Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer very slow after Cidox b rootkit removal


  • This topic is locked This topic is locked
31 replies to this topic

#1 Zapan

Zapan

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:05:41 AM

Posted 13 January 2015 - 05:29 PM

Hi guys,

 

I have been having trouble with my computer lately. It starts very slowly and I have been having attemps of my browsers to connect to unwanted webpages and requests of permisson, specialy a IE window of Java asking permission, even after denying and ticking the option "remember choice" it would keep poping up. Pestered me so much that I ended up uninstalling Internet Explorer.

 

After looking around in the web I supposed I had a rootkit and checked with Malwarebytes that indicated a Cidox B but did not remove it. I used TDSS Killer, that did find that rootkit and I used the option "Cure".

 

Nonetheless, computer stays slow and I still have unwanted attemps of connection along with some BSODs...

 

Help!!!

 

I have 3 reports from TDSS that I will post afterwards.


First report:

19:53:51.0986 0x0ee8  TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
19:53:59.0226 0x0ee8  ============================================================
19:53:59.0226 0x0ee8  Current date / time: 2015/01/13 19:53:59.0226
19:53:59.0226 0x0ee8  SystemInfo:
19:53:59.0226 0x0ee8  
19:53:59.0226 0x0ee8  OS Version: 6.1.7601 ServicePack: 1.0
19:53:59.0226 0x0ee8  Product type: Workstation
19:53:59.0226 0x0ee8  ComputerName: DELL-RAUL
19:53:59.0226 0x0ee8  UserName: Raul
19:53:59.0226 0x0ee8  Windows directory: C:\Windows
19:53:59.0226 0x0ee8  System windows directory: C:\Windows
19:53:59.0226 0x0ee8  Running under WOW64
19:53:59.0226 0x0ee8  Processor architecture: Intel x64
19:53:59.0226 0x0ee8  Number of processors: 2
19:53:59.0226 0x0ee8  Page size: 0x1000
19:53:59.0226 0x0ee8  Boot type: Normal boot
19:53:59.0226 0x0ee8  ============================================================
19:54:02.0068 0x0ee8  KLMD registered as C:\Windows\system32\drivers\94773708.sys
19:54:02.0438 0x0ee8  System UUID: {62FBAE3D-08B4-2315-5321-4C9BB5C49F18}
19:54:03.0458 0x0ee8  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:54:03.0468 0x0ee8  ============================================================
19:54:03.0468 0x0ee8  \Device\Harddisk0\DR0:
19:54:03.0468 0x0ee8  MBR partitions:
19:54:03.0468 0x0ee8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x403988, BlocksNum 0xC82A7C7
19:54:03.0468 0x0ee8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x403000
19:54:03.0488 0x0ee8  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xCC2F000, BlocksNum 0x10596000
19:54:03.0488 0x0ee8  ============================================================
19:54:03.0518 0x0ee8  F: <-> \Device\Harddisk0\DR0\Partition2
19:54:03.0558 0x0ee8  C: <-> \Device\Harddisk0\DR0\Partition1
19:54:03.0628 0x0ee8  D: <-> \Device\Harddisk0\DR0\Partition3
19:54:03.0628 0x0ee8  ============================================================
19:54:03.0628 0x0ee8  Initialize success
19:54:03.0628 0x0ee8  ============================================================
19:55:33.0611 0x14ac  KLMD registered as C:\Windows\system32\drivers\92328225.sys
19:55:35.0779 0x14ac  Deinitialize success
 



BC AdBot (Login to Remove)

 


#2 Zapan

Zapan
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:05:41 AM

Posted 13 January 2015 - 05:32 PM

Second report:

19:59:48.0828 0x1150  TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
19:59:49.0000 0x1150  ============================================================
19:59:49.0000 0x1150  Current date / time: 2015/01/13 19:59:49.0000
19:59:49.0000 0x1150  SystemInfo:
19:59:49.0000 0x1150  
19:59:49.0000 0x1150  OS Version: 6.1.7601 ServicePack: 1.0
19:59:49.0000 0x1150  Product type: Workstation
19:59:49.0000 0x1150  ComputerName: DELL-RAUL
19:59:49.0000 0x1150  UserName: Raul
19:59:49.0000 0x1150  Windows directory: C:\Windows
19:59:49.0000 0x1150  System windows directory: C:\Windows
19:59:49.0000 0x1150  Running under WOW64
19:59:49.0000 0x1150  Processor architecture: Intel x64
19:59:49.0000 0x1150  Number of processors: 2
19:59:49.0000 0x1150  Page size: 0x1000
19:59:49.0000 0x1150  Boot type: Normal boot
19:59:49.0000 0x1150  ============================================================
19:59:49.0000 0x1150  BG loaded
19:59:50.0014 0x1150  System UUID: {62FBAE3D-08B4-2315-5321-4C9BB5C49F18}
19:59:52.0260 0x1150  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:59:52.0291 0x1150  ============================================================
19:59:52.0291 0x1150  \Device\Harddisk0\DR0:
19:59:52.0291 0x1150  MBR partitions:
19:59:52.0291 0x1150  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x403988, BlocksNum 0xC82A7C7
19:59:52.0291 0x1150  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x403000
19:59:52.0307 0x1150  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xCC2F000, BlocksNum 0x10596000
19:59:52.0307 0x1150  ============================================================
19:59:52.0338 0x1150  F: <-> \Device\Harddisk0\DR0\Partition2
19:59:52.0416 0x1150  C: <-> \Device\Harddisk0\DR0\Partition1
19:59:52.0525 0x1150  D: <-> \Device\Harddisk0\DR0\Partition3
19:59:52.0525 0x1150  ============================================================
19:59:52.0525 0x1150  Initialize success
19:59:52.0525 0x1150  ============================================================
20:00:02.0353 0x0d34  ============================================================
20:00:02.0353 0x0d34  Scan started
20:00:02.0353 0x0d34  Mode: Manual; SigCheck; TDLFS;
20:00:02.0353 0x0d34  ============================================================
20:00:02.0353 0x0d34  KSN ping started
20:00:02.0696 0x0d34  KSN ping finished: false
20:00:14.0144 0x0d34  ================ Scan system memory ========================
20:00:14.0144 0x0d34  System memory - ok
20:00:14.0144 0x0d34  ================ Scan services =============================
20:00:14.0424 0x0d34  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
20:00:14.0690 0x0d34  1394ohci - ok
20:00:14.0752 0x0d34  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
20:00:14.0783 0x0d34  ACPI - ok
20:00:14.0814 0x0d34  [ 12C5274CD87449A2A37A607CDB321922, 50FA524E66A8FA04037DC954D3AB5383C633898F111A3B7488630B649B897370 ] acpials         C:\Windows\system32\DRIVERS\acpials.sys
20:00:14.0861 0x0d34  acpials - ok
20:00:14.0924 0x0d34  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
20:00:15.0033 0x0d34  AcpiPmi - ok
20:00:15.0158 0x0d34  [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
20:00:15.0173 0x0d34  Adobe LM Service - detected UnsignedFile.Multi.Generic ( 1 )
20:00:15.0392 0x0d34  Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
20:00:15.0516 0x0d34  [ 4C72FDD915D62EAEF149BD9C73AB9CF4, 8EA45A1B88DFD819F0ADA3AF36D464E1BF52574269592370E0CC8D0490680E1F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:00:15.0548 0x0d34  AdobeARMservice - ok
20:00:15.0719 0x0d34  [ 4E48A7DF7ECACB38C686B2BEBAA687A3, D4DEE6BD464855B24A6D40BC6A9279B2041099615C6A319D869DA113AD896EA3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:00:15.0735 0x0d34  AdobeFlashPlayerUpdateSvc - ok
20:00:15.0797 0x0d34  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
20:00:15.0828 0x0d34  adp94xx - ok
20:00:15.0875 0x0d34  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
20:00:15.0891 0x0d34  adpahci - ok
20:00:15.0922 0x0d34  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
20:00:15.0953 0x0d34  adpu320 - ok
20:00:16.0140 0x0d34  [ 2F442BAA7A739EDFB8CBF6BFBE8F5388, 3D32935DFEB0EA026F9824A78A7232C08C47FE13792AC1A212239B8103F98439 ] AdvancedSystemCareService8 C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
20:00:16.0172 0x0d34  AdvancedSystemCareService8 - ok
20:00:16.0203 0x0d34  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:00:16.0546 0x0d34  AeLookupSvc - ok
20:00:16.0640 0x0d34  [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters     C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_605908f5a8a8d72c\AESTSr64.exe
20:00:16.0718 0x0d34  AESTFilters - ok
20:00:16.0796 0x0d34  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
20:00:16.0842 0x0d34  AFD - ok
20:00:16.0905 0x0d34  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
20:00:16.0920 0x0d34  agp440 - ok
20:00:16.0967 0x0d34  [ 94C0972B06C75456ED574DD46417B1D8, D775EF79CD103752AE08187B28B73227546D0D7583B9CA4FD338931B334EFF0B ] aksdf           C:\Windows\system32\drivers\aksdf.sys
20:00:17.0045 0x0d34  aksdf - ok
20:00:17.0092 0x0d34  [ A56F1B0F967AEF8A82D7771E6D166DEF, 498B2C9AFC8298C0D06FD6278DEA698C2AFEEC419200C1EF8C150ED7CB6FA1E8 ] akshasp         C:\Windows\system32\DRIVERS\akshasp.sys
20:00:17.0123 0x0d34  akshasp - ok
20:00:17.0139 0x0d34  [ A9A09BC526E614CE9F29BB23C2A76CED, 260027677635E6333ABD499D5F80B7C82109208D298432946DE60C0956193BA2 ] aksusb          C:\Windows\system32\DRIVERS\aksusb.sys
20:00:17.0170 0x0d34  aksusb - ok
20:00:17.0186 0x0d34  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
20:00:17.0248 0x0d34  ALG - ok
20:00:17.0279 0x0d34  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
20:00:17.0295 0x0d34  aliide - ok
20:00:17.0326 0x0d34  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
20:00:17.0342 0x0d34  amdide - ok
20:00:17.0373 0x0d34  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
20:00:17.0420 0x0d34  AmdK8 - ok
20:00:17.0466 0x0d34  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
20:00:17.0513 0x0d34  AmdPPM - ok
20:00:17.0544 0x0d34  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
20:00:17.0576 0x0d34  amdsata - ok
20:00:17.0591 0x0d34  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
20:00:17.0607 0x0d34  amdsbs - ok
20:00:17.0622 0x0d34  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
20:00:17.0638 0x0d34  amdxata - ok
20:00:17.0716 0x0d34  [ 2F3273B44A6C14C9AEFD29D62BBC5F3A, FD6619AF8E8B57818714AC898282429CBD754AA2031AE5221CA0A3675551557B ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
20:00:17.0763 0x0d34  ApfiltrService - ok
20:00:17.0794 0x0d34  [ 80B9412C4DE09147581FC935FB4C97AB, 0C9661F7B5EF7F9D61981790B7AB64E3375BD117962166619D0CC546A2D014D3 ] AppID           C:\Windows\system32\drivers\appid.sys
20:00:17.0841 0x0d34  AppID - ok
20:00:17.0856 0x0d34  [ F71CA01C24FC3798A717B5A6F682F9AD, 8CF1C209E7BBBAD02D6D087293C0B681CDA3170AF119CA2916C2708D8801E749 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
20:00:17.0903 0x0d34  AppIDSvc - ok
20:00:17.0934 0x0d34  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
20:00:17.0981 0x0d34  Appinfo - ok
20:00:18.0028 0x0d34  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
20:00:18.0090 0x0d34  AppMgmt - ok
20:00:18.0106 0x0d34  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
20:00:18.0122 0x0d34  arc - ok
20:00:18.0137 0x0d34  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
20:00:18.0153 0x0d34  arcsas - ok
20:00:18.0262 0x0d34  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:00:18.0356 0x0d34  aspnet_state - ok
20:00:18.0387 0x0d34  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:00:18.0449 0x0d34  AsyncMac - ok
20:00:18.0480 0x0d34  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
20:00:18.0480 0x0d34  atapi - ok
20:00:18.0558 0x0d34  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:00:18.0605 0x0d34  AudioEndpointBuilder - ok
20:00:18.0636 0x0d34  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
20:00:18.0668 0x0d34  AudioSrv - ok
20:00:18.0699 0x0d34  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
20:00:18.0792 0x0d34  AxInstSV - ok
20:00:18.0824 0x0d34  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
20:00:18.0886 0x0d34  b06bdrv - ok
20:00:18.0917 0x0d34  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
20:00:18.0964 0x0d34  b57nd60a - ok
20:00:19.0182 0x0d34  [ 06C2D8D2C7C688B24760E5034A852728, 18B694EE00DA91E26D98E7EEC270E4717ED4BD81D6855F2A9E0AAB795043722B ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
20:00:19.0338 0x0d34  BCM43XX - ok
20:00:19.0370 0x0d34  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
20:00:19.0432 0x0d34  BDESVC - ok
20:00:19.0463 0x0d34  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:00:19.0510 0x0d34  Beep - ok
20:00:19.0572 0x0d34  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
20:00:19.0635 0x0d34  BFE - ok
20:00:19.0713 0x0d34  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
20:00:20.0072 0x0d34  BITS - ok
20:00:20.0181 0x0d34  [ 686045905787B68D829CE647A6DFAD2B, 09B925A3E02B3BA45D5D408B59A279D3255AC854B3B696E243DCD14EF18CEC92 ] Blackberry Device Manager C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
20:00:20.0228 0x0d34  Blackberry Device Manager - detected UnsignedFile.Multi.Generic ( 1 )
20:00:20.0228 0x0d34  Blackberry Device Manager ( UnsignedFile.Multi.Generic ) - warning
20:00:20.0228 0x0d34  Force sending object to P2P due to detect: Blackberry Device Manager
20:00:20.0228 0x0d34  Object send P2P result: false
20:00:20.0274 0x0d34  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
20:00:20.0306 0x0d34  blbdrive - ok
20:00:20.0352 0x0d34  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:00:20.0399 0x0d34  bowser - ok
20:00:20.0430 0x0d34  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:00:20.0508 0x0d34  BrFiltLo - ok
20:00:20.0540 0x0d34  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:00:20.0571 0x0d34  BrFiltUp - ok
20:00:20.0618 0x0d34  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
20:00:20.0696 0x0d34  Browser - ok
20:00:20.0774 0x0d34  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
20:00:20.0820 0x0d34  Brserid - ok
20:00:20.0836 0x0d34  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
20:00:20.0867 0x0d34  BrSerWdm - ok
20:00:20.0883 0x0d34  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
20:00:20.0914 0x0d34  BrUsbMdm - ok
20:00:20.0930 0x0d34  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
20:00:20.0961 0x0d34  BrUsbSer - ok
20:00:20.0992 0x0d34  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
20:00:21.0039 0x0d34  BTHMODEM - ok
20:00:21.0070 0x0d34  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
20:00:21.0117 0x0d34  bthserv - ok
20:00:21.0148 0x0d34  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:00:21.0195 0x0d34  cdfs - ok
20:00:21.0226 0x0d34  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
20:00:21.0273 0x0d34  cdrom - ok
20:00:21.0320 0x0d34  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
20:00:21.0382 0x0d34  CertPropSvc - ok
20:00:21.0413 0x0d34  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
20:00:21.0460 0x0d34  circlass - ok
20:00:21.0522 0x0d34  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
20:00:21.0554 0x0d34  CLFS - ok
20:00:21.0600 0x0d34  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:00:21.0616 0x0d34  clr_optimization_v2.0.50727_32 - ok
20:00:21.0647 0x0d34  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:00:21.0678 0x0d34  clr_optimization_v2.0.50727_64 - ok
20:00:21.0741 0x0d34  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:00:22.0037 0x0d34  clr_optimization_v4.0.30319_32 - ok
20:00:22.0053 0x0d34  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:00:22.0302 0x0d34  clr_optimization_v4.0.30319_64 - ok
20:00:22.0318 0x0d34  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
20:00:22.0349 0x0d34  CmBatt - ok
20:00:22.0396 0x0d34  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:00:22.0412 0x0d34  cmdide - ok
20:00:22.0474 0x0d34  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
20:00:22.0521 0x0d34  CNG - ok
20:00:22.0536 0x0d34  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
20:00:22.0552 0x0d34  Compbatt - ok
20:00:22.0599 0x0d34  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
20:00:22.0646 0x0d34  CompositeBus - ok
20:00:22.0661 0x0d34  COMSysApp - ok
20:00:22.0708 0x0d34  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
20:00:22.0708 0x0d34  crcdisk - ok
20:00:22.0864 0x0d34  [ 3741EC4A0F2AB12F4C461DCCD8BA9705, 7376D8F5D7947943BE9A40D991890146518F04A687EAD17DE1678A8CF3C4B1E7 ] Credential Vault Host Control Service C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
20:00:22.0911 0x0d34  Credential Vault Host Control Service - ok
20:00:22.0942 0x0d34  [ 214C0DC5881951F0B0802E3FCA4C4690, E1B15FC962C9ECD7AAA2686D255DB49825A42BCCBC8A425D014645AC9875A4AA ] Credential Vault Host Storage C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
20:00:22.0958 0x0d34  Credential Vault Host Storage - ok
20:00:22.0989 0x0d34  [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:00:23.0036 0x0d34  CryptSvc - ok
20:00:23.0098 0x0d34  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
20:00:23.0145 0x0d34  CSC - ok
20:00:23.0192 0x0d34  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
20:00:23.0254 0x0d34  CscService - ok
20:00:23.0285 0x0d34  [ DBC6B7337004D5C6C66731C29DB6EAEA, 45C54760D82C577194E8188FE0E58C1AA1032D74EAACDDCDF9FEF3BE49EBA665 ] cvusbdrv        C:\Windows\system32\Drivers\cvusbdrv.sys
20:00:23.0301 0x0d34  cvusbdrv - ok
20:00:23.0348 0x0d34  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:00:23.0410 0x0d34  DcomLaunch - ok
20:00:23.0488 0x0d34  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
20:00:23.0550 0x0d34  defragsvc - ok
20:00:23.0597 0x0d34  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:00:23.0660 0x0d34  DfsC - ok
20:00:23.0691 0x0d34  [ 2D589A2C024B2FB238535DB9F7B3597D, 1EB47F73BC890D67A50C72E30BFE139AA1747C88E2FA8029A7382B203C37B512 ] DgiVecp         C:\Windows\system32\Drivers\DgiVecp.sys
20:00:23.0706 0x0d34  DgiVecp - ok
20:00:23.0722 0x0d34  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
20:00:23.0769 0x0d34  Dhcp - ok
20:00:23.0800 0x0d34  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
20:00:23.0847 0x0d34  discache - ok
20:00:23.0878 0x0d34  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
20:00:23.0894 0x0d34  Disk - ok
20:00:24.0268 0x0d34  [ 82E653BB80E807B4DF61A68846978C3F, 9486A3DC04346E09DFCAAC33512188EB050015F7543AC83A4E7BEB83AEC61203 ] DisplayLinkService C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
20:00:24.0674 0x0d34  DisplayLinkService - ok
20:00:24.0752 0x0d34  [ 70D82BB091E4190FB56D4D7CC8321102, 55AA9CBB9BEB8FF0DF40691B4F76809B8DFFBE385F5CAF1EE11EFB4C6F650F36 ] DisplayLinkUsbPort C:\Windows\system32\DRIVERS\DisplayLinkUsbPort_5.5.29055.0.sys
20:00:24.0814 0x0d34  DisplayLinkUsbPort - ok
20:00:24.0845 0x0d34  [ 0E787242686A9FC890ED420C9C287686, FE537E2DBB70EA8413349FA556B08E74A1889C6B4D26432867D50E76A6740C1D ] dlcdbus         C:\Windows\system32\DRIVERS\dlcdbus.sys
20:00:24.0876 0x0d34  dlcdbus - ok
20:00:24.0892 0x0d34  [ 75C2E9609601044DBF8D19212A11743E, 4C297F21166B141507307F8D2BCB411E240007A6ECABCA42767DD66F0D68C816 ] dlkmd           C:\Windows\system32\drivers\dlkmd.sys
20:00:24.0923 0x0d34  dlkmd - ok
20:00:24.0939 0x0d34  [ 389FB1D69A1B0E2403327590BF50084B, D44C2CFEE4F6ED17C4280DC168A1C701E51F0C0E401FC722E80C36E043909C10 ] dlkmdldr        C:\Windows\system32\drivers\dlkmdldr.sys
20:00:24.0954 0x0d34  dlkmdldr - ok
20:00:24.0986 0x0d34  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:00:25.0048 0x0d34  Dnscache - ok
20:00:25.0110 0x0d34  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
20:00:25.0157 0x0d34  dot3svc - ok
20:00:25.0188 0x0d34  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
20:00:25.0251 0x0d34  DPS - ok
20:00:25.0298 0x0d34  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:00:25.0344 0x0d34  drmkaud - ok
20:00:25.0407 0x0d34  [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
20:00:25.0422 0x0d34  dtsoftbus01 - ok
20:00:25.0516 0x0d34  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:00:25.0547 0x0d34  DXGKrnl - ok
20:00:25.0610 0x0d34  [ 11D0ECA73AB25135F65656B93ADBCB3D, 65970D64DFB2272C36918D47B440ECDB45D99BAABB78651BF67D1BD0026A45CC ] e1yexpress      C:\Windows\system32\DRIVERS\e1y62x64.sys
20:00:25.0625 0x0d34  e1yexpress - ok
20:00:25.0656 0x0d34  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
20:00:25.0750 0x0d34  EapHost - ok
20:00:25.0890 0x0d34  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
20:00:26.0000 0x0d34  ebdrv - ok
20:00:26.0031 0x0d34  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
20:00:26.0078 0x0d34  EFS - ok
20:00:26.0140 0x0d34  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
20:00:26.0202 0x0d34  ehRecvr - ok
20:00:26.0218 0x0d34  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
20:00:26.0280 0x0d34  ehSched - ok
20:00:26.0327 0x0d34  [ 627350A11295D82BF78D155B12FFD0EF, BF4A80A379803C765EF5163EE7422A30D8F35820E38690F11A27FA605DD20FFA ] ElRawDisk       C:\Windows\system32\drivers\ElRawDsk.sys
20:00:26.0343 0x0d34  ElRawDisk - ok
20:00:26.0374 0x0d34  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
20:00:26.0405 0x0d34  elxstor - ok
20:00:26.0436 0x0d34  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
20:00:26.0468 0x0d34  ErrDev - ok
20:00:26.0530 0x0d34  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
20:00:26.0577 0x0d34  EventSystem - ok


20:00:26.0655 0x0d34  [ 334C907536E815E56CD13108A6D5FB9D, 0CEA0A330607B44A4CF0F0D5C92E91C7E2157404410F651CC4F8BA14A74523AE ] ewusbmbb        C:\Windows\system32\DRIVERS\ewusbwwan.sys
20:00:26.0717 0x0d34  ewusbmbb - ok
20:00:26.0733 0x0d34  [ 86F7951BBCEE4A86E79A97306BD14318, 84B52A0392DA53ED71A2C4D483DD93DDF552BF8AC764C7BD47BE0EB58C7C8219 ] ew_hwusbdev     C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
20:00:26.0780 0x0d34  ew_hwusbdev - ok
20:00:26.0811 0x0d34  [ 02A05B9FFC467017773CA251FFCC9863, B695C84E1883241102452D047ADAAFD2CF5725C5F4EE93507001FC6FF3BA07E4 ] ew_usbenumfilter C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys
20:00:26.0858 0x0d34  ew_usbenumfilter - ok
20:00:26.0873 0x0d34  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
20:00:26.0920 0x0d34  exfat - ok
20:00:26.0967 0x0d34  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:00:27.0014 0x0d34  fastfat - ok
20:00:27.0076 0x0d34  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
20:00:27.0138 0x0d34  Fax - ok
20:00:27.0154 0x0d34  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
20:00:27.0185 0x0d34  fdc - ok
20:00:27.0201 0x0d34  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
20:00:27.0232 0x0d34  fdPHost - ok
20:00:27.0248 0x0d34  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
20:00:27.0294 0x0d34  FDResPub - ok
20:00:27.0326 0x0d34  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:00:27.0341 0x0d34  FileInfo - ok
20:00:27.0404 0x0d34  [ D409D4A4517865131999FAC96D366CBF, 512A80C4B180D5D6DECBAFB831A56C0DC8C5D1CC7E749465C47D29EC4DA45719 ] FileMonitor     C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys
20:00:27.0419 0x0d34  FileMonitor - ok
20:00:27.0419 0x0d34  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:00:27.0482 0x0d34  Filetrace - ok
20:00:27.0497 0x0d34  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
20:00:27.0528 0x0d34  flpydisk - ok
20:00:27.0560 0x0d34  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:00:27.0591 0x0d34  FltMgr - ok
20:00:27.0638 0x0d34  [ B8AFE7A30D34C0E9FDBA81632294547C, B972AE00CA877A5BB439F797016530FB06C7F1BADD24383863F48E6744CFB700 ] fltsrv          C:\Windows\system32\DRIVERS\fltsrv.sys
20:00:27.0653 0x0d34  fltsrv - ok
20:00:27.0778 0x0d34  [ 76C196B109E4BFA50132EF50AF6A1C1B, 6452E96C3C9D35433890FFE72CDBBECBD1D0F56BBAD92DDC31551C1EE44B5860 ] FontCache       C:\Windows\system32\FntCache.dll
20:00:27.0856 0x0d34  FontCache - ok
20:00:27.0903 0x0d34  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:00:27.0918 0x0d34  FontCache3.0.0.0 - ok
20:00:27.0981 0x0d34  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
20:00:27.0996 0x0d34  FsDepends - ok
20:00:28.0028 0x0d34  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:00:28.0043 0x0d34  Fs_Rec - ok
20:00:28.0090 0x0d34  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
20:00:28.0121 0x0d34  fvevol - ok
20:00:28.0137 0x0d34  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
20:00:28.0152 0x0d34  gagp30kx - ok
20:00:28.0199 0x0d34  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
20:00:28.0262 0x0d34  gpsvc - ok
20:00:28.0433 0x0d34  [ B60F64D60603B3E5E9C1B142947A88E1, 116253E719677399784D4C1778C2398A6DF62E9EC593B8906285D42D390166D6 ] GSService       C:\Windows\SysWOW64\GSService.exe
20:00:28.0464 0x0d34  GSService - ok
20:00:28.0574 0x0d34  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:00:28.0589 0x0d34  gupdate - ok
20:00:28.0589 0x0d34  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:00:28.0605 0x0d34  gupdatem - ok
20:00:28.0698 0x0d34  [ 78FAD9117E4527F2CA82259DA10F40BD, 9CE5102C681B8147BFC189897C19852D2BF82A9B95DE6301EBBCD13A604A41F3 ] hardlock        C:\Windows\system32\drivers\hardlock.sys
20:00:28.0730 0x0d34  hardlock - ok
20:00:28.0761 0x0d34  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
20:00:28.0808 0x0d34  hcw85cir - ok
20:00:28.0839 0x0d34  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:00:28.0870 0x0d34  HdAudAddService - ok
20:00:28.0886 0x0d34  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
20:00:28.0901 0x0d34  HDAudBus - ok
20:00:28.0917 0x0d34  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
20:00:28.0948 0x0d34  HidBatt - ok
20:00:28.0979 0x0d34  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
20:00:28.0995 0x0d34  HidBth - ok
20:00:29.0026 0x0d34  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
20:00:29.0042 0x0d34  HidIr - ok
20:00:29.0073 0x0d34  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
20:00:29.0120 0x0d34  hidserv - ok
20:00:29.0166 0x0d34  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
20:00:29.0182 0x0d34  HidUsb - ok
20:00:29.0213 0x0d34  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:00:29.0260 0x0d34  hkmsvc - ok
20:00:29.0291 0x0d34  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:00:29.0354 0x0d34  HomeGroupListener - ok
20:00:29.0369 0x0d34  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:00:29.0400 0x0d34  HomeGroupProvider - ok
20:00:29.0432 0x0d34  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
20:00:29.0447 0x0d34  HpSAMD - ok
20:00:29.0494 0x0d34  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:00:29.0556 0x0d34  HTTP - ok
20:00:29.0603 0x0d34  [ 1642C62F1FD5E1FF44608283994A7BB8, 4646AA0EF74A2AEE6C17D12206FCFE1E84D6FA712AD95A171F16D11BC9D3F11A ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
20:00:29.0634 0x0d34  huawei_enumerator - ok
20:00:29.0650 0x0d34  [ 04D1DE1E8ACE40CA396502C90524E945, C579D0C9D08617E91EAC4EE0D74BBE2911E1D76BF10D7120CCEEB0C23A9EF8E6 ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
20:00:29.0728 0x0d34  hwdatacard - ok
20:00:29.0806 0x0d34  [ E90DA42B87D684DEBFB73B38A718A006, BB18C63C1982F5CB99C9B65D2B801E8C1909AD7CD0171326DC0015D6B781B451 ] HWDeviceService64.exe C:\ProgramData\DatacardService\HWDeviceService64.exe
20:00:29.0822 0x0d34  HWDeviceService64.exe - ok
20:00:29.0915 0x0d34  [ E5805896A55D4166C20F216249F40FA3, F426BF60D5B916E7A778EF24C49FE1FFE1B2977C2ABD2977FD5C38C6E6CB139F ] HWiNFO32        C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS
20:00:29.0931 0x0d34  HWiNFO32 - ok
20:00:29.0946 0x0d34  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
20:00:29.0946 0x0d34  hwpolicy - ok
20:00:30.0009 0x0d34  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
20:00:30.0024 0x0d34  i8042prt - ok
20:00:30.0087 0x0d34  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
20:00:30.0102 0x0d34  iaStorV - ok
20:00:30.0196 0x0d34  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:00:30.0243 0x0d34  idsvc - ok
20:00:30.0290 0x0d34  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
20:00:30.0305 0x0d34  iirsp - ok
20:00:30.0352 0x0d34  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
20:00:30.0399 0x0d34  IKEEXT - ok
20:00:30.0477 0x0d34  [ 4D30C9AA6BF04AF4223A68B771B0B7CE, 87541A33F7EA1A947F0266B739DFFF010110DFCC3995A67DC9A00521F94A389D ] IMFservice      C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
20:00:30.0492 0x0d34  IMFservice - ok
20:00:30.0648 0x0d34  [ 27A82EC9FD1CA4A5526A61828D2053AB, 863E0650BCD4F112A1B187D6B5770C8E4F5322B7E1CBD12DC790B46F0EF75D11 ] Intel® PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
20:00:30.0664 0x0d34  Intel® PROSet Monitoring Service - ok
20:00:30.0726 0x0d34  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
20:00:30.0742 0x0d34  intelide - ok
20:00:30.0773 0x0d34  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
20:00:30.0804 0x0d34  intelppm - ok
20:00:30.0836 0x0d34  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:00:30.0898 0x0d34  IPBusEnum - ok
20:00:30.0929 0x0d34  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:00:30.0976 0x0d34  IpFilterDriver - ok
20:00:31.0023 0x0d34  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:00:31.0085 0x0d34  iphlpsvc - ok
20:00:31.0116 0x0d34  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
20:00:31.0148 0x0d34  IPMIDRV - ok
20:00:31.0163 0x0d34  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
20:00:31.0241 0x0d34  IPNAT - ok
20:00:31.0257 0x0d34  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:00:31.0319 0x0d34  IRENUM - ok
20:00:31.0350 0x0d34  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:00:31.0366 0x0d34  isapnp - ok
20:00:31.0397 0x0d34  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
20:00:31.0460 0x0d34  iScsiPrt - ok
20:00:31.0491 0x0d34  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
20:00:31.0491 0x0d34  kbdclass - ok
20:00:31.0522 0x0d34  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
20:00:31.0553 0x0d34  kbdhid - ok
20:00:31.0631 0x0d34  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
20:00:31.0647 0x0d34  KeyIso - ok
20:00:31.0678 0x0d34  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:00:31.0694 0x0d34  KSecDD - ok
20:00:31.0740 0x0d34  [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
20:00:31.0756 0x0d34  KSecPkg - ok
20:00:31.0787 0x0d34  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
20:00:31.0834 0x0d34  ksthunk - ok
20:00:31.0865 0x0d34  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:00:31.0928 0x0d34  KtmRm - ok
20:00:31.0959 0x0d34  [ 44892163F1A1329FA5C22A4CEEBB1D45, AA47E71D3638399E7886F95185FE3A8F912F21D59AEC97EF0625EE05679E1E27 ] LAN9500         C:\Windows\system32\DRIVERS\lan9500-x64-n51f.sys
20:00:31.0990 0x0d34  LAN9500 - ok
20:00:32.0037 0x0d34  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
20:00:32.0099 0x0d34  LanmanServer - ok
20:00:32.0130 0x0d34  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:00:32.0177 0x0d34  LanmanWorkstation - ok
20:00:32.0364 0x0d34  [ 347587C3F6488030647D240D8C9D664D, AE496522E3B25C6647E88CA8262067FA2D7D58D72E7C5EFAA2139C27567FC5C3 ] LiveUpdateSvc   C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
20:00:32.0427 0x0d34  LiveUpdateSvc - ok
20:00:32.0474 0x0d34  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:00:32.0505 0x0d34  lltdio - ok
20:00:32.0536 0x0d34  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:00:32.0598 0x0d34  lltdsvc - ok
20:00:32.0630 0x0d34  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:00:32.0676 0x0d34  lmhosts - ok
20:00:32.0723 0x0d34  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
20:00:32.0739 0x0d34  LSI_FC - ok
20:00:32.0754 0x0d34  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
20:00:32.0770 0x0d34  LSI_SAS - ok
20:00:32.0801 0x0d34  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:00:32.0817 0x0d34  LSI_SAS2 - ok
20:00:32.0848 0x0d34  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:00:32.0864 0x0d34  LSI_SCSI - ok
20:00:32.0879 0x0d34  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
20:00:32.0942 0x0d34  luafv - ok
20:00:33.0004 0x0d34  [ CA43F8904E24BBE49982E4C0B29E6579, 2E3E6D02980706061C478C1643F8838310DDAC573C8722AE7F3290CE36B02CB2 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
20:00:33.0004 0x0d34  MBAMProtector - ok
20:00:33.0113 0x0d34  [ 0BB29DE40C9D9529793DCDB59A43CF5B, 251001A407D32EF22F64915EEFFAAEC229073C4549BF7D9D1D4209B7D15B4681 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
20:00:33.0160 0x0d34  MBAMScheduler - ok
20:00:33.0222 0x0d34  [ 5F82D8188B370B0CF185D4AE2B9B4A0E, 549B53DD989A069E1C38347C4CEF5283DF9B428CE102799B06A20D3D8F23825F ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
20:00:33.0269 0x0d34  MBAMService - ok
20:00:33.0316 0x0d34  [ 26C43960C99EE861A5D0EDC4DCF3B1C3, 6238FB8E785652040CCE3E7044EA52066CE1BF173A1467474D64A3AB214B6BCD ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
20:00:33.0566 0x0d34  MBAMSwissArmy - ok
20:00:33.0644 0x0d34  [ A646C2DDB8C46E9B20A326FAF566646C, F46E3BF392CB4EB53D323BC8CC41EFBB9C5D7C935FECF255F524EB18583A2A37 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
20:00:33.0659 0x0d34  MBAMWebAccessControl - ok
20:00:33.0722 0x0d34  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
20:00:33.0753 0x0d34  Mcx2Svc - ok
20:00:33.0800 0x0d34  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
20:00:33.0831 0x0d34  megasas - ok
20:00:33.0862 0x0d34  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
20:00:33.0878 0x0d34  MegaSR - ok
20:00:33.0956 0x0d34  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
20:00:34.0034 0x0d34  MMCSS - ok
20:00:34.0127 0x0d34  [ 1CE0621B591913C12BECAA5B50E88BB2, 115068C57570140C9389BD923A4E68236ACEBB4F733DA09D05AEEDAD7317AB46 ] Mobile Partner. RunOuc C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe
20:00:34.0143 0x0d34  Mobile Partner. RunOuc - ok
20:00:34.0174 0x0d34  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
20:00:34.0221 0x0d34  Modem - ok
20:00:34.0268 0x0d34  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:00:34.0330 0x0d34  monitor - ok
20:00:34.0408 0x0d34  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:00:34.0424 0x0d34  mouclass - ok
20:00:34.0486 0x0d34  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:00:34.0533 0x0d34  mouhid - ok
20:00:34.0564 0x0d34  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
20:00:34.0580 0x0d34  mountmgr - ok
20:00:34.0673 0x0d34  [ B4E9C7383A705628AD491CF0F87D901F, 5C0CD7133D4F5B1E0466CDB2A2210ECA57206A8BC41F37BC6324120AE5501C70 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:00:34.0704 0x0d34  MozillaMaintenance - ok
20:00:34.0751 0x0d34  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
20:00:34.0767 0x0d34  mpio - ok
20:00:34.0782 0x0d34  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:00:34.0814 0x0d34  mpsdrv - ok
20:00:34.0876 0x0d34  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:00:34.0938 0x0d34  MpsSvc - ok
20:00:34.0985 0x0d34  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:00:35.0032 0x0d34  MRxDAV - ok
20:00:35.0079 0x0d34  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:00:35.0126 0x0d34  mrxsmb - ok
20:00:35.0157 0x0d34  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:00:35.0188 0x0d34  mrxsmb10 - ok
20:00:35.0219 0x0d34  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:00:35.0250 0x0d34  mrxsmb20 - ok
20:00:35.0297 0x0d34  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
20:00:35.0313 0x0d34  msahci - ok
20:00:35.0344 0x0d34  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
20:00:35.0360 0x0d34  msdsm - ok
20:00:35.0375 0x0d34  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
20:00:35.0422 0x0d34  MSDTC - ok
20:00:35.0453 0x0d34  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:00:35.0516 0x0d34  Msfs - ok
20:00:35.0531 0x0d34  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
20:00:35.0594 0x0d34  mshidkmdf - ok
20:00:35.0640 0x0d34  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:00:35.0672 0x0d34  msisadrv - ok
20:00:35.0703 0x0d34  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:00:35.0750 0x0d34  MSiSCSI - ok
20:00:35.0750 0x0d34  msiserver - ok
20:00:35.0781 0x0d34  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:00:35.0828 0x0d34  MSKSSRV - ok
20:00:35.0859 0x0d34  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:00:35.0906 0x0d34  MSPCLOCK - ok
20:00:35.0921 0x0d34  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:00:35.0952 0x0d34  MSPQM - ok
20:00:35.0984 0x0d34  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:00:36.0015 0x0d34  MsRPC - ok
20:00:36.0030 0x0d34  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
20:00:36.0046 0x0d34  mssmbios - ok
20:00:36.0124 0x0d34  MSSQL$SQLEXPRESS - ok
20:00:36.0202 0x0d34  [ 7A2A8C975356858EB38466A6B1592E8D, 97C3DFCCBE1BA92EE7E4848993D6F369D543A53344A6512C84EF03E7D737A482 ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
20:00:36.0202 0x0d34  MSSQLServerADHelper100 - ok
20:00:36.0233 0x0d34  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:00:36.0264 0x0d34  MSTEE - ok
20:00:36.0280 0x0d34  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
20:00:36.0296 0x0d34  MTConfig - ok
20:00:36.0311 0x0d34  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
20:00:36.0327 0x0d34  Mup - ok
20:00:36.0358 0x0d34  [ 1898CEDA3247213C084F43637EF163B3, 4429F32DB1CC70567919D7D47B844A91CF1329A6CD116F582305F3B7B60CD60B ] NAL             C:\Windows\system32\Drivers\iqvw64e.sys
20:00:36.0358 0x0d34  NAL - ok
20:00:36.0686 0x0d34  [ 395278D3A1C559D864EAF788587C581C, E20CCE48D031316BBA003179B87A2027ECB8CC760D6D4298F8A7C40E2E22357E ] NanoServiceMain C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
20:00:36.0701 0x0d34  NanoServiceMain - ok
20:00:36.0764 0x0d34  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
20:00:36.0810 0x0d34  napagent - ok
20:00:36.0857 0x0d34  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:00:36.0873 0x0d34  NativeWifiP - ok
20:00:36.0935 0x0d34  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:00:36.0982 0x0d34  NDIS - ok
20:00:36.0998 0x0d34  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
20:00:37.0060 0x0d34  NdisCap - ok
20:00:37.0091 0x0d34  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:00:37.0154 0x0d34  NdisTapi - ok
20:00:37.0185 0x0d34  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:00:37.0247 0x0d34  Ndisuio - ok
20:00:37.0294 0x0d34  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:00:37.0341 0x0d34  NdisWan - ok
20:00:37.0372 0x0d34  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:00:37.0403 0x0d34  NDProxy - ok
20:00:37.0434 0x0d34  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:00:37.0481 0x0d34  NetBIOS - ok
20:00:37.0528 0x0d34  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
20:00:37.0590 0x0d34  NetBT - ok
20:00:37.0622 0x0d34  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
20:00:37.0637 0x0d34  Netlogon - ok
20:00:37.0668 0x0d34  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
20:00:37.0731 0x0d34  Netman - ok
20:00:37.0793 0x0d34  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:00:37.0824 0x0d34  NetMsmqActivator - ok
20:00:37.0840 0x0d34  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:00:37.0856 0x0d34  NetPipeActivator - ok
20:00:37.0887 0x0d34  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
20:00:37.0949 0x0d34  netprofm - ok
20:00:37.0965 0x0d34  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:00:37.0996 0x0d34  NetTcpActivator - ok
20:00:37.0996 0x0d34  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:00:38.0027 0x0d34  NetTcpPortSharing - ok
20:00:38.0074 0x0d34  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
20:00:38.0090 0x0d34  nfrd960 - ok
20:00:38.0105 0x0d34  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:00:38.0121 0x0d34  NlaSvc - ok
20:00:38.0152 0x0d34  [ 907B5E1E4A592E5EDC5E4CCBDE4863C2, 7A3FA5B779CBBED46CA81328951B71352E4FC60153A91965877834EC7C6F0074 ] nmwcd           C:\Windows\system32\drivers\ccdcmbx64.sys
20:00:38.0230 0x0d34  nmwcd - ok
20:00:38.0246 0x0d34  [ 41C1AC1F3613435EB32D67BCB80A5FA5, 93A313BC4A7FA2FC3372CFBF2D76F417007B4A82455092724D3B0B6FA5A88F23 ] nmwcdc          C:\Windows\system32\drivers\ccdcmbox64.sys
20:00:38.0277 0x0d34  nmwcdc - ok
20:00:38.0355 0x0d34  [ ACC47D60E202EBA0A8A80768EC5D3C97, 3A26BA0A97201B55151D649DBCF048E0D72A933D4DDBE5FD415AB772C7C6C250 ] NNSALPC         C:\Windows\system32\DRIVERS\NNSAlpc.sys
20:00:38.0370 0x0d34  NNSALPC - ok
20:00:38.0433 0x0d34  [ 4C7EAD79B914ADE44D68171AFEEF2AB3, 78D805FFC0DF4EB3D36B43CFD05CF7F5AFCC81B196224A09834EB17FA4D29838 ] NNSHTTP         C:\Windows\system32\DRIVERS\NNSHttp.sys
20:00:38.0464 0x0d34  NNSHTTP - ok
20:00:38.0542 0x0d34  [ B40C57451477334E8A66F4823BE04AE3, B3E52FA1570D569F2C40716ED925E3D588489DF37D9639E3BA5B5C0AAFE91543 ] NNSHTTPS        C:\Windows\system32\DRIVERS\NNSHttps.sys
20:00:38.0558 0x0d34  NNSHTTPS - ok
20:00:38.0604 0x0d34  [ 222CF23D6FCEB616CA48BBA55FC4D5C0, DB61FEA4126005A226E88FD6590BC57B440047DFAC6531B3C91AFFEFB0AD6F6C ] NNSIDS          C:\Windows\system32\DRIVERS\NNSIds.sys
20:00:38.0636 0x0d34  NNSIDS - ok
20:00:38.0682 0x0d34  [ 735143727C4438A72490A2432E7D5CEA, 23FE6DCAFCD7E2B63FA0F14BCBBEC0BCEA220D2BAAAA57FB6E9810C2758A93A7 ] NNSNAHSL        C:\Windows\system32\DRIVERS\NNSNAHSL.sys
20:00:38.0698 0x0d34  NNSNAHSL - ok
20:00:38.0745 0x0d34  [ C5332A1FB751B8D5FD9D424D330BC91B, B2FEBEA06252457FF87B74D693E75B29CCF6839EA6FFD60007996B23A6D80154 ] NNSPICC         C:\Windows\system32\DRIVERS\NNSPicc.sys
20:00:38.0776 0x0d34  NNSPICC - ok
20:00:38.0823 0x0d34  [ AA1A311C019288FFCCF3661B5EA27A99, BC91048E82C820CECBBDEDD9D9F7EDDBF6CBC88CE1D9C83A12C4A0E59CFAAC76 ] NNSPIHSW        C:\Windows\system32\DRIVERS\NNSPihsw.sys
20:00:38.0838 0x0d34  NNSPIHSW - ok
20:00:38.0901 0x0d34  [ EB153B4FA5200D1D3352D6C3FB7C9C38, 306805080F8FDB5D9299E93C7074F3B46F8E4B6623A3A75A83E98E6EB0E5BDC5 ] NNSPOP3         C:\Windows\system32\DRIVERS\NNSPop3.sys
20:00:38.0932 0x0d34  NNSPOP3 - ok
20:00:38.0979 0x0d34  [ 425356A7A3657174C206AA3FDB3DDD35, 9634D9A2271C57051BBEC58020082B4CCF2A6583B8FB3C6AC22E9C81728E10F8 ] NNSPROT         C:\Windows\system32\DRIVERS\NNSProt.sys
20:00:39.0010 0x0d34  NNSPROT - ok
20:00:39.0041 0x0d34  [ FFDF3257F83A094941005EE607B8A905, D3E676A13175D329E2F3677D9B56ED7B4DCDCE6794C96025171B24140B543EDC ] NNSPRV          C:\Windows\system32\DRIVERS\NNSPrv.sys
20:00:39.0057 0x0d34  NNSPRV - ok
20:00:39.0104 0x0d34  [ DE87A11CB1767ABDDE223D4CC0F7C221, 3D24BC83E4D88174CA08281C0B3E3E7BC44218F4C6950D28D37029AE39F68E50 ] NNSSMTP         C:\Windows\system32\DRIVERS\NNSSmtp.sys
20:00:39.0135 0x0d34  NNSSMTP - ok
20:00:39.0182 0x0d34  [ 537FB2F711E65475562FE29877F108E1, D2B486CBF3D4CF4AB5D6CCF34CAA57725C3027A2C3E0A1CF628D33546ACBF072 ] NNSSTRM         C:\Windows\system32\DRIVERS\NNSStrm.sys
20:00:39.0197 0x0d34  NNSSTRM - ok
20:00:39.0244 0x0d34  [ 4F37DC4420A00BC6E9D22E3590806BFC, C65CEE11AFA68F9B870FB256AB53A04C32C1F73F6F4F209944815CC96F8FEB17 ] NNSTLSC         C:\Windows\system32\DRIVERS\NNSTlsc.sys
20:00:39.0260 0x0d34  NNSTLSC - ok
20:00:39.0275 0x0d34  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:00:39.0322 0x0d34  Npfs - ok
20:00:39.0338 0x0d34  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
20:00:39.0400 0x0d34  nsi - ok
20:00:39.0431 0x0d34  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:00:39.0462 0x0d34  nsiproxy - ok
20:00:39.0556 0x0d34  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:00:39.0618 0x0d34  Ntfs - ok
20:00:39.0650 0x0d34  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
20:00:39.0712 0x0d34  Null - ok
20:00:40.0196 0x0d34  [ 82A4F4993356D74ABB5CA204019563AA, 8872AC05F4BBB16BC8BA978CD9467F94ED71B93980DFFE2BAA346306376CBF15 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:00:40.0508 0x0d34  nvlddmkm - ok
20:00:40.0586 0x0d34  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:00:40.0601 0x0d34  nvraid - ok
20:00:40.0664 0x0d34  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:00:40.0679 0x0d34  nvstor - ok
20:00:40.0820 0x0d34  [ 3B4838E822BC9230E2012BB74E103F15, 36CC38134B17BEE77FEF5A41151FECF971C120298934964E7809E39B6CF8FAE1 ] nvsvc           C:\Windows\system32\nvvsvc.exe
20:00:40.0851 0x0d34  nvsvc - ok
20:00:40.0866 0x0d34  nvvad_WaveExtensible - ok
20:00:41.0038 0x0d34  [ 5959157FAA8795463C057BFBA23F1EBF, 910C0DD7D08248FF4FD80CBA17E3439AA76F7E05510B4B01880B3279B6215B61 ] NVWMI           C:\Windows\system32\nvwmi64.exe
20:00:41.0100 0x0d34  NVWMI - ok
20:00:41.0147 0x0d34  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:00:41.0163 0x0d34  nv_agp - ok
20:00:41.0272 0x0d34  [ 1CCE8E88654E3952859085752F67B3CA, BE7BEF9C8928642F8CA815E79328DDD62F85C5FB0AD48B0297323DD360AB5970 ] O&O CleverCache C:\Program Files\OO Software\CleverCache\ooccag.exe
20:00:41.0303 0x0d34  O&O CleverCache - ok
20:00:41.0350 0x0d34  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
20:00:41.0397 0x0d34  ohci1394 - ok
20:00:41.0880 0x0d34  [ 8475AD485F9CA06B81761EA5863A8A6D, 3A6C61F9B78D616C572116F17BF096F8AF560A7BB96473C0EE8AA72A25AEAC10 ] OO DiskImage    C:\Program Files\OO Software\DiskImage\oodiag.exe
20:00:42.0192 0x0d34  OO DiskImage - ok
20:00:42.0380 0x0d34  [ 69AC2F69EDA4B9A435B22E18EA9CCFB2, 307A4B2B1B30F2F81ECB55A97DE1390D7630A4802E1E1F39A41D459939B725EF ] oodisr          C:\Windows\system32\DRIVERS\oodisr.sys
20:00:42.0395 0x0d34  oodisr - ok
20:00:42.0489 0x0d34  [ 2FA85547F7C0C2F79CD8B08DDE844EE5, A513FEBFF554FE4D6CF74B9384B554D94196F522755516E313D81D5CEFE31977 ] oodisrh         C:\Windows\system32\DRIVERS\oodisrh.sys
20:00:42.0504 0x0d34  oodisrh - ok
20:00:42.0582 0x0d34  [ AA1EC6CCE6A3DD728C6F639CF93ADEC0, BA531E667CD5EE7742837B352FBA815789FC14D1632B4073177F82A7542AEB2B ] oodivd          C:\Windows\system32\DRIVERS\oodivd.sys
20:00:42.0598 0x0d34  oodivd - ok
20:00:42.0645 0x0d34  [ 81097204D17ECEFF58CA7DF8E4D3EC05, 15F375985434809470A98052D4916785B9F5AEE92869E05012AB1337706B15A2 ] oodivdh         C:\Windows\system32\DRIVERS\oodivdh.sys
20:00:42.0660 0x0d34  oodivdh - ok
20:00:43.0331 0x0d34  [ EF8DA126239D08B7B4734256417AE702, 4BBA0577C20E851F5B30D0D0F19382AB32AF57EFF7AA5B394E0FF6358A7AB287 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
20:00:43.0456 0x0d34  Origin Client Service - ok
20:00:43.0846 0x0d34  [ 63927F81E1A89C03E77977DE35C4ABB8, 3109D6BD7CC073959C9AA75ED3BF9CD7C4A57810467C4D84E24D2AF2BB6E76AE ] OS Selector     C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
20:00:43.0940 0x0d34  OS Selector - ok
20:00:44.0096 0x0d34  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:00:44.0127 0x0d34  ose - ok
20:00:44.0408 0x0d34  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:00:44.0564 0x0d34  osppsvc - ok
20:00:44.0642 0x0d34  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
20:00:44.0704 0x0d34  p2pimsvc - ok
20:00:44.0720 0x0d34  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
20:00:44.0766 0x0d34  p2psvc - ok
20:00:44.0844 0x0d34  [ 742FC7886B2F155317723F1D6B045F94, BCB0DC50A64423973694DD35A270C6C9F4BB5A0A0819ECA0287B8BB9458DB137 ] PandaAgent      C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
20:00:44.0860 0x0d34  PandaAgent - ok
20:00:44.0891 0x0d34  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
20:00:44.0922 0x0d34  Parport - ok
20:00:44.0954 0x0d34  Partizan - ok
20:00:45.0000 0x0d34  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:00:45.0000 0x0d34  partmgr - ok
20:00:45.0047 0x0d34  [ 256390425414F90FCBC12F525A84EB11, A4992020BF6A239AD8A77125426E2C39980C9ABC971C4DBCB24B358F946AD7F9 ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:00:45.0078 0x0d34  PcaSvc - ok
20:00:45.0110 0x0d34  [ BC0018C2D29F655188A0ED3FA94FDB24, BCF7F2CA5E30F569AEB69049BA3C196982C72EA7264CFBA59D7123041BA96E5A ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
20:00:45.0156 0x0d34  pccsmcfd - ok
20:00:45.0203 0x0d34  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
20:00:45.0219 0x0d34  pci - ok
20:00:45.0250 0x0d34  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
20:00:45.0250 0x0d34  pciide - ok
20:00:45.0297 0x0d34  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
20:00:45.0312 0x0d34  pcmcia - ok
20:00:45.0344 0x0d34  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
20:00:45.0359 0x0d34  pcw - ok
20:00:45.0406 0x0d34  [ 946010CDFA91469351B22E2620CEBCD8, F099C92706D42ADC289B72724F7932E5D4F62A427AEC967DDB0A1D728AE59A63 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:00:45.0453 0x0d34  PEAUTH - ok
20:00:45.0515 0x0d34  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
20:00:45.0624 0x0d34  PeerDistSvc - ok
20:00:45.0702 0x0d34  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
20:00:45.0734 0x0d34  PerfHost - ok
20:00:45.0827 0x0d34  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
20:00:45.0905 0x0d34  pla - ok
20:00:45.0968 0x0d34  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:00:46.0030 0x0d34  PlugPlay - ok
20:00:46.0030 0x0d34  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
20:00:46.0046 0x0d34  PNRPAutoReg - ok
20:00:46.0077 0x0d34  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
20:00:46.0092 0x0d34  PNRPsvc - ok
20:00:46.0124 0x0d34  [ 4F0878FD62D5F7444C5F1C4C66D9D293, B381217D6202C06EE992EBDE061FA20376FF71F698022D0A80168CCD1059453C ] Point64         C:\Windows\system32\DRIVERS\point64.sys
20:00:46.0139 0x0d34  Point64 - ok
20:00:46.0186 0x0d34  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:00:46.0233 0x0d34  PolicyAgent - ok
20:00:46.0280 0x0d34  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
20:00:46.0326 0x0d34  Power - ok
20:00:46.0358 0x0d34  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:00:46.0420 0x0d34  PptpMiniport - ok
20:00:46.0467 0x0d34  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
20:00:46.0498 0x0d34  Processor - ok
20:00:46.0529 0x0d34  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
20:00:46.0576 0x0d34  ProfSvc - ok
20:00:46.0623 0x0d34  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:00:46.0638 0x0d34  ProtectedStorage - ok
20:00:46.0654 0x0d34  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
20:00:46.0716 0x0d34  Psched - ok
20:00:46.0794 0x0d34  [ ABF42AF66C50E3FBAD2280020360920E, 0F2FB1C117DE989AB615D673B09B5DACC1592ED895505F1880EAA09788E0E3E1 ] PSINAflt        C:\Windows\system32\DRIVERS\PSINAflt.sys
20:00:46.0826 0x0d34  PSINAflt - ok
20:00:46.0872 0x0d34  [ 54C28488E5F038B29E2D80DBFC910666, 5386D279375DC737E3E3FBE6576B8C97D2346ED98061CBA1982C09832FDF9E78 ] PSINFile        C:\Windows\system32\DRIVERS\PSINFile.sys
20:00:46.0888 0x0d34  PSINFile - ok
20:00:46.0935 0x0d34  [ 305FCF2F725B806BC5E69AC95340A271, FCA0EF28DE5F4DAF8E3E4BB70C7668A0E1990CC080D52BA711DFB9CC5C369230 ] PSINKNC         C:\Windows\system32\DRIVERS\psinknc.sys
20:00:46.0966 0x0d34  PSINKNC - ok
20:00:47.0013 0x0d34  [ ED6B1CDE5B178B057F64B2AF682EB45A, BDD46380BF51A48982E81F1D5EDAC2D9B16D2C03E886144279F4505ADA247EE2 ] PSINProc        C:\Windows\system32\DRIVERS\PSINProc.sys
20:00:47.0028 0x0d34  PSINProc - ok
20:00:47.0075 0x0d34  [ 171F1C6F49142F2D1C174B817F46EC0F, 96F6B021CBEA2F0787A01E323EED626B380DAD13FC91EE4552F4DEEEC95DBD2C ] PSINProt        C:\Windows\system32\DRIVERS\PSINProt.sys
20:00:47.0091 0x0d34  PSINProt - ok
20:00:47.0153 0x0d34  [ 6A19A5665FBE15D63046B20BB0BFD7AB, 45EBDAD1E5CF5747EB5600F74969123428094E7FAC68CAE29AF02E31FFC3FB8D ] PSINReg         C:\Windows\system32\DRIVERS\PSINReg.sys
20:00:47.0169 0x0d34  PSINReg - ok
20:00:47.0216 0x0d34  [ 105ACC469DF34C8BD0D5E68A70C774E5, 983A759339E058AAE779EB9476EC2AEE8B379F0C60E5E2FD73826155827F5518 ] PSKMAD          C:\Windows\system32\DRIVERS\PSKMAD.sys
20:00:47.0231 0x0d34  PSKMAD - ok
20:00:47.0387 0x0d34  [ CAB0E7856EA9AB97E270E53AE0833EA6, E73C77578F6FFD8B4A3E4BD198EE3795C9A65567D8894F14136804393EBA7A61 ] PSUAService     C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
20:00:47.0387 0x0d34  PSUAService - ok
20:00:47.0434 0x0d34  [ E510CCCC5EAC0C8C2A87B500D40F6EF6, 5E08A731D1231EA45648CDBA8E52FF97CE6306DFBAA6EB6CAEDA65EA04DAB64A ] QDLService2kDell C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kDell.exe
20:00:47.0465 0x0d34  QDLService2kDell - ok
20:00:47.0543 0x0d34  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
20:00:47.0590 0x0d34  ql2300 - ok
20:00:47.0637 0x0d34  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
20:00:47.0652 0x0d34  ql40xx - ok
20:00:47.0699 0x0d34  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
20:00:47.0715 0x0d34  QWAVE - ok
20:00:47.0730 0x0d34  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:00:47.0762 0x0d34  QWAVEdrv - ok
20:00:47.0777 0x0d34  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:00:47.0840 0x0d34  RasAcd - ok
20:00:47.0871 0x0d34  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
20:00:47.0918 0x0d34  RasAgileVpn - ok
20:00:47.0933 0x0d34  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
20:00:47.0964 0x0d34  RasAuto - ok
20:00:48.0011 0x0d34  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:00:48.0042 0x0d34  Rasl2tp - ok
20:00:48.0074 0x0d34  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
20:00:48.0136 0x0d34  RasMan - ok
20:00:48.0167 0x0d34  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:00:48.0214 0x0d34  RasPppoe - ok
20:00:48.0245 0x0d34  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:00:48.0292 0x0d34  RasSstp - ok
20:00:48.0323 0x0d34  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:00:48.0370 0x0d34  rdbss - ok
20:00:48.0386 0x0d34  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
20:00:48.0401 0x0d34  rdpbus - ok
20:00:48.0417 0x0d34  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:00:48.0464 0x0d34  RDPCDD - ok
20:00:48.0510 0x0d34  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
20:00:48.0557 0x0d34  RDPDR - ok
20:00:48.0573 0x0d34  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:00:48.0604 0x0d34  RDPENCDD - ok
20:00:48.0635 0x0d34  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
20:00:48.0682 0x0d34  RDPREFMP - ok
20:00:48.0776 0x0d34  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:00:48.0838 0x0d34  RdpVideoMiniport - ok
20:00:48.0885 0x0d34  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:00:48.0932 0x0d34  RDPWD - ok
20:00:48.0963 0x0d34  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
20:00:48.0994 0x0d34  rdyboost - ok
20:00:49.0088 0x0d34  [ 5623E2CC4F1F6DE24BE9DB3319E42D23, 2EA009F85804BF2757559DC7EBE4BCB637DE3786795891290F8F99580C32C9ED ] RegFilter       C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys
20:00:49.0103 0x0d34  RegFilter - ok
20:00:49.0166 0x0d34  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:00:49.0228 0x0d34  RemoteAccess - ok
20:00:49.0259 0x0d34  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:00:49.0290 0x0d34  RemoteRegistry - ok
20:00:49.0322 0x0d34  [ E31960692CBB3A8BCDF300BC1D889E1F, DEAD6A0C6ABD03173D182628323221B605B018467E28F90FACF8D95CAB6D96FC ] rimmptsk        C:\Windows\system32\DRIVERS\rimmpx64.sys
20:00:49.0368 0x0d34  rimmptsk - ok
20:00:49.0446 0x0d34  [ 6D850FAD4CC9498D1F382B77BA4035CC, 689B8D90BFA404F2ABEF3F7CD098382DAA81A4CF6BF3784C9CC24DAF33F10660 ] RimUsb          C:\Windows\system32\Drivers\RimUsb_AMD64.sys
20:00:49.0493 0x0d34  RimUsb - ok
20:00:49.0524 0x0d34  [ 344604E6913BD6E4EAEC34AF2E0943D7, 4ADFE13AFECD0F263A27F647FC6BA1AB47B2A28F9D70FCAC90F23D0A2FB8C493 ] RimVSerPort     C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
20:00:49.0571 0x0d34  RimVSerPort - ok
20:00:49.0634 0x0d34  [ A241B009194E322D6F21CF61BB998A56, 641A038CAF0EF86022E9828C143DA3F93B598754FDE676FA91E8F8B8C9434107 ] ROCKEYNT        C:\Windows\system32\DRIVERS\Rockey4.sys
20:00:49.0649 0x0d34  ROCKEYNT - ok
20:00:49.0665 0x0d34  [ 89B37EC591E156D43DBBD5A559E22496, E67D218911CA31CD4AC16FC58F5FFAA74ED1424D0416282197848F36A9F46A85 ] Rockey_USB      C:\Windows\system32\DRIVERS\Rockey4USB.sys
20:00:49.0680 0x0d34  Rockey_USB - ok
20:00:49.0696 0x0d34  [ 388D3DD1A6457280F3BADBA9F3ACD6B1, 5C534EA15195B1301C917904627AF09FE2ABA3FEE1641B5C87E8F3191BC49058 ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys
20:00:49.0743 0x0d34  ROOTMODEM - ok
20:00:49.0774 0x0d34  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
20:00:49.0836 0x0d34  RpcEptMapper - ok
20:00:49.0852 0x0d34  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
20:00:49.0868 0x0d34  RpcLocator - ok
20:00:49.0914 0x0d34  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
20:00:49.0961 0x0d34  RpcSs - ok
20:00:49.0992 0x0d34  [ CD553B8633466A6D1C115812F2619F1F, B39B38DE8B97209BEABDBF062832A1BDE2303450238B9A4723829958C5C81A6B ] RsFx0103        C:\Windows\system32\DRIVERS\RsFx0103.sys
20:00:50.0008 0x0d34  RsFx0103 - ok
20:00:50.0039 0x0d34  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:00:50.0070 0x0d34  rspndr - ok
20:00:50.0102 0x0d34  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
20:00:50.0180 0x0d34  s3cap - ok
20:00:50.0195 0x0d34  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
20:00:50.0211 0x0d34  SamSs - ok
20:00:50.0226 0x0d34  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:00:50.0242 0x0d34  sbp2port - ok
20:00:50.0289 0x0d34  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:00:50.0336 0x0d34  SCardSvr - ok
20:00:50.0367 0x0d34  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
20:00:50.0414 0x0d34  scfilter - ok
20:00:50.0476 0x0d34  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
20:00:50.0538 0x0d34  Schedule - ok
20:00:50.0554 0x0d34  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:00:50.0585 0x0d34  SCPolicySvc - ok
20:00:50.0632 0x0d34  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\drivers\sdbus.sys
20:00:50.0648 0x0d34  sdbus - ok
20:00:50.0663 0x0d34  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:00:50.0710 0x0d34  SDRSVC - ok
20:00:50.0741 0x0d34  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:00:50.0788 0x0d34  secdrv - ok
20:00:50.0804 0x0d34  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
20:00:50.0835 0x0d34  seclogon - ok
20:00:50.0866 0x0d34  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
20:00:50.0913 0x0d34  SENS - ok
20:00:50.0928 0x0d34  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
20:00:50.0944 0x0d34  SensrSvc - ok
20:00:50.0975 0x0d34  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
20:00:51.0006 0x0d34  Serenum - ok
20:00:51.0022 0x0d34  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
20:00:51.0038 0x0d34  Serial - ok
20:00:51.0069 0x0d34  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
20:00:51.0100 0x0d34  sermouse - ok
20:00:51.0163 0x0d34  [ 8C1F87F5FDD92229D1754B98F073913F, DF97A2B8C337E80998E93934CC616AD46A8853232AEB6EF456ABC5C174A3C301 ] ServiceLayer    C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
20:00:51.0209 0x0d34  ServiceLayer - detected UnsignedFile.Multi.Generic ( 1 )
20:00:51.0209 0x0d34  ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
20:00:51.0209 0x0d34  Force sending object to P2P due to detect: ServiceLayer
20:00:51.0209 0x0d34  Object send P2P result: false
20:00:51.0272 0x0d34  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
20:00:51.0319 0x0d34  SessionEnv - ok
20:00:51.0350 0x0d34  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
20:00:51.0397 0x0d34  sffdisk - ok
20:00:51.0397 0x0d34  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
20:00:51.0428 0x0d34  sffp_mmc - ok
20:00:51.0443 0x0d34  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
20:00:51.0459 0x0d34  sffp_sd - ok
20:00:51.0490 0x0d34  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
20:00:51.0521 0x0d34  sfloppy - ok
20:00:51.0553 0x0d34  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:00:51.0599 0x0d34  SharedAccess - ok
20:00:51.0646 0x0d34  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:00:51.0693 0x0d34  ShellHWDetection - ok
20:00:51.0709 0x0d34  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:00:51.0724 0x0d34  SiSRaid2 - ok
20:00:51.0755 0x0d34  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
20:00:51.0771 0x0d34  SiSRaid4 - ok
20:00:51.0865 0x0d34  [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
20:00:51.0880 0x0d34  SkypeUpdate - ok
20:00:51.0958 0x0d34  [ E77CB3736A702D46A6FB15FB4A9894E3, A341AD51825D4DB8A68ADDABE0FD17693DE387B0DA11800D427B8EA31577626C ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
20:00:51.0974 0x0d34  SmartDefragDriver - ok
20:00:52.0005 0x0d34  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
20:00:52.0036 0x0d34  Smb - ok
20:00:52.0114 0x0d34  [ 678D197CAD249F930B7FDD2AFA4C91B0, 5CE65B8A72225B663534A14BA31DCAB8EA5A7CE9BE05C3A18837FE8B554EF1FA ] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
20:00:52.0130 0x0d34  SmbDrvI - ok
20:00:52.0177 0x0d34  [ 6A06C60C6CAE39A87603B03EA7DD404C, A2ADC0039E935C91B4352ACAC36A60B5F91C280FFB3DDDF4DA452D71769A8EE5 ] SMServer        C:\Windows\SysWOW64\snmvtsvc.exe
20:00:52.0208 0x0d34  SMServer - detected UnsignedFile.Multi.Generic ( 1 )
20:00:52.0208 0x0d34  SMServer ( UnsignedFile.Multi.Generic ) - warning
20:00:52.0270 0x0d34  [ BBFB94699C8C265A6AF5FD51BDE26DFC, 9901A4E95F535963D4ED1ADFCE734D3AA51271793979A4436D30E12AD7DCE233 ] snapman         C:\Windows\system32\DRIVERS\snapman.sys
20:00:52.0286 0x0d34  snapman - ok
20:00:52.0317 0x0d34  [ 2B9400C48DF50F75C76571B0FCA29FFB, 60EE9590E9B64B5563BF760EA9FDC8B8A167EBAD807ED6B1A61565D4C1341268 ] SndTAudio       C:\Windows\system32\drivers\SndTAudio.sys
20:00:52.0333 0x0d34  SndTAudio - ok
20:00:52.0348 0x0d34  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:00:52.0364 0x0d34  SNMPTRAP - ok
20:00:52.0379 0x0d34  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
20:00:52.0395 0x0d34  spldr - ok
20:00:52.0442 0x0d34  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
20:00:52.0473 0x0d34  Spooler - ok
20:00:52.0598 0x0d34  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
20:00:52.0738 0x0d34  sppsvc - ok
20:00:52.0801 0x0d34  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
20:00:52.0832 0x0d34  sppuinotify - ok
20:00:52.0925 0x0d34  [ A5609D0178B2FEC118A7F4A24ECD1BFB, 467CCABAD16DDFE44462D466B5FAF6DB5C4E8CBA547FAA6C677634228DB094AA ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
20:00:52.0957 0x0d34  SQLAgent$SQLEXPRESS - ok
20:00:53.0003 0x0d34  [ B54B48F6D92423440C264E91225C5FF1, 7484D90CE309555E1FB54F011A2980D8491354223111B7AA16D1D2473570DC19 ] SQLBrowser      c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
20:00:53.0019 0x0d34  SQLBrowser - ok
20:00:53.0066 0x0d34  [ C298D989D717CB153702E397B6D9AAAD, BF112294E7D241DFADE57A440C560FA66D10D582AA6E6AA7653D0B8A1E9A914D ] SQLWriter       c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
20:00:53.0081 0x0d34  SQLWriter - ok
20:00:53.0113 0x0d34  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:00:53.0175 0x0d34  srv - ok
20:00:53.0222 0x0d34  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:00:53.0253 0x0d34  srv2 - ok
20:00:53.0362 0x0d34  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:00:53.0440 0x0d34  srvnet - ok
20:00:53.0503 0x0d34  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:00:53.0596 0x0d34  SSDPSRV - ok
20:00:53.0612 0x0d34  SSPORT - ok
20:00:53.0643 0x0d34  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:00:53.0705 0x0d34  SstpSvc - ok
20:00:53.0815 0x0d34  [ 444109453A2B87E6C16BCDA5953E81A9, 96BAC1470A6D60EB6E5F11058A8C137245246730A171961026AF5B08A059E373 ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_605908f5a8a8d72c\STacSV64.exe
20:00:53.0846 0x0d34  STacSV - ok
20:00:53.0939 0x0d34  [ 43C808869A35C7E7A595E569BB6677FE, C55391261E638DCCAAE1085510C4C736A1E719628B010851E1A6C9E724B43D7B ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:00:53.0955 0x0d34  Stereo Service - ok
20:00:54.0002 0x0d34  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
20:00:54.0017 0x0d34  stexstor - ok
20:00:54.0064 0x0d34  [ 02E784FA49032F84964DB90A3ED81890, 93519BE6706F33E35755A357DEBF489B2985553C33188EFD1F3B516702D6695B ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
20:00:54.0095 0x0d34  STHDA - ok
20:00:54.0173 0x0d34  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
20:00:54.0220 0x0d34  stisvc - ok
20:00:54.0314 0x0d34  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
20:00:54.0423 0x0d34  storflt - ok
20:00:54.0657 0x0d34  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
20:00:54.0829 0x0d34  StorSvc - ok
20:00:54.0875 0x0d34  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
20:00:54.0953 0x0d34  storvsc - ok
20:00:55.0016 0x0d34  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
20:00:55.0031 0x0d34  swenum - ok
20:00:55.0265 0x0d34  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
20:00:55.0375 0x0d34  swprv - ok
20:00:56.0217 0x0d34  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
20:00:56.0420 0x0d34  SysMain - ok
20:00:56.0545 0x0d34  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:00:56.0654 0x0d34  TabletInputService - ok
20:00:56.0763 0x0d34  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:00:56.0825 0x0d34  TapiSrv - ok
20:00:56.0857 0x0d34  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
20:00:56.0919 0x0d34  TBS - ok
20:00:57.0059 0x0d34  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:00:57.0137 0x0d34  Tcpip - ok
20:00:57.0434 0x0d34  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
20:00:57.0481 0x0d34  TCPIP6 - ok
20:00:57.0527 0x0d34  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:00:57.0574 0x0d34  tcpipreg - ok
20:00:57.0605 0x0d34  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:00:57.0652 0x0d34  TDPIPE - ok
20:00:57.0715 0x0d34  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
20:00:57.0746 0x0d34  TDTCP - ok
20:00:57.0793 0x0d34  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:00:57.0824 0x0d34  tdx - ok
20:00:57.0855 0x0d34  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
20:00:57.0871 0x0d34  TermDD - ok
20:00:57.0933 0x0d34  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
20:00:57.0980 0x0d34  TermService - ok
20:00:58.0011 0x0d34  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
20:00:58.0042 0x0d34  Themes - ok
20:00:58.0058 0x0d34  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
20:00:58.0105 0x0d34  THREADORDER - ok
20:00:58.0105 0x0d34  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
20:00:58.0167 0x0d34  TrkWks - ok
20:00:58.0214 0x0d34  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:00:58.0261 0x0d34  TrustedInstaller - ok
20:00:58.0292 0x0d34  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:00:58.0307 0x0d34  tssecsrv - ok
20:00:58.0339 0x0d34  [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
20:00:58.0370 0x0d34  TsUsbFlt - ok


20:00:58.0401 0x0d34  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:00:58.0432 0x0d34  tunnel - ok
20:00:58.0463 0x0d34  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
20:00:58.0479 0x0d34  uagp35 - ok
20:00:58.0510 0x0d34  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:00:58.0557 0x0d34  udfs - ok
20:00:58.0573 0x0d34  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:00:58.0619 0x0d34  UI0Detect - ok
20:00:58.0666 0x0d34  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:00:58.0682 0x0d34  uliagpkx - ok
20:00:58.0713 0x0d34  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
20:00:58.0744 0x0d34  umbus - ok
20:00:58.0760 0x0d34  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
20:00:58.0791 0x0d34  UmPass - ok
20:00:58.0822 0x0d34  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
20:00:58.0853 0x0d34  UmRdpService - ok
20:00:58.0869 0x0d34  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
20:00:58.0947 0x0d34  upnphost - ok
20:00:58.0978 0x0d34  [ 4E93C8496359E97830C75AC36393654D, D0482257B019512D77484D92E4DEFEFE4FED53CB440ACB7AA879D6FD0574FA9A ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
20:00:59.0009 0x0d34  upperdev - ok
20:00:59.0087 0x0d34  [ 893A6B67C8AA502648AD946CF50DDFD1, 9480AD8BF791E5912FC89A9F610D5B2E23FD07DF99A15F6844A8854E4ECB4095 ] UrlFilter       C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys
20:00:59.0103 0x0d34  UrlFilter - ok
20:00:59.0134 0x0d34  [ AA33FC47ED58C34E6E9261E4F850B7EB, C6388127CAA695434ABFB6C59A53C8544E67E414012DE5F21B36D035BB1BACC8 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
20:00:59.0150 0x0d34  USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
20:00:59.0150 0x0d34  USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
20:00:59.0212 0x0d34  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
20:00:59.0259 0x0d34  usbaudio - ok
20:00:59.0306 0x0d34  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
20:00:59.0337 0x0d34  usbccgp - ok
20:00:59.0368 0x0d34  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
20:00:59.0399 0x0d34  usbcir - ok
20:00:59.0431 0x0d34  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
20:00:59.0462 0x0d34  usbehci - ok
20:00:59.0493 0x0d34  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
20:00:59.0524 0x0d34  usbhub - ok
20:00:59.0540 0x0d34  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
20:00:59.0571 0x0d34  usbohci - ok
20:00:59.0633 0x0d34  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
20:00:59.0680 0x0d34  usbprint - ok
20:00:59.0711 0x0d34  [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
20:00:59.0727 0x0d34  usbscan - ok
20:00:59.0789 0x0d34  [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser          C:\Windows\system32\drivers\usbser.sys
20:00:59.0805 0x0d34  usbser - ok
20:00:59.0836 0x0d34  [ 8844CB19A37B65E27049D4A7786726A9, 4D772174A320F02E2F87BDF8C6EBBFDE04C9763D3C21FE9557DE938521508A59 ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
20:00:59.0867 0x0d34  UsbserFilt - ok
20:00:59.0899 0x0d34  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:00:59.0945 0x0d34  USBSTOR - ok
20:00:59.0977 0x0d34  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
20:00:59.0992 0x0d34  usbuhci - ok
20:01:00.0055 0x0d34  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
20:01:00.0070 0x0d34  usbvideo - ok
20:01:00.0086 0x0d34  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
20:01:00.0133 0x0d34  UxSms - ok
20:01:00.0164 0x0d34  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
20:01:00.0179 0x0d34  VaultSvc - ok
20:01:00.0226 0x0d34  [ F0FAF3FB9B138F8CAFB65ECFFE9F4AB6, E0869E4E9271B484209BB44E6E17D99BE6CEA08A983132C0D69FA373202B14D7 ] vcd10bus        C:\Windows\system32\DRIVERS\vcd10bus.sys
20:01:00.0242 0x0d34  vcd10bus - ok
20:01:00.0273 0x0d34  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
20:01:00.0289 0x0d34  vdrvroot - ok
20:01:00.0335 0x0d34  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
20:01:00.0398 0x0d34  vds - ok
20:01:00.0429 0x0d34  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
20:01:00.0445 0x0d34  vga - ok
20:01:00.0460 0x0d34  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
20:01:00.0507 0x0d34  VgaSave - ok
20:01:00.0554 0x0d34  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
20:01:00.0585 0x0d34  vhdmp - ok
20:01:00.0632 0x0d34  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
20:01:00.0647 0x0d34  viaide - ok
20:01:00.0679 0x0d34  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
20:01:00.0694 0x0d34  vmbus - ok
20:01:00.0710 0x0d34  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
20:01:00.0725 0x0d34  VMBusHID - ok
20:01:00.0757 0x0d34  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:01:00.0772 0x0d34  volmgr - ok
20:01:00.0803 0x0d34  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:01:00.0835 0x0d34  volmgrx - ok
20:01:00.0866 0x0d34  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:01:00.0881 0x0d34  volsnap - ok
20:01:00.0913 0x0d34  [ B4A73CA4EF9A02B9738CEA9AD5FE5917, B6A8086189FE2F1C3FE5B3F484FBA3DB2E5E1836F3154D30090F136C27D16166 ] vpcbus          C:\Windows\system32\DRIVERS\vpchbus.sys
20:01:00.0928 0x0d34  vpcbus - ok
20:01:00.0975 0x0d34  [ 5FB42082B0D19A0268705F1DD343DF20, 62F8EEE6A507CE6A8BD638020118D71B78332F79BA82654AB702AE46B04767D9 ] vpcusb          C:\Windows\system32\DRIVERS\vpcusb.sys
20:01:00.0991 0x0d34  vpcusb - ok
20:01:01.0022 0x0d34  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
20:01:01.0037 0x0d34  vsmraid - ok
20:01:01.0115 0x0d34  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
20:01:01.0209 0x0d34  VSS - ok
20:01:01.0225 0x0d34  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
20:01:01.0256 0x0d34  vwifibus - ok
20:01:01.0287 0x0d34  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
20:01:01.0318 0x0d34  vwififlt - ok
20:01:01.0349 0x0d34  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
20:01:01.0365 0x0d34  vwifimp - ok
20:01:01.0396 0x0d34  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
20:01:01.0459 0x0d34  W32Time - ok
20:01:01.0490 0x0d34  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
20:01:01.0505 0x0d34  WacomPen - ok
20:01:01.0537 0x0d34  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
20:01:01.0568 0x0d34  WANARP - ok
20:01:01.0583 0x0d34  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:01:01.0615 0x0d34  Wanarpv6 - ok
20:01:01.0708 0x0d34  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
20:01:01.0755 0x0d34  WatAdminSvc - ok
20:01:01.0833 0x0d34  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
20:01:01.0927 0x0d34  wbengine - ok
20:01:01.0958 0x0d34  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
20:01:01.0989 0x0d34  WbioSrvc - ok
20:01:02.0005 0x0d34  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:01:02.0036 0x0d34  wcncsvc - ok
20:01:02.0051 0x0d34  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:01:02.0098 0x0d34  WcsPlugInService - ok
20:01:02.0129 0x0d34  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
20:01:02.0129 0x0d34  Wd - ok
20:01:02.0161 0x0d34  [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
20:01:02.0192 0x0d34  WDC_SAM - ok
20:01:02.0239 0x0d34  [ 20442A908FE6D3BC687A5B5DF4D5868C, CC48CD566049D1C656E252DF5233E9AF161AF7A82F8D0B6AB215E7B054A30AA1 ] WDDMService     C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe
20:01:02.0254 0x0d34  WDDMService - ok
20:01:02.0317 0x0d34  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:01:02.0363 0x0d34  Wdf01000 - ok
20:01:02.0473 0x0d34  [ BB9D012A82F66E08D2E235A53B0EBA40, 977C5420E1123308AC70DC285E72053BE9CDB7F46F5F685A77D70A039618352B ] WDFMEService    C:\Program Files\Western Digital\WD SmartWare\WDFME.exe
20:01:02.0551 0x0d34  WDFMEService - ok
20:01:02.0582 0x0d34  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:01:02.0644 0x0d34  WdiServiceHost - ok
20:01:02.0660 0x0d34  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:01:02.0675 0x0d34  WdiSystemHost - ok
20:01:02.0785 0x0d34  [ D878C31511169DE535852FC6D15570E8, 480920E0199134F3EC0AE792DD858988592CE24502B192FBCA758F767E8D8DF2 ] WDRulesService  C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
20:01:02.0831 0x0d34  WDRulesService - ok
20:01:02.0878 0x0d34  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
20:01:02.0909 0x0d34  WebClient - ok
20:01:02.0925 0x0d34  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:01:02.0987 0x0d34  Wecsvc - ok
20:01:03.0003 0x0d34  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:01:03.0034 0x0d34  wercplsupport - ok
20:01:03.0050 0x0d34  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:01:03.0097 0x0d34  WerSvc - ok
20:01:03.0128 0x0d34  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
20:01:03.0159 0x0d34  WfpLwf - ok
20:01:03.0175 0x0d34  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
20:01:03.0190 0x0d34  WIMMount - ok
20:01:03.0221 0x0d34  WinDefend - ok
20:01:03.0253 0x0d34  WinHttpAutoProxySvc - ok
20:01:03.0315 0x0d34  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:01:03.0362 0x0d34  Winmgmt - ok
20:01:03.0409 0x0d34  [ 0C0195C48B6B8582FA6F6373032118DA, 11BD2C9F9E2397C9A16E0990E4ED2CF0679498FE0FD418A3DFDAC60B5C160EE5 ] WinRing0_1_2_0  C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys
20:01:03.0424 0x0d34  WinRing0_1_2_0 - ok
20:01:03.0518 0x0d34  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
20:01:03.0627 0x0d34  WinRM - ok
20:01:03.0689 0x0d34  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUSB.sys
20:01:03.0705 0x0d34  WinUsb - ok
20:01:03.0767 0x0d34  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
20:01:03.0830 0x0d34  Wlansvc - ok
20:01:03.0892 0x0d34  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
20:01:03.0923 0x0d34  WmiAcpi - ok
20:01:03.0955 0x0d34  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:01:03.0986 0x0d34  wmiApSrv - ok
20:01:04.0017 0x0d34  WMPNetworkSvc - ok
20:01:04.0033 0x0d34  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:01:04.0064 0x0d34  WPCSvc - ok
20:01:04.0095 0x0d34  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:01:04.0142 0x0d34  WPDBusEnum - ok
20:01:04.0189 0x0d34  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:01:04.0220 0x0d34  ws2ifsl - ok
20:01:04.0298 0x0d34  [ ADD2FE1A9F4EE41A6D724819550D4E1F, EE8320496D611F6D264AC21684EACB5DC6F9DD82E055726073C7782D0993AFB3 ] WsAudio_Device(1) C:\Windows\system32\drivers\VirtualAudio1.sys
20:01:04.0313 0x0d34  WsAudio_Device(1) - ok
20:01:04.0345 0x0d34  [ ADD2FE1A9F4EE41A6D724819550D4E1F, EE8320496D611F6D264AC21684EACB5DC6F9DD82E055726073C7782D0993AFB3 ] WsAudio_Device(2) C:\Windows\system32\drivers\VirtualAudio2.sys
20:01:04.0360 0x0d34  WsAudio_Device(2) - ok
20:01:04.0407 0x0d34  [ ADD2FE1A9F4EE41A6D724819550D4E1F, EE8320496D611F6D264AC21684EACB5DC6F9DD82E055726073C7782D0993AFB3 ] WsAudio_Device(3) C:\Windows\system32\drivers\VirtualAudio3.sys
20:01:04.0423 0x0d34  WsAudio_Device(3) - ok
20:01:04.0438 0x0d34  [ ADD2FE1A9F4EE41A6D724819550D4E1F, EE8320496D611F6D264AC21684EACB5DC6F9DD82E055726073C7782D0993AFB3 ] WsAudio_Device(4) C:\Windows\system32\drivers\VirtualAudio4.sys
20:01:04.0454 0x0d34  WsAudio_Device(4) - ok
20:01:04.0485 0x0d34  [ ADD2FE1A9F4EE41A6D724819550D4E1F, EE8320496D611F6D264AC21684EACB5DC6F9DD82E055726073C7782D0993AFB3 ] WsAudio_Device(5) C:\Windows\system32\drivers\VirtualAudio5.sys
20:01:04.0501 0x0d34  WsAudio_Device(5) - ok
20:01:04.0547 0x0d34  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
20:01:04.0579 0x0d34  wscsvc - ok
20:01:04.0594 0x0d34  WSearch - ok
20:01:04.0703 0x0d34  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
20:01:04.0797 0x0d34  wuauserv - ok
20:01:04.0813 0x0d34  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:01:04.0844 0x0d34  WudfPf - ok
20:01:04.0875 0x0d34  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
20:01:04.0906 0x0d34  WUDFRd - ok
20:01:04.0937 0x0d34  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:01:04.0953 0x0d34  wudfsvc - ok
20:01:04.0969 0x0d34  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
20:01:05.0000 0x0d34  WwanSvc - ok
20:01:05.0093 0x0d34  ================ Scan global ===============================
20:01:05.0140 0x0d34  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
20:01:05.0156 0x0d34  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
20:01:05.0171 0x0d34  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
20:01:05.0203 0x0d34  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
20:01:05.0234 0x0d34  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
20:01:05.0234 0x0d34  [ Global ] - ok
20:01:05.0249 0x0d34  ================ Scan MBR ==================================
20:01:05.0249 0x0d34  [ 305F3085C8E8571895F4C9340B6A4B8E ] \Device\Harddisk0\DR0
20:01:05.0655 0x0d34  \Device\Harddisk0\DR0 - ok
20:01:05.0655 0x0d34  ================ Scan VBR ==================================
20:01:05.0655 0x0d34  [ BE053F7CBA3791058E03F77558E59D3E ] \Device\Harddisk0\DR0\Partition1
20:01:05.0655 0x0d34  \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
20:01:05.0655 0x0d34  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
20:01:05.0655 0x0d34  [ C4174467F0EA3F29559E95BC763130E3 ] \Device\Harddisk0\DR0\Partition2
20:01:05.0717 0x0d34  \Device\Harddisk0\DR0\Partition2 - ok
20:01:05.0733 0x0d34  [ 2B63A15B6EFBEF182575026C5BED188F ] \Device\Harddisk0\DR0\Partition3
20:01:05.0764 0x0d34  \Device\Harddisk0\DR0\Partition3 - ok
20:01:05.0764 0x0d34  ================ Scan active images ========================
20:01:05.0764 0x0d34  [ 3E588B60EC061686BA05D33574A344C6, 19D2D863F95CCC4493A2328B6BEB04248B6A80F957532E58C1D1D868C19FDCCB ] C:\Windows\System32\drivers\crashdmp.sys
20:01:05.0764 0x0d34  C:\Windows\System32\drivers\crashdmp.sys - ok
20:01:05.0780 0x0d34  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] C:\Windows\System32\drivers\iaStorV.sys
20:01:05.0780 0x0d34  C:\Windows\System32\drivers\iaStorV.sys - ok
20:01:05.0780 0x0d34  [ 814DB88F2641691575A455CF25354098, 79C50F0CD72612733217A0316BEFEA0B6D819C3159D9452EAB89AC26A18A0F89 ] C:\Windows\System32\drivers\dumpfve.sys
20:01:05.0780 0x0d34  C:\Windows\System32\drivers\dumpfve.sys - ok
20:01:05.0780 0x0d34  [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] C:\Windows\System32\drivers\dtsoftbus01.sys
20:01:05.0780 0x0d34  C:\Windows\System32\drivers\dtsoftbus01.sys - ok
20:01:05.0780 0x0d34  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] C:\Windows\System32\drivers\cdrom.sys
20:01:05.0780 0x0d34  C:\Windows\System32\drivers\cdrom.sys - ok
20:01:05.0795 0x0d34  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] C:\Windows\System32\drivers\beep.sys
20:01:05.0795 0x0d34  C:\Windows\System32\drivers\beep.sys - ok
20:01:05.0795 0x0d34  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] C:\Windows\System32\drivers\vga.sys
20:01:05.0795 0x0d34  C:\Windows\System32\drivers\vga.sys - ok
20:01:05.0795 0x0d34  [ E7353D59C9842BC7299FAEB7E7E09340, C37ED1025E07BAC2F535DCFED6C6C509515D95722EADE5AF94F1FC5D8B1DC783 ] C:\Windows\System32\drivers\videoprt.sys
20:01:05.0795 0x0d34  C:\Windows\System32\drivers\videoprt.sys - ok
20:01:05.0795 0x0d34  [ FC438D1430B28618E2D0C7C332A710AD, 873957B202E454E2C8F625E5799F278CAC16EC5EEAEE2C33E2FE5D1FF0408CB2 ] C:\Windows\System32\drivers\watchdog.sys
20:01:05.0795 0x0d34  C:\Windows\System32\drivers\watchdog.sys - ok
20:01:05.0811 0x0d34  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] C:\Windows\System32\drivers\RDPCDD.sys
20:01:05.0811 0x0d34  C:\Windows\System32\drivers\RDPCDD.sys - ok
20:01:05.0811 0x0d34  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] C:\Windows\System32\drivers\RDPENCDD.sys
20:01:05.0811 0x0d34  C:\Windows\System32\drivers\RDPENCDD.sys - ok
20:01:05.0811 0x0d34  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] C:\Windows\System32\drivers\RDPREFMP.sys
20:01:05.0811 0x0d34  C:\Windows\System32\drivers\RDPREFMP.sys - ok
20:01:05.0827 0x0d34  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] C:\Windows\System32\drivers\msfs.sys
20:01:05.0827 0x0d34  C:\Windows\System32\drivers\msfs.sys - ok
20:01:05.0827 0x0d34  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] C:\Windows\System32\drivers\npfs.sys
20:01:05.0827 0x0d34  C:\Windows\System32\drivers\npfs.sys - ok
20:01:05.0827 0x0d34  [ 6F020A220388ECA0AB6062DC27BD16B6, 48655230E482DEB7B4B50EF05818EBB29CA61E780AEFCD9D31B02DE4DF9D9540 ] C:\Windows\System32\drivers\tdi.sys
20:01:05.0827 0x0d34  C:\Windows\System32\drivers\tdi.sys - ok
20:01:05.0827 0x0d34  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] C:\Windows\System32\drivers\tdx.sys
20:01:05.0827 0x0d34  C:\Windows\System32\drivers\tdx.sys - ok
20:01:05.0842 0x0d34  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] C:\Windows\System32\drivers\netbt.sys
20:01:05.0842 0x0d34  C:\Windows\System32\drivers\netbt.sys - ok
20:01:05.0842 0x0d34  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] C:\Windows\System32\drivers\afd.sys
20:01:05.0842 0x0d34  C:\Windows\System32\drivers\afd.sys - ok
20:01:05.0842 0x0d34  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] C:\Windows\System32\drivers\wfplwf.sys
20:01:05.0842 0x0d34  C:\Windows\System32\drivers\wfplwf.sys - ok
20:01:05.0842 0x0d34  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] C:\Windows\System32\drivers\pacer.sys
20:01:05.0842 0x0d34  C:\Windows\System32\drivers\pacer.sys - ok
20:01:05.0858 0x0d34  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] C:\Windows\System32\drivers\vwififlt.sys
20:01:05.0858 0x0d34  C:\Windows\System32\drivers\vwififlt.sys - ok
20:01:05.0858 0x0d34  [ 735143727C4438A72490A2432E7D5CEA, 23FE6DCAFCD7E2B63FA0F14BCBBEC0BCEA220D2BAAAA57FB6E9810C2758A93A7 ] C:\Windows\System32\drivers\NNSNAHSL.sys
20:01:05.0858 0x0d34  C:\Windows\System32\drivers\NNSNAHSL.sys - ok
20:01:05.0858 0x0d34  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] C:\Windows\System32\drivers\netbios.sys
20:01:05.0858 0x0d34  C:\Windows\System32\drivers\netbios.sys - ok
20:01:05.0858 0x0d34  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] C:\Windows\System32\drivers\wanarp.sys
20:01:05.0858 0x0d34  C:\Windows\System32\drivers\wanarp.sys - ok
20:01:05.0873 0x0d34  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] C:\Windows\System32\drivers\termdd.sys
20:01:05.0873 0x0d34  C:\Windows\System32\drivers\termdd.sys - ok
20:01:05.0873 0x0d34  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] C:\Windows\System32\drivers\rdbss.sys
20:01:05.0873 0x0d34  C:\Windows\System32\drivers\rdbss.sys - ok
20:01:05.0873 0x0d34  [ 305FCF2F725B806BC5E69AC95340A271, FCA0EF28DE5F4DAF8E3E4BB70C7668A0E1990CC080D52BA711DFB9CC5C369230 ] C:\Windows\System32\drivers\PSINKNC.sys
20:01:05.0873 0x0d34  C:\Windows\System32\drivers\PSINKNC.sys - ok
20:01:05.0873 0x0d34  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] C:\Windows\System32\drivers\nsiproxy.sys
20:01:05.0873 0x0d34  C:\Windows\System32\drivers\nsiproxy.sys - ok
20:01:05.0889 0x0d34  [ 4F37DC4420A00BC6E9D22E3590806BFC, C65CEE11AFA68F9B870FB256AB53A04C32C1F73F6F4F209944815CC96F8FEB17 ] C:\Windows\System32\drivers\NNStlsc.sys
20:01:05.0889 0x0d34  C:\Windows\System32\drivers\NNStlsc.sys - ok
20:01:05.0889 0x0d34  [ 537FB2F711E65475562FE29877F108E1, D2B486CBF3D4CF4AB5D6CCF34CAA57725C3027A2C3E0A1CF628D33546ACBF072 ] C:\Windows\System32\drivers\NNSStrm.sys
20:01:05.0889 0x0d34  C:\Windows\System32\drivers\NNSStrm.sys - ok
20:01:05.0889 0x0d34  [ DE87A11CB1767ABDDE223D4CC0F7C221, 3D24BC83E4D88174CA08281C0B3E3E7BC44218F4C6950D28D37029AE39F68E50 ] C:\Windows\System32\drivers\NNSSmtp.sys
20:01:05.0889 0x0d34  C:\Windows\System32\drivers\NNSSmtp.sys - ok
20:01:05.0889 0x0d34  [ FFDF3257F83A094941005EE607B8A905, D3E676A13175D329E2F3677D9B56ED7B4DCDCE6794C96025171B24140B543EDC ] C:\Windows\System32\drivers\NNSPrv.sys
20:01:05.0889 0x0d34  C:\Windows\System32\drivers\NNSPrv.sys - ok
20:01:05.0905 0x0d34  [ 425356A7A3657174C206AA3FDB3DDD35, 9634D9A2271C57051BBEC58020082B4CCF2A6583B8FB3C6AC22E9C81728E10F8 ] C:\Windows\System32\drivers\NNSProt.sys
20:01:05.0905 0x0d34  C:\Windows\System32\drivers\NNSProt.sys - ok
20:01:05.0905 0x0d34  [ EB153B4FA5200D1D3352D6C3FB7C9C38, 306805080F8FDB5D9299E93C7074F3B46F8E4B6623A3A75A83E98E6EB0E5BDC5 ] C:\Windows\System32\drivers\NNSPop3.sys
20:01:05.0905 0x0d34  C:\Windows\System32\drivers\NNSPop3.sys - ok
20:01:05.0905 0x0d34  [ AA1A311C019288FFCCF3661B5EA27A99, BC91048E82C820CECBBDEDD9D9F7EDDBF6CBC88CE1D9C83A12C4A0E59CFAAC76 ] C:\Windows\System32\drivers\NNSPihsw.sys
20:01:05.0905 0x0d34  C:\Windows\System32\drivers\NNSPihsw.sys - ok
20:01:05.0905 0x0d34  [ C5332A1FB751B8D5FD9D424D330BC91B, B2FEBEA06252457FF87B74D693E75B29CCF6839EA6FFD60007996B23A6D80154 ] C:\Windows\System32\drivers\NNSpicc.sys
20:01:05.0905 0x0d34  C:\Windows\System32\drivers\NNSpicc.sys - ok
20:01:05.0920 0x0d34  [ 222CF23D6FCEB616CA48BBA55FC4D5C0, DB61FEA4126005A226E88FD6590BC57B440047DFAC6531B3C91AFFEFB0AD6F6C ] C:\Windows\System32\drivers\NNSIds.sys
20:01:05.0920 0x0d34  C:\Windows\System32\drivers\NNSIds.sys - ok
20:01:05.0920 0x0d34  [ B40C57451477334E8A66F4823BE04AE3, B3E52FA1570D569F2C40716ED925E3D588489DF37D9639E3BA5B5C0AAFE91543 ] C:\Windows\System32\drivers\NNSHttps.sys
20:01:05.0920 0x0d34  C:\Windows\System32\drivers\NNSHttps.sys - ok
20:01:05.0920 0x0d34  [ 4C7EAD79B914ADE44D68171AFEEF2AB3, 78D805FFC0DF4EB3D36B43CFD05CF7F5AFCC81B196224A09834EB17FA4D29838 ] C:\Windows\System32\drivers\NNSHttp.sys
20:01:05.0920 0x0d34  C:\Windows\System32\drivers\NNSHttp.sys - ok
20:01:05.0920 0x0d34  [ ACC47D60E202EBA0A8A80768EC5D3C97, 3A26BA0A97201B55151D649DBCF048E0D72A933D4DDBE5FD415AB772C7C6C250 ] C:\Windows\System32\drivers\NNSAlpc.sys
20:01:05.0920 0x0d34  C:\Windows\System32\drivers\NNSAlpc.sys - ok
20:01:05.0936 0x0d34  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] C:\Windows\System32\drivers\mssmbios.sys
20:01:05.0936 0x0d34  C:\Windows\System32\drivers\mssmbios.sys - ok
20:01:05.0936 0x0d34  [ E5805896A55D4166C20F216249F40FA3, F426BF60D5B916E7A778EF24C49FE1FFE1B2977C2ABD2977FD5C38C6E6CB139F ] C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS
20:01:05.0936 0x0d34  C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS - ok
20:01:05.0936 0x0d34  [ 627350A11295D82BF78D155B12FFD0EF, BF4A80A379803C765EF5163EE7422A30D8F35820E38690F11A27FA605DD20FFA ] C:\Windows\System32\drivers\ElRawDsk.sys
20:01:05.0936 0x0d34  C:\Windows\System32\drivers\ElRawDsk.sys - ok
20:01:05.0936 0x0d34  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] C:\Windows\System32\drivers\discache.sys
20:01:05.0936 0x0d34  C:\Windows\System32\drivers\discache.sys - ok
20:01:05.0951 0x0d34  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] C:\Windows\System32\drivers\csc.sys
20:01:05.0951 0x0d34  C:\Windows\System32\drivers\csc.sys - ok
20:01:05.0951 0x0d34  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] C:\Windows\System32\drivers\dfsc.sys
20:01:05.0951 0x0d34  C:\Windows\System32\drivers\dfsc.sys - ok
20:01:05.0951 0x0d34  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] C:\Windows\System32\drivers\blbdrive.sys
20:01:05.0951 0x0d34  C:\Windows\System32\drivers\blbdrive.sys - ok
20:01:05.0951 0x0d34  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] C:\Windows\System32\drivers\tunnel.sys
20:01:05.0951 0x0d34  C:\Windows\System32\drivers\tunnel.sys - ok
20:01:05.0967 0x0d34  [ CAAAC014C5C56A69F710B5F1B836DE22, DA98EF2EBF9A7F180344A88CC2C74F69101E17BBAB58B1C46176FD6EE7AA2E6A ] C:\Windows\System32\ntdll.dll
20:01:05.0967 0x0d34  C:\Windows\System32\ntdll.dll - ok
20:01:05.0967 0x0d34  [ F0970A4BC8395659C22BF53D0FADF16F, 23BE3066D89A5ACBF8130899640D377476E78B6C3D19E2D13C32238464A83E21 ] C:\Windows\System32\smss.exe
20:01:05.0967 0x0d34  C:\Windows\System32\smss.exe - ok
20:01:05.0967 0x0d34  [ 3B536A8BEC3B4F23FFDFD78B11A2AB93, 7BC847CE6C2D29C334F0D1600BBBDE3933FF45F6BEE5186F442E6270A3F9EC4E ] C:\Windows\System32\autochk.exe
20:01:05.0967 0x0d34  C:\Windows\System32\autochk.exe - ok
20:01:05.0967 0x0d34  [ 044FE45FFD6AD40E3BBBE60B7F41BABE, A1688A5E6E0F7037C850699462C2655006A7D873C97F9AB406C59D81749B6F09 ] C:\Windows\System32\nsi.dll
20:01:05.0967 0x0d34  C:\Windows\System32\nsi.dll - ok
20:01:05.0983 0x0d34  [ 860528C9E50AB84935843B23A80E665E, 1BBC4FC384A2C9B2E30DC8D84C435A6A8E1993F074CDBF0A6A3AC774A3E62AD4 ] C:\Windows\System32\gdi32.dll
20:01:05.0983 0x0d34  C:\Windows\System32\gdi32.dll - ok
20:01:05.0983 0x0d34  [ EAF32CB8C1F810E4715B4DFBE785C7FF, DB6AD07FDED42433E669508AB73FAFF6DAFF04575D6F1D016FE3EB6ECEC4DD5D ] C:\Windows\System32\shlwapi.dll
20:01:05.0983 0x0d34  C:\Windows\System32\shlwapi.dll - ok
20:01:05.0983 0x0d34  [ 6C60B5ACA7442EFB794082CDACFC001C, FC1D9124856A70FF232EF3057D66BEE803295847624CE23B4D0217F23AF52C75 ] C:\Windows\System32\ole32.dll
20:01:05.0983 0x0d34  C:\Windows\System32\ole32.dll - ok
20:01:05.0983 0x0d34  [ 8BEB36649186772E94AC06876EF08D75, 5FF1CC7A28DFCD9865408DE58B8EBCC32183F4F33BD7085AE08BE70BDCB34AAD ] C:\Windows\System32\iertutil.dll
20:01:05.0983 0x0d34  C:\Windows\System32\iertutil.dll - ok
20:01:05.0998 0x0d34  [ 82A4F4993356D74ABB5CA204019563AA, 8872AC05F4BBB16BC8BA978CD9467F94ED71B93980DFFE2BAA346306376CBF15 ] C:\Windows\System32\drivers\nvlddmkm.sys
20:01:05.0998 0x0d34  C:\Windows\System32\drivers\nvlddmkm.sys - ok
20:01:05.0998 0x0d34  [ D2A513EE880D71BDE7F0257F38B9D019, 7BDBFEA312061C0498E4C09EF5E4B3AAA23309E7448028F67EAA6F8F7188E871 ] C:\Windows\System32\kernel32.dll
20:01:05.0998 0x0d34  C:\Windows\System32\kernel32.dll - ok
20:01:05.0998 0x0d34  [ 088CF6AFCD5CDD44E40C0ACDE3C1A5E0, AC6AFCAE3A58AAABC972B3D6A1ED383A59910C689F38D9D4A059A0A535BA1039 ] C:\Windows\System32\usp10.dll
20:01:05.0998 0x0d34  C:\Windows\System32\usp10.dll - ok
20:01:05.0998 0x0d34  [ 63A580C88CFAF72A92550940054569EF, A66C89123D1833446ACC31D5CF536B0D0EC24D2F805C022A637596CF98429D9F ] C:\Windows\System32\advapi32.dll
20:01:05.0998 0x0d34  C:\Windows\System32\advapi32.dll - ok
20:01:06.0014 0x0d34  [ 25983DE69B57142039AC8D95E71CD9C9, A677DA7EBCBCB6073D27E8A38809F51E971E83ED379BC599AAAD6EF4216348DA ] C:\Windows\System32\clbcatq.dll
20:01:06.0014 0x0d34  C:\Windows\System32\clbcatq.dll - ok
20:01:06.0014 0x0d34  [ 796B47A4B82EF1C39F13435B88834C48, AFC3E89476BAAD8A71663F0DB8D15E00FF9D131F1306A2F69D728E3AD1184602 ] C:\Windows\System32\lpk.dll
20:01:06.0014 0x0d34  C:\Windows\System32\lpk.dll - ok
20:01:06.0014 0x0d34  [ C391FC68282A000CDF953F8B6B55D2EF, 1CB0DAB84545D9FDEA5A7865A1E7132CEAC91DECF8B100285B63098D7B09E584 ] C:\Windows\System32\msvcrt.dll
20:01:06.0014 0x0d34  C:\Windows\System32\msvcrt.dll - ok
20:01:06.0014 0x0d34  [ 75C2E9609601044DBF8D19212A11743E, 4C297F21166B141507307F8D2BCB411E240007A6ECABCA42767DD66F0D68C816 ] C:\Windows\System32\drivers\dlkmd.sys
20:01:06.0014 0x0d34  C:\Windows\System32\drivers\dlkmd.sys - ok
20:01:06.0029 0x0d34  [ C431EAF5CAA1C82CAC2534A2EAB348A3, ADDF850128DC675E67FABA9A3D0D27E684F01F733962CA22927BB94503549E44 ] C:\Windows\System32\msctf.dll
20:01:06.0029 0x0d34  C:\Windows\System32\msctf.dll - ok
20:01:06.0029 0x0d34  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] C:\Windows\System32\drivers\dxgkrnl.sys
20:01:06.0029 0x0d34  C:\Windows\System32\drivers\dxgkrnl.sys - ok
20:01:06.0029 0x0d34  [ AA2C08CE85653B1A0D2E4AB407FA176C, 83DFD0C119B20AEDB07114C9D1CF9CE2DFA938D0F1070256B0591A9E2C3997FA ] C:\Windows\System32\imm32.dll
20:01:06.0029 0x0d34  C:\Windows\System32\imm32.dll - ok
20:01:06.0029 0x0d34  [ F7CE0C81C545364020ED8203CF0A633E, 24B47A7492B7048096AF87E26786E8108455ADBD1A374B6A0466DE008505B8A9 ] C:\Windows\System32\difxapi.dll
20:01:06.0029 0x0d34  C:\Windows\System32\difxapi.dll - ok
20:01:06.0045 0x0d34  [ 1F04CFB79DD5FB7694468CE3FB3DCC31, A40C0BF6D1EC6C4281611A830EA7B22FEF523A3E197E5A8F59332D64E90376B6 ] C:\Windows\System32\drivers\dxgmms1.sys
20:01:06.0045 0x0d34  C:\Windows\System32\drivers\dxgmms1.sys - ok
20:01:06.0045 0x0d34  [ FE70103391A64039A921DBFFF9C7AB1B, F7D219D75037BC98F6C69143B00AB6000A31F8B5E211E0AF514F4F4B681522A0 ] C:\Windows\System32\user32.dll
20:01:06.0045 0x0d34  C:\Windows\System32\user32.dll - ok
20:01:06.0045 0x0d34  [ 11D0ECA73AB25135F65656B93ADBCB3D, 65970D64DFB2272C36918D47B440ECDB45D99BAABB78651BF67D1BD0026A45CC ] C:\Windows\System32\drivers\e1y62x64.sys
20:01:06.0045 0x0d34  C:\Windows\System32\drivers\e1y62x64.sys - ok
20:01:06.0045 0x0d34  [ 5D8E6C95156ED1F79A63D1EADE6F9ED5, 12130837D7F89A2C7E9D25747A8E5B9001E0A38D545178B49B450C23AE62664A ] C:\Windows\System32\setupapi.dll
20:01:06.0045 0x0d34  C:\Windows\System32\setupapi.dll - ok
20:01:06.0061 0x0d34  [ 12FEB33791920678F8433701C822BCFD, 7D1AD944CF0532D5AF951ACCE064EA9288F068964603674854CD7658D2B96039 ] C:\Windows\System32\drivers\usbport.sys
20:01:06.0061 0x0d34  C:\Windows\System32\drivers\usbport.sys - ok
20:01:06.0061 0x0d34  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] C:\Windows\System32\drivers\usbuhci.sys
20:01:06.0061 0x0d34  C:\Windows\System32\drivers\usbuhci.sys - ok
20:01:06.0061 0x0d34  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] C:\Windows\System32\drivers\usbehci.sys
20:01:06.0061 0x0d34  C:\Windows\System32\drivers\usbehci.sys - ok
20:01:06.0061 0x0d34  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] C:\Windows\System32\drivers\hdaudbus.sys
20:01:06.0061 0x0d34  C:\Windows\System32\drivers\hdaudbus.sys - ok
20:01:06.0076 0x0d34  [ 28C0B5024F5C5A438E78B188CFC81B7F, AB81FB63F2908CE316B45609077ACBD85F4B2AAD1606B1E9030F06DB82EDDFAD ] C:\Windows\System32\normaliz.dll
20:01:06.0076 0x0d34  C:\Windows\System32\normaliz.dll - ok
20:01:06.0076 0x0d34  [ D87E1E59C73C1F98D5DED5B3850C40F5, 536419BFF9F877D4314B5D0C045D9A6E729489C389863FADF07E382050BC84FD ] C:\Windows\System32\psapi.dll
20:01:06.0076 0x0d34  C:\Windows\System32\psapi.dll - ok
20:01:06.0076 0x0d34  [ 4BBFA57F594F7E8A8EDC8F377184C3F0, 9F3AC5DEA5A6250C3DBB97AF79C81C0A48429486521F807355A1D7D3D861B75F ] C:\Windows\System32\ws2_32.dll
20:01:06.0076 0x0d34  C:\Windows\System32\ws2_32.dll - ok
20:01:06.0076 0x0d34  [ F947D57534E01E3CA597BCF2AD8AE65B, 498A87443CE3344F82B19D4903F128337B5B3DA49D3C208F796394DA6B3A8946 ] C:\Windows\System32\rpcrt4.dll
20:01:06.0076 0x0d34  C:\Windows\System32\rpcrt4.dll - ok
20:01:06.0092 0x0d34  [ 5526A3CCC98DAEE45E86011D72811609, F1947407FF718611C872EBAD3F4A3AA73E1078EBB2BAF9933204C15563E268E3 ] C:\Windows\System32\urlmon.dll
20:01:06.0092 0x0d34  C:\Windows\System32\urlmon.dll - ok
20:01:06.0092 0x0d34  [ 4E4FFB09D895AA000DD56D1404F69A7E, D999E04BB35780088480EAB322176570591A21E311D204BDCAB010A63B34D24C ] C:\Windows\System32\Wldap32.dll
20:01:06.0092 0x0d34  C:\Windows\System32\Wldap32.dll - ok
20:01:06.0092 0x0d34  [ B938AF16A521C913791C6F7AFF032757, 3D0B64F23C3C932E31936874E513D74BA668401516E482E029D690E78184C498 ] C:\Windows\System32\oleaut32.dll
20:01:06.0092 0x0d34  C:\Windows\System32\oleaut32.dll - ok
20:01:06.0092 0x0d34  [ B4F29F65AD3114051F01E9403346047F, 7EB58545211C51E95B3F45C47C1F7CCE05B707D168E7C20F46D36E19EE3D8DFC ] C:\Windows\System32\imagehlp.dll
20:01:06.0092 0x0d34  C:\Windows\System32\imagehlp.dll - ok
20:01:06.0107 0x0d34  [ BC38D79383F2B4CD435063AED75228D0, F30B8C59B64CFC031EC5DEF4B01AB32E3859765DC623AFBE0053DB62C856098C ] C:\Windows\System32\wininet.dll
20:01:06.0107 0x0d34  C:\Windows\System32\wininet.dll - ok
20:01:06.0107 0x0d34  [ 06C2D8D2C7C688B24760E5034A852728, 18B694EE00DA91E26D98E7EEC270E4717ED4BD81D6855F2A9E0AAB795043722B ] C:\Windows\System32\drivers\BCMWL664.SYS
20:01:06.0107 0x0d34  C:\Windows\System32\drivers\BCMWL664.SYS - ok
20:01:06.0107 0x0d34  [ 9835E63E09F824D22B689D2BB789BAB9, 5BCFFAFB894D69FBCDDB91E64D30A356F4BD57098E8B4C51B98AFAF6581BDB63 ] C:\Windows\System32\comdlg32.dll
20:01:06.0107 0x0d34  C:\Windows\System32\comdlg32.dll - ok
20:01:06.0107 0x0d34  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] C:\Windows\System32\drivers\vwifibus.sys
20:01:06.0107 0x0d34  C:\Windows\System32\drivers\vwifibus.sys - ok
20:01:06.0123 0x0d34  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] C:\Windows\System32\drivers\1394ohci.sys
20:01:06.0123 0x0d34  C:\Windows\System32\drivers\1394ohci.sys - ok
20:01:06.0123 0x0d34  [ 83404DCBCE4925B6A5A77C5170F46D86, D669614D0B4461DB244AD99FBE1BA92CEB9B4ED5EC8E987E23764E77D9AC7074 ] C:\Windows\System32\sechost.dll
20:01:06.0123 0x0d34  C:\Windows\System32\sechost.dll - ok
20:01:06.0123 0x0d34  [ AE57F6C7AB3ED244B5F14151C4EA0057, 60BAF0909C60B2387E2972EBBC77140E9E982549F0746EE26AF4EFB4E9FD77A4 ] C:\Windows\System32\shell32.dll
20:01:06.0123 0x0d34  C:\Windows\System32\shell32.dll - ok
20:01:06.0123 0x0d34  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] C:\Windows\System32\drivers\sdbus.sys
20:01:06.0123 0x0d34  C:\Windows\System32\drivers\sdbus.sys - ok
20:01:06.0139 0x0d34  [ E31960692CBB3A8BCDF300BC1D889E1F, DEAD6A0C6ABD03173D182628323221B605B018467E28F90FACF8D95CAB6D96FC ] C:\Windows\System32\drivers\rimmpx64.sys
20:01:06.0139 0x0d34  C:\Windows\System32\drivers\rimmpx64.sys - ok
20:01:06.0139 0x0d34  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] C:\Windows\System32\drivers\i8042prt.sys
20:01:06.0139 0x0d34  C:\Windows\System32\drivers\i8042prt.sys - ok
20:01:06.0139 0x0d34  [ 2F3273B44A6C14C9AEFD29D62BBC5F3A, FD6619AF8E8B57818714AC898282429CBD754AA2031AE5221CA0A3675551557B ] C:\Windows\System32\drivers\Apfiltr.sys
20:01:06.0139 0x0d34  C:\Windows\System32\drivers\Apfiltr.sys - ok
20:01:06.0139 0x0d34  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] C:\Windows\System32\drivers\mouclass.sys
20:01:06.0139 0x0d34  C:\Windows\System32\drivers\mouclass.sys - ok
20:01:06.0154 0x0d34  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] C:\Windows\System32\drivers\kbdclass.sys
20:01:06.0154 0x0d34  C:\Windows\System32\drivers\kbdclass.sys - ok
20:01:06.0154 0x0d34  [ 678D197CAD249F930B7FDD2AFA4C91B0, 5CE65B8A72225B663534A14BA31DCAB8EA5A7CE9BE05C3A18837FE8B554EF1FA ] C:\Windows\System32\drivers\Smb_driver_Intel.sys
20:01:06.0154 0x0d34  C:\Windows\System32\drivers\Smb_driver_Intel.sys - ok
20:01:06.0154 0x0d34  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] C:\Windows\System32\drivers\CmBatt.sys
20:01:06.0154 0x0d34  C:\Windows\System32\drivers\CmBatt.sys - ok
20:01:06.0154 0x0d34  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] C:\Windows\System32\drivers\wmiacpi.sys
20:01:06.0154 0x0d34  C:\Windows\System32\drivers\wmiacpi.sys - ok
20:01:06.0170 0x0d34  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] C:\Windows\System32\drivers\intelppm.sys
20:01:06.0170 0x0d34  C:\Windows\System32\drivers\intelppm.sys - ok
20:01:06.0170 0x0d34  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] C:\Windows\System32\drivers\CompositeBus.sys
20:01:06.0170 0x0d34  C:\Windows\System32\drivers\CompositeBus.sys - ok
20:01:06.0170 0x0d34  [ 24FBF5CC5C04150073C315A7C83521EE, 581BD5F15B5E57B3BAA762E421FFD859FDA46DDB8515C2A7AAFF208D784E906C ] C:\Windows\System32\drivers\ks.sys
20:01:06.0170 0x0d34  C:\Windows\System32\drivers\ks.sys - ok
20:01:06.0170 0x0d34  [ E0D3CD5841E5C7BE7B94BA946AF1E498, 4EAE1B226255623DA41A047633994D6902F6D4CA5757BF5D85E227378336227F ] C:\Windows\System32\drivers\drmk.sys
20:01:06.0185 0x0d34  C:\Windows\System32\drivers\drmk.sys - ok
20:01:06.0185 0x0d34  [ 1E0B4CBBA91C6B041A14ECC2186F7E24, 63039A317F906454A0652704DA2D646658A148B9B55BFB5D2F4B27997F357DF9 ] C:\Windows\System32\drivers\portcls.sys
20:01:06.0185 0x0d34  C:\Windows\System32\drivers\portcls.sys - ok
20:01:06.0185 0x0d34  [ 2B9400C48DF50F75C76571B0FCA29FFB, 60EE9590E9B64B5563BF760EA9FDC8B8A167EBAD807ED6B1A61565D4C1341268 ] C:\Windows\System32\drivers\SndTAudio.sys
20:01:06.0185 0x0d34  C:\Windows\System32\drivers\SndTAudio.sys - ok
20:01:06.0185 0x0d34  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] C:\Windows\System32\drivers\ksthunk.sys
20:01:06.0185 0x0d34  C:\Windows\System32\drivers\ksthunk.sys - ok
20:01:06.0201 0x0d34  [ 388D3DD1A6457280F3BADBA9F3ACD6B1, 5C534EA15195B1301C917904627AF09FE2ABA3FEE1641B5C87E8F3191BC49058 ] C:\Windows\System32\drivers\rootmdm.sys
20:01:06.0201 0x0d34  C:\Windows\System32\drivers\rootmdm.sys - ok
20:01:06.0201 0x0d34  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] C:\Windows\System32\drivers\modem.sys
20:01:06.0201 0x0d34  C:\Windows\System32\drivers\modem.sys - ok
20:01:06.0201 0x0d34  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] C:\Windows\System32\drivers\agilevpn.sys
20:01:06.0201 0x0d34  C:\Windows\System32\drivers\agilevpn.sys - ok
20:01:06.0201 0x0d34  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] C:\Windows\System32\drivers\rasl2tp.sys
20:01:06.0201 0x0d34  C:\Windows\System32\drivers\rasl2tp.sys - ok
20:01:06.0217 0x0d34  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] C:\Windows\System32\drivers\ndistapi.sys
20:01:06.0217 0x0d34  C:\Windows\System32\drivers\ndistapi.sys - ok
20:01:06.0217 0x0d34  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] C:\Windows\System32\drivers\ndiswan.sys
20:01:06.0217 0x0d34  C:\Windows\System32\drivers\ndiswan.sys - ok
20:01:06.0217 0x0d34  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] C:\Windows\System32\drivers\raspppoe.sys
20:01:06.0217 0x0d34  C:\Windows\System32\drivers\raspppoe.sys - ok
20:01:06.0217 0x0d34  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] C:\Windows\System32\drivers\raspptp.sys
20:01:06.0217 0x0d34  C:\Windows\System32\drivers\raspptp.sys - ok
20:01:06.0232 0x0d34  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] C:\Windows\System32\drivers\rassstp.sys
20:01:06.0232 0x0d34  C:\Windows\System32\drivers\rassstp.sys - ok
20:01:06.0232 0x0d34  [ 344604E6913BD6E4EAEC34AF2E0943D7, 4ADFE13AFECD0F263A27F647FC6BA1AB47B2A28F9D70FCAC90F23D0A2FB8C493 ] C:\Windows\System32\drivers\RimSerial_AMD64.sys
20:01:06.0232 0x0d34  C:\Windows\System32\drivers\RimSerial_AMD64.sys - ok
20:01:06.0232 0x0d34  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] C:\Windows\System32\drivers\rdpbus.sys
20:01:06.0232 0x0d34  C:\Windows\System32\drivers\rdpbus.sys - ok
20:01:06.0232 0x0d34  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] C:\Windows\System32\drivers\swenum.sys
20:01:06.0232 0x0d34  C:\Windows\System32\drivers\swenum.sys - ok
20:01:06.0248 0x0d34  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] C:\Windows\System32\drivers\umbus.sys
20:01:06.0248 0x0d34  C:\Windows\System32\drivers\umbus.sys - ok
20:01:06.0248 0x0d34  [ 1642C62F1FD5E1FF44608283994A7BB8, 4646AA0EF74A2AEE6C17D12206FCFE1E84D6FA712AD95A171F16D11BC9D3F11A ] C:\Windows\System32\drivers\ew_jubusenum.sys
20:01:06.0248 0x0d34  C:\Windows\System32\drivers\ew_jubusenum.sys - ok
20:01:06.0248 0x0d34  [ 9028D1621C43DF8DFBD1C76860412A11, A1D48D9B33180BDE50D2FA9BB07E9520B7B7788C39B3AABB4A06AE4B1AACA755 ] C:\Windows\System32\comctl32.dll
20:01:06.0248 0x0d34  C:\Windows\System32\comctl32.dll - ok
20:01:06.0248 0x0d34  [ 06FEC9E8117103BB1141A560E98077DA, C5E61B11DDBBBBBA3D9488970524F0975EA5FBDF16E2FA31F579F8BFA48353B1 ] C:\Windows\System32\devobj.dll
20:01:06.0248 0x0d34  C:\Windows\System32\devobj.dll - ok
20:01:06.0263 0x0d34  [ 851BB346CD59D9B3BC8854384C7DD5C3, 0CA1BCBDA6CB8CAC1186B3BE13C3937EDF46264FDFFCEBDF94C7EB10DE957DC6 ] C:\Windows\System32\KernelBase.dll
20:01:06.0263 0x0d34  C:\Windows\System32\KernelBase.dll - ok
20:01:06.0263 0x0d34  [ 08835F1772B58DE4C3AAF604760276A5, 2D9E296E167203246319C67C433CD5FF2A4857F3A2339593386529CF43AFD573 ] C:\Windows\System32\crypt32.dll
20:01:06.0263 0x0d34  C:\Windows\System32\crypt32.dll - ok
20:01:06.0263 0x0d34  [ 2477A28081BDAEE622CF045ACF8EE124, 00A09CAF9129E84FEEA98FA03CE9012C9F961B64FEE15C4F268822C0F82ACC3C ] C:\Windows\System32\cfgmgr32.dll
20:01:06.0263 0x0d34  C:\Windows\System32\cfgmgr32.dll - ok
20:01:06.0263 0x0d34  [ 7FC292D1527EDFEBA2576B6789DE6AB5, A954CD41F5EA3C169D3183CC6CCF36DD157ED384836FDACC763E82F866C0246F ] C:\Windows\System32\wintrust.dll
20:01:06.0263 0x0d34  C:\Windows\System32\wintrust.dll - ok
20:01:06.0279 0x0d34  [ 884415BD4269C02EAF8E2613BF85500D, EFE771709EC942694FD206AC8D0A48ED7DCD35036F074268E4AECD68AC982CEA ] C:\Windows\System32\msasn1.dll
20:01:06.0279 0x0d34  C:\Windows\System32\msasn1.dll - ok
20:01:06.0279 0x0d34  [ 9C278785347BCC991F8EA2999D90F58D, EA680C3642A6ABF627415AEE019956FAC702DC6A8F4B4D0FC8A4FB21EADD3896 ] C:\Windows\SysWOW64\normaliz.dll
20:01:06.0279 0x0d34  C:\Windows\SysWOW64\normaliz.dll - ok
20:01:06.0279 0x0d34  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] C:\Windows\System32\drivers\usbhub.sys
20:01:06.0279 0x0d34  C:\Windows\System32\drivers\usbhub.sys - ok
20:01:06.0279 0x0d34  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] C:\Windows\System32\drivers\ndproxy.sys
20:01:06.0279 0x0d34  C:\Windows\System32\drivers\ndproxy.sys - ok
20:01:06.0295 0x0d34  [ 02E784FA49032F84964DB90A3ED81890, 93519BE6706F33E35755A357DEBF489B2985553C33188EFD1F3B516702D6695B ] C:\Windows\System32\drivers\stwrt64.sys
20:01:06.0295 0x0d34  C:\Windows\System32\drivers\stwrt64.sys - ok
20:01:06.0295 0x0d34  [ FFA06EF43987ED0DD42AD59B260C0C78, 260518D5E077E55E0F2099037DBEFA93016FD4D4655456DDB3147AF9CBE7BF6B ] C:\Windows\System32\drivers\usbd.sys
20:01:06.0295 0x0d34  C:\Windows\System32\drivers\usbd.sys - ok
20:01:06.0295 0x0d34  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] C:\Windows\System32\drivers\usbccgp.sys
20:01:06.0295 0x0d34  C:\Windows\System32\drivers\usbccgp.sys - ok
20:01:06.0295 0x0d34  [ DBC6B7337004D5C6C66731C29DB6EAEA, 45C54760D82C577194E8188FE0E58C1AA1032D74EAACDDCDF9FEF3BE49EBA665 ] C:\Windows\System32\drivers\cvusbdrv.sys
20:01:06.0295 0x0d34  C:\Windows\System32\drivers\cvusbdrv.sys - ok
20:01:06.0310 0x0d34  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] C:\Windows\System32\drivers\winusb.sys
20:01:06.0310 0x0d34  C:\Windows\System32\drivers\winusb.sys - ok
20:01:06.0310 0x0d34  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] C:\Windows\System32\drivers\WUDFRd.sys
20:01:06.0310 0x0d34  C:\Windows\System32\drivers\WUDFRd.sys - ok
20:01:06.0310 0x0d34  [ BF24D6F2ED97FE830BFD52B246F98E67, 6BBF4C4221A245462EF653798F6B416EEB12594AD1CB4E8BC8908A8CB2F53384 ] C:\Windows\System32\drivers\dxapi.sys
20:01:06.0310 0x0d34  C:\Windows\System32\drivers\dxapi.sys - ok
20:01:06.0310 0x0d34  [ 93C055B6AAD76360A60CB7E59A491531, 721C33C7D8E3EE58EF2665E9CDDA3B648E8DAF6A0C413EB2F1039CC91600AA7A ] C:\Windows\System32\win32k.sys
20:01:06.0310 0x0d34  C:\Windows\System32\win32k.sys - ok
20:01:06.0326 0x0d34  [ 60C2862B4BF0FD9F582EF344C2B1EC72, CB1C6018FC5C15483AC5BB96E5C2E2E115BB0C0E1314837D77201BAB37E8C03A ] C:\Windows\System32\csrss.exe
20:01:06.0326 0x0d34  C:\Windows\System32\csrss.exe - ok
20:01:06.0326 0x0d34  [ 216BABD555BC550952320EEA89C25DDF, 1BBB92415280032CD18F361382A69D0D91266AAD56FC88A99C804B0053743D72 ] C:\Windows\System32\csrsrv.dll
20:01:06.0326 0x0d34  C:\Windows\System32\csrsrv.dll - ok
20:01:06.0326 0x0d34  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\System32\basesrv.dll
20:01:06.0326 0x0d34  C:\Windows\System32\basesrv.dll - ok
20:01:06.0326 0x0d34  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\System32\winsrv.dll
20:01:06.0326 0x0d34  C:\Windows\System32\winsrv.dll - ok
20:01:06.0341 0x0d34  [ 597C3699384E53CC59587ED50CCE5CA2, 4F61E9B5BEB3BD1634D733983381E516664BD7E250DF4B0150B168E05EFD652A ] C:\Windows\System32\drivers\hidclass.sys
20:01:06.0341 0x0d34  C:\Windows\System32\drivers\hidclass.sys - ok
20:01:06.0341 0x0d34  [ 856E76B3641746ABBC2946BED1372098, FD93CC7F72560F72CA49AD5609C079E25B8A3A4802E72B127B63A9E7B4884710 ] C:\Windows\System32\drivers\hidparse.sys
20:01:06.0341 0x0d34  C:\Windows\System32\drivers\hidparse.sys - ok



#3 Zapan

Zapan
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:05:41 AM

Posted 13 January 2015 - 05:35 PM

20:01:06.0341 0x0d34  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] C:\Windows\System32\drivers\hidusb.sys
20:01:06.0341 0x0d34  C:\Windows\System32\drivers\hidusb.sys - ok
20:01:06.0341 0x0d34  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] C:\Windows\System32\drivers\mouhid.sys
20:01:06.0341 0x0d34  C:\Windows\System32\drivers\mouhid.sys - ok
20:01:06.0357 0x0d34  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] C:\Windows\System32\drivers\monitor.sys
20:01:06.0357 0x0d34  C:\Windows\System32\drivers\monitor.sys - ok
20:01:06.0357 0x0d34  [ F29FE765E1448EF371CFE05BFAC74ADB, F251581222D78543272FD4B14A6A59F4B0E0CC44A5FCBCF56DE4CA5783F78A75 ] C:\Windows\System32\tsddd.dll
20:01:06.0357 0x0d34  C:\Windows\System32\tsddd.dll - ok
20:01:06.0357 0x0d34  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\System32\sxssrv.dll
20:01:06.0357 0x0d34  C:\Windows\System32\sxssrv.dll - ok
20:01:06.0357 0x0d34  [ 94355C28C1970635A31B3FE52EB7CEBA, C4E98F07170CEC69CACDD5CEDB8927E48A2A299CB1B8CDA87526E768AF6174F0 ] C:\Windows\System32\wininit.exe
20:01:06.0357 0x0d34  C:\Windows\System32\wininit.exe - ok
20:01:06.0373 0x0d34  [ 2C942733A5983DD4502219FF37C7EBC7, 34B20B6B0D7274E4B5B783F1D2345BC3DD9888964D5C2C65712F041A00CF5B45 ] C:\Windows\System32\profapi.dll
20:01:06.0373 0x0d34  C:\Windows\System32\profapi.dll - ok
20:01:06.0373 0x0d34  [ 943F527DF79E6B400104341AA7023C75, 53C7B9426181D3D172E6B1A07E6DF8A0CB8FCA27D3A03CE5F544D3209B5F4651 ] C:\Windows\System32\cdd.dll
20:01:06.0373 0x0d34  C:\Windows\System32\cdd.dll - ok
20:01:06.0373 0x0d34  [ C2A8CB1275ECB85D246A9ECC02A728E3, 3603FADCA0060BD201148F9D59E4E2627F024609A6463AB525B5D1AD17BDCD10 ] C:\Windows\System32\RpcRtRemote.dll
20:01:06.0373 0x0d34  C:\Windows\System32\RpcRtRemote.dll - ok
20:01:06.0373 0x0d34  [ 4B1D11E789F27C99B7D18F7765E256C1, 644CF8665B587CDA92E8224B1184BAED3E8729FE54ED4DD45C484C0EFC929853 ] C:\Windows\System32\KBDPO.DLL
20:01:06.0373 0x0d34  C:\Windows\System32\KBDPO.DLL - ok
20:01:06.0373 0x0d34  [ 78523A26F5604C0568FE9D1CE86E36F4, 534A7228BF69719106F581616A32EAEF0B770DDB36DCE94F84E7D52FDB1382B5 ] C:\Windows\System32\KBDUS.DLL
20:01:06.0373 0x0d34  C:\Windows\System32\KBDUS.DLL - ok
20:01:06.0388 0x0d34  [ 8CEBD9D0A0A879CDE9F36F4383B7CAEA, 7AA73B8E7D4D700C164D0410DCF84EA1CCCB0F7DD513E47A2EF0DAE5F16CAE45 ] C:\Windows\System32\winlogon.exe
20:01:06.0388 0x0d34  C:\Windows\System32\winlogon.exe - ok
20:01:06.0388 0x0d34  [ C23B6D9D16FD86F446BE607CA18389D9, 331FA37B5A059FE85C5D1368A42293A7BAE2581F3F1F15B48364644136066C14 ] C:\Windows\System32\winsta.dll
20:01:06.0388 0x0d34  C:\Windows\System32\winsta.dll - ok
20:01:06.0388 0x0d34  [ B26B1801356760841C3BC69F9F91537F, 83B9DF333E36C09E81D44E12AE5BE14650126FDA0CF4A0EA853BF40C5780EF81 ] C:\Windows\System32\WlS0WndH.dll
20:01:06.0388 0x0d34  C:\Windows\System32\WlS0WndH.dll - ok
20:01:06.0388 0x0d34  [ 9CEAD32E79A62150FE9F8557E58E008B, AFE4C1725EE94D7DE0749AE1495A4E5CC33C369F29B2A589DA66FFE27FF9777E ] C:\Windows\System32\sxs.dll
20:01:06.0388 0x0d34  C:\Windows\System32\sxs.dll - ok
20:01:06.0404 0x0d34  [ 784FA3DF338E2E8F5F0389D6FAC428AF, 9C8AA0CFDEB9E38AAF8EB08626070E0F0364F4F8A793CFE3532EC6C007980C34 ] C:\Windows\System32\cryptbase.dll
20:01:06.0404 0x0d34  C:\Windows\System32\cryptbase.dll - ok
20:01:06.0404 0x0d34  [ 90499F3163A9F815CF196A205EA3CD5D, 29B4ED3795CEC1177EB367132914CE21C194CDEC5DB9DC923FD928C85E94D821 ] C:\Windows\System32\apphelp.dll
20:01:06.0404 0x0d34  C:\Windows\System32\apphelp.dll - ok
20:01:06.0404 0x0d34  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\System32\services.exe
20:01:06.0404 0x0d34  C:\Windows\System32\services.exe - ok
20:01:06.0404 0x0d34  [ C072064F95579C0D6D86AF5B3DC53192, CF4A088DF97F4D4963BEAB9CBDBF69FEA2D4773159054A0AF8B8DFFDF83E18DA ] C:\Windows\System32\sspicli.dll
20:01:06.0404 0x0d34  C:\Windows\System32\sspicli.dll - ok
20:01:06.0419 0x0d34  [ E914A50A151DFFE63D3935226DB5E2C1, 7DCCE4060344E1C771679F1C20378A0BEB3C1F06DB684072F07B98921A62A299 ] C:\Windows\System32\scext.dll
20:01:06.0419 0x0d34  C:\Windows\System32\scext.dll - ok
20:01:06.0419 0x0d34  [ 8784236EED5079493DA9FC95B28B89F8, E59C349B964F585C27F63FBF7C1B5D7C6CF8CC958BD35100A36D57542DC13972 ] C:\Windows\System32\WerFault.exe
20:01:06.0419 0x0d34  C:\Windows\System32\WerFault.exe - ok
20:01:06.0419 0x0d34  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] C:\Windows\System32\lsass.exe
20:01:06.0419 0x0d34  C:\Windows\System32\lsass.exe - ok
20:01:06.0419 0x0d34  [ 9662EE182644511439F1C53745DC1C88, D205B2C163E78AB42A5D67D7664EF6B75EA0374FF0924467D624F9DB0611F0AD ] C:\Windows\System32\lsm.exe
20:01:06.0419 0x0d34  C:\Windows\System32\lsm.exe - ok
20:01:06.0435 0x0d34  [ 39312B37C5FE5138F99680A49ACD3AEA, B9566B4117FBBECF77A0D3F49E9DF302088B9D483F817720B22E4F9C5754264A ] C:\Windows\System32\secur32.dll
20:01:06.0435 0x0d34  C:\Windows\System32\secur32.dll - ok
20:01:06.0435 0x0d34  [ 8098627D0AA1706D69C5AF3F74332ABB, 9582F6162A8405DC568FFBEA08A9090FE92FE2C9DB640077BD7F23AC4FABF700 ] C:\Windows\System32\sspisrv.dll
20:01:06.0435 0x0d34  C:\Windows\System32\sspisrv.dll - ok
20:01:06.0435 0x0d34  [ BBCDF350817BA86416C0F06B6981BE8D, D064438F97852B9BD6015C8B19377C61C671E0969E09506B8359FE7B1F373A61 ] C:\Windows\System32\scesrv.dll
20:01:06.0435 0x0d34  C:\Windows\System32\scesrv.dll - ok
20:01:06.0435 0x0d34  [ C4C1B73FC2FF151BA08E1EAFDE2A2FAF, 0194263A4C3F9D1674BAF348FF3B3E4FA14BF8B018FBB51C16A2DE8095642565 ] C:\Windows\System32\lsasrv.dll
20:01:06.0435 0x0d34  C:\Windows\System32\lsasrv.dll - ok
20:01:06.0451 0x0d34  [ 1075AB2C077B415760C0E948856B5126, D67804B4A038FC06BD84CBF9C047DD4C13073622027F825371DB98867EF4E9B9 ] C:\Windows\System32\wer.dll
20:01:06.0451 0x0d34  C:\Windows\System32\wer.dll - ok
20:01:06.0451 0x0d34  [ 68083118797CAF30FB2EA3E71494D67E, 5F1BCDFCB00A20CD60CBC70A2FD97405EF0F7173DD0E404BBA7B06D39DB37364 ] C:\Windows\System32\sysntfy.dll
20:01:06.0451 0x0d34  C:\Windows\System32\sysntfy.dll - ok
20:01:06.0451 0x0d34  [ 3A9C9BAF610B0DD4967086040B3B62A9, E8E9A0F42B1EE7806EDCEED08AA024D037215D06CA317E3678BD5364AD513D23 ] C:\Windows\System32\srvcli.dll
20:01:06.0451 0x0d34  C:\Windows\System32\srvcli.dll - ok
20:01:06.0451 0x0d34  [ DEE7267C5D232A3B816866872CE199E6, A1994FD37667C52E7CBF873514C190DA61A3D1349786D187BFAE0006F61799AE ] C:\Windows\System32\wmsgapi.dll
20:01:06.0451 0x0d34  C:\Windows\System32\wmsgapi.dll - ok
20:01:06.0466 0x0d34  [ 7FA8FDC2C2A27817FD0F624E78D3B50C, 7B63F6AA2CD6D4D07EA3C595B868B1A0749BB11620027A2BD9B935E3055481E4 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
20:01:06.0466 0x0d34  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
20:01:06.0466 0x0d34  [ F152755F131ADFE452D534F4E9383590, 6E0C52D409203F070B90350EF7405EE38185270E9579F4570DDA53DC65A4653E ] C:\Windows\System32\Faultrep.dll
20:01:06.0466 0x0d34  C:\Windows\System32\Faultrep.dll - ok
20:01:06.0466 0x0d34  [ A744BA6E04C8AA4592818178DBF89521, 9E7C85D842DF16F9B8FED7B06AF309B5ECCBFD465F5552347D4C3F1FEFDC6F7A ] C:\Windows\System32\samsrv.dll
20:01:06.0466 0x0d34  C:\Windows\System32\samsrv.dll - ok
20:01:06.0466 0x0d34  [ 3C91392D448F6E5D525A85B7550D8BA9, 6FD0DC73DBE7519E2C643554C2A7F8FBE4F9A678C4241BB54B3C6E65D2ABCF3A ] C:\Windows\System32\wkscli.dll
20:01:06.0466 0x0d34  C:\Windows\System32\wkscli.dll - ok
20:01:06.0482 0x0d34  [ 3A061472B38233BAFF9CFEFF2E49C46B, DF29B14C8D22A8A16AA336A09A6152E2C7FCA6CAF4E76F0C5DCB55BEF9D00515 ] C:\Windows\System32\cryptdll.dll
20:01:06.0482 0x0d34  C:\Windows\System32\cryptdll.dll - ok
20:01:06.0482 0x0d34  [ 3C073B0C596A0AF84933E7406766B040, 4698BBA678F553E15AD4B07AD7FB236281F872DEFEE97BFD637114476C8F97B3 ] C:\Windows\System32\wevtapi.dll
20:01:06.0482 0x0d34  C:\Windows\System32\wevtapi.dll - ok
20:01:06.0482 0x0d34  [ 86FE1B1F8FD42CD0DB641AB1CDB13093, 8C4BB4415105CE82FFFE658879EAE9D259A24C0F6DFC7D25507352DC99241BE2 ] C:\Windows\System32\cngaudit.dll
20:01:06.0482 0x0d34  C:\Windows\System32\cngaudit.dll - ok
20:01:06.0482 0x0d34  [ 7FBEBD2229EA5FD48D41B199EC2D541C, A465975D445A8D50CAF3EF29BD33354B320D11173C127BE30D5EBBFF7008CDCE ] C:\Windows\System32\authz.dll
20:01:06.0482 0x0d34  C:\Windows\System32\authz.dll - ok
20:01:06.0497 0x0d34  [ 109CC0DF72CC07A6CB59D2995255A1DA, 973863F6BAEDD8C0CF50662E9889041EBCEF40C7EAC31A81E6CE2AF2040B6173 ] C:\Windows\System32\ncrypt.dll
20:01:06.0497 0x0d34  C:\Windows\System32\ncrypt.dll - ok
20:01:06.0497 0x0d34  [ B9A95365E52F421A20E1501935FADDA5, DDB4CB575139233EFAF2C59B7E9B04AF36BBCCC63190181F3B2A7E6BFC86E77E ] C:\Windows\System32\bcrypt.dll
20:01:06.0497 0x0d34  C:\Windows\System32\bcrypt.dll - ok
20:01:06.0497 0x0d34  [ 02B64609F865A39365FF88580DF11738, 2F676B93898E1B6131AF6227BB7AB731EB9C29477F9BD4C2C60F0FC1E35CD968 ] C:\Windows\System32\msprivs.dll
20:01:06.0497 0x0d34  C:\Windows\System32\msprivs.dll - ok
20:01:06.0497 0x0d34  [ C6505DE3561537BA1004D638C2F93F2F, 3E4FDF374B1A9E43A8F61FD2D79E0515390ECABFDAF72C4BD44A7B6429039AF6 ] C:\Windows\System32\netjoin.dll
20:01:06.0497 0x0d34  C:\Windows\System32\netjoin.dll - ok
20:01:06.0513 0x0d34  [ 50532FCD7ECF02DD169CE5C485F02534, 8EE5D9D0EA53DC72BCC300692E521ACADD56AB09BFA3E78149D8B5A90648512C ] C:\Windows\System32\negoexts.dll
20:01:06.0513 0x0d34  C:\Windows\System32\negoexts.dll - ok
20:01:06.0513 0x0d34  [ 8A8CB073A4B9F9D97CFA8CA9C1C851CE, 85A2C6378F65973F1825A7F4D2B0370C8C7F80675F3B594D49423B20E0805F5D ] C:\Windows\System32\kerberos.dll
20:01:06.0513 0x0d34  C:\Windows\System32\kerberos.dll - ok
20:01:06.0513 0x0d34  [ D9A61370B40ABAA9F509113504CD8425, 9C310313A3C37B17F9C2A0312A2150C3D787A153A5A1E3BF67DC743AD54576ED ] C:\Windows\System32\cryptsp.dll
20:01:06.0513 0x0d34  C:\Windows\System32\cryptsp.dll - ok
20:01:06.0513 0x0d34  [ 9A9F9F1A77D6A80EE28B57664F00013E, 0D441638E086EF1342FCDC43E826BF9E9CC6B2E8AE100D89BFC70163F987DE91 ] C:\Windows\System32\mswsock.dll
20:01:06.0513 0x0d34  C:\Windows\System32\mswsock.dll - ok
20:01:06.0529 0x0d34  [ EC7CBFF96B05ECF3D366355B3C64ADCF, F69ED45EBEDCA9CF000AC03281F0EC2C351F98513FBA90E63394E4E561D6C7A2 ] C:\Windows\System32\wship6.dll
20:01:06.0529 0x0d34  C:\Windows\System32\wship6.dll - ok
20:01:06.0529 0x0d34  [ 47C48C705F4F1EFC99B50B43AE4301FE, 286625CFD9B6CDE8050F8CDF9F3C1C58CD4B575082C88B8D0630CBA2D58D480D ] C:\Windows\System32\msv1_0.dll
20:01:06.0529 0x0d34  C:\Windows\System32\msv1_0.dll - ok
20:01:06.0529 0x0d34  [ E1BB958681BE311E7CFF06CFEC5F1F2B, C2FDFC6C7350788A07DCB99A6A54FB9A96A6A578013DF46D0E5094A3CBF6E862 ] C:\Windows\System32\atmfd.dll
20:01:06.0529 0x0d34  C:\Windows\System32\atmfd.dll - ok
20:01:06.0529 0x0d34  [ AA339DD8BB128EF66660DFBBB59043D3, 76D9F849AFDDA38E04549EB67B4163478776F1B6EF46434168278F84FEB8FC5C ] C:\Windows\System32\netlogon.dll
20:01:06.0529 0x0d34  C:\Windows\System32\netlogon.dll - ok
20:01:06.0544 0x0d34  [ 492D07D79E7024CA310867B526D9636D, F2FE647AB85C6C3C1AA3DF4BCE6E4D42B9676C9D837E11388C235AE8DB20044F ] C:\Windows\System32\dnsapi.dll
20:01:06.0544 0x0d34  C:\Windows\System32\dnsapi.dll - ok
20:01:06.0544 0x0d34  [ 8FFE297B8449386E7B6851458B6E474E, E149B37E11091D69D926242517E5655596594A6F01FEF06EB65D6BA5B354E326 ] C:\Windows\System32\logoncli.dll
20:01:06.0544 0x0d34  C:\Windows\System32\logoncli.dll - ok
20:01:06.0544 0x0d34  [ A71B81AC2C14ABA013CCF1225D9E3E36, A78F6A9D0952999553DC390C3E69B4B1AE41A2874B4B1CC077C248545B64A57D ] C:\Windows\System32\schannel.dll
20:01:06.0544 0x0d34  C:\Windows\System32\schannel.dll - ok
20:01:06.0544 0x0d34  [ 55F0CF40479A1FC89CFA578909A540F2, 376303A5CE17D52675D408D1F8AF12A18CBE82F0BD3433C29CC90EFA8268A512 ] C:\Windows\System32\wdigest.dll
20:01:06.0544 0x0d34  C:\Windows\System32\wdigest.dll - ok
20:01:06.0560 0x0d34  [ 5D8874A8C11DDDDE29E12DE0E2013493, 3E9A57137BF622AF83E3E4D58971E2C0200559CCA7545D16CF263AA03EE9C7D2 ] C:\Windows\System32\rsaenh.dll
20:01:06.0560 0x0d34  C:\Windows\System32\rsaenh.dll - ok
20:01:06.0560 0x0d34  [ DF30FC54FFF79BC744B22A4850A3CF92, 23BCBB950FA77AC5E74D5678DB53BE3CE1211BF77F6BE6D3B772D542EC5EF9CE ] C:\Windows\System32\TSpkg.dll
20:01:06.0560 0x0d34  C:\Windows\System32\TSpkg.dll - ok
20:01:06.0560 0x0d34  [ 1306E6A1BF4D506CD687DF9F947270F2, 3ED566F618D90BCCB3C76BA976911536FFC5631F7A6A91BF322628F8AAE498B4 ] C:\Windows\System32\pku2u.dll
20:01:06.0560 0x0d34  C:\Windows\System32\pku2u.dll - ok
20:01:06.0560 0x0d34  [ D6C7780A364C6BBACFA796BAB9F1B374, 3B5ED1A030BFD0BB73D4FFCD67A6A0B8501EF70293F223EFAA12F430ADF270F9 ] C:\Windows\System32\bcryptprimitives.dll
20:01:06.0560 0x0d34  C:\Windows\System32\bcryptprimitives.dll - ok
20:01:06.0575 0x0d34  [ 90BDEFC5DF334E5100EAA781D798DE1A, F48B650D811B6D57D2252E326C0C9CC74534BE9D510E7D3403F91D1C5C36281E ] C:\Windows\System32\efslsaext.dll
20:01:06.0575 0x0d34  C:\Windows\System32\efslsaext.dll - ok
20:01:06.0575 0x0d34  [ 336BA030AB7B05300CB0B5C6AFB27176, DC5C445D603EA4AD19D9F39656889E2C64726202C8C784EA0202D80B1FC7FB57 ] C:\Windows\System32\credssp.dll
20:01:06.0575 0x0d34  C:\Windows\System32\credssp.dll - ok
20:01:06.0575 0x0d34  [ 6CECA4C6A489C9B2E6073AFDAAE3F607, 127506D1DB38275614CBEB047C133718EF9D03266BA9C98BE55EC7847CFC9C3D ] C:\Windows\System32\netutils.dll
20:01:06.0575 0x0d34  C:\Windows\System32\netutils.dll - ok
20:01:06.0575 0x0d34  [ 7CC7DF5B654DA579613F811D8C637E29, 70EAC059C1ED814810C75DBB9F4D188428CB942FFD8869D692158D384EB6BB35 ] C:\Windows\System32\ubpm.dll
20:01:06.0575 0x0d34  C:\Windows\System32\ubpm.dll - ok
20:01:06.0591 0x0d34  [ ED78427259134C63ED69804D2132B86C, F6F51B8B35881ABCA5580ED111AAC80E466E6474ABAE31EC8BE46C23EDCA77B2 ] C:\Windows\System32\scecli.dll
20:01:06.0591 0x0d34  C:\Windows\System32\scecli.dll - ok
20:01:06.0591 0x0d34  [ C78655BC80301D76ED4FEF1C1EA40A7D, 93B2ED4004ED5F7F3039DD7ECBD22C7E4E24B6373B4D9EF8D6E45A179B13A5E8 ] C:\Windows\System32\svchost.exe
20:01:06.0591 0x0d34  C:\Windows\System32\svchost.exe - ok
20:01:06.0591 0x0d34  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] C:\Windows\System32\umpnpmgr.dll
20:01:06.0591 0x0d34  C:\Windows\System32\umpnpmgr.dll - ok
20:01:06.0591 0x0d34  [ E6EB44ABAAF1F330119F854856C53EBE, 77279972FFBFA984578DD4F17EB615F5D2D93590AF3A9FEFEFDB9128206C9887 ] C:\Windows\System32\SPInf.dll
20:01:06.0591 0x0d34  C:\Windows\System32\SPInf.dll - ok
20:01:06.0607 0x0d34  [ CD1B5AD07E5F7FEF30E055DCC9E96180, 63C58551F32B0B09377F64A6AE1FA81AF93B8A707A57A8C18722086906AD3046 ] C:\Windows\System32\devrtl.dll
20:01:06.0607 0x0d34  C:\Windows\System32\devrtl.dll - ok
20:01:06.0607 0x0d34  [ 7A17485DC7D8A7AC81321A42CD034519, 88D8705FA901793FC8C1CFD0175E49A6502BF0FC94A066BA573D2FD13AA5F04A ] C:\Windows\System32\userenv.dll
20:01:06.0607 0x0d34  C:\Windows\System32\userenv.dll - ok
20:01:06.0607 0x0d34  [ 9C9307C95671AC962F3D6EB3A4A89BAE, D1433791C9B8BCEEAD8937EC18D33E89E4E2012B5975228A8500FD141BC30078 ] C:\Windows\System32\gpapi.dll
20:01:06.0607 0x0d34  C:\Windows\System32\gpapi.dll - ok
20:01:06.0607 0x0d34  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] C:\Windows\System32\umpo.dll
20:01:06.0607 0x0d34  C:\Windows\System32\umpo.dll - ok
20:01:06.0622 0x0d34  [ F6C011B46FAEEF33536B2E80F48B5CBE, BDD149D3D6F9F6C8F6F34C311219BE5618CEEFBC7D35E37473A47F1D5D015067 ] C:\Windows\System32\pcwum.dll
20:01:06.0622 0x0d34  C:\Windows\System32\pcwum.dll - ok
20:01:06.0622 0x0d34  [ 716175021BDA290504CE434273F666BC, FA18CA2D8A5F4335E051E2933147D3C1E7308F7D446E2AEB6596CDEF6E2AFC88 ] C:\Windows\System32\powrprof.dll
20:01:06.0622 0x0d34  C:\Windows\System32\powrprof.dll - ok
20:01:06.0622 0x0d34  [ 2F442BAA7A739EDFB8CBF6BFBE8F5388, 3D32935DFEB0EA026F9824A78A7232C08C47FE13792AC1A212239B8103F98439 ] C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
20:01:06.0622 0x0d34  C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe - ok
20:01:06.0622 0x0d34  [ A2B0924D50F4435FD389499047CE553A, 8D16D5CAAD71AAAAA1479F8477D2928B66581C79932A49A21EDF93DB2803AB9C ] C:\Windows\SysWOW64\ntdll.dll
20:01:06.0622 0x0d34  C:\Windows\SysWOW64\ntdll.dll - ok
20:01:06.0638 0x0d34  [ 2A107B611C91CD256466C58C0D776E9D, 58EA4F6E0FE7EFB8D3024AE71EE16848C2A00BA5224C8054C80134F99D9A72AB ] C:\Windows\System32\wow64.dll
20:01:06.0638 0x0d34  C:\Windows\System32\wow64.dll - ok
20:01:06.0638 0x0d34  [ 7434E01FBCA3CB86539C39412A31D5E1, E40D5AEBB3A5D8F53C76E3FBF0C07B9C0227914C869F57622EA44A212383EE6D ] C:\Windows\System32\wow64win.dll
20:01:06.0638 0x0d34  C:\Windows\System32\wow64win.dll - ok
20:01:06.0638 0x0d34  [ 0F090A77E664CB0F70AB8D3B230B760C, A08EA0409B3BF88AB12792F721FA3A692BBE640DF2A06641E142843A7044EC5E ] C:\Windows\System32\wow64cpu.dll
20:01:06.0638 0x0d34  C:\Windows\System32\wow64cpu.dll - ok
20:01:06.0638 0x0d34  [ 76161B9D78A275F8F28DD67436013110, E4AE9648BDED9035D39DF20C3A6F453F67D49D7899038B21D88FFD4EFFCC4C08 ] C:\Windows\SysWOW64\kernel32.dll
20:01:06.0638 0x0d34  C:\Windows\SysWOW64\kernel32.dll - ok
20:01:06.0653 0x0d34  [ 461B713DE7F353C6447B744F1A049930, 3551C57128DAFA009C9DB3EE0D798D94B269D1605F74897566D7E79E5FDD437B ] C:\Windows\SysWOW64\KernelBase.dll
20:01:06.0653 0x0d34  C:\Windows\SysWOW64\KernelBase.dll - ok
20:01:06.0653 0x0d34  [ DDB9BCFF8CBF73638A15579FEC223229, A89D6AC3A25D32AEBA0A1203446A29412AC33BA942E2C0B6A056E65387D16910 ] C:\Program Files (x86)\IObit\Advanced SystemCare 8\rtl120.bpl
20:01:06.0653 0x0d34  C:\Program Files (x86)\IObit\Advanced SystemCare 8\rtl120.bpl - ok
20:01:06.0653 0x0d34  [ EDA54D2E17C0271D2CDA946ABE344110, 736432F2DB8DF42CAE9284AC279EF240E1F13C6ABED60112DCD7CBB70DB5D715 ] C:\Windows\SysWOW64\oleaut32.dll
20:01:06.0653 0x0d34  C:\Windows\SysWOW64\oleaut32.dll - ok
20:01:06.0653 0x0d34  [ 928CF7268086631F54C3D8E17238C6DD, F058FAFB04E7EBD5CADE9B48195B7AA7C3508F332A89F5E6E5F3F071E8CADD4A ] C:\Windows\SysWOW64\ole32.dll
20:01:06.0653 0x0d34  C:\Windows\SysWOW64\ole32.dll - ok
20:01:06.0669 0x0d34  [ 9DC80A8AAAAAC397BDAB3C67165A824E, 051636BFDFF7AB0E4191354E846BD0DACCA1A01FCC13C1AFED91D8DBFE17127A ] C:\Windows\SysWOW64\msvcrt.dll
20:01:06.0669 0x0d34  C:\Windows\SysWOW64\msvcrt.dll - ok
20:01:06.0669 0x0d34  [ 980305AC3AF53C1964A11190451ABB32, D0FE0845F9FB51B1F556E3A1D327F30603033A1FAFC17DFA3D5047B93C7D4D82 ] C:\Windows\SysWOW64\gdi32.dll
20:01:06.0669 0x0d34  C:\Windows\SysWOW64\gdi32.dll - ok
20:01:06.0669 0x0d34  [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3, 01EB95FA3943CF3C6B1A21E473A5C3CB9FCBCE46913B15C96CAC14E4F04075B4 ] C:\Windows\SysWOW64\user32.dll
20:01:06.0669 0x0d34  C:\Windows\SysWOW64\user32.dll - ok
20:01:06.0669 0x0d34  [ D67472125471784DE7147946EDA25FEB, F41960118F412B6CA5E80AE5E8DB9AECDD043A7DB34388FF57C6F9C5A0056F91 ] C:\Windows\SysWOW64\advapi32.dll
20:01:06.0669 0x0d34  C:\Windows\SysWOW64\advapi32.dll - ok
20:01:06.0685 0x0d34  [ CFC97F07904067A1E5FAE195D534DA3A, EB4D2D127312EB09E2ACCA3276779E80F90FAF77322684BABF72B8EC6E1F906C ] C:\Windows\SysWOW64\sechost.dll
20:01:06.0685 0x0d34  C:\Windows\SysWOW64\sechost.dll - ok
20:01:06.0685 0x0d34  [ D8BED6BA298DBAAF6F3D746739FCD333, 83A40845EC448943F4737B730F95860983919677D84922E44EED4BECDFA71A31 ] C:\Windows\SysWOW64\rpcrt4.dll
20:01:06.0685 0x0d34  C:\Windows\SysWOW64\rpcrt4.dll - ok
20:01:06.0685 0x0d34  [ 13E5B1CD503A4B21E9F0A2D55A00198B, F90F428A21CE553EBD7DBDEE695E8A68C5556D96B7CFC9020C6B057FE436772C ] C:\Windows\SysWOW64\sspicli.dll
20:01:06.0685 0x0d34  C:\Windows\SysWOW64\sspicli.dll - ok
20:01:06.0685 0x0d34  [ F08F6FCD09F9BE94C37ACC1B344685FF, DE48D766258B46EFEAB16579421C4BD97ACC6883F782D00E9857F4A0CE7E8A34 ] C:\Windows\SysWOW64\cryptbase.dll
20:01:06.0685 0x0d34  C:\Windows\SysWOW64\cryptbase.dll - ok
20:01:06.0700 0x0d34  [ CC23295DA8F7B5C53F93804D2F5D30EB, B290D96C40FBA934DE6CFF82D9BBA6780922CC5012C61599BD5006DAEDC82DDB ] C:\Windows\SysWOW64\lpk.dll
20:01:06.0700 0x0d34  C:\Windows\SysWOW64\lpk.dll - ok
20:01:06.0700 0x0d34  [ A5F833506BF6A1B5D693E1499DEE2444, 045874B7D37F49216E37D551076FF440E29DB5196564E714207DF753DF7FDDEE ] C:\Windows\SysWOW64\usp10.dll
20:01:06.0700 0x0d34  C:\Windows\SysWOW64\usp10.dll - ok
20:01:06.0700 0x0d34  [ 702254574E7E52052DE39408457B7149, 645CA9E88DA21C63710A04A0F54421018DF415A3D612112C71A255C49325C082 ] C:\Windows\SysWOW64\version.dll
20:01:06.0700 0x0d34  C:\Windows\SysWOW64\version.dll - ok
20:01:06.0700 0x0d34  [ E7B9D5FF20FFDD4AAE2EF1D1B8C27A37, 689D126B1B42140D5049015E3E324268E6542D4BC6CC14E31D8B89A25B94BAA5 ] C:\Windows\SysWOW64\imagehlp.dll
20:01:06.0700 0x0d34  C:\Windows\SysWOW64\imagehlp.dll - ok
20:01:06.0716 0x0d34  [ B9A8CBCFCD3EC9D2EA4740AF347BF108, 97FA304E3880BC863D999F441AE47CB8ADF00D2DEC2A52ACD8FBD02CC096786A ] C:\Windows\SysWOW64\mpr.dll
20:01:06.0716 0x0d34  C:\Windows\SysWOW64\mpr.dll - ok
20:01:06.0716 0x0d34  [ 7FF15A4F092CD4A96055BA69F903E3E9, 1B594E6D057C632ABB3A8CF838157369024BD6B9F515CA8E774B22FE71A11627 ] C:\Windows\SysWOW64\ws2_32.dll
20:01:06.0716 0x0d34  C:\Windows\SysWOW64\ws2_32.dll - ok
20:01:06.0716 0x0d34  [ DF13A51A5C591887D2EC6AE64CEED0FA, DFD503AEBCAA056B2B0E669ACA52F6D26F4E6892F2DCFCCD902752C23A621653 ] C:\Windows\SysWOW64\wsock32.dll
20:01:06.0716 0x0d34  C:\Windows\SysWOW64\wsock32.dll - ok
20:01:06.0716 0x0d34  [ 6377051C63D5552A311935C67E9FDFDC, 3FB82988AAB66813567E8DB951D4EE87F156201070F005FDBF52EF998A323E65 ] C:\Windows\SysWOW64\nsi.dll
20:01:06.0716 0x0d34  C:\Windows\SysWOW64\nsi.dll - ok
20:01:06.0731 0x0d34  [ 8E01332CC4B68BC6B5B7EFFE374442AA, A4AD1D2FD3EC2F26949DBBC388F9FFF3713AD7EB4E9220AF817EBB5223E467C6 ] C:\Windows\SysWOW64\oleacc.dll
20:01:06.0731 0x0d34  C:\Windows\SysWOW64\oleacc.dll - ok
20:01:06.0731 0x0d34  [ 18AB2E5A40064ED5F7791AC5946A90F3, B7536CE56702C23B1CEC3E1B6C78866E0A76808B85A92AF3733D9ED9429E004C ] C:\Windows\SysWOW64\msimg32.dll
20:01:06.0731 0x0d34  C:\Windows\SysWOW64\msimg32.dll - ok
20:01:06.0731 0x0d34  [ 8290E04F8A4D9594BFB53D520B677B8A, FD6DBD30286A28540C003796A4E30A5DFA5A6A94CDF65D2C720BDEA90124F993 ] C:\Program Files (x86)\IObit\Advanced SystemCare 8\vcl120.bpl
20:01:06.0731 0x0d34  C:\Program Files (x86)\IObit\Advanced SystemCare 8\vcl120.bpl - ok
20:01:06.0731 0x0d34  [ 75F5E1FE8D55CF8E577E0EC5F2290D3F, F4E2C81F0834018052A481AE8D7DF4780302A6844160CCDC09F7D82D3B992BDE ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll
20:01:06.0731 0x0d34  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll - ok
20:01:06.0747 0x0d34  [ 386BF6FD9FC562B1A5558C49E1C3A6FB, 6ED5A61C911845027D0A67B2473603D87E79DB88F0C0C699CBB2D1639C1DFDA5 ] C:\Windows\SysWOW64\shell32.dll
20:01:06.0747 0x0d34  C:\Windows\SysWOW64\shell32.dll - ok
20:01:06.0747 0x0d34  [ 8CC3C111D653E96F3EA1590891491D71, 1D326D7D116D76876EE2B14A5BFB7B4328E21DB9B5AAAB9CB67F8EFB93924230 ] C:\Windows\SysWOW64\shlwapi.dll
20:01:06.0747 0x0d34  C:\Windows\SysWOW64\shlwapi.dll - ok
20:01:06.0747 0x0d34  [ D1DE1EAFDE97BE41CF6585027FF3E732, 76F17D4DF440D6734DC8157092D94EB18C2A73A0A49BEEA289E7B3EDE30E86A2 ] C:\Windows\SysWOW64\comdlg32.dll
20:01:06.0747 0x0d34  C:\Windows\SysWOW64\comdlg32.dll - ok
20:01:06.0747 0x0d34  [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8, B1A9B2EF000917214C0198958CBD239D1D91B1720EC40DF041262A34D302AD74 ] C:\Windows\SysWOW64\winspool.drv
20:01:06.0747 0x0d34  C:\Windows\SysWOW64\winspool.drv - ok
20:01:06.0763 0x0d34  [ 936F728E04ACCF3F38801CFFCF1E3F40, 59CA86096F4B928E364B6A3C0408615F068BB8BC02DCFC5EAF4873EC6D6E0797 ] C:\Windows\SysWOW64\oledlg.dll
20:01:06.0763 0x0d34  C:\Windows\SysWOW64\oledlg.dll - ok
20:01:06.0763 0x0d34  [ C733D233B623B7FFCE5031E4B756EE26, 33CC8B140B0E4A9B702E3468BE2646AEE4273F20C6EA5BAC6C3D8FC8EDEF0881 ] C:\Windows\SysWOW64\profapi.dll
20:01:06.0763 0x0d34  C:\Windows\SysWOW64\profapi.dll - ok
20:01:06.0763 0x0d34  [ D15618A0FF8DBC2C5BF3726BACC75A0B, ADD81EA1D208907D67802F0E96EC0327BA89021F870BA22B9C7E3A19013A6AE7 ] C:\Windows\SysWOW64\userenv.dll
20:01:06.0763 0x0d34  C:\Windows\SysWOW64\userenv.dll - ok
20:01:06.0763 0x0d34  [ E2D95507E59BBBEEE0D21A6E0A06AEFF, E169BD7B68D86915B93567A603020D8AE7EF865035BDE422F8A4D533797B7B62 ] C:\Program Files (x86)\IObit\Advanced SystemCare 8\datastate.dll
20:01:06.0763 0x0d34  C:\Program Files (x86)\IObit\Advanced SystemCare 8\datastate.dll - ok
20:01:06.0778 0x0d34  [ D5AEFAD57C08349A4393D987DF7C715D, C36A45BC2448DF30CD17BD2F8A17FC196FAFB685612CACCEB22DC7B58515C201 ] C:\Windows\SysWOW64\winmm.dll
20:01:06.0778 0x0d34  C:\Windows\SysWOW64\winmm.dll - ok
20:01:06.0778 0x0d34  [ 6A6B2EE4565A178035BE2A4FF6F2C968, E2E231F1C2E2CE19583483ACC53318651FA7CA2DE46BCB89B4CBF97CA0525122 ] C:\Windows\SysWOW64\wtsapi32.dll
20:01:06.0778 0x0d34  C:\Windows\SysWOW64\wtsapi32.dll - ok
20:01:06.0778 0x0d34  [ A6F09E5669D9A19035F6D942CAA15882, 68C8AF0CC1923E3A7245392F2480EE665D265DF300A609D2540BF7C6D9C1A1BE ] C:\Windows\SysWOW64\imm32.dll
20:01:06.0778 0x0d34  C:\Windows\SysWOW64\imm32.dll - ok
20:01:06.0778 0x0d34  [ C9618BC9B2B0FD7C1138D8774795A79B, 0AC170669C2626519FA7A745C56BFBA6B83B8537488F5B9EB7BA72448E5E7A43 ] C:\Windows\SysWOW64\msctf.dll
20:01:06.0778 0x0d34  C:\Windows\SysWOW64\msctf.dll - ok
20:01:06.0794 0x0d34  [ 0C64A055835633ED0353CA358CEEB093, 6F91D2015BBDC876AED6409325C49E2B1FD695396FA64A986843276B04458756 ] C:\Program Files (x86)\IObit\Advanced SystemCare 8\HomepageSvc.dll
20:01:06.0794 0x0d34  C:\Program Files (x86)\IObit\Advanced SystemCare 8\HomepageSvc.dll - ok
20:01:06.0794 0x0d34  [ BB1522068EB80DAF4925D68881AB80E0, E8692F835193FD8454B6331C2F4F0CCF6D5A6A510CE3A5BE876FB41F6B5C72D5 ] C:\Program Files (x86)\IObit\Advanced SystemCare 8\sqlite3.dll
20:01:06.0794 0x0d34  C:\Program Files (x86)\IObit\Advanced SystemCare 8\sqlite3.dll - ok
20:01:06.0794 0x0d34  [ 29D80358B6EB7C1DDEA3D14B19437807, 8D2A235A7FA50E1548A075293A2B8D90518CC410D6524A31794724F03B06618D ] C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe
20:01:06.0794 0x0d34  C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe - ok
20:01:06.0794 0x0d34  [ 3FD15B4611D9BDA3F8013548C0ECAECA, B47A8D9985D9B71EB870816A0AB2B6403D394CCBDF7DE5378D5721D58D68D28D ] C:\Windows\SysWOW64\ntmarta.dll
20:01:06.0794 0x0d34  C:\Windows\SysWOW64\ntmarta.dll - ok
20:01:06.0809 0x0d34  [ A8BB45F9ECAD993461E0FEF8E2A99152, ACB756EA54E71F124D928829666B5B439785593877FF7C0C76ADCF954F4E6C94 ] C:\Windows\SysWOW64\Wldap32.dll
20:01:06.0809 0x0d34  C:\Windows\SysWOW64\Wldap32.dll - ok
20:01:06.0809 0x0d34  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] C:\Windows\System32\drivers\luafv.sys
20:01:06.0809 0x0d34  C:\Windows\System32\drivers\luafv.sys - ok
20:01:06.0809 0x0d34  [ 863F793D15B4026B1A5FDECA873D4D84, AF7ABD95BB5467551562F129F03C7AC9D52A021F7E547609F40A80E66932C942 ] C:\Windows\SysWOW64\apphelp.dll
20:01:06.0809 0x0d34  C:\Windows\SysWOW64\apphelp.dll - ok
20:01:06.0809 0x0d34  [ 45209F3E56FD3E1C68C50F68DECA08EE, 0BE28DDC2513A467203020C9F7A9E219451E618E840438BA12783BBCBD9C8819 ] C:\Program Files (x86)\IObit\Advanced SystemCare 8\Suo12_StartupManager.exe
20:01:06.0809 0x0d34  C:\Program Files (x86)\IObit\Advanced SystemCare 8\Suo12_StartupManager.exe - ok
20:01:06.0825 0x0d34  [ 352B3DC62A0D259A82A052238425C872, 393B24E0D6007C74AEE2FB2EE2C18623D37DF64E279B6767952DCFEE0EACBB10 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
20:01:06.0825 0x0d34  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
20:01:06.0825 0x0d34  [ ABF42AF66C50E3FBAD2280020360920E, 0F2FB1C117DE989AB615D673B09B5DACC1592ED895505F1880EAA09788E0E3E1 ] C:\Windows\System32\drivers\PSINAflt.sys
20:01:06.0825 0x0d34  C:\Windows\System32\drivers\PSINAflt.sys - ok
20:01:06.0825 0x0d34  [ 171F1C6F49142F2D1C174B817F46EC0F, 96F6B021CBEA2F0787A01E323EED626B380DAD13FC91EE4552F4DEEEC95DBD2C ] C:\Windows\System32\drivers\PSINProt.sys
20:01:06.0825 0x0d34  C:\Windows\System32\drivers\PSINProt.sys - ok
20:01:06.0825 0x0d34  [ 10FB16B50AFFDA6D44588F3C445DC273, 6CDA17DA9B44D11E69F7C6682FA633EA75731623BB21B429A0FE2086ED4495A7 ] C:\Windows\SysWOW64\setupapi.dll
20:01:06.0825 0x0d34  C:\Windows\SysWOW64\setupapi.dll - ok
20:01:06.0841 0x0d34  [ F436E847FA799ECD75AD8C313673F450, 3C8BF3F0C08C7FA8DE5CD9C60AD9D00B742E84EB1FEBEEBA0F7159844BAAA471 ] C:\Windows\SysWOW64\cfgmgr32.dll
20:01:06.0841 0x0d34  C:\Windows\SysWOW64\cfgmgr32.dll - ok
20:01:06.0841 0x0d34  [ 114CF6C8F5897162DFC00A7C920DDF16, CEBD61BFB33DE3543FCBB3C52A44ABBA24AD531E9DA1CEF6C768C27E7D6C087D ] C:\Program Files (x86)\IObit\Advanced SystemCare 8\madexcept_.bpl
20:01:06.0841 0x0d34  C:\Program Files (x86)\IObit\Advanced SystemCare 8\madexcept_.bpl - ok
20:01:06.0841 0x0d34  [ 2EEFF4502F5E13B1BED4A04CCAD64C08, 209FF1B6D46D1AC99518FCF54F2F726143B2DBF2C5FDA90212FBEF7526F7CBF5 ] C:\Windows\SysWOW64\devobj.dll
20:01:06.0841 0x0d34  C:\Windows\SysWOW64\devobj.dll - ok
20:01:06.0841 0x0d34  [ FF5688D309347F2720911D8796912834, 3B0D73C50D40A6F42629B7750F99F656BF5C1C50237D5F98B6C0F2CE5E2DA359 ] C:\Windows\SysWOW64\clbcatq.dll
20:01:06.0841 0x0d34  C:\Windows\SysWOW64\clbcatq.dll - ok
20:01:06.0856 0x0d34  [ F58732600FC92413A8B2451FEC5B2FC9, 5869D4CC5A740AE0B2F12E3021433C06A0EC26F1AC7F491C174A6E27B88433CA ] C:\Program Files (x86)\IObit\Advanced SystemCare 8\madbasic_.bpl
20:01:06.0856 0x0d34  C:\Program Files (x86)\IObit\Advanced SystemCare 8\madbasic_.bpl - ok
20:01:06.0856 0x0d34  [ 8838B1D35DA190061890A8FED8596EAE, 1975C044E5422DD5164CB0152AA28BF7F1FFBCD6116952306F2634B9716A99A4 ] C:\Program Files (x86)\IObit\Advanced SystemCare 8\maddisAsm_.bpl
20:01:06.0856 0x0d34  C:\Program Files (x86)\IObit\Advanced SystemCare 8\maddisAsm_.bpl - ok
20:01:06.0856 0x0d34  [ 2FCA0D2C59A855C54BAFA22AA329DF0F, ED9D26F539065D62FCCEDEEC8E509B30F4D15F8DA586C1F657ACEFE9DABAACD0 ] C:\Windows\SysWOW64\netapi32.dll
20:01:06.0856 0x0d34  C:\Windows\SysWOW64\netapi32.dll - ok
20:01:06.0872 0x0d34  [ 12C45E3CB6D65F73209549E2D02ECA7A, 9DFD9C58B90257C34D52B7156C1D2566BE32EE7BD4699DDE164A5F190EC4D44A ] C:\Windows\SysWOW64\propsys.dll
20:01:06.0872 0x0d34  C:\Windows\SysWOW64\propsys.dll - ok
20:01:06.0872 0x0d34  [ 20B3934DB73EABA2B49B7177873CB81F, 492EAC5C51472B43DE11825358AEC4B9E3A081DACFD7513C696D6FE40F302EE5 ] C:\Windows\SysWOW64\netutils.dll
20:01:06.0872 0x0d34  C:\Windows\SysWOW64\netutils.dll - ok
20:01:06.0872 0x0d34  [ 5CCDCD40E732D54E0F7451AC66AC1C87, 66F4DA105BD72E41250CD59E2B3CD931B47AC9FDB6C784B9E33C5EE1AC29841F ] C:\Windows\SysWOW64\srvcli.dll
20:01:06.0872 0x0d34  C:\Windows\SysWOW64\srvcli.dll - ok
20:01:06.0872 0x0d34  [ E5A4A1326A02F8E7B59E6C3270CE7202, DCB76016F9AC47E631540874DA208A089F9D529DA9628705A2869B954526BFE0 ] C:\Windows\SysWOW64\wkscli.dll
20:01:06.0872 0x0d34  C:\Windows\SysWOW64\wkscli.dll - ok
20:01:06.0887 0x0d34  [ 68ECCA523ED760AAFC03C5D587569859, CDD734279C8F9F24EA2538BAD8E91EB8C3DD74C33032DB6B2D85C19576B42707 ] C:\Windows\SysWOW64\samcli.dll
20:01:06.0887 0x0d34  C:\Windows\SysWOW64\samcli.dll - ok
20:01:06.0887 0x0d34  [ C76B8E74F900E083712ADC5B597A05C3, D3EE486DBD31554EE93CAB91A1D4C9C4A99E18FC1602DA92ECDF3E116D2B6A64 ] C:\Program Files (x86)\IObit\Advanced SystemCare 8\taskmgr.dll
20:01:06.0887 0x0d34  C:\Program Files (x86)\IObit\Advanced SystemCare 8\taskmgr.dll - ok
20:01:06.0887 0x0d34  [ BD4254B0C5BFB133B032885CDC1F32EE, 6CE78914D897DC885F99C8128B86A687045873D1D6B7DBD8BD71CA53F5013503 ] C:\Program Files (x86)\IObit\Advanced SystemCare 8\vclx120.bpl
20:01:06.0887 0x0d34  C:\Program Files (x86)\IObit\Advanced SystemCare 8\vclx120.bpl - ok
20:01:06.0887 0x0d34  [ EE19C85CA685A275BE346EC41F1870F9, F071D88C38C62E9D88DDE29F451B2B581499758A7E60BDA6DED3376280C5A635 ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18455_none_72d576ad8665e853\GdiPlus.dll
20:01:06.0887 0x0d34  C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18455_none_72d576ad8665e853\GdiPlus.dll - ok
20:01:06.0903 0x0d34  [ A543AC1F7138376D778D630A35FCBC4C, 2D824C66A97FC8C39DAFA397CC47495B712D175EEF393486946DA8936BDD466A ] C:\Windows\SysWOW64\psapi.dll
20:01:06.0903 0x0d34  C:\Windows\SysWOW64\psapi.dll - ok
20:01:06.0903 0x0d34  [ CA43F8904E24BBE49982E4C0B29E6579, 2E3E6D02980706061C478C1643F8838310DDAC573C8722AE7F3290CE36B02CB2 ] C:\Windows\System32\drivers\mbam.sys
20:01:06.0903 0x0d34  C:\Windows\System32\drivers\mbam.sys - ok
20:01:06.0903 0x0d34  [ 54C28488E5F038B29E2D80DBFC910666, 5386D279375DC737E3E3FBE6576B8C97D2346ED98061CBA1982C09832FDF9E78 ] C:\Windows\System32\drivers\PSINFile.sys
20:01:06.0903 0x0d34  C:\Windows\System32\drivers\PSINFile.sys - ok
20:01:06.0903 0x0d34  [ ED6B1CDE5B178B057F64B2AF682EB45A, BDD46380BF51A48982E81F1D5EDAC2D9B16D2C03E886144279F4505ADA247EE2 ] C:\Windows\System32\drivers\PSINProc.sys
20:01:06.0903 0x0d34  C:\Windows\System32\drivers\PSINProc.sys - ok
20:01:06.0919 0x0d34  [ 6A19A5665FBE15D63046B20BB0BFD7AB, 45EBDAD1E5CF5747EB5600F74969123428094E7FAC68CAE29AF02E31FFC3FB8D ] C:\Windows\System32\drivers\PSINReg.sys
20:01:06.0919 0x0d34  C:\Windows\System32\drivers\PSINReg.sys - ok
20:01:06.0919 0x0d34  [ 3B4838E822BC9230E2012BB74E103F15, 36CC38134B17BEE77FEF5A41151FECF971C120298934964E7809E39B6CF8FAE1 ] C:\Windows\System32\nvvsvc.exe
20:01:06.0919 0x0d34  C:\Windows\System32\nvvsvc.exe - ok
20:01:06.0919 0x0d34  [ BD3674BE7FC9D8D3732C83E8499576ED, E6716A5895D629263A4D21959F48840429AB6F4B55A5FA2663EE5E86C9CA2BF1 ] C:\Windows\System32\wtsapi32.dll
20:01:06.0919 0x0d34  C:\Windows\System32\wtsapi32.dll - ok
20:01:06.0919 0x0d34  [ 5959157FAA8795463C057BFBA23F1EBF, 910C0DD7D08248FF4FD80CBA17E3439AA76F7E05510B4B01880B3279B6215B61 ] C:\Windows\System32\nvwmi64.exe
20:01:06.0919 0x0d34  C:\Windows\System32\nvwmi64.exe - ok
20:01:06.0934 0x0d34  [ 94E026870A55AAEAFF7853C1754091E9, B2F5D5629D12BDFA98DBED3898368F37D9009C7531B6909C7285A2C11C9A0F93 ] C:\Windows\System32\version.dll
20:01:06.0934 0x0d34  C:\Windows\System32\version.dll - ok
20:01:06.0934 0x0d34  [ FA43D418BC945D27D0625B697B8442B5, 035DE0FEA440D2E3AD255EE84B388DDA538E778877033FDB54B8A61BB0AADE56 ] C:\Windows\System32\cabinet.dll
20:01:06.0934 0x0d34  C:\Windows\System32\cabinet.dll - ok
20:01:06.0934 0x0d34  [ 43C808869A35C7E7A595E569BB6677FE, C55391261E638DCCAAE1085510C4C736A1E719628B010851E1A6C9E724B43D7B ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:01:06.0934 0x0d34  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe - ok
20:01:06.0934 0x0d34  [ 419C267FA1E12A245BD98E60A5D60243, 085A03F445FB539F7ED0AC0CCCD9C754B521E474311A5CF60308EA1003A26E16 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstres.dll
20:01:06.0934 0x0d34  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstres.dll - ok
20:01:06.0950 0x0d34  [ D4495594D32CCF3C760303D7496E5880, CF75ADE81503528CFBC9DE1A0A179882F1A1F215476D5BA2C63C2FA9BD8914E2 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvwl.dll
20:01:06.0950 0x0d34  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvwl.dll - ok
20:01:06.0950 0x0d34  [ E365C7B3EBB96451D3C9DF6B6B6900C2, 8A3C9B274969EC65BA9B968AA6910216464320A5D0D3A7E4E24B43A746D4728A ] C:\Windows\SysWOW64\wintrust.dll
20:01:06.0950 0x0d34  C:\Windows\SysWOW64\wintrust.dll - ok
20:01:06.0950 0x0d34  [ 454BF1E3B844306E764ADC0EA7B6E64C, 5E46DEBF75EEEF03410CA8B9C52E2577A19313104EBB7A7DE8656519285C2C36 ] C:\Windows\SysWOW64\crypt32.dll
20:01:06.0950 0x0d34  C:\Windows\SysWOW64\crypt32.dll - ok
20:01:06.0965 0x0d34  [ 938F39B50BAFE13D6F58C7790682C010, 902000EE51EFEABAF6A4B30F880AA37083D2232C6FC622CA513C4A823390FEDA ] C:\Windows\SysWOW64\msasn1.dll
20:01:06.0965 0x0d34  C:\Windows\SysWOW64\msasn1.dll - ok
20:01:06.0965 0x0d34  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] C:\Windows\System32\rpcss.dll
20:01:06.0965 0x0d34  C:\Windows\System32\rpcss.dll - ok
20:01:06.0965 0x0d34  [ 162D247E995EAEBF3EF4289069E1111C, 19E858E9902E2D570FFD24AE2CB4165273F5BAB1FF7B04758B11AB5CD41FD752 ] C:\Windows\SysWOW64\devrtl.dll
20:01:06.0965 0x0d34  C:\Windows\SysWOW64\devrtl.dll - ok
20:01:06.0965 0x0d34  [ 4BDBBE5E4208022DD794F7EEEB0F7366, 4F69BA2EDABFA63A300B9F1880349EFAE185B899DD5C561E7B3BA6AAA4B22D6A ] C:\Windows\SysWOW64\SPInf.dll
20:01:06.0965 0x0d34  C:\Windows\SysWOW64\SPInf.dll - ok
20:01:06.0981 0x0d34  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] C:\Windows\System32\RpcEpMap.dll
20:01:06.0981 0x0d34  C:\Windows\System32\RpcEpMap.dll - ok
20:01:06.0981 0x0d34  [ 31559F3244C6BC00A52030CAA83B6B91, B2025742B5F0025ACE9821D5722DE3F997EEEAB21D2F381C9E307882DF422579 ] C:\Windows\System32\WSHTCPIP.DLL
20:01:06.0981 0x0d34  C:\Windows\System32\WSHTCPIP.DLL - ok
20:01:06.0981 0x0d34  [ 16E964ABF6D1E0F0CC7822FCA9BA754D, 0E461387ACFD641DA22EE542A3C68AF5F7D3A7F967D974E3B198143D461ABE39 ] C:\Windows\System32\wshqos.dll
20:01:06.0981 0x0d34  C:\Windows\System32\wshqos.dll - ok
20:01:06.0981 0x0d34  [ 9AD9E06F8656F296D91FAE8EE5B95A27, 53384747D5864D699BCC4F48E0A5E656430EDAA65DCDAB4B11EA68FC7106459E ] C:\Windows\System32\FirewallAPI.dll
20:01:06.0981 0x0d34  C:\Windows\System32\FirewallAPI.dll - ok
20:01:06.0997 0x0d34  [ 715F03B4C7223349768013EA95D9E5B7, 09AB0535A54C2E2962F0FD06988D99060F8CECA39B07AC00A63204C773B95893 ] C:\Windows\System32\LogonUI.exe
20:01:06.0997 0x0d34  C:\Windows\System32\LogonUI.exe - ok
20:01:06.0997 0x0d34  [ 5DFFC12BF7DB53BDB401804A3C3A475E, DEACB4BFF904AD77389A8326BFCF12A490E1A7A10B68049D253552F1FC630FA3 ] C:\Windows\System32\authui.dll
20:01:06.0997 0x0d34  C:\Windows\System32\authui.dll - ok
20:01:06.0997 0x0d34  [ 6011714C8C5C55CBFFAD24D61E879FBD, 75D615082A1C71C6ED3ABB49EDAF660EE538D112CF79B9C8AF0A583D1CE1BBB0 ] C:\Windows\System32\wevtsvc.dll
20:01:06.0997 0x0d34  C:\Windows\System32\wevtsvc.dll - ok
20:01:06.0997 0x0d34  [ 81A2008198A6E450E4BC7EF361154C8A, E9976934EBCD36B08BDE4210062227BF491AE29D16ADD98D2C765DFCBCCC7F7F ] C:\Windows\System32\cryptui.dll
20:01:06.0997 0x0d34  C:\Windows\System32\cryptui.dll - ok
20:01:07.0012 0x0d34  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] C:\Windows\System32\audiosrv.dll
20:01:07.0012 0x0d34  C:\Windows\System32\audiosrv.dll - ok
20:01:07.0012 0x0d34  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] C:\Windows\System32\mmcss.dll
20:01:07.0012 0x0d34  C:\Windows\System32\mmcss.dll - ok
20:01:07.0012 0x0d34  [ 78A1E65207484B7F8D3217507745F47C, 35F413ADB9D157F3666DD15DD58104D629CD9143198A1AB914B73A4A3C9903DD ] C:\Windows\System32\avrt.dll
20:01:07.0012 0x0d34  C:\Windows\System32\avrt.dll - ok
20:01:07.0012 0x0d34  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] C:\Windows\System32\profsvc.dll
20:01:07.0012 0x0d34  C:\Windows\System32\profsvc.dll - ok
20:01:07.0012 0x0d34  [ 58F87BF5659C8EBC61EB439C916F2F9A, FA242E44E7657D07C4D2A2C3808D860AFB53CDF81AFF5B1CE7F88A13BF02CE0A ] C:\Windows\System32\adtschema.dll
20:01:07.0012 0x0d34  C:\Windows\System32\adtschema.dll - ok
20:01:07.0028 0x0d34  [ FD67683FBA9B2C4BB551780BD8846F64, 4BB7C956EA8D2CE63F5BF80FAE652F98416A7635202AEE04FC8D81000E6363DF ] C:\Windows\SysWOW64\winsta.dll
20:01:07.0028 0x0d34  C:\Windows\SysWOW64\winsta.dll - ok
20:01:07.0028 0x0d34  [ 227E2C382A1E02F8D4965E664D3BBE43, 1CFF20A8BF87ACE4FA4935EBEED72BFB1A1FE902A754899E2F50798D67DF5642 ] C:\Windows\System32\MMDevAPI.dll
20:01:07.0028 0x0d34  C:\Windows\System32\MMDevAPI.dll - ok
20:01:07.0028 0x0d34  [ 4E9C2DB10F7E6AE91BF761139D4B745B, 8F63F78294F5585D599A114AF449DCC447CCB239D0F0B490BFE6B34A2146E730 ] C:\Windows\System32\shacct.dll
20:01:07.0028 0x0d34  C:\Windows\System32\shacct.dll - ok
20:01:07.0043 0x0d34  [ 5B3EBFC3DA142324B388DDCC4465E1FF, 5D58642305311F9BC9B779C9598BFC4E7433B3EA58404BF1FF9466838A2328C7 ] C:\Windows\System32\samlib.dll
20:01:07.0043 0x0d34  C:\Windows\System32\samlib.dll - ok
20:01:07.0043 0x0d34  [ F06BB4E336EA57511FDBAFAFCC47DE62, BE43EC62548E9FF89A9495A1722E22DBB76EEC3764F86E64057B636F27D15765 ] C:\Windows\System32\propsys.dll
20:01:07.0043 0x0d34  C:\Windows\System32\propsys.dll - ok
20:01:07.0043 0x0d34  [ 50544D04AD845C43130B70212EC05CCD, B2E6B558DE7D273512226685FF53ED17C9B4BF81B739FBCA5D3FC82DF8D2BCF7 ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
20:01:07.0043 0x0d34  C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
20:01:07.0043 0x0d34  [ B1DF2D87DC8BF6072699AC8301B37796, D5A6FD1EDB627324DFA1A0555F1777A3313EF29DDE29982C3CE59DAF1ED0D105 ] C:\Windows\System32\WUDFPlatform.dll
20:01:07.0043 0x0d34  C:\Windows\System32\WUDFPlatform.dll - ok
20:01:07.0059 0x0d34  [ D29E998E8277666982B4F0303BF4E7AF, 4F19AB5DC173E278EBE45832F6CEAA40E2DF6A2EDDC81B2828122442FE5D376C ] C:\Windows\System32\uxtheme.dll
20:01:07.0059 0x0d34  C:\Windows\System32\uxtheme.dll - ok
20:01:07.0059 0x0d34  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] C:\Windows\System32\termsrv.dll
20:01:07.0059 0x0d34  C:\Windows\System32\termsrv.dll - ok
20:01:07.0059 0x0d34  [ A9A87481B1A6589898C1DAB37C03E4AB, 803DB46E9FEE4E45B63A13A8CE3E589D7498532B8A7D8C3424E210E6A9AAC61F ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18455_none_2b283fd671e9bf4d\GdiPlus.dll
20:01:07.0059 0x0d34  C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18455_none_2b283fd671e9bf4d\GdiPlus.dll - ok
20:01:07.0059 0x0d34  [ D5CCA1453B98A5801E6D5FF0FF89DC6C, 85F2C2480AAC31B6092187B431A562D79D4CFB1324F925C85055ABAB2483264B ] C:\Windows\System32\audiodg.exe
20:01:07.0059 0x0d34  C:\Windows\System32\audiodg.exe - ok
20:01:07.0075 0x0d34  [ FE05D03B73000CFF476E1D29109F3A84, 7880B025413338A7B114BECB5DC67605FC7A97142C26FD12F765A64A21805842 ] C:\Program Files\Windows Defender\MpEvMsg.dll
20:01:07.0075 0x0d34  C:\Program Files\Windows Defender\MpEvMsg.dll - ok
20:01:07.0075 0x0d34  [ 1F4492FE41767CDB8B89D17655847CDD, 184547FAC0C3D7148FAA3F601929A7089DE393BD19929A137DAD743331DD3F77 ] C:\Windows\System32\ntmarta.dll
20:01:07.0075 0x0d34  C:\Windows\System32\ntmarta.dll - ok
20:01:07.0075 0x0d34  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] C:\Windows\System32\gpsvc.dll
20:01:07.0075 0x0d34  C:\Windows\System32\gpsvc.dll - ok
20:01:07.0075 0x0d34  [ 58775492FFD419248B08325E583C527F, DBB013971F5894F25C222C2D4D50A29DB6DF3C413792EE9CCC1A9E6D85469093 ] C:\Windows\System32\atl.dll
20:01:07.0075 0x0d34  C:\Windows\System32\atl.dll - ok
20:01:07.0090 0x0d34  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] C:\Windows\System32\themeservice.dll
20:01:07.0090 0x0d34  C:\Windows\System32\themeservice.dll - ok
20:01:07.0090 0x0d34  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] C:\Windows\System32\drivers\fltMgr.sys
20:01:07.0090 0x0d34  C:\Windows\System32\drivers\fltMgr.sys - ok
20:01:07.0090 0x0d34  [ 3CB6A7286422C72C34DAB54A5DFF1A34, 98D21EFFF511E407336A226420701E82554DA01FA05661303836B6860D63749D ] C:\Windows\System32\dui70.dll
20:01:07.0090 0x0d34  C:\Windows\System32\dui70.dll - ok
20:01:07.0090 0x0d34  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] C:\Windows\System32\es.dll
20:01:07.0090 0x0d34  C:\Windows\System32\es.dll - ok
20:01:07.0106 0x0d34  [ A3DB3C17EE6CAE65D53602B4E80BCCBC, D802A7C6161F937DC42A6E45FE1BB2C8272819F92C294C180EBCDF8FF72CBFDC ] C:\Windows\System32\PSHED.DLL
20:01:07.0106 0x0d34  C:\Windows\System32\PSHED.DLL - ok
20:01:07.0106 0x0d34  [ 46BB91A169B9B31FF44EB04C48EC1D41, 8115B533D3A5BE07633FA54FA8847E3DEC00C5BEB193CF2FBE88428D23E2B3D6 ] C:\Windows\System32\nlaapi.dll
20:01:07.0106 0x0d34  C:\Windows\System32\nlaapi.dll - ok
20:01:07.0106 0x0d34  [ 1A47D52E303B7543E4E6026595B95422, C577CD3837546A7CED5D2E8E97FA2EDACA133B4A8595770EF96CAE519BFE280F ] C:\Windows\System32\comres.dll
20:01:07.0106 0x0d34  C:\Windows\System32\comres.dll - ok
20:01:07.0106 0x0d34  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] C:\Windows\System32\Sens.dll
20:01:07.0106 0x0d34  C:\Windows\System32\Sens.dll - ok
20:01:07.0121 0x0d34  [ A77BE7CB3222B4FB0AC6C71D1C2698D4, 73566223914BF670DF6B5931FA213E546713531B10391ED65B5256BBD7ABDE7F ] C:\Windows\System32\dsrole.dll
20:01:07.0121 0x0d34  C:\Windows\System32\dsrole.dll - ok
20:01:07.0121 0x0d34  [ BE097F5BB10F9079FCEB2DC4E7E20F02, 90A88986C8C5F30FB153EC803FEDA6572B2C2630A6C9578FCC017800692694D5 ] C:\Windows\System32\slc.dll
20:01:07.0121 0x0d34  C:\Windows\System32\slc.dll - ok
20:01:07.0121 0x0d34  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] C:\Windows\System32\uxsms.dll
20:01:07.0121 0x0d34  C:\Windows\System32\uxsms.dll - ok
20:01:07.0121 0x0d34  [ 8CCDE014A4CDF84564E03ACE064CA753, DD663029B2EB7B12FDB00FCE403D8326141E540E3B9CE84CD5871473D3E2E2CF ] C:\Windows\System32\duser.dll
20:01:07.0121 0x0d34  C:\Windows\System32\duser.dll - ok
20:01:07.0121 0x0d34  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] C:\Windows\System32\drivers\lltdio.sys
20:01:07.0121 0x0d34  C:\Windows\System32\drivers\lltdio.sys - ok
20:01:07.0137 0x0d34  [ D7F1EF374A90709B31591823B002F918, 05FD2837C9B03D14BB2A969C1AD77CAEF047D93DC5D0F6C2ACBF0888E8F7B359 ] C:\Windows\System32\SndVolSSO.dll
20:01:07.0137 0x0d34  C:\Windows\System32\SndVolSSO.dll - ok
20:01:07.0137 0x0d34  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] C:\Windows\System32\drivers\rspndr.sys
20:01:07.0137 0x0d34  C:\Windows\System32\drivers\rspndr.sys - ok
20:01:07.0137 0x0d34  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] C:\Windows\System32\nsisvc.dll
20:01:07.0137 0x0d34  C:\Windows\System32\nsisvc.dll - ok
20:01:07.0137 0x0d34  [ 896F15A6434D93EDB42519D5E18E6B50, 9263F0CEC58D45EBE3FB9C3061FB9392C55A7933B84B4592E6EE13CFC86D5A50 ] C:\Windows\System32\hid.dll
20:01:07.0137 0x0d34  C:\Windows\System32\hid.dll - ok
20:01:07.0153 0x0d34  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] C:\Windows\System32\dhcpcore.dll
20:01:07.0153 0x0d34  C:\Windows\System32\dhcpcore.dll - ok
20:01:07.0153 0x0d34  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] C:\Windows\System32\dnsrslvr.dll
20:01:07.0153 0x0d34  C:\Windows\System32\dnsrslvr.dll - ok
20:01:07.0153 0x0d34  [ 4C9210E8F4E052F6A4EB87716DA0C24C, 460F7990BDADB7D58D6DC95B094D30A2EFDC4CEED444B18A2F36E8D9076FB8B9 ] C:\Windows\System32\winnsi.dll
20:01:07.0153 0x0d34  C:\Windows\System32\winnsi.dll - ok
20:01:07.0153 0x0d34  [ D07EB640618F96490DB88C3CE58DB608, 0C553971259632031E6856A94EEB937D571627FC7CF061CCFC040F4BF0CFF259 ] C:\Windows\System32\FWPUCLNT.DLL
20:01:07.0153 0x0d34  C:\Windows\System32\FWPUCLNT.DLL - ok
20:01:07.0168 0x0d34  [ 3CC16A849E6092E43909F48EF0E60306, 610B576654A69415E4F2FEDB6BA384C77715944E4F89BD2821B311968CA8D810 ] C:\Windows\System32\dhcpcore6.dll
20:01:07.0168 0x0d34  C:\Windows\System32\dhcpcore6.dll - ok
20:01:07.0168 0x0d34  [ DA1B7075260F3872585BFCDD668C648B, 3E10EF6E1A5C341B478322CB78A0AB7BFC70AD8023779B8B4542A7CB4CA756AB ] C:\Windows\System32\dwmapi.dll
20:01:07.0168 0x0d34  C:\Windows\System32\dwmapi.dll - ok
20:01:07.0168 0x0d34  [ 6F8B48F3D343E4B186AB6A9E302B7E16, 54DB52FC56509E61DF68BD251B3286E6CBE1A91D9BC4D950940A61FE2DA04DF8 ] C:\Windows\System32\xmllite.dll
20:01:07.0168 0x0d34  C:\Windows\System32\xmllite.dll - ok
20:01:07.0168 0x0d34  [ 885D0942E0F28DB90919BE3129ECF279, 5A10D90EE656ECE3DCA174D6F924641509819FC20CB6EF46B5E1723E52DE85BE ] C:\Windows\System32\dnsext.dll
20:01:07.0168 0x0d34  C:\Windows\System32\dnsext.dll - ok
20:01:07.0184 0x0d34  [ 2B81776DA02017A37FE26C662827470E, A656353C50EE08422145D00DB9CFD9F6D3E664753B3C454B171E2A56A8AA94DC ] C:\Windows\System32\IPHLPAPI.DLL
20:01:07.0184 0x0d34  C:\Windows\System32\IPHLPAPI.DLL - ok
20:01:07.0184 0x0d34  [ F568F7C08458D69E4FCD8675BBB107E4, A5FA25ECF248999A68CCECFBB508BFA1ADD18A23E20A9A9081A87C41CAAA36C0 ] C:\Windows\System32\dhcpcsvc.dll
20:01:07.0184 0x0d34  C:\Windows\System32\dhcpcsvc.dll - ok
20:01:07.0184 0x0d34  [ B0945E538CF906BBDDC5A11C8EE868CC, 5F3459F6512918835F7C9400905EC7C1FAEAA7114E0D28C522040C359E3B93F7 ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
20:01:07.0184 0x0d34  C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
20:01:07.0199 0x0d34  [ 3C06D5A929B798D0B13F6481242A0FD2, CE6127A31AB09E21A912CA16E4BDF663E9D05C254CCF9090A8B5A9A2E055EFF3 ] C:\Windows\System32\dhcpcsvc6.dll
20:01:07.0199 0x0d34  C:\Windows\System32\dhcpcsvc6.dll - ok
20:01:07.0199 0x0d34  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] C:\Windows\System32\shsvcs.dll
20:01:07.0199 0x0d34  C:\Windows\System32\shsvcs.dll - ok
20:01:07.0199 0x0d34  [ D1659C9F150D308F99C839D50F6809BF, 7CA160E5D4372FE47032956A506A73CFBAF60B73AC11133F2A47870D33B1DD60 ] C:\Windows\System32\WindowsCodecs.dll
20:01:07.0199 0x0d34  C:\Windows\System32\WindowsCodecs.dll - ok
20:01:07.0199 0x0d34  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] C:\Windows\System32\schedsvc.dll
20:01:07.0199 0x0d34  C:\Windows\System32\schedsvc.dll - ok
20:01:07.0215 0x0d34  [ 945E54F23C72D37B8CD1987AF0DB63BF, C2B217C94DBCA0A31ED834B9D492B53B25B235DDD02B1D1200E76609D32772EA ] C:\Windows\System32\fveapi.dll
20:01:07.0215 0x0d34  C:\Windows\System32\fveapi.dll - ok
20:01:07.0215 0x0d34  [ 694865362F0965779F92BCFE97712323, 825EB75E37AFE9B738869FB5D95020D4F44AD419C2F6C5A658F82A5242FDEF6C ] C:\Windows\System32\tbs.dll
20:01:07.0215 0x0d34  C:\Windows\System32\tbs.dll - ok
20:01:07.0215 0x0d34  [ 891ECFD08E2C538B7948CBC45106D697, 628D0D618FF3A70E9FBE3B2C7206C9365ED2297784A5F10FFA05BD2C56657013 ] C:\Windows\System32\fvecerts.dll
20:01:07.0215 0x0d34  C:\Windows\System32\fvecerts.dll - ok
20:01:07.0215 0x0d34  [ EEEA40F0EDB0A6E5359E539E15D0BC77, BFCBF777239C29C6AC4BC5B59591308571647B7C7FDB5571903F7403DD241E8E ] C:\Windows\System32\netapi32.dll
20:01:07.0215 0x0d34  C:\Windows\System32\netapi32.dll - ok
20:01:07.0231 0x0d34  [ BC414631876B2F28B8DAB08E849C12C5, 5973654AA3E90E6B699B0A43F645B893D95BAA803129B6967D746C8239AB26E3 ] C:\Windows\System32\ktmw32.dll
20:01:07.0231 0x0d34  C:\Windows\System32\ktmw32.dll - ok
20:01:07.0231 0x0d34  [ 8269210DAF3B12BC8300631B28A2A442, EABEB792C2EA8D4A1A7B13281CF557C194D5667AE0BA2A2D5664908D8269113D ] C:\Windows\System32\wiarpc.dll
20:01:07.0231 0x0d34  C:\Windows\System32\wiarpc.dll - ok
20:01:07.0231 0x0d34  [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D, 19959D18601712901F03B83150D15E34EBCAB355BB4692C9A28511A72F57FC66 ] C:\Windows\System32\winbrand.dll
20:01:07.0231 0x0d34  C:\Windows\System32\winbrand.dll - ok
20:01:07.0231 0x0d34  [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7, 4BC5A1279885EEFBEB27333AF719622A5FCDD9606697692C1978E434CE264D80 ] C:\Windows\System32\taskcomp.dll
20:01:07.0231 0x0d34  C:\Windows\System32\taskcomp.dll - ok
20:01:07.0246 0x0d34  [ C2762A57DF0EE85E63CE4893C5215313, DDE22212D78353633CEDE27D7210469DE674563991105563CF64CCCE2D0743BD ] C:\Windows\System32\VaultCredProvider.dll
20:01:07.0246 0x0d34  C:\Windows\System32\VaultCredProvider.dll - ok
20:01:07.0246 0x0d34  [ 8563BA40DF4F1E93A61B70E2C8B60CF8, E5CAA520CBE61FAF3EAA784A51ED30E0CB2FD78EFD8AE1D5C6B0FE43A1009F39 ] C:\Windows\System32\SmartcardCredentialProvider.dll
20:01:07.0246 0x0d34  C:\Windows\System32\SmartcardCredentialProvider.dll - ok
20:01:07.0246 0x0d34  [ BF352E73615F5461AA6884472435A544, 4B059E79325C5F08CD6FBBE6352E17ADB64B9608CC9EDB36A2DF4D148060C309 ] C:\Windows\System32\BioCredProv.dll
20:01:07.0246 0x0d34  C:\Windows\System32\BioCredProv.dll - ok
20:01:07.0246 0x0d34  [ 796B8123A7859AFD3A4AE10514DBAEB5, E76F69FAFEC3D66263ED95F3FA9EE309BDDACB287E30583A147DC97F6EEB8844 ] C:\Windows\System32\winbio.dll
20:01:07.0246 0x0d34  C:\Windows\System32\winbio.dll - ok
20:01:07.0262 0x0d34  [ 4403D5ECE7D8323CAF1207D1AA38FA01, BD0B34DCF658D3CB91C1B55E9E730C5F7C571AFC2BFA09270C377B72B6830D48 ] C:\Windows\System32\credui.dll
20:01:07.0262 0x0d34  C:\Windows\System32\credui.dll - ok
20:01:07.0262 0x0d34  [ 44B9C66177651F3F53C87B665D58D17A, 3FC426115FF87570889DB28D71970B82B525D2A4B9A00EDD273BF083B77A05CE ] C:\Windows\System32\vaultcli.dll
20:01:07.0262 0x0d34  C:\Windows\System32\vaultcli.dll - ok
20:01:07.0262 0x0d34  [ FC51229C7D4AFA0D6F186133728B95AB, 37E58C8E1C8437D1981725A5DCDACA7316CEFBB570370CEFC8D122F523B96AC0 ] C:\Windows\System32\samcli.dll
20:01:07.0262 0x0d34  C:\Windows\System32\samcli.dll - ok
20:01:07.0262 0x0d34  [ 972C3301DB3DA91AE06A95F6B4160B1B, 678B533A06C306295FE97DC26CE9BAFFC8EAF1FB7405ACB040719099717744D5 ] C:\Windows\System32\certCredProvider.dll
20:01:07.0262 0x0d34  C:\Windows\System32\certCredProvider.dll - ok
20:01:07.0277 0x0d34  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] C:\Windows\System32\drivers\http.sys
20:01:07.0277 0x0d34  C:\Windows\System32\drivers\http.sys - ok
20:01:07.0277 0x0d34  [ 87FA0C48C3B2E9FEE518818FE26B15B5, DA4042DE9897397AEDCEFF9F69746726237305DDE64464309B6DCC45E05E42F4 ] C:\Windows\System32\rasplap.dll
20:01:07.0277 0x0d34  C:\Windows\System32\rasplap.dll - ok
20:01:07.0277 0x0d34  [ 019CD868461B646E09BDF04474C19341, 01837EFACB02E52BC6E90C90C4CB01B11D56E449A37EA4FC2695507FF85EA9FE ] C:\Windows\System32\rasapi32.dll
20:01:07.0277 0x0d34  C:\Windows\System32\rasapi32.dll - ok
20:01:07.0277 0x0d34  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] C:\Windows\System32\spoolsv.exe
20:01:07.0277 0x0d34  C:\Windows\System32\spoolsv.exe - ok
20:01:07.0293 0x0d34  [ B28DEEC597C8DEB70C744C7CF9210E3E, E777F192D822990CA6301B3FEA2AEA213FA7901438EB3328914ADF02B6C39DB9 ] C:\Windows\System32\rasman.dll
20:01:07.0293 0x0d34  C:\Windows\System32\rasman.dll - ok
20:01:07.0293 0x0d34  [ B53C4B69B695EDA1B7E41D35CA4244E2, 3D98E9B263CADA576E4057E059AFC867F6E3F1001F3B73C8BCF9066763A45D9D ] C:\Windows\System32\rtutils.dll
20:01:07.0293 0x0d34  C:\Windows\System32\rtutils.dll - ok
20:01:07.0293 0x0d34  [ 9BC8610C32C96A2983A65DC21CAFA921, 2A4195F663C9D55939E3D8FEAA208090FDB0B8801A60164A7325B53104797CBC ] C:\Windows\System32\UXInit.dll
20:01:07.0293 0x0d34  C:\Windows\System32\UXInit.dll - ok
20:01:07.0293 0x0d34  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] C:\Windows\System32\BFE.DLL
20:01:07.0293 0x0d34  C:\Windows\System32\BFE.DLL - ok
20:01:07.0309 0x0d34  [ 3834E21EEBD082A67FCD31DED107A30B, E4AFC9622820EE8A4C89918AF1E583466E09EF052EDBD8A6CD7B3F5F130F8CE2 ] C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll
20:01:07.0309 0x0d34  C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll - ok
20:01:07.0309 0x0d34  [ CF636C92B762B26F0B39B38E92380A09, F7B8B0EA4536CE3BA33EE1BD0783F6AAD8C0EF69714E874D4A30B720A04C7A18 ] C:\Windows\System32\oleacc.dll
20:01:07.0309 0x0d34  C:\Windows\System32\oleacc.dll - ok
20:01:07.0309 0x0d34  [ 4D30C9AA6BF04AF4223A68B771B0B7CE, 87541A33F7EA1A947F0266B739DFFF010110DFCC3995A67DC9A00521F94A389D ] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
20:01:07.0309 0x0d34  C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe - ok
20:01:07.0309 0x0d34  [ 019BDD35DE269CB98B22DE8923C2AA3B, 68B216D5331B128CF1BCB3A3F82FD85B119FFDBCB796C907461CDD6248995817 ] C:\Windows\System32\UIAutomationCore.dll
20:01:07.0309 0x0d34  C:\Windows\System32\UIAutomationCore.dll - ok
20:01:07.0324 0x0d34  [ DDB9BCFF8CBF73638A15579FEC223229, A89D6AC3A25D32AEBA0A1203446A29412AC33BA942E2C0B6A056E65387D16910 ] C:\Program Files (x86)\IObit\IObit Malware Fighter\rtl120.bpl
20:01:07.0324 0x0d34  C:\Program Files (x86)\IObit\IObit Malware Fighter\rtl120.bpl - ok
20:01:07.0324 0x0d34  [ E9BC3D96DDD6259A7B5751C6A1707994, 85BFDD7F1819CECFA4A8696FED6D3355F635BFE69AC79DD3DB745AFD7F8BA432 ] C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
20:01:07.0324 0x0d34  C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe - ok
20:01:07.0324 0x0d34  [ E424B3EF666B184CEE0B6871AAA8C9F6, D182D9B3A813C75F88CA16A9C236AB6167DF5861D155B5DC016B90918C4BD579 ] C:\Windows\System32\msimg32.dll
20:01:07.0324 0x0d34  C:\Windows\System32\msimg32.dll - ok
20:01:07.0324 0x0d34  [ 5AA945234E9D4CCE4F715276B9AA712C, 65165BD131056816F009D987FC78AC86FFE0C3C38A27E73F873586B7FF4D59CF ] C:\Windows\System32\imageres.dll
20:01:07.0324 0x0d34  C:\Windows\System32\imageres.dll - ok
20:01:07.0340 0x0d34  [ 0C52762C606BCF6A377D5E4688191A6B, C58C9A73AD07E3B93AB186D0D47C5F1CB7197771DBEE40646C3B801645BB388F ] C:\Windows\System32\wbem\WmiDcPrv.dll
20:01:07.0340 0x0d34  C:\Windows\System32\wbem\WmiDcPrv.dll - ok
20:01:07.0340 0x0d34  [ 03FD86AEB17EB0268CAEE01113B705A4, 917977349614CF2933D2C63F2F79877BCE2674DFD4AD12CDF2EA70130FBABC72 ] C:\Windows\System32\nvsvc64.dll
20:01:07.0340 0x0d34  C:\Windows\System32\nvsvc64.dll - ok
20:01:07.0340 0x0d34  [ A3F5E8EC1316C3E2562B82694A251C9E, F3DC6AA6A9D3B5BBC730668FC52C1D4BB5D515D404578BDDD3D4869A7ED58822 ] C:\Windows\System32\wbem\fastprox.dll
20:01:07.0340 0x0d34  C:\Windows\System32\wbem\fastprox.dll - ok
20:01:07.0340 0x0d34  [ 7DB5AA22A8A8E5C2D335F44853C1F6DE, A734A20357026C42950394682A52CBC3AF956D09F1949E1B4E95467E999BC428 ] C:\Windows\System32\wbemcomn.dll
20:01:07.0340 0x0d34  C:\Windows\System32\wbemcomn.dll - ok
20:01:07.0355 0x0d34  [ 8290E04F8A4D9594BFB53D520B677B8A, FD6DBD30286A28540C003796A4E30A5DFA5A6A94CDF65D2C720BDEA90124F993 ] C:\Program Files (x86)\IObit\IObit Malware Fighter\vcl120.bpl
20:01:07.0355 0x0d34  C:\Program Files (x86)\IObit\IObit Malware Fighter\vcl120.bpl - ok
20:01:07.0355 0x0d34  [ EB9D364108B5797DD4060C38BC344049, 11F9456226C74DD071906DE001FDDB7CC40C53F5E50B0CADE5158E5CC508AF90 ] C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll
20:01:07.0355 0x0d34  C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll - ok
20:01:07.0355 0x0d34  [ EE26D130808D16C0E417BBBED0451B34, 4886DCE4FAEF146A40BABD492A8000A2022FEA542A6135A9BAFD4CD09297B4E5 ] C:\Windows\System32\ntdsapi.dll
20:01:07.0355 0x0d34  C:\Windows\System32\ntdsapi.dll - ok
20:01:07.0355 0x0d34  [ 666A60F6F5E719856FF6254E0966EFF7, 58C072E7E215991E19C1CA062C476081982F7B9F039714539AE7FEB4981C200F ] C:\Windows\System32\wbem\wbemprox.dll
20:01:07.0355 0x0d34  C:\Windows\System32\wbem\wbemprox.dll - ok
20:01:07.0371 0x0d34  [ 1834B31C749B86DAC233BBBA1C03BC48, 27FCA9196842C0BB53CCAD895870A0EB10D2F8ED67E5486A4437067BD4BC4448 ] C:\Windows\System32\mscms.dll
20:01:07.0371 0x0d34  C:\Windows\System32\mscms.dll - ok
20:01:07.0371 0x0d34  [ 8EDA8F7FADD7F63F46AB8E8541FC1675, 24188685B5741B3C16987208F39858A970D02A5F6AA12786575FE17FD6BA8843 ] C:\Program Files (x86)\IObit\IObit Malware Fighter\datastate.dll
20:01:07.0371 0x0d34  C:\Program Files (x86)\IObit\IObit Malware Fighter\datastate.dll - ok
20:01:07.0371 0x0d34  [ EF2AE43BCD46ABB13FC3E5B2B1935C73, 81FC06F306F620845D7DD8D06E706309E70BC89B589C81F3478302A3F5F73431 ] C:\Windows\System32\winmm.dll
20:01:07.0371 0x0d34  C:\Windows\System32\winmm.dll - ok
20:01:07.0371 0x0d34  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] C:\Windows\System32\drivers\mpsdrv.sys
20:01:07.0371 0x0d34  C:\Windows\System32\drivers\mpsdrv.sys - ok
20:01:07.0387 0x0d34  [ 15555B340E6C8F41F2BAC68235A94ACB, F0BA66CD353C4A1777145DB24173CC96BACB4A16C0E6E9D46A5C86B144617674 ] C:\Program Files (x86)\IObit\IObit Malware Fighter\FixPlugin.exe
20:01:07.0387 0x0d34  C:\Program Files (x86)\IObit\IObit Malware Fighter\FixPlugin.exe - ok
20:01:07.0387 0x0d34  [ 61B9C867B23903D2FB381A2687C6EEC9, A97745B84E3026261D3BF03C2328E6DA44F0173223F132F08FA95E6601B7FE4D ] C:\Windows\System32\nvapi64.dll
20:01:07.0387 0x0d34  C:\Windows\System32\nvapi64.dll - ok
20:01:07.0387 0x0d34  [ 98D245D50DE803C6AB234B6824E3DDDF, 3B360CB9538AEBE6004B8C4A681B9DE97CB35339BF3A17FA11241722E936D4C4 ] C:\Program Files (x86)\IObit\IObit Malware Fighter\sqlite3.dll
20:01:07.0387 0x0d34  C:\Program Files (x86)\IObit\IObit Malware Fighter\sqlite3.dll - ok
20:01:07.0387 0x0d34  [ 43964FA89CCF97BA6BE34D69455AC65F, 10E3B89A5470E1BB6F73382135DD2352F5073C1EE8485D7476CFB5122D4AAA2F ] C:\Windows\SysWOW64\uxtheme.dll
20:01:07.0387 0x0d34  C:\Windows\SysWOW64\uxtheme.dll - ok
20:01:07.0402 0x0d34  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] C:\Windows\System32\MPSSVC.dll
20:01:07.0402 0x0d34  C:\Windows\System32\MPSSVC.dll - ok
20:01:07.0402 0x0d34  [ 39C5F32747B3414D1BB216FDB1DEFC58, 6FAE64CB9748304090113903A5AE9E7154BE16BA2EEA7AB3EF04AB9D79B81380 ] C:\Windows\SysWOW64\dwmapi.dll
20:01:07.0402 0x0d34  C:\Windows\SysWOW64\dwmapi.dll - ok
20:01:07.0402 0x0d34  [ D2CD99540D169C65E722DE8C41880A0E, 4A7B900780CE7D1A23D6FC37D6777BF965C744EBA346638D470BB8D7E61C7489 ] C:\Program Files\NVIDIA Corporation\Display\nvui.dll
20:01:07.0402 0x0d34  C:\Program Files\NVIDIA Corporation\Display\nvui.dll - ok
20:01:07.0402 0x0d34  [ C67F8A962B2534224D5908D16D2AD3CE, CAC1821F5E867285638AEE7AE33CE574BCCF16277AC5AD805650B48F7759B4B4 ] C:\Windows\System32\wfapigp.dll
20:01:07.0402 0x0d34  C:\Windows\System32\wfapigp.dll - ok
20:01:07.0418 0x0d34  [ 94C0972B06C75456ED574DD46417B1D8, D775EF79CD103752AE08187B28B73227546D0D7583B9CA4FD338931B334EFF0B ] C:\Windows\System32\drivers\aksdf.sys
20:01:07.0418 0x0d34  C:\Windows\System32\drivers\aksdf.sys - ok
20:01:07.0418 0x0d34  [ 256390425414F90FCBC12F525A84EB11, A4992020BF6A239AD8A77125426E2C39980C9ABC971C4DBCB24B358F946AD7F9 ] C:\Windows\System32\pcasvc.dll
20:01:07.0418 0x0d34  C:\Windows\System32\pcasvc.dll - ok
20:01:07.0418 0x0d34  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] C:\Windows\System32\snmptrap.exe
20:01:07.0418 0x0d34  C:\Windows\System32\snmptrap.exe - ok
20:01:07.0418 0x0d34  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] C:\Windows\System32\drivers\fastfat.sys
20:01:07.0418 0x0d34  C:\Windows\System32\drivers\fastfat.sys - ok
20:01:07.0433 0x0d34  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] C:\Windows\System32\lmhsvc.dll
20:01:07.0433 0x0d34  C:\Windows\System32\lmhsvc.dll - ok
20:01:07.0433 0x0d34  [ 2147C5330F983D76A36B73F4A804F778, 4B201E86B701FEA4754139BB3873DEB132932732F1B8EEEAE7C9DB891CC64D2E ] C:\Windows\System32\RdpGroupPolicyExtension.dll
20:01:07.0433 0x0d34  C:\Windows\System32\RdpGroupPolicyExtension.dll - ok
20:01:07.0433 0x0d34  [ 4004299B7AF4CBFF6540F1798899A11F, 5DD3AE149B7228A769F2FE95355795AC98ACD8CDFB78954A423A357F717203C3 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
20:01:07.0433 0x0d34  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
20:01:07.0433 0x0d34  [ A8EDB86FC2A4D6D1285E4C70384AC35A, 61B8955CE0A2AA9D0719920B30216717B349B6FBE11C697C31CFA84F859CC1AE ] C:\Windows\System32\dllhost.exe
20:01:07.0433 0x0d34  C:\Windows\System32\dllhost.exe - ok
20:01:07.0449 0x0d34  [ 91A8E32B00BF7899EDAB6783287DDDA6, 49451722317AB42B3DE407EFCB9CC560C1455217AC3E2F11F74D08C1708473C5 ] C:\Windows\System32\PeerDistSh.dll
20:01:07.0449 0x0d34  C:\Windows\System32\PeerDistSh.dll - ok
20:01:07.0449 0x0d34  [ 9028D1621C43DF8DFBD1C76860412A11, A1D48D9B33180BDE50D2FA9BB07E9520B7B7788C39B3AABB4A06AE4B1AACA755 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll
20:01:07.0449 0x0d34  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll - ok
20:01:07.0449 0x0d34  [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] C:\Windows\System32\cryptsvc.dll
20:01:07.0449 0x0d34  C:\Windows\System32\cryptsvc.dll - ok
20:01:07.0449 0x0d34  [ 2D589A2C024B2FB238535DB9F7B3597D, 1EB47F73BC890D67A50C72E30BFE139AA1747C88E2FA8029A7382B203C37B512 ] C:\Windows\System32\drivers\DgivEcp.sys
20:01:07.0449 0x0d34  C:\Windows\System32\drivers\DgivEcp.sys - ok
20:01:07.0465 0x0d34  [ A6B726DCA228F7878E38368A1BDC68BE, 30E8300B09B876E3D4B2A9215C9CC070EADF915E1268F425B6F8E0596A0D3539 ] C:\Windows\System32\cryptnet.dll
20:01:07.0465 0x0d34  C:\Windows\System32\cryptnet.dll - ok
20:01:07.0465 0x0d34  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] C:\Windows\System32\dps.dll
20:01:07.0465 0x0d34  C:\Windows\System32\dps.dll - ok
20:01:07.0465 0x0d34  [ BAAFAF9CEAEC0B73C2A3550A01F6CECB, 018CB95A43CEA2063EA24691C71D51EF60D522C21502ABA8AD93876363D4B857 ] C:\Windows\System32\taskschd.dll
20:01:07.0465 0x0d34  C:\Windows\System32\taskschd.dll - ok
20:01:07.0465 0x0d34  [ 78FAD9117E4527F2CA82259DA10F40BD, 9CE5102C681B8147BFC189897C19852D2BF82A9B95DE6301EBBCD13A604A41F3 ] C:\Windows\System32\drivers\hardlock.sys
20:01:07.0465 0x0d34  C:\Windows\System32\drivers\hardlock.sys - ok
20:01:07.0480 0x0d34  [ A0A2C1D812C231C9BFE119FDC68E341B, F94446594EE17505956A715DFB28B51D09F00A7A65E56950661B889A57DE8FA8 ] C:\Windows\System32\IDStore.dll
20:01:07.0480 0x0d34  C:\Windows\System32\IDStore.dll - ok
20:01:07.0480 0x0d34  [ 0E2F58F6E698EDCB9E58FAD0CBCD0567, 426FB40A065FEF61980C803EF72D0D326C623340C3AE99CA8AFFDEFB81E8D49D ] C:\Windows\System32\vssapi.dll
20:01:07.0480 0x0d34  C:\Windows\System32\vssapi.dll - ok
20:01:07.0480 0x0d34  [ 9A0F254E6FC6323CE6EC22F95EF9F657, 0E710055EECE23186DAE06A919966137DE3C4F63A639EF190E0F6134C9311D7A ] C:\Windows\System32\nvsvcr.dll
20:01:07.0480 0x0d34  C:\Windows\System32\nvsvcr.dll - ok
20:01:07.0496 0x0d34  [ 639774C9ACD063F028F6084ABF5593AD, 9DFD80610CBBC9188F6C6BC85C87016B0AE42254FC289C2B578E85282BDD9C23 ] C:\Windows\System32\taskhost.exe
20:01:07.0496 0x0d34  C:\Windows\System32\taskhost.exe - ok
20:01:07.0496 0x0d34  [ 1A83FACA2135AF076E8EA73A30B3B26C, AB6CE8022785715DB294186F9456B52F1C5BF197BC9F9467203BDE029DB99BDD ] C:\Windows\System32\KBDUK.DLL
20:01:07.0496 0x0d34  C:\Windows\System32\KBDUK.DLL - ok
20:01:07.0496 0x0d34  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] C:\Windows\System32\IKEEXT.DLL
20:01:07.0496 0x0d34  C:\Windows\System32\IKEEXT.DLL - ok
20:01:07.0496 0x0d34  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] C:\Windows\System32\hidserv.dll
20:01:07.0496 0x0d34  C:\Windows\System32\hidserv.dll - ok
20:01:07.0511 0x0d34  [ 27A82EC9FD1CA4A5526A61828D2053AB, 863E0650BCD4F112A1B187D6B5770C8E4F5322B7E1CBD12DC790B46F0EF75D11 ] C:\Windows\System32\IPROSetMonitor.exe
20:01:07.0511 0x0d34  C:\Windows\System32\IPROSetMonitor.exe - ok
20:01:07.0511 0x0d34  [ 7CAA1B97A3311EB5A695E3C9028616E7, 27F394AE01D12F851F1DEE3632DEE3C5AFA1D267F7A96321D35FD43105B035AD ] C:\Windows\System32\msvcp110.dll
20:01:07.0511 0x0d34  C:\Windows\System32\msvcp110.dll - ok
20:01:07.0511 0x0d34  [ 23566F9723771108D2E6CD768AC27407, FAC0293DD1061B151E779BF4B245E6652C951FEDEBC602A166156DFBD38B5D67 ] C:\Windows\System32\AtBroker.exe
20:01:07.0511 0x0d34  C:\Windows\System32\AtBroker.exe - ok
20:01:07.0511 0x0d34  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] C:\Windows\System32\wdi.dll
20:01:07.0511 0x0d34  C:\Windows\System32\wdi.dll - ok
20:01:07.0527 0x0d34  [ 94EEAC26F57811BD1AEFC164412F7FCE, 7390BCD7709D48DE75D7D6E06AA7356D1C58EE63F3CC2E07ABCD2E2FF6CC81CF ] C:\Windows\System32\PlaySndSrv.dll
20:01:07.0527 0x0d34  C:\Windows\System32\PlaySndSrv.dll - ok
20:01:07.0527 0x0d34  [ 6CEF7856A3EFAC59470F6208F0F585CE, 0F7A80DB821FDE6580E9481B6DA44844F717DDB4983B0E3D562BE43726153951 ] C:\Windows\System32\mpr.dll
20:01:07.0527 0x0d34  C:\Windows\System32\mpr.dll - ok
20:01:07.0527 0x0d34  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] C:\Windows\System32\provsvc.dll
20:01:07.0527 0x0d34  C:\Windows\System32\provsvc.dll - ok
20:01:07.0527 0x0d34  [ 9BB99503D6A4DD62569EDE9E5E2672A5, 6F4EA5BC50B1F929735246485263078BEF1B3BEB33F78CB1F483F13AA226C27E ] C:\Windows\System32\HotStartUserAgent.dll
20:01:07.0527 0x0d34  C:\Windows\System32\HotStartUserAgent.dll - ok
20:01:07.0543 0x0d34  [ 77B5035BC6EDF4D1B6265391AECEE4C0, FE69B715F04446BD42AF1B672E6AC54E954CFE0C847BFD2056CB11CF017B1844 ] C:\Windows\System32\vpnikeapi.dll
20:01:07.0543 0x0d34  C:\Windows\System32\vpnikeapi.dll - ok
20:01:07.0543 0x0d34  [ 287923557447D7E4BDD7E65B1F0F5428, 14D85A0F036F28D77AA9723C3D7E8C4DA9BDFF8A1AD9BEA6FE5756DBF5D00F08 ] C:\Windows\System32\vsstrace.dll
20:01:07.0543 0x0d34  C:\Windows\System32\vsstrace.dll - ok
20:01:07.0543 0x0d34  [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA, 8A6ACEFAB95E5275CBFBE6CCB5A6C3A6A471260B279B9063E86B9C7765E18656 ] C:\Windows\System32\MsCtfMonitor.dll
20:01:07.0543 0x0d34  C:\Windows\System32\MsCtfMonitor.dll - ok
20:01:07.0543 0x0d34  [ BAFE84E637BF7388C96EF48D4D3FDD53, 11C194D9ADCE90027272C627D7FBF3BA5025FF0F7B26A8333F764E11E1382CF9 ] C:\Windows\System32\userinit.exe
20:01:07.0543 0x0d34  C:\Windows\System32\userinit.exe - ok
20:01:07.0543 0x0d34  [ F09A9A1AD21FE618C4C8B0A0D830C886, 29831DDAB2AB105358FBC067CDF96428220B6743CD6019F6FE74BAC7AF325E7E ] C:\Windows\System32\msutb.dll
20:01:07.0543 0x0d34  C:\Windows\System32\msutb.dll - ok
20:01:07.0558 0x0d34  [ 7C3B449F661D99A9B1033A14033D2987, AE996EDB9B050677C4F82D56092EFDC75F0ADDC97A14E2C46753E2DB3F6BD732 ] C:\Windows\System32\msvcr110.dll
20:01:07.0558 0x0d34  C:\Windows\System32\msvcr110.dll - ok
20:01:07.0558 0x0d34  [ 65EA57712340C09B1B0C427B4848AE05, 5FDCF73191BFF9DBB03886755FFCF0BC15849F0E216884A5A8B9BB375FA7C1A5 ] C:\Windows\System32\taskeng.exe
20:01:07.0558 0x0d34  C:\Windows\System32\taskeng.exe - ok
20:01:07.0558 0x0d34  [ F162D5F5E845B9DC352DD1BAD8CEF1BC, 8A7B7528DB30AB123B060D8E41954D95913C07BB40CDAE32E97F9EDB0BAF79C7 ] C:\Windows\System32\dwm.exe
20:01:07.0558 0x0d34  C:\Windows\System32\dwm.exe - ok
20:01:07.0574 0x0d34  [ 88351B29B622B30962D2FEB6CA8D860B, A16CAD7D94C1C9807083BB36E9B4C3C14E6482C4CA2BDFACBCC86E737DDCE42E ] C:\Windows\System32\rasadhlp.dll
20:01:07.0574 0x0d34  C:\Windows\System32\rasadhlp.dll - ok
20:01:07.0574 0x0d34  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] C:\Windows\System32\sstpsvc.dll
20:01:07.0574 0x0d34  C:\Windows\System32\sstpsvc.dll - ok
20:01:07.0574 0x0d34  [ 9FCA3A84338ADEF2AFF67CDA46EF8539, 087DF72096852AE98C56990EE6E68835BE95E7E49ECDDE8B54DAC11C9E07FE94 ] C:\Windows\System32\umb.dll
20:01:07.0574 0x0d34  C:\Windows\System32\umb.dll - ok
20:01:07.0574 0x0d34  [ FCFCD1101C5DA23B4B95F93D02B2C169, 040A086875B6C5475490A2F8B0CF4FF20DDB4FEDFE5FCABBA49692AA05F40527 ] C:\Windows\System32\dwmredir.dll
20:01:07.0574 0x0d34  C:\Windows\System32\dwmredir.dll - ok


20:01:07.0589 0x0d34  [ 332FEAB1435662FC6C672E25BEB37BE3, 6BED1A3A956A859EF4420FEB2466C040800EAF01EF53214EF9DAB53AEFF1CFF0 ] C:\Windows\explorer.exe
20:01:07.0589 0x0d34  C:\Windows\explorer.exe - ok
20:01:07.0589 0x0d34  [ B2742EA6ED844D747E2348A504E491CB, 38D2A3B32A77FE2ADCCACB74F7A8EAD6A4589A5E22D2A6E7DFEADACDAE66DA85 ] C:\Windows\System32\dxva2.dll
20:01:07.0589 0x0d34  C:\Windows\System32\dxva2.dll - ok
20:01:07.0589 0x0d34  [ 49CE25D67AA6800E82E4BB73EA9A5CAE, AD1ECB2C349DC698F9ED6BFD198640AB558F180F4D5F1A56DE8C25DE3BAEE61A ] C:\Windows\System32\nvcpl.dll
20:01:07.0589 0x0d34  C:\Windows\System32\nvcpl.dll - ok
20:01:07.0589 0x0d34  [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051, 8EFD0A6DE6F4E335D342782190008FB5AC84A6ADE49170B310DEC9AC48E623E8 ] C:\Windows\System32\localspl.dll
20:01:07.0589 0x0d34  C:\Windows\System32\localspl.dll - ok
20:01:07.0589 0x0d34  [ 4BA77A5EF71C14C764B0ED4701683E3E, 066A064CDBE09BF8BE1DF5B259F30FF6C124A1C3D637800D3E19E8E25EDB950E ] C:\Windows\System32\dwmcore.dll
20:01:07.0589 0x0d34  C:\Windows\System32\dwmcore.dll - ok
20:01:07.0605 0x0d34  [ 0015ACFBBDD164A8A730009908868CA7, E1FF243AD2CF959FAB81EFE701592414991C03416FF296ADC93906E76B707C4D ] C:\Windows\System32\winspool.drv
20:01:07.0605 0x0d34  C:\Windows\System32\winspool.drv - ok
20:01:07.0605 0x0d34  [ 805A52C5AE26C28E88FDD9BCCFE6F312, 4FF28D3658C31722B7DD036DED9D544B14841C0E0B94D31A8EC5AB92128DA020 ] C:\Windows\System32\TSChannel.dll
20:01:07.0605 0x0d34  C:\Windows\System32\TSChannel.dll - ok
20:01:07.0605 0x0d34  [ DC5B3939B53CCD5B505D89C5829AB714, C5894964969D7FFE8413365D118FC64360A67F2FE8BAC6659F73F65CB08A6B82 ] C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll
20:01:07.0605 0x0d34  C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll - ok
20:01:07.0621 0x0d34  [ 2B3D204E0F2DD76CB30967C217C32015, D0EF65909019EB4FB582026B9423DC85247BDE7EDF742FB27FF856F098B24C0E ] C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe
20:01:07.0621 0x0d34  C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe - ok
20:01:07.0621 0x0d34  [ 3285481F5C12305CA104A6C493CA5A0B, ADB39B15D26A954B0F347C7BAFCC76DE5E3CF3CF05736E8987E0832AA7F8563C ] C:\Windows\System32\spoolss.dll
20:01:07.0621 0x0d34  C:\Windows\System32\spoolss.dll - ok
20:01:07.0621 0x0d34  [ C5AC93CF3BA30D367FB49148A2B673B9, 07B556039BBA841BC9F28979C3AD5D238B55391F921C9C805F3AFC9EFB437766 ] C:\Windows\System32\PrintIsolationProxy.dll
20:01:07.0621 0x0d34  C:\Windows\System32\PrintIsolationProxy.dll - ok
20:01:07.0621 0x0d34  [ 347587C3F6488030647D240D8C9D664D, AE496522E3B25C6647E88CA8262067FA2D7D58D72E7C5EFAA2139C27567FC5C3 ] C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
20:01:07.0621 0x0d34  C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe - ok
20:01:07.0636 0x0d34  [ E1374D37477322D4956604711008C69D, 52350DBA14343DBAB3019FF67A7F8ED8A53D1085C1A3F1B4AE9110F7407F4256 ] C:\Windows\System32\d3d10_1.dll
20:01:07.0636 0x0d34  C:\Windows\System32\d3d10_1.dll - ok
20:01:07.0636 0x0d34  [ 072C4F7481FA7CD634D2130CF8476870, 78E20635ABD9966EC38083996A70B887FAE26D2AE2BFBABBCDE9D6CC38268BB2 ] C:\Program Files\Common Files\Bullzip\PDF Printer\Ports\BULLZIP\bzpdf.dll
20:01:07.0636 0x0d34  C:\Program Files\Common Files\Bullzip\PDF Printer\Ports\BULLZIP\bzpdf.dll - ok
20:01:07.0636 0x0d34  [ F6B19748550A95CBFF1240ABDF06477C, B09EBDB0B43CE0907FB52EFCE0DE1E10C713C989FE8A88A944FEA689B9B2589E ] C:\Windows\System32\corelcreatorpm.dll
20:01:07.0636 0x0d34  C:\Windows\System32\corelcreatorpm.dll - ok
20:01:07.0636 0x0d34  [ A8704A10FFDE468F4AB18EBF82A9A86F, 40F6502679CEE0B657B0005278FBE7213BDDA6DEAACF868058E17737C182E1B4 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll
20:01:07.0636 0x0d34  C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll - ok
20:01:07.0652 0x0d34  [ EED05D42D91835064703E2318552ED25, E9EE1E2253445B207B76F5D3073C612ED979A982522C1515E0FE8FA9641AE568 ] C:\Windows\System32\ExplorerFrame.dll
20:01:07.0652 0x0d34  C:\Windows\System32\ExplorerFrame.dll - ok
20:01:07.0652 0x0d34  [ 426BA4E737A7988FD1202AF2F2B2F4A6, 3E84B1EF044C157B7B228AE86A4466BC7E24B2D85F07636D0119041E3D630A2F ] C:\Windows\System32\d3d10_1core.dll
20:01:07.0652 0x0d34  C:\Windows\System32\d3d10_1core.dll - ok
20:01:07.0652 0x0d34  [ EC6BA7C92FA5B2AA4AFDF4DF22AEDAB7, 690F12C490BEE2BF17AB7B6804E6E9B96F51C304350CCDE80FE5C7EEFA89720E ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll
20:01:07.0652 0x0d34  C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok
20:01:07.0652 0x0d34  [ B1202AEAD557FCAB4B326D11A47D0A60, 9078311D07B1B0072CC82A9EE557099BD6F028AA918AF25A0E6FB1A59067B5A8 ] C:\Windows\System32\cpwmon64.dll
20:01:07.0652 0x0d34  C:\Windows\System32\cpwmon64.dll - ok
20:01:07.0667 0x0d34  [ 19E41CCCEE697CC9465396B370929792, A9FC4C33C71C3677FE57779380E55FDE2AC0B0C70A9DBCBA0D0B6FA92C709A7F ] C:\Windows\System32\FXSMON.dll
20:01:07.0667 0x0d34  C:\Windows\System32\FXSMON.dll - ok
20:01:07.0667 0x0d34  [ F404E59DB6A0F122AB26BF4F3E2FD0FA, 47F30401D86006821475F911A3D5E9B23571F6A8B4A9942891298E33D070D5D5 ] C:\Windows\System32\dxgi.dll
20:01:07.0667 0x0d34  C:\Windows\System32\dxgi.dll - ok
20:01:07.0667 0x0d34  [ 43F966BCD94DC323A8FEF49376A2932D, 09C3F9A71B3F6CEC562B8AF07111C19151A9DD32B241CF78B15A328FF0EE3288 ] C:\Windows\System32\sst1cl6.dll
20:01:07.0667 0x0d34  C:\Windows\System32\sst1cl6.dll - ok
20:01:07.0667 0x0d34  [ CB7C2EB45B6607CECA065C306B3912AD, 2A319C49EDD2CFED3D09E53B32ADB8FE341BF8C2D4F45BDD6386BC991DDE960A ] C:\Users\Raul\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
20:01:07.0667 0x0d34  C:\Users\Raul\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll - ok
20:01:07.0683 0x0d34  [ 32A3C8600AF124CBAAD845F13CFAE3CB, F36FE9E57D5C509FEECE890F9F8717F9CC6F762E32AE0B7DB7E0153370CE0B9D ] C:\Windows\System32\tcpmon.dll
20:01:07.0683 0x0d34  C:\Windows\System32\tcpmon.dll - ok
20:01:07.0683 0x0d34  [ 93518C6EDE0B61BCBD02BDB02BD05FEE, 3637F5E5F15093AFB501EE910368CF900B422AC22669391FFA4198BBAE6F8FCB ] C:\Windows\System32\snmpapi.dll
20:01:07.0683 0x0d34  C:\Windows\System32\snmpapi.dll - ok
20:01:07.0683 0x0d34  [ AA680F0065A505118BDD9181BCE7C83D, 6A946B37FBB449298F5B0A3C847963FF3D3EE31B284050328E01818E6740D2C2 ] C:\Windows\SysWOW64\wininet.dll
20:01:07.0683 0x0d34  C:\Windows\SysWOW64\wininet.dll - ok
20:01:07.0683 0x0d34  [ A7A8CA53D9C9FD90C07AB0EB38E5316B, B98722E76601A98F038F40703C4B8BD21B5EC3B65DC1B07B7C367C06448F8A0E ] C:\Windows\System32\dbghelp.dll
20:01:07.0683 0x0d34  C:\Windows\System32\dbghelp.dll - ok
20:01:07.0699 0x0d34  [ FFF9D00CF16397C64317F213484F94BD, 94D0584E14BDB27F61F59A7BCEA529A1594261BE0CE74502C13E8865843BA414 ] C:\Windows\System32\wsnmp32.dll
20:01:07.0699 0x0d34  C:\Windows\System32\wsnmp32.dll - ok
20:01:07.0699 0x0d34  [ 0E3A7EC2B9590EA7767BBB1823630DEA, 6858B7050465DB8505CF9E932868B123B925376C05363EA5A9198B2AE15CF728 ] C:\Windows\System32\msxml6.dll
20:01:07.0699 0x0d34  C:\Windows\System32\msxml6.dll - ok
20:01:07.0699 0x0d34  [ 898479188B3DBCB7F2BAC888D6456636, 4D42BAE04113D3D7E7C255B69BDD322C2B32659BCA4C35D89CC548BF5212164A ] C:\Windows\SysWOW64\iertutil.dll
20:01:07.0699 0x0d34  C:\Windows\SysWOW64\iertutil.dll - ok
20:01:07.0699 0x0d34  [ 50061832AF34C61151B647976B77622C, A5D49C8F2AF258AFE71FFDCD4945AC2EAD14EF6B70B617F5B929FA543D4488C2 ] C:\Windows\System32\dlumd64.dll
20:01:07.0699 0x0d34  C:\Windows\System32\dlumd64.dll - ok
20:01:07.0714 0x0d34  [ 64D4E7AB332B51BBCF010815E6B0DC76, 991A9209D598A8808CF457FA6FE72B725F1962371731A6942451E88AF93A1398 ] C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\AdbUpdate.exe
20:01:07.0714 0x0d34  C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\AdbUpdate.exe - ok
20:01:07.0714 0x0d34  [ C5E7648C5FD80BF2793116C9DD09FC39, 16FC572C914E15711233383C7598A329E6466D147DCB61C8C810CB14E61831F4 ] C:\Program Files (x86)\IObit\Advanced SystemCare 8\Display.exe
20:01:07.0714 0x0d34  C:\Program Files (x86)\IObit\Advanced SystemCare 8\Display.exe - ok
20:01:07.0714 0x0d34  [ 43F966BCD94DC323A8FEF49376A2932D, 09C3F9A71B3F6CEC562B8AF07111C19151A9DD32B241CF78B15A328FF0EE3288 ] C:\Windows\System32\sugo2l6.dll
20:01:07.0714 0x0d34  C:\Windows\System32\sugo2l6.dll - ok
20:01:07.0714 0x0d34  [ DF72A9936D0C3F517083119648814B09, 6BA4DCAC2F55A393A266ED0B2AF92B38141654D1666E3E143D85BBAF21663E1E ] C:\Windows\System32\usbmon.dll
20:01:07.0714 0x0d34  C:\Windows\System32\usbmon.dll - ok
20:01:07.0730 0x0d34  [ 241AF87821FDA0F5792037B779F49BE0, B3F4FDA27430ACC6D6BC1C3CBD518B9CAE5BA0F22AB8917578A7F16270F94C8B ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
20:01:07.0730 0x0d34  C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
20:01:07.0730 0x0d34  [ A1D7E3ADCDB07DDB6F423862DCB1A52B, 6191C33D2AE090F6F055D6AE211096CE8F003EC5518A5333EE1E376052176BAB ] C:\Windows\System32\WSDMon.dll
20:01:07.0730 0x0d34  C:\Windows\System32\WSDMon.dll - ok
20:01:07.0730 0x0d34  [ 3F0A7F435BAB0ED4070BBCE73F1918F3, 0C0C17135A432C9F9D1905DD744927597493C13BACA541D7464FC3954A1A92DA ] C:\Windows\SysWOW64\urlmon.dll
20:01:07.0730 0x0d34  C:\Windows\SysWOW64\urlmon.dll - ok
20:01:07.0745 0x0d34  [ F1B205F932F62F94506A5F332C895DAF, F02F01F20F655DD919C71AE814E4C3DD43330AAD1425FC5B1497F1613917CCDE ] C:\Windows\System32\WSDApi.dll
20:01:07.0745 0x0d34  C:\Windows\System32\WSDApi.dll - ok
20:01:07.0745 0x0d34  [ D233C7FEAE3FAA25F93A9E6B46815ADC, 5330682AE9C08E5F2E30C5E256B91028389BBBDDAA8C38950DF76616FCA854FF ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
20:01:07.0745 0x0d34  C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
20:01:07.0745 0x0d34  [ C55516D98DD5D8F0153C2A9B4227DA86, DBC62B776CF06D0873A4C7CFCDF5B6F5C6E6C41917C326C090BCE58DC66EE09C ] C:\Windows\System32\webservices.dll
20:01:07.0745 0x0d34  C:\Windows\System32\webservices.dll - ok
20:01:07.0745 0x0d34  [ 544EFF88AC6C85DF5A4D6F18DFE08CFC, D688381F42062FD5D868E7770857C5951C41BA20A1B6E6F60B5D9536C02CD293 ] C:\Windows\SysWOW64\taskschd.dll
20:01:07.0745 0x0d34  C:\Windows\SysWOW64\taskschd.dll - ok
20:01:07.0761 0x0d34  [ 4F6E72B34ED3DC53DCC5E8708E60B61F, CB79F4EBCE11ECCFA167498F329F95D545F8D4E5CCE4006B2A03B595733AEBC2 ] C:\Windows\SysWOW64\security.dll
20:01:07.0761 0x0d34  C:\Windows\SysWOW64\security.dll - ok
20:01:07.0761 0x0d34  [ F4C8FC706D7DAE69D2AEBBFFC24F23DE, 77B1BAAD5EDEBDFE9E9C4245F33761D7CEAE8C3982C8CB729FB415AE9BABC6B4 ] C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll
20:01:07.0761 0x0d34  C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll - ok
20:01:07.0761 0x0d34  [ 9216ABFD53F5EC1F35C3554AD1A175DE, 1A2CA1228D8A662176FFCA6F9959E2FE26768D4718677BD420D1CD24295A656B ] C:\Windows\SysWOW64\secur32.dll
20:01:07.0761 0x0d34  C:\Windows\SysWOW64\secur32.dll - ok
20:01:07.0761 0x0d34  [ 5785CF742D70D36DB8F5191BBBA60D7D, CB0582EBF2E033E150DD30FE988B24FA0045C8044284C0FD2FD043444EEB4DDD ] C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\sqlite3.dll
20:01:07.0761 0x0d34  C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\sqlite3.dll - ok
20:01:07.0777 0x0d34  [ 055D1BC572E67E0728D4DC5835794207, EF52D9DBFE5024A7F4A7F7DEDD3DF62773EBE65432CC702C618C350C2C57AA92 ] C:\Program Files (x86)\IObit\Smart Defrag 3\taskMgr.dll
20:01:07.0777 0x0d34  C:\Program Files (x86)\IObit\Smart Defrag 3\taskMgr.dll - ok
20:01:07.0777 0x0d34  [ B5055B51BAA0FD0A736A88653DA3C1C0, A3BD057C7E8C926930BA7E9D11427D26FB37267026A0B72AB4021101EE424F74 ] C:\Windows\System32\fundisc.dll
20:01:07.0777 0x0d34  C:\Windows\System32\fundisc.dll - ok
20:01:07.0777 0x0d34  [ EDF2A5E96BEC469DA3F64E9BDD386111, 63C91BBDFA2E087293B010A4E45625FBD1BFCAF655BFADE2F8B1C36CF804B118 ] C:\Windows\SysWOW64\xmllite.dll
20:01:07.0777 0x0d34  C:\Windows\SysWOW64\xmllite.dll - ok
20:01:07.0777 0x0d34  [ 4581716B4BF76ACFD8E167EB0B26D82A, 39D822527114EEED68044CCE4D542767F53978D9E0A7F72638F1CA9A016DE13B ] C:\Windows\System32\fdPnp.dll
20:01:07.0777 0x0d34  C:\Windows\System32\fdPnp.dll - ok
20:01:07.0792 0x0d34  [ 0BB29DE40C9D9529793DCDB59A43CF5B, 251001A407D32EF22F64915EEFFAAEC229073C4549BF7D9D1D4209B7D15B4681 ] C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
20:01:07.0792 0x0d34  C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe - ok
20:01:07.0792 0x0d34  [ 1D626FE2E13C1CE49CA0136CFF214E93, 4F02DD92045CF244979FFD074B2BDE6925A909227A474C60DCABE4384D916218 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
20:01:07.0792 0x0d34  C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
20:01:07.0792 0x0d34  [ 8F1C949FD695C83C4E30C3BFC004C81F, A93499FF8A7A060653C07FD2B25973EEC51F1D265B876E8A636BCAC4195A01A2 ] C:\Windows\System32\spool\prtprocs\x64\HPZPPWN7.DLL
20:01:07.0792 0x0d34  C:\Windows\System32\spool\prtprocs\x64\HPZPPWN7.DLL - ok
20:01:07.0808 0x0d34  [ 8564D9B4794E0E28312601091237ED18, 3298A15214C9C0DD7DE57A01AEF3C5ABBD56F50468F11ED899F6C32A5B973D8E ] C:\Windows\System32\spool\prtprocs\x64\sst1cpc.dll
20:01:07.0808 0x0d34  C:\Windows\System32\spool\prtprocs\x64\sst1cpc.dll - ok
20:01:07.0808 0x0d34  [ 6B07EE9C7668D2C704563DA838026828, CFC0CA7F9F3ADF14FBA9AF6182F0260CF6B6C088F3A9DF6FD20B51B483385BBB ] C:\Windows\SysWOW64\cryptsp.dll
20:01:07.0808 0x0d34  C:\Windows\SysWOW64\cryptsp.dll - ok
20:01:07.0808 0x0d34  [ 568206B102959F5875C2A5DF2C9FD819, DEE5F437037AE5442FE7C29DEB40BD1341EE4AF182ABB5B3E07F62511B061185 ] C:\Windows\System32\spool\prtprocs\x64\sugo2pc.dll
20:01:07.0808 0x0d34  C:\Windows\System32\spool\prtprocs\x64\sugo2pc.dll - ok
20:01:07.0808 0x0d34  [ 58F4493BF748A3A89689997B7BD00E95, EC5DEEC73E357C7C87B001275C4E635011A9CF39419F2B86E2C2B8D7E388C551 ] C:\Windows\System32\winhttp.dll
20:01:07.0808 0x0d34  C:\Windows\System32\winhttp.dll - ok
20:01:07.0823 0x0d34  [ 67CF11E00D026A5C0C88EA5F84D501E5, 5081A87466116232CF07F58229967B6C0CD3738B64A56EFC6BB3EBDA62E378F6 ] C:\Windows\System32\win32spl.dll
20:01:07.0823 0x0d34  C:\Windows\System32\win32spl.dll - ok
20:01:07.0823 0x0d34  [ 603EBD34E216C5654A2D774EAC98D278, ACE0171BB780DB2C1B1A8BF6FA8CF51C529D7E09141FA504C7199AF764FD9A36 ] C:\Windows\System32\webio.dll
20:01:07.0823 0x0d34  C:\Windows\System32\webio.dll - ok
20:01:07.0823 0x0d34  [ 84503B5D373C4C17A18DA7A7F3AFF144, ABC5DB2AB81A4BB96947D50E47FE0E5DA4001E0BD21BFD27646F057D0A7B3D7E ] C:\Windows\System32\nvwgf2umx.dll
20:01:07.0823 0x0d34  C:\Windows\System32\nvwgf2umx.dll - ok
20:01:07.0823 0x0d34  [ 507D5567A0A4EE86C4B0CE2CE1777025, 408770B00CED498BF7782054F17A5CB361CF65429B0C816403D70E416E0EEF23 ] C:\Windows\System32\inetpp.dll
20:01:07.0823 0x0d34  C:\Windows\System32\inetpp.dll - ok
20:01:07.0839 0x0d34  [ 5DA6DE166E1CA56638E931BFE631DE53, F68879A4069EEA58AF08231E7DF3D77E971FAB0EF22ADE529940B95A083B2B2B ] C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamsrv.dll
20:01:07.0839 0x0d34  C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamsrv.dll - ok
20:01:07.0839 0x0d34  [ 024352FEEC9042260BB4CFB4D79A206B, 60CB39086E10C5B66EBC15E4DF219620B344B4358D2918AB6BB3448A0AC8BE36 ] C:\Windows\System32\EhStorShell.dll
20:01:07.0839 0x0d34  C:\Windows\System32\EhStorShell.dll - ok
20:01:07.0839 0x0d34  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] C:\Windows\System32\netprofm.dll
20:01:07.0839 0x0d34  C:\Windows\System32\netprofm.dll - ok
20:01:07.0839 0x0d34  [ 58A0CDABEA255616827B1C22C9994466, 4FE1140AA8D3995579DE8CDF4ECAD1978804D05351EABB4079A63B303EF1B451 ] C:\Windows\System32\NapiNSP.dll
20:01:07.0839 0x0d34  C:\Windows\System32\NapiNSP.dll - ok
20:01:07.0855 0x0d34  [ 613C8CE10A5FDE582BA5FA64C4D56AAA, 30507B6BA79E1A271B07BBA58B4FF463678BE0960266A1D5E88031E932D768B6 ] C:\Windows\System32\pnrpnsp.dll
20:01:07.0855 0x0d34  C:\Windows\System32\pnrpnsp.dll - ok
20:01:07.0855 0x0d34  [ 32802C0F6FC7C8F561B9D91F52A46421, EE02CF54FC3626D85849EF14D9B7B57419F12D1DD0735C25ECBD987EE53F634B ] C:\Windows\System32\cscui.dll
20:01:07.0855 0x0d34  C:\Windows\System32\cscui.dll - ok
20:01:07.0855 0x0d34  [ 2E483EC51216B52C711C7EC642798BB7, 98DFAAEA25FE4A450FEA18F36E0B0AA6143A0D1C89CB406857BEE5154D5931BB ] C:\Windows\System32\sti.dll
20:01:07.0855 0x0d34  C:\Windows\System32\sti.dll - ok
20:01:07.0855 0x0d34  [ 1BF0CB861A48FEB1638228760750F3CB, 37C781A8C546EAD8B4D28BD7D730B9AC78EB799599AD69DAD9054B6F9F1DD6BD ] C:\Windows\System32\cscapi.dll
20:01:07.0855 0x0d34  C:\Windows\System32\cscapi.dll - ok
20:01:07.0870 0x0d34  [ 7EE5F17A21D9A9101207DF4BC37B085D, C07A56D52449B9F126B617FB4EFDC22EFE043C9B257B01967EA2FCCCA6216763 ] C:\Windows\System32\cscdll.dll
20:01:07.0870 0x0d34  C:\Windows\System32\cscdll.dll - ok
20:01:07.0870 0x0d34  [ 2E2072EB48238FCA8FBB7A9F5FABAC45, AC70B9FC24847EEC2E18008F2894DCDAC19A9C90D5D88729326E493CA524F5C3 ] C:\Windows\System32\winrnr.dll
20:01:07.0870 0x0d34  C:\Windows\System32\winrnr.dll - ok
20:01:07.0870 0x0d34  [ 6A8B55F9D191925107BEC477F4368DCD, 20370F998E11768A0E414FF5DEF3A4684AFF417ADAA4214794728F5DEEE78FB9 ] C:\Program Files\OO Software\DiskImage\oodishi.dll
20:01:07.0870 0x0d34  C:\Program Files\OO Software\DiskImage\oodishi.dll - ok
20:01:07.0870 0x0d34  [ 2FDBE37B4DFC52EBA8D7C05DDA2F8A3D, 093F1DDA44C8199D4E03025D81AE671EDF169F7741E3BB140AFCB7F13F10B428 ] C:\Program Files\OO Software\DiskImage\oodishrs.dll
20:01:07.0870 0x0d34  C:\Program Files\OO Software\DiskImage\oodishrs.dll - ok
20:01:07.0886 0x0d34  [ A90DC9ABD65DB1A8902F361103029952, 26798758976CE53251AC342B966BE0363AE1794BD965C452F5DEBC33E18969F0 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
20:01:07.0886 0x0d34  C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
20:01:07.0886 0x0d34  [ B837D1528CE2E3CB79F09496BC08DDC6, ACD54CE61CFE94F23DC283537AD8FFBEB3D6041BD30317B60BA7A10FCB240A27 ] C:\Windows\System32\SensApi.dll
20:01:07.0886 0x0d34  C:\Windows\System32\SensApi.dll - ok
20:01:07.0886 0x0d34  [ 037A719DAD50603202C978CD802623E4, BD4C222913D32D7CF5FE0201FEBE7BD67FC39DF47A7A672C2D6C228A6E13B5DE ] C:\Windows\System32\ntshrui.dll
20:01:07.0886 0x0d34  C:\Windows\System32\ntshrui.dll - ok
20:01:07.0886 0x0d34  [ CFF35B879D1618D42C86644C717BA947, 1837275202628D3320867A3BF8CFDA15491730C4B74215F7C0D7E140BF01AC3C ] C:\Windows\SysWOW64\winnsi.dll
20:01:07.0886 0x0d34  C:\Windows\SysWOW64\winnsi.dll - ok
20:01:07.0901 0x0d34  [ 82373BFED2C741677E22DCCB16F29960, 4BA7C61F679B580C9A5AA93B128456E934331E85773C5FEC840F3FE1B511BF44 ] C:\Program Files (x86)\Malwarebytes Anti-Malware\QtCore4.dll
20:01:07.0901 0x0d34  C:\Program Files (x86)\Malwarebytes Anti-Malware\QtCore4.dll - ok
20:01:07.0901 0x0d34  [ 1D63F4366288B8A7595397E27010FD44, 99EA4DDD88D9C4A4CC9B238F533CB4D2C062D46239173997E8594D8A75811A01 ] C:\Windows\System32\IconCodecService.dll
20:01:07.0901 0x0d34  C:\Windows\System32\IconCodecService.dll - ok
20:01:07.0901 0x0d34  [ E7A36DC43B2757BDAD7F1BA934234834, 31FBE30DD502B1873C7429DA4ECC68330C8DC0A405FE7D0CEE20DCF1C561E390 ] C:\Program Files (x86)\Malwarebytes Anti-Malware\msvcp100.dll
20:01:07.0901 0x0d34  C:\Program Files (x86)\Malwarebytes Anti-Malware\msvcp100.dll - ok
20:01:07.0901 0x0d34  [ CF5858509B748FE5CEFE63D29289F7F3, A1C0B1926D88309093DD2953B2A2B956046832FC80AA53623D6EE3C0EF941451 ] C:\Program Files (x86)\Malwarebytes Anti-Malware\msvcr100.dll
20:01:07.0901 0x0d34  C:\Program Files (x86)\Malwarebytes Anti-Malware\msvcr100.dll - ok
20:01:07.0917 0x0d34  [ ED8EC63F7522DF4852147C84EC62C36A, 75633011CD28DCBD4834211A9D415F17DE15BFCD80FB9FF6CE25CBBD4E9899AF ] C:\Windows\SysWOW64\rsaenh.dll
20:01:07.0917 0x0d34  C:\Windows\SysWOW64\rsaenh.dll - ok
20:01:07.0917 0x0d34  [ 49E5753D923F1AC63B22D3DCB0B47E00, 14CEC0BF5F625FF839A8D79B4A6B7C4AC0CBB705FD197C6B7FF8617C6C3E34FE ] C:\Windows\System32\uDWM.dll
20:01:07.0917 0x0d34  C:\Windows\System32\uDWM.dll - ok
20:01:07.0917 0x0d34  [ 5F82D8188B370B0CF185D4AE2B9B4A0E, 549B53DD989A069E1C38347C4CEF5283DF9B428CE102799B06A20D3D8F23825F ] C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
20:01:07.0917 0x0d34  C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe - ok
20:01:07.0917 0x0d34  [ B5DE1455392F8AEA137A79A539536086, C46FFF25412376DEF70EC493B631ACC46605663BD1F7D55E08B1BD79962E5B9E ] C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamcore.dll
20:01:07.0917 0x0d34  C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamcore.dll - ok
20:01:07.0933 0x0d34  [ B40420876B9288E0A1C8CCA8A84E5DC9, 0D3C73B45BC708D7B1E26DFB6D4F64031A998548FEA0FB5CE198ED716F7DC9A0 ] C:\Windows\SysWOW64\dnsapi.dll
20:01:07.0933 0x0d34  C:\Windows\SysWOW64\dnsapi.dll - ok
20:01:07.0933 0x0d34  [ 00000000000000000000000000000000, 0000000000000000000000000000000000000000000000000000000000000000 ] C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
20:01:07.0933 0x0d34  C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe - ok
20:01:07.0933 0x0d34  [ CF33F53BA46E83E231FC1959345CD970, 5CD2138D5FE6D09FD034B6605286400BCD93ADE351763872E9202F9FC72AA120 ] C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlos.dll
20:01:07.0933 0x0d34  C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlos.dll - ok
20:01:07.0948 0x0d34  [ CF6850A72BEB4845A3BFFB3F5E8014B2, ABB2907DB16929D4A12E0551C01DD731762B1A4CFEF36B734734F3ECDD630A38 ] C:\Windows\System32\pdh.dll
20:01:07.0948 0x0d34  C:\Windows\System32\pdh.dll - ok
20:01:07.0948 0x0d34  [ 759B3E957B35C2426B81B81FF62E9AB7, 39FBE71BA545AABCA01E6FCC3D280A85D959B06743F9B77CD85EEE5A8226448E ] C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\opends60.dll
20:01:07.0948 0x0d34  C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\opends60.dll - ok
20:01:07.0948 0x0d34  [ 83398851164292684C34F7FC9A236C2D, 58C6558A72198F69C8207213F691049F7DE6F6889E1ADD0DDD994C7EA08CCE64 ] C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\batchparser.dll
20:01:07.0948 0x0d34  C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\batchparser.dll - ok
20:01:07.0948 0x0d34  [ 3C13F26A4766752314A5413038BD86B4, 9D40DAC4319BC9F4CBC3B172EE54C0A4D39CB511F5ACCFE40449EDEADCE87951 ] C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
20:01:07.0948 0x0d34  C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe - ok
20:01:07.0964 0x0d34  [ 9605659224814BAF5DC0B2C37A70B83C, 83EB764BC2E03AA6E2236FE0EC56AD640C84D1332BD3E2676B2B555860EC0A76 ] C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.dll
20:01:07.0964 0x0d34  C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.dll - ok
20:01:07.0964 0x0d34  [ DDC87AD1AF4B5B26F8F857EC53ADD34F, 6FE317B6E7850B61F627F0350F9E9207CDC6987AC8B08C57266828E2FEF788DE ] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoSweep.exe
20:01:07.0964 0x0d34  C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoSweep.exe - ok
20:01:07.0964 0x0d34  [ 2C0FC2279552FF45EC0D7D9B113F8B92, 55EC21F552E182E9E8F9F575E83195E1B795EB8196CE701AE9C2E098C598BC94 ] C:\Program Files (x86)\Malwarebytes Anti-Malware\QtGui4.dll
20:01:07.0964 0x0d34  C:\Program Files (x86)\Malwarebytes Anti-Malware\QtGui4.dll - ok
20:01:07.0964 0x0d34  [ 37B3E6FB44505F279CDEA507DF79A4EA, F5CC41FC131A7BB91EA3F7339E448BA3180AD1E63FF56E7506AB0A3F690E7947 ] C:\Program Files\NVIDIA Corporation\Display\nvsmartmax64.dll
20:01:07.0964 0x0d34  C:\Program Files\NVIDIA Corporation\Display\nvsmartmax64.dll - ok
20:01:07.0979 0x0d34  [ 9F0E20B14EB06AC47ECEF0E0F4005334, 08C9756C30372EB97E333D674E20A8DDA555E3A5DB53117454BCE48A51BBB7E1 ] C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
20:01:07.0979 0x0d34  C:\Program Files\NVIDIA Corporation\Display\nvtray.exe - ok
20:01:07.0979 0x0d34  [ B443557023E20CD7A4B36132B02653E8, A6B83058BCAC131FF8A5FDF9F78DF14D6FBF3A0A7E2631A396069708F9D8D842 ] C:\Program Files\NVIDIA Corporation\Display\nvuir.dll
20:01:07.0979 0x0d34  C:\Program Files\NVIDIA Corporation\Display\nvuir.dll - ok
20:01:07.0979 0x0d34  [ AAAF7B5CD55363C7F9F8E00C084E9B27, 27B2F6B0184449971B1685101E751889CDEA6999098FC1F9C5DDC7E1911C0926 ] C:\Program Files\Microsoft SQL Server\100\Shared\instapi10.dll
20:01:07.0979 0x0d34  C:\Program Files\Microsoft SQL Server\100\Shared\instapi10.dll - ok
20:01:07.0995 0x0d34  [ 395278D3A1C559D864EAF788587C581C, E20CCE48D031316BBA003179B87A2027ECB8CC760D6D4298F8A7C40E2E22357E ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
20:01:07.0995 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe - ok
20:01:07.0995 0x0d34  [ C085E30D6F03249F28D5D0D65BE2FC36, 5E066B46A5B8E73DAC2515D02B37630D6EEF6FEC70A0D58B0F21E2D23B530AC9 ] C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlboot.dll
20:01:07.0995 0x0d34  C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlboot.dll - ok
20:01:07.0995 0x0d34  [ 34038060FD9ACFF07FFA6C455BB809F5, 0B5B7501449E8708CB66BCE7EC187204E89901F6ED17BA05BB2586C84CDC5C15 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\pskalloc.dll
20:01:07.0995 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\pskalloc.dll - ok
20:01:07.0995 0x0d34  [ 67EC459E42D3081DD8FD34356F7CAFC1, 1221A09484964A6F38AF5E34EE292B9AFEFCCB3DC6E55435FD3AAF7C235D9067 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\msvcr100.dll
20:01:07.0995 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\msvcr100.dll - ok
20:01:08.0011 0x0d34  [ 454B9F0364D41AFA69690BAEBDA01217, A147843A23E6F55B8439120E1A57B65BC0AD316AB998BC3058D91C41C5C5037A ] C:\Program Files (x86)\Malwarebytes Anti-Malware\QtNetwork4.dll
20:01:08.0011 0x0d34  C:\Program Files (x86)\Malwarebytes Anti-Malware\QtNetwork4.dll - ok
20:01:08.0011 0x0d34  [ D0B478464585FA40EBE7E13FD47A5038, 80523E1A8EB50E4214706D9A1941923D44F671BFE9791C47F485DEEFBA8A3A47 ] C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\Resources\1033\sqlevn70.rll
20:01:08.0011 0x0d34  C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\Resources\1033\sqlevn70.rll - ok
20:01:08.0011 0x0d34  [ 1EBE9524683C7C4EED8B8BC93FB6FBCC, 78AF098E270EDE62466557091F14B2D37BDAB488F02E7CC769251FD17C02BA4A ] C:\Windows\SysWOW64\fltLib.dll
20:01:08.0011 0x0d34  C:\Windows\SysWOW64\fltLib.dll - ok
20:01:08.0011 0x0d34  [ 03E9314004F504A14A61C3D364B62F66, A3BA6421991241BEA9C8334B62C3088F8F131AB906C3CC52113945D05016A35F ] C:\Program Files (x86)\Panda Security\Panda Security Protection\msvcp100.dll
20:01:08.0011 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\msvcp100.dll - ok
20:01:08.0026 0x0d34  [ E94C583CDE2348950155F2AF2876F34D, D00C7E0D665E467B712C68A446CC5BE14FDA743A2301878B3CEB72CDD0A8B8E7 ] C:\Windows\SysWOW64\mswsock.dll
20:01:08.0026 0x0d34  C:\Windows\SysWOW64\mswsock.dll - ok
20:01:08.0026 0x0d34  [ EE5C8E27C37B79CB54A2FCEEED2DC262, 0A5E200FD65A491756B951A4A0ED39B88B7B313E97C2BBF3C91AC4C290772BB7 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
20:01:08.0026 0x0d34  C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
20:01:08.0026 0x0d34  [ 36D7D05505951F542922DF4C725CC57D, 74B7C86B75CFAF5121554BD8CC4DD8E496458311070FA43B9B4FB13B4D8C8EAB ] C:\Program Files (x86)\Panda Security\Panda Security Protection\atl100.dll
20:01:08.0026 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\atl100.dll - ok
20:01:08.0042 0x0d34  [ 742FC7886B2F155317723F1D6B045F94, BCB0DC50A64423973694DD35A270C6C9F4BB5A0A0819ECA0287B8BB9458DB137 ] C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
20:01:08.0042 0x0d34  C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe - ok
20:01:08.0042 0x0d34  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] C:\Windows\System32\nlasvc.dll
20:01:08.0042 0x0d34  C:\Windows\System32\nlasvc.dll - ok
20:01:08.0042 0x0d34  [ 2FA1B1E4E56D6E65EC5E47EC57414CFD, D77B7841198B75578B38EE9D41E63287889D48FC027A1384B08626426DCA17CC ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANModLive.dll
20:01:08.0042 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANModLive.dll - ok
20:01:08.0042 0x0d34  [ 3042D9D6D471B6DA6977F2C448E925AE, 6669B43E97952775081CDC27F37140D5A5629A99A233432A52D32F0971ED49FC ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSNCGP.dll
20:01:08.0042 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSNCGP.dll - ok
20:01:08.0057 0x0d34  [ D4FAC263861BAE06971C7F7D0A8EBF15, D494DEF0024288B9CC56EC6B500FF5828144BE9B8E7033340509EC5E68F8DED0 ] C:\Windows\System32\ncsi.dll
20:01:08.0057 0x0d34  C:\Windows\System32\ncsi.dll - ok
20:01:08.0057 0x0d34  [ E3C817F7FE44CC870ECDBCBC3EA36132, D769FAFA2B3232DE9FA7153212BA287F68E745257F1C00FAFB511E7A02DE7ADF ] C:\Program Files (x86)\Panda Security\Panda Devices Agent\msvcp100.dll
20:01:08.0057 0x0d34  C:\Program Files (x86)\Panda Security\Panda Devices Agent\msvcp100.dll - ok
20:01:08.0057 0x0d34  [ 1B3403C42BCD66E5E9727C31223BE8F4, D5A193F7A534F15B0DFB984146FF7F41673DE1BBFB756869E37CF07712A0C69D ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSNCCfgMgr.dll
20:01:08.0057 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSNCCfgMgr.dll - ok
20:01:08.0057 0x0d34  [ BF38660A9125935658CFA3E53FDC7D65, 60C06E0FA4449314DA3A0A87C1A9D9577DF99226F943637E06F61188E5862EFA ] C:\Program Files (x86)\Panda Security\Panda Devices Agent\msvcr100.dll
20:01:08.0057 0x0d34  C:\Program Files (x86)\Panda Security\Panda Devices Agent\msvcr100.dll - ok
20:01:08.0073 0x0d34  [ 92EB62276C73F8C7FD07A3F11E0D1084, 72CAFA11A3FBED85656603460938E69B6E786040C6A2F9A4113A306E845F65B8 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSNCCfgStore.dll
20:01:08.0073 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSNCCfgStore.dll - ok
20:01:08.0073 0x0d34  [ 946010CDFA91469351B22E2620CEBCD8, F099C92706D42ADC289B72724F7932E5D4F62A427AEC967DDB0A1D728AE59A63 ] C:\Windows\System32\drivers\PEAuth.sys
20:01:08.0073 0x0d34  C:\Windows\System32\drivers\PEAuth.sys - ok
20:01:08.0073 0x0d34  [ 9F1719AA6FB37CCEEEE68B88D43AC56F, B14B81333464C41DF8F3F5BA9F2BD101BAEC727B378C8AA0133A49EEAA19DA07 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSNCSA.dll
20:01:08.0073 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSNCSA.dll - ok
20:01:08.0089 0x0d34  [ CAB0E7856EA9AB97E270E53AE0833EA6, E73C77578F6FFD8B4A3E4BD198EE3795C9A65567D8894F14136804393EBA7A61 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
20:01:08.0089 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe - ok
20:01:08.0089 0x0d34  [ BDF078C2371542C603256A75603894E6, 7B72E16E4ADD7279EBF2F11DD15411597350CCF173B2181908783E9D7FBE6E7F ] C:\Program Files (x86)\Panda Security\Panda Devices Agent\Util_ConfigService.dll
20:01:08.0089 0x0d34  C:\Program Files (x86)\Panda Security\Panda Devices Agent\Util_ConfigService.dll - ok
20:01:08.0089 0x0d34  [ 2BBF3FDB70B8965DFA0258CBAB41ECCE, 4EFA41765E46E90C6CBDB0DC1E0CD375D7AB3307C477171EBAA6A16AC32E5211 ] C:\Windows\System32\ssdpapi.dll
20:01:08.0089 0x0d34  C:\Windows\System32\ssdpapi.dll - ok
20:01:08.0089 0x0d34  [ E8A4A36E83707C113AE25230397C9995, B2B1B6C4809AB7E0883D6E713A2051967677B5D67C6BDB505B40743AD632BEF3 ] C:\Program Files (x86)\Panda Security\Panda Devices Agent\Dispatcher.dll
20:01:08.0089 0x0d34  C:\Program Files (x86)\Panda Security\Panda Devices Agent\Dispatcher.dll - ok
20:01:08.0104 0x0d34  [ 218D8119711AD48EC16517698324D4A7, 77AE4A41A1B70F05A0E3AA21BE992E5BC95CCD4A77FC665D23CCE6028BA2BB55 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSNCNotifMgr.dll
20:01:08.0104 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSNCNotifMgr.dll - ok
20:01:08.0104 0x0d34  [ D6C765566C8DAD4567CADC5FCD4A42E7, 017B3596174EA8BD2D373778D3A99C9C10BC2551715D69B71ABA1A024D5BF698 ] C:\Program Files (x86)\Panda Security\Panda Devices Agent\Util_LogService.dll
20:01:08.0104 0x0d34  C:\Program Files (x86)\Panda Security\Panda Devices Agent\Util_LogService.dll - ok
20:01:08.0104 0x0d34  [ A99351607FE64CF112D7284B738E0B6A, 4987489AF1C36EF63C46C78D747D684612012F9684779CCE284A5782AC701CB2 ] C:\Program Files (x86)\Malwarebytes Anti-Malware\imageformats\qgif4.dll
20:01:08.0104 0x0d34  C:\Program Files (x86)\Malwarebytes Anti-Malware\imageformats\qgif4.dll - ok
20:01:08.0104 0x0d34  [ B00DEDFD2E167299EF4FD282DBC30770, 29BECE02C9037491C4E9D0404A19B950B252355058AC4F90A64DF03345E92C06 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANMSrvc.dll
20:01:08.0104 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANMSrvc.dll - ok
20:01:08.0120 0x0d34  [ B906E54845AAFA4DD19245EF45BC9883, AD1CE399CD852E8FAF659D986CCCC58523B5789562DDBD23B8A44ABB4451669A ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSNCIPC.dll
20:01:08.0120 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSNCIPC.dll - ok
20:01:08.0120 0x0d34  [ 31742A2E0AA775CDE9CD6072ED520C2A, B33B45D50590B7E973B81364A88B0418A4EEDB15A59723AD1853A7EA83EC4C18 ] C:\Program Files (x86)\Panda Security\Panda Devices Agent\Plugins\Plugin_Commands.dll
20:01:08.0120 0x0d34  C:\Program Files (x86)\Panda Security\Panda Devices Agent\Plugins\Plugin_Commands.dll - ok
20:01:08.0120 0x0d34  [ 0479EF76763E9913FC17C9FC1D4CCDA9, CD0B16D08B13DCB05FAF25B67A7DDFCA919CFA9248B8E2FF3F711018E580D185 ] C:\Program Files (x86)\Panda Security\Panda Devices Agent\CommsWrapper.dll
20:01:08.0120 0x0d34  C:\Program Files (x86)\Panda Security\Panda Devices Agent\CommsWrapper.dll - ok
20:01:08.0135 0x0d34  [ 5997D769CDB108390DCFAEBF442BF816, 0E25CA984C0EEB629184423FAA9BC6D4356DF9A93F281E06DC83B4AC638AEC4A ] C:\Windows\SysWOW64\RpcRtRemote.dll
20:01:08.0135 0x0d34  C:\Windows\SysWOW64\RpcRtRemote.dll - ok
20:01:08.0135 0x0d34  [ BE54499A08501659C725DA0A56F6131D, 7E8313CA3DE41EF2C698B343766903ACB0883C61DDC8B7C77E38D64D9F873516 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSNCUpdMgr.dll
20:01:08.0135 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSNCUpdMgr.dll - ok
20:01:08.0135 0x0d34  [ 4383754A9280E701EDA9FF5A4155A49E, 17B300A50ABA3CE74542C49930CB36303D89DAFD873532E49ED05B5D06E27E88 ] C:\Program Files (x86)\Panda Security\Panda Devices Agent\Plugins\Plugin_Config.dll
20:01:08.0135 0x0d34  C:\Program Files (x86)\Panda Security\Panda Devices Agent\Plugins\Plugin_Config.dll - ok
20:01:08.0135 0x0d34  [ 48F3F0260EE19BC91C7FFF201C4E01BF, EC6BEF4323E4A5685C5430D4393129F4AFBFF2DC139852CD87679C80CEDC29C2 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANModNotification.dll
20:01:08.0135 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANModNotification.dll - ok
20:01:08.0151 0x0d34  [ C8853FA537A6468CC99E0BFA039A0A30, F246FD3B87EB2B02EF41EBF16E85A469098692E0408FDCD0CBD28387F23FD345 ] C:\Program Files (x86)\Panda Security\Panda Devices Agent\Plugins\Plugin_Diagnosis.dll
20:01:08.0151 0x0d34  C:\Program Files (x86)\Panda Security\Panda Devices Agent\Plugins\Plugin_Diagnosis.dll - ok
20:01:08.0151 0x0d34  [ 518D29068375BC8CFF1D554EF77F9D6D, 36608DEC37F705A5AFC4EAA332147362443EE9FB2DA755AA287EA3EF4C6652D2 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\NdkApi.dll
20:01:08.0151 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\NdkApi.dll - ok
20:01:08.0151 0x0d34  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] C:\Windows\System32\drivers\secdrv.sys
20:01:08.0151 0x0d34  C:\Windows\System32\drivers\secdrv.sys - ok
20:01:08.0151 0x0d34  [ 748D2A1E9718CB6FB9C8DD9030D6C5FE, 34B5CE26099C6F5921EA4C07D43E43DAEA2DE18CA6E40E2AA399575B4F1A5B9E ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANModCfg.dll
20:01:08.0151 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANModCfg.dll - ok
20:01:08.0167 0x0d34  [ 34CC919415EACEDA6B79CB083FBBD781, 4EEED29169E1E867E7F9EE866E091EAFDA4D5904239ED9802329013D496CECDD ] C:\Program Files (x86)\Panda Security\Panda Devices Agent\Util_CompressionService.dll
20:01:08.0167 0x0d34  C:\Program Files (x86)\Panda Security\Panda Devices Agent\Util_CompressionService.dll - ok
20:01:08.0167 0x0d34  [ C298D989D717CB153702E397B6D9AAAD, BF112294E7D241DFADE57A440C560FA66D10D582AA6E6AA7653D0B8A1E9A914D ] C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
20:01:08.0167 0x0d34  C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe - ok
20:01:08.0167 0x0d34  [ 537184E7306E06BB22C5B93D2AFA4DF8, 24603B2F70B33B23FC84AA0B98E0B80EA41F64C2A1FEDCEA364D73A46194BA21 ] C:\Windows\SysWOW64\msxml3.dll
20:01:08.0167 0x0d34  C:\Windows\SysWOW64\msxml3.dll - ok
20:01:08.0182 0x0d34  [ C79B66BF0757AE680F159822556BF2D9, AD536E0A23CCF1D18AD5FB6614B8F6BDCAE336E59CEB0409A186FE420294F0BF ] C:\Program Files (x86)\Panda Security\Panda Devices Agent\Plugins\Plugin_NDKConfig.dll
20:01:08.0182 0x0d34  C:\Program Files (x86)\Panda Security\Panda Devices Agent\Plugins\Plugin_NDKConfig.dll - ok
20:01:08.0182 0x0d34  [ 4CAAF844F4BD1F3D7945BAB98AD500D7, 5284F6B9AA9B865BEABDE68FE1016570CA3BC42B11594F82577E309148DE198D ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSNFiles.dll
20:01:08.0182 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSNFiles.dll - ok
20:01:08.0182 0x0d34  [ 1F339717E75D537D25C9724B3FD259A6, 3D5FCAB7FD3E1CDC6D6A1B47CA6D48FCCC21852EDD7B02F41AAF234EB864F7BC ] C:\Program Files (x86)\Panda Security\Panda Devices Agent\Plugins\Plugin_Notifications.dll
20:01:08.0182 0x0d34  C:\Program Files (x86)\Panda Security\Panda Devices Agent\Plugins\Plugin_Notifications.dll - ok
20:01:08.0198 0x0d34  [ 5E0259057903F2A04AA8D362FF638E3B, 37B88F2438B673CD6C3494D6D4856E997FA85C284909C13DF8FBBF2DC482550D ] C:\Program Files\Microsoft SQL Server\90\Shared\sqlwvss.dll
20:01:08.0198 0x0d34  C:\Program Files\Microsoft SQL Server\90\Shared\sqlwvss.dll - ok
20:01:08.0198 0x0d34  [ D2B47C78A02FE364D9026E4EC3392241, C667191E25AED8A3FEB265C69D61A194EB399789E3AB277220F5DF18D5FE27AB ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSNCrypt.dll
20:01:08.0198 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSNCrypt.dll - ok
20:01:08.0198 0x0d34  [ 6AF0D98BC157F1564A3DE0BE78B76EFA, ECAF99B1FC1A52C4FCC66E7347A4BEF4006EE8B549BF05B5D4DD75DF7A56DE56 ] C:\Program Files (x86)\Panda Security\Panda Devices Agent\Plugins\Plugin_Scheduler.dll
20:01:08.0198 0x0d34  C:\Program Files (x86)\Panda Security\Panda Devices Agent\Plugins\Plugin_Scheduler.dll - ok
20:01:08.0198 0x0d34  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] C:\Windows\System32\drivers\srvnet.sys
20:01:08.0198 0x0d34  C:\Windows\System32\drivers\srvnet.sys - ok
20:01:08.0213 0x0d34  [ 7AADD4DFD9B0A1BF781666D75F686613, 116F44513D9C28FA26DDBD95098D12121865A3544235CFE891B7A46D9C0D04B1 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAUtils.dll
20:01:08.0213 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAUtils.dll - ok
20:01:08.0213 0x0d34  [ E4C45DDC32A7B909F05E5419CC758D3F, D1EA4C6935325481949C01D6A464CDB79E9F97982A0CE1CB0E616D0D2A3474B0 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSNXml.dll
20:01:08.0213 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSNXml.dll - ok
20:01:08.0213 0x0d34  [ AD7320A9F483718C7F7869B417D96CB5, 0E9AE20528BDFB043874B9703FB4C8572879C01B8576BE9774ED0B0532E0806B ] C:\Program Files (x86)\Panda Security\Panda Devices Agent\Plugins\Plugin_Status.dll
20:01:08.0213 0x0d34  C:\Program Files (x86)\Panda Security\Panda Devices Agent\Plugins\Plugin_Status.dll - ok
20:01:08.0213 0x0d34  [ 919001D2BB17DF06CA3F8AC16AD039F6, 5169ACFBE9E9D4C4012773ECDD28231C952675EF0C272A40F226E7B5D671B18B ] C:\Windows\SysWOW64\sxs.dll
20:01:08.0213 0x0d34  C:\Windows\SysWOW64\sxs.dll - ok
20:01:08.0229 0x0d34  [ 15D267A4C8F920871011AA0FB166D3BB, 9F359382D7D3AEDACB21E8F9F4DB0B19476E7B92E07C5F6C164EB2440716E014 ] C:\Program Files (x86)\Panda Security\Panda Devices Agent\Util_SystemInfoService.dll
20:01:08.0229 0x0d34  C:\Program Files (x86)\Panda Security\Panda Devices Agent\Util_SystemInfoService.dll - ok
20:01:08.0229 0x0d34  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] C:\Windows\System32\ssdpsrv.dll
20:01:08.0229 0x0d34  C:\Windows\System32\ssdpsrv.dll - ok
20:01:08.0229 0x0d34  [ B2F4C8D79130A3A0B9BD508065C12179, 7BEBCBA6E2A148307C80FD5650E5793B1C3E19FB5A77FA00B4AF728226972ADD ] C:\Program Files (x86)\Panda Security\Panda Devices Agent\Plugins\Plugin_WorkItems.dll
20:01:08.0229 0x0d34  C:\Program Files (x86)\Panda Security\Panda Devices Agent\Plugins\Plugin_WorkItems.dll - ok
20:01:08.0229 0x0d34  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] C:\Windows\System32\wiaservc.dll
20:01:08.0229 0x0d34  C:\Windows\System32\wiaservc.dll - ok
20:01:08.0245 0x0d34  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] C:\Windows\System32\drivers\tcpipreg.sys
20:01:08.0245 0x0d34  C:\Windows\System32\drivers\tcpipreg.sys - ok
20:01:08.0245 0x0d34  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] C:\Windows\System32\swprv.dll
20:01:08.0245 0x0d34  C:\Windows\System32\swprv.dll - ok
20:01:08.0245 0x0d34  [ 81126D1E395751578E2A18986110F44B, 294B16F8B881F69E744E3A1F041BD8761951A713DEE1B49B84F36C3BB32A502E ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANModScheduler.dll
20:01:08.0245 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANModScheduler.dll - ok
20:01:08.0245 0x0d34  [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5, BDA403E6CACC249C467671FB1FAF7B77FB019326BC18F9F6CF377104520E2654 ] C:\Windows\System32\wiatrace.dll
20:01:08.0245 0x0d34  C:\Windows\System32\wiatrace.dll - ok
20:01:08.0260 0x0d34  [ 9CD6D52566042FD01ECB279F7AEB237E, EDF8813EFE0692849AA695C4CA15552F529F29747F2231B45AA9FF90BECB53CA ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAConfigMgr.dll
20:01:08.0260 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAConfigMgr.dll - ok
20:01:08.0260 0x0d34  [ BBB44E9207E7F5A8D931AA6C74962C77, 87AA8452B9E05E4108B73FC5CFECED2326E7404313F7A4456CAF44438577C70E ] C:\Windows\System32\virtdisk.dll
20:01:08.0260 0x0d34  C:\Windows\System32\virtdisk.dll - ok
20:01:08.0260 0x0d34  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] C:\Windows\System32\trkwks.dll
20:01:08.0260 0x0d34  C:\Windows\System32\trkwks.dll - ok
20:01:08.0260 0x0d34  [ B41908E0ACAFCD526447AF5DD7B5E68F, B30821A2AB4CA3EF5F94AA30EF9C3BCC1DD7177C8A96F24DD6026B27EC4E8040 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANModBLA.dll
20:01:08.0260 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANModBLA.dll - ok
20:01:08.0276 0x0d34  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] C:\Windows\System32\wbem\WMIsvc.dll
20:01:08.0276 0x0d34  C:\Windows\System32\wbem\WMIsvc.dll - ok
20:01:08.0276 0x0d34  [ 228EB3A7FB28E427D7FBA44267E13872, E4BC3384778FCE41873AF03E6C02C02E57F2A132A403CA1846E63F7D157338BA ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAADiag.dll
20:01:08.0276 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAADiag.dll - ok
20:01:08.0276 0x0d34  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] C:\Windows\System32\drivers\srv2.sys
20:01:08.0276 0x0d34  C:\Windows\System32\drivers\srv2.sys - ok
20:01:08.0291 0x0d34  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] C:\Windows\System32\wpdbusenum.dll
20:01:08.0291 0x0d34  C:\Windows\System32\wpdbusenum.dll - ok
20:01:08.0291 0x0d34  [ F3D202F53A222D5F6944D459B73CF967, E9F1D48EB333D32331BCFD0348FE07BEE7D5352292E6020571DA395F596AFFE7 ] C:\Windows\System32\fltLib.dll
20:01:08.0291 0x0d34  C:\Windows\System32\fltLib.dll - ok
20:01:08.0291 0x0d34  [ 7E236CC26FF0C2513819FA453E2C5371, 45D3C83D60503A1D1F63398B2C8B7802C04B4E423A20F97FD15AECC994FB808F ] C:\Windows\System32\icaapi.dll
20:01:08.0291 0x0d34  C:\Windows\System32\icaapi.dll - ok
20:01:08.0291 0x0d34  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] C:\Windows\System32\drivers\srv.sys
20:01:08.0291 0x0d34  C:\Windows\System32\drivers\srv.sys - ok
20:01:08.0307 0x0d34  [ 65E3CE33C5FB766171376F84A2764214, 722AED965429D70D631D1519C95C253765024D1C6595B71DCF7CA37E3B1C708E ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANModRep.dll
20:01:08.0307 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANModRep.dll - ok
20:01:08.0307 0x0d34  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] C:\Windows\System32\srvsvc.dll
20:01:08.0307 0x0d34  C:\Windows\System32\srvsvc.dll - ok
20:01:08.0307 0x0d34  [ 1CCE8E88654E3952859085752F67B3CA, BE7BEF9C8928642F8CA815E79328DDD62F85C5FB0AD48B0297323DD360AB5970 ] C:\Program Files\OO Software\CleverCache\ooccag.exe
20:01:08.0307 0x0d34  C:\Program Files\OO Software\CleverCache\ooccag.exe - ok
20:01:08.0307 0x0d34  [ 032AF37DE5C63CF264B779527C00DE5D, 7DC53D0CCCBD73F41B64D1E7447710271FC11B65DFBFE263329B85C847B91893 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSNEvts.dll
20:01:08.0307 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSNEvts.dll - ok
20:01:08.0323 0x0d34  [ 374DC1DF9D869988C3DECE26ED557865, CF41B06E4AAFCCB17C359B73C6C7B3AE3F807A7C435C8BF6A0E0693E1C1F62C7 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAServiceManager.dll
20:01:08.0323 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAServiceManager.dll - ok
20:01:08.0323 0x0d34  [ 8A07A4CDFE1CBB93BCA23E222CB8DBDC, 033211178BE96B392F99E56B136BB4C0121CA06D6A0ABD3A70351EFE12FC4117 ] C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoCare.exe
20:01:08.0323 0x0d34  C:\Program Files (x86)\IObit\Advanced SystemCare 8\AutoCare.exe - ok
20:01:08.0323 0x0d34  [ E64D9EC8018C55873B40FDEE9DBEF5B3, 2DB11E7C631A9887CB75AFEAD2C79EC65F82C51F5F073CEFC8CDDF664EFF29C1 ] C:\Windows\System32\PortableDeviceApi.dll
20:01:08.0323 0x0d34  C:\Windows\System32\PortableDeviceApi.dll - ok
20:01:08.0338 0x0d34  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] C:\Windows\System32\browser.dll
20:01:08.0338 0x0d34  C:\Windows\System32\browser.dll - ok
20:01:08.0338 0x0d34  [ 012787CEB35505EB78DF82E0A0072888, FE082EF9F8462589F8C8BEEFB1D10AB06E1E3D6F4494CABF34097328C109C03E ] C:\Windows\System32\browcli.dll
20:01:08.0338 0x0d34  C:\Windows\System32\browcli.dll - ok
20:01:08.0338 0x0d34  [ AFA79C343F9D1555F7E5D5FA70BB2A14, 440EF3ADC1F5C7A5ED3E872C8D8DFA61B039454C3CA67F8A51CA8BDCFDC4BA4A ] C:\Windows\System32\PortableDeviceConnectApi.dll
20:01:08.0338 0x0d34  C:\Windows\System32\PortableDeviceConnectApi.dll - ok
20:01:08.0338 0x0d34  [ 978ECD0FC49E70EC3008A221750B2387, CFB2A7DF0F184E2D8AF39BA253D55A0759051F5E1B2912CE9BCDC2560AD4F48B ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANModAV.dll
20:01:08.0338 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANModAV.dll - ok
20:01:08.0354 0x0d34  [ CFEFA40DDE34659BE5211966EAD86437, AC0A3AD8AA47012C40785013E2273FC571F416BC9C9FFDA418FE72B3123C1FB0 ] C:\Windows\System32\netmsg.dll
20:01:08.0354 0x0d34  C:\Windows\System32\netmsg.dll - ok
20:01:08.0354 0x0d34  [ 07204A14FB217E486F6F2038A7F8446F, CA13ECE5271E3A345691D9BD1BA5347751BA2595129EBB793DD0FEE68E31A798 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAAction.dll
20:01:08.0354 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAAction.dll - ok
20:01:08.0354 0x0d34  [ A08C010D859F8EB42BDD7E1D55B8CA27, F86EAFBF7AA41D8425156C07398EDC3BD42F1690BD3E15D27AEF2EDA86549F15 ] C:\Windows\System32\mscoree.dll
20:01:08.0354 0x0d34  C:\Windows\System32\mscoree.dll - ok
20:01:08.0354 0x0d34  [ CA9F7888B524D8100B977C81F44C3234, 57F3353F89724147D8AC8B69B12C1303DF26978309776F5F8CCF074526A915D3 ] C:\Windows\SysWOW64\winhttp.dll
20:01:08.0354 0x0d34  C:\Windows\SysWOW64\winhttp.dll - ok
20:01:08.0369 0x0d34  [ 0255C22D99602534F15CBB8D9B6F152F, 43CD89D6CA56E0B633142F7C86DA9E072EE0723B5EBC4CE8CCBCA58C396ECF54 ] C:\Windows\System32\wbem\WinMgmtR.dll
20:01:08.0369 0x0d34  C:\Windows\System32\wbem\WinMgmtR.dll - ok
20:01:08.0369 0x0d34  [ DE5301089BE9462254820FF473DC8B2B, 8FE3A688E9B6B9ED678B3747C239BFD7324D0DA5B1D865376440186186D06DCF ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANLiveMan.dll
20:01:08.0369 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANLiveMan.dll - ok
20:01:08.0369 0x0d34  [ D44067027714CC58B8AB0AC38FDA1A0B, 56E96A58B5A53A68485F8D2F7BA286F2B174AB910BD45145258D48251F489F02 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
20:01:08.0369 0x0d34  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
20:01:08.0369 0x0d34  [ FB19FC5951A88F3C523E35C2C98D23C0, FF0DB8BF0C68DA0D09272E8181D2B5409C8850BB2F31AEA3AC4CD14C5A420A59 ] C:\Windows\SysWOW64\webio.dll
20:01:08.0369 0x0d34  C:\Windows\SysWOW64\webio.dll - ok
20:01:08.0385 0x0d34  [ FF80CAD87555E8E4D2CFD7B9058343F8, 07653773FBEC1996408B8507B08E0E1E812830063F932F897F4B39EE63DDCDC4 ] C:\Windows\System32\sscore.dll
20:01:08.0385 0x0d34  C:\Windows\System32\sscore.dll - ok
20:01:08.0385 0x0d34  [ 9387886D752A5E40841B9144A28FB685, 54D87F437E348D6A2721B7FEDAC042BB8815852946A04DA9500AF14BB959658E ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANPlugAvCatalogAnalysis.dll
20:01:08.0385 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANPlugAvCatalogAnalysis.dll - ok
20:01:08.0385 0x0d34  [ 011F0B067E47612F57C4ECE377D9C9DF, 69FA7230B889DA09CD4DDA0D38CA1D418E48605535D7E1125050F0B89919DFBE ] C:\Windows\System32\activeds.dll
20:01:08.0385 0x0d34  C:\Windows\System32\activeds.dll - ok
20:01:08.0401 0x0d34  [ 526B4CFEDF99CCAF3C17C2D6203B0C99, B3DF70218AF84CC689EF510C2829E6CF2293783C6AA066B46159126D447AE7E7 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANModADM.dll
20:01:08.0401 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANModADM.dll - ok
20:01:08.0401 0x0d34  [ 81749E073AC5857B044A686B406E5244, 3884EE705CA34235B29942FEDA8FEA654A21139B8C2A1D5E009C7D07D6E6ADF1 ] C:\Windows\System32\clusapi.dll
20:01:08.0401 0x0d34  C:\Windows\System32\clusapi.dll - ok
20:01:08.0401 0x0d34  [ 05F620B4B2E7DEB9409C0C6A4FEDD2A4, 19C5EBCE5F4B574402F0F4802C93824B0763DD2C972E146E26B85C0960A05185 ] C:\Windows\System32\adsldpc.dll
20:01:08.0401 0x0d34  C:\Windows\System32\adsldpc.dll - ok
20:01:08.0401 0x0d34  [ CB4521C9AC5307C2FBF49FC19A423752, 6721A22590A6578D522B07188256B7EFDC8F95595F8EE8AA559C1B0AC148B2BC ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAWatchdog.dll
20:01:08.0401 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAWatchdog.dll - ok
20:01:08.0416 0x0d34  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] C:\Windows\System32\upnphost.dll
20:01:08.0416 0x0d34  C:\Windows\System32\upnphost.dll - ok
20:01:08.0416 0x0d34  [ 498276D1BAD0CD34145855C8D694EE3E, 0A4FDFC3E3F99470864A0239C40F5A363A609E42B86E9195B81B9CDD4FA12EF6 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAInfo.dll
20:01:08.0416 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAInfo.dll - ok
20:01:08.0416 0x0d34  [ 344FCC9850C3A8A3B4D3C65151AF8E4C, C38853454E153B1AB4AEAE1AAFB7CB4B2E6234208CF24C09F3B2AFE25E271C5C ] C:\Windows\System32\resutils.dll
20:01:08.0416 0x0d34  C:\Windows\System32\resutils.dll - ok
20:01:08.0416 0x0d34  [ BE613AE033169D4B5F65F989A2627F1C, 3563ED1A84B62A14B3DAF6AB96ADBFAAE255E5769601B77561B68CED3CBF8F73 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\NdkApi.Analysis.dll
20:01:08.0416 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\NdkApi.Analysis.dll - ok
20:01:08.0432 0x0d34  [ 5EB55F661DEBF156E126160BCD4D89F8, 948D1F627AA55D55FB3B558BA61B8366C5481A6041820631F24408F75EA5D2CC ] C:\Windows\System32\wbem\wbemcore.dll
20:01:08.0432 0x0d34  C:\Windows\System32\wbem\wbemcore.dll - ok
20:01:08.0432 0x0d34  [ A401F65EB278A5EFDBFFCC3627EEEF8A, 2A67067A05E2B2BE91517F377C54956AAB7CDAAFBC1E139C09B149A42478EC6A ] C:\Program Files (x86)\Panda Security\Panda Security Protection\NdkApi.Common.dll
20:01:08.0432 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\NdkApi.Common.dll - ok
20:01:08.0432 0x0d34  [ 599C0EBD79BCAD60A5EE963E99EC4C30, 89FCCB68AECEF6011385F306D79D9F26DE535873174D7D58B851FEAA1AFF9E83 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANModProactive.dll
20:01:08.0432 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANModProactive.dll - ok
20:01:08.0432 0x0d34  [ 087D8668C71634A3A3761135ABF16EEE, B7348A63299CFF4FFBF375E645A4850AE0F108D48D13AB25434CFAE7CF3D61FD ] C:\Windows\System32\wbem\esscli.dll
20:01:08.0432 0x0d34  C:\Windows\System32\wbem\esscli.dll - ok
20:01:08.0447 0x0d34  [ E89F5071C2A51785A8E504483BFF0539, 0469360BD615A00A91B9948AA1C1C8196635D087F6B042A8F3D4B0DC1E967C7A ] C:\Program Files (x86)\Panda Security\Panda Security Protection\NdkApi.Communication.dll
20:01:08.0447 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\NdkApi.Communication.dll - ok
20:01:08.0447 0x0d34  [ 430E1BFD382D42E4169004F83F59DB3C, 9582BC38227F4C2677BC666E7570776A87DA0EBA2605EFE5994FB16A3A949C01 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\NdkApi.Configuration.dll
20:01:08.0447 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\NdkApi.Configuration.dll - ok
20:01:08.0447 0x0d34  [ 718B6F51AB7F6FE2988A36868F9AD3AB, 76141B4E94C2766E2C34CEF523092948771A7893212EFADBE88D2171B85FF012 ] C:\Windows\System32\wbem\wbemsvc.dll
20:01:08.0447 0x0d34  C:\Windows\System32\wbem\wbemsvc.dll - ok
20:01:08.0447 0x0d34  [ 7A6986DD659B96398A11AF5173892715, FB7818952B9015F433418E7DC656A2C20CD682056AB981A55C1722020142D578 ] C:\Windows\SysWOW64\cabinet.dll
20:01:08.0447 0x0d34  C:\Windows\SysWOW64\cabinet.dll - ok
20:01:08.0463 0x0d34  [ 35DD6CAFFA527CDE0C15716AC23C54CD, 7D31897D22BDC5F9B5E43BACCC017D67C3AA55BD804825CF17B79B60787BE9EF ] C:\Program Files (x86)\Panda Security\Panda Security Protection\NdkApi.License.dll
20:01:08.0463 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\NdkApi.License.dll - ok
20:01:08.0463 0x0d34  [ 7D1679830641D571FA5276BE1C378296, B7B17CF100F3455DC039D1FF939F9C67F63152AED3D16884A76A5AEF9E187980 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\putsig.dll
20:01:08.0463 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\putsig.dll - ok
20:01:08.0463 0x0d34  [ ECC2E6FD153B12004750DD6E0B70856D, B973A5EAA0368F3845DC637EB4123CBA7EC85921E25CD616F18AD0175D7297FB ] C:\Program Files (x86)\Panda Security\Panda Security Protection\NdkApi.Network.dll
20:01:08.0463 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\NdkApi.Network.dll - ok
20:01:08.0479 0x0d34  [ 0F5B1F6A5B98E93120473980A25C30DB, AFA25651D0E307CD47D3F2698287501682149586DFE77E33FA1E96EFECB97F38 ] C:\Program Files (x86)\IObit\Advanced SystemCare 8\Scan.dll
20:01:08.0479 0x0d34  C:\Program Files (x86)\IObit\Advanced SystemCare 8\Scan.dll - ok
20:01:08.0479 0x0d34  [ 0143DB80DACFB7C2B5B7009ED9063353, 252885CF7C1BAB89B86908373546E5F5D674BEF7AACBDDCF321AD877CB9150A9 ] C:\Windows\System32\wbem\wmiutils.dll
20:01:08.0479 0x0d34  C:\Windows\System32\wbem\wmiutils.dll - ok
20:01:08.0479 0x0d34  [ FC8152F2F70E764A10744D4B4ED5F1B2, 0F99A96CF1FB74E76168FBE74DD10920252532C234B40013C02AC22491249062 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\NdkApi.Notification.dll
20:01:08.0479 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\NdkApi.Notification.dll - ok
20:01:08.0479 0x0d34  [ AC2F1C5D15B0281D70835E55F9F01DA2, 20EFA0A311173E515EF4A5F1B90C94EF460D80737697C72C45677A9AA17EEFA8 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\NdkApi.Prl.dll
20:01:08.0479 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\NdkApi.Prl.dll - ok
20:01:08.0494 0x0d34  [ DF33F4ECCAFCAB45F2348ED82BD0BB37, 6384C301B64EE6B7CA673564EB83F64744B3E88E22AB58B93DE17FAE9BC6AA6F ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANModShield.dll
20:01:08.0494 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANModShield.dll - ok
20:01:08.0494 0x0d34  [ 0AB34456654C283DAA13B8D2BA21439B, 4B70FC5195DE39564E951C8542020BA3D4257E3D4488F69825F67A6099CB7549 ] C:\Windows\System32\wbem\repdrvfs.dll
20:01:08.0494 0x0d34  C:\Windows\System32\wbem\repdrvfs.dll - ok
20:01:08.0494 0x0d34  [ 10195A15131B234E7FDD959BF7D00A98, E6306056446AE91B165DEB6C3A857EA7979A73E2AD766657C51B181910799990 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\NdkApi.Quarantine.dll
20:01:08.0494 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\NdkApi.Quarantine.dll - ok
20:01:08.0494 0x0d34  [ 36360848CFD4E2459AC4700483E46F55, 0FF809BBEDA936C87A872AC959F4F2F806FB7BEF176C9B4E4753743998689104 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANModCtrlCfg.dll
20:01:08.0494 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANModCtrlCfg.dll - ok
20:01:08.0510 0x0d34  [ EB824762B4071297FFFF36A21AAA6D42, 23E95A9B31EAAA9BC72155E0E5FA757E85D406687F391A649C3398D942E52575 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\NdkApi.Reports.dll
20:01:08.0510 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\NdkApi.Reports.dll - ok
20:01:08.0510 0x0d34  [ 663A53BD69FCB6C37E9B11AC5D08CA82, 1110E7813C225610887662401DB4F8D3D215A9432385FB9BD51BA76F660ABF02 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\NdkApi.Service.Control.dll
20:01:08.0510 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\NdkApi.Service.Control.dll - ok
20:01:08.0510 0x0d34  [ 58B37090E4D730D8E6CB4EBAD4BF8577, 55014EEE8077BE333875DD0484DF51D7291389CDC4F41BDB2F32C7361DE9AEB5 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\NdkApi.Service.Info.dll
20:01:08.0510 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\NdkApi.Service.Info.dll - ok
20:01:08.0525 0x0d34  [ 22A94FD69CE940FE25208FDC1C3819FA, A32E6471F6206808EA400D39C0C255B2A874E3BE92C4B13C75F8A71EAE90965D ] C:\Program Files (x86)\IObit\Advanced SystemCare 8\OFCommon.dll
20:01:08.0525 0x0d34  C:\Program Files (x86)\IObit\Advanced SystemCare 8\OFCommon.dll - ok
20:01:08.0525 0x0d34  [ B399E7C5CF27344AAEF47728A20BFAB4, DAB4471B6407E2D67BBD80A65DF3FB55B7B86ACA7FB9E88C8667B85D242DC683 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\NdkApi.TuneUp.dll
20:01:08.0525 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\NdkApi.TuneUp.dll - ok
20:01:08.0525 0x0d34  [ 02978225A324B0C1FA1093727EE8BE21, FB33D29E76FBD87B012DA04096799E08DBAC0B47DB901EC9AA6C01108B8BB025 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\NdkApi.Update.dll
20:01:08.0525 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\NdkApi.Update.dll - ok
20:01:08.0525 0x0d34  [ 1E6E4768D1C52D4146B624AD42C4239B, 25774B298FFF59428C859B7E9CCD88DB6A9228F48DF5D57EE5D0DD1A6CD5214D ] C:\Program Files (x86)\Panda Security\Panda Security Protection\NdkApi.UsbVaccine.dll
20:01:08.0525 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\NdkApi.UsbVaccine.dll - ok
20:01:08.0541 0x0d34  [ 4FB909DB8F1709D4B5F19A3647FAA603, D891F7CA0AD269B7293F0BB341EA5BDEADC7A7B325BAE0DAFD2655EEFD1E5632 ] C:\Program Files (x86)\Panda Security\Panda Devices Agent\Util_NDKService.dll
20:01:08.0541 0x0d34  C:\Program Files (x86)\Panda Security\Panda Devices Agent\Util_NDKService.dll - ok
20:01:08.0541 0x0d34  [ 839F96DBAAFD3353E0B248A5E0BD2A51, 11DA5AD3EA5FF4766C12B99FB520B3CBE08581ECAF1A2FD1DC5AC835CA78FAC2 ] C:\Windows\SysWOW64\rasapi32.dll
20:01:08.0541 0x0d34  C:\Windows\SysWOW64\rasapi32.dll - ok
20:01:08.0541 0x0d34  [ 331BD7687CA07D5726862D386DAE939A, 2E470E906D13314A052A1DC3C2EBAF8D5E23571F36464E97993D4762EF439094 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUNConfigStore.dll
20:01:08.0541 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUNConfigStore.dll - ok
20:01:08.0541 0x0d34  [ DDD0357A92FA843EFF8915ED17253D6C, 0C78B1D41F0A7821186ADF653504F2BFF067CB512CB0E932047C301378BBADB6 ] C:\Windows\System32\wbem\WmiPrvSD.dll
20:01:08.0541 0x0d34  C:\Windows\System32\wbem\WmiPrvSD.dll - ok
20:01:08.0557 0x0d34  [ C5B0324DB461559ADD070E632A6919FA, AB09CACB5B7DD372B27921A5E01220552A611CECA27EF87961001FA467FDED45 ] C:\Windows\SysWOW64\wbem\wbemprox.dll
20:01:08.0557 0x0d34  C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
20:01:08.0557 0x0d34  [ FFA7172354B9256DBB2CDD75F16F33FE, 85B2F014C67C2E52540F17D561793C6633C9E98F12639CCD3854EB1EC34DD035 ] C:\Windows\SysWOW64\rasman.dll
20:01:08.0557 0x0d34  C:\Windows\SysWOW64\rasman.dll - ok


20:01:08.0557 0x0d34  [ D41FEBD098234F02485A4EA98D4730A4, 462DC8168C444F35B43BA3B8F7D77734665D84F1C6D25CAD7391C0145961628F ] C:\Windows\System32\ncobjapi.dll
20:01:08.0557 0x0d34  C:\Windows\System32\ncobjapi.dll - ok
20:01:08.0572 0x0d34  [ 0ECA2C7A2EDFAB1B6085D0BE94AA3051, A81755D8EBD47DD3874587FA4D76011E73E863767A972C2D6E4C249B487FD61C ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSNCSysInfo.dll
20:01:08.0572 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSNCSysInfo.dll - ok
20:01:08.0572 0x0d34  [ 704314FD398C81D5F342CAA5DF7B7F21, CDA660E1E8AAE0789780B6B9604B138E67B2BDD1404A5E4C2354B35879D43085 ] C:\Windows\SysWOW64\wbemcomn.dll
20:01:08.0572 0x0d34  C:\Windows\SysWOW64\wbemcomn.dll - ok
20:01:08.0572 0x0d34  [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159, ACE7F85685EB92FC3AB4215122B0469E32F23B196C49F08CDA7791D3122C45DC ] C:\Windows\SysWOW64\rtutils.dll
20:01:08.0572 0x0d34  C:\Windows\SysWOW64\rtutils.dll - ok
20:01:08.0572 0x0d34  [ 6F40D6FB05E0C1E5402812B426971AF0, E41F138F0F2DB057F8DBB1587237C6FA8A2059B3D64EC894D1DC492A18DBBDED ] C:\Windows\System32\wbem\wbemess.dll
20:01:08.0572 0x0d34  C:\Windows\System32\wbem\wbemess.dll - ok
20:01:08.0588 0x0d34  [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9, E18D66455D00A6D2A2D7CC0833C233FE8A6DD910B59D6B5B5F82EF91450858DF ] C:\Windows\SysWOW64\sfc.dll
20:01:08.0588 0x0d34  C:\Windows\SysWOW64\sfc.dll - ok
20:01:08.0588 0x0d34  [ 84799328D87B3091A3BDD251E1AD31F9, F85521215924388830DBB13580688DB70B46AF4C7D82D549D09086438F8D237B ] C:\Windows\SysWOW64\sfc_os.dll
20:01:08.0588 0x0d34  C:\Windows\SysWOW64\sfc_os.dll - ok
20:01:08.0588 0x0d34  [ 776AE0564F8B1C282E331FD95A1BDC5F, 601CFCA3922FFEA46A54AD323845A76A12FC6AF9FF64E9B0AE294FBB1AFCF4CB ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
20:01:08.0588 0x0d34  C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
20:01:08.0588 0x0d34  [ 6F8E3B7B70E1BBA871212940C1FBDF60, 3F9D4EE64E4210340C6FEE0DE81BFE3C613DDBE608EC09D63817D24CE24BFC5E ] C:\Windows\SysWOW64\SensApi.dll
20:01:08.0588 0x0d34  C:\Windows\SysWOW64\SensApi.dll - ok
20:01:08.0603 0x0d34  [ 0BA65122FFA7E37564EE86422DBF7AE8, 3A37FC503D3228D021473AECA285427382518CC36C197E4C9912745BDF3AB757 ] C:\Windows\SysWOW64\nlaapi.dll
20:01:08.0603 0x0d34  C:\Windows\SysWOW64\nlaapi.dll - ok
20:01:08.0603 0x0d34  [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A, 61B4D669C692775EF361445293163E84FAD8636AC49C8047BE806DB4E4093291 ] C:\Windows\SysWOW64\wbem\fastprox.dll
20:01:08.0603 0x0d34  C:\Windows\SysWOW64\wbem\fastprox.dll - ok
20:01:08.0603 0x0d34  [ B3D239069EC455DF04CB95F926DBD329, 42B926D6D1B8626C85EE6FF998362D36085DA3C7065777BDFAB41D8434A8A4F3 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANModRol.dll
20:01:08.0603 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANModRol.dll - ok
20:01:08.0603 0x0d34  [ E3E811471DE781900FF21C1FD84E941E, 2A47FF52D1D6480AAD1919382E783EA184BF926311F8C7E466FEBE9F6FB88FD6 ] C:\Windows\SysWOW64\ntdsapi.dll
20:01:08.0603 0x0d34  C:\Windows\SysWOW64\ntdsapi.dll - ok
20:01:08.0619 0x0d34  [ ED6EE83D61EBC683C2CD8E899EA6FEBE, F82592908D038C44D9F2E5C5B7BC663A2D370FC565F40420E1138A9E55F0E7EB ] C:\Windows\SysWOW64\rasadhlp.dll
20:01:08.0619 0x0d34  C:\Windows\SysWOW64\rasadhlp.dll - ok
20:01:08.0619 0x0d34  [ 73E8667A19FEEDD856DF2695E9E511D4, 68D66C36D1F293D10ADCC6A33C870F989A29743537592CF172F02E794BEAFD1C ] C:\Windows\SysWOW64\wship6.dll
20:01:08.0619 0x0d34  C:\Windows\SysWOW64\wship6.dll - ok
20:01:08.0619 0x0d34  [ E33E9696EF476CE1F5D874CF6F37F354, D9EBE104FFED59A21A9B58543C1C5D9BA64BA7A27E3968581623CF18FFE821CF ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANModStats.dll
20:01:08.0619 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANModStats.dll - ok
20:01:08.0619 0x0d34  [ 9A0123A3CEE37028272D699E7DC2BB01, 92B5DA17FB843FB0F047964E2C83E08CF8D7997CE5E4E30F9E9F431F19EA9845 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\psksrf.dll
20:01:08.0619 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\psksrf.dll - ok
20:01:08.0635 0x0d34  [ D9DC2D35A337B71B65A99314B78426DB, 8E7AD1BB46A683583550C66686B47B2960F494A7F44BB9E412AA07A8A090855F ] C:\Program Files (x86)\Panda Security\Panda Security Protection\pknplg.dll
20:01:08.0635 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\pknplg.dll - ok
20:01:08.0635 0x0d34  [ A094D10749135074CE8A861B2C49A65B, C72E5F981D32C36964D55A86AF84E1567FD7E108384DB9B4209CE45821671E81 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\pskutil.dll
20:01:08.0635 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\pskutil.dll - ok
20:01:08.0635 0x0d34  [ 0906114F1F112EACA576575267FC2107, AFA8A69A1211C793FB20F870E517C386373DDAD234C751E85FE97776AEB854C2 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\pskxml.dll
20:01:08.0635 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\pskxml.dll - ok
20:01:08.0650 0x0d34  [ 0D893F8D145D3B125B0226727C243A69, B344A18C5D5324A891B6E2121EC375AFB9E83D4C59D64EDD2E63854ABEC5D734 ] C:\Windows\System32\security.dll
20:01:08.0650 0x0d34  C:\Windows\System32\security.dll - ok
20:01:08.0650 0x0d34  [ 5E1332F27FC6B5BB150A150FE1AEF2F7, 244720A8628C7487A7E144B597E98FB445B6D7A8E9D6CA716FB3DE914F2CFDE8 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSNMuid.dll
20:01:08.0650 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSNMuid.dll - ok
20:01:08.0650 0x0d34  [ 343E0FE2A5308EEE0087BA8C194E4F2A, BF8F8302B5419F68F37C7C99E91E5F678CF75EFBB602D5099523F05FC48C8632 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PKNComms.dll
20:01:08.0650 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PKNComms.dll - ok
20:01:08.0650 0x0d34  [ 0AC38C3B554DF472D228E0DBEABFD5DF, 1879DB1613C6D2848A59B977C2F05D79BA31CC23FA9B5438DAF324F2BDB452B5 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\pskcrypt.dll
20:01:08.0650 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\pskcrypt.dll - ok
20:01:08.0666 0x0d34  [ 1CA2F9D89F3DA3D2C89848D5D09F71DE, 472A1EA4A167001A41D35E3028190857B1A95BF9338F9A49582D47BF21A7513C ] C:\Program Files (x86)\Panda Security\Panda Security Protection\pskfcmp.dll
20:01:08.0666 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\pskfcmp.dll - ok
20:01:08.0666 0x0d34  [ F11A57E91FDAECFB41A5CB21EB1EBC8E, 904DA963F2274ADF521660E3131DAC781E59C6FAEB393E57802A3B5638C09283 ] C:\Windows\System32\dssenh.dll
20:01:08.0666 0x0d34  C:\Windows\System32\dssenh.dll - ok
20:01:08.0666 0x0d34  [ ABE12D041BD7910FEB8AE0E1A16D12F8, A9D92126BF83900ED1B47F5F5DB0BC7540504E4CAE87F3660168157D1A0E692F ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSNComms.dll
20:01:08.0666 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSNComms.dll - ok
20:01:08.0681 0x0d34  [ A4DA88E601802A677B961494E44C29EF, 44E73A5152745CB6386199AEB30BC9E3ED52BA1BC4FCC5047128DED6FE3D4359 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSNReg.dll
20:01:08.0681 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSNReg.dll - ok
20:01:08.0681 0x0d34  [ 1E2E34F3B97CB52436049534EC15E6BA, E98A581A5FA5DAC7270A6527EF5510904DAC3F4976D24F1C3F4CBBCFA050D1A4 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANModUSBVac.dll
20:01:08.0681 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANModUSBVac.dll - ok
20:01:08.0681 0x0d34  [ 4DDE1DC694FDFEAD71D6604E4FC914D8, 691097AA9A048A215E8F073BFD065710A3AF616D69DEC8822EA9382E3D8F0A25 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\USBVacineDLL.dll
20:01:08.0681 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\USBVacineDLL.dll - ok
20:01:08.0681 0x0d34  [ C9564CF4976E7E96B4052737AA2492B4, C3AC989C8489A23BB96400B1856F5325FFC67E844F04651EA5D61BC20A991C6D ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
20:01:08.0681 0x0d34  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
20:01:08.0697 0x0d34  [ 619A67C9F617B7E69315BB28ECD5E1DF, F34F231D117CCDFEBB9CB35C8D6FDFA7051DA27FDC1204FCCFF361FC0B13A0FF ] C:\Windows\System32\wbem\WmiPrvSE.exe
20:01:08.0697 0x0d34  C:\Windows\System32\wbem\WmiPrvSE.exe - ok
20:01:08.0697 0x0d34  [ 81061095F8ECE43DB083A7C0F10E6CB5, D7EA92AF5E32593CD126CD3DE6B915D7E1D07AA3A0DD7ECD0549648CB4063FB7 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANModFirewall.dll
20:01:08.0697 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANModFirewall.dll - ok
20:01:08.0697 0x0d34  [ 51318393C1CE6FD7CF9AD4551F834DD8, F042442DCAEF36B3976CC2F48833F1D10DA2467043799082051B8F87A7A2B13E ] C:\Program Files\Intel\NCS2\WMIProv\ncs2prov.exe
20:01:08.0697 0x0d34  C:\Program Files\Intel\NCS2\WMIProv\ncs2prov.exe - ok
20:01:08.0697 0x0d34  [ D27A8D7BA659890230699AF8C566E929, 745FA4147725DEEA584B6363D4B6B91A0C3D470182BFC0F97A5CD5A42986A497 ] C:\Windows\System32\ncs2instutility.dll
20:01:08.0697 0x0d34  C:\Windows\System32\ncs2instutility.dll - ok
20:01:08.0713 0x0d34  [ 777385EF5E959929D8CEF7735CB4CA68, 528BDC8E1DFB43B4CA89710C09DD545D2627B8D7EF550E7A69AD97A00E8F4603 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANModProcMon.dll
20:01:08.0713 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANModProcMon.dll - ok
20:01:08.0713 0x0d34  [ 70A1D465390C393AA118D9764E065B06, 9CF967E76E5D6F3BE7E3A11EBF53F9AC4B3EF88432D338331EC7522FE8C11F10 ] C:\Windows\System32\apisetschema.dll
20:01:08.0713 0x0d34  C:\Windows\System32\apisetschema.dll - ok
20:01:08.0713 0x0d34  [ 04554B293383F5FFD50AB75C73136712, 7A957769B0DBDA9F34BCEFF9DD96951D32E03F9837754B99BA8DA9456AD43171 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANModTuneUp.dll
20:01:08.0713 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANModTuneUp.dll - ok
20:01:08.0713 0x0d34  [ A30C1C75BD92B29E2911DEA665EA3A2F, C6C938B2EE948621E6BE5F2E00E4A724A9737EF3C0F3E16A5B9816E798D21BC0 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANModURL.dll
20:01:08.0713 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANModURL.dll - ok
20:01:08.0728 0x0d34  [ 5059F654761370F13103AA958FE7C2FB, 2EA57083BD0151DB2C53B4BF476BDE2182472F8410E59631818BCF20A0DDAC02 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANURLCounters.dll
20:01:08.0728 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANURLCounters.dll - ok
20:01:08.0728 0x0d34  [ 6F5E0053365B70440631B18227ABB576, DDD7C893ECE9092F964A00BF3E142E47F0E5FC4F6FFF5C0449ED659D52C521D8 ] C:\Program Files\Intel\NCS2\WMIProv\ncs2core.dll
20:01:08.0728 0x0d34  C:\Program Files\Intel\NCS2\WMIProv\ncs2core.dll - ok
20:01:08.0728 0x0d34  [ 5B2776A1BE63C678B4D5B8A8EAB9DDB5, 335D1D8AF51CD40BD040FA6D9EF8BE3389A4FBA9FC7BC3BA1585A02764B7DF83 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\sqlite3.dll
20:01:08.0728 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\sqlite3.dll - ok
20:01:08.0744 0x0d34  [ E837C82583263C4F48791A4880ABAEA8, 425D1201894B04BDC1A385F689386EEC9A941ED5AF7D51FE07F9929ACED0A068 ] C:\Program Files\Intel\NCS2\Agent\coreagnt.dll
20:01:08.0744 0x0d34  C:\Program Files\Intel\NCS2\Agent\coreagnt.dll - ok
20:01:08.0744 0x0d34  [ 589A3419E89C71CD877423E7E3405D63, DC7EF37BD3FADAA6AAAF272FE609BB25BC48E2F1E074F546405B36DB7D63C585 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANModAdiag.dll
20:01:08.0744 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANModAdiag.dll - ok
20:01:08.0744 0x0d34  [ 8013CD4382BC11B8D8CBBDEE9FC2BDA1, A6D10927020A05DF146F348942D6B26BA8F49417F899987905A44E30381EE9F0 ] C:\Windows\System32\ncscolib.dll
20:01:08.0744 0x0d34  C:\Windows\System32\ncscolib.dll - ok
20:01:08.0744 0x0d34  [ DEE653E3750DF98F73796E0689D52CC7, 4220B7DFBD9B88080F0D5AFEFB44A2B3D09450DA3555E808C1CC981BB5EAEE80 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSINUNC.dll
20:01:08.0744 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSINUNC.dll - ok
20:01:08.0759 0x0d34  [ 5C5E8C56B5E0F8691D720123484FFC56, 7F85A601CA206C734D5E8A743C4608ACB0F235871D5BD8EEF7730D0EA890B1E6 ] C:\Program Files\Intel\NCS2\Agent\Rule.dll
20:01:08.0759 0x0d34  C:\Program Files\Intel\NCS2\Agent\Rule.dll - ok
20:01:08.0759 0x0d34  [ 0E7423C9D5D3A60045EDDB3F750F595B, D9EE36D1D8D8D6F7EB6469417504811146F862613BD71AF3B3C65A22A3597A52 ] C:\Windows\System32\pt-PT\user32.dll.mui
20:01:08.0759 0x0d34  C:\Windows\System32\pt-PT\user32.dll.mui - ok
20:01:08.0759 0x0d34  [ 815A0D48A82F5B1C1A05E8CD958AA130, A61999297C42CA733F02A380BDDEFF200AF02D3F381BF17E3563FB2FC5348159 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\psenkrnl.dll
20:01:08.0759 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\psenkrnl.dll - ok
20:01:08.0759 0x0d34  [ 1898CEDA3247213C084F43637EF163B3, 4429F32DB1CC70567919D7D47B844A91CF1329A6CD116F582305F3B7B60CD60B ] C:\Windows\System32\drivers\iqvw64e.sys
20:01:08.0759 0x0d34  C:\Windows\System32\drivers\iqvw64e.sys - ok
20:01:08.0775 0x0d34  [ 6607C2182C6A53ED983813AFE2F85768, FC9E718ABC4E0FBC7B0DD145F9C377A1800A7776AD832AB645796E13B1E15A1F ] C:\Windows\System32\wbem\cimwin32.dll
20:01:08.0775 0x0d34  C:\Windows\System32\wbem\cimwin32.dll - ok
20:01:08.0775 0x0d34  [ 304C2F3E5DD7E23F819B87546FAE4776, CDF6B1CE2E12CC664537A0938853950B5DA43DA46FBA4AE87BBCDFF8066343CE ] C:\Program Files (x86)\Panda Security\Panda Security Protection\psenlc.dll
20:01:08.0775 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\psenlc.dll - ok
20:01:08.0775 0x0d34  [ 1484B9EBF567346582DE571B0E164AE0, 9862BF22B2E32DABE7A82ACEE5B4EA1F0A93BDC3C71B20A6A4E568CCCD76A7A6 ] C:\Windows\System32\framedynos.dll
20:01:08.0775 0x0d34  C:\Windows\System32\framedynos.dll - ok
20:01:08.0791 0x0d34  [ BAF58593429A0FC4FDF08BDC81267735, 373B68DBA59436B20D38C002F9AE1D60A30EFD4E2A2B66D331E5618B30C967FB ] C:\Program Files (x86)\Panda Security\Panda Security Protection\psenplgb.dll
20:01:08.0791 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\psenplgb.dll - ok
20:01:08.0791 0x0d34  [ 05E265383710D6135A248DEED73CD59E, 2F6A4A5313D9C8B9232BCE32848BBCE2D8377E34E1CA96AD69E1A52C9A3DCF58 ] C:\Windows\System32\wbem\en-US\cimwin32.dll.mui
20:01:08.0791 0x0d34  C:\Windows\System32\wbem\en-US\cimwin32.dll.mui - ok
20:01:08.0791 0x0d34  [ 73137B38236E3C301004159CBBED2D87, 9CD8A836D4E572B026668C7B650DF0D766975D61CCD5DC452410D8E188C59CED ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSENMgrb.dll
20:01:08.0791 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSENMgrb.dll - ok
20:01:08.0791 0x0d34  [ C00DB14550E4BD49737F311C644E45FF, 7085C47DADEED82B6F98ED3903197D76B648E9D6CC67D40C789E236264D9A0DC ] C:\Windows\System32\wmi.dll
20:01:08.0791 0x0d34  C:\Windows\System32\wmi.dll - ok
20:01:08.0806 0x0d34  [ C4BFE4B61086416B0529212F92BCE081, A5EE6FB81229885C7A4A4EF0A9C3E9EE9E7F85C1EDE9BEEE236EB0503093D8F3 ] C:\Windows\System32\schedcli.dll
20:01:08.0806 0x0d34  C:\Windows\System32\schedcli.dll - ok
20:01:08.0806 0x0d34  [ 1990700C88646B56658A435FC4321FE8, 0E9D96BB9183BD6EA13A27D4C270C2B08712F832F217B8E4C6A0DF26EB7A2EC0 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\psenagent.dll
20:01:08.0806 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\psenagent.dll - ok
20:01:08.0806 0x0d34  [ 487F44B08EFEAF5AD087878357B9403D, B02C99850940588D52B3E6DB30DB64582F294E0BD62101067BECFEA1483010C6 ] C:\Windows\SysWOW64\pdh.dll
20:01:08.0806 0x0d34  C:\Windows\SysWOW64\pdh.dll - ok
20:01:08.0806 0x0d34  [ 693A7BEEADA7E798DB757BB79FDECAEA, 544F8D26500F8D48F16A0847EC87496080BD07289288131408296C6D43ACC5F0 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\pkndisk.dll
20:01:08.0806 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\pkndisk.dll - ok
20:01:08.0822 0x0d34  [ 0C92612035D05DDC99081A8E09FBC683, FDDE5833E28C0E5374449D2BA7BD9CF2F92C35A4608346F322D1757B32A10CFF ] C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlscriptupgrade.dll
20:01:08.0822 0x0d34  C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlscriptupgrade.dll - ok
20:01:08.0822 0x0d34  [ DAB4539087B9BE13AE19F05506B8BE93, A90FB5764D1D6DA55F03E6EADFF59345F122296DD5C1B7AB06636E42B0E69E16 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\pknproc.dll
20:01:08.0822 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\pknproc.dll - ok
20:01:08.0822 0x0d34  [ 5BD43C84AA40B71D7533A3E6D5ED83EE, 61509DE0721138352B55B2CBA083E7500EC8A7A177E8DCA609A4F0AC31BF93C4 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\pkndtl.dll
20:01:08.0822 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\pkndtl.dll - ok
20:01:08.0822 0x0d34  [ 522B0466ED967A0762E9AF5B37D8F40A, B14C62D059BC7CF430E1B0F6E18E31EFD1959EFB3025A2B0EBB11751F38DD6D4 ] C:\Windows\System32\esent.dll
20:01:08.0822 0x0d34  C:\Windows\System32\esent.dll - ok
20:01:08.0837 0x0d34  [ C6256EF656E530A3871D03B89159F691, DF61564757D963D7D8BA16E4DA23D17A99C38261093E8B0857FEC81D60259937 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\pkndtr.dll
20:01:08.0837 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\pkndtr.dll - ok
20:01:08.0837 0x0d34  [ C3240967775CC2A07F25A25E6A173F67, AC2EDF0AA5403C2D8218A47B31AE5BFF9B3A28AFB83AC6D2A65EF928CBEDDCE4 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\pknComCtrl.dll
20:01:08.0837 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\pknComCtrl.dll - ok
20:01:08.0837 0x0d34  [ E601860AA04CE2198DBC6AC2AF80AFF7, B9D2BAEF2F6F8EA687414E73DFC5207F11A406D53C3444FCDAFD9CE1B4940053 ] C:\Windows\System32\perfos.dll
20:01:08.0837 0x0d34  C:\Windows\System32\perfos.dll - ok
20:01:08.0853 0x0d34  [ 2FCB61BB194B8E5032585FE3CAE740C6, 0EE0ABB79723F08159D84E2FA4239FA4B01E9517993381E5BCE1931CA3EC7FBF ] C:\Program Files (x86)\Panda Security\Panda Security Protection\pknfile.dll
20:01:08.0853 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\pknfile.dll - ok
20:01:08.0853 0x0d34  [ 3B1F10A0B01700B5538F26368A4D23B7, EC122E9B97F63E8449CCC592ED779E2A7DDB934B4F4168DF4FE35048A98BDF69 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\pknboot.dll
20:01:08.0853 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\pknboot.dll - ok
20:01:08.0853 0x0d34  [ FFD84CE489FA316DC2AEF5C467B1B471, AA97EA161BFD2AB28163F061A823EB5056045BC46C6B102473A748CA5CA988EF ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSENPrx.dll
20:01:08.0853 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSENPrx.dll - ok
20:01:08.0853 0x0d34  [ 24CE0A2D3EB7761245E684BAAE7D52A6, 87C87C849EF37FE4AC3237769B568394F0EDCDD4628166E504B1947F677D4A11 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSENRAM.dll
20:01:08.0853 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSENRAM.dll - ok
20:01:08.0869 0x0d34  [ 6106CA08D1CD681BD288DBDB4781E773, 08EC13A8F6B906D8CB990A7E0FE80CD825D6186708F274E61C0DDE9FCA90E85E ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSENSRF.dll
20:01:08.0869 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSENSRF.dll - ok
20:01:08.0869 0x0d34  [ 5FBBD0AD928BB667808D1ACB1A3427D4, B1BD0D4F04DE3290F75F68C1A4699BB25D0FFCD616152F3ADBC2610B2344CDAD ] C:\Program Files (x86)\Panda Security\Panda Security Protection\putczip.dll
20:01:08.0869 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\putczip.dll - ok
20:01:08.0869 0x0d34  [ 2860C92A5C0FD4201CAC9F7317E9B8E3, 4F9382DEFC4D084F0E8C4A68B3DD64704DB11CD9D9B9CCE335B9F6E417C57FB2 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\pknaccess.dll
20:01:08.0869 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\pknaccess.dll - ok
20:01:08.0884 0x0d34  [ 5D57F6BD01FD7E20D0EC0D6E258B7F97, 837C7952201F8BC748BDA7B0C00D3396AF4050EDE4136DCF764D78460DD0139F ] C:\Program Files (x86)\Panda Security\Panda Security Protection\psenobsr.dll
20:01:08.0884 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\psenobsr.dll - ok
20:01:08.0884 0x0d34  [ 220159496484D34009DE71CA1A68E0D4, 94BD3DEB4E84F95D80BE5775E5A612EFF181ECB212FB668674C67AD19194DE69 ] C:\Windows\System32\wbem\NCProv.dll
20:01:08.0884 0x0d34  C:\Windows\System32\wbem\NCProv.dll - ok
20:01:08.0884 0x0d34  [ 9C7CD033522B1C34D5FC1FE346BAB36B, 9CE90147B9E7900BD9C22EB26BC667A00910985B4E64B98FE06DE59BA70CB368 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\psenhash.dll
20:01:08.0884 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\psenhash.dll - ok
20:01:08.0884 0x0d34  [ DF20702D653A9FA650D9F0B8424E08A5, 7DD23A8EF5F9D0E0568383D91F382649D5B3A0C66AA67F4D1404C7EABC648C23 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\psendsig.dll
20:01:08.0884 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\psendsig.dll - ok
20:01:08.0900 0x0d34  [ 616DFFB4045FEE4A2683472BD155C274, 0F8F66A5ED2FE4D4285FAAFEF304477BD2A1FC561FEC100FAADE23BF85B022E3 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSNCDSVF.dll
20:01:08.0900 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSNCDSVF.dll - ok
20:01:08.0900 0x0d34  [ 7D481E52BBCAA84907A1B1052EB55F8D, B51434CE7227E6B08C9CD6B29143BBE705A964F4FF4F64B4DD9561311B8A9CBC ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSNCDSEX.dll
20:01:08.0900 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSNCDSEX.dll - ok
20:01:08.0900 0x0d34  [ 647C5AC2BC7DBB81D9AEAEA2878AC76B, 76B7DE2934474F6E6FE5D8EE421A209BD9A61947C85E389FDD452AEA19CD3EBB ] C:\Program Files (x86)\Panda Security\Panda Security Protection\pkncmp.dll
20:01:08.0900 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\pkncmp.dll - ok
20:01:08.0900 0x0d34  [ 316E2C143CA2D751ACBE4EE95EBF8BBA, CD3EF4330DDFB215B01D26BE40DCD8FFD216418E2D1FEE5F8BF15A02845D63EB ] C:\Program Files (x86)\Panda Security\Panda Security Protection\pknrbt.dll
20:01:08.0900 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\pknrbt.dll - ok
20:01:08.0915 0x0d34  [ 2BBA9BBA6469C39AEDC2CCC1D30FE072, C3167BAE23B1B944F035CF5C6741CBA94D56B59475AAB3CB5F42B69F182FE22F ] C:\Program Files (x86)\Panda Security\Panda Security Protection\pknact.dll
20:01:08.0915 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\pknact.dll - ok
20:01:08.0915 0x0d34  [ 1C9B4C7BF4FB60792119243F6AC7208C, 8A2440F95269EB01D85C87B9F61BFD99594BA3A58DA45AA3AD53AA539C223F25 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\pknheu.dll
20:01:08.0915 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\pknheu.dll - ok
20:01:08.0915 0x0d34  [ 49D7B09A41570EF052F0891CA311172C, 2B2B12CA1A250D35FE742F10FB981D5A922858957271492F3DA80FF14CC8A9B2 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\psenfilter.dll
20:01:08.0915 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\psenfilter.dll - ok
20:01:08.0931 0x0d34  [ BD27FECF706A5C447ED4FB7955F28E6E, 942B69ACB840F70EFAA52FD09C0D1F2AAAA9F2814D62D6C5EE24F2D78C7A601E ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSENIExAg.dll
20:01:08.0931 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSENIExAg.dll - ok
20:01:08.0931 0x0d34  [ 63E75C3F6ADD7CAEA4865CDCBA263C31, 432C5ADC84800C5BE16D4A9F85A4EC49E50C269921963B82F844F90C6C9100AC ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSENQMem.dll
20:01:08.0931 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSENQMem.dll - ok
20:01:08.0931 0x0d34  [ EF8B0FF43F46D7FD2EEC54ED7E402B94, D5E4082A4627710DA0A366202058BB5CC58DAD4A714C9B2611AE379F9F3569A7 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\psendecs.dll
20:01:08.0931 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\psendecs.dll - ok
20:01:08.0931 0x0d34  [ 807EB11BD87CD9026906FB79015414CE, 3FD1C7C9709B1CCDEEBD51832D17C7CDC8FC3589A771EBB61EE61E041A621B9B ] C:\Windows\System32\perfdisk.dll
20:01:08.0931 0x0d34  C:\Windows\System32\perfdisk.dll - ok
20:01:08.0947 0x0d34  [ 650C942D606EE0654240EBB0CB465885, F25E4468067C50C13010D341C3BE770EC8AF1CEE614CAACF161E18A825542A6E ] C:\Program Files (x86)\Panda Security\Panda Security Protection\pknQrt.dll
20:01:08.0947 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\pknQrt.dll - ok
20:01:08.0947 0x0d34  [ D9850A8A8BE45F10AB349C0F98BB3576, BE93361D40671396945DFF818DFD4B440E36855F75FB0186051DD733DC2529B3 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSBoot.dll
20:01:08.0947 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSBoot.dll - ok
20:01:08.0947 0x0d34  [ B5990011226D3E7B96FC1D898A8DD2E8, 3FD8C88E9DEDD2927A437C82CB9B9E49BC0F345C6769B82AED75F3EBCA436ABC ] C:\Program Files (x86)\Panda Security\Panda Security Protection\psenlog.dll
20:01:08.0947 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\psenlog.dll - ok
20:01:08.0947 0x0d34  [ 29D60AEB86EF391AE19ABE2659A8F3E5, C33B88B8CEFB630E5161111B943AE915D9EA1E398280B96A8435A47C65D7ED55 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\pknsysmw.dll
20:01:08.0947 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\pknsysmw.dll - ok
20:01:08.0962 0x0d34  [ 92E0508D924512F63FFEEFE498CBD11F, 1158011E4A1298DEC79133B40888AA87B06F5B64BA2AB461B58C22F5F9211D0C ] C:\Windows\System32\p2pcollab.dll
20:01:08.0962 0x0d34  C:\Windows\System32\p2pcollab.dll - ok
20:01:08.0962 0x0d34  [ 76BAAF084F02A76A6F47C9C4F309E7DE, CC83A6EB4E25D2AB73055E4886FA49230A8C4DD4986D692D47B4C778FFA92E1F ] C:\Program Files (x86)\Panda Security\Panda Security Protection\psenutil.dll
20:01:08.0962 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\psenutil.dll - ok
20:01:08.0962 0x0d34  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] C:\Windows\System32\QAGENTRT.DLL
20:01:08.0962 0x0d34  C:\Windows\System32\QAGENTRT.DLL - ok
20:01:08.0962 0x0d34  [ C302D2C333CDB8A4370A720954738401, BF041DD90A54DC40069CED1677B90534EBF93B2075040D011903B255A35C1438 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\psenuser.dll
20:01:08.0962 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\psenuser.dll - ok
20:01:08.0978 0x0d34  [ 9895490CA2D2D376FE793FABCFBD8CD1, 1FC3F59A6124F049C819F3293EE7CCC2FB6203F262749EEDECF60C254F26D31E ] C:\Program Files (x86)\Panda Security\Panda Security Protection\pknreg.dll
20:01:08.0978 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\pknreg.dll - ok
20:01:08.0978 0x0d34  [ CE47CC3C438A25A3CF585032CD51FFBC, 68915D6CDD82171665A596BD9E4F83BA82F70CAD169E6C04FC4F018646E5C665 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\pknbufae.dll
20:01:08.0978 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\pknbufae.dll - ok
20:01:08.0978 0x0d34  [ 506A83A3BEEE9FCA09F0170DE9FC7D1B, 2DFBD792B68F3EBEF0843183CAE5D52B6FA04163808AFACF6C0D738455898C36 ] C:\Windows\System32\fveui.dll
20:01:08.0978 0x0d34  C:\Windows\System32\fveui.dll - ok
20:01:08.0993 0x0d34  [ 74677C77DD2398A0564C6E5D8FC6C5FE, F9331F23C9656B6F43D666482E13618B92C500B30B28A2CBEAF5A4497B48629D ] C:\Program Files (x86)\Panda Security\Panda Security Protection\pknMDT.dll
20:01:08.0993 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\pknMDT.dll - ok
20:01:08.0993 0x0d34  [ 39E710151133F1AB9333F1B4975844BD, D4E464DC1EB3DB6AFC5015C3E74ECDA3446DBD1202201DCA49DB0D8F9B6D0A42 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\pknpal.dll
20:01:08.0993 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\pknpal.dll - ok
20:01:08.0993 0x0d34  [ A00CB2D23D94A45BD3C59A7B784691C4, 5F82F5238884DAEF35CC27E0D0CBD87585F53031B1319ED61CFC2C1E21973353 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\pknspam.dll
20:01:08.0993 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\pknspam.dll - ok
20:01:08.0993 0x0d34  [ 8EA53101FF2B15BDFF934B62A8FB326D, E28536A4AC6764C2480EF047AF2312AE2600819899C3E33B486CFE19F25AC464 ] C:\Windows\SysWOW64\logoncli.dll
20:01:08.0993 0x0d34  C:\Windows\SysWOW64\logoncli.dll - ok
20:01:09.0009 0x0d34  [ 0B7E85364CB878E2AD531DB7B601A9E5, F5AD3018427F1CD68450EE5CB55AA9572546322580E0FB1E7888702A291C2380 ] C:\Windows\SysWOW64\NapiNSP.dll
20:01:09.0009 0x0d34  C:\Windows\SysWOW64\NapiNSP.dll - ok
20:01:09.0009 0x0d34  [ 1FA520F962A27A3F2424A6FBB050A471, FD3A36C5D96C0180D2E75EE0C223013B089235297FD74B3759C27933B14DAECF ] C:\Program Files (x86)\Panda Security\Panda Security Protection\pknurl.dll
20:01:09.0009 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\pknurl.dll - ok
20:01:09.0009 0x0d34  [ 5CF640EDDB1E40A5AB1BB743BCDEC610, 0313AA3F713C9F5B84DBB0B4DE78A96B173E9F7B4CF61C10FDC7DAE952DB04E5 ] C:\Windows\SysWOW64\pnrpnsp.dll
20:01:09.0009 0x0d34  C:\Windows\SysWOW64\pnrpnsp.dll - ok
20:01:09.0009 0x0d34  [ 94C533D5126D3AB34C15D7E4E06A0053, C4B1DF0A13434268BC8307D198184DD12B9B07E3049D6EA90ABD1B2232940360 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\pknDTGW.dll
20:01:09.0009 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\pknDTGW.dll - ok
20:01:09.0025 0x0d34  [ D682B5640DE75D60560A1A302C81D1D3, CB8020F18F53F6DB892C6AAC97F1813AEF4F8AD4A9F32775AE7B0E0A2A6C580C ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSINApAg.dll
20:01:09.0025 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSINApAg.dll - ok
20:01:09.0025 0x0d34  [ 5DF5D8CFD9B9573FA3B2C89D9061A240, 990EA273B640DF2D7E800C0CFF18550259C605A4951CD82CD9F1E7B6FF0C9533 ] C:\Windows\SysWOW64\winrnr.dll
20:01:09.0025 0x0d34  C:\Windows\SysWOW64\winrnr.dll - ok
20:01:09.0025 0x0d34  [ 4A6F0337F31039AA65E39ED60D232A65, F6357B9F404D14F4C4C493EA5E9F39E5E8ADD994C4B3DDFC9D8B222D86AE62A6 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSINEnAg.dll
20:01:09.0025 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSINEnAg.dll - ok
20:01:09.0040 0x0d34  [ 43F156964E17AD6BBD0CD068F2A10972, 5D7C8FF1932BC740CD0FCB2767690DE7FEB547CE0E27022F46B1112D3312493E ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSINEvAg.dll
20:01:09.0040 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSINEvAg.dll - ok
20:01:09.0040 0x0d34  [ 914478C1A9236141D162F042F4338166, CC8213F625FF345E9A41BF2A7A1E06AE6921D039DA201B6807EA74F17C58AE92 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\NConv.dll
20:01:09.0040 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\NConv.dll - ok
20:01:09.0040 0x0d34  [ ECE81DBBFF174383AA726A5EBFC3905C, 5689C4686C32B37198DA0553C98C67088EA37D8CC29FB960B46A2F588FA04588 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\NNSManager.dll
20:01:09.0040 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\NNSManager.dll - ok
20:01:09.0040 0x0d34  [ B010CF886420EE29C2C276646721D255, CBCD032D679ADE3A9942A1D116648D6A9ECC71F66F8630629E724E5EE23F9F73 ] C:\Windows\SysWOW64\wlanapi.dll
20:01:09.0040 0x0d34  C:\Windows\SysWOW64\wlanapi.dll - ok
20:01:09.0056 0x0d34  [ 1D6A771D1D702AE07919DB52C889A249, E5F3378AC40AEE6114EEAF3BF11DC1059466891CAE353E80C08622A60485C954 ] C:\Windows\SysWOW64\wlanutil.dll
20:01:09.0056 0x0d34  C:\Windows\SysWOW64\wlanutil.dll - ok
20:01:09.0056 0x0d34  [ B1957481D4E4F3FEEE9CE07372BF5A7A, 3ADC50F1B92E048892A243EE8EC79E2C96CF32E6AA16902F2770B5B59CE260D8 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANLiveDownloader.dll
20:01:09.0056 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANLiveDownloader.dll - ok
20:01:09.0056 0x0d34  [ 4F16827A7962349EB944FDF70A54B952, 003C8B3F01EA9355A82B7D98A850E70E6259035F9B2AA9BF14AB49F7E662B7F1 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANUpgMgr.dll
20:01:09.0056 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANUpgMgr.dll - ok
20:01:09.0056 0x0d34  [ 9A85ABCE0FDD1AF8E79E731EB0B679F3, 2A610BEB16610FE2F2E9A50477A62A05481E8A5843A814955A0EDFF45D0304B3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
20:01:09.0056 0x0d34  C:\Windows\SysWOW64\dhcpcsvc.dll - ok
20:01:09.0071 0x0d34  [ 81F6C1AE23B1C493D9E996C3103915D7, E22408B4D2EDE2F89E686A4FDCD4057BE27B86D050E9CB489F0FFB39C72AEC1D ] C:\Windows\SysWOW64\dhcpcsvc6.dll
20:01:09.0071 0x0d34  C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
20:01:09.0071 0x0d34  [ F56CA58085B15499A7C2F3C68574CD65, 523A6096C60A2A802C39A45E9D33E28AB39C98005174F43857D6B9FA0FAD4DA3 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANPackageRegistry.dll
20:01:09.0071 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANPackageRegistry.dll - ok
20:01:09.0071 0x0d34  [ 1FA7E780FD22D96339160CEFDDE3E301, 68B3FE390DBEF365CAAE9DA3DA9D2567597E971E0ABA026DEAF6E67B0F7DAFE2 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\pskcoord.dll
20:01:09.0071 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\pskcoord.dll - ok
20:01:09.0087 0x0d34  [ E62E9A98ACDF78EDA42DA361E70F9D09, B149A6E691D7F2622F2E48AF1E6D560A8101E0CF804A3ECC2674B355202D25C2 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\psksys.dll
20:01:09.0087 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\psksys.dll - ok
20:01:09.0087 0x0d34  [ B058442CBA3AAA4171B8D1891AC87A17, 335C75E62D5F38F87350C4BB6ACE136E4025C6E75062436B927BA7ED57C4ACAB ] C:\Program Files (x86)\Panda Security\Panda Security Protection\pskxs.dll
20:01:09.0087 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\pskxs.dll - ok
20:01:09.0087 0x0d34  [ 503686D4B6E5EB6AC87ED5E4D1985E12, 77B0FB81F0295EA0C125C5A9CD1D0E20589B45B00F59592FABB9DF6F86B3A94F ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSKMADLL.dll
20:01:09.0087 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSKMADLL.dll - ok
20:01:09.0087 0x0d34  [ 3F50200237961034FACE602373838980, F97D72CC75D921CF8F8E0544614407358AEFF97A8F48E4A89F82689EE8F2FC86 ] C:\Windows\SysWOW64\FirewallAPI.dll
20:01:09.0087 0x0d34  C:\Windows\SysWOW64\FirewallAPI.dll - ok
20:01:09.0103 0x0d34  [ F08A73742BCB7A82237C821F04E5C527, C78BCFB198C13D7EB63360804AC7AED8BE509D59562AE2EC6106915D19AA3720 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSINOAV.dll
20:01:09.0103 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSINOAV.dll - ok
20:01:09.0103 0x0d34  [ 3A2F141CF3A32BC2103B14A9408759D1, 5C125B71BD6258A54A8DE660B65106F2B0B2CC228782E05EF06F2C03928CB96B ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSNWSC.dll
20:01:09.0103 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSNWSC.dll - ok
20:01:09.0103 0x0d34  [ 1FF7E4F548C7C372C804938F0D5B36AE, F20409733F67853CBF51FD83E4DB73260FED7B7A4F361C6B3482D78C990E16FC ] C:\Windows\SysWOW64\netcfgx.dll
20:01:09.0103 0x0d34  C:\Windows\SysWOW64\netcfgx.dll - ok
20:01:09.0103 0x0d34  [ 8B74CEC6980D4816B0037AE9A27E538F, 8721EDB4C51BF6020002FA5DDB1987C68590F9F433A2F18D9756B2DAC7542CB6 ] C:\Windows\SysWOW64\slc.dll
20:01:09.0103 0x0d34  C:\Windows\SysWOW64\slc.dll - ok
20:01:09.0118 0x0d34  [ 1D7AAE1C99AE8C364FDC61F42ABFD28C, A51B4762F61CF78377C9894579145AC61641253DD5483DC8B6BEE34394FFFF8A ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PAV2WSC.exe
20:01:09.0118 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PAV2WSC.exe - ok
20:01:09.0118 0x0d34  [ AF7499F8617A594CB99E6B6F72AC8AB6, 3AD6253EA3FE0E4FD8473B5D9AE952D8F40E0520E7A381172909BABBF363A740 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSNCSysAction.exe
20:01:09.0118 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSNCSysAction.exe - ok
20:01:09.0118 0x0d34  [ 105ACC469DF34C8BD0D5E68A70C774E5, 983A759339E058AAE779EB9476EC2AEE8B379F0C60E5E2FD73826155827F5518 ] C:\Windows\System32\drivers\PSKMAD.sys
20:01:09.0118 0x0d34  C:\Windows\System32\drivers\PSKMAD.sys - ok
20:01:09.0118 0x0d34  [ FB9D6A70223FFAF191AEF5C610FC03C9, E867A404E125D69BB30902A4378297B960A8BE69A8234A5766EB5085EDA764B4 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\x64\PSINOAV.dll
20:01:09.0118 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\x64\PSINOAV.dll - ok
20:01:09.0134 0x0d34  [ 8258362DDB18B644A82D8B5061AD9426, 87CA586B2B1B0089BFF6A259A0743D184AE383B3B12C4BC5986D72ADFFBE9EDA ] C:\Windows\SysWOW64\wscisvif.dll
20:01:09.0134 0x0d34  C:\Windows\SysWOW64\wscisvif.dll - ok
20:01:09.0134 0x0d34  [ 5968C100E43E7E0F81CEE8B7606C3DAF, 61FD93A7A18E421931C77732DF8319D07AD12A2D51A77EDF6A193A525129756D ] C:\Program Files (x86)\Panda Security\Panda Security Protection\pskcrt.dll
20:01:09.0134 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\pskcrt.dll - ok
20:01:09.0134 0x0d34  [ A8CDF3768604FF95B54669E20053D569, 2DB85B86C839341F2A879A6D25F787D17EE665D425C1BAC3E1F82BAC61F89F94 ] C:\Windows\SysWOW64\wscapi.dll
20:01:09.0134 0x0d34  C:\Windows\SysWOW64\wscapi.dll - ok
20:01:09.0149 0x0d34  [ D7A545BB2E9DF5A6CCA613672C3EB55F, 168A2295F5A6258E300C436887DFA60BD95CBEA49EBB186D9409CD0529CC5BF9 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\pskstr.dll
20:01:09.0149 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\pskstr.dll - ok
20:01:09.0149 0x0d34  [ 380017C10CB4A01C0005B956997B021F, EE865DD8E5AC5D405EB42CAF9924F565DD91BF241DB7031C329F881581636956 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSKSQLT.dll
20:01:09.0149 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSKSQLT.dll - ok
20:01:09.0149 0x0d34  [ 173D64815CCC24465FC43D2EBBBADD7E, 5A87B1FB206C329ACA36F291DEBC65CAA9079B430834B981736006C218AF4924 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\pskglk.dll
20:01:09.0149 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\pskglk.dll - ok
20:01:09.0149 0x0d34  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] C:\Windows\System32\wscsvc.dll
20:01:09.0149 0x0d34  C:\Windows\System32\wscsvc.dll - ok
20:01:09.0165 0x0d34  [ 4449D23E8F197862F1B16F1E6C89C36C, 93AF52BF8E870C0381F027D3BB8F6829E449242074472F1593EB8172D7EB6559 ] C:\Windows\System32\diagperf.dll
20:01:09.0165 0x0d34  C:\Windows\System32\diagperf.dll - ok
20:01:09.0165 0x0d34  [ A646C2DDB8C46E9B20A326FAF566646C, F46E3BF392CB4EB53D323BC8CC41EFBB9C5D7C935FECF255F524EB18583A2A37 ] C:\Windows\System32\drivers\mwac.sys
20:01:09.0165 0x0d34  C:\Windows\System32\drivers\mwac.sys - ok
20:01:09.0165 0x0d34  [ 562E6EA0D7B7E953BB855CC4AA3742DE, DF38E0E6A5AAFDE6EE11B8583DE69BE5930E78E02DF10FB39A5EAD2467DD5349 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUATranslator.dll
20:01:09.0165 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUATranslator.dll - ok
20:01:09.0165 0x0d34  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] C:\Windows\System32\appinfo.dll
20:01:09.0165 0x0d34  C:\Windows\System32\appinfo.dll - ok
20:01:09.0181 0x0d34  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] C:\Windows\System32\drivers\WUDFPf.sys
20:01:09.0181 0x0d34  C:\Windows\System32\drivers\WUDFPf.sys - ok
20:01:09.0181 0x0d34  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] C:\Windows\System32\WUDFSvc.dll
20:01:09.0181 0x0d34  C:\Windows\System32\WUDFSvc.dll - ok
20:01:09.0181 0x0d34  [ CFA9DB232005C7A86EAEEB630443C5CA, 0640FE4CD5D5F1216383E83C5F17AE7998CB7A7226E147C6CEA5948F23D66AC1 ] C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
20:01:09.0181 0x0d34  C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll - ok
20:01:09.0181 0x0d34  [ BF4AC709BE5BF64F331F5D67773A0C82, 96E5A2A12D386B8A7976FEC76FD350E6A3EEBDF5763F4BBF4AB18880E9F269E0 ] C:\Windows\System32\perftrack.dll
20:01:09.0181 0x0d34  C:\Windows\System32\perftrack.dll - ok
20:01:09.0196 0x0d34  [ C5A99A4C0DC9F0F5A95BA0C83D30A549, F99CCCE303F0FC07D82D3BBA223E8CCE41FB7FA8FB5C2A9214C161826537C7C9 ] C:\Windows\SysWOW64\mstask.dll
20:01:09.0196 0x0d34  C:\Windows\SysWOW64\mstask.dll - ok
20:01:09.0196 0x0d34  [ 0552D58F9580A83D9566A82F56FA31AA, 836E7EE8AF952F2C9F3B546F7CF0354C61E3E2D9BA0AE511C4B898C5FD8F4150 ] C:\Program Files\Intel\NCS2\Agent\teamagent.dll
20:01:09.0196 0x0d34  C:\Program Files\Intel\NCS2\Agent\teamagent.dll - ok
20:01:09.0196 0x0d34  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] C:\Windows\System32\drivers\scfilter.sys
20:01:09.0196 0x0d34  C:\Windows\System32\drivers\scfilter.sys - ok
20:01:09.0196 0x0d34  [ 03706015DB44368375AEBE6339490E66, 02EB28B5156E320C1EBABC03D37E94EB770A721B99E1DD276F8DC2A50D76C381 ] C:\Windows\System32\netcfgx.dll
20:01:09.0196 0x0d34  C:\Windows\System32\netcfgx.dll - ok
20:01:09.0212 0x0d34  [ 8ABFE00F213F2571498F1B8FD7939A98, B557EC9EFD33612BAFE01FFD304B50EFB8C3C19763470560DA950B5AB4A9AC9C ] C:\Windows\System32\WUDFHost.exe
20:01:09.0212 0x0d34  C:\Windows\System32\WUDFHost.exe - ok
20:01:09.0212 0x0d34  [ F0D0E883EBBDC7615DC9EDEA0FFB2817, 58F1395445018CB16ED4D3710443FB5B0E087043F6A69F7B10D72D0455958954 ] C:\Windows\SysWOW64\FWPUCLNT.DLL
20:01:09.0212 0x0d34  C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
20:01:09.0212 0x0d34  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] C:\Windows\System32\drivers\bowser.sys
20:01:09.0212 0x0d34  C:\Windows\System32\drivers\bowser.sys - ok
20:01:09.0212 0x0d34  [ 7CBB1D4D13DC62D7F529D87151FD3CD3, DA75C5E64777F6ACE6F77A72D3362A40F8BE59DF3E6BC83550A81D9E20730401 ] C:\Program Files\Windows Defender\MpSvc.dll
20:01:09.0212 0x0d34  C:\Program Files\Windows Defender\MpSvc.dll - ok
20:01:09.0227 0x0d34  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] C:\Windows\System32\drivers\mrxsmb.sys
20:01:09.0227 0x0d34  C:\Windows\System32\drivers\mrxsmb.sys - ok
20:01:09.0227 0x0d34  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] C:\Windows\System32\drivers\mrxsmb10.sys
20:01:09.0227 0x0d34  C:\Windows\System32\drivers\mrxsmb10.sys - ok
20:01:09.0227 0x0d34  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] C:\Windows\System32\drivers\mrxsmb20.sys
20:01:09.0227 0x0d34  C:\Windows\System32\drivers\mrxsmb20.sys - ok
20:01:09.0227 0x0d34  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] C:\Windows\System32\wkssvc.dll
20:01:09.0227 0x0d34  C:\Windows\System32\wkssvc.dll - ok
20:01:09.0243 0x0d34  [ 88FEF39459E3725A01147329ACE9B3C6, 69791AE1ABDEEC796071A074832D56609C5E8D28031ED4AD9C54097E4D7B21B1 ] C:\Program Files\Intel\NCS2\Agent\VlanAgent.dll
20:01:09.0243 0x0d34  C:\Program Files\Intel\NCS2\Agent\VlanAgent.dll - ok
20:01:09.0243 0x0d34  [ C6DCD1D11ED6827F05C00773C3E7053C, EA23BE261C9C04F44215D254D7A80FD0AEE84C6F192D0FEE49A7CF74ED3CB1A6 ] C:\Windows\System32\sfc.dll
20:01:09.0243 0x0d34  C:\Windows\System32\sfc.dll - ok
20:01:09.0243 0x0d34  [ 895C9AB0A855547445C4181195230757, 89BDA385D8CCB75C3D7B1BDFA567AC441A931F4E499C0835FEE9D010343FABB6 ] C:\Windows\System32\sfc_os.dll
20:01:09.0243 0x0d34  C:\Windows\System32\sfc_os.dll - ok
20:01:09.0243 0x0d34  [ F0356290BA3940F31AFF5566501495F7, 4F3C94D38B4648A6C16C1DE07FBA788B88D853E1541CD0642B40117B43F46F76 ] C:\Windows\System32\aepic.dll
20:01:09.0243 0x0d34  C:\Windows\System32\aepic.dll - ok
20:01:09.0259 0x0d34  [ D2F7A0ADC2EE0F65AB1F19D2E00C16B8, 1C2EC0BB83D2AD3F53B0706C46A2604F81F2FC2AFDCF43BE5914CC8F509DD48C ] C:\Windows\SysWOW64\sc.exe
20:01:09.0259 0x0d34  C:\Windows\SysWOW64\sc.exe - ok
20:01:09.0259 0x0d34  [ F8A95AA45080D2FEBD70C452BA9CD9CA, 5F9792B9B99DF55A499C0232E375CF78D9EBC0762F1507CE1DBCB155D343F840 ] C:\Windows\SysWOW64\pt-PT\user32.dll.mui
20:01:09.0259 0x0d34  C:\Windows\SysWOW64\pt-PT\user32.dll.mui - ok
20:01:09.0259 0x0d34  [ 9719E3D834F5C8C43F56A93DFA497023, 4D78D4BD4835C0A237821967156C19DF4B90384A6BCB1F48CEAF35D003A0099A ] C:\Windows\System32\pnpts.dll
20:01:09.0259 0x0d34  C:\Windows\System32\pnpts.dll - ok
20:01:09.0259 0x0d34  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] C:\Windows\System32\IPSECSVC.DLL
20:01:09.0259 0x0d34  C:\Windows\System32\IPSECSVC.DLL - ok
20:01:09.0274 0x0d34  [ 662BA98309818AF2C17D4E48BF4021C4, 57B3FFAECE3DF5E22B6764A95D2B8523AA02CCCB4BD0779025C11D02EEBF4B1E ] C:\Program Files\Windows Defender\MpClient.dll
20:01:09.0274 0x0d34  C:\Program Files\Windows Defender\MpClient.dll - ok
20:01:09.0274 0x0d34  [ E1B22739C933BE33F53DB58C5393ADD3, 26EE0DD091D2E00DECC774DC1EEDFFDE69AF74B0C769CCBE091AFC32C66E4207 ] C:\Windows\System32\Apphlpdm.dll
20:01:09.0274 0x0d34  C:\Windows\System32\Apphlpdm.dll - ok
20:01:09.0274 0x0d34  [ 6872A82D4FACD4F5151092F6ED9E9F76, C6814586D8734FB19ADFF92F6899A87837174F38AF39860FE7301A72479FA6C1 ] C:\Windows\winsxs\x86_microsoft.windows.c..-controls.resources_6595b64144ccf1df_6.0.7600.16385_pt-pt_5a9ad8afc4494b64\comctl32.dll.mui
20:01:09.0274 0x0d34  C:\Windows\winsxs\x86_microsoft.windows.c..-controls.resources_6595b64144ccf1df_6.0.7600.16385_pt-pt_5a9ad8afc4494b64\comctl32.dll.mui - ok
20:01:09.0290 0x0d34  [ F7073C962C4FB7C415565DDE109DE49F, 781E7088DCEFBC34A808C3E7DA41A56112B3F23ABE9F54B5EF4D5CD9CD016B1D ] C:\Windows\System32\npmproxy.dll
20:01:09.0290 0x0d34  C:\Windows\System32\npmproxy.dll - ok
20:01:09.0290 0x0d34  [ 46863C4CC5B68EB09EA2D5EEF0F1193A, 9B5593E1F484AC8F96F89A5995FB1FE9C51CB2F0F545607F6850751191150CFE ] C:\Windows\System32\radardt.dll
20:01:09.0290 0x0d34  C:\Windows\System32\radardt.dll - ok
20:01:09.0290 0x0d34  [ 5D0F03EEF3205F66ECFBE72A7CBBAD1F, 05F4D1E9DFA02D7C151D21CB5D430BD86176177E4A2A59C4E5F206886C4EF88C ] C:\Windows\System32\winusb.dll
20:01:09.0290 0x0d34  C:\Windows\System32\winusb.dll - ok
20:01:09.0290 0x0d34  [ 25AE683DCB4AE7E6F1B193A0CB9DB35F, 9DC4BE1A51A3E94DB05369222CFCBA2125DA519EAAC46823EAECD738974463EF ] C:\Windows\System32\WUDFx.dll
20:01:09.0290 0x0d34  C:\Windows\System32\WUDFx.dll - ok
20:01:09.0305 0x0d34  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] C:\Windows\System32\aelupsvc.dll
20:01:09.0305 0x0d34  C:\Windows\System32\aelupsvc.dll - ok
20:01:09.0305 0x0d34  [ 025E7DBDB98866ED3CB2D4DDA70B364D, 78962F23F066E362AF1A4B98FA7D5E30AF30C561307438503031D30C944B6A6E ] C:\Windows\System32\runonce.exe
20:01:09.0305 0x0d34  C:\Windows\System32\runonce.exe - ok
20:01:09.0305 0x0d34  [ F1EC6A74A6AA98C94DDDD35376E2574B, 7ED965C9F819C46CAD821F19561152C02FD623D21B7FD463F8E483C95D1533A1 ] C:\Windows\SysWOW64\pt-PT\sc.exe.mui
20:01:09.0305 0x0d34  C:\Windows\SysWOW64\pt-PT\sc.exe.mui - ok
20:01:09.0305 0x0d34  [ E811F8510B133E70CF6E509FB809824F, 82541F2B15748250462B67B6C77530D4F7C45A1482237EC49B28F9FA5A414108 ] C:\Windows\System32\wdiasqmmodule.dll
20:01:09.0305 0x0d34  C:\Windows\System32\wdiasqmmodule.dll - ok
20:01:09.0321 0x0d34  [ FFDF972FBDB42D7056858560638DFF12, 34935264DAFE96657E70FC0C06EDC30DF679F23724D7F0B72015AD1576344D3A ] C:\Windows\System32\drivers\UMDF\WUDFUsbccidDriver.dll
20:01:09.0321 0x0d34  C:\Windows\System32\drivers\UMDF\WUDFUsbccidDriver.dll - ok
20:01:09.0321 0x0d34  [ 0DB2758CF1BAFE22E0970FDA0785B74C, 325DEABB182FCA8DCB426AD0095B3524C8F77F2A9204E703391F631B2C4A1157 ] C:\Windows\System32\wuapi.dll
20:01:09.0321 0x0d34  C:\Windows\System32\wuapi.dll - ok
20:01:09.0321 0x0d34  [ 9BC93C9ACFA34DB5A41B89357B31E4ED, C3B9DDCB31970F91F8CAF85D2431903DB1738872775EEFD6712B7646BDE1250C ] C:\Windows\System32\FwRemoteSvr.dll
20:01:09.0321 0x0d34  C:\Windows\System32\FwRemoteSvr.dll - ok
20:01:09.0321 0x0d34  [ 7EC6617005F76714C7E16605E7A8AB06, 5940168249A9C1791CBD71C8F22FC618E8932808E1478986D89A386A5DA458AC ] C:\Windows\System32\wups.dll
20:01:09.0321 0x0d34  C:\Windows\System32\wups.dll - ok
20:01:09.0337 0x0d34  [ BF95EA5809E3BBF55370F7CB309FEBD0, 62ADBA6E1A7DDDEFA971580161F30896DFFC27EB4EB82E3CC72062D57DA66500 ] C:\Windows\System32\conhost.exe
20:01:09.0337 0x0d34  C:\Windows\System32\conhost.exe - ok
20:01:09.0337 0x0d34  [ 0B1E0AEADF1442B7A7AB6E3977F0E5C4, 990985D7528269F3A29630C4E2B559552F3A0122A7CF7936E2082C836CC66486 ] C:\Windows\SysWOW64\WindowsCodecs.dll
20:01:09.0337 0x0d34  C:\Windows\SysWOW64\WindowsCodecs.dll - ok
20:01:09.0337 0x0d34  [ 846D0E4DB261CFAF363902E41498E961, D7E5591B7604FD583AF7FDA19E30928B24A6145318A3944E7D207F0CCEEB30D0 ] C:\Windows\SysWOW64\EhStorShell.dll
20:01:09.0337 0x0d34  C:\Windows\SysWOW64\EhStorShell.dll - ok
20:01:09.0337 0x0d34  [ 4EBBC2B0AD7F9075AE9D6835D2A62B6E, EAAB690EBD8DDF9AE452DE1BC03B73C8154264DBD7A292334733B47A668EBF31 ] C:\Windows\System32\sc.exe
20:01:09.0337 0x0d34  C:\Windows\System32\sc.exe - ok
20:01:09.0352 0x0d34  [ 03F3B770DFBED6131653CEDA8CA780F0, 77373919DCA647F09851E7E460AE78FBD89F21516B961F84AC4446304E51E09C ] C:\Windows\SysWOW64\ntshrui.dll
20:01:09.0352 0x0d34  C:\Windows\SysWOW64\ntshrui.dll - ok
20:01:09.0352 0x0d34  [ D44741F65A1D71F65814A12CF6E2400A, C6721F830675ADC7E7FDE2B5E822E56F6A063146F5066F1E25EBFE86F0A87136 ] C:\Windows\SysWOW64\runonce.exe
20:01:09.0352 0x0d34  C:\Windows\SysWOW64\runonce.exe - ok
20:01:09.0352 0x0d34  [ 465BEA35F7ED4A4A57686DEA7EA10F47, 7F1B3CA09AB045F805DA5765BE7DD270F5DDACE3073017F7386FF1E2FA82D6FB ] C:\Windows\SysWOW64\cscapi.dll
20:01:09.0352 0x0d34  C:\Windows\SysWOW64\cscapi.dll - ok
20:01:09.0352 0x0d34  [ AD7B9C14083B52BC532FBA5948342B98, 17F746D82695FA9B35493B41859D39D786D32B23A9D2E00F4011DEC7A02402AE ] C:\Windows\SysWOW64\cmd.exe
20:01:09.0352 0x0d34  C:\Windows\SysWOW64\cmd.exe - ok
20:01:09.0352 0x0d34  [ 326C7F76A29897A892AA7726E91C1C67, 64305346B06EC14976130B0B80F14B4D5AB63E5B2A6A7B872EC9CE2BF8FADCD2 ] C:\Windows\SysWOW64\winbrand.dll
20:01:09.0352 0x0d34  C:\Windows\SysWOW64\winbrand.dll - ok
20:01:09.0368 0x0d34  [ 7D097694C6252AAFFA57EDB31DC74231, 130884FE246EF66D1D6E5F2A82BAABE96C962DD128B9888372D3C679F9B2D010 ] C:\Windows\SysWOW64\pt-PT\cmd.exe.mui
20:01:09.0368 0x0d34  C:\Windows\SysWOW64\pt-PT\cmd.exe.mui - ok
20:01:09.0368 0x0d34  [ 2003E9B15E1C502B146DAD2E383AC1E3, 15018D0093BEFABBA8B927743191030D1F8C17BB97FDB48C2FC3EAB20E2D4B3D ] C:\Windows\SysWOW64\schtasks.exe
20:01:09.0368 0x0d34  C:\Windows\SysWOW64\schtasks.exe - ok
20:01:09.0368 0x0d34  [ 32297BB17E6EC700D0FC869F9ACAF561, 986F524F38B973531002DCEB17414BF8C691B60FB0EA2E4C53C3C7BD3F9EE54E ] C:\Windows\SysWOW64\NETSTAT.EXE
20:01:09.0368 0x0d34  C:\Windows\SysWOW64\NETSTAT.EXE - ok
20:01:09.0368 0x0d34  [ 44DFCCE3E204A251B4929716E82F3054, EC2B6D29992F13E74015FF0B129150B4AFAE15C593E4B7586A225F1797FF0EF1 ] C:\Windows\SysWOW64\ROUTE.EXE
20:01:09.0368 0x0d34  C:\Windows\SysWOW64\ROUTE.EXE - ok
20:01:09.0383 0x0d34  [ D4275A5830BC78D1FDEDCD32287833FB, 2B44530ED738E25EDAF3BFACDF62E0407B2927A8CF91B8A8AD75F17D53242733 ] C:\Windows\System32\pt-PT\conhost.exe.mui
20:01:09.0383 0x0d34  C:\Windows\System32\pt-PT\conhost.exe.mui - ok
20:01:09.0383 0x0d34  [ 26C43960C99EE861A5D0EDC4DCF3B1C3, 6238FB8E785652040CCE3E7044EA52066CE1BF173A1467474D64A3AB214B6BCD ] C:\Windows\System32\drivers\MBAMSwissArmy.sys
20:01:09.0383 0x0d34  C:\Windows\System32\drivers\MBAMSwissArmy.sys - ok
20:01:09.0383 0x0d34  [ 829532FD1584422EB7F4C49F767D1E4B, 2E6DACFB7938CFCBCB5EA31B77466EF2CBF06ABD1721D9DA6A0B5D39AEFE93E6 ] C:\Windows\SysWOW64\ieframe.dll
20:01:09.0383 0x0d34  C:\Windows\SysWOW64\ieframe.dll - ok
20:01:09.0399 0x0d34  [ 2C4A87CA8C00E98EFDCFA2E8EC9A3503, DA59CE662E98E56D89E2894D2AC8B9F324C16DA23C860640EDC2C82E0AD06097 ] C:\Windows\SysWOW64\shdocvw.dll
20:01:09.0399 0x0d34  C:\Windows\SysWOW64\shdocvw.dll - ok
20:01:09.0399 0x0d34  [ 067F8FEE78DC960D6FC36D1D071913E8, 2B198D730848B2321183833FC792080FC90B03496C06CC9578B3D17F2B84F407 ] C:\Program Files (x86)\Malwarebytes Anti-Malware\7z.dll
20:01:09.0399 0x0d34  C:\Program Files (x86)\Malwarebytes Anti-Malware\7z.dll - ok
20:01:09.0399 0x0d34  [ 827CB0D6C3F8057EA037FF271F8E9795, 82760DBDDD38D2A31CAAF51D065DF4E7E1D0F0C22733A0AF653776EBF7B79470 ] C:\Windows\SysWOW64\imageres.dll
20:01:09.0399 0x0d34  C:\Windows\SysWOW64\imageres.dll - ok
20:01:09.0399 0x0d34  [ A1EA582E8B94AE00C14FFACCE4D19E60, 8105AEE7DD563120EC90C500B14A540033599097D2C6635772D18D5981768443 ] C:\Users\Raul\AppData\Local\Temp\{A07EF438-39FB-492B-9E45-C25436B700AB}.exe
20:01:09.0399 0x0d34  C:\Users\Raul\AppData\Local\Temp\{A07EF438-39FB-492B-9E45-C25436B700AB}.exe - ok
20:01:09.0415 0x0d34  [ 8FE6AB488ECDC60930CE973A7051B0D4, 38A5CD589EB9CD4CF5656673588AED014D6E99731B97719ABE4BA712F3AF94FC ] C:\Windows\SysWOW64\ncrypt.dll
20:01:09.0415 0x0d34  C:\Windows\SysWOW64\ncrypt.dll - ok
20:01:09.0415 0x0d34  [ CE71B9119A258EDD0A05B37D7B0F92E3, D9310C5BBFE089B8C81E259C462EC1E6D7A7A87FA59FC1F174ED5C58D409AE7A ] C:\Windows\SysWOW64\bcrypt.dll
20:01:09.0415 0x0d34  C:\Windows\SysWOW64\bcrypt.dll - ok
20:01:09.0415 0x0d34  [ E8449FE262D7406BCB2AC2A45C53EC5F, 6C118C9FB26404D1943824CF3990F36E12986547FFACB7CC0DF975A913065D78 ] C:\Windows\SysWOW64\bcryptprimitives.dll
20:01:09.0415 0x0d34  C:\Windows\SysWOW64\bcryptprimitives.dll - ok
20:01:09.0415 0x0d34  [ 1097F3035BAF46CED8B332B3564C5108, C69781683CA963A1335780DABBBC60E2C3CEF0888738D3425D358D12E8D0AF58 ] C:\Windows\SysWOW64\gpapi.dll
20:01:09.0415 0x0d34  C:\Windows\SysWOW64\gpapi.dll - ok
20:01:09.0430 0x0d34  [ 7B851A8018B1EA00A69707A390004884, DAE654713EF1DC66C8C2D27752B659081794063A7D522D1F680AA9A6E7FBA9FD ] C:\Windows\SysWOW64\cryptnet.dll
20:01:09.0430 0x0d34  C:\Windows\SysWOW64\cryptnet.dll - ok
20:01:09.0430 0x0d34  [ 51128C011A4DE94568BD8D7B529551A3, B6F0C2D33E1C76F735D95210AE4F8BC48851F30D30E69BFE57A37D9AD8B7C61A ] C:\Program Files (x86)\IObit\Advanced SystemCare 8\delayLoad.exe
20:01:09.0430 0x0d34  C:\Program Files (x86)\IObit\Advanced SystemCare 8\delayLoad.exe - ok
20:01:09.0430 0x0d34  [ 90FB1802D488FFA9029854A77D4F3F27, FBEAB2065307A2BD9C78D3ABB4F80B8311F3EA68B2F23FD1EF80C24E1DBA1F4D ] C:\Windows\SysWOW64\oleaccrc.dll
20:01:09.0430 0x0d34  C:\Windows\SysWOW64\oleaccrc.dll - ok
20:01:09.0430 0x0d34  [ 4FF4C437E540AED700EEE4C5BE4956D9, 9CE1483EFD5D61C893F94CE733F8A98D13DFD72247D234D2D1CC87CD71414879 ] C:\Windows\SysWOW64\pt-PT\msctf.dll.mui
20:01:09.0430 0x0d34  C:\Windows\SysWOW64\pt-PT\msctf.dll.mui - ok
20:01:09.0446 0x0d34  [ B519848DFA30AE2B306576B51321D102, CFD8BCB7645F2200819224BEB9F10BB226D30FE27B3BB31A35A2889FA301EFF2 ] C:\Windows\System32\ie4uinit.exe
20:01:09.0446 0x0d34  C:\Windows\System32\ie4uinit.exe - ok
20:01:09.0446 0x0d34  [ C3E98C42EDF7EF237A4BAB91FEAC7426, FD3E92D629828F8DDD830E1474D86CC71A9C2ED5074EB8D155B578D404A485BE ] C:\Windows\System32\iedkcs32.dll
20:01:09.0446 0x0d34  C:\Windows\System32\iedkcs32.dll - ok
20:01:09.0446 0x0d34  [ 8205E55DFB11809E5F2AAD1C48840535, 018AA06F93815D2B97F41FA010457C9A8B1FD5BC0B0691F87EB764BD5EBDB6A9 ] C:\Windows\SysWOW64\credssp.dll
20:01:09.0446 0x0d34  C:\Windows\SysWOW64\credssp.dll - ok
20:01:09.0446 0x0d34  [ FB10715E4099AF9FA389C71873245226, 6A4CB43880B822A0C4714D6E52EB3EB2CE1E69C3AA9CA65EAAD6B131AE43F274 ] C:\Windows\System32\timedate.cpl
20:01:09.0446 0x0d34  C:\Windows\System32\timedate.cpl - ok
20:01:09.0461 0x0d34  [ 210FCACAF902B2CD47CF9FD17D846146, 3F77AC721E084864C5966FF5337A90185F62203DC19C685328675500D629CB87 ] C:\Windows\System32\aeevts.dll
20:01:09.0461 0x0d34  C:\Windows\System32\aeevts.dll - ok
20:01:09.0461 0x0d34  [ E6F0F82788E8BD0F7A616350EFA0761C, 13091DCB3E3F4F52C3FF210E93AAF1DCE142CFC09F671AEAC5B922393B23E67B ] C:\Windows\System32\actxprxy.dll
20:01:09.0461 0x0d34  C:\Windows\System32\actxprxy.dll - ok
20:01:09.0461 0x0d34  [ 23B001185B7C3CB1F4BDEB143E6B45B7, AB3A5AB346F6353B43B06FBE20B7785DA988975E2C8B73A6588F107FFAAACC47 ] C:\Windows\System32\shdocvw.dll
20:01:09.0461 0x0d34  C:\Windows\System32\shdocvw.dll - ok
20:01:09.0461 0x0d34  [ A0A65D306A5490D2EB8E7DE66898ECFD, CE5DA408F4EDD5E81CE0925867F03C9A35172CF1571FE4C4C052E45AB69822BB ] C:\Windows\System32\linkinfo.dll
20:01:09.0461 0x0d34  C:\Windows\System32\linkinfo.dll - ok
20:01:09.0477 0x0d34  [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\Users\Raul\AppData\Local\Temp\{AD4E542A-00AC-49F8-8034-A523A45F008B}\{AEBB48E1-F292-4F73-A2D6-1D467C72996A}.tmp
20:01:09.0477 0x0d34  C:\Users\Raul\AppData\Local\Temp\{AD4E542A-00AC-49F8-8034-A523A45F008B}\{AEBB48E1-F292-4F73-A2D6-1D467C72996A}.tmp - ok
20:01:09.0477 0x0d34  [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\Users\Raul\AppData\Local\Temp\{AD4E542A-00AC-49F8-8034-A523A45F008B}\{029FB047-AC9B-4D36-B53C-E6C5BE952FA9}.tmp
20:01:09.0477 0x0d34  C:\Users\Raul\AppData\Local\Temp\{AD4E542A-00AC-49F8-8034-A523A45F008B}\{029FB047-AC9B-4D36-B53C-E6C5BE952FA9}.tmp - ok
20:01:09.0477 0x0d34  [ 80808656078CFCC32CF8BFEB0DD66279, 383F37599ABF16EEDEB2A60242DB7EDCC3D210A2A59DD61169047059F7041C5C ] C:\Users\Raul\AppData\Local\Temp\{AD4E542A-00AC-49F8-8034-A523A45F008B}\{710715C1-BA88-4851-9BFB-2AE6AD5D58A6}.tmp
20:01:09.0477 0x0d34  C:\Users\Raul\AppData\Local\Temp\{AD4E542A-00AC-49F8-8034-A523A45F008B}\{710715C1-BA88-4851-9BFB-2AE6AD5D58A6}.tmp - ok
20:01:09.0493 0x0d34  [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\Users\Raul\AppData\Local\Temp\{AD4E542A-00AC-49F8-8034-A523A45F008B}\{2E63A054-8BBF-4FA6-A480-F2040B99F43C}.tmp
20:01:09.0493 0x0d34  C:\Users\Raul\AppData\Local\Temp\{AD4E542A-00AC-49F8-8034-A523A45F008B}\{2E63A054-8BBF-4FA6-A480-F2040B99F43C}.tmp - ok
20:01:09.0493 0x0d34  [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\Users\Raul\AppData\Local\Temp\{AD4E542A-00AC-49F8-8034-A523A45F008B}\{F25E7AE8-6CA0-4032-B996-282D47B3462B}.tmp
20:01:09.0493 0x0d34  C:\Users\Raul\AppData\Local\Temp\{AD4E542A-00AC-49F8-8034-A523A45F008B}\{F25E7AE8-6CA0-4032-B996-282D47B3462B}.tmp - ok
20:01:09.0493 0x0d34  [ 69754747274B76E7FAF287239333D7E6, A0BAEC1E56E4B1A17C0D41B317526AF5BB11E7E488C7016067A6229346A23B16 ] C:\Windows\System32\msiltcfg.dll
20:01:09.0493 0x0d34  C:\Windows\System32\msiltcfg.dll - ok
20:01:09.0493 0x0d34  [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\Users\Raul\AppData\Local\Temp\{AD4E542A-00AC-49F8-8034-A523A45F008B}\{BC9FB9BA-E755-4D71-A081-24C318A44A5B}.tmp
20:01:09.0493 0x0d34  C:\Users\Raul\AppData\Local\Temp\{AD4E542A-00AC-49F8-8034-A523A45F008B}\{BC9FB9BA-E755-4D71-A081-24C318A44A5B}.tmp - ok
20:01:09.0508 0x0d34  [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\Users\Raul\AppData\Local\Temp\{AD4E542A-00AC-49F8-8034-A523A45F008B}\{4C2CC866-883C-4C10-86BC-F336B0EB5023}.tmp
20:01:09.0508 0x0d34  C:\Users\Raul\AppData\Local\Temp\{AD4E542A-00AC-49F8-8034-A523A45F008B}\{4C2CC866-883C-4C10-86BC-F336B0EB5023}.tmp - ok
20:01:09.0508 0x0d34  [ 2720C94ADCC1727A66365CCB1CE456C4, 7A6978A117406E39CEE7ED051F02DE04E76EC51AA65B3F4774712C1C317F410C ] C:\Windows\System32\msi.dll
20:01:09.0508 0x0d34  C:\Windows\System32\msi.dll - ok
20:01:09.0508 0x0d34  [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\Users\Raul\AppData\Local\Temp\{AD4E542A-00AC-49F8-8034-A523A45F008B}\{453F5CDC-4FAC-4A0B-95D0-035BDF0F3D36}.tmp
20:01:09.0508 0x0d34  C:\Users\Raul\AppData\Local\Temp\{AD4E542A-00AC-49F8-8034-A523A45F008B}\{453F5CDC-4FAC-4A0B-95D0-035BDF0F3D36}.tmp - ok
20:01:09.0508 0x0d34  [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\Users\Raul\AppData\Local\Temp\{AD4E542A-00AC-49F8-8034-A523A45F008B}\{DD12E2C2-1636-4544-B0DC-A07C061DD6A1}.tmp
20:01:09.0508 0x0d34  C:\Users\Raul\AppData\Local\Temp\{AD4E542A-00AC-49F8-8034-A523A45F008B}\{DD12E2C2-1636-4544-B0DC-A07C061DD6A1}.tmp - ok
20:01:09.0524 0x0d34  [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\Users\Raul\AppData\Local\Temp\{AD4E542A-00AC-49F8-8034-A523A45F008B}\{A51F551C-1635-46C3-9A3F-1B62BECC2B77}.tmp
20:01:09.0524 0x0d34  C:\Users\Raul\AppData\Local\Temp\{AD4E542A-00AC-49F8-8034-A523A45F008B}\{A51F551C-1635-46C3-9A3F-1B62BECC2B77}.tmp - ok
20:01:09.0524 0x0d34  [ 4FDFA3F219692D17011BF1B428857C1E, 0422101F9D47633DFF47DF022031C4221B9D395F3E23C0C6E0A54CE55D76565D ] C:\Program Files\Windows Defender\MpRTP.dll
20:01:09.0524 0x0d34  C:\Program Files\Windows Defender\MpRTP.dll - ok
20:01:09.0524 0x0d34  [ CB55B9AAB060C803BE4AD229AA0FEC28, 58CF3D7BC275E4460766A5FC1B5D871C1F8995071AB81BB04BFB7BF98E0C9866 ] C:\Windows\SysWOW64\msi.dll
20:01:09.0524 0x0d34  C:\Windows\SysWOW64\msi.dll - ok
20:01:09.0524 0x0d34  [ A3FCC4F97551087D65F8FEE879FEF736, 000EA00FD2644531F38D215972C22FE2BCE5B01CF483071398053099A342BF74 ] C:\Windows\System32\tdh.dll
20:01:09.0524 0x0d34  C:\Windows\System32\tdh.dll - ok
20:01:09.0539 0x0d34  [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86, E15ED4FEFC3010C213694331DDFDC03767682325C898D773AB243E2DC8B08461 ] C:\Windows\System32\msftedit.dll
20:01:09.0539 0x0d34  C:\Windows\System32\msftedit.dll - ok
20:01:09.0539 0x0d34  [ 7FCAB194F01E3403C300EB034E480B36, 907EBC0ACF0FD4A047DBD20A5FE71F36142162CA5A7A1A6498D5DB5B2AFC70DB ] C:\Windows\System32\msls31.dll
20:01:09.0539 0x0d34  C:\Windows\System32\msls31.dll - ok
20:01:09.0539 0x0d34  [ 102CF6879887BBE846A00C459E6D4ABC, A4C51C79CF95D5C79DCEFB02946A09A987FEAF83CE2EE1BA7677EBA90869AC80 ] C:\Windows\SysWOW64\riched20.dll
20:01:09.0539 0x0d34  C:\Windows\SysWOW64\riched20.dll - ok
20:01:09.0539 0x0d34  [ 2BCBA6052374959A30BD7948444DBB79, 46224A2B729026FEEBC3C6A09E69919D477097848DB2CA0C2F5B166CDF379660 ] C:\Windows\System32\gameux.dll
20:01:09.0539 0x0d34  C:\Windows\System32\gameux.dll - ok
20:01:09.0555 0x0d34  [ E5AC79743E58A973CB0A140CDD1B3DC0, 1243D2CF9D9B76424FAC31D0B442F300723ACCA1144E9E671FE885634E85D53A ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpengine.dll
20:01:09.0555 0x0d34  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpengine.dll - ok
20:01:09.0555 0x0d34  [ E2A17BCC08D92F42E08AF6BA2F93ABA7, 5FC9D47BF4B1094BECC0C0DDCD5CD4318DD3E4495D982F8785331616D5B82599 ] C:\Windows\SysWOW64\ExplorerFrame.dll
20:01:09.0555 0x0d34  C:\Windows\SysWOW64\ExplorerFrame.dll - ok
20:01:09.0555 0x0d34  [ 6E1F8165C365D35C8E3C045AF0CDD481, B861360D0A014265A0BEB4CC2FE31EA05AE95120E8B07820C13A044D64C00E2B ] C:\Windows\SysWOW64\duser.dll
20:01:09.0555 0x0d34  C:\Windows\SysWOW64\duser.dll - ok
20:01:09.0571 0x0d34  [ EE06B85BC69F18826302348A2AD089E0, 417205797CC9F6C986A863A61179784D9ADCAF1961EF8A4D9042D73C5A86509A ] C:\Windows\SysWOW64\dui70.dll
20:01:09.0571 0x0d34  C:\Windows\SysWOW64\dui70.dll - ok
20:01:09.0571 0x0d34  [ 4C2C4640BF23AAFCF90519E0F34436CE, 8ACCDA77C2DC5BE2DAED05134310122AFECC872A8D118612E55DD229BFE4D844 ] C:\Windows\System32\DeviceCenter.dll
20:01:09.0571 0x0d34  C:\Windows\System32\DeviceCenter.dll - ok
20:01:09.0571 0x0d34  [ 4F29312863A82B8377A370A413994521, 0F9D0A84055DB60F0952B44C87F083E1CC7269DAB3353D785AD7F83A5443EDCA ] C:\Program Files\Apoint2K\Apoint.exe
20:01:09.0571 0x0d34  C:\Program Files\Apoint2K\Apoint.exe - ok
20:01:09.0571 0x0d34  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
20:01:09.0571 0x0d34  C:\Program Files\Windows Sidebar\sidebar.exe - ok
20:01:09.0586 0x0d34  [ 6BF457C16A7C657F57E3BD34F97DA099, 629D69B7BD6A472FDCB7700C3F4244EB9AA7535ABA61818620515FA75BBF521F ] C:\Program Files\Apoint2K\ApCLP.exe
20:01:09.0586 0x0d34  C:\Program Files\Apoint2K\ApCLP.exe - ok
20:01:09.0586 0x0d34  [ 1FA0390CF3D437438AD1E76B24181986, A524A2AED07EFB32DED62586754488DB74FF199DBCDF4C7789152CD5F52B5B1E ] C:\Windows\System32\Vxdif.dll
20:01:09.0586 0x0d34  C:\Windows\System32\Vxdif.dll - ok
20:01:09.0586 0x0d34  [ 427174F83DBACEBD48727244B0808DAD, 889730F8C81161132ADF3EDFAAD181B6F94B5089125B0E61774854D2E938BE0F ] C:\Program Files\Apoint2K\Apoint.dll
20:01:09.0586 0x0d34  C:\Program Files\Apoint2K\Apoint.dll - ok
20:01:09.0586 0x0d34  [ 273C4436D232B27AFD8DF3BAF148D932, 62D52E7D215086D1F9CD51ECB10976C9C4EFE1A4BB4C74E57CE6C8DE16A4BAA8 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
20:01:09.0586 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe - ok
20:01:09.0602 0x0d34  [ 364ECFF4ABD9D575F4F7CF7EB7928EF3, BA2E0A2AC40AE75A6ED2284B9066AB447C4F328000146B4C72BC1CA922827065 ] C:\Windows\System32\msxml3.dll
20:01:09.0602 0x0d34  C:\Windows\System32\msxml3.dll - ok
20:01:09.0602 0x0d34  [ 67611DEA70471375E1913A4CFC6A6575, A176C6DFCFB69D053FEC446D81AAF67E2BB713C00A5D87BEBE21D3AEE5C7A227 ] C:\Program Files\Apoint2K\EzAuto.dll
20:01:09.0602 0x0d34  C:\Program Files\Apoint2K\EzAuto.dll - ok
20:01:09.0602 0x0d34  [ D7B191577D466FEC2FC62EC31F85E498, F506DE33951EFB04F5F346078202AAF39762AEA2FA1F18F5F06A992D2016BD6E ] C:\Program Files\Apoint2K\ApMsgFwd.exe
20:01:09.0602 0x0d34  C:\Program Files\Apoint2K\ApMsgFwd.exe - ok
20:01:09.0602 0x0d34  [ 912A7D052F551B9D4F2241E60A7900B5, 2C29F9459819E65E9A263DA7F8848768256D2C39C877B33D7E05AB4188987DBE ] C:\Windows\System32\mshtml.dll
20:01:09.0602 0x0d34  C:\Windows\System32\mshtml.dll - ok
20:01:09.0617 0x0d34  [ 63EE41C76AB9D03BF33359FEBE97220A, 36AC7AE7FBB183E281064CC7FD1D7994608C45E253DC861FFAA08E00FBDDC7AE ] C:\Program Files (x86)\IObit\Advanced SystemCare 8\MonitorDisk.exe
20:01:09.0617 0x0d34  C:\Program Files (x86)\IObit\Advanced SystemCare 8\MonitorDisk.exe - ok
20:01:09.0617 0x0d34  [ B0F8CCA08DBC392442E27377B98DD0CD, D76D5897EFE57BD3897F3ACD44A85003BD412E9C0CAF1C78D18137C32327A399 ] C:\Windows\System32\consent.exe
20:01:09.0617 0x0d34  C:\Windows\System32\consent.exe - ok
20:01:09.0617 0x0d34  [ AA62734A69CA137C7BCFAAB30FF8DA1B, A434C654E75A043B62B9E0142E478D59DEFE0836CDC0C7B2F1D722F0715C147D ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUASysTray.dll
20:01:09.0617 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUASysTray.dll - ok
20:01:09.0617 0x0d34  [ B3CE0951E3C1EA3C733573C472EE85F9, F7D81435BA1B85A6B105480B8BF484255CB74B2E31CEA927D8F3546DB6549293 ] C:\Windows\System32\msimtf.dll
20:01:09.0617 0x0d34  C:\Windows\System32\msimtf.dll - ok
20:01:09.0633 0x0d34  [ 7A5FEF848E8B48E28FF7885319A58F2D, 9E780241D894F4F77FF49F172BFA02DFAFE4AAE898FB16F63BCDE999F200E911 ] C:\Windows\System32\pt-PT\consent.exe.mui
20:01:09.0633 0x0d34  C:\Windows\System32\pt-PT\consent.exe.mui - ok
20:01:09.0633 0x0d34  [ 46540149C2D7F3DA23202211B75A4AD9, 23BF4A668C39B8DCB976878A4A0FE728113797A35A99C3C351EC9A8C36D2F495 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUASystrayObject.dll
20:01:09.0633 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUASystrayObject.dll - ok
20:01:09.0633 0x0d34  [ 24F4B480F335A6C724AF352253C5D98B, 011413B236CAD7B78CE0A0EEC3E3085D48C7576A3205D025BA6EBFDF590538E4 ] C:\Windows\System32\thumbcache.dll
20:01:09.0633 0x0d34  C:\Windows\System32\thumbcache.dll - ok
20:01:09.0633 0x0d34  [ EB8CDE4EF586D7A579B44FF198850DE4, DB91AB6CD37EB0131E2C9D4789833910CD3CABD5B00DB3F96E95AB3FDAAC9801 ] C:\Windows\System32\input.dll
20:01:09.0633 0x0d34  C:\Windows\System32\input.dll - ok
20:01:09.0649 0x0d34  [ 5028B56C171986AA122731E4CC7A0585, D3C3A802B544734517DABEE47948BEA2CF13BDD0E6C95CE090114ED10EF7C67B ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAResources.dll
20:01:09.0649 0x0d34  C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAResources.dll - ok
20:01:09.0649 0x0d34  [ 49CC2D018DFE787C38EF380368027047, 12EEC6E0F89D8F31B013608361C66FD9A1DE8CAB4DFDAA801429CCC4ADBB91E6 ] C:\Windows\System32\pt-PT\input.dll.mui
20:01:09.0649 0x0d34  C:\Windows\System32\pt-PT\input.dll.mui - ok
20:01:09.0649 0x0d34  [ EE7E34E94C2DA0DF294A5816E437AEA0, A1D06F31AF2A1DA3A084D6482AD0327FBA3E4D8F840CFA812997896A0B2E8B2B ] C:\Windows\System32\jscript9.dll
20:01:09.0649 0x0d34  C:\Windows\System32\jscript9.dll - ok
20:01:09.0649 0x0d34  [ D629F73E88B2DA7F5BDA2C06466DCCC4, 0870101A02E3BEB49F209662E22353648E0FA4D1ACCB8F08D7D10F293D38C028 ] C:\Windows\IME\SPTIP.DLL
20:01:09.0649 0x0d34  C:\Windows\IME\SPTIP.DLL - ok
20:01:09.0664 0x0d34  [ 04AE69AAA5CB303B198D5139A12FFF95, 97FDBEA80F4FB27F40A38B43169F5C453EB1FD904BC9066C5C147F2BF9E2FC0A ] C:\Windows\IME\pt-PT\SpTip.dll.mui
20:01:09.0664 0x0d34  C:\Windows\IME\pt-PT\SpTip.dll.mui - ok
20:01:09.0664 0x0d34  [ 3EE10E01F87C77690AAE39DA7B8FDC2D, 81B743D4AD3F6FA1876EAA12712C9E48E685905FBB6D187A6B3D1CDF045DB27F ] C:\Program Files\Windows NT\TableTextService\TableTextService.dll
20:01:09.0664 0x0d34  C:\Program Files\Windows NT\TableTextService\TableTextService.dll - ok
20:01:09.0664 0x0d34  [ 0DB03249DE5A282CC400AEC1D421CA9D, CDA5A940FDC97A3BE423B6CC443DA93A2E4673D31873738FD9AE9D7BEA38BA47 ] C:\Program Files\Windows NT\TableTextService\en-US\TableTextService.dll.mui
20:01:09.0664 0x0d34  C:\Program Files\Windows NT\TableTextService\en-US\TableTextService.dll.mui - ok
20:01:09.0664 0x0d34  [ F7765355C83D72050D6943BC64237159, BC8C186E6C9BC1E662BB4DE4E47B63DB1DD7B9CC6D2918198C83A63808ABB1B3 ] C:\Windows\System32\pt-PT\crypt32.dll.mui
20:01:09.0664 0x0d34  C:\Windows\System32\pt-PT\crypt32.dll.mui - ok
20:01:09.0680 0x0d34  [ 405F4D32D2185F1F1BD753D8EEAFFB3A, CAC42C3E09C43BE96592B670D70821386014DB22D8239A9CFB9E33E54FB5C3D5 ] C:\Windows\System32\networkexplorer.dll
20:01:09.0680 0x0d34  C:\Windows\System32\networkexplorer.dll - ok
20:01:09.0680 0x0d34  [ 1F04E809409A9B5FFD510B5FD89A1155, B828F39EDA32BF53D108B1BBBAB5A4CCD0AD76FAF97B2AFC80F1FB2504B2E7CF ] C:\Windows\System32\d2d1.dll
20:01:09.0680 0x0d34  C:\Windows\System32\d2d1.dll - ok
20:01:09.0680 0x0d34  [ F0B4D0B258C54D589C410E51180DF193, ADEF563827E2D419DD21EC9A7398E4C439A1C00DBAE7CC058DDAC7C973D4EC1B ] C:\Windows\System32\pt-PT\KernelBase.dll.mui
20:01:09.0680 0x0d34  C:\Windows\System32\pt-PT\KernelBase.dll.mui - ok
20:01:09.0680 0x0d34  [ 3CDCA162473030157380AC04B404AAA9, 4DD09160E41C95DA608309DD56CDF75DA08FB0BA2C6FE9B7F6383A9AC8526967 ] C:\Windows\System32\pt-PT\msutb.dll.mui
20:01:09.0680 0x0d34  C:\Windows\System32\pt-PT\msutb.dll.mui - ok
20:01:09.0695 0x0d34  [ 79BEC88D21DB3611C2A0B453D4846A8E, 72FBBF7F9A8F00C95121A2F08A9C6879C85246FEFA2EDC48C8481E75E82FFD48 ] C:\Windows\System32\DWrite.dll
20:01:09.0695 0x0d34  C:\Windows\System32\DWrite.dll - ok
20:01:09.0695 0x0d34  [ 027675ED9B34EE1B91505C3B8752649F, 78EF98AFB0EE1B680EC8B7BE40ABD87979F09534A49CDA576258BDB4CB4E29C0 ] C:\Windows\System32\Wpc.dll
20:01:09.0695 0x0d34  C:\Windows\System32\Wpc.dll - ok
20:01:09.0695 0x0d34  [ 76C196B109E4BFA50132EF50AF6A1C1B, 6452E96C3C9D35433890FFE72CDBBECBD1D0F56BBAD92DDC31551C1EE44B5860 ] C:\Windows\System32\FntCache.dll
20:01:09.0695 0x0d34  C:\Windows\System32\FntCache.dll - ok
20:01:09.0695 0x0d34  [ C3761661C17C2248A9379A8FB89E3DE1, CE3477FA2B4058EB80739E0161FE957545F13CF86D313F6422732901D35F75F2 ] C:\Windows\System32\stobject.dll
20:01:09.0695 0x0d34  C:\Windows\System32\stobject.dll - ok
20:01:09.0711 0x0d34  [ F832EEEA97CDDA1AF577E721F652A0D1, EBBB7CA199BA4DF231123922BD310D43DE0104C6185B70FE0281B938D5336F2E ] C:\Windows\System32\batmeter.dll
20:01:09.0711 0x0d34  C:\Windows\System32\batmeter.dll - ok
20:01:09.0711 0x0d34  [ 1473768973453DE50DC738C2955FC4DD, 14BC5DA2442CB726ACC1F277DDBECCF5D61E3A0A3E083A55A0BB610191E35220 ] C:\Windows\System32\wdmaud.drv
20:01:09.0711 0x0d34  C:\Windows\System32\wdmaud.drv - ok
20:01:09.0711 0x0d34  [ 8560FFFC8EB3A806DCD4F82252CFC8C6, CC27BC092369A89D6147B16568FEDEB68B584D5738CD686C31F7FAE22ED17B3B ] C:\Windows\System32\ksuser.dll
20:01:09.0711 0x0d34  C:\Windows\System32\ksuser.dll - ok
20:01:09.0711 0x0d34  [ FAFCB80D42A65964B6F4945283B8C10F, 78CDA4F8C484D5540732554D5129EE88444510340F4C14DBA86AD9C23BB18E72 ] C:\Windows\System32\AudioSes.dll
20:01:09.0711 0x0d34  C:\Windows\System32\AudioSes.dll - ok
20:01:09.0727 0x0d34  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\System32\rundll32.exe
20:01:09.0727 0x0d34  C:\Windows\System32\rundll32.exe - ok
20:01:09.0727 0x0d34  [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122, E7EA375A3BDE8FC764CB09524344370B9EE25F98AD6C83E6F37A569EB8D277D6 ] C:\Windows\System32\prnfldr.dll
20:01:09.0727 0x0d34  C:\Windows\System32\prnfldr.dll - ok
20:01:09.0727 0x0d34  [ 1B7C3A37362C7B2890168C5FC61C8D9B, 03727930E5BB5F9D91BAB901FC9A2E3B795D68E2AEE6A2CC3477F356C45A9C54 ] C:\Windows\System32\msacm32.drv
20:01:09.0727 0x0d34  C:\Windows\System32\msacm32.drv - ok
20:01:09.0727 0x0d34  [ 10AC5CE9F78DC281A1BBD9B8CC587B8A, 72288C0A88916D3C3828DBD948DBDB0928F26106319F8E60102D6C9004514D60 ] C:\Windows\System32\msacm32.dll
20:01:09.0727 0x0d34  C:\Windows\System32\msacm32.dll - ok
20:01:09.0742 0x0d34  [ CA2A0750ED830678997695FF61B04C30, E84860CD97AA3C4565ABB2D5D406A5C42B1AD2D8BA1B8CF81FE564D91F15F976 ] C:\Windows\System32\midimap.dll
20:01:09.0742 0x0d34  C:\Windows\System32\midimap.dll - ok
20:01:09.0742 0x0d34  [ 42A9CB6906D9A8BEDC83B57163E62924, E18522D3137653140757829EFBFCE624A5BAA5842E2BBA10B9E5AB6C84BE49E1 ] C:\Windows\System32\DXP.dll
20:01:09.0742 0x0d34  C:\Windows\System32\DXP.dll - ok
20:01:09.0742 0x0d34  [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891, 0A82A475301202791A7C10F978F952EAB7DB146A702D4EA67E24E2C98BC19638 ] C:\Windows\System32\Syncreg.dll
20:01:09.0742 0x0d34  C:\Windows\System32\Syncreg.dll - ok
20:01:09.0742 0x0d34  [ A2C9E45F4069A002E985D1563D16813B, 0204BF076483F256F0E041E9A87F50F8795D8B1755978CA64DCBBF2E071C8956 ] C:\Windows\System32\AudioEng.dll
20:01:09.0742 0x0d34  C:\Windows\System32\AudioEng.dll - ok
20:01:09.0758 0x0d34  [ C836175870E00ACC546066632E15BD10, 4347F3319C26DA1C38F395C74DBD67AF886149C8F29EDE765DD96C8480A3054A ] C:\Windows\ehome\ehSSO.dll
20:01:09.0758 0x0d34  C:\Windows\ehome\ehSSO.dll - ok
20:01:09.0758 0x0d34  [ FD97807051658AE27799BE3A557D3776, 114E111F1E195BE203BF35B12B2C1442B6708E12D0B68E9577D31A778B116D25 ] C:\Program Files\Apoint2K\ApntEx.exe
20:01:09.0758 0x0d34  C:\Program Files\Apoint2K\ApntEx.exe - ok
20:01:09.0758 0x0d34  [ A42F2C1EB3B66C54FB3C7B79D30C1A6D, A63836DB3B01835DC1311526A95198D6EBCCB1DC9DDAFBC38EC36C128CDB98B9 ] C:\Windows\System32\netshell.dll
20:01:09.0758 0x0d34  C:\Windows\System32\netshell.dll - ok
20:01:09.0758 0x0d34  [ 9383B21A4B77C130940262DDC5F3F49B, 39BD91E0A2F56909B3EEBEA4966D497DF9A1623EC0F15D508638D5539FE1C88D ] C:\Windows\System32\AUDIOKSE.dll
20:01:09.0758 0x0d34  C:\Windows\System32\AUDIOKSE.dll - ok
20:01:09.0773 0x0d34  [ 1B0E5412AB8F30B8ED2AEAC2C530EB90, C3EA2387C1C8BD0FBBB72F825612CCE2B78F1B20216214EF431C37E652CCA404 ] C:\Program Files\Apoint2K\hidfind.exe
20:01:09.0773 0x0d34  C:\Program Files\Apoint2K\hidfind.exe - ok
20:01:09.0773 0x0d34  [ 92DBF0A4C9239169010FC6E07859C82E, 00FB2CF4420F0FFEF519AFE732A708CF249640121E2A891CAA164313ABD7F804 ] C:\Windows\System32\ActionCenter.dll
20:01:09.0773 0x0d34  C:\Windows\System32\ActionCenter.dll - ok
20:01:09.0773 0x0d34  [ 401106B4B036BA2D74BF168F22FE9400, E7365CE96356DA53FA8ED06C2098EED6CB3897CB559A0B8A66955C98B05F8DA0 ] C:\Windows\System32\stapo64.dll
20:01:09.0773 0x0d34  C:\Windows\System32\stapo64.dll - ok
20:01:09.0773 0x0d34  [ 6F3C559B82F2912354BE5B098744CC8C, EB64E5C02C81588921A65194E1256E80699A1317E7D9A57395CD38C2639C8B08 ] C:\Windows\System32\WMALFXGFXDSP.dll
20:01:09.0773 0x0d34  C:\Windows\System32\WMALFXGFXDSP.dll - ok
20:01:09.0789 0x0d34  [ 4BE4D8091FBE4DE496B3EFBA206F29AE, EEC8BFA0EFEF3FBA0CA2FF78B4ACE34269488B7B97FEACC1D20CF7DC9D112E45 ] C:\Windows\System32\mfplat.dll
20:01:09.0789 0x0d34  C:\Windows\System32\mfplat.dll - ok
20:01:09.0789 0x0d34  [ C8FDF0FA9E97E2FAAF3F814716AAA881, DD24A1CAB44D943B0E1A795A347AD25D9305FC7F012A2566A6A14BD47221831F ] C:\Windows\System32\WPDShServiceObj.dll
20:01:09.0789 0x0d34  C:\Windows\System32\WPDShServiceObj.dll - ok
20:01:09.0789 0x0d34  [ 4F3CD1C59EA71401E155C432BCECE180, 6D4118A627CAE509E43D0CC0062EECAA0990C955BB15AE24834460551B2F51A2 ] C:\Windows\System32\PortableDeviceTypes.dll
20:01:09.0789 0x0d34  C:\Windows\System32\PortableDeviceTypes.dll - ok
20:01:09.0789 0x0d34  [ C469893743E18BA547DB3C7ED98B32F5, CD6FA1900174AF013D312C51753173A39691F0EE5799D1E7AD2604A220D64C2E ] C:\Windows\System32\AESTAR64.dll
20:01:09.0789 0x0d34  C:\Windows\System32\AESTAR64.dll - ok
20:01:09.0805 0x0d34  [ 8569E35D00F45972E506502EEE622BA4, 01FE851C03DB88C8373099C279F995A559D962B08932E193032FA3EAD522FB01 ] C:\Windows\System32\srchadmin.dll
20:01:09.0805 0x0d34  C:\Windows\System32\srchadmin.dll - ok
20:01:09.0805 0x0d34  [ 3D9FC44CA93001B423F89876369F1348, C538E2502402A66415D0591A97E17BA6FB020A5E7031BC54BB0931D94B4F879F ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sluapo64.dll
20:01:09.0805 0x0d34  C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sluapo64.dll - ok
20:01:09.0805 0x0d34  [ B6F0676FC23D543452FE81D8B71D24E7, 6D17CEEC23D616A181457A1041F7BC5E33453C511A59A661CA0A091386E30336 ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcshp64.dll
20:01:09.0805 0x0d34  C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcshp64.dll - ok
20:01:09.0820 0x0d34  [ F7BA79CEFBD9DF4AF781E00356FBF48E, 6A1BD3054136FA031CCA0361F52D61A2B91B5FCD87BC0FFBCB99FDF9932A785F ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slh36064.dll
20:01:09.0820 0x0d34  C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slh36064.dll - ok
20:01:09.0820 0x0d34  [ 79E25E0628A2FF7A74356EAEF5011C26, 7DCA0461C070C31B8DB433797A5D6D4C76530ED3DFC5EAE9E35C123929C8B04C ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sltshd64.dll
20:01:09.0820 0x0d34  C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sltshd64.dll - ok
20:01:09.0820 0x0d34  [ D7CEAEDD5F75D2C8A2E80887D7C114CE, 44D7D7BBF8643D4168A3B0369AB88C83A156943FB6295FAF8E131C55F080ED19 ] C:\Windows\System32\webcheck.dll
20:01:09.0820 0x0d34  C:\Windows\System32\webcheck.dll - ok
20:01:09.0820 0x0d34  [ 5DC3BB795F5DCA8C0BABAB3E45AB9D14, BC2C6F8E498EF84117D13C8AD9B2082612FF4D0B8B8B69C16C5D782042C0BEF2 ] C:\Windows\System32\ieframe.dll
20:01:09.0820 0x0d34  C:\Windows\System32\ieframe.dll - ok
20:01:09.0836 0x0d34  [ 64ABE1250EC1A1CFD1442E7C8800216E, 38970ABB2684DBF40DCABC34DA1615F6F000706F0B5F27956D0F53242612D500 ] C:\Windows\System32\d3d10warp.dll
20:01:09.0836 0x0d34  C:\Windows\System32\d3d10warp.dll - ok
20:01:09.0836 0x0d34  [ 8494E126F0B10180F3293AF861CE1F7A, 538B1F30423DB2398E611BC46C80150C090698E633BABF7362F7060DBF0C3064 ] C:\Windows\System32\mlang.dll
20:01:09.0836 0x0d34  C:\Windows\System32\mlang.dll - ok
20:01:09.0836 0x0d34  [ 1AA565CD5B0BC54A34A13AE2C2E97E85, 778C8C25F804406D6B23C384D674E930C7DB1DC5B27B873B533F2FEC8A621B9E ] C:\Windows\System32\dxtrans.dll
20:01:09.0836 0x0d34  C:\Windows\System32\dxtrans.dll - ok
20:01:09.0836 0x0d34  [ 101797BA603D227946B4B5109867EB19, EBF2B48D1A4FE148F455EA32023ABC0D479215D48C7CE76E765F199CD3C80AF8 ] C:\Windows\System32\SyncCenter.dll
20:01:09.0836 0x0d34  C:\Windows\System32\SyncCenter.dll - ok
20:01:09.0851 0x0d34  [ 4938A4350327E1A5DEB0CD134AC1AAA3, 2F248CD60508EF43040F952CB1FF5AAB91AE3235760997379B71ACC28E8B698E ] C:\Windows\System32\ddrawex.dll
20:01:09.0851 0x0d34  C:\Windows\System32\ddrawex.dll - ok
20:01:09.0851 0x0d34  [ A6C09924C6730DE8DEED9890A12AA691, 46EACBC27D15FD43431812D6CA770982178C07246AF3A1C2E0D40D745A1D5758 ] C:\Windows\System32\ddraw.dll
20:01:09.0851 0x0d34  C:\Windows\System32\ddraw.dll - ok
20:01:09.0851 0x0d34  [ C746F3BF98E92FB137B5BD2B8B5925BD, 67A8990F3D491D149E65C90042909259793C65E671DC953FDA1F7590FAC23D9E ] C:\Windows\System32\FXSST.dll
20:01:09.0851 0x0d34  C:\Windows\System32\FXSST.dll - ok
20:01:09.0851 0x0d34  [ A5ED9421B8D09ED4F57CDA386307713E, EC2EE043E94A53302A9721220AA42D29BE72AF3448B7AA01F7EB911ECF7DC6AE ] C:\Windows\System32\dciman32.dll
20:01:09.0851 0x0d34  C:\Windows\System32\dciman32.dll - ok
20:01:09.0851 0x0d34  [ 650CAEA856943E29F25A25D31E004B18, DCA63D2AF4C6F14B27EA006F200E58A5C13AC940A51947A40F668908A446CC4E ] C:\Windows\System32\FXSAPI.dll
20:01:09.0867 0x0d34  C:\Windows\System32\FXSAPI.dll - ok
20:01:09.0867 0x0d34  [ E84BA21C08BB824F086632A342FF6A6D, 7976E1892AFE10C857EE8DDE818C31547D5D2D2D033069301D712FD5AACF2C18 ] C:\Windows\System32\dxtmsft.dll
20:01:09.0867 0x0d34  C:\Windows\System32\dxtmsft.dll - ok
20:01:09.0867 0x0d34  [ C8E8B8239FCF17BEA10E751BE5854631, CB869195E78AB613CEF50AE3B247F0E4E42F233A7AAF5B2BFC5ADEA2C45C5F8D ] C:\Windows\System32\FXSRESM.dll
20:01:09.0867 0x0d34  C:\Windows\System32\FXSRESM.dll - ok
20:01:09.0867 0x0d34  [ 779401704C7663411C0AAEEDE2CA177F, 81198C7C1265D7CF152D923C48AAED79CBEBA56360EA9F774E888ADB5A43C51D ] C:\Windows\System32\vbscript.dll
20:01:09.0867 0x0d34  C:\Windows\System32\vbscript.dll - ok
20:01:09.0867 0x0d34  [ 8130391F82D52D36C0441F714136957F, 1FD4FEE7CAF63E450F27729E07EA2A2F09288629FD872DBB6E8710B16D8DBD5D ] C:\Windows\System32\imapi2.dll
20:01:09.0867 0x0d34  C:\Windows\System32\imapi2.dll - ok
20:01:09.0883 0x0d34  [ E7368F0A8D19445EAF5C5D0DBB8B8DAB, CF9082360E32A7C3E13A67AC2C6192F4A76870D43DA9FF2936993A637F712761 ] C:\Windows\System32\AltTab.dll
20:01:09.0883 0x0d34  C:\Windows\System32\AltTab.dll - ok
20:01:09.0883 0x0d34  [ BD66ECA9479C688412DDDA9F2CCD2C69, 0F5D6A9C0B17BCDBDFEB2EEFB20EAAF5EDB9E1071F7F1A02CE45F34F61978B2F ] C:\Windows\System32\d3d10.dll
20:01:09.0883 0x0d34  C:\Windows\System32\d3d10.dll - ok
20:01:09.0883 0x0d34  [ 10F815BE90A66AAFC6C713D1BD626064, 01139FC04BC53594296F6A0E16B8D20B940F64BC8119FE7705C03C4947958F39 ] C:\Windows\System32\pnidui.dll
20:01:09.0883 0x0d34  C:\Windows\System32\pnidui.dll - ok
20:01:09.0883 0x0d34  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] C:\Windows\System32\FXSSVC.exe
20:01:09.0883 0x0d34  C:\Windows\System32\FXSSVC.exe - ok
20:01:09.0898 0x0d34  [ B628DA8B548E6D11A35B86799714CB22, 8B2AC668D458567F2B291E380AD9DFB83BEEECA7F46581FBE29D7E89CED30034 ] C:\Windows\System32\d3d10core.dll
20:01:09.0898 0x0d34  C:\Windows\System32\d3d10core.dll - ok
20:01:09.0898 0x0d34  [ B9F0A4020AA98B7A20287BF7FE99A1FD, 21138F161EEEA46198890C7A2D073F2C82829E15676131BDAD9F237EDC7477CD ] C:\Windows\System32\QUTIL.DLL
20:01:09.0898 0x0d34  C:\Windows\System32\QUTIL.DLL - ok
20:01:09.0898 0x0d34  [ F7A256EC899C72B4ECDD2C02CB592EFD, 9C1AA9322E83CABB94AEA4375EAEB0C44700E1F33B8BE98649BA1DF4DDFAD326 ] C:\Windows\System32\bthprops.cpl
20:01:09.0898 0x0d34  C:\Windows\System32\bthprops.cpl - ok
20:01:09.0898 0x0d34  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] C:\Windows\System32\netman.dll
20:01:09.0898 0x0d34  C:\Windows\System32\netman.dll - ok
20:01:09.0914 0x0d34  [ D2155709E336C3BC15729EB87FEC6064, 682A84C0F2D892E7A6CEE4E5937B4799E352AAE3B71E7037F2A343373467443C ] C:\Windows\System32\rasdlg.dll
20:01:09.0914 0x0d34  C:\Windows\System32\rasdlg.dll - ok
20:01:09.0914 0x0d34  [ 6A5C1A8AC0B572679361026D0E900420, B5E693B48B462E97738A3D4E58B60846159649EB15F4D11074B4BC107CC88562 ] C:\Windows\System32\hgcpl.dll
20:01:09.0914 0x0d34  C:\Windows\System32\hgcpl.dll - ok
20:01:09.0914 0x0d34  [ 2DF29664ED261F0FC448E58F338F0671, 4EFE79C383D0AF126FC4EE668D822563F8F037B1E61D73747A35FE11AAFDB8CE ] C:\Windows\System32\mprapi.dll
20:01:09.0914 0x0d34  C:\Windows\System32\mprapi.dll - ok
20:01:09.0914 0x0d34  [ 3B367397320C26DBA890B260F80D1B1B, 50BBE71B4380B5E86E197AF86F5C08266DD6B12344BA4ABDEA604B8C774C4147 ] C:\Windows\System32\hnetcfg.dll
20:01:09.0914 0x0d34  C:\Windows\System32\hnetcfg.dll - ok
20:01:09.0929 0x0d34  [ E4FCA0F99A41E460C84016DEFD31E6EF, 8EB14AF2025EADC7C86280E8417D8F286E8271B4F88B31696E33DFD72B3A0EF2 ] C:\Windows\System32\wlanhlp.dll
20:01:09.0929 0x0d34  C:\Windows\System32\wlanhlp.dll - ok
20:01:09.0929 0x0d34  [ 357BE883C5236BFC7341CB9E82308908, 4DDB697FD9B7C516CF99D73C8799EA35BB97E2431216CD7C1045F17B06109FBF ] C:\Windows\System32\wlanapi.dll
20:01:09.0929 0x0d34  C:\Windows\System32\wlanapi.dll - ok
20:01:09.0929 0x0d34  [ 7F1B4C6FF3B85F9ADF74055187B8A22C, CC95DA5662638AACBE9643DCB236464C2C2095A8D5CDC8A747045870BE9D0E7D ] C:\Windows\System32\wlanutil.dll
20:01:09.0929 0x0d34  C:\Windows\System32\wlanutil.dll - ok
20:01:09.0945 0x0d34  [ 73FCB7919DEE80EE556F2E498594EBAE, D0F7A0AD3BC33263E9C2CF9787DD326436F9E0C9F5031D769F8A43C64C08A762 ] C:\Windows\System32\onex.dll
20:01:09.0945 0x0d34  C:\Windows\System32\onex.dll - ok
20:01:09.0945 0x0d34  [ 65522E77A1360DBC8D199DA3BF5EFFE4, E9D748070FA478A3D37F15049F998D340885C0DC5FCE03BFCE5D521C9EBA7350 ] C:\Windows\System32\eappprxy.dll
20:01:09.0945 0x0d34  C:\Windows\System32\eappprxy.dll - ok
20:01:09.0945 0x0d34  [ 0D753307D274F3688BD21C377B616700, 5DD08E77A11F2561FB96BA212FDDFE21D4394C69C34C3EB88F7F5CD068EE55BF ] C:\Windows\System32\eappcfg.dll
20:01:09.0945 0x0d34  C:\Windows\System32\eappcfg.dll - ok
20:01:09.0945 0x0d34  [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2, E8ACB693B1A78FAEF292111BE3F9B10BA95C76833C06C931A08EAAAE39A21334 ] C:\Windows\System32\dot3api.dll
20:01:09.0945 0x0d34  C:\Windows\System32\dot3api.dll - ok
20:01:09.0961 0x0d34  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] C:\Windows\System32\tapisrv.dll
20:01:09.0961 0x0d34  C:\Windows\System32\tapisrv.dll - ok
20:01:09.0961 0x0d34  [ BCEA9AB347E53BC03B2E36BE0B8BA0EF, 868DEFB78767E91694E83F931725257DF3FF79A4BFED3B914D27F3493EB7A8D0 ] C:\Windows\System32\httpapi.dll
20:01:09.0961 0x0d34  C:\Windows\System32\httpapi.dll - ok
20:01:09.0961 0x0d34  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] C:\Windows\System32\rasmans.dll
20:01:09.0961 0x0d34  C:\Windows\System32\rasmans.dll - ok
20:01:09.0961 0x0d34  [ 44C96B48112EB24AE7764EBF1C527000, 6691D008C834686906B4841EF27604B0F0E70E668C09CEE19369426BF168AF44 ] C:\Windows\System32\rastapi.dll
20:01:09.0961 0x0d34  C:\Windows\System32\rastapi.dll - ok
20:01:09.0976 0x0d34  [ FAFAE01E889DC9C05A6CA2138CFC220B, 192CFDE3593ED0A9B397461D912074C0F062015C23E6F6658571C7C2864D9A51 ] C:\Windows\System32\tapi32.dll
20:01:09.0976 0x0d34  C:\Windows\System32\tapi32.dll - ok
20:01:09.0976 0x0d34  ================ Scan generic autorun ======================
20:01:10.0054 0x0d34  [ 4F29312863A82B8377A370A413994521, 0F9D0A84055DB60F0952B44C87F083E1CC7269DAB3353D785AD7F83A5443EDCA ] C:\Program Files\Apoint2K\Apoint.exe
20:01:10.0070 0x0d34  Apoint - ok
20:01:10.0210 0x0d34  [ 273C4436D232B27AFD8DF3BAF148D932, 62D52E7D215086D1F9CD51ECB10976C9C4EFE1A4BB4C74E57CE6C8DE16A4BAA8 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
20:01:10.0226 0x0d34  PSUAMain - ok
20:01:10.0304 0x0d34  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:01:10.0397 0x0d34  Sidebar - ok
20:01:10.0413 0x0d34  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:01:10.0444 0x0d34  mctadmin - ok
20:01:10.0475 0x0d34  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:01:10.0522 0x0d34  Sidebar - ok
20:01:10.0522 0x0d34  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:01:10.0553 0x0d34  mctadmin - ok
20:01:10.0694 0x0d34  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
20:01:10.0741 0x0d34  Sidebar - ok
20:01:10.0881 0x0d34  AV detected via SS2: Panda Antivirus Pro 2015, C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe ( 1.0.0.0 ), 0x71000 ( enabled : updated )
20:01:10.0881 0x0d34  FW detected via SS2: Panda Firewall, C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe ( 1.0.0.0 ), 0x71010 ( enabled )
20:01:10.0881 0x0d34  ============================================================
20:01:10.0881 0x0d34  Scan finished
20:01:10.0881 0x0d34  ============================================================
20:01:10.0897 0x0fe4  Detected object count: 6
20:01:10.0897 0x0fe4  Actual detected object count: 6
20:02:25.0527 0x0fe4  Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
20:02:25.0527 0x0fe4  Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:02:25.0527 0x0fe4  Blackberry Device Manager ( UnsignedFile.Multi.Generic ) - skipped by user
20:02:25.0527 0x0fe4  Blackberry Device Manager ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:02:25.0699 0x0fe4  C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe - copied to quarantine
20:02:25.0699 0x0fe4  ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
20:02:25.0979 0x0fe4  C:\Windows\SysWOW64\snmvtsvc.exe - copied to quarantine
20:02:25.0979 0x0fe4  SMServer ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
20:02:26.0011 0x0fe4  C:\Windows\system32\Drivers\usbaapl64.sys - copied to quarantine
20:02:26.0011 0x0fe4  USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
20:02:26.0026 0x0fe4  \Device\Harddisk0\DR0\Partition1 - copied to quarantine
20:02:26.0042 0x0fe4  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - will be cured on reboot
20:02:26.0057 0x0fe4  \Device\Harddisk0\DR0\Partition1 - ok
20:02:26.0057 0x0fe4  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Cure
20:02:27.0493 0x0fe4  KLMD registered as C:\Windows\system32\drivers\48932041.sys
20:02:29.0287 0x0e60  Deinitialize success



#4 Zapan

Zapan
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:05:41 AM

Posted 13 January 2015 - 05:39 PM

Last report indicates that nothing remains of the infection (just the end of the report):

 

20:06:56.0722 0x1108  ============================================================
20:06:56.0722 0x1108  Scan finished
20:06:56.0722 0x1108  ============================================================
20:06:56.0737 0x1200  Detected object count: 0
20:06:56.0737 0x1200  Actual detected object count: 0
20:07:13.0039 0x01b4  Deinitialize success


Edited by Zapan, 13 January 2015 - 05:42 PM.


#5 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,976 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:41 PM

Posted 14 January 2015 - 10:33 AM

Hey, :)

Please download FRST (by Farbar) from the link below and save it to your Desktop.

Download Mirror #1

If you are unsure whether you have 32-Bit or 64-Bit Windows, see here
  • Disable all anti-virus and anti-malware software to prevent them inhibiting FRST in any way. If you are unsure how to do this, see THIS.
  • Double-click FRST.exe/FRST64.exe (depending on which version you downloaded) to run it. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • When the disclaimer appears, click Yes.
  • Click Scan to start FRST.
  • When FRST finishes scanning, two logs, FRST.txt and Addition.txt will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of both of these logs into your next post please.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#6 Zapan

Zapan
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:05:41 AM

Posted 14 January 2015 - 05:13 PM

Hi,

 

Thanks for your help Machiavelli.

 

I've done as requested but I have a little problem. FRST generates the 2 reports but it does not stop running indicating that it is "Listing Installed Programs". It's been running for 2 hours... And I only have 250 Gb on that hard Drive...

I'm pasting the logs I have now and try to leave it running during the night (maybe it is normal that it takes so long). If tomorrow morning I see that the tool did finish, I'll repost the logs.


FRST

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-01-2015 01
Ran by Raul (administrator) on DELL-RAUL on 14-01-2015 21:41:37
Running from C:\Users\Raul\Desktop
Loaded Profiles: Raul (Available profiles: Raul)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Português (Portugal)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(O&O Software GmbH) C:\Program Files\OO Software\CleverCache\ooccag.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Western Digital ) C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [673112 2014-12-09] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [37624 2014-10-16] (Panda Security, S.L.)
HKLM\...\Policies\Explorer: [NoCDBurning] 1
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-108446822-2314553757-1589008412-1021\...\Policies\Explorer: [GreyMSIAds] 0
HKU\S-1-5-21-108446822-2314553757-1589008412-1021\...\MountPoints2: {05c7c479-413a-11e1-9e1c-00242c303aec} - H:\AutoRun.exe
HKU\S-1-5-21-108446822-2314553757-1589008412-1021\...\MountPoints2: {bfc753ca-413c-11e1-8f30-00242c303aec} - H:\AutoRun.exe
ShellIconOverlayIdentifiers: [1SecureIconsProvider] -> {FC9D8189-520A-4417-AED7-9EAC810C6FBA} => C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll No File
ShellIconOverlayIdentifiers: [OODIIcon] -> {14A94384-BBED-47ed-86C0-6BF63FD892D0} => C:\Program Files\OO Software\DiskImage\oodishi.dll (O&O Software GmbH)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-108446822-2314553757-1589008412-1021] => localhost:8080
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.lu
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.lu
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-108446822-2314553757-1589008412-1021\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://pt.msn.com/?ocid=iehp
HKU\S-1-5-21-108446822-2314553757-1589008412-1021\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.lu/?gws_rd=ssl
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-108446822-2314553757-1589008412-1021 -> {4F4A0F3F-E32A-441F-A542-FC24C1DFC775} URL = https://www.google.com/search?q={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll (Adblock)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: CutePDF Form Filler Helper -> {D41289F2-69C6-417B-897E-C653D677CBAF} -> C:\Program Files (x86)\Acro Software\CutePDF Pro\CPFillerCo.dll (Acro Software Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKU\S-1-5-21-108446822-2314553757-1589008412-1021 -> No Name - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{08F22C7B-0447-4A97-B071-68311CC22711}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{0B25CD3A-9266-47E3-91AE-FF80633573F7}: [NameServer] 8.8.8.8,8.8.8.8,194.154.192.101 194.154.192.102
Tcpip\..\Interfaces\{1B91D832-CAE7-4873-A8E9-B01294AC4D58}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{232D006B-9601-4DFB-B523-2174223390B5}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{5B970B3C-4FD6-4F14-A115-B7C4AA2D000C}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{6F173B0B-1A03-450B-9651-9080DA25736F}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{7B9EA4CB-56F8-429F-8E12-DC6890E877A8}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{7F5F364B-DA9C-478B-990B-D5C4D39F54A2}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{DB49D5CF-543C-467B-A3C4-890CB2B65460}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{EAB56806-3E88-49DF-BC24-5164CEAF7A17}: [NameServer] 194.154.192.102 194.154.192.101

FireFox:
========
FF ProfilePath: C:\Users\Raul\AppData\Roaming\Mozilla\Firefox\Profiles\d6o0rcnf.default
FF DefaultSearchEngine,S: Google
FF DefaultSearchUrl:
FF SearchEngineOrder.1: Google
FF SearchEngineOrder.1,S: Google
FF SelectedSearchEngine: Google
FF SelectedSearchEngine,S: Google
FF Homepage: https://www.google.pt/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.72.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.72.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.19 -> C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-108446822-2314553757-1589008412-1021: @acestream.net/acestreamplugin,version=3.0.5 -> C:\Users\Raul\AppData\Roaming\ACEStream\player\npace_plugin.dll (Innovative Digital Technologies)
FF Plugin HKU\S-1-5-21-108446822-2314553757-1589008412-1021: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll (Sony Network Entertainment International LLC)
FF user.js: detected! => C:\Users\Raul\AppData\Roaming\Mozilla\Firefox\Profiles\d6o0rcnf.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\priberam.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\sapo.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipedia-ptpt.xml
FF Extension: British English Dictionary - C:\Users\Raul\AppData\Roaming\Mozilla\Firefox\Profiles\d6o0rcnf.default\Extensions\en-GB@dictionaries.addons.mozilla.org [2012-02-13]
FF Extension: Dictionnaires français - C:\Users\Raul\AppData\Roaming\Mozilla\Firefox\Profiles\d6o0rcnf.default\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org [2014-09-20]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Raul\AppData\Roaming\Mozilla\Firefox\Profiles\d6o0rcnf.default\Extensions\iobitascsurfingprotection@iobit.com [2014-12-05]
FF Extension: AS Magic Player - C:\Users\Raul\AppData\Roaming\Mozilla\Firefox\Profiles\d6o0rcnf.default\Extensions\magicplayer@acestream.org [2015-01-10]
FF Extension: Empty Cache Button - C:\Users\Raul\AppData\Roaming\Mozilla\Firefox\Profiles\d6o0rcnf.default\Extensions\{4cc4a13b-94a6-7568-370d-5f9de54a9c7f} [2014-09-14]
FF Extension: ffdshow DXVA Video Decoder conf - C:\Users\Raul\AppData\Roaming\Mozilla\Firefox\Profiles\d6o0rcnf.default\Extensions\{54469BF3-0CED-CDB8-A6DA-F6DCA48357D4} [2015-01-09]
FF Extension: WOT - C:\Users\Raul\AppData\Roaming\Mozilla\Firefox\Profiles\d6o0rcnf.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-01-13]
FF Extension: Download Status Bar - C:\Users\Raul\AppData\Roaming\Mozilla\Firefox\Profiles\d6o0rcnf.default\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2015-01-05]
FF Extension: Adblock Plus - C:\Users\Raul\AppData\Roaming\Mozilla\Firefox\Profiles\d6o0rcnf.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-05-06]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-03-29]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-03-29]
FF HKLM-x32\...\Thunderbird\Extensions: [{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension [2012-04-12]
FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found]

Chrome:
=======
CHR Plugin: (Veetle TV Core) - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
CHR Plugin: (Veetle TV Player) - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
CHR Profile: C:\Users\Raul\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Wallet) - C:\Users\Raul\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR HKLM-x32\...\Chrome\Extension: [glmaefkhdccancpaddiobiniepmmnjfp] - No Path
CHR HKLM-x32\...\Chrome\Extension: [mmchdbhejjopiefgiakgedljioijebam] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-09-29] (Adobe Systems) [File not signed]
R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
S3 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_605908f5a8a8d72c\AESTSr64.exe [89600 2009-10-26] (Andrea Electronics Corporation)
S3 Blackberry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited) [File not signed]
S3 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [9464168 2010-11-26] (DisplayLink Corp.)
S3 GSService; C:\Windows\SysWOW64\GSService.exe [443080 2013-12-16] ()
S3 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [344896 2014-09-30] (IObit)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2631456 2014-11-26] (IObit)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [246112 2014-12-10] ()
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57966424 2010-09-17] (Microsoft Corporation)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142072 2014-10-13] (Panda Security, S.L.)
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [2693448 2014-11-26] ()
R2 O&O CleverCache; C:\Program Files\OO Software\CleverCache\ooccag.exe [844616 2009-12-09] (O&O Software GmbH)
S3 OO DiskImage; C:\Program Files\OO Software\DiskImage\oodiag.exe [7575848 2014-05-28] (O&O Software GmbH)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-30] (Electronic Arts)
S3 OS Selector; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2139400 2011-11-15] ()
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2014-10-16] (Panda Security, S.L.)
S3 QDLService2kDell; C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kDell.exe [330488 2010-04-26] (QUALCOMM, Inc.)
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [633856 2011-06-08] (Nokia) [File not signed]
S3 SMServer; C:\Windows\SysWOW64\snmvtsvc.exe [260608 2012-06-01] (SMServer) [File not signed]
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [430424 2010-09-17] (Microsoft Corporation)
S3 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_605908f5a8a8d72c\STacSV64.exe [240128 2009-10-26] (IDT, Inc.)
S3 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe [317328 2011-08-01] (WDC)
S3 WDFMEService; C:\Program Files\Western Digital\WD SmartWare\WDFME.exe [1978256 2011-08-01] (Western Digital )
R3 WDRulesService; C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe [1338256 2011-08-01] (Western Digital )

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-03-26] (Samsung Electronics Co., Ltd.)
S3 DisplayLinkUsbPort; C:\Windows\System32\DRIVERS\DisplayLinkUsbPort_5.5.29055.0.sys [17408 2010-11-26] (http://libusb-win32.sourceforge.net)
S3 dlcdbus; C:\Windows\System32\DRIVERS\dlcdbus.sys [116224 2010-11-26] (MCCI Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-09-02] (Disc Soft Ltd)
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [30752 2013-03-17] (EldoS Corporation)
S3 ew_usbenumfilter; C:\Windows\System32\DRIVERS\ew_usbenumfilter.sys [15744 2014-12-13] (MBB Technologies Co., Ltd.)
S4 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-01-01] (REALiX™)
S3 LAN9500; C:\Windows\System32\DRIVERS\lan9500-x64-n51f.sys [67584 2011-08-31] (SMSC)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [96800 2014-06-04] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [162336 2014-06-18] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [112160 2014-06-04] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [115232 2014-06-04] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\System32\DRIVERS\NNSNAHSL.sys [46336 2014-01-16] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [95776 2014-06-04] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [70176 2014-06-04] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [125984 2014-06-04] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [306720 2014-06-04] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [169504 2014-06-04] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [115744 2014-06-04] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [261152 2014-06-04] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [109088 2014-06-04] (Panda Security, S.L.)
R0 oodisr; C:\Windows\System32\DRIVERS\oodisr.sys [116928 2014-05-28] (O&O Software GmbH)
R0 oodisrh; C:\Windows\System32\DRIVERS\oodisrh.sys [41152 2014-05-28] (O&O Software GmbH)
R0 oodivd; C:\Windows\System32\DRIVERS\oodivd.sys [255680 2014-05-28] (O&O Software GmbH)
R0 oodivdh; C:\Windows\System32\DRIVERS\oodivdh.sys [44736 2014-05-28] (O&O Software GmbH)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [163088 2014-10-13] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121616 2014-10-13] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [195616 2014-07-24] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [122400 2014-07-24] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [132128 2014-07-24] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107792 2014-10-13] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [60400 2014-03-25] (Panda Security, S.L.)
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [78336 2013-01-03] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 ROCKEYNT; C:\Windows\System32\DRIVERS\Rockey4.sys [36904 2011-08-31] (Feitian Technologies Co., Ltd.)
S3 Rockey_USB; C:\Windows\System32\DRIVERS\Rockey4USB.sys [23592 2011-08-31] (Feitian Technologies Co., Ltd.)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2015-01-01] (Synaptics Incorporated)
R3 SndTAudio; C:\Windows\System32\drivers\SndTAudio.sys [34088 2012-06-05] (Windows ® Win 7 DDK provider)
S2 SSPORT; No ImagePath
S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [51712 2011-05-10] (Apple, Inc.) [File not signed]
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
S3 WsAudio_Device(1); C:\Windows\System32\drivers\VirtualAudio1.sys [31080 2013-01-25] (Wondershare)
S3 WsAudio_Device(2); C:\Windows\System32\drivers\VirtualAudio2.sys [31080 2013-01-25] (Wondershare)
S3 WsAudio_Device(3); C:\Windows\System32\drivers\VirtualAudio3.sys [31080 2013-01-25] (Wondershare)
S3 WsAudio_Device(4); C:\Windows\System32\drivers\VirtualAudio4.sys [31080 2013-01-25] (Wondershare)
S3 WsAudio_Device(5); C:\Windows\System32\drivers\VirtualAudio5.sys [31080 2013-01-25] (Wondershare)
U4 Messenger; No ImagePath
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
U0 Partizan; system32\drivers\Partizan.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-14 21:41 - 2015-01-14 21:42 - 00025358 _____ () C:\Users\Raul\Desktop\FRST.txt
2015-01-14 21:37 - 2015-01-14 21:38 - 00289616 _____ () C:\Windows\Minidump\011415-43071-01.dmp
2015-01-14 20:05 - 2015-01-14 21:41 - 00000000 ____D () C:\FRST
2015-01-14 19:59 - 2015-01-14 19:59 - 02125312 _____ (Farbar) C:\Users\Raul\Desktop\FRST64.exe
2015-01-13 23:16 - 2015-01-13 23:16 - 00289488 _____ () C:\Windows\Minidump\011315-37331-01.dmp
2015-01-13 22:18 - 2015-01-13 22:18 - 00005120 _____ () C:\Windows\PFRO.log
2015-01-13 22:17 - 2015-01-13 22:17 - 00000000 ____H () C:\asc_rdflag
2015-01-13 21:10 - 2015-01-14 21:38 - 00000392 _____ () C:\Windows\setupact.log
2015-01-13 21:10 - 2015-01-13 21:10 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-13 20:27 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-13 20:27 - 2014-12-11 18:47 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-13 20:27 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-13 20:27 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-13 20:27 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 20:26 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-13 20:25 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-13 20:25 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-13 20:25 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-13 20:25 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-13 20:25 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-13 20:25 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-13 20:25 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-13 20:02 - 2015-01-13 20:02 - 00000000 ____D () C:\TDSSKiller_Quarantine
2015-01-13 19:59 - 2014-03-25 14:15 - 00060400 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2015-01-13 19:27 - 2015-01-14 21:42 - 00464347 _____ () C:\Windows\WindowsUpdate.log
2015-01-13 01:24 - 2015-01-13 01:24 - 00288400 _____ () C:\Windows\Minidump\011315-36831-01.dmp
2015-01-13 00:46 - 2015-01-13 00:59 - 00000000 ____D () C:\AdwCleaner
2015-01-12 22:32 - 2015-01-13 20:20 - 00000000 ____D () C:\Program Files\OTM
2015-01-11 23:13 - 2015-01-11 23:47 - 00000000 ____D () C:\Users\Raul\AppData\Roaming\Panda Security
2015-01-11 23:12 - 2015-01-11 23:47 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2015-01-11 23:04 - 2015-01-11 23:47 - 00000000 ____D () C:\ProgramData\Panda Security
2015-01-11 22:43 - 2015-01-14 21:39 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-11 22:43 - 2015-01-11 22:43 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-11 22:43 - 2015-01-11 22:43 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-11 22:43 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-11 22:43 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-11 22:43 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-10 22:10 - 2015-01-13 22:08 - 00000000 ____D () C:\Users\Raul\AppData\Roaming\.ACEStream
2015-01-10 22:10 - 2015-01-11 23:44 - 00000000 ___HD () C:\_acestream_cache_
2015-01-10 22:08 - 2015-01-10 22:11 - 00000000 ____D () C:\Users\Raul\AppData\Roaming\ACEStream
2015-01-10 12:28 - 2015-01-12 23:40 - 00002860 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (SYSTEM)
2015-01-10 12:25 - 2015-01-10 12:25 - 00000761 _____ () C:\Windows\system32\Drivers\etc\hosts.txt
2015-01-09 20:48 - 2015-01-11 23:19 - 00000000 ____D () C:\Users\Raul\AppData\Local\Upmedia
2015-01-09 20:46 - 2015-01-09 20:47 - 00000000 ____D () C:\Windows\SysWOW64\C2MP
2015-01-05 23:21 - 2014-11-25 20:27 - 00606920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-01-05 23:20 - 2014-05-20 03:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2015-01-05 23:20 - 2014-05-20 03:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 31514312 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 24201416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 22992072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 17559432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 16128040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 15294280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 14497568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 13916088 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 13827712 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 12890312 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-01-05 23:16 - 2014-11-26 00:15 - 11271728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 11209192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 04245648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 03986632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 02824176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 01907400 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434121.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 01555656 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434121.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 00944328 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 00908432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 00903496 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 00870032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-01-05 23:06 - 2015-01-05 23:06 - 00000000 ____D () C:\Program Files\Intel
2015-01-05 22:53 - 2015-01-05 23:23 - 00000000 ____D () C:\ProgramData\DriverGenius
2015-01-04 10:55 - 2015-01-10 17:54 - 00000063 _____ () C:\Windows\SysWOW64\Partizan.RRI
2015-01-04 10:49 - 2015-01-04 10:52 - 00000000 ____D () C:\ProgramData\RegRun
2015-01-04 10:47 - 2015-01-04 10:47 - 00001148 _____ () C:\Windows\SysWOW64\PARTIZAN.TXT
2015-01-03 23:32 - 2015-01-03 23:32 - 00040208 _____ (Greatis Software) C:\Windows\system32\Partizan.exe
2015-01-03 23:29 - 2015-01-03 23:29 - 00000002 RSHOT () C:\Windows\winstart.bat
2015-01-03 23:29 - 2015-01-03 23:29 - 00000002 RSHOT () C:\Windows\SysWOW64\CONFIG.NT
2015-01-03 23:29 - 2015-01-03 23:29 - 00000002 RSHOT () C:\Windows\SysWOW64\AUTOEXEC.NT
2015-01-01 20:28 - 2015-01-01 20:36 - 00000679 _____ () C:\Users\Raul\Desktop\Half-Life.lnk
2015-01-01 17:03 - 2015-01-01 17:05 - 00000000 ____D () C:\Program Files (x86)\BBSAK
2015-01-01 16:14 - 2015-01-01 16:14 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2015-01-01 16:14 - 2015-01-01 16:14 - 00034544 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2015-01-01 16:14 - 2015-01-01 16:14 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-01-01 16:10 - 2015-01-01 16:10 - 00026528 _____ (REALiX™) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2015-01-01 16:02 - 2015-01-01 16:03 - 00118795 _____ () C:\Users\Raul\Downloads\Late shift all year schedule '15.xlsx
2014-12-21 06:55 - 2014-12-21 06:55 - 00047096 _____ () C:\Windows\SysWOW64\DiscHandler.exe
2014-12-15 22:15 - 2014-12-15 22:37 - 00002272 _____ () C:\Users\Public\Desktop\Dragon Age Origins.lnk
2014-12-15 22:14 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-12-15 22:14 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-12-15 22:14 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-12-15 22:14 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-12-15 22:14 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-12-15 22:14 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-12-15 22:14 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-12-15 22:14 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-12-15 22:14 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-12-15 22:14 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-12-15 22:14 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-12-15 22:14 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-12-15 22:14 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-12-15 22:14 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-12-15 22:14 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-12-15 22:14 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-12-15 22:14 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-12-15 22:14 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-12-15 22:14 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-12-15 22:14 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-12-15 22:14 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-12-15 22:14 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-12-15 22:14 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-12-15 22:14 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-12-15 22:14 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-12-15 22:14 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2014-12-15 22:14 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-12-15 22:14 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-12-15 22:14 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-12-15 22:14 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2014-12-15 22:14 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-12-15 22:14 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-12-15 22:14 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-12-15 22:14 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-12-15 22:14 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-12-15 22:14 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-12-15 22:14 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-12-15 22:14 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-12-15 22:14 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-12-15 22:14 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-12-15 22:14 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-12-15 22:14 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-12-15 22:14 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-12-15 22:14 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2014-12-15 22:14 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-12-15 22:14 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2014-12-15 21:46 - 2014-12-15 21:48 - 00001667 _____ () C:\Windows\SysWOW64\BlockerLog.log
2014-12-15 21:10 - 2014-12-15 21:10 - 00000000 ____D () C:\Program Files (x86)\PGWARE

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-14 21:38 - 2013-08-04 13:36 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-14 21:38 - 2011-12-07 22:39 - 00000000 ____D () C:\Users\Raul
2015-01-14 21:38 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-14 21:37 - 2011-08-23 22:11 - 00000000 ____D () C:\Windows\Minidump
2015-01-14 21:37 - 2009-07-14 05:45 - 00487120 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-14 21:34 - 2011-12-08 00:06 - 00120816 _____ () C:\Users\Raul\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-14 21:31 - 2011-09-01 19:40 - 00000000 ____D () C:\Program Files (x86)\Corel
2015-01-14 21:30 - 2011-12-18 22:37 - 00000000 ____D () C:\Users\Raul\AppData\Roaming\Corel
2015-01-14 20:13 - 2009-07-14 05:45 - 00025552 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-14 20:13 - 2009-07-14 05:45 - 00025552 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-14 02:57 - 2012-03-08 19:47 - 00000000 ____D () C:\Users\Raul\AppData\Roaming\Azureus
2015-01-14 00:06 - 2011-09-02 21:34 - 01819164 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-14 00:06 - 2009-07-14 18:58 - 00790818 _____ () C:\Windows\system32\prfh0816.dat
2015-01-14 00:06 - 2009-07-14 18:58 - 00179800 _____ () C:\Windows\system32\prfc0816.dat
2015-01-14 00:06 - 2009-07-14 06:13 - 01819164 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-13 23:18 - 2014-03-01 21:18 - 00000000 ____D () C:\ProgramData\ProductData
2015-01-13 23:13 - 2013-07-20 02:01 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-13 23:13 - 2011-08-23 15:40 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-13 22:18 - 2014-05-28 10:25 - 02916352 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2015-01-13 22:18 - 2014-05-28 10:25 - 00065536 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2015-01-13 22:18 - 2014-05-28 10:25 - 00032768 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2015-01-13 22:18 - 2014-05-28 10:24 - 105189376 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2015-01-13 21:04 - 2011-08-23 14:33 - 00000000 ____D () C:\Windows\Panther
2015-01-13 20:21 - 2011-12-07 22:39 - 00000000 ___RD () C:\Users\Raul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-13 20:16 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-12 23:50 - 2014-09-01 21:00 - 00002852 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (Raul)
2015-01-12 22:23 - 2014-06-15 18:57 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-12 22:21 - 2014-03-01 21:18 - 00000000 ____D () C:\ProgramData\IObit
2015-01-12 00:02 - 2014-07-04 23:21 - 00000000 ____D () C:\Users\Default\AppData\Roaming\IObit
2015-01-12 00:02 - 2014-07-04 23:21 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\IObit
2015-01-11 23:00 - 2012-05-08 20:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-11 23:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\security
2015-01-11 22:59 - 2011-08-31 14:24 - 00000000 ____D () C:\Windows\system32\Drivers\tr-TR
2015-01-11 22:59 - 2011-08-31 14:24 - 00000000 ____D () C:\Windows\system32\Drivers\th-TH
2015-01-11 22:59 - 2011-08-31 14:24 - 00000000 ____D () C:\Windows\system32\Drivers\ro-RO
2015-01-11 22:59 - 2011-08-31 14:24 - 00000000 ____D () C:\Windows\system32\Drivers\he-IL
2015-01-11 22:59 - 2011-08-31 14:24 - 00000000 ____D () C:\Windows\system32\Drivers\ar-SA
2015-01-11 22:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2015-01-11 22:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\th-TH
2015-01-11 22:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\ro-RO
2015-01-11 22:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\he-IL
2015-01-11 22:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\ar-SA
2015-01-11 19:05 - 2014-03-29 12:47 - 00000000 ____D () C:\ProgramData\Origin
2015-01-11 12:46 - 2011-12-30 23:33 - 00001121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-11 12:45 - 2014-03-29 10:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-11 11:42 - 2014-03-29 12:47 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-01-10 21:14 - 2013-04-12 22:52 - 00000000 ____D () C:\Users\Raul\AppData\Roaming\vlc
2015-01-09 22:11 - 2012-04-12 18:22 - 00005632 _____ () C:\Users\Raul\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-09 20:54 - 2012-05-08 22:41 - 00000000 ____D () C:\Users\Raul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD & MP3
2015-01-09 20:49 - 2013-04-29 20:23 - 00000000 ____D () C:\Temp
2015-01-06 04:36 - 2011-08-23 15:09 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-05 23:21 - 2013-08-04 13:36 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-01-05 00:19 - 2011-12-08 00:10 - 00000000 ____D () C:\Users\Raul\AppData\Roaming\DAEMON Tools Lite
2015-01-02 21:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-01-01 20:33 - 2011-12-08 01:18 - 00000000 ____D () C:\Users\Raul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-01-01 20:16 - 2012-04-12 18:05 - 00000000 ____D () C:\Users\Raul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Phones
2015-01-01 17:54 - 2014-10-23 17:55 - 00000539 _____ () C:\Users\Raul\AppData\Roaming\Rim.DesktopHelper.Exception.log
2015-01-01 17:54 - 2014-10-23 17:55 - 00000539 _____ () C:\Users\Raul\AppData\Roaming\Rim.Desktop.Exception.log
2014-12-30 23:30 - 2014-08-21 18:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Calibre - E-book Management
2014-12-30 23:30 - 2014-08-21 18:16 - 00000000 ____D () C:\Program Files (x86)\Calibre2
2014-12-29 18:58 - 2014-08-17 16:38 - 56188928 _____ () C:\Windows\system32\config\components.iodefrag.bak
2014-12-15 22:39 - 2014-09-20 12:42 - 00000000 ____D () C:\Users\Raul\AppData\Roaming\NVIDIA
2014-12-15 22:15 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

Some content of TEMP:
====================
C:\Users\Raul\AppData\Local\Temp\i4jdel0.exe
C:\Users\Raul\AppData\Local\Temp\Quarantine.exe
C:\Users\Raul\AppData\Local\Temp\Uninst.exe
C:\Users\Raul\AppData\Local\Temp\{CD3D5E18-8642-4553-95CE-10CC9347BCD3}.exe


Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\dlumd10.dll
C:\Windows\SysWOW64\dlumd11.dll
C:\Windows\SysWOW64\dlumd9.dll
C:\Windows\System32\dlumd10.dll
C:\Windows\System32\dlumd11.dll
C:\Windows\System32\dlumd9.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed



#7 Zapan

Zapan
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:05:41 AM

Posted 14 January 2015 - 05:14 PM

Addition:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-01-2015 01
Ran by Raul at 2015-01-14 21:42:33
Running from C:\Users\Raul\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Panda Antivirus Pro 2015 (Disabled - Up to date) {3456760B-FDAA-FFFD-06C2-7BB528D2066C}
AS: Panda Antivirus Pro 2015 (Disabled - Up to date) {8F3797EF-DB90-F073-3C72-40C753554CD1}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Disabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
FW: Panda Firewall (Disabled) {0C6DF72E-B7C5-FEA5-2D9D-D280D6014117}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 



#8 Zapan

Zapan
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:05:41 AM

Posted 15 January 2015 - 01:40 AM

Hi again,

 

As I said, I let the tool running all night and this morning it was still trying to "list installed programs". I stopped it. The Log seems to be the same.

 

Please let me know what to do next.

 

Thanks :-)



#9 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,976 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:41 PM

Posted 15 January 2015 - 10:25 AM

Hey, :)

Step 1: Adwarecleaner

Please download AdwCleaner (by Xplode) from the link below and save it to your Desktop:

Download Mirror #1
  • Right-click on AdwCleaner.exe and select Run as administrator. (If you have Windows XP the just run it)
  • Click Scan and let the scan run.
  • When it finishes, click Clean, following the on screen prompts
  • After your computer reboots, a log will open. Please Copy (Ctrl+C) and Paste (Ctrl+V) this into your next post.
Note: The log can also be found in here: C:\AdwCleaner\

Step 2: Malwarebytes

Please download Malwarebytes Anti-Malware to your desktop Install the progamme and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits

MBAMsettings.JPG

Go back to the Dashboard and select Scan Now

MBAMScan.JPG

If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.

MBAMReboot.JPG

MBAMLog.JPG

On completion of the scan (or after the reboot) select View Detailed Log
Select Export > Select text file and save to the desktop
Attach/Post that log

Step 3: Junkware Removal Tool

thisisujrt.gif  Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 4: FRST Scan
  • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • Click Scan to start FRST.
  • When FRST finishes scanning, a log, FRST.txt, will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#10 Zapan

Zapan
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:05:41 AM

Posted 15 January 2015 - 02:17 PM

# AdwCleaner v4.107 - Report created 15/01/2015 at 19:34:42
# Updated 07/01/2015 by Xplode
# Database : 2014-12-21.4 [Local]
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Raul - DELL-RAUL
# Running from : C:\Users\Raul\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\drivergenius
File Deleted : C:\Users\Raul\AppData\Roaming\Mozilla\Firefox\Profiles\d6o0rcnf.default\user.js

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v0.0.0.0


-\\ Mozilla Firefox v34.0.5 (x86 pt-PT)


-\\ Google Chrome v39.0.2171.95


-\\ Chromium v


*************************

AdwCleaner[R0].txt - [6507 octets] - [13/01/2015 00:47:15]
AdwCleaner[R1].txt - [1614 octets] - [13/01/2015 00:56:53]
AdwCleaner[R2].txt - [1180 octets] - [15/01/2015 19:33:03]
AdwCleaner[S0].txt - [6780 octets] - [13/01/2015 00:50:58]
AdwCleaner[S1].txt - [1725 octets] - [13/01/2015 00:59:47]
AdwCleaner[S2].txt - [1106 octets] - [15/01/2015 19:34:42]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1166 octets] ##########


Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 15/01/2015
Scan Time: 19:39:58
Logfile: MAB.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.01.15.10
Rootkit Database: v2015.01.14.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Raul

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 350444
Time Elapsed: 14 min, 30 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Professional x64
Ran by Raul on 15/01/2015 at 20:00:57.76
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\Windows\prefetch\DRIVERBOOSTER.EXE-51D78DCC.pf
Successfully deleted: [File] "C:\Windows\wininit.ini"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\pcdr"
Successfully deleted: [Folder] "C:\Users\Raul\AppData\Roaming\pcdr"
Successfully deleted: [Folder] "C:\Users\Raul\appdata\locallow\pcdr"



~~~ FireFox

Successfully deleted: [Folder] C:\Users\Raul\AppData\Roaming\mozilla\firefox\profiles\d6o0rcnf.default\conduitcommon
Emptied folder: C:\Users\Raul\AppData\Roaming\mozilla\firefox\profiles\d6o0rcnf.default\minidumps [275 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15/01/2015 at 20:06:57.00
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 


Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-01-2015 01
Ran by Raul (administrator) on DELL-RAUL on 15-01-2015 20:08:23
Running from C:\Users\Raul\Desktop
Loaded Profiles: Raul (Available profiles: Raul)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Português (Portugal)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(O&O Software GmbH) C:\Program Files\OO Software\CleverCache\ooccag.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Western Digital ) C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [673112 2014-12-09] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [37624 2014-10-16] (Panda Security, S.L.)
HKLM\...\Policies\Explorer: [NoCDBurning] 1
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-108446822-2314553757-1589008412-1021\...\Policies\Explorer: [GreyMSIAds] 0
HKU\S-1-5-21-108446822-2314553757-1589008412-1021\...\MountPoints2: {05c7c479-413a-11e1-9e1c-00242c303aec} - H:\AutoRun.exe
HKU\S-1-5-21-108446822-2314553757-1589008412-1021\...\MountPoints2: {bfc753ca-413c-11e1-8f30-00242c303aec} - H:\AutoRun.exe
ShellIconOverlayIdentifiers: [1SecureIconsProvider] -> {FC9D8189-520A-4417-AED7-9EAC810C6FBA} => C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll No File
ShellIconOverlayIdentifiers: [OODIIcon] -> {14A94384-BBED-47ed-86C0-6BF63FD892D0} => C:\Program Files\OO Software\DiskImage\oodishi.dll (O&O Software GmbH)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-108446822-2314553757-1589008412-1021] => localhost:8080
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.lu
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.lu
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-108446822-2314553757-1589008412-1021\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://pt.msn.com/?ocid=iehp
HKU\S-1-5-21-108446822-2314553757-1589008412-1021\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.lu/?gws_rd=ssl
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-108446822-2314553757-1589008412-1021 -> {4F4A0F3F-E32A-441F-A542-FC24C1DFC775} URL = https://www.google.com/search?q={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll (Adblock)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: CutePDF Form Filler Helper -> {D41289F2-69C6-417B-897E-C653D677CBAF} -> C:\Program Files (x86)\Acro Software\CutePDF Pro\CPFillerCo.dll (Acro Software Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKU\S-1-5-21-108446822-2314553757-1589008412-1021 -> No Name - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{08F22C7B-0447-4A97-B071-68311CC22711}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{0B25CD3A-9266-47E3-91AE-FF80633573F7}: [NameServer] 8.8.8.8,8.8.8.8,194.154.192.101 194.154.192.102
Tcpip\..\Interfaces\{1B91D832-CAE7-4873-A8E9-B01294AC4D58}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{232D006B-9601-4DFB-B523-2174223390B5}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{5B970B3C-4FD6-4F14-A115-B7C4AA2D000C}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{6F173B0B-1A03-450B-9651-9080DA25736F}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{7B9EA4CB-56F8-429F-8E12-DC6890E877A8}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{7F5F364B-DA9C-478B-990B-D5C4D39F54A2}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{DB49D5CF-543C-467B-A3C4-890CB2B65460}: [NameServer] 8.8.8.8,8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\Raul\AppData\Roaming\Mozilla\Firefox\Profiles\d6o0rcnf.default
FF DefaultSearchEngine,S: Google
FF DefaultSearchUrl:
FF SearchEngineOrder.1: Google
FF SearchEngineOrder.1,S: Google
FF SelectedSearchEngine: Google
FF SelectedSearchEngine,S: Google
FF Homepage: https://www.google.pt/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.72.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.72.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.19 -> C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-108446822-2314553757-1589008412-1021: @acestream.net/acestreamplugin,version=3.0.5 -> C:\Users\Raul\AppData\Roaming\ACEStream\player\npace_plugin.dll (Innovative Digital Technologies)
FF Plugin HKU\S-1-5-21-108446822-2314553757-1589008412-1021: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll (Sony Network Entertainment International LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\priberam.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\sapo.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipedia-ptpt.xml
FF Extension: British English Dictionary - C:\Users\Raul\AppData\Roaming\Mozilla\Firefox\Profiles\d6o0rcnf.default\Extensions\en-GB@dictionaries.addons.mozilla.org [2012-02-13]
FF Extension: Dictionnaires français - C:\Users\Raul\AppData\Roaming\Mozilla\Firefox\Profiles\d6o0rcnf.default\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org [2014-09-20]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Raul\AppData\Roaming\Mozilla\Firefox\Profiles\d6o0rcnf.default\Extensions\iobitascsurfingprotection@iobit.com [2014-12-05]
FF Extension: AS Magic Player - C:\Users\Raul\AppData\Roaming\Mozilla\Firefox\Profiles\d6o0rcnf.default\Extensions\magicplayer@acestream.org [2015-01-10]
FF Extension: Empty Cache Button - C:\Users\Raul\AppData\Roaming\Mozilla\Firefox\Profiles\d6o0rcnf.default\Extensions\{4cc4a13b-94a6-7568-370d-5f9de54a9c7f} [2014-09-14]
FF Extension: ffdshow DXVA Video Decoder conf - C:\Users\Raul\AppData\Roaming\Mozilla\Firefox\Profiles\d6o0rcnf.default\Extensions\{54469BF3-0CED-CDB8-A6DA-F6DCA48357D4} [2015-01-09]
FF Extension: WOT - C:\Users\Raul\AppData\Roaming\Mozilla\Firefox\Profiles\d6o0rcnf.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-01-15]
FF Extension: Download Status Bar - C:\Users\Raul\AppData\Roaming\Mozilla\Firefox\Profiles\d6o0rcnf.default\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2015-01-05]
FF Extension: Adblock Plus - C:\Users\Raul\AppData\Roaming\Mozilla\Firefox\Profiles\d6o0rcnf.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-05-06]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-03-29]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-03-29]
FF HKLM-x32\...\Thunderbird\Extensions: [{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension [2012-04-12]
FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found]

Chrome:
=======
CHR Plugin: (Veetle TV Core) - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
CHR Plugin: (Veetle TV Player) - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
CHR Profile: C:\Users\Raul\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Wallet) - C:\Users\Raul\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR HKLM-x32\...\Chrome\Extension: [glmaefkhdccancpaddiobiniepmmnjfp] - No Path
CHR HKLM-x32\...\Chrome\Extension: [mmchdbhejjopiefgiakgedljioijebam] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-09-29] (Adobe Systems) [File not signed]
R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
S3 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_605908f5a8a8d72c\AESTSr64.exe [89600 2009-10-26] (Andrea Electronics Corporation)
S3 Blackberry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited) [File not signed]
S3 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [9464168 2010-11-26] (DisplayLink Corp.)
S3 GSService; C:\Windows\SysWOW64\GSService.exe [443080 2013-12-16] ()
S3 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [344896 2014-09-30] (IObit)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2631456 2014-11-26] (IObit)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [246112 2014-12-10] ()
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57966424 2010-09-17] (Microsoft Corporation)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142072 2014-10-13] (Panda Security, S.L.)
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [2693448 2014-11-26] ()
R2 O&O CleverCache; C:\Program Files\OO Software\CleverCache\ooccag.exe [844616 2009-12-09] (O&O Software GmbH)
S3 OO DiskImage; C:\Program Files\OO Software\DiskImage\oodiag.exe [7575848 2014-05-28] (O&O Software GmbH)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-30] (Electronic Arts)
S3 OS Selector; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2139400 2011-11-15] ()
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2014-10-16] (Panda Security, S.L.)
S3 QDLService2kDell; C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kDell.exe [330488 2010-04-26] (QUALCOMM, Inc.)
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [633856 2011-06-08] (Nokia) [File not signed]
S3 SMServer; C:\Windows\SysWOW64\snmvtsvc.exe [260608 2012-06-01] (SMServer) [File not signed]
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [430424 2010-09-17] (Microsoft Corporation)
S3 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_605908f5a8a8d72c\STacSV64.exe [240128 2009-10-26] (IDT, Inc.)
S3 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe [317328 2011-08-01] (WDC)
S3 WDFMEService; C:\Program Files\Western Digital\WD SmartWare\WDFME.exe [1978256 2011-08-01] (Western Digital )
R3 WDRulesService; C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe [1338256 2011-08-01] (Western Digital )

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-03-26] (Samsung Electronics Co., Ltd.)
S3 DisplayLinkUsbPort; C:\Windows\System32\DRIVERS\DisplayLinkUsbPort_5.5.29055.0.sys [17408 2010-11-26] (http://libusb-win32.sourceforge.net)
S3 dlcdbus; C:\Windows\System32\DRIVERS\dlcdbus.sys [116224 2010-11-26] (MCCI Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-09-02] (Disc Soft Ltd)
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [30752 2013-03-17] (EldoS Corporation)
S3 ew_usbenumfilter; C:\Windows\System32\DRIVERS\ew_usbenumfilter.sys [15744 2014-12-13] (MBB Technologies Co., Ltd.)
S4 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-01-01] (REALiX™)
S3 LAN9500; C:\Windows\System32\DRIVERS\lan9500-x64-n51f.sys [67584 2011-08-31] (SMSC)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [96800 2014-06-04] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [162336 2014-06-18] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [112160 2014-06-04] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [115232 2014-06-04] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\System32\DRIVERS\NNSNAHSL.sys [46336 2014-01-16] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [95776 2014-06-04] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [70176 2014-06-04] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [125984 2014-06-04] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [306720 2014-06-04] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [169504 2014-06-04] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [115744 2014-06-04] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [261152 2014-06-04] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [109088 2014-06-04] (Panda Security, S.L.)
R0 oodisr; C:\Windows\System32\DRIVERS\oodisr.sys [116928 2014-05-28] (O&O Software GmbH)
R0 oodisrh; C:\Windows\System32\DRIVERS\oodisrh.sys [41152 2014-05-28] (O&O Software GmbH)
R0 oodivd; C:\Windows\System32\DRIVERS\oodivd.sys [255680 2014-05-28] (O&O Software GmbH)
R0 oodivdh; C:\Windows\System32\DRIVERS\oodivdh.sys [44736 2014-05-28] (O&O Software GmbH)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [163088 2014-10-13] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121616 2014-10-13] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [195616 2014-07-24] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [122400 2014-07-24] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [132128 2014-07-24] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107792 2014-10-13] (Panda Security, S.L.)
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [78336 2013-01-03] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 ROCKEYNT; C:\Windows\System32\DRIVERS\Rockey4.sys [36904 2011-08-31] (Feitian Technologies Co., Ltd.)
S3 Rockey_USB; C:\Windows\System32\DRIVERS\Rockey4USB.sys [23592 2011-08-31] (Feitian Technologies Co., Ltd.)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2015-01-01] (Synaptics Incorporated)
R3 SndTAudio; C:\Windows\System32\drivers\SndTAudio.sys [34088 2012-06-05] (Windows ® Win 7 DDK provider)
S2 SSPORT; No ImagePath
S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [51712 2011-05-10] (Apple, Inc.) [File not signed]
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
S3 WsAudio_Device(1); C:\Windows\System32\drivers\VirtualAudio1.sys [31080 2013-01-25] (Wondershare)
S3 WsAudio_Device(2); C:\Windows\System32\drivers\VirtualAudio2.sys [31080 2013-01-25] (Wondershare)
S3 WsAudio_Device(3); C:\Windows\System32\drivers\VirtualAudio3.sys [31080 2013-01-25] (Wondershare)
S3 WsAudio_Device(4); C:\Windows\System32\drivers\VirtualAudio4.sys [31080 2013-01-25] (Wondershare)
S3 WsAudio_Device(5); C:\Windows\System32\drivers\VirtualAudio5.sys [31080 2013-01-25] (Wondershare)
U4 Messenger; No ImagePath
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
U0 Partizan; system32\drivers\Partizan.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-15 20:08 - 2015-01-15 20:08 - 00025156 _____ () C:\Users\Raul\Desktop\FRST.txt
2015-01-15 20:06 - 2015-01-15 20:06 - 00001340 _____ () C:\Users\Raul\Desktop\JRT.txt
2015-01-15 20:00 - 2015-01-15 20:00 - 00000000 ____D () C:\Windows\ERUNT
2015-01-15 19:58 - 2015-01-15 19:58 - 00001054 _____ () C:\Users\Raul\Desktop\MAB.txt
2015-01-15 19:38 - 2015-01-15 19:38 - 00001246 _____ () C:\Users\Raul\Desktop\AdwCleaner[S2].txt
2015-01-15 19:17 - 2015-01-15 19:17 - 01707939 _____ (Thisisu) C:\Users\Raul\Desktop\JRT.exe
2015-01-15 19:16 - 2015-01-15 19:16 - 02191360 _____ () C:\Users\Raul\Desktop\AdwCleaner.exe
2015-01-14 21:37 - 2015-01-14 21:38 - 00289616 _____ () C:\Windows\Minidump\011415-43071-01.dmp
2015-01-14 20:05 - 2015-01-15 20:08 - 00000000 ____D () C:\FRST
2015-01-14 19:59 - 2015-01-14 19:59 - 02125312 _____ (Farbar) C:\Users\Raul\Desktop\FRST64.exe
2015-01-13 23:16 - 2015-01-13 23:16 - 00289488 _____ () C:\Windows\Minidump\011315-37331-01.dmp
2015-01-13 22:18 - 2015-01-15 19:36 - 00005434 _____ () C:\Windows\PFRO.log
2015-01-13 22:17 - 2015-01-13 22:17 - 00000000 ____H () C:\asc_rdflag
2015-01-13 21:10 - 2015-01-15 19:36 - 00000504 _____ () C:\Windows\setupact.log
2015-01-13 21:10 - 2015-01-13 21:10 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-13 20:27 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-13 20:27 - 2014-12-11 18:47 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-13 20:27 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-13 20:27 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-13 20:27 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 20:26 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-13 20:25 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-13 20:25 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-13 20:25 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-13 20:25 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-13 20:25 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-13 20:25 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-13 20:25 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-13 20:02 - 2015-01-13 20:02 - 00000000 ____D () C:\TDSSKiller_Quarantine
2015-01-13 19:27 - 2015-01-15 19:58 - 00516122 _____ () C:\Windows\WindowsUpdate.log
2015-01-13 01:24 - 2015-01-13 01:24 - 00288400 _____ () C:\Windows\Minidump\011315-36831-01.dmp
2015-01-13 00:46 - 2015-01-15 19:34 - 00000000 ____D () C:\AdwCleaner
2015-01-12 22:32 - 2015-01-13 20:20 - 00000000 ____D () C:\Program Files\OTM
2015-01-11 23:13 - 2015-01-11 23:47 - 00000000 ____D () C:\Users\Raul\AppData\Roaming\Panda Security
2015-01-11 23:12 - 2015-01-11 23:47 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2015-01-11 23:04 - 2015-01-11 23:47 - 00000000 ____D () C:\ProgramData\Panda Security
2015-01-11 22:43 - 2015-01-15 19:37 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-11 22:43 - 2015-01-11 22:43 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-11 22:43 - 2015-01-11 22:43 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-11 22:43 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-11 22:43 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-11 22:43 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-10 22:10 - 2015-01-13 22:08 - 00000000 ____D () C:\Users\Raul\AppData\Roaming\.ACEStream
2015-01-10 22:10 - 2015-01-11 23:44 - 00000000 ___HD () C:\_acestream_cache_
2015-01-10 22:08 - 2015-01-10 22:11 - 00000000 ____D () C:\Users\Raul\AppData\Roaming\ACEStream
2015-01-10 12:28 - 2015-01-12 23:40 - 00002860 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (SYSTEM)
2015-01-10 12:25 - 2015-01-10 12:25 - 00000761 _____ () C:\Windows\system32\Drivers\etc\hosts.txt
2015-01-09 20:48 - 2015-01-11 23:19 - 00000000 ____D () C:\Users\Raul\AppData\Local\Upmedia
2015-01-09 20:46 - 2015-01-09 20:47 - 00000000 ____D () C:\Windows\SysWOW64\C2MP
2015-01-05 23:21 - 2014-11-25 20:27 - 00606920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-01-05 23:20 - 2014-05-20 03:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2015-01-05 23:20 - 2014-05-20 03:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 31514312 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 24201416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 22992072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 17559432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 16128040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 15294280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 14497568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 13916088 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 13827712 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 12890312 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-01-05 23:16 - 2014-11-26 00:15 - 11271728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 11209192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 04245648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 03986632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 02824176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 01907400 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434121.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 01555656 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434121.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 00944328 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 00908432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 00903496 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 00870032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-01-05 23:06 - 2015-01-05 23:06 - 00000000 ____D () C:\Program Files\Intel
2015-01-04 10:55 - 2015-01-10 17:54 - 00000063 _____ () C:\Windows\SysWOW64\Partizan.RRI
2015-01-04 10:49 - 2015-01-04 10:52 - 00000000 ____D () C:\ProgramData\RegRun
2015-01-04 10:47 - 2015-01-04 10:47 - 00001148 _____ () C:\Windows\SysWOW64\PARTIZAN.TXT
2015-01-03 23:32 - 2015-01-03 23:32 - 00040208 _____ (Greatis Software) C:\Windows\system32\Partizan.exe
2015-01-03 23:29 - 2015-01-03 23:29 - 00000002 RSHOT () C:\Windows\winstart.bat
2015-01-03 23:29 - 2015-01-03 23:29 - 00000002 RSHOT () C:\Windows\SysWOW64\CONFIG.NT
2015-01-03 23:29 - 2015-01-03 23:29 - 00000002 RSHOT () C:\Windows\SysWOW64\AUTOEXEC.NT
2015-01-01 20:28 - 2015-01-01 20:36 - 00000679 _____ () C:\Users\Raul\Desktop\Half-Life.lnk
2015-01-01 17:03 - 2015-01-01 17:05 - 00000000 ____D () C:\Program Files (x86)\BBSAK
2015-01-01 16:14 - 2015-01-01 16:14 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2015-01-01 16:14 - 2015-01-01 16:14 - 00034544 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2015-01-01 16:14 - 2015-01-01 16:14 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-01-01 16:10 - 2015-01-01 16:10 - 00026528 _____ (REALiX™) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2015-01-01 16:02 - 2015-01-01 16:03 - 00118795 _____ () C:\Users\Raul\Downloads\Late shift all year schedule '15.xlsx
2014-12-21 06:55 - 2014-12-21 06:55 - 00047096 _____ () C:\Windows\SysWOW64\DiscHandler.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-15 19:44 - 2009-07-14 05:45 - 00025552 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-15 19:44 - 2009-07-14 05:45 - 00025552 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-15 19:36 - 2013-08-04 13:36 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-15 19:36 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-14 21:38 - 2011-12-07 22:39 - 00000000 ____D () C:\Users\Raul
2015-01-14 21:37 - 2011-08-23 22:11 - 00000000 ____D () C:\Windows\Minidump
2015-01-14 21:37 - 2009-07-14 05:45 - 00487120 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-14 21:34 - 2011-12-08 00:06 - 00120816 _____ () C:\Users\Raul\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-14 21:31 - 2011-09-01 19:40 - 00000000 ____D () C:\Program Files (x86)\Corel
2015-01-14 21:30 - 2011-12-18 22:37 - 00000000 ____D () C:\Users\Raul\AppData\Roaming\Corel
2015-01-14 02:57 - 2012-03-08 19:47 - 00000000 ____D () C:\Users\Raul\AppData\Roaming\Azureus
2015-01-14 00:06 - 2011-09-02 21:34 - 01819164 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-14 00:06 - 2009-07-14 18:58 - 00790818 _____ () C:\Windows\system32\prfh0816.dat
2015-01-14 00:06 - 2009-07-14 18:58 - 00179800 _____ () C:\Windows\system32\prfc0816.dat
2015-01-14 00:06 - 2009-07-14 06:13 - 01819164 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-13 23:18 - 2014-03-01 21:18 - 00000000 ____D () C:\ProgramData\ProductData
2015-01-13 23:13 - 2013-07-20 02:01 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-13 23:13 - 2011-08-23 15:40 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-13 22:18 - 2014-05-28 10:25 - 02916352 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2015-01-13 22:18 - 2014-05-28 10:25 - 00065536 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2015-01-13 22:18 - 2014-05-28 10:25 - 00032768 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2015-01-13 22:18 - 2014-05-28 10:24 - 105189376 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2015-01-13 21:04 - 2011-08-23 14:33 - 00000000 ____D () C:\Windows\Panther
2015-01-13 20:21 - 2011-12-07 22:39 - 00000000 ___RD () C:\Users\Raul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-13 20:16 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-12 23:50 - 2014-09-01 21:00 - 00002852 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (Raul)
2015-01-12 22:23 - 2014-06-15 18:57 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-12 22:21 - 2014-03-01 21:18 - 00000000 ____D () C:\ProgramData\IObit
2015-01-12 00:02 - 2014-07-04 23:21 - 00000000 ____D () C:\Users\Default\AppData\Roaming\IObit
2015-01-12 00:02 - 2014-07-04 23:21 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\IObit
2015-01-11 23:00 - 2012-05-08 20:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-11 23:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\security
2015-01-11 22:59 - 2011-08-31 14:24 - 00000000 ____D () C:\Windows\system32\Drivers\tr-TR
2015-01-11 22:59 - 2011-08-31 14:24 - 00000000 ____D () C:\Windows\system32\Drivers\th-TH
2015-01-11 22:59 - 2011-08-31 14:24 - 00000000 ____D () C:\Windows\system32\Drivers\ro-RO
2015-01-11 22:59 - 2011-08-31 14:24 - 00000000 ____D () C:\Windows\system32\Drivers\he-IL
2015-01-11 22:59 - 2011-08-31 14:24 - 00000000 ____D () C:\Windows\system32\Drivers\ar-SA
2015-01-11 22:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2015-01-11 22:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\th-TH
2015-01-11 22:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\ro-RO
2015-01-11 22:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\he-IL
2015-01-11 22:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\ar-SA
2015-01-11 19:05 - 2014-03-29 12:47 - 00000000 ____D () C:\ProgramData\Origin
2015-01-11 12:46 - 2011-12-30 23:33 - 00001121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-11 12:45 - 2014-03-29 10:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-11 11:42 - 2014-03-29 12:47 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-01-10 21:14 - 2013-04-12 22:52 - 00000000 ____D () C:\Users\Raul\AppData\Roaming\vlc
2015-01-09 22:11 - 2012-04-12 18:22 - 00005632 _____ () C:\Users\Raul\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-09 20:54 - 2012-05-08 22:41 - 00000000 ____D () C:\Users\Raul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD & MP3
2015-01-09 20:49 - 2013-04-29 20:23 - 00000000 ____D () C:\Temp
2015-01-06 04:36 - 2011-08-23 15:09 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-05 23:21 - 2013-08-04 13:36 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-01-05 00:19 - 2011-12-08 00:10 - 00000000 ____D () C:\Users\Raul\AppData\Roaming\DAEMON Tools Lite
2015-01-02 21:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-01-01 20:33 - 2011-12-08 01:18 - 00000000 ____D () C:\Users\Raul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-01-01 20:16 - 2012-04-12 18:05 - 00000000 ____D () C:\Users\Raul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Phones
2015-01-01 17:54 - 2014-10-23 17:55 - 00000539 _____ () C:\Users\Raul\AppData\Roaming\Rim.DesktopHelper.Exception.log
2015-01-01 17:54 - 2014-10-23 17:55 - 00000539 _____ () C:\Users\Raul\AppData\Roaming\Rim.Desktop.Exception.log
2014-12-30 23:30 - 2014-08-21 18:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Calibre - E-book Management
2014-12-30 23:30 - 2014-08-21 18:16 - 00000000 ____D () C:\Program Files (x86)\Calibre2
2014-12-29 18:58 - 2014-08-17 16:38 - 56188928 _____ () C:\Windows\system32\config\components.iodefrag.bak

Some content of TEMP:
====================
C:\Users\Raul\AppData\Local\Temp\i4jdel0.exe
C:\Users\Raul\AppData\Local\Temp\Quarantine.exe
C:\Users\Raul\AppData\Local\Temp\sqlite3.dll
C:\Users\Raul\AppData\Local\Temp\Uninst.exe
C:\Users\Raul\AppData\Local\Temp\{CD3D5E18-8642-4553-95CE-10CC9347BCD3}.exe


Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\dlumd10.dll
C:\Windows\SysWOW64\dlumd11.dll
C:\Windows\SysWOW64\dlumd9.dll
C:\Windows\System32\dlumd10.dll
C:\Windows\System32\dlumd11.dll
C:\Windows\System32\dlumd9.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 



#11 Zapan

Zapan
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:05:41 AM

Posted 15 January 2015 - 02:19 PM

As usual FRST didn't finish running.



#12 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,976 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:41 PM

Posted 15 January 2015 - 02:33 PM

Redownload FRST and do the scan again. :)

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#13 Zapan

Zapan
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:05:41 AM

Posted 15 January 2015 - 03:04 PM

Alleluia! It worked !!!!! :-)

 

FRST:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-01-2015 01
Ran by Raul (administrator) on DELL-RAUL on 15-01-2015 20:58:50
Running from C:\Users\Raul\Desktop
Loaded Profiles: Raul (Available profiles: Raul)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Português (Portugal)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(O&O Software GmbH) C:\Program Files\OO Software\CleverCache\ooccag.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Western Digital ) C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [673112 2014-12-09] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [37624 2014-10-16] (Panda Security, S.L.)
HKLM\...\Policies\Explorer: [NoCDBurning] 1
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-108446822-2314553757-1589008412-1021\...\RunOnce: [Adobe Speed Launcher] => 1421350134
HKU\S-1-5-21-108446822-2314553757-1589008412-1021\...\Policies\Explorer: [GreyMSIAds] 0
HKU\S-1-5-21-108446822-2314553757-1589008412-1021\...\MountPoints2: {05c7c479-413a-11e1-9e1c-00242c303aec} - H:\AutoRun.exe
HKU\S-1-5-21-108446822-2314553757-1589008412-1021\...\MountPoints2: {bfc753ca-413c-11e1-8f30-00242c303aec} - H:\AutoRun.exe
ShellIconOverlayIdentifiers: [1SecureIconsProvider] -> {FC9D8189-520A-4417-AED7-9EAC810C6FBA} => C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll No File
ShellIconOverlayIdentifiers: [OODIIcon] -> {14A94384-BBED-47ed-86C0-6BF63FD892D0} => C:\Program Files\OO Software\DiskImage\oodishi.dll (O&O Software GmbH)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-108446822-2314553757-1589008412-1021] => localhost:8080
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.lu
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.lu
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-108446822-2314553757-1589008412-1021\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://pt.msn.com/?ocid=iehp
HKU\S-1-5-21-108446822-2314553757-1589008412-1021\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.lu/?gws_rd=ssl
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-108446822-2314553757-1589008412-1021 -> {4F4A0F3F-E32A-441F-A542-FC24C1DFC775} URL = https://www.google.com/search?q={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll (Adblock)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: CutePDF Form Filler Helper -> {D41289F2-69C6-417B-897E-C653D677CBAF} -> C:\Program Files (x86)\Acro Software\CutePDF Pro\CPFillerCo.dll (Acro Software Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKU\S-1-5-21-108446822-2314553757-1589008412-1021 -> No Name - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{08F22C7B-0447-4A97-B071-68311CC22711}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{0B25CD3A-9266-47E3-91AE-FF80633573F7}: [NameServer] 8.8.8.8,8.8.8.8,194.154.192.101 194.154.192.102
Tcpip\..\Interfaces\{1B91D832-CAE7-4873-A8E9-B01294AC4D58}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{232D006B-9601-4DFB-B523-2174223390B5}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{5B970B3C-4FD6-4F14-A115-B7C4AA2D000C}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{6F173B0B-1A03-450B-9651-9080DA25736F}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{7B9EA4CB-56F8-429F-8E12-DC6890E877A8}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{7F5F364B-DA9C-478B-990B-D5C4D39F54A2}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{DB49D5CF-543C-467B-A3C4-890CB2B65460}: [NameServer] 8.8.8.8,8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\Raul\AppData\Roaming\Mozilla\Firefox\Profiles\d6o0rcnf.default
FF DefaultSearchEngine,S: Google
FF DefaultSearchUrl:
FF SearchEngineOrder.1: Google
FF SearchEngineOrder.1,S: Google
FF SelectedSearchEngine: Google
FF SelectedSearchEngine,S: Google
FF Homepage: https://www.google.pt/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.72.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.72.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.19 -> C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-108446822-2314553757-1589008412-1021: @acestream.net/acestreamplugin,version=3.0.5 -> C:\Users\Raul\AppData\Roaming\ACEStream\player\npace_plugin.dll (Innovative Digital Technologies)
FF Plugin HKU\S-1-5-21-108446822-2314553757-1589008412-1021: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll (Sony Network Entertainment International LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\priberam.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\sapo.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipedia-ptpt.xml
FF Extension: British English Dictionary - C:\Users\Raul\AppData\Roaming\Mozilla\Firefox\Profiles\d6o0rcnf.default\Extensions\en-GB@dictionaries.addons.mozilla.org [2012-02-13]
FF Extension: Dictionnaires français - C:\Users\Raul\AppData\Roaming\Mozilla\Firefox\Profiles\d6o0rcnf.default\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org [2014-09-20]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Raul\AppData\Roaming\Mozilla\Firefox\Profiles\d6o0rcnf.default\Extensions\iobitascsurfingprotection@iobit.com [2014-12-05]
FF Extension: AS Magic Player - C:\Users\Raul\AppData\Roaming\Mozilla\Firefox\Profiles\d6o0rcnf.default\Extensions\magicplayer@acestream.org [2015-01-10]
FF Extension: Empty Cache Button - C:\Users\Raul\AppData\Roaming\Mozilla\Firefox\Profiles\d6o0rcnf.default\Extensions\{4cc4a13b-94a6-7568-370d-5f9de54a9c7f} [2014-09-14]
FF Extension: ffdshow DXVA Video Decoder conf - C:\Users\Raul\AppData\Roaming\Mozilla\Firefox\Profiles\d6o0rcnf.default\Extensions\{54469BF3-0CED-CDB8-A6DA-F6DCA48357D4} [2015-01-09]
FF Extension: WOT - C:\Users\Raul\AppData\Roaming\Mozilla\Firefox\Profiles\d6o0rcnf.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-01-15]
FF Extension: Download Status Bar - C:\Users\Raul\AppData\Roaming\Mozilla\Firefox\Profiles\d6o0rcnf.default\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2015-01-05]
FF Extension: Adblock Plus - C:\Users\Raul\AppData\Roaming\Mozilla\Firefox\Profiles\d6o0rcnf.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-05-06]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-03-29]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-03-29]
FF HKLM-x32\...\Thunderbird\Extensions: [{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension [2012-04-12]
FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found]

Chrome:
=======
CHR Plugin: (Veetle TV Core) - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
CHR Plugin: (Veetle TV Player) - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
CHR Profile: C:\Users\Raul\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Wallet) - C:\Users\Raul\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR HKLM-x32\...\Chrome\Extension: [glmaefkhdccancpaddiobiniepmmnjfp] - No Path
CHR HKLM-x32\...\Chrome\Extension: [mmchdbhejjopiefgiakgedljioijebam] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-09-29] (Adobe Systems) [File not signed]
R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
S3 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_605908f5a8a8d72c\AESTSr64.exe [89600 2009-10-26] (Andrea Electronics Corporation)
S3 Blackberry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited) [File not signed]
S3 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [9464168 2010-11-26] (DisplayLink Corp.)
S3 GSService; C:\Windows\SysWOW64\GSService.exe [443080 2013-12-16] ()
S3 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [344896 2014-09-30] (IObit)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2631456 2014-11-26] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [246112 2014-12-10] ()
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57966424 2010-09-17] (Microsoft Corporation)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142072 2014-10-13] (Panda Security, S.L.)
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [2693448 2014-11-26] ()
R2 O&O CleverCache; C:\Program Files\OO Software\CleverCache\ooccag.exe [844616 2009-12-09] (O&O Software GmbH)
S3 OO DiskImage; C:\Program Files\OO Software\DiskImage\oodiag.exe [7575848 2014-05-28] (O&O Software GmbH)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-30] (Electronic Arts)
S3 OS Selector; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2139400 2011-11-15] ()
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2014-10-16] (Panda Security, S.L.)
S3 QDLService2kDell; C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kDell.exe [330488 2010-04-26] (QUALCOMM, Inc.)
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [633856 2011-06-08] (Nokia) [File not signed]
S3 SMServer; C:\Windows\SysWOW64\snmvtsvc.exe [260608 2012-06-01] (SMServer) [File not signed]
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [430424 2010-09-17] (Microsoft Corporation)
S3 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_605908f5a8a8d72c\STacSV64.exe [240128 2009-10-26] (IDT, Inc.)
S3 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe [317328 2011-08-01] (WDC)
S3 WDFMEService; C:\Program Files\Western Digital\WD SmartWare\WDFME.exe [1978256 2011-08-01] (Western Digital )
R3 WDRulesService; C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe [1338256 2011-08-01] (Western Digital )
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-03-26] (Samsung Electronics Co., Ltd.)
S3 DisplayLinkUsbPort; C:\Windows\System32\DRIVERS\DisplayLinkUsbPort_5.5.29055.0.sys [17408 2010-11-26] (http://libusb-win32.sourceforge.net)
S3 dlcdbus; C:\Windows\System32\DRIVERS\dlcdbus.sys [116224 2010-11-26] (MCCI Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-09-02] (Disc Soft Ltd)
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [30752 2013-03-17] (EldoS Corporation)
R3 ew_usbenumfilter; C:\Windows\System32\DRIVERS\ew_usbenumfilter.sys [15744 2014-12-13] (MBB Technologies Co., Ltd.)
S4 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-01-01] (REALiX™)
S3 LAN9500; C:\Windows\System32\DRIVERS\lan9500-x64-n51f.sys [67584 2011-08-31] (SMSC)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-15] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [96800 2014-06-04] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [162336 2014-06-18] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [112160 2014-06-04] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [115232 2014-06-04] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\System32\DRIVERS\NNSNAHSL.sys [46336 2014-01-16] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [95776 2014-06-04] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [70176 2014-06-04] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [125984 2014-06-04] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [306720 2014-06-04] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [169504 2014-06-04] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [115744 2014-06-04] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [261152 2014-06-04] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [109088 2014-06-04] (Panda Security, S.L.)
R0 oodisr; C:\Windows\System32\DRIVERS\oodisr.sys [116928 2014-05-28] (O&O Software GmbH)
R0 oodisrh; C:\Windows\System32\DRIVERS\oodisrh.sys [41152 2014-05-28] (O&O Software GmbH)
R0 oodivd; C:\Windows\System32\DRIVERS\oodivd.sys [255680 2014-05-28] (O&O Software GmbH)
R0 oodivdh; C:\Windows\System32\DRIVERS\oodivdh.sys [44736 2014-05-28] (O&O Software GmbH)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [163088 2014-10-13] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121616 2014-10-13] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [195616 2014-07-24] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [122400 2014-07-24] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [132128 2014-07-24] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107792 2014-10-13] (Panda Security, S.L.)
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [78336 2013-01-03] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 ROCKEYNT; C:\Windows\System32\DRIVERS\Rockey4.sys [36904 2011-08-31] (Feitian Technologies Co., Ltd.)
S3 Rockey_USB; C:\Windows\System32\DRIVERS\Rockey4USB.sys [23592 2011-08-31] (Feitian Technologies Co., Ltd.)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2015-01-01] (Synaptics Incorporated)
R3 SndTAudio; C:\Windows\System32\drivers\SndTAudio.sys [34088 2012-06-05] (Windows ® Win 7 DDK provider)
S2 SSPORT; No ImagePath
S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [51712 2011-05-10] (Apple, Inc.) [File not signed]
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
S3 WsAudio_Device(1); C:\Windows\System32\drivers\VirtualAudio1.sys [31080 2013-01-25] (Wondershare)
S3 WsAudio_Device(2); C:\Windows\System32\drivers\VirtualAudio2.sys [31080 2013-01-25] (Wondershare)
S3 WsAudio_Device(3); C:\Windows\System32\drivers\VirtualAudio3.sys [31080 2013-01-25] (Wondershare)
S3 WsAudio_Device(4); C:\Windows\System32\drivers\VirtualAudio4.sys [31080 2013-01-25] (Wondershare)
S3 WsAudio_Device(5); C:\Windows\System32\drivers\VirtualAudio5.sys [31080 2013-01-25] (Wondershare)
U4 Messenger; No ImagePath
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
U0 Partizan; system32\drivers\Partizan.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-15 20:58 - 2015-01-15 20:59 - 00025786 _____ () C:\Users\Raul\Desktop\FRST.txt
2015-01-15 20:56 - 2015-01-15 20:56 - 02125312 _____ (Farbar) C:\Users\Raul\Desktop\FRST64.exe
2015-01-15 20:06 - 2015-01-15 20:06 - 00001340 _____ () C:\Users\Raul\Desktop\JRT.txt
2015-01-15 20:00 - 2015-01-15 20:00 - 00000000 ____D () C:\Windows\ERUNT
2015-01-15 19:58 - 2015-01-15 19:58 - 00001054 _____ () C:\Users\Raul\Desktop\MAB.txt
2015-01-15 19:38 - 2015-01-15 19:38 - 00001246 _____ () C:\Users\Raul\Desktop\AdwCleaner[S2].txt
2015-01-15 19:17 - 2015-01-15 19:17 - 01707939 _____ (Thisisu) C:\Users\Raul\Desktop\JRT.exe
2015-01-15 19:16 - 2015-01-15 19:16 - 02191360 _____ () C:\Users\Raul\Desktop\AdwCleaner.exe
2015-01-14 21:37 - 2015-01-14 21:38 - 00289616 _____ () C:\Windows\Minidump\011415-43071-01.dmp
2015-01-14 20:05 - 2015-01-15 20:58 - 00000000 ____D () C:\FRST
2015-01-13 23:16 - 2015-01-13 23:16 - 00289488 _____ () C:\Windows\Minidump\011315-37331-01.dmp
2015-01-13 22:18 - 2015-01-15 19:36 - 00005434 _____ () C:\Windows\PFRO.log
2015-01-13 22:17 - 2015-01-13 22:17 - 00000000 ____H () C:\asc_rdflag
2015-01-13 21:10 - 2015-01-15 19:36 - 00000504 _____ () C:\Windows\setupact.log
2015-01-13 21:10 - 2015-01-13 21:10 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-13 20:27 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-13 20:27 - 2014-12-11 18:47 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-13 20:27 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-13 20:27 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-13 20:27 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 20:26 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-13 20:25 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-13 20:25 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-13 20:25 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-13 20:25 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-13 20:25 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-13 20:25 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-13 20:25 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-13 20:02 - 2015-01-13 20:02 - 00000000 ____D () C:\TDSSKiller_Quarantine
2015-01-13 19:27 - 2015-01-15 20:58 - 00519009 _____ () C:\Windows\WindowsUpdate.log
2015-01-13 01:24 - 2015-01-13 01:24 - 00288400 _____ () C:\Windows\Minidump\011315-36831-01.dmp
2015-01-13 00:46 - 2015-01-15 19:34 - 00000000 ____D () C:\AdwCleaner
2015-01-12 22:32 - 2015-01-13 20:20 - 00000000 ____D () C:\Program Files\OTM
2015-01-11 23:13 - 2015-01-11 23:47 - 00000000 ____D () C:\Users\Raul\AppData\Roaming\Panda Security
2015-01-11 23:12 - 2015-01-11 23:47 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2015-01-11 23:04 - 2015-01-11 23:47 - 00000000 ____D () C:\ProgramData\Panda Security
2015-01-11 22:43 - 2015-01-15 20:56 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-11 22:43 - 2015-01-11 22:43 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-11 22:43 - 2015-01-11 22:43 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-11 22:43 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-11 22:43 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-11 22:43 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-10 22:10 - 2015-01-13 22:08 - 00000000 ____D () C:\Users\Raul\AppData\Roaming\.ACEStream
2015-01-10 22:10 - 2015-01-11 23:44 - 00000000 ___HD () C:\_acestream_cache_
2015-01-10 22:08 - 2015-01-10 22:11 - 00000000 ____D () C:\Users\Raul\AppData\Roaming\ACEStream
2015-01-10 12:28 - 2015-01-12 23:40 - 00002860 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (SYSTEM)
2015-01-10 12:25 - 2015-01-10 12:25 - 00000761 _____ () C:\Windows\system32\Drivers\etc\hosts.txt
2015-01-09 20:48 - 2015-01-11 23:19 - 00000000 ____D () C:\Users\Raul\AppData\Local\Upmedia
2015-01-09 20:46 - 2015-01-09 20:47 - 00000000 ____D () C:\Windows\SysWOW64\C2MP
2015-01-05 23:21 - 2014-11-25 20:27 - 00606920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-01-05 23:20 - 2014-05-20 03:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2015-01-05 23:20 - 2014-05-20 03:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 31514312 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 24201416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 22992072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 17559432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 16128040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 15294280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 14497568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 13916088 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 13827712 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 12890312 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-01-05 23:16 - 2014-11-26 00:15 - 11271728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 11209192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 04245648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 03986632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 02824176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 01907400 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434121.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 01555656 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434121.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 00944328 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 00908432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 00903496 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 00870032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-01-05 23:06 - 2015-01-05 23:06 - 00000000 ____D () C:\Program Files\Intel
2015-01-04 10:55 - 2015-01-10 17:54 - 00000063 _____ () C:\Windows\SysWOW64\Partizan.RRI
2015-01-04 10:49 - 2015-01-04 10:52 - 00000000 ____D () C:\ProgramData\RegRun
2015-01-04 10:47 - 2015-01-04 10:47 - 00001148 _____ () C:\Windows\SysWOW64\PARTIZAN.TXT
2015-01-03 23:32 - 2015-01-03 23:32 - 00040208 _____ (Greatis Software) C:\Windows\system32\Partizan.exe
2015-01-03 23:29 - 2015-01-03 23:29 - 00000002 RSHOT () C:\Windows\winstart.bat
2015-01-03 23:29 - 2015-01-03 23:29 - 00000002 RSHOT () C:\Windows\SysWOW64\CONFIG.NT
2015-01-03 23:29 - 2015-01-03 23:29 - 00000002 RSHOT () C:\Windows\SysWOW64\AUTOEXEC.NT
2015-01-01 20:28 - 2015-01-01 20:36 - 00000679 _____ () C:\Users\Raul\Desktop\Half-Life.lnk
2015-01-01 17:03 - 2015-01-01 17:05 - 00000000 ____D () C:\Program Files (x86)\BBSAK
2015-01-01 16:14 - 2015-01-01 16:14 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2015-01-01 16:14 - 2015-01-01 16:14 - 00034544 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2015-01-01 16:14 - 2015-01-01 16:14 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-01-01 16:10 - 2015-01-01 16:10 - 00026528 _____ (REALiX™) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2015-01-01 16:02 - 2015-01-01 16:03 - 00118795 _____ () C:\Users\Raul\Downloads\Late shift all year schedule '15.xlsx
2014-12-21 06:55 - 2014-12-21 06:55 - 00047096 _____ () C:\Windows\SysWOW64\DiscHandler.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-15 20:58 - 2012-03-08 19:47 - 00000000 ____D () C:\Users\Raul\AppData\Roaming\Azureus
2015-01-15 19:44 - 2009-07-14 05:45 - 00025552 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-15 19:44 - 2009-07-14 05:45 - 00025552 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-15 19:36 - 2013-08-04 13:36 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-15 19:36 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-14 21:38 - 2011-12-07 22:39 - 00000000 ____D () C:\Users\Raul
2015-01-14 21:37 - 2011-08-23 22:11 - 00000000 ____D () C:\Windows\Minidump
2015-01-14 21:37 - 2009-07-14 05:45 - 00487120 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-14 21:34 - 2011-12-08 00:06 - 00120816 _____ () C:\Users\Raul\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-14 21:31 - 2011-09-01 19:40 - 00000000 ____D () C:\Program Files (x86)\Corel
2015-01-14 21:30 - 2011-12-18 22:37 - 00000000 ____D () C:\Users\Raul\AppData\Roaming\Corel
2015-01-14 00:06 - 2011-09-02 21:34 - 01819164 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-14 00:06 - 2009-07-14 18:58 - 00790818 _____ () C:\Windows\system32\prfh0816.dat
2015-01-14 00:06 - 2009-07-14 18:58 - 00179800 _____ () C:\Windows\system32\prfc0816.dat
2015-01-14 00:06 - 2009-07-14 06:13 - 01819164 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-13 23:18 - 2014-03-01 21:18 - 00000000 ____D () C:\ProgramData\ProductData
2015-01-13 23:13 - 2013-07-20 02:01 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-13 23:13 - 2011-08-23 15:40 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-13 22:18 - 2014-05-28 10:25 - 02916352 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2015-01-13 22:18 - 2014-05-28 10:25 - 00065536 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2015-01-13 22:18 - 2014-05-28 10:25 - 00032768 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2015-01-13 22:18 - 2014-05-28 10:24 - 105189376 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2015-01-13 21:04 - 2011-08-23 14:33 - 00000000 ____D () C:\Windows\Panther
2015-01-13 20:21 - 2011-12-07 22:39 - 00000000 ___RD () C:\Users\Raul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-13 20:16 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-12 23:50 - 2014-09-01 21:00 - 00002852 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (Raul)
2015-01-12 22:23 - 2014-06-15 18:57 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-12 22:21 - 2014-03-01 21:18 - 00000000 ____D () C:\ProgramData\IObit
2015-01-12 00:02 - 2014-07-04 23:21 - 00000000 ____D () C:\Users\Default\AppData\Roaming\IObit
2015-01-12 00:02 - 2014-07-04 23:21 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\IObit
2015-01-11 23:00 - 2012-05-08 20:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-11 23:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\security
2015-01-11 22:59 - 2011-08-31 14:24 - 00000000 ____D () C:\Windows\system32\Drivers\tr-TR
2015-01-11 22:59 - 2011-08-31 14:24 - 00000000 ____D () C:\Windows\system32\Drivers\th-TH
2015-01-11 22:59 - 2011-08-31 14:24 - 00000000 ____D () C:\Windows\system32\Drivers\ro-RO
2015-01-11 22:59 - 2011-08-31 14:24 - 00000000 ____D () C:\Windows\system32\Drivers\he-IL
2015-01-11 22:59 - 2011-08-31 14:24 - 00000000 ____D () C:\Windows\system32\Drivers\ar-SA
2015-01-11 22:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2015-01-11 22:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\th-TH
2015-01-11 22:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\ro-RO
2015-01-11 22:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\he-IL
2015-01-11 22:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\ar-SA
2015-01-11 19:05 - 2014-03-29 12:47 - 00000000 ____D () C:\ProgramData\Origin
2015-01-11 12:45 - 2014-03-29 10:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-11 11:42 - 2014-03-29 12:47 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-01-10 21:14 - 2013-04-12 22:52 - 00000000 ____D () C:\Users\Raul\AppData\Roaming\vlc
2015-01-09 22:11 - 2012-04-12 18:22 - 00005632 _____ () C:\Users\Raul\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-09 20:54 - 2012-05-08 22:41 - 00000000 ____D () C:\Users\Raul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD & MP3
2015-01-09 20:49 - 2013-04-29 20:23 - 00000000 ____D () C:\Temp
2015-01-06 04:36 - 2011-08-23 15:09 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-05 23:21 - 2013-08-04 13:36 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-01-05 00:19 - 2011-12-08 00:10 - 00000000 ____D () C:\Users\Raul\AppData\Roaming\DAEMON Tools Lite
2015-01-02 21:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-01-01 20:33 - 2011-12-08 01:18 - 00000000 ____D () C:\Users\Raul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-01-01 20:16 - 2012-04-12 18:05 - 00000000 ____D () C:\Users\Raul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Phones
2015-01-01 17:54 - 2014-10-23 17:55 - 00000539 _____ () C:\Users\Raul\AppData\Roaming\Rim.DesktopHelper.Exception.log
2015-01-01 17:54 - 2014-10-23 17:55 - 00000539 _____ () C:\Users\Raul\AppData\Roaming\Rim.Desktop.Exception.log
2014-12-30 23:30 - 2014-08-21 18:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Calibre - E-book Management
2014-12-30 23:30 - 2014-08-21 18:16 - 00000000 ____D () C:\Program Files (x86)\Calibre2
2014-12-29 18:58 - 2014-08-17 16:38 - 56188928 _____ () C:\Windows\system32\config\components.iodefrag.bak

Some content of TEMP:
====================
C:\Users\Raul\AppData\Local\Temp\i4jdel0.exe
C:\Users\Raul\AppData\Local\Temp\Quarantine.exe
C:\Users\Raul\AppData\Local\Temp\sqlite3.dll
C:\Users\Raul\AppData\Local\Temp\Uninst.exe
C:\Users\Raul\AppData\Local\Temp\{CD3D5E18-8642-4553-95CE-10CC9347BCD3}.exe


Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\dlumd10.dll
C:\Windows\SysWOW64\dlumd11.dll
C:\Windows\SysWOW64\dlumd9.dll
C:\Windows\System32\dlumd10.dll
C:\Windows\System32\dlumd11.dll
C:\Windows\System32\dlumd9.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-04 14:23

==================== End Of Log ============================


Addition (as the first posted was incomplete):

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2015 01
Ran by Raul at 2015-01-15 20:59:23
Running from C:\Users\Raul\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Panda Antivirus Pro 2015 (Disabled - Up to date) {3456760B-FDAA-FFFD-06C2-7BB528D2066C}
AS: Panda Antivirus Pro 2015 (Disabled - Up to date) {8F3797EF-DB90-F073-3C72-40C753554CD1}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Disabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
FW: Panda Firewall (Disabled) {0C6DF72E-B7C5-FEA5-2D9D-D280D6014117}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3.5.0 (HKLM-x32\...\{AE117F4B-840D-448B-A843-C0AE9F5EE50C}_is1) (Version: 3.5.0 - Arduino Software)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Ace Stream Media 3.0.5 (HKU\S-1-5-21-108446822-2314553757-1589008412-1021\...\AceStream) (Version: 3.0.5 - Ace Stream Media)
Acronis Disk Director 11 Home (HKLM-x32\...\{8EFB7927-48AD-4E6D-91B7-6B2BD6C3F380}) (Version: 11.0.2343 - Acronis)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Reader 64-bit fixes (HKLM\...\{6D80AAE7-FF65-4950-B1CA-3A7EA4995574}_is1) (Version:  - Leo Davidson / Pretentious Name)
Adobe Reader XI (11.0.10) - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.0.3 - IObit)
Akamai NetSession Interface (HKU\S-1-5-21-108446822-2314553757-1589008412-1021\...\Akamai) (Version:  - Akamai Technologies, Inc)
Allway Sync version 11.5.0 (HKLM-x32\...\Allway Sync_is1) (Version:  - Botkind Inc)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.103.404.104 - Alps Electric)
Ashampoo Burning Studio 2015 v.1.15.0 (HKLM-x32\...\{91B33C97-21E3-DF34-9630-2EE80DDE1648}_is1) (Version: 1.15.0 - Ashampoo GmbH & Co. KG)
BBSAK (HKLM-x32\...\{B23F12D4-17DE-453A-B1F4-55E501FE0EBF}) (Version: 1.9.2 - JMT Labs)
Bejeweled® 3 (HKLM-x32\...\{E99C27B2-EB2E-4244-9F5C-A96F55100F0C}) (Version: 1.1.13.4753 - Electronic Arts, Inc.)
BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research In Motion Ltd.)
BlackBerry Desktop Software 7.1 (x32 Version: 7.1.0.41 - Research In Motion Ltd.) Hidden
BlackBerry Device Manager 7.0 (HKLM-x32\...\BlackBerry_HandheldManager) (Version: 7.0.0.43 - Research In Motion Ltd.)
BlackBerry Device Manager 7.0 (x32 Version: 7.0.0.43 - Research In Motion Ltd.) Hidden
BlackBerry Device Software v5.0.0 para o smartphone BlackBerry 9000 (HKLM-x32\...\{6D1C6838-FE88-48A2-866F-16D8229BEDCD}) (Version: 5.0.0.1096 (Plataforma 5.2.0.106) - Research In Motion Ltd.)
Bulk Rename Utility 2.7.1.2 (HKLM\...\Bulk Rename Utility_is1) (Version:  - TGRMN Software)
Bullzip PDF Printer 10.8.0.2282 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.8.0.2282 - Bullzip)
calibre (HKLM-x32\...\{C727544A-23E0-41A8-9901-2353CE3FE62A}) (Version: 2.14.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5067 - CDBurnerXP)
Cool Timer 5.0.8.0 (HKLM-x32\...\Cool Timer_is1) (Version:  - Harmony Hollow Software)
Corel Shell Extension - 64Bit (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW® Graphics Suite X4 - Windows Shell Extension (HKLM-x32\...\_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}) (Version:  - Corel Corporation)
CorelDRAW® Graphics Suite X4 - Windows Shell Extension (x32 Version: 1.0 - Corel Corporation) Hidden
CutePDF Professional 3.6 (HKLM-x32\...\{F10D1D8F-C20C-4F0D-B243-688C0C6873F6}) (Version: 3.6.4.1 - Acro Software Inc.)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version:  3.0 - Acro Software Inc.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
Dell ControlVault Host Components Installer 64 bit (HKLM\...\{72E1C93F-BA1C-4E88-BA29-C3B716217E69}) (Version: 2.2.509.141 - Broadcom Corporation)
DisplayLink Core Software (HKLM\...\{47838E48-EF6C-40A6-BB8E-97011A1C1C2D}) (Version: 5.5.29055.0 - DisplayLink Corp.)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05.0.0 - Electronic Arts)
Driver Booster 2.1 (HKLM-x32\...\Driver Booster_is1) (Version: 2.1 - IObit)
Dropbox (HKU\S-1-5-21-108446822-2314553757-1589008412-1021\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
Dune Legacy (HKLM-x32\...\Dune Legacy) (Version:  - )
Dungeon Siege 2 (HKLM-x32\...\DungeonSiege2) (Version:  - Microsoft)
Fallout (HKLM-x32\...\Fallout_is1) (Version:  - GOG.com)
FF7Music (HKLM\...\FF7Music) (Version:  - )
Final Fantasy VII (HKLM-x32\...\Final Fantasy VII) (Version:  - )
Football Manager 2012 (HKLM-x32\...\Football Manager 2012_is1) (Version:  - )
Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
I Have No Mouth, and I Must Scream (HKLM-x32\...\GOGPACKIHAVENOMOUTH_is1) (Version: 2.0.0.7 - GOG.com)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6217.0 - IDT)
Intel® Network Connections 19.5.303.0 (HKLM\...\PROSetDX) (Version: 19.5.303.0 - Intel)
IObit Malware Fighter (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 2.5 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.1.5.24 - IObit)
Java 7 Update 11 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417011FF}) (Version: 7.0.110 - Oracle)
Java 7 Update 72 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217072FF}) (Version: 7.0.720 - Oracle)
Jewel Quest (remove only) (HKLM-x32\...\Jewel Quest) (Version:  - )
Jewel Quest 6 - The Sapphire Dragon - Collectors Edition (HKLM-x32\...\Jewel Quest 6 - The Sapphire Dragon - Collectors Editionv1.1) (Version: v1.1 - iWin Games)
Jewel Quest Heritage (HKLM-x32\...\Jewel Quest Heritage_is1) (Version:  - )
Kensington Display Adapter (HKLM\...\{B55DFE64-C46E-4999-8DE4-1879ACD9DD7F}) (Version: 5.2.23316.0 - Kensington Computer Products Group)
K-Lite Codec Pack 6.9.0 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.9.0 - )
Leisure Suit Larry 7 - Love for Sail! (HKLM-x32\...\GOGPACKLARRY7WIN_is1) (Version: 2.0.0.11 - GOG.com)
Little Big Adventure (HKLM-x32\...\Little Big Adventure_is1) (Version:  - GOG.com)
Malwarebytes Anti-Malware versão 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MathType 6 (HKLM-x32\...\DSMT6) (Version: 6.7 - Design Science, Inc.)
Media Go (HKLM-x32\...\{F66C4A41-C3A8-4523-AB6C-BAA1DB38305C}) (Version: 2.7.357 - Sony)
Media Go Network Downloader (HKLM-x32\...\{5562F05F-908C-4F15-9B3C-98D5FD32DCAB}) (Version: 1.5.19.0 - Sony)
Media Go Video Playback Engine 2.4.112.12050 (HKLM-x32\...\{7C5AEEE1-6D7C-8922-4548-7BF9096077EC}) (Version: 2.4.112.12050 - Sony)
Media Player Codec Pack 4.3.5 (HKLM-x32\...\Media Player - Codec Pack) (Version: 4.3.5 - Media Player Codec Pack)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Português) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 2070) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Calculator Plus (HKLM-x32\...\{83073C45-3003-4671-9A86-243AAADD915A}) (Version: 1.0.0 - Microsoft)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0816-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.2.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{C3AF5BD8-30D5-41F5-AF61-705D98146B0F}) (Version: 10.2.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{C0C690C8-F335-4BA4-A2AD-675EAD1DFA90}) (Version: 10.2.4000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{877B76B2-F83F-4F5A-B28D-3F398641ADB6}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.2.4000.0 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - ENU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - ENU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C# 2010 Express - ENU (HKLM-x32\...\Microsoft Visual C# 2010 Express - ENU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 21.005.15.00.902 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 34.0.5 (x86 pt-PT) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 pt-PT)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nokia Connectivity Cable Driver (HKLM-x32\...\{2D99A593-C841-43A7-B7C9-D6F3AE70B756}) (Version: 7.1.45.0 - Nokia)
Nokia Ovi Suite (HKLM-x32\...\Nokia Ovi Suite) (Version: 3.1.1.90 - Nokia)
Nokia Ovi Suite (x32 Version: 3.1.1.90 - Nokia) Hidden
Nokia Ovi Suite Software Updater (HKLM-x32\...\{A8F7FCEF-3CA6-4CE9-8FEA-8BB18F8686F0}) (Version: 02.07.004.45780 - Nokia Corporation)
NoteTab Pro 6 (Remove only) (HKLM-x32\...\NoteTab Pro 6_is1) (Version: 6.2 - Fookes Holding Ltd)
NVIDIA Controlador gráfico 341.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.21 - NVIDIA Corporation)
NVIDIA O controlador de 3D Vision 341.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.21 - NVIDIA Corporation)
NVIDIA O software nView 141.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 141.36 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA WMI 2.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.18.0 - NVIDIA Corporation)
O&O CleverCache (HKLM\...\{2A64B9EB-AAEF-462B-8D5A-855B1DD5467A}) (Version: 7.1.2737 - O&O Software GmbH)
O&O DiskImage Professional (HKLM\...\{56F8EF3C-D9A0-4728-95D5-DC05A72931F5}) (Version: 7.81.16 - O&O Software GmbH)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)
Ovi Desktop Sync Engine (x32 Version: 1.5.266.0 - Nokia) Hidden
OviMPlatform (x32 Version: 2.7.72.0 - Nokia) Hidden
Pacote de controladores do Windows - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
Painel de controlo da NVIDIA 341.21 (Version: 341.21 - NVIDIA Corporation) Hidden
Panda Antivirus Pro 2015 (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 15.00.04.0002 - Panda Security)
Panda Antivirus Pro 2015 (Version: 7.23.00.0000 - Panda Security) Hidden
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.04 - Panda Security)
Panda Devices Agent (x32 Version: 1.05.00 - Panda Security) Hidden
Pavtube ByteCopy Ver 1.0.0.5354 (HKLM-x32\...\{3A401DC0-615F-4c63-82B1-CF022C785C9A}_is1) (Version:  - )
PC Connectivity Solution (HKLM-x32\...\{C373F7C4-05D2-4047-96D1-6AF30661C6AA}) (Version: 11.4.21.0 - Nokia)
PCMedik (HKLM-x32\...\PCMedik_is1) (Version: 7.12.22.2014 - PGWARE LLC)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.198.0 - Tracker Software Products Ltd)
Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)
Planescape - Torment (HKLM-x32\...\Planescape - Torment) (Version:  - )
Plants vs. Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
PlayStation®Network Downloader (HKLM-x32\...\{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}) (Version: 2.07.00849 - Sony Computer Entertainment Inc.)
PlayStation®Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.14.6.15183 - Sony Computer Entertainment Inc.)
Qualcomm Gobi 2000 Package for Dell (HKLM-x32\...\{051EC556-DA07-413A-ADF3-3D8D76D8CF95}) (Version: 1.1.140 - QUALCOMM)
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
QuickTime Alternative 1.81 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 1.81 - )
Raptor - Call of the Shadows (HKLM-x32\...\GOGPACKRAPTOR_is1) (Version: 2.0.0.10 - GOG.com)
Real Alternative 2.0.2 (HKLM-x32\...\RealAlt_is1) (Version: 2.0.2 - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 para SQL Server 2008 (KB2285068) (64-bit) (HKLM\...\KB2285068) (Version: 10.2.4000.0 - Microsoft Corporation)
SharpDevelop 4.0 (HKLM-x32\...\{53965728-D8B7-40C2-85A9-762079014BA4}) (Version: 4.0.7070 - ic#code)
SimCity 2000 Special Edition (HKLM-x32\...\{59D2C751-F7BE-4E9F-9C8C-1F16013802C7}) (Version: 2.0.0.1 - Electronic Arts)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.3 - IObit)
Sony Ericsson Update Service (HKLM-x32\...\Update Service) (Version: 2.11.12.5 - Sony Ericsson Mobile Communications AB)
SoundTaxi 4.3.8 (HKLM-x32\...\SoundTaxi_is1) (Version: 4.3.8 - cyan soft ltd)
Sql Server Customer Experience Improvement Program (Version: 10.2.4000.0 - Microsoft Corporation) Hidden
StarCraft II (HKLM-x32\...\StarCraft II) (Version: 2.0.7.25293 - Blizzard Entertainment)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Veetle TV (HKLM-x32\...\Veetle TV) (Version: 0.9.19 - Veetle, Inc)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.5.0.0 - Azureus Software, Inc.)
WD SmartWare (HKLM\...\{23B47A34-0517-48DA-8B76-015DA8546893}) (Version: 1.5.1 - Western Digital)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Wing Commander 1 and 2 (HKLM-x32\...\Wing Commander 1 and 2_is1) (Version:  - GOG.com)
WinX DVD Ripper Platinum 7.5.4 (HKLM-x32\...\WinX DVD Ripper Platinum_is1) (Version:  - Digiarty Software, Inc.)
WinZip 15.5 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240C2}) (Version: 15.5.9468 - WinZip Computing, S.L. )
Xiph.Org Ogg Codecs 0.83.17220 32-bit (HKLM-x32\...\Ogg Codecs) (Version: 0.83.17220 - Xiph.Org)
Zuma Deluxe RA (HKLM-x32\...\Zuma Deluxe RA) (Version:  - )
Zuma's Revenge! (HKLM-x32\...\Zuma's Revenge!1.0) (Version: 1.0 - AllSmartGames)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-108446822-2314553757-1589008412-1021_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Raul\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-108446822-2314553757-1589008412-1021_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Raul\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-108446822-2314553757-1589008412-1021_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Raul\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-108446822-2314553757-1589008412-1021_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Raul\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-108446822-2314553757-1589008412-1021_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Raul\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-108446822-2314553757-1589008412-1021_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Raul\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-108446822-2314553757-1589008412-1021_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Raul\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-108446822-2314553757-1589008412-1021_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Raul\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-108446822-2314553757-1589008412-1021_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Raul\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

01-01-2015 17:17:54 Windows Update
05-01-2015 23:02:28 Before installing new drivers - 05/01/2015 23:02:25
05-01-2015 23:03:49 Installed Intel® Network Connections.
07-01-2015 22:05:43 Windows Update
11-01-2015 22:38:24 Instalador de Módulos do Windows
13-01-2015 20:10:49 IObit Uninstaller restore point
13-01-2015 20:22:07 Windows Update
13-01-2015 23:12:53 Windows Update
13-01-2015 23:59:29 Windows Update
14-01-2015 21:35:46 Removed CorelDRAW® Graphics Suite X4 - Windows Shell Extension.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-01-10 12:25 - 00001509 _RASH C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
162.247.13.85 www.google-analytics.com.
162.247.13.85 google-analytics.com.
162.247.13.85 connect.facebook.net.
94.242.254.156 www.google-analytics.com.
94.242.254.156 google-analytics.com.
94.242.254.156 connect.facebook.net.
192.95.55.229 www.google-analytics.com.
192.95.55.229 google-analytics.com.
192.95.55.229 connect.facebook.net.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {00AEE53D-4CBE-4140-8DB9-4F9FFCD719B0} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-07-23] (IObit)
Task: {0BE6A285-1887-4AE9-8EA7-0637FEDDB546} - System32\Tasks\Microsoft\Windows\MobilePC\DisplayLink TMM Control
Task: {150C190E-6480-48D1-96AA-CC027E2E8821} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-28] (Google Inc.)
Task: {1FB4EF4A-6AF0-4E12-B4B2-ABF00645F29E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {3C3C133F-F173-482B-9DEE-853B107A8EAD} - System32\Tasks\Driver Booster SkipUAC (Raul) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-01-07] (IObit)
Task: {7DD8D811-97C6-4D4C-AD58-6A8E2094DE29} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-28] (Google Inc.)
Task: {8B22E4B9-1169-4A98-8EA6-97EA0E1009BA} - \Microsoft_Hardware_Launch_IPoint_exe No Task File <==== ATTENTION
Task: {9B747A60-041E-4D5A-8C8F-D8A40AB3387A} - \Game_Booster_AutoUpdate No Task File <==== ATTENTION
Task: {9CEDEB05-98BB-4AF6-957D-8B17D29D9CDD} - System32\Tasks\Uninstaller_SkipUac_Raul => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-11-04] (IObit)
Task: {9E7DAB26-CF04-434F-A6E4-F56E7A5A5D9A} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-11-04] (IObit)
Task: {9F9AE294-1C43-46FC-A14D-D927EC25BBDE} - \{C3FB6FB5-1A4F-47A5-AD8D-7C3CA1F00710} No Task File <==== ATTENTION
Task: {A5106845-9809-4B20-A2CF-B12EFBDC91C7} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {A840C0F9-BDDB-4A5E-8881-90673E2876E1} - \CreateChoiceProcessTask No Task File <==== ATTENTION
Task: {B83488C5-5D8A-4FE0-AA21-A5F860D5ED47} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-01-07] (IObit)
Task: {BE51185C-3227-4D5B-BFD8-4BB75D7128B9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-13] (Adobe Systems Incorporated)
Task: {DEDB99BA-1CFB-4109-9CD3-67669ACACD4E} - System32\Tasks\ASC8_SkipUac_Raul => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2014-11-26] (IObit)
Task: {EA1A21A2-0084-431C-A5BC-218AA4A044BE} - \{7CA83FA6-2FF8-4405-BE9B-B217E3770117} No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-09-08 22:56 - 2014-11-26 00:15 - 02693448 _____ () C:\Windows\system32\nvwmi64.exe
2014-09-08 22:20 - 2014-11-25 22:39 - 00115400 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-08-24 09:24 - 2011-08-24 09:24 - 00146432 _____ () C:\Windows\System32\corelcreatorpm.dll
2011-08-30 23:59 - 2013-10-23 13:24 - 00087600 _____ () C:\Windows\System32\cpwmon64.dll
2008-09-09 11:22 - 2008-09-09 11:22 - 00022016 _____ () C:\Windows\System32\sst1cl6.dll
2006-12-12 07:37 - 2006-12-12 07:37 - 00022016 _____ () C:\Windows\System32\sugo2l6.dll
2010-11-02 08:33 - 2010-11-02 08:33 - 01083392 _____ () C:\Program Files\Western Digital\WD SmartWare\System.Data.SQLite.dll
2014-09-08 22:21 - 2014-11-26 00:15 - 00710288 _____ () C:\Program Files\NVIDIA Corporation\nview\nvshell.dll
2011-08-01 07:35 - 2011-08-01 07:35 - 00082944 _____ () C:\Program Files\Western Digital\WD SmartWare\WDCollections.dll
2014-12-05 21:41 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\sqlite3.dll
2013-04-12 18:23 - 2013-04-12 18:23 - 00612664 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
2014-12-05 21:42 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2014-12-05 21:42 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2014-12-05 21:42 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2014-03-29 10:14 - 2014-11-26 17:40 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:66E02052
AlternateDataStreams: C:\ProgramData\TEMP:ADF211B1

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\76045792.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\93361276.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\76045792.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\93361276.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: MSC =>
MSCONFIG\startupreg: NextLive => c:\windows\syswow64\rundll32.exe "c:\users\raul\appdata\roaming\newnext.me\nengine.dll",entrypoint -m l
MSCONFIG\startupreg: OODITRAY.EXE => C:\Program Files\OO Software\DiskImage\ooditray.exe
MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe

========================= Accounts: ==========================

Administrador (S-1-5-21-108446822-2314553757-1589008412-500 - Administrator - Disabled)
Convidado (S-1-5-21-108446822-2314553757-1589008412-501 - Limited - Disabled)
Raul (S-1-5-21-108446822-2314553757-1589008412-1021 - Administrator - Enabled) => C:\Users\Raul

==================== Faulty Device Manager Devices =============

Name: SSPORT
Description: SSPORT
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SSPORT
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (01/15/2015 08:15:19 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Intel® Core™2 Duo CPU P8400 @ 2.26GHz
Percentage of memory in use: 43%
Total physical RAM: 4083.92 MB
Available physical RAM: 2290.71 MB
Total Pagefile: 8166.02 MB
Available Pagefile: 6000.76 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:100.08 GB) (Free:18.27 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:130.79 GB) (Free:27.63 GB) NTFS
Drive f: (RECOVERY) (Fixed) (Total:2.01 GB) (Free:0.92 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 48000000)
Partition 1: (Active) - (Size=100.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=130.8 GB) - (Type=OF Extended)

==================== End Of Log ============================



#14 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,976 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:41 PM

Posted 15 January 2015 - 03:08 PM

Hey, :)

Step 1: FRST Fix
  • Please open Notepad.exe. Make sure that you don't use any other software than Notepad.exe!
  • Copy and Paste the content of the codebox below into the empty textfile:

    HKU\S-1-5-21-108446822-2314553757-1589008412-1021\...\RunOnce: [Adobe Speed Launcher] => 1421350134
    HKU\S-1-5-21-108446822-2314553757-1589008412-1021\...\Policies\Explorer: [GreyMSIAds] 0
    HKU\S-1-5-21-108446822-2314553757-1589008412-1021\...\MountPoints2: {05c7c479-413a-11e1-9e1c-00242c303aec} - H:\AutoRun.exe
    HKU\S-1-5-21-108446822-2314553757-1589008412-1021\...\MountPoints2: {bfc753ca-413c-11e1-8f30-00242c303aec} - H:\AutoRun.exe
    ShellIconOverlayIdentifiers: [1SecureIconsProvider] -> {FC9D8189-520A-4417-AED7-9EAC810C6FBA} => C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll No File
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    Toolbar: HKU\S-1-5-21-108446822-2314553757-1589008412-1021 -> No Name - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} -  No File
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll No File
    FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found]
    CHR HKLM-x32\...\Chrome\Extension: [glmaefkhdccancpaddiobiniepmmnjfp] - No Path
    CHR HKLM-x32\...\Chrome\Extension: [mmchdbhejjopiefgiakgedljioijebam] - No Path
    Task: {8B22E4B9-1169-4A98-8EA6-97EA0E1009BA} - \Microsoft_Hardware_Launch_IPoint_exe No Task File <==== ATTENTION
    Task: {9B747A60-041E-4D5A-8C8F-D8A40AB3387A} - \Game_Booster_AutoUpdate No Task File <==== ATTENTION
    Task: {9F9AE294-1C43-46FC-A14D-D927EC25BBDE} - \{C3FB6FB5-1A4F-47A5-AD8D-7C3CA1F00710} No Task File <==== ATTENTION
    Task: {A840C0F9-BDDB-4A5E-8881-90673E2876E1} - \CreateChoiceProcessTask No Task File <==== ATTENTION
    Task: {EA1A21A2-0084-431C-A5BC-218AA4A044BE} - \{7CA83FA6-2FF8-4405-BE9B-B217E3770117} No Task File <==== ATTENTION
    AlternateDataStreams: C:\ProgramData\TEMP:66E02052
    AlternateDataStreams: C:\ProgramData\TEMP:ADF211B1
    EmptyTemp:
  • Then click on File >> Save as
    • File Name: Fixlist.txt
    • From the Save as type drop down list, choose All Files
  • It is very important that you save this textfile on your Desktop!
Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Run FRST.exe/FRST64.exe (Note: If FRST advises there is a new updated version to be downloaded, allow this.)and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply
Step 2: FRST Scan
  • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • Click Scan to start FRST.
  • When FRST finishes scanning, a log, FRST.txt, will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.
Step 3: ESET

Please run a free online scan with the ESET Online Scanner:

IMPORTANT: You MUST use Internet Explorer for this step!
  • Visit the ESET Online Scanner Web Page
  • Select the blue Run ESET Online Scanner button:
    ESET1_zps23a5e840.png
  • Tick the box next to YES, I accept the Terms of Use and click Start
    ESET_EULA2_zps9451f1c3.png
  • When asked, allow the ActiveX control to install.
  • Select Enable detection of potentially unwanted applications and select Advanced Settings:
    ESET2_zpsc701c045.png
  • Make sure to check the options Remove found threats and Enable Anti-Stealth technology are checked:
    ESET4_zps0afafd0d.png
  • Click Start. (This scan can take several hours, so please be patient):
    ESET3_zpsccd1657d.png
  • Once the scan is completed, select List of found threats:
    ESET5_zpsd27be299.png
  • Select Export to text file... and save the file as ESETlog.txt on your Desktop:
    ESET6_zpsc17d154e.png
  • Click the Back button.
  • Click the Finish button:
    ESET9_zps51587217.png
  • Use Notepad to open the saved log file (on your Desktop- ESET.txt)[/b]
  • Copy and paste that log as a reply to this topic.
Step 4: Question

How is your PC running?

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#15 Zapan

Zapan
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:05:41 AM

Posted 15 January 2015 - 04:05 PM

Fixlog:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 15-01-2015 01
Ran by Raul at 2015-01-15 21:43:40 Run:1
Running from C:\Users\Raul\Desktop
Loaded Profiles: Raul (Available profiles: Raul)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-108446822-2314553757-1589008412-1021\...\RunOnce: [Adobe Speed Launcher] => 1421350134
HKU\S-1-5-21-108446822-2314553757-1589008412-1021\...\Policies\Explorer: [GreyMSIAds] 0
HKU\S-1-5-21-108446822-2314553757-1589008412-1021\...\MountPoints2: {05c7c479-413a-11e1-9e1c-00242c303aec} - H:\AutoRun.exe
HKU\S-1-5-21-108446822-2314553757-1589008412-1021\...\MountPoints2: {bfc753ca-413c-11e1-8f30-00242c303aec} - H:\AutoRun.exe
ShellIconOverlayIdentifiers: [1SecureIconsProvider] -> {FC9D8189-520A-4417-AED7-9EAC810C6FBA} => C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKU\S-1-5-21-108446822-2314553757-1589008412-1021 -> No Name - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} -  No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll No File
FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [glmaefkhdccancpaddiobiniepmmnjfp] - No Path
CHR HKLM-x32\...\Chrome\Extension: [mmchdbhejjopiefgiakgedljioijebam] - No Path
Task: {8B22E4B9-1169-4A98-8EA6-97EA0E1009BA} - \Microsoft_Hardware_Launch_IPoint_exe No Task File <==== ATTENTION
Task: {9B747A60-041E-4D5A-8C8F-D8A40AB3387A} - \Game_Booster_AutoUpdate No Task File <==== ATTENTION
Task: {9F9AE294-1C43-46FC-A14D-D927EC25BBDE} - \{C3FB6FB5-1A4F-47A5-AD8D-7C3CA1F00710} No Task File <==== ATTENTION
Task: {A840C0F9-BDDB-4A5E-8881-90673E2876E1} - \CreateChoiceProcessTask No Task File <==== ATTENTION
Task: {EA1A21A2-0084-431C-A5BC-218AA4A044BE} - \{7CA83FA6-2FF8-4405-BE9B-B217E3770117} No Task File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:66E02052
AlternateDataStreams: C:\ProgramData\TEMP:ADF211B1
EmptyTemp:
*****************

HKU\S-1-5-21-108446822-2314553757-1589008412-1021\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Adobe Speed Launcher => Value not found.
HKU\S-1-5-21-108446822-2314553757-1589008412-1021\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\GreyMSIAds => value deleted successfully.
"HKU\S-1-5-21-108446822-2314553757-1589008412-1021\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{05c7c479-413a-11e1-9e1c-00242c303aec}" => Key deleted successfully.
HKCR\CLSID\{05c7c479-413a-11e1-9e1c-00242c303aec} => Key not found.
"HKU\S-1-5-21-108446822-2314553757-1589008412-1021\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bfc753ca-413c-11e1-8f30-00242c303aec}" => Key deleted successfully.
HKCR\CLSID\{bfc753ca-413c-11e1-8f30-00242c303aec} => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\1SecureIconsProvider" => Key deleted successfully.
"HKCR\CLSID\{FC9D8189-520A-4417-AED7-9EAC810C6FBA}" => Key deleted successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-21-108446822-2314553757-1589008412-1021\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{9C65D12D-CF9D-454D-8049-61965D8C6FFF} => value deleted successfully.
"HKCR\CLSID\{9C65D12D-CF9D-454D-8049-61965D8C6FFF}" => Key deleted successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0" => Key deleted successfully.
C:\Program Files (x86)\IObit Apps Toolbar\FF not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\glmaefkhdccancpaddiobiniepmmnjfp" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mmchdbhejjopiefgiakgedljioijebam" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8B22E4B9-1169-4A98-8EA6-97EA0E1009BA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B22E4B9-1169-4A98-8EA6-97EA0E1009BA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft_Hardware_Launch_IPoint_exe" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9B747A60-041E-4D5A-8C8F-D8A40AB3387A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9B747A60-041E-4D5A-8C8F-D8A40AB3387A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Game_Booster_AutoUpdate" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9F9AE294-1C43-46FC-A14D-D927EC25BBDE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F9AE294-1C43-46FC-A14D-D927EC25BBDE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C3FB6FB5-1A4F-47A5-AD8D-7C3CA1F00710}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A840C0F9-BDDB-4A5E-8881-90673E2876E1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A840C0F9-BDDB-4A5E-8881-90673E2876E1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CreateChoiceProcessTask" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EA1A21A2-0084-431C-A5BC-218AA4A044BE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EA1A21A2-0084-431C-A5BC-218AA4A044BE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7CA83FA6-2FF8-4405-BE9B-B217E3770117}" => Key deleted successfully.
C:\ProgramData\TEMP => ":66E02052" ADS removed successfully.
C:\ProgramData\TEMP => ":ADF211B1" ADS removed successfully.
EmptyTemp: => Removed 327.1 MB temporary data.


The system needed a reboot.

==== End of Fixlog 21:44:56 ====


FRST:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-01-2015 01
Ran by Raul (administrator) on DELL-RAUL on 15-01-2015 21:53:57
Running from C:\Users\Raul\Desktop
Loaded Profiles: Raul (Available profiles: Raul)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Português (Portugal)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(O&O Software GmbH) C:\Program Files\OO Software\CleverCache\ooccag.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Western Digital ) C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
(Microsoft Corporation) C:\Windows\splwow64.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [673112 2014-12-09] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [37624 2014-10-16] (Panda Security, S.L.)
HKLM\...\Policies\Explorer: [NoCDBurning] 1
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
ShellIconOverlayIdentifiers: [OODIIcon] -> {14A94384-BBED-47ed-86C0-6BF63FD892D0} => C:\Program Files\OO Software\DiskImage\oodishi.dll (O&O Software GmbH)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-108446822-2314553757-1589008412-1021] => localhost:8080
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.lu
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.lu
HKU\S-1-5-21-108446822-2314553757-1589008412-1021\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://pt.msn.com/?ocid=iehp
HKU\S-1-5-21-108446822-2314553757-1589008412-1021\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.lu/?gws_rd=ssl
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\S-1-5-21-108446822-2314553757-1589008412-1021 -> {4F4A0F3F-E32A-441F-A542-FC24C1DFC775} URL = https://www.google.com/search?q={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll (Adblock)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: CutePDF Form Filler Helper -> {D41289F2-69C6-417B-897E-C653D677CBAF} -> C:\Program Files (x86)\Acro Software\CutePDF Pro\CPFillerCo.dll (Acro Software Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\..\Interfaces\{08F22C7B-0447-4A97-B071-68311CC22711}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{0B25CD3A-9266-47E3-91AE-FF80633573F7}: [NameServer] 8.8.8.8,8.8.8.8,194.154.192.101 194.154.192.102
Tcpip\..\Interfaces\{1B91D832-CAE7-4873-A8E9-B01294AC4D58}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{232D006B-9601-4DFB-B523-2174223390B5}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{5B970B3C-4FD6-4F14-A115-B7C4AA2D000C}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{6F173B0B-1A03-450B-9651-9080DA25736F}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{7B9EA4CB-56F8-429F-8E12-DC6890E877A8}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{7F5F364B-DA9C-478B-990B-D5C4D39F54A2}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{DB49D5CF-543C-467B-A3C4-890CB2B65460}: [NameServer] 8.8.8.8,8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\Raul\AppData\Roaming\Mozilla\Firefox\Profiles\d6o0rcnf.default
FF DefaultSearchEngine,S: Google
FF DefaultSearchUrl:
FF SearchEngineOrder.1: Google
FF SearchEngineOrder.1,S: Google
FF SelectedSearchEngine: Google
FF SelectedSearchEngine,S: Google
FF Homepage: https://www.google.pt/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.72.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.72.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.19 -> C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-108446822-2314553757-1589008412-1021: @acestream.net/acestreamplugin,version=3.0.5 -> C:\Users\Raul\AppData\Roaming\ACEStream\player\npace_plugin.dll (Innovative Digital Technologies)
FF Plugin HKU\S-1-5-21-108446822-2314553757-1589008412-1021: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll (Sony Network Entertainment International LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\priberam.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\sapo.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipedia-ptpt.xml
FF Extension: British English Dictionary - C:\Users\Raul\AppData\Roaming\Mozilla\Firefox\Profiles\d6o0rcnf.default\Extensions\en-GB@dictionaries.addons.mozilla.org [2012-02-13]
FF Extension: Dictionnaires français - C:\Users\Raul\AppData\Roaming\Mozilla\Firefox\Profiles\d6o0rcnf.default\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org [2014-09-20]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Raul\AppData\Roaming\Mozilla\Firefox\Profiles\d6o0rcnf.default\Extensions\iobitascsurfingprotection@iobit.com [2014-12-05]
FF Extension: AS Magic Player - C:\Users\Raul\AppData\Roaming\Mozilla\Firefox\Profiles\d6o0rcnf.default\Extensions\magicplayer@acestream.org [2015-01-10]
FF Extension: Empty Cache Button - C:\Users\Raul\AppData\Roaming\Mozilla\Firefox\Profiles\d6o0rcnf.default\Extensions\{4cc4a13b-94a6-7568-370d-5f9de54a9c7f} [2014-09-14]
FF Extension: ffdshow DXVA Video Decoder conf - C:\Users\Raul\AppData\Roaming\Mozilla\Firefox\Profiles\d6o0rcnf.default\Extensions\{54469BF3-0CED-CDB8-A6DA-F6DCA48357D4} [2015-01-09]
FF Extension: WOT - C:\Users\Raul\AppData\Roaming\Mozilla\Firefox\Profiles\d6o0rcnf.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-01-15]
FF Extension: Download Status Bar - C:\Users\Raul\AppData\Roaming\Mozilla\Firefox\Profiles\d6o0rcnf.default\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2015-01-05]
FF Extension: Adblock Plus - C:\Users\Raul\AppData\Roaming\Mozilla\Firefox\Profiles\d6o0rcnf.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-05-06]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-03-29]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-03-29]
FF HKLM-x32\...\Thunderbird\Extensions: [{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension [2012-04-12]
FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found]

Chrome:
=======
CHR Plugin: (Veetle TV Core) - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
CHR Plugin: (Veetle TV Player) - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
CHR Profile: C:\Users\Raul\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Wallet) - C:\Users\Raul\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-09-29] (Adobe Systems) [File not signed]
R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
S3 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_605908f5a8a8d72c\AESTSr64.exe [89600 2009-10-26] (Andrea Electronics Corporation)
S3 Blackberry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited) [File not signed]
S3 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [9464168 2010-11-26] (DisplayLink Corp.)
S3 GSService; C:\Windows\SysWOW64\GSService.exe [443080 2013-12-16] ()
S3 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [344896 2014-09-30] (IObit)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2631456 2014-11-26] (IObit)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [246112 2014-12-10] ()
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57966424 2010-09-17] (Microsoft Corporation)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142072 2014-10-13] (Panda Security, S.L.)
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [2693448 2014-11-26] ()
R2 O&O CleverCache; C:\Program Files\OO Software\CleverCache\ooccag.exe [844616 2009-12-09] (O&O Software GmbH)
S3 OO DiskImage; C:\Program Files\OO Software\DiskImage\oodiag.exe [7575848 2014-05-28] (O&O Software GmbH)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-30] (Electronic Arts)
S3 OS Selector; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2139400 2011-11-15] ()
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2014-10-16] (Panda Security, S.L.)
S3 QDLService2kDell; C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kDell.exe [330488 2010-04-26] (QUALCOMM, Inc.)
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [633856 2011-06-08] (Nokia) [File not signed]
S3 SMServer; C:\Windows\SysWOW64\snmvtsvc.exe [260608 2012-06-01] (SMServer) [File not signed]
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [430424 2010-09-17] (Microsoft Corporation)
S3 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_605908f5a8a8d72c\STacSV64.exe [240128 2009-10-26] (IDT, Inc.)
S3 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe [317328 2011-08-01] (WDC)
S3 WDFMEService; C:\Program Files\Western Digital\WD SmartWare\WDFME.exe [1978256 2011-08-01] (Western Digital )
R3 WDRulesService; C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe [1338256 2011-08-01] (Western Digital )
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-03-26] (Samsung Electronics Co., Ltd.)
S3 DisplayLinkUsbPort; C:\Windows\System32\DRIVERS\DisplayLinkUsbPort_5.5.29055.0.sys [17408 2010-11-26] (http://libusb-win32.sourceforge.net)
S3 dlcdbus; C:\Windows\System32\DRIVERS\dlcdbus.sys [116224 2010-11-26] (MCCI Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-09-02] (Disc Soft Ltd)
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [30752 2013-03-17] (EldoS Corporation)
S3 ew_usbenumfilter; C:\Windows\System32\DRIVERS\ew_usbenumfilter.sys [15744 2014-12-13] (MBB Technologies Co., Ltd.)
S4 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-01-01] (REALiX™)
S3 LAN9500; C:\Windows\System32\DRIVERS\lan9500-x64-n51f.sys [67584 2011-08-31] (SMSC)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [96800 2014-06-04] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [162336 2014-06-18] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [112160 2014-06-04] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [115232 2014-06-04] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\System32\DRIVERS\NNSNAHSL.sys [46336 2014-01-16] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [95776 2014-06-04] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [70176 2014-06-04] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [125984 2014-06-04] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [306720 2014-06-04] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [169504 2014-06-04] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [115744 2014-06-04] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [261152 2014-06-04] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [109088 2014-06-04] (Panda Security, S.L.)
R0 oodisr; C:\Windows\System32\DRIVERS\oodisr.sys [116928 2014-05-28] (O&O Software GmbH)
R0 oodisrh; C:\Windows\System32\DRIVERS\oodisrh.sys [41152 2014-05-28] (O&O Software GmbH)
R0 oodivd; C:\Windows\System32\DRIVERS\oodivd.sys [255680 2014-05-28] (O&O Software GmbH)
R0 oodivdh; C:\Windows\System32\DRIVERS\oodivdh.sys [44736 2014-05-28] (O&O Software GmbH)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [163088 2014-10-13] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121616 2014-10-13] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [195616 2014-07-24] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [122400 2014-07-24] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [132128 2014-07-24] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107792 2014-10-13] (Panda Security, S.L.)
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [78336 2013-01-03] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 ROCKEYNT; C:\Windows\System32\DRIVERS\Rockey4.sys [36904 2011-08-31] (Feitian Technologies Co., Ltd.)
S3 Rockey_USB; C:\Windows\System32\DRIVERS\Rockey4USB.sys [23592 2011-08-31] (Feitian Technologies Co., Ltd.)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2015-01-01] (Synaptics Incorporated)
R3 SndTAudio; C:\Windows\System32\drivers\SndTAudio.sys [34088 2012-06-05] (Windows ® Win 7 DDK provider)
S2 SSPORT; No ImagePath
S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [51712 2011-05-10] (Apple, Inc.) [File not signed]
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
S3 WsAudio_Device(1); C:\Windows\System32\drivers\VirtualAudio1.sys [31080 2013-01-25] (Wondershare)
S3 WsAudio_Device(2); C:\Windows\System32\drivers\VirtualAudio2.sys [31080 2013-01-25] (Wondershare)
S3 WsAudio_Device(3); C:\Windows\System32\drivers\VirtualAudio3.sys [31080 2013-01-25] (Wondershare)
S3 WsAudio_Device(4); C:\Windows\System32\drivers\VirtualAudio4.sys [31080 2013-01-25] (Wondershare)
S3 WsAudio_Device(5); C:\Windows\System32\drivers\VirtualAudio5.sys [31080 2013-01-25] (Wondershare)
U4 Messenger; No ImagePath
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
U0 Partizan; system32\drivers\Partizan.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-15 21:53 - 2015-01-15 21:54 - 00023297 _____ () C:\Users\Raul\Desktop\FRST.txt
2015-01-15 21:39 - 2015-01-15 21:39 - 00001403 _____ () C:\Users\Raul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-01-15 21:39 - 2015-01-15 21:39 - 00001397 _____ () C:\Users\Raul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-15 20:56 - 2015-01-15 20:56 - 02125312 _____ (Farbar) C:\Users\Raul\Desktop\FRST64.exe
2015-01-15 20:00 - 2015-01-15 20:00 - 00000000 ____D () C:\Windows\ERUNT
2015-01-15 19:17 - 2015-01-15 19:17 - 01707939 _____ (Thisisu) C:\Users\Raul\Desktop\JRT.exe
2015-01-15 19:16 - 2015-01-15 19:16 - 02191360 _____ () C:\Users\Raul\Desktop\AdwCleaner.exe
2015-01-14 21:37 - 2015-01-14 21:38 - 00289616 _____ () C:\Windows\Minidump\011415-43071-01.dmp
2015-01-14 20:05 - 2015-01-15 21:53 - 00000000 ____D () C:\FRST
2015-01-13 23:16 - 2015-01-13 23:16 - 00289488 _____ () C:\Windows\Minidump\011315-37331-01.dmp
2015-01-13 22:18 - 2015-01-15 21:46 - 00009614 _____ () C:\Windows\PFRO.log
2015-01-13 22:17 - 2015-01-13 22:17 - 00000000 ____H () C:\asc_rdflag
2015-01-13 21:10 - 2015-01-15 21:46 - 00000616 _____ () C:\Windows\setupact.log
2015-01-13 21:10 - 2015-01-13 21:10 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-13 20:27 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-13 20:27 - 2014-12-11 18:47 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-13 20:27 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-13 20:27 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-13 20:27 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 20:26 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-13 20:25 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-13 20:25 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-13 20:25 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-13 20:25 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-13 20:25 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-13 20:25 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-13 20:25 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-13 20:02 - 2015-01-13 20:02 - 00000000 ____D () C:\TDSSKiller_Quarantine
2015-01-13 19:27 - 2015-01-15 21:53 - 00539861 _____ () C:\Windows\WindowsUpdate.log
2015-01-13 01:24 - 2015-01-13 01:24 - 00288400 _____ () C:\Windows\Minidump\011315-36831-01.dmp
2015-01-13 00:46 - 2015-01-15 19:34 - 00000000 ____D () C:\AdwCleaner
2015-01-12 22:32 - 2015-01-13 20:20 - 00000000 ____D () C:\Program Files\OTM
2015-01-11 23:13 - 2015-01-11 23:47 - 00000000 ____D () C:\Users\Raul\AppData\Roaming\Panda Security
2015-01-11 23:12 - 2015-01-11 23:47 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2015-01-11 23:04 - 2015-01-11 23:47 - 00000000 ____D () C:\ProgramData\Panda Security
2015-01-11 22:43 - 2015-01-15 21:48 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-11 22:43 - 2015-01-11 22:43 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-11 22:43 - 2015-01-11 22:43 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-11 22:43 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-11 22:43 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-11 22:43 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-10 22:10 - 2015-01-13 22:08 - 00000000 ____D () C:\Users\Raul\AppData\Roaming\.ACEStream
2015-01-10 22:10 - 2015-01-11 23:44 - 00000000 ___HD () C:\_acestream_cache_
2015-01-10 22:08 - 2015-01-10 22:11 - 00000000 ____D () C:\Users\Raul\AppData\Roaming\ACEStream
2015-01-10 12:28 - 2015-01-12 23:40 - 00002860 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (SYSTEM)
2015-01-10 12:25 - 2015-01-10 12:25 - 00000761 _____ () C:\Windows\system32\Drivers\etc\hosts.txt
2015-01-09 20:48 - 2015-01-11 23:19 - 00000000 ____D () C:\Users\Raul\AppData\Local\Upmedia
2015-01-09 20:46 - 2015-01-09 20:47 - 00000000 ____D () C:\Windows\SysWOW64\C2MP
2015-01-05 23:21 - 2014-11-25 20:27 - 00606920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-01-05 23:20 - 2014-05-20 03:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2015-01-05 23:20 - 2014-05-20 03:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 31514312 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 24201416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 22992072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 17559432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 16128040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 15294280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 14497568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 13916088 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 13827712 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 12890312 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-01-05 23:16 - 2014-11-26 00:15 - 11271728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 11209192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 04245648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 03986632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 02824176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 01907400 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434121.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 01555656 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434121.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 00944328 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 00908432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 00903496 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-01-05 23:16 - 2014-11-26 00:15 - 00870032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-01-05 23:06 - 2015-01-05 23:06 - 00000000 ____D () C:\Program Files\Intel
2015-01-04 10:55 - 2015-01-10 17:54 - 00000063 _____ () C:\Windows\SysWOW64\Partizan.RRI
2015-01-04 10:49 - 2015-01-04 10:52 - 00000000 ____D () C:\ProgramData\RegRun
2015-01-04 10:47 - 2015-01-04 10:47 - 00001148 _____ () C:\Windows\SysWOW64\PARTIZAN.TXT
2015-01-03 23:32 - 2015-01-03 23:32 - 00040208 _____ (Greatis Software) C:\Windows\system32\Partizan.exe
2015-01-03 23:29 - 2015-01-03 23:29 - 00000002 RSHOT () C:\Windows\winstart.bat
2015-01-03 23:29 - 2015-01-03 23:29 - 00000002 RSHOT () C:\Windows\SysWOW64\CONFIG.NT
2015-01-03 23:29 - 2015-01-03 23:29 - 00000002 RSHOT () C:\Windows\SysWOW64\AUTOEXEC.NT
2015-01-01 20:28 - 2015-01-01 20:36 - 00000679 _____ () C:\Users\Raul\Desktop\Half-Life.lnk
2015-01-01 17:03 - 2015-01-01 17:05 - 00000000 ____D () C:\Program Files (x86)\BBSAK
2015-01-01 16:14 - 2015-01-01 16:14 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2015-01-01 16:14 - 2015-01-01 16:14 - 00034544 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2015-01-01 16:14 - 2015-01-01 16:14 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-01-01 16:10 - 2015-01-01 16:10 - 00026528 _____ (REALiX™) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2015-01-01 16:02 - 2015-01-01 16:03 - 00118795 _____ () C:\Users\Raul\Downloads\Late shift all year schedule '15.xlsx
2014-12-21 06:55 - 2014-12-21 06:55 - 00047096 _____ () C:\Windows\SysWOW64\DiscHandler.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-15 21:47 - 2014-03-01 21:18 - 00000000 ____D () C:\ProgramData\ProductData
2015-01-15 21:46 - 2013-08-04 13:36 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-15 21:46 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-15 21:45 - 2009-07-14 05:45 - 00025552 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-15 21:45 - 2009-07-14 05:45 - 00025552 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-15 21:36 - 2012-03-08 19:47 - 00000000 ____D () C:\Users\Raul\AppData\Roaming\Azureus
2015-01-15 21:31 - 2011-08-23 14:33 - 00000000 ____D () C:\Windows\Panther
2015-01-14 21:38 - 2011-12-07 22:39 - 00000000 ____D () C:\Users\Raul
2015-01-14 21:37 - 2011-08-23 22:11 - 00000000 ____D () C:\Windows\Minidump
2015-01-14 21:37 - 2009-07-14 05:45 - 00487120 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-14 21:34 - 2011-12-08 00:06 - 00120816 _____ () C:\Users\Raul\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-14 21:31 - 2011-09-01 19:40 - 00000000 ____D () C:\Program Files (x86)\Corel
2015-01-14 21:30 - 2011-12-18 22:37 - 00000000 ____D () C:\Users\Raul\AppData\Roaming\Corel
2015-01-14 00:06 - 2011-09-02 21:34 - 01819164 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-14 00:06 - 2009-07-14 18:58 - 00790818 _____ () C:\Windows\system32\prfh0816.dat
2015-01-14 00:06 - 2009-07-14 18:58 - 00179800 _____ () C:\Windows\system32\prfc0816.dat
2015-01-14 00:06 - 2009-07-14 06:13 - 01819164 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-13 23:13 - 2013-07-20 02:01 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-13 23:13 - 2011-08-23 15:40 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-13 22:18 - 2014-05-28 10:25 - 02916352 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2015-01-13 22:18 - 2014-05-28 10:25 - 00065536 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2015-01-13 22:18 - 2014-05-28 10:25 - 00032768 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2015-01-13 22:18 - 2014-05-28 10:24 - 105189376 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2015-01-13 20:21 - 2011-12-07 22:39 - 00000000 ___RD () C:\Users\Raul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-13 20:16 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-12 23:50 - 2014-09-01 21:00 - 00002852 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (Raul)
2015-01-12 22:23 - 2014-06-15 18:57 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-12 22:21 - 2014-03-01 21:18 - 00000000 ____D () C:\ProgramData\IObit
2015-01-12 00:02 - 2014-07-04 23:21 - 00000000 ____D () C:\Users\Default\AppData\Roaming\IObit
2015-01-12 00:02 - 2014-07-04 23:21 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\IObit
2015-01-11 23:00 - 2012-05-08 20:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-11 23:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\security
2015-01-11 22:59 - 2011-08-31 14:24 - 00000000 ____D () C:\Windows\system32\Drivers\tr-TR
2015-01-11 22:59 - 2011-08-31 14:24 - 00000000 ____D () C:\Windows\system32\Drivers\th-TH
2015-01-11 22:59 - 2011-08-31 14:24 - 00000000 ____D () C:\Windows\system32\Drivers\ro-RO
2015-01-11 22:59 - 2011-08-31 14:24 - 00000000 ____D () C:\Windows\system32\Drivers\he-IL
2015-01-11 22:59 - 2011-08-31 14:24 - 00000000 ____D () C:\Windows\system32\Drivers\ar-SA
2015-01-11 22:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2015-01-11 22:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\th-TH
2015-01-11 22:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\ro-RO
2015-01-11 22:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\he-IL
2015-01-11 22:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\ar-SA
2015-01-11 19:05 - 2014-03-29 12:47 - 00000000 ____D () C:\ProgramData\Origin
2015-01-11 12:45 - 2014-03-29 10:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-11 11:42 - 2014-03-29 12:47 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-01-10 21:14 - 2013-04-12 22:52 - 00000000 ____D () C:\Users\Raul\AppData\Roaming\vlc
2015-01-09 22:11 - 2012-04-12 18:22 - 00005632 _____ () C:\Users\Raul\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-09 20:54 - 2012-05-08 22:41 - 00000000 ____D () C:\Users\Raul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD & MP3
2015-01-09 20:49 - 2013-04-29 20:23 - 00000000 ____D () C:\Temp
2015-01-06 04:36 - 2011-08-23 15:09 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-05 23:21 - 2013-08-04 13:36 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-01-05 00:19 - 2011-12-08 00:10 - 00000000 ____D () C:\Users\Raul\AppData\Roaming\DAEMON Tools Lite
2015-01-02 21:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-01-01 20:33 - 2011-12-08 01:18 - 00000000 ____D () C:\Users\Raul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-01-01 20:16 - 2012-04-12 18:05 - 00000000 ____D () C:\Users\Raul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Phones
2015-01-01 17:54 - 2014-10-23 17:55 - 00000539 _____ () C:\Users\Raul\AppData\Roaming\Rim.DesktopHelper.Exception.log
2015-01-01 17:54 - 2014-10-23 17:55 - 00000539 _____ () C:\Users\Raul\AppData\Roaming\Rim.Desktop.Exception.log
2014-12-30 23:30 - 2014-08-21 18:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Calibre - E-book Management
2014-12-30 23:30 - 2014-08-21 18:16 - 00000000 ____D () C:\Program Files (x86)\Calibre2
2014-12-29 18:58 - 2014-08-17 16:38 - 56188928 _____ () C:\Windows\system32\config\components.iodefrag.bak

Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\dlumd10.dll
C:\Windows\SysWOW64\dlumd11.dll
C:\Windows\SysWOW64\dlumd9.dll
C:\Windows\System32\dlumd10.dll
C:\Windows\System32\dlumd11.dll
C:\Windows\System32\dlumd9.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-04 14:23

==================== End Of Log ============================


Running the ESET as we speak. I left my Panda Antivirus on along with the firewall.


Edited by Zapan, 15 January 2015 - 04:06 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users