Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Persistent rootkit, MBR possibly infected


  • This topic is locked This topic is locked
26 replies to this topic

#1 CarrotCakes

CarrotCakes

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:55 PM

Posted 21 March 2015 - 01:18 AM

This is my former thread:

http://www.bleepingcomputer.com/forums/t/570218/possible-rootkitadware-but-nothing-detects-it/

 

RogueKiller will not remove the infection permanently; the infection has tried to prevent it from running. Subsequent RogueKiller scans also do not detect as much as the first one did. It is also messing with my Avira and Sandboxie. It cuts off my internet even though I'm still connected. CPU usage is higher than normal, fluctuating around 30-40. It keeps creating a "My Computer" icon on my desktop, too.

Here are the FARBAR scans: 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by HP_Administrator (administrator) on ABC on 20-03-2015 22:31:29
Running from C:\Documents and Settings\HP_Administrator\Desktop
Loaded Profiles: HP_Administrator (Available profiles: HP_Administrator & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(QFX Software Corporation) C:\Program Files\KeyScrambler\KeyScrambler.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard) C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehRecvr.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehSched.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehmsas.exe
(Hewlett-Packard Company) C:\hp\KBD\kbd.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\SOUNDMAN.EXE
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [ehTray] => C:\WINDOWS\ehome\ehtray.exe [59392 2004-08-10] (Microsoft Corporation)
HKLM\...\Run: [High Definition Audio Property Page Shortcut] => C:\WINDOWS\system32\HDAShCut.exe [61952 2005-01-08] (Windows ® Server 2003 DDK provider)
HKLM\...\Run: [HPHUPD08] => c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe [49152 2005-06-01] (Hewlett-Packard)
HKLM\...\Run: [PCDrProfiler] => [X]
HKLM\...\Run: [HPBootOp] => C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe [245760 2005-02-25] (Hewlett-Packard Company)
HKLM\...\Run: [IcoSet] => c:\hp\bin\cloaker.exe [27136 1999-11-07] (Hewlett-Packard Co.)
HKLM\...\Run: [LSBWatcher] => c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe [253952 2005-05-10] (Hewlett-Packard Company)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Common Files\Real\Update_OB\realsched.exe [180269 2005-09-06] (RealNetworks, Inc.)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [704512 2015-03-19] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [IMJPMIG8.1] => C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [208952 2008-04-13] (Microsoft Corporation)
HKLM\...\Run: [IMEKRMIG6.1] => C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE [44032 2004-08-10] (Microsoft Corporation)
HKLM\...\Run: [MSPY2002] => C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [59392 2008-04-13] ()
HKLM\...\Run: [PHIME2002ASync] => C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2008-04-13] (Microsoft Corporation)
HKLM\...\Run: [PHIME2002A] => C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2008-04-13] (Microsoft Corporation)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [126712 2015-01-19] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [KeyScrambler] => C:\Program Files\KeyScrambler\keyscrambler.exe [509216 2015-02-16] (QFX Software Corporation)
HKU\S-1-5-21-403728013-4087379911-1177270023-1008\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5503768 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-403728013-4087379911-1177270023-1008\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [632840 2015-02-17] (Sandboxie Holdings, LLC)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk
ShortcutTarget: Updates from HP.lnk -> C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe (Hewlett-Packard)
BootExecute: autocheck autochk * sdnclean.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
HKU\S-1-5-21-403728013-4087379911-1177270023-1008\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-403728013-4087379911-1177270023-1008\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-08-27] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-08-27] (Oracle Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2001-06-20] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 75.153.176.1
 
FireFox:
========
FF ProfilePath: C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\1Iy6oeQV.default
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-08-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-08-27] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.11.2061 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2005-09-06] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.2.2122 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll [2005-09-06] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1059 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll [2005-09-06] (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\1Iy6oeQV.default\Extensions\abs@avira.com [2014-08-26]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-12-25]
 
Chrome: 
=======
CHR StartupUrls: Default -> "about:blank"
CHR Profile: C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-08-26]
CHR Extension: (Google Docs) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-26]
CHR Extension: (Google Drive) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-26]
CHR Extension: (WOT) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-08-26]
CHR Extension: (YouTube) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-26]
CHR Extension: (Google Search) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-26]
CHR Extension: (Google Sheets) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-08-26]
CHR Extension: (AdBlock) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-09-28]
CHR Extension: (Chrome Hotword Shared Module) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-08]
CHR Extension: (Google Wallet) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-26]
CHR Extension: (ScriptSafe) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf [2014-09-28]
CHR Extension: (Gmail) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-26]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [432888 2015-03-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-19] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S3 iPodService; C:\Program Files\iPod\bin\iPodService.exe [327680 2005-05-05] (Apple Computer, Inc.) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-08-27] (Oracle Corporation)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [53248 2005-06-21] (Hewlett-Packard Company) [File not signed]
S3 MHN; C:\WINDOWS\System32\mhn.dll [85504 2004-08-10] (Microsoft Corporation) [File not signed]
S0 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [69632 2004-09-29] (HP) [File not signed]
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [135176 2015-02-17] (Sandboxie Holdings, LLC)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [105864 2015-03-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [136216 2015-03-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\System32\DRIVERS\avkmgr.sys [37352 2014-08-15] (Avira Operations GmbH & Co. KG)
R0 bb-run; C:\WINDOWS\System32\DRIVERS\bb-run.sys [17408 2003-11-05] (Promise Technology, Inc.)
R1 FsVga; C:\WINDOWS\System32\DRIVERS\fsvga.sys [12160 2004-08-10] (Microsoft Corporation)
R0 ftsata2; C:\WINDOWS\System32\DRIVERS\ftsata2.sys [175616 2005-04-14] (Promise Technology, Inc.)
S3 HdAudAddService; C:\WINDOWS\System32\drivers\HdAudio.sys [145920 2005-01-08] (Windows ® Server 2003 DDK provider)
R3 KeyScrambler; C:\WINDOWS\System32\drivers\keyscrambler.sys [210512 2015-02-06] (QFX Software Corporation)
S3 ltmodem5; C:\WINDOWS\System32\DRIVERS\ltmdmnt.sys [606684 2004-08-04] (LT)
S3 MHNDRV; C:\WINDOWS\System32\DRIVERS\mhndrv.sys [11008 2004-08-10] (Microsoft Corporation) [File not signed]
R0 PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [20640 2005-04-25] (Sonic Solutions) [File not signed]
R3 RTL8023xp; C:\WINDOWS\System32\DRIVERS\Rtlnicxp.sys [74496 2005-03-04] (Realtek Semiconductor Corporation                           )
S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2004-08-04] (Realtek Semiconductor Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [161288 2015-02-17] (Sandboxie Holdings, LLC)
R1 ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [28520 2014-08-15] (Avira GmbH)
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]
S3 VClone; system32\DRIVERS\VClone.sys [X]
U1 WS2IFSL; No ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation)
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-20 22:31 - 2015-03-20 22:32 - 00015914 _____ () C:\Documents and Settings\HP_Administrator\Desktop\FRST.txt
2015-03-20 22:25 - 2015-03-20 22:25 - 00003957 _____ () C:\Documents and Settings\HP_Administrator\Desktop\RKreport_DEL_03202015_222401.log
2015-03-20 20:50 - 2015-03-20 22:31 - 00003738 _____ () C:\WINDOWS\setupapi.log
2015-03-19 23:40 - 2015-03-19 23:40 - 00001866 _____ () C:\WINDOWS\COM+.log
2015-03-19 23:36 - 2015-03-19 23:36 - 00005873 _____ () C:\Documents and Settings\HP_Administrator\Desktop\RKreport_SCN_03192015_233221.log
2015-03-19 23:21 - 2015-03-20 22:12 - 00035064 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-03-19 23:21 - 2015-03-19 23:36 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\RogueKiller
2015-03-19 21:51 - 2015-03-19 21:51 - 00402944 _____ (Farbar) C:\Documents and Settings\HP_Administrator\Desktop\MiniToolBox.exe
2015-03-19 21:50 - 2015-03-19 21:50 - 00852607 _____ () C:\Documents and Settings\HP_Administrator\Desktop\SecurityCheck.exe
2015-03-19 21:50 - 2015-03-19 21:50 - 00415232 _____ (Farbar) C:\Documents and Settings\HP_Administrator\Desktop\FSS.exe
2015-03-19 21:48 - 2015-03-19 21:49 - 15648856 _____ () C:\Documents and Settings\HP_Administrator\Desktop\winlogon.exe
2015-03-18 17:41 - 2015-03-19 22:57 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2015-03-18 17:17 - 2015-03-18 17:17 - 16502728 _____ (Malwarebytes Corp.) C:\Documents and Settings\HP_Administrator\Desktop\mbar-1.09.1.1004.exe
2015-03-18 17:17 - 2015-03-18 17:17 - 05198336 _____ (AVAST Software) C:\Documents and Settings\HP_Administrator\Desktop\aswMBR.exe
2015-03-18 17:03 - 2015-03-19 21:20 - 00002190 _____ () C:\WINDOWS\Sandboxie.ini
2015-03-18 17:03 - 2015-03-18 17:02 - 00000777 _____ () C:\Documents and Settings\HP_Administrator\Desktop\Sandboxed Web Browser.lnk
2015-03-18 17:02 - 2015-03-18 17:02 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Sandboxie
2015-03-13 22:15 - 2015-03-13 22:16 - 02171392 _____ () C:\Documents and Settings\HP_Administrator\Desktop\adwcleaner_4.112.exe
2015-03-08 22:21 - 2015-03-18 17:02 - 00000000 ____D () C:\Program Files\Sandboxie
2015-03-08 16:28 - 2015-03-08 16:28 - 01943800 _____ (Bleeping Computer, LLC) C:\Documents and Settings\HP_Administrator\Desktop\rkill.exe
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-20 22:31 - 2014-10-12 01:53 - 00000000 ____D () C:\FRST
2015-03-20 22:31 - 2014-08-26 04:15 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Local Settings\Temp
2015-03-20 22:30 - 2005-06-10 10:28 - 00000000 ____D () C:\WINDOWS\Registration
2015-03-20 22:29 - 2005-06-06 23:57 - 01458021 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-20 22:28 - 2014-08-27 01:44 - 00000244 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2015-03-20 22:28 - 2014-08-26 14:24 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-20 22:28 - 2005-06-06 23:57 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-20 22:27 - 2014-08-26 15:47 - 00240270 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2015-03-20 22:27 - 2014-08-26 04:15 - 00000278 ___SH () C:\Documents and Settings\HP_Administrator\ntuser.ini
2015-03-20 22:27 - 2014-08-26 04:15 - 00000000 ____D () C:\Documents and Settings\HP_Administrator
2015-03-20 22:27 - 2014-08-26 04:08 - 00000248 _____ () C:\WINDOWS\system\hpsysdrv.dat
2015-03-20 22:27 - 2005-06-06 23:57 - 00032388 _____ () C:\WINDOWS\SchedLgU.Txt
2015-03-20 22:25 - 2014-08-26 14:24 - 00000886 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-20 22:24 - 2014-08-26 14:26 - 00001824 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2015-03-20 21:51 - 2014-08-26 20:52 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-03-19 23:38 - 2014-08-26 15:47 - 01336766 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-403728013-4087379911-1177270023-1008-0.dat
2015-03-19 22:28 - 2014-08-26 20:52 - 00120024 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-03-19 21:16 - 2005-06-06 23:53 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl
2015-03-18 16:43 - 2014-08-26 16:18 - 00000000 ____D () C:\WINDOWS\system32\NtmsData
2015-03-16 23:59 - 2015-01-09 03:49 - 01388672 _____ (Thisisu) C:\Documents and Settings\HP_Administrator\Desktop\JRT.exe
2015-03-15 04:40 - 2014-10-10 21:29 - 00000000 ____D () C:\AdwCleaner
2015-03-13 22:52 - 2015-01-10 17:43 - 01135104 _____ (Farbar) C:\Documents and Settings\HP_Administrator\Desktop\FRST.exe
2015-03-13 17:22 - 2014-11-23 23:12 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\My Documents\School
2015-03-11 16:53 - 2014-08-26 15:54 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-03-11 16:53 - 2014-08-26 15:54 - 00105864 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-03-10 18:21 - 2014-08-27 01:01 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-03-10 18:16 - 2014-08-27 01:01 - 119837696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-03-08 15:37 - 2005-06-06 23:55 - 00578606 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-01 23:17 - 2014-08-28 17:03 - 00000000 ____D () C:\Program Files\KeyScrambler
2015-03-01 23:17 - 2014-08-28 17:03 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\KeyScrambler
2015-02-26 23:25 - 2014-08-26 20:53 - 00000693 _____ () C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
2015-02-26 23:25 - 2014-08-26 20:53 - 00000000 ____D () C:\Program Files\CCleaner
 
==================== Files in the root of some directories =======
 
2014-08-26 04:15 - 2005-09-06 08:30 - 0000136 _____ () C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\fusioncache.dat
 
Some content of TEMP:
====================
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\avgnt.exe
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\dllnt_dump.dll
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\IadHide5.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015
Ran by HP_Administrator at 2015-03-20 22:32:38
Running from C:\Documents and Settings\HP_Administrator\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avira Desktop (Enabled - Up to date) {AD166499-45F9-482A-A743-FDD3350758C7}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Agere Systems PCI Soft Modem (HKLM\...\Agere Systems Soft Modem) (Version:  - )
AiO_Scan (Version: 50.0.206.000 - Hewlett-Packard) Hidden
AiOSoftware (Version: 50.0.206.000 - Hewlett-Packard) Hidden
ATLAS Translation Standard V14.0 Trial Version (HKLM\...\{6652750B-AA69-49B7-9D09-C0A28B6FFC9F}) (Version: 14.00.2000 - FUJITSU LIMITED)
Avira (HKLM\...\{bd538030-07d4-4999-a525-7fafa2483f56}) (Version: 1.1.30.21727 - Avira Operations & Co. KG)
Avira (Version: 1.1.30.21727 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 15.0.8.656 - Avira)
Barnyard Invasion from HP Media Center (remove only) (HKLM\...\049D60AF-B425-4F8A-BD66-9D8C1B519D59) (Version:  - WildTangent)
Bejeweled 2 Deluxe from HP Media Center (remove only) (HKLM\...\47D5A62B-1B41-4DB1-8267-ADA434FA782B) (Version:  - WildTangent)
Big Kahuna Reef from HP Media Center (remove only) (HKLM\...\D77E8A46-BEB4-49ED-B2D3-B77180169FA3) (Version:  - WildTangent)
Blackhawk Striker 2 from HP Media Center (remove only) (HKLM\...\758619C0-7C97-42BB-B1E9-775F72FDAD1E) (Version:  - WildTangent)
Blasterball 2 from HP Media Center (remove only) (HKLM\...\D2DACBCD-E1FE-4C32-A49B-1EB0743D1E79) (Version:  - WildTangent)
Blasterball 2 Holidays from HP Media Center (remove only) (HKLM\...\1B497FAA-E53E-420D-8408-FFDD3278CD50) (Version:  - WildTangent)
Boggle Supreme from HP Media Center (remove only) (HKLM\...\90EA5584-4290-407B-B8F2-D6E6D65A4796) (Version:  - WildTangent)
Bookworm Deluxe from HP Media Center (remove only) (HKLM\...\E59F75D0-A38B-40F4-ABA2-CA35A7735473) (Version:  - WildTangent)
Bounce Symphony from HP Media Center (remove only) (HKLM\...\5DAA9E44-1B31-41CD-88A8-228EDED6E36E) (Version:  - WildTangent)
BufferChm (Version: 53.0.13.000 - Hewlett-Packard) Hidden
CameraDrivers (Version: 5.0.0.290 - Hewlett-Packard) Hidden
CameraDrivers (Version: 5.0.0.328 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
CP_AtenaShokunin1Config (Version: 53.0.13.000 - Hewlett-Packard) Hidden
CP_CalendarTemplates1 (Version: 53.0.13.000 - Hewlett-Packard) Hidden
CP_Package_Basic1 (Version: 53.0.13.000 - Hewlett-Packard) Hidden
CP_Package_Variety1 (Version: 53.0.13.000 - Hewlett-Packard) Hidden
CP_Package_Variety2 (Version: 53.0.13.000 - Hewlett-Packard) Hidden
CP_Package_Variety3 (Version: 53.0.13.000 - Hewlett-Packard) Hidden
CP_Panorama1Config (Version: 53.0.13.000 - Hewlett-Packard) Hidden
Crystal Maze from HP Media Center (remove only) (HKLM\...\3D61540E-C88C-4358-B6A1-DC26648F2A3D) (Version:  - WildTangent)
CueTour (Version: 53.0.13.000 - Hewlett-Packard) Hidden
Destinations (Version: 53.0.13.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Digby's Donuts from HP Media Center (remove only) (HKLM\...\A51671BD-9BE5-4944-AC62-A2A0B6FF5E54) (Version:  - WildTangent)
DocProc (Version: 5.2.0.0 - Hewlett-Packard) Hidden
DocumentViewer (Version: 53.0.13.000 - Hewlett-Packard) Hidden
DocumentViewerQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Easy Internet Sign-up (HKLM\...\InstallShield_{8105684D-8CA6-440D-8F58-7E5FD67A499D}) (Version: FE UI-4.0.0.1573 - Hewlett-Packard)
Easy Internet Sign-up (Version: FE UI-4.0.0.1573 - Hewlett-Packard) Hidden
FATE Demo from HP Media Center (remove only) (HKLM\...\B68BB501-10CD-46E2-BB45-075A2ABFD242) (Version:  - WildTangent)
Fax (Version: 50.0.206.000 - Hewlett-Packard) Hidden
Flip Words from HP Media Center (remove only) (HKLM\...\1280194E-E9D5-4253-95E7-40169E2A4848) (Version:  - WildTangent)
GemMaster Mystic (HKLM\...\12133444-BF36-4d4e-B7FB-A3424C645DE4) (Version:  - )
Google Chrome (HKLM\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
High Definition Audio Driver Package - KB888111 (HKLM\...\KB888111WXPSP2) (Version: 20040219.000000 - Microsoft Corporation)
HP Boot Optimizer (HKLM\...\{3BA95526-6AE0-4B87-A62D-17187EF565FC}) (Version: 1.0.2 - Hewlett-Packard)
HP Deskjet Printer Preload (HKLM\...\{2C5D07FB-31A2-4F2D-9FDA-0B24ACD42BD0}) (Version: 10.1.0 - Hewlett-Packard Company)
HP DigitalMedia Archive (HKLM\...\{F80239D8-7811-4D5E-B033-0D0BBFE32920}) (Version: 1.2 - Hewlett-Packard)
HP Document Viewer 5.3 (HKLM\...\HP Document Viewer) (Version: 5.3 - HP)
HP Game Console and games (HKLM\...\HP Game Console) (Version:  - WildTangent)
HP Image Zone 5.3 (HKLM\...\HP Photo & Imaging) (Version: 5.3 - HP)
HP Image Zone for Media Center PC (HKLM\...\{8D0C57BC-4942-4960-BB6D-142456D6F233}) (Version: 1.02.001 - Hewlett-Packard Company)
HP Imaging Device Functions 5.3 (HKLM\...\HP Imaging Device Functions) (Version: 5.3 - HP)
HP Multimedia Keyboard Software (HKLM\...\KBD) (Version:  - )
HP Photosmart 330,380,420,470,7800,8000,8200 Series (HKLM\...\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}) (Version: 8.1 - HP)
HP Photosmart Cameras 5.0 (HKLM\...\{C83A12B9-B31B-461A-BBD4-CE9B988094F1}) (Version: 5.0 - HP)
HP PSC & OfficeJet 5.3.B (HKLM\...\{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}) (Version:  - HP)
HP Solution Center & Imaging Support Tools 5.3 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 5.3 - HP)
HP Tunes (HKLM\...\{3076D235-59F2-448E-889F-D04F985B4CF1}) (Version: 2.1.0.2 - Hewlett-Packard Company)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPProductAssistant (Version: 53.0.13.000 - Hewlett-Packard) Hidden
HpSdpAppCoreApp (Version: 3.00.0000 - Hewlett-Packard) Hidden
Insaniquarium Deluxe from HP Media Center (remove only) (HKLM\...\A09026AE-8F16-4929-B4E6-1825535844DB) (Version:  - WildTangent)
InstantShareDevices (Version: 53.0.13.000 - Hewlett-Packard) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: 6.14.10.4332 - )
IntelliMover Data Transfer Demo (HKLM\...\{14589F05-C658-4594-9429-D437BA688686}) (Version:  - )
InterVideo WinDVD Player (HKLM\...\{3912A629-0020-0005-3757-2FBA74D4DF0A}) (Version:  - )
InterVideo WinDVD Player (HKLM\...\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}) (Version: 5.0-B11.789 - InterVideo Inc.)
iTunes (HKLM\...\InstallShield_{523E6F2A-2D59-4D91-90E8-6C49931C9F50}) (Version: 4.8.0.31 - Apple Computer, Inc.)
iTunes (Version: 4.8.0.31 - Apple Computer, Inc.) Hidden
Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Jewel Quest from HP Media Center (remove only) (HKLM\...\A73FAC36-8925-465D-8FA2-4DA98BD9B441) (Version:  - WildTangent)
KeyScrambler (HKLM\...\KeyScrambler) (Version: 3.6.0.0 - QFX Software Corporation)
LightScribe  1.4.31.1 (Version: 1.4.31.1 - Integrator) Hidden
Mah Jong Quest from HP Media Center (remove only) (HKLM\...\538B9061-0C77-4FB2-903F-EC42A1FF5DD8) (Version:  - WildTangent)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB979904) (HKLM\...\KB979904) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2742607) (HKLM\...\KB2742607) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2904878) (HKLM\...\KB2904878) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Money 2005 (HKLM\...\Money2005b) (Version: 14 - Microsoft)
Microsoft Office Standard Edition 2003 (HKLM\...\{91120409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Plus! Dancer LE (HKLM\...\{1A103D70-5C9B-4E1A-B306-5106C68F9914}) (Version: 1.1.0.3522 - Microsoft Corporation)
Microsoft Plus! Digital Media Edition Installer (HKLM\...\{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}) (Version: 1.1.0.3500 - Microsoft Corporation)
Microsoft Plus! Photo Story 2 LE (HKLM\...\{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}) (Version: 1.1.0.3463 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}) (Version: 08.04.0623 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee autoProducer 4.0 (HKLM\...\{2C3D719A-92C7-4323-89CC-C937D0267B84}) (Version: 4.00.050 - muvee Technologies)
muvee autoProducer unPlugged 1.1 - HPD (HKLM\...\{B1931B3A-29E9-4F91-9B61-BE2CF05E84F1}) (Version: 1.1.000 - muvee Technologies)
NewCopy (Version: 50.0.206.000 - Hewlett-Packard) Hidden
Office 2003 Tour (HKLM\...\{BE9FEFBA-F2F8-468B-A108-4356F73A3E9C}) (Version: 1.0.0 - Microsoft)
Otto (HKLM\...\B3EE3001-DC24-4cd1-8743-5692C716659F) (Version:  - )
PanoStandAlone (Version: 53.0.13.000 - Hewlett-Packard) Hidden
PC-Doctor 5 for Windows (HKLM\...\InstallShield_{AB61A692-5543-4C48-979B-8CEA1C52FE9C}) (Version: 5.00.2832.01 - PC-Doctor)
PC-Doctor 5 for Windows (Version: 5.00.2832.01 - PC-Doctor) Hidden
PhotoGallery (Version: 53.0.13.000 - Hewlett-Packard) Hidden
Polar Bowler from HP Media Center (remove only) (HKLM\...\1FFA88DF-0AC3-4D9E-9139-5FF98813C12C) (Version:  - WildTangent)
Polar Golfer from HP Media Center (remove only) (HKLM\...\55275778-F7D9-4BA0-95F4-DEFD71ADDFD9) (Version:  - WildTangent)
PS2 (HKLM\...\PS2) (Version:  - )
PSPrinters08 (Version: 8.01.0000 - HP) Hidden
PSTAPlugin (Version: 8.01.0000 - Hewlett-Packard) Hidden
Puzzle Express from HP Media Center (remove only) (HKLM\...\0814ADC6-5B36-4144-A8EA-439C36B1BB11) (Version:  - WildTangent)
Python 2.2 pywin32 extensions (build 203) (HKLM\...\pywin32-py2.2) (Version:  - )
Python 2.2.3 (HKLM\...\Python 2.2.3) (Version: 2.2.3 - PythonLabs at Zope Corporation)
Quicken 2005 (HKLM\...\InstallShield_{2DBE41DD-2129-4C65-A3D3-5647236A60F3}) (Version: 14.00.0000 - Intuit)
Quicken 2005 (Version: 14.00.0000 - Intuit) Hidden
QuickTime (HKLM\...\QuickTime) (Version:  - )
RandMap (Version: 53.0.13.000 - Hewlett-Packard) Hidden
Readme (Version: 50.0.206.000 - Hewlett-Packard) Hidden
RealPlayer (HKLM\...\RealPlayer 6.0) (Version:  - )
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Ricochet Lost Worlds from HP Media Center (remove only) (HKLM\...\0AA27562-3C4E-4860-8742-7ADEBE2EFC43) (Version:  - WildTangent)
Sandboxie 4.16 (32-bit) (HKLM\...\Sandboxie) (Version: 4.16 - Sandboxie Holdings, LLC)
Scan (Version: 5.2.0.0 - Hewlett-Packard) Hidden
ScannerCopy (Version: 5.2.0.0 - Hewlett-Packard) Hidden
SCRABBLE Blast from HP Media Center (remove only) (HKLM\...\2BA80327-9385-4EC8-9796-47C49BD73352) (Version:  - WildTangent)
SCRABBLE from HP Media Center (remove only) (HKLM\...\B7217206-A362-446B-A0F7-A2622B82F821) (Version:  - WildTangent)
SCRABBLE Rack Attack from HP Media Center (remove only) (HKLM\...\EC03679F-C9F0-46E8-864D-FCCF83F4EB86) (Version:  - WildTangent)
Shrek 2 Ogre Bowler from HP Media Center (remove only) (HKLM\...\581538B9-2ED3-45E2-96CB-22AD8F811D2A) (Version:  - WildTangent)
SkinsHP1 (Version: 53.0.13.000 - Hewlett-Packard) Hidden
Slingo Deluxe from HP Media Center (remove only) (HKLM\...\E0998E52-9D08-4AEE-A4F5-0BB1D8537F6E) (Version:  - WildTangent)
Slyder from HP Media Center (remove only) (HKLM\...\600C800C-5985-4E74-AFE7-571001AC3FA4) (Version:  - WildTangent)
SolutionCenter (Version: 50.0.152.000 - Hewlett-Packard) Hidden
Sonic Encoders (HKLM\...\{9941F0AA-B903-4AF4-A055-83A9815CC011}) (Version: 1.00 - Sonic Solutions)
Sonic Express Labeler (HKLM\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 2.1.0 - Sonic Solutions)
Sonic MyDVD Plus (HKLM\...\{21657574-BD54-48A2-9450-EB03B2C7FC29}) (Version: 6.1.3 - Sonic Solutions)
Sonic RecordNow Audio (HKLM\...\{AB708C9B-97C8-4AC9-899B-DBF226AC9382}) (Version: 2.0.2 - Sonic Solutions)
Sonic RecordNow Copy (HKLM\...\{B12665F4-4E93-4AB4-B7FC-37053B524629}) (Version: 2.0.2 - Sonic Solutions)
Sonic RecordNow Data (HKLM\...\{075473F5-846A-448B-BCB3-104AA1760205}) (Version: 2.0.2 - Sonic Solutions)
Sonic Update Manager (HKLM\...\{30465B6C-B53F-49A1-9EBA-A3F187AD502E}) (Version: 3.0.0 - Sonic Solutions)
Sonic_PrimoSDK (Version: 53.0.13.000 - Hewlett-Packard) Hidden
Status (Version: 53.0.13.000 - Hewlett-Packard) Hidden
Super Granny from HP Media Center (remove only) (HKLM\...\0C20CAB1-F8BC-4AC1-A796-535B005C1B83) (Version:  - WildTangent)
Swarm from HP Media Center (remove only) (HKLM\...\133F647D-B454-42BC-ADBE-387482A29B88) (Version:  - WildTangent)
Tradewinds from HP Media Center (remove only) (HKLM\...\B3FF79F4-CDA8-4845-A7C0-9CE017719F36) (Version:  - WildTangent)
TrayApp (Version: 53.0.13.000 - Hewlett-Packard) Hidden
Unload (Version: 5.0.0 - Hewlett-Packard) Hidden
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update Rollup 1 for Windows XP Media Center Edition 2005 with HDTV Support (KB873369) (HKLM\...\MC05Upd1) (Version:  - Microsoft Corporation)
Updates from HP (remove only) (HKLM\...\HPOOVClient-9972322 Uninstaller) (Version:  - )
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebReg (Version: 53.0.13.000 - Hewlett-Packard) Hidden
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format Runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Player 10 Hotfix [See KB889858 for more information] (HKLM\...\KB889858) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB888316 (HKLM\...\KB888316) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB890629 (HKLM\...\KB890629) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB895678 (HKLM\...\KB895678) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB973768 (HKLM\...\KB973768) (Version:  - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
16-12-2014 01:12:14 System Checkpoint
17-12-2014 01:27:57 System Checkpoint
19-12-2014 02:19:53 System Checkpoint
22-12-2014 00:43:29 System Checkpoint
23-12-2014 20:16:27 System Checkpoint
25-12-2014 21:21:54 Installed Windows KB954550-v5.
25-12-2014 21:22:11 Printer Driver Microsoft XPS Document Writer Installed
25-12-2014 21:22:24 Printer Driver Microsoft XPS Document Writer Installed
25-12-2014 21:32:55 Installed Eraser 6.0.10.2620
27-12-2014 13:18:19 System Checkpoint
27-12-2014 13:36:09 Software Distribution Service 3.0
27-12-2014 21:17:09 Removed Eraser 6.0.10.2620
30-12-2014 05:22:03 System Checkpoint
01-01-2015 00:27:35 System Checkpoint
03-01-2015 01:16:11 System Checkpoint
04-01-2015 03:45:32 System Checkpoint
07-01-2015 03:37:39 System Checkpoint
09-01-2015 05:35:08 System Checkpoint
11-01-2015 04:15:27 System Checkpoint
13-01-2015 07:04:24 System Checkpoint
16-01-2015 05:03:17 Software Distribution Service 3.0
17-01-2015 12:19:20 System Checkpoint
18-01-2015 20:41:44 System Checkpoint
20-01-2015 21:19:33 System Checkpoint
22-01-2015 19:31:05 System Checkpoint
24-01-2015 19:17:11 System Checkpoint
25-01-2015 22:12:31 System Checkpoint
28-01-2015 00:31:53 System Checkpoint
29-01-2015 20:25:55 System Checkpoint
30-01-2015 20:39:43 System Checkpoint
31-01-2015 20:51:14 System Checkpoint
02-02-2015 13:19:13 System Checkpoint
04-02-2015 00:09:47 System Checkpoint
05-02-2015 20:36:15 System Checkpoint
06-02-2015 21:01:14 System Checkpoint
07-02-2015 22:43:41 System Checkpoint
09-02-2015 17:44:08 System Checkpoint
10-02-2015 18:29:56 Software Distribution Service 3.0
13-02-2015 18:16:51 System Checkpoint
14-02-2015 23:14:28 System Checkpoint
16-02-2015 19:08:00 System Checkpoint
17-02-2015 19:34:59 System Checkpoint
18-02-2015 19:39:25 System Checkpoint
20-02-2015 19:36:58 System Checkpoint
22-02-2015 05:51:18 System Checkpoint
23-02-2015 19:18:55 System Checkpoint
25-02-2015 20:16:37 System Checkpoint
26-02-2015 20:21:31 System Checkpoint
27-02-2015 20:29:52 System Checkpoint
01-03-2015 00:40:34 System Checkpoint
02-03-2015 20:49:57 System Checkpoint
05-03-2015 20:30:52 System Checkpoint
07-03-2015 21:10:35 System Checkpoint
08-03-2015 21:11:37 System Checkpoint
10-03-2015 02:13:20 System Checkpoint
10-03-2015 18:15:35 Software Distribution Service 3.0
12-03-2015 20:49:17 System Checkpoint
14-03-2015 01:02:00 System Checkpoint
15-03-2015 07:14:30 System Checkpoint
18-03-2015 17:25:08 Software Distribution Service 3.0
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2004-08-10 19:00 - 2004-08-10 19:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2005-03-15 22:17 - 2005-03-15 22:17 - 00204800 _____ () c:\Program Files\HP\Digital Imaging\bin\HpqUtil.dll
2005-09-06 08:46 - 2005-09-06 08:46 - 00061496 _____ () C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\clntutil.dll
2005-09-06 08:46 - 2005-09-06 08:46 - 00151589 _____ () C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\BWfiles.dll
2005-09-06 08:46 - 2005-09-06 08:46 - 00098339 _____ () C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\frext.dll
2005-09-06 08:46 - 2005-09-06 08:46 - 00126976 _____ () C:\Program Files\Updates from HP\9972322\Program\HPClientExt.dll
2004-08-10 19:00 - 2004-09-28 08:54 - 00269824 _____ () C:\WINDOWS\system32\sbe.dll
2004-08-10 12:00 - 2013-01-01 23:49 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll
2004-08-10 12:00 - 2008-04-14 05:41 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2004-08-10 12:00 - 2008-04-14 05:42 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\05650530.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\07052787.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\07335284.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\19264573.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\29387598.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\33294898.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\35163538.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\57894774.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\66864755.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\67169168.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\68319837.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\71011496.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\72732895.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\72805924.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\78869082.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\79608268.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\83317152.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\84126562.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\84605634.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\85349088.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\87533320.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\87964760.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\96479692.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\98067264.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\05650530.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\07052787.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\07335284.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\19264573.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\29387598.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\33294898.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\35163538.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\57894774.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\66864755.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\67169168.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\68319837.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\71011496.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\72732895.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\72805924.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\78869082.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\79608268.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\83317152.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\84126562.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\84605634.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\85349088.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\87533320.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\87964760.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\96479692.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\98067264.sys => ""="Driver"
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-403728013-4087379911-1177270023-1008\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
DNS Servers: 192.168.1.254 - 75.153.176.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-403728013-4087379911-1177270023-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
Guest (S-1-5-21-403728013-4087379911-1177270023-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-403728013-4087379911-1177270023-1007 - Limited - Disabled)
HP_Administrator (S-1-5-21-403728013-4087379911-1177270023-1008 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\HP_Administrator
SUPPORT_388945a0 (S-1-5-21-403728013-4087379911-1177270023-1002 - Limited - Disabled)
SUPPORT_fddfa904 (S-1-5-21-403728013-4087379911-1177270023-1006 - Limited - Disabled)
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/20/2015 09:00:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application roguekiller.exe, version 10.5.5.0, faulting module kernel32.dll, version 5.1.2600.6532, fault address 0x0000b152.
Processing media-specific event for [roguekiller.exe!ws!]
 
Error: (03/20/2015 09:00:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application roguekiller.exe, version 10.5.5.0, faulting module kernel32.dll, version 5.1.2600.6532, fault address 0x0000b152.
Processing media-specific event for [roguekiller.exe!ws!]
 
Error: (03/01/2015 02:19:14 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.OE.Systray.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.IOException
Stack:
   at System.Xml.XmlTextReaderImpl.OpenUrl()
   at System.Xml.XmlTextReaderImpl.Read()
   at System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean)
   at System.Xml.XmlDocument.Load(System.Xml.XmlReader)
   at System.Xml.XmlDocument.Load(System.String)
   at Avira.OE.WinCore.OeSharedSettingsAccessor.LoadXmlDocumentFromFile()
   at Avira.OE.WinCore.OeSharedSettingsAccessor.Get(System.String)
   at Avira.OE.WinCore.OeProductInfo.get_Culture()
   at Avira.OE.WinCore.Utility.CultureSetter.SetDefaultCultureDefinedInAppsettings()
   at Avira.OE.Systray.Program.Main(System.String[])
 
Error: (03/01/2015 02:18:07 PM) (Source: .NET Runtime 4.0 Error Reporting) (EventID: 5000) (User: )
Description: EventType clr20r3, P1 avira.oe.systray.exe, P2 1.1.30.21735, P3 54bce4be, P4 mscorlib, P5 4.0.0.0, P6 4e181ae3, P7 3fd1, P8 1f4, P9 clr20r30, P10 clr20r31.
 
Error: (02/27/2015 05:39:49 PM) (Source: ESENT) (EventID: 490) (User: )
Description: svchost (976) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\edb.log" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (02/20/2015 02:18:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application frst.exe, version 18.2.2015.1, faulting module frst.exe, version 18.2.2015.1, fault address 0x0001f09e.
Processing media-specific event for [frst.exe!ws!]
 
Error: (01/11/2015 02:56:41 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.OE.ServiceHost.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.AccessViolationException
Stack:
   at Avira.OE.WinCore.WinHandleUtil+NativeMethods.GetFullHandleName(IntPtr, System.Text.StringBuilder, Int32 ByRef)
   at Avira.OE.WinCore.WinHandleUtil.GetFullHandleName(IntPtr)
   at Avira.OE.WinCore.WcfAuthService.VerifyTokenEventName(IntPtr)
   at Avira.OE.WinCore.WcfAuthService.AuthenticateChannel(System.ServiceModel.IClientChannel, Avira.OE.WinCore.WcfAuthToken)
   at Avira.OE.WinCore.WcfServiceAuthInterceptor.AfterReceiveRequest(System.ServiceModel.Channels.Message ByRef, System.ServiceModel.IClientChannel, System.ServiceModel.InstanceContext)
   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.AfterReceiveRequestCore(System.ServiceModel.Dispatcher.MessageRpc ByRef)
   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage2(System.ServiceModel.Dispatcher.MessageRpc ByRef)
   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage11(System.ServiceModel.Dispatcher.MessageRpc ByRef)
   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage1(System.ServiceModel.Dispatcher.MessageRpc ByRef)
   at System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean)
   at System.ServiceModel.Dispatcher.ChannelHandler.DispatchAndReleasePump(System.ServiceModel.Channels.RequestContext, Boolean, System.ServiceModel.OperationContext)
   at System.ServiceModel.Dispatcher.ChannelHandler.HandleRequest(System.ServiceModel.Channels.RequestContext, System.ServiceModel.OperationContext)
   at System.ServiceModel.Dispatcher.ChannelHandler.AsyncMessagePump(System.IAsyncResult)
   at System.ServiceModel.Dispatcher.ChannelHandler.OnAsyncReceiveComplete(System.IAsyncResult)
   at System.Runtime.Fx+AsyncThunk.UnhandledExceptionFrame(System.IAsyncResult)
   at System.Runtime.AsyncResult.Complete(Boolean)
   at System.ServiceModel.Channels.FramingDuplexSessionChannel+TryReceiveAsyncResult.OnReceive(System.IAsyncResult)
   at System.Runtime.Fx+AsyncThunk.UnhandledExceptionFrame(System.IAsyncResult)
   at System.Runtime.AsyncResult.Complete(Boolean)
   at System.ServiceModel.Channels.SynchronizedMessageSource+ReceiveAsyncResult.OnReceiveComplete(System.Object)
   at System.ServiceModel.Channels.SessionConnectionReader.OnAsyncReadComplete(System.Object)
   at System.ServiceModel.Channels.StreamConnection.OnRead(System.IAsyncResult)
   at System.Runtime.Fx+AsyncThunk.UnhandledExceptionFrame(System.IAsyncResult)
   at System.Net.LazyAsyncResult.Complete(IntPtr)
   at System.Net.LazyAsyncResult.ProtectedInvokeCallback(System.Object, IntPtr)
   at System.Net.Security.NegotiateStream.ProcessFrameBody(Int32, Byte[], Int32, Int32, System.Net.AsyncProtocolRequest)
   at System.Net.Security.NegotiateStream.ReadCallback(System.Net.AsyncProtocolRequest)
   at System.Net.AsyncProtocolRequest.CompleteRequest(Int32)
   at System.Net.FixedSizeReader.CheckCompletionBeforeNextRead(Int32)
   at System.Net.FixedSizeReader.ReadCallback(System.IAsyncResult)
   at System.Runtime.AsyncResult.Complete(Boolean)
   at System.ServiceModel.Channels.ConnectionStream+ReadAsyncResult.OnAsyncReadComplete(System.Object)
   at System.ServiceModel.Channels.PipeConnection.OnAsyncReadComplete(Boolean, Int32, Int32)
   at System.ServiceModel.Channels.OverlappedContext.CompleteCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
   at System.Runtime.Fx+IOCompletionThunk.UnhandledExceptionFrame(UInt32, UInt32, System.Threading.NativeOverlapped*)
   at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
 
Error: (01/10/2015 05:50:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application frst.exe, version 10.1.2015.0, faulting module frst.exe, version 10.1.2015.0, fault address 0x0001f09e.
Processing media-specific event for [frst.exe!ws!]
 
Error: (12/27/2014 07:04:26 PM) (Source: .NET Runtime Optimization Service) (EventID: 1103) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
 
Error: (12/27/2014 02:01:41 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile: PresentationCore, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 . Error code = 0x80070005
 
 
System errors:
=============
Error: (03/19/2015 11:37:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The iPod Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (03/19/2015 11:37:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Machine Debug Manager service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (03/19/2015 11:37:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The LightScribeService Direct Disc Labeling Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (03/19/2015 11:37:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Java Quick Starter service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (03/19/2015 11:37:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Media Center Scheduler Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (03/19/2015 11:37:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Media Center Receiver Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (03/19/2015 11:37:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Sandboxie Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (03/18/2015 06:49:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The iPod Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (03/18/2015 06:49:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Machine Debug Manager service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (03/18/2015 06:49:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The LightScribeService Direct Disc Labeling Service service terminated unexpectedly.  It has done this 1 time(s).
 
 
Microsoft Office Sessions:
=========================
Error: (03/20/2015 09:00:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: roguekiller.exe10.5.5.0kernel32.dll5.1.2600.65320000b152
 
Error: (03/20/2015 09:00:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: roguekiller.exe10.5.5.0kernel32.dll5.1.2600.65320000b152
 
Error: (03/01/2015 02:19:14 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.OE.Systray.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.IOException
Stack:
   at System.Xml.XmlTextReaderImpl.OpenUrl()
   at System.Xml.XmlTextReaderImpl.Read()
   at System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean)
   at System.Xml.XmlDocument.Load(System.Xml.XmlReader)
   at System.Xml.XmlDocument.Load(System.String)
   at Avira.OE.WinCore.OeSharedSettingsAccessor.LoadXmlDocumentFromFile()
   at Avira.OE.WinCore.OeSharedSettingsAccessor.Get(System.String)
   at Avira.OE.WinCore.OeProductInfo.get_Culture()
   at Avira.OE.WinCore.Utility.CultureSetter.SetDefaultCultureDefinedInAppsettings()
   at Avira.OE.Systray.Program.Main(System.String[])
 
Error: (03/01/2015 02:18:07 PM) (Source: .NET Runtime 4.0 Error Reporting) (EventID: 5000) (User: )
Description: clr20r3avira.oe.systray.exe1.1.30.2173554bce4bemscorlib4.0.0.04e181ae33fd11f4system.io.ioexceptionNIL
 
Error: (02/27/2015 05:39:49 PM) (Source: ESENT) (EventID: 490) (User: )
Description: svchost976C:\WINDOWS\system32\CatRoot2\edb.log-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.
 
Error: (02/20/2015 02:18:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: frst.exe18.2.2015.1frst.exe18.2.2015.10001f09e
 
Error: (01/11/2015 02:56:41 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.OE.ServiceHost.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.AccessViolationException
Stack:
   at Avira.OE.WinCore.WinHandleUtil+NativeMethods.GetFullHandleName(IntPtr, System.Text.StringBuilder, Int32 ByRef)
   at Avira.OE.WinCore.WinHandleUtil.GetFullHandleName(IntPtr)
   at Avira.OE.WinCore.WcfAuthService.VerifyTokenEventName(IntPtr)
   at Avira.OE.WinCore.WcfAuthService.AuthenticateChannel(System.ServiceModel.IClientChannel, Avira.OE.WinCore.WcfAuthToken)
   at Avira.OE.WinCore.WcfServiceAuthInterceptor.AfterReceiveRequest(System.ServiceModel.Channels.Message ByRef, System.ServiceModel.IClientChannel, System.ServiceModel.InstanceContext)
   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.AfterReceiveRequestCore(System.ServiceModel.Dispatcher.MessageRpc ByRef)
   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage2(System.ServiceModel.Dispatcher.MessageRpc ByRef)
   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage11(System.ServiceModel.Dispatcher.MessageRpc ByRef)
   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage1(System.ServiceModel.Dispatcher.MessageRpc ByRef)
   at System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean)
   at System.ServiceModel.Dispatcher.ChannelHandler.DispatchAndReleasePump(System.ServiceModel.Channels.RequestContext, Boolean, System.ServiceModel.OperationContext)
   at System.ServiceModel.Dispatcher.ChannelHandler.HandleRequest(System.ServiceModel.Channels.RequestContext, System.ServiceModel.OperationContext)
   at System.ServiceModel.Dispatcher.ChannelHandler.AsyncMessagePump(System.IAsyncResult)
   at System.ServiceModel.Dispatcher.ChannelHandler.OnAsyncReceiveComplete(System.IAsyncResult)
   at System.Runtime.Fx+AsyncThunk.UnhandledExceptionFrame(System.IAsyncResult)
   at System.Runtime.AsyncResult.Complete(Boolean)
   at System.ServiceModel.Channels.FramingDuplexSessionChannel+TryReceiveAsyncResult.OnReceive(System.IAsyncResult)
   at System.Runtime.Fx+AsyncThunk.UnhandledExceptionFrame(System.IAsyncResult)
   at System.Runtime.AsyncResult.Complete(Boolean)
   at System.ServiceModel.Channels.SynchronizedMessageSource+ReceiveAsyncResult.OnReceiveComplete(System.Object)
   at System.ServiceModel.Channels.SessionConnectionReader.OnAsyncReadComplete(System.Object)
   at System.ServiceModel.Channels.StreamConnection.OnRead(System.IAsyncResult)
   at System.Runtime.Fx+AsyncThunk.UnhandledExceptionFrame(System.IAsyncResult)
   at System.Net.LazyAsyncResult.Complete(IntPtr)
   at System.Net.LazyAsyncResult.ProtectedInvokeCallback(System.Object, IntPtr)
   at System.Net.Security.NegotiateStream.ProcessFrameBody(Int32, Byte[], Int32, Int32, System.Net.AsyncProtocolRequest)
   at System.Net.Security.NegotiateStream.ReadCallback(System.Net.AsyncProtocolRequest)
   at System.Net.AsyncProtocolRequest.CompleteRequest(Int32)
   at System.Net.FixedSizeReader.CheckCompletionBeforeNextRead(Int32)
   at System.Net.FixedSizeReader.ReadCallback(System.IAsyncResult)
   at System.Runtime.AsyncResult.Complete(Boolean)
   at System.ServiceModel.Channels.ConnectionStream+ReadAsyncResult.OnAsyncReadComplete(System.Object)
   at System.ServiceModel.Channels.PipeConnection.OnAsyncReadComplete(Boolean, Int32, Int32)
   at System.ServiceModel.Channels.OverlappedContext.CompleteCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
   at System.Runtime.Fx+IOCompletionThunk.UnhandledExceptionFrame(UInt32, UInt32, System.Threading.NativeOverlapped*)
   at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
 
Error: (01/10/2015 05:50:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: frst.exe10.1.2015.0frst.exe10.1.2015.00001f09e
 
Error: (12/27/2014 07:04:26 PM) (Source: .NET Runtime Optimization Service) (EventID: 1103) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
 
Error: (12/27/2014 02:01:41 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile: PresentationCore, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 . Error code = 0x80070005 
PresentationCore, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35
 
 
==================== Memory info =========================== 
 
Processor:  Intel® Pentium® 4 CPU 3.00GHz
Percentage of memory in use: 53%
Total physical RAM: 1015.29 MB
Available physical RAM: 469.17 MB
Total Pagefile: 2440.75 MB
Available Pagefile: 1858.14 MB
Total Virtual: 2047.88 MB
Available Virtual: 1945.63 MB
 
==================== Drives ================================
 
Drive c: (HP_PAVILION) (Fixed) (Total:224.87 GB) (Free:194.16 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (RECOVERY) (Fixed) (Total:8 GB) (Free:0.9 GB) FAT32 ==>[Drive with boot components (Windows XP)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 1549F232)
Partition 1: (Not Active) - (Size=8 GB) - (Type=0C)
Partition 2: (Active) - (Size=224.9 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

Edit:
This is the RogueKiller log: 

RogueKiller V10.5.5.0 [Mar 16 2015] by Adlice Software
 
Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : HP_Administrator [Administrator]
Started from : C:\Documents and Settings\HP_Administrator\Desktop\RogueKiller.exe
Mode : Scan -- Date : 03/19/2015  23:32:21
 
¤¤¤ Processes : 1 ¤¤¤
[Suspicious.Path] explorer.exe(1564) -- C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\IadHide5.dll[-] -> Unloaded
 
¤¤¤ Registry : 15 ¤¤¤
[PUM.HomePage] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser  -> Found
[PUM.HomePage] HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main | Start Page : http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser  -> Found
[PUM.HomePage] HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main | Start Page : http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser  -> Found
[PUM.HomePage] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser  -> Found
[PUM.SearchPage] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser  -> Found
[PUM.SearchPage] HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main | Search Page : http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser  -> Found
[PUM.SearchPage] HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main | Search Page : http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser  -> Found
[PUM.SearchPage] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 192.168.1.254 75.153.176.1 [UNITED STATES (US)]  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 192.168.1.254 75.153.176.1 [UNITED STATES (US)]  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 192.168.1.254 75.153.176.1 [UNITED STATES (US)]  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{B91353D3-0EBE-442F-AC69-0FB2DD3CD876} | DhcpNameServer : 192.168.1.254 75.153.176.1 [UNITED STATES (US)]  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{B91353D3-0EBE-442F-AC69-0FB2DD3CD876} | DhcpNameServer : 192.168.1.254 75.153.176.1 [UNITED STATES (US)]  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{B91353D3-0EBE-442F-AC69-0FB2DD3CD876} | DhcpNameServer : 192.168.1.254 75.153.176.1 [UNITED STATES (US)]  -> Found
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found
 
¤¤¤ Tasks : 0 ¤¤¤
 
¤¤¤ Files : 0 ¤¤¤
 
¤¤¤ Hosts File : 1 ¤¤¤
[C:\WINDOWS\system32\drivers\etc\hosts] 127.0.0.1       localhost
 
¤¤¤ Antirootkit : 6 (Driver: Loaded) ¤¤¤
[SSDT:Addr(Hook.SSDT)] NtOpenProcess[122] : C:\WINDOWS\system32\drivers\mbamchameleon.sys @ 0xa69ce20e
[SSDT:Addr(Hook.SSDT)] NtOpenThread[128] : C:\WINDOWS\system32\drivers\mbamchameleon.sys @ 0xa69ce3dc
[SSDT:Inl(Hook.SSDT)] NtRequestPort[199] : Unknown @ 0x805a2a7e
[SSDT:Addr(Hook.SSDT)] NtRequestWaitReplyPort[200] : Unknown @ 0xf7c3a520
[ShwSSDT:Addr(Hook.Shadow)] NtUserSetWindowsHookEx[549] : Unknown @ 0xf7c8b72e
[ShwSSDT:Addr(Hook.Shadow)] NtUserSetWinEventHook[552] : Unknown @ 0xf7c8b733
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST3250823AS +++++
--- User ---
[MBR] 70ed0f54399f6a69b52902f6c167fbba
[BSP] 8a7884da59e414827f91c43dcf324e78 : Toshiba MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 63 | Size: 8202 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 16798320 | Size: 230262 MB [Windows XP Bootstrap | Windows XP Bootloader]
User = LL1 ... OK
User = LL2 ... OK
 
+++++ PhysicalDrive1: Generic USB SD Reader USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )
 
+++++ PhysicalDrive2: Generic USB CF Reader USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )
 
+++++ PhysicalDrive3: Generic USB SM Reader USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )
 
+++++ PhysicalDrive4: Generic USB MS Reader USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

I'm suspicious about the MBR because it says Toshiba; I use an HP. Is this normal?

Edited by CarrotCakes, 21 March 2015 - 01:26 AM.


BC AdBot (Login to Remove)

 


#2 Johnny Computer

Johnny Computer

  • Malware Response Team
  • 1,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1
  • Local time:04:55 PM

Posted 21 March 2015 - 08:32 AM

Hello CarrotCakes-

 

My name is Johnny Computer and I will be helping you clean up your system. 

 

PLEASE NOTE:  Logs are often long, complicated, and time consuming to analyze

 

Please give me some time to look over your logs and I will be back with further instructions A.S.A.P.      :) 


avatar591802_2.gif"DO OR DO NOT. THERE IS NO TRY."


#3 Johnny Computer

Johnny Computer

  • Malware Response Team
  • 1,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1
  • Local time:04:55 PM

Posted 21 March 2015 - 10:38 AM

Hi CarrotCakes-

 


Hello and   :welcome: to BLEEPING COMPUTER

My name is Johnny Computer and I will be helping you with your malware related computer issues today    

Before we move on, please read the following points carefully.

 

 

 

IMPORTANT-----> Post all logfiles as a reply rather than as an attachment. If you can not post all log files in one reply, feel free to use more posts.

 

 

- First, I would like to inform you that most of us here at Bleeping Computer are volunteers. The logs you will be asked to submit can take time to analyze. Please try to match our   commitment to you with your patience toward us. 
 
-  Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.

-  Perform everything in the correct order. Sometimes one step requires the previous one.

-  If you have any problems while following my instructions, Stop and ask any questions you may have.

-  Please stay with me until I have notified you that your system is All Clean. Absence of symptoms does not necessarily mean your machine is clean. 

-  If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.

IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.

IMPORTANT NOTE:  DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your operating system and losing all your programs and data.
 
  -----------------------------------------------------------------------

 

   :step1:  Please uninstall PC doctor as it contains adware

 

  --------------------------------------------------------------------------

 

  :step2:  Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!

  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

  --------------------------------------------------------------------------------------------

 

   :step3:  Please download AdwCleaner by Xplode and save to your Desktop.

 
-  Double click on AdwCleaner.exe to run the tool.
Vista/Windows 7/8 users right-click and select Run As Administrator
-  The tool will start to update the database, please wait a bit.
-  Click on I agree button.
-  Click on the Scan button.
-  AdwCleaner will begin...be patient as the scan may take some time to complete.
-  After the scan has finished, click on the Report button...a logfile (AdwCleaner[R#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
-  The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
-  Copy and paste the contents of that logfile in your next reply.
-  A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
 
  --------------------------------------------------------------------------------------------------------------
 
IN YOUR NEXT REPLY I NEED:

 

1.)   Confirmation that you uninstalled PC Doctor

2.)   Your TDSS Killer log

3.)   Your ADWCleaner log

 

Thanks  :)

 


avatar591802_2.gif"DO OR DO NOT. THERE IS NO TRY."


#4 CarrotCakes

CarrotCakes
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:55 PM

Posted 22 March 2015 - 03:26 AM

Ok, I will get to your instructions as soon as I can. :)

But just a warning that the infection seems to deliberately cut off my internet (especially as I'm trying to post here), so it might take a while.



#5 CarrotCakes

CarrotCakes
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:55 PM

Posted 22 March 2015 - 05:21 AM

I've removed PC Doctor.

 

# AdwCleaner v4.112 - Logfile created 22/03/2015 at 03:00:37
# Updated 09/03/2015 by Xplode
# Database : 2015-03-22.1 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : HP_Administrator - ABC
# Running from : C:\Documents and Settings\HP_Administrator\Desktop\adwcleaner_4.112.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Found : C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pafkbggdmjlpgkdkcbjmhmfcdpncadgh_0.localstorage
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v8.0.6001.18702
 
 
-\\ Mozilla Firefox v
 
 
-\\ Google Chrome v41.0.2272.101
 
*************************
 
AdwCleaner[R28].txt - [1193 bytes] - [13/03/2015 22:17:01]
AdwCleaner[R29].txt - [929 bytes] - [14/03/2015 04:03:09]
AdwCleaner[R30].txt - [987 bytes] - [14/03/2015 04:23:27]
AdwCleaner[R31].txt - [1046 bytes] - [15/03/2015 04:36:57]
AdwCleaner[R32].txt - [1219 bytes] - [22/03/2015 03:00:37]
AdwCleaner[S10].txt - [1264 bytes] - [13/03/2015 22:21:14]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R32].txt - [1339 bytes] ##########


#6 CarrotCakes

CarrotCakes
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:55 PM

Posted 22 March 2015 - 06:09 AM

02:51:20.0218 0x0764  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
02:51:21.0625 0x0764  ============================================================
02:51:21.0625 0x0764  Current date / time: 2015/03/22 02:51:21.0625
02:51:21.0625 0x0764  SystemInfo:
02:51:21.0625 0x0764  
02:51:21.0625 0x0764  OS Version: 5.1.2600 ServicePack: 3.0
02:51:21.0625 0x0764  Product type: Workstation
02:51:21.0625 0x0764  ComputerName: ABC
02:51:21.0625 0x0764  UserName: HP_Administrator
02:51:21.0625 0x0764  Windows directory: C:\WINDOWS
02:51:21.0625 0x0764  System windows directory: C:\WINDOWS
02:51:21.0625 0x0764  Processor architecture: Intel x86
02:51:21.0625 0x0764  Number of processors: 2
02:51:21.0625 0x0764  Page size: 0x1000
02:51:21.0625 0x0764  Boot type: Normal boot
02:51:21.0625 0x0764  ============================================================
02:51:21.0640 0x0764  BG loaded
02:51:26.0687 0x0764  System UUID: {AA5402C4-0AA1-D088-FCDE-3AB726B12B33}
02:52:01.0765 0x0764  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000044
02:52:08.0890 0x0764  ============================================================
02:52:08.0890 0x0764  \Device\Harddisk0\DR0:
02:52:11.0187 0x0764  MBR partitions:
02:52:11.0187 0x0764  \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x1005231
02:52:11.0203 0x0764  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1005270, BlocksNum 0x1C1BB450
02:52:11.0203 0x0764  ============================================================
02:52:29.0828 0x0764  C: <-> \Device\Harddisk0\DR0\Partition2
02:52:29.0859 0x0764  D: <-> \Device\Harddisk0\DR0\Partition1
02:52:29.0859 0x0764  ============================================================
02:52:29.0859 0x0764  Initialize success
02:52:29.0859 0x0764  ============================================================
02:53:28.0640 0x0d68  ============================================================
02:53:28.0640 0x0d68  Scan started
02:53:28.0640 0x0d68  Mode: Manual; SigCheck; TDLFS; 
02:53:28.0640 0x0d68  ============================================================
02:53:28.0640 0x0d68  KSN ping started
02:53:31.0390 0x0d68  KSN ping finished: true
02:53:43.0000 0x0d68  ================ Scan system memory ========================
02:53:43.0000 0x0d68  System memory - ok
02:53:43.0000 0x0d68  ================ Scan services =============================
02:53:44.0718 0x0d68  Abiosdsk - ok
02:53:44.0734 0x0d68  abp480n5 - ok
02:53:45.0062 0x0d68  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
02:53:57.0453 0x0d68  ACPI - ok
02:53:58.0328 0x0d68  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
02:54:15.0171 0x0d68  ACPIEC - ok
02:54:15.0187 0x0d68  adpu160m - ok
02:54:16.0296 0x0d68  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
02:54:45.0515 0x0d68  aec - ok
02:54:46.0781 0x0d68  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
02:55:13.0546 0x0d68  AFD - ok
02:55:14.0921 0x0d68  [ 34F27C7D71F1C49C7D3857F28B42F544, C307405BC92E174BF696F9A5EC844A95AD983AE2C4223C89F445D89A3361A232 ] AgereSoftModem  C:\WINDOWS\system32\DRIVERS\AGRSM.sys
02:55:44.0171 0x0d68  AgereSoftModem - ok
02:55:44.0203 0x0d68  Aha154x - ok
02:55:44.0218 0x0d68  aic78u2 - ok
02:55:44.0250 0x0d68  aic78xx - ok
02:55:44.0484 0x0d68  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
02:55:45.0125 0x0d68  Alerter - ok
02:55:47.0734 0x0d68  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe
02:55:48.0687 0x0d68  ALG - ok
02:55:48.0703 0x0d68  AliIde - ok
02:55:48.0734 0x0d68  amsint - ok
02:55:50.0296 0x0d68  [ 624D29E2D70F83147A79043FD0024D1D, 8B9D4692529155893E3E73E2CF1B0A36354C7032C9524FDCBC5D57562F7F0342 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
02:55:51.0734 0x0d68  AntiVirSchedulerService - ok
02:55:53.0265 0x0d68  [ 624D29E2D70F83147A79043FD0024D1D, 8B9D4692529155893E3E73E2CF1B0A36354C7032C9524FDCBC5D57562F7F0342 ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
02:55:58.0531 0x0d68  AntiVirService - ok
02:55:59.0125 0x0d68  [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
02:56:05.0859 0x0d68  AppMgmt - ok
02:56:06.0031 0x0d68  [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
02:56:06.0531 0x0d68  Arp1394 - ok
02:56:06.0546 0x0d68  asc - ok
02:56:06.0562 0x0d68  asc3350p - ok
02:56:06.0609 0x0d68  asc3550 - ok
02:56:16.0031 0x0d68  [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
02:56:16.0140 0x0d68  aspnet_state - ok
02:56:16.0437 0x0d68  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
02:56:16.0703 0x0d68  AsyncMac - ok
02:56:16.0859 0x0d68  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
02:56:23.0203 0x0d68  atapi - ok
02:56:23.0265 0x0d68  Atdisk - ok
02:56:23.0359 0x0d68  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
02:56:23.0687 0x0d68  Atmarpc - ok
02:56:23.0890 0x0d68  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
02:56:24.0140 0x0d68  AudioSrv - ok
02:56:24.0375 0x0d68  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
02:56:24.0609 0x0d68  audstub - ok
02:56:24.0625 0x0d68  [ AF5DA81B19AFA730F1E5246AD81D140A, 532951071F56896A3B5D47874C14D996C8620EA02F87D4BA21B083EC804FB166 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
02:56:25.0156 0x0d68  avgntflt - ok
02:56:25.0843 0x0d68  [ A5674637BCA212D9FE136ADFA04C9857, 95F3632EBB041C539816D285EBE1F379D46A4187379C69D4683D9F4DECBDB80C ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
02:56:26.0000 0x0d68  avipbb - ok
02:56:27.0093 0x0d68  [ 8E6214E8C6100222BEB6A14F9B908A7E, 268279AE0D87E4B1CC227355DF12B7E8113F8355B1D20447AA723830D706021A ] Avira.OE.ServiceHost C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
02:56:27.0171 0x0d68  Avira.OE.ServiceHost - ok
02:56:27.0218 0x0d68  [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
02:56:27.0265 0x0d68  avkmgr - ok
02:56:27.0296 0x0d68  [ 7270D070173B20AC9487EA16BB08B45F, 4097AFCF91F1B3DCEFF388009605145ED2B319695BCEB85FF62ADA07087191D9 ] bb-run          C:\WINDOWS\system32\DRIVERS\bb-run.sys
02:56:27.0468 0x0d68  bb-run - ok
02:56:28.0328 0x0d68  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
02:56:28.0593 0x0d68  Beep - ok
02:56:29.0109 0x0d68  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll
02:56:30.0671 0x0d68  BITS - ok
02:56:35.0625 0x0d68  [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser         C:\WINDOWS\System32\browser.dll
02:56:37.0171 0x0d68  Browser - ok
02:56:37.0265 0x0d68  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
02:56:37.0500 0x0d68  cbidf2k - ok
02:56:37.0515 0x0d68  cd20xrnt - ok
02:56:38.0265 0x0d68  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
02:56:38.0468 0x0d68  Cdaudio - ok
02:56:38.0546 0x0d68  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
02:56:38.0765 0x0d68  Cdfs - ok
02:56:41.0281 0x0d68  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
02:56:41.0640 0x0d68  Cdrom - ok
02:56:41.0656 0x0d68  Changer - ok
02:56:41.0859 0x0d68  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
02:56:42.0125 0x0d68  CiSvc - ok
02:56:42.0890 0x0d68  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
02:56:43.0171 0x0d68  ClipSrv - ok
02:56:44.0656 0x0d68  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
02:56:44.0765 0x0d68  clr_optimization_v2.0.50727_32 - ok
02:56:48.0750 0x0d68  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
02:56:49.0031 0x0d68  clr_optimization_v4.0.30319_32 - ok
02:56:49.0031 0x0d68  CmdIde - ok
02:56:49.0046 0x0d68  COMSysApp - ok
02:56:49.0062 0x0d68  Cpqarray - ok
02:56:50.0546 0x0d68  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
02:56:50.0796 0x0d68  CryptSvc - ok
02:56:50.0796 0x0d68  dac2w2k - ok
02:56:50.0812 0x0d68  dac960nt - ok
02:56:51.0312 0x0d68  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
02:56:51.0593 0x0d68  DcomLaunch - ok
02:56:51.0671 0x0d68  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
02:56:51.0921 0x0d68  Dhcp - ok
02:56:52.0171 0x0d68  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
02:56:52.0437 0x0d68  Disk - ok
02:56:52.0453 0x0d68  dmadmin - ok
02:56:53.0046 0x0d68  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
02:56:54.0187 0x0d68  dmboot - ok
02:56:55.0140 0x0d68  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
02:56:55.0687 0x0d68  dmio - ok
02:56:57.0875 0x0d68  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
02:56:58.0140 0x0d68  dmload - ok
02:56:58.0468 0x0d68  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll
02:56:58.0796 0x0d68  dmserver - ok
02:56:58.0843 0x0d68  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
02:56:59.0140 0x0d68  DMusic - ok
02:56:59.0171 0x0d68  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
02:56:59.0468 0x0d68  Dnscache - ok
02:56:59.0546 0x0d68  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
02:56:59.0937 0x0d68  Dot3svc - ok
02:56:59.0953 0x0d68  dpti2o - ok
02:56:59.0984 0x0d68  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
02:57:00.0265 0x0d68  drmkaud - ok
02:57:00.0312 0x0d68  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll
02:57:00.0546 0x0d68  EapHost - ok
02:57:00.0703 0x0d68  [ 63F371F0248E3732A4821F86E6D0E370, 35838070CF9AADF30FD465234DB27BCD8F471513698DC7E738DDB1762DAC3CE4 ] ehRecvr         C:\WINDOWS\eHome\ehRecvr.exe
02:57:01.0062 0x0d68  ehRecvr - ok
02:57:01.0109 0x0d68  [ 16910F8B482919BB6035ED053B691692, 457B65A1831B5F42F9AFF6C9E810B76D421FE57137768B97A965D5E76142A94E ] ehSched         C:\WINDOWS\eHome\ehSched.exe
02:57:01.0343 0x0d68  ehSched - ok
02:57:01.0421 0x0d68  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
02:57:01.0687 0x0d68  ERSvc - ok
02:57:01.0703 0x0d68  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog        C:\WINDOWS\system32\services.exe
02:57:01.0781 0x0d68  Eventlog - ok
02:57:01.0843 0x0d68  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem     C:\WINDOWS\system32\es.dll
02:57:01.0921 0x0d68  EventSystem - ok
02:57:01.0968 0x0d68  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
02:57:02.0250 0x0d68  Fastfat - ok
02:57:02.0281 0x0d68  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
02:57:02.0390 0x0d68  FastUserSwitchingCompatibility - ok
02:57:02.0437 0x0d68  [ E97D6A8684466DF94FF3BC24FB787A07, 89E5A6889E3C5AB9AD3E80FFC16DD608278F3ADC282048B40B60196336A5CBEB ] Fax             C:\WINDOWS\system32\fxssvc.exe
02:57:02.0703 0x0d68  Fax - ok
02:57:02.0734 0x0d68  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
02:57:02.0953 0x0d68  Fdc - ok
02:57:03.0000 0x0d68  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
02:57:03.0218 0x0d68  Fips - ok
02:57:03.0250 0x0d68  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
02:57:03.0468 0x0d68  Flpydisk - ok
02:57:03.0531 0x0d68  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
02:57:03.0765 0x0d68  FltMgr - ok
02:57:03.0859 0x0d68  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
02:57:03.0890 0x0d68  FontCache3.0.0.0 - ok
02:57:03.0953 0x0d68  [ 455F778EE14368468560BD7CB8C854D0, 06FAED65D9949BBD98A4DA8ECE5B24C08646EB6C4E09D84CD32A474B206B180C ] FsVga           C:\WINDOWS\system32\DRIVERS\fsvga.sys
02:57:04.0187 0x0d68  FsVga - ok
02:57:04.0234 0x0d68  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
02:57:04.0406 0x0d68  Fs_Rec - ok
02:57:04.0437 0x0d68  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
02:57:04.0609 0x0d68  Ftdisk - ok
02:57:04.0625 0x0d68  [ 92E8443C7BF5C0137671CDE080655DFC, 759032856687B1684073106D187608225A211C0058A43A17B42B699745F06546 ] ftsata2         C:\WINDOWS\system32\DRIVERS\ftsata2.sys
02:57:04.0671 0x0d68  ftsata2 - ok
02:57:04.0687 0x0d68  [ 6F55305289A0765BD8AE8E8D32F17117, E9AE6270C03CA8C876234723FB087F63A04E1B07028B578EE8D75886736ACD35 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
02:57:04.0718 0x0d68  GEARAspiWDM - ok
02:57:04.0750 0x0d68  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
02:57:04.0921 0x0d68  Gpc - ok
02:57:05.0015 0x0d68  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
02:57:05.0062 0x0d68  gupdate - ok
02:57:05.0062 0x0d68  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
02:57:05.0093 0x0d68  gupdatem - ok
02:57:05.0125 0x0d68  [ 2A013E7530BEAB6E569FAA83F517E836, 481390EE00AF49BB54B8C885801FCAC0F87F4EF3D935ABBBA42B7C063EFDDB8F ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
02:57:05.0218 0x0d68  HdAudAddService - ok
02:57:05.0281 0x0d68  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
02:57:05.0421 0x0d68  HDAudBus - ok
02:57:05.0500 0x0d68  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
02:57:05.0656 0x0d68  helpsvc - ok
02:57:05.0703 0x0d68  [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ         C:\WINDOWS\System32\hidserv.dll
02:57:05.0828 0x0d68  HidServ - ok
02:57:05.0859 0x0d68  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
02:57:06.0000 0x0d68  HidUsb - ok
02:57:06.0046 0x0d68  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
02:57:06.0203 0x0d68  hkmsvc - ok
02:57:06.0218 0x0d68  hpn - ok
02:57:06.0265 0x0d68  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
02:57:06.0328 0x0d68  HTTP - ok
02:57:06.0343 0x0d68  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
02:57:06.0500 0x0d68  HTTPFilter - ok
02:57:06.0515 0x0d68  i2omgmt - ok
02:57:06.0515 0x0d68  i2omp - ok
02:57:06.0562 0x0d68  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
02:57:06.0718 0x0d68  i8042prt - ok
02:57:06.0796 0x0d68  [ 4007984827E19E6A5B6FAF8532EAEFBA, 7D0A4B5C88C46C68F52D3293CB18077EB582131E2BF28BF4ACE700949B7188CB ] ialm            C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
02:57:07.0015 0x0d68  ialm - ok
02:57:07.0093 0x0d68  [ 79AE2A97C120F282845D854D0F070EA9, 5569785B034777D8A227377E0DC735DEEA6277A31FD60CA6E62AF01F49B3B8FF ] iaStor          C:\WINDOWS\system32\DRIVERS\iaStor.sys
02:57:07.0218 0x0d68  iaStor - ok
02:57:07.0359 0x0d68  [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
02:57:07.0406 0x0d68  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
02:57:10.0046 0x0d68  Detect skipped due to KSN trusted
02:57:10.0046 0x0d68  IDriverT - ok
02:57:10.0171 0x0d68  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
02:57:10.0281 0x0d68  idsvc - ok
02:57:10.0328 0x0d68  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
02:57:10.0546 0x0d68  Imapi - ok
02:57:10.0609 0x0d68  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\system32\imapi.exe
02:57:10.0796 0x0d68  ImapiService - ok
02:57:10.0812 0x0d68  ini910u - ok
02:57:11.0031 0x0d68  [ D87FFA95D630EC8D1482CA25C454846A, 7CA5C18A7A74040F921C0985882102709629EFDFB2107931EBB5D4A478EA6B5F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
02:57:11.0390 0x0d68  IntcAzAudAddService - ok
02:57:11.0437 0x0d68  [ B5466A9250342A7AA0CD1FBA13420678, 87E735C4E8924A883AB692D387A83BCBFAE6E165688336AE7AB488F7CA8D339E ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
02:57:11.0578 0x0d68  IntelIde - ok
02:57:11.0609 0x0d68  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
02:57:11.0750 0x0d68  intelppm - ok
02:57:11.0781 0x0d68  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
02:57:11.0937 0x0d68  Ip6Fw - ok
02:57:11.0984 0x0d68  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
02:57:12.0140 0x0d68  IpFilterDriver - ok
02:57:12.0171 0x0d68  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
02:57:12.0390 0x0d68  IpInIp - ok
02:57:12.0453 0x0d68  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
02:57:12.0656 0x0d68  IpNat - ok
02:57:12.0718 0x0d68  [ 50F2E042C33ED8D11264BE5C4D533C7F, 43D1CEA43BE41AEC765F5A5759857A58A474E663C22484611FC20C7E9C932B09 ] iPodService     C:\Program Files\iPod\bin\iPodService.exe
02:57:12.0796 0x0d68  iPodService - detected UnsignedFile.Multi.Generic ( 1 )
02:57:15.0250 0x0d68  Detect skipped due to KSN trusted
02:57:15.0250 0x0d68  iPodService - ok
02:57:15.0281 0x0d68  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
02:57:15.0515 0x0d68  IPSec - ok
02:57:15.0546 0x0d68  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
02:57:15.0781 0x0d68  IRENUM - ok
02:57:15.0828 0x0d68  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
02:57:16.0046 0x0d68  isapnp - ok
02:57:16.0156 0x0d68  [ BF918C9473D64BBD53C22C47045883F5, 1980726FBFEEE75E4B360B1A4F438CF1ADD929AC21BD5197F740CB8AD8194BD2 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
02:57:16.0234 0x0d68  JavaQuickStarterService - ok
02:57:16.0281 0x0d68  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
02:57:16.0484 0x0d68  Kbdclass - ok
02:57:16.0515 0x0d68  [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
02:57:16.0656 0x0d68  kbdhid - ok
02:57:16.0703 0x0d68  [ 1DB7405CB11CA52F22C911AE9935EEE1, 4C009416862283D600557DC277CF66BD630A96543C24BF8E215675DA53102C5F ] KeyScrambler    C:\WINDOWS\system32\drivers\keyscrambler.sys
02:57:16.0750 0x0d68  KeyScrambler - ok
02:57:16.0765 0x0d68  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
02:57:16.0921 0x0d68  kmixer - ok
02:57:16.0968 0x0d68  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
02:57:17.0031 0x0d68  KSecDD - ok
02:57:17.0078 0x0d68  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
02:57:17.0156 0x0d68  lanmanserver - ok
02:57:17.0203 0x0d68  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
02:57:17.0281 0x0d68  lanmanworkstation - ok
02:57:17.0296 0x0d68  lbrtfdc - ok
02:57:17.0328 0x0d68  [ 00944D59948596721D17510C94CD3E4F, FBD66042DEF6C5E29C3BB46B6A0739137DEC0EF73558A4C70C37CD1B6DDC240F ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
02:57:17.0359 0x0d68  LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
02:57:19.0812 0x0d68  Detect skipped due to KSN trusted
02:57:19.0812 0x0d68  LightScribeService - ok
02:57:19.0843 0x0d68  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
02:57:20.0000 0x0d68  LmHosts - ok
02:57:20.0062 0x0d68  [ 9EE18A5A45552673A67532EA37370377, F3BE11A6393A241FF5E2A73497D9E948EAA59BF4BBA308018EFDDF5CF9CE36C0 ] ltmodem5        C:\WINDOWS\system32\DRIVERS\ltmdmnt.sys
02:57:20.0203 0x0d68  ltmodem5 - ok
02:57:20.0296 0x0d68  [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
02:57:20.0359 0x0d68  MDM - ok
02:57:20.0390 0x0d68  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
02:57:20.0562 0x0d68  Messenger - ok
02:57:20.0609 0x0d68  [ B7521F69C0A9B29D356157229376FB21, A77C89BDC181038DD0F9A8AC0F7164B10EF9C54B0C57D8BAB8BC27932EBF890B ] MHN             C:\WINDOWS\System32\mhn.dll
02:57:20.0640 0x0d68  MHN - detected UnsignedFile.Multi.Generic ( 1 )
02:57:23.0265 0x0d68  Detect skipped due to KSN trusted
02:57:23.0265 0x0d68  MHN - ok
02:57:23.0296 0x0d68  [ 7F2F1D2815A6449D346FCCCBC569FBD6, 1C5A321CE95CE4D9AA2CB5A00E9B7E711521A6BBB25D36F7F49A397C361585C6 ] MHNDRV          C:\WINDOWS\system32\DRIVERS\mhndrv.sys
02:57:23.0312 0x0d68  MHNDRV - detected UnsignedFile.Multi.Generic ( 1 )
02:57:33.0453 0x0d68  MHNDRV ( UnsignedFile.Multi.Generic ) - warning
02:57:33.0453 0x0d68  Force sending object to P2P due to detect: MHNDRV
02:57:35.0734 0x0d68  Object send P2P result: false
02:57:35.0750 0x0d68  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
02:57:35.0906 0x0d68  mnmdd - ok
02:57:35.0937 0x0d68  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
02:57:36.0093 0x0d68  mnmsrvc - ok
02:57:36.0156 0x0d68  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
02:57:36.0296 0x0d68  Modem - ok
02:57:36.0312 0x0d68  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
02:57:36.0453 0x0d68  Mouclass - ok
02:57:36.0500 0x0d68  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
02:57:36.0656 0x0d68  mouhid - ok
02:57:36.0687 0x0d68  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
02:57:36.0828 0x0d68  MountMgr - ok
02:57:36.0843 0x0d68  mraid35x - ok
02:57:36.0859 0x0d68  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
02:57:37.0015 0x0d68  MRxDAV - ok
02:57:37.0078 0x0d68  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
02:57:37.0187 0x0d68  MRxSmb - ok
02:57:37.0250 0x0d68  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
02:57:37.0390 0x0d68  MSDTC - ok
02:57:37.0406 0x0d68  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
02:57:37.0578 0x0d68  Msfs - ok
02:57:37.0578 0x0d68  MSIServer - ok
02:57:37.0625 0x0d68  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
02:57:37.0781 0x0d68  MSKSSRV - ok
02:57:37.0796 0x0d68  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
02:57:37.0953 0x0d68  MSPCLOCK - ok
02:57:37.0968 0x0d68  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
02:57:38.0109 0x0d68  MSPQM - ok
02:57:38.0140 0x0d68  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
02:57:38.0281 0x0d68  mssmbios - ok
02:57:38.0328 0x0d68  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
02:57:38.0375 0x0d68  Mup - ok
02:57:38.0437 0x0d68  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll
02:57:38.0625 0x0d68  napagent - ok
02:57:38.0671 0x0d68  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
02:57:38.0843 0x0d68  NDIS - ok
02:57:38.0875 0x0d68  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
02:57:39.0046 0x0d68  NdisTapi - ok
02:57:39.0062 0x0d68  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
02:57:39.0203 0x0d68  Ndisuio - ok
02:57:39.0234 0x0d68  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
02:57:39.0390 0x0d68  NdisWan - ok
02:57:39.0437 0x0d68  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
02:57:39.0515 0x0d68  NDProxy - ok
02:57:39.0578 0x0d68  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
02:57:39.0734 0x0d68  NetBIOS - ok
02:57:39.0781 0x0d68  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
02:57:39.0953 0x0d68  NetBT - ok
02:57:39.0984 0x0d68  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe
02:57:40.0140 0x0d68  NetDDE - ok
02:57:40.0156 0x0d68  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
02:57:40.0281 0x0d68  NetDDEdsdm - ok
02:57:40.0312 0x0d68  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\system32\lsass.exe
02:57:40.0453 0x0d68  Netlogon - ok
02:57:40.0468 0x0d68  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll
02:57:40.0656 0x0d68  Netman - ok
02:57:40.0703 0x0d68  [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
02:57:40.0765 0x0d68  NetTcpPortSharing - ok
02:57:40.0812 0x0d68  [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
02:57:40.0953 0x0d68  NIC1394 - ok
02:57:40.0984 0x0d68  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla             C:\WINDOWS\System32\mswsock.dll
02:57:41.0015 0x0d68  Nla - ok
02:57:41.0062 0x0d68  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
02:57:41.0203 0x0d68  Npfs - ok
02:57:41.0234 0x0d68  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
02:57:41.0437 0x0d68  Ntfs - ok
02:57:41.0453 0x0d68  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
02:57:41.0593 0x0d68  NtLmSsp - ok
02:57:41.0640 0x0d68  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
02:57:41.0812 0x0d68  NtmsSvc - ok
02:57:41.0843 0x0d68  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
02:57:41.0984 0x0d68  Null - ok
02:57:42.0015 0x0d68  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
02:57:42.0171 0x0d68  NwlnkFlt - ok
02:57:42.0187 0x0d68  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
02:57:42.0343 0x0d68  NwlnkFwd - ok
02:57:42.0406 0x0d68  [ CA33832DF41AFB202EE7AEB05145922F, 9DD0089C2E13C7F81214C3B5A4A61276292052F9BBFEA7FCD0F6AA27815D5F95 ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
02:57:42.0546 0x0d68  ohci1394 - ok
02:57:42.0593 0x0d68  [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
02:57:42.0625 0x0d68  ose - ok
02:57:42.0656 0x0d68  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
02:57:42.0812 0x0d68  Parport - ok
02:57:42.0828 0x0d68  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
02:57:42.0968 0x0d68  PartMgr - ok
02:57:43.0015 0x0d68  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
02:57:43.0171 0x0d68  ParVdm - ok
02:57:43.0437 0x0d68  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
02:57:43.0609 0x0d68  PCI - ok
02:57:43.0625 0x0d68  PCIDump - ok
02:57:43.0640 0x0d68  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
02:57:43.0781 0x0d68  PCIIde - ok
02:57:43.0812 0x0d68  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
02:57:43.0953 0x0d68  Pcmcia - ok
02:57:43.0968 0x0d68  PDCOMP - ok
02:57:43.0968 0x0d68  PDFRAME - ok
02:57:43.0984 0x0d68  PDRELI - ok
02:57:44.0000 0x0d68  PDRFRAME - ok
02:57:44.0000 0x0d68  perc2 - ok
02:57:44.0015 0x0d68  perc2hib - ok
02:57:44.0062 0x0d68  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay        C:\WINDOWS\system32\services.exe
02:57:44.0093 0x0d68  PlugPlay - ok
02:57:44.0125 0x0d68  [ 9D84376931440F3679BEEF2A414FA493, C800227A67C3C10A26114DB54F5390D2A475D36BE65E87CB890A6819B0BB4884 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
02:57:44.0156 0x0d68  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
02:57:44.0156 0x0d68  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
02:57:44.0156 0x0d68  Force sending object to P2P due to detect: Pml Driver HPZ12
02:57:44.0171 0x0d68  Object send P2P result: false
02:57:44.0171 0x0d68  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
02:57:44.0312 0x0d68  PolicyAgent - ok
02:57:44.0359 0x0d68  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
02:57:44.0515 0x0d68  PptpMiniport - ok
02:57:44.0531 0x0d68  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
02:57:44.0671 0x0d68  ProtectedStorage - ok
02:57:44.0718 0x0d68  [ BFFDB363485501A38F0BCA83AEC810DB, FFD5DB5D5C2E088EE5E2A5F586A5DC0CC70E15DA811406465B4940FCE0B61B3A ] Ps2             C:\WINDOWS\system32\DRIVERS\PS2.sys
02:57:44.0765 0x0d68  Ps2 - ok
02:57:44.0828 0x0d68  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
02:57:45.0015 0x0d68  PSched - ok
02:57:45.0031 0x0d68  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
02:57:45.0187 0x0d68  Ptilink - ok
02:57:45.0203 0x0d68  [ 86724469CD077901706854974CD13C3E, 23C6B45928E43AC2893033DFC4265C2C87B3D185CB20553B9EAB818A46FB8C18 ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
02:57:45.0218 0x0d68  PxHelp20 - detected UnsignedFile.Multi.Generic ( 1 )
02:57:45.0218 0x0d68  PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
02:57:45.0218 0x0d68  Force sending object to P2P due to detect: PxHelp20
02:57:45.0218 0x0d68  Object send P2P result: false
02:57:45.0234 0x0d68  ql1080 - ok
02:57:45.0234 0x0d68  Ql10wnt - ok
02:57:45.0250 0x0d68  ql12160 - ok
02:57:45.0265 0x0d68  ql1240 - ok
02:57:45.0265 0x0d68  ql1280 - ok
02:57:45.0281 0x0d68  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
02:57:45.0421 0x0d68  RasAcd - ok
02:57:45.0468 0x0d68  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\WINDOWS\System32\rasauto.dll
02:57:45.0640 0x0d68  RasAuto - ok
02:57:45.0656 0x0d68  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
02:57:45.0796 0x0d68  Rasl2tp - ok
02:57:45.0859 0x0d68  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\WINDOWS\System32\rasmans.dll
02:57:46.0000 0x0d68  RasMan - ok
02:57:46.0015 0x0d68  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
02:57:46.0187 0x0d68  RasPppoe - ok
02:57:46.0203 0x0d68  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
02:57:46.0343 0x0d68  Raspti - ok
02:57:46.0375 0x0d68  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
02:57:46.0515 0x0d68  Rdbss - ok
02:57:46.0546 0x0d68  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
02:57:46.0687 0x0d68  RDPCDD - ok
02:57:46.0734 0x0d68  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
02:57:46.0890 0x0d68  rdpdr - ok
02:57:46.0937 0x0d68  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
02:57:47.0031 0x0d68  RDPWD - ok
02:57:47.0078 0x0d68  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
02:57:47.0234 0x0d68  RDSessMgr - ok
02:57:47.0281 0x0d68  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
02:57:47.0421 0x0d68  redbook - ok
02:57:47.0468 0x0d68  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
02:57:47.0609 0x0d68  RemoteAccess - ok
02:57:47.0625 0x0d68  [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
02:57:47.0765 0x0d68  RemoteRegistry - ok
02:57:47.0796 0x0d68  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\WINDOWS\system32\locator.exe
02:57:47.0953 0x0d68  RpcLocator - ok
02:57:47.0984 0x0d68  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs           C:\WINDOWS\system32\rpcss.dll
02:57:48.0046 0x0d68  RpcSs - ok
02:57:48.0109 0x0d68  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\system32\rsvp.exe
02:57:48.0296 0x0d68  RSVP - ok
02:57:48.0328 0x0d68  [ 7F0413BDD7D53EB4C7A371E7F6F84DF1, 41F9E4EC1204183C4D820AB1B764CC416ECF896BAAFA61DB8EB970BEE1BFEF18 ] RTL8023xp       C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys
02:57:48.0421 0x0d68  RTL8023xp - ok
02:57:48.0437 0x0d68  [ D507C1400284176573224903819FFDA3, DD0BDB2AB39A8A0A300B6D60FB6A7F5BA08C4DB8F59E0A784FB763EA8AD72AB2 ] rtl8139         C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
02:57:48.0515 0x0d68  rtl8139 - ok
02:57:48.0546 0x0d68  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\WINDOWS\system32\lsass.exe
02:57:48.0687 0x0d68  SamSs - ok
02:57:48.0796 0x0d68  [ BBEA4597A37B125C641808EE293BC024, 86F0FFBA4BF9D6E615A5E5279AB216003E86E639BB5DB10B9AEA415A51F2E015 ] SbieDrv         C:\Program Files\Sandboxie\SbieDrv.sys
02:57:48.0843 0x0d68  SbieDrv - ok
02:57:48.0906 0x0d68  [ E80A6EA16ECD1D6F16A5DBDFFC10F253, 646B1BA21FD520F4EBCA2B419FBBF4E51A24D787EC89EA9D2CF5DC6D752E0687 ] SbieSvc         C:\Program Files\Sandboxie\SbieSvc.exe
02:57:48.0937 0x0d68  SbieSvc - ok
02:57:48.0968 0x0d68  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
02:57:49.0125 0x0d68  SCardSvr - ok
02:57:49.0187 0x0d68  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
02:57:49.0359 0x0d68  Schedule - ok
02:57:49.0406 0x0d68  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
02:57:49.0546 0x0d68  Secdrv - ok
02:57:49.0562 0x0d68  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\WINDOWS\System32\seclogon.dll
02:57:49.0703 0x0d68  seclogon - ok
02:57:49.0718 0x0d68  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\WINDOWS\system32\sens.dll
02:57:49.0859 0x0d68  SENS - ok
02:57:49.0875 0x0d68  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] Serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
02:57:50.0015 0x0d68  Serenum - ok
02:57:50.0046 0x0d68  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
02:57:50.0203 0x0d68  Serial - ok
02:57:50.0250 0x0d68  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
02:57:50.0390 0x0d68  Sfloppy - ok
02:57:50.0468 0x0d68  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
02:57:50.0640 0x0d68  SharedAccess - ok
02:57:50.0671 0x0d68  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
02:57:50.0703 0x0d68  ShellHWDetection - ok
02:57:50.0718 0x0d68  Simbad - ok
02:57:50.0734 0x0d68  Sparrow - ok
02:57:50.0781 0x0d68  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
02:57:50.0921 0x0d68  splitter - ok
02:57:50.0984 0x0d68  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
02:57:51.0046 0x0d68  Spooler - ok
02:57:51.0078 0x0d68  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
02:57:51.0218 0x0d68  sr - ok
02:57:51.0281 0x0d68  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\WINDOWS\system32\srsvc.dll
02:57:51.0437 0x0d68  srservice - ok
02:57:51.0484 0x0d68  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
02:57:51.0562 0x0d68  Srv - ok
02:57:51.0609 0x0d68  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
02:57:51.0750 0x0d68  SSDPSRV - ok
02:57:51.0796 0x0d68  [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv          C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
02:57:51.0828 0x0d68  ssmdrv - ok
02:57:51.0859 0x0d68  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
02:57:52.0015 0x0d68  stisvc - ok
02:57:52.0062 0x0d68  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
02:57:52.0203 0x0d68  swenum - ok
02:57:52.0218 0x0d68  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
02:57:52.0359 0x0d68  swmidi - ok
02:57:52.0359 0x0d68  SwPrv - ok
02:57:52.0375 0x0d68  symc810 - ok
02:57:52.0390 0x0d68  symc8xx - ok
02:57:52.0406 0x0d68  sym_hi - ok
02:57:52.0406 0x0d68  sym_u3 - ok
02:57:52.0421 0x0d68  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
02:57:52.0593 0x0d68  sysaudio - ok
02:57:52.0625 0x0d68  [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
02:57:52.0812 0x0d68  SysmonLog - ok
02:57:52.0843 0x0d68  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
02:57:53.0000 0x0d68  TapiSrv - ok
02:57:53.0062 0x0d68  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
02:57:53.0125 0x0d68  Tcpip - ok
02:57:53.0171 0x0d68  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
02:57:53.0312 0x0d68  TDPIPE - ok
02:57:53.0343 0x0d68  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
02:57:53.0484 0x0d68  TDTCP - ok
02:57:53.0515 0x0d68  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
02:57:53.0656 0x0d68  TermDD - ok
02:57:53.0718 0x0d68  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService     C:\WINDOWS\System32\termsrv.dll
02:57:53.0875 0x0d68  TermService - ok
02:57:53.0906 0x0d68  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes          C:\WINDOWS\System32\shsvcs.dll
02:57:53.0921 0x0d68  Themes - ok
02:57:53.0968 0x0d68  [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
02:57:54.0109 0x0d68  TlntSvr - ok
02:57:54.0109 0x0d68  TosIde - ok
02:57:54.0140 0x0d68  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
02:57:54.0312 0x0d68  TrkWks - ok
02:57:54.0343 0x0d68  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
02:57:54.0484 0x0d68  Udfs - ok
02:57:54.0500 0x0d68  ultra - ok
02:57:54.0515 0x0d68  [ AB0A7CA90D9E3D6A193905DC1715DED0, CA764A2B92E727E3398134CD50D5622B4EC387436A3644063DA1D114CE63BD64 ] UMWdf           C:\WINDOWS\system32\wdfmgr.exe
02:57:54.0593 0x0d68  UMWdf - ok
02:57:54.0671 0x0d68  [ BB879DCFD22926EFBEB3298129898CBB, 2A24E6CD5D6E0CEA3082C0699A2371084CC1268B31BC714098EA0D0C11B3AFAC ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
02:57:54.0687 0x0d68  UnlockerDriver5 - detected UnsignedFile.Multi.Generic ( 1 )
02:57:54.0687 0x0d68  UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - warning
02:57:54.0750 0x0d68  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
02:57:54.0953 0x0d68  Update - ok
02:57:55.0000 0x0d68  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        C:\WINDOWS\System32\upnphost.dll
02:57:55.0156 0x0d68  upnphost - ok
02:57:55.0171 0x0d68  [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             C:\WINDOWS\System32\ups.exe
02:57:55.0312 0x0d68  UPS - ok
02:57:55.0359 0x0d68  [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
02:57:55.0453 0x0d68  usbccgp - ok
02:57:55.0468 0x0d68  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
02:57:55.0500 0x0d68  usbehci - ok
02:57:55.0546 0x0d68  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
02:57:55.0687 0x0d68  usbhub - ok
02:57:55.0718 0x0d68  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
02:57:55.0875 0x0d68  usbprint - ok
02:57:55.0890 0x0d68  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
02:57:56.0046 0x0d68  USBSTOR - ok
02:57:56.0078 0x0d68  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
02:57:56.0234 0x0d68  usbuhci - ok
02:57:56.0250 0x0d68  VClone - ok
02:57:56.0265 0x0d68  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
02:57:56.0406 0x0d68  VgaSave - ok
02:57:56.0421 0x0d68  [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2BCDD739CA58CA9 ] ViaIde          C:\WINDOWS\system32\DRIVERS\viaide.sys
02:57:56.0562 0x0d68  ViaIde - ok
02:57:56.0578 0x0d68  [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
02:57:56.0703 0x0d68  VolSnap - ok
02:57:56.0750 0x0d68  [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             C:\WINDOWS\System32\vssvc.exe
02:57:56.0921 0x0d68  VSS - ok
02:57:56.0953 0x0d68  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time         C:\WINDOWS\system32\w32time.dll
02:57:57.0125 0x0d68  W32Time - ok
02:57:57.0171 0x0d68  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
02:57:57.0312 0x0d68  Wanarp - ok
02:57:57.0328 0x0d68  WDICA - ok
02:57:57.0375 0x0d68  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
02:57:57.0515 0x0d68  wdmaud - ok
02:57:57.0562 0x0d68  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       C:\WINDOWS\System32\webclnt.dll
02:57:57.0703 0x0d68  WebClient - ok
02:57:57.0812 0x0d68  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
02:57:57.0984 0x0d68  winmgmt - ok
02:57:58.0046 0x0d68  [ 140EF97B64F560FD78643CAE2CDAD838, 1DEA8005220A3EFEC6E32A7DE4386026CCC1E5328E2FDCB82B1FB335905D1962 ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
02:57:58.0093 0x0d68  WmdmPmSN - ok
02:57:58.0156 0x0d68  [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi             C:\WINDOWS\System32\advapi32.dll
02:57:58.0218 0x0d68  Wmi - ok
02:57:58.0296 0x0d68  [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
02:57:58.0453 0x0d68  WmiApSrv - ok
02:57:58.0578 0x0d68  [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
02:57:58.0625 0x0d68  WPFFontCache_v0400 - ok
02:57:58.0671 0x0d68  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
02:57:58.0828 0x0d68  wscsvc - ok
02:57:58.0859 0x0d68  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
02:57:59.0000 0x0d68  wuauserv - ok
02:57:59.0078 0x0d68  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
02:57:59.0234 0x0d68  WZCSVC - ok
02:57:59.0281 0x0d68  [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
02:57:59.0453 0x0d68  xmlprov - ok
02:57:59.0468 0x0d68  ================ Scan global ===============================
02:57:59.0515 0x0d68  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
02:57:59.0562 0x0d68  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
02:57:59.0593 0x0d68  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
02:57:59.0640 0x0d68  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
02:57:59.0640 0x0d68  [ Global ] - ok
02:57:59.0640 0x0d68  ================ Scan MBR ==================================
02:57:59.0656 0x0d68  [ 0AC6D996BCE152AED9600E6D6B797E2E ] \Device\Harddisk0\DR0
02:58:00.0593 0x0d68  \Device\Harddisk0\DR0 - ok
02:58:00.0593 0x0d68  ================ Scan VBR ==================================
02:58:00.0593 0x0d68  [ F0FFB77DCB91099AC1DD8F8C89C6C16D ] \Device\Harddisk0\DR0\Partition1
02:58:00.0609 0x0d68  \Device\Harddisk0\DR0\Partition1 - ok
02:58:00.0609 0x0d68  [ A66ADCE9276395FCED02804CA9CACE32 ] \Device\Harddisk0\DR0\Partition2
02:58:00.0640 0x0d68  \Device\Harddisk0\DR0\Partition2 - ok
02:58:00.0640 0x0d68  ================ Scan active images ========================
02:58:00.0640 0x0d68  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] C:\WINDOWS\system32\drivers\intelppm.sys
02:58:00.0640 0x0d68  C:\WINDOWS\system32\drivers\intelppm.sys - ok
02:58:00.0656 0x0d68  [ E28726B72C46821A28830E077D39A55B, 66BE8A1055544C8CEBB7125726C1C306A026F3A1764589FCDDF3792076AF891F ] C:\WINDOWS\system32\drivers\videoprt.sys
02:58:00.0656 0x0d68  C:\WINDOWS\system32\drivers\videoprt.sys - ok
02:58:00.0656 0x0d68  [ 4007984827E19E6A5B6FAF8532EAEFBA, 7D0A4B5C88C46C68F52D3293CB18077EB582131E2BF28BF4ACE700949B7188CB ] C:\WINDOWS\system32\drivers\ialmnt5.sys
02:58:00.0656 0x0d68  C:\WINDOWS\system32\drivers\ialmnt5.sys - ok
02:58:00.0671 0x0d68  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] C:\WINDOWS\system32\drivers\hdaudbus.sys
02:58:00.0671 0x0d68  C:\WINDOWS\system32\drivers\hdaudbus.sys - ok
02:58:00.0671 0x0d68  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] C:\WINDOWS\system32\drivers\usbehci.sys
02:58:00.0671 0x0d68  C:\WINDOWS\system32\drivers\usbehci.sys - ok
02:58:00.0687 0x0d68  [ 6DF35CA139C3BC15CC74390ABB114EFE, 5401724E49243625C43B3F9032E592EF43605C2510E809C1D318A7792AB9FBBA ] C:\WINDOWS\system32\drivers\usbport.sys
02:58:00.0687 0x0d68  C:\WINDOWS\system32\drivers\usbport.sys - ok
02:58:00.0687 0x0d68  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] C:\WINDOWS\system32\drivers\usbuhci.sys
02:58:00.0687 0x0d68  C:\WINDOWS\system32\drivers\usbuhci.sys - ok
02:58:00.0687 0x0d68  [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] C:\WINDOWS\system32\drivers\nic1394.sys
02:58:00.0687 0x0d68  C:\WINDOWS\system32\drivers\nic1394.sys - ok
02:58:00.0703 0x0d68  [ 7F0413BDD7D53EB4C7A371E7F6F84DF1, 41F9E4EC1204183C4D820AB1B764CC416ECF896BAAFA61DB8EB970BEE1BFEF18 ] C:\WINDOWS\system32\drivers\Rtlnicxp.sys
02:58:00.0703 0x0d68  C:\WINDOWS\system32\drivers\Rtlnicxp.sys - ok
02:58:00.0703 0x0d68  [ 0753515F78DF7F271A5E61C20BCD36A1, A8D600CD0C592DFB875DE2D4F1AEDB207B80A43CF724051B6552BB6E539E9AFC ] C:\WINDOWS\system32\drivers\ks.sys
02:58:00.0703 0x0d68  C:\WINDOWS\system32\drivers\ks.sys - ok
02:58:00.0718 0x0d68  [ 34F27C7D71F1C49C7D3857F28B42F544, C307405BC92E174BF696F9A5EC844A95AD983AE2C4223C89F445D89A3361A232 ] C:\WINDOWS\system32\drivers\AGRSM.sys
02:58:00.0718 0x0d68  C:\WINDOWS\system32\drivers\AGRSM.sys - ok
02:58:00.0718 0x0d68  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] C:\WINDOWS\system32\drivers\modem.sys
02:58:00.0718 0x0d68  C:\WINDOWS\system32\drivers\modem.sys - ok
02:58:00.0734 0x0d68  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] C:\WINDOWS\system32\drivers\parport.sys
02:58:00.0734 0x0d68  C:\WINDOWS\system32\drivers\parport.sys - ok
02:58:00.0734 0x0d68  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] C:\WINDOWS\system32\drivers\i8042prt.sys
02:58:00.0734 0x0d68  C:\WINDOWS\system32\drivers\i8042prt.sys - ok
02:58:00.0750 0x0d68  [ 1DB7405CB11CA52F22C911AE9935EEE1, 4C009416862283D600557DC277CF66BD630A96543C24BF8E215675DA53102C5F ] C:\WINDOWS\system32\drivers\keyscrambler.sys
02:58:00.0750 0x0d68  C:\WINDOWS\system32\drivers\keyscrambler.sys - ok
02:58:00.0750 0x0d68  [ BFFDB363485501A38F0BCA83AEC810DB, FFD5DB5D5C2E088EE5E2A5F586A5DC0CC70E15DA811406465B4940FCE0B61B3A ] C:\WINDOWS\system32\drivers\PS2.sys
02:58:00.0750 0x0d68  C:\WINDOWS\system32\drivers\PS2.sys - ok
02:58:00.0765 0x0d68  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] C:\WINDOWS\system32\drivers\cdrom.sys
02:58:00.0765 0x0d68  C:\WINDOWS\system32\drivers\cdrom.sys - ok
02:58:00.0765 0x0d68  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] C:\WINDOWS\system32\drivers\imapi.sys
02:58:00.0765 0x0d68  C:\WINDOWS\system32\drivers\imapi.sys - ok
02:58:00.0765 0x0d68  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] C:\WINDOWS\system32\drivers\kbdclass.sys
02:58:00.0765 0x0d68  C:\WINDOWS\system32\drivers\kbdclass.sys - ok
02:58:00.0781 0x0d68  [ 455F778EE14368468560BD7CB8C854D0, 06FAED65D9949BBD98A4DA8ECE5B24C08646EB6C4E09D84CD32A474B206B180C ] C:\WINDOWS\system32\drivers\fsvga.sys
02:58:00.0781 0x0d68  C:\WINDOWS\system32\drivers\fsvga.sys - ok
02:58:00.0781 0x0d68  [ 6F55305289A0765BD8AE8E8D32F17117, E9AE6270C03CA8C876234723FB087F63A04E1B07028B578EE8D75886736ACD35 ] C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
02:58:00.0781 0x0d68  C:\WINDOWS\system32\drivers\GEARAspiWDM.sys - ok
02:58:00.0796 0x0d68  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] C:\WINDOWS\system32\drivers\redbook.sys
02:58:00.0796 0x0d68  C:\WINDOWS\system32\drivers\redbook.sys - ok
02:58:00.0796 0x0d68  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] C:\WINDOWS\system32\drivers\audstub.sys
02:58:00.0796 0x0d68  C:\WINDOWS\system32\drivers\audstub.sys - ok
02:58:00.0812 0x0d68  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] C:\WINDOWS\system32\drivers\ndistapi.sys
02:58:00.0812 0x0d68  C:\WINDOWS\system32\drivers\ndistapi.sys - ok
02:58:00.0812 0x0d68  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] C:\WINDOWS\system32\drivers\ndiswan.sys
02:58:00.0812 0x0d68  C:\WINDOWS\system32\drivers\ndiswan.sys - ok
02:58:00.0828 0x0d68  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] C:\WINDOWS\system32\drivers\rasl2tp.sys
02:58:00.0828 0x0d68  C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
02:58:00.0828 0x0d68  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] C:\WINDOWS\system32\drivers\raspppoe.sys
02:58:00.0828 0x0d68  C:\WINDOWS\system32\drivers\raspppoe.sys - ok
02:58:00.0828 0x0d68  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] C:\WINDOWS\system32\drivers\raspptp.sys
02:58:00.0828 0x0d68  C:\WINDOWS\system32\drivers\raspptp.sys - ok
02:58:00.0843 0x0d68  [ 0539D5E53587F82D1B4FD74C5BE205CF, 9C578FC46AC3B8260258B83C89A33C3D7990B365D7708AEF2296CD235C7D301A ] C:\WINDOWS\system32\drivers\tdi.sys
02:58:00.0843 0x0d68  C:\WINDOWS\system32\drivers\tdi.sys - ok
02:58:00.0843 0x0d68  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] C:\WINDOWS\system32\drivers\msgpc.sys
02:58:00.0843 0x0d68  C:\WINDOWS\system32\drivers\msgpc.sys - ok
02:58:00.0859 0x0d68  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] C:\WINDOWS\system32\drivers\psched.sys
02:58:00.0859 0x0d68  C:\WINDOWS\system32\drivers\psched.sys - ok
02:58:00.0859 0x0d68  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] C:\WINDOWS\system32\drivers\ptilink.sys
02:58:00.0859 0x0d68  C:\WINDOWS\system32\drivers\ptilink.sys - ok
02:58:00.0875 0x0d68  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] C:\WINDOWS\system32\drivers\raspti.sys
02:58:00.0875 0x0d68  C:\WINDOWS\system32\drivers\raspti.sys - ok
02:58:00.0875 0x0d68  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] C:\WINDOWS\system32\drivers\rdpdr.sys
02:58:00.0875 0x0d68  C:\WINDOWS\system32\drivers\rdpdr.sys - ok
02:58:00.0890 0x0d68  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] C:\WINDOWS\system32\drivers\mouclass.sys
02:58:00.0890 0x0d68  C:\WINDOWS\system32\drivers\mouclass.sys - ok
02:58:00.0890 0x0d68  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] C:\WINDOWS\system32\drivers\swenum.sys
02:58:00.0890 0x0d68  C:\WINDOWS\system32\drivers\swenum.sys - ok
02:58:00.0890 0x0d68  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] C:\WINDOWS\system32\drivers\termdd.sys
02:58:00.0890 0x0d68  C:\WINDOWS\system32\drivers\termdd.sys - ok
02:58:00.0906 0x0d68  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] C:\WINDOWS\system32\drivers\update.sys
02:58:00.0906 0x0d68  C:\WINDOWS\system32\drivers\update.sys - ok
02:58:00.0906 0x0d68  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] C:\WINDOWS\system32\drivers\mssmbios.sys
02:58:00.0906 0x0d68  C:\WINDOWS\system32\drivers\mssmbios.sys - ok
02:58:00.0921 0x0d68  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] C:\WINDOWS\system32\drivers\ndproxy.sys
02:58:00.0921 0x0d68  C:\WINDOWS\system32\drivers\ndproxy.sys - ok
02:58:00.0921 0x0d68  [ 6CB08593487F5701D2D2254E693EAFCE, 0518A1FC540C036E6864DA8C01CADE043D4F897D7FCF8C61352865131DEB7414 ] C:\WINDOWS\system32\drivers\drmk.sys
02:58:00.0921 0x0d68  C:\WINDOWS\system32\drivers\drmk.sys - ok
02:58:00.0937 0x0d68  [ E82A496C3961EFC6828B508C310CE98F, E142A0809525B34A376B3063B07B8822930056BBCB886B7CF1D7585BCEC371A0 ] C:\WINDOWS\system32\drivers\portcls.sys
02:58:00.0937 0x0d68  C:\WINDOWS\system32\drivers\portcls.sys - ok
02:58:00.0937 0x0d68  [ D87FFA95D630EC8D1482CA25C454846A, 7CA5C18A7A74040F921C0985882102709629EFDFB2107931EBB5D4A478EA6B5F ] C:\WINDOWS\system32\drivers\RtkHDAud.sys
02:58:00.0937 0x0d68  C:\WINDOWS\system32\drivers\RtkHDAud.sys - ok
02:58:00.0937 0x0d68  [ 04FE5EF6ED4818EC4839EA5C611A6310, 666479AF6789FC5DF2EA8D4B6216FDA9A4998D252F95BD003619D9376B1DC9E7 ] C:\WINDOWS\system32\drivers\usbd.sys
02:58:00.0937 0x0d68  C:\WINDOWS\system32\drivers\usbd.sys - ok
02:58:00.0953 0x0d68  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] C:\WINDOWS\system32\drivers\usbhub.sys
02:58:00.0953 0x0d68  C:\WINDOWS\system32\drivers\usbhub.sys - ok
02:58:00.0953 0x0d68  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] C:\WINDOWS\system32\drivers\sfloppy.sys
02:58:00.0953 0x0d68  C:\WINDOWS\system32\drivers\sfloppy.sys - ok
02:58:00.0968 0x0d68  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] C:\WINDOWS\system32\drivers\cdaudio.sys
02:58:00.0968 0x0d68  C:\WINDOWS\system32\drivers\cdaudio.sys - ok
02:58:00.0968 0x0d68  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] C:\WINDOWS\system32\drivers\beep.sys
02:58:00.0968 0x0d68  C:\WINDOWS\system32\drivers\beep.sys - ok
02:58:00.0984 0x0d68  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] C:\WINDOWS\system32\drivers\fs_rec.sys
02:58:00.0984 0x0d68  C:\WINDOWS\system32\drivers\fs_rec.sys - ok
02:58:00.0984 0x0d68  [ C569EF030B11F896E123A30AC92678DB, F851E99B968BBAB82E3B0D1D2F985AEE1EAD10C3BBACDD02BAB2ACEE57CB048A ] C:\WINDOWS\system32\drivers\hidparse.sys
02:58:00.0984 0x0d68  C:\WINDOWS\system32\drivers\hidparse.sys - ok
02:58:01.0000 0x0d68  [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] C:\WINDOWS\system32\drivers\kbdhid.sys
02:58:01.0000 0x0d68  C:\WINDOWS\system32\drivers\kbdhid.sys - ok
02:58:01.0000 0x0d68  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] C:\WINDOWS\system32\drivers\null.sys
02:58:01.0000 0x0d68  C:\WINDOWS\system32\drivers\null.sys - ok
02:58:01.0000 0x0d68  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] C:\WINDOWS\system32\drivers\mnmdd.sys
02:58:01.0000 0x0d68  C:\WINDOWS\system32\drivers\mnmdd.sys - ok
02:58:01.0015 0x0d68  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] C:\WINDOWS\system32\drivers\vga.sys
02:58:01.0015 0x0d68  C:\WINDOWS\system32\drivers\vga.sys - ok
02:58:01.0015 0x0d68  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] C:\WINDOWS\system32\drivers\msfs.sys
02:58:01.0015 0x0d68  C:\WINDOWS\system32\drivers\msfs.sys - ok
02:58:01.0031 0x0d68  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] C:\WINDOWS\system32\drivers\npfs.sys
02:58:01.0031 0x0d68  C:\WINDOWS\system32\drivers\npfs.sys - ok
02:58:01.0031 0x0d68  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] C:\WINDOWS\system32\drivers\rasacd.sys
02:58:01.0031 0x0d68  C:\WINDOWS\system32\drivers\rasacd.sys - ok
02:58:01.0046 0x0d68  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] C:\WINDOWS\system32\drivers\rdpcdd.sys
02:58:01.0046 0x0d68  C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
02:58:01.0046 0x0d68  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] C:\WINDOWS\system32\drivers\ipsec.sys
02:58:01.0046 0x0d68  C:\WINDOWS\system32\drivers\ipsec.sys - ok
02:58:01.0062 0x0d68  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] C:\WINDOWS\system32\drivers\tcpip.sys
02:58:01.0062 0x0d68  C:\WINDOWS\system32\drivers\tcpip.sys - ok
02:58:01.0062 0x0d68  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] C:\WINDOWS\system32\drivers\ipnat.sys
02:58:01.0062 0x0d68  C:\WINDOWS\system32\drivers\ipnat.sys - ok
02:58:01.0078 0x0d68  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] C:\WINDOWS\system32\drivers\netbt.sys
02:58:01.0078 0x0d68  C:\WINDOWS\system32\drivers\netbt.sys - ok
02:58:01.0078 0x0d68  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] C:\WINDOWS\system32\drivers\afd.sys
02:58:01.0078 0x0d68  C:\WINDOWS\system32\drivers\afd.sys - ok
02:58:01.0078 0x0d68  [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] C:\WINDOWS\system32\drivers\arp1394.sys
02:58:01.0078 0x0d68  C:\WINDOWS\system32\drivers\arp1394.sys - ok
02:58:01.0093 0x0d68  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] C:\WINDOWS\system32\drivers\netbios.sys
02:58:01.0093 0x0d68  C:\WINDOWS\system32\drivers\netbios.sys - ok
02:58:01.0093 0x0d68  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] C:\WINDOWS\system32\drivers\wanarp.sys
02:58:01.0093 0x0d68  C:\WINDOWS\system32\drivers\wanarp.sys - ok
02:58:01.0109 0x0d68  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] C:\WINDOWS\system32\drivers\rdbss.sys
02:58:01.0109 0x0d68  C:\WINDOWS\system32\drivers\rdbss.sys - ok
02:58:01.0109 0x0d68  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] C:\WINDOWS\system32\drivers\serial.sys
02:58:01.0109 0x0d68  C:\WINDOWS\system32\drivers\serial.sys - ok
02:58:01.0125 0x0d68  [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] C:\WINDOWS\system32\drivers\ssmdrv.sys
02:58:01.0125 0x0d68  C:\WINDOWS\system32\drivers\ssmdrv.sys - ok
02:58:01.0125 0x0d68  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
02:58:01.0125 0x0d68  C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
02:58:01.0140 0x0d68  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] C:\WINDOWS\system32\drivers\fips.sys
02:58:01.0140 0x0d68  C:\WINDOWS\system32\drivers\fips.sys - ok
02:58:01.0140 0x0d68  [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] C:\WINDOWS\system32\drivers\avkmgr.sys
02:58:01.0140 0x0d68  C:\WINDOWS\system32\drivers\avkmgr.sys - ok
02:58:01.0156 0x0d68  [ A5674637BCA212D9FE136ADFA04C9857, 95F3632EBB041C539816D285EBE1F379D46A4187379C69D4683D9F4DECBDB80C ] C:\WINDOWS\system32\drivers\avipbb.sys
02:58:01.0156 0x0d68  C:\WINDOWS\system32\drivers\avipbb.sys - ok
02:58:01.0156 0x0d68  [ F8F0D25CA553E39DDE485D8FC7FCCE89, 54DF909101AAEC63234A5C33B51D6689FEF58B943942BFFA9606864F43EC1085 ] C:\WINDOWS\system32\ntdll.dll
02:58:01.0156 0x0d68  C:\WINDOWS\system32\ntdll.dll - ok
02:58:01.0156 0x0d68  [ 5F816C1F539266D2D4C78694239DA0B5, 10BFCCF4EFFC3813A563D528DC5464827BEF10AE21D6B9C1138930228E7047D1 ] C:\WINDOWS\system32\smss.exe
02:58:01.0156 0x0d68  C:\WINDOWS\system32\smss.exe - ok
02:58:01.0171 0x0d68  [ 23043C91A0F9DFB4B9E9F87B680863B4, 318A6F6DB4A1EDE7D3758E324350EA852449ABD2A7BB77004FBC403CF9FFB08B ] C:\WINDOWS\system32\autochk.exe
02:58:01.0171 0x0d68  C:\WINDOWS\system32\autochk.exe - ok
02:58:01.0171 0x0d68  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] C:\WINDOWS\system32\drivers\fastfat.sys
02:58:01.0171 0x0d68  C:\WINDOWS\system32\drivers\fastfat.sys - ok
02:58:01.0187 0x0d68  [ 1AF592532532A402ED7C060F6954004F, 84A55432A7FBBD1B84FF8DD1BD84266747E4A88297BDAA84AAD12F13B848BFF2 ] C:\WINDOWS\system32\drivers\hidclass.sys
02:58:01.0187 0x0d68  C:\WINDOWS\system32\drivers\hidclass.sys - ok
02:58:01.0187 0x0d68  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] C:\WINDOWS\system32\drivers\hidusb.sys
02:58:01.0187 0x0d68  C:\WINDOWS\system32\drivers\hidusb.sys - ok
02:58:01.0187 0x0d68  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] C:\WINDOWS\system32\drivers\mouhid.sys
02:58:01.0187 0x0d68  C:\WINDOWS\system32\drivers\mouhid.sys - ok
02:58:01.0203 0x0d68  [ 9DD07AF82244867CA36681EA2D29CE79, 84926A50CB38C322D1CDFD4C0D5F8FFE3B2EF3080B3401F5D5AE8CBD0A719685 ] C:\WINDOWS\system32\sfcfiles.dll
02:58:01.0203 0x0d68  C:\WINDOWS\system32\sfcfiles.dll - ok
02:58:01.0203 0x0d68  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] C:\WINDOWS\system32\drivers\usbstor.sys
02:58:01.0203 0x0d68  C:\WINDOWS\system32\drivers\usbstor.sys - ok
02:58:01.0218 0x0d68  [ 2F31B7F954BED437F2C75026C65CAF7B, 1F8D6CBB01AD403BC89D1E987012E2F63CDFD9C49F402F358B64B31C13E4DD14 ] C:\WINDOWS\system32\drivers\wmilib.sys
02:58:01.0218 0x0d68  C:\WINDOWS\system32\drivers\wmilib.sys - ok
02:58:01.0218 0x0d68  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] C:\WINDOWS\system32\drivers\atapi.sys
02:58:01.0218 0x0d68  C:\WINDOWS\system32\drivers\atapi.sys - ok
02:58:01.0234 0x0d68  [ FE97D0343ACFDEBDD578FC67CC91FA87, FE26FBA13079189EF96A1C994036EA472A4BF34FA14C163C693AD481BF31E676 ] C:\WINDOWS\system32\drivers\dxapi.sys
02:58:01.0234 0x0d68  C:\WINDOWS\system32\drivers\dxapi.sys - ok
02:58:01.0234 0x0d68  [ 9A10AACBFDC4922715375FB4065EC930, E407953587C04F75DDB163420A5121FF520D31F74753D452E316042C42D360CF ] C:\WINDOWS\system32\watchdog.sys
02:58:01.0234 0x0d68  C:\WINDOWS\system32\watchdog.sys - ok
02:58:01.0234 0x0d68  [ 80AAA73D56272FD54DC6DE8643D10E9F, 0DC91699D5AF322C78AF7783CF3D55A1F561219EE32DC8DA186F2255704D52FC ] C:\WINDOWS\system32\win32k.sys
02:58:01.0234 0x0d68  C:\WINDOWS\system32\win32k.sys - ok
02:58:01.0250 0x0d68  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
02:58:01.0250 0x0d68  C:\WINDOWS\system32\basesrv.dll - ok
02:58:01.0250 0x0d68  [ DD40363ABAD230A84C5E2178B11EFA88, E4B406C0B10686CF245EC0053A03424CE1FB8AC7FB3545525F13BB3BC5086FF1 ] C:\WINDOWS\system32\csrsrv.dll
02:58:01.0250 0x0d68  C:\WINDOWS\system32\csrsrv.dll - ok
02:58:01.0265 0x0d68  [ 44F275C64738EA2056E3D9580C23B60F, 5D4B7306E71A44440E7F0B32A373AEC120C01B69F87756589E39EB85C40CD742 ] C:\WINDOWS\system32\csrss.exe
02:58:01.0265 0x0d68  C:\WINDOWS\system32\csrss.exe - ok
02:58:01.0265 0x0d68  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
02:58:01.0265 0x0d68  C:\WINDOWS\system32\winsrv.dll - ok
02:58:01.0281 0x0d68  [ AFFE0B7126A86603D3F49A19A5B7DC46, 63C91B4726F583C1DC1B3F26CC8DC39C519401CF0005F223EE17A363BDBEA22F ] C:\WINDOWS\system32\gdi32.dll
02:58:01.0281 0x0d68  C:\WINDOWS\system32\gdi32.dll - ok
02:58:01.0281 0x0d68  [ 4A45B692D2BAA74124DF57472D5EA2F1, DFC6B595BBADFEF4930CCCF48E9FE55551CF0891571257E3E0A0DE328077A89B ] C:\WINDOWS\system32\kernel32.dll
02:58:01.0281 0x0d68  C:\WINDOWS\system32\kernel32.dll - ok
02:58:01.0281 0x0d68  [ B26B135FF1B9F60C9388B4A7D16F600B, ACD0AE7B4D5F871E148276C6CC4AE3A216E33F67FC78D827C16986E1F945438C ] C:\WINDOWS\system32\user32.dll
02:58:01.0281 0x0d68  C:\WINDOWS\system32\user32.dll - ok
02:58:01.0296 0x0d68  [ 012DF358CEBAA23ACB26D82077820817, FEDD177BD4F0EB589E23AEE20FA9492FA4824478B34B46377C43E3A12F8A96D8 ] C:\WINDOWS\system32\lpk.dll
02:58:01.0296 0x0d68  C:\WINDOWS\system32\lpk.dll - ok
02:58:01.0296 0x0d68  [ 1D845821F5ADB076831DE4C2818F858B, 5F1F18042E6B16BC149F2B0F22ECE3D3668E846C843F016D33C9E6C60E2D64C6 ] C:\WINDOWS\system32\usp10.dll
02:58:01.0296 0x0d68  C:\WINDOWS\system32\usp10.dll - ok
02:58:01.0312 0x0d68  [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] C:\WINDOWS\system32\advapi32.dll
02:58:01.0312 0x0d68  C:\WINDOWS\system32\advapi32.dll - ok
02:58:01.0312 0x0d68  [ 44C164B34A72F29087ECA32411F2ED44, 112761CCEFE8F4B936AC58FF1F13589C0DBA3BE1AC348584D874B65DAB1EDED6 ] C:\WINDOWS\system32\rpcrt4.dll
02:58:01.0312 0x0d68  C:\WINDOWS\system32\rpcrt4.dll - ok
02:58:01.0312 0x0d68  [ AC7280566A7BB85CB3291F04DDC1198E, 7640BC4C28B5D5167A10C4B0DA0FC8C7A255334D4BA11FD3E28A697A5B58583C ] C:\WINDOWS\system32\drivers\dxg.sys
02:58:01.0312 0x0d68  C:\WINDOWS\system32\drivers\dxg.sys - ok
02:58:01.0328 0x0d68  [ A73F5D6705B1D820C19B18782E176EFD, C36486504C3A596FDCA487143F6D3B43C0BEE01321F6F1F3071976556533C419 ] C:\WINDOWS\system32\drivers\dxgthk.sys
02:58:01.0328 0x0d68  C:\WINDOWS\system32\drivers\dxgthk.sys - ok
02:58:01.0328 0x0d68  [ 5357826C8A8DD6A07F17C48BB45BE46E, E081B04F8C8A31951A0ADEC889E6CA4DEED5FF738446D5A5614B11B113000BCA ] C:\WINDOWS\system32\secur32.dll
02:58:01.0328 0x0d68  C:\WINDOWS\system32\secur32.dll - ok
02:58:01.0343 0x0d68  [ 6CF9A1903F8FE3F362F5C0A0CF528D56, CC596CAFB638F5EDB53EA17A9C74A54A79AED394BCF02CDD18AAA56446818818 ] C:\WINDOWS\system32\ialmdnt5.dll
02:58:01.0343 0x0d68  C:\WINDOWS\system32\ialmdnt5.dll - ok
02:58:01.0343 0x0d68  [ 328A02C795EDFAC2794C9D6CD239F6CC, E4CD99915CB12204AB4E86402938B15409676DB699E5608461907EAE11290122 ] C:\WINDOWS\system32\ialmrnt5.dll
02:58:01.0343 0x0d68  C:\WINDOWS\system32\ialmrnt5.dll - ok
02:58:01.0359 0x0d68  [ ECB7591870F8BFB1A4C17B718AD5A4AA, 67E8D218F107F78F9C62999F560E47AEC799E4B4DC4AB3EBC0DC61670BFE3E3D ] C:\WINDOWS\system32\vga.dll
02:58:01.0359 0x0d68  C:\WINDOWS\system32\vga.dll - ok
02:58:01.0359 0x0d68  [ 135024654370523B551CEE7C63588C22, F5E37C841A755F31799605137125E3BADAC896AD28D41896ABAC06B7FB5E5CA7 ] C:\WINDOWS\system32\ialmdev5.dll
02:58:01.0359 0x0d68  C:\WINDOWS\system32\ialmdev5.dll - ok
02:58:01.0375 0x0d68  [ D579B3AB8C18480088244DB1C2BE9D14, 90C8678FF9AA05DC08227DDF0CE0DF949431BB3CC22DDBDFD5DC3F5D4EFED079 ] C:\WINDOWS\system32\ialmdd5.dll
02:58:01.0375 0x0d68  C:\WINDOWS\system32\ialmdd5.dll - ok
02:58:01.0375 0x0d68  [ ED0EF0A136DEC83DF69F04118870003E, 45377CB8E9F0120F836FC8261C711F7DBF7199117AFB3652EBF100D5F0429B1E ] C:\WINDOWS\system32\winlogon.exe
02:58:01.0375 0x0d68  C:\WINDOWS\system32\winlogon.exe - ok
02:58:01.0375 0x0d68  [ 714705F29A917993536A6AB2DEDB0B7F, 5C3EA97044A7AF8027000DFA40901C0097EC935A7149C0A46AA2C6A2F9FD6CC1 ] C:\WINDOWS\system32\authz.dll
02:58:01.0375 0x0d68  C:\WINDOWS\system32\authz.dll - ok
02:58:01.0390 0x0d68  [ 355EDBB4D412B01F1740C17E3F50FA00, 8619D345C864CD8EA704EFAA0A391F5F31AA56BB6D30F62FC60F465873CC1BF9 ] C:\WINDOWS\system32\msvcrt.dll
02:58:01.0390 0x0d68  C:\WINDOWS\system32\msvcrt.dll - ok
02:58:01.0390 0x0d68  [ 636DF3FF20A1B69B3F9D21325E7115C7, 6B38CF96E92273995F40B6D7029D20B4041342D6EDD5B6CA73967A401823D4F5 ] C:\WINDOWS\system32\crypt32.dll
02:58:01.0390 0x0d68  C:\WINDOWS\system32\crypt32.dll - ok
02:58:01.0406 0x0d68  [ 04D898830DF96A17A20FD35D7590F87E, 09C75D1D434FF6BBE9B3F5E0A8E63944ACB34E364C4A89676DED2204DBD1AEF5 ] C:\WINDOWS\system32\msasn1.dll
02:58:01.0406 0x0d68  C:\WINDOWS\system32\msasn1.dll - ok
02:58:01.0406 0x0d68  [ 013C1148C1EC025596896E093F60F608, E19D20E0852372ED7DA66939E995F8F7ECC52ED5B650E8B833944788C0A34F61 ] C:\WINDOWS\system32\nddeapi.dll
02:58:01.0406 0x0d68  C:\WINDOWS\system32\nddeapi.dll - ok
02:58:01.0406 0x0d68  [ FCFA1C55971CC229D353B3A15ACCD995, 6C21D6EAD676AF8C100666261CE7AA5AA86671883B78092AD61008234C96BBBA ] C:\WINDOWS\system32\profmap.dll
02:58:01.0406 0x0d68  C:\WINDOWS\system32\profmap.dll - ok
02:58:01.0421 0x0d68  [ CAC752BF84DB4666ED3CE0948E6EA937, C84F9D57C076DE6ACC1720B66147D0CA963C65714593FAFD7FB1FE1F01CC464B ] C:\WINDOWS\system32\netapi32.dll
02:58:01.0421 0x0d68  C:\WINDOWS\system32\netapi32.dll - ok
02:58:01.0421 0x0d68  [ 43D13C80EBEC0135A3611E0F616F179B, 9C5409ECBD2C3B89C80F0A59B96220178E790A7D78967C6281D56EB1965E9ECD ] C:\WINDOWS\system32\userenv.dll
02:58:01.0421 0x0d68  C:\WINDOWS\system32\userenv.dll - ok
02:58:01.0437 0x0d68  [ 9CFCB3CA3D83B4EAA133F0644A2C6F31, CC0A76B55B38183B8C6141C290D1858A9D118333C804784AB305FE76A0FCE775 ] C:\WINDOWS\system32\psapi.dll
02:58:01.0437 0x0d68  C:\WINDOWS\system32\psapi.dll - ok
02:58:01.0437 0x0d68  [ AF11C591F2F4AFF4A6CF699D376F618B, B61C0D1944D5D8F536AB5422017C99773BD89EA59784969E4F8F269BF9EF57C3 ] C:\WINDOWS\system32\regapi.dll
02:58:01.0437 0x0d68  C:\WINDOWS\system32\regapi.dll - ok
02:58:01.0437 0x0d68  [ 24192246760E0E64435522E246B1D6C2, B1C5A16A73250DEA900FF6ECE71F604E2411B4FDFD497564BEB7D867A75640BF ] C:\WINDOWS\system32\setupapi.dll
02:58:01.0437 0x0d68  C:\WINDOWS\system32\setupapi.dll - ok
02:58:01.0453 0x0d68  [ C7CE131408739B0B3A318BE2D0032719, CAEEED45F6BAB22F611B2200DC91E68426F169F5646247893CF3AC7EFDDD07B8 ] C:\WINDOWS\system32\version.dll
02:58:01.0453 0x0d68  C:\WINDOWS\system32\version.dll - ok
02:58:01.0453 0x0d68  [ 430CEB794F6E6EF8AC86958C242366D6, 48066566EDC18654095EAD7F4449CD42B44AD758465A6B36A42B489F32C7E64B ] C:\WINDOWS\system32\winsta.dll
02:58:01.0453 0x0d68  C:\WINDOWS\system32\winsta.dll - ok
02:58:01.0468 0x0d68  [ D458B738B4C2CE33174CFB2CE12412DB, C8FCA4B1BE8358B1F14BB25F39899A18804133544701DFCF40E8782C2487C912 ] C:\WINDOWS\system32\wintrust.dll
02:58:01.0468 0x0d68  C:\WINDOWS\system32\wintrust.dll - ok
02:58:01.0468 0x0d68  [ 16E916243BDDBAF44D98E623B2D0CEAD, A1C56AC378EDA9ACBE73342BEE0897E028BDD368288552108FC77A7AA1478690 ] C:\WINDOWS\system32\imagehlp.dll
02:58:01.0468 0x0d68  C:\WINDOWS\system32\imagehlp.dll - ok
02:58:01.0484 0x0d68  [ 0DA85218E92526972A821587E6A8BF8F, 9377F61D4B10974D5962E03F54BB89C8F804883245D61C670E51228AFE4559EB ] C:\WINDOWS\system32\imm32.dll
02:58:01.0484 0x0d68  C:\WINDOWS\system32\imm32.dll - ok
02:58:01.0484 0x0d68  [ 9789E95E1D88EEB4B922BF3EA7779C28, 2D17FD78E71BDB5D51B69DE6B36D7481A7AA3C61EA7636CD71638AF501883A91 ] C:\WINDOWS\system32\ws2help.dll
02:58:01.0484 0x0d68  C:\WINDOWS\system32\ws2help.dll - ok
02:58:01.0484 0x0d68  [ 2CCC474EB85CEAA3E1FA1726580A3E5A, 6E99D2FB4997E54E8B1B7D769CF2C0FAE296A6441DC39984850EA26BFEB7E500 ] C:\WINDOWS\system32\ws2_32.dll
02:58:01.0484 0x0d68  C:\WINDOWS\system32\ws2_32.dll - ok
02:58:01.0500 0x0d68  [ 56C5B179FE3308B655EB6208C3256FEC, C70BCE54E5DF47D37C835804EAAEC7C06C1A226EFA2003226BE290D1D552126F ] C:\WINDOWS\system32\kbdus.dll
02:58:01.0500 0x0d68  C:\WINDOWS\system32\kbdus.dll - ok
02:58:01.0500 0x0d68  [ D7B7A57C0E57C836F18CF12A4C62A1CA, 651B16027B4F4B0ED2F827E32B7E66188CDB023DB8C7B1A9A1A44063FB35B9DE ] C:\WINDOWS\system32\msgina.dll
02:58:01.0500 0x0d68  C:\WINDOWS\system32\msgina.dll - ok
02:58:01.0515 0x0d68  [ 93AFB83FBC1F9443CAC722FCA63D73BF, 853C4A03A153F232E5CAF219F7FD732CB82CB62171F077DE737B32169F7832AB ] C:\WINDOWS\system32\comctl32.dll
02:58:01.0515 0x0d68  C:\WINDOWS\system32\comctl32.dll - ok
02:58:01.0515 0x0d68  [ 40B0F98BAD16AD5DEF894E88C3EF8014, 916B7BFC23BB5A3F757160BCF2013A8260D9382EFDE6AADAFC4D297828C71003 ] C:\WINDOWS\system32\odbc32.dll
02:58:01.0515 0x0d68  C:\WINDOWS\system32\odbc32.dll - ok
02:58:01.0531 0x0d68  [ 86987A5000DFA3EBE2275C0456BCF2FE, 31B699E8FD11DD59ADBAE56650C1B7AE80484091B3B6D9015A95F590E2C3EB05 ] C:\WINDOWS\system32\comdlg32.dll
02:58:01.0531 0x0d68  C:\WINDOWS\system32\comdlg32.dll - ok
02:58:01.0531 0x0d68  [ 6843D54BC4A40CC8C5741AF750233D10, D998B54B7D23A986DD14D8BC56169A10EE43267F4F1914FBDD55B6B028993FAC ] C:\WINDOWS\system32\shell32.dll
02:58:01.0531 0x0d68  C:\WINDOWS\system32\shell32.dll - ok
02:58:01.0546 0x0d68  [ C448A248B743F5FB935C787A5D97268B, 26E88FF449F938B218FAED6D8F3F095577216A29D656D17ACEA7F6C16E638BED ] C:\WINDOWS\system32\shlwapi.dll
02:58:01.0546 0x0d68  C:\WINDOWS\system32\shlwapi.dll - ok
02:58:01.0546 0x0d68  [ 694503348B586E99D56C0E30AB5B3EF8, 53A0C2604574058F1520D8F0805F1247B15BB0E00A5B5BAFE027C702D55E5076 ] C:\WINDOWS\system32\sxs.dll
02:58:01.0546 0x0d68  C:\WINDOWS\system32\sxs.dll - ok
02:58:01.0562 0x0d68  [ 736B12B725AEB2B07F0241A9F680CB10, 9EF1406CAEE256117DA8C8904BCB20FB8F9421F02F812B4DC2CE1F16D2B315F2 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
02:58:01.0562 0x0d68  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
02:58:01.0562 0x0d68  [ 6B7C6B32F8E84D56C6260D684019FEA2, A10B4D413452D95B6B4087838F2FCE0B9F42D8C0CBE7A91DC080AE1163FB6D1A ] C:\WINDOWS\system32\odbcint.dll
02:58:01.0562 0x0d68  C:\WINDOWS\system32\odbcint.dll - ok
02:58:01.0578 0x0d68  [ 96E1C926F22EE1BFBAE82901A35F6BF3, 95568F138216FFADCFC4BAE8A12825FFE53F2EA04C5CAC2AD10F65FC0C4E3CDB ] C:\WINDOWS\system32\sfc.dll
02:58:01.0578 0x0d68  C:\WINDOWS\system32\sfc.dll - ok
02:58:01.0578 0x0d68  [ 6B5DB6789177A4FD0DEBC248041D0739, 3E3239C3613CCBB9EE2539D78BC745ED19134E1D3BED88C3D5273796FA2507DA ] C:\WINDOWS\system32\sfc_os.dll
02:58:01.0578 0x0d68  C:\WINDOWS\system32\sfc_os.dll - ok
02:58:01.0593 0x0d68  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] C:\WINDOWS\system32\shsvcs.dll
02:58:01.0593 0x0d68  C:\WINDOWS\system32\shsvcs.dll - ok
02:58:01.0593 0x0d68  [ 59B408E5B8489B0B36A0D783D150EDCC, CB234B25502B0CE0C1E6CFA883FDDF64DAB7A6E50A6AD36CAB3B30A7C872B403 ] C:\WINDOWS\system32\ole32.dll
02:58:01.0593 0x0d68  C:\WINDOWS\system32\ole32.dll - ok
02:58:01.0593 0x0d68  [ CF492D7E9AF1C628B3536D20EF6F5CC7, 3D7A5A5D6B804C0A3F3E7256B3AC19397567700271CABCD7C4C8B51565958BC8 ] C:\WINDOWS\system32\apphelp.dll
02:58:01.0593 0x0d68  C:\WINDOWS\system32\apphelp.dll - ok
02:58:01.0609 0x0d68  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] C:\WINDOWS\system32\lsass.exe
02:58:01.0609 0x0d68  C:\WINDOWS\system32\lsass.exe - ok
02:58:01.0609 0x0d68  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
02:58:01.0609 0x0d68  C:\WINDOWS\system32\services.exe - ok
02:58:01.0625 0x0d68  [ BD31DC6DBE9333C4FBD4BDF0899F2160, 545D83178CCD74C68B72C607201EF9E1C8A5FC26A08288F8D3A77106964D1034 ] C:\WINDOWS\system32\lsasrv.dll
02:58:01.0625 0x0d68  C:\WINDOWS\system32\lsasrv.dll - ok
02:58:01.0625 0x0d68  [ F404830F3CD9BF8F2515E489C0CDA297, 4FFFBBDD04B82623983B8B51E52E113EBF0E32E8328BFD3754B7A299E5673569 ] C:\WINDOWS\system32\msvcp60.dll
02:58:01.0625 0x0d68  C:\WINDOWS\system32\msvcp60.dll - ok
02:58:01.0625 0x0d68  [ EC29A79F1E76DC509E24D401F29D0678, 2CECCD7CE806152F6DD1A6812C7DAEC46FB197E63D14414808D713C829EE4260 ] C:\WINDOWS\system32\ncobjapi.dll
02:58:01.0640 0x0d68  C:\WINDOWS\system32\ncobjapi.dll - ok
02:58:01.0640 0x0d68  [ DD7BD97FB8BD800963789158A5E4B41D, 4C265CB9AC1B8C398E625C1775A5AADD8A030D158B557E24F90CA57C0253FF0D ] C:\WINDOWS\system32\mpr.dll
02:58:01.0640 0x0d68  C:\WINDOWS\system32\mpr.dll - ok
02:58:01.0640 0x0d68  [ B24A42A413E694AD73FDFB7FBD492C31, 52411B5C714ED7FCFF3A120980EB75BF5A64E022303D3E717048E0E44F604AC0 ] C:\WINDOWS\system32\scesrv.dll
02:58:01.0640 0x0d68  C:\WINDOWS\system32\scesrv.dll - ok
02:58:01.0656 0x0d68  [ EC4C0D9BFD9F7E33F8B395AD54E13063, 18E60FF334376604F213F3323FAB81F392493496C6CA809FAD66BB8B0EEB3396 ] C:\WINDOWS\system32\ntdsapi.dll
02:58:01.0656 0x0d68  C:\WINDOWS\system32\ntdsapi.dll - ok
02:58:01.0656 0x0d68  [ 389496118B3B03C2328024AF320132AC, 11F85CA49596CE12B1F80B5BC059B6F5549FC09A43E2C47841A688F2ACEBB8B8 ] C:\WINDOWS\system32\dnsapi.dll
02:58:01.0656 0x0d68  C:\WINDOWS\system32\dnsapi.dll - ok
02:58:01.0671 0x0d68  [ 2EDFC2A8893435723AD80481803C6D5C, CD547E4749EE6466FD4F50CF2EAD37AD993C6BC89068BD51726869D5ADB2AF8E ] C:\WINDOWS\system32\umpnpmgr.dll
02:58:01.0671 0x0d68  C:\WINDOWS\system32\umpnpmgr.dll - ok
02:58:01.0671 0x0d68  [ 0492CF5870F0E616B0C71695A433D162, 47C9FB64A4CF3DF54F664B2B31A834ACF75B504650007E6201546C2D0E44D9C2 ] C:\WINDOWS\system32\wldap32.dll
02:58:01.0671 0x0d68  C:\WINDOWS\system32\wldap32.dll - ok
02:58:01.0687 0x0d68  [ EA9EE60B408878E5F2012F9C783836DB, 354A6660705759C0E767BCD7FB6F1B4371B74784A986431A626DF3793D0421EC ] C:\WINDOWS\AppPatch\acadproc.dll
02:58:01.0687 0x0d68  C:\WINDOWS\AppPatch\acadproc.dll - ok
02:58:01.0687 0x0d68  [ 8329A39D5A402A75A74301D6A62ECDA1, 1947B2B19F2D0C690EC880B5A92F88903D78C6BB6EE47261B3D744B5A863D562 ] C:\WINDOWS\system32\samlib.dll
02:58:01.0687 0x0d68  C:\WINDOWS\system32\samlib.dll - ok
02:58:01.0687 0x0d68  [ F05B8CDB7FE0E55DCCFB1D946CE80064, E59BC2F25EBFF5F0CF459C9B8DEE882ADE227323F4768EBACFCC6784861BF260 ] C:\WINDOWS\system32\samsrv.dll
02:58:01.0687 0x0d68  C:\WINDOWS\system32\samsrv.dll - ok
02:58:01.0703 0x0d68  [ 1F03103598BD817B1078DAB1326DDE11, 0F0D19E67E25E9D2113920166B7326B46BACD22BA08476EC91D9C564AFC1FAF3 ] C:\WINDOWS\system32\shimeng.dll
02:58:01.0703 0x0d68  C:\WINDOWS\system32\shimeng.dll - ok
02:58:01.0703 0x0d68  [ 310C15FD8358B2C4CD7A5B98A112883F, CA656F066373B164A138032F5BF7EF68603EBDB0D49BD4663C99061F47F29085 ] C:\WINDOWS\AppPatch\acgenral.dll
02:58:01.0703 0x0d68  C:\WINDOWS\AppPatch\acgenral.dll - ok
02:58:01.0718 0x0d68  [ 17A1D675C12BBF80CAAC54A4855C41D0, F6185E42180218E932ADFFD63EF78EE8324B816BD57EA217322A46D1D2F47928 ] C:\WINDOWS\system32\cryptdll.dll
02:58:01.0718 0x0d68  C:\WINDOWS\system32\cryptdll.dll - ok
02:58:01.0718 0x0d68  [ EFF03460E542EEA6B0ABDEC6BF19C897, C2A0DDE6E8B49B152C295E97CFC35557391DEEE5A3A0B1BB4E445C405C716C55 ] C:\WINDOWS\system32\oleaut32.dll
02:58:01.0718 0x0d68  C:\WINDOWS\system32\oleaut32.dll - ok
02:58:01.0718 0x0d68  [ 4A953F13942867BA8FB41F141EC1B80C, BAE05A8CEDA4411324E38DB8A2153A988C6A3FAC8AD7CB27EE14E18FE7C47569 ] C:\WINDOWS\system32\winmm.dll
02:58:01.0718 0x0d68  C:\WINDOWS\system32\winmm.dll - ok
02:58:01.0734 0x0d68  [ 2098AB52BD5316E59AA36F3437B13BE6, C4C9F2CFCAFF91B4A6F68E28EFE12EED216B41F081F8D577597C0634ECE57018 ] C:\WINDOWS\system32\msacm32.dll
02:58:01.0734 0x0d68  C:\WINDOWS\system32\msacm32.dll - ok
02:58:01.0734 0x0d68  [ 7A2CC3719B255E6B5D74396183B7715B, 2C4A2D5B42CFFE42BE72A652D1B0EED43D7EECF7CA3416660A3E0C539AA2AC34 ] C:\WINDOWS\system32\uxtheme.dll
02:58:01.0734 0x0d68  C:\WINDOWS\system32\uxtheme.dll - ok
02:58:01.0750 0x0d68  [ F24B12786D60A17008319E3F2AEE7799, BF916F65D770C61612678171CC184A0BF259992CEC0BF607D26834CE2A234FB3 ] C:\WINDOWS\system32\msapsspc.dll
02:58:01.0750 0x0d68  C:\WINDOWS\system32\msapsspc.dll - ok
02:58:01.0750 0x0d68  [ 3D76DD0CBC536E0F8C45D23ED230BEB2, F74F94525AB7CE1E269452C9E1DD08411A668CFDD94F069C90FC2EE33CB35A12 ] C:\WINDOWS\system32\digest.dll
02:58:01.0750 0x0d68  C:\WINDOWS\system32\digest.dll - ok
02:58:01.0765 0x0d68  [ 7A660EDC0757849DF5F8706FB6E9F740, CA3820507A92EE9AB4EE8E804736FE1795224AE02D396AADB5BFD53223D9B7E2 ] C:\WINDOWS\system32\msvcrt40.dll
02:58:01.0765 0x0d68  C:\WINDOWS\system32\msvcrt40.dll - ok
02:58:01.0765 0x0d68  [ 0F64207B49390C8063C36AE7CBF9C2DB, 52C4A7A38EE11CA247001EB0A3C67BFEB1A09E9AC406486132D5AC38BE3A6A6F ] C:\WINDOWS\system32\schannel.dll
02:58:01.0765 0x0d68  C:\WINDOWS\system32\schannel.dll - ok
02:58:01.0765 0x0d68  [ A4388DF80E52695AE92EE5F3F61F1619, A4B7C6E10B92B5022CA6E8FD9094098614FD63178EA86A7B035EB89B373BF033 ] C:\WINDOWS\system32\msnsspc.dll
02:58:01.0765 0x0d68  C:\WINDOWS\system32\msnsspc.dll - ok
02:58:01.0781 0x0d68  [ 5733177BCF16EE78B99543C9B0AB81EA, 6504D3D665AC8AB27A44F863F9C1A23FF3B68EAC0512F418712CC0D56F739E24 ] C:\WINDOWS\system32\msctfime.ime
02:58:01.0781 0x0d68  C:\WINDOWS\system32\msctfime.ime - ok
02:58:01.0781 0x0d68  [ C6BB1D1500DB4A0E224CB65E6C7E8A80, 32099A486457D1DC3B1269DE9570EE922F118C3BD443FE78ED051DD764EF4DE3 ] C:\WINDOWS\system32\msprivs.dll
02:58:01.0781 0x0d68  C:\WINDOWS\system32\msprivs.dll - ok
02:58:01.0796 0x0d68  [ A525C96C51D55111FDF3BEA9FFFFC7AE, AA5B080E01573B96A37E67F871F97AE975E1E9519EDB16476472AA3FA2144643 ] C:\WINDOWS\system32\kerberos.dll
02:58:01.0796 0x0d68  C:\WINDOWS\system32\kerberos.dll - ok
02:58:01.0796 0x0d68  [ 318FAA70D9B0FB8DD168D4ED628E27B2, 2C407FFDA4A02D4A1CB9592C6FA4293BA31BE8852670436F1187A8107572ED41 ] C:\WINDOWS\system32\atmfd.dll
02:58:01.0812 0x0d68  C:\WINDOWS\system32\atmfd.dll - ok
02:58:01.0812 0x0d68  [ 517561A1113B04E51D936CD018DE1C1F, A5F572C3557705F28F7A465970F0432F55B616EFD208BA0CBDFFBF7A41F07C04 ] C:\WINDOWS\system32\msv1_0.dll
02:58:01.0812 0x0d68  C:\WINDOWS\system32\msv1_0.dll - ok
02:58:01.0828 0x0d68  [ AF07DC9B7CC455629E732340C7B15F3A, 4403503F24FB76AB55D347273319B98BC0955AB3E537FA5ADA498B9AED76484A ] C:\WINDOWS\system32\iphlpapi.dll
02:58:01.0828 0x0d68  C:\WINDOWS\system32\iphlpapi.dll - ok
02:58:01.0828 0x0d68  [ 1B7F071C51B77C272875C3A23E1E4550, 9D6EA6DF4F4A531E35B843CE11AB6BDBEF0C2716773C14660E98038C1F68B7C4 ] C:\WINDOWS\system32\netlogon.dll
02:58:01.0828 0x0d68  C:\WINDOWS\system32\netlogon.dll - ok
02:58:01.0843 0x0d68  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] C:\WINDOWS\system32\w32time.dll
02:58:01.0843 0x0d68  C:\WINDOWS\system32\w32time.dll - ok
02:58:01.0843 0x0d68  [ 54DAE3EA34802B4ED9AE1C6B1209FA56, EEB1FA90DB44C821B371D5F7C323B4F88E843107BBA16DA2ACB124D6A848B257 ] C:\WINDOWS\system32\rsaenh.dll
02:58:01.0843 0x0d68  C:\WINDOWS\system32\rsaenh.dll - ok
02:58:01.0843 0x0d68  [ 3AAF9B35939FF9E58CCD18D41655C2FC, AF7358AB0A507D77569A8D38D2392C224BFBEFD1264C069BBC6C677BC20C6B8B ] C:\WINDOWS\system32\wdigest.dll
02:58:01.0843 0x0d68  C:\WINDOWS\system32\wdigest.dll - ok
02:58:01.0859 0x0d68  [ 02988B904C386B500CD08639C4C20EEA, 66E96045957AABD7F5C364D64DE23A09D4C292C844FA00C45626A8D1EC21F206 ] C:\WINDOWS\system32\winscard.dll
02:58:01.0859 0x0d68  C:\WINDOWS\system32\winscard.dll - ok
02:58:01.0859 0x0d68  [ 0E2735281FBB9A764D5584C2A5DCBA59, B1EFF5D7BFDDFEC3A3E5B2F17A6A0F3F47C344A64AB57E6918B4DEC094FC9444 ] C:\WINDOWS\system32\wtsapi32.dll
02:58:01.0859 0x0d68  C:\WINDOWS\system32\wtsapi32.dll - ok
02:58:01.0875 0x0d68  [ A86BB5E61BF3E39B62AB4C7E7085A084, B88446E007153BB58C5AE867AC3FB4C46618BBAA5A152687201E0E81F881465A ] C:\WINDOWS\system32\scecli.dll
02:58:01.0875 0x0d68  C:\WINDOWS\system32\scecli.dll - ok
02:58:01.0875 0x0d68  [ AF5DA81B19AFA730F1E5246AD81D140A, 532951071F56896A3B5D47874C14D996C8620EA02F87D4BA21B083EC804FB166 ] C:\WINDOWS\system32\drivers\avgntflt.sys
02:58:01.0875 0x0d68  C:\WINDOWS\system32\drivers\avgntflt.sys - ok
02:58:01.0890 0x0d68  [ 27C6D03BCDB8CFEB96B716F3D8BE3E18, 2910EBC692D833D949BFD56059E8106D324A276D5F165F874F3FB1B6C613CDD5 ] C:\WINDOWS\system32\svchost.exe
02:58:01.0890 0x0d68  C:\WINDOWS\system32\svchost.exe - ok
02:58:01.0890 0x0d68  [ 549290DBC280C887681D7652978DBBE0, CA2CA8561F11CDD5FD5D23D9D88A96A7FFE4AF6DFE8CE783B0969B6ED3C4CBF8 ] C:\WINDOWS\system32\ntmarta.dll
02:58:01.0890 0x0d68  C:\WINDOWS\system32\ntmarta.dll - ok
02:58:01.0890 0x0d68  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] C:\WINDOWS\system32\rpcss.dll
02:58:01.0890 0x0d68  C:\WINDOWS\system32\rpcss.dll - ok
02:58:01.0906 0x0d68  [ 16403217AB6FC5C30C14C6B12098AD4B, DEA7C556BA9C91E056E6035E77A793A77E428D493518D1C6F796B003D4F07305 ] C:\WINDOWS\system32\xpsp2res.dll
02:58:01.0906 0x0d68  C:\WINDOWS\system32\xpsp2res.dll - ok
02:58:01.0906 0x0d68  [ 6D4FEB43EE538FC5428CC7F0565AA656, 4091D82537198562F0CA1D032B2D4BEC75101342B7BCA7778FDA2D515300BC36 ] C:\WINDOWS\system32\eventlog.dll
02:58:01.0906 0x0d68  C:\WINDOWS\system32\eventlog.dll - ok
02:58:01.0921 0x0d68  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] C:\WINDOWS\system32\mswsock.dll
02:58:01.0921 0x0d68  C:\WINDOWS\system32\mswsock.dll - ok
02:58:01.0921 0x0d68  [ 3CB32D3B8CBE79899D63280BB7A83CD9, F34DB3B3DD65F0135F1F7005703B824D2C9B17F7A43062F1FFBEC53B3B26EFC3 ] C:\WINDOWS\system32\hnetcfg.dll
02:58:01.0921 0x0d68  C:\WINDOWS\system32\hnetcfg.dll - ok
02:58:01.0937 0x0d68  [ 4E3D06D6E68EEDB52565080F55B460D3, A503BFC29D3936045488EDC1771914EC84BE80E422F772F53D7961F526D707E6 ] C:\WINDOWS\system32\wshtcpip.dll
02:58:01.0937 0x0d68  C:\WINDOWS\system32\wshtcpip.dll - ok
02:58:01.0937 0x0d68  [ 6F9BEF24C578D5D6740E080BEDD6A448, 72426D49BC31488261D226C7D0C98AD11192019E71654F53D1D17183C328CC7C ] C:\WINDOWS\system32\rasadhlp.dll
02:58:01.0937 0x0d68  C:\WINDOWS\system32\rasadhlp.dll - ok
02:58:01.0937 0x0d68  [ D72B9EC3337B247A666F098F3D6B43DE, 4BC52AD1116078B0B313AB6555024302225D6CC03CA428151F78B7C48821489F ] C:\WINDOWS\system32\winrnr.dll
02:58:01.0937 0x0d68  C:\WINDOWS\system32\winrnr.dll - ok
02:58:01.0953 0x0d68  [ B51781EA95B9535EA37CE95C396D6339, 3AC24B6D884A07C6A573ED4A789DFB335F04040B3A8EC045F2025953125E6D62 ] C:\Program Files\Sandboxie\SbieDll.dll
02:58:01.0953 0x0d68  C:\Program Files\Sandboxie\SbieDll.dll - ok
02:58:01.0953 0x0d68  [ E80A6EA16ECD1D6F16A5DBDFFC10F253, 646B1BA21FD520F4EBCA2B419FBBF4E51A24D787EC89EA9D2CF5DC6D752E0687 ] C:\Program Files\Sandboxie\SbieSvc.exe
02:58:01.0953 0x0d68  C:\Program Files\Sandboxie\SbieSvc.exe - ok
02:58:01.0968 0x0d68  [ BBEA4597A37B125C641808EE293BC024, 86F0FFBA4BF9D6E615A5E5279AB216003E86E639BB5DB10B9AEA415A51F2E015 ] C:\Program Files\Sandboxie\SbieDrv.sys
02:58:01.0968 0x0d68  C:\Program Files\Sandboxie\SbieDrv.sys - ok
02:58:01.0968 0x0d68  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] C:\WINDOWS\system32\drivers\ndisuio.sys
02:58:01.0968 0x0d68  C:\WINDOWS\system32\drivers\ndisuio.sys - ok
02:58:01.0968 0x0d68  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] C:\WINDOWS\system32\dhcpcsvc.dll
02:58:01.0968 0x0d68  C:\WINDOWS\system32\dhcpcsvc.dll - ok
02:58:01.0984 0x0d68  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] C:\WINDOWS\system32\dnsrslvr.dll
02:58:01.0984 0x0d68  C:\WINDOWS\system32\dnsrslvr.dll - ok
02:58:01.0984 0x0d68  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] C:\WINDOWS\system32\lmhsvc.dll
02:58:01.0984 0x0d68  C:\WINDOWS\system32\lmhsvc.dll - ok
02:58:02.0000 0x0d68  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] C:\WINDOWS\system32\wzcsvc.dll
02:58:02.0000 0x0d68  C:\WINDOWS\system32\wzcsvc.dll - ok
02:58:02.0000 0x0d68  [ 224FB925C641DA16CEB6D60F40CA4C75, 2DDB3B019D2A22B359C5974DC366EC9B95F4382DB1BF7F1958CFF0EC277895C7 ] C:\WINDOWS\system32\atl.dll
02:58:02.0000 0x0d68  C:\WINDOWS\system32\atl.dll - ok
02:58:02.0015 0x0d68  [ E6EF7BC927D9F8F9BA1584BFC39E0C6F, EC80729BDD250C161B29DA853D45C703CB4844DE185C5665DB0627D9568995AB ] C:\WINDOWS\system32\eapolqec.dll
02:58:02.0015 0x0d68  C:\WINDOWS\system32\eapolqec.dll - ok
02:58:02.0015 0x0d68  [ 876CCF164E08D6B903CD14398E056DD2, 9AC7887F992F20E10EB3ED9B3AEF47B5C840172FA7895531F4EF86D6EA642D0F ] C:\WINDOWS\system32\rtutils.dll
02:58:02.0015 0x0d68  C:\WINDOWS\system32\rtutils.dll - ok
02:58:02.0015 0x0d68  [ 7B0770526801F05D58C51A3DFB87B4BD, 7A2858DD3AE8C26DE88F8CC71E8DC9A8A50C363BA4FB34EE6EE2D81C18845A96 ] C:\WINDOWS\system32\wmi.dll
02:58:02.0015 0x0d68  C:\WINDOWS\system32\wmi.dll - ok
02:58:02.0031 0x0d68  [ 8E2CC37BA87D8F681066E0E9C8A19F73, 90536FD502D92AE4FECE0C250373742D2E8AC9E9BE314070BB28C4A2BEA15508 ] C:\WINDOWS\system32\dot3api.dll
02:58:02.0031 0x0d68  C:\WINDOWS\system32\dot3api.dll - ok
02:58:02.0031 0x0d68  [ F5B754CDEA20BBB3A31E16A776EDE6D6, C5D682FA9B86810C6E3D741E507EDA024C4554BEB5B6A1686F70E109EE9CD746 ] C:\WINDOWS\system32\esent.dll
02:58:02.0031 0x0d68  C:\WINDOWS\system32\esent.dll - ok
02:58:02.0046 0x0d68  [ 8AE93AACC648921BAACB8602991AC4B3, 78292B1BAEE64C997C50B6D907FE623C2EDF937A62D3C3690FA24342180B7AB2 ] C:\WINDOWS\system32\qutil.dll
02:58:02.0046 0x0d68  C:\WINDOWS\system32\qutil.dll - ok
02:58:02.0046 0x0d68  [ F137A0CA70003DB20448D540651FA003, 4D3095FD8431D0839B6EE785A979D005A1035368A152CDC705804E85B7673198 ] C:\WINDOWS\system32\clbcatq.dll
02:58:02.0046 0x0d68  C:\WINDOWS\system32\clbcatq.dll - ok
02:58:02.0062 0x0d68  [ 1280A158C722FA95A80FB7AEBE78FA7D, 9B6E8158E581500C5C417F6453A6414901020123D34FDBC04289750E8B072538 ] C:\WINDOWS\system32\comres.dll
02:58:02.0062 0x0d68  C:\WINDOWS\system32\comres.dll - ok
02:58:02.0062 0x0d68  [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3, 9085384DD71F983E7FD8B6C8F54A3097412DA3C802C813C8AAB1F30558C416D6 ] C:\WINDOWS\system32\cryptui.dll
02:58:02.0062 0x0d68  C:\WINDOWS\system32\cryptui.dll - ok
02:58:02.0062 0x0d68  [ A39BE37C9237DB5F1990D61B268EA555, ABAB9D73DF10D2AC78F00A6C5E5318C4DE166CDF70683408D83D218CB39B7449 ] C:\WINDOWS\system32\rastls.dll
02:58:02.0062 0x0d68  C:\WINDOWS\system32\rastls.dll - ok
02:58:02.0078 0x0d68  [ 8AF91E4B4C1F5338EBE1548117304296, 493F46CB43496B8158924229094374D4531DA32E3C77FF4F86FCB86DEACFB79B ] C:\WINDOWS\system32\wininet.dll
02:58:02.0078 0x0d68  C:\WINDOWS\system32\wininet.dll - ok
02:58:02.0078 0x0d68  [ 10753A3ADC3E39A3B10CC3F08E98E6B4, 99C7B1B04CD593139917ED3D68BEC36C63BCE76663505CB5D026B62AF39BB383 ] C:\WINDOWS\system32\normaliz.dll
02:58:02.0078 0x0d68  C:\WINDOWS\system32\normaliz.dll - ok
02:58:02.0093 0x0d68  [ 1387AB5807E7A29D880699CC733F6AED, 0A3B777546E5F5EBC7914118D0BB32546279AEC726FED05519E0CF8F97DFA039 ] C:\WINDOWS\system32\urlmon.dll
02:58:02.0093 0x0d68  C:\WINDOWS\system32\urlmon.dll - ok
02:58:02.0093 0x0d68  [ 89A1EE0C4046375B4B9E0B010C90C802, 51D54DA31E30487E73B50F482F1A04F273BC812F3AB2C415D09CB44956097E11 ] C:\WINDOWS\system32\iertutil.dll
02:58:02.0093 0x0d68  C:\WINDOWS\system32\iertutil.dll - ok
02:58:02.0093 0x0d68  [ A14D324C50EB71FB480DDD60481D0C04, 15F1EF7CA639AF0B235493DF0934B4C525C3F4E4DEB3310B70EDDF43869BCA4D ] C:\WINDOWS\system32\pstorec.dll
02:58:02.0093 0x0d68  C:\WINDOWS\system32\pstorec.dll - ok
02:58:02.0109 0x0d68  [ 2CDAE321B8E878A278BA2D2FA013060B, 51A382D665EB4A8BD66A3EF9B518DC02D3637318768758AB6F1017E50826CC56 ] C:\WINDOWS\system32\activeds.dll
02:58:02.0109 0x0d68  C:\WINDOWS\system32\activeds.dll - ok
02:58:02.0109 0x0d68  [ 0D84657DBF93DB98673DEFDF2B29E25A, 22105E297D663790BFA1EAE5AC670B283E69FDF2428DEBC596F3EB920E53AFF9 ] C:\WINDOWS\system32\adsldpc.dll
02:58:02.0109 0x0d68  C:\WINDOWS\system32\adsldpc.dll - ok
02:58:02.0125 0x0d68  [ EA5B8BECA3F279C757578CD7F1E95855, 6FA42A9C8A114208BCB1D0A799C43CD07FB0F986495191D58C1BBD150B7B3A90 ] C:\WINDOWS\system32\mprapi.dll
02:58:02.0125 0x0d68  C:\WINDOWS\system32\mprapi.dll - ok
02:58:02.0125 0x0d68  [ 92C4F48B62B0B876194584C3FF09CCB6, B24FF5E8D4F09B8200395B68A20A083E7ED9A29B9E9FB85F42E1A6BBB911D1C4 ] C:\WINDOWS\system32\rasapi32.dll
02:58:02.0125 0x0d68  C:\WINDOWS\system32\rasapi32.dll - ok
02:58:02.0140 0x0d68  [ 4DEF926F6A0545AE486A03C84F2EE482, 2D209061632634D7338C0BBEEE8056E8085BE22FA6974A2CC6BAEDC14CF6F6B1 ] C:\WINDOWS\system32\rasman.dll
02:58:02.0140 0x0d68  C:\WINDOWS\system32\rasman.dll - ok
02:58:02.0140 0x0d68  [ 00AABF131B4823785818DB99A075A313, FF0F24D35325EC246C758C7CF51FDDEF13757DFD7BE5F6F5D51E0DD7C6673686 ] C:\WINDOWS\system32\tapi32.dll
02:58:02.0140 0x0d68  C:\WINDOWS\system32\tapi32.dll - ok
02:58:02.0156 0x0d68  [ C1FAEA15E41F62D7BFA7FBC395C24BA6, 5DAA7F6E1EEA128AEDEDCAF04EB83AED4BCF856BC123BC134E9FA634DC569C0B ] C:\WINDOWS\system32\riched20.dll
02:58:02.0156 0x0d68  C:\WINDOWS\system32\riched20.dll - ok
02:58:02.0156 0x0d68  [ 56CE97FF94B7662A300D359CD6F4D601, D67A792E176AE3394CEB8FEF16F9E56DC614D7D4F58F6B9202E49EFD42BAE9E4 ] C:\WINDOWS\system32\raschap.dll
02:58:02.0156 0x0d68  C:\WINDOWS\system32\raschap.dll - ok
02:58:02.0156 0x0d68  [ 2081A5B5E4ABA206A0A8A1A97DF0FB23, 032B6D1F541F180A2FE619664EF180D3FD748AEF7E311BA925FCED74E7ED4713 ] C:\WINDOWS\system32\logonui.exe
02:58:02.0156 0x0d68  C:\WINDOWS\system32\logonui.exe - ok
02:58:02.0171 0x0d68  [ 515A7FAE2070C2B0242B2353443E2F11, 6121C5613784831F584B50E8DC91BBD7AC58BDB602FE4CDB4B237670B6BB4537 ] C:\WINDOWS\system32\cscdll.dll
02:58:02.0171 0x0d68  C:\WINDOWS\system32\cscdll.dll - ok
02:58:02.0171 0x0d68  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] C:\WINDOWS\system32\schedsvc.dll
02:58:02.0171 0x0d68  C:\WINDOWS\system32\schedsvc.dll - ok
02:58:02.0187 0x0d68  [ E2092F0A1D7ABC243F9C2362483D150D, 50028400D6BA1C5B27BFC9AAC9D41539383F3EC723977CA937715E14094D846A ] C:\WINDOWS\system32\dimsntfy.dll
02:58:02.0187 0x0d68  C:\WINDOWS\system32\dimsntfy.dll - ok
02:58:02.0187 0x0d68  [ 3D41A9326F0376FC73AF961DD23B1FB1, 1242F3B57599675D1E0E26615E206CE3DB15FA6A23BC5D21EB630EE9858EBC7B ] C:\WINDOWS\system32\duser.dll
02:58:02.0187 0x0d68  C:\WINDOWS\system32\duser.dll - ok
02:58:02.0187 0x0d68  [ 2CC34E8BB667EEF78899546E12649196, 5BA2604041BF7C1D580D4D2AEDC7708F9E9B0AF6E0928663E3D9C7297296D721 ] C:\WINDOWS\system32\wlnotify.dll
02:58:02.0187 0x0d68  C:\WINDOWS\system32\wlnotify.dll - ok
02:58:02.0203 0x0d68  [ BD83ABA61E8ACCC8D9FFB869F29418CE, 45ED22E825047A1BE07B017F95FBF965A90602C59E6B110D0C604FBE07DE1562 ] C:\WINDOWS\system32\winspool.drv
02:58:02.0203 0x0d68  C:\WINDOWS\system32\winspool.drv - ok
02:58:02.0203 0x0d68  [ E47E364C96467FD54FA44D59F927C3AB, D48C377A7ACF805C413D4618A099A50BE6724E8996C151B00DEAFD27CA935183 ] C:\WINDOWS\system32\msidle.dll
02:58:02.0203 0x0d68  C:\WINDOWS\system32\msidle.dll - ok
02:58:02.0218 0x0d68  [ AFFC87E2501FCE8F09D4C10BA6421CCF, E63837B281C4AE90A7CBA8E072E07A9A5A2FDD5B15E7FB5C2D7562FE72BE5408 ] C:\WINDOWS\system32\msimg32.dll
02:58:02.0218 0x0d68  C:\WINDOWS\system32\msimg32.dll - ok
02:58:02.0218 0x0d68  [ 20200EE3CFE10E9F0C028D8653BE11C6, 3ACF2110D72509CBA3BF780C5D6D662BAFEEA6CA423BE8B0F97288B953127035 ] C:\WINDOWS\system32\oleacc.dll
02:58:02.0218 0x0d68  C:\WINDOWS\system32\oleacc.dll - ok
02:58:02.0218 0x0d68  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] C:\WINDOWS\system32\spoolsv.exe
02:58:02.0218 0x0d68  C:\WINDOWS\system32\spoolsv.exe - ok
02:58:02.0234 0x0d68  [ E5EDBD51476DB5001ABF5C82AE5C3DD1, 5C97ABF5802A7F886781788FE6107F9F06962F9D704A2A43A03062C9405F56C3 ] C:\WINDOWS\system32\shgina.dll
02:58:02.0234 0x0d68  C:\WINDOWS\system32\shgina.dll - ok
02:58:02.0234 0x0d68  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] C:\WINDOWS\system32\audiosrv.dll
02:58:02.0234 0x0d68  C:\WINDOWS\system32\audiosrv.dll - ok
02:58:02.0250 0x0d68  [ 624D29E2D70F83147A79043FD0024D1D, 8B9D4692529155893E3E73E2CF1B0A36354C7032C9524FDCBC5D57562F7F0342 ] C:\Program Files\Avira\AntiVir Desktop\sched.exe
02:58:02.0250 0x0d68  C:\Program Files\Avira\AntiVir Desktop\sched.exe - ok
02:58:02.0250 0x0d68  [ FD5CABBE52272BD76007B68186EBAF00, 87C42CA155473E4E71857D03497C8CBC28FA8FF7F2C8D72E8A1F39B71078F608 ] C:\Program Files\Avira\AntiVir Desktop\msvcp120.dll
02:58:02.0250 0x0d68  C:\Program Files\Avira\AntiVir Desktop\msvcp120.dll - ok
02:58:02.0265 0x0d68  [ 034CCADC1C073E4216E9466B720F9849, 86E39B5995AF0E042FCDAA85FE2AEFD7C9DDC7AD65E6327BD5E7058BC3AB615F ] C:\Program Files\Avira\AntiVir Desktop\msvcr120.dll
02:58:02.0265 0x0d68  C:\Program Files\Avira\AntiVir Desktop\msvcr120.dll - ok
02:58:02.0265 0x0d68  [ B6E6F3F5B63053D5DC1F4EE32992492F, 089F9C92B677A138BABA4817624E8CA49B7E507B7D6FA0B1A3B4302B354B5C7E ] C:\WINDOWS\system32\dbghelp.dll
02:58:02.0265 0x0d68  C:\WINDOWS\system32\dbghelp.dll - ok
02:58:02.0281 0x0d68  [ 64B3CC85AE8542A95EB5DD1AFEAEAA82, E333A9FC3AFE0AC143A524340A7DB47730C89998EA37E449AD0EFC5A69BC678D ] C:\Program Files\Avira\AntiVir Desktop\grdcore.dll
02:58:02.0281 0x0d68  C:\Program Files\Avira\AntiVir Desktop\grdcore.dll - ok
02:58:02.0281 0x0d68  [ 598547F040B2A498624F950D8E20505B, CB81825ECC9192DA3EC722BBF2F484F1D8D88E9CF4D019DAB74F1A654AFFAA2C ] C:\Program Files\Avira\AntiVir Desktop\scewxmlw.dll
02:58:02.0281 0x0d68  C:\Program Files\Avira\AntiVir Desktop\scewxmlw.dll - ok
02:58:02.0281 0x0d68  [ 5EEE2D08A53D30FADF112DD2B936FCE6, A9AE299FED2BE06682E5B7B18B1D3266CC83A0AE29EFCA9409446C3FE5021D76 ] C:\Program Files\Avira\AntiVir Desktop\cfglib.dll
02:58:02.0281 0x0d68  C:\Program Files\Avira\AntiVir Desktop\cfglib.dll - ok
02:58:02.0296 0x0d68  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] C:\WINDOWS\system32\wkssvc.dll
02:58:02.0296 0x0d68  C:\WINDOWS\system32\wkssvc.dll - ok
02:58:02.0296 0x0d68  [ 2DD7B3D3E9E32DBD5B3B90039ADE6BDD, 6A1CAF1F9D82BB437B045F53DCA0B8E4256782CBF8366697C6798155677E7BDC ] C:\Program Files\Avira\AntiVir Desktop\gpipc.dll
02:58:02.0296 0x0d68  C:\Program Files\Avira\AntiVir Desktop\gpipc.dll - ok
02:58:02.0312 0x0d68  [ 052D8B54FBB847EF8E9358D53540A6D2, DEABD95D227FF570BE613AE4F8C1B0C81906492E6D2C4969BE70ADA6A1BB655F ] C:\Program Files\Avira\AntiVir Desktop\gpgen.dll
02:58:02.0312 0x0d68  C:\Program Files\Avira\AntiVir Desktop\gpgen.dll - ok
02:58:02.0312 0x0d68  [ A7B64447C09D19D13DD24BCC23498FAE, 8DE6FBFC81F585B8BA6CC80603791176C4D31ECE989E3067EB2EB56494F17E70 ] C:\Program Files\Avira\AntiVir Desktop\gpschd.dll
02:58:02.0312 0x0d68  C:\Program Files\Avira\AntiVir Desktop\gpschd.dll - ok
02:58:02.0328 0x0d68  [ 2DE066AFE0F1265AAA38770A08A0CF18, CBDA73E8DFD9C6C5BF145CFADE0856584B891EF5A43AF4DED2D0EEA370898BE7 ] C:\Program Files\Avira\AntiVir Desktop\avevtlog.dll
02:58:02.0328 0x0d68  C:\Program Files\Avira\AntiVir Desktop\avevtlog.dll - ok
02:58:02.0328 0x0d68  [ 82EEF806DCBD7715EC5CC2A3001D3AFA, FAF156FD9C3F1A3707C9B8F59CE3055230DAA0127F0A9B21A728346EDDC25AC2 ] C:\Program Files\Avira\AntiVir Desktop\schedr.dll
02:58:02.0328 0x0d68  C:\Program Files\Avira\AntiVir Desktop\schedr.dll - ok
02:58:02.0343 0x0d68  [ 430ECD581758A5800F813DDB74F66DF8, 7D1F56A51C8F58598E8FF2A3C10FD1796CE779F33F62079DF52FA4A17E5A9E91 ] C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
02:58:02.0343 0x0d68  C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll - ok
02:58:02.0343 0x0d68  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] C:\WINDOWS\system32\drivers\mrxdav.sys
02:58:02.0343 0x0d68  C:\WINDOWS\system32\drivers\mrxdav.sys - ok
02:58:02.0343 0x0d68  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] C:\WINDOWS\system32\webclnt.dll
02:58:02.0343 0x0d68  C:\WINDOWS\system32\webclnt.dll - ok
02:58:02.0359 0x0d68  [ 804B09FA1E3A86E729ABCCA7F30AE53C, 92B1AC945039A0575185AF066BF389A1E5B2DA7778EB181FF9136710F39D0C5A ] C:\WINDOWS\system32\kbdjpn.dll
02:58:02.0359 0x0d68  C:\WINDOWS\system32\kbdjpn.dll - ok
02:58:02.0359 0x0d68  [ 3B479B92A1159A2CFF613B3FAA2AD9CD, D97242F2B7643C856DDF02F0AC0D98028F00E83ADFD77418A5B3A030470E9088 ] C:\WINDOWS\system32\kbd101.dll
02:58:02.0359 0x0d68  C:\WINDOWS\system32\kbd101.dll - ok
02:58:02.0375 0x0d68  [ C33B3ED4BEF24BAC604FF97FF2D97C49, 8A830F3F714CC4BF6242502629633AAFB205188D8DD860C04FB33BC682219D85 ] C:\WINDOWS\system32\kbd106.dll
02:58:02.0375 0x0d68  C:\WINDOWS\system32\kbd106.dll - ok
02:58:02.0375 0x0d68  [ 3FBA2CB69D697D1EF5423F17691CD832, 6ECF4947FF0EC539D727CD27100518B8E6E494A13FE617EED8DCB03589F8D636 ] C:\WINDOWS\system32\kbdnec.dll
02:58:02.0375 0x0d68  C:\WINDOWS\system32\kbdnec.dll - ok
02:58:02.0390 0x0d68  [ 085ED2E391A871C7BAE87E0228B546BA, 15C050965A7377CDE1178A0C28C3E05B16838A1D7DEB1DD190E3C5D58511F5AC ] C:\WINDOWS\system32\cscui.dll
02:58:02.0390 0x0d68  C:\WINDOWS\system32\cscui.dll - ok
02:58:02.0390 0x0d68  [ 50A166237A0FA771261275A405646CC0, CFA9B2C8CDCDB56C27B89593A106AAE211E24D8EA433129A6E9BD2FBF39AB5BB ] C:\WINDOWS\system32\powrprof.dll
02:58:02.0390 0x0d68  C:\WINDOWS\system32\powrprof.dll - ok
02:58:02.0390 0x0d68  [ 6C26DCF01E2A92F183B97D434017268A, 0863B9AE37002CA3E1034A7FBDE80C3D0E4469A4561140EDE42EDD947E61DBD3 ] C:\WINDOWS\system32\dpcdll.dll
02:58:02.0390 0x0d68  C:\WINDOWS\system32\dpcdll.dll - ok
02:58:02.0406 0x0d68  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] C:\WINDOWS\system32\drivers\wdmaud.sys
02:58:02.0406 0x0d68  C:\WINDOWS\system32\drivers\wdmaud.sys - ok
02:58:02.0406 0x0d68  [ 680B56A8B62D1BCF4A0B2AAAD03D88E4, C095D8A3A1CEAD1D78B0EE17B982718CDF4B3FE1F86D9D273875B8C1893C981B ] C:\WINDOWS\system32\wdmaud.drv
02:58:02.0406 0x0d68  C:\WINDOWS\system32\wdmaud.drv - ok
02:58:02.0421 0x0d68  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] C:\WINDOWS\system32\drivers\sysaudio.sys
02:58:02.0421 0x0d68  C:\WINDOWS\system32\drivers\sysaudio.sys - ok
02:58:02.0421 0x0d68  [ A93AEE1928A9D7CE3E16D24EC7380F89, 944CD2135E171AF338352568AA7FE1B8004733A4281395AD6723E0CF43D5F53F ] C:\WINDOWS\system32\userinit.exe
02:58:02.0421 0x0d68  C:\WINDOWS\system32\userinit.exe - ok
02:58:02.0437 0x0d68  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] C:\WINDOWS\system32\drivers\splitter.sys
02:58:02.0437 0x0d68  C:\WINDOWS\system32\drivers\splitter.sys - ok
02:58:02.0437 0x0d68  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] C:\WINDOWS\system32\drivers\aec.sys
02:58:02.0437 0x0d68  C:\WINDOWS\system32\drivers\aec.sys - ok
02:58:02.0437 0x0d68  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] C:\WINDOWS\system32\drivers\swmidi.sys
02:58:02.0437 0x0d68  C:\WINDOWS\system32\drivers\swmidi.sys - ok
02:58:02.0453 0x0d68  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] C:\WINDOWS\system32\drivers\dmusic.sys
02:58:02.0453 0x0d68  C:\WINDOWS\system32\drivers\dmusic.sys - ok
02:58:02.0453 0x0d68  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] C:\WINDOWS\system32\drivers\kmixer.sys
02:58:02.0453 0x0d68  C:\WINDOWS\system32\drivers\kmixer.sys - ok
02:58:02.0468 0x0d68  [ FE2571A8C9FFAB1D45502D6B0BF472AA, 1442FC0180B555BC4F9B97B9A0D7674F75E67A6F61B87A6D690A20AE7D1EF360 ] C:\WINDOWS\system32\xp_eos.exe
02:58:02.0468 0x0d68  C:\WINDOWS\system32\xp_eos.exe - ok
02:58:02.0468 0x0d68  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Program Files\Google\Update\GoogleUpdate.exe
02:58:02.0468 0x0d68  C:\Program Files\Google\Update\GoogleUpdate.exe - ok
02:58:02.0484 0x0d68  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] C:\WINDOWS\system32\drivers\drmkaud.sys
02:58:02.0484 0x0d68  C:\WINDOWS\system32\drivers\drmkaud.sys - ok
02:58:02.0484 0x0d68  [ 5C2593649CF4FE6B9ED6F9A734DBF344, DBE8A6B2DAC8F166E08534EBE02D23FF7648E836CFCB507A41F51368CBA01BBE ] C:\Program Files\Google\Update\1.3.26.9\goopdate.dll
02:58:02.0484 0x0d68  C:\Program Files\Google\Update\1.3.26.9\goopdate.dll - ok
02:58:02.0484 0x0d68  [ 12896823FB95BFB3DC9B46BCAEDC9923, 1E675CB7DF214172F7EB0497F7275556038A0D09C6E5A3E6862C5E26885EF455 ] C:\WINDOWS\explorer.exe
02:58:02.0484 0x0d68  C:\WINDOWS\explorer.exe - ok
02:58:02.0500 0x0d68  [ D3F72D50DE53F9F1F55240115AF4D42E, F8831B6B33EE2EE49615AE45A81C8434E154331BEB1E64C491E64C1348314F3C ] C:\WINDOWS\system32\msi.dll
02:58:02.0500 0x0d68  C:\WINDOWS\system32\msi.dll - ok
02:58:02.0500 0x0d68  [ CFCF46EE92BCBE0242AB5677EC5A5860, 6EFD7B46E94FB7B36F588D163BA3444EA644415E2628F575EF211D4466A07140 ] C:\WINDOWS\system32\browseui.dll
02:58:02.0500 0x0d68  C:\WINDOWS\system32\browseui.dll - ok
02:58:02.0515 0x0d68  [ 9A3BD5F55AADFF859539142F6328A66E, B8165F650F0E24D380601D54BC81A84C06D886A6CF995EA6CA63EABCFA75554A ] C:\WINDOWS\system32\msacm32.drv
02:58:02.0515 0x0d68  C:\WINDOWS\system32\msacm32.drv - ok
02:58:02.0515 0x0d68  [ 5C12660A97822F6E61576943B49AAAD6, 621BE8E009DC95A8901F701F529ED98BD8E6D62D272AE0E1FAF69889A4D5633B ] C:\WINDOWS\system32\midimap.dll
02:58:02.0515 0x0d68  C:\WINDOWS\system32\midimap.dll - ok
02:58:02.0531 0x0d68  [ 1786A2F788B6F2E93C8A43D1C253A432, 20895A4A5AD9BDD6E72509361399D787E084057DAD02101F0AFF33BACA4F2E01 ] C:\WINDOWS\system32\shdocvw.dll
02:58:02.0531 0x0d68  C:\WINDOWS\system32\shdocvw.dll - ok
02:58:02.0531 0x0d68  [ 83BB030C71C9727DCFB2737005772C4E, 5E1D6120D29B8E263C615142BB3EBA0C67A08C5431F444B993B0CBC6995D8B72 ] C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe
02:58:02.0531 0x0d68  C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe - ok
02:58:02.0546 0x0d68  [ 4044E880593FE1AC9942190FCE414BE7, 1EBD42F10592D57A2C8562C641461DE5288D9E900FE91A4A1800C9AB9034F2CD ] C:\WINDOWS\system32\mstask.dll
02:58:02.0546 0x0d68  C:\WINDOWS\system32\mstask.dll - ok
02:58:02.0546 0x0d68  [ B4ED498E3BFEE64E952BC44FC6057DB8, 1FB5ABAE69103BF477F704189D75B0395F587234BFE94F9F79961D8FE2CE55AC ] C:\WINDOWS\system32\desk.cpl
02:58:02.0546 0x0d68  C:\WINDOWS\system32\desk.cpl - ok
02:58:02.0562 0x0d68  [ EE9710428FFB95FD3845D41E7148AC31, 5CFBE4B7BCCB136B958E21EACB965E09F7D6CC0CB29DEA9022047809582B1065 ] C:\WINDOWS\system32\themeui.dll
02:58:02.0562 0x0d68  C:\WINDOWS\system32\themeui.dll - ok
02:58:02.0562 0x0d68  [ 912B67BB8249925A5C972FC5839EAE09, 11F9F26C2D5EADD683F9FA4FDC8C25A1FB7EE9D6E3F4419C9DAB8C4E434F1857 ] C:\WINDOWS\system32\actxprxy.dll
02:58:02.0562 0x0d68  C:\WINDOWS\system32\actxprxy.dll - ok
02:58:02.0578 0x0d68  [ 6D778E0F95447E6546553EEEA709D03C, 62ABED7D45040381BBCED97EA7B6C697B418448FD3322FD4BFB2BBFDB6155EB4 ] C:\WINDOWS\system32\cmd.exe
02:58:02.0578 0x0d68  C:\WINDOWS\system32\cmd.exe - ok
02:58:02.0578 0x0d68  [ FA4A79DBB0E3CA56E1F0B1FD372559A8, 87BBE8A70DB7C1E3F3A9F42112D5D3A81645FB23A4120DFB926AF7D089ACA462 ] C:\WINDOWS\system32\ieframe.dll
02:58:02.0578 0x0d68  C:\WINDOWS\system32\ieframe.dll - ok
02:58:02.0578 0x0d68  [ 624D29E2D70F83147A79043FD0024D1D, 8B9D4692529155893E3E73E2CF1B0A36354C7032C9524FDCBC5D57562F7F0342 ] C:\Program Files\Avira\AntiVir Desktop\avguard.exe
02:58:02.0578 0x0d68  C:\Program Files\Avira\AntiVir Desktop\avguard.exe - ok
02:58:02.0593 0x0d68  [ 9C5DAAED3B3C06DBC95228CC407B8B70, E306E5C4A1C0D4B63840E38098B9FF2F4267FA4F519C7841E5A0C25A8DFF96D8 ] C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{AFE1E06C-9755-4D4A-931C-B14EFF5A1971}.exe
02:58:02.0593 0x0d68  C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{AFE1E06C-9755-4D4A-931C-B14EFF5A1971}.exe - ok
02:58:02.0609 0x0d68  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
02:58:02.0609 0x0d68  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
02:58:02.0609 0x0d68  [ E5F7C30EDF0892667933BE879F067D67, E4BA45F4C6C74A0CDE9B12A00C91E2F5EF83536C89C9053DEC507CBB4F130A12 ] C:\WINDOWS\system32\msvcr100_clr0400.dll
02:58:02.0609 0x0d68  C:\WINDOWS\system32\msvcr100_clr0400.dll - ok
02:58:02.0625 0x0d68  [ B58B73590678FDDEBA6A5D63D702E4A5, 31D494E1A3DB194F132495A75C0DA104C1D394B65BF384E9511440E674C39989 ] C:\Program Files\Avira\AntiVir Desktop\gpgrd.dll
02:58:02.0625 0x0d68  C:\Program Files\Avira\AntiVir Desktop\gpgrd.dll - ok
02:58:02.0625 0x0d68  [ CF50A604C4089F7F96B60EA190E953E0, 4B37FEE7C871B7A8FE38C9494239D507100891B08428DE233843F3F5F8416DB2 ] C:\Program Files\Avira\AntiVir Desktop\gpgui.dll
02:58:02.0625 0x0d68  C:\Program Files\Avira\AntiVir Desktop\gpgui.dll - ok
02:58:02.0625 0x0d68  [ 3596D1E5858A5EE4507AEA485F115983, 4C64823D08346991506EA16F326A01811348573A91726E52AD3FB246DC6DAB0F ] C:\Program Files\Avira\AntiVir Desktop\gpgavid.dll
02:58:02.0625 0x0d68  C:\Program Files\Avira\AntiVir Desktop\gpgavid.dll - ok
02:58:02.0640 0x0d68  [ 3004BDF8A58603B25704BAB375827C55, 1195AC97C80A2DB270AB10DC7D228BED1F06E6BB3DF7EDD8D72D414F5BD79939 ] C:\Program Files\Avira\AntiVir Desktop\gplegacy.dll
02:58:02.0640 0x0d68  C:\Program Files\Avira\AntiVir Desktop\gplegacy.dll - ok
02:58:02.0640 0x0d68  [ 17AA58A54C00F1746B8654C050491F43, AADA0D527FB96852998073E58F93710C4B3A25D7D1414BA9F23A28DA3D06B4CD ] C:\WINDOWS\system32\msutb.dll
02:58:02.0640 0x0d68  C:\WINDOWS\system32\msutb.dll - ok
02:58:02.0656 0x0d68  [ 2B97CF818297B3FF223BA7F520231C4B, C4713D4F4139D11B94696F5F755E0D445314083239C502AEA63938F453BA0AFE ] C:\Program Files\Avira\AntiVir Desktop\gpgenrep.dll
02:58:02.0656 0x0d68  C:\Program Files\Avira\AntiVir Desktop\gpgenrep.dll - ok
02:58:02.0656 0x0d68  [ 2ABD1F575B42F25CD72BA3F48902C8DA, 8838F01824C6C230D900210D0E66DC2BC42C166351DC69269EA094F95F1A449A ] C:\Program Files\Avira\AntiVir Desktop\onlcfg.dll
02:58:02.0656 0x0d68  C:\Program Files\Avira\AntiVir Desktop\onlcfg.dll - ok
02:58:02.0671 0x0d68  [ 345E1E8E661C00F53FF59EB5365836A9, C78BF1B52320F2FCBFC1D282D3CDA3688ECCB6E4456268C3BC97B30D80B86815 ] C:\Program Files\Avira\AntiVir Desktop\gavidb.dll
02:58:02.0671 0x0d68  C:\Program Files\Avira\AntiVir Desktop\gavidb.dll - ok
02:58:02.0671 0x0d68  [ E40FCF943127DDC8FD60554B722D762B, 2E7A7C08B56E07D69CB32F335D93F6D2C748EFA2CF4C41102A18C7761A4E9CF0 ] C:\WINDOWS\system32\msctf.dll
02:58:02.0671 0x0d68  C:\WINDOWS\system32\msctf.dll - ok
02:58:02.0687 0x0d68  [ DAB0C99805C7EC712F30E115C20BB4B4, EE831791E0FBB76D6512436855A19B7B3D614E197C7F98E444864469C5026CA2 ] C:\Program Files\Avira\AntiVir Desktop\systemutilities.dll
02:58:02.0687 0x0d68  C:\Program Files\Avira\AntiVir Desktop\systemutilities.dll - ok
02:58:02.0687 0x0d68  [ 684559A03CBC1D05BA120A18B0D8BA5D, 7425F27C8EF8CEF26B071D7FD5FED538C74EF524AEF73E427B1781F3A3C16C42 ] C:\WINDOWS\system32\winhttp.dll
02:58:02.0687 0x0d68  C:\WINDOWS\system32\winhttp.dll - ok
02:58:02.0687 0x0d68  [ 5DD746E37ACBF85D9CF608E621D5472E, 0546BC8679CC1FF098D88B67759667D196A5B9F28FFE336C98649CD70EBFED78 ] C:\Program Files\Avira\AntiVir Desktop\win32apiwrapper.dll
02:58:02.0703 0x0d68  C:\Program Files\Avira\AntiVir Desktop\win32apiwrapper.dll - ok
02:58:02.0703 0x0d68  [ B04DB1F0B2652FCBCCC5FD0C46579F0F, 24D1919B63ED444F5C6629626C239EC78A5BB7A3F29B154FEEA03A6FB8F26148 ] C:\WINDOWS\system32\mscoree.dll
02:58:02.0703 0x0d68  C:\WINDOWS\system32\mscoree.dll - ok
02:58:02.0703 0x0d68  [ 2DC5A8019E2387987905F77C664E4BE2, 32FD8D0D3146A599CFB536955F9E93AA50467B2176A70E481133B61D4BD29AD9 ] C:\WINDOWS\system32\linkinfo.dll
02:58:02.0703 0x0d68  C:\WINDOWS\system32\linkinfo.dll - ok
02:58:02.0718 0x0d68  [ A70A2D85AD143D6BB823C246CEB699A5, D8ED98DC2964A2DAF448893718E6381FBABAB53DD7497266851E0F4221F1B01F ] C:\WINDOWS\system32\ntshrui.dll
02:58:02.0718 0x0d68  C:\WINDOWS\system32\ntshrui.dll - ok
02:58:02.0718 0x0d68  [ D31209573DB3B3138E958E5B4211DDB8, 605D099084BF02C1078E4E07CE052C6D9D71AE4E7975B344AFE919A50A1B95E1 ] C:\Program Files\Avira\AntiVir Desktop\productutilities.dll
02:58:02.0718 0x0d68  C:\Program Files\Avira\AntiVir Desktop\productutilities.dll - ok
02:58:02.0734 0x0d68  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] C:\WINDOWS\system32\cryptsvc.dll
02:58:02.0734 0x0d68  C:\WINDOWS\system32\cryptsvc.dll - ok
02:58:02.0734 0x0d68  [ B714735C12A70171DE28657948FD91F1, DF7BF2D1BEBB016A8CB739EEE2670CF9F44A5CC2319A532E5C3DE0F5AA3AA144 ] C:\WINDOWS\system32\mlang.dll
02:58:02.0734 0x0d68  C:\WINDOWS\system32\mlang.dll - ok
02:58:02.0750 0x0d68  [ 00709952D444EAE14DBBD30D36FBAE0F, A65B57C68F9119940133F6680AF3644866EEBDA5378F9B6AED441FB999B50526 ] C:\WINDOWS\system32\certcli.dll
02:58:02.0750 0x0d68  C:\WINDOWS\system32\certcli.dll - ok
02:58:02.0750 0x0d68  [ 63F371F0248E3732A4821F86E6D0E370, 35838070CF9AADF30FD465234DB27BCD8F471513698DC7E738DDB1762DAC3CE4 ] C:\WINDOWS\ehome\ehRecvr.exe
02:58:02.0750 0x0d68  C:\WINDOWS\ehome\ehRecvr.exe - ok
02:58:02.0750 0x0d68  [ 16910F8B482919BB6035ED053B691692, 457B65A1831B5F42F9AFF6C9E810B76D421FE57137768B97A965D5E76142A94E ] C:\WINDOWS\ehome\ehSched.exe
02:58:02.0750 0x0d68  C:\WINDOWS\ehome\ehSched.exe - ok
02:58:02.0765 0x0d68  [ 029399C1F08C24C4957FA9D4C529ABC9, 2ABC3EFDED646E749B46341CFF188421F3C5387E63CE4AE9AF1A49AFAB959AEB ] C:\WINDOWS\ehome\ehRec.exe
02:58:02.0765 0x0d68  C:\WINDOWS\ehome\ehRec.exe - ok
02:58:02.0765 0x0d68  [ 83BA5E873164A3711B44052F58C8FE9F, 7271ADE7A615E6F33375D23DACC32A8A652AF18CAAF8439F018E32E32E222F5A ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
02:58:02.0765 0x0d68  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
02:58:02.0781 0x0d68  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] C:\WINDOWS\system32\dmserver.dll
02:58:02.0781 0x0d68  C:\WINDOWS\system32\dmserver.dll - ok
02:58:02.0781 0x0d68  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] C:\WINDOWS\system32\ersvc.dll
02:58:02.0781 0x0d68  C:\WINDOWS\system32\ersvc.dll - ok
02:58:02.0796 0x0d68  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] C:\WINDOWS\system32\es.dll
02:58:02.0796 0x0d68  C:\WINDOWS\system32\es.dll - ok
02:58:02.0796 0x0d68  [ 415C6082A9258B03B66D337449B4F58D, AB74707FEA731F1225F12D9A6D58B406C1F4A95F887C5215B2ABB9EDA50CA64B ] C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscorsvr.dll
02:58:02.0796 0x0d68  C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscorsvr.dll - ok
02:58:02.0812 0x0d68  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
02:58:02.0812 0x0d68  C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
02:58:02.0812 0x0d68  [ 7C0731DE9D61265ED81C2FEA800FA8B3, 1F90AF0AEA84493353BC4468DE14522D6676030772DF435B7E3FF8001F43F8F4 ] C:\Program Files\Avira\AntiVir Desktop\rctext.dll
02:58:02.0812 0x0d68  C:\Program Files\Avira\AntiVir Desktop\rctext.dll - ok
02:58:02.0812 0x0d68  [ BF918C9473D64BBD53C22C47045883F5, 1980726FBFEEE75E4B360B1A4F438CF1ADD929AC21BD5197F740CB8AD8194BD2 ] C:\Program Files\Java\jre7\bin\jqs.exe
02:58:02.0812 0x0d68  C:\Program Files\Java\jre7\bin\jqs.exe - ok
02:58:02.0828 0x0d68  [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] C:\WINDOWS\system32\hidserv.dll
02:58:02.0828 0x0d68  C:\WINDOWS\system32\hidserv.dll - ok
02:58:02.0828 0x0d68  [ 8973122796E3B5D6B5900FC186E55FEA, 350120A20F8591C27E68A5903E3175DD3F4F85BA2FF1F8B6E1D3B3758B5B509D ] C:\WINDOWS\system32\hid.dll
02:58:02.0828 0x0d68  C:\WINDOWS\system32\hid.dll - ok
02:58:02.0843 0x0d68  [ 91790D6749EBED90E2C40479C0A91879, 3C267950F13CCE412474C5228FC0E3D8D7F912E82464BD2CE6312A0326F84A80 ] C:\WINDOWS\system32\verclsid.exe
02:58:02.0843 0x0d68  C:\WINDOWS\system32\verclsid.exe - ok
02:58:02.0843 0x0d68  [ BF38660A9125935658CFA3E53FDC7D65, 60C06E0FA4449314DA3A0A87C1A9D9577DF99226F943637E06F61188E5862EFA ] C:\Program Files\Java\jre7\bin\msvcr100.dll
02:58:02.0843 0x0d68  C:\Program Files\Java\jre7\bin\msvcr100.dll - ok
02:58:02.0859 0x0d68  [ 766D9646911A6435B1D7A2DF6FA1653D, 34DFA62D81E400ADF219DAEFE5E4E1B8DB9344C74AE6573910BBC945CE118E5A ] C:\WINDOWS\system32\sbe.dll
02:58:02.0859 0x0d68  C:\WINDOWS\system32\sbe.dll - ok
02:58:02.0859 0x0d68  [ 062F837C1FBDB6A0A75F82EFC2EE8E74, 3C0BFA381CBC2C55B58A8942A7148A6C27E244D26313EFB4708DD5858C689E02 ] C:\WINDOWS\system32\netshell.dll
02:58:02.0859 0x0d68  C:\WINDOWS\system32\netshell.dll - ok
02:58:02.0859 0x0d68  [ C2E173C85478C09ACB1084B015E5CBA7, 9BB7154C99A6BDD1B82C0E802292278C7A44B7EE6A1AF90C828F07602DB4C691 ] C:\WINDOWS\system32\msvidctl.dll
02:58:02.0859 0x0d68  C:\WINDOWS\system32\msvidctl.dll - ok
02:58:02.0875 0x0d68  [ 62CF83A6989312A0DD39BBFFB3D1C166, 05FB7F06444B4958BE3EFC6909614D516BE5FE3929E0F58D2C13C2A211C1F86A ] C:\WINDOWS\system32\pdh.dll
02:58:02.0875 0x0d68  C:\WINDOWS\system32\pdh.dll - ok
02:58:02.0875 0x0d68  [ 369F7B1A4F358B976176556A1A331F36, 65A60C4C5D816D53DDAA208FEEDD4F8C185A77BACB8736EADCAE2F454C8FFC08 ] C:\WINDOWS\system32\odbcbcp.dll
02:58:02.0875 0x0d68  C:\WINDOWS\system32\odbcbcp.dll - ok
02:58:02.0890 0x0d68  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] C:\WINDOWS\system32\srvsvc.dll
02:58:02.0890 0x0d68  C:\WINDOWS\system32\srvsvc.dll - ok
02:58:02.0890 0x0d68  [ 00944D59948596721D17510C94CD3E4F, FBD66042DEF6C5E29C3BB46B6A0739137DEC0EF73558A4C70C37CD1B6DDC240F ] C:\Program Files\Common Files\LightScribe\LSSrvc.exe
02:58:02.0890 0x0d68  C:\Program Files\Common Files\LightScribe\LSSrvc.exe - ok
02:58:02.0906 0x0d68  [ 86F1895AE8C5E8B17D99ECE768A70732, 8094AF5EE310714CAEBCCAEEE7769FFB08048503BA478B879EDFEF5F1A24FEFE ] C:\Program Files\Common Files\LightScribe\msvcr71.dll
02:58:02.0906 0x0d68  C:\Program Files\Common Files\LightScribe\msvcr71.dll - ok
02:58:02.0906 0x0d68  [ ACDAFCD14EC0ECE89198503746A5C147, F90876961B6966915C4A1847F91F45282FFA48140D01503EF9013E774661C4E8 ] C:\WINDOWS\system32\perfos.dll
02:58:02.0906 0x0d68  C:\WINDOWS\system32\perfos.dll - ok
02:58:02.0906 0x0d68  [ 20FD44370267CCD0A64A1B31861C21D2, D98194A17D1C63434EC6449742C10033F1B94D80826B20464519B1DD4DE1DB5F ] C:\WINDOWS\system32\netmsg.dll
02:58:02.0906 0x0d68  C:\WINDOWS\system32\netmsg.dll - ok
02:58:02.0921 0x0d68  [ ABFB673B24A9B3287761D497529FB5B9, FD0DEC392BE1632C33E90981D799DD5C11C9D257F0B1D3190FA32658EB706F0A ] C:\WINDOWS\system32\perfdisk.dll
02:58:02.0921 0x0d68  C:\WINDOWS\system32\perfdisk.dll - ok
02:58:02.0921 0x0d68  [ 9972A6ED4F2388DBFA8E0A96F6F3FDF1, F68E4CDBC879423EA47D763A6768567F5F8063924F13A74239750C13FA8D168A ] C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\msvcr70.dll
02:58:02.0921 0x0d68  C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\msvcr70.dll - ok
02:58:02.0937 0x0d68  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] C:\WINDOWS\system32\drivers\srv.sys
02:58:02.0937 0x0d68  C:\WINDOWS\system32\drivers\srv.sys - ok
02:58:02.0937 0x0d68  [ 561FA2ABB31DFA8FAB762145F81667C2, DF96156F6A548FD6FE5672918DE5AE4509D3C810A57BFFD2A91DE45A3ED5B23B ] C:\Program Files\Common Files\LightScribe\msvcp71.dll
02:58:02.0937 0x0d68  C:\Program Files\Common Files\LightScribe\msvcp71.dll - ok
02:58:02.0953 0x0d68  [ D12582F6022239716ABF3C1C5F4B1477, 9BD586A6D4BFF36127CC2FE66500CA5C6DF1BBA838B7DA7508DD7A8CB36E33DA ] C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\fusion.dll
02:58:02.0953 0x0d68  C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\fusion.dll - ok
02:58:02.0953 0x0d68  [ 61522DDC8E649571E5682E826E8D98E8, 18E0EF4356AAAD88396123D0AA024D33D1D385DEEA48EDED187CB503E77EB265 ] C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscorlib.dll
02:58:02.0953 0x0d68  C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscorlib.dll - ok
02:58:02.0968 0x0d68  [ 235892E493845D64D890163CFEF90E97, 48FC98DD1E5F8F05DE6954FE26C0A448AA9838D7DC716518C715F35E3CFA227D ] C:\WINDOWS\system32\credui.dll
02:58:02.0968 0x0d68  C:\WINDOWS\system32\credui.dll - ok
02:58:02.0968 0x0d68  [ BF107ACF2CDD552AABE14E8C3E62E3FC, 24547C7A4B99AC3B24F60D8B26A5A935FD021C530EB0662A8563097F879620EF ] C:\WINDOWS\system32\quartz.dll
02:58:02.0968 0x0d68  C:\WINDOWS\system32\quartz.dll - ok
02:58:02.0968 0x0d68  [ 4E8F3230BAC8C1CAADF01A8C728E1C5C, 62E73A7D4C58F2E30670F6A72E734B618AF45F60A8CB2177A4D504283F829BE5 ] C:\WINDOWS\system32\dot3dlg.dll
02:58:02.0968 0x0d68  C:\WINDOWS\system32\dot3dlg.dll - ok
02:58:02.0984 0x0d68  [ CA04959077AFE36369D37B3504740C87, CBB90BC35A74EC03DC04CD60DAC966A9FA98DC9EEFB926089DBE7A47D3B710B1 ] C:\WINDOWS\system32\onex.dll
02:58:02.0984 0x0d68  C:\WINDOWS\system32\onex.dll - ok
02:58:02.0984 0x0d68  [ 5DB625E7D095604010CF84DE2D8ACFA6, DEED8055CD1F2E2D898C5C77283B56078414CC7D9FCA6FCF58BA0B66B565E826 ] C:\WINDOWS\system32\eappcfg.dll
02:58:02.0984 0x0d68  C:\WINDOWS\system32\eappcfg.dll - ok
02:58:03.0000 0x0d68  [ ABC4206543450C0666D152F4B65833B8, D78D5E719E7744805DF6DD1D9567E67E11223F4E3B13170E35F27D46FCB6C244 ] C:\WINDOWS\system32\eappprxy.dll
02:58:03.0000 0x0d68  C:\WINDOWS\system32\eappprxy.dll - ok
02:58:03.0000 0x0d68  [ F90137A9897071EDE961A5ABA4EA524F, F3374B4ED84CCEC9F84339EB583001E15B56B1C548C0ADDB462764F6F4F1E884 ] C:\WINDOWS\ehome\ehtray.exe
02:58:03.0000 0x0d68  C:\WINDOWS\ehome\ehtray.exe - ok
02:58:03.0015 0x0d68  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] C:\WINDOWS\system32\drivers\cdfs.sys
02:58:03.0015 0x0d68  C:\WINDOWS\system32\drivers\cdfs.sys - ok
02:58:03.0015 0x0d68  [ CC8915DB4E33E8FB29CA0D2DBF75306E, 6319C0580FFDA989A2726814667C330F6A5C864D34B8C87645DD5A98E7A2C7FB ] C:\WINDOWS\system32\webcheck.dll
02:58:03.0015 0x0d68  C:\WINDOWS\system32\webcheck.dll - ok
02:58:03.0015 0x0d68  [ 50512FC9B7878E3C2C147BC17326A7DB, 670006280CA98213C3A23B442615FD729C83953795619360F9D2988E56A602D7 ] C:\WINDOWS\system32\stobject.dll
02:58:03.0015 0x0d68  C:\WINDOWS\system32\stobject.dll - ok
02:58:03.0031 0x0d68  [ 231A0B0E3BA7ABFE469A8262FAA1FD71, 76F8AE2680438B279081EDFC2728E3785736E82A5C6396AA705BFFFF5C361294 ] C:\WINDOWS\system32\batmeter.dll
02:58:03.0031 0x0d68  C:\WINDOWS\system32\batmeter.dll - ok
02:58:03.0031 0x0d68  [ 9C3B2302B60FB0EFB13BC880A5E3E93E, 16F32AB74A57B521FF431F2C36609DE5F6ABE0DCD3111B4954471DEED700A66B ] C:\WINDOWS\system32\HdAShCut.exe
02:58:03.0031 0x0d68  C:\WINDOWS\system32\HdAShCut.exe - ok
02:58:03.0046 0x0d68  [ 25FA7A6A8E081EAC69CABFD13297A5D0, 18F97CBE023F31DA7E0CF3C618846FC6DE51E0D0C96C3E15DCE69070F7AC6F7B ] C:\WINDOWS\system32\HdAudRes.dll
02:58:03.0046 0x0d68  C:\WINDOWS\system32\HdAudRes.dll - ok
02:58:03.0046 0x0d68  [ EBEF50E931BBFD92033931F0A95E5357, 782C16329198F149693D173B2812947EFD1CB3C46B726CDC540302794CD66E5D ] C:\Program Files\Avira\AntiVir Desktop\avipc.dll
02:58:03.0046 0x0d68  C:\Program Files\Avira\AntiVir Desktop\avipc.dll - ok
02:58:03.0062 0x0d68  [ B143725B8DD8B07AFA4093B1E83F1655, 20F31409A3C9E2C1EB290B1EC98B63213E7A4A490E6C989AF10E923A44100967 ] C:\Program Files\Avira\AntiVir Desktop\avlode.dll
02:58:03.0062 0x0d68  C:\Program Files\Avira\AntiVir Desktop\avlode.dll - ok
02:58:03.0062 0x0d68  [ 409F6851BDAEC9ACCBDDE692D56D5C87, 22244B58BE2E80849D228679707FE6C0C73FDE0548E0EF29B3C3F82205D741CE ] C:\WINDOWS\system32\hkcmd.exe
02:58:03.0062 0x0d68  C:\WINDOWS\system32\hkcmd.exe - ok
02:58:03.0062 0x0d68  [ AA5E22854F56C68148EB3345DBD62970, 441818E5E9F568C4AC7174BCF625ACB63D8837658559949DF468B61125900B96 ] C:\WINDOWS\system32\devenum.dll
02:58:03.0062 0x0d68  C:\WINDOWS\system32\devenum.dll - ok
02:58:03.0078 0x0d68  [ 2D838F01650A630AE7A78C864315FBDC, 74BEBB525374F90889A84682271CFB8E7E5F817B509CD3D45FDD9432A7A70461 ] C:\WINDOWS\system32\igfxpers.exe
02:58:03.0078 0x0d68  C:\WINDOWS\system32\igfxpers.exe - ok
02:58:03.0078 0x0d68  [ 4F113169A2DE985D043A5530987AD6D0, 13804396E930DAFEF342FB179A02C93F4C99A177A2E145E933723FA382763E96 ] C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
02:58:03.0078 0x0d68  C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe - ok
02:58:03.0093 0x0d68  [ 6253BE023C1FD726757741E950515931, DB040311501C746FDB242B645A88F67C32FFB1CFC908BB65BD19FDB1E806FCB5 ] C:\WINDOWS\assembly\NativeImages1_v1.0.3705\mscorlib\1.0.3300.0__b77a5c561934e089_5d146a32\mscorlib.dll
02:58:03.0093 0x0d68  C:\WINDOWS\assembly\NativeImages1_v1.0.3705\mscorlib\1.0.3300.0__b77a5c561934e089_5d146a32\mscorlib.dll - ok
02:58:03.0109 0x0d68  [ F7B1C8EBF40CDE03356CADFF0B3EB4FE, 608A4C5C5144EEDAD6426C190CD5DDA702D6D4C67AF058D21155FC1DFD7AAD8D ] C:\WINDOWS\system32\hccutils.dll
02:58:03.0109 0x0d68  C:\WINDOWS\system32\hccutils.dll - ok
02:58:03.0109 0x0d68  [ 30A086BA3520555B718E77763B1C52C0, 4F121DF4C11CFA53AE5AA4443811FDC12B9490A9E2CFF15B51944F830DA34A05 ] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe
02:58:03.0109 0x0d68  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe - ok
02:58:03.0125 0x0d68  [ 8FED1E0A491D4990853D23F21C59C730, 4BA6C93BFD43BAEB852B5CB9129522C97DDB542D7EF8EE34AECD8CDF1BF0FC38 ] C:\WINDOWS\system32\advpack.dll
02:58:03.0125 0x0d68  C:\WINDOWS\system32\advpack.dll - ok
02:58:03.0125 0x0d68  [ D25C03D04159D462D69F294BA7142BDB, 397B0FE2BB56FFBBF1BD89273802348B3AA102A5725E2CB3670FA89526E6C5EC ] C:\WINDOWS\system32\msdmo.dll
02:58:03.0125 0x0d68  C:\WINDOWS\system32\msdmo.dll - ok
02:58:03.0125 0x0d68  [ 6380625DD0480ED60960A149A087C848, 50D920A3184B431246B38066FB6D6452C90294FCCEB8E2F1F1B7A2743E6C1106 ] C:\hp\bin\cloaker.exe
02:58:03.0125 0x0d68  C:\hp\bin\cloaker.exe - ok
02:58:03.0140 0x0d68  [ 4ABC3BFA7F63BA5A48450D89E83BB370, 8393CD77357D724D1408E31B46E7836DAFD2C5596A3883B1F27A50E00B82F746 ] C:\WINDOWS\system32\igfxsrvc.exe
02:58:03.0140 0x0d68  C:\WINDOWS\system32\igfxsrvc.exe - ok
02:58:03.0140 0x0d68  [ 00D74959943FE92356CA918CD6167681, 37DE0D47F82CD99875D479193BC4309487D4E0B10F402E24AC76FB97E34CFC05 ] C:\WINDOWS\system32\igfxsrvc.dll
02:58:03.0140 0x0d68  C:\WINDOWS\system32\igfxsrvc.dll - ok
02:58:03.0156 0x0d68  [ AB6903C307E5EDD6EF6437351FBE60FA, C319780910A1FD0461EF2F3C697DE43C6330B5FCDC07EB6E378573BF11026C54 ] C:\WINDOWS\system32\igfxdev.dll
02:58:03.0156 0x0d68  C:\WINDOWS\system32\igfxdev.dll - ok
02:58:03.0156 0x0d68  [ 5FD441FA69B135B8891EBF8F2F8631B7, 6827D7F5648E838E60D18304B2B2019CCBA18C9772FDFB2835BB99F4652A1B3F ] C:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe
02:58:03.0156 0x0d68  C:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe - ok
02:58:03.0171 0x0d68  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files\HP\HP Software Update\hpwuschd2.exe
02:58:03.0171 0x0d68  C:\Program Files\HP\HP Software Update\hpwuschd2.exe - ok
02:58:03.0171 0x0d68  [ D09A5F5C4DBD5D4DFF09AB1A69812062, 2282EEA1AAD234A773C46FEA1EF4330E8320FC240BE3E2F5A38C3DF4F09CA947 ] C:\Program Files\Common Files\Real\Update_OB\realsched.exe
02:58:03.0171 0x0d68  C:\Program Files\Common Files\Real\Update_OB\realsched.exe - ok
02:58:03.0171 0x0d68  [ 91833A460FF0E87071A806B622A658EC, 8552707696456C4304D1CDBB0F53F61DE1B5D72F438A0C1AF6CBF388A8E2E00F ] C:\WINDOWS\system32\igfxres.dll
02:58:03.0171 0x0d68  C:\WINDOWS\system32\igfxres.dll - ok
02:58:03.0187 0x0d68  [ 1C22A3866112ED41E1F3684DAE9AD5D2, 621989160B8DCE383242FA844CA63557F7BCD4520335E7EA1AF85E7720A760CA ] C:\WINDOWS\system32\mmcshext.dll
02:58:03.0187 0x0d68  C:\WINDOWS\system32\mmcshext.dll - ok
02:58:03.0187 0x0d68  [ 69B388D8F3085411D00F875FF5CBCAF6, 22F6DCF1E6D1DD28793CCDFE9FC33E737180BB3C5C65BE3BFA9C2522B6B6F66B ] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
02:58:03.0187 0x0d68  C:\Program Files\Avira\AntiVir Desktop\avgnt.exe - ok
02:58:03.0203 0x0d68  [ D3E868700D9B5E3C54B7EED060215CC1, C066B0E63815018D6D345CE5DABD443C5CDA73200601FB51F67C602A4133A2C5 ] C:\WINDOWS\system32\hhsetup.dll
02:58:03.0203 0x0d68  C:\WINDOWS\system32\hhsetup.dll - ok
02:58:03.0203 0x0d68  [ 7BBE4CF421AECC7F0226EDD75F12079F, 8E78FC5E0657DB066F9EBAADEA9AFECB1AAA570DD9C08C7ED42116704D2E379D ] C:\WINDOWS\ime\imjp8_1\imjpmig.exe
02:58:03.0203 0x0d68  C:\WINDOWS\ime\imjp8_1\imjpmig.exe - ok
02:58:03.0218 0x0d68  [ F4F2A4C459DD3AA22DD3984D13B15746, C2D0E285E2333A9C620BE04A5747881AF0D5615DA32226886E659FF31A9761CC ] C:\Program Files\Avira\AntiVir Desktop\mfc120u.dll
02:58:03.0218 0x0d68  C:\Program Files\Avira\AntiVir Desktop\mfc120u.dll - ok
02:58:03.0218 0x0d68  [ E6BB63BBE1BED01769CA87F4DAC286C8, 6D1D7C7365FBF29C92398BC11D5713BC373E372D92C155DA0DBA3B86DD1705F7 ] C:\WINDOWS\ime\imkr6_1\imekrmig.exe
02:58:03.0218 0x0d68  C:\WINDOWS\ime\imkr6_1\imekrmig.exe - ok
02:58:03.0218 0x0d68  [ 1B17E09C1223F6D17336D2DD7A1AF4F4, 06DFAD95007532CCF46D593EEDC2474936614AEDCEA7BF983E36DAD22F850B08 ] C:\WINDOWS\system32\IME\PINTLGNT\IMSCINST.EXE
02:58:03.0218 0x0d68  C:\WINDOWS\system32\IME\PINTLGNT\IMSCINST.EXE - ok
02:58:03.0234 0x0d68  [ 43C917A76F30F8A6AE522BAC0D48695E, 36AF06FD4CD24EDFB18C4E0A7CE38F5C61531C2591C462CAF65BC8E7F015A5CE ] C:\Program Files\Avira\AntiVir Desktop\apcfile.dll
02:58:03.0234 0x0d68  C:\Program Files\Avira\AntiVir Desktop\apcfile.dll - ok
02:58:03.0234 0x0d68  [ DB91946BDFBCD5BB4D8B12C1BCD51624, 789CDAEF6B281431AFCA76691969D372DC56CB6E7510F0D8F6A96D5298633D4F ] C:\Program Files\Avira\AntiVir Desktop\libcurl.dll
02:58:03.0234 0x0d68  C:\Program Files\Avira\AntiVir Desktop\libcurl.dll - ok
02:58:03.0250 0x0d68  [ 024DC0F68DF5FD6AE9DD82DFBAF479D6, FDBF0FD05CFB757C704B22703DF23E05207F14877A4EF52E3032012B6FD0C4E0 ] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
02:58:03.0250 0x0d68  C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE - ok
02:58:03.0250 0x0d68  [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
02:58:03.0250 0x0d68  C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE - ok
02:58:03.0265 0x0d68  [ BB10E34B162FBEAE5636474A79026A0D, 700629C7497ED01E5B7DF99F0D8F56FF30BBA067ED65AC7A0D77B3765C596ECB ] C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
02:58:03.0265 0x0d68  C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe - ok
02:58:03.0265 0x0d68  [ 3706642E75B5AAB16A9CAC0287AF5F7D, A85A2D015C7CB01947658A69E937AD58CCED499F8DF7CB8277974CD4D9CEA0A3 ] C:\Program Files\Common Files\LightScribe\LSCAPI.dll
02:58:03.0265 0x0d68  C:\Program Files\Common Files\LightScribe\LSCAPI.dll - ok
02:58:03.0281 0x0d68  [ 3690C710787D2E44F183DC70BD66290C, 728E327A87C03C09D556FD99F9733685663AE6CB57A378C7196E49EB0D57E256 ] C:\Program Files\Common Files\LightScribe\LSLog.dll
02:58:03.0281 0x0d68  C:\Program Files\Common Files\LightScribe\LSLog.dll - ok
02:58:03.0281 0x0d68  [ D0F895B2B35CB0E1D83A7432029DFF71, 39A6FE1CBE500B0DE5C416883C3A2FCF3FAF40DE7A55984F41877C3E6AEC3DFC ] C:\Program Files\KeyScrambler\KeyScrambler.exe
02:58:03.0281 0x0d68  C:\Program Files\KeyScrambler\KeyScrambler.exe - ok
02:58:03.0281 0x0d68  [ FB43AD8C64FDEAE83369AC5BB2DB5F9F, 0B59CF72CFF2EAD375484916B0937270C9FABA0201D752538A9D87CF76047B39 ] C:\Program Files\KeyScrambler\KeyScramblerIE.dll
02:58:03.0281 0x0d68  C:\Program Files\KeyScrambler\KeyScramblerIE.dll - ok
02:58:03.0296 0x0d68  [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe
02:58:03.0296 0x0d68  C:\WINDOWS\system32\ctfmon.exe - ok
02:58:03.0296 0x0d68  [ 6CA9C9C471D384698945E2B9CAAB294E, 589332CB15AD023879342803F4F805B7D7F99E394EE092BB23B3D87FF3B6776D ] C:\Program Files\Common Files\LightScribe\LSPrtEn.dll
02:58:03.0296 0x0d68  C:\Program Files\Common Files\LightScribe\LSPrtEn.dll - ok
02:58:03.0312 0x0d68  [ 2B24F194FC5B657397ECB2923A68350E, B7F36CD6F0C33A2EC09898E35786E2225AC22408C25720E4D5B7A32CCA54940C ] C:\Program Files\CCleaner\CCleaner.exe
02:58:03.0312 0x0d68  C:\Program Files\CCleaner\CCleaner.exe - ok
02:58:03.0312 0x0d68  [ 332760FBA1655FCFD35BD6F4FD871300, 6C539FD14B9CF9423E305EAF60CB5C12CA0F7AEF571FB09BAF64E83F108B7F2D ] C:\WINDOWS\system32\ipsecsvc.dll
02:58:03.0312 0x0d68  C:\WINDOWS\system32\ipsecsvc.dll - ok
02:58:03.0328 0x0d68  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] C:\WINDOWS\system32\netman.dll
02:58:03.0328 0x0d68  C:\WINDOWS\system32\netman.dll - ok
02:58:03.0328 0x0d68  [ 085BBE2556ECDAEB4015099CE663ACA1, 46DE8C8E6DBAE588976C63072AC3E5943F3C8263294D4BCBDCAAF361B5162DF5 ] C:\Program Files\Sandboxie\SbieCtrl.exe
02:58:03.0328 0x0d68  C:\Program Files\Sandboxie\SbieCtrl.exe - ok
02:58:03.0328 0x0d68  [ 165AE7A443F2139DD2C078AD87699F91, 7DAA39FA20AA399548FE907B0614D9AA88A2FF9C0FA7E40F51BE7A0395AF31FB ] C:\Program Files\Microsoft Office\OFFICE11\MSOHEV.DLL
02:58:03.0328 0x0d68  C:\Program Files\Microsoft Office\OFFICE11\MSOHEV.DLL - ok
02:58:03.0343 0x0d68  [ F64FD5C7FEF7FC25CBA37974FF3584D7, 8F9F7685416D1B5ECC842B0836F251D71DD79F5E32BC1DC6BE920C0A22AC90CC ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\clr.dll
02:58:03.0343 0x0d68  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\clr.dll - ok
02:58:03.0359 0x0d68  [ 29ECDA17BA5E6D98430F698587569ACC, 9C37D92CCBED1F9ED4E585F98E7FB17C6AD083712B078ABCB40476310BCDB7F8 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.23084_x-ww_f3f35550\GdiPlus.dll
02:58:03.0359 0x0d68  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.23084_x-ww_f3f35550\GdiPlus.dll - ok
02:58:03.0359 0x0d68  [ 584C4DA856450CB22EBBE7A68CC6250F, 56030767CFD2DAFDAE8CC767DC1EED39DD2E6E42152BFAE7904C2C8826B2C3E2 ] C:\WINDOWS\system32\oakley.dll
02:58:03.0359 0x0d68  C:\WINDOWS\system32\oakley.dll - ok
02:58:03.0375 0x0d68  [ 767FF54A552732CE772C2302025FA82F, 7761546C33B0E55B0A8214798FD035C2499D31D690CE03E25B0068C81EDECF3F ] C:\WINDOWS\system32\wzcsapi.dll
02:58:03.0375 0x0d68  C:\WINDOWS\system32\wzcsapi.dll - ok
02:58:03.0375 0x0d68  [ 88BEEF09C654252F3E46B6167B7F4ECB, 94A78D2D709AEED74BA1C29D00CFD55EF68A95764C067B470E1C19C376F32478 ] C:\WINDOWS\system32\msisip.dll
02:58:03.0375 0x0d68  C:\WINDOWS\system32\msisip.dll - ok
02:58:03.0375 0x0d68  [ 3A6D465F379E5C815F4AD565391E654C, EE40580ED71282B1D5D95752DD843DCC30689196B22051AF8CDF6127B985411E ] C:\WINDOWS\system32\wshext.dll
02:58:03.0375 0x0d68  C:\WINDOWS\system32\wshext.dll - ok
02:58:03.0390 0x0d68  [ 51D54AF343D536E7130DFEADB5372AFE, CDEFE063D2B1302D6A7633247113E4002080A94977323EC709A46772C5DBFC4B ] C:\Program Files\Common Files\LightScribe\LSDrComm.dll
02:58:03.0390 0x0d68  C:\Program Files\Common Files\LightScribe\LSDrComm.dll - ok
02:58:03.0390 0x0d68  [ F6FAEC07446A78A9C5AF4558FF5BD118, 9291106F6666913DB6D18943D255D60F77CCDB5A46BD4C100A5E80D40D6927D9 ] C:\WINDOWS\ime\sptip.dll
02:58:03.0390 0x0d68  C:\WINDOWS\ime\sptip.dll - ok
02:58:03.0406 0x0d68  [ F0B0D86C7E5CE1781BB92F300169A257, 9BA533D02C86135EB9B3579E4B15602B7ABECCCEC142B3C7A115C7DBE8A90D96 ] C:\PROGRA~1\MI1933~1\OFFICE11\MCPS.DLL
02:58:03.0406 0x0d68  C:\PROGRA~1\MI1933~1\OFFICE11\MCPS.DLL - ok
02:58:03.0406 0x0d68  [ 4446045B7F00482AC9FC3A03D271FF12, 3BF25F7C773AB9DA126EC2E5C94F190DC8F9ECA66CF34001F825F2291F1C2421 ] C:\Program Files\Common Files\LightScribe\LSSProxy.dll
02:58:03.0406 0x0d68  C:\Program Files\Common Files\LightScribe\LSSProxy.dll - ok
02:58:03.0421 0x0d68  [ F15552F31D97E2EFCC69DE6675E1D8DE, DA2A178E52402FDCB9EA33EF54C26B5DD1CAC4868216F7B8BFDEDD35DE9E8132 ] C:\Program Files\Avira\AntiVir Desktop\libeay32.dll
02:58:03.0421 0x0d68  C:\Program Files\Avira\AntiVir Desktop\libeay32.dll - ok
02:58:03.0421 0x0d68  [ DC3078BA1B58562416C843582A42284C, 3A4EEC80B48F238CB79B8AEB8DF269313146BA93059EA648CD2A3E7EE9E27730 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll
02:58:03.0421 0x0d68  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll - ok
02:58:03.0437 0x0d68  [ 5597D0075861CB0A6E6087752D205C0D, 3F3FAC1FDC2934D3565F0AE94F547572E6DEAE83021E069978AAF13FB8A47AC8 ] C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
02:58:03.0437 0x0d68  C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - ok
02:58:03.0437 0x0d68  [ CBCDA25B76B570A8252644594EDF3BE9, 7D3BEEF96402202D853323341C573C2B3F37EB2C52C8BCE3B15D07019A048B1F ] C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
02:58:03.0437 0x0d68  C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe - ok
02:58:03.0437 0x0d68  [ EA99B12613E5909526123EEC64D6ABDC, 1472B095FD344D666C0BC3219384998E861F3DC5673D702D80F8B691147858BC ] C:\Program Files\HP\Digital Imaging\bin\hpqcxm08.dll
02:58:03.0437 0x0d68  C:\Program Files\HP\Digital Imaging\bin\hpqcxm08.dll - ok
02:58:03.0453 0x0d68  [ 149844639A31AD0D97A8B8A10FDC1FAA, 388F1F6D9D25F52C2816812184E7FE0C3AB6B14038127E3E9CBF83B202CF4B20 ] C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\backweb.dll
02:58:03.0453 0x0d68  C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\backweb.dll - ok
02:58:03.0453 0x0d68  [ 93C088C2AEB2F23E720BDA7E32BD5117, 7ECFCAF8E057986501B42181E049E48063D940A34A3F3E425FF82D2183008E90 ] C:\WINDOWS\system32\upnp.dll
02:58:03.0453 0x0d68  C:\WINDOWS\system32\upnp.dll - ok
02:58:03.0468 0x0d68  [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] C:\WINDOWS\system32\regsvc.dll
02:58:03.0468 0x0d68  C:\WINDOWS\system32\regsvc.dll - ok
02:58:03.0468 0x0d68  [ 248712EA6BA17B9FF0C542A3828375DD, 03EFDE351860C4C49F42D6129C6A6F2B3FC859C20F14FE0652F9C4FBD81244B4 ] C:\WINDOWS\system32\winipsec.dll
02:58:03.0468 0x0d68  C:\WINDOWS\system32\winipsec.dll - ok
02:58:03.0484 0x0d68  [ F1430F5D20F4BB71A003209C3DB3ADDF, 3F1C97A500266C0DB1DD7819B4508C954CF3E20FDA06C097914AF7028F96CD64 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
02:58:03.0484 0x0d68  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll - ok
02:58:03.0484 0x0d68  [ 853D0D0C6F02D7BFDF1CF99DD7553732, AC761B4CA518B787CB2C18101606E5F64245049D140C72B6B1112556DEC86B2E ] C:\WINDOWS\system32\pstorsvc.dll
02:58:03.0484 0x0d68  C:\WINDOWS\system32\pstorsvc.dll - ok
02:58:03.0500 0x0d68  [ 1169436EE42F860C7DB37A4692B38F0E, 9382AAED2DB19CD75A70E38964F06C63F19F63C9DFB5A33B0C2D445BB41B6E46 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
02:58:03.0500 0x0d68  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll - ok
02:58:03.0500 0x0d68  [ 98E53CA00D3C0A2E9FAA4E59C101AEBA, 9A6F978C0F1907915309F29FC2404910C3C7E205040C2B108685429E69625BD2 ] C:\WINDOWS\system32\mslbui.dll
02:58:03.0500 0x0d68  C:\WINDOWS\system32\mslbui.dll - ok
02:58:03.0515 0x0d68  [ 22D89D84E8E081CDA529DBF8C0255A38, 26863A2D27BE257D99EF28A612FC1B514558B27002EF10B0F682BC15C6D1CD74 ] C:\WINDOWS\system32\psbase.dll
02:58:03.0515 0x0d68  C:\WINDOWS\system32\psbase.dll - ok
02:58:03.0515 0x0d68  [ 3D075865DCC26931972F6476AD0497BE, E1FB17787F54D9A4E2A04DD699FA770C9CE100A427E6EFBF4E0CF24EAAD3A9BA ] C:\WINDOWS\system32\ssdpapi.dll
02:58:03.0515 0x0d68  C:\WINDOWS\system32\ssdpapi.dll - ok
02:58:03.0531 0x0d68  [ C14AA05881A35B6D6BB8D55B117EE22D, F30873FA983CE21734BE1A357CDF855EF33511990C14B454EBAA3D6059CD823D ] C:\WINDOWS\system32\shfolder.dll
02:58:03.0531 0x0d68  C:\WINDOWS\system32\shfolder.dll - ok
02:58:03.0531 0x0d68  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] C:\WINDOWS\system32\sens.dll
02:58:03.0531 0x0d68  C:\WINDOWS\system32\sens.dll - ok
02:58:03.0546 0x0d68  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] C:\WINDOWS\system32\srsvc.dll
02:58:03.0546 0x0d68  C:\WINDOWS\system32\srsvc.dll - ok
02:58:03.0546 0x0d68  [ 82E047AC9DCFA908F169EBB20C157198, E70F10B58F79D76DBCC7B81559729CD3E02CB915F8709C9FBF6C76095FCF8B93 ] C:\Program Files\HP\Digital Imaging\bin\hpquio08.dll
02:58:03.0546 0x0d68  C:\Program Files\HP\Digital Imaging\bin\hpquio08.dll - ok
02:58:03.0562 0x0d68  [ FEDE68BF80052BAD393AFD5C2E60DCB0, 6A40D89524317C554C5C33A35FB659147A3118F4C646AB36653A19A8811627CB ] C:\WINDOWS\system32\dssenh.dll
02:58:03.0562 0x0d68  C:\WINDOWS\system32\dssenh.dll - ok
02:58:03.0562 0x0d68  [ 972297BAE5220EB376E52839BAE013B0, 89B28E407D1A9F5E29AAA74113E77CCEB8FBD4EF9AE3BF91170BAE6C8BE2C362 ] C:\Program Files\HP\Digital Imaging\bin\hpqtra08.rsc
02:58:03.0562 0x0d68  C:\Program Files\HP\Digital Imaging\bin\hpqtra08.rsc - ok
02:58:03.0578 0x0d68  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] C:\WINDOWS\system32\seclogon.dll
02:58:03.0578 0x0d68  C:\WINDOWS\system32\seclogon.dll - ok
02:58:03.0578 0x0d68  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] C:\WINDOWS\system32\trkwks.dll
02:58:03.0578 0x0d68  C:\WINDOWS\system32\trkwks.dll - ok
02:58:03.0578 0x0d68  [ 621D873625B55315D248204E6588BA2D, A1DC8E9F539616C654733D8998D5020FB7D473939D5BC0A61B38D27883147077 ] C:\Program Files\HP\Digital Imaging\bin\hpqtao08.dll
02:58:03.0578 0x0d68  C:\Program Files\HP\Digital Imaging\bin\hpqtao08.dll - ok
02:58:03.0593 0x0d68  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] C:\WINDOWS\system32\wbem\wmisvc.dll
02:58:03.0593 0x0d68  C:\WINDOWS\system32\wbem\wmisvc.dll - ok
02:58:03.0593 0x0d68  [ ACACB8B14E66109B8ACD6644B5574B9A, 2373E67EB51F8045E7CD346F75B4BAD093E29CC609955BBC4C9FEF7A97A5FD86 ] C:\WINDOWS\system32\vssapi.dll
02:58:03.0593 0x0d68  C:\WINDOWS\system32\vssapi.dll - ok
02:58:03.0609 0x0d68  [ 818DD7B94AF1CF471DA45FBF71513C03, CBEDCB2FACB4B304A6006EBC4E948E327A27890E29B6A36CA00DF8F9A300CD53 ] C:\PROGRA~1\COMMON~1\System\MSMAPI\1033\MSMAPI32.DLL
02:58:03.0609 0x0d68  C:\PROGRA~1\COMMON~1\System\MSMAPI\1033\MSMAPI32.DLL - ok
02:58:03.0609 0x0d68  [ C44E3EC19AB2ADBE81B510D937342A0C, AF344486460788DF239D1210F2AD7F9C3E9E484C1CB10E3827748DA77457C862 ] C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscorwks.dll
02:58:03.0609 0x0d68  C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscorwks.dll - ok
02:58:03.0625 0x0d68  [ 205ADD80FF8099B1A8101EB490B933D1, 6B4D94F1683B1D30A1BB0019E2E3E0AE1AA85561D416708198EC2BDAB649E178 ] C:\WINDOWS\system32\wbem\wbemprox.dll
02:58:03.0625 0x0d68  C:\WINDOWS\system32\wbem\wbemprox.dll - ok
02:58:03.0625 0x0d68  [ D95C71052E5EF63B55997FB31483D02F, 829A559050680C039CA7AFCFE3246745D465ED11722A603AA32253FD413894C3 ] C:\WINDOWS\system32\wbem\wbemcomn.dll
02:58:03.0625 0x0d68  C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
02:58:03.0640 0x0d68  [ D17310B8161FBDE20E76FC688D93C1B3, 0CB791E02BA875CFF6429F8F0704401947EB7329EF426CD6420796B31064A7AB ] C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscorsn.dll
02:58:03.0640 0x0d68  C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscorsn.dll - ok
02:58:03.0640 0x0d68  [ 8F84E7A264FD5E41B192947998A17946, 937B02DD9922FE26DD32F49A85E580CDFB520EFF4A87084A84FDA96C1C486CB0 ] C:\WINDOWS\assembly\GAC\ehepg\6.0.3000.0__31bf3856ad364e35\ehepg.dll
02:58:03.0640 0x0d68  C:\WINDOWS\assembly\GAC\ehepg\6.0.3000.0__31bf3856ad364e35\ehepg.dll - ok
02:58:03.0656 0x0d68  [ 0E37FBFA79D349D672456923EC5FBBE3, 8793353461826FBD48F25EA8B835BE204B758CE7510DB2AF631B28850355BD18 ] C:\WINDOWS\system32\msvcr100.dll
02:58:03.0656 0x0d68  C:\WINDOWS\system32\msvcr100.dll - ok
02:58:03.0656 0x0d68  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] C:\WINDOWS\system32\wuaueng.dll
02:58:03.0671 0x0d68  C:\WINDOWS\system32\wuaueng.dll - ok
02:58:03.0671 0x0d68  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] C:\WINDOWS\system32\wuauserv.dll
02:58:03.0671 0x0d68  C:\WINDOWS\system32\wuauserv.dll - ok
02:58:03.0671 0x0d68  [ 8E6214E8C6100222BEB6A14F9B908A7E, 268279AE0D87E4B1CC227355DF12B7E8113F8355B1D20447AA723830D706021A ] C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
02:58:03.0671 0x0d68  C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe - ok
02:58:03.0687 0x0d68  [ 0E21535E9BC633AD345BC0F4D2249B33, C587DC9FB5B3BF97EFD5D4FD317A387C0536FF3EFDA6225A90D477493989CAE3 ] C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\bwsec.dll
02:58:03.0687 0x0d68  C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\bwsec.dll - ok
02:58:03.0687 0x0d68  [ A12BAA38CE07B522671678500D035D40, DA671948FF593DBF7F95EA1DC25091310E67A0B75920B5433DEFB937B5612B77 ] C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\clntutil.dll
02:58:03.0687 0x0d68  C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\clntutil.dll - ok
02:58:03.0703 0x0d68  [ 5C1F0537E61F87B435F56E00B4F20EE8, AA4BAD8612F45125421C13536D6E7FB4C85BA6DE7D61BDE19949286FB1910B3D ] C:\WINDOWS\system32\snmpapi.dll
02:58:03.0703 0x0d68  C:\WINDOWS\system32\snmpapi.dll - ok
02:58:03.0703 0x0d68  [ 251C11444F614DE5FA47ECF7275E7BF1, 3DEDFFBAA82C9E83565F689F352E9CAE92C3CB8ED66179E4ABF8A5385DB2EF76 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSO.DLL
02:58:03.0703 0x0d68  C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSO.DLL - ok
02:58:03.0718 0x0d68  [ 76848CB1AA5818DB47D5F5986E0A7485, 03BAB6981C6F447E41B78A96187FA619E4755C2101FF1A0B2ABF111BE53D9F92 ] C:\WINDOWS\system32\mfc42.dll
02:58:03.0718 0x0d68  C:\WINDOWS\system32\mfc42.dll - ok
02:58:03.0718 0x0d68  [ F3DE10AABD5C7A1A186C9966F037D0C0, BC50848AEEF466DFF4A3D8C386BF0D0EC35B8E5B438031AE885AA5371F2E1A42 ] C:\WINDOWS\system32\mfc100u.dll
02:58:03.0718 0x0d68  C:\WINDOWS\system32\mfc100u.dll - ok
02:58:03.0734 0x0d68  [ 1E5C92E71FF190C35160605DECDE2B93, A2F9948DFDFB08C041C8C2CEA278E847C98D4173DC489382C81590B8D06B6E52 ] C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscorjit.dll
02:58:03.0734 0x0d68  C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscorjit.dll - ok
02:58:03.0734 0x0d68  [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{032ACF70-CB50-4635-93DA-652D71E88F43}\{977A65F7-832F-40EC-9A58-9FD0FB361160}.tmp
02:58:03.0734 0x0d68  C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{032ACF70-CB50-4635-93DA-652D71E88F43}\{977A65F7-832F-40EC-9A58-9FD0FB361160}.tmp - ok
02:58:03.0750 0x0d68  [ 42068CB64CA9C817FB5ED5A625EA58BE, 59F9F27F888AD60EBFC9BE15D9C8112D4D5D2CE414C6148DB6DC292C532D640D ] C:\WINDOWS\assembly\GAC\ehRecObj\6.0.3000.0__31bf3856ad364e35\ehRecObj.dll
02:58:03.0750 0x0d68  C:\WINDOWS\assembly\GAC\ehRecObj\6.0.3000.0__31bf3856ad364e35\ehRecObj.dll - ok
02:58:03.0750 0x0d68  [ 58BEB7573E2AA11845901A5CC1AA462F, 8579AA17F9398CCD1FB9881C2DC7CB21A898B7362401B2468D1EB6E6DB460CF4 ] C:\Program Files\Avira\AntiVir Desktop\ssleay32.dll
02:58:03.0750 0x0d68  C:\Program Files\Avira\AntiVir Desktop\ssleay32.dll - ok
02:58:03.0765 0x0d68  [ 6DB4001D627CE0D8718A3D22D7999EA7, 907B3706E88F07FC20DB4E14406C6E76C020330FC978208A3ADBA50B1224739E ] C:\WINDOWS\assembly\GAC\ehepgdat\6.0.3000.0__31bf3856ad364e35\ehepgdat.dll
02:58:03.0765 0x0d68  C:\WINDOWS\assembly\GAC\ehepgdat\6.0.3000.0__31bf3856ad364e35\ehepgdat.dll - ok
02:58:03.0781 0x0d68  [ 86ABCC180C462B357A74E6AEA351AC25, 15DEF2A8FA9C8E28773B6956FA6BA35A7480C082B5184AB79635F43C7CE84D47 ] C:\WINDOWS\assembly\GAC\ehiProxy\6.0.3000.0__31bf3856ad364e35\ehiProxy.dll
02:58:03.0781 0x0d68  C:\WINDOWS\assembly\GAC\ehiProxy\6.0.3000.0__31bf3856ad364e35\ehiProxy.dll - ok
02:58:03.0781 0x0d68  [ F9EF05130B485AFA6EDB193C1C518798, 0E5F99E48C39A8396F4DADF7503D7652FCB86D22527C2055D023A1DDD66496AA ] C:\WINDOWS\assembly\GAC\System\1.0.3300.0__b77a5c561934e089\System.dll
02:58:03.0781 0x0d68  C:\WINDOWS\assembly\GAC\System\1.0.3300.0__b77a5c561934e089\System.dll - ok
02:58:03.0796 0x0d68  [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{032ACF70-CB50-4635-93DA-652D71E88F43}\{BC2879B4-8B98-4980-807F-678C1B074C02}.tmp
02:58:03.0796 0x0d68  C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{032ACF70-CB50-4635-93DA-652D71E88F43}\{BC2879B4-8B98-4980-807F-678C1B074C02}.tmp - ok
02:58:03.0796 0x0d68  [ 67156D5A9AC356DC99D7BCCB388E3316, 449A140065197779C0F8588E5C53014BBF54A9C74818D5CFDCB88CC7B36F44CF ] C:\WINDOWS\system32\wsock32.dll
02:58:03.0796 0x0d68  C:\WINDOWS\system32\wsock32.dll - ok
02:58:03.0812 0x0d68  [ AF21FBB2E2F88EB29CC23BCA825642FA, 794243BF93693F7F567C6835666CAFD284DC9E1ABF36377F22CE15194A6B05E5 ] C:\Program Files\Avira\AntiVir Desktop\libaprutil-1.dll
02:58:03.0812 0x0d68  C:\Program Files\Avira\AntiVir Desktop\libaprutil-1.dll - ok
02:58:03.0812 0x0d68  [ CD81D51CBFD4DC6540340F761BB2E6B6, 9B28A7849DD8DE5A7E8FF90EEEBB945C57F151C49E17AC0C94740BA7990922BE ] C:\PROGRA~1\UPDATE~1\9972322\632~1.116\Program\EN\ClientRc.dll
02:58:03.0812 0x0d68  C:\PROGRA~1\UPDATE~1\9972322\632~1.116\Program\EN\ClientRc.dll - ok
02:58:03.0828 0x0d68  [ EACF0FEB2E38F0F790D73D08826B6567, 150F0DE074DF066A59CEA55CE4549FC6BAF9E2CDDE3C8795937A082CEC07642D ] C:\Program Files\Avira\AntiVir Desktop\libapriconv-1.dll
02:58:03.0828 0x0d68  C:\Program Files\Avira\AntiVir Desktop\libapriconv-1.dll - ok
02:58:03.0828 0x0d68  [ F5BECD89B78BE45F29B44068A895BA70, 615EB925284527C1591A3683844421DBE381DF2D49CF3540B217D221F04DE913 ] C:\Program Files\Avira\AntiVir Desktop\libapr-1.dll
02:58:03.0828 0x0d68  C:\Program Files\Avira\AntiVir Desktop\libapr-1.dll - ok
02:58:03.0843 0x0d68  [ F9D3C78CFE15271D80790677C893CE45, 885425736648DF7B315E92680ED3BD058ACE97A86D388FEA80EB0C039ADF25D7 ] C:\WINDOWS\system32\cabinet.dll
02:58:03.0843 0x0d68  C:\WINDOWS\system32\cabinet.dll - ok
02:58:03.0843 0x0d68  [ B85E95679B5ADC12311BCD3F5385D623, 378D304CF408AE1928EF6290A5A9F2388920B55FD69382759B356B6A3FF94F3A ] C:\WINDOWS\system32\mspatcha.dll
02:58:03.0843 0x0d68  C:\WINDOWS\system32\mspatcha.dll - ok
02:58:03.0859 0x0d68  [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] C:\WINDOWS\system32\browser.dll
02:58:03.0859 0x0d68  C:\WINDOWS\system32\browser.dll - ok
02:58:03.0859 0x0d68  [ D708BED9423598B4A03389CD28AC28FE, A97A9A65A7EFFE6B1FFB4BC1709839BACBB43A898766222743ACBD755AF1D5D9 ] C:\Program Files\Avira\AntiVir Desktop\avwinll.dll
02:58:03.0859 0x0d68  C:\Program Files\Avira\AntiVir Desktop\avwinll.dll - ok
02:58:03.0875 0x0d68  [ D97B6650D15F1002B6148DF9404B1ECE, 9D635171F5D415BED584FEE873EF99BA6555876433D0E100F49744EC06726A28 ] C:\Program Files\Avira\AntiVir Desktop\aecore.dll
02:58:03.0875 0x0d68  C:\Program Files\Avira\AntiVir Desktop\aecore.dll - ok
02:58:03.0875 0x0d68  [ F9C178538B807A981CB280EDB6E519D0, E26B48FE9B2543192CFD7C64B68EFC9ED0A631327F0DF54C6984C6960533907D ] C:\Program Files\Avira\AntiVir Desktop\ccwkrlib.dll
02:58:03.0875 0x0d68  C:\Program Files\Avira\AntiVir Desktop\ccwkrlib.dll - ok


#7 CarrotCakes

CarrotCakes
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:55 PM

Posted 22 March 2015 - 06:11 AM

02:58:03.0890 0x0d68  [ 80808656078CFCC32CF8BFEB0DD66279, 383F37599ABF16EEDEB2A60242DB7EDCC3D210A2A59DD61169047059F7041C5C ] C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{032ACF70-CB50-4635-93DA-652D71E88F43}\{6F9E0F32-FFE6-4754-AF92-7F53F9BEAEC0}.tmp
02:58:03.0890 0x0d68  C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{032ACF70-CB50-4635-93DA-652D71E88F43}\{6F9E0F32-FFE6-4754-AF92-7F53F9BEAEC0}.tmp - ok
02:58:03.0890 0x0d68  [ 6A9692792BEFC27B06B763342B74BB6D, 5D13C00449EAB0103883F5EA1A1D2D27AD26F7E385FDED91A3D0BEEF513325E6 ] C:\Program Files\Avira\AntiVir Desktop\aevdf.dll
02:58:03.0890 0x0d68  C:\Program Files\Avira\AntiVir Desktop\aevdf.dll - ok
02:58:03.0906 0x0d68  [ 3458EDA96E30FBD0477A2800D3FB1909, BDF84362E4D8A102E7FB5F352D950B84D1A8E1E7928521B68E7671D4176803C5 ] C:\WINDOWS\system32\wups.dll
02:58:03.0906 0x0d68  C:\WINDOWS\system32\wups.dll - ok
02:58:03.0906 0x0d68  [ 289A671AD7E9B2E50254E53AEA8F1D32, FFDA54DA3DDA51C8862C3A335A045C2222D049F42693B754FE19AB51F30FF28B ] C:\Program Files\Avira\AntiVir Desktop\aescript.dll
02:58:03.0906 0x0d68  C:\Program Files\Avira\AntiVir Desktop\aescript.dll - ok
02:58:03.0921 0x0d68  [ 151EF98E3178FB87D343F796537787B4, 6B7B9EF9E3B05C5EB9986F0704B284C8C57A343736A83B9B2FB7F9B4354189FB ] C:\Program Files\HP\Digital Imaging\Unload\hpiCamTA.dll
02:58:03.0921 0x0d68  C:\Program Files\HP\Digital Imaging\Unload\hpiCamTA.dll - ok
02:58:03.0921 0x0d68  [ BDC0C99E472176C8C2C853A68ADC5073, 9A0A0CEE321C9BAF5545D6CB0BE3E725228B694F331FFACCEB770350AAF2C8C3 ] C:\WINDOWS\system32\wups2.dll
02:58:03.0921 0x0d68  C:\WINDOWS\system32\wups2.dll - ok
02:58:03.0921 0x0d68  [ 7954EC74667D298DB411D9E57401F8CA, CFD85E9E9ED83BBCE42A4B8E69819E2ADF1C5807924DFBC6F4849D913071B4D5 ] C:\Program Files\Avira\AntiVir Desktop\aescn.dll
02:58:03.0921 0x0d68  C:\Program Files\Avira\AntiVir Desktop\aescn.dll - ok
02:58:03.0937 0x0d68  [ DB1B0875C5C6873E3B190406388DC24F, 404F4C8F54E92313F97BC597E5CCD268ACAFA40703CBCC183EB0C3CBC5106F0B ] C:\Program Files\Avira\AntiVir Desktop\aesbx.dll
02:58:03.0937 0x0d68  C:\Program Files\Avira\AntiVir Desktop\aesbx.dll - ok
02:58:03.0937 0x0d68  [ F35A584E947A5B401FEB0FE01DB4A0D7, 4DA5EFDC46D126B45DAEEE8BC69C0BA2AA243589046B7DFD12A7E21B9BEE6A32 ] C:\WINDOWS\system32\mfc71.dll
02:58:03.0937 0x0d68  C:\WINDOWS\system32\mfc71.dll - ok
02:58:03.0953 0x0d68  [ ED0C0DF222209E43AD9AFBF3FE87DDE0, 927329F9244DA9F0074FA0D4C101EE793AFCF433155E58714C33444C5EF35014 ] C:\WINDOWS\system32\comsvcs.dll
02:58:03.0953 0x0d68  C:\WINDOWS\system32\comsvcs.dll - ok
02:58:03.0953 0x0d68  [ 810FB60EAF5AFDA4E6F3083E9C5D0D24, D562BA738BF35F4311B6D6E3A5836AB2E40E49FB6E8167A82A6362DAEF97B6D7 ] C:\Program Files\Avira\AntiVir Desktop\rcimage.dll
02:58:03.0953 0x0d68  C:\Program Files\Avira\AntiVir Desktop\rcimage.dll - ok
02:58:03.0953 0x0d68  [ EAE92EB7AF1371717F0F84F9C1EC88F3, 717B73903FE2D3EDF47CC76E2F1A8F61E81C2B2236DDB47492932A92BEAFE3AD ] C:\Program Files\Avira\AntiVir Desktop\aerdl.dll
02:58:03.0953 0x0d68  C:\Program Files\Avira\AntiVir Desktop\aerdl.dll - ok
02:58:03.0968 0x0d68  [ 3FFA3AF7C3F6C1F2533733F57EBAB702, CAFE7D6F0693727801B6D8EA39A47F5FC0620A8D4DA3A50661DB87453EDF47F3 ] C:\Program Files\Avira\AntiVir Desktop\ccguard.dll
02:58:03.0968 0x0d68  C:\Program Files\Avira\AntiVir Desktop\ccguard.dll - ok
02:58:03.0968 0x0d68  [ 4830008971BF98E60D8A232C5BE1925E, E803E7BD44013747C1CBF725EA86C6F3DE1A57CE468A8B1DEC241DE2EB9C1385 ] C:\Program Files\Avira\AntiVir Desktop\ccgrdrc.dll
02:58:03.0968 0x0d68  C:\Program Files\Avira\AntiVir Desktop\ccgrdrc.dll - ok
02:58:03.0984 0x0d68  [ C5AB3B01E23170A6A38BE01060B38495, C93A9806B4E8141DAFA5446168FC94E59EBEF42C06CE6E3937D653DD0E3B080D ] C:\Program Files\Avira\AntiVir Desktop\ccgrdw.dll
02:58:03.0984 0x0d68  C:\Program Files\Avira\AntiVir Desktop\ccgrdw.dll - ok
02:58:03.0984 0x0d68  [ 2DE1190196EE9555DB548A57622022EB, 89DBC777BE06D008AABEDAC61AFC11B4FF7ABCA86C205109ED9D34D21C0B5146 ] C:\WINDOWS\system32\drprov.dll
02:58:03.0984 0x0d68  C:\WINDOWS\system32\drprov.dll - ok
02:58:04.0000 0x0d68  [ BD7BD4E342AB3AB84C1441AA76213605, 4FF2C38A59C2123983B89632CD42CD4632294F770CE4DD60EAE7172A85172B51 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\52f4f785f7cf45a64606a8e13c8cf04c\mscorlib.ni.dll
02:58:04.0000 0x0d68  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\52f4f785f7cf45a64606a8e13c8cf04c\mscorlib.ni.dll - ok
02:58:04.0000 0x0d68  [ 36468087E22C57A83DF758B3F90DF73F, F6898D07CEE4F528A9F17A231CCB5E38F826A0C1926EFBF35ECCA06E0E8EE565 ] C:\WINDOWS\system32\ntlanman.dll
02:58:04.0000 0x0d68  C:\WINDOWS\system32\ntlanman.dll - ok
02:58:04.0015 0x0d68  [ AC5DF42FE314C1446B1DAD237BFCFFE0, FD53D9BCC619ED7AE4B7C29B7D457A2F61D6D340841A4E030329D7032C306AB6 ] C:\WINDOWS\system32\netui0.dll
02:58:04.0015 0x0d68  C:\WINDOWS\system32\netui0.dll - ok
02:58:04.0015 0x0d68  [ 2949877F766F1088E6F99F543BFDD54C, A8E8EE7D50B99B1F00A9AE8119E696F947D5163673A6119FEB14AD86388DDEE4 ] C:\WINDOWS\assembly\GAC\ehCIR\6.0.3000.0__31bf3856ad364e35\ehCIR.dll
02:58:04.0015 0x0d68  C:\WINDOWS\assembly\GAC\ehCIR\6.0.3000.0__31bf3856ad364e35\ehCIR.dll - ok
02:58:04.0031 0x0d68  [ ED5A816D8E11E03F1937AC3C56826EE4, D01525B5BD9F9DDF149B78706C6C2F5AE26F5337F897C1B8763DBC67AB64F875 ] C:\WINDOWS\system32\netui1.dll
02:58:04.0031 0x0d68  C:\WINDOWS\system32\netui1.dll - ok
02:58:04.0031 0x0d68  [ 303A63F4B913AA5D8998161CB77A8CE7, 0CE864B852E32F803754DD8827120F717D55E531E4F2BC87ECEB005F30356333 ] C:\WINDOWS\system32\feclient.dll
02:58:04.0031 0x0d68  C:\WINDOWS\system32\feclient.dll - ok
02:58:04.0046 0x0d68  [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{032ACF70-CB50-4635-93DA-652D71E88F43}\{22463A02-97A9-49B6-9E92-AD2798D3F8A3}.tmp
02:58:04.0046 0x0d68  C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{032ACF70-CB50-4635-93DA-652D71E88F43}\{22463A02-97A9-49B6-9E92-AD2798D3F8A3}.tmp - ok
02:58:04.0062 0x0d68  [ FCFC31FE1B8A81FD796B3A18610932CC, 9229E64B1C9B817EBB3A6B4F2914F213B032788E73AC4C0AA3A4966B2C1A17B2 ] C:\WINDOWS\assembly\NativeImages1_v1.0.3705\System\1.0.3300.0__b77a5c561934e089_c9a515e0\System.dll
02:58:04.0062 0x0d68  C:\WINDOWS\assembly\NativeImages1_v1.0.3705\System\1.0.3300.0__b77a5c561934e089_c9a515e0\System.dll - ok
02:58:04.0062 0x0d68  [ B4459D13473D07FCB43365C02732DE16, 0BCF7FB94533E1C3851874879538CD2476838BBCD18F21FFB9807C294F4289FB ] C:\WINDOWS\system32\pschdprf.dll
02:58:04.0062 0x0d68  C:\WINDOWS\system32\pschdprf.dll - ok
02:58:04.0078 0x0d68  [ F908FE45F8FE9E0D4CBE65F9FF5DF6DA, 6FEC7C478F790D0EDCC4F0EFB2594A64878AC8FC8878B03F3611311C920E29BE ] C:\WINDOWS\system32\mfc100enu.dll
02:58:04.0078 0x0d68  C:\WINDOWS\system32\mfc100enu.dll - ok
02:58:04.0078 0x0d68  [ 1F3A82333046F4B97B2BB148ABF38D54, DED83E1F40314D546E858DCBA4CDC483E39EE45A5CABEF7691F0D0C0C0051D18 ] C:\WINDOWS\system32\traffic.dll
02:58:04.0078 0x0d68  C:\WINDOWS\system32\traffic.dll - ok
02:58:04.0093 0x0d68  [ F9DD799E07ED5028DB2F1FFEA72C9357, FD8B46EDF7DB4B08EEB1C4D26F9438F9F69F3F70F3FB7F53A79023446C397038 ] C:\WINDOWS\system32\rsvpperf.dll
02:58:04.0093 0x0d68  C:\WINDOWS\system32\rsvpperf.dll - ok
02:58:04.0093 0x0d68  [ B41D53899E37CC43DA85DA19998BEE81, CA92B8313338F0F8B1B630A0057B9C114E8D8BC10F09825C9008A5A824B91FDC ] C:\WINDOWS\system32\netrap.dll
02:58:04.0093 0x0d68  C:\WINDOWS\system32\netrap.dll - ok
02:58:04.0093 0x0d68  [ 6951B89B4F591AA694048A6CD0E5224A, C055C54286AE406143F4F9102CAFC32CC684F076FA0F13717CD87FFAD4B6BA4F ] C:\WINDOWS\system32\tapiperf.dll
02:58:04.0093 0x0d68  C:\WINDOWS\system32\tapiperf.dll - ok
02:58:04.0109 0x0d68  [ FB8F8EEC8D9C2157789472DD61CDC78B, D5306081621FFEFF585FAD292E60207E1BCB4EA67367E12872AF73C464110C68 ] C:\WINDOWS\system32\davclnt.dll
02:58:04.0109 0x0d68  C:\WINDOWS\system32\davclnt.dll - ok
02:58:04.0109 0x0d68  [ E35B2DBB7B88F0D5E99DFD4DE5704EB8, CA6803CB696D9965B122F37C7D17B7898AB765BB509DCD826C1F0E37EFAD7994 ] C:\Program Files\Avira\AntiVir Desktop\aepack.dll
02:58:04.0109 0x0d68  C:\Program Files\Avira\AntiVir Desktop\aepack.dll - ok
02:58:04.0125 0x0d68  [ 721FF6E6F526CFD48D9312564291DAC8, 644149446182A84E9D675EC94809F3A03FDA45BAF918EA7542E3FF124F46A460 ] C:\Program Files\Avira\AntiVir Desktop\aeoffice.dll
02:58:04.0125 0x0d68  C:\Program Files\Avira\AntiVir Desktop\aeoffice.dll - ok
02:58:04.0125 0x0d68  [ C8CDA206AEA709A721BF18E16A6BF24E, 44DD380B1A3D348FAF705D34A18E4102A1BBE21A733CD1868511D5CBC47E2F5E ] C:\Program Files\Avira\AntiVir Desktop\aemobile.dll
02:58:04.0125 0x0d68  C:\Program Files\Avira\AntiVir Desktop\aemobile.dll - ok
02:58:04.0140 0x0d68  [ 86F1895AE8C5E8B17D99ECE768A70732, 8094AF5EE310714CAEBCCAEEE7769FFB08048503BA478B879EDFEF5F1A24FEFE ] C:\WINDOWS\system32\msvcr71.dll
02:58:04.0140 0x0d68  C:\WINDOWS\system32\msvcr71.dll - ok
02:58:04.0140 0x0d68  [ 4AACB6B80B8F07F6335A6F66D9F3751D, E120DC52FB6F4C7EDCBCAFB69C890BD46A3D3FD81F197C2698E307466861EACA ] C:\Program Files\Avira\AntiVir Desktop\aeheur.dll
02:58:04.0140 0x0d68  C:\Program Files\Avira\AntiVir Desktop\aeheur.dll - ok
02:58:04.0140 0x0d68  [ 0E6FB02796EDE6D0603378B403976AF5, 5B6CC76885FF5960691B74CFBEE1232FCD98172AF877DA0A4083452CF92E2C5E ] C:\Program Files\Avira\AntiVir Desktop\aehelp.dll
02:58:04.0156 0x0d68  C:\Program Files\Avira\AntiVir Desktop\aehelp.dll - ok
02:58:04.0156 0x0d68  [ 50AC979E18FD25FD03DA7B5B8628CE07, D84CE62B1E1B35DE69939D837617E08B992E18DA930630ED7349E11F8C5BDBEC ] C:\Program Files\Avira\AntiVir Desktop\aegen.dll
02:58:04.0156 0x0d68  C:\Program Files\Avira\AntiVir Desktop\aegen.dll - ok
02:58:04.0156 0x0d68  [ 6E0E72DDF0D8AB234B992953131F371C, E6DA4F1E7FE6C5D5C3AA770F48C648ABA64CB690C72B224F2C8294A36CF99680 ] C:\Program Files\Avira\AntiVir Desktop\aeexp.dll
02:58:04.0156 0x0d68  C:\Program Files\Avira\AntiVir Desktop\aeexp.dll - ok
02:58:04.0171 0x0d68  [ 76E5BF8C3DAD02DC942CF625C5434190, F40D0087C99F49ECF40ACD6D74308B7999780EB4A6F966317C9351F4E4ACEA54 ] C:\Program Files\Avira\AntiVir Desktop\aeemu.dll
02:58:04.0171 0x0d68  C:\Program Files\Avira\AntiVir Desktop\aeemu.dll - ok
02:58:04.0171 0x0d68  [ 96436F416AF32691388AE98838FDDEF2, C0319C037187846F6B25C677C322684AA42F5938F971CAC51579DD4D75BCBC56 ] C:\Program Files\Avira\AntiVir Desktop\aedroid.dll
02:58:04.0171 0x0d68  C:\Program Files\Avira\AntiVir Desktop\aedroid.dll - ok
02:58:04.0187 0x0d68  [ AE80657661F164C09D802B339539DDC2, 1973B60640DBF0340626A877A8963FBC9F9882A0A7A84DC743A535E9D679F0FE ] C:\Program Files\Avira\AntiVir Desktop\aebb.dll
02:58:04.0187 0x0d68  C:\Program Files\Avira\AntiVir Desktop\aebb.dll - ok
02:58:04.0187 0x0d68  [ 2F3BBB26EF3B6A918786F98ACD4E4A0E, 872A892F72AB44A6E72D3413588A0EEA6E7C008DC12B8380D81617035E026184 ] C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\Cpuinf32.dll
02:58:04.0187 0x0d68  C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\Cpuinf32.dll - ok
02:58:04.0187 0x0d68  [ 690D97864735E8ECD87F55777E266690, 2098D2AADEF82C3EDD82FD6182C14568CDE1EF02205ED1EA4CB19252B74BB807 ] C:\WINDOWS\system32\colbact.dll
02:58:04.0187 0x0d68  C:\WINDOWS\system32\colbact.dll - ok
02:58:04.0203 0x0d68  [ 36795A645EAA47FE31D2A8F136A2C69B, D681D7DFC4A2A2F10658D76A93F009BDBFC6117E245E0883C509A286DC952EAD ] C:\WINDOWS\system32\mtxclu.dll
02:58:04.0203 0x0d68  C:\WINDOWS\system32\mtxclu.dll - ok
02:58:04.0203 0x0d68  [ 8779099E892C0750321741BB2038BE9F, CDB634D5ACE218199A719D365DC154AE1DD3491CF6469AED4C7B85DC8DF479E5 ] C:\Program Files\Updates from HP\9972322\Program\BWfiles-9972322.dll
02:58:04.0203 0x0d68  C:\Program Files\Updates from HP\9972322\Program\BWfiles-9972322.dll - ok
02:58:04.0218 0x0d68  [ 8F2097E8B174F38178570C611464935F, 3F25E7B097B65EAF82A6D5B58646DFF38CA19347664F40C2B8A409B9D6939457 ] C:\WINDOWS\system32\atl71.dll
02:58:04.0218 0x0d68  C:\WINDOWS\system32\atl71.dll - ok
02:58:04.0218 0x0d68  [ 1986443C2F2C0E2A18E908DD241BF84D, AF9B29E3E6F3327185BF61F251BD4F759DC84A392E48A4EA69B8B9A062C2D57F ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Culture.dll
02:58:04.0218 0x0d68  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Culture.dll - ok
02:58:04.0234 0x0d68  [ DF82E222578DBE59FCBBD69A02E4C806, 0F0CD9DC739500536F252475F84F8EF378428CAC7DD9CFCDEC676862A20A0C46 ] C:\WINDOWS\system32\clusapi.dll
02:58:04.0234 0x0d68  C:\WINDOWS\system32\clusapi.dll - ok
02:58:04.0234 0x0d68  [ 8B89AFFB35202B8F15A927DC1169F850, 4036BE2EB21DD98906F2586BCC977F02E328BE9FB0DB1CCAC37E21E7D9140D18 ] C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\bwfiles.dll
02:58:04.0234 0x0d68  C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\bwfiles.dll - ok
02:58:04.0250 0x0d68  [ 7D69C583DC724A8EB688D6ADCC3D73A6, 4AF44807208831000BF6FCFD1FEC377E3A83463825352EF9301966623F22E56E ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
02:58:04.0250 0x0d68  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll - ok
02:58:04.0250 0x0d68  [ 409C078E2055CC51986BD5C35A8952EE, 41418331D7313087C8C19A664CC2A1E1E03E428C2DEBDBEAC83979CB9FB37B04 ] C:\Program Files\Avira\AntiVir Desktop\ccwgrd.dll
02:58:04.0250 0x0d68  C:\Program Files\Avira\AntiVir Desktop\ccwgrd.dll - ok
02:58:04.0265 0x0d68  [ F51EBB6FC536A6B2D588FD668D3A8249, 6C22B5FBE3F721025879447B006EC5A343D482A87E23674B5A3BB43983AB328E ] C:\WINDOWS\system32\resutils.dll
02:58:04.0265 0x0d68  C:\WINDOWS\system32\resutils.dll - ok
02:58:04.0265 0x0d68  [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{032ACF70-CB50-4635-93DA-652D71E88F43}\{8943FD16-6D63-4241-8E83-6227CC571B21}.tmp
02:58:04.0265 0x0d68  C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{032ACF70-CB50-4635-93DA-652D71E88F43}\{8943FD16-6D63-4241-8E83-6227CC571B21}.tmp - ok
02:58:04.0281 0x0d68  [ B282C30279F2EE60517F7235BF673D42, DCB52E251175D06C47CFA766C621D21CB3B1934545738F4A0E39CAFEF0FF8BAA ] C:\Program Files\Avira\AntiVir Desktop\ccwgrdrc.dll
02:58:04.0281 0x0d68  C:\Program Files\Avira\AntiVir Desktop\ccwgrdrc.dll - ok
02:58:04.0281 0x0d68  [ 561FA2ABB31DFA8FAB762145F81667C2, DF96156F6A548FD6FE5672918DE5AE4509D3C810A57BFFD2A91DE45A3ED5B23B ] C:\WINDOWS\system32\msvcp71.dll
02:58:04.0281 0x0d68  C:\WINDOWS\system32\msvcp71.dll - ok
02:58:04.0296 0x0d68  [ 7B1028A754BB63BBFC75B6A94C3F47E5, 5F95774F93217A717EBD865FEDBF3D0D2778E2E1D9AA56FF5D8D6DF845F68858 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
02:58:04.0296 0x0d68  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\clrjit.dll - ok
02:58:04.0296 0x0d68  [ AE60B4FCCB088D7EF209CEB30BADAB10, DD605952B2D73651B21ACC1604C507FDE2BB2D1399FEA8911BF0EB75C1BA96BF ] C:\Program Files\Avira\AntiVir Desktop\ccwgrdw.dll
02:58:04.0296 0x0d68  C:\Program Files\Avira\AntiVir Desktop\ccwgrdw.dll - ok
02:58:04.0312 0x0d68  [ 9619419582F6966CA6BAC03A2AD80B01, 352667D4EDD6273938D21EB1BA9B79213AF7749184219A84305B3F5B8FD1CF17 ] C:\Program Files\Avira\AntiVir Desktop\ccfwmgt.dll
02:58:04.0312 0x0d68  C:\Program Files\Avira\AntiVir Desktop\ccfwmgt.dll - ok
02:58:04.0312 0x0d68  [ 2E0B0A051FFAA86E358465BB0880D453, 493CF6150DE95B269727631D50FE21405A41E449C4FF43E94F93D27559EA5624 ] C:\WINDOWS\system32\wuauclt.exe
02:58:04.0312 0x0d68  C:\WINDOWS\system32\wuauclt.exe - ok
02:58:04.0328 0x0d68  [ 2B1DCB72784C3C100EF0751965FE214B, 3A4FD8FE0EA2A3553F154D62A1AEB5F00EA05A048000F0F2423BD33918B993E9 ] C:\Program Files\Avira\AntiVir Desktop\ccfwmgtrc.dll
02:58:04.0328 0x0d68  C:\Program Files\Avira\AntiVir Desktop\ccfwmgtrc.dll - ok
02:58:04.0328 0x0d68  [ C3B8CDFCDD480F1D666358BDA9E69C90, 345727A72D4880E54680CC2B51E798395B45BA69B2D9A88E7D767F81CA47AD65 ] C:\Program Files\Avira\AntiVir Desktop\firewall.dll
02:58:04.0328 0x0d68  C:\Program Files\Avira\AntiVir Desktop\firewall.dll - ok
02:58:04.0328 0x0d68  [ BC05DD71BAECC472C47BFD409AA95E87, D03290215668BFAED120293DCB04C8DD760C7D53543C82F83FCEB57A160C9988 ] C:\Program Files\Avira\AntiVir Desktop\ccgen.dll
02:58:04.0328 0x0d68  C:\Program Files\Avira\AntiVir Desktop\ccgen.dll - ok
02:58:04.0343 0x0d68  [ 75A383FF92B8B951D51BF7CE39FE0987, 9F8EBD7DD3381602FAA18F4FDE7F23686A1BD22B5C0552B10689CCD5A02372A9 ] C:\Program Files\Avira\AntiVir Desktop\ccgenrc.dll
02:58:04.0343 0x0d68  C:\Program Files\Avira\AntiVir Desktop\ccgenrc.dll - ok
02:58:04.0343 0x0d68  [ DB80FA4D9928438E4B3A6B723EC38677, 7C3CFA0F379715B94AC013AA2B48CEA5D16BE330A1720AED3C9CD3C95E2C5864 ] C:\Program Files\Avira\AntiVir Desktop\ccupdate.dll
02:58:04.0343 0x0d68  C:\Program Files\Avira\AntiVir Desktop\ccupdate.dll - ok
02:58:04.0359 0x0d68  [ 292391C93DB4ED32AFA250CD3A1DE4B3, 231E07BC9814A56609845E036DA3BAFCC94E59B6D643CF345CF96CB6EFB7C430 ] C:\Program Files\Avira\AntiVir Desktop\ccupdrc.dll
02:58:04.0359 0x0d68  C:\Program Files\Avira\AntiVir Desktop\ccupdrc.dll - ok
02:58:04.0359 0x0d68  [ 0033A5DEC8A5B57FD77E443DAEE368A3, 81C158D81A0D675D00BE00C8A1AD4A048E295D9C9CA440F5F6204ECD72FBF922 ] C:\Program Files\Avira\AntiVir Desktop\cclic.dll
02:58:04.0359 0x0d68  C:\Program Files\Avira\AntiVir Desktop\cclic.dll - ok
02:58:04.0375 0x0d68  [ 52D0686B70A1C96433326E3176A0AAD1, 8262B19540420289F6A8F6B7ACB8DEBC0082312E8B36170C576FBD54BD7F9527 ] C:\Program Files\Avira\AntiVir Desktop\cclicrc.dll
02:58:04.0375 0x0d68  C:\Program Files\Avira\AntiVir Desktop\cclicrc.dll - ok
02:58:04.0375 0x0d68  [ BAF751E7061FF626AA60F56D1D5D1FDC, 177B0BAC987E7882449BD7C5900406F61A997F97EA1797614C8D86F40F03648B ] C:\WINDOWS\system32\MFC71ENU.DLL
02:58:04.0375 0x0d68  C:\WINDOWS\system32\MFC71ENU.DLL - ok
02:58:04.0390 0x0d68  [ 2CFF79C2C2A1720A11DD55C43F1E13AF, 559EF55A40FBCDD4264D9B1BD250D71225470B81A9F5AA0A237CA5D1B6E39115 ] C:\Program Files\Avira\My Avira\Avira.OE.WinCore.dll
02:58:04.0390 0x0d68  C:\Program Files\Avira\My Avira\Avira.OE.WinCore.dll - ok
02:58:04.0390 0x0d68  [ 9CE62FF07004B4F0F21D526F7056A6BC, 3847E737C93954D01BF6031CFFB99B22937619BF3F7CECE090EED59CE1F4A2EF ] C:\Program Files\Avira\My Avira\Avira.OE.WinCore.Interface.dll
02:58:04.0390 0x0d68  C:\Program Files\Avira\My Avira\Avira.OE.WinCore.Interface.dll - ok
02:58:04.0406 0x0d68  [ E9488A950F5F03F5CB192A2D7CDC193D, BD81B4D4CE49303194DF046CDDE83B6355AF3BA25B06BC5CB69869BCAC8F3372 ] C:\WINDOWS\assembly\GAC\EhCM\6.0.3000.0__31bf3856ad364e35\EhCM.dll
02:58:04.0406 0x0d68  C:\WINDOWS\assembly\GAC\EhCM\6.0.3000.0__31bf3856ad364e35\EhCM.dll - ok
02:58:04.0406 0x0d68  [ 82E1FF067A74BF3EC61D1962AD9335BC, 4531C17A57F95BAB1EC4C176A3593B09114CA4264ACFC16B13528F38A61D6C1C ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\3ff4657a86a0e14b4be577969e0ec762\System.ni.dll
02:58:04.0406 0x0d68  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\3ff4657a86a0e14b4be577969e0ec762\System.ni.dll - ok
02:58:04.0421 0x0d68  [ 0CE6C863A92C3260893C41E473A5AA0C, BFFF73FF047E14B52716930CDC3218FD70A7270786B6A4E853532D29A3B0AA0D ] C:\Program Files\Avira\AntiVir Desktop\ccev.dll
02:58:04.0421 0x0d68  C:\Program Files\Avira\AntiVir Desktop\ccev.dll - ok
02:58:04.0421 0x0d68  [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{032ACF70-CB50-4635-93DA-652D71E88F43}\{03E2D164-A964-4593-8EFE-6565F0DA2723}.tmp
02:58:04.0421 0x0d68  C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{032ACF70-CB50-4635-93DA-652D71E88F43}\{03E2D164-A964-4593-8EFE-6565F0DA2723}.tmp - ok
02:58:04.0437 0x0d68  [ 79E3A8C328E7E569C32B0998377D9742, F5854956E452AD663004679BBDF8B006695B69C8962534CD243193F04F294DF3 ] C:\WINDOWS\system32\spoolss.dll
02:58:04.0437 0x0d68  C:\WINDOWS\system32\spoolss.dll - ok
02:58:04.0437 0x0d68  [ 3FCDF907B8845A56E1CE69FE4461C394, DA4EE3F9EAC84756FBDA9A7BCAEBE82D6797047904D8DB13A69D448E933D298E ] C:\Program Files\Avira\AntiVir Desktop\ccevrc.dll
02:58:04.0437 0x0d68  C:\Program Files\Avira\AntiVir Desktop\ccevrc.dll - ok
02:58:04.0453 0x0d68  [ E49D13C53D51F6E8E1FFEF175A320AD7, B2C68F99AB81A6151F3D94F9B43B54612763EC8A61123A4050FB8864B36A0221 ] C:\Program Files\HP\Digital Imaging\Unload\hpqunres.dll
02:58:04.0453 0x0d68  C:\Program Files\HP\Digital Imaging\Unload\hpqunres.dll - ok
02:58:04.0453 0x0d68  [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{032ACF70-CB50-4635-93DA-652D71E88F43}\{A216C906-0B2B-40EB-978E-5C43B0843F27}.tmp
02:58:04.0453 0x0d68  C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{032ACF70-CB50-4635-93DA-652D71E88F43}\{A216C906-0B2B-40EB-978E-5C43B0843F27}.tmp - ok
02:58:04.0468 0x0d68  [ 5677DFE438EC1F009273FC84FEED6B10, 44B62CC4D138E13C22FC29E9751CB7ED0B0C6C8897A8E6469172F8642B0527BE ] C:\WINDOWS\system32\localspl.dll
02:58:04.0468 0x0d68  C:\WINDOWS\system32\localspl.dll - ok
02:58:04.0468 0x0d68  [ 899061DD1D0EE6FC65578EEA37E5D757, 9B42108D793FBEABEB6ADC9AA12415ADEFDB8A83F813CFD564868D6C6A774CEE ] C:\Program Files\Avira\AntiVir Desktop\ccmsg.dll
02:58:04.0468 0x0d68  C:\Program Files\Avira\AntiVir Desktop\ccmsg.dll - ok
02:58:04.0484 0x0d68  [ 3FDCD4B976AF5FF4B345CB5CDBF19490, C75863FC9B96DA6F44593DF10986153EDCC0CD1CC5D556A222923D35BE144603 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\2ff57b810eb920860469184dd683cb8a\System.Drawing.ni.dll
02:58:04.0484 0x0d68  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\2ff57b810eb920860469184dd683cb8a\System.Drawing.ni.dll - ok
02:58:04.0484 0x0d68  [ A078A05616B793DDEA5A23FDD0B87DB5, FD812CAC5ED31A2A1259112E68B94B4ADCA9F8E51E71B0257809205022A86DC7 ] C:\Program Files\Avira\AntiVir Desktop\ccmsgrc.dll
02:58:04.0484 0x0d68  C:\Program Files\Avira\AntiVir Desktop\ccmsgrc.dll - ok
02:58:04.0500 0x0d68  [ 5D3D1AB0EF4EA55B731863050482C111, 8713DAA48DBC5FDF95BE993863BEE669BBB4026347DC575D72F520F423EE21BA ] C:\WINDOWS\system32\cnbjmon.dll
02:58:04.0500 0x0d68  C:\WINDOWS\system32\cnbjmon.dll - ok
02:58:04.0500 0x0d68  [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{032ACF70-CB50-4635-93DA-652D71E88F43}\{20E729ED-0C19-4040-AAEC-DC7B635B1745}.tmp
02:58:04.0500 0x0d68  C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{032ACF70-CB50-4635-93DA-652D71E88F43}\{20E729ED-0C19-4040-AAEC-DC7B635B1745}.tmp - ok
02:58:04.0515 0x0d68  [ F435FA32C12F6213B7F92C6F902BAD70, 84D9B21A661175932DD205CFC6A689B07A11A6711AE1A6FB2A13EAFCED0BACFA ] C:\Program Files\HP\Digital Imaging\bin\hpqmif08.dll
02:58:04.0515 0x0d68  C:\Program Files\HP\Digital Imaging\bin\hpqmif08.dll - ok
02:58:04.0515 0x0d68  [ E0B83ADFB16D794A0D207FE119D03182, FD3B4C09FF16C14F9153BD9C4C5CEE2FA3E6914826564CF2E38AF581F3EDF85B ] C:\WINDOWS\system32\HPTcpMon.dll
02:58:04.0515 0x0d68  C:\WINDOWS\system32\HPTcpMon.dll - ok
02:58:04.0531 0x0d68  [ 9707DC586A15BFC5F169EAFB0028ADD2, 8497C6589AC4B2EFDAD3AD76C76BE2FD7D6A21D6FB5DEC636694FDD875F18764 ] C:\WINDOWS\ehome\EhUI.dll
02:58:04.0531 0x0d68  C:\WINDOWS\ehome\EhUI.dll - ok
02:58:04.0546 0x0d68  [ B2EED4AB3DF0481FD30D5FE3A448CEA8, 26CB958E469C2FF15BE6342B7131546B6FBE3A6E73E7D05D0A068D5423C1607F ] C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\avgnt.exe\Avira.OE.ExtApi.dll
02:58:04.0546 0x0d68  C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\avgnt.exe\Avira.OE.ExtApi.dll - ok
02:58:04.0546 0x0d68  [ 16FC2C309998C6D55C182652D6A1C5B1, 37034E39F67C3D61D2492FDEB7BDDDD13B7BD74B3273271A01DD0FEDE88C9071 ] C:\WINDOWS\system32\hpzjrd01.dll
02:58:04.0546 0x0d68  C:\WINDOWS\system32\hpzjrd01.dll - ok
02:58:04.0562 0x0d68  [ D8215081E4E9E04DA33E842CFE6FE003, 611EE49393022C5E0BA470AC6602424DA95406C8598FD2D63F305EEC76253A94 ] C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\diasymreader.dll
02:58:04.0562 0x0d68  C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\diasymreader.dll - ok
02:58:04.0562 0x0d68  [ F4068F5251378E458CF3BCA9FD89FEB9, 44CF2535846A977A781224C7B27826F49831CEB57123BEFBEFE76E90532C0A98 ] C:\Program Files\Avira\AntiVir Desktop\ccmainrc.dll
02:58:04.0562 0x0d68  C:\Program Files\Avira\AntiVir Desktop\ccmainrc.dll - ok
02:58:04.0578 0x0d68  [ AEA0B0AA26E4EA377D6A12B3B5D6F90F, 41A8788F349A3697F073F273A450FEB68C67DCF163D8168C56AD3FA6D26A590F ] C:\Program Files\HP\Digital Imaging\bin\hpotradd.dll
02:58:04.0578 0x0d68  C:\Program Files\HP\Digital Imaging\bin\hpotradd.dll - ok
02:58:04.0578 0x0d68  [ 633A529EBAEB78FF0F50A5A658600EB4, 5C0F92538D9F4FC332FBC8E7F58559671BDD824882EE66BA3BAC83C16AC3FCEF ] C:\Program Files\HP\Digital Imaging\bin\hphtra08.dll
02:58:04.0578 0x0d68  C:\Program Files\HP\Digital Imaging\bin\hphtra08.dll - ok
02:58:04.0578 0x0d68  [ 5CC3838902A9257B79BD43F56D8B7275, BF2CF170CC211E49C0ACC0ED5B592600ECE03BA5D6B276585610BEAFB54C14F0 ] C:\WINDOWS\system32\HPTcpMUI.dll
02:58:04.0578 0x0d68  C:\WINDOWS\system32\HPTcpMUI.dll - ok
02:58:04.0593 0x0d68  [ 0259E1CF565EC9A75676950B404B73D3, 6602153053FF606F5DE2B587C58955CCAE221AFB6A1CAEE53AF050642923190F ] C:\WINDOWS\ehome\EhDebug.dll
02:58:04.0593 0x0d68  C:\WINDOWS\ehome\EhDebug.dll - ok
02:58:04.0593 0x0d68  [ 87FD63FEBCCA31C1104BA557C0EAF919, AFBFC86B5EC41C4BB530F1A01304501501BE84B38BD186B1A6EF5E1489A6C5F3 ] C:\WINDOWS\assembly\GAC\System.Xml\1.0.3300.0__b77a5c561934e089\System.Xml.dll
02:58:04.0593 0x0d68  C:\WINDOWS\assembly\GAC\System.Xml\1.0.3300.0__b77a5c561934e089\System.Xml.dll - ok
02:58:04.0609 0x0d68  [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{032ACF70-CB50-4635-93DA-652D71E88F43}\{BC650DF4-229C-49C4-B0D2-FE4D7B334F7E}.tmp
02:58:04.0609 0x0d68  C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{032ACF70-CB50-4635-93DA-652D71E88F43}\{BC650DF4-229C-49C4-B0D2-FE4D7B334F7E}.tmp - ok
02:58:04.0625 0x0d68  [ 5F0CE62E0831CF972EC6949FD3E37DA7, DFDD251D3FC6CDBD971F52EF0AECEC0344B57214615AA486AA9234D30A40AF60 ] C:\WINDOWS\system32\cfgmgr32.dll
02:58:04.0625 0x0d68  C:\WINDOWS\system32\cfgmgr32.dll - ok
02:58:04.0625 0x0d68  [ 2D035877D6658C12B70ED978BAF7B3EC, 96A2B817C83C99D2ED8FA45D3693D4B01E129DA63589971221E86B00954D0242 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f28df9c2988724883cf19532d7f9f151\System.Windows.Forms.ni.dll
02:58:04.0625 0x0d68  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f28df9c2988724883cf19532d7f9f151\System.Windows.Forms.ni.dll - ok
02:58:04.0640 0x0d68  [ 36247C6D5E1FE03A56EE81BB99D7E68C, 7AA08706962501FD780B86368BEC85F282A5B015C5E0AC638B6E3099521D147A ] C:\WINDOWS\system32\HPTcpMib.dll
02:58:04.0640 0x0d68  C:\WINDOWS\system32\HPTcpMib.dll - ok
02:58:04.0640 0x0d68  [ 909EFA2D854AF25D1164BD5B02065FCE, 883F9116B1A9FF546F0C60E44CFA2C68C81893700294E9A2E9A1909AF42D9522 ] C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\IadHide5.dll
02:58:04.0640 0x0d68  C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\IadHide5.dll - ok
02:58:04.0656 0x0d68  [ 1E744353BD534405187A404667DA3DC3, ACE581FBF36BD511C64E37760526F1BB7172FD5045708BA836933D8FACC4FAFA ] C:\WINDOWS\system32\mgmtapi.dll
02:58:04.0656 0x0d68  C:\WINDOWS\system32\mgmtapi.dll - ok
02:58:04.0656 0x0d68  [ 4C7CE6459461B61EAD294EAF50AF3160, 1F9FCAC98B98C1AAEA5F0F50DB95D703C9F4DB48501E5637438368382BD4B22E ] C:\Program Files\HP\Digital Imaging\bin\hpotra08.dll
02:58:04.0656 0x0d68  C:\Program Files\HP\Digital Imaging\bin\hpotra08.dll - ok
02:58:04.0671 0x0d68  [ 63E8D944AFBEEBB243F25C4ED07E74C5, 848AEE9975218939F7EB2C3548EA6AE235C54B1B2E2AF6835A034976A0CFDD28 ] C:\WINDOWS\system32\inetmib1.dll
02:58:04.0671 0x0d68  C:\WINDOWS\system32\inetmib1.dll - ok
02:58:04.0671 0x0d68  [ 277F3E3333F1D10CA428568197FCCE70, 1AC24A8817396FA4172DC6216FBF82A1F6F8F9A1A1F87D6884FF17DCCB15C3FF ] C:\WINDOWS\system32\wsnmp32.dll
02:58:04.0671 0x0d68  C:\WINDOWS\system32\wsnmp32.dll - ok
02:58:04.0687 0x0d68  [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{032ACF70-CB50-4635-93DA-652D71E88F43}\{926CF027-9C28-42FC-830F-56D84CA82109}.tmp
02:58:04.0687 0x0d68  C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{032ACF70-CB50-4635-93DA-652D71E88F43}\{926CF027-9C28-42FC-830F-56D84CA82109}.tmp - ok
02:58:04.0687 0x0d68  [ 8779099E892C0750321741BB2038BE9F, CDB634D5ACE218199A719D365DC154AE1DD3491CF6469AED4C7B85DC8DF479E5 ] C:\Program Files\Updates from HP\9972322\Program\frext-9972322.dll
02:58:04.0687 0x0d68  C:\Program Files\Updates from HP\9972322\Program\frext-9972322.dll - ok
02:58:04.0703 0x0d68  [ 29AED649F05213A527E5F62967DBBA41, 8F987B165433308CEA2D75685ED99E5E66E11A6264BA1F2508FD609713055B4C ] C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\FrExt.dll
02:58:04.0703 0x0d68  C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\FrExt.dll - ok
02:58:04.0703 0x0d68  [ 1F7B23305F0D7CA120A3E65DEC21671F, E66618BBD95C1EF78F6BA732E3B8BFF5A7844AFA7359C8E69294251B6AB64BF1 ] C:\Program Files\HP\Digital Imaging\bin\hpotra08.rsc
02:58:04.0703 0x0d68  C:\Program Files\HP\Digital Imaging\bin\hpotra08.rsc - ok
02:58:04.0718 0x0d68  [ CF0376023360AADD55C89BA50564AFDC, C34320B40645DEA817852AAB63C76F40C18F563EB2760A9D191047A2B6C73973 ] C:\WINDOWS\system32\mdimon.dll
02:58:04.0718 0x0d68  C:\WINDOWS\system32\mdimon.dll - ok
02:58:04.0718 0x0d68  [ CC6292CA575E851E5B74BF8883AB967A, 40DB13B96395FC753C4BC70C32A1845002DDD613955589F8EE0BF7E049A43779 ] C:\WINDOWS\system32\fxsmon.dll
02:58:04.0718 0x0d68  C:\WINDOWS\system32\fxsmon.dll - ok
02:58:04.0734 0x0d68  [ 7BF64A9D0BA77D9D18F76E12DFFD67B3, AB01CF513E924FACF6ABD6E8ABD643E3138534984EE0038623F18FE328DEE0BC ] C:\Program Files\Avira\AntiVir Desktop\ccupdw.dll
02:58:04.0734 0x0d68  C:\Program Files\Avira\AntiVir Desktop\ccupdw.dll - ok
02:58:04.0734 0x0d68  [ 208AD2001AA9CF147BDD10F3D44FB3B9, 1A9F42031D74E468BE6628E9EE9A23EF7119B1D526656D766F2324D3BD2024EF ] C:\WINDOWS\assembly\NativeImages1_v1.0.3705\System.Xml\1.0.3300.0__b77a5c561934e089_70d22bfe\System.Xml.dll
02:58:04.0734 0x0d68  C:\WINDOWS\assembly\NativeImages1_v1.0.3705\System.Xml\1.0.3300.0__b77a5c561934e089_70d22bfe\System.Xml.dll - ok
02:58:04.0750 0x0d68  [ 40CB47F60854703F7A13594FE01B6486, 1EA9B25C9D9BEFE8DA20E3714412E3997ADE3A1C464D0EF91F0675F86289A599 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\d7fbfc6836ce7e53486ddb79b598ca8d\System.ServiceProcess.ni.dll
02:58:04.0750 0x0d68  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\d7fbfc6836ce7e53486ddb79b598ca8d\System.ServiceProcess.ni.dll - ok
02:58:04.0765 0x0d68  [ BDB83C844EDEC9BD01A94750D2C38DDF, B18B9E9B9EE74143153CA2479BF7FC9A5528DB4023FA085D0DA5E9B8795C7428 ] C:\WINDOWS\system32\fxsevent.dll
02:58:04.0765 0x0d68  C:\WINDOWS\system32\fxsevent.dll - ok
02:58:04.0765 0x0d68  [ 99616874F4133627E86354730F193076, BCB19AC3F6D5683BDC6F105B664F23741ED541AE8C99F7A1EEF47B1B721C1879 ] C:\Program Files\Updates from HP\9972322\Program\HPClientExt.dll
02:58:04.0765 0x0d68  C:\Program Files\Updates from HP\9972322\Program\HPClientExt.dll - ok
02:58:04.0781 0x0d68  [ B7A7F31F7CC7D20FAA21FC8A774F73E2, F3DB81F2F485DCAE732DAC2A6E740964406D7968BCFDFAAFFB87B03D4950E809 ] C:\Program Files\Avira\My Avira\en-US\Avira.OE.ServiceHost.resources.dll
02:58:04.0781 0x0d68  C:\Program Files\Avira\My Avira\en-US\Avira.OE.ServiceHost.resources.dll - ok
02:58:04.0781 0x0d68  [ 649320A12D1F1222722F39D2B232C57D, 41778048F179C3A7044880B9E083F5CCAE9AEB6E379E0F761B14440D41261119 ] C:\Program Files\Avira\My Avira\Avira.OE.Communicator.Interface.dll
02:58:04.0781 0x0d68  C:\Program Files\Avira\My Avira\Avira.OE.Communicator.Interface.dll - ok
02:58:04.0796 0x0d68  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] C:\WINDOWS\system32\ipnathlp.dll
02:58:04.0796 0x0d68  C:\WINDOWS\system32\ipnathlp.dll - ok
02:58:04.0796 0x0d68  [ 222DE7F5EDB9DDBE628384A1A8BE59CE, 063AF8C6C251961ABC93A8E8A07DB9B9582CD1812CA3BB297FAFDF0AD3E5B4CC ] C:\WINDOWS\system32\pjlmon.dll
02:58:04.0796 0x0d68  C:\WINDOWS\system32\pjlmon.dll - ok
02:58:04.0796 0x0d68  [ 2BE9F91D58F0812785B15E3325F3B05A, 5CEAAE502E42F5002DEE7BFF9CA161DEACFCCE49DF1FD3EB00F11013859F8BE7 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\768ccd38c2bf1f7045e79ac03cb679f1\System.ComponentModel.Composition.ni.dll
02:58:04.0796 0x0d68  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\768ccd38c2bf1f7045e79ac03cb679f1\System.ComponentModel.Composition.ni.dll - ok
02:58:04.0812 0x0d68  [ AE0382AD9C73D343D85E1A50C80B7C20, 7477A5A33C0ACF80BE73F0169893A7D53AF8ABC514FCE190A6ACC677092E5A55 ] C:\WINDOWS\system32\tcpmon.dll
02:58:04.0812 0x0d68  C:\WINDOWS\system32\tcpmon.dll - ok
02:58:04.0812 0x0d68  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] C:\WINDOWS\system32\wscsvc.dll
02:58:04.0812 0x0d68  C:\WINDOWS\system32\wscsvc.dll - ok
02:58:04.0828 0x0d68  [ F0BF811622F2DD6C8E26EE4600D83731, 81CFC1118551E84F5BBD2A863419529AA32DA92E5834C71DA77D13854F6CF048 ] C:\WINDOWS\system32\wbem\wbemcore.dll
02:58:04.0828 0x0d68  C:\WINDOWS\system32\wbem\wbemcore.dll - ok
02:58:04.0828 0x0d68  [ F26385E8BA4549B5186B774EC0E45D86, 0BA8CA4C06918690EA68678CA5887F1B7E2B0976C99BDFAF99CC1C99F3E300A0 ] C:\WINDOWS\system32\usbmon.dll
02:58:04.0828 0x0d68  C:\WINDOWS\system32\usbmon.dll - ok
02:58:04.0843 0x0d68  [ 19348207EADADF20555601D4513793D5, FAA05D239DD4A9E0CCC187F6A4EF10D97C6B7724577A336F8CF1390600E9EEE7 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\a2b1103ad3d9f329e0c9164994137c81\System.Core.ni.dll
02:58:04.0843 0x0d68  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\a2b1103ad3d9f329e0c9164994137c81\System.Core.ni.dll - ok
02:58:04.0843 0x0d68  [ F555BF4139A8F2BD3A832A13A3BFDC39, 5992138276C6AAD9252A072487475856A14187C584A05143356FF95C4940FFB4 ] C:\Program Files\Updates from HP\9972322\Program\NewProbe.exe
02:58:04.0843 0x0d68  C:\Program Files\Updates from HP\9972322\Program\NewProbe.exe - ok
02:58:04.0859 0x0d68  [ 8779099E892C0750321741BB2038BE9F, CDB634D5ACE218199A719D365DC154AE1DD3491CF6469AED4C7B85DC8DF479E5 ] C:\Program Files\Updates from HP\9972322\Program\frcom-9972322.dll
02:58:04.0859 0x0d68  C:\Program Files\Updates from HP\9972322\Program\frcom-9972322.dll - ok
02:58:04.0875 0x0d68  [ 58E13A2292839321D3CDC918D5A4F5AE, BC5978187A50AC886E30092904407F14B7BCFA997093989D20DB61EE6BA963E2 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
02:58:04.0875 0x0d68  C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll - ok
02:58:04.0890 0x0d68  [ C824BF0D01F7E02210097C6C935ACEDA, 9701B50491BF21E1ECBAF46A4783239D9C6E5739A5A91CA6EF8B3A2F5A8E9BC2 ] C:\Program Files\Avira\My Avira\Avira.OE.SpeedupConnector.Interface.dll
02:58:04.0890 0x0d68  C:\Program Files\Avira\My Avira\Avira.OE.SpeedupConnector.Interface.dll - ok
02:58:04.0906 0x0d68  [ 9DF35470215CC872926B470D110F1A64, E909963E512E001843EBFF8D48A319A7AC4FBB260CF402CED6193D02E6DABB52 ] C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\FrCom.dll
02:58:04.0906 0x0d68  C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\FrCom.dll - ok
02:58:04.0921 0x0d68  [ C88E90FB252E0AD644507EB1971BD1AA, C868B97BCA0B26FBA84541E88CD1F365FD727013E48BCFC0651F14F141A11061 ] C:\Program Files\Avira\AntiVir Desktop\cclicw.dll
02:58:04.0921 0x0d68  C:\Program Files\Avira\AntiVir Desktop\cclicw.dll - ok
02:58:04.0937 0x0d68  [ CBE55634554DE141125CCCE7BCADF1BB, 679252756D6AE3BFD800C0B1C0D509AE81E9469A9A50199CAEBD7A4A0CB81412 ] C:\Program Files\Avira\My Avira\Avira.OE.NativeCore.dll
02:58:04.0937 0x0d68  C:\Program Files\Avira\My Avira\Avira.OE.NativeCore.dll - ok
02:58:04.0937 0x0d68  [ 034CCADC1C073E4216E9466B720F9849, 86E39B5995AF0E042FCDAA85FE2AEFD7C9DDC7AD65E6327BD5E7058BC3AB615F ] C:\WINDOWS\system32\msvcr120.dll
02:58:04.0937 0x0d68  C:\WINDOWS\system32\msvcr120.dll - ok
02:58:04.0953 0x0d68  [ EEE7F12D9FF46F68FBC0DA059A359E9E, 1D0D5AC87ACDF3F041D9C31A92BFE7B1B81CBAD81F8F7CE8183FC3F61CAFF8CC ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
02:58:04.0953 0x0d68  C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
02:58:04.0953 0x0d68  [ E4616430709F440CF1809D88DC2366EA, C2CBC0A21A892FD8341E5A29E7164172340E07A75A5D54493036156D907AEAE7 ] C:\WINDOWS\system32\wbem\esscli.dll
02:58:04.0953 0x0d68  C:\WINDOWS\system32\wbem\esscli.dll - ok
02:58:04.0968 0x0d68  [ A4AA09635D43634ACF690826382CC28C, 35309979ACDF47D6617FF6C6C5622DA927856666791E84F135AF80A7FB06D5AF ] C:\Program Files\HP\Digital Imaging\bin\HpqUtil.dll
02:58:04.0968 0x0d68  C:\Program Files\HP\Digital Imaging\bin\HpqUtil.dll - ok
02:58:04.0968 0x0d68  [ 378A0AEFB11D8B0DC8C27B9F7604B88D, D0D6863FCE412B75B9B5FC38EA923759201E7193ED40CFBAA674630E2DE56FD3 ] C:\WINDOWS\system32\wbem\fastprox.dll
02:58:04.0968 0x0d68  C:\WINDOWS\system32\wbem\fastprox.dll - ok
02:58:04.0968 0x0d68  [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C, 7123FC923BA4C3DD3EDFE9F8936442C4CCE7757D370AB799B0B5668223B965EE ] C:\WINDOWS\system32\win32spl.dll
02:58:04.0968 0x0d68  C:\WINDOWS\system32\win32spl.dll - ok
02:58:04.0984 0x0d68  [ 3550DFA6FFFBD7604DABB28DF4ABF096, BABCA3DC67EDFD97B255D6FF34F9FBE1C06CADDF279F16ED09A368A4EDC3C60F ] C:\WINDOWS\ehome\custsat.dll
02:58:04.0984 0x0d68  C:\WINDOWS\ehome\custsat.dll - ok
02:58:04.0984 0x0d68  [ 30DA5EED5F64C875FDAF9E0283F654C9, 255645F67CA433118507D4B3DF426645D587DB7A5CA4D6D226C0A62A3CDF84DD ] C:\WINDOWS\assembly\GAC\BDATunePIA\6.0.3000.0__31bf3856ad364e35\bdatunepia.dll
02:58:04.0984 0x0d68  C:\WINDOWS\assembly\GAC\BDATunePIA\6.0.3000.0__31bf3856ad364e35\bdatunepia.dll - ok
02:58:05.0000 0x0d68  [ A00885BFA65E4B1A77C6211488EB57B9, B6BFCE2DF5B37AF69F3D360A1D916F09A6E94AA7E10DB297D7E35FFE7E61E9AD ] C:\PROGRA~1\UPDATE~1\9972322\632~1.116\Program\EN\frcomRc.dll
02:58:05.0000 0x0d68  C:\PROGRA~1\UPDATE~1\9972322\632~1.116\Program\EN\frcomRc.dll - ok
02:58:05.0015 0x0d68  [ 7F86A0C11A59B94E134C71DF6C5528BF, 17579D7E478CE3F6D0133B728D0E9CD14EC20A75D1143C8F65466D0F80A266C9 ] C:\WINDOWS\assembly\GAC\System.Data\1.0.3300.0__b77a5c561934e089\System.Data.dll
02:58:05.0015 0x0d68  C:\WINDOWS\assembly\GAC\System.Data\1.0.3300.0__b77a5c561934e089\System.Data.dll - ok
02:58:05.0015 0x0d68  [ FD5CABBE52272BD76007B68186EBAF00, 87C42CA155473E4E71857D03497C8CBC28FA8FF7F2C8D72E8A1F39B71078F608 ] C:\WINDOWS\system32\msvcp120.dll
02:58:05.0015 0x0d68  C:\WINDOWS\system32\msvcp120.dll - ok
02:58:05.0031 0x0d68  [ 010472D0AE758227C6F6E6933549C219, 4082365231756E2889BD9A19EEFA27665B9902F8C8BC376C70DC3AA80AEA541B ] C:\WINDOWS\system32\wbem\wbemsvc.dll
02:58:05.0031 0x0d68  C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
02:58:05.0031 0x0d68  [ 3273D1565BF30225C115B480A3BB2C9D, DF802F845EFEE506A0D3CA1EA9AEE1EDE73BCC02F2B64EDFACE0BBEFCF965455 ] C:\WINDOWS\system32\wbem\wmiutils.dll
02:58:05.0031 0x0d68  C:\WINDOWS\system32\wbem\wmiutils.dll - ok
02:58:05.0031 0x0d68  [ EE4C651A217B01D636B5364AC77DA892, E40C7DD39234673A3BA8FD87C189653C391E326ECB3E8011B5020BB9D78F56D0 ] C:\WINDOWS\system32\inetpp.dll
02:58:05.0031 0x0d68  C:\WINDOWS\system32\inetpp.dll - ok
02:58:05.0046 0x0d68  [ 942A17D2901A31EA68627CBFFCD268CC, C75E1C03929E16EDDBACFC37BD6C40E941F9D99E3E40ED3A07238343342685BD ] C:\WINDOWS\system32\wbem\repdrvfs.dll
02:58:05.0046 0x0d68  C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
02:58:05.0046 0x0d68  [ 071143F687B4F887E21461CA6CC7EB29, 92C849517F985F19926E6425CD99E21029E1CA14FC92C9E40091DC79D4A723F2 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
02:58:05.0046 0x0d68  C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
02:58:05.0062 0x0d68  [ A490EDE46A746E14AE6876021B6D4269, 3388A436AD9A6FFCDE57107E8DABF99639DED3434E60F18AE389509866048A62 ] C:\Program Files\HP\Digital Imaging\bin\hpodvd09.dll
02:58:05.0062 0x0d68  C:\Program Files\HP\Digital Imaging\bin\hpodvd09.dll - ok
02:58:05.0062 0x0d68  [ A59EA0E44025102A16CA138ED31F0344, 8AC8FB2801742CE18C794F78643E15BA0046DD267C848E0F586FEA1E75DE298F ] C:\Program Files\Avira\My Avira\Avira.OE.MiniGui.dll
02:58:05.0062 0x0d68  C:\Program Files\Avira\My Avira\Avira.OE.MiniGui.dll - ok
02:58:05.0078 0x0d68  [ 73D67A7F55A6438F10E35F16D47ABA29, 9FFBF5942BF05FC1C81B052EE691526D7F046BFA56AC8218C9DA907EA8DFE829 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\21071fcc838660d96f10920c4c3cd206\System.Xml.ni.dll
02:58:05.0078 0x0d68  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\21071fcc838660d96f10920c4c3cd206\System.Xml.ni.dll - ok
02:58:05.0078 0x0d68  [ 6BDA568A2AED0F84C717B5649F70C91C, 5915A213EFFE7B9D5134577281011EC04E2E9219A15B3617673B7DA2FD6116CF ] C:\Program Files\HP\Digital Imaging\bin\hpoddcomm09.dll
02:58:05.0078 0x0d68  C:\Program Files\HP\Digital Imaging\bin\hpoddcomm09.dll - ok
02:58:05.0093 0x0d68  [ 26D881D27CBE51D3614E68D7313EA026, BC84CFD5F382F6D844815065118793950E922B8FB52944E337DAA62874C103A3 ] C:\WINDOWS\system32\wbem\wbemess.dll
02:58:05.0093 0x0d68  C:\WINDOWS\system32\wbem\wbemess.dll - ok
02:58:05.0093 0x0d68  [ 1A617835452EEE5060976C9B9F5FE635, DCCAAB049681BE876B73F0880EA32196CDA7EC954D452768A48D366096C5BD53 ] C:\WINDOWS\system32\wuapi.dll
02:58:05.0093 0x0d68  C:\WINDOWS\system32\wuapi.dll - ok
02:58:05.0109 0x0d68  [ F4AC4B6C372B934B09CC68EBFC8EB2E5, 2C00E6CDA8F0E33A27E07E8A81C68A9C17A0D8A22088CFD25CA17613F6CA9D13 ] C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.3300.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
02:58:05.0109 0x0d68  C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.3300.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll - ok
02:58:05.0109 0x0d68  [ 326A73F82BCEC1D01F8D25C69C297245, AC2F5003BFD507D97836E8B2DA2034C087DC6C437167FAD642A41DEF2C98B00E ] C:\WINDOWS\ehome\ehproxy.dll
02:58:05.0109 0x0d68  C:\WINDOWS\ehome\ehproxy.dll - ok
02:58:05.0125 0x0d68  [ 4CE7F2EF945165FD681141EF6EA7B8C4, 2B7A1CCA5F1D4A1FC37C6F55421AA19D84C332A0CC4195DB0A7FFD4AB6C02272 ] C:\Program Files\Avira\My Avira\ServiceStack.Text.dll
02:58:05.0125 0x0d68  C:\Program Files\Avira\My Avira\ServiceStack.Text.dll - ok
02:58:05.0125 0x0d68  [ 8FBAABF97CCFC1264A0532C21CDC9AC9, E0ABAEACB5B5AEEC0FD43F9A739A1EAA29B59366A426EB1EF32C1B1ACDA2980F ] C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.3300.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll
02:58:05.0125 0x0d68  C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.3300.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll - ok
02:58:05.0140 0x0d68  [ D26451B540720A7313A9BCBE794DAF62, 255B3594876F9D9222760A53D1119E73D3BA4E4766C9DFAD63DCB180C5F33846 ] C:\WINDOWS\system32\wbem\ncprov.dll
02:58:05.0140 0x0d68  C:\WINDOWS\system32\wbem\ncprov.dll - ok
02:58:05.0156 0x0d68  [ 7FD5DA8145C09858AC201D4A29DF242D, 66062F2FA8282D49EC824FC1FA55B6D86B112FC5893BC234C126A6480E425A7F ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\363b05dd092178671e56531a9c4999b6\System.Configuration.ni.dll
02:58:05.0156 0x0d68  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\363b05dd092178671e56531a9c4999b6\System.Configuration.ni.dll - ok
02:58:05.0156 0x0d68  [ D1B44B09F6D8D0E5E84B9F2D5DEE6F7E, 897323721FC188A0E64C797DA07FE8AD41A34075123597DBFA4D91BC77D0F2F5 ] C:\Program Files\Avira\My Avira\Avira.OE.Communicator.dll
02:58:05.0156 0x0d68  C:\Program Files\Avira\My Avira\Avira.OE.Communicator.dll - ok
02:58:05.0171 0x0d68  [ 548356D4FBC3867AE515A905B5C33843, F7E592878D466ECF21D09D83CC46E31C67235452136F4CCA648FB11AA820F85D ] C:\Program Files\Avira\My Avira\Avira.OE.AvConnector.dll
02:58:05.0171 0x0d68  C:\Program Files\Avira\My Avira\Avira.OE.AvConnector.dll - ok
02:58:05.0171 0x0d68  [ B32AFBDAAC10F333B430354531861359, 3176AE55759BF644E40E3D17CF26B98CDC04DFFCED0EB407BD5D4FFB46558B0E ] C:\Program Files\Avira\My Avira\Avira.OE.BrowserExtensionConnector.dll
02:58:05.0171 0x0d68  C:\Program Files\Avira\My Avira\Avira.OE.BrowserExtensionConnector.dll - ok
02:58:05.0171 0x0d68  [ 741A23FFED3591E327C7FD749833D1C6, 8B485283FEA043CB8D3C4F3FA5FA5843781FA3A302189F969796CBE1C9A31044 ] C:\Program Files\Avira\My Avira\Avira.OE.DropboxConnector.dll
02:58:05.0187 0x0d68  C:\Program Files\Avira\My Avira\Avira.OE.DropboxConnector.dll - ok
02:58:05.0187 0x0d68  [ 067CE63E7E49C8C54F6E749E6AAA9F1A, 25CD96BD389E4A900CE9D047153DFF4845AAA3792C6A9C6479376249A5FABFD0 ] C:\Program Files\Avira\My Avira\Avira.OE.SpeedupConnector.dll
02:58:05.0187 0x0d68  C:\Program Files\Avira\My Avira\Avira.OE.SpeedupConnector.dll - ok
02:58:05.0187 0x0d68  [ 58588EAA2CA3F5F81304A64CF3564225, F81B4FF15842A628D1F52927643873047C5B6B51346919C5D6453869D53C38F5 ] C:\Program Files\Avira\My Avira\WebSocket4Net.dll
02:58:05.0187 0x0d68  C:\Program Files\Avira\My Avira\WebSocket4Net.dll - ok
02:58:05.0203 0x0d68  [ 77D17E48F4999EC725C37A83CF80F498, 4A46D1708449E8540DAB10700359D2EC38EB2C38608F589E9A316EE9939B1254 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\7c73ac0ffec7d226ca3dac70df184f18\System.ServiceModel.ni.dll
02:58:05.0203 0x0d68  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\7c73ac0ffec7d226ca3dac70df184f18\System.ServiceModel.ni.dll - ok
02:58:05.0203 0x0d68  [ 7B0812AC9F9104230774152C2EC2BE63, 68CE323323D0D01502786E207BECAF5FAABE927339A9D0F0F863B1443A59B5C2 ] C:\Program Files\Avira\My Avira\Avira.OE.AvConnector.Interface.dll
02:58:05.0203 0x0d68  C:\Program Files\Avira\My Avira\Avira.OE.AvConnector.Interface.dll - ok
02:58:05.0218 0x0d68  [ 7A114BF6C0D6B163B77508378373F3D8, F87A6928E09B544E14F54E52CA93DD62CA926E6A78431C6B172BA732074E811A ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\9db486997d651f0646a089ff6cfb605e\System.Runtime.Serialization.ni.dll
02:58:05.0218 0x0d68  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\9db486997d651f0646a089ff6cfb605e\System.Runtime.Serialization.ni.dll - ok
02:58:05.0234 0x0d68  [ B80A7EF1A81EBE75356EB6DD28F0C495, 429E44A166A920D33616549BABB0921E5EC175748F7C9A459CA094C61889048A ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\ba4bc24df463a622c0e918d8c49672ed\SMDiagnostics.ni.dll
02:58:05.0234 0x0d68  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\ba4bc24df463a622c0e918d8c49672ed\SMDiagnostics.ni.dll - ok
02:58:05.0234 0x0d68  [ 0BAC2D0E37475652B94DCE79BAD2D5D7, BAC5D019927E9F3AF1C310083E0725AEE72584C88F5348558328F9A0587312D3 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\f56869ede7c0fddb751c39e050dd62a8\System.Runtime.DurableInstancing.ni.dll
02:58:05.0234 0x0d68  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\f56869ede7c0fddb751c39e050dd62a8\System.Runtime.DurableInstancing.ni.dll - ok
02:58:05.0250 0x0d68  [ B7B6925569F579D109D2FE5D2CB758C2, 3FBEF512D14002E189FD911D1C2E86B4F0F66C69880132630F77890D07345538 ] C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
02:58:05.0250 0x0d68  C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll - ok
02:58:05.0265 0x0d68  [ 3724A9C6025168FD53C6B5A385D6DE08, 8D2025890275BF647BE2038EDEE973A99EB950E01C24E099B079A6AAAB69500E ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\c3a03bb69e38f5ed9ebce72d48a722ef\System.Transactions.ni.dll
02:58:05.0265 0x0d68  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\c3a03bb69e38f5ed9ebce72d48a722ef\System.Transactions.ni.dll - ok
02:58:05.0265 0x0d68  [ 58EC3C662CBB3318A53B7E817FC7B751, 0F61430065E6B19E0F639691057E350A1E11932568BB9EDE0C3F7C410F0061B5 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\a0204aa75b8665f3c674ff18eebbf13f\System.IdentityModel.ni.dll
02:58:05.0265 0x0d68  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\a0204aa75b8665f3c674ff18eebbf13f\System.IdentityModel.ni.dll - ok
02:58:05.0281 0x0d68  [ 41962D5E18E9874390BC1F074571A6BB, 2015A691432CE09EB8A4C9D2C1FE95BFF4AF8A0702F3F2925068A54D416512B5 ] C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
02:58:05.0281 0x0d68  C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll - ok
02:58:05.0296 0x0d68  [ DAA19F5ECE17866DEE20A1693B5C96E7, 0ABEE3CE9253AD3B5FEB9FED5D3254893327F57CE3A903348F822A7743A4B40E ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\ff4ecc058f27a9c36136e5d38e43fb59\WindowsBase.ni.dll
02:58:05.0296 0x0d68  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\ff4ecc058f27a9c36136e5d38e43fb59\WindowsBase.ni.dll - ok
02:58:05.0296 0x0d68  [ 8AE3AE43DA1A8CB8DFD2169F57B88868, 31822C386A57009439E6C770EA7554898850B33C9C2C71887861070125F8D483 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\04326608ac9ad05c2a1e8bd46a068a91\System.Xaml.ni.dll
02:58:05.0296 0x0d68  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\04326608ac9ad05c2a1e8bd46a068a91\System.Xaml.ni.dll - ok
02:58:05.0312 0x0d68  [ 34058FAF01E261BEBF11D63CC14BC7BA, D601363FD4C3F35588162E932C68C2BEC3013C21ECA16DDD2719F9E633CCD80E ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\8a6f500c40e3fa7da71110af6c0a60ac\System.Xml.Linq.ni.dll
02:58:05.0312 0x0d68  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\8a6f500c40e3fa7da71110af6c0a60ac\System.Xml.Linq.ni.dll - ok
02:58:05.0312 0x0d68  [ 3C9420A013661B401791494CB9C7AF91, F5CE37262FC9DA3AA595F5C969CED7626528348F556C18F943EEC325BB0A0746 ] C:\Program Files\Avira\My Avira\NLog.dll
02:58:05.0312 0x0d68  C:\Program Files\Avira\My Avira\NLog.dll - ok
02:58:05.0328 0x0d68  [ FD435DF8C9CA7A49CCBF7CD2F7627739, DF14C28FAABFF86C3670275D8E7ACFE31F4EE7AB5A491AF6D783AB1DDA86A83E ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\diasymreader.dll
02:58:05.0328 0x0d68  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\diasymreader.dll - ok
02:58:05.0328 0x0d68  [ 7C359500407DD393A276010AB778D5AF, A4009288982E4C30D22B544167F72DB882E34F0FDA7D4061B2C02C84688C0ED1 ] C:\Program Files\Avira\My Avira\Ionic.Zip.Reduced.dll
02:58:05.0328 0x0d68  C:\Program Files\Avira\My Avira\Ionic.Zip.Reduced.dll - ok
02:58:05.0343 0x0d68  [ 511C9E3DD98B1A403AAB8F2DBDCB667C, D3D706A050EDD84D6F5E6FF83260B844C8B5AE3D9D164D120EC942634072189E ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\97586cdb698c29ba95fd83e44a0c0ca6\System.Data.ni.dll
02:58:05.0343 0x0d68  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\97586cdb698c29ba95fd83e44a0c0ca6\System.Data.ni.dll - ok
02:58:05.0359 0x0d68  [ 621B8A1AA85635B59837F44D853B5859, EF551EA35FFD476334F9D798BB7C52BD1A7FC213059E1C13DF7CB60717277D81 ] C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
02:58:05.0359 0x0d68  C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll - ok
02:58:05.0359 0x0d68  [ 03A02D5A2D50198BDF6C62AF209438D0, 7A2577BB31B937436689EB8E3F415F71D3744209EFFC110C9B12C42025F36C88 ] C:\WINDOWS\system32\msxml3.dll
02:58:05.0359 0x0d68  C:\WINDOWS\system32\msxml3.dll - ok
02:58:05.0375 0x0d68  [ CD667A979896D2132600671E942F5F2C, EC2D1CC59C918747F8A0CC2BD30E917DD69BBBF1E6CA4E3262B3FE26C28F92A8 ] C:\Program Files\Java\jre7\bin\awt.dll
02:58:05.0375 0x0d68  C:\Program Files\Java\jre7\bin\awt.dll - ok
02:58:05.0375 0x0d68  [ 798A9E6828997EEF4517ADA8A2259831, 64389FAD94D54E2D43A7292AD3C57CB16F90F2C80EA44099E02D11E19E390A5B ] C:\WINDOWS\system32\wbem\wmiprvse.exe
02:58:05.0375 0x0d68  C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
02:58:05.0390 0x0d68  [ E837FDBB92E9873E538395B623F45462, E00D9F1471D9BDE7E53A5F8359B6F3B1606A432D4E94AB6B2A6898AB48E6751B ] C:\WINDOWS\system32\wbem\cimwin32.dll
02:58:05.0390 0x0d68  C:\WINDOWS\system32\wbem\cimwin32.dll - ok
02:58:05.0390 0x0d68  [ C02EB0470874DA54DEAB41CD2F210360, D3D40456A474433484504684057D2CACC701304266CAFC233EB76974438793C3 ] C:\Program Files\Java\jre7\bin\client\jvm.dll
02:58:05.0390 0x0d68  C:\Program Files\Java\jre7\bin\client\jvm.dll - ok
02:58:05.0406 0x0d68  [ 4306FA2F1099D7C606139255FDB62B19, 75A0A99B9D8B0E2B39A8093F72DC283D5F2D56FB731C2BA193579DCE916030A0 ] C:\WINDOWS\system32\wbem\framedyn.dll
02:58:05.0406 0x0d68  C:\WINDOWS\system32\wbem\framedyn.dll - ok
02:58:05.0406 0x0d68  [ 8BCD11D38FCE43A519246A91CC40DE6A, 981EE4B29FDE6DB58FAA17BCCA66DB8143D693D91A00B7519F01ABBAE11AA580 ] C:\WINDOWS\system32\security.dll
02:58:05.0406 0x0d68  C:\WINDOWS\system32\security.dll - ok
02:58:05.0406 0x0d68  [ C730F70351D950DDA7388C9A9763CF54, 7A9D265E4D2F76EF131D01C2EE1CDC19A8E5FDCAF97649CC562E8114B92D411F ] C:\WINDOWS\system32\wbem\wmipcima.dll
02:58:05.0406 0x0d68  C:\WINDOWS\system32\wbem\wmipcima.dll - ok
02:58:05.0421 0x0d68  [ FB8C856098127274DA7D62BCB952E6D6, 62C2730DFC94DA237D1EC6774E1FDAE4B9B7806C4A662EF0A3D38DA585387CBC ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\ed36e9ff00f2fb0f33f1c08b20a7afc0\PresentationCore.ni.dll
02:58:05.0421 0x0d68  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\ed36e9ff00f2fb0f33f1c08b20a7afc0\PresentationCore.ni.dll - ok
02:58:05.0421 0x0d68  [ FD0C6E6875A39D92CDB724D72063239F, FDD58C7C3AB42659E8DCA6DE0FCDF643576F7E9809CE26C72B25871476F16869 ] C:\Program Files\Avira\AntiVir Desktop\ipmgui.exe
02:58:05.0421 0x0d68  C:\Program Files\Avira\AntiVir Desktop\ipmgui.exe - ok
02:58:05.0437 0x0d68  [ 5A8E58DA60D51EBFD90D3C142AF7E333, 59CE58E55BBB15E36170C19E0D7560EFAA8EA85F8F3A4AED8720AA19BF9CC8EB ] C:\Program Files\Avira\AntiVir Desktop\avpref.dll
02:58:05.0437 0x0d68  C:\Program Files\Avira\AntiVir Desktop\avpref.dll - ok
02:58:05.0437 0x0d68  [ B5EBB67B678C1A758C00A169ECFC3745, F26AC8DB94AC8726B7CFA1B797449DF4C33BECBAEF4B75AFA8B3771432B71283 ] C:\Program Files\Java\jre7\bin\dcpr.dll
02:58:05.0437 0x0d68  C:\Program Files\Java\jre7\bin\dcpr.dll - ok
02:58:05.0453 0x0d68  [ 9C940E4137E4D3E5E9871417F922D96B, 860455DC7F62E8D64CAD9A96AFEE282D95F57171F7299551CD54624D973200D9 ] C:\Program Files\Java\jre7\bin\deploy.dll
02:58:05.0453 0x0d68  C:\Program Files\Java\jre7\bin\deploy.dll - ok
02:58:05.0453 0x0d68  [ 3DB2624CCB1663BF6D62311B2B9E7B55, 1E00FE8432E0E2039409823081D627A889B5A281096E7304169F2C44B2D8A463 ] C:\WINDOWS\system32\mshtml.dll
02:58:05.0453 0x0d68  C:\WINDOWS\system32\mshtml.dll - ok
02:58:05.0453 0x0d68  [ 616EBFF22431F056921F9F7D53749596, 77A2891899F344D0EE30CD1EC82036C60BDE0D35D059E574A05273307AD65CC8 ] C:\Program Files\Java\jre7\bin\fontmanager.dll
02:58:05.0453 0x0d68  C:\Program Files\Java\jre7\bin\fontmanager.dll - ok
02:58:05.0468 0x0d68  [ 69AE0D400F5E800F8DBFF15E3629DE41, 26DCDDE57A6A577F3D660ADBDBDE5DEF598CFBB441B96512EB3F056DD1D3F1E7 ] C:\Program Files\Java\jre7\bin\java.dll
02:58:05.0468 0x0d68  C:\Program Files\Java\jre7\bin\java.dll - ok
02:58:05.0468 0x0d68  [ 3BDEB17FE6390BFF1BF3A2D964DE8E48, 8DE8334B8A735DB08650936B83D4D44BE7E4BE9256CBB06EFB0654C8736C4D98 ] C:\Program Files\Java\jre7\bin\javaw.exe
02:58:05.0468 0x0d68  C:\Program Files\Java\jre7\bin\javaw.exe - ok
02:58:05.0484 0x0d68  [ 588F692E921C21B9EB7BE4A0A715835E, BC2859E33CB4378D898C5BC2C40053DDF0EC38DB33C7DBAF3D353F5747AF9E7E ] C:\Program Files\Java\jre7\bin\jp2native.dll
02:58:05.0484 0x0d68  C:\Program Files\Java\jre7\bin\jp2native.dll - ok
02:58:05.0484 0x0d68  [ 041ADE9D795E632E750EC283C5098F35, BF845F00B206912CFF884D47FFF4F44D5790513AB91C814DFFDD9D5C99353762 ] C:\Program Files\Java\jre7\bin\jpeg.dll
02:58:05.0484 0x0d68  C:\Program Files\Java\jre7\bin\jpeg.dll - ok
02:58:05.0500 0x0d68  [ 3D91F8F9601B904AAAF18E02FDB9FEB7, 64E77402FB68D95A9897A9ABAC400A3936D28B1B11DF1EDB534B7835517C76A6 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\b72152b4330e2f009a868aa16c47acb4\PresentationFramework.ni.dll
02:58:05.0500 0x0d68  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\b72152b4330e2f009a868aa16c47acb4\PresentationFramework.ni.dll - ok
02:58:05.0500 0x0d68  [ D9521C7CD91ED1AF0143586EF33975ED, 5BF23E0298F350462D68E1F2CD0B481A46BF25BCF9E5FAA925AAB3202A580712 ] C:\Program Files\Java\jre7\bin\net.dll
02:58:05.0500 0x0d68  C:\Program Files\Java\jre7\bin\net.dll - ok
02:58:05.0515 0x0d68  [ 6338FE3E849FFCFC6C15BF6569171FE1, FEA4A997088AF49A9F182F81ACB0F98A378364B8D7B2F8C7DE9A2F4A63F4943B ] C:\Program Files\Java\jre7\bin\nio.dll
02:58:05.0515 0x0d68  C:\Program Files\Java\jre7\bin\nio.dll - ok
02:58:05.0515 0x0d68  [ CBA0BCC020D0B33DE309B67DB76EA9BC, B2FE64B76381AFE116FAD714F0311EF57BE5C960043A8424F6B4678CFF4317A0 ] C:\Program Files\Java\jre7\bin\verify.dll
02:58:05.0515 0x0d68  C:\Program Files\Java\jre7\bin\verify.dll - ok
02:58:05.0531 0x0d68  [ 1DB98EC1A4B66B67B98E0E2BCC983AFC, 46EE6C0954BF4A68813DF4D0C4AA327A276B7B1DBCF45E430CF75D81E89979C1 ] C:\Program Files\Java\jre7\bin\zip.dll
02:58:05.0531 0x0d68  C:\Program Files\Java\jre7\bin\zip.dll - ok
02:58:05.0531 0x0d68  [ 2ACCD352451EC0F99AF2AD9DB6DB4439, 7EFFA9D4561674633B2FFB35F629947B061AFE5DA756DA6D02E0584FCE221445 ] C:\WINDOWS\system32\msls31.dll
02:58:05.0546 0x0d68  C:\WINDOWS\system32\msls31.dll - ok
02:58:05.0546 0x0d68  [ 77412987604826766E22B051AFCF8EAE, D0B3F70E53B9EEBF4875B76DD220CD8CE9A9EBED4838194E22EDF7151B3A67B3 ] C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
02:58:05.0546 0x0d68  C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll - ok
02:58:05.0562 0x0d68  [ EBC6332093AEC6A4FBF2C3919D03877A, 00E956496A62D295160CE976B044B29AD3053B47ED0B21BFFE6A1106DB2C740D ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\wpftxt_v0400.dll
02:58:05.0562 0x0d68  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\wpftxt_v0400.dll - ok
02:58:05.0562 0x0d68  [ 56D16A44691C0337DD0EF3F3008A9977, 37B9CE5CC4764B036BA9615D5DAD307F138ABAC6150DC67B2128D6D706B67798 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll
02:58:05.0562 0x0d68  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll - ok
02:58:05.0578 0x0d68  [ 9383D302F0D95DB0802308CF250727F3, 6A1CD75C5654DB0A0BD1C019522B8D27AF08C19590A809C1454B909C5E6B5039 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationNative_v0400.dll
02:58:05.0578 0x0d68  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationNative_v0400.dll - ok
02:58:05.0578 0x0d68  [ 6435F85300DF990477B7AB48CEFA2D5B, 4FB504025937A44EBD511B5753B6C23B2B43D878720643DE705047975F0D51CE ] C:\Program Files\Avira\My Avira\en-US\Avira.OE.MiniGui.resources.dll
02:58:05.0578 0x0d68  C:\Program Files\Avira\My Avira\en-US\Avira.OE.MiniGui.resources.dll - ok
02:58:05.0593 0x0d68  [ 5F63E2B2A72E1E6448123E0920D31530, 46934E1710AB5A9B66204721904A3AE856B40F5B84E0E268B4A410C26C7FAA95 ] C:\WINDOWS\system32\windowscodecs.dll
02:58:05.0593 0x0d68  C:\WINDOWS\system32\windowscodecs.dll - ok
02:58:05.0593 0x0d68  [ E8C66B9AD5EBD72D1A1CB63B33D79007, DD62B27D9C1116D5731CDAF100EF08049B9E35588D160258F5C50068CE1A8D6E ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\3d105e94140b8c742ed50a2c6194394c\System.Data.Linq.ni.dll
02:58:05.0593 0x0d68  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\3d105e94140b8c742ed50a2c6194394c\System.Data.Linq.ni.dll - ok
02:58:05.0609 0x0d68  [ 05B1B94698939457571E4DCF96EDDF9B, B6A3462F92CA2F3FDAD2BC73B023D551F1BAFA0C15A3B1B44BDEF237974AB49B ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\47a2b7b2fa872de3078d49d0a4c10cb2\System.EnterpriseServices.ni.dll
02:58:05.0609 0x0d68  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\47a2b7b2fa872de3078d49d0a4c10cb2\System.EnterpriseServices.ni.dll - ok
02:58:05.0625 0x0d68  [ 96D9AF9B3806A79C8A4F79A7EB050CA4, A9168D30E66765B628E9D0C869029EA80DCD5356C85D9F2B5A620B89C030D713 ] C:\Program Files\Avira\My Avira\WPFToolkit.dll
02:58:05.0625 0x0d68  C:\Program Files\Avira\My Avira\WPFToolkit.dll - ok
02:58:05.0625 0x0d68  [ C755E17BAC396F9A9F468320B3F6CF46, 38A8205B3C8CBF2B06FD131AF95A37E2C7E1931486F267826C5E288E14EC129A ] C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.Wrapper.dll
02:58:05.0625 0x0d68  C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.Wrapper.dll - ok
02:58:05.0640 0x0d68  [ 8D1176CB888CDAF443074D6F30E2FE96, 42174DD5F6218868BB7FB1926312A51F5B90DFFEE3F3E25CC8B57958A123FE2C ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\47a2b7b2fa872de3078d49d0a4c10cb2\System.EnterpriseServices.Wrapper.dll
02:58:05.0640 0x0d68  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\47a2b7b2fa872de3078d49d0a4c10cb2\System.EnterpriseServices.Wrapper.dll - ok
02:58:05.0640 0x0d68  ================ Scan generic autorun ======================
02:58:05.0687 0x0d68  [ F90137A9897071EDE961A5ABA4EA524F, F3374B4ED84CCEC9F84339EB583001E15B56B1C548C0ADDB462764F6F4F1E884 ] C:\WINDOWS\ehome\ehtray.exe
02:58:05.0750 0x0d68  ehTray - ok
02:58:05.0796 0x0d68  [ 9C3B2302B60FB0EFB13BC880A5E3E93E, 16F32AB74A57B521FF431F2C36609DE5F6ABE0DCD3111B4954471DEED700A66B ] C:\WINDOWS\system32\HDAShCut.exe
02:58:05.0828 0x0d68  High Definition Audio Property Page Shortcut - ok
02:58:05.0859 0x0d68  [ 409F6851BDAEC9ACCBDDE692D56D5C87, 22244B58BE2E80849D228679707FE6C0C73FDE0548E0EF29B3C3F82205D741CE ] C:\WINDOWS\system32\hkcmd.exe
02:58:05.0921 0x0d68  HotKeysCmds - ok
02:58:05.0937 0x0d68  [ 2D838F01650A630AE7A78C864315FBDC, 74BEBB525374F90889A84682271CFB8E7E5F817B509CD3D45FDD9432A7A70461 ] C:\WINDOWS\system32\igfxpers.exe
02:58:05.0968 0x0d68  Persistence - ok
02:58:06.0093 0x0d68  [ 4F113169A2DE985D043A5530987AD6D0, 13804396E930DAFEF342FB179A02C93F4C99A177A2E145E933723FA382763E96 ] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
02:58:06.0125 0x0d68  HPHUPD08 - detected UnsignedFile.Multi.Generic ( 1 )
02:58:06.0125 0x0d68  HPHUPD08 ( UnsignedFile.Multi.Generic ) - warning
02:58:06.0125 0x0d68  [ 30A086BA3520555B718E77763B1C52C0, 4F121DF4C11CFA53AE5AA4443811FDC12B9490A9E2CFF15B51944F830DA34A05 ] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe
02:58:06.0187 0x0d68  HPBootOp - detected UnsignedFile.Multi.Generic ( 1 )
02:58:06.0187 0x0d68  HPBootOp ( UnsignedFile.Multi.Generic ) - warning
02:58:06.0312 0x0d68  [ 6380625DD0480ED60960A149A087C848, 50D920A3184B431246B38066FB6D6452C90294FCCEB8E2F1F1B7A2743E6C1106 ] c:\hp\bin\cloaker.exe
02:58:06.0343 0x0d68  IcoSet - detected UnsignedFile.Multi.Generic ( 1 )
02:58:06.0343 0x0d68  IcoSet ( UnsignedFile.Multi.Generic ) - warning
02:58:06.0390 0x0d68  [ 5FD441FA69B135B8891EBF8F2F8631B7, 6827D7F5648E838E60D18304B2B2019CCBA18C9772FDFB2835BB99F4652A1B3F ] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
02:58:06.0453 0x0d68  LSBWatcher - detected UnsignedFile.Multi.Generic ( 1 )
02:58:06.0453 0x0d68  LSBWatcher ( UnsignedFile.Multi.Generic ) - warning
02:58:06.0453 0x0d68  Force sending object to P2P due to detect: c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
02:58:06.0453 0x0d68  Object send P2P result: false
02:58:06.0484 0x0d68  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
02:58:06.0515 0x0d68  HP Software Update - ok
02:58:06.0562 0x0d68  [ D09A5F5C4DBD5D4DFF09AB1A69812062, 2282EEA1AAD234A773C46FEA1EF4330E8320FC240BE3E2F5A38C3DF4F09CA947 ] C:\Program Files\Common Files\Real\Update_OB\realsched.exe
02:58:06.0609 0x0d68  TkBellExe - detected UnsignedFile.Multi.Generic ( 1 )
02:58:06.0609 0x0d68  TkBellExe ( UnsignedFile.Multi.Generic ) - warning
02:58:06.0703 0x0d68  [ 69B388D8F3085411D00F875FF5CBCAF6, 22F6DCF1E6D1DD28793CCDFE9FC33E737180BB3C5C65BE3BFA9C2522B6B6F66B ] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
02:58:06.0812 0x0d68  avgnt - ok
02:58:06.0843 0x0d68  [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe
02:58:07.0000 0x0d68  ctfmon.exe - ok
02:58:07.0265 0x0d68  [ 2B24F194FC5B657397ECB2923A68350E, B7F36CD6F0C33A2EC09898E35786E2225AC22408C25720E4D5B7A32CCA54940C ] C:\Program Files\CCleaner\CCleaner.exe
02:58:07.0640 0x0d68  CCleaner Monitoring - ok
02:58:07.0781 0x0d68  [ 085BBE2556ECDAEB4015099CE663ACA1, 46DE8C8E6DBAE588976C63072AC3E5943F3C8263294D4BCBDCAAF361B5162DF5 ] C:\Program Files\Sandboxie\SbieCtrl.exe
02:58:07.0843 0x0d68  SandboxieControl - ok
02:58:07.0875 0x0d68  [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe
02:58:08.0015 0x0d68  ctfmon.exe - ok
02:58:08.0046 0x0d68  AV detected via SS1: Avira Desktop, 15.0.8.652, enabled, updated
02:58:08.0062 0x0d68  Win FW state via NFM: enabled
02:58:08.0062 0x0d68  ============================================================
02:58:08.0062 0x0d68  Scan finished
02:58:08.0062 0x0d68  ============================================================
02:58:08.0093 0x0d60  Detected object count: 9
02:58:08.0093 0x0d60  Actual detected object count: 9
02:58:29.0093 0x0d60  MHNDRV ( UnsignedFile.Multi.Generic ) - skipped by user
02:58:29.0093 0x0d60  MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
02:58:29.0093 0x0d60  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
02:58:29.0093 0x0d60  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
02:58:29.0093 0x0d60  PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
02:58:29.0093 0x0d60  PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
02:58:29.0093 0x0d60  UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - skipped by user
02:58:29.0093 0x0d60  UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
02:58:29.0093 0x0d60  HPHUPD08 ( UnsignedFile.Multi.Generic ) - skipped by user
02:58:29.0093 0x0d60  HPHUPD08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
02:58:29.0093 0x0d60  HPBootOp ( UnsignedFile.Multi.Generic ) - skipped by user
02:58:29.0093 0x0d60  HPBootOp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
02:58:29.0093 0x0d60  IcoSet ( UnsignedFile.Multi.Generic ) - skipped by user
02:58:29.0093 0x0d60  IcoSet ( UnsignedFile.Multi.Generic ) - User select action: Skip 
02:58:29.0109 0x0d60  LSBWatcher ( UnsignedFile.Multi.Generic ) - skipped by user
02:58:29.0109 0x0d60  LSBWatcher ( UnsignedFile.Multi.Generic ) - User select action: Skip 
02:58:29.0109 0x0d60  TkBellExe ( UnsignedFile.Multi.Generic ) - skipped by user
02:58:29.0109 0x0d60  TkBellExe ( UnsignedFile.Multi.Generic ) - User select action: Skip 
02:59:05.0171 0x02c8  ============================================================
02:59:05.0171 0x02c8  Scan started
02:59:05.0171 0x02c8  Mode: Manual; SigCheck; TDLFS; 
02:59:05.0171 0x02c8  ============================================================
02:59:05.0171 0x02c8  KSN ping started
02:59:07.0671 0x02c8  KSN ping finished: true
02:59:08.0140 0x02c8  ================ Scan system memory ========================
02:59:08.0140 0x02c8  System memory - ok
02:59:08.0140 0x02c8  ================ Scan services =============================
02:59:08.0281 0x02c8  Abiosdsk - ok
02:59:08.0281 0x02c8  abp480n5 - ok
02:59:08.0328 0x02c8  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
02:59:08.0484 0x02c8  ACPI - ok
02:59:08.0515 0x02c8  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
02:59:08.0671 0x02c8  ACPIEC - ok
02:59:08.0671 0x02c8  adpu160m - ok
02:59:08.0703 0x02c8  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
02:59:08.0843 0x02c8  aec - ok
02:59:08.0890 0x02c8  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
02:59:08.0921 0x02c8  AFD - ok
02:59:09.0000 0x02c8  [ 34F27C7D71F1C49C7D3857F28B42F544, C307405BC92E174BF696F9A5EC844A95AD983AE2C4223C89F445D89A3361A232 ] AgereSoftModem  C:\WINDOWS\system32\DRIVERS\AGRSM.sys
02:59:09.0078 0x02c8  AgereSoftModem - ok
02:59:09.0093 0x02c8  Aha154x - ok
02:59:09.0109 0x02c8  aic78u2 - ok
02:59:09.0109 0x02c8  aic78xx - ok
02:59:09.0156 0x02c8  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
02:59:09.0281 0x02c8  Alerter - ok
02:59:09.0312 0x02c8  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe
02:59:09.0453 0x02c8  ALG - ok
02:59:09.0453 0x02c8  AliIde - ok
02:59:09.0468 0x02c8  amsint - ok
02:59:09.0703 0x02c8  [ 624D29E2D70F83147A79043FD0024D1D, 8B9D4692529155893E3E73E2CF1B0A36354C7032C9524FDCBC5D57562F7F0342 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
02:59:09.0734 0x02c8  AntiVirSchedulerService - ok
02:59:09.0796 0x02c8  [ 624D29E2D70F83147A79043FD0024D1D, 8B9D4692529155893E3E73E2CF1B0A36354C7032C9524FDCBC5D57562F7F0342 ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
02:59:09.0828 0x02c8  AntiVirService - ok
02:59:09.0937 0x02c8  [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
02:59:10.0109 0x02c8  AppMgmt - ok
02:59:10.0140 0x02c8  [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
02:59:10.0281 0x02c8  Arp1394 - ok
02:59:10.0281 0x02c8  asc - ok
02:59:10.0296 0x02c8  asc3350p - ok
02:59:10.0312 0x02c8  asc3550 - ok
02:59:10.0656 0x02c8  [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
02:59:10.0687 0x02c8  aspnet_state - ok
02:59:10.0718 0x02c8  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
02:59:10.0875 0x02c8  AsyncMac - ok
02:59:10.0906 0x02c8  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
02:59:11.0046 0x02c8  atapi - ok
02:59:11.0062 0x02c8  Atdisk - ok
02:59:11.0093 0x02c8  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
02:59:11.0250 0x02c8  Atmarpc - ok
02:59:11.0312 0x02c8  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
02:59:11.0484 0x02c8  AudioSrv - ok
02:59:11.0546 0x02c8  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
02:59:11.0671 0x02c8  audstub - ok
02:59:11.0703 0x02c8  [ AF5DA81B19AFA730F1E5246AD81D140A, 532951071F56896A3B5D47874C14D996C8620EA02F87D4BA21B083EC804FB166 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
02:59:11.0734 0x02c8  avgntflt - ok
02:59:11.0796 0x02c8  [ A5674637BCA212D9FE136ADFA04C9857, 95F3632EBB041C539816D285EBE1F379D46A4187379C69D4683D9F4DECBDB80C ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
02:59:11.0828 0x02c8  avipbb - ok
02:59:11.0968 0x02c8  [ 8E6214E8C6100222BEB6A14F9B908A7E, 268279AE0D87E4B1CC227355DF12B7E8113F8355B1D20447AA723830D706021A ] Avira.OE.ServiceHost C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
02:59:11.0984 0x02c8  Avira.OE.ServiceHost - ok
02:59:12.0015 0x02c8  [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
02:59:12.0031 0x02c8  avkmgr - ok
02:59:12.0062 0x02c8  [ 7270D070173B20AC9487EA16BB08B45F, 4097AFCF91F1B3DCEFF388009605145ED2B319695BCEB85FF62ADA07087191D9 ] bb-run          C:\WINDOWS\system32\DRIVERS\bb-run.sys
02:59:12.0093 0x02c8  bb-run - ok
02:59:12.0140 0x02c8  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
02:59:12.0281 0x02c8  Beep - ok
02:59:12.0343 0x02c8  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll
02:59:12.0484 0x02c8  BITS - ok
02:59:12.0531 0x02c8  [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser         C:\WINDOWS\System32\browser.dll
02:59:12.0562 0x02c8  Browser - ok
02:59:12.0593 0x02c8  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
02:59:12.0750 0x02c8  cbidf2k - ok
02:59:12.0750 0x02c8  cd20xrnt - ok
02:59:12.0796 0x02c8  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
02:59:12.0937 0x02c8  Cdaudio - ok
02:59:12.0968 0x02c8  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
02:59:13.0093 0x02c8  Cdfs - ok
02:59:13.0125 0x02c8  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
02:59:13.0265 0x02c8  Cdrom - ok
02:59:13.0281 0x02c8  Changer - ok
02:59:13.0328 0x02c8  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
02:59:13.0468 0x02c8  CiSvc - ok
02:59:13.0468 0x02c8  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
02:59:13.0593 0x02c8  ClipSrv - ok
02:59:13.0640 0x02c8  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
02:59:13.0671 0x02c8  clr_optimization_v2.0.50727_32 - ok
02:59:13.0765 0x02c8  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
02:59:13.0781 0x02c8  clr_optimization_v4.0.30319_32 - ok
02:59:13.0796 0x02c8  CmdIde - ok
02:59:13.0812 0x02c8  COMSysApp - ok
02:59:13.0828 0x02c8  Cpqarray - ok
02:59:13.0859 0x02c8  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
02:59:13.0984 0x02c8  CryptSvc - ok
02:59:14.0000 0x02c8  dac2w2k - ok
02:59:14.0015 0x02c8  dac960nt - ok
02:59:14.0046 0x02c8  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
02:59:14.0093 0x02c8  DcomLaunch - ok
02:59:14.0140 0x02c8  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
02:59:14.0281 0x02c8  Dhcp - ok
02:59:14.0296 0x02c8  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
02:59:14.0437 0x02c8  Disk - ok
02:59:14.0437 0x02c8  dmadmin - ok
02:59:14.0500 0x02c8  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
02:59:14.0656 0x02c8  dmboot - ok
02:59:14.0671 0x02c8  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
02:59:14.0812 0x02c8  dmio - ok
02:59:14.0828 0x02c8  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
02:59:15.0000 0x02c8  dmload - ok
02:59:15.0031 0x02c8  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll
02:59:15.0156 0x02c8  dmserver - ok
02:59:15.0171 0x02c8  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
02:59:15.0296 0x02c8  DMusic - ok
02:59:15.0359 0x02c8  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
02:59:15.0390 0x02c8  Dnscache - ok
02:59:15.0437 0x02c8  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
02:59:15.0578 0x02c8  Dot3svc - ok
02:59:15.0578 0x02c8  dpti2o - ok
02:59:15.0593 0x02c8  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
02:59:15.0718 0x02c8  drmkaud - ok
02:59:15.0750 0x02c8  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll
02:59:15.0875 0x02c8  EapHost - ok
02:59:15.0953 0x02c8  [ 63F371F0248E3732A4821F86E6D0E370, 35838070CF9AADF30FD465234DB27BCD8F471513698DC7E738DDB1762DAC3CE4 ] ehRecvr         C:\WINDOWS\eHome\ehRecvr.exe
02:59:16.0000 0x02c8  ehRecvr - ok
02:59:16.0000 0x02c8  [ 16910F8B482919BB6035ED053B691692, 457B65A1831B5F42F9AFF6C9E810B76D421FE57137768B97A965D5E76142A94E ] ehSched         C:\WINDOWS\eHome\ehSched.exe
02:59:16.0062 0x02c8  ehSched - ok
02:59:16.0093 0x02c8  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
02:59:16.0234 0x02c8  ERSvc - ok
02:59:16.0265 0x02c8  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog        C:\WINDOWS\system32\services.exe
02:59:16.0281 0x02c8  Eventlog - ok
02:59:16.0343 0x02c8  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem     C:\WINDOWS\system32\es.dll
02:59:16.0375 0x02c8  EventSystem - ok
02:59:16.0421 0x02c8  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
02:59:16.0562 0x02c8  Fastfat - ok
02:59:16.0593 0x02c8  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
02:59:16.0625 0x02c8  FastUserSwitchingCompatibility - ok
02:59:16.0671 0x02c8  [ E97D6A8684466DF94FF3BC24FB787A07, 89E5A6889E3C5AB9AD3E80FFC16DD608278F3ADC282048B40B60196336A5CBEB ] Fax             C:\WINDOWS\system32\fxssvc.exe
02:59:16.0828 0x02c8  Fax - ok
02:59:16.0843 0x02c8  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
02:59:16.0984 0x02c8  Fdc - ok
02:59:17.0015 0x02c8  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
02:59:17.0140 0x02c8  Fips - ok
02:59:17.0187 0x02c8  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
02:59:17.0328 0x02c8  Flpydisk - ok
02:59:17.0390 0x02c8  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
02:59:17.0531 0x02c8  FltMgr - ok
02:59:17.0609 0x02c8  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
02:59:17.0625 0x02c8  FontCache3.0.0.0 - ok
02:59:17.0671 0x02c8  [ 455F778EE14368468560BD7CB8C854D0, 06FAED65D9949BBD98A4DA8ECE5B24C08646EB6C4E09D84CD32A474B206B180C ] FsVga           C:\WINDOWS\system32\DRIVERS\fsvga.sys
02:59:17.0812 0x02c8  FsVga - ok
02:59:17.0843 0x02c8  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
02:59:17.0968 0x02c8  Fs_Rec - ok
02:59:18.0000 0x02c8  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
02:59:18.0140 0x02c8  Ftdisk - ok
02:59:18.0156 0x02c8  [ 92E8443C7BF5C0137671CDE080655DFC, 759032856687B1684073106D187608225A211C0058A43A17B42B699745F06546 ] ftsata2         C:\WINDOWS\system32\DRIVERS\ftsata2.sys
02:59:18.0187 0x02c8  ftsata2 - ok
02:59:18.0187 0x02c8  [ 6F55305289A0765BD8AE8E8D32F17117, E9AE6270C03CA8C876234723FB087F63A04E1B07028B578EE8D75886736ACD35 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
02:59:18.0218 0x02c8  GEARAspiWDM - ok
02:59:18.0265 0x02c8  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
02:59:18.0406 0x02c8  Gpc - ok
02:59:18.0500 0x02c8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
02:59:18.0515 0x02c8  gupdate - ok
02:59:18.0531 0x02c8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
02:59:18.0546 0x02c8  gupdatem - ok
02:59:18.0609 0x02c8  [ 2A013E7530BEAB6E569FAA83F517E836, 481390EE00AF49BB54B8C885801FCAC0F87F4EF3D935ABBBA42B7C063EFDDB8F ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
02:59:18.0625 0x02c8  HdAudAddService - ok
02:59:18.0687 0x02c8  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
02:59:18.0828 0x02c8  HDAudBus - ok
02:59:18.0906 0x02c8  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
02:59:19.0046 0x02c8  helpsvc - ok
02:59:19.0078 0x02c8  [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ         C:\WINDOWS\System32\hidserv.dll
02:59:19.0203 0x02c8  HidServ - ok
02:59:19.0218 0x02c8  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
02:59:19.0343 0x02c8  HidUsb - ok
02:59:19.0390 0x02c8  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
02:59:19.0546 0x02c8  hkmsvc - ok
02:59:19.0546 0x02c8  hpn - ok
02:59:19.0609 0x02c8  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
02:59:19.0640 0x02c8  HTTP - ok
02:59:19.0671 0x02c8  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
02:59:19.0796 0x02c8  HTTPFilter - ok
02:59:19.0796 0x02c8  i2omgmt - ok
02:59:19.0812 0x02c8  i2omp - ok
02:59:19.0859 0x02c8  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
02:59:19.0984 0x02c8  i8042prt - ok
02:59:20.0062 0x02c8  [ 4007984827E19E6A5B6FAF8532EAEFBA, 7D0A4B5C88C46C68F52D3293CB18077EB582131E2BF28BF4ACE700949B7188CB ] ialm            C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
02:59:20.0140 0x02c8  ialm - ok
02:59:20.0203 0x02c8  [ 79AE2A97C120F282845D854D0F070EA9, 5569785B034777D8A227377E0DC735DEEA6277A31FD60CA6E62AF01F49B3B8FF ] iaStor          C:\WINDOWS\system32\DRIVERS\iaStor.sys
02:59:20.0265 0x02c8  iaStor - ok
02:59:20.0437 0x02c8  [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
02:59:20.0437 0x02c8  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
02:59:20.0437 0x02c8  Detect skipped due to KSN trusted
02:59:20.0437 0x02c8  IDriverT - ok
02:59:20.0562 0x02c8  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
02:59:20.0609 0x02c8  idsvc - ok
02:59:20.0656 0x02c8  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
02:59:20.0812 0x02c8  Imapi - ok
02:59:20.0859 0x02c8  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\system32\imapi.exe
02:59:21.0000 0x02c8  ImapiService - ok
02:59:21.0000 0x02c8  ini910u - ok
02:59:21.0171 0x02c8  [ D87FFA95D630EC8D1482CA25C454846A, 7CA5C18A7A74040F921C0985882102709629EFDFB2107931EBB5D4A478EA6B5F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
02:59:21.0343 0x02c8  IntcAzAudAddService - ok
02:59:21.0375 0x02c8  [ B5466A9250342A7AA0CD1FBA13420678, 87E735C4E8924A883AB692D387A83BCBFAE6E165688336AE7AB488F7CA8D339E ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
02:59:21.0500 0x02c8  IntelIde - ok
02:59:21.0546 0x02c8  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
02:59:21.0671 0x02c8  intelppm - ok
02:59:21.0703 0x02c8  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
02:59:21.0859 0x02c8  Ip6Fw - ok
02:59:21.0890 0x02c8  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
02:59:22.0031 0x02c8  IpFilterDriver - ok
02:59:22.0046 0x02c8  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
02:59:22.0171 0x02c8  IpInIp - ok
02:59:22.0218 0x02c8  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
02:59:22.0343 0x02c8  IpNat - ok
02:59:22.0406 0x02c8  [ 50F2E042C33ED8D11264BE5C4D533C7F, 43D1CEA43BE41AEC765F5A5759857A58A474E663C22484611FC20C7E9C932B09 ] iPodService     C:\Program Files\iPod\bin\iPodService.exe
02:59:22.0421 0x02c8  iPodService - detected UnsignedFile.Multi.Generic ( 1 )
02:59:22.0421 0x02c8  Detect skipped due to KSN trusted
02:59:22.0421 0x02c8  iPodService - ok
02:59:22.0437 0x02c8  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
02:59:22.0578 0x02c8  IPSec - ok
02:59:22.0609 0x02c8  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
02:59:22.0750 0x02c8  IRENUM - ok
02:59:22.0812 0x02c8  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
02:59:22.0953 0x02c8  isapnp - ok
02:59:23.0062 0x02c8  [ BF918C9473D64BBD53C22C47045883F5, 1980726FBFEEE75E4B360B1A4F438CF1ADD929AC21BD5197F740CB8AD8194BD2 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
02:59:23.0093 0x02c8  JavaQuickStarterService - ok
02:59:23.0125 0x02c8  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
02:59:23.0265 0x02c8  Kbdclass - ok
02:59:23.0281 0x02c8  [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
02:59:23.0406 0x02c8  kbdhid - ok
02:59:23.0468 0x02c8  [ 1DB7405CB11CA52F22C911AE9935EEE1, 4C009416862283D600557DC277CF66BD630A96543C24BF8E215675DA53102C5F ] KeyScrambler    C:\WINDOWS\system32\drivers\keyscrambler.sys
02:59:23.0500 0x02c8  KeyScrambler - ok
02:59:23.0515 0x02c8  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
02:59:23.0640 0x02c8  kmixer - ok
02:59:23.0703 0x02c8  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
02:59:23.0718 0x02c8  KSecDD - ok
02:59:23.0765 0x02c8  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
02:59:23.0796 0x02c8  lanmanserver - ok
02:59:23.0843 0x02c8  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
02:59:23.0875 0x02c8  lanmanworkstation - ok
02:59:23.0875 0x02c8  lbrtfdc - ok
02:59:23.0937 0x02c8  [ 00944D59948596721D17510C94CD3E4F, FBD66042DEF6C5E29C3BB46B6A0739137DEC0EF73558A4C70C37CD1B6DDC240F ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
02:59:23.0953 0x02c8  LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
02:59:23.0953 0x02c8  Detect skipped due to KSN trusted
02:59:23.0953 0x02c8  LightScribeService - ok
02:59:24.0000 0x02c8  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
02:59:24.0125 0x02c8  LmHosts - ok
02:59:24.0187 0x02c8  [ 9EE18A5A45552673A67532EA37370377, F3BE11A6393A241FF5E2A73497D9E948EAA59BF4BBA308018EFDDF5CF9CE36C0 ] ltmodem5        C:\WINDOWS\system32\DRIVERS\ltmdmnt.sys
02:59:24.0281 0x02c8  ltmodem5 - ok
02:59:24.0343 0x02c8  [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
02:59:24.0375 0x02c8  MDM - ok
02:59:24.0390 0x02c8  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
02:59:24.0531 0x02c8  Messenger - ok
02:59:24.0578 0x02c8  [ B7521F69C0A9B29D356157229376FB21, A77C89BDC181038DD0F9A8AC0F7164B10EF9C54B0C57D8BAB8BC27932EBF890B ] MHN             C:\WINDOWS\System32\mhn.dll
02:59:24.0593 0x02c8  MHN - detected UnsignedFile.Multi.Generic ( 1 )
02:59:24.0593 0x02c8  Detect skipped due to KSN trusted
02:59:24.0593 0x02c8  MHN - ok
02:59:24.0640 0x02c8  [ 7F2F1D2815A6449D346FCCCBC569FBD6, 1C5A321CE95CE4D9AA2CB5A00E9B7E711521A6BBB25D36F7F49A397C361585C6 ] MHNDRV          C:\WINDOWS\system32\DRIVERS\mhndrv.sys
02:59:24.0656 0x02c8  MHNDRV - detected UnsignedFile.Multi.Generic ( 1 )
02:59:24.0656 0x02c8  MHNDRV ( UnsignedFile.Multi.Generic ) - warning
02:59:24.0656 0x02c8  Force sending object to P2P due to detect: MHNDRV
02:59:24.0671 0x02c8  Object send P2P result: false
02:59:24.0687 0x02c8  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
02:59:24.0812 0x02c8  mnmdd - ok
02:59:24.0843 0x02c8  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
02:59:25.0000 0x02c8  mnmsrvc - ok
02:59:25.0031 0x02c8  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
02:59:25.0171 0x02c8  Modem - ok
02:59:25.0187 0x02c8  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
02:59:25.0328 0x02c8  Mouclass - ok
02:59:25.0375 0x02c8  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
02:59:25.0500 0x02c8  mouhid - ok
02:59:25.0515 0x02c8  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
02:59:25.0640 0x02c8  MountMgr - ok
02:59:25.0656 0x02c8  mraid35x - ok
02:59:25.0671 0x02c8  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
02:59:25.0812 0x02c8  MRxDAV - ok
02:59:25.0859 0x02c8  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
02:59:25.0921 0x02c8  MRxSmb - ok
02:59:25.0968 0x02c8  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
02:59:26.0109 0x02c8  MSDTC - ok
02:59:26.0125 0x02c8  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
02:59:26.0281 0x02c8  Msfs - ok
02:59:26.0281 0x02c8  MSIServer - ok
02:59:26.0328 0x02c8  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
02:59:26.0453 0x02c8  MSKSSRV - ok
02:59:26.0468 0x02c8  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
02:59:26.0593 0x02c8  MSPCLOCK - ok
02:59:26.0593 0x02c8  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
02:59:26.0718 0x02c8  MSPQM - ok
02:59:26.0750 0x02c8  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
02:59:26.0875 0x02c8  mssmbios - ok
02:59:26.0921 0x02c8  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
02:59:26.0937 0x02c8  Mup - ok
02:59:27.0000 0x02c8  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll
02:59:27.0140 0x02c8  napagent - ok
02:59:27.0156 0x02c8  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
02:59:27.0296 0x02c8  NDIS - ok
02:59:27.0343 0x02c8  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
02:59:27.0375 0x02c8  NdisTapi - ok
02:59:27.0390 0x02c8  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
02:59:27.0515 0x02c8  Ndisuio - ok
02:59:27.0531 0x02c8  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
02:59:27.0671 0x02c8  NdisWan - ok
02:59:27.0703 0x02c8  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
02:59:27.0734 0x02c8  NDProxy - ok
02:59:27.0781 0x02c8  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
02:59:27.0906 0x02c8  NetBIOS - ok
02:59:27.0953 0x02c8  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
02:59:28.0078 0x02c8  NetBT - ok
02:59:28.0109 0x02c8  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe
02:59:28.0234 0x02c8  NetDDE - ok
02:59:28.0250 0x02c8  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
02:59:28.0375 0x02c8  NetDDEdsdm - ok
02:59:28.0437 0x02c8  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\system32\lsass.exe
02:59:28.0562 0x02c8  Netlogon - ok
02:59:28.0578 0x02c8  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll
02:59:28.0718 0x02c8  Netman - ok
02:59:28.0765 0x02c8  [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
02:59:28.0796 0x02c8  NetTcpPortSharing - ok
02:59:28.0828 0x02c8  [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
02:59:28.0968 0x02c8  NIC1394 - ok
02:59:29.0000 0x02c8  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla             C:\WINDOWS\System32\mswsock.dll
02:59:29.0031 0x02c8  Nla - ok
02:59:29.0078 0x02c8  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
02:59:29.0218 0x02c8  Npfs - ok
02:59:29.0265 0x02c8  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
02:59:29.0421 0x02c8  Ntfs - ok
02:59:29.0453 0x02c8  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
02:59:29.0578 0x02c8  NtLmSsp - ok
02:59:29.0640 0x02c8  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
02:59:29.0796 0x02c8  NtmsSvc - ok
02:59:29.0828 0x02c8  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
02:59:29.0953 0x02c8  Null - ok
02:59:29.0968 0x02c8  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
02:59:30.0125 0x02c8  NwlnkFlt - ok
02:59:30.0125 0x02c8  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
02:59:30.0265 0x02c8  NwlnkFwd - ok
02:59:30.0328 0x02c8  [ CA33832DF41AFB202EE7AEB05145922F, 9DD0089C2E13C7F81214C3B5A4A61276292052F9BBFEA7FCD0F6AA27815D5F95 ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
02:59:30.0453 0x02c8  ohci1394 - ok
02:59:30.0484 0x02c8  [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
02:59:30.0500 0x02c8  ose - ok
02:59:30.0531 0x02c8  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
02:59:30.0671 0x02c8  Parport - ok
02:59:30.0671 0x02c8  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
02:59:30.0812 0x02c8  PartMgr - ok
02:59:30.0843 0x02c8  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
02:59:30.0984 0x02c8  ParVdm - ok
02:59:31.0000 0x02c8  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
02:59:31.0140 0x02c8  PCI - ok
02:59:31.0156 0x02c8  PCIDump - ok
02:59:31.0156 0x02c8  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
02:59:31.0281 0x02c8  PCIIde - ok
02:59:31.0312 0x02c8  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
02:59:31.0453 0x02c8  Pcmcia - ok
02:59:31.0468 0x02c8  PDCOMP - ok
02:59:31.0468 0x02c8  PDFRAME - ok
02:59:31.0484 0x02c8  PDRELI - ok
02:59:31.0484 0x02c8  PDRFRAME - ok
02:59:31.0500 0x02c8  perc2 - ok
02:59:31.0515 0x02c8  perc2hib - ok
02:59:31.0546 0x02c8  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay        C:\WINDOWS\system32\services.exe
02:59:31.0578 0x02c8  PlugPlay - ok
02:59:31.0593 0x02c8  [ 9D84376931440F3679BEEF2A414FA493, C800227A67C3C10A26114DB54F5390D2A475D36BE65E87CB890A6819B0BB4884 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
02:59:31.0609 0x02c8  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
02:59:31.0609 0x02c8  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
02:59:31.0609 0x02c8  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
02:59:31.0750 0x02c8  PolicyAgent - ok
02:59:31.0781 0x02c8  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
02:59:31.0906 0x02c8  PptpMiniport - ok
02:59:31.0921 0x02c8  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
02:59:32.0046 0x02c8  ProtectedStorage - ok
02:59:32.0093 0x02c8  [ BFFDB363485501A38F0BCA83AEC810DB, FFD5DB5D5C2E088EE5E2A5F586A5DC0CC70E15DA811406465B4940FCE0B61B3A ] Ps2             C:\WINDOWS\system32\DRIVERS\PS2.sys
02:59:32.0125 0x02c8  Ps2 - ok
02:59:32.0140 0x02c8  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
02:59:32.0265 0x02c8  PSched - ok
02:59:32.0296 0x02c8  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
02:59:32.0437 0x02c8  Ptilink - ok
02:59:32.0468 0x02c8  [ 86724469CD077901706854974CD13C3E, 23C6B45928E43AC2893033DFC4265C2C87B3D185CB20553B9EAB818A46FB8C18 ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
02:59:32.0468 0x02c8  PxHelp20 - detected UnsignedFile.Multi.Generic ( 1 )
02:59:32.0468 0x02c8  PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
02:59:32.0468 0x02c8  Force sending object to P2P due to detect: PxHelp20
02:59:32.0468 0x02c8  Object send P2P result: false
02:59:32.0484 0x02c8  ql1080 - ok
02:59:32.0484 0x02c8  Ql10wnt - ok
02:59:32.0500 0x02c8  ql12160 - ok
02:59:32.0515 0x02c8  ql1240 - ok
02:59:32.0515 0x02c8  ql1280 - ok
02:59:32.0531 0x02c8  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
02:59:32.0656 0x02c8  RasAcd - ok
02:59:32.0703 0x02c8  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\WINDOWS\System32\rasauto.dll
02:59:32.0843 0x02c8  RasAuto - ok
02:59:32.0875 0x02c8  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
02:59:33.0015 0x02c8  Rasl2tp - ok
02:59:33.0046 0x02c8  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\WINDOWS\System32\rasmans.dll
02:59:33.0187 0x02c8  RasMan - ok
02:59:33.0187 0x02c8  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
02:59:33.0328 0x02c8  RasPppoe - ok
02:59:33.0375 0x02c8  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
02:59:33.0500 0x02c8  Raspti - ok
02:59:33.0531 0x02c8  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
02:59:33.0656 0x02c8  Rdbss - ok
02:59:33.0671 0x02c8  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
02:59:33.0796 0x02c8  RDPCDD - ok
02:59:33.0828 0x02c8  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
02:59:33.0984 0x02c8  rdpdr - ok
02:59:34.0031 0x02c8  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
02:59:34.0062 0x02c8  RDPWD - ok
02:59:34.0109 0x02c8  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
02:59:34.0250 0x02c8  RDSessMgr - ok
02:59:34.0265 0x02c8  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
02:59:34.0406 0x02c8  redbook - ok
02:59:34.0453 0x02c8  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
02:59:34.0609 0x02c8  RemoteAccess - ok
02:59:34.0640 0x02c8  [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
02:59:34.0781 0x02c8  RemoteRegistry - ok
02:59:34.0796 0x02c8  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\WINDOWS\system32\locator.exe
02:59:34.0968 0x02c8  RpcLocator - ok
02:59:35.0015 0x02c8  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs           C:\WINDOWS\system32\rpcss.dll
02:59:35.0046 0x02c8  RpcSs - ok
02:59:35.0109 0x02c8  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\system32\rsvp.exe
02:59:35.0234 0x02c8  RSVP - ok
02:59:35.0250 0x02c8  [ 7F0413BDD7D53EB4C7A371E7F6F84DF1, 41F9E4EC1204183C4D820AB1B764CC416ECF896BAAFA61DB8EB970BEE1BFEF18 ] RTL8023xp       C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys
02:59:35.0296 0x02c8  RTL8023xp - ok
02:59:35.0343 0x02c8  [ D507C1400284176573224903819FFDA3, DD0BDB2AB39A8A0A300B6D60FB6A7F5BA08C4DB8F59E0A784FB763EA8AD72AB2 ] rtl8139         C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
02:59:35.0406 0x02c8  rtl8139 - ok
02:59:35.0421 0x02c8  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\WINDOWS\system32\lsass.exe
02:59:35.0546 0x02c8  SamSs - ok
02:59:35.0671 0x02c8  [ BBEA4597A37B125C641808EE293BC024, 86F0FFBA4BF9D6E615A5E5279AB216003E86E639BB5DB10B9AEA415A51F2E015 ] SbieDrv         C:\Program Files\Sandboxie\SbieDrv.sys
02:59:35.0687 0x02c8  SbieDrv - ok
02:59:35.0750 0x02c8  [ E80A6EA16ECD1D6F16A5DBDFFC10F253, 646B1BA21FD520F4EBCA2B419FBBF4E51A24D787EC89EA9D2CF5DC6D752E0687 ] SbieSvc         C:\Program Files\Sandboxie\SbieSvc.exe
02:59:35.0765 0x02c8  SbieSvc - ok
02:59:35.0796 0x02c8  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
02:59:35.0937 0x02c8  SCardSvr - ok
02:59:36.0000 0x02c8  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
02:59:36.0156 0x02c8  Schedule - ok
02:59:36.0171 0x02c8  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
02:59:36.0296 0x02c8  Secdrv - ok
02:59:36.0328 0x02c8  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\WINDOWS\System32\seclogon.dll
02:59:36.0468 0x02c8  seclogon - ok
02:59:36.0484 0x02c8  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\WINDOWS\system32\sens.dll
02:59:36.0609 0x02c8  SENS - ok
02:59:36.0625 0x02c8  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] Serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
02:59:36.0750 0x02c8  Serenum - ok
02:59:36.0796 0x02c8  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
02:59:36.0921 0x02c8  Serial - ok
02:59:36.0984 0x02c8  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
02:59:37.0125 0x02c8  Sfloppy - ok
02:59:37.0171 0x02c8  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
02:59:37.0328 0x02c8  SharedAccess - ok
02:59:37.0359 0x02c8  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
02:59:37.0390 0x02c8  ShellHWDetection - ok
02:59:37.0390 0x02c8  Simbad - ok
02:59:37.0406 0x02c8  Sparrow - ok
02:59:37.0453 0x02c8  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
02:59:37.0593 0x02c8  splitter - ok
02:59:37.0640 0x02c8  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
02:59:37.0671 0x02c8  Spooler - ok
02:59:37.0687 0x02c8  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
02:59:37.0828 0x02c8  sr - ok
02:59:37.0890 0x02c8  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\WINDOWS\system32\srsvc.dll
02:59:38.0031 0x02c8  srservice - ok
02:59:38.0062 0x02c8  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
02:59:38.0125 0x02c8  Srv - ok
02:59:38.0171 0x02c8  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
02:59:38.0312 0x02c8  SSDPSRV - ok
02:59:38.0359 0x02c8  [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv          C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
02:59:38.0375 0x02c8  ssmdrv - ok
02:59:38.0406 0x02c8  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
02:59:38.0562 0x02c8  stisvc - ok
02:59:38.0609 0x02c8  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
02:59:38.0750 0x02c8  swenum - ok
02:59:38.0765 0x02c8  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
02:59:38.0890 0x02c8  swmidi - ok
02:59:38.0890 0x02c8  SwPrv - ok
02:59:38.0906 0x02c8  symc810 - ok
02:59:38.0921 0x02c8  symc8xx - ok
02:59:38.0937 0x02c8  sym_hi - ok
02:59:38.0937 0x02c8  sym_u3 - ok
02:59:38.0953 0x02c8  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
02:59:39.0093 0x02c8  sysaudio - ok
02:59:39.0109 0x02c8  [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
02:59:39.0265 0x02c8  SysmonLog - ok
02:59:39.0296 0x02c8  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
02:59:39.0437 0x02c8  TapiSrv - ok
02:59:39.0500 0x02c8  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
02:59:39.0531 0x02c8  Tcpip - ok
02:59:39.0578 0x02c8  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
02:59:39.0718 0x02c8  TDPIPE - ok
02:59:39.0750 0x02c8  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
02:59:39.0890 0x02c8  TDTCP - ok
02:59:39.0921 0x02c8  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
02:59:40.0062 0x02c8  TermDD - ok
02:59:40.0109 0x02c8  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService     C:\WINDOWS\System32\termsrv.dll
02:59:40.0265 0x02c8  TermService - ok
02:59:40.0296 0x02c8  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes          C:\WINDOWS\System32\shsvcs.dll
02:59:40.0328 0x02c8  Themes - ok
02:59:40.0375 0x02c8  [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
02:59:40.0515 0x02c8  TlntSvr - ok
02:59:40.0515 0x02c8  TosIde - ok
02:59:40.0531 0x02c8  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
02:59:40.0671 0x02c8  TrkWks - ok
02:59:40.0703 0x02c8  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
02:59:40.0828 0x02c8  Udfs - ok
02:59:40.0843 0x02c8  ultra - ok
02:59:40.0875 0x02c8  [ AB0A7CA90D9E3D6A193905DC1715DED0, CA764A2B92E727E3398134CD50D5622B4EC387436A3644063DA1D114CE63BD64 ] UMWdf           C:\WINDOWS\system32\wdfmgr.exe
02:59:40.0937 0x02c8  UMWdf - ok
02:59:41.0015 0x02c8  [ BB879DCFD22926EFBEB3298129898CBB, 2A24E6CD5D6E0CEA3082C0699A2371084CC1268B31BC714098EA0D0C11B3AFAC ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
02:59:41.0015 0x02c8  UnlockerDriver5 - detected UnsignedFile.Multi.Generic ( 1 )
02:59:41.0015 0x02c8  UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - warning
02:59:41.0078 0x02c8  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
02:59:41.0250 0x02c8  Update - ok
02:59:41.0312 0x02c8  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        C:\WINDOWS\System32\upnphost.dll
02:59:41.0468 0x02c8  upnphost - ok
02:59:41.0484 0x02c8  [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             C:\WINDOWS\System32\ups.exe
02:59:41.0625 0x02c8  UPS - ok
02:59:41.0671 0x02c8  [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
02:59:41.0687 0x02c8  usbccgp - ok
02:59:41.0734 0x02c8  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
02:59:41.0781 0x02c8  usbehci - ok
02:59:41.0828 0x02c8  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
02:59:41.0953 0x02c8  usbhub - ok
02:59:42.0000 0x02c8  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
02:59:42.0156 0x02c8  usbprint - ok
02:59:42.0171 0x02c8  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
02:59:42.0312 0x02c8  USBSTOR - ok
02:59:42.0312 0x02c8  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
02:59:42.0437 0x02c8  usbuhci - ok
02:59:42.0453 0x02c8  VClone - ok
02:59:42.0468 0x02c8  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
02:59:42.0593 0x02c8  VgaSave - ok
02:59:42.0640 0x02c8  [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2BCDD739CA58CA9 ] ViaIde          C:\WINDOWS\system32\DRIVERS\viaide.sys
02:59:42.0781 0x02c8  ViaIde - ok
02:59:42.0796 0x02c8  [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
02:59:42.0921 0x02c8  VolSnap - ok
02:59:42.0968 0x02c8  [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             C:\WINDOWS\System32\vssvc.exe
02:59:43.0109 0x02c8  VSS - ok
02:59:43.0140 0x02c8  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time         C:\WINDOWS\system32\w32time.dll
02:59:43.0312 0x02c8  W32Time - ok
02:59:43.0328 0x02c8  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
02:59:43.0468 0x02c8  Wanarp - ok
02:59:43.0468 0x02c8  WDICA - ok
02:59:43.0515 0x02c8  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
02:59:43.0640 0x02c8  wdmaud - ok
02:59:43.0656 0x02c8  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       C:\WINDOWS\System32\webclnt.dll
02:59:43.0812 0x02c8  WebClient - ok
02:59:43.0890 0x02c8  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
02:59:44.0031 0x02c8  winmgmt - ok
02:59:44.0078 0x02c8  [ 140EF97B64F560FD78643CAE2CDAD838, 1DEA8005220A3EFEC6E32A7DE4386026CCC1E5328E2FDCB82B1FB335905D1962 ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
02:59:44.0093 0x02c8  WmdmPmSN - ok
02:59:44.0140 0x02c8  [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi             C:\WINDOWS\System32\advapi32.dll
02:59:44.0203 0x02c8  Wmi - ok
02:59:44.0265 0x02c8  [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
02:59:44.0390 0x02c8  WmiApSrv - ok
02:59:44.0515 0x02c8  [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
02:59:44.0578 0x02c8  WPFFontCache_v0400 - ok
02:59:44.0640 0x02c8  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
02:59:44.0796 0x02c8  wscsvc - ok
02:59:44.0812 0x02c8  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
02:59:44.0984 0x02c8  wuauserv - ok
02:59:45.0046 0x02c8  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
02:59:45.0218 0x02c8  WZCSVC - ok
02:59:45.0250 0x02c8  [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
02:59:45.0375 0x02c8  xmlprov - ok
02:59:45.0390 0x02c8  ================ Scan global ===============================
02:59:45.0437 0x02c8  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
02:59:45.0484 0x02c8  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
02:59:45.0500 0x02c8  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
02:59:45.0546 0x02c8  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
02:59:45.0546 0x02c8  [ Global ] - ok
02:59:45.0546 0x02c8  ================ Scan MBR ==================================
02:59:45.0562 0x02c8  [ 0AC6D996BCE152AED9600E6D6B797E2E ] \Device\Harddisk0\DR0
02:59:46.0484 0x02c8  \Device\Harddisk0\DR0 - ok
02:59:46.0484 0x02c8  ================ Scan VBR ==================================
02:59:46.0484 0x02c8  [ F0FFB77DCB91099AC1DD8F8C89C6C16D ] \Device\Harddisk0\DR0\Partition1
02:59:46.0500 0x02c8  \Device\Harddisk0\DR0\Partition1 - ok
02:59:46.0500 0x02c8  [ A66ADCE9276395FCED02804CA9CACE32 ] \Device\Harddisk0\DR0\Partition2
02:59:46.0531 0x02c8  \Device\Harddisk0\DR0\Partition2 - ok
02:59:46.0531 0x02c8  ================ Scan active images ========================
02:59:46.0531 0x02c8  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] C:\WINDOWS\system32\drivers\intelppm.sys
02:59:46.0531 0x02c8  C:\WINDOWS\system32\drivers\intelppm.sys - ok
02:59:46.0546 0x02c8  [ E28726B72C46821A28830E077D39A55B, 66BE8A1055544C8CEBB7125726C1C306A026F3A1764589FCDDF3792076AF891F ] C:\WINDOWS\system32\drivers\videoprt.sys
02:59:46.0546 0x02c8  C:\WINDOWS\system32\drivers\videoprt.sys - ok
02:59:46.0546 0x02c8  [ 4007984827E19E6A5B6FAF8532EAEFBA, 7D0A4B5C88C46C68F52D3293CB18077EB582131E2BF28BF4ACE700949B7188CB ] C:\WINDOWS\system32\drivers\ialmnt5.sys
02:59:46.0546 0x02c8  C:\WINDOWS\system32\drivers\ialmnt5.sys - ok
02:59:46.0562 0x02c8  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] C:\WINDOWS\system32\drivers\hdaudbus.sys
02:59:46.0562 0x02c8  C:\WINDOWS\system32\drivers\hdaudbus.sys - ok
02:59:46.0562 0x02c8  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] C:\WINDOWS\system32\drivers\usbehci.sys
02:59:46.0562 0x02c8  C:\WINDOWS\system32\drivers\usbehci.sys - ok
02:59:46.0578 0x02c8  [ 6DF35CA139C3BC15CC74390ABB114EFE, 5401724E49243625C43B3F9032E592EF43605C2510E809C1D318A7792AB9FBBA ] C:\WINDOWS\system32\drivers\usbport.sys
02:59:46.0578 0x02c8  C:\WINDOWS\system32\drivers\usbport.sys - ok
02:59:46.0578 0x02c8  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] C:\WINDOWS\system32\drivers\usbuhci.sys
02:59:46.0578 0x02c8  C:\WINDOWS\system32\drivers\usbuhci.sys - ok
02:59:46.0593 0x02c8  [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] C:\WINDOWS\system32\drivers\nic1394.sys
02:59:46.0593 0x02c8  C:\WINDOWS\system32\drivers\nic1394.sys - ok
02:59:46.0593 0x02c8  [ 7F0413BDD7D53EB4C7A371E7F6F84DF1, 41F9E4EC1204183C4D820AB1B764CC416ECF896BAAFA61DB8EB970BEE1BFEF18 ] C:\WINDOWS\system32\drivers\Rtlnicxp.sys
02:59:46.0593 0x02c8  C:\WINDOWS\system32\drivers\Rtlnicxp.sys - ok
02:59:46.0593 0x02c8  [ 0753515F78DF7F271A5E61C20BCD36A1, A8D600CD0C592DFB875DE2D4F1AEDB207B80A43CF724051B6552BB6E539E9AFC ] C:\WINDOWS\system32\drivers\ks.sys
02:59:46.0593 0x02c8  C:\WINDOWS\system32\drivers\ks.sys - ok
02:59:46.0625 0x02c8  [ 34F27C7D71F1C49C7D3857F28B42F544, C307405BC92E174BF696F9A5EC844A95AD983AE2C4223C89F445D89A3361A232 ] C:\WINDOWS\system32\drivers\AGRSM.sys
02:59:46.0625 0x02c8  C:\WINDOWS\system32\drivers\AGRSM.sys - ok
02:59:46.0625 0x02c8  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] C:\WINDOWS\system32\drivers\modem.sys
02:59:46.0625 0x02c8  C:\WINDOWS\system32\drivers\modem.sys - ok
02:59:46.0640 0x02c8  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] C:\WINDOWS\system32\drivers\parport.sys
02:59:46.0640 0x02c8  C:\WINDOWS\system32\drivers\parport.sys - ok
02:59:46.0640 0x02c8  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] C:\WINDOWS\system32\drivers\i8042prt.sys
02:59:46.0640 0x02c8  C:\WINDOWS\system32\drivers\i8042prt.sys - ok
02:59:46.0656 0x02c8  [ 1DB7405CB11CA52F22C911AE9935EEE1, 4C009416862283D600557DC277CF66BD630A96543C24BF8E215675DA53102C5F ] C:\WINDOWS\system32\drivers\keyscrambler.sys
02:59:46.0656 0x02c8  C:\WINDOWS\system32\drivers\keyscrambler.sys - ok
02:59:46.0656 0x02c8  [ BFFDB363485501A38F0BCA83AEC810DB, FFD5DB5D5C2E088EE5E2A5F586A5DC0CC70E15DA811406465B4940FCE0B61B3A ] C:\WINDOWS\system32\drivers\PS2.sys
02:59:46.0656 0x02c8  C:\WINDOWS\system32\drivers\PS2.sys - ok
02:59:46.0671 0x02c8  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] C:\WINDOWS\system32\drivers\cdrom.sys
02:59:46.0671 0x02c8  C:\WINDOWS\system32\drivers\cdrom.sys - ok
02:59:46.0671 0x02c8  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] C:\WINDOWS\system32\drivers\imapi.sys
02:59:46.0671 0x02c8  C:\WINDOWS\system32\drivers\imapi.sys - ok
02:59:46.0671 0x02c8  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] C:\WINDOWS\system32\drivers\kbdclass.sys
02:59:46.0687 0x02c8  C:\WINDOWS\system32\drivers\kbdclass.sys - ok
02:59:46.0687 0x02c8  [ 455F778EE14368468560BD7CB8C854D0, 06FAED65D9949BBD98A4DA8ECE5B24C08646EB6C4E09D84CD32A474B206B180C ] C:\WINDOWS\system32\drivers\fsvga.sys
02:59:46.0687 0x02c8  C:\WINDOWS\system32\drivers\fsvga.sys - ok
02:59:46.0687 0x02c8  [ 6F55305289A0765BD8AE8E8D32F17117, E9AE6270C03CA8C876234723FB087F63A04E1B07028B578EE8D75886736ACD35 ] C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
02:59:46.0687 0x02c8  C:\WINDOWS\system32\drivers\GEARAspiWDM.sys - ok
02:59:46.0703 0x02c8  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] C:\WINDOWS\system32\drivers\redbook.sys
02:59:46.0703 0x02c8  C:\WINDOWS\system32\drivers\redbook.sys - ok
02:59:46.0703 0x02c8  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] C:\WINDOWS\system32\drivers\audstub.sys
02:59:46.0703 0x02c8  C:\WINDOWS\system32\drivers\audstub.sys - ok
02:59:46.0718 0x02c8  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] C:\WINDOWS\system32\drivers\ndistapi.sys
02:59:46.0718 0x02c8  C:\WINDOWS\system32\drivers\ndistapi.sys - ok
02:59:46.0718 0x02c8  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] C:\WINDOWS\system32\drivers\ndiswan.sys
02:59:46.0718 0x02c8  C:\WINDOWS\system32\drivers\ndiswan.sys - ok
02:59:46.0734 0x02c8  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] C:\WINDOWS\system32\drivers\rasl2tp.sys
02:59:46.0734 0x02c8  C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
02:59:46.0734 0x02c8  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] C:\WINDOWS\system32\drivers\raspppoe.sys
02:59:46.0734 0x02c8  C:\WINDOWS\system32\drivers\raspppoe.sys - ok
02:59:46.0734 0x02c8  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] C:\WINDOWS\system32\drivers\raspptp.sys
02:59:46.0734 0x02c8  C:\WINDOWS\system32\drivers\raspptp.sys - ok
02:59:46.0750 0x02c8  [ 0539D5E53587F82D1B4FD74C5BE205CF, 9C578FC46AC3B8260258B83C89A33C3D7990B365D7708AEF2296CD235C7D301A ] C:\WINDOWS\system32\drivers\tdi.sys
02:59:46.0750 0x02c8  C:\WINDOWS\system32\drivers\tdi.sys - ok
02:59:46.0750 0x02c8  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] C:\WINDOWS\system32\drivers\msgpc.sys
02:59:46.0750 0x02c8  C:\WINDOWS\system32\drivers\msgpc.sys - ok
02:59:46.0765 0x02c8  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] C:\WINDOWS\system32\drivers\psched.sys
02:59:46.0765 0x02c8  C:\WINDOWS\system32\drivers\psched.sys - ok
02:59:46.0765 0x02c8  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] C:\WINDOWS\system32\drivers\ptilink.sys
02:59:46.0765 0x02c8  C:\WINDOWS\system32\drivers\ptilink.sys - ok
02:59:46.0781 0x02c8  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] C:\WINDOWS\system32\drivers\raspti.sys
02:59:46.0781 0x02c8  C:\WINDOWS\system32\drivers\raspti.sys - ok
02:59:46.0796 0x02c8  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] C:\WINDOWS\system32\drivers\rdpdr.sys
02:59:46.0796 0x02c8  C:\WINDOWS\system32\drivers\rdpdr.sys - ok
02:59:46.0796 0x02c8  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] C:\WINDOWS\system32\drivers\mouclass.sys
02:59:46.0796 0x02c8  C:\WINDOWS\system32\drivers\mouclass.sys - ok
02:59:46.0796 0x02c8  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] C:\WINDOWS\system32\drivers\swenum.sys
02:59:46.0796 0x02c8  C:\WINDOWS\system32\drivers\swenum.sys - ok
02:59:46.0812 0x02c8  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] C:\WINDOWS\system32\drivers\termdd.sys
02:59:46.0812 0x02c8  C:\WINDOWS\system32\drivers\termdd.sys - ok
02:59:46.0812 0x02c8  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] C:\WINDOWS\system32\drivers\update.sys
02:59:46.0812 0x02c8  C:\WINDOWS\system32\drivers\update.sys - ok
02:59:46.0828 0x02c8  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] C:\WINDOWS\system32\drivers\mssmbios.sys
02:59:46.0828 0x02c8  C:\WINDOWS\system32\drivers\mssmbios.sys - ok
02:59:46.0828 0x02c8  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] C:\WINDOWS\system32\drivers\ndproxy.sys
02:59:46.0828 0x02c8  C:\WINDOWS\system32\drivers\ndproxy.sys - ok
02:59:46.0843 0x02c8  [ 6CB08593487F5701D2D2254E693EAFCE, 0518A1FC540C036E6864DA8C01CADE043D4F897D7FCF8C61352865131DEB7414 ] C:\WINDOWS\system32\drivers\drmk.sys
02:59:46.0843 0x02c8  C:\WINDOWS\system32\drivers\drmk.sys - ok
02:59:46.0843 0x02c8  [ E82A496C3961EFC6828B508C310CE98F, E142A0809525B34A376B3063B07B8822930056BBCB886B7CF1D7585BCEC371A0 ] C:\WINDOWS\system32\drivers\portcls.sys
02:59:46.0843 0x02c8  C:\WINDOWS\system32\drivers\portcls.sys - ok
02:59:46.0859 0x02c8  [ D87FFA95D630EC8D1482CA25C454846A, 7CA5C18A7A74040F921C0985882102709629EFDFB2107931EBB5D4A478EA6B5F ] C:\WINDOWS\system32\drivers\RtkHDAud.sys
02:59:46.0859 0x02c8  C:\WINDOWS\system32\drivers\RtkHDAud.sys - ok
02:59:46.0859 0x02c8  [ 04FE5EF6ED4818EC4839EA5C611A6310, 666479AF6789FC5DF2EA8D4B6216FDA9A4998D252F95BD003619D9376B1DC9E7 ] C:\WINDOWS\system32\drivers\usbd.sys
02:59:46.0859 0x02c8  C:\WINDOWS\system32\drivers\usbd.sys - ok
02:59:46.0875 0x02c8  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] C:\WINDOWS\system32\drivers\usbhub.sys
02:59:46.0875 0x02c8  C:\WINDOWS\system32\drivers\usbhub.sys - ok
02:59:46.0875 0x02c8  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] C:\WINDOWS\system32\drivers\sfloppy.sys
02:59:46.0875 0x02c8  C:\WINDOWS\system32\drivers\sfloppy.sys - ok
02:59:46.0875 0x02c8  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] C:\WINDOWS\system32\drivers\cdaudio.sys
02:59:46.0875 0x02c8  C:\WINDOWS\system32\drivers\cdaudio.sys - ok
02:59:46.0890 0x02c8  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] C:\WINDOWS\system32\drivers\beep.sys
02:59:46.0890 0x02c8  C:\WINDOWS\system32\drivers\beep.sys - ok
02:59:46.0890 0x02c8  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] C:\WINDOWS\system32\drivers\fs_rec.sys
02:59:46.0890 0x02c8  C:\WINDOWS\system32\drivers\fs_rec.sys - ok
02:59:46.0906 0x02c8  [ C569EF030B11F896E123A30AC92678DB, F851E99B968BBAB82E3B0D1D2F985AEE1EAD10C3BBACDD02BAB2ACEE57CB048A ] C:\WINDOWS\system32\drivers\hidparse.sys
02:59:46.0906 0x02c8  C:\WINDOWS\system32\drivers\hidparse.sys - ok
02:59:46.0906 0x02c8  [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] C:\WINDOWS\system32\drivers\kbdhid.sys
02:59:46.0906 0x02c8  C:\WINDOWS\system32\drivers\kbdhid.sys - ok
02:59:46.0921 0x02c8  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] C:\WINDOWS\system32\drivers\null.sys
02:59:46.0921 0x02c8  C:\WINDOWS\system32\drivers\null.sys - ok
02:59:46.0921 0x02c8  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] C:\WINDOWS\system32\drivers\mnmdd.sys
02:59:46.0921 0x02c8  C:\WINDOWS\system32\drivers\mnmdd.sys - ok
02:59:46.0937 0x02c8  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] C:\WINDOWS\system32\drivers\vga.sys
02:59:46.0937 0x02c8  C:\WINDOWS\system32\drivers\vga.sys - ok
02:59:46.0937 0x02c8  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] C:\WINDOWS\system32\drivers\msfs.sys
02:59:46.0937 0x02c8  C:\WINDOWS\system32\drivers\msfs.sys - ok
02:59:46.0953 0x02c8  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] C:\WINDOWS\system32\drivers\npfs.sys
02:59:46.0953 0x02c8  C:\WINDOWS\system32\drivers\npfs.sys - ok
02:59:46.0953 0x02c8  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] C:\WINDOWS\system32\drivers\rasacd.sys
02:59:46.0953 0x02c8  C:\WINDOWS\system32\drivers\rasacd.sys - ok
02:59:46.0968 0x02c8  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] C:\WINDOWS\system32\drivers\rdpcdd.sys
02:59:46.0968 0x02c8  C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
02:59:46.0968 0x02c8  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] C:\WINDOWS\system32\drivers\ipsec.sys
02:59:46.0968 0x02c8  C:\WINDOWS\system32\drivers\ipsec.sys - ok
02:59:46.0968 0x02c8  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] C:\WINDOWS\system32\drivers\tcpip.sys
02:59:46.0968 0x02c8  C:\WINDOWS\system32\drivers\tcpip.sys - ok
02:59:46.0984 0x02c8  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] C:\WINDOWS\system32\drivers\ipnat.sys
02:59:46.0984 0x02c8  C:\WINDOWS\system32\drivers\ipnat.sys - ok
02:59:46.0984 0x02c8  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] C:\WINDOWS\system32\drivers\netbt.sys
02:59:46.0984 0x02c8  C:\WINDOWS\system32\drivers\netbt.sys - ok
02:59:47.0000 0x02c8  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] C:\WINDOWS\system32\drivers\afd.sys
02:59:47.0000 0x02c8  C:\WINDOWS\system32\drivers\afd.sys - ok
02:59:47.0000 0x02c8  [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] C:\WINDOWS\system32\drivers\arp1394.sys
02:59:47.0000 0x02c8  C:\WINDOWS\system32\drivers\arp1394.sys - ok
02:59:47.0015 0x02c8  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] C:\WINDOWS\system32\drivers\netbios.sys
02:59:47.0015 0x02c8  C:\WINDOWS\system32\drivers\netbios.sys - ok
02:59:47.0015 0x02c8  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] C:\WINDOWS\system32\drivers\wanarp.sys
02:59:47.0015 0x02c8  C:\WINDOWS\system32\drivers\wanarp.sys - ok
02:59:47.0031 0x02c8  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] C:\WINDOWS\system32\drivers\rdbss.sys
02:59:47.0031 0x02c8  C:\WINDOWS\system32\drivers\rdbss.sys - ok
02:59:47.0031 0x02c8  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] C:\WINDOWS\system32\drivers\serial.sys
02:59:47.0031 0x02c8  C:\WINDOWS\system32\drivers\serial.sys - ok
02:59:47.0046 0x02c8  [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] C:\WINDOWS\system32\drivers\ssmdrv.sys
02:59:47.0046 0x02c8  C:\WINDOWS\system32\drivers\ssmdrv.sys - ok
02:59:47.0046 0x02c8  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
02:59:47.0046 0x02c8  C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
02:59:47.0062 0x02c8  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] C:\WINDOWS\system32\drivers\fips.sys
02:59:47.0062 0x02c8  C:\WINDOWS\system32\drivers\fips.sys - ok
02:59:47.0062 0x02c8  [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] C:\WINDOWS\system32\drivers\avkmgr.sys
02:59:47.0062 0x02c8  C:\WINDOWS\system32\drivers\avkmgr.sys - ok
02:59:47.0078 0x02c8  [ A5674637BCA212D9FE136ADFA04C9857, 95F3632EBB041C539816D285EBE1F379D46A4187379C69D4683D9F4DECBDB80C ] C:\WINDOWS\system32\drivers\avipbb.sys
02:59:47.0078 0x02c8  C:\WINDOWS\system32\drivers\avipbb.sys - ok
02:59:47.0078 0x02c8  [ F8F0D25CA553E39DDE485D8FC7FCCE89, 54DF909101AAEC63234A5C33B51D6689FEF58B943942BFFA9606864F43EC1085 ] C:\WINDOWS\system32\ntdll.dll
02:59:47.0078 0x02c8  C:\WINDOWS\system32\ntdll.dll - ok
02:59:47.0078 0x02c8  [ 5F816C1F539266D2D4C78694239DA0B5, 10BFCCF4EFFC3813A563D528DC5464827BEF10AE21D6B9C1138930228E7047D1 ] C:\WINDOWS\system32\smss.exe
02:59:47.0078 0x02c8  C:\WINDOWS\system32\smss.exe - ok
02:59:47.0093 0x02c8  [ 23043C91A0F9DFB4B9E9F87B680863B4, 318A6F6DB4A1EDE7D3758E324350EA852449ABD2A7BB77004FBC403CF9FFB08B ] C:\WINDOWS\system32\autochk.exe
02:59:47.0093 0x02c8  C:\WINDOWS\system32\autochk.exe - ok
02:59:47.0093 0x02c8  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] C:\WINDOWS\system32\drivers\fastfat.sys
02:59:47.0093 0x02c8  C:\WINDOWS\system32\drivers\fastfat.sys - ok
02:59:47.0109 0x02c8  [ 1AF592532532A402ED7C060F6954004F, 84A55432A7FBBD1B84FF8DD1BD84266747E4A88297BDAA84AAD12F13B848BFF2 ] C:\WINDOWS\system32\drivers\hidclass.sys
02:59:47.0109 0x02c8  C:\WINDOWS\system32\drivers\hidclass.sys - ok
02:59:47.0109 0x02c8  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] C:\WINDOWS\system32\drivers\hidusb.sys
02:59:47.0109 0x02c8  C:\WINDOWS\system32\drivers\hidusb.sys - ok
02:59:47.0125 0x02c8  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] C:\WINDOWS\system32\drivers\mouhid.sys
02:59:47.0125 0x02c8  C:\WINDOWS\system32\drivers\mouhid.sys - ok
02:59:47.0125 0x02c8  [ 9DD07AF82244867CA36681EA2D29CE79, 84926A50CB38C322D1CDFD4C0D5F8FFE3B2EF3080B3401F5D5AE8CBD0A719685 ] C:\WINDOWS\system32\sfcfiles.dll
02:59:47.0125 0x02c8  C:\WINDOWS\system32\sfcfiles.dll - ok
02:59:47.0140 0x02c8  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] C:\WINDOWS\system32\drivers\usbstor.sys
02:59:47.0140 0x02c8  C:\WINDOWS\system32\drivers\usbstor.sys - ok
02:59:47.0140 0x02c8  [ 2F31B7F954BED437F2C75026C65CAF7B, 1F8D6CBB01AD403BC89D1E987012E2F63CDFD9C49F402F358B64B31C13E4DD14 ] C:\WINDOWS\system32\drivers\wmilib.sys
02:59:47.0140 0x02c8  C:\WINDOWS\system32\drivers\wmilib.sys - ok
02:59:47.0156 0x02c8  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] C:\WINDOWS\system32\drivers\atapi.sys
02:59:47.0156 0x02c8  C:\WINDOWS\system32\drivers\atapi.sys - ok
02:59:47.0156 0x02c8  [ FE97D0343ACFDEBDD578FC67CC91FA87, FE26FBA13079189EF96A1C994036EA472A4BF34FA14C163C693AD481BF31E676 ] C:\WINDOWS\system32\drivers\dxapi.sys
02:59:47.0156 0x02c8  C:\WINDOWS\system32\drivers\dxapi.sys - ok
02:59:47.0156 0x02c8  [ 9A10AACBFDC4922715375FB4065EC930, E407953587C04F75DDB163420A5121FF520D31F74753D452E316042C42D360CF ] C:\WINDOWS\system32\watchdog.sys
02:59:47.0156 0x02c8  C:\WINDOWS\system32\watchdog.sys - ok
02:59:47.0171 0x02c8  [ 80AAA73D56272FD54DC6DE8643D10E9F, 0DC91699D5AF322C78AF7783CF3D55A1F561219EE32DC8DA186F2255704D52FC ] C:\WINDOWS\system32\win32k.sys
02:59:47.0171 0x02c8  C:\WINDOWS\system32\win32k.sys - ok
02:59:47.0171 0x02c8  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
02:59:47.0171 0x02c8  C:\WINDOWS\system32\basesrv.dll - ok
02:59:47.0187 0x02c8  [ DD40363ABAD230A84C5E2178B11EFA88, E4B406C0B10686CF245EC0053A03424CE1FB8AC7FB3545525F13BB3BC5086FF1 ] C:\WINDOWS\system32\csrsrv.dll
02:59:47.0187 0x02c8  C:\WINDOWS\system32\csrsrv.dll - ok
02:59:47.0187 0x02c8  [ 44F275C64738EA2056E3D9580C23B60F, 5D4B7306E71A44440E7F0B32A373AEC120C01B69F87756589E39EB85C40CD742 ] C:\WINDOWS\system32\csrss.exe
02:59:47.0187 0x02c8  C:\WINDOWS\system32\csrss.exe - ok
02:59:47.0203 0x02c8  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
02:59:47.0203 0x02c8  C:\WINDOWS\system32\winsrv.dll - ok
02:59:47.0203 0x02c8  [ AFFE0B7126A86603D3F49A19A5B7DC46, 63C91B4726F583C1DC1B3F26CC8DC39C519401CF0005F223EE17A363BDBEA22F ] C:\WINDOWS\system32\gdi32.dll
02:59:47.0203 0x02c8  C:\WINDOWS\system32\gdi32.dll - ok
02:59:47.0203 0x02c8  [ 4A45B692D2BAA74124DF57472D5EA2F1, DFC6B595BBADFEF4930CCCF48E9FE55551CF0891571257E3E0A0DE328077A89B ] C:\WINDOWS\system32\kernel32.dll
02:59:47.0203 0x02c8  C:\WINDOWS\system32\kernel32.dll - ok
02:59:47.0218 0x02c8  [ B26B135FF1B9F60C9388B4A7D16F600B, ACD0AE7B4D5F871E148276C6CC4AE3A216E33F67FC78D827C16986E1F945438C ] C:\WINDOWS\system32\user32.dll
02:59:47.0218 0x02c8  C:\WINDOWS\system32\user32.dll - ok
02:59:47.0218 0x02c8  [ 012DF358CEBAA23ACB26D82077820817, FEDD177BD4F0EB589E23AEE20FA9492FA4824478B34B46377C43E3A12F8A96D8 ] C:\WINDOWS\system32\lpk.dll
02:59:47.0218 0x02c8  C:\WINDOWS\system32\lpk.dll - ok
02:59:47.0234 0x02c8  [ 1D845821F5ADB076831DE4C2818F858B, 5F1F18042E6B16BC149F2B0F22ECE3D3668E846C843F016D33C9E6C60E2D64C6 ] C:\WINDOWS\system32\usp10.dll
02:59:47.0234 0x02c8  C:\WINDOWS\system32\usp10.dll - ok
02:59:47.0234 0x02c8  [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] C:\WINDOWS\system32\advapi32.dll
02:59:47.0234 0x02c8  C:\WINDOWS\system32\advapi32.dll - ok
02:59:47.0234 0x02c8  [ 44C164B34A72F29087ECA32411F2ED44, 112761CCEFE8F4B936AC58FF1F13589C0DBA3BE1AC348584D874B65DAB1EDED6 ] C:\WINDOWS\system32\rpcrt4.dll
02:59:47.0234 0x02c8  C:\WINDOWS\system32\rpcrt4.dll - ok
02:59:47.0250 0x02c8  [ AC7280566A7BB85CB3291F04DDC1198E, 7640BC4C28B5D5167A10C4B0DA0FC8C7A255334D4BA11FD3E28A697A5B58583C ] C:\WINDOWS\system32\drivers\dxg.sys
02:59:47.0250 0x02c8  C:\WINDOWS\system32\drivers\dxg.sys - ok
02:59:47.0250 0x02c8  [ A73F5D6705B1D820C19B18782E176EFD, C36486504C3A596FDCA487143F6D3B43C0BEE01321F6F1F3071976556533C419 ] C:\WINDOWS\system32\drivers\dxgthk.sys
02:59:47.0250 0x02c8  C:\WINDOWS\system32\drivers\dxgthk.sys - ok
02:59:47.0265 0x02c8  [ 5357826C8A8DD6A07F17C48BB45BE46E, E081B04F8C8A31951A0ADEC889E6CA4DEED5FF738446D5A5614B11B113000BCA ] C:\WINDOWS\system32\secur32.dll
02:59:47.0265 0x02c8  C:\WINDOWS\system32\secur32.dll - ok
02:59:47.0265 0x02c8  [ 6CF9A1903F8FE3F362F5C0A0CF528D56, CC596CAFB638F5EDB53EA17A9C74A54A79AED394BCF02CDD18AAA56446818818 ] C:\WINDOWS\system32\ialmdnt5.dll
02:59:47.0265 0x02c8  C:\WINDOWS\system32\ialmdnt5.dll - ok
02:59:47.0281 0x02c8  [ 328A02C795EDFAC2794C9D6CD239F6CC, E4CD99915CB12204AB4E86402938B15409676DB699E5608461907EAE11290122 ] C:\WINDOWS\system32\ialmrnt5.dll
02:59:47.0281 0x02c8  C:\WINDOWS\system32\ialmrnt5.dll - ok
02:59:47.0281 0x02c8  [ ECB7591870F8BFB1A4C17B718AD5A4AA, 67E8D218F107F78F9C62999F560E47AEC799E4B4DC4AB3EBC0DC61670BFE3E3D ] C:\WINDOWS\system32\vga.dll
02:59:47.0281 0x02c8  C:\WINDOWS\system32\vga.dll - ok
02:59:47.0296 0x02c8  [ 135024654370523B551CEE7C63588C22, F5E37C841A755F31799605137125E3BADAC896AD28D41896ABAC06B7FB5E5CA7 ] C:\WINDOWS\system32\ialmdev5.dll
02:59:47.0296 0x02c8  C:\WINDOWS\system32\ialmdev5.dll - ok
02:59:47.0296 0x02c8  [ D579B3AB8C18480088244DB1C2BE9D14, 90C8678FF9AA05DC08227DDF0CE0DF949431BB3CC22DDBDFD5DC3F5D4EFED079 ] C:\WINDOWS\system32\ialmdd5.dll
02:59:47.0296 0x02c8  C:\WINDOWS\system32\ialmdd5.dll - ok
02:59:47.0312 0x02c8  [ ED0EF0A136DEC83DF69F04118870003E, 45377CB8E9F0120F836FC8261C711F7DBF7199117AFB3652EBF100D5F0429B1E ] C:\WINDOWS\system32\winlogon.exe
02:59:47.0312 0x02c8  C:\WINDOWS\system32\winlogon.exe - ok
02:59:47.0312 0x02c8  [ 714705F29A917993536A6AB2DEDB0B7F, 5C3EA97044A7AF8027000DFA40901C0097EC935A7149C0A46AA2C6A2F9FD6CC1 ] C:\WINDOWS\system32\authz.dll
02:59:47.0312 0x02c8  C:\WINDOWS\system32\authz.dll - ok
02:59:47.0312 0x02c8  [ 355EDBB4D412B01F1740C17E3F50FA00, 8619D345C864CD8EA704EFAA0A391F5F31AA56BB6D30F62FC60F465873CC1BF9 ] C:\WINDOWS\system32\msvcrt.dll
02:59:47.0312 0x02c8  C:\WINDOWS\system32\msvcrt.dll - ok
02:59:47.0328 0x02c8  [ 636DF3FF20A1B69B3F9D21325E7115C7, 6B38CF96E92273995F40B6D7029D20B4041342D6EDD5B6CA73967A401823D4F5 ] C:\WINDOWS\system32\crypt32.dll
02:59:47.0328 0x02c8  C:\WINDOWS\system32\crypt32.dll - ok
02:59:47.0328 0x02c8  [ 04D898830DF96A17A20FD35D7590F87E, 09C75D1D434FF6BBE9B3F5E0A8E63944ACB34E364C4A89676DED2204DBD1AEF5 ] C:\WINDOWS\system32\msasn1.dll
02:59:47.0328 0x02c8  C:\WINDOWS\system32\msasn1.dll - ok
02:59:47.0343 0x02c8  [ 013C1148C1EC025596896E093F60F608, E19D20E0852372ED7DA66939E995F8F7ECC52ED5B650E8B833944788C0A34F61 ] C:\WINDOWS\system32\nddeapi.dll
02:59:47.0343 0x02c8  C:\WINDOWS\system32\nddeapi.dll - ok
02:59:47.0343 0x02c8  [ FCFA1C55971CC229D353B3A15ACCD995, 6C21D6EAD676AF8C100666261CE7AA5AA86671883B78092AD61008234C96BBBA ] C:\WINDOWS\system32\profmap.dll
02:59:47.0343 0x02c8  C:\WINDOWS\system32\profmap.dll - ok
02:59:47.0359 0x02c8  [ CAC752BF84DB4666ED3CE0948E6EA937, C84F9D57C076DE6ACC1720B66147D0CA963C65714593FAFD7FB1FE1F01CC464B ] C:\WINDOWS\system32\netapi32.dll
02:59:47.0359 0x02c8  C:\WINDOWS\system32\netapi32.dll - ok
02:59:47.0359 0x02c8  [ 43D13C80EBEC0135A3611E0F616F179B, 9C5409ECBD2C3B89C80F0A59B96220178E790A7D78967C6281D56EB1965E9ECD ] C:\WINDOWS\system32\userenv.dll
02:59:47.0359 0x02c8  C:\WINDOWS\system32\userenv.dll - ok
02:59:47.0359 0x02c8  [ 9CFCB3CA3D83B4EAA133F0644A2C6F31, CC0A76B55B38183B8C6141C290D1858A9D118333C804784AB305FE76A0FCE775 ] C:\WINDOWS\system32\psapi.dll
02:59:47.0359 0x02c8  C:\WINDOWS\system32\psapi.dll - ok
02:59:47.0375 0x02c8  [ AF11C591F2F4AFF4A6CF699D376F618B, B61C0D1944D5D8F536AB5422017C99773BD89EA59784969E4F8F269BF9EF57C3 ] C:\WINDOWS\system32\regapi.dll
02:59:47.0375 0x02c8  C:\WINDOWS\system32\regapi.dll - ok
02:59:47.0375 0x02c8  [ 24192246760E0E64435522E246B1D6C2, B1C5A16A73250DEA900FF6ECE71F604E2411B4FDFD497564BEB7D867A75640BF ] C:\WINDOWS\system32\setupapi.dll
02:59:47.0375 0x02c8  C:\WINDOWS\system32\setupapi.dll - ok
02:59:47.0390 0x02c8  [ C7CE131408739B0B3A318BE2D0032719, CAEEED45F6BAB22F611B2200DC91E68426F169F5646247893CF3AC7EFDDD07B8 ] C:\WINDOWS\system32\version.dll
02:59:47.0390 0x02c8  C:\WINDOWS\system32\version.dll - ok
02:59:47.0390 0x02c8  [ 430CEB794F6E6EF8AC86958C242366D6, 48066566EDC18654095EAD7F4449CD42B44AD758465A6B36A42B489F32C7E64B ] C:\WINDOWS\system32\winsta.dll
02:59:47.0390 0x02c8  C:\WINDOWS\system32\winsta.dll - ok
02:59:47.0406 0x02c8  [ D458B738B4C2CE33174CFB2CE12412DB, C8FCA4B1BE8358B1F14BB25F39899A18804133544701DFCF40E8782C2487C912 ] C:\WINDOWS\system32\wintrust.dll
02:59:47.0406 0x02c8  C:\WINDOWS\system32\wintrust.dll - ok
02:59:47.0406 0x02c8  [ 16E916243BDDBAF44D98E623B2D0CEAD, A1C56AC378EDA9ACBE73342BEE0897E028BDD368288552108FC77A7AA1478690 ] C:\WINDOWS\system32\imagehlp.dll
02:59:47.0406 0x02c8  C:\WINDOWS\system32\imagehlp.dll - ok
02:59:47.0406 0x02c8  [ 0DA85218E92526972A821587E6A8BF8F, 9377F61D4B10974D5962E03F54BB89C8F804883245D61C670E51228AFE4559EB ] C:\WINDOWS\system32\imm32.dll
02:59:47.0421 0x02c8  C:\WINDOWS\system32\imm32.dll - ok
02:59:47.0421 0x02c8  [ 9789E95E1D88EEB4B922BF3EA7779C28, 2D17FD78E71BDB5D51B69DE6B36D7481A7AA3C61EA7636CD71638AF501883A91 ] C:\WINDOWS\system32\ws2help.dll
02:59:47.0421 0x02c8  C:\WINDOWS\system32\ws2help.dll - ok
02:59:47.0421 0x02c8  [ 2CCC474EB85CEAA3E1FA1726580A3E5A, 6E99D2FB4997E54E8B1B7D769CF2C0FAE296A6441DC39984850EA26BFEB7E500 ] C:\WINDOWS\system32\ws2_32.dll
02:59:47.0421 0x02c8  C:\WINDOWS\system32\ws2_32.dll - ok
02:59:47.0437 0x02c8  [ 56C5B179FE3308B655EB6208C3256FEC, C70BCE54E5DF47D37C835804EAAEC7C06C1A226EFA2003226BE290D1D552126F ] C:\WINDOWS\system32\kbdus.dll
02:59:47.0437 0x02c8  C:\WINDOWS\system32\kbdus.dll - ok
02:59:47.0437 0x02c8  [ D7B7A57C0E57C836F18CF12A4C62A1CA, 651B16027B4F4B0ED2F827E32B7E66188CDB023DB8C7B1A9A1A44063FB35B9DE ] C:\WINDOWS\system32\msgina.dll
02:59:47.0437 0x02c8  C:\WINDOWS\system32\msgina.dll - ok
02:59:47.0453 0x02c8  [ 93AFB83FBC1F9443CAC722FCA63D73BF, 853C4A03A153F232E5CAF219F7FD732CB82CB62171F077DE737B32169F7832AB ] C:\WINDOWS\system32\comctl32.dll
02:59:47.0453 0x02c8  C:\WINDOWS\system32\comctl32.dll - ok
02:59:47.0453 0x02c8  [ 40B0F98BAD16AD5DEF894E88C3EF8014, 916B7BFC23BB5A3F757160BCF2013A8260D9382EFDE6AADAFC4D297828C71003 ] C:\WINDOWS\system32\odbc32.dll
02:59:47.0453 0x02c8  C:\WINDOWS\system32\odbc32.dll - ok
02:59:47.0468 0x02c8  [ 86987A5000DFA3EBE2275C0456BCF2FE, 31B699E8FD11DD59ADBAE56650C1B7AE80484091B3B6D9015A95F590E2C3EB05 ] C:\WINDOWS\system32\comdlg32.dll
02:59:47.0468 0x02c8  C:\WINDOWS\system32\comdlg32.dll - ok
02:59:47.0468 0x02c8  [ 6843D54BC4A40CC8C5741AF750233D10, D998B54B7D23A986DD14D8BC56169A10EE43267F4F1914FBDD55B6B028993FAC ] C:\WINDOWS\system32\shell32.dll
02:59:47.0468 0x02c8  C:\WINDOWS\system32\shell32.dll - ok
02:59:47.0468 0x02c8  [ C448A248B743F5FB935C787A5D97268B, 26E88FF449F938B218FAED6D8F3F095577216A29D656D17ACEA7F6C16E638BED ] C:\WINDOWS\system32\shlwapi.dll
02:59:47.0468 0x02c8  C:\WINDOWS\system32\shlwapi.dll - ok
02:59:47.0484 0x02c8  [ 694503348B586E99D56C0E30AB5B3EF8, 53A0C2604574058F1520D8F0805F1247B15BB0E00A5B5BAFE027C702D55E5076 ] C:\WINDOWS\system32\sxs.dll
02:59:47.0484 0x02c8  C:\WINDOWS\system32\sxs.dll - ok
02:59:47.0484 0x02c8  [ 736B12B725AEB2B07F0241A9F680CB10, 9EF1406CAEE256117DA8C8904BCB20FB8F9421F02F812B4DC2CE1F16D2B315F2 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
02:59:47.0484 0x02c8  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
02:59:47.0500 0x02c8  [ 6B7C6B32F8E84D56C6260D684019FEA2, A10B4D413452D95B6B4087838F2FCE0B9F42D8C0CBE7A91DC080AE1163FB6D1A ] C:\WINDOWS\system32\odbcint.dll
02:59:47.0500 0x02c8  C:\WINDOWS\system32\odbcint.dll - ok
02:59:47.0500 0x02c8  [ 96E1C926F22EE1BFBAE82901A35F6BF3, 95568F138216FFADCFC4BAE8A12825FFE53F2EA04C5CAC2AD10F65FC0C4E3CDB ] C:\WINDOWS\system32\sfc.dll
02:59:47.0500 0x02c8  C:\WINDOWS\system32\sfc.dll - ok
02:59:47.0515 0x02c8  [ 6B5DB6789177A4FD0DEBC248041D0739, 3E3239C3613CCBB9EE2539D78BC745ED19134E1D3BED88C3D5273796FA2507DA ] C:\WINDOWS\system32\sfc_os.dll
02:59:47.0515 0x02c8  C:\WINDOWS\system32\sfc_os.dll - ok
02:59:47.0515 0x02c8  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] C:\WINDOWS\system32\shsvcs.dll
02:59:47.0515 0x02c8  C:\WINDOWS\system32\shsvcs.dll - ok
02:59:47.0515 0x02c8  [ 59B408E5B8489B0B36A0D783D150EDCC, CB234B25502B0CE0C1E6CFA883FDDF64DAB7A6E50A6AD36CAB3B30A7C872B403 ] C:\WINDOWS\system32\ole32.dll
02:59:47.0515 0x02c8  C:\WINDOWS\system32\ole32.dll - ok
02:59:47.0531 0x02c8  [ CF492D7E9AF1C628B3536D20EF6F5CC7, 3D7A5A5D6B804C0A3F3E7256B3AC19397567700271CABCD7C4C8B51565958BC8 ] C:\WINDOWS\system32\apphelp.dll
02:59:47.0531 0x02c8  C:\WINDOWS\system32\apphelp.dll - ok
02:59:47.0531 0x02c8  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] C:\WINDOWS\system32\lsass.exe
02:59:47.0531 0x02c8  C:\WINDOWS\system32\lsass.exe - ok
02:59:47.0546 0x02c8  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
02:59:47.0546 0x02c8  C:\WINDOWS\system32\services.exe - ok
02:59:47.0546 0x02c8  [ BD31DC6DBE9333C4FBD4BDF0899F2160, 545D83178CCD74C68B72C607201EF9E1C8A5FC26A08288F8D3A77106964D1034 ] C:\WINDOWS\system32\lsasrv.dll
02:59:47.0546 0x02c8  C:\WINDOWS\system32\lsasrv.dll - ok
02:59:47.0562 0x02c8  [ F404830F3CD9BF8F2515E489C0CDA297, 4FFFBBDD04B82623983B8B51E52E113EBF0E32E8328BFD3754B7A299E5673569 ] C:\WINDOWS\system32\msvcp60.dll
02:59:47.0562 0x02c8  C:\WINDOWS\system32\msvcp60.dll - ok
02:59:47.0562 0x02c8  [ EC29A79F1E76DC509E24D401F29D0678, 2CECCD7CE806152F6DD1A6812C7DAEC46FB197E63D14414808D713C829EE4260 ] C:\WINDOWS\system32\ncobjapi.dll
02:59:47.0562 0x02c8  C:\WINDOWS\system32\ncobjapi.dll - ok
02:59:47.0562 0x02c8  [ DD7BD97FB8BD800963789158A5E4B41D, 4C265CB9AC1B8C398E625C1775A5AADD8A030D158B557E24F90CA57C0253FF0D ] C:\WINDOWS\system32\mpr.dll
02:59:47.0562 0x02c8  C:\WINDOWS\system32\mpr.dll - ok
02:59:47.0578 0x02c8  [ B24A42A413E694AD73FDFB7FBD492C31, 52411B5C714ED7FCFF3A120980EB75BF5A64E022303D3E717048E0E44F604AC0 ] C:\WINDOWS\system32\scesrv.dll
02:59:47.0578 0x02c8  C:\WINDOWS\system32\scesrv.dll - ok
02:59:47.0578 0x02c8  [ EC4C0D9BFD9F7E33F8B395AD54E13063, 18E60FF334376604F213F3323FAB81F392493496C6CA809FAD66BB8B0EEB3396 ] C:\WINDOWS\system32\ntdsapi.dll
02:59:47.0578 0x02c8  C:\WINDOWS\system32\ntdsapi.dll - ok
02:59:47.0593 0x02c8  [ 389496118B3B03C2328024AF320132AC, 11F85CA49596CE12B1F80B5BC059B6F5549FC09A43E2C47841A688F2ACEBB8B8 ] C:\WINDOWS\system32\dnsapi.dll
02:59:47.0593 0x02c8  C:\WINDOWS\system32\dnsapi.dll - ok
02:59:47.0593 0x02c8  [ 2EDFC2A8893435723AD80481803C6D5C, CD547E4749EE6466FD4F50CF2EAD37AD993C6BC89068BD51726869D5ADB2AF8E ] C:\WINDOWS\system32\umpnpmgr.dll
02:59:47.0593 0x02c8  C:\WINDOWS\system32\umpnpmgr.dll - ok
02:59:47.0609 0x02c8  [ 0492CF5870F0E616B0C71695A433D162, 47C9FB64A4CF3DF54F664B2B31A834ACF75B504650007E6201546C2D0E44D9C2 ] C:\WINDOWS\system32\wldap32.dll
02:59:47.0609 0x02c8  C:\WINDOWS\system32\wldap32.dll - ok
02:59:47.0609 0x02c8  [ EA9EE60B408878E5F2012F9C783836DB, 354A6660705759C0E767BCD7FB6F1B4371B74784A986431A626DF3793D0421EC ] C:\WINDOWS\AppPatch\acadproc.dll
02:59:47.0609 0x02c8  C:\WINDOWS\AppPatch\acadproc.dll - ok
02:59:47.0609 0x02c8  [ 8329A39D5A402A75A74301D6A62ECDA1, 1947B2B19F2D0C690EC880B5A92F88903D78C6BB6EE47261B3D744B5A863D562 ] C:\WINDOWS\system32\samlib.dll
02:59:47.0609 0x02c8  C:\WINDOWS\system32\samlib.dll - ok
02:59:47.0625 0x02c8  [ F05B8CDB7FE0E55DCCFB1D946CE80064, E59BC2F25EBFF5F0CF459C9B8DEE882ADE227323F4768EBACFCC6784861BF260 ] C:\WINDOWS\system32\samsrv.dll
02:59:47.0625 0x02c8  C:\WINDOWS\system32\samsrv.dll - ok
02:59:47.0625 0x02c8  [ 1F03103598BD817B1078DAB1326DDE11, 0F0D19E67E25E9D2113920166B7326B46BACD22BA08476EC91D9C564AFC1FAF3 ] C:\WINDOWS\system32\shimeng.dll
02:59:47.0625 0x02c8  C:\WINDOWS\system32\shimeng.dll - ok
02:59:47.0640 0x02c8  [ 310C15FD8358B2C4CD7A5B98A112883F, CA656F066373B164A138032F5BF7EF68603EBDB0D49BD4663C99061F47F29085 ] C:\WINDOWS\AppPatch\acgenral.dll
02:59:47.0640 0x02c8  C:\WINDOWS\AppPatch\acgenral.dll - ok
02:59:47.0640 0x02c8  [ 17A1D675C12BBF80CAAC54A4855C41D0, F6185E42180218E932ADFFD63EF78EE8324B816BD57EA217322A46D1D2F47928 ] C:\WINDOWS\system32\cryptdll.dll

Edited by CarrotCakes, 22 March 2015 - 06:25 AM.


#8 CarrotCakes

CarrotCakes
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:55 PM

Posted 22 March 2015 - 06:26 AM

02:59:47.0640 0x02c8  C:\WINDOWS\system32\cryptdll.dll - ok
02:59:47.0656 0x02c8  [ EFF03460E542EEA6B0ABDEC6BF19C897, C2A0DDE6E8B49B152C295E97CFC35557391DEEE5A3A0B1BB4E445C405C716C55 ] C:\WINDOWS\system32\oleaut32.dll
02:59:47.0656 0x02c8  C:\WINDOWS\system32\oleaut32.dll - ok
02:59:47.0656 0x02c8  [ 4A953F13942867BA8FB41F141EC1B80C, BAE05A8CEDA4411324E38DB8A2153A988C6A3FAC8AD7CB27EE14E18FE7C47569 ] C:\WINDOWS\system32\winmm.dll
02:59:47.0656 0x02c8  C:\WINDOWS\system32\winmm.dll - ok
02:59:47.0671 0x02c8  [ 2098AB52BD5316E59AA36F3437B13BE6, C4C9F2CFCAFF91B4A6F68E28EFE12EED216B41F081F8D577597C0634ECE57018 ] C:\WINDOWS\system32\msacm32.dll
02:59:47.0671 0x02c8  C:\WINDOWS\system32\msacm32.dll - ok
02:59:47.0671 0x02c8  [ 7A2CC3719B255E6B5D74396183B7715B, 2C4A2D5B42CFFE42BE72A652D1B0EED43D7EECF7CA3416660A3E0C539AA2AC34 ] C:\WINDOWS\system32\uxtheme.dll
02:59:47.0671 0x02c8  C:\WINDOWS\system32\uxtheme.dll - ok
02:59:47.0671 0x02c8  [ F24B12786D60A17008319E3F2AEE7799, BF916F65D770C61612678171CC184A0BF259992CEC0BF607D26834CE2A234FB3 ] C:\WINDOWS\system32\msapsspc.dll
02:59:47.0687 0x02c8  C:\WINDOWS\system32\msapsspc.dll - ok
02:59:47.0687 0x02c8  [ 3D76DD0CBC536E0F8C45D23ED230BEB2, F74F94525AB7CE1E269452C9E1DD08411A668CFDD94F069C90FC2EE33CB35A12 ] C:\WINDOWS\system32\digest.dll
02:59:47.0687 0x02c8  C:\WINDOWS\system32\digest.dll - ok
02:59:47.0687 0x02c8  [ 7A660EDC0757849DF5F8706FB6E9F740, CA3820507A92EE9AB4EE8E804736FE1795224AE02D396AADB5BFD53223D9B7E2 ] C:\WINDOWS\system32\msvcrt40.dll
02:59:47.0687 0x02c8  C:\WINDOWS\system32\msvcrt40.dll - ok
02:59:47.0703 0x02c8  [ 0F64207B49390C8063C36AE7CBF9C2DB, 52C4A7A38EE11CA247001EB0A3C67BFEB1A09E9AC406486132D5AC38BE3A6A6F ] C:\WINDOWS\system32\schannel.dll
02:59:47.0703 0x02c8  C:\WINDOWS\system32\schannel.dll - ok
02:59:47.0703 0x02c8  [ A4388DF80E52695AE92EE5F3F61F1619, A4B7C6E10B92B5022CA6E8FD9094098614FD63178EA86A7B035EB89B373BF033 ] C:\WINDOWS\system32\msnsspc.dll
02:59:47.0703 0x02c8  C:\WINDOWS\system32\msnsspc.dll - ok
02:59:47.0718 0x02c8  [ 5733177BCF16EE78B99543C9B0AB81EA, 6504D3D665AC8AB27A44F863F9C1A23FF3B68EAC0512F418712CC0D56F739E24 ] C:\WINDOWS\system32\msctfime.ime
02:59:47.0718 0x02c8  C:\WINDOWS\system32\msctfime.ime - ok
02:59:47.0718 0x02c8  [ C6BB1D1500DB4A0E224CB65E6C7E8A80, 32099A486457D1DC3B1269DE9570EE922F118C3BD443FE78ED051DD764EF4DE3 ] C:\WINDOWS\system32\msprivs.dll
02:59:47.0718 0x02c8  C:\WINDOWS\system32\msprivs.dll - ok
02:59:47.0734 0x02c8  [ A525C96C51D55111FDF3BEA9FFFFC7AE, AA5B080E01573B96A37E67F871F97AE975E1E9519EDB16476472AA3FA2144643 ] C:\WINDOWS\system32\kerberos.dll
02:59:47.0734 0x02c8  C:\WINDOWS\system32\kerberos.dll - ok
02:59:47.0734 0x02c8  [ 318FAA70D9B0FB8DD168D4ED628E27B2, 2C407FFDA4A02D4A1CB9592C6FA4293BA31BE8852670436F1187A8107572ED41 ] C:\WINDOWS\system32\atmfd.dll
02:59:47.0734 0x02c8  C:\WINDOWS\system32\atmfd.dll - ok
02:59:47.0750 0x02c8  [ 517561A1113B04E51D936CD018DE1C1F, A5F572C3557705F28F7A465970F0432F55B616EFD208BA0CBDFFBF7A41F07C04 ] C:\WINDOWS\system32\msv1_0.dll
02:59:47.0750 0x02c8  C:\WINDOWS\system32\msv1_0.dll - ok
02:59:47.0750 0x02c8  [ AF07DC9B7CC455629E732340C7B15F3A, 4403503F24FB76AB55D347273319B98BC0955AB3E537FA5ADA498B9AED76484A ] C:\WINDOWS\system32\iphlpapi.dll
02:59:47.0750 0x02c8  C:\WINDOWS\system32\iphlpapi.dll - ok
02:59:47.0750 0x02c8  [ 1B7F071C51B77C272875C3A23E1E4550, 9D6EA6DF4F4A531E35B843CE11AB6BDBEF0C2716773C14660E98038C1F68B7C4 ] C:\WINDOWS\system32\netlogon.dll
02:59:47.0750 0x02c8  C:\WINDOWS\system32\netlogon.dll - ok
02:59:47.0765 0x02c8  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] C:\WINDOWS\system32\w32time.dll
02:59:47.0765 0x02c8  C:\WINDOWS\system32\w32time.dll - ok
02:59:47.0765 0x02c8  [ 54DAE3EA34802B4ED9AE1C6B1209FA56, EEB1FA90DB44C821B371D5F7C323B4F88E843107BBA16DA2ACB124D6A848B257 ] C:\WINDOWS\system32\rsaenh.dll
02:59:47.0765 0x02c8  C:\WINDOWS\system32\rsaenh.dll - ok
02:59:47.0781 0x02c8  [ 3AAF9B35939FF9E58CCD18D41655C2FC, AF7358AB0A507D77569A8D38D2392C224BFBEFD1264C069BBC6C677BC20C6B8B ] C:\WINDOWS\system32\wdigest.dll
02:59:47.0781 0x02c8  C:\WINDOWS\system32\wdigest.dll - ok
02:59:47.0781 0x02c8  [ 02988B904C386B500CD08639C4C20EEA, 66E96045957AABD7F5C364D64DE23A09D4C292C844FA00C45626A8D1EC21F206 ] C:\WINDOWS\system32\winscard.dll
02:59:47.0781 0x02c8  C:\WINDOWS\system32\winscard.dll - ok
02:59:47.0796 0x02c8  [ 0E2735281FBB9A764D5584C2A5DCBA59, B1EFF5D7BFDDFEC3A3E5B2F17A6A0F3F47C344A64AB57E6918B4DEC094FC9444 ] C:\WINDOWS\system32\wtsapi32.dll
02:59:47.0796 0x02c8  C:\WINDOWS\system32\wtsapi32.dll - ok
02:59:47.0796 0x02c8  [ A86BB5E61BF3E39B62AB4C7E7085A084, B88446E007153BB58C5AE867AC3FB4C46618BBAA5A152687201E0E81F881465A ] C:\WINDOWS\system32\scecli.dll
02:59:47.0796 0x02c8  C:\WINDOWS\system32\scecli.dll - ok
02:59:47.0812 0x02c8  [ AF5DA81B19AFA730F1E5246AD81D140A, 532951071F56896A3B5D47874C14D996C8620EA02F87D4BA21B083EC804FB166 ] C:\WINDOWS\system32\drivers\avgntflt.sys
02:59:47.0812 0x02c8  C:\WINDOWS\system32\drivers\avgntflt.sys - ok
02:59:47.0812 0x02c8  [ 27C6D03BCDB8CFEB96B716F3D8BE3E18, 2910EBC692D833D949BFD56059E8106D324A276D5F165F874F3FB1B6C613CDD5 ] C:\WINDOWS\system32\svchost.exe
02:59:47.0812 0x02c8  C:\WINDOWS\system32\svchost.exe - ok
02:59:47.0812 0x02c8  [ 549290DBC280C887681D7652978DBBE0, CA2CA8561F11CDD5FD5D23D9D88A96A7FFE4AF6DFE8CE783B0969B6ED3C4CBF8 ] C:\WINDOWS\system32\ntmarta.dll
02:59:47.0828 0x02c8  C:\WINDOWS\system32\ntmarta.dll - ok
02:59:47.0828 0x02c8  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] C:\WINDOWS\system32\rpcss.dll
02:59:47.0828 0x02c8  C:\WINDOWS\system32\rpcss.dll - ok
02:59:47.0828 0x02c8  [ 16403217AB6FC5C30C14C6B12098AD4B, DEA7C556BA9C91E056E6035E77A793A77E428D493518D1C6F796B003D4F07305 ] C:\WINDOWS\system32\xpsp2res.dll
02:59:47.0828 0x02c8  C:\WINDOWS\system32\xpsp2res.dll - ok
02:59:47.0843 0x02c8  [ 6D4FEB43EE538FC5428CC7F0565AA656, 4091D82537198562F0CA1D032B2D4BEC75101342B7BCA7778FDA2D515300BC36 ] C:\WINDOWS\system32\eventlog.dll
02:59:47.0843 0x02c8  C:\WINDOWS\system32\eventlog.dll - ok
02:59:47.0843 0x02c8  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] C:\WINDOWS\system32\mswsock.dll
02:59:47.0843 0x02c8  C:\WINDOWS\system32\mswsock.dll - ok
02:59:47.0859 0x02c8  [ 3CB32D3B8CBE79899D63280BB7A83CD9, F34DB3B3DD65F0135F1F7005703B824D2C9B17F7A43062F1FFBEC53B3B26EFC3 ] C:\WINDOWS\system32\hnetcfg.dll
02:59:47.0859 0x02c8  C:\WINDOWS\system32\hnetcfg.dll - ok
02:59:47.0859 0x02c8  [ 4E3D06D6E68EEDB52565080F55B460D3, A503BFC29D3936045488EDC1771914EC84BE80E422F772F53D7961F526D707E6 ] C:\WINDOWS\system32\wshtcpip.dll
02:59:47.0859 0x02c8  C:\WINDOWS\system32\wshtcpip.dll - ok
02:59:47.0875 0x02c8  [ 6F9BEF24C578D5D6740E080BEDD6A448, 72426D49BC31488261D226C7D0C98AD11192019E71654F53D1D17183C328CC7C ] C:\WINDOWS\system32\rasadhlp.dll
02:59:47.0875 0x02c8  C:\WINDOWS\system32\rasadhlp.dll - ok
02:59:47.0875 0x02c8  [ D72B9EC3337B247A666F098F3D6B43DE, 4BC52AD1116078B0B313AB6555024302225D6CC03CA428151F78B7C48821489F ] C:\WINDOWS\system32\winrnr.dll
02:59:47.0875 0x02c8  C:\WINDOWS\system32\winrnr.dll - ok
02:59:47.0875 0x02c8  [ B51781EA95B9535EA37CE95C396D6339, 3AC24B6D884A07C6A573ED4A789DFB335F04040B3A8EC045F2025953125E6D62 ] C:\Program Files\Sandboxie\SbieDll.dll
02:59:47.0875 0x02c8  C:\Program Files\Sandboxie\SbieDll.dll - ok
02:59:47.0890 0x02c8  [ E80A6EA16ECD1D6F16A5DBDFFC10F253, 646B1BA21FD520F4EBCA2B419FBBF4E51A24D787EC89EA9D2CF5DC6D752E0687 ] C:\Program Files\Sandboxie\SbieSvc.exe
02:59:47.0890 0x02c8  C:\Program Files\Sandboxie\SbieSvc.exe - ok
02:59:47.0890 0x02c8  [ BBEA4597A37B125C641808EE293BC024, 86F0FFBA4BF9D6E615A5E5279AB216003E86E639BB5DB10B9AEA415A51F2E015 ] C:\Program Files\Sandboxie\SbieDrv.sys
02:59:47.0890 0x02c8  C:\Program Files\Sandboxie\SbieDrv.sys - ok
02:59:47.0906 0x02c8  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] C:\WINDOWS\system32\drivers\ndisuio.sys
02:59:47.0906 0x02c8  C:\WINDOWS\system32\drivers\ndisuio.sys - ok
02:59:47.0906 0x02c8  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] C:\WINDOWS\system32\dhcpcsvc.dll
02:59:47.0906 0x02c8  C:\WINDOWS\system32\dhcpcsvc.dll - ok
02:59:47.0921 0x02c8  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] C:\WINDOWS\system32\dnsrslvr.dll
02:59:47.0921 0x02c8  C:\WINDOWS\system32\dnsrslvr.dll - ok
02:59:47.0921 0x02c8  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] C:\WINDOWS\system32\lmhsvc.dll
02:59:47.0921 0x02c8  C:\WINDOWS\system32\lmhsvc.dll - ok
02:59:47.0921 0x02c8  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] C:\WINDOWS\system32\wzcsvc.dll
02:59:47.0921 0x02c8  C:\WINDOWS\system32\wzcsvc.dll - ok
02:59:47.0937 0x02c8  [ 224FB925C641DA16CEB6D60F40CA4C75, 2DDB3B019D2A22B359C5974DC366EC9B95F4382DB1BF7F1958CFF0EC277895C7 ] C:\WINDOWS\system32\atl.dll
02:59:47.0937 0x02c8  C:\WINDOWS\system32\atl.dll - ok
02:59:47.0937 0x02c8  [ E6EF7BC927D9F8F9BA1584BFC39E0C6F, EC80729BDD250C161B29DA853D45C703CB4844DE185C5665DB0627D9568995AB ] C:\WINDOWS\system32\eapolqec.dll
02:59:47.0937 0x02c8  C:\WINDOWS\system32\eapolqec.dll - ok
02:59:47.0953 0x02c8  [ 876CCF164E08D6B903CD14398E056DD2, 9AC7887F992F20E10EB3ED9B3AEF47B5C840172FA7895531F4EF86D6EA642D0F ] C:\WINDOWS\system32\rtutils.dll
02:59:47.0953 0x02c8  C:\WINDOWS\system32\rtutils.dll - ok
02:59:47.0953 0x02c8  [ 7B0770526801F05D58C51A3DFB87B4BD, 7A2858DD3AE8C26DE88F8CC71E8DC9A8A50C363BA4FB34EE6EE2D81C18845A96 ] C:\WINDOWS\system32\wmi.dll
02:59:47.0953 0x02c8  C:\WINDOWS\system32\wmi.dll - ok
02:59:47.0968 0x02c8  [ 8E2CC37BA87D8F681066E0E9C8A19F73, 90536FD502D92AE4FECE0C250373742D2E8AC9E9BE314070BB28C4A2BEA15508 ] C:\WINDOWS\system32\dot3api.dll
02:59:47.0968 0x02c8  C:\WINDOWS\system32\dot3api.dll - ok
02:59:47.0968 0x02c8  [ F5B754CDEA20BBB3A31E16A776EDE6D6, C5D682FA9B86810C6E3D741E507EDA024C4554BEB5B6A1686F70E109EE9CD746 ] C:\WINDOWS\system32\esent.dll
02:59:47.0968 0x02c8  C:\WINDOWS\system32\esent.dll - ok
02:59:47.0968 0x02c8  [ 8AE93AACC648921BAACB8602991AC4B3, 78292B1BAEE64C997C50B6D907FE623C2EDF937A62D3C3690FA24342180B7AB2 ] C:\WINDOWS\system32\qutil.dll
02:59:47.0968 0x02c8  C:\WINDOWS\system32\qutil.dll - ok
02:59:47.0984 0x02c8  [ F137A0CA70003DB20448D540651FA003, 4D3095FD8431D0839B6EE785A979D005A1035368A152CDC705804E85B7673198 ] C:\WINDOWS\system32\clbcatq.dll
02:59:47.0984 0x02c8  C:\WINDOWS\system32\clbcatq.dll - ok
02:59:47.0984 0x02c8  [ 1280A158C722FA95A80FB7AEBE78FA7D, 9B6E8158E581500C5C417F6453A6414901020123D34FDBC04289750E8B072538 ] C:\WINDOWS\system32\comres.dll
02:59:47.0984 0x02c8  C:\WINDOWS\system32\comres.dll - ok
02:59:48.0000 0x02c8  [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3, 9085384DD71F983E7FD8B6C8F54A3097412DA3C802C813C8AAB1F30558C416D6 ] C:\WINDOWS\system32\cryptui.dll
02:59:48.0000 0x02c8  C:\WINDOWS\system32\cryptui.dll - ok
02:59:48.0000 0x02c8  [ A39BE37C9237DB5F1990D61B268EA555, ABAB9D73DF10D2AC78F00A6C5E5318C4DE166CDF70683408D83D218CB39B7449 ] C:\WINDOWS\system32\rastls.dll
02:59:48.0000 0x02c8  C:\WINDOWS\system32\rastls.dll - ok
02:59:48.0015 0x02c8  [ 8AF91E4B4C1F5338EBE1548117304296, 493F46CB43496B8158924229094374D4531DA32E3C77FF4F86FCB86DEACFB79B ] C:\WINDOWS\system32\wininet.dll
02:59:48.0015 0x02c8  C:\WINDOWS\system32\wininet.dll - ok
02:59:48.0015 0x02c8  [ 10753A3ADC3E39A3B10CC3F08E98E6B4, 99C7B1B04CD593139917ED3D68BEC36C63BCE76663505CB5D026B62AF39BB383 ] C:\WINDOWS\system32\normaliz.dll
02:59:48.0015 0x02c8  C:\WINDOWS\system32\normaliz.dll - ok
02:59:48.0015 0x02c8  [ 1387AB5807E7A29D880699CC733F6AED, 0A3B777546E5F5EBC7914118D0BB32546279AEC726FED05519E0CF8F97DFA039 ] C:\WINDOWS\system32\urlmon.dll
02:59:48.0015 0x02c8  C:\WINDOWS\system32\urlmon.dll - ok
02:59:48.0031 0x02c8  [ 89A1EE0C4046375B4B9E0B010C90C802, 51D54DA31E30487E73B50F482F1A04F273BC812F3AB2C415D09CB44956097E11 ] C:\WINDOWS\system32\iertutil.dll
02:59:48.0031 0x02c8  C:\WINDOWS\system32\iertutil.dll - ok
02:59:48.0031 0x02c8  [ A14D324C50EB71FB480DDD60481D0C04, 15F1EF7CA639AF0B235493DF0934B4C525C3F4E4DEB3310B70EDDF43869BCA4D ] C:\WINDOWS\system32\pstorec.dll
02:59:48.0031 0x02c8  C:\WINDOWS\system32\pstorec.dll - ok
02:59:48.0046 0x02c8  [ 2CDAE321B8E878A278BA2D2FA013060B, 51A382D665EB4A8BD66A3EF9B518DC02D3637318768758AB6F1017E50826CC56 ] C:\WINDOWS\system32\activeds.dll
02:59:48.0046 0x02c8  C:\WINDOWS\system32\activeds.dll - ok
02:59:48.0046 0x02c8  [ 0D84657DBF93DB98673DEFDF2B29E25A, 22105E297D663790BFA1EAE5AC670B283E69FDF2428DEBC596F3EB920E53AFF9 ] C:\WINDOWS\system32\adsldpc.dll
02:59:48.0046 0x02c8  C:\WINDOWS\system32\adsldpc.dll - ok
02:59:48.0062 0x02c8  [ EA5B8BECA3F279C757578CD7F1E95855, 6FA42A9C8A114208BCB1D0A799C43CD07FB0F986495191D58C1BBD150B7B3A90 ] C:\WINDOWS\system32\mprapi.dll
02:59:48.0062 0x02c8  C:\WINDOWS\system32\mprapi.dll - ok
02:59:48.0062 0x02c8  [ 92C4F48B62B0B876194584C3FF09CCB6, B24FF5E8D4F09B8200395B68A20A083E7ED9A29B9E9FB85F42E1A6BBB911D1C4 ] C:\WINDOWS\system32\rasapi32.dll
02:59:48.0062 0x02c8  C:\WINDOWS\system32\rasapi32.dll - ok
02:59:48.0062 0x02c8  [ 4DEF926F6A0545AE486A03C84F2EE482, 2D209061632634D7338C0BBEEE8056E8085BE22FA6974A2CC6BAEDC14CF6F6B1 ] C:\WINDOWS\system32\rasman.dll
02:59:48.0062 0x02c8  C:\WINDOWS\system32\rasman.dll - ok
02:59:48.0078 0x02c8  [ 00AABF131B4823785818DB99A075A313, FF0F24D35325EC246C758C7CF51FDDEF13757DFD7BE5F6F5D51E0DD7C6673686 ] C:\WINDOWS\system32\tapi32.dll
02:59:48.0078 0x02c8  C:\WINDOWS\system32\tapi32.dll - ok
02:59:48.0078 0x02c8  [ C1FAEA15E41F62D7BFA7FBC395C24BA6, 5DAA7F6E1EEA128AEDEDCAF04EB83AED4BCF856BC123BC134E9FA634DC569C0B ] C:\WINDOWS\system32\riched20.dll
02:59:48.0078 0x02c8  C:\WINDOWS\system32\riched20.dll - ok
02:59:48.0093 0x02c8  [ 56CE97FF94B7662A300D359CD6F4D601, D67A792E176AE3394CEB8FEF16F9E56DC614D7D4F58F6B9202E49EFD42BAE9E4 ] C:\WINDOWS\system32\raschap.dll
02:59:48.0093 0x02c8  C:\WINDOWS\system32\raschap.dll - ok
02:59:48.0093 0x02c8  [ 2081A5B5E4ABA206A0A8A1A97DF0FB23, 032B6D1F541F180A2FE619664EF180D3FD748AEF7E311BA925FCED74E7ED4713 ] C:\WINDOWS\system32\logonui.exe
02:59:48.0093 0x02c8  C:\WINDOWS\system32\logonui.exe - ok
02:59:48.0109 0x02c8  [ 515A7FAE2070C2B0242B2353443E2F11, 6121C5613784831F584B50E8DC91BBD7AC58BDB602FE4CDB4B237670B6BB4537 ] C:\WINDOWS\system32\cscdll.dll
02:59:48.0109 0x02c8  C:\WINDOWS\system32\cscdll.dll - ok
02:59:48.0109 0x02c8  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] C:\WINDOWS\system32\schedsvc.dll
02:59:48.0109 0x02c8  C:\WINDOWS\system32\schedsvc.dll - ok
02:59:48.0125 0x02c8  [ E2092F0A1D7ABC243F9C2362483D150D, 50028400D6BA1C5B27BFC9AAC9D41539383F3EC723977CA937715E14094D846A ] C:\WINDOWS\system32\dimsntfy.dll
02:59:48.0125 0x02c8  C:\WINDOWS\system32\dimsntfy.dll - ok
02:59:48.0125 0x02c8  [ 3D41A9326F0376FC73AF961DD23B1FB1, 1242F3B57599675D1E0E26615E206CE3DB15FA6A23BC5D21EB630EE9858EBC7B ] C:\WINDOWS\system32\duser.dll
02:59:48.0125 0x02c8  C:\WINDOWS\system32\duser.dll - ok
02:59:48.0125 0x02c8  [ 2CC34E8BB667EEF78899546E12649196, 5BA2604041BF7C1D580D4D2AEDC7708F9E9B0AF6E0928663E3D9C7297296D721 ] C:\WINDOWS\system32\wlnotify.dll
02:59:48.0125 0x02c8  C:\WINDOWS\system32\wlnotify.dll - ok
02:59:48.0140 0x02c8  [ BD83ABA61E8ACCC8D9FFB869F29418CE, 45ED22E825047A1BE07B017F95FBF965A90602C59E6B110D0C604FBE07DE1562 ] C:\WINDOWS\system32\winspool.drv
02:59:48.0140 0x02c8  C:\WINDOWS\system32\winspool.drv - ok
02:59:48.0140 0x02c8  [ E47E364C96467FD54FA44D59F927C3AB, D48C377A7ACF805C413D4618A099A50BE6724E8996C151B00DEAFD27CA935183 ] C:\WINDOWS\system32\msidle.dll
02:59:48.0140 0x02c8  C:\WINDOWS\system32\msidle.dll - ok
02:59:48.0156 0x02c8  [ AFFC87E2501FCE8F09D4C10BA6421CCF, E63837B281C4AE90A7CBA8E072E07A9A5A2FDD5B15E7FB5C2D7562FE72BE5408 ] C:\WINDOWS\system32\msimg32.dll
02:59:48.0156 0x02c8  C:\WINDOWS\system32\msimg32.dll - ok
02:59:48.0156 0x02c8  [ 20200EE3CFE10E9F0C028D8653BE11C6, 3ACF2110D72509CBA3BF780C5D6D662BAFEEA6CA423BE8B0F97288B953127035 ] C:\WINDOWS\system32\oleacc.dll
02:59:48.0156 0x02c8  C:\WINDOWS\system32\oleacc.dll - ok
02:59:48.0171 0x02c8  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] C:\WINDOWS\system32\spoolsv.exe
02:59:48.0171 0x02c8  C:\WINDOWS\system32\spoolsv.exe - ok
02:59:48.0171 0x02c8  [ E5EDBD51476DB5001ABF5C82AE5C3DD1, 5C97ABF5802A7F886781788FE6107F9F06962F9D704A2A43A03062C9405F56C3 ] C:\WINDOWS\system32\shgina.dll
02:59:48.0171 0x02c8  C:\WINDOWS\system32\shgina.dll - ok
02:59:48.0171 0x02c8  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] C:\WINDOWS\system32\audiosrv.dll
02:59:48.0171 0x02c8  C:\WINDOWS\system32\audiosrv.dll - ok
02:59:48.0187 0x02c8  [ 624D29E2D70F83147A79043FD0024D1D, 8B9D4692529155893E3E73E2CF1B0A36354C7032C9524FDCBC5D57562F7F0342 ] C:\Program Files\Avira\AntiVir Desktop\sched.exe
02:59:48.0187 0x02c8  C:\Program Files\Avira\AntiVir Desktop\sched.exe - ok
02:59:48.0187 0x02c8  [ FD5CABBE52272BD76007B68186EBAF00, 87C42CA155473E4E71857D03497C8CBC28FA8FF7F2C8D72E8A1F39B71078F608 ] C:\Program Files\Avira\AntiVir Desktop\msvcp120.dll
02:59:48.0187 0x02c8  C:\Program Files\Avira\AntiVir Desktop\msvcp120.dll - ok
02:59:48.0203 0x02c8  [ 034CCADC1C073E4216E9466B720F9849, 86E39B5995AF0E042FCDAA85FE2AEFD7C9DDC7AD65E6327BD5E7058BC3AB615F ] C:\Program Files\Avira\AntiVir Desktop\msvcr120.dll
02:59:48.0203 0x02c8  C:\Program Files\Avira\AntiVir Desktop\msvcr120.dll - ok
02:59:48.0203 0x02c8  [ B6E6F3F5B63053D5DC1F4EE32992492F, 089F9C92B677A138BABA4817624E8CA49B7E507B7D6FA0B1A3B4302B354B5C7E ] C:\WINDOWS\system32\dbghelp.dll
02:59:48.0203 0x02c8  C:\WINDOWS\system32\dbghelp.dll - ok
02:59:48.0218 0x02c8  [ 64B3CC85AE8542A95EB5DD1AFEAEAA82, E333A9FC3AFE0AC143A524340A7DB47730C89998EA37E449AD0EFC5A69BC678D ] C:\Program Files\Avira\AntiVir Desktop\grdcore.dll
02:59:48.0218 0x02c8  C:\Program Files\Avira\AntiVir Desktop\grdcore.dll - ok
02:59:48.0218 0x02c8  [ 598547F040B2A498624F950D8E20505B, CB81825ECC9192DA3EC722BBF2F484F1D8D88E9CF4D019DAB74F1A654AFFAA2C ] C:\Program Files\Avira\AntiVir Desktop\scewxmlw.dll
02:59:48.0218 0x02c8  C:\Program Files\Avira\AntiVir Desktop\scewxmlw.dll - ok
02:59:48.0234 0x02c8  [ 5EEE2D08A53D30FADF112DD2B936FCE6, A9AE299FED2BE06682E5B7B18B1D3266CC83A0AE29EFCA9409446C3FE5021D76 ] C:\Program Files\Avira\AntiVir Desktop\cfglib.dll
02:59:48.0234 0x02c8  C:\Program Files\Avira\AntiVir Desktop\cfglib.dll - ok
02:59:48.0234 0x02c8  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] C:\WINDOWS\system32\wkssvc.dll
02:59:48.0234 0x02c8  C:\WINDOWS\system32\wkssvc.dll - ok
02:59:48.0234 0x02c8  [ 2DD7B3D3E9E32DBD5B3B90039ADE6BDD, 6A1CAF1F9D82BB437B045F53DCA0B8E4256782CBF8366697C6798155677E7BDC ] C:\Program Files\Avira\AntiVir Desktop\gpipc.dll
02:59:48.0234 0x02c8  C:\Program Files\Avira\AntiVir Desktop\gpipc.dll - ok
02:59:48.0250 0x02c8  [ 052D8B54FBB847EF8E9358D53540A6D2, DEABD95D227FF570BE613AE4F8C1B0C81906492E6D2C4969BE70ADA6A1BB655F ] C:\Program Files\Avira\AntiVir Desktop\gpgen.dll
02:59:48.0250 0x02c8  C:\Program Files\Avira\AntiVir Desktop\gpgen.dll - ok
02:59:48.0250 0x02c8  [ A7B64447C09D19D13DD24BCC23498FAE, 8DE6FBFC81F585B8BA6CC80603791176C4D31ECE989E3067EB2EB56494F17E70 ] C:\Program Files\Avira\AntiVir Desktop\gpschd.dll
02:59:48.0250 0x02c8  C:\Program Files\Avira\AntiVir Desktop\gpschd.dll - ok
02:59:48.0265 0x02c8  [ 2DE066AFE0F1265AAA38770A08A0CF18, CBDA73E8DFD9C6C5BF145CFADE0856584B891EF5A43AF4DED2D0EEA370898BE7 ] C:\Program Files\Avira\AntiVir Desktop\avevtlog.dll
02:59:48.0265 0x02c8  C:\Program Files\Avira\AntiVir Desktop\avevtlog.dll - ok
02:59:48.0265 0x02c8  [ 82EEF806DCBD7715EC5CC2A3001D3AFA, FAF156FD9C3F1A3707C9B8F59CE3055230DAA0127F0A9B21A728346EDDC25AC2 ] C:\Program Files\Avira\AntiVir Desktop\schedr.dll
02:59:48.0265 0x02c8  C:\Program Files\Avira\AntiVir Desktop\schedr.dll - ok
02:59:48.0265 0x02c8  [ 430ECD581758A5800F813DDB74F66DF8, 7D1F56A51C8F58598E8FF2A3C10FD1796CE779F33F62079DF52FA4A17E5A9E91 ] C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
02:59:48.0265 0x02c8  C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll - ok
02:59:48.0281 0x02c8  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] C:\WINDOWS\system32\drivers\mrxdav.sys
02:59:48.0281 0x02c8  C:\WINDOWS\system32\drivers\mrxdav.sys - ok
02:59:48.0281 0x02c8  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] C:\WINDOWS\system32\webclnt.dll
02:59:48.0281 0x02c8  C:\WINDOWS\system32\webclnt.dll - ok
02:59:48.0296 0x02c8  [ 804B09FA1E3A86E729ABCCA7F30AE53C, 92B1AC945039A0575185AF066BF389A1E5B2DA7778EB181FF9136710F39D0C5A ] C:\WINDOWS\system32\kbdjpn.dll
02:59:48.0296 0x02c8  C:\WINDOWS\system32\kbdjpn.dll - ok
02:59:48.0296 0x02c8  [ 3B479B92A1159A2CFF613B3FAA2AD9CD, D97242F2B7643C856DDF02F0AC0D98028F00E83ADFD77418A5B3A030470E9088 ] C:\WINDOWS\system32\kbd101.dll
02:59:48.0296 0x02c8  C:\WINDOWS\system32\kbd101.dll - ok
02:59:48.0312 0x02c8  [ C33B3ED4BEF24BAC604FF97FF2D97C49, 8A830F3F714CC4BF6242502629633AAFB205188D8DD860C04FB33BC682219D85 ] C:\WINDOWS\system32\kbd106.dll
02:59:48.0312 0x02c8  C:\WINDOWS\system32\kbd106.dll - ok
02:59:48.0312 0x02c8  [ 3FBA2CB69D697D1EF5423F17691CD832, 6ECF4947FF0EC539D727CD27100518B8E6E494A13FE617EED8DCB03589F8D636 ] C:\WINDOWS\system32\kbdnec.dll
02:59:48.0312 0x02c8  C:\WINDOWS\system32\kbdnec.dll - ok
02:59:48.0328 0x02c8  [ 085ED2E391A871C7BAE87E0228B546BA, 15C050965A7377CDE1178A0C28C3E05B16838A1D7DEB1DD190E3C5D58511F5AC ] C:\WINDOWS\system32\cscui.dll
02:59:48.0328 0x02c8  C:\WINDOWS\system32\cscui.dll - ok
02:59:48.0328 0x02c8  [ 50A166237A0FA771261275A405646CC0, CFA9B2C8CDCDB56C27B89593A106AAE211E24D8EA433129A6E9BD2FBF39AB5BB ] C:\WINDOWS\system32\powrprof.dll
02:59:48.0328 0x02c8  C:\WINDOWS\system32\powrprof.dll - ok
02:59:48.0328 0x02c8  [ 6C26DCF01E2A92F183B97D434017268A, 0863B9AE37002CA3E1034A7FBDE80C3D0E4469A4561140EDE42EDD947E61DBD3 ] C:\WINDOWS\system32\dpcdll.dll
02:59:48.0328 0x02c8  C:\WINDOWS\system32\dpcdll.dll - ok
02:59:48.0343 0x02c8  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] C:\WINDOWS\system32\drivers\wdmaud.sys
02:59:48.0343 0x02c8  C:\WINDOWS\system32\drivers\wdmaud.sys - ok
02:59:48.0343 0x02c8  [ 680B56A8B62D1BCF4A0B2AAAD03D88E4, C095D8A3A1CEAD1D78B0EE17B982718CDF4B3FE1F86D9D273875B8C1893C981B ] C:\WINDOWS\system32\wdmaud.drv
02:59:48.0343 0x02c8  C:\WINDOWS\system32\wdmaud.drv - ok
02:59:48.0359 0x02c8  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] C:\WINDOWS\system32\drivers\sysaudio.sys
02:59:48.0359 0x02c8  C:\WINDOWS\system32\drivers\sysaudio.sys - ok
02:59:48.0359 0x02c8  [ A93AEE1928A9D7CE3E16D24EC7380F89, 944CD2135E171AF338352568AA7FE1B8004733A4281395AD6723E0CF43D5F53F ] C:\WINDOWS\system32\userinit.exe
02:59:48.0359 0x02c8  C:\WINDOWS\system32\userinit.exe - ok
02:59:48.0375 0x02c8  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] C:\WINDOWS\system32\drivers\splitter.sys
02:59:48.0375 0x02c8  C:\WINDOWS\system32\drivers\splitter.sys - ok
02:59:48.0375 0x02c8  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] C:\WINDOWS\system32\drivers\aec.sys
02:59:48.0375 0x02c8  C:\WINDOWS\system32\drivers\aec.sys - ok
02:59:48.0390 0x02c8  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] C:\WINDOWS\system32\drivers\swmidi.sys
02:59:48.0390 0x02c8  C:\WINDOWS\system32\drivers\swmidi.sys - ok
02:59:48.0390 0x02c8  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] C:\WINDOWS\system32\drivers\dmusic.sys
02:59:48.0390 0x02c8  C:\WINDOWS\system32\drivers\dmusic.sys - ok
02:59:48.0390 0x02c8  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] C:\WINDOWS\system32\drivers\kmixer.sys
02:59:48.0390 0x02c8  C:\WINDOWS\system32\drivers\kmixer.sys - ok
02:59:48.0406 0x02c8  [ FE2571A8C9FFAB1D45502D6B0BF472AA, 1442FC0180B555BC4F9B97B9A0D7674F75E67A6F61B87A6D690A20AE7D1EF360 ] C:\WINDOWS\system32\xp_eos.exe
02:59:48.0406 0x02c8  C:\WINDOWS\system32\xp_eos.exe - ok
02:59:48.0406 0x02c8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Program Files\Google\Update\GoogleUpdate.exe
02:59:48.0406 0x02c8  C:\Program Files\Google\Update\GoogleUpdate.exe - ok
02:59:48.0421 0x02c8  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] C:\WINDOWS\system32\drivers\drmkaud.sys
02:59:48.0421 0x02c8  C:\WINDOWS\system32\drivers\drmkaud.sys - ok
02:59:48.0421 0x02c8  [ 5C2593649CF4FE6B9ED6F9A734DBF344, DBE8A6B2DAC8F166E08534EBE02D23FF7648E836CFCB507A41F51368CBA01BBE ] C:\Program Files\Google\Update\1.3.26.9\goopdate.dll
02:59:48.0421 0x02c8  C:\Program Files\Google\Update\1.3.26.9\goopdate.dll - ok
02:59:48.0437 0x02c8  [ 12896823FB95BFB3DC9B46BCAEDC9923, 1E675CB7DF214172F7EB0497F7275556038A0D09C6E5A3E6862C5E26885EF455 ] C:\WINDOWS\explorer.exe
02:59:48.0437 0x02c8  C:\WINDOWS\explorer.exe - ok
02:59:48.0437 0x02c8  [ D3F72D50DE53F9F1F55240115AF4D42E, F8831B6B33EE2EE49615AE45A81C8434E154331BEB1E64C491E64C1348314F3C ] C:\WINDOWS\system32\msi.dll
02:59:48.0437 0x02c8  C:\WINDOWS\system32\msi.dll - ok
02:59:48.0453 0x02c8  [ CFCF46EE92BCBE0242AB5677EC5A5860, 6EFD7B46E94FB7B36F588D163BA3444EA644415E2628F575EF211D4466A07140 ] C:\WINDOWS\system32\browseui.dll
02:59:48.0453 0x02c8  C:\WINDOWS\system32\browseui.dll - ok
02:59:48.0453 0x02c8  [ 9A3BD5F55AADFF859539142F6328A66E, B8165F650F0E24D380601D54BC81A84C06D886A6CF995EA6CA63EABCFA75554A ] C:\WINDOWS\system32\msacm32.drv
02:59:48.0453 0x02c8  C:\WINDOWS\system32\msacm32.drv - ok
02:59:48.0453 0x02c8  [ 5C12660A97822F6E61576943B49AAAD6, 621BE8E009DC95A8901F701F529ED98BD8E6D62D272AE0E1FAF69889A4D5633B ] C:\WINDOWS\system32\midimap.dll
02:59:48.0453 0x02c8  C:\WINDOWS\system32\midimap.dll - ok
02:59:48.0468 0x02c8  [ 1786A2F788B6F2E93C8A43D1C253A432, 20895A4A5AD9BDD6E72509361399D787E084057DAD02101F0AFF33BACA4F2E01 ] C:\WINDOWS\system32\shdocvw.dll
02:59:48.0468 0x02c8  C:\WINDOWS\system32\shdocvw.dll - ok
02:59:48.0468 0x02c8  [ 83BB030C71C9727DCFB2737005772C4E, 5E1D6120D29B8E263C615142BB3EBA0C67A08C5431F444B993B0CBC6995D8B72 ] C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe
02:59:48.0468 0x02c8  C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe - ok
02:59:48.0484 0x02c8  [ 4044E880593FE1AC9942190FCE414BE7, 1EBD42F10592D57A2C8562C641461DE5288D9E900FE91A4A1800C9AB9034F2CD ] C:\WINDOWS\system32\mstask.dll
02:59:48.0484 0x02c8  C:\WINDOWS\system32\mstask.dll - ok
02:59:48.0484 0x02c8  [ B4ED498E3BFEE64E952BC44FC6057DB8, 1FB5ABAE69103BF477F704189D75B0395F587234BFE94F9F79961D8FE2CE55AC ] C:\WINDOWS\system32\desk.cpl
02:59:48.0484 0x02c8  C:\WINDOWS\system32\desk.cpl - ok
02:59:48.0500 0x02c8  [ EE9710428FFB95FD3845D41E7148AC31, 5CFBE4B7BCCB136B958E21EACB965E09F7D6CC0CB29DEA9022047809582B1065 ] C:\WINDOWS\system32\themeui.dll
02:59:48.0500 0x02c8  C:\WINDOWS\system32\themeui.dll - ok
02:59:48.0500 0x02c8  [ 912B67BB8249925A5C972FC5839EAE09, 11F9F26C2D5EADD683F9FA4FDC8C25A1FB7EE9D6E3F4419C9DAB8C4E434F1857 ] C:\WINDOWS\system32\actxprxy.dll
02:59:48.0500 0x02c8  C:\WINDOWS\system32\actxprxy.dll - ok
02:59:48.0500 0x02c8  [ 6D778E0F95447E6546553EEEA709D03C, 62ABED7D45040381BBCED97EA7B6C697B418448FD3322FD4BFB2BBFDB6155EB4 ] C:\WINDOWS\system32\cmd.exe
02:59:48.0500 0x02c8  C:\WINDOWS\system32\cmd.exe - ok
02:59:48.0515 0x02c8  [ FA4A79DBB0E3CA56E1F0B1FD372559A8, 87BBE8A70DB7C1E3F3A9F42112D5D3A81645FB23A4120DFB926AF7D089ACA462 ] C:\WINDOWS\system32\ieframe.dll
02:59:48.0515 0x02c8  C:\WINDOWS\system32\ieframe.dll - ok
02:59:48.0515 0x02c8  [ 624D29E2D70F83147A79043FD0024D1D, 8B9D4692529155893E3E73E2CF1B0A36354C7032C9524FDCBC5D57562F7F0342 ] C:\Program Files\Avira\AntiVir Desktop\avguard.exe
02:59:48.0515 0x02c8  C:\Program Files\Avira\AntiVir Desktop\avguard.exe - ok
02:59:48.0531 0x02c8  [ 9C5DAAED3B3C06DBC95228CC407B8B70, E306E5C4A1C0D4B63840E38098B9FF2F4267FA4F519C7841E5A0C25A8DFF96D8 ] C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{AFE1E06C-9755-4D4A-931C-B14EFF5A1971}.exe
02:59:48.0531 0x02c8  C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{AFE1E06C-9755-4D4A-931C-B14EFF5A1971}.exe - ok
02:59:48.0546 0x02c8  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
02:59:48.0546 0x02c8  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
02:59:48.0546 0x02c8  [ E5F7C30EDF0892667933BE879F067D67, E4BA45F4C6C74A0CDE9B12A00C91E2F5EF83536C89C9053DEC507CBB4F130A12 ] C:\WINDOWS\system32\msvcr100_clr0400.dll
02:59:48.0546 0x02c8  C:\WINDOWS\system32\msvcr100_clr0400.dll - ok
02:59:48.0562 0x02c8  [ B58B73590678FDDEBA6A5D63D702E4A5, 31D494E1A3DB194F132495A75C0DA104C1D394B65BF384E9511440E674C39989 ] C:\Program Files\Avira\AntiVir Desktop\gpgrd.dll
02:59:48.0562 0x02c8  C:\Program Files\Avira\AntiVir Desktop\gpgrd.dll - ok
02:59:48.0562 0x02c8  [ CF50A604C4089F7F96B60EA190E953E0, 4B37FEE7C871B7A8FE38C9494239D507100891B08428DE233843F3F5F8416DB2 ] C:\Program Files\Avira\AntiVir Desktop\gpgui.dll
02:59:48.0562 0x02c8  C:\Program Files\Avira\AntiVir Desktop\gpgui.dll - ok
02:59:48.0562 0x02c8  [ 3596D1E5858A5EE4507AEA485F115983, 4C64823D08346991506EA16F326A01811348573A91726E52AD3FB246DC6DAB0F ] C:\Program Files\Avira\AntiVir Desktop\gpgavid.dll
02:59:48.0562 0x02c8  C:\Program Files\Avira\AntiVir Desktop\gpgavid.dll - ok
02:59:48.0578 0x02c8  [ 3004BDF8A58603B25704BAB375827C55, 1195AC97C80A2DB270AB10DC7D228BED1F06E6BB3DF7EDD8D72D414F5BD79939 ] C:\Program Files\Avira\AntiVir Desktop\gplegacy.dll
02:59:48.0578 0x02c8  C:\Program Files\Avira\AntiVir Desktop\gplegacy.dll - ok
02:59:48.0578 0x02c8  [ 17AA58A54C00F1746B8654C050491F43, AADA0D527FB96852998073E58F93710C4B3A25D7D1414BA9F23A28DA3D06B4CD ] C:\WINDOWS\system32\msutb.dll
02:59:48.0578 0x02c8  C:\WINDOWS\system32\msutb.dll - ok
02:59:48.0593 0x02c8  [ 2B97CF818297B3FF223BA7F520231C4B, C4713D4F4139D11B94696F5F755E0D445314083239C502AEA63938F453BA0AFE ] C:\Program Files\Avira\AntiVir Desktop\gpgenrep.dll
02:59:48.0593 0x02c8  C:\Program Files\Avira\AntiVir Desktop\gpgenrep.dll - ok
02:59:48.0593 0x02c8  [ 2ABD1F575B42F25CD72BA3F48902C8DA, 8838F01824C6C230D900210D0E66DC2BC42C166351DC69269EA094F95F1A449A ] C:\Program Files\Avira\AntiVir Desktop\onlcfg.dll
02:59:48.0593 0x02c8  C:\Program Files\Avira\AntiVir Desktop\onlcfg.dll - ok
02:59:48.0609 0x02c8  [ 345E1E8E661C00F53FF59EB5365836A9, C78BF1B52320F2FCBFC1D282D3CDA3688ECCB6E4456268C3BC97B30D80B86815 ] C:\Program Files\Avira\AntiVir Desktop\gavidb.dll
02:59:48.0609 0x02c8  C:\Program Files\Avira\AntiVir Desktop\gavidb.dll - ok
02:59:48.0609 0x02c8  [ E40FCF943127DDC8FD60554B722D762B, 2E7A7C08B56E07D69CB32F335D93F6D2C748EFA2CF4C41102A18C7761A4E9CF0 ] C:\WINDOWS\system32\msctf.dll
02:59:48.0609 0x02c8  C:\WINDOWS\system32\msctf.dll - ok
02:59:48.0625 0x02c8  [ DAB0C99805C7EC712F30E115C20BB4B4, EE831791E0FBB76D6512436855A19B7B3D614E197C7F98E444864469C5026CA2 ] C:\Program Files\Avira\AntiVir Desktop\systemutilities.dll
02:59:48.0625 0x02c8  C:\Program Files\Avira\AntiVir Desktop\systemutilities.dll - ok
02:59:48.0625 0x02c8  [ 684559A03CBC1D05BA120A18B0D8BA5D, 7425F27C8EF8CEF26B071D7FD5FED538C74EF524AEF73E427B1781F3A3C16C42 ] C:\WINDOWS\system32\winhttp.dll
02:59:48.0625 0x02c8  C:\WINDOWS\system32\winhttp.dll - ok
02:59:48.0625 0x02c8  [ 5DD746E37ACBF85D9CF608E621D5472E, 0546BC8679CC1FF098D88B67759667D196A5B9F28FFE336C98649CD70EBFED78 ] C:\Program Files\Avira\AntiVir Desktop\win32apiwrapper.dll
02:59:48.0625 0x02c8  C:\Program Files\Avira\AntiVir Desktop\win32apiwrapper.dll - ok
02:59:48.0640 0x02c8  [ B04DB1F0B2652FCBCCC5FD0C46579F0F, 24D1919B63ED444F5C6629626C239EC78A5BB7A3F29B154FEEA03A6FB8F26148 ] C:\WINDOWS\system32\mscoree.dll
02:59:48.0640 0x02c8  C:\WINDOWS\system32\mscoree.dll - ok
02:59:48.0640 0x02c8  [ 2DC5A8019E2387987905F77C664E4BE2, 32FD8D0D3146A599CFB536955F9E93AA50467B2176A70E481133B61D4BD29AD9 ] C:\WINDOWS\system32\linkinfo.dll
02:59:48.0640 0x02c8  C:\WINDOWS\system32\linkinfo.dll - ok
02:59:48.0656 0x02c8  [ A70A2D85AD143D6BB823C246CEB699A5, D8ED98DC2964A2DAF448893718E6381FBABAB53DD7497266851E0F4221F1B01F ] C:\WINDOWS\system32\ntshrui.dll
02:59:48.0656 0x02c8  C:\WINDOWS\system32\ntshrui.dll - ok
02:59:48.0656 0x02c8  [ D31209573DB3B3138E958E5B4211DDB8, 605D099084BF02C1078E4E07CE052C6D9D71AE4E7975B344AFE919A50A1B95E1 ] C:\Program Files\Avira\AntiVir Desktop\productutilities.dll
02:59:48.0656 0x02c8  C:\Program Files\Avira\AntiVir Desktop\productutilities.dll - ok
02:59:48.0671 0x02c8  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] C:\WINDOWS\system32\cryptsvc.dll
02:59:48.0671 0x02c8  C:\WINDOWS\system32\cryptsvc.dll - ok
02:59:48.0671 0x02c8  [ B714735C12A70171DE28657948FD91F1, DF7BF2D1BEBB016A8CB739EEE2670CF9F44A5CC2319A532E5C3DE0F5AA3AA144 ] C:\WINDOWS\system32\mlang.dll
02:59:48.0671 0x02c8  C:\WINDOWS\system32\mlang.dll - ok
02:59:48.0687 0x02c8  [ 00709952D444EAE14DBBD30D36FBAE0F, A65B57C68F9119940133F6680AF3644866EEBDA5378F9B6AED441FB999B50526 ] C:\WINDOWS\system32\certcli.dll
02:59:48.0687 0x02c8  C:\WINDOWS\system32\certcli.dll - ok
02:59:48.0687 0x02c8  [ 63F371F0248E3732A4821F86E6D0E370, 35838070CF9AADF30FD465234DB27BCD8F471513698DC7E738DDB1762DAC3CE4 ] C:\WINDOWS\ehome\ehRecvr.exe
02:59:48.0687 0x02c8  C:\WINDOWS\ehome\ehRecvr.exe - ok
02:59:48.0703 0x02c8  [ 16910F8B482919BB6035ED053B691692, 457B65A1831B5F42F9AFF6C9E810B76D421FE57137768B97A965D5E76142A94E ] C:\WINDOWS\ehome\ehSched.exe
02:59:48.0703 0x02c8  C:\WINDOWS\ehome\ehSched.exe - ok
02:59:48.0703 0x02c8  [ 029399C1F08C24C4957FA9D4C529ABC9, 2ABC3EFDED646E749B46341CFF188421F3C5387E63CE4AE9AF1A49AFAB959AEB ] C:\WINDOWS\ehome\ehRec.exe
02:59:48.0703 0x02c8  C:\WINDOWS\ehome\ehRec.exe - ok
02:59:48.0718 0x02c8  [ 83BA5E873164A3711B44052F58C8FE9F, 7271ADE7A615E6F33375D23DACC32A8A652AF18CAAF8439F018E32E32E222F5A ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
02:59:48.0718 0x02c8  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
02:59:48.0718 0x02c8  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] C:\WINDOWS\system32\dmserver.dll
02:59:48.0718 0x02c8  C:\WINDOWS\system32\dmserver.dll - ok
02:59:48.0718 0x02c8  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] C:\WINDOWS\system32\ersvc.dll
02:59:48.0718 0x02c8  C:\WINDOWS\system32\ersvc.dll - ok
02:59:48.0734 0x02c8  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] C:\WINDOWS\system32\es.dll
02:59:48.0734 0x02c8  C:\WINDOWS\system32\es.dll - ok
02:59:48.0734 0x02c8  [ 415C6082A9258B03B66D337449B4F58D, AB74707FEA731F1225F12D9A6D58B406C1F4A95F887C5215B2ABB9EDA50CA64B ] C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscorsvr.dll
02:59:48.0734 0x02c8  C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscorsvr.dll - ok
02:59:48.0750 0x02c8  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
02:59:48.0750 0x02c8  C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
02:59:48.0750 0x02c8  [ 7C0731DE9D61265ED81C2FEA800FA8B3, 1F90AF0AEA84493353BC4468DE14522D6676030772DF435B7E3FF8001F43F8F4 ] C:\Program Files\Avira\AntiVir Desktop\rctext.dll
02:59:48.0750 0x02c8  C:\Program Files\Avira\AntiVir Desktop\rctext.dll - ok
02:59:48.0765 0x02c8  [ BF918C9473D64BBD53C22C47045883F5, 1980726FBFEEE75E4B360B1A4F438CF1ADD929AC21BD5197F740CB8AD8194BD2 ] C:\Program Files\Java\jre7\bin\jqs.exe
02:59:48.0765 0x02c8  C:\Program Files\Java\jre7\bin\jqs.exe - ok
02:59:48.0765 0x02c8  [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] C:\WINDOWS\system32\hidserv.dll
02:59:48.0765 0x02c8  C:\WINDOWS\system32\hidserv.dll - ok
02:59:48.0781 0x02c8  [ 8973122796E3B5D6B5900FC186E55FEA, 350120A20F8591C27E68A5903E3175DD3F4F85BA2FF1F8B6E1D3B3758B5B509D ] C:\WINDOWS\system32\hid.dll
02:59:48.0781 0x02c8  C:\WINDOWS\system32\hid.dll - ok
02:59:48.0781 0x02c8  [ 91790D6749EBED90E2C40479C0A91879, 3C267950F13CCE412474C5228FC0E3D8D7F912E82464BD2CE6312A0326F84A80 ] C:\WINDOWS\system32\verclsid.exe
02:59:48.0781 0x02c8  C:\WINDOWS\system32\verclsid.exe - ok
02:59:48.0796 0x02c8  [ BF38660A9125935658CFA3E53FDC7D65, 60C06E0FA4449314DA3A0A87C1A9D9577DF99226F943637E06F61188E5862EFA ] C:\Program Files\Java\jre7\bin\msvcr100.dll
02:59:48.0796 0x02c8  C:\Program Files\Java\jre7\bin\msvcr100.dll - ok
02:59:48.0796 0x02c8  [ 766D9646911A6435B1D7A2DF6FA1653D, 34DFA62D81E400ADF219DAEFE5E4E1B8DB9344C74AE6573910BBC945CE118E5A ] C:\WINDOWS\system32\sbe.dll
02:59:48.0796 0x02c8  C:\WINDOWS\system32\sbe.dll - ok
02:59:48.0812 0x02c8  [ 062F837C1FBDB6A0A75F82EFC2EE8E74, 3C0BFA381CBC2C55B58A8942A7148A6C27E244D26313EFB4708DD5858C689E02 ] C:\WINDOWS\system32\netshell.dll
02:59:48.0812 0x02c8  C:\WINDOWS\system32\netshell.dll - ok
02:59:48.0812 0x02c8  [ C2E173C85478C09ACB1084B015E5CBA7, 9BB7154C99A6BDD1B82C0E802292278C7A44B7EE6A1AF90C828F07602DB4C691 ] C:\WINDOWS\system32\msvidctl.dll
02:59:48.0812 0x02c8  C:\WINDOWS\system32\msvidctl.dll - ok
02:59:48.0812 0x02c8  [ 62CF83A6989312A0DD39BBFFB3D1C166, 05FB7F06444B4958BE3EFC6909614D516BE5FE3929E0F58D2C13C2A211C1F86A ] C:\WINDOWS\system32\pdh.dll
02:59:48.0812 0x02c8  C:\WINDOWS\system32\pdh.dll - ok
02:59:48.0828 0x02c8  [ 369F7B1A4F358B976176556A1A331F36, 65A60C4C5D816D53DDAA208FEEDD4F8C185A77BACB8736EADCAE2F454C8FFC08 ] C:\WINDOWS\system32\odbcbcp.dll
02:59:48.0828 0x02c8  C:\WINDOWS\system32\odbcbcp.dll - ok
02:59:48.0828 0x02c8  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] C:\WINDOWS\system32\srvsvc.dll
02:59:48.0828 0x02c8  C:\WINDOWS\system32\srvsvc.dll - ok
02:59:48.0843 0x02c8  [ 00944D59948596721D17510C94CD3E4F, FBD66042DEF6C5E29C3BB46B6A0739137DEC0EF73558A4C70C37CD1B6DDC240F ] C:\Program Files\Common Files\LightScribe\LSSrvc.exe
02:59:48.0843 0x02c8  C:\Program Files\Common Files\LightScribe\LSSrvc.exe - ok
02:59:48.0843 0x02c8  [ 86F1895AE8C5E8B17D99ECE768A70732, 8094AF5EE310714CAEBCCAEEE7769FFB08048503BA478B879EDFEF5F1A24FEFE ] C:\Program Files\Common Files\LightScribe\msvcr71.dll
02:59:48.0843 0x02c8  C:\Program Files\Common Files\LightScribe\msvcr71.dll - ok
02:59:48.0859 0x02c8  [ ACDAFCD14EC0ECE89198503746A5C147, F90876961B6966915C4A1847F91F45282FFA48140D01503EF9013E774661C4E8 ] C:\WINDOWS\system32\perfos.dll
02:59:48.0859 0x02c8  C:\WINDOWS\system32\perfos.dll - ok
02:59:48.0859 0x02c8  [ 20FD44370267CCD0A64A1B31861C21D2, D98194A17D1C63434EC6449742C10033F1B94D80826B20464519B1DD4DE1DB5F ] C:\WINDOWS\system32\netmsg.dll
02:59:48.0859 0x02c8  C:\WINDOWS\system32\netmsg.dll - ok
02:59:48.0859 0x02c8  [ ABFB673B24A9B3287761D497529FB5B9, FD0DEC392BE1632C33E90981D799DD5C11C9D257F0B1D3190FA32658EB706F0A ] C:\WINDOWS\system32\perfdisk.dll
02:59:48.0859 0x02c8  C:\WINDOWS\system32\perfdisk.dll - ok
02:59:48.0875 0x02c8  [ 9972A6ED4F2388DBFA8E0A96F6F3FDF1, F68E4CDBC879423EA47D763A6768567F5F8063924F13A74239750C13FA8D168A ] C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\msvcr70.dll
02:59:48.0875 0x02c8  C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\msvcr70.dll - ok
02:59:48.0875 0x02c8  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] C:\WINDOWS\system32\drivers\srv.sys
02:59:48.0875 0x02c8  C:\WINDOWS\system32\drivers\srv.sys - ok
02:59:48.0890 0x02c8  [ 561FA2ABB31DFA8FAB762145F81667C2, DF96156F6A548FD6FE5672918DE5AE4509D3C810A57BFFD2A91DE45A3ED5B23B ] C:\Program Files\Common Files\LightScribe\msvcp71.dll
02:59:48.0890 0x02c8  C:\Program Files\Common Files\LightScribe\msvcp71.dll - ok
02:59:48.0890 0x02c8  [ D12582F6022239716ABF3C1C5F4B1477, 9BD586A6D4BFF36127CC2FE66500CA5C6DF1BBA838B7DA7508DD7A8CB36E33DA ] C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\fusion.dll
02:59:48.0890 0x02c8  C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\fusion.dll - ok
02:59:48.0906 0x02c8  [ 61522DDC8E649571E5682E826E8D98E8, 18E0EF4356AAAD88396123D0AA024D33D1D385DEEA48EDED187CB503E77EB265 ] C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscorlib.dll
02:59:48.0906 0x02c8  C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscorlib.dll - ok
02:59:48.0906 0x02c8  [ 235892E493845D64D890163CFEF90E97, 48FC98DD1E5F8F05DE6954FE26C0A448AA9838D7DC716518C715F35E3CFA227D ] C:\WINDOWS\system32\credui.dll
02:59:48.0906 0x02c8  C:\WINDOWS\system32\credui.dll - ok
02:59:48.0921 0x02c8  [ BF107ACF2CDD552AABE14E8C3E62E3FC, 24547C7A4B99AC3B24F60D8B26A5A935FD021C530EB0662A8563097F879620EF ] C:\WINDOWS\system32\quartz.dll
02:59:48.0921 0x02c8  C:\WINDOWS\system32\quartz.dll - ok
02:59:48.0921 0x02c8  [ 4E8F3230BAC8C1CAADF01A8C728E1C5C, 62E73A7D4C58F2E30670F6A72E734B618AF45F60A8CB2177A4D504283F829BE5 ] C:\WINDOWS\system32\dot3dlg.dll
02:59:48.0921 0x02c8  C:\WINDOWS\system32\dot3dlg.dll - ok
02:59:48.0937 0x02c8  [ CA04959077AFE36369D37B3504740C87, CBB90BC35A74EC03DC04CD60DAC966A9FA98DC9EEFB926089DBE7A47D3B710B1 ] C:\WINDOWS\system32\onex.dll
02:59:48.0937 0x02c8  C:\WINDOWS\system32\onex.dll - ok
02:59:48.0937 0x02c8  [ 5DB625E7D095604010CF84DE2D8ACFA6, DEED8055CD1F2E2D898C5C77283B56078414CC7D9FCA6FCF58BA0B66B565E826 ] C:\WINDOWS\system32\eappcfg.dll
02:59:48.0937 0x02c8  C:\WINDOWS\system32\eappcfg.dll - ok
02:59:48.0953 0x02c8  [ ABC4206543450C0666D152F4B65833B8, D78D5E719E7744805DF6DD1D9567E67E11223F4E3B13170E35F27D46FCB6C244 ] C:\WINDOWS\system32\eappprxy.dll
02:59:48.0953 0x02c8  C:\WINDOWS\system32\eappprxy.dll - ok
02:59:48.0953 0x02c8  [ F90137A9897071EDE961A5ABA4EA524F, F3374B4ED84CCEC9F84339EB583001E15B56B1C548C0ADDB462764F6F4F1E884 ] C:\WINDOWS\ehome\ehtray.exe
02:59:48.0953 0x02c8  C:\WINDOWS\ehome\ehtray.exe - ok
02:59:48.0953 0x02c8  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] C:\WINDOWS\system32\drivers\cdfs.sys
02:59:48.0953 0x02c8  C:\WINDOWS\system32\drivers\cdfs.sys - ok
02:59:48.0968 0x02c8  [ CC8915DB4E33E8FB29CA0D2DBF75306E, 6319C0580FFDA989A2726814667C330F6A5C864D34B8C87645DD5A98E7A2C7FB ] C:\WINDOWS\system32\webcheck.dll
02:59:48.0968 0x02c8  C:\WINDOWS\system32\webcheck.dll - ok
02:59:48.0968 0x02c8  [ 50512FC9B7878E3C2C147BC17326A7DB, 670006280CA98213C3A23B442615FD729C83953795619360F9D2988E56A602D7 ] C:\WINDOWS\system32\stobject.dll
02:59:48.0968 0x02c8  C:\WINDOWS\system32\stobject.dll - ok
02:59:48.0984 0x02c8  [ 231A0B0E3BA7ABFE469A8262FAA1FD71, 76F8AE2680438B279081EDFC2728E3785736E82A5C6396AA705BFFFF5C361294 ] C:\WINDOWS\system32\batmeter.dll
02:59:48.0984 0x02c8  C:\WINDOWS\system32\batmeter.dll - ok
02:59:48.0984 0x02c8  [ 9C3B2302B60FB0EFB13BC880A5E3E93E, 16F32AB74A57B521FF431F2C36609DE5F6ABE0DCD3111B4954471DEED700A66B ] C:\WINDOWS\system32\HdAShCut.exe
02:59:48.0984 0x02c8  C:\WINDOWS\system32\HdAShCut.exe - ok
02:59:49.0000 0x02c8  [ 25FA7A6A8E081EAC69CABFD13297A5D0, 18F97CBE023F31DA7E0CF3C618846FC6DE51E0D0C96C3E15DCE69070F7AC6F7B ] C:\WINDOWS\system32\HdAudRes.dll
02:59:49.0000 0x02c8  C:\WINDOWS\system32\HdAudRes.dll - ok
02:59:49.0000 0x02c8  [ EBEF50E931BBFD92033931F0A95E5357, 782C16329198F149693D173B2812947EFD1CB3C46B726CDC540302794CD66E5D ] C:\Program Files\Avira\AntiVir Desktop\avipc.dll
02:59:49.0000 0x02c8  C:\Program Files\Avira\AntiVir Desktop\avipc.dll - ok
02:59:49.0000 0x02c8  [ B143725B8DD8B07AFA4093B1E83F1655, 20F31409A3C9E2C1EB290B1EC98B63213E7A4A490E6C989AF10E923A44100967 ] C:\Program Files\Avira\AntiVir Desktop\avlode.dll
02:59:49.0000 0x02c8  C:\Program Files\Avira\AntiVir Desktop\avlode.dll - ok
02:59:49.0015 0x02c8  [ 409F6851BDAEC9ACCBDDE692D56D5C87, 22244B58BE2E80849D228679707FE6C0C73FDE0548E0EF29B3C3F82205D741CE ] C:\WINDOWS\system32\hkcmd.exe
02:59:49.0015 0x02c8  C:\WINDOWS\system32\hkcmd.exe - ok
02:59:49.0015 0x02c8  [ AA5E22854F56C68148EB3345DBD62970, 441818E5E9F568C4AC7174BCF625ACB63D8837658559949DF468B61125900B96 ] C:\WINDOWS\system32\devenum.dll
02:59:49.0015 0x02c8  C:\WINDOWS\system32\devenum.dll - ok
02:59:49.0031 0x02c8  [ 2D838F01650A630AE7A78C864315FBDC, 74BEBB525374F90889A84682271CFB8E7E5F817B509CD3D45FDD9432A7A70461 ] C:\WINDOWS\system32\igfxpers.exe
02:59:49.0031 0x02c8  C:\WINDOWS\system32\igfxpers.exe - ok
02:59:49.0031 0x02c8  [ 4F113169A2DE985D043A5530987AD6D0, 13804396E930DAFEF342FB179A02C93F4C99A177A2E145E933723FA382763E96 ] C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
02:59:49.0031 0x02c8  C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe - ok
02:59:49.0046 0x02c8  [ 6253BE023C1FD726757741E950515931, DB040311501C746FDB242B645A88F67C32FFB1CFC908BB65BD19FDB1E806FCB5 ] C:\WINDOWS\assembly\NativeImages1_v1.0.3705\mscorlib\1.0.3300.0__b77a5c561934e089_5d146a32\mscorlib.dll
02:59:49.0046 0x02c8  C:\WINDOWS\assembly\NativeImages1_v1.0.3705\mscorlib\1.0.3300.0__b77a5c561934e089_5d146a32\mscorlib.dll - ok
02:59:49.0062 0x02c8  [ F7B1C8EBF40CDE03356CADFF0B3EB4FE, 608A4C5C5144EEDAD6426C190CD5DDA702D6D4C67AF058D21155FC1DFD7AAD8D ] C:\WINDOWS\system32\hccutils.dll
02:59:49.0062 0x02c8  C:\WINDOWS\system32\hccutils.dll - ok
02:59:49.0062 0x02c8  [ 30A086BA3520555B718E77763B1C52C0, 4F121DF4C11CFA53AE5AA4443811FDC12B9490A9E2CFF15B51944F830DA34A05 ] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe
02:59:49.0062 0x02c8  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe - ok
02:59:49.0062 0x02c8  [ 8FED1E0A491D4990853D23F21C59C730, 4BA6C93BFD43BAEB852B5CB9129522C97DDB542D7EF8EE34AECD8CDF1BF0FC38 ] C:\WINDOWS\system32\advpack.dll
02:59:49.0062 0x02c8  C:\WINDOWS\system32\advpack.dll - ok
02:59:49.0078 0x02c8  [ D25C03D04159D462D69F294BA7142BDB, 397B0FE2BB56FFBBF1BD89273802348B3AA102A5725E2CB3670FA89526E6C5EC ] C:\WINDOWS\system32\msdmo.dll
02:59:49.0078 0x02c8  C:\WINDOWS\system32\msdmo.dll - ok
02:59:49.0078 0x02c8  [ 6380625DD0480ED60960A149A087C848, 50D920A3184B431246B38066FB6D6452C90294FCCEB8E2F1F1B7A2743E6C1106 ] C:\hp\bin\cloaker.exe
02:59:49.0078 0x02c8  C:\hp\bin\cloaker.exe - ok
02:59:49.0078 0x02c8  [ 4ABC3BFA7F63BA5A48450D89E83BB370, 8393CD77357D724D1408E31B46E7836DAFD2C5596A3883B1F27A50E00B82F746 ] C:\WINDOWS\system32\igfxsrvc.exe
02:59:49.0078 0x02c8  C:\WINDOWS\system32\igfxsrvc.exe - ok
02:59:49.0093 0x02c8  [ 00D74959943FE92356CA918CD6167681, 37DE0D47F82CD99875D479193BC4309487D4E0B10F402E24AC76FB97E34CFC05 ] C:\WINDOWS\system32\igfxsrvc.dll
02:59:49.0093 0x02c8  C:\WINDOWS\system32\igfxsrvc.dll - ok
02:59:49.0093 0x02c8  [ AB6903C307E5EDD6EF6437351FBE60FA, C319780910A1FD0461EF2F3C697DE43C6330B5FCDC07EB6E378573BF11026C54 ] C:\WINDOWS\system32\igfxdev.dll
02:59:49.0093 0x02c8  C:\WINDOWS\system32\igfxdev.dll - ok
02:59:49.0093 0x02c8  [ 5FD441FA69B135B8891EBF8F2F8631B7, 6827D7F5648E838E60D18304B2B2019CCBA18C9772FDFB2835BB99F4652A1B3F ] C:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe
02:59:49.0093 0x02c8  C:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe - ok
02:59:49.0109 0x02c8  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files\HP\HP Software Update\hpwuschd2.exe
02:59:49.0109 0x02c8  C:\Program Files\HP\HP Software Update\hpwuschd2.exe - ok
02:59:49.0109 0x02c8  [ D09A5F5C4DBD5D4DFF09AB1A69812062, 2282EEA1AAD234A773C46FEA1EF4330E8320FC240BE3E2F5A38C3DF4F09CA947 ] C:\Program Files\Common Files\Real\Update_OB\realsched.exe
02:59:49.0109 0x02c8  C:\Program Files\Common Files\Real\Update_OB\realsched.exe - ok
02:59:49.0109 0x02c8  [ 91833A460FF0E87071A806B622A658EC, 8552707696456C4304D1CDBB0F53F61DE1B5D72F438A0C1AF6CBF388A8E2E00F ] C:\WINDOWS\system32\igfxres.dll
02:59:49.0109 0x02c8  C:\WINDOWS\system32\igfxres.dll - ok
02:59:49.0125 0x02c8  [ 1C22A3866112ED41E1F3684DAE9AD5D2, 621989160B8DCE383242FA844CA63557F7BCD4520335E7EA1AF85E7720A760CA ] C:\WINDOWS\system32\mmcshext.dll
02:59:49.0125 0x02c8  C:\WINDOWS\system32\mmcshext.dll - ok
02:59:49.0125 0x02c8  [ 69B388D8F3085411D00F875FF5CBCAF6, 22F6DCF1E6D1DD28793CCDFE9FC33E737180BB3C5C65BE3BFA9C2522B6B6F66B ] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
02:59:49.0125 0x02c8  C:\Program Files\Avira\AntiVir Desktop\avgnt.exe - ok
02:59:49.0125 0x02c8  [ D3E868700D9B5E3C54B7EED060215CC1, C066B0E63815018D6D345CE5DABD443C5CDA73200601FB51F67C602A4133A2C5 ] C:\WINDOWS\system32\hhsetup.dll
02:59:49.0125 0x02c8  C:\WINDOWS\system32\hhsetup.dll - ok
02:59:49.0140 0x02c8  [ 7BBE4CF421AECC7F0226EDD75F12079F, 8E78FC5E0657DB066F9EBAADEA9AFECB1AAA570DD9C08C7ED42116704D2E379D ] C:\WINDOWS\ime\imjp8_1\imjpmig.exe
02:59:49.0140 0x02c8  C:\WINDOWS\ime\imjp8_1\imjpmig.exe - ok
02:59:49.0140 0x02c8  [ F4F2A4C459DD3AA22DD3984D13B15746, C2D0E285E2333A9C620BE04A5747881AF0D5615DA32226886E659FF31A9761CC ] C:\Program Files\Avira\AntiVir Desktop\mfc120u.dll
02:59:49.0140 0x02c8  C:\Program Files\Avira\AntiVir Desktop\mfc120u.dll - ok
02:59:49.0156 0x02c8  [ E6BB63BBE1BED01769CA87F4DAC286C8, 6D1D7C7365FBF29C92398BC11D5713BC373E372D92C155DA0DBA3B86DD1705F7 ] C:\WINDOWS\ime\imkr6_1\imekrmig.exe
02:59:49.0156 0x02c8  C:\WINDOWS\ime\imkr6_1\imekrmig.exe - ok
02:59:49.0156 0x02c8  [ 1B17E09C1223F6D17336D2DD7A1AF4F4, 06DFAD95007532CCF46D593EEDC2474936614AEDCEA7BF983E36DAD22F850B08 ] C:\WINDOWS\system32\IME\PINTLGNT\IMSCINST.EXE
02:59:49.0156 0x02c8  C:\WINDOWS\system32\IME\PINTLGNT\IMSCINST.EXE - ok
02:59:49.0171 0x02c8  [ 43C917A76F30F8A6AE522BAC0D48695E, 36AF06FD4CD24EDFB18C4E0A7CE38F5C61531C2591C462CAF65BC8E7F015A5CE ] C:\Program Files\Avira\AntiVir Desktop\apcfile.dll
02:59:49.0171 0x02c8  C:\Program Files\Avira\AntiVir Desktop\apcfile.dll - ok
02:59:49.0171 0x02c8  [ DB91946BDFBCD5BB4D8B12C1BCD51624, 789CDAEF6B281431AFCA76691969D372DC56CB6E7510F0D8F6A96D5298633D4F ] C:\Program Files\Avira\AntiVir Desktop\libcurl.dll
02:59:49.0171 0x02c8  C:\Program Files\Avira\AntiVir Desktop\libcurl.dll - ok
02:59:49.0171 0x02c8  [ 024DC0F68DF5FD6AE9DD82DFBAF479D6, FDBF0FD05CFB757C704B22703DF23E05207F14877A4EF52E3032012B6FD0C4E0 ] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
02:59:49.0171 0x02c8  C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE - ok
02:59:49.0187 0x02c8  [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
02:59:49.0187 0x02c8  C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE - ok
02:59:49.0187 0x02c8  [ BB10E34B162FBEAE5636474A79026A0D, 700629C7497ED01E5B7DF99F0D8F56FF30BBA067ED65AC7A0D77B3765C596ECB ] C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
02:59:49.0187 0x02c8  C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe - ok
02:59:49.0203 0x02c8  [ 3706642E75B5AAB16A9CAC0287AF5F7D, A85A2D015C7CB01947658A69E937AD58CCED499F8DF7CB8277974CD4D9CEA0A3 ] C:\Program Files\Common Files\LightScribe\LSCAPI.dll
02:59:49.0203 0x02c8  C:\Program Files\Common Files\LightScribe\LSCAPI.dll - ok
02:59:49.0203 0x02c8  [ 3690C710787D2E44F183DC70BD66290C, 728E327A87C03C09D556FD99F9733685663AE6CB57A378C7196E49EB0D57E256 ] C:\Program Files\Common Files\LightScribe\LSLog.dll
02:59:49.0203 0x02c8  C:\Program Files\Common Files\LightScribe\LSLog.dll - ok
02:59:49.0218 0x02c8  [ D0F895B2B35CB0E1D83A7432029DFF71, 39A6FE1CBE500B0DE5C416883C3A2FCF3FAF40DE7A55984F41877C3E6AEC3DFC ] C:\Program Files\KeyScrambler\KeyScrambler.exe
02:59:49.0218 0x02c8  C:\Program Files\KeyScrambler\KeyScrambler.exe - ok
02:59:49.0218 0x02c8  [ FB43AD8C64FDEAE83369AC5BB2DB5F9F, 0B59CF72CFF2EAD375484916B0937270C9FABA0201D752538A9D87CF76047B39 ] C:\Program Files\KeyScrambler\KeyScramblerIE.dll
02:59:49.0218 0x02c8  C:\Program Files\KeyScrambler\KeyScramblerIE.dll - ok
02:59:49.0218 0x02c8  [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe
02:59:49.0218 0x02c8  C:\WINDOWS\system32\ctfmon.exe - ok
02:59:49.0234 0x02c8  [ 6CA9C9C471D384698945E2B9CAAB294E, 589332CB15AD023879342803F4F805B7D7F99E394EE092BB23B3D87FF3B6776D ] C:\Program Files\Common Files\LightScribe\LSPrtEn.dll
02:59:49.0234 0x02c8  C:\Program Files\Common Files\LightScribe\LSPrtEn.dll - ok
02:59:49.0234 0x02c8  [ 2B24F194FC5B657397ECB2923A68350E, B7F36CD6F0C33A2EC09898E35786E2225AC22408C25720E4D5B7A32CCA54940C ] C:\Program Files\CCleaner\CCleaner.exe
02:59:49.0234 0x02c8  C:\Program Files\CCleaner\CCleaner.exe - ok
02:59:49.0250 0x02c8  [ 332760FBA1655FCFD35BD6F4FD871300, 6C539FD14B9CF9423E305EAF60CB5C12CA0F7AEF571FB09BAF64E83F108B7F2D ] C:\WINDOWS\system32\ipsecsvc.dll
02:59:49.0250 0x02c8  C:\WINDOWS\system32\ipsecsvc.dll - ok
02:59:49.0250 0x02c8  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] C:\WINDOWS\system32\netman.dll
02:59:49.0250 0x02c8  C:\WINDOWS\system32\netman.dll - ok
02:59:49.0250 0x02c8  [ 085BBE2556ECDAEB4015099CE663ACA1, 46DE8C8E6DBAE588976C63072AC3E5943F3C8263294D4BCBDCAAF361B5162DF5 ] C:\Program Files\Sandboxie\SbieCtrl.exe
02:59:49.0250 0x02c8  C:\Program Files\Sandboxie\SbieCtrl.exe - ok
02:59:49.0265 0x02c8  [ 165AE7A443F2139DD2C078AD87699F91, 7DAA39FA20AA399548FE907B0614D9AA88A2FF9C0FA7E40F51BE7A0395AF31FB ] C:\Program Files\Microsoft Office\OFFICE11\MSOHEV.DLL
02:59:49.0265 0x02c8  C:\Program Files\Microsoft Office\OFFICE11\MSOHEV.DLL - ok
02:59:49.0265 0x02c8  [ F64FD5C7FEF7FC25CBA37974FF3584D7, 8F9F7685416D1B5ECC842B0836F251D71DD79F5E32BC1DC6BE920C0A22AC90CC ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\clr.dll
02:59:49.0265 0x02c8  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\clr.dll - ok
02:59:49.0281 0x02c8  [ 29ECDA17BA5E6D98430F698587569ACC, 9C37D92CCBED1F9ED4E585F98E7FB17C6AD083712B078ABCB40476310BCDB7F8 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.23084_x-ww_f3f35550\GdiPlus.dll
02:59:49.0281 0x02c8  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.23084_x-ww_f3f35550\GdiPlus.dll - ok
02:59:49.0296 0x02c8  [ 584C4DA856450CB22EBBE7A68CC6250F, 56030767CFD2DAFDAE8CC767DC1EED39DD2E6E42152BFAE7904C2C8826B2C3E2 ] C:\WINDOWS\system32\oakley.dll
02:59:49.0296 0x02c8  C:\WINDOWS\system32\oakley.dll - ok
02:59:49.0296 0x02c8  [ 767FF54A552732CE772C2302025FA82F, 7761546C33B0E55B0A8214798FD035C2499D31D690CE03E25B0068C81EDECF3F ] C:\WINDOWS\system32\wzcsapi.dll
02:59:49.0296 0x02c8  C:\WINDOWS\system32\wzcsapi.dll - ok
02:59:49.0312 0x02c8  [ 88BEEF09C654252F3E46B6167B7F4ECB, 94A78D2D709AEED74BA1C29D00CFD55EF68A95764C067B470E1C19C376F32478 ] C:\WINDOWS\system32\msisip.dll
02:59:49.0312 0x02c8  C:\WINDOWS\system32\msisip.dll - ok
02:59:49.0312 0x02c8  [ 3A6D465F379E5C815F4AD565391E654C, EE40580ED71282B1D5D95752DD843DCC30689196B22051AF8CDF6127B985411E ] C:\WINDOWS\system32\wshext.dll
02:59:49.0312 0x02c8  C:\WINDOWS\system32\wshext.dll - ok
02:59:49.0312 0x02c8  [ 51D54AF343D536E7130DFEADB5372AFE, CDEFE063D2B1302D6A7633247113E4002080A94977323EC709A46772C5DBFC4B ] C:\Program Files\Common Files\LightScribe\LSDrComm.dll
02:59:49.0312 0x02c8  C:\Program Files\Common Files\LightScribe\LSDrComm.dll - ok
02:59:49.0328 0x02c8  [ F6FAEC07446A78A9C5AF4558FF5BD118, 9291106F6666913DB6D18943D255D60F77CCDB5A46BD4C100A5E80D40D6927D9 ] C:\WINDOWS\ime\sptip.dll
02:59:49.0328 0x02c8  C:\WINDOWS\ime\sptip.dll - ok
02:59:49.0328 0x02c8  [ F0B0D86C7E5CE1781BB92F300169A257, 9BA533D02C86135EB9B3579E4B15602B7ABECCCEC142B3C7A115C7DBE8A90D96 ] C:\PROGRA~1\MI1933~1\OFFICE11\MCPS.DLL
02:59:49.0328 0x02c8  C:\PROGRA~1\MI1933~1\OFFICE11\MCPS.DLL - ok
02:59:49.0343 0x02c8  [ 4446045B7F00482AC9FC3A03D271FF12, 3BF25F7C773AB9DA126EC2E5C94F190DC8F9ECA66CF34001F825F2291F1C2421 ] C:\Program Files\Common Files\LightScribe\LSSProxy.dll
02:59:49.0343 0x02c8  C:\Program Files\Common Files\LightScribe\LSSProxy.dll - ok
02:59:49.0343 0x02c8  [ F15552F31D97E2EFCC69DE6675E1D8DE, DA2A178E52402FDCB9EA33EF54C26B5DD1CAC4868216F7B8BFDEDD35DE9E8132 ] C:\Program Files\Avira\AntiVir Desktop\libeay32.dll
02:59:49.0343 0x02c8  C:\Program Files\Avira\AntiVir Desktop\libeay32.dll - ok
02:59:49.0359 0x02c8  [ DC3078BA1B58562416C843582A42284C, 3A4EEC80B48F238CB79B8AEB8DF269313146BA93059EA648CD2A3E7EE9E27730 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll
02:59:49.0359 0x02c8  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll - ok
02:59:49.0359 0x02c8  [ 5597D0075861CB0A6E6087752D205C0D, 3F3FAC1FDC2934D3565F0AE94F547572E6DEAE83021E069978AAF13FB8A47AC8 ] C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
02:59:49.0359 0x02c8  C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - ok
02:59:49.0375 0x02c8  [ CBCDA25B76B570A8252644594EDF3BE9, 7D3BEEF96402202D853323341C573C2B3F37EB2C52C8BCE3B15D07019A048B1F ] C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
02:59:49.0375 0x02c8  C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe - ok
02:59:49.0375 0x02c8  [ EA99B12613E5909526123EEC64D6ABDC, 1472B095FD344D666C0BC3219384998E861F3DC5673D702D80F8B691147858BC ] C:\Program Files\HP\Digital Imaging\bin\hpqcxm08.dll
02:59:49.0375 0x02c8  C:\Program Files\HP\Digital Imaging\bin\hpqcxm08.dll - ok
02:59:49.0390 0x02c8  [ 149844639A31AD0D97A8B8A10FDC1FAA, 388F1F6D9D25F52C2816812184E7FE0C3AB6B14038127E3E9CBF83B202CF4B20 ] C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\backweb.dll
02:59:49.0390 0x02c8  C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\backweb.dll - ok
02:59:49.0390 0x02c8  [ 93C088C2AEB2F23E720BDA7E32BD5117, 7ECFCAF8E057986501B42181E049E48063D940A34A3F3E425FF82D2183008E90 ] C:\WINDOWS\system32\upnp.dll
02:59:49.0390 0x02c8  C:\WINDOWS\system32\upnp.dll - ok
02:59:49.0406 0x02c8  [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] C:\WINDOWS\system32\regsvc.dll
02:59:49.0406 0x02c8  C:\WINDOWS\system32\regsvc.dll - ok
02:59:49.0406 0x02c8  [ 248712EA6BA17B9FF0C542A3828375DD, 03EFDE351860C4C49F42D6129C6A6F2B3FC859C20F14FE0652F9C4FBD81244B4 ] C:\WINDOWS\system32\winipsec.dll
02:59:49.0406 0x02c8  C:\WINDOWS\system32\winipsec.dll - ok
02:59:49.0421 0x02c8  [ F1430F5D20F4BB71A003209C3DB3ADDF, 3F1C97A500266C0DB1DD7819B4508C954CF3E20FDA06C097914AF7028F96CD64 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
02:59:49.0421 0x02c8  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll - ok
02:59:49.0421 0x02c8  [ 853D0D0C6F02D7BFDF1CF99DD7553732, AC761B4CA518B787CB2C18101606E5F64245049D140C72B6B1112556DEC86B2E ] C:\WINDOWS\system32\pstorsvc.dll
02:59:49.0421 0x02c8  C:\WINDOWS\system32\pstorsvc.dll - ok
02:59:49.0437 0x02c8  [ 1169436EE42F860C7DB37A4692B38F0E, 9382AAED2DB19CD75A70E38964F06C63F19F63C9DFB5A33B0C2D445BB41B6E46 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
02:59:49.0437 0x02c8  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll - ok
02:59:49.0437 0x02c8  [ 98E53CA00D3C0A2E9FAA4E59C101AEBA, 9A6F978C0F1907915309F29FC2404910C3C7E205040C2B108685429E69625BD2 ] C:\WINDOWS\system32\mslbui.dll
02:59:49.0437 0x02c8  C:\WINDOWS\system32\mslbui.dll - ok
02:59:49.0453 0x02c8  [ 22D89D84E8E081CDA529DBF8C0255A38, 26863A2D27BE257D99EF28A612FC1B514558B27002EF10B0F682BC15C6D1CD74 ] C:\WINDOWS\system32\psbase.dll
02:59:49.0453 0x02c8  C:\WINDOWS\system32\psbase.dll - ok
02:59:49.0453 0x02c8  [ 3D075865DCC26931972F6476AD0497BE, E1FB17787F54D9A4E2A04DD699FA770C9CE100A427E6EFBF4E0CF24EAAD3A9BA ] C:\WINDOWS\system32\ssdpapi.dll
02:59:49.0453 0x02c8  C:\WINDOWS\system32\ssdpapi.dll - ok
02:59:49.0468 0x02c8  [ C14AA05881A35B6D6BB8D55B117EE22D, F30873FA983CE21734BE1A357CDF855EF33511990C14B454EBAA3D6059CD823D ] C:\WINDOWS\system32\shfolder.dll
02:59:49.0468 0x02c8  C:\WINDOWS\system32\shfolder.dll - ok
02:59:49.0468 0x02c8  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] C:\WINDOWS\system32\sens.dll
02:59:49.0468 0x02c8  C:\WINDOWS\system32\sens.dll - ok
02:59:49.0468 0x02c8  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] C:\WINDOWS\system32\srsvc.dll
02:59:49.0468 0x02c8  C:\WINDOWS\system32\srsvc.dll - ok
02:59:49.0484 0x02c8  [ 82E047AC9DCFA908F169EBB20C157198, E70F10B58F79D76DBCC7B81559729CD3E02CB915F8709C9FBF6C76095FCF8B93 ] C:\Program Files\HP\Digital Imaging\bin\hpquio08.dll
02:59:49.0484 0x02c8  C:\Program Files\HP\Digital Imaging\bin\hpquio08.dll - ok
02:59:49.0484 0x02c8  [ FEDE68BF80052BAD393AFD5C2E60DCB0, 6A40D89524317C554C5C33A35FB659147A3118F4C646AB36653A19A8811627CB ] C:\WINDOWS\system32\dssenh.dll
02:59:49.0484 0x02c8  C:\WINDOWS\system32\dssenh.dll - ok
02:59:49.0500 0x02c8  [ 972297BAE5220EB376E52839BAE013B0, 89B28E407D1A9F5E29AAA74113E77CCEB8FBD4EF9AE3BF91170BAE6C8BE2C362 ] C:\Program Files\HP\Digital Imaging\bin\hpqtra08.rsc
02:59:49.0500 0x02c8  C:\Program Files\HP\Digital Imaging\bin\hpqtra08.rsc - ok
02:59:49.0500 0x02c8  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] C:\WINDOWS\system32\seclogon.dll
02:59:49.0500 0x02c8  C:\WINDOWS\system32\seclogon.dll - ok
02:59:49.0515 0x02c8  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] C:\WINDOWS\system32\trkwks.dll
02:59:49.0515 0x02c8  C:\WINDOWS\system32\trkwks.dll - ok
02:59:49.0515 0x02c8  [ 621D873625B55315D248204E6588BA2D, A1DC8E9F539616C654733D8998D5020FB7D473939D5BC0A61B38D27883147077 ] C:\Program Files\HP\Digital Imaging\bin\hpqtao08.dll
02:59:49.0515 0x02c8  C:\Program Files\HP\Digital Imaging\bin\hpqtao08.dll - ok
02:59:49.0515 0x02c8  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] C:\WINDOWS\system32\wbem\wmisvc.dll
02:59:49.0515 0x02c8  C:\WINDOWS\system32\wbem\wmisvc.dll - ok
02:59:49.0531 0x02c8  [ ACACB8B14E66109B8ACD6644B5574B9A, 2373E67EB51F8045E7CD346F75B4BAD093E29CC609955BBC4C9FEF7A97A5FD86 ] C:\WINDOWS\system32\vssapi.dll
02:59:49.0531 0x02c8  C:\WINDOWS\system32\vssapi.dll - ok
02:59:49.0531 0x02c8  [ 818DD7B94AF1CF471DA45FBF71513C03, CBEDCB2FACB4B304A6006EBC4E948E327A27890E29B6A36CA00DF8F9A300CD53 ] C:\PROGRA~1\COMMON~1\System\MSMAPI\1033\MSMAPI32.DLL
02:59:49.0531 0x02c8  C:\PROGRA~1\COMMON~1\System\MSMAPI\1033\MSMAPI32.DLL - ok
02:59:49.0546 0x02c8  [ C44E3EC19AB2ADBE81B510D937342A0C, AF344486460788DF239D1210F2AD7F9C3E9E484C1CB10E3827748DA77457C862 ] C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscorwks.dll
02:59:49.0546 0x02c8  C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscorwks.dll - ok
02:59:49.0546 0x02c8  [ 205ADD80FF8099B1A8101EB490B933D1, 6B4D94F1683B1D30A1BB0019E2E3E0AE1AA85561D416708198EC2BDAB649E178 ] C:\WINDOWS\system32\wbem\wbemprox.dll
02:59:49.0546 0x02c8  C:\WINDOWS\system32\wbem\wbemprox.dll - ok
02:59:49.0546 0x02c8  [ D95C71052E5EF63B55997FB31483D02F, 829A559050680C039CA7AFCFE3246745D465ED11722A603AA32253FD413894C3 ] C:\WINDOWS\system32\wbem\wbemcomn.dll
02:59:49.0546 0x02c8  C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
02:59:49.0562 0x02c8  [ D17310B8161FBDE20E76FC688D93C1B3, 0CB791E02BA875CFF6429F8F0704401947EB7329EF426CD6420796B31064A7AB ] C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscorsn.dll
02:59:49.0562 0x02c8  C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscorsn.dll - ok
02:59:49.0562 0x02c8  [ 8F84E7A264FD5E41B192947998A17946, 937B02DD9922FE26DD32F49A85E580CDFB520EFF4A87084A84FDA96C1C486CB0 ] C:\WINDOWS\assembly\GAC\ehepg\6.0.3000.0__31bf3856ad364e35\ehepg.dll
02:59:49.0562 0x02c8  C:\WINDOWS\assembly\GAC\ehepg\6.0.3000.0__31bf3856ad364e35\ehepg.dll - ok
02:59:49.0578 0x02c8  [ 0E37FBFA79D349D672456923EC5FBBE3, 8793353461826FBD48F25EA8B835BE204B758CE7510DB2AF631B28850355BD18 ] C:\WINDOWS\system32\msvcr100.dll
02:59:49.0578 0x02c8  C:\WINDOWS\system32\msvcr100.dll - ok
02:59:49.0578 0x02c8  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] C:\WINDOWS\system32\wuaueng.dll
02:59:49.0578 0x02c8  C:\WINDOWS\system32\wuaueng.dll - ok
02:59:49.0578 0x02c8  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] C:\WINDOWS\system32\wuauserv.dll
02:59:49.0578 0x02c8  C:\WINDOWS\system32\wuauserv.dll - ok
02:59:49.0593 0x02c8  [ 8E6214E8C6100222BEB6A14F9B908A7E, 268279AE0D87E4B1CC227355DF12B7E8113F8355B1D20447AA723830D706021A ] C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
02:59:49.0593 0x02c8  C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe - ok
02:59:49.0593 0x02c8  [ 0E21535E9BC633AD345BC0F4D2249B33, C587DC9FB5B3BF97EFD5D4FD317A387C0536FF3EFDA6225A90D477493989CAE3 ] C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\bwsec.dll
02:59:49.0593 0x02c8  C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\bwsec.dll - ok
02:59:49.0593 0x02c8  [ A12BAA38CE07B522671678500D035D40, DA671948FF593DBF7F95EA1DC25091310E67A0B75920B5433DEFB937B5612B77 ] C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\clntutil.dll
02:59:49.0593 0x02c8  C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\clntutil.dll - ok
02:59:49.0609 0x02c8  [ 5C1F0537E61F87B435F56E00B4F20EE8, AA4BAD8612F45125421C13536D6E7FB4C85BA6DE7D61BDE19949286FB1910B3D ] C:\WINDOWS\system32\snmpapi.dll
02:59:49.0609 0x02c8  C:\WINDOWS\system32\snmpapi.dll - ok
02:59:49.0609 0x02c8  [ 251C11444F614DE5FA47ECF7275E7BF1, 3DEDFFBAA82C9E83565F689F352E9CAE92C3CB8ED66179E4ABF8A5385DB2EF76 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSO.DLL
02:59:49.0609 0x02c8  C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSO.DLL - ok
02:59:49.0625 0x02c8  [ 76848CB1AA5818DB47D5F5986E0A7485, 03BAB6981C6F447E41B78A96187FA619E4755C2101FF1A0B2ABF111BE53D9F92 ] C:\WINDOWS\system32\mfc42.dll
02:59:49.0625 0x02c8  C:\WINDOWS\system32\mfc42.dll - ok
02:59:49.0625 0x02c8  [ F3DE10AABD5C7A1A186C9966F037D0C0, BC50848AEEF466DFF4A3D8C386BF0D0EC35B8E5B438031AE885AA5371F2E1A42 ] C:\WINDOWS\system32\mfc100u.dll
02:59:49.0625 0x02c8  C:\WINDOWS\system32\mfc100u.dll - ok
02:59:49.0640 0x02c8  [ 1E5C92E71FF190C35160605DECDE2B93, A2F9948DFDFB08C041C8C2CEA278E847C98D4173DC489382C81590B8D06B6E52 ] C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscorjit.dll
02:59:49.0640 0x02c8  C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscorjit.dll - ok
02:59:49.0640 0x02c8  [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{032ACF70-CB50-4635-93DA-652D71E88F43}\{977A65F7-832F-40EC-9A58-9FD0FB361160}.tmp
02:59:49.0656 0x02c8  C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{032ACF70-CB50-4635-93DA-652D71E88F43}\{977A65F7-832F-40EC-9A58-9FD0FB361160}.tmp - ok
02:59:49.0656 0x02c8  [ 42068CB64CA9C817FB5ED5A625EA58BE, 59F9F27F888AD60EBFC9BE15D9C8112D4D5D2CE414C6148DB6DC292C532D640D ] C:\WINDOWS\assembly\GAC\ehRecObj\6.0.3000.0__31bf3856ad364e35\ehRecObj.dll
02:59:49.0656 0x02c8  C:\WINDOWS\assembly\GAC\ehRecObj\6.0.3000.0__31bf3856ad364e35\ehRecObj.dll - ok
02:59:49.0671 0x02c8  [ 58BEB7573E2AA11845901A5CC1AA462F, 8579AA17F9398CCD1FB9881C2DC7CB21A898B7362401B2468D1EB6E6DB460CF4 ] C:\Program Files\Avira\AntiVir Desktop\ssleay32.dll
02:59:49.0671 0x02c8  C:\Program Files\Avira\AntiVir Desktop\ssleay32.dll - ok
02:59:49.0671 0x02c8  [ 6DB4001D627CE0D8718A3D22D7999EA7, 907B3706E88F07FC20DB4E14406C6E76C020330FC978208A3ADBA50B1224739E ] C:\WINDOWS\assembly\GAC\ehepgdat\6.0.3000.0__31bf3856ad364e35\ehepgdat.dll
02:59:49.0671 0x02c8  C:\WINDOWS\assembly\GAC\ehepgdat\6.0.3000.0__31bf3856ad364e35\ehepgdat.dll - ok
02:59:49.0687 0x02c8  [ 86ABCC180C462B357A74E6AEA351AC25, 15DEF2A8FA9C8E28773B6956FA6BA35A7480C082B5184AB79635F43C7CE84D47 ] C:\WINDOWS\assembly\GAC\ehiProxy\6.0.3000.0__31bf3856ad364e35\ehiProxy.dll
02:59:49.0687 0x02c8  C:\WINDOWS\assembly\GAC\ehiProxy\6.0.3000.0__31bf3856ad364e35\ehiProxy.dll - ok
02:59:49.0703 0x02c8  [ F9EF05130B485AFA6EDB193C1C518798, 0E5F99E48C39A8396F4DADF7503D7652FCB86D22527C2055D023A1DDD66496AA ] C:\WINDOWS\assembly\GAC\System\1.0.3300.0__b77a5c561934e089\System.dll
02:59:49.0703 0x02c8  C:\WINDOWS\assembly\GAC\System\1.0.3300.0__b77a5c561934e089\System.dll - ok
02:59:49.0703 0x02c8  [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{032ACF70-CB50-4635-93DA-652D71E88F43}\{BC2879B4-8B98-4980-807F-678C1B074C02}.tmp
02:59:49.0703 0x02c8  C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{032ACF70-CB50-4635-93DA-652D71E88F43}\{BC2879B4-8B98-4980-807F-678C1B074C02}.tmp - ok
02:59:49.0718 0x02c8  [ 67156D5A9AC356DC99D7BCCB388E3316, 449A140065197779C0F8588E5C53014BBF54A9C74818D5CFDCB88CC7B36F44CF ] C:\WINDOWS\system32\wsock32.dll
02:59:49.0718 0x02c8  C:\WINDOWS\system32\wsock32.dll - ok
02:59:49.0718 0x02c8  [ AF21FBB2E2F88EB29CC23BCA825642FA, 794243BF93693F7F567C6835666CAFD284DC9E1ABF36377F22CE15194A6B05E5 ] C:\Program Files\Avira\AntiVir Desktop\libaprutil-1.dll
02:59:49.0718 0x02c8  C:\Program Files\Avira\AntiVir Desktop\libaprutil-1.dll - ok
02:59:49.0734 0x02c8  [ CD81D51CBFD4DC6540340F761BB2E6B6, 9B28A7849DD8DE5A7E8FF90EEEBB945C57F151C49E17AC0C94740BA7990922BE ] C:\PROGRA~1\UPDATE~1\9972322\632~1.116\Program\EN\ClientRc.dll
02:59:49.0734 0x02c8  C:\PROGRA~1\UPDATE~1\9972322\632~1.116\Program\EN\ClientRc.dll - ok
02:59:49.0734 0x02c8  [ EACF0FEB2E38F0F790D73D08826B6567, 150F0DE074DF066A59CEA55CE4549FC6BAF9E2CDDE3C8795937A082CEC07642D ] C:\Program Files\Avira\AntiVir Desktop\libapriconv-1.dll
02:59:49.0734 0x02c8  C:\Program Files\Avira\AntiVir Desktop\libapriconv-1.dll - ok
02:59:49.0750 0x02c8  [ F5BECD89B78BE45F29B44068A895BA70, 615EB925284527C1591A3683844421DBE381DF2D49CF3540B217D221F04DE913 ] C:\Program Files\Avira\AntiVir Desktop\libapr-1.dll
02:59:49.0750 0x02c8  C:\Program Files\Avira\AntiVir Desktop\libapr-1.dll - ok
02:59:49.0750 0x02c8  [ F9D3C78CFE15271D80790677C893CE45, 885425736648DF7B315E92680ED3BD058ACE97A86D388FEA80EB0C039ADF25D7 ] C:\WINDOWS\system32\cabinet.dll
02:59:49.0750 0x02c8  C:\WINDOWS\system32\cabinet.dll - ok
02:59:49.0765 0x02c8  [ B85E95679B5ADC12311BCD3F5385D623, 378D304CF408AE1928EF6290A5A9F2388920B55FD69382759B356B6A3FF94F3A ] C:\WINDOWS\system32\mspatcha.dll
02:59:49.0765 0x02c8  C:\WINDOWS\system32\mspatcha.dll - ok
02:59:49.0765 0x02c8  [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] C:\WINDOWS\system32\browser.dll
02:59:49.0765 0x02c8  C:\WINDOWS\system32\browser.dll - ok
02:59:49.0765 0x02c8  [ D708BED9423598B4A03389CD28AC28FE, A97A9A65A7EFFE6B1FFB4BC1709839BACBB43A898766222743ACBD755AF1D5D9 ] C:\Program Files\Avira\AntiVir Desktop\avwinll.dll
02:59:49.0765 0x02c8  C:\Program Files\Avira\AntiVir Desktop\avwinll.dll - ok
02:59:49.0781 0x02c8  [ D97B6650D15F1002B6148DF9404B1ECE, 9D635171F5D415BED584FEE873EF99BA6555876433D0E100F49744EC06726A28 ] C:\Program Files\Avira\AntiVir Desktop\aecore.dll
02:59:49.0781 0x02c8  C:\Program Files\Avira\AntiVir Desktop\aecore.dll - ok
02:59:49.0781 0x02c8  [ F9C178538B807A981CB280EDB6E519D0, E26B48FE9B2543192CFD7C64B68EFC9ED0A631327F0DF54C6984C6960533907D ] C:\Program Files\Avira\AntiVir Desktop\ccwkrlib.dll
02:59:49.0781 0x02c8  C:\Program Files\Avira\AntiVir Desktop\ccwkrlib.dll - ok
02:59:49.0796 0x02c8  [ 80808656078CFCC32CF8BFEB0DD66279, 383F37599ABF16EEDEB2A60242DB7EDCC3D210A2A59DD61169047059F7041C5C ] C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{032ACF70-CB50-4635-93DA-652D71E88F43}\{6F9E0F32-FFE6-4754-AF92-7F53F9BEAEC0}.tmp
02:59:49.0796 0x02c8  C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{032ACF70-CB50-4635-93DA-652D71E88F43}\{6F9E0F32-FFE6-4754-AF92-7F53F9BEAEC0}.tmp - ok
02:59:49.0796 0x02c8  [ 6A9692792BEFC27B06B763342B74BB6D, 5D13C00449EAB0103883F5EA1A1D2D27AD26F7E385FDED91A3D0BEEF513325E6 ] C:\Program Files\Avira\AntiVir Desktop\aevdf.dll
02:59:49.0796 0x02c8  C:\Program Files\Avira\AntiVir Desktop\aevdf.dll - ok
02:59:49.0812 0x02c8  [ 3458EDA96E30FBD0477A2800D3FB1909, BDF84362E4D8A102E7FB5F352D950B84D1A8E1E7928521B68E7671D4176803C5 ] C:\WINDOWS\system32\wups.dll
02:59:49.0812 0x02c8  C:\WINDOWS\system32\wups.dll - ok
02:59:49.0812 0x02c8  [ 289A671AD7E9B2E50254E53AEA8F1D32, FFDA54DA3DDA51C8862C3A335A045C2222D049F42693B754FE19AB51F30FF28B ] C:\Program Files\Avira\AntiVir Desktop\aescript.dll
02:59:49.0812 0x02c8  C:\Program Files\Avira\AntiVir Desktop\aescript.dll - ok
02:59:49.0812 0x02c8  [ 151EF98E3178FB87D343F796537787B4, 6B7B9EF9E3B05C5EB9986F0704B284C8C57A343736A83B9B2FB7F9B4354189FB ] C:\Program Files\HP\Digital Imaging\Unload\hpiCamTA.dll
02:59:49.0812 0x02c8  C:\Program Files\HP\Digital Imaging\Unload\hpiCamTA.dll - ok
02:59:49.0828 0x02c8  [ BDC0C99E472176C8C2C853A68ADC5073, 9A0A0CEE321C9BAF5545D6CB0BE3E725228B694F331FFACCEB770350AAF2C8C3 ] C:\WINDOWS\system32\wups2.dll
02:59:49.0828 0x02c8  C:\WINDOWS\system32\wups2.dll - ok
02:59:49.0828 0x02c8  [ 7954EC74667D298DB411D9E57401F8CA, CFD85E9E9ED83BBCE42A4B8E69819E2ADF1C5807924DFBC6F4849D913071B4D5 ] C:\Program Files\Avira\AntiVir Desktop\aescn.dll
02:59:49.0828 0x02c8  C:\Program Files\Avira\AntiVir Desktop\aescn.dll - ok
02:59:49.0843 0x02c8  [ DB1B0875C5C6873E3B190406388DC24F, 404F4C8F54E92313F97BC597E5CCD268ACAFA40703CBCC183EB0C3CBC5106F0B ] C:\Program Files\Avira\AntiVir Desktop\aesbx.dll
02:59:49.0843 0x02c8  C:\Program Files\Avira\AntiVir Desktop\aesbx.dll - ok
02:59:49.0843 0x02c8  [ F35A584E947A5B401FEB0FE01DB4A0D7, 4DA5EFDC46D126B45DAEEE8BC69C0BA2AA243589046B7DFD12A7E21B9BEE6A32 ] C:\WINDOWS\system32\mfc71.dll
02:59:49.0843 0x02c8  C:\WINDOWS\system32\mfc71.dll - ok
02:59:49.0859 0x02c8  [ ED0C0DF222209E43AD9AFBF3FE87DDE0, 927329F9244DA9F0074FA0D4C101EE793AFCF433155E58714C33444C5EF35014 ] C:\WINDOWS\system32\comsvcs.dll
02:59:49.0859 0x02c8  C:\WINDOWS\system32\comsvcs.dll - ok
02:59:49.0859 0x02c8  [ 810FB60EAF5AFDA4E6F3083E9C5D0D24, D562BA738BF35F4311B6D6E3A5836AB2E40E49FB6E8167A82A6362DAEF97B6D7 ] C:\Program Files\Avira\AntiVir Desktop\rcimage.dll
02:59:49.0859 0x02c8  C:\Program Files\Avira\AntiVir Desktop\rcimage.dll - ok
02:59:49.0859 0x02c8  [ EAE92EB7AF1371717F0F84F9C1EC88F3, 717B73903FE2D3EDF47CC76E2F1A8F61E81C2B2236DDB47492932A92BEAFE3AD ] C:\Program Files\Avira\AntiVir Desktop\aerdl.dll
02:59:49.0859 0x02c8  C:\Program Files\Avira\AntiVir Desktop\aerdl.dll - ok
02:59:49.0875 0x02c8  [ 3FFA3AF7C3F6C1F2533733F57EBAB702, CAFE7D6F0693727801B6D8EA39A47F5FC0620A8D4DA3A50661DB87453EDF47F3 ] C:\Program Files\Avira\AntiVir Desktop\ccguard.dll
02:59:49.0875 0x02c8  C:\Program Files\Avira\AntiVir Desktop\ccguard.dll - ok
02:59:49.0875 0x02c8  [ 4830008971BF98E60D8A232C5BE1925E, E803E7BD44013747C1CBF725EA86C6F3DE1A57CE468A8B1DEC241DE2EB9C1385 ] C:\Program Files\Avira\AntiVir Desktop\ccgrdrc.dll
02:59:49.0875 0x02c8  C:\Program Files\Avira\AntiVir Desktop\ccgrdrc.dll - ok
02:59:49.0890 0x02c8  [ C5AB3B01E23170A6A38BE01060B38495, C93A9806B4E8141DAFA5446168FC94E59EBEF42C06CE6E3937D653DD0E3B080D ] C:\Program Files\Avira\AntiVir Desktop\ccgrdw.dll
02:59:49.0890 0x02c8  C:\Program Files\Avira\AntiVir Desktop\ccgrdw.dll - ok
02:59:49.0890 0x02c8  [ 2DE1190196EE9555DB548A57622022EB, 89DBC777BE06D008AABEDAC61AFC11B4FF7ABCA86C205109ED9D34D21C0B5146 ] C:\WINDOWS\system32\drprov.dll
02:59:49.0890 0x02c8  C:\WINDOWS\system32\drprov.dll - ok
02:59:49.0906 0x02c8  [ BD7BD4E342AB3AB84C1441AA76213605, 4FF2C38A59C2123983B89632CD42CD4632294F770CE4DD60EAE7172A85172B51 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\52f4f785f7cf45a64606a8e13c8cf04c\mscorlib.ni.dll
02:59:49.0906 0x02c8  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\52f4f785f7cf45a64606a8e13c8cf04c\mscorlib.ni.dll - ok
02:59:49.0906 0x02c8  [ 36468087E22C57A83DF758B3F90DF73F, F6898D07CEE4F528A9F17A231CCB5E38F826A0C1926EFBF35ECCA06E0E8EE565 ] C:\WINDOWS\system32\ntlanman.dll
02:59:49.0906 0x02c8  C:\WINDOWS\system32\ntlanman.dll - ok
02:59:49.0906 0x02c8  [ AC5DF42FE314C1446B1DAD237BFCFFE0, FD53D9BCC619ED7AE4B7C29B7D457A2F61D6D340841A4E030329D7032C306AB6 ] C:\WINDOWS\system32\netui0.dll
02:59:49.0906 0x02c8  C:\WINDOWS\system32\netui0.dll - ok
02:59:49.0921 0x02c8  [ 2949877F766F1088E6F99F543BFDD54C, A8E8EE7D50B99B1F00A9AE8119E696F947D5163673A6119FEB14AD86388DDEE4 ] C:\WINDOWS\assembly\GAC\ehCIR\6.0.3000.0__31bf3856ad364e35\ehCIR.dll
02:59:49.0921 0x02c8  C:\WINDOWS\assembly\GAC\ehCIR\6.0.3000.0__31bf3856ad364e35\ehCIR.dll - ok
02:59:49.0921 0x02c8  [ ED5A816D8E11E03F1937AC3C56826EE4, D01525B5BD9F9DDF149B78706C6C2F5AE26F5337F897C1B8763DBC67AB64F875 ] C:\WINDOWS\system32\netui1.dll
02:59:49.0921 0x02c8  C:\WINDOWS\system32\netui1.dll - ok
02:59:49.0937 0x02c8  [ 303A63F4B913AA5D8998161CB77A8CE7, 0CE864B852E32F803754DD8827120F717D55E531E4F2BC87ECEB005F30356333 ] C:\WINDOWS\system32\feclient.dll
02:59:49.0937 0x02c8  C:\WINDOWS\system32\feclient.dll - ok
02:59:49.0937 0x02c8  [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{032ACF70-CB50-4635-93DA-652D71E88F43}\{22463A02-97A9-49B6-9E92-AD2798D3F8A3}.tmp
02:59:49.0937 0x02c8  C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{032ACF70-CB50-4635-93DA-652D71E88F43}\{22463A02-97A9-49B6-9E92-AD2798D3F8A3}.tmp - ok
02:59:49.0953 0x02c8  [ FCFC31FE1B8A81FD796B3A18610932CC, 9229E64B1C9B817EBB3A6B4F2914F213B032788E73AC4C0AA3A4966B2C1A17B2 ] C:\WINDOWS\assembly\NativeImages1_v1.0.3705\System\1.0.3300.0__b77a5c561934e089_c9a515e0\System.dll
02:59:49.0953 0x02c8  C:\WINDOWS\assembly\NativeImages1_v1.0.3705\System\1.0.3300.0__b77a5c561934e089_c9a515e0\System.dll - ok
02:59:49.0953 0x02c8  [ B4459D13473D07FCB43365C02732DE16, 0BCF7FB94533E1C3851874879538CD2476838BBCD18F21FFB9807C294F4289FB ] C:\WINDOWS\system32\pschdprf.dll
02:59:49.0953 0x02c8  C:\WINDOWS\system32\pschdprf.dll - ok
02:59:49.0968 0x02c8  [ F908FE45F8FE9E0D4CBE65F9FF5DF6DA, 6FEC7C478F790D0EDCC4F0EFB2594A64878AC8FC8878B03F3611311C920E29BE ] C:\WINDOWS\system32\mfc100enu.dll
02:59:49.0968 0x02c8  C:\WINDOWS\system32\mfc100enu.dll - ok
02:59:49.0968 0x02c8  [ 1F3A82333046F4B97B2BB148ABF38D54, DED83E1F40314D546E858DCBA4CDC483E39EE45A5CABEF7691F0D0C0C0051D18 ] C:\WINDOWS\system32\traffic.dll
02:59:49.0968 0x02c8  C:\WINDOWS\system32\traffic.dll - ok
02:59:49.0984 0x02c8  [ F9DD799E07ED5028DB2F1FFEA72C9357, FD8B46EDF7DB4B08EEB1C4D26F9438F9F69F3F70F3FB7F53A79023446C397038 ] C:\WINDOWS\system32\rsvpperf.dll
02:59:49.0984 0x02c8  C:\WINDOWS\system32\rsvpperf.dll - ok
02:59:49.0984 0x02c8  [ B41D53899E37CC43DA85DA19998BEE81, CA92B8313338F0F8B1B630A0057B9C114E8D8BC10F09825C9008A5A824B91FDC ] C:\WINDOWS\system32\netrap.dll
02:59:49.0984 0x02c8  C:\WINDOWS\system32\netrap.dll - ok
02:59:49.0984 0x02c8  [ 6951B89B4F591AA694048A6CD0E5224A, C055C54286AE406143F4F9102CAFC32CC684F076FA0F13717CD87FFAD4B6BA4F ] C:\WINDOWS\system32\tapiperf.dll
02:59:49.0984 0x02c8  C:\WINDOWS\system32\tapiperf.dll - ok
02:59:50.0000 0x02c8  [ FB8F8EEC8D9C2157789472DD61CDC78B, D5306081621FFEFF585FAD292E60207E1BCB4EA67367E12872AF73C464110C68 ] C:\WINDOWS\system32\davclnt.dll
02:59:50.0000 0x02c8  C:\WINDOWS\system32\davclnt.dll - ok
02:59:50.0000 0x02c8  [ E35B2DBB7B88F0D5E99DFD4DE5704EB8, CA6803CB696D9965B122F37C7D17B7898AB765BB509DCD826C1F0E37EFAD7994 ] C:\Program Files\Avira\AntiVir Desktop\aepack.dll
02:59:50.0000 0x02c8  C:\Program Files\Avira\AntiVir Desktop\aepack.dll - ok
02:59:50.0015 0x02c8  [ 721FF6E6F526CFD48D9312564291DAC8, 644149446182A84E9D675EC94809F3A03FDA45BAF918EA7542E3FF124F46A460 ] C:\Program Files\Avira\AntiVir Desktop\aeoffice.dll
02:59:50.0015 0x02c8  C:\Program Files\Avira\AntiVir Desktop\aeoffice.dll - ok
02:59:50.0015 0x02c8  [ C8CDA206AEA709A721BF18E16A6BF24E, 44DD380B1A3D348FAF705D34A18E4102A1BBE21A733CD1868511D5CBC47E2F5E ] C:\Program Files\Avira\AntiVir Desktop\aemobile.dll
02:59:50.0015 0x02c8  C:\Program Files\Avira\AntiVir Desktop\aemobile.dll - ok
02:59:50.0031 0x02c8  [ 86F1895AE8C5E8B17D99ECE768A70732, 8094AF5EE310714CAEBCCAEEE7769FFB08048503BA478B879EDFEF5F1A24FEFE ] C:\WINDOWS\system32\msvcr71.dll
02:59:50.0031 0x02c8  C:\WINDOWS\system32\msvcr71.dll - ok
02:59:50.0031 0x02c8  [ 4AACB6B80B8F07F6335A6F66D9F3751D, E120DC52FB6F4C7EDCBCAFB69C890BD46A3D3FD81F197C2698E307466861EACA ] C:\Program Files\Avira\AntiVir Desktop\aeheur.dll
02:59:50.0031 0x02c8  C:\Program Files\Avira\AntiVir Desktop\aeheur.dll - ok
02:59:50.0031 0x02c8  [ 0E6FB02796EDE6D0603378B403976AF5, 5B6CC76885FF5960691B74CFBEE1232FCD98172AF877DA0A4083452CF92E2C5E ] C:\Program Files\Avira\AntiVir Desktop\aehelp.dll
02:59:50.0031 0x02c8  C:\Program Files\Avira\AntiVir Desktop\aehelp.dll - ok
02:59:50.0046 0x02c8  [ 50AC979E18FD25FD03DA7B5B8628CE07, D84CE62B1E1B35DE69939D837617E08B992E18DA930630ED7349E11F8C5BDBEC ] C:\Program Files\Avira\AntiVir Desktop\aegen.dll
02:59:50.0046 0x02c8  C:\Program Files\Avira\AntiVir Desktop\aegen.dll - ok
02:59:50.0046 0x02c8  [ 6E0E72DDF0D8AB234B992953131F371C, E6DA4F1E7FE6C5D5C3AA770F48C648ABA64CB690C72B224F2C8294A36CF99680 ] C:\Program Files\Avira\AntiVir Desktop\aeexp.dll
02:59:50.0046 0x02c8  C:\Program Files\Avira\AntiVir Desktop\aeexp.dll - ok
02:59:50.0046 0x02c8  [ 76E5BF8C3DAD02DC942CF625C5434190, F40D0087C99F49ECF40ACD6D74308B7999780EB4A6F966317C9351F4E4ACEA54 ] C:\Program Files\Avira\AntiVir Desktop\aeemu.dll
02:59:50.0046 0x02c8  C:\Program Files\Avira\AntiVir Desktop\aeemu.dll - ok
02:59:50.0062 0x02c8  [ 96436F416AF32691388AE98838FDDEF2, C0319C037187846F6B25C677C322684AA42F5938F971CAC51579DD4D75BCBC56 ] C:\Program Files\Avira\AntiVir Desktop\aedroid.dll
02:59:50.0062 0x02c8  C:\Program Files\Avira\AntiVir Desktop\aedroid.dll - ok
02:59:50.0062 0x02c8  [ AE80657661F164C09D802B339539DDC2, 1973B60640DBF0340626A877A8963FBC9F9882A0A7A84DC743A535E9D679F0FE ] C:\Program Files\Avira\AntiVir Desktop\aebb.dll
02:59:50.0062 0x02c8  C:\Program Files\Avira\AntiVir Desktop\aebb.dll - ok
02:59:50.0078 0x02c8  [ 2F3BBB26EF3B6A918786F98ACD4E4A0E, 872A892F72AB44A6E72D3413588A0EEA6E7C008DC12B8380D81617035E026184 ] C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\Cpuinf32.dll
02:59:50.0078 0x02c8  C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\Cpuinf32.dll - ok
02:59:50.0078 0x02c8  [ 690D97864735E8ECD87F55777E266690, 2098D2AADEF82C3EDD82FD6182C14568CDE1EF02205ED1EA4CB19252B74BB807 ] C:\WINDOWS\system32\colbact.dll
02:59:50.0078 0x02c8  C:\WINDOWS\system32\colbact.dll - ok
02:59:50.0078 0x02c8  [ 36795A645EAA47FE31D2A8F136A2C69B, D681D7DFC4A2A2F10658D76A93F009BDBFC6117E245E0883C509A286DC952EAD ] C:\WINDOWS\system32\mtxclu.dll
02:59:50.0078 0x02c8  C:\WINDOWS\system32\mtxclu.dll - ok
02:59:50.0093 0x02c8  [ 8779099E892C0750321741BB2038BE9F, CDB634D5ACE218199A719D365DC154AE1DD3491CF6469AED4C7B85DC8DF479E5 ] C:\Program Files\Updates from HP\9972322\Program\BWfiles-9972322.dll
02:59:50.0093 0x02c8  C:\Program Files\Updates from HP\9972322\Program\BWfiles-9972322.dll - ok
02:59:50.0093 0x02c8  [ 8F2097E8B174F38178570C611464935F, 3F25E7B097B65EAF82A6D5B58646DFF38CA19347664F40C2B8A409B9D6939457 ] C:\WINDOWS\system32\atl71.dll
02:59:50.0093 0x02c8  C:\WINDOWS\system32\atl71.dll - ok
02:59:50.0093 0x02c8  [ 1986443C2F2C0E2A18E908DD241BF84D, AF9B29E3E6F3327185BF61F251BD4F759DC84A392E48A4EA69B8B9A062C2D57F ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Culture.dll
02:59:50.0093 0x02c8  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Culture.dll - ok
02:59:50.0109 0x02c8  [ DF82E222578DBE59FCBBD69A02E4C806, 0F0CD9DC739500536F252475F84F8EF378428CAC7DD9CFCDEC676862A20A0C46 ] C:\WINDOWS\system32\clusapi.dll
02:59:50.0109 0x02c8  C:\WINDOWS\system32\clusapi.dll - ok
02:59:50.0109 0x02c8  [ 8B89AFFB35202B8F15A927DC1169F850, 4036BE2EB21DD98906F2586BCC977F02E328BE9FB0DB1CCAC37E21E7D9140D18 ] C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\bwfiles.dll
02:59:50.0109 0x02c8  C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\bwfiles.dll - ok
02:59:50.0125 0x02c8  [ 7D69C583DC724A8EB688D6ADCC3D73A6, 4AF44807208831000BF6FCFD1FEC377E3A83463825352EF9301966623F22E56E ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
02:59:50.0125 0x02c8  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll - ok
02:59:50.0125 0x02c8  [ 409C078E2055CC51986BD5C35A8952EE, 41418331D7313087C8C19A664CC2A1E1E03E428C2DEBDBEAC83979CB9FB37B04 ] C:\Program Files\Avira\AntiVir Desktop\ccwgrd.dll
02:59:50.0125 0x02c8  C:\Program Files\Avira\AntiVir Desktop\ccwgrd.dll - ok
02:59:50.0125 0x02c8  [ F51EBB6FC536A6B2D588FD668D3A8249, 6C22B5FBE3F721025879447B006EC5A343D482A87E23674B5A3BB43983AB328E ] C:\WINDOWS\system32\resutils.dll
02:59:50.0125 0x02c8  C:\WINDOWS\system32\resutils.dll - ok
02:59:50.0140 0x02c8  [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{032ACF70-CB50-4635-93DA-652D71E88F43}\{8943FD16-6D63-4241-8E83-6227CC571B21}.tmp
02:59:50.0140 0x02c8  C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{032ACF70-CB50-4635-93DA-652D71E88F43}\{8943FD16-6D63-4241-8E83-6227CC571B21}.tmp - ok
02:59:50.0156 0x02c8  [ B282C30279F2EE60517F7235BF673D42, DCB52E251175D06C47CFA766C621D21CB3B1934545738F4A0E39CAFEF0FF8BAA ] C:\Program Files\Avira\AntiVir Desktop\ccwgrdrc.dll
02:59:50.0156 0x02c8  C:\Program Files\Avira\AntiVir Desktop\ccwgrdrc.dll - ok
02:59:50.0156 0x02c8  [ 561FA2ABB31DFA8FAB762145F81667C2, DF96156F6A548FD6FE5672918DE5AE4509D3C810A57BFFD2A91DE45A3ED5B23B ] C:\WINDOWS\system32\msvcp71.dll
02:59:50.0156 0x02c8  C:\WINDOWS\system32\msvcp71.dll - ok
02:59:50.0171 0x02c8  [ 7B1028A754BB63BBFC75B6A94C3F47E5, 5F95774F93217A717EBD865FEDBF3D0D2778E2E1D9AA56FF5D8D6DF845F68858 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
02:59:50.0171 0x02c8  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\clrjit.dll - ok
02:59:50.0171 0x02c8  [ AE60B4FCCB088D7EF209CEB30BADAB10, DD605952B2D73651B21ACC1604C507FDE2BB2D1399FEA8911BF0EB75C1BA96BF ] C:\Program Files\Avira\AntiVir Desktop\ccwgrdw.dll
02:59:50.0171 0x02c8  C:\Program Files\Avira\AntiVir Desktop\ccwgrdw.dll - ok
02:59:50.0171 0x02c8  [ 9619419582F6966CA6BAC03A2AD80B01, 352667D4EDD6273938D21EB1BA9B79213AF7749184219A84305B3F5B8FD1CF17 ] C:\Program Files\Avira\AntiVir Desktop\ccfwmgt.dll
02:59:50.0187 0x02c8  C:\Program Files\Avira\AntiVir Desktop\ccfwmgt.dll - ok
02:59:50.0187 0x02c8  [ 2E0B0A051FFAA86E358465BB0880D453, 493CF6150DE95B269727631D50FE21405A41E449C4FF43E94F93D27559EA5624 ] C:\WINDOWS\system32\wuauclt.exe
02:59:50.0187 0x02c8  C:\WINDOWS\system32\wuauclt.exe - ok
02:59:50.0187 0x02c8  [ 2B1DCB72784C3C100EF0751965FE214B, 3A4FD8FE0EA2A3553F154D62A1AEB5F00EA05A048000F0F2423BD33918B993E9 ] C:\Program Files\Avira\AntiVir Desktop\ccfwmgtrc.dll
02:59:50.0187 0x02c8  C:\Program Files\Avira\AntiVir Desktop\ccfwmgtrc.dll - ok
02:59:50.0203 0x02c8  [ C3B8CDFCDD480F1D666358BDA9E69C90, 345727A72D4880E54680CC2B51E798395B45BA69B2D9A88E7D767F81CA47AD65 ] C:\Program Files\Avira\AntiVir Desktop\firewall.dll
02:59:50.0203 0x02c8  C:\Program Files\Avira\AntiVir Desktop\firewall.dll - ok
02:59:50.0203 0x02c8  [ BC05DD71BAECC472C47BFD409AA95E87, D03290215668BFAED120293DCB04C8DD760C7D53543C82F83FCEB57A160C9988 ] C:\Program Files\Avira\AntiVir Desktop\ccgen.dll
02:59:50.0203 0x02c8  C:\Program Files\Avira\AntiVir Desktop\ccgen.dll - ok
02:59:50.0218 0x02c8  [ 75A383FF92B8B951D51BF7CE39FE0987, 9F8EBD7DD3381602FAA18F4FDE7F23686A1BD22B5C0552B10689CCD5A02372A9 ] C:\Program Files\Avira\AntiVir Desktop\ccgenrc.dll
02:59:50.0218 0x02c8  C:\Program Files\Avira\AntiVir Desktop\ccgenrc.dll - ok
02:59:50.0218 0x02c8  [ DB80FA4D9928438E4B3A6B723EC38677, 7C3CFA0F379715B94AC013AA2B48CEA5D16BE330A1720AED3C9CD3C95E2C5864 ] C:\Program Files\Avira\AntiVir Desktop\ccupdate.dll
02:59:50.0218 0x02c8  C:\Program Files\Avira\AntiVir Desktop\ccupdate.dll - ok
02:59:50.0234 0x02c8  [ 292391C93DB4ED32AFA250CD3A1DE4B3, 231E07BC9814A56609845E036DA3BAFCC94E59B6D643CF345CF96CB6EFB7C430 ] C:\Program Files\Avira\AntiVir Desktop\ccupdrc.dll
02:59:50.0234 0x02c8  C:\Program Files\Avira\AntiVir Desktop\ccupdrc.dll - ok
02:59:50.0234 0x02c8  [ 0033A5DEC8A5B57FD77E443DAEE368A3, 81C158D81A0D675D00BE00C8A1AD4A048E295D9C9CA440F5F6204ECD72FBF922 ] C:\Program Files\Avira\AntiVir Desktop\cclic.dll
02:59:50.0234 0x02c8  C:\Program Files\Avira\AntiVir Desktop\cclic.dll - ok
02:59:50.0250 0x02c8  [ 52D0686B70A1C96433326E3176A0AAD1, 8262B19540420289F6A8F6B7ACB8DEBC0082312E8B36170C576FBD54BD7F9527 ] C:\Program Files\Avira\AntiVir Desktop\cclicrc.dll
02:59:50.0250 0x02c8  C:\Program Files\Avira\AntiVir Desktop\cclicrc.dll - ok
02:59:50.0250 0x02c8  [ BAF751E7061FF626AA60F56D1D5D1FDC, 177B0BAC987E7882449BD7C5900406F61A997F97EA1797614C8D86F40F03648B ] C:\WINDOWS\system32\MFC71ENU.DLL
02:59:50.0250 0x02c8  C:\WINDOWS\system32\MFC71ENU.DLL - ok
02:59:50.0250 0x02c8  [ 2CFF79C2C2A1720A11DD55C43F1E13AF, 559EF55A40FBCDD4264D9B1BD250D71225470B81A9F5AA0A237CA5D1B6E39115 ] C:\Program Files\Avira\My Avira\Avira.OE.WinCore.dll
02:59:50.0250 0x02c8  C:\Program Files\Avira\My Avira\Avira.OE.WinCore.dll - ok
02:59:50.0265 0x02c8  [ 9CE62FF07004B4F0F21D526F7056A6BC, 3847E737C93954D01BF6031CFFB99B22937619BF3F7CECE090EED59CE1F4A2EF ] C:\Program Files\Avira\My Avira\Avira.OE.WinCore.Interface.dll
02:59:50.0265 0x02c8  C:\Program Files\Avira\My Avira\Avira.OE.WinCore.Interface.dll - ok
02:59:50.0265 0x02c8  [ E9488A950F5F03F5CB192A2D7CDC193D, BD81B4D4CE49303194DF046CDDE83B6355AF3BA25B06BC5CB69869BCAC8F3372 ] C:\WINDOWS\assembly\GAC\EhCM\6.0.3000.0__31bf3856ad364e35\EhCM.dll
02:59:50.0265 0x02c8  C:\WINDOWS\assembly\GAC\EhCM\6.0.3000.0__31bf3856ad364e35\EhCM.dll - ok
02:59:50.0281 0x02c8  [ 82E1FF067A74BF3EC61D1962AD9335BC, 4531C17A57F95BAB1EC4C176A3593B09114CA4264ACFC16B13528F38A61D6C1C ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\3ff4657a86a0e14b4be577969e0ec762\System.ni.dll
02:59:50.0281 0x02c8  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\3ff4657a86a0e14b4be577969e0ec762\System.ni.dll - ok
02:59:50.0296 0x02c8  [ 0CE6C863A92C3260893C41E473A5AA0C, BFFF73FF047E14B52716930CDC3218FD70A7270786B6A4E853532D29A3B0AA0D ] C:\Program Files\Avira\AntiVir Desktop\ccev.dll
02:59:50.0296 0x02c8  C:\Program Files\Avira\AntiVir Desktop\ccev.dll - ok
02:59:50.0296 0x02c8  [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{032ACF70-CB50-4635-93DA-652D71E88F43}\{03E2D164-A964-4593-8EFE-6565F0DA2723}.tmp
02:59:50.0296 0x02c8  C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{032ACF70-CB50-4635-93DA-652D71E88F43}\{03E2D164-A964-4593-8EFE-6565F0DA2723}.tmp - ok
02:59:50.0312 0x02c8  [ 79E3A8C328E7E569C32B0998377D9742, F5854956E452AD663004679BBDF8B006695B69C8962534CD243193F04F294DF3 ] C:\WINDOWS\system32\spoolss.dll
02:59:50.0312 0x02c8  C:\WINDOWS\system32\spoolss.dll - ok
02:59:50.0312 0x02c8  [ 3FCDF907B8845A56E1CE69FE4461C394, DA4EE3F9EAC84756FBDA9A7BCAEBE82D6797047904D8DB13A69D448E933D298E ] C:\Program Files\Avira\AntiVir Desktop\ccevrc.dll
02:59:50.0312 0x02c8  C:\Program Files\Avira\AntiVir Desktop\ccevrc.dll - ok
02:59:50.0328 0x02c8  [ E49D13C53D51F6E8E1FFEF175A320AD7, B2C68F99AB81A6151F3D94F9B43B54612763EC8A61123A4050FB8864B36A0221 ] C:\Program Files\HP\Digital Imaging\Unload\hpqunres.dll
02:59:50.0328 0x02c8  C:\Program Files\HP\Digital Imaging\Unload\hpqunres.dll - ok
02:59:50.0328 0x02c8  [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{032ACF70-CB50-4635-93DA-652D71E88F43}\{A216C906-0B2B-40EB-978E-5C43B0843F27}.tmp
02:59:50.0328 0x02c8  C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{032ACF70-CB50-4635-93DA-652D71E88F43}\{A216C906-0B2B-40EB-978E-5C43B0843F27}.tmp - ok
02:59:50.0343 0x02c8  [ 5677DFE438EC1F009273FC84FEED6B10, 44B62CC4D138E13C22FC29E9751CB7ED0B0C6C8897A8E6469172F8642B0527BE ] C:\WINDOWS\system32\localspl.dll
02:59:50.0343 0x02c8  C:\WINDOWS\system32\localspl.dll - ok
02:59:50.0343 0x02c8  [ 899061DD1D0EE6FC65578EEA37E5D757, 9B42108D793FBEABEB6ADC9AA12415ADEFDB8A83F813CFD564868D6C6A774CEE ] C:\Program Files\Avira\AntiVir Desktop\ccmsg.dll
02:59:50.0343 0x02c8  C:\Program Files\Avira\AntiVir Desktop\ccmsg.dll - ok
02:59:50.0359 0x02c8  [ 3FDCD4B976AF5FF4B345CB5CDBF19490, C75863FC9B96DA6F44593DF10986153EDCC0CD1CC5D556A222923D35BE144603 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\2ff57b810eb920860469184dd683cb8a\System.Drawing.ni.dll
02:59:50.0359 0x02c8  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\2ff57b810eb920860469184dd683cb8a\System.Drawing.ni.dll - ok
02:59:50.0359 0x02c8  [ A078A05616B793DDEA5A23FDD0B87DB5, FD812CAC5ED31A2A1259112E68B94B4ADCA9F8E51E71B0257809205022A86DC7 ] C:\Program Files\Avira\AntiVir Desktop\ccmsgrc.dll
02:59:50.0359 0x02c8  C:\Program Files\Avira\AntiVir Desktop\ccmsgrc.dll - ok
02:59:50.0375 0x02c8  [ 5D3D1AB0EF4EA55B731863050482C111, 8713DAA48DBC5FDF95BE993863BEE669BBB4026347DC575D72F520F423EE21BA ] C:\WINDOWS\system32\cnbjmon.dll
02:59:50.0375 0x02c8  C:\WINDOWS\system32\cnbjmon.dll - ok
02:59:50.0375 0x02c8  [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{032ACF70-CB50-4635-93DA-652D71E88F43}\{20E729ED-0C19-4040-AAEC-DC7B635B1745}.tmp
02:59:50.0375 0x02c8  C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{032ACF70-CB50-4635-93DA-652D71E88F43}\{20E729ED-0C19-4040-AAEC-DC7B635B1745}.tmp - ok
02:59:50.0390 0x02c8  [ F435FA32C12F6213B7F92C6F902BAD70, 84D9B21A661175932DD205CFC6A689B07A11A6711AE1A6FB2A13EAFCED0BACFA ] C:\Program Files\HP\Digital Imaging\bin\hpqmif08.dll
02:59:50.0390 0x02c8  C:\Program Files\HP\Digital Imaging\bin\hpqmif08.dll - ok
02:59:50.0390 0x02c8  [ E0B83ADFB16D794A0D207FE119D03182, FD3B4C09FF16C14F9153BD9C4C5CEE2FA3E6914826564CF2E38AF581F3EDF85B ] C:\WINDOWS\system32\HPTcpMon.dll
02:59:50.0390 0x02c8  C:\WINDOWS\system32\HPTcpMon.dll - ok
02:59:50.0406 0x02c8  [ 9707DC586A15BFC5F169EAFB0028ADD2, 8497C6589AC4B2EFDAD3AD76C76BE2FD7D6A21D6FB5DEC636694FDD875F18764 ] C:\WINDOWS\ehome\EhUI.dll
02:59:50.0406 0x02c8  C:\WINDOWS\ehome\EhUI.dll - ok
02:59:50.0406 0x02c8  [ B2EED4AB3DF0481FD30D5FE3A448CEA8, 26CB958E469C2FF15BE6342B7131546B6FBE3A6E73E7D05D0A068D5423C1607F ] C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\avgnt.exe\Avira.OE.ExtApi.dll
02:59:50.0406 0x02c8  C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\avgnt.exe\Avira.OE.ExtApi.dll - ok
02:59:50.0421 0x02c8  [ 16FC2C309998C6D55C182652D6A1C5B1, 37034E39F67C3D61D2492FDEB7BDDDD13B7BD74B3273271A01DD0FEDE88C9071 ] C:\WINDOWS\system32\hpzjrd01.dll
02:59:50.0421 0x02c8  C:\WINDOWS\system32\hpzjrd01.dll - ok
02:59:50.0421 0x02c8  [ D8215081E4E9E04DA33E842CFE6FE003, 611EE49393022C5E0BA470AC6602424DA95406C8598FD2D63F305EEC76253A94 ] C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\diasymreader.dll
02:59:50.0421 0x02c8  C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\diasymreader.dll - ok
02:59:50.0437 0x02c8  [ F4068F5251378E458CF3BCA9FD89FEB9, 44CF2535846A977A781224C7B27826F49831CEB57123BEFBEFE76E90532C0A98 ] C:\Program Files\Avira\AntiVir Desktop\ccmainrc.dll
02:59:50.0437 0x02c8  C:\Program Files\Avira\AntiVir Desktop\ccmainrc.dll - ok
02:59:50.0437 0x02c8  [ AEA0B0AA26E4EA377D6A12B3B5D6F90F, 41A8788F349A3697F073F273A450FEB68C67DCF163D8168C56AD3FA6D26A590F ] C:\Program Files\HP\Digital Imaging\bin\hpotradd.dll
02:59:50.0437 0x02c8  C:\Program Files\HP\Digital Imaging\bin\hpotradd.dll - ok
02:59:50.0453 0x02c8  [ 633A529EBAEB78FF0F50A5A658600EB4, 5C0F92538D9F4FC332FBC8E7F58559671BDD824882EE66BA3BAC83C16AC3FCEF ] C:\Program Files\HP\Digital Imaging\bin\hphtra08.dll
02:59:50.0453 0x02c8  C:\Program Files\HP\Digital Imaging\bin\hphtra08.dll - ok
02:59:50.0453 0x02c8  [ 5CC3838902A9257B79BD43F56D8B7275, BF2CF170CC211E49C0ACC0ED5B592600ECE03BA5D6B276585610BEAFB54C14F0 ] C:\WINDOWS\system32\HPTcpMUI.dll
02:59:50.0453 0x02c8  C:\WINDOWS\system32\HPTcpMUI.dll - ok
02:59:50.0468 0x02c8  [ 0259E1CF565EC9A75676950B404B73D3, 6602153053FF606F5DE2B587C58955CCAE221AFB6A1CAEE53AF050642923190F ] C:\WINDOWS\ehome\EhDebug.dll
02:59:50.0468 0x02c8  C:\WINDOWS\ehome\EhDebug.dll - ok
02:59:50.0468 0x02c8  [ 87FD63FEBCCA31C1104BA557C0EAF919, AFBFC86B5EC41C4BB530F1A01304501501BE84B38BD186B1A6EF5E1489A6C5F3 ] C:\WINDOWS\assembly\GAC\System.Xml\1.0.3300.0__b77a5c561934e089\System.Xml.dll
02:59:50.0468 0x02c8  C:\WINDOWS\assembly\GAC\System.Xml\1.0.3300.0__b77a5c561934e089\System.Xml.dll - ok
02:59:50.0484 0x02c8  [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{032ACF70-CB50-4635-93DA-652D71E88F43}\{BC650DF4-229C-49C4-B0D2-FE4D7B334F7E}.tmp
02:59:50.0484 0x02c8  C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{032ACF70-CB50-4635-93DA-652D71E88F43}\{BC650DF4-229C-49C4-B0D2-FE4D7B334F7E}.tmp - ok
02:59:50.0500 0x02c8  [ 5F0CE62E0831CF972EC6949FD3E37DA7, DFDD251D3FC6CDBD971F52EF0AECEC0344B57214615AA486AA9234D30A40AF60 ] C:\WINDOWS\system32\cfgmgr32.dll
02:59:50.0500 0x02c8  C:\WINDOWS\system32\cfgmgr32.dll - ok
02:59:50.0500 0x02c8  [ 2D035877D6658C12B70ED978BAF7B3EC, 96A2B817C83C99D2ED8FA45D3693D4B01E129DA63589971221E86B00954D0242 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f28df9c2988724883cf19532d7f9f151\System.Windows.Forms.ni.dll
02:59:50.0500 0x02c8  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f28df9c2988724883cf19532d7f9f151\System.Windows.Forms.ni.dll - ok
02:59:50.0515 0x02c8  [ 36247C6D5E1FE03A56EE81BB99D7E68C, 7AA08706962501FD780B86368BEC85F282A5B015C5E0AC638B6E3099521D147A ] C:\WINDOWS\system32\HPTcpMib.dll
02:59:50.0515 0x02c8  C:\WINDOWS\system32\HPTcpMib.dll - ok
02:59:50.0515 0x02c8  [ 909EFA2D854AF25D1164BD5B02065FCE, 883F9116B1A9FF546F0C60E44CFA2C68C81893700294E9A2E9A1909AF42D9522 ] C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\IadHide5.dll
02:59:50.0515 0x02c8  C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\IadHide5.dll - ok
02:59:50.0531 0x02c8  [ 1E744353BD534405187A404667DA3DC3, ACE581FBF36BD511C64E37760526F1BB7172FD5045708BA836933D8FACC4FAFA ] C:\WINDOWS\system32\mgmtapi.dll
02:59:50.0531 0x02c8  C:\WINDOWS\system32\mgmtapi.dll - ok
02:59:50.0531 0x02c8  [ 4C7CE6459461B61EAD294EAF50AF3160, 1F9FCAC98B98C1AAEA5F0F50DB95D703C9F4DB48501E5637438368382BD4B22E ] C:\Program Files\HP\Digital Imaging\bin\hpotra08.dll
02:59:50.0531 0x02c8  C:\Program Files\HP\Digital Imaging\bin\hpotra08.dll - ok
02:59:50.0531 0x02c8  [ 63E8D944AFBEEBB243F25C4ED07E74C5, 848AEE9975218939F7EB2C3548EA6AE235C54B1B2E2AF6835A034976A0CFDD28 ] C:\WINDOWS\system32\inetmib1.dll
02:59:50.0531 0x02c8  C:\WINDOWS\system32\inetmib1.dll - ok
02:59:50.0546 0x02c8  [ 277F3E3333F1D10CA428568197FCCE70, 1AC24A8817396FA4172DC6216FBF82A1F6F8F9A1A1F87D6884FF17DCCB15C3FF ] C:\WINDOWS\system32\wsnmp32.dll
02:59:50.0546 0x02c8  C:\WINDOWS\system32\wsnmp32.dll - ok
02:59:50.0562 0x02c8  [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{032ACF70-CB50-4635-93DA-652D71E88F43}\{926CF027-9C28-42FC-830F-56D84CA82109}.tmp
02:59:50.0562 0x02c8  C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\{032ACF70-CB50-4635-93DA-652D71E88F43}\{926CF027-9C28-42FC-830F-56D84CA82109}.tmp - ok
02:59:50.0562 0x02c8  [ 8779099E892C0750321741BB2038BE9F, CDB634D5ACE218199A719D365DC154AE1DD3491CF6469AED4C7B85DC8DF479E5 ] C:\Program Files\Updates from HP\9972322\Program\frext-9972322.dll
02:59:50.0562 0x02c8  C:\Program Files\Updates from HP\9972322\Program\frext-9972322.dll - ok
02:59:50.0578 0x02c8  [ 29AED649F05213A527E5F62967DBBA41, 8F987B165433308CEA2D75685ED99E5E66E11A6264BA1F2508FD609713055B4C ] C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\FrExt.dll
02:59:50.0578 0x02c8  C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\FrExt.dll - ok
02:59:50.0578 0x02c8  [ 1F7B23305F0D7CA120A3E65DEC21671F, E66618BBD95C1EF78F6BA732E3B8BFF5A7844AFA7359C8E69294251B6AB64BF1 ] C:\Program Files\HP\Digital Imaging\bin\hpotra08.rsc
02:59:50.0578 0x02c8  C:\Program Files\HP\Digital Imaging\bin\hpotra08.rsc - ok
02:59:50.0593 0x02c8  [ CF0376023360AADD55C89BA50564AFDC, C34320B40645DEA817852AAB63C76F40C18F563EB2760A9D191047A2B6C73973 ] C:\WINDOWS\system32\mdimon.dll
02:59:50.0593 0x02c8  C:\WINDOWS\system32\mdimon.dll - ok
02:59:50.0593 0x02c8  [ CC6292CA575E851E5B74BF8883AB967A, 40DB13B96395FC753C4BC70C32A1845002DDD613955589F8EE0BF7E049A43779 ] C:\WINDOWS\system32\fxsmon.dll
02:59:50.0593 0x02c8  C:\WINDOWS\system32\fxsmon.dll - ok
02:59:50.0609 0x02c8  [ 7BF64A9D0BA77D9D18F76E12DFFD67B3, AB01CF513E924FACF6ABD6E8ABD643E3138534984EE0038623F18FE328DEE0BC ] C:\Program Files\Avira\AntiVir Desktop\ccupdw.dll
02:59:50.0609 0x02c8  C:\Program Files\Avira\AntiVir Desktop\ccupdw.dll - ok
02:59:50.0609 0x02c8  [ 208AD2001AA9CF147BDD10F3D44FB3B9, 1A9F42031D74E468BE6628E9EE9A23EF7119B1D526656D766F2324D3BD2024EF ] C:\WINDOWS\assembly\NativeImages1_v1.0.3705\System.Xml\1.0.3300.0__b77a5c561934e089_70d22bfe\System.Xml.dll
02:59:50.0609 0x02c8  C:\WINDOWS\assembly\NativeImages1_v1.0.3705\System.Xml\1.0.3300.0__b77a5c561934e089_70d22bfe\System.Xml.dll - ok
02:59:50.0625 0x02c8  [ 40CB47F60854703F7A13594FE01B6486, 1EA9B25C9D9BEFE8DA20E3714412E3997ADE3A1C464D0EF91F0675F86289A599 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\d7fbfc6836ce7e53486ddb79b598ca8d\System.ServiceProcess.ni.dll
02:59:50.0625 0x02c8  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\d7fbfc6836ce7e53486ddb79b598ca8d\System.ServiceProcess.ni.dll - ok
02:59:50.0625 0x02c8  [ BDB83C844EDEC9BD01A94750D2C38DDF, B18B9E9B9EE74143153CA2479BF7FC9A5528DB4023FA085D0DA5E9B8795C7428 ] C:\WINDOWS\system32\fxsevent.dll
02:59:50.0625 0x02c8  C:\WINDOWS\system32\fxsevent.dll - ok
02:59:50.0640 0x02c8  [ 99616874F4133627E86354730F193076, BCB19AC3F6D5683BDC6F105B664F23741ED541AE8C99F7A1EEF47B1B721C1879 ] C:\Program Files\Updates from HP\9972322\Program\HPClientExt.dll
02:59:50.0640 0x02c8  C:\Program Files\Updates from HP\9972322\Program\HPClientExt.dll - ok
02:59:50.0640 0x02c8  [ B7A7F31F7CC7D20FAA21FC8A774F73E2, F3DB81F2F485DCAE732DAC2A6E740964406D7968BCFDFAAFFB87B03D4950E809 ] C:\Program Files\Avira\My Avira\en-US\Avira.OE.ServiceHost.resources.dll
02:59:50.0640 0x02c8  C:\Program Files\Avira\My Avira\en-US\Avira.OE.ServiceHost.resources.dll - ok
02:59:50.0656 0x02c8  [ 649320A12D1F1222722F39D2B232C57D, 41778048F179C3A7044880B9E083F5CCAE9AEB6E379E0F761B14440D41261119 ] C:\Program Files\Avira\My Avira\Avira.OE.Communicator.Interface.dll
02:59:50.0656 0x02c8  C:\Program Files\Avira\My Avira\Avira.OE.Communicator.Interface.dll - ok
02:59:50.0656 0x02c8  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] C:\WINDOWS\system32\ipnathlp.dll
02:59:50.0656 0x02c8  C:\WINDOWS\system32\ipnathlp.dll - ok
02:59:50.0671 0x02c8  [ 222DE7F5EDB9DDBE628384A1A8BE59CE, 063AF8C6C251961ABC93A8E8A07DB9B9582CD1812CA3BB297FAFDF0AD3E5B4CC ] C:\WINDOWS\system32\pjlmon.dll
02:59:50.0671 0x02c8  C:\WINDOWS\system32\pjlmon.dll - ok
02:59:50.0671 0x02c8  [ 2BE9F91D58F0812785B15E3325F3B05A, 5CEAAE502E42F5002DEE7BFF9CA161DEACFCCE49DF1FD3EB00F11013859F8BE7 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\768ccd38c2bf1f7045e79ac03cb679f1\System.ComponentModel.Composition.ni.dll
02:59:50.0671 0x02c8  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\768ccd38c2bf1f7045e79ac03cb679f1\System.ComponentModel.Composition.ni.dll - ok
02:59:50.0687 0x02c8  [ AE0382AD9C73D343D85E1A50C80B7C20, 7477A5A33C0ACF80BE73F0169893A7D53AF8ABC514FCE190A6ACC677092E5A55 ] C:\WINDOWS\system32\tcpmon.dll
02:59:50.0687 0x02c8  C:\WINDOWS\system32\tcpmon.dll - ok
02:59:50.0687 0x02c8  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] C:\WINDOWS\system32\wscsvc.dll
02:59:50.0687 0x02c8  C:\WINDOWS\system32\wscsvc.dll - ok
02:59:50.0703 0x02c8  [ F0BF811622F2DD6C8E26EE4600D83731, 81CFC1118551E84F5BBD2A863419529AA32DA92E5834C71DA77D13854F6CF048 ] C:\WINDOWS\system32\wbem\wbemcore.dll
02:59:50.0703 0x02c8  C:\WINDOWS\system32\wbem\wbemcore.dll - ok
02:59:50.0703 0x02c8  [ F26385E8BA4549B5186B774EC0E45D86, 0BA8CA4C06918690EA68678CA5887F1B7E2B0976C99BDFAF99CC1C99F3E300A0 ] C:\WINDOWS\system32\usbmon.dll
02:59:50.0703 0x02c8  C:\WINDOWS\system32\usbmon.dll - ok
02:59:50.0718 0x02c8  [ 19348207EADADF20555601D4513793D5, FAA05D239DD4A9E0CCC187F6A4EF10D97C6B7724577A336F8CF1390600E9EEE7 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\a2b1103ad3d9f329e0c9164994137c81\System.Core.ni.dll
02:59:50.0718 0x02c8  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\a2b1103ad3d9f329e0c9164994137c81\System.Core.ni.dll - ok
02:59:50.0718 0x02c8  [ F555BF4139A8F2BD3A832A13A3BFDC39, 5992138276C6AAD9252A072487475856A14187C584A05143356FF95C4940FFB4 ] C:\Program Files\Updates from HP\9972322\Program\NewProbe.exe
02:59:50.0718 0x02c8  C:\Program Files\Updates from HP\9972322\Program\NewProbe.exe - ok
02:59:50.0734 0x02c8  [ 8779099E892C0750321741BB2038BE9F, CDB634D5ACE218199A719D365DC154AE1DD3491CF6469AED4C7B85DC8DF479E5 ] C:\Program Files\Updates from HP\9972322\Program\frcom-9972322.dll
02:59:50.0734 0x02c8  C:\Program Files\Updates from HP\9972322\Program\frcom-9972322.dll - ok
02:59:50.0734 0x02c8  [ 58E13A2292839321D3CDC918D5A4F5AE, BC5978187A50AC886E30092904407F14B7BCFA997093989D20DB61EE6BA963E2 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
02:59:50.0734 0x02c8  C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll - ok
02:59:50.0750 0x02c8  [ C824BF0D01F7E02210097C6C935ACEDA, 9701B50491BF21E1ECBAF46A4783239D9C6E5739A5A91CA6EF8B3A2F5A8E9BC2 ] C:\Program Files\Avira\My Avira\Avira.OE.SpeedupConnector.Interface.dll
02:59:50.0750 0x02c8  C:\Program Files\Avira\My Avira\Avira.OE.SpeedupConnector.Interface.dll - ok
02:59:50.0750 0x02c8  [ 9DF35470215CC872926B470D110F1A64, E909963E512E001843EBFF8D48A319A7AC4FBB260CF402CED6193D02E6DABB52 ] C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\FrCom.dll
02:59:50.0750 0x02c8  C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\FrCom.dll - ok
02:59:50.0765 0x02c8  [ C88E90FB252E0AD644507EB1971BD1AA, C868B97BCA0B26FBA84541E88CD1F365FD727013E48BCFC0651F14F141A11061 ] C:\Program Files\Avira\AntiVir Desktop\cclicw.dll
02:59:50.0765 0x02c8  C:\Program Files\Avira\AntiVir Desktop\cclicw.dll - ok
02:59:50.0765 0x02c8  [ CBE55634554DE141125CCCE7BCADF1BB, 679252756D6AE3BFD800C0B1C0D509AE81E9469A9A50199CAEBD7A4A0CB81412 ] C:\Program Files\Avira\My Avira\Avira.OE.NativeCore.dll
02:59:50.0765 0x02c8  C:\Program Files\Avira\My Avira\Avira.OE.NativeCore.dll - ok
02:59:50.0781 0x02c8  [ 034CCADC1C073E4216E9466B720F9849, 86E39B5995AF0E042FCDAA85FE2AEFD7C9DDC7AD65E6327BD5E7058BC3AB615F ] C:\WINDOWS\system32\msvcr120.dll
02:59:50.0781 0x02c8  C:\WINDOWS\system32\msvcr120.dll - ok
02:59:50.0796 0x02c8  [ EEE7F12D9FF46F68FBC0DA059A359E9E, 1D0D5AC87ACDF3F041D9C31A92BFE7B1B81CBAD81F8F7CE8183FC3F61CAFF8CC ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
02:59:50.0796 0x02c8  C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
02:59:50.0796 0x02c8  [ E4616430709F440CF1809D88DC2366EA, C2CBC0A21A892FD8341E5A29E7164172340E07A75A5D54493036156D907AEAE7 ] C:\WINDOWS\system32\wbem\esscli.dll
02:59:50.0796 0x02c8  C:\WINDOWS\system32\wbem\esscli.dll - ok
02:59:50.0812 0x02c8  [ A4AA09635D43634ACF690826382CC28C, 35309979ACDF47D6617FF6C6C5622DA927856666791E84F135AF80A7FB06D5AF ] C:\Program Files\HP\Digital Imaging\bin\HpqUtil.dll
02:59:50.0812 0x02c8  C:\Program Files\HP\Digital Imaging\bin\HpqUtil.dll - ok
02:59:50.0812 0x02c8  [ 378A0AEFB11D8B0DC8C27B9F7604B88D, D0D6863FCE412B75B9B5FC38EA923759201E7193ED40CFBAA674630E2DE56FD3 ] C:\WINDOWS\system32\wbem\fastprox.dll
02:59:50.0812 0x02c8  C:\WINDOWS\system32\wbem\fastprox.dll - ok
02:59:50.0828 0x02c8  [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C, 7123FC923BA4C3DD3EDFE9F8936442C4CCE7757D370AB799B0B5668223B965EE ] C:\WINDOWS\system32\win32spl.dll
02:59:50.0828 0x02c8  C:\WINDOWS\system32\win32spl.dll - ok
02:59:50.0828 0x02c8  [ 3550DFA6FFFBD7604DABB28DF4ABF096, BABCA3DC67EDFD97B255D6FF34F9FBE1C06CADDF279F16ED09A368A4EDC3C60F ] C:\WINDOWS\ehome\custsat.dll
02:59:50.0828 0x02c8  C:\WINDOWS\ehome\custsat.dll - ok
02:59:50.0843 0x02c8  [ 30DA5EED5F64C875FDAF9E0283F654C9, 255645F67CA433118507D4B3DF426645D587DB7A5CA4D6D226C0A62A3CDF84DD ] C:\WINDOWS\assembly\GAC\BDATunePIA\6.0.3000.0__31bf3856ad364e35\bdatunepia.dll
02:59:50.0843 0x02c8  C:\WINDOWS\assembly\GAC\BDATunePIA\6.0.3000.0__31bf3856ad364e35\bdatunepia.dll - ok
02:59:50.0843 0x02c8  [ A00885BFA65E4B1A77C6211488EB57B9, B6BFCE2DF5B37AF69F3D360A1D916F09A6E94AA7E10DB297D7E35FFE7E61E9AD ] C:\PROGRA~1\UPDATE~1\9972322\632~1.116\Program\EN\frcomRc.dll
02:59:50.0843 0x02c8  C:\PROGRA~1\UPDATE~1\9972322\632~1.116\Program\EN\frcomRc.dll - ok
02:59:50.0859 0x02c8  [ 7F86A0C11A59B94E134C71DF6C5528BF, 17579D7E478CE3F6D0133B728D0E9CD14EC20A75D1143C8F65466D0F80A266C9 ] C:\WINDOWS\assembly\GAC\System.Data\1.0.3300.0__b77a5c561934e089\System.Data.dll
02:59:50.0859 0x02c8  C:\WINDOWS\assembly\GAC\System.Data\1.0.3300.0__b77a5c561934e089\System.Data.dll - ok
02:59:50.0859 0x02c8  [ FD5CABBE52272BD76007B68186EBAF00, 87C42CA155473E4E71857D03497C8CBC28FA8FF7F2C8D72E8A1F39B71078F608 ] C:\WINDOWS\system32\msvcp120.dll
02:59:50.0859 0x02c8  C:\WINDOWS\system32\msvcp120.dll - ok
02:59:50.0875 0x02c8  [ 010472D0AE758227C6F6E6933549C219, 4082365231756E2889BD9A19EEFA27665B9902F8C8BC376C70DC3AA80AEA541B ] C:\WINDOWS\system32\wbem\wbemsvc.dll
02:59:50.0875 0x02c8  C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
02:59:50.0875 0x02c8  [ 3273D1565BF30225C115B480A3BB2C9D, DF802F845EFEE506A0D3CA1EA9AEE1EDE73BCC02F2B64EDFACE0BBEFCF965455 ] C:\WINDOWS\system32\wbem\wmiutils.dll
02:59:50.0875 0x02c8  C:\WINDOWS\system32\wbem\wmiutils.dll - ok
02:59:50.0890 0x02c8  [ EE4C651A217B01D636B5364AC77DA892, E40C7DD39234673A3BA8FD87C189653C391E326ECB3E8011B5020BB9D78F56D0 ] C:\WINDOWS\system32\inetpp.dll
02:59:50.0890 0x02c8  C:\WINDOWS\system32\inetpp.dll - ok
02:59:50.0890 0x02c8  [ 942A17D2901A31EA68627CBFFCD268CC, C75E1C03929E16EDDBACFC37BD6C40E941F9D99E3E40ED3A07238343342685BD ] C:\WINDOWS\system32\wbem\repdrvfs.dll
02:59:50.0890 0x02c8  C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
02:59:50.0906 0x02c8  [ 071143F687B4F887E21461CA6CC7EB29, 92C849517F985F19926E6425CD99E21029E1CA14FC92C9E40091DC79D4A723F2 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
02:59:50.0906 0x02c8  C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
02:59:50.0906 0x02c8  [ A490EDE46A746E14AE6876021B6D4269, 3388A436AD9A6FFCDE57107E8DABF99639DED3434E60F18AE389509866048A62 ] C:\Program Files\HP\Digital Imaging\bin\hpodvd09.dll
02:59:50.0906 0x02c8  C:\Program Files\HP\Digital Imaging\bin\hpodvd09.dll - ok
02:59:50.0921 0x02c8  [ A59EA0E44025102A16CA138ED31F0344, 8AC8FB2801742CE18C794F78643E15BA0046DD267C848E0F586FEA1E75DE298F ] C:\Program Files\Avira\My Avira\Avira.OE.MiniGui.dll
02:59:50.0921 0x02c8  C:\Program Files\Avira\My Avira\Avira.OE.MiniGui.dll - ok
02:59:50.0921 0x02c8  [ 73D67A7F55A6438F10E35F16D47ABA29, 9FFBF5942BF05FC1C81B052EE691526D7F046BFA56AC8218C9DA907EA8DFE829 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\21071fcc838660d96f10920c4c3cd206\System.Xml.ni.dll
02:59:50.0921 0x02c8  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\21071fcc838660d96f10920c4c3cd206\System.Xml.ni.dll - ok
02:59:50.0937 0x02c8  [ 6BDA568A2AED0F84C717B5649F70C91C, 5915A213EFFE7B9D5134577281011EC04E2E9219A15B3617673B7DA2FD6116CF ] C:\Program Files\HP\Digital Imaging\bin\hpoddcomm09.dll
02:59:50.0937 0x02c8  C:\Program Files\HP\Digital Imaging\bin\hpoddcomm09.dll - ok
02:59:50.0937 0x02c8  [ 26D881D27CBE51D3614E68D7313EA026, BC84CFD5F382F6D844815065118793950E922B8FB52944E337DAA62874C103A3 ] C:\WINDOWS\system32\wbem\wbemess.dll
02:59:50.0937 0x02c8  C:\WINDOWS\system32\wbem\wbemess.dll - ok
02:59:50.0953 0x02c8  [ 1A617835452EEE5060976C9B9F5FE635, DCCAAB049681BE876B73F0880EA32196CDA7EC954D452768A48D366096C5BD53 ] C:\WINDOWS\system32\wuapi.dll
02:59:50.0953 0x02c8  C:\WINDOWS\system32\wuapi.dll - ok
02:59:50.0953 0x02c8  [ F4AC4B6C372B934B09CC68EBFC8EB2E5, 2C00E6CDA8F0E33A27E07E8A81C68A9C17A0D8A22088CFD25CA17613F6CA9D13 ] C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.3300.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
02:59:50.0953 0x02c8  C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.3300.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll - ok
02:59:50.0968 0x02c8  [ 326A73F82BCEC1D01F8D25C69C297245, AC2F5003BFD507D97836E8B2DA2034C087DC6C437167FAD642A41DEF2C98B00E ] C:\WINDOWS\ehome\ehproxy.dll
02:59:50.0968 0x02c8  C:\WINDOWS\ehome\ehproxy.dll - ok
02:59:50.0968 0x02c8  [ 4CE7F2EF945165FD681141EF6EA7B8C4, 2B7A1CCA5F1D4A1FC37C6F55421AA19D84C332A0CC4195DB0A7FFD4AB6C02272 ] C:\Program Files\Avira\My Avira\ServiceStack.Text.dll
02:59:50.0968 0x02c8  C:\Program Files\Avira\My Avira\ServiceStack.Text.dll - ok
02:59:50.0984 0x02c8  [ 8FBAABF97CCFC1264A0532C21CDC9AC9, E0ABAEACB5B5AEEC0FD43F9A739A1EAA29B59366A426EB1EF32C1B1ACDA2980F ] C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.3300.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll
02:59:50.0984 0x02c8  C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.3300.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll - ok
02:59:50.0984 0x02c8  [ D26451B540720A7313A9BCBE794DAF62, 255B3594876F9D9222760A53D1119E73D3BA4E4766C9DFAD63DCB180C5F33846 ] C:\WINDOWS\system32\wbem\ncprov.dll
02:59:50.0984 0x02c8  C:\WINDOWS\system32\wbem\ncprov.dll - ok
02:59:51.0000 0x02c8  [ 7FD5DA8145C09858AC201D4A29DF242D, 66062F2FA8282D49EC824FC1FA55B6D86B112FC5893BC234C126A6480E425A7F ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\363b05dd092178671e56531a9c4999b6\System.Configuration.ni.dll
02:59:51.0000 0x02c8  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\363b05dd092178671e56531a9c4999b6\System.Configuration.ni.dll - ok
02:59:51.0000 0x02c8  [ D1B44B09F6D8D0E5E84B9F2D5DEE6F7E, 897323721FC188A0E64C797DA07FE8AD41A34075123597DBFA4D91BC77D0F2F5 ] C:\Program Files\Avira\My Avira\Avira.OE.Communicator.dll
02:59:51.0000 0x02c8  C:\Program Files\Avira\My Avira\Avira.OE.Communicator.dll - ok
02:59:51.0015 0x02c8  [ 548356D4FBC3867AE515A905B5C33843, F7E592878D466ECF21D09D83CC46E31C67235452136F4CCA648FB11AA820F85D ] C:\Program Files\Avira\My Avira\Avira.OE.AvConnector.dll
02:59:51.0015 0x02c8  C:\Program Files\Avira\My Avira\Avira.OE.AvConnector.dll - ok
02:59:51.0015 0x02c8  [ B32AFBDAAC10F333B430354531861359, 3176AE55759BF644E40E3D17CF26B98CDC04DFFCED0EB407BD5D4FFB46558B0E ] C:\Program Files\Avira\My Avira\Avira.OE.BrowserExtensionConnector.dll
02:59:51.0015 0x02c8  C:\Program Files\Avira\My Avira\Avira.OE.BrowserExtensionConnector.dll - ok
02:59:51.0031 0x02c8  [ 741A23FFED3591E327C7FD749833D1C6, 8B485283FEA043CB8D3C4F3FA5FA5843781FA3A302189F969796CBE1C9A31044 ] C:\Program Files\Avira\My Avira\Avira.OE.DropboxConnector.dll
02:59:51.0031 0x02c8  C:\Program Files\Avira\My Avira\Avira.OE.DropboxConnector.dll - ok
02:59:51.0031 0x02c8  [ 067CE63E7E49C8C54F6E749E6AAA9F1A, 25CD96BD389E4A900CE9D047153DFF4845AAA3792C6A9C6479376249A5FABFD0 ] C:\Program Files\Avira\My Avira\Avira.OE.SpeedupConnector.dll
02:59:51.0031 0x02c8  C:\Program Files\Avira\My Avira\Avira.OE.SpeedupConnector.dll - ok
02:59:51.0046 0x02c8  [ 58588EAA2CA3F5F81304A64CF3564225, F81B4FF15842A628D1F52927643873047C5B6B51346919C5D6453869D53C38F5 ] C:\Program Files\Avira\My Avira\WebSocket4Net.dll
02:59:51.0046 0x02c8  C:\Program Files\Avira\My Avira\WebSocket4Net.dll - ok
02:59:51.0046 0x02c8  [ 77D17E48F4999EC725C37A83CF80F498, 4A46D1708449E8540DAB10700359D2EC38EB2C38608F589E9A316EE9939B1254 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\7c73ac0ffec7d226ca3dac70df184f18\System.ServiceModel.ni.dll
02:59:51.0046 0x02c8  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\7c73ac0ffec7d226ca3dac70df184f18\System.ServiceModel.ni.dll - ok
02:59:51.0062 0x02c8  [ 7B0812AC9F9104230774152C2EC2BE63, 68CE323323D0D01502786E207BECAF5FAABE927339A9D0F0F863B1443A59B5C2 ] C:\Program Files\Avira\My Avira\Avira.OE.AvConnector.Interface.dll
02:59:51.0062 0x02c8  C:\Program Files\Avira\My Avira\Avira.OE.AvConnector.Interface.dll - ok
02:59:51.0062 0x02c8  [ 7A114BF6C0D6B163B77508378373F3D8, F87A6928E09B544E14F54E52CA93DD62CA926E6A78431C6B172BA732074E811A ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\9db486997d651f0646a089ff6cfb605e\System.Runtime.Serialization.ni.dll
02:59:51.0062 0x02c8  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\9db486997d651f0646a089ff6cfb605e\System.Runtime.Serialization.ni.dll - ok
02:59:51.0078 0x02c8  [ B80A7EF1A81EBE75356EB6DD28F0C495, 429E44A166A920D33616549BABB0921E5EC175748F7C9A459CA094C61889048A ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\ba4bc24df463a622c0e918d8c49672ed\SMDiagnostics.ni.dll
02:59:51.0078 0x02c8  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\ba4bc24df463a622c0e918d8c49672ed\SMDiagnostics.ni.dll - ok
02:59:51.0093 0x02c8  [ 0BAC2D0E37475652B94DCE79BAD2D5D7, BAC5D019927E9F3AF1C310083E0725AEE72584C88F5348558328F9A0587312D3 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\f56869ede7c0fddb751c39e050dd62a8\System.Runtime.DurableInstancing.ni.dll
02:59:51.0093 0x02c8  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\f56869ede7c0fddb751c39e050dd62a8\System.Runtime.DurableInstancing.ni.dll - ok
02:59:51.0093 0x02c8  [ B7B6925569F579D109D2FE5D2CB758C2, 3FBEF512D14002E189FD911D1C2E86B4F0F66C69880132630F77890D07345538 ] C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
02:59:51.0093 0x02c8  C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll - ok
02:59:51.0109 0x02c8  [ 3724A9C6025168FD53C6B5A385D6DE08, 8D2025890275BF647BE2038EDEE973A99EB950E01C24E099B079A6AAAB69500E ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\c3a03bb69e38f5ed9ebce72d48a722ef\System.Transactions.ni.dll
02:59:51.0109 0x02c8  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\c3a03bb69e38f5ed9ebce72d48a722ef\System.Transactions.ni.dll - ok
02:59:51.0125 0x02c8  [ 58EC3C662CBB3318A53B7E817FC7B751, 0F61430065E6B19E0F639691057E350A1E11932568BB9EDE0C3F7C410F0061B5 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\a0204aa75b8665f3c674ff18eebbf13f\System.IdentityModel.ni.dll
02:59:51.0125 0x02c8  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\a0204aa75b8665f3c674ff18eebbf13f\System.IdentityModel.ni.dll - ok
02:59:51.0125 0x02c8  [ 41962D5E18E9874390BC1F074571A6BB, 2015A691432CE09EB8A4C9D2C1FE95BFF4AF8A0702F3F2925068A54D416512B5 ] C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
02:59:51.0125 0x02c8  C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll - ok
02:59:51.0140 0x02c8  [ DAA19F5ECE17866DEE20A1693B5C96E7, 0ABEE3CE9253AD3B5FEB9FED5D3254893327F57CE3A903348F822A7743A4B40E ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\ff4ecc058f27a9c36136e5d38e43fb59\WindowsBase.ni.dll
02:59:51.0140 0x02c8  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\ff4ecc058f27a9c36136e5d38e43fb59\WindowsBase.ni.dll - ok
02:59:51.0156 0x02c8  [ 8AE3AE43DA1A8CB8DFD2169F57B88868, 31822C386A57009439E6C770EA7554898850B33C9C2C71887861070125F8D483 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\04326608ac9ad05c2a1e8bd46a068a91\System.Xaml.ni.dll
02:59:51.0156 0x02c8  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\04326608ac9ad05c2a1e8bd46a068a91\System.Xaml.ni.dll - ok
02:59:51.0156 0x02c8  [ 34058FAF01E261BEBF11D63CC14BC7BA, D601363FD4C3F35588162E932C68C2BEC3013C21ECA16DDD2719F9E633CCD80E ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\8a6f500c40e3fa7da71110af6c0a60ac\System.Xml.Linq.ni.dll
02:59:51.0156 0x02c8  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\8a6f500c40e3fa7da71110af6c0a60ac\System.Xml.Linq.ni.dll - ok
02:59:51.0171 0x02c8  [ 3C9420A013661B401791494CB9C7AF91, F5CE37262FC9DA3AA595F5C969CED7626528348F556C18F943EEC325BB0A0746 ] C:\Program Files\Avira\My Avira\NLog.dll
02:59:51.0171 0x02c8  C:\Program Files\Avira\My Avira\NLog.dll - ok
02:59:51.0171 0x02c8  [ FD435DF8C9CA7A49CCBF7CD2F7627739, DF14C28FAABFF86C3670275D8E7ACFE31F4EE7AB5A491AF6D783AB1DDA86A83E ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\diasymreader.dll
02:59:51.0171 0x02c8  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\diasymreader.dll - ok
02:59:51.0187 0x02c8  [ 7C359500407DD393A276010AB778D5AF, A4009288982E4C30D22B544167F72DB882E34F0FDA7D4061B2C02C84688C0ED1 ] C:\Program Files\Avira\My Avira\Ionic.Zip.Reduced.dll
02:59:51.0187 0x02c8  C:\Program Files\Avira\My Avira\Ionic.Zip.Reduced.dll - ok
02:59:51.0187 0x02c8  [ 511C9E3DD98B1A403AAB8F2DBDCB667C, D3D706A050EDD84D6F5E6FF83260B844C8B5AE3D9D164D120EC942634072189E ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\97586cdb698c29ba95fd83e44a0c0ca6\System.Data.ni.dll
02:59:51.0187 0x02c8  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\97586cdb698c29ba95fd83e44a0c0ca6\System.Data.ni.dll - ok
02:59:51.0203 0x02c8  [ 621B8A1AA85635B59837F44D853B5859, EF551EA35FFD476334F9D798BB7C52BD1A7FC213059E1C13DF7CB60717277D81 ] C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
02:59:51.0203 0x02c8  C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll - ok
02:59:51.0203 0x02c8  [ 03A02D5A2D50198BDF6C62AF209438D0, 7A2577BB31B937436689EB8E3F415F71D3744209EFFC110C9B12C42025F36C88 ] C:\WINDOWS\system32\msxml3.dll
02:59:51.0203 0x02c8  C:\WINDOWS\system32\msxml3.dll - ok
02:59:51.0203 0x02c8  [ CD667A979896D2132600671E942F5F2C, EC2D1CC59C918747F8A0CC2BD30E917DD69BBBF1E6CA4E3262B3FE26C28F92A8 ] C:\Program Files\Java\jre7\bin\awt.dll
02:59:51.0203 0x02c8  C:\Program Files\Java\jre7\bin\awt.dll - ok
02:59:51.0218 0x02c8  [ 798A9E6828997EEF4517ADA8A2259831, 64389FAD94D54E2D43A7292AD3C57CB16F90F2C80EA44099E02D11E19E390A5B ] C:\WINDOWS\system32\wbem\wmiprvse.exe
02:59:51.0218 0x02c8  C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
02:59:51.0218 0x02c8  [ E837FDBB92E9873E538395B623F45462, E00D9F1471D9BDE7E53A5F8359B6F3B1606A432D4E94AB6B2A6898AB48E6751B ] C:\WINDOWS\system32\wbem\cimwin32.dll
02:59:51.0218 0x02c8  C:\WINDOWS\system32\wbem\cimwin32.dll - ok
02:59:51.0234 0x02c8  [ C02EB0470874DA54DEAB41CD2F210360, D3D40456A474433484504684057D2CACC701304266CAFC233EB76974438793C3 ] C:\Program Files\Java\jre7\bin\client\jvm.dll
02:59:51.0234 0x02c8  C:\Program Files\Java\jre7\bin\client\jvm.dll - ok
02:59:51.0234 0x02c8  [ 4306FA2F1099D7C606139255FDB62B19, 75A0A99B9D8B0E2B39A8093F72DC283D5F2D56FB731C2BA193579DCE916030A0 ] C:\WINDOWS\system32\wbem\framedyn.dll
02:59:51.0234 0x02c8  C:\WINDOWS\system32\wbem\framedyn.dll - ok
02:59:51.0250 0x02c8  [ 8BCD11D38FCE43A519246A91CC40DE6A, 981EE4B29FDE6DB58FAA17BCCA66DB8143D693D91A00B7519F01ABBAE11AA580 ] C:\WINDOWS\system32\security.dll
02:59:51.0250 0x02c8  C:\WINDOWS\system32\security.dll - ok
02:59:51.0250 0x02c8  [ C730F70351D950DDA7388C9A9763CF54, 7A9D265E4D2F76EF131D01C2EE1CDC19A8E5FDCAF97649CC562E8114B92D411F ] C:\WINDOWS\system32\wbem\wmipcima.dll
02:59:51.0250 0x02c8  C:\WINDOWS\system32\wbem\wmipcima.dll - ok
02:59:51.0250 0x02c8  [ FB8C856098127274DA7D62BCB952E6D6, 62C2730DFC94DA237D1EC6774E1FDAE4B9B7806C4A662EF0A3D38DA585387CBC ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\ed36e9ff00f2fb0f33f1c08b20a7afc0\PresentationCore.ni.dll
02:59:51.0250 0x02c8  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\ed36e9ff00f2fb0f33f1c08b20a7afc0\PresentationCore.ni.dll - ok
02:59:51.0265 0x02c8  [ FD0C6E6875A39D92CDB724D72063239F, FDD58C7C3AB42659E8DCA6DE0FCDF643576F7E9809CE26C72B25871476F16869 ] C:\Program Files\Avira\AntiVir Desktop\ipmgui.exe
02:59:51.0265 0x02c8  C:\Program Files\Avira\AntiVir Desktop\ipmgui.exe - ok
02:59:51.0265 0x02c8  [ 5A8E58DA60D51EBFD90D3C142AF7E333, 59CE58E55BBB15E36170C19E0D7560EFAA8EA85F8F3A4AED8720AA19BF9CC8EB ] C:\Program Files\Avira\AntiVir Desktop\avpref.dll
02:59:51.0265 0x02c8  C:\Program Files\Avira\AntiVir Desktop\avpref.dll - ok
02:59:51.0281 0x02c8  [ B5EBB67B678C1A758C00A169ECFC3745, F26AC8DB94AC8726B7CFA1B797449DF4C33BECBAEF4B75AFA8B3771432B71283 ] C:\Program Files\Java\jre7\bin\dcpr.dll
02:59:51.0281 0x02c8  C:\Program Files\Java\jre7\bin\dcpr.dll - ok
02:59:51.0281 0x02c8  [ 9C940E4137E4D3E5E9871417F922D96B, 860455DC7F62E8D64CAD9A96AFEE282D95F57171F7299551CD54624D973200D9 ] C:\Program Files\Java\jre7\bin\deploy.dll
02:59:51.0281 0x02c8  C:\Program Files\Java\jre7\bin\deploy.dll - ok
02:59:51.0296 0x02c8  [ 3DB2624CCB1663BF6D62311B2B9E7B55, 1E00FE8432E0E2039409823081D627A889B5A281096E7304169F2C44B2D8A463 ] C:\WINDOWS\system32\mshtml.dll
02:59:51.0296 0x02c8  C:\WINDOWS\system32\mshtml.dll - ok
02:59:51.0296 0x02c8  [ 616EBFF22431F056921F9F7D53749596, 77A2891899F344D0EE30CD1EC82036C60BDE0D35D059E574A05273307AD65CC8 ] C:\Program Files\Java\jre7\bin\fontmanager.dll
02:59:51.0296 0x02c8  C:\Program Files\Java\jre7\bin\fontmanager.dll - ok
02:59:51.0312 0x02c8  [ 69AE0D400F5E800F8DBFF15E3629DE41, 26DCDDE57A6A577F3D660ADBDBDE5DEF598CFBB441B96512EB3F056DD1D3F1E7 ] C:\Program Files\Java\jre7\bin\java.dll
02:59:51.0312 0x02c8  C:\Program Files\Java\jre7\bin\java.dll - ok
02:59:51.0312 0x02c8  [ 3BDEB17FE6390BFF1BF3A2D964DE8E48, 8DE8334B8A735DB08650936B83D4D44BE7E4BE9256CBB06EFB0654C8736C4D98 ] C:\Program Files\Java\jre7\bin\javaw.exe
02:59:51.0312 0x02c8  C:\Program Files\Java\jre7\bin\javaw.exe - ok
02:59:51.0328 0x02c8  [ 588F692E921C21B9EB7BE4A0A715835E, BC2859E33CB4378D898C5BC2C40053DDF0EC38DB33C7DBAF3D353F5747AF9E7E ] C:\Program Files\Java\jre7\bin\jp2native.dll
02:59:51.0328 0x02c8  C:\Program Files\Java\jre7\bin\jp2native.dll - ok
02:59:51.0328 0x02c8  [ 041ADE9D795E632E750EC283C5098F35, BF845F00B206912CFF884D47FFF4F44D5790513AB91C814DFFDD9D5C99353762 ] C:\Program Files\Java\jre7\bin\jpeg.dll
02:59:51.0328 0x02c8  C:\Program Files\Java\jre7\bin\jpeg.dll - ok
02:59:51.0343 0x02c8  [ 3D91F8F9601B904AAAF18E02FDB9FEB7, 64E77402FB68D95A9897A9ABAC400A3936D28B1B11DF1EDB534B7835517C76A6 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\b72152b4330e2f009a868aa16c47acb4\PresentationFramework.ni.dll
02:59:51.0343 0x02c8  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\b72152b4330e2f009a868aa16c47acb4\PresentationFramework.ni.dll - ok
02:59:51.0343 0x02c8  [ D9521C7CD91ED1AF0143586EF33975ED, 5BF23E0298F350462D68E1F2CD0B481A46BF25BCF9E5FAA925AAB3202A580712 ] C:\Program Files\Java\jre7\bin\net.dll
02:59:51.0343 0x02c8  C:\Program Files\Java\jre7\bin\net.dll - ok
02:59:51.0359 0x02c8  [ 6338FE3E849FFCFC6C15BF6569171FE1, FEA4A997088AF49A9F182F81ACB0F98A378364B8D7B2F8C7DE9A2F4A63F4943B ] C:\Program Files\Java\jre7\bin\nio.dll
02:59:51.0359 0x02c8  C:\Program Files\Java\jre7\bin\nio.dll - ok
02:59:51.0359 0x02c8  [ CBA0BCC020D0B33DE309B67DB76EA9BC, B2FE64B76381AFE116FAD714F0311EF57BE5C960043A8424F6B4678CFF4317A0 ] C:\Program Files\Java\jre7\bin\verify.dll
02:59:51.0359 0x02c8  C:\Program Files\Java\jre7\bin\verify.dll - ok
02:59:51.0375 0x02c8  [ 1DB98EC1A4B66B67B98E0E2BCC983AFC, 46EE6C0954BF4A68813DF4D0C4AA327A276B7B1DBCF45E430CF75D81E89979C1 ] C:\Program Files\Java\jre7\bin\zip.dll
02:59:51.0375 0x02c8  C:\Program Files\Java\jre7\bin\zip.dll - ok
02:59:51.0375 0x02c8  [ 2ACCD352451EC0F99AF2AD9DB6DB4439, 7EFFA9D4561674633B2FFB35F629947B061AFE5DA756DA6D02E0584FCE221445 ] C:\WINDOWS\system32\msls31.dll
02:59:51.0375 0x02c8  C:\WINDOWS\system32\msls31.dll - ok
02:59:51.0390 0x02c8  [ 77412987604826766E22B051AFCF8EAE, D0B3F70E53B9EEBF4875B76DD220CD8CE9A9EBED4838194E22EDF7151B3A67B3 ] C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
02:59:51.0390 0x02c8  C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll - ok
02:59:51.0390 0x02c8  [ EBC6332093AEC6A4FBF2C3919D03877A, 00E956496A62D295160CE976B044B29AD3053B47ED0B21BFFE6A1106DB2C740D ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\wpftxt_v0400.dll
02:59:51.0390 0x02c8  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\wpftxt_v0400.dll - ok
02:59:51.0406 0x02c8  [ 56D16A44691C0337DD0EF3F3008A9977, 37B9CE5CC4764B036BA9615D5DAD307F138ABAC6150DC67B2128D6D706B67798 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll
02:59:51.0406 0x02c8  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll - ok
02:59:51.0406 0x02c8  [ 9383D302F0D95DB0802308CF250727F3, 6A1CD75C5654DB0A0BD1C019522B8D27AF08C19590A809C1454B909C5E6B5039 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationNative_v0400.dll
02:59:51.0406 0x02c8  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationNative_v0400.dll - ok
02:59:51.0421 0x02c8  [ 6435F85300DF990477B7AB48CEFA2D5B, 4FB504025937A44EBD511B5753B6C23B2B43D878720643DE705047975F0D51CE ] C:\Program Files\Avira\My Avira\en-US\Avira.OE.MiniGui.resources.dll
02:59:51.0421 0x02c8  C:\Program Files\Avira\My Avira\en-US\Avira.OE.MiniGui.resources.dll - ok
02:59:51.0421 0x02c8  [ 5F63E2B2A72E1E6448123E0920D31530, 46934E1710AB5A9B66204721904A3AE856B40F5B84E0E268B4A410C26C7FAA95 ] C:\WINDOWS\system32\windowscodecs.dll
02:59:51.0421 0x02c8  C:\WINDOWS\system32\windowscodecs.dll - ok
02:59:51.0437 0x02c8  [ E8C66B9AD5EBD72D1A1CB63B33D79007, DD62B27D9C1116D5731CDAF100EF08049B9E35588D160258F5C50068CE1A8D6E ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\3d105e94140b8c742ed50a2c6194394c\System.Data.Linq.ni.dll
02:59:51.0437 0x02c8  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\3d105e94140b8c742ed50a2c6194394c\System.Data.Linq.ni.dll - ok
02:59:51.0453 0x02c8  [ 05B1B94698939457571E4DCF96EDDF9B, B6A3462F92CA2F3FDAD2BC73B023D551F1BAFA0C15A3B1B44BDEF237974AB49B ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\47a2b7b2fa872de3078d49d0a4c10cb2\System.EnterpriseServices.ni.dll
02:59:51.0453 0x02c8  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\47a2b7b2fa872de3078d49d0a4c10cb2\System.EnterpriseServices.ni.dll - ok
02:59:51.0453 0x02c8  [ 96D9AF9B3806A79C8A4F79A7EB050CA4, A9168D30E66765B628E9D0C869029EA80DCD5356C85D9F2B5A620B89C030D713 ] C:\Program Files\Avira\My Avira\WPFToolkit.dll
02:59:51.0453 0x02c8  C:\Program Files\Avira\My Avira\WPFToolkit.dll - ok
02:59:51.0468 0x02c8  [ C755E17BAC396F9A9F468320B3F6CF46, 38A8205B3C8CBF2B06FD131AF95A37E2C7E1931486F267826C5E288E14EC129A ] C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.Wrapper.dll
02:59:51.0468 0x02c8  C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.Wrapper.dll - ok
02:59:51.0468 0x02c8  [ 8D1176CB888CDAF443074D6F30E2FE96, 42174DD5F6218868BB7FB1926312A51F5B90DFFEE3F3E25CC8B57958A123FE2C ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\47a2b7b2fa872de3078d49d0a4c10cb2\System.EnterpriseServices.Wrapper.dll
02:59:51.0468 0x02c8  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\47a2b7b2fa872de3078d49d0a4c10cb2\System.EnterpriseServices.Wrapper.dll - ok
02:59:51.0484 0x02c8  [ A3DCF53B75C9D6AFF4165886DF56C776, 900099647E69E0296CA69A6783378D539A0037587CC6A46AE550125C832456F9 ] C:\Program Files\Avira\AntiVir Desktop\avbb.dll
02:59:51.0484 0x02c8  C:\Program Files\Avira\AntiVir Desktop\avbb.dll - ok
02:59:51.0484 0x02c8  [ E47257719C4355159C6BE9B3E5DC7528, E3B51291D32436A296E9A016AD7E934D820247BEAAE8B19C5A93CB37ED7CC992 ] C:\Program Files\Avira\AntiVir Desktop\gpavgio.dll
02:59:51.0484 0x02c8  C:\Program Files\Avira\AntiVir Desktop\gpavgio.dll - ok
02:59:51.0500 0x02c8  [ E94353D4663BED26F41E01EC5D596D6F, 5485EFB42526294D2536190D9B518CB281E068B40FB289370F48DF2731151AA7 ] C:\Program Files\Avira\AntiVir Desktop\avgio.dll
02:59:51.0500 0x02c8  C:\Program Files\Avira\AntiVir Desktop\avgio.dll - ok
02:59:51.0500 0x02c8  [ 5D43C9A33F18C707BA169AFDA88BDF30, 6796891360B4731B4F165300BD9FAC9A2A4C54E8CFF86DEC8036D3765AE4D9A3 ] C:\WINDOWS\system32\fltlib.dll
02:59:51.0500 0x02c8  C:\WINDOWS\system32\fltlib.dll - ok
02:59:51.0500 0x02c8  [ B1DCE0CB065C6CCDBC95ED4DD5D64E43, D8E5D91D0E8196A1A8682189A8A7AD1F51D8FCF3FA4A91AA6895B0686CFEB1A5 ] C:\Program Files\Avira\AntiVir Desktop\avesvc.dll
02:59:51.0500 0x02c8  C:\Program Files\Avira\AntiVir Desktop\avesvc.dll - ok
02:59:51.0515 0x02c8  [ 97F482E60B6489FDEB720A4407E192A0, E37D9104CA9286D71F211BF82B596B0C781FE57FDF8A2FC94613F5717B7DDDC5 ] C:\Program Files\Avira\AntiVir Desktop\gpsauth.dll
02:59:51.0515 0x02c8  C:\Program Files\Avira\AntiVir Desktop\gpsauth.dll - ok
02:59:51.0515 0x02c8  [ B8C0469973075542FE4B221B260D6C41, EA70738A8F5FC111BB7C4F5C1FF0B454D1E519C3C672445BC0C072DA345AD3CF ] C:\Program Files\Avira\AntiVir Desktop\guardmsg.dll
02:59:51.0515 0x02c8  C:\Program Files\Avira\AntiVir Desktop\guardmsg.dll - ok
02:59:51.0531 0x02c8  [ 4300112CEC15A16BD0884F4567F12714, AA89DB76F397B0BC6E49FB16C383B130CE7D4F38CB69E2FAD2C1F5658BF82A53 ] C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
02:59:51.0531 0x02c8  C:\Program Files\Avira\AntiVir Desktop\avshadow.exe - ok
02:59:51.0531 0x02c8  [ F61BDFEA02BD777259C6984BD8B1169B, 70AB9254FA54EB321754243911F093E1FD791186AFBEC17C28EC6A9986D54DB0 ] C:\Program Files\Avira\AntiVir Desktop\avreg.dll
02:59:51.0531 0x02c8  C:\Program Files\Avira\AntiVir Desktop\avreg.dll - ok
02:59:51.0546 0x02c8  [ 98BAEAE21946DE235BE9A7E8E80A422F, 85A99C78F2E752C8F2C1CC370792604347CBABA417746D7833C6980922CE8C2E ] C:\Program Files\Avira\AntiVir Desktop\msgclient.dll
02:59:51.0546 0x02c8  C:\Program Files\Avira\AntiVir Desktop\msgclient.dll - ok
02:59:51.0546 0x02c8  [ C30BE62224F556F96284A791657B5592, 81E3C9D72D9C0FFD191A6CF08ABA3448014C396134C65EC6032F98D180FD3D43 ] C:\Program Files\Avira\AntiVir Desktop\avesvcr.dll
02:59:51.0546 0x02c8  C:\Program Files\Avira\AntiVir Desktop\avesvcr.dll - ok
02:59:51.0562 0x02c8  [ C81BE1B951C36E97D3DA90DA745DA5F7, DCE7E9127BC9C02B124CA201561A99DE29243CA0353A65B5C794D8C050D98CFF ] C:\hp\KBD\kbd.exe
02:59:51.0562 0x02c8  C:\hp\KBD\kbd.exe - ok
02:59:51.0562 0x02c8  [ E03FF6E92D850735CEF312DDDE62AB32, D06B24323765F38EEFF6D6F033551B24F20B8CE0BFEA86C669A26D889BAEA615 ] C:\Program Files\Avira\AntiVir Desktop\avwsc.exe
02:59:51.0562 0x02c8  C:\Program Files\Avira\AntiVir Desktop\avwsc.exe - ok
02:59:51.0562 0x02c8  [ 57E51C6347165622C69D456B96B1EB46, CA50A8F65866455E2AE899B0D8C0837D7C626DBD8C508FC2AE74DC2A6259595E ] C:\WINDOWS\system32\dxdiagn.dll
02:59:51.0562 0x02c8  C:\WINDOWS\system32\dxdiagn.dll - ok
02:59:51.0578 0x02c8  [ BCED95C3424E3316D455E19B671ACEEC, 9048541150618CC7B2AC5E13B063DE057767FC1EC5B8970147B6E47128CBC3D6 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WMINet_Utils.dll
02:59:51.0578 0x02c8  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WMINet_Utils.dll - ok
02:59:51.0578 0x02c8  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] C:\WINDOWS\system32\tapisrv.dll
02:59:51.0578 0x02c8  C:\WINDOWS\system32\tapisrv.dll - ok
02:59:51.0593 0x02c8  [ 00C99139803F6096CD49D0A9668CE088, A30D0C0FD654ACC72AA4603AAAF9F983F2961A1213CC893DB7DE81547833FCE9 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Management\b1b57351a88c0c9c46bd9424347336ea\System.Management.ni.dll
02:59:51.0593 0x02c8  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Management\b1b57351a88c0c9c46bd9424347336ea\System.Management.ni.dll - ok
02:59:51.0609 0x02c8  [ FF8CCC86C4E42F59B189BD28D362B599, CD5A70AB8D0278CD58E1EAC059680D005ACA8DB01B0F0CF63D8FEE724AF2DD51 ] C:\WINDOWS\system32\ps2.EXE
02:59:51.0609 0x02c8  C:\WINDOWS\system32\ps2.EXE - ok
02:59:51.0609 0x02c8  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] C:\WINDOWS\system32\termsrv.dll
02:59:51.0609 0x02c8  C:\WINDOWS\system32\termsrv.dll - ok
02:59:51.0609 0x02c8  [ DF6551E4C4C46655A0C76194F1FCEA5D, F3895AE4B36BC85C458EDC85FBD1F5AB5C33913CD91C60A65083DC0BDD037BF5 ] C:\WINDOWS\system32\icaapi.dll
02:59:51.0609 0x02c8  C:\WINDOWS\system32\icaapi.dll - ok
02:59:51.0625 0x02c8  [ 1319DF88F588709D13AC701C39745705, EB23A17387D388074CDE163911323E53C142AE610C1186F844139836AD94920E ] C:\WINDOWS\SOUNDMAN.EXE
02:59:51.0625 0x02c8  C:\WINDOWS\SOUNDMAN.EXE - ok
02:59:51.0625 0x02c8  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] C:\WINDOWS\system32\rasmans.dll
02:59:51.0625 0x02c8  C:\WINDOWS\system32\rasmans.dll - ok
02:59:51.0640 0x02c8  [ 2D65D56C2F8B6CC5EBFF8E7200C30304, 10CD5FF00D110D1AE2313DBCBDB17C2B9DFF930F5DAD65C35C08FCF9C152C053 ] C:\WINDOWS\system32\mstlsapi.dll
02:59:51.0640 0x02c8  C:\WINDOWS\system32\mstlsapi.dll - ok
02:59:51.0640 0x02c8  [ 8B4CBBA1EA526830C7F97E7822E2493A, 1DFD05B1C0050DB44F5B4293E5574BFC292AF804A63FC0A70131BB498C326977 ] C:\WINDOWS\ALCMTR.EXE
02:59:51.0640 0x02c8  C:\WINDOWS\ALCMTR.EXE - ok
02:59:51.0656 0x02c8  [ 37A62C6092AADD2EFDE0468DD8818E99, 2D01A2EEE0BE81B3252E1A3EAD21D3D91EA6DE826A1783B14948A0E0B475BAB1 ] C:\WINDOWS\system32\netcfgx.dll
02:59:51.0656 0x02c8  C:\WINDOWS\system32\netcfgx.dll - ok
02:59:51.0656 0x02c8  [ 4D83ED8BDDEC431FC8AD907B47CFB6E3, 4687B8DD40CA9B83AA5CE1268F62476EBA886C10CC8B7B5AB716E4C56AF1EEAF ] C:\WINDOWS\system32\dsound.dll
02:59:51.0656 0x02c8  C:\WINDOWS\system32\dsound.dll - ok
02:59:51.0656 0x02c8  [ 6404807ABC7AF52FA3792697AE638B50, 75FB44348CCC53A4EA2C3677F42098A12CE882F3E015E3D847A07972C1E4AEF5 ] C:\WINDOWS\system32\wbem\wbemcons.dll
02:59:51.0656 0x02c8  C:\WINDOWS\system32\wbem\wbemcons.dll - ok
02:59:51.0671 0x02c8  [ 5F7692CEC90E2E9AA32CD58321E234B8, 0F76BD005B6FC51EE8B2D167C5E792947F8A8FF1A4FBC7F9CB3572BEAFC12639 ] C:\WINDOWS\system32\rastapi.dll
02:59:51.0671 0x02c8  C:\WINDOWS\system32\rastapi.dll - ok
02:59:51.0671 0x02c8  [ C14350FC0D47D806699C4F907FC6785B, A8862B47A74F5FB03C9916A42B986D9B352549ED486AD2B9DAD405A98B5564B3 ] C:\WINDOWS\system32\cryptnet.dll
02:59:51.0671 0x02c8  C:\WINDOWS\system32\cryptnet.dll - ok
02:59:51.0687 0x02c8  [ F68A3F0D63BE926ED65ED1C8C5B03A3D, 301138B4C43E7FFD889C333EDF6378FC0A69EBF7D340B9D48DF9D34295E8A769 ] C:\hp\KBD\led.dll
02:59:51.0687 0x02c8  C:\hp\KBD\led.dll - ok
02:59:51.0687 0x02c8  [ 3CBA2210FA39C6ED7895634842E930DD, 9AFC6A7E1F936ED3636F89FD49B5C944594F88A5BFB597348AF2FB83DA2E4E40 ] C:\WINDOWS\system32\sensapi.dll
02:59:51.0687 0x02c8  C:\WINDOWS\system32\sensapi.dll - ok
02:59:51.0703 0x02c8  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] C:\WINDOWS\system32\imapi.exe
02:59:51.0703 0x02c8  C:\WINDOWS\system32\imapi.exe - ok
02:59:51.0703 0x02c8  [ D1EAECFBC6777802079CB4EE5EA3E31D, 468F85A3F2DFFA4BDF59C237D5E92E8937B0C7C85E26402F7129B64B813E9735 ] C:\hp\KBD\usb.dll
02:59:51.0703 0x02c8  C:\hp\KBD\usb.dll - ok
02:59:51.0703 0x02c8  [ AACE07FE34FADDDF973CE068A6424957, A14DC612762F56EE3CF9FBDF58E9476400F2CD9513319AD90E3818B2DB9F4580 ] C:\WINDOWS\system32\unimdm.tsp
02:59:51.0703 0x02c8  C:\WINDOWS\system32\unimdm.tsp - ok
02:59:51.0718 0x02c8  [ 995252FCC4692B5B97EE17D596C9386E, E0EC754ADC0976BCF88C4777E788A67844428DF0B828D8EE7B8A039C763DFFDD ] C:\WINDOWS\system32\uniplat.dll
02:59:51.0718 0x02c8  C:\WINDOWS\system32\uniplat.dll - ok
02:59:51.0718 0x02c8  [ 986E16D223EEAF13ED30E6C0C576982C, A621F572379BDD44CD7296CF21AF5E429FEA4F517ED49F75A6FE0458BD1DE349 ] C:\WINDOWS\ALCWZRD.EXE
02:59:51.0718 0x02c8  C:\WINDOWS\ALCWZRD.EXE - ok
02:59:51.0734 0x02c8  [ 2AE54F20144B2AF570587A8478D02885, 4A90A62F6094940044BD8F629A1B882EB752C338F5BE61481C9C23F9449E3DE1 ] C:\hp\KBD\PS2.dll
02:59:51.0734 0x02c8  C:\hp\KBD\PS2.dll - ok
02:59:51.0734 0x02c8  [ 205DB5A0DD15DF2657EFD4B64D0CC4A3, 45AE43F06BFA82E328E1F53F9E213265685CB2EA072A7C1A7A592E18DD4A2F12 ] C:\hp\KBD\msg.dll
02:59:51.0734 0x02c8  C:\hp\KBD\msg.dll - ok
02:59:51.0750 0x02c8  [ F92E1076C42FCD6DB3D72D8CFE9816D5, 94135ACF2D9426BB78E4522429120B03D94B541422C277B9ACA31410874A464C ] C:\WINDOWS\system32\wscntfy.exe
02:59:51.0750 0x02c8  C:\WINDOWS\system32\wscntfy.exe - ok
02:59:51.0750 0x02c8  [ 5048DB37A482447EE60D23EE4356D23E, 56EF4EC374378DDF63370AACD8CFE2F7CD17401BE1947C7D8821FF13AACECE04 ] C:\hp\KBD\OSD.DLL
02:59:51.0750 0x02c8  C:\hp\KBD\OSD.DLL - ok
02:59:51.0750 0x02c8  [ 19AE6CBA05B9005698A6DEDCC88F202E, 047016D4989FB1460BE11C0C22E10858E3D6598EBA31C98B8489413C1A350A9C ] C:\WINDOWS\system32\unimdmat.dll
02:59:51.0750 0x02c8  C:\WINDOWS\system32\unimdmat.dll - ok
02:59:51.0765 0x02c8  [ 7B0CB1EEB0E743CB8B3F75E7EE571959, C470DE05DAE470C63317B613765DED5B91578AF463EA2A3B12C03BC399E09910 ] C:\hp\KBD\sct.dll
02:59:51.0765 0x02c8  C:\hp\KBD\sct.dll - ok
02:59:51.0765 0x02c8  [ 01FE97E6F8D3D51C2290E6ACDF53996A, 6E47198EF3236B5BF166EAB1020EEF24E845BD445B89E0B6F70120503E1EC11A ] C:\hp\KBD\onl.dll
02:59:51.0765 0x02c8  C:\hp\KBD\onl.dll - ok
02:59:51.0781 0x02c8  [ 3009CA3F54C5416047B626F82DD2D562, 595F675BF7316764102D31F5DC6F8FF4D54C5DE1BA029288FABB38ED14477D54 ] C:\hp\KBD\aol.dll
02:59:51.0781 0x02c8  C:\hp\KBD\aol.dll - ok
02:59:51.0781 0x02c8  [ 04F893509C03C84F717A83189ED51336, 601C8F63F03281F907E10CE6C00535D6FC9317FD6B0E5451295AE6749D15A36A ] C:\WINDOWS\ehome\ehmsas.exe
02:59:51.0781 0x02c8  C:\WINDOWS\ehome\ehmsas.exe - ok
02:59:51.0796 0x02c8  [ FE4A73CDBC882A19D070F1C01586E81A, EAF450BA7E168EA41EAA7556E14CBDFCF1B96D7E57A17EC20C3BECFDA9FDFD9A ] C:\WINDOWS\system32\modemui.dll
02:59:51.0796 0x02c8  C:\WINDOWS\system32\modemui.dll - ok
02:59:51.0796 0x02c8  [ 76EC97C5068D3D9FAA7774B0F659D31A, 4E2EF0DC0B05187A6154D4D672B7530E14103D7D1EDF1BDE960F9B988B5EC41F ] C:\WINDOWS\system32\kmddsp.tsp
02:59:51.0796 0x02c8  C:\WINDOWS\system32\kmddsp.tsp - ok
02:59:51.0812 0x02c8  [ 4589963D84F2984FA5949A72162BA4F4, BC927EC7D0EBDBD2B4780D892D41739840DD31B0FF8C79013014925F52860808 ] C:\WINDOWS\system32\ndptsp.tsp
02:59:51.0812 0x02c8  C:\WINDOWS\system32\ndptsp.tsp - ok
02:59:51.0812 0x02c8  [ 8B8A45DF7CEF36D93C7BD3E4C84003B8, 7E3A0204FCDD5DFFB3B352451232DD86F8298F83918533D874C122A2EF29081B ] C:\WINDOWS\system32\ipconf.tsp
02:59:51.0812 0x02c8  C:\WINDOWS\system32\ipconf.tsp - ok
02:59:51.0812 0x02c8  [ 10F35088935908D9CC7A248104939F7E, EA7EE77BDDA8B812EB1394761EC74EC637C5B5DE5B6A663CD1D3FB066928DA45 ] C:\hp\KBD\url.dll
02:59:51.0812 0x02c8  C:\hp\KBD\url.dll - ok
02:59:51.0828 0x02c8  [ 8BC2B02DC11C98D14CEE43B8E8393FF3, 1314C33E2E5F11B361CF1E88884B2A9862F8BAB1C498F48DC4C49ACDB28D4732 ] C:\WINDOWS\system32\h323.tsp
02:59:51.0828 0x02c8  C:\WINDOWS\system32\h323.tsp - ok
02:59:51.0828 0x02c8  [ 261E5E3602941656A1442B255C936B9E, F745D2C710019A4E1D17A514473B66DD165CDE48CAF4682AB58EC8D9092B6D08 ] C:\hp\KBD\cfg.dll
02:59:51.0828 0x02c8  C:\hp\KBD\cfg.dll - ok
02:59:51.0843 0x02c8  [ 60DB5561F7B646FA217E9EA6561E6705, 73026054A4B0945CC899465B1429189EB7C93D4ECD8DB92692C45A2A1C455245 ] C:\hp\KBD\msikbdif.dll
02:59:51.0843 0x02c8  C:\hp\KBD\msikbdif.dll - ok
02:59:51.0843 0x02c8  [ 585992D78B671AAA075C02241309795D, 0EE3E35534899C41CFED686BDBA80B5AEC1BDB0173222D8BC7E69CFA277CBE32 ] C:\WINDOWS\system32\msvcirt.dll
02:59:51.0843 0x02c8  C:\WINDOWS\system32\msvcirt.dll - ok
02:59:51.0843 0x02c8  [ 6B552ED3BEE5AA3C4560478FF779BA98, 1778F0B7200F93EB255E1F215BB5FBEAA0DBF63BC60B286D76120F8A787995C4 ] C:\WINDOWS\system32\hidphone.tsp
02:59:51.0843 0x02c8  C:\WINDOWS\system32\hidphone.tsp - ok
02:59:51.0859 0x02c8  [ D0545A010ED2259A740C8414899A938F, 5E6FD116C6F65241A075E4469C5AD1967B8D66DE11E223F7A3F00139FB0160C3 ] C:\WINDOWS\system32\rasppp.dll
02:59:51.0859 0x02c8  C:\WINDOWS\system32\rasppp.dll - ok
02:59:51.0859 0x02c8  [ B464BD425D5D09ABE4192234D1577B22, DF7333CAF299A18DEA43ACEF0A6D8C3F79918D1B3FCE437FDED6B54F95C106B9 ] C:\WINDOWS\system32\ntlsapi.dll
02:59:51.0859 0x02c8  C:\WINDOWS\system32\ntlsapi.dll - ok
02:59:51.0875 0x02c8  [ A655C88AA555BB8EF8957BD29408827F, 6CD48D32D1DFF68FEED5CC20D0DE12729101381EB8A6774408566C14E0B18FFB ] C:\WINDOWS\system32\rasqec.dll
02:59:51.0875 0x02c8  C:\WINDOWS\system32\rasqec.dll - ok
02:59:51.0875 0x02c8  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] C:\WINDOWS\system32\drivers\http.sys
02:59:51.0875 0x02c8  C:\WINDOWS\system32\drivers\http.sys - ok
02:59:51.0890 0x02c8  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] C:\WINDOWS\system32\ssdpsrv.dll
02:59:51.0890 0x02c8  C:\WINDOWS\system32\ssdpsrv.dll - ok
02:59:51.0890 0x02c8  [ 0A9BA6AF531AFE7FA5E4FB973852D863, 8A8116429189D631FC00596278C92A363EC734F0CDE76F52C7456FDC9C56E384 ] C:\WINDOWS\system32\dllhost.exe
02:59:51.0890 0x02c8  C:\WINDOWS\system32\dllhost.exe - ok
02:59:51.0906 0x02c8  [ A0C36223F5CFB46D34664F7D208A3428, 10C0AF737DDB854530C14A66A56160F58C50168F0C500BFC755F29C04C5FAF4C ] C:\hp\hptunes\HPITMSAS.dll
02:59:51.0906 0x02c8  C:\hp\hptunes\HPITMSAS.dll - ok
02:59:51.0906 0x02c8  [ 8D1805727E8642FF88DE9DAEB088ADEF, 70575AE613A213FD2BD40755211D0D3374B951CF148CC5C4851BCD3E9689C9B8 ] C:\WINDOWS\system32\fpalsu.dll
02:59:51.0906 0x02c8  C:\WINDOWS\system32\fpalsu.dll - ok
02:59:51.0906 0x02c8  [ C9F3DE7073E02232E053DD6FBBD0BF8D, E87D7F6CDBBCC31A9ACA2B5AD15B299637A6B249628C4BCA2D9CE50A250951C0 ] C:\Program Files\Avira\My Avira\System.Data.SQLite.dll
02:59:51.0906 0x02c8  C:\Program Files\Avira\My Avira\System.Data.SQLite.dll - ok
02:59:51.0921 0x02c8  [ 047909915BA05C3288BCA69C7AA6DCB6, 15656CC9D2D774E182FC9430B489B044C06398C8B3DF03F16DF77E6ED2642760 ] C:\Program Files\Avira\My Avira\Avira.OE.AvConnectorNative.dll
02:59:51.0921 0x02c8  C:\Program Files\Avira\My Avira\Avira.OE.AvConnectorNative.dll - ok
02:59:51.0921 0x02c8  [ 9B9F1C38D559047B8AC0DBA2D5FEBDE9, F64DEF5213CC6E96DD62125A3D44522200F66FF6A2CBA198096484F61D1C088B ] C:\WINDOWS\system32\ksuser.dll
02:59:51.0921 0x02c8  C:\WINDOWS\system32\ksuser.dll - ok
02:59:51.0937 0x02c8  [ A20723FA212FAA76B5157AD8F434347B, FA40B5FAB5E8980652BFBBAC0905A16AE4D64DDA57BD95A933EBF5C4B51CE9A9 ] C:\WINDOWS\system32\igfxtray.exe
02:59:51.0937 0x02c8  C:\WINDOWS\system32\igfxtray.exe - ok
02:59:51.0937 0x02c8  [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
02:59:51.0937 0x02c8  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe - ok
02:59:51.0953 0x02c8  [ 17E0CF9C8CBB717D05948656BCD86EFA, 2179FE06BAA6900083E1F325200D241A9D41FBD6E0FE6A6F13897AFE1407770F ] C:\WINDOWS\system32\txflog.dll
02:59:51.0953 0x02c8  C:\WINDOWS\system32\txflog.dll - ok
02:59:51.0953 0x02c8  [ 401A8C0BE0BAA7D7A470F0942244152D, EC21ED13E526617697CD8E6D79FC706CBDA0AF36C02C05B39E8603B217E406BC ] C:\WINDOWS\system32\rasdlg.dll
02:59:51.0953 0x02c8  C:\WINDOWS\system32\rasdlg.dll - ok
02:59:51.0968 0x02c8  [ 0607CBC6FA20114CB491EFE4B2F9EFAD, F1ABF07CC45F9C013B9F53E64820ECB12AC9B1E681B9A1703E30A0637E7D9BB6 ] C:\WINDOWS\system32\d3d9.dll
02:59:51.0968 0x02c8  C:\WINDOWS\system32\d3d9.dll - ok
02:59:51.0968 0x02c8  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] C:\WINDOWS\system32\alg.exe
02:59:51.0968 0x02c8  C:\WINDOWS\system32\alg.exe - ok
02:59:51.0968 0x02c8  [ 90A9B542C9300E540864D9FE1C42A130, ED37C93384E8E589DEC6517F28981ED3D045B56EEE31F992B2C2661FEE8DEFBA ] C:\WINDOWS\system32\fxsst.dll
02:59:51.0968 0x02c8  C:\WINDOWS\system32\fxsst.dll - ok
02:59:51.0984 0x02c8  [ 0329D0A4F230094B669A87BB3B85606E, F9A45480E1433B55123DD56327B5777EEF0013BB1693818C28D3D6EFC29D50B4 ] C:\WINDOWS\system32\fxsapi.dll
02:59:51.0984 0x02c8  C:\WINDOWS\system32\fxsapi.dll - ok
02:59:51.0984 0x02c8  [ 31B067C412FA1A9BAD3CA2A63D7DA440, 7A3A1767C42A3CDE83A56780C15887494C2A69197FE964E2A902F99A456BE581 ] C:\WINDOWS\system32\d3d8thk.dll
02:59:51.0984 0x02c8  C:\WINDOWS\system32\d3d8thk.dll - ok
02:59:52.0000 0x02c8  [ BBF258B11948432032A5623FA1209776, 62B6F7EF7F1C40B5FC6539029936DACECF29273B630756ADA03A005D311992D9 ] C:\Program Files\Avira\AntiVir Desktop\ccgenw.dll
02:59:52.0000 0x02c8  C:\Program Files\Avira\AntiVir Desktop\ccgenw.dll - ok
02:59:52.0000 0x02c8  [ EB2D2E05E471208CD651DDCDF77904BF, 9BBCACD7E3724EC829F059574F7BB17EC665D63396136D54C7F2B60A565B1FD9 ] C:\WINDOWS\system32\windowscodecsext.dll
02:59:52.0000 0x02c8  C:\WINDOWS\system32\windowscodecsext.dll - ok
02:59:52.0015 0x02c8  [ 2CD1C3506A85B38E2D17E61ADED175C4, F899E8C466B518346D47C7CD56F6D4AE3EED38369B8E38B6BADF0227B93E7F82 ] C:\WINDOWS\system32\taskmgr.exe
02:59:52.0015 0x02c8  C:\WINDOWS\system32\taskmgr.exe - ok
02:59:52.0015 0x02c8  [ 9EFBB3055B3EECE5B0FC7BAED07A6EE9, 8CF9C8882C1DF59E51E2D65425C595E1C37005E6F94C47EBCDEBFF991788C162 ] C:\WINDOWS\system32\msxml6.dll
02:59:52.0015 0x02c8  C:\WINDOWS\system32\msxml6.dll - ok
02:59:52.0015 0x02c8  [ 0DFA4D5E8205614EDA53394E637812E4, EEFF82683D2818E505556DCDC220FC246DBE61612BD272CA844FC3FC8BADC0B1 ] C:\WINDOWS\system32\vdmdbg.dll
02:59:52.0015 0x02c8  C:\WINDOWS\system32\vdmdbg.dll - ok
02:59:52.0031 0x02c8  [ 4AC2FA4A6F0DF2511BAC13393C06EFF1, 502B9D43EB6305508E8CDF034528C3F1DDF4525727C1B7663EA835BE2307FF20 ] C:\WINDOWS\system32\mscms.dll
02:59:52.0031 0x02c8  C:\WINDOWS\system32\mscms.dll - ok
02:59:52.0031 0x02c8  [ 9D39D9E07C180127252E176EC2B41487, 3F0B5EE725CBA71620FB4125F8DFF89AC8B29FF4D2C2B013B6CFDB4538D52D8B ] C:\WINDOWS\system32\utildll.dll
02:59:52.0031 0x02c8  C:\WINDOWS\system32\utildll.dll - ok
02:59:52.0046 0x02c8  [ 6D07DF8A3B4E89B5BAC943B64F0B70D0, 275821BBD4A5B853C611A5847DECA513C83E4A4B81A7999D255D55CCD820F957 ] C:\WINDOWS\system32\icm32.dll
02:59:52.0046 0x02c8  C:\WINDOWS\system32\icm32.dll - ok
02:59:52.0046 0x02c8  [ B1BD18180498C1D059FB35A2518F15D2, 0942EDB22F7FFE50331720631F182D476ADF8AEA5AA6E6AF01F71C2639C3CA9C ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\65bd29660d00ac08c14edad26ce38e2c\PresentationFramework.Royale.ni.dll
02:59:52.0046 0x02c8  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\65bd29660d00ac08c14edad26ce38e2c\PresentationFramework.Royale.ni.dll - ok
02:59:52.0062 0x02c8  [ ED43EA555586F44906ED5B5DB445E4B1, 3AFDF90E7D5AEC60734215B847234516105B3EDC6AFBCB083F37982CB55EFA44 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Numerics\d038332bf07a163f855200919ee678cc\System.Numerics.ni.dll
02:59:52.0062 0x02c8  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Numerics\d038332bf07a163f855200919ee678cc\System.Numerics.ni.dll - ok
02:59:52.0062 0x02c8  [ BC958016A1F7A23A1A9282C82D73D074, AD27D5174A3AA063A29DAF8F3284976D4EE517A784667FD37B0A8DE4FEF72F8B ] C:\WINDOWS\system32\mtxex.dll
02:59:52.0062 0x02c8  C:\WINDOWS\system32\mtxex.dll - ok
02:59:52.0078 0x02c8  [ 26DCA3BB7F997BC070A8EC9198711656, 48BC878F8AFF91D7BB43A8CF91F38979E0514A1E375EDC3D5AC1B5CAC70A40E9 ] C:\WINDOWS\ehome\sqldb20.dll
02:59:52.0078 0x02c8  C:\WINDOWS\ehome\sqldb20.dll - ok
02:59:52.0078 0x02c8  [ C8518DD94A0C218A5D699211C4125A6F, C3E2E24EBD9AB82E34E7F6C34F93B447579797DFD1522B5A204E8BE1B6394F86 ] C:\WINDOWS\ehome\sqlse20.dll
02:59:52.0078 0x02c8  C:\WINDOWS\ehome\sqlse20.dll - ok
02:59:52.0093 0x02c8  [ F62BD814FF92DFDEF98A1F3129452104, 07632337A819106012B5D55C48E5556DD266085E7C68F8200CA468B74BEA6FA0 ] C:\WINDOWS\ehome\sqlqp20.dll
02:59:52.0093 0x02c8  C:\WINDOWS\ehome\sqlqp20.dll - ok
02:59:52.0093 0x02c8  [ B3E59EA4DA804B32526D669D5E13DF42, D72DD64300D0F3E4CA8CA0035C6D0F157FD339C4990B66A58E69D7809BCD7941 ] C:\Program Files\Avira\My Avira\en-US\Avira.OE.Systray.resources.dll
02:59:52.0093 0x02c8  C:\Program Files\Avira\My Avira\en-US\Avira.OE.Systray.resources.dll - ok
02:59:52.0109 0x02c8  [ 2E9F0DF34ADE2838E61B494C0CF6BC95, C6CF74F97BEC05F612FFDCA42454A5D955B25B3F37D66EF3CC5CBD625CEDEF91 ] C:\Program Files\Avira\My Avira\Interop.WUApiLib.dll
02:59:52.0109 0x02c8  C:\Program Files\Avira\My Avira\Interop.WUApiLib.dll - ok
02:59:52.0109 0x02c8  [ 06A1ECB63DF139EC639E084D4AB3C9D7, 0497B3468552955BE5FD32CE65707245FB9A224A22CE577132CEAC9E583B3C2A ] C:\WINDOWS\system\hpsysdrv.exe
02:59:52.0109 0x02c8  C:\WINDOWS\system\hpsysdrv.exe - ok
02:59:52.0125 0x02c8  [ B385EAA6CC24BF7CB8FA7FC031D79B7A, 69F8AF3A9C95796EF5BB76E1BB7F98C8EA663F00439D22B67AAD05338D968D77 ] C:\WINDOWS\CREATOR\Remind_XP.exe
02:59:52.0125 0x02c8  C:\WINDOWS\CREATOR\Remind_XP.exe - ok
02:59:52.0125 0x02c8  [ F6F2BFC17069EB335ACCEEF7595F9302, 7434C4353DD2B2E5C8F3690CEF2E1F7E234C2402E6E3BFCBF29DCB1494125F8A ] C:\WINDOWS\system32\mfc42u.dll
02:59:52.0125 0x02c8  C:\WINDOWS\system32\mfc42u.dll - ok
02:59:52.0125 0x02c8  [ 310F1E8A0781887BA1C217448C0E4D48, DD65BFC074FF4C27A5AA90A3CCE80B553BB2F2F32F9A534C1352E3980EAF9384 ] C:\WINDOWS\SMINST\Recguard.exe
02:59:52.0125 0x02c8  C:\WINDOWS\SMINST\Recguard.exe - ok
02:59:52.0140 0x02c8  [ 0B467F470CC9918FDCEEDCFD7DC4D697, 87C8BCC4DFF318FC393A8C0FB0B82CCC9DA83EC0F5811CF303F3AC265A575578 ] C:\WINDOWS\system32\oledlg.dll
02:59:52.0140 0x02c8  C:\WINDOWS\system32\oledlg.dll - ok
02:59:52.0140 0x02c8  [ 5652F6CE1D9E9D8068B9D29BC21B5409, 807A8B8FD8CCFC04409E1D64947FE35F847F194FF6FC09CCCF66F274F2A994C6 ] C:\WINDOWS\system32\olepro32.dll
02:59:52.0140 0x02c8  C:\WINDOWS\system32\olepro32.dll - ok
02:59:52.0156 0x02c8  [ C31CD3CEAB7653D22A2B92553971353E, BC9B04C728B491522AF5417F3D6BD78D216D9E39CD07566C5D7FC99FB56A5AF0 ] C:\Program Files\iTunes\iTunesHelper.exe
02:59:52.0156 0x02c8  C:\Program Files\iTunes\iTunesHelper.exe - ok
02:59:52.0156 0x02c8  [ 87FED5CBF3051517F528DF251DBDCD5A, 29322B5211F6EB9F81C90C32B29195F39DC851FB50CB94A790070473D72CBFDA ] C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
02:59:52.0156 0x02c8  C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
02:59:52.0171 0x02c8  [ 53D743FFFBDB976D0315C6BA1B97B794, 213454711D67E46D45AA5137BC3D1D6620DCA174B071251E5A58F9B885AFB005 ] C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll
02:59:52.0171 0x02c8  C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
02:59:52.0171 0x02c8  [ 50F2E042C33ED8D11264BE5C4D533C7F, 43D1CEA43BE41AEC765F5A5759857A58A474E663C22484611FC20C7E9C932B09 ] C:\Program Files\iPod\bin\iPodService.exe
02:59:52.0171 0x02c8  C:\Program Files\iPod\bin\iPodService.exe - ok
02:59:52.0187 0x02c8  [ FABA95C8DAB82AE80C7289D4AC4BB059, CC658D936A24A6E09FBA22F18D1C0ADE9C3449D1AF01F4277B6337E5D0239F45 ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
02:59:52.0187 0x02c8  C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
02:59:52.0187 0x02c8  [ 1EDD98B6C19A4072E497BAAE9F3ECECF, 1120F37FE8F7822C7F768350AD6E3D4D96C3E35D82C3105DE1895D7EB9816CBD ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
02:59:52.0187 0x02c8  C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
02:59:52.0203 0x02c8  [ B48E7B4C95CCE0C6C0C3F7B1A97FBC8F, E3B0CEBA4408D1F4DC26ED63F746C330A6D42D057EB6AF12E1C88C956C37412A ] C:\WINDOWS\system32\wzcdlg.dll
02:59:52.0203 0x02c8  C:\WINDOWS\system32\wzcdlg.dll - ok
02:59:52.0203 0x02c8  ================ Scan generic autorun ======================
02:59:52.0250 0x02c8  [ F90137A9897071EDE961A5ABA4EA524F, F3374B4ED84CCEC9F84339EB583001E15B56B1C548C0ADDB462764F6F4F1E884 ] C:\WINDOWS\ehome\ehtray.exe
02:59:52.0296 0x02c8  ehTray - ok
02:59:52.0343 0x02c8  [ 9C3B2302B60FB0EFB13BC880A5E3E93E, 16F32AB74A57B521FF431F2C36609DE5F6ABE0DCD3111B4954471DEED700A66B ] C:\WINDOWS\system32\HDAShCut.exe
02:59:52.0375 0x02c8  High Definition Audio Property Page Shortcut - ok
02:59:52.0406 0x02c8  [ 409F6851BDAEC9ACCBDDE692D56D5C87, 22244B58BE2E80849D228679707FE6C0C73FDE0548E0EF29B3C3F82205D741CE ] C:\WINDOWS\system32\hkcmd.exe
02:59:52.0437 0x02c8  HotKeysCmds - ok
02:59:52.0453 0x02c8  [ 2D838F01650A630AE7A78C864315FBDC, 74BEBB525374F90889A84682271CFB8E7E5F817B509CD3D45FDD9432A7A70461 ] C:\WINDOWS\system32\igfxpers.exe
02:59:52.0468 0x02c8  Persistence - ok
02:59:52.0593 0x02c8  [ 4F113169A2DE985D043A5530987AD6D0, 13804396E930DAFEF342FB179A02C93F4C99A177A2E145E933723FA382763E96 ] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
02:59:52.0609 0x02c8  HPHUPD08 - detected UnsignedFile.Multi.Generic ( 1 )
02:59:52.0609 0x02c8  HPHUPD08 ( UnsignedFile.Multi.Generic ) - warning
02:59:52.0625 0x02c8  [ 30A086BA3520555B718E77763B1C52C0, 4F121DF4C11CFA53AE5AA4443811FDC12B9490A9E2CFF15B51944F830DA34A05 ] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe
02:59:52.0640 0x02c8  HPBootOp - detected UnsignedFile.Multi.Generic ( 1 )
02:59:52.0640 0x02c8  HPBootOp ( UnsignedFile.Multi.Generic ) - warning
02:59:52.0765 0x02c8  [ 6380625DD0480ED60960A149A087C848, 50D920A3184B431246B38066FB6D6452C90294FCCEB8E2F1F1B7A2743E6C1106 ] c:\hp\bin\cloaker.exe
02:59:52.0781 0x02c8  IcoSet - detected UnsignedFile.Multi.Generic ( 1 )
02:59:52.0781 0x02c8  IcoSet ( UnsignedFile.Multi.Generic ) - warning
02:59:52.0812 0x02c8  [ 5FD441FA69B135B8891EBF8F2F8631B7, 6827D7F5648E838E60D18304B2B2019CCBA18C9772FDFB2835BB99F4652A1B3F ] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
02:59:52.0828 0x02c8  LSBWatcher - detected UnsignedFile.Multi.Generic ( 1 )
02:59:52.0828 0x02c8  LSBWatcher ( UnsignedFile.Multi.Generic ) - warning
02:59:52.0828 0x02c8  Force sending object to P2P due to detect: c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
02:59:52.0828 0x02c8  Object send P2P result: false
02:59:52.0921 0x02c8  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
02:59:52.0937 0x02c8  HP Software Update - ok
02:59:53.0015 0x02c8  [ D09A5F5C4DBD5D4DFF09AB1A69812062, 2282EEA1AAD234A773C46FEA1EF4330E8320FC240BE3E2F5A38C3DF4F09CA947 ] C:\Program Files\Common Files\Real\Update_OB\realsched.exe
02:59:53.0046 0x02c8  TkBellExe - detected UnsignedFile.Multi.Generic ( 1 )
02:59:53.0046 0x02c8  TkBellExe ( UnsignedFile.Multi.Generic ) - warning
02:59:53.0156 0x02c8  [ 69B388D8F3085411D00F875FF5CBCAF6, 22F6DCF1E6D1DD28793CCDFE9FC33E737180BB3C5C65BE3BFA9C2522B6B6F66B ] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
02:59:53.0203 0x02c8  avgnt - ok
02:59:53.0250 0x02c8  [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe
02:59:53.0390 0x02c8  ctfmon.exe - ok
02:59:53.0640 0x02c8  [ 2B24F194FC5B657397ECB2923A68350E, B7F36CD6F0C33A2EC09898E35786E2225AC22408C25720E4D5B7A32CCA54940C ] C:\Program Files\CCleaner\CCleaner.exe
02:59:53.0890 0x02c8  CCleaner Monitoring - ok
02:59:54.0015 0x02c8  [ 085BBE2556ECDAEB4015099CE663ACA1, 46DE8C8E6DBAE588976C63072AC3E5943F3C8263294D4BCBDCAAF361B5162DF5 ] C:\Program Files\Sandboxie\SbieCtrl.exe
02:59:54.0046 0x02c8  SandboxieControl - ok
02:59:54.0062 0x02c8  [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe
02:59:54.0187 0x02c8  ctfmon.exe - ok
02:59:54.0218 0x02c8  AV detected via SS1: Avira Desktop, 15.0.8.652, enabled, updated
02:59:54.0218 0x02c8  Win FW state via NFM: enabled
02:59:54.0218 0x02c8  ============================================================
02:59:54.0218 0x02c8  Scan finished
02:59:54.0218 0x02c8  ============================================================
02:59:54.0234 0x0200  Detected object count: 9
02:59:54.0234 0x0200  Actual detected object count: 9
02:59:57.0968 0x0200  MHNDRV ( UnsignedFile.Multi.Generic ) - skipped by user
02:59:57.0968 0x0200  MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
02:59:57.0968 0x0200  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
02:59:57.0968 0x0200  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
02:59:57.0968 0x0200  PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
02:59:57.0968 0x0200  PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
02:59:57.0968 0x0200  UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - skipped by user
02:59:57.0968 0x0200  UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
02:59:57.0984 0x0200  HPHUPD08 ( UnsignedFile.Multi.Generic ) - skipped by user
02:59:57.0984 0x0200  HPHUPD08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
02:59:57.0984 0x0200  HPBootOp ( UnsignedFile.Multi.Generic ) - skipped by user
02:59:57.0984 0x0200  HPBootOp ( UnsignedFile.Multi.Generic ) - User select action: Skip 
02:59:57.0984 0x0200  IcoSet ( UnsignedFile.Multi.Generic ) - skipped by user
02:59:57.0984 0x0200  IcoSet ( UnsignedFile.Multi.Generic ) - User select action: Skip 
02:59:57.0984 0x0200  LSBWatcher ( UnsignedFile.Multi.Generic ) - skipped by user
02:59:57.0984 0x0200  LSBWatcher ( UnsignedFile.Multi.Generic ) - User select action: Skip 
02:59:57.0984 0x0200  TkBellExe ( UnsignedFile.Multi.Generic ) - skipped by user
02:59:57.0984 0x0200  TkBellExe ( UnsignedFile.Multi.Generic ) - User select action: Skip 
03:00:12.0156 0x0734  Deinitialize success
 


#9 Johnny Computer

Johnny Computer

  • Malware Response Team
  • 1,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1
  • Local time:04:55 PM

Posted 22 March 2015 - 05:31 PM

Hi CarrotCakes-

 

 

I've removed PC Doctor.

 

 

:thumbup2:

 

  -----------------------------------------------------------------------------------

 

   :step1:  Double click on AdwCleaner.exe to run the tool again. Vista/Windows 7/8 users right-click and select Run As Administrator

  • The tool will start to update the database, please wait a bit.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
    <-insert any special instructions here for what to uncheck OR remove this line if there are none->
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

 

  --------------------------------------------------------------------------------------------------------------------------

 

   :step2:  Please make sure the “Additions.txt” option is checked, re run FRST, and post both the logs

 

  ---------------------------------------------------------------------------------------------------

 

   :step3:  How is your computer running now?  Are the duplicate files you told us about in your original post still present?

 

 

 ======================================================

 

IN YOUR NEXT REPLY I NEED:

 

1.)  Your ADWCleaner log

2.)  Your FRST logs

3.)  Update on how your system is runnig

 

 

Thanks  :)


avatar591802_2.gif"DO OR DO NOT. THERE IS NO TRY."


#10 CarrotCakes

CarrotCakes
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:55 PM

Posted 22 March 2015 - 07:32 PM

Adwcleaner won't detect the items again.

 

FRST logs:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by HP_Administrator (administrator) on ABC on 22-03-2015 17:26:51
Running from C:\Documents and Settings\HP_Administrator\Desktop
Loaded Profiles: HP_Administrator (Available profiles: HP_Administrator & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehRecvr.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehSched.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Hewlett-Packard Company) C:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(QFX Software Corporation) C:\Program Files\KeyScrambler\KeyScrambler.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard) C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
(Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe
(Hewlett-Packard Company) C:\hp\KBD\kbd.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehmsas.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\SOUNDMAN.EXE
(Realtek Semiconductor Corp.) C:\WINDOWS\ALCMTR.EXE
(RealTek Semicoductor Corp.) C:\WINDOWS\ALCWZRD.EXE
(Hewlett-Packard Company) C:\WINDOWS\system\hpsysdrv.exe
(Apple Computer, Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Computer, Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieRpcSs.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieCrypto.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [ehTray] => C:\WINDOWS\ehome\ehtray.exe [59392 2004-08-10] (Microsoft Corporation)
HKLM\...\Run: [High Definition Audio Property Page Shortcut] => C:\WINDOWS\system32\HDAShCut.exe [61952 2005-01-08] (Windows ® Server 2003 DDK provider)
HKLM\...\Run: [HPHUPD08] => c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe [49152 2005-06-01] (Hewlett-Packard)
HKLM\...\Run: [HPBootOp] => C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe [245760 2005-02-25] (Hewlett-Packard Company)
HKLM\...\Run: [IcoSet] => c:\hp\bin\cloaker.exe [27136 1999-11-07] (Hewlett-Packard Co.)
HKLM\...\Run: [LSBWatcher] => c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe [253952 2005-05-10] (Hewlett-Packard Company)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Common Files\Real\Update_OB\realsched.exe [180269 2005-09-06] (RealNetworks, Inc.)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [704512 2015-03-19] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [IMJPMIG8.1] => C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [208952 2008-04-13] (Microsoft Corporation)
HKLM\...\Run: [IMEKRMIG6.1] => C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE [44032 2004-08-10] (Microsoft Corporation)
HKLM\...\Run: [MSPY2002] => C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [59392 2008-04-13] ()
HKLM\...\Run: [PHIME2002ASync] => C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2008-04-13] (Microsoft Corporation)
HKLM\...\Run: [PHIME2002A] => C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2008-04-13] (Microsoft Corporation)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [126712 2015-01-19] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [KeyScrambler] => C:\Program Files\KeyScrambler\keyscrambler.exe [509216 2015-02-16] (QFX Software Corporation)
HKU\S-1-5-21-403728013-4087379911-1177270023-1008\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5503768 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-403728013-4087379911-1177270023-1008\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [632840 2015-02-17] (Sandboxie Holdings, LLC)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk
ShortcutTarget: Updates from HP.lnk -> C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe (Hewlett-Packard)
BootExecute: autocheck autochk * sdnclean.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
HKU\S-1-5-21-403728013-4087379911-1177270023-1008\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-403728013-4087379911-1177270023-1008\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-08-27] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-08-27] (Oracle Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2001-06-20] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 75.153.176.1
 
FireFox:
========
FF ProfilePath: C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\1Iy6oeQV.default
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-08-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-08-27] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.11.2061 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2005-09-06] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.2.2122 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll [2005-09-06] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1059 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll [2005-09-06] (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\1Iy6oeQV.default\Extensions\abs@avira.com [2014-08-26]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-12-25]
 
Chrome: 
=======
CHR StartupUrls: Default -> "about:blank"
CHR Profile: C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-08-26]
CHR Extension: (Google Docs) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-26]
CHR Extension: (Google Drive) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-26]
CHR Extension: (WOT) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-08-26]
CHR Extension: (YouTube) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-26]
CHR Extension: (Google Search) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-26]
CHR Extension: (Google Sheets) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-08-26]
CHR Extension: (AdBlock) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-09-28]
CHR Extension: (Chrome Hotword Shared Module) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-08]
CHR Extension: (Google Wallet) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-26]
CHR Extension: (ScriptSafe) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf [2014-09-28]
CHR Extension: (Gmail) - C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-26]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [432888 2015-03-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-19] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R3 iPodService; C:\Program Files\iPod\bin\iPodService.exe [327680 2005-05-05] (Apple Computer, Inc.) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-08-27] (Oracle Corporation)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [53248 2005-06-21] (Hewlett-Packard Company) [File not signed]
S3 MHN; C:\WINDOWS\System32\mhn.dll [85504 2004-08-10] (Microsoft Corporation) [File not signed]
S0 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [69632 2004-09-29] (HP) [File not signed]
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [135176 2015-02-17] (Sandboxie Holdings, LLC)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [105864 2015-03-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [136216 2015-03-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\System32\DRIVERS\avkmgr.sys [37352 2014-08-15] (Avira Operations GmbH & Co. KG)
R0 bb-run; C:\WINDOWS\System32\DRIVERS\bb-run.sys [17408 2003-11-05] (Promise Technology, Inc.)
R1 FsVga; C:\WINDOWS\System32\DRIVERS\fsvga.sys [12160 2004-08-10] (Microsoft Corporation)
R0 ftsata2; C:\WINDOWS\System32\DRIVERS\ftsata2.sys [175616 2005-04-14] (Promise Technology, Inc.)
S3 HdAudAddService; C:\WINDOWS\System32\drivers\HdAudio.sys [145920 2005-01-08] (Windows ® Server 2003 DDK provider)
R3 KeyScrambler; C:\WINDOWS\System32\drivers\keyscrambler.sys [210512 2015-02-06] (QFX Software Corporation)
S3 ltmodem5; C:\WINDOWS\System32\DRIVERS\ltmdmnt.sys [606684 2004-08-04] (LT)
S3 MHNDRV; C:\WINDOWS\System32\DRIVERS\mhndrv.sys [11008 2004-08-10] (Microsoft Corporation) [File not signed]
R0 PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [20640 2005-04-25] (Sonic Solutions) [File not signed]
R3 RTL8023xp; C:\WINDOWS\System32\DRIVERS\Rtlnicxp.sys [74496 2005-03-04] (Realtek Semiconductor Corporation                           )
S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2004-08-04] (Realtek Semiconductor Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [161288 2015-02-17] (Sandboxie Holdings, LLC)
R1 ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [28520 2014-08-15] (Avira GmbH)
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]
S3 VClone; system32\DRIVERS\VClone.sys [X]
U1 WS2IFSL; No ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation)
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-22 17:14 - 2015-03-22 17:15 - 02168320 _____ () C:\Documents and Settings\HP_Administrator\Desktop\adwcleaner_4.113.exe
2015-03-22 17:06 - 2015-03-22 17:07 - 00001944 _____ () C:\WINDOWS\setupapi.log
2015-03-22 04:58 - 2015-03-22 04:58 - 00001866 _____ () C:\WINDOWS\COM+.log
2015-03-20 22:46 - 2015-03-20 22:46 - 00004501 _____ () C:\Documents and Settings\HP_Administrator\Desktop\RKreport_DEL_03202015_224602.log
2015-03-20 22:32 - 2015-03-22 17:26 - 00026390 _____ () C:\Documents and Settings\HP_Administrator\Desktop\Addition.txt
2015-03-20 22:31 - 2015-03-22 17:27 - 00016798 _____ () C:\Documents and Settings\HP_Administrator\Desktop\FRST.txt
2015-03-20 22:25 - 2015-03-20 22:25 - 00003957 _____ () C:\Documents and Settings\HP_Administrator\Desktop\RKreport_DEL_03202015_222401.log
2015-03-19 23:36 - 2015-03-19 23:36 - 00005873 _____ () C:\Documents and Settings\HP_Administrator\Desktop\RKreport_SCN_03192015_233221.log
2015-03-19 23:21 - 2015-03-20 22:38 - 00035064 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-03-19 23:21 - 2015-03-19 23:36 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\RogueKiller
2015-03-19 21:51 - 2015-03-19 21:51 - 00402944 _____ (Farbar) C:\Documents and Settings\HP_Administrator\Desktop\MiniToolBox.exe
2015-03-19 21:50 - 2015-03-19 21:50 - 00852607 _____ () C:\Documents and Settings\HP_Administrator\Desktop\SecurityCheck.exe
2015-03-19 21:50 - 2015-03-19 21:50 - 00415232 _____ (Farbar) C:\Documents and Settings\HP_Administrator\Desktop\FSS.exe
2015-03-19 21:48 - 2015-03-19 21:49 - 15648856 _____ () C:\Documents and Settings\HP_Administrator\Desktop\winlogon.exe
2015-03-18 17:41 - 2015-03-19 22:57 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2015-03-18 17:17 - 2015-03-18 17:17 - 16502728 _____ (Malwarebytes Corp.) C:\Documents and Settings\HP_Administrator\Desktop\mbar-1.09.1.1004.exe
2015-03-18 17:17 - 2015-03-18 17:17 - 05198336 _____ (AVAST Software) C:\Documents and Settings\HP_Administrator\Desktop\aswMBR.exe
2015-03-18 17:03 - 2015-03-19 21:20 - 00002190 _____ () C:\WINDOWS\Sandboxie.ini
2015-03-18 17:03 - 2015-03-18 17:02 - 00000777 _____ () C:\Documents and Settings\HP_Administrator\Desktop\Sandboxed Web Browser.lnk
2015-03-18 17:02 - 2015-03-18 17:02 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Sandboxie
2015-03-08 22:21 - 2015-03-18 17:02 - 00000000 ____D () C:\Program Files\Sandboxie
2015-03-08 16:28 - 2015-03-08 16:28 - 01943800 _____ (Bleeping Computer, LLC) C:\Documents and Settings\HP_Administrator\Desktop\rkill.exe
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-22 17:27 - 2014-08-26 04:15 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\Local Settings\Temp
2015-03-22 17:26 - 2014-10-12 01:53 - 00000000 ____D () C:\FRST
2015-03-22 17:20 - 2014-08-26 14:24 - 00000886 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-22 17:19 - 2014-10-10 21:29 - 00000000 ____D () C:\AdwCleaner
2015-03-22 17:08 - 2014-08-26 04:08 - 00000248 _____ () C:\WINDOWS\system\hpsysdrv.dat
2015-03-22 17:07 - 2005-06-06 23:57 - 01491023 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-22 17:06 - 2005-06-10 10:28 - 00000000 ____D () C:\WINDOWS\Registration
2015-03-22 17:05 - 2014-08-27 01:44 - 00000244 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2015-03-22 17:05 - 2014-08-26 14:24 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-22 17:05 - 2005-06-06 23:57 - 00032486 _____ () C:\WINDOWS\SchedLgU.Txt
2015-03-22 17:04 - 2005-06-06 23:57 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-22 04:57 - 2014-08-26 15:47 - 00240270 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2015-03-22 04:56 - 2014-08-26 04:15 - 00000278 ___SH () C:\Documents and Settings\HP_Administrator\ntuser.ini
2015-03-22 04:56 - 2014-08-26 04:15 - 00000000 ____D () C:\Documents and Settings\HP_Administrator
2015-03-22 02:47 - 2005-09-06 07:51 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\PC Help & Tools
2015-03-22 02:39 - 2005-06-06 23:53 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl
2015-03-20 22:24 - 2014-08-26 14:26 - 00001824 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2015-03-20 21:51 - 2014-08-26 20:52 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-03-19 23:38 - 2014-08-26 15:47 - 01336766 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-403728013-4087379911-1177270023-1008-0.dat
2015-03-19 22:28 - 2014-08-26 20:52 - 00120024 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-03-18 16:43 - 2014-08-26 16:18 - 00000000 ____D () C:\WINDOWS\system32\NtmsData
2015-03-16 23:59 - 2015-01-09 03:49 - 01388672 _____ (Thisisu) C:\Documents and Settings\HP_Administrator\Desktop\JRT.exe
2015-03-13 22:52 - 2015-01-10 17:43 - 01135104 _____ (Farbar) C:\Documents and Settings\HP_Administrator\Desktop\FRST.exe
2015-03-13 17:22 - 2014-11-23 23:12 - 00000000 ____D () C:\Documents and Settings\HP_Administrator\My Documents\School
2015-03-11 16:53 - 2014-08-26 15:54 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-03-11 16:53 - 2014-08-26 15:54 - 00105864 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-03-10 18:21 - 2014-08-27 01:01 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-03-10 18:16 - 2014-08-27 01:01 - 119837696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-03-08 15:37 - 2005-06-06 23:55 - 00578606 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-01 23:17 - 2014-08-28 17:03 - 00000000 ____D () C:\Program Files\KeyScrambler
2015-03-01 23:17 - 2014-08-28 17:03 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\KeyScrambler
2015-02-26 23:25 - 2014-08-26 20:53 - 00000693 _____ () C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
2015-02-26 23:25 - 2014-08-26 20:53 - 00000000 ____D () C:\Program Files\CCleaner
 
==================== Files in the root of some directories =======
 
2014-08-26 04:15 - 2005-09-06 08:30 - 0000136 _____ () C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\fusioncache.dat
 
Some content of TEMP:
====================
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\avgnt.exe
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\IadHide5.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015
Ran by HP_Administrator at 2015-03-22 17:27:37
Running from C:\Documents and Settings\HP_Administrator\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avira Desktop (Enabled - Up to date) {AD166499-45F9-482A-A743-FDD3350758C7}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Agere Systems PCI Soft Modem (HKLM\...\Agere Systems Soft Modem) (Version:  - )
AiO_Scan (Version: 50.0.206.000 - Hewlett-Packard) Hidden
AiOSoftware (Version: 50.0.206.000 - Hewlett-Packard) Hidden
ATLAS Translation Standard V14.0 Trial Version (HKLM\...\{6652750B-AA69-49B7-9D09-C0A28B6FFC9F}) (Version: 14.00.2000 - FUJITSU LIMITED)
Avira (HKLM\...\{bd538030-07d4-4999-a525-7fafa2483f56}) (Version: 1.1.30.21727 - Avira Operations & Co. KG)
Avira (Version: 1.1.30.21727 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 15.0.8.656 - Avira)
BAD MEDICINE -INFECTIOUS TEACHERS- (HKLM\...\{8BE6C7BA-74BA-489D-AAF3-996CDD05D221}) (Version: 1.0.0 - Rejet)
Barnyard Invasion from HP Media Center (remove only) (HKLM\...\049D60AF-B425-4F8A-BD66-9D8C1B519D59) (Version:  - WildTangent)
Bejeweled 2 Deluxe from HP Media Center (remove only) (HKLM\...\47D5A62B-1B41-4DB1-8267-ADA434FA782B) (Version:  - WildTangent)
Big Kahuna Reef from HP Media Center (remove only) (HKLM\...\D77E8A46-BEB4-49ED-B2D3-B77180169FA3) (Version:  - WildTangent)
Blackhawk Striker 2 from HP Media Center (remove only) (HKLM\...\758619C0-7C97-42BB-B1E9-775F72FDAD1E) (Version:  - WildTangent)
Blasterball 2 from HP Media Center (remove only) (HKLM\...\D2DACBCD-E1FE-4C32-A49B-1EB0743D1E79) (Version:  - WildTangent)
Blasterball 2 Holidays from HP Media Center (remove only) (HKLM\...\1B497FAA-E53E-420D-8408-FFDD3278CD50) (Version:  - WildTangent)
Boggle Supreme from HP Media Center (remove only) (HKLM\...\90EA5584-4290-407B-B8F2-D6E6D65A4796) (Version:  - WildTangent)
Bookworm Deluxe from HP Media Center (remove only) (HKLM\...\E59F75D0-A38B-40F4-ABA2-CA35A7735473) (Version:  - WildTangent)
Bounce Symphony from HP Media Center (remove only) (HKLM\...\5DAA9E44-1B31-41CD-88A8-228EDED6E36E) (Version:  - WildTangent)
BufferChm (Version: 53.0.13.000 - Hewlett-Packard) Hidden
CameraDrivers (Version: 5.0.0.290 - Hewlett-Packard) Hidden
CameraDrivers (Version: 5.0.0.328 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
CP_AtenaShokunin1Config (Version: 53.0.13.000 - Hewlett-Packard) Hidden
CP_CalendarTemplates1 (Version: 53.0.13.000 - Hewlett-Packard) Hidden
CP_Package_Basic1 (Version: 53.0.13.000 - Hewlett-Packard) Hidden
CP_Package_Variety1 (Version: 53.0.13.000 - Hewlett-Packard) Hidden
CP_Package_Variety2 (Version: 53.0.13.000 - Hewlett-Packard) Hidden
CP_Package_Variety3 (Version: 53.0.13.000 - Hewlett-Packard) Hidden
CP_Panorama1Config (Version: 53.0.13.000 - Hewlett-Packard) Hidden
Crystal Maze from HP Media Center (remove only) (HKLM\...\3D61540E-C88C-4358-B6A1-DC26648F2A3D) (Version:  - WildTangent)
CueTour (Version: 53.0.13.000 - Hewlett-Packard) Hidden
Destinations (Version: 53.0.13.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Digby's Donuts from HP Media Center (remove only) (HKLM\...\A51671BD-9BE5-4944-AC62-A2A0B6FF5E54) (Version:  - WildTangent)
DocProc (Version: 5.2.0.0 - Hewlett-Packard) Hidden
DocumentViewer (Version: 53.0.13.000 - Hewlett-Packard) Hidden
DocumentViewerQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Easy Internet Sign-up (HKLM\...\InstallShield_{8105684D-8CA6-440D-8F58-7E5FD67A499D}) (Version: FE UI-4.0.0.1573 - Hewlett-Packard)
Easy Internet Sign-up (Version: FE UI-4.0.0.1573 - Hewlett-Packard) Hidden
FATE Demo from HP Media Center (remove only) (HKLM\...\B68BB501-10CD-46E2-BB45-075A2ABFD242) (Version:  - WildTangent)
Fax (Version: 50.0.206.000 - Hewlett-Packard) Hidden
Flip Words from HP Media Center (remove only) (HKLM\...\1280194E-E9D5-4253-95E7-40169E2A4848) (Version:  - WildTangent)
GemMaster Mystic (HKLM\...\12133444-BF36-4d4e-B7FB-A3424C645DE4) (Version:  - )
Google Chrome (HKLM\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
High Definition Audio Driver Package - KB888111 (HKLM\...\KB888111WXPSP2) (Version: 20040219.000000 - Microsoft Corporation)
HP Boot Optimizer (HKLM\...\{3BA95526-6AE0-4B87-A62D-17187EF565FC}) (Version: 1.0.2 - Hewlett-Packard)
HP Deskjet Printer Preload (HKLM\...\{2C5D07FB-31A2-4F2D-9FDA-0B24ACD42BD0}) (Version: 10.1.0 - Hewlett-Packard Company)
HP DigitalMedia Archive (HKLM\...\{F80239D8-7811-4D5E-B033-0D0BBFE32920}) (Version: 1.2 - Hewlett-Packard)
HP Document Viewer 5.3 (HKLM\...\HP Document Viewer) (Version: 5.3 - HP)
HP Game Console and games (HKLM\...\HP Game Console) (Version:  - WildTangent)
HP Image Zone 5.3 (HKLM\...\HP Photo & Imaging) (Version: 5.3 - HP)
HP Image Zone for Media Center PC (HKLM\...\{8D0C57BC-4942-4960-BB6D-142456D6F233}) (Version: 1.02.001 - Hewlett-Packard Company)
HP Imaging Device Functions 5.3 (HKLM\...\HP Imaging Device Functions) (Version: 5.3 - HP)
HP Multimedia Keyboard Software (HKLM\...\KBD) (Version:  - )
HP Photosmart 330,380,420,470,7800,8000,8200 Series (HKLM\...\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}) (Version: 8.1 - HP)
HP Photosmart Cameras 5.0 (HKLM\...\{C83A12B9-B31B-461A-BBD4-CE9B988094F1}) (Version: 5.0 - HP)
HP PSC & OfficeJet 5.3.B (HKLM\...\{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}) (Version:  - HP)
HP Solution Center & Imaging Support Tools 5.3 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 5.3 - HP)
HP Tunes (HKLM\...\{3076D235-59F2-448E-889F-D04F985B4CF1}) (Version: 2.1.0.2 - Hewlett-Packard Company)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPProductAssistant (Version: 53.0.13.000 - Hewlett-Packard) Hidden
HpSdpAppCoreApp (Version: 3.00.0000 - Hewlett-Packard) Hidden
Insaniquarium Deluxe from HP Media Center (remove only) (HKLM\...\A09026AE-8F16-4929-B4E6-1825535844DB) (Version:  - WildTangent)
InstantShareDevices (Version: 53.0.13.000 - Hewlett-Packard) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: 6.14.10.4332 - )
IntelliMover Data Transfer Demo (HKLM\...\{14589F05-C658-4594-9429-D437BA688686}) (Version:  - )
InterVideo WinDVD Player (HKLM\...\{3912A629-0020-0005-3757-2FBA74D4DF0A}) (Version:  - )
InterVideo WinDVD Player (HKLM\...\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}) (Version: 5.0-B11.789 - InterVideo Inc.)
iTunes (HKLM\...\InstallShield_{523E6F2A-2D59-4D91-90E8-6C49931C9F50}) (Version: 4.8.0.31 - Apple Computer, Inc.)
iTunes (Version: 4.8.0.31 - Apple Computer, Inc.) Hidden
Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Jewel Quest from HP Media Center (remove only) (HKLM\...\A73FAC36-8925-465D-8FA2-4DA98BD9B441) (Version:  - WildTangent)
KeyScrambler (HKLM\...\KeyScrambler) (Version: 3.6.0.0 - QFX Software Corporation)
LightScribe  1.4.31.1 (Version: 1.4.31.1 - Integrator) Hidden
Mah Jong Quest from HP Media Center (remove only) (HKLM\...\538B9061-0C77-4FB2-903F-EC42A1FF5DD8) (Version:  - WildTangent)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB979904) (HKLM\...\KB979904) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2742607) (HKLM\...\KB2742607) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2904878) (HKLM\...\KB2904878) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Money 2005 (HKLM\...\Money2005b) (Version: 14 - Microsoft)
Microsoft Office Standard Edition 2003 (HKLM\...\{91120409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Plus! Dancer LE (HKLM\...\{1A103D70-5C9B-4E1A-B306-5106C68F9914}) (Version: 1.1.0.3522 - Microsoft Corporation)
Microsoft Plus! Digital Media Edition Installer (HKLM\...\{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}) (Version: 1.1.0.3500 - Microsoft Corporation)
Microsoft Plus! Photo Story 2 LE (HKLM\...\{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}) (Version: 1.1.0.3463 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}) (Version: 08.04.0623 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee autoProducer 4.0 (HKLM\...\{2C3D719A-92C7-4323-89CC-C937D0267B84}) (Version: 4.00.050 - muvee Technologies)
muvee autoProducer unPlugged 1.1 - HPD (HKLM\...\{B1931B3A-29E9-4F91-9B61-BE2CF05E84F1}) (Version: 1.1.000 - muvee Technologies)
NewCopy (Version: 50.0.206.000 - Hewlett-Packard) Hidden
Office 2003 Tour (HKLM\...\{BE9FEFBA-F2F8-468B-A108-4356F73A3E9C}) (Version: 1.0.0 - Microsoft)
Otto (HKLM\...\B3EE3001-DC24-4cd1-8743-5692C716659F) (Version:  - )
PanoStandAlone (Version: 53.0.13.000 - Hewlett-Packard) Hidden
PhotoGallery (Version: 53.0.13.000 - Hewlett-Packard) Hidden
Polar Bowler from HP Media Center (remove only) (HKLM\...\1FFA88DF-0AC3-4D9E-9139-5FF98813C12C) (Version:  - WildTangent)
Polar Golfer from HP Media Center (remove only) (HKLM\...\55275778-F7D9-4BA0-95F4-DEFD71ADDFD9) (Version:  - WildTangent)
PS2 (HKLM\...\PS2) (Version:  - )
PSPrinters08 (Version: 8.01.0000 - HP) Hidden
PSTAPlugin (Version: 8.01.0000 - Hewlett-Packard) Hidden
Puzzle Express from HP Media Center (remove only) (HKLM\...\0814ADC6-5B36-4144-A8EA-439C36B1BB11) (Version:  - WildTangent)
Python 2.2 pywin32 extensions (build 203) (HKLM\...\pywin32-py2.2) (Version:  - )
Python 2.2.3 (HKLM\...\Python 2.2.3) (Version: 2.2.3 - PythonLabs at Zope Corporation)
Quicken 2005 (HKLM\...\InstallShield_{2DBE41DD-2129-4C65-A3D3-5647236A60F3}) (Version: 14.00.0000 - Intuit)
Quicken 2005 (Version: 14.00.0000 - Intuit) Hidden
QuickTime (HKLM\...\QuickTime) (Version:  - )
RandMap (Version: 53.0.13.000 - Hewlett-Packard) Hidden
Readme (Version: 50.0.206.000 - Hewlett-Packard) Hidden
RealPlayer (HKLM\...\RealPlayer 6.0) (Version:  - )
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Ricochet Lost Worlds from HP Media Center (remove only) (HKLM\...\0AA27562-3C4E-4860-8742-7ADEBE2EFC43) (Version:  - WildTangent)
Sandboxie 4.16 (32-bit) (HKLM\...\Sandboxie) (Version: 4.16 - Sandboxie Holdings, LLC)
Scan (Version: 5.2.0.0 - Hewlett-Packard) Hidden
ScannerCopy (Version: 5.2.0.0 - Hewlett-Packard) Hidden
SCRABBLE Blast from HP Media Center (remove only) (HKLM\...\2BA80327-9385-4EC8-9796-47C49BD73352) (Version:  - WildTangent)
SCRABBLE from HP Media Center (remove only) (HKLM\...\B7217206-A362-446B-A0F7-A2622B82F821) (Version:  - WildTangent)
SCRABBLE Rack Attack from HP Media Center (remove only) (HKLM\...\EC03679F-C9F0-46E8-864D-FCCF83F4EB86) (Version:  - WildTangent)
Shrek 2 Ogre Bowler from HP Media Center (remove only) (HKLM\...\581538B9-2ED3-45E2-96CB-22AD8F811D2A) (Version:  - WildTangent)
SkinsHP1 (Version: 53.0.13.000 - Hewlett-Packard) Hidden
Slingo Deluxe from HP Media Center (remove only) (HKLM\...\E0998E52-9D08-4AEE-A4F5-0BB1D8537F6E) (Version:  - WildTangent)
Slyder from HP Media Center (remove only) (HKLM\...\600C800C-5985-4E74-AFE7-571001AC3FA4) (Version:  - WildTangent)
SolutionCenter (Version: 50.0.152.000 - Hewlett-Packard) Hidden
Sonic Encoders (HKLM\...\{9941F0AA-B903-4AF4-A055-83A9815CC011}) (Version: 1.00 - Sonic Solutions)
Sonic Express Labeler (HKLM\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 2.1.0 - Sonic Solutions)
Sonic MyDVD Plus (HKLM\...\{21657574-BD54-48A2-9450-EB03B2C7FC29}) (Version: 6.1.3 - Sonic Solutions)
Sonic RecordNow Audio (HKLM\...\{AB708C9B-97C8-4AC9-899B-DBF226AC9382}) (Version: 2.0.2 - Sonic Solutions)
Sonic RecordNow Copy (HKLM\...\{B12665F4-4E93-4AB4-B7FC-37053B524629}) (Version: 2.0.2 - Sonic Solutions)
Sonic RecordNow Data (HKLM\...\{075473F5-846A-448B-BCB3-104AA1760205}) (Version: 2.0.2 - Sonic Solutions)
Sonic Update Manager (HKLM\...\{30465B6C-B53F-49A1-9EBA-A3F187AD502E}) (Version: 3.0.0 - Sonic Solutions)
Sonic_PrimoSDK (Version: 53.0.13.000 - Hewlett-Packard) Hidden
Status (Version: 53.0.13.000 - Hewlett-Packard) Hidden
Super Granny from HP Media Center (remove only) (HKLM\...\0C20CAB1-F8BC-4AC1-A796-535B005C1B83) (Version:  - WildTangent)
Swarm from HP Media Center (remove only) (HKLM\...\133F647D-B454-42BC-ADBE-387482A29B88) (Version:  - WildTangent)
Tradewinds from HP Media Center (remove only) (HKLM\...\B3FF79F4-CDA8-4845-A7C0-9CE017719F36) (Version:  - WildTangent)
TrayApp (Version: 53.0.13.000 - Hewlett-Packard) Hidden
Unload (Version: 5.0.0 - Hewlett-Packard) Hidden
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update Rollup 1 for Windows XP Media Center Edition 2005 with HDTV Support (KB873369) (HKLM\...\MC05Upd1) (Version:  - Microsoft Corporation)
Updates from HP (remove only) (HKLM\...\HPOOVClient-9972322 Uninstaller) (Version:  - )
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebReg (Version: 53.0.13.000 - Hewlett-Packard) Hidden
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format Runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Player 10 Hotfix [See KB889858 for more information] (HKLM\...\KB889858) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB888316 (HKLM\...\KB888316) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB890629 (HKLM\...\KB890629) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB895678 (HKLM\...\KB895678) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB973768 (HKLM\...\KB973768) (Version:  - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
16-12-2014 01:12:14 System Checkpoint
17-12-2014 01:27:57 System Checkpoint
19-12-2014 02:19:53 System Checkpoint
22-12-2014 00:43:29 System Checkpoint
23-12-2014 20:16:27 System Checkpoint
25-12-2014 21:21:54 Installed Windows KB954550-v5.
25-12-2014 21:22:11 Printer Driver Microsoft XPS Document Writer Installed
25-12-2014 21:22:24 Printer Driver Microsoft XPS Document Writer Installed
25-12-2014 21:32:55 Installed Eraser 6.0.10.2620
27-12-2014 13:18:19 System Checkpoint
27-12-2014 13:36:09 Software Distribution Service 3.0
27-12-2014 21:17:09 Removed Eraser 6.0.10.2620
30-12-2014 05:22:03 System Checkpoint
01-01-2015 00:27:35 System Checkpoint
03-01-2015 01:16:11 System Checkpoint
04-01-2015 03:45:32 System Checkpoint
07-01-2015 03:37:39 System Checkpoint
09-01-2015 05:35:08 System Checkpoint
11-01-2015 04:15:27 System Checkpoint
13-01-2015 07:04:24 System Checkpoint
16-01-2015 05:03:17 Software Distribution Service 3.0
17-01-2015 12:19:20 System Checkpoint
18-01-2015 20:41:44 System Checkpoint
20-01-2015 21:19:33 System Checkpoint
22-01-2015 19:31:05 System Checkpoint
24-01-2015 19:17:11 System Checkpoint
25-01-2015 22:12:31 System Checkpoint
28-01-2015 00:31:53 System Checkpoint
29-01-2015 20:25:55 System Checkpoint
30-01-2015 20:39:43 System Checkpoint
31-01-2015 20:51:14 System Checkpoint
02-02-2015 13:19:13 System Checkpoint
04-02-2015 00:09:47 System Checkpoint
05-02-2015 20:36:15 System Checkpoint
06-02-2015 21:01:14 System Checkpoint
07-02-2015 22:43:41 System Checkpoint
09-02-2015 17:44:08 System Checkpoint
10-02-2015 18:29:56 Software Distribution Service 3.0
13-02-2015 18:16:51 System Checkpoint
14-02-2015 23:14:28 System Checkpoint
16-02-2015 19:08:00 System Checkpoint
17-02-2015 19:34:59 System Checkpoint
18-02-2015 19:39:25 System Checkpoint
20-02-2015 19:36:58 System Checkpoint
22-02-2015 05:51:18 System Checkpoint
23-02-2015 19:18:55 System Checkpoint
25-02-2015 20:16:37 System Checkpoint
26-02-2015 20:21:31 System Checkpoint
27-02-2015 20:29:52 System Checkpoint
01-03-2015 00:40:34 System Checkpoint
02-03-2015 20:49:57 System Checkpoint
05-03-2015 20:30:52 System Checkpoint
07-03-2015 21:10:35 System Checkpoint
08-03-2015 21:11:37 System Checkpoint
10-03-2015 02:13:20 System Checkpoint
10-03-2015 18:15:35 Software Distribution Service 3.0
12-03-2015 20:49:17 System Checkpoint
14-03-2015 01:02:00 System Checkpoint
15-03-2015 07:14:30 System Checkpoint
18-03-2015 17:25:08 Software Distribution Service 3.0
22-03-2015 02:46:38 Configured PC-Doctor 5 for Windows
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2004-08-10 19:00 - 2004-08-10 19:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2004-08-10 19:00 - 2004-09-28 08:54 - 00269824 _____ () C:\WINDOWS\system32\sbe.dll
2004-08-10 12:00 - 2013-01-01 23:49 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll
2004-08-10 12:00 - 2008-04-14 05:41 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2004-08-10 12:00 - 2008-04-14 05:42 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2005-03-15 22:17 - 2005-03-15 22:17 - 00204800 _____ () c:\Program Files\HP\Digital Imaging\bin\HpqUtil.dll
2005-09-06 08:46 - 2005-09-06 08:46 - 00061496 _____ () C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\clntutil.dll
2005-09-06 08:46 - 2005-09-06 08:46 - 00151589 _____ () C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\BWfiles.dll
2005-09-06 08:46 - 2005-09-06 08:46 - 00098339 _____ () C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\frext.dll
2005-09-06 08:46 - 2005-09-06 08:46 - 00126976 _____ () C:\Program Files\Updates from HP\9972322\Program\HPClientExt.dll
2015-03-20 22:24 - 2015-03-14 03:12 - 09278792 _____ () C:\Program Files\Google\Chrome\Application\41.0.2272.101\pdf.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\05650530.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\07052787.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\07335284.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\19264573.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\25825951.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\29387598.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\33294898.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\35163538.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\57894774.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\66864755.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\67169168.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\68319837.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\71011496.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\72732895.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\72805924.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\78869082.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\79608268.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\83317152.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\84126562.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\84605634.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\85349088.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\87533320.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\87964760.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\96479692.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\98067264.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\05650530.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\07052787.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\07335284.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\19264573.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\25825951.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\29387598.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\33294898.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\35163538.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\57894774.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\66864755.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\67169168.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\68319837.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\71011496.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\72732895.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\72805924.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\78869082.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\79608268.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\83317152.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\84126562.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\84605634.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\85349088.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\87533320.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\87964760.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\96479692.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\98067264.sys => ""="Driver"
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-403728013-4087379911-1177270023-1008\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
DNS Servers: 192.168.1.254 - 75.153.176.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-403728013-4087379911-1177270023-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
Guest (S-1-5-21-403728013-4087379911-1177270023-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-403728013-4087379911-1177270023-1007 - Limited - Disabled)
HP_Administrator (S-1-5-21-403728013-4087379911-1177270023-1008 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\HP_Administrator
SUPPORT_388945a0 (S-1-5-21-403728013-4087379911-1177270023-1002 - Limited - Disabled)
SUPPORT_fddfa904 (S-1-5-21-403728013-4087379911-1177270023-1006 - Limited - Disabled)
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/22/2015 05:26:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application frst.exe, version 11.3.2015.0, faulting module frst.exe, version 11.3.2015.0, fault address 0x0001f09e.
Processing media-specific event for [frst.exe!ws!]
 
Error: (03/22/2015 05:25:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application FRST.exe, version 11.3.2015.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error: (03/20/2015 09:00:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application roguekiller.exe, version 10.5.5.0, faulting module kernel32.dll, version 5.1.2600.6532, fault address 0x0000b152.
Processing media-specific event for [roguekiller.exe!ws!]
 
Error: (03/20/2015 09:00:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application roguekiller.exe, version 10.5.5.0, faulting module kernel32.dll, version 5.1.2600.6532, fault address 0x0000b152.
Processing media-specific event for [roguekiller.exe!ws!]
 
Error: (03/01/2015 02:19:14 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.OE.Systray.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.IOException
Stack:
   at System.Xml.XmlTextReaderImpl.OpenUrl()
   at System.Xml.XmlTextReaderImpl.Read()
   at System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean)
   at System.Xml.XmlDocument.Load(System.Xml.XmlReader)
   at System.Xml.XmlDocument.Load(System.String)
   at Avira.OE.WinCore.OeSharedSettingsAccessor.LoadXmlDocumentFromFile()
   at Avira.OE.WinCore.OeSharedSettingsAccessor.Get(System.String)
   at Avira.OE.WinCore.OeProductInfo.get_Culture()
   at Avira.OE.WinCore.Utility.CultureSetter.SetDefaultCultureDefinedInAppsettings()
   at Avira.OE.Systray.Program.Main(System.String[])
 
Error: (03/01/2015 02:18:07 PM) (Source: .NET Runtime 4.0 Error Reporting) (EventID: 5000) (User: )
Description: EventType clr20r3, P1 avira.oe.systray.exe, P2 1.1.30.21735, P3 54bce4be, P4 mscorlib, P5 4.0.0.0, P6 4e181ae3, P7 3fd1, P8 1f4, P9 clr20r30, P10 clr20r31.
 
Error: (02/27/2015 05:39:49 PM) (Source: ESENT) (EventID: 490) (User: )
Description: svchost (976) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\edb.log" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (02/20/2015 02:18:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application frst.exe, version 18.2.2015.1, faulting module frst.exe, version 18.2.2015.1, fault address 0x0001f09e.
Processing media-specific event for [frst.exe!ws!]
 
Error: (01/11/2015 02:56:41 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.OE.ServiceHost.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.AccessViolationException
Stack:
   at Avira.OE.WinCore.WinHandleUtil+NativeMethods.GetFullHandleName(IntPtr, System.Text.StringBuilder, Int32 ByRef)
   at Avira.OE.WinCore.WinHandleUtil.GetFullHandleName(IntPtr)
   at Avira.OE.WinCore.WcfAuthService.VerifyTokenEventName(IntPtr)
   at Avira.OE.WinCore.WcfAuthService.AuthenticateChannel(System.ServiceModel.IClientChannel, Avira.OE.WinCore.WcfAuthToken)
   at Avira.OE.WinCore.WcfServiceAuthInterceptor.AfterReceiveRequest(System.ServiceModel.Channels.Message ByRef, System.ServiceModel.IClientChannel, System.ServiceModel.InstanceContext)
   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.AfterReceiveRequestCore(System.ServiceModel.Dispatcher.MessageRpc ByRef)
   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage2(System.ServiceModel.Dispatcher.MessageRpc ByRef)
   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage11(System.ServiceModel.Dispatcher.MessageRpc ByRef)
   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage1(System.ServiceModel.Dispatcher.MessageRpc ByRef)
   at System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean)
   at System.ServiceModel.Dispatcher.ChannelHandler.DispatchAndReleasePump(System.ServiceModel.Channels.RequestContext, Boolean, System.ServiceModel.OperationContext)
   at System.ServiceModel.Dispatcher.ChannelHandler.HandleRequest(System.ServiceModel.Channels.RequestContext, System.ServiceModel.OperationContext)
   at System.ServiceModel.Dispatcher.ChannelHandler.AsyncMessagePump(System.IAsyncResult)
   at System.ServiceModel.Dispatcher.ChannelHandler.OnAsyncReceiveComplete(System.IAsyncResult)
   at System.Runtime.Fx+AsyncThunk.UnhandledExceptionFrame(System.IAsyncResult)
   at System.Runtime.AsyncResult.Complete(Boolean)
   at System.ServiceModel.Channels.FramingDuplexSessionChannel+TryReceiveAsyncResult.OnReceive(System.IAsyncResult)
   at System.Runtime.Fx+AsyncThunk.UnhandledExceptionFrame(System.IAsyncResult)
   at System.Runtime.AsyncResult.Complete(Boolean)
   at System.ServiceModel.Channels.SynchronizedMessageSource+ReceiveAsyncResult.OnReceiveComplete(System.Object)
   at System.ServiceModel.Channels.SessionConnectionReader.OnAsyncReadComplete(System.Object)
   at System.ServiceModel.Channels.StreamConnection.OnRead(System.IAsyncResult)
   at System.Runtime.Fx+AsyncThunk.UnhandledExceptionFrame(System.IAsyncResult)
   at System.Net.LazyAsyncResult.Complete(IntPtr)
   at System.Net.LazyAsyncResult.ProtectedInvokeCallback(System.Object, IntPtr)
   at System.Net.Security.NegotiateStream.ProcessFrameBody(Int32, Byte[], Int32, Int32, System.Net.AsyncProtocolRequest)
   at System.Net.Security.NegotiateStream.ReadCallback(System.Net.AsyncProtocolRequest)
   at System.Net.AsyncProtocolRequest.CompleteRequest(Int32)
   at System.Net.FixedSizeReader.CheckCompletionBeforeNextRead(Int32)
   at System.Net.FixedSizeReader.ReadCallback(System.IAsyncResult)
   at System.Runtime.AsyncResult.Complete(Boolean)
   at System.ServiceModel.Channels.ConnectionStream+ReadAsyncResult.OnAsyncReadComplete(System.Object)
   at System.ServiceModel.Channels.PipeConnection.OnAsyncReadComplete(Boolean, Int32, Int32)
   at System.ServiceModel.Channels.OverlappedContext.CompleteCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
   at System.Runtime.Fx+IOCompletionThunk.UnhandledExceptionFrame(UInt32, UInt32, System.Threading.NativeOverlapped*)
   at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
 
Error: (01/10/2015 05:50:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application frst.exe, version 10.1.2015.0, faulting module frst.exe, version 10.1.2015.0, fault address 0x0001f09e.
Processing media-specific event for [frst.exe!ws!]
 
 
System errors:
=============
Error: (03/22/2015 04:56:16 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The iPod Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (03/22/2015 04:56:11 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Machine Debug Manager service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (03/22/2015 04:56:10 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The LightScribeService Direct Disc Labeling Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (03/22/2015 04:56:10 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Java Quick Starter service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (03/22/2015 04:56:10 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Media Center Scheduler Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (03/22/2015 04:56:10 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Media Center Receiver Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (03/22/2015 04:56:09 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Sandboxie Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (03/22/2015 02:55:14 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
iaStor
PCIIde
ViaIde
 
Error: (03/20/2015 11:31:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The iPod Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (03/20/2015 11:31:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Machine Debug Manager service terminated unexpectedly.  It has done this 1 time(s).
 
 
Microsoft Office Sessions:
=========================
Error: (03/22/2015 05:26:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: frst.exe11.3.2015.0frst.exe11.3.2015.00001f09e
 
Error: (03/22/2015 05:25:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FRST.exe11.3.2015.0hungapp0.0.0.000000000
 
Error: (03/20/2015 09:00:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: roguekiller.exe10.5.5.0kernel32.dll5.1.2600.65320000b152
 
Error: (03/20/2015 09:00:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: roguekiller.exe10.5.5.0kernel32.dll5.1.2600.65320000b152
 
Error: (03/01/2015 02:19:14 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.OE.Systray.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.IOException
Stack:
   at System.Xml.XmlTextReaderImpl.OpenUrl()
   at System.Xml.XmlTextReaderImpl.Read()
   at System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean)
   at System.Xml.XmlDocument.Load(System.Xml.XmlReader)
   at System.Xml.XmlDocument.Load(System.String)
   at Avira.OE.WinCore.OeSharedSettingsAccessor.LoadXmlDocumentFromFile()
   at Avira.OE.WinCore.OeSharedSettingsAccessor.Get(System.String)
   at Avira.OE.WinCore.OeProductInfo.get_Culture()
   at Avira.OE.WinCore.Utility.CultureSetter.SetDefaultCultureDefinedInAppsettings()
   at Avira.OE.Systray.Program.Main(System.String[])
 
Error: (03/01/2015 02:18:07 PM) (Source: .NET Runtime 4.0 Error Reporting) (EventID: 5000) (User: )
Description: clr20r3avira.oe.systray.exe1.1.30.2173554bce4bemscorlib4.0.0.04e181ae33fd11f4system.io.ioexceptionNIL
 
Error: (02/27/2015 05:39:49 PM) (Source: ESENT) (EventID: 490) (User: )
Description: svchost976C:\WINDOWS\system32\CatRoot2\edb.log-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.
 
Error: (02/20/2015 02:18:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: frst.exe18.2.2015.1frst.exe18.2.2015.10001f09e
 
Error: (01/11/2015 02:56:41 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.OE.ServiceHost.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.AccessViolationException
Stack:
   at Avira.OE.WinCore.WinHandleUtil+NativeMethods.GetFullHandleName(IntPtr, System.Text.StringBuilder, Int32 ByRef)
   at Avira.OE.WinCore.WinHandleUtil.GetFullHandleName(IntPtr)
   at Avira.OE.WinCore.WcfAuthService.VerifyTokenEventName(IntPtr)
   at Avira.OE.WinCore.WcfAuthService.AuthenticateChannel(System.ServiceModel.IClientChannel, Avira.OE.WinCore.WcfAuthToken)
   at Avira.OE.WinCore.WcfServiceAuthInterceptor.AfterReceiveRequest(System.ServiceModel.Channels.Message ByRef, System.ServiceModel.IClientChannel, System.ServiceModel.InstanceContext)
   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.AfterReceiveRequestCore(System.ServiceModel.Dispatcher.MessageRpc ByRef)
   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage2(System.ServiceModel.Dispatcher.MessageRpc ByRef)
   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage11(System.ServiceModel.Dispatcher.MessageRpc ByRef)
   at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage1(System.ServiceModel.Dispatcher.MessageRpc ByRef)
   at System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean)
   at System.ServiceModel.Dispatcher.ChannelHandler.DispatchAndReleasePump(System.ServiceModel.Channels.RequestContext, Boolean, System.ServiceModel.OperationContext)
   at System.ServiceModel.Dispatcher.ChannelHandler.HandleRequest(System.ServiceModel.Channels.RequestContext, System.ServiceModel.OperationContext)
   at System.ServiceModel.Dispatcher.ChannelHandler.AsyncMessagePump(System.IAsyncResult)
   at System.ServiceModel.Dispatcher.ChannelHandler.OnAsyncReceiveComplete(System.IAsyncResult)
   at System.Runtime.Fx+AsyncThunk.UnhandledExceptionFrame(System.IAsyncResult)
   at System.Runtime.AsyncResult.Complete(Boolean)
   at System.ServiceModel.Channels.FramingDuplexSessionChannel+TryReceiveAsyncResult.OnReceive(System.IAsyncResult)
   at System.Runtime.Fx+AsyncThunk.UnhandledExceptionFrame(System.IAsyncResult)
   at System.Runtime.AsyncResult.Complete(Boolean)
   at System.ServiceModel.Channels.SynchronizedMessageSource+ReceiveAsyncResult.OnReceiveComplete(System.Object)
   at System.ServiceModel.Channels.SessionConnectionReader.OnAsyncReadComplete(System.Object)
   at System.ServiceModel.Channels.StreamConnection.OnRead(System.IAsyncResult)
   at System.Runtime.Fx+AsyncThunk.UnhandledExceptionFrame(System.IAsyncResult)
   at System.Net.LazyAsyncResult.Complete(IntPtr)
   at System.Net.LazyAsyncResult.ProtectedInvokeCallback(System.Object, IntPtr)
   at System.Net.Security.NegotiateStream.ProcessFrameBody(Int32, Byte[], Int32, Int32, System.Net.AsyncProtocolRequest)
   at System.Net.Security.NegotiateStream.ReadCallback(System.Net.AsyncProtocolRequest)
   at System.Net.AsyncProtocolRequest.CompleteRequest(Int32)
   at System.Net.FixedSizeReader.CheckCompletionBeforeNextRead(Int32)
   at System.Net.FixedSizeReader.ReadCallback(System.IAsyncResult)
   at System.Runtime.AsyncResult.Complete(Boolean)
   at System.ServiceModel.Channels.ConnectionStream+ReadAsyncResult.OnAsyncReadComplete(System.Object)
   at System.ServiceModel.Channels.PipeConnection.OnAsyncReadComplete(Boolean, Int32, Int32)
   at System.ServiceModel.Channels.OverlappedContext.CompleteCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
   at System.Runtime.Fx+IOCompletionThunk.UnhandledExceptionFrame(UInt32, UInt32, System.Threading.NativeOverlapped*)
   at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
 
Error: (01/10/2015 05:50:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: frst.exe10.1.2015.0frst.exe10.1.2015.00001f09e
 
 
==================== Memory info =========================== 
 
Processor:  Intel® Pentium® 4 CPU 3.00GHz
Percentage of memory in use: 68%
Total physical RAM: 1015.29 MB
Available physical RAM: 322.42 MB
Total Pagefile: 2440.75 MB
Available Pagefile: 1424.98 MB
Total Virtual: 2047.88 MB
Available Virtual: 1945.63 MB
 
==================== Drives ================================
 
Drive c: (HP_PAVILION) (Fixed) (Total:224.87 GB) (Free:194.13 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (RECOVERY) (Fixed) (Total:8 GB) (Free:0.9 GB) FAT32 ==>[Drive with boot components (Windows XP)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 1549F232)
Partition 1: (Not Active) - (Size=8 GB) - (Type=0C)
Partition 2: (Active) - (Size=224.9 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
 
The FRST logs show multiple sandboxie and chrome processes. That isn't normal. FRST also crashed/froze on my first two attempts to run it.


#11 Johnny Computer

Johnny Computer

  • Malware Response Team
  • 1,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1
  • Local time:04:55 PM

Posted 23 March 2015 - 07:32 AM

Hi CarrotCakes-

 

The FRST logs show multiple sandboxie and chrome processes. That isn't normal.

 

 

You don’t need to worry about the multiple processes.  This is normal.

 

 

In post #9 I asked:

 

Are the duplicate files you told us about in your original post still present?

 

 

Can you tell me if the duplicates are still present?

 

Thanks :)

 


avatar591802_2.gif"DO OR DO NOT. THERE IS NO TRY."


#12 CarrotCakes

CarrotCakes
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:55 PM

Posted 24 March 2015 - 09:47 PM

No, the duplicates with the alpha-numerical strings were removed with FRST. They've come back before, but don't seem to be present right now.

 

Is there any concern regarding adwcleaner, since it can't seem to find the items again and thus I can't remove them? 



#13 Johnny Computer

Johnny Computer

  • Malware Response Team
  • 1,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1
  • Local time:04:55 PM

Posted 25 March 2015 - 07:59 AM

Hi CarrotCakes-

 

 

No, the duplicates with the alpha-numerical strings were removed with FRST

 

 

 

No, they were not.  :) FRST does not do any cleaning unless a script is run which has not been done yet.  This is one of the reasons why I asked if they were still present 

 

 

Is there any concern regarding adwcleaner, since it can't seem to find the items again and thus I can't remove them? 

 

 

 

Your issues with RK, ADWCleaner, Chrome, and Sandboxie are all likely conflict issues as your logs show no malware.  This means your remaining issues are either due to configuration conflicts, which I suspect is the case here, or hardware issues.  This forum is for malware removal which we have established is not present on your system.  Let’s try a few other things to see if we can clear up some of your remaining issues.

 

 

 

Your hard drive needs to be defragmented.  A fragmented hard drive can cause issues similar to some you have described

 

:step1:   Please follow the instructions here to defragment your hard drive:  http://www.bleepingcomputer.com/tutorials/the-importance-of-disk-defragmentation/

 

  ---------------------------------------------------------------------

 

   :step2:  Next, please turn off/disable both Avira and Sandboxie , re run Rogue Killer, and post the log

 

 

 ======================================================

 

IN YOUR NEXT REPLY I NEED:

 

1.)  Let me know how the defragmentation went

2.)  Your RK Log

 

 

Thanks  :)


avatar591802_2.gif"DO OR DO NOT. THERE IS NO TRY."


#14 CarrotCakes

CarrotCakes
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:55 PM

Posted 26 March 2015 - 05:58 AM

If there's no malware, great. :) I thought there was because of this item in the first few FRST scans (the ones with the duplicates):

Toolbar: HKU\S-1-5-21-403728013-4087379911-1177270023-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File.

I didn't install it, and couldn't find it either when I looked at the toolbars in IE so thought malware.

 

I defragmented the C Drive; it said there were a few files that couldn't be defragged but the report showed otherwise. The D Drive only has 11% free space. Should I run the defraggler anyway?

I'll run RK after that.



#15 Johnny Computer

Johnny Computer

  • Malware Response Team
  • 1,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1
  • Local time:04:55 PM

Posted 26 March 2015 - 09:39 AM

Hi CarrotCakes-

 

Yes, as long as drive d: is not a solid state drive you can defragment it.  Then, turn off/disable both Avira and Sandboxie , re run Rogue Killer, and post the log.

 

Thanks   :)


Edited by Johnny Computer, 26 March 2015 - 01:25 PM.

avatar591802_2.gif"DO OR DO NOT. THERE IS NO TRY."





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users