Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

infected by Iexplore.exe virus


  • This topic is locked This topic is locked
61 replies to this topic

#1 G8888

G8888

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:05:13 PM

Posted 19 October 2014 - 09:07 PM

For months now when i use the internet 3 or 4 of them up in my task Manager.

Seems to have got worse over the last few weeks my computer keeps saying low disk space even though i have alot.

 

I've tried Malwarebytes Anti-Malware it doesn't pick it up nor does others.

Since last week i can't get in to twitter & facebook using IE, I need to use google chrome for that & about 4 of them show up in the task manager to.

 

Anyone know how to get rid of it?



BC AdBot (Login to Remove)

 


#2 LiquidTension

LiquidTension

  • Malware Response Team
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:13 PM

Posted 23 October 2014 - 02:43 PM

Hello G8888, welcome to Bleeping Computer's Malware Removal forum!
 
My username is LiquidTension, but you can call me Adam. I will be assisting you with your malware-related problems.
If you would allow me to call you by your first name I would prefer that. smile.png
 
======================================================
 
Please read through the points below to ensure this process moves as quickly and efficiently as possible.

  • Please read through my instructions thoroughly, and ensure you carry out each step in the order specified.
  • Please do not post logs using the CODEQUOTE or ATTACHMENT format. Logs should be posted directly in plain text. If you receive an error whilst posting, please break the log in half and use multiple posts.
  • Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in ascertaining the current situation and providing the best set of instructions for you.
  • Please backup important files before proceeding with my instructions. Malware removal can be unpredictable.  
  • If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before proceeding.
  • Topics are locked if no response is made after 4 days. Please inform me if you require additional time to complete my instructions.
  • Ensure you are following this topic. Click etYzdbu.png at the top of the page. 
     

======================================================
 
Please run the following diagnostic scans so I can ascertain the state of your computer.
 
STEP 1

xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Scan

  • Please download Farbar Recovery Scan Tool (x32) or Farbar Recovery Scan Tool (x64) and save the file to your Desktop.
  • Note: Download and run the version compatible with your system (32 or 64-bit). Download both if you're unsure; only one will run.
  • Right-Click FRST.exe / FRST64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Yes to the disclaimer.
  • Ensure the Addition.txt box is checked.
  • Click the Scan button and let the programme run.
  • Upon completion, click OK, then OK on the Addition.txt pop up screen.
  • Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply. 
     

STEP 2
YARWD1t.png TDSSKiller Scan

  • Please download TDSSKiller and save the file to your Desktop.
  • Right-Click TDSSKiller.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Change parameters. Place a checkmark next to:
    • Loaded Modules
    • Detect TDLFS file system
    • Verify file digital signatures
  • Note: If you receive the following message: Extended Monitoring Driver is required, click Reboot now, and continue from here following the reboot.
  • ​Click Start Scan. Do not use the computer during the scan.
  • If objects are found, change the action to skip.
  • Click Continue and close the window.
  • A log will be created and saved to the root directory (usually C:\). Attach the log in your next reply.
     

======================================================
 
STEP 3
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • FRST.txt
  • Addition.txt
  • TDSSKiller log (attached)

Posted Image

#3 LiquidTension

LiquidTension

  • Malware Response Team
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:13 PM

Posted 26 October 2014 - 06:01 AM

Hello, 

 

Do you still require assistance? 


Posted Image

#4 LiquidTension

LiquidTension

  • Malware Response Team
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:13 PM

Posted 27 October 2014 - 08:36 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Posted Image

#5 G8888

G8888
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:05:13 PM

Posted 28 October 2014 - 08:20 PM

Here's the logs from Step 1

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-10-2014 01
Ran by owner (administrator) on OWNER-PC on 28-10-2014 21:34:15
Running from C:\Users\owner\Desktop
Loaded Profile: owner (Available profiles: owner)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\Runservice.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_15_0_0_167_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\ielowutil.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\update\realsched.exe [295512 2013-04-12] (RealNetworks, Inc.)
HKLM\...\Run: [{0ec71d09-272c-82aa-95ca-ef496dfd9c3f}] => C:\Users\owner\AppData\Local\Microsoft\{0ec71d09-272c-82aa-95ca-ef496dfd9c3f}\{0ec71d09-272c-82aa-95ca-ef496dfd9c3f}.exe [293410 2014-10-28] ()
HKLM\...\Policies\Explorer\Run: [{0ec71d09-272c-82aa-95ca-ef496dfd9c3f}] => C:\Users\owner\AppData\Local\Microsoft\{0ec71d09-272c-82aa-95ca-ef496dfd9c3f}\{0ec71d09-272c-82aa-95ca-ef496dfd9c3f}.exe [293410 2014-10-28] ( ())
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
BootExecute: autocheck autochk * sdnclean.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.co.uk/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?ilc=8
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?ilc=8
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKCU - DefaultScope {2D800840-97B5-47D9-8211-3714E120C3F9} URL = http://uk.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=382950&p={searchTerms}
SearchScopes: HKCU - BrowserMngrDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {2D800840-97B5-47D9-8211-3714E120C3F9} URL = http://uk.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=382950&p={searchTerms}
SearchScopes: HKCU - {44f44034-6036-4f06-9336-74ec4620edab} URL =
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - {8A96AF9E-4074-43b7-BEA3-87217BDA7406} URL =
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKCU - {B8A594DB-F60D-4480-899C-36E2FD52DC56} URL = https://www.google.com/search?q={searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
Toolbar: HKLM - No Name - !{07B18EA9-A523-4961-B6BB-170DE4475CCA} -  No File
Toolbar: HKLM - No Name - !{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} -  No File
Toolbar: HKLM - No Name - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} -  No File
Toolbar: HKLM - No Name - !{54ba686e-738f-42fe-badd-d8cb7cfbc07e} -  No File
Toolbar: HKLM - No Name - !{6F282B65-56BF-4BD1-A8B2-A4449A05863D} -  No File
Toolbar: HKLM - No Name - !{8dcb7100-df86-4384-8842-8fa844297b3f} -  No File
Toolbar: HKLM - No Name - !{98889811-442D-49dd-99D7-DC866BE87DBC} -  No File
Toolbar: HKLM - No Name - !{D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKLM - No Name - !{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} -  No File
Toolbar: HKLM - No Name - !{EF99BD32-C1FB-11D2-892F-0090271D4F88} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: {444785F1-DE89-4295-863A-D46C3A781394} http://webplayer.unity3d.com/download_webplayer/UnityWebPlayer.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-07] (SuperAdBlocker.com)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [147456] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\8fcd7mg5.default
FF DefaultSearchUrl: hxxp://uk.search.yahoo.com/search?fr=mkg030&p=
FF SearchEngineOrder.1: Search Results
FF Homepage: hxxp://www.searchnu.com/406
FF NetworkProxy: "no_proxies_on", "*.local"
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Keyword.URL: https://search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=198484&ilc=12&p=
FF NetworkProxy: "user_pref("layout.spellcheckDefault", 0);type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @oberon-media.com/ONCAdapter -> C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
FF Plugin: @otee.dk/UnityWebPlayer -> C:\Program Files\OverTheEdge\Unity\WebPlayer\loader\npUnityWeb32.dll (OverTheEdge I/S)
FF Plugin: @real.com/nppl3260;version=16.0.1.18 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.1.18 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: TorchVLC -> C:\Users\owner\AppData\Local\Torch\Plugins\Video\VLC\npvlc.dll No File
FF user.js: detected! => C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\8fcd7mg5.default\user.js
FF SearchPlugin: C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\8fcd7mg5.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\8fcd7mg5.default\searchplugins\BabylonMngr.xml
FF SearchPlugin: C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\8fcd7mg5.default\searchplugins\mywebsearch.xml
FF SearchPlugin: C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\8fcd7mg5.default\searchplugins\Retrogamer_2z.xml
FF SearchPlugin: C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\8fcd7mg5.default\searchplugins\yahoo_ff.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\WebSearchober6765875.xml
FF Extension: Default Manager - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\8fcd7mg5.default\Extensions\DefaultManager@Microsoft [2011-07-11]
FF Extension: FlashFirebug - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\8fcd7mg5.default\Extensions\flashfirebug@o-minds.com [2012-07-23]
FF Extension: Oberon GamesBar - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\8fcd7mg5.default\Extensions\gamesbar@oberon-media.com [2012-08-21]
FF Extension: Yahoo! Toolbar - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\8fcd7mg5.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2012-05-23]
FF Extension: Firebug - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\8fcd7mg5.default\Extensions\firebug@software.joehewitt.com.xpi [2011-05-31]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-04-08]
FF HKLM\...\Firefox\Extensions: [{DAC3F861-B30D-40dd-9166-F4E75327FAC7}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-04-12]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

Chrome:
=======
CHR Profile: C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-16]
CHR Extension: (Google Docs) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-16]
CHR Extension: (Google Drive) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-16]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-16]
CHR Extension: (YouTube) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-16]
CHR Extension: (Google Search) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-16]
CHR Extension: (Google Sheets) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-16]
CHR Extension: (RealDownloader) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-10-16]
CHR Extension: (Google Wallet) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-16]
CHR Extension: (Gmail) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-16]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-03-06]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [120088 2013-10-10] (SUPERAntiSpyware.com)
R2 LicCtrlService; C:\Windows\runservice.exe [2560 2012-06-07] () [File not signed]
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2152736 2014-05-04] (IObit)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-03-06] ()
S2 892cc6a3; "C:\Windows\system32\rundll32.exe" "c:\progra~2\perfor~1\PerformanceOptimizerSvc.dll",service
S3 BlackBerry Device Manager; "C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 KMWDFILTER; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [17408 2008-10-09] (Windows ® Codename Longhorn DDK provider)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\71596BED.sys [114904 2014-10-20] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation)
S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2687512 2009-04-30] (Logitech Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 aqrkdqll; \??\C:\Windows\system32\drivers\aqrkdqll.sys [X]
S1 bhyzpinj; \??\C:\Windows\system32\drivers\bhyzpinj.sys [X]
S1 eketespp; \??\C:\Windows\system32\drivers\eketespp.sys [X]
S1 huxxtgey; \??\C:\Windows\system32\drivers\huxxtgey.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S1 jfusozka; \??\C:\Windows\system32\drivers\jfusozka.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-28 21:34 - 2014-10-28 21:37 - 00016077 _____ () C:\Users\owner\Desktop\FRST.txt
2014-10-28 21:33 - 2014-10-28 21:33 - 01104896 _____ (Farbar) C:\Users\owner\Desktop\FRST.exe
2014-10-28 21:32 - 2014-10-28 21:34 - 00000000 ____D () C:\FRST
2014-10-25 05:31 - 2014-10-25 05:31 - 00000206 _____ () C:\Users\owner\Desktop\▶ Undertaker Interview Part 1 - YouTube.url
2014-10-25 04:52 - 2014-10-25 04:52 - 00000000 ____D () C:\Users\owner\Documents\Any Video Converter
2014-10-25 04:51 - 2014-10-25 04:52 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Anvsoft
2014-10-25 04:51 - 2014-10-25 04:51 - 00000952 _____ () C:\Users\owner\Desktop\Any Video Converter.lnk
2014-10-25 04:51 - 2014-10-25 04:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft
2014-10-25 04:51 - 2014-10-25 04:51 - 00000000 ____D () C:\Program Files\AnvSoft
2014-10-25 02:12 - 2014-10-25 02:12 - 00000178 _____ () C:\Users\owner\Desktop\YouTube to mp3 Converter.url
2014-10-24 04:39 - 2014-10-24 04:39 - 00000244 _____ () C:\Users\owner\Desktop\Football Manager 2015  PC game  Download discounts at Green Man Gaming.url
2014-10-24 04:24 - 2014-10-24 04:24 - 00366032 _____ () C:\Users\owner\Downloads\Setup.exe
2014-10-21 03:21 - 2014-10-21 03:22 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-10-21 03:21 - 2014-10-21 03:22 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-10-21 03:21 - 2014-10-21 03:21 - 00000000 ____D () C:\Users\owner\AppData\Roaming\RHEng
2014-10-21 02:13 - 2014-10-21 02:13 - 00000034 _____ () C:\Windows\setupact.log
2014-10-21 02:13 - 2014-10-21 02:13 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-20 21:17 - 2014-10-20 21:17 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\71596BED.sys
2014-10-20 05:03 - 2014-10-20 05:03 - 00000206 _____ () C:\Users\owner\Desktop\▶ Are You Afraid Of The Dark - The Tale of the Curious Camera - YouTube.url
2014-10-19 04:19 - 2014-10-19 04:19 - 00000000 ____D () C:\Program Files\ESET
2014-10-19 04:08 - 2014-10-19 04:08 - 00000000 ____D () C:\Windows\ERUNT
2014-10-19 04:02 - 2014-10-19 04:06 - 00000000 ____D () C:\AdwCleaner
2014-10-19 02:05 - 2014-10-19 02:31 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-10-16 06:36 - 2014-10-21 03:30 - 00003126 _____ () C:\Windows\PFRO.log
2014-10-16 03:51 - 2014-10-16 03:51 - 00000000 ____D () C:\Program Files\sauferaweb
2014-10-16 03:12 - 2014-10-16 03:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat
2014-10-16 00:17 - 2014-10-16 00:17 - 00001931 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-16 00:17 - 2014-10-16 00:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-15 23:24 - 2014-10-20 21:17 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-15 23:24 - 2014-10-15 23:24 - 00000859 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-15 23:24 - 2014-10-15 23:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-15 23:23 - 2014-10-19 02:05 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-15 23:23 - 2014-10-15 23:23 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-10-15 23:23 - 2014-10-01 10:11 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-15 23:23 - 2014-10-01 10:11 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-15 22:22 - 2014-10-15 22:46 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-10-15 02:25 - 2014-06-15 22:18 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 02:25 - 2014-06-13 18:22 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 02:25 - 2014-06-13 18:22 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 02:17 - 2014-09-27 23:29 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 02:05 - 2014-09-04 23:27 - 00143360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2014-10-15 02:00 - 2014-09-16 16:56 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-14 23:11 - 2014-09-19 22:53 - 12364288 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-14 23:11 - 2014-09-19 22:44 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-14 23:11 - 2014-09-19 22:41 - 09739776 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-14 23:11 - 2014-09-19 22:39 - 01138688 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-14 23:11 - 2014-09-19 22:38 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-14 23:11 - 2014-09-19 22:37 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-14 23:11 - 2014-09-19 22:36 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-10-14 23:11 - 2014-09-19 22:36 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-14 23:11 - 2014-09-19 22:36 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-14 23:11 - 2014-09-19 22:35 - 01802752 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-14 23:11 - 2014-09-19 22:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-10-14 23:11 - 2014-09-19 22:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-14 23:11 - 2014-09-19 22:35 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-14 23:11 - 2014-09-19 22:35 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-10-14 23:11 - 2014-09-19 22:34 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-14 23:11 - 2014-09-19 22:34 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-14 23:11 - 2014-09-19 22:34 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-14 23:11 - 2014-09-19 22:34 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-14 23:11 - 2014-09-19 22:34 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-10-14 23:11 - 2014-09-19 22:34 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-10-14 23:11 - 2014-09-19 22:33 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-11 03:05 - 2014-10-26 05:54 - 00000000 ____D () C:\Users\owner\AppData\Local\WMTools Downloaded Files
2014-10-11 02:15 - 2014-10-11 02:15 - 00000000 ____D () C:\Users\owner\AppData\Local\FreemakeVideoConverter
2014-10-11 02:12 - 2014-10-21 03:21 - 00000000 ____D () C:\ProgramData\Freemake
2014-10-11 02:12 - 2014-10-21 03:21 - 00000000 ____D () C:\Program Files\Freemake
2014-10-11 02:12 - 2014-10-11 02:15 - 00000000 ____D () C:\Users\owner\Documents\Freemake
2014-10-10 03:27 - 2014-06-14 14:03 - 00218200 _____ () C:\Windows\system32\unrar.dll
2014-10-07 03:33 - 2014-10-07 03:33 - 00000000 ____D () C:\ProgramData\ShoppingDealFactory
2014-10-06 15:46 - 2014-10-06 15:46 - 00000330 _____ () C:\Users\owner\Desktop\Womens Ladies Plain Hoodie Plus Sizes Hooded Zip Zipper Tops Jackets Coat 8-22  eBay.url
2014-10-06 15:45 - 2014-10-06 15:45 - 00000303 _____ () C:\Users\owner\Desktop\NEW WOMEN PLAIN ZIP HOODIES SWEATSHIRT JUMPER 2 POCKET LADIES FLEECE HOODED JACKET TOP UK SIZE 8-34 Amazon.co.uk Clothing.url
2014-10-02 08:26 - 2014-10-19 06:12 - 00000000 ____D () C:\ProgramData\Performance Optimizer

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-28 21:37 - 2014-05-26 04:58 - 01580294 _____ () C:\Windows\WindowsUpdate.log
2014-10-28 21:28 - 2006-11-02 10:33 - 00771700 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-28 21:22 - 2012-06-07 04:40 - 00002393 ___SH () C:\Windows\system32\mmf.sys
2014-10-28 21:21 - 2011-04-21 16:12 - 00000880 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-28 21:21 - 2006-11-02 13:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-28 21:21 - 2006-11-02 12:47 - 00004928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-28 21:21 - 2006-11-02 12:47 - 00004928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-28 13:55 - 2006-11-02 13:01 - 00032624 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-28 13:51 - 2014-09-11 01:37 - 00000000 ____D () C:\Users\owner\Desktop\Football video
2014-10-28 13:51 - 2012-04-25 15:38 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-28 13:19 - 2011-04-21 16:12 - 00000884 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-28 02:35 - 2011-04-21 09:42 - 00005108 _____ () C:\Users\owner\Desktop\are you afaird of the dark season 1.txt
2014-10-27 03:22 - 2011-07-17 07:56 - 00000000 ____D () C:\Users\owner\Desktop\football clips
2014-10-26 18:58 - 2011-04-04 18:15 - 00000000 ____D () C:\Users\owner\Desktop\linseyannloves andy so much xxxxxxxxx
2014-10-26 05:54 - 2011-04-21 19:24 - 00118272 _____ () C:\Users\owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-26 05:52 - 2014-01-17 06:33 - 00000000 ____D () C:\Users\owner\Desktop\Mussiccss
2014-10-24 02:38 - 2011-10-07 01:41 - 00000000 ____D () C:\Program Files\Steam
2014-10-24 02:36 - 2011-10-07 01:41 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-10-21 17:03 - 2011-04-25 16:44 - 00000000 ____D () C:\Users\owner\AppData\Local\Apple Computer
2014-10-20 05:52 - 2012-01-12 22:08 - 00000000 ____D () C:\Users\owner\Desktop\Gifs
2014-10-19 03:38 - 2014-07-06 04:34 - 00000000 ____D () C:\Users\owner\AppData\Roaming\IObit
2014-10-19 03:38 - 2011-04-26 00:07 - 00000000 ____D () C:\Program Files\IObit
2014-10-18 19:12 - 2011-04-25 16:44 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Apple Computer
2014-10-18 18:32 - 2012-08-23 11:41 - 00007160 _____ () C:\Users\owner\AppData\Local\d3d9caps.dat
2014-10-16 14:07 - 2006-11-02 11:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-10-16 03:51 - 2014-04-25 00:50 - 00000000 ____D () C:\ProgramData\2a2a97e6690bd4bd
2014-10-16 03:25 - 2008-08-21 20:07 - 00000000 ____D () C:\Users\owner
2014-10-16 03:20 - 2011-04-21 16:10 - 00000000 ____D () C:\Users\Public\Documents\Sports Interactive
2014-10-16 00:17 - 2011-04-21 16:12 - 00000000 ____D () C:\Users\owner\AppData\Local\Google
2014-10-16 00:14 - 2011-04-21 16:12 - 00000000 ____D () C:\Program Files\Google
2014-10-15 22:07 - 2011-10-07 02:06 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-10-15 02:16 - 2013-08-09 02:06 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-15 02:08 - 2006-11-02 10:24 - 100290944 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-10-03 03:46 - 2006-11-02 12:37 - 00000000 ____D () C:\Windows\ShellNew

Some content of TEMP:
====================
C:\Users\owner\AppData\Local\Temp\HitmanPro.exe
C:\Users\owner\AppData\Local\Temp\Quarantine.exe
C:\Users\owner\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-10-28 21:29

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 27-10-2014 01
Ran by owner at 2014-10-28 21:38:37
Running from C:\Users\owner\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.7.0.19480 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Amazon MP3 Downloader 1.0.18 (HKCU\...\Amazon MP3 Downloader) (Version: 1.0.18 - Amazon Services LLC)
Any Video Converter 5.7.3 (HKLM\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (HKLM\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C0CC75CD-F5B7-46AD-B016-17C0F5171718}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ask Toolbar Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.1.22229 - Ask.com) <==== ATTENTION
BlackBerry Device Software Updater (HKLM\...\{29F6BF0C-3D0E-4480-8B55-85EDECE418FF}) (Version: 7.1.0.89 - Research In Motion Ltd)
Bonjour (HKLM\...\{07287123-B8AC-41CE-8346-3D777245C35B}) (Version: 1.0.106 - Apple Inc.)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
Football Manager 2014 (HKLM\...\Steam App 231670) (Version:  - Sports Interactive)
Google Chrome (HKLM\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden
iCloud (HKLM\...\{79BD66B2-4DAE-4C3B-B08E-DC72E507C163}) (Version: 2.1.3.25 - Apple Inc.)
iTunes (HKLM\...\{F32DC846-4457-40A8-BECA-BCC0E960BC53}) (Version: 11.4.0.18 - Apple Inc.)
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MobileMe Control Panel (HKLM\...\{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}) (Version: 3.1.8.0 - Apple Inc.)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nokia Connectivity Cable Driver (HKLM\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
OEM Logo and Information (HKLM\...\OEMInformation) (Version:  - ATI)
OpenOffice.org 3.4 (HKLM\...\{51071D66-D034-4239-94E0-723FCA10B6FE}) (Version: 3.4.9590 - OpenOffice.org)
PC Connectivity Solution (HKLM\...\{DA5B2BDC-F654-4A88-A669-4D34BC7846A1}) (Version: 12.0.17.0 - Nokia)
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RealDownloader (Version: 1.3.1 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.0 - RealNetworks)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1026 - SUPERAntiSpyware.com)
TEW2013 (HKLM\...\TEW2013) (Version:  - )
TuneUp Utilities 2014 (en-GB) (Version: 14.0.1000.340 - TuneUp Software) Hidden
Unity Web Player (HKLM\...\UnityWebPlayer) (Version: 1.6.2_8001 - Over The Edge I/S)
VoiceOver Kit (HKLM\...\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}) (Version: 1.42.128.0 - Apple Inc.)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WiseConvert Toolbar (HKLM\...\WiseConvert Toolbar) (Version: 6.8.9.0 - WiseConvert)
Yontoo 1.10.02 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 1.10.02 - Yontoo LLC) <==== ATTENTION

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3989665145-2683519491-738594959-1000_Classes\CLSID\{00b7e0ab-817a-44ad-a04b-d1148d524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3989665145-2683519491-738594959-1000_Classes\CLSID\{7c6e29bc-8b8b-4c3d-859e-af6cd158be0f}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3989665145-2683519491-738594959-1000_Classes\CLSID\{88d969c0-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3989665145-2683519491-738594959-1000_Classes\CLSID\{88d969c1-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3989665145-2683519491-738594959-1000_Classes\CLSID\{88d969c2-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3989665145-2683519491-738594959-1000_Classes\CLSID\{88d969c3-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3989665145-2683519491-738594959-1000_Classes\CLSID\{88d969c4-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3989665145-2683519491-738594959-1000_Classes\CLSID\{88d969c5-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3989665145-2683519491-738594959-1000_Classes\CLSID\{88d969c6-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3989665145-2683519491-738594959-1000_Classes\CLSID\{88d969c8-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3989665145-2683519491-738594959-1000_Classes\CLSID\{88d969c9-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3989665145-2683519491-738594959-1000_Classes\CLSID\{88d969ca-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3989665145-2683519491-738594959-1000_Classes\CLSID\{88d969d6-f192-11d4-a65f-0040963251e5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)

==================== Restore Points  =========================

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 10:23 - 2006-09-18 21:41 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0F2CF724-CDED-427E-9E3D-F52CA381EBAD} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3989665145-2683519491-738594959-1000 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [2013-03-06] (RealNetworks, Inc.)
Task: {12283800-576A-4332-9CA8-DA0782C8CAE0} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3989665145-2683519491-738594959-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-03-06] (RealNetworks, Inc.)
Task: {132FEAFD-BC9A-4182-A651-70A42E542E68} - System32\Tasks\Apple Diagnostics => C:\Program Files\Common Files\Apple\Internet Services\EReporter.exe [2013-10-31] (Apple Inc.)
Task: {15EB364E-ECEF-49B3-A50C-7A8EC03396F2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-04-21] (Google Inc.)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {2604765C-97AA-4EF0-A0C7-A789E3F8215E} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3989665145-2683519491-738594959-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-03-06] (RealNetworks, Inc.)
Task: {2FDDCDEB-64AD-41F5-A6C7-09C246FF0D37} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-04-21] (Google Inc.)
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {32B983A1-BECC-4E5A-9B62-89EA4B1200EC} - System32\Tasks\LaunchSignup => C:\Program Files\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {34DFD52A-0F6F-4D9C-94D2-2E6C77363775} - System32\Tasks\RunAsStdUser Task => C:\Program Files\ClickPotatoLite\bin\10.0.728.0\ClickPotatoLiteSA.exe
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {5431B7D6-2ADF-47F9-8E3C-D0C52EA3267F} - \Browser Manager No Task File <==== ATTENTION
Task: {5DDD602A-EC0B-49B0-8874-2E2E04D102E9} - System32\Tasks\Check for updates (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {628F8AC0-FFA6-4F48-8B30-BA092451EB69} - System32\Tasks\Scan the system (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {6C4E2463-238C-4931-9424-EA8D3EA8A75D} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3989665145-2683519491-738594959-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-03-06] (RealNetworks, Inc.)
Task: {6D0D02CF-9B5E-4968-8DC0-525702C26536} - System32\Tasks\Refresh immunization (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {715904CD-BADA-465E-A7C7-1DB3AB802E11} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3989665145-2683519491-738594959-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-03-06] (RealNetworks, Inc.)
Task: {7AECC5DA-A229-45EA-966C-9FB78199EC63} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-23] (Adobe Systems Incorporated)
Task: {AA4C51F5-C189-420A-90B1-9DB8CB1B36F1} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {AB107358-57E9-4C28-A0FE-8FDDC56DDA78} - \GoforFilesUpdate No Task File <==== ATTENTION
Task: {D7726DAF-040A-4CCE-9880-FAC5032C1FE5} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3989665145-2683519491-738594959-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-03-06] (RealNetworks, Inc.)
Task: {E25BC189-8E7F-455A-898F-4D4990B2DE8C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {E549303A-45E3-4346-A359-56929BF1A123} - \ASP No Task File <==== ATTENTION
Task: {FC281D2E-CA3E-4214-972E-5B1E8FD2A6FC} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3989665145-2683519491-738594959-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-03-06] (RealNetworks, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2006-11-02 10:25 - 2008-06-03 02:35 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll
2014-02-12 19:58 - 2014-02-12 19:58 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 19:58 - 2014-02-12 19:58 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-06-07 04:40 - 2012-06-07 04:40 - 00002560 _____ () C:\Windows\runservice.exe
2012-06-07 04:40 - 2012-06-07 04:40 - 00048640 _____ () C:\Windows\mmfs.dll
2013-03-06 01:21 - 2013-03-06 01:21 - 00039056 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:8CE646EE
AlternateDataStreams: C:\ProgramData\TEMP:FAC5BCF5

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AmazonMP3DownloaderHelper => \Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
MSCONFIG\startupreg: ApnUpdater => "C:\Program Files\Ask.com\Updater\Updater.exe"
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ehTray.exe => C:\Windows\ehome\ehTray.exe
MSCONFIG\startupreg: iLivid => "C:\Users\owner\AppData\Local\iLivid\iLivid.exe" -autorun
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: msnmsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: MyWebSearch Email Plugin => C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe
MSCONFIG\startupreg: NokiaMServer => C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
MSCONFIG\startupreg: SearchEngineProtection => C:\Program Files\Gamesbar\SearchEngineProtection.exe
MSCONFIG\startupreg: Steam => "C:\Program Files\Steam\steam.exe" -silent
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: TkBellExe => "C:\Program Files\Real\RealPlayer\update\realsched.exe"  -osboot
MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide
MSCONFIG\startupreg: WMPNSCFG => C:\Program Files\Windows Media Player\WMPNSCFG.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-3989665145-2683519491-738594959-500 - Administrator - Disabled)
Guest (S-1-5-21-3989665145-2683519491-738594959-501 - Limited - Disabled)
owner (S-1-5-21-3989665145-2683519491-738594959-1000 - Administrator - Enabled) => C:\Users\owner

==================== Faulty Device Manager Devices =============

Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (10/28/2014 00:57:34 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/28/2014 02:12:21 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/27/2014 03:19:51 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\OWNER\DESKTOP\PHOTOS ABOUT #HIAC ON TWITTER_FILES\B06-VKWIMAAYABA.PNG> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)

Error: (10/27/2014 03:19:51 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\OWNER\DESKTOP\PHOTOS ABOUT #HIAC ON TWITTER_FILES\B06-0ZIICAA-IMY.PNG> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)

Error: (10/27/2014 03:19:51 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\OWNER\DESKTOP\PHOTOS ABOUT #HIAC ON TWITTER_FILES\B06_HQVIEAA8Y5W.JPG> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)

Error: (10/27/2014 03:19:50 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\OWNER\DESKTOP\PHOTOS ABOUT #HIAC ON TWITTER_FILES\B06_HOFIEAEUALC.JPG> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)

Error: (10/27/2014 03:19:50 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\OWNER\DESKTOP\PHOTOS ABOUT #HIAC ON TWITTER_FILES\B06_HDMICAMP4-H.JPG> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)

Error: (10/27/2014 03:19:50 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\OWNER\DESKTOP\PHOTOS ABOUT #HIAC ON TWITTER_FILES\B06_QXCIEAABCIC.JPG> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)

Error: (10/27/2014 03:19:50 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\OWNER\DESKTOP\PHOTOS ABOUT #HIAC ON TWITTER_FILES\B06_UR0IEAALT_M.JPG> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)

Error: (10/27/2014 03:19:50 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\OWNER\DESKTOP\PHOTOS ABOUT #HIAC ON TWITTER_FILES\B06_A5WCIAER1VY.JPG> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)

System errors:
=============
Error: (10/28/2014 09:22:55 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: i8042prt

Error: (10/28/2014 09:22:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Performance Optimizer

Error: (10/28/2014 09:22:42 PM) (Source: Microsoft Antimalware) (EventID: 1119) (User: )
Description: %Trojan:Win32/Kovter.C60 has encountered a critical error when taking action on malware or other potentially unwanted software.

For more information please see the following:
%Trojan:Win32/Kovter.C603

 Name: Trojan:Win32/Kovter.C

 ID: 2147684944

 Severity: %Trojan:Win32/Kovter.C600

 Category: %Trojan:Win32/Kovter.C602

 Path: 4.6.0305.02

 Detection Origin: 4.6.0305.04

 Detection Type: 4.6.0305.08

 Detection Source: %Trojan:Win32/Kovter.C608

 User: {57120C85-057A-43EB-9DDE-5EF969385CA6}9

 Process Name: %Trojan:Win32/Kovter.C609

 Action: {57120C85-057A-43EB-9DDE-5EF969385CA6}1

 Action Status:  {57120C85-057A-43EB-9DDE-5EF969385CA6}8

 Error Code: {57120C85-057A-43EB-9DDE-5EF969385CA6}3

 Error description: {57120C85-057A-43EB-9DDE-5EF969385CA6}4

 Signature Version: 2014-10-28T21:21:57.186Z1

 Engine Version: 2014-10-28T21:21:57.186Z2

Error: (10/28/2014 09:21:09 PM) (Source: volmgr) (EventID: 49) (User: )
Description: Configuring the Page file for crash dump failed. Make sure there is a page
file on the boot partition and that is large enough to contain all physical
memory.

Error: (10/28/2014 09:21:03 PM) (Source: volmgr) (EventID: 49) (User: )
Description: Configuring the Page file for crash dump failed. Make sure there is a page
file on the boot partition and that is large enough to contain all physical
memory.

Error: (10/28/2014 01:27:12 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (10/28/2014 00:58:16 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: i8042prt

Error: (10/28/2014 00:58:16 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Performance Optimizer

Error: (10/28/2014 00:58:07 PM) (Source: Microsoft Antimalware) (EventID: 1119) (User: )
Description: %Trojan:Win32/Kovter.C60 has encountered a critical error when taking action on malware or other potentially unwanted software.

For more information please see the following:
%Trojan:Win32/Kovter.C603

 Name: Trojan:Win32/Kovter.C

 ID: 2147684944

 Severity: %Trojan:Win32/Kovter.C600

 Category: %Trojan:Win32/Kovter.C602

 Path: 4.6.0305.02

 Detection Origin: 4.6.0305.04

 Detection Type: 4.6.0305.08

 Detection Source: %Trojan:Win32/Kovter.C608

 User: {A085C1F0-D75A-42D2-8B88-AEB3ADF06AAC}9

 Process Name: %Trojan:Win32/Kovter.C609

 Action: {A085C1F0-D75A-42D2-8B88-AEB3ADF06AAC}1

 Action Status:  {A085C1F0-D75A-42D2-8B88-AEB3ADF06AAC}8

 Error Code: {A085C1F0-D75A-42D2-8B88-AEB3ADF06AAC}3

 Error description: {A085C1F0-D75A-42D2-8B88-AEB3ADF06AAC}4

 Signature Version: 2014-10-28T12:57:16.015Z1

 Engine Version: 2014-10-28T12:57:16.015Z2

Error: (10/28/2014 00:56:38 PM) (Source: volmgr) (EventID: 49) (User: )
Description: Configuring the Page file for crash dump failed. Make sure there is a page
file on the boot partition and that is large enough to contain all physical
memory.

Microsoft Office Sessions:
=========================
Error: (10/28/2014 00:57:34 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{EA1FAE0F-2354-4E32-B423-ABAE8E358F91}\recordingmanager.exe

Error: (10/28/2014 02:12:21 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{EA1FAE0F-2354-4E32-B423-ABAE8E358F91}\recordingmanager.exe

Error: (10/27/2014 03:19:51 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\OWNER\DESKTOP\PHOTOS ABOUT #HIAC ON TWITTER_FILES\B06-VKWIMAAYABA.PNG

Error: (10/27/2014 03:19:51 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\OWNER\DESKTOP\PHOTOS ABOUT #HIAC ON TWITTER_FILES\B06-0ZIICAA-IMY.PNG

Error: (10/27/2014 03:19:51 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\OWNER\DESKTOP\PHOTOS ABOUT #HIAC ON TWITTER_FILES\B06_HQVIEAA8Y5W.JPG

Error: (10/27/2014 03:19:50 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\OWNER\DESKTOP\PHOTOS ABOUT #HIAC ON TWITTER_FILES\B06_HOFIEAEUALC.JPG

Error: (10/27/2014 03:19:50 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\OWNER\DESKTOP\PHOTOS ABOUT #HIAC ON TWITTER_FILES\B06_HDMICAMP4-H.JPG

Error: (10/27/2014 03:19:50 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\OWNER\DESKTOP\PHOTOS ABOUT #HIAC ON TWITTER_FILES\B06_QXCIEAABCIC.JPG

Error: (10/27/2014 03:19:50 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\OWNER\DESKTOP\PHOTOS ABOUT #HIAC ON TWITTER_FILES\B06_UR0IEAALT_M.JPG

Error: (10/27/2014 03:19:50 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\OWNER\DESKTOP\PHOTOS ABOUT #HIAC ON TWITTER_FILES\B06_A5WCIAER1VY.JPG

CodeIntegrity Errors:
===================================
  Date: 2014-10-28 21:38:06.565
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-28 21:38:06.230
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-28 21:38:05.892
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-28 21:38:05.526
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-28 21:38:04.821
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-28 21:38:04.488
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-28 21:38:04.158
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-28 21:38:03.759
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-20 22:32:32.471
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-20 22:32:32.205
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel® Pentium® D CPU 3.00GHz
Percentage of memory in use: 57%
Total physical RAM: 1790.58 MB
Available physical RAM: 756.47 MB
Total Pagefile: 2324.03 MB
Available Pagefile: 1213.41 MB
Total Virtual: 2047.88 MB
Available Virtual: 1903.18 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:149.05 GB) (Free:0.09 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149.1 GB) (Disk ID: C181D644)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)

==================== End Of Log ============================



#6 LiquidTension

LiquidTension

  • Malware Response Team
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:13 PM

Posted 28 October 2014 - 08:55 PM

Attach the TDSSKiller log from STEP 2 when ready please.


Posted Image

#7 G8888

G8888
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:05:13 PM

Posted 28 October 2014 - 10:17 PM

When i tried to change the parameters it came up to reboot, So i did the reboot then what it says after.

 

03:10:05.0194 0x0cc0  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
03:10:05.0429 0x0cc0  ============================================================
03:10:05.0429 0x0cc0  Current date / time: 2014/10/29 03:10:05.0429
03:10:05.0429 0x0cc0  SystemInfo:
03:10:05.0429 0x0cc0 
03:10:05.0429 0x0cc0  OS Version: 6.0.6002 ServicePack: 2.0
03:10:05.0429 0x0cc0  Product type: Workstation
03:10:05.0429 0x0cc0  ComputerName: OWNER-PC
03:10:05.0429 0x0cc0  UserName: owner
03:10:05.0429 0x0cc0  Windows directory: C:\Windows
03:10:05.0429 0x0cc0  System windows directory: C:\Windows
03:10:05.0429 0x0cc0  Processor architecture: Intel x86
03:10:05.0429 0x0cc0  Number of processors: 2
03:10:05.0429 0x0cc0  Page size: 0x1000
03:10:05.0429 0x0cc0  Boot type: Normal boot
03:10:05.0429 0x0cc0  ============================================================
03:10:05.0429 0x0cc0  BG loaded
03:10:06.0635 0x0cc0  System UUID: {BB05DBAF-5245-718D-BAA0-F8B7BAB5C73C}
03:10:10.0310 0x0cc0  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 ( 149.05 Gb ), SectorSize: 0x200, Cylinders: 0x4BB55, SectorsPerTrack: 0x10, TracksPerCylinder: 0x3F, Type 'K0', Flags 0x00000040
03:10:10.0528 0x0cc0  ============================================================
03:10:10.0528 0x0cc0  \Device\Harddisk0\DR0:
03:10:10.0576 0x0cc0  MBR partitions:
03:10:10.0576 0x0cc0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x12A18800
03:10:10.0576 0x0cc0  ============================================================
03:10:11.0045 0x0cc0  C: <-> \Device\Harddisk0\DR0\Partition1
03:10:11.0045 0x0cc0  ============================================================
03:10:11.0045 0x0cc0  Initialize success
03:10:11.0045 0x0cc0  ============================================================
03:10:30.0670 0x0da8  ============================================================
03:10:30.0670 0x0da8  Scan started
03:10:30.0670 0x0da8  Mode: Manual;
03:10:30.0670 0x0da8  ============================================================
03:10:30.0670 0x0da8  KSN ping started
03:10:33.0007 0x0da8  KSN ping finished: true
03:10:44.0211 0x0da8  ================ Scan system memory ========================
03:10:44.0211 0x0da8  System memory - ok
03:10:44.0211 0x0da8  ================ Scan services =============================
03:10:44.0367 0x0da8  [ 51F207D5A9E7B2E76BEE59C05CCC23C4, BE78957DD197777D899FAFBBE71E2FDB5DB9AC6AC4F1595A562FD362429BED6B ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
03:10:44.0445 0x0da8  !SASCORE - ok
03:10:51.0325 0x0da8  [ 4B555106290BD117334E9A08761C035A, 8A3808FBC197040BF0C65084514E8441E35FFFF8E31980F9CE1F41ED65E08437 ] 892cc6a3        C:\Windows\system32\rundll32.exe
03:10:51.0325 0x0da8  892cc6a3 - ok
03:10:52.0091 0x0da8  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
03:10:52.0232 0x0da8  ACPI - ok
03:10:52.0482 0x0da8  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
03:10:52.0529 0x0da8  AdobeARMservice - ok
03:10:52.0857 0x0da8  [ 4ECFCAAE5CB380F58934F0DCF5F64E7F, D82B37E57D93484D7A3CB65470BCD54A578A695F0203A8DD441B1348C1EEA751 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
03:10:53.0076 0x0da8  AdobeFlashPlayerUpdateSvc - ok
03:10:53.0162 0x0da8  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
03:10:53.0204 0x0da8  adp94xx - ok
03:10:53.0313 0x0da8  [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
03:10:53.0360 0x0da8  adpahci - ok
03:10:53.0423 0x0da8  [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
03:10:53.0438 0x0da8  adpu160m - ok
03:10:53.0470 0x0da8  [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
03:10:53.0485 0x0da8  adpu320 - ok
03:10:53.0532 0x0da8  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
03:10:53.0595 0x0da8  AeLookupSvc - ok
03:10:53.0923 0x0da8  [ F5272A105F59A7B3B345D9D6D87DA7AD, 9E84776994D04240BF2537330DBB555EDE16DFCFC59DEDCBA05A44ED7F70BEFA ] AFD             C:\Windows\system32\drivers\afd.sys
03:10:53.0938 0x0da8  AFD - ok
03:10:54.0079 0x0da8  [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440          C:\Windows\system32\drivers\agp440.sys
03:10:54.0157 0x0da8  agp440 - ok
03:10:54.0266 0x0da8  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
03:10:54.0360 0x0da8  aic78xx - ok
03:10:54.0438 0x0da8  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
03:10:54.0438 0x0da8  ALG - ok
03:10:54.0563 0x0da8  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B40EB044A318319F ] aliide          C:\Windows\system32\drivers\aliide.sys
03:10:54.0720 0x0da8  aliide - ok
03:10:55.0016 0x0da8  [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
03:10:55.0188 0x0da8  amdagp - ok
03:10:55.0360 0x0da8  [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B613F5553B145C7B ] amdide          C:\Windows\system32\drivers\amdide.sys
03:10:55.0595 0x0da8  amdide - ok
03:10:56.0001 0x0da8  [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
03:10:56.0110 0x0da8  AmdK7 - ok
03:10:56.0298 0x0da8  [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
03:10:56.0360 0x0da8  AmdK8 - ok
03:10:56.0595 0x0da8  [ 8F7D200717A58E9800D391F4C2101577, F07CF0F5636F46D8F3D5133284943E991E8739E5A644BCA5F18BB896B374620D ] Appinfo         C:\Windows\System32\appinfo.dll
03:10:56.0595 0x0da8  Appinfo - ok
03:10:57.0939 0x0da8  [ 608D6A90E989C6522F170E5526A64BF4, 36EDD07DF6BD2D20121F63CF720C289FCCF7C53574D37F99C2F9ED68298D655B ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
03:10:57.0955 0x0da8  Apple Mobile Device - ok
03:10:58.0440 0x0da8  aqrkdqll - ok
03:10:58.0800 0x0da8  [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc             C:\Windows\system32\drivers\arc.sys
03:10:58.0940 0x0da8  arc - ok
03:10:59.0128 0x0da8  [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
03:10:59.0237 0x0da8  arcsas - ok
03:10:59.0816 0x0da8  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
03:11:00.0019 0x0da8  aspnet_state - ok
03:11:00.0066 0x0da8  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
03:11:00.0082 0x0da8  AsyncMac - ok
03:11:00.0113 0x0da8  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys
03:11:00.0129 0x0da8  atapi - ok
03:11:00.0269 0x0da8  [ 86FB6B8DDBCB6E025CE8A90F77AF1FF1, BA0D5BCABD354D86AEE228C9135E643D5DBB4F538BAF4BA4CEEE2D5504BD0D34 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
03:11:00.0301 0x0da8  Ati External Event Utility - ok
03:11:00.0988 0x0da8  [ A23EFB72057FED7128EB558866055FDF, 22B75605C359D84F982AF583C552A849F332B06025BE9DC7DC1118CC23E67821 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
03:11:01.0222 0x0da8  atikmdag - ok
03:11:01.0598 0x0da8  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
03:11:01.0598 0x0da8  AudioEndpointBuilder - ok
03:11:01.0723 0x0da8  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
03:11:01.0739 0x0da8  Audiosrv - ok
03:11:01.0848 0x0da8  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
03:11:01.0848 0x0da8  Beep - ok
03:11:02.0005 0x0da8  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
03:11:02.0020 0x0da8  BFE - ok
03:11:02.0083 0x0da8  bhyzpinj - ok
03:11:02.0412 0x0da8  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\System32\qmgr.dll
03:11:02.0443 0x0da8  BITS - ok
03:11:02.0631 0x0da8  BlackBerry Device Manager - ok
03:11:02.0803 0x0da8  [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
03:11:02.0834 0x0da8  blbdrive - ok
03:11:03.0021 0x0da8  [ 3F56903E124E820AEECE6D471583C6C1, B3C045AFACC8A8F5DC289ADE9ACFB2FE7F9CA24A900BBAED47E2A63837208CB3 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
03:11:03.0021 0x0da8  Bonjour Service - ok
03:11:03.0099 0x0da8  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
03:11:03.0099 0x0da8  bowser - ok
03:11:03.0209 0x0da8  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
03:11:03.0271 0x0da8  BrFiltLo - ok
03:11:03.0397 0x0da8  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
03:11:03.0428 0x0da8  BrFiltUp - ok
03:11:03.0538 0x0da8  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
03:11:03.0757 0x0da8  Browser - ok
03:11:03.0819 0x0da8  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
03:11:03.0913 0x0da8  Brserid - ok
03:11:04.0007 0x0da8  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
03:11:04.0085 0x0da8  BrSerWdm - ok
03:11:04.0147 0x0da8  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
03:11:04.0257 0x0da8  BrUsbMdm - ok
03:11:04.0335 0x0da8  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
03:11:04.0414 0x0da8  BrUsbSer - ok
03:11:04.0508 0x0da8  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
03:11:04.0554 0x0da8  BTHMODEM - ok
03:11:04.0883 0x0da8  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
03:11:04.0883 0x0da8  cdfs - ok
03:11:04.0929 0x0da8  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
03:11:04.0929 0x0da8  cdrom - ok
03:11:04.0992 0x0da8  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
03:11:04.0992 0x0da8  CertPropSvc - ok
03:11:05.0023 0x0da8  [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass        C:\Windows\system32\drivers\circlass.sys
03:11:05.0023 0x0da8  circlass - ok
03:11:05.0086 0x0da8  [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS            C:\Windows\system32\CLFS.sys
03:11:05.0117 0x0da8  CLFS - ok
03:11:05.0415 0x0da8  [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
03:11:05.0524 0x0da8  clr_optimization_v2.0.50727_32 - ok
03:11:05.0618 0x0da8  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
03:11:06.0305 0x0da8  clr_optimization_v4.0.30319_32 - ok
03:11:06.0352 0x0da8  [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC4652953091E5C5 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
03:11:06.0478 0x0da8  cmdide - ok
03:11:06.0510 0x0da8  [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
03:11:06.0541 0x0da8  Compbatt - ok
03:11:06.0541 0x0da8  COMSysApp - ok
03:11:06.0619 0x0da8  [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
03:11:06.0619 0x0da8  crcdisk - ok
03:11:06.0650 0x0da8  [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
03:11:06.0697 0x0da8  Crusoe - ok
03:11:06.0775 0x0da8  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
03:11:06.0775 0x0da8  CryptSvc - ok
03:11:06.0916 0x0da8  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll
03:11:06.0931 0x0da8  DcomLaunch - ok
03:11:06.0978 0x0da8  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
03:11:06.0978 0x0da8  DfsC - ok
03:11:07.0400 0x0da8  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
03:11:08.0370 0x0da8  DFSR - ok
03:11:08.0449 0x0da8  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
03:11:08.0449 0x0da8  Dhcp - ok
03:11:08.0496 0x0da8  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
03:11:08.0496 0x0da8  disk - ok
03:11:08.0558 0x0da8  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
03:11:08.0558 0x0da8  Dnscache - ok
03:11:08.0652 0x0da8  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
03:11:08.0668 0x0da8  dot3svc - ok
03:11:08.0761 0x0da8  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
03:11:08.0761 0x0da8  DPS - ok
03:11:08.0808 0x0da8  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
03:11:08.0808 0x0da8  drmkaud - ok
03:11:08.0902 0x0da8  [ 5C2C209CDEFBC51D83D66E8A53B2BE89, 7AE68672A6BEEF601017BE28AA0BF3673318EFE97AA08E70F58A9391C54DF71F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
03:11:08.0918 0x0da8  DXGKrnl - ok
03:11:08.0965 0x0da8  [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
03:11:08.0996 0x0da8  E1G60 - ok
03:11:09.0043 0x0da8  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
03:11:09.0043 0x0da8  EapHost - ok
03:11:09.0074 0x0da8  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache          C:\Windows\system32\drivers\ecache.sys
03:11:09.0074 0x0da8  Ecache - ok
03:11:09.0277 0x0da8  [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
03:11:09.0277 0x0da8  ehRecvr - ok
03:11:09.0324 0x0da8  [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched         C:\Windows\ehome\ehsched.exe
03:11:09.0324 0x0da8  ehSched - ok
03:11:09.0340 0x0da8  [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart         C:\Windows\ehome\ehstart.dll
03:11:09.0340 0x0da8  ehstart - ok
03:11:09.0371 0x0da8  eketespp - ok
03:11:09.0528 0x0da8  [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
03:11:09.0747 0x0da8  elxstor - ok
03:11:09.0872 0x0da8  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
03:11:09.0887 0x0da8  EMDMgmt - ok
03:11:09.0919 0x0da8  [ A81AB23EDDB4693612014D87367D014C, 6AF1B0D3C3A61710A31B11C531E090C363C34A3D7C6365FDFA2B425F03E9EBAB ] ErrDev          C:\Windows\system32\drivers\errdev.sys
03:11:09.0934 0x0da8  ErrDev - ok
03:11:10.0028 0x0da8  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
03:11:10.0028 0x0da8  EventSystem - ok
03:11:10.0169 0x0da8  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
03:11:10.0262 0x0da8  exfat - ok
03:11:10.0356 0x0da8  [ 4E404505B3F62ECFBDBCBBCF0A72DBC5, 9F446ED06A31BFE52C4F1E8ACC400B8E3F47A3CC02FFC950DB861B2B3BA4C5B9 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
03:11:10.0498 0x0da8  fastfat - ok
03:11:10.0638 0x0da8  [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
03:11:10.0685 0x0da8  fdc - ok
03:11:10.0888 0x0da8  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
03:11:10.0904 0x0da8  fdPHost - ok
03:11:11.0076 0x0da8  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
03:11:11.0076 0x0da8  FDResPub - ok
03:11:11.0123 0x0da8  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
03:11:11.0170 0x0da8  FileInfo - ok
03:11:11.0263 0x0da8  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
03:11:11.0310 0x0da8  Filetrace - ok
03:11:11.0342 0x0da8  [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
03:11:11.0357 0x0da8  flpydisk - ok
03:11:11.0467 0x0da8  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
03:11:11.0467 0x0da8  FltMgr - ok
03:11:11.0874 0x0da8  [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache       C:\Windows\system32\FntCache.dll
03:11:11.0889 0x0da8  FontCache - ok
03:11:12.0108 0x0da8  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
03:11:12.0218 0x0da8  FontCache3.0.0.0 - ok
03:11:12.0264 0x0da8  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
03:11:12.0264 0x0da8  Fs_Rec - ok
03:11:12.0327 0x0da8  [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
03:11:12.0343 0x0da8  gagp30kx - ok
03:11:12.0405 0x0da8  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
03:11:12.0405 0x0da8  GEARAspiWDM - ok
03:11:12.0483 0x0da8  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll
03:11:12.0499 0x0da8  gpsvc - ok
03:11:12.0812 0x0da8  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
03:11:12.0812 0x0da8  gupdate - ok
03:11:12.0922 0x0da8  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
03:11:12.0922 0x0da8  gupdatem - ok
03:11:13.0109 0x0da8  [ 3F90E001369A07243763BD5A523D8722, 25907F85787D879E75C3FE74C93567382AFB2D528BEEC61D71E3A6BE2D71DFBE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
03:11:13.0125 0x0da8  HdAudAddService - ok
03:11:13.0437 0x0da8  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
03:11:13.0453 0x0da8  HDAudBus - ok
03:11:13.0500 0x0da8  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
03:11:13.0515 0x0da8  HidBth - ok
03:11:13.0579 0x0da8  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
03:11:13.0641 0x0da8  HidIr - ok
03:11:13.0751 0x0da8  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\system32\hidserv.dll
03:11:13.0751 0x0da8  hidserv - ok
03:11:13.0782 0x0da8  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
03:11:13.0813 0x0da8  HidUsb - ok
03:11:13.0829 0x0da8  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
03:11:13.0845 0x0da8  hkmsvc - ok
03:11:13.0876 0x0da8  [ 7EBEC5EB56B90ED65A8BBD91464E5CFB, 1CBDF532EFFFD564F79A45B2204BF02D9E6AC390796928DBE6DE9AF73E20C4B3 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
03:11:13.0876 0x0da8  HpCISSs - ok
03:11:13.0938 0x0da8  [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
03:11:13.0954 0x0da8  HTTP - ok
03:11:13.0970 0x0da8  huxxtgey - ok
03:11:14.0048 0x0da8  [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
03:11:14.0110 0x0da8  i2omp - ok
03:11:14.0188 0x0da8  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
03:11:14.0204 0x0da8  i8042prt - ok
03:11:14.0266 0x0da8  [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
03:11:14.0329 0x0da8  iaStorV - ok
03:11:14.0532 0x0da8  [ DD386C45D2B5863740166783448A2E7A, 10B912BA70306644BE73A53AF4DCDFF63880C4C5860FF6DBA92B0914EB566718 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
03:11:14.0627 0x0da8  idsvc - ok
03:11:14.0720 0x0da8  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
03:11:14.0736 0x0da8  iirsp - ok
03:11:14.0892 0x0da8  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll
03:11:14.0892 0x0da8  IKEEXT - ok
03:11:14.0955 0x0da8  [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide        C:\Windows\system32\drivers\intelide.sys
03:11:14.0955 0x0da8  intelide - ok
03:11:14.0986 0x0da8  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
03:11:14.0986 0x0da8  intelppm - ok
03:11:15.0017 0x0da8  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
03:11:15.0017 0x0da8  IPBusEnum - ok
03:11:15.0080 0x0da8  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
03:11:15.0095 0x0da8  IpFilterDriver - ok
03:11:15.0174 0x0da8  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
03:11:15.0174 0x0da8  iphlpsvc - ok
03:11:15.0189 0x0da8  IpInIp - ok
03:11:15.0205 0x0da8  [ 4B9C0F4D4A3ACC535F9771039ECD6365, C150DB53288BFC30B9CE8C061A5FF3AFCB4D6FFCB76CB4E6966191BB7B2E99EE ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
03:11:15.0252 0x0da8  IPMIDRV - ok
03:11:15.0299 0x0da8  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
03:11:15.0330 0x0da8  IPNAT - ok
03:11:15.0392 0x0da8  [ 781ABA6C29AD40259602703A328DAEC6, 2DB936C8DE6D4424C6A10D4200F3D7F97A3A129A3B1064A83AB9846C3A828BE0 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
03:11:15.0424 0x0da8  iPod Service - ok
03:11:15.0455 0x0da8  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
03:11:15.0455 0x0da8  IRENUM - ok
03:11:15.0502 0x0da8  [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
03:11:15.0517 0x0da8  isapnp - ok
03:11:15.0564 0x0da8  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
03:11:15.0564 0x0da8  iScsiPrt - ok
03:11:15.0601 0x0da8  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
03:11:15.0617 0x0da8  iteatapi - ok
03:11:15.0664 0x0da8  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
03:11:15.0726 0x0da8  iteraid - ok
03:11:15.0742 0x0da8  jfusozka - ok
03:11:15.0773 0x0da8  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
03:11:15.0773 0x0da8  kbdclass - ok
03:11:15.0836 0x0da8  [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
03:11:15.0836 0x0da8  kbdhid - ok
03:11:15.0961 0x0da8  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe
03:11:15.0961 0x0da8  KeyIso - ok
03:11:16.0054 0x0da8  [ 566C5FD480FDBCE3BA5CF9FBCFFAEA9A, 573681387B27FB2C8DC6612474B9BB8631F6CD3CED29AEBF91992606875724D2 ] KMWDFILTER      C:\Windows\system32\DRIVERS\KMWDFILTER.sys
03:11:16.0086 0x0da8  KMWDFILTER - ok
03:11:16.0461 0x0da8  [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
03:11:16.0523 0x0da8  KSecDD - ok
03:11:16.0618 0x0da8  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
03:11:16.0743 0x0da8  KtmRm - ok
03:11:16.0774 0x0da8  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\system32\srvsvc.dll
03:11:16.0774 0x0da8  LanmanServer - ok
03:11:16.0837 0x0da8  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
03:11:16.0852 0x0da8  LanmanWorkstation - ok
03:11:16.0899 0x0da8  [ 29FAB5363138F6E322F4CD780ED9D337, 39AE6E21D116AEC9EA65632F3325E848FFBEC6169A88ADC4814639F97A290D91 ] LicCtrlService  C:\Windows\runservice.exe
03:11:16.0899 0x0da8  LicCtrlService - ok
03:11:17.0775 0x0da8  [ FA149A9A6DDDCC222865077D07DD1C51, 4E70A024E4A2D5862425DD8A227EF0AE9B562099CDDC40FA7E15E19AA6CC8E47 ] LiveUpdateSvc   C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
03:11:17.0822 0x0da8  LiveUpdateSvc - ok
03:11:18.0025 0x0da8  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
03:11:18.0025 0x0da8  lltdio - ok
03:11:18.0213 0x0da8  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
03:11:18.0260 0x0da8  lltdsvc - ok
03:11:18.0275 0x0da8  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
03:11:18.0275 0x0da8  lmhosts - ok
03:11:18.0322 0x0da8  [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
03:11:18.0353 0x0da8  LSI_FC - ok
03:11:18.0385 0x0da8  [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
03:11:18.0431 0x0da8  LSI_SAS - ok
03:11:18.0478 0x0da8  [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
03:11:18.0494 0x0da8  LSI_SCSI - ok
03:11:18.0541 0x0da8  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
03:11:18.0541 0x0da8  luafv - ok
03:11:18.0619 0x0da8  [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
03:11:18.0729 0x0da8  Mcx2Svc - ok
03:11:18.0761 0x0da8  [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas         C:\Windows\system32\drivers\megasas.sys
03:11:18.0761 0x0da8  megasas - ok
03:11:18.0839 0x0da8  [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
03:11:18.0901 0x0da8  MegaSR - ok
03:11:18.0932 0x0da8  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
03:11:18.0932 0x0da8  MMCSS - ok
03:11:18.0964 0x0da8  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
03:11:18.0979 0x0da8  Modem - ok
03:11:19.0026 0x0da8  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
03:11:19.0026 0x0da8  monitor - ok
03:11:19.0120 0x0da8  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
03:11:19.0120 0x0da8  mouclass - ok
03:11:19.0151 0x0da8  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
03:11:19.0167 0x0da8  mouhid - ok
03:11:19.0182 0x0da8  [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
03:11:19.0198 0x0da8  MountMgr - ok
03:11:19.0245 0x0da8  [ 6460D4A5C981567E74A7AC1349DE10F5, 9C16035B9A9BE3D7077851621E9BDED223B4C6A156562076957B49B9FCAB3A05 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
03:11:19.0261 0x0da8  MpFilter - ok
03:11:19.0292 0x0da8  [ 5DA347912FD3AF24D7BFB3DE519D4BD0, 4115406BAD580D9B4BF9589711D76B61CF516959E467BFA4456CE78017F89FCB ] mpio            C:\Windows\system32\drivers\mpio.sys
03:11:19.0307 0x0da8  mpio - ok
03:11:19.0323 0x0da8  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
03:11:19.0323 0x0da8  mpsdrv - ok
03:11:19.0432 0x0da8  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
03:11:19.0448 0x0da8  MpsSvc - ok
03:11:19.0636 0x0da8  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
03:11:19.0652 0x0da8  Mraid35x - ok
03:11:19.0730 0x0da8  [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
03:11:19.0730 0x0da8  MRxDAV - ok
03:11:19.0777 0x0da8  [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
03:11:19.0793 0x0da8  mrxsmb - ok
03:11:19.0918 0x0da8  [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
03:11:19.0918 0x0da8  mrxsmb10 - ok
03:11:19.0996 0x0da8  [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
03:11:19.0996 0x0da8  mrxsmb20 - ok
03:11:20.0027 0x0da8  [ 5457DCFA7C0DA43522F4D9D4049C1472, C8B0FD8F96E4FC5CB4B74D5968E808F44B4371F0A797B1D368E6A6080CB862FD ] msahci          C:\Windows\system32\drivers\msahci.sys
03:11:20.0027 0x0da8  msahci - ok
03:11:20.0043 0x0da8  [ 2C563AEF15B8D0014C36C5F27742AC7B, 378BA92A1C7E3B0DEBD7B4C28EDF9E5461313D66985B40EFB075DD6169936494 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
03:11:20.0058 0x0da8  msdsm - ok
03:11:20.0090 0x0da8  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
03:11:20.0090 0x0da8  MSDTC - ok
03:11:20.0121 0x0da8  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
03:11:20.0121 0x0da8  Msfs - ok
03:11:20.0152 0x0da8  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
03:11:20.0152 0x0da8  msisadrv - ok
03:11:20.0199 0x0da8  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
03:11:20.0261 0x0da8  MSiSCSI - ok
03:11:20.0277 0x0da8  msiserver - ok
03:11:20.0324 0x0da8  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
03:11:20.0324 0x0da8  MSKSSRV - ok
03:11:20.0386 0x0da8  [ A4B109D057E15A438CE74E5B71187417, C91568C1AE2863218988D4D7A2B64041AB2C1EE2E9DF3720407FCE513ADA056F ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
03:11:20.0386 0x0da8  MsMpSvc - ok
03:11:20.0433 0x0da8  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
03:11:20.0449 0x0da8  MSPCLOCK - ok
03:11:20.0496 0x0da8  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
03:11:20.0496 0x0da8  MSPQM - ok
03:11:20.0527 0x0da8  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
03:11:20.0543 0x0da8  MsRPC - ok
03:11:20.0574 0x0da8  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
03:11:20.0574 0x0da8  mssmbios - ok
03:11:20.0621 0x0da8  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
03:11:20.0636 0x0da8  MSTEE - ok
03:11:20.0748 0x0da8  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
03:11:20.0763 0x0da8  Mup - ok
03:11:20.0795 0x0da8  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
03:11:20.0810 0x0da8  napagent - ok
03:11:20.0873 0x0da8  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
03:11:20.0873 0x0da8  NativeWifiP - ok
03:11:20.0935 0x0da8  [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS            C:\Windows\system32\drivers\ndis.sys
03:11:20.0967 0x0da8  NDIS - ok
03:11:21.0029 0x0da8  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
03:11:21.0029 0x0da8  NdisTapi - ok
03:11:21.0123 0x0da8  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
03:11:21.0123 0x0da8  Ndisuio - ok
03:11:21.0170 0x0da8  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
03:11:21.0170 0x0da8  NdisWan - ok
03:11:21.0185 0x0da8  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
03:11:21.0185 0x0da8  NDProxy - ok
03:11:21.0217 0x0da8  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
03:11:21.0217 0x0da8  NetBIOS - ok
03:11:21.0248 0x0da8  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
03:11:21.0263 0x0da8  netbt - ok
03:11:21.0279 0x0da8  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe
03:11:21.0279 0x0da8  Netlogon - ok
03:11:21.0357 0x0da8  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
03:11:21.0373 0x0da8  Netman - ok
03:11:21.0404 0x0da8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
03:11:21.0529 0x0da8  NetMsmqActivator - ok
03:11:21.0560 0x0da8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
03:11:21.0576 0x0da8  NetPipeActivator - ok
03:11:21.0607 0x0da8  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
03:11:21.0607 0x0da8  netprofm - ok
03:11:21.0654 0x0da8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
03:11:21.0654 0x0da8  NetTcpActivator - ok
03:11:21.0767 0x0da8  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
03:11:21.0767 0x0da8  NetTcpPortSharing - ok
03:11:21.0830 0x0da8  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
03:11:21.0845 0x0da8  nfrd960 - ok
03:11:21.0908 0x0da8  [ 6A83B8AF342E61DEE353BAA81F67B7DA, F883A69DC57A203CEF4A264ADA3669EFA11149FE479A32FF38A37C86D24D7DE7 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
03:11:21.0924 0x0da8  NisDrv - ok
03:11:21.0970 0x0da8  [ 877C975D6FED8B12C445312D1286771E, 2FD5F2FE0414D00B8E4EF389E1AD11356C14F700A906770B0AB88B464D963948 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
03:11:21.0970 0x0da8  NisSrv - ok
03:11:22.0017 0x0da8  [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc          C:\Windows\System32\nlasvc.dll
03:11:22.0033 0x0da8  NlaSvc - ok
03:11:22.0080 0x0da8  [ F6C40E0A565EE3CE5AEEB325E10054F2, 30C8BA41B1C235ECB2C7F29CD76C8F41B8D705BE7DD44F66666C28275EA56BAC ] nmwcd           C:\Windows\system32\drivers\ccdcmb.sys
03:11:22.0080 0x0da8  nmwcd - ok
03:11:22.0127 0x0da8  [ 2A394E9E1FA3565E4B2FEA470FFE4D6B, 879BE61C4256C9B855AA269C241A0D24E9ECE3CA0F3AFFB2E11D9340C0428D31 ] nmwcdc          C:\Windows\system32\drivers\ccdcmbo.sys
03:11:22.0127 0x0da8  nmwcdc - ok
03:11:22.0189 0x0da8  [ 99B224F8026CB534724AA3C408561E45, BBBA3F6BF90674014432BA034563E0EA0E16BE150A75D410B4532C4F79B9180A ] nmwcdnsu        C:\Windows\system32\drivers\nmwcdnsu.sys
03:11:22.0236 0x0da8  nmwcdnsu - ok
03:11:22.0283 0x0da8  [ D23257682D349A5E2E4507ED33DECC16, 9884BD3191DEDE2B53F3AFBC9DC214990C04BEB4ABADA87D0EE526416A8A90DC ] nmwcdnsuc       C:\Windows\system32\drivers\nmwcdnsuc.sys
03:11:22.0283 0x0da8  nmwcdnsuc - ok
03:11:22.0299 0x0da8  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
03:11:22.0299 0x0da8  Npfs - ok
03:11:22.0345 0x0da8  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
03:11:22.0345 0x0da8  nsi - ok
03:11:22.0361 0x0da8  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
03:11:22.0361 0x0da8  nsiproxy - ok
03:11:22.0737 0x0da8  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
03:11:22.0862 0x0da8  Ntfs - ok
03:11:22.0909 0x0da8  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
03:11:22.0940 0x0da8  ntrigdigi - ok
03:11:22.0971 0x0da8  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
03:11:22.0971 0x0da8  Null - ok
03:11:23.0018 0x0da8  [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid          C:\Windows\system32\drivers\nvraid.sys
03:11:23.0034 0x0da8  nvraid - ok
03:11:23.0050 0x0da8  [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
03:11:23.0065 0x0da8  nvstor - ok
03:11:23.0081 0x0da8  [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
03:11:23.0096 0x0da8  nv_agp - ok
03:11:23.0096 0x0da8  NwlnkFlt - ok
03:11:23.0112 0x0da8  NwlnkFwd - ok
03:11:23.0159 0x0da8  [ BE32DA025A0BE1878F0EE8D6D9386CD5, B9D6CB4626FC67D108D713467C9ED8D0E2A071D98621B5531AD9D0C172FE7B89 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
03:11:23.0175 0x0da8  ohci1394 - ok
03:11:23.0237 0x0da8  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
03:11:23.0253 0x0da8  p2pimsvc - ok
03:11:23.0518 0x0da8  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
03:11:23.0534 0x0da8  p2psvc - ok
03:11:23.0596 0x0da8  [ 8A79FDF04A73428597E2CAF9D0D67850, DB438FDE5510AB2F350ED1AC4CF0E99D3CC665FE46533A438A8FDA4DAF950F93 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
03:11:23.0596 0x0da8  Parport - ok
03:11:23.0643 0x0da8  [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys
03:11:23.0643 0x0da8  partmgr - ok
03:11:23.0659 0x0da8  [ 6C580025C81CAF3AE9E3617C22CAD00E, 64F9061196462085E5DCD3ACB97A0D8FC67CA9A96DDD6E2103AFFF1593AE236A ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
03:11:23.0659 0x0da8  Parvdm - ok
03:11:23.0690 0x0da8  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
03:11:23.0690 0x0da8  PcaSvc - ok
03:11:23.0863 0x0da8  [ FD2041E9BA03DB7764B2248F02475079, DECEED110524BF83B4097188BF24BF0DDE1CE838DF7748B0DC807ABE351EB20A ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfd.sys
03:11:23.0863 0x0da8  pccsmcfd - ok
03:11:23.0910 0x0da8  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
03:11:23.0910 0x0da8  pci - ok
03:11:23.0941 0x0da8  [ 1636D43F10416AEB483BC6001097B26C, 36E61A993693A46538FE0F726D67BB28886F61D53384AD600D1282296A27662E ] pciide          C:\Windows\system32\drivers\pciide.sys
03:11:23.0941 0x0da8  pciide - ok
03:11:23.0972 0x0da8  [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
03:11:23.0972 0x0da8  pcmcia - ok
03:11:24.0066 0x0da8  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
03:11:24.0082 0x0da8  PEAUTH - ok
03:11:25.0317 0x0da8  [ DD184D9ADFE2A8A21741DBDFE9E22F5C, 0C22966973246248FD15A6C192AA1B731D018B4FDF1BD97FE9AA67A746C9440C ] PID_PEPI        C:\Windows\system32\DRIVERS\LV302V32.SYS
03:11:26.0068 0x0da8  PID_PEPI - ok
03:11:26.0224 0x0da8  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
03:11:26.0271 0x0da8  pla - ok
03:11:26.0412 0x0da8  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
03:11:26.0428 0x0da8  PlugPlay - ok
03:11:26.0584 0x0da8  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
03:11:26.0599 0x0da8  PNRPAutoReg - ok
03:11:26.0693 0x0da8  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
03:11:26.0709 0x0da8  PNRPsvc - ok
03:11:26.0850 0x0da8  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
03:11:26.0866 0x0da8  PolicyAgent - ok
03:11:26.0897 0x0da8  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
03:11:26.0897 0x0da8  PptpMiniport - ok
03:11:26.0944 0x0da8  [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor       C:\Windows\system32\drivers\processr.sys
03:11:26.0944 0x0da8  Processor - ok
03:11:27.0022 0x0da8  [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc         C:\Windows\system32\profsvc.dll
03:11:27.0038 0x0da8  ProfSvc - ok
03:11:27.0069 0x0da8  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
03:11:27.0069 0x0da8  ProtectedStorage - ok
03:11:27.0147 0x0da8  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
03:11:27.0147 0x0da8  PSched - ok


Edited by G8888, 28 October 2014 - 10:32 PM.


#8 G8888

G8888
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:05:13 PM

Posted 28 October 2014 - 10:33 PM

2nd part of the same log

 

 

03:11:27.0444 0x0da8  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300          C:\Windows\system32\drivers\ql2300.sys
03:11:27.0522 0x0da8  ql2300 - ok
03:11:27.0616 0x0da8  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
03:11:27.0647 0x0da8  ql40xx - ok
03:11:27.0678 0x0da8  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
03:11:27.0694 0x0da8  QWAVE - ok
03:11:27.0757 0x0da8  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
03:11:27.0757 0x0da8  QWAVEdrv - ok
03:11:28.0289 0x0da8  [ A23EFB72057FED7128EB558866055FDF, 22B75605C359D84F982AF583C552A849F332B06025BE9DC7DC1118CC23E67821 ] R300            C:\Windows\system32\DRIVERS\atikmdag.sys
03:11:28.0383 0x0da8  R300 - ok
03:11:28.0429 0x0da8  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
03:11:28.0429 0x0da8  RasAcd - ok
03:11:28.0476 0x0da8  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
03:11:28.0492 0x0da8  RasAuto - ok
03:11:28.0508 0x0da8  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
03:11:28.0523 0x0da8  Rasl2tp - ok
03:11:28.0617 0x0da8  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
03:11:28.0633 0x0da8  RasMan - ok
03:11:28.0664 0x0da8  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
03:11:28.0664 0x0da8  RasPppoe - ok
03:11:28.0789 0x0da8  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
03:11:28.0789 0x0da8  RasSstp - ok
03:11:28.0828 0x0da8  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
03:11:28.0828 0x0da8  rdbss - ok
03:11:28.0859 0x0da8  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
03:11:28.0859 0x0da8  RDPCDD - ok
03:11:28.0969 0x0da8  [ 943B18305EAE3935598A9B4A3D560B4C, E083FA4B9CA1A24031FF23A54942372D7FB3F02F62EE3580F01BEC3229DB2101 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
03:11:29.0031 0x0da8  rdpdr - ok
03:11:29.0047 0x0da8  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
03:11:29.0062 0x0da8  RDPENCDD - ok
03:11:29.0187 0x0da8  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
03:11:29.0265 0x0da8  RDPWD - ok
03:11:29.0406 0x0da8  [ 89525CC2DBAD44F7199B9CC188B3F9C5, 09708EFA65BC1CCF92E6F2E143FCF88C645B1633AFE0DED833CDF945CB077D8C ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
03:11:29.0406 0x0da8  RealNetworks Downloader Resolver Service - ok
03:11:29.0469 0x0da8  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
03:11:29.0469 0x0da8  RemoteAccess - ok
03:11:29.0500 0x0da8  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
03:11:29.0515 0x0da8  RemoteRegistry - ok
03:11:29.0609 0x0da8  [ BBCE96557881586683611C561FB06269, BB0DA582B2135EC589037D61597DB79F264F579D464DCE5B7D65A3D36CADEB86 ] RimUsb          C:\Windows\system32\Drivers\RimUsb.sys
03:11:29.0765 0x0da8  RimUsb - ok
03:11:29.0812 0x0da8  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
03:11:29.0812 0x0da8  RpcLocator - ok
03:11:29.0970 0x0da8  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll
03:11:29.0986 0x0da8  RpcSs - ok
03:11:30.0158 0x0da8  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
03:11:30.0174 0x0da8  rspndr - ok
03:11:30.0236 0x0da8  [ 5C5612756B380BCEDBF566A780FF9AFE, 3889B162F96B298E5C570EC265B82D60CA4F11E87EF3594893B94578CAF927D9 ] RTL8023xp       C:\Windows\system32\DRIVERS\Rtnicxp.sys
03:11:30.0236 0x0da8  RTL8023xp - ok
03:11:30.0267 0x0da8  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe
03:11:30.0267 0x0da8  SamSs - ok
03:11:30.0299 0x0da8  [ 39763504067962108505BFF25F024345, 73C9710B61EDC7FBEDE1D7A767AA3D3A169E7AD012494D05CB5EE7E5C5752BB9 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
03:11:30.0299 0x0da8  SASDIFSV - ok
03:11:30.0330 0x0da8  [ 77B9FC20084B48408AD3E87570EB4A85, B5BC5FEC1356DECB66A7A671DB67112BDAC8F942BF1C4B986B1805B41EF362B1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
03:11:30.0330 0x0da8  SASKUTIL - ok
03:11:30.0377 0x0da8  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
03:11:30.0392 0x0da8  sbp2port - ok
03:11:30.0424 0x0da8  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
03:11:30.0439 0x0da8  SCardSvr - ok
03:11:30.0580 0x0da8  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule        C:\Windows\system32\schedsvc.dll
03:11:30.0627 0x0da8  Schedule - ok
03:11:30.0674 0x0da8  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
03:11:30.0674 0x0da8  SCPolicySvc - ok
03:11:30.0783 0x0da8  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
03:11:30.0783 0x0da8  SDRSVC - ok
03:11:30.0814 0x0da8  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
03:11:30.0814 0x0da8  secdrv - ok
03:11:30.0846 0x0da8  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
03:11:30.0862 0x0da8  seclogon - ok
03:11:30.0909 0x0da8  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\System32\sens.dll
03:11:30.0925 0x0da8  SENS - ok
03:11:30.0940 0x0da8  [ CE9EC966638EF0B10B864DDEDF62A099, 2DEC5A8C947D87C12B342F15B8A552A0D49B979A2AC32D2C97FC7A3A76C34524 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
03:11:30.0940 0x0da8  Serenum - ok
03:11:30.0971 0x0da8  [ 6D663022DB3E7058907784AE14B69898, 54263888C64A7F010D3B5E399369B0F3FF3AF0A0DE8ADB502B98277533E4D45F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
03:11:30.0971 0x0da8  Serial - ok
03:11:31.0034 0x0da8  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
03:11:31.0065 0x0da8  sermouse - ok
03:11:31.0346 0x0da8  [ C15B813F2FDB44F87F23312472C6E790, 2AA4024C312D0FFDC7DD2F46D011C8C54085216A3B5FA99FA42312C2E991E141 ] ServiceLayer    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
03:11:31.0565 0x0da8  ServiceLayer - ok
03:11:31.0612 0x0da8  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
03:11:31.0628 0x0da8  SessionEnv - ok
03:11:31.0690 0x0da8  [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
03:11:31.0831 0x0da8  sffdisk - ok
03:11:31.0849 0x0da8  [ E5EAFE85815BD89095FEF3144A09AB68, 625A3D73380AA3C1BAACA1ED7382B30DA4E435418DF5AEF911C473ADB220789B ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
03:11:31.0865 0x0da8  sffp_mmc - ok
03:11:31.0896 0x0da8  [ 9F66A46C55D6F1CCABC79BB7AFCCC545, 029115C69315D2298F7FC944A53EF7F120FF74919208EB5ABC190022176D9B16 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
03:11:31.0896 0x0da8  sffp_sd - ok
03:11:31.0912 0x0da8  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
03:11:31.0928 0x0da8  sfloppy - ok
03:11:31.0974 0x0da8  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
03:11:31.0974 0x0da8  SharedAccess - ok
03:11:32.0131 0x0da8  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
03:11:32.0131 0x0da8  ShellHWDetection - ok
03:11:32.0287 0x0da8  [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
03:11:32.0381 0x0da8  sisagp - ok
03:11:32.0428 0x0da8  [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
03:11:32.0443 0x0da8  SiSRaid2 - ok
03:11:32.0490 0x0da8  [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
03:11:32.0490 0x0da8  SiSRaid4 - ok
03:11:32.0928 0x0da8  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
03:11:33.0021 0x0da8  slsvc - ok
03:11:33.0084 0x0da8  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
03:11:33.0084 0x0da8  SLUINotify - ok
03:11:33.0115 0x0da8  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
03:11:33.0115 0x0da8  Smb - ok
03:11:33.0178 0x0da8  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
03:11:33.0193 0x0da8  SNMPTRAP - ok
03:11:33.0240 0x0da8  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
03:11:33.0318 0x0da8  spldr - ok
03:11:33.0349 0x0da8  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
03:11:33.0349 0x0da8  Spooler - ok
03:11:33.0584 0x0da8  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv             C:\Windows\system32\DRIVERS\srv.sys
03:11:33.0584 0x0da8  srv - ok
03:11:33.0834 0x0da8  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
03:11:33.0834 0x0da8  srv2 - ok
03:11:33.0865 0x0da8  [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
03:11:33.0865 0x0da8  srvnet - ok
03:11:34.0021 0x0da8  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
03:11:34.0037 0x0da8  SSDPSRV - ok
03:11:34.0131 0x0da8  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
03:11:34.0146 0x0da8  SstpSvc - ok
03:11:34.0209 0x0da8  [ 189879824D01F9A0DD1D72259A120F50, D587688E9EF7C43319AB87EEA368C9310F3A8F4A8A6D8A6E427A54126C209DF0 ] Steam Client Service C:\Program Files\Common Files\Steam\SteamService.exe
03:11:35.0225 0x0da8  Steam Client Service - ok
03:11:35.0272 0x0da8  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
03:11:35.0288 0x0da8  stisvc - ok
03:11:35.0382 0x0da8  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
03:11:35.0382 0x0da8  swenum - ok
03:11:35.0522 0x0da8  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
03:11:35.0522 0x0da8  swprv - ok
03:11:35.0569 0x0da8  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
03:11:35.0585 0x0da8  Symc8xx - ok
03:11:35.0616 0x0da8  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
03:11:35.0616 0x0da8  Sym_hi - ok
03:11:35.0647 0x0da8  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
03:11:35.0647 0x0da8  Sym_u3 - ok
03:11:35.0788 0x0da8  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
03:11:35.0803 0x0da8  SysMain - ok
03:11:35.0850 0x0da8  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
03:11:35.0850 0x0da8  TabletInputService - ok
03:11:35.0944 0x0da8  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
03:11:35.0944 0x0da8  TapiSrv - ok
03:11:36.0093 0x0da8  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
03:11:36.0093 0x0da8  TBS - ok
03:11:36.0171 0x0da8  [ A4196D394207369E1431E8681B373312, BEF96BAB70FDF94F8CB2942BDEA9B4D934443E5305E3FD737809C3F7524B1E8E ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
03:11:36.0218 0x0da8  Tcpip - ok
03:11:36.0264 0x0da8  [ A4196D394207369E1431E8681B373312, BEF96BAB70FDF94F8CB2942BDEA9B4D934443E5305E3FD737809C3F7524B1E8E ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
03:11:36.0296 0x0da8  Tcpip6 - ok
03:11:36.0374 0x0da8  [ 95389980F70FC4990A4395A0B8BBE1D6, FB5CBC85733A4EC4FB9F210A5D4E5989F6A3F2995D895F5B41163CDFC04DB82C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
03:11:36.0374 0x0da8  tcpipreg - ok
03:11:36.0468 0x0da8  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
03:11:36.0468 0x0da8  TDPIPE - ok
03:11:36.0499 0x0da8  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
03:11:36.0499 0x0da8  TDTCP - ok
03:11:36.0530 0x0da8  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
03:11:36.0530 0x0da8  tdx - ok
03:11:36.0546 0x0da8  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
03:11:36.0561 0x0da8  TermDD - ok
03:11:36.0733 0x0da8  [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService     C:\Windows\System32\termsrv.dll
03:11:36.0749 0x0da8  TermService - ok
03:11:36.0858 0x0da8  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
03:11:36.0858 0x0da8  Themes - ok
03:11:36.0921 0x0da8  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
03:11:36.0921 0x0da8  THREADORDER - ok
03:11:36.0952 0x0da8  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
03:11:36.0968 0x0da8  TrkWks - ok
03:11:37.0093 0x0da8  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
03:11:37.0093 0x0da8  TrustedInstaller - ok
03:11:37.0172 0x0da8  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
03:11:37.0234 0x0da8  tssecsrv - ok
03:11:37.0250 0x0da8  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
03:11:37.0265 0x0da8  tunmp - ok
03:11:37.0297 0x0da8  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
03:11:37.0297 0x0da8  tunnel - ok
03:11:37.0375 0x0da8  [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
03:11:37.0437 0x0da8  uagp35 - ok
03:11:37.0484 0x0da8  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
03:11:37.0531 0x0da8  udfs - ok
03:11:37.0578 0x0da8  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
03:11:37.0594 0x0da8  UI0Detect - ok
03:11:37.0640 0x0da8  [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
03:11:37.0703 0x0da8  uliagpkx - ok
03:11:37.0781 0x0da8  [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
03:11:37.0781 0x0da8  uliahci - ok
03:11:37.0812 0x0da8  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
03:11:37.0812 0x0da8  UlSata - ok
03:11:37.0859 0x0da8  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
03:11:37.0875 0x0da8  ulsata2 - ok
03:11:37.0890 0x0da8  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
03:11:37.0890 0x0da8  umbus - ok
03:11:37.0953 0x0da8  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
03:11:37.0969 0x0da8  upnphost - ok
03:11:38.0031 0x0da8  [ 47F5F9D837D80FFD5882A14DB9DA0A67, 3B32E69B77E21CF98ED6E97B231B9633BE39D74328152EDFA7656FB16E3FF93A ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
03:11:38.0047 0x0da8  upperdev - ok
03:11:38.0094 0x0da8  [ EC1C23779BB41A8B2AB2AA6FCE308BDE, D027A2B472CAE97AECB16F69BE52E06CB61E1C61AE196C22662050B711C1C72D ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
03:11:38.0094 0x0da8  USBAAPL - ok
03:11:38.0157 0x0da8  [ 1114579556DB85E9FAF9590DBC64CD62, 10479A3C12BBBB9B5759082358FE11AC20BAEFA6B4977C8AE6E60AA17BE6C7FA ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
03:11:38.0204 0x0da8  usbaudio - ok
03:11:38.0251 0x0da8  [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
03:11:38.0251 0x0da8  usbccgp - ok
03:11:38.0329 0x0da8  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
03:11:38.0391 0x0da8  usbcir - ok
03:11:38.0454 0x0da8  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
03:11:38.0454 0x0da8  usbehci - ok
03:11:38.0594 0x0da8  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
03:11:38.0594 0x0da8  usbhub - ok
03:11:38.0688 0x0da8  [ D457EBD0C3A8B3A3A144355B5EE91CBC, 6AD52BDBB1607A48F0B02E663B97C3A00E3345B1B12C259608A5AE728C1C06B2 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
03:11:38.0688 0x0da8  usbohci - ok
03:11:38.0798 0x0da8  [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
03:11:38.0798 0x0da8  usbprint - ok
03:11:38.0891 0x0da8  [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
03:11:38.0938 0x0da8  usbscan - ok
03:11:39.0032 0x0da8  [ 8E6C378A885D6FFDA8F05E8D27B95C0E, 351F20B1CB510F7B6B9321EB6C7A97446EF963A89F19F7E7A9CF41381B4B19FF ] usbser          C:\Windows\system32\drivers\usbser.sys
03:11:39.0048 0x0da8  usbser - ok
03:11:39.0094 0x0da8  [ E44F0D17BE0908B58DCC99CCB99C6C32, 6C5E62A688CD3A299FBE2C8CD87F2A860340CDE4616348D83C6FB3DDB561E6C9 ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
03:11:39.0094 0x0da8  UsbserFilt - ok
03:11:39.0141 0x0da8  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
03:11:39.0141 0x0da8  USBSTOR - ok
03:11:39.0196 0x0da8  [ 814D653EFC4D48BE3B04A307ECEFF56F, D73D62F51AEFE2F8F2B938B20107C246F2AC2F62ED49112DBD092A5D2E4024B3 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
03:11:39.0212 0x0da8  usbuhci - ok
03:11:39.0243 0x0da8  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
03:11:39.0259 0x0da8  UxSms - ok
03:11:39.0384 0x0da8  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
03:11:39.0399 0x0da8  vds - ok
03:11:39.0493 0x0da8  [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
03:11:39.0555 0x0da8  vga - ok
03:11:39.0571 0x0da8  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
03:11:39.0571 0x0da8  VgaSave - ok
03:11:39.0618 0x0da8  [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
03:11:39.0649 0x0da8  viaagp - ok
03:11:39.0696 0x0da8  [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
03:11:39.0774 0x0da8  ViaC7 - ok
03:11:39.0805 0x0da8  [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C1B76F0F994E06D ] viaide          C:\Windows\system32\drivers\viaide.sys
03:11:39.0805 0x0da8  viaide - ok
03:11:39.0821 0x0da8  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
03:11:39.0821 0x0da8  volmgr - ok
03:11:39.0852 0x0da8  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
03:11:39.0868 0x0da8  volmgrx - ok
03:11:39.0930 0x0da8  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
03:11:39.0946 0x0da8  volsnap - ok
03:11:39.0993 0x0da8  [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
03:11:40.0009 0x0da8  vsmraid - ok
03:11:40.0447 0x0da8  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
03:11:40.0463 0x0da8  VSS - ok
03:11:40.0635 0x0da8  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
03:11:40.0635 0x0da8  W32Time - ok
03:11:40.0713 0x0da8  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
03:11:40.0728 0x0da8  WacomPen - ok
03:11:40.0744 0x0da8  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
03:11:40.0760 0x0da8  Wanarp - ok
03:11:40.0775 0x0da8  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
03:11:40.0775 0x0da8  Wanarpv6 - ok
03:11:40.0963 0x0da8  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
03:11:40.0978 0x0da8  wcncsvc - ok
03:11:41.0103 0x0da8  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
03:11:41.0103 0x0da8  WcsPlugInService - ok
03:11:41.0261 0x0da8  [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd              C:\Windows\system32\drivers\wd.sys
03:11:41.0292 0x0da8  Wd - ok
03:11:41.0464 0x0da8  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
03:11:41.0479 0x0da8  Wdf01000 - ok
03:11:41.0542 0x0da8  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
03:11:41.0542 0x0da8  WdiServiceHost - ok
03:11:41.0620 0x0da8  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
03:11:41.0620 0x0da8  WdiSystemHost - ok
03:11:41.0729 0x0da8  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient       C:\Windows\System32\webclnt.dll
03:11:41.0823 0x0da8  WebClient - ok
03:11:41.0995 0x0da8  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
03:11:41.0995 0x0da8  Wecsvc - ok
03:11:42.0104 0x0da8  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
03:11:42.0120 0x0da8  wercplsupport - ok
03:11:42.0167 0x0da8  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
03:11:42.0198 0x0da8  WerSvc - ok
03:11:42.0324 0x0da8  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
03:11:42.0340 0x0da8  WinDefend - ok
03:11:42.0355 0x0da8  WinHttpAutoProxySvc - ok
03:11:42.0777 0x0da8  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
03:11:42.0777 0x0da8  Winmgmt - ok
03:11:42.0902 0x0da8  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
03:11:42.0933 0x0da8  WinRM - ok
03:11:43.0058 0x0da8  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
03:11:43.0074 0x0da8  Wlansvc - ok
03:11:43.0105 0x0da8  [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
03:11:43.0136 0x0da8  WmiAcpi - ok
03:11:43.0168 0x0da8  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
03:11:43.0168 0x0da8  wmiApSrv - ok
03:11:43.0294 0x0da8  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
03:11:43.0309 0x0da8  WMPNetworkSvc - ok
03:11:43.0512 0x0da8  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
03:11:43.0528 0x0da8  WPCSvc - ok
03:11:43.0716 0x0da8  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
03:11:43.0716 0x0da8  WPDBusEnum - ok
03:11:43.0794 0x0da8  [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
03:11:43.0825 0x0da8  WpdUsb - ok
03:11:44.0044 0x0da8  [ F8D3544ACBCE9110362119F7C10D848E, 31C49201A931751A36286874AC0B929D886F490D7CE48CCC9283850A56AD9FD9 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
03:11:44.0091 0x0da8  WPFFontCache_v0400 - ok
03:11:44.0122 0x0da8  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
03:11:44.0153 0x0da8  ws2ifsl - ok
03:11:44.0169 0x0da8  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\System32\wscsvc.dll
03:11:44.0216 0x0da8  wscsvc - ok
03:11:44.0216 0x0da8  WSearch - ok
03:11:44.0607 0x0da8  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
03:11:44.0654 0x0da8  wuauserv - ok
03:11:44.0873 0x0da8  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
03:11:44.0873 0x0da8  WudfPf - ok
03:11:44.0967 0x0da8  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
03:11:44.0982 0x0da8  WUDFRd - ok
03:11:45.0029 0x0da8  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
03:11:45.0045 0x0da8  wudfsvc - ok
03:11:45.0060 0x0da8  ================ Scan global ===============================
03:11:45.0076 0x0da8  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
03:11:45.0201 0x0da8  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
03:11:45.0296 0x0da8  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
03:11:45.0389 0x0da8  [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
03:11:45.0389 0x0da8  [ Global ] - ok
03:11:45.0389 0x0da8  ================ Scan MBR ==================================
03:11:45.0421 0x0da8  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
03:11:46.0014 0x0da8  \Device\Harddisk0\DR0 - ok
03:11:46.0014 0x0da8  ================ Scan VBR ==================================
03:11:46.0046 0x0da8  [ 6D93536F193DAC15E508A2258C5B6CB5 ] \Device\Harddisk0\DR0\Partition1
03:11:46.0186 0x0da8  \Device\Harddisk0\DR0\Partition1 - ok
03:11:46.0186 0x0da8  ================ Scan active images ========================
03:11:46.0186 0x0da8  [ 36975327EF03949CC378AB01E316B574, C64CEF47DE41486F4532B9A38EBB05F2043B1A84762B8A4749BB01573B7F8FB5 ] C:\Windows\System32\drivers\crashdmp.sys
03:11:46.0202 0x0da8  C:\Windows\System32\drivers\crashdmp.sys - ok
03:11:46.0202 0x0da8  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] C:\Windows\System32\drivers\atapi.sys
03:11:46.0202 0x0da8  C:\Windows\System32\drivers\atapi.sys - ok
03:11:46.0218 0x0da8  [ C67EBF9C05531C406E1E079FF669A2E6, 5B457E9C981CB0FEB4A5C9FFA16412D129186CB090127FC517B827BC530CBBE3 ] C:\Windows\System32\drivers\Dumpata.sys
03:11:46.0218 0x0da8  C:\Windows\System32\drivers\Dumpata.sys - ok
03:11:46.0233 0x0da8  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] C:\Windows\System32\drivers\TUNMP.SYS
03:11:46.0233 0x0da8  C:\Windows\System32\drivers\TUNMP.SYS - ok
03:11:46.0233 0x0da8  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] C:\Windows\System32\drivers\tunnel.sys
03:11:46.0233 0x0da8  C:\Windows\System32\drivers\tunnel.sys - ok
03:11:46.0249 0x0da8  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] C:\Windows\System32\drivers\intelppm.sys
03:11:46.0249 0x0da8  C:\Windows\System32\drivers\intelppm.sys - ok
03:11:46.0264 0x0da8  [ A23EFB72057FED7128EB558866055FDF, 22B75605C359D84F982AF583C552A849F332B06025BE9DC7DC1118CC23E67821 ] C:\Windows\System32\drivers\atikmdag.sys
03:11:46.0264 0x0da8  C:\Windows\System32\drivers\atikmdag.sys - ok
03:11:46.0264 0x0da8  [ 4A5C31E2C1646034E6A60EBA4C747FF6, CC5473E0B07014AAD4FCC2EE01C9E607FE43422A5A5851B2AD38E37C0AB7CDCF ] C:\Windows\System32\drivers\watchdog.sys
03:11:46.0264 0x0da8  C:\Windows\System32\drivers\watchdog.sys - ok
03:11:46.0285 0x0da8  [ 5C2C209CDEFBC51D83D66E8A53B2BE89, 7AE68672A6BEEF601017BE28AA0BF3673318EFE97AA08E70F58A9391C54DF71F ] C:\Windows\System32\drivers\dxgkrnl.sys
03:11:46.0285 0x0da8  C:\Windows\System32\drivers\dxgkrnl.sys - ok
03:11:46.0301 0x0da8  [ B09C74A41F26B08149707EA5E7F956C2, E6ECA1E437E5390A3A43DAA5E1B5C384D70C114707CA34018DB1A6AE37219E9B ] C:\Windows\System32\drivers\usbport.sys
03:11:46.0301 0x0da8  C:\Windows\System32\drivers\usbport.sys - ok
03:11:46.0316 0x0da8  [ D457EBD0C3A8B3A3A144355B5EE91CBC, 6AD52BDBB1607A48F0B02E663B97C3A00E3345B1B12C259608A5AE728C1C06B2 ] C:\Windows\System32\drivers\usbohci.sys
03:11:46.0316 0x0da8  C:\Windows\System32\drivers\usbohci.sys - ok
03:11:46.0316 0x0da8  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] C:\Windows\System32\drivers\cdrom.sys
03:11:46.0316 0x0da8  C:\Windows\System32\drivers\cdrom.sys - ok
03:11:46.0332 0x0da8  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] C:\Windows\System32\drivers\usbehci.sys
03:11:46.0332 0x0da8  C:\Windows\System32\drivers\usbehci.sys - ok
03:11:46.0347 0x0da8  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] C:\Windows\System32\drivers\GEARAspiWDM.sys
03:11:46.0347 0x0da8  C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
03:11:46.0347 0x0da8  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] C:\Windows\System32\drivers\hdaudbus.sys
03:11:46.0347 0x0da8  C:\Windows\System32\drivers\hdaudbus.sys - ok
03:11:46.0363 0x0da8  [ 8A79FDF04A73428597E2CAF9D0D67850, DB438FDE5510AB2F350ED1AC4CF0E99D3CC665FE46533A438A8FDA4DAF950F93 ] C:\Windows\System32\drivers\parport.sys
03:11:46.0363 0x0da8  C:\Windows\System32\drivers\parport.sys - ok
03:11:46.0379 0x0da8  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] C:\Windows\System32\drivers\i8042prt.sys
03:11:46.0379 0x0da8  C:\Windows\System32\drivers\i8042prt.sys - ok
03:11:46.0379 0x0da8  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] C:\Windows\System32\drivers\kbdclass.sys
03:11:46.0379 0x0da8  C:\Windows\System32\drivers\kbdclass.sys - ok
03:11:46.0394 0x0da8  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] C:\Windows\System32\drivers\mouclass.sys
03:11:46.0394 0x0da8  C:\Windows\System32\drivers\mouclass.sys - ok
03:11:46.0410 0x0da8  [ 6D663022DB3E7058907784AE14B69898, 54263888C64A7F010D3B5E399369B0F3FF3AF0A0DE8ADB502B98277533E4D45F ] C:\Windows\System32\drivers\serial.sys
03:11:46.0410 0x0da8  C:\Windows\System32\drivers\serial.sys - ok
03:11:46.0410 0x0da8  [ CE9EC966638EF0B10B864DDEDF62A099, 2DEC5A8C947D87C12B342F15B8A552A0D49B979A2AC32D2C97FC7A3A76C34524 ] C:\Windows\System32\drivers\serenum.sys
03:11:46.0410 0x0da8  C:\Windows\System32\drivers\serenum.sys - ok
03:11:46.0426 0x0da8  [ 5C5612756B380BCEDBF566A780FF9AFE, 3889B162F96B298E5C570EC265B82D60CA4F11E87EF3594893B94578CAF927D9 ] C:\Windows\System32\drivers\Rtnicxp.sys
03:11:46.0426 0x0da8  C:\Windows\System32\drivers\Rtnicxp.sys - ok
03:11:46.0426 0x0da8  [ 47E55AFE1ED1D5AFF09690DB226F4A7A, 6D9EF6C4A70BD9C5DD98F70516257C377D97C30AFD4ABA7E1C721D84672C9084 ] C:\Windows\System32\drivers\Storport.sys
03:11:46.0426 0x0da8  C:\Windows\System32\drivers\Storport.sys - ok
03:11:46.0441 0x0da8  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] C:\Windows\System32\drivers\msiscsi.sys
03:11:46.0441 0x0da8  C:\Windows\System32\drivers\msiscsi.sys - ok
03:11:46.0457 0x0da8  [ 77937EFF009AC696B90E09F671F9D0A4, EF51316C44529E17B2C09EA06D55B4EF7BCC8B6EB8FEC02DE64005F99AA32C95 ] C:\Windows\System32\drivers\tdi.sys
03:11:46.0457 0x0da8  C:\Windows\System32\drivers\tdi.sys - ok
03:11:46.0457 0x0da8  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] C:\Windows\System32\drivers\rasl2tp.sys
03:11:46.0457 0x0da8  C:\Windows\System32\drivers\rasl2tp.sys - ok
03:11:46.0472 0x0da8  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] C:\Windows\System32\drivers\ndistapi.sys
03:11:46.0472 0x0da8  C:\Windows\System32\drivers\ndistapi.sys - ok
03:11:46.0488 0x0da8  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] C:\Windows\System32\drivers\ndiswan.sys
03:11:46.0488 0x0da8  C:\Windows\System32\drivers\ndiswan.sys - ok
03:11:46.0488 0x0da8  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] C:\Windows\System32\drivers\raspppoe.sys
03:11:46.0488 0x0da8  C:\Windows\System32\drivers\raspppoe.sys - ok
03:11:46.0504 0x0da8  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] C:\Windows\System32\drivers\raspptp.sys
03:11:46.0504 0x0da8  C:\Windows\System32\drivers\raspptp.sys - ok
03:11:46.0519 0x0da8  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] C:\Windows\System32\drivers\rassstp.sys
03:11:46.0519 0x0da8  C:\Windows\System32\drivers\rassstp.sys - ok
03:11:46.0519 0x0da8  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] C:\Windows\System32\drivers\termdd.sys
03:11:46.0519 0x0da8  C:\Windows\System32\drivers\termdd.sys - ok
03:11:46.0535 0x0da8  [ EF73C1E29FBE7B0FD0274BF4394E346A, F0C0524E6FE2E0EB9230995230868A4FFAA510129B7464BD7DB8AE9C8EAE4CF5 ] C:\Windows\System32\drivers\ks.sys
03:11:46.0535 0x0da8  C:\Windows\System32\drivers\ks.sys - ok
03:11:46.0551 0x0da8  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] C:\Windows\System32\drivers\swenum.sys
03:11:46.0551 0x0da8  C:\Windows\System32\drivers\swenum.sys - ok
03:11:46.0551 0x0da8  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] C:\Windows\System32\drivers\mssmbios.sys
03:11:46.0551 0x0da8  C:\Windows\System32\drivers\mssmbios.sys - ok
03:11:46.0566 0x0da8  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] C:\Windows\System32\drivers\umbus.sys
03:11:46.0566 0x0da8  C:\Windows\System32\drivers\umbus.sys - ok
03:11:46.0582 0x0da8  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] C:\Windows\System32\drivers\usbhub.sys
03:11:46.0582 0x0da8  C:\Windows\System32\drivers\usbhub.sys - ok
03:11:46.0582 0x0da8  [ 2A63675F6FA8EF0FF9F5C72695584CAA, 35828A7FF9242EF161639E3B9E6D98EFCFE82D683F7E219FCAEF9F6D9C89007B ] C:\Windows\System32\drivers\drmk.sys
03:11:46.0582 0x0da8  C:\Windows\System32\drivers\drmk.sys - ok
03:11:46.0597 0x0da8  [ 3F90E001369A07243763BD5A523D8722, 25907F85787D879E75C3FE74C93567382AFB2D528BEEC61D71E3A6BE2D71DFBE ] C:\Windows\System32\drivers\HdAudio.sys
03:11:46.0597 0x0da8  C:\Windows\System32\drivers\HdAudio.sys - ok
03:11:46.0613 0x0da8  [ 6DBA75306DD9B242B6F1C343179AD201, DC20492A07685588E6FE9F7B7AE01CA23EC9315CEA198F3BC58EE1CB6D0A1FD4 ] C:\Windows\System32\drivers\portcls.sys
03:11:46.0613 0x0da8  C:\Windows\System32\drivers\portcls.sys - ok
03:11:46.0629 0x0da8  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] C:\Windows\System32\drivers\ndproxy.sys
03:11:46.0629 0x0da8  C:\Windows\System32\drivers\ndproxy.sys - ok
03:11:46.0629 0x0da8  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] C:\Windows\System32\drivers\fs_rec.sys
03:11:46.0629 0x0da8  C:\Windows\System32\drivers\fs_rec.sys - ok
03:11:46.0644 0x0da8  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] C:\Windows\System32\drivers\beep.sys
03:11:46.0644 0x0da8  C:\Windows\System32\drivers\beep.sys - ok
03:11:46.0660 0x0da8  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] C:\Windows\System32\drivers\null.sys
03:11:46.0660 0x0da8  C:\Windows\System32\drivers\null.sys - ok
03:11:46.0660 0x0da8  [ BE4AD4045D7A6C6AF4ECCBD5F6B7F8D8, 980EB88D5B52AA1E9BE7FC7B92BFF02578DD643928A1B14488F0729F0B762EEE ] C:\Windows\System32\drivers\hidparse.sys
03:11:46.0660 0x0da8  C:\Windows\System32\drivers\hidparse.sys - ok
03:11:46.0676 0x0da8  [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] C:\Windows\System32\drivers\kbdhid.sys
03:11:46.0676 0x0da8  C:\Windows\System32\drivers\kbdhid.sys - ok
03:11:46.0676 0x0da8  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] C:\Windows\System32\drivers\vga.sys
03:11:46.0676 0x0da8  C:\Windows\System32\drivers\vga.sys - ok
03:11:46.0691 0x0da8  [ C048D2C33D27441A0CDCAAE2651EB03D, CD7F755400EF36C9EC689480AC425B8A8395F649B2843DE762997524C9B381DF ] C:\Windows\System32\drivers\videoprt.sys
03:11:46.0691 0x0da8  C:\Windows\System32\drivers\videoprt.sys - ok
03:11:46.0707 0x0da8  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] C:\Windows\System32\drivers\RDPCDD.sys
03:11:46.0707 0x0da8  C:\Windows\System32\drivers\RDPCDD.sys - ok
03:11:46.0707 0x0da8  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] C:\Windows\System32\drivers\RDPENCDD.sys
03:11:46.0707 0x0da8  C:\Windows\System32\drivers\RDPENCDD.sys - ok
03:11:46.0722 0x0da8  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] C:\Windows\System32\drivers\msfs.sys
03:11:46.0722 0x0da8  C:\Windows\System32\drivers\msfs.sys - ok
03:11:46.0738 0x0da8  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] C:\Windows\System32\drivers\npfs.sys
03:11:46.0738 0x0da8  C:\Windows\System32\drivers\npfs.sys - ok
03:11:46.0738 0x0da8  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] C:\Windows\System32\drivers\rasacd.sys
03:11:46.0738 0x0da8  C:\Windows\System32\drivers\rasacd.sys - ok
03:11:46.0754 0x0da8  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] C:\Windows\System32\drivers\tdx.sys
03:11:46.0754 0x0da8  C:\Windows\System32\drivers\tdx.sys - ok
03:11:46.0769 0x0da8  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] C:\Windows\System32\drivers\smb.sys
03:11:46.0769 0x0da8  C:\Windows\System32\drivers\smb.sys - ok
03:11:46.0769 0x0da8  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] C:\Windows\System32\drivers\netbt.sys
03:11:46.0769 0x0da8  C:\Windows\System32\drivers\netbt.sys - ok
03:11:46.0785 0x0da8  [ F5272A105F59A7B3B345D9D6D87DA7AD, 9E84776994D04240BF2537330DBB555EDE16DFCFC59DEDCBA05A44ED7F70BEFA ] C:\Windows\System32\drivers\afd.sys
03:11:46.0785 0x0da8  C:\Windows\System32\drivers\afd.sys - ok
03:11:46.0801 0x0da8  [ FE619ED13CE12F5B43C04E3EA061BBD6, DDED6F0C5987CCF81AC1FA8C670D84153C8F7A3492C4139B273DA7F8C98BE55A ] C:\Windows\System32\drivers\usbd.sys
03:11:46.0801 0x0da8  C:\Windows\System32\drivers\usbd.sys - ok
03:11:46.0801 0x0da8  [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] C:\Windows\System32\drivers\usbccgp.sys
03:11:46.0801 0x0da8  C:\Windows\System32\drivers\usbccgp.sys - ok
03:11:46.0816 0x0da8  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] C:\Windows\System32\drivers\pacer.sys
03:11:46.0816 0x0da8  C:\Windows\System32\drivers\pacer.sys - ok
03:11:46.0832 0x0da8  [ 5961CADB7CAD938368D2028725EF771D, F688F8FF3B2F104295B779749977779BAAF79392965A92B33074B6088168DB46 ] C:\Windows\System32\drivers\hidclass.sys
03:11:46.0832 0x0da8  C:\Windows\System32\drivers\hidclass.sys - ok
03:11:46.0832 0x0da8  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] C:\Windows\System32\drivers\hidusb.sys
03:11:46.0832 0x0da8  C:\Windows\System32\drivers\hidusb.sys - ok
03:11:46.0847 0x0da8  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] C:\Windows\System32\drivers\netbios.sys
03:11:46.0847 0x0da8  C:\Windows\System32\drivers\netbios.sys - ok
03:11:46.0863 0x0da8  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] C:\Windows\System32\drivers\wanarp.sys
03:11:46.0863 0x0da8  C:\Windows\System32\drivers\wanarp.sys - ok
03:11:46.0863 0x0da8  [ 77B9FC20084B48408AD3E87570EB4A85, B5BC5FEC1356DECB66A7A671DB67112BDAC8F942BF1C4B986B1805B41EF362B1 ] C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
03:11:46.0863 0x0da8  C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS - ok
03:11:46.0879 0x0da8  [ 39763504067962108505BFF25F024345, 73C9710B61EDC7FBEDE1D7A767AA3D3A169E7AD012494D05CB5EE7E5C5752BB9 ] C:\Program Files\SUPERAntiSpyware\sasdifsv.sys
03:11:46.0879 0x0da8  C:\Program Files\SUPERAntiSpyware\sasdifsv.sys - ok
03:11:46.0894 0x0da8  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] C:\Windows\System32\drivers\rdbss.sys
03:11:46.0894 0x0da8  C:\Windows\System32\drivers\rdbss.sys - ok
03:11:46.0894 0x0da8  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] C:\Windows\System32\drivers\nsiproxy.sys
03:11:46.0894 0x0da8  C:\Windows\System32\drivers\nsiproxy.sys - ok
03:11:46.0910 0x0da8  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] C:\Windows\System32\drivers\dfsc.sys
03:11:46.0910 0x0da8  C:\Windows\System32\drivers\dfsc.sys - ok
03:11:46.0926 0x0da8  [ 566C5FD480FDBCE3BA5CF9FBCFFAEA9A, 573681387B27FB2C8DC6612474B9BB8631F6CD3CED29AEBF91992606875724D2 ] C:\Windows\System32\drivers\KMWDFILTER.sys
03:11:46.0926 0x0da8  C:\Windows\System32\drivers\KMWDFILTER.sys - ok
03:11:46.0926 0x0da8  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] C:\Windows\System32\drivers\mouhid.sys
03:11:46.0926 0x0da8  C:\Windows\System32\drivers\mouhid.sys - ok
03:11:46.0941 0x0da8  [ BE7480C91E89EB82FC080F772C220AE4, 31A63BAA21B73B7395A2271A219E0A9B100E9CDEB275FF906F5C05B0A433BAB5 ] C:\Windows\System32\smss.exe
03:11:46.0941 0x0da8  C:\Windows\System32\smss.exe - ok
03:11:46.0941 0x0da8  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] C:\Windows\System32\drivers\USBSTOR.SYS
03:11:46.0941 0x0da8  C:\Windows\System32\drivers\USBSTOR.SYS - ok
03:11:46.0957 0x0da8  [ B9FDFF876B0E7B4FECBAA5708C6ED616, 588B9677758DB19186ABE59D256D7E7CF224CA1923A60E37BFBDD03E8DAB9DB7 ] C:\Windows\System32\ntdll.dll
03:11:46.0957 0x0da8  C:\Windows\System32\ntdll.dll - ok
03:11:46.0972 0x0da8  [ 10761177A6EBE45843F443E99509F5E7, BB51065931E61EDBC920924D96B502D46E2967FFAFCE589171FC0D3AD43463CB ] C:\Windows\System32\autochk.exe
03:11:46.0972 0x0da8  C:\Windows\System32\autochk.exe - ok
03:11:46.0988 0x0da8  [ B218342214D9BBA0F54EA12BA2E9278C, 0B68D881F3B60068C250A97492B81DB8463FFB4FDADC26CD14E2255472A6A2A0 ] C:\Windows\System32\oleaut32.dll
03:11:46.0988 0x0da8  C:\Windows\System32\oleaut32.dll - ok
03:11:46.0988 0x0da8  [ EB0E02749CE5C488741C9A0ABEAB5DEC, 558C6304AFD4DA12F8976F699E39D6C1749F28A2AD4308B1C9E6D56288405FBD ] C:\Windows\System32\lpk.dll
03:11:46.0988 0x0da8  C:\Windows\System32\lpk.dll - ok
03:11:47.0004 0x0da8  [ 8C4836F71F2DB629A99CF5A774594C66, 4045FB24E7F90EEA07D011AF73B2A309A908795362AE85114276650F78AA607C ] C:\Windows\System32\shell32.dll
03:11:47.0004 0x0da8  C:\Windows\System32\shell32.dll - ok
03:11:47.0019 0x0da8  [ 09EA40F4DAD2EDB3587E5E0BAA9C3E15, 45EDA279BD838BD65702762E4EFEDA8F4178F9478E21678B8C75D1AA4015906E ] C:\Windows\System32\imagehlp.dll
03:11:47.0019 0x0da8  C:\Windows\System32\imagehlp.dll - ok
03:11:47.0019 0x0da8  [ 6F29236AB5926100972924BD29D9D225, E8B517FC36F25C4AE07021473B0BCDCDDD4B6E3FE004E6B0AD449C030267674C ] C:\Windows\System32\normaliz.dll
03:11:47.0019 0x0da8  C:\Windows\System32\normaliz.dll - ok
03:11:47.0035 0x0da8  [ 551F51B66E5EA87A38D8197EB3BDB57A, 2006D0418848EAA2361C26D18246D0BAA646B6F25F2C0035BDC82967E9BD73F1 ] C:\Windows\System32\setupapi.dll
03:11:47.0035 0x0da8  C:\Windows\System32\setupapi.dll - ok
03:11:47.0051 0x0da8  [ C8BDCECEE082B54F0BAC838BF0A34597, 8C451FA2BA8E38D83E50EBF1D9F56FCBCBC7E2C6898C15254FE9F337F279E0C1 ] C:\Windows\System32\imm32.dll
03:11:47.0051 0x0da8  C:\Windows\System32\imm32.dll - ok
03:11:47.0051 0x0da8  [ 9586E7CB2255A8B097A7E4538202585E, 7A65B6268940279D77CE08D695306150A8F8DD9A6878D2A322799AC576960C6B ] C:\Windows\System32\ole32.dll
03:11:47.0051 0x0da8  C:\Windows\System32\ole32.dll - ok
03:11:47.0066 0x0da8  [ 420B075CD71AB9E58D15DD258958FBA3, EDD96EDD4D3F1C05E34C769F9C4A1D966DA9B51A3B01CF25E9C5E30281E01AE2 ] C:\Windows\System32\shlwapi.dll
03:11:47.0066 0x0da8  C:\Windows\System32\shlwapi.dll - ok
03:11:47.0066 0x0da8  [ A64AEBC6C78B4CFD7F41A7277879DF8F, 2283E1D5D5ACF66B6C71A7755577F0A03DB5FC213E5D7DB067C9B7B6E805C202 ] C:\Windows\System32\nsi.dll
03:11:47.0066 0x0da8  C:\Windows\System32\nsi.dll - ok
03:11:47.0082 0x0da8  [ FB3E5FD7F74BFC301AD3FB7DE670EDCB, 286EB6EA24FC2A29FE8ABBE84DDEDB1B1061ACA2C6CE2D3975CD55C477CD6944 ] C:\Windows\System32\usp10.dll
03:11:47.0082 0x0da8  C:\Windows\System32\usp10.dll - ok
03:11:47.0097 0x0da8  [ 77742DDD19DB7503EEBF0A4A5A0AD6B1, C9CCBED4ED7FC8E18BA6FA4AA6496461896430D543D693C7EC6B2632E4CB368D ] C:\Windows\System32\iertutil.dll
03:11:47.0097 0x0da8  C:\Windows\System32\iertutil.dll - ok
03:11:47.0097 0x0da8  [ 1524E24AC57E375F3C42481A9ACEE038, EDD038DA4222139AA6D16D6B8246299B28D6CC7A54646AAC55DA7E29ACABF9CD ] C:\Windows\System32\urlmon.dll
03:11:47.0097 0x0da8  C:\Windows\System32\urlmon.dll - ok
03:11:47.0113 0x0da8  [ 9852A1B92487147563D83B638F1E8D37, 31A3010FC59F9D028C4520A5D12FFDD6F0CBC987247D39818FAA60A6B029A855 ] C:\Windows\System32\gdi32.dll
03:11:47.0113 0x0da8  C:\Windows\System32\gdi32.dll - ok
03:11:47.0129 0x0da8  [ 75510147B94598407666F4802797C75A, D9F989669EB0AAF384AA5462DD632999BF9C5A6BDB75C4F8857A6E9BDBE82B64 ] C:\Windows\System32\user32.dll
03:11:47.0129 0x0da8  C:\Windows\System32\user32.dll - ok
03:11:47.0129 0x0da8  [ 3252D4791357FEE6C2BAF0619C041317, 10772FC69FE3E40E3F61918CAA745D58AAE75114098F0A1B752F46159CA3DDEE ] C:\Windows\System32\wininet.dll
03:11:47.0129 0x0da8  C:\Windows\System32\wininet.dll - ok
03:11:47.0144 0x0da8  [ 50CAA7072C171B9887215C83D52069E4, AA1961787F24A6AFF9DD5D0A6110686EA654595D2EB941F5DA702498A662880D ] C:\Windows\System32\advapi32.dll
03:11:47.0144 0x0da8  C:\Windows\System32\advapi32.dll - ok
03:11:47.0160 0x0da8  [ B8A609FB5EFB4E44FC1355B1C01C64BC, BB84036F8F16C6E2069FD8B18078A7E6CC98B513285FB1A8DC727B395C9E3A12 ] C:\Windows\System32\Wldap32.dll
03:11:47.0160 0x0da8  C:\Windows\System32\Wldap32.dll - ok
03:11:47.0160 0x0da8  [ 17AF64D727545F2804F6E6D998327E3F, CAD50C5321BF522CA6CA74662D032A98705ADD04A8BE38576B8EF0B8CE6DBA8A ] C:\Windows\System32\msvcrt.dll
03:11:47.0160 0x0da8  C:\Windows\System32\msvcrt.dll - ok
03:11:47.0176 0x0da8  [ E389C328AC7FE5673593ECAD269E7A54, 4EACF7F293D736941BC9F1FA5E70C11EF55CCF74664ECDEF56DA53BA043C0C38 ] C:\Windows\System32\rpcrt4.dll
03:11:47.0176 0x0da8  C:\Windows\System32\rpcrt4.dll - ok
03:11:47.0176 0x0da8  [ C394079EB162E812D682C73FA96AF6E4, 639F482DBC82E1E8E7254A5F6FF0F60661EA4BE44D86CA13238913DABFA522F8 ] C:\Windows\System32\clbcatq.dll
03:11:47.0176 0x0da8  C:\Windows\System32\clbcatq.dll - ok
03:11:47.0191 0x0da8  [ 4AA2A0E26CEF1A803741253DCF9A1503, 8718BF6DC8678BDC5AF627F82D14E2D857D94A760529FF00F1D7B066F46CA832 ] C:\Windows\System32\comdlg32.dll
03:11:47.0191 0x0da8  C:\Windows\System32\comdlg32.dll - ok
03:11:47.0207 0x0da8  [ 695DB97B018FB06F693F37108322AA1E, 20F438F5B143944DEA74D77851AB7668893A816B1E43ED87273E1EECDB8B7704 ] C:\Windows\System32\kernel32.dll
03:11:47.0207 0x0da8  C:\Windows\System32\kernel32.dll - ok
03:11:47.0207 0x0da8  [ E3C3BD69701CE6B7B17101E4F7740534, 9D6A308A961A1942D7BF8ABEABE6CA87EB13F7710D40F2F767CE4545C18864C6 ] C:\Windows\System32\msctf.dll
03:11:47.0207 0x0da8  C:\Windows\System32\msctf.dll - ok
03:11:47.0222 0x0da8  [ B304D47D5744BA20FCB99FB8B2C07B0B, 16AAD9264CAB5B5489E2CF8F118132EA46FE9066B4C4320C0259BE88EBD111C8 ] C:\Windows\System32\ws2_32.dll
03:11:47.0222 0x0da8  C:\Windows\System32\ws2_32.dll - ok
03:11:47.0238 0x0da8  [ 58035212AB7869A5FC3AF186ACBA8F09, BCBEE41B2E65560A71D9D9199C0F8D7657085EEE4F73CD2F04D0474823ED4200 ] C:\Windows\System32\comctl32.dll
03:11:47.0238 0x0da8  C:\Windows\System32\comctl32.dll - ok
03:11:47.0238 0x0da8  [ 93A1732F7F997E36A5C3893539E2FF02, 40B6F7A67F90E5D9948385418BD22BBD29DE86A151B35D1001081A61CA5FC612 ] C:\Windows\System32\psapi.dll
03:11:47.0238 0x0da8  C:\Windows\System32\psapi.dll - ok
03:11:47.0254 0x0da8  [ EAAAFEF04FBB45665C9576E525D45A12, 3472378C4E150B158B1C4E16760E278B0564BA10563D2CB181EFD17091056D87 ] C:\Windows\System32\drivers\dxapi.sys
03:11:47.0254 0x0da8  C:\Windows\System32\drivers\dxapi.sys - ok
03:11:47.0269 0x0da8  [ 69EEF0917300F377BC056FFF9C861649, 21F0A007DAC850175F9A907371678BE482A04E1783E7A0F385439B58318B0261 ] C:\Windows\System32\win32k.sys
03:11:47.0269 0x0da8  C:\Windows\System32\win32k.sys - ok
03:11:47.0269 0x0da8  [ 33F84B64D4765BCDFA0AB8464122DA14, 89FBC019E656B36A3B87F3F546C45A8DD033799606B05532FAC3E695DFD9701A ] C:\Windows\System32\csrsrv.dll
03:11:47.0269 0x0da8  C:\Windows\System32\csrsrv.dll - ok
03:11:47.0285 0x0da8  [ ABCA209EBA02CB59233614DB83B4F50D, CF48E43B33B14234F5004F9F3BF0D973B17A501108F39FB42CF9548FD2124960 ] C:\Windows\System32\csrss.exe
03:11:47.0285 0x0da8  C:\Windows\System32\csrss.exe - ok
03:11:47.0304 0x0da8  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\System32\basesrv.dll
03:11:47.0304 0x0da8  C:\Windows\System32\basesrv.dll - ok
03:11:47.0320 0x0da8  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\System32\winsrv.dll
03:11:47.0320 0x0da8  C:\Windows\System32\winsrv.dll - ok
03:11:47.0320 0x0da8  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] C:\Windows\System32\drivers\monitor.sys
03:11:47.0320 0x0da8  C:\Windows\System32\drivers\monitor.sys - ok
03:11:47.0336 0x0da8  [ CC21507D246861671A0BF97E75CE1B00, C36089B27D80F4FFD208A807310413DE3DCC7850F14D1B56F97670CC10F5566D ] C:\Windows\System32\tsddd.dll
03:11:47.0336 0x0da8  C:\Windows\System32\tsddd.dll - ok
03:11:47.0351 0x0da8  [ 101BA3EA053480BB5D957EF37C06B5ED, 9A02771DA9C226552A1766C2DD0295ECA8B5B80AAE13076FFCE6A806FA5C21B8 ] C:\Windows\System32\wininit.exe
03:11:47.0351 0x0da8  C:\Windows\System32\wininit.exe - ok
03:11:47.0351 0x0da8  [ D602FEDBD9155FC2DED6863FB60C950F, 5EADF6A70F3BB8CCF758AD645C96AF4034D7E8EEFE44C5008499809C510691EE ] C:\Windows\System32\secur32.dll
03:11:47.0351 0x0da8  C:\Windows\System32\secur32.dll - ok
03:11:47.0367 0x0da8  [ 665417528489096BBCB8AEA46D3DA924, BB0D895B481EFA6ED024C979238F5F482DF0A53912575A47EB4E9C643919112A ] C:\Windows\System32\userenv.dll
03:11:47.0367 0x0da8  C:\Windows\System32\userenv.dll - ok
03:11:47.0383 0x0da8  [ C2383A7FA2608D384ACAE1CDDE19A9F2, 3660398BDA5B10722521BCB96C23358F61EDFA83CBF7E193B242DEEEABFD3369 ] C:\Windows\System32\KBDUK.DLL
03:11:47.0383 0x0da8  C:\Windows\System32\KBDUK.DLL - ok
03:11:47.0383 0x0da8  [ 1107BD574A84367735FEC38B9BD64E6B, 682D5372B533817C810F1DCB1C7AE42C44A786ED114601E56DF85FE1C41D5989 ] C:\Windows\System32\apphelp.dll
03:11:47.0383 0x0da8  C:\Windows\System32\apphelp.dll - ok
03:11:47.0398 0x0da8  [ 92283D9E33EC5F41ECC0B430B7459241, 9BE390D924438950025842667924819E6EB1E821893C9EFE5E06AB30CBD037BF ] C:\Windows\System32\WlS0WndH.dll
03:11:47.0398 0x0da8  C:\Windows\System32\WlS0WndH.dll - ok
03:11:47.0414 0x0da8  [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\System32\services.exe
03:11:47.0414 0x0da8  C:\Windows\System32\services.exe - ok
03:11:47.0414 0x0da8  [ BE6FAC6F0745C67DAE7522C96406D083, 5FBDE0193F6C6752C8BAB88D945F536D1259B3290073FE73E97FD4D9603D9AD6 ] C:\Windows\System32\sxs.dll
03:11:47.0414 0x0da8  C:\Windows\System32\sxs.dll - ok
03:11:47.0429 0x0da8  [ 31F57ACBE76A0E17976E18614DE58399, F4EF3099DD1B736B65808CB6D6A1EEEAB04530347093486E55E548C0DA2BAF4A ] C:\Windows\System32\cdd.dll
03:11:47.0429 0x0da8  C:\Windows\System32\cdd.dll - ok
03:11:47.0429 0x0da8  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] C:\Windows\System32\lsass.exe
03:11:47.0429 0x0da8  C:\Windows\System32\lsass.exe - ok
03:11:47.0445 0x0da8  [ 4774AD6C447E02E954BD9A793614EBEC, 7BA75A26DA67FD10BB3E0A2404A7319F8D8938B0330BA0978A9E21EBC8CD9BA4 ] C:\Windows\System32\lsm.exe
03:11:47.0445 0x0da8  C:\Windows\System32\lsm.exe - ok
03:11:47.0461 0x0da8  [ D90911B3FA05D7B930C1286084B404DE, 200577AD30F9B3FBEAA2988B6858ED6811F7E75B0183F5F35F18207A0C932694 ] C:\Windows\System32\scesrv.dll
03:11:47.0461 0x0da8  C:\Windows\System32\scesrv.dll - ok
03:11:47.0461 0x0da8  [ 1AE011BB950A5E0B05023D2AFEC3666D, 4602DB22B7D1643780DBE7A34A4887C119A0516C65E4063A9C2074CF39A495DC ] C:\Windows\System32\authz.dll
03:11:47.0461 0x0da8  C:\Windows\System32\authz.dll - ok
03:11:47.0476 0x0da8  [ 98B656EAF128CD06F625B09C84D959E1, 3E6502E629F15E697A813FC56A9B1F13F5A6F3D0C20550AB3459B2507F868156 ] C:\Windows\System32\netapi32.dll
03:11:47.0476 0x0da8  C:\Windows\System32\netapi32.dll - ok
03:11:47.0492 0x0da8  [ 71F5A7104FDF16C0AC5283A6CE666553, 481D688B87CC4155FB98AEB816B5F331F2EC8A1B409B01BA270A67660CE9564A ] C:\Windows\System32\sysntfy.dll
03:11:47.0492 0x0da8  C:\Windows\System32\sysntfy.dll - ok
03:11:47.0492 0x0da8  [ F0321DA5203F1E71917F3B7A13DC4912, 2F40733CBDD6491DAA3182AFDB3CA9FBAE5C3EE15CD9FCFF20E2D74E98CA374F ] C:\Windows\System32\wmsgapi.dll
03:11:47.0492 0x0da8  C:\Windows\System32\wmsgapi.dll - ok
03:11:47.0508 0x0da8  [ 178FAC2B7C66E9A4400CE7AC37623E3F, 30BF99E3F6B02566A83DCC072F5654DA28311ACC5308CFB25BE02C1BD3B5CEE3 ] C:\Windows\System32\lsasrv.dll
03:11:47.0508 0x0da8  C:\Windows\System32\lsasrv.dll - ok
03:11:47.0523 0x0da8  [ 2FA16465F64DB54B1F7F511395EB4FD7, 9BC7865CC2EC9CE08E2848F8E8FB9E73715858A31243CB280C317578DDD97EDA ] C:\Windows\System32\ncobjapi.dll
03:11:47.0523 0x0da8  C:\Windows\System32\ncobjapi.dll - ok
03:11:47.0523 0x0da8  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] C:\Windows\System32\aelupsvc.dll
03:11:47.0523 0x0da8  C:\Windows\System32\aelupsvc.dll - ok
03:11:47.0539 0x0da8  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] C:\Windows\System32\alg.exe
03:11:47.0539 0x0da8  C:\Windows\System32\alg.exe - ok
03:11:47.0554 0x0da8  [ 8F7D200717A58E9800D391F4C2101577, F07CF0F5636F46D8F3D5133284943E991E8739E5A644BCA5F18BB896B374620D ] C:\Windows\System32\appinfo.dll
03:11:47.0554 0x0da8  C:\Windows\System32\appinfo.dll - ok
03:11:47.0554 0x0da8  [ 3464DAE0E801F5A81A23C571D86F30B2, A5C0256618215A96BC8CB68357E5278DBF01C3E2CFFDC77EB4A703F1342687D2 ] C:\Windows\System32\rascfg.dll
03:11:47.0554 0x0da8  C:\Windows\System32\rascfg.dll - ok
03:11:47.0570 0x0da8  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] C:\Windows\System32\audiosrv.dll
03:11:47.0570 0x0da8  C:\Windows\System32\audiosrv.dll - ok
03:11:47.0586 0x0da8  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] C:\Windows\System32\BFE.DLL
03:11:47.0586 0x0da8  C:\Windows\System32\BFE.DLL - ok
03:11:47.0586 0x0da8  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] C:\Windows\System32\qmgr.dll
03:11:47.0586 0x0da8  C:\Windows\System32\qmgr.dll - ok
03:11:47.0601 0x0da8  [ 7808BF0E367ED7348808879CEF482AB3, BAC633E351F0A2CF69C288E7CD983ED5986FE0CC180BF769A5C2EB5F8CABBE8A ] C:\Windows\System32\samsrv.dll
03:11:47.0601 0x0da8  C:\Windows\System32\samsrv.dll - ok
03:11:47.0617 0x0da8  [ 898E7C06A350D4A1A64A9EA264D55452, 0530B49018B59D4DCD3ECBC19E95B81438208AF34BC876BD07129A79896B4D7E ] C:\Windows\System32\winlogon.exe
03:11:47.0617 0x0da8  C:\Windows\System32\winlogon.exe - ok
03:11:47.0617 0x0da8  [ 4AAFC7461633848AA87A363B2CBEC522, F2A452B5B71293011EED8CD5ABFA8D0B0761A92D4579CF9D98B1D2DC06D16791 ] C:\Windows\System32\winsta.dll
03:11:47.0617 0x0da8  C:\Windows\System32\winsta.dll - ok
03:11:47.0633 0x0da8  [ 459B48188494490707DCA8BAA91AA185, E108A46F446A273BF118A73D4790FC85D49D6CE8ECC581AAEB942A1558D21327 ] C:\Windows\System32\cryptdll.dll
03:11:47.0633 0x0da8  C:\Windows\System32\cryptdll.dll - ok
03:11:47.0648 0x0da8  [ 85E861D0B88DB2B54ACB0839654C09F7, 751E4F1F282C3798712AFF551D1525D5D65B5E8229689862AAB0BBDCC35A5925 ] C:\Windows\System32\dnsapi.dll
03:11:47.0648 0x0da8  C:\Windows\System32\dnsapi.dll - ok
03:11:47.0648 0x0da8  [ EE2FF9A3FC4404234BE3B7C6AA383AF8, 51BF3C48BE9BF81A800EF5B247E03C78980B3FFFF37688C42C0F253351EEF4C1 ] C:\Windows\System32\msasn1.dll
03:11:47.0648 0x0da8  C:\Windows\System32\msasn1.dll - ok
03:11:47.0664 0x0da8  [ 7F0F1D4B0D847696F8E309423D227DCE, 4460A2E8B27EB74E951DF328DABFC6C905DD1538D2F2BEE59B2FDA05482CE9F7 ] C:\Windows\System32\ntdsapi.dll
03:11:47.0664 0x0da8  C:\Windows\System32\ntdsapi.dll - ok
03:11:47.0679 0x0da8  [ 453DE2958C885527E20C79A3FEFE6AF7, AC40DC0D1224A2F6FAA1A3396345371CAE7312C6D7EF0923602B2E89ED22BA2B ] C:\Windows\System32\samlib.dll
03:11:47.0679 0x0da8  C:\Windows\System32\samlib.dll - ok
03:11:47.0679 0x0da8  [ 0317420D419E1885894B3ED9D375D245, 17F4C64CA4FE560F09DA4C1D13D62B525B5C7B6FDD44B846C6953D595D83CF3D ] C:\Windows\System32\crypt32.dll
03:11:47.0679 0x0da8  C:\Windows\System32\crypt32.dll - ok
03:11:47.0695 0x0da8  [ 965AC9FBF2C67231C157E99C03C58D24, 732E6307AE0C8916F47CB0E74562C7991CF44D5656C5E071D3FBDF31EA734409 ] C:\Windows\System32\feclient.dll
03:11:47.0695 0x0da8  C:\Windows\System32\feclient.dll - ok
03:11:47.0695 0x0da8  [ 1F94EA31C9543B855F53BDAC7792DA4E, 3697D031632C47FC5AAB4208C05A7C4098DF390103CFDE99A512F685AD057F40 ] C:\Windows\System32\mpr.dll
03:11:47.0695 0x0da8  C:\Windows\System32\mpr.dll - ok
03:11:47.0711 0x0da8  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] C:\Windows\System32\browser.dll
03:11:47.0711 0x0da8  C:\Windows\System32\browser.dll - ok
03:11:47.0726 0x0da8  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] C:\Windows\System32\certprop.dll
03:11:47.0726 0x0da8  C:\Windows\System32\certprop.dll - ok
03:11:47.0726 0x0da8  [ 4211249955AF9133E2E357CC92B54DFD, 5868F1B809783723C45D3A60DC6B2A21C216E9329D131B282A5851E38603DF55 ] C:\Windows\System32\comres.dll
03:11:47.0726 0x0da8  C:\Windows\System32\comres.dll - ok
03:11:47.0742 0x0da8  [ C6DF7A87063D006ECF1FD8156CB6DE3F, 921AB6B88444B364F05D8EDF0EDDFA0892353A862CD3580F7EDA311E4FDC26B6 ] C:\Windows\System32\SLC.dll
03:11:47.0742 0x0da8  C:\Windows\System32\SLC.dll - ok
03:11:47.0758 0x0da8  [ 4DE3C4D07BAFDE616EFA0ADE076CBAC2, 9088837534980C39A885BF9FE2B0945166A433F0263DE7F8E9D4F5E153A70DF3 ] C:\Windows\System32\wevtapi.dll
03:11:47.0758 0x0da8  C:\Windows\System32\wevtapi.dll - ok
03:11:47.0758 0x0da8  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] C:\Windows\System32\dhcpcsvc.dll
03:11:47.0758 0x0da8  C:\Windows\System32\dhcpcsvc.dll - ok
03:11:47.0773 0x0da8  [ 4FE8425F21B3F0F8C4B4726351D43EAA, F45C1429BD60EEAB7BE8C2114B9C819CED7583249CEE1AB234A8A05A484528A9 ] C:\Windows\System32\IPHLPAPI.DLL
03:11:47.0773 0x0da8  C:\Windows\System32\IPHLPAPI.DLL - ok
03:11:47.0789 0x0da8  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] C:\Windows\System32\cryptsvc.dll
03:11:47.0789 0x0da8  C:\Windows\System32\cryptsvc.dll - ok
03:11:47.0789 0x0da8  [ DFB6B71CDABA9DFB49C9D2B318B97A1A, F380B9A28D56DEC902154A0251B58BD3576355EDE2CD13CF47D7F4DBE3D61C97 ] C:\Windows\System32\dhcpcsvc6.dll
03:11:47.0789 0x0da8  C:\Windows\System32\dhcpcsvc6.dll - ok
03:11:47.0804 0x0da8  [ 08D6D1692B62C9EE4062E1FA04D8FE2F, 0DDB6D64524CDED04DE6521FC834BC4507ECF4C51C9F9BC407B510222E4F0343 ] C:\Windows\System32\oleres.dll
03:11:47.0804 0x0da8  C:\Windows\System32\oleres.dll - ok
03:11:47.0820 0x0da8  [ 6B09105742C75DF80CEF21700F20F55A, D781C5F22BEBB5C51B7792EBB4421C170F2CC5FE28E9245E9D6B9D22E33423AB ] C:\Windows\System32\winnsi.dll
03:11:47.0820 0x0da8  C:\Windows\System32\winnsi.dll - ok
03:11:47.0820 0x0da8  [ 7F15B4953378C8B5161D65C26D5FED4D, 70C80736225273D083F071E625CC47E5C889E8D7426D8D3461F87D41286F06D0 ] C:\Windows\System32\cngaudit.dll
03:11:47.0820 0x0da8  C:\Windows\System32\cngaudit.dll - ok
03:11:47.0836 0x0da8  [ 74F380C8EC8813626C670D46E8A714D1, 25E20A08048DB18CB1B1071B6FF916561A809561F587E26306FB75A8AA173FE3 ] C:\Windows\System32\dfsrres.dll
03:11:47.0836 0x0da8  C:\Windows\System32\dfsrres.dll - ok
03:11:47.0851 0x0da8  [ DE0DD9AE3430F84A96B5501112A696BE, 28ED17BCAE5DB58885547213B5241F8E6599ADE3BB7834A54AC2F10D3285C45F ] C:\Windows\System32\bcrypt.dll
03:11:47.0851 0x0da8  C:\Windows\System32\bcrypt.dll - ok
03:11:47.0867 0x0da8  [ 13CC59C1B04E9F20A87987C68CD4BE3F, E65363E112CF58007CA650782997413EAFFFDAC25B66976BC7B3A2CBD5ED3933 ] C:\Windows\System32\ncrypt.dll
03:11:47.0867 0x0da8  C:\Windows\System32\ncrypt.dll - ok
03:11:47.0867 0x0da8  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] C:\Windows\System32\dot3svc.dll
03:11:47.0867 0x0da8  C:\Windows\System32\dot3svc.dll - ok
03:11:47.0883 0x0da8  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] C:\Windows\System32\dps.dll
03:11:47.0883 0x0da8  C:\Windows\System32\dps.dll - ok
03:11:47.0898 0x0da8  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] C:\Windows\System32\eapsvc.dll
03:11:47.0898 0x0da8  C:\Windows\System32\eapsvc.dll - ok
03:11:47.0898 0x0da8  [ 26F139DDEC6407508071930D3D07337E, 90EF02DCA67C68AFBEB8E2BE2E1BD6E400F2A386C3CE8AF5573E9F89B7636688 ] C:\Windows\System32\credssp.dll
03:11:47.0898 0x0da8  C:\Windows\System32\credssp.dll - ok
03:11:47.0914 0x0da8  [ AA01497884F9CBAC89470120AF78D2B1, FACE3C2E7B0796A690B2E25175579575153453D90EB9B08FB164356575FA7614 ] C:\Windows\System32\kerberos.dll
03:11:47.0914 0x0da8  C:\Windows\System32\kerberos.dll - ok
03:11:47.0929 0x0da8  [ ABE9EEA1EABEA0711610A637A7B1C25D, 973F8BE8E411E1037DFC3FE3F979412450D268E4D34C0F38F3F015D2E00CD8AC ] C:\Windows\System32\msprivs.dll
03:11:47.0929 0x0da8  C:\Windows\System32\msprivs.dll - ok
03:11:47.0929 0x0da8  [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] C:\Windows\ehome\ehrecvr.exe
03:11:47.0929 0x0da8  C:\Windows\ehome\ehrecvr.exe - ok
03:11:47.0945 0x0da8  [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] C:\Windows\ehome\ehsched.exe
03:11:47.0945 0x0da8  C:\Windows\ehome\ehsched.exe - ok
03:11:47.0945 0x0da8  [ 22CFAEB9172F5F198048401485CD0571, 94E0B8590268BD21B035297F5B0C01A4E8958A1DB39A5AA654EA1805BD30CEC2 ] C:\Windows\System32\WSHTCPIP.DLL
03:11:47.0945 0x0da8  C:\Windows\System32\WSHTCPIP.DLL - ok
03:11:47.0961 0x0da8  [ 9E80FF0752E365F97FD2D1D68C2AFDA1, 07924F0966A05A992130D29BBF634214D0DFE4081851ED18B1E334437DD008D0 ] C:\Windows\System32\wship6.dll
03:11:47.0961 0x0da8  C:\Windows\System32\wship6.dll - ok
03:11:47.0976 0x0da8  [ 05C3B38DB95BA5585817A4F898EE5581, 227357221F00BA91D7907966FF251F6834D69ABD630174A56F9A6C98723C1625 ] C:\Windows\System32\wshqos.dll
03:11:47.0976 0x0da8  C:\Windows\System32\wshqos.dll - ok
03:11:47.0976 0x0da8  [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] C:\Windows\System32\nlasvc.dll
03:11:47.0976 0x0da8  C:\Windows\System32\nlasvc.dll - ok
03:11:47.0992 0x0da8  [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] C:\Windows\ehome\ehstart.dll
03:11:47.0992 0x0da8  C:\Windows\ehome\ehstart.dll - ok
03:11:48.0008 0x0da8  [ FC62A635063B762E1C3C60EA77279378, 9C7ADE37C9F2F9CC5A79D75260736C3791C7A73FB84BE6B7E575CA31A4B99667 ] C:\Windows\System32\NapiNSP.dll
03:11:48.0008 0x0da8  C:\Windows\System32\NapiNSP.dll - ok
03:11:48.0008 0x0da8  [ 690D41DF1D555F96D4898A0F54EBA065, 3A8C9304D49657765DF0FCCEAE2A529982025D8677CCA5930824921F77B8F404 ] C:\Windows\System32\pnrpnsp.dll
03:11:48.0008 0x0da8  C:\Windows\System32\pnrpnsp.dll - ok
03:11:48.0023 0x0da8  [ 8617350C9B590B63E620881092751BCB, 4D16A2197F9ED9062CFD93061294FB8E1068071D03E72B6CF3C7256F1B454A9B ] C:\Windows\System32\mswsock.dll
03:11:48.0023 0x0da8  C:\Windows\System32\mswsock.dll - ok
03:11:48.0039 0x0da8  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] C:\Windows\System32\emdmgmt.dll
03:11:48.0039 0x0da8  C:\Windows\System32\emdmgmt.dll - ok
03:11:48.0039 0x0da8  [ 4ABCE74D012971305249E45E095E9EA6, 6D53BB81F781694577ED8F6DBF41D0900C552DEC2F433206E5B087E80B239DE3 ] C:\Windows\System32\msv1_0.dll
03:11:48.0039 0x0da8  C:\Windows\System32\msv1_0.dll - ok
03:11:48.0054 0x0da8  [ 95DAECF0FB120A7B5DA679CC54E37DDE, 492129AB9AF4F11CDE46148F6CC3AB6841D0F715DEF5E387B33CD8C79F5298BC ] C:\Windows\System32\netlogon.dll
03:11:48.0054 0x0da8  C:\Windows\System32\netlogon.dll - ok
03:11:48.0070 0x0da8  [ A1B40A28F38D27A7E3229EE4C7064434, 76CD78FAFC99C472CDFCE848B1E31037811D4D645849C9FDA1B22161A1191A2D ] C:\Windows\System32\wevtsvc.dll
03:11:48.0070 0x0da8  C:\Windows\System32\wevtsvc.dll - ok
03:11:48.0070 0x0da8  [ 72910BC4A218C49EA8E43D1FAEC403A5, AAC5026C440BA588D532703A582386EC33B2BCAE2D7A6EF7798498FDDF6F617A ] C:\Windows\System32\winbrand.dll
03:11:48.0070 0x0da8  C:\Windows\System32\winbrand.dll - ok
03:11:48.0086 0x0da8  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] C:\Windows\System32\fdPHost.dll
03:11:48.0086 0x0da8  C:\Windows\System32\fdPHost.dll - ok
03:11:48.0101 0x0da8  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] C:\Windows\System32\FDResPub.dll
03:11:48.0101 0x0da8  C:\Windows\System32\FDResPub.dll - ok
03:11:48.0101 0x0da8  [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] C:\Windows\System32\FntCache.dll
03:11:48.0101 0x0da8  C:\Windows\System32\FntCache.dll - ok
03:11:48.0117 0x0da8  [ 50E3E76B0901BB4FC029BB88BFA5CE79, 2633FB41F30C68EB68B6241F89C035B3F66CBF51EDB6B4E2FFFE562CE3EEA745 ] C:\Windows\System32\schannel.dll
03:11:48.0117 0x0da8  C:\Windows\System32\schannel.dll - ok
03:11:48.0133 0x0da8  [ 93620229F3CC3B67A3528BF39F064C30, BB5CD222902D528030DD6CB458691DD37BAFCCC0E35119F3C127DB5C55244780 ] C:\Windows\System32\wdigest.dll
03:11:48.0133 0x0da8  C:\Windows\System32\wdigest.dll - ok
03:11:48.0133 0x0da8  [ E14170AEA125119B98FA2BDE3FF4F462, 939758ADA9D1A7E3B6BA1DB6D9E41D3FA27A7013C156F0B63010A0FB62DD64F8 ] C:\Windows\System32\rsaenh.dll
03:11:48.0133 0x0da8  C:\Windows\System32\rsaenh.dll - ok
03:11:48.0148 0x0da8  [ F8873D15018F411588BEC02C1725BADA, 7E90B1D820733C80B438287D89FC3D4219B2C97BD878EB5BA2DBFF64BBF3938A ] C:\Windows\System32\TSpkg.dll
03:11:48.0148 0x0da8  C:\Windows\System32\TSpkg.dll - ok
03:11:48.0164 0x0da8  [ 0F420E81062757EA8363CBACD4D40D6D, 9FC3A7C512B065F18B520FE93B821717BB8B4C36BD976E8D014F71116073CF50 ] C:\Windows\System32\gpapi.dll
03:11:48.0164 0x0da8  C:\Windows\System32\gpapi.dll - ok
03:11:48.0164 0x0da8  [ 302964DCAC79D618CC7B72C778DA9FD2, 7F2980AA49592B308E5D4C1A311AE837F65E9FB35761734A936626E81F0A7F10 ] C:\Windows\System32\PresentationHost.exe
03:11:48.0164 0x0da8  C:\Windows\System32\PresentationHost.exe - ok
03:11:48.0179 0x0da8  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] C:\Windows\System32\hidserv.dll
03:11:48.0179 0x0da8  C:\Windows\System32\hidserv.dll - ok
03:11:48.0179 0x0da8  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] C:\Windows\System32\KMSVC.DLL
03:11:48.0179 0x0da8  C:\Windows\System32\KMSVC.DLL - ok
03:11:48.0195 0x0da8  [ 0CB9D236129BFFEF9B68999761F3A697, 80F4991D01BA686C024958F5D75ACCB9B476AC410E3028D5135920619094BEEB ] C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
03:11:48.0195 0x0da8  C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok
03:11:48.0211 0x0da8  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] C:\Windows\System32\IKEEXT.DLL
03:11:48.0211 0x0da8  C:\Windows\System32\IKEEXT.DLL - ok
03:11:48.0211 0x0da8  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] C:\Windows\System32\IPBusEnum.dll
03:11:48.0211 0x0da8  C:\Windows\System32\IPBusEnum.dll - ok
03:11:48.0226 0x0da8  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] C:\Windows\System32\iphlpsvc.dll
03:11:48.0226 0x0da8  C:\Windows\System32\iphlpsvc.dll - ok
03:11:48.0242 0x0da8  [ 74C2F29CC612B2B34231BEBD824D2FB2, 0C0888AB3B2D8C8F17CA57A503C61F867C8F12A6E6F645DEFE7A2C299AA59AD8 ] C:\Windows\System32\keyiso.dll
03:11:48.0242 0x0da8  C:\Windows\System32\keyiso.dll - ok
03:11:48.0242 0x0da8  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] C:\Windows\System32\srvsvc.dll
03:11:48.0242 0x0da8  C:\Windows\System32\srvsvc.dll - ok
03:11:48.0258 0x0da8  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] C:\Windows\System32\wkssvc.dll
03:11:48.0258 0x0da8  C:\Windows\System32\wkssvc.dll - ok
03:11:48.0273 0x0da8  [ FA0593D936C9B95FB6FAA32AD1595D49, E7DEC36E708D62D6E95649F3F82DD1CB3E4A77934ABC86FD44FE1F37826901B0 ] C:\Windows\System32\lltdres.dll
03:11:48.0273 0x0da8  C:\Windows\System32\lltdres.dll - ok
03:11:48.0273 0x0da8  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] C:\Windows\System32\lmhsvc.dll
03:11:48.0273 0x0da8  C:\Windows\System32\lmhsvc.dll - ok
03:11:48.0289 0x0da8  [ 132F6237FA3BF3E9715F63A1CCF72BF1, E877AACC2DE4E93A00C76D537D471AA268DC3B983D48407C6707FC682982DBF5 ] C:\Windows\ehome\ehres.dll
03:11:48.0289 0x0da8  C:\Windows\ehome\ehres.dll - ok
03:11:48.0304 0x0da8  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] C:\Windows\System32\mmcss.dll
03:11:48.0304 0x0da8  C:\Windows\System32\mmcss.dll - ok
03:11:48.0304 0x0da8  [ 95F1EB99B81CFD6F581C85F0A0AA9B2B, 65EE7016E6235880C4443119BF32CF12D4A9A9CA3810B974B575AD31D380A7FB ] C:\Windows\System32\FirewallAPI.dll
03:11:48.0304 0x0da8  C:\Windows\System32\FirewallAPI.dll - ok
03:11:48.0315 0x0da8  [ EA822412BBBA9B7D2B1A3748AD50EFB8, 10BA6E240FEC5BB1A0A7C0D75E0495D99FD48D68CA69C0985DD921658835225C ] C:\Windows\System32\iscsidsc.dll
03:11:48.0315 0x0da8  C:\Windows\System32\iscsidsc.dll - ok
03:11:48.0336 0x0da8  [ ED21401F1E2F6BC2F54C462BB66D0D6B, 7E3874AFB57CA6B7CDA3833DB0E43E9D2BEE7C5C70AC1182260740CCA40291CA ] C:\Windows\System32\msimsg.dll
03:11:48.0336 0x0da8  C:\Windows\System32\msimsg.dll - ok
03:11:48.0351 0x0da8  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] C:\Windows\System32\QAGENTRT.DLL
03:11:48.0351 0x0da8  C:\Windows\System32\QAGENTRT.DLL - ok
03:11:48.0367 0x0da8  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] C:\Windows\System32\netman.dll
03:11:48.0367 0x0da8  C:\Windows\System32\netman.dll - ok
03:11:48.0367 0x0da8  [ 43DF1E019494642C3F7AED0FCB231D27, E79E4A431ABDF9F5E024558782981FFB3FE7D3648833ADD6F82CD62467800CAB ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll
03:11:48.0367 0x0da8  C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll - ok
03:11:48.0383 0x0da8  [ ED640F4CE585058119B824CC76591D9C, B8FA63CEE5105DD034084F34D0FDB223EAC1228888EDBD9EB48BF1B64F720C0E ] C:\Windows\System32\netprof.dll
03:11:48.0383 0x0da8  C:\Windows\System32\netprof.dll - ok
03:11:48.0398 0x0da8  [ 68B8B67FB978FD30087E4BFED259CAE9, AB3B34956C3291A01088FDE1FE75F8CA01750469875E490D0A1722D7FEC78EEA ] C:\Program Files\Microsoft Security Client\MpAsDesc.dll
03:11:48.0398 0x0da8  C:\Program Files\Microsoft Security Client\MpAsDesc.dll - ok
03:11:48.0398 0x0da8  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] C:\Windows\System32\nsisvc.dll
03:11:48.0398 0x0da8  C:\Windows\System32\nsisvc.dll - ok
03:11:48.0414 0x0da8  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] C:\Windows\System32\p2psvc.dll
03:11:48.0414 0x0da8  C:\Windows\System32\p2psvc.dll - ok
03:11:48.0429 0x0da8  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] C:\Windows\System32\pcasvc.dll
03:11:48.0429 0x0da8  C:\Windows\System32\pcasvc.dll - ok
03:11:48.0429 0x0da8  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] C:\Windows\System32\pla.dll
03:11:48.0429 0x0da8  C:\Windows\System32\pla.dll - ok
03:11:48.0445 0x0da8  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] C:\Windows\System32\umpnpmgr.dll
03:11:48.0445 0x0da8  C:\Windows\System32\umpnpmgr.dll - ok
03:11:48.0445 0x0da8  [ 64B28D672B5B6A01E87B0C3096B1E047, D4E5875A25E0EBEFD4AE38A3BA508CF99DD7278E7D4E1C95C7E1B8E42F381A10 ] C:\Windows\System32\polstore.dll
03:11:48.0445 0x0da8  C:\Windows\System32\polstore.dll - ok
03:11:48.0461 0x0da8  [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] C:\Windows\System32\profsvc.dll
03:11:48.0461 0x0da8  C:\Windows\System32\profsvc.dll - ok
03:11:48.0476 0x0da8  [ 08F9134A2215B7ED985409A4DF60AC60, BAFFCA0BA71A11FE63AB8411D8951E9AE087E31E04E9D226CCB21E82B79F2DCE ] C:\Windows\System32\psbase.dll
03:11:48.0476 0x0da8  C:\Windows\System32\psbase.dll - ok
03:11:48.0476 0x0da8  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] C:\Windows\System32\qwave.dll
03:11:48.0476 0x0da8  C:\Windows\System32\qwave.dll - ok
03:11:48.0492 0x0da8  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] C:\Windows\System32\drivers\qwavedrv.sys
03:11:48.0492 0x0da8  C:\Windows\System32\drivers\qwavedrv.sys - ok
03:11:48.0508 0x0da8  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] C:\Windows\System32\rasauto.dll
03:11:48.0508 0x0da8  C:\Windows\System32\rasauto.dll - ok
03:11:48.0508 0x0da8  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] C:\Windows\System32\rasmans.dll
03:11:48.0508 0x0da8  C:\Windows\System32\rasmans.dll - ok
03:11:48.0523 0x0da8  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] C:\Windows\System32\sstpsvc.dll
03:11:48.0523 0x0da8  C:\Windows\System32\sstpsvc.dll - ok
03:11:48.0539 0x0da8  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] C:\Windows\System32\mprdim.dll
03:11:48.0539 0x0da8  C:\Windows\System32\mprdim.dll - ok
03:11:48.0539 0x0da8  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] C:\Windows\System32\regsvc.dll
03:11:48.0539 0x0da8  C:\Windows\System32\regsvc.dll - ok
03:11:48.0554 0x0da8  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] C:\Windows\System32\Locator.exe
03:11:48.0554 0x0da8  C:\Windows\System32\Locator.exe - ok
03:11:48.0570 0x0da8  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] C:\Windows\System32\SCardSvr.dll
03:11:48.0570 0x0da8  C:\Windows\System32\SCardSvr.dll - ok
03:11:48.0570 0x0da8  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] C:\Windows\System32\schedsvc.dll
03:11:48.0570 0x0da8  C:\Windows\System32\schedsvc.dll - ok
03:11:48.0586 0x0da8  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] C:\Windows\System32\sdrsvc.dll
03:11:48.0586 0x0da8  C:\Windows\System32\sdrsvc.dll - ok
03:11:48.0601 0x0da8  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] C:\Windows\System32\seclogon.dll
03:11:48.0601 0x0da8  C:\Windows\System32\seclogon.dll - ok
03:11:48.0601 0x0da8  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] C:\Windows\System32\Sens.dll
03:11:48.0601 0x0da8  C:\Windows\System32\Sens.dll - ok
03:11:48.0617 0x0da8  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] C:\Windows\System32\SessEnv.dll
03:11:48.0617 0x0da8  C:\Windows\System32\SessEnv.dll - ok
03:11:48.0633 0x0da8  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] C:\Windows\System32\ipnathlp.dll
03:11:48.0633 0x0da8  C:\Windows\System32\ipnathlp.dll - ok
03:11:48.0633 0x0da8  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] C:\Windows\System32\shsvcs.dll
03:11:48.0633 0x0da8  C:\Windows\System32\shsvcs.dll - ok
03:11:48.0648 0x0da8  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] C:\Windows\System32\SLsvc.exe
03:11:48.0648 0x0da8  C:\Windows\System32\SLsvc.exe - ok
03:11:48.0664 0x0da8  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] C:\Windows\System32\SLUINotify.dll
03:11:48.0664 0x0da8  C:\Windows\System32\SLUINotify.dll - ok
03:11:48.0664 0x0da8  [ E4060CFE50F87C72316CB0FDB20E4913, FC7D21327E5FAA424798097FBE5A2F7821BE8A1E54F80E81A620A52DC8E933AA ] C:\Windows\System32\tcpipcfg.dll
03:11:48.0664 0x0da8  C:\Windows\System32\tcpipcfg.dll - ok
03:11:48.0679 0x0da8  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] C:\Windows\System32\snmptrap.exe
03:11:48.0679 0x0da8  C:\Windows\System32\snmptrap.exe - ok
03:11:48.0679 0x0da8  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] C:\Windows\System32\spoolsv.exe
03:11:48.0679 0x0da8  C:\Windows\System32\spoolsv.exe - ok
03:11:48.0695 0x0da8  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] C:\Windows\System32\ssdpsrv.dll
03:11:48.0695 0x0da8  C:\Windows\System32\ssdpsrv.dll - ok
03:11:48.0711 0x0da8  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] C:\Windows\System32\wiaservc.dll
03:11:48.0711 0x0da8  C:\Windows\System32\wiaservc.dll - ok
03:11:48.0711 0x0da8  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] C:\Windows\System32\swprv.dll
03:11:48.0711 0x0da8  C:\Windows\System32\swprv.dll - ok
03:11:48.0726 0x0da8  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] C:\Windows\System32\sysmain.dll
03:11:48.0773 0x0da8  C:\Windows\System32\sysmain.dll - ok
03:11:48.0773 0x0da8  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] C:\Windows\System32\TabSvc.dll
03:11:48.0773 0x0da8  C:\Windows\System32\TabSvc.dll - ok
03:11:48.0789 0x0da8  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] C:\Windows\System32\tapisrv.dll
03:11:48.0789 0x0da8  C:\Windows\System32\tapisrv.dll - ok
03:11:48.0804 0x0da8  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] C:\Windows\System32\tbssvc.dll
03:11:48.0804 0x0da8  C:\Windows\System32\tbssvc.dll - ok
03:11:48.0804 0x0da8  [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] C:\Windows\System32\termsrv.dll
03:11:48.0804 0x0da8  C:\Windows\System32\termsrv.dll - ok
03:11:48.0820 0x0da8  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] C:\Windows\servicing\TrustedInstaller.exe
03:11:48.0820 0x0da8  C:\Windows\servicing\TrustedInstaller.exe - ok
03:11:48.0836 0x0da8  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] C:\Windows\System32\trkwks.dll
03:11:48.0836 0x0da8  C:\Windows\System32\trkwks.dll - ok
03:11:48.0836 0x0da8  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] C:\Windows\System32\UI0Detect.exe
03:11:48.0836 0x0da8  C:\Windows\System32\UI0Detect.exe - ok
03:11:48.0851 0x0da8  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] C:\Windows\System32\upnphost.dll
03:11:48.0851 0x0da8  C:\Windows\System32\upnphost.dll - ok
03:11:48.0867 0x0da8  [ 01DD1004181FD46ECDC3628228EB269D, 8AED6773AE1C8B65B4CAD6229BD05E224D348CF2A9D9F7D50F2513A9B1E14F66 ] C:\Windows\System32\dwm.exe
03:11:48.0867 0x0da8  C:\Windows\System32\dwm.exe - ok
03:11:48.0867 0x0da8  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] C:\Windows\System32\vds.exe
03:11:48.0867 0x0da8  C:\Windows\System32\vds.exe - ok
03:11:48.0883 0x0da8  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] C:\Windows\System32\VSSVC.exe
03:11:48.0883 0x0da8  C:\Windows\System32\VSSVC.exe - ok
03:11:48.0898 0x0da8  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] C:\Windows\System32\w32time.dll
03:11:48.0898 0x0da8  C:\Windows\System32\w32time.dll - ok
03:11:48.0898 0x0da8  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] C:\Windows\System32\wcncsvc.dll
03:11:48.0898 0x0da8  C:\Windows\System32\wcncsvc.dll - ok
03:11:48.0914 0x0da8  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] C:\Windows\System32\WcsPlugInService.dll
03:11:48.0914 0x0da8  C:\Windows\System32\WcsPlugInService.dll - ok
03:11:48.0929 0x0da8  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] C:\Windows\System32\drivers\Wdf01000.sys
03:11:48.0929 0x0da8  C:\Windows\System32\drivers\Wdf01000.sys - ok
03:11:48.0929 0x0da8  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] C:\Windows\System32\wdi.dll
03:11:48.0929 0x0da8  C:\Windows\System32\wdi.dll - ok
03:11:48.0945 0x0da8  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] C:\Windows\System32\WebClnt.dll
03:11:48.0945 0x0da8  C:\Windows\System32\WebClnt.dll - ok
03:11:48.0945 0x0da8  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] C:\Windows\System32\wecsvc.dll
03:11:48.0945 0x0da8  C:\Windows\System32\wecsvc.dll - ok
03:11:48.0961 0x0da8  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] C:\Windows\System32\wercplsupport.dll
03:11:48.0961 0x0da8  C:\Windows\System32\wercplsupport.dll - ok
03:11:48.0976 0x0da8  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] C:\Windows\System32\wersvc.dll
03:11:48.0976 0x0da8  C:\Windows\System32\wersvc.dll - ok
03:11:48.0992 0x0da8  [ 62DB790A860CDFC4278D2F03CC5675D8, FE5CA54BC7E89ED539BED3C578ADC745E42F3B5623A84FE52AF593CA24895F39 ] C:\Program Files\Windows Defender\MsMpRes.dll
03:11:48.0992 0x0da8  C:\Program Files\Windows Defender\MsMpRes.dll - ok
03:11:48.0992 0x0da8  [ DBD02E3E6F061EBBBF9B99A9D7CBA30B, 2C65C129BD1D4279B78E7EDF83F6FB398B705A56A99942F4CA61C9E52D21D25A ] C:\Windows\System32\winhttp.dll
03:11:48.0992 0x0da8  C:\Windows\System32\winhttp.dll - ok
03:11:49.0008 0x0da8  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] C:\Windows\System32\wbem\WMIsvc.dll
03:11:49.0008 0x0da8  C:\Windows\System32\wbem\WMIsvc.dll - ok
03:11:49.0023 0x0da8  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] C:\Windows\System32\WsmSvc.dll
03:11:49.0023 0x0da8  C:\Windows\System32\WsmSvc.dll - ok
03:11:49.0023 0x0da8  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] C:\Windows\System32\wlansvc.dll
03:11:49.0023 0x0da8  C:\Windows\System32\wlansvc.dll - ok
03:11:49.0039 0x0da8  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] C:\Windows\System32\wbem\WmiApSrv.exe
03:11:49.0039 0x0da8  C:\Windows\System32\wbem\WmiApSrv.exe - ok
03:11:49.0054 0x0da8  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] C:\Program Files\Windows Media Player\wmpnetwk.exe
03:11:49.0054 0x0da8  C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
03:11:49.0054 0x0da8  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] C:\Windows\System32\wpcsvc.dll
03:11:49.0054 0x0da8  C:\Windows\System32\wpcsvc.dll - ok
03:11:49.0070 0x0da8  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] C:\Windows\System32\wpdbusenum.dll
03:11:49.0070 0x0da8  C:\Windows\System32\wpdbusenum.dll - ok
03:11:49.0086 0x0da8  [ F8D3544ACBCE9110362119F7C10D848E, 31C49201A931751A36286874AC0B929D886F490D7CE48CCC9283850A56AD9FD9 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
03:11:49.0086 0x0da8  C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe - ok
03:11:49.0086 0x0da8  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] C:\Windows\System32\wscsvc.dll
03:11:49.0086 0x0da8  C:\Windows\System32\wscsvc.dll - ok
03:11:49.0101 0x0da8  [ AED0DFF80C6B3914769407E78D7AB21A, 5B9779B163302F80A256AACBBE2E22B827EDDEC491F109C439184CBD5B343151 ] C:\Windows\System32\SearchIndexer.exe
03:11:49.0101 0x0da8  C:\Windows\System32\SearchIndexer.exe - ok
03:11:49.0117 0x0da8  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] C:\Windows\System32\wuaueng.dll
03:11:49.0117 0x0da8  C:\Windows\System32\wuaueng.dll - ok
03:11:49.0117 0x0da8  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] C:\Windows\System32\drivers\WUDFPf.sys
03:11:49.0117 0x0da8  C:\Windows\System32\drivers\WUDFPf.sys - ok
03:11:49.0133 0x0da8  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] C:\Windows\System32\WUDFSvc.dll
03:11:49.0133 0x0da8  C:\Windows\System32\WUDFSvc.dll - ok
03:11:49.0148 0x0da8  [ 8FC182167381E9915651267044105EE1, A0F0039496CA0755C07E7F249D4101D66FA64AFA5C8CE036428060AB106A1250 ] C:\Windows\System32\scecli.dll
03:11:49.0148 0x0da8  C:\Windows\System32\scecli.dll - ok
03:11:49.0148 0x0da8  [ CD08EEC61C591AF59A39F4363C567D30, 6A8413BE885A07235F59846FAD986B7A65CF009EAD78DD378114B6362DDDB371 ] C:\Windows\System32\ntmarta.dll
03:11:49.0148 0x0da8  C:\Windows\System32\ntmarta.dll - ok
03:11:49.0164 0x0da8  [ 3794B461C45882E06856F282EEF025AF, D4F79D7BC639FE86AC68961E6273836B9D7AF491773FD054395B33D317017BEB ] C:\Windows\System32\svchost.exe
03:11:49.0164 0x0da8  C:\Windows\System32\svchost.exe - ok
03:11:49.0179 0x0da8  [ 9A7F4B2EDACD11444D048AA19CBB26AF, 2CC3632D39484C959855B8A27DDED12A44765D7723CCF150E9F8B70015F1AA2E ] C:\Windows\System32\powrprof.dll
03:11:49.0179 0x0da8  C:\Windows\System32\powrprof.dll - ok
03:11:49.0179 0x0da8  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] C:\Windows\System32\drivers\luafv.sys
03:11:49.0179 0x0da8  C:\Windows\System32\drivers\luafv.sys - ok
03:11:49.0195 0x0da8  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] C:\Windows\System32\rpcss.dll
03:11:49.0195 0x0da8  C:\Windows\System32\rpcss.dll - ok
03:11:49.0211 0x0da8  [ 69827805A221C21450BA22F4326A2EE3, 2580CEB58BE4AEF7DEB134F3AD251188CAED05BC992B4FA977CCD11BD583BE5E ] C:\Windows\System32\version.dll
03:11:49.0211 0x0da8  C:\Windows\System32\version.dll - ok
03:11:49.0211 0x0da8  [ A4B109D057E15A438CE74E5B71187417, C91568C1AE2863218988D4D7A2B64041AB2C1EE2E9DF3720407FCE513ADA056F ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
03:11:49.0211 0x0da8  C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
03:11:49.0226 0x0da8  [ ABDD848DF96EE59C86F1167BA79F79D0, 85C115E8AB0E64CF3DEDA9208A1C75E132DC1E93BDCF5F5627506B5F8B666573 ] C:\Program Files\Microsoft Security Client\MpSvc.dll
03:11:49.0226 0x0da8  C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
03:11:49.0242 0x0da8  [ 62D577288B48998FC6667BF22DC5B690, 2AE9E184BA655EB56488A3DEFF1C7C37B1C99EEB821E961390FCE2EFCE6D7CBF ] C:\Windows\System32\LogonUI.exe
03:11:49.0242 0x0da8  C:\Windows\System32\LogonUI.exe - ok
03:11:49.0242 0x0da8  [ 1BD89641D9B1012796AFADAB9A659974, F892ACD91D13CC98F21146A6E4FACB15FA36253F5B9EA0540480488097DE08F1 ] C:\Windows\System32\authui.dll
03:11:49.0242 0x0da8  C:\Windows\System32\authui.dll - ok
03:11:49.0258 0x0da8  [ 15C8AFC4F5E0CCD3C692BA860526528E, AC2192186E7CFD1167A892246FC7E421478E28946DF52D5EE201B117EC20D09B ] C:\Program Files\Microsoft Security Client\MpClient.dll
03:11:49.0258 0x0da8  C:\Program Files\Microsoft Security Client\MpClient.dll - ok
03:11:49.0273 0x0da8  [ F42483814FC39170B3982A184EC5AAA2, DD8A1E7C6714DF07742EFDF6CA5AB93CDC547F56EB8C1066C56A68E83A818DD2 ] C:\Windows\System32\wtsapi32.dll
03:11:49.0273 0x0da8  C:\Windows\System32\wtsapi32.dll - ok
03:11:49.0273 0x0da8  [ D16A740186870C32941C0E61DF4F1298, 070E994DC851F9E397CCABCB2227D3E4E096463E89BF34E3C09896BF9A08C91E ] C:\Windows\System32\wintrust.dll
03:11:49.0273 0x0da8  C:\Windows\System32\wintrust.dll - ok
03:11:49.0289 0x0da8  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] C:\Program Files\Windows Defender\MpSvc.dll
03:11:49.0289 0x0da8  C:\Program Files\Windows Defender\MpSvc.dll - ok
03:11:49.0304 0x0da8  [ 1BD363738B672A394EBE3B8A78EAB9D3, 68D405EE3AE5A013E631892D6F4AAA8C654C2BCE30D749E9DAA3C49823006BA9 ] C:\Program Files\Windows Defender\MpClient.dll
03:11:49.0304 0x0da8  C:\Program Files\Windows Defender\MpClient.dll - ok
03:11:49.0304 0x0da8  [ BE3C082837866C4C291ADAF163C10EA6, 9C65ABFE6E11B05C9309B86A87ADDD3557C043D4582E1A29530EBC36D470B13D ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
03:11:49.0304 0x0da8  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll - ok
03:11:49.0320 0x0da8  [ 2EC53B5A351C4D443896DBAD117F7E82, E158AD22F1905B41D7975E3725D7A870FB192D7258C4330DF06CD4AC02A7CFE4 ] C:\Windows\System32\msimg32.dll
03:11:49.0320 0x0da8  C:\Windows\System32\msimg32.dll - ok
03:11:49.0336 0x0da8  [ 999D69DEB576C2C424294DF025891CC6, ED634C9829E87F4D016446F2E2F44B542A263F166F69EF5759BBE964A457ECBE ] C:\Windows\System32\uxtheme.dll
03:11:49.0336 0x0da8  C:\Windows\System32\uxtheme.dll - ok
03:11:49.0336 0x0da8  [ 33F571D9F4B0B4107E60323075F64980, A5C8FE2BDED4C10D0CB4F0AF26F644C95C613EF49AAA44CF1A0047532652C92A ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.19096_none_9e59a14eca0fa8de\GdiPlus.dll
03:11:49.0336 0x0da8  C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.19096_none_9e59a14eca0fa8de\GdiPlus.dll - ok
03:11:49.0351 0x0da8  [ 75EB73E64F5B4655D9797D20F26DE320, 4AA94D039AC5BD7D39766C4E2A4F7DFCDD46782D3B2483677D722949A7B790FC ] C:\Windows\System32\duser.dll
03:11:49.0351 0x0da8  C:\Windows\System32\duser.dll - ok
03:11:49.0368 0x0da8  [ 1908CC7673F72601AFFDCA022689CEDF, 57E9F87421D7D7447F0BE5B6746D90DECFBCF82972E9A08E2F3943F6CDAE9F84 ] C:\Windows\System32\xmllite.dll
03:11:49.0368 0x0da8  C:\Windows\System32\xmllite.dll - ok
03:11:49.0384 0x0da8  [ B25DBBA6C63A61FF4AFDB5ADAB4E70CB, 272C4175900FD4DD36E863BF6658AA1DB863C01573E0C89E354754938AA32EDF ] C:\Windows\System32\SmartcardCredentialProvider.dll
03:11:49.0384 0x0da8  C:\Windows\System32\SmartcardCredentialProvider.dll - ok
03:11:49.0399 0x0da8  [ 9DC3723519F52B6BC63EACD4BD411313, 7EA9EC9AD518AA9E575100E052CAC44EC2443501C4E133E9C7C70A05A171D239 ] C:\Windows\System32\rasplap.dll
03:11:49.0399 0x0da8  C:\Windows\System32\rasplap.dll - ok
03:11:49.0399 0x0da8  [ 3CB863B78642405371CB3A71C07E2382, 571D43BBB0D0D54A7D508E9D0E70CDF5F1F3B147B4F6B15EB3D893401BB6F40F ] C:\Windows\System32\rasapi32.dll
03:11:49.0399 0x0da8  C:\Windows\System32\rasapi32.dll - ok
03:11:49.0415 0x0da8  [ 3A1DDA77F331D107BA40DB06E4D666E9, 544A63148756AD0E993DD79F0656E73E23386BF0DA54394000044FD0972C838D ] C:\Windows\System32\rasman.dll
03:11:49.0415 0x0da8  C:\Windows\System32\rasman.dll - ok
03:11:49.0430 0x0da8  [ 70F08ECE7A30A639D3F0C8C433685C7D, E7B852E949D0DB9C3D63C4F49DECF9C93781142EAC6F6D66C9FC8E0027E904F4 ] C:\Windows\System32\tapi32.dll
03:11:49.0430 0x0da8  C:\Windows\System32\tapi32.dll - ok
03:11:49.0430 0x0da8  [ 3D418A22A56471295AEB1CEB9027C3DA, C1D5E63B7400E6436E348AE1D9E2B3701174856DDAACE39C00134DC89497AACF ] C:\Windows\System32\rtutils.dll
03:11:49.0430 0x0da8  C:\Windows\System32\rtutils.dll - ok
03:11:49.0446 0x0da8  [ 14FF750EFE13B0C21E5A06507C3A97B1, 6962EE642FB635442D3E75CE022BAFE78FA453DD6E8E3DAC8B484C699454AF0F ] C:\Windows\System32\winmm.dll
03:11:49.0446 0x0da8  C:\Windows\System32\winmm.dll - ok
03:11:49.0462 0x0da8  [ DC15AB7168C0309D8F04FD95B6240422, C94550429403C710A2BD26EA67AEF698522CF4826C0A4C4A7D2CBC3145AB40A6 ] C:\Windows\System32\oleacc.dll
03:11:49.0462 0x0da8  C:\Windows\System32\oleacc.dll - ok
03:11:49.0462 0x0da8  [ 627920CFF5DFCF8CF54CF2D592D61307, 5339B6E9EA04AD8FCFF976E0DEBB62C1591980E50906DC0D11640EB6CD6CF183 ] C:\Windows\System32\WinSCard.dll
03:11:49.0462 0x0da8  C:\Windows\System32\WinSCard.dll - ok
03:11:49.0477 0x0da8  [ 12A1DF1B84FB45A00D47B2CDE2CEEBBA, 66CE19049421B34597E201843577E8299462D9338B87461FDEC477D54C04DD36 ] C:\Windows\System32\shgina.dll
03:11:49.0477 0x0da8  C:\Windows\System32\shgina.dll - ok
03:11:49.0477 0x0da8  [ 70932D6C3D59B416CBD2BE5A3B3D4BE6, E2590A9E0343B5FE5CB68AFFB33D3DD5320002A5228B6316FC71468BABD19DC8 ] C:\Windows\System32\shacct.dll
03:11:49.0493 0x0da8  C:\Windows\System32\shacct.dll - ok
03:11:49.0493 0x0da8  [ 7DACD94118E2D8B6D72F47ADEB0367BF, 6467DE36C7DB6502AF17210148194F16BE76A9BA793105FAC763536CC14CE693 ] C:\Windows\System32\propsys.dll
03:11:49.0493 0x0da8  C:\Windows\System32\propsys.dll - ok
03:11:49.0509 0x0da8  [ F1366A8B01A43F9EF79C5973E60745BB, 93DE91F9320B559936F843F39A3756CF3B30D81F89E22364A09B4EC462C10972 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
03:11:49.0509 0x0da8  C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
03:11:49.0524 0x0da8  [ 86FB6B8DDBCB6E025CE8A90F77AF1FF1, BA0D5BCABD354D86AEE228C9135E643D5DBB4F538BAF4BA4CEEE2D5504BD0D34 ] C:\Windows\System32\Ati2evxx.exe
03:11:49.0524 0x0da8  C:\Windows\System32\Ati2evxx.exe - ok
03:11:49.0524 0x0da8  [ 1A09CB187440993FA5E24DE1EEB7B916, DE0ABF6A3D7AD303A10E2E114EAA0E8F064EF5298270FC9548028010DBE4FFAC ] C:\Windows\System32\cfgmgr32.dll
03:11:49.0524 0x0da8  C:\Windows\System32\cfgmgr32.dll - ok
03:11:49.0540 0x0da8  [ 80464E880591682EF6A8F98CB0DFF6B1, 1F189586B49BAF6D9B3CE352752DF588E9917ADF3A481C22DAFBCC4A61387B3E ] C:\Program Files\Microsoft Security Client\MpCommu.dll
03:11:49.0540 0x0da8  C:\Program Files\Microsoft Security Client\MpCommu.dll - ok
03:11:49.0555 0x0da8  [ 9085D6F7959FE3052CD6348857E50A01, 0C198D6306198C0838A6E31BB0F5C44DADF2F94223F5828024B2ED5A6D4DCA6A ] C:\Program Files\Microsoft Security Client\MpRTP.dll
03:11:49.0555 0x0da8  C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
03:11:49.0555 0x0da8  [ 7E206C7B6EF79C02F9148D1700F8D137, 370B36DDA757C90EBC5EB792F57AD99281EF13A62F5887203E1D2EC4BECB53A3 ] C:\Program Files\Microsoft Security Client\MsMpLics.dll
03:11:49.0555 0x0da8  C:\Program Files\Microsoft Security Client\MsMpLics.dll - ok
03:11:49.0571 0x0da8  [ A9542FF2E9A82CF100E5729EC79068F0, DE0E39246536BD63CC5DFF8CE9E379121126573AB284BAD3782E5B217239F858 ] C:\Windows\System32\fltLib.dll
03:11:49.0571 0x0da8  C:\Windows\System32\fltLib.dll - ok
03:11:49.0587 0x0da8  [ 6460D4A5C981567E74A7AC1349DE10F5, 9C16035B9A9BE3D7077851621E9BDED223B4C6A156562076957B49B9FCAB3A05 ] C:\Windows\System32\drivers\MpFilter.sys
03:11:49.0587 0x0da8  C:\Windows\System32\drivers\MpFilter.sys - ok
03:11:49.0587 0x0da8  [ 51D691F6DB6293A56D9BAA798B1CE08B, D335BFE25018CA81FB26E0090106EF11BED261248E9DE32A69A60C8BE708BBCE ] C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll
03:11:49.0587 0x0da8  C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll - ok
03:11:49.0602 0x0da8  [ D26B73F34CD1B70C77EADC04438344B3, 6B79E9CB30A0A433486CAA03A2735E65530AD2170BF42840F86086F0B5F08F06 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3A17439A-2D46-4A95-806E-DEF9586A7465}\mpengine.dll
03:11:49.0602 0x0da8  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3A17439A-2D46-4A95-806E-DEF9586A7465}\mpengine.dll - ok
03:11:49.0618 0x0da8  [ 56B5914070B2C243DFB3D186070DA89D, 657EBC48F8AE297F76898C5417797C3542B086C40F84D32F7D76FA14893B2C08 ] C:\Windows\System32\MMDevAPI.dll
03:11:49.0618 0x0da8  C:\Windows\System32\MMDevAPI.dll - ok
03:11:49.0618 0x0da8  [ C9244BCAC83B259B920BBEE18A97BFE1, 9EA58407433F86BAAC3B4A6C334FB3BC59032FF4EB50EFA7CD639AA56D96E908 ] C:\Windows\System32\avrt.dll
03:11:49.0618 0x0da8  C:\Windows\System32\avrt.dll - ok
03:11:49.0634 0x0da8  [ A99871BA522CB2539AE275AC18CACC8F, CBE1F5B357AAE3EA03E8E0AE2E1A1DE4EDF8F35AD056DCF1DC4E413284C86FC3 ] C:\Windows\System32\cabinet.dll
03:11:49.0634 0x0da8  C:\Windows\System32\cabinet.dll - ok
03:11:49.0649 0x0da8  [ D5CF1536137026ACDED95BF6CBF849F6, 1F98483A28319F06716F4EC4E1F48DE3B2DC07783D6406EED9B4DBADC9C17E65 ] C:\Windows\System32\WUDFPlatform.dll
03:11:49.0649 0x0da8  C:\Windows\System32\WUDFPlatform.dll - ok
03:11:49.0649 0x0da8  [ 3437B9E218A2E4586BEF4F7A3BD00777, 01FBFA70A741B1717430FCA58F675C2154B83907BD35D75A444C191FB2C2B1A2 ] C:\Windows\System32\audiodg.exe
03:11:49.0649 0x0da8  C:\Windows\System32\audiodg.exe - ok
03:11:49.0665 0x0da8  [ 4DF066ECEE5A7B20BF8B39EF4D646600, CA1859155E0187388E3C774B796A27B773C026E4D06C9193EF6B23C6990E4E8E ] C:\Windows\System32\wdmaud.drv
03:11:49.0665 0x0da8  C:\Windows\System32\wdmaud.drv - ok
03:11:49.0680 0x0da8  [ 919CC2A0476D5A6A4C935D4B88E29912, E9884E7565BAA72CEF0B805908B1B78C759074E9402CB5CC563A2F73B875DCBA ] C:\Windows\System32\ksuser.dll
03:11:49.0680 0x0da8  C:\Windows\System32\ksuser.dll - ok
03:11:49.0680 0x0da8  [ DB7F4AB85298F3FE522C5512B8B0F56D, A659963B55DBF26657920B718E6598F0B64975B292BA9AB5FCFB4485B5CF9DDF ] C:\Windows\System32\AudioEng.dll
03:11:49.0680 0x0da8  C:\Windows\System32\AudioEng.dll - ok
03:11:49.0696 0x0da8  [ 7258434974EA735725FD2D4A65C5E821, 4D4BCEEDAA3B293B599CED5777E3695C8B1A07805FE84223A72A5785CA68E6F4 ] C:\Windows\System32\AudioSes.dll
03:11:49.0696 0x0da8  C:\Windows\System32\AudioSes.dll - ok
03:11:49.0696 0x0da8  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] C:\Windows\System32\gpsvc.dll
03:11:49.0696 0x0da8  C:\Windows\System32\gpsvc.dll - ok
03:11:49.0712 0x0da8  [ 409F36C8BD06FCE184631EB4142B009A, 5DEEA3B8937B9C3DD716060819E78A1C12AD00A7D0EC8CB47823B7EE856CCFE1 ] C:\Windows\System32\atl.dll
03:11:49.0712 0x0da8  C:\Windows\System32\atl.dll - ok
03:11:49.0727 0x0da8  [ D1A84F7D4CAFCFE2A32149FF418056E5, 1BF29E5E1C541F36DEDCD0DDCCCA0F35D19E94D2655055EE2477439940BAAFF1 ] C:\Windows\System32\nlaapi.dll
03:11:49.0727 0x0da8  C:\Windows\System32\nlaapi.dll - ok
03:11:49.0727 0x0da8  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] C:\Windows\System32\es.dll
03:11:49.0727 0x0da8  C:\Windows\System32\es.dll - ok
03:11:49.0743 0x0da8  [ 83199EF88D691E730B80666E29F90D58, A7D3E5CA5AE7308201159A25BE59C0A90C079F88F0D588BEA7CE98BBD2838FB0 ] C:\Windows\System32\midimap.dll
03:11:49.0743 0x0da8  C:\Windows\System32\midimap.dll - ok
03:11:49.0759 0x0da8  [ BDBB449425991154135E5ED1559927E6, C89AE8DD76EC8F669B5FFA9F8CBB4531743D3E1D8975B416EF2CB5AB35DB4EF2 ] C:\Windows\System32\msacm32.dll
03:11:49.0759 0x0da8  C:\Windows\System32\msacm32.dll - ok
03:11:49.0759 0x0da8  [ 166F004D73EA2CF4AC61800CA469458D, 7C1D83DC49505E452D7AFD843312B1B197BBB613D604BFF41FD4235B06F24EF3 ] C:\Windows\System32\msacm32.drv
03:11:49.0759 0x0da8  C:\Windows\System32\msacm32.drv - ok
03:11:49.0774 0x0da8  [ EC43D9CC95C3BB5FEFDBCF22D375E1F5, 088BF98E433F7E25889262549DC1C27FB0DF8C26905B5BF4A0F69AA3DA0995E5 ] C:\Windows\System32\adtschema.dll
03:11:49.0774 0x0da8  C:\Windows\System32\adtschema.dll - ok
03:11:49.0790 0x0da8  [ 296937202E4D930AAE98085B99D744D8, 65F569B7291307FD2B0F782888F18E23027A8F986CFB7B719CA53E93FA3B1367 ] C:\Windows\System32\AUDIOKSE.dll
03:11:49.0790 0x0da8  C:\Windows\System32\AUDIOKSE.dll - ok
03:11:49.0790 0x0da8  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] C:\Windows\System32\uxsms.dll
03:11:49.0790 0x0da8  C:\Windows\System32\uxsms.dll - ok
03:11:49.0805 0x0da8  [ 8269CC01940A202BBB9FDF26705DBD67, 70DAB5CBEB5B2855784A9F6E3A52FD36C6FE18415FB01176481F85AEF5B3E67B ] C:\Windows\System32\hid.dll
03:11:49.0805 0x0da8  C:\Windows\System32\hid.dll - ok
03:11:49.0821 0x0da8  [ 41DFDCFCEF4878407AF1F6DCCA1CE905, A2EB1BAEDE62752C5705B37D0261D98CA65EA5A6FD6A94AFF1C73FF7D969D242 ] C:\Windows\System32\WMALFXGFXDSP.dll
03:11:49.0821 0x0da8  C:\Windows\System32\WMALFXGFXDSP.dll - ok
03:11:49.0821 0x0da8  [ 6836D001FC733F205ACB80A7986CB6C9, C56ACEBA2597649BE1C5D00407C57FC8A9D5F9715491884E5DB0D58940CFEB34 ] C:\Windows\System32\WindowsCodecs.dll
03:11:49.0821 0x0da8  C:\Windows\System32\WindowsCodecs.dll - ok
03:11:49.0837 0x0da8  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] C:\Windows\System32\drivers\fltMgr.sys
03:11:49.0837 0x0da8  C:\Windows\System32\drivers\fltMgr.sys - ok
03:11:49.0852 0x0da8  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] C:\Windows\System32\drivers\lltdio.sys
03:11:49.0852 0x0da8  C:\Windows\System32\drivers\lltdio.sys - ok
03:11:49.0852 0x0da8  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] C:\Windows\System32\drivers\rspndr.sys
03:11:49.0852 0x0da8  C:\Windows\System32\drivers\rspndr.sys - ok
03:11:49.0868 0x0da8  [ BF142D4F8C61ED3629A9CDD7BA867900, B7928A0143945CB5F19AE888BC1ED1B9C450807A5B8C65FDC139A46777B2827F ] C:\Windows\System32\mfplat.dll
03:11:49.0868 0x0da8  C:\Windows\System32\mfplat.dll - ok
03:11:49.0884 0x0da8  [ 57418956DDAE128D1023C508E7D07071, 94C77D511983CD139D909C3E157BA5DF579EB3D559C58CB69517B8895D591034 ] C:\Windows\System32\PSHED.DLL
03:11:49.0884 0x0da8  C:\Windows\System32\PSHED.DLL - ok
03:11:49.0884 0x0da8  [ A7F8BAD9590ADDC425B4003E94780DFA, 52F742BA0DF75CBD3625808FC38119C3F417A074AB65C6CC2B07610168D89CB7 ] C:\Windows\System32\drivers\spsys.sys
03:11:49.0884 0x0da8  C:\Windows\System32\drivers\spsys.sys - ok
03:11:49.0899 0x0da8  [ 6556819CD55CE306D7FF546E1DF680D6, 2B7068963E59C1FDF2ABB60F3FF8A133028E2F1484D1F7B9482F52C799487A0C ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3A17439A-2D46-4A95-806E-DEF9586A7465}\mpasbase.vdm
03:11:49.0899 0x0da8  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3A17439A-2D46-4A95-806E-DEF9586A7465}\mpasbase.vdm - ok
03:11:49.0915 0x0da8  [ 3148766B45A09242CB53647D418D1A30, A8CAAD7501F12F96CD6CB50225144FADEEC2B7169CA5C8C357BB1EAA8ED4BAE3 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3A17439A-2D46-4A95-806E-DEF9586A7465}\mpasdlta.vdm
03:11:49.0915 0x0da8  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3A17439A-2D46-4A95-806E-DEF9586A7465}\mpasdlta.vdm - ok
03:11:49.0915 0x0da8  [ 00000000000000000000000000000000, 0000000000000000000000000000000000000000000000000000000000000000 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3A17439A-2D46-4A95-806E-DEF9586A7465}\mpavbase.vdm
03:11:49.0915 0x0da8  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3A17439A-2D46-4A95-806E-DEF9586A7465}\mpavbase.vdm - ok
03:11:49.0930 0x0da8  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] C:\Windows\System32\dnsrslvr.dll
03:11:49.0930 0x0da8  C:\Windows\System32\dnsrslvr.dll - ok
03:11:49.0930 0x0da8  [ D09DEF4F6B3D108494DE8A96EF555F9C, 510EB11CADB9C0C88F7387DB84B3D89CC82F6D8953897150CAA3C57CC71CBACF ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3A17439A-2D46-4A95-806E-DEF9586A7465}\mpavdlta.vdm
03:11:49.0930 0x0da8  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3A17439A-2D46-4A95-806E-DEF9586A7465}\mpavdlta.vdm - ok
03:11:49.0946 0x0da8  [ 3E7834CD2A543D58443BBE38FD74E8EB, 8F5EE1EF9F1527C2E337F500A793BAD384D289B981CE2ABF587D7C09977BB713 ] C:\Windows\System32\mshtml.dll
03:11:49.0946 0x0da8  C:\Windows\System32\mshtml.dll - ok
03:11:49.0962 0x0da8  [ 5EC8FB83F31AA2D6F421F02C3F4F4475, CC325D32700AED6CEA6FA1190C04FEDA9A52DABB3E47D3923BA9BBE06A5EB556 ] C:\Windows\System32\winspool.drv
03:11:49.0962 0x0da8  C:\Windows\System32\winspool.drv - ok
03:11:49.0977 0x0da8  [ 9474AD3584430D24DA87517F9DB0CBB2, 62AF2AD461E255B2B646F7462A7F2592BC7CE2FCAC980F09B5E8AC54F3C912D0 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\comctl32.dll
03:11:49.0977 0x0da8  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\comctl32.dll - ok
03:11:49.0977 0x0da8  [ CA0B849566776A17F35F0339BE17DFD9, 527FFE08A427703F3620DB7C44E096A7F9D0C88AD1FD8F0623815B7E7D78687A ] C:\Windows\System32\ktmw32.dll
03:11:49.0977 0x0da8  C:\Windows\System32\ktmw32.dll - ok
03:11:49.0993 0x0da8  [ 4AB3F1BCCBD066A080B004A61978A0E0, 37757A32C763ACF3706356199B4C315CD74C9A6CB3F58E8D683F0E7F5FB3A305 ] C:\Windows\System32\ati2edxx.dll
03:11:49.0993 0x0da8  C:\Windows\System32\ati2edxx.dll - ok
03:11:50.0009 0x0da8  [ C9C1236CF647FD9C6D218B22BA090D7F, E377EDAA840AB9FAD5AB78484A7BA8FDD8D757C37377E7C1ED49DF8F1631C1C9 ] C:\Windows\System32\atipdlxx.dll
03:11:50.0009 0x0da8  C:\Windows\System32\atipdlxx.dll - ok
03:11:50.0009 0x0da8  [ 2A6A2C09ECC2CB495628E45F1379ECE8, 4E9232EB29AEA58C4EC5B505301F01F62EFB0C1BC5F8B5F9CE1B4C91284FD97D ] C:\Windows\System32\taskcomp.dll
03:11:50.0009 0x0da8  C:\Windows\System32\taskcomp.dll - ok
03:11:50.0024 0x0da8  [ F331AE414F0980F4FA9DF92AAC63E002, 952A2EC8F563D638E7C97DDE216DA9532D673BA5A2BCEC286F66F6A9F66E448C ] C:\Windows\System32\Ati2evxx.dll
03:11:50.0024 0x0da8  C:\Windows\System32\Ati2evxx.dll - ok
03:11:50.0040 0x0da8  [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] C:\Windows\System32\drivers\http.sys
03:11:50.0040 0x0da8  C:\Windows\System32\drivers\http.sys - ok
03:11:50.0040 0x0da8  [ E79FDA8D320147FDC347C504B3487F87, 7BAF7C9828A285875BCF92EF33E1F0F5A2ED8A25289333985A9428E2913DF3CC ] C:\Windows\System32\spoolss.dll
03:11:50.0040 0x0da8  C:\Windows\System32\spoolss.dll - ok
03:11:50.0055 0x0da8  [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] C:\Windows\System32\drivers\srvnet.sys
03:11:50.0055 0x0da8  C:\Windows\System32\drivers\srvnet.sys - ok
03:11:50.0071 0x0da8  [ EE16F3E01C4A6C77383F1BBBD10AD6C2, 204BF3757B362EDBCEC29C0576B7F666D6B9422C72491F4C566B27D20F45A031 ] C:\Windows\System32\FWPUCLNT.DLL
03:11:50.0071 0x0da8  C:\Windows\System32\FWPUCLNT.DLL - ok
03:11:50.0071 0x0da8  [ 73FE2E5FA55088A241AA2732F5D387D6, EB8822FD08C0C85441BBE86FE55349BFE2D8297A042249B2934B44121D132CCB ] C:\Windows\System32\wiarpc.dll
03:11:50.0071 0x0da8  C:\Windows\System32\wiarpc.dll - ok
03:11:50.0087 0x0da8  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] C:\Windows\System32\drivers\bowser.sys
03:11:50.0087 0x0da8  C:\Windows\System32\drivers\bowser.sys - ok
03:11:50.0102 0x0da8  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] C:\Windows\System32\drivers\mpsdrv.sys
03:11:50.0102 0x0da8  C:\Windows\System32\drivers\mpsdrv.sys - ok
03:11:50.0102 0x0da8  [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] C:\Windows\System32\drivers\mrxdav.sys
03:11:50.0102 0x0da8  C:\Windows\System32\drivers\mrxdav.sys - ok
03:11:50.0118 0x0da8  [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] C:\Windows\System32\drivers\mrxsmb.sys
03:11:50.0118 0x0da8  C:\Windows\System32\drivers\mrxsmb.sys - ok
03:11:50.0134 0x0da8  [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] C:\Windows\System32\drivers\mrxsmb10.sys
03:11:50.0134 0x0da8  C:\Windows\System32\drivers\mrxsmb10.sys - ok
03:11:50.0149 0x0da8  [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] C:\Windows\System32\drivers\mrxsmb20.sys
03:11:50.0149 0x0da8  C:\Windows\System32\drivers\mrxsmb20.sys - ok
03:11:50.0149 0x0da8  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] C:\Windows\System32\drivers\srv2.sys
03:11:50.0149 0x0da8  C:\Windows\System32\drivers\srv2.sys - ok
03:11:50.0165 0x0da8  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] C:\Windows\System32\MPSSVC.dll
03:11:50.0165 0x0da8  C:\Windows\System32\MPSSVC.dll - ok
03:11:50.0180 0x0da8  [ BE01E566D1F569AAB32D0335613E1EEA, 997B248BFBDB290206A8496722D6102903634EC0D397694569BC237A681C088F ] C:\Windows\System32\dllhost.exe
03:11:50.0180 0x0da8  C:\Windows\System32\dllhost.exe - ok
03:11:50.0180 0x0da8  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] C:\Windows\System32\drivers\srv.sys
03:11:50.0180 0x0da8  C:\Windows\System32\drivers\srv.sys - ok
03:11:50.0196 0x0da8  [ 1DACD1530C6E58AEAE9F6DE7DA851935, 923C936B935BDCCBE7DD0D6F2921CFA5980FC15F950E29B72E649AC0B9867EB2 ] C:\Windows\System32\shimeng.dll
03:11:50.0196 0x0da8  C:\Windows\System32\shimeng.dll - ok
03:11:50.0196 0x0da8  [ A324D72A06C110152E7607745F39BFA1, 7E33A108B090840FC98953358216A1D84C122D965E37B37335B0EF6152CA9FC0 ] C:\Windows\System32\netmsg.dll
03:11:50.0196 0x0da8  C:\Windows\System32\netmsg.dll - ok
03:11:50.0212 0x0da8  [ 0745D6EAD386710110817FBEC03F5161, FF725C5361087985973BA21DF9BD37B96377CB3305B8BBA99DD3368D440CEAD1 ] C:\Windows\System32\wfapigp.dll
03:11:50.0212 0x0da8  C:\Windows\System32\wfapigp.dll - ok
03:11:50.0227 0x0da8  [ 5F1DEC3824E566457F53F24F493FEF08, 8ED9B269E5195BD11FF7ED6EBBC19FA32027AD068DF357660C9E5084922329B5 ] C:\Windows\System32\mscms.dll
03:11:50.0227 0x0da8  C:\Windows\System32\mscms.dll - ok
03:11:50.0227 0x0da8  [ D333058925CE305E39DE8D5AD2B52A46, 29E40E6DCAB4F3559B34A848AEDA34B5D436C9167565856451028DE25A529EDF ] C:\Windows\System32\clusapi.dll
03:11:50.0227 0x0da8  C:\Windows\System32\clusapi.dll - ok
03:11:50.0243 0x0da8  [ 452341E471D2D961229DFE0842957272, 43C3DEEFCD27F10DCFF81D8637EBDE5050ADC3E530A5DCC459D1CFF80BFD0067 ] C:\Windows\System32\sscore.dll
03:11:50.0243 0x0da8  C:\Windows\System32\sscore.dll - ok
03:11:50.0259 0x0da8  [ 6468C3FF6D0C7874FA8C619AF3E23B22, 2A8A01D5164453544A9DD1B850C24B82EFE6ACAABED56084B8A0388AC383802B ] C:\Windows\System32\activeds.dll
03:11:50.0259 0x0da8  C:\Windows\System32\activeds.dll - ok
03:11:50.0259 0x0da8  [ E9B9C1B98C8D6D48407E1C1203EAC659, A7B836B37935475E7D7277F9A7828E347B2EBD14958836499E5610AC5A922265 ] C:\Windows\System32\adsldpc.dll
03:11:50.0259 0x0da8  C:\Windows\System32\adsldpc.dll - ok
03:11:50.0274 0x0da8  [ 4A1E806032413883BAF1E9A6047BC668, 4D8EA2B36B57C7ABF131193B9C23B1A7209A3464C2716C471C7F8C11E0FA9E62 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelEvents.dll
03:11:50.0274 0x0da8  C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelEvents.dll - ok
03:11:50.0290 0x0da8  [ 1311171CF8F6D2954441EF2A42693035, 516FFF8E8DCEE409EF525276EAEB62DB67BA63448D9ED4B53F412F70A587799C ] C:\Windows\System32\WsmRes.dll
03:11:50.0290 0x0da8  C:\Windows\System32\WsmRes.dll - ok
03:11:50.0290 0x0da8  [ 93E317D7AD783D8EAEE2E3500BFE889D, 12D3ACCBF470E025EEBD77CF3407964950DADCF6991959A97B5319A9FAE219C1 ] C:\Windows\System32\credui.dll
03:11:50.0290 0x0da8  C:\Windows\System32\credui.dll - ok
03:11:50.0305 0x0da8  [ E230F3776F373F4C5E788794B53101E4, 5E1B28C8A0EC67F1EC720AC7800021288A69B4E13C5DF3603EC4FCCDBE42DAFA ] C:\Windows\System32\plasrv.exe
03:11:50.0305 0x0da8  C:\Windows\System32\plasrv.exe - ok
03:11:50.0321 0x0da8  [ B9F3FF52B84FD9E3CAFB29B8EE385E5B, 3944E3C0FCD8E927A8A6470D8A603C96D298695AE62831DBE6DA656C5D74EC05 ] C:\Windows\System32\resutils.dll
03:11:50.0321 0x0da8  C:\Windows\System32\resutils.dll - ok
03:11:50.0321 0x0da8  [ 3CD1B69551236977918E60F9543C89A2, 75468494E37A0C0CF3F182C49A5B45C92661E2C64491418714B9F347138F8492 ] C:\Windows\System32\AtBroker.exe
03:11:50.0321 0x0da8  C:\Windows\System32\AtBroker.exe - ok
03:11:50.0337 0x0da8  [ 0E135526E9785D085BCD9AEDE6FBCBF9, 75EEA7E5AE90D857B777361A0166F9A82E354F229FD5250AF8738364E6FB45DB ] C:\Windows\System32\userinit.exe
03:11:50.0337 0x0da8  C:\Windows\System32\userinit.exe - ok
03:11:50.0352 0x0da8  [ 9B96F6952186336CC6E3D4E08BE2E0AF, B7DFB14DB60D84062B7E2A2293A4F3F5EF986108EF3C9C1E1CDC284F61981731 ] C:\Windows\System32\dwmapi.dll
03:11:50.0352 0x0da8  C:\Windows\System32\dwmapi.dll - ok
03:11:50.0368 0x0da8  [ D07D4C3038F3578FFCE1C0237F2A1253, 135DD05678C8997B45982D77298DBDD98061C9D4FE43D77866846012EB061A04 ] C:\Windows\explorer.exe
03:11:50.0368 0x0da8  C:\Windows\explorer.exe - ok
03:11:50.0368 0x0da8  [ D80C6539C00CB4F5D59066865479C308, 53AC27856FC65361FEA6FDF97A94ABEC530AB81113A64428E9F9F8618DCE6D4B ] C:\Windows\System32\dwmredir.dll
03:11:50.0368 0x0da8  C:\Windows\System32\dwmredir.dll - ok
03:11:50.0386 0x0da8  [ 167AC31450C0C53A01FA1491E94D7678, 951744503EF72C6D6DC49720C4E6E65DC1DBB9C8252C89FEE18B396E2ED67EA5 ] C:\Windows\System32\shdocvw.dll
03:11:50.0386 0x0da8  C:\Windows\System32\shdocvw.dll - ok
03:11:50.0402 0x0da8  [ C99403A5B641520DAED0021DDA06F272, 5E337BDA9D4899A7102F35592766F24699F41BE27A18D0EDF4902B27BE9EA0AF ] C:\Windows\System32\milcore.dll
03:11:50.0402 0x0da8  C:\Windows\System32\milcore.dll - ok
03:11:50.0418 0x0da8  [ 8AAEEE8E59A70F37579993D118A34EE0, 9DC8618557B0D852EEA1163CF312EB68F8DF42486E4E76A74926CF99DB06AC92 ] C:\Windows\System32\d3d9.dll
03:11:50.0418 0x0da8  C:\Windows\System32\d3d9.dll - ok
03:11:50.0418 0x0da8  [ 4504819D18FAC09B6108D8728467E5B2, 46736DE57B2A0592BE1DC53B337A607C8962C305F678E5899D5734D3D4630135 ] C:\Windows\System32\browseui.dll
03:11:50.0418 0x0da8  C:\Windows\System32\browseui.dll - ok
03:11:50.0433 0x0da8  [ 292F92469EFB2FD402E00742C06D539D, 607FB70E8F3E8F09139B1851C18878669A5D2F62C2B232636A30FA76AD793DDA ] C:\Program Files\Bonjour\mdnsNSP.dll
03:11:50.0433 0x0da8  C:\Program Files\Bonjour\mdnsNSP.dll - ok
03:11:50.0433 0x0da8  [ C411C80F90D6732380352B98B37BBD53, FC5A45F208072249CAA1CA9A602FEBAD24A87166628275AC15FE37B7EEF00A40 ] C:\Windows\System32\winrnr.dll
03:11:50.0433 0x0da8  C:\Windows\System32\winrnr.dll - ok
03:11:50.0449 0x0da8  [ A7D525E5C0D91C8C1D84C6BCD25AD77D, BD3D51E302587E33901E5995367B6227743D2385F1420E12C712A62063150318 ] C:\Windows\System32\rasadhlp.dll
03:11:50.0449 0x0da8  C:\Windows\System32\rasadhlp.dll - ok
03:11:50.0465 0x0da8  [ E45051C374F845EDF3DB02A35BA13193, A42F9E45F7B6733AE4FB9A10E8CEB30508CAE94AC0CFC4CDF352AC2D153A0957 ] C:\Windows\System32\umb.dll
03:11:50.0465 0x0da8  C:\Windows\System32\umb.dll - ok
03:11:50.0465 0x0da8  [ 63396CBB1365769D520E0FD89C2419F2, 897613C16C11E3836F75EA5E645DB2ECEF99B403F50F6E7361B4A7CC80C54904 ] C:\Windows\System32\localspl.dll
03:11:50.0465 0x0da8  C:\Windows\System32\localspl.dll - ok
03:11:50.0480 0x0da8  [ CD6DA5770CAE9D5E6E86722E17B442E0, 9F0EE70460FFA43E869C3821F0AF6646D97E0F463A87B50B167ECAD44DF2E523 ] C:\Windows\System32\d3d8thk.dll
03:11:50.0480 0x0da8  C:\Windows\System32\d3d8thk.dll - ok
03:11:50.0496 0x0da8  [ 70298527ADC16F871C5978EC3AE35910, 0E4208D0C37C17106B1F3C1233FAE9E8E50695D8A83ABE4DED20EF4611B6CC7D ] C:\Windows\System32\atiumdag.dll
03:11:50.0496 0x0da8  C:\Windows\System32\atiumdag.dll - ok
03:11:50.0496 0x0da8  [ F4E1AA5D59C849A4AB47E895DC76B9C8, 0C93E63372D619393D9DDD3EFCA2317A6652276A9FDE0530CD2A06135EE6B46D ] C:\Windows\System32\sfc.dll
03:11:50.0496 0x0da8  C:\Windows\System32\sfc.dll - ok
03:11:50.0511 0x0da8  [ 15E5F29898B2C1987DD93CC251FEB755, 32C72EECFC7147CA83EB380DA4B62220CB52CAB7C54F2CC707ABFCAA852EF7B3 ] C:\Windows\System32\atiumdva.dll
03:11:50.0511 0x0da8  C:\Windows\System32\atiumdva.dll - ok
03:11:50.0527 0x0da8  [ 16EE199006A653EE8937632459CB66BE, 5BDE2F329B34E8549A5A7F9ED5119152B21E95F553A0E409BB572FCC78E6ECB0 ] C:\Windows\System32\HPZLLLHN.DLL
03:11:50.0527 0x0da8  C:\Windows\System32\HPZLLLHN.DLL - ok
03:11:50.0527 0x0da8  [ BB0EB921877A1A7EF15AE2D97A71CBA9, 8F197D95D054A67AA01131ABFFF37743004D6A270D45D37C753EC07AB9461F94 ] C:\Windows\System32\tcpmon.dll
03:11:50.0527 0x0da8  C:\Windows\System32\tcpmon.dll - ok
03:11:50.0543 0x0da8  [ AF24A9DF84637BF9858EC6FB88EBA7B2, 0F77BA28FACD1E0BD8C9C8AB7F89EBCF095C6A9D1522FA7158E848ACE3446B4C ] C:\Windows\System32\snmpapi.dll
03:11:50.0543 0x0da8  C:\Windows\System32\snmpapi.dll - ok
03:11:50.0558 0x0da8  [ 1EDE113859276E4B0F19B80F39E2CC95, 5467FBB97D1A192B720644A008752C27D14287998B328AF8FFF6DB4CB95D92EE ] C:\Windows\System32\wsnmp32.dll
03:11:50.0558 0x0da8  C:\Windows\System32\wsnmp32.dll - ok
03:11:50.0558 0x0da8  [ 14E4470BF8ACA69A85D741BA99F75F96, B9DA437B42D56FAF29EF8227A22D842A852F80D5611E114E27FC8A3864E6DEA5 ] C:\Windows\System32\EhStorShell.dll
03:11:50.0558 0x0da8  C:\Windows\System32\EhStorShell.dll - ok
03:11:50.0574 0x0da8  [ 1E06779EDB55D035DD3F4A2B7432A291, 247E0A741C23D2C9CA1784CECF63211EA0D4ED924CDA866DAA6F51256230BB32 ] C:\Windows\System32\msxml6.dll
03:11:50.0574 0x0da8  C:\Windows\System32\msxml6.dll - ok
03:11:50.0590 0x0da8  [ B4F5DE3DAD8E6B97272F45DB97674878, 31136700BE3EDACBD1FC6E795F607950A5ECD8129898C57D74B3CE6573DD250E ] C:\Windows\System32\mgmtapi.dll
03:11:50.0590 0x0da8  C:\Windows\System32\mgmtapi.dll - ok
03:11:50.0590 0x0da8  [ 5091452DC719281CF1DD69367E13B494, 565345BA7155D82503445AF74DFC3D34BC58B230DD5AEF32A0DDF41C200576C9 ] C:\Windows\System32\tcpmib.dll
03:11:50.0590 0x0da8  C:\Windows\System32\tcpmib.dll - ok
03:11:50.0605 0x0da8  [ 0BF0BB276F17B6AD61A8694D2551EC28, 4A2843F02DC6A83BDB3A6602FCAEA50D8C11AD32E5B4B070095C59D6B35AF51D ] C:\Windows\System32\usbmon.dll
03:11:50.0605 0x0da8  C:\Windows\System32\usbmon.dll - ok
03:11:50.0621 0x0da8  [ 0EB1CC5EBFCAAB7DBAEE881E2887F7F9, 0D9AEEDE0B46C104A9472C214B3A6D695972451B5EB6E16D80093EA93CF8ABBE ] C:\Windows\System32\WSDMon.dll
03:11:50.0621 0x0da8  C:\Windows\System32\WSDMon.dll - ok
03:11:50.0621 0x0da8  [ AD48183027CAFCEBC322CB9CAC60F9B8, 08ABF5E3E8ABAFEC30C97B59711DB1094A1A7C515B161856547FEFF95397C4B6 ] C:\Windows\System32\WSDApi.dll
03:11:50.0621 0x0da8  C:\Windows\System32\WSDApi.dll - ok
03:11:50.0636 0x0da8  [ F86293D93760C70ADF4F19E66E3FA5E8, 444C1B9321D40A0EAB29BBBE72E400A47384D5ED60531441F7D0CDDFFB0244D2 ] C:\Windows\System32\httpapi.dll
03:11:50.0636 0x0da8  C:\Windows\System32\httpapi.dll - ok
03:11:50.0652 0x0da8  [ 4EDA94333BDB75B1BC0A7610BED34F00, 093FBB55253B8B4168D64DC0518D812C90D6BCFBB2DFA5A441BF339F3634FF84 ] C:\Windows\System32\fundisc.dll
03:11:50.0652 0x0da8  C:\Windows\System32\fundisc.dll - ok
03:11:50.0652 0x0da8  [ D0D44370770D491E6BA472C855883422, 53DF6D40663F5FDF0C20D5561C64CC6C25876593C74F34B6275FA215BFA7CE44 ] C:\Windows\System32\msxml3.dll
03:11:50.0652 0x0da8  C:\Windows\System32\msxml3.dll - ok
03:11:50.0668 0x0da8  [ 3D50C4B10352367D5CB20ED1F50F8DA2, 03C2732F2DF18CE8CC3CB9EBF2F811A2333C96D8BBC9111F6CCE15A09D8E63E6 ] C:\Windows\System32\taskeng.exe
03:11:50.0668 0x0da8  C:\Windows\System32\taskeng.exe - ok
03:11:50.0683 0x0da8  [ 801DECF3A583C270E5C398FCD082E3DD, BA2EB2AA86C8A99FB9140ED535CE6C13EFB810C07A4272643089C8AF4FF47CBE ] C:\Windows\System32\spool\prtprocs\w32x86\HPZPPLHN.DLL
03:11:50.0683 0x0da8  C:\Windows\System32\spool\prtprocs\w32x86\HPZPPLHN.DLL - ok
03:11:50.0683 0x0da8  [ B11FDCA4410D6252964EF97F9A47DE74, 085EDBF22392265B35F0D8A73B1B5DFC0D1CEB4C3493F11361BF4CF6C2223FC5 ] C:\Windows\System32\TSChannel.dll
03:11:50.0683 0x0da8  C:\Windows\System32\TSChannel.dll - ok
03:11:50.0699 0x0da8  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] C:\Program Files\Google\Update\GoogleUpdate.exe
03:11:50.0699 0x0da8  C:\Program Files\Google\Update\GoogleUpdate.exe - ok
03:11:50.0699 0x0da8  [ 0928B9C3F2193EE265AA5E9B163D96EB, E2044C1098602441657FCBE2661180A7D3E450B5D8ED42410010AC89F866CF45 ] C:\Program Files\Google\Update\1.3.23.9\goopdate.dll
03:11:50.0699 0x0da8  C:\Program Files\Google\Update\1.3.23.9\goopdate.dll - ok
03:11:50.0715 0x0da8  [ B04ABC47319CB3C808A3A5525F2F3F2F, D22C99BA86307F826F730095A48DA2EEE23632983716886A8E5EC7D3CB781EDB ] C:\Program Files\Real\RealUpgrade\realupgrade.exe
03:11:50.0715 0x0da8  C:\Program Files\Real\RealUpgrade\realupgrade.exe - ok
03:11:50.0730 0x0da8  [ 782C8019C89920A77B1907AD3B4C8FF9, B38C1B9C022B2B2CCC860845ABC7CE2803A251477D07F1DE7B7F7AAB02376EDB ] C:\Windows\System32\HotStartUserAgent.dll
03:11:50.0730 0x0da8  C:\Windows\System32\HotStartUserAgent.dll - ok
03:11:50.0746 0x0da8  [ D1C8ADF4140E20B9D575A7763F2902AD, F404F9651082DEAB4D564F3B4CA4FE4B805FF6C3062148352BCD67AE81BE351B ] C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe
03:11:50.0746 0x0da8  C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe - ok
03:11:50.0761 0x0da8  [ 57125869A7B9638A5D11DD685AA65EB4, ADDEA7198DD1586D1D4E4DC1091369BC5702CED5E4FF8A0B42A06626D8DA28D7 ] C:\Windows\System32\PlaySndSrv.dll
03:11:50.0761 0x0da8  C:\Windows\System32\PlaySndSrv.dll - ok
03:11:50.0777 0x0da8  [ A4E7946B71BBDF8708C7AC97FD9E9008, 3C382EDC2BE010B11006EC41097123C5EE4D2D6FB079B795DAAF37F423864BFD ] C:\Windows\System32\win32spl.dll
03:11:50.0777 0x0da8  C:\Windows\System32\win32spl.dll - ok
03:11:50.0793 0x0da8  [ 43E1054C713C48D252A1826C5E14AACA, 46B6A5011EC63F1B8DDC6A2BE013C2BBB59B81310644766C609CAAF4B9A18278 ] C:\Windows\System32\MsCtfMonitor.dll
03:11:50.0793 0x0da8  C:\Windows\System32\MsCtfMonitor.dll - ok
03:11:50.0793 0x0da8  [ C6DA42ADA0C5FC8CB05744229D632B47, 1C0FFD6B1CB0C72DF079F279E24243D2617F37D9DD5142140C3AB5AA3E4647BD ] C:\Windows\System32\msutb.dll
03:11:50.0793 0x0da8  C:\Windows\System32\msutb.dll - ok
03:11:50.0808 0x0da8  [ 293C5CCD99D332ECC94637FEDA38D1F2, A220C2F2F2C2075B724EFBD15A3F354824859AE28C3A548E76306DD6AE1FB723 ] C:\Windows\System32\TMM.dll
03:11:50.0808 0x0da8  C:\Windows\System32\TMM.dll - ok
03:11:50.0824 0x0da8  [ 6C580025C81CAF3AE9E3617C22CAD00E, 64F9061196462085E5DCD3ACB97A0D8FC67CA9A96DDD6E2103AFFF1593AE236A ] C:\Windows\System32\drivers\parvdm.sys
03:11:50.0824 0x0da8  C:\Windows\System32\drivers\parvdm.sys - ok
03:11:50.0824 0x0da8  [ 0E37FBFA79D349D672456923EC5FBBE3, 8793353461826FBD48F25EA8B835BE204B758CE7510DB2AF631B28850355BD18 ] C:\Windows\System32\msvcr100.dll
03:11:50.0824 0x0da8  C:\Windows\System32\msvcr100.dll - ok
03:11:50.0840 0x0da8  [ 51F207D5A9E7B2E76BEE59C05CCC23C4, BE78957DD197777D899FAFBBE71E2FDB5DB9AC6AC4F1595A562FD362429BED6B ] C:\Program Files\SUPERAntiSpyware\SASCore.exe
03:11:50.0840 0x0da8  C:\Program Files\SUPERAntiSpyware\SASCore.exe - ok
03:11:50.0855 0x0da8  [ 4B555106290BD117334E9A08761C035A, 8A3808FBC197040BF0C65084514E8441E35FFFF8E31980F9CE1F41ED65E08437 ] C:\Windows\System32\rundll32.exe
03:11:50.0855 0x0da8  C:\Windows\System32\rundll32.exe - ok
03:11:50.0855 0x0da8  [ 111C47816F39A91EAAA18DA0A54E8E63, 6910253AA5DFD7E2656C65B7227E7D546648D6C55600552D79FA275D0331AA00 ] C:\Windows\System32\imageres.dll
03:11:50.0855 0x0da8  C:\Windows\System32\imageres.dll - ok
03:11:50.0871 0x0da8  [ 4BF053944E973C073339BE841C9ECF28, CDE922AEC912F978C1847C17FA8233D860C38AC249CF095134D2CEA355A6D26A ] C:\Windows\System32\netrap.dll
03:11:50.0871 0x0da8  C:\Windows\System32\netrap.dll - ok
03:11:50.0886 0x0da8  [ 2D3D47B93E0BE86EEBB261734AB5B6A1, F83A5AB187DA9A3784367C8762AACB07B28871F435B4B39672114BDADB05B894 ] C:\Windows\System32\printcom.dll
03:11:50.0886 0x0da8  C:\Windows\System32\printcom.dll - ok
03:11:50.0886 0x0da8  [ D6804F089CBB6749E95124E7C4D80900, 262065CFC88A1E27996CA6B161A5B87B40B2ED1850EE928A2033D140C1A84F60 ] C:\Windows\AppPatch\AcLayers.dll
03:11:50.0886 0x0da8  C:\Windows\AppPatch\AcLayers.dll - ok
03:11:50.0902 0x0da8  [ EC760B0B76A4353DE49D66520EB2141F, ADBF30D100D3837C35695B1ABE3E7EB03FD6B9200B9C1C337325D9E0A3A3ACE4 ] C:\Windows\System32\SensApi.dll
03:11:50.0902 0x0da8  C:\Windows\System32\SensApi.dll - ok
03:11:50.0918 0x0da8  [ 2E8E30F3B318A9FDA5A2485723F4C2B3, A2EE1F104D05ACBC7D6A01DDC324391ECC9A40776786DFF310B424193C1B9659 ] C:\Windows\System32\inetpp.dll
03:11:50.0918 0x0da8  C:\Windows\System32\inetpp.dll - ok
03:11:50.0918 0x0da8  [ 08578F3CA5365F896D90CE2BF97FD000, B081E6B39D69141B3AD31E127DA18756EBB68F47E649635D78D45B25EBDC2511 ] C:\Windows\System32\IconCodecService.dll
03:11:50.0918 0x0da8  C:\Windows\System32\IconCodecService.dll - ok
03:11:50.0933 0x0da8  [ 11CFE871D27B4C3485E84BE9E48FFF5E, E6B87FA200AB571056B961794D8EF280C357C740AFC733511EFFF3EECA9E2C78 ] C:\Windows\System32\msi.dll
03:11:50.0933 0x0da8  C:\Windows\System32\msi.dll - ok
03:11:50.0933 0x0da8  [ BDE89AB6F15F0093A2A7861D1FC413ED, CDD703B147DD2B49FB4DD3EF8E8E97A9496782462AF8D65AC70D3075E4E0514A ] C:\Windows\System32\QAGENT.DLL
03:11:50.0933 0x0da8  C:\Windows\System32\QAGENT.DLL - ok
03:11:50.0949 0x0da8  [ 769D027B977CED05658C85E698D3C5B1, AD17B98BC2E2CEA59CC603264F171098AE77F16B7E9C61080F7E2DC50EE74637 ] C:\Windows\System32\QUTIL.DLL
03:11:50.0949 0x0da8  C:\Windows\System32\QUTIL.DLL - ok
03:11:50.0965 0x0da8  [ 62278F4472DC31E71C5E74430BD14CA8, F16D5EBCB59BBC74DC93DC27ACF62E5D4505904E944591AE3CFF8B03D03C78C6 ] C:\Windows\System32\atitmmxx.dll
03:11:50.0965 0x0da8  C:\Windows\System32\atitmmxx.dll - ok
03:11:50.0980 0x0da8  [ D922592AB65C5D9B88B30B4510A3464E, E6226CFD77C6DDAE5737C4CC6F8B347DF474CF8DFD93E32ABE6AE63D9AB0A586 ] C:\Windows\System32\cscapi.dll
03:11:50.0980 0x0da8  C:\Windows\System32\cscapi.dll - ok
03:11:50.0980 0x0da8  [ A0F4852A5DB9754BEC06F84B400AE743, B233988541B738FC8082F6A286A88DE40679476D3914E9E541D75B89E451C476 ] C:\Windows\System32\wscapi.dll
03:11:50.0980 0x0da8  C:\Windows\System32\wscapi.dll - ok
03:11:50.0996 0x0da8  [ 4934241CD20AC87D78121352E3BA8318, DACD7A7E0A41B011AD306972876568F27CDCF064EDFF71024BC0D4B595B666A7 ] C:\Windows\System32\dbghelp.dll
03:11:50.0996 0x0da8  C:\Windows\System32\dbghelp.dll - ok
03:11:51.0011 0x0da8  [ BC83108B18756547013ED443B8CDB31B, B2AD109C15EAA92079582787B7772BA0A2F034F7D075907FF87028DF0EAEA671 ] C:\Windows\System32\msvcp100.dll
03:11:51.0011 0x0da8  C:\Windows\System32\msvcp100.dll - ok
03:11:51.0011 0x0da8  [ 7E6B107120108B3A15BFECE0DE3201DB, 80E38DD0A8BD05C62E3569A916F50F0596F0C44A8F7EE56F44E101138B59858E ] C:\Program Files\Google\Update\1.3.23.9\GoogleCrashHandler.exe
03:11:51.0011 0x0da8  C:\Program Files\Google\Update\1.3.23.9\GoogleCrashHandler.exe - ok
03:11:51.0027 0x0da8  [ 0EDAACBC028C1B50A57899E64EE60E9B, F1CF0F080F18890FFBE46864BF7B241C9C1686DB77707D41A81935D8693CCE1D ] C:\Program Files\Real\RealUpgrade\Common\hxmedpltfm.dll
03:11:51.0027 0x0da8  C:\Program Files\Real\RealUpgrade\Common\hxmedpltfm.dll - ok
03:11:51.0043 0x0da8  [ 73FD66B14D3C4252F7A524B8836A4359, 04656A6290E9DFE79FCCD427FC4BBCF65E5C6B9525953D780FF42966C93468CF ] C:\Windows\System32\mstask.dll
03:11:51.0043 0x0da8  C:\Windows\System32\mstask.dll - ok
03:11:51.0043 0x0da8  [ 78A5A5C435A95949B6BAFD0D77CFA164, C4B6CF6AE0748CD1D48F4111D71D645C1B998E2A5D5073658BEB33B1EADA330F ] C:\Program Files\Google\Update\1.3.23.9\goopdateres_en-GB.dll
03:11:51.0043 0x0da8  C:\Program Files\Google\Update\1.3.23.9\goopdateres_en-GB.dll - ok
03:11:51.0058 0x0da8  [ 1290853C52D8BD47683FED043D79BC21, B6AEF3BDC2922DADAADC49BF22501CE99CEC32434FD40A83FF7A59CA6F8AADC6 ] C:\Program Files\Real\RealUpgrade\Plugins\upgrade.dll
03:11:51.0058 0x0da8  C:\Program Files\Real\RealUpgrade\Plugins\upgrade.dll - ok
03:11:51.0074 0x0da8  [ E66587751D859A88FA61149C9CC2C15C, 92AFB5469AFCB0862CBE153AFC8A9D6F4F0D375A91852523F031781731A8D838 ] C:\Windows\System32\wer.dll
03:11:51.0074 0x0da8  C:\Windows\System32\wer.dll - ok
03:11:51.0074 0x0da8  [ 3606CE1AC3D6A9A9CB7DB35D7F5C54EC, 220911A88EF333BAC01062CC9E83566DBC12B1564D5B58C3A8A039DFDFDB7C6C ] C:\Windows\System32\shfolder.dll
03:11:51.0074 0x0da8  C:\Windows\System32\shfolder.dll - ok
03:11:51.0090 0x0da8  [ 52E129522C1775DBB8CC252E7A0655C7, 5A3946551605380998FB83EBF6DC88279876F968754A0DFB9D5D91C906228E2A ] C:\Windows\System32\taskschd.dll
03:11:51.0090 0x0da8  C:\Windows\System32\taskschd.dll - ok
03:11:51.0105 0x0da8  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
03:11:51.0105 0x0da8  C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
03:11:51.0105 0x0da8  [ 07A96CF6DD46E76C894EA5483C0E5F96, EEF1D6B4F914DCCC17AB13F18F5BDED64CC1475C4E63144B560F46055653B633 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30304.0_none_d9c474bda3593bfa\msvcr90.dll
03:11:51.0105 0x0da8  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30304.0_none_d9c474bda3593bfa\msvcr90.dll - ok
03:11:51.0121 0x0da8  [ 608D6A90E989C6522F170E5526A64BF4, 36EDD07DF6BD2D20121F63CF720C289FCCF7C53574D37F99C2F9ED68298D655B ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
03:11:51.0121 0x0da8  C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
03:11:51.0136 0x0da8  [ 29158B1DC3F86D4B0D6A127FE586ADFF, 03C17FA518200CE5C53AED55C5AF22D0A2D483110FB1E7EA6F990C56936570E6 ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll
03:11:51.0136 0x0da8  C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
03:11:51.0152 0x0da8  [ ACEF41504E13FCDB2A75209D032A708C, D167DFF5AF4F70250AE22CA0D8190CDC64B255C6ADC15B2D07C7B80A96D3D1D9 ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll
03:11:51.0152 0x0da8  C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
03:11:51.0152 0x0da8  [ FCB03B57E6DEAE7F83758BF8C03AD0DE, AC6F39B60932BB8679240551287B6A42AA943993FA9C1FFB68192FDC5A104AEC ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
03:11:51.0152 0x0da8  C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
03:11:51.0168 0x0da8  [ A15D5424D20AAAB9189CCA44E67C4F2B, 83D42EE57971677E851E54E56345F1F148515AFC954C43DA416F53695A8B93A9 ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
03:11:51.0168 0x0da8  C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok
03:11:51.0183 0x0da8  [ 8EAEB0ED23A98DE0F0C812D756E47CE9, D49AB526C0B0356AB1F778E3B6AFC4D148742942F8561C9C4C2183A649661A86 ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
03:11:51.0183 0x0da8  C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok
03:11:51.0183 0x0da8  [ 5760B2B5BAA3449C045B6FA222205F60, AC566245868530F6A8F80BEA9C6AB532DB2280F280CA4889C09BCCA9D057C1D4 ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
03:11:51.0183 0x0da8  C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
03:11:51.0199 0x0da8  [ BCE7DD8098CE6DD28EE2B0D5D5028B47, C48E1E455A0C6FC351CA2A8938C78D6D278B753FA7A621628B4E843C3A8F02FE ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
03:11:51.0199 0x0da8  C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok
03:11:51.0215 0x0da8  [ 922563953E405AA9762F90778B711F77, 3DD35372DFC79F309BF419E9BF0043D1B1E00EDC47DCFF4D669416BDD5B094C5 ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
03:11:51.0215 0x0da8  C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
03:11:51.0215 0x0da8  [ 54023DF1A9A7D481B4762B09ECCA330F, 271B46804B2E944B7ABF707939CB498AE78B0EE6DDCE318E26BE0C7BA826DFA3 ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt49.dll
03:11:51.0215 0x0da8  C:\Program Files\Common Files\Apple\Apple Application Support\icudt49.dll - ok
03:11:51.0230 0x0da8  [ 61515190FE0F3FDD31357C29150554D7, 6B378887F3430C264F83EEF218794E8786B1EA1210D2439FEA2152B1C05415F7 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
03:11:51.0230 0x0da8  C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
03:11:51.0246 0x0da8  [ 2EC5693E2EE393F3A97BBB6C46D67779, 68CCECB20B55247B0DC2EF720FA8905CD039D91002D7450293BE585DF926462B ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
03:11:51.0246 0x0da8  C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
03:11:51.0246 0x0da8  [ 215BF879658630BD79988849DB396402, EABB20F803862FF398AEC4B8079FC14C68AA0BF4C87F098BACD45C4F0D77EB3E ] C:\Windows\System32\dnssd.dll
03:11:51.0246 0x0da8  C:\Windows\System32\dnssd.dll - ok
03:11:51.0261 0x0da8  [ E582816A4855914DEFFC212E12B3B744, B59C692FE8D19A2D9615D12C6026854C3467B25B3630183D766A32A9584C3115 ] C:\Windows\System32\wsock32.dll
03:11:51.0261 0x0da8  C:\Windows\System32\wsock32.dll - ok
03:11:51.0277 0x0da8  [ 3F56903E124E820AEECE6D471583C6C1, B3C045AFACC8A8F5DC289ADE9ACFB2FE7F9CA24A900BBAED47E2A63837208CB3 ] C:\Program Files\Bonjour\mDNSResponder.exe
03:11:51.0277 0x0da8  C:\Program Files\Bonjour\mDNSResponder.exe - ok
03:11:51.0277 0x0da8  [ E7D0F91E44D9D3B2116FA549BDCDB756, 96363C567D7BAE7F8D3DE763AF84A1DDD6F2B0B7C790FD1CC3D5D0197E64868F ] C:\Windows\System32\wdscore.dll
03:11:51.0277 0x0da8  C:\Windows\System32\wdscore.dll - ok
03:11:51.0293 0x0da8  [ AD4524BF57249027759A426A450E085D, 3662D41C1B881F50232684388A60C91C3AB7A74D43F5881E4514F9A8A97970F8 ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll
03:11:51.0293 0x0da8  C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
03:11:51.0308 0x0da8  [ 29FAB5363138F6E322F4CD780ED9D337, 39AE6E21D116AEC9EA65632F3325E848FFBEC6169A88ADC4814639F97A290D91 ] C:\Windows\Runservice.exe
03:11:51.0308 0x0da8  C:\Windows\Runservice.exe - ok
03:11:51.0308 0x0da8  [ 17FC3EDA0162F513E858B8C8FA7FA6E0, 6A1EE9DA1AB4A038258B6343E28C6F288AAFBBF3075C88BFBADB98C763F906AC ] C:\Windows\System32\vssapi.dll
03:11:51.0308 0x0da8  C:\Windows\System32\vssapi.dll - ok
03:11:51.0324 0x0da8  [ 37C301E37F9664D240EBD69E8528032F, 4499A531A8C66EBD6FDF916CC7402C5CA149A3ABAE91B4EABBBBFD9E802746F5 ] C:\Windows\mmfs.dll
03:11:51.0324 0x0da8  C:\Windows\mmfs.dll - ok
03:11:51.0340 0x0da8  [ FA149A9A6DDDCC222865077D07DD1C51, 4E70A024E4A2D5862425DD8A227EF0AE9B562099CDDC40FA7E15E19AA6CC8E47 ] C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
03:11:51.0340 0x0da8  C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe - ok
03:11:51.0340 0x0da8  [ 725AB72D5DD462F2EDAF1A6C59C8CFB5, 2420B0D7D132444E79B646787B1B6D89F45C6188E03FC1A4467B154D4774EFC3 ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
03:11:51.0340 0x0da8  C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok
03:11:51.0355 0x0da8  [ DC3AE9F1554DCD97F90983DDBDACD83D, 9D3B4E273FDDA77B5B8A258525FA44616C184E58CE1312B47512AAAD5915E073 ] C:\Windows\System32\vsstrace.dll
03:11:51.0355 0x0da8  C:\Windows\System32\vsstrace.dll - ok
03:11:51.0371 0x0da8  [ 71B479749F0F52C4FEC726C6FFA2CE1C, ED0F1D94620696941E9633F55AC4130EFBDA3B883CA356BB34D268F4FC7F94F1 ] C:\Windows\System32\cryptnet.dll
03:11:51.0371 0x0da8  C:\Windows\System32\cryptnet.dll - ok
03:11:51.0371 0x0da8  [ A8E8A8A91DE5A46AA37ADA29CBB5522C, 3EC77983FF0F75B790359CF247717E42DA078D4B8790788D30908899C2E71C6F ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
03:11:51.0371 0x0da8  C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
03:11:51.0386 0x0da8  [ 4EDB186C455CDEADA24A708AAB884AE3, 836B3176A4A1B57F89D5B950BDA2F6C6F785899ED54632D8CF35DF55B364DB81 ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
03:11:51.0386 0x0da8  C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok
03:11:51.0405 0x0da8  [ 0A990AFB9F2726323D61C8ECB8B70B17, 27BC7CBFFB211DE930C7FA97DCDCA783CC74987EDB5FC17D33C422E93BA91242 ] C:\Windows\System32\security.dll
03:11:51.0405 0x0da8  C:\Windows\System32\security.dll - ok
03:11:51.0421 0x0da8  [ F4D9ED6BD74AD7CC0BEC83C43A1CB76B, 18F167DEC8464AC42B9C7C2C69638D812C1C2CF867DBF3E833F4B880C26BD1D2 ] C:\Windows\System32\ncsi.dll
03:11:51.0421 0x0da8  C:\Windows\System32\ncsi.dll - ok
03:11:51.0421 0x0da8  [ 01BCD91CC2B0EFDA4890F547010750BD, 34B99B58AC2CEC8EF089C9B82D3ADEAD721B32B5F884399E8A9D2252B8AB5C02 ] C:\Windows\System32\ssdpapi.dll
03:11:51.0421 0x0da8  C:\Windows\System32\ssdpapi.dll - ok
03:11:51.0436 0x0da8  [ 57A6362D71B5003C48EE21F2DBB624B1, E6480D1F219BF3F8E7AC8347A8C50E48632B7BBC9618EEB36DAEA1079AA770B5 ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
03:11:51.0436 0x0da8  C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
03:11:51.0436 0x0da8  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] C:\Windows\System32\drivers\PEAuth.sys
03:11:51.0436 0x0da8  C:\Windows\System32\drivers\PEAuth.sys - ok
03:11:51.0452 0x0da8  [ 89525CC2DBAD44F7199B9CC188B3F9C5, 09708EFA65BC1CCF92E6F2E143FCF88C645B1633AFE0DED833CDF945CB077D8C ] C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
03:11:51.0452 0x0da8  C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe - ok
03:11:51.0468 0x0da8  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] C:\Windows\System32\drivers\secdrv.sys
03:11:51.0468 0x0da8  C:\Windows\System32\drivers\secdrv.sys - ok
03:11:51.0483 0x0da8  [ 428FF21418ADCD6FAD6189CD9520A67B, E9021A9B74AC6C4F7317704DF6A66B1A5C3D05DD2535989942005D638340010D ] C:\Windows\System32\wiatrace.dll
03:11:51.0483 0x0da8  C:\Windows\System32\wiatrace.dll - ok
03:11:51.0483 0x0da8  [ 95389980F70FC4990A4395A0B8BBE1D6, FB5CBC85733A4EC4FB9F210A5D4E5989F6A3F2995D895F5B41163CDFC04DB82C ] C:\Windows\System32\drivers\tcpipreg.sys
03:11:51.0483 0x0da8  C:\Windows\System32\drivers\tcpipreg.sys - ok
03:11:51.0499 0x0da8  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] C:\Windows\System32\IPSECSVC.DLL
03:11:51.0499 0x0da8  C:\Windows\System32\IPSECSVC.DLL - ok
03:11:51.0514 0x0da8  [ 351FA1DF82CFFDEDA801604246E63E95, AD030032C0C4C0E2A8EEDA3E45338BE7DFD75AED330EBC266183C49687E7A3D0 ] C:\Windows\System32\icaapi.dll
03:11:51.0514 0x0da8  C:\Windows\System32\icaapi.dll - ok
03:11:51.0514 0x0da8  [ 4DBA143F06BAD1DF935CB9603140CF2A, DE2D3A13993046CCC7691C9614702DCBC43C788282A2B722A8F3F4829281BC1A ] C:\Windows\System32\wsdchngr.dll
03:11:51.0514 0x0da8  C:\Windows\System32\wsdchngr.dll - ok
03:11:51.0530 0x0da8  [ 74B8C2EA72D43727142D12397D5A49F9, 37E8858211D7BF9DE90CBD22863B18A939C43BA64CAD06229E994A417BD46B0D ] C:\Windows\System32\wbemcomn.dll
03:11:51.0530 0x0da8  C:\Windows\System32\wbemcomn.dll - ok
03:11:51.0546 0x0da8  [ 2205A220A264E8C8B86492BF3D112907, F3B702AE3242B8910260F2649D8B387B07AF8830FF5F495B6F713FCABD26A4E9 ] C:\Windows\System32\PortableDeviceApi.dll
03:11:51.0546 0x0da8  C:\Windows\System32\PortableDeviceApi.dll - ok
03:11:51.0546 0x0da8  [ DEB9D08750423069647C3A066CEC7A1B, 5570DF2EFB4D3B6BD2F8839F8FDB89C107424F9C3113238A34F3384285AB940F ] C:\Windows\System32\tquery.dll
03:11:51.0546 0x0da8  C:\Windows\System32\tquery.dll - ok
03:11:51.0561 0x0da8  [ 1F18B9EA1BBFF033413414C3BEA13AD6, EC549203DD16A70F3275500CF1754198FDD4F619A0EC973FF8D4A9934DAACE6B ] C:\Windows\System32\wbem\WinMgmtR.dll
03:11:51.0561 0x0da8  C:\Windows\System32\wbem\WinMgmtR.dll - ok
03:11:51.0577 0x0da8  [ 42608AE9AF2641EE473A1797C25CFFC2, 64FCAEDFAE7B530522A630BD41880180C3B5D78924DF80DC54862A0D666EBA5F ] C:\Windows\System32\FwRemoteSvr.dll
03:11:51.0577 0x0da8  C:\Windows\System32\FwRemoteSvr.dll - ok
03:11:51.0577 0x0da8  [ 218B73EA8341EA9FDF018D43052E790A, 35696A2107490EB6E81A442CBE0F3DE36DBED103A0A18677F2686DB2A157FE3C ] C:\Windows\System32\mssrch.dll
03:11:51.0577 0x0da8  C:\Windows\System32\mssrch.dll - ok
03:11:51.0593 0x0da8  [ B53BD9E63867CD9FD853F666CA172713, 08951AC63A257696F5F1FC79137C3FFBF0972B9AE43BD4BE02C2CACB9176C3DA ] C:\Windows\System32\PortableDeviceConnectApi.dll
03:11:51.0593 0x0da8  C:\Windows\System32\PortableDeviceConnectApi.dll - ok
03:11:51.0608 0x0da8  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] C:\Windows\System32\drivers\WUDFRd.sys
03:11:51.0608 0x0da8  C:\Windows\System32\drivers\WUDFRd.sys - ok
03:11:51.0608 0x0da8  [ AAB5FEAABF4CB6F76D794203831C8D94, 2E773665AEC22EAE334F4123F1B1D183790FA165E54C126246E32B8DAB4CD67F ] C:\Windows\System32\msidle.dll
03:11:51.0608 0x0da8  C:\Windows\System32\msidle.dll - ok
03:11:51.0624 0x0da8  [ BF7E4D6F60A6D9E866432855C6F8C262, 6E99AA4BD3867867C6DE1B37F0EA8A1332190D23CD72752889B7A5C90DDC610F ] C:\Windows\System32\sqmapi.dll
03:11:51.0624 0x0da8  C:\Windows\System32\sqmapi.dll - ok
03:11:51.0639 0x0da8  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] C:\Windows\System32\netprofm.dll
03:11:51.0639 0x0da8  C:\Windows\System32\netprofm.dll - ok
03:11:51.0639 0x0da8  [ 6BC5FCEF351E4CB5A269C1E84B5A06DA, A5CAB1752E7AB7A37E1F8B943FBBDF6FACAFC228FF6D0321E61D2501D2653BB7 ] C:\Windows\System32\netcfgx.dll
03:11:51.0639 0x0da8  C:\Windows\System32\netcfgx.dll - ok
03:11:51.0655 0x0da8  [ B458B58F7BB97C48D01AC3CF5805AAAC, C72F88E1CF47B3645177E8CC78E3AE3D098E6401EF7EF598E4C02F75A466B78C ] C:\Windows\System32\Query.dll
03:11:51.0655 0x0da8  C:\Windows\System32\Query.dll - ok
03:11:51.0671 0x0da8  [ A952D0DED445F26AEFCF593A935AB300, 3A5D7D33D6445B146C9F1ABAE7A705EB53E5C4800CE3F04A9392C42E0D9ECBBD ] C:\Windows\System32\hnetcfg.dll
03:11:51.0671 0x0da8  C:\Windows\System32\hnetcfg.dll - ok
03:11:51.0671 0x0da8  [ DFCAB29E8FD38F95650CC1E203E8D318, 96B444CF2FA218447A29BC5BF4308E3A5A47203555A460E79056EE6AC4875F9A ] C:\Windows\System32\npmproxy.dll
03:11:51.0671 0x0da8  C:\Windows\System32\npmproxy.dll - ok
03:11:51.0686 0x0da8  [ 30F0DC266B46118E9FBCF5B2A30EB1DB, 72C59BBD1590EAD91D92C07B3434BE308639CE773E8A2E72751E5396B4B10BA5 ] C:\Windows\System32\wbem\wbemprox.dll
03:11:51.0686 0x0da8  C:\Windows\System32\wbem\wbemprox.dll - ok
03:11:51.0686 0x0da8  [ FC1EEE57EB9CD57279D70BA2A9131C38, 3154EF4F545CE40C7C67B8D5A4DF23D37B2A6F0CA8C5EC656CF81D96A7BE3CE9 ] C:\Windows\System32\wbem\wbemcore.dll
03:11:51.0686 0x0da8  C:\Windows\System32\wbem\wbemcore.dll - ok
03:11:51.0702 0x0da8  [ C10E13721B0AAEBEB5EBA914F1D18181, D30BA6FF257A840D67BFA6AF332ADBDC0E79C70EDCEFB10FAACD7071FB431458 ] C:\Windows\System32\wbem\esscli.dll
03:11:51.0702 0x0da8  C:\Windows\System32\wbem\esscli.dll - ok
03:11:51.0718 0x0da8  [ BC5A34B6A14C93BF04E3F4E8EA57090A, 55F71740FBA3A079B81A045C81088C39176D44358ED28F568C198F338400E017 ] C:\Windows\System32\wbem\fastprox.dll
03:11:51.0718 0x0da8  C:\Windows\System32\wbem\fastprox.dll - ok
03:11:51.0718 0x0da8  [ DB0F37DBA4C245C61E5936DDBDE62438, 2DB2979BAF792DA74584E380055F233B9CEF51BCBF992CA84A79AD81A23C1663 ] C:\Windows\System32\wbem\wbemsvc.dll
03:11:51.0718 0x0da8  C:\Windows\System32\wbem\wbemsvc.dll - ok
03:11:51.0733 0x0da8  [ 980B6A5F92B8DB235C4A26728C2BE732, E4A48443CEE5B214DC057115C73402F7D31547CF39B1533A282B18BD92FCFEFA ] C:\Windows\System32\WUDFHost.exe
03:11:51.0733 0x0da8  C:\Windows\System32\WUDFHost.exe - ok
03:11:51.0749 0x0da8  [ 2C3B09E586BDA2CC49A292BE7BADC589, E8AA356380E11A75DA0B51DA9C8BD9D3EA05885206AB9D4D1A69A96D8E9777AE ] C:\Windows\System32\wbem\wmiutils.dll
03:11:51.0749 0x0da8  C:\Windows\System32\wbem\wmiutils.dll - ok
03:11:51.0749 0x0da8  [ 6A83B8AF342E61DEE353BAA81F67B7DA, F883A69DC57A203CEF4A264ADA3669EFA11149FE479A32FF38A37C86D24D7DE7 ] C:\Windows\System32\drivers\NisDrvWFP.sys
03:11:51.0764 0x0da8  C:\Windows\System32\drivers\NisDrvWFP.sys - ok
03:11:51.0764 0x0da8  [ B8A21907FE2F1A113F3487D9AB60BEF9, 00BC900F04C2594E177A5C13CF613194926292FF92A2E5320E98AFD94A9524D0 ] C:\Windows\System32\en-US\tquery.dll.mui
03:11:51.0764 0x0da8  C:\Windows\System32\en-US\tquery.dll.mui - ok
03:11:51.0780 0x0da8  [ 834933F16EA839AC5AC7CBF88638DF27, 5A91A23ACD760F81E4DF7976DE1FA27E80EF8D35B680EEC859E08AF9588ACBE4 ] C:\Windows\System32\wbem\repdrvfs.dll
03:11:51.0780 0x0da8  C:\Windows\System32\wbem\repdrvfs.dll - ok
03:11:51.0796 0x0da8  [ A36F7A256E65D858A7039DB00ADEEBDD, 88318848AEE4CA5C8F32BE363C6155BCE66B18C03393B2900D4F736A696E6E5B ] C:\Windows\System32\WUDFx.dll
03:11:51.0796 0x0da8  C:\Windows\System32\WUDFx.dll - ok
03:11:51.0796 0x0da8  [ 877C975D6FED8B12C445312D1286771E, 2FD5F2FE0414D00B8E4EF389E1AD11356C14F700A906770B0AB88B464D963948 ] C:\Program Files\Microsoft Security Client\NisSrv.exe
03:11:51.0796 0x0da8  C:\Program Files\Microsoft Security Client\NisSrv.exe - ok
03:11:51.0811 0x0da8  [ 97C7DA5932CDFFE8A53688636CB649C0, F53B605A782B07BBC9506083CD6F3FF2F23C315F5EDFB4DBC5070C5966906C15 ] C:\Program Files\Microsoft Security Client\NisLog.dll
03:11:51.0811 0x0da8  C:\Program Files\Microsoft Security Client\NisLog.dll - ok
03:11:51.0827 0x0da8  [ 9A6A653ADF28D9D69670B48F535E6B90, 72351645184693A879CFF7FD171A182F24B7F72EA313E8D42F2744D0421FE188 ] C:\Windows\System32\runonce.exe
03:11:51.0827 0x0da8  C:\Windows\System32\runonce.exe - ok
03:11:51.0827 0x0da8  [ 22DC784B32BEE306A99F50D6DC2460BC, 5144BDCEAFC593817545869E82A7D78104F310A8B0188E0EC49648F929F6E1C2 ] C:\Windows\System32\esent.dll
03:11:51.0827 0x0da8  C:\Windows\System32\esent.dll - ok
03:11:51.0843 0x0da8  [ F0062778F50838145AC46B384FFB4FA3, 7EC4509AB87062D2BA00E3B7AD59F3D6D2F01AF66E4AEFB70BFAFD1B89E7BFEF ] C:\Windows\System32\pcadm.dll
03:11:51.0843 0x0da8  C:\Windows\System32\pcadm.dll - ok
03:11:51.0858 0x0da8  [ 1D6B95871DC006190964B04E5657E35F, 813F546ECB052166851B3E402DA13BF82CC83D36DA02AF3DED3780FEFFBA3277 ] C:\Windows\System32\rastapi.dll
03:11:51.0858 0x0da8  C:\Windows\System32\rastapi.dll - ok
03:11:51.0858 0x0da8  [ 1DFC366D2154EF2B381A7F2CB165C7F4, BE21632FD644AEFD6B608E7098F73705F82B65CBFD0FCE93C0AF2BF9DE02E063 ] C:\Windows\System32\diagperf.dll
03:11:51.0858 0x0da8  C:\Windows\System32\diagperf.dll - ok
03:11:51.0874 0x0da8  [ B96B60EC821F86D445C9739A0F3DED59, 5BBB1C4AE7EB45403435D875598A8CC576698FD081977F5D51D438BA43140588 ] C:\Windows\System32\unimdm.tsp
03:11:51.0874 0x0da8  C:\Windows\System32\unimdm.tsp - ok
03:11:51.0889 0x0da8  [ 119A487B94FCB54D5154EBFBFA124755, 7699E095B3D6FEF556A99547974B566794B098D8A9F4CF602D539DEBCA95AD5F ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
03:11:51.0889 0x0da8  C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
03:11:51.0889 0x0da8  [ 74F26FC01B180D4A99A168ED69C30A53, D2FD623D70340F650BFAC8C31102E1B9168FE1750C141A23ACCC1A21F9F93A94 ] C:\Windows\System32\cmd.exe
03:11:51.0889 0x0da8  C:\Windows\System32\cmd.exe - ok
03:11:51.0905 0x0da8  [ DFBAADF1B624DC71E88D34D86B3595BE, AFEEA1CF788DC67833C4FA14CCE681B5E30F480A8D9059B9192D636359F8D8DD ] C:\Windows\System32\uniplat.dll
03:11:51.0905 0x0da8  C:\Windows\System32\uniplat.dll - ok
03:11:51.0921 0x0da8  [ 50ABE7CDA2DAE898216121D14092C182, 99EDF9A88CB78CB8B9C708979A22D675115743E2E78D006A55D77BB6513E1222 ] C:\Windows\System32\WMVCORE.DLL
03:11:51.0921 0x0da8  C:\Windows\System32\WMVCORE.DLL - ok
03:11:51.0921 0x0da8  [ C2C6C014B96581EC8BF0C8604DE1743E, 5641A4B4EEB85C247A6C5718D3DDBAC9BD8C00E1D474721E8F27CFC7E7C25FBC ] C:\Windows\System32\wbem\WmiPrvSD.dll
03:11:51.0921 0x0da8  C:\Windows\System32\wbem\WmiPrvSD.dll - ok
03:11:51.0936 0x0da8  [ 21322832C99E8DE85BD047689A2A69DB, EDEA0659E65AD8C081BDF82A8AFF0999E7DD3B31F2AB0FBCEDDAEE893E90B9EB ] C:\Windows\System32\pnpts.dll
03:11:51.0936 0x0da8  C:\Windows\System32\pnpts.dll - ok
03:11:51.0936 0x0da8  [ F85134BF76CB335A39F8D7BC4173D4FB, F6D1FA04D5BEA86625016FC460B9BF713C0D47694D84E9EA31AB927AD7527F37 ] C:\Windows\System32\msscb.dll
03:11:51.0936 0x0da8  C:\Windows\System32\msscb.dll - ok
03:11:51.0952 0x0da8  [ FEA6D21F78922D641A0C9346D885133B, 258B920BFA67A5F5A85A455EC7CCF18119C786F94A708087F09F3B5660CD783C ] C:\Windows\System32\mssprxy.dll
03:11:51.0952 0x0da8  C:\Windows\System32\mssprxy.dll - ok
03:11:51.0968 0x0da8  [ A609A192E98934A8D352704C99AB8577, E4E4B8FEDBDFAC148E416190C7E88F8634269FFB2395E197D92BCB3CD7CDF662 ] C:\Windows\System32\wbem\wbemess.dll
03:11:51.0968 0x0da8  C:\Windows\System32\wbem\wbemess.dll - ok
03:11:51.0968 0x0da8  [ B4B59AC042EE3733A862F26CBC0B17FC, 4EB571061FF1C0CEF66C450FBB266D81A583B7EA2AFD4A32F3ED7079969D7949 ] C:\Windows\System32\hidphone.tsp
03:11:51.0968 0x0da8  C:\Windows\System32\hidphone.tsp - ok
03:11:51.0983 0x0da8  [ 953193A9DEA40348C1086D171F6440AE, D09D2A3238A56C823010F7AB5A92C88D315F7A01093C3EB0CF70C0F058055C93 ] C:\Windows\System32\kmddsp.tsp
03:11:51.0983 0x0da8  C:\Windows\System32\kmddsp.tsp - ok
03:11:51.0999 0x0da8  [ 2F6776ACEFE41EE889C464EA407918F2, 67401F5B8B6DBA6E7478D1D05D1ED91680C8623E66CA66AFB44377D63DD5F13C ] C:\Windows\System32\ndptsp.tsp
03:11:51.0999 0x0da8  C:\Windows\System32\ndptsp.tsp - ok
03:11:52.0014 0x0da8  [ 8B645890A93F1FBBC7DA3E07CC72D762, 9D7054729CC860F2311060C236F7123567CBB2780966A72B6ADEB96185CB5D7B ] C:\Windows\System32\rasppp.dll
03:11:52.0014 0x0da8  C:\Windows\System32\rasppp.dll - ok
03:11:52.0014 0x0da8  [ A3D6CAD1BDB28463278D23726D7F620B, 04C5A007F2F720E9AD9A9CAE854605DA5C2DB5123A67D5CE4DE7BB866A7C4C00 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EBAEFBC0-F932-425D-A487-030A93A51AA7}\gapaengine.dll
03:11:52.0014 0x0da8  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EBAEFBC0-F932-425D-A487-030A93A51AA7}\gapaengine.dll - ok
03:11:52.0030 0x0da8  [ 56E315ACFB08A177B4D01E42B9044DB5, 230B5AC4EB6654C854046CD210A80929345AA5D049EFA7C329048723A3A32345 ] C:\Windows\System32\mprapi.dll
03:11:52.0030 0x0da8  C:\Windows\System32\mprapi.dll - ok
03:11:52.0046 0x0da8  [ 88225070DD2F7B0B2ED51E7935078641, 9DC31DE93783EBC7285B8CBEA50E73976AA221B9701C3AE6CED56960F19AB298 ] C:\Windows\System32\rasqec.dll
03:11:52.0046 0x0da8  C:\Windows\System32\rasqec.dll - ok
03:11:52.0046 0x0da8  [ 82A79D5BE740D0AE9C91AA6DE4B3AC5A, C7E9FB7FE06626931A64846AE628655FC5469D840E42315E5E70C89810E622B3 ] C:\Windows\System32\raschap.dll
03:11:52.0046 0x0da8  C:\Windows\System32\raschap.dll - ok
03:11:52.0061 0x0da8  [ 3B0489DE8CC3058B48471660C60A7B75, A4EE12ACE2EB2E48E0D40A8845E3DCE8CF5A9D07EF29EE38F25A7F5BE3566919 ] C:\Windows\System32\rastls.dll
03:11:52.0061 0x0da8  C:\Windows\System32\rastls.dll - ok
03:11:52.0077 0x0da8  [ 36CCD8A79539C4ACE3BABE09C2CFBA16, 344C4E6F6537ED523F06204812188EE83A96D595ADA15A83260A733703BFD2A3 ] C:\Windows\System32\WMASF.DLL
03:11:52.0077 0x0da8  C:\Windows\System32\WMASF.DLL - ok
03:11:52.0077 0x0da8  [ 0E26DFBBCD07F1DBA7CA70F00BC5EF1B, 216EC724928CCE858D52FB1834BC13043BC942BC03F2B3AF6AFE6E1C4EF43D7D ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EBAEFBC0-F932-425D-A487-030A93A51AA7}\nisfull.vdm
03:11:52.0077 0x0da8  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EBAEFBC0-F932-425D-A487-030A93A51AA7}\nisfull.vdm - ok
03:11:52.0093 0x0da8  [ 248A1F31ABB58DDDDC01490EF0BDC777, 5E5CF3FEAB07628BB1EAE37BED9207E231AB3AEE38907C58D909B1BA391D18A8 ] C:\Windows\System32\cryptui.dll
03:11:52.0093 0x0da8  C:\Windows\System32\cryptui.dll - ok
03:11:52.0108 0x0da8  [ 5CAAE5333EF36DB4A8D294418AB37E80, 0FAC92CDED62CEFDD44B3DC714FC3A453FEAAF44653F3AB75FB5A093A1DA71E9 ] C:\Windows\System32\p2pcollab.dll
03:11:52.0108 0x0da8  C:\Windows\System32\p2pcollab.dll - ok
03:11:52.0108 0x0da8  [ B2B117BD8D1EA80536CDD91797EF4A0A, 0A6BBDA1608189B3D97B568495972F87FCE5993BC0BE2917A34A74BC4F9CA117 ] C:\Windows\System32\PortableDeviceClassExtension.dll
03:11:52.0108 0x0da8  C:\Windows\System32\PortableDeviceClassExtension.dll - ok
03:11:52.0124 0x0da8  [ 883D02AB5D350BC45E0F60E8CFA97FDC, 3F955D79F65DAE098B1F6AFC0475041C0C1A012195160E59C2D8C08287CE1D05 ] C:\Windows\System32\PortableDeviceTypes.dll
03:11:52.0124 0x0da8  C:\Windows\System32\PortableDeviceTypes.dll - ok
03:11:52.0139 0x0da8  [ 8163D88337C067C8B75BA80BEBC0B0CD, 42F10FC716CCFA66ADD10C45F81B6A6A8ED842DB211D9FAEA58E6D8046F091E8 ] C:\Windows\System32\ieframe.dll
03:11:52.0139 0x0da8  C:\Windows\System32\ieframe.dll - ok
03:11:52.0139 0x0da8  [ 254AC97C9AF4DDF3F5F57855198527B7, 3F78B76BEC50B333ED9A4C0064EBCB573FFF885813A212407E32126F2167B5DE ] C:\Windows\System32\wermgr.exe
03:11:52.0139 0x0da8  C:\Windows\System32\wermgr.exe - ok
03:11:52.0155 0x0da8  [ B288FF7C1987A736726E87C79148C360, 8271A01FEFCDB87ABC9B4F91C641CDF60B636D590C2B56AC5B930D48D067E21C ] C:\Windows\System32\PortableDeviceWiaCompat.dll
03:11:52.0155 0x0da8  C:\Windows\System32\PortableDeviceWiaCompat.dll - ok
03:11:52.0171 0x0da8  [ BF899F57858B8C6F162D9EEB2370641C, 75F2A44304C9E4726E10FDE4AD316D57F1A16EA5968E9EAAEFB756BA3E99B497 ] C:\Windows\System32\wercon.exe
03:11:52.0171 0x0da8  C:\Windows\System32\wercon.exe - ok
03:11:52.0171 0x0da8  [ 1A617835452EEE5060976C9B9F5FE635, DCCAAB049681BE876B73F0880EA32196CDA7EC954D452768A48D366096C5BD53 ] C:\Windows\System32\wuapi.dll
03:11:52.0171 0x0da8  C:\Windows\System32\wuapi.dll - ok
03:11:52.0186 0x0da8  [ 3458EDA96E30FBD0477A2800D3FB1909, BDF84362E4D8A102E7FB5F352D950B84D1A8E1E7928521B68E7671D4176803C5 ] C:\Windows\System32\wups.dll
03:11:52.0186 0x0da8  C:\Windows\System32\wups.dll - ok
03:11:52.0186 0x0da8  [ D40E7B5FBB8E0EAA7C5C294389AF95AB, 8EFD521DF1F335AF416DEC15D5C0C6538903803AA1A8ED93AA704B384A29876B ] C:\Users\owner\AppData\Local\Temp\{7834DDD2-8FFD-4DB4-8604-714632065D1A}.exe
03:11:52.0186 0x0da8  C:\Users\owner\AppData\Local\Temp\{7834DDD2-8FFD-4DB4-8604-714632065D1A}.exe - ok
03:11:52.0202 0x0da8  [ 70C6489D56008D75DEDF73226FA63C11, 7AB4C89D7A259BB7DD6F24C5CA181749C3015A06B160B91593F2F1FC1E4AEDCE ] C:\Windows\System32\dimsjob.dll
03:11:52.0202 0x0da8  C:\Windows\System32\dimsjob.dll - ok
03:11:52.0218 0x0da8  [ 98638A4CA187245C469DA0DEC4F04A45, AE352C68D11888AA27109F366BFFA308CA8EE8E222599C74E2C0B1A1AA9B60A3 ] C:\Windows\System32\pautoenr.dll
03:11:52.0218 0x0da8  C:\Windows\System32\pautoenr.dll - ok
03:11:52.0218 0x0da8  [ AC48FD62E22C4425879FCA5A63F50497, 36234D6835F8CCDE2DEF4AAD2C9AD42C47FC7A5BDD9CFC9BE8FFE6995FB3DE1B ] C:\Windows\System32\certcli.dll
03:11:52.0218 0x0da8  C:\Windows\System32\certcli.dll - ok
03:11:52.0233 0x0da8  [ 0053319C4438CDE659AA75C19BBD22F1, F0EE45AAB3DC43DECF7DA6B7A5DC4AAEF9A660D3BE1B571EA5FD2C6779A583FB ] C:\Windows\System32\CertEnroll.dll
03:11:52.0233 0x0da8  C:\Windows\System32\CertEnroll.dll - ok
03:11:52.0249 0x0da8  [ C8AE490A93C3CC2E537B6E06247785A1, AE4978ADCBBE8047B3409969752230DC1A2C10B7ADC876859A3965196B7F6203 ] C:\Windows\System32\wbem\NCProv.dll
03:11:52.0249 0x0da8  C:\Windows\System32\wbem\NCProv.dll - ok
03:11:52.0249 0x0da8  [ E3F535656B5ABF249702EB64F3CF9AF0, 8669E7586FC1020E2C382997CF5A3B55BBF4A0135554921F1BC00CF9400FBC75 ] C:\Windows\System32\wbem\wbemcons.dll
03:11:52.0249 0x0da8  C:\Windows\System32\wbem\wbemcons.dll - ok
03:11:52.0264 0x0da8  [ 12BCF4DAD8E5A1B3D5FA7AB4A79DA105, 613F0D184E08CBE1FFEEB8F845ADCA79577FB3CF59EA1FEE6B2346D9930763AB ] C:\Windows\System32\sfc_os.dll
03:11:52.0264 0x0da8  C:\Windows\System32\sfc_os.dll - ok
03:11:52.0280 0x0da8  [ C0B8B96D018849FD8CCF15FED84E8782, E107AA4ADE150DC309C39BBF47292E7A7F8DD439FAB30791676BC8A1133B9AFD ] C:\Windows\System32\ie4uinit.exe
03:11:52.0280 0x0da8  C:\Windows\System32\ie4uinit.exe - ok
03:11:52.0280 0x0da8  [ F0FEFB0B5D25A75D478A4317139D937E, CB6EB2891130A410A80F6A1BF0CAC66C429DB7D4ADD0D8484CA4F83D17856441 ] C:\Windows\System32\iedkcs32.dll
03:11:52.0280 0x0da8  C:\Windows\System32\iedkcs32.dll - ok
03:11:52.0296 0x0da8  [ 4B19A9A4191353007E9819A832B81186, 02B78FB11F80763CCB0E30E383247BD76FAC8A25DEE4971E8958EF19A08A719A ] C:\Windows\System32\timedate.cpl
03:11:52.0296 0x0da8  C:\Windows\System32\timedate.cpl - ok
03:11:52.0311 0x0da8  [ 8D78BA30DB4AE040A52EDEE725782715, 15099FC7A90B2E8D718D46E02D56026D56B3F043124C3455E79B7B44A027DD11 ] C:\Windows\System32\actxprxy.dll
03:11:52.0311 0x0da8  C:\Windows\System32\actxprxy.dll - ok
03:11:52.0311 0x0da8  [ FF41E1AC301F51E16F61AD7C0F45467C, 8E8F7C932C4A6EE239BC6F48D064C55872ED309C8F77263159729D0C2EC675DA ] C:\Windows\System32\msshsq.dll
03:11:52.0311 0x0da8  C:\Windows\System32\msshsq.dll - ok
03:11:52.0327 0x0da8  [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\Users\owner\AppData\Local\Temp\{64434883-2DC6-47A9-93CD-C1A2D0CDC0CF}\{D97BD686-C596-430E-88DE-051336391290}.tmp
03:11:52.0327 0x0da8  C:\Users\owner\AppData\Local\Temp\{64434883-2DC6-47A9-93CD-C1A2D0CDC0CF}\{D97BD686-C596-430E-88DE-051336391290}.tmp - ok
03:11:52.0343 0x0da8  [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\Users\owner\AppData\Local\Temp\{64434883-2DC6-47A9-93CD-C1A2D0CDC0CF}\{2418A486-5EF0-49E1-B995-89FEEB51A5AE}.tmp
03:11:52.0343 0x0da8  C:\Users\owner\AppData\Local\Temp\{64434883-2DC6-47A9-93CD-C1A2D0CDC0CF}\{2418A486-5EF0-49E1-B995-89FEEB51A5AE}.tmp - ok
03:11:52.0343 0x0da8  [ 80808656078CFCC32CF8BFEB0DD66279, 383F37599ABF16EEDEB2A60242DB7EDCC3D210A2A59DD61169047059F7041C5C ] C:\Users\owner\AppData\Local\Temp\{64434883-2DC6-47A9-93CD-C1A2D0CDC0CF}\{31313AE2-D662-4F15-A1BD-52316960AA2F}.tmp
03:11:52.0343 0x0da8  C:\Users\owner\AppData\Local\Temp\{64434883-2DC6-47A9-93CD-C1A2D0CDC0CF}\{31313AE2-D662-4F15-A1BD-52316960AA2F}.tmp - ok
03:11:52.0358 0x0da8  [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\Users\owner\AppData\Local\Temp\{64434883-2DC6-47A9-93CD-C1A2D0CDC0CF}\{943B594C-9031-4268-A349-6FD1A2E6EA8D}.tmp
03:11:52.0358 0x0da8  C:\Users\owner\AppData\Local\Temp\{64434883-2DC6-47A9-93CD-C1A2D0CDC0CF}\{943B594C-9031-4268-A349-6FD1A2E6EA8D}.tmp - ok
03:11:52.0374 0x0da8  [ 1CE4A2790EB4A96F4ED1E4264866AFE6, EA079AABE19E4E15674AB6EC0B92EFBB382CEDE1D43CFF8A118127F7FF891FDA ] C:\Windows\System32\NaturalLanguage6.dll
03:11:52.0374 0x0da8  C:\Windows\System32\NaturalLanguage6.dll - ok
03:11:52.0374 0x0da8  [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\Users\owner\AppData\Local\Temp\{64434883-2DC6-47A9-93CD-C1A2D0CDC0CF}\{05E80753-3660-495B-9AD2-187641B1A66B}.tmp
03:11:52.0374 0x0da8  C:\Users\owner\AppData\Local\Temp\{64434883-2DC6-47A9-93CD-C1A2D0CDC0CF}\{05E80753-3660-495B-9AD2-187641B1A66B}.tmp - ok
03:11:52.0389 0x0da8  [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\Users\owner\AppData\Local\Temp\{64434883-2DC6-47A9-93CD-C1A2D0CDC0CF}\{EEEC7F3C-2328-4E55-89D5-E2E1A306E4B4}.tmp
03:11:52.0389 0x0da8  C:\Users\owner\AppData\Local\Temp\{64434883-2DC6-47A9-93CD-C1A2D0CDC0CF}\{EEEC7F3C-2328-4E55-89D5-E2E1A306E4B4}.tmp - ok
03:11:52.0405 0x0da8  [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\Users\owner\AppData\Local\Temp\{64434883-2DC6-47A9-93CD-C1A2D0CDC0CF}\{DFECF52E-237F-4FB1-BDE7-0CC6AE997165}.tmp
03:11:52.0405 0x0da8  C:\Users\owner\AppData\Local\Temp\{64434883-2DC6-47A9-93CD-C1A2D0CDC0CF}\{DFECF52E-237F-4FB1-BDE7-0CC6AE997165}.tmp - ok
03:11:52.0405 0x0da8  [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\Users\owner\AppData\Local\Temp\{64434883-2DC6-47A9-93CD-C1A2D0CDC0CF}\{4DA4EDD1-1818-4E1E-9ED2-3BD9EBA149A9}.tmp
03:11:52.0405 0x0da8  C:\Users\owner\AppData\Local\Temp\{64434883-2DC6-47A9-93CD-C1A2D0CDC0CF}\{4DA4EDD1-1818-4E1E-9ED2-3BD9EBA149A9}.tmp - ok
03:11:52.0437 0x0da8  [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\Users\owner\AppData\Local\Temp\{64434883-2DC6-47A9-93CD-C1A2D0CDC0CF}\{03E005E4-6D57-4C91-90A7-2A606671223E}.tmp
03:11:52.0437 0x0da8  C:\Users\owner\AppData\Local\Temp\{64434883-2DC6-47A9-93CD-C1A2D0CDC0CF}\{03E005E4-6D57-4C91-90A7-2A606671223E}.tmp - ok
03:11:52.0437 0x0da8  [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\Users\owner\AppData\Local\Temp\{64434883-2DC6-47A9-93CD-C1A2D0CDC0CF}\{92DAE0F9-7A97-4916-B8B7-7BBA719E23AF}.tmp
03:11:52.0437 0x0da8  C:\Users\owner\AppData\Local\Temp\{64434883-2DC6-47A9-93CD-C1A2D0CDC0CF}\{92DAE0F9-7A97-4916-B8B7-7BBA719E23AF}.tmp - ok
03:11:52.0453 0x0da8  [ AA111488C03C58A2BF66509ABB4FDE60, E7E0E3305DB8ECE1E4312D8C664BE0C25B62236C97ABB19ABF5B4FD1E75C83E2 ] C:\Windows\System32\NlsData0009.dll
03:11:52.0453 0x0da8  C:\Windows\System32\NlsData0009.dll - ok
03:11:52.0453 0x0da8  [ 0CFCDE5D9D074D96B78D1F1CBF1AAB1D, 15A579FDE0288BC732DF0C092A8269159D4D7B8AAC13E78B1D444899EE1CE478 ] C:\Windows\System32\riched20.dll
03:11:52.0453 0x0da8  C:\Windows\System32\riched20.dll - ok
03:11:52.0469 0x0da8  [ 8629B71343F61E1140243581C63BC0C7, DF03E90AC77E2559294385B8502AF8F6BAF5B2B40BE843F1AD50CD5848538F0D ] C:\Windows\System32\NlsLexicons0009.dll
03:11:52.0469 0x0da8  C:\Windows\System32\NlsLexicons0009.dll - ok
03:11:52.0484 0x0da8  [ 716A1BC93BA66C3EEC98634B14C47CE9, 69BF1AADED523BE9AA6053DD25C3057967DFEB094AE6080C5E0B5CC3A121B6BD ] C:\Program Files\IObit\LiveUpdate\ProductStatistics.dll
03:11:52.0484 0x0da8  C:\Program Files\IObit\LiveUpdate\ProductStatistics.dll - ok
03:11:52.0484 0x0da8  [ 24F90AEFEBE601D427CB4511E74CDCB6, 0FEBBE1F81E6A48DA0D8967E256259B6F92F6E79804DF9CAC9422FEC47CB9BF2 ] C:\Windows\System32\linkinfo.dll
03:11:52.0484 0x0da8  C:\Windows\System32\linkinfo.dll - ok
03:11:52.0500 0x0da8  [ 8123F8331B2418A2FF593C011F0C823C, 35CA8F34D13AB3673243B8569006412F41453B866B555E812A62D5E1941BDFCC ] C:\Windows\System32\sc.exe
03:11:52.0500 0x0da8  C:\Windows\System32\sc.exe - ok
03:11:52.0515 0x0da8  [ 04044BF8E6989BE45FA718C24407CA28, C88D19AA791793313551B26DF2A33A59BEBE366F2F2930ABDE0865AE932BFD7E ] C:\Windows\System32\networkexplorer.dll
03:11:52.0515 0x0da8  C:\Windows\System32\networkexplorer.dll - ok
03:11:52.0515 0x0da8  [ 7F2691FD961C9A704DA221745CCE6295, E33F879D1F5E50DD5FC37754B717EA3EA269CC6809F00C5C5DA189545110BF8C ] C:\Program Files\Real\RealPlayer\Update\realsched.exe
03:11:52.0515 0x0da8  C:\Program Files\Real\RealPlayer\Update\realsched.exe - ok
03:11:52.0531 0x0da8  [ 5016B8FC59AD616F03813FBE63295081, D5141F87D456CBF12E7C227A9C5D3918A675D20953E7705A49ED1BE5426C69EB ] C:\Windows\System32\thumbcache.dll
03:11:52.0531 0x0da8  C:\Windows\System32\thumbcache.dll - ok
03:11:52.0547 0x0da8  [ 027E5E14C9CFF810377701BDEAD8210F, 053BE912C3F536DFA8734603B9BDFB314B61934404C84B368ABC8CA8C68F2CE5 ] C:\Windows\System32\control.exe
03:11:52.0547 0x0da8  C:\Windows\System32\control.exe - ok
03:11:52.0547 0x0da8  [ B5950DF243837D8217F4E597919B224A, 3E675AFDE75E4DB9C528343569F5A9DE495BBCCB699EBE3FE41A2B5199F25E97 ] C:\Windows\System32\stobject.dll
03:11:52.0547 0x0da8  C:\Windows\System32\stobject.dll - ok
03:11:52.0562 0x0da8  [ EC69B16644C613F41A57169F8D068F1D, 400CD49D44643CC72129A918B2E2B4FEDB5DD26A9709D7A686B01432F73F0474 ] C:\Windows\System32\batmeter.dll
03:11:52.0562 0x0da8  C:\Windows\System32\batmeter.dll - ok
03:11:52.0578 0x0da8  [ BADC359C9A0D9C217B7E8DA17BF3F5BB, F3DAD07D80FFF1631AE21C66362757263BD9D6D2D6DE692A618191F84EE46827 ] C:\Windows\System32\ntshrui.dll
03:11:52.0578 0x0da8  C:\Windows\System32\ntshrui.dll - ok
03:11:52.0578 0x0da8  [ 30F02D9C55053367E26A11482F51E255, A1CE545DBB8983BD71C82FAC1C3F2633E571FAC7EFDDD8E99E73C7A308A31861 ] C:\Windows\System32\SndVolSSO.dll
03:11:52.0578 0x0da8  C:\Windows\System32\SndVolSSO.dll - ok
03:11:52.0594 0x0da8  [ 61216539E55DDF2F78E421E7EF140650, 0897EEA53F8924441FD2F61EB0FCE96142A6526EDB857B1638FEDD9304AD3561 ] C:\Windows\System32\ExplorerFrame.dll
03:11:52.0594 0x0da8  C:\Windows\System32\ExplorerFrame.dll - ok
03:11:52.0609 0x0da8  [ E279E55C0D5F5DA2E1FD268EBD12F268, 06C40AF999881699DD9B73440D2ED48F404864C3FB8FF7B36560759892CAAA12 ] C:\Program Files\Microsoft Security Client\msseces.exe
03:11:52.0609 0x0da8  C:\Program Files\Microsoft Security Client\msseces.exe - ok
03:11:52.0609 0x0da8  [ 790222D6CCFC576F0D07D418E6115D85, F1B1B9CC64822CE16629B1569121FB782A1A5F4E49E97AB9238BCBCD81E58AF9 ] C:\Program Files\Windows Calendar\WinCal.exe
03:11:52.0609 0x0da8  C:\Program Files\Windows Calendar\WinCal.exe - ok
03:11:52.0625 0x0da8  [ 313B30189557A2E2793F845DE0F0A4D5, AC3B725CF44C214FACB7F48784CE3CAB7CA2F94B6C3E7C2549AD0C94070DE849 ] C:\Windows\ehome\ehSSO.dll
03:11:52.0625 0x0da8  C:\Windows\ehome\ehSSO.dll - ok
03:11:52.0640 0x0da8  [ E98E402067978DB38282158F9E8609CA, 63AA9BA292F5A62C0B6C668BE27E4B0BF1761CD5D961D405CAEDE2DC7C54A2E2 ] C:\Windows\System32\netshell.dll
03:11:52.0640 0x0da8  C:\Windows\System32\netshell.dll - ok
03:11:52.0640 0x0da8  [ 06164026C38AA5366E4D127E2E36FDE8, 9E2D88DFF9906F929F0F4C343E818DE8FDF0B49DDFA8B0851CF3E1DB66462F2C ] C:\Program Files\Windows Mail\wab.exe
03:11:52.0640 0x0da8  C:\Program Files\Windows Mail\wab.exe - ok
03:11:52.0656 0x0da8  [ 75AD59B9B12EB194486BE8D97B062994, 603ECA45F49420EE4F8549FB11C6CB814990E0A562786E6DEB3AF434A1D42E39 ] C:\Windows\System32\pnidui.dll
03:11:52.0656 0x0da8  C:\Windows\System32\pnidui.dll - ok
03:11:52.0672 0x0da8  [ EB2170D0DDF3B2A92506AE16BC524B0B, 95E296024DC16657BA36DB72E7AB774C68A6F8029B2ACB18460FC50E44AE5DA9 ] C:\Windows\System32\wlanutil.dll
03:11:52.0672 0x0da8  C:\Windows\System32\wlanutil.dll - ok
03:11:52.0672 0x0da8  [ DE7F813217EC88C0A6D4D8F2F39D7949, F749DA3DC87DDA8579B02F27951CC3BBEADFC25362D892E9484146616A0ACF47 ] C:\Windows\System32\msiltcfg.dll
03:11:52.0672 0x0da8  C:\Windows\System32\msiltcfg.dll - ok
03:11:52.0687 0x0da8  [ ABAEAEE763E287BDD39094C4165E1F3F, 7AEF1623E585A42620D423309BC48FE386B8ACC52315F03B946947B6E6F434B6 ] C:\Windows\System32\fdProxy.dll
03:11:52.0687 0x0da8  C:\Windows\System32\fdProxy.dll - ok
03:11:52.0687 0x0da8  [ 395335431AD55C167CFDBBAB8420DA73, F9945DA83998BA22F40D334C42D960B2E4A82DE98522637A0F7D14DC6B708CB5 ] C:\Program Files\Movie Maker\DVDMaker.exe
03:11:52.0687 0x0da8  C:\Program Files\Movie Maker\DVDMaker.exe - ok
03:11:52.0703 0x0da8  ================ Scan generic autorun ======================
03:11:52.0984 0x0da8  [ 7F2691FD961C9A704DA221745CCE6295, E33F879D1F5E50DD5FC37754B717EA3EA269CC6809F00C5C5DA189545110BF8C ] C:\Program Files\Real\RealPlayer\update\realsched.exe
03:11:52.0984 0x0da8  TkBellExe - ok
03:11:53.0297 0x0da8  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
03:11:53.0516 0x0da8  Sidebar - ok
03:11:53.0532 0x0da8  WindowsWelcomeCenter - ok
03:11:53.0829 0x0da8  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
03:11:53.0860 0x0da8  Sidebar - ok
03:11:53.0876 0x0da8  WindowsWelcomeCenter - ok
03:11:53.0876 0x0da8  Waiting for KSN requests completion. In queue: 3
03:11:54.0877 0x0da8  Waiting for KSN requests completion. In queue: 3
03:11:55.0878 0x0da8  Waiting for KSN requests completion. In queue: 3
03:11:56.0894 0x0da8  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x61000 ( enabled : updated )
03:11:56.0910 0x0da8  Win FW state via NFP2: enabled
03:11:59.0271 0x0da8  ============================================================
03:11:59.0271 0x0da8  Scan finished
03:11:59.0271 0x0da8  ============================================================
03:11:59.0287 0x0d90  Detected object count: 0
03:11:59.0287 0x0d90  Actual detected object count: 0
03:14:14.0366 0x0c98  Deinitialize success
 



#9 LiquidTension

LiquidTension

  • Malware Response Team
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:13 PM

Posted 29 October 2014 - 04:23 AM

Hello, 

 

Due to the nature of one of the infections present on your machine, I must ensure you are aware of the following. Please read the warning below, let me know what you think and how you wish to proceed. 
 

goGMWSt.gifBACKDOOR WARNING
 
------------------------------

One or more of the identified infections is known to use a backdoor, that allows attackers to remotely control your computer, download/execute files and steal critical system, financial and personal information.

If your computer was used for online banking, has credit card information or other sensitive data, using a non-infected computer/device you should immediately change all account information (including those used for banking, Email, eBay, Paypal, online forums, etc).

Banking and credit card institutions should be notified of the possible security breach immediately. Please read the following article for more information: How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

Whilst the identified infection(s) can be removed, there is no way to guarantee the trustworthiness of your computer unless you reformat your Hard Drive and reinstall your Operating System. This is due to the nature of the infection, which allows the attacker remote control over the machine. Many experts in the security community believe that once infected with this type of malware, the best course of action is to reformat/reinstall. Please read the following articles for more information.

You now have the choice between cleaning the infection(s) present or reformatting your computer. Ultimately, this decision is personal, and down to you and what you're most comfortable with. Please let me know how you wish to proceed, and if you have any questions.

Posted Image

#10 G8888

G8888
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:05:13 PM

Posted 29 October 2014 - 08:55 PM

Thats bad my mum uses online banking though & hasn't said anything about money going missing.

I'll clean it does that work or sometimes not?

 

Do you know what put it on my computer? Would reformatting delete everything i have on my computer?

Is my Windows defender being turned off  a virus to? When i try to turn it back on the computer won't let me, a thing pops up with a red X that says something like error & service.


Edited by G8888, 29 October 2014 - 11:26 PM.


#11 LiquidTension

LiquidTension

  • Malware Response Team
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:13 PM

Posted 30 October 2014 - 11:18 AM

Hello, 
 

I'll clean it does that work or sometimes not?

Cleaning the machine will remove the identified infections. But the only way to guarantee all malware removed is to reformat. 
 

Do you know what put it on my computer?

Impossible to say I'm afraid. Any of the following are common infection vectors.

  • Browsing the Internet without an active Anti-Virus and Firewall. 
  • Leaving vulnerable Internet-facing software unpatched/outdated (Windows, Adobe software, Java, etc). 
  • Participating in the usage of P2P filesharing.
  • Participating in the usage of cracked/warez software. 
  • Aimlessly clicking unknown links/email attachments. 
  • Rushing through the installation of new software without reading each page. 
  • Inserting USB drives or other removal media that you do not own. 
  • Social engineering. 
  • Visiting a compromised website. 
  • Malvertisments/compromised ad services delivering malicious ads. 
     

Would reformatting delete everything i have on my computer?

Yes. You can of course backup your data first. 
 

Is my Windows defender being turned off  a virus to? When i try to turn it back on the computer won't let me, a thing pops up with a red X that says something like error & service.

The malware present is interfering with Windows Defender.

 

How would you like to proceed?


Posted Image

#12 G8888

G8888
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:05:13 PM

Posted 30 October 2014 - 07:25 PM

I'll try cleaning it first but if i do then need to reformat, what do i do to backup

things i need from my computer?



#13 LiquidTension

LiquidTension

  • Malware Response Team
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:13 PM

Posted 30 October 2014 - 07:38 PM

I would backup your files first. 
 
The safest practice is not to backup any executable (.exe), screensavers (.scr), dynamic link library (.dll), autorun (.ini) or script (.php,.asp.htm.html.xml) files because they may be infected by malware. You should also avoid backing up compressed (.zip.cab.rar) files that have executables inside as some types of malware can penetrate compressed files and infect the .exe files within them. Other types of malware may disguise itself by hiding a file extension or by adding double file extensions and/or space(s) in the file's name to hide the real extension, so be sure you look closely at the full file name.

  • Backing up documents, image, music and video is fine.
  • Specially crafted Word/Excel/PDF can be used for malicious intent, so I recommend only backing up documents that you created, or you know to come from a trusted source. 
  • To repeat, do not backup up files with the following extensions:
.exe, .scr, .bat, .com, .cmd, .msi, .pif, .ini, .htm, .html, .hta, .php, .asp, .xml, .zip, .rar, .cab
  • Once you have decided which files you wish to backup, copy the files over to a USB drive or external hard drive. 
     

Let me know when you're ready to begin cleaning.


Posted Image

#14 G8888

G8888
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:05:13 PM

Posted 31 October 2014 - 02:05 AM

I'm ready to clean it now i did a backup of some files to my USB stick.


Edited by G8888, 31 October 2014 - 02:28 AM.


#15 LiquidTension

LiquidTension

  • Malware Response Team
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:13 PM

Posted 31 October 2014 - 10:54 AM

OK. Please do the following. 

 

STEP 1
9SN2ePL.png ComboFix

  • Note: Please read through these instructions before running ComboFix. 
  • Please download ComboFix and save the file to your Desktop. << Important!
  • Temporarily disable your anti-virus software. For instructions, please refer to the following link.
  • Right-Click ComboFix.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Follow the prompts. 
     
  • Allow ComboFix to complete it's removal routine (please refer to Important Notes:).
  • Upon completion, a log (ComboFix.txt) will be created in the root directory (C:\). Copy the contents of the log and paste in your next reply.
  • Re-enable your anti-virus software.
     

Important Notes:

  • Do NOT mouse click ComboFix's window whilst it is running. This may cause the programme to stall.
  • Do NOT use your computer whilst ComboFix is running.
  • Your Desktop/taskbar may disappear whilst ComboFix is running; this is normal.
     
  • If you get the message Illegal operation attempted on registry key that has been marked for deletion please reboot your computer.
  • ComboFix will disconnect your machine from the Internet as soon as it starts.
  • Please do not attempt to re-connect your machine back to the Internet until ComboFix has completely finished.
  • If you are unable to access the Internet after running ComboFix, please reboot your computer. 
     

STEP 2
xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Scan

  • Right-Click FRST.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Yes to the disclaimer.
  • Ensure the Addition.txt box is checked.
  • Click the Scan button and let the programme run.
  • Upon completion, click OK, then OK on the Addition.txt pop up screen.
  • Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply. 
     

======================================================
 
STEP 3
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • ComboFix.txt
  • FRST.txt
  • Addition.txt

Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users