Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Zombie Alert!(??ware) - The Search For the Fix Continues!


  • This topic is locked This topic is locked
31 replies to this topic

#1 Chivalry

Chivalry

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:04:09 PM

Posted 18 September 2014 - 04:30 AM

I have adware on my computer. It will not go away :/

So far, I've uninstalled a bunch of the useless (suspect) programs and run a couple of scans (malwarebytes, hitmanpro, etc) but it has not worked to remove Zombie Alert or adware that is on chrome.
here is the link to my adware post:
http://www.bleepingcomputer.com/forums/t/546966/adware-zombie-alert-not-sure-what-else/

EDIT: After much further scrutiny, I find that the adware is gone. However, I am unable to get Zombie Alert off my computer. 
It will not uninstall normally (claim's I don't have permissions, even in safe mode etc), nor removed via anti-virus/malware programs.

The above edit is all information from the past post. I haven't done anything to the computer since posting, as requested.

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17280
Run by Owner at 2:12:41 on 2014-09-18
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3874.1900 [GMT -7:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Microsoft Security Essentials *Enabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files\HitmanPro\hmpsched.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\FBAgent.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Intel\TurboBoost\TurboBoost.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files\ASUS\P4G\BatteryLife.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Windows\system32\RunDll32.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Nike\Nike+ Connect\Nike+ Connect daemon.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\Macromed\Flash\FlashUtil64_15_0_0_152_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = hxxp://www.google.com
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://asus.msn.com
uSearchAssistant = hxxp://www.google.com
mWinlogon: Userinit = userinit.exe,
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
uRun: [Spotify] "C:\Users\Owner\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
uRun: [fastclean] "C:\Program Files (x86)\FastClean PRO\fastcleanpro.exe"
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Nike+ Connect] "C:\Program Files (x86)\Nike\Nike+ Connect\Nike+ Connect daemon.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
StartupFolder: C:\Users\Owner\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~1.LNK - C:\Windows\System32\RunDll32.exe
StartupFolder: C:\Users\Owner\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
uPolicies-Explorer: NoDriveAutoRun = dword:16
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: EnableSecureUIAPath = dword:1
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.0.1 205.171.2.25
TCP: Interfaces\{0D9C541D-3126-402E-9517-2496657EF5B2} : DHCPNameServer = 192.168.0.1 205.171.2.25
TCP: Interfaces\{0D9C541D-3126-402E-9517-2496657EF5B2}\25F647860234163747C656 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{0D9C541D-3126-402E-9517-2496657EF5B2}\4646D2772747 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{0D9C541D-3126-402E-9517-2496657EF5B2}\64249402355727675696C6C616E63656026516E60203334383 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{0D9C541D-3126-402E-9517-2496657EF5B2}\D40225F64786025374 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{C35D5A16-0590-404F-8415-D94F1E98D521} : DHCPNameServer = 67.43.64.52 67.43.64.10
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3
x64-Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [IgfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\39.0.2159.4\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-7-17 269008]
R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-7-26 17024]
R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2011-9-25 379520]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
R2 HitmanProScheduler;HitmanPro Scheduler;C:\Program Files\HitmanPro\hmpsched.exe [2014-9-12 127752]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-8-30 125584]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-4-16 13832]
R2 TurboBoost;Intel® Turbo Boost Technology Monitor;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-4-16 134928]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-9-25 2656280]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2011-5-8 138024]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-5-8 317440]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2011-5-8 76912]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-8-22 368624]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\drivers\rtl8192Ce.sys [2010-12-3 1105000]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\System32\drivers\AmUStor.sys [2011-3-17 74840]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-9-13 111616]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-9-13 19456]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-9-13 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2014-9-13 30208]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-11-23 1255736]
.
=============== Created Last 30 ================
.
2014-09-18 08:16:09 11578928 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B3A84D44-D3AD-4C61-A720-9A133195A28D}\mpengine.dll
2014-09-17 01:39:17 1188440 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{32C8A774-D625-46D9-A50C-72722D565D62}\gapaengine.dll
2014-09-17 01:37:08 11578928 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-09-14 07:37:29 16384 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
2014-09-14 07:37:28 3178496 ----a-w- C:\Windows\System32\rdpcorets.dll
2014-09-14 07:37:17 5694464 ----a-w- C:\Windows\SysWow64\mstscax.dll
2014-09-14 07:37:16 6574592 ----a-w- C:\Windows\System32\mstscax.dll
2014-09-13 14:20:08 44544 ----a-w- C:\Windows\System32\TsUsbGDCoInstaller.dll
2014-09-13 14:20:02 3072 ----a-w- C:\Windows\System32\drivers\en-US\tsusbflt.sys.mui
2014-09-13 14:18:41 30208 ----a-w- C:\Windows\System32\drivers\TsUsbGD.sys
2014-09-13 14:18:41 19456 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys
2014-09-13 14:18:34 192000 ----a-w- C:\Windows\SysWow64\rdpendp_winip.dll
2014-09-13 14:18:33 243200 ----a-w- C:\Windows\System32\rdpudd.dll
2014-09-13 14:18:33 228864 ----a-w- C:\Windows\System32\rdpendp_winip.dll
2014-09-13 13:47:41 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2014-09-13 13:47:40 366592 ----a-w- C:\Windows\System32\qdvd.dll
2014-09-13 13:47:35 7168 ----a-w- C:\Windows\SysWow64\KBDYAK.DLL
2014-09-13 13:47:35 7168 ----a-w- C:\Windows\System32\KBDYAK.DLL
2014-09-13 13:47:35 7168 ----a-w- C:\Windows\System32\KBDBASH.DLL
2014-09-13 13:47:35 6656 ----a-w- C:\Windows\SysWow64\KBDBASH.DLL
2014-09-13 10:09:03 360448 ----a-w- C:\Program Files\Internet Explorer\IEShims.dll
2014-09-13 10:09:03 259584 ----a-w- C:\Program Files (x86)\Internet Explorer\IEShims.dll
2014-09-13 10:09:01 483328 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe
2014-09-13 10:09:01 470016 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2014-09-13 10:09:01 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe
2014-09-13 10:09:01 222720 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2014-09-13 10:09:00 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-09-13 10:09:00 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-09-13 10:09:00 272384 ----a-w- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
2014-09-13 10:02:15 2777088 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
2014-09-13 10:02:14 2285056 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2014-09-13 05:26:25 1031168 ----a-w- C:\Windows\System32\TSWorkspace.dll
2014-09-13 05:26:24 793600 ----a-w- C:\Windows\SysWow64\TSWorkspace.dll
2014-09-13 05:20:41 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2014-09-13 05:20:41 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2014-09-13 05:15:15 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-09-13 05:15:15 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-09-13 05:15:14 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-09-13 05:15:13 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-09-13 05:15:13 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-09-13 05:13:10 578048 ----a-w- C:\Windows\System32\aepdu.dll
2014-09-13 05:13:08 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-09-13 04:44:32 -------- d-----w- C:\Program Files\HitmanPro
2014-09-13 04:43:32 -------- d-----w- C:\ProgramData\HitmanPro
2014-09-06 10:37:14 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-09-06 10:36:29 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-09-06 10:36:29 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-09-06 10:36:29 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-09-06 10:36:28 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-06 09:08:55 -------- d-----w- C:\Windows\ERUNT
2014-09-06 08:54:16 536576 ----a-w- C:\Windows\SysWow64\sqlite3.dll
2014-09-05 06:28:10 -------- d-----w- C:\ProgramData\Visan
2014-09-05 06:28:10 -------- d-----w- C:\ProgramData\HP Photo Creations
2014-09-05 06:28:10 -------- d-----w- C:\Program Files (x86)\HP Photo Creations
2014-09-05 06:26:23 -------- d-----w- C:\Program Files (x86)\HP
2014-09-05 06:26:15 -------- d-----w- C:\Program Files\HP
2014-09-05 06:23:52 -------- d-----w- C:\Users\Owner\AppData\Local\HP
2014-09-04 12:50:16 188304 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2014-09-04 02:56:02 -------- d-----w- C:\ProgramData\19ecc5cf5478a1c6
2014-08-27 19:17:29 404480 ----a-w- C:\Windows\System32\gdi32.dll
2014-08-27 19:17:29 3163648 ----a-w- C:\Windows\System32\win32k.sys
2014-08-27 19:17:28 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
.
==================== Find3M  ====================
.
2014-09-17 01:24:58 45056 ----a-w- C:\Windows\System32\acovcnt.exe
2014-09-13 06:08:36 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-13 06:08:36 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-08-18 22:29:35 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-08-18 22:19:53 5833728 ----a-w- C:\Windows\System32\jscript9.dll
2014-08-18 22:15:34 547328 ----a-w- C:\Windows\System32\vbscript.dll
2014-08-18 22:15:09 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-08-18 22:14:38 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-08-18 22:14:10 83968 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-08-18 22:08:55 4232704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-08-18 22:03:47 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-08-18 22:03:37 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-08-18 22:03:01 758272 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-08-18 21:56:17 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-08-18 21:46:26 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-08-18 21:45:23 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-08-18 21:45:12 72704 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-08-18 21:44:44 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-08-18 21:44:09 61952 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-08-18 21:36:07 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-08-18 21:35:24 597504 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-08-18 21:23:17 2104832 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-08-18 21:23:16 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-08-18 21:22:48 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-08-18 21:15:13 2310656 ----a-w- C:\Windows\System32\wininet.dll
2014-08-18 21:08:54 2014208 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-08-18 21:07:44 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-08-18 20:46:48 1812992 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-07-25 09:35:46 875688 ----a-w- C:\Windows\SysWow64\msvcr120_clr0400.dll
2014-07-25 06:47:06 869544 ----a-w- C:\Windows\System32\msvcr120_clr0400.dll
2014-07-18 01:05:06 269008 ----a-w- C:\Windows\System32\drivers\MpFilter.sys
2014-07-18 01:05:06 125584 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
2014-07-16 03:23:41 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-07-16 02:46:02 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-07-14 02:02:45 1216000 ----a-w- C:\Windows\System32\rpcrt4.dll
2014-07-14 01:40:58 664064 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2014-07-06 15:24:28 552 ----a-w- C:\Windows\SysWow64\schtasks.bin
2014-07-06 09:32:29 310 ----a-w- C:\Windows\SysWow64\ff.bin
2014-06-30 22:24:50 8856 ----a-w- C:\Windows\System32\icardres.dll
2014-06-30 22:14:53 8856 ----a-w- C:\Windows\SysWow64\icardres.dll
2013-01-01 19:02:13 9842040 ----a-w- C:\Program Files (x86)\Common Files\wruninstall.exe
.
============= FINISH:  2:13:38.44 ===============



 

Attached Files


Edited by Chivalry, 19 September 2014 - 04:07 AM.
Hamluis.


BC AdBot (Login to Remove)

 


#2 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:07:09 PM

Posted 21 September 2014 - 04:29 PM

Hello Chivalry, and welcome! :)

My name is bloopie and I'll be helping you with your problems as best I can! :thumbup2:

A few things to keep in mind while we are working together:

  • If you have since resolved the original problem you were having, I would appreciate it if you let me know.
  • If you are unsure about any of the steps, just post what you can and I will guide you!
  • Please tell me if you have your original Windows CD/DVD available.
  • Please copy and paste all logs here unless otherwise instructed!
  • Upon completing the steps below I will review your topic an do my best to resolve your issues.
  • Please do not run any other tools without my instruction to do so!

==========
 
It appears there is still adware on your machine despite your removal efforts...but we'll be taking care of that in due time so, not to worry! :)
 
Step :step1:
 
Okay from your last topic, you mention you ran AdwCleaner, correct? AdwCleaner won't overwrite it's logs, but Delfix would have removed them...In any case, please let me know what we still have in there:
 
Please let me know if a folder C:\AdwCleaner exists? If so, I'd like you to post the contents of the most recent "cleaning" log (if it exists). It's name designation is as follows:

  • C:\AdwCleaner\AdwCleaner[S#].txt (where the largest value of #, represents the most recent report). Please ignore the AdwCleaner[R#].txt files.

 
If the entire C:\AdwCleaner folder does not exist, then just let me know, and continue with step 2 below!
 
==========

Step :step2:

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right-click FRST then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).
  • When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • When finished, it will produce a log called FRST.txt in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.

Note 2: The first time the tool is run it generates another log (Addition.txt - also located in the same directory the tool was run from). Please also paste that, along with the FRST.txt into your next reply.

==========

In your next reply, please include the following:

  • The AdwCleaner[S#].txt (if it exists)
  • The frst.txt
  • The addition.txt

bloopie



#3 Chivalry

Chivalry
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:04:09 PM

Posted 22 September 2014 - 02:53 AM

Hi Bloopie,

I'm still wondering if the adware is gone. Do you know of sites that shouldn't have ads, to test for adware?
 

thank you!


Regarding your instructions:

I'm not sure if the problem I am now currently having is the adware, or if it's Zombie Alert sticking around... both are just as frustrating, and the adware (seems) to have gone (I can't tell, but it seems MUCH better than before... perhaps they're just the normal ads...).

I do not have the original Windows CD/DVD available.

Step 1: The C:/AdwCleaner folder seems to have been deleted...
Step 2:
 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-09-2014 01
Ran by Owner (administrator) on OWNER-PC on 22-09-2014 00:45:17
Running from C:\Users\Owner\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\HitmanPro.exe
(Intel® Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Nike) C:\Program Files (x86)\Nike\Nike+ Connect\Nike+ Connect daemon.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ASUS) C:\Windows\AsScrPro.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_15_0_0_152_ActiveX.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\CompatTel\wicainventory.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2587944 2010-12-31] (ELAN Microelectronics Corp.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-03-21] (Alcor Micro Corp.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2188904 2011-01-17] (Realtek Semiconductor)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2319536 2011-10-18] (ASUS)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [Nike+ Connect] => C:\Program Files (x86)\Nike\Nike+ Connect\Nike+ Connect daemon.exe [71680 2014-04-09] (Nike)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4233013369-1694252847-3016774584-1000\...\Run: [Spotify] => "C:\Users\Owner\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
HKU\S-1-5-21-4233013369-1694252847-3016774584-1000\...\Run: [fastclean] => "C:\Program Files (x86)\FastClean PRO\fastcleanpro.exe"
HKU\S-1-5-21-4233013369-1694252847-3016774584-1000\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\S-1-5-21-4233013369-1694252847-3016774584-1000\...\MountPoints2: {ca3faf1f-e786-11e0-bea2-806e6f6e6963} - E:\Setup.exe
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet 2620 series.lnk
ShortcutTarget: Monitor Ink Alerts - HP Officejet 2620 series.lnk -> C:\Program Files\HP\HP Officejet 2620 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.us.msn.com/?pc=msnHomeST&ocid=msnHomepage
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.25

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF HKCU\...\Firefox\Extensions: [ConsumerInput@Compete] - C:\Program Files (x86)\Consumer Input\Firefox\ciff-3.2.0-12171.xpi

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2159.4\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2159.4\internal-nacl-plugin No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2159.4\pdf.dll ()
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-11-13]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-05]
CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-13]
CHR Extension: (Google Search) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-13]
CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-13]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2014-09-12] (SurfRight B.V.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13832 2010-04-16] ()

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-22 00:45 - 2014-09-22 00:45 - 00015350 _____ () C:\Users\Owner\Desktop\FRST.txt
2014-09-22 00:45 - 2014-09-22 00:45 - 00000000 ____D () C:\FRST
2014-09-22 00:44 - 2014-09-22 00:44 - 02105856 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe
2014-09-18 02:13 - 2014-09-18 02:13 - 00023002 _____ () C:\Users\Owner\Desktop\dds.txt
2014-09-18 02:13 - 2014-09-18 02:13 - 00007636 _____ () C:\Users\Owner\Desktop\attach.txt
2014-09-18 02:11 - 2014-09-18 02:11 - 00688992 ____R (Swearware) C:\Users\Owner\Desktop\dds.com
2014-09-16 21:45 - 2014-09-16 21:45 - 00401920 _____ (Farbar) C:\Users\Owner\Desktop\MiniToolBox.exe
2014-09-16 21:45 - 2014-09-16 21:45 - 00018053 _____ () C:\Users\Owner\Desktop\Result.txt
2014-09-14 00:37 - 2014-05-08 02:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-09-14 00:37 - 2014-05-08 02:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-09-14 00:37 - 2014-01-08 19:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-09-14 00:37 - 2014-01-03 15:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-09-13 07:20 - 2013-10-01 18:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-09-13 07:19 - 2013-10-01 19:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-09-13 07:19 - 2013-10-01 19:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-09-13 07:19 - 2013-10-01 19:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-09-13 07:19 - 2013-10-01 18:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-09-13 07:19 - 2013-10-01 18:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-09-13 07:19 - 2013-10-01 18:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-09-13 07:19 - 2013-10-01 17:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-09-13 07:19 - 2013-10-01 17:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-09-13 07:19 - 2013-10-01 17:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-09-13 07:19 - 2013-10-01 17:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-09-13 07:19 - 2013-10-01 17:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-09-13 07:19 - 2013-10-01 16:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-09-13 07:19 - 2013-10-01 16:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-09-13 07:19 - 2013-10-01 16:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-09-13 07:19 - 2013-10-01 15:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-09-13 07:18 - 2012-08-23 07:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-09-13 07:18 - 2012-08-23 07:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-09-13 07:18 - 2012-08-23 07:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2014-09-13 07:18 - 2012-08-23 04:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2014-09-13 07:18 - 2012-08-23 03:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2014-09-13 06:47 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-09-13 06:47 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-09-13 06:47 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-09-13 06:47 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-09-13 06:47 - 2014-07-08 19:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-09-13 06:47 - 2014-07-08 18:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-09-13 06:47 - 2014-07-08 18:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-09-13 06:47 - 2014-07-08 18:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-09-13 06:47 - 2014-07-08 18:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-09-13 06:47 - 2014-07-08 18:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-09-13 06:47 - 2014-07-08 15:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-09-13 06:47 - 2014-07-08 15:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-09-13 06:47 - 2012-05-04 04:00 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-13 06:47 - 2012-05-04 02:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-13 03:09 - 2014-08-18 15:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-13 03:09 - 2014-08-18 15:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-13 03:09 - 2014-08-18 14:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-13 03:09 - 2014-08-18 14:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-13 03:08 - 2014-08-19 11:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-13 03:08 - 2014-08-19 10:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-13 03:08 - 2014-08-18 16:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-13 03:08 - 2014-08-18 15:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-13 03:08 - 2014-08-18 15:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-13 03:08 - 2014-08-18 15:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-13 03:08 - 2014-08-18 15:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-13 03:08 - 2014-08-18 15:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-13 03:08 - 2014-08-18 15:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-13 03:08 - 2014-08-18 15:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-13 03:08 - 2014-08-18 15:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-13 03:08 - 2014-08-18 15:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-13 03:08 - 2014-08-18 15:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-13 03:08 - 2014-08-18 15:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-13 03:08 - 2014-08-18 15:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-13 03:08 - 2014-08-18 15:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-13 03:08 - 2014-08-18 15:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-13 03:08 - 2014-08-18 14:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-13 03:08 - 2014-08-18 14:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-13 03:08 - 2014-08-18 14:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-13 03:08 - 2014-08-18 14:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-13 03:08 - 2014-08-18 14:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-13 03:08 - 2014-08-18 14:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-13 03:08 - 2014-08-18 14:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-13 03:08 - 2014-08-18 14:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-13 03:08 - 2014-08-18 14:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-13 03:08 - 2014-08-18 14:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-13 03:08 - 2014-08-18 14:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-13 03:08 - 2014-08-18 14:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-13 03:08 - 2014-08-18 14:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-13 03:08 - 2014-08-18 14:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-13 03:08 - 2014-08-18 14:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-13 03:08 - 2014-08-18 14:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-13 03:08 - 2014-08-18 14:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-13 03:08 - 2014-08-18 14:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-13 03:08 - 2014-08-18 14:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-13 03:08 - 2014-08-18 14:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-13 03:08 - 2014-08-18 14:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-13 03:08 - 2014-08-18 14:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-13 03:08 - 2014-08-18 14:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-13 03:08 - 2014-08-18 14:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-13 03:08 - 2014-08-18 14:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-13 03:08 - 2014-08-18 14:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-13 03:08 - 2014-08-18 14:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-13 03:08 - 2014-08-18 14:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-13 03:08 - 2014-08-18 14:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-13 03:08 - 2014-08-18 14:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-13 03:08 - 2014-08-18 13:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-13 03:08 - 2014-08-18 13:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-13 03:08 - 2014-08-18 13:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-13 03:08 - 2014-08-18 13:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-13 03:08 - 2014-08-18 13:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-13 03:02 - 2014-06-26 19:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-13 03:02 - 2014-06-26 18:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-12 22:26 - 2014-08-01 04:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-12 22:26 - 2014-08-01 04:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-12 22:20 - 2014-06-23 20:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-12 22:20 - 2014-06-23 19:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-12 22:15 - 2014-07-06 19:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-12 22:15 - 2014-07-06 19:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-12 22:15 - 2014-07-06 18:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-12 22:15 - 2014-07-06 18:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-12 22:15 - 2014-07-06 18:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-12 22:13 - 2014-09-04 19:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-12 22:13 - 2014-09-04 19:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-12 22:11 - 2014-09-12 22:11 - 00035748 _____ () C:\Users\Owner\Desktop\HitmanPro_20140912_2211.log
2014-09-12 22:10 - 2014-09-12 22:10 - 00005926 _____ () C:\Windows\system32\.crusader
2014-09-12 21:44 - 2014-09-12 21:44 - 00001899 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-09-12 21:44 - 2014-09-12 21:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2014-09-12 21:44 - 2014-09-12 21:44 - 00000000 ____D () C:\Program Files\HitmanPro
2014-09-12 21:43 - 2014-09-12 22:15 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-09-12 21:40 - 2014-09-12 21:40 - 00019467 _____ () C:\Users\Owner\Desktop\Malwarebytes.txt
2014-09-06 03:37 - 2014-09-12 21:41 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-06 03:36 - 2014-09-06 03:36 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-06 03:36 - 2014-09-06 03:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-06 03:36 - 2014-09-06 03:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-06 03:36 - 2014-05-12 07:35 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-06 03:36 - 2014-05-12 07:35 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-06 03:36 - 2014-05-12 07:35 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-06 02:33 - 2014-09-06 02:34 - 00001622 _____ () C:\DelFix.txt
2014-09-06 02:08 - 2014-09-06 02:33 - 00000000 ____D () C:\Windows\ERUNT
2014-09-06 02:05 - 2014-09-06 02:04 - 00138744 _____ () C:\Windows\AsFac.log
2014-09-06 01:54 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-06 01:37 - 2014-09-06 01:38 - 11194928 _____ (SurfRight B.V.) C:\Users\Owner\Downloads\HitmanPro_x64.exe
2014-09-06 01:33 - 2014-09-06 01:34 - 17292208 _____ (Malwarebytes Corporation ) C:\Users\Owner\Desktop\mbam-setup.exe
2014-09-04 23:28 - 2014-09-04 23:28 - 00001997 _____ () C:\Users\Public\Desktop\HP Photo Creations.lnk
2014-09-04 23:28 - 2014-09-04 23:28 - 00000000 ____D () C:\ProgramData\Visan
2014-09-04 23:28 - 2014-09-04 23:28 - 00000000 ____D () C:\ProgramData\HP Photo Creations
2014-09-04 23:28 - 2014-09-04 23:28 - 00000000 ____D () C:\Program Files (x86)\HP Photo Creations
2014-09-04 23:28 - 2014-09-04 23:28 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-09-04 23:27 - 2014-09-04 23:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-09-04 23:27 - 2014-09-04 23:27 - 00002238 _____ () C:\Users\Public\Desktop\HP Officejet 2620 series.lnk
2014-09-04 23:27 - 2014-09-04 23:27 - 00001175 _____ () C:\Users\Public\Desktop\Shop for Supplies - HP Officejet 2620 series.lnk
2014-09-04 23:26 - 2014-09-04 23:27 - 00000000 ____D () C:\Program Files (x86)\HP
2014-09-04 23:26 - 2014-09-04 23:26 - 00000000 ____D () C:\Program Files\HP
2014-09-04 23:24 - 2014-09-04 23:24 - 00000057 _____ () C:\ProgramData\Ament.ini
2014-09-04 23:23 - 2014-09-04 23:28 - 00000000 ____D () C:\Users\Owner\AppData\Local\HP
2014-09-04 23:06 - 2014-09-04 23:06 - 00000000 ____D () C:\Users\Owner\Documents\OneNote Notebooks
2014-09-03 19:56 - 2014-09-05 11:13 - 00000000 ____D () C:\ProgramData\19ecc5cf5478a1c6
2014-08-27 12:17 - 2014-08-22 19:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 12:17 - 2014-08-22 18:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 12:17 - 2014-08-22 17:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-25 17:08 - 2014-08-25 19:35 - 00001820 _____ () C:\Users\Ashley\Documents\Red Thai Curry Sauce.txt
2014-08-25 17:06 - 2014-08-25 17:06 - 00002682 _____ () C:\Users\Ashley\Documents\Green Curry Soup.txt
2014-08-25 17:01 - 2014-08-25 17:01 - 00000446 _____ () C:\Users\Ashley\Documents\Coconut Curry.txt
2014-08-25 16:58 - 2014-08-25 19:37 - 00001702 _____ () C:\Users\Ashley\Documents\Zucchini & Cauliflower Curry.txt

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-22 00:45 - 2014-09-22 00:45 - 00015350 _____ () C:\Users\Owner\Desktop\FRST.txt
2014-09-22 00:45 - 2014-09-22 00:45 - 00000000 ____D () C:\FRST
2014-09-22 00:44 - 2014-09-22 00:44 - 02105856 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe
2014-09-22 00:43 - 2011-09-25 07:50 - 01616678 _____ () C:\Windows\WindowsUpdate.log
2014-09-22 00:42 - 2012-12-21 13:44 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{E6BA00C8-E695-42C1-93CE-D86122266BF0}
2014-09-22 00:37 - 2013-01-01 11:58 - 00024378 _____ () C:\Windows\setupact.log
2014-09-22 00:37 - 2011-09-25 08:04 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2014-09-22 00:37 - 2011-04-01 21:36 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-22 00:37 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-20 09:20 - 2012-11-10 18:15 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Skype
2014-09-20 09:19 - 2011-04-01 21:36 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-20 09:19 - 2009-07-13 21:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-20 09:19 - 2009-07-13 21:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-20 09:06 - 2012-04-20 16:02 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-18 02:13 - 2014-09-18 02:13 - 00023002 _____ () C:\Users\Owner\Desktop\dds.txt
2014-09-18 02:13 - 2014-09-18 02:13 - 00007636 _____ () C:\Users\Owner\Desktop\attach.txt
2014-09-18 02:11 - 2014-09-18 02:11 - 00688992 ____R (Swearware) C:\Users\Owner\Desktop\dds.com
2014-09-16 21:45 - 2014-09-16 21:45 - 00401920 _____ (Farbar) C:\Users\Owner\Desktop\MiniToolBox.exe
2014-09-16 21:45 - 2014-09-16 21:45 - 00018053 _____ () C:\Users\Owner\Desktop\Result.txt
2014-09-16 18:31 - 2012-04-05 20:30 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-09-14 19:45 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2014-09-14 19:06 - 2014-07-05 14:30 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-09-14 19:05 - 2009-07-13 21:45 - 00408800 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-14 01:43 - 2011-09-25 08:02 - 00001561 _____ () C:\Windows\system32\ServiceFilter.ini
2014-09-14 00:28 - 2009-07-13 20:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-14 00:26 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-09-13 07:23 - 2011-09-25 07:54 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-09-13 07:18 - 2013-07-29 21:20 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-13 07:01 - 2011-11-23 12:49 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-13 03:07 - 2013-01-30 22:57 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-13 03:05 - 2012-01-24 23:17 - 00804978 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-13 03:05 - 2009-07-13 22:13 - 00804978 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-13 03:04 - 2013-01-30 23:16 - 00002119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-09-13 03:04 - 2013-01-30 23:16 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-09-13 03:03 - 2013-01-30 23:16 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-09-13 03:03 - 2013-01-30 23:15 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-09-13 03:02 - 2014-05-05 20:48 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-12 23:08 - 2012-04-20 16:02 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-12 23:08 - 2012-04-20 16:02 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-12 23:08 - 2011-12-30 18:53 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-12 22:15 - 2014-09-12 21:43 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-09-12 22:11 - 2014-09-12 22:11 - 00035748 _____ () C:\Users\Owner\Desktop\HitmanPro_20140912_2211.log
2014-09-12 22:10 - 2014-09-12 22:10 - 00005926 _____ () C:\Windows\system32\.crusader
2014-09-12 21:44 - 2014-09-12 21:44 - 00001899 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-09-12 21:44 - 2014-09-12 21:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2014-09-12 21:44 - 2014-09-12 21:44 - 00000000 ____D () C:\Program Files\HitmanPro
2014-09-12 21:41 - 2014-09-06 03:37 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-12 21:41 - 2012-03-23 22:27 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\HpUpdate
2014-09-12 21:40 - 2014-09-12 21:40 - 00019467 _____ () C:\Users\Owner\Desktop\Malwarebytes.txt
2014-09-12 21:35 - 2013-01-01 11:58 - 00195554 _____ () C:\Windows\PFRO.log
2014-09-06 04:48 - 2014-07-05 12:07 - 00000000 ____D () C:\ProgramData\AZNqUXjpkW
2014-09-06 04:48 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\Help
2014-09-06 03:36 - 2014-09-06 03:36 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-06 03:36 - 2014-09-06 03:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-06 03:36 - 2014-09-06 03:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-06 03:36 - 2012-12-12 20:43 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-06 02:34 - 2014-09-06 02:33 - 00001622 _____ () C:\DelFix.txt
2014-09-06 02:33 - 2014-09-06 02:08 - 00000000 ____D () C:\Windows\ERUNT
2014-09-06 02:04 - 2014-09-06 02:05 - 00138744 _____ () C:\Windows\AsFac.log
2014-09-06 01:57 - 2014-07-05 12:09 - 00001106 _____ () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-09-06 01:38 - 2014-09-06 01:37 - 11194928 _____ (SurfRight B.V.) C:\Users\Owner\Downloads\HitmanPro_x64.exe
2014-09-06 01:34 - 2014-09-06 01:33 - 17292208 _____ (Malwarebytes Corporation ) C:\Users\Owner\Desktop\mbam-setup.exe
2014-09-05 11:13 - 2014-09-03 19:56 - 00000000 ____D () C:\ProgramData\19ecc5cf5478a1c6
2014-09-04 23:28 - 2014-09-04 23:28 - 00001997 _____ () C:\Users\Public\Desktop\HP Photo Creations.lnk
2014-09-04 23:28 - 2014-09-04 23:28 - 00000000 ____D () C:\ProgramData\Visan
2014-09-04 23:28 - 2014-09-04 23:28 - 00000000 ____D () C:\ProgramData\HP Photo Creations
2014-09-04 23:28 - 2014-09-04 23:28 - 00000000 ____D () C:\Program Files (x86)\HP Photo Creations
2014-09-04 23:28 - 2014-09-04 23:28 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-09-04 23:28 - 2014-09-04 23:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-09-04 23:28 - 2014-09-04 23:23 - 00000000 ____D () C:\Users\Owner\AppData\Local\HP
2014-09-04 23:27 - 2014-09-04 23:27 - 00002238 _____ () C:\Users\Public\Desktop\HP Officejet 2620 series.lnk
2014-09-04 23:27 - 2014-09-04 23:27 - 00001175 _____ () C:\Users\Public\Desktop\Shop for Supplies - HP Officejet 2620 series.lnk
2014-09-04 23:27 - 2014-09-04 23:26 - 00000000 ____D () C:\Program Files (x86)\HP
2014-09-04 23:26 - 2014-09-04 23:26 - 00000000 ____D () C:\Program Files\HP
2014-09-04 23:26 - 2012-03-23 22:20 - 00000000 ____D () C:\ProgramData\HP
2014-09-04 23:24 - 2014-09-04 23:24 - 00000057 _____ () C:\ProgramData\Ament.ini
2014-09-04 23:06 - 2014-09-04 23:06 - 00000000 ____D () C:\Users\Owner\Documents\OneNote Notebooks
2014-09-04 19:10 - 2014-09-12 22:13 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-04 19:05 - 2014-09-12 22:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-03 20:37 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-27 12:10 - 2013-11-12 00:24 - 00000000 ____D () C:\Users\Ashley\AppData\Local\80AAF2C6-7528-4165-9861-0A4435BFE614.aplzod
2014-08-25 19:37 - 2014-08-25 16:58 - 00001702 _____ () C:\Users\Ashley\Documents\Zucchini & Cauliflower Curry.txt
2014-08-25 19:35 - 2014-08-25 17:08 - 00001820 _____ () C:\Users\Ashley\Documents\Red Thai Curry Sauce.txt
2014-08-25 17:06 - 2014-08-25 17:06 - 00002682 _____ () C:\Users\Ashley\Documents\Green Curry Soup.txt
2014-08-25 17:01 - 2014-08-25 17:01 - 00000446 _____ () C:\Users\Ashley\Documents\Coconut Curry.txt
2014-08-25 14:44 - 2011-11-23 12:31 - 00000000 ____D () C:\Users\Owner

Some content of TEMP:
====================
C:\Users\Owner\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Owner\AppData\Local\Temp\drm_dyndata_7350007.dll
C:\Users\Owner\AppData\Local\Temp\Quarantine.exe
C:\Users\Owner\AppData\Local\Temp\SfpcHelper_installFinish.exe
C:\Users\Owner\AppData\Local\Temp\SfpcHelper_installStart.exe
C:\Users\Owner\AppData\Local\Temp\temp0NikeConnectconnect6pcupdate.exe
C:\Users\Owner\AppData\Local\Temp\temp1NikeConnectconnect6pcupdate.exe
C:\Users\Owner\AppData\Local\Temp\uninst1.exe
C:\Users\Owner\AppData\Local\Temp\vp.exe
C:\Users\Owner\AppData\Local\Temp\_is1D4F.exe
C:\Users\Owner\AppData\Local\Temp\_is7197.exe
C:\Users\Owner\AppData\Local\Temp\_is8CE3.exe
C:\Users\Owner\AppData\Local\Temp\_is9971.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-09-16 19:02

==================== End Of Log ============================


 



 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-09-2014 01
Ran by Owner at 2014-09-22 00:47:34
Running from C:\Users\Owner\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.2.0117.08443 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.2.0117.08443 - Alcor Micro Corp.) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.24 - ASUS)
ASUS FaceLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0013 - ASUS)
ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.1.0 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.28 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.50 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0037 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.24 - asus)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.84.161 - eCareme Technologies, Inc.)
AsusScr_K3 Series_ENG (HKLM-x32\...\AsusScr_K3 Series_ENG) (Version: 1.0.0001 - ASUS)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.4.617 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0008 - ASUS)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 3.17 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1908 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.1.3602c - CyberLink Corp.) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version:  - Microsoft)
ETDWare PS/2-X64 8.0.5.1_WHQL (HKLM\...\Elantech) (Version: 8.0.5.1 - ELAN Microelectronic Corp.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.9 - ASUS)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2159.4 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.225 - SurfRight B.V.)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet 2620 series Basic Device Software (HKLM\...\{66B122CE-42ED-4143-94D2-B28575A4619F}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
iCloud (HKLM\...\{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}) (Version: 3.0.2.163 - Apple Inc.)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel® Turbo Boost Technology Monitor (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.400.4 - Intel)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Medieval II Total War (HKLM-x32\...\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Britannia (HKLM-x32\...\{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Crusades (HKLM-x32\...\{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}) (Version: 1.03.000 - SEGA)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.6.0305.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual J# .NET Redistributable Package 1.1 (HKLM-x32\...\{1A655D51-1423-48A3-B748-8F5A0BE294C8}) (Version: 1.1.4322 - Microsoft)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nike+ Connect (HKLM-x32\...\Nike+ Connect) (Version: 6.3.18 - Nike)
Nuance PDF Reader (HKLM-x32\...\{B480904D-F73F-4673-B034-8A5F492C9184}) (Version: 6.00.0041 - Nuance Communications, Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6304 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.0175 - REALTEK Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sonic Focus (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.00.0000 - Virage Logic, Corp.)
syncables desktop SE (HKLM-x32\...\{341697D8-9923-445E-B42A-529E5A99CB7A}) (Version: 5.5.746.11492 - syncables)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9179FC17-97A8-4D98-9E09-05720AF5D44E}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.32.3 - ASUS)
Wireless Console 3 (HKLM-x32\...\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}) (Version: 3.0.25 - ASUS)
Zombie Alert (HKLM-x32\...\ZombieAlert) (Version: 2.7.19 - Creative Island Media, LLC) <==== ATTENTION

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points  =========================

06-09-2014 09:34:23 End of disinfection
13-09-2014 04:40:07 Windows Update
13-09-2014 04:59:51 Checkpoint by HitmanPro
13-09-2014 05:09:37 Checkpoint by HitmanPro
13-09-2014 10:00:32 Windows Update
13-09-2014 13:43:54 Checkpoint by HitmanPro
13-09-2014 14:00:55 Windows Update
14-09-2014 08:46:13 Windows Update
16-09-2014 07:23:05 Checkpoint by HitmanPro
18-09-2014 08:15:19 Windows Update
19-09-2014 01:29:14 Checkpoint by HitmanPro

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {086A7028-CC26-4530-80B5-6100E5051706} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2011-12-06] (ASUS)
Task: {0E170835-29A9-44CF-B9A1-94573D708D3D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-01] (Google Inc.)
Task: {4C85F90E-FEB5-445C-81D1-C6AEE751E184} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-01] (Google Inc.)
Task: {594BD864-7F2D-42F1-98AB-979EB91542AA} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: {63BA6AE5-BD86-4D54-9E90-E6DA8DB74FB2} - \Microsoft\Windows\Maintenance\Idle-Crawler Update No Task File <==== ATTENTION
Task: {6DD42D9B-F8AA-4E69-B0BF-998C789A87B1} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: {6E68C0E5-176D-4D5B-8C72-D0AC5292EBF2} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-09-14] (Apple Inc.)
Task: {77B47F77-386F-4233-BD95-D6CF3DBDF8E2} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2011-11-15] (ASUS)
Task: {8038D8DB-787C-4F19-8C41-BE6D2ACCF68C} - System32\Tasks\4704 => Wscript.exe C:\Users\Owner\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {8AE29E38-A3CC-46A0-8B55-F097670137F2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-12] (Adobe Systems Incorporated)
Task: {A69F5A6E-71B3-47A1-B937-4239E13AD5DF} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe [2011-10-03] (ASUS)
Task: {C23702A2-59C2-4FB8-AEB9-46CEA6B46E99} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-07-14 17:11 - 2010-07-14 17:11 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2011-05-08 20:27 - 2011-03-06 05:07 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-09-16 18:37 - 2014-09-15 19:44 - 01392456 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2159.4\libglesv2.dll
2014-09-16 18:37 - 2014-09-15 19:44 - 00204616 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2159.4\libegl.dll
2014-09-16 18:37 - 2014-09-15 19:44 - 10653000 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2159.4\pdf.dll
2014-09-16 18:37 - 2014-09-15 19:44 - 01854792 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2159.4\ffmpegsumo.dll
2012-11-28 15:13 - 2012-11-28 15:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 15:13 - 2012-11-28 15:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-12-06 17:21 - 2011-12-06 17:21 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2007-07-12 12:11 - 2007-07-12 12:11 - 01163264 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
2009-11-02 14:20 - 2009-11-02 14:20 - 00619816 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 14:23 - 2009-11-02 14:23 - 00013096 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:373E1720

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: ASUSPRP => "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
MSCONFIG\startupreg: ASUSWebStorage => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: Nuance PDF Reader-reminder => "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Setwallpaper => c:\programdata\SetWallpaper.cmd
MSCONFIG\startupreg: SonicMasterTray => C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe

==================== Faulty Device Manager Devices =============

Name: Photosmart C4700 series
Description: Photosmart C4700 series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (09/13/2014 00:38:00 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17239 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1238

Start Time: 01cfcf25595bfb3f

Termination Time: 63

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (09/12/2014 10:14:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17239 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 9f8

Start Time: 01cfcf117ce4e05e

Termination Time: 31

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (09/12/2014 10:13:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17239 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1550

Start Time: 01cfcf0c46b7384a

Termination Time: 62

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (09/12/2014 10:10:47 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000204,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,000000000119EB00.72).  hr = 0x80070005, Access is denied.
.

Error: (09/12/2014 10:10:47 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x000002fc,(null),0,REG_BINARY,00000000037BDF70.72).  hr = 0x80070005, Access is denied.
.

Operation:
   BackupShutdown Event

Context:
   Execution Context: Writer
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {166fcb37-aa28-40be-a6fd-f6c71c69b3c2}

Error: (09/12/2014 10:10:47 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x000002fc,(null),0,REG_BINARY,00000000037BDF70.72).  hr = 0x80070005, Access is denied.
.

Operation:
   BackupShutdown Event

Context:
   Execution Context: Writer
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {166fcb37-aa28-40be-a6fd-f6c71c69b3c2}

Error: (09/12/2014 10:10:47 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x000006bc,(null),0,REG_BINARY,000000001349E260.72).  hr = 0x80070005, Access is denied.
.

Operation:
   BackupShutdown Event

Context:
   Execution Context: Writer
   Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Writer Name: WMI Writer
   Writer Instance ID: {d96054e7-a242-4599-a028-c82382caed02}

Error: (09/12/2014 10:10:47 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x000001a0,SYSTEM\CurrentControlSet\Services\VSS\Diag\Registry Writer,0,REG_BINARY,000000000129E880.72).  hr = 0x80070005, Access is denied.
.

Operation:
   BackupShutdown Event

Context:
   Execution Context: Writer
   Writer Class Id: {afbab4a2-367d-4d15-a586-71dbb18f8485}
   Writer Name: Registry Writer
   Writer Instance ID: {2c1783d5-f6c0-4ddd-9e51-8a4247124d48}

Error: (09/12/2014 10:10:47 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x000006bc,(null),0,REG_BINARY,000000001349E260.72).  hr = 0x80070005, Access is denied.
.

Operation:
   BackupShutdown Event

Context:
   Execution Context: Writer
   Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Writer Name: WMI Writer
   Writer Instance ID: {d96054e7-a242-4599-a028-c82382caed02}

Error: (09/12/2014 10:10:47 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x000001fc,SYSTEM\CurrentControlSet\Services\VSS\Diag\Shadow Copy Optimization Writer,0,REG_BINARY,00000000025DEBC0.72).  hr = 0x80070005, Access is denied.
.

Operation:
   BackupShutdown Event

Context:
   Execution Context: Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {736c58a6-bed4-43ac-9ba4-0be7707bfb3a}

System errors:
=============
Error: (09/17/2014 00:02:21 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP      :1d" could not be registered on the interface with IP address 192.168.0.70.
The computer with the IP address 192.168.0.8 did not allow the name to be claimed by
this computer.

Error: (09/14/2014 01:46:39 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (09/12/2014 10:17:15 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The HitmanPro 3.7 Crusader (Boot) service terminated with service-specific error %%0.

Error: (09/12/2014 10:12:57 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5

Error: (09/12/2014 10:12:40 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5

Error: (09/12/2014 10:12:31 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5

Error: (09/12/2014 10:12:16 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5

Microsoft Office Sessions:
=========================
Error: (09/13/2014 00:38:00 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17239123801cfcf25595bfb3f63C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (09/12/2014 10:14:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.172399f801cfcf117ce4e05e31C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (09/12/2014 10:13:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17239155001cfcf0c46b7384a62C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (09/12/2014 10:10:47 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x00000204,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,000000000119EB00.72)0x80070005, Access is denied.

Error: (09/12/2014 10:10:47 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x000002fc,(null),0,REG_BINARY,00000000037BDF70.72)0x80070005, Access is denied.

Operation:
   BackupShutdown Event

Context:
   Execution Context: Writer
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {166fcb37-aa28-40be-a6fd-f6c71c69b3c2}

Error: (09/12/2014 10:10:47 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x000002fc,(null),0,REG_BINARY,00000000037BDF70.72)0x80070005, Access is denied.

Operation:
   BackupShutdown Event

Context:
   Execution Context: Writer
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {166fcb37-aa28-40be-a6fd-f6c71c69b3c2}

Error: (09/12/2014 10:10:47 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x000006bc,(null),0,REG_BINARY,000000001349E260.72)0x80070005, Access is denied.

Operation:
   BackupShutdown Event

Context:
   Execution Context: Writer
   Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Writer Name: WMI Writer
   Writer Instance ID: {d96054e7-a242-4599-a028-c82382caed02}

Error: (09/12/2014 10:10:47 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x000001a0,SYSTEM\CurrentControlSet\Services\VSS\Diag\Registry Writer,0,REG_BINARY,000000000129E880.72)0x80070005, Access is denied.

Operation:
   BackupShutdown Event

Context:
   Execution Context: Writer
   Writer Class Id: {afbab4a2-367d-4d15-a586-71dbb18f8485}
   Writer Name: Registry Writer
   Writer Instance ID: {2c1783d5-f6c0-4ddd-9e51-8a4247124d48}

Error: (09/12/2014 10:10:47 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x000006bc,(null),0,REG_BINARY,000000001349E260.72)0x80070005, Access is denied.

Operation:
   BackupShutdown Event

Context:
   Execution Context: Writer
   Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Writer Name: WMI Writer
   Writer Instance ID: {d96054e7-a242-4599-a028-c82382caed02}

Error: (09/12/2014 10:10:47 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x000001fc,SYSTEM\CurrentControlSet\Services\VSS\Diag\Shadow Copy Optimization Writer,0,REG_BINARY,00000000025DEBC0.72)0x80070005, Access is denied.

Operation:
   BackupShutdown Event

Context:
   Execution Context: Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {736c58a6-bed4-43ac-9ba4-0be7707bfb3a}

==================== Memory info ===========================

Processor: Intel® Core™ i5-2430M CPU @ 2.40GHz
Percentage of memory in use: 56%
Total physical RAM: 3874.21 MB
Available physical RAM: 1702.98 MB
Total Pagefile: 7746.61 MB
Available Pagefile: 5238.17 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:80.52 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:254.45 GB) (Free:254.35 GB) NTFS
Drive e: (HP OJ2620) (CDROM) (Total:0.48 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: AA9693FE)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=186.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=254.5 GB) - (Type=OF Extended)

==================== End Of Log ============================


 



#4 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:07:09 PM

Posted 22 September 2014 - 05:58 PM

Hello again Chivalry,
 

thank you!

It's my pleasure! :)
 

Do you know of sites that shouldn't have ads, to test for adware?

Not exactly, but that's what we're here for! :thumbup2:
 
==========
 
Okay, let's begin with the following steps:

Step :step1:

We need to run a fix with FRST:

  • Please download the attached fixlist.txt file and save it to the same location as FRST
    Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
    Attached File  fixlist.txt   834bytes   2 downloads
  • Run FRST.exe/FRST64.exe and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply

==========

Step :step2:

Please download Malwarebytes Anti-Malware photo.jpg?sz=48 and save it to your desktop.

  • Double-click on the setup file (mbam-setup.exe), then click on Run to install.
  • Malwarebytes will automatically open to it's Dashboard. If you have never run this version, you should see a red note at the top indicating "A scan has never been run on your system"

    malwarebytes-anti-malware-fix-now.jpg
    .
  • Click on Update Now to download the current database definitions, then click the Scan Now >> button.
    .
  • If you have run this version before, you should see a green note at the top indicating "Your system is fully protected".
  • You will be prompted to update Malwarebytes...click on the Update Now button.

    malwarebytes-anti-malware-2-0-update-now
    .
  • The THREAT SCAN will automatically begin.

    malwarebytes-anti-malware-scan.jpg
    .
  • When the scan has completed, the results will be displayed. Click on Quarantine All, then click on Apply Actions.

    malwarebytes-anti-malware-potential-thre
    .
  • To complete any actions taken you will be prompted to restart your computer...click on Yes. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

    mbam4_zps490948cc.png
    .
  • After rebooting the computer, copy and past the mbam.log in your next reply.

.
To retrieve the Malwarebytes Anti-Malware 2.0 scan log information (Method 1)

  • Open Malwarebytes Anti-Malware.
  • Click the History Tab at the top and select Application Logs.
  • Select (check) the box next to Scan Log. Choose the most current scan.
  • Click the View button.
  • Click Copy to Clipboard at the bottom...come back to this thread, click Add Reply, then right-click and choose Paste.
  • Alternatively, you can click Export and save the log as a .txt file on your Desktop or another location.
  • Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

To retrieve the Malwarebytes Anti-Malware 2.0 scan log information (Method 2)

  • Open Malwarebytes Anti-Malware.
  • Click the Scan Tab at the top.
  • Click the View detailed log link on the right.
  • Click Copy to Clipboard at the bottom...come back to this thread, click Add Reply, then right-click and choose Paste.
  • Alternatively, you can click Export and save the log as a .txt file on your Desktop or another location.
  • Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

Logs are named by the date of scan in the following format: mbam-log-yyyy-mm-dd and automatically saved to the following locations:
-- XP: C:\Documents and Settings\<Username>\Application Data\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-yyyy-mm-dd
-- Vista, Windows 7/8: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-yyyy-mm-dd


====================

In your next reply, please include the following:

  • The Fixlog.txt from FRST
  • The MBAM log
  • How is the machine running now?

bloopie



#5 Chivalry

Chivalry
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:04:09 PM

Posted 22 September 2014 - 10:44 PM

Heya Bloopie,

I find that my computer (seems) to be running in tip top shape.
No ads to speak of... they may be hiding.
Zombie Alert is still lurking in the shadows
ATTACHED is a picture of the said program.
Attached File  the ninja zombie.png   639.68KB   0 downloads


 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 21-09-2014 01
Ran by Owner at 2014-09-22 19:34:54 Run:1
Running from C:\Users\Owner\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-4233013369-1694252847-3016774584-1000\...\Run: [fastclean] => "C:\Program Files (x86)\FastClean PRO\fastcleanpro.exe"
C:\Program Files (x86)\FastClean PRO\fastcleanpro.exe
HKU\S-1-5-21-4233013369-1694252847-3016774584-1000\...\MountPoints2: {ca3faf1f-e786-11e0-bea2-806e6f6e6963} - E:\Setup.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
Task: {8038D8DB-787C-4F19-8C41-BE6D2ACCF68C} - System32\Tasks\4704 => Wscript.exe C:\Users\Owner\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:373E1720
cmd dir C:\ProgramData\19ecc5cf5478a1c6
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKU\S-1-5-21-4233013369-1694252847-3016774584-1000\Software\Microsoft\Windows\CurrentVersion\Run\\fastclean => value deleted successfully.
"C:\Program Files (x86)\FastClean PRO\fastcleanpro.exe" => File/Directory not found.
"HKU\S-1-5-21-4233013369-1694252847-3016774584-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ca3faf1f-e786-11e0-bea2-806e6f6e6963}" => Key deleted successfully.
"HKCR\CLSID\{ca3faf1f-e786-11e0-bea2-806e6f6e6963}" => Key not found.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8038D8DB-787C-4F19-8C41-BE6D2ACCF68C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8038D8DB-787C-4F19-8C41-BE6D2ACCF68C}" => Key deleted successfully.
C:\Windows\System32\Tasks\4704 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\4704" => Key deleted successfully.
C:\ProgramData\Temp => ":373E1720" ADS removed successfully.
cmd dir C:\ProgramData\19ecc5cf5478a1c6 => Error: No automatic fix found for this entry.

The system needed a reboot.

==== End of Fixlog ====




Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 9/22/2014
Scan Time: 7:54:49 PM





Logfile:
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.09.23.02
Rootkit Database: v2014.09.19.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Owner

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 358666
Time Elapsed: 25 min, 59 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 2
PUP.Optional.Superfish.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, Quarantined, [17f7d51c67146bcba1c764bf38cbe917],
PUP.Optional.Superfish.A, C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, Quarantined, [d836eb0656258caadc8c9a895fa48c74],

Physical Sectors: 0
(No malicious items detected)

(end)



#6 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:07:09 PM

Posted 23 September 2014 - 06:04 PM

Hello again Chivalry,
 
Glad to hear your system is running well otherwise... Do you see any ill effects from Zombie Alert, other than that it still shows in the Add/Remove programs list?
 
====================

 

I made a minor typographical mistake in my FRST script, but we'll take take care of that with another script later. For now, let's run these two programs next and see their reports:

Step :step1:

Please download aswMBR ( 4.5MB ) to your desktop.

  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.

==========

Step :step2:

Run Combofix


Before you run Combofix I will need you to turn off any security software you have running (Microsoft Security Essentials), If you do not know how to do this you can find out here or here

Combofix may need to reboot your computer more than once to do its job...this is normal.

You can download Combofix from one of these links.

  • Close any open browsers or any other programs that are open.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Double click on combofix.exe & follow the prompts.
  • When finished, it will produce a report for you C:\Combofix.txt. Please include that in your next reply.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

====================

Please post both both requested logs in your next reply, and let me know if you have any trouble with either program!

bloopie



#7 Chivalry

Chivalry
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:04:09 PM

Posted 23 September 2014 - 11:38 PM

Looking around on this computer, I find that Opera Browser used to be installed. (just bit of info)


Zombie Alert (from what I can tell) is doing nothing at all.
just a seed ready to spring up some weeds...



aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-09-23 19:16:18
-----------------------------
19:16:18.208    OS Version: Windows x64 6.1.7601 Service Pack 1
19:16:18.208    Number of processors: 4 586 0x2A07
19:16:18.208    ComputerName: OWNER-PC  UserName: Owner
19:16:19.346    Initialize success
19:16:19.487    VM: initialized successfully
19:16:19.502    VM: Intel CPU supported
19:16:27.868    VM: supported disk I/O iaStor.sys
19:33:25.630    AVAST engine defs: 14092301
19:40:10.092    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:40:10.107    Disk 0 Vendor: Hitachi_ JE3O Size: 476940MB BusType: 3
19:40:10.294    VM: Disk 0 MBR read successfully
19:40:10.294    Disk 0 MBR scan
19:40:10.450    Disk 0 Windows 7 default MBR code
19:40:10.482    Disk 0 Partition 1 00     1C Hidd FAT32 LBA MSDOS5.0    25600 MB offset 2048
19:40:10.513    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       190776 MB offset 52430848
19:40:10.544    Disk 0 default boot code
19:40:10.622    Disk 0 Partition - 00     0F Extended LBA            260562 MB offset 443140096
19:40:10.653    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       260561 MB offset 443142144
19:40:11.449    Disk 0 scanning C:\Windows\system32\drivers
19:40:36.115    Service scanning
19:41:42.256    Modules scanning
19:41:42.272    Disk 0 trace - called modules:
19:41:42.303    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
19:41:42.318    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800667e060]
19:41:42.334    3 CLASSPNP.SYS[fffff88001a6143f] -> nt!IofCallDriver -> [0xfffffa800476c630]
19:41:42.350    5 ACPI.sys[fffff88000f427a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004773050]
19:41:44.706    AVAST engine scan C:\Windows
19:41:50.698    AVAST engine scan C:\Windows\system32
19:47:36.595    AVAST engine scan C:\Windows\system32\drivers
19:47:53.884    AVAST engine scan C:\Users\Owner
19:49:17.882    File: C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0JYG5HLQ\SocialMedia_Login.exe  **INFECTED** Win32:Adware-gen [Adw]
19:53:09.293    File: C:\Users\Owner\AppData\Local\Temp\ICReinstall_nsbDC2D.tmp  **INFECTED** Win32:Dropper-gen [Drp]
19:53:10.261    File: C:\Users\Owner\AppData\Local\Temp\is45637729\1906135_stp\AnyProtectScannerSetup.exe  **INFECTED** Win32:Dropper-gen [Drp]
19:53:10.417    File: C:\Users\Owner\AppData\Local\Temp\is45637729\1909816_stp\AnyProtectScannerSetup.exe  **INFECTED** Win32:Dropper-gen [Drp]
19:53:11.134    File: C:\Users\Owner\AppData\Local\Temp\is45637729\2020184_stp\AnyProtectScannerSetup.exe  **INFECTED** Win32:Dropper-gen [Drp]
19:53:20.557    File: C:\Users\Owner\AppData\Local\Temp\nsbDC2D.tmp  **INFECTED** Win32:Dropper-gen [Drp]
19:53:23.786    File: C:\Users\Owner\AppData\Local\Temp\vp.exe  **INFECTED** Win32:Dropper-gen [Drp]
20:01:33.143    AVAST engine scan C:\ProgramData
20:05:38.864    Scan finished successfully
20:15:19.088    Disk 0 MBR has been saved successfully to "C:\Users\Owner\Desktop\MBR.dat"
20:15:19.104    The log file has been saved successfully to "C:\Users\Owner\Desktop\aswMBR.txt"

ComboFix 14-09-22.01 - Owner 09/23/2014  20:21:13.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3874.2278 [GMT -7:00]
Running from: c:\users\Owner\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Microsoft Security Essentials *Disabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkpcjfgdlfelfjldoebklcimbekfeami
c:\users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkpcjfgdlfelfjldoebklcimbekfeami\166\background.html
c:\users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkpcjfgdlfelfjldoebklcimbekfeami\166\content.js
c:\users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkpcjfgdlfelfjldoebklcimbekfeami\166\lsdb.js
c:\users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkpcjfgdlfelfjldoebklcimbekfeami\166\manifest.json
c:\users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkpcjfgdlfelfjldoebklcimbekfeami\166\MnVghoLp.js
c:\users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkpcjfgdlfelfjldoebklcimbekfeami\166\Y0wg.js
c:\users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkpcjfgdlfelfjldoebklcimbekfeami\166\yr.js
c:\users\Ashley\AppData\Local\Google\Chrome\User Data\Default\preferences
c:\users\Owner\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\{FF76FAF0-E5EE-4D38-9492-8D1EF0BF002E}.xps
c:\windows\SysWow64\SET967C.tmp
c:\windows\SysWow64\SETCF5D.tmp
.
.
(((((((((((((((((((((((((   Files Created from 2014-08-24 to 2014-09-24  )))))))))))))))))))))))))))))))
.
.
2014-09-24 03:31 . 2014-09-24 03:31 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-09-24 03:31 . 2014-09-24 03:31 -------- d-----w- c:\users\Ashley\AppData\Local\temp
2014-09-24 02:33 . 2014-09-17 01:36 1188440 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5F0BAE53-B644-4D51-9DD8-134DF395BE33}\gapaengine.dll
2014-09-24 02:32 . 2014-09-09 02:05 11578928 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0733E0BD-F7E0-412E-8A9C-3FD4CC98EE9A}\mpengine.dll
2014-09-22 07:50 . 2014-09-09 02:05 11578928 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-09-22 07:45 . 2014-09-23 02:35 -------- d-----w- C:\FRST
2014-09-17 01:39 . 2014-09-17 01:36 1188440 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{32C8A774-D625-46D9-A50C-72722D565D62}\gapaengine.dll
2014-09-14 07:37 . 2014-05-08 09:32 16384 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2014-09-14 07:37 . 2014-05-08 09:32 3178496 ----a-w- c:\windows\system32\rdpcorets.dll
2014-09-14 07:37 . 2014-01-09 02:22 5694464 ----a-w- c:\windows\SysWow64\mstscax.dll
2014-09-14 07:37 . 2014-01-03 22:44 6574592 ----a-w- c:\windows\system32\mstscax.dll
2014-09-13 14:20 . 2013-10-02 01:10 44544 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
2014-09-13 14:20 . 2013-10-02 04:38 3072 ----a-w- c:\windows\system32\drivers\en-US\tsusbflt.sys.mui
2014-09-13 14:18 . 2012-08-23 14:10 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2014-09-13 14:18 . 2012-08-23 14:08 30208 ----a-w- c:\windows\system32\drivers\TsUsbGD.sys
2014-09-13 14:18 . 2012-08-23 11:12 192000 ----a-w- c:\windows\SysWow64\rdpendp_winip.dll
2014-09-13 14:18 . 2012-08-23 14:13 243200 ----a-w- c:\windows\system32\rdpudd.dll
2014-09-13 14:18 . 2012-08-23 10:51 228864 ----a-w- c:\windows\system32\rdpendp_winip.dll
2014-09-13 13:47 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-09-13 13:47 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2014-09-13 13:47 . 2014-07-09 02:03 7168 ----a-w- c:\windows\system32\KBDTAT.DLL
2014-09-13 13:47 . 2014-07-09 02:03 7168 ----a-w- c:\windows\system32\KBDYAK.DLL
2014-09-13 13:47 . 2014-07-09 02:03 7168 ----a-w- c:\windows\system32\KBDRU1.DLL
2014-09-13 13:47 . 2014-07-09 02:03 6656 ----a-w- c:\windows\system32\KBDRU.DLL
2014-09-13 13:47 . 2014-07-09 02:03 7168 ----a-w- c:\windows\system32\KBDBASH.DLL
2014-09-13 13:47 . 2014-07-09 01:31 7168 ----a-w- c:\windows\SysWow64\KBDYAK.DLL
2014-09-13 13:47 . 2014-07-09 01:31 6656 ----a-w- c:\windows\SysWow64\KBDBASH.DLL
2014-09-13 10:09 . 2014-08-18 20:45 360448 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2014-09-13 10:09 . 2014-08-18 20:41 259584 ----a-w- c:\program files (x86)\Internet Explorer\IEShims.dll
2014-09-13 10:09 . 2014-08-18 22:05 596480 ----a-w- c:\windows\system32\ieui.dll
2014-09-13 10:09 . 2014-08-18 22:06 222720 ----a-w- c:\program files\Internet Explorer\ielowutil.exe
2014-09-13 10:09 . 2014-08-18 21:38 222720 ----a-w- c:\program files (x86)\Internet Explorer\ielowutil.exe
2014-09-13 10:09 . 2014-08-18 21:38 483328 ----a-w- c:\program files\Internet Explorer\ieinstal.exe
2014-09-13 10:09 . 2014-08-18 21:17 470016 ----a-w- c:\program files (x86)\Internet Explorer\ieinstal.exe
2014-09-13 10:09 . 2014-08-18 22:29 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-09-13 10:09 . 2014-08-18 21:57 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-09-13 10:09 . 2014-08-18 20:33 272384 ----a-w- c:\program files (x86)\Internet Explorer\ieproxy.dll
2014-09-13 10:02 . 2014-06-27 02:08 2777088 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-09-13 10:02 . 2014-06-27 01:45 2285056 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2014-09-13 05:26 . 2014-08-01 11:53 1031168 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-09-13 05:26 . 2014-08-01 11:35 793600 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
2014-09-13 05:20 . 2014-06-24 03:29 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2014-09-13 05:20 . 2014-06-24 02:59 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2014-09-13 05:15 . 2014-07-07 02:06 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-09-13 05:15 . 2014-07-07 01:40 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-09-13 05:15 . 2014-07-07 02:06 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-09-13 05:15 . 2014-07-07 01:40 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-09-13 05:15 . 2014-07-07 01:39 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-09-13 05:13 . 2014-09-05 02:10 578048 ----a-w- c:\windows\system32\aepdu.dll
2014-09-13 05:13 . 2014-09-05 02:05 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-09-13 04:44 . 2014-09-13 04:44 -------- d-----w- c:\program files\HitmanPro
2014-09-13 04:43 . 2014-09-13 05:15 -------- d-----w- c:\programdata\HitmanPro
2014-09-06 10:37 . 2014-09-23 03:29 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-09-06 10:36 . 2014-05-12 14:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-09-06 10:36 . 2014-05-12 14:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-09-06 10:36 . 2014-05-12 14:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-09-06 10:36 . 2014-09-23 02:50 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-09-06 09:08 . 2014-09-06 09:33 -------- d-----w- c:\windows\ERUNT
2014-09-06 08:54 . 2010-08-30 15:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-09-05 06:28 . 2014-09-05 06:28 -------- d-----w- c:\program files (x86)\Hewlett-Packard
2014-09-05 06:28 . 2014-09-05 06:28 -------- d-----w- c:\program files (x86)\HP Photo Creations
2014-09-05 06:28 . 2014-09-05 06:28 -------- d-----w- c:\programdata\HP Photo Creations
2014-09-05 06:28 . 2014-09-05 06:28 -------- d-----w- c:\programdata\Visan
2014-09-05 06:26 . 2014-09-05 06:27 -------- d-----w- c:\program files (x86)\HP
2014-09-05 06:26 . 2014-09-05 06:26 -------- d-----w- c:\program files\HP
2014-09-05 06:23 . 2014-09-05 06:28 -------- d-----w- c:\users\Owner\AppData\Local\HP
2014-09-04 12:50 . 2014-09-04 12:50 188304 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2014-09-04 02:56 . 2014-09-05 18:13 -------- d-----w- c:\programdata\19ecc5cf5478a1c6
2014-08-27 19:17 . 2014-08-23 02:07 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-08-27 19:17 . 2014-08-23 00:59 3163648 ----a-w- c:\windows\system32\win32k.sys
2014-08-27 19:17 . 2014-08-23 01:45 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-23 02:36 . 2011-09-25 15:04 45056 ----a-w- c:\windows\system32\acovcnt.exe
2014-09-22 06:42 . 2011-12-21 02:38 278152 ------w- c:\windows\system32\MpSigStub.exe
2014-09-17 01:36 . 2013-03-12 21:24 1188440 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-09-13 14:01 . 2011-11-23 19:49 101694776 ----a-w- c:\windows\system32\MRT.exe
2014-09-13 06:08 . 2012-04-20 23:02 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-09-13 06:08 . 2011-12-31 01:53 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-25 09:35 . 2014-07-25 09:35 875688 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2014-07-25 06:47 . 2014-07-25 06:47 869544 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2014-07-18 01:05 . 2014-07-18 01:05 269008 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2014-07-18 01:05 . 2012-08-31 06:03 125584 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2014-07-16 03:23 . 2014-08-14 06:50 2048 ----a-w- c:\windows\system32\tzres.dll
2014-07-16 02:46 . 2014-08-14 06:50 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-07-14 02:02 . 2014-08-14 06:45 1216000 ----a-w- c:\windows\system32\rpcrt4.dll
2014-07-14 01:40 . 2014-08-14 06:45 664064 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2014-06-30 22:24 . 2014-08-19 06:30 8856 ----a-w- c:\windows\system32\icardres.dll
2014-06-30 22:14 . 2014-08-19 06:30 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2013-01-01 19:02 . 2013-01-01 19:02 9842040 ----a-w- c:\program files (x86)\Common Files\wruninstall.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2011-10-19 2319536]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-02 152392]
"Nike+ Connect"="c:\program files (x86)\Nike\Nike+ Connect\Nike+ Connect daemon.exe" [2014-04-09 71680]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2013-05-30 96056]
.
c:\users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Monitor Ink Alerts - HP Officejet 2620 series.lnk - c:\windows\system32\RunDll32.exe "c:\program files\HP\HP Officejet 2620 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN4694G6CX0600;CONNECTION=USB;MONITOR=1; [2009-7-13 45568]
OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2013-6-25 228552]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableSecureUIAPath"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 HitmanProScheduler;HitmanPro Scheduler;c:\program files\HitmanPro\hmpsched.exe;c:\program files\HitmanPro\hmpsched.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 TurboBoost;Intel® Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192Ce.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ASWMBR
*NewlyCreated* - ASWVMM
*Deregistered* - aswMBR
*Deregistered* - aswVmm
.
Contents of the 'Scheduled Tasks' folder
.
2014-09-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-20 06:08]
.
2014-09-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-02 04:36]
.
2014-09-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-02 04:36]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-03-21 361984]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-01-18 2188904]
"IntelTBRunOnce"="wscript.exe" [2013-10-12 168960]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2010-11-04 1580368]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-08-22 1331288]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-01-30 171992]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-01-30 399832]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-01-30 442328]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.1 205.171.2.25
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-Spotify - c:\users\Owner\AppData\Roaming\Spotify\Spotify.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM_Wow6432Node-ActiveSetup-{8A69D345-D564-463c-AFF1-A69D9E530F96} - c:\program files (x86)\Google\Chrome\Application\36.0.1985.143\Installer\chrmstp.exe
Toolbar-Locked - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_152_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_152_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_152_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_152_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_152.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_152.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_152.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_152.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-09-23  20:36:34
ComboFix-quarantined-files.txt  2014-09-24 03:36
.
Pre-Run: 85,551,136,768 bytes free
Post-Run: 86,425,894,912 bytes free
.
- - End Of File - - 1D0C94ECE3A884E246F62B1B35A33623



 



#8 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:07:09 PM

Posted 24 September 2014 - 12:04 PM

Hello again,

Okay, I'm pretty sure you'll be able to uninstall Zombie Alert after we fix the permissions issue that's preventing it's uninstallation. But we've got to remove a couple of more nasties before that. Do these for me next please:

Step :step1:

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters


    tds2.jpg
  • Check Loaded Modules, Verify Driver Digital Signature, and Detect TDLFS file system
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now


    2012081514h0118.png
  • Once rebooted, click "change parameters" again and make sure all checkboxes are checked!
  • Click Start Scan and allow the scan process to run (the scan should only take a couple of minutes)


    tds4-1.jpg
  • If threats are detected select Skip or Cure (if available) for all of them unless otherwise instructed.
    ***Do NOT select Delete!
  • Click Continue


    tds6.jpg
  • Click Reboot computer
  • Please copy the TDSSKiller.[Version]_[Date]_[Time]_log.txt file found in your root directory (typically c:\) and paste it into your next reply

==========

Step :step2:

Download Windows Repair (All in One) from this site

Install the program then run it.

NOTE 1. In Windows Vista, 7 and 8 right click on the program, click "Run As Administrator".
NOTE 2. Disable your antivirus program before running Windows Repair.


Go to Step 2 and click on Check button next to 1. See If Check Disk Is Needed.
If the tool indicates that the Check Disk is needed click on Do It button next to 2. Check Disk.
In that case make sure you restart computer.

p22004342.gif


Once the above is done go to Step 3 and allow it to run System File Check by clicking on Do It button:

p22004343.gif


Go to Step 4 and under "System Restore" click on Create button:

p22004346.gif


Go to Start Repairs tab and click Start button.

Leave all checkmarks as they're.
NOTE for Windows 8 users. Reset Registry Permissions is NOT checked by design.

Click on Start button.

p22004347.gif

Post Windows Repair log which is located in the following folder:
64-bit systems - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs
32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs

==========

Once these two steps are done and the logs are posted, please try again to uninstall Zombie Alert and let me know if you're successful!

bloopie



#9 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:07:09 PM

Posted 27 September 2014 - 12:36 PM

Hello again,

Are you still with me? :)

This is a 3-Day Bump! If you still wish to receive help, please follow the instructions in my previous post. As mentioned, if you have a problem posting on the forum, send me the logs via PM and I will repost them here for you. If you need more time, please let me know!

If you do not respond in another 48 hours, I will be forced to close this topic!

bloopie

#10 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:07:09 PM

Posted 28 September 2014 - 01:02 PM

User unable to post on the forum, these are sent via PM:
 

Hmmn.... I am wondering what is wrong... it gets to the point where it says " saving Post " but after that it stops...
even on PM it doesn't work...
This one might not work


==========
 

00:31:20.0113 0x041c TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
00:31:21.0954 0x041c ============================================================
00:31:21.0954 0x041c Current date / time: 2014/09/25 00:31:21.0954
00:31:21.0954 0x041c SystemInfo:
00:31:21.0954 0x041c
00:31:21.0954 0x041c OS Version: 6.1.7601 ServicePack: 1.0
00:31:21.0954 0x041c Product type: Workstation
00:31:21.0954 0x041c ComputerName: OWNER-PC
00:31:21.0954 0x041c UserName: Owner
00:31:21.0954 0x041c Windows directory: C:\Windows
00:31:21.0954 0x041c System windows directory: C:\Windows
00:31:21.0954 0x041c Running under WOW64
00:31:21.0954 0x041c Processor architecture: Intel x64
00:31:21.0954 0x041c Number of processors: 4
00:31:21.0954 0x041c Page size: 0x1000
00:31:21.0954 0x041c Boot type: Normal boot
00:31:21.0954 0x041c ============================================================
<SNIP>
00:33:06.0697 0x0e38 [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
00:33:06.0728 0x0e38 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
00:33:10.0940 0x0e38 Detect skipped due to KSN trusted
00:33:10.0940 0x0e38 Net Driver HPZ12 - ok
00:33:11.0018 0x0e38 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
00:33:11.0112 0x0e38 NetBIOS - ok
00:33:11.0143 0x0e38 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
00:33:11.0268 0x0e38 NetBT - ok
00:33:11.0283 0x0e38 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
00:33:11.0314 0x0e38 Netlogon - ok
00:33:11.0392 0x0e38 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
00:33:11.0517 0x0e38 Netman - ok
00:33:11.0611 0x0e38 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:33:11.0658 0x0e38 NetMsmqActivator - ok
00:33:11.0704 0x0e38 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:33:11.0751 0x0e38 NetPipeActivator - ok
00:33:11.0798 0x0e38 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Window

This TDSSKiller log is incomplete. If you cannot fit the entire log, then just post the bottom section with the detections listed. There is one detection in this section, but there are probably others that I need to see. :wink:

==========
 

Tweaking.com - Windows Repair v2.9.1
--------------------------------------------------------------------------------
System Variables
--------------------------------------------------------------------------------
OS: Windows 7 Home Premium
OS Architecture: 64-bit
OS Version: 6.1.7601
OS Service Pack: Service Pack 1
Computer Name: OWNER-PC
Windows Drive: C:\
Windows Path: C:\Windows
Program Files: C:\Program Files
Program Files (x86): C:\Program Files (x86)
Current Profile: C:\Users\Owner
Current Profile SID: S-1-5-21-4233013369-1694252847-3016774584-1000
Current Profile Classes: S-1-5-21-4233013369-1694252847-3016774584-1000_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\Windows\ServiceProfiles
Local Settings AppData: C:\Users\Owner\AppData\Local
--------------------------------------------------------------------------------
System Information
--------------------------------------------------------------------------------
System Up Time: 0 Days 00:05:15
Process Count: 92
Commit Total: 1.64 GB
Commit Limit: 7.57 GB
Commit Peak: 1.68 GB
Handle Count: 22715
Kernel Total: 348.44 MB
Kernel Paged: 276.67 MB
Kernel Non Paged: 71.77 MB
System Cache: 616.45 MB
Thread Count: 912
--------------------------------------------------------------------------------
Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 3.78 GB
Memory Used: 1.57 GB(41.389%)
Memory Avail.: 2.22 GB
--------------------------------------------------------------------------------
Cleaning Memory Before Starting Repairs...
Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 3.78 GB
Memory Used: 1.32 GB(34.9282%)
Memory Avail.: 2.46 GB
--------------------------------------------------------------------------------
Starting Repairs...
Started at (9/25/2014 1:34:32 AM)
01 - Reset Registry Permissions 01/03
HKEY_CURRENT_USER & Sub Keys
Start (9/25/2014 1:34:36 AM)
Running Repair Under Current User Account
Done (9/25/2014 1:34:56 AM)
01 - Reset Registry Permissions 02/03
HKEY_LOCAL_MACHINE & Sub Keys
Start (9/25/2014 1:34:56 AM)
Running Repair Under System Account
Done (9/25/2014 1:50:10 AM)
01 - Reset Registry Permissions 03/03
HKEY_CLASSES_ROOT & Sub Keys
Start (9/25/2014 1:50:10 AM)
Running Repair Under System Account
Done (9/25/2014 1:55:02 AM)
03 - Reset Service Permissions
Start (9/25/2014 1:55:02 AM)
Running Repair Under System Account
Done (9/25/2014 1:55:22 AM)
04 - Register System Files
Start (9/25/2014 1:55:22 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/25/2014 1:56:14 AM)
05 - Repair WMI
Start (9/25/2014 1:56:14 AM)
Starting Security Center So We Can Export The Security Info.
Exporting Antivirus Info...
Microsoft Security Essentials Exported.
Exporting AntiSpyware Info...
Microsoft Security Essentials Exported.
Windows Defender Exported.
Exporting 3rd Party Firewall Info...
No Firewall Products Reported.
Running Repair Under Current User Account
Done (9/25/2014 1:59:52 AM)
06 - Repair Windows Firewall
Start (9/25/2014 1:59:52 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/25/2014 2:00:36 AM)
07 - Repair Internet Explorer
Start (9/25/2014 2:00:36 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/25/2014 2:01:26 AM)
08 - Repair MDAC/MS Jet
Start (9/25/2014 2:01:26 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/25/2014 2:01:41 AM)
09 - Repair Hosts File
Start (9/25/2014 2:01:41 AM)
Running Repair Under System Account
Done (9/25/2014 2:01:42 AM)
10 - Remove Policies Set By Infections
Start (9/25/2014 2:01:43 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/25/2014 2:01:45 AM)
11 - Repair Start Menu Icons Removed By Infections
Start (9/25/2014 2:01:45 AM)
Running Repair Under System Account
Done (9/25/2014 2:01:46 AM)
12 - Repair Icons
Start (9/25/2014 2:01:46 AM)
Running Repair Under Current User Account
Done (9/25/2014 2:01:48 AM)
13 - Repair Winsock & DNS Cache
Start (9/25/2014 2:01:48 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/25/2014 2:02:09 AM)
15 - Repair Proxy Settings
Start (9/25/2014 2:02:09 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/25/2014 2:02:12 AM)
17 - Repair Windows Updates
Start (9/25/2014 2:02:12 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Setting Windows Updates Files That Are In Use To Be Removed At Next Boot.
Done (9/25/2014 2:02:49 AM)
18 - Repair CD/DVD Missing/Not Working
Start (9/25/2014 2:02:49 AM)
iTunes was found, adding UpperFilters for iTunes Reg Key
UpperFilters added?: True
Done (9/25/2014 2:02:49 AM)
19 - Repair Volume Shadow Copy Service
Start (9/25/2014 2:02:49 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/25/2014 2:03:19 AM)
21 - Repair MSI (Windows Installer)
Start (9/25/2014 2:03:19 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/25/2014 2:03:37 AM)
23.01 - Repair bat Association
Start (9/25/2014 2:03:38 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/25/2014 2:03:40 AM)
23.02 - Repair cmd Association
Start (9/25/2014 2:03:40 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/25/2014 2:03:42 AM)
23.03 - Repair com Association
Start (9/25/2014 2:03:42 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/25/2014 2:03:45 AM)
23.04 - Repair Directory Association
Start (9/25/2014 2:03:45 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/25/2014 2:03:47 AM)
23.05 - Repair Drive Association
Start (9/25/2014 2:03:47 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/25/2014 2:03:49 AM)
23.06 - Repair exe Association
Start (9/25/2014 2:03:49 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/25/2014 2:03:52 AM)
23.07 - Repair Folder Association
Start (9/25/2014 2:03:52 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/25/2014 2:03:54 AM)
23.08 - Repair inf Association
Start (9/25/2014 2:03:54 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/25/2014 2:03:56 AM)
23.09 - Repair lnk (Shortcuts) Association
Start (9/25/2014 2:03:57 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/25/2014 2:03:59 AM)
23.10 - Repair msc Association
Start (9/25/2014 2:03:59 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/25/2014 2:04:01 AM)
23.11 - Repair reg Association
Start (9/25/2014 2:04:01 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/25/2014 2:04:04 AM)
23.12 - Repair scr Association
Start (9/25/2014 2:04:04 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/25/2014 2:04:06 AM)
24 - Repair Windows Safe Mode
Start (9/25/2014 2:04:06 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/25/2014 2:04:08 AM)
25 - Repair Print Spooler
Start (9/25/2014 2:04:08 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/25/2014 2:04:30 AM)
26 - Restore Important Windows Services
Start (9/25/2014 2:04:31 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/25/2014 2:04:47 AM)
27 - Set Windows Services To Default Startup
Start (9/25/2014 2:04:47 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/25/2014 2:04:55 AM)
Skipping Repair.
Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
Current version: 6.1
Skipping Repair.
Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
Current version: 6.1
Skipping Repair.
Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
Current version: 6.1
31 - Repair Windows 'New' Submenu
Start (9/25/2014 2:04:56 AM)
Running Repair Under Current User Account
Running Repair Under System Account
Done (9/25/2014 2:04:58 AM)
Cleaning up empty logs...
All Selected Repairs Done.
Done at (9/25/2014 2:04:58 AM)
Total Repair Time: 00:30:28
...YOU MUST RESTART YOUR SYSTEM...


Looking much better! :thumbup2:

==========
 

It worked finally :D

It looks as though I can only copy and paste one at a time...


So, please confirm you were finally able to remove Zombie Alert, correct? :)

 

bloopie



#11 Chivalry

Chivalry
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:04:09 PM

Posted 28 September 2014 - 06:33 PM

Oh no! 

I forgot to say, I was not actually able to remove zombie alert.

I was so excited about being able to finally post something that I forgot provide the information... >.>

Kaspersky did not return anything as detected. I am currently at a friends house, but I can post the rest of the log just after 6:00

 

Turns out I'm actually stuck here till late tonight :/


Edited by Chivalry, 28 September 2014 - 08:34 PM.


#12 Chivalry

Chivalry
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:04:09 PM

Posted 29 September 2014 - 02:21 AM

TDSKiller Continued x1

00:33:11.0798 0x0e38  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
00:33:11.0938 0x0e38  netprofm - ok
00:33:11.0985 0x0e38  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:33:12.0016 0x0e38  NetTcpActivator - ok
00:33:12.0032 0x0e38  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:33:12.0079 0x0e38  NetTcpPortSharing - ok
00:33:12.0126 0x0e38  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
00:33:12.0157 0x0e38  nfrd960 - ok
00:33:12.0204 0x0e38  [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
00:33:12.0235 0x0e38  NisDrv - ok
00:33:12.0282 0x0e38  [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
00:33:12.0344 0x0e38  NisSrv - ok
00:33:12.0391 0x0e38  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
00:33:12.0453 0x0e38  NlaSvc - ok
00:33:12.0484 0x0e38  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
00:33:12.0578 0x0e38  Npfs - ok
00:33:12.0609 0x0e38  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
00:33:12.0734 0x0e38  nsi - ok
00:33:12.0734 0x0e38  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
00:33:12.0828 0x0e38  nsiproxy - ok
00:33:12.0984 0x0e38  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
00:33:13.0140 0x0e38  Ntfs - ok
00:33:13.0171 0x0e38  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
00:33:13.0280 0x0e38  Null - ok
00:33:13.0327 0x0e38  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
00:33:13.0358 0x0e38  nvraid - ok
00:33:13.0389 0x0e38  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
00:33:13.0420 0x0e38  nvstor - ok
00:33:13.0452 0x0e38  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
00:33:13.0498 0x0e38  nv_agp - ok
00:33:13.0514 0x0e38  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
00:33:13.0545 0x0e38  ohci1394 - ok
00:33:13.0608 0x0e38  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:33:13.0639 0x0e38  ose - ok
00:33:14.0029 0x0e38  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
00:33:14.0434 0x0e38  osppsvc - ok
00:33:14.0528 0x0e38  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
00:33:14.0622 0x0e38  p2pimsvc - ok
00:33:14.0668 0x0e38  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
00:33:14.0762 0x0e38  p2psvc - ok
00:33:14.0793 0x0e38  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
00:33:14.0840 0x0e38  Parport - ok
00:33:14.0871 0x0e38  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
00:33:14.0902 0x0e38  partmgr - ok
00:33:14.0949 0x0e38  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
00:33:15.0012 0x0e38  PcaSvc - ok
00:33:15.0058 0x0e38  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
00:33:15.0090 0x0e38  pci - ok
00:33:15.0121 0x0e38  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
00:33:15.0136 0x0e38  pciide - ok
00:33:15.0183 0x0e38  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
00:33:15.0230 0x0e38  pcmcia - ok
00:33:15.0246 0x0e38  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
00:33:15.0277 0x0e38  pcw - ok
00:33:15.0324 0x0e38  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
00:33:15.0480 0x0e38  PEAUTH - ok
00:33:15.0604 0x0e38  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
00:33:15.0636 0x0e38  PerfHost - ok
00:33:15.0792 0x0e38  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
00:33:16.0010 0x0e38  pla - ok
00:33:16.0088 0x0e38  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
00:33:16.0166 0x0e38  PlugPlay - ok
00:33:16.0228 0x0e38  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
00:33:16.0260 0x0e38  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
00:33:20.0082 0x0e38  Detect skipped due to KSN trusted
00:33:20.0082 0x0e38  Pml Driver HPZ12 - ok
00:33:20.0128 0x0e38  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
00:33:20.0175 0x0e38  PNRPAutoReg - ok
00:33:20.0222 0x0e38  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
00:33:20.0284 0x0e38  PNRPsvc - ok
00:33:20.0331 0x0e38  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
00:33:20.0487 0x0e38  PolicyAgent - ok
00:33:20.0550 0x0e38  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
00:33:20.0659 0x0e38  Power - ok
00:33:20.0706 0x0e38  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
00:33:20.0815 0x0e38  PptpMiniport - ok
00:33:20.0830 0x0e38  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
00:33:20.0862 0x0e38  Processor - ok
00:33:20.0908 0x0e38  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
00:33:20.0986 0x0e38  ProfSvc - ok
00:33:21.0002 0x0e38  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
00:33:21.0033 0x0e38  ProtectedStorage - ok
00:33:21.0064 0x0e38  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
00:33:21.0174 0x0e38  Psched - ok
00:33:21.0314 0x0e38  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
00:33:21.0454 0x0e38  ql2300 - ok
00:33:21.0501 0x0e38  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
00:33:21.0532 0x0e38  ql40xx - ok
00:33:21.0579 0x0e38  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
00:33:21.0642 0x0e38  QWAVE - ok
00:33:21.0673 0x0e38  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
00:33:21.0720 0x0e38  QWAVEdrv - ok
00:33:21.0735 0x0e38  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
00:33:21.0844 0x0e38  RasAcd - ok
00:33:21.0876 0x0e38  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
00:33:21.0985 0x0e38  RasAgileVpn - ok
00:33:22.0032 0x0e38  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
00:33:22.0141 0x0e38  RasAuto - ok
00:33:22.0203 0x0e38  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
00:33:22.0297 0x0e38  Rasl2tp - ok
00:33:22.0344 0x0e38  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
00:33:22.0484 0x0e38  RasMan - ok
00:33:22.0515 0x0e38  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
00:33:22.0624 0x0e38  RasPppoe - ok
00:33:22.0640 0x0e38  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
00:33:22.0749 0x0e38  RasSstp - ok
00:33:22.0780 0x0e38  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
00:33:22.0905 0x0e38  rdbss - ok
00:33:22.0921 0x0e38  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
00:33:22.0968 0x0e38  rdpbus - ok
00:33:22.0999 0x0e38  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
00:33:23.0108 0x0e38  RDPCDD - ok
00:33:23.0155 0x0e38  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
00:33:23.0248 0x0e38  RDPENCDD - ok
00:33:23.0280 0x0e38  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
00:33:23.0373 0x0e38  RDPREFMP - ok
00:33:23.0420 0x0e38  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
00:33:23.0482 0x0e38  RdpVideoMiniport - ok
00:33:23.0514 0x0e38  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
00:33:23.0607 0x0e38  RDPWD - ok
00:33:23.0638 0x0e38  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
00:33:23.0685 0x0e38  rdyboost - ok
00:33:23.0716 0x0e38  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
00:33:23.0826 0x0e38  RemoteAccess - ok
00:33:23.0888 0x0e38  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
00:33:23.0997 0x0e38  RemoteRegistry - ok
00:33:24.0044 0x0e38  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
00:33:24.0106 0x0e38  RFCOMM - ok
00:33:24.0122 0x0e38  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
00:33:24.0247 0x0e38  RpcEptMapper - ok
00:33:24.0278 0x0e38  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
00:33:24.0309 0x0e38  RpcLocator - ok
00:33:24.0372 0x0e38  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
00:33:24.0512 0x0e38  RpcSs - ok
00:33:24.0559 0x0e38  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
00:33:24.0652 0x0e38  rspndr - ok
00:33:24.0762 0x0e38  [ 09A8BA290DB61D2D5C419A06A2E54D20, CE2C7FD288055526F708E751E9A837B04CE6213DD2294C4D9D535A2A8A94639A ] RTL8192Ce       C:\Windows\system32\DRIVERS\rtl8192Ce.sys
00:33:24.0855 0x0e38  RTL8192Ce - ok
00:33:24.0871 0x0e38  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
00:33:24.0918 0x0e38  SamSs - ok
00:33:24.0949 0x0e38  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
00:33:24.0980 0x0e38  sbp2port - ok
00:33:25.0027 0x0e38  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
00:33:25.0152 0x0e38  SCardSvr - ok
00:33:25.0167 0x0e38  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
00:33:25.0245 0x0e38  scfilter - ok
00:33:25.0370 0x0e38  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
00:33:25.0557 0x0e38  Schedule - ok
00:33:25.0588 0x0e38  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
00:33:25.0682 0x0e38  SCPolicySvc - ok
00:33:25.0713 0x0e38  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
00:33:25.0791 0x0e38  SDRSVC - ok
00:33:25.0838 0x0e38  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
00:33:25.0932 0x0e38  secdrv - ok
00:33:25.0963 0x0e38  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
00:33:26.0056 0x0e38  seclogon - ok
00:33:26.0088 0x0e38  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
00:33:26.0197 0x0e38  SENS - ok
00:33:26.0212 0x0e38  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
00:33:26.0275 0x0e38  SensrSvc - ok
00:33:26.0306 0x0e38  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
00:33:26.0353 0x0e38  Serenum - ok
00:33:26.0384 0x0e38  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
00:33:26.0431 0x0e38  Serial - ok
00:33:26.0478 0x0e38  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
00:33:26.0524 0x0e38  sermouse - ok
00:33:26.0571 0x0e38  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
00:33:26.0680 0x0e38  SessionEnv - ok
00:33:26.0696 0x0e38  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
00:33:26.0743 0x0e38  sffdisk - ok
00:33:26.0774 0x0e38  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
00:33:26.0821 0x0e38  sffp_mmc - ok
00:33:26.0836 0x0e38  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
00:33:26.0883 0x0e38  sffp_sd - ok
00:33:26.0899 0x0e38  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
00:33:26.0946 0x0e38  sfloppy - ok
00:33:27.0039 0x0e38  [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
00:33:27.0117 0x0e38  Sftfs - ok
00:33:27.0211 0x0e38  [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
00:33:27.0273 0x0e38  sftlist - ok
00:33:27.0320 0x0e38  [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
00:33:27.0367 0x0e38  Sftplay - ok
00:33:27.0382 0x0e38  [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
00:33:27.0414 0x0e38  Sftredir - ok
00:33:27.0414 0x0e38  [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
00:33:27.0445 0x0e38  Sftvol - ok
00:33:27.0476 0x0e38  [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
00:33:27.0523 0x0e38  sftvsa - ok
00:33:27.0570 0x0e38  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
00:33:27.0710 0x0e38  SharedAccess - ok
00:33:27.0757 0x0e38  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:33:27.0882 0x0e38  ShellHWDetection - ok
00:33:27.0913 0x0e38  [ 1BC348CF6BAA90EC8E533EF6E6A69933, 2B26F6EB701F48E092DED6A7B888F24736F2899EE81D54DD4B1E9DF7CFD36E7A ] SiSGbeLH        C:\Windows\system32\DRIVERS\SiSG664.sys
00:33:27.0960 0x0e38  SiSGbeLH - ok
00:33:28.0006 0x0e38  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
00:33:28.0038 0x0e38  SiSRaid2 - ok
00:33:28.0053 0x0e38  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
00:33:28.0084 0x0e38  SiSRaid4 - ok
00:33:28.0131 0x0e38  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
00:33:28.0178 0x0e38  SkypeUpdate - ok
00:33:28.0209 0x0e38  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
00:33:28.0303 0x0e38  Smb - ok
00:33:28.0365 0x0e38  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
00:33:28.0412 0x0e38  SNMPTRAP - ok
00:33:28.0428 0x0e38  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
00:33:28.0459 0x0e38  spldr - ok
00:33:28.0506 0x0e38  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
00:33:28.0599 0x0e38  Spooler - ok
00:33:28.0880 0x0e38  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
00:33:29.0286 0x0e38  sppsvc - ok
00:33:29.0317 0x0e38  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
00:33:29.0426 0x0e38  sppuinotify - ok
00:33:29.0473 0x0e38  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
00:33:29.0566 0x0e38  srv - ok
00:33:29.0613 0x0e38  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
00:33:29.0676 0x0e38  srv2 - ok
00:33:29.0707 0x0e38  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
00:33:29.0754 0x0e38  srvnet - ok
00:33:29.0800 0x0e38  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
00:33:29.0910 0x0e38  SSDPSRV - ok
00:33:29.0941 0x0e38  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
00:33:30.0034 0x0e38  SstpSvc - ok
00:33:30.0066 0x0e38  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
00:33:30.0097 0x0e38  stexstor - ok
00:33:30.0112 0x0e38  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
00:33:30.0175 0x0e38  StillCam - ok
00:33:30.0253 0x0e38  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
00:33:30.0346 0x0e38  stisvc - ok
00:33:30.0378 0x0e38  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
00:33:30.0409 0x0e38  swenum - ok
00:33:30.0471 0x0e38  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
00:33:30.0612 0x0e38  swprv - ok
00:33:30.0768 0x0e38  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
00:33:30.0956 0x0e38  SysMain - ok
00:33:30.0987 0x0e38  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:33:31.0049 0x0e38  TabletInputService - ok
00:33:31.0081 0x0e38  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
00:33:31.0205 0x0e38  TapiSrv - ok
00:33:31.0252 0x0e38  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
00:33:31.0346 0x0e38  TBS - ok
00:33:31.0502 0x0e38  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
00:33:31.0673 0x0e38  Tcpip - ok
00:33:31.0845 0x0e38  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
00:33:32.0001 0x0e38  TCPIP6 - ok
00:33:32.0048 0x0e38  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
00:33:32.0079 0x0e38  tcpipreg - ok
00:33:32.0126 0x0e38  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
00:33:32.0173 0x0e38  TDPIPE - ok
00:33:32.0188 0x0e38  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
00:33:32.0235 0x0e38  TDTCP - ok
00:33:32.0282 0x0e38  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
00:33:32.0391 0x0e38  tdx - ok
00:33:32.0438 0x0e38  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
00:33:32.0469 0x0e38  TermDD - ok
00:33:32.0547 0x0e38  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
00:33:32.0703 0x0e38  TermService - ok
00:33:32.0734 0x0e38  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
00:33:32.0781 0x0e38  Themes - ok
00:33:32.0812 0x0e38  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
00:33:32.0921 0x0e38  THREADORDER - ok
00:33:32.0953 0x0e38  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
00:33:33.0062 0x0e38  TrkWks - ok
00:33:33.0124 0x0e38  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:33:33.0233 0x0e38  TrustedInstaller - ok
00:33:33.0265 0x0e38  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
00:33:33.0327 0x0e38  tssecsrv - ok
00:33:33.0374 0x0e38  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
00:33:33.0436 0x0e38  TsUsbFlt - ok
00:33:33.0467 0x0e38  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
00:33:33.0514 0x0e38  TsUsbGD - ok
00:33:33.0561 0x0e38  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
00:33:33.0670 0x0e38  tunnel - ok
00:33:33.0717 0x0e38  [ B355581A9DA34C92E2DBAFA410D2F829, 2EB97A055CB41898CA9FB7A58C6EEE5653CF18FD54123B346F8A664A3BE62874 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
00:33:33.0748 0x0e38  TurboB - ok
00:33:33.0795 0x0e38  [ 6564E84B1522C12EA1C3A181ED03276F, BADCCD3F28149427FEFCB0CF5011A87B0ED32752B81D211A9551983A4BD3699E ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
00:33:33.0826 0x0e38  TurboBoost - ok
00:33:33.0857 0x0e38  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
00:33:33.0889 0x0e38  uagp35 - ok
00:33:33.0920 0x0e38  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
00:33:34.0060 0x0e38  udfs - ok
00:33:34.0091 0x0e38  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
00:33:34.0123 0x0e38  UI0Detect - ok
00:33:34.0169 0x0e38  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
00:33:34.0201 0x0e38  uliagpkx - ok
00:33:34.0232 0x0e38  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
00:33:34.0263 0x0e38  umbus - ok
00:33:34.0294 0x0e38  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
00:33:34.0325 0x0e38  UmPass - ok
00:33:34.0591 0x0e38  [ 7A78ED1088890114DFDE2C4AB038D6B6, B52357594A90A8BCF5F96FA630F52BB1274A2FE814AF0270D21C892871D076FC ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
00:33:34.0793 0x0e38  UNS - ok
00:33:34.0871 0x0e38  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
00:33:35.0012 0x0e38  upnphost - ok
00:33:35.0059 0x0e38  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
00:33:35.0105 0x0e38  USBAAPL64 - ok
00:33:35.0152 0x0e38  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
00:33:35.0199 0x0e38  usbccgp - ok
00:33:35.0230 0x0e38  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
00:33:35.0293 0x0e38  usbcir - ok
00:33:35.0324 0x0e38  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
00:33:35.0355 0x0e38  usbehci - ok
00:33:35.0402 0x0e38  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
00:33:35.0464 0x0e38  usbhub - ok
00:33:35.0495 0x0e38  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
00:33:35.0527 0x0e38  usbohci - ok
00:33:35.0573 0x0e38  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
00:33:35.0605 0x0e38  usbprint - ok
00:33:35.0636 0x0e38  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
00:33:35.0683 0x0e38  usbscan - ok
00:33:35.0698 0x0e38  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:33:35.0761 0x0e38  USBSTOR - ok
00:33:35.0776 0x0e38  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
00:33:35.0823 0x0e38  usbuhci - ok
00:33:35.0885 0x0e38  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
00:33:35.0932 0x0e38  usbvideo - ok
00:33:35.0963 0x0e38  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
00:33:36.0057 0x0e38  UxSms - ok
00:33:36.0073 0x0e38  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
00:33:36.0104 0x0e38  VaultSvc - ok
00:33:36.0151 0x0e38  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
00:33:36.0182 0x0e38  vdrvroot - ok
00:33:36.0244 0x0e38  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
00:33:36.0369 0x0e38  vds - ok
00:33:36.0385 0x0e38  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
00:33:36.0416 0x0e38  vga - ok
00:33:36.0447 0x0e38  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
00:33:36.0541 0x0e38  VgaSave - ok
00:33:36.0556 0x0e38  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
00:33:36.0603 0x0e38  vhdmp - ok
00:33:36.0634 0x0e38  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
00:33:36.0650 0x0e38  viaide - ok
00:33:36.0697 0x0e38  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
00:33:36.0728 0x0e38  volmgr - ok
00:33:36.0775 0x0e38  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
00:33:36.0821 0x0e38  volmgrx - ok
00:33:36.0868 0x0e38  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
00:33:36.0915 0x0e38  volsnap - ok
00:33:36.0946 0x0e38  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
00:33:36.0977 0x0e38  vsmraid - ok
00:33:37.0119 0x0e38  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
00:33:37.0353 0x0e38  VSS - ok
00:33:37.0368 0x0e38  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
00:33:37.0431 0x0e38  vwifibus - ok
00:33:37.0462 0x0e38  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
00:33:37.0509 0x0e38  vwififlt - ok
00:33:37.0571 0x0e38  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
00:33:37.0696 0x0e38  W32Time - ok
00:33:37.0712 0x0e38  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
00:33:37.0758 0x0e38  WacomPen - ok
00:33:37.0805 0x0e38  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
00:33:37.0914 0x0e38  WANARP - ok
00:33:37.0914 0x0e38  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
00:33:38.0024 0x0e38  Wanarpv6 - ok
00:33:38.0164 0x0e38  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
00:33:38.0273 0x0e38  WatAdminSvc - ok
00:33:38.0398 0x0e38  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
00:33:38.0554 0x0e38  wbengine - ok
00:33:38.0616 0x0e38  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
00:33:38.0663 0x0e38  WbioSrvc - ok
00:33:38.0710 0x0e38  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
00:33:38.0804 0x0e38  wcncsvc - ok
00:33:38.0835 0x0e38  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:33:38.0882 0x0e38  WcsPlugInService - ok
00:33:38.0913 0x0e38  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
00:33:38.0944 0x0e38  Wd - ok
00:33:39.0022 0x0e38  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
00:33:39.0100 0x0e38  Wdf01000 - ok
00:33:39.0147 0x0e38  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
00:33:39.0240 0x0e38  WdiServiceHost - ok
00:33:39.0272 0x0e38  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
00:33:39.0318 0x0e38  WdiSystemHost - ok
00:33:39.0365 0x0e38  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
00:33:39.0428 0x0e38  WebClient - ok
00:33:39.0474 0x0e38  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
00:33:39.0584 0x0e38  Wecsvc - ok
00:33:39.0599 0x0e38  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
00:33:39.0708 0x0e38  wercplsupport - ok
00:33:39.0740 0x0e38  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
00:33:39.0849 0x0e38  WerSvc - ok
00:33:39.0880 0x0e38  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
00:33:39.0974 0x0e38  WfpLwf - ok
00:33:40.0005 0x0e38  [ 52DED146E4797E6CCF94799E8E22BB2A, 57A29260D81AA3AD3F8C29E9CFA7CE3970D7A8BF673ADD9B256EE76C7DEC080E ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
00:33:40.0052 0x0e38  WimFltr - ok
00:33:40.0083 0x0e38  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
00:33:40.0098 0x0e38  WIMMount - ok
00:33:40.0114 0x0e38  WinDefend - ok
00:33:40.0145 0x0e38  WinHttpAutoProxySvc - ok
00:33:40.0223 0x0e38  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
00:33:40.0348 0x0e38  Winmgmt - ok
00:33:40.0504 0x0e38  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
00:33:40.0769 0x0e38  WinRM - ok
00:33:40.0847 0x0e38  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
00:33:40.0894 0x0e38  WinUsb - ok
00:33:40.0988 0x0e38  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
00:33:41.0112 0x0e38  Wlansvc - ok
00:33:41.0144 0x0e38  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
00:33:41.0190 0x0e38  WmiAcpi - ok
00:33:41.0237 0x0e38  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
00:33:41.0284 0x0e38  wmiApSrv - ok
00:33:41.0315 0x0e38  WMPNetworkSvc - ok
00:33:41.0362 0x0e38  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
00:33:41.0409 0x0e38  WPCSvc - ok
00:33:41.0440 0x0e38  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
00:33:41.0471 0x0e38  WPDBusEnum - ok
00:33:41.0502 0x0e38  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
00:33:41.0612 0x0e38  ws2ifsl - ok
00:33:41.0643 0x0e38  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
00:33:41.0690 0x0e38  wscsvc - ok
00:33:41.0690 0x0e38  WSearch - ok
00:33:41.0908 0x0e38  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
00:33:42.0111 0x0e38  wuauserv - ok
00:33:42.0142 0x0e38  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
00:33:42.0189 0x0e38  WudfPf - ok
00:33:42.0251 0x0e38  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
00:33:42.0314 0x0e38  WUDFRd - ok
00:33:42.0329 0x0e38  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
00:33:42.0376 0x0e38  wudfsvc - ok
00:33:42.0423 0x0e38  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
00:33:42.0501 0x0e38  WwanSvc - ok
00:33:42.0532 0x0e38  ================ Scan global ===============================
00:33:42.0563 0x0e38  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
00:33:42.0610 0x0e38  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
00:33:42.0641 0x0e38  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
00:33:42.0688 0x0e38  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
00:33:42.0735 0x0e38  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
00:33:42.0750 0x0e38  [ Global ] - ok
00:33:42.0750 0x0e38  ================ Scan MBR ==================================
00:33:42.0766 0x0e38  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
00:33:43.0296 0x0e38  \Device\Harddisk0\DR0 - ok
00:33:43.0296 0x0e38  ================ Scan VBR ==================================
00:33:43.0312 0x0e38  [ 1AC1A0DF5506C185B97E5E631AF78847 ] \Device\Harddisk0\DR0\Partition1
00:33:43.0312 0x0e38  \Device\Harddisk0\DR0\Partition1 - ok
00:33:43.0343 0x0e38  [ 187B08685AECF996B3AAFC35D11E7173 ] \Device\Harddisk0\DR0\Partition2
00:33:43.0343 0x0e38  \Device\Harddisk0\DR0\Partition2 - ok
00:33:43.0343 0x0e38  ================ Scan active images ========================
00:33:43.0343 0x0e38  [ 3E588B60EC061686BA05D33574A344C6, 19D2D863F95CCC4493A2328B6BEB04248B6A80F957532E58C1D1D868C19FDCCB ] C:\Windows\System32\drivers\crashdmp.sys
00:33:43.0343 0x0e38  C:\Windows\System32\drivers\crashdmp.sys - ok
00:33:43.0359 0x0e38  [ D7921D5A870B11CC1ADAB198A519D50A, 5DF99EB5D5504E9D9EB21658E8B4A58DEE2AD143A1875DB7F9B7BF4877FCB57F ] C:\Windows\System32\drivers\iaStor.sys
00:33:43.0359 0x0e38  C:\Windows\System32\drivers\iaStor.sys - ok
00:33:43.0359 0x0e38  [ 814DB88F2641691575A455CF25354098, 79C50F0CD72612733217A0316BEFEA0B6D819C3159D9452EAB89AC26A18A0F89 ] C:\Windows\System32\drivers\dumpfve.sys
00:33:43.0359 0x0e38  C:\Windows\System32\drivers\dumpfve.sys - ok
00:33:43.0374 0x0e38  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] C:\Windows\System32\drivers\cdrom.sys
00:33:43.0374 0x0e38  C:\Windows\System32\drivers\cdrom.sys - ok
00:33:43.0390 0x0e38  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] C:\Windows\System32\drivers\beep.sys
00:33:43.0390 0x0e38  C:\Windows\System32\drivers\beep.sys - ok
00:33:43.0390 0x0e38  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] C:\Windows\System32\drivers\null.sys
00:33:43.0390 0x0e38  C:\Windows\System32\drivers\null.sys - ok
00:33:43.0406 0x0e38  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] C:\Windows\System32\drivers\RDPCDD.sys
00:33:43.0406 0x0e38  C:\Windows\System32\drivers\RDPCDD.sys - ok
00:33:43.0406 0x0e38  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] C:\Windows\System32\drivers\vga.sys
00:33:43.0406 0x0e38  C:\Windows\System32\drivers\vga.sys - ok
00:33:43.0421 0x0e38  [ E7353D59C9842BC7299FAEB7E7E09340, C37ED1025E07BAC2F535DCFED6C6C509515D95722EADE5AF94F1FC5D8B1DC783 ] C:\Windows\System32\drivers\videoprt.sys
00:33:43.0421 0x0e38  C:\Windows\System32\drivers\videoprt.sys - ok
00:33:43.0421 0x0e38  [ FC438D1430B28618E2D0C7C332A710AD, 873957B202E454E2C8F625E5799F278CAC16EC5EEAEE2C33E2FE5D1FF0408CB2 ] C:\Windows\System32\drivers\watchdog.sys
00:33:43.0421 0x0e38  C:\Windows\System32\drivers\watchdog.sys - ok
00:33:43.0437 0x0e38  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] C:\Windows\System32\drivers\RDPENCDD.sys
00:33:43.0437 0x0e38  C:\Windows\System32\drivers\RDPENCDD.sys - ok
00:33:43.0452 0x0e38  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] C:\Windows\System32\drivers\RDPREFMP.sys
00:33:43.0452 0x0e38  C:\Windows\System32\drivers\RDPREFMP.sys - ok
00:33:43.0452 0x0e38  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] C:\Windows\System32\drivers\msfs.sys
00:33:43.0452 0x0e38  C:\Windows\System32\drivers\msfs.sys - ok
00:33:43.0468 0x0e38  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] C:\Windows\System32\drivers\npfs.sys
00:33:43.0468 0x0e38  C:\Windows\System32\drivers\npfs.sys - ok
00:33:43.0468 0x0e38  [ 6F020A220388ECA0AB6062DC27BD16B6, 48655230E482DEB7B4B50EF05818EBB29CA61E780AEFCD9D31B02DE4DF9D9540 ] C:\Windows\System32\drivers\tdi.sys
00:33:43.0468 0x0e38  C:\Windows\System32\drivers\tdi.sys - ok
00:33:43.0484 0x0e38  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] C:\Windows\System32\drivers\tdx.sys
00:33:43.0484 0x0e38  C:\Windows\System32\drivers\tdx.sys - ok
00:33:43.0484 0x0e38  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] C:\Windows\System32\drivers\afd.sys
00:33:43.0484 0x0e38  C:\Windows\System32\drivers\afd.sys - ok
00:33:43.0499 0x0e38  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] C:\Windows\System32\drivers\netbt.sys
00:33:43.0499 0x0e38  C:\Windows\System32\drivers\netbt.sys - ok
00:33:43.0499 0x0e38  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] C:\Windows\System32\drivers\wfplwf.sys
00:33:43.0499 0x0e38  C:\Windows\System32\drivers\wfplwf.sys - ok
00:33:43.0515 0x0e38  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] C:\Windows\System32\drivers\ws2ifsl.sys
00:33:43.0515 0x0e38  C:\Windows\System32\drivers\ws2ifsl.sys - ok
00:33:43.0530 0x0e38  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] C:\Windows\System32\drivers\pacer.sys
00:33:43.0530 0x0e38  C:\Windows\System32\drivers\pacer.sys - ok
00:33:43.0530 0x0e38  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] C:\Windows\System32\drivers\netbios.sys
00:33:43.0530 0x0e38  C:\Windows\System32\drivers\netbios.sys - ok
00:33:43.0546 0x0e38  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] C:\Windows\System32\drivers\vwififlt.sys
00:33:43.0546 0x0e38  C:\Windows\System32\drivers\vwififlt.sys - ok
00:33:43.0546 0x0e38  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] C:\Windows\System32\drivers\wanarp.sys
00:33:43.0546 0x0e38  C:\Windows\System32\drivers\wanarp.sys - ok
00:33:43.0562 0x0e38  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] C:\Windows\System32\drivers\termdd.sys
00:33:43.0562 0x0e38  C:\Windows\System32\drivers\termdd.sys - ok
00:33:43.0577 0x0e38  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] C:\Windows\System32\drivers\mssmbios.sys
00:33:43.0577 0x0e38  C:\Windows\System32\drivers\mssmbios.sys - ok
00:33:43.0577 0x0e38  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] C:\Windows\System32\drivers\nsiproxy.sys
00:33:43.0577 0x0e38  C:\Windows\System32\drivers\nsiproxy.sys - ok
00:33:43.0593 0x0e38  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] C:\Windows\System32\drivers\rdbss.sys
00:33:43.0593 0x0e38  C:\Windows\System32\drivers\rdbss.sys - ok
00:33:43.0593 0x0e38  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] C:\Windows\System32\drivers\blbdrive.sys
00:33:43.0593 0x0e38  C:\Windows\System32\drivers\blbdrive.sys - ok
00:33:43.0608 0x0e38  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] C:\Windows\System32\drivers\dfsc.sys
00:33:43.0608 0x0e38  C:\Windows\System32\drivers\dfsc.sys - ok
00:33:43.0608 0x0e38  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] C:\Windows\System32\drivers\discache.sys
00:33:43.0608 0x0e38  C:\Windows\System32\drivers\discache.sys - ok



#13 Chivalry

Chivalry
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:04:09 PM

Posted 29 September 2014 - 02:23 AM

TDSKiller Continued x2

 

00:33:43.0624 0x0e38  [ 1F7238A37389ED92E9D8EEE975CABD54, AFEE4B89A330C106651BB230920FC623813B075D2B75DFEDCC68A3207B291365 ] C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
00:33:43.0624 0x0e38  C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys - ok
00:33:43.0640 0x0e38  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] C:\Windows\System32\drivers\tunnel.sys
00:33:43.0640 0x0e38  C:\Windows\System32\drivers\tunnel.sys - ok
00:33:43.0640 0x0e38  [ F0970A4BC8395659C22BF53D0FADF16F, 23BE3066D89A5ACBF8130899640D377476E78B6C3D19E2D13C32238464A83E21 ] C:\Windows\System32\smss.exe
00:33:43.0640 0x0e38  C:\Windows\System32\smss.exe - ok
00:33:43.0655 0x0e38  [ CAAAC014C5C56A69F710B5F1B836DE22, DA98EF2EBF9A7F180344A88CC2C74F69101E17BBAB58B1C46176FD6EE7AA2E6A ] C:\Windows\System32\ntdll.dll
00:33:43.0655 0x0e38  C:\Windows\System32\ntdll.dll - ok
00:33:43.0655 0x0e38  [ 3B536A8BEC3B4F23FFDFD78B11A2AB93, 7BC847CE6C2D29C334F0D1600BBBDE3933FF45F6BEE5186F442E6270A3F9EC4E ] C:\Windows\System32\autochk.exe
00:33:43.0655 0x0e38  C:\Windows\System32\autochk.exe - ok
00:33:43.0671 0x0e38  [ 8C44E6B688790E2AD3846C97661C54F1, CB487D167EDA3C1E30BD5FB8F98C15EB9E75A6FB793009C2F1BBCAAB4285F772 ] C:\Windows\System32\drivers\igdkmd64.sys
00:33:43.0671 0x0e38  C:\Windows\System32\drivers\igdkmd64.sys - ok
00:33:43.0686 0x0e38  [ D87E1E59C73C1F98D5DED5B3850C40F5, 536419BFF9F877D4314B5D0C045D9A6E729489C389863FADF07E382050BC84FD ] C:\Windows\System32\psapi.dll
00:33:43.0686 0x0e38  C:\Windows\System32\psapi.dll - ok
00:33:43.0686 0x0e38  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] C:\Windows\System32\drivers\dxgkrnl.sys
00:33:43.0686 0x0e38  C:\Windows\System32\drivers\dxgkrnl.sys - ok
00:33:43.0702 0x0e38  [ 1F04CFB79DD5FB7694468CE3FB3DCC31, A40C0BF6D1EC6C4281611A830EA7B22FEF523A3E197E5A8F59332D64E90376B6 ] C:\Windows\System32\drivers\dxgmms1.sys
00:33:43.0702 0x0e38  C:\Windows\System32\drivers\dxgmms1.sys - ok
00:33:43.0702 0x0e38  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] C:\Windows\System32\drivers\HECIx64.sys
00:33:43.0702 0x0e38  C:\Windows\System32\drivers\HECIx64.sys - ok
00:33:43.0718 0x0e38  [ 12FEB33791920678F8433701C822BCFD, 7D1AD944CF0532D5AF951ACCE064EA9288F068964603674854CD7658D2B96039 ] C:\Windows\System32\drivers\usbport.sys
00:33:43.0718 0x0e38  C:\Windows\System32\drivers\usbport.sys - ok
00:33:43.0718 0x0e38  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] C:\Windows\System32\drivers\hdaudbus.sys
00:33:43.0718 0x0e38  C:\Windows\System32\drivers\hdaudbus.sys - ok
00:33:43.0733 0x0e38  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] C:\Windows\System32\drivers\usbehci.sys
00:33:43.0733 0x0e38  C:\Windows\System32\drivers\usbehci.sys - ok
00:33:43.0749 0x0e38  [ 09A8BA290DB61D2D5C419A06A2E54D20, CE2C7FD288055526F708E751E9A837B04CE6213DD2294C4D9D535A2A8A94639A ] C:\Windows\System32\drivers\rtl8192Ce.sys
00:33:43.0749 0x0e38  C:\Windows\System32\drivers\rtl8192Ce.sys - ok
00:33:43.0749 0x0e38  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] C:\Windows\System32\drivers\i8042prt.sys
00:33:43.0749 0x0e38  C:\Windows\System32\drivers\i8042prt.sys - ok
00:33:43.0764 0x0e38  [ A4A9CA24E54E81C6C3E469EAEB4B3F42, FB6B72BF973EC2EE2D81AAAF47B030C0A5E7E7B079DAB257C52FEFC3F222CDC8 ] C:\Windows\System32\drivers\L1C62x64.sys
00:33:43.0764 0x0e38  C:\Windows\System32\drivers\L1C62x64.sys - ok
00:33:43.0764 0x0e38  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] C:\Windows\System32\drivers\vwifibus.sys
00:33:43.0764 0x0e38  C:\Windows\System32\drivers\vwifibus.sys - ok
00:33:43.0780 0x0e38  [ 4C120D2B2EA269EAE7A5744794EB6DB1, 11CD724908CB6327E4E8CFBC908B090AFC33B929FF0DBDC08D8368771E4AA0C9 ] C:\Windows\System32\drivers\ETD.sys
00:33:43.0780 0x0e38  C:\Windows\System32\drivers\ETD.sys - ok
00:33:43.0780 0x0e38  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] C:\Windows\System32\drivers\kbdclass.sys
00:33:43.0780 0x0e38  C:\Windows\System32\drivers\kbdclass.sys - ok
00:33:43.0796 0x0e38  [ E63EF8C3271D014F14E2469CE75FECB4, 3A8DFA4B446AFDC35F01FD5218D0BEBC510A1E3DE9976210F00D19767D0F9069 ] C:\Windows\System32\drivers\kbfiltr.sys
00:33:43.0796 0x0e38  C:\Windows\System32\drivers\kbfiltr.sys - ok
00:33:43.0811 0x0e38  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] C:\Windows\System32\drivers\mouclass.sys
00:33:43.0811 0x0e38  C:\Windows\System32\drivers\mouclass.sys - ok
00:33:43.0811 0x0e38  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] C:\Windows\System32\drivers\CmBatt.sys
00:33:43.0811 0x0e38  C:\Windows\System32\drivers\CmBatt.sys - ok
00:33:43.0827 0x0e38  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] C:\Windows\System32\drivers\GEARAspiWDM.sys
00:33:43.0827 0x0e38  C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
00:33:43.0827 0x0e38  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] C:\Windows\System32\drivers\intelppm.sys
00:33:43.0827 0x0e38  C:\Windows\System32\drivers\intelppm.sys - ok
00:33:43.0842 0x0e38  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] C:\Windows\System32\drivers\wmiacpi.sys
00:33:43.0842 0x0e38  C:\Windows\System32\drivers\wmiacpi.sys - ok
00:33:43.0858 0x0e38  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] C:\Windows\System32\drivers\agilevpn.sys
00:33:43.0858 0x0e38  C:\Windows\System32\drivers\agilevpn.sys - ok
00:33:43.0858 0x0e38  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] C:\Windows\System32\drivers\CompositeBus.sys
00:33:43.0858 0x0e38  C:\Windows\System32\drivers\CompositeBus.sys - ok
00:33:43.0874 0x0e38  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] C:\Windows\System32\drivers\rasl2tp.sys
00:33:43.0874 0x0e38  C:\Windows\System32\drivers\rasl2tp.sys - ok
00:33:43.0874 0x0e38  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] C:\Windows\System32\drivers\ndistapi.sys
00:33:43.0874 0x0e38  C:\Windows\System32\drivers\ndistapi.sys - ok
00:33:43.0889 0x0e38  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] C:\Windows\System32\drivers\ndiswan.sys
00:33:43.0889 0x0e38  C:\Windows\System32\drivers\ndiswan.sys - ok
00:33:43.0889 0x0e38  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] C:\Windows\System32\drivers\raspppoe.sys
00:33:43.0889 0x0e38  C:\Windows\System32\drivers\raspppoe.sys - ok
00:33:43.0905 0x0e38  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] C:\Windows\System32\drivers\raspptp.sys
00:33:43.0905 0x0e38  C:\Windows\System32\drivers\raspptp.sys - ok
00:33:43.0920 0x0e38  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] C:\Windows\System32\drivers\rassstp.sys
00:33:43.0920 0x0e38  C:\Windows\System32\drivers\rassstp.sys - ok
00:33:43.0920 0x0e38  [ 24FBF5CC5C04150073C315A7C83521EE, 581BD5F15B5E57B3BAA762E421FFD859FDA46DDB8515C2A7AAFF208D784E906C ] C:\Windows\System32\drivers\ks.sys
00:33:43.0920 0x0e38  C:\Windows\System32\drivers\ks.sys - ok
00:33:43.0936 0x0e38  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] C:\Windows\System32\drivers\swenum.sys
00:33:43.0936 0x0e38  C:\Windows\System32\drivers\swenum.sys - ok
00:33:43.0936 0x0e38  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] C:\Windows\System32\drivers\umbus.sys
00:33:43.0936 0x0e38  C:\Windows\System32\drivers\umbus.sys - ok
00:33:43.0952 0x0e38  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] C:\Windows\System32\drivers\usbhub.sys
00:33:43.0952 0x0e38  C:\Windows\System32\drivers\usbhub.sys - ok
00:33:43.0967 0x0e38  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] C:\Windows\System32\drivers\ndproxy.sys
00:33:43.0967 0x0e38  C:\Windows\System32\drivers\ndproxy.sys - ok
00:33:43.0967 0x0e38  [ 63A580C88CFAF72A92550940054569EF, A66C89123D1833446ACC31D5CF536B0D0EC24D2F805C022A637596CF98429D9F ] C:\Windows\System32\advapi32.dll
00:33:43.0967 0x0e38  C:\Windows\System32\advapi32.dll - ok
00:33:43.0983 0x0e38  [ E0D3CD5841E5C7BE7B94BA946AF1E498, 4EAE1B226255623DA41A047633994D6902F6D4CA5757BF5D85E227378336227F ] C:\Windows\System32\drivers\drmk.sys
00:33:43.0983 0x0e38  C:\Windows\System32\drivers\drmk.sys - ok
00:33:43.0983 0x0e38  [ 1E0B4CBBA91C6B041A14ECC2186F7E24, 63039A317F906454A0652704DA2D646658A148B9B55BFB5D2F4B27997F357DF9 ] C:\Windows\System32\drivers\portcls.sys
00:33:43.0983 0x0e38  C:\Windows\System32\drivers\portcls.sys - ok
00:33:43.0998 0x0e38  [ 02C93EBAA4421418411448FE7FDFD815, A80175A2E2814C6E5354F6365EDE47D212D109D5022A4AD9DD1099A68E30D32E ] C:\Windows\System32\drivers\RTKVHD64.sys
00:33:43.0998 0x0e38  C:\Windows\System32\drivers\RTKVHD64.sys - ok
00:33:43.0998 0x0e38  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] C:\Windows\System32\drivers\ksthunk.sys
00:33:43.0998 0x0e38  C:\Windows\System32\drivers\ksthunk.sys - ok
00:33:44.0014 0x0e38  [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] C:\Windows\System32\drivers\IntcDAud.sys
00:33:44.0014 0x0e38  C:\Windows\System32\drivers\IntcDAud.sys - ok
00:33:44.0014 0x0e38  [ AA2C08CE85653B1A0D2E4AB407FA176C, 83DFD0C119B20AEDB07114C9D1CF9CE2DFA938D0F1070256B0591A9E2C3997FA ] C:\Windows\System32\imm32.dll
00:33:44.0014 0x0e38  C:\Windows\System32\imm32.dll - ok
00:33:44.0030 0x0e38  [ 39EBB9708453036A74C30C9A294023FF, 2158C48C046F2FBDFEC2F449F8EBA376ED9086E427A4BEDE8033A29F7415753E ] C:\Windows\System32\wininet.dll
00:33:44.0030 0x0e38  C:\Windows\System32\wininet.dll - ok
00:33:44.0045 0x0e38  [ 088CF6AFCD5CDD44E40C0ACDE3C1A5E0, AC6AFCAE3A58AAABC972B3D6A1ED383A59910C689F38D9D4A059A0A535BA1039 ] C:\Windows\System32\usp10.dll
00:33:44.0045 0x0e38  C:\Windows\System32\usp10.dll - ok
00:33:44.0045 0x0e38  [ D2A513EE880D71BDE7F0257F38B9D019, 7BDBFEA312061C0498E4C09EF5E4B3AAA23309E7448028F67EAA6F8F7188E871 ] C:\Windows\System32\kernel32.dll
00:33:44.0045 0x0e38  C:\Windows\System32\kernel32.dll - ok
00:33:44.0061 0x0e38  [ EAF32CB8C1F810E4715B4DFBE785C7FF, DB6AD07FDED42433E669508AB73FAFF6DAFF04575D6F1D016FE3EB6ECEC4DD5D ] C:\Windows\System32\shlwapi.dll
00:33:44.0061 0x0e38  C:\Windows\System32\shlwapi.dll - ok
00:33:44.0061 0x0e38  [ 796B47A4B82EF1C39F13435B88834C48, AFC3E89476BAAD8A71663F0DB8D15E00FF9D131F1306A2F69D728E3AD1184602 ] C:\Windows\System32\lpk.dll
00:33:44.0061 0x0e38  C:\Windows\System32\lpk.dll - ok
00:33:44.0076 0x0e38  [ 5D8E6C95156ED1F79A63D1EADE6F9ED5, 12130837D7F89A2C7E9D25747A8E5B9001E0A38D545178B49B450C23AE62664A ] C:\Windows\System32\setupapi.dll
00:33:44.0076 0x0e38  C:\Windows\System32\setupapi.dll - ok
00:33:44.0076 0x0e38  [ AE57F6C7AB3ED244B5F14151C4EA0057, 60BAF0909C60B2387E2972EBBC77140E9E982549F0746EE26AF4EFB4E9FD77A4 ] C:\Windows\System32\shell32.dll
00:33:44.0076 0x0e38  C:\Windows\System32\shell32.dll - ok
00:33:44.0092 0x0e38  [ 860528C9E50AB84935843B23A80E665E, 1BBC4FC384A2C9B2E30DC8D84C435A6A8E1993F074CDBF0A6A3AC774A3E62AD4 ] C:\Windows\System32\gdi32.dll
00:33:44.0092 0x0e38  C:\Windows\System32\gdi32.dll - ok
00:33:44.0092 0x0e38  [ 6C60B5ACA7442EFB794082CDACFC001C, FC1D9124856A70FF232EF3057D66BEE803295847624CE23B4D0217F23AF52C75 ] C:\Windows\System32\ole32.dll
00:33:44.0108 0x0e38  C:\Windows\System32\ole32.dll - ok
00:33:44.0108 0x0e38  [ 4E4FFB09D895AA000DD56D1404F69A7E, D999E04BB35780088480EAB322176570591A21E311D204BDCAB010A63B34D24C ] C:\Windows\System32\Wldap32.dll
00:33:44.0108 0x0e38  C:\Windows\System32\Wldap32.dll - ok
00:33:44.0123 0x0e38  [ 75498A52C2AE248DEE5BDF5209768963, F200077B40B1B75004EE5436939C9E7F50871E824DDCC8403A6BA3823A2717D0 ] C:\Windows\System32\iertutil.dll
00:33:44.0123 0x0e38  C:\Windows\System32\iertutil.dll - ok
00:33:44.0123 0x0e38  [ F7CE0C81C545364020ED8203CF0A633E, 24B47A7492B7048096AF87E26786E8108455ADBD1A374B6A0466DE008505B8A9 ] C:\Windows\System32\difxapi.dll
00:33:44.0123 0x0e38  C:\Windows\System32\difxapi.dll - ok
00:33:44.0139 0x0e38  [ C391FC68282A000CDF953F8B6B55D2EF, 1CB0DAB84545D9FDEA5A7865A1E7132CEAC91DECF8B100285B63098D7B09E584 ] C:\Windows\System32\msvcrt.dll
00:33:44.0139 0x0e38  C:\Windows\System32\msvcrt.dll - ok
00:33:44.0139 0x0e38  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] C:\Windows\System32\drivers\cdfs.sys
00:33:44.0139 0x0e38  C:\Windows\System32\drivers\cdfs.sys - ok
00:33:44.0154 0x0e38  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] C:\Windows\System32\drivers\usbccgp.sys
00:33:44.0154 0x0e38  C:\Windows\System32\drivers\usbccgp.sys - ok
00:33:44.0154 0x0e38  [ FFA06EF43987ED0DD42AD59B260C0C78, 260518D5E077E55E0F2099037DBEFA93016FD4D4655456DDB3147AF9CBE7BF6B ] C:\Windows\System32\drivers\usbd.sys
00:33:44.0154 0x0e38  C:\Windows\System32\drivers\usbd.sys - ok
00:33:44.0170 0x0e38  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] C:\Windows\System32\drivers\usbvideo.sys
00:33:44.0170 0x0e38  C:\Windows\System32\drivers\usbvideo.sys - ok
00:33:44.0186 0x0e38  [ FECA80905D551074E1A9298BD98103B7, 5655D56CDDE306CB350EAF90CEFCAC645D13A6E0BF78DE9372039205AA9C7BD0 ] C:\Windows\System32\urlmon.dll
00:33:44.0186 0x0e38  C:\Windows\System32\urlmon.dll - ok
00:33:44.0186 0x0e38  [ 9835E63E09F824D22B689D2BB789BAB9, 5BCFFAFB894D69FBCDDB91E64D30A356F4BD57098E8B4C51B98AFAF6581BDB63 ] C:\Windows\System32\comdlg32.dll
00:33:44.0186 0x0e38  C:\Windows\System32\comdlg32.dll - ok
00:33:44.0201 0x0e38  [ 28C0B5024F5C5A438E78B188CFC81B7F, AB81FB63F2908CE316B45609077ACBD85F4B2AAD1606B1E9030F06DB82EDDFAD ] C:\Windows\System32\normaliz.dll
00:33:44.0201 0x0e38  C:\Windows\System32\normaliz.dll - ok
00:33:44.0201 0x0e38  [ C06B32165E23A72A898B7A89679AD754, 721405158F6E9F1A7FE7BB33EF642D91332726629D0D3B07DF3CF3152A91C85D ] C:\Windows\System32\oleaut32.dll
00:33:44.0201 0x0e38  C:\Windows\System32\oleaut32.dll - ok
00:33:44.0217 0x0e38  [ FE70103391A64039A921DBFFF9C7AB1B, F7D219D75037BC98F6C69143B00AB6000A31F8B5E211E0AF514F4F4B681522A0 ] C:\Windows\System32\user32.dll
00:33:44.0217 0x0e38  C:\Windows\System32\user32.dll - ok
00:33:44.0217 0x0e38  [ C431EAF5CAA1C82CAC2534A2EAB348A3, ADDF850128DC675E67FABA9A3D0D27E684F01F733962CA22927BB94503549E44 ] C:\Windows\System32\msctf.dll
00:33:44.0217 0x0e38  C:\Windows\System32\msctf.dll - ok
00:33:44.0232 0x0e38  [ 044FE45FFD6AD40E3BBBE60B7F41BABE, A1688A5E6E0F7037C850699462C2655006A7D873C97F9AB406C59D81749B6F09 ] C:\Windows\System32\nsi.dll
00:33:44.0232 0x0e38  C:\Windows\System32\nsi.dll - ok
00:33:44.0248 0x0e38  [ 83404DCBCE4925B6A5A77C5170F46D86, D669614D0B4461DB244AD99FBE1BA92CEB9B4ED5EC8E987E23764E77D9AC7074 ] C:\Windows\System32\sechost.dll
00:33:44.0248 0x0e38  C:\Windows\System32\sechost.dll - ok
00:33:44.0248 0x0e38  [ F947D57534E01E3CA597BCF2AD8AE65B, 498A87443CE3344F82B19D4903F128337B5B3DA49D3C208F796394DA6B3A8946 ] C:\Windows\System32\rpcrt4.dll
00:33:44.0248 0x0e38  C:\Windows\System32\rpcrt4.dll - ok
00:33:44.0264 0x0e38  [ 25983DE69B57142039AC8D95E71CD9C9, A677DA7EBCBCB6073D27E8A38809F51E971E83ED379BC599AAAD6EF4216348DA ] C:\Windows\System32\clbcatq.dll
00:33:44.0264 0x0e38  C:\Windows\System32\clbcatq.dll - ok
00:33:44.0264 0x0e38  [ B4F29F65AD3114051F01E9403346047F, 7EB58545211C51E95B3F45C47C1F7CCE05B707D168E7C20F46D36E19EE3D8DFC ] C:\Windows\System32\imagehlp.dll
00:33:44.0264 0x0e38  C:\Windows\System32\imagehlp.dll - ok
00:33:44.0279 0x0e38  [ F49E92B50CED5C9F1725D3C0329FD933, 6155FA4D8242F07FC578FF746890C2EE19FC3D6A20ED8AE4C6F021DB2DAC184F ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
00:33:44.0279 0x0e38  C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
00:33:44.0279 0x0e38  [ 0E6FBF19D9DFBB77316C23DF91F8A101, 680F88E1BC55EA3342AACE6F2E3511BF877AC8F03276D028FEE84EEFE8B5611A ] C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
00:33:44.0279 0x0e38  C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
00:33:44.0295 0x0e38  [ 4BBFA57F594F7E8A8EDC8F377184C3F0, 9F3AC5DEA5A6250C3DBB97AF79C81C0A48429486521F807355A1D7D3D861B75F ] C:\Windows\System32\ws2_32.dll
00:33:44.0295 0x0e38  C:\Windows\System32\ws2_32.dll - ok
00:33:44.0295 0x0e38  [ 72723D3E4781BADC62C3180C137E7B23, 0BDA5292928578C5DA79C761E15B8A892B9D4A3DA26D3635E714797C653CF492 ] C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
00:33:44.0295 0x0e38  C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll - ok
00:33:44.0310 0x0e38  [ 780F6ECC4F55D76C9730E6B6C9B31913, 1AEA642AFA210A672A92AAA49CFDE52D9E48ED41248F7644FAADE760E8A0E72E ] C:\Windows\System32\crypt32.dll
00:33:44.0310 0x0e38  C:\Windows\System32\crypt32.dll - ok
00:33:44.0326 0x0e38  [ 7A17485DC7D8A7AC81321A42CD034519, 88D8705FA901793FC8C1CFD0175E49A6502BF0FC94A066BA573D2FD13AA5F04A ] C:\Windows\System32\userenv.dll
00:33:44.0326 0x0e38  C:\Windows\System32\userenv.dll - ok
00:33:44.0326 0x0e38  [ 9028D1621C43DF8DFBD1C76860412A11, A1D48D9B33180BDE50D2FA9BB07E9520B7B7788C39B3AABB4A06AE4B1AACA755 ] C:\Windows\System32\comctl32.dll
00:33:44.0326 0x0e38  C:\Windows\System32\comctl32.dll - ok
00:33:44.0342 0x0e38  [ 851BB346CD59D9B3BC8854384C7DD5C3, 0CA1BCBDA6CB8CAC1186B3BE13C3937EDF46264FDFFCEBDF94C7EB10DE957DC6 ] C:\Windows\System32\KernelBase.dll
00:33:44.0342 0x0e38  C:\Windows\System32\KernelBase.dll - ok
00:33:44.0342 0x0e38  [ 959041D7014C97133D859B45BCA0FC58, 282D34828DA7404470949483CB9789A8B4861D188093F0FBD07138A37F60B94B ] C:\Windows\System32\wintrust.dll
00:33:44.0342 0x0e38  C:\Windows\System32\wintrust.dll - ok
00:33:44.0357 0x0e38  [ 64A4AB126E24FD3F58EBE64852773DB5, ED425BBC91EB8BEF54C363036A770C551C97EF324F1AE31049CA750D0E2D6776 ] C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
00:33:44.0357 0x0e38  C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
00:33:44.0373 0x0e38  [ AFC3DB5C6EB8CA8017DDB81D6C0AD02A, 445C2857398252756FD25BB94DAFCCEFF573DE55F1F8BF9094C191F409FE6437 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
00:33:44.0373 0x0e38  C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
00:33:44.0373 0x0e38  [ 2477A28081BDAEE622CF045ACF8EE124, 00A09CAF9129E84FEEA98FA03CE9012C9F961B64FEE15C4F268822C0F82ACC3C ] C:\Windows\System32\cfgmgr32.dll
00:33:44.0373 0x0e38  C:\Windows\System32\cfgmgr32.dll - ok
00:33:44.0388 0x0e38  [ 9094039A00485F71C4DE64BF51F64C46, 4ACFEF4C747ADF806A4FDEDDFD9CC48168DFB05075306C77D3F3927749DD7484 ] C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
00:33:44.0388 0x0e38  C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll - ok
00:33:44.0388 0x0e38  [ 06FEC9E8117103BB1141A560E98077DA, C5E61B11DDBBBBBA3D9488970524F0975EA5FBDF16E2FA31F579F8BFA48353B1 ] C:\Windows\System32\devobj.dll
00:33:44.0388 0x0e38  C:\Windows\System32\devobj.dll - ok
00:33:44.0404 0x0e38  [ 884415BD4269C02EAF8E2613BF85500D, EFE771709EC942694FD206AC8D0A48ED7DCD35036F074268E4AECD68AC982CEA ] C:\Windows\System32\msasn1.dll
00:33:44.0404 0x0e38  C:\Windows\System32\msasn1.dll - ok
00:33:44.0404 0x0e38  [ 2C942733A5983DD4502219FF37C7EBC7, 34B20B6B0D7274E4B5B783F1D2345BC3DD9888964D5C2C65712F041A00CF5B45 ] C:\Windows\System32\profapi.dll
00:33:44.0404 0x0e38  C:\Windows\System32\profapi.dll - ok
00:33:44.0420 0x0e38  [ 9C278785347BCC991F8EA2999D90F58D, EA680C3642A6ABF627415AEE019956FAC702DC6A8F4B4D0FC8A4FB21EADD3896 ] C:\Windows\SysWOW64\normaliz.dll
00:33:44.0420 0x0e38  C:\Windows\SysWOW64\normaliz.dll - ok
00:33:44.0435 0x0e38  [ BF24D6F2ED97FE830BFD52B246F98E67, 6BBF4C4221A245462EF653798F6B416EEB12594AD1CB4E8BC8908A8CB2F53384 ] C:\Windows\System32\drivers\dxapi.sys
00:33:44.0435 0x0e38  C:\Windows\System32\drivers\dxapi.sys - ok
00:33:44.0435 0x0e38  [ A347EF56B7CD8360B3EF7772FEA597B9, 29FD47110ED21C4F0178C065AD05789A8387B6704CE1BA94C851C9785662CF95 ] C:\Windows\System32\win32k.sys
00:33:44.0435 0x0e38  C:\Windows\System32\win32k.sys - ok
00:33:44.0451 0x0e38  [ 216BABD555BC550952320EEA89C25DDF, 1BBB92415280032CD18F361382A69D0D91266AAD56FC88A99C804B0053743D72 ] C:\Windows\System32\csrsrv.dll
00:33:44.0451 0x0e38  C:\Windows\System32\csrsrv.dll - ok
00:33:44.0451 0x0e38  [ 60C2862B4BF0FD9F582EF344C2B1EC72, CB1C6018FC5C15483AC5BB96E5C2E2E115BB0C0E1314837D77201BAB37E8C03A ] C:\Windows\System32\csrss.exe
00:33:44.0451 0x0e38  C:\Windows\System32\csrss.exe - ok
00:33:44.0466 0x0e38  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\System32\basesrv.dll
00:33:44.0466 0x0e38  C:\Windows\System32\basesrv.dll - ok
00:33:44.0466 0x0e38  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\System32\winsrv.dll
00:33:44.0466 0x0e38  C:\Windows\System32\winsrv.dll - ok
00:33:44.0482 0x0e38  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] C:\Windows\System32\drivers\monitor.sys
00:33:44.0482 0x0e38  C:\Windows\System32\drivers\monitor.sys - ok
00:33:44.0498 0x0e38  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\System32\sxssrv.dll
00:33:44.0498 0x0e38  C:\Windows\System32\sxssrv.dll - ok
00:33:44.0498 0x0e38  [ F29FE765E1448EF371CFE05BFAC74ADB, F251581222D78543272FD4B14A6A59F4B0E0CC44A5FCBCF56DE4CA5783F78A75 ] C:\Windows\System32\tsddd.dll
00:33:44.0498 0x0e38  C:\Windows\System32\tsddd.dll - ok
00:33:44.0513 0x0e38  [ 94355C28C1970635A31B3FE52EB7CEBA, C4E98F07170CEC69CACDD5CEDB8927E48A2A299CB1B8CDA87526E768AF6174F0 ] C:\Windows\System32\wininit.exe
00:33:44.0513 0x0e38  C:\Windows\System32\wininit.exe - ok
00:33:44.0513 0x0e38  [ 943F527DF79E6B400104341AA7023C75, 53C7B9426181D3D172E6B1A07E6DF8A0CB8FCA27D3A03CE5F544D3209B5F4651 ] C:\Windows\System32\cdd.dll
00:33:44.0513 0x0e38  C:\Windows\System32\cdd.dll - ok
00:33:44.0529 0x0e38  [ 78523A26F5604C0568FE9D1CE86E36F4, 534A7228BF69719106F581616A32EAEF0B770DDB36DCE94F84E7D52FDB1382B5 ] C:\Windows\System32\KBDUS.DLL
00:33:44.0529 0x0e38  C:\Windows\System32\KBDUS.DLL - ok
00:33:44.0529 0x0e38  [ C2A8CB1275ECB85D246A9ECC02A728E3, 3603FADCA0060BD201148F9D59E4E2627F024609A6463AB525B5D1AD17BDCD10 ] C:\Windows\System32\RpcRtRemote.dll
00:33:44.0529 0x0e38  C:\Windows\System32\RpcRtRemote.dll - ok
00:33:44.0544 0x0e38  [ B26B1801356760841C3BC69F9F91537F, 83B9DF333E36C09E81D44E12AE5BE14650126FDA0CF4A0EA853BF40C5780EF81 ] C:\Windows\System32\WlS0WndH.dll
00:33:44.0544 0x0e38  C:\Windows\System32\WlS0WndH.dll - ok
00:33:44.0544 0x0e38  [ 9CEAD32E79A62150FE9F8557E58E008B, AFE4C1725EE94D7DE0749AE1495A4E5CC33C369F29B2A589DA66FFE27FF9777E ] C:\Windows\System32\sxs.dll
00:33:44.0544 0x0e38  C:\Windows\System32\sxs.dll - ok
00:33:44.0560 0x0e38  [ 784FA3DF338E2E8F5F0389D6FAC428AF, 9C8AA0CFDEB9E38AAF8EB08626070E0F0364F4F8A793CFE3532EC6C007980C34 ] C:\Windows\System32\cryptbase.dll
00:33:44.0560 0x0e38  C:\Windows\System32\cryptbase.dll - ok
00:33:44.0560 0x0e38  [ 90499F3163A9F815CF196A205EA3CD5D, 29B4ED3795CEC1177EB367132914CE21C194CDEC5DB9DC923FD928C85E94D821 ] C:\Windows\System32\apphelp.dll
00:33:44.0560 0x0e38  C:\Windows\System32\apphelp.dll - ok
00:33:44.0576 0x0e38  [ 88AB9B72B4BF3963A0DE0820B4B0B06C, 29EFEADCB26E408CD41492FCEC6D411A018099D6FF5ECA9526ED59564975F3E6 ] C:\Windows\System32\winlogon.exe
00:33:44.0576 0x0e38  C:\Windows\System32\winlogon.exe - ok
00:33:44.0591 0x0e38  [ EE4B105F1DBE1E864AFC72E7F0315432, 0E69A25BA7ED920B3103F219D3BF117D8CEFBD4DC74C762945AE291D24772FAD ] C:\Windows\System32\lsasrv.dll
00:33:44.0591 0x0e38  C:\Windows\System32\lsasrv.dll - ok
00:33:44.0591 0x0e38  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] C:\Windows\System32\lsass.exe
00:33:44.0591 0x0e38  C:\Windows\System32\lsass.exe - ok
00:33:44.0607 0x0e38  [ 9662EE182644511439F1C53745DC1C88, D205B2C163E78AB42A5D67D7664EF6B75EA0374FF0924467D624F9DB0611F0AD ] C:\Windows\System32\lsm.exe
00:33:44.0607 0x0e38  C:\Windows\System32\lsm.exe - ok
00:33:44.0607 0x0e38  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\System32\services.exe
00:33:44.0607 0x0e38  C:\Windows\System32\services.exe - ok
00:33:44.0622 0x0e38  [ C072064F95579C0D6D86AF5B3DC53192, CF4A088DF97F4D4963BEAB9CBDBF69FEA2D4773159054A0AF8B8DFFDF83E18DA ] C:\Windows\System32\sspicli.dll
00:33:44.0622 0x0e38  C:\Windows\System32\sspicli.dll - ok
00:33:44.0622 0x0e38  [ 8098627D0AA1706D69C5AF3F74332ABB, 9582F6162A8405DC568FFBEA08A9090FE92FE2C9DB640077BD7F23AC4FABF700 ] C:\Windows\System32\sspisrv.dll
00:33:44.0622 0x0e38  C:\Windows\System32\sspisrv.dll - ok
00:33:44.0638 0x0e38  [ 0D9764D58C5EFD672B7184854B152E5E, 9827B43DABBEC39AB2E2294408D9C5304EF27A684903C5234C6070387723D49E ] C:\Windows\System32\winsta.dll
00:33:44.0638 0x0e38  C:\Windows\System32\winsta.dll - ok
00:33:44.0638 0x0e38  [ BBCDF350817BA86416C0F06B6981BE8D, D064438F97852B9BD6015C8B19377C61C671E0969E09506B8359FE7B1F373A61 ] C:\Windows\System32\scesrv.dll
00:33:44.0638 0x0e38  C:\Windows\System32\scesrv.dll - ok
00:33:44.0654 0x0e38  [ E914A50A151DFFE63D3935226DB5E2C1, 7DCCE4060344E1C771679F1C20378A0BEB3C1F06DB684072F07B98921A62A299 ] C:\Windows\System32\scext.dll
00:33:44.0654 0x0e38  C:\Windows\System32\scext.dll - ok
00:33:44.0669 0x0e38  [ 39312B37C5FE5138F99680A49ACD3AEA, B9566B4117FBBECF77A0D3F49E9DF302088B9D483F817720B22E4F9C5754264A ] C:\Windows\System32\secur32.dll
00:33:44.0669 0x0e38  C:\Windows\System32\secur32.dll - ok
00:33:44.0669 0x0e38  [ 68083118797CAF30FB2EA3E71494D67E, 5F1BCDFCB00A20CD60CBC70A2FD97405EF0F7173DD0E404BBA7B06D39DB37364 ] C:\Windows\System32\sysntfy.dll
00:33:44.0669 0x0e38  C:\Windows\System32\sysntfy.dll - ok
00:33:44.0685 0x0e38  [ DEE7267C5D232A3B816866872CE199E6, A1994FD37667C52E7CBF873514C190DA61A3D1349786D187BFAE0006F61799AE ] C:\Windows\System32\wmsgapi.dll
00:33:44.0685 0x0e38  C:\Windows\System32\wmsgapi.dll - ok
00:33:44.0700 0x0e38  [ 3A9C9BAF610B0DD4967086040B3B62A9, E8E9A0F42B1EE7806EDCEED08AA024D037215D06CA317E3678BD5364AD513D23 ] C:\Windows\System32\srvcli.dll
00:33:44.0700 0x0e38  C:\Windows\System32\srvcli.dll - ok
00:33:44.0700 0x0e38  [ A744BA6E04C8AA4592818178DBF89521, 9E7C85D842DF16F9B8FED7B06AF309B5ECCBFD465F5552347D4C3F1FEFDC6F7A ] C:\Windows\System32\samsrv.dll
00:33:44.0700 0x0e38  C:\Windows\System32\samsrv.dll - ok
00:33:44.0716 0x0e38  [ 3A061472B38233BAFF9CFEFF2E49C46B, DF29B14C8D22A8A16AA336A09A6152E2C7FCA6CAF4E76F0C5DCB55BEF9D00515 ] C:\Windows\System32\cryptdll.dll
00:33:44.0716 0x0e38  C:\Windows\System32\cryptdll.dll - ok
00:33:44.0716 0x0e38  [ 3C073B0C596A0AF84933E7406766B040, 4698BBA678F553E15AD4B07AD7FB236281F872DEFEE97BFD637114476C8F97B3 ] C:\Windows\System32\wevtapi.dll
00:33:44.0716 0x0e38  C:\Windows\System32\wevtapi.dll - ok
00:33:44.0732 0x0e38  [ 7FBEBD2229EA5FD48D41B199EC2D541C, A465975D445A8D50CAF3EF29BD33354B320D11173C127BE30D5EBBFF7008CDCE ] C:\Windows\System32\authz.dll
00:33:44.0732 0x0e38  C:\Windows\System32\authz.dll - ok
00:33:44.0747 0x0e38  [ 86FE1B1F8FD42CD0DB641AB1CDB13093, 8C4BB4415105CE82FFFE658879EAE9D259A24C0F6DFC7D25507352DC99241BE2 ] C:\Windows\System32\cngaudit.dll
00:33:44.0747 0x0e38  C:\Windows\System32\cngaudit.dll - ok
00:33:44.0747 0x0e38  [ E23BA7A7BD97FC6B8AB5EA32A46D05CD, 593564F84B36451A5CDCA9B04DCFC7886DB124F7CA95464B67B1E65E041A1EC6 ] C:\Windows\System32\ncrypt.dll
00:33:44.0747 0x0e38  C:\Windows\System32\ncrypt.dll - ok
00:33:44.0763 0x0e38  [ B9A95365E52F421A20E1501935FADDA5, DDB4CB575139233EFAF2C59B7E9B04AF36BBCCC63190181F3B2A7E6BFC86E77E ] C:\Windows\System32\bcrypt.dll
00:33:44.0763 0x0e38  C:\Windows\System32\bcrypt.dll - ok
00:33:44.0778 0x0e38  [ 02B64609F865A39365FF88580DF11738, 2F676B93898E1B6131AF6227BB7AB731EB9C29477F9BD4C2C60F0FC1E35CD968 ] C:\Windows\System32\msprivs.dll
00:33:44.0778 0x0e38  C:\Windows\System32\msprivs.dll - ok
00:33:44.0778 0x0e38  [ C6505DE3561537BA1004D638C2F93F2F, 3E4FDF374B1A9E43A8F61FD2D79E0515390ECABFDAF72C4BD44A7B6429039AF6 ] C:\Windows\System32\netjoin.dll
00:33:44.0778 0x0e38  C:\Windows\System32\netjoin.dll - ok
00:33:44.0794 0x0e38  [ 50532FCD7ECF02DD169CE5C485F02534, 8EE5D9D0EA53DC72BCC300692E521ACADD56AB09BFA3E78149D8B5A90648512C ] C:\Windows\System32\negoexts.dll
00:33:44.0794 0x0e38  C:\Windows\System32\negoexts.dll - ok
00:33:44.0794 0x0e38  [ 33EF550DCCC58C93F5B65FD75BAD9832, 904DA99D4CBE5904E8D2580077FBB8909A44147F95492929D9A7A581C06645A8 ] C:\Windows\System32\kerberos.dll
00:33:44.0794 0x0e38  C:\Windows\System32\kerberos.dll - ok
00:33:44.0810 0x0e38  [ D0C2FBB6D97416B0166478FC7AE2B212, 7EAB6C37F0A845E645CA44CC060AC6C56E386C7EF7A64716C6786C9602AD8C9D ] C:\Windows\System32\cryptsp.dll
00:33:44.0810 0x0e38  C:\Windows\System32\cryptsp.dll - ok
00:33:44.0810 0x0e38  [ 9A9F9F1A77D6A80EE28B57664F00013E, 0D441638E086EF1342FCDC43E826BF9E9CC6B2E8AE100D89BFC70163F987DE91 ] C:\Windows\System32\mswsock.dll
00:33:44.0810 0x0e38  C:\Windows\System32\mswsock.dll - ok
00:33:44.0825 0x0e38  [ 7D1017ED11B7C3B162628069742B5E58, 0553ABF5C84469370748CA2496BA82655039E5048980C675742A88B761DED967 ] C:\Windows\System32\msv1_0.dll
00:33:44.0825 0x0e38  C:\Windows\System32\msv1_0.dll - ok
00:33:44.0825 0x0e38  [ EC7CBFF96B05ECF3D366355B3C64ADCF, F69ED45EBEDCA9CF000AC03281F0EC2C351F98513FBA90E63394E4E561D6C7A2 ] C:\Windows\System32\wship6.dll
00:33:44.0825 0x0e38  C:\Windows\System32\wship6.dll - ok
00:33:44.0841 0x0e38  [ AA339DD8BB128EF66660DFBBB59043D3, 76D9F849AFDDA38E04549EB67B4163478776F1B6EF46434168278F84FEB8FC5C ] C:\Windows\System32\netlogon.dll
00:33:44.0841 0x0e38  C:\Windows\System32\netlogon.dll - ok
00:33:44.0856 0x0e38  [ 492D07D79E7024CA310867B526D9636D, F2FE647AB85C6C3C1AA3DF4BCE6E4D42B9676C9D837E11388C235AE8DB20044F ] C:\Windows\System32\dnsapi.dll
00:33:44.0856 0x0e38  C:\Windows\System32\dnsapi.dll - ok
00:33:44.0856 0x0e38  [ 8FFE297B8449386E7B6851458B6E474E, E149B37E11091D69D926242517E5655596594A6F01FEF06EB65D6BA5B354E326 ] C:\Windows\System32\logoncli.dll
00:33:44.0856 0x0e38  C:\Windows\System32\logoncli.dll - ok
00:33:44.0872 0x0e38  [ E8E98B3B7A6E1250F4AA7AF8FA17D5BB, 36EA8779A04E40B93961C8F4B1B6FF7E26254D38B30EA9B1031066B3FC02A776 ] C:\Windows\System32\schannel.dll
00:33:44.0872 0x0e38  C:\Windows\System32\schannel.dll - ok
00:33:44.0872 0x0e38  [ BFC98590EAB40C785D6134B1FA818A62, 3A0136DE59815C36ADD2E960D610371733B119635D2EBA15588DB62A05B928C8 ] C:\Windows\System32\wdigest.dll
00:33:44.0872 0x0e38  C:\Windows\System32\wdigest.dll - ok
00:33:44.0888 0x0e38  [ 5D8874A8C11DDDDE29E12DE0E2013493, 3E9A57137BF622AF83E3E4D58971E2C0200559CCA7545D16CF263AA03EE9C7D2 ] C:\Windows\System32\rsaenh.dll
00:33:44.0888 0x0e38  C:\Windows\System32\rsaenh.dll - ok
00:33:44.0888 0x0e38  [ E08088A97F95345E181C3DFCE2C615EF, DEF3B087DF5E10E4F8418029DB6E82546E62FEFA39694B7BD6A48CE8AAFD1B96 ] C:\Windows\System32\pku2u.dll
00:33:44.0888 0x0e38  C:\Windows\System32\pku2u.dll - ok
00:33:44.0903 0x0e38  [ 79EE13A5A406E4603874686B8005DA72, 3FC9C9463AFF70D9778C9CEDFCE6CEFDEE342A13BDE8EF2FF0420FE48421412B ] C:\Windows\System32\TSpkg.dll
00:33:44.0903 0x0e38  C:\Windows\System32\TSpkg.dll - ok
00:33:44.0903 0x0e38  [ D6C7780A364C6BBACFA796BAB9F1B374, 3B5ED1A030BFD0BB73D4FFCD67A6A0B8501EF70293F223EFAA12F430ADF270F9 ] C:\Windows\System32\bcryptprimitives.dll
00:33:44.0903 0x0e38  C:\Windows\System32\bcryptprimitives.dll - ok
00:33:44.0919 0x0e38  [ C9DD5C0D5AF2D7A54BA32E8FBD3B67F1, 1EDB25297A9C8A87A7F33A9E9C5148F476D74BBDBF272036E5ACA46355D4A866 ] C:\Windows\System32\credssp.dll
00:33:44.0919 0x0e38  C:\Windows\System32\credssp.dll - ok
00:33:44.0934 0x0e38  [ 90BDEFC5DF334E5100EAA781D798DE1A, F48B650D811B6D57D2252E326C0C9CC74534BE9D510E7D3403F91D1C5C36281E ] C:\Windows\System32\efslsaext.dll
00:33:44.0934 0x0e38  C:\Windows\System32\efslsaext.dll - ok
00:33:44.0934 0x0e38  [ ED78427259134C63ED69804D2132B86C, F6F51B8B35881ABCA5580ED111AAC80E466E6474ABAE31EC8BE46C23EDCA77B2 ] C:\Windows\System32\scecli.dll
00:33:44.0934 0x0e38  C:\Windows\System32\scecli.dll - ok
00:33:44.0950 0x0e38  [ 7CC7DF5B654DA579613F811D8C637E29, 70EAC059C1ED814810C75DBB9F4D188428CB942FFD8869D692158D384EB6BB35 ] C:\Windows\System32\ubpm.dll
00:33:44.0950 0x0e38  C:\Windows\System32\ubpm.dll - ok
00:33:44.0950 0x0e38  [ C78655BC80301D76ED4FEF1C1EA40A7D, 93B2ED4004ED5F7F3039DD7ECBD22C7E4E24B6373B4D9EF8D6E45A179B13A5E8 ] C:\Windows\System32\svchost.exe
00:33:44.0950 0x0e38  C:\Windows\System32\svchost.exe - ok
00:33:44.0966 0x0e38  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] C:\Windows\System32\umpnpmgr.dll
00:33:44.0966 0x0e38  C:\Windows\System32\umpnpmgr.dll - ok
00:33:44.0966 0x0e38  [ E6EB44ABAAF1F330119F854856C53EBE, 77279972FFBFA984578DD4F17EB615F5D2D93590AF3A9FEFEFDB9128206C9887 ] C:\Windows\System32\SPInf.dll
00:33:44.0966 0x0e38  C:\Windows\System32\SPInf.dll - ok
00:33:44.0981 0x0e38  [ CD1B5AD07E5F7FEF30E055DCC9E96180, 63C58551F32B0B09377F64A6AE1FA81AF93B8A707A57A8C18722086906AD3046 ] C:\Windows\System32\devrtl.dll
00:33:44.0981 0x0e38  C:\Windows\System32\devrtl.dll - ok
00:33:44.0997 0x0e38  [ 9C9307C95671AC962F3D6EB3A4A89BAE, D1433791C9B8BCEEAD8937EC18D33E89E4E2012B5975228A8500FD141BC30078 ] C:\Windows\System32\gpapi.dll
00:33:44.0997 0x0e38  C:\Windows\System32\gpapi.dll - ok
00:33:44.0997 0x0e38  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] C:\Windows\System32\umpo.dll
00:33:44.0997 0x0e38  C:\Windows\System32\umpo.dll - ok
00:33:45.0012 0x0e38  [ F6C011B46FAEEF33536B2E80F48B5CBE, BDD149D3D6F9F6C8F6F34C311219BE5618CEEFBC7D35E37473A47F1D5D015067 ] C:\Windows\System32\pcwum.dll
00:33:45.0012 0x0e38  C:\Windows\System32\pcwum.dll - ok
00:33:45.0012 0x0e38  [ 716175021BDA290504CE434273F666BC, FA18CA2D8A5F4335E051E2933147D3C1E7308F7D446E2AEB6596CDEF6E2AFC88 ] C:\Windows\System32\powrprof.dll
00:33:45.0012 0x0e38  C:\Windows\System32\powrprof.dll - ok
00:33:45.0028 0x0e38  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] C:\Windows\System32\drivers\luafv.sys
00:33:45.0028 0x0e38  C:\Windows\System32\drivers\luafv.sys - ok
00:33:45.0028 0x0e38  [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] C:\Windows\System32\drivers\Sftvollh.sys
00:33:45.0028 0x0e38  C:\Windows\System32\drivers\Sftvollh.sys - ok
00:33:45.0044 0x0e38  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] C:\Windows\System32\rpcss.dll
00:33:45.0044 0x0e38  C:\Windows\System32\rpcss.dll - ok
00:33:45.0044 0x0e38  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] C:\Windows\System32\RpcEpMap.dll
00:33:45.0044 0x0e38  C:\Windows\System32\RpcEpMap.dll - ok
00:33:45.0059 0x0e38  [ 31559F3244C6BC00A52030CAA83B6B91, B2025742B5F0025ACE9821D5722DE3F997EEEAB21D2F381C9E307882DF422579 ] C:\Windows\System32\WSHTCPIP.DLL
00:33:45.0059 0x0e38  C:\Windows\System32\WSHTCPIP.DLL - ok
00:33:45.0075 0x0e38  [ 16E964ABF6D1E0F0CC7822FCA9BA754D, 0E461387ACFD641DA22EE542A3C68AF5F7D3A7F967D974E3B198143D461ABE39 ] C:\Windows\System32\wshqos.dll
00:33:45.0075 0x0e38  C:\Windows\System32\wshqos.dll - ok
00:33:45.0075 0x0e38  [ 19A47185AE12414F918A074048CB9EBC, DFEA9E3F74CDF4216E08C3C72A04F8217B0025E6026E9098645F6C2659906015 ] C:\Program Files\Microsoft Security Client\MpSvc.dll
00:33:45.0075 0x0e38  C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
00:33:45.0090 0x0e38  [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
00:33:45.0090 0x0e38  C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
00:33:45.0090 0x0e38  [ 9AD9E06F8656F296D91FAE8EE5B95A27, 53384747D5864D699BCC4F48E0A5E656430EDAA65DCDAB4B11EA68FC7106459E ] C:\Windows\System32\FirewallAPI.dll
00:33:45.0090 0x0e38  C:\Windows\System32\FirewallAPI.dll - ok
00:33:45.0106 0x0e38  [ 94E026870A55AAEAFF7853C1754091E9, B2F5D5629D12BDFA98DBED3898368F37D9009C7531B6909C7285A2C11C9A0F93 ] C:\Windows\System32\version.dll
00:33:45.0106 0x0e38  C:\Windows\System32\version.dll - ok
00:33:45.0106 0x0e38  [ 715F03B4C7223349768013EA95D9E5B7, 09AB0535A54C2E2962F0FD06988D99060F8CECA39B07AC00A63204C773B95893 ] C:\Windows\System32\LogonUI.exe
00:33:45.0106 0x0e38  C:\Windows\System32\LogonUI.exe - ok
00:33:45.0122 0x0e38  [ 685D87C61FEA48ADDAE4C5352B30E27D, 7CDEB3D277EAECBCE436C06BA9813ECE2223ABEFF8B61D53D5272339B57851D4 ] C:\Program Files\Microsoft Security Client\MpClient.dll
00:33:45.0122 0x0e38  C:\Program Files\Microsoft Security Client\MpClient.dll - ok
00:33:45.0122 0x0e38  [ 5DFFC12BF7DB53BDB401804A3C3A475E, DEACB4BFF904AD77389A8326BFCF12A490E1A7A10B68049D253552F1FC630FA3 ] C:\Windows\System32\authui.dll
00:33:45.0122 0x0e38  C:\Windows\System32\authui.dll - ok
00:33:45.0137 0x0e38  [ BD3674BE7FC9D8D3732C83E8499576ED, E6716A5895D629263A4D21959F48840429AB6F4B55A5FA2663EE5E86C9CA2BF1 ] C:\Windows\System32\wtsapi32.dll
00:33:45.0137 0x0e38  C:\Windows\System32\wtsapi32.dll - ok
00:33:45.0153 0x0e38  [ 1F4492FE41767CDB8B89D17655847CDD, 184547FAC0C3D7148FAA3F601929A7089DE393BD19929A137DAD743331DD3F77 ] C:\Windows\System32\ntmarta.dll
00:33:45.0153 0x0e38  C:\Windows\System32\ntmarta.dll - ok
00:33:45.0153 0x0e38  [ B3BFBD758506ECB50C5804AAA76318F9, 34E079A6AB2D41D1E0B3887B6AE31C43941061B7176FFF2801C3F465C2C89578 ] C:\Windows\System32\cryptui.dll
00:33:45.0153 0x0e38  C:\Windows\System32\cryptui.dll - ok
00:33:45.0168 0x0e38  [ 7FA8FDC2C2A27817FD0F624E78D3B50C, 7B63F6AA2CD6D4D07EA3C595B868B1A0749BB11620027A2BD9B935E3055481E4 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
00:33:45.0168 0x0e38  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
00:33:45.0168 0x0e38  [ 5B3EBFC3DA142324B388DDCC4465E1FF, 5D58642305311F9BC9B779C9598BFC4E7433B3EA58404BF1FF9466838A2328C7 ] C:\Windows\System32\samlib.dll
00:33:45.0168 0x0e38  C:\Windows\System32\samlib.dll - ok
00:33:45.0184 0x0e38  [ 4E9C2DB10F7E6AE91BF761139D4B745B, 8F63F78294F5585D599A114AF449DCC447CCB239D0F0B490BFE6B34A2146E730 ] C:\Windows\System32\shacct.dll
00:33:45.0184 0x0e38  C:\Windows\System32\shacct.dll - ok
00:33:45.0184 0x0e38  [ F06BB4E336EA57511FDBAFAFCC47DE62, BE43EC62548E9FF89A9495A1722E22DBB76EEC3764F86E64057B636F27D15765 ] C:\Windows\System32\propsys.dll
00:33:45.0184 0x0e38  C:\Windows\System32\propsys.dll - ok
00:33:45.0200 0x0e38  [ E6737687B7587339D1A6473117159F40, 9F2FAA2A729F98C8633C147ABD333B8EECB5A37A45E5D5ED469140222CB189D6 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
00:33:45.0200 0x0e38  C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
00:33:45.0215 0x0e38  [ 6011714C8C5C55CBFFAD24D61E879FBD, 75D615082A1C71C6ED3ABB49EDAF660EE538D112CF79B9C8AF0A583D1CE1BBB0 ] C:\Windows\System32\wevtsvc.dll
00:33:45.0215 0x0e38  C:\Windows\System32\wevtsvc.dll - ok
00:33:45.0215 0x0e38  [ 79B27F0DB10D1FF517F02F792830E538, 703025147FFBA95B865993F0AA7A1EFD769535FEDEFD305005ADFCCFAFDB61BC ] C:\Program Files\Microsoft Security Client\MpCommu.dll
00:33:45.0215 0x0e38  C:\Program Files\Microsoft Security Client\MpCommu.dll - ok
00:33:45.0231 0x0e38  [ 58F4493BF748A3A89689997B7BD00E95, EC5DEEC73E357C7C87B001275C4E635011A9CF39419F2B86E2C2B8D7E388C551 ] C:\Windows\System32\winhttp.dll
00:33:45.0231 0x0e38  C:\Windows\System32\winhttp.dll - ok
00:33:45.0231 0x0e38  [ D29E998E8277666982B4F0303BF4E7AF, 4F19AB5DC173E278EBE45832F6CEAA40E2DF6A2EDDC81B2828122442FE5D376C ] C:\Windows\System32\uxtheme.dll
00:33:45.0231 0x0e38  C:\Windows\System32\uxtheme.dll - ok
00:33:45.0246 0x0e38  [ 603EBD34E216C5654A2D774EAC98D278, ACE0171BB780DB2C1B1A8BF6FA8CF51C529D7E09141FA504C7199AF764FD9A36 ] C:\Windows\System32\webio.dll
00:33:45.0246 0x0e38  C:\Windows\System32\webio.dll - ok
00:33:45.0262 0x0e38  [ A9A87481B1A6589898C1DAB37C03E4AB, 803DB46E9FEE4E45B63A13A8CE3E589D7498532B8A7D8C3424E210E6A9AAC61F ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18455_none_2b283fd671e9bf4d\GdiPlus.dll
00:33:45.0262 0x0e38  C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18455_none_2b283fd671e9bf4d\GdiPlus.dll - ok
00:33:45.0262 0x0e38  [ 1AAA3704C352767FA96FBCB2F44420FA, C492CA0D7CCEE0D0A69CC9632C67EEABD08A77FB1E1522DFA3F7303E09983FE0 ] C:\Program Files\Microsoft Security Client\MpRTP.dll
00:33:45.0262 0x0e38  C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
00:33:45.0278 0x0e38  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] C:\Windows\System32\audiosrv.dll
00:33:45.0278 0x0e38  C:\Windows\System32\audiosrv.dll - ok
00:33:45.0278 0x0e38  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] C:\Windows\System32\profsvc.dll
00:33:45.0278 0x0e38  C:\Windows\System32\profsvc.dll - ok
00:33:45.0293 0x0e38  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] C:\Windows\System32\FntCache.dll
00:33:45.0293 0x0e38  C:\Windows\System32\FntCache.dll - ok
00:33:45.0293 0x0e38  [ 588CD0C78A7FAAE4186B5EEA0AF3ED67, E957E4463D318A44BA5109EE3428624DE901C5FF2BA358986DF6C6F059DDBCC2 ] C:\Windows\System32\adtschema.dll
00:33:45.0293 0x0e38  C:\Windows\System32\adtschema.dll - ok
00:33:45.0309 0x0e38  [ 78A1E65207484B7F8D3217507745F47C, 35F413ADB9D157F3666DD15DD58104D629CD9143198A1AB914B73A4A3C9903DD ] C:\Windows\System32\avrt.dll
00:33:45.0309 0x0e38  C:\Windows\System32\avrt.dll - ok
00:33:45.0324 0x0e38  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] C:\Windows\System32\mmcss.dll
00:33:45.0324 0x0e38  C:\Windows\System32\mmcss.dll - ok
00:33:45.0324 0x0e38  [ F3D202F53A222D5F6944D459B73CF967, E9F1D48EB333D32331BCFD0348FE07BEE7D5352292E6020571DA395F596AFFE7 ] C:\Windows\System32\fltLib.dll
00:33:45.0324 0x0e38  C:\Windows\System32\fltLib.dll - ok
00:33:45.0340 0x0e38  [ 5DD8C3863757690D38BA3A487559CA5A, 062AF2721E1847FD000E1D8AD71A1F0EF4B830506E4680D3BF79FFE4BB3C0ACA ] C:\Program Files\Microsoft Security Client\MsMpLics.dll
00:33:45.0340 0x0e38  C:\Program Files\Microsoft Security Client\MsMpLics.dll - ok
00:33:45.0340 0x0e38  [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] C:\Windows\System32\drivers\MpFilter.sys
00:33:45.0340 0x0e38  C:\Windows\System32\drivers\MpFilter.sys - ok
00:33:45.0356 0x0e38  [ 227E2C382A1E02F8D4965E664D3BBE43, 1CFF20A8BF87ACE4FA4935EBEED72BFB1A1FE902A754899E2F50798D67DF5642 ] C:\Windows\System32\MMDevAPI.dll
00:33:45.0356 0x0e38  C:\Windows\System32\MMDevAPI.dll - ok
00:33:45.0356 0x0e38  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] C:\Windows\System32\netprofm.dll
00:33:45.0356 0x0e38  C:\Windows\System32\netprofm.dll - ok
00:33:45.0371 0x0e38  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] C:\Windows\System32\wlansvc.dll
00:33:45.0371 0x0e38  C:\Windows\System32\wlansvc.dll - ok
00:33:45.0371 0x0e38  [ 50544D04AD845C43130B70212EC05CCD, B2E6B558DE7D273512226685FF53ED17C9B4BF81B739FBCA5D3FC82DF8D2BCF7 ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
00:33:45.0371 0x0e38  C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
00:33:45.0387 0x0e38  [ D5CCA1453B98A5801E6D5FF0FF89DC6C, 85F2C2480AAC31B6092187B431A562D79D4CFB1324F925C85055ABAB2483264B ] C:\Windows\System32\audiodg.exe
00:33:45.0387 0x0e38  C:\Windows\System32\audiodg.exe - ok
00:33:45.0402 0x0e38  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] C:\Windows\System32\drivers\fltMgr.sys
00:33:45.0402 0x0e38  C:\Windows\System32\drivers\fltMgr.sys - ok
00:33:45.0402 0x0e38  [ 9770D0FA691178C398657138F3B00953, E5CE0897A6860290575FED9D0685E86B05F89EC31A52D838BC3DB8BA7BD8BDBF ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{ECB61EE1-0CE7-4001-87B9-1A00B7D87B90}\mpengine.dll
00:33:45.0402 0x0e38  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{ECB61EE1-0CE7-4001-87B9-1A00B7D87B90}\mpengine.dll - ok
00:33:45.0418 0x0e38  [ A3DB3C17EE6CAE65D53602B4E80BCCBC, D802A7C6161F937DC42A6E45FE1BB2C8272819F92C294C180EBCDF8FF72CBFDC ] C:\Windows\System32\PSHED.DLL
00:33:45.0418 0x0e38  C:\Windows\System32\PSHED.DLL - ok
00:33:45.0418 0x0e38  [ 58775492FFD419248B08325E583C527F, DBB013971F5894F25C222C2D4D50A29DB6DF3C413792EE9CCC1A9E6D85469093 ] C:\Windows\System32\atl.dll
00:33:45.0418 0x0e38  C:\Windows\System32\atl.dll - ok
00:33:45.0434 0x0e38  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] C:\Windows\System32\gpsvc.dll
00:33:45.0434 0x0e38  C:\Windows\System32\gpsvc.dll - ok
00:33:45.0434 0x0e38  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] C:\Windows\System32\themeservice.dll
00:33:45.0434 0x0e38  C:\Windows\System32\themeservice.dll - ok
00:33:45.0449 0x0e38  [ 3CB6A7286422C72C34DAB54A5DFF1A34, 98D21EFFF511E407336A226420701E82554DA01FA05661303836B6860D63749D ] C:\Windows\System32\dui70.dll
00:33:45.0449 0x0e38  C:\Windows\System32\dui70.dll - ok
00:33:45.0465 0x0e38  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] C:\Windows\System32\es.dll
00:33:45.0465 0x0e38  C:\Windows\System32\es.dll - ok
00:33:45.0465 0x0e38  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] C:\Windows\System32\MPSSVC.dll
00:33:45.0465 0x0e38  C:\Windows\System32\MPSSVC.dll - ok
00:33:45.0480 0x0e38  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] C:\Windows\System32\Sens.dll
00:33:45.0480 0x0e38  C:\Windows\System32\Sens.dll - ok
00:33:45.0480 0x0e38  [ A77BE7CB3222B4FB0AC6C71D1C2698D4, 73566223914BF670DF6B5931FA213E546713531B10391ED65B5256BBD7ABDE7F ] C:\Windows\System32\dsrole.dll
00:33:45.0480 0x0e38  C:\Windows\System32\dsrole.dll - ok
00:33:45.0496 0x0e38  [ 46BB91A169B9B31FF44EB04C48EC1D41, 8115B533D3A5BE07633FA54FA8847E3DEC00C5BEB193CF2FBE88428D23E2B3D6 ] C:\Windows\System32\nlaapi.dll
00:33:45.0496 0x0e38  C:\Windows\System32\nlaapi.dll - ok
00:33:45.0496 0x0e38  [ BE097F5BB10F9079FCEB2DC4E7E20F02, 90A88986C8C5F30FB153EC803FEDA6572B2C2630A6C9578FCC017800692694D5 ] C:\Windows\System32\slc.dll
00:33:45.0496 0x0e38  C:\Windows\System32\slc.dll - ok
00:33:45.0512 0x0e38  [ 846FCDB73941A5B8FC4299A234659713, A08AD3D82EF977C2CC095FDB39E50AEE2C30FA7FDCCA192F2174A979CCFD16AA ] C:\Program Files\HitmanPro\hmpsched.exe
00:33:45.0512 0x0e38  C:\Program Files\HitmanPro\hmpsched.exe - ok
00:33:45.0512 0x0e38  [ 1A47D52E303B7543E4E6026595B95422, C577CD3837546A7CED5D2E8E97FA2EDACA133B4A8595770EF96CAE519BFE280F ] C:\Windows\System32\comres.dll
00:33:45.0512 0x0e38  C:\Windows\System32\comres.dll - ok
00:33:45.0527 0x0e38  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] C:\Windows\System32\uxsms.dll
00:33:45.0527 0x0e38  C:\Windows\System32\uxsms.dll - ok
00:33:45.0527 0x0e38  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] C:\Windows\System32\drivers\lltdio.sys
00:33:45.0527 0x0e38  C:\Windows\System32\drivers\lltdio.sys - ok
00:33:45.0543 0x0e38  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] C:\Windows\System32\drivers\nwifi.sys
00:33:45.0543 0x0e38  C:\Windows\System32\drivers\nwifi.sys - ok
00:33:45.0558 0x0e38  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] C:\Windows\System32\drivers\ndisuio.sys
00:33:45.0558 0x0e38  C:\Windows\System32\drivers\ndisuio.sys - ok
00:33:45.0558 0x0e38  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] C:\Windows\System32\drivers\rspndr.sys
00:33:45.0558 0x0e38  C:\Windows\System32\drivers\rspndr.sys - ok
00:33:45.0574 0x0e38  [ B355581A9DA34C92E2DBAFA410D2F829, 2EB97A055CB41898CA9FB7A58C6EEE5653CF18FD54123B346F8A664A3BE62874 ] C:\Windows\System32\drivers\TurboB.sys
00:33:45.0574 0x0e38  C:\Windows\System32\drivers\TurboB.sys - ok
00:33:45.0574 0x0e38  [ 8CCDE014A4CDF84564E03ACE064CA753, DD663029B2EB7B12FDB00FCE403D8326141E540E3B9CE84CD5871473D3E2E2CF ] C:\Windows\System32\duser.dll
00:33:45.0574 0x0e38  C:\Windows\System32\duser.dll - ok
00:33:45.0590 0x0e38  [ EF2AE43BCD46ABB13FC3E5B2B1935C73, 81FC06F306F620845D7DD8D06E706309E70BC89B589C81F3478302A3F5F73431 ] C:\Windows\System32\winmm.dll
00:33:45.0590 0x0e38  C:\Windows\System32\winmm.dll - ok
00:33:45.0590 0x0e38  [ D7F1EF374A90709B31591823B002F918, 05FD2837C9B03D14BB2A969C1AD77CAEF047D93DC5D0F6C2ACBF0888E8F7B359 ] C:\Windows\System32\SndVolSSO.dll
00:33:45.0590 0x0e38  C:\Windows\System32\SndVolSSO.dll - ok
00:33:45.0605 0x0e38  [ 896F15A6434D93EDB42519D5E18E6B50, 9263F0CEC58D45EBE3FB9C3061FB9392C55A7933B84B4592E6EE13CFC86D5A50 ] C:\Windows\System32\hid.dll
00:33:45.0605 0x0e38  C:\Windows\System32\hid.dll - ok
00:33:45.0605 0x0e38  [ 1473768973453DE50DC738C2955FC4DD, 14BC5DA2442CB726ACC1F277DDBECCF5D61E3A0A3E083A55A0BB610191E35220 ] C:\Windows\System32\wdmaud.drv
00:33:45.0605 0x0e38  C:\Windows\System32\wdmaud.drv - ok
00:33:45.0621 0x0e38  [ 8560FFFC8EB3A806DCD4F82252CFC8C6, CC27BC092369A89D6147B16568FEDEB68B584D5738CD686C31F7FAE22ED17B3B ] C:\Windows\System32\ksuser.dll
00:33:45.0621 0x0e38  C:\Windows\System32\ksuser.dll - ok
00:33:45.0636 0x0e38  [ 2B81776DA02017A37FE26C662827470E, A656353C50EE08422145D00DB9CFD9F6D3E664753B3C454B171E2A56A8AA94DC ] C:\Windows\System32\IPHLPAPI.DLL
00:33:45.0636 0x0e38  C:\Windows\System32\IPHLPAPI.DLL - ok
00:33:45.0636 0x0e38  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] C:\Windows\System32\lmhsvc.dll
00:33:45.0636 0x0e38  C:\Windows\System32\lmhsvc.dll - ok
00:33:45.0652 0x0e38  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] C:\Windows\System32\nsisvc.dll
00:33:45.0652 0x0e38  C:\Windows\System32\nsisvc.dll - ok
00:33:45.0652 0x0e38  [ B73A6E4B319AFFE64582AC5C1801BB3F, 274EEA0743DC659180E691654CBB17136E9E9D83B07E302B47EA5B103EA57710 ] C:\Windows\System32\nrpsrv.dll
00:33:45.0652 0x0e38  C:\Windows\System32\nrpsrv.dll - ok
00:33:45.0668 0x0e38  [ 4C9210E8F4E052F6A4EB87716DA0C24C, 460F7990BDADB7D58D6DC95B094D30A2EFDC4CEED444B18A2F36E8D9076FB8B9 ] C:\Windows\System32\winnsi.dll
00:33:45.0668 0x0e38  C:\Windows\System32\winnsi.dll - ok
00:33:45.0668 0x0e38  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] C:\Windows\System32\dhcpcore.dll
00:33:45.0668 0x0e38  C:\Windows\System32\dhcpcore.dll - ok
00:33:45.0683 0x0e38  [ DA1B7075260F3872585BFCDD668C648B, 3E10EF6E1A5C341B478322CB78A0AB7BFC70AD8023779B8B4542A7CB4CA756AB ] C:\Windows\System32\dwmapi.dll
00:33:45.0683 0x0e38  C:\Windows\System32\dwmapi.dll - ok
00:33:45.0683 0x0e38  [ B0945E538CF906BBDDC5A11C8EE868CC, 5F3459F6512918835F7C9400905EC7C1FAEAA7114E0D28C522040C359E3B93F7 ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
00:33:45.0683 0x0e38  C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
00:33:45.0699 0x0e38  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] C:\Windows\System32\dnsrslvr.dll
00:33:45.0699 0x0e38  C:\Windows\System32\dnsrslvr.dll - ok
00:33:45.0714 0x0e38  [ 87356377F31DA5F20A833811CD59499C, 4FEC1FD3AC4E4E34DCBC0109B248952604F438C84B1604EB9E2359FA721E23C4 ] C:\Windows\System32\eapphost.dll
00:33:45.0714 0x0e38  C:\Windows\System32\eapphost.dll - ok
00:33:45.0714 0x0e38  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] C:\Windows\System32\eapsvc.dll
00:33:45.0714 0x0e38  C:\Windows\System32\eapsvc.dll - ok
00:33:45.0730 0x0e38  [ F9EC845C5EECF20E9A67F9F805F2EF1F, C3DBA8CF93DBF50954B1BF6D7EF3F6F5DD1A56DC62B7EB2749C54D9B65D9BB43 ] C:\Windows\System32\keyiso.dll
00:33:45.0730 0x0e38  C:\Windows\System32\keyiso.dll - ok
00:33:45.0730 0x0e38  [ 6F8B48F3D343E4B186AB6A9E302B7E16, 54DB52FC56509E61DF68BD251B3286E6CBE1A91D9BC4D950940A61FE2DA04DF8 ] C:\Windows\System32\xmllite.dll
00:33:45.0730 0x0e38  C:\Windows\System32\xmllite.dll - ok
00:33:45.0746 0x0e38  [ 9FCA3A84338ADEF2AFF67CDA46EF8539, 087DF72096852AE98C56990EE6E68835BE95E7E49ECDDE8B54DAC11C9E07FE94 ] C:\Windows\System32\umb.dll
00:33:45.0746 0x0e38  C:\Windows\System32\umb.dll - ok
00:33:45.0746 0x0e38  [ D07EB640618F96490DB88C3CE58DB608, 0C553971259632031E6856A94EEB937D571627FC7CF061CCFC040F4BF0CFF259 ] C:\Windows\System32\FWPUCLNT.DLL
00:33:45.0746 0x0e38  C:\Windows\System32\FWPUCLNT.DLL - ok
00:33:45.0761 0x0e38  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] C:\Windows\System32\provsvc.dll
00:33:45.0761 0x0e38  C:\Windows\System32\provsvc.dll - ok
00:33:45.0777 0x0e38  [ A648C4A06DE367065B24056D067B4460, 2412487D65A833DDD9AB17D039515CC08DA22D006259EC4B03E42475FAFFD2AD ] C:\Windows\System32\wlanmsm.dll
00:33:45.0777 0x0e38  C:\Windows\System32\wlanmsm.dll - ok
00:33:45.0777 0x0e38  [ 06A1386B6E3A0CBC368665C1840906F4, C10BCA5092A0B3F9435CE4D65C7449528C89F5C5243B410878D2EBF516DA2FB2 ] C:\Windows\System32\wlansec.dll
00:33:45.0777 0x0e38  C:\Windows\System32\wlansec.dll - ok
00:33:45.0792 0x0e38  [ 73FCB7919DEE80EE556F2E498594EBAE, D0F7A0AD3BC33263E9C2CF9787DD326436F9E0C9F5031D769F8A43C64C08A762 ] C:\Windows\System32\onex.dll
00:33:45.0792 0x0e38  C:\Windows\System32\onex.dll - ok
00:33:45.0792 0x0e38  [ DC220AE6F64819099F7EBD6F137E32E7, B8FE13B859FA83500DD95637FA6D4A5B8392C2A363E41D014D3B5374F636E1DE ] C:\Windows\System32\AudioSes.dll
00:33:45.0792 0x0e38  C:\Windows\System32\AudioSes.dll - ok
00:33:45.0808 0x0e38  [ F568F7C08458D69E4FCD8675BBB107E4, A5FA25ECF248999A68CCECFBB508BFA1ADD18A23E20A9A9081A87C41CAAA36C0 ] C:\Windows\System32\dhcpcsvc.dll
00:33:45.0808 0x0e38  C:\Windows\System32\dhcpcsvc.dll - ok
00:33:45.0824 0x0e38  [ 885D0942E0F28DB90919BE3129ECF279, 5A10D90EE656ECE3DCA174D6F924641509819FC20CB6EF46B5E1723E52DE85BE ] C:\Windows\System32\dnsext.dll
00:33:45.0824 0x0e38  C:\Windows\System32\dnsext.dll - ok
00:33:45.0824 0x0e38  [ 65522E77A1360DBC8D199DA3BF5EFFE4, E9D748070FA478A3D37F15049F998D340885C0DC5FCE03BFCE5D521C9EBA7350 ] C:\Windows\System32\eappprxy.dll
00:33:45.0824 0x0e38  C:\Windows\System32\eappprxy.dll - ok
00:33:45.0839 0x0e38  [ AFCA5C1ECEAF948FC815178BC077680E, D052C18EF455E1A272332F2E11FD4F36DA071FAB3B81CA312FB75BF8702ED72D ] C:\Windows\System32\WindowsCodecs.dll
00:33:45.0839 0x0e38  C:\Windows\System32\WindowsCodecs.dll - ok
00:33:45.0839 0x0e38  [ 3C06D5A929B798D0B13F6481242A0FD2, CE6127A31AB09E21A912CA16E4BDF663E9D05C254CCF9090A8B5A9A2E055EFF3 ] C:\Windows\System32\dhcpcsvc6.dll
00:33:45.0839 0x0e38  C:\Windows\System32\dhcpcsvc6.dll - ok
00:33:45.0855 0x0e38  [ 0D753307D274F3688BD21C377B616700, 5DD08E77A11F2561FB96BA212FDDFE21D4394C69C34C3EB88F7F5CD068EE55BF ] C:\Windows\System32\eappcfg.dll
00:33:45.0855 0x0e38  C:\Windows\System32\eappcfg.dll - ok
00:33:45.0855 0x0e38  [ 3CC16A849E6092E43909F48EF0E60306, 610B576654A69415E4F2FEDB6BA384C77715944E4F89BD2821B311968CA8D810 ] C:\Windows\System32\dhcpcore6.dll
00:33:45.0855 0x0e38  C:\Windows\System32\dhcpcore6.dll - ok
00:33:45.0870 0x0e38  [ 730BF204A595D5B6D7DC57A247CC741C, 264C6901F4A49B738BBD04BCA1783DEE892885BADE9085B0AEA40BAE7CC0A218 ] C:\Windows\System32\wlgpclnt.dll
00:33:45.0870 0x0e38  C:\Windows\System32\wlgpclnt.dll - ok
00:33:45.0870 0x0e38  [ 97E43F324BE1503CB2FFB058534688DA, 50C781DF38D0D38C9A5420AB1FFF8672DC13FD1ED8E9F5432B4BA3077A7435D5 ] C:\Windows\System32\l2gpstore.dll
00:33:45.0870 0x0e38  C:\Windows\System32\l2gpstore.dll - ok
00:33:45.0886 0x0e38  [ 7D5645EE0EA77D539828433D9B95F5EB, EEF81E9B2205FC456DB6095AD0AEAB38BB131D3BCD090EA6CD91D5568ACAFB7F ] C:\Windows\System32\WinSCard.dll
00:33:45.0886 0x0e38  C:\Windows\System32\WinSCard.dll - ok
00:33:45.0902 0x0e38  [ 7F1B4C6FF3B85F9ADF74055187B8A22C, CC95DA5662638AACBE9643DCB236464C2C2095A8D5CDC8A747045870BE9D0E7D ] C:\Windows\System32\wlanutil.dll
00:33:45.0902 0x0e38  C:\Windows\System32\wlanutil.dll - ok
00:33:45.0902 0x0e38  [ 0E3A7EC2B9590EA7767BBB1823630DEA, 6858B7050465DB8505CF9E932868B123B925376C05363EA5A9198B2AE15CF728 ] C:\Windows\System32\msxml6.dll
00:33:45.0902 0x0e38  C:\Windows\System32\msxml6.dll - ok
00:33:45.0917 0x0e38  [ CA2A0750ED830678997695FF61B04C30, E84860CD97AA3C4565ABB2D5D406A5C42B1AD2D8BA1B8CF81FE564D91F15F976 ] C:\Windows\System32\midimap.dll
00:33:45.0917 0x0e38  C:\Windows\System32\midimap.dll - ok
00:33:45.0917 0x0e38  [ 10AC5CE9F78DC281A1BBD9B8CC587B8A, 72288C0A88916D3C3828DBD948DBDB0928F26106319F8E60102D6C9004514D60 ] C:\Windows\System32\msacm32.dll
00:33:45.0917 0x0e38  C:\Windows\System32\msacm32.dll - ok
00:33:45.0933 0x0e38  [ 1B7C3A37362C7B2890168C5FC61C8D9B, 03727930E5BB5F9D91BAB901FC9A2E3B795D68E2AEE6A2CC3477F356C45A9C54 ] C:\Windows\System32\msacm32.drv
00:33:45.0933 0x0e38  C:\Windows\System32\msacm32.drv - ok
00:33:45.0933 0x0e38  [ 5EDBB34736DD7AC1A73CF8792A835E10, 15E87C449AAF2095273341DD9355D8DF2690340D1DEFAF0DFF034F1CDF4316F8 ] C:\Windows\System32\AudioEng.dll
00:33:45.0933 0x0e38  C:\Windows\System32\AudioEng.dll - ok
00:33:45.0948 0x0e38  [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D, 19959D18601712901F03B83150D15E34EBCAB355BB4692C9A28511A72F57FC66 ] C:\Windows\System32\winbrand.dll
00:33:45.0948 0x0e38  C:\Windows\System32\winbrand.dll - ok
00:33:45.0964 0x0e38  [ 91B74F36B9308435F557DCB856A5597D, EF16972B7AAE2F96494B0B343DF31DB0E888F04C4FD5EDE3EF6A009179901B89 ] C:\Program Files (x86)\ASUS\FaceLogon\system\FaceCredentialProvider64.dll
00:33:45.0964 0x0e38  C:\Program Files (x86)\ASUS\FaceLogon\system\FaceCredentialProvider64.dll - ok
00:33:45.0964 0x0e38  [ C1395286B822E306B4FE1568A8A77813, 0642B6C793BE0EED5E7D1D2533FC5A01417C50040FC60A8E89BD97CE4A119388 ] C:\Windows\System32\AUDIOKSE.dll
00:33:45.0964 0x0e38  C:\Windows\System32\AUDIOKSE.dll - ok
00:33:45.0980 0x0e38  [ EEEA40F0EDB0A6E5359E539E15D0BC77, BFCBF777239C29C6AC4BC5B59591308571647B7C7FDB5571903F7403DD241E8E ] C:\Windows\System32\netapi32.dll
00:33:45.0980 0x0e38  C:\Windows\System32\netapi32.dll - ok
00:33:45.0980 0x0e38  [ 6CECA4C6A489C9B2E6073AFDAAE3F607, 127506D1DB38275614CBEB047C133718EF9D03266BA9C98BE55EC7847CFC9C3D ] C:\Windows\System32\netutils.dll
00:33:45.0980 0x0e38  C:\Windows\System32\netutils.dll - ok
00:33:45.0995 0x0e38  [ 3C91392D448F6E5D525A85B7550D8BA9, 6FD0DC73DBE7519E2C643554C2A7F8FBE4F9A678C4241BB54B3C6E65D2ABCF3A ] C:\Windows\System32\wkscli.dll
00:33:45.0995 0x0e38  C:\Windows\System32\wkscli.dll - ok
00:33:46.0011 0x0e38  [ FC51229C7D4AFA0D6F186133728B95AB, 37E58C8E1C8437D1981725A5DCDACA7316CEFBB570370CEFC8D122F523B96AC0 ] C:\Windows\System32\samcli.dll
00:33:46.0011 0x0e38  C:\Windows\System32\samcli.dll - ok
00:33:46.0011 0x0e38  [ C2762A57DF0EE85E63CE4893C5215313, DDE22212D78353633CEDE27D7210469DE674563991105563CF64CCCE2D0743BD ] C:\Windows\System32\VaultCredProvider.dll
00:33:46.0011 0x0e38  C:\Windows\System32\VaultCredProvider.dll - ok
00:33:46.0026 0x0e38  [ 8563BA40DF4F1E93A61B70E2C8B60CF8, E5CAA520CBE61FAF3EAA784A51ED30E0CB2FD78EFD8AE1D5C6B0FE43A1009F39 ] C:\Windows\System32\SmartcardCredentialProvider.dll
00:33:46.0026 0x0e38  C:\Windows\System32\SmartcardCredentialProvider.dll - ok
00:33:46.0026 0x0e38  [ BF352E73615F5461AA6884472435A544, 4B059E79325C5F08CD6FBBE6352E17ADB64B9608CC9EDB36A2DF4D148060C309 ] C:\Windows\System32\BioCredProv.dll
00:33:46.0026 0x0e38  C:\Windows\System32\BioCredProv.dll - ok
00:33:46.0042 0x0e38  [ 796B8123A7859AFD3A4AE10514DBAEB5, E76F69FAFEC3D66263ED95F3FA9EE309BDDACB287E30583A147DC97F6EEB8844 ] C:\Windows\System32\winbio.dll
00:33:46.0042 0x0e38  C:\Windows\System32\winbio.dll - ok
00:33:46.0058 0x0e38  [ 6E79A119B0CE418FE44E0C824BF3F039, 7C7E8ED41EFCDB20C1A0C038BB6C53CDBE6709E3573C8A93B4059C0CD08759EB ] C:\Windows\System32\FBAgent.exe
00:33:46.0058 0x0e38  C:\Windows\System32\FBAgent.exe - ok
00:33:46.0058 0x0e38  [ 4403D5ECE7D8323CAF1207D1AA38FA01, BD0B34DCF658D3CB91C1B55E9E730C5F7C571AFC2BFA09270C377B72B6830D48 ] C:\Windows\System32\credui.dll
00:33:46.0058 0x0e38  C:\Windows\System32\credui.dll - ok
00:33:46.0073 0x0e38  [ 3B39F9D51E4D8BAABDA6518955B58C13, 64AE407FA65096D5483C31B14AAC7FA691A4736AEA1288DC6D4BCEE3A2CE8A6F ] C:\Windows\System32\msi.dll
00:33:46.0073 0x0e38  C:\Windows\System32\msi.dll - ok
00:33:46.0073 0x0e38  [ 44B9C66177651F3F53C87B665D58D17A, 3FC426115FF87570889DB28D71970B82B525D2A4B9A00EDD273BF083B77A05CE ] C:\Windows\System32\vaultcli.dll
00:33:46.0073 0x0e38  C:\Windows\System32\vaultcli.dll - ok
00:33:46.0089 0x0e38  [ 972C3301DB3DA91AE06A95F6B4160B1B, 678B533A06C306295FE97DC26CE9BAFFC8EAF1FB7405ACB040719099717744D5 ] C:\Windows\System32\certCredProvider.dll
00:33:46.0089 0x0e38  C:\Windows\System32\certCredProvider.dll - ok
00:33:46.0089 0x0e38  [ 87FA0C48C3B2E9FEE518818FE26B15B5, DA4042DE9897397AEDCEFF9F69746726237305DDE64464309B6DCC45E05E42F4 ] C:\Windows\System32\rasplap.dll
00:33:46.0089 0x0e38  C:\Windows\System32\rasplap.dll - ok
00:33:46.0104 0x0e38  [ 019CD868461B646E09BDF04474C19341, 01837EFACB02E52BC6E90C90C4CB01B11D56E449A37EA4FC2695507FF85EA9FE ] C:\Windows\System32\rasapi32.dll
00:33:46.0104 0x0e38  C:\Windows\System32\rasapi32.dll - ok
00:33:46.0120 0x0e38  [ B28DEEC597C8DEB70C744C7CF9210E3E, E777F192D822990CA6301B3FEA2AEA213FA7901438EB3328914ADF02B6C39DB9 ] C:\Windows\System32\rasman.dll
00:33:46.0120 0x0e38  C:\Windows\System32\rasman.dll - ok
00:33:46.0120 0x0e38  [ B53C4B69B695EDA1B7E41D35CA4244E2, 3D98E9B263CADA576E4057E059AFC867F6E3F1001F3B73C8BCF9066763A45D9D ] C:\Windows\System32\rtutils.dll
00:33:46.0120 0x0e38  C:\Windows\System32\rtutils.dll - ok
00:33:46.0136 0x0e38  [ 9BC8610C32C96A2983A65DC21CAFA921, 2A4195F663C9D55939E3D8FEAA208090FDB0B8801A60164A7325B53104797CBC ] C:\Windows\System32\UXInit.dll
00:33:46.0136 0x0e38  C:\Windows\System32\UXInit.dll - ok
00:33:46.0136 0x0e38  [ 03706015DB44368375AEBE6339490E66, 02EB28B5156E320C1EBABC03D37E94EB770A721B99E1DD276F8DC2A50D76C381 ] C:\Windows\System32\netcfgx.dll
00:33:46.0136 0x0e38  C:\Windows\System32\netcfgx.dll - ok
00:33:46.0151 0x0e38  [ CF636C92B762B26F0B39B38E92380A09, F7B8B0EA4536CE3BA33EE1BD0783F6AAD8C0EF69714E874D4A30B720A04C7A18 ] C:\Windows\System32\oleacc.dll
00:33:46.0151 0x0e38  C:\Windows\System32\oleacc.dll - ok
00:33:46.0151 0x0e38  [ 019BDD35DE269CB98B22DE8923C2AA3B, 68B216D5331B128CF1BCB3A3F82FD85B119FFDBCB796C907461CDD6248995817 ] C:\Windows\System32\UIAutomationCore.dll
00:33:46.0151 0x0e38  C:\Windows\System32\UIAutomationCore.dll - ok
00:33:46.0167 0x0e38  [ 3C598C5D25D77A0537060EC0AF206D03, 8AA507108BC8D20E4BA582269E0B0A51EADCB824A06D0DD353CDFBB4A0A07EBD ] C:\Program Files (x86)\ASUS\FaceLogon\smartlogon.exe
00:33:46.0167 0x0e38  C:\Program Files (x86)\ASUS\FaceLogon\smartlogon.exe - ok
00:33:46.0182 0x0e38  [ 18E5C2F937F9DEB8C282DF66A3761925, 30294C381F8C7DCB45EF9BCF572F410FF47630E12D5AA02259C6C80F07BEF495 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
00:33:46.0182 0x0e38  C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe - ok
00:33:46.0182 0x0e38  [ 5AA945234E9D4CCE4F715276B9AA712C, 65165BD131056816F009D987FC78AC86FFE0C3C38A27E73F873586B7FF4D59CF ] C:\Windows\System32\imageres.dll
00:33:46.0182 0x0e38  C:\Windows\System32\imageres.dll - ok
00:33:46.0198 0x0e38  [ CF6850A72BEB4845A3BFFB3F5E8014B2, ABB2907DB16929D4A12E0551C01DD731762B1A4CFEF36B734734F3ECDD630A38 ] C:\Windows\System32\pdh.dll
00:33:46.0198 0x0e38  C:\Windows\System32\pdh.dll - ok
00:33:46.0198 0x0e38  [ A2B0924D50F4435FD389499047CE553A, 8D16D5CAAD71AAAAA1479F8477D2928B66581C79932A49A21EDF93DB2803AB9C ] C:\Windows\SysWOW64\ntdll.dll
00:33:46.0198 0x0e38  C:\Windows\SysWOW64\ntdll.dll - ok
00:33:46.0214 0x0e38  [ 2A107B611C91CD256466C58C0D776E9D, 58EA4F6E0FE7EFB8D3024AE71EE16848C2A00BA5224C8054C80134F99D9A72AB ] C:\Windows\System32\wow64.dll
00:33:46.0214 0x0e38  C:\Windows\System32\wow64.dll - ok
00:33:46.0229 0x0e38  [ 7434E01FBCA3CB86539C39412A31D5E1, E40D5AEBB3A5D8F53C76E3FBF0C07B9C0227914C869F57622EA44A212383EE6D ] C:\Windows\System32\wow64win.dll
00:33:46.0229 0x0e38  C:\Windows\System32\wow64win.dll - ok
00:33:46.0229 0x0e38  [ 0F090A77E664CB0F70AB8D3B230B760C, A08EA0409B3BF88AB12792F721FA3A692BBE640DF2A06641E142843A7044EC5E ] C:\Windows\System32\wow64cpu.dll
00:33:46.0229 0x0e38  C:\Windows\System32\wow64cpu.dll - ok
00:33:46.0245 0x0e38  [ 76161B9D78A275F8F28DD67436013110, E4AE9648BDED9035D39DF20C3A6F453F67D49D7899038B21D88FFD4EFFCC4C08 ] C:\Windows\SysWOW64\kernel32.dll
00:33:46.0245 0x0e38  C:\Windows\SysWOW64\kernel32.dll - ok
00:33:46.0245 0x0e38  [ 461B713DE7F353C6447B744F1A049930, 3551C57128DAFA009C9DB3EE0D798D94B269D1605F74897566D7E79E5FDD437B ] C:\Windows\SysWOW64\KernelBase.dll
00:33:46.0245 0x0e38  C:\Windows\SysWOW64\KernelBase.dll - ok
00:33:46.0260 0x0e38  [ 9DC80A8AAAAAC397BDAB3C67165A824E, 051636BFDFF7AB0E4191354E846BD0DACCA1A01FCC13C1AFED91D8DBFE17127A ] C:\Windows\SysWOW64\msvcrt.dll
00:33:46.0260 0x0e38  C:\Windows\SysWOW64\msvcrt.dll - ok
00:33:46.0276 0x0e38  [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3, 01EB95FA3943CF3C6B1A21E473A5C3CB9FCBCE46913B15C96CAC14E4F04075B4 ] C:\Windows\SysWOW64\user32.dll
00:33:46.0276 0x0e38  C:\Windows\SysWOW64\user32.dll - ok
00:33:46.0276 0x0e38  [ 6A6B2EE4565A178035BE2A4FF6F2C968, E2E231F1C2E2CE19583483ACC53318651FA7CA2DE46BCB89B4CBF97CA0525122 ] C:\Windows\SysWOW64\wtsapi32.dll
00:33:46.0276 0x0e38  C:\Windows\SysWOW64\wtsapi32.dll - ok
00:33:46.0292 0x0e38  [ D15618A0FF8DBC2C5BF3726BACC75A0B, ADD81EA1D208907D67802F0E96EC0327BA89021F870BA22B9C7E3A19013A6AE7 ] C:\Windows\SysWOW64\userenv.dll
00:33:46.0292 0x0e38  C:\Windows\SysWOW64\userenv.dll - ok
00:33:46.0292 0x0e38  [ D8BED6BA298DBAAF6F3D746739FCD333, 83A40845EC448943F4737B730F95860983919677D84922E44EED4BECDFA71A31 ] C:\Windows\SysWOW64\rpcrt4.dll
00:33:46.0292 0x0e38  C:\Windows\SysWOW64\rpcrt4.dll - ok
00:33:46.0307 0x0e38  [ F08F6FCD09F9BE94C37ACC1B344685FF, DE48D766258B46EFEAB16579421C4BD97ACC6883F782D00E9857F4A0CE7E8A34 ] C:\Windows\SysWOW64\cryptbase.dll
00:33:46.0307 0x0e38  C:\Windows\SysWOW64\cryptbase.dll - ok
00:33:46.0307 0x0e38  [ 980305AC3AF53C1964A11190451ABB32, D0FE0845F9FB51B1F556E3A1D327F30603033A1FAFC17DFA3D5047B93C7D4D82 ] C:\Windows\SysWOW64\gdi32.dll
00:33:46.0307 0x0e38  C:\Windows\SysWOW64\gdi32.dll - ok
00:33:46.0323 0x0e38  [ C733D233B623B7FFCE5031E4B756EE26, 33CC8B140B0E4A9B702E3468BE2646AEE4273F20C6EA5BAC6C3D8FC8EDEF0881 ] C:\Windows\SysWOW64\profapi.dll
00:33:46.0323 0x0e38  C:\Windows\SysWOW64\profapi.dll - ok
00:33:46.0338 0x0e38  [ CFC97F07904067A1E5FAE195D534DA3A, EB4D2D127312EB09E2ACCA3276779E80F90FAF77322684BABF72B8EC6E1F906C ] C:\Windows\SysWOW64\sechost.dll
00:33:46.0338 0x0e38  C:\Windows\SysWOW64\sechost.dll - ok
00:33:46.0338 0x0e38  [ 10826DA2FC073702AEAB93AF3D73B066, 1B55FE13B52109F1E427FCE6F64A02CF37AB6732BE4C968479BD871DE1D38A06 ] C:\Windows\SysWOW64\sspicli.dll
00:33:46.0338 0x0e38  C:\Windows\SysWOW64\sspicli.dll - ok
00:33:46.0354 0x0e38  [ CC23295DA8F7B5C53F93804D2F5D30EB, B290D96C40FBA934DE6CFF82D9BBA6780922CC5012C61599BD5006DAEDC82DDB ] C:\Windows\SysWOW64\lpk.dll
00:33:46.0354 0x0e38  C:\Windows\SysWOW64\lpk.dll - ok
00:33:46.0354 0x0e38  [ A5F833506BF6A1B5D693E1499DEE2444, 045874B7D37F49216E37D551076FF440E29DB5196564E714207DF753DF7FDDEE ] C:\Windows\SysWOW64\usp10.dll
00:33:46.0354 0x0e38  C:\Windows\SysWOW64\usp10.dll - ok
00:33:46.0370 0x0e38  [ E601860AA04CE2198DBC6AC2AF80AFF7, B9D2BAEF2F6F8EA687414E73DFC5207F11A406D53C3444FCDAFD9CE1B4940053 ] C:\Windows\System32\perfos.dll
00:33:46.0370 0x0e38  C:\Windows\System32\perfos.dll - ok
00:33:46.0370 0x0e38  [ D67472125471784DE7147946EDA25FEB, F41960118F412B6CA5E80AE5E8DB9AECDD043A7DB34388FF57C6F9C5A0056F91 ] C:\Windows\SysWOW64\advapi32.dll
00:33:46.0370 0x0e38  C:\Windows\SysWOW64\advapi32.dll - ok
00:33:46.0385 0x0e38  [ D1DE1EAFDE97BE41CF6585027FF3E732, 76F17D4DF440D6734DC8157092D94EB18C2A73A0A49BEEA289E7B3EDE30E86A2 ] C:\Windows\SysWOW64\comdlg32.dll
00:33:46.0385 0x0e38  C:\Windows\SysWOW64\comdlg32.dll - ok
00:33:46.0385 0x0e38  [ A6F09E5669D9A19035F6D942CAA15882, 68C8AF0CC1923E3A7245392F2480EE665D265DF300A609D2540BF7C6D9C1A1BE ] C:\Windows\SysWOW64\imm32.dll
00:33:46.0385 0x0e38  C:\Windows\SysWOW64\imm32.dll - ok
00:33:46.0401 0x0e38  [ 18AB2E5A40064ED5F7791AC5946A90F3, B7536CE56702C23B1CEC3E1B6C78866E0A76808B85A92AF3733D9ED9429E004C ] C:\Windows\SysWOW64\msimg32.dll
00:33:46.0401 0x0e38  C:\Windows\SysWOW64\msimg32.dll - ok
00:33:46.0401 0x0e38  [ C9618BC9B2B0FD7C1138D8774795A79B, 0AC170669C2626519FA7A745C56BFBA6B83B8537488F5B9EB7BA72448E5E7A43 ] C:\Windows\SysWOW64\msctf.dll
00:33:46.0401 0x0e38  C:\Windows\SysWOW64\msctf.dll - ok
00:33:46.0416 0x0e38  [ 8CC3C111D653E96F3EA1590891491D71, 1D326D7D116D76876EE2B14A5BFB7B4328E21DB9B5AAAB9CB67F8EFB93924230 ] C:\Windows\SysWOW64\shlwapi.dll
00:33:46.0416 0x0e38  C:\Windows\SysWOW64\shlwapi.dll - ok
00:33:46.0416 0x0e38  [ 352B3DC62A0D259A82A052238425C872, 393B24E0D6007C74AEE2FB2EE2C18623D37DF64E279B6767952DCFEE0EACBB10 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
00:33:46.0416 0x0e38  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
00:33:46.0432 0x0e38  [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
00:33:46.0432 0x0e38  C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys - ok
00:33:46.0448 0x0e38  [ 418E881201583A3039D81F43E39E6C78, C96AAC161E09BE12815A4E931E65F66DB1A456C03253EF1111AE66F44B1515FF ] C:\Windows\SysWOW64\winsta.dll
00:33:46.0448 0x0e38  C:\Windows\SysWOW64\winsta.dll - ok
00:33:46.0448 0x0e38  [ 7910158929571214A959D5A6D16DD9C0, 9B4F8A3AF9E09B2F772EEF1CB8F7EAB8A226068784837F375AE97B89B0B3A383 ] C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
00:33:46.0448 0x0e38  C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe - ok
00:33:46.0463 0x0e38  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] C:\Windows\System32\shsvcs.dll
00:33:46.0463 0x0e38  C:\Windows\System32\shsvcs.dll - ok
00:33:46.0463 0x0e38  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] C:\Windows\System32\schedsvc.dll
00:33:46.0463 0x0e38  C:\Windows\System32\schedsvc.dll - ok
00:33:46.0479 0x0e38  [ 386BF6FD9FC562B1A5558C49E1C3A6FB, 6ED5A61C911845027D0A67B2473603D87E79DB88F0C0C699CBB2D1639C1DFDA5 ] C:\Windows\SysWOW64\shell32.dll
00:33:46.0479 0x0e38  C:\Windows\SysWOW64\shell32.dll - ok
00:33:46.0479 0x0e38  [ BC414631876B2F28B8DAB08E849C12C5, 5973654AA3E90E6B699B0A43F645B893D95BAA803129B6967D746C8239AB26E3 ] C:\Windows\System32\ktmw32.dll
00:33:46.0479 0x0e38  C:\Windows\System32\ktmw32.dll - ok
00:33:46.0494 0x0e38  [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7, 4BC5A1279885EEFBEB27333AF719622A5FCDD9606697692C1978E434CE264D80 ] C:\Windows\System32\taskcomp.dll
00:33:46.0494 0x0e38  C:\Windows\System32\taskcomp.dll - ok
00:33:46.0494 0x0e38  [ B3C650DA28161CE333AE0063BC82E16D, F564D7BCD5CC74253AEFA5AFF8512C47723197B8DE79C63EBD5DEFD989BA3B08 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{ECB61EE1-0CE7-4001-87B9-1A00B7D87B90}\mpasbase.vdm
00:33:46.0494 0x0e38  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{ECB61EE1-0CE7-4001-87B9-1A00B7D87B90}\mpasbase.vdm - ok
00:33:46.0510 0x0e38  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] C:\Windows\System32\drivers\http.sys
00:33:46.0510 0x0e38  C:\Windows\System32\drivers\http.sys - ok
00:33:46.0510 0x0e38  [ 65EA57712340C09B1B0C427B4848AE05, 5FDCF73191BFF9DBB03886755FFCF0BC15849F0E216884A5A8B9BB375FA7C1A5 ] C:\Windows\System32\taskeng.exe
00:33:46.0510 0x0e38  C:\Windows\System32\taskeng.exe - ok
00:33:46.0526 0x0e38  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] C:\Windows\System32\spoolsv.exe
00:33:46.0526 0x0e38  C:\Windows\System32\spoolsv.exe - ok
00:33:46.0526 0x0e38  [ 805A52C5AE26C28E88FDD9BCCFE6F312, 4FF28D3658C31722B7DD036DED9D544B14841C0E0B94D31A8EC5AB92128DA020 ] C:\Windows\System32\TSChannel.dll
00:33:46.0526 0x0e38  C:\Windows\System32\TSChannel.dll - ok
00:33:46.0541 0x0e38  [ 50D28F3F8B7C17056520C80A29EFE17C, 71613EA48467D1A0B00F8BCAED270B7527FC5771F540A8EB0515B3A5FDC8604F ] C:\Windows\System32\lpksetup.exe
00:33:46.0541 0x0e38  C:\Windows\System32\lpksetup.exe - ok
00:33:46.0557 0x0e38  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] C:\Windows\System32\BFE.DLL
00:33:46.0557 0x0e38  C:\Windows\System32\BFE.DLL - ok
00:33:46.0557 0x0e38  [ 6369F960C28A16F4502C480EEDE3652C, 43712222F1DEF7277EC6A99BEA6FB9C7E0E1FCAB2AD35C0208747D70301D0E47 ] C:\Windows\System32\dpx.dll
00:33:46.0557 0x0e38  C:\Windows\System32\dpx.dll - ok
00:33:46.0572 0x0e38  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] C:\Windows\System32\drivers\bowser.sys
00:33:46.0572 0x0e38  C:\Windows\System32\drivers\bowser.sys - ok
00:33:46.0572 0x0e38  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] C:\Windows\System32\drivers\mpsdrv.sys
00:33:46.0572 0x0e38  C:\Windows\System32\drivers\mpsdrv.sys - ok
00:33:46.0588 0x0e38  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] C:\Windows\System32\drivers\mrxsmb.sys
00:33:46.0588 0x0e38  C:\Windows\System32\drivers\mrxsmb.sys - ok
00:33:46.0588 0x0e38  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] C:\Windows\System32\drivers\mrxsmb10.sys
00:33:46.0588 0x0e38  C:\Windows\System32\drivers\mrxsmb10.sys - ok
00:33:46.0604 0x0e38  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] C:\Windows\System32\drivers\mrxsmb20.sys
00:33:46.0604 0x0e38  C:\Windows\System32\drivers\mrxsmb20.sys - ok
00:33:46.0604 0x0e38  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] C:\Windows\System32\wkssvc.dll
00:33:46.0604 0x0e38  C:\Windows\System32\wkssvc.dll - ok
00:33:46.0619 0x0e38  [ C67F8A962B2534224D5908D16D2AD3CE, CAC1821F5E867285638AEE7AE33CE574BCCF16277AC5AD805650B48F7759B4B4 ] C:\Windows\System32\wfapigp.dll
00:33:46.0619 0x0e38  C:\Windows\System32\wfapigp.dll - ok
00:33:46.0619 0x0e38  [ 1834B31C749B86DAC233BBBA1C03BC48, 27FCA9196842C0BB53CCAD895870A0EB10D2F8ED67E5486A4437067BD4BC4448 ] C:\Windows\System32\mscms.dll
00:33:46.0619 0x0e38  C:\Windows\System32\mscms.dll - ok
00:33:46.0635 0x0e38  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] C:\Windows\System32\pcasvc.dll
00:33:46.0635 0x0e38  C:\Windows\System32\pcasvc.dll - ok
00:33:46.0635 0x0e38  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] C:\Windows\System32\snmptrap.exe
00:33:46.0635 0x0e38  C:\Windows\System32\snmptrap.exe - ok
00:33:46.0650 0x0e38  [ 2147C5330F983D76A36B73F4A804F778, 4B201E86B701FEA4754139BB3873DEB132932732F1B8EEEAE7C9DB891CC64D2E ] C:\Windows\System32\RdpGroupPolicyExtension.dll
00:33:46.0650 0x0e38  C:\Windows\System32\RdpGroupPolicyExtension.dll - ok
00:33:46.0650 0x0e38  [ F1C09EE3A594B19DD1F4B4AEA9E353C9, 4F83F366F50CE1C8143CA7855EE8BDEAEF29EBAF76CF1C67B244D03AE4F8D438 ] C:\Windows\System32\comsvcs.dll
00:33:46.0650 0x0e38  C:\Windows\System32\comsvcs.dll - ok
00:33:46.0666 0x0e38  [ 4004299B7AF4CBFF6540F1798899A11F, 5DD3AE149B7228A769F2FE95355795AC98ACD8CDFB78954A423A357F717203C3 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
00:33:46.0666 0x0e38  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
00:33:46.0666 0x0e38  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] C:\Windows\System32\sstpsvc.dll
00:33:46.0666 0x0e38  C:\Windows\System32\sstpsvc.dll - ok
00:33:46.0682 0x0e38  [ 70200021CE732E73FB5A5B2D469C2D85, 2AB876A7489C2AF2643B8360C5CD82A3A10F7D2253EE1F7C8C35CFCC8D89689F ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{ECB61EE1-0CE7-4001-87B9-1A00B7D87B90}\mpasdlta.vdm
00:33:46.0682 0x0e38  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{ECB61EE1-0CE7-4001-87B9-1A00B7D87B90}\mpasdlta.vdm - ok
00:33:46.0697 0x0e38  [ 00000000000000000000000000000000, 0000000000000000000000000000000000000000000000000000000000000000 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{ECB61EE1-0CE7-4001-87B9-1A00B7D87B90}\mpavbase.vdm
00:33:46.0697 0x0e38  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{ECB61EE1-0CE7-4001-87B9-1A00B7D87B90}\mpavbase.vdm - ok
00:33:46.0697 0x0e38  [ 8F5049C30217C06DD47501501745F4C8, E08B943F63F6403FAA614502105C06C1D731DF96D763755F9A8451A890F9F998 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{ECB61EE1-0CE7-4001-87B9-1A00B7D87B90}\mpavdlta.vdm
00:33:46.0697 0x0e38  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{ECB61EE1-0CE7-4001-87B9-1A00B7D87B90}\mpavdlta.vdm - ok
00:33:46.0713 0x0e38  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
00:33:46.0713 0x0e38  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
00:33:46.0713 0x0e38  [ 945E54F23C72D37B8CD1987AF0DB63BF, C2B217C94DBCA0A31ED834B9D492B53B25B235DDD02B1D1200E76609D32772EA ] C:\Windows\System32\fveapi.dll
00:33:46.0713 0x0e38  C:\Windows\System32\fveapi.dll - ok
00:33:46.0728 0x0e38  [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8, B1A9B2EF000917214C0198958CBD239D1D91B1720EC40DF041262A34D302AD74 ] C:\Windows\SysWOW64\winspool.drv
00:33:46.0728 0x0e38  C:\Windows\SysWOW64\winspool.drv - ok
00:33:46.0728 0x0e38  [ 928CF7268086631F54C3D8E17238C6DD, F058FAFB04E7EBD5CADE9B48195B7AA7C3508F332A89F5E6E5F3F071E8CADD4A ] C:\Windows\SysWOW64\ole32.dll
00:33:46.0728 0x0e38  C:\Windows\SysWOW64\ole32.dll - ok
00:33:46.0744 0x0e38  [ 891ECFD08E2C538B7948CBC45106D697, 628D0D618FF3A70E9FBE3B2C7206C9365ED2297784A5F10FFA05BD2C56657013 ] C:\Windows\System32\fvecerts.dll
00:33:46.0744 0x0e38  C:\Windows\System32\fvecerts.dll - ok
00:33:46.0744 0x0e38  [ 694865362F0965779F92BCFE97712323, 825EB75E37AFE9B738869FB5D95020D4F44AD419C2F6C5A658F82A5242FDEF6C ] C:\Windows\System32\tbs.dll
00:33:46.0744 0x0e38  C:\Windows\System32\tbs.dll - ok
00:33:46.0760 0x0e38  [ 8269210DAF3B12BC8300631B28A2A442, EABEB792C2EA8D4A1A7B13281CF557C194D5667AE0BA2A2D5664908D8269113D ] C:\Windows\System32\wiarpc.dll
00:33:46.0760 0x0e38  C:\Windows\System32\wiarpc.dll - ok
00:33:46.0760 0x0e38  [ 6C765E82B57F2E66CE9C54AC238471D9, 97F410023F5C08B4BC5DBF89A642200E76F4025ADD9707C24FD89D673675BB43 ] C:\Windows\SysWOW64\oleaut32.dll
00:33:46.0760 0x0e38  C:\Windows\SysWOW64\oleaut32.dll - ok
00:33:46.0775 0x0e38  [ CC09E0C9A2D89C6E71D093DC8BD121B7, 5F92457E27D817541EBA92FED984D2E6C1E35AD4E4E4CAE0F0778B795C260FAA ] C:\Windows\SysWOW64\crypt32.dll
00:33:46.0775 0x0e38  C:\Windows\SysWOW64\crypt32.dll - ok
00:33:46.0791 0x0e38  [ EE19C85CA685A275BE346EC41F1870F9, F071D88C38C62E9D88DDE29F451B2B581499758A7E60BDA6DED3376280C5A635 ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18455_none_72d576ad8665e853\GdiPlus.dll
00:33:46.0791 0x0e38  C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18455_none_72d576ad8665e853\GdiPlus.dll - ok
00:33:46.0791 0x0e38  [ 938F39B50BAFE13D6F58C7790682C010, 902000EE51EFEABAF6A4B30F880AA37083D2232C6FC622CA513C4A823390FEDA ] C:\Windows\SysWOW64\msasn1.dll
00:33:46.0791 0x0e38  C:\Windows\SysWOW64\msasn1.dll - ok
00:33:46.0806 0x0e38  [ 68EAAEDF0365168B804E8728368FA946, 1FA25087E8B247B099B729F780DBF24F77FD34F58186A1C94329261CF3D18B8E ] C:\Windows\SysWOW64\wintrust.dll
00:33:46.0806 0x0e38  C:\Windows\SysWOW64\wintrust.dll - ok
00:33:46.0806 0x0e38  [ B3892E6DA8E2C8CE4B0A9D3EB9A185E5, AE163388201EF2F119E11265586E7DA32C6E5B348E0CC32E3F72E21EBFD0843B ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll
00:33:46.0806 0x0e38  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll - ok
00:33:46.0822 0x0e38  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:33:46.0822 0x0e38  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
00:33:46.0838 0x0e38  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC, 372AF797353F9335915CD06D4076BAB8410775DCAF2DAC0593197D7C41BBFFB2 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
00:33:46.0838 0x0e38  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
00:33:46.0838 0x0e38  [ 2FCA0D2C59A855C54BAFA22AA329DF0F, ED9D26F539065D62FCCEDEEC8E509B30F4D15F8DA586C1F657ACEFE9DABAACD0 ] C:\Windows\SysWOW64\netapi32.dll
00:33:46.0838 0x0e38  C:\Windows\SysWOW64\netapi32.dll - ok
00:33:46.0853 0x0e38  [ 20B3934DB73EABA2B49B7177873CB81F, 492EAC5C51472B43DE11825358AEC4B9E3A081DACFD7513C696D6FE40F302EE5 ] C:\Windows\SysWOW64\netutils.dll
00:33:46.0853 0x0e38  C:\Windows\SysWOW64\netutils.dll - ok
00:33:46.0853 0x0e38  [ 68ECCA523ED760AAFC03C5D587569859, CDD734279C8F9F24EA2538BAD8E91EB8C3DD74C33032DB6B2D85C19576B42707 ] C:\Windows\SysWOW64\samcli.dll
00:33:46.0853 0x0e38  C:\Windows\SysWOW64\samcli.dll - ok
00:33:46.0869 0x0e38  [ 5CCDCD40E732D54E0F7451AC66AC1C87, 66F4DA105BD72E41250CD59E2B3CD931B47AC9FDB6C784B9E33C5EE1AC29841F ] C:\Windows\SysWOW64\srvcli.dll
00:33:46.0869 0x0e38  C:\Windows\SysWOW64\srvcli.dll - ok
00:33:46.0884 0x0e38  [ E5A4A1326A02F8E7B59E6C3270CE7202, DCB76016F9AC47E631540874DA208A089F9D529DA9628705A2869B954526BFE0 ] C:\Windows\SysWOW64\wkscli.dll
00:33:46.0884 0x0e38  C:\Windows\SysWOW64\wkscli.dll - ok
00:33:46.0884 0x0e38  [ 43964FA89CCF97BA6BE34D69455AC65F, 10E3B89A5470E1BB6F73382135DD2352F5073C1EE8485D7476CFB5122D4AAA2F ] C:\Windows\SysWOW64\uxtheme.dll
00:33:46.0884 0x0e38  C:\Windows\SysWOW64\uxtheme.dll - ok
00:33:46.0900 0x0e38  [ C9564CF4976E7E96B4052737AA2492B4, C3AC989C8489A23BB96400B1856F5325FFC67E844F04651EA5D61BC20A991C6D ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
00:33:46.0900 0x0e38  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
00:33:46.0900 0x0e38  [ FF5688D309347F2720911D8796912834, 3B0D73C50D40A6F42629B7750F99F656BF5C1C50237D5F98B6C0F2CE5E2DA359 ] C:\Windows\SysWOW64\clbcatq.dll
00:33:46.0900 0x0e38  C:\Windows\SysWOW64\clbcatq.dll - ok
00:33:46.0916 0x0e38  [ 0AE0C4955E1DE29CCDC9DA1B816FE5EE, 93FDF0B256BCF62FEF1BF64775F5C19460D0269C1F4A11FBC3FF118851E75033 ] C:\Windows\SysWOW64\quartz.dll
00:33:46.0916 0x0e38  C:\Windows\SysWOW64\quartz.dll - ok
00:33:46.0916 0x0e38  [ 80942B137077DA7D2375B3041DA9127F, B3EB3C63A8E1EB55C2F3AEF975E3C9638A2BFF6F5C2D10FF16E7B5E12EE75BE7 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
00:33:46.0931 0x0e38  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
00:33:46.0931 0x0e38  [ 702254574E7E52052DE39408457B7149, 645CA9E88DA21C63710A04A0F54421018DF415A3D612112C71A255C49325C082 ] C:\Windows\SysWOW64\version.dll
00:33:46.0931 0x0e38  C:\Windows\SysWOW64\version.dll - ok
00:33:46.0947 0x0e38  [ 6D41F6AA35220E7A54543075B27E8F83, 3350373F3443954B4DABE39955FD9B3C7FC223B73CC1429793A920ED17FB8A06 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
00:33:46.0947 0x0e38  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
00:33:46.0947 0x0e38  [ D5AEFAD57C08349A4393D987DF7C715D, C36A45BC2448DF30CD17BD2F8A17FC196FAFB685612CACCEB22DC7B58515C201 ] C:\Windows\SysWOW64\winmm.dll
00:33:46.0947 0x0e38  C:\Windows\SysWOW64\winmm.dll - ok
00:33:46.0962 0x0e38  [ EF8CD3C64EE9C08980D6D06CCCE46C68, 7DC061E0552BE776DC79662364DA1D90A4FF6D795002865DD1B1C3DEB77E4B98 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
00:33:46.0962 0x0e38  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
00:33:46.0962 0x0e38  [ 39C5F32747B3414D1BB216FDB1DEFC58, 6FAE64CB9748304090113903A5AE9E7154BE16BA2EEA7AB3EF04AB9D79B81380 ] C:\Windows\SysWOW64\dwmapi.dll
00:33:46.0962 0x0e38  C:\Windows\SysWOW64\dwmapi.dll - ok
00:33:46.0978 0x0e38  [ CC5BF60E9D3F181C0B62AC91AD8634B8, AFF680E62D989A62CBDEC2BF70B6D17F7615F9826EAEE0C8A524AF80F9FF862D ] C:\Windows\SysWOW64\qcap.dll
00:33:46.0978 0x0e38  C:\Windows\SysWOW64\qcap.dll - ok
00:33:46.0978 0x0e38  [ C335EC1182AC10B188705554E0BC1186, 963CD11CEF7A79559361134FDF9C07B8EA829A40D3996D77E95C291DD17AAD2B ] C:\Windows\SysWOW64\msvfw32.dll
00:33:46.0978 0x0e38  C:\Windows\SysWOW64\msvfw32.dll - ok
00:33:46.0994 0x0e38  [ 7FF15A4F092CD4A96055BA69F903E3E9, 1B594E6D057C632ABB3A8CF838157369024BD6B9F515CA8E774B22FE71A11627 ] C:\Windows\SysWOW64\ws2_32.dll
00:33:46.0994 0x0e38  C:\Windows\SysWOW64\ws2_32.dll - ok
00:33:47.0009 0x0e38  [ 6377051C63D5552A311935C67E9FDFDC, 3FB82988AAB66813567E8DB951D4EE87F156201070F005FDBF52EF998A323E65 ] C:\Windows\SysWOW64\nsi.dll
00:33:47.0009 0x0e38  C:\Windows\SysWOW64\nsi.dll - ok
00:33:47.0009 0x0e38  [ 54152706627F5F33952340D90ADA50EE, 5D7F240B054AD448B24E339E00C4A2C6ECC65F6CF43CB8C76ACDC4486CDF34EA ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
00:33:47.0009 0x0e38  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
00:33:47.0025 0x0e38  [ 78865ABC5F5D13190F8B35BD9044714A, A16E0158129AE76AE459D9424D246C01ECECCC87A27C40D8DB0232330D2F5458 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
00:33:47.0025 0x0e38  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
00:33:47.0025 0x0e38  [ DF13A51A5C591887D2EC6AE64CEED0FA, DFD503AEBCAA056B2B0E669ACA52F6D26F4E6892F2DCFCCD902752C23A621653 ] C:\Windows\SysWOW64\wsock32.dll
00:33:47.0025 0x0e38  C:\Windows\SysWOW64\wsock32.dll - ok
00:33:47.0040 0x0e38  [ FF9831030678C7B6D70BAC00F68F8976, BFA9DA98F93910B8FE09EA06F917AB1F5435FCE9F786EABDF1970E19B2C63FDC ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
00:33:47.0040 0x0e38  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
00:33:47.0056 0x0e38  [ E5B6D88B36BDDAD5039764FBF80284DD, DAEA4712E2ACA7055279DFFEF317FCEE923AC240D7FC26419B1DCEA48CA832B1 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
00:33:47.0056 0x0e38  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
00:33:47.0056 0x0e38  [ 1D75BC73585969F41BA7EF0C882DFF2B, 86DD31172DAAAAB5F7848ADA46A8848F891D413E84FAF732C7F4DE16526AAC9F ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
00:33:47.0056 0x0e38  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
00:33:47.0072 0x0e38  [ FC7A868DECC3AB027F29178EC8A7F252, 69623FF219EDF12CC0A49E7FFE9AFBB5E09EE2F6FA7A29DBF190AFB7592D9DE6 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
00:33:47.0072 0x0e38  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
00:33:47.0087 0x0e38  [ CCE3B423254296E4E1C3C52AB504108F, 045EE134F1A1A6C00628F964DDB882A6E3893017025ECA291B01C2870579EDA9 ] C:\Program Files\Microsoft Security Client\MpAsDesc.dll
00:33:47.0087 0x0e38  C:\Program Files\Microsoft Security Client\MpAsDesc.dll - ok
00:33:47.0087 0x0e38  [ 218A400108F280428FA22282D3268BBC, 7712687ABAEF6616E90AE5A321044C102E79EC23F4A1EAFB4278C93724873CB3 ] C:\Windows\System32\wscapi.dll
00:33:47.0087 0x0e38  C:\Windows\System32\wscapi.dll - ok
00:33:47.0103 0x0e38  [ F5CEF064C7E6D95DA86B9D064A56A969, F118CD4364690F37A07AE458E043E8CFBA98F332DC9E7228C83409CF26F6EF6D ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
00:33:47.0103 0x0e38  C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
00:33:47.0103 0x0e38  [ F6FD367C9EAAEDF90CD7A7952AE0B336, 65DF0688F18EC3DEC27E725DC3A2F0D656F321832BDFA45253C0933620214AAF ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
00:33:47.0103 0x0e38  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
00:33:47.0118 0x0e38  [ 4D9B3DFBAB2EA93B594B74D47E0B4E5D, 01DD03D27E27BC7E8B454543C36F83D9F71BD7A17D39D72B815DA5F5AFF115BF ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
00:33:47.0118 0x0e38  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
00:33:47.0134 0x0e38  [ 10FB16B50AFFDA6D44588F3C445DC273, 6CDA17DA9B44D11E69F7C6682FA633EA75731623BB21B429A0FE2086ED4495A7 ] C:\Windows\SysWOW64\setupapi.dll
00:33:47.0134 0x0e38  C:\Windows\SysWOW64\setupapi.dll - ok
00:33:47.0134 0x0e38  [ F436E847FA799ECD75AD8C313673F450, 3C8BF3F0C08C7FA8DE5CD9C60AD9D00B742E84EB1FEBEEBA0F7159844BAAA471 ] C:\Windows\SysWOW64\cfgmgr32.dll
00:33:47.0134 0x0e38  C:\Windows\SysWOW64\cfgmgr32.dll - ok
00:33:47.0150 0x0e38  [ 2EEFF4502F5E13B1BED4A04CCAD64C08, 209FF1B6D46D1AC99518FCF54F2F726143B2DBF2C5FDA90212FBEF7526F7CBF5 ] C:\Windows\SysWOW64\devobj.dll
00:33:47.0150 0x0e38  C:\Windows\SysWOW64\devobj.dll - ok
00:33:47.0150 0x0e38  [ 062373995EAE5F0EAC9EAA9192136BFB, 0392D5656BD677C4C5CB74C96E7B85B0867F2535A37950AEC7F5C4A1A70D19AE ] C:\Windows\SysWOW64\dnssd.dll
00:33:47.0150 0x0e38  C:\Windows\SysWOW64\dnssd.dll - ok
00:33:47.0165 0x0e38  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] C:\Program Files\Bonjour\mDNSResponder.exe
00:33:47.0165 0x0e38  C:\Program Files\Bonjour\mDNSResponder.exe - ok
00:33:47.0165 0x0e38  [ E94C583CDE2348950155F2AF2876F34D, D00C7E0D665E467B712C68A446CC5BE14FDA743A2301878B3CEB72CDD0A8B8E7 ] C:\Windows\SysWOW64\mswsock.dll
00:33:47.0165 0x0e38  C:\Windows\SysWOW64\mswsock.dll - ok
00:33:47.0181 0x0e38  [ EE5C8E27C37B79CB54A2FCEEED2DC262, 0A5E200FD65A491756B951A4A0ED39B88B7B313E97C2BBF3C91AC4C290772BB7 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
00:33:47.0181 0x0e38  C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
00:33:47.0196 0x0e38  [ FBDC1D23E595C22805BFE35D677732DA, C2D17DB780F45D408AC14296B4CE2F4C32CDC479599DCB176CA7708A57CDA5A2 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
00:33:47.0196 0x0e38  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
00:33:47.0196 0x0e38  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] C:\Windows\System32\cryptsvc.dll
00:33:47.0196 0x0e38  C:\Windows\System32\cryptsvc.dll - ok
00:33:47.0212 0x0e38  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] C:\Windows\System32\dps.dll
00:33:47.0212 0x0e38  C:\Windows\System32\dps.dll - ok
00:33:47.0212 0x0e38  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] C:\Windows\System32\FDResPub.dll
00:33:47.0212 0x0e38  C:\Windows\System32\FDResPub.dll - ok
00:33:47.0228 0x0e38  [ F1B205F932F62F94506A5F332C895DAF, F02F01F20F655DD919C71AE814E4C3DD43330AAD1425FC5B1497F1613917CCDE ] C:\Windows\System32\WSDApi.dll
00:33:47.0228 0x0e38  C:\Windows\System32\WSDApi.dll - ok
00:33:47.0228 0x0e38  [ A6B726DCA228F7878E38368A1BDC68BE, 30E8300B09B876E3D4B2A9215C9CC070EADF915E1268F425B6F8E0596A0D3539 ] C:\Windows\System32\cryptnet.dll
00:33:47.0228 0x0e38  C:\Windows\System32\cryptnet.dll - ok
00:33:47.0243 0x0e38  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] C:\Windows\System32\HPZinw12.dll
00:33:47.0243 0x0e38  C:\Windows\System32\HPZinw12.dll - ok
00:33:47.0243 0x0e38  [ BAAFAF9CEAEC0B73C2A3550A01F6CECB, 018CB95A43CEA2063EA24691C71D51EF60D522C21502ABA8AD93876363D4B857 ] C:\Windows\System32\taskschd.dll
00:33:47.0243 0x0e38  C:\Windows\System32\taskschd.dll - ok
00:33:47.0259 0x0e38  [ E36112A8A6C7F840169A7E92C12F4203, 52795B2E6ECCE751EEF5074AF52FDE376A382D0A1C43B90DD4F77A397C00FBC5 ] C:\Windows\System32\wsock32.dll
00:33:47.0259 0x0e38  C:\Windows\System32\wsock32.dll - ok
00:33:47.0274 0x0e38  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] C:\Windows\System32\nlasvc.dll
00:33:47.0274 0x0e38  C:\Windows\System32\nlasvc.dll - ok
00:33:47.0274 0x0e38  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] C:\Windows\System32\drivers\PEAuth.sys
00:33:47.0274 0x0e38  C:\Windows\System32\drivers\PEAuth.sys - ok
00:33:47.0290 0x0e38  [ D4FAC263861BAE06971C7F7D0A8EBF15, D494DEF0024288B9CC56EC6B500FF5828144BE9B8E7033340509EC5E68F8DED0 ] C:\Windows\System32\ncsi.dll
00:33:47.0290 0x0e38  C:\Windows\System32\ncsi.dll - ok
00:33:47.0290 0x0e38  [ C55516D98DD5D8F0153C2A9B4227DA86, DBC62B776CF06D0873A4C7CFCDF5B6F5C6E6C41917C326C090BCE58DC66EE09C ] C:\Windows\System32\webservices.dll
00:33:47.0290 0x0e38  C:\Windows\System32\webservices.dll - ok
00:33:47.0306 0x0e38  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] C:\Windows\System32\drivers\secdrv.sys
00:33:47.0306 0x0e38  C:\Windows\System32\drivers\secdrv.sys - ok
00:33:47.0306 0x0e38  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] C:\Windows\System32\HPZipm12.dll
00:33:47.0306 0x0e38  C:\Windows\System32\HPZipm12.dll - ok
00:33:47.0321 0x0e38  [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] C:\Windows\System32\drivers\Sftfslh.sys
00:33:47.0321 0x0e38  C:\Windows\System32\drivers\Sftfslh.sys - ok
00:33:47.0337 0x0e38  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] C:\Windows\System32\seclogon.dll
00:33:47.0337 0x0e38  C:\Windows\System32\seclogon.dll - ok
00:33:47.0337 0x0e38  [ 0E2F58F6E698EDCB9E58FAD0CBCD0567, 426FB40A065FEF61980C803EF72D0D326C623340C3AE99CA8AFFDEFB81E8D49D ] C:\Windows\System32\vssapi.dll
00:33:47.0337 0x0e38  C:\Windows\System32\vssapi.dll - ok
00:33:47.0352 0x0e38  [ D58988722C72D265B51A54103DFC2C6F, AC951AFB047FCA763D9B37DB9FF0D00B6AA67DAA9E2086AD3226BACCF6B910CE ] C:\Windows\SysWOW64\wininet.dll
00:33:47.0352 0x0e38  C:\Windows\SysWOW64\wininet.dll - ok
00:33:47.0352 0x0e38  [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] C:\Windows\System32\drivers\Sftplaylh.sys
00:33:47.0352 0x0e38  C:\Windows\System32\drivers\Sftplaylh.sys - ok
00:33:47.0368 0x0e38  [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
00:33:47.0368 0x0e38  C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe - ok
00:33:47.0384 0x0e38  [ DB001FAEA818AE2E14A74E0ADC530FC0, 45CB405589C92BF74C47B7C90E299A5732A99403C51F301A5B60579CAF3116E7 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcp90.dll
00:33:47.0384 0x0e38  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcp90.dll - ok
00:33:47.0384 0x0e38  [ B5055B51BAA0FD0A736A88653DA3C1C0, A3BD057C7E8C926930BA7E9D11427D26FB37267026A0B72AB4021101EE424F74 ] C:\Windows\System32\fundisc.dll
00:33:47.0384 0x0e38  C:\Windows\System32\fundisc.dll - ok
00:33:47.0399 0x0e38  [ 1E8D06AAE74FED674C1156B3FEA911C2, C1999BA9E436F9E0B9302DC82DF8B214E66372899FD4C0C60C56EE5340BADB9F ] C:\Windows\SysWOW64\Faultrep.dll
00:33:47.0399 0x0e38  C:\Windows\SysWOW64\Faultrep.dll - ok
00:33:47.0399 0x0e38  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] C:\Program Files (x86)\Skype\Updater\Updater.exe
00:33:47.0399 0x0e38  C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
00:33:47.0415 0x0e38  [ E3ECF5FFE3DEDF61DC6877B6A99ACBBF, 2944FE9035882830799F18B7A98112BA66F16994694CA0CFFC77306775F5EDB2 ] C:\Windows\SysWOW64\credssp.dll
00:33:47.0415 0x0e38  C:\Windows\SysWOW64\credssp.dll - ok
00:33:47.0430 0x0e38  [ 7321F18D1F820612ED0E9F2D4B578A7E, 612BD7DE1DFBD100BD6ACB37A38565D88C39842D990D296B9B8E1FB75C3A94E7 ] C:\Windows\SysWOW64\cryptsp.dll
00:33:47.0430 0x0e38  C:\Windows\SysWOW64\cryptsp.dll - ok
00:33:47.0430 0x0e38  [ 5997D769CDB108390DCFAEBF442BF816, 0E25CA984C0EEB629184423FAA9BC6D4356DF9A93F281E06DC83B4AC638AEC4A ] C:\Windows\SysWOW64\RpcRtRemote.dll
00:33:47.0430 0x0e38  C:\Windows\SysWOW64\RpcRtRemote.dll - ok
00:33:47.0446 0x0e38  [ B094390B6B2D0456821384771020870B, 137FEDD0EFBF1CEDA4930D8CE0A012A250CFF4020931846646090BB2C99EE7CE ] C:\Windows\SysWOW64\secur32.dll
00:33:47.0446 0x0e38  C:\Windows\SysWOW64\secur32.dll - ok
00:33:47.0446 0x0e38  [ BCEA9AB347E53BC03B2E36BE0B8BA0EF, 868DEFB78767E91694E83F931725257DF3FF79A4BFED3B914D27F3493EB7A8D0 ] C:\Windows\System32\httpapi.dll
00:33:47.0446 0x0e38  C:\Windows\System32\httpapi.dll - ok
00:33:47.0462 0x0e38  [ 2E33DFD10F28F86C3FC40EE123CC3904, 57C65671A04EFCA437A69E8E97B2FCA17897EE4608C7DB69F77D44FBD3490B50 ] C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
00:33:47.0462 0x0e38  C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
00:33:47.0462 0x0e38  [ 6951562DC4625EEFC6EACD52AD165866, 44A0B3EA0232D613A5B4115492DF2A7CEF25B35300E6A3E3E50C9544C5D1049E ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
00:33:47.0462 0x0e38  C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
00:33:47.0477 0x0e38  [ 589CBC4989F750E1DA35625AB481CF43, B93E1B8C3775F9C995FD5451C685A06DEFD24AE1DF0DD99D19D5E4B9AC0010F9 ] C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
00:33:47.0477 0x0e38  C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll - ok
00:33:47.0493 0x0e38  [ 3BE0D923AA45A4DBE091C2D84F0B4FE7, 603EEC55D6F646150FC3F0F2C939CFE434C02FC7A7AB23B1FEC8B5C77E4C8381 ] C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
00:33:47.0493 0x0e38  C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll - ok
00:33:47.0493 0x0e38  [ A543AC1F7138376D778D630A35FCBC4C, 2D824C66A97FC8C39DAFA397CC47495B712D175EEF393486946DA8936BDD466A ] C:\Windows\SysWOW64\psapi.dll
00:33:47.0493 0x0e38  C:\Windows\SysWOW64\psapi.dll - ok
00:33:47.0508 0x0e38  [ 287923557447D7E4BDD7E65B1F0F5428, 14D85A0F036F28D77AA9723C3D7E8C4DA9BDFF8A1AD9BEA6FE5756DBF5D00F08 ] C:\Windows\System32\vsstrace.dll
00:33:47.0508 0x0e38  C:\Windows\System32\vsstrace.dll - ok
00:33:47.0508 0x0e38  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] C:\Windows\System32\drivers\srvnet.sys
00:33:47.0508 0x0e38  C:\Windows\System32\drivers\srvnet.sys - ok
00:33:47.0524 0x0e38  [ 2BBF3FDB70B8965DFA0258CBAB41ECCE, 4EFA41765E46E90C6CBDB0DC1E0CD375D7AB3307C477171EBAA6A16AC32E5211 ] C:\Windows\System32\ssdpapi.dll
00:33:47.0524 0x0e38  C:\Windows\System32\ssdpapi.dll - ok
00:33:47.0524 0x0e38  [ ED8EC63F7522DF4852147C84EC62C36A, 75633011CD28DCBD4834211A9D415F17DE15BFCD80FB9FF6CE25CBBD4E9899AF ] C:\Windows\SysWOW64\rsaenh.dll
00:33:47.0524 0x0e38  C:\Windows\SysWOW64\rsaenh.dll - ok
00:33:47.0540 0x0e38  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] C:\Windows\System32\wiaservc.dll
00:33:47.0540 0x0e38  C:\Windows\System32\wiaservc.dll - ok
00:33:47.0540 0x0e38  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] C:\Windows\System32\drivers\tcpipreg.sys
00:33:47.0540 0x0e38  C:\Windows\System32\drivers\tcpipreg.sys - ok
00:33:47.0555 0x0e38  [ 6564E84B1522C12EA1C3A181ED03276F, BADCCD3F28149427FEFCB0CF5011A87B0ED32752B81D211A9551983A4BD3699E ] C:\Program Files\Intel\TurboBoost\TurboBoost.exe
00:33:47.0555 0x0e38  C:\Program Files\Intel\TurboBoost\TurboBoost.exe - ok
00:33:47.0571 0x0e38  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] C:\Windows\System32\tapisrv.dll
00:33:47.0571 0x0e38  C:\Windows\System32\tapisrv.dll - ok
00:33:47.0571 0x0e38  [ 18E756E0FE2FFCD5DE35F6B9F91244A6, 2B508EEA1F59BE0E627BB87921F88D6C7277609DCCEFCD3618F83503CF871761 ] C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_0a1d2fcba76b3f00\ATL90.dll
00:33:47.0571 0x0e38  C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_0a1d2fcba76b3f00\ATL90.dll - ok
00:33:47.0586 0x0e38  [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5, BDA403E6CACC249C467671FB1FAF7B77FB019326BC18F9F6CF377104520E2654 ] C:\Windows\System32\wiatrace.dll
00:33:47.0586 0x0e38  C:\Windows\System32\wiatrace.dll - ok
00:33:47.0602 0x0e38  [ BE165318E0052A91F7EA36F515B5F2B1, 6FFADF9F6A2DC6097DD036FDFC718C856A67E64544019D029A4E767D3F84538D ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcp90.dll
00:33:47.0602 0x0e38  C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcp90.dll - ok
00:33:47.0602 0x0e38  [ 0D7BE936A44E6B70F822D272A5CEBC22, 280E44BF707AD46DB480287975BFDC58C416E05193171836610FBFA2FFBA8AF3 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcr90.dll
00:33:47.0602 0x0e38  C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcr90.dll - ok
00:33:47.0618 0x0e38  [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
00:33:47.0618 0x0e38  C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe - ok
00:33:47.0633 0x0e38  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] C:\Windows\System32\wbem\WMIsvc.dll
00:33:47.0633 0x0e38  C:\Windows\System32\wbem\WMIsvc.dll - ok
00:33:47.0633 0x0e38  [ 7DB5AA22A8A8E5C2D335F44853C1F6DE, A734A20357026C42950394682A52CBC3AF956D09F1949E1B4E95467E999BC428 ] C:\Windows\System32\wbemcomn.dll
00:33:47.0633 0x0e38  C:\Windows\System32\wbemcomn.dll - ok
00:33:47.0649 0x0e38  [ 3F1D0820E8F8A3E4F99333A6DCC2B95A, 61238B92EABA8175CDD1944CEB985128736B2515BFCF65B94108DC72747E9AA6 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftsync.dll
00:33:47.0649 0x0e38  C:\Program Files (x86)\Microsoft Application Virtualization Client\sftsync.dll - ok
00:33:47.0664 0x0e38  [ E70E7C2EEC214FB2FE50DBFC8E98CB85, 3884117DB6B9CAEC669DAF4D2B2068CEE31298967C7EEC9DF5379D1A6A800659 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftuser.dll
00:33:47.0664 0x0e38  C:\Program Files (x86)\Microsoft Application Virtualization Client\sftuser.dll - ok
00:33:47.0664 0x0e38  [ 85181D316D88082CF39D2F33FD47C6B5, F92AEA12F662BDCE7EE950B41B06454797996E596CBF3482F9A406B21782E28C ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcore.dll
00:33:47.0664 0x0e38  C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcore.dll - ok
00:33:47.0680 0x0e38  [ B9A8CBCFCD3EC9D2EA4740AF347BF108, 97FA304E3880BC863D999F441AE47CB8ADF00D2DEC2A52ACD8FBD02CC096786A ] C:\Windows\SysWOW64\mpr.dll
00:33:47.0680 0x0e38  C:\Windows\SysWOW64\mpr.dll - ok
00:33:47.0680 0x0e38  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] C:\Windows\System32\rasmans.dll
00:33:47.0680 0x0e38  C:\Windows\System32\rasmans.dll - ok
00:33:47.0696 0x0e38  [ 0C52762C606BCF6A377D5E4688191A6B, C58C9A73AD07E3B93AB186D0D47C5F1CB7197771DBEE40646C3B801645BB388F ] C:\Windows\System32\wbem\WmiDcPrv.dll
00:33:47.0696 0x0e38  C:\Windows\System32\wbem\WmiDcPrv.dll - ok
00:33:47.0711 0x0e38  [ A3F5E8EC1316C3E2562B82694A251C9E, F3DC6AA6A9D3B5BBC730668FC52C1D4BB5D515D404578BDDD3D4869A7ED58822 ] C:\Windows\System32\wbem\fastprox.dll
00:33:47.0711 0x0e38  C:\Windows\System32\wbem\fastprox.dll - ok
00:33:47.0711 0x0e38  [ 44C96B48112EB24AE7764EBF1C527000, 6691D008C834686906B4841EF27604B0F0E70E668C09CEE19369426BF168AF44 ] C:\Windows\System32\rastapi.dll
00:33:47.0711 0x0e38  C:\Windows\System32\rastapi.dll - ok
00:33:47.0727 0x0e38  [ FAFAE01E889DC9C05A6CA2138CFC220B, 192CFDE3593ED0A9B397461D912074C0F062015C23E6F6658571C7C2864D9A51 ] C:\Windows\System32\tapi32.dll
00:33:47.0727 0x0e38  C:\Windows\System32\tapi32.dll - ok
00:33:47.0727 0x0e38  [ 0255C22D99602534F15CBB8D9B6F152F, 43CD89D6CA56E0B633142F7C86DA9E072EE0723B5EBC4CE8CCBCA58C396ECF54 ] C:\Windows\System32\wbem\WinMgmtR.dll
00:33:47.0727 0x0e38  C:\Windows\System32\wbem\WinMgmtR.dll - ok
00:33:47.0742 0x0e38  [ D2A0FFA75AB181B19B5EB93BB29C7686, AC282D5EFFB191492F14638EB80F18E53C4A3D26C94A00A949366B3564D6C3E2 ] C:\Windows\System32\unimdm.tsp
00:33:47.0742 0x0e38  C:\Windows\System32\unimdm.tsp - ok
00:33:47.0742 0x0e38  [ 9D79C992E1607D2CD7B13A0F97557858, 4D2DFF755C54E93ECEDD12F3A4DB856BA9AA4375DB06F5D8DB8D15C26347D361 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftpsr.dll
00:33:47.0742 0x0e38  C:\Program Files (x86)\Microsoft Application Virtualization Client\sftpsr.dll - ok
00:33:47.0758 0x0e38  [ EE26D130808D16C0E417BBBED0451B34, 4886DCE4FAEF146A40BABD492A8000A2022FEA542A6135A9BAFD4CD09297B4E5 ] C:\Windows\System32\ntdsapi.dll
00:33:47.0758 0x0e38  C:\Windows\System32\ntdsapi.dll - ok
00:33:47.0774 0x0e38  [ 8AA502B025916688E71E55BB59BED6F9, EB527CFF2C45753C580C30ACCB8BCE0961383994F1BDDF8A1B6138C220D7AD03 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftfsi_wow64.dll
00:33:47.0774 0x0e38  C:\Program Files (x86)\Microsoft Application Virtualization Client\sftfsi_wow64.dll - ok
00:33:47.0774 0x0e38  [ 94B7DF336815B47236724019FAB24B7C, 43549F1FB89D0585A0E0333BB8E1DDED2EBD0F3C0EC3EA93B238EA037188AA41 ] C:\Windows\System32\uniplat.dll
00:33:47.0774 0x0e38  C:\Windows\System32\uniplat.dll - ok
00:33:47.0789 0x0e38  [ 666A60F6F5E719856FF6254E0966EFF7, 58C072E7E215991E19C1CA062C476081982F7B9F039714539AE7FEB4981C200F ] C:\Windows\System32\wbem\wbemprox.dll
00:33:47.0789 0x0e38  C:\Windows\System32\wbem\wbemprox.dll - ok
00:33:47.0789 0x0e38  [ 5EB55F661DEBF156E126160BCD4D89F8, 948D1F627AA55D55FB3B558BA61B8366C5481A6041820631F24408F75EA5D2CC ] C:\Windows\System32\wbem\wbemcore.dll
00:33:47.0789 0x0e38  C:\Windows\System32\wbem\wbemcore.dll - ok
00:33:47.0805 0x0e38  [ 41326DD08ACC0CDC5F8177AF96C066E8, 9C21BB553EEDD28272E865396C9EF94655EC1CF216290A56581AEF7908B7AFDD ] C:\Windows\System32\kmddsp.tsp
00:33:47.0805 0x0e38  C:\Windows\System32\kmddsp.tsp - ok
00:33:47.0805 0x0e38  [ 1D6BC2769DA66C1145F4DA5A65F52E61, B38EFF16652E751BF3B3BD85DA6EA33AB9B7F4228C59F741074E33085DB66ED0 ] C:\Windows\System32\ndptsp.tsp
00:33:47.0805 0x0e38  C:\Windows\System32\ndptsp.tsp - ok
00:33:47.0820 0x0e38  [ 7C1BAE7D23D4874FEE256A2B9C00E019, 4EE87C2F0CACE557AA159349133474A5857B6667DDB976BA5A18489A3333F798 ] C:\Windows\System32\hidphone.tsp
00:33:47.0820 0x0e38  C:\Windows\System32\hidphone.tsp - ok
00:33:47.0836 0x0e38  [ 087D8668C71634A3A3761135ABF16EEE, B7348A63299CFF4FFBF375E645A4850AE0F108D48D13AB25434CFAE7CF3D61FD ] C:\Windows\System32\wbem\esscli.dll
00:33:47.0836 0x0e38  C:\Windows\System32\wbem\esscli.dll - ok
00:33:47.0836 0x0e38  [ 718B6F51AB7F6FE2988A36868F9AD3AB, 76141B4E94C2766E2C34CEF523092948771A7893212EFADBE88D2171B85FF012 ] C:\Windows\System32\wbem\wbemsvc.dll
00:33:47.0836 0x0e38  C:\Windows\System32\wbem\wbemsvc.dll - ok
00:33:47.0852 0x0e38  [ A717A35120DBAB5AB707AB40662AF9DD, DE117E70D0AC7FC26BBCEAAB45A0270A1065B36CC8B062B4128B561F2AAA9E04 ] C:\Windows\System32\rasppp.dll
00:33:47.0852 0x0e38  C:\Windows\System32\rasppp.dll - ok
00:33:47.0852 0x0e38  [ 0FE5CD5F9C9248F42D1EF56E495B182E, 1EBD40C119A3D3251A19A8D15669D9DCB5D3CFBC3AFCF1CD00101C31320243E1 ] C:\Windows\System32\vpnike.dll
00:33:47.0852 0x0e38  C:\Windows\System32\vpnike.dll - ok
00:33:47.0867 0x0e38  [ 0143DB80DACFB7C2B5B7009ED9063353, 252885CF7C1BAB89B86908373546E5F5D674BEF7AACBDDCF321AD877CB9150A9 ] C:\Windows\System32\wbem\wmiutils.dll
00:33:47.0867 0x0e38  C:\Windows\System32\wbem\wmiutils.dll - ok
00:33:47.0867 0x0e38  [ 6A84E68B538B8B04608BF2F0D426CE6F, 59CE1C06364D1BBEE853DA4AEC1E8B678D6E181723ACCF6DB9F9776CAD47BBDA ] C:\Windows\System32\raschap.dll
00:33:47.0867 0x0e38  C:\Windows\System32\raschap.dll - ok
00:33:47.0883 0x0e38  [ 0AB34456654C283DAA13B8D2BA21439B, 4B70FC5195DE39564E951C8542020BA3D4257E3D4488F69825F67A6099CB7549 ] C:\Windows\System32\wbem\repdrvfs.dll
00:33:47.0883 0x0e38  C:\Windows\System32\wbem\repdrvfs.dll - ok
00:33:47.0898 0x0e38  [ FD96C05DE700F5FD26273D6DDB6495A7, FED30D3045FA829491BB8FCAE842F6B6034288B679B1A515600A019A821AF916 ] C:\Windows\SysWOW64\iertutil.dll
00:33:47.0898 0x0e38  C:\Windows\SysWOW64\iertutil.dll - ok
00:33:47.0898 0x0e38  [ A84509C6AB1C764C592F192AA89DA830, 1A6DA207875BF886BDB93725BC87C2137543D9DD6B0CAD49A2A0B78C90735801 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
00:33:47.0898 0x0e38  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
00:33:47.0914 0x0e38  [ 66E073D8D83833DB525B4174C060E840, E8FD9A0A7E166DCEA3717CF184EB4D86600F837DE55CF9C036440BCEFBC09508 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcomp.dll
00:33:47.0914 0x0e38  C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcomp.dll - ok
00:33:47.0930 0x0e38  [ 6A13B4F3B3F575F1E24B877B9359AABA, 676AD5F8F709D4A9DCE9938D82DEEE329C9A385A6969C169B3DF37AA75F1E4C7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
00:33:47.0930 0x0e38  C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
00:33:47.0930 0x0e38  [ 6F8E3B7B70E1BBA871212940C1FBDF60, 3F9D4EE64E4210340C6FEE0DE81BFE3C613DDBE608EC09D63817D24CE24BFC5E ] C:\Windows\SysWOW64\SensApi.dll
00:33:47.0930 0x0e38  C:\Windows\SysWOW64\SensApi.dll - ok
00:33:47.0945 0x0e38  [ A90DC9ABD65DB1A8902F361103029952, 26798758976CE53251AC342B966BE0363AE1794BD965C452F5DEBC33E18969F0 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
00:33:47.0945 0x0e38  C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
00:33:47.0945 0x0e38  [ CA9F7888B524D8100B977C81F44C3234, 57F3353F89724147D8AC8B69B12C1303DF26978309776F5F8CCF074526A915D3 ] C:\Windows\SysWOW64\winhttp.dll
00:33:47.0945 0x0e38  C:\Windows\SysWOW64\winhttp.dll - ok
00:33:47.0961 0x0e38  [ CFF35B879D1618D42C86644C717BA947, 1837275202628D3320867A3BF8CFDA15491730C4B74215F7C0D7E140BF01AC3C ] C:\Windows\SysWOW64\winnsi.dll
00:33:47.0961 0x0e38  C:\Windows\SysWOW64\winnsi.dll - ok
00:33:47.0961 0x0e38  [ A7DDDDE163F16AB49DF3DE9EEC715495, 00F83712F55C4B54F5B54595CDA2BCCDFCB72F0B31EED8274F87232106995EA6 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
00:33:47.0961 0x0e38  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
00:33:47.0976 0x0e38  [ FB19FC5951A88F3C523E35C2C98D23C0, FF0DB8BF0C68DA0D09272E8181D2B5409C8850BB2F31AEA3AC4CD14C5A420A59 ] C:\Windows\SysWOW64\webio.dll
00:33:47.0976 0x0e38  C:\Windows\SysWOW64\webio.dll - ok
00:33:47.0992 0x0e38  [ 8EA53101FF2B15BDFF934B62A8FB326D, E28536A4AC6764C2480EF047AF2312AE2600819899C3E33B486CFE19F25AC464 ] C:\Windows\SysWOW64\logoncli.dll
00:33:47.0992 0x0e38  C:\Windows\SysWOW64\logoncli.dll - ok
00:33:47.0992 0x0e38  [ C212A43AA83A717AD38505F23ACDCB33, 52BFF0FB72D2C4543ECB2C2F6E1DA63E548BAFCE553EECBB18F287AC2CF5EF28 ] C:\Windows\SysWOW64\msi.dll
00:33:47.0992 0x0e38  C:\Windows\SysWOW64\msi.dll - ok
00:33:48.0008 0x0e38  [ 0A855F27A1E48991D14C593CB930D2B2, 43D11DDFA64BE9A2EEB94574F21FD45334E4598506F3D5AE1446C7A0ADD10300 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
00:33:48.0008 0x0e38  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
00:33:48.0008 0x0e38  [ 011285619951BC4C92FE322E08ABF050, 631C3727F5921B8A766BE39A7F5CB03E83A858DCFC95C820AADC2991D2D3ED92 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
00:33:48.0008 0x0e38  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
00:33:48.0023 0x0e38  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] C:\Windows\System32\drivers\srv2.sys
00:33:48.0023 0x0e38  C:\Windows\System32\drivers\srv2.sys - ok
00:33:48.0023 0x0e38  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] C:\Windows\System32\iphlpsvc.dll
00:33:48.0023 0x0e38  C:\Windows\System32\iphlpsvc.dll - ok
00:33:48.0039 0x0e38  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] C:\Windows\SysWOW64\netprofm.dll
00:33:48.0039 0x0e38  C:\Windows\SysWOW64\netprofm.dll - ok
00:33:48.0054 0x0e38  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] C:\Windows\System32\drivers\srv.sys
00:33:48.0054 0x0e38  C:\Windows\System32\drivers\srv.sys - ok
00:33:48.0054 0x0e38  [ 27B9E163740A226B65E4B9E186117911, 17411C6A6C1E699BC4B0C04D782FD9AA09CF577DBA41E743F7588904D489CB9F ] C:\Windows\System32\sqmapi.dll
00:33:48.0054 0x0e38  C:\Windows\System32\sqmapi.dll - ok
00:33:48.0070 0x0e38  [ 7B38D7916A7CD058C16A0A6CA5077901, 3F6DD990E2DA5D3BD6D65A72CBFB0FE79EB30B118A8AD71B6C9BB5581A622DCE ] C:\Windows\System32\wdscore.dll
00:33:48.0070 0x0e38  C:\Windows\System32\wdscore.dll - ok
00:33:48.0070 0x0e38  [ 0BA65122FFA7E37564EE86422DBF7AE8, 3A37FC503D3228D021473AECA285427382518CC36C197E4C9912745BDF3AB757 ] C:\Windows\SysWOW64\nlaapi.dll
00:33:48.0070 0x0e38  C:\Windows\SysWOW64\nlaapi.dll - ok
00:33:48.0086 0x0e38  [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] C:\Windows\System32\drivers\Sftredirlh.sys
00:33:48.0086 0x0e38  C:\Windows\System32\drivers\Sftredirlh.sys - ok
00:33:48.0086 0x0e38  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] C:\Windows\System32\srvsvc.dll
00:33:48.0086 0x0e38  C:\Windows\System32\srvsvc.dll - ok
00:33:48.0101 0x0e38  [ 1EBE9524683C7C4EED8B8BC93FB6FBCC, 78AF098E270EDE62466557091F14B2D37BDAB488F02E7CC769251FD17C02BA4A ] C:\Windows\SysWOW64\fltLib.dll
00:33:48.0101 0x0e38  C:\Windows\SysWOW64\fltLib.dll - ok
00:33:48.0117 0x0e38  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] C:\Windows\System32\browser.dll
00:33:48.0117 0x0e38  C:\Windows\System32\browser.dll - ok
00:33:48.0117 0x0e38  [ 3B367397320C26DBA890B260F80D1B1B, 50BBE71B4380B5E86E197AF86F5C08266DD6B12344BA4ABDEA604B8C774C4147 ] C:\Windows\System32\hnetcfg.dll
00:33:48.0117 0x0e38  C:\Windows\System32\hnetcfg.dll - ok
00:33:48.0132 0x0e38  [ CFEFA40DDE34659BE5211966EAD86437, AC0A3AD8AA47012C40785013E2273FC571F416BC9C9FFDA418FE72B3123C1FB0 ] C:\Windows\System32\netmsg.dll
00:33:48.0132 0x0e38  C:\Windows\System32\netmsg.dll - ok
00:33:48.0132 0x0e38  [ F95E1E9D97D25C11F29CA34C843A6F4D, 97DF01FA582425B72EFE54BE1CE8B28C4A8BA680A081F4D32797C5A0425FFB41 ] C:\Windows\SysWOW64\schannel.dll
00:33:48.0132 0x0e38  C:\Windows\SysWOW64\schannel.dll - ok
00:33:48.0148 0x0e38  [ F11A57E91FDAECFB41A5CB21EB1EBC8E, 904DA963F2274ADF521660E3131DAC781E59C6FAEB393E57802A3B5638C09283 ] C:\Windows\System32\dssenh.dll
00:33:48.0148 0x0e38  C:\Windows\System32\dssenh.dll - ok
00:33:48.0148 0x0e38  [ 81749E073AC5857B044A686B406E5244, 3884EE705CA34235B29942FEDA8FEA654A21139B8C2A1D5E009C7D07D6E6ADF1 ] C:\Windows\System32\clusapi.dll
00:33:48.0148 0x0e38  C:\Windows\System32\clusapi.dll - ok
00:33:48.0164 0x0e38  [ FF80CAD87555E8E4D2CFD7B9058343F8, 07653773FBEC1996408B8507B08E0E1E812830063F932F897F4B39EE63DDCDC4 ] C:\Windows\System32\sscore.dll
00:33:48.0164 0x0e38  C:\Windows\System32\sscore.dll - ok
00:33:48.0164 0x0e38  [ 344FCC9850C3A8A3B4D3C65151AF8E4C, C38853454E153B1AB4AEAE1AAFB7CB4B2E6234208CF24C09F3B2AFE25E271C5C ] C:\Windows\System32\resutils.dll
00:33:48.0164 0x0e38  C:\Windows\System32\resutils.dll - ok
00:33:48.0179 0x0e38  [ E227B810296AA27E6C69307A7B6456E5, 0FBF1C90362EA0D12B4B0E18A2FB3E3AC90E116C30BE4CBE95F12EB4882FB985 ] C:\Windows\SysWOW64\msxml6.dll
00:33:48.0179 0x0e38  C:\Windows\SysWOW64\msxml6.dll - ok
00:33:48.0179 0x0e38  [ 41010A88B70A2168F801DC19EBD4CB4F, FDA04D1CCACB83F070166B968B0CE0C7A72B5ADEA975D72D1B5C0E10385716C1 ] C:\Windows\SysWOW64\urlmon.dll
00:33:48.0179 0x0e38  C:\Windows\SysWOW64\urlmon.dll - ok
00:33:48.0195 0x0e38  [ F9D908DE6B166DAC9B89BF62FA291CE8, D0A918AD60221623BB0278EA94CD6938744617FDBB2054968AFAFC2940648F02 ] C:\Program Files\Bonjour\mdnsNSP.dll
00:33:48.0195 0x0e38  C:\Program Files\Bonjour\mdnsNSP.dll - ok
00:33:48.0210 0x0e38  [ 1C60E09CA1C3A045BC4D367F67C915B7, DF1ED88CB57DA1AB1A4245AE0D5B42AFA3396EBF67B99411FFFB0DD06DE1AEAF ] C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
00:33:48.0210 0x0e38  C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
00:33:48.0210 0x0e38  [ 007863E45F25AA47A4C30D0930BBFD85, 60F2ABA40D520FCA2C57FA2DB72E111C14F21821DA17F662837506B80C269634 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
00:33:48.0210 0x0e38  C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
00:33:48.0226 0x0e38  [ 88351B29B622B30962D2FEB6CA8D860B, A16CAD7D94C1C9807083BB36E9B4C3C14E6482C4CA2BDFACBCC86E737DDCE42E ] C:\Windows\System32\rasadhlp.dll
00:33:48.0226 0x0e38  C:\Windows\System32\rasadhlp.dll - ok
00:33:48.0226 0x0e38  [ 12C45E3CB6D65F73209549E2D02ECA7A, 9DFD9C58B90257C34D52B7156C1D2566BE32EE7BD4699DDE164A5F190EC4D44A ] C:\Windows\SysWOW64\propsys.dll
00:33:48.0226 0x0e38  C:\Windows\SysWOW64\propsys.dll - ok
00:33:48.0242 0x0e38  [ 3FD15B4611D9BDA3F8013548C0ECAECA, B47A8D9985D9B71EB870816A0AB2B6403D394CCBDF7DE5378D5721D58D68D28D ] C:\Windows\SysWOW64\ntmarta.dll
00:33:48.0242 0x0e38  C:\Windows\SysWOW64\ntmarta.dll - ok
00:33:48.0257 0x0e38  [ A8BB45F9ECAD993461E0FEF8E2A99152, ACB756EA54E71F124D928829666B5B439785593877FF7C0C76ADCF954F4E6C94 ] C:\Windows\SysWOW64\Wldap32.dll
00:33:48.0257 0x0e38  C:\Windows\SysWOW64\Wldap32.dll - ok
00:33:48.0257 0x0e38  [ DDD0357A92FA843EFF8915ED17253D6C, 0C78B1D41F0A7821186ADF653504F2BFF067CB512CB0E932047C301378BBADB6 ] C:\Windows\System32\wbem\WmiPrvSD.dll
00:33:48.0257 0x0e38  C:\Windows\System32\wbem\WmiPrvSD.dll - ok
00:33:48.0273 0x0e38  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] C:\Windows\System32\netman.dll
00:33:48.0273 0x0e38  C:\Windows\System32\netman.dll - ok
00:33:48.0273 0x0e38  [ D41FEBD098234F02485A4EA98D4730A4, 462DC8168C444F35B43BA3B8F7D77734665D84F1C6D25CAD7391C0145961628F ] C:\Windows\System32\ncobjapi.dll
00:33:48.0273 0x0e38  C:\Windows\System32\ncobjapi.dll - ok
00:33:48.0288 0x0e38  [ 6F40D6FB05E0C1E5402812B426971AF0, E41F138F0F2DB057F8DBB1587237C6FA8A2059B3D64EC894D1DC492A18DBBDED ] C:\Windows\System32\wbem\wbemess.dll
00:33:48.0288 0x0e38  C:\Windows\System32\wbem\wbemess.dll - ok
00:33:48.0288 0x0e38  [ 1727B2A2F379A32B864C096FA794AADC, 87B77A5DF95F3A1C5ED6DEF820C7E384BEFCBAA2FE1BB4781AC6F777A081E5CC ] C:\Windows\System32\aepic.dll
00:33:48.0288 0x0e38  C:\Windows\System32\aepic.dll - ok
00:33:48.0304 0x0e38  [ C6DCD1D11ED6827F05C00773C3E7053C, EA23BE261C9C04F44215D254D7A80FD0AEE84C6F192D0FEE49A7CF74ED3CB1A6 ] C:\Windows\System32\sfc.dll
00:33:48.0304 0x0e38  C:\Windows\System32\sfc.dll - ok
00:33:48.0304 0x0e38  [ 895C9AB0A855547445C4181195230757, 89BDA385D8CCB75C3D7B1BDFA567AC441A931F4E499C0835FEE9D010343FABB6 ] C:\Windows\System32\sfc_os.dll
00:33:48.0304 0x0e38  C:\Windows\System32\sfc_os.dll - ok
00:33:48.0320 0x0e38  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] C:\Windows\System32\trkwks.dll
00:33:48.0320 0x0e38  C:\Windows\System32\trkwks.dll - ok
00:33:48.0335 0x0e38  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] C:\Windows\System32\sysmain.dll
00:33:48.0335 0x0e38  C:\Windows\System32\sysmain.dll - ok
00:33:48.0335 0x0e38  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] C:\Windows\System32\ipnathlp.dll
00:33:48.0335 0x0e38  C:\Windows\System32\ipnathlp.dll - ok
00:33:48.0351 0x0e38  [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
00:33:48.0351 0x0e38  C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE - ok
00:33:48.0351 0x0e38  [ A7E746F7E13542ED4A9BFC2D34043E82, 65BAA624D01CAF1C883141502E37384DDFDFDBC6E053F2B7DC996D1D9407081A ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSHARED.DLL
00:33:48.0351 0x0e38  C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSHARED.DLL - ok
00:33:48.0366 0x0e38  [ 210FCACAF902B2CD47CF9FD17D846146, 3F77AC721E084864C5966FF5337A90185F62203DC19C685328675500D629CB87 ] C:\Windows\System32\aeevts.dll
00:33:48.0366 0x0e38  C:\Windows\System32\aeevts.dll - ok
00:33:48.0382 0x0e38  [ 53223B673A3FA2F9A4D1C31C8D3F6CD8, B07A12E3ECD5E418A3F99F00C56E7F482F68CADE330E7C079DCCDFFAD2E21299 ] C:\Windows\SysWOW64\dbghelp.dll
00:33:48.0382 0x0e38  C:\Windows\SysWOW64\dbghelp.dll - ok
00:33:48.0382 0x0e38  [ E9BB0CD09DA17C71FD1B9954D75AEEF7, FF5E2F04F1FD56FDD19368150B5750275F0A44E9EA9820C8087E84ECBBF45286 ] C:\Windows\SysWOW64\credui.dll
00:33:48.0382 0x0e38  C:\Windows\SysWOW64\credui.dll - ok
00:33:48.0398 0x0e38  [ 8E01332CC4B68BC6B5B7EFFE374442AA, A4AD1D2FD3EC2F26949DBBC388F9FFF3713AD7EB4E9220AF817EBB5223E467C6 ] C:\Windows\SysWOW64\oleacc.dll
00:33:48.0398 0x0e38  C:\Windows\SysWOW64\oleacc.dll - ok
00:33:48.0398 0x0e38  [ 565A30B70BE8A9B171839003F2D69683, 808BFBF2A0EC54417A254FDA0B22472CEA4A50F4C0952A6AB0ADF1119BD2543E ] C:\Windows\SysWOW64\hlink.dll
00:33:48.0398 0x0e38  C:\Windows\SysWOW64\hlink.dll - ok
00:33:48.0413 0x0e38  [ 74AF1FFCAFD60DA88A386AE161F56438, FFDAC2829D384EEF04E4B756E25971C03B446A96A0CBE879801FB796AA79E7CA ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\en-us\CVHIntl.dll
00:33:48.0413 0x0e38  C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\en-us\CVHIntl.dll - ok
00:33:48.0429 0x0e38  [ D835EDB2FC3368F3366C07493DFF2B41, CAFEB1DB1D8AFEAC5E0981E37C04B558D351D638CB1C9D91D7693E2C428BA074 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftintf.dll
00:33:48.0429 0x0e38  C:\Program Files (x86)\Microsoft Application Virtualization Client\sftintf.dll - ok
00:33:48.0429 0x0e38  [ 8BA721F76C97A219599E88722AA48875, 7784C7E329160AB2559E4192A7B46310E5B60E2727883C5080AC80875988D7F5 ] C:\Windows\SysWOW64\msv1_0.dll
00:33:48.0429 0x0e38  C:\Windows\SysWOW64\msv1_0.dll - ok
00:33:48.0444 0x0e38  [ 1128637CAD49A8E3C8B5FA5D0A061525, 6B80E50D8296F9E2C978CC6BC002B964ACFD8F4BCF623F4770513792845B5278 ] C:\Windows\SysWOW64\cryptdll.dll
00:33:48.0444 0x0e38  C:\Windows\SysWOW64\cryptdll.dll - ok
00:33:48.0444 0x0e38  [ 2DF29664ED261F0FC448E58F338F0671, 4EFE79C383D0AF126FC4EE668D822563F8F037B1E61D73747A35FE11AAFDB8CE ] C:\Windows\System32\mprapi.dll
00:33:48.0444 0x0e38  C:\Windows\System32\mprapi.dll - ok
00:33:48.0460 0x0e38  [ A42F2C1EB3B66C54FB3C7B79D30C1A6D, A63836DB3B01835DC1311526A95198D6EBCCB1DC9DDAFBC38EC36C128CDB98B9 ] C:\Windows\System32\netshell.dll
00:33:48.0460 0x0e38  C:\Windows\System32\netshell.dll - ok
00:33:48.0460 0x0e38  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] C:\Windows\System32\appinfo.dll
00:33:48.0460 0x0e38  C:\Windows\System32\appinfo.dll - ok
00:33:48.0476 0x0e38  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] C:\Windows\System32\wdi.dll
00:33:48.0476 0x0e38  C:\Windows\System32\wdi.dll - ok
00:33:48.0491 0x0e38  [ BF4AC709BE5BF64F331F5D67773A0C82, 96E5A2A12D386B8A7976FEC76FD350E6A3EEBDF5763F4BBF4AB18880E9F269E0 ] C:\Windows\System32\perftrack.dll
00:33:48.0491 0x0e38  C:\Windows\System32\perftrack.dll - ok
00:33:48.0491 0x0e38  [ E0B340996A41C9A75DFA3B99BBA9C500, D029AD8ABBD2267B1E44DF5172B93C3F832B4C21F930F5512C24E800F5CE4F8B ] C:\Windows\System32\SearchIndexer.exe
00:33:48.0491 0x0e38  C:\Windows\System32\SearchIndexer.exe - ok
00:33:48.0507 0x0e38  [ 589DF683A6C81424A6CECE52ABF98A50, 8CE0D07B2FC1F1BF8C07434FAFCDC63FDD3B75007C3B2EED130DB69D2D16E90A ] C:\Windows\System32\tquery.dll
00:33:48.0507 0x0e38  C:\Windows\System32\tquery.dll - ok
00:33:48.0507 0x0e38  [ 1075AB2C077B415760C0E948856B5126, D67804B4A038FC06BD84CBF9C047DD4C13073622027F825371DB98867EF4E9B9 ] C:\Windows\System32\wer.dll
00:33:48.0507 0x0e38  C:\Windows\System32\wer.dll - ok
00:33:48.0522 0x0e38  [ F7073C962C4FB7C415565DDE109DE49F, 781E7088DCEFBC34A808C3E7DA41A56112B3F23ABE9F54B5EF4D5CD9CD016B1D ] C:\Windows\System32\npmproxy.dll
00:33:48.0522 0x0e38  C:\Windows\System32\npmproxy.dll - ok
00:33:48.0522 0x0e38  [ 7568CC720ACE4D03B84AF97817E745EF, 7155144CB0B260B969C398A36BC277C97BEADB5DB137D19A4F7E5AF61C3E24D4 ] C:\Windows\System32\mssrch.dll
00:33:48.0522 0x0e38  C:\Windows\System32\mssrch.dll - ok
00:33:48.0538 0x0e38  [ 522B0466ED967A0762E9AF5B37D8F40A, B14C62D059BC7CF430E1B0F6E18E31EFD1959EFB3025A2B0EBB11751F38DD6D4 ] C:\Windows\System32\esent.dll
00:33:48.0538 0x0e38  C:\Windows\System32\esent.dll - ok
00:33:48.0538 0x0e38  [ 8CF4B0337B06CCC624C20EE4C934767E, D4663FB98FA595B0220ECC60C1CB84891441586E53AB9C8E2AC8D4C1341C95D3 ] C:\Windows\System32\lpksetupproxyserv.dll
00:33:48.0538 0x0e38  C:\Windows\System32\lpksetupproxyserv.dll - ok
00:33:48.0554 0x0e38  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] C:\Windows\System32\wpdbusenum.dll
00:33:48.0554 0x0e38  C:\Windows\System32\wpdbusenum.dll - ok
00:33:48.0554 0x0e38  [ 3121A79D13A61562BE9CC902CD46B542, 00A5833A48338A4A9A5530844924AF4F1FAB618DA46D7EBBC6E2165C32ED376C ] C:\Windows\System32\msidle.dll
00:33:48.0554 0x0e38  C:\Windows\System32\msidle.dll - ok
00:33:48.0569 0x0e38  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] C:\Windows\servicing\TrustedInstaller.exe
00:33:48.0569 0x0e38  C:\Windows\servicing\TrustedInstaller.exe - ok
00:33:48.0585 0x0e38  [ 4449D23E8F197862F1B16F1E6C89C36C, 93AF52BF8E870C0381F027D3BB8F6829E449242074472F1593EB8172D7EB6559 ] C:\Windows\System32\diagperf.dll
00:33:48.0585 0x0e38  C:\Windows\System32\diagperf.dll - ok
00:33:48.0585 0x0e38  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] C:\Windows\System32\IPSECSVC.DLL
00:33:48.0585 0x0e38  C:\Windows\System32\IPSECSVC.DLL - ok
00:33:48.0600 0x0e38  [ ACE1BB07E0377E37A2C514CD2EC119B1, A9AFA4774DFA875496764D6E541A6333A3ACD3C5D2BBEF753C2D80BA83B4AC15 ] C:\Windows\System32\mssprxy.dll
00:33:48.0600 0x0e38  C:\Windows\System32\mssprxy.dll - ok
00:33:48.0600 0x0e38  [ E64D9EC8018C55873B40FDEE9DBEF5B3, 2DB11E7C631A9887CB75AFEAD2C79EC65F82C51F5F073CEFC8CDDF664EFF29C1 ] C:\Windows\System32\PortableDeviceApi.dll
00:33:48.0600 0x0e38  C:\Windows\System32\PortableDeviceApi.dll - ok
00:33:48.0616 0x0e38  [ 1CBF15FDB0310345A68972EB5C5B948F, E1EDCE6216B24037B243AC68CEEBD510646B2EFD70BC118E68303F9ED85D1973 ] C:\Windows\SysWOW64\mssprxy.dll
00:33:48.0616 0x0e38  C:\Windows\SysWOW64\mssprxy.dll - ok
00:33:48.0616 0x0e38  [ 58A0CDABEA255616827B1C22C9994466, 4FE1140AA8D3995579DE8CDF4ECAD1978804D05351EABB4079A63B303EF1B451 ] C:\Windows\System32\NapiNSP.dll
00:33:48.0616 0x0e38  C:\Windows\System32\NapiNSP.dll - ok
00:33:48.0632 0x0e38  [ 613C8CE10A5FDE582BA5FA64C4D56AAA, 30507B6BA79E1A271B07BBA58B4FF463678BE0960266A1D5E88031E932D768B6 ] C:\Windows\System32\pnrpnsp.dll
00:33:48.0632 0x0e38  C:\Windows\System32\pnrpnsp.dll - ok
00:33:48.0647 0x0e38  [ 2E2072EB48238FCA8FBB7A9F5FABAC45, AC70B9FC24847EEC2E18008F2894DCDAC19A9C90D5D88729326E493CA524F5C3 ] C:\Windows\System32\winrnr.dll
00:33:48.0647 0x0e38  C:\Windows\System32\winrnr.dll - ok
00:33:48.0647 0x0e38  [ 748849C42DEA24C723048E24BCA1BD55, 517DDE70E7CB8E94C6E8B9B05CCD4BC6490A8837FD8BB874C9E1186D8EF07659 ] C:\Windows\System32\wshbth.dll
00:33:48.0647 0x0e38  C:\Windows\System32\wshbth.dll - ok
00:33:48.0663 0x0e38  [ A7A8CA53D9C9FD90C07AB0EB38E5316B, B98722E76601A98F038F40703C4B8BD21B5EC3B65DC1B07B7C367C06448F8A0E ] C:\Windows\System32\dbghelp.dll
00:33:48.0663 0x0e38  C:\Windows\System32\dbghelp.dll - ok
00:33:48.0663 0x0e38  [ 9BC93C9ACFA34DB5A41B89357B31E4ED, C3B9DDCB31970F91F8CAF85D2431903DB1738872775EEFD6712B7646BDE1250C ] C:\Windows\System32\FwRemoteSvr.dll
00:33:48.0663 0x0e38  C:\Windows\System32\FwRemoteSvr.dll - ok
00:33:48.0678 0x0e38  [ C9FB9038B15036CA28CF0B4BE2BED9BD, 0F56384E798B3F725FFEFC6E31A980DA31F620DB847F601273EF19E8CE74A226 ] C:\Windows\System32\en-US\tquery.dll.mui
00:33:48.0678 0x0e38  C:\Windows\System32\en-US\tquery.dll.mui - ok
00:33:48.0678 0x0e38  [ AFA79C343F9D1555F7E5D5FA70BB2A14, 440EF3ADC1F5C7A5ED3E872C8D8DFA61B039454C3CA67F8A51CA8BDCFDC4BA4A ] C:\Windows\System32\PortableDeviceConnectApi.dll
00:33:48.0678 0x0e38  C:\Windows\System32\PortableDeviceConnectApi.dll - ok
00:33:48.0694 0x0e38  [ E1B22739C933BE33F53DB58C5393ADD3, 26EE0DD091D2E00DECC774DC1EEDFFDE69AF74B0C769CCBE091AFC32C66E4207 ] C:\Windows\System32\Apphlpdm.dll
00:33:48.0694 0x0e38  C:\Windows\System32\Apphlpdm.dll - ok
00:33:48.0710 0x0e38  [ 9719E3D834F5C8C43F56A93DFA497023, 4D78D4BD4835C0A237821967156C19DF4B90384A6BCB1F48CEAF35D003A0099A ] C:\Windows\System32\pnpts.dll
00:33:48.0710 0x0e38  C:\Windows\System32\pnpts.dll - ok
00:33:48.0710 0x0e38  [ E811F8510B133E70CF6E509FB809824F, 82541F2B15748250462B67B6C77530D4F7C45A1482237EC49B28F9FA5A414108 ] C:\Windows\System32\wdiasqmmodule.dll
00:33:48.0710 0x0e38  C:\Windows\System32\wdiasqmmodule.dll - ok
00:33:48.0725 0x0e38  [ 288ADDED26C80FDC135CAB4340161686, FEA5CBCD061E6F347670E9ED7261F1FF3433480158A2FF0AEBC8DF53930B7000 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\CbsCore.dll
00:33:48.0725 0x0e38  C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\CbsCore.dll - ok
00:33:48.0725 0x0e38  [ 387F2728BFCF50066F7F3219197918EB, 12D1E818C64D02F48C0A8A1094390329B8A65248E53E43D21CCF94E9A9701556 ] C:\Windows\System32\makecab.exe
00:33:48.0725 0x0e38  C:\Windows\System32\makecab.exe - ok
00:33:48.0741 0x0e38  [ 7957A194B8421BC070FABBF1C55DB68B, 782389F39C4CD9E13D5F9847AC33DF82BBFAEF6CF8E6150698D462F1DC270559 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wcp.dll
00:33:48.0741 0x0e38  C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wcp.dll - ok
00:33:48.0741 0x0e38  [ 639774C9ACD063F028F6084ABF5593AD, 9DFD80610CBBC9188F6C6BC85C87016B0AE42254FC289C2B578E85282BDD9C23 ] C:\Windows\System32\taskhost.exe
00:33:48.0756 0x0e38  C:\Windows\System32\taskhost.exe - ok
00:33:48.0756 0x0e38  [ E629F1A051C82795DDFFD3E8D4855811, 6E4DFFEAB2795C98EA6DCAF10EA6D97413D0F8CA0C04869CB20B74FF4D6FE679 ] C:\Windows\System32\dimsjob.dll
00:33:48.0756 0x0e38  C:\Windows\System32\dimsjob.dll - ok
00:33:48.0772 0x0e38  [ BF95EA5809E3BBF55370F7CB309FEBD0, 62ADBA6E1A7DDDEFA971580161F30896DFFC27EB4EB82E3CC72062D57DA66500 ] C:\Windows\System32\conhost.exe
00:33:48.0772 0x0e38  C:\Windows\System32\conhost.exe - ok
00:33:48.0772 0x0e38  [ 35CB97CBC3EDC463418ED4997AAB29B6, EE60EABE2D87CEDD68FB8985B6C5D70930015FB2B8DB9FDCB4044587BC6ECA4C ] C:\Windows\System32\pautoenr.dll
00:33:48.0772 0x0e38  C:\Windows\System32\pautoenr.dll - ok
00:33:48.0788 0x0e38  [ 94DFBB481BF51158B216E23C5C1C9D6E, 0199086A70B9B63E48A7A15C8AE5442E9C6BC0173BD80A104DE1BE6A6C25F202 ] C:\Windows\System32\certcli.dll
00:33:48.0788 0x0e38  C:\Windows\System32\certcli.dll - ok
00:33:48.0788 0x0e38  [ 263B26106606A010CF877472B535E4BB, 43ECE89E428D2BB34244894BEBA1B946B0767649D15B1C715223E4E471A9E504 ] C:\Windows\System32\CertEnroll.dll
00:33:48.0788 0x0e38  C:\Windows\System32\CertEnroll.dll - ok
00:33:48.0803 0x0e38  [ 9297F004FCE79FB7B26DAC6968FB5FEB, 797B4501823123FB6530F613CE996E77C3D323CD7B2365836504BD622F4CEFC2 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\DrUpdate.dll
00:33:48.0803 0x0e38  C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\DrUpdate.dll - ok
00:33:48.0803 0x0e38  [ 6CEF7856A3EFAC59470F6208F0F585CE, 0F7A80DB821FDE6580E9481B6DA44844F717DDB4983B0E3D562BE43726153951 ] C:\Windows\System32\mpr.dll
00:33:48.0803 0x0e38  C:\Windows\System32\mpr.dll - ok
00:33:48.0819 0x0e38  [ B7AC66C1CCD87D7C49256B5451DED4FA, 2BA412A69605D75CF10B9446725917B850A29369BD3970CA14796CC24C9BFD72 ] C:\Windows\System32\spp.dll
00:33:48.0819 0x0e38  C:\Windows\System32\spp.dll - ok
00:33:48.0834 0x0e38  [ FC6C5D860CDB82411DA626821201BDF0, E062B9AFBEE5BEC64C7DC9C6C57CD31EE3148388055C4B66D208BF604C703560 ] C:\Windows\System32\srclient.dll
00:33:48.0834 0x0e38  C:\Windows\System32\srclient.dll - ok
00:33:48.0834 0x0e38  [ 943F48CC3A59169E52A054946C2F59B8, 0F98177902498B251F573613EFEAC1052B9BE23115A58EF2740363BC5DE99F61 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wrpint.dll
00:33:48.0834 0x0e38  C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wrpint.dll - ok
00:33:48.0850 0x0e38  [ B837D1528CE2E3CB79F09496BC08DDC6, ACD54CE61CFE94F23DC283537AD8FFBEB3D6041BD30317B60BA7A10FCB240A27 ] C:\Windows\System32\SensApi.dll
00:33:48.0850 0x0e38  C:\Windows\System32\SensApi.dll - ok
00:33:48.0850 0x0e38  [ 6685DD5CC357D45EEE30FD089E8A111A, FA261701D1E81029ADBE431AD740BBB00185ADD9A2E226374B9C0A0992A157D5 ] C:\Windows\System32\sxsstore.dll
00:33:48.0850 0x0e38  C:\Windows\System32\sxsstore.dll - ok
00:33:48.0866 0x0e38  [ D485D1BE97777617B186FC8095F58421, 6F4947E651D1D8FA4DA006AE874E91D5D87813BA84EE71C91FF6F92833B921FF ] C:\Windows\servicing\CbsApi.dll
00:33:48.0866 0x0e38  C:\Windows\servicing\CbsApi.dll - ok
00:33:48.0866 0x0e38  [ DB70FE36AC8F594E9E69479C076BADB8, 839D46AEE1407409194AB7B34AC66F0F6EA299BA89680CD8DA8F7729D8FC9E4E ] C:\Windows\System32\HelpPaneProxy.dll
00:33:48.0866 0x0e38  C:\Windows\System32\HelpPaneProxy.dll - ok

 



#14 Chivalry

Chivalry
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:04:09 PM

Posted 29 September 2014 - 02:24 AM

 Finish TDSKiller Log

 

00:33:48.0881 0x0e38  [ A8EDB86FC2A4D6D1285E4C70384AC35A, 61B8955CE0A2AA9D0719920B30216717B349B6FBE11C697C31CFA84F859CC1AE ] C:\Windows\System32\dllhost.exe
00:33:48.0881 0x0e38  C:\Windows\System32\dllhost.exe - ok
00:33:48.0897 0x0e38  [ 9028D1621C43DF8DFBD1C76860412A11, A1D48D9B33180BDE50D2FA9BB07E9520B7B7788C39B3AABB4A06AE4B1AACA755 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll
00:33:48.0897 0x0e38  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll - ok
00:33:48.0897 0x0e38  [ A0A2C1D812C231C9BFE119FDC68E341B, F94446594EE17505956A715DFB28B51D09F00A7A65E56950661B889A57DE8FA8 ] C:\Windows\System32\IDStore.dll
00:33:48.0897 0x0e38  C:\Windows\System32\IDStore.dll - ok
00:33:48.0912 0x0e38  [ 94EEAC26F57811BD1AEFC164412F7FCE, 7390BCD7709D48DE75D7D6E06AA7356D1C58EE63F3CC2E07ABCD2E2FF6CC81CF ] C:\Windows\System32\PlaySndSrv.dll
00:33:48.0912 0x0e38  C:\Windows\System32\PlaySndSrv.dll - ok
00:33:48.0912 0x0e38  [ BAFE84E637BF7388C96EF48D4D3FDD53, 11C194D9ADCE90027272C627D7FBF3BA5025FF0F7B26A8333F764E11E1382CF9 ] C:\Windows\System32\userinit.exe
00:33:48.0912 0x0e38  C:\Windows\System32\userinit.exe - ok
00:33:48.0928 0x0e38  [ F162D5F5E845B9DC352DD1BAD8CEF1BC, 8A7B7528DB30AB123B060D8E41954D95913C07BB40CDAE32E97F9EDB0BAF79C7 ] C:\Windows\System32\dwm.exe
00:33:48.0928 0x0e38  C:\Windows\System32\dwm.exe - ok
00:33:48.0944 0x0e38  [ 49C707A30F10ECF34EC501FD30E8E812, 4A25212128CF92E2495C212CDE34399DDF8CEE5185C9DA9166D6F887E90BC4C1 ] C:\Program Files\HitmanPro\HitmanPro.exe
00:33:48.0944 0x0e38  C:\Program Files\HitmanPro\HitmanPro.exe - ok
00:33:48.0944 0x0e38  [ 46863C4CC5B68EB09EA2D5EEF0F1193A, 9B5593E1F484AC8F96F89A5995FB1FE9C51CB2F0F545607F6850751191150CFE ] C:\Windows\System32\radardt.dll
00:33:48.0944 0x0e38  C:\Windows\System32\radardt.dll - ok
00:33:48.0959 0x0e38  [ 9BB99503D6A4DD62569EDE9E5E2672A5, 6F4EA5BC50B1F929735246485263078BEF1B3BEB33F78CB1F483F13AA226C27E ] C:\Windows\System32\HotStartUserAgent.dll
00:33:48.0959 0x0e38  C:\Windows\System32\HotStartUserAgent.dll - ok
00:33:48.0959 0x0e38  [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051, 8EFD0A6DE6F4E335D342782190008FB5AC84A6ADE49170B310DEC9AC48E623E8 ] C:\Windows\System32\localspl.dll
00:33:48.0959 0x0e38  C:\Windows\System32\localspl.dll - ok
00:33:48.0975 0x0e38  [ FCFCD1101C5DA23B4B95F93D02B2C169, 040A086875B6C5475490A2F8B0CF4FF20DDB4FEDFE5FCABBA49692AA05F40527 ] C:\Windows\System32\dwmredir.dll
00:33:48.0975 0x0e38  C:\Windows\System32\dwmredir.dll - ok
00:33:48.0975 0x0e38  [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA, 8A6ACEFAB95E5275CBFBE6CCB5A6C3A6A471260B279B9063E86B9C7765E18656 ] C:\Windows\System32\MsCtfMonitor.dll
00:33:48.0975 0x0e38  C:\Windows\System32\MsCtfMonitor.dll - ok
00:33:48.0990 0x0e38  [ 4BA77A5EF71C14C764B0ED4701683E3E, 066A064CDBE09BF8BE1DF5B259F30FF6C124A1C3D637800D3E19E8E25EDB950E ] C:\Windows\System32\dwmcore.dll
00:33:48.0990 0x0e38  C:\Windows\System32\dwmcore.dll - ok
00:33:49.0006 0x0e38  [ F09A9A1AD21FE618C4C8B0A0D830C886, 29831DDAB2AB105358FBC067CDF96428220B6743CD6019F6FE74BAC7AF325E7E ] C:\Windows\System32\msutb.dll
00:33:49.0006 0x0e38  C:\Windows\System32\msutb.dll - ok
00:33:49.0006 0x0e38  [ 0FEDC24834D26DDB558D12C15F182FDD, 4C97304D5B0FF57D4A57692014CB2A94CC9E135F8D11DC1120184FE734E96792 ] C:\Program Files\ASUS\P4G\BatteryLife.exe
00:33:49.0006 0x0e38  C:\Program Files\ASUS\P4G\BatteryLife.exe - ok
00:33:49.0022 0x0e38  [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:33:49.0022 0x0e38  C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
00:33:49.0022 0x0e38  [ 332FEAB1435662FC6C672E25BEB37BE3, 6BED1A3A956A859EF4420FEB2466C040800EAF01EF53214EF9DAB53AEFF1CFF0 ] C:\Windows\explorer.exe
00:33:49.0022 0x0e38  C:\Windows\explorer.exe - ok
00:33:49.0037 0x0e38  [ CD12EDCEBB33EAE1A6A4ECC266D7ED5D, 9301C509A965408619B6964338F35219CF98F6514A6DE85505A8E9283A24D422 ] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
00:33:49.0037 0x0e38  C:\Program Files (x86)\ASUS\Splendid\ACMON.exe - ok
00:33:49.0037 0x0e38  [ 9AE80F6A66B30E3ED8CDF858CF28B11B, A93E470DC54E3C74C10979D49CABB9A34893F9E847F88491F935DB44EEC3541A ] C:\Windows\System32\d3d10_1.dll
00:33:49.0037 0x0e38  C:\Windows\System32\d3d10_1.dll - ok
00:33:49.0053 0x0e38  [ 63F72417CA38D8FC8F53709649B589E3, 39AE8AFFCFB8A9E345FC4C6F11926F25552C464380F88CDECD299FD27AF7866B ] C:\Windows\System32\d3d10_1core.dll
00:33:49.0053 0x0e38  C:\Windows\System32\d3d10_1core.dll - ok
00:33:49.0053 0x0e38  [ 77E585EDD4C7EB7AB2ACC36BC1DC32A5, 57BF4D683CA66AAC2A4B7FEDF9F7FB254860BE77E1F4A6DD2C40410783B5C113 ] C:\Program Files (x86)\Google\Update\1.3.24.15\goopdate.dll
00:33:49.0053 0x0e38  C:\Program Files (x86)\Google\Update\1.3.24.15\goopdate.dll - ok
00:33:49.0068 0x0e38  [ 7E5F5E64C91FEDFE72E4C1728094BA69, 32B5FA995F1AB895341D28BE0E51B54E16EB79EE9BF5FC81CB37750293CA10E7 ] C:\Program Files\ASUS\P4G\DevMng.dll
00:33:49.0068 0x0e38  C:\Program Files\ASUS\P4G\DevMng.dll - ok
00:33:49.0084 0x0e38  [ 5BB1F77C8AF725A15EC9366498D275BB, 87146A81FB6F313ACF087C72F219CFAA92D4CA456810C49241BD182384B2DAAC ] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
00:33:49.0084 0x0e38  C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe - ok
00:33:49.0084 0x0e38  [ 8DFB5752FCE145A6B295093C0A8BE131, F38029C8B36EFD46B1F6CCA0089FF4EFB0AB246497E38EDFF6A67FAC804D4A97 ] C:\Windows\System32\dxgi.dll
00:33:49.0084 0x0e38  C:\Windows\System32\dxgi.dll - ok
00:33:49.0100 0x0e38  [ 63A0FE3B1B094DAE328F46FCADABDBE4, 3A762E54828CE3C7860094DDE751CBA3FBEECE75854F1335FD03A5881939CA8B ] C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
00:33:49.0100 0x0e38  C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe - ok
00:33:49.0100 0x0e38  [ 3285481F5C12305CA104A6C493CA5A0B, ADB39B15D26A954B0F347C7BAFCC76DE5E3CF3CF05736E8987E0832AA7F8563C ] C:\Windows\System32\spoolss.dll
00:33:49.0100 0x0e38  C:\Windows\System32\spoolss.dll - ok
00:33:49.0115 0x0e38  [ EC6BA7C92FA5B2AA4AFDF4DF22AEDAB7, 690F12C490BEE2BF17AB7B6804E6E9B96F51C304350CCDE80FE5C7EEFA89720E ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll
00:33:49.0115 0x0e38  C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok
00:33:49.0131 0x0e38  [ 4C92EB7535CAA1681A77D928FBF9771F, 7D02B2357CA02393CA711C3C499AAD86B792EEFFDC67F2CE52F7F7BB8A28DE79 ] C:\Windows\System32\d3d11.dll
00:33:49.0131 0x0e38  C:\Windows\System32\d3d11.dll - ok
00:33:49.0131 0x0e38  [ 0015ACFBBDD164A8A730009908868CA7, E1FF243AD2CF959FAB81EFE701592414991C03416FF296ADC93906E76B707C4D ] C:\Windows\System32\winspool.drv
00:33:49.0131 0x0e38  C:\Windows\System32\winspool.drv - ok
00:33:49.0146 0x0e38  [ C5AC93CF3BA30D367FB49148A2B673B9, 07B556039BBA841BC9F28979C3AD5D238B55391F921C9C805F3AFC9EFB437766 ] C:\Windows\System32\PrintIsolationProxy.dll
00:33:49.0146 0x0e38  C:\Windows\System32\PrintIsolationProxy.dll - ok
00:33:49.0146 0x0e38  [ 6CA40FEBB4FEE9362EE0EFBE3342F752, E6D2AD77CD2E0F7F1BD285F616EE2D5D7C8098AB646EB1DDDC8A0DC5D99F60C3 ] C:\Windows\System32\hpinkstsC911LM.dll
00:33:49.0146 0x0e38  C:\Windows\System32\hpinkstsC911LM.dll - ok
00:33:49.0162 0x0e38  [ 85C57CD47F292E248E56A41E7E7A19C6, DAEC5A85A33651F1B6A0991B9FF502CA01931FFCC3556A16961EE3C073F59AA6 ] C:\Program Files (x86)\ASUS\Splendid\OVS.dll
00:33:49.0162 0x0e38  C:\Program Files (x86)\ASUS\Splendid\OVS.dll - ok
00:33:49.0178 0x0e38  [ 465BEA35F7ED4A4A57686DEA7EA10F47, 7F1B3CA09AB045F805DA5765BE7DD270F5DDACE3073017F7386FF1E2FA82D6FB ] C:\Windows\SysWOW64\cscapi.dll
00:33:49.0178 0x0e38  C:\Windows\SysWOW64\cscapi.dll - ok
00:33:49.0178 0x0e38  [ 544EFF88AC6C85DF5A4D6F18DFE08CFC, D688381F42062FD5D868E7770857C5951C41BA20A1B6E6F60B5D9536C02CD293 ] C:\Windows\SysWOW64\taskschd.dll
00:33:49.0178 0x0e38  C:\Windows\SysWOW64\taskschd.dll - ok
00:33:49.0193 0x0e38  [ FEBD380C2E06FA189AEAA345B6F84D60, FC030C6A80C7D7F52E9953371163991B9086CC7DCDA5C7C47DEFC26A4F4B3659 ] C:\Windows\System32\hpf3l70v.dll
00:33:49.0193 0x0e38  C:\Windows\System32\hpf3l70v.dll - ok
00:33:49.0193 0x0e38  [ 19E41CCCEE697CC9465396B370929792, A9FC4C33C71C3677FE57779380E55FDE2AC0B0C70A9DBCBA0D0B6FA92C709A7F ] C:\Windows\System32\FXSMON.dll
00:33:49.0193 0x0e38  C:\Windows\System32\FXSMON.dll - ok
00:33:49.0209 0x0e38  [ 863F793D15B4026B1A5FDECA873D4D84, AF7ABD95BB5467551562F129F03C7AC9D52A021F7E547609F40A80E66932C942 ] C:\Windows\SysWOW64\apphelp.dll
00:33:49.0209 0x0e38  C:\Windows\SysWOW64\apphelp.dll - ok
00:33:49.0209 0x0e38  [ 50E6288786474CC1275108D33FCC9488, 47ECF37F86B3DC26ED1F0BA092F4B157F3AEEFFFB2B1F65C0F73D80BCEAFB4C1 ] C:\Program Files\ASUS\P4G\OvrClk.dll
00:33:49.0209 0x0e38  C:\Program Files\ASUS\P4G\OvrClk.dll - ok
00:33:49.0224 0x0e38  [ 32A3C8600AF124CBAAD845F13CFAE3CB, F36FE9E57D5C509FEECE890F9F8717F9CC6F762E32AE0B7DB7E0153370CE0B9D ] C:\Windows\System32\tcpmon.dll
00:33:49.0224 0x0e38  C:\Windows\System32\tcpmon.dll - ok
00:33:49.0240 0x0e38  [ 62C72494EEB7564F7CE3A91768CA98FE, 768E3F9A06C44D38B1E6989DAAF6B92B3ABB81268656389BFB48554511D82F66 ] C:\Windows\System32\igd10umd64.dll
00:33:49.0240 0x0e38  C:\Windows\System32\igd10umd64.dll - ok
00:33:49.0240 0x0e38  [ 93518C6EDE0B61BCBD02BDB02BD05FEE, 3637F5E5F15093AFB501EE910368CF900B422AC22669391FFA4198BBAE6F8FCB ] C:\Windows\System32\snmpapi.dll
00:33:49.0240 0x0e38  C:\Windows\System32\snmpapi.dll - ok
00:33:49.0256 0x0e38  [ FFF9D00CF16397C64317F213484F94BD, 94D0584E14BDB27F61F59A7BCEA529A1594261BE0CE74502C13E8865843BA414 ] C:\Windows\System32\wsnmp32.dll
00:33:49.0256 0x0e38  C:\Windows\System32\wsnmp32.dll - ok
00:33:49.0256 0x0e38  [ 619A67C9F617B7E69315BB28ECD5E1DF, F34F231D117CCDFEBB9CB35C8D6FDFA7051DA27FDC1204FCCFF361FC0B13A0FF ] C:\Windows\System32\wbem\WmiPrvSE.exe
00:33:49.0256 0x0e38  C:\Windows\System32\wbem\WmiPrvSE.exe - ok
00:33:49.0271 0x0e38  [ DF72A9936D0C3F517083119648814B09, 6BA4DCAC2F55A393A266ED0B2AF92B38141654D1666E3E143D85BBAF21663E1E ] C:\Windows\System32\usbmon.dll
00:33:49.0271 0x0e38  C:\Windows\System32\usbmon.dll - ok
00:33:49.0287 0x0e38  [ 397D14958D6C9C2B365469A857B2AC4E, 1465D7DC50A27A2C75FFC477E8A453B0884D1E298F804233483B63A47634B7EA ] C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
00:33:49.0287 0x0e38  C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe - ok
00:33:49.0287 0x0e38  [ A1D7E3ADCDB07DDB6F423862DCB1A52B, 6191C33D2AE090F6F055D6AE211096CE8F003EC5518A5333EE1E376052176BAB ] C:\Windows\System32\WSDMon.dll
00:33:49.0287 0x0e38  C:\Windows\System32\WSDMon.dll - ok
00:33:49.0302 0x0e38  [ BD59EB5148E62D227DB2509F06634D50, BFB37A85D7DDA0368813823E6325C6B3BE73C223AF11D1ABB438DAF0A1C7BD3C ] C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
00:33:49.0302 0x0e38  C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll - ok
00:33:49.0302 0x0e38  [ 4581716B4BF76ACFD8E167EB0B26D82A, 39D822527114EEED68044CCE4D542767F53978D9E0A7F72638F1CA9A016DE13B ] C:\Windows\System32\fdPnp.dll
00:33:49.0302 0x0e38  C:\Windows\System32\fdPnp.dll - ok
00:33:49.0318 0x0e38  [ 1D626FE2E13C1CE49CA0136CFF214E93, 4F02DD92045CF244979FFD074B2BDE6925A909227A474C60DCABE4384D916218 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
00:33:49.0318 0x0e38  C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
00:33:49.0318 0x0e38  [ 86265C4E264E0FFB05BCF7B69C0D2004, B9E055CA8B6595547845E44AD7753D7AA81F861A633B3A890B9219F039EAA7AF ] C:\Windows\System32\spool\prtprocs\x64\hpfpp70v.dll
00:33:49.0318 0x0e38  C:\Windows\System32\spool\prtprocs\x64\hpfpp70v.dll - ok
00:33:49.0334 0x0e38  [ 67CF11E00D026A5C0C88EA5F84D501E5, 5081A87466116232CF07F58229967B6C0CD3738B64A56EFC6BB3EBDA62E378F6 ] C:\Windows\System32\win32spl.dll
00:33:49.0334 0x0e38  C:\Windows\System32\win32spl.dll - ok
00:33:49.0334 0x0e38  [ 507D5567A0A4EE86C4B0CE2CE1777025, 408770B00CED498BF7782054F17A5CB361CF65429B0C816403D70E416E0EEF23 ] C:\Windows\System32\inetpp.dll
00:33:49.0334 0x0e38  C:\Windows\System32\inetpp.dll - ok
00:33:49.0349 0x0e38  [ EDF2A5E96BEC469DA3F64E9BDD386111, 63C91BBDFA2E087293B010A4E45625FBD1BFCAF655BFADE2F8B1C36CF804B118 ] C:\Windows\SysWOW64\xmllite.dll
00:33:49.0349 0x0e38  C:\Windows\SysWOW64\xmllite.dll - ok
00:33:49.0365 0x0e38  [ 1BF0CB861A48FEB1638228760750F3CB, 37C781A8C546EAD8B4D28BD7D730B9AC78EB799599AD69DAD9054B6F9F1DD6BD ] C:\Windows\System32\cscapi.dll
00:33:49.0365 0x0e38  C:\Windows\System32\cscapi.dll - ok
00:33:49.0365 0x0e38  [ 6607C2182C6A53ED983813AFE2F85768, FC9E718ABC4E0FBC7B0DD145F9C377A1800A7776AD832AB645796E13B1E15A1F ] C:\Windows\System32\wbem\cimwin32.dll
00:33:49.0365 0x0e38  C:\Windows\System32\wbem\cimwin32.dll - ok
00:33:49.0380 0x0e38  [ AA0E4F73727BFC8BA404884B1C1DB719, 0DEB88BBBC3DD37824B484FA38487280CB6A049D235519584DA562C3C91F18A7 ] C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
00:33:49.0380 0x0e38  C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe - ok
00:33:49.0380 0x0e38  [ 01F61F0F2B551EAEE2C12619B13B93D2, 0174E5356447AFE204413780443D0265C7789AC3ED8D5A05D19FFF60EBF446EC ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
00:33:49.0380 0x0e38  C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe - ok
00:33:49.0396 0x0e38  [ 98AB7A3AC4155640146F6BEC422C81E4, 699DECECE5AF1D958AEE2D2577C8E4E6B6CBFA5FC4519F22F34052B36AD8612A ] C:\Program Files (x86)\ASUS\Splendid\Chameleon.dll
00:33:49.0396 0x0e38  C:\Program Files (x86)\ASUS\Splendid\Chameleon.dll - ok
00:33:49.0412 0x0e38  [ 243974EC02F7AE49E4179C54624143AB, 755FA67F7BF10E3C6336788D297FBAA70F28F630852A43A78D3F7D7E3A7ECED0 ] C:\Windows\SysWOW64\MMDevAPI.dll
00:33:49.0412 0x0e38  C:\Windows\SysWOW64\MMDevAPI.dll - ok
00:33:49.0412 0x0e38  [ C5A99A4C0DC9F0F5A95BA0C83D30A549, F99CCCE303F0FC07D82D3BBA223E8CCE41FB7FA8FB5C2A9214C161826537C7C9 ] C:\Windows\SysWOW64\mstask.dll
00:33:49.0412 0x0e38  C:\Windows\SysWOW64\mstask.dll - ok
00:33:49.0427 0x0e38  [ C940F2F5C60B3727C5F18840735B229C, EFC3F465FD6C570505C214A92644357ACD01B1843ED25B5FCCCE10533403485C ] C:\Windows\SysWOW64\AudioSes.dll
00:33:49.0427 0x0e38  C:\Windows\SysWOW64\AudioSes.dll - ok
00:33:49.0427 0x0e38  [ C5B0324DB461559ADD070E632A6919FA, AB09CACB5B7DD372B27921A5E01220552A611CECA27EF87961001FA467FDED45 ] C:\Windows\SysWOW64\wbem\wbemprox.dll
00:33:49.0427 0x0e38  C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
00:33:49.0443 0x0e38  [ 704314FD398C81D5F342CAA5DF7B7F21, CDA660E1E8AAE0789780B6B9604B138E67B2BDD1404A5E4C2354B35879D43085 ] C:\Windows\SysWOW64\wbemcomn.dll
00:33:49.0443 0x0e38  C:\Windows\SysWOW64\wbemcomn.dll - ok
00:33:49.0443 0x0e38  [ 776AE0564F8B1C282E331FD95A1BDC5F, 601CFCA3922FFEA46A54AD323845A76A12FC6AF9FF64E9B0AE294FBB1AFCF4CB ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
00:33:49.0443 0x0e38  C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
00:33:49.0458 0x0e38  [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A, 61B4D669C692775EF361445293163E84FAD8636AC49C8047BE806DB4E4093291 ] C:\Windows\SysWOW64\wbem\fastprox.dll
00:33:49.0458 0x0e38  C:\Windows\SysWOW64\wbem\fastprox.dll - ok
00:33:49.0474 0x0e38  [ 1484B9EBF567346582DE571B0E164AE0, 9862BF22B2E32DABE7A82ACEE5B4EA1F0A93BDC3C71B20A6A4E568CCCD76A7A6 ] C:\Windows\System32\framedynos.dll
00:33:49.0474 0x0e38  C:\Windows\System32\framedynos.dll - ok
00:33:49.0474 0x0e38  [ C00DB14550E4BD49737F311C644E45FF, 7085C47DADEED82B6F98ED3903197D76B648E9D6CC67D40C789E236264D9A0DC ] C:\Windows\System32\wmi.dll
00:33:49.0474 0x0e38  C:\Windows\System32\wmi.dll - ok
00:33:49.0490 0x0e38  [ 4F72C8B661DEC62F4DF0F15D33106372, AB1121DD2657FA58BC8CC2C8B05FC6041D1AB6B3EC097FF75D12EC2F600056FD ] C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\AGFNEX64.dll
00:33:49.0490 0x0e38  C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\AGFNEX64.dll - ok
00:33:49.0490 0x0e38  [ E3E811471DE781900FF21C1FD84E941E, 2A47FF52D1D6480AAD1919382E783EA184BF926311F8C7E466FEBE9F6FB88FD6 ] C:\Windows\SysWOW64\ntdsapi.dll
00:33:49.0490 0x0e38  C:\Windows\SysWOW64\ntdsapi.dll - ok
00:33:49.0505 0x0e38  [ F9126D6A60D44E55F5DB70C9642ED848, 8EF0BD86502EE0A16F7D78D9CF6DB0A36A4338F489D16689472BCF75DCC2D81D ] C:\Windows\System32\igfxext.exe
00:33:49.0505 0x0e38  C:\Windows\System32\igfxext.exe - ok
00:33:49.0505 0x0e38  [ 3A646BC4996C41E413CABC8E68A17DB3, ED13F15866A4865F378F1EB696C7D6204472AD24679B5C9C3100C7BFD680FE35 ] C:\Windows\System32\igfxsrvc.exe
00:33:49.0505 0x0e38  C:\Windows\System32\igfxsrvc.exe - ok
00:33:49.0521 0x0e38  [ 07AD88DF9EF73215458867EFC1BFFE9E, 8C659B6F31111C09448B68889623886658C96467E7E5C95C1714E18AD3924463 ] C:\Windows\System32\wbem\wmiprov.dll
00:33:49.0521 0x0e38  C:\Windows\System32\wbem\wmiprov.dll - ok
00:33:49.0536 0x0e38  [ 69F0DB83D58D4FFBB7DFA99E2342A016, 5B7DB0CFD0B1381A38C92ADB440E24E0E220F45604F4FB8C9BFC82AED36C5176 ] C:\Windows\System32\igfxsrvc.dll
00:33:49.0536 0x0e38  C:\Windows\System32\igfxsrvc.dll - ok
00:33:49.0536 0x0e38  [ 5A1D948D02C63DD2D434BEFC35831EE8, 4D9250697CAC8C58DCCE464D7F79E8AE27B1CA5BEA1761F2650016DE049F46CA ] C:\Windows\System32\igfxdev.dll
00:33:49.0536 0x0e38  C:\Windows\System32\igfxdev.dll - ok
00:33:49.0552 0x0e38  [ 862DEE2B23C80FD00DB2EFD9E9AEC31A, 0B296EA7F3F2A269DB2E0F3E9364929F88EE2297FBA813A4394765BBF74250B1 ] C:\Windows\System32\igfxexps.dll
00:33:49.0552 0x0e38  C:\Windows\System32\igfxexps.dll - ok
00:33:49.0552 0x0e38  [ 220159496484D34009DE71CA1A68E0D4, 94BD3DEB4E84F95D80BE5775E5A612EFF181ECB212FB668674C67AD19194DE69 ] C:\Windows\System32\wbem\NCProv.dll
00:33:49.0552 0x0e38  C:\Windows\System32\wbem\NCProv.dll - ok
00:33:49.0568 0x0e38  [ 149126216A694E6BA84E92ECA77AAE3B, AEAD8D801E7A6AB0F2BE90F0642B668747C7FD0C056492B105EF3290D6F40BFA ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
00:33:49.0568 0x0e38  C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe - ok
00:33:49.0583 0x0e38  [ 41A5048E49372F091B2AE5A5B705B72D, 844CF29A0EA169F5428E872D39A372DA933E847373D163031BC1C92BA116DAAD ] C:\Windows\SysWOW64\ACEngSvr.exe
00:33:49.0583 0x0e38  C:\Windows\SysWOW64\ACEngSvr.exe - ok
00:33:49.0583 0x0e38  [ A6C09924C6730DE8DEED9890A12AA691, 46EACBC27D15FD43431812D6CA770982178C07246AF3A1C2E0D40D745A1D5758 ] C:\Windows\System32\ddraw.dll
00:33:49.0583 0x0e38  C:\Windows\System32\ddraw.dll - ok
00:33:49.0599 0x0e38  [ 1917BE7C440DC7CF04304F0AFD7FDD16, 0C8BE97ADA1063752316C1082FB5B56687C2B6E4E60B870E4F2158A38EC474E3 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ElanTPCfg64.exe
00:33:49.0599 0x0e38  C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ElanTPCfg64.exe - ok
00:33:49.0599 0x0e38  [ A5ED9421B8D09ED4F57CDA386307713E, EC2EE043E94A53302A9721220AA42D29BE72AF3448B7AA01F7EB911ECF7DC6AE ] C:\Windows\System32\dciman32.dll
00:33:49.0599 0x0e38  C:\Windows\System32\dciman32.dll - ok
00:33:49.0614 0x0e38  [ EED05D42D91835064703E2318552ED25, E9EE1E2253445B207B76F5D3073C612ED979A982522C1515E0FE8FA9641AE568 ] C:\Windows\System32\ExplorerFrame.dll
00:33:49.0614 0x0e38  C:\Windows\System32\ExplorerFrame.dll - ok
00:33:49.0614 0x0e38  [ AA11E1368EEB237DD100BAC6AFFE1C57, A76074BDDDB3760E5D7EFD7131FDD2136321507EA2094FFB568EFA7D7AAE82BF ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
00:33:49.0614 0x0e38  C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe - ok
00:33:49.0630 0x0e38  [ 5CFB72E40A3C5F1070333BCF7E52E651, BC3E06817AAB58B307A8BB83EED0BE4606C249C82833AC78391017DD56534FA0 ] C:\Program Files\Elantech\ETDApi.dll
00:33:49.0630 0x0e38  C:\Program Files\Elantech\ETDApi.dll - ok
00:33:49.0630 0x0e38  [ 49E5753D923F1AC63B22D3DCB0B47E00, 14CEC0BF5F625FF839A8D79B4A6B7C4AC0CBB705FD197C6B7FF8617C6C3E34FE ] C:\Windows\System32\uDWM.dll
00:33:49.0630 0x0e38  C:\Windows\System32\uDWM.dll - ok
00:33:49.0646 0x0e38  [ 4A7C441D99D86704D194E7678873B95D, 455D9C6B050597BABED1A52947717E031AC9A00094ECF13FE50077BC8BCF3821 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
00:33:49.0646 0x0e38  C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe - ok
00:33:49.0661 0x0e38  [ 919001D2BB17DF06CA3F8AC16AD039F6, 5169ACFBE9E9D4C4012773ECDD28231C952675EF0C272A40F226E7B5D671B18B ] C:\Windows\SysWOW64\sxs.dll
00:33:49.0661 0x0e38  C:\Windows\SysWOW64\sxs.dll - ok
00:33:49.0661 0x0e38  [ 63DF770DF74ACB370EF5A16727069AAF, B8F96336BF87F1153C245D19606CBD10FBE7CF2795BCC762F2A1B57CB7C39116 ] C:\Windows\SysWOW64\hid.dll
00:33:49.0661 0x0e38  C:\Windows\SysWOW64\hid.dll - ok
00:33:49.0677 0x0e38  [ BC4AE105062D913F5D8FBA5E7840E1BA, 1D6005A5D3A5F59D0A37CC50CC682A4E3ACD09CDFFBD817F89266D4C49669787 ] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
00:33:49.0677 0x0e38  C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll - ok
00:33:49.0677 0x0e38  [ 024352FEEC9042260BB4CFB4D79A206B, 60CB39086E10C5B66EBC15E4DF219620B344B4358D2918AB6BB3448A0AC8BE36 ] C:\Windows\System32\EhStorShell.dll
00:33:49.0677 0x0e38  C:\Windows\System32\EhStorShell.dll - ok
00:33:49.0692 0x0e38  [ 4FC6C91B6A45D52C8B5B624943189D1E, 729184EA4F0C1F1422EEB30D1EBA7215865E51347D94890CA06A75A65961D999 ] C:\Windows\System32\igdumd64.dll
00:33:49.0692 0x0e38  C:\Windows\System32\igdumd64.dll - ok
00:33:49.0692 0x0e38  [ 037A719DAD50603202C978CD802623E4, BD4C222913D32D7CF5FE0201FEBE7BD67FC39DF47A7A672C2D6C228A6E13B5DE ] C:\Windows\System32\ntshrui.dll
00:33:49.0692 0x0e38  C:\Windows\System32\ntshrui.dll - ok
00:33:49.0708 0x0e38  [ 1D63F4366288B8A7595397E27010FD44, 99EA4DDD88D9C4A4CC9B238F533CB4D2C062D46239173997E8594D8A75811A01 ] C:\Windows\System32\IconCodecService.dll
00:33:49.0708 0x0e38  C:\Windows\System32\IconCodecService.dll - ok
00:33:49.0724 0x0e38  [ 025E7DBDB98866ED3CB2D4DDA70B364D, 78962F23F066E362AF1A4B98FA7D5E30AF30C561307438503031D30C944B6A6E ] C:\Windows\System32\runonce.exe
00:33:49.0724 0x0e38  C:\Windows\System32\runonce.exe - ok
00:33:49.0724 0x0e38  [ D44741F65A1D71F65814A12CF6E2400A, C6721F830675ADC7E7FDE2B5E822E56F6A063146F5066F1E25EBFE86F0A87136 ] C:\Windows\SysWOW64\runonce.exe
00:33:49.0724 0x0e38  C:\Windows\SysWOW64\runonce.exe - ok
00:33:49.0739 0x0e38  [ 49ACA548B2423F1C67898E6AC719A9A6, 23D84137EAB9AFDD31CBB6776B6B25AD135A120AF7F7885EB5BBF9E0A2CCC4C1 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
00:33:49.0739 0x0e38  C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
00:33:49.0739 0x0e38  [ AD7B9C14083B52BC532FBA5948342B98, 17F746D82695FA9B35493B41859D39D786D32B23A9D2E00F4011DEC7A02402AE ] C:\Windows\SysWOW64\cmd.exe
00:33:49.0739 0x0e38  C:\Windows\SysWOW64\cmd.exe - ok
00:33:49.0755 0x0e38  [ 326C7F76A29897A892AA7726E91C1C67, 64305346B06EC14976130B0B80F14B4D5AB63E5B2A6A7B872EC9CE2BF8FADCD2 ] C:\Windows\SysWOW64\winbrand.dll
00:33:49.0755 0x0e38  C:\Windows\SysWOW64\winbrand.dll - ok
00:33:49.0755 0x0e38  [ A3560FAFC1686D5EE9830B33B5C74B66, 192DF588991B88D2F8B60C3D9A2793E869055955F0798DA01AE66C3F3BF70890 ] C:\Windows\SysWOW64\ieframe.dll
00:33:49.0755 0x0e38  C:\Windows\SysWOW64\ieframe.dll - ok
00:33:49.0770 0x0e38  [ 10DD8973EADF5E4820CDB43533777BF4, 40E720D18184F33B1C405BEA22D82A69F68F08CE71722B28F2C8CE8568DAA037 ] C:\Program Files (x86)\ASUS\Splendid\my_Intel.exe
00:33:49.0770 0x0e38  C:\Program Files (x86)\ASUS\Splendid\my_Intel.exe - ok
00:33:49.0786 0x0e38  [ D83947A58613E9091B4C9CC0F1546A8D, C71DF6E18E2099FC462717B8658D39C607A62C7E7A1E5CD0E258C17434535AD0 ] C:\Windows\SysWOW64\mscoree.dll
00:33:49.0786 0x0e38  C:\Windows\SysWOW64\mscoree.dll - ok
00:33:49.0786 0x0e38  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] C:\Windows\System32\aelupsvc.dll
00:33:49.0786 0x0e38  C:\Windows\System32\aelupsvc.dll - ok
00:33:49.0802 0x0e38  [ 5E3C0E5FFDA48C5DA35BBFB8EFFF8066, E2BBCC111DB1CE6072CB796F21677E4529029CE66DDC471EC793278F81F1FCF6 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
00:33:49.0802 0x0e38  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
00:33:49.0802 0x0e38  [ 60F4AEFA103D421EA4A40E31409B4756, 037A8605CA504A4FF43E9D4DE9017CEA1E26D3556C975872C747E24D8B0835EF ] C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
00:33:49.0817 0x0e38  C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
00:33:49.0817 0x0e38  [ 2C4A87CA8C00E98EFDCFA2E8EC9A3503, DA59CE662E98E56D89E2894D2AC8B9F324C16DA23C860640EDC2C82E0AD06097 ] C:\Windows\SysWOW64\shdocvw.dll
00:33:49.0817 0x0e38  C:\Windows\SysWOW64\shdocvw.dll - ok
00:33:49.0833 0x0e38  [ D40E7B5FBB8E0EAA7C5C294389AF95AB, 8EFD521DF1F335AF416DEC15D5C0C6538903803AA1A8ED93AA704B384A29876B ] C:\Users\Owner\AppData\Local\Temp\{D97C9AFE-5B9E-4C6A-9CB1-F3236BD824A8}.exe
00:33:49.0833 0x0e38  C:\Users\Owner\AppData\Local\Temp\{D97C9AFE-5B9E-4C6A-9CB1-F3236BD824A8}.exe - ok
00:33:49.0833 0x0e38  [ FF98EF5A50EA52FA115FE60B0F0A92B1, 0B5266BF0A63C7A495BBF41143F34105AF5F5E7C79BB7B203EE8F78AE6C17231 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
00:33:49.0833 0x0e38  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
00:33:49.0848 0x0e38  [ E7B9D5FF20FFDD4AAE2EF1D1B8C27A37, 689D126B1B42140D5049015E3E324268E6542D4BC6CC14E31D8B89A25B94BAA5 ] C:\Windows\SysWOW64\imagehlp.dll
00:33:49.0848 0x0e38  C:\Windows\SysWOW64\imagehlp.dll - ok
00:33:49.0848 0x0e38  [ C61DDFE40204F3BE3DF111981D91560E, 450D5E608D344B2186A73F5421CAF1792902BFB428182D6C5A971C5E0686842F ] C:\Windows\SysWOW64\ncrypt.dll
00:33:49.0848 0x0e38  C:\Windows\SysWOW64\ncrypt.dll - ok
00:33:49.0864 0x0e38  [ CE71B9119A258EDD0A05B37D7B0F92E3, D9310C5BBFE089B8C81E259C462EC1E6D7A7A87FA59FC1F174ED5C58D409AE7A ] C:\Windows\SysWOW64\bcrypt.dll
00:33:49.0864 0x0e38  C:\Windows\SysWOW64\bcrypt.dll - ok
00:33:49.0864 0x0e38  [ E8449FE262D7406BCB2AC2A45C53EC5F, 6C118C9FB26404D1943824CF3990F36E12986547FFACB7CC0DF975A913065D78 ] C:\Windows\SysWOW64\bcryptprimitives.dll
00:33:49.0864 0x0e38  C:\Windows\SysWOW64\bcryptprimitives.dll - ok
00:33:49.0880 0x0e38  [ 1097F3035BAF46CED8B332B3564C5108, C69781683CA963A1335780DABBBC60E2C3CEF0888738D3425D358D12E8D0AF58 ] C:\Windows\SysWOW64\gpapi.dll
00:33:49.0880 0x0e38  C:\Windows\SysWOW64\gpapi.dll - ok
00:33:49.0895 0x0e38  [ 7B851A8018B1EA00A69707A390004884, DAE654713EF1DC66C8C2D27752B659081794063A7D522D1F680AA9A6E7FBA9FD ] C:\Windows\SysWOW64\cryptnet.dll
00:33:49.0895 0x0e38  C:\Windows\SysWOW64\cryptnet.dll - ok
00:33:49.0895 0x0e38  [ A054EA8FBE16D4D34F06D81A4F0088E2, 1CD4EECFDA374C8A7B8AD4E664DC057B9C75813AF776A616DC6D845905567CBD ] C:\Windows\SysWOW64\WindowsCodecs.dll
00:33:49.0895 0x0e38  C:\Windows\SysWOW64\WindowsCodecs.dll - ok
00:33:49.0911 0x0e38  [ 846D0E4DB261CFAF363902E41498E961, D7E5591B7604FD583AF7FDA19E30928B24A6145318A3944E7D207F0CCEEB30D0 ] C:\Windows\SysWOW64\EhStorShell.dll
00:33:49.0911 0x0e38  C:\Windows\SysWOW64\EhStorShell.dll - ok
00:33:49.0911 0x0e38  [ 03F3B770DFBED6131653CEDA8CA780F0, 77373919DCA647F09851E7E460AE78FBD89F21516B961F84AC4446304E51E09C ] C:\Windows\SysWOW64\ntshrui.dll
00:33:49.0911 0x0e38  C:\Windows\SysWOW64\ntshrui.dll - ok
00:33:49.0926 0x0e38  [ 8B74CEC6980D4816B0037AE9A27E538F, 8721EDB4C51BF6020002FA5DDB1987C68590F9F433A2F18D9756B2DAC7542CB6 ] C:\Windows\SysWOW64\slc.dll
00:33:49.0926 0x0e38  C:\Windows\SysWOW64\slc.dll - ok
00:33:49.0926 0x0e38  [ 827CB0D6C3F8057EA037FF271F8E9795, 82760DBDDD38D2A31CAAF51D065DF4E7E1D0F0C22733A0AF653776EBF7B79470 ] C:\Windows\SysWOW64\imageres.dll
00:33:49.0926 0x0e38  C:\Windows\SysWOW64\imageres.dll - ok
00:33:49.0942 0x0e38  [ B7A50025E0D3521E6AA4D2F047C95F61, 9C37CC43A41BA15B4F4095D06E8AAA1C842DAACD6D698A7F249BFEDCEA0BD60D ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
00:33:49.0942 0x0e38  C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll - ok
00:33:49.0958 0x0e38  [ 57CAA6B142E81EE5D0B29F323EB73B58, 2F8A2EA824EC5D65FE35A287061F32F3C90CBEC712C2F2C20F886E25E20442AF ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
00:33:49.0958 0x0e38  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok
00:33:49.0958 0x0e38  [ 75F5E1FE8D55CF8E577E0EC5F2290D3F, F4E2C81F0834018052A481AE8D7DF4780302A6844160CCDC09F7D82D3B992BDE ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll
00:33:49.0958 0x0e38  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll - ok
00:33:49.0973 0x0e38  [ 102CF6879887BBE846A00C459E6D4ABC, A4C51C79CF95D5C79DCEFB02946A09A987FEAF83CE2EE1BA7677EBA90869AC80 ] C:\Windows\SysWOW64\riched20.dll
00:33:49.0973 0x0e38  C:\Windows\SysWOW64\riched20.dll - ok
00:33:49.0989 0x0e38  [ 09A116FB06C5E362EF8938D29CDAB27B, 887B39388C39FF262FBBE3047FA1F5F47EB649AF3D760865AFE614DE64160D33 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
00:33:49.0989 0x0e38  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
00:33:49.0989 0x0e38  [ 00B0757070CEF908AB5727D028A5376B, E4F5DD8F364B86588245A960B0552E5D2BE79844AA534320FC55FF41AF32D762 ] C:\Program Files (x86)\ASUS\Splendid\Asus_DLL.dll
00:33:49.0989 0x0e38  C:\Program Files (x86)\ASUS\Splendid\Asus_DLL.dll - ok
00:33:50.0004 0x0e38  [ C0C415CEA88D4ABCFA05FD3B4718F4EB, 217F749265F4B3AFD271BA9A8F06AF40AA410E28FF8563C8CDFB545D7867E26F ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\95854f4f1f37b8eab1b1e3d7103b48ef\System.ni.dll
00:33:50.0004 0x0e38  C:\Windows\assembly\NativeImages_v2.0.50727_32\System\95854f4f1f37b8eab1b1e3d7103b48ef\System.ni.dll - ok
00:33:50.0004 0x0e38  [ 539C49CEBB3C50957AC8A09D95ECD880, 49E75CDB556FBCE72C44648F8930CF2209C1360F9311C5B4CEB19E13B11E6B75 ] C:\Windows\SysWOW64\shfolder.dll
00:33:50.0004 0x0e38  C:\Windows\SysWOW64\shfolder.dll - ok
00:33:50.0020 0x0e38  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] C:\Windows\System32\drivers\fastfat.sys
00:33:50.0020 0x0e38  C:\Windows\System32\drivers\fastfat.sys - ok
00:33:50.0020 0x0e38  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] C:\Windows\System32\alg.exe
00:33:50.0020 0x0e38  C:\Windows\System32\alg.exe - ok
00:33:50.0036 0x0e38  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
00:33:50.0036 0x0e38  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe - ok
00:33:50.0051 0x0e38  [ A0A65D306A5490D2EB8E7DE66898ECFD, CE5DA408F4EDD5E81CE0925867F03C9A35172CF1571FE4C4C052E45AB69822BB ] C:\Windows\System32\linkinfo.dll
00:33:50.0051 0x0e38  C:\Windows\System32\linkinfo.dll - ok
00:33:50.0051 0x0e38  [ 215DF39F5A4D23FC21F018760B3A261C, 1E4EB571C76A9D867D8F719272C89098E1AA45D2D0B06CB86F33E73B95EBCEAC ] C:\Program Files\Elantech\ETDCtrl.exe
00:33:50.0051 0x0e38  C:\Program Files\Elantech\ETDCtrl.exe - ok
00:33:50.0067 0x0e38  [ 4490896F4491FD5F1BE601BA9C8245BD, 53709493AFDDE795A08F5E54FCF210479304B998522A06054AA9FAF514C8F1C6 ] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
00:33:50.0067 0x0e38  C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe - ok
00:33:50.0067 0x0e38  [ 495B01F44E917CCDF79005CC0EC56F5A, F9FE6E5EC0C40B8877F846568BA4DC23EEBCC0CCA1F43364C65079F7B77F19F9 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
00:33:50.0067 0x0e38  C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe - ok
00:33:50.0082 0x0e38  [ 045451FA238A75305CC26AC982472367, 9C8A1B52A638CA87A5E7E60E635A3CBF89B04F5888995F55E2AD3D94AB009B97 ] C:\Windows\System32\wscript.exe
00:33:50.0082 0x0e38  C:\Windows\System32\wscript.exe - ok
00:33:50.0098 0x0e38  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\System32\rundll32.exe
00:33:50.0098 0x0e38  C:\Windows\System32\rundll32.exe - ok
00:33:50.0098 0x0e38  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:33:50.0098 0x0e38  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe - ok
00:33:50.0114 0x0e38  [ A6AAD37CDCAE75CB62D039E3A4D8F5E3, 4FF763B0D129175BA1B1E794BA313E6C63F7A89D377C786BF5E730AF2A1D95D1 ] C:\Program Files\Microsoft Security Client\msseces.exe
00:33:50.0114 0x0e38  C:\Program Files\Microsoft Security Client\msseces.exe - ok
00:33:50.0114 0x0e38  [ 28062B17191C9450BF6C6C3EF8C7EB27, 4859C5708DFD119021F7B7FFB38F0B316675E1E4D5D51A10D4265F712CF8CDB6 ] C:\Windows\System32\igfxtray.exe
00:33:50.0114 0x0e38  C:\Windows\System32\igfxtray.exe - ok
00:33:50.0129 0x0e38  [ 28FC280487F0BAAE5E8119257C4EEF8C, F574BC70B79B77912FC683B3EB0BE6929E7758284ED5B47008E18B0E4A4A09FD ] C:\Windows\System32\hkcmd.exe
00:33:50.0129 0x0e38  C:\Windows\System32\hkcmd.exe - ok
00:33:50.0129 0x0e38  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:33:50.0129 0x0e38  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
00:33:50.0145 0x0e38  [ F29BEA821C753E4F00177690F70CDC13, 0EDB40F4A4C23553C0288E6E3AD65E7B523F6764C87C6C36C3ECB0C1940C5176 ] C:\Windows\System32\igfxpers.exe
00:33:50.0145 0x0e38  C:\Windows\System32\igfxpers.exe - ok
00:33:50.0160 0x0e38  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] C:\Windows\ehome\ehrecvr.exe
00:33:50.0160 0x0e38  C:\Windows\ehome\ehrecvr.exe - ok
00:33:50.0160 0x0e38  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] C:\Windows\ehome\ehsched.exe
00:33:50.0160 0x0e38  C:\Windows\ehome\ehsched.exe - ok
00:33:50.0176 0x0e38  [ EB7E02337F8586E48D544CD3FC6CEE62, DFA784EBA795656D2E9EC9346ADC815FFB0BE3CC333FF581FCE9CE6CD6BB9288 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
00:33:50.0176 0x0e38  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok
00:33:50.0176 0x0e38  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] C:\Windows\System32\FXSSVC.exe
00:33:50.0176 0x0e38  C:\Windows\System32\FXSSVC.exe - ok
00:33:50.0192 0x0e38  [ 37DEB76A2CF005841C4E45DE2B94D84F, BB8F7BC57A4144A4489DB1DD7F2121346A2235EC478CE8F93CEB7E1773025FCA ] C:\Windows\AsScrPro.exe
00:33:50.0192 0x0e38  C:\Windows\AsScrPro.exe - ok
00:33:50.0192 0x0e38  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:33:50.0192 0x0e38  C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe - ok
00:33:50.0207 0x0e38  [ 698C19E198F832E071778A1427E942C8, 127C364C0E3F456B6EFC647DEDD16807EB96398ADAE7C82B07F5F02356EB4A00 ] C:\Windows\System32\ieetwcollector.exe
00:33:50.0207 0x0e38  C:\Windows\System32\ieetwcollector.exe - ok
00:33:50.0207 0x0e38  [ 33B286326BD2B1A7748C43391058FB19, C6240C9ED5B7C227595E953E3D1AB5F2D45CCD86FDBDF985836A970B4B6467FE ] C:\Program Files\iPod\bin\iPodService.exe
00:33:50.0223 0x0e38  C:\Program Files\iPod\bin\iPodService.exe - ok
00:33:50.0223 0x0e38  [ 08DFDBD2FD4EA951DC46B1C7661ED35A, D926530C659DDAF80770663F46F1EFD94FFB4AAB475C4E3367CB531AF4A734E1 ] C:\Windows\SysWOW64\powrprof.dll
00:33:50.0223 0x0e38  C:\Windows\SysWOW64\powrprof.dll - ok
00:33:50.0238 0x0e38  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] C:\Windows\System32\msdtc.exe
00:33:50.0238 0x0e38  C:\Windows\System32\msdtc.exe - ok
00:33:50.0238 0x0e38  [ DC6612A9EE015A36BA2A27BC9CC12537, F4456A3E4028BE3BDE46363290CCC1E8420034A122596D86272CE4B554C78DB5 ] C:\Windows\SysWOW64\mfc42.dll
00:33:50.0238 0x0e38  C:\Windows\SysWOW64\mfc42.dll - ok
00:33:50.0254 0x0e38  [ A190DA6546501CB4146BBCC0B6A3F48B, 5AE0BF71E770C2959FE2022C43E4C6F43E361089A3431AA3180EBF4EC0465CAC ] C:\Windows\System32\msiexec.exe
00:33:50.0254 0x0e38  C:\Windows\System32\msiexec.exe - ok
00:33:50.0254 0x0e38  [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] C:\Program Files\Microsoft Security Client\NisSrv.exe
00:33:50.0254 0x0e38  C:\Program Files\Microsoft Security Client\NisSrv.exe - ok
00:33:50.0270 0x0e38  [ 7D34AF98A706230CC2DEDFE0CABF87AB, 93237B839C2BC6E84C2C675BB211CA0FB781B348A033EF648A9AA5BDAC1EFDAE ] C:\Windows\SysWOW64\odbc32.dll
00:33:50.0270 0x0e38  C:\Windows\SysWOW64\odbc32.dll - ok
00:33:50.0270 0x0e38  [ ABA457BFC7EC0B5E130B2F1E0F549DFF, C944C75C351A276952D0A869F9ED3DF8674E9479797EE7B03D13E8FDCDEB2DC4 ] C:\Windows\SysWOW64\odbcint.dll
00:33:50.0270 0x0e38  C:\Windows\SysWOW64\odbcint.dll - ok
00:33:50.0285 0x0e38  [ C4B22486F50431B1AD9BE55EA7341CCF, 98B80ED66C58C76E880E661F3259066CCD14F89C78B7537589F96E9222D8D583 ] C:\Windows\SysWOW64\Macromed\Flash\Flash32_15_0_0_167.ocx
00:33:50.0285 0x0e38  C:\Windows\SysWOW64\Macromed\Flash\Flash32_15_0_0_167.ocx - ok
00:33:50.0301 0x0e38  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
00:33:50.0301 0x0e38  C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE - ok
00:33:50.0301 0x0e38  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] C:\Windows\System32\Locator.exe
00:33:50.0301 0x0e38  C:\Windows\System32\Locator.exe - ok
00:33:50.0316 0x0e38  [ C759FF2C5880DE29284A53A5FF976B0C, D3461765CFC5839D8A7B6AE5078EE088AE28D6260C340E5F708FD9C0E9EC8A40 ] C:\Windows\System32\pcadm.dll
00:33:50.0316 0x0e38  C:\Windows\System32\pcadm.dll - ok
00:33:50.0332 0x0e38  [ 57B4D34232852BFE4453BE571DF90D21, 3D329499D7BCACAE5F6377F988B90714F5A8301784CDB22D5B54A2266AC50D79 ] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
00:33:50.0332 0x0e38  C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe - ok
00:33:50.0332 0x0e38  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] C:\Windows\System32\sppsvc.exe
00:33:50.0332 0x0e38  C:\Windows\System32\sppsvc.exe - ok
00:33:50.0348 0x0e38  [ C3A5FFD57C2563204CD9351F0C7A0DEA, 107899DBCF33DB6844B59D27C768069635B6A21E1BD20B9A1E7DCF3A7F895657 ] C:\Program Files (x86)\CyberLink\Power2Go\msvcp71.dll
00:33:50.0348 0x0e38  C:\Program Files (x86)\CyberLink\Power2Go\msvcp71.dll - ok
00:33:50.0348 0x0e38  [ A1A6FC56A1D0DADC164637FE43C40605, 8C43448D07F7827F5761B30EB0A903E1B2EFD8F460787F03404C8098B136AE33 ] C:\Program Files (x86)\CyberLink\Power2Go\msvcr71.dll
00:33:50.0348 0x0e38  C:\Program Files (x86)\CyberLink\Power2Go\msvcr71.dll - ok
00:33:50.0363 0x0e38  [ 6A5D0ED8F280AB8E312A4252472A14A4, B45A06F95729175045DD499B5037BF1878773B2BB0A90EBC71288A7B329572AC ] C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
00:33:50.0363 0x0e38  C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll - ok
00:33:50.0363 0x0e38  [ 6C4B2E1A25841077084EB9F76FF6FFA7, 777D9E5D81409A54BF387BDDF4E471932FFB636406E390EC29EDF1FFFE3D8880 ] C:\Windows\SysWOW64\wmp.dll
00:33:50.0363 0x0e38  C:\Windows\SysWOW64\wmp.dll - ok
00:33:50.0379 0x0e38  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] C:\Windows\System32\UI0Detect.exe
00:33:50.0379 0x0e38  C:\Windows\System32\UI0Detect.exe - ok
00:33:50.0379 0x0e38  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] C:\Windows\System32\vds.exe
00:33:50.0379 0x0e38  C:\Windows\System32\vds.exe - ok
00:33:50.0394 0x0e38  [ 432BE6CF7311062633459EEF6B242FB5, 890C1734ED1EF6B2422A9B21D6205CF91E014ADD8A7F41AA5A294FCF60631A7B ] C:\Windows\SysWOW64\regsvr32.exe
00:33:50.0394 0x0e38  C:\Windows\SysWOW64\regsvr32.exe - ok
00:33:50.0410 0x0e38  [ 9110FFAD124283F37D38771BB60556AF, BB495FDF86B7C3DD7878C496090A624CE8FE68F61166C91A4C99EF1140F0AD23 ] C:\Windows\System32\dsound.dll
00:33:50.0410 0x0e38  C:\Windows\System32\dsound.dll - ok
00:33:50.0410 0x0e38  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] C:\Windows\System32\VSSVC.exe
00:33:50.0410 0x0e38  C:\Windows\System32\VSSVC.exe - ok
00:33:50.0426 0x0e38  [ 585FED4CDB8034B8B58AEB8008255817, 13D1055929D79598C04A4AB66EF3DBAADD265F9D1C3F43E84531238D2526A1AE ] C:\Windows\System32\opengl32.dll
00:33:50.0426 0x0e38  C:\Windows\System32\opengl32.dll - ok
00:33:50.0426 0x0e38  [ DD502A2E7B85EA7A3814C1034E6C23D3, 551D6C28DA6116DC65111BFA21E23BA8AE77193BEAF3DF505C343E6DC3CD5304 ] C:\Windows\AppPatch\AcGenral.dll
00:33:50.0426 0x0e38  C:\Windows\AppPatch\AcGenral.dll - ok
00:33:50.0441 0x0e38  [ F2967C0A97C0EA67D79D7F557213950D, 65516C83DCB3F952CD4454636B61CC2F153AF6BEEBC352463791D92F7F500F52 ] C:\Windows\System32\glu32.dll
00:33:50.0441 0x0e38  C:\Windows\System32\glu32.dll - ok
00:33:50.0441 0x0e38  [ E424B3EF666B184CEE0B6871AAA8C9F6, D182D9B3A813C75F88CA16A9C236AB6167DF5861D155B5DC016B90918C4BD579 ] C:\Windows\System32\msimg32.dll
00:33:50.0441 0x0e38  C:\Windows\System32\msimg32.dll - ok
00:33:50.0457 0x0e38  [ 263E9A047D17CD50BAA9D3C02910D18D, F526648358AD121001D2776E0ACC333EC4AC168CA07B40A3D3C06C5CE6A361C3 ] C:\Windows\System32\oledlg.dll
00:33:50.0457 0x0e38  C:\Windows\System32\oledlg.dll - ok
00:33:50.0457 0x0e38  [ 0805289E121F3E3C458C970B08314EB2, D9B448A04C09F525F599D0369CF9A197F471AABDA0A97201760C46D2EB8F3CDE ] C:\Windows\System32\RtkCfg64.dll
00:33:50.0457 0x0e38  C:\Windows\System32\RtkCfg64.dll - ok
00:33:50.0472 0x0e38  [ 87E6B9E00C556E375A3A90D8F7D0C3D3, 3CEB37DF09FFBF1180136C5365F2BFABFFF9D6C4B415575CD0EEFE66BF481840 ] C:\Windows\System32\RtkAPO64.dll
00:33:50.0472 0x0e38  C:\Windows\System32\RtkAPO64.dll - ok
00:33:50.0488 0x0e38  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] C:\Windows\System32\Wat\WatAdminSvc.exe
00:33:50.0488 0x0e38  C:\Windows\System32\Wat\WatAdminSvc.exe - ok
00:33:50.0488 0x0e38  [ 85683DF1F917E4D7F6BE1A04986BF1C8, D68D9F525D31C1843B6EC8FA950166FA1F34DB71222716E7B22DD33981C152B6 ] C:\Windows\SysWOW64\msacm32.dll
00:33:50.0488 0x0e38  C:\Windows\SysWOW64\msacm32.dll - ok
00:33:50.0504 0x0e38  [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9, E18D66455D00A6D2A2D7CC0833C233FE8A6DD910B59D6B5B5F82EF91450858DF ] C:\Windows\SysWOW64\sfc.dll
00:33:50.0504 0x0e38  C:\Windows\SysWOW64\sfc.dll - ok
00:33:50.0504 0x0e38  [ 84799328D87B3091A3BDD251E1AD31F9, F85521215924388830DBB13580688DB70B46AF4C7D82D549D09086438F8D237B ] C:\Windows\SysWOW64\sfc_os.dll
00:33:50.0504 0x0e38  C:\Windows\SysWOW64\sfc_os.dll - ok
00:33:50.0519 0x0e38  [ 0E85C11F8850D524B02181C6E02BA9AE, 8703566931067CCF949E9779E4D328DD21210329DD687459300C83DDD06390A8 ] C:\Windows\SysWOW64\dsound.dll
00:33:50.0519 0x0e38  C:\Windows\SysWOW64\dsound.dll - ok
00:33:50.0519 0x0e38  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] C:\Windows\System32\wbengine.exe
00:33:50.0519 0x0e38  C:\Windows\System32\wbengine.exe - ok
00:33:50.0535 0x0e38  [ 5E08AC958BE05247FF1539E0D1CE7905, C6E7419EA72D1703F72292743A999F4A6CF0C6734BA1EE92C6AF18BA8B1A3A23 ] C:\Windows\SysWOW64\dinput8.dll
00:33:50.0535 0x0e38  C:\Windows\SysWOW64\dinput8.dll - ok
00:33:50.0550 0x0e38  [ 7F8678C59F188528D60104E697C2361E, 9B4D262B10CB09543ACA9A78482F4EDD905791D2C8C518B574EBA440A71A85B7 ] C:\Windows\SysWOW64\mscms.dll
00:33:50.0550 0x0e38  C:\Windows\SysWOW64\mscms.dll - ok
00:33:50.0550 0x0e38  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] C:\Windows\System32\wbem\WmiApSrv.exe
00:33:50.0550 0x0e38  C:\Windows\System32\wbem\WmiApSrv.exe - ok
00:33:50.0566 0x0e38  [ A9F3BFC9345F49614D5859EC95B9E994, 306467D280E99D0616E839278A4DB5BED684F002AE284C3678CABB5251459CB3 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
00:33:50.0566 0x0e38  C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
00:33:50.0566 0x0e38  [ 02DF0628BE8B64B84D50FBE53549AA3B, AED50B07451F14D0C0682EDDC11ED5BBAD63D6DB11A91826B0ADBDBE411F0084 ] C:\Windows\SysWOW64\wmploc.DLL
00:33:50.0566 0x0e38  C:\Windows\SysWOW64\wmploc.DLL - ok
00:33:50.0582 0x0e38  [ 2168E61B9E3B06EEB8B3EACDFDC4699B, D4062D332908447708389C3568B5245C6569C27E0C2ABFF3C85147522AC7D606 ] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
00:33:50.0582 0x0e38  C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll - ok
00:33:50.0582 0x0e38  [ 162D247E995EAEBF3EF4289069E1111C, 19E858E9902E2D570FFD24AE2CB4165273F5BAB1FF7B04758B11AB5CD41FD752 ] C:\Windows\SysWOW64\devrtl.dll
00:33:50.0582 0x0e38  C:\Windows\SysWOW64\devrtl.dll - ok
00:33:50.0597 0x0e38  [ FB10715E4099AF9FA389C71873245226, 6A4CB43880B822A0C4714D6E52EB3EB2CE1E69C3AA9CA65EAAD6B131AE43F274 ] C:\Windows\System32\timedate.cpl
00:33:50.0597 0x0e38  C:\Windows\System32\timedate.cpl - ok
00:33:50.0613 0x0e38  [ E6F0F82788E8BD0F7A616350EFA0761C, 13091DCB3E3F4F52C3FF210E93AAF1DCE142CFC09F671AEAC5B922393B23E67B ] C:\Windows\System32\actxprxy.dll
00:33:50.0613 0x0e38  C:\Windows\System32\actxprxy.dll - ok
00:33:50.0613 0x0e38  [ 23B001185B7C3CB1F4BDEB143E6B45B7, AB3A5AB346F6353B43B06FBE20B7785DA988975E2C8B73A6588F107FFAAACC47 ] C:\Windows\System32\shdocvw.dll
00:33:50.0613 0x0e38  C:\Windows\System32\shdocvw.dll - ok
00:33:50.0628 0x0e38  [ BA56C68CCB912C4C08C97DD32C47AD31, 8B70D9BC097C8D1A4E12773B3D57E78E969C7C3ECE1DF0E4576109A4F10E0AA6 ] C:\Windows\System32\ieframe.dll
00:33:50.0628 0x0e38  C:\Windows\System32\ieframe.dll - ok
00:33:50.0628 0x0e38  [ 9108540E866F75C7AF2B91DD921A8091, 7208C8E05E818781D7F2703B86848FC90651E0D8BE10362863250F2283CEC511 ] C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
00:33:50.0628 0x0e38  C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
00:33:50.0644 0x0e38  [ FB4045578F5180BDB1963AB352B78548, 8E645A63436EE6CDDB78E6064AEB04ECE39208F760A3EF13A3F49FDF41505E21 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
00:33:50.0644 0x0e38  C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
00:33:50.0644 0x0e38  [ 73E8667A19FEEDD856DF2695E9E511D4, 68D66C36D1F293D10ADCC6A33C870F989A29743537592CF172F02E794BEAFD1C ] C:\Windows\SysWOW64\wship6.dll
00:33:50.0644 0x0e38  C:\Windows\SysWOW64\wship6.dll - ok
00:33:50.0660 0x0e38  [ B40420876B9288E0A1C8CCA8A84E5DC9, 0D3C73B45BC708D7B1E26DFB6D4F64031A998548FEA0FB5CE198ED716F7DC9A0 ] C:\Windows\SysWOW64\dnsapi.dll
00:33:50.0660 0x0e38  C:\Windows\SysWOW64\dnsapi.dll - ok
00:33:50.0660 0x0e38  [ 2BCBA6052374959A30BD7948444DBB79, 46224A2B729026FEEBC3C6A09E69919D477097848DB2CA0C2F5B166CDF379660 ] C:\Windows\System32\gameux.dll
00:33:50.0660 0x0e38  C:\Windows\System32\gameux.dll - ok
00:33:50.0675 0x0e38  [ 40947436A70E0034E41123DF5A0A7702, 5D40FD92DA5CA59C1BADB58AD509DB6A6D613F18660A9A270A53ECA85D34C3A9 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
00:33:50.0675 0x0e38  C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
00:33:50.0691 0x0e38  [ ED6EE83D61EBC683C2CD8E899EA6FEBE, F82592908D038C44D9F2E5C5B7BC663A2D370FC565F40420E1138A9E55F0E7EB ] C:\Windows\SysWOW64\rasadhlp.dll
00:33:50.0691 0x0e38  C:\Windows\SysWOW64\rasadhlp.dll - ok
00:33:50.0691 0x0e38  [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86, E15ED4FEFC3010C213694331DDFDC03767682325C898D773AB243E2DC8B08461 ] C:\Windows\System32\msftedit.dll
00:33:50.0691 0x0e38  C:\Windows\System32\msftedit.dll - ok
00:33:50.0706 0x0e38  [ 2EBD0C5B090125AECF017C57344C45AB, 4FF8F2460115C60AD164EE0DC2079E1601B8AA21A1BA8033B7B731FAF85411B6 ] C:\Windows\System32\msls31.dll
00:33:50.0706 0x0e38  C:\Windows\System32\msls31.dll - ok
00:33:50.0706 0x0e38  [ 80041798F2F049259241393A2017DB02, 59B8913A129EC26FB111C2C614C0C7440D521F65BAF32E57CA48E34337C0DDEE ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
00:33:50.0706 0x0e38  C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
00:33:50.0722 0x0e38  [ 69754747274B76E7FAF287239333D7E6, A0BAEC1E56E4B1A17C0D41B317526AF5BB11E7E488C7016067A6229346A23B16 ] C:\Windows\System32\msiltcfg.dll
00:33:50.0722 0x0e38  C:\Windows\System32\msiltcfg.dll - ok
00:33:50.0722 0x0e38  [ 24F4B480F335A6C724AF352253C5D98B, 011413B236CAD7B78CE0A0EEC3E3085D48C7576A3205D025BA6EBFDF590538E4 ] C:\Windows\System32\thumbcache.dll
00:33:50.0722 0x0e38  C:\Windows\System32\thumbcache.dll - ok
00:33:50.0738 0x0e38  [ F0D0E883EBBDC7615DC9EDEA0FFB2817, 58F1395445018CB16ED4D3710443FB5B0E087043F6A69F7B10D72D0455958954 ] C:\Windows\SysWOW64\FWPUCLNT.DLL
00:33:50.0738 0x0e38  C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
00:33:50.0753 0x0e38  [ 405F4D32D2185F1F1BD753D8EEAFFB3A, CAC42C3E09C43BE96592B670D70821386014DB22D8239A9CFB9E33E54FB5C3D5 ] C:\Windows\System32\networkexplorer.dll
00:33:50.0753 0x0e38  C:\Windows\System32\networkexplorer.dll - ok
00:33:50.0753 0x0e38  [ 4C2C4640BF23AAFCF90519E0F34436CE, 8ACCDA77C2DC5BE2DAED05134310122AFECC872A8D118612E55DD229BFE4D844 ] C:\Windows\System32\DeviceCenter.dll
00:33:50.0753 0x0e38  C:\Windows\System32\DeviceCenter.dll - ok
00:33:50.0769 0x0e38  [ B5F20ECEE958E5DC881D66E17D39FFD1, D895F80B7CF617CAB261362B76BC6A44A16A4A445A6A6C5FE6A4923254DE80EA ] C:\Windows\System32\hccutils.dll
00:33:50.0769 0x0e38  C:\Windows\System32\hccutils.dll - ok
00:33:50.0769 0x0e38  [ 14EAAD6A782FF16B05AADACFE05C8D2A, F28A159BA5CB8943533B2F4CEB3B22D9E2DA0ABD4BB96035C1DD231831A6996E ] C:\Windows\System32\LogiLDA.DLL
00:33:50.0769 0x0e38  C:\Windows\System32\LogiLDA.DLL - ok
00:33:50.0784 0x0e38  [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\Users\Owner\AppData\Local\Temp\{5A0F61A0-BB65-4CAE-BE15-1B689364577B}\{C6D34AF4-C76F-499C-BD41-627E36D328F7}.tmp
00:33:50.0784 0x0e38  C:\Users\Owner\AppData\Local\Temp\{5A0F61A0-BB65-4CAE-BE15-1B689364577B}\{C6D34AF4-C76F-499C-BD41-627E36D328F7}.tmp - ok
00:33:50.0800 0x0e38  [ C64E9B1C9EA057DCECDCB98F34377811, DA8FC343188B02B66237A993D98747D68FA6C6708FCE68B25E16E1DE46F6C71F ] C:\PROGRA~2\MICROS~1\Office14\ONENOTEM.EXE
00:33:50.0800 0x0e38  C:\PROGRA~2\MICROS~1\Office14\ONENOTEM.EXE - ok
00:33:50.0800 0x0e38  [ 24827B761D21FCEC4114EEC1320483F9, 4E94021DE9D7F2FEE68848F71FEC1A0CAC19FA981FBA538FA452CFD4A25B253E ] C:\Windows\System32\SFCOM64.dll
00:33:50.0800 0x0e38  C:\Windows\System32\SFCOM64.dll - ok
00:33:50.0816 0x0e38  [ 9A9E6E8B38222BD81C29E061C40085A4, 4DF6AEFC68F7C4881D1481A013CF258E2BB9C960F51385EF694EDCBA80A8F089 ] C:\Windows\System32\igfxrenu.lrc
00:33:50.0816 0x0e38  C:\Windows\System32\igfxrenu.lrc - ok
00:33:50.0816 0x0e38  [ 105CFE016CCB20175BEACEC146F175AB, BA21F40CDBF159EE4EACCBFB2A7D20EB9E1C2758883AF089A8E53EE478002E83 ] C:\Windows\System32\IccLibDll_x64.dll
00:33:50.0816 0x0e38  C:\Windows\System32\IccLibDll_x64.dll - ok
00:33:50.0831 0x0e38  [ 61CBB6C44CE94E0D1AB178330EF1C541, 9F32ADAFA202221793B7955AD680D27D4C2E1A070A2719561A56F35343DEF0D9 ] C:\Program Files (x86)\Microsoft Office\Office14\1033\ONINTL.DLL
00:33:50.0831 0x0e38  C:\Program Files (x86)\Microsoft Office\Office14\1033\ONINTL.DLL - ok
00:33:50.0847 0x0e38  [ 79A3B950988F8D2B81906D0C0473158B, 7D9EDB4F9A4800D31C103CF2BBC93C0F5F31888E93E899C43EC5984B4807C3D8 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
00:33:50.0847 0x0e38  C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe - ok
00:33:50.0847 0x0e38  [ 5AEBF6FA9805C9101220AA4FB4FA17E7, A9B2FC41380211A6C44E839A95676A5BA868CEEBB56D83A780230434C2A20836 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
00:33:50.0847 0x0e38  C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe - ok
00:33:50.0862 0x0e38  [ 4F92FD976457F6756904CB50905E6D40, AA7BF90E951F43B0AFA71876B0C8BFC6DC2B7C1AE424032D9EA7A477A68C5F4A ] C:\Program Files\HP\HP Officejet 2620 series\Bin\HPStatusBL.dll
00:33:50.0862 0x0e38  C:\Program Files\HP\HP Officejet 2620 series\Bin\HPStatusBL.dll - ok
00:33:50.0862 0x0e38  [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
00:33:50.0862 0x0e38  C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe - ok
00:33:50.0878 0x0e38  [ 641068C626DE3AD348871D0D7931A3FA, 69D673471E55C120CEE80CC9885F4E777C14B674F5C53884A85413350A15D8A6 ] C:\Windows\System32\vbscript.dll
00:33:50.0878 0x0e38  C:\Windows\System32\vbscript.dll - ok
00:33:50.0894 0x0e38  [ ECA6AC33BD9E441F7B47D173D715D268, 5B9017F80BD8C7823CFE1AB4C21D91388E1B31BF0D77058A98791D2FACA11EB6 ] C:\Windows\System32\msxml3.dll
00:33:50.0894 0x0e38  C:\Windows\System32\msxml3.dll - ok
00:33:50.0894 0x0e38  [ EF4248D28C2940AE6D46470AC2479A4F, 7C0DBCED93823E918A3DB9785E68A24743DECB03D378F1AEDCB0BF9705B4AC9A ] C:\Windows\System32\msisip.dll
00:33:50.0894 0x0e38  C:\Windows\System32\msisip.dll - ok
00:33:50.0909 0x0e38  [ 6E74D0AE00231D87CD213CD7BDC27E37, 29BD01036687B16670DECB1720592B7F2EA75C359784D4F89663D7B8523DF9C2 ] C:\Windows\System32\wshext.dll
00:33:50.0909 0x0e38  C:\Windows\System32\wshext.dll - ok
00:33:50.0909 0x0e38  [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
00:33:50.0909 0x0e38  C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe - ok
00:33:50.0925 0x0e38  [ 04AB67DB445F75369CBF99B174F10297, 2202D9F93870A416C220883598F3C55335BA02865B5962199ADE67A2060F75AC ] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
00:33:50.0925 0x0e38  C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe - ok
00:33:50.0925 0x0e38  [ 67CE7A83CF4AA78A05EA26D4443CE5F3, 6564E617FB526E424B6B0814EC8C6CDA5327F1B2957AA40E186767E38D4B91EC ] C:\Windows\System32\scrobj.dll
00:33:50.0925 0x0e38  C:\Windows\System32\scrobj.dll - ok
00:33:50.0940 0x0e38  [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
00:33:50.0940 0x0e38  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
00:33:50.0956 0x0e38  [ 754A0C324ECA95AE4F708D01EF27060E, 14CCE8BF5502B4DAF1B9B99406B450AF6D260F480EF22B8FCF500822A2AF5BF2 ] C:\Windows\System32\wbem\wbemdisp.dll
00:33:50.0956 0x0e38  C:\Windows\System32\wbem\wbemdisp.dll - ok
00:33:50.0956 0x0e38  [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
00:33:50.0956 0x0e38  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
00:33:50.0972 0x0e38  [ 9ACCBC5891BA51B5B29C1A88F80D4CE3, 4EA3D9CB239874232AE0D7F824AF8CC7AD9BB4657CB9978B41067B4447FBE71B ] C:\Program Files (x86)\QuickTime\QTTask.exe
00:33:50.0972 0x0e38  C:\Program Files (x86)\QuickTime\QTTask.exe - ok
00:33:50.0972 0x0e38  [ 13820B972D74B3DE4F6552A57AC799A7, B85C6840A98E93BE928A61E46F8C712874B10D942BB9A8377045623AC877F8E4 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
00:33:50.0972 0x0e38  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
00:33:50.0987 0x0e38  [ BAF535F843A3E790E04A7613811B55BC, 764608E1BC657FBBBB3E0DC5D36F0701CAA9D28BE15E416DF84AD3EFC7EB85D9 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
00:33:50.0987 0x0e38  C:\Program Files (x86)\iTunes\iTunesHelper.exe - ok
00:33:51.0003 0x0e38  [ 1A36176A9D9DAE5F7DCABF6B61940963, 8A45746100A8EB38F29605D450965866F9A7297D1BB41BEA21F6E3203CB09831 ] C:\Program Files (x86)\Nike\Nike+ Connect\Nike+ Connect daemon.exe
00:33:51.0003 0x0e38  C:\Program Files (x86)\Nike\Nike+ Connect\Nike+ Connect daemon.exe - ok
00:33:51.0003 0x0e38  [ B88E5340A5A50B53310B00DA455FB4FA, A8FE1FD9B430A3792FCD5D1EFBE82D399C83294F1D655DBCB9A7608043505D0A ] C:\Windows\System32\wbem\stdprov.dll
00:33:51.0003 0x0e38  C:\Windows\System32\wbem\stdprov.dll - ok
00:33:51.0018 0x0e38  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
00:33:51.0018 0x0e38  C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe - ok
00:33:51.0018 0x0e38  [ 3AF35DEF61C817AA7C62904E9CC6F56C, 796F9BA222323D1471FD1260509026BF53C836A0687048321A5591B5F13CC92C ] C:\Program Files (x86)\iTunes\iTunesHelper.dll
00:33:51.0018 0x0e38  C:\Program Files (x86)\iTunes\iTunesHelper.dll - ok
00:33:51.0034 0x0e38  [ C12D1B8DA3BFFAC2C76E60D9ABD17A1C, D85164D846B17C0D429875C38D992882AEA1D64EE069B7583DC86E398753C8C2 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll
00:33:51.0034 0x0e38  C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
00:33:51.0050 0x0e38  [ A634431AEB7D85869CB57D527CC4D5F1, A03297789B5A784AF3765C523B33B9D54578E38A178CA67103B5E0E74F905331 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
00:33:51.0050 0x0e38  C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe - ok
00:33:51.0050 0x0e38  [ 297F164DF80D84D8B300CB7BB46F6BAE, 6EC9D640F1F5E59BDC702976E19312CD94B3A78D151E0B88447D4BFFFA869639 ] C:\Program Files\Microsoft Security Client\MsMpRes.dll
00:33:51.0050 0x0e38  C:\Program Files\Microsoft Security Client\MsMpRes.dll - ok
00:33:51.0065 0x0e38  [ DFE23F802A5114EA471B0980E87FD183, D6054AFD5AB55B5D61B01DD4BAD7CCFC42A8FCFDA65D2D7137A330C9D03824E2 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
00:33:51.0065 0x0e38  C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
00:33:51.0081 0x0e38  [ 3E29914113EC4B968BA5EB1F6D194A0A, C8D5572CA8D7624871188F0ACABC3AE60D4C5A4F6782D952B9038DE3BC28B39A ] C:\Program Files (x86)\Nike\Nike+ Connect\msvcp110.dll
00:33:51.0081 0x0e38  C:\Program Files (x86)\Nike\Nike+ Connect\msvcp110.dll - ok
00:33:51.0081 0x0e38  [ 8204B6DC0023A0C70D9C8F2AAC0A3999, 11BAEE88EF09926684DFFBF59D64EAA3DB63A762DDCD10B587063FE6A2DCC808 ] C:\Windows\System32\igfxress.dll
00:33:51.0081 0x0e38  C:\Windows\System32\igfxress.dll - ok
00:33:51.0096 0x0e38  [ 381CF052785F8C644128A50B8F5DD184, 5FA62736ECBDB2C9ED58669CC379A58F0612BB4B8162FE4CC1FB5D9B3A25628E ] C:\Program Files\Elantech\ETDFavorite.dll
00:33:51.0096 0x0e38  C:\Program Files\Elantech\ETDFavorite.dll - ok
00:33:51.0096 0x0e38  [ C3761661C17C2248A9379A8FB89E3DE1, CE3477FA2B4058EB80739E0161FE957545F13CF86D313F6422732901D35F75F2 ] C:\Windows\System32\stobject.dll
00:33:51.0096 0x0e38  C:\Windows\System32\stobject.dll - ok
00:33:51.0112 0x0e38  [ A4FBAA985D1DC842631473DC604100B2, 60F83F0B89088B0FBF1A2EBCBBC527929E02D1B48FE014A95DB19345C328882A ] C:\Program Files\Elantech\ETDApix.dll
00:33:51.0112 0x0e38  C:\Program Files\Elantech\ETDApix.dll - ok
00:33:51.0112 0x0e38  [ 4BA25D2CBE1587A841DCFB8C8C4A6EA6, B30160E759115E24425B9BCDF606EF6EBCE4657487525EDE7F1AC40B90FF7E49 ] C:\Program Files (x86)\Nike\Nike+ Connect\msvcr110.dll
00:33:51.0112 0x0e38  C:\Program Files (x86)\Nike\Nike+ Connect\msvcr110.dll - ok
00:33:51.0128 0x0e38  [ 11379ADAEB0D8FB11DA78B9152BFEFFA, 6645DD8493DDFA75FF84BEB4ED39077B28CF852893AF2D2A6C6EBE34E003E34F ] C:\Program Files (x86)\ASUS\Wireless Console 3\FreeImage.dll
00:33:51.0128 0x0e38  C:\Program Files (x86)\ASUS\Wireless Console 3\FreeImage.dll - ok
00:33:51.0143 0x0e38  [ F832EEEA97CDDA1AF577E721F652A0D1, EBBB7CA199BA4DF231123922BD310D43DE0104C6185B70FE0281B938D5336F2E ] C:\Windows\System32\batmeter.dll
00:33:51.0143 0x0e38  C:\Windows\System32\batmeter.dll - ok
00:33:51.0143 0x0e38  [ 4E39830415EEA68CFCB737FE3D6A0E28, 13929538B2054036CA44BB10E2AAB8E526C25BF07EB11D8598B964383E9B845B ] C:\Program Files\Elantech\ETDCmds.dll
00:33:51.0143 0x0e38  C:\Program Files\Elantech\ETDCmds.dll - ok
00:33:51.0159 0x0e38  [ F4FEC311177C29BF7FF3A1B6002B3B64, A51312B76D0187BF729BE75A3AA404F3EFDA25B33DBC2D2B1B6218ECEC4E8429 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe
00:33:51.0159 0x0e38  C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe - ok
00:33:51.0159 0x0e38  [ 5046E55184021406C27E8D48A1B2C9D2, DA592E05F2BA21A540B409FD2156A5BDF253EB3B50B30EEDCAE325DD026993D7 ] C:\Windows\System32\l3codeca.acm
00:33:51.0159 0x0e38  C:\Windows\System32\l3codeca.acm - ok
00:33:51.0174 0x0e38  [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\Users\Owner\AppData\Local\Temp\{5A0F61A0-BB65-4CAE-BE15-1B689364577B}\{7211D283-69E7-4C95-85CD-C0DFD273C236}.tmp
00:33:51.0174 0x0e38  C:\Users\Owner\AppData\Local\Temp\{5A0F61A0-BB65-4CAE-BE15-1B689364577B}\{7211D283-69E7-4C95-85CD-C0DFD273C236}.tmp - ok
00:33:51.0174 0x0e38  [ D859B2E8E7160FC4081124E6D1F98C4A, EB97195D30BD59F74770F0FE8954D3F058AB792E365BA2BC3E22FFFEC4C6281B ] C:\Program Files\Elantech\ETDCtrlHelper.exe
00:33:51.0174 0x0e38  C:\Program Files\Elantech\ETDCtrlHelper.exe - ok
00:33:51.0190 0x0e38  [ 80808656078CFCC32CF8BFEB0DD66279, 383F37599ABF16EEDEB2A60242DB7EDCC3D210A2A59DD61169047059F7041C5C ] C:\Users\Owner\AppData\Local\Temp\{5A0F61A0-BB65-4CAE-BE15-1B689364577B}\{704E836C-6342-4A62-9C79-621337C2826C}.tmp
00:33:51.0190 0x0e38  C:\Users\Owner\AppData\Local\Temp\{5A0F61A0-BB65-4CAE-BE15-1B689364577B}\{704E836C-6342-4A62-9C79-621337C2826C}.tmp - ok
00:33:51.0206 0x0e38  [ 93812FDC01AA864195816CD814445F95, E5CB2576DA2905177AFD342DBE63E17CF626F93F430DEBC55155C18C60166BEE ] C:\Program Files\Microsoft Security Client\SqmApi.dll
00:33:51.0206 0x0e38  C:\Program Files\Microsoft Security Client\SqmApi.dll - ok
00:33:51.0206 0x0e38  [ 2EE693BE96C0D9E885CBC0FAC177D379, 893E602670925E1FDD3849FE944F48CDD04505D82F8190FF25E3C91187496C9A ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
00:33:51.0206 0x0e38  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
00:33:51.0221 0x0e38  [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122, E7EA375A3BDE8FC764CB09524344370B9EE25F98AD6C83E6F37A569EB8D277D6 ] C:\Windows\System32\prnfldr.dll
00:33:51.0221 0x0e38  C:\Windows\System32\prnfldr.dll - ok
00:33:51.0237 0x0e38  [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\Users\Owner\AppData\Local\Temp\{5A0F61A0-BB65-4CAE-BE15-1B689364577B}\{BC4B3593-CC24-4063-99E5-D2F2326BCC72}.tmp
00:33:51.0237 0x0e38  C:\Users\Owner\AppData\Local\Temp\{5A0F61A0-BB65-4CAE-BE15-1B689364577B}\{BC4B3593-CC24-4063-99E5-D2F2326BCC72}.tmp - ok
00:33:51.0237 0x0e38  [ F2E46D4A13688042B55E1A4254298FE2, 8B25BCB63BB28748F468245943F10AEC286917A8E825EFDF8C92F049E98D8C6B ] C:\Program Files (x86)\ASUS\Wireless Console 3\RtlLib.dll
00:33:51.0237 0x0e38  C:\Program Files (x86)\ASUS\Wireless Console 3\RtlLib.dll - ok
00:33:51.0252 0x0e38  [ A67050F159C5DEC50E92EE3F716DD293, 443F0D60C81AF025EDF7419730ADB01EA8FB264E3A3423946252DDF941B024A2 ] C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
00:33:51.0252 0x0e38  C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll - ok
00:33:51.0252 0x0e38  [ B0F8CCA08DBC392442E27377B98DD0CD, D76D5897EFE57BD3897F3ACD44A85003BD412E9C0CAF1C78D18137C32327A399 ] C:\Windows\System32\consent.exe
00:33:51.0252 0x0e38  C:\Windows\System32\consent.exe - ok
00:33:51.0268 0x0e38  [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\Users\Owner\AppData\Local\Temp\{5A0F61A0-BB65-4CAE-BE15-1B689364577B}\{6F4EBB93-EB3E-4A5B-A839-B3CD3B5F32EC}.tmp
00:33:51.0268 0x0e38  C:\Users\Owner\AppData\Local\Temp\{5A0F61A0-BB65-4CAE-BE15-1B689364577B}\{6F4EBB93-EB3E-4A5B-A839-B3CD3B5F32EC}.tmp - ok
00:33:51.0268 0x0e38  [ 42A9CB6906D9A8BEDC83B57163E62924, E18522D3137653140757829EFBFCE624A5BAA5842E2BBA10B9E5AB6C84BE49E1 ] C:\Windows\System32\DXP.dll
00:33:51.0284 0x0e38  C:\Windows\System32\DXP.dll - ok
00:33:51.0284 0x0e38  [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\Users\Owner\AppData\Local\Temp\{5A0F61A0-BB65-4CAE-BE15-1B689364577B}\{9327DACA-7361-4815-9E7A-3864572DE97E}.tmp
00:33:51.0284 0x0e38  C:\Users\Owner\AppData\Local\Temp\{5A0F61A0-BB65-4CAE-BE15-1B689364577B}\{9327DACA-7361-4815-9E7A-3864572DE97E}.tmp - ok
00:33:51.0299 0x0e38  [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\Users\Owner\AppData\Local\Temp\{5A0F61A0-BB65-4CAE-BE15-1B689364577B}\{54794554-8940-4105-BB33-1C3E285D0C74}.tmp
00:33:51.0299 0x0e38  C:\Users\Owner\AppData\Local\Temp\{5A0F61A0-BB65-4CAE-BE15-1B689364577B}\{54794554-8940-4105-BB33-1C3E285D0C74}.tmp - ok
00:33:51.0299 0x0e38  [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\Users\Owner\AppData\Local\Temp\{5A0F61A0-BB65-4CAE-BE15-1B689364577B}\{77E12534-2931-445B-BFA2-ACFDB0AE7266}.tmp
00:33:51.0299 0x0e38  C:\Users\Owner\AppData\Local\Temp\{5A0F61A0-BB65-4CAE-BE15-1B689364577B}\{77E12534-2931-445B-BFA2-ACFDB0AE7266}.tmp - ok
00:33:51.0315 0x0e38  [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\Users\Owner\AppData\Local\Temp\{5A0F61A0-BB65-4CAE-BE15-1B689364577B}\{789A98CC-5CB1-411A-A768-9409834F3084}.tmp
00:33:51.0315 0x0e38  C:\Users\Owner\AppData\Local\Temp\{5A0F61A0-BB65-4CAE-BE15-1B689364577B}\{789A98CC-5CB1-411A-A768-9409834F3084}.tmp - ok
00:33:51.0330 0x0e38  [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\Users\Owner\AppData\Local\Temp\{5A0F61A0-BB65-4CAE-BE15-1B689364577B}\{13302836-4170-4EFB-9A87-73E25DBD47D7}.tmp
00:33:51.0330 0x0e38  C:\Users\Owner\AppData\Local\Temp\{5A0F61A0-BB65-4CAE-BE15-1B689364577B}\{13302836-4170-4EFB-9A87-73E25DBD47D7}.tmp - ok
00:33:51.0330 0x0e38  [ C8E8B8239FCF17BEA10E751BE5854631, CB869195E78AB613CEF50AE3B247F0E4E42F233A7AAF5B2BFC5ADEA2C45C5F8D ] C:\Windows\System32\FXSRESM.dll
00:33:51.0330 0x0e38  C:\Windows\System32\FXSRESM.dll - ok
00:33:51.0346 0x0e38  [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891, 0A82A475301202791A7C10F978F952EAB7DB146A702D4EA67E24E2C98BC19638 ] C:\Windows\System32\Syncreg.dll
00:33:51.0346 0x0e38  C:\Windows\System32\Syncreg.dll - ok
00:33:51.0346 0x0e38  [ CC4D9D4C9C2293E04989565FCC10F11E, 25BA290AEDCCA280558C9057BF145EA37AE44BF1D5065F1974F4FA8107E35A2C ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
00:33:51.0346 0x0e38  C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
00:33:51.0362 0x0e38  [ C836175870E00ACC546066632E15BD10, 4347F3319C26DA1C38F395C74DBD67AF886149C8F29EDE765DD96C8480A3054A ] C:\Windows\ehome\ehSSO.dll
00:33:51.0362 0x0e38  C:\Windows\ehome\ehSSO.dll - ok
00:33:51.0377 0x0e38  [ 68DDB5E4FCB46B2197244ABB879488E1, D3C9E1ADC3C7FE072D3F63592F0094960EAA911A91D9EA1F413E370DB36F2C99 ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
00:33:51.0377 0x0e38  C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
00:33:51.0377 0x0e38  [ C8FDF0FA9E97E2FAAF3F814716AAA881, DD24A1CAB44D943B0E1A795A347AD25D9305FC7F012A2566A6A14BD47221831F ] C:\Windows\System32\WPDShServiceObj.dll
00:33:51.0377 0x0e38  C:\Windows\System32\WPDShServiceObj.dll - ok
00:33:51.0393 0x0e38  [ 4F3CD1C59EA71401E155C432BCECE180, 6D4118A627CAE509E43D0CC0062EECAA0990C955BB15AE24834460551B2F51A2 ] C:\Windows\System32\PortableDeviceTypes.dll
00:33:51.0393 0x0e38  C:\Windows\System32\PortableDeviceTypes.dll - ok
00:33:51.0393 0x0e38  [ 7C02774740B2EA1F5237808B1A363D34, 34CE5C0F94A35491EB41C0681782D4B4DFAB2B8C687455C5454DA2C5EC1C822E ] C:\Program Files (x86)\ASUS\Wireless Console 3\IpLib.dll
00:33:51.0393 0x0e38  C:\Program Files (x86)\ASUS\Wireless Console 3\IpLib.dll - ok
00:33:51.0408 0x0e38  [ E7368F0A8D19445EAF5C5D0DBB8B8DAB, CF9082360E32A7C3E13A67AC2C6192F4A76870D43DA9FF2936993A637F712761 ] C:\Windows\System32\AltTab.dll
00:33:51.0408 0x0e38  C:\Windows\System32\AltTab.dll - ok
00:33:51.0424 0x0e38  [ F8AA89842999D05E6355FFE23624E4D4, 46EAAF445BA1D94E8D7D5DFE6173918933AD39AC26426B17C27F17C3AE58FC02 ] C:\Program Files\HP\HP Officejet 2620 series\Bin\HPStatusUI.dll
00:33:51.0424 0x0e38  C:\Program Files\HP\HP Officejet 2620 series\Bin\HPStatusUI.dll - ok
00:33:51.0424 0x0e38  [ 10F815BE90A66AAFC6C713D1BD626064, 01139FC04BC53594296F6A0E16B8D20B940F64BC8119FE7705C03C4947958F39 ] C:\Windows\System32\pnidui.dll
00:33:51.0424 0x0e38  C:\Windows\System32\pnidui.dll - ok
00:33:51.0440 0x0e38  [ F1ED09F4F1FE819031F9140B76F20395, 2FBA018C37622B3163DC4D5C3C48A2F54DFF664E5BD45C8D3D1ED170CD2051E4 ] C:\Program Files (x86)\ASUS\Wireless Console 3\libeay32.dll
00:33:51.0440 0x0e38  C:\Program Files (x86)\ASUS\Wireless Console 3\libeay32.dll - ok
00:33:51.0440 0x0e38  [ 28CA821606669BB9215CE010767720FA, C8A1F0D6704F8F37CF8AADDFAD511FF27E56E8BCFFD4AC948DFA0329DB1F3A1E ] C:\Windows\SysWOW64\cryptui.dll
00:33:51.0440 0x0e38  C:\Windows\SysWOW64\cryptui.dll - ok
00:33:51.0455 0x0e38  [ B9F0A4020AA98B7A20287BF7FE99A1FD, 21138F161EEEA46198890C7A2D073F2C82829E15676131BDAD9F237EDC7477CD ] C:\Windows\System32\QUTIL.DLL
00:33:51.0455 0x0e38  C:\Windows\System32\QUTIL.DLL - ok
00:33:51.0455 0x0e38  [ 8569E35D00F45972E506502EEE622BA4, 01FE851C03DB88C8373099C279F995A559D962B08932E193032FA3EAD522FB01 ] C:\Windows\System32\srchadmin.dll
00:33:51.0455 0x0e38  C:\Windows\System32\srchadmin.dll - ok
00:33:51.0471 0x0e38  [ 92DBF0A4C9239169010FC6E07859C82E, 00FB2CF4420F0FFEF519AFE732A708CF249640121E2A891CAA164313ABD7F804 ] C:\Windows\System32\ActionCenter.dll
00:33:51.0471 0x0e38  C:\Windows\System32\ActionCenter.dll - ok
00:33:51.0486 0x0e38  [ E2A17BCC08D92F42E08AF6BA2F93ABA7, 5FC9D47BF4B1094BECC0C0DDCD5CD4318DD3E4495D982F8785331616D5B82599 ] C:\Windows\SysWOW64\ExplorerFrame.dll
00:33:51.0486 0x0e38  C:\Windows\SysWOW64\ExplorerFrame.dll - ok
00:33:51.0486 0x0e38  [ 06B4C8D5D9708A7494AC7C02CD54650E, 899311EB4CC6B85A27A8201CF80487002D8DF66F6EA0B4DB445C14C473576F14 ] C:\Program Files (x86)\ASUS\Wireless Console 3\inter_f2.dll
00:33:51.0486 0x0e38  C:\Program Files (x86)\ASUS\Wireless Console 3\inter_f2.dll - ok
00:33:51.0502 0x0e38  [ 388CE212A119271EEA68F42712F3F64F, 787CA7C1E1166B8CAFF65A3A0AA5D67092F8CAF57480083BBB4D5F970BF728A3 ] C:\Program Files (x86)\ASUS\Wireless Console 3\ATKWLIOC.DLL
00:33:51.0502 0x0e38  C:\Program Files (x86)\ASUS\Wireless Console 3\ATKWLIOC.DLL - ok
00:33:51.0502 0x0e38  [ E7C665D4AFAAB45A9086D02FFC87A4B4, 6020C14659D88D641DE0B88F238BDF416FC388C01ACECBBCE12367A20A92045E ] C:\Program Files (x86)\ASUS\Wireless Console 3\SiSPkt.dll
00:33:51.0502 0x0e38  C:\Program Files (x86)\ASUS\Wireless Console 3\SiSPkt.dll - ok
00:33:51.0518 0x0e38  [ F00AE7B953ABEF1B53FBBA187DFC8238, 6FFA160FB6821A725A7D81E1BECE1DE89E3E022B33E56A7468E2E0B4C8B2AE31 ] C:\Windows\System32\webcheck.dll
00:33:51.0518 0x0e38  C:\Windows\System32\webcheck.dll - ok
00:33:51.0533 0x0e38  [ 101797BA603D227946B4B5109867EB19, EBF2B48D1A4FE148F455EA32023ABC0D479215D48C7CE76E765F199CD3C80AF8 ] C:\Windows\System32\SyncCenter.dll
00:33:51.0533 0x0e38  C:\Windows\System32\SyncCenter.dll - ok
00:33:51.0533 0x0e38  [ 6E1F8165C365D35C8E3C045AF0CDD481, B861360D0A014265A0BEB4CC2FE31EA05AE95120E8B07820C13A044D64C00E2B ] C:\Windows\SysWOW64\duser.dll
00:33:51.0533 0x0e38  C:\Windows\SysWOW64\duser.dll - ok
00:33:51.0549 0x0e38  [ EE06B85BC69F18826302348A2AD089E0, 417205797CC9F6C986A863A61179784D9ADCAF1961EF8A4D9042D73C5A86509A ] C:\Windows\SysWOW64\dui70.dll
00:33:51.0549 0x0e38  C:\Windows\SysWOW64\dui70.dll - ok
00:33:51.0549 0x0e38  [ C746F3BF98E92FB137B5BD2B8B5925BD, 67A8990F3D491D149E65C90042909259793C65E671DC953FDA1F7590FAC23D9E ] C:\Windows\System32\FXSST.dll
00:33:51.0549 0x0e38  C:\Windows\System32\FXSST.dll - ok
00:33:51.0564 0x0e38  [ 650CAEA856943E29F25A25D31E004B18, DCA63D2AF4C6F14B27EA006F200E58A5C13AC940A51947A40F668908A446CC4E ] C:\Windows\System32\FXSAPI.dll
00:33:51.0564 0x0e38  C:\Windows\System32\FXSAPI.dll - ok
00:33:51.0564 0x0e38  [ 8130391F82D52D36C0441F714136957F, 1FD4FEE7CAF63E450F27729E07EA2A2F09288629FD872DBB6E8710B16D8DBD5D ] C:\Windows\System32\imapi2.dll
00:33:51.0564 0x0e38  C:\Windows\System32\imapi2.dll - ok
00:33:51.0580 0x0e38  [ F7A256EC899C72B4ECDD2C02CB592EFD, 9C1AA9322E83CABB94AEA4375EAEB0C44700E1F33B8BE98649BA1DF4DDFAD326 ] C:\Windows\System32\bthprops.cpl
00:33:51.0580 0x0e38  C:\Windows\System32\bthprops.cpl - ok
00:33:51.0596 0x0e38  [ B010CF886420EE29C2C276646721D255, CBCD032D679ADE3A9942A1D116648D6A9ECC71F66F8630629E724E5EE23F9F73 ] C:\Windows\SysWOW64\wlanapi.dll
00:33:51.0596 0x0e38  C:\Windows\SysWOW64\wlanapi.dll - ok
00:33:51.0596 0x0e38  [ 1D6A771D1D702AE07919DB52C889A249, E5F3378AC40AEE6114EEAF3BF11DC1059466891CAE353E80C08622A60485C954 ] C:\Windows\SysWOW64\wlanutil.dll
00:33:51.0596 0x0e38  C:\Windows\SysWOW64\wlanutil.dll - ok
00:33:51.0611 0x0e38  [ 3BF84EE7E982EF54C0E04EC5162C51DA, 170C29102D1B594E1F32D396B37B6C90570FDA4332665946FD7E43150A39E35E ] C:\Program Files (x86)\ASUS\Wireless Console 3\WimaxConsole.exe
00:33:51.0611 0x0e38  C:\Program Files (x86)\ASUS\Wireless Console 3\WimaxConsole.exe - ok
00:33:51.0611 0x0e38  [ 04CB7C8FDC6D9640DD82A527208F72C4, 0F8A327B0234A29EAB1F03D9102A3DF7DB4515BF580163198C5A8C174C98DE4F ] C:\Windows\System32\UIAnimation.dll
00:33:51.0611 0x0e38  C:\Windows\System32\UIAnimation.dll - ok
00:33:51.0627 0x0e38  [ D2155709E336C3BC15729EB87FEC6064, 682A84C0F2D892E7A6CEE4E5937B4799E352AAE3B71E7037F2A343373467443C ] C:\Windows\System32\rasdlg.dll
00:33:51.0627 0x0e38  C:\Windows\System32\rasdlg.dll - ok
00:33:51.0642 0x0e38  [ 6A5C1A8AC0B572679361026D0E900420, B5E693B48B462E97738A3D4E58B60846159649EB15F4D11074B4BC107CC88562 ] C:\Windows\System32\hgcpl.dll
00:33:51.0642 0x0e38  C:\Windows\System32\hgcpl.dll - ok
00:33:51.0642 0x0e38  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] C:\Windows\System32\fdPHost.dll
00:33:51.0642 0x0e38  C:\Windows\System32\fdPHost.dll - ok
00:33:51.0658 0x0e38  [ 171D7DB433314A868507C4326E8209DC, 254E0D9F99CE47104CF21D8E968D89D6A09B9CE47168E760BAB28AD5A1E9E6A3 ] C:\Windows\System32\fdWSD.dll
00:33:51.0658 0x0e38  C:\Windows\System32\fdWSD.dll - ok
00:33:51.0658 0x0e38  [ 8494E126F0B10180F3293AF861CE1F7A, 538B1F30423DB2398E611BC46C80150C090698E633BABF7362F7060DBF0C3064 ] C:\Windows\System32\mlang.dll
00:33:51.0658 0x0e38  C:\Windows\System32\mlang.dll - ok
00:33:51.0674 0x0e38  [ A2E5B2D20954210DCE1A75A1FC8CC36D, 1EA240AC37ECA4EC3E542F9E6DF72753EBA1DF76CBA8691EC61ABCC51EE6FCB2 ] C:\Windows\System32\fdSSDP.dll
00:33:51.0674 0x0e38  C:\Windows\System32\fdSSDP.dll - ok
00:33:51.0674 0x0e38  [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2, E8ACB693B1A78FAEF292111BE3F9B10BA95C76833C06C931A08EAAAE39A21334 ] C:\Windows\System32\dot3api.dll
00:33:51.0674 0x0e38  C:\Windows\System32\dot3api.dll - ok
00:33:51.0689 0x0e38  [ E4FCA0F99A41E460C84016DEFD31E6EF, 8EB14AF2025EADC7C86280E8417D8F286E8271B4F88B31696E33DFD72B3A0EF2 ] C:\Windows\System32\wlanhlp.dll
00:33:51.0689 0x0e38  C:\Windows\System32\wlanhlp.dll - ok
00:33:51.0689 0x0e38  [ 2A436796758BF2555A26C770FE8A6FEE, 9E42AF3A3CB05E323CBB7F93FE7C454CD251672C5D9F5E94909131A5D8F9204A ] C:\Windows\System32\fdProxy.dll
00:33:51.0689 0x0e38  C:\Windows\System32\fdProxy.dll - ok
00:33:51.0705 0x0e38  [ 357BE883C5236BFC7341CB9E82308908, 4DDB697FD9B7C516CF99D73C8799EA35BB97E2431216CD7C1045F17B06109FBF ] C:\Windows\System32\wlanapi.dll
00:33:51.0705 0x0e38  C:\Windows\System32\wlanapi.dll - ok
00:33:51.0720 0x0e38  [ 6699A112A3BDC9B52338512894EBA9D6, 10888BB9C3799E1E8B010C0F9088CED376AAD63A509FCE1727C457B022CDC717 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
00:33:51.0720 0x0e38  C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
00:33:51.0720 0x0e38  [ B6411CED931AFD059E48C52DBFBA95B4, 4E275A691E6A1C07D72DC8DA16B58B6634286A5058C3F4AC0ABD92B9A57FB5D5 ] C:\Windows\System32\P2P.dll
00:33:51.0720 0x0e38  C:\Windows\System32\P2P.dll - ok
00:33:51.0736 0x0e38  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] C:\Windows\System32\ListSvc.dll
00:33:51.0736 0x0e38  C:\Windows\System32\ListSvc.dll - ok
00:33:51.0736 0x0e38  [ 5DA219F57A9076FB6FBD3C9C3713A672, 274FE616625B336D81841FDC752C8053D4CD6926565B899760D298D145CBA1A3 ] C:\Windows\System32\WWanAPI.dll
00:33:51.0736 0x0e38  C:\Windows\System32\WWanAPI.dll - ok
00:33:51.0752 0x0e38  [ 92E0508D924512F63FFEEFE498CBD11F, 1158011E4A1298DEC79133B40888AA87B06F5B64BA2AB461B58C22F5F9211D0C ] C:\Windows\System32\p2pcollab.dll
00:33:51.0752 0x0e38  C:\Windows\System32\p2pcollab.dll - ok
00:33:51.0752 0x0e38  [ 4A82EA2807B16FF577AEAF8ADB8779FF, C7F9A45FF80DFDE804D81BEE23C748A465AEB729DF2C9E327374CDD94E300547 ] C:\Windows\System32\IdListen.dll
00:33:51.0752 0x0e38  C:\Windows\System32\IdListen.dll - ok
00:33:51.0767 0x0e38  [ 62C7AACC746C9723468A8F2169ED3E85, 40E901F3EAFE52DF11D6BC4EF0E79F666EBDACE0B3C090CAD2358076E893EA47 ] C:\Windows\System32\wwapi.dll
00:33:51.0767 0x0e38  C:\Windows\System32\wwapi.dll - ok
00:33:51.0767 0x0e38  [ 6B851E682A36453E1B1EE297FFB6E2AB, A641D3FD9463C4788B45B8B5584EA4489C1F63A71B4B595AE85FF3482CD5EDA6 ] C:\Windows\System32\QAGENT.DLL
00:33:51.0767 0x0e38  C:\Windows\System32\QAGENT.DLL - ok
00:33:51.0783 0x0e38  [ A0524499F4C63CADA7E1529FC77F5DC1, DCAF3C89B7363139EB128C6240CA2B301090BF18C57688B0990FC2BBF680752F ] C:\Windows\System32\hgprint.dll
00:33:51.0783 0x0e38  C:\Windows\System32\hgprint.dll - ok
00:33:51.0798 0x0e38  [ C7494C67A6BF6FE914808E42F8265FEF, 3A3871983F2D9A57739C70365DC3F417D9BF02F5C0C4CC3272EA9F3D380EF962 ] C:\Program Files\Windows Media Player\wmpnssci.dll
00:33:51.0798 0x0e38  C:\Program Files\Windows Media Player\wmpnssci.dll - ok
00:33:51.0798 0x0e38  [ F7BEEFF93EEDF1F8C08597BB61AE4CD2, E21006A0A0E07E57E6DE4D1C92088B9C01F69BC6F7CDFBE4D5AF748363E4AF9D ] C:\Program Files\Internet Explorer\ieproxy.dll
00:33:51.0798 0x0e38  C:\Program Files\Internet Explorer\ieproxy.dll - ok
00:33:51.0814 0x0e38  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] C:\Windows\System32\pnrpsvc.dll
00:33:51.0814 0x0e38  C:\Windows\System32\pnrpsvc.dll - ok
00:33:51.0814 0x0e38  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] C:\Windows\System32\QAGENTRT.DLL
00:33:51.0814 0x0e38  C:\Windows\System32\QAGENTRT.DLL - ok
00:33:51.0830 0x0e38  [ 506A83A3BEEE9FCA09F0170DE9FC7D1B, 2DFBD792B68F3EBEF0843183CAE5D52B6FA04163808AFACF6C0D738455898C36 ] C:\Windows\System32\fveui.dll
00:33:51.0830 0x0e38  C:\Windows\System32\fveui.dll - ok
00:33:51.0830 0x0e38  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] C:\Windows\System32\wuaueng.dll
00:33:51.0830 0x0e38  C:\Windows\System32\wuaueng.dll - ok
00:33:51.0845 0x0e38  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] C:\Windows\System32\p2psvc.dll
00:33:51.0845 0x0e38  C:\Windows\System32\p2psvc.dll - ok
00:33:51.0861 0x0e38  [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1, 13E0350F82C61ED03E9A09FF991610EEDA214B2EBAF042396F29D3D49A6298A9 ] C:\Windows\System32\P2PGraph.dll
00:33:51.0861 0x0e38  C:\Windows\System32\P2PGraph.dll - ok
00:33:51.0861 0x0e38  [ 423982DD851406A52B6399DDB196C606, 5FFBA6D1E9398E7C5D18553EE1C485F59174013622332F7BD8D461F707F1EC93 ] C:\Windows\System32\wmdrmdev.dll
00:33:51.0861 0x0e38  C:\Windows\System32\wmdrmdev.dll - ok
00:33:51.0876 0x0e38  [ 2C1055E2C6D42753241FB2A129136994, A8E858B4CB8E1E13C7574330C703E0060AEE8B7B19B682F9AE5B4A02BDC659E2 ] C:\Windows\System32\drmv2clt.dll
00:33:51.0876 0x0e38  C:\Windows\System32\drmv2clt.dll - ok
00:33:51.0876 0x0e38  [ 54B5DCD55B223BC5DF50B82E1E9E86B1, 025294DD69A421FE4EACAA463F8CB797610D8F3A7A3C61656AE83D0CEE07A9BF ] C:\Windows\System32\mfplat.dll
00:33:51.0876 0x0e38  C:\Windows\System32\mfplat.dll - ok
00:33:51.0892 0x0e38  [ 8CBBB27369F9F07BC5E874E750EAF9D0, 4C4BEA5AD454692E0A56ACFC83C495CA44B7BB2393388A5582CE3EBE5D81E2E1 ] C:\Windows\System32\wmp.dll
00:33:51.0892 0x0e38  C:\Windows\System32\wmp.dll - ok
00:33:51.0892 0x0e38  [ AB272BBFB05A8585C3405EFA9F605774, 2E019FB20769BDBAAC5C55B0055602A5AAEC4F93494F4B2A686756ADA3B3D4E2 ] C:\Windows\System32\wmploc.DLL
00:33:51.0892 0x0e38  C:\Windows\System32\wmploc.DLL - ok
00:33:51.0908 0x0e38  [ 97A891E2BF7FDA830BCFC6269DA3F5E9, 7C8D68F0B0A7E4FF93820CC37D666FBA5400F8689860CFEB215E4A204F2C216B ] C:\Windows\System32\blackbox.dll
00:33:51.0908 0x0e38  C:\Windows\System32\blackbox.dll - ok
00:33:51.0923 0x0e38  [ 96DB78C9C50CEED9DA5050EFFEE272A2, 51CF3E1F96555A4E4B5BC0DE2598CE5A0199F495644A91C2105F25A5A4CF10E3 ] C:\Windows\System32\upnp.dll
00:33:51.0923 0x0e38  C:\Windows\System32\upnp.dll - ok
00:33:51.0923 0x0e38  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] C:\Windows\System32\ssdpsrv.dll
00:33:51.0923 0x0e38  C:\Windows\System32\ssdpsrv.dll - ok
00:33:51.0939 0x0e38  [ 355A138ABDFD43FBABCAE3A1B06AB93D, 26015CE72D27E2F7FA7322203CDF236896A079F8325F1B24975CA12C57FD4B7B ] C:\Windows\System32\wmpps.dll
00:33:51.0939 0x0e38  C:\Windows\System32\wmpps.dll - ok
00:33:51.0939 0x0e38  [ F149E8CAE538DBF7059B00326673F602, 8B576A68AE43B506D0C7E91C63E8EF1DB9E73F0E87E48CF57086BCE51E5F8C36 ] C:\Windows\System32\wmpmde.dll
00:33:51.0939 0x0e38  C:\Windows\System32\wmpmde.dll - ok
00:33:51.0954 0x0e38  [ 021287C2050FD5DB4A8B084E2C38139C, EA27C640FE0F1E8BAE70BEF98E663E68A35336BB6D52D56B2367297D22C50648 ] C:\Windows\System32\WinSATAPI.dll
00:33:51.0954 0x0e38  C:\Windows\System32\WinSATAPI.dll - ok
00:33:51.0954 0x0e38  [ 66C87DB880052104808507D6FA84D68E, 46BD5C16225B3D0BF786FDA6461CE9A549DAA9FA38C8BDADAA0AF08FA6A24260 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
00:33:51.0954 0x0e38  C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL - ok
00:33:51.0970 0x0e38  [ 28A7D7C7E2FDD1D55F12F750CD6331EC, 0CC0159D3F5682307439D8F3651A080430C7EAB8EFA25BA246AADF4665297E8D ] C:\Windows\System32\MSMPEG2ENC.DLL
00:33:51.0970 0x0e38  C:\Windows\System32\MSMPEG2ENC.DLL - ok
00:33:51.0970 0x0e38  [ 46767946E7B559D981C1DC04EC0AB36F, 69137AA9AEF9727FFD1B65AA4D658C6E8AAD3A062717B447260502B4D7DB90C6 ] C:\Windows\System32\devenum.dll
00:33:51.0970 0x0e38  C:\Windows\System32\devenum.dll - ok
00:33:51.0986 0x0e38  [ 558C42D165DB5799B4072DC0A9C27C0B, 2385E16ACF07252D5567EC091C1B39D39BB8199F60854D5A91EDC948C57B3A3F ] C:\Windows\System32\msdmo.dll
00:33:51.0986 0x0e38  C:\Windows\System32\msdmo.dll - ok
00:33:51.0986 0x0e38  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] C:\Windows\System32\upnphost.dll
00:33:51.0986 0x0e38  C:\Windows\System32\upnphost.dll - ok
00:33:52.0001 0x0e38  [ 71E68F2443A80BD4DA89181889C457EA, 8665D3DDF92B05EF287FB6EC43782512C23A1437764CF6F4DE0B00547F3C696B ] C:\Windows\System32\udhisapi.dll
00:33:52.0001 0x0e38  C:\Windows\System32\udhisapi.dll - ok
00:33:52.0017 0x0e38  [ 5F639198C4137075DA50E61C23963C11, 3D03B3BF62B3469069AD6BE2AAEE152CB6722D36C001B8197FEBC2F3EB9ADBE0 ] C:\Windows\System32\drprov.dll
00:33:52.0017 0x0e38  C:\Windows\System32\drprov.dll - ok
00:33:52.0017 0x0e38  [ BC566D17914B07ABAAB3A5A385CC3300, DCE0A1D26312AA6441FB7122C6EED980AE350D58B2B4B166CB62F983306268E9 ] C:\Windows\System32\ntlanman.dll
00:33:52.0017 0x0e38  C:\Windows\System32\ntlanman.dll - ok
00:33:52.0032 0x0e38  [ B32AB94A432289AC2DF77A3DCAD32EED, B1021C78F940E6FA7A8992B2733B593B89DA57325A0A0D13D2767F193A78D90F ] C:\Windows\System32\davclnt.dll
00:33:52.0032 0x0e38  C:\Windows\System32\davclnt.dll - ok
00:33:52.0032 0x0e38  [ 45B24A357C801CE62052FE0CDC8BD4D2, 00602E41B78473825253F6B2557A5C43FBDDCCF713D806929AE7C039FF8F185C ] C:\Windows\System32\davhlpr.dll
00:33:52.0032 0x0e38  C:\Windows\System32\davhlpr.dll - ok
00:33:52.0048 0x0e38  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] C:\Windows\System32\qmgr.dll
00:33:52.0048 0x0e38  C:\Windows\System32\qmgr.dll - ok
00:33:52.0048 0x0e38  [ 29409ED7400CA5BCCC30C0EE5147A60D, FCC41E4308A1648CE810105AACED08295C53E25178D6C40C9DF61E9397C579D6 ] C:\Windows\System32\bitsperf.dll
00:33:52.0048 0x0e38  C:\Windows\System32\bitsperf.dll - ok
00:33:52.0064 0x0e38  [ D9431DCF90B0253773F51FDEFE7FD42F, E53C40CC0EC603CF67305F0AA81389124CF6E709A22DABF13563CBAD15897422 ] C:\Windows\System32\bitsigd.dll
00:33:52.0064 0x0e38  C:\Windows\System32\bitsigd.dll - ok
00:33:52.0079 0x0e38  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:33:52.0079 0x0e38  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
00:33:52.0079 0x0e38  [ 0DCA5F8AF83975061D9D8340DC471B5C, 71C8549419F46ABB4826B1847BF325374FA5C237CE14DB8B1DD8BB6FDABF6138 ] C:\Windows\SysWOW64\msvcr110_clr0400.dll
00:33:52.0079 0x0e38  C:\Windows\SysWOW64\msvcr110_clr0400.dll - ok
00:33:52.0095 0x0e38  [ 81FB155132AE12BA18119D5B36A85476, B135C87752B20C98CD5D4B9BE47316F785EC41FD5E391D8609F06EDA29B05BBF ] C:\Windows\System32\msvcr110_clr0400.dll
00:33:52.0095 0x0e38  C:\Windows\System32\msvcr110_clr0400.dll - ok
00:33:52.0095 0x0e38  [ A08C010D859F8EB42BDD7E1D55B8CA27, F86EAFBF7AA41D8425156C07398EDC3BD42F1690BD3E15D27AEF2EDA86549F15 ] C:\Windows\System32\mscoree.dll
00:33:52.0095 0x0e38  C:\Windows\System32\mscoree.dll - ok
00:33:52.0110 0x0e38  [ C8E5975C1EC98961829CD03D615D2FE4, 8F1E1BDC3C0CB761BD2D5A4B5068C5B86C91D331E34766407681B75829DF641E ] C:\Program Files (x86)\Google\Update\1.3.24.15\goopdateres_en.dll
00:33:52.0110 0x0e38  C:\Program Files (x86)\Google\Update\1.3.24.15\goopdateres_en.dll - ok
00:33:52.0126 0x0e38  [ 98B16E756243BEA9410E32025B19C06F, C4F8663FF4C2F1123CC92D88004090AD06ED12FCD07706AE168333A33B269A53 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
00:33:52.0126 0x0e38  C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe - ok
00:33:52.0126 0x0e38  [ FFF95479C7AB1550F0750A5D01744211, FF67F892AABCE1C2B695FF4C0816339566F5745C1498D48FAC050E5196C1CE09 ] C:\Windows\System32\drivers\spsys.sys
00:33:52.0126 0x0e38  C:\Windows\System32\drivers\spsys.sys - ok
00:33:52.0142 0x0e38  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] C:\Windows\System32\wscsvc.dll
00:33:52.0142 0x0e38  C:\Windows\System32\wscsvc.dll - ok
00:33:52.0142 0x0e38  [ FA43D418BC945D27D0625B697B8442B5, 035DE0FEA440D2E3AD255EE84B388DDA538E778877033FDB54B8A61BB0AADE56 ] C:\Windows\System32\cabinet.dll
00:33:52.0142 0x0e38  C:\Windows\System32\cabinet.dll - ok
00:33:52.0157 0x0e38  [ 617F6EC0AC677C685479C1D0D1E76C6F, 77B22C0817558CE70EF7D3BBE04A275FFA35ED2E4AFB17DBDF353DF9932DC693 ] C:\Windows\System32\mspatcha.dll
00:33:52.0157 0x0e38  C:\Windows\System32\mspatcha.dll - ok
00:33:52.0157 0x0e38  [ 0DB2758CF1BAFE22E0970FDA0785B74C, 325DEABB182FCA8DCB426AD0095B3524C8F77F2A9204E703391F631B2C4A1157 ] C:\Windows\System32\wuapi.dll
00:33:52.0157 0x0e38  C:\Windows\System32\wuapi.dll - ok
00:33:52.0173 0x0e38  [ F6F22291024906E43D135A4B1705FEAC, C1B66012799D247033E8AB8386B51BC86A4E2255E6D0B163AC000B215C51B42A ] C:\Windows\System32\sppwinob.dll
00:33:52.0173 0x0e38  C:\Windows\System32\sppwinob.dll - ok
00:33:52.0188 0x0e38  [ 7EC6617005F76714C7E16605E7A8AB06, 5940168249A9C1791CBD71C8F22FC618E8932808E1478986D89A386A5DA458AC ] C:\Windows\System32\wups.dll
00:33:52.0188 0x0e38  C:\Windows\System32\wups.dll - ok
00:33:52.0188 0x0e38  [ E76F105AD039B9E4DA9ECE839298C4A2, 76C7056F23E90524CE4947FDE560C6D825186520DA5E9965A2116C24011AB762 ] C:\Windows\System32\wups2.dll
00:33:52.0188 0x0e38  C:\Windows\System32\wups2.dll - ok
00:33:52.0204 0x0e38  [ 7A78ED1088890114DFDE2C4AB038D6B6, B52357594A90A8BCF5F96FA630F52BB1274A2FE814AF0270D21C892871D076FC ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
00:33:52.0204 0x0e38  C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe - ok
00:33:52.0204 0x0e38  [ 2B373B5F7E36B5ED5DA176D4400EF091, A7E220CC3661429D786693B277A7F39D5D9E24284B1D9E55DB6295AF7D97D104 ] C:\Windows\System32\sppobjs.dll
00:33:52.0204 0x0e38  C:\Windows\System32\sppobjs.dll - ok
00:33:52.0220 0x0e38  [ D480C9220BFE667DE65A46CDE80EA7E9, 3BD2C69533749792A8DA8E5602515BCA2E290194838F566334DBB54BB2CE2229 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\StatusStrings.dll
00:33:52.0220 0x0e38  C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\StatusStrings.dll - ok
00:33:52.0235 0x0e38  [ 122F89E0905FC656D56F65CD7A2E9B4D, 4D86847587EE5212129E98A814124E490EE29F411DBB9CF7ECEB1E9146B4FCAE ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\xerces-c_2_7.dll
00:33:52.0235 0x0e38  C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\xerces-c_2_7.dll - ok
00:33:52.0235 0x0e38  [ B84E2D174DC84916A536572BB8F691A8, 94E3D68F102439D3A585D2D796F3F3FC27CB41C640058DDC14AF99A723B2CD99 ] C:\Windows\System32\wscisvif.dll
00:33:52.0235 0x0e38  C:\Windows\System32\wscisvif.dll - ok
00:33:52.0251 0x0e38  [ 6C1E3C43B35268C17833244C8ED96430, 9C571AA762E71177B6FF486D1DB500E3530E13CAFD87316AD2C64F5A55EB4A93 ] C:\Windows\System32\wscproxystub.dll
00:33:52.0251 0x0e38  C:\Windows\System32\wscproxystub.dll - ok
00:33:52.0251 0x0e38  [ FC3001B4B9DF50B61F3CCA615759EFE7, 9AAE3665AD2893E7DB41965D430A7230B826AC4580603F20102E21C19C15535F ] C:\Windows\System32\PhotoMetadataHandler.dll
00:33:52.0251 0x0e38  C:\Windows\System32\PhotoMetadataHandler.dll - ok
00:33:52.0266 0x0e38  [ F1C19F0AA151B90A7416FA1D50DDB582, A4AE6B056BF65A12CE5BEDFC3ADE156F088AEAC7196EB5741C9573C64552A7C0 ] C:\Windows\System32\WindowsCodecsExt.dll
00:33:52.0266 0x0e38  C:\Windows\System32\WindowsCodecsExt.dll - ok
00:33:52.0266 0x0e38  [ 0B7E85364CB878E2AD531DB7B601A9E5, F5AD3018427F1CD68450EE5CB55AA9572546322580E0FB1E7888702A291C2380 ] C:\Windows\SysWOW64\NapiNSP.dll
00:33:52.0266 0x0e38  C:\Windows\SysWOW64\NapiNSP.dll - ok
00:33:52.0282 0x0e38  [ 5CF640EDDB1E40A5AB1BB743BCDEC610, 0313AA3F713C9F5B84DBB0B4DE78A96B173E9F7B4CF61C10FDC7DAE952DB04E5 ] C:\Windows\SysWOW64\pnrpnsp.dll
00:33:52.0282 0x0e38  C:\Windows\SysWOW64\pnrpnsp.dll - ok
00:33:52.0282 0x0e38  [ 5DF5D8CFD9B9573FA3B2C89D9061A240, 990EA273B640DF2D7E800C0CFF18550259C605A4951CD82CD9F1E7B6FF0C9533 ] C:\Windows\SysWOW64\winrnr.dll
00:33:52.0282 0x0e38  C:\Windows\SysWOW64\winrnr.dll - ok
00:33:52.0298 0x0e38  [ AC122407B29378FF9646F03404AC7C54, 01F03A11C4419665557C3CB7E712B8AD59B13703115CB10C9F39FBE82D177BE6 ] C:\Windows\SysWOW64\wshbth.dll
00:33:52.0298 0x0e38  C:\Windows\SysWOW64\wshbth.dll - ok
00:33:52.0313 0x0e38  [ 9A85ABCE0FDD1AF8E79E731EB0B679F3, 2A610BEB16610FE2F2E9A50477A62A05481E8A5843A814955A0EDFF45D0304B3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
00:33:52.0313 0x0e38  C:\Windows\SysWOW64\dhcpcsvc.dll - ok
00:33:52.0313 0x0e38  [ 81F6C1AE23B1C493D9E996C3103915D7, E22408B4D2EDE2F89E686A4FDCD4057BE27B86D050E9CB489F0FFB39C72AEC1D ] C:\Windows\SysWOW64\dhcpcsvc6.dll
00:33:52.0313 0x0e38  C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
00:33:52.0313 0x0e38  ================ Scan generic autorun ======================
00:33:52.0313 0x0e38  ETDCtrl - ok
00:33:52.0407 0x0e38  [ 4490896F4491FD5F1BE601BA9C8245BD, 53709493AFDDE795A08F5E54FCF210479304B998522A06054AA9FAF514C8F1C6 ] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
00:33:52.0469 0x0e38  AmIcoSinglun64 - detected UnsignedFile.Multi.Generic ( 1 )
00:33:56.0931 0x0e38  Detect skipped due to KSN trusted
00:33:56.0931 0x0e38  AmIcoSinglun64 - ok
00:33:57.0149 0x0e38  [ 495B01F44E917CCDF79005CC0EC56F5A, F9FE6E5EC0C40B8877F846568BA4DC23EEBCC0CCA1F43364C65079F7B77F19F9 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
00:33:57.0336 0x0e38  RtHDVBg - ok
00:33:57.0336 0x0e38  IntelTBRunOnce - ok
00:33:57.0352 0x0e38  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
00:33:57.0399 0x0e38  Logitech Download Assistant - ok
00:33:57.0539 0x0e38  [ A6AAD37CDCAE75CB62D039E3A4D8F5E3, 4FF763B0D129175BA1B1E794BA313E6C63F7A89D377C786BF5E730AF2A1D95D1 ] C:\Program Files\Microsoft Security Client\msseces.exe
00:33:57.0664 0x0e38  MSC - ok
00:33:57.0711 0x0e38  [ 28062B17191C9450BF6C6C3EF8C7EB27, 4859C5708DFD119021F7B7FFB38F0B316675E1E4D5D51A10D4265F712CF8CDB6 ] C:\Windows\system32\igfxtray.exe
00:33:57.0758 0x0e38  IgfxTray - ok
00:33:57.0789 0x0e38  [ 28FC280487F0BAAE5E8119257C4EEF8C, F574BC70B79B77912FC683B3EB0BE6929E7758284ED5B47008E18B0E4A4A09FD ] C:\Windows\system32\hkcmd.exe
00:33:57.0836 0x0e38  HotKeysCmds - ok
00:33:57.0882 0x0e38  [ F29BEA821C753E4F00177690F70CDC13, 0EDB40F4A4C23553C0288E6E3AD65E7B523F6764C87C6C36C3ECB0C1940C5176 ] C:\Windows\system32\igfxpers.exe
00:33:57.0945 0x0e38  Persistence - ok
00:33:58.0413 0x0e38  [ 5BB1F77C8AF725A15EC9366498D275BB, 87146A81FB6F313ACF087C72F219CFAA92D4CA456810C49241BD182384B2DAAC ] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
00:33:58.0834 0x0e38  ATKOSD2 - ok
00:33:58.0896 0x0e38  [ 79A3B950988F8D2B81906D0C0473158B, 7D9EDB4F9A4800D31C103CF2BBC93C0F5F31888E93E899C43EC5984B4807C3D8 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
00:33:58.0928 0x0e38  ATKMEDIA - ok
00:33:58.0959 0x0e38  [ 5AEBF6FA9805C9101220AA4FB4FA17E7, A9B2FC41380211A6C44E839A95676A5BA868CEEBB56D83A780230434C2A20836 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
00:33:58.0990 0x0e38  HControlUser - ok
00:33:59.0068 0x0e38  [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
00:33:59.0099 0x0e38  UpdateLBPShortCut - ok
00:33:59.0162 0x0e38  [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
00:33:59.0193 0x0e38  UpdateP2GoShortCut - ok
00:33:59.0396 0x0e38  [ 04AB67DB445F75369CBF99B174F10297, 2202D9F93870A416C220883598F3C55335BA02865B5962199ADE67A2060F75AC ] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
00:33:59.0583 0x0e38  Wireless Console 3 - ok
00:33:59.0676 0x0e38  [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
00:33:59.0708 0x0e38  APSDaemon - ok
00:33:59.0817 0x0e38  [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
00:33:59.0910 0x0e38  Adobe ARM - ok
00:33:59.0973 0x0e38  [ 9ACCBC5891BA51B5B29C1A88F80D4CE3, 4EA3D9CB239874232AE0D7F824AF8CC7AD9BB4657CB9978B41067B4447FBE71B ] C:\Program Files (x86)\QuickTime\QTTask.exe
00:34:00.0020 0x0e38  QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
00:34:03.0654 0x0e38  Detect skipped due to KSN trusted
00:34:03.0654 0x0e38  QuickTime Task - ok
00:34:03.0732 0x0e38  [ BAF535F843A3E790E04A7613811B55BC, 764608E1BC657FBBBB3E0DC5D36F0701CAA9D28BE15E416DF84AD3EFC7EB85D9 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
00:34:03.0764 0x0e38  iTunesHelper - ok
00:34:03.0795 0x0e38  [ 1A36176A9D9DAE5F7DCABF6B61940963, 8A45746100A8EB38F29605D450965866F9A7297D1BB41BEA21F6E3203CB09831 ] C:\Program Files (x86)\Nike\Nike+ Connect\Nike+ Connect daemon.exe
00:34:03.0810 0x0e38  Nike+ Connect - detected UnsignedFile.Multi.Generic ( 1 )
00:34:06.0930 0x0e38  Detect skipped due to KSN trusted
00:34:06.0930 0x0e38  Nike+ Connect - ok
00:34:07.0040 0x0e38  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
00:34:07.0055 0x0e38  HP Software Update - ok
00:34:07.0211 0x0e38  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
00:34:07.0398 0x0e38  Sidebar - ok
00:34:07.0445 0x0e38  [ 23C2FCAA50C4F80F7D1B8A0771D45328, AE5BC1B2FC15AFFB5F38037AE4C87BB85F9C85D4AC0DCDD51F48A0F77E8EC094 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
00:34:07.0476 0x0e38  iCloudServices - ok
00:34:07.0508 0x0e38  [ 5883D86F8C22B1E5F78627E4AF19B234, 7DEE0ED168CBE012CAB1552586FDA945DF5151773E5523F0C7E4091F1DF1578F ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
00:34:07.0523 0x0e38  ApplePhotoStreams - ok
00:34:07.0632 0x0e38  [ 0CA7445A40F3321959F942ED0F81F470, D837A9F1468926E227E89A725DCA3C1E3D154934118CAA2C0EDC3D6691F64B1B ] C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
00:34:07.0773 0x0e38  AppleIEDAV - ok
00:34:07.0898 0x0e38  [ 620D718FC22999994C908397106CEC57, A1E0D2A8DCEDFFB7D8C256EEE9B4456468E456A708DC957062D36F62EB8147E7 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
00:34:07.0991 0x0e38  GoogleChromeAutoLaunch_E21A55733DE47A9C91846541BA1A406D - ok
00:34:07.0991 0x0e38  Waiting for KSN requests completion. In queue: 7
00:34:09.0005 0x0e38  Waiting for KSN requests completion. In queue: 7
00:34:10.0019 0x0e38  Waiting for KSN requests completion. In queue: 6
00:34:11.0033 0x0e38  Waiting for KSN requests completion. In queue: 6
00:34:12.0078 0x0e38  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x60000 ( disabled : updated )
00:34:12.0156 0x0e38  Win FW state via NFP2: enabled
00:34:16.0103 0x0e38  ============================================================
00:34:16.0103 0x0e38  Scan finished
00:34:16.0103 0x0e38  ============================================================
00:34:16.0119 0x0c50  Detected object count: 0
00:34:16.0119 0x0c50  Actual detected object count: 0
00:46:41.0952 0x0cf0  Deinitialize success


 



#15 Chivalry

Chivalry
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:04:09 PM

Posted 29 September 2014 - 02:26 AM

I just figured out that the logs were too long to post them all in one....

I think that is why I was having trouble posting at all >.>

Ok, What's next? Zombie Alert is still being a sneakie pants... :notme: 
 



 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users