 0x0db8  [ F162D5F5E845B9DC352DD1BAD8CEF1BC, 8A7B7528DB30AB123B060D8E41954D95913C07BB40CDAE32E97F9EDB0BAF79C7 ] C:\Windows\System32\dwm.exe
20:49:48.0741 0x0db8  C:\Windows\System32\dwm.exe - ok
20:49:48.0741 0x0db8  [ 8A4FC52B98E8CA135B90008FFB979C2A, F39C3CEB983A764D710371C89A35C5FE5D0B650DAF21D14D7200A501058EEFF0 ] C:\Program Files (x86)\Real\RealUpgrade\Common\hxmedpltfm.dll
20:49:48.0741 0x0db8  C:\Program Files (x86)\Real\RealUpgrade\Common\hxmedpltfm.dll - ok
20:49:48.0741 0x0db8  [ FCFCD1101C5DA23B4B95F93D02B2C169, 040A086875B6C5475490A2F8B0CF4FF20DDB4FEDFE5FCABBA49692AA05F40527 ] C:\Windows\System32\dwmredir.dll
20:49:48.0741 0x0db8  C:\Windows\System32\dwmredir.dll - ok
20:49:48.0757 0x0db8  [ 332FEAB1435662FC6C672E25BEB37BE3, 6BED1A3A956A859EF4420FEB2466C040800EAF01EF53214EF9DAB53AEFF1CFF0 ] C:\Windows\explorer.exe
20:49:48.0757 0x0db8  C:\Windows\explorer.exe - ok
20:49:48.0757 0x0db8  [ 4BA77A5EF71C14C764B0ED4701683E3E, 066A064CDBE09BF8BE1DF5B259F30FF6C124A1C3D637800D3E19E8E25EDB950E ] C:\Windows\System32\dwmcore.dll
20:49:48.0757 0x0db8  C:\Windows\System32\dwmcore.dll - ok
20:49:48.0757 0x0db8  [ 4C39358EBDD2FFCD9132A30E1EC31E16, 06918CF99AD26CD6CF106881C0D5BDB212DC0BAC4549805C9F5906E3D03D152C ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
20:49:48.0757 0x0db8  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
20:49:48.0757 0x0db8  [ EED05D42D91835064703E2318552ED25, E9EE1E2253445B207B76F5D3073C612ED979A982522C1515E0FE8FA9641AE568 ] C:\Windows\System32\ExplorerFrame.dll
20:49:48.0757 0x0db8  C:\Windows\System32\ExplorerFrame.dll - ok
20:49:48.0757 0x0db8  [ B013A9EFE442AD244ED90496F65474A1, CB5147C0322DFA9F3216BEB9D1DFB8D909910D4150319A4CBC139EE9E2DB9D51 ] C:\Windows\System32\lctxjkp.dll
20:49:48.0757 0x0db8  C:\Windows\System32\lctxjkp.dll - ok
20:49:48.0757 0x0db8  [ 9AE80F6A66B30E3ED8CDF858CF28B11B, A93E470DC54E3C74C10979D49CABB9A34893F9E847F88491F935DB44EEC3541A ] C:\Windows\System32\d3d10_1.dll
20:49:48.0757 0x0db8  C:\Windows\System32\d3d10_1.dll - ok
20:49:48.0757 0x0db8  [ A08C010D859F8EB42BDD7E1D55B8CA27, F86EAFBF7AA41D8425156C07398EDC3BD42F1690BD3E15D27AEF2EDA86549F15 ] C:\Windows\System32\mscoree.dll
20:49:48.0757 0x0db8  C:\Windows\System32\mscoree.dll - ok
20:49:48.0757 0x0db8  [ 63F72417CA38D8FC8F53709649B589E3, 39AE8AFFCFB8A9E345FC4C6F11926F25552C464380F88CDECD299FD27AF7866B ] C:\Windows\System32\d3d10_1core.dll
20:49:48.0757 0x0db8  C:\Windows\System32\d3d10_1core.dll - ok
20:49:48.0773 0x0db8  [ DF72A9936D0C3F517083119648814B09, 6BA4DCAC2F55A393A266ED0B2AF92B38141654D1666E3E143D85BBAF21663E1E ] C:\Windows\System32\usbmon.dll
20:49:48.0773 0x0db8  C:\Windows\System32\usbmon.dll - ok
20:49:48.0773 0x0db8  [ 18AB2E5A40064ED5F7791AC5946A90F3, B7536CE56702C23B1CEC3E1B6C78866E0A76808B85A92AF3733D9ED9429E004C ] C:\Windows\SysWOW64\msimg32.dll
20:49:48.0773 0x0db8  C:\Windows\SysWOW64\msimg32.dll - ok
20:49:48.0773 0x0db8  [ D44067027714CC58B8AB0AC38FDA1A0B, 56E96A58B5A53A68485F8D2F7BA286F2B174AB910BD45145258D48251F489F02 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
20:49:48.0773 0x0db8  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
20:49:48.0773 0x0db8  [ 8DFB5752FCE145A6B295093C0A8BE131, F38029C8B36EFD46B1F6CCA0089FF4EFB0AB246497E38EDFF6A67FAC804D4A97 ] C:\Windows\System32\dxgi.dll
20:49:48.0773 0x0db8  C:\Windows\System32\dxgi.dll - ok
20:49:48.0773 0x0db8  [ 4C92EB7535CAA1681A77D928FBF9771F, 7D02B2357CA02393CA711C3C499AAD86B792EEFFDC67F2CE52F7F7BB8A28DE79 ] C:\Windows\System32\d3d11.dll
20:49:48.0773 0x0db8  C:\Windows\System32\d3d11.dll - ok


And the third and final one!

 

20:49:48.0773 0x0db8  [ A1D7E3ADCDB07DDB6F423862DCB1A52B, 6191C33D2AE090F6F055D6AE211096CE8F003EC5518A5333EE1E376052176BAB ] C:\Windows\System32\WSDMon.dll
20:49:48.0773 0x0db8  C:\Windows\System32\WSDMon.dll - ok
20:49:48.0773 0x0db8  [ 9B799C2D73A9BC4ED8213A6FC664BB52, B7BDFD5392DB5D6477337CFE0BDBCF482EA75FE72FA8C13E900998B4C5ED508B ] C:\Program Files (x86)\Real\RealUpgrade\Plugins\upgrade.dll
20:49:48.0773 0x0db8  C:\Program Files (x86)\Real\RealUpgrade\Plugins\upgrade.dll - ok
20:49:48.0788 0x0db8  [ F1B205F932F62F94506A5F332C895DAF, F02F01F20F655DD919C71AE814E4C3DD43330AAD1425FC5B1497F1613917CCDE ] C:\Windows\System32\WSDApi.dll
20:49:48.0788 0x0db8  C:\Windows\System32\WSDApi.dll - ok
20:49:48.0788 0x0db8  [ C55516D98DD5D8F0153C2A9B4227DA86, DBC62B776CF06D0873A4C7CFCDF5B6F5C6E6C41917C326C090BCE58DC66EE09C ] C:\Windows\System32\webservices.dll
20:49:48.0788 0x0db8  C:\Windows\System32\webservices.dll - ok
20:49:48.0788 0x0db8  [ 465BEA35F7ED4A4A57686DEA7EA10F47, 7F1B3CA09AB045F805DA5765BE7DD270F5DDACE3073017F7386FF1E2FA82D6FB ] C:\Windows\SysWOW64\cscapi.dll
20:49:48.0788 0x0db8  C:\Windows\SysWOW64\cscapi.dll - ok
20:49:48.0788 0x0db8  [ 6BB2B300DCB68ACD5E1857F91214244E, A2CAB7B6493D778E32C3A2435346F7D923BFDF48DAC75DD77C4386BEE9E043C0 ] C:\Windows\System32\dxgidebug.dll
20:49:48.0788 0x0db8  C:\Windows\System32\dxgidebug.dll - ok
20:49:48.0788 0x0db8  [ DA12CA6DC973F53AE2538027429940C4, CCB6ADC0ADD05E126576CCACB7BAEAC122DF22029092175A1813EC4DAD92C3C6 ] C:\Windows\System32\aticfx64.dll
20:49:48.0788 0x0db8  C:\Windows\System32\aticfx64.dll - ok
20:49:48.0788 0x0db8  [ 0ECB51D26C17483C4A8D697AB73C4133, 3B1A83073DDBFCEA3DD778E2B648B437C4E2EE4F9D84B54044752B39479B0B45 ] C:\Users\John\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64\SkyDriveShell64.dll
20:49:48.0788 0x0db8  C:\Users\John\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64\SkyDriveShell64.dll - ok
20:49:48.0788 0x0db8  [ B5055B51BAA0FD0A736A88653DA3C1C0, A3BD057C7E8C926930BA7E9D11427D26FB37267026A0B72AB4021101EE424F74 ] C:\Windows\System32\fundisc.dll
20:49:48.0788 0x0db8  C:\Windows\System32\fundisc.dll - ok
20:49:48.0788 0x0db8  [ 53223B673A3FA2F9A4D1C31C8D3F6CD8, B07A12E3ECD5E418A3F99F00C56E7F482F68CADE330E7C079DCCDFFAD2E21299 ] C:\Windows\SysWOW64\dbghelp.dll
20:49:48.0788 0x0db8  C:\Windows\SysWOW64\dbghelp.dll - ok
20:49:48.0804 0x0db8  [ 4581716B4BF76ACFD8E167EB0B26D82A, 39D822527114EEED68044CCE4D542767F53978D9E0A7F72638F1CA9A016DE13B ] C:\Windows\System32\fdPnp.dll
20:49:48.0804 0x0db8  C:\Windows\System32\fdPnp.dll - ok
20:49:48.0804 0x0db8  [ 8453DDF167CE2986AA4AB04BC6824925, 7B9E02FAB43270E1BB00572558739B9C492EEFEDB8B63A1A8E9001C18E3506EA ] C:\Windows\SysWOW64\mshtml.dll
20:49:48.0804 0x0db8  C:\Windows\SysWOW64\mshtml.dll - ok
20:49:48.0804 0x0db8  [ 1D626FE2E13C1CE49CA0136CFF214E93, 4F02DD92045CF244979FFD074B2BDE6925A909227A474C60DCABE4384D916218 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
20:49:48.0804 0x0db8  C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
20:49:48.0804 0x0db8  [ 349B1D5D8D1B5A7B10BCD01470BD5F64, F0502E3D58713044F62F539B8738694E4CE9C619C665515F5ED2500C843C0C46 ] C:\Users\John\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64\msvcp110.dll
20:49:48.0804 0x0db8  C:\Users\John\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64\msvcp110.dll - ok
20:49:48.0804 0x0db8  [ 26EACB1C69B2958DDC3C336B1B2FB317, 0A2B5CA8927E9DB97E1A5B141F129E4F3D584A5E535A97B12000B22784907F62 ] C:\Windows\System32\atiuxp64.dll
20:49:48.0804 0x0db8  C:\Windows\System32\atiuxp64.dll - ok
20:49:48.0804 0x0db8  [ 5DA21BC23B2BB1D1D25C1D7FC2420EF9, 1FBAE3619DAD960A9BB06DB51C57E05DF42CC5FDB6B61B4FC070AD629BAD0450 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
20:49:48.0804 0x0db8  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
20:49:48.0819 0x0db8  [ 397D14958D6C9C2B365469A857B2AC4E, 1465D7DC50A27A2C75FFC477E8A453B0884D1E298F804233483B63A47634B7EA ] C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
20:49:48.0819 0x0db8  C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe - ok
20:49:48.0819 0x0db8  [ E51C8294CE58089278222C32B6C97791, 450420739A17EE3ACB2DB98EFFDDEB6037D70D83618B8E1BAEADA1E03D147F88 ] C:\Windows\System32\spool\prtprocs\x64\hpfpp082.dll
20:49:48.0819 0x0db8  C:\Windows\System32\spool\prtprocs\x64\hpfpp082.dll - ok
20:49:48.0819 0x0db8  [ C72ABC6B7B90A61364B6DD889B5435F3, 0CBBD9691F08434DA3617874F99C6DD87538CBD65B5D8BC39FCE378D4ED29EED ] C:\Users\John\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64\msvcr110.dll
20:49:48.0819 0x0db8  C:\Users\John\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64\msvcr110.dll - ok
20:49:48.0819 0x0db8  [ 024352FEEC9042260BB4CFB4D79A206B, 60CB39086E10C5B66EBC15E4DF219620B344B4358D2918AB6BB3448A0AC8BE36 ] C:\Windows\System32\EhStorShell.dll
20:49:48.0819 0x0db8  C:\Windows\System32\EhStorShell.dll - ok
20:49:48.0819 0x0db8  [ 67CF11E00D026A5C0C88EA5F84D501E5, 5081A87466116232CF07F58229967B6C0CD3738B64A56EFC6BB3EBDA62E378F6 ] C:\Windows\System32\win32spl.dll
20:49:48.0819 0x0db8  C:\Windows\System32\win32spl.dll - ok
20:49:48.0819 0x0db8  [ AA0E4F73727BFC8BA404884B1C1DB719, 0DEB88BBBC3DD37824B484FA38487280CB6A049D235519584DA562C3C91F18A7 ] C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
20:49:48.0819 0x0db8  C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe - ok
20:49:48.0819 0x0db8  [ 97BB37731F04CEBC15C4FD09C8CE5176, 432951DB264A1765BDFBE070DF25F6568842BFD2DBF0073644D1019FE9FFE66F ] C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
20:49:48.0819 0x0db8  C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL - ok
20:49:48.0835 0x0db8  [ 1BF0CB861A48FEB1638228760750F3CB, 37C781A8C546EAD8B4D28BD7D730B9AC78EB799599AD69DAD9054B6F9F1DD6BD ] C:\Windows\System32\cscapi.dll
20:49:48.0835 0x0db8  C:\Windows\System32\cscapi.dll - ok
20:49:48.0835 0x0db8  [ C5A99A4C0DC9F0F5A95BA0C83D30A549, F99CCCE303F0FC07D82D3BBA223E8CCE41FB7FA8FB5C2A9214C161826537C7C9 ] C:\Windows\SysWOW64\mstask.dll
20:49:48.0835 0x0db8  C:\Windows\SysWOW64\mstask.dll - ok
20:49:48.0835 0x0db8  [ C8F1655CF6DA170BF43C4031958C0618, DFEC1C6B8E37C362784901415FD574A235925835AB7B632CB9702457C494BD36 ] C:\Windows\System32\atidxx64.dll
20:49:48.0835 0x0db8  C:\Windows\System32\atidxx64.dll - ok
20:49:48.0835 0x0db8  [ 507D5567A0A4EE86C4B0CE2CE1777025, 408770B00CED498BF7782054F17A5CB361CF65429B0C816403D70E416E0EEF23 ] C:\Windows\System32\inetpp.dll
20:49:48.0835 0x0db8  C:\Windows\System32\inetpp.dll - ok
20:49:48.0835 0x0db8  [ 220159496484D34009DE71CA1A68E0D4, 94BD3DEB4E84F95D80BE5775E5A612EFF181ECB212FB668674C67AD19194DE69 ] C:\Windows\System32\wbem\NCProv.dll
20:49:48.0835 0x0db8  C:\Windows\System32\wbem\NCProv.dll - ok
20:49:48.0835 0x0db8  [ 5AC3CB53406CB9AABB25D46B3385528F, D5213E1C8CBD9E82922CE7F0E49611119EC6C2C1A0DC3F5912199AF5F39830C0 ] C:\Windows\System32\spool\drivers\x64\3\unidrvui.dll
20:49:48.0835 0x0db8  C:\Windows\System32\spool\drivers\x64\3\unidrvui.dll - ok
20:49:48.0835 0x0db8  [ 49E5753D923F1AC63B22D3DCB0B47E00, 14CEC0BF5F625FF839A8D79B4A6B7C4AC0CBB705FD197C6B7FF8617C6C3E34FE ] C:\Windows\System32\uDWM.dll
20:49:48.0835 0x0db8  C:\Windows\System32\uDWM.dll - ok
20:49:48.0835 0x0db8  [ 241AF87821FDA0F5792037B779F49BE0, B3F4FDA27430ACC6D6BC1C3CBD518B9CAE5BA0F22AB8917578A7F16270F94C8B ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
20:49:48.0835 0x0db8  C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
20:49:48.0851 0x0db8  [ 57AC86AC664CC774C861DAB2B1D1E978, A3BB9203BA7B31A9E419F03C8902C656B0597B312B4E58A2B2D0163ECC9CEE67 ] C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll
20:49:48.0851 0x0db8  C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll - ok
20:49:48.0851 0x0db8  [ E81F5A2F6D52215C0E84F2849503EBA8, D372F90035F38A91703E8C017A26D6BB91FDF9B65B7B6DA24BB9D25485A91942 ] C:\Windows\System32\tcpmib.dll
20:49:48.0851 0x0db8  C:\Windows\System32\tcpmib.dll - ok
20:49:48.0851 0x0db8  [ 2189278AB7A6FA4428188606D93D202B, 3B5DB50D3BC4573597B14A9FDE66B5C7B884BECF5F9C7242B77EF6B9FC4AB8D6 ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF
20:49:48.0851 0x0db8  C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok
20:49:48.0851 0x0db8  [ EFEC3847B47CC9357D5C33BBAB59B7EB, C093AF387AC9B7C5FA92D90DB1C3EC228A2C64CE4229539A25C8A47AD7E6D133 ] C:\Windows\System32\mgmtapi.dll
20:49:48.0851 0x0db8  C:\Windows\System32\mgmtapi.dll - ok
20:49:48.0851 0x0db8  [ ADE2BCD1FDE5C9669FCE1F4541AB46DD, 1C12491CDC2C91BC24F560CFCA82A1459F6FC96D13C92A68CB9D67213F5AA779 ] C:\Windows\System32\spool\drivers\x64\3\unidrv.dll
20:49:48.0851 0x0db8  C:\Windows\System32\spool\drivers\x64\3\unidrv.dll - ok
20:49:48.0851 0x0db8  [ 39C5F32747B3414D1BB216FDB1DEFC58, 6FAE64CB9748304090113903A5AE9E7154BE16BA2EEA7AB3EF04AB9D79B81380 ] C:\Windows\SysWOW64\dwmapi.dll
20:49:48.0851 0x0db8  C:\Windows\SysWOW64\dwmapi.dll - ok
20:49:48.0851 0x0db8  [ 3E16F63C12B405B572EFB3045BA67F40, C84730D41C94B2A285AB3A882D1881FA2C7292B160079B2B68E62DFE5313AE22 ] C:\Windows\System32\spool\drivers\x64\3\hpfui082.dll
20:49:48.0851 0x0db8  C:\Windows\System32\spool\drivers\x64\3\hpfui082.dll - ok
20:49:48.0866 0x0db8  [ E424B3EF666B184CEE0B6871AAA8C9F6, D182D9B3A813C75F88CA16A9C236AB6167DF5861D155B5DC016B90918C4BD579 ] C:\Windows\System32\msimg32.dll
20:49:48.0866 0x0db8  C:\Windows\System32\msimg32.dll - ok
20:49:48.0866 0x0db8  [ 36A778E921E37FAFBB86A310CC23970C, 53CCD533F2001A16D6EB90AD58BF00483B703BF76A975C6B1025B781ED22AA73 ] C:\Windows\System32\spool\drivers\x64\3\hpfst082.dll
20:49:48.0866 0x0db8  C:\Windows\System32\spool\drivers\x64\3\hpfst082.dll - ok
20:49:48.0866 0x0db8  [ 53FE14BD8160EBE29EF29B0A5366F34A, B3C76B38ED40610FDFCFE197BD92EACBCDFAA9F6CC27479C2E38B70570E02F85 ] C:\PROGRA~1\MICROS~1\Office14\1033\GrooveIntlResource.dll
20:49:48.0866 0x0db8  C:\PROGRA~1\MICROS~1\Office14\1033\GrooveIntlResource.dll - ok
20:49:48.0866 0x0db8  [ CA9F7888B524D8100B977C81F44C3234, 57F3353F89724147D8AC8B69B12C1303DF26978309776F5F8CCF074526A915D3 ] C:\Windows\SysWOW64\winhttp.dll
20:49:48.0866 0x0db8  C:\Windows\SysWOW64\winhttp.dll - ok
20:49:48.0866 0x0db8  [ FB19FC5951A88F3C523E35C2C98D23C0, FF0DB8BF0C68DA0D09272E8181D2B5409C8850BB2F31AEA3AC4CD14C5A420A59 ] C:\Windows\SysWOW64\webio.dll
20:49:48.0866 0x0db8  C:\Windows\SysWOW64\webio.dll - ok
20:49:48.0866 0x0db8  [ 32802C0F6FC7C8F561B9D91F52A46421, EE02CF54FC3626D85849EF14D9B7B57419F12D1DD0735C25ECBD987EE53F634B ] C:\Windows\System32\cscui.dll
20:49:48.0866 0x0db8  C:\Windows\System32\cscui.dll - ok
20:49:48.0866 0x0db8  [ 7EE5F17A21D9A9101207DF4BC37B085D, C07A56D52449B9F126B617FB4EFDC22EFE043C9B257B01967EA2FCCCA6216763 ] C:\Windows\System32\cscdll.dll
20:49:48.0866 0x0db8  C:\Windows\System32\cscdll.dll - ok
20:49:48.0882 0x0db8  [ 037A719DAD50603202C978CD802623E4, BD4C222913D32D7CF5FE0201FEBE7BD67FC39DF47A7A672C2D6C228A6E13B5DE ] C:\Windows\System32\ntshrui.dll
20:49:48.0882 0x0db8  C:\Windows\System32\ntshrui.dll - ok
20:49:48.0882 0x0db8  [ 1D63F4366288B8A7595397E27010FD44, 99EA4DDD88D9C4A4CC9B238F533CB4D2C062D46239173997E8594D8A75811A01 ] C:\Windows\System32\IconCodecService.dll
20:49:48.0882 0x0db8  C:\Windows\System32\IconCodecService.dll - ok
20:49:48.0882 0x0db8  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] C:\Windows\System32\appinfo.dll
20:49:48.0882 0x0db8  C:\Windows\System32\appinfo.dll - ok
20:49:48.0882 0x0db8  [ 73E8667A19FEEDD856DF2695E9E511D4, 68D66C36D1F293D10ADCC6A33C870F989A29743537592CF172F02E794BEAFD1C ] C:\Windows\SysWOW64\wship6.dll
20:49:48.0882 0x0db8  C:\Windows\SysWOW64\wship6.dll - ok
20:49:48.0882 0x0db8  [ 025E7DBDB98866ED3CB2D4DDA70B364D, 78962F23F066E362AF1A4B98FA7D5E30AF30C561307438503031D30C944B6A6E ] C:\Windows\System32\runonce.exe
20:49:48.0882 0x0db8  C:\Windows\System32\runonce.exe - ok
20:49:48.0882 0x0db8  [ D44741F65A1D71F65814A12CF6E2400A, C6721F830675ADC7E7FDE2B5E822E56F6A063146F5066F1E25EBFE86F0A87136 ] C:\Windows\SysWOW64\runonce.exe
20:49:48.0882 0x0db8  C:\Windows\SysWOW64\runonce.exe - ok
20:49:48.0882 0x0db8  [ 12C45E3CB6D65F73209549E2D02ECA7A, 9DFD9C58B90257C34D52B7156C1D2566BE32EE7BD4699DDE164A5F190EC4D44A ] C:\Windows\SysWOW64\propsys.dll
20:49:48.0882 0x0db8  C:\Windows\SysWOW64\propsys.dll - ok
20:49:48.0897 0x0db8  [ 86D177F43030F61A8610259A2E8F07FE, 7D20D5E1A4108476106D2644A97F9D4D238EC17B9A2FA4CF379B0DE044BC0452 ] C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
20:49:48.0897 0x0db8  C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL - ok
20:49:48.0897 0x0db8  [ 12A125E035DBD740E05ACDDA9DDE3E47, A92AA1DACEF0AEB8839A2767C70ED713ECCC3AAA9C6646824E789D2D6472D758 ] C:\Program Files\Internet Explorer\sqmapi.dll
20:49:48.0897 0x0db8  C:\Program Files\Internet Explorer\sqmapi.dll - ok
20:49:48.0897 0x0db8  [ 58A14C45A5CD2528F10A889E7B0C3FC2, 81521B27F6DE4F2451C5441DFA93781B6687EE8F9AE62A8FE76D61DE7965E6EF ] C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll
20:49:48.0897 0x0db8  C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll - ok
20:49:48.0897 0x0db8  [ FFC54FA19FD67DDE232CFC0A87B0B1A7, 67955838D7DB7C817C261C0603020CF3293B6EB2DBC78450E0479255BF6B8CF4 ] C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF
20:49:48.0897 0x0db8  C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok
20:49:48.0897 0x0db8  [ AD7B9C14083B52BC532FBA5948342B98, 17F746D82695FA9B35493B41859D39D786D32B23A9D2E00F4011DEC7A02402AE ] C:\Windows\SysWOW64\cmd.exe
20:49:48.0897 0x0db8  C:\Windows\SysWOW64\cmd.exe - ok
20:49:48.0897 0x0db8  [ BF95EA5809E3BBF55370F7CB309FEBD0, 62ADBA6E1A7DDDEFA971580161F30896DFFC27EB4EB82E3CC72062D57DA66500 ] C:\Windows\System32\conhost.exe
20:49:48.0897 0x0db8  C:\Windows\System32\conhost.exe - ok
20:49:48.0897 0x0db8  [ 326C7F76A29897A892AA7726E91C1C67, 64305346B06EC14976130B0B80F14B4D5AB63E5B2A6A7B872EC9CE2BF8FADCD2 ] C:\Windows\SysWOW64\winbrand.dll
20:49:48.0897 0x0db8  C:\Windows\SysWOW64\winbrand.dll - ok
20:49:48.0897 0x0db8  [ 2C4A87CA8C00E98EFDCFA2E8EC9A3503, DA59CE662E98E56D89E2894D2AC8B9F324C16DA23C860640EDC2C82E0AD06097 ] C:\Windows\SysWOW64\shdocvw.dll
20:49:48.0897 0x0db8  C:\Windows\SysWOW64\shdocvw.dll - ok
20:49:48.0913 0x0db8  [ D40E7B5FBB8E0EAA7C5C294389AF95AB, 8EFD521DF1F335AF416DEC15D5C0C6538903803AA1A8ED93AA704B384A29876B ] C:\Users\John\AppData\Local\Temp\{479FC463-BA98-4F4A-9F30-2308808F41E0}.exe
20:49:48.0913 0x0db8  C:\Users\John\AppData\Local\Temp\{479FC463-BA98-4F4A-9F30-2308808F41E0}.exe - ok
20:49:48.0913 0x0db8  [ C61DDFE40204F3BE3DF111981D91560E, 450D5E608D344B2186A73F5421CAF1792902BFB428182D6C5A971C5E0686842F ] C:\Windows\SysWOW64\ncrypt.dll
20:49:48.0913 0x0db8  C:\Windows\SysWOW64\ncrypt.dll - ok
20:49:48.0913 0x0db8  [ CE71B9119A258EDD0A05B37D7B0F92E3, D9310C5BBFE089B8C81E259C462EC1E6D7A7A87FA59FC1F174ED5C58D409AE7A ] C:\Windows\SysWOW64\bcrypt.dll
20:49:48.0913 0x0db8  C:\Windows\SysWOW64\bcrypt.dll - ok
20:49:48.0913 0x0db8  [ E8449FE262D7406BCB2AC2A45C53EC5F, 6C118C9FB26404D1943824CF3990F36E12986547FFACB7CC0DF975A913065D78 ] C:\Windows\SysWOW64\bcryptprimitives.dll
20:49:48.0913 0x0db8  C:\Windows\SysWOW64\bcryptprimitives.dll - ok
20:49:48.0913 0x0db8  [ 1097F3035BAF46CED8B332B3564C5108, C69781683CA963A1335780DABBBC60E2C3CEF0888738D3425D358D12E8D0AF58 ] C:\Windows\SysWOW64\gpapi.dll
20:49:48.0913 0x0db8  C:\Windows\SysWOW64\gpapi.dll - ok
20:49:48.0913 0x0db8  [ 7B851A8018B1EA00A69707A390004884, DAE654713EF1DC66C8C2D27752B659081794063A7D522D1F680AA9A6E7FBA9FD ] C:\Windows\SysWOW64\cryptnet.dll
20:49:48.0913 0x0db8  C:\Windows\SysWOW64\cryptnet.dll - ok
20:49:48.0913 0x0db8  [ 6F8E3B7B70E1BBA871212940C1FBDF60, 3F9D4EE64E4210340C6FEE0DE81BFE3C613DDBE608EC09D63817D24CE24BFC5E ] C:\Windows\SysWOW64\SensApi.dll
20:49:48.0913 0x0db8  C:\Windows\SysWOW64\SensApi.dll - ok
20:49:48.0929 0x0db8  [ A054EA8FBE16D4D34F06D81A4F0088E2, 1CD4EECFDA374C8A7B8AD4E664DC057B9C75813AF776A616DC6D845905567CBD ] C:\Windows\SysWOW64\WindowsCodecs.dll
20:49:48.0929 0x0db8  C:\Windows\SysWOW64\WindowsCodecs.dll - ok
20:49:48.0929 0x0db8  [ 846D0E4DB261CFAF363902E41498E961, D7E5591B7604FD583AF7FDA19E30928B24A6145318A3944E7D207F0CCEEB30D0 ] C:\Windows\SysWOW64\EhStorShell.dll
20:49:48.0929 0x0db8  C:\Windows\SysWOW64\EhStorShell.dll - ok
20:49:48.0929 0x0db8  [ F14823F07336AA84D2F5C26834D851E9, D5867CB4A5E02FE951298FDD12759EF91321F309DA90050A07A8CFF3A4C5611B ] C:\PROGRA~2\MICROS~1\Office14\1033\GrooveIntlResource.dll
20:49:48.0929 0x0db8  C:\PROGRA~2\MICROS~1\Office14\1033\GrooveIntlResource.dll - ok
20:49:48.0929 0x0db8  [ 03F3B770DFBED6131653CEDA8CA780F0, 77373919DCA647F09851E7E460AE78FBD89F21516B961F84AC4446304E51E09C ] C:\Windows\SysWOW64\ntshrui.dll
20:49:48.0929 0x0db8  C:\Windows\SysWOW64\ntshrui.dll - ok
20:49:48.0929 0x0db8  [ 8B74CEC6980D4816B0037AE9A27E538F, 8721EDB4C51BF6020002FA5DDB1987C68590F9F433A2F18D9756B2DAC7542CB6 ] C:\Windows\SysWOW64\slc.dll
20:49:48.0929 0x0db8  C:\Windows\SysWOW64\slc.dll - ok
20:49:48.0929 0x0db8  [ 827CB0D6C3F8057EA037FF271F8E9795, 82760DBDDD38D2A31CAAF51D065DF4E7E1D0F0C22733A0AF653776EBF7B79470 ] C:\Windows\SysWOW64\imageres.dll
20:49:48.0929 0x0db8  C:\Windows\SysWOW64\imageres.dll - ok
20:49:48.0929 0x0db8  [ 544EFF88AC6C85DF5A4D6F18DFE08CFC, D688381F42062FD5D868E7770857C5951C41BA20A1B6E6F60B5D9536C02CD293 ] C:\Windows\SysWOW64\taskschd.dll
20:49:48.0929 0x0db8  C:\Windows\SysWOW64\taskschd.dll - ok
20:49:48.0929 0x0db8  [ EDF2A5E96BEC469DA3F64E9BDD386111, 63C91BBDFA2E087293B010A4E45625FBD1BFCAF655BFADE2F8B1C36CF804B118 ] C:\Windows\SysWOW64\xmllite.dll
20:49:48.0929 0x0db8  C:\Windows\SysWOW64\xmllite.dll - ok
20:49:48.0944 0x0db8  [ 1A264B3972AA1DAC65B4A2D904E953B7, 5303281BA021A936358BCDCB4300D307985026E3870DCA16D25F7B65351C3E23 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\79b7aa36f77200e9f8d2448ae58a26a0\mscorlib.ni.dll
20:49:48.0944 0x0db8  C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\79b7aa36f77200e9f8d2448ae58a26a0\mscorlib.ni.dll - ok
20:49:48.0944 0x0db8  [ 1B1431D9520C7578AD5633ED2A70625F, 6852FAC1355CA69226B727A1355D6DA8C0865F5EEDA45D7690701CFED7C542A1 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
20:49:48.0944 0x0db8  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
20:49:48.0944 0x0db8  [ 57FB0B9E2F3399D29EBA77361EF8F486, 69F31BF925F93F9B678CAA6AAD158B631F66A95B6887C53DF1506AE3AA914744 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\479f7f55432e59de306401abbb230570\System.ni.dll
20:49:48.0944 0x0db8  C:\Windows\assembly\NativeImages_v2.0.50727_64\System\479f7f55432e59de306401abbb230570\System.ni.dll - ok
20:49:48.0944 0x0db8  [ FB4045578F5180BDB1963AB352B78548, 8E645A63436EE6CDDB78E6064AEB04ECE39208F760A3EF13A3F49FDF41505E21 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
20:49:48.0944 0x0db8  C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
20:49:48.0944 0x0db8  [ FB10715E4099AF9FA389C71873245226, 6A4CB43880B822A0C4714D6E52EB3EB2CE1E69C3AA9CA65EAAD6B131AE43F274 ] C:\Windows\System32\timedate.cpl
20:49:48.0944 0x0db8  C:\Windows\System32\timedate.cpl - ok
20:49:48.0944 0x0db8  [ E6F0F82788E8BD0F7A616350EFA0761C, 13091DCB3E3F4F52C3FF210E93AAF1DCE142CFC09F671AEAC5B922393B23E67B ] C:\Windows\System32\actxprxy.dll
20:49:48.0944 0x0db8  C:\Windows\System32\actxprxy.dll - ok
20:49:48.0944 0x0db8  [ 23B001185B7C3CB1F4BDEB143E6B45B7, AB3A5AB346F6353B43B06FBE20B7785DA988975E2C8B73A6588F107FFAAACC47 ] C:\Windows\System32\shdocvw.dll
20:49:48.0944 0x0db8  C:\Windows\System32\shdocvw.dll - ok
20:49:48.0960 0x0db8  [ A0A65D306A5490D2EB8E7DE66898ECFD, CE5DA408F4EDD5E81CE0925867F03C9A35172CF1571FE4C4C052E45AB69822BB ] C:\Windows\System32\linkinfo.dll
20:49:48.0960 0x0db8  C:\Windows\System32\linkinfo.dll - ok
20:49:48.0960 0x0db8  [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86, E15ED4FEFC3010C213694331DDFDC03767682325C898D773AB243E2DC8B08461 ] C:\Windows\System32\msftedit.dll
20:49:48.0960 0x0db8  C:\Windows\System32\msftedit.dll - ok
20:49:48.0960 0x0db8  [ 2BCBA6052374959A30BD7948444DBB79, 46224A2B729026FEEBC3C6A09E69919D477097848DB2CA0C2F5B166CDF379660 ] C:\Windows\System32\gameux.dll
20:49:48.0960 0x0db8  C:\Windows\System32\gameux.dll - ok
20:49:48.0960 0x0db8  [ 2EBD0C5B090125AECF017C57344C45AB, 4FF8F2460115C60AD164EE0DC2079E1601B8AA21A1BA8033B7B731FAF85411B6 ] C:\Windows\System32\msls31.dll
20:49:48.0960 0x0db8  C:\Windows\System32\msls31.dll - ok
20:49:48.0960 0x0db8  [ 80041798F2F049259241393A2017DB02, 59B8913A129EC26FB111C2C614C0C7440D521F65BAF32E57CA48E34337C0DDEE ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
20:49:48.0960 0x0db8  C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
20:49:48.0960 0x0db8  [ 4C2C4640BF23AAFCF90519E0F34436CE, 8ACCDA77C2DC5BE2DAED05134310122AFECC872A8D118612E55DD229BFE4D844 ] C:\Windows\System32\DeviceCenter.dll
20:49:48.0960 0x0db8  C:\Windows\System32\DeviceCenter.dll - ok
20:49:48.0960 0x0db8  [ 293BBB2F26200F92DC5917751A489F3D, F746276ED2D0C1052EB1222610538A5DF2182AF9BD35581415E71C45F332FAA0 ] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
20:49:48.0960 0x0db8  C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe - ok
20:49:48.0975 0x0db8  [ FBDF607ED7EF0467639DB501E1FD938C, 040528158D85D13122DB043144A982D6DC8744E75D140DB17A9BA5B93DC6B74D ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
20:49:48.0975 0x0db8  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok
20:49:48.0975 0x0db8  [ 405F4D32D2185F1F1BD753D8EEAFFB3A, CAC42C3E09C43BE96592B670D70821386014DB22D8239A9CFB9E33E54FB5C3D5 ] C:\Windows\System32\networkexplorer.dll
20:49:48.0975 0x0db8  C:\Windows\System32\networkexplorer.dll - ok
20:49:48.0975 0x0db8  [ FCEF5DC1794CB2C4B305F780D4F7797B, 388A24BD5967DF22A8F77FD692DCD43386482FFB0141B5C51059B4BA49B95E45 ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
20:49:48.0975 0x0db8  C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe - ok
20:49:48.0975 0x0db8  [ 5F639198C4137075DA50E61C23963C11, 3D03B3BF62B3469069AD6BE2AAEE152CB6722D36C001B8197FEBC2F3EB9ADBE0 ] C:\Windows\System32\drprov.dll
20:49:48.0975 0x0db8  C:\Windows\System32\drprov.dll - ok
20:49:48.0975 0x0db8  [ B1FDCFFF7609E121C10751A669AB1611, 1181542D9CFD63FB00C76242567446513E6773EA37DB6211545629BA2ECF26A1 ] C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\mfc80u.dll
20:49:48.0975 0x0db8  C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\mfc80u.dll - ok
20:49:48.0975 0x0db8  [ BC566D17914B07ABAAB3A5A385CC3300, DCE0A1D26312AA6441FB7122C6EED980AE350D58B2B4B166CB62F983306268E9 ] C:\Windows\System32\ntlanman.dll
20:49:48.0975 0x0db8  C:\Windows\System32\ntlanman.dll - ok
20:49:48.0975 0x0db8  [ E268BD9144F627FA530998084A64D944, D1B5E6BC66E9B3CFB3B6EA0B8D2CC7FF1A9E63286E790C4C46323749994E7095 ] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
20:49:48.0975 0x0db8  C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe - ok
20:49:48.0991 0x0db8  [ C3761661C17C2248A9379A8FB89E3DE1, CE3477FA2B4058EB80739E0161FE957545F13CF86D313F6422732901D35F75F2 ] C:\Windows\System32\stobject.dll
20:49:48.0991 0x0db8  C:\Windows\System32\stobject.dll - ok
20:49:48.0991 0x0db8  [ F7E65292747A3A8B27C4B871EF3087A7, 763B230D13FD054CD2105E3B741ED29DDAB2EFDD262BB2598CF87F3100B9FC52 ] C:\Program Files (x86)\DAEMON Tools Lite\DTCommonRes.dll
20:49:48.0991 0x0db8  C:\Program Files (x86)\DAEMON Tools Lite\DTCommonRes.dll - ok
20:49:48.0991 0x0db8  [ 442235AC4F20B195F932990CAE47408E, 811A03A5D7C03802676D2613D741BE690B3461022EA925EB6B2651A5BE740A4C ] C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_bc20f59b0bdd1acd\mfc80ENU.dll
20:49:48.0991 0x0db8  C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_bc20f59b0bdd1acd\mfc80ENU.dll - ok
20:49:48.0991 0x0db8  [ F832EEEA97CDDA1AF577E721F652A0D1, EBBB7CA199BA4DF231123922BD310D43DE0104C6185B70FE0281B938D5336F2E ] C:\Windows\System32\batmeter.dll
20:49:48.0991 0x0db8  C:\Windows\System32\batmeter.dll - ok
20:49:48.0991 0x0db8  [ 9110FFAD124283F37D38771BB60556AF, BB495FDF86B7C3DD7878C496090A624CE8FE68F61166C91A4C99EF1140F0AD23 ] C:\Windows\System32\dsound.dll
20:49:48.0991 0x0db8  C:\Windows\System32\dsound.dll - ok
20:49:48.0991 0x0db8  [ 24F4B480F335A6C724AF352253C5D98B, 011413B236CAD7B78CE0A0EEC3E3085D48C7576A3205D025BA6EBFDF590538E4 ] C:\Windows\System32\thumbcache.dll
20:49:48.0991 0x0db8  C:\Windows\System32\thumbcache.dll - ok
20:49:48.0991 0x0db8  [ 585FED4CDB8034B8B58AEB8008255817, 13D1055929D79598C04A4AB66EF3DBAADD265F9D1C3F43E84531238D2526A1AE ] C:\Windows\System32\opengl32.dll
20:49:48.0991 0x0db8  C:\Windows\System32\opengl32.dll - ok
20:49:48.0991 0x0db8  [ B32AB94A432289AC2DF77A3DCAD32EED, B1021C78F940E6FA7A8992B2733B593B89DA57325A0A0D13D2767F193A78D90F ] C:\Windows\System32\davclnt.dll
20:49:48.0991 0x0db8  C:\Windows\System32\davclnt.dll - ok
20:49:49.0007 0x0db8  [ FB6377ABD06731FC5C8A851B9CAD63E7, 7814675FDEBA42A454C3C025DA77EE33A6AAD64B3E09DA2F30F970AC5F4BB862 ] C:\Program Files\ESET\ESET NOD32 Antivirus\eguiHips.dll
20:49:49.0007 0x0db8  C:\Program Files\ESET\ESET NOD32 Antivirus\eguiHips.dll - ok
20:49:49.0007 0x0db8  [ 8E01332CC4B68BC6B5B7EFFE374442AA, A4AD1D2FD3EC2F26949DBBC388F9FFF3713AD7EB4E9220AF817EBB5223E467C6 ] C:\Windows\SysWOW64\oleacc.dll
20:49:49.0007 0x0db8  C:\Windows\SysWOW64\oleacc.dll - ok
20:49:49.0007 0x0db8  [ F2967C0A97C0EA67D79D7F557213950D, 65516C83DCB3F952CD4454636B61CC2F153AF6BEEBC352463791D92F7F500F52 ] C:\Windows\System32\glu32.dll
20:49:49.0007 0x0db8  C:\Windows\System32\glu32.dll - ok
20:49:49.0007 0x0db8  [ 45B24A357C801CE62052FE0CDC8BD4D2, 00602E41B78473825253F6B2557A5C43FBDDCCF713D806929AE7C039FF8F185C ] C:\Windows\System32\davhlpr.dll
20:49:49.0007 0x0db8  C:\Windows\System32\davhlpr.dll - ok
20:49:49.0007 0x0db8  [ 0D5A864462C66FD441C09D16C1290351, 9797D793DC28BF0BAA18DE05EC8C308F62AEF2D5CF631CB954EDD3D9CD0B8695 ] C:\Program Files\ESET\ESET NOD32 Antivirus\eguiScan.dll
20:49:49.0007 0x0db8  C:\Program Files\ESET\ESET NOD32 Antivirus\eguiScan.dll - ok
20:49:49.0007 0x0db8  [ A6C09924C6730DE8DEED9890A12AA691, 46EACBC27D15FD43431812D6CA770982178C07246AF3A1C2E0D40D745A1D5758 ] C:\Windows\System32\ddraw.dll
20:49:49.0007 0x0db8  C:\Windows\System32\ddraw.dll - ok
20:49:49.0007 0x0db8  [ D1DE1EAFDE97BE41CF6585027FF3E732, 76F17D4DF440D6734DC8157092D94EB18C2A73A0A49BEEA289E7B3EDE30E86A2 ] C:\Windows\SysWOW64\comdlg32.dll
20:49:49.0007 0x0db8  C:\Windows\SysWOW64\comdlg32.dll - ok
20:49:49.0007 0x0db8  [ 42A9CB6906D9A8BEDC83B57163E62924, E18522D3137653140757829EFBFCE624A5BAA5842E2BBA10B9E5AB6C84BE49E1 ] C:\Windows\System32\DXP.dll
20:49:49.0007 0x0db8  C:\Windows\System32\DXP.dll - ok
20:49:49.0022 0x0db8  [ 6AF1FD72B913191A998ABD57CD09E4D1, 25977D360A06B1E62B27E9DB7EE6451BF8F70D9D93EF4905B860915AA16F333C ] C:\Program Files\ESET\ESET NOD32 Antivirus\eguiAmon.dll
20:49:49.0022 0x0db8  C:\Program Files\ESET\ESET NOD32 Antivirus\eguiAmon.dll - ok
20:49:49.0022 0x0db8  [ B7B9E5834B9309D33CB3184BA52E644A, DA6AB8BE341E42FD10088619BB60018E9135E1241FDBE7FD026FA4818BB67033 ] C:\Program Files (x86)\ATI Technologies\HydraVision\hydraenu.dll
20:49:49.0022 0x0db8  C:\Program Files (x86)\ATI Technologies\HydraVision\hydraenu.dll - ok
20:49:49.0022 0x0db8  [ A5ED9421B8D09ED4F57CDA386307713E, EC2EE043E94A53302A9721220AA42D29BE72AF3448B7AA01F7EB911ECF7DC6AE ] C:\Windows\System32\dciman32.dll
20:49:49.0022 0x0db8  C:\Windows\System32\dciman32.dll - ok
20:49:49.0022 0x0db8  [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122, E7EA375A3BDE8FC764CB09524344370B9EE25F98AD6C83E6F37A569EB8D277D6 ] C:\Windows\System32\prnfldr.dll
20:49:49.0022 0x0db8  C:\Windows\System32\prnfldr.dll - ok
20:49:49.0022 0x0db8  [ 784DEF25C39D37EB1BD2872E3DB1DF45, 7B67553D0B80E3F4278277F6AFE5E03A4CB7B8879935D7F91E44AC4F3968102D ] C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEmon.dll
20:49:49.0022 0x0db8  C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEmon.dll - ok
20:49:49.0022 0x0db8  [ 6FC94B00D5C2FE0D5D7F94CDE79DF3C1, EB3BA6F8BB17B1EC1495604EA4E08497B7ED2D5AD4F11C8002A12A895E1BA842 ] C:\Program Files (x86)\TESORO Gaming\DURANDAL ULTIMATE Gaming Keyboard\HID.exe
20:49:49.0022 0x0db8  C:\Program Files (x86)\TESORO Gaming\DURANDAL ULTIMATE Gaming Keyboard\HID.exe - ok
20:49:49.0022 0x0db8  [ EE19C85CA685A275BE346EC41F1870F9, F071D88C38C62E9D88DDE29F451B2B581499758A7E60BDA6DED3376280C5A635 ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18455_none_72d576ad8665e853\GdiPlus.dll
20:49:49.0022 0x0db8  C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18455_none_72d576ad8665e853\GdiPlus.dll - ok
20:49:49.0038 0x0db8  [ 263E9A047D17CD50BAA9D3C02910D18D, F526648358AD121001D2776E0ACC333EC4AC168CA07B40A3D3C06C5CE6A361C3 ] C:\Windows\System32\oledlg.dll
20:49:49.0038 0x0db8  C:\Windows\System32\oledlg.dll - ok
20:49:49.0038 0x0db8  [ D0A00C050F3601D6BFB8D8E05F49274F, FC0FAD333304274349889043BB7772E7A65B3016CD9C368168F60831317C40A0 ] C:\Program Files\ESET\ESET NOD32 Antivirus\eguiDmon.dll
20:49:49.0038 0x0db8  C:\Program Files\ESET\ESET NOD32 Antivirus\eguiDmon.dll - ok
20:49:49.0038 0x0db8  [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891, 0A82A475301202791A7C10F978F952EAB7DB146A702D4EA67E24E2C98BC19638 ] C:\Windows\System32\Syncreg.dll
20:49:49.0038 0x0db8  C:\Windows\System32\Syncreg.dll - ok
20:49:49.0038 0x0db8  [ 3A189223E8AA64316865D9328591FCA6, 1DF1008AD818F40E361E3867D7FF048E4014E507A8D2EF09D10FC3D5E847BF01 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
20:49:49.0038 0x0db8  C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe - ok
20:49:49.0038 0x0db8  [ E212A545CC1706D0D5BA10F51EFC0A75, F3DFA7FB8BA4D269341CECBE399754017C1253D5810F13C699EFC91FE6B3F221 ] C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEpfw.dll
20:49:49.0038 0x0db8  C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEpfw.dll - ok
20:49:49.0038 0x0db8  [ 0805289E121F3E3C458C970B08314EB2, D9B448A04C09F525F599D0369CF9A197F471AABDA0A97201760C46D2EB8F3CDE ] C:\Windows\System32\RtkCfg64.dll
20:49:49.0038 0x0db8  C:\Windows\System32\RtkCfg64.dll - ok
20:49:49.0038 0x0db8  [ E7368F0A8D19445EAF5C5D0DBB8B8DAB, CF9082360E32A7C3E13A67AC2C6192F4A76870D43DA9FF2936993A637F712761 ] C:\Windows\System32\AltTab.dll
20:49:49.0038 0x0db8  C:\Windows\System32\AltTab.dll - ok
20:49:49.0053 0x0db8  [ 92DBF0A4C9239169010FC6E07859C82E, 00FB2CF4420F0FFEF519AFE732A708CF249640121E2A891CAA164313ABD7F804 ] C:\Windows\System32\ActionCenter.dll
20:49:49.0053 0x0db8  C:\Windows\System32\ActionCenter.dll - ok
20:49:49.0053 0x0db8  [ 334477B22393166D3269783D1442B186, C2D7102C6E9B6B19748765C88EE13D35F2CE4A613172AF49DF9BCF1B5E6F4453 ] C:\Program Files\ESET\ESET NOD32 Antivirus\eguiUpdate.dll
20:49:49.0053 0x0db8  C:\Program Files\ESET\ESET NOD32 Antivirus\eguiUpdate.dll - ok
20:49:49.0053 0x0db8  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
20:49:49.0053 0x0db8  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
20:49:49.0053 0x0db8  [ D5AEFAD57C08349A4393D987DF7C715D, C36A45BC2448DF30CD17BD2F8A17FC196FAFB685612CACCEB22DC7B58515C201 ] C:\Windows\SysWOW64\winmm.dll
20:49:49.0053 0x0db8  C:\Windows\SysWOW64\winmm.dll - ok
20:49:49.0053 0x0db8  [ A90E756CF6E1AFC7FE887B658EACA265, AEACE79637C847277625796C526AA75BAE132F07D95746EC905A967AE1E384C1 ] C:\Program Files\ESET\ESET NOD32 Antivirus\eguiMailPlugins.dll
20:49:49.0053 0x0db8  C:\Program Files\ESET\ESET NOD32 Antivirus\eguiMailPlugins.dll - ok
20:49:49.0053 0x0db8  [ 936F728E04ACCF3F38801CFFCF1E3F40, 59CA86096F4B928E364B6A3C0408615F068BB8BC02DCFC5EAF4873EC6D6E0797 ] C:\Windows\SysWOW64\oledlg.dll
20:49:49.0053 0x0db8  C:\Windows\SysWOW64\oledlg.dll - ok
20:49:49.0053 0x0db8  [ C836175870E00ACC546066632E15BD10, 4347F3319C26DA1C38F395C74DBD67AF886149C8F29EDE765DD96C8480A3054A ] C:\Windows\ehome\ehSSO.dll
20:49:49.0053 0x0db8  C:\Windows\ehome\ehSSO.dll - ok
20:49:49.0053 0x0db8  [ 10F815BE90A66AAFC6C713D1BD626064, 01139FC04BC53594296F6A0E16B8D20B940F64BC8119FE7705C03C4947958F39 ] C:\Windows\System32\pnidui.dll
20:49:49.0053 0x0db8  C:\Windows\System32\pnidui.dll - ok
20:49:49.0069 0x0db8  [ 97CE943E0A7B548E421CC841DF81FF98, FCF07587859394FAD97F8990CF77F81A81CF3C85001812B41B3B05892BD61148 ] C:\Program Files (x86)\DAEMON Tools Lite\Engine.dll
20:49:49.0069 0x0db8  C:\Program Files (x86)\DAEMON Tools Lite\Engine.dll - ok
20:49:49.0069 0x0db8  [ BADF6C22FBAA3ED3E2413A60411425AC, 8035719212EED2A90A642F80DE39EAE0C0791B581623D611DC007196A4F66914 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
20:49:49.0069 0x0db8  C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe - ok
20:49:49.0069 0x0db8  [ 988C9C533A8C311FCC2705AF6D638A5B, 469300ED754838AC67FAF5056DEE2C8A79646E839E5C9B1A8A298E2604A535A6 ] C:\Windows\SysWOW64\atiadlxy.dll
20:49:49.0069 0x0db8  C:\Windows\SysWOW64\atiadlxy.dll - ok
20:49:49.0069 0x0db8  [ 15B7225BBA691E4CF8A3D06238D46AE6, D9D10F3B6FF960373ECA79EA06383E9CAAEED5986C706967BF0A7B0714DE4FF2 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
20:49:49.0069 0x0db8  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll - ok
20:49:49.0069 0x0db8  [ B9F0A4020AA98B7A20287BF7FE99A1FD, 21138F161EEEA46198890C7A2D073F2C82829E15676131BDAD9F237EDC7477CD ] C:\Windows\System32\QUTIL.DLL
20:49:49.0069 0x0db8  C:\Windows\System32\QUTIL.DLL - ok
20:49:49.0069 0x0db8  [ 6BA03B5AF0B49BFEFC5DF84C8DBE5209, C1C77823C4E97F70CCA10777C213A70E74FD372B74C96AA6D00D147A8B9656F4 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe
20:49:49.0069 0x0db8  C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe - ok
20:49:49.0069 0x0db8  [ C746F3BF98E92FB137B5BD2B8B5925BD, 67A8990F3D491D149E65C90042909259793C65E671DC953FDA1F7590FAC23D9E ] C:\Windows\System32\FXSST.dll
20:49:49.0069 0x0db8  C:\Windows\System32\FXSST.dll - ok
20:49:49.0085 0x0db8  [ 91E1D325C332F57AE46F4EBDB1C2008B, D32545FA003514A83C2ACC5875CD056006B83D4B2BCC925C89DA8BB1269B2393 ] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDMH.dll
20:49:49.0085 0x0db8  C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDMH.dll - ok
20:49:49.0085 0x0db8  [ 650CAEA856943E29F25A25D31E004B18, DCA63D2AF4C6F14B27EA006F200E58A5C13AC940A51947A40F668908A446CC4E ] C:\Windows\System32\FXSAPI.dll
20:49:49.0085 0x0db8  C:\Windows\System32\FXSAPI.dll - ok
20:49:49.0085 0x0db8  [ 5BE8AD7807FC23CFBB00B7B22656A786, 4D34AD5310EC972EE48E61075A2A364F5F2E07C97DCBD8E33F3F46389F010E15 ] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
20:49:49.0085 0x0db8  C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe - ok
20:49:49.0085 0x0db8  [ C243AFDD9E961D917A59E8C103ED1499, C5743E84D7C6FBC5F204FABD14E3A6BFF0D93FB2078AA7DC13AF1D1B86CC6115 ] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDMH64.dll
20:49:49.0085 0x0db8  C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDMH64.dll - ok
20:49:49.0085 0x0db8  [ C8E8B8239FCF17BEA10E751BE5854631, CB869195E78AB613CEF50AE3B247F0E4E42F233A7AAF5B2BFC5ADEA2C45C5F8D ] C:\Windows\System32\FXSRESM.dll
20:49:49.0085 0x0db8  C:\Windows\System32\FXSRESM.dll - ok
20:49:49.0085 0x0db8  [ 418E881201583A3039D81F43E39E6C78, C96AAC161E09BE12815A4E931E65F66DB1A456C03253EF1111AE66F44B1515FF ] C:\Windows\SysWOW64\winsta.dll
20:49:49.0085 0x0db8  C:\Windows\SysWOW64\winsta.dll - ok
20:49:49.0085 0x0db8  [ C8FDF0FA9E97E2FAAF3F814716AAA881, DD24A1CAB44D943B0E1A795A347AD25D9305FC7F012A2566A6A14BD47221831F ] C:\Windows\System32\WPDShServiceObj.dll
20:49:49.0085 0x0db8  C:\Windows\System32\WPDShServiceObj.dll - ok
20:49:49.0100 0x0db8  [ 4F3CD1C59EA71401E155C432BCECE180, 6D4118A627CAE509E43D0CC0062EECAA0990C955BB15AE24834460551B2F51A2 ] C:\Windows\System32\PortableDeviceTypes.dll
20:49:49.0100 0x0db8  C:\Windows\System32\PortableDeviceTypes.dll - ok
20:49:49.0100 0x0db8  [ 69754747274B76E7FAF287239333D7E6, A0BAEC1E56E4B1A17C0D41B317526AF5BB11E7E488C7016067A6229346A23B16 ] C:\Windows\System32\msiltcfg.dll
20:49:49.0100 0x0db8  C:\Windows\System32\msiltcfg.dll - ok
20:49:49.0100 0x0db8  [ 3B39F9D51E4D8BAABDA6518955B58C13, 64AE407FA65096D5483C31B14AAC7FA691A4736AEA1288DC6D4BCEE3A2CE8A6F ] C:\Windows\System32\msi.dll
20:49:49.0100 0x0db8  C:\Windows\System32\msi.dll - ok
20:49:49.0100 0x0db8  [ 81FB155132AE12BA18119D5B36A85476, B135C87752B20C98CD5D4B9BE47316F785EC41FD5E391D8609F06EDA29B05BBF ] C:\Windows\System32\msvcr110_clr0400.dll
20:49:49.0100 0x0db8  C:\Windows\System32\msvcr110_clr0400.dll - ok
20:49:49.0100 0x0db8  [ 8B8D1CEF498678CAB9DF17145D34BC64, B833545CC592BBF77F4F3E6BA9961D10673AA3F4E2CF6369F6A3BDAF1BC02026 ] C:\Windows\SysWOW64\msxml3.dll
20:49:49.0100 0x0db8  C:\Windows\SysWOW64\msxml3.dll - ok
20:49:49.0100 0x0db8  [ F7A256EC899C72B4ECDD2C02CB592EFD, 9C1AA9322E83CABB94AEA4375EAEB0C44700E1F33B8BE98649BA1DF4DDFAD326 ] C:\Windows\System32\bthprops.cpl
20:49:49.0100 0x0db8  C:\Windows\System32\bthprops.cpl - ok
20:49:49.0100 0x0db8  [ 007863E45F25AA47A4C30D0930BBFD85, 60F2ABA40D520FCA2C57FA2DB72E111C14F21821DA17F662837506B80C269634 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
20:49:49.0100 0x0db8  C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
20:49:49.0100 0x0db8  [ 234AFA322624B3203A2E720F08292B03, 0C0ACDD63FD82EDD34442E9E0763872BA6BF6AC73AB89147EA5FDD1E0229CC0A ] C:\Windows\System32\cscobj.dll
20:49:49.0100 0x0db8  C:\Windows\System32\cscobj.dll - ok
20:49:49.0116 0x0db8  [ B81737A402CA1BCEC7CDD33261E0D820, 60CDD7E71F3ED2B7933E0544B12EFB06D023895125DBCBF54053DE385F52E473 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\abf62e6545d2802fc60286678a67e6bf\mscorlib.ni.dll
20:49:49.0116 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\abf62e6545d2802fc60286678a67e6bf\mscorlib.ni.dll - ok
20:49:49.0116 0x0db8  [ 8569E35D00F45972E506502EEE622BA4, 01FE851C03DB88C8373099C279F995A559D962B08932E193032FA3EAD522FB01 ] C:\Windows\System32\srchadmin.dll
20:49:49.0116 0x0db8  C:\Windows\System32\srchadmin.dll - ok
20:49:49.0116 0x0db8  [ 911D9C513B4B6270699CFF49815CAB18, F392EE71BBF61F9772F285365EB5A09C0D428B7F46A978204E3953EE3EE30F2A ] C:\Program Files (x86)\DAEMON Tools Lite\imgengine.dll
20:49:49.0116 0x0db8  C:\Program Files (x86)\DAEMON Tools Lite\imgengine.dll - ok
20:49:49.0116 0x0db8  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] C:\Windows\System32\FXSSVC.exe
20:49:49.0116 0x0db8  C:\Windows\System32\FXSSVC.exe - ok
20:49:49.0116 0x0db8  [ 610FD9154F3C36E5BF419EE499FCDF2E, DFF65C501D2C01C694FB75D585EF7791402F227725FD8850EF215AA26E4599BF ] C:\Program Files (x86)\Bluetooth Suite\AthCopyHook.dll
20:49:49.0116 0x0db8  C:\Program Files (x86)\Bluetooth Suite\AthCopyHook.dll - ok
20:49:49.0116 0x0db8  [ D2155709E336C3BC15729EB87FEC6064, 682A84C0F2D892E7A6CEE4E5937B4799E352AAE3B71E7037F2A343373467443C ] C:\Windows\System32\rasdlg.dll
20:49:49.0116 0x0db8  C:\Windows\System32\rasdlg.dll - ok
20:49:49.0116 0x0db8  [ E0B340996A41C9A75DFA3B99BBA9C500, D029AD8ABBD2267B1E44DF5172B93C3F832B4C21F930F5512C24E800F5CE4F8B ] C:\Windows\System32\SearchIndexer.exe
20:49:49.0116 0x0db8  C:\Windows\System32\SearchIndexer.exe - ok
20:49:49.0131 0x0db8  [ 589DF683A6C81424A6CECE52ABF98A50, 8CE0D07B2FC1F1BF8C07434FAFCDC63FDD3B75007C3B2EED130DB69D2D16E90A ] C:\Windows\System32\tquery.dll
20:49:49.0131 0x0db8  C:\Windows\System32\tquery.dll - ok
20:49:49.0131 0x0db8  [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2, E8ACB693B1A78FAEF292111BE3F9B10BA95C76833C06C931A08EAAAE39A21334 ] C:\Windows\System32\dot3api.dll
20:49:49.0131 0x0db8  C:\Windows\System32\dot3api.dll - ok
20:49:49.0131 0x0db8  [ E4FCA0F99A41E460C84016DEFD31E6EF, 8EB14AF2025EADC7C86280E8417D8F286E8271B4F88B31696E33DFD72B3A0EF2 ] C:\Windows\System32\wlanhlp.dll
20:49:49.0131 0x0db8  C:\Windows\System32\wlanhlp.dll - ok
20:49:49.0131 0x0db8  [ 357BE883C5236BFC7341CB9E82308908, 4DDB697FD9B7C516CF99D73C8799EA35BB97E2431216CD7C1045F17B06109FBF ] C:\Windows\System32\wlanapi.dll
20:49:49.0131 0x0db8  C:\Windows\System32\wlanapi.dll - ok
20:49:49.0131 0x0db8  [ 7F1B4C6FF3B85F9ADF74055187B8A22C, CC95DA5662638AACBE9643DCB236464C2C2095A8D5CDC8A747045870BE9D0E7D ] C:\Windows\System32\wlanutil.dll
20:49:49.0131 0x0db8  C:\Windows\System32\wlanutil.dll - ok
20:49:49.0131 0x0db8  [ 73FCB7919DEE80EE556F2E498594EBAE, D0F7A0AD3BC33263E9C2CF9787DD326436F9E0C9F5031D769F8A43C64C08A762 ] C:\Windows\System32\onex.dll
20:49:49.0131 0x0db8  C:\Windows\System32\onex.dll - ok
20:49:49.0131 0x0db8  [ 7568CC720ACE4D03B84AF97817E745EF, 7155144CB0B260B969C398A36BC277C97BEADB5DB137D19A4F7E5AF61C3E24D4 ] C:\Windows\System32\mssrch.dll
20:49:49.0131 0x0db8  C:\Windows\System32\mssrch.dll - ok
20:49:49.0131 0x0db8  [ 5DA219F57A9076FB6FBD3C9C3713A672, 274FE616625B336D81841FDC752C8053D4CD6926565B899760D298D145CBA1A3 ] C:\Windows\System32\WWanAPI.dll
20:49:49.0131 0x0db8  C:\Windows\System32\WWanAPI.dll - ok
20:49:49.0147 0x0db8  [ 62C7AACC746C9723468A8F2169ED3E85, 40E901F3EAFE52DF11D6BC4EF0E79F666EBDACE0B3C090CAD2358076E893EA47 ] C:\Windows\System32\wwapi.dll
20:49:49.0147 0x0db8  C:\Windows\System32\wwapi.dll - ok
20:49:49.0147 0x0db8  [ 6B851E682A36453E1B1EE297FFB6E2AB, A641D3FD9463C4788B45B8B5584EA4489C1F63A71B4B595AE85FF3482CD5EDA6 ] C:\Windows\System32\QAGENT.DLL
20:49:49.0147 0x0db8  C:\Windows\System32\QAGENT.DLL - ok
20:49:49.0147 0x0db8  [ 3121A79D13A61562BE9CC902CD46B542, 00A5833A48338A4A9A5530844924AF4F1FAB618DA46D7EBBC6E2165C32ED376C ] C:\Windows\System32\msidle.dll
20:49:49.0147 0x0db8  C:\Windows\System32\msidle.dll - ok
20:49:49.0147 0x0db8  [ ACE1BB07E0377E37A2C514CD2EC119B1, A9AFA4774DFA875496764D6E541A6333A3ACD3C5D2BBEF753C2D80BA83B4AC15 ] C:\Windows\System32\mssprxy.dll
20:49:49.0147 0x0db8  C:\Windows\System32\mssprxy.dll - ok
20:49:49.0147 0x0db8  [ 0A283CD50B5367C2BA513492D7A2892B, 0B10BB5A147B41BAA1D07090516003682C0CE6A1ACCA9F49B265A2315B227EA7 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\MOM\7a8ecdcc8b7ac9bdac0aad189dad83bf\MOM.ni.exe
20:49:49.0147 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\MOM\7a8ecdcc8b7ac9bdac0aad189dad83bf\MOM.ni.exe - ok
20:49:49.0147 0x0db8  [ FE085839DF8AF76F958F0184E5C173B6, DAC508DEEB68961679AC370B9F45F939ADACADA20C8DFE231F720517C8FD8151 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System\4d4a15d5d7968df7dedd4cf853848d90\System.ni.dll
20:49:49.0147 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\System\4d4a15d5d7968df7dedd4cf853848d90\System.ni.dll - ok
20:49:49.0147 0x0db8  [ C9FB9038B15036CA28CF0B4BE2BED9BD, 0F56384E798B3F725FFEFC6E31A980DA31F620DB847F601273EF19E8CE74A226 ] C:\Windows\System32\en-US\tquery.dll.mui
20:49:49.0147 0x0db8  C:\Windows\System32\en-US\tquery.dll.mui - ok
20:49:49.0163 0x0db8  [ F2F7EED54D0970CACE9A579A562AFA7A, 0E4E2C139FEC9A65695C7A68DC26E110E2E47D899B7A011850AC94D9068802EB ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\7926c26400ff262c7fc48b729377085b\System.Drawing.ni.dll
20:49:49.0163 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\7926c26400ff262c7fc48b729377085b\System.Drawing.ni.dll - ok
20:49:49.0163 0x0db8  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] C:\Windows\System32\qmgr.dll
20:49:49.0163 0x0db8  C:\Windows\System32\qmgr.dll - ok
20:49:49.0163 0x0db8  [ B64B27F93EE12D85F80F6F1E21975A09, 9B83FDD588DD3BB929BB812547C21B929307B4C0DB9409D7F729E269FE0AEC90 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\4764e3995ebd7b6b438eef937cde1332\System.Windows.Forms.ni.dll
20:49:49.0163 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\4764e3995ebd7b6b438eef937cde1332\System.Windows.Forms.ni.dll - ok
20:49:49.0163 0x0db8  [ D9431DCF90B0253773F51FDEFE7FD42F, E53C40CC0EC603CF67305F0AA81389124CF6E709A22DABF13563CBAD15897422 ] C:\Windows\System32\bitsigd.dll
20:49:49.0163 0x0db8  C:\Windows\System32\bitsigd.dll - ok
20:49:49.0163 0x0db8  [ 29409ED7400CA5BCCC30C0EE5147A60D, FCC41E4308A1648CE810105AACED08295C53E25178D6C40C9DF61E9397C579D6 ] C:\Windows\System32\bitsperf.dll
20:49:49.0163 0x0db8  C:\Windows\System32\bitsperf.dll - ok
20:49:49.0163 0x0db8  [ 96DB78C9C50CEED9DA5050EFFEE272A2, 51CF3E1F96555A4E4B5BC0DE2598CE5A0199F495644A91C2105F25A5A4CF10E3 ] C:\Windows\System32\upnp.dll
20:49:49.0163 0x0db8  C:\Windows\System32\upnp.dll - ok
20:49:49.0163 0x0db8  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:49:49.0163 0x0db8  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
20:49:49.0163 0x0db8  [ 0DCA5F8AF83975061D9D8340DC471B5C, 71C8549419F46ABB4826B1847BF325374FA5C237CE14DB8B1DD8BB6FDABF6138 ] C:\Windows\SysWOW64\msvcr110_clr0400.dll
20:49:49.0163 0x0db8  C:\Windows\SysWOW64\msvcr110_clr0400.dll - ok
20:49:49.0178 0x0db8  [ D83947A58613E9091B4C9CC0F1546A8D, C71DF6E18E2099FC462717B8658D39C607A62C7E7A1E5CD0E258C17434535AD0 ] C:\Windows\SysWOW64\mscoree.dll
20:49:49.0178 0x0db8  C:\Windows\SysWOW64\mscoree.dll - ok
20:49:49.0178 0x0db8  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] C:\Windows\System32\ssdpsrv.dll
20:49:49.0178 0x0db8  C:\Windows\System32\ssdpsrv.dll - ok
20:49:49.0178 0x0db8  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:49:49.0178 0x0db8  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
20:49:49.0178 0x0db8  [ C8E5975C1EC98961829CD03D615D2FE4, 8F1E1BDC3C0CB761BD2D5A4B5068C5B86C91D331E34766407681B75829DF641E ] C:\Program Files (x86)\Google\Update\1.3.24.15\goopdateres_en.dll
20:49:49.0178 0x0db8  C:\Program Files (x86)\Google\Update\1.3.24.15\goopdateres_en.dll - ok
20:49:49.0178 0x0db8  [ 2ADF33F93991C4E24E86FFA5F906417B, 426FFE6DF9E1B779DA52D7361C8ED03C25F8F8EF30BF3BAAE07D488C3A96C74F ] C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
20:49:49.0178 0x0db8  C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL - ok
20:49:49.0178 0x0db8  [ 22F7DE8F3E33AA52A80855B590464DFA, D11C0D0AB367D1E1EA7369A68A0FD5D1495017CE369548FE76B03D3A2A4ACE08 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll
20:49:49.0178 0x0db8  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll - ok
20:49:49.0194 0x0db8  [ 724AA7607C6F0F99F7D261243927FF8A, F271A74ACD2B1785E6CB02B27474F195B8A7C7A3DC2F1D061152A62766CB5C5E ] C:\Windows\assembly\NativeImages_v4.0.30319_64\MOM.Implementation\14a3bd619e4fda0db164ce19de373fcd\MOM.Implementation.ni.dll
20:49:49.0194 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\MOM.Implementation\14a3bd619e4fda0db164ce19de373fcd\MOM.Implementation.ni.dll - ok
20:49:49.0194 0x0db8  [ 0BD555EFCCAFA97D21BADF27752C686E, 58641563EE2403BCC7FBD09D668F3AA583A9510AA6935F2970B8114564A57B20 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundation\48284de4880f4649d1b11a6d699026cb\LOG.Foundation.ni.dll
20:49:49.0194 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundation\48284de4880f4649d1b11a6d699026cb\LOG.Foundation.ni.dll - ok
20:49:49.0194 0x0db8  [ E65A918C33DEBA043D0BA1119E3A3D2F, F9D0BFA0DAFA382FB23064ED6237C15485BF0EE96C6DC9A6B18C7D7A5FE31601 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundat5023f8e7#\8658f3ff85fea430a2833f956535b9b3\LOG.Foundation.Private.ni.dll
20:49:49.0194 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundat5023f8e7#\8658f3ff85fea430a2833f956535b9b3\LOG.Foundation.Private.ni.dll - ok
20:49:49.0194 0x0db8  [ 202910B049A1E14E071C85C3ADB5F5C7, 61B10C0D21A08D19BAB2B8D648D0ECDBF82CDEB41D90A5105D3AC27FACBE86FE ] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundat03490438#\b6068f6b3d85e259c70cb18f3c219507\LOG.Foundation.Implementation.ni.dll
20:49:49.0194 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundat03490438#\b6068f6b3d85e259c70cb18f3c219507\LOG.Foundation.Implementation.ni.dll - ok
20:49:49.0194 0x0db8  [ 88835C24F03A0BF9580F06E2CDE6DA9C, FEDB6C4E254ACA34392435117C449806309ABCC42F304A6D8E35F054A0FAD9D9 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\MOM.Foundation\9a818361a2b1985c3e2dd3f6e7eecfc5\MOM.Foundation.ni.dll
20:49:49.0194 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\MOM.Foundation\9a818361a2b1985c3e2dd3f6e7eecfc5\MOM.Foundation.ni.dll - ok
20:49:49.0194 0x0db8  [ CDCD10AA486B86C26B1704F8B97C3E0E, 302B0C201B36229468C4C2D415570F5FFEF3B93BE927DD1E65D9BE19CBE47646 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundatcaafa75b#\81fca17e75306439cc60b3605b454edb\LOG.Foundation.Implementation.Private.ni.dll
20:49:49.0194 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundatcaafa75b#\81fca17e75306439cc60b3605b454edb\LOG.Foundation.Implementation.Private.ni.dll - ok
20:49:49.0194 0x0db8  [ 69ED0472B72915137E632B570A917AC9, 11179B33391223A0439FDBF7C0C77483C0DDD25C1BB53BD6F6872B95A06A9C3E ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runt73a1fc9d#\261f548d4850ad60de7baa61023fe697\System.Runtime.Remoting.ni.dll
20:49:49.0194 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runt73a1fc9d#\261f548d4850ad60de7baa61023fe697\System.Runtime.Remoting.ni.dll - ok
20:49:49.0194 0x0db8  [ 20F4C672A75F86E670EE8B965C6F0BBA, E4308FB225AD363CB7034E45D09A8865C7A8C894E41382579616ECF4BE52F1BE ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\13bb14bb88e6c577c79001039d678bbd\System.Configuration.ni.dll
20:49:49.0209 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\13bb14bb88e6c577c79001039d678bbd\System.Configuration.ni.dll - ok
20:49:49.0209 0x0db8  [ A6D7A403246862BF7D2C90219C5F5664, 0AF39D36BB06D27D2BA9FB88441294EFA33615CE58E175A2D3B28195F2910882 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xml\fa4b9cda7a89969191429507a934c352\System.Xml.ni.dll
20:49:49.0209 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xml\fa4b9cda7a89969191429507a934c352\System.Xml.ni.dll - ok
20:49:49.0209 0x0db8  [ F00AE7B953ABEF1B53FBBA187DFC8238, 6FFA160FB6821A725A7D81E1BECE1DE89E3E022B33E56A7468E2E0B4C8B2AE31 ] C:\Windows\System32\webcheck.dll
20:49:49.0209 0x0db8  C:\Windows\System32\webcheck.dll - ok
20:49:49.0209 0x0db8  [ 1B26610C1659EF54ED000233FB96F20C, 3C6BD297E12CF9B382CB402B458EB5ACE5071712D1B0795F5BEA9C51CFBA550D ] C:\Windows\System32\ieframe.dll
20:49:49.0209 0x0db8  C:\Windows\System32\ieframe.dll - ok
20:49:49.0209 0x0db8  [ D9E21CBF9E6A87847AFFD39EA3FA28EE, B2AE0BBF907D4108DE3485E6059DF8D10C39707CD508A55A2D9627A66D01AE78 ] C:\Windows\System32\SearchProtocolHost.exe
20:49:49.0209 0x0db8  C:\Windows\System32\SearchProtocolHost.exe - ok
20:49:49.0209 0x0db8  [ D2A5B2B09F2AF5ED13BF494508B09788, 3FA04E84EC5A575E7804E44BA3BF1C4143E53C4ACF6C823CD029711529B0BE2C ] C:\Windows\System32\msshooks.dll
20:49:49.0209 0x0db8  C:\Windows\System32\msshooks.dll - ok
20:49:49.0209 0x0db8  [ 49A3AD5CE578CD77F445F3D244AEAB2D, 1D200547C6277C4A878A9ADD94045F7ACCC583609985C592AAE9B9B9CA7B812A ] C:\Windows\System32\SearchFilterHost.exe
20:49:49.0209 0x0db8  C:\Windows\System32\SearchFilterHost.exe - ok
20:49:49.0209 0x0db8  [ 48041BAEB60CE5F34F13CC2A1361E49C, AF82355A4C0D872F1F45261381C23C1510C2C77DD5F040B706FD7A3D63D4BAA4 ] C:\Windows\System32\mssph.dll
20:49:49.0209 0x0db8  C:\Windows\System32\mssph.dll - ok
20:49:49.0225 0x0db8  [ 8F4BB0CFECED925D440ABC2481278360, 0A87E7E1B38300E211F2ECA10BFB9831CF79B128DEB9D7AB0AA6A715197FF2DD ] C:\Windows\System32\mapi32.dll
20:49:49.0225 0x0db8  C:\Windows\System32\mapi32.dll - ok
20:49:49.0225 0x0db8  [ 9108540E866F75C7AF2B91DD921A8091, 7208C8E05E818781D7F2703B86848FC90651E0D8BE10362863250F2283CEC511 ] C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
20:49:49.0225 0x0db8  C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
20:49:49.0225 0x0db8  [ 101797BA603D227946B4B5109867EB19, EBF2B48D1A4FE148F455EA32023ABC0D479215D48C7CE76E765F199CD3C80AF8 ] C:\Windows\System32\SyncCenter.dll
20:49:49.0225 0x0db8  C:\Windows\System32\SyncCenter.dll - ok
20:49:49.0225 0x0db8  [ 25DA3B804C41633C0AE28F514F097692, 77ECF5E7298C84E12C57ACBDDF15B7E17D6CEC3BBADA3A9DFDA46A5377B2A1F9 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
20:49:49.0225 0x0db8  C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe - ok
20:49:49.0225 0x0db8  [ 6358B3D31D252868E3EDC4A78D521C7B, 6DFB530E086E8DA444E15EB424BED630292333439A1831AF988ADA2CEB70E0E9 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CCC\5d2aac7ccbe314f1dd8f8963726de6d3\CCC.ni.exe
20:49:49.0225 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CCC\5d2aac7ccbe314f1dd8f8963726de6d3\CCC.ni.exe - ok
20:49:49.0225 0x0db8  [ 8130391F82D52D36C0441F714136957F, 1FD4FEE7CAF63E450F27729E07EA2A2F09288629FD872DBB6E8710B16D8DBD5D ] C:\Windows\System32\imapi2.dll
20:49:49.0225 0x0db8  C:\Windows\System32\imapi2.dll - ok
20:49:49.0225 0x0db8  [ C7E30875A040726C7AA91BBA12628F2C, 8FE5A1A6943AC659CBDC976A3395B9CF7EBBDFD39F58CBE85BA3312314E45B6D ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CCC.Implementation\2a8a9df8c4790f7c24f5b701e43c884b\CCC.Implementation.ni.dll
20:49:49.0225 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CCC.Implementation\2a8a9df8c4790f7c24f5b701e43c884b\CCC.Implementation.ni.dll - ok
20:49:49.0241 0x0db8  [ 6A5C1A8AC0B572679361026D0E900420, B5E693B48B462E97738A3D4E58B60846159649EB15F4D11074B4BC107CC88562 ] C:\Windows\System32\hgcpl.dll
20:49:49.0241 0x0db8  C:\Windows\System32\hgcpl.dll - ok
20:49:49.0241 0x0db8  [ 90444850B11F7515BAE08E241E3395F6, 9C30FF75DD53E65D6396D24BA97D4E526E276F9D0D16893706C2B3C3799DB9B4 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Core\1d513cb1b284a419e8b3df381ce7f270\System.Core.ni.dll
20:49:49.0241 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Core\1d513cb1b284a419e8b3df381ce7f270\System.Core.ni.dll - ok
20:49:49.0241 0x0db8  [ E503E15C88B4BBDA3F6345E34FED3E92, 40C09CFBC7AAAE12BCAE32B5047E4A54DFB362434EBD5F54D8A5C8F6DBDA719A ] C:\Windows\System32\mssvp.dll
20:49:49.0241 0x0db8  C:\Windows\System32\mssvp.dll - ok
20:49:49.0241 0x0db8  [ 01E2855FB06C422E721D890AF201C2D7, 9CAA197D5CE95AABFC8C09EA2137E73C7A0EF37CE0459508C663F7B2D758E57F ] C:\Windows\System32\NaturalLanguage6.dll
20:49:49.0241 0x0db8  C:\Windows\System32\NaturalLanguage6.dll - ok
20:49:49.0241 0x0db8  [ 4697A5E9C67FCDC53D42C8A669F5DC78, A3A09650A3C1790C388BECCAEC439B32FBA8ACFF85E7291AD7E7763D896ABD91 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Web\e742916dda2f08fcc53500b2eb1e5d8f\System.Web.ni.dll
20:49:49.0241 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Web\e742916dda2f08fcc53500b2eb1e5d8f\System.Web.ni.dll - ok
20:49:49.0241 0x0db8  [ 701D9F5F3F21580936638D5C5F86B460, 2F187684F61C72AACF8274EA29B48DAAC6C8377F791843914AABF5DAB3760980 ] C:\Windows\System32\NlsData0009.dll
20:49:49.0241 0x0db8  C:\Windows\System32\NlsData0009.dll - ok
20:49:49.0241 0x0db8  [ 91EA828A9EA87216CCE8134F82FB80E0, 79A782F59B621E9AD177BDE27086605E05CBC2090B8EAD76FAAB40590A73A12A ] C:\Program Files\Internet Explorer\ieproxy.dll
20:49:49.0241 0x0db8  C:\Program Files\Internet Explorer\ieproxy.dll - ok
20:49:49.0256 0x0db8  [ D40E7B5FBB8E0EAA7C5C294389AF95AB, 8EFD521DF1F335AF416DEC15D5C0C6538903803AA1A8ED93AA704B384A29876B ] C:\Users\John\Desktop\tdsskiller.exe
20:49:49.0256 0x0db8  C:\Users\John\Desktop\tdsskiller.exe - ok
20:49:49.0256 0x0db8  [ 148A733B93A2AC104280495DA09D3CC2, 443E46865090C610B84A82DB23DF8D1F22001FEA8B10F5619A10D25D7FEA29CC ] C:\Windows\System32\NlsLexicons0009.dll
20:49:49.0256 0x0db8  C:\Windows\System32\NlsLexicons0009.dll - ok
20:49:49.0256 0x0db8  [ C100F1367EE7A695F7BB45A204714B1F, D285B1B743385C60C87FAB79788060DD427510394C356650C2FA9C3DE343335B ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundation\77e147c8111915324d6bbd1108daec9b\CLI.Foundation.ni.dll
20:49:49.0256 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundation\77e147c8111915324d6bbd1108daec9b\CLI.Foundation.ni.dll - ok
20:49:49.0256 0x0db8  [ 31193343C54476B19AB6936EFD7B5503, 4B2212EB74BD623C8D769273F4132A7E331790A950CC4387EA55C28D53CF6BE9 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat60cdf5df#\1e85ffdafeff76fb448f2d889135ed24\CLI.Foundation.XManifest.ni.dll
20:49:49.0256 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat60cdf5df#\1e85ffdafeff76fb448f2d889135ed24\CLI.Foundation.XManifest.ni.dll - ok
20:49:49.0256 0x0db8  [ 3BDA50E1839E245BD83534F8DEAF9DFD, E9A01754DE05441A40BDD8E4AB3D7FE08FD050059021225205FC969FE2614449 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll
20:49:49.0256 0x0db8  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll - ok
20:49:49.0256 0x0db8  [ B0F8CCA08DBC392442E27377B98DD0CD, D76D5897EFE57BD3897F3ACD44A85003BD412E9C0CAF1C78D18137C32327A399 ] C:\Windows\System32\consent.exe
20:49:49.0256 0x0db8  C:\Windows\System32\consent.exe - ok
20:49:49.0256 0x0db8  [ AE755CEF91E98525BE622916064DC94C, 48FE1494986A9F34D2965E26CE75BFEE734A099F51F5FF6B4C8C11CAE1070364 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone6692ca50#\d65b08461c31052543a9883a129f9396\CLI.Component.Runtime.ni.dll
20:49:49.0256 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone6692ca50#\d65b08461c31052543a9883a129f9396\CLI.Component.Runtime.ni.dll - ok
20:49:49.0256 0x0db8  [ 820349384DFDD4EB531C4E4BAC6D4C9D, A980384328B3B82B91C77BC73D0FC38E5ADC6AA1717B8B38DEB8FB29446EB2FD ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone59f353b4#\db423380385de8777d80cf234ad9defb\CLI.Component.Runtime.Shared.Private.ni.dll
20:49:49.0272 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone59f353b4#\db423380385de8777d80cf234ad9defb\CLI.Component.Runtime.Shared.Private.ni.dll - ok
20:49:49.0272 0x0db8  [ 0E78F4588627E28BC3496D1B7DF4518B, 1E7C7B27858C2C8E838DFA28207D42E140876DA2E76328D7DE878D36D161D86F ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat3d5d3945#\2e11a7de5b7ec30ddf7088c01a199d46\CLI.Foundation.Private.ni.dll
20:49:49.0272 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat3d5d3945#\2e11a7de5b7ec30ddf7088c01a199d46\CLI.Foundation.Private.ni.dll - ok
20:49:49.0272 0x0db8  [ 606A2CE9316DFD79F097E4B3A1A88ABE, 34B2F8598D8A022736E6C01C1147A899D7718FBC7157A1DB21FC34D5715316B9 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone1b4a8c97#\11cbb58694304085b7b6f3aa42675206\CLI.Component.Runtime.Shared.ni.dll
20:49:49.0272 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone1b4a8c97#\11cbb58694304085b7b6f3aa42675206\CLI.Component.Runtime.Shared.ni.dll - ok
20:49:49.0272 0x0db8  [ 4E624F605A1584486F8DA1C52F37EE31, 4E15E65346C6A2A149CE163403F0544CD08EE2A53628DD38C994AEC880C99C2C ] C:\Windows\assembly\NativeImages_v4.0.30319_64\ATICCCom\1f0cee560c5c65ae9e8d7c7f99a6e065\ATICCCom.ni.dll
20:49:49.0272 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\ATICCCom\1f0cee560c5c65ae9e8d7c7f99a6e065\ATICCCom.ni.dll - ok
20:49:49.0272 0x0db8  [ 5CC543583FA80D9B8483B552959C6E33, 0DEF46B1B872EA76CD1C62D759E4FC0F92F0A0592CDEC9C4CB914901433F3A76 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\ADL.Foundation\0abbb034350dad54627cbecd371372e7\ADL.Foundation.ni.dll
20:49:49.0272 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\ADL.Foundation\0abbb034350dad54627cbecd371372e7\ADL.Foundation.ni.dll - ok
20:49:49.0272 0x0db8  [ F3A8E542A9F82FAA06A8462563C44AC4, 59A9096EE081830925933177EF3E25F9AAAEA72E0EF1FC9718A00A3B4A3000FA ] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Server\11a293a68e4939c83d9379dfb1dd34f0\AEM.Server.ni.dll
20:49:49.0272 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Server\11a293a68e4939c83d9379dfb1dd34f0\AEM.Server.ni.dll - ok
20:49:49.0272 0x0db8  [ CCA800016FCD4671E665977623E63F19, 45C31474F2F47DE00DD20A04C4E647FA317F7F50EC0CC5279D7AE06339171A7D ] C:\Windows\assembly\NativeImages_v4.0.30319_64\NEWAEM.Foundation\f64671ab00762c11b618b2d10d70e94f\NEWAEM.Foundation.ni.dll
20:49:49.0272 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\NEWAEM.Foundation\f64671ab00762c11b618b2d10d70e94f\NEWAEM.Foundation.ni.dll - ok
20:49:49.0287 0x0db8  [ 870ED3DD11DAEBAFCA0EE61464AA3362, 4B2EF4FC032F624055610531EF2DC9589BB0CD89BA7AF230B1E14A550F2EEC4F ] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Server.Shared\b34fa6ebb0fcd831afc180c2505370c6\AEM.Server.Shared.ni.dll
20:49:49.0287 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Server.Shared\b34fa6ebb0fcd831afc180c2505370c6\AEM.Server.Shared.ni.dll - ok
20:49:49.0287 0x0db8  [ 469D622D3BCCE039679AD7B72CCCB0A6, 19B015B6F82EA044964CDDA604F69E4990560912633B935D9DB961200E0F8BCD ] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.5d945b6b#\b6a9956f3f560aaa92d6f95ee5e82e9f\AEM.Plugin.Source.Kit.Server.ni.dll
20:49:49.0287 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.5d945b6b#\b6a9956f3f560aaa92d6f95ee5e82e9f\AEM.Plugin.Source.Kit.Server.ni.dll - ok
20:49:49.0287 0x0db8  [ B861A8E783632E8D3CEB4D666A190892, 81B9467CD139EB273E8630B202C179A6079E20B73BC9BE2639F5F16F8FE5536B ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat619559bd#\f3ec76d0fe77cfa4387087c103ee86ef\CLI.Foundation.CoreAudioAPI.ni.dll
20:49:49.0287 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat619559bd#\f3ec76d0fe77cfa4387087c103ee86ef\CLI.Foundation.CoreAudioAPI.ni.dll - ok
20:49:49.0287 0x0db8  [ EAF9D45A4B644EA3111257B17AD9C6D9, 97E173E84FB02B251C3A3C11F5475E19B8455E5B2A4579FD81F98EE8E3F982F3 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.2b6a6775#\aca757650dea557a6a662e171fa3f9b9\AEM.Plugin.Hotkeys.Shared.ni.dll
20:49:49.0287 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.2b6a6775#\aca757650dea557a6a662e171fa3f9b9\AEM.Plugin.Hotkeys.Shared.ni.dll - ok
20:49:49.0287 0x0db8  [ 64E52B15773F7E17CD88DEB2D738D297, 38376D573BAC36930E544268256B300AC871A54B7083AB2D60364396FBBB2691 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.674d2b8a#\8383e6889a680e887d5a59abbe56aaf4\AEM.Plugin.WinMessages.Shared.ni.dll
20:49:49.0287 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.674d2b8a#\8383e6889a680e887d5a59abbe56aaf4\AEM.Plugin.WinMessages.Shared.ni.dll - ok
20:49:49.0287 0x0db8  [ 688C0089F5D8BEA2F334374139A35C3F, 87620D325DF891C014D7470022EA524CF51C20D585CD3F9251EBDAA5130BA10F ] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0601\e98201ce24c183ffb9c6ab658d8c68ab\DEM.Graphics.I0601.ni.dll
20:49:49.0287 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0601\e98201ce24c183ffb9c6ab658d8c68ab\DEM.Graphics.I0601.ni.dll - ok
20:49:49.0287 0x0db8  [ 41D96D94AF7F8961F56C2ED1F6C490D1, 894A27F65DB2F6C80864A24A4793ABDD9139C597EE7BED81AE7CE5FBC040ACA1 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics\ef34b87adbec391e173500e50d1a4ff3\DEM.Graphics.ni.dll
20:49:49.0287 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics\ef34b87adbec391e173500e50d1a4ff3\DEM.Graphics.ni.dll - ok
20:49:49.0287 0x0db8  [ 070E493613BB002692199A60FE0D7CA2, CDACDA8747006ED624131A6EC038298DF8C84079272A8E25F2B8A2C241F92459 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Foundation\417209b0345197b446f4f24e285f2a50\DEM.Foundation.ni.dll
20:49:49.0287 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Foundation\417209b0345197b446f4f24e285f2a50\DEM.Foundation.ni.dll - ok
20:49:49.0303 0x0db8  [ 534D84434D9DB1D1E1E865F64E52AA8E, 7E2AF0C13C90C222227FF4CAB94E2E11FB18B0FE915A63072EE3B8B3D5F42EF0 ] C:\Windows\System32\twext.dll
20:49:49.0303 0x0db8  C:\Windows\System32\twext.dll - ok
20:49:49.0303 0x0db8  [ 4B82B6485D93DDF62C3EC2C46D04A88E, 61FB2710EE6F3FFC1043543D9139961FE0BB30BFA5014299F230BBAE19058800 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I1010\1c7a041bca9585435b52fd060c98a300\DEM.Graphics.I1010.ni.dll
20:49:49.0303 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I1010\1c7a041bca9585435b52fd060c98a300\DEM.Graphics.I1010.ni.dll - ok
20:49:49.0303 0x0db8  [ BBAAE027C176402E221CADBFCAEB5407, 42408790DD435B5625E33C53013DB080FC3F583F2D54A71A866F70090E45CCA2 ] C:\Windows\System32\zipfldr.dll
20:49:49.0303 0x0db8  C:\Windows\System32\zipfldr.dll - ok
20:49:49.0303 0x0db8  [ 945BB364B09F3A8E998DBFF02A0A5A58, FB8DEAA2DE1B3843A47E5592AE4FB4FD4C19F83AD09CAD3774144BF550267C39 ] C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll
20:49:49.0303 0x0db8  C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll - ok
20:49:49.0303 0x0db8  [ 71F0E9FDE641E1565844B8DC365DFF4E, C8C6D84884625134DDAC9EA203F34DAD560358AF0F418A02C9237F488717D3FF ] C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll
20:49:49.0303 0x0db8  C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll - ok
20:49:49.0303 0x0db8  [ 8431148ABD8DD57D860BF1680CB67572, E3D3373816C6B30B6DCEF511AABA66C860091F108F0C47FC0F7403D12EA86660 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.88aba5d2#\b425fadefc36bb1968c07b0ca39e8f8e\AEM.Plugin.REG.Shared.ni.dll
20:49:49.0303 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.88aba5d2#\b425fadefc36bb1968c07b0ca39e8f8e\AEM.Plugin.REG.Shared.ni.dll - ok
20:49:49.0303 0x0db8  [ 93522C00D1F58DC015959FFF3D719C85, 3637ADAC3BA4B3E7BAB705B00BC0FFBB5708C421EC5C641EDF5B05E54F288450 ] C:\Program Files\WinRAR\RarExt.dll
20:49:49.0303 0x0db8  C:\Program Files\WinRAR\RarExt.dll - ok
20:49:49.0319 0x0db8  [ 18B15BE16F4DB063E1C70325BB0093CE, AC12098D9399DA4F46FA5753BEFC7BC5FEED89D5390F7E651744261AE25832D3 ] C:\Program Files\WinRAR\Formats\tar.fmt
20:49:49.0319 0x0db8  C:\Program Files\WinRAR\Formats\tar.fmt - ok
20:49:49.0319 0x0db8  [ 0C13011A7B73EC0D492AB9162FA677C4, E8748E23B23380A2E19D7572082492F1543B450FD48F15A7035D43857915F686 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G962aa464#\20d1830da4797b22e8be94e3b7e841d7\CLI.Caste.Graphics.Runtime.ni.dll
20:49:49.0319 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G962aa464#\20d1830da4797b22e8be94e3b7e841d7\CLI.Caste.Graphics.Runtime.ni.dll - ok
20:49:49.0319 0x0db8  [ 45C75426A0160CC0B551DBBA76F2FC41, EE791F26B30BCC577ABEC2DDEC994FEEC927C4F28D67573DEA624937D05B1234 ] C:\Program Files\WinRAR\Formats\arj.fmt
20:49:49.0319 0x0db8  C:\Program Files\WinRAR\Formats\arj.fmt - ok
20:49:49.0319 0x0db8  [ A7B492417109136F64731E661F80716B, E7FE639AB6BFC5B609538DB0835E610CB8D9FD95680C67DBFB43A856B4486167 ] C:\Program Files\WinRAR\Formats\z.fmt
20:49:49.0319 0x0db8  C:\Program Files\WinRAR\Formats\z.fmt - ok
20:49:49.0319 0x0db8  [ B8B38A3CC0647DB641469FFA43EDF62A, E0F3D7634C21580146A095FA010B42B5FC6B1ABE58C838C622F297A12C09FC21 ] C:\Program Files\WinRAR\Formats\bz2.fmt
20:49:49.0319 0x0db8  C:\Program Files\WinRAR\Formats\bz2.fmt - ok
20:49:49.0319 0x0db8  [ ACC638056160C5B48F33B6E899ABDE48, 2761D6A1782BCB3AADDE2D31FD0055D99748CE30DD551CF4DB21C5ABF6991677 ] C:\Program Files\WinRAR\Formats\gz.fmt
20:49:49.0319 0x0db8  C:\Program Files\WinRAR\Formats\gz.fmt - ok
20:49:49.0319 0x0db8  [ 91C3FDA88067B319AF6F004339D37036, 4847D0E5B69B061F2FC87E5042A3C13DE7C184B4C06741E3A2E55D79D8B33612 ] C:\Program Files (x86)\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll
20:49:49.0319 0x0db8  C:\Program Files (x86)\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll - ok
20:49:49.0334 0x0db8  [ 1B7E63AB08F469EC274052137FD75D77, 042EC139567605695B4D6EB107830C10A88AA949AAC2B7A9719D9C839C571A53 ] C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll
20:49:49.0334 0x0db8  C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll - ok
20:49:49.0334 0x0db8  [ 61BDFDCBA90DB0062054249D4CE17B2A, DFDD3E2A5F9E65AD5FE1A8566D07C49566B6205DC0CBC797D6766D93E85C8A96 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60a7b4d1#\1df6a52015a1c4701a645dba20794c9e\CLI.Caste.Graphics.Shared.ni.dll
20:49:49.0334 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60a7b4d1#\1df6a52015a1c4701a645dba20794c9e\CLI.Caste.Graphics.Shared.ni.dll - ok
20:49:49.0334 0x0db8  [ A10B048B681C38E26CA90CD1BC123604, 4DA549D159D22650D8E83F9F76E8849F1126B0CB93E88F196409080200C48433 ] C:\Windows\System32\syncui.dll
20:49:49.0334 0x0db8  C:\Windows\System32\syncui.dll - ok
20:49:49.0334 0x0db8  [ 8699D17DFCFCD327784034DB6BD3A422, 649FA1885F04E48FDD1B3F8C5769112F29BBE880A2FAEF44A22F6051737FF8B8 ] C:\Windows\System32\synceng.dll
20:49:49.0334 0x0db8  C:\Windows\System32\synceng.dll - ok
20:49:49.0334 0x0db8  [ C5F5A5CE8E63CA3B0965C3D788A39E2F, 46B5E7B3F5EDCFF36BBEAF5293DD1BA05C2DC68A5B2E55C810330604FAFB44EF ] C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll
20:49:49.0334 0x0db8  C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll - ok
20:49:49.0334 0x0db8  [ D4BB77CD47EEDCDB08DF418136B4BC9A, FD7F40C9E63953EB372C8BE4335720E40F8095D827255E11FAF4555BBD52C636 ] C:\Program Files (x86)\Bluetooth Suite\OutLookLib.dll
20:49:49.0334 0x0db8  C:\Program Files (x86)\Bluetooth Suite\OutLookLib.dll - ok
20:49:49.0334 0x0db8  [ B95F748C4F100DD0F6E8115CC0968670, 9A306E9C79DF259187839EC74B7A9F2FCEBFA5EE54184BB46C48E605B4120C36 ] C:\Windows\winsxs\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8a1dd9552ed7f8d8\ATL80.dll
20:49:49.0334 0x0db8  C:\Windows\winsxs\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8a1dd9552ed7f8d8\ATL80.dll - ok
20:49:49.0350 0x0db8  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] C:\Windows\System32\sppsvc.exe
20:49:49.0350 0x0db8  C:\Windows\System32\sppsvc.exe - ok
20:49:49.0350 0x0db8  [ EB8CE65BB9282237737D123FF0B2BFFB, 39251A1E9939919B29A38D4FA7539DC8F3A381DB3D3A9A156051F57FAAF8BB67 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.GD.Shared\0cd5b01bdc9a109023d52f36e5c7556e\AEM.Plugin.GD.Shared.ni.dll
20:49:49.0350 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.GD.Shared\0cd5b01bdc9a109023d52f36e5c7556e\AEM.Plugin.GD.Shared.ni.dll - ok
20:49:49.0350 0x0db8  [ 4289E488905354E56002E60F211ACE3A, 98E95265740FC49792120AE09819850CB3F74552CC39B87E79B1F0AA7E43C443 ] C:\Program Files\7-Zip\7-zip.dll
20:49:49.0350 0x0db8  C:\Program Files\7-Zip\7-zip.dll - ok
20:49:49.0350 0x0db8  [ 8B22B0CF8912F810B28AFBFC8B42727F, 3E65AE302C177DB3496B38B698C825C22BEF406809DDC3DFF46A3B86F58B6808 ] C:\Windows\System32\acppage.dll
20:49:49.0350 0x0db8  C:\Windows\System32\acppage.dll - ok
20:49:49.0350 0x0db8  [ 6441D2FFB14B613C1D44D709BC7F8FFA, 2DC7CBB70F40F1BD5E3CEF645C89918FAA9B2DE2FA624AF6B0D5EC850FABDA27 ] C:\Windows\System32\sendmail.dll
20:49:49.0350 0x0db8  C:\Windows\System32\sendmail.dll - ok
20:49:49.0350 0x0db8  [ 38ABC186CBBD2612D3767AE234DBF410, C18C2694430E38F9696337BD2049C08AA479F340C2136DBEFEF6B3CEB9362A4A ] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.4adf1574#\c3ad9ba4905bd7fd6b5c57b2104e448e\AEM.Plugin.Audio.Shared.ni.dll
20:49:49.0350 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.4adf1574#\c3ad9ba4905bd7fd6b5c57b2104e448e\AEM.Plugin.Audio.Shared.ni.dll - ok
20:49:49.0350 0x0db8  [ C8994E2703410F8DFE19DE5BF82994C0, 90DEF413CCF71888DDBB6AE9F28DEB3CD477B1187F87A79B02791FB8247472FD ] C:\Windows\System32\mydocs.dll
20:49:49.0350 0x0db8  C:\Windows\System32\mydocs.dll - ok
20:49:49.0350 0x0db8  [ 05656F540886C3EE146807544A991729, 85A2EB14C6DEC3C44BB4BDDF3A86913E5CB6023D84155A3BE75F6C4F67E068CF ] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Actions5dc83b46#\747f9f406de9653837843d581e224109\AEM.Actions.CCAA.Shared.ni.dll
20:49:49.0350 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Actions5dc83b46#\747f9f406de9653837843d581e224109\AEM.Actions.CCAA.Shared.ni.dll - ok
20:49:49.0365 0x0db8  [ 4715F8F8CDBFFF2728BA38B789A1D7C7, 70E6F51636CFF04FCB5AD95968AC4771BEFE2D205DB7E34681F02DBE24C9CF39 ] C:\Windows\System32\wpdshext.dll
20:49:49.0365 0x0db8  C:\Windows\System32\wpdshext.dll - ok
20:49:49.0365 0x0db8  [ C65AA84746CE5B6430142CB0830F9BEA, DEB11C709DC9E0A1A07FD58337BCC8774E5F6AE68510F469A66F15160B1C7D5F ] C:\Windows\assembly\NativeImages_v4.0.30319_64\ResourceManf163905a#\e665d467bebe481245ff9332ecffd283\ResourceManagement.Foundation.Private.ni.dll
20:49:49.0365 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\ResourceManf163905a#\e665d467bebe481245ff9332ecffd283\ResourceManagement.Foundation.Private.ni.dll - ok
20:49:49.0365 0x0db8  [ D88B0FBE82C30931398DBF8396985AD3, 9C489660D22B693C67BFACAA52E4391A95F715005DA1FEF39643C336035D8DE3 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0709\ffc5e3012af91e8e4ad73865999dfd74\DEM.Graphics.I0709.ni.dll
20:49:49.0365 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0709\ffc5e3012af91e8e4ad73865999dfd74\DEM.Graphics.I0709.ni.dll - ok
20:49:49.0365 0x0db8  [ 7CBB1D4D13DC62D7F529D87151FD3CD3, DA75C5E64777F6ACE6F77A72D3362A40F8BE59DF3E6BC83550A81D9E20730401 ] C:\Program Files\Windows Defender\MpSvc.dll
20:49:49.0365 0x0db8  C:\Program Files\Windows Defender\MpSvc.dll - ok
20:49:49.0365 0x0db8  [ 6E28918CA00BF0C281B8DA636BAEFE2E, C45851605BE5BE7EEA007AA52B4AFDEB8F7F88827743D7ED0953FA7902533541 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0804\74931228ce8758133ba0997c4760824f\DEM.Graphics.I0804.ni.dll
20:49:49.0365 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0804\74931228ce8758133ba0997c4760824f\DEM.Graphics.I0804.ni.dll - ok
20:49:49.0365 0x0db8  [ 03AB2A2E426C2AD400AC8315226347F8, 71B2628163471D3D8C5681CA7BBAFC03C6EAA499707513FDBDEC009F0EB32E77 ] C:\Windows\System32\EhStorAPI.dll
20:49:49.0365 0x0db8  C:\Windows\System32\EhStorAPI.dll - ok
20:49:49.0365 0x0db8  [ FFF95479C7AB1550F0750A5D01744211, FF67F892AABCE1C2B695FF4C0816339566F5745C1498D48FAC050E5196C1CE09 ] C:\Windows\System32\drivers\spsys.sys
20:49:49.0365 0x0db8  C:\Windows\System32\drivers\spsys.sys - ok
20:49:49.0381 0x0db8  [ 662BA98309818AF2C17D4E48BF4021C4, 57B3FFAECE3DF5E22B6764A95D2B8523AA02CCCB4BD0779025C11D02EEBF4B1E ] C:\Program Files\Windows Defender\MpClient.dll
20:49:49.0381 0x0db8  C:\Program Files\Windows Defender\MpClient.dll - ok
20:49:49.0381 0x0db8  [ AE13D9D312364FB806BC082156AE05C2, D5F11AA6D334E73C645376A65E0EF068198081E4DCB625F6520EBAC075376620 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
20:49:49.0381 0x0db8  C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe - ok
20:49:49.0381 0x0db8  [ 36AC61A25AFD4929DB8C1675A036C62A, 2B15AA04C8694DDC8793CFBFDF773B0CAC351DA6E5FB4C3DE7126FE41571A44A ] C:\Windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\8be42454b4d7db7686ea494691d18b16\WindowsBase.ni.dll
20:49:49.0381 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\8be42454b4d7db7686ea494691d18b16\WindowsBase.ni.dll - ok
20:49:49.0381 0x0db8  [ 80E987DBE08677E2EC09615CD4358607, 8A06500612CE1BB0AECF052DCCCCE619C85BE7732CBAEAC4D6B26B6AE2CC7F7B ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\msvcr110.dll
20:49:49.0381 0x0db8  C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\msvcr110.dll - ok
20:49:49.0381 0x0db8  [ F6F22291024906E43D135A4B1705FEAC, C1B66012799D247033E8AB8386B51BC86A4E2255E6D0B163AC000B215C51B42A ] C:\Windows\System32\sppwinob.dll
20:49:49.0381 0x0db8  C:\Windows\System32\sppwinob.dll - ok
20:49:49.0381 0x0db8  [ 0AE0C4955E1DE29CCDC9DA1B816FE5EE, 93FDF0B256BCF62FEF1BF64775F5C19460D0269C1F4A11FBC3FF118851E75033 ] C:\Windows\SysWOW64\quartz.dll
20:49:49.0381 0x0db8  C:\Windows\SysWOW64\quartz.dll - ok
20:49:49.0381 0x0db8  [ B40420876B9288E0A1C8CCA8A84E5DC9, 0D3C73B45BC708D7B1E26DFB6D4F64031A998548FEA0FB5CE198ED716F7DC9A0 ] C:\Windows\SysWOW64\dnsapi.dll
20:49:49.0381 0x0db8  C:\Windows\SysWOW64\dnsapi.dll - ok
20:49:49.0397 0x0db8  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] C:\Windows\System32\wscsvc.dll
20:49:49.0397 0x0db8  C:\Windows\System32\wscsvc.dll - ok
20:49:49.0397 0x0db8  [ 4355CF8BD07B0E48C111FC3D2F36D313, B3C5837C29A71E82CA4C7A887FE219C26A5CAA1230AD7E5853C4B3035C7CC94D ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
20:49:49.0397 0x0db8  C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
20:49:49.0397 0x0db8  [ ED6EE83D61EBC683C2CD8E899EA6FEBE, F82592908D038C44D9F2E5C5B7BC663A2D370FC565F40420E1138A9E55F0E7EB ] C:\Windows\SysWOW64\rasadhlp.dll
20:49:49.0397 0x0db8  C:\Windows\SysWOW64\rasadhlp.dll - ok
20:49:49.0397 0x0db8  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] C:\Windows\System32\wuaueng.dll
20:49:49.0397 0x0db8  C:\Windows\System32\wuaueng.dll - ok
20:49:49.0397 0x0db8  [ 102CF6879887BBE846A00C459E6D4ABC, A4C51C79CF95D5C79DCEFB02946A09A987FEAF83CE2EE1BA7677EBA90869AC80 ] C:\Windows\SysWOW64\riched20.dll
20:49:49.0397 0x0db8  C:\Windows\SysWOW64\riched20.dll - ok
20:49:49.0397 0x0db8  [ FE05D03B73000CFF476E1D29109F3A84, 7880B025413338A7B114BECB5DC67605FC7A97142C26FD12F765A64A21805842 ] C:\Program Files\Windows Defender\MpEvMsg.dll
20:49:49.0397 0x0db8  C:\Program Files\Windows Defender\MpEvMsg.dll - ok
20:49:49.0397 0x0db8  [ 6EF5F3F18413C367195F06E503AB86A6, 6F8B87FB4D67F9E76A51EF759B58A95D903C4AAC9C789A65A3FA1FC4F253D978 ] C:\Windows\SysWOW64\d3d9.dll
20:49:49.0397 0x0db8  C:\Windows\SysWOW64\d3d9.dll - ok
20:49:49.0397 0x0db8  [ 2B373B5F7E36B5ED5DA176D4400EF091, A7E220CC3661429D786693B277A7F39D5D9E24284B1D9E55DB6295AF7D97D104 ] C:\Windows\System32\sppobjs.dll
20:49:49.0397 0x0db8  C:\Windows\System32\sppobjs.dll - ok
20:49:49.0412 0x0db8  [ 77B1471A490B53B24EFE136F09F76550, A650C3A244306F8E605BDA8E74BFE438356BA4403B0CB61E980D3183E3F0A7C7 ] C:\Windows\SysWOW64\d3d8thk.dll
20:49:49.0412 0x0db8  C:\Windows\SysWOW64\d3d8thk.dll - ok
20:49:49.0412 0x0db8  [ 5D8B6B2C79D0B44F70DF479AE5764DC4, 4941E275ECD65F6769FC12BCB6FDBFE35993CAF412812460B6715E33A7313D18 ] C:\Windows\SysWOW64\aticfx32.dll
20:49:49.0412 0x0db8  C:\Windows\SysWOW64\aticfx32.dll - ok
20:49:49.0412 0x0db8  [ 04BDBD8BE8F6A18B0ECC3F1DD005B99B, 430A0E376C66219E180DC02A677637E0562A1A0C04DA3D1658F2C89800C6198F ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60338cc0#\a35523888350f5e54564e619c6eb043f\CLI.Caste.Graphics.Runtime.Shared.Private.ni.dll
20:49:49.0412 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60338cc0#\a35523888350f5e54564e619c6eb043f\CLI.Caste.Graphics.Runtime.Shared.Private.ni.dll - ok
20:49:49.0412 0x0db8  [ 4FDFA3F219692D17011BF1B428857C1E, 0422101F9D47633DFF47DF022031C4221B9D395F3E23C0C6E0A54CE55D76565D ] C:\Program Files\Windows Defender\MpRTP.dll
20:49:49.0412 0x0db8  C:\Program Files\Windows Defender\MpRTP.dll - ok
20:49:49.0412 0x0db8  [ FA43D418BC945D27D0625B697B8442B5, 035DE0FEA440D2E3AD255EE84B388DDA538E778877033FDB54B8A61BB0AADE56 ] C:\Windows\System32\cabinet.dll
20:49:49.0412 0x0db8  C:\Windows\System32\cabinet.dll - ok
20:49:49.0412 0x0db8  [ 617F6EC0AC677C685479C1D0D1E76C6F, 77B22C0817558CE70EF7D3BBE04A275FFA35ED2E4AFB17DBDF353DF9932DC693 ] C:\Windows\System32\mspatcha.dll
20:49:49.0412 0x0db8  C:\Windows\System32\mspatcha.dll - ok
20:49:49.0412 0x0db8  [ 5693B872792333907FCA8938F98F3AAB, F2920C14AC0130BA2B5712E32385A69E105066E4339A24032E297A8C0A4EC464 ] C:\Windows\SysWOW64\atiu9pag.dll
20:49:49.0412 0x0db8  C:\Windows\SysWOW64\atiu9pag.dll - ok
20:49:49.0428 0x0db8  [ A3FCC4F97551087D65F8FEE879FEF736, 000EA00FD2644531F38D215972C22FE2BCE5B01CF483071398053099A342BF74 ] C:\Windows\System32\tdh.dll
20:49:49.0428 0x0db8  C:\Windows\System32\tdh.dll - ok
20:49:49.0428 0x0db8  [ BDE84089801FEBDF93DB890BB3651E8A, B9CB983718D051CF4DDE15BD2EAB45C4FF6B425B08E473FAC683A3AE190DBD20 ] C:\Windows\SysWOW64\atiumdag.dll
20:49:49.0428 0x0db8  C:\Windows\SysWOW64\atiumdag.dll - ok
20:49:49.0428 0x0db8  [ BC84211A96A09B1AD1451CC8EDC4E4B6, 9D2732A7646ECF26268C51C7ED023B8CC0557EE15C292769D1FE96D24B13BE51 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ae5e117c#\b8cdd3cf421bd142b02b07d2b9c8440a\CLI.Aspect.DisplaysColour2.Graphics.Shared.ni.dll
20:49:49.0428 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ae5e117c#\b8cdd3cf421bd142b02b07d2b9c8440a\CLI.Aspect.DisplaysColour2.Graphics.Shared.ni.dll - ok
20:49:49.0428 0x0db8  [ 92E0508D924512F63FFEEFE498CBD11F, 1158011E4A1298DEC79133B40888AA87B06F5B64BA2AB461B58C22F5F9211D0C ] C:\Windows\System32\p2pcollab.dll
20:49:49.0428 0x0db8  C:\Windows\System32\p2pcollab.dll - ok
20:49:49.0428 0x0db8  [ CEA9E2C6B5F0B6E14339A0D079366FD2, 1EEE9AC81F3844C1DE98DED08AA733ED96A24ABF455B838D7F5EE057C75B46AF ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpasdlta.vdm
20:49:49.0428 0x0db8  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpasdlta.vdm - ok
20:49:49.0428 0x0db8  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] C:\Windows\System32\QAGENTRT.DLL
20:49:49.0428 0x0db8  C:\Windows\System32\QAGENTRT.DLL - ok
20:49:49.0428 0x0db8  [ 506A83A3BEEE9FCA09F0170DE9FC7D1B, 2DFBD792B68F3EBEF0843183CAE5D52B6FA04163808AFACF6C0D738455898C36 ] C:\Windows\System32\fveui.dll
20:49:49.0428 0x0db8  C:\Windows\System32\fveui.dll - ok
20:49:49.0428 0x0db8  [ B22A639B368A54DBE92AAA8A0B42FF23, 633B2D573A63340FAFEECD538EB22DB47C76BF339EEDC405EE7692B16D375578 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.acb9d930#\8f1554a971ae9b5aef806dd95507498e\CLI.Aspect.DeviceProperty.Graphics.Shared.ni.dll
20:49:49.0428 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.acb9d930#\8f1554a971ae9b5aef806dd95507498e\CLI.Aspect.DeviceProperty.Graphics.Shared.ni.dll - ok
20:49:49.0443 0x0db8  [ 0DB2758CF1BAFE22E0970FDA0785B74C, 325DEABB182FCA8DCB426AD0095B3524C8F77F2A9204E703391F631B2C4A1157 ] C:\Windows\System32\wuapi.dll
20:49:49.0443 0x0db8  C:\Windows\System32\wuapi.dll - ok
20:49:49.0443 0x0db8  [ 7EC6617005F76714C7E16605E7A8AB06, 5940168249A9C1791CBD71C8F22FC618E8932808E1478986D89A386A5DA458AC ] C:\Windows\System32\wups.dll
20:49:49.0443 0x0db8  C:\Windows\System32\wups.dll - ok
20:49:49.0443 0x0db8  [ F4DDFC29FF08A45B153AC6EAFDFA0C4B, 4C22E7748B96982C500DDAD8181A6C7F06D1828DF5B26A5E51B3FBF471B29E24 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4542c692#\2991d76bd18ca4e4d34d0ef4fac71aa7\CLI.Aspect.DeviceCRT.Graphics.Shared.ni.dll
20:49:49.0443 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4542c692#\2991d76bd18ca4e4d34d0ef4fac71aa7\CLI.Aspect.DeviceCRT.Graphics.Shared.ni.dll - ok
20:49:49.0443 0x0db8  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] C:\Windows\System32\drivers\asyncmac.sys
20:49:49.0443 0x0db8  C:\Windows\System32\drivers\asyncmac.sys - ok
20:49:49.0443 0x0db8  [ E3C078AE98186E87F1C5CFF2DA5A6BA8, 591414F1C510C6144BBCE38CABCF7CA7851E389C569E6B858551EA0B7FEFD429 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0912\40ab2bbab24ba6c23374455f6dae354c\DEM.Graphics.I0912.ni.dll
20:49:49.0443 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0912\40ab2bbab24ba6c23374455f6dae354c\DEM.Graphics.I0912.ni.dll - ok
20:49:49.0443 0x0db8  [ EEF219689C7A06CE5160B4479A165B5F, 90C37BCB34A0876D6C4CE73DB7AAB11926B6EB3F4E702F3FD7F28052F01B974C ] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0706\13612dd8388d2db5f8660c8a65ef9bd8\DEM.Graphics.I0706.ni.dll
20:49:49.0443 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0706\13612dd8388d2db5f8660c8a65ef9bd8\DEM.Graphics.I0706.ni.dll - ok
20:49:49.0443 0x0db8  [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\Users\John\AppData\Local\Temp\{0058C6E2-D787-418D-A7EC-5F52A622434B}\{46EAE8C8-CB69-40B1-9419-B9051EE1FCBE}.tmp
20:49:49.0443 0x0db8  C:\Users\John\AppData\Local\Temp\{0058C6E2-D787-418D-A7EC-5F52A622434B}\{46EAE8C8-CB69-40B1-9419-B9051EE1FCBE}.tmp - ok
20:49:49.0459 0x0db8  [ CCB008C326DBDED0A2155E2AC99C9652, 4C9E9A016EABCE743C1AC3971CD8420134648F77BCC551A8672ACFB901B81884 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0712\aa3d62593e9378e240f726816beb1439\DEM.Graphics.I0712.ni.dll
20:49:49.0459 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0712\aa3d62593e9378e240f726816beb1439\DEM.Graphics.I0712.ni.dll - ok
20:49:49.0459 0x0db8  [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\Users\John\AppData\Local\Temp\{0058C6E2-D787-418D-A7EC-5F52A622434B}\{193D62FC-574D-4B42-8FBC-4384F3764BFD}.tmp
20:49:49.0459 0x0db8  C:\Users\John\AppData\Local\Temp\{0058C6E2-D787-418D-A7EC-5F52A622434B}\{193D62FC-574D-4B42-8FBC-4384F3764BFD}.tmp - ok
20:49:49.0459 0x0db8  [ FAD3E3432FBB0319AE6913C7B1F201C1, B2D36DB2187D66E44D3B0AD543105EB8FCDC8E46E009CB3A632D69374F538A02 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9b707b25#\3854d29800e74c3b69260906704df169\CLI.Aspect.DeviceProperty.Graphics.Runtime.ni.dll
20:49:49.0459 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9b707b25#\3854d29800e74c3b69260906704df169\CLI.Aspect.DeviceProperty.Graphics.Runtime.ni.dll - ok
20:49:49.0459 0x0db8  [ 80808656078CFCC32CF8BFEB0DD66279, 383F37599ABF16EEDEB2A60242DB7EDCC3D210A2A59DD61169047059F7041C5C ] C:\Users\John\AppData\Local\Temp\{0058C6E2-D787-418D-A7EC-5F52A622434B}\{139CDCE4-3397-4453-B4AE-29BBA909B401}.tmp
20:49:49.0459 0x0db8  C:\Users\John\AppData\Local\Temp\{0058C6E2-D787-418D-A7EC-5F52A622434B}\{139CDCE4-3397-4453-B4AE-29BBA909B401}.tmp - ok
20:49:49.0459 0x0db8  [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\Users\John\AppData\Local\Temp\{0058C6E2-D787-418D-A7EC-5F52A622434B}\{4BBA81FE-B4FA-439D-9809-C46B822861CE}.tmp
20:49:49.0459 0x0db8  C:\Users\John\AppData\Local\Temp\{0058C6E2-D787-418D-A7EC-5F52A622434B}\{4BBA81FE-B4FA-439D-9809-C46B822861CE}.tmp - ok
20:49:49.0459 0x0db8  [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\Users\John\AppData\Local\Temp\{0058C6E2-D787-418D-A7EC-5F52A622434B}\{4D03B56E-7633-4A5E-80E7-F0BA6544AA72}.tmp
20:49:49.0459 0x0db8  C:\Users\John\AppData\Local\Temp\{0058C6E2-D787-418D-A7EC-5F52A622434B}\{4D03B56E-7633-4A5E-80E7-F0BA6544AA72}.tmp - ok
20:49:49.0459 0x0db8  [ FF5C92F39C64C957E466E2183063DF28, 66202D06626E064456EB4639D16F046E03101319A29286E13F364169AB525363 ] C:\Windows\SysWOW64\atiumdva.dll
20:49:49.0459 0x0db8  C:\Windows\SysWOW64\atiumdva.dll - ok
20:49:49.0459 0x0db8  [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\Users\John\AppData\Local\Temp\{0058C6E2-D787-418D-A7EC-5F52A622434B}\{2B086A03-B287-44A3-AFAB-3D025AB4BC9C}.tmp
20:49:49.0459 0x0db8  C:\Users\John\AppData\Local\Temp\{0058C6E2-D787-418D-A7EC-5F52A622434B}\{2B086A03-B287-44A3-AFAB-3D025AB4BC9C}.tmp - ok
20:49:49.0475 0x0db8  [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\Users\John\AppData\Local\Temp\{0058C6E2-D787-418D-A7EC-5F52A622434B}\{C9D6C3C3-11DA-4E6F-81CF-FE6BEB04530E}.tmp
20:49:49.0475 0x0db8  C:\Users\John\AppData\Local\Temp\{0058C6E2-D787-418D-A7EC-5F52A622434B}\{C9D6C3C3-11DA-4E6F-81CF-FE6BEB04530E}.tmp - ok
20:49:49.0475 0x0db8  [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\Users\John\AppData\Local\Temp\{0058C6E2-D787-418D-A7EC-5F52A622434B}\{2DBA2D51-4878-40C8-AB3A-A76AC86FE6B8}.tmp
20:49:49.0475 0x0db8  C:\Users\John\AppData\Local\Temp\{0058C6E2-D787-418D-A7EC-5F52A622434B}\{2DBA2D51-4878-40C8-AB3A-A76AC86FE6B8}.tmp - ok
20:49:49.0475 0x0db8  [ B14AB99B193C3D9E6C1FF17095DE2F97, 76FCCDBF7EDAE679DCAD90B43B3E9962B417CC478DB53BAECCF1ABDCF6B24856 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combine7332395e#\8430cddcad9bf5a2aa9db800983739e3\CLI.Combined.Graphics.Aspects2.Runtime.ni.dll
20:49:49.0475 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combine7332395e#\8430cddcad9bf5a2aa9db800983739e3\CLI.Combined.Graphics.Aspects2.Runtime.ni.dll - ok
20:49:49.0475 0x0db8  [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\Users\John\AppData\Local\Temp\{0058C6E2-D787-418D-A7EC-5F52A622434B}\{2ACF56AD-D3E8-4148-A02E-5EAD51557D36}.tmp
20:49:49.0475 0x0db8  C:\Users\John\AppData\Local\Temp\{0058C6E2-D787-418D-A7EC-5F52A622434B}\{2ACF56AD-D3E8-4148-A02E-5EAD51557D36}.tmp - ok
20:49:49.0475 0x0db8  [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\Users\John\AppData\Local\Temp\{0058C6E2-D787-418D-A7EC-5F52A622434B}\{F3928160-7BFB-470E-A387-61892B8C08A8}.tmp
20:49:49.0475 0x0db8  C:\Users\John\AppData\Local\Temp\{0058C6E2-D787-418D-A7EC-5F52A622434B}\{F3928160-7BFB-470E-A387-61892B8C08A8}.tmp - ok
20:49:49.0475 0x0db8  [ 0604202107CB03AB41738ADB41868F13, 9FF7101F9FBB3667387639ADBC9E5724BBF7A233ABF808B513CB690138C36E29 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a0ae52bc#\384b27020382a002b1e684bc84944210\CLI.Aspect.DeviceLCD.Graphics.Shared.ni.dll
20:49:49.0475 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a0ae52bc#\384b27020382a002b1e684bc84944210\CLI.Aspect.DeviceLCD.Graphics.Shared.ni.dll - ok
20:49:49.0475 0x0db8  [ 2E8A6B68801747B9FE6F969FE4408291, 33B9425C5FDD0CEB0986B30AEFD00EBD08AE087CEE7636ABD4FBF4F16C216C52 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.7ec2db45#\741cf576f56503cfabecacb4571443f2\CLI.Aspect.DeviceDFP.Graphics.Shared.ni.dll
20:49:49.0475 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.7ec2db45#\741cf576f56503cfabecacb4571443f2\CLI.Aspect.DeviceDFP.Graphics.Shared.ni.dll - ok
20:49:49.0490 0x0db8  [ E2A17BCC08D92F42E08AF6BA2F93ABA7, 5FC9D47BF4B1094BECC0C0DDCD5CD4318DD3E4495D982F8785331616D5B82599 ] C:\Windows\SysWOW64\ExplorerFrame.dll
20:49:49.0490 0x0db8  C:\Windows\SysWOW64\ExplorerFrame.dll - ok
20:49:49.0490 0x0db8  [ 594BBB0EE5D170E89C729E36272323F4, E452EBECF2BC4651F1FDFBED95F73DEE0FB2D29AE87D0662F2851C03E7EE443F ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3399d0ec#\9bc19628691df05e460e05ee6369aa61\CLI.Aspect.CustomFormats.Graphics.Shared.ni.dll
20:49:49.0490 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3399d0ec#\9bc19628691df05e460e05ee6369aa61\CLI.Aspect.CustomFormats.Graphics.Shared.ni.dll - ok
20:49:49.0490 0x0db8  [ 6E1F8165C365D35C8E3C045AF0CDD481, B861360D0A014265A0BEB4CC2FE31EA05AE95120E8B07820C13A044D64C00E2B ] C:\Windows\SysWOW64\duser.dll
20:49:49.0490 0x0db8  C:\Windows\SysWOW64\duser.dll - ok
20:49:49.0490 0x0db8  [ 279AEC87D3F4994CDBE7D4C586D35A5A, 3A7B47C63FFB1817F1D7C27CE1E7F4358CC0BF921D4164E190305B210A1FC96B ] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0812\9afd87b0cfa4a60605fa3e53d378cd02\DEM.Graphics.I0812.ni.dll
20:49:49.0490 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0812\9afd87b0cfa4a60605fa3e53d378cd02\DEM.Graphics.I0812.ni.dll - ok
20:49:49.0490 0x0db8  [ EE06B85BC69F18826302348A2AD089E0, 417205797CC9F6C986A863A61179784D9ADCAF1961EF8A4D9042D73C5A86509A ] C:\Windows\SysWOW64\dui70.dll
20:49:49.0490 0x0db8  C:\Windows\SysWOW64\dui70.dll - ok
20:49:49.0490 0x0db8  [ 29D506358B0E13FA71E6CE9BF678D9B9, A6106205908B66B9393CBA28D5A66C0BA71839539225F69532BE4B67CC841DFC ] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0805\17a0b59864cb1ab93adaa25ad6ea8e7b\DEM.Graphics.I0805.ni.dll
20:49:49.0490 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0805\17a0b59864cb1ab93adaa25ad6ea8e7b\DEM.Graphics.I0805.ni.dll - ok
20:49:49.0490 0x0db8  [ 04CB7C8FDC6D9640DD82A527208F72C4, 0F8A327B0234A29EAB1F03D9102A3DF7DB4515BF580163198C5A8C174C98DE4F ] C:\Windows\System32\UIAnimation.dll
20:49:49.0490 0x0db8  C:\Windows\System32\UIAnimation.dll - ok
20:49:49.0490 0x0db8  [ E76F105AD039B9E4DA9ECE839298C4A2, 76C7056F23E90524CE4947FDE560C6D825186520DA5E9965A2116C24011AB762 ] C:\Windows\System32\wups2.dll
20:49:49.0490 0x0db8  C:\Windows\System32\wups2.dll - ok
20:49:49.0506 0x0db8  [ 1F27643C4C626457FCE8F047AE1CD7E1, 68E2367B9AA21C1BDE7FEA566D5F0DBDF1E246CB53E949622F8EDC810AA95956 ] C:\Windows\SysWOW64\dxva2.dll
20:49:49.0506 0x0db8  C:\Windows\SysWOW64\dxva2.dll - ok
20:49:49.0506 0x0db8  [ 5B7322BE8871FE1D4AA284B3C070D8AE, FB2230DB6EEC3053950ACA3918E7D715961549F47AA4FDA96C77EAA501F25D45 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c7aaa0f8#\2daa56d060e675ea92b331773fd2f0b3\CLI.Aspect.OverDrive5.Graphics.Shared.ni.dll
20:49:49.0506 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c7aaa0f8#\2daa56d060e675ea92b331773fd2f0b3\CLI.Aspect.OverDrive5.Graphics.Shared.ni.dll - ok
20:49:49.0506 0x0db8  [ 1CBEC87122B4B20756B907BDCBDEDB95, 49E772B86F9916DD014610BC7DE70BFBFECE119CF7BF1FAAD8657F98472F076F ] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0703\c93092e06896e52eea2ffa88e47cf68f\DEM.Graphics.I0703.ni.dll
20:49:49.0506 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0703\c93092e06896e52eea2ffa88e47cf68f\DEM.Graphics.I0703.ni.dll - ok
20:49:49.0506 0x0db8  [ A42F489188578C5DD5F0D75A258867F5, 441BBE6CDAAE15557C70BDD23E3D006DDA355F7B75F81CD0DD3C1233994CEF89 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8d333b6b#\0969b4f04e7ef6c74c73fe96b5166560\CLI.Aspect.Radeon3D.Graphics.Shared.ni.dll
20:49:49.0506 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8d333b6b#\0969b4f04e7ef6c74c73fe96b5166560\CLI.Aspect.Radeon3D.Graphics.Shared.ni.dll - ok
20:49:49.0506 0x0db8  [ 6F391A20728B092E0E6D09F0AA05DA7D, 72A3167E947675849FECAC6FEABE23DCA1B482F8EE5117C3CC916921A99EBB41 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{270D9292-DDAC-48F0-BD32-E7D06F6B0F87}\mpengine.dll
20:49:49.0506 0x0db8  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{270D9292-DDAC-48F0-BD32-E7D06F6B0F87}\mpengine.dll - ok
20:49:49.0506 0x0db8  [ F1F8B289D5437F88BE8DB19B2AB4E634, 1D22266625C3F8E2027322C882D77EE959CF1FBFDBE5BA49B165B506233DB199 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.eda8935e#\7b4e5c828bfd25be7d9032f64522c082\CLI.Aspect.MMVideo.Graphics.Shared.ni.dll
20:49:49.0506 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.eda8935e#\7b4e5c828bfd25be7d9032f64522c082\CLI.Aspect.MMVideo.Graphics.Shared.ni.dll - ok
20:49:49.0506 0x0db8  [ 85C0AB2C6FD75DF02184CD8D3DFDC8F3, BFCDB168281629DD3A247591574AD72F57BF43AF3BE20DA999C6702DC383BAEC ] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0906\c26567856ec85636fc715d959d977176\DEM.Graphics.I0906.ni.dll
20:49:49.0506 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0906\c26567856ec85636fc715d959d977176\DEM.Graphics.I0906.ni.dll - ok
20:49:49.0521 0x0db8  [ 0CDE045C5F2A6489B690FB000E744125, 97A24093E5F40DAB140D3E17309A522BCA2498427D96F474FB6788D3D517884D ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ef3eaa4d#\cb7cc169b6ca7f549c8f56476b72be5b\CLI.Aspect.TransCode.Graphics.Runtime.ni.dll
20:49:49.0521 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ef3eaa4d#\cb7cc169b6ca7f549c8f56476b72be5b\CLI.Aspect.TransCode.Graphics.Runtime.ni.dll - ok
20:49:49.0521 0x0db8  [ 593BB3BB5DAA0B8B6D84650AC1C57704, 259320B0F0437A0C47FEC98EEE59F4A2182C862EB799AE8B11ACFFDBB48B974B ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3a6f1658#\19b2cb9dee0a5251da66c9ac0646b2a6\CLI.Aspect.TransCode.Graphics.Shared.ni.dll
20:49:49.0521 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3a6f1658#\19b2cb9dee0a5251da66c9ac0646b2a6\CLI.Aspect.TransCode.Graphics.Shared.ni.dll - ok
20:49:49.0521 0x0db8  [ 630DD09F7D89C7BC4DBF6E4C37DC3B42, F4A581A4563C35F66DE1F112B5C4986EE60371AD6BDD1C824BE2DC3D1B32895C ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.37d3d968#\f92b316b17efb079e421e148a1358ecc\CLI.Aspect.AMDHome.Graphics.Shared.ni.dll
20:49:49.0521 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.37d3d968#\f92b316b17efb079e421e148a1358ecc\CLI.Aspect.AMDHome.Graphics.Shared.ni.dll - ok
20:49:49.0521 0x0db8  [ A6A81A519632794147752498AECB9F12, 883ADDE731EDD68BC95CD185D8442DFB80B6497C969FD12BC76BFA3B1DE34CB8 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c854b457#\67aa81dbbadb89f1245dbd28fccd143c\CLI.Aspect.HotkeysHandling.Graphics.Shared.ni.dll
20:49:49.0521 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c854b457#\67aa81dbbadb89f1245dbd28fccd143c\CLI.Aspect.HotkeysHandling.Graphics.Shared.ni.dll - ok
20:49:49.0521 0x0db8  [ BC4E5681A420817063183B3CD3967B37, E0A75EB95020FBC28B036FA70891376B2DC2CFED434FF483E551F998A8648D58 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F36b07a2b#\eb3a256ebeb315bfe9449cac4433fda7\CLI.Caste.Fuel.Runtime.ni.dll
20:49:49.0521 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F36b07a2b#\eb3a256ebeb315bfe9449cac4433fda7\CLI.Caste.Fuel.Runtime.ni.dll - ok
20:49:49.0521 0x0db8  [ 65EA093897CEB7B6E48B3DF7D6284C71, E66A69A28AA2FC6B66D0C4989EB099364F734CE96F3465BE662A52B17FBCE56F ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F24de14fe#\af9dd6941e51aca7b9c4fe94768a2925\CLI.Caste.Fuel.Shared.ni.dll
20:49:49.0521 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F24de14fe#\af9dd6941e51aca7b9c4fe94768a2925\CLI.Caste.Fuel.Shared.ni.dll - ok
20:49:49.0521 0x0db8  [ 31C94EFCF85F0E06708205CD94CE7923, 1DCB0E46BE50C5FD4733983499A6037B976A9CA87630070D4895A2A4B9D8F40A ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Fuel.Foundation\5efa01328ec85a7cf9e3ac29451ad50a\Fuel.Foundation.ni.dll
20:49:49.0521 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\Fuel.Foundation\5efa01328ec85a7cf9e3ac29451ad50a\Fuel.Foundation.ni.dll - ok
20:49:49.0537 0x0db8  [ 64200BD26777C4E953BA01539FAAEC31, EB8CD535DCD3CC29960C8A18AE0015839313DF6F6E2E13352325118DA45880EB ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pdb36d56e#\472df4415996d9faba77b57a24f661a9\CLI.Caste.Platform.Runtime.ni.dll
20:49:49.0537 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pdb36d56e#\472df4415996d9faba77b57a24f661a9\CLI.Caste.Platform.Runtime.ni.dll - ok
20:49:49.0537 0x0db8  [ 46AD3D8DE26FA2D8C1E871C56B8D9949, 39873CEB759694B71426C351A17AB927F04F90CAA7EB9D3CEFDCBBA80D2C6A0A ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pac40511b#\9d64e2b0dac087013f5c06638a00585c\CLI.Caste.Platform.Shared.ni.dll
20:49:49.0537 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pac40511b#\9d64e2b0dac087013f5c06638a00585c\CLI.Caste.Platform.Shared.ni.dll - ok
20:49:49.0537 0x0db8  [ 3B24451ACC1DDEFB176D4D7ED632796E, 2D5C11906ECAD4DB65C2CDC50FCE08BFAFD9F7AF24366CE20AC6485030AA0069 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.382a3def#\c3cd1d09c52a10d185e1afa774cd9be9\CLI.Aspect.AMDOverDrive.Platform.Shared.ni.dll
20:49:49.0537 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.382a3def#\c3cd1d09c52a10d185e1afa774cd9be9\CLI.Aspect.AMDOverDrive.Platform.Shared.ni.dll - ok
20:49:49.0537 0x0db8  [ A021CC1D5F73CDB0D022D43AADBAB933, 1B220C905677D4DEE6FDF9860BAC367784684C685D75243B246E854ACEDBBB4D ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{270D9292-DDAC-48F0-BD32-E7D06F6B0F87}\mpasbase.vdm
20:49:49.0537 0x0db8  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{270D9292-DDAC-48F0-BD32-E7D06F6B0F87}\mpasbase.vdm - ok
20:49:49.0537 0x0db8  [ 6C07BCFF6C8B73C8BCC8A1048986EC22, 033779D946E58BF1E9092157661A3C2DDD4279C9DD0EDD134AC89D7B86EA563D ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H18c99613#\cb1d8bd2d8253173e8ff6bc47bfd83aa\CLI.Caste.HydraVision.Runtime.ni.dll
20:49:49.0537 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H18c99613#\cb1d8bd2d8253173e8ff6bc47bfd83aa\CLI.Caste.HydraVision.Runtime.ni.dll - ok
20:49:49.0537 0x0db8  [ 69C0C73F33663104EE6649F3E68164A2, C0B48726527E167A36EF1058F379B9427EA7360C946EE061072833D2E34667C7 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H92ba4e46#\a32cc4da205cd41be030820d439ec517\CLI.Caste.HydraVision.Shared.ni.dll
20:49:49.0537 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H92ba4e46#\a32cc4da205cd41be030820d439ec517\CLI.Caste.HydraVision.Shared.ni.dll - ok
20:49:49.0537 0x0db8  [ 2E7B6A17A323EC96E88013055AD17533, 8F2EAD45986BEB1CF79031613E3DD9F22BADA6005650FD9C3759404E2B0B4F04 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combine930f827b#\6715c3c35d444c4db90ed3061915416a\CLI.Combined.HydraVision.Aspects.Runtime.ni.dll
20:49:49.0537 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combine930f827b#\6715c3c35d444c4db90ed3061915416a\CLI.Combined.HydraVision.Aspects.Runtime.ni.dll - ok
20:49:49.0537 0x0db8  [ B3E41F4A8E9DCAA65A8965414D213F06, BDB03173D8A0CFBDB2965722DF6FB7B5F5859C67242721C587FD75964CD21460 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.bdcffe00#\9e6445f0efbded91fe70d7d1b1295f37\CLI.Aspect.Grid.HydraVision.Shared.ni.dll
20:49:49.0537 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.bdcffe00#\9e6445f0efbded91fe70d7d1b1295f37\CLI.Aspect.Grid.HydraVision.Shared.ni.dll - ok
20:49:49.0553 0x0db8  [ 14C764316E1FE32386D3953FBBCEAF2A, C50480A6A2275CECD1495EEB0ADD9D02CFC8584E57EEC91270102C339D5C0416 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.20568423#\48b5df22a9c78b0731d0423a50b32322\CLI.Aspect.DeskMan.HydraVision.Shared.ni.dll
20:49:49.0553 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.20568423#\48b5df22a9c78b0731d0423a50b32322\CLI.Aspect.DeskMan.HydraVision.Shared.ni.dll - ok
20:49:49.0553 0x0db8  [ A8CD6B465A59BAD4F99AA75A04622ED3, 42E7CBC344D65894E326CB9F130828DD0F2A9ADB24943F017DF770FC73C24729 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.5432938c#\2e29d571141135527fedb353fcff989f\CLI.Aspect.MDProp.HydraVision.Shared.ni.dll
20:49:49.0553 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.5432938c#\2e29d571141135527fedb353fcff989f\CLI.Aspect.MDProp.HydraVision.Shared.ni.dll - ok
20:49:49.0553 0x0db8  [ 41F0EE2AC998494C7866A87E7EFD81E5, 60B68995692E4905F5C4E22CBFE5155EA70B309CE91DEB62D18970E0A2995C7E ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.dd2ab3e8#\ba0b7b3462ecd8b9b1a67009a0c1b28e\CLI.Aspect.MultiDesk.HydraVision.Shared.ni.dll
20:49:49.0553 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.dd2ab3e8#\ba0b7b3462ecd8b9b1a67009a0c1b28e\CLI.Aspect.MultiDesk.HydraVision.Shared.ni.dll - ok
20:49:49.0553 0x0db8  [ 02BA4229BFD886EC562A8772619CDC4A, E433BB0654A64FF85B287EBCF9AAE5F30E75D773FD6FA4D6588E23D060F172C1 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.fdcb645d#\5a3974547bee070b45aa4839e63e1dd6\CLI.Aspect.Settings.HydraVision.Shared.ni.dll
20:49:49.0553 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.fdcb645d#\5a3974547bee070b45aa4839e63e1dd6\CLI.Aspect.Settings.HydraVision.Shared.ni.dll - ok
20:49:49.0553 0x0db8  [ 3A71FC845FC8BD40C2A79B67FCDC8FC4, 081E6AC94511DF619C3AF33E61C09D851A6B2812E6E7663849E184CB1DBFE60D ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Runtime\1543ca5ebfeed8be94bcd6f893e53919\CLI.Caste.A4.Runtime.ni.dll
20:49:49.0553 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Runtime\1543ca5ebfeed8be94bcd6f893e53919\CLI.Caste.A4.Runtime.ni.dll - ok
20:49:49.0553 0x0db8  [ C24A57A96F69FE02FB7EBAF980E84013, 8B69EC4113C21C44DC344733E6081C6AE8CDFAA5A3A2618698EC9F8E1E7DBFBA ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Shared\0045bdb77de4c08d648dcc45bf9ed841\CLI.Caste.A4.Shared.ni.dll
20:49:49.0553 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Shared\0045bdb77de4c08d648dcc45bf9ed841\CLI.Caste.A4.Shared.ni.dll - ok
20:49:49.0553 0x0db8  [ DF312B407968F6FE94463B47680BEE41, 0A92914ED775D68AA234C74E3230C917C466F115C86E5B0F6C869FF4899832C1 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\A4.Foundation\b19c1b19ad68baa8389a09ad3563364a\A4.Foundation.ni.dll
20:49:49.0553 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\A4.Foundation\b19c1b19ad68baa8389a09ad3563364a\A4.Foundation.ni.dll - ok
20:49:49.0568 0x0db8  [ E4133869739DAED94DFDEF982318CED8, AE3316530E1E9F637486060FE4063ACEAA57DC73BA4D7821CD0D602D8AA10DF9 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Serv759bfb78#\99f3ab10177d29e82e0d8122a7005ba9\System.ServiceProcess.ni.dll
20:49:49.0568 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Serv759bfb78#\99f3ab10177d29e82e0d8122a7005ba9\System.ServiceProcess.ni.dll - ok
20:49:49.0568 0x0db8  [ C8B3B8E648C9D8003C3D3D0F9CBBE6F0, ED42429A74AB2C6E217307B4167607838AB3A4C17C42E42BE403B3374F34B8A0 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\APM.Server\6b1a041a51f7e0a2884e39f3347b9166\APM.Server.ni.dll
20:49:49.0568 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\APM.Server\6b1a041a51f7e0a2884e39f3347b9166\APM.Server.ni.dll - ok
20:49:49.0568 0x0db8  [ 8C575678610C5AE0345B2917B0866C7F, ABFC1ED5AA91BF370B0E3AB50D1F9703E3A52FB6ABF1D0B34F2211B8212A6AEC ] C:\Windows\assembly\NativeImages_v4.0.30319_64\APM.Foundation\99101fbc42857c7d0b88a78c6aa48e07\APM.Foundation.ni.dll
20:49:49.0568 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\APM.Foundation\99101fbc42857c7d0b88a78c6aa48e07\APM.Foundation.ni.dll - ok
20:49:49.0568 0x0db8  [ 0BF4362E18DFC52382F418278DCC52C4, FC9A95FD89EC55F3082DD498C0DADC1D816D8FB13569E666C8D7761ADBB04ABE ] C:\Windows\System32\rdpdd.dll
20:49:49.0568 0x0db8  C:\Windows\System32\rdpdd.dll - ok
20:49:49.0568 0x0db8  [ FF6148B1C150DA05D35C68D143AD6DEA, DFC07CE962540A1667850EFCFF12F16349FF795D252BDC6A0FF706ACF28AE4A9 ] C:\Windows\System32\RDPENCDD.dll
20:49:49.0568 0x0db8  C:\Windows\System32\RDPENCDD.dll - ok
20:49:49.0568 0x0db8  [ A23A9301EE7152FB6776052E52BDE9D9, 23D8D25FA39D88B31BE8C2142935CC084B678D999CAA0F93964A47142C77B94F ] C:\Windows\System32\RDPREFDD.dll
20:49:49.0568 0x0db8  C:\Windows\System32\RDPREFDD.dll - ok
20:49:49.0568 0x0db8  [ 834184497F4A82E8822EDED6DF611B99, 3ACBC01DD797B41CA184BD8E08E0FFCB96643E4B0ABF94A6D38ABCF768CCBACC ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componeb4d0485c#\a12761e5203c9e59f3cacdf8d5402839\CLI.Component.Runtime.Extension.EEU.ni.dll
20:49:49.0568 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componeb4d0485c#\a12761e5203c9e59f3cacdf8d5402839\CLI.Component.Runtime.Extension.EEU.ni.dll - ok
20:49:49.0584 0x0db8  [ 5BF483B6A2F6F129A3E3C19E73248869, BBEE523A83ED7AB7F51A31B25F83A0583FB9DD1D8ABA7A23450EE5D8EB4ED1C7 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.0a1309f7#\d5d62fc78eb5014be5cbf58bc8ec712f\AEM.Plugin.EEU.Shared.ni.dll
20:49:49.0584 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.0a1309f7#\d5d62fc78eb5014be5cbf58bc8ec712f\AEM.Plugin.EEU.Shared.ni.dll - ok
20:49:49.0584 0x0db8  [ 9F0094A7206306C51F84BC914E55DB26, 44314F46835C8AA0EFD79D9C0A9F76F98132C9C41AF6BD10312574CA42D7542B ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone6bf88b08#\53b1effec272dbef85c26f1f73d544f5\CLI.Component.Dashboard.ni.dll
20:49:49.0584 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone6bf88b08#\53b1effec272dbef85c26f1f73d544f5\CLI.Component.Dashboard.ni.dll - ok
20:49:49.0584 0x0db8  [ 7469D74F1B31DCDDAF1C128828978B52, 9437569AA420718EDECB1C2704B2E7E2E16EC80F302DE27A8EF8322082424445 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone168638d1#\011650d7b0c59656b420baeb0faa7629\CLI.Component.Client.Shared.Private.ni.dll
20:49:49.0584 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone168638d1#\011650d7b0c59656b420baeb0faa7629\CLI.Component.Client.Shared.Private.ni.dll - ok
20:49:49.0584 0x0db8  [ C236A09FAA06455ED346E2C1E2DC4B7F, 17DFB89BC4F6A273E26762063F2FFED3D037CF69E1A388EA4163E0F741E81760 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componef1fd67b2#\1a179e7dd005c9b5c8176d0c60be7507\CLI.Component.Client.Shared.ni.dll
20:49:49.0584 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componef1fd67b2#\1a179e7dd005c9b5c8176d0c60be7507\CLI.Component.Client.Shared.ni.dll - ok
20:49:49.0584 0x0db8  [ E3EF62DB77040CA34CD4C19D6916C4CA, FEEF932ED0827924F7E9C338D4B40A4BC232D2A14FC25AC5DB0700DCD5C7E91D ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componef4cf054f#\59c7522f23c0a1bee81fbc21c765b68e\CLI.Component.Dashboard.Shared.ni.dll
20:49:49.0584 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componef4cf054f#\59c7522f23c0a1bee81fbc21c765b68e\CLI.Component.Dashboard.Shared.ni.dll - ok
20:49:49.0584 0x0db8  [ 6AC92CDDA8D5785BE4F72EBCBD48A59E, 04FED0C5EE8AB563456480679E2268DEC9B094271872A3A3519B22BA38E24F71 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{270D9292-DDAC-48F0-BD32-E7D06F6B0F87}\mpasdlta.vdm
20:49:49.0584 0x0db8  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{270D9292-DDAC-48F0-BD32-E7D06F6B0F87}\mpasdlta.vdm - ok
20:49:49.0584 0x0db8  [ CEA9E2C6B5F0B6E14339A0D079366FD2, 1EEE9AC81F3844C1DE98DED08AA733ED96A24ABF455B838D7F5EE057C75B46AF ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E2CC8FCA-71FC-4397-99C2-7792264650ED}\mpasdlta.vdm
20:49:49.0584 0x0db8  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E2CC8FCA-71FC-4397-99C2-7792264650ED}\mpasdlta.vdm - ok
20:49:49.0584 0x0db8  [ 11A50317EBF4F98AA6A782D52CD0AC1A, 5FAEA07A60F82DE3CBDF97BFBB814664007FB41ECBC22F158E379ED8324393D8 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componec89c3bec#\2ea8e88fcffca7d1cda075ab761d9354\CLI.Component.Dashboard.Shared.Private.ni.dll
20:49:49.0584 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componec89c3bec#\2ea8e88fcffca7d1cda075ab761d9354\CLI.Component.Dashboard.Shared.Private.ni.dll - ok
20:49:49.0599 0x0db8  [ BAD20F3207CE3BE87053B23B5A68879E, 2616B5E08F39996DF4120A4F03AACEF6BAAF7FBC0FB4A42D4D5DF0CDF1746D59 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\bb1efedf0f2aa2ebbf9f0bf640c9721d\PresentationCore.ni.dll
20:49:49.0599 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\bb1efedf0f2aa2ebbf9f0bf640c9721d\PresentationCore.ni.dll - ok
20:49:49.0599 0x0db8  [ 4D339C075EA6E3B65EE90246929E05CE, CA1655D20669F2FF3A92BF8C3DDE5493296E088108ABE29633444FC8E7D2C4EC ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Presentatio5ae0f00f#\91b87b18c4453c04c9cebdeea2952826\PresentationFramework.ni.dll
20:49:49.0599 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\Presentatio5ae0f00f#\91b87b18c4453c04c9cebdeea2952826\PresentationFramework.ni.dll - ok
20:49:49.0599 0x0db8  [ 33B4BBFDB017D48CFDFE77BF88A53A99, 98D3D82239AC27C6685D8FC2DB205B386CBC2F5EF50B8644040077EAEE1EBE97 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xaml\e3882692d8f0e323f93b4d95c204b7b7\System.Xaml.ni.dll
20:49:49.0599 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xaml\e3882692d8f0e323f93b4d95c204b7b7\System.Xaml.ni.dll - ok
20:49:49.0599 0x0db8  [ DD85F00EC31F77315AE992B7B0411D65, 54C7A699252AAC3210BD1B8047292F5BE004FA72B8B5338D9772EF800C7EAED0 ] C:\Windows\System32\DWrite.dll
20:49:49.0599 0x0db8  C:\Windows\System32\DWrite.dll - ok
20:49:49.0599 0x0db8  [ 3CF6F418BF0BDB5450058030277D34AE, 8B05989FC6EF8C002DF2DDCCACEAABB85387BFE6743541994D73AC9D10F565CB ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\wpfgfx_v0400.dll
20:49:49.0599 0x0db8  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\wpfgfx_v0400.dll - ok
20:49:49.0599 0x0db8  [ BDE8ABC23E3C970058B4DC9E260B45F0, 6268CF3FAFCD3EA2074191686C6EAD7412672EF9ADAB683E627FE29AAB448EED ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationNative_v0400.dll
20:49:49.0599 0x0db8  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationNative_v0400.dll - ok
20:49:49.0599 0x0db8  [ BB2470A29AA465BD09B0AE47514E55FB, 7F68A9FCA4954BC28DC52FF89ABA8D47FBDAB46C68C5F8A76073C1FE3EAB460A ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone26c9c557#\4342e602026174c67feb0196903fc6a3\CLI.Component.Systemtray.ni.dll
20:49:49.0615 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone26c9c557#\4342e602026174c67feb0196903fc6a3\CLI.Component.Systemtray.ni.dll - ok
20:49:49.0615 0x0db8  [ 92F37FB23BD5CA32B511EC916BC1C9F9, 94BE1C72E01FC07C969FA7DD9005B92DF463BBD2EAE38C36422736593B312E72 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\ResourceMan446ca0e5#\aae8138f1236003f43ba15aea2ebc12c\ResourceManagement.Foundation.Implementation.ni.dll
20:49:49.0615 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\ResourceMan446ca0e5#\aae8138f1236003f43ba15aea2ebc12c\ResourceManagement.Foundation.Implementation.ni.dll - ok
20:49:49.0615 0x0db8  [ 2BBDBB02FA46D1891C6DC1AD4BDEF35F, DDD0978F62D3B76FEACA3708487A221E5321FFAD38155129E77E7A870FA1E2CE ] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.73911eb5#\85500e9515a939a7000c9c7712bb2e5f\CLI.Aspect.WirelessDisplay.Graphics.Shared.ni.dll
20:49:49.0615 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.73911eb5#\85500e9515a939a7000c9c7712bb2e5f\CLI.Aspect.WirelessDisplay.Graphics.Shared.ni.dll - ok
20:49:49.0615 0x0db8  [ E9AE1C71CC77B68867D16E4A36B5E0E0, 8CA4EEEBFA1B65183814556BDDC8DC1678C23F15B55595808859DAC99BCBA6E7 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Localizatio01dbc1c0#\e1b826195c88ea8f3b41187af71e2909\Localization.Foundation.Private.ni.dll
20:49:49.0615 0x0db8  C:\Windows\assembly\NativeImages_v4.0.30319_64\Localizatio01dbc1c0#\e1b826195c88ea8f3b41187af71e2909\Localization.Foundation.Private.ni.dll - ok
20:49:49.0615 0x0db8  [ 93BB66044FA76734E882C6F3E8EE1900, E00FE1028C999FFED3F8335F9D760929CB3A11B6EEF8D8D2F2CA4A32DEC56B26 ] C:\Program Files\Windows Defender\MsMpLics.dll
20:49:49.0615 0x0db8  C:\Program Files\Windows Defender\MsMpLics.dll - ok
20:49:49.0615 0x0db8  [ 218A400108F280428FA22282D3268BBC, 7712687ABAEF6616E90AE5A321044C102E79EC23F4A1EAFB4278C93724873CB3 ] C:\Windows\System32\wscapi.dll
20:49:49.0615 0x0db8  C:\Windows\System32\wscapi.dll - ok
20:49:49.0615 0x0db8  [ B84E2D174DC84916A536572BB8F691A8, 94E3D68F102439D3A585D2D796F3F3FC27CB41C640058DDC14AF99A723B2CD99 ] C:\Windows\System32\wscisvif.dll
20:49:49.0615 0x0db8  C:\Windows\System32\wscisvif.dll - ok
20:49:49.0615 0x0db8  [ 6C1E3C43B35268C17833244C8ED96430, 9C571AA762E71177B6FF486D1DB500E3530E13CAFD87316AD2C64F5A55EB4A93 ] C:\Windows\System32\wscproxystub.dll
20:49:49.0615 0x0db8  C:\Windows\System32\wscproxystub.dll - ok
20:49:49.0631 0x0db8  [ 0B7E85364CB878E2AD531DB7B601A9E5, F5AD3018427F1CD68450EE5CB55AA9572546322580E0FB1E7888702A291C2380 ] C:\Windows\SysWOW64\NapiNSP.dll
20:49:49.0631 0x0db8  C:\Windows\SysWOW64\NapiNSP.dll - ok
20:49:49.0631 0x0db8  [ 5CF640EDDB1E40A5AB1BB743BCDEC610, 0313AA3F713C9F5B84DBB0B4DE78A96B173E9F7B4CF61C10FDC7DAE952DB04E5 ] C:\Windows\SysWOW64\pnrpnsp.dll
20:49:49.0631 0x0db8  C:\Windows\SysWOW64\pnrpnsp.dll - ok
20:49:49.0631 0x0db8  [ 5DF5D8CFD9B9573FA3B2C89D9061A240, 990EA273B640DF2D7E800C0CFF18550259C605A4951CD82CD9F1E7B6FF0C9533 ] C:\Windows\SysWOW64\winrnr.dll
20:49:49.0631 0x0db8  C:\Windows\SysWOW64\winrnr.dll - ok
20:49:49.0631 0x0db8  [ AC122407B29378FF9646F03404AC7C54, 01F03A11C4419665557C3CB7E712B8AD59B13703115CB10C9F39FBE82D177BE6 ] C:\Windows\SysWOW64\wshbth.dll
20:49:49.0631 0x0db8  C:\Windows\SysWOW64\wshbth.dll - ok
20:49:49.0631 0x0db8  [ F0D0E883EBBDC7615DC9EDEA0FFB2817, 58F1395445018CB16ED4D3710443FB5B0E087043F6A69F7B10D72D0455958954 ] C:\Windows\SysWOW64\FWPUCLNT.DLL
20:49:49.0631 0x0db8  C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
20:49:49.0631 0x0db8  ================ Scan generic autorun ======================
20:49:49.0802 0x0db8  [ 293BBB2F26200F92DC5917751A489F3D, F746276ED2D0C1052EB1222610538A5DF2182AF9BD35581415E71C45F332FAA0 ] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
20:49:49.0865 0x0db8  egui - ok
20:49:50.0192 0x0db8  [ FBDF607ED7EF0467639DB501E1FD938C, 040528158D85D13122DB043144A982D6DC8744E75D140DB17A9BA5B93DC6B74D ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
20:49:50.0364 0x0db8  RtHDVCpl - ok
20:49:50.0551 0x0db8  [ FCEF5DC1794CB2C4B305F780D4F7797B, 388A24BD5967DF22A8F77FD692DCD43386482FFB0141B5C51059B4BA49B95E45 ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
20:49:50.0613 0x0db8  DAEMON Tools Lite - ok
20:49:50.0723 0x0db8  [ E268BD9144F627FA530998084A64D944, D1B5E6BC66E9B3CFB3B6EA0B8D2CC7FF1A9E63286E790C4C46323749994E7095 ] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
20:49:50.0754 0x0db8  HydraVisionDesktopManager - detected UnsignedFile.Multi.Generic ( 1 )
20:49:50.0754 0x0db8  HydraVisionDesktopManager ( UnsignedFile.Multi.Generic ) - warning
20:49:50.0847 0x0db8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:49:50.0972 0x0db8  Sidebar - ok
20:49:51.0019 0x0db8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:49:51.0066 0x0db8  mctadmin - ok
20:49:51.0144 0x0db8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:49:51.0191 0x0db8  Sidebar - ok
20:49:51.0191 0x0db8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:49:51.0206 0x0db8  mctadmin - ok
20:49:51.0440 0x0db8  AV detected via SS2: ESET NOD32 Antivirus 5.0, C:\Program Files\ESET\ESET NOD32 Antivirus\ecmd.exe ( 5.0.94.0 ), 0x41000 ( enabled : updated )
20:49:51.0518 0x0db8  Win FW state via NFP2: enabled
20:49:51.0518 0x0db8  ============================================================
20:49:51.0518 0x0db8  Scan finished
20:49:51.0518 0x0db8  ============================================================
20:49:51.0518 0x0dc0  Detected object count: 11
20:49:51.0518 0x0dc0  Actual detected object count: 11
20:52:26.0099 0x0dc0  asComSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:52:26.0099 0x0dc0  asComSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:52:26.0114 0x0dc0  AtherosSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:52:26.0114 0x0dc0  AtherosSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:52:26.0114 0x0dc0  fussvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:52:26.0114 0x0dc0  fussvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:52:26.0114 0x0dc0  HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
20:52:26.0114 0x0dc0  HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:52:26.0114 0x0dc0  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
20:52:26.0114 0x0dc0  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:52:26.0114 0x0dc0  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
20:52:26.0114 0x0dc0  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:52:26.0114 0x0dc0  Te.Service ( UnsignedFile.Multi.Generic ) - skipped by user
20:52:26.0114 0x0dc0  Te.Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:52:26.0364 0x0dc0  \Device\Harddisk0\DR0\# - copied to quarantine
20:52:26.0380 0x0dc0  \Device\Harddisk0\DR0 - copied to quarantine
20:52:26.0411 0x0dc0  \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - will be cured on reboot
20:52:26.0442 0x0dc0  \Device\Harddisk0\DR0 - ok
20:52:26.0442 0x0dc0  \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - User select action: Cure
20:52:26.0442 0x0dc0  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
20:52:26.0442 0x0dc0  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
20:52:26.0458 0x0dc0  \Device\Harddisk1\DR1\Partition1 - copied to quarantine
20:52:26.0520 0x0dc0  \Device\Harddisk1\DR1\Partition1 ( Rootkit.Boot.Cidox.b ) - will be cured on reboot
20:52:26.0567 0x0dc0  \Device\Harddisk1\DR1\Partition1 - ok
20:52:26.0567 0x0dc0  \Device\Harddisk1\DR1\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Cure
20:52:26.0567 0x0dc0  HydraVisionDesktopManager ( UnsignedFile.Multi.Generic ) - skipped by user
20:52:26.0567 0x0dc0  HydraVisionDesktopManager ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:52:27.0191 0x0dc0  KLMD registered as C:\Windows\system32\drivers\43846463.sys
20:52:32.0432 0x0fa0  Deinitialize success
 



#7 shelf life

shelf life

  • Malware Response Team
  • 2,649 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:09:01 AM

Posted 10 September 2014 - 05:10 PM

Ok. thanks for the info.

Looks like you had two rootkits onboard your machine. I would consider this machine totally compromised and not to be trusted again. Best bet is to reformat/reinstall. Thats what I suggest. Or we can continue to proceed. Up to you.


How Can I Reduce My Risk to Malware?


#8 BillPax2000

BillPax2000
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:01 AM

Posted 10 September 2014 - 07:28 PM

I will probably take your advice and go ahead and reinstall windows. This might be a good excuse to get a new hard drive anyway. I really appreciate all your help in this matter shelf life. You have been nothing but helpful and easy to understand in every step I have had to follow. Thank you so much for this. Feel free to close this thread.



#9 shelf life

shelf life

  • Malware Response Team
  • 2,649 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:09:01 AM

Posted 10 September 2014 - 08:14 PM

Ok thanks and your welcome. Happy safe surfing out there.


How Can I Reduce My Risk to Malware?





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users