Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Need Help Sanitizing PC flagged on cbl.abuseat.org as participating in


  • This topic is locked This topic is locked

#1
Aswang2K

Aswang2K

    Member

  • Member
  • PipPip
  • 12 posts

*EDIT* Topic should read :  "Need Help Sanitizing PC flagged on cbl.abuseat.org as participating in spambot botnet."

 

 

Good day !

This past week, I spent more time fixing and reinstalling windows 7 on my computer because of weird computer and browser activities. Computer would just freeze and all I can do is to reset power. I tried malwarebytes, adwcleaner, junkware removal tool, autoruns, rkill , windows security essentials, cccleaner, tdsskiller, spybot search and destroy , and addspy but I can't fix whatever it is that's bugging my computer.

 

I tried logging in to my account at bleepingcomputer.com to ask for help but it won't let me. When I tried logging in to my account,  this message shows up :

 

Sorry, you don't have permission for that!
You are not allowed to visit this community.

 

 

That's weird since I was able to login to that site a while back. I googled the error and one of the search result pointed me to cbl.abuseat.org . So i tried verifying if my IP is doing something it's not supposed to do. cbl.abuseat.org reported my IP as :

 

 

This IP is infected (or NATting for a computer that is infected) with the cutwail spambot. In other words, it's participating in a botnet.

Cutwail is a complex infection and requires a number of steps to ensure that it's eradicated.

 

So I read the information there and downloaded/installed/run Norton Power Eraser. What it did was to overwrite/reset my host file (copied from winhelp2002.mvps.org/hosts.htm) to just these two lines

 

127.0.0.1       localhost
::1             localhost

 

 

I used the tools mentioned above to fix whatever it is that's blacklisting my IP and I am not sure if i have eliminated this infection.

 

I downloaded OTL and did the 1st Quick Scan and accepting the default settings when I first opened OTL prior to scanning. I saved the Quick Scan logs in a folder in the desktop so i't won't be overwritten by the 2nd phase OTL scan. The second OTL scan is done with these settings 

 

 

•Scan All Users
 
•Include 64bit Scans - If present. (default)
 
•Use Company-Name WhiteList
 
•Skip Microsoft Files
 
•Use No-Company-Name WhiteList
 
•LOP Check
 
•Purity Check
 
•In the Extra Registry box select Use Safe List

 

and in the Custom Scan Box, I pasted this lines:

%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
dir C:\ /S /A:L /C

and clicked Run Scan

 

 
 Here are the logs.

 

1st Phase Scan :

 

OTL logfile created on: 4/6/2014 8:54:01 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Tribu\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.97 Gb Total Physical Memory | 2.65 Gb Available Physical Memory | 66.90% Memory free
7.93 Gb Paging File | 6.48 Gb Available in Paging File | 81.73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97.66 Gb Total Space | 71.46 Gb Free Space | 73.18% Space Free | Partition Type: NTFS
Drive D: | 368.00 Gb Total Space | 168.78 Gb Free Space | 45.86% Space Free | Partition Type: NTFS
Drive E: | 7.26 Gb Total Space | 7.26 Gb Free Space | 100.00% Space Free | Partition Type: FAT32
 
Computer Name: TRIBU-PC | User Name: Tribu | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/04/06 08:41:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tribu\Desktop\OTL.exe
PRC - [2014/04/06 08:08:28 | 000,841,096 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_12_0_0_77_ActiveX.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2009/06/11 05:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/03/11 12:34:10 | 000,347,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2014/03/11 12:34:10 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2009/07/14 09:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 09:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/03/01 09:48:58 | 000,118,520 | ---- | M] (Riverbed Technology, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2009/06/11 05:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/03/11 09:52:30 | 000,133,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/03/01 09:49:12 | 000,036,600 | ---- | M] (Riverbed Technology, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2012/03/01 14:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2010/11/20 21:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 21:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 21:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/11/20 19:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 19:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2009/07/14 09:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 09:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 09:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/11 04:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 04:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 04:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 04:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/03/01 23:05:32 | 000,187,392 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV - [2009/07/14 09:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ph.msn.com/?r...opt=0&ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 80 B5 42 91 0B 51 CF 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
 
 
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
 
O1 HOSTS File: ([2014/04/06 03:00:30 | 000,000,054 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Tribu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B2649FAA-F101-4108-9ACD-85E210D0E599}: DhcpNameServer = 192.168.0.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/04/06 08:48:25 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2014/04/06 08:47:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2014/04/06 08:47:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2014/04/06 08:46:56 | 000,791,393 | ---- | C] (Lars Hederer                                                ) -- C:\Users\Tribu\Desktop\erunt-setup.exe
[2014/04/06 08:41:17 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Tribu\Desktop\OTL.exe
[2014/04/06 08:33:26 | 000,000,000 | ---D | C] -- C:\Users\Tribu\AppData\Roaming\Wireshark
[2014/04/06 08:32:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
[2014/04/06 08:32:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinPcap
[2014/04/06 08:31:46 | 000,000,000 | ---D | C] -- C:\Program Files\Wireshark
[2014/04/06 08:30:52 | 027,997,568 | ---- | C] (Wireshark development team) -- C:\Users\Tribu\Desktop\Wireshark-win64-1.10.6.exe
[2014/04/06 08:08:44 | 000,000,000 | ---D | C] -- C:\Users\Tribu\AppData\Roaming\Macromedia
[2014/04/06 08:08:44 | 000,000,000 | ---D | C] -- C:\Users\Tribu\AppData\Roaming\Adobe
[2014/04/06 08:08:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2014/04/06 08:08:24 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2014/04/06 07:17:42 | 000,000,000 | ---D | C] -- C:\Users\Tribu\Documents\ProcAlyzer Dumps
[2014/04/06 06:38:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2014/04/06 06:38:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2014/04/06 05:51:09 | 000,448,512 | ---- | C] (OldTimer Tools) -- C:\Users\Tribu\Desktop\TFC.exe
[2014/04/06 05:40:33 | 000,409,600 | ---- | C] (Farbar) -- C:\Users\Tribu\Desktop\FSS.exe
[2014/04/06 05:39:19 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/04/06 05:38:59 | 004,139,872 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Tribu\Desktop\tdsskiller.exe
[2014/04/06 05:38:59 | 001,038,974 | ---- | C] (Thisisu) -- C:\Users\Tribu\Desktop\JRT.exe
[2014/04/06 05:38:59 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Tribu\Desktop\HijackThis.exe
[2014/04/06 05:38:59 | 000,037,888 | ---- | C] (Soeperman Enterprises Ltd.) -- C:\Users\Tribu\Desktop\ADSSpy.exe
[2014/04/06 04:10:23 | 000,000,000 | ---D | C] -- C:\Users\Tribu\AppData\Local\Skype
[2014/04/06 02:51:45 | 000,000,000 | ---D | C] -- C:\ProgramData\SMR410
[2014/04/06 02:51:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2014/04/06 02:51:28 | 000,000,000 | ---D | C] -- C:\Users\Tribu\AppData\Local\NPE
[2014/04/06 01:34:51 | 000,000,000 | ---D | C] -- C:\Users\Tribu\AppData\Local\Microsoft_Corporation
[2014/04/06 01:03:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2014/04/06 01:03:39 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014/04/06 00:56:44 | 000,000,000 | ---D | C] -- C:\Users\Tribu\AppData\Roaming\Skype
[2014/04/05 22:36:54 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/04/05 21:30:07 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2014/04/05 20:58:15 | 000,000,000 | -HSD | C] -- C:\found.000
[2014/04/05 20:25:54 | 000,035,112 | ---- | C] (TeamViewer GmbH) -- C:\Windows\SysNative\drivers\teamviewervpn.sys
[2014/04/05 20:25:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2014/04/05 16:25:45 | 000,000,000 | ---D | C] -- C:\Users\Tribu\AppData\Roaming\OpenDNS Updater
[2014/04/04 01:16:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2014/04/03 08:51:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2014/04/03 04:01:46 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2014/04/03 03:03:01 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2014/04/03 03:02:30 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2014/04/02 18:08:54 | 000,000,000 | ---D | C] -- C:\MGADiagToolOutput
[2014/04/02 18:08:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2014/04/02 16:24:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2014/04/02 16:24:22 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2014/04/02 16:07:37 | 000,116,224 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll
[2014/04/02 16:07:21 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
[2014/04/02 15:49:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2014/04/02 15:49:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2014/04/02 15:11:30 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2014/04/02 15:11:30 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2014/04/02 13:46:32 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2014/04/02 13:42:02 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2014/04/02 13:41:33 | 000,061,216 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2014/04/02 13:41:33 | 000,053,024 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2014/04/02 13:41:11 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2014/04/02 12:47:00 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2014/04/02 12:42:09 | 000,000,000 | ---D | C] -- C:\Users\Tribu\AppData\Local\Google
[2014/04/02 12:42:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2014/04/02 12:16:25 | 000,000,000 | ---D | C] -- C:\Users\Tribu\AppData\Roaming\Malwarebytes
[2014/04/02 12:14:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/04/02 12:14:00 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/04/02 12:14:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014/04/02 12:14:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/04/02 12:13:42 | 000,000,000 | ---D | C] -- C:\Users\Tribu\AppData\Local\Programs
[2014/04/02 12:10:48 | 000,000,000 | R--D | C] -- C:\Users\Tribu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/04/02 12:10:48 | 000,000,000 | R--D | C] -- C:\Users\Tribu\Searches
[2014/04/02 12:10:48 | 000,000,000 | R--D | C] -- C:\Users\Tribu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/04/02 12:10:47 | 000,000,000 | -H-D | C] -- C:\Users\Tribu\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/04/02 12:10:38 | 000,000,000 | ---D | C] -- C:\Users\Tribu\AppData\Roaming\Identities
[2014/04/02 12:10:33 | 000,000,000 | R--D | C] -- C:\Users\Tribu\Contacts
[2014/04/02 12:10:32 | 000,000,000 | ---D | C] -- C:\Users\Tribu\AppData\Local\VirtualStore
[2014/04/02 12:10:20 | 000,000,000 | -HSD | C] -- C:\Users\Tribu\AppData\Local\Temporary Internet Files
[2014/04/02 12:10:20 | 000,000,000 | -HSD | C] -- C:\Users\Tribu\Templates
[2014/04/02 12:10:20 | 000,000,000 | -HSD | C] -- C:\Users\Tribu\Start Menu
[2014/04/02 12:10:20 | 000,000,000 | -HSD | C] -- C:\Users\Tribu\SendTo
[2014/04/02 12:10:20 | 000,000,000 | -HSD | C] -- C:\Users\Tribu\Recent
[2014/04/02 12:10:20 | 000,000,000 | -HSD | C] -- C:\Users\Tribu\PrintHood
[2014/04/02 12:10:20 | 000,000,000 | -HSD | C] -- C:\Users\Tribu\NetHood
[2014/04/02 12:10:20 | 000,000,000 | -HSD | C] -- C:\Users\Tribu\Documents\My Videos
[2014/04/02 12:10:20 | 000,000,000 | -HSD | C] -- C:\Users\Tribu\Documents\My Pictures
[2014/04/02 12:10:20 | 000,000,000 | -HSD | C] -- C:\Users\Tribu\Documents\My Music
[2014/04/02 12:10:20 | 000,000,000 | -HSD | C] -- C:\Users\Tribu\My Documents
[2014/04/02 12:10:20 | 000,000,000 | -HSD | C] -- C:\Users\Tribu\Local Settings
[2014/04/02 12:10:20 | 000,000,000 | -HSD | C] -- C:\Users\Tribu\AppData\Local\History
[2014/04/02 12:10:20 | 000,000,000 | -HSD | C] -- C:\Users\Tribu\Cookies
[2014/04/02 12:10:20 | 000,000,000 | -HSD | C] -- C:\Users\Tribu\Application Data
[2014/04/02 12:10:20 | 000,000,000 | -HSD | C] -- C:\Users\Tribu\AppData\Local\Application Data
[2014/04/02 12:10:19 | 000,000,000 | --SD | C] -- C:\Users\Tribu\AppData\Roaming\Microsoft
[2014/04/02 12:10:19 | 000,000,000 | R--D | C] -- C:\Users\Tribu\Videos
[2014/04/02 12:10:19 | 000,000,000 | R--D | C] -- C:\Users\Tribu\Saved Games
[2014/04/02 12:10:19 | 000,000,000 | R--D | C] -- C:\Users\Tribu\Pictures
[2014/04/02 12:10:19 | 000,000,000 | R--D | C] -- C:\Users\Tribu\Music
[2014/04/02 12:10:19 | 000,000,000 | R--D | C] -- C:\Users\Tribu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/04/02 12:10:19 | 000,000,000 | R--D | C] -- C:\Users\Tribu\Links
[2014/04/02 12:10:19 | 000,000,000 | R--D | C] -- C:\Users\Tribu\Favorites
[2014/04/02 12:10:19 | 000,000,000 | R--D | C] -- C:\Users\Tribu\Downloads
[2014/04/02 12:10:19 | 000,000,000 | R--D | C] -- C:\Users\Tribu\Documents
[2014/04/02 12:10:19 | 000,000,000 | R--D | C] -- C:\Users\Tribu\Desktop
[2014/04/02 12:10:19 | 000,000,000 | R--D | C] -- C:\Users\Tribu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/04/02 12:10:19 | 000,000,000 | -H-D | C] -- C:\Users\Tribu\AppData
[2014/04/02 12:10:19 | 000,000,000 | ---D | C] -- C:\Users\Tribu\AppData\Local\Temp
[2014/04/02 12:10:19 | 000,000,000 | ---D | C] -- C:\Users\Tribu\AppData\Local\Microsoft
[2014/04/02 12:10:19 | 000,000,000 | ---D | C] -- C:\Users\Tribu\AppData\Roaming\Media Center Programs
[2014/04/02 12:08:34 | 000,000,000 | -HSD | C] -- C:\Recovery
[2014/04/02 12:08:31 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
 
========== Files - Modified Within 30 Days ==========
 
[2014/04/06 08:48:02 | 000,001,104 | ---- | M] () -- C:\Users\Tribu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2014/04/06 08:47:36 | 000,000,924 | ---- | M] () -- C:\Users\Tribu\Desktop\NTREGOPT.lnk
[2014/04/06 08:47:36 | 000,000,905 | ---- | M] () -- C:\Users\Tribu\Desktop\ERUNT.lnk
[2014/04/06 08:46:27 | 000,791,393 | ---- | M] (Lars Hederer                                                ) -- C:\Users\Tribu\Desktop\erunt-setup.exe
[2014/04/06 08:41:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tribu\Desktop\OTL.exe
[2014/04/06 08:39:26 | 000,020,704 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/04/06 08:39:26 | 000,020,704 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/04/06 08:32:08 | 000,001,531 | ---- | M] () -- C:\Users\Public\Desktop\Wireshark.lnk
[2014/04/06 08:29:05 | 027,997,568 | ---- | M] (Wireshark development team) -- C:\Users\Tribu\Desktop\Wireshark-win64-1.10.6.exe
[2014/04/06 07:40:51 | 000,713,888 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/04/06 07:40:51 | 000,615,122 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/04/06 07:40:51 | 000,103,496 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/04/06 07:36:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/04/06 07:36:21 | 3195,559,936 | -HS- | M] () -- C:\hiberfil.sys
[2014/04/06 07:35:36 | 000,000,085 | ---- | M] () -- C:\Windows\wininit.ini
[2014/04/06 05:50:54 | 000,448,512 | ---- | M] (OldTimer Tools) -- C:\Users\Tribu\Desktop\TFC.exe
[2014/04/06 05:46:37 | 000,267,240 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/04/06 05:40:17 | 000,409,600 | ---- | M] (Farbar) -- C:\Users\Tribu\Desktop\FSS.exe
[2014/04/06 05:35:21 | 001,038,974 | ---- | M] (Thisisu) -- C:\Users\Tribu\Desktop\JRT.exe
[2014/04/06 05:32:42 | 004,139,872 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Tribu\Desktop\tdsskiller.exe
[2014/04/06 05:10:52 | 000,037,888 | ---- | M] (Soeperman Enterprises Ltd.) -- C:\Users\Tribu\Desktop\ADSSpy.exe
[2014/04/06 03:00:30 | 000,517,336 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.bak
[2014/04/06 03:00:30 | 000,000,054 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/04/06 01:03:40 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/04/06 00:20:06 | 000,036,680 | ---- | M] () -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/04/05 22:39:48 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Tribu\Desktop\HijackThis.exe
[2014/04/05 21:30:55 | 000,000,057 | ---- | M] () -- C:\Windows\SysWow64\mapisvc.inf
[2014/04/05 20:08:41 | 000,006,576 | ---- | M] () -- C:\bootsqm.dat
[2014/04/05 03:35:50 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014/04/03 03:05:04 | 000,042,045 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2014/04/03 03:05:04 | 000,042,045 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2014/04/02 16:28:02 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2014/04/02 16:05:03 | 000,001,437 | ---- | M] () -- C:\Users\Tribu\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/04/02 14:08:56 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/04/02 14:08:54 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2014/04/02 12:14:01 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
 
========== Files Created - No Company Name ==========
 
[2014/04/06 08:48:02 | 000,001,104 | ---- | C] () -- C:\Users\Tribu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2014/04/06 08:47:36 | 000,000,924 | ---- | C] () -- C:\Users\Tribu\Desktop\NTREGOPT.lnk
[2014/04/06 08:47:36 | 000,000,905 | ---- | C] () -- C:\Users\Tribu\Desktop\ERUNT.lnk
[2014/04/06 08:32:08 | 000,001,543 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
[2014/04/06 08:32:08 | 000,001,531 | ---- | C] () -- C:\Users\Public\Desktop\Wireshark.lnk
[2014/04/06 07:35:34 | 000,000,085 | ---- | C] () -- C:\Windows\wininit.ini
[2014/04/06 05:46:29 | 000,267,240 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/04/06 01:03:40 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/04/05 21:44:22 | 000,036,680 | ---- | C] () -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/04/05 20:08:41 | 000,006,576 | ---- | C] () -- C:\bootsqm.dat
[2014/04/05 03:35:50 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014/04/03 03:02:30 | 3195,559,936 | -HS- | C] () -- C:\hiberfil.sys
[2014/04/02 16:08:45 | 000,095,744 | ---- | C] () -- C:\Windows\SysNative\RDVGHelper.exe
[2014/04/02 16:08:33 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2014/04/02 16:07:06 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml
[2014/04/02 16:06:56 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
[2014/04/02 16:06:56 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml
[2014/04/02 16:06:46 | 000,146,389 | ---- | C] () -- C:\Windows\SysWow64\printmanagement.msc
[2014/04/02 16:06:46 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml
[2014/04/02 16:05:03 | 000,001,443 | ---- | C] () -- C:\Users\Tribu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/04/02 15:50:12 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2014/04/02 15:49:47 | 000,002,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2014/04/02 15:05:32 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2014/04/02 15:04:31 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2014/04/02 14:08:56 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/04/02 14:08:54 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2014/04/02 12:20:29 | 000,001,437 | ---- | C] () -- C:\Users\Tribu\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/04/02 12:14:01 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/04/02 12:10:57 | 000,001,409 | ---- | C] () -- C:\Users\Tribu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2014/04/02 12:10:20 | 000,000,290 | ---- | C] () -- C:\Users\Tribu\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/04/02 12:10:20 | 000,000,272 | ---- | C] () -- C:\Users\Tribu\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013/03/01 09:47:36 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
 
========== ZeroAccess Check ==========
 
[2009/07/14 12:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 13:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 12:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 09:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 20:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 09:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/04/05 16:25:45 | 000,000,000 | ---D | M] -- C:\Users\Tribu\AppData\Roaming\OpenDNS Updater
[2014/04/06 08:33:26 | 000,000,000 | ---D | M] -- C:\Users\Tribu\AppData\Roaming\Wireshark
 
========== Purity Check ==========
 
 

< End of report >

 

 

OTL Extras logfile created on: 4/6/2014 8:54:01 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Tribu\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.97 Gb Total Physical Memory | 2.65 Gb Available Physical Memory | 66.90% Memory free
7.93 Gb Paging File | 6.48 Gb Available in Paging File | 81.73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97.66 Gb Total Space | 71.46 Gb Free Space | 73.18% Space Free | Partition Type: NTFS
Drive D: | 368.00 Gb Total Space | 168.78 Gb Free Space | 45.86% Space Free | Partition Type: NTFS
Drive E: | 7.26 Gb Total Space | 7.26 Gb Free Space | 100.00% Space Free | Partition Type: FAT32
 
Computer Name: TRIBU-PC | User Name: Tribu | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{E7925603-925E-4B19-A7C2-ACC33085EBC1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{BFAE8D5B-F918-486F-B74E-90762DF11C5C}" = Microsoft Security Client
"CCleaner" = CCleaner
"Microsoft Security Client" = Microsoft Security Essentials
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"ERUNT_is1" = ERUNT 1.1j
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"WinPcapInst" = WinPcap 4.1.3
"Wireshark" = Wireshark 1.10.6 (64-bit)
 
========== Last 20 Event Log Errors ==========
 
[ System Events ]
Error - 4/5/2014 5:51:15 PM | Computer Name = Tribu-PC | Source = Service Control Manager | ID = 7034
Description = The MBAMScheduler service terminated unexpectedly.  It has done this
 1 time(s).
 
Error - 4/5/2014 6:39:25 PM | Computer Name = Tribu-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D
 2 Scanner Service service to connect.
 
Error - 4/5/2014 6:39:25 PM | Computer Name = Tribu-PC | Source = Service Control Manager | ID = 7000
Description = The Spybot-S&D 2 Scanner Service service failed to start due to the
 following error:   %%1053
 
 
< End of report >
 

 

 

-------------------------------------------------------------------------------------------

 

2nd Phase Scan

 

OTL logfile created on: 4/6/2014 9:58:23 AM - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Tribu\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.97 Gb Total Physical Memory | 2.44 Gb Available Physical Memory | 61.40% Memory free
7.93 Gb Paging File | 6.29 Gb Available in Paging File | 79.27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97.66 Gb Total Space | 71.46 Gb Free Space | 73.18% Space Free | Partition Type: NTFS
Drive D: | 368.00 Gb Total Space | 168.78 Gb Free Space | 45.86% Space Free | Partition Type: NTFS
Drive E: | 7.26 Gb Total Space | 7.26 Gb Free Space | 100.00% Space Free | Partition Type: FAT32
 
Computer Name: TRIBU-PC | User Name: Tribu | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/04/06 08:41:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tribu\Desktop\OTL.exe
PRC - [2014/04/06 08:08:28 | 000,841,096 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_12_0_0_77_ActiveX.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2009/06/11 05:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/03/11 12:34:10 | 000,347,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2014/03/11 12:34:10 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2009/07/14 09:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 09:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/03/01 09:48:58 | 000,118,520 | ---- | M] (Riverbed Technology, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2009/06/11 05:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/03/11 09:52:30 | 000,133,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/03/01 09:49:12 | 000,036,600 | ---- | M] (Riverbed Technology, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2012/03/01 14:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2010/11/20 21:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 21:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 21:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/11/20 19:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 19:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2009/07/14 09:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 09:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 09:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/11 04:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 04:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 04:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 04:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/03/01 23:05:32 | 000,187,392 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV - [2009/07/14 09:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-21-904592080-3486822256-927163821-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ph.msn.com/?r...opt=0&ocid=iehp
IE - HKU\S-1-5-21-904592080-3486822256-927163821-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKU\S-1-5-21-904592080-3486822256-927163821-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 80 B5 42 91 0B 51 CF 01  [binary data]
IE - HKU\S-1-5-21-904592080-3486822256-927163821-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-904592080-3486822256-927163821-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-904592080-3486822256-927163821-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
 
 
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
 
O1 HOSTS File: ([2014/04/06 03:00:30 | 000,000,054 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun File not found
O4 - HKU\S-1-5-20..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun File not found
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft..../?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft..../?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Tribu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B2649FAA-F101-4108-9ACD-85E210D0E599}: DhcpNameServer = 192.168.0.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/04/06 09:38:35 | 000,000,000 | ---D | C] -- C:\Users\Tribu\Desktop\OTL Quick Scan
[2014/04/06 08:48:25 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2014/04/06 08:47:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2014/04/06 08:47:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2014/04/06 08:46:56 | 000,791,393 | ---- | C] (Lars Hederer                                                ) -- C:\Users\Tribu\Desktop\erunt-setup.exe
[2014/04/06 08:41:17 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Tribu\Desktop\OTL.exe
[2014/04/06 08:33:26 | 000,000,000 | ---D | C] -- C:\Users\Tribu\AppData\Roaming\Wireshark
[2014/04/06 08:32:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
[2014/04/06 08:32:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinPcap
[2014/04/06 08:31:46 | 000,000,000 | ---D | C] -- C:\Program Files\Wireshark
[2014/04/06 08:30:52 | 027,997,568 | ---- | C] (Wireshark development team) -- C:\Users\Tribu\Desktop\Wireshark-win64-1.10.6.exe
[2014/04/06 08:08:44 | 000,000,000 | ---D | C] -- C:\Users\Tribu\AppData\Roaming\Macromedia
[2014/04/06 08:08:44 | 000,000,000 | ---D | C] -- C:\Users\Tribu\AppData\Roaming\Adobe
[2014/04/06 08:08:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2014/04/06 08:08:24 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2014/04/06 07:17:42 | 000,000,000 | ---D | C] -- C:\Users\Tribu\Documents\ProcAlyzer Dumps
[2014/04/06 06:38:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2014/04/06 06:38:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2014/04/06 05:51:09 | 000,448,512 | ---- | C] (OldTimer Tools) -- C:\Users\Tribu\Desktop\TFC.exe
[2014/04/06 05:40:33 | 000,409,600 | ---- | C] (Farbar) -- C:\Users\Tribu\Desktop\FSS.exe
[2014/04/06 05:39:19 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/04/06 05:38:59 | 004,139,872 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Tribu\Desktop\tdsskiller.exe
[2014/04/06 05:38:59 | 001,038,974 | ---- | C] (Thisisu) -- C:\Users\Tribu\Desktop\JRT.exe
[2014/04/06 05:38:59 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Tribu\Desktop\HijackThis.exe
[2014/04/06 05:38:59 | 000,037,888 | ---- | C] (Soeperman Enterprises Ltd.) -- C:\Users\Tribu\Desktop\ADSSpy.exe
[2014/04/06 04:10:23 | 000,000,000 | ---D | C] -- C:\Users\Tribu\AppData\Local\Skype
[2014/04/06 02:51:45 | 000,000,000 | ---D | C] -- C:\ProgramData\SMR410
[2014/04/06 02:51:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2014/04/06 02:51:28 | 000,000,000 | ---D | C] -- C:\Users\Tribu\AppData\Local\NPE
[2014/04/06 01:34:51 | 000,000,000 | ---D | C] -- C:\Users\Tribu\AppData\Local\Microsoft_Corporation
[2014/04/06 01:03:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2014/04/06 01:03:39 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014/04/06 00:56:44 | 000,000,000 | ---D | C] -- C:\Users\Tribu\AppData\Roaming\Skype
[2014/04/05 22:36:54 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/04/05 21:30:07 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2014/04/05 20:58:15 | 000,000,000 | -HSD | C] -- C:\found.000
[2014/04/05 20:25:54 | 000,035,112 | ---- | C] (TeamViewer GmbH) -- C:\Windows\SysNative\drivers\teamviewervpn.sys
[2014/04/05 20:25:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2014/04/05 16:25:45 | 000,000,000 | ---D | C] -- C:\Users\Tribu\AppData\Roaming\OpenDNS Updater
[2014/04/04 01:16:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2014/04/03 08:51:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2014/04/03 04:01:46 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2014/04/03 03:03:01 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2014/04/03 03:02:30 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2014/04/02 18:08:54 | 000,000,000 | ---D | C] -- C:\MGADiagToolOutput
[2014/04/02 18:08:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2014/04/02 16:24:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2014/04/02 16:24:22 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2014/04/02 16:07:37 | 000,116,224 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll
[2014/04/02 16:07:21 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
[2014/04/02 15:49:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2014/04/02 15:49:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2014/04/02 15:11:30 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2014/04/02 15:11:30 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2014/04/02 13:46:32 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2014/04/02 13:42:02 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2014/04/02 13:41:33 | 000,061,216 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2014/04/02 13:41:33 | 000,053,024 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2014/04/02 13:41:11 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2014/04/02 12:47:00 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2014/04/02 12:42:09 | 000,000,000 | ---D | C] -- C:\Users\Tribu\AppData\Local\Google
[2014/04/02 12:42:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2014/04/02 12:16:25 | 000,000,000 | ---D | C] -- C:\Users\Tribu\AppData\Roaming\Malwarebytes
[2014/04/02 12:14:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/04/02 12:14:00 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/04/02 12:14:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014/04/02 12:14:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/04/02 12:13:42 | 000,000,000 | ---D | C] -- C:\Users\Tribu\AppData\Local\Programs
[2014/04/02 12:10:48 | 000,000,000 | R--D | C] -- C:\Users\Tribu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/04/02 12:10:48 | 000,000,000 | R--D | C] -- C:\Users\Tribu\Searches
[2014/04/02 12:10:48 | 000,000,000 | R--D | C] -- C:\Users\Tribu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/04/02 12:10:47 | 000,000,000 | -H-D | C] -- C:\Users\Tribu\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/04/02 12:10:38 | 000,000,000 | ---D | C] -- C:\Users\Tribu\AppData\Roaming\Identities
[2014/04/02 12:10:33 | 000,000,000 | R--D | C] -- C:\Users\Tribu\Contacts
[2014/04/02 12:10:32 | 000,000,000 | ---D | C] -- C:\Users\Tribu\AppData\Local\VirtualStore
[2014/04/02 12:10:20 | 000,000,000 | -HSD | C] -- C:\Users\Tribu\AppData\Local\Temporary Internet Files
[2014/04/02 12:10:20 | 000,000,000 | -HSD | C] -- C:\Users\Tribu\Templates
[2014/04/02 12:10:20 | 000,000,000 | -HSD | C] -- C:\Users\Tribu\Start Menu
[2014/04/02 12:10:20 | 000,000,000 | -HSD | C] -- C:\Users\Tribu\SendTo
[2014/04/02 12:10:20 | 000,000,000 | -HSD | C] -- C:\Users\Tribu\Recent
[2014/04/02 12:10:20 | 000,000,000 | -HSD | C] -- C:\Users\Tribu\PrintHood
[2014/04/02 12:10:20 | 000,000,000 | -HSD | C] -- C:\Users\Tribu\NetHood
[2014/04/02 12:10:20 | 000,000,000 | -HSD | C] -- C:\Users\Tribu\Documents\My Videos
[2014/04/02 12:10:20 | 000,000,000 | -HSD | C] -- C:\Users\Tribu\Documents\My Pictures
[2014/04/02 12:10:20 | 000,000,000 | -HSD | C] -- C:\Users\Tribu\Documents\My Music
[2014/04/02 12:10:20 | 000,000,000 | -HSD | C] -- C:\Users\Tribu\My Documents
[2014/04/02 12:10:20 | 000,000,000 | -HSD | C] -- C:\Users\Tribu\Local Settings
[2014/04/02 12:10:20 | 000,000,000 | -HSD | C] -- C:\Users\Tribu\AppData\Local\History
[2014/04/02 12:10:20 | 000,000,000 | -HSD | C] -- C:\Users\Tribu\Cookies
[2014/04/02 12:10:20 | 000,000,000 | -HSD | C] -- C:\Users\Tribu\Application Data
[2014/04/02 12:10:20 | 000,000,000 | -HSD | C] -- C:\Users\Tribu\AppData\Local\Application Data
[2014/04/02 12:10:19 | 000,000,000 | --SD | C] -- C:\Users\Tribu\AppData\Roaming\Microsoft
[2014/04/02 12:10:19 | 000,000,000 | R--D | C] -- C:\Users\Tribu\Videos
[2014/04/02 12:10:19 | 000,000,000 | R--D | C] -- C:\Users\Tribu\Saved Games
[2014/04/02 12:10:19 | 000,000,000 | R--D | C] -- C:\Users\Tribu\Pictures
[2014/04/02 12:10:19 | 000,000,000 | R--D | C] -- C:\Users\Tribu\Music
[2014/04/02 12:10:19 | 000,000,000 | R--D | C] -- C:\Users\Tribu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/04/02 12:10:19 | 000,000,000 | R--D | C] -- C:\Users\Tribu\Links
[2014/04/02 12:10:19 | 000,000,000 | R--D | C] -- C:\Users\Tribu\Favorites
[2014/04/02 12:10:19 | 000,000,000 | R--D | C] -- C:\Users\Tribu\Downloads
[2014/04/02 12:10:19 | 000,000,000 | R--D | C] -- C:\Users\Tribu\Documents
[2014/04/02 12:10:19 | 000,000,000 | R--D | C] -- C:\Users\Tribu\Desktop
[2014/04/02 12:10:19 | 000,000,000 | R--D | C] -- C:\Users\Tribu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/04/02 12:10:19 | 000,000,000 | -H-D | C] -- C:\Users\Tribu\AppData
[2014/04/02 12:10:19 | 000,000,000 | ---D | C] -- C:\Users\Tribu\AppData\Local\Temp
[2014/04/02 12:10:19 | 000,000,000 | ---D | C] -- C:\Users\Tribu\AppData\Local\Microsoft
[2014/04/02 12:10:19 | 000,000,000 | ---D | C] -- C:\Users\Tribu\AppData\Roaming\Media Center Programs
[2014/04/02 12:08:34 | 000,000,000 | -HSD | C] -- C:\Recovery
[2014/04/02 12:08:31 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
 
========== Files - Modified Within 30 Days ==========
 
[2014/04/06 08:48:02 | 000,001,104 | ---- | M] () -- C:\Users\Tribu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2014/04/06 08:47:36 | 000,000,924 | ---- | M] () -- C:\Users\Tribu\Desktop\NTREGOPT.lnk
[2014/04/06 08:47:36 | 000,000,905 | ---- | M] () -- C:\Users\Tribu\Desktop\ERUNT.lnk
[2014/04/06 08:46:27 | 000,791,393 | ---- | M] (Lars Hederer                                                ) -- C:\Users\Tribu\Desktop\erunt-setup.exe
[2014/04/06 08:41:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tribu\Desktop\OTL.exe
[2014/04/06 08:39:26 | 000,020,704 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/04/06 08:39:26 | 000,020,704 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/04/06 08:32:08 | 000,001,531 | ---- | M] () -- C:\Users\Public\Desktop\Wireshark.lnk
[2014/04/06 08:29:05 | 027,997,568 | ---- | M] (Wireshark development team) -- C:\Users\Tribu\Desktop\Wireshark-win64-1.10.6.exe
[2014/04/06 07:40:51 | 000,713,888 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/04/06 07:40:51 | 000,615,122 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/04/06 07:40:51 | 000,103,496 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/04/06 07:36:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/04/06 07:36:21 | 3195,559,936 | -HS- | M] () -- C:\hiberfil.sys
[2014/04/06 07:35:36 | 000,000,085 | ---- | M] () -- C:\Windows\wininit.ini
[2014/04/06 05:50:54 | 000,448,512 | ---- | M] (OldTimer Tools) -- C:\Users\Tribu\Desktop\TFC.exe
[2014/04/06 05:46:37 | 000,267,240 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/04/06 05:40:17 | 000,409,600 | ---- | M] (Farbar) -- C:\Users\Tribu\Desktop\FSS.exe
[2014/04/06 05:35:21 | 001,038,974 | ---- | M] (Thisisu) -- C:\Users\Tribu\Desktop\JRT.exe
[2014/04/06 05:32:42 | 004,139,872 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Tribu\Desktop\tdsskiller.exe
[2014/04/06 05:10:52 | 000,037,888 | ---- | M] (Soeperman Enterprises Ltd.) -- C:\Users\Tribu\Desktop\ADSSpy.exe
[2014/04/06 03:00:30 | 000,517,336 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.bak
[2014/04/06 03:00:30 | 000,000,054 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/04/06 01:03:40 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/04/06 00:20:06 | 000,036,680 | ---- | M] () -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/04/05 22:39:48 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Tribu\Desktop\HijackThis.exe
[2014/04/05 21:30:55 | 000,000,057 | ---- | M] () -- C:\Windows\SysWow64\mapisvc.inf
[2014/04/05 20:08:41 | 000,006,576 | ---- | M] () -- C:\bootsqm.dat
[2014/04/05 03:35:50 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014/04/03 03:05:04 | 000,042,045 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2014/04/03 03:05:04 | 000,042,045 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2014/04/02 16:28:02 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2014/04/02 16:05:03 | 000,001,437 | ---- | M] () -- C:\Users\Tribu\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/04/02 14:08:56 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/04/02 14:08:54 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2014/04/02 12:14:01 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
 
========== Files Created - No Company Name ==========
 
[2014/04/06 08:48:02 | 000,001,104 | ---- | C] () -- C:\Users\Tribu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2014/04/06 08:47:36 | 000,000,924 | ---- | C] () -- C:\Users\Tribu\Desktop\NTREGOPT.lnk
[2014/04/06 08:47:36 | 000,000,905 | ---- | C] () -- C:\Users\Tribu\Desktop\ERUNT.lnk
[2014/04/06 08:32:08 | 000,001,543 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
[2014/04/06 08:32:08 | 000,001,531 | ---- | C] () -- C:\Users\Public\Desktop\Wireshark.lnk
[2014/04/06 07:35:34 | 000,000,085 | ---- | C] () -- C:\Windows\wininit.ini
[2014/04/06 05:46:29 | 000,267,240 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/04/06 01:03:40 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/04/05 21:44:22 | 000,036,680 | ---- | C] () -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/04/05 20:08:41 | 000,006,576 | ---- | C] () -- C:\bootsqm.dat
[2014/04/05 03:35:50 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014/04/03 03:02:30 | 3195,559,936 | -HS- | C] () -- C:\hiberfil.sys
[2014/04/02 16:08:45 | 000,095,744 | ---- | C] () -- C:\Windows\SysNative\RDVGHelper.exe
[2014/04/02 16:08:33 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2014/04/02 16:07:06 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml
[2014/04/02 16:06:56 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
[2014/04/02 16:06:56 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml
[2014/04/02 16:06:46 | 000,146,389 | ---- | C] () -- C:\Windows\SysWow64\printmanagement.msc
[2014/04/02 16:06:46 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml
[2014/04/02 16:05:03 | 000,001,443 | ---- | C] () -- C:\Users\Tribu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/04/02 15:50:12 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2014/04/02 15:49:47 | 000,002,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2014/04/02 15:05:32 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2014/04/02 15:04:31 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2014/04/02 14:08:56 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/04/02 14:08:54 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2014/04/02 12:20:29 | 000,001,437 | ---- | C] () -- C:\Users\Tribu\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/04/02 12:14:01 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/04/02 12:10:57 | 000,001,409 | ---- | C] () -- C:\Users\Tribu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2014/04/02 12:10:20 | 000,000,290 | ---- | C] () -- C:\Users\Tribu\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/04/02 12:10:20 | 000,000,272 | ---- | C] () -- C:\Users\Tribu\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013/03/01 09:47:36 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
 
========== ZeroAccess Check ==========
 
[2009/07/14 12:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 13:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 12:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 09:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 20:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 09:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/04/05 16:25:47 | 000,000,000 | ---D | M] -- C:\Users\Aswang2K\AppData\Roaming\OpenDNS Updater
[2014/04/05 16:25:45 | 000,000,000 | ---D | M] -- C:\Users\Tribu\AppData\Roaming\OpenDNS Updater
[2014/04/06 08:33:26 | 000,000,000 | ---D | M] -- C:\Users\Tribu\AppData\Roaming\Wireshark
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: EXPLORER.EXE  >
[2009/07/14 09:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009/10/31 13:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2010/11/20 20:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SysWOW64\explorer.exe
[2010/11/20 20:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/08/03 14:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009/10/31 14:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 13:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 21:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\explorer.exe
[2010/11/20 21:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 14:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 13:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/14 09:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 14:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009/08/03 14:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
 
< MD5 for: SVCHOST.EXE  >
[2009/07/14 09:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 09:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/14 09:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 09:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
 
< MD5 for: USERINIT.EXE  >
[2010/11/20 20:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 20:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 09:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 09:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 21:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 21:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010/11/20 21:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 21:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/14 09:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 15:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009/10/28 14:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
 
< dir C:\ /S /A:L /C >
 Volume in drive C has no label.
 Volume Serial Number is F8A4-3C44
 Directory of C:\
07/14/2009  01:08 PM    <JUNCTION>     Documents and Settings [C:\Users]
               0 File(s)              0 bytes
 Directory of C:\ProgramData
07/14/2009  01:08 PM    <JUNCTION>     Application Data [C:\ProgramData]
07/14/2009  01:08 PM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
07/14/2009  01:08 PM    <JUNCTION>     Documents [C:\Users\Public\Documents]
07/14/2009  01:08 PM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
07/14/2009  01:08 PM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009  01:08 PM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users
07/14/2009  01:08 PM    <SYMLINKD>     All Users [C:\ProgramData]
07/14/2009  01:08 PM    <JUNCTION>     Default User [C:\Users\Default]
               0 File(s)              0 bytes
 Directory of C:\Users\All Users
07/14/2009  01:08 PM    <JUNCTION>     Application Data [C:\ProgramData]
07/14/2009  01:08 PM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
07/14/2009  01:08 PM    <JUNCTION>     Documents [C:\Users\Public\Documents]
07/14/2009  01:08 PM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
07/14/2009  01:08 PM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009  01:08 PM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Aswang2K
04/02/2014  12:34 PM    <JUNCTION>     Application Data [C:\Users\Aswang2K\AppData\Roaming]
04/02/2014  12:34 PM    <JUNCTION>     Cookies [C:\Users\Aswang2K\AppData\Roaming\Microsoft\Windows\Cookies]
04/02/2014  12:34 PM    <JUNCTION>     Local Settings [C:\Users\Aswang2K\AppData\Local]
04/02/2014  12:34 PM    <JUNCTION>     My Documents [C:\Users\Aswang2K\Documents]
04/02/2014  12:34 PM    <JUNCTION>     NetHood [C:\Users\Aswang2K\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
04/02/2014  12:34 PM    <JUNCTION>     PrintHood [C:\Users\Aswang2K\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
04/02/2014  12:34 PM    <JUNCTION>     Recent [C:\Users\Aswang2K\AppData\Roaming\Microsoft\Windows\Recent]
04/02/2014  12:34 PM    <JUNCTION>     SendTo [C:\Users\Aswang2K\AppData\Roaming\Microsoft\Windows\SendTo]
04/02/2014  12:34 PM    <JUNCTION>     Start Menu [C:\Users\Aswang2K\AppData\Roaming\Microsoft\Windows\Start Menu]
04/02/2014  12:34 PM    <JUNCTION>     Templates [C:\Users\Aswang2K\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Aswang2K\AppData\Local
04/02/2014  12:34 PM    <JUNCTION>     Application Data [C:\Users\Aswang2K\AppData\Local]
04/02/2014  12:34 PM    <JUNCTION>     History [C:\Users\Aswang2K\AppData\Local\Microsoft\Windows\History]
04/02/2014  12:34 PM    <JUNCTION>     Temporary Internet Files [C:\Users\Aswang2K\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Users\Aswang2K\Documents
04/02/2014  12:34 PM    <JUNCTION>     My Music [C:\Users\Aswang2K\Music]
04/02/2014  12:34 PM    <JUNCTION>     My Pictures [C:\Users\Aswang2K\Pictures]
04/02/2014  12:34 PM    <JUNCTION>     My Videos [C:\Users\Aswang2K\Videos]
               0 File(s)              0 bytes
 Directory of C:\Users\Default
07/14/2009  01:08 PM    <JUNCTION>     Application Data [C:\Users\Default\AppData\Roaming]
07/14/2009  01:08 PM    <JUNCTION>     Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
07/14/2009  01:08 PM    <JUNCTION>     Local Settings [C:\Users\Default\AppData\Local]
07/14/2009  01:08 PM    <JUNCTION>     My Documents [C:\Users\Default\Documents]
07/14/2009  01:08 PM    <JUNCTION>     NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/14/2009  01:08 PM    <JUNCTION>     PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/14/2009  01:08 PM    <JUNCTION>     Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
07/14/2009  01:08 PM    <JUNCTION>     SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
07/14/2009  01:08 PM    <JUNCTION>     Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
07/14/2009  01:08 PM    <JUNCTION>     Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Default\AppData\Local
07/14/2009  01:08 PM    <JUNCTION>     Application Data [C:\Users\Default\AppData\Local]
07/14/2009  01:08 PM    <JUNCTION>     History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
07/14/2009  01:08 PM    <JUNCTION>     Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Users\Default\Documents
07/14/2009  01:08 PM    <JUNCTION>     My Music [C:\Users\Default\Music]
07/14/2009  01:08 PM    <JUNCTION>     My Pictures [C:\Users\Default\Pictures]
07/14/2009  01:08 PM    <JUNCTION>     My Videos [C:\Users\Default\Videos]
               0 File(s)              0 bytes
 Directory of C:\Users\Public\Documents
07/14/2009  01:08 PM    <JUNCTION>     My Music [C:\Users\Public\Music]
07/14/2009  01:08 PM    <JUNCTION>     My Pictures [C:\Users\Public\Pictures]
07/14/2009  01:08 PM    <JUNCTION>     My Videos [C:\Users\Public\Videos]
               0 File(s)              0 bytes
 Directory of C:\Users\Tribu
04/02/2014  12:10 PM    <JUNCTION>     Application Data [C:\Users\Tribu\AppData\Roaming]
04/02/2014  12:10 PM    <JUNCTION>     Cookies [C:\Users\Tribu\AppData\Roaming\Microsoft\Windows\Cookies]
04/02/2014  12:10 PM    <JUNCTION>     Local Settings [C:\Users\Tribu\AppData\Local]
04/02/2014  12:10 PM    <JUNCTION>     My Documents [C:\Users\Tribu\Documents]
04/02/2014  12:10 PM    <JUNCTION>     NetHood [C:\Users\Tribu\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
04/02/2014  12:10 PM    <JUNCTION>     PrintHood [C:\Users\Tribu\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
04/02/2014  12:10 PM    <JUNCTION>     Recent [C:\Users\Tribu\AppData\Roaming\Microsoft\Windows\Recent]
04/02/2014  12:10 PM    <JUNCTION>     SendTo [C:\Users\Tribu\AppData\Roaming\Microsoft\Windows\SendTo]
04/02/2014  12:10 PM    <JUNCTION>     Start Menu [C:\Users\Tribu\AppData\Roaming\Microsoft\Windows\Start Menu]
04/02/2014  12:10 PM    <JUNCTION>     Templates [C:\Users\Tribu\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Tribu\AppData\Local
04/02/2014  12:10 PM    <JUNCTION>     Application Data [C:\Users\Tribu\AppData\Local]
04/02/2014  12:10 PM    <JUNCTION>     History [C:\Users\Tribu\AppData\Local\Microsoft\Windows\History]
04/02/2014  12:10 PM    <JUNCTION>     Temporary Internet Files [C:\Users\Tribu\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Users\Tribu\Documents
04/02/2014  12:10 PM    <JUNCTION>     My Music [C:\Users\Tribu\Music]
04/02/2014  12:10 PM    <JUNCTION>     My Pictures [C:\Users\Tribu\Pictures]
04/02/2014  12:10 PM    <JUNCTION>     My Videos [C:\Users\Tribu\Videos]
               0 File(s)              0 bytes
     Total Files Listed:
               0 File(s)              0 bytes
              66 Dir(s)  76,730,736,640 bytes free

< End of report >

 

 

OTL Extras logfile created on: 4/6/2014 9:58:23 AM - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Tribu\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.97 Gb Total Physical Memory | 2.44 Gb Available Physical Memory | 61.40% Memory free
7.93 Gb Paging File | 6.29 Gb Available in Paging File | 79.27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97.66 Gb Total Space | 71.46 Gb Free Space | 73.18% Space Free | Partition Type: NTFS
Drive D: | 368.00 Gb Total Space | 168.78 Gb Free Space | 45.86% Space Free | Partition Type: NTFS
Drive E: | 7.26 Gb Total Space | 7.26 Gb Free Space | 100.00% Space Free | Partition Type: FAT32
 
Computer Name: TRIBU-PC | User Name: Tribu | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{E7925603-925E-4B19-A7C2-ACC33085EBC1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{BFAE8D5B-F918-486F-B74E-90762DF11C5C}" = Microsoft Security Client
"CCleaner" = CCleaner
"Microsoft Security Client" = Microsoft Security Essentials
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"ERUNT_is1" = ERUNT 1.1j
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"WinPcapInst" = WinPcap 4.1.3
"Wireshark" = Wireshark 1.10.6 (64-bit)
 
========== Last 20 Event Log Errors ==========
 
[ System Events ]
Error - 4/5/2014 5:51:15 PM | Computer Name = Tribu-PC | Source = Service Control Manager | ID = 7034
Description = The MBAMScheduler service terminated unexpectedly.  It has done this
 1 time(s).
 
Error - 4/5/2014 6:39:25 PM | Computer Name = Tribu-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D
 2 Scanner Service service to connect.
 
Error - 4/5/2014 6:39:25 PM | Computer Name = Tribu-PC | Source = Service Control Manager | ID = 7000
Description = The Spybot-S&D 2 Scanner Service service failed to start due to the
 following error:   %%1053
 
 
< End of report >
 


Edited by Aswang2K, 05 April 2014 - 09:26 PM.

  • 0

Advertisements


#2
Aswang2K

Aswang2K

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

I postponed doing the Windows Updates and removed Chrome and Firefox browsers.

 

Currently, these programs are all that's installed :

 

Adobe Flashplayer 12 ActiveX

CCleaner

Erunt 1.1j

MalwareBytes Anti-Malware version 1.75.0.1300

Microsoft Security Essentials

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

WinPcap 4.1.3

Wireshark 1.10.6 (64 bit)


  • 0

#3
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,913 posts

This past week, I spent more time fixing and reinstalling windows 7 on my computer

Did you completely Remove and Reinstalled Windows 7?
 

I tried malwarebytes, adwcleaner, junkware removal tool, autoruns, rkill , windows security essentials, cccleaner, tdsskiller, spybot search and destroy , and addspy but I can't fix whatever it is that's bugging my computer.

Post the logs of the highlighted tools and remove SpyBot for now and you can install it after we are done fixing your system.
  • 0

#4
Aswang2K

Aswang2K

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

 

This past week, I spent more time fixing and reinstalling windows 7 on my computer

Did you completely Remove and Reinstalled Windows 7?

 

Yes. I did. I deleted both the System Reserved partition and the partition where the Program Files are and reinstalled windows.

 
 

I tried malwarebytes, adwcleaner, junkware removal tool, autoruns, rkill , windows security essentials, cccleaner, tdsskiller, spybot search and destroy , and addspy but I can't fix whatever it is that's bugging my computer.

Post the logs of the highlighted tools and remove SpyBot for now and you can install it after we are done fixing your system.

 

 

 

 

 

 

 

 

 

 

Im afraid CCleaner deleted the malwarebytes logs earlier.

 

----------------

JRT Log

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Ultimate x64
Ran by Tribu on Sun 04/06/2014 at 5:39:21.21
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

 

~~~ Files

 

~~~ Folders

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 04/06/2014 at 5:44:36.65
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

2 TDSSkiller Log (4 minutes apart)

 

05:44:55.0192 0x0614 TDSS rootkit removing tool 3.0.0.28 Apr 4 2014 12:43:10
05:45:05.0644 0x0614 ============================================================
05:45:05.0644 0x0614 Current date / time: 2014/04/06 05:45:05.0644
05:45:05.0644 0x0614 SystemInfo:
05:45:05.0644 0x0614
05:45:05.0644 0x0614 OS Version: 6.1.7601 ServicePack: 1.0
05:45:05.0644 0x0614 Product type: Workstation
05:45:05.0644 0x0614 ComputerName: TRIBU-PC
05:45:05.0644 0x0614 UserName: Tribu
05:45:05.0644 0x0614 Windows directory: C:\Windows
05:45:05.0644 0x0614 System windows directory: C:\Windows
05:45:05.0644 0x0614 Running under WOW64
05:45:05.0644 0x0614 Processor architecture: Intel x64
05:45:05.0644 0x0614 Number of processors: 2
05:45:05.0644 0x0614 Page size: 0x1000
05:45:05.0644 0x0614 Boot type: Normal boot
05:45:05.0644 0x0614 ============================================================
05:45:07.0048 0x0614 KLMD registered as C:\Windows\system32\drivers\87267562.sys
05:45:07.0298 0x0614 System UUID: {24C1C236-A5BC-3BAA-9C07-99CF1F28B0B1}
05:45:08.0062 0x0614 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
05:45:08.0109 0x0614 Drive \Device\Harddisk1\DR1 - Size: 0x1D19C0000 (7.28 Gb), SectorSize: 0x200, Cylinders: 0x3B5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
05:45:08.0109 0x0614 ============================================================
05:45:08.0109 0x0614 \Device\Harddisk0\DR0:
05:45:08.0109 0x0614 MBR partitions:
05:45:08.0109 0x0614 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
05:45:08.0109 0x0614 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC350000
05:45:08.0109 0x0614 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xC382800, BlocksNum 0x2E002800
05:45:08.0109 0x0614 \Device\Harddisk1\DR1:
05:45:08.0109 0x0614 MBR partitions:
05:45:08.0109 0x0614 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x20, BlocksNum 0xE8CDDF
05:45:08.0109 0x0614 ============================================================
05:45:08.0124 0x0614 C: <-> \Device\Harddisk0\DR0\Partition2
05:45:08.0171 0x0614 D: <-> \Device\Harddisk0\DR0\Partition3
05:45:08.0171 0x0614 ============================================================
05:45:08.0171 0x0614 Initialize success
05:45:08.0171 0x0614 ============================================================
05:45:36.0984 0x0cc0 KLMD registered as C:\Windows\system32\drivers\37577176.sys
05:45:38.0841 0x0cc0 Deinitialize success

 

 

 

 

05:47:34.0049 0x07d8 TDSS rootkit removing tool 3.0.0.28 Apr 4 2014 12:43:10
05:47:35.0921 0x07d8 ============================================================
05:47:35.0921 0x07d8 Current date / time: 2014/04/06 05:47:35.0921
05:47:35.0921 0x07d8 SystemInfo:
05:47:35.0921 0x07d8
05:47:35.0921 0x07d8 OS Version: 6.1.7601 ServicePack: 1.0
05:47:35.0921 0x07d8 Product type: Workstation
05:47:35.0921 0x07d8 ComputerName: TRIBU-PC
05:47:35.0921 0x07d8 UserName: Tribu
05:47:35.0921 0x07d8 Windows directory: C:\Windows
05:47:35.0921 0x07d8 System windows directory: C:\Windows
05:47:35.0921 0x07d8 Running under WOW64
05:47:35.0921 0x07d8 Processor architecture: Intel x64
05:47:35.0921 0x07d8 Number of processors: 2
05:47:35.0921 0x07d8 Page size: 0x1000
05:47:35.0921 0x07d8 Boot type: Normal boot
05:47:35.0921 0x07d8 ============================================================
05:47:35.0921 0x07d8 BG loaded
05:47:36.0386 0x07d8 System UUID: {24C1C236-A5BC-3BAA-9C07-99CF1F28B0B1}
05:47:37.0435 0x07d8 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
05:47:37.0451 0x07d8 Drive \Device\Harddisk1\DR1 - Size: 0x1D19C0000 (7.28 Gb), SectorSize: 0x200, Cylinders: 0x3B5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
05:47:37.0451 0x07d8 ============================================================
05:47:37.0451 0x07d8 \Device\Harddisk0\DR0:
05:47:37.0451 0x07d8 MBR partitions:
05:47:37.0451 0x07d8 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
05:47:37.0451 0x07d8 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC350000
05:47:37.0451 0x07d8 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xC382800, BlocksNum 0x2E002800
05:47:37.0451 0x07d8 \Device\Harddisk1\DR1:
05:47:37.0451 0x07d8 MBR partitions:
05:47:37.0451 0x07d8 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x20, BlocksNum 0xE8CDDF
05:47:37.0451 0x07d8 ============================================================
05:47:37.0466 0x07d8 C: <-> \Device\Harddisk0\DR0\Partition2
05:47:37.0529 0x07d8 D: <-> \Device\Harddisk0\DR0\Partition3
05:47:37.0529 0x07d8 ============================================================
05:47:37.0529 0x07d8 Initialize success
05:47:37.0529 0x07d8 ============================================================
05:47:42.0271 0x0b60 ============================================================
05:47:42.0271 0x0b60 Scan started
05:47:42.0271 0x0b60 Mode: Manual;
05:47:42.0271 0x0b60 ============================================================
05:47:42.0271 0x0b60 KSN ping started
05:47:45.0609 0x0b60 KSN ping finished: true
05:47:46.0889 0x0b60 ================ Scan system memory ========================
05:47:46.0889 0x0b60 System memory - ok
05:47:46.0889 0x0b60 ================ Scan services =============================
05:47:47.0201 0x0b60 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
05:47:47.0216 0x0b60 1394ohci - ok
05:47:47.0263 0x0b60 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
05:47:47.0279 0x0b60 ACPI - ok
05:47:47.0310 0x0b60 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
05:47:47.0310 0x0b60 AcpiPmi - ok
05:47:47.0357 0x0b60 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
05:47:47.0372 0x0b60 adp94xx - ok
05:47:47.0403 0x0b60 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
05:47:47.0403 0x0b60 adpahci - ok
05:47:47.0419 0x0b60 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
05:47:47.0435 0x0b60 adpu320 - ok
05:47:47.0450 0x0b60 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
05:47:47.0466 0x0b60 AeLookupSvc - ok
05:47:47.0481 0x0b60 [ 1C7857B62DE5994A75B054A9FD4C3825, 83F963D7E636532B1AD30B1E727EC429317CA540F6EB3BB268FCC0B163B67767 ] AFD C:\Windows\system32\drivers\afd.sys
05:47:47.0497 0x0b60 AFD - ok
05:47:47.0528 0x0b60 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
05:47:47.0528 0x0b60 agp440 - ok
05:47:47.0544 0x0b60 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
05:47:47.0544 0x0b60 ALG - ok
05:47:47.0575 0x0b60 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
05:47:47.0575 0x0b60 aliide - ok
05:47:47.0591 0x0b60 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
05:47:47.0591 0x0b60 amdide - ok
05:47:47.0606 0x0b60 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
05:47:47.0606 0x0b60 AmdK8 - ok
05:47:47.0637 0x0b60 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
05:47:47.0637 0x0b60 AmdPPM - ok
05:47:47.0653 0x0b60 [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata C:\Windows\system32\drivers\amdsata.sys
05:47:47.0653 0x0b60 amdsata - ok
05:47:47.0669 0x0b60 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
05:47:47.0684 0x0b60 amdsbs - ok
05:47:47.0700 0x0b60 [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata C:\Windows\system32\drivers\amdxata.sys
05:47:47.0700 0x0b60 amdxata - ok
05:47:47.0731 0x0b60 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
05:47:47.0731 0x0b60 AppID - ok
05:47:47.0762 0x0b60 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
05:47:47.0762 0x0b60 AppIDSvc - ok
05:47:47.0778 0x0b60 [ 3977D4A871CA0D4F2ED1E7DB46829731, 2AF1C3225994769C3FD25CD7E9603964B035576F25B0B6D91545566E0722FFAA ] Appinfo C:\Windows\System32\appinfo.dll
05:47:47.0778 0x0b60 Appinfo - ok
05:47:47.0809 0x0b60 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
05:47:47.0809 0x0b60 AppMgmt - ok
05:47:47.0825 0x0b60 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
05:47:47.0825 0x0b60 arc - ok
05:47:47.0840 0x0b60 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
05:47:47.0840 0x0b60 arcsas - ok
05:47:47.0856 0x0b60 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
05:47:47.0856 0x0b60 AsyncMac - ok
05:47:47.0887 0x0b60 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
05:47:47.0887 0x0b60 atapi - ok
05:47:47.0934 0x0b60 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
05:47:47.0949 0x0b60 AudioEndpointBuilder - ok
05:47:47.0981 0x0b60 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
05:47:47.0996 0x0b60 AudioSrv - ok
05:47:48.0027 0x0b60 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
05:47:48.0027 0x0b60 AxInstSV - ok
05:47:48.0074 0x0b60 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
05:47:48.0090 0x0b60 b06bdrv - ok
05:47:48.0137 0x0b60 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
05:47:48.0168 0x0b60 b57nd60a - ok
05:47:48.0199 0x0b60 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
05:47:48.0199 0x0b60 BDESVC - ok
05:47:48.0215 0x0b60 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
05:47:48.0215 0x0b60 Beep - ok
05:47:48.0261 0x0b60 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
05:47:48.0293 0x0b60 BFE - ok
05:47:48.0371 0x0b60 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
05:47:48.0386 0x0b60 BITS - ok
05:47:48.0417 0x0b60 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
05:47:48.0417 0x0b60 blbdrive - ok
05:47:48.0433 0x0b60 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
05:47:48.0433 0x0b60 bowser - ok
05:47:48.0449 0x0b60 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
05:47:48.0449 0x0b60 BrFiltLo - ok
05:47:48.0464 0x0b60 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
05:47:48.0464 0x0b60 BrFiltUp - ok
05:47:48.0495 0x0b60 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
05:47:48.0495 0x0b60 Browser - ok
05:47:48.0511 0x0b60 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
05:47:48.0527 0x0b60 Brserid - ok
05:47:48.0527 0x0b60 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
05:47:48.0542 0x0b60 BrSerWdm - ok
05:47:48.0542 0x0b60 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
05:47:48.0542 0x0b60 BrUsbMdm - ok
05:47:48.0542 0x0b60 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
05:47:48.0558 0x0b60 BrUsbSer - ok
05:47:48.0558 0x0b60 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
05:47:48.0558 0x0b60 BTHMODEM - ok
05:47:48.0589 0x0b60 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
05:47:48.0589 0x0b60 bthserv - ok
05:47:48.0620 0x0b60 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
05:47:48.0620 0x0b60 cdfs - ok
05:47:48.0667 0x0b60 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
05:47:48.0667 0x0b60 cdrom - ok
05:47:48.0698 0x0b60 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
05:47:48.0698 0x0b60 CertPropSvc - ok
05:47:48.0714 0x0b60 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
05:47:48.0729 0x0b60 circlass - ok
05:47:48.0761 0x0b60 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
05:47:48.0761 0x0b60 CLFS - ok
05:47:48.0823 0x0b60 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
05:47:48.0823 0x0b60 clr_optimization_v2.0.50727_32 - ok
05:47:48.0854 0x0b60 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
05:47:48.0854 0x0b60 clr_optimization_v2.0.50727_64 - ok
05:47:48.0885 0x0b60 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
05:47:48.0885 0x0b60 CmBatt - ok
05:47:48.0901 0x0b60 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
05:47:48.0901 0x0b60 cmdide - ok
05:47:48.0932 0x0b60 [ 9AC4F97C2D3E93367E2148EA940CD2CD, 530E089E5CF868AECDB2B5548EBE76E0CA98FC74A72897292AB2485734402E3B ] CNG C:\Windows\system32\Drivers\cng.sys
05:47:48.0948 0x0b60 CNG - ok
05:47:48.0963 0x0b60 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
05:47:48.0963 0x0b60 Compbatt - ok
05:47:48.0979 0x0b60 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
05:47:48.0979 0x0b60 CompositeBus - ok
05:47:48.0995 0x0b60 COMSysApp - ok
05:47:49.0026 0x0b60 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
05:47:49.0026 0x0b60 crcdisk - ok
05:47:49.0073 0x0b60 [ 9C01375BE382E834CC26D1B7EAF2C4FE, B1D1E36B91A3C3CD09428EE3403896F71390A2798323BB406B484D9DB064A219 ] CryptSvc C:\Windows\system32\cryptsvc.dll
05:47:49.0073 0x0b60 CryptSvc - ok
05:47:49.0135 0x0b60 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
05:47:49.0135 0x0b60 CSC - ok
05:47:49.0197 0x0b60 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
05:47:49.0213 0x0b60 CscService - ok
05:47:49.0260 0x0b60 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
05:47:49.0275 0x0b60 DcomLaunch - ok
05:47:49.0307 0x0b60 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
05:47:49.0322 0x0b60 defragsvc - ok
05:47:49.0338 0x0b60 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
05:47:49.0353 0x0b60 DfsC - ok
05:47:49.0369 0x0b60 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
05:47:49.0385 0x0b60 Dhcp - ok
05:47:49.0400 0x0b60 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
05:47:49.0400 0x0b60 discache - ok
05:47:49.0416 0x0b60 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
05:47:49.0431 0x0b60 Disk - ok
05:47:49.0463 0x0b60 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
05:47:49.0463 0x0b60 Dnscache - ok
05:47:49.0494 0x0b60 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
05:47:49.0494 0x0b60 dot3svc - ok
05:47:49.0525 0x0b60 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
05:47:49.0525 0x0b60 DPS - ok
05:47:49.0541 0x0b60 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
05:47:49.0556 0x0b60 drmkaud - ok
05:47:49.0603 0x0b60 [ F5BEE30450E18E6B83A5012C100616FD, 44D0577D159FC2BDF4EAD1DC2C7FD14925D075225EF97608CAC52DEE405B08FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
05:47:49.0634 0x0b60 DXGKrnl - ok
05:47:49.0665 0x0b60 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
05:47:49.0665 0x0b60 EapHost - ok
05:47:49.0837 0x0b60 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
05:47:49.0946 0x0b60 ebdrv - ok
05:47:49.0977 0x0b60 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS C:\Windows\System32\lsass.exe
05:47:49.0993 0x0b60 EFS - ok
05:47:50.0040 0x0b60 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
05:47:50.0055 0x0b60 elxstor - ok
05:47:50.0087 0x0b60 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
05:47:50.0102 0x0b60 ErrDev - ok
05:47:50.0133 0x0b60 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
05:47:50.0149 0x0b60 EventSystem - ok
05:47:50.0180 0x0b60 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
05:47:50.0196 0x0b60 exfat - ok
05:47:50.0211 0x0b60 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
05:47:50.0211 0x0b60 fastfat - ok
05:47:50.0227 0x0b60 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
05:47:50.0227 0x0b60 fdc - ok
05:47:50.0258 0x0b60 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
05:47:50.0258 0x0b60 fdPHost - ok
05:47:50.0274 0x0b60 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
05:47:50.0274 0x0b60 FDResPub - ok
05:47:50.0289 0x0b60 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
05:47:50.0289 0x0b60 FileInfo - ok
05:47:50.0289 0x0b60 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
05:47:50.0289 0x0b60 Filetrace - ok
05:47:50.0305 0x0b60 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
05:47:50.0321 0x0b60 flpydisk - ok
05:47:50.0352 0x0b60 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
05:47:50.0352 0x0b60 FltMgr - ok
05:47:50.0414 0x0b60 [ 5C4CB4086FB83115B153E47ADD961A0C, 0C3AB7D04BEB3A8FDE00B0C86E6FE064B1CEBB3E4DE1A29CD27830806FA300B3 ] FontCache C:\Windows\system32\FntCache.dll
05:47:50.0430 0x0b60 FontCache - ok
05:47:50.0492 0x0b60 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
05:47:50.0508 0x0b60 FontCache3.0.0.0 - ok
05:47:50.0539 0x0b60 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
05:47:50.0539 0x0b60 FsDepends - ok
05:47:50.0555 0x0b60 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
05:47:50.0555 0x0b60 Fs_Rec - ok
05:47:50.0586 0x0b60 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
05:47:50.0601 0x0b60 fvevol - ok
05:47:50.0617 0x0b60 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
05:47:50.0633 0x0b60 gagp30kx - ok
05:47:50.0664 0x0b60 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
05:47:50.0679 0x0b60 gpsvc - ok
05:47:50.0695 0x0b60 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
05:47:50.0695 0x0b60 hcw85cir - ok
05:47:50.0726 0x0b60 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
05:47:50.0742 0x0b60 HdAudAddService - ok
05:47:50.0757 0x0b60 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
05:47:50.0757 0x0b60 HDAudBus - ok
05:47:50.0789 0x0b60 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
05:47:50.0789 0x0b60 HidBatt - ok
05:47:50.0789 0x0b60 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
05:47:50.0789 0x0b60 HidBth - ok
05:47:50.0804 0x0b60 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
05:47:50.0804 0x0b60 HidIr - ok
05:47:50.0835 0x0b60 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
05:47:50.0835 0x0b60 hidserv - ok
05:47:50.0851 0x0b60 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
05:47:50.0851 0x0b60 HidUsb - ok
05:47:50.0867 0x0b60 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
05:47:50.0867 0x0b60 hkmsvc - ok
05:47:50.0898 0x0b60 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
05:47:50.0913 0x0b60 HomeGroupListener - ok
05:47:50.0929 0x0b60 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
05:47:50.0945 0x0b60 HomeGroupProvider - ok
05:47:50.0960 0x0b60 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
05:47:50.0976 0x0b60 HpSAMD - ok
05:47:51.0023 0x0b60 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
05:47:51.0038 0x0b60 HTTP - ok
05:47:51.0069 0x0b60 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
05:47:51.0069 0x0b60 hwpolicy - ok
05:47:51.0085 0x0b60 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
05:47:51.0085 0x0b60 i8042prt - ok
05:47:51.0132 0x0b60 [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
05:47:51.0132 0x0b60 iaStorV - ok
05:47:51.0194 0x0b60 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
05:47:51.0225 0x0b60 idsvc - ok
05:47:51.0241 0x0b60 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
05:47:51.0241 0x0b60 iirsp - ok
05:47:51.0288 0x0b60 [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT C:\Windows\System32\ikeext.dll
05:47:51.0303 0x0b60 IKEEXT - ok
05:47:51.0319 0x0b60 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
05:47:51.0319 0x0b60 intelide - ok
05:47:51.0350 0x0b60 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
05:47:51.0350 0x0b60 intelppm - ok
05:47:51.0366 0x0b60 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
05:47:51.0366 0x0b60 IPBusEnum - ok
05:47:51.0397 0x0b60 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
05:47:51.0413 0x0b60 IpFilterDriver - ok
05:47:51.0444 0x0b60 [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
05:47:51.0444 0x0b60 iphlpsvc - ok
05:47:51.0491 0x0b60 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
05:47:51.0491 0x0b60 IPMIDRV - ok
05:47:51.0522 0x0b60 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
05:47:51.0522 0x0b60 IPNAT - ok
05:47:51.0537 0x0b60 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
05:47:51.0537 0x0b60 IRENUM - ok
05:47:51.0553 0x0b60 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
05:47:51.0553 0x0b60 isapnp - ok
05:47:51.0584 0x0b60 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
05:47:51.0584 0x0b60 iScsiPrt - ok
05:47:51.0615 0x0b60 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
05:47:51.0615 0x0b60 kbdclass - ok
05:47:51.0631 0x0b60 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
05:47:51.0631 0x0b60 kbdhid - ok
05:47:51.0647 0x0b60 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso C:\Windows\system32\lsass.exe
05:47:51.0647 0x0b60 KeyIso - ok
05:47:51.0678 0x0b60 [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
05:47:51.0678 0x0b60 KSecDD - ok
05:47:51.0693 0x0b60 [ 26C43A7C2862447EC59DEDA188D1DA07, 5363BF87E650FE2010ACA9417D6920FF4ED752256FF47732882E9B2BA1ED154B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
05:47:51.0693 0x0b60 KSecPkg - ok
05:47:51.0709 0x0b60 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
05:47:51.0709 0x0b60 ksthunk - ok
05:47:51.0756 0x0b60 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
05:47:51.0756 0x0b60 KtmRm - ok
05:47:51.0803 0x0b60 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
05:47:51.0803 0x0b60 LanmanServer - ok
05:47:51.0818 0x0b60 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
05:47:51.0834 0x0b60 LanmanWorkstation - ok
05:47:51.0865 0x0b60 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
05:47:51.0865 0x0b60 lltdio - ok
05:47:51.0896 0x0b60 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
05:47:51.0896 0x0b60 lltdsvc - ok
05:47:51.0912 0x0b60 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
05:47:51.0912 0x0b60 lmhosts - ok
05:47:51.0927 0x0b60 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
05:47:51.0927 0x0b60 LSI_FC - ok
05:47:51.0943 0x0b60 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
05:47:51.0943 0x0b60 LSI_SAS - ok
05:47:51.0943 0x0b60 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
05:47:51.0943 0x0b60 LSI_SAS2 - ok
05:47:51.0959 0x0b60 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
05:47:51.0959 0x0b60 LSI_SCSI - ok
05:47:51.0990 0x0b60 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
05:47:51.0990 0x0b60 luafv - ok
05:47:52.0005 0x0b60 [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
05:47:52.0005 0x0b60 MBAMProtector - ok
05:47:52.0083 0x0b60 [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
05:47:52.0083 0x0b60 MBAMScheduler - ok
05:47:52.0115 0x0b60 [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
05:47:52.0130 0x0b60 MBAMService - ok
05:47:52.0161 0x0b60 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
05:47:52.0177 0x0b60 megasas - ok
05:47:52.0193 0x0b60 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
05:47:52.0193 0x0b60 MegaSR - ok
05:47:52.0224 0x0b60 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
05:47:52.0224 0x0b60 MMCSS - ok
05:47:52.0239 0x0b60 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
05:47:52.0255 0x0b60 Modem - ok
05:47:52.0271 0x0b60 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
05:47:52.0333 0x0b60 monitor - ok
05:47:52.0364 0x0b60 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\drivers\mouclass.sys
05:47:52.0364 0x0b60 mouclass - ok
05:47:52.0380 0x0b60 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
05:47:52.0380 0x0b60 mouhid - ok
05:47:52.0411 0x0b60 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
05:47:52.0411 0x0b60 mountmgr - ok
05:47:52.0458 0x0b60 [ 9EB89625A82AC961F25E7C865947BF9A, 91DB9530CDE883DC60BE621AC4210ACD069631D9466E37411D9D6AEE587098D9 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
05:47:52.0458 0x0b60 MpFilter - ok
05:47:52.0473 0x0b60 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
05:47:52.0473 0x0b60 mpio - ok
05:47:52.0489 0x0b60 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
05:47:52.0505 0x0b60 mpsdrv - ok
05:47:52.0567 0x0b60 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
05:47:52.0583 0x0b60 MpsSvc - ok
05:47:52.0614 0x0b60 [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
05:47:52.0629 0x0b60 MRxDAV - ok
05:47:52.0645 0x0b60 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
05:47:52.0661 0x0b60 mrxsmb - ok
05:47:52.0676 0x0b60 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
05:47:52.0676 0x0b60 mrxsmb10 - ok
05:47:52.0692 0x0b60 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
05:47:52.0692 0x0b60 mrxsmb20 - ok
05:47:52.0707 0x0b60 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
05:47:52.0723 0x0b60 msahci - ok
05:47:52.0739 0x0b60 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
05:47:52.0739 0x0b60 msdsm - ok
05:47:52.0754 0x0b60 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
05:47:52.0754 0x0b60 MSDTC - ok
05:47:52.0785 0x0b60 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
05:47:52.0785 0x0b60 Msfs - ok
05:47:52.0801 0x0b60 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
05:47:52.0801 0x0b60 mshidkmdf - ok
05:47:52.0832 0x0b60 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
05:47:52.0832 0x0b60 msisadrv - ok
05:47:52.0863 0x0b60 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
05:47:52.0863 0x0b60 MSiSCSI - ok
05:47:52.0879 0x0b60 msiserver - ok
05:47:52.0895 0x0b60 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
05:47:52.0895 0x0b60 MSKSSRV - ok
05:47:52.0973 0x0b60 [ 89F2AEDC2788696702141AB82C3E7866, E166CBD8D3C708737C37172221945D8E56C25C2CC750889C3CE14AA2DE750F33 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
05:47:52.0973 0x0b60 MsMpSvc - ok
05:47:52.0988 0x0b60 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
05:47:52.0988 0x0b60 MSPCLOCK - ok
05:47:53.0004 0x0b60 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
05:47:53.0004 0x0b60 MSPQM - ok
05:47:53.0035 0x0b60 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
05:47:53.0051 0x0b60 MsRPC - ok
05:47:53.0066 0x0b60 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
05:47:53.0066 0x0b60 mssmbios - ok
05:47:53.0082 0x0b60 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
05:47:53.0082 0x0b60 MSTEE - ok
05:47:53.0097 0x0b60 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
05:47:53.0097 0x0b60 MTConfig - ok
05:47:53.0113 0x0b60 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
05:47:53.0113 0x0b60 Mup - ok
05:47:53.0144 0x0b60 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
05:47:53.0144 0x0b60 napagent - ok
05:47:53.0175 0x0b60 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
05:47:53.0191 0x0b60 NativeWifiP - ok
05:47:53.0253 0x0b60 [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS C:\Windows\system32\drivers\ndis.sys
05:47:53.0269 0x0b60 NDIS - ok
05:47:53.0300 0x0b60 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
05:47:53.0300 0x0b60 NdisCap - ok
05:47:53.0316 0x0b60 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
05:47:53.0316 0x0b60 NdisTapi - ok
05:47:53.0331 0x0b60 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
05:47:53.0347 0x0b60 Ndisuio - ok
05:47:53.0378 0x0b60 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
05:47:53.0378 0x0b60 NdisWan - ok
05:47:53.0394 0x0b60 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
05:47:53.0394 0x0b60 NDProxy - ok
05:47:53.0425 0x0b60 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
05:47:53.0425 0x0b60 NetBIOS - ok
05:47:53.0472 0x0b60 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
05:47:53.0472 0x0b60 NetBT - ok
05:47:53.0487 0x0b60 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon C:\Windows\system32\lsass.exe
05:47:53.0487 0x0b60 Netlogon - ok
05:47:53.0534 0x0b60 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
05:47:53.0534 0x0b60 Netman - ok
05:47:53.0550 0x0b60 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
05:47:53.0565 0x0b60 netprofm - ok
05:47:53.0581 0x0b60 [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
05:47:53.0597 0x0b60 NetTcpPortSharing - ok
05:47:53.0612 0x0b60 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
05:47:53.0612 0x0b60 nfrd960 - ok
05:47:53.0628 0x0b60 [ C3E0696C3B42F694C5822776AA6FFFDF, 80C3DEC2C48500F96C9E677450EFC1ADA9FE9FBB70F4CC2D7D9244B1A515418B ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
05:47:53.0643 0x0b60 NisDrv - ok
05:47:53.0659 0x0b60 [ DCEE3592299B2229A0DB98CB415059A2, 709AAA095DF44DDCB6159CE1635AB05EC666D845445790E569F56B297DC64AC3 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
05:47:53.0675 0x0b60 NisSrv - ok
05:47:53.0706 0x0b60 [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] NlaSvc C:\Windows\System32\nlasvc.dll
05:47:53.0706 0x0b60 NlaSvc - ok
05:47:53.0737 0x0b60 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
05:47:53.0753 0x0b60 Npfs - ok
05:47:53.0768 0x0b60 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
05:47:53.0768 0x0b60 nsi - ok
05:47:53.0784 0x0b60 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
05:47:53.0784 0x0b60 nsiproxy - ok
05:47:53.0862 0x0b60 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
05:47:53.0909 0x0b60 Ntfs - ok
05:47:53.0940 0x0b60 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
05:47:53.0940 0x0b60 Null - ok
05:47:54.0720 0x0b60 [ DD81FBC57AB9134CDDC5CE90880BFD80, 16DF4D9645238D1014FA9189FF171DCF7B7C7573F759B5AC73025518139D86B1 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
05:47:54.0923 0x0b60 nvlddmkm - ok
05:47:54.0969 0x0b60 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid C:\Windows\system32\drivers\nvraid.sys
05:47:54.0985 0x0b60 nvraid - ok
05:47:55.0001 0x0b60 [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor C:\Windows\system32\drivers\nvstor.sys
05:47:55.0001 0x0b60 nvstor - ok
05:47:55.0016 0x0b60 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
05:47:55.0032 0x0b60 nv_agp - ok
05:47:55.0047 0x0b60 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
05:47:55.0047 0x0b60 ohci1394 - ok
05:47:55.0079 0x0b60 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
05:47:55.0094 0x0b60 p2pimsvc - ok
05:47:55.0141 0x0b60 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
05:47:55.0157 0x0b60 p2psvc - ok
05:47:55.0172 0x0b60 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
05:47:55.0172 0x0b60 Parport - ok
05:47:55.0188 0x0b60 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
05:47:55.0188 0x0b60 partmgr - ok
05:47:55.0235 0x0b60 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
05:47:55.0235 0x0b60 PcaSvc - ok
05:47:55.0266 0x0b60 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
05:47:55.0281 0x0b60 pci - ok
05:47:55.0313 0x0b60 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
05:47:55.0313 0x0b60 pciide - ok
05:47:55.0328 0x0b60 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
05:47:55.0344 0x0b60 pcmcia - ok
05:47:55.0359 0x0b60 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
05:47:55.0359 0x0b60 pcw - ok
05:47:55.0391 0x0b60 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
05:47:55.0391 0x0b60 PEAUTH - ok
05:47:55.0531 0x0b60 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
05:47:55.0562 0x0b60 PeerDistSvc - ok
05:47:55.0796 0x0b60 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
05:47:55.0796 0x0b60 PerfHost - ok
05:47:55.0874 0x0b60 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
05:47:55.0905 0x0b60 pla - ok
05:47:55.0937 0x0b60 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
05:47:55.0952 0x0b60 PlugPlay - ok
05:47:55.0983 0x0b60 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
05:47:55.0983 0x0b60 PNRPAutoReg - ok
05:47:55.0999 0x0b60 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
05:47:56.0015 0x0b60 PNRPsvc - ok
05:47:56.0077 0x0b60 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
05:47:56.0108 0x0b60 PolicyAgent - ok
05:47:56.0124 0x0b60 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
05:47:56.0139 0x0b60 Power - ok
05:47:56.0171 0x0b60 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
05:47:56.0171 0x0b60 PptpMiniport - ok
05:47:56.0186 0x0b60 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
05:47:56.0186 0x0b60 Processor - ok
05:47:56.0217 0x0b60 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
05:47:56.0217 0x0b60 ProfSvc - ok
05:47:56.0233 0x0b60 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] ProtectedStorage C:\Windows\system32\lsass.exe
05:47:56.0233 0x0b60 ProtectedStorage - ok
05:47:56.0264 0x0b60 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
05:47:56.0264 0x0b60 Psched - ok
05:47:56.0405 0x0b60 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
05:47:56.0467 0x0b60 ql2300 - ok
05:47:56.0483 0x0b60 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
05:47:56.0498 0x0b60 ql40xx - ok
05:47:56.0514 0x0b60 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
05:47:56.0514 0x0b60 QWAVE - ok
05:47:56.0545 0x0b60 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
05:47:56.0545 0x0b60 QWAVEdrv - ok
05:47:56.0561 0x0b60 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
05:47:56.0561 0x0b60 RasAcd - ok
05:47:56.0576 0x0b60 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
05:47:56.0576 0x0b60 RasAgileVpn - ok
05:47:56.0592 0x0b60 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
05:47:56.0592 0x0b60 RasAuto - ok
05:47:56.0623 0x0b60 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
05:47:56.0623 0x0b60 Rasl2tp - ok
05:47:56.0670 0x0b60 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
05:47:56.0670 0x0b60 RasMan - ok
05:47:56.0701 0x0b60 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
05:47:56.0701 0x0b60 RasPppoe - ok
05:47:56.0717 0x0b60 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
05:47:56.0717 0x0b60 RasSstp - ok
05:47:56.0732 0x0b60 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
05:47:56.0748 0x0b60 rdbss - ok
05:47:56.0748 0x0b60 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
05:47:56.0748 0x0b60 rdpbus - ok
05:47:56.0763 0x0b60 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
05:47:56.0763 0x0b60 RDPCDD - ok
05:47:56.0795 0x0b60 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
05:47:56.0795 0x0b60 RDPDR - ok
05:47:56.0826 0x0b60 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
05:47:56.0826 0x0b60 RDPENCDD - ok
05:47:56.0841 0x0b60 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
05:47:56.0841 0x0b60 RDPREFMP - ok
05:47:56.0873 0x0b60 [ 70CBA1A0C98600A2AA1863479B35CB90, 91A133297921B4955817176251AFC5283DA3C7D2099700C4C92ECC94DBE9A99E ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
05:47:56.0873 0x0b60 RdpVideoMiniport - ok
05:47:56.0888 0x0b60 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
05:47:56.0888 0x0b60 RDPWD - ok
05:47:56.0935 0x0b60 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
05:47:56.0935 0x0b60 rdyboost - ok
05:47:56.0951 0x0b60 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
05:47:56.0951 0x0b60 RemoteAccess - ok
05:47:56.0982 0x0b60 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
05:47:56.0997 0x0b60 RemoteRegistry - ok
05:47:57.0013 0x0b60 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
05:47:57.0013 0x0b60 RpcEptMapper - ok
05:47:57.0029 0x0b60 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
05:47:57.0029 0x0b60 RpcLocator - ok
05:47:57.0060 0x0b60 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
05:47:57.0075 0x0b60 RpcSs - ok
05:47:57.0107 0x0b60 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
05:47:57.0107 0x0b60 rspndr - ok
05:47:57.0138 0x0b60 [ ABCB5A38A0D85BDF69B7877E1AD1EED5, 44DF1A92E8FA53677A04C46088B0AD49F1F6A090820BE550A514C4FBFD91444D ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
05:47:57.0138 0x0b60 RTL8167 - ok
05:47:57.0169 0x0b60 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
05:47:57.0169 0x0b60 s3cap - ok
05:47:57.0185 0x0b60 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] SamSs C:\Windows\system32\lsass.exe
05:47:57.0185 0x0b60 SamSs - ok
05:47:57.0200 0x0b60 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
05:47:57.0200 0x0b60 sbp2port - ok
05:47:57.0231 0x0b60 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
05:47:57.0231 0x0b60 SCardSvr - ok
05:47:57.0247 0x0b60 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
05:47:57.0247 0x0b60 scfilter - ok
05:47:57.0294 0x0b60 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
05:47:57.0325 0x0b60 Schedule - ok
05:47:57.0356 0x0b60 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
05:47:57.0356 0x0b60 SCPolicySvc - ok
05:47:57.0387 0x0b60 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
05:47:57.0387 0x0b60 SDRSVC - ok
05:47:57.0419 0x0b60 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
05:47:57.0419 0x0b60 secdrv - ok
05:47:57.0434 0x0b60 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
05:47:57.0434 0x0b60 seclogon - ok
05:47:57.0465 0x0b60 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
05:47:57.0465 0x0b60 SENS - ok
05:47:57.0481 0x0b60 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
05:47:57.0481 0x0b60 SensrSvc - ok
05:47:57.0497 0x0b60 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
05:47:57.0497 0x0b60 Serenum - ok
05:47:57.0497 0x0b60 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
05:47:57.0497 0x0b60 Serial - ok
05:47:57.0512 0x0b60 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
05:47:57.0512 0x0b60 sermouse - ok
05:47:57.0543 0x0b60 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
05:47:57.0559 0x0b60 SessionEnv - ok
05:47:57.0575 0x0b60 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
05:47:57.0575 0x0b60 sffdisk - ok
05:47:57.0590 0x0b60 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
05:47:57.0590 0x0b60 sffp_mmc - ok
05:47:57.0606 0x0b60 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
05:47:57.0606 0x0b60 sffp_sd - ok
05:47:57.0621 0x0b60 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
05:47:57.0637 0x0b60 sfloppy - ok
05:47:57.0668 0x0b60 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
05:47:57.0668 0x0b60 SharedAccess - ok
05:47:57.0715 0x0b60 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
05:47:57.0731 0x0b60 ShellHWDetection - ok
05:47:57.0746 0x0b60 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
05:47:57.0762 0x0b60 SiSRaid2 - ok
05:47:57.0777 0x0b60 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
05:47:57.0793 0x0b60 SiSRaid4 - ok
05:47:57.0809 0x0b60 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
05:47:57.0809 0x0b60 Smb - ok
05:47:57.0840 0x0b60 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
05:47:57.0840 0x0b60 SNMPTRAP - ok
05:47:57.0855 0x0b60 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
05:47:57.0855 0x0b60 spldr - ok
05:47:57.0887 0x0b60 [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler C:\Windows\System32\spoolsv.exe
05:47:57.0887 0x0b60 Spooler - ok
05:47:58.0011 0x0b60 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
05:47:58.0074 0x0b60 sppsvc - ok
05:47:58.0105 0x0b60 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
05:47:58.0105 0x0b60 sppuinotify - ok
05:47:58.0136 0x0b60 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
05:47:58.0136 0x0b60 srv - ok
05:47:58.0167 0x0b60 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
05:47:58.0183 0x0b60 srv2 - ok
05:47:58.0199 0x0b60 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
05:47:58.0199 0x0b60 srvnet - ok
05:47:58.0230 0x0b60 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
05:47:58.0230 0x0b60 SSDPSRV - ok
05:47:58.0245 0x0b60 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
05:47:58.0245 0x0b60 SstpSvc - ok
05:47:58.0277 0x0b60 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
05:47:58.0277 0x0b60 stexstor - ok
05:47:58.0323 0x0b60 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
05:47:58.0339 0x0b60 stisvc - ok
05:47:58.0370 0x0b60 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
05:47:58.0370 0x0b60 storflt - ok
05:47:58.0386 0x0b60 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
05:47:58.0386 0x0b60 storvsc - ok
05:47:58.0401 0x0b60 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
05:47:58.0401 0x0b60 swenum - ok
05:47:58.0433 0x0b60 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
05:47:58.0448 0x0b60 swprv - ok
05:47:58.0464 0x0b60 Synth3dVsc - ok
05:47:58.0526 0x0b60 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
05:47:58.0557 0x0b60 SysMain - ok
05:47:58.0589 0x0b60 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
05:47:58.0589 0x0b60 TabletInputService - ok
05:47:58.0604 0x0b60 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
05:47:58.0620 0x0b60 TapiSrv - ok
05:47:58.0635 0x0b60 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
05:47:58.0635 0x0b60 TBS - ok
05:47:58.0776 0x0b60 [ B62A953F2BF3922C8764A29C34A22899, 4A117FF9D1BD58C6A1787DDA7402BAE30E4BA7A70FE3A144F41DD647AA7A3901 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
05:47:58.0838 0x0b60 Tcpip - ok
05:47:58.0901 0x0b60 [ B62A953F2BF3922C8764A29C34A22899, 4A117FF9D1BD58C6A1787DDA7402BAE30E4BA7A70FE3A144F41DD647AA7A3901 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
05:47:58.0932 0x0b60 TCPIP6 - ok
05:47:58.0979 0x0b60 [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
05:47:58.0979 0x0b60 tcpipreg - ok
05:47:59.0010 0x0b60 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
05:47:59.0010 0x0b60 TDPIPE - ok
05:47:59.0025 0x0b60 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
05:47:59.0025 0x0b60 TDTCP - ok
05:47:59.0057 0x0b60 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
05:47:59.0072 0x0b60 tdx - ok
05:47:59.0088 0x0b60 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
05:47:59.0088 0x0b60 TermDD - ok
05:47:59.0119 0x0b60 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
05:47:59.0135 0x0b60 TermService - ok
05:47:59.0166 0x0b60 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
05:47:59.0166 0x0b60 Themes - ok
05:47:59.0181 0x0b60 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
05:47:59.0181 0x0b60 THREADORDER - ok
05:47:59.0213 0x0b60 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
05:47:59.0213 0x0b60 TrkWks - ok
05:47:59.0259 0x0b60 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
05:47:59.0259 0x0b60 TrustedInstaller - ok
05:47:59.0306 0x0b60 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30, CA302C2ED6A6BF4670BAAA4F5C14C0238CF0C80316856AA0DB053F4D593033AC ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
05:47:59.0306 0x0b60 tssecsrv - ok
05:47:59.0322 0x0b60 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
05:47:59.0322 0x0b60 TsUsbFlt - ok
05:47:59.0337 0x0b60 tsusbhub - ok
05:47:59.0369 0x0b60 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
05:47:59.0369 0x0b60 tunnel - ok
05:47:59.0384 0x0b60 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
05:47:59.0384 0x0b60 uagp35 - ok
05:47:59.0415 0x0b60 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
05:47:59.0431 0x0b60 udfs - ok
05:47:59.0462 0x0b60 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
05:47:59.0462 0x0b60 UI0Detect - ok
05:47:59.0478 0x0b60 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
05:47:59.0478 0x0b60 uliagpkx - ok
05:47:59.0493 0x0b60 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
05:47:59.0493 0x0b60 umbus - ok
05:47:59.0509 0x0b60 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
05:47:59.0509 0x0b60 UmPass - ok
05:47:59.0540 0x0b60 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
05:47:59.0540 0x0b60 UmRdpService - ok
05:47:59.0556 0x0b60 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
05:47:59.0571 0x0b60 upnphost - ok
05:47:59.0587 0x0b60 [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829, 5D6E404FE0AB875202CA1A3E8E9D2F4368DF6ACCFA1C872ECFAF8399CBA3A485 ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
05:47:59.0587 0x0b60 usbccgp - ok
05:47:59.0618 0x0b60 [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir C:\Windows\system32\drivers\usbcir.sys
05:47:59.0618 0x0b60 usbcir - ok
05:47:59.0618 0x0b60 [ 74EE782B1D9C241EFE425565854C661C, E8258EA65B0FCAD4E077B176E9D9324646B652D6E651241E397346A39770D065 ] usbehci C:\Windows\system32\drivers\usbehci.sys
05:47:59.0618 0x0b60 usbehci - ok
05:47:59.0649 0x0b60 [ DC96BD9CCB8403251BCF25047573558E, 66EBF8A6B3BC0634F32DDCC8BA31F1EB5987E8C6853E1DC26005E3EED0945565 ] usbhub C:\Windows\system32\drivers\usbhub.sys
05:47:59.0665 0x0b60 usbhub - ok
05:47:59.0681 0x0b60 [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\drivers\usbohci.sys
05:47:59.0681 0x0b60 usbohci - ok
05:47:59.0696 0x0b60 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
05:47:59.0696 0x0b60 usbprint - ok
05:47:59.0727 0x0b60 [ D76510CFA0FC09023077F22C2F979D86, 5662281C6D515423255D3C262EA368DBAFC250235E535FBFA3E59D3487695439 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
05:47:59.0727 0x0b60 USBSTOR - ok
05:47:59.0743 0x0b60 [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
05:47:59.0743 0x0b60 usbuhci - ok
05:47:59.0759 0x0b60 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
05:47:59.0774 0x0b60 UxSms - ok
05:47:59.0790 0x0b60 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] VaultSvc C:\Windows\system32\lsass.exe
05:47:59.0790 0x0b60 VaultSvc - ok
05:47:59.0805 0x0b60 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
05:47:59.0805 0x0b60 vdrvroot - ok
05:47:59.0837 0x0b60 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
05:47:59.0852 0x0b60 vds - ok
05:47:59.0868 0x0b60 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
05:47:59.0868 0x0b60 vga - ok
05:47:59.0883 0x0b60 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
05:47:59.0883 0x0b60 VgaSave - ok
05:47:59.0899 0x0b60 VGPU - ok
05:47:59.0915 0x0b60 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
05:47:59.0930 0x0b60 vhdmp - ok
05:47:59.0946 0x0b60 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
05:47:59.0946 0x0b60 viaide - ok
05:47:59.0977 0x0b60 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
05:47:59.0977 0x0b60 vmbus - ok
05:47:59.0993 0x0b60 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
05:47:59.0993 0x0b60 VMBusHID - ok
05:48:00.0024 0x0b60 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
05:48:00.0024 0x0b60 volmgr - ok
05:48:00.0055 0x0b60 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
05:48:00.0055 0x0b60 volmgrx - ok
05:48:00.0071 0x0b60 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
05:48:00.0086 0x0b60 volsnap - ok
05:48:00.0102 0x0b60 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
05:48:00.0117 0x0b60 vsmraid - ok
05:48:00.0180 0x0b60 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
05:48:00.0211 0x0b60 VSS - ok
05:48:00.0227 0x0b60 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
05:48:00.0227 0x0b60 vwifibus - ok
05:48:00.0273 0x0b60 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
05:48:00.0289 0x0b60 W32Time - ok
05:48:00.0305 0x0b60 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
05:48:00.0320 0x0b60 WacomPen - ok
05:48:00.0351 0x0b60 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
05:48:00.0351 0x0b60 WANARP - ok
05:48:00.0351 0x0b60 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
05:48:00.0351 0x0b60 Wanarpv6 - ok
05:48:00.0429 0x0b60 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
05:48:00.0461 0x0b60 WatAdminSvc - ok
05:48:00.0554 0x0b60 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
05:48:00.0585 0x0b60 wbengine - ok
05:48:00.0617 0x0b60 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
05:48:00.0632 0x0b60 WbioSrvc - ok
05:48:00.0663 0x0b60 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
05:48:00.0679 0x0b60 wcncsvc - ok
05:48:00.0695 0x0b60 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
05:48:00.0710 0x0b60 WcsPlugInService - ok
05:48:00.0726 0x0b60 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
05:48:00.0726 0x0b60 Wd - ok
05:48:00.0757 0x0b60 [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
05:48:00.0773 0x0b60 Wdf01000 - ok
05:48:00.0804 0x0b60 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
05:48:00.0804 0x0b60 WdiServiceHost - ok
05:48:00.0804 0x0b60 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
05:48:00.0804 0x0b60 WdiSystemHost - ok
05:48:00.0835 0x0b60 [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient C:\Windows\System32\webclnt.dll
05:48:00.0851 0x0b60 WebClient - ok
05:48:00.0882 0x0b60 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
05:48:00.0897 0x0b60 Wecsvc - ok
05:48:00.0897 0x0b60 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
05:48:00.0897 0x0b60 wercplsupport - ok
05:48:00.0913 0x0b60 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
05:48:00.0913 0x0b60 WerSvc - ok
05:48:00.0944 0x0b60 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
05:48:00.0944 0x0b60 WfpLwf - ok
05:48:00.0960 0x0b60 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
05:48:00.0960 0x0b60 WIMMount - ok
05:48:00.0975 0x0b60 WinDefend - ok
05:48:00.0991 0x0b60 WinHttpAutoProxySvc - ok
05:48:01.0038 0x0b60 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
05:48:01.0053 0x0b60 Winmgmt - ok
05:48:01.0147 0x0b60 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
05:48:01.0178 0x0b60 WinRM - ok
05:48:01.0241 0x0b60 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
05:48:01.0256 0x0b60 Wlansvc - ok
05:48:01.0287 0x0b60 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
05:48:01.0287 0x0b60 WmiAcpi - ok
05:48:01.0303 0x0b60 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
05:48:01.0334 0x0b60 wmiApSrv - ok
05:48:01.0365 0x0b60 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
05:48:01.0365 0x0b60 WPCSvc - ok
05:48:01.0381 0x0b60 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
05:48:01.0381 0x0b60 WPDBusEnum - ok
05:48:01.0397 0x0b60 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
05:48:01.0397 0x0b60 ws2ifsl - ok
05:48:01.0412 0x0b60 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
05:48:01.0412 0x0b60 wscsvc - ok
05:48:01.0428 0x0b60 WSearch - ok
05:48:01.0631 0x0b60 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
05:48:01.0677 0x0b60 wuauserv - ok
05:48:01.0709 0x0b60 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
05:48:01.0709 0x0b60 WudfPf - ok
05:48:01.0755 0x0b60 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
05:48:01.0755 0x0b60 WUDFRd - ok
05:48:01.0787 0x0b60 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
05:48:01.0787 0x0b60 wudfsvc - ok
05:48:01.0818 0x0b60 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
05:48:01.0818 0x0b60 WwanSvc - ok
05:48:01.0833 0x0b60 ================ Scan global ===============================
05:48:01.0849 0x0b60 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
05:48:01.0880 0x0b60 [ 0C27239FEA4DB8A2AAC9E502186B7264, 102AA14D7A3CCCE913D9887AF4CCE87EA649A21BEF5196DFFCAD7E8F0B6A7293 ] C:\Windows\system32\winsrv.dll
05:48:01.0896 0x0b60 [ 0C27239FEA4DB8A2AAC9E502186B7264, 102AA14D7A3CCCE913D9887AF4CCE87EA649A21BEF5196DFFCAD7E8F0B6A7293 ] C:\Windows\system32\winsrv.dll
05:48:01.0911 0x0b60 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
05:48:01.0927 0x0b60 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
05:48:01.0943 0x0b60 [ Global ] - ok
05:48:01.0943 0x0b60 ================ Scan MBR ==================================
05:48:01.0958 0x0b60 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
05:48:03.0206 0x0b60 \Device\Harddisk0\DR0 - ok
05:48:03.0206 0x0b60 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
05:48:03.0222 0x0b60 \Device\Harddisk1\DR1 - ok
05:48:03.0222 0x0b60 ================ Scan VBR ==================================
05:48:03.0237 0x0b60 [ 1FFFC9519A7729B51F4961B8F9991A5E ] \Device\Harddisk0\DR0\Partition1
05:48:03.0237 0x0b60 \Device\Harddisk0\DR0\Partition1 - ok
05:48:03.0253 0x0b60 [ 30DFE5E7E9E7A05BAE29E69D5923CE81 ] \Device\Harddisk0\DR0\Partition2
05:48:03.0269 0x0b60 \Device\Harddisk0\DR0\Partition2 - ok
05:48:03.0284 0x0b60 [ AD4E339BBE9FE116850C17FA7DA2F24F ] \Device\Harddisk0\DR0\Partition3
05:48:03.0331 0x0b60 \Device\Harddisk0\DR0\Partition3 - ok
05:48:03.0331 0x0b60 [ C5EB25648F95E0DB6714B8C122B2E0EC ] \Device\Harddisk1\DR1\Partition1
05:48:03.0331 0x0b60 \Device\Harddisk1\DR1\Partition1 - ok
05:48:03.0331 0x0b60 ================ Scan active images ========================
05:48:03.0331 0x0b60 [ 3E588B60EC061686BA05D33574A344C6, 19D2D863F95CCC4493A2328B6BEB04248B6A80F957532E58C1D1D868C19FDCCB ] C:\Windows\System32\drivers\crashdmp.sys
05:48:03.0331 0x0b60 C:\Windows\System32\drivers\crashdmp.sys - ok
05:48:03.0331 0x0b60 [ 9BBD8B5855BC6578957F82341F9CDE5A, 7EFEE3053BA99EC3704CCBD71C987DA846F3DD5DB8F9FC2DACA8C328FA55662E ] C:\Windows\System32\drivers\Diskdump.sys
05:48:03.0331 0x0b60 C:\Windows\System32\drivers\Diskdump.sys - ok
05:48:03.0347 0x0b60 [ 814DB88F2641691575A455CF25354098, 79C50F0CD72612733217A0316BEFEA0B6D819C3159D9452EAB89AC26A18A0F89 ] C:\Windows\System32\drivers\dumpfve.sys
05:48:03.0347 0x0b60 C:\Windows\System32\drivers\dumpfve.sys - ok
05:48:03.0347 0x0b60 [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] C:\Windows\System32\drivers\nvstor.sys
05:48:03.0347 0x0b60 C:\Windows\System32\drivers\nvstor.sys - ok
05:48:03.0347 0x0b60 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] C:\Windows\System32\drivers\beep.sys
05:48:03.0347 0x0b60 C:\Windows\System32\drivers\beep.sys - ok
05:48:03.0362 0x0b60 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] C:\Windows\System32\drivers\null.sys
05:48:03.0362 0x0b60 C:\Windows\System32\drivers\null.sys - ok
05:48:03.0362 0x0b60 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] C:\Windows\System32\drivers\RDPCDD.sys
05:48:03.0362 0x0b60 C:\Windows\System32\drivers\RDPCDD.sys - ok
05:48:03.0362 0x0b60 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] C:\Windows\System32\drivers\RDPENCDD.sys
05:48:03.0362 0x0b60 C:\Windows\System32\drivers\RDPENCDD.sys - ok
05:48:03.0378 0x0b60 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] C:\Windows\System32\drivers\RDPREFMP.sys
05:48:03.0378 0x0b60 C:\Windows\System32\drivers\RDPREFMP.sys - ok
05:48:03.0378 0x0b60 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] C:\Windows\System32\drivers\vga.sys
05:48:03.0378 0x0b60 C:\Windows\System32\drivers\vga.sys - ok
05:48:03.0378 0x0b60 [ E7353D59C9842BC7299FAEB7E7E09340, C37ED1025E07BAC2F535DCFED6C6C509515D95722EADE5AF94F1FC5D8B1DC783 ] C:\Windows\System32\drivers\videoprt.sys
05:48:03.0378 0x0b60 C:\Windows\System32\drivers\videoprt.sys - ok
05:48:03.0393 0x0b60 [ FC438D1430B28618E2D0C7C332A710AD, 873957B202E454E2C8F625E5799F278CAC16EC5EEAEE2C33E2FE5D1FF0408CB2 ] C:\Windows\System32\drivers\watchdog.sys
05:48:03.0393 0x0b60 C:\Windows\System32\drivers\watchdog.sys - ok
05:48:03.0393 0x0b60 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] C:\Windows\System32\drivers\msfs.sys
05:48:03.0393 0x0b60 C:\Windows\System32\drivers\msfs.sys - ok
05:48:03.0393 0x0b60 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] C:\Windows\System32\drivers\npfs.sys
05:48:03.0409 0x0b60 C:\Windows\System32\drivers\npfs.sys - ok
05:48:03.0409 0x0b60 [ 6F020A220388ECA0AB6062DC27BD16B6, 48655230E482DEB7B4B50EF05818EBB29CA61E780AEFCD9D31B02DE4DF9D9540 ] C:\Windows\System32\drivers\tdi.sys
05:48:03.0409 0x0b60 C:\Windows\System32\drivers\tdi.sys - ok
05:48:03.0409 0x0b60 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] C:\Windows\System32\drivers\tdx.sys
05:48:03.0409 0x0b60 C:\Windows\System32\drivers\tdx.sys - ok
05:48:03.0409 0x0b60 [ 1C7857B62DE5994A75B054A9FD4C3825, 83F963D7E636532B1AD30B1E727EC429317CA540F6EB3BB268FCC0B163B67767 ] C:\Windows\System32\drivers\afd.sys
05:48:03.0409 0x0b60 C:\Windows\System32\drivers\afd.sys - ok
05:48:03.0425 0x0b60 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] C:\Windows\System32\drivers\netbt.sys
05:48:03.0425 0x0b60 C:\Windows\System32\drivers\netbt.sys - ok
05:48:03.0425 0x0b60 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] C:\Windows\System32\drivers\pacer.sys
05:48:03.0425 0x0b60 C:\Windows\System32\drivers\pacer.sys - ok
05:48:03.0425 0x0b60 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] C:\Windows\System32\drivers\wfplwf.sys
05:48:03.0425 0x0b60 C:\Windows\System32\drivers\wfplwf.sys - ok
05:48:03.0440 0x0b60 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] C:\Windows\System32\drivers\netbios.sys
05:48:03.0440 0x0b60 C:\Windows\System32\drivers\netbios.sys - ok
05:48:03.0440 0x0b60 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] C:\Windows\System32\drivers\serial.sys
05:48:03.0440 0x0b60 C:\Windows\System32\drivers\serial.sys - ok
05:48:03.0440 0x0b60 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] C:\Windows\System32\drivers\wanarp.sys
05:48:03.0456 0x0b60 C:\Windows\System32\drivers\wanarp.sys - ok
05:48:03.0456 0x0b60 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] C:\Windows\System32\drivers\termdd.sys
05:48:03.0456 0x0b60 C:\Windows\System32\drivers\termdd.sys - ok
05:48:03.0456 0x0b60 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] C:\Windows\System32\drivers\rdbss.sys
05:48:03.0456 0x0b60 C:\Windows\System32\drivers\rdbss.sys - ok
05:48:03.0471 0x0b60 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] C:\Windows\System32\drivers\mssmbios.sys
05:48:03.0471 0x0b60 C:\Windows\System32\drivers\mssmbios.sys - ok
05:48:03.0471 0x0b60 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] C:\Windows\System32\drivers\nsiproxy.sys
05:48:03.0471 0x0b60 C:\Windows\System32\drivers\nsiproxy.sys - ok
05:48:03.0471 0x0b60 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] C:\Windows\System32\drivers\discache.sys
05:48:03.0471 0x0b60 C:\Windows\System32\drivers\discache.sys - ok
05:48:03.0487 0x0b60 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] C:\Windows\System32\drivers\csc.sys
05:48:03.0487 0x0b60 C:\Windows\System32\drivers\csc.sys - ok
05:48:03.0487 0x0b60 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] C:\Windows\System32\drivers\dfsc.sys
05:48:03.0487 0x0b60 C:\Windows\System32\drivers\dfsc.sys - ok
05:48:03.0487 0x0b60 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] C:\Windows\System32\drivers\blbdrive.sys
05:48:03.0487 0x0b60 C:\Windows\System32\drivers\blbdrive.sys - ok
05:48:03.0487 0x0b60 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] C:\Windows\System32\drivers\tunnel.sys
05:48:03.0487 0x0b60 C:\Windows\System32\drivers\tunnel.sys - ok
05:48:03.0503 0x0b60 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] C:\Windows\System32\drivers\amdppm.sys
05:48:03.0503 0x0b60 C:\Windows\System32\drivers\amdppm.sys - ok
05:48:03.0503 0x0b60 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] C:\Windows\System32\drivers\serenum.sys
05:48:03.0503 0x0b60 C:\Windows\System32\drivers\serenum.sys - ok
05:48:03.0518 0x0b60 [ B6D64EE607637301FF8C33139B4950DE, E7FE3EC3DA3CABDBBE2C23BAA5FE3CD64DA01FF73B4B4C2F077224A607E688DD ] C:\Windows\System32\drivers\usbport.sys
05:48:03.0518 0x0b60 C:\Windows\System32\drivers\usbport.sys - ok
05:48:03.0518 0x0b60 [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] C:\Windows\System32\drivers\usbohci.sys
05:48:03.0518 0x0b60 C:\Windows\System32\drivers\usbohci.sys - ok
05:48:03.0518 0x0b60 [ F0371DE302FFFF8F086661611BE60848, 87D989689CDC9F551C8F9D032460EE55531E4E32865BE688AC275F9139C06BDF ] C:\Windows\System32\smss.exe
05:48:03.0518 0x0b60 C:\Windows\System32\smss.exe - ok
05:48:03.0534 0x0b60 [ 74EE782B1D9C241EFE425565854C661C, E8258EA65B0FCAD4E077B176E9D9324646B652D6E651241E397346A39770D065 ] C:\Windows\System32\drivers\usbehci.sys
05:48:03.0534 0x0b60 C:\Windows\System32\drivers\usbehci.sys - ok
05:48:03.0534 0x0b60 [ CF95B85FF8D128385ABD411C8CA74DED, 406CF5C07F75BC976B2F82D1E1166D255C5149B9EF57C2DEA2C8348DF231211F ] C:\Windows\System32\ntdll.dll
05:48:03.0534 0x0b60 C:\Windows\System32\ntdll.dll - ok
05:48:03.0534 0x0b60 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] C:\Windows\System32\drivers\hdaudbus.sys
05:48:03.0534 0x0b60 C:\Windows\System32\drivers\hdaudbus.sys - ok
05:48:03.0549 0x0b60 [ ABCB5A38A0D85BDF69B7877E1AD1EED5, 44DF1A92E8FA53677A04C46088B0AD49F1F6A090820BE550A514C4FBFD91444D ] C:\Windows\System32\drivers\Rt64win7.sys
05:48:03.0549 0x0b60 C:\Windows\System32\drivers\Rt64win7.sys - ok
05:48:03.0549 0x0b60 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93, 7BC847CE6C2D29C334F0D1600BBBDE3933FF45F6BEE5186F442E6270A3F9EC4E ] C:\Windows\System32\autochk.exe
05:48:03.0549 0x0b60 C:\Windows\System32\autochk.exe - ok
05:48:03.0549 0x0b60 [ DD81FBC57AB9134CDDC5CE90880BFD80, 16DF4D9645238D1014FA9189FF171DCF7B7C7573F759B5AC73025518139D86B1 ] C:\Windows\System32\drivers\nvlddmkm.sys
05:48:03.0549 0x0b60 C:\Windows\System32\drivers\nvlddmkm.sys - ok
05:48:03.0565 0x0b60 [ F5BEE30450E18E6B83A5012C100616FD, 44D0577D159FC2BDF4EAD1DC2C7FD14925D075225EF97608CAC52DEE405B08FD ] C:\Windows\System32\drivers\dxgkrnl.sys
05:48:03.0565 0x0b60 C:\Windows\System32\drivers\dxgkrnl.sys - ok
05:48:03.0565 0x0b60 [ 9CD68BDDF322535C02ADC8331013D13D, B887338E0C1033C93C9F157C69D5C47B05C7B27A91C9481CA8B72BDD514E9651 ] C:\Windows\System32\drivers\dxgmms1.sys
05:48:03.0565 0x0b60 C:\Windows\System32\drivers\dxgmms1.sys - ok
05:48:03.0565 0x0b60 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] C:\Windows\System32\drivers\agilevpn.sys
05:48:03.0565 0x0b60 C:\Windows\System32\drivers\agilevpn.sys - ok
05:48:03.0581 0x0b60 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] C:\Windows\System32\drivers\CompositeBus.sys
05:48:03.0581 0x0b60 C:\Windows\System32\drivers\CompositeBus.sys - ok
05:48:03.0581 0x0b60 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] C:\Windows\System32\drivers\ndistapi.sys
05:48:03.0581 0x0b60 C:\Windows\System32\drivers\ndistapi.sys - ok
05:48:03.0581 0x0b60 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] C:\Windows\System32\drivers\ndiswan.sys
05:48:03.0581 0x0b60 C:\Windows\System32\drivers\ndiswan.sys - ok
05:48:03.0596 0x0b60 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] C:\Windows\System32\drivers\rasl2tp.sys
05:48:03.0596 0x0b60 C:\Windows\System32\drivers\rasl2tp.sys - ok
05:48:03.0596 0x0b60 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] C:\Windows\System32\drivers\raspppoe.sys
05:48:03.0596 0x0b60 C:\Windows\System32\drivers\raspppoe.sys - ok
05:48:03.0596 0x0b60 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] C:\Windows\System32\drivers\raspptp.sys
05:48:03.0596 0x0b60 C:\Windows\System32\drivers\raspptp.sys - ok
05:48:03.0612 0x0b60 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] C:\Windows\System32\drivers\rassstp.sys
05:48:03.0612 0x0b60 C:\Windows\System32\drivers\rassstp.sys - ok
05:48:03.0612 0x0b60 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] C:\Windows\System32\drivers\rdpbus.sys
05:48:03.0612 0x0b60 C:\Windows\System32\drivers\rdpbus.sys - ok
05:48:03.0612 0x0b60 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] C:\Windows\System32\drivers\kbdclass.sys
05:48:03.0612 0x0b60 C:\Windows\System32\drivers\kbdclass.sys - ok
05:48:03.0627 0x0b60 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] C:\Windows\System32\drivers\mouclass.sys
05:48:03.0627 0x0b60 C:\Windows\System32\drivers\mouclass.sys - ok
05:48:03.0627 0x0b60 [ 24FBF5CC5C04150073C315A7C83521EE, 581BD5F15B5E57B3BAA762E421FFD859FDA46DDB8515C2A7AAFF208D784E906C ] C:\Windows\System32\drivers\ks.sys
05:48:03.0627 0x0b60 C:\Windows\System32\drivers\ks.sys - ok
05:48:03.0643 0x0b60 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] C:\Windows\System32\drivers\swenum.sys
05:48:03.0643 0x0b60 C:\Windows\System32\drivers\swenum.sys - ok
05:48:03.0643 0x0b60 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] C:\Windows\System32\drivers\umbus.sys
05:48:03.0643 0x0b60 C:\Windows\System32\drivers\umbus.sys - ok
05:48:03.0643 0x0b60 [ DC96BD9CCB8403251BCF25047573558E, 66EBF8A6B3BC0634F32DDCC8BA31F1EB5987E8C6853E1DC26005E3EED0945565 ] C:\Windows\System32\drivers\usbhub.sys
05:48:03.0643 0x0b60 C:\Windows\System32\drivers\usbhub.sys - ok
05:48:03.0659 0x0b60 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] C:\Windows\System32\drivers\ndproxy.sys
05:48:03.0659 0x0b60 C:\Windows\System32\drivers\ndproxy.sys - ok
05:48:03.0659 0x0b60 [ 21D26064AEDB4988F785BB4A3A2C051E, F6FA2CA351B24DA19645EB542596C82F9A68D84CC7CCFE6F9FC15CE2CE4D1961 ] C:\Windows\System32\drivers\drmk.sys
05:48:03.0659 0x0b60 C:\Windows\System32\drivers\drmk.sys - ok
05:48:03.0659 0x0b60 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] C:\Windows\System32\drivers\HdAudio.sys
05:48:03.0659 0x0b60 C:\Windows\System32\drivers\HdAudio.sys - ok
05:48:03.0674 0x0b60 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] C:\Windows\System32\drivers\ksthunk.sys
05:48:03.0674 0x0b60 C:\Windows\System32\drivers\ksthunk.sys - ok
05:48:03.0674 0x0b60 [ 32E11315B5126921FFD9074840EF13D3, FC7C0E1CC447FDD89C0FA5EBFD04CCEABFB27751AB57A7176F12BD0D35306E1C ] C:\Windows\System32\drivers\portcls.sys
05:48:03.0674 0x0b60 C:\Windows\System32\drivers\portcls.sys - ok
05:48:03.0674 0x0b60 [ D202223587518B13D72D68937B7E3F70, 9DB971B866D058ADBB518DD99B87C5DB8DD1E7C9073755B989AE7E9FB62901E8 ] C:\Windows\System32\lpk.dll
05:48:03.0674 0x0b60 C:\Windows\System32\lpk.dll - ok
05:48:03.0690 0x0b60 [ C391FC68282A000CDF953F8B6B55D2EF, 1CB0DAB84545D9FDEA5A7865A1E7132CEAC91DECF8B100285B63098D7B09E584 ] C:\Windows\System32\msvcrt.dll
05:48:03.0690 0x0b60 C:\Windows\System32\msvcrt.dll - ok
05:48:03.0690 0x0b60 [ 044FE45FFD6AD40E3BBBE60B7F41BABE, A1688A5E6E0F7037C850699462C2655006A7D873C97F9AB406C59D81749B6F09 ] C:\Windows\System32\nsi.dll
05:48:03.0690 0x0b60 C:\Windows\System32\nsi.dll - ok
05:48:03.0690 0x0b60 [ D87E1E59C73C1F98D5DED5B3850C40F5, 536419BFF9F877D4314B5D0C045D9A6E729489C389863FADF07E382050BC84FD ] C:\Windows\System32\psapi.dll
05:48:03.0690 0x0b60 C:\Windows\System32\psapi.dll - ok
05:48:03.0705 0x0b60 [ 65C113214F7B05820F6D8A65B1485196, 060FCA3BECCF4EBD6BFA6773FE3F5ECF23BC1183F61E19ADFF5EF4E427E7F50A ] C:\Windows\System32\kernel32.dll
05:48:03.0705 0x0b60 C:\Windows\System32\kernel32.dll - ok
05:48:03.0705 0x0b60 [ 20A8C401F2C878AE572D4794336B892C, 220983E694EFEB5FFDB22C98F54BD697F59C3D402921D1A3E79E4E36B9C1E787 ] C:\Windows\System32\wininet.dll
05:48:03.0705 0x0b60 C:\Windows\System32\wininet.dll - ok
05:48:03.0705 0x0b60 [ 25983DE69B57142039AC8D95E71CD9C9, A677DA7EBCBCB6073D27E8A38809F51E971E83ED379BC599AAAD6EF4216348DA ] C:\Windows\System32\clbcatq.dll
05:48:03.0705 0x0b60 C:\Windows\System32\clbcatq.dll - ok
05:48:03.0721 0x0b60 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5, 12130837D7F89A2C7E9D25747A8E5B9001E0A38D545178B49B450C23AE62664A ] C:\Windows\System32\setupapi.dll
05:48:03.0721 0x0b60 C:\Windows\System32\setupapi.dll - ok
05:48:03.0721 0x0b60 [ A53DCF7D6057D9B0E3523358C28955D5, 505C2F0A0E7A968A32DC267D7D91D6294AA79C86B6F4248A01D6A25054859795 ] C:\Windows\System32\iertutil.dll
05:48:03.0721 0x0b60 C:\Windows\System32\iertutil.dll - ok
05:48:03.0721 0x0b60 [ 9835E63E09F824D22B689D2BB789BAB9, 5BCFFAFB894D69FBCDDB91E64D30A356F4BD57098E8B4C51B98AFAF6581BDB63 ] C:\Windows\System32\comdlg32.dll
05:48:03.0721 0x0b60 C:\Windows\System32\comdlg32.dll - ok
05:48:03.0737 0x0b60 [ EAF32CB8C1F810E4715B4DFBE785C7FF, DB6AD07FDED42433E669508AB73FAFF6DAFF04575D6F1D016FE3EB6ECEC4DD5D ] C:\Windows\System32\shlwapi.dll
05:48:03.0737 0x0b60 C:\Windows\System32\shlwapi.dll - ok
05:48:03.0737 0x0b60 [ F7CE0C81C545364020ED8203CF0A633E, 24B47A7492B7048096AF87E26786E8108455ADBD1A374B6A0466DE008505B8A9 ] C:\Windows\System32\difxapi.dll
05:48:03.0737 0x0b60 C:\Windows\System32\difxapi.dll - ok
05:48:03.0737 0x0b60 [ FE70103391A64039A921DBFFF9C7AB1B, F7D219D75037BC98F6C69143B00AB6000A31F8B5E211E0AF514F4F4B681522A0 ] C:\Windows\System32\user32.dll
05:48:03.0737 0x0b60 C:\Windows\System32\user32.dll - ok
05:48:03.0752 0x0b60 [ 4BBFA57F594F7E8A8EDC8F377184C3F0, 9F3AC5DEA5A6250C3DBB97AF79C81C0A48429486521F807355A1D7D3D861B75F ] C:\Windows\System32\ws2_32.dll
05:48:03.0752 0x0b60 C:\Windows\System32\ws2_32.dll - ok
05:48:03.0752 0x0b60 [ AA2C08CE85653B1A0D2E4AB407FA176C, 83DFD0C119B20AEDB07114C9D1CF9CE2DFA938D0F1070256B0591A9E2C3997FA ] C:\Windows\System32\imm32.dll
05:48:03.0752 0x0b60 C:\Windows\System32\imm32.dll - ok
05:48:03.0752 0x0b60 [ C06B32165E23A72A898B7A89679AD754, 721405158F6E9F1A7FE7BB33EF642D91332726629D0D3B07DF3CF3152A91C85D ] C:\Windows\System32\oleaut32.dll
05:48:03.0752 0x0b60 C:\Windows\System32\oleaut32.dll - ok
05:48:03.0768 0x0b60 [ 6C60B5ACA7442EFB794082CDACFC001C, FC1D9124856A70FF232EF3057D66BEE803295847624CE23B4D0217F23AF52C75 ] C:\Windows\System32\ole32.dll
05:48:03.0768 0x0b60 C:\Windows\System32\ole32.dll - ok
05:48:03.0768 0x0b60 [ A1BE6A720D02E37F72E9CD89AE9CB3CF, 80721B622AC1EEF1F534B9C8948E2226B733123B14ABE63894D5788E4F0D6B8B ] C:\Windows\System32\imagehlp.dll
05:48:03.0768 0x0b60 C:\Windows\System32\imagehlp.dll - ok
05:48:03.0768 0x0b60 [ 4E4FFB09D895AA000DD56D1404F69A7E, D999E04BB35780088480EAB322176570591A21E311D204BDCAB010A63B34D24C ] C:\Windows\System32\Wldap32.dll
05:48:03.0768 0x0b60 C:\Windows\System32\Wldap32.dll - ok
05:48:03.0783 0x0b60 [ 83404DCBCE4925B6A5A77C5170F46D86, D669614D0B4461DB244AD99FBE1BA92CEB9B4ED5EC8E987E23764E77D9AC7074 ] C:\Windows\System32\sechost.dll
05:48:03.0783 0x0b60 C:\Windows\System32\sechost.dll - ok
05:48:03.0783 0x0b60 [ FCB7B9EDD0F439625E26BE32EB1A07D4, 951FAF140C32FB1E17AC5B85DA1EC629FFC95B43082FF5AA8F9121647B7633CD ] C:\Windows\System32\urlmon.dll
05:48:03.0783 0x0b60 C:\Windows\System32\urlmon.dll - ok
05:48:03.0783 0x0b60 [ DBF99FD9CAF75CA66D042BD8D050FF71, D11A863EAEDE80A731FD7A63F744E518D3921043CC3982BAA87992F9E82F044F ] C:\Windows\System32\usp10.dll
05:48:03.0783 0x0b60 C:\Windows\System32\usp10.dll - ok
05:48:03.0799 0x0b60 [ C431EAF5CAA1C82CAC2534A2EAB348A3, ADDF850128DC675E67FABA9A3D0D27E684F01F733962CA22927BB94503549E44 ] C:\Windows\System32\msctf.dll
05:48:03.0799 0x0b60 C:\Windows\System32\msctf.dll - ok
05:48:03.0799 0x0b60 [ 1084AA52CCC324EA54C7121FA24C2221, 6E972CF624F7C0DE8190434B3B30279A01C551713109F97B9EBB77FAC9364754 ] C:\Windows\System32\gdi32.dll
05:48:03.0799 0x0b60 C:\Windows\System32\gdi32.dll - ok
05:48:03.0799 0x0b60 [ 0611473C1AD9E2D991CD9482068417F7, 90AFCC2A60350ECE27E75E76459132EF0FA28EF283CE88FCED4B82735A93ECDA ] C:\Windows\System32\rpcrt4.dll
05:48:03.0799 0x0b60 C:\Windows\System32\rpcrt4.dll - ok
05:48:03.0815 0x0b60 [ 6DF46D2BD74E3DA1B45F08F10D172732, 2DC945F6F2C4A82189BC7DA2FCBB7D9A0E2588A909539249E55BA82468E0C677 ] C:\Windows\System32\advapi32.dll
05:48:03.0815 0x0b60 C:\Windows\System32\advapi32.dll - ok
05:48:03.0815 0x0b60 [ 28C0B5024F5C5A438E78B188CFC81B7F, AB81FB63F2908CE316B45609077ACBD85F4B2AAD1606B1E9030F06DB82EDDFAD ] C:\Windows\System32\normaliz.dll
05:48:03.0815 0x0b60 C:\Windows\System32\normaliz.dll - ok
05:48:03.0815 0x0b60 [ C6689007B3A749C49A5438DCF36E0CE4, 492504464293C176AD2A87F4BE9B362A5716C26F49DEEA5F6DD3BAFDF9AAAF8F ] C:\Windows\System32\shell32.dll
05:48:03.0815 0x0b60 C:\Windows\System32\shell32.dll - ok
05:48:03.0830 0x0b60 [ 12EE6FE9268CEE6D90FDCCBF89236C65, F5926ECCDDDF5F7E0741C550136A88AD00A074A92FCB942E314D763B1DBCF6DF ] C:\Windows\System32\crypt32.dll
05:48:03.0830 0x0b60 C:\Windows\System32\crypt32.dll - ok
05:48:03.0830 0x0b60 [ 14DFDEAF4E589ED3F1FF187A86B9408C, 86D383D5B90A86556521C62C50F7BE0306FCD24FD86A8A37E8320FAE948531EB ] C:\Windows\System32\comctl32.dll
05:48:03.0830 0x0b60 C:\Windows\System32\comctl32.dll - ok
05:48:03.0830 0x0b60 [ AA06902362B1422D7A7DA7061E07C624, F005A09CA31BC2C94C4C9E37DB8D2304B1EA62FED77E93AF7E8D5C5399E6A426 ] C:\Windows\System32\wintrust.dll
05:48:03.0830 0x0b60 C:\Windows\System32\wintrust.dll - ok
05:48:03.0846 0x0b60 [ 2477A28081BDAEE622CF045ACF8EE124, 00A09CAF9129E84FEEA98FA03CE9012C9F961B64FEE15C4F268822C0F82ACC3C ] C:\Windows\System32\cfgmgr32.dll
05:48:03.0846 0x0b60 C:\Windows\System32\cfgmgr32.dll - ok
05:48:03.0846 0x0b60 [ 1F56F209585F350A5666E3CC7931FD67, BC578C8ECA1C1D3B04A1E55F47402D6091194CACEBB8F214B1BB49063EEB9F5D ] C:\Windows\System32\KernelBase.dll
05:48:03.0846 0x0b60 C:\Windows\System32\KernelBase.dll - ok
05:48:03.0846 0x0b60 [ 06FEC9E8117103BB1141A560E98077DA, C5E61B11DDBBBBBA3D9488970524F0975EA5FBDF16E2FA31F579F8BFA48353B1 ] C:\Windows\System32\devobj.dll
05:48:03.0846 0x0b60 C:\Windows\System32\devobj.dll - ok
05:48:03.0861 0x0b60 [ 884415BD4269C02EAF8E2613BF85500D, EFE771709EC942694FD206AC8D0A48ED7DCD35036F074268E4AECD68AC982CEA ] C:\Windows\System32\msasn1.dll
05:48:03.0861 0x0b60 C:\Windows\System32\msasn1.dll - ok
05:48:03.0861 0x0b60 [ 9C278785347BCC991F8EA2999D90F58D, EA680C3642A6ABF627415AEE019956FAC702DC6A8F4B4D0FC8A4FB21EADD3896 ] C:\Windows\SysWOW64\normaliz.dll
05:48:03.0861 0x0b60 C:\Windows\SysWOW64\normaliz.dll - ok
05:48:03.0877 0x0b60 [ BF24D6F2ED97FE830BFD52B246F98E67, 6BBF4C4221A245462EF653798F6B416EEB12594AD1CB4E8BC8908A8CB2F53384 ] C:\Windows\System32\drivers\dxapi.sys
05:48:03.0877 0x0b60 C:\Windows\System32\drivers\dxapi.sys - ok
05:48:03.0877 0x0b60 [ 86F96630D28523F1C402C783F046DEF1, 44D43740F5AD6530D47EBD247307EEEEB49FD6A980D8E4FA7A5281E3F371FEFD ] C:\Windows\System32\win32k.sys
05:48:03.0877 0x0b60 C:\Windows\System32\win32k.sys - ok
05:48:03.0877 0x0b60 [ 60C2862B4BF0FD9F582EF344C2B1EC72, CB1C6018FC5C15483AC5BB96E5C2E2E115BB0C0E1314837D77201BAB37E8C03A ] C:\Windows\System32\csrss.exe
05:48:03.0877 0x0b60 C:\Windows\System32\csrss.exe - ok
05:48:03.0893 0x0b60 [ CEC1EDF4022DC4DCA40384DCEC672B0E, 03708DB2F8C338520A6D7AC128E822609C6A431569145404FCD04BEA4072A683 ] C:\Windows\System32\csrsrv.dll
05:48:03.0893 0x0b60 C:\Windows\System32\csrsrv.dll - ok
05:48:03.0893 0x0b60 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\System32\basesrv.dll
05:48:03.0893 0x0b60 C:\Windows\System32\basesrv.dll - ok
05:48:03.0893 0x0b60 [ 0C27239FEA4DB8A2AAC9E502186B7264, 102AA14D7A3CCCE913D9887AF4CCE87EA649A21BEF5196DFFCAD7E8F0B6A7293 ] C:\Windows\System32\winsrv.dll
05:48:03.0893 0x0b60 C:\Windows\System32\winsrv.dll - ok
05:48:03.0893 0x0b60 [ 63C8D74BED9F80F4DD0AA7A3101EB639, EA2CE29025259E9DE945CE52C80A41C33024D7C2907AA1928480EC11FC852B08 ] C:\Windows\System32\drivers\usbd.sys
05:48:03.0893 0x0b60 C:\Windows\System32\drivers\usbd.sys - ok
05:48:03.0908 0x0b60 [ D76510CFA0FC09023077F22C2F979D86, 5662281C6D515423255D3C262EA368DBAFC250235E535FBFA3E59D3487695439 ] C:\Windows\System32\drivers\USBSTOR.SYS
05:48:03.0908 0x0b60 C:\Windows\System32\drivers\USBSTOR.SYS - ok
05:48:03.0908 0x0b60 [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829, 5D6E404FE0AB875202CA1A3E8E9D2F4368DF6ACCFA1C872ECFAF8399CBA3A485 ] C:\Windows\System32\drivers\usbccgp.sys
05:48:03.0908 0x0b60 C:\Windows\System32\drivers\usbccgp.sys - ok
05:48:03.0924 0x0b60 [ 8B0E40E7E8BBF5ACF390465609D89FF1, 856E12DB9F0CAEC575DDF04B2651B6EC484E98EAB3832FC18D342CF774A75231 ] C:\Windows\System32\drivers\hidclass.sys
05:48:03.0924 0x0b60 C:\Windows\System32\drivers\hidclass.sys - ok
05:48:03.0924 0x0b60 [ 49EE2E52E6CD03947DAD72F65367BE06, 933097B903B13767DD49192E7BF8EAABC5BADFDAF8B31B806AA65C533F24B686 ] C:\Windows\System32\drivers\hidparse.sys
05:48:03.0924 0x0b60 C:\Windows\System32\drivers\hidparse.sys - ok
05:48:03.0924 0x0b60 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] C:\Windows\System32\drivers\hidusb.sys
05:48:03.0924 0x0b60 C:\Windows\System32\drivers\hidusb.sys - ok
05:48:03.0924 0x0b60 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] C:\Windows\System32\drivers\kbdhid.sys
05:48:03.0924 0x0b60 C:\Windows\System32\drivers\kbdhid.sys - ok
05:48:03.0939 0x0b60 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] C:\Windows\System32\drivers\mouhid.sys
05:48:03.0939 0x0b60 C:\Windows\System32\drivers\mouhid.sys - ok
05:48:03.0939 0x0b60 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] C:\Windows\System32\drivers\monitor.sys
05:48:03.0939 0x0b60 C:\Windows\System32\drivers\monitor.sys - ok
05:48:03.0939 0x0b60 [ F29FE765E1448EF371CFE05BFAC74ADB, F251581222D78543272FD4B14A6A59F4B0E0CC44A5FCBCF56DE4CA5783F78A75 ] C:\Windows\System32\tsddd.dll
05:48:03.0939 0x0b60 C:\Windows\System32\tsddd.dll - ok
05:48:03.0955 0x0b60 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\System32\sxssrv.dll
05:48:03.0955 0x0b60 C:\Windows\System32\sxssrv.dll - ok
05:48:03.0955 0x0b60 [ 94355C28C1970635A31B3FE52EB7CEBA, C4E98F07170CEC69CACDD5CEDB8927E48A2A299CB1B8CDA87526E768AF6174F0 ] C:\Windows\System32\wininit.exe
05:48:03.0955 0x0b60 C:\Windows\System32\wininit.exe - ok
05:48:03.0971 0x0b60 [ 78523A26F5604C0568FE9D1CE86E36F4, 534A7228BF69719106F581616A32EAEF0B770DDB36DCE94F84E7D52FDB1382B5 ] C:\Windows\System32\KBDUS.DLL
05:48:03.0971 0x0b60 C:\Windows\System32\KBDUS.DLL - ok
05:48:03.0971 0x0b60 [ 2C942733A5983DD4502219FF37C7EBC7, 34B20B6B0D7274E4B5B783F1D2345BC3DD9888964D5C2C65712F041A00CF5B45 ] C:\Windows\System32\profapi.dll
05:48:03.0971 0x0b60 C:\Windows\System32\profapi.dll - ok
05:48:03.0971 0x0b60 [ C2A8CB1275ECB85D246A9ECC02A728E3, 3603FADCA0060BD201148F9D59E4E2627F024609A6463AB525B5D1AD17BDCD10 ] C:\Windows\System32\RpcRtRemote.dll
05:48:03.0971 0x0b60 C:\Windows\System32\RpcRtRemote.dll - ok
05:48:03.0986 0x0b60 [ 05569A79BF4693670B709144382D02D4, 3B13C569EE4FBC63C6989A7A12A50DCCC945FAB26C6E659DEB0614640E8F40C3 ] C:\Windows\System32\cdd.dll
05:48:03.0986 0x0b60 C:\Windows\System32\cdd.dll - ok
05:48:03.0986 0x0b60 [ 9CEAD32E79A62150FE9F8557E58E008B, AFE4C1725EE94D7DE0749AE1495A4E5CC33C369F29B2A589DA66FFE27FF9777E ] C:\Windows\System32\sxs.dll
05:48:03.0986 0x0b60 C:\Windows\System32\sxs.dll - ok
05:48:03.0986 0x0b60 [ B26B1801356760841C3BC69F9F91537F, 83B9DF333E36C09E81D44E12AE5BE14650126FDA0CF4A0EA853BF40C5780EF81 ] C:\Windows\System32\WlS0WndH.dll
05:48:03.0986 0x0b60 C:\Windows\System32\WlS0WndH.dll - ok
05:48:03.0986 0x0b60 [ 784FA3DF338E2E8F5F0389D6FAC428AF, 9C8AA0CFDEB9E38AAF8EB08626070E0F0364F4F8A793CFE3532EC6C007980C34 ] C:\Windows\System32\cryptbase.dll
05:48:03.0986 0x0b60 C:\Windows\System32\cryptbase.dll - ok
05:48:04.0002 0x0b60 [ 90499F3163A9F815CF196A205EA3CD5D, 29B4ED3795CEC1177EB367132914CE21C194CDEC5DB9DC923FD928C85E94D821 ] C:\Windows\System32\apphelp.dll
05:48:04.0002 0x0b60 C:\Windows\System32\apphelp.dll - ok
05:48:04.0002 0x0b60 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] C:\Windows\System32\lsass.exe
05:48:04.0002 0x0b60 C:\Windows\System32\lsass.exe - ok
05:48:04.0017 0x0b60 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\System32\services.exe
05:48:04.0017 0x0b60 C:\Windows\System32\services.exe - ok
05:48:04.0017 0x0b60 [ B66BC8B20B7F33975865B1DF99783FD8, 7CB446AAA2F1232AAA0178F90CEA857015CC21A9A615601F7DBFB7130CD0858B ] C:\Windows\System32\sspicli.dll
05:48:04.0017 0x0b60 C:\Windows\System32\sspicli.dll - ok
05:48:04.0017 0x0b60 [ 9662EE182644511439F1C53745DC1C88, D205B2C163E78AB42A5D67D7664EF6B75EA0374FF0924467D624F9DB0611F0AD ] C:\Windows\System32\lsm.exe
05:48:04.0017 0x0b60 C:\Windows\System32\lsm.exe - ok
05:48:04.0033 0x0b60 [ E914A50A151DFFE63D3935226DB5E2C1, 7DCCE4060344E1C771679F1C20378A0BEB3C1F06DB684072F07B98921A62A299 ] C:\Windows\System32\scext.dll
05:48:04.0033 0x0b60 C:\Windows\System32\scext.dll - ok
05:48:04.0033 0x0b60 [ 0144D8D75A0B12938AEEE859E3310A46, C3FB240B62F736230BAC81DE8315C9236300474B189A599DBC6437AB341F166B ] C:\Windows\System32\secur32.dll
05:48:04.0033 0x0b60 C:\Windows\System32\secur32.dll - ok
05:48:04.0033 0x0b60 [ 3A0CE5FE781708CD6ABD55313607EC8B, D7B4137ABFED3A46304605A83C1E5012E7D1C811E5C74A9F20E359988EFCD7A9 ] C:\Windows\System32\sspisrv.dll
05:48:04.0033 0x0b60 C:\Windows\System32\sspisrv.dll - ok
05:48:04.0049 0x0b60 [ 68083118797CAF30FB2EA3E71494D67E, 5F1BCDFCB00A20CD60CBC70A2FD97405EF0F7173DD0E404BBA7B06D39DB37364 ] C:\Windows\System32\sysntfy.dll
05:48:04.0049 0x0b60 C:\Windows\System32\sysntfy.dll - ok
05:48:04.0049 0x0b60 [ DEE7267C5D232A3B816866872CE199E6, A1994FD37667C52E7CBF873514C190DA61A3D1349786D187BFAE0006F61799AE ] C:\Windows\System32\wmsgapi.dll
05:48:04.0049 0x0b60 C:\Windows\System32\wmsgapi.dll - ok
05:48:04.0049 0x0b60 [ BBCDF350817BA86416C0F06B6981BE8D, D064438F97852B9BD6015C8B19377C61C671E0969E09506B8359FE7B1F373A61 ] C:\Windows\System32\scesrv.dll
05:48:04.0049 0x0b60 C:\Windows\System32\scesrv.dll - ok
05:48:04.0064 0x0b60 [ 3A9C9BAF610B0DD4967086040B3B62A9, E8E9A0F42B1EE7806EDCEED08AA024D037215D06CA317E3678BD5364AD513D23 ] C:\Windows\System32\srvcli.dll
05:48:04.0064 0x0b60 C:\Windows\System32\srvcli.dll - ok
05:48:04.0064 0x0b60 [ 66A6063D0BAAD3F7B2B9868859E0743B, EEAABD90410864E2992E1A3AB2C29D0E8EF955AD49AF72A6A8EAA3D3AE9EE33E ] C:\Windows\System32\lsasrv.dll
05:48:04.0064 0x0b60 C:\Windows\System32\lsasrv.dll - ok
05:48:04.0064 0x0b60 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] C:\Windows\System32\aelupsvc.dll
05:48:04.0064 0x0b60 C:\Windows\System32\aelupsvc.dll - ok
05:48:04.0080 0x0b60 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] C:\Windows\System32\alg.exe
05:48:04.0080 0x0b60 C:\Windows\System32\alg.exe - ok
05:48:04.0080 0x0b60 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] C:\Windows\System32\appidsvc.dll
05:48:04.0080 0x0b60 C:\Windows\System32\appidsvc.dll - ok
05:48:04.0080 0x0b60 [ 3977D4A871CA0D4F2ED1E7DB46829731, 2AF1C3225994769C3FD25CD7E9603964B035576F25B0B6D91545566E0722FFAA ] C:\Windows\System32\appinfo.dll
05:48:04.0080 0x0b60 C:\Windows\System32\appinfo.dll - ok
05:48:04.0095 0x0b60 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] C:\Windows\System32\appmgmts.dll
05:48:04.0095 0x0b60 C:\Windows\System32\appmgmts.dll - ok
05:48:04.0095 0x0b60 [ 3D6AF45673C4B31CDECD7F80AF09D443, 7D711D138C107816155AFA5E5FDC6892734074BEFF604B5904177B5D9ACE4670 ] C:\Windows\System32\rascfg.dll
05:48:04.0095 0x0b60 C:\Windows\System32\rascfg.dll - ok
05:48:04.0095 0x0b60 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] C:\Windows\System32\audiosrv.dll
05:48:04.0095 0x0b60 C:\Windows\System32\audiosrv.dll - ok
05:48:04.0111 0x0b60 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] C:\Windows\System32\AxInstSv.dll
05:48:04.0111 0x0b60 C:\Windows\System32\AxInstSv.dll - ok
05:48:04.0111 0x0b60 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] C:\Windows\System32\bdesvc.dll
05:48:04.0111 0x0b60 C:\Windows\System32\bdesvc.dll - ok
05:48:04.0111 0x0b60 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] C:\Windows\System32\BFE.DLL
05:48:04.0111 0x0b60 C:\Windows\System32\BFE.DLL - ok
05:48:04.0127 0x0b60 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] C:\Windows\System32\qmgr.dll
05:48:04.0127 0x0b60 C:\Windows\System32\qmgr.dll - ok
05:48:04.0127 0x0b60 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] C:\Windows\System32\browser.dll
05:48:04.0127 0x0b60 C:\Windows\System32\browser.dll - ok
05:48:04.0127 0x0b60 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] C:\Windows\System32\bthserv.dll
05:48:04.0127 0x0b60 C:\Windows\System32\bthserv.dll - ok
05:48:04.0142 0x0b60 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] C:\Windows\System32\certprop.dll
05:48:04.0142 0x0b60 C:\Windows\System32\certprop.dll - ok
05:48:04.0142 0x0b60 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] C:\Windows\System32\clfs.sys
05:48:04.0142 0x0b60 C:\Windows\System32\clfs.sys - ok
05:48:04.0142 0x0b60 [ 1A47D52E303B7543E4E6026595B95422, C577CD3837546A7CED5D2E8E97FA2EDACA133B4A8595770EF96CAE519BFE280F ] C:\Windows\System32\comres.dll
05:48:04.0142 0x0b60 C:\Windows\System32\comres.dll - ok
05:48:04.0158 0x0b60 [ 9C01375BE382E834CC26D1B7EAF2C4FE, B1D1E36B91A3C3CD09428EE3403896F71390A2798323BB406B484D9DB064A219 ] C:\Windows\System32\cryptsvc.dll
05:48:04.0158 0x0b60 C:\Windows\System32\cryptsvc.dll - ok
05:48:04.0158 0x0b60 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] C:\Windows\System32\cscsvc.dll
05:48:04.0158 0x0b60 C:\Windows\System32\cscsvc.dll - ok
05:48:04.0158 0x0b60 [ 732E668096B1A37B7BFD4B9021E69A8E, D6302B8DAE374569AD49FE2FC40AA5F485E5D9DD50167F9395D282B5D3EF8F0B ] C:\Windows\System32\oleres.dll
05:48:04.0158 0x0b60 C:\Windows\System32\oleres.dll - ok
05:48:04.0173 0x0b60 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] C:\Windows\System32\defragsvc.dll
05:48:04.0173 0x0b60 C:\Windows\System32\defragsvc.dll - ok
05:48:04.0173 0x0b60 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] C:\Windows\System32\dhcpcore.dll
05:48:04.0173 0x0b60 C:\Windows\System32\dhcpcore.dll - ok
05:48:04.0173 0x0b60 [ 1151B1BAA6F350B1DB6598E0FEA7C457, B1506E0A7E826EFF0F5252EF5026070C46E2235438403A9A24D73EE69C0B8A49 ] C:\Windows\System32\winlogon.exe
05:48:04.0173 0x0b60 C:\Windows\System32\winlogon.exe - ok
05:48:04.0189 0x0b60 [ 0D9764D58C5EFD672B7184854B152E5E, 9827B43DABBEC39AB2E2294408D9C5304EF27A684903C5234C6070387723D49E ] C:\Windows\System32\winsta.dll
05:48:04.0189 0x0b60 C:\Windows\System32\winsta.dll - ok
05:48:04.0189 0x0b60 [ A744BA6E04C8AA4592818178DBF89521, 9E7C85D842DF16F9B8FED7B06AF309B5ECCBFD465F5552347D4C3F1FEFDC6F7A ] C:\Windows\System32\samsrv.dll
05:48:04.0189 0x0b60 C:\Windows\System32\samsrv.dll - ok
05:48:04.0189 0x0b60 [ 3A061472B38233BAFF9CFEFF2E49C46B, DF29B14C8D22A8A16AA336A09A6152E2C7FCA6CAF4E76F0C5DCB55BEF9D00515 ] C:\Windows\System32\cryptdll.dll
05:48:04.0189 0x0b60 C:\Windows\System32\cryptdll.dll - ok
05:48:04.0205 0x0b60 [ 3C073B0C596A0AF84933E7406766B040, 4698BBA678F553E15AD4B07AD7FB236281F872DEFEE97BFD637114476C8F97B3 ] C:\Windows\System32\wevtapi.dll
05:48:04.0205 0x0b60 C:\Windows\System32\wevtapi.dll - ok
05:48:04.0205 0x0b60 [ 7FBEBD2229EA5FD48D41B199EC2D541C, A465975D445A8D50CAF3EF29BD33354B320D11173C127BE30D5EBBFF7008CDCE ] C:\Windows\System32\authz.dll
05:48:04.0205 0x0b60 C:\Windows\System32\authz.dll - ok
05:48:04.0205 0x0b60 [ 86FE1B1F8FD42CD0DB641AB1CDB13093, 8C4BB4415105CE82FFFE658879EAE9D259A24C0F6DFC7D25507352DC99241BE2 ] C:\Windows\System32\cngaudit.dll
05:48:04.0205 0x0b60 C:\Windows\System32\cngaudit.dll - ok
05:48:04.0220 0x0b60 [ B9A95365E52F421A20E1501935FADDA5, DDB4CB575139233EFAF2C59B7E9B04AF36BBCCC63190181F3B2A7E6BFC86E77E ] C:\Windows\System32\bcrypt.dll
05:48:04.0220 0x0b60 C:\Windows\System32\bcrypt.dll - ok
05:48:04.0220 0x0b60 [ 5F3307352216618221A17CFEF273EEE2, 8EE55E9869FAF89EFDCADDDA74E9CAA072330CEF96C9DA2B8F8093FE5DAA5837 ] C:\Windows\System32\ncrypt.dll
05:48:04.0220 0x0b60 C:\Windows\System32\ncrypt.dll - ok
05:48:04.0220 0x0b60 [ 02B64609F865A39365FF88580DF11738, 2F676B93898E1B6131AF6227BB7AB731EB9C29477F9BD4C2C60F0FC1E35CD968 ] C:\Windows\System32\msprivs.dll
05:48:04.0220 0x0b60 C:\Windows\System32\msprivs.dll - ok
05:48:04.0236 0x0b60 [ C6505DE3561537BA1004D638C2F93F2F, 3E4FDF374B1A9E43A8F61FD2D79E0515390ECABFDAF72C4BD44A7B6429039AF6 ] C:\Windows\System32\netjoin.dll
05:48:04.0236 0x0b60 C:\Windows\System32\netjoin.dll - ok
05:48:04.0236 0x0b60 [ 50532FCD7ECF02DD169CE5C485F02534, 8EE5D9D0EA53DC72BCC300692E521ACADD56AB09BFA3E78149D8B5A90648512C ] C:\Windows\System32\negoexts.dll
05:48:04.0236 0x0b60 C:\Windows\System32\negoexts.dll - ok
05:48:04.0236 0x0b60 [ 44E1A196DFCB53B01FE4B855C3B56A15, EDC31276EC325B642D07EE79F6E9021CBB7F8AFC32F9A408C91844175BF6B6E2 ] C:\Windows\System32\kerberos.dll
05:48:04.0236 0x0b60 C:\Windows\System32\kerberos.dll - ok
05:48:04.0251 0x0b60 [ D0C2FBB6D97416B0166478FC7AE2B212, 7EAB6C37F0A845E645CA44CC060AC6C56E386C7EF7A64716C6786C9602AD8C9D ] C:\Windows\System32\cryptsp.dll
05:48:04.0251 0x0b60 C:\Windows\System32\cryptsp.dll - ok
05:48:04.0251 0x0b60 [ 1D5185A4C7E6695431AE4B55C3D7D333, 16F3906C54F1D71559836FDFCF4E83E7C9F454463D78FD577AD2D7022E0BCB51 ] C:\Windows\System32\mswsock.dll
05:48:04.0251 0x0b60 C:\Windows\System32\mswsock.dll - ok
05:48:04.0251 0x0b60 [ EC7CBFF96B05ECF3D366355B3C64ADCF, F69ED45EBEDCA9CF000AC03281F0EC2C351F98513FBA90E63394E4E561D6C7A2 ] C:\Windows\System32\wship6.dll
05:48:04.0251 0x0b60 C:\Windows\System32\wship6.dll - ok
05:48:04.0267 0x0b60 [ EF12B8385AA2849999008A977918F96B, ADEF9F5D2B0C2A30CB1B395C774E7FE75437135A09D3D4E6F97EE8656CE139B4 ] C:\Windows\System32\msv1_0.dll
05:48:04.0267 0x0b60 C:\Windows\System32\msv1_0.dll - ok
05:48:04.0267 0x0b60 [ AA339DD8BB128EF66660DFBBB59043D3, 76D9F849AFDDA38E04549EB67B4163478776F1B6EF46434168278F84FEB8FC5C ] C:\Windows\System32\netlogon.dll
05:48:04.0267 0x0b60 C:\Windows\System32\netlogon.dll - ok
05:48:04.0267 0x0b60 [ 492D07D79E7024CA310867B526D9636D, F2FE647AB85C6C3C1AA3DF4BCE6E4D42B9676C9D837E11388C235AE8DB20044F ] C:\Windows\System32\dnsapi.dll
05:48:04.0267 0x0b60 C:\Windows\System32\dnsapi.dll - ok
05:48:04.0283 0x0b60 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] C:\Windows\System32\dot3svc.dll
05:48:04.0283 0x0b60 C:\Windows\System32\dot3svc.dll - ok
05:48:04.0283 0x0b60 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] C:\Windows\System32\dps.dll
05:48:04.0283 0x0b60 C:\Windows\System32\dps.dll - ok
05:48:04.0283 0x0b60 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] C:\Windows\System32\eapsvc.dll
05:48:04.0283 0x0b60 C:\Windows\System32\eapsvc.dll - ok
05:48:04.0283 0x0b60 [ 0C043B0ABBB5E14E68906AB80365395B, A57A6FAF713EA4F46566A941DE7C2273ED4EB50F9E30B70276E810873AF6900B ] C:\Windows\System32\efssvc.dll
05:48:04.0283 0x0b60 C:\Windows\System32\efssvc.dll - ok
05:48:04.0298 0x0b60 [ 6011714C8C5C55CBFFAD24D61E879FBD, 75D615082A1C71C6ED3ABB49EDAF660EE538D112CF79B9C8AF0A583D1CE1BBB0 ] C:\Windows\System32\wevtsvc.dll
05:48:04.0298 0x0b60 C:\Windows\System32\wevtsvc.dll - ok
05:48:04.0298 0x0b60 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] C:\Windows\System32\fdPHost.dll
05:48:04.0298 0x0b60 C:\Windows\System32\fdPHost.dll - ok
05:48:04.0298 0x0b60 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] C:\Windows\System32\drivers\fileinfo.sys
05:48:04.0314 0x0b60 C:\Windows\System32\drivers\fileinfo.sys - ok
05:48:04.0314 0x0b60 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] C:\Windows\System32\FDResPub.dll
05:48:04.0314 0x0b60 C:\Windows\System32\FDResPub.dll - ok
05:48:04.0314 0x0b60 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] C:\Windows\System32\drivers\filetrace.sys
05:48:04.0314 0x0b60 C:\Windows\System32\drivers\filetrace.sys - ok
05:48:04.0314 0x0b60 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] C:\Windows\System32\drivers\fltMgr.sys
05:48:04.0314 0x0b60 C:\Windows\System32\drivers\fltMgr.sys - ok
05:48:04.0329 0x0b60 [ 5C4CB4086FB83115B153E47ADD961A0C, 0C3AB7D04BEB3A8FDE00B0C86E6FE064B1CEBB3E4DE1A29CD27830806FA300B3 ] C:\Windows\System32\FntCache.dll
05:48:04.0329 0x0b60 C:\Windows\System32\FntCache.dll - ok
05:48:04.0329 0x0b60 [ 8A1846C0817513AD18BA48B4427771FC, 58874A2B24B685DCB14CE0430846210A76C8D8CBFBF0171B145BC15E502C12A0 ] C:\Windows\System32\PresentationHost.exe
05:48:04.0329 0x0b60 C:\Windows\System32\PresentationHost.exe - ok
05:48:04.0329 0x0b60 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] C:\Windows\System32\drivers\fsdepends.sys
05:48:04.0329 0x0b60 C:\Windows\System32\drivers\fsdepends.sys - ok
05:48:04.0345 0x0b60 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] C:\Windows\System32\drivers\fvevol.sys
05:48:04.0345 0x0b60 C:\Windows\System32\drivers\fvevol.sys - ok
05:48:04.0345 0x0b60 [ 8FFE297B8449386E7B6851458B6E474E, E149B37E11091D69D926242517E5655596594A6F01FEF06EB65D6BA5B354E326 ] C:\Windows\System32\logoncli.dll
05:48:04.0345 0x0b60 C:\Windows\System32\logoncli.dll - ok
05:48:04.0361 0x0b60 [ 1573C45E65DE32B1BC3572634F8F1E8E, 8B3D9636470ADCEEEAA83E69033487E270AB1AE58F4D44BB4B024B95F59C3CC9 ] C:\Windows\System32\schannel.dll
05:48:04.0361 0x0b60 C:\Windows\System32\schannel.dll - ok
05:48:04.0361 0x0b60 [ 95FB6CA4374E343DDD653FCC43F9D26B, 911A240F9C1DD155C2B1CD85FE4A8044EB2816AF166CD8CB66EEB905CA352881 ] C:\Windows\System32\wdigest.dll
05:48:04.0361 0x0b60 C:\Windows\System32\wdigest.dll - ok
05:48:04.0361 0x0b60 [ 5D8874A8C11DDDDE29E12DE0E2013493, 3E9A57137BF622AF83E3E4D58971E2C0200559CCA7545D16CF263AA03EE9C7D2 ] C:\Windows\System32\rsaenh.dll
05:48:04.0361 0x0b60 C:\Windows\System32\rsaenh.dll - ok
05:48:04.0361 0x0b60 [ 8A25506B6948EFBD5A7F37E53CCD36D9, 2A20562ED33ABD1D15C7BE9F4F1E623E3604BCC0F7214D067CD8C3D16B9EC6A7 ] C:\Windows\System32\TSpkg.dll
05:48:04.0361 0x0b60 C:\Windows\System32\TSpkg.dll - ok
05:48:04.0376 0x0b60 [ E08088A97F95345E181C3DFCE2C615EF, DEF3B087DF5E10E4F8418029DB6E82546E62FEFA39694B7BD6A48CE8AAFD1B96 ] C:\Windows\System32\pku2u.dll
05:48:04.0376 0x0b60 C:\Windows\System32\pku2u.dll - ok
05:48:04.0376 0x0b60 [ D6C7780A364C6BBACFA796BAB9F1B374, 3B5ED1A030BFD0BB73D4FFCD67A6A0B8501EF70293F223EFAA12F430ADF270F9 ] C:\Windows\System32\bcryptprimitives.dll
05:48:04.0376 0x0b60 C:\Windows\System32\bcryptprimitives.dll - ok
05:48:04.0376 0x0b60 [ 90BDEFC5DF334E5100EAA781D798DE1A, F48B650D811B6D57D2252E326C0C9CC74534BE9D510E7D3403F91D1C5C36281E ] C:\Windows\System32\efslsaext.dll
05:48:04.0376 0x0b60 C:\Windows\System32\efslsaext.dll - ok
05:48:04.0392 0x0b60 [ 52D3D5E3586988D4D9E34ACAAC33105C, C61B60BA962B25B8334F0941C3535EA4ACA1CC060B8A196E396CA3E11CEEF8A1 ] C:\Windows\System32\credssp.dll
05:48:04.0392 0x0b60 C:\Windows\System32\credssp.dll - ok
05:48:04.0392 0x0b60 [ ED78427259134C63ED69804D2132B86C, F6F51B8B35881ABCA5580ED111AAC80E466E6474ABAE31EC8BE46C23EDCA77B2 ] C:\Windows\System32\scecli.dll
05:48:04.0392 0x0b60 C:\Windows\System32\scecli.dll - ok
05:48:04.0392 0x0b60 [ 9C9307C95671AC962F3D6EB3A4A89BAE, D1433791C9B8BCEEAD8937EC18D33E89E4E2012B5975228A8500FD141BC30078 ] C:\Windows\System32\gpapi.dll
05:48:04.0392 0x0b60 C:\Windows\System32\gpapi.dll - ok
05:48:04.0407 0x0b60 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] C:\Windows\System32\hidserv.dll
05:48:04.0407 0x0b60 C:\Windows\System32\hidserv.dll - ok
05:48:04.0407 0x0b60 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] C:\Windows\System32\KMSVC.DLL
05:48:04.0407 0x0b60 C:\Windows\System32\KMSVC.DLL - ok
05:48:04.0407 0x0b60 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] C:\Windows\System32\ListSvc.dll
05:48:04.0407 0x0b60 C:\Windows\System32\ListSvc.dll - ok
05:48:04.0423 0x0b60 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] C:\Windows\System32\provsvc.dll
05:48:04.0423 0x0b60 C:\Windows\System32\provsvc.dll - ok
05:48:04.0423 0x0b60 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] C:\Windows\System32\drivers\http.sys
05:48:04.0423 0x0b60 C:\Windows\System32\drivers\http.sys - ok
05:48:04.0423 0x0b60 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] C:\Windows\System32\drivers\hwpolicy.sys
05:48:04.0423 0x0b60 C:\Windows\System32\drivers\hwpolicy.sys - ok
05:48:04.0439 0x0b60 [ B9E2DAF71E44626011D70B4889171504, 1A776CC04F8725397318B671B3007AFDB66A573992EF82AE10875B421DF2C3AA ] C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
05:48:04.0439 0x0b60 C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok
05:48:04.0439 0x0b60 [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] C:\Windows\System32\IKEEXT.DLL
05:48:04.0439 0x0b60 C:\Windows\System32\IKEEXT.DLL - ok
05:48:04.0454 0x0b60 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] C:\Windows\System32\IPBusEnum.dll
05:48:04.0454 0x0b60 C:\Windows\System32\IPBusEnum.dll - ok
05:48:04.0454 0x0b60 [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] C:\Windows\System32\iphlpsvc.dll
05:48:04.0454 0x0b60 C:\Windows\System32\iphlpsvc.dll - ok
05:48:04.0454 0x0b60 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] C:\Windows\System32\drivers\irenum.sys
05:48:04.0454 0x0b60 C:\Windows\System32\drivers\irenum.sys - ok
05:48:04.0470 0x0b60 [ F9EC845C5EECF20E9A67F9F805F2EF1F, C3DBA8CF93DBF50954B1BF6D7EF3F6F5DD1A56DC62B7EB2749C54D9B65D9BB43 ] C:\Windows\System32\keyiso.dll
05:48:04.0470 0x0b60 C:\Windows\System32\keyiso.dll - ok
05:48:04.0470 0x0b60 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] C:\Windows\System32\srvsvc.dll
05:48:04.0470 0x0b60 C:\Windows\System32\srvsvc.dll - ok
05:48:04.0470 0x0b60 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] C:\Windows\System32\wkssvc.dll
05:48:04.0470 0x0b60 C:\Windows\System32\wkssvc.dll - ok
05:48:04.0485 0x0b60 [ 7A757C41C3879CD34BDE15F0563C0CE2, E1D33EB03EFB2FC2CDB1EBECD644FF5E64EFB8143A54D21CB1B51D15E7BE20BC ] C:\Windows\System32\lltdres.dll
05:48:04.0485 0x0b60 C:\Windows\System32\lltdres.dll - ok
05:48:04.0485 0x0b60 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] C:\Windows\System32\lmhsvc.dll
05:48:04.0485 0x0b60 C:\Windows\System32\lmhsvc.dll - ok
05:48:04.0485 0x0b60 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] C:\Windows\System32\drivers\luafv.sys
05:48:04.0485 0x0b60 C:\Windows\System32\drivers\luafv.sys - ok
05:48:04.0501 0x0b60 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] C:\Windows\System32\mmcss.dll
05:48:04.0501 0x0b60 C:\Windows\System32\mmcss.dll - ok
05:48:04.0501 0x0b60 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] C:\Windows\System32\drivers\mountmgr.sys
05:48:04.0501 0x0b60 C:\Windows\System32\drivers\mountmgr.sys - ok
05:48:04.0501 0x0b60 [ 9AD9E06F8656F296D91FAE8EE5B95A27, 53384747D5864D699BCC4F48E0A5E656430EDAA65DCDAB4B11EA68FC7106459E ] C:\Windows\System32\FirewallAPI.dll
05:48:04.0501 0x0b60 C:\Windows\System32\FirewallAPI.dll - ok
05:48:04.0517 0x0b60 [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] C:\Windows\System32\WebClnt.dll
05:48:04.0517 0x0b60 C:\Windows\System32\WebClnt.dll - ok
05:48:04.0517 0x0b60 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] C:\Windows\System32\drivers\mshidkmdf.sys
05:48:04.0517 0x0b60 C:\Windows\System32\drivers\mshidkmdf.sys - ok
05:48:04.0532 0x0b60 [ E11E3F3BBEFDC5C0C160BE13B65E25E4, 0F734B174273DAF0E691C336E112C12259B4A74054886206656B0B065CB1A229 ] C:\Windows\System32\iscsidsc.dll
05:48:04.0532 0x0b60 C:\Windows\System32\iscsidsc.dll - ok
05:48:04.0532 0x0b60 [ 8EE1C893C50D1C02D4675978BAC756BA, AFA6E61B5C7784086BE546277331DFC08B4D43B6F68AA388B24681AD912C78A5 ] C:\Windows\System32\msimsg.dll
05:48:04.0532 0x0b60 C:\Windows\System32\msimsg.dll - ok
05:48:04.0532 0x0b60 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] C:\Windows\System32\drivers\mup.sys
05:48:04.0532 0x0b60 C:\Windows\System32\drivers\mup.sys - ok
05:48:04.0548 0x0b60 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] C:\Windows\System32\QAGENTRT.DLL
05:48:04.0548 0x0b60 C:\Windows\System32\QAGENTRT.DLL - ok
05:48:04.0548 0x0b60 [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] C:\Windows\System32\drivers\ndis.sys
05:48:04.0548 0x0b60 C:\Windows\System32\drivers\ndis.sys - ok
05:48:04.0548 0x0b60 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] C:\Windows\System32\netman.dll
05:48:04.0548 0x0b60 C:\Windows\System32\netman.dll - ok
05:48:04.0563 0x0b60 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] C:\Windows\System32\netprofm.dll
05:48:04.0563 0x0b60 C:\Windows\System32\netprofm.dll - ok
05:48:04.0563 0x0b60 [ 6CCB62D4A9764C6410D34DFCF082ADD6, 13C57E4BE590619F02085C9305F8F87246A0AB9B722116E36E93E13E2A55FAB7 ] C:\Program Files\Microsoft Security Client\MpAsDesc.dll
05:48:04.0563 0x0b60 C:\Program Files\Microsoft Security Client\MpAsDesc.dll - ok
05:48:04.0563 0x0b60 [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] C:\Windows\System32\nlasvc.dll
05:48:04.0563 0x0b60 C:\Windows\System32\nlasvc.dll - ok
05:48:04.0579 0x0b60 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] C:\Windows\System32\nsisvc.dll
05:48:04.0579 0x0b60 C:\Windows\System32\nsisvc.dll - ok
05:48:04.0579 0x0b60 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] C:\Windows\System32\pnrpsvc.dll
05:48:04.0579 0x0b60 C:\Windows\System32\pnrpsvc.dll - ok
05:48:04.0579 0x0b60 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] C:\Windows\System32\p2psvc.dll
05:48:04.0579 0x0b60 C:\Windows\System32\p2psvc.dll - ok
05:48:04.0595 0x0b60 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] C:\Windows\System32\drivers\partmgr.sys
05:48:04.0595 0x0b60 C:\Windows\System32\drivers\partmgr.sys - ok
05:48:04.0595 0x0b60 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] C:\Windows\System32\pcasvc.dll
05:48:04.0595 0x0b60 C:\Windows\System32\pcasvc.dll - ok
05:48:04.0595 0x0b60 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] C:\Windows\System32\PeerDistSvc.dll
05:48:04.0595 0x0b60 C:\Windows\System32\PeerDistSvc.dll - ok
05:48:04.0610 0x0b60 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] C:\Windows\System32\pla.dll
05:48:04.0610 0x0b60 C:\Windows\System32\pla.dll - ok
05:48:04.0610 0x0b60 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] C:\Windows\System32\umpnpmgr.dll
05:48:04.0610 0x0b60 C:\Windows\System32\umpnpmgr.dll - ok
05:48:04.0610 0x0b60 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] C:\Windows\System32\pnrpauto.dll
05:48:04.0610 0x0b60 C:\Windows\System32\pnrpauto.dll - ok
05:48:04.0626 0x0b60 [ 8DEC9C6DD13C4B3B62CD8D5A0FEF1650, 64D581B5F68821B9FCBC656B9C3B04F047EDFE4D2905B1926017A60C740D645A ] C:\Windows\System32\polstore.dll
05:48:04.0626 0x0b60 C:\Windows\System32\polstore.dll - ok
05:48:04.0626 0x0b60 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] C:\Windows\System32\umpo.dll
05:48:04.0626 0x0b60 C:\Windows\System32\umpo.dll - ok
05:48:04.0626 0x0b60 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] C:\Windows\System32\profsvc.dll
05:48:04.0626 0x0b60 C:\Windows\System32\profsvc.dll - ok
05:48:04.0641 0x0b60 [ AB95FBAE4F9A5A56B177CEC427B2B35E, 59D7C2A5097F83E8D07CAAFCF9C6F9C6849AF24C28047FD4D4D6B5673EE8D089 ] C:\Windows\System32\psbase.dll
05:48:04.0641 0x0b60 C:\Windows\System32\psbase.dll - ok
05:48:04.0641 0x0b60 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] C:\Windows\System32\qwave.dll
05:48:04.0641 0x0b60 C:\Windows\System32\qwave.dll - ok
05:48:04.0641 0x0b60 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] C:\Windows\System32\drivers\qwavedrv.sys
05:48:04.0641 0x0b60 C:\Windows\System32\drivers\qwavedrv.sys - ok
05:48:04.0657 0x0b60 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] C:\Windows\System32\rasauto.dll
05:48:04.0657 0x0b60 C:\Windows\System32\rasauto.dll - ok
05:48:04.0657 0x0b60 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] C:\Windows\System32\rasmans.dll
05:48:04.0657 0x0b60 C:\Windows\System32\rasmans.dll - ok
05:48:04.0673 0x0b60 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] C:\Windows\System32\sstpsvc.dll
05:48:04.0673 0x0b60 C:\Windows\System32\sstpsvc.dll - ok
05:48:04.0688 0x0b60 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] C:\Windows\System32\mprdim.dll
05:48:04.0688 0x0b60 C:\Windows\System32\mprdim.dll - ok
05:48:04.0688 0x0b60 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] C:\Windows\System32\regsvc.dll
05:48:04.0688 0x0b60 C:\Windows\System32\regsvc.dll - ok
05:48:04.0688 0x0b60 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] C:\Windows\System32\RpcEpMap.dll
05:48:04.0688 0x0b60 C:\Windows\System32\RpcEpMap.dll - ok
05:48:04.0704 0x0b60 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] C:\Windows\System32\Locator.exe
05:48:04.0704 0x0b60 C:\Windows\System32\Locator.exe - ok
05:48:04.0704 0x0b60 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] C:\Windows\System32\SCardSvr.dll
05:48:04.0704 0x0b60 C:\Windows\System32\SCardSvr.dll - ok
05:48:04.0704 0x0b60 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] C:\Windows\System32\drivers\scfilter.sys
05:48:04.0704 0x0b60 C:\Windows\System32\drivers\scfilter.sys - ok
05:48:04.0719 0x0b60 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] C:\Windows\System32\schedsvc.dll
05:48:04.0719 0x0b60 C:\Windows\System32\schedsvc.dll - ok
05:48:04.0719 0x0b60 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] C:\Windows\System32\sdrsvc.dll
05:48:04.0719 0x0b60 C:\Windows\System32\sdrsvc.dll - ok
05:48:04.0719 0x0b60 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] C:\Windows\System32\seclogon.dll
05:48:04.0719 0x0b60 C:\Windows\System32\seclogon.dll - ok
05:48:04.0735 0x0b60 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] C:\Windows\System32\Sens.dll
05:48:04.0735 0x0b60 C:\Windows\System32\Sens.dll - ok
05:48:04.0735 0x0b60 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] C:\Windows\System32\sensrsvc.dll
05:48:04.0735 0x0b60 C:\Windows\System32\sensrsvc.dll - ok
05:48:04.0735 0x0b60 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] C:\Windows\System32\SessEnv.dll
05:48:04.0735 0x0b60 C:\Windows\System32\SessEnv.dll - ok
05:48:04.0751 0x0b60 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] C:\Windows\System32\ipnathlp.dll
05:48:04.0751 0x0b60 C:\Windows\System32\ipnathlp.dll - ok
05:48:04.0751 0x0b60 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] C:\Windows\System32\shsvcs.dll
05:48:04.0751 0x0b60 C:\Windows\System32\shsvcs.dll - ok
05:48:04.0751 0x0b60 [ 55DE45B116711881C852D2841E4C84DD, 18E5021530BB44042C85087BAE4FEDA633E01CDCBA09C90A5941B74C75133A35 ] C:\Windows\System32\tcpipcfg.dll
05:48:04.0751 0x0b60 C:\Windows\System32\tcpipcfg.dll - ok
05:48:04.0766 0x0b60 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] C:\Windows\System32\snmptrap.exe
05:48:04.0766 0x0b60 C:\Windows\System32\snmptrap.exe - ok
05:48:04.0766 0x0b60 [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] C:\Windows\System32\spoolsv.exe
05:48:04.0766 0x0b60 C:\Windows\System32\spoolsv.exe - ok
05:48:04.0766 0x0b60 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] C:\Windows\System32\sppsvc.exe
05:48:04.0766 0x0b60 C:\Windows\System32\sppsvc.exe - ok
05:48:04.0782 0x0b60 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] C:\Windows\System32\sppuinotify.dll
05:48:04.0782 0x0b60 C:\Windows\System32\sppuinotify.dll - ok
05:48:04.0782 0x0b60 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] C:\Windows\System32\ssdpsrv.dll
05:48:04.0782 0x0b60 C:\Windows\System32\ssdpsrv.dll - ok
05:48:04.0797 0x0b60 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] C:\Windows\System32\wiaservc.dll
05:48:04.0797 0x0b60 C:\Windows\System32\wiaservc.dll - ok
05:48:04.0797 0x0b60 [ D289D2E949609B696161039C3D86FFE9, 724D7B25103946B84B4AD6742253283AF8AA9AA234D38F144A1DC02F2FB4C66B ] C:\Windows\System32\vmstorfltres.dll
05:48:04.0797 0x0b60 C:\Windows\System32\vmstorfltres.dll - ok
05:48:04.0797 0x0b60 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] C:\Windows\System32\swprv.dll
05:48:04.0797 0x0b60 C:\Windows\System32\swprv.dll - ok
05:48:04.0813 0x0b60 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] C:\Windows\System32\sysmain.dll
05:48:04.0813 0x0b60 C:\Windows\System32\sysmain.dll - ok
05:48:04.0813 0x0b60 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] C:\Windows\System32\TabSvc.dll
05:48:04.0813 0x0b60 C:\Windows\System32\TabSvc.dll - ok
05:48:04.0813 0x0b60 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] C:\Windows\System32\tapisrv.dll
05:48:04.0813 0x0b60 C:\Windows\System32\tapisrv.dll - ok
05:48:04.0829 0x0b60 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] C:\Windows\System32\tbssvc.dll
05:48:04.0829 0x0b60 C:\Windows\System32\tbssvc.dll - ok
05:48:04.0829 0x0b60 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] C:\Windows\System32\termsrv.dll
05:48:04.0829 0x0b60 C:\Windows\System32\termsrv.dll - ok
05:48:04.0829 0x0b60 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] C:\Windows\System32\themeservice.dll
05:48:04.0829 0x0b60 C:\Windows\System32\themeservice.dll - ok
05:48:04.0844 0x0b60 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] C:\Windows\System32\trkwks.dll
05:48:04.0844 0x0b60 C:\Windows\System32\trkwks.dll - ok
05:48:04.0844 0x0b60 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] C:\Windows\servicing\TrustedInstaller.exe
05:48:04.0844 0x0b60 C:\Windows\servicing\TrustedInstaller.exe - ok
05:48:04.0844 0x0b60 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30, CA302C2ED6A6BF4670BAAA4F5C14C0238CF0C80316856AA0DB053F4D593033AC ] C:\Windows\System32\drivers\tssecsrv.sys
05:48:04.0844 0x0b60 C:\Windows\System32\drivers\tssecsrv.sys - ok
05:48:04.0860 0x0b60 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] C:\Windows\System32\UI0Detect.exe
05:48:04.0860 0x0b60 C:\Windows\System32\UI0Detect.exe - ok
05:48:04.0860 0x0b60 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] C:\Windows\System32\umrdp.dll
05:48:04.0860 0x0b60 C:\Windows\System32\umrdp.dll - ok
05:48:04.0860 0x0b60 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] C:\Windows\System32\upnphost.dll
05:48:04.0860 0x0b60 C:\Windows\System32\upnphost.dll - ok
05:48:04.0875 0x0b60 [ F162D5F5E845B9DC352DD1BAD8CEF1BC, 8A7B7528DB30AB123B060D8E41954D95913C07BB40CDAE32E97F9EDB0BAF79C7 ] C:\Windows\System32\dwm.exe
05:48:04.0875 0x0b60 C:\Windows\System32\dwm.exe - ok
05:48:04.0875 0x0b60 [ 567BC1309E05FCFA680ADB6E02260736, 50F57C5D0B9C8096F615C2335F2F252A074014CBBDC7FFF56C0501A8CFB3FB81 ] C:\Windows\System32\vaultsvc.dll
05:48:04.0875 0x0b60 C:\Windows\System32\vaultsvc.dll - ok
05:48:04.0875 0x0b60 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] C:\Windows\System32\vds.exe
05:48:04.0875 0x0b60 C:\Windows\System32\vds.exe - ok
05:48:04.0891 0x0b60 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] C:\Windows\System32\drivers\volmgrx.sys
05:48:04.0891 0x0b60 C:\Windows\System32\drivers\volmgrx.sys - ok
05:48:04.0891 0x0b60 [ E48FCE3820487A9CDDD83BBABC6B962C, B6952A197B72AA9D9869AB2226E84A0DB87B33C185BCAFA33B0551115DD2A1C1 ] C:\Windows\System32\vmbusres.dll
05:48:04.0891 0x0b60 C:\Windows\System32\vmbusres.dll - ok
05:48:04.0891 0x0b60 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] C:\Windows\System32\VSSVC.exe
05:48:04.0891 0x0b60 C:\Windows\System32\VSSVC.exe - ok
05:48:04.0907 0x0b60 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] C:\Windows\System32\drivers\vwifibus.sys
05:48:04.0907 0x0b60 C:\Windows\System32\drivers\vwifibus.sys - ok
05:48:04.0907 0x0b60 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] C:\Windows\System32\w32time.dll
05:48:04.0907 0x0b60 C:\Windows\System32\w32time.dll - ok
05:48:04.0907 0x0b60 [ 05E9265E2228799B68DC0F58A94E1AB8, FDB235920A70B64D3AC4A69228985033A830A4B71BA8B779437A0F0FA5A3FB40 ] C:\Windows\System32\Wat\WatUX.exe
05:48:04.0907 0x0b60 C:\Windows\System32\Wat\WatUX.exe - ok
05:48:04.0922 0x0b60 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] C:\Windows\System32\wbengine.exe
05:48:04.0922 0x0b60 C:\Windows\System32\wbengine.exe - ok
05:48:04.0922 0x0b60 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] C:\Windows\System32\wbiosrvc.dll
05:48:04.0922 0x0b60 C:\Windows\System32\wbiosrvc.dll - ok
05:48:04.0922 0x0b60 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] C:\Windows\System32\wcncsvc.dll
05:48:04.0922 0x0b60 C:\Windows\System32\wcncsvc.dll - ok
05:48:04.0938 0x0b60 [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] C:\Windows\System32\drivers\Wdf01000.sys
05:48:04.0938 0x0b60 C:\Windows\System32\drivers\Wdf01000.sys - ok
05:48:04.0938 0x0b60 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] C:\Windows\System32\WcsPlugInService.dll
05:48:04.0938 0x0b60 C:\Windows\System32\WcsPlugInService.dll - ok
05:48:04.0938 0x0b60 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] C:\Windows\System32\wdi.dll
05:48:04.0938 0x0b60 C:\Windows\System32\wdi.dll - ok
05:48:04.0953 0x0b60 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] C:\Windows\System32\wecsvc.dll
05:48:04.0953 0x0b60 C:\Windows\System32\wecsvc.dll - ok
05:48:04.0969 0x0b60 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] C:\Windows\System32\wercplsupport.dll
05:48:04.0969 0x0b60 C:\Windows\System32\wercplsupport.dll - ok
05:48:04.0969 0x0b60 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] C:\Windows\System32\wersvc.dll
05:48:04.0969 0x0b60 C:\Windows\System32\wersvc.dll - ok
05:48:04.0985 0x0b60 [ 2DA738A0A6BEE483A5647A76695AF3B0, FD7929F5A3C7161E2C1A6F4D9E59D56F891D1A8966A26562E220D9B4B98B14BD ] C:\Program Files\Windows Defender\MsMpRes.dll
05:48:04.0985 0x0b60 C:\Program Files\Windows Defender\MsMpRes.dll - ok
05:48:04.0985 0x0b60 [ 58F4493BF748A3A89689997B7BD00E95, EC5DEEC73E357C7C87B001275C4E635011A9CF39419F2B86E2C2B8D7E388C551 ] C:\Windows\System32\winhttp.dll
05:48:04.0985 0x0b60 C:\Windows\System32\winhttp.dll - ok
05:48:05.0000 0x0b60 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] C:\Windows\System32\wbem\WMIsvc.dll
05:48:05.0000 0x0b60 C:\Windows\System32\wbem\WMIsvc.dll - ok
05:48:05.0000 0x0b60 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] C:\Windows\System32\WsmSvc.dll
05:48:05.0000 0x0b60 C:\Windows\System32\WsmSvc.dll - ok
05:48:05.0000 0x0b60 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] C:\Windows\System32\wlansvc.dll
05:48:05.0000 0x0b60 C:\Windows\System32\wlansvc.dll - ok
05:48:05.0016 0x0b60 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] C:\Windows\System32\wbem\WmiApSrv.exe
05:48:05.0016 0x0b60 C:\Windows\System32\wbem\WmiApSrv.exe - ok
05:48:05.0016 0x0b60 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] C:\Windows\System32\wpcsvc.dll
05:48:05.0016 0x0b60 C:\Windows\System32\wpcsvc.dll - ok
05:48:05.0016 0x0b60 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] C:\Windows\System32\wpdbusenum.dll
05:48:05.0016 0x0b60 C:\Windows\System32\wpdbusenum.dll - ok
05:48:05.0031 0x0b60 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] C:\Windows\System32\drivers\ws2ifsl.sys
05:48:05.0031 0x0b60 C:\Windows\System32\drivers\ws2ifsl.sys - ok
05:48:05.0031 0x0b60 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] C:\Windows\System32\wscsvc.dll
05:48:05.0031 0x0b60 C:\Windows\System32\wscsvc.dll - ok
05:48:05.0031 0x0b60 [ E0B340996A41C9A75DFA3B99BBA9C500, D029AD8ABBD2267B1E44DF5172B93C3F832B4C21F930F5512C24E800F5CE4F8B ] C:\Windows\System32\SearchIndexer.exe
05:48:05.0031 0x0b60 C:\Windows\System32\SearchIndexer.exe - ok
05:48:05.0047 0x0b60 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] C:\Windows\System32\wuaueng.dll
05:48:05.0047 0x0b60 C:\Windows\System32\wuaueng.dll - ok
05:48:05.0047 0x0b60 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] C:\Windows\System32\drivers\WUDFPf.sys
05:48:05.0047 0x0b60 C:\Windows\System32\drivers\WUDFPf.sys - ok
05:48:05.0047 0x0b60 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] C:\Windows\System32\WUDFSvc.dll
05:48:05.0047 0x0b60 C:\Windows\System32\WUDFSvc.dll - ok
05:48:05.0063 0x0b60 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] C:\Windows\System32\wwansvc.dll
05:48:05.0063 0x0b60 C:\Windows\System32\wwansvc.dll - ok
05:48:05.0063 0x0b60 [ 7CC7DF5B654DA579613F811D8C637E29, 70EAC059C1ED814810C75DBB9F4D188428CB942FFD8869D692158D384EB6BB35 ] C:\Windows\System32\ubpm.dll
05:48:05.0063 0x0b60 C:\Windows\System32\ubpm.dll - ok
05:48:05.0063 0x0b60 [ C78655BC80301D76ED4FEF1C1EA40A7D, 93B2ED4004ED5F7F3039DD7ECBD22C7E4E24B6373B4D9EF8D6E45A179B13A5E8 ] C:\Windows\System32\svchost.exe
05:48:05.0063 0x0b60 C:\Windows\System32\svchost.exe - ok
05:48:05.0078 0x0b60 [ E6EB44ABAAF1F330119F854856C53EBE, 77279972FFBFA984578DD4F17EB615F5D2D93590AF3A9FEFEFDB9128206C9887 ] C:\Windows\System32\SPInf.dll
05:48:05.0078 0x0b60 C:\Windows\System32\SPInf.dll - ok
05:48:05.0078 0x0b60 [ CD1B5AD07E5F7FEF30E055DCC9E96180, 63C58551F32B0B09377F64A6AE1FA81AF93B8A707A57A8C18722086906AD3046 ] C:\Windows\System32\devrtl.dll
05:48:05.0078 0x0b60 C:\Windows\System32\devrtl.dll - ok
05:48:05.0078 0x0b60 [ 7A17485DC7D8A7AC81321A42CD034519, 88D8705FA901793FC8C1CFD0175E49A6502BF0FC94A066BA573D2FD13AA5F04A ] C:\Windows\System32\userenv.dll
05:48:05.0078 0x0b60 C:\Windows\System32\userenv.dll - ok
05:48:05.0094 0x0b60 [ F6C011B46FAEEF33536B2E80F48B5CBE, BDD149D3D6F9F6C8F6F34C311219BE5618CEEFBC7D35E37473A47F1D5D015067 ] C:\Windows\System32\pcwum.dll
05:48:05.0094 0x0b60 C:\Windows\System32\pcwum.dll - ok
05:48:05.0094 0x0b60 [ 716175021BDA290504CE434273F666BC, FA18CA2D8A5F4335E051E2933147D3C1E7308F7D446E2AEB6596CDEF6E2AFC88 ] C:\Windows\System32\powrprof.dll
05:48:05.0094 0x0b60 C:\Windows\System32\powrprof.dll - ok
05:48:05.0094 0x0b60 [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] C:\Windows\System32\drivers\mbam.sys
05:48:05.0094 0x0b60 C:\Windows\System32\drivers\mbam.sys - ok
05:48:05.0109 0x0b60 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] C:\Windows\System32\rpcss.dll
05:48:05.0109 0x0b60 C:\Windows\System32\rpcss.dll - ok
05:48:05.0109 0x0b60 [ 16E964ABF6D1E0F0CC7822FCA9BA754D, 0E461387ACFD641DA22EE542A3C68AF5F7D3A7F967D974E3B198143D461ABE39 ] C:\Windows\System32\wshqos.dll
05:48:05.0109 0x0b60 C:\Windows\System32\wshqos.dll - ok
05:48:05.0109 0x0b60 [ 31559F3244C6BC00A52030CAA83B6B91, B2025742B5F0025ACE9821D5722DE3F997EEEAB21D2F381C9E307882DF422579 ] C:\Windows\System32\WSHTCPIP.DLL
05:48:05.0109 0x0b60 C:\Windows\System32\WSHTCPIP.DLL - ok
05:48:05.0125 0x0b60 [ 92A0FCE28889EE68552C0D9132096639, 796C1224CA13AD21BD317C6B001125D9759BE6776CBB00D9DB1D6D3D2997EF73 ] C:\Program Files\Microsoft Security Client\MpSvc.dll
05:48:05.0125 0x0b60 C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
05:48:05.0125 0x0b60 [ 89F2AEDC2788696702141AB82C3E7866, E166CBD8D3C708737C37172221945D8E56C25C2CC750889C3CE14AA2DE750F33 ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
05:48:05.0125 0x0b60 C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
05:48:05.0125 0x0b60 [ 94E026870A55AAEAFF7853C1754091E9, B2F5D5629D12BDFA98DBED3898368F37D9009C7531B6909C7285A2C11C9A0F93 ] C:\Windows\System32\version.dll
05:48:05.0125 0x0b60 C:\Windows\System32\version.dll - ok
05:48:05.0141 0x0b60 [ 715F03B4C7223349768013EA95D9E5B7, 09AB0535A54C2E2962F0FD06988D99060F8CECA39B07AC00A63204C773B95893 ] C:\Windows\System32\LogonUI.exe
05:48:05.0141 0x0b60 C:\Windows\System32\LogonUI.exe - ok
05:48:05.0141 0x0b60 [ 0BEE002C68E28CE6DA161DCF1376D7D7, 1D4EE0B9CE22D139478008D5591B8C9F027C235CBA601F95A96547CF98159D4B ] C:\Windows\System32\authui.dll
05:48:05.0141 0x0b60 C:\Windows\System32\authui.dll - ok
05:48:05.0141 0x0b60 [ BD3674BE7FC9D8D3732C83E8499576ED, E6716A5895D629263A4D21959F48840429AB6F4B55A5FA2663EE5E86C9CA2BF1 ] C:\Windows\System32\wtsapi32.dll
05:48:05.0141 0x0b60 C:\Windows\System32\wtsapi32.dll - ok
05:48:05.0156 0x0b60 [ F50B9765F2F4B4506F5EF86B888B4350, DBD78B89C51B10DD4F330CBB083FBB9CA63F23E8B5FC7EFD68945645969B58E2 ] C:\Program Files\Microsoft Security Client\MpClient.dll
05:48:05.0156 0x0b60 C:\Program Files\Microsoft Security Client\MpClient.dll - ok
05:48:05.0156 0x0b60 [ B3BFBD758506ECB50C5804AAA76318F9, 34E079A6AB2D41D1E0B3887B6AE31C43941061B7176FFF2801C3F465C2C89578 ] C:\Windows\System32\cryptui.dll
05:48:05.0156 0x0b60 C:\Windows\System32\cryptui.dll - ok
05:48:05.0156 0x0b60 [ 1F4492FE41767CDB8B89D17655847CDD, 184547FAC0C3D7148FAA3F601929A7089DE393BD19929A137DAD743331DD3F77 ] C:\Windows\System32\ntmarta.dll
05:48:05.0156 0x0b60 C:\Windows\System32\ntmarta.dll - ok
05:48:05.0172 0x0b60 [ 7FA8FDC2C2A27817FD0F624E78D3B50C, 7B63F6AA2CD6D4D07EA3C595B868B1A0749BB11620027A2BD9B935E3055481E4 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
05:48:05.0172 0x0b60 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
05:48:05.0172 0x0b60 [ 5B3EBFC3DA142324B388DDCC4465E1FF, 5D58642305311F9BC9B779C9598BFC4E7433B3EA58404BF1FF9466838A2328C7 ] C:\Windows\System32\samlib.dll
05:48:05.0172 0x0b60 C:\Windows\System32\samlib.dll - ok
05:48:05.0172 0x0b60 [ 4E9C2DB10F7E6AE91BF761139D4B745B, 8F63F78294F5585D599A114AF449DCC447CCB239D0F0B490BFE6B34A2146E730 ] C:\Windows\System32\shacct.dll
05:48:05.0172 0x0b60 C:\Windows\System32\shacct.dll - ok
05:48:05.0187 0x0b60 [ F06BB4E336EA57511FDBAFAFCC47DE62, BE43EC62548E9FF89A9495A1722E22DBB76EEC3764F86E64057B636F27D15765 ] C:\Windows\System32\propsys.dll
05:48:05.0187 0x0b60 C:\Windows\System32\propsys.dll - ok
05:48:05.0187 0x0b60 [ D29E998E8277666982B4F0303BF4E7AF, 4F19AB5DC173E278EBE45832F6CEAA40E2DF6A2EDDC81B2828122442FE5D376C ] C:\Windows\System32\uxtheme.dll
05:48:05.0187 0x0b60 C:\Windows\System32\uxtheme.dll - ok
05:48:05.0203 0x0b60 [ 179E8401224D557ECFF3695F2016EA5B, E2E54F1D5F8573CA036D837B045371A4E0BDAF6DB2CD3FFFF95C4064296E3A2D ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
05:48:05.0203 0x0b60 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
05:48:05.0203 0x0b60 [ 84B9BEE43277716291F9079E1CB03FF1, 44C3FC4F37BE0578DF62CA97C04C5A7E48A24628C02AFFE02FB956AFC1F4AB43 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
05:48:05.0203 0x0b60 C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
05:48:05.0203 0x0b60 [ 801F3E903818B49BA55D925211FB9584, FDFEFED29EF2B909AE998B1D2BD6DEBED9A035C8BDA78A4B8F4BFB8C0EEAAB68 ] C:\Program Files\Microsoft Security Client\MpCommu.dll
05:48:05.0203 0x0b60 C:\Program Files\Microsoft Security Client\MpCommu.dll - ok
05:48:05.0219 0x0b60 [ 3CB6A7286422C72C34DAB54A5DFF1A34, 98D21EFFF511E407336A226420701E82554DA01FA05661303836B6860D63749D ] C:\Windows\System32\dui70.dll
05:48:05.0219 0x0b60 C:\Windows\System32\dui70.dll - ok
05:48:05.0219 0x0b60 [ 603EBD34E216C5654A2D774EAC98D278, ACE0171BB780DB2C1B1A8BF6FA8CF51C529D7E09141FA504C7199AF764FD9A36 ] C:\Windows\System32\webio.dll
05:48:05.0219 0x0b60 C:\Windows\System32\webio.dll - ok
05:48:05.0219 0x0b60 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67, E957E4463D318A44BA5109EE3428624DE901C5FF2BA358986DF6C6F059DDBCC2 ] C:\Windows\System32\adtschema.dll
05:48:05.0219 0x0b60 C:\Windows\System32\adtschema.dll - ok
05:48:05.0234 0x0b60 [ 8CCDE014A4CDF84564E03ACE064CA753, DD663029B2EB7B12FDB00FCE403D8326141E540E3B9CE84CD5871473D3E2E2CF ] C:\Windows\System32\duser.dll
05:48:05.0234 0x0b60 C:\Windows\System32\duser.dll - ok
05:48:05.0234 0x0b60 [ 227E2C382A1E02F8D4965E664D3BBE43, 1CFF20A8BF87ACE4FA4935EBEED72BFB1A1FE902A754899E2F50798D67DF5642 ] C:\Windows\System32\MMDevAPI.dll
05:48:05.0234 0x0b60 C:\Windows\System32\MMDevAPI.dll - ok
05:48:05.0234 0x0b60 [ 78A1E65207484B7F8D3217507745F47C, 35F413ADB9D157F3666DD15DD58104D629CD9143198A1AB914B73A4A3C9903DD ] C:\Windows\System32\avrt.dll
05:48:05.0234 0x0b60 C:\Windows\System32\avrt.dll - ok
05:48:05.0250 0x0b60 [ D7F1EF374A90709B31591823B002F918, 05FD2837C9B03D14BB2A969C1AD77CAEF047D93DC5D0F6C2ACBF0888E8F7B359 ] C:\Windows\System32\SndVolSSO.dll
05:48:05.0250 0x0b60 C:\Windows\System32\SndVolSSO.dll - ok
05:48:05.0250 0x0b60 [ DE4BCD4F7BEA7E654812049B86B87837, 972CD913A072943AAFD20C81B05220854F4B2868ABFA927D3D903F0329737433 ] C:\Program Files\Microsoft Security Client\MpRTP.dll
05:48:05.0250 0x0b60 C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
05:48:05.0250 0x0b60 [ 8CBEA4AABFA48C69832B299E23607029, D8ACD3DE8E86D79A9DDF4BF3492C8F8D85B7F141C77516BBB3BE4BC035F4FCA4 ] C:\Program Files\Microsoft Security Client\MsMpLics.dll
05:48:05.0250 0x0b60 C:\Program Files\Microsoft Security Client\MsMpLics.dll - ok
05:48:05.0265 0x0b60 [ 9EB89625A82AC961F25E7C865947BF9A, 91DB9530CDE883DC60BE621AC4210ACD069631D9466E37411D9D6AEE587098D9 ] C:\Windows\System32\drivers\MpFilter.sys
05:48:05.0265 0x0b60 C:\Windows\System32\drivers\MpFilter.sys - ok
05:48:05.0265 0x0b60 [ DA1B7075260F3872585BFCDD668C648B, 3E10EF6E1A5C341B478322CB78A0AB7BFC70AD8023779B8B4542A7CB4CA756AB ] C:\Windows\System32\dwmapi.dll
05:48:05.0265 0x0b60 C:\Windows\System32\dwmapi.dll - ok
05:48:05.0265 0x0b60 [ F3D202F53A222D5F6944D459B73CF967, E9F1D48EB333D32331BCFD0348FE07BEE7D5352292E6020571DA395F596AFFE7 ] C:\Windows\System32\fltLib.dll
05:48:05.0265 0x0b60 C:\Windows\System32\fltLib.dll - ok
05:48:05.0281 0x0b60 [ 896F15A6434D93EDB42519D5E18E6B50, 9263F0CEC58D45EBE3FB9C3061FB9392C55A7933B84B4592E6EE13CFC86D5A50 ] C:\Windows\System32\hid.dll
05:48:05.0281 0x0b60 C:\Windows\System32\hid.dll - ok
05:48:05.0281 0x0b60 [ 50544D04AD845C43130B70212EC05CCD, B2E6B558DE7D273512226685FF53ED17C9B4BF81B739FBCA5D3FC82DF8D2BCF7 ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
05:48:05.0281 0x0b60 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
05:48:05.0281 0x0b60 [ 6F8B48F3D343E4B186AB6A9E302B7E16, 54DB52FC56509E61DF68BD251B3286E6CBE1A91D9BC4D950940A61FE2DA04DF8 ] C:\Windows\System32\xmllite.dll
05:48:05.0281 0x0b60 C:\Windows\System32\xmllite.dll - ok
05:48:05.0297 0x0b60 [ D5CCA1453B98A5801E6D5FF0FF89DC6C, 85F2C2480AAC31B6092187B431A562D79D4CFB1324F925C85055ABAB2483264B ] C:\Windows\System32\audiodg.exe
05:48:05.0297 0x0b60 C:\Windows\System32\audiodg.exe - ok
05:48:05.0297 0x0b60 [ 26B73A85855681500BCC25C7CD9FF5B1, 94D134A6AF53AD629A4505B8B0EA37F61BB43AF4DB71874E7E87853163A9282A ] C:\Windows\System32\WindowsCodecs.dll
05:48:05.0297 0x0b60 C:\Windows\System32\WindowsCodecs.dll - ok
05:48:05.0297 0x0b60 [ 159116B914ADA81E2C071E00C9183DED, CCFEEC40FB6602BB9256C8CAB051589BD298CC8CD8100CD052E75D156DBB96C5 ] C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll
05:48:05.0297 0x0b60 C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll - ok
05:48:05.0312 0x0b60 [ 29910D50542B1AA0F162EF3339C61B6D, 018F0922384A5757390652865BB2DF876E9DA08B0858BC619B41D2CD14533ED4 ] C:\Windows\System32\PeerDist.dll
05:48:05.0312 0x0b60 C:\Windows\System32\PeerDist.dll - ok
05:48:05.0312 0x0b60 [ EF2AE43BCD46ABB13FC3E5B2B1935C73, 81FC06F306F620845D7DD8D06E706309E70BC89B589C81F3478302A3F5F73431 ] C:\Windows\System32\winmm.dll
05:48:05.0312 0x0b60 C:\Windows\System32\winmm.dll - ok
05:48:05.0312 0x0b60 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] C:\Windows\System32\gpsvc.dll
05:48:05.0312 0x0b60 C:\Windows\System32\gpsvc.dll - ok
05:48:05.0328 0x0b60 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB, 018CB95A43CEA2063EA24691C71D51EF60D522C21502ABA8AD93876363D4B857 ] C:\Windows\System32\taskschd.dll
05:48:05.0328 0x0b60 C:\Windows\System32\taskschd.dll - ok
05:48:05.0328 0x0b60 [ 1473768973453DE50DC738C2955FC4DD, 14BC5DA2442CB726ACC1F277DDBECCF5D61E3A0A3E083A55A0BB610191E35220 ] C:\Windows\System32\wdmaud.drv
05:48:05.0328 0x0b60 C:\Windows\System32\wdmaud.drv - ok
05:48:05.0328 0x0b60 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D, 19959D18601712901F03B83150D15E34EBCAB355BB4692C9A28511A72F57FC66 ] C:\Windows\System32\winbrand.dll
05:48:05.0328 0x0b60 C:\Windows\System32\winbrand.dll - ok
05:48:05.0343 0x0b60 [ 023A9AB1DB18386DC65728F66DA99A04, FEF2437AC3600ECB4427255F5FCDB7FA7455F7D08A19FFFE0DF245E415CABEF0 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CAC979BD-C3DB-4857-B237-C014DD350AB4}\mpengine.dll
05:48:05.0343 0x0b60 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CAC979BD-C3DB-4857-B237-C014DD350AB4}\mpengine.dll - ok
05:48:05.0343 0x0b60 [ 8560FFFC8EB3A806DCD4F82252CFC8C6, CC27BC092369A89D6147B16568FEDEB68B584D5738CD686C31F7FAE22ED17B3B ] C:\Windows\System32\ksuser.dll
05:48:05.0343 0x0b60 C:\Windows\System32\ksuser.dll - ok
05:48:05.0343 0x0b60 [ C2762A57DF0EE85E63CE4893C5215313, DDE22212D78353633CEDE27D7210469DE674563991105563CF64CCCE2D0743BD ] C:\Windows\System32\VaultCredProvider.dll
05:48:05.0343 0x0b60 C:\Windows\System32\VaultCredProvider.dll - ok
05:48:05.0359 0x0b60 [ 2DF36F15B2BC1571A6A542A3C2107920, A918F1EE95269DF973421AF2F5713DEEAF15EF0F77BAA7E8C515FFB69896FB7A ] C:\Windows\System32\nlaapi.dll
05:48:05.0359 0x0b60 C:\Windows\System32\nlaapi.dll - ok
05:48:05.0359 0x0b60 [ CA2985996BB49924B677113DF95CFEA7, 91F63863B1B597AE421CD2C3D8A3E00578B17876E5F5B828D25C2C9B349ECCCD ] C:\Windows\System32\SmartcardCredentialProvider.dll
05:48:05.0359 0x0b60 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
05:48:05.0359 0x0b60 [ 58775492FFD419248B08325E583C527F, DBB013971F5894F25C222C2D4D50A29DB6DF3C413792EE9CCC1A9E6D85469093 ] C:\Windows\System32\atl.dll
05:48:05.0359 0x0b60 C:\Windows\System32\atl.dll - ok
05:48:05.0375 0x0b60 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] C:\Windows\System32\es.dll
05:48:05.0375 0x0b60 C:\Windows\System32\es.dll - ok
05:48:05.0375 0x0b60 [ DC220AE6F64819099F7EBD6F137E32E7, B8FE13B859FA83500DD95637FA6D4A5B8392C2A363E41D014D3B5374F636E1DE ] C:\Windows\System32\AudioSes.dll
05:48:05.0375 0x0b60 C:\Windows\System32\AudioSes.dll - ok
05:48:05.0375 0x0b60 [ A77BE7CB3222B4FB0AC6C71D1C2698D4, 73566223914BF670DF6B5931FA213E546713531B10391ED65B5256BBD7ABDE7F ] C:\Windows\System32\dsrole.dll
05:48:05.0375 0x0b60 C:\Windows\System32\dsrole.dll - ok
05:48:05.0390 0x0b60 [ BE097F5BB10F9079FCEB2DC4E7E20F02, 90A88986C8C5F30FB153EC803FEDA6572B2C2630A6C9578FCC017800692694D5 ] C:\Windows\System32\slc.dll
05:48:05.0390 0x0b60 C:\Windows\System32\slc.dll - ok
05:48:05.0390 0x0b60 [ BF352E73615F5461AA6884472435A544, 4B059E79325C5F08CD6FBBE6352E17ADB64B9608CC9EDB36A2DF4D148060C309 ] C:\Windows\System32\BioCredProv.dll
05:48:05.0390 0x0b60 C:\Windows\System32\BioCredProv.dll - ok
05:48:05.0390 0x0b60 [ 862596399AAFD2A21DB2AF9270CD4F70, 24CAA19EE791FB3440CE742C9064FCE0CB755EF0789D3CE62058A2CFEF0FF6D2 ] C:\Windows\System32\mstask.dll
05:48:05.0390 0x0b60 C:\Windows\System32\mstask.dll - ok
05:48:05.0406 0x0b60 [ 796B8123A7859AFD3A4AE10514DBAEB5, E76F69FAFEC3D66263ED95F3FA9EE309BDDACB287E30583A147DC97F6EEB8844 ] C:\Windows\System32\winbio.dll
05:48:05.0406 0x0b60 C:\Windows\System32\winbio.dll - ok
05:48:05.0406 0x0b60 [ CC0AB40F02D2C2A12209715A3C1B07B8, 90EB303A4E151340DB382248361FEFC5346C31394791DF83663086C8219C2B20 ] C:\Windows\System32\credui.dll
05:48:05.0406 0x0b60 C:\Windows\System32\credui.dll - ok
05:48:05.0406 0x0b60 [ EEEA40F0EDB0A6E5359E539E15D0BC77, BFCBF777239C29C6AC4BC5B59591308571647B7C7FDB5571903F7403DD241E8E ] C:\Windows\System32\netapi32.dll
05:48:05.0406 0x0b60 C:\Windows\System32\netapi32.dll - ok
05:48:05.0421 0x0b60 [ 44B9C66177651F3F53C87B665D58D17A, 3FC426115FF87570889DB28D71970B82B525D2A4B9A00EDD273BF083B77A05CE ] C:\Windows\System32\vaultcli.dll
05:48:05.0421 0x0b60 C:\Windows\System32\vaultcli.dll - ok
05:48:05.0421 0x0b60 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] C:\Windows\System32\drivers\lltdio.sys
05:48:05.0421 0x0b60 C:\Windows\System32\drivers\lltdio.sys - ok
05:48:05.0421 0x0b60 [ 6CECA4C6A489C9B2E6073AFDAAE3F607, 127506D1DB38275614CBEB047C133718EF9D03266BA9C98BE55EC7847CFC9C3D ] C:\Windows\System32\netutils.dll
05:48:05.0421 0x0b60 C:\Windows\System32\netutils.dll - ok
05:48:05.0437 0x0b60 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] C:\Windows\System32\uxsms.dll
05:48:05.0437 0x0b60 C:\Windows\System32\uxsms.dll - ok
05:48:05.0437 0x0b60 [ 3C91392D448F6E5D525A85B7550D8BA9, 6FD0DC73DBE7519E2C643554C2A7F8FBE4F9A678C4241BB54B3C6E65D2ABCF3A ] C:\Windows\System32\wkscli.dll
05:48:05.0437 0x0b60 C:\Windows\System32\wkscli.dll - ok
05:48:05.0453 0x0b60 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] C:\Windows\System32\drivers\rspndr.sys
05:48:05.0453 0x0b60 C:\Windows\System32\drivers\rspndr.sys - ok
05:48:05.0453 0x0b60 [ 2B81776DA02017A37FE26C662827470E, A656353C50EE08422145D00DB9CFD9F6D3E664753B3C454B171E2A56A8AA94DC ] C:\Windows\System32\IPHLPAPI.DLL
05:48:05.0453 0x0b60 C:\Windows\System32\IPHLPAPI.DLL - ok
05:48:05.0453 0x0b60 [ FC51229C7D4AFA0D6F186133728B95AB, 37E58C8E1C8437D1981725A5DCDACA7316CEFBB570370CEFC8D122F523B96AC0 ] C:\Windows\System32\samcli.dll
05:48:05.0453 0x0b60 C:\Windows\System32\samcli.dll - ok
05:48:05.0468 0x0b60 [ 972C3301DB3DA91AE06A95F6B4160B1B, 678B533A06C306295FE97DC26CE9BAFFC8EAF1FB7405ACB040719099717744D5 ] C:\Windows\System32\certCredProvider.dll
05:48:05.0468 0x0b60 C:\Windows\System32\certCredProvider.dll - ok
05:48:05.0468 0x0b60 [ 4C9210E8F4E052F6A4EB87716DA0C24C, 460F7990BDADB7D58D6DC95B094D30A2EFDC4CEED444B18A2F36E8D9076FB8B9 ] C:\Windows\System32\winnsi.dll
05:48:05.0468 0x0b60 C:\Windows\System32\winnsi.dll - ok
05:48:05.0468 0x0b60 [ 71C7B65B6557B75B99907E76956AE4B8, 38AD0E96D6AD36C0643761D5F5DB7A2802E059008C0984ABF61F4D8703DE4B3B ] C:\Windows\System32\dhcpcore6.dll
05:48:05.0468 0x0b60 C:\Windows\System32\dhcpcore6.dll - ok
05:48:05.0484 0x0b60 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] C:\Windows\System32\dnsrslvr.dll
05:48:05.0484 0x0b60 C:\Windows\System32\dnsrslvr.dll - ok
05:48:05.0484 0x0b60 [ B73A6E4B319AFFE64582AC5C1801BB3F, 274EEA0743DC659180E691654CBB17136E9E9D83B07E302B47EA5B103EA57710 ] C:\Windows\System32\nrpsrv.dll
05:48:05.0484 0x0b60 C:\Windows\System32\nrpsrv.dll - ok
05:48:05.0484 0x0b60 [ 4CBCC37856EA2039C27A2FB661DDA0E5, 74CBFAB3092A9564BDDFCB84DB3E3F8BCFD1492938ADF187423D3355D73D21C6 ] C:\Windows\System32\dhcpcsvc6.dll
05:48:05.0484 0x0b60 C:\Windows\System32\dhcpcsvc6.dll - ok
05:48:05.0499 0x0b60 [ 87FA0C48C3B2E9FEE518818FE26B15B5, DA4042DE9897397AEDCEFF9F69746726237305DDE64464309B6DCC45E05E42F4 ] C:\Windows\System32\rasplap.dll
05:48:05.0499 0x0b60 C:\Windows\System32\rasplap.dll - ok
05:48:05.0499 0x0b60 [ F568F7C08458D69E4FCD8675BBB107E4, A5FA25ECF248999A68CCECFBB508BFA1ADD18A23E20A9A9081A87C41CAAA36C0 ] C:\Windows\System32\dhcpcsvc.dll
05:48:05.0499 0x0b60 C:\Windows\System32\dhcpcsvc.dll - ok
05:48:05.0499 0x0b60 [ 0040C486584A8E582C861CFB57AB5387, 5EE17B55CB702D14AE75B19226DE21CD2498BDA6C6EF5872FDB8A718F401FED1 ] C:\Windows\System32\FWPUCLNT.DLL
05:48:05.0499 0x0b60 C:\Windows\System32\FWPUCLNT.DLL - ok
05:48:05.0515 0x0b60 [ 885D0942E0F28DB90919BE3129ECF279, 5A10D90EE656ECE3DCA174D6F924641509819FC20CB6EF46B5E1723E52DE85BE ] C:\Windows\System32\dnsext.dll
05:48:05.0515 0x0b60 C:\Windows\System32\dnsext.dll - ok
05:48:05.0515 0x0b60 [ 019CD868461B646E09BDF04474C19341, 01837EFACB02E52BC6E90C90C4CB01B11D56E449A37EA4FC2695507FF85EA9FE ] C:\Windows\System32\rasapi32.dll
05:48:05.0515 0x0b60 C:\Windows\System32\rasapi32.dll - ok
05:48:05.0515 0x0b60 [ BC414631876B2F28B8DAB08E849C12C5, 5973654AA3E90E6B699B0A43F645B893D95BAA803129B6967D746C8239AB26E3 ] C:\Windows\System32\ktmw32.dll
05:48:05.0515 0x0b60 C:\Windows\System32\ktmw32.dll - ok
05:48:05.0531 0x0b60 [ B28DEEC597C8DEB70C744C7CF9210E3E, E777F192D822990CA6301B3FEA2AEA213FA7901438EB3328914ADF02B6C39DB9 ] C:\Windows\System32\rasman.dll
05:48:05.0531 0x0b60 C:\Windows\System32\rasman.dll - ok
05:48:05.0531 0x0b60 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] C:\Windows\System32\drivers\fastfat.sys
05:48:05.0531 0x0b60 C:\Windows\System32\drivers\fastfat.sys - ok
05:48:05.0531 0x0b60 [ CA2A0750ED830678997695FF61B04C30, E84860CD97AA3C4565ABB2D5D406A5C42B1AD2D8BA1B8CF81FE564D91F15F976 ] C:\Windows\System32\midimap.dll
05:48:05.0531 0x0b60 C:\Windows\System32\midimap.dll - ok
05:48:05.0546 0x0b60 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A, 72288C0A88916D3C3828DBD948DBDB0928F26106319F8E60102D6C9004514D60 ] C:\Windows\System32\msacm32.dll
05:48:05.0546 0x0b60 C:\Windows\System32\msacm32.dll - ok
05:48:05.0546 0x0b60 [ 1B7C3A37362C7B2890168C5FC61C8D9B, 03727930E5BB5F9D91BAB901FC9A2E3B795D68E2AEE6A2CC3477F356C45A9C54 ] C:\Windows\System32\msacm32.drv
05:48:05.0546 0x0b60 C:\Windows\System32\msacm32.drv - ok
05:48:05.0546 0x0b60 [ B53C4B69B695EDA1B7E41D35CA4244E2, 3D98E9B263CADA576E4057E059AFC867F6E3F1001F3B73C8BCF9066763A45D9D ] C:\Windows\System32\rtutils.dll
05:48:05.0546 0x0b60 C:\Windows\System32\rtutils.dll - ok
05:48:05.0562 0x0b60 [ 5EDBB34736DD7AC1A73CF8792A835E10, 15E87C449AAF2095273341DD9355D8DF2690340D1DEFAF0DFF034F1CDF4316F8 ] C:\Windows\System32\AudioEng.dll
05:48:05.0562 0x0b60 C:\Windows\System32\AudioEng.dll - ok
05:48:05.0562 0x0b60 [ 9BC8610C32C96A2983A65DC21CAFA921, 2A4195F663C9D55939E3D8FEAA208090FDB0B8801A60164A7325B53104797CBC ] C:\Windows\System32\UXInit.dll
05:48:05.0562 0x0b60 C:\Windows\System32\UXInit.dll - ok
05:48:05.0562 0x0b60 [ C1395286B822E306B4FE1568A8A77813, 0642B6C793BE0EED5E7D1D2533FC5A01417C50040FC60A8E89BD97CE4A119388 ] C:\Windows\System32\AUDIOKSE.dll
05:48:05.0562 0x0b60 C:\Windows\System32\AUDIOKSE.dll - ok
05:48:05.0577 0x0b60 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7, 4BC5A1279885EEFBEB27333AF719622A5FCDD9606697692C1978E434CE264D80 ] C:\Windows\System32\taskcomp.dll
05:48:05.0577 0x0b60 C:\Windows\System32\taskcomp.dll - ok
05:48:05.0577 0x0b60 [ 6F3C559B82F2912354BE5B098744CC8C, EB64E5C02C81588921A65194E1256E80699A1317E7D9A57395CD38C2639C8B08 ] C:\Windows\System32\WMALFXGFXDSP.dll
05:48:05.0577 0x0b60 C:\Windows\System32\WMALFXGFXDSP.dll - ok
05:48:05.0577 0x0b60 [ 54B5DCD55B223BC5DF50B82E1E9E86B1, 025294DD69A421FE4EACAA463F8CB797610D8F3A7A3C61656AE83D0CEE07A9BF ] C:\Windows\System32\mfplat.dll
05:48:05.0577 0x0b60 C:\Windows\System32\mfplat.dll - ok
05:48:05.0593 0x0b60 [ 5AA945234E9D4CCE4F715276B9AA712C, 65165BD131056816F009D987FC78AC86FFE0C3C38A27E73F873586B7FF4D59CF ] C:\Windows\System32\imageres.dll
05:48:05.0593 0x0b60 C:\Windows\System32\imageres.dll - ok
05:48:05.0593 0x0b60 [ B0193804FA7DC1EAC86F9E81F9928EE4, 79B4E517F26C8F7A83970EA53929EAE3B2F6413D1DD9AA7FD23040D841F30E6F ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CAC979BD-C3DB-4857-B237-C014DD350AB4}\mpasbase.vdm
05:48:05.0593 0x0b60 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CAC979BD-C3DB-4857-B237-C014DD350AB4}\mpasbase.vdm - ok
05:48:05.0609 0x0b60 [ B1DF2D87DC8BF6072699AC8301B37796, D5A6FD1EDB627324DFA1A0555F1777A3313EF29DDE29982C3CE59DAF1ED0D105 ] C:\Windows\System32\WUDFPlatform.dll
05:48:05.0609 0x0b60 C:\Windows\System32\WUDFPlatform.dll - ok
05:48:05.0609 0x0b60 [ D6ED4C9FEE354DBB03989A2F4ED6DED3, 6F6E6BCA9E19623985B1614DF7F77E3AD873C67DA326F6A0469E314553E1E22B ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CAC979BD-C3DB-4857-B237-C014DD350AB4}\mpasdlta.vdm
05:48:05.0609 0x0b60 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CAC979BD-C3DB-4857-B237-C014DD350AB4}\mpasdlta.vdm - ok
05:48:05.0609 0x0b60 [ 00000000000000000000000000000000, 0000000000000000000000000000000000000000000000000000000000000000 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CAC979BD-C3DB-4857-B237-C014DD350AB4}\mpavbase.vdm
05:48:05.0609 0x0b60 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CAC979BD-C3DB-4857-B237-C014DD350AB4}\mpavbase.vdm - ok
05:48:05.0609 0x0b60 [ 0000AEDE0DB27FBF034509186385563A, A8BB472B1C1ADA62DD88BC56C8628326DE4CD7F9142DA1F2689E05F4B14E21B2 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CAC979BD-C3DB-4857-B237-C014DD350AB4}\mpavdlta.vdm
05:48:05.0609 0x0b60 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CAC979BD-C3DB-4857-B237-C014DD350AB4}\mpavdlta.vdm - ok
05:48:05.0624 0x0b60 [ BFDAB6AA9DAAA114BF3D2EA64C50A903, 5F065754B53B8A5107EC367F38351EDF22A9997D0C6E926E9B22FD162B0B0429 ] C:\Windows\System32\mshtml.dll
05:48:05.0624 0x0b60 C:\Windows\System32\mshtml.dll - ok
05:48:05.0624 0x0b60 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] C:\Windows\System32\drivers\bowser.sys
05:48:05.0624 0x0b60 C:\Windows\System32\drivers\bowser.sys - ok
05:48:05.0640 0x0b60 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] C:\Windows\System32\drivers\mpsdrv.sys
05:48:05.0640 0x0b60 C:\Windows\System32\drivers\mpsdrv.sys - ok
05:48:05.0640 0x0b60 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] C:\Windows\System32\drivers\mrxsmb.sys
05:48:05.0640 0x0b60 C:\Windows\System32\drivers\mrxsmb.sys - ok
05:48:05.0640 0x0b60 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] C:\Windows\System32\drivers\mrxsmb10.sys
05:48:05.0640 0x0b60 C:\Windows\System32\drivers\mrxsmb10.sys - ok
05:48:05.0655 0x0b60 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] C:\Windows\System32\drivers\mrxsmb20.sys
05:48:05.0655 0x0b60 C:\Windows\System32\drivers\mrxsmb20.sys - ok
05:48:05.0655 0x0b60 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] C:\Windows\System32\MPSSVC.dll
05:48:05.0655 0x0b60 C:\Windows\System32\MPSSVC.dll - ok
05:48:05.0655 0x0b60 [ 8792BAB371B4B1589E015B6FD1ED3B15, 909AE97316E07FA6D3CBED2FDC2F36D90531FD9C61243B6DC38ABD40B859DCE3 ] C:\Windows\System32\cryptnet.dll
05:48:05.0655 0x0b60 C:\Windows\System32\cryptnet.dll - ok
05:48:05.0671 0x0b60 [ C67F8A962B2534224D5908D16D2AD3CE, CAC1821F5E867285638AEE7AE33CE574BCCF16277AC5AD805650B48F7759B4B4 ] C:\Windows\System32\wfapigp.dll
05:48:05.0671 0x0b60 C:\Windows\System32\wfapigp.dll - ok
05:48:05.0671 0x0b60 [ 1834B31C749B86DAC233BBBA1C03BC48, 27FCA9196842C0BB53CCAD895870A0EB10D2F8ED67E5486A4437067BD4BC4448 ] C:\Windows\System32\mscms.dll
05:48:05.0671 0x0b60 C:\Windows\System32\mscms.dll - ok
05:48:05.0671 0x0b60 [ 945E54F23C72D37B8CD1987AF0DB63BF, C2B217C94DBCA0A31ED834B9D492B53B25B235DDD02B1D1200E76609D32772EA ] C:\Windows\System32\fveapi.dll
05:48:05.0671 0x0b60 C:\Windows\System32\fveapi.dll - ok
05:48:05.0687 0x0b60 [ 891ECFD08E2C538B7948CBC45106D697, 628D0D618FF3A70E9FBE3B2C7206C9365ED2297784A5F10FFA05BD2C56657013 ] C:\Windows\System32\fvecerts.dll
05:48:05.0687 0x0b60 C:\Windows\System32\fvecerts.dll - ok
05:48:05.0687 0x0b60 [ 694865362F0965779F92BCFE97712323, 825EB75E37AFE9B738869FB5D95020D4F44AD419C2F6C5A658F82A5242FDEF6C ] C:\Windows\System32\tbs.dll
05:48:05.0687 0x0b60 C:\Windows\System32\tbs.dll - ok
05:48:05.0687 0x0b60 [ 8269210DAF3B12BC8300631B28A2A442, EABEB792C2EA8D4A1A7B13281CF557C194D5667AE0BA2A2D5664908D8269113D ] C:\Windows\System32\wiarpc.dll
05:48:05.0687 0x0b60 C:\Windows\System32\wiarpc.dll - ok
05:48:05.0702 0x0b60 [ 91A8E32B00BF7899EDAB6783287DDDA6, 49451722317AB42B3DE407EFCB9CC560C1455217AC3E2F11F74D08C1708473C5 ] C:\Windows\System32\PeerDistSh.dll
05:48:05.0702 0x0b60 C:\Windows\System32\PeerDistSh.dll - ok
05:48:05.0702 0x0b60 [ A3DB3C17EE6CAE65D53602B4E80BCCBC, D802A7C6161F937DC42A6E45FE1BB2C8272819F92C294C180EBCDF8FF72CBFDC ] C:\Windows\System32\PSHED.DLL
05:48:05.0702 0x0b60 C:\Windows\System32\PSHED.DLL - ok
05:48:05.0702 0x0b60 [ B0945E538CF906BBDDC5A11C8EE868CC, 5F3459F6512918835F7C9400905EC7C1FAEAA7114E0D28C522040C359E3B93F7 ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
05:48:05.0702 0x0b60 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
05:48:05.0718 0x0b60 [ 218A400108F280428FA22282D3268BBC, 7712687ABAEF6616E90AE5A321044C102E79EC23F4A1EAFB4278C93724873CB3 ] C:\Windows\System32\wscapi.dll
05:48:05.0718 0x0b60 C:\Windows\System32\wscapi.dll - ok
05:48:05.0718 0x0b60 [ 7F8E83B9466A0A002D4AB15C104062A7, D2D64B95079243F04479A7950AFB9DD086C43BF0236E72E74FC45C6945A765E4 ] C:\Windows\System32\efscore.dll
05:48:05.0718 0x0b60 C:\Windows\System32\efscore.dll - ok
05:48:05.0718 0x0b60 [ 58283053C781AD3A579C95D7765C1FA0, 9F7641C9B5E64797E14A2E307D94E31D6F51A721964BD5CE8CEFF6B523A69DB8 ] C:\Windows\System32\efsutil.dll
05:48:05.0718 0x0b60 C:\Windows\System32\efsutil.dll - ok
05:48:05.0733 0x0b60 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567, 426FB40A065FEF61980C803EF72D0D326C623340C3AE99CA8AFFDEFB81E8D49D ] C:\Windows\System32\vssapi.dll
05:48:05.0733 0x0b60 C:\Windows\System32\vssapi.dll - ok
05:48:05.0733 0x0b60 [ 287923557447D7E4BDD7E65B1F0F5428, 14D85A0F036F28D77AA9723C3D7E8C4DA9BDFF8A1AD9BEA6FE5756DBF5D00F08 ] C:\Windows\System32\vsstrace.dll
05:48:05.0733 0x0b60 C:\Windows\System32\vsstrace.dll - ok
05:48:05.0733 0x0b60 [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
05:48:05.0733 0x0b60 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
05:48:05.0749 0x0b60 [ E73B0F1819602CB6EF176FB78D76A47B, 54B000D3CAFE32AA7541437F6AA0950EE0A23624ECB6B3D07855E5C0F1F9E77D ] C:\Windows\SysWOW64\ntdll.dll
05:48:05.0749 0x0b60 C:\Windows\SysWOW64\ntdll.dll - ok
05:48:05.0749 0x0b60 [ 259EB5F7D95A29842B476C5B3EB6E186, E651373ED4D10E42EC17620CC77CB6A9367CD16856E33F795B49A0DADD41C90E ] C:\Windows\System32\wow64.dll
05:48:05.0749 0x0b60 C:\Windows\System32\wow64.dll - ok
05:48:05.0749 0x0b60 [ 5674E21E82CFBEA36DDAD5DB285D6DBC, FBD2AC69D3E66E39651C5F2C88C0087EDC3CD1FD999FC2A574C97E9DDF2C1441 ] C:\Windows\System32\wow64win.dll
05:48:05.0749 0x0b60 C:\Windows\System32\wow64win.dll - ok
05:48:05.0765 0x0b60 [ 3EE3AA76D8AB6D5644C4C8F34471CEB3, FCF173B0A324FA4780824CBD8C8FE4E402F27EACF1A41AAFEA636FA0B3AE7B35 ] C:\Windows\System32\wow64cpu.dll
05:48:05.0765 0x0b60 C:\Windows\System32\wow64cpu.dll - ok
05:48:05.0765 0x0b60 [ AC0B6F41882FC6ED186962D770EBF1D2, 21CC2473FEE7A102488D29114D91522381D6E7232D7BE54DCD92075DB535AFF3 ] C:\Windows\SysWOW64\kernel32.dll
05:48:05.0765 0x0b60 C:\Windows\SysWOW64\kernel32.dll - ok
05:48:05.0780 0x0b60 [ EF39CCCC9AD927A25334AE0B41A8A343, EC5FB376F84697F42B632BC9775D362CF6C54A68E26A0CF027D90F5A419BEA74 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
05:48:05.0780 0x0b60 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll - ok
05:48:05.0780 0x0b60 [ E954A79D6A754A5475582CACED1565E6, 3AA91EE188EFFD979E5B83965194B9CD75287765E576225E5DB23048F1E75B62 ] C:\Windows\SysWOW64\KernelBase.dll
05:48:05.0780 0x0b60 C:\Windows\SysWOW64\KernelBase.dll - ok
05:48:05.0780 0x0b60 [ 8CC3C111D653E96F3EA1590891491D71, 1D326D7D116D76876EE2B14A5BFB7B4328E21DB9B5AAAB9CB67F8EFB93924230 ] C:\Windows\SysWOW64\shlwapi.dll
05:48:05.0780 0x0b60 C:\Windows\SysWOW64\shlwapi.dll - ok
05:48:05.0796 0x0b60 [ D6D3AD7BF1D6F6CE9547613ED5E170A2, EA3BD7FEC193A8CFE1D5736301ACADC476FB6AAC5475A45776D0A638E9845445 ] C:\Windows\SysWOW64\gdi32.dll
05:48:05.0796 0x0b60 C:\Windows\SysWOW64\gdi32.dll - ok
05:48:05.0796 0x0b60 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3, 01EB95FA3943CF3C6B1A21E473A5C3CB9FCBCE46913B15C96CAC14E4F04075B4 ] C:\Windows\SysWOW64\user32.dll
05:48:05.0796 0x0b60 C:\Windows\SysWOW64\user32.dll - ok
05:48:05.0796 0x0b60 [ 95E2376B3323F062EB562B8586D0F14A, BD3FA8750123D00AA0967FBA44372C46EA002681DA9C9B77A4F9261553E26017 ] C:\Windows\SysWOW64\advapi32.dll
05:48:05.0796 0x0b60 C:\Windows\SysWOW64\advapi32.dll - ok
05:48:05.0811 0x0b60 [ 9DC80A8AAAAAC397BDAB3C67165A824E, 051636BFDFF7AB0E4191354E846BD0DACCA1A01FCC13C1AFED91D8DBFE17127A ] C:\Windows\SysWOW64\msvcrt.dll
05:48:05.0811 0x0b60 C:\Windows\SysWOW64\msvcrt.dll - ok
05:48:05.0811 0x0b60 [ C5AD8083CF94201F1F8084ECC696A8B7, 9F9A23DC2587E88C1BF671E9E147F134242002288E22E1C57881F3ED721F4296 ] C:\Windows\SysWOW64\rpcrt4.dll
05:48:05.0811 0x0b60 C:\Windows\SysWOW64\rpcrt4.dll - ok
05:48:05.0811 0x0b60 [ CFC97F07904067A1E5FAE195D534DA3A, EB4D2D127312EB09E2ACCA3276779E80F90FAF77322684BABF72B8EC6E1F906C ] C:\Windows\SysWOW64\sechost.dll
05:48:05.0811 0x0b60 C:\Windows\SysWOW64\sechost.dll - ok
05:48:05.0827 0x0b60 [ F08F6FCD09F9BE94C37ACC1B344685FF, DE48D766258B46EFEAB16579421C4BD97ACC6883F782D00E9857F4A0CE7E8A34 ] C:\Windows\SysWOW64\cryptbase.dll
05:48:05.0827 0x0b60 C:\Windows\SysWOW64\cryptbase.dll - ok
05:48:05.0827 0x0b60 [ 384721EF4024890092625E20CADFAF85, 32FB012437C271CA4408EC60E6858485C2F9489107BBDB7011F728A0D2A26D2C ] C:\Windows\SysWOW64\lpk.dll
05:48:05.0827 0x0b60 C:\Windows\SysWOW64\lpk.dll - ok
05:48:05.0827 0x0b60 [ EDA7AD21DF8945528F01F0A86D69E524, 8FF2CC12AF30F1DC367ABD19FA9CB0F42EC6EE820F6E755BEFCEFE952C22E2F6 ] C:\Windows\SysWOW64\sspicli.dll
05:48:05.0827 0x0b60 C:\Windows\SysWOW64\sspicli.dll - ok
05:48:05.0843 0x0b60 [ B7230010D97787AF3D25E4C82F2B06B9, C795E9811CD461F8E98D1738667EB0C265A57065EA3420CE596D5038E7430C1E ] C:\Windows\SysWOW64\usp10.dll
05:48:05.0843 0x0b60 C:\Windows\SysWOW64\usp10.dll - ok
05:48:05.0843 0x0b60 [ 29E9794708DF51DB5DC89FB2E903A0F6, 28EC3277102623A3562805E714A658197B9D04518EDF5DE028C0CF00BFC8EC5E ] C:\Windows\SysWOW64\shell32.dll
05:48:05.0843 0x0b60 C:\Windows\SysWOW64\shell32.dll - ok
05:48:05.0843 0x0b60 [ 9275F02BEA644F43A459E316A932658F, A4B9A716BEF1ADFDDA4C44D4838EC57BD77DEE29C4B4737B58A9375C2366A87F ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll
05:48:05.0843 0x0b60 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll - ok
05:48:05.0858 0x0b60 [ 702254574E7E52052DE39408457B7149, 645CA9E88DA21C63710A04A0F54421018DF415A3D612112C71A255C49325C082 ] C:\Windows\SysWOW64\version.dll
05:48:05.0858 0x0b60 C:\Windows\SysWOW64\version.dll - ok
05:48:05.0858 0x0b60 [ 60D21799A4AF4EDCE65FB98830E4B0C8, 4391205D8F93E47BB24852C5035D2128E0C2A130CC4A4334BB86DB35E76155FC ] C:\Windows\SysWOW64\crypt32.dll
05:48:05.0858 0x0b60 C:\Windows\SysWOW64\crypt32.dll - ok
05:48:05.0858 0x0b60 [ A90DC9ABD65DB1A8902F361103029952, 26798758976CE53251AC342B966BE0363AE1794BD965C452F5DEBC33E18969F0 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
05:48:05.0858 0x0b60 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
05:48:05.0874 0x0b60 [ 938F39B50BAFE13D6F58C7790682C010, 902000EE51EFEABAF6A4B30F880AA37083D2232C6FC622CA513C4A823390FEDA ] C:\Windows\SysWOW64\msasn1.dll
05:48:05.0874 0x0b60 C:\Windows\SysWOW64\msasn1.dll - ok
05:48:05.0874 0x0b60 [ 6377051C63D5552A311935C67E9FDFDC, 3FB82988AAB66813567E8DB951D4EE87F156201070F005FDBF52EF998A323E65 ] C:\Windows\SysWOW64\nsi.dll
05:48:05.0874 0x0b60 C:\Windows\SysWOW64\nsi.dll - ok
05:48:05.0874 0x0b60 [ CFF35B879D1618D42C86644C717BA947, 1837275202628D3320867A3BF8CFDA15491730C4B74215F7C0D7E140BF01AC3C ] C:\Windows\SysWOW64\winnsi.dll
05:48:05.0874 0x0b60 C:\Windows\SysWOW64\winnsi.dll - ok
05:48:05.0889 0x0b60 [ 7FF15A4F092CD4A96055BA69F903E3E9, 1B594E6D057C632ABB3A8CF838157369024BD6B9F515CA8E774B22FE71A11627 ] C:\Windows\SysWOW64\ws2_32.dll
05:48:05.0889 0x0b60 C:\Windows\SysWOW64\ws2_32.dll - ok
05:48:05.0889 0x0b60 [ 6A6B2EE4565A178035BE2A4FF6F2C968, E2E231F1C2E2CE19583483ACC53318651FA7CA2DE46BCB89B4CBF97CA0525122 ] C:\Windows\SysWOW64\wtsapi32.dll
05:48:05.0889 0x0b60 C:\Windows\SysWOW64\wtsapi32.dll - ok
05:48:05.0889 0x0b60 [ A6F09E5669D9A19035F6D942CAA15882, 68C8AF0CC1923E3A7245392F2480EE665D265DF300A609D2540BF7C6D9C1A1BE ] C:\Windows\SysWOW64\imm32.dll
05:48:05.0889 0x0b60 C:\Windows\SysWOW64\imm32.dll - ok
05:48:05.0905 0x0b60 [ C9618BC9B2B0FD7C1138D8774795A79B, 0AC170669C2626519FA7A745C56BFBA6B83B8537488F5B9EB7BA72448E5E7A43 ] C:\Windows\SysWOW64\msctf.dll
05:48:05.0905 0x0b60 C:\Windows\SysWOW64\msctf.dll - ok
05:48:05.0905 0x0b60 [ C733D233B623B7FFCE5031E4B756EE26, 33CC8B140B0E4A9B702E3468BE2646AEE4273F20C6EA5BAC6C3D8FC8EDEF0881 ] C:\Windows\SysWOW64\profapi.dll
05:48:05.0905 0x0b60 C:\Windows\SysWOW64\profapi.dll - ok
05:48:05.0905 0x0b60 [ D15618A0FF8DBC2C5BF3726BACC75A0B, ADD81EA1D208907D67802F0E96EC0327BA89021F870BA22B9C7E3A19013A6AE7 ] C:\Windows\SysWOW64\userenv.dll
05:48:05.0905 0x0b60 C:\Windows\SysWOW64\userenv.dll - ok
05:48:05.0921 0x0b60 [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
05:48:05.0921 0x0b60 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe - ok
05:48:05.0921 0x0b60 [ 928CF7268086631F54C3D8E17238C6DD, F058FAFB04E7EBD5CADE9B48195B7AA7C3508F332A89F5E6E5F3F071E8CADD4A ] C:\Windows\SysWOW64\ole32.dll
05:48:05.0921 0x0b60 C:\Windows\SysWOW64\ole32.dll - ok
05:48:05.0921 0x0b60 [ 80D8679BF84A9383BFF33E07D5D9FC35, 0986806F2504C8A66FA8DEF7923A69E90A2390DD447BE53AD1824240CE68EC1E ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll
05:48:05.0921 0x0b60 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll - ok
05:48:05.0936 0x0b60 [ B9A8CBCFCD3EC9D2EA4740AF347BF108, 97FA304E3880BC863D999F441AE47CB8ADF00D2DEC2A52ACD8FBD02CC096786A ] C:\Windows\SysWOW64\mpr.dll
05:48:05.0936 0x0b60 C:\Windows\SysWOW64\mpr.dll - ok
05:48:05.0936 0x0b60 [ A543AC1F7138376D778D630A35FCBC4C, 2D824C66A97FC8C39DAFA397CC47495B712D175EEF393486946DA8936BDD466A ] C:\Windows\SysWOW64\psapi.dll
05:48:05.0936 0x0b60 C:\Windows\SysWOW64\psapi.dll - ok
05:48:05.0936 0x0b60 [ 17448AF0BBA9E7AB5EC955AF93F271BD, 7FDBD6FE402425FEA42317A1D332B463457C455BF7B217FFED44DFEBBDC16222 ] C:\Windows\SysWOW64\wintrust.dll
05:48:05.0936 0x0b60 C:\Windows\SysWOW64\wintrust.dll - ok
05:48:05.0952 0x0b60 [ 7321F18D1F820612ED0E9F2D4B578A7E, 612BD7DE1DFBD100BD6ACB37A38565D88C39842D990D296B9B8E1FB75C3A94E7 ] C:\Windows\SysWOW64\cryptsp.dll
05:48:05.0952 0x0b60 C:\Windows\SysWOW64\cryptsp.dll - ok
05:48:05.0952 0x0b60 [ ED8EC63F7522DF4852147C84EC62C36A, 75633011CD28DCBD4834211A9D415F17DE15BFCD80FB9FF6CE25CBBD4E9899AF ] C:\Windows\SysWOW64\rsaenh.dll
05:48:05.0952 0x0b60 C:\Windows\SysWOW64\rsaenh.dll - ok
05:48:05.0952 0x0b60 [ C3E0696C3B42F694C5822776AA6FFFDF, 80C3DEC2C48500F96C9E677450EFC1ADA9FE9FBB70F4CC2D7D9244B1A515418B ] C:\Windows\System32\drivers\NisDrvWFP.sys
05:48:05.0952 0x0b60 C:\Windows\System32\drivers\NisDrvWFP.sys - ok
05:48:05.0967 0x0b60 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] C:\Windows\System32\drivers\PEAuth.sys
05:48:05.0967 0x0b60 C:\Windows\System32\drivers\PEAuth.sys - ok
05:48:05.0967 0x0b60 [ 4A435F95B940E93A88FEC144BD409789, 12775F6F54AD9BCBCD4F91F371D8911772CA7B14316DAFFDC28B971D1FDCC182 ] C:\Windows\System32\ncsi.dll
05:48:05.0967 0x0b60 C:\Windows\System32\ncsi.dll - ok
05:48:05.0967 0x0b60 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] C:\Windows\System32\drivers\secdrv.sys
05:48:05.0967 0x0b60 C:\Windows\System32\drivers\secdrv.sys - ok
05:48:05.0983 0x0b60 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE, 4EFA41765E46E90C6CBDB0DC1E0CD375D7AB3307C477171EBAA6A16AC32E5211 ] C:\Windows\System32\ssdpapi.dll
05:48:05.0983 0x0b60 C:\Windows\System32\ssdpapi.dll - ok
05:48:05.0983 0x0b60 [ 1727B2A2F379A32B864C096FA794AADC, 87B77A5DF95F3A1C5ED6DEF820C7E384BEFCBAA2FE1BB4781AC6F777A081E5CC ] C:\Windows\System32\aepic.dll
05:48:05.0983 0x0b60 C:\Windows\System32\aepic.dll - ok
05:48:05.0983 0x0b60 [ C6DCD1D11ED6827F05C00773C3E7053C, EA23BE261C9C04F44215D254D7A80FD0AEE84C6F192D0FEE49A7CF74ED3CB1A6 ] C:\Windows\System32\sfc.dll
05:48:05.0983 0x0b60 C:\Windows\System32\sfc.dll - ok
05:48:05.0999 0x0b60 [ 895C9AB0A855547445C4181195230757, 89BDA385D8CCB75C3D7B1BDFA567AC441A931F4E499C0835FEE9D010343FABB6 ] C:\Windows\System32\sfc_os.dll
05:48:05.0999 0x0b60 C:\Windows\System32\sfc_os.dll - ok
05:48:05.0999 0x0b60 [ 3FD15B4611D9BDA3F8013548C0ECAECA, B47A8D9985D9B71EB870816A0AB2B6403D394CCBDF7DE5378D5721D58D68D28D ] C:\Windows\SysWOW64\ntmarta.dll
05:48:05.0999 0x0b60 C:\Windows\SysWOW64\ntmarta.dll - ok
05:48:05.0999 0x0b60 [ A8BB45F9ECAD993461E0FEF8E2A99152, ACB756EA54E71F124D928829666B5B439785593877FF7C0C76ADCF954F4E6C94 ] C:\Windows\SysWOW64\Wldap32.dll
05:48:05.0999 0x0b60 C:\Windows\SysWOW64\Wldap32.dll - ok
05:48:06.0014 0x0b60 [ 418E881201583A3039D81F43E39E6C78, C96AAC161E09BE12815A4E931E65F66DB1A456C03253EF1111AE66F44B1515FF ] C:\Windows\SysWOW64\winsta.dll
05:48:06.0014 0x0b60 C:\Windows\SysWOW64\winsta.dll - ok
05:48:06.0014 0x0b60 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] C:\Windows\System32\drivers\srvnet.sys
05:48:06.0014 0x0b60 C:\Windows\System32\drivers\srvnet.sys - ok
05:48:06.0014 0x0b60 [ FFF95479C7AB1550F0750A5D01744211, FF67F892AABCE1C2B695FF4C0816339566F5745C1498D48FAC050E5196C1CE09 ] C:\Windows\System32\drivers\spsys.sys
05:48:06.0030 0x0b60 C:\Windows\System32\drivers\spsys.sys - ok
05:48:06.0030 0x0b60 [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] C:\Windows\System32\drivers\tcpipreg.sys
05:48:06.0030 0x0b60 C:\Windows\System32\drivers\tcpipreg.sys - ok
05:48:06.0030 0x0b60 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] C:\Windows\System32\drivers\srv2.sys
05:48:06.0030 0x0b60 C:\Windows\System32\drivers\srv2.sys - ok
05:48:06.0045 0x0b60 [ F6F22291024906E43D135A4B1705FEAC, C1B66012799D247033E8AB8386B51BC86A4E2255E6D0B163AC000B215C51B42A ] C:\Windows\System32\sppwinob.dll
05:48:06.0045 0x0b60 C:\Windows\System32\sppwinob.dll - ok
05:48:06.0045 0x0b60 [ 210FCACAF902B2CD47CF9FD17D846146, 3F77AC721E084864C5966FF5337A90185F62203DC19C685328675500D629CB87 ] C:\Windows\System32\aeevts.dll
05:48:06.0045 0x0b60 C:\Windows\System32\aeevts.dll - ok
05:48:06.0045 0x0b60 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE, A734A20357026C42950394682A52CBC3AF956D09F1949E1B4E95467E999BC428 ] C:\Windows\System32\wbemcomn.dll
05:48:06.0045 0x0b60 C:\Windows\System32\wbemcomn.dll - ok
05:48:06.0061 0x0b60 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] C:\Windows\System32\drivers\srv.sys
05:48:06.0061 0x0b60 C:\Windows\System32\drivers\srv.sys - ok
05:48:06.0061 0x0b60 [ 27B9E163740A226B65E4B9E186117911, 17411C6A6C1E699BC4B0C04D782FD9AA09CF577DBA41E743F7588904D489CB9F ] C:\Windows\System32\sqmapi.dll
05:48:06.0061 0x0b60 C:\Windows\System32\sqmapi.dll - ok
05:48:06.0061 0x0b60 [ 7B38D7916A7CD058C16A0A6CA5077901, 3F6DD990E2DA5D3BD6D65A72CBFB0FE79EB30B118A8AD71B6C9BB5581A622DCE ] C:\Windows\System32\wdscore.dll
05:48:06.0061 0x0b60 C:\Windows\System32\wdscore.dll - ok
05:48:06.0077 0x0b60 [ 0C52762C606BCF6A377D5E4688191A6B, C58C9A73AD07E3B93AB186D0D47C5F1CB7197771DBEE40646C3B801645BB388F ] C:\Windows\System32\wbem\WmiDcPrv.dll
05:48:06.0077 0x0b60 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
05:48:06.0077 0x0b60 [ CFEFA40DDE34659BE5211966EAD86437, AC0A3AD8AA47012C40785013E2273FC571F416BC9C9FFDA418FE72B3123C1FB0 ] C:\Windows\System32\netmsg.dll
05:48:06.0077 0x0b60 C:\Windows\System32\netmsg.dll - ok
05:48:06.0077 0x0b60 [ 0255C22D99602534F15CBB8D9B6F152F, 43CD89D6CA56E0B633142F7C86DA9E072EE0723B5EBC4CE8CCBCA58C396ECF54 ] C:\Windows\System32\wbem\WinMgmtR.dll
05:48:06.0077 0x0b60 C:\Windows\System32\wbem\WinMgmtR.dll - ok
05:48:06.0092 0x0b60 [ 2B373B5F7E36B5ED5DA176D4400EF091, A7E220CC3661429D786693B277A7F39D5D9E24284B1D9E55DB6295AF7D97D104 ] C:\Windows\System32\sppobjs.dll
05:48:06.0092 0x0b60 C:\Windows\System32\sppobjs.dll - ok
05:48:06.0092 0x0b60 [ 03706015DB44368375AEBE6339490E66, 02EB28B5156E320C1EBABC03D37E94EB770A721B99E1DD276F8DC2A50D76C381 ] C:\Windows\System32\netcfgx.dll
05:48:06.0092 0x0b60 C:\Windows\System32\netcfgx.dll - ok
05:48:06.0092 0x0b60 [ FEB91B4DA0D540865260A33838654FA3, 8636B008BA329D3E6CC235D08BA4C914EFF45DBFCB9297C893CCDA8D907BA946 ] C:\Windows\System32\nci.dll
05:48:06.0092 0x0b60 C:\Windows\System32\nci.dll - ok
05:48:06.0108 0x0b60 [ 3B367397320C26DBA890B260F80D1B1B, 50BBE71B4380B5E86E197AF86F5C08266DD6B12344BA4ABDEA604B8C774C4147 ] C:\Windows\System32\hnetcfg.dll
05:48:06.0108 0x0b60 C:\Windows\System32\hnetcfg.dll - ok
05:48:06.0108 0x0b60 [ 666A60F6F5E719856FF6254E0966EFF7, 58C072E7E215991E19C1CA062C476081982F7B9F039714539AE7FEB4981C200F ] C:\Windows\System32\wbem\wbemprox.dll
05:48:06.0108 0x0b60 C:\Windows\System32\wbem\wbemprox.dll - ok
05:48:06.0108 0x0b60 [ 81749E073AC5857B044A686B406E5244, 3884EE705CA34235B29942FEDA8FEA654A21139B8C2A1D5E009C7D07D6E6ADF1 ] C:\Windows\System32\clusapi.dll
05:48:06.0108 0x0b60 C:\Windows\System32\clusapi.dll - ok
05:48:06.0123 0x0b60 [ FF80CAD87555E8E4D2CFD7B9058343F8, 07653773FBEC1996408B8507B08E0E1E812830063F932F897F4B39EE63DDCDC4 ] C:\Windows\System32\sscore.dll
05:48:06.0123 0x0b60 C:\Windows\System32\sscore.dll - ok
05:48:06.0123 0x0b60 [ 344FCC9850C3A8A3B4D3C65151AF8E4C, C38853454E153B1AB4AEAE1AAFB7CB4B2E6234208CF24C09F3B2AFE25E271C5C ] C:\Windows\System32\resutils.dll
05:48:06.0123 0x0b60 C:\Windows\System32\resutils.dll - ok
05:48:06.0123 0x0b60 [ A3F5E8EC1316C3E2562B82694A251C9E, F3DC6AA6A9D3B5BBC730668FC52C1D4BB5D515D404578BDDD3D4869A7ED58822 ] C:\Windows\System32\wbem\fastprox.dll
05:48:06.0123 0x0b60 C:\Windows\System32\wbem\fastprox.dll - ok
05:48:06.0139 0x0b60 [ EE26D130808D16C0E417BBBED0451B34, 4886DCE4FAEF146A40BABD492A8000A2022FEA542A6135A9BAFD4CD09297B4E5 ] C:\Windows\System32\ntdsapi.dll
05:48:06.0139 0x0b60 C:\Windows\System32\ntdsapi.dll - ok
05:48:06.0139 0x0b60 [ 5EB55F661DEBF156E126160BCD4D89F8, 948D1F627AA55D55FB3B558BA61B8366C5481A6041820631F24408F75EA5D2CC ] C:\Windows\System32\wbem\wbemcore.dll
05:48:06.0139 0x0b60 C:\Windows\System32\wbem\wbemcore.dll - ok
05:48:06.0139 0x0b60 [ 087D8668C71634A3A3761135ABF16EEE, B7348A63299CFF4FFBF375E645A4850AE0F108D48D13AB25434CFAE7CF3D61FD ] C:\Windows\System32\wbem\esscli.dll
05:48:06.0139 0x0b60 C:\Windows\System32\wbem\esscli.dll - ok
05:48:06.0155 0x0b60 [ 718B6F51AB7F6FE2988A36868F9AD3AB, 76141B4E94C2766E2C34CEF523092948771A7893212EFADBE88D2171B85FF012 ] C:\Windows\System32\wbem\wbemsvc.dll
05:48:06.0155 0x0b60 C:\Windows\System32\wbem\wbemsvc.dll - ok
05:48:06.0155 0x0b60 [ 0143DB80DACFB7C2B5B7009ED9063353, 252885CF7C1BAB89B86908373546E5F5D674BEF7AACBDDCF321AD877CB9150A9 ] C:\Windows\System32\wbem\wmiutils.dll
05:48:06.0155 0x0b60 C:\Windows\System32\wbem\wmiutils.dll - ok
05:48:06.0155 0x0b60 [ 0AB34456654C283DAA13B8D2BA21439B, 4B70FC5195DE39564E951C8542020BA3D4257E3D4488F69825F67A6099CB7549 ] C:\Windows\System32\wbem\repdrvfs.dll
05:48:06.0155 0x0b60 C:\Windows\System32\wbem\repdrvfs.dll - ok
05:48:06.0170 0x0b60 [ 88351B29B622B30962D2FEB6CA8D860B, A16CAD7D94C1C9807083BB36E9B4C3C14E6482C4CA2BDFACBCC86E737DDCE42E ] C:\Windows\System32\rasadhlp.dll
05:48:06.0170 0x0b60 C:\Windows\System32\rasadhlp.dll - ok
05:48:06.0186 0x0b60 [ DDD0357A92FA843EFF8915ED17253D6C, 0C78B1D41F0A7821186ADF653504F2BFF067CB512CB0E932047C301378BBADB6 ] C:\Windows\System32\wbem\WmiPrvSD.dll
05:48:06.0186 0x0b60 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
05:48:06.0186 0x0b60 [ D41FEBD098234F02485A4EA98D4730A4, 462DC8168C444F35B43BA3B8F7D77734665D84F1C6D25CAD7391C0145961628F ] C:\Windows\System32\ncobjapi.dll
05:48:06.0186 0x0b60 C:\Windows\System32\ncobjapi.dll - ok
05:48:06.0186 0x0b60 [ 6F40D6FB05E0C1E5402812B426971AF0, E41F138F0F2DB057F8DBB1587237C6FA8A2059B3D64EC894D1DC492A18DBBDED ] C:\Windows\System32\wbem\wbemess.dll
05:48:06.0186 0x0b60 C:\Windows\System32\wbem\wbemess.dll - ok
05:48:06.0201 0x0b60 [ DCEE3592299B2229A0DB98CB415059A2, 709AAA095DF44DDCB6159CE1635AB05EC666D845445790E569F56B297DC64AC3 ] C:\Program Files\Microsoft Security Client\NisSrv.exe
05:48:06.0201 0x0b60 C:\Program Files\Microsoft Security Client\NisSrv.exe - ok
05:48:06.0201 0x0b60 [ B7762D1AEAAE5C4AAA5F1677EC3B1512, DC075848BC8F74B583354320BFC87E231CB39F6470A2FC3307ECCDFB13751BF9 ] C:\Program Files\Microsoft Security Client\NisLog.dll
05:48:06.0201 0x0b60 C:\Program Files\Microsoft Security Client\NisLog.dll - ok
05:48:06.0217 0x0b60 [ 4449D23E8F197862F1B16F1E6C89C36C, 93AF52BF8E870C0381F027D3BB8F6829E449242074472F1593EB8172D7EB6559 ] C:\Windows\System32\diagperf.dll
05:48:06.0217 0x0b60 C:\Windows\System32\diagperf.dll - ok
05:48:06.0217 0x0b60 [ BF4AC709BE5BF64F331F5D67773A0C82, 96E5A2A12D386B8A7976FEC76FD350E6A3EEBDF5763F4BBF4AB18880E9F269E0 ] C:\Windows\System32\perftrack.dll
05:48:06.0217 0x0b60 C:\Windows\System32\perftrack.dll - ok
05:48:06.0217 0x0b60 [ E64D9EC8018C55873B40FDEE9DBEF5B3, 2DB11E7C631A9887CB75AFEAD2C79EC65F82C51F5F073CEFC8CDDF664EFF29C1 ] C:\Windows\System32\PortableDeviceApi.dll
05:48:06.0217 0x0b60 C:\Windows\System32\PortableDeviceApi.dll - ok
05:48:06.0233 0x0b60 [ AFA79C343F9D1555F7E5D5FA70BB2A14, 440EF3ADC1F5C7A5ED3E872C8D8DFA61B039454C3CA67F8A51CA8BDCFDC4BA4A ] C:\Windows\System32\PortableDeviceConnectApi.dll
05:48:06.0233 0x0b60 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
05:48:06.0233 0x0b60 [ 9FCA3A84338ADEF2AFF67CDA46EF8539, 087DF72096852AE98C56990EE6E68835BE95E7E49ECDDE8B54DAC11C9E07FE94 ] C:\Windows\System32\umb.dll
05:48:06.0233 0x0b60 C:\Windows\System32\umb.dll - ok
05:48:06.0233 0x0b60 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] C:\Windows\System32\drivers\WUDFRd.sys
05:48:06.0233 0x0b60 C:\Windows\System32\drivers\WUDFRd.sys - ok
05:48:06.0248 0x0b60 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65, 914AD22D98975578BC14D821F72E8DFCE24F2092F9C299D24EBBAF5408FE8B8B ] C:\Windows\System32\wer.dll
05:48:06.0248 0x0b60 C:\Windows\System32\wer.dll - ok
05:48:06.0248 0x0b60 [ E1B22739C933BE33F53DB58C5393ADD3, 26EE0DD091D2E00DECC774DC1EEDFFDE69AF74B0C769CCBE091AFC32C66E4207 ] C:\Windows\System32\Apphlpdm.dll
05:48:06.0248 0x0b60 C:\Windows\System32\Apphlpdm.dll - ok
05:48:06.0264 0x0b60 [ F7073C962C4FB7C415565DDE109DE49F, 781E7088DCEFBC34A808C3E7DA41A56112B3F23ABE9F54B5EF4D5CD9CD016B1D ] C:\Windows\System32\npmproxy.dll
05:48:06.0264 0x0b60 C:\Windows\System32\npmproxy.dll - ok
05:48:06.0264 0x0b60 [ 9719E3D834F5C8C43F56A93DFA497023, 4D78D4BD4835C0A237821967156C19DF4B90384A6BCB1F48CEAF35D003A0099A ] C:\Windows\System32\pnpts.dll
05:48:06.0264 0x0b60 C:\Windows\System32\pnpts.dll - ok
05:48:06.0279 0x0b60 [ A8EDB86FC2A4D6D1285E4C70384AC35A, 61B8955CE0A2AA9D0719920B30216717B349B6FBE11C697C31CFA84F859CC1AE ] C:\Windows\System32\dllhost.exe
05:48:06.0279 0x0b60 C:\Windows\System32\dllhost.exe - ok
05:48:06.0279 0x0b60 [ 46863C4CC5B68EB09EA2D5EEF0F1193A, 9B5593E1F484AC8F96F89A5995FB1FE9C51CB2F0F545607F6850751191150CFE ] C:\Windows\System32\radardt.dll
05:48:06.0279 0x0b60 C:\Windows\System32\radardt.dll - ok
05:48:06.0279 0x0b60 [ E811F8510B133E70CF6E509FB809824F, 82541F2B15748250462B67B6C77530D4F7C45A1482237EC49B28F9FA5A414108 ] C:\Windows\System32\wdiasqmmodule.dll
05:48:06.0279 0x0b60 C:\Windows\System32\wdiasqmmodule.dll - ok
05:48:06.0295 0x0b60 [ 14DFDEAF4E589ED3F1FF187A86B9408C, 86D383D5B90A86556521C62C50F7BE0306FCD24FD86A8A37E8320FAE948531EB ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
05:48:06.0295 0x0b60 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
05:48:06.0295 0x0b60 [ 7A865523E3E0F4FA421787FAED4A04CD, E8A3F10D44E1EB704BFAB5B69C541AC80F52E16061AA7ADF1AB0827860D3FE90 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C1032175-AD63-40A8-B3C6-EB6B359BD3E0}\gapaengine.dll
05:48:06.0295 0x0b60 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C1032175-AD63-40A8-B3C6-EB6B359BD3E0}\gapaengine.dll - ok
05:48:06.0295 0x0b60 [ B97DDC89024A70CB6058FA7D70029A56, 53B87D9DC07E715C1DB34D1049E1B3AEAE4B7A724AFA6DEAD8E476C0982D5451 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C1032175-AD63-40A8-B3C6-EB6B359BD3E0}\nisfull.vdm
05:48:06.0295 0x0b60 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C1032175-AD63-40A8-B3C6-EB6B359BD3E0}\nisfull.vdm - ok
05:48:06.0311 0x0b60 [ A0A2C1D812C231C9BFE119FDC68E341B, F94446594EE17505956A715DFB28B51D09F00A7A65E56950661B889A57DE8FA8 ] C:\Windows\System32\IDStore.dll
05:48:06.0311 0x0b60 C:\Windows\System32\IDStore.dll - ok
05:48:06.0311 0x0b60 [ 92E0508D924512F63FFEEFE498CBD11F, 1158011E4A1298DEC79133B40888AA87B06F5B64BA2AB461B58C22F5F9211D0C ] C:\Windows\System32\p2pcollab.dll
05:48:06.0311 0x0b60 C:\Windows\System32\p2pcollab.dll - ok
05:48:06.0311 0x0b60 [ 58A0CDABEA255616827B1C22C9994466, 4FE1140AA8D3995579DE8CDF4ECAD1978804D05351EABB4079A63B303EF1B451 ] C:\Windows\System32\NapiNSP.dll
05:48:06.0326 0x0b60 C:\Windows\System32\NapiNSP.dll - ok
05:48:06.0326 0x0b60 [ 613C8CE10A5FDE582BA5FA64C4D56AAA, 30507B6BA79E1A271B07BBA58B4FF463678BE0960266A1D5E88031E932D768B6 ] C:\Windows\System32\pnrpnsp.dll
05:48:06.0326 0x0b60 C:\Windows\System32\pnrpnsp.dll - ok
05:48:06.0326 0x0b60 [ 517110BD83835338C037269E603DB55D, 499A803DE14905F2FF7BCA56D81CC983E16A8D9CEA93EC4B84A06A366E7CB939 ] C:\Windows\System32\taskhost.exe
05:48:06.0326 0x0b60 C:\Windows\System32\taskhost.exe - ok
05:48:06.0326 0x0b60 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B, 2DFBD792B68F3EBEF0843183CAE5D52B6FA04163808AFACF6C0D738455898C36 ] C:\Windows\System32\fveui.dll
05:48:06.0326 0x0b60 C:\Windows\System32\fveui.dll - ok
05:48:06.0342 0x0b60 [ 2E2072EB48238FCA8FBB7A9F5FABAC45, AC70B9FC24847EEC2E18008F2894DCDAC19A9C90D5D88729326E493CA524F5C3 ] C:\Windows\System32\winrnr.dll
05:48:06.0342 0x0b60 C:\Windows\System32\winrnr.dll - ok
05:48:06.0342 0x0b60 [ 863F793D15B4026B1A5FDECA873D4D84, AF7ABD95BB5467551562F129F03C7AC9D52A021F7E547609F40A80E66932C942 ] C:\Windows\SysWOW64\apphelp.dll
05:48:06.0342 0x0b60 C:\Windows\SysWOW64\apphelp.dll - ok
05:48:06.0357 0x0b60 [ D1D5DAB39DCB4BE0359943738D87409B, 0BA45FE28568E852502879AE83C081517BB8103359BD5783328833EC59A54681 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
05:48:06.0357 0x0b60 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe - ok
05:48:06.0357 0x0b60 [ 99B91C5D2FCEF218CAD3600ECB62A799, E28F2903F86D39C5A69B5F89CCD6594E93A1BF1E4ACD613A0F2E2348DFA88D65 ] C:\Windows\System32\msxml6.dll
05:48:06.0357 0x0b60 C:\Windows\System32\msxml6.dll - ok
05:48:06.0357 0x0b60 [ 9BB99503D6A4DD62569EDE9E5E2672A5, 6F4EA5BC50B1F929735246485263078BEF1B3BEB33F78CB1F483F13AA226C27E ] C:\Windows\System32\HotStartUserAgent.dll
05:48:06.0357 0x0b60 C:\Windows\System32\HotStartUserAgent.dll - ok
05:48:06.0373 0x0b60 [ 6CEF7856A3EFAC59470F6208F0F585CE, 0F7A80DB821FDE6580E9481B6DA44844F717DDB4983B0E3D562BE43726153951 ] C:\Windows\System32\mpr.dll
05:48:06.0373 0x0b60 C:\Windows\System32\mpr.dll - ok
05:48:06.0373 0x0b60 [ 03A03A453F1AAAE0C73AAAF895321C7A, BB46C581347EDA9CAF287E24163A593F07BD723E1C250ADD8E5C46BB349B668C ] C:\Windows\SysWOW64\FWPUCLNT.DLL
05:48:06.0373 0x0b60 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
05:48:06.0373 0x0b60 [ 43964FA89CCF97BA6BE34D69455AC65F, 10E3B89A5470E1BB6F73382135DD2352F5073C1EE8485D7476CFB5122D4AAA2F ] C:\Windows\SysWOW64\uxtheme.dll
05:48:06.0373 0x0b60 C:\Windows\SysWOW64\uxtheme.dll - ok
05:48:06.0389 0x0b60 [ 39C5F32747B3414D1BB216FDB1DEFC58, 6FAE64CB9748304090113903A5AE9E7154BE16BA2EEA7AB3EF04AB9D79B81380 ] C:\Windows\SysWOW64\dwmapi.dll
05:48:06.0389 0x0b60 C:\Windows\SysWOW64\dwmapi.dll - ok
05:48:06.0389 0x0b60 [ 7F8678C59F188528D60104E697C2361E, 9B4D262B10CB09543ACA9A78482F4EDD905791D2C8C518B574EBA440A71A85B7 ] C:\Windows\SysWOW64\mscms.dll
05:48:06.0389 0x0b60 C:\Windows\SysWOW64\mscms.dll - ok
05:48:06.0389 0x0b60 [ F58516E2DC0D963EF70D6BFC21FD82C4, 5689BF12B43BE0D6BFBD6B9122A2FF53FCEC766A58A0F3C6B88AE504ACB10E04 ] C:\Windows\SysWOW64\PlaySndSrv.dll
05:48:06.0389 0x0b60 C:\Windows\SysWOW64\PlaySndSrv.dll - ok
05:48:06.0404 0x0b60 [ 61AC3EFDFACFDD3F0F11DD4FD4044223, 538FE1012FEDC72727A8DE0C2C01944B3D35C29812ECEF88E95AAC07235E0B0B ] C:\Windows\SysWOW64\userinit.exe
05:48:06.0404 0x0b60 C:\Windows\SysWOW64\userinit.exe - ok
05:48:06.0404 0x0b60 [ 94EEAC26F57811BD1AEFC164412F7FCE, 7390BCD7709D48DE75D7D6E06AA7356D1C58EE63F3CC2E07ABCD2E2FF6CC81CF ] C:\Windows\System32\PlaySndSrv.dll
05:48:06.0404 0x0b60 C:\Windows\System32\PlaySndSrv.dll - ok
05:48:06.0404 0x0b60 [ 8ABFE00F213F2571498F1B8FD7939A98, B557EC9EFD33612BAFE01FFD304B50EFB8C3C19763470560DA950B5AB4A9AC9C ] C:\Windows\System32\WUDFHost.exe
05:48:06.0404 0x0b60 C:\Windows\System32\WUDFHost.exe - ok
05:48:06.0420 0x0b60 [ BAFE84E637BF7388C96EF48D4D3FDD53, 11C194D9ADCE90027272C627D7FBF3BA5025FF0F7B26A8333F764E11E1382CF9 ] C:\Windows\System32\userinit.exe
05:48:06.0420 0x0b60 C:\Windows\System32\userinit.exe - ok
05:48:06.0420 0x0b60 [ C5C867CD7EFAC60D5021223E374DEEC5, 197FEE8F02DE348E75771AC9AD748EFB29939F1AAF02DA6555181EEF787FD099 ] C:\Windows\SysWOW64\dimsjob.dll
05:48:06.0420 0x0b60 C:\Windows\SysWOW64\dimsjob.dll - ok
05:48:06.0420 0x0b60 [ CE71B9119A258EDD0A05B37D7B0F92E3, D9310C5BBFE089B8C81E259C462EC1E6D7A7A87FA59FC1F174ED5C58D409AE7A ] C:\Windows\SysWOW64\bcrypt.dll
05:48:06.0420 0x0b60 C:\Windows\SysWOW64\bcrypt.dll - ok
05:48:06.0435 0x0b60 [ E629F1A051C82795DDFFD3E8D4855811, 6E4DFFEAB2795C98EA6DCAF10EA6D97413D0F8CA0C04869CB20B74FF4D6FE679 ] C:\Windows\System32\dimsjob.dll
05:48:06.0435 0x0b60 C:\Windows\System32\dimsjob.dll - ok
05:48:06.0435 0x0b60 [ 7F21DA4760CE9B4B1B12CBC58C2A642A, 48E9C94AA30B9CBBE949BA537C32D775B3891C1DE993C205F5DBD702A4E41DBF ] C:\Windows\SysWOW64\apisetschema.dll
05:48:06.0435 0x0b60 C:\Windows\SysWOW64\apisetschema.dll - ok
05:48:06.0435 0x0b60 [ EA67C653ECFED02D7DBFB889A908CAA9, 41A6859280888A4D194DB12522C00A0D076C868F8DCD2364FE654F9A84CB447F ] C:\Windows\SysWOW64\en-US\userinit.exe.mui
05:48:06.0435 0x0b60 C:\Windows\SysWOW64\en-US\userinit.exe.mui - ok
05:48:06.0451 0x0b60 [ 352B3DC62A0D259A82A052238425C872, 393B24E0D6007C74AEE2FB2EE2C18623D37DF64E279B6767952DCFEE0EACBB10 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
05:48:06.0451 0x0b60 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
05:48:06.0451 0x0b60 [ 10FB16B50AFFDA6D44588F3C445DC273, 6CDA17DA9B44D11E69F7C6682FA633EA75731623BB21B429A0FE2086ED4495A7 ] C:\Windows\SysWOW64\setupapi.dll
05:48:06.0451 0x0b60 C:\Windows\SysWOW64\setupapi.dll - ok
05:48:06.0467 0x0b60 [ F436E847FA799ECD75AD8C313673F450, 3C8BF3F0C08C7FA8DE5CD9C60AD9D00B742E84EB1FEBEEBA0F7159844BAAA471 ] C:\Windows\SysWOW64\cfgmgr32.dll
05:48:06.0467 0x0b60 C:\Windows\SysWOW64\cfgmgr32.dll - ok
05:48:06.0467 0x0b60 [ 6C765E82B57F2E66CE9C54AC238471D9, 97F410023F5C08B4BC5DBF89A642200E76F4025ADD9707C24FD89D673675BB43 ] C:\Windows\SysWOW64\oleaut32.dll
05:48:06.0467 0x0b60 C:\Windows\SysWOW64\oleaut32.dll - ok
05:48:06.0467 0x0b60 [ 2EEFF4502F5E13B1BED4A04CCAD64C08, 209FF1B6D46D1AC99518FCF54F2F726143B2DBF2C5FDA90212FBEF7526F7CBF5 ] C:\Windows\SysWOW64\devobj.dll
05:48:06.0467 0x0b60 C:\Windows\SysWOW64\devobj.dll - ok
05:48:06.0482 0x0b60 [ F35644387798488C62FB87B85BDC8B7C, 928F04ADB88D8FE5B3EBAB1AA67D41AEA4BC3D9BE9DBCBA3D0E207101C626DC7 ] C:\Windows\System32\en-US\WUDFHost.exe.mui
05:48:06.0482 0x0b60 C:\Windows\System32\en-US\WUDFHost.exe.mui - ok
05:48:06.0482 0x0b60 [ 3BFAA4560430DC2B1B86E7EAD4A63F91, B403428AA2A0258CAEE5AA77EA9E24E9F07B7C1717A89C501F6B7F9DB7C3D6AE ] C:\Windows\SysWOW64\en-US\setupapi.dll.mui
05:48:06.0482 0x0b60 C:\Windows\SysWOW64\en-US\setupapi.dll.mui - ok
05:48:06.0498 0x0b60 [ FCFCD1101C5DA23B4B95F93D02B2C169, 040A086875B6C5475490A2F8B0CF4FF20DDB4FEDFE5FCABBA49692AA05F40527 ] C:\Windows\System32\dwmredir.dll
05:48:06.0498 0x0b60 C:\Windows\System32\dwmredir.dll - ok
05:48:06.0498 0x0b60 [ 25AE683DCB4AE7E6F1B193A0CB9DB35F, 9DC4BE1A51A3E94DB05369222CFCBA2125DA519EAAC46823EAECD738974463EF ] C:\Windows\System32\WUDFx.dll
05:48:06.0498 0x0b60 C:\Windows\System32\WUDFx.dll - ok
05:48:06.0498 0x0b60 [ 91D6F0AB79AA36FFB932157865206F35, 5C20EA92737A4409DF4601D6D256DBC7A8D0AE4C31A32F20054E873473B27781 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
05:48:06.0498 0x0b60 C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
05:48:06.0513 0x0b60 [ 497E59D9F01C6F247E72222A61835119, 4C31900BA2F911B2A5AE8F7FCE267DCE17655B20A6B71CD4E38FE1B1692142D1 ] C:\Windows\SysWOW64\dwmcore.dll
05:48:06.0513 0x0b60 C:\Windows\SysWOW64\dwmcore.dll - ok
05:48:06.0513 0x0b60 [ AC4C51EB24AA95B77F705AB159189E24, 6A671B92A69755DE6FD063FCBE4BA926D83B49F78C42DBAEED8CDB6BBC57576A ] C:\Windows\explorer.exe
05:48:06.0513 0x0b60 C:\Windows\explorer.exe - ok
05:48:06.0529 0x0b60 [ 0F416E23DD2EB4DEBE70608020CFD283, 8762F519453F114EC3126698E3DD49F2C5AF79124DDBFC87DF08D1EC2B292235 ] C:\Windows\SysWOW64\WMVCORE.DLL
05:48:06.0529 0x0b60 C:\Windows\SysWOW64\WMVCORE.DLL - ok
05:48:06.0529 0x0b60 [ 045C408170B3B2390D26B8ED6B803A26, ACF9EF28130210718D1B0D3BCE3858FA1BD1DA103489F46B839FE41C76F1C851 ] C:\Windows\System32\en-US\taskhost.exe.mui
05:48:06.0529 0x0b60 C:\Windows\System32\en-US\taskhost.exe.mui - ok
05:48:06.0529 0x0b60 [ FF5688D309347F2720911D8796912834, 3B0D73C50D40A6F42629B7750F99F656BF5C1C50237D5F98B6C0F2CE5E2DA359 ] C:\Windows\SysWOW64\clbcatq.dll
05:48:06.0529 0x0b60 C:\Windows\SysWOW64\clbcatq.dll - ok
05:48:06.0545 0x0b60 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5, ADD7B965D6D4F1FB4DABF8E40E0322E1FDC4652CA8FD670F487D1E875B770759 ] C:\Windows\SysWOW64\WindowsCodecs.dll
05:48:06.0545 0x0b60 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
05:48:06.0545 0x0b60 [ B43687C534A49700BF4B3C9898763752, B4C371CB2C0EAC1803E6C845F629814B2CE4C568022EB6A1C9AC1F293BF74F40 ] C:\Windows\SysWOW64\MsCtfMonitor.dll
05:48:06.0545 0x0b60 C:\Windows\SysWOW64\MsCtfMonitor.dll - ok
05:48:06.0560 0x0b60 [ 6E05F39AF5B91CEE0D2A84501EEEDBD8, 5F88D52F049566980C94678C145E8E2B46D5AE8E91D71E9B731FDC5206FC3569 ] C:\Windows\SysWOW64\d3d10_1.dll
05:48:06.0560 0x0b60 C:\Windows\SysWOW64\d3d10_1.dll - ok
05:48:06.0560 0x0b60 [ 9C36A3CA80F9B204C670336D344F5DF8, 948A3BA92FC4D34288F80AA892D8EBFAEA23ECB764400E9A8F7DBF4681FEA337 ] C:\Windows\SysWOW64\d3d10_1core.dll
05:48:06.0560 0x0b60 C:\Windows\SysWOW64\d3d10_1core.dll - ok
05:48:06.0560 0x0b60 [ 0411B7958C524BB2E91EE1B3035FE321, B8F419DF52FCDC93FBA94DC6C90F98389CB24458158F6AE973D2ADEDAF33382E ] C:\Windows\SysWOW64\dxgi.dll
05:48:06.0560 0x0b60 C:\Windows\SysWOW64\dxgi.dll - ok
05:48:06.0576 0x0b60 [ 6C08AE2912385E82164224AD072803F1, C87A07A6A86707CF58706D1A5DB9065A1DF4F7F8A704D1B708BB47743B859DE0 ] C:\Windows\System32\en-US\dwm.exe.mui
05:48:06.0576 0x0b60 C:\Windows\System32\en-US\dwm.exe.mui - ok
05:48:06.0576 0x0b60 [ 08DFDBD2FD4EA951DC46B1C7661ED35A, D926530C659DDAF80770663F46F1EFD94FFB4AAB475C4E3367CB531AF4A734E1 ] C:\Windows\SysWOW64\powrprof.dll
05:48:06.0576 0x0b60 C:\Windows\SysWOW64\powrprof.dll - ok
05:48:06.0576 0x0b60 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA, 8A6ACEFAB95E5275CBFBE6CCB5A6C3A6A471260B279B9063E86B9C7765E18656 ] C:\Windows\System32\MsCtfMonitor.dll
05:48:06.0576 0x0b60 C:\Windows\System32\MsCtfMonitor.dll - ok
05:48:06.0591 0x0b60 [ 56CEED370508F69A1BA04939BD1BADDA, C84F383F2B3C9581F635E51DA39567F0B5ED2D847B18CCE51022BA4B2FA7EA8D ] C:\Windows\SysWOW64\msutb.dll
05:48:06.0591 0x0b60 C:\Windows\SysWOW64\msutb.dll - ok
05:48:06.0591 0x0b60 [ ED6EE83D61EBC683C2CD8E899EA6FEBE, F82592908D038C44D9F2E5C5B7BC663A2D370FC565F40420E1138A9E55F0E7EB ] C:\Windows\SysWOW64\rasadhlp.dll
05:48:06.0591 0x0b60 C:\Windows\SysWOW64\rasadhlp.dll - ok
05:48:06.0607 0x0b60 [ F09A9A1AD21FE618C4C8B0A0D830C886, 29831DDAB2AB105358FBC067CDF96428220B6743CD6019F6FE74BAC7AF325E7E ] C:\Windows\System32\msutb.dll
05:48:06.0607 0x0b60 C:\Windows\System32\msutb.dll - ok
05:48:06.0607 0x0b60 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC, D688381F42062FD5D868E7770857C5951C41BA20A1B6E6F60B5D9536C02CD293 ] C:\Windows\SysWOW64\taskschd.dll
05:48:06.0607 0x0b60 C:\Windows\SysWOW64\taskschd.dll - ok
05:48:06.0607 0x0b60 [ 54AF46DC37E63E1E85EB619033953309, C86C768CAA342479FEE8DA9A73D9046392D9EEDD58ED120E61C6E2A5BDCEFE5D ] C:\Windows\SysWOW64\d3d10level9.dll
05:48:06.0607 0x0b60 C:\Windows\SysWOW64\d3d10level9.dll - ok
05:48:06.0623 0x0b60 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] C:\Windows\SysWOW64\netprofm.dll
05:48:06.0623 0x0b60 C:\Windows\SysWOW64\netprofm.dll - ok
05:48:06.0623 0x0b60 [ 1F27643C4C626457FCE8F047AE1CD7E1, 68E2367B9AA21C1BDE7FEA566D5F0DBDF1E246CB53E949622F8EDC810AA95956 ] C:\Windows\SysWOW64\dxva2.dll
05:48:06.0623 0x0b60 C:\Windows\SysWOW64\dxva2.dll - ok
05:48:06.0623 0x0b60 [ B2742EA6ED844D747E2348A504E491CB, 38D2A3B32A77FE2ADCCACB74F7A8EAD6A4589A5E22D2A6E7DFEADACDAE66DA85 ] C:\Windows\System32\dxva2.dll
05:48:06.0623 0x0b60 C:\Windows\System32\dxva2.dll - ok
05:48:06.0638 0x0b60 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8, B1A9B2EF000917214C0198958CBD239D1D91B1720EC40DF041262A34D302AD74 ] C:\Windows\SysWOW64\winspool.drv
05:48:06.0638 0x0b60 C:\Windows\SysWOW64\winspool.drv - ok
05:48:06.0638 0x0b60 [ FF98798DC102EC4C1FC3E9C066D60C62, 591224081FB94273BE92D1518DA3F5D5803FFF6D70890EC942DA31FA065AA0A4 ] C:\Windows\System32\nvd3dumx.dll
05:48:06.0638 0x0b60 C:\Windows\System32\nvd3dumx.dll - ok
05:48:06.0654 0x0b60 [ 0015ACFBBDD164A8A730009908868CA7, E1FF243AD2CF959FAB81EFE701592414991C03416FF296ADC93906E76B707C4D ] C:\Windows\System32\winspool.drv
05:48:06.0654 0x0b60 C:\Windows\System32\winspool.drv - ok
05:48:06.0654 0x0b60 [ 49E5753D923F1AC63B22D3DCB0B47E00, 14CEC0BF5F625FF839A8D79B4A6B7C4AC0CBB705FD197C6B7FF8617C6C3E34FE ] C:\Windows\System32\uDWM.dll
05:48:06.0654 0x0b60 C:\Windows\System32\uDWM.dll - ok
05:48:06.0654 0x0b60 [ 8B74CEC6980D4816B0037AE9A27E538F, 8721EDB4C51BF6020002FA5DDB1987C68590F9F433A2F18D9756B2DAC7542CB6 ] C:\Windows\SysWOW64\slc.dll
05:48:06.0654 0x0b60 C:\Windows\SysWOW64\slc.dll - ok
05:48:06.0669 0x0b60 [ AF038A51B94E53B7F11A06EA9B69EA0C, 6DA5EF369E56D81BA737B65D69A3316D40096E52B1A1BEDB87A90F5DBF6925E2 ] C:\Windows\Resources\Themes\Aero\aero.msstyles
05:48:06.0669 0x0b60 C:\Windows\Resources\Themes\Aero\aero.msstyles - ok
05:48:06.0669 0x0b60 [ 4BA77A5EF71C14C764B0ED4701683E3E, 066A064CDBE09BF8BE1DF5B259F30FF6C124A1C3D637800D3E19E8E25EDB950E ] C:\Windows\System32\dwmcore.dll
05:48:06.0669 0x0b60 C:\Windows\System32\dwmcore.dll - ok
05:48:06.0669 0x0b60 [ D63BEE2A8B22482F7080A8D3F2E1A733, 20E2CC793E55548CA8F6EB7F02D51EEA7632E16302C9213705F3A9684AD9F41F ] C:\Windows\System32\d3d10_1.dll
05:48:06.0669 0x0b60 C:\Windows\System32\d3d10_1.dll - ok
05:48:06.0669 0x0b60 [ 426BA4E737A7988FD1202AF2F2B2F4A6, 3E84B1EF044C157B7B228AE86A4466BC7E24B2D85F07636D0119041E3D630A2F ] C:\Windows\System32\d3d10_1core.dll
05:48:06.0669 0x0b60 C:\Windows\System32\d3d10_1core.dll - ok
05:48:06.0685 0x0b60 [ F404E59DB6A0F122AB26BF4F3E2FD0FA, 47F30401D86006821475F911A3D5E9B23571F6A8B4A9942891298E33D070D5D5 ] C:\Windows\System32\dxgi.dll
05:48:06.0685 0x0b60 C:\Windows\System32\dxgi.dll - ok
05:48:06.0685 0x0b60 [ 5D11EBF91F2C7D87B9B1B49688965C13, 9D2F57A4EE33EABEC77831386DAD3B6EDA8DA483F4C155C0B0ED4B089AB95067 ] C:\Windows\System32\nvwgf2umx.dll
05:48:06.0685 0x0b60 C:\Windows\System32\nvwgf2umx.dll - ok
05:48:06.0685 0x0b60 [ AD976778C4B92F9EC4842295974E9BD9, 7C9E0FE019FD0C892DB015A93A67291FA52B186DD508758480B08711ABDE3C9D ] C:\Windows\System32\d3d10level9.dll
05:48:06.0685 0x0b60 C:\Windows\System32\d3d10level9.dll - ok
05:48:06.0701 0x0b60 [ 104A1070E90F1C530328E69B49718841, C5EBDD404F92E185467C390CC30DB4BD7BE0193536DD5708277662D4B0EA38D1 ] C:\Windows\SysWOW64\nlaapi.dll
05:48:06.0701 0x0b60 C:\Windows\SysWOW64\nlaapi.dll - ok
05:48:06.0701 0x0b60 [ 5997D769CDB108390DCFAEBF442BF816, 0E25CA984C0EEB629184423FAA9BC6D4356DF9A93F281E06DC83B4AC638AEC4A ] C:\Windows\SysWOW64\RpcRtRemote.dll
05:48:06.0701 0x0b60 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
05:48:06.0701 0x0b60 [ 8999B8631C7FD9F7F9EC3CAFD953BA24, 4E96D3EACCB1EF7DC429CAF433C2D4A0A129333B9AB10A05C32CA33C67DC26FA ] C:\Windows\SysWOW64\mswsock.dll
05:48:06.0701 0x0b60 C:\Windows\SysWOW64\mswsock.dll - ok
05:48:06.0716 0x0b60 [ 15E298B5EC5B89C5994A59863969D9FF, 8D38B2E023462D0804F72E907D11FF72CE84540EA3B8D83F411C602C3F6A1177 ] C:\Windows\SysWOW64\npmproxy.dll
05:48:06.0716 0x0b60 C:\Windows\SysWOW64\npmproxy.dll - ok
05:48:06.0716 0x0b60 [ 73E8667A19FEEDD856DF2695E9E511D4, 68D66C36D1F293D10ADCC6A33C870F989A29743537592CF172F02E794BEAFD1C ] C:\Windows\SysWOW64\wship6.dll
05:48:06.0716 0x0b60 C:\Windows\SysWOW64\wship6.dll - ok
05:48:06.0716 0x0b60 [ EE5C8E27C37B79CB54A2FCEEED2DC262, 0A5E200FD65A491756B951A4A0ED39B88B7B313E97C2BBF3C91AC4C290772BB7 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
05:48:06.0716 0x0b60 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
05:48:06.0732 0x0b60 [ 14486EB6AF542F2BD3239F7FC3E713F7, C084C653CF6C63D7B4DB08CBDE2CAF059019D276BCACD923A29D22E69055012C ] C:\Windows\SysWOW64\pautoenr.dll
05:48:06.0732 0x0b60 C:\Windows\SysWOW64\pautoenr.dll - ok
05:48:06.0732 0x0b60 [ 35CB97CBC3EDC463418ED4997AAB29B6, EE60EABE2D87CEDD68FB8985B6C5D70930015FB2B8DB9FDCB4044587BC6ECA4C ] C:\Windows\System32\pautoenr.dll
05:48:06.0732 0x0b60 C:\Windows\System32\pautoenr.dll - ok
05:48:06.0747 0x0b60 [ 61B1ED5F429EFAC7E2036769870AB93E, 628CF28434C5DFB81B76B90BEA4CDD9EB1E4B0971BEE24136A09490F9439E00E ] C:\Windows\SysWOW64\certcli.dll
05:48:06.0747 0x0b60 C:\Windows\SysWOW64\certcli.dll - ok
05:48:06.0747 0x0b60 [ A7DD56261518373F70F23079EB3CD0A2, 4BC8DC1744DA5C062DEA5BE122CBAE948810536116BBA747844556783768F1F6 ] C:\Windows\SysWOW64\WMASF.DLL
05:48:06.0747 0x0b60 C:\Windows\SysWOW64\WMASF.DLL - ok
05:48:06.0747 0x0b60 [ 94DFBB481BF51158B216E23C5C1C9D6E, 0199086A70B9B63E48A7A15C8AE5442E9C6BC0173BD80A104DE1BE6A6C25F202 ] C:\Windows\System32\certcli.dll
05:48:06.0747 0x0b60 C:\Windows\System32\certcli.dll - ok
05:48:06.0763 0x0b60 [ F10E5311E5093FA3C00FF88C54C32FCA, B557F5B00D77F030850D9AAC0FFEFC4C2A759EC4081C8459C9DEAE51BAAACC65 ] C:\Windows\SysWOW64\atl.dll
05:48:06.0763 0x0b60 C:\Windows\SysWOW64\atl.dll - ok
05:48:06.0763 0x0b60 [ 29BC473072568C072EC8B176498DE996, D3A4DB88BECA8AB3F8722E499548EFEC63022C1CE38F526AFBDA76DDBA8E9064 ] C:\Windows\SysWOW64\CertEnroll.dll
05:48:06.0763 0x0b60 C:\Windows\SysWOW64\CertEnroll.dll - ok
05:48:06.0763 0x0b60 [ 263B26106606A010CF877472B535E4BB, 43ECE89E428D2BB34244894BEBA1B946B0767649D15B1C715223E4E471A9E504 ] C:\Windows\System32\CertEnroll.dll
05:48:06.0763 0x0b60 C:\Windows\System32\CertEnroll.dll - ok
05:48:06.0779 0x0b60 [ 2F040CF0613A6D64DCBBA9EE81F5A5AE, DA16117429AF47230CD7C136407C81951B8D2E45A8B7A9DC6948407AA2EC4ADD ] C:\Windows\SysWOW64\dsrole.dll
05:48:06.0779 0x0b60 C:\Windows\SysWOW64\dsrole.dll - ok
05:48:06.0779 0x0b60 [ 81490FDAE27F0082E5CC2DC78DCA96FA, 0D05DD1591A851136A7AD4BDEB389070BE19900521D5E0FA4CE37302783615BE ] C:\Windows\SysWOW64\PortableDeviceClassExtension.dll
05:48:06.0779 0x0b60 C:\Windows\SysWOW64\PortableDeviceClassExtension.dll - ok
05:48:06.0779 0x0b60 [ ADB45A977BD9E45790CA496DB84BA148, BB251C9A5D2F5C6BDFB22C6BA235748472FC28AF2ADAF1CE7948352301DDE3C1 ] C:\Windows\SysWOW64\PortableDeviceTypes.dll
05:48:06.0779 0x0b60 C:\Windows\SysWOW64\PortableDeviceTypes.dll - ok
05:48:06.0794 0x0b60 [ 12C45E3CB6D65F73209549E2D02ECA7A, 9DFD9C58B90257C34D52B7156C1D2566BE32EE7BD4699DDE164A5F190EC4D44A ] C:\Windows\SysWOW64\propsys.dll
05:48:06.0794 0x0b60 C:\Windows\SysWOW64\propsys.dll - ok
05:48:06.0794 0x0b60 [ E2A17BCC08D92F42E08AF6BA2F93ABA7, 5FC9D47BF4B1094BECC0C0DDCD5CD4318DD3E4495D982F8785331616D5B82599 ] C:\Windows\SysWOW64\ExplorerFrame.dll
05:48:06.0794 0x0b60 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
05:48:06.0810 0x0b60 [ 6E1F8165C365D35C8E3C045AF0CDD481, B861360D0A014265A0BEB4CC2FE31EA05AE95120E8B07820C13A044D64C00E2B ] C:\Windows\SysWOW64\duser.dll
05:48:06.0810 0x0b60 C:\Windows\SysWOW64\duser.dll - ok
05:48:06.0810 0x0b60 [ EE06B85BC69F18826302348A2AD089E0, 417205797CC9F6C986A863A61179784D9ADCAF1961EF8A4D9042D73C5A86509A ] C:\Windows\SysWOW64\dui70.dll
05:48:06.0810 0x0b60 C:\Windows\SysWOW64\dui70.dll - ok
05:48:06.0810 0x0b60 [ 9864D52F15AD32094A636C6B5281D9E7, 2DBECE721AA11509F6D5005C5FB965EB0DF28729D0B6C524BB35603C1243BA42 ] C:\Windows\System32\WMVCORE.DLL
05:48:06.0810 0x0b60 C:\Windows\System32\WMVCORE.DLL - ok
05:48:06.0825 0x0b60 [ F93674263F6B07C77956E966953242D9, 0BEE8864DB2925A2B3B7CD76FCF9A4CA3757F4E4670BB2C3A3105D5A591740CB ] C:\Windows\SysWOW64\secur32.dll
05:48:06.0825 0x0b60 C:\Windows\SysWOW64\secur32.dll - ok
05:48:06.0825 0x0b60 [ 4B87EEFDC8E253F846A7DFB49A8E6C70, 4CC514A7D9AFAE763CDD21932EE722AE4A787C968BAB971C3B1D30044151CFE3 ] C:\Windows\en-US\explorer.exe.mui
05:48:06.0825 0x0b60 C:\Windows\en-US\explorer.exe.mui - ok
05:48:06.0825 0x0b60 [ AACC48FE239F0DF126DA2F28930A5B83, D55E7D9AA79B1875E9074CFFBBCD484024902566B49806A8639B5C04847DFF89 ] C:\Windows\System32\WMASF.DLL
05:48:06.0825 0x0b60 C:\Windows\System32\WMASF.DLL - ok
05:48:06.0841 0x0b60 [ 389CA818132C1D7DCF0C791E8D9035DE, 5E54799F92CC604FABEF2F97AFD97F9CAD70D01BCDBC41FAC408D60821927C12 ] C:\Windows\System32\PortableDeviceClassExtension.dll
05:48:06.0841 0x0b60 C:\Windows\System32\PortableDeviceClassExtension.dll - ok
05:48:06.0841 0x0b60 [ 4F3CD1C59EA71401E155C432BCECE180, 6D4118A627CAE509E43D0CC0062EECAA0990C955BB15AE24834460551B2F51A2 ] C:\Windows\System32\PortableDeviceTypes.dll
05:48:06.0841 0x0b60 C:\Windows\System32\PortableDeviceTypes.dll - ok
05:48:06.0841 0x0b60 [ 846D0E4DB261CFAF363902E41498E961, D7E5591B7604FD583AF7FDA19E30928B24A6145318A3944E7D207F0CCEEB30D0 ] C:\Windows\SysWOW64\EhStorShell.dll
05:48:06.0841 0x0b60 C:\Windows\SysWOW64\EhStorShell.dll - ok
05:48:06.0857 0x0b60 [ 32802C0F6FC7C8F561B9D91F52A46421, EE02CF54FC3626D85849EF14D9B7B57419F12D1DD0735C25ECBD987EE53F634B ] C:\Windows\System32\cscui.dll
05:48:06.0857 0x0b60 C:\Windows\System32\cscui.dll - ok
05:48:06.0857 0x0b60 [ 57A51217581614DE07F30E34D6BB4993, 19D06DCCF1B39DFE4FF269C5C4001E60837296411EB8E169CE142DEFAA3D94FA ] C:\Windows\SysWOW64\cscdll.dll
05:48:06.0857 0x0b60 C:\Windows\SysWOW64\cscdll.dll - ok
05:48:06.0872 0x0b60 [ 465BEA35F7ED4A4A57686DEA7EA10F47, 7F1B3CA09AB045F805DA5765BE7DD270F5DDACE3073017F7386FF1E2FA82D6FB ] C:\Windows\SysWOW64\cscapi.dll
05:48:06.0872 0x0b60 C:\Windows\SysWOW64\cscapi.dll - ok
05:48:06.0872 0x0b60 [ 03F3B770DFBED6131653CEDA8CA780F0, 77373919DCA647F09851E7E460AE78FBD89F21516B961F84AC4446304E51E09C ] C:\Windows\SysWOW64\ntshrui.dll
05:48:06.0872 0x0b60 C:\Windows\SysWOW64\ntshrui.dll - ok
05:48:06.0872 0x0b60 [ 5CCDCD40E732D54E0F7451AC66AC1C87, 66F4DA105BD72E41250CD59E2B3CD931B47AC9FDB6C784B9E33C5EE1AC29841F ] C:\Windows\SysWOW64\srvcli.dll
05:48:06.0872 0x0b60 C:\Windows\SysWOW64\srvcli.dll - ok
05:48:06.0888 0x0b60 [ 827CB0D6C3F8057EA037FF271F8E9795, 82760DBDDD38D2A31CAAF51D065DF4E7E1D0F0C22733A0AF653776EBF7B79470 ] C:\Windows\SysWOW64\imageres.dll
05:48:06.0888 0x0b60 C:\Windows\SysWOW64\imageres.dll - ok
05:48:06.0888 0x0b60 [ 5704351536FDEACEBC4291D570826F17, 084CD39CE6AD1D70749E9335293CC58D0736E3134E5BD70DFF4EC234DB45454B ] C:\Windows\SysWOW64\en-US\imageres.dll.mui
05:48:06.0888 0x0b60 C:\Windows\SysWOW64\en-US\imageres.dll.mui - ok
05:48:06.0903 0x0b60 [ 523CF74A52C9A1762DA8B83AEE734498, 5A739182B916738B611E1BBA9098F8BCC8C4E2CC2CFEFD1BC5CE7941D11CEDFD ] C:\Windows\SysWOW64\IconCodecService.dll
05:48:06.0903 0x0b60 C:\Windows\SysWOW64\IconCodecService.dll - ok
05:48:06.0903 0x0b60 [ C0B8B96D018849FD8CCF15FED84E8782, E107AA4ADE150DC309C39BBF47292E7A7F8DD439FAB30791676BC8A1133B9AFD ] C:\Windows\SysWOW64\ie4uinit.exe
05:48:06.0903 0x0b60 C:\Windows\SysWOW64\ie4uinit.exe - ok
05:48:06.0903 0x0b60 [ 09D276DFE1868BFDE10106295557DF89, E5C3E3C0A834E2F2C03FAF38F41CFE3D8AD0896C3DE92BF2B36D163A6B048EAB ] C:\Windows\SysWOW64\en-US\ie4uinit.exe.mui
05:48:06.0903 0x0b60 C:\Windows\SysWOW64\en-US\ie4uinit.exe.mui - ok
05:48:06.0919 0x0b60 [ F0FEFB0B5D25A75D478A4317139D937E, CB6EB2891130A410A80F6A1BF0CAC66C429DB7D4ADD0D8484CA4F83D17856441 ] C:\Windows\SysWOW64\iedkcs32.dll
05:48:06.0919 0x0b60 C:\Windows\SysWOW64\iedkcs32.dll - ok
05:48:06.0919 0x0b60 [ 9072D360A2CC24ED1EFB1A63C2E02AA0, FD706012093130CDB635AB98B8E7CA4C95E33BF05C3347E35F5DFA415484849D ] C:\Windows\SysWOW64\en-US\iedkcs32.dll.mui
05:48:06.0919 0x0b60 C:\Windows\SysWOW64\en-US\iedkcs32.dll.mui - ok
05:48:06.0919 0x0b60 [ 647665442048D8FE581BF3D42ABBF49A, 6EAA55CB8D438E29462AF0A524EE6F46511B6A377212F9FA8D42E63CE3D697BE ] C:\Windows\SysWOW64\en-US\shell32.dll.mui
05:48:06.0919 0x0b60 C:\Windows\SysWOW64\en-US\shell32.dll.mui - ok
05:48:06.0935 0x0b60 [ 2CFA4569350B7F84F815E9EC34E85766, 8DE5F880F23435256E697C24BDDFA9B8994ACC3FAA063AF274BEC918FE012788 ] C:\Windows\SysWOW64\SndVolSSO.dll
05:48:06.0935 0x0b60 C:\Windows\SysWOW64\SndVolSSO.dll - ok
05:48:06.0935 0x0b60 [ 63DF770DF74ACB370EF5A16727069AAF, B8F96336BF87F1153C245D19606CBD10FBE7CF2795BCC762F2A1B57CB7C39116 ] C:\Windows\SysWOW64\hid.dll
05:48:06.0935 0x0b60 C:\Windows\SysWOW64\hid.dll - ok
05:48:06.0950 0x0b60 [ 243974EC02F7AE49E4179C54624143AB, 755FA67F7BF10E3C6336788D297FBAA70F28F630852A43A78D3F7D7E3A7ECED0 ] C:\Windows\SysWOW64\MMDevAPI.dll
05:48:06.0950 0x0b60 C:\Windows\SysWOW64\MMDevAPI.dll - ok
05:48:06.0950 0x0b60 [ 7E9917D5309A90E7576653BFE39F80D8, 3525795CA69EF165AAAA20C878A20DF5A5F183CF6F8358A0132A88153E6459C6 ] C:\Windows\SysWOW64\timedate.cpl
05:48:06.0950 0x0b60 C:\Windows\SysWOW64\timedate.cpl - ok
05:48:06.0950 0x0b60 [ 87E5117D11667B8BA763C61F2647B9F6, BA47FA8CA58CB2BD69E99690BBE633B1036FD2D00A99167801E434671583E8C4 ] C:\Windows\winsxs\amd64_microsoft.windows.c..-controls.resources_6595b64144ccf1df_6.0.7600.16385_en-us_106f9be843a9b4e3\comctl32.dll.mui
05:48:06.0950 0x0b60 C:\Windows\winsxs\amd64_microsoft.windows.c..-controls.resources_6595b64144ccf1df_6.0.7600.16385_en-us_106f9be843a9b4e3\comctl32.dll.mui - ok
05:48:06.0966 0x0b60 [ D2958325C1AE1AE37A83334C6229E3BC, D8263CB39A25447442B75A8D8E8111DF671D645DA90A33865C089DEDA9706904 ] C:\Windows\SysWOW64\actxprxy.dll
05:48:06.0966 0x0b60 C:\Windows\SysWOW64\actxprxy.dll - ok
05:48:06.0966 0x0b60 [ 64E211E0FDFCE4D186DF58BB7D0503BC, 6B9E12979119BAD721D493A9CEFDC7B4150121D5590222069FD1B8D80F9AC5C0 ] C:\Windows\SysWOW64\gameux.dll
05:48:06.0966 0x0b60 C:\Windows\SysWOW64\gameux.dll - ok
05:48:06.0966 0x0b60 [ 38B13C0DF479DBA23ECFA815159BA86E, C289C65AF3FB689AD6B770AB0E815860D9EA36FB2A8DE9F1818C63AD0FE47CBD ] C:\Windows\SysWOW64\ktmw32.dll
05:48:06.0966 0x0b60 C:\Windows\SysWOW64\ktmw32.dll - ok
05:48:06.0981 0x0b60 [ EDF2A5E96BEC469DA3F64E9BDD386111, 63C91BBDFA2E087293B010A4E45625FBD1BFCAF655BFADE2F8B1C36CF804B118 ] C:\Windows\SysWOW64\xmllite.dll
05:48:06.0981 0x0b60 C:\Windows\SysWOW64\xmllite.dll - ok
05:48:06.0981 0x0b60 [ 590D5C506044FE02FF7643E32FF9BDAC, B8178A45E1DB6A39501E95CE4A2B2A1A88119367EC8DA7877120575A3EA47D16 ] C:\Windows\SysWOW64\wer.dll
05:48:06.0981 0x0b60 C:\Windows\SysWOW64\wer.dll - ok
05:48:06.0997 0x0b60 [ F14A9B1778376D0B1788E402AC1F831A, 6110F29669E03F8163B5CD7124BE0FF329F36C18529FA3B8FF70FC00B2D8AA02 ] C:\Windows\SysWOW64\shacct.dll
05:48:06.0997 0x0b60 C:\Windows\SysWOW64\shacct.dll - ok
05:48:06.0997 0x0b60 [ C30A3E5DEEEBA22E782AC54C5AF5F352, 80939A7B5354032256706C6CA0C3CCC7E67CD1C1C81EAEA2CBC74997C0863662 ] C:\Windows\SysWOW64\samlib.dll
05:48:06.0997 0x0b60 C:\Windows\SysWOW64\samlib.dll - ok
05:48:06.0997 0x0b60 [ 68ECCA523ED760AAFC03C5D587569859, CDD734279C8F9F24EA2538BAD8E91EB8C3DD74C33032DB6B2D85C19576B42707 ] C:\Windows\SysWOW64\samcli.dll
05:48:06.0997 0x0b60 C:\Windows\SysWOW64\samcli.dll - ok
05:48:07.0013 0x0b60 [ 20B3934DB73EABA2B49B7177873CB81F, 492EAC5C51472B43DE11825358AEC4B9E3A081DACFD7513C696D6FE40F302EE5 ] C:\Windows\SysWOW64\netutils.dll
05:48:07.0013 0x0b60 C:\Windows\SysWOW64\netutils.dll - ok
05:48:07.0013 0x0b60 [ BC486AFF277CD6AE2406FA1FE1B09D56, 076A4918626D13943D23FC1B0056DCA8E68F9EF037DB1D7EEB7508229842D054 ] C:\Windows\SysWOW64\en-US\explorerframe.dll.mui
05:48:07.0013 0x0b60 C:\Windows\SysWOW64\en-US\explorerframe.dll.mui - ok
05:48:07.0028 0x0b60 [ 1E59A02A8C6F49E61C5880971D560EEE, B887F47F4EA0F63D3095F99020D8D391062D99722E812530F0F674FF8B7E237C ] C:\Windows\Resources\Themes\Aero\Shell\NormalColor\shellstyle.dll
05:48:07.0028 0x0b60 C:\Windows\Resources\Themes\Aero\Shell\NormalColor\shellstyle.dll - ok
05:48:07.0028 0x0b60 [ 3A16EA01FCFAAB40882DB5BFEE632322, 04ED66BEFDB822181EBD1D84CBF0B17AAADF8455AE742F44D7ADCB26AB07BDAD ] C:\Windows\SysWOW64\msftedit.dll
05:48:07.0028 0x0b60 C:\Windows\SysWOW64\msftedit.dll - ok
05:48:07.0028 0x0b60 [ 35AAE2E841AA1A949775168E119482C9, 2457985F6113E565DCEBE58A14C644EAE1397CDB50393C03A2A94F279C053D93 ] C:\Windows\SysWOW64\msls31.dll
05:48:07.0028 0x0b60 C:\Windows\SysWOW64\msls31.dll - ok
05:48:07.0044 0x0b60 [ CDD35C1CE1EBFE80C055691CDC8DF443, DE548012A90FFFCF6B6CA1FFA5C04167CBAAA8656D7D9A7132D62340C3958409 ] C:\Windows\SysWOW64\authui.dll
05:48:07.0044 0x0b60 C:\Windows\SysWOW64\authui.dll - ok
05:48:07.0044 0x0b60 [ 28CA821606669BB9215CE010767720FA, C8A1F0D6704F8F37CF8AADDFAD511FF27E56E8BCFFD4AC948DFA0329DB1F3A1E ] C:\Windows\SysWOW64\cryptui.dll
05:48:07.0044 0x0b60 C:\Windows\SysWOW64\cryptui.dll - ok
05:48:07.0044 0x0b60 [ ADF3E771F429940E762AC097F5A54EAF, C6083EFF964E56DAB13C1D9A925052110A57145AEF06D895EAB53FD882463436 ] C:\Program Files\Windows Defender\MpClient.dll
05:48:07.0044 0x0b60 C:\Program Files\Windows Defender\MpClient.dll - ok
05:48:07.0059 0x0b60 [ EFE3A0EAFFE4A11C8EEEEB84D5A79936, BBF3B7B1C17608BA51870671B585A398DFAADCE2ADDDBA51709A90C4A028A0A1 ] C:\Windows\SysWOW64\en-US\authui.dll.mui
05:48:07.0059 0x0b60 C:\Windows\SysWOW64\en-US\authui.dll.mui - ok
05:48:07.0059 0x0b60 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051, 8EFD0A6DE6F4E335D342782190008FB5AC84A6ADE49170B310DEC9AC48E623E8 ] C:\Windows\System32\localspl.dll
05:48:07.0059 0x0b60 C:\Windows\System32\localspl.dll - ok
05:48:07.0075 0x0b60 [ C6711C2226AC422D8AE2AC6F18D07D60, A8DFE852A2E49E3D2A648C05D9FA978E252525E5B7F892E9BC5E767B9B22D44C ] C:\Windows\SysWOW64\en-US\propsys.dll.mui
05:48:07.0075 0x0b60 C:\Windows\SysWOW64\en-US\propsys.dll.mui - ok
05:48:07.0075 0x0b60 [ 4F2659160AFCCA990305816946F69407, 9E70685B73B3EAB78C55863BABCEECC7CCA89475B508B2A9C651ADE6FDE0751A ] C:\Windows\SysWOW64\taskeng.exe
05:48:07.0075 0x0b60 C:\Windows\SysWOW64\taskeng.exe - ok
05:48:07.0091 0x0b60 [ 3285481F5C12305CA104A6C493CA5A0B, ADB39B15D26A954B0F347C7BAFCC76DE5E3CF3CF05736E8987E0832AA7F8563C ] C:\Windows\System32\spoolss.dll
05:48:07.0091 0x0b60 C:\Windows\System32\spoolss.dll - ok
05:48:07.0091 0x0b60 [ 65EA57712340C09B1B0C427B4848AE05, 5FDCF73191BFF9DBB03886755FFCF0BC15849F0E216884A5A8B9BB375FA7C1A5 ] C:\Windows\System32\taskeng.exe
05:48:07.0091 0x0b60 C:\Windows\System32\taskeng.exe - ok
05:48:07.0091 0x0b60 [ C5AC93CF3BA30D367FB49148A2B673B9, 07B556039BBA841BC9F28979C3AD5D238B55391F921C9C805F3AFC9EFB437766 ] C:\Windows\System32\PrintIsolationProxy.dll
05:48:07.0091 0x0b60 C:\Windows\System32\PrintIsolationProxy.dll - ok
05:48:07.0106 0x0b60 [ 32A3C8600AF124CBAAD845F13CFAE3CB, F36FE9E57D5C509FEECE890F9F8717F9CC6F762E32AE0B7DB7E0153370CE0B9D ] C:\Windows\System32\tcpmon.dll
05:48:07.0106 0x0b60 C:\Windows\System32\tcpmon.dll - ok
05:48:07.0106 0x0b60 [ 5987EA8A82C53359BCD2C29D6588583E, 59E2DF91F8DA9E33DE65FA67A6A49A7C3F524618A87EAEFC8A28C5304E7FAB85 ] C:\Windows\SysWOW64\linkinfo.dll
05:48:07.0106 0x0b60 C:\Windows\SysWOW64\linkinfo.dll - ok
05:48:07.0122 0x0b60 [ 1220595CABA75AB91A6B3FA3B89483CC, 313DFE385336D00DAFBC8DF30F001859C77DEB214BB3F874CE42F22734FFAE4E ] C:\Windows\SysWOW64\snmpapi.dll
05:48:07.0122 0x0b60 C:\Windows\SysWOW64\snmpapi.dll - ok
05:48:07.0122 0x0b60 [ 672D7C5080ACB003343006405DA2E621, 5F28C83A20ECB1F20894B60725477BEF0D672817DFDB9822FB345A3270A0C095 ] C:\Windows\SysWOW64\thumbcache.dll
05:48:07.0122 0x0b60 C:\Windows\SysWOW64\thumbcache.dll - ok
05:48:07.0122 0x0b60 [ 93518C6EDE0B61BCBD02BDB02BD05FEE, 3637F5E5F15093AFB501EE910368CF900B422AC22669391FFA4198BBAE6F8FCB ] C:\Windows\System32\snmpapi.dll
05:48:07.0122 0x0b60 C:\Windows\System32\snmpapi.dll - ok
05:48:07.0137 0x0b60 [ 82C089EA2A3EEFADF3588EA71E8BDADA, 2F3BB32EE2C0673058A74DEEB2D405E5E79F833F33C4D289A93EB3C618A86E75 ] C:\Windows\SysWOW64\wevtapi.dll
05:48:07.0137 0x0b60 C:\Windows\SysWOW64\wevtapi.dll - ok
05:48:07.0137 0x0b60 [ 6357E2B68753A1F5CF4A68A25C4FD14A, F56BFEEACBB9DAE084F4C275DF0086091F5B83DE7183FA33F4445CD31FBB44E3 ] C:\Windows\SysWOW64\wsnmp32.dll
05:48:07.0137 0x0b60 C:\Windows\SysWOW64\wsnmp32.dll - ok
05:48:07.0153 0x0b60 [ FFF9D00CF16397C64317F213484F94BD, 94D0584E14BDB27F61F59A7BCEA529A1594261BE0CE74502C13E8865843BA414 ] C:\Windows\System32\wsnmp32.dll
05:48:07.0153 0x0b60 C:\Windows\System32\wsnmp32.dll - ok
05:48:07.0153 0x0b60 [ 35EB874E9319D57CCFF4BB8BE55F4DE5, 10DF7BD8EAE86192363126381C22EDC923878F847139B00B6F0003C666DE286F ] C:\Windows\SysWOW64\en-US\TaskEng.exe.mui
05:48:07.0153 0x0b60 C:\Windows\SysWOW64\en-US\TaskEng.exe.mui - ok
05:48:07.0153 0x0b60 [ EAADD6E47ED2A7003ACE1793B98CF63F, EE090284CA4595B6A140949A41025926CEC3CCACCD2931B6AC77A1E14D20E5B4 ] C:\Windows\SysWOW64\msxml6.dll
05:48:07.0153 0x0b60 C:\Windows\SysWOW64\msxml6.dll - ok
05:48:07.0169 0x0b60 [ 659E04E74135927CA6D7BC5E75C84417, 635CAF4AA78ACFBA30F855C82EFA696E826D710011E960E39817EE0CB6975149 ] C:\Windows\SysWOW64\TSChannel.dll
05:48:07.0169 0x0b60 C:\Windows\SysWOW64\TSChannel.dll - ok
05:48:07.0169 0x0b60 [ DF72A9936D0C3F517083119648814B09, 6BA4DCAC2F55A393A266ED0B2AF92B38141654D1666E3E143D85BBAF21663E1E ] C:\Windows\System32\usbmon.dll
05:48:07.0169 0x0b60 C:\Windows\System32\usbmon.dll - ok
05:48:07.0169 0x0b60 [ BE247AE996A9FDE007A27B51413A6C79, A4280BE9BDCB51E50A0E302F59ACDF866EFAC8035D766172D06C15019CC57476 ] C:\Windows\SysWOW64\shdocvw.dll
05:48:07.0169 0x0b60 C:\Windows\SysWOW64\shdocvw.dll - ok
05:48:07.0184 0x0b60 [ 633C2C060CF857099F6C4F8D75C952B1, 95E14B5212301900BC9DDB6B42735B114D364188E9B312C786511258106398C8 ] C:\Windows\SysWOW64\WlS0WndH.dll
05:48:07.0184 0x0b60 C:\Windows\SysWOW64\WlS0WndH.dll - ok
05:48:07.0184 0x0b60 [ A1D7E3ADCDB07DDB6F423862DCB1A52B, 6191C33D2AE090F6F055D6AE211096CE8F003EC5518A5333EE1E376052176BAB ] C:\Windows\System32\WSDMon.dll
05:48:07.0184 0x0b60 C:\Windows\System32\WSDMon.dll - ok
05:48:07.0184 0x0b60 [ 3D57FFBAD3ED16B63DE3879BAB0FB56F, 6BEAF5AFC98961190B004E8DE57CD5F9F39117287AE18D59DDB2EC5C0A0C6622 ] C:\Windows\SysWOW64\networkexplorer.dll
05:48:07.0184 0x0b60 C:\Windows\SysWOW64\networkexplorer.dll - ok
05:48:07.0200 0x0b60 [ 73F6C5223F7E9B5780DD4A6C30FCF569, 121A361A572EFC6AC964300DA93BF28DC11E55DDCA29A7C6E6FD12955FBA68B8 ] C:\Windows\SysWOW64\WSDApi.dll
05:48:07.0200 0x0b60 C:\Windows\SysWOW64\WSDApi.dll - ok
05:48:07.0200 0x0b60 [ F1B205F932F62F94506A5F332C895DAF, F02F01F20F655DD919C71AE814E4C3DD43330AAD1425FC5B1497F1613917CCDE ] C:\Windows\System32\WSDApi.dll
05:48:07.0200 0x0b60 C:\Windows\System32\WSDApi.dll - ok
05:48:07.0200 0x0b60 [ 0DCA6A11D09D4C2CBE6B898B897EA915, DE071D5E9CC54C2A52B4F34314749CE5031CA553E878FC9D311699EEEE3B2AA8 ] C:\Windows\SysWOW64\UIAnimation.dll
05:48:07.0200 0x0b60 C:\Windows\SysWOW64\UIAnimation.dll - ok
05:48:07.0215 0x0b60 [ DB846EECA70EE9D2E2FF31147C57B0F4, 1086310477697F43EB156314804B7E9100E04966EF3934F9F5E37112C5129954 ] C:\Windows\SysWOW64\webservices.dll
05:48:07.0215 0x0b60 C:\Windows\SysWOW64\webservices.dll - ok
05:48:07.0215 0x0b60 [ 2A39F32E0067CBF221611FE1FA8C6D8F, C6D1CAB7BC87F8EB7D801BE3E3DA9B631932A94468E7A6F46D60A43C9AB08EE7 ] C:\Windows\SysWOW64\DeviceCenter.dll
05:48:07.0215 0x0b60 C:\Windows\SysWOW64\DeviceCenter.dll - ok
05:48:07.0215 0x0b60 [ 805A52C5AE26C28E88FDD9BCCFE6F312, 4FF28D3658C31722B7DD036DED9D544B14841C0E0B94D31A8EC5AB92128DA020 ] C:\Windows\System32\TSChannel.dll
05:48:07.0215 0x0b60 C:\Windows\System32\TSChannel.dll - ok
05:48:07.0231 0x0b60 [ C55516D98DD5D8F0153C2A9B4227DA86, DBC62B776CF06D0873A4C7CFCDF5B6F5C6E6C41917C326C090BCE58DC66EE09C ] C:\Windows\System32\webservices.dll
05:48:07.0231 0x0b60 C:\Windows\System32\webservices.dll - ok
05:48:07.0231 0x0b60 [ 534A3CB0847BA114F0D8A5F2BB2EF6D0, DB39ED39E7CD122C880041FD00708243550E5CA1A69632FF7CCDFEB6E0AE8FAA ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
05:48:07.0231 0x0b60 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe - ok
05:48:07.0231 0x0b60 [ 36B91F1C207B6BBC8A3CE624E06C838D, 365928F736BB0638AF93429C2AE8D7DBB620B66C3CA8EE7DDFA82B911543A22D ] C:\Program Files\CCleaner\CCleaner64.exe
05:48:07.0231 0x0b60 C:\Program Files\CCleaner\CCleaner64.exe - ok
05:48:07.0247 0x0b60 [ 3F50200237961034FACE602373838980, F97D72CC75D921CF8F8E0544614407358AEFF97A8F48E4A89F82689EE8F2FC86 ] C:\Windows\SysWOW64\FirewallAPI.dll
05:48:07.0247 0x0b60 C:\Windows\SysWOW64\FirewallAPI.dll - ok
05:48:07.0247 0x0b60 [ CDB4DFA93177D9FCF3DF4DC6D72232B8, 69A8F9D9775E9622C2F011D63B971E6C8920E3E7F70B0FECB47A14B63C91952C ] C:\Windows\SysWOW64\en-US\DeviceCenter.dll.mui
05:48:07.0247 0x0b60 C:\Windows\SysWOW64\en-US\DeviceCenter.dll.mui - ok
05:48:07.0247 0x0b60 [ 89D90579E5FB1469CB0464F6512E42B7, 0E85C6935FEAA219C923FF63D17F7C3AF72FF5028E0FF95B66092C6DF64C665C ] C:\Windows\SysWOW64\fundisc.dll
05:48:07.0247 0x0b60 C:\Windows\SysWOW64\fundisc.dll - ok
05:48:07.0262 0x0b60 [ B5055B51BAA0FD0A736A88653DA3C1C0, A3BD057C7E8C926930BA7E9D11427D26FB37267026A0B72AB4021101EE424F74 ] C:\Windows\System32\fundisc.dll
05:48:07.0262 0x0b60 C:\Windows\System32\fundisc.dll - ok
05:48:07.0262 0x0b60 [ F34CFADA6C48DAA41B996D24C7D8D3CA, D294DECC607A6ED7264BEC41FDA3BF12D3F2B3FAFAF55F0C5F2235A9066C97EC ] C:\Windows\SysWOW64\fdPnp.dll
05:48:07.0262 0x0b60 C:\Windows\SysWOW64\fdPnp.dll - ok
05:48:07.0262 0x0b60 [ 4581716B4BF76ACFD8E167EB0B26D82A, 39D822527114EEED68044CCE4D542767F53978D9E0A7F72638F1CA9A016DE13B ] C:\Windows\System32\fdPnp.dll
05:48:07.0262 0x0b60 C:\Windows\System32\fdPnp.dll - ok
05:48:07.0278 0x0b60 [ 8232228138E4859F3738DD1E4A8C692C, 72DDCFA858D11FB347968379D5E2D0BD457C5265D465A8E3B32D50484F5FDCAA ] C:\Windows\SysWOW64\urlmon.dll
05:48:07.0278 0x0b60 C:\Windows\SysWOW64\urlmon.dll - ok
05:48:07.0278 0x0b60 [ 1D626FE2E13C1CE49CA0136CFF214E93, 4F02DD92045CF244979FFD074B2BDE6925A909227A474C60DCABE4384D916218 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
05:48:07.0278 0x0b60 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
05:48:07.0293 0x0b60 [ 1097F3035BAF46CED8B332B3564C5108, C69781683CA963A1335780DABBBC60E2C3CEF0888738D3425D358D12E8D0AF58 ] C:\Windows\SysWOW64\gpapi.dll
05:48:07.0293 0x0b60 C:\Windows\SysWOW64\gpapi.dll - ok
05:48:07.0293 0x0b60 [ 6B6879BE739279EDD2E4E28ED9911DBF, 2922295B89F3C93BCB308DB4191C2C3F0BC70B4644AC2B199DE47CA16750E867 ] C:\Windows\SysWOW64\iertutil.dll
05:48:07.0293 0x0b60 C:\Windows\SysWOW64\iertutil.dll - ok
05:48:07.0293 0x0b60 [ 52CCA2E9FFD0653CACED1E808AADE4B6, 4B4A850CB8C33F27BCC8F7CD585463227BA41E9C3685021D7A422B1F0AE75FFC ] C:\Windows\SysWOW64\win32spl.dll
05:48:07.0293 0x0b60 C:\Windows\SysWOW64\win32spl.dll - ok
05:48:07.0293 0x0b60 [ 1E5DF19A5F053345430D7AF87943C47A, 0CC7918F9CF8E35308789A62FAC8B66873E438D07342C46EF9CA3291833DCDFA ] C:\Windows\SysWOW64\wininet.dll
05:48:07.0293 0x0b60 C:\Windows\SysWOW64\wininet.dll - ok
05:48:07.0309 0x0b60 [ 0353B239C28B0E9EBC7FA3D1F6181661, 8A7090D9255178448DDC2309BA33970F504F2D502FB032B675EBDBE225EF1C8A ] C:\Windows\System32\win32spl.dll
05:48:07.0309 0x0b60 C:\Windows\System32\win32spl.dll - ok
05:48:07.0309 0x0b60 [ 162D247E995EAEBF3EF4289069E1111C, 19E858E9902E2D570FFD24AE2CB4165273F5BAB1FF7B04758B11AB5CD41FD752 ] C:\Windows\SysWOW64\devrtl.dll
05:48:07.0309 0x0b60 C:\Windows\SysWOW64\devrtl.dll - ok
05:48:07.0325 0x0b60 [ FB036244DBD2FADC225AD8650886B641, DCD9115DB058587E5AECB0A812BB12EBFBEC7AEB45C2CC79812245F93853A41E ] C:\Windows\SysWOW64\dfrgui.exe
05:48:07.0325 0x0b60 C:\Windows\SysWOW64\dfrgui.exe - ok
05:48:07.0325 0x0b60 [ 4BDBBE5E4208022DD794F7EEEB0F7366, 4F69BA2EDABFA63A300B9F1880349EFAE185B899DD5C561E7B3BA6AAA4B22D6A ] C:\Windows\SysWOW64\SPInf.dll
05:48:07.0325 0x0b60 C:\Windows\SysWOW64\SPInf.dll - ok
05:48:07.0325 0x0b60 [ 1BF0CB861A48FEB1638228760750F3CB, 37C781A8C546EAD8B4D28BD7D730B9AC78EB799599AD69DAD9054B6F9F1DD6BD ] C:\Windows\System32\cscapi.dll
05:48:07.0325 0x0b60 C:\Windows\System32\cscapi.dll - ok
05:48:07.0340 0x0b60 [ F2A24E4AEC0F8D5DBAB10CB87A8EFED2, 1E2084BB76072596AB2E846DB45318453E1C82C1141385B7D73A1AD5EB30E8BD ] C:\Windows\SysWOW64\sti.dll
05:48:07.0340 0x0b60 C:\Windows\SysWOW64\sti.dll - ok
05:48:07.0340 0x0b60 [ 5F2122888583347C9B81724CF169EFC6, DEE01AEDCFB6596C8DC8DC4290CFD0D36A1D784DF2075E92C195F6622CD3F68C ] C:\Windows\SysWOW64\msinfo32.exe
05:48:07.0340 0x0b60 C:\Windows\SysWOW64\msinfo32.exe - ok
05:48:07.0340 0x0b60 [ 2E483EC51216B52C711C7EC642798BB7, 98DFAAEA25FE4A450FEA18F36E0B0AA6143A0D1C89CB406857BEE5154D5931BB ] C:\Windows\System32\sti.dll
05:48:07.0340 0x0b60 C:\Windows\System32\sti.dll - ok
05:48:07.0356 0x0b60 [ D5AEFAD57C08349A4393D987DF7C715D, C36A45BC2448DF30CD17BD2F8A17FC196FAFB685612CACCEB22DC7B58515C201 ] C:\Windows\SysWOW64\winmm.dll
05:48:07.0356 0x0b60 C:\Windows\SysWOW64\winmm.dll - ok
05:48:07.0356 0x0b60 [ D205C24A9D069049FE2DF2A1B38726A7, B98F420B57A34FDA24F9A655319245EEF86EF4A952014FFA018070A01D5CBC4C ] C:\Windows\SysWOW64\wdmaud.drv
05:48:07.0356 0x0b60 C:\Windows\SysWOW64\wdmaud.drv - ok
05:48:07.0356 0x0b60 [ 139D3AB6AA920C34C50CBFFB9EB7D222, 5A5D205E16E6AFDCC965E4144FE6E104157DE7541D31727520363F2670513940 ] C:\Windows\SysWOW64\avrt.dll
05:48:07.0356 0x0b60 C:\Windows\SysWOW64\avrt.dll - ok
05:48:07.0371 0x0b60 [ 9C67F6BBDA3881CFD02095160CF91576, 6CE97C6F0AD8BE183DE935A7AAB7D46821E8DE9E55A4BFF54ACB49D056826A94 ] C:\Windows\SysWOW64\ksuser.dll
05:48:07.0371 0x0b60 C:\Windows\SysWOW64\ksuser.dll - ok
05:48:07.0371 0x0b60 [ CD5A94572650CB80E05D52F9617A0D1B, 9FCF5F87635B1C4C1DB90ABC15F81D7B058A07E57201CD8CCD96C2B78B237C23 ] C:\Windows\SysWOW64\en-US\wdmaud.drv.mui
05:48:07.0371 0x0b60 C:\Windows\SysWOW64\en-US\wdmaud.drv.mui - ok
05:48:07.0371 0x0b60 [ E0AD091B785EB541370660B0C3A4DCC4, 2EC675032DF9769E69D9AEB103FA52C2A87F7EB400B7B78721C3D41B2150F3E5 ] C:\Windows\SysWOW64\en-US\MMDevAPI.dll.mui
05:48:07.0371 0x0b60 C:\Windows\SysWOW64\en-US\MMDevAPI.dll.mui - ok
05:48:07.0387 0x0b60 [ C940F2F5C60B3727C5F18840735B229C, EFC3F465FD6C570505C214A92644357ACD01B1843ED25B5FCCCE10533403485C ] C:\Windows\SysWOW64\AudioSes.dll
05:48:07.0387 0x0b60 C:\Windows\SysWOW64\AudioSes.dll - ok
05:48:07.0387 0x0b60 [ 07393A09C46083588E751B63B03C8301, 36E2351CF5FA05FEAAEB340B5E04B107B53C8174F8333559D8AEA40BEB94F678 ] C:\Windows\SysWOW64\msacm32.drv
05:48:07.0387 0x0b60 C:\Windows\SysWOW64\msacm32.drv - ok
05:48:07.0387 0x0b60 [ 85683DF1F917E4D7F6BE1A04986BF1C8, D68D9F525D31C1843B6EC8FA950166FA1F34DB71222716E7B22DD33981C152B6 ] C:\Windows\SysWOW64\msacm32.dll
05:48:07.0387 0x0b60 C:\Windows\SysWOW64\msacm32.dll - ok
05:48:07.0403 0x0b60 [ 5A12C364AD1D4FCC0AD0E56DBBC34462, 5FDF434BE4E15311AC83754CF85B5451F5A219D768A5DE3DC4FD9AE0B57B0AD9 ] C:\Windows\SysWOW64\midimap.dll
05:48:07.0403 0x0b60 C:\Windows\SysWOW64\midimap.dll - ok
05:48:07.0403 0x0b60 [ 919001D2BB17DF06CA3F8AC16AD039F6, 5169ACFBE9E9D4C4012773ECDD28231C952675EF0C272A40F226E7B5D671B18B ] C:\Windows\SysWOW64\sxs.dll
05:48:07.0403 0x0b60 C:\Windows\SysWOW64\sxs.dll - ok
05:48:07.0418 0x0b60 [ AC7811B550AC49013C9D83D998C8C740, 766E0E2D40C81A6B6082E48C3041415158198ACE17BA22590BC5E9EEA441821A ] C:\Windows\SysWOW64\ieframe.dll
05:48:07.0418 0x0b60 C:\Windows\SysWOW64\ieframe.dll - ok
05:48:07.0418 0x0b60 [ 89F4D0DD6606A2FE15931E6888DBBC8D, 513D9F6DB0D993DB6D720DF1FF4FED2C6A9B067522CDEE389CA40D3B618B6A55 ] C:\Windows\SysWOW64\stdole2.tlb
05:48:07.0418 0x0b60 C:\Windows\SysWOW64\stdole2.tlb - ok
05:48:07.0418 0x0b60 [ 89DEE2E41B2683E7D73C75960DF24759, 6260F5875D2FD8284EF2B01F53ABC703DFAA6632A1CB6079FECDE084B0370E59 ] C:\Windows\SysWOW64\en-US\shlwapi.dll.mui
05:48:07.0418 0x0b60 C:\Windows\SysWOW64\en-US\shlwapi.dll.mui - ok
05:48:07.0434 0x0b60 [ 6141A0E786FDB37C504A1153B54F699E, 4459F00FE649079219958F91A83E4E0E16D15A24E0B2094653DE5E15D71DFA5B ] C:\Windows\SysWOW64\en-US\urlmon.dll.mui
05:48:07.0434 0x0b60 C:\Windows\SysWOW64\en-US\urlmon.dll.mui - ok
05:48:07.0434 0x0b60 [ F0385ECFE4D4A734C5E6FCC575F01763, C3C6F329F621ED5FC11E14B560D9D777CE4E59A0ADFA695B5A115E9C30A049DA ] C:\Windows\SysWOW64\en-US\duser.dll.mui
05:48:07.0434 0x0b60 C:\Windows\SysWOW64\en-US\duser.dll.mui - ok
05:48:07.0434 0x0b60 [ 8E01332CC4B68BC6B5B7EFFE374442AA, A4AD1D2FD3EC2F26949DBBC388F9FFF3713AD7EB4E9220AF817EBB5223E467C6 ] C:\Windows\SysWOW64\oleacc.dll
05:48:07.0434 0x0b60 C:\Windows\SysWOW64\oleacc.dll - ok
05:48:07.0449 0x0b60 [ 90FB1802D488FFA9029854A77D4F3F27, FBEAB2065307A2BD9C78D3ABB4F80B8311F3EA68B2F23FD1EF80C24E1DBA1F4D ] C:\Windows\SysWOW64\oleaccrc.dll
05:48:07.0449 0x0b60 C:\Windows\SysWOW64\oleaccrc.dll - ok
05:48:07.0449 0x0b60 [ E5A4A1326A02F8E7B59E6C3270CE7202, DCB76016F9AC47E631540874DA208A089F9D529DA9628705A2869B954526BFE0 ] C:\Windows\SysWOW64\wkscli.dll
05:48:07.0449 0x0b60 C:\Windows\SysWOW64\wkscli.dll - ok
05:48:07.0449 0x0b60 [ DCFF3A34C548C28B6ADCFB7CBD02CA58, 980E4DE38D7E2D9FFB3F40A423513BD8CD3CDBCF7BB7ADE8F6B7469D8C7B3C13 ] C:\Windows\SysWOW64\en-US\oleaccrc.dll.mui
05:48:07.0449 0x0b60 C:\Windows\SysWOW64\en-US\oleaccrc.dll.mui - ok
05:48:07.0465 0x0b60 [ B40420876B9288E0A1C8CCA8A84E5DC9, 0D3C73B45BC708D7B1E26DFB6D4F64031A998548FEA0FB5CE198ED716F7DC9A0 ] C:\Windows\SysWOW64\dnsapi.dll
05:48:07.0465 0x0b60 C:\Windows\SysWOW64\dnsapi.dll - ok
05:48:07.0465 0x0b60 [ 839F96DBAAFD3353E0B248A5E0BD2A51, 11DA5AD3EA5FF4766C12B99FB520B3CBE08581ECAF1A2FD1DC5AC835CA78FAC2 ] C:\Windows\SysWOW64\rasapi32.dll
05:48:07.0465 0x0b60 C:\Windows\SysWOW64\rasapi32.dll - ok
05:48:07.0465 0x0b60 [ FFA7172354B9256DBB2CDD75F16F33FE, 85B2F014C67C2E52540F17D561793C6633C9E98F12639CCD3854EB1EC34DD035 ] C:\Windows\SysWOW64\rasman.dll
05:48:07.0465 0x0b60 C:\Windows\SysWOW64\rasman.dll - ok
05:48:07.0481 0x0b60 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159, ACE7F85685EB92FC3AB4215122B0469E32F23B196C49F08CDA7791D3122C45DC ] C:\Windows\SysWOW64\rtutils.dll
05:48:07.0481 0x0b60 C:\Windows\SysWOW64\rtutils.dll - ok
05:48:07.0481 0x0b60 [ 6F8E3B7B70E1BBA871212940C1FBDF60, 3F9D4EE64E4210340C6FEE0DE81BFE3C613DDBE608EC09D63817D24CE24BFC5E ] C:\Windows\SysWOW64\SensApi.dll
05:48:07.0481 0x0b60 C:\Windows\SysWOW64\SensApi.dll - ok
05:48:07.0481 0x0b60 [ 7FD5532C142DB6C9CC47AA4DCF71FDEC, 16BBC7ABBEC24B66A4824D8A4FFDB76A488E6F07182103F5292A3033542BF77A ] C:\Windows\SysWOW64\wscui.cpl
05:48:07.0481 0x0b60 C:\Windows\SysWOW64\wscui.cpl - ok
05:48:07.0496 0x0b60 [ A8CDF3768604FF95B54669E20053D569, 2DB85B86C839341F2A879A6D25F787D17EE665D425C1BAC3E1F82BAC61F89F94 ] C:\Windows\SysWOW64\wscapi.dll
05:48:07.0496 0x0b60 C:\Windows\SysWOW64\wscapi.dll - ok
05:48:07.0496 0x0b60 [ 912649A1B3F9E6ACB3899FBDABA2ED5F, 049DFA9EA45A888B984E459B927A0F8AA4C10B9D36C6C0A0FE57F6329BEAF555 ] C:\Windows\SysWOW64\stobject.dll
05:48:07.0496 0x0b60 C:\Windows\SysWOW64\stobject.dll - ok
05:48:07.0496 0x0b60 [ 67C1B58706B47EEBA4E117AC197289E6, 9213E55DA854563E3A99369A4FAD853C0A97241A4F6D93F98444C57ADEEF89C1 ] C:\Windows\SysWOW64\batmeter.dll
05:48:07.0496 0x0b60 C:\Windows\SysWOW64\batmeter.dll - ok
05:48:07.0512 0x0b60 [ A1C8A7649E33BDD044266270AA721D9C, 0AC245CEDEE5D19C006B5A2C95BB684E596C76A35FA7DE08EE8AC0DAB07898E9 ] C:\Windows\SysWOW64\en-US\stobject.dll.mui
05:48:07.0512 0x0b60 C:\Windows\SysWOW64\en-US\stobject.dll.mui - ok
05:48:07.0512 0x0b60 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] C:\Windows\SysWOW64\es.dll
05:48:07.0512 0x0b60 C:\Windows\SysWOW64\es.dll - ok
05:48:07.0512 0x0b60 [ C8333F1F77A1B2E25F2202E892CAF634, 7A614AA4353ECE8175B6AB7B25EE26FAB22DF2A53C9A5A694B3A3B56F6C783A7 ] C:\Windows\SysWOW64\prnfldr.dll
05:48:07.0512 0x0b60 C:\Windows\SysWOW64\prnfldr.dll - ok
05:48:07.0527 0x0b60 [ 2B61ADA9DBB30D7DB79D7B68CD89FD4A, 4E8EA8D28F985AF9538512E30D0F78826EDA55E3026892B3EB5B3216EF6E50F1 ] C:\Windows\SysWOW64\en-US\sndvolsso.dll.mui
05:48:07.0527 0x0b60 C:\Windows\SysWOW64\en-US\sndvolsso.dll.mui - ok
05:48:07.0527 0x0b60 [ 79DE9216B4800813CC3EFA8048F7B038, AC41F59AA22B4A1D93335594C371E4D534FC371CB06311237738EB3AB9852CC1 ] C:\Windows\SysWOW64\mmres.dll
05:48:07.0527 0x0b60 C:\Windows\SysWOW64\mmres.dll - ok
05:48:07.0543 0x0b60 [ AD4F93D7B70253D69EB2C324E6D211AD, 2015EE584F12CDDD18308D86D9466CCD986D4C960565BA031F2E351892AA1DDD ] C:\Windows\SysWOW64\en-US\mmres.dll.mui
05:48:07.0543 0x0b60 C:\Windows\SysWOW64\en-US\mmres.dll.mui - ok
05:48:07.0543 0x0b60 [ 42A9CB6906D9A8BEDC83B57163E62924, E18522D3137653140757829EFBFCE624A5BAA5842E2BBA10B9E5AB6C84BE49E1 ] C:\Windows\System32\DXP.dll
05:48:07.0543 0x0b60 C:\Windows\System32\DXP.dll - ok
05:48:07.0543 0x0b60 [ 856CFFCD835528136367BB1A8FE1DB87, 97EE0B243F460BE737D18B634559BC6389064BA013890E69B650E5152AB873C8 ] C:\Windows\SysWOW64\Syncreg.dll
05:48:07.0543 0x0b60 C:\Windows\SysWOW64\Syncreg.dll - ok
05:48:07.0559 0x0b60 [ EAB975DB4C2805927FE5BD047D05C9AA, 8F5497B1A2652B5EAA5D35BD314B5F90C5140207427DAE6068D665FA44D3FD56 ] C:\Windows\SysWOW64\netshell.dll
05:48:07.0559 0x0b60 C:\Windows\SysWOW64\netshell.dll - ok
05:48:07.0559 0x0b60 [ B2B3DAE040F6B5AE1DF52B0CD7631A18, 062680EFF24EB83FF34DDD76043DB9ABB476C8FEE7BBE869A1E7F7FC8891314F ] C:\Windows\SysWOW64\AltTab.dll
05:48:07.0559 0x0b60 C:\Windows\SysWOW64\AltTab.dll - ok
05:48:07.0559 0x0b60 [ F390CEBBB8772F13FD4D36C0C37FF7F9, D91A7C3CB8B152789D1553137BCC7417458A87E68BD9E0C174D642BCB6C653D0 ] C:\Windows\SysWOW64\en-US\AltTab.dll.mui
05:48:07.0559 0x0b60 C:\Windows\SysWOW64\en-US\AltTab.dll.mui - ok
05:48:07.0574 0x0b60 [ 735263DA17BF5BAF9CCD483843BF9D5A, A493F9191EA3F37A53474E94B3917EA038B29545FC62B1634CE47F05EA2FF5C6 ] C:\Windows\SysWOW64\WPDShServiceObj.dll
05:48:07.0574 0x0b60 C:\Windows\SysWOW64\WPDShServiceObj.dll - ok
05:48:07.0574 0x0b60 [ E98278865E8DABA21CFE5FE4BE34210A, 3BB431A9F6476EA98C17DF46BA5DFA265E74328D84875E402236ED12E50B6330 ] C:\Windows\SysWOW64\PortableDeviceApi.dll
05:48:07.0574 0x0b60 C:\Windows\SysWOW64\PortableDeviceApi.dll - ok
05:48:07.0574 0x0b60 [ 1CBF15FDB0310345A68972EB5C5B948F, E1EDCE6216B24037B243AC68CEEBD510646B2EFD70BC118E68303F9ED85D1973 ] C:\Windows\SysWOW64\mssprxy.dll
05:48:07.0574 0x0b60 C:\Windows\SysWOW64\mssprxy.dll - ok
05:48:07.0590 0x0b60 [ 3D6F22551D422F97AACB0BB927E4C846, 9AB7C9F2E7F3D1CEC4553D0DF57E074121957055A9A4349946D354ACB6FC4579 ] C:\Windows\SysWOW64\pnidui.dll
05:48:07.0590 0x0b60 C:\Windows\SysWOW64\pnidui.dll - ok
05:48:07.0590 0x0b60 [ BD626EF05967D14C772B8096292731A3, FE3838B41DCAFC52089D909E7F411186D993C08AC149E093352D691D57C9BE71 ] C:\Windows\SysWOW64\QUTIL.DLL
05:48:07.0590 0x0b60 C:\Windows\SysWOW64\QUTIL.DLL - ok
05:48:07.0590 0x0b60 [ 76A8E297818E2A4BEC3A477DBD8A2C7A, AE80FE62FFF31D7D460EFB85C046CBB00EA0CCF2EB0DCCEF04062156F0A53662 ] C:\Windows\SysWOW64\en-US\pnidui.dll.mui
05:48:07.0590 0x0b60 C:\Windows\SysWOW64\en-US\pnidui.dll.mui - ok
05:48:07.0605 0x0b60 [ 75EA62927355189876081EF863064982, 2B0139C8BD7CB8A1C6DC92937F9D8CBB2526615021FE6EE979D9373EA3B640B7 ] C:\Windows\SysWOW64\ncsi.dll
05:48:07.0605 0x0b60 C:\Windows\SysWOW64\ncsi.dll - ok
05:48:07.0605 0x0b60 [ CA9F7888B524D8100B977C81F44C3234, 57F3353F89724147D8AC8B69B12C1303DF26978309776F5F8CCF074526A915D3 ] C:\Windows\SysWOW64\winhttp.dll
05:48:07.0605 0x0b60 C:\Windows\SysWOW64\winhttp.dll - ok
05:48:07.0621 0x0b60 [ FB19FC5951A88F3C523E35C2C98D23C0, FF0DB8BF0C68DA0D09272E8181D2B5409C8850BB2F31AEA3AC4CD14C5A420A59 ] C:\Windows\SysWOW64\webio.dll
05:48:07.0621 0x0b60 C:\Windows\SysWOW64\webio.dll - ok
05:48:07.0621 0x0b60 [ 29CA5974FAB0E8AE4AA7814FE05CF832, ADE54D406AAB7C364851AAD278A569426C9ADD4F7FB543BB08428CED963BF541 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
05:48:07.0621 0x0b60 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
05:48:07.0621 0x0b60 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3, 2A610BEB16610FE2F2E9A50477A62A05481E8A5843A814955A0EDFF45D0304B3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
05:48:07.0621 0x0b60 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
05:48:07.0637 0x0b60 [ CE7803953FE7314061B3F9188D310EB2, 75078CCE3A7277B5B60E806FA000FC437C4B06E2AD80EAB5BC99C8960810F295 ] C:\Windows\SysWOW64\en-US\KernelBase.dll.mui
05:48:07.0637 0x0b60 C:\Windows\SysWOW64\en-US\KernelBase.dll.mui - ok
05:48:07.0637 0x0b60 [ 4E5FE39C1076D115EC8BFCFE14D75B80, F1D02BCA6F664DCDD0CCDE269D31787C7553CD38C7208A8DD8B80B9EA09FEB1C ] C:\Windows\SysWOW64\credssp.dll
05:48:07.0637 0x0b60 C:\Windows\SysWOW64\credssp.dll - ok
05:48:07.0637 0x0b60 [ B010CF886420EE29C2C276646721D255, CBCD032D679ADE3A9942A1D116648D6A9ECC71F66F8630629E724E5EE23F9F73 ] C:\Windows\SysWOW64\wlanapi.dll
05:48:07.0637 0x0b60 C:\Windows\SysWOW64\wlanapi.dll - ok
05:48:07.0652 0x0b60 [ 1D6A771D1D702AE07919DB52C889A249, E5F3378AC40AEE6114EEAF3BF11DC1059466891CAE353E80C08622A60485C954 ] C:\Windows\SysWOW64\wlanutil.dll
05:48:07.0652 0x0b60 C:\Windows\SysWOW64\wlanutil.dll - ok
05:48:07.0652 0x0b60 [ C02AA67276FEE0C15CC4D6D616BDE95E, 24B0FFA2903CC77FEDE6B491647BB759C4AE054E38A19EFA0D2662AC2959570B ] C:\Windows\SysWOW64\WWanAPI.dll
05:48:07.0652 0x0b60 C:\Windows\SysWOW64\WWanAPI.dll - ok
05:48:07.0652 0x0b60 [ F2ED6D00921CA138289E5E0CCB9ABF87, 528F249CE0835CA4D8B7C4940F5132DF1155EB344177BEA4CD7FCF9B8DCCCA4B ] C:\Windows\SysWOW64\wwapi.dll
05:48:07.0652 0x0b60 C:\Windows\SysWOW64\wwapi.dll - ok
05:48:07.0668 0x0b60 [ CF4274CEEA9F7791FB7FC40A066BC2C7, C153EC0D420261185001B354955DF85C6E842334D34E70BB69CECC3AFC8CE36C ] C:\Windows\SysWOW64\cscobj.dll
05:48:07.0668 0x0b60 C:\Windows\SysWOW64\cscobj.dll - ok
05:48:07.0668 0x0b60 [ 02530B0B7E048DD5AC8D52DAEACAEB2B, 2DEB454F8B71EC54C59185E2F1D679F7EC1C7AEFCD1D59761FDD3D70CABE0254 ] C:\Windows\SysWOW64\QAGENT.DLL
05:48:07.0668 0x0b60 C:\Windows\SysWOW64\QAGENT.DLL - ok
05:48:07.0668 0x0b60 [ 674B0C0F6A448EB185CAAB9C51D44032, 6722351F46BF70BA967844D3239CD801DFC4538A4EB6C478D8497F27F7FD9F1D ] C:\Windows\SysWOW64\srchadmin.dll
05:48:07.0668 0x0b60 C:\Windows\SysWOW64\srchadmin.dll - ok
05:48:07.0683 0x0b60 [ D53519D8BB92559350125447991DCFA8, 553C06E8FDD9F516B05D64DC6C4CDC15575B5CB130060AE8F3325C564FAE02C0 ] C:\Windows\SysWOW64\mssitlb.dll
05:48:07.0683 0x0b60 C:\Windows\SysWOW64\mssitlb.dll - ok
05:48:07.0683 0x0b60 [ 5193DE33F3284C447E0D31DAFBF92570, EA0F12B0C2F9DD4EA651BD96FC88AE5584364F2C0D4138E8E3D4F18F226717FE ] C:\Windows\SysWOW64\webcheck.dll
05:48:07.0683 0x0b60 C:\Windows\SysWOW64\webcheck.dll - ok
05:48:07.0683 0x0b60 [ 8EE6BDE1D572677AA35707C52C585F75, 588A08C0FC3881186CD673F749E46A154F58BE39CA7AE8A2E1F25539B2299752 ] C:\Windows\SysWOW64\mlang.dll
05:48:07.0683 0x0b60 C:\Windows\SysWOW64\mlang.dll - ok
05:48:07.0699 0x0b60 [ E3D5E244807AD655787FCD25477CC1BC, 8A378249C936914DBFEDAE310D6ACB93D488C8F490EC4AAB435861C413A5BB0F ] C:\Windows\SysWOW64\bthprops.cpl
05:48:07.0699 0x0b60 C:\Windows\SysWOW64\bthprops.cpl - ok
05:48:07.0699 0x0b60 [ 7DFD5F19554F25768275A65418FD3AE7, AA60E11F2EBD5A2DD5AF4880A1EED191259FA6067BFB6320ED2A79082A20A03C ] C:\Windows\SysWOW64\en-US\bthprops.cpl.mui
05:48:07.0699 0x0b60 C:\Windows\SysWOW64\en-US\bthprops.cpl.mui - ok
05:48:07.0699 0x0b60 [ 2DDEA2C345DA5BC589EFD398F220DB0E, B515B15BE7CB66F94B7A9B802719DAF7D50E1FE2832B66B6883AC0023060800D ] C:\Windows\SysWOW64\SyncCenter.dll
05:48:07.0699 0x0b60 C:\Windows\SysWOW64\SyncCenter.dll - ok
05:48:07.0715 0x0b60 [ 9A39A2A5F443A756C568C6ED5748AFE4, 13C2790985CBA9CD325BA20364A665DB50B769B7DDE93E6BE20F25427BDB34F8 ] C:\Windows\SysWOW64\ActionCenter.dll
05:48:07.0715 0x0b60 C:\Windows\SysWOW64\ActionCenter.dll - ok
05:48:07.0715 0x0b60 [ 2D11BC8B460957E62E4420373A0D8BDA, 56105E84333998D43DFCDA9E8A4D70EAC43076CFF8389B2E525EC5C3017DC5FD ] C:\Windows\SysWOW64\imapi2.dll
05:48:07.0715 0x0b60 C:\Windows\SysWOW64\imapi2.dll - ok
05:48:07.0715 0x0b60 [ C7952D0A4C43A965A1741916BB134751, 84EF222159E8C444A1D9D2E6509245716E4106C8032861DBFF399001A529BF94 ] C:\Windows\SysWOW64\hgcpl.dll
05:48:07.0715 0x0b60 C:\Windows\SysWOW64\hgcpl.dll - ok
05:48:07.0730 0x0b60 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] C:\Windows\SysWOW64\provsvc.dll
05:48:07.0730 0x0b60 C:\Windows\SysWOW64\provsvc.dll - ok
05:48:07.0730 0x0b60 [ 55696E42C8A8EB7A0686BAE88C8FC2FD, 018AC012096F49F8AFDA6161FD840C8A14DE6CDE193EFF1EB59C1218F992700A ] C:\Program Files\Internet Explorer\ieproxy.dll
05:48:07.0730 0x0b60 C:\Program Files\Internet Explorer\ieproxy.dll - ok
05:48:07.0730 0x0b60 [ F1278B3514EA6FA9BC39B20D26139AAC, 7FA1B8CCBB4771F3105EEACE2C13F949FA65C7F53817C783BDF9770F94FF12B5 ] C:\Windows\SysWOW64\msiltcfg.dll
05:48:07.0730 0x0b60 C:\Windows\SysWOW64\msiltcfg.dll - ok
05:48:07.0746 0x0b60 [ 6A1E8DEB746912DF47CF651E138401D7, F0DEEBAB4B1827A502B05F5C18E0A7480C3C8EDDAB306575AC40FD7048827FC4 ] C:\Windows\SysWOW64\StructuredQuery.dll
05:48:07.0746 0x0b60 C:\Windows\SysWOW64\StructuredQuery.dll - ok
05:48:07.0746 0x0b60 [ B39B8CC163C41B12FE83E777199F3378, 6727A4F110DFF5F9193987FA2BFD331AAD5AF7C59ACB2FC3C7A677FC5A95FDE7 ] C:\Windows\SysWOW64\tzres.dll
05:48:07.0746 0x0b60 C:\Windows\SysWOW64\tzres.dll - ok
05:48:07.0746 0x0b60 [ B18B6ACD4793205929E41C3AE00B689A, B041A750F3D3A9CFE83504A8791971A9D444ECEF2A12C5AD47AD53738FE99C74 ] C:\Windows\SysWOW64\en-US\tzres.dll.mui
05:48:07.0746 0x0b60 C:\Windows\SysWOW64\en-US\tzres.dll.mui - ok
05:48:07.0761 0x0b60 [ E61D644998E07C02F0999388808AC109, 15A85CD6FBCB1EC57D78F986D6DD8908BD56231CE0CF65775075512303F7E5FA ] C:\Windows\System32\fvenotify.exe
05:48:07.0761 0x0b60 C:\Windows\System32\fvenotify.exe - ok
05:48:07.0761 0x0b60 [ DC2C44A23B2CD52BD53ACCF389AE14B2, 7F5B19F2C6A94833196EE1929D48094889B33B504D73D3AF88DD857CEAF67921 ] C:\Windows\System32\fveprompt.exe
05:48:07.0761 0x0b60 C:\Windows\System32\fveprompt.exe - ok
05:48:07.0777 0x0b60 [ EED05D42D91835064703E2318552ED25, E9EE1E2253445B207B76F5D3073C612ED979A982522C1515E0FE8FA9641AE568 ] C:\Windows\System32\ExplorerFrame.dll
05:48:07.0777 0x0b60 C:\Windows\System32\ExplorerFrame.dll - ok
05:48:07.0777 0x0b60 [ 024352FEEC9042260BB4CFB4D79A206B, 60CB39086E10C5B66EBC15E4DF219620B344B4358D2918AB6BB3448A0AC8BE36 ] C:\Windows\System32\EhStorShell.dll
05:48:07.0777 0x0b60 C:\Windows\System32\EhStorShell.dll - ok
05:48:07.0777 0x0b60 [ 7EE5F17A21D9A9101207DF4BC37B085D, C07A56D52449B9F126B617FB4EFDC22EFE043C9B257B01967EA2FCCCA6216763 ] C:\Windows\System32\cscdll.dll
05:48:07.0777 0x0b60 C:\Windows\System32\cscdll.dll - ok
05:48:07.0793 0x0b60 [ 037A719DAD50603202C978CD802623E4, BD4C222913D32D7CF5FE0201FEBE7BD67FC39DF47A7A672C2D6C228A6E13B5DE ] C:\Windows\System32\ntshrui.dll
05:48:07.0793 0x0b60 C:\Windows\System32\ntshrui.dll - ok
05:48:07.0793 0x0b60 [ 1D63F4366288B8A7595397E27010FD44, 99EA4DDD88D9C4A4CC9B238F533CB4D2C062D46239173997E8594D8A75811A01 ] C:\Windows\System32\IconCodecService.dll
05:48:07.0793 0x0b60 C:\Windows\System32\IconCodecService.dll - ok
05:48:07.0793 0x0b60 [ A63DC5C2EA944E6657203E0C8EDEAF61, F7AD4B09AFB301CE46DF695B22114331A57D52E6D4163FF74787BF68CCF44C78 ] C:\Windows\SysWOW64\dllhost.exe
05:48:07.0793 0x0b60 C:\Windows\SysWOW64\dllhost.exe - ok
05:48:07.0808 0x0b60 [ 0B31464B7B2D616BD5F7036673588EC1, AAC717D7FB02D5F7CC11AECC5C87FE6B7224340C569EBF7B77BD8C9F79FAA190 ] C:\Windows\SysWOW64\IDStore.dll
05:48:07.0808 0x0b60 C:\Windows\SysWOW64\IDStore.dll - ok
05:48:07.0808 0x0b60 [ D44741F65A1D71F65814A12CF6E2400A, C6721F830675ADC7E7FDE2B5E822E56F6A063146F5066F1E25EBFE86F0A87136 ] C:\Windows\SysWOW64\runonce.exe
05:48:07.0808 0x0b60 C:\Windows\SysWOW64\runonce.exe - ok
05:48:07.0808 0x0b60 [ 025E7DBDB98866ED3CB2D4DDA70B364D, 78962F23F066E362AF1A4B98FA7D5E30AF30C561307438503031D30C944B6A6E ] C:\Windows\System32\runonce.exe
05:48:07.0808 0x0b60 C:\Windows\System32\runonce.exe - ok
05:48:07.0824 0x0b60 [ AD7B9C14083B52BC532FBA5948342B98, 17F746D82695FA9B35493B41859D39D786D32B23A9D2E00F4011DEC7A02402AE ] C:\Windows\SysWOW64\cmd.exe
05:48:07.0824 0x0b60 C:\Windows\SysWOW64\cmd.exe - ok
05:48:07.0824 0x0b60 [ 326C7F76A29897A892AA7726E91C1C67, 64305346B06EC14976130B0B80F14B4D5AB63E5B2A6A7B872EC9CE2BF8FADCD2 ] C:\Windows\SysWOW64\winbrand.dll
05:48:07.0824 0x0b60 C:\Windows\SysWOW64\winbrand.dll - ok
05:48:07.0824 0x0b60 [ 1BCDB508143B517F21BBDAC10F5777BF, 663E6944BCBA6022BFD30F579BB057ED563E18C7610B60EDAA42415CE5CEA1B4 ] C:\Windows\System32\conhost.exe
05:48:07.0824 0x0b60 C:\Windows\System32\conhost.exe - ok
05:48:07.0839 0x0b60 [ C87BA2C40185BBE1513A5DF6D2B2DA20, ECB7D9F900D2AC2309981F9598DCAA99598CA6804A6A7B59CDCF26D801728F96 ] C:\Users\Tribu\AppData\Local\Temp\{923FEB11-E3AC-45B5-8D44-A7F4CD7336D0}.exe
05:48:07.0839 0x0b60 C:\Users\Tribu\AppData\Local\Temp\{923FEB11-E3AC-45B5-8D44-A7F4CD7336D0}.exe - ok
05:48:07.0839 0x0b60 [ B2DB6ABA2E292235749B80A9C3DFA867, 92BCB678E2D0A7A9C15A74B41846D8723B96E37181407C0E8A56C7105659AAF3 ] C:\Windows\SysWOW64\imagehlp.dll
05:48:07.0839 0x0b60 C:\Windows\SysWOW64\imagehlp.dll - ok
05:48:07.0839 0x0b60 [ BF6D6ED5FADCEEE885BD0144ECF1BA27, 269EE4B920F16ECAA6838078C984210F7E6997B4A1B7BAEEB11515B8D6AF3575 ] C:\Windows\SysWOW64\ncrypt.dll
05:48:07.0839 0x0b60 C:\Windows\SysWOW64\ncrypt.dll - ok
05:48:07.0855 0x0b60 [ E8449FE262D7406BCB2AC2A45C53EC5F, 6C118C9FB26404D1943824CF3990F36E12986547FFACB7CC0DF975A913065D78 ] C:\Windows\SysWOW64\bcryptprimitives.dll
05:48:07.0855 0x0b60 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
05:48:07.0855 0x0b60 [ CA79539D3D4C0BA66F0F051A5EE5E923, 22595602077816D03BAC0D76E816DD7ED2192CCD7D6E2FF66F6CD2BF90B07BD7 ] C:\Windows\SysWOW64\cryptnet.dll
05:48:07.0855 0x0b60 C:\Windows\SysWOW64\cryptnet.dll - ok
05:48:07.0855 0x0b60 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9, E18D66455D00A6D2A2D7CC0833C233FE8A6DD910B59D6B5B5F82EF91450858DF ] C:\Windows\SysWOW64\sfc.dll
05:48:07.0855 0x0b60 C:\Windows\SysWOW64\sfc.dll - ok
05:48:07.0871 0x0b60 [ 84799328D87B3091A3BDD251E1AD31F9, F85521215924388830DBB13580688DB70B46AF4C7D82D549D09086438F8D237B ] C:\Windows\SysWOW64\sfc_os.dll
05:48:07.0871 0x0b60 C:\Windows\SysWOW64\sfc_os.dll - ok
05:48:07.0871 0x0b60 [ B519848DFA30AE2B306576B51321D102, CFD8BCB7645F2200819224BEB9F10BB226D30FE27B3BB31A35A2889FA301EFF2 ] C:\Windows\System32\ie4uinit.exe
05:48:07.0871 0x0b60 C:\Windows\System32\ie4uinit.exe - ok
05:48:07.0871 0x0b60 [ C3E98C42EDF7EF237A4BAB91FEAC7426, FD3E92D629828F8DDD830E1474D86CC71A9C2ED5074EB8D155B578D404A485BE ] C:\Windows\System32\iedkcs32.dll
05:48:07.0871 0x0b60 C:\Windows\System32\iedkcs32.dll - ok
05:48:07.0886 0x0b60 [ FB10715E4099AF9FA389C71873245226, 6A4CB43880B822A0C4714D6E52EB3EB2CE1E69C3AA9CA65EAAD6B131AE43F274 ] C:\Windows\System32\timedate.cpl
05:48:07.0886 0x0b60 C:\Windows\System32\timedate.cpl - ok
05:48:07.0886 0x0b60 [ 1B0EC94520CAB89A9CE1B2DA405166AF, 129102C98C8B3D403C85604C9A2AFC0471CDB1212FD2C5487D73FC089FC88F0C ] C:\Windows\SysWOW64\p2pcollab.dll
05:48:07.0886 0x0b60 C:\Windows\SysWOW64\p2pcollab.dll - ok
05:48:07.0886 0x0b60 [ C486E495C352FD6CA5168A1050F1A828, EEC9909C15C90F6E5E00D442821BF30AC699BB4D33E637229F7EA962E915AA58 ] C:\Windows\SysWOW64\en-US\p2pcollab.dll.mui
05:48:07.0886 0x0b60 C:\Windows\SysWOW64\en-US\p2pcollab.dll.mui - ok
05:48:07.0902 0x0b60 [ E6F0F82788E8BD0F7A616350EFA0761C, 13091DCB3E3F4F52C3FF210E93AAF1DCE142CFC09F671AEAC5B922393B23E67B ] C:\Windows\System32\actxprxy.dll
05:48:07.0902 0x0b60 C:\Windows\System32\actxprxy.dll - ok
05:48:07.0902 0x0b60 [ CC6975CAC67B3112C8059A64713BF232, 8F8B0384E2E2E719BDC1B10F1BBC1331E97504EC26E5FF3E2A3E7A233BBCC59B ] C:\Windows\SysWOW64\en-US\QAgentRT.dll.mui
05:48:07.0902 0x0b60 C:\Windows\SysWOW64\en-US\QAgentRT.dll.mui - ok
05:48:07.0917 0x0b60 [ DA4F4927E92DC21B14A42EE59F7038D4, C172E76EC6E511C8EE97C9A7A7EF49FAE5CA6AFF8DF2A6023D3BFED8F138B9B8 ] C:\Windows\SysWOW64\en-US\dnsapi.dll.mui
05:48:07.0917 0x0b60 C:\Windows\SysWOW64\en-US\dnsapi.dll.mui - ok
05:48:07.0917 0x0b60 [ D7BB0BA60B5910CBD644FBF8526AA936, 65EC413F89F84D4C6E26DE8DBCD35BB9325F2EE1F53DF8456C7EA635B28EAB33 ] C:\Windows\System32\en-US\fveui.dll.mui
05:48:07.0917 0x0b60 C:\Windows\System32\en-US\fveui.dll.mui - ok
05:48:07.0917 0x0b60 [ CD8E2AC80404403F63467643D2F4BCBF, 53EEB5FF6C74512FC411C1B3BA4F87197BEC65F223A02CB3F326DD285708F1C9 ] C:\Windows\SysWOW64\en-US\crypt32.dll.mui
05:48:07.0917 0x0b60 C:\Windows\SysWOW64\en-US\crypt32.dll.mui - ok
05:48:07.0933 0x0b60 [ 2FCA0D2C59A855C54BAFA22AA329DF0F, ED9D26F539065D62FCCEDEEC8E509B30F4D15F8DA586C1F657ACEFE9DABAACD0 ] C:\Windows\SysWOW64\netapi32.dll
05:48:07.0933 0x0b60 C:\Windows\SysWOW64\netapi32.dll - ok
05:48:07.0933 0x0b60 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86, E15ED4FEFC3010C213694331DDFDC03767682325C898D773AB243E2DC8B08461 ] C:\Windows\System32\msftedit.dll
05:48:07.0933 0x0b60 C:\Windows\System32\msftedit.dll - ok
05:48:07.0933 0x0b60 [ 7FCAB194F01E3403C300EB034E480B36, 907EBC0ACF0FD4A047DBD20A5FE71F36142162CA5A7A1A6498D5DB5B2AFC70DB ] C:\Windows\System32\msls31.dll
05:48:07.0933 0x0b60 C:\Windows\System32\msls31.dll - ok
05:48:07.0949 0x0b60 [ C2A9093E56551AACD417926F14F848E8, 7405CD8FD230173F344E0607A9223FA95329EE5134B8B95CA13F5E502999A6A8 ] C:\Windows\SysWOW64\msxml6r.dll
05:48:07.0949 0x0b60 C:\Windows\SysWOW64\msxml6r.dll - ok
05:48:07.0949 0x0b60 [ 569AC1376B12D4083FC66CC7A304F234, DD209F09573F10A77D710E30EF3D0461D2E8F4E5F18106B18EFB587C88393460 ] C:\Program Files\Microsoft Security Client\msseces.exe
05:48:07.0949 0x0b60 C:\Program Files\Microsoft Security Client\msseces.exe - ok
05:48:07.0949 0x0b60 [ A0A65D306A5490D2EB8E7DE66898ECFD, CE5DA408F4EDD5E81CE0925867F03C9A35172CF1571FE4C4C052E45AB69822BB ] C:\Windows\System32\linkinfo.dll
05:48:07.0949 0x0b60 C:\Windows\System32\linkinfo.dll - ok
05:48:07.0964 0x0b60 [ 24F4B480F335A6C724AF352253C5D98B, 011413B236CAD7B78CE0A0EEC3E3085D48C7576A3205D025BA6EBFDF590538E4 ] C:\Windows\System32\thumbcache.dll
05:48:07.0964 0x0b60 C:\Windows\System32\thumbcache.dll - ok
05:48:07.0964 0x0b60 [ C4F40F6CACD796A8E16671D0E9A2F319, 44853C645915D910ED0CC6D38F68B6C222528EC5FCBE990E238010F41204E682 ] C:\Windows\System32\shdocvw.dll
05:48:07.0964 0x0b60 C:\Windows\System32\shdocvw.dll - ok
05:48:07.0964 0x0b60 [ 405F4D32D2185F1F1BD753D8EEAFFB3A, CAC42C3E09C43BE96592B670D70821386014DB22D8239A9CFB9E33E54FB5C3D5 ] C:\Windows\System32\networkexplorer.dll
05:48:07.0964 0x0b60 C:\Windows\System32\networkexplorer.dll - ok
05:48:07.0980 0x0b60 [ D1DE1EAFDE97BE41CF6585027FF3E732, 76F17D4DF440D6734DC8157092D94EB18C2A73A0A49BEEA289E7B3EDE30E86A2 ] C:\Windows\SysWOW64\comdlg32.dll
05:48:07.0980 0x0b60 C:\Windows\SysWOW64\comdlg32.dll - ok
05:48:07.0980 0x0b60 [ 21D3A18769EC2C4E56756D04E989A221, 89F03143F662514957ADB513C16BA1F4CB15EF67A46037EEAAD09F2F3DD0841B ] C:\Windows\SysWOW64\msxml3.dll
05:48:07.0980 0x0b60 C:\Windows\SysWOW64\msxml3.dll - ok
05:48:07.0980 0x0b60 [ 4C2C4640BF23AAFCF90519E0F34436CE, 8ACCDA77C2DC5BE2DAED05134310122AFECC872A8D118612E55DD229BFE4D844 ] C:\Windows\System32\DeviceCenter.dll
05:48:07.0980 0x0b60 C:\Windows\System32\DeviceCenter.dll - ok
05:48:07.0995 0x0b60 [ A45CB10FC8C4DCA23F96FE4D334F64FE, B4E35A767D5D505E1AF22E37C7BA878B05395D576FE52F40DC1CD796B14D91FC ] C:\Windows\SysWOW64\msxml3r.dll
05:48:07.0995 0x0b60 C:\Windows\SysWOW64\msxml3r.dll - ok
05:48:07.0995 0x0b60 [ B64F4CC4C2172D401CA63967311D20B6, 071A381154B4CE3B3327481363DEC83DDAB00EFE03A4F150CDAC85F77CFF30FA ] C:\Program Files\Microsoft Security Client\MsMpRes.dll
05:48:07.0995 0x0b60 C:\Program Files\Microsoft Security Client\MsMpRes.dll - ok
05:48:07.0995 0x0b60 [ AD1FBB07B0A2D3BF666D36344744A049, 67E3369884C6D07812B004017AAEB23442A6FF8CEED6813BF6E05D6045C81F19 ] C:\Program Files\Microsoft Security Client\en-us\MsMpRes.dll.mui
05:48:07.0995 0x0b60 C:\Program Files\Microsoft Security Client\en-us\MsMpRes.dll.mui - ok
05:48:08.0011 0x0b60 [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\Users\Tribu\AppData\Local\Temp\{ACE7249D-40AA-4FB5-A3CA-63FB99DAC4FA}\{5ED0C8FD-1F4B-4FE9-9154-C8C057CC0475}.tmp
05:48:08.0011 0x0b60 C:\Users\Tribu\AppData\Local\Temp\{ACE7249D-40AA-4FB5-A3CA-63FB99DAC4FA}\{5ED0C8FD-1F4B-4FE9-9154-C8C057CC0475}.tmp - ok
05:48:08.0011 0x0b60 [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\Users\Tribu\AppData\Local\Temp\{ACE7249D-40AA-4FB5-A3CA-63FB99DAC4FA}\{259C0A6C-48BE-4C90-8BF7-2A852FAF97D0}.tmp
05:48:08.0011 0x0b60 C:\Users\Tribu\AppData\Local\Temp\{ACE7249D-40AA-4FB5-A3CA-63FB99DAC4FA}\{259C0A6C-48BE-4C90-8BF7-2A852FAF97D0}.tmp - ok
05:48:08.0011 0x0b60 [ 80808656078CFCC32CF8BFEB0DD66279, 383F37599ABF16EEDEB2A60242DB7EDCC3D210A2A59DD61169047059F7041C5C ] C:\Users\Tribu\AppData\Local\Temp\{ACE7249D-40AA-4FB5-A3CA-63FB99DAC4FA}\{F4B06951-2A0E-4364-854F-94BB9EB6D072}.tmp
05:48:08.0011 0x0b60 C:\Users\Tribu\AppData\Local\Temp\{ACE7249D-40AA-4FB5-A3CA-63FB99DAC4FA}\{F4B06951-2A0E-4364-854F-94BB9EB6D072}.tmp - ok
05:48:08.0027 0x0b60 [ 93812FDC01AA864195816CD814445F95, E5CB2576DA2905177AFD342DBE63E17CF626F93F430DEBC55155C18C60166BEE ] C:\Program Files\Microsoft Security Client\SqmApi.dll
05:48:08.0027 0x0b60 C:\Program Files\Microsoft Security Client\SqmApi.dll - ok
05:48:08.0027 0x0b60 [ 6B63EA7979F501C37FC55A26CA162ACD, A2118847A624B2AEB133131EC1D28541221F779879FBAAE934D1198609221809 ] C:\Windows\SysWOW64\en-US\user32.dll.mui
05:48:08.0027 0x0b60 C:\Windows\SysWOW64\en-US\user32.dll.mui - ok
05:48:08.0027 0x0b60 [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\Users\Tribu\AppData\Local\Temp\{ACE7249D-40AA-4FB5-A3CA-63FB99DAC4FA}\{0614BA8F-4F41-4AF5-92D4-5EBD4ABE6D7E}.tmp
05:48:08.0027 0x0b60 C:\Users\Tribu\AppData\Local\Temp\{ACE7249D-40AA-4FB5-A3CA-63FB99DAC4FA}\{0614BA8F-4F41-4AF5-92D4-5EBD4ABE6D7E}.tmp - ok
05:48:08.0042 0x0b60 [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\Users\Tribu\AppData\Local\Temp\{ACE7249D-40AA-4FB5-A3CA-63FB99DAC4FA}\{07C08F81-A7AE-44B5-9859-7E37FE5A91FA}.tmp
05:48:08.0042 0x0b60 C:\Users\Tribu\AppData\Local\Temp\{ACE7249D-40AA-4FB5-A3CA-63FB99DAC4FA}\{07C08F81-A7AE-44B5-9859-7E37FE5A91FA}.tmp - ok
05:48:08.0042 0x0b60 [ 371948BC5911ABA06168FAC91ED25F06, 3DBBBC961627033613338418987F163C390750E2C5C64FF8B49E7E5B3BE92506 ] C:\Windows\System32\msxml3.dll
05:48:08.0042 0x0b60 C:\Windows\System32\msxml3.dll - ok
05:48:08.0058 0x0b60 [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\Users\Tribu\AppData\Local\Temp\{ACE7249D-40AA-4FB5-A3CA-63FB99DAC4FA}\{3C268E90-2E51-4A8C-B928-E0D71C6643B6}.tmp
05:48:08.0058 0x0b60 C:\Users\Tribu\AppData\Local\Temp\{ACE7249D-40AA-4FB5-A3CA-63FB99DAC4FA}\{3C268E90-2E51-4A8C-B928-E0D71C6643B6}.tmp - ok
05:48:08.0058 0x0b60 [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\Users\Tribu\AppData\Local\Temp\{ACE7249D-40AA-4FB5-A3CA-63FB99DAC4FA}\{0581E251-98F6-4C84-B1C2-4F952B32C9B3}.tmp
05:48:08.0058 0x0b60 C:\Users\Tribu\AppData\Local\Temp\{ACE7249D-40AA-4FB5-A3CA-63FB99DAC4FA}\{0581E251-98F6-4C84-B1C2-4F952B32C9B3}.tmp - ok
05:48:08.0058 0x0b60 [ B837D1528CE2E3CB79F09496BC08DDC6, ACD54CE61CFE94F23DC283537AD8FFBEB3D6041BD30317B60BA7A10FCB240A27 ] C:\Windows\System32\SensApi.dll
05:48:08.0058 0x0b60 C:\Windows\System32\SensApi.dll - ok
05:48:08.0073 0x0b60 [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\Users\Tribu\AppData\Local\Temp\{ACE7249D-40AA-4FB5-A3CA-63FB99DAC4FA}\{C126B27D-674C-4469-84C7-89AAA15AD04E}.tmp
05:48:08.0073 0x0b60 C:\Users\Tribu\AppData\Local\Temp\{ACE7249D-40AA-4FB5-A3CA-63FB99DAC4FA}\{C126B27D-674C-4469-84C7-89AAA15AD04E}.tmp - ok
05:48:08.0073 0x0b60 [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\Users\Tribu\AppData\Local\Temp\{ACE7249D-40AA-4FB5-A3CA-63FB99DAC4FA}\{D50DF967-C828-45B3-8180-B1E0D3BEBABC}.tmp
05:48:08.0073 0x0b60 C:\Users\Tribu\AppData\Local\Temp\{ACE7249D-40AA-4FB5-A3CA-63FB99DAC4FA}\{D50DF967-C828-45B3-8180-B1E0D3BEBABC}.tmp - ok
05:48:08.0089 0x0b60 [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\Users\Tribu\AppData\Local\Temp\{ACE7249D-40AA-4FB5-A3CA-63FB99DAC4FA}\{E769A81E-6D77-420D-972C-2F5539A05DA0}.tmp
05:48:08.0089 0x0b60 C:\Users\Tribu\AppData\Local\Temp\{ACE7249D-40AA-4FB5-A3CA-63FB99DAC4FA}\{E769A81E-6D77-420D-972C-2F5539A05DA0}.tmp - ok
05:48:08.0089 0x0b60 [ A6C29DB53ECA94FA8591C5388D604B82, F25E95BA669422286A8FA3A68E0C639A2F06319B6DC8FA641C965CFB27A50BD6 ] C:\Windows\SysWOW64\msi.dll
05:48:08.0089 0x0b60 C:\Windows\SysWOW64\msi.dll - ok
05:48:08.0089 0x0b60 [ 102CF6879887BBE846A00C459E6D4ABC, A4C51C79CF95D5C79DCEFB02946A09A987FEAF83CE2EE1BA7677EBA90869AC80 ] C:\Windows\SysWOW64\riched20.dll
05:48:08.0089 0x0b60 C:\Windows\SysWOW64\riched20.dll - ok
05:48:08.0105 0x0b60 [ 2BCBA6052374959A30BD7948444DBB79, 46224A2B729026FEEBC3C6A09E69919D477097848DB2CA0C2F5B166CDF379660 ] C:\Windows\System32\gameux.dll
05:48:08.0105 0x0b60 C:\Windows\System32\gameux.dll - ok
05:48:08.0105 0x0b60 [ 3819AD4329303EAC88480CA16A650735, FBE665BEE15A334851AF4BF9969C8BC21B3F0254CAA5E21E67D7843D4171E675 ] C:\Windows\System32\UIAnimation.dll
05:48:08.0105 0x0b60 C:\Windows\System32\UIAnimation.dll - ok
05:48:08.0105 0x0b60 [ C3761661C17C2248A9379A8FB89E3DE1, CE3477FA2B4058EB80739E0161FE957545F13CF86D313F6422732901D35F75F2 ] C:\Windows\System32\stobject.dll
05:48:08.0105 0x0b60 C:\Windows\System32\stobject.dll - ok
05:48:08.0120 0x0b60 [ F832EEEA97CDDA1AF577E721F652A0D1, EBBB7CA199BA4DF231123922BD310D43DE0104C6185B70FE0281B938D5336F2E ] C:\Windows\System32\batmeter.dll
05:48:08.0120 0x0b60 C:\Windows\System32\batmeter.dll - ok
05:48:08.0120 0x0b60 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122, E7EA375A3BDE8FC764CB09524344370B9EE25F98AD6C83E6F37A569EB8D277D6 ] C:\Windows\System32\prnfldr.dll
05:48:08.0120 0x0b60 C:\Windows\System32\prnfldr.dll - ok
05:48:08.0120 0x0b60 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891, 0A82A475301202791A7C10F978F952EAB7DB146A702D4EA67E24E2C98BC19638 ] C:\Windows\System32\Syncreg.dll
05:48:08.0120 0x0b60 C:\Windows\System32\Syncreg.dll - ok
05:48:08.0136 0x0b60 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D, A63836DB3B01835DC1311526A95198D6EBCCB1DC9DDAFBC38EC36C128CDB98B9 ] C:\Windows\System32\netshell.dll
05:48:08.0136 0x0b60 C:\Windows\System32\netshell.dll - ok
05:48:08.0136 0x0b60 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB, CF9082360E32A7C3E13A67AC2C6192F4A76870D43DA9FF2936993A637F712761 ] C:\Windows\System32\AltTab.dll
05:48:08.0136 0x0b60 C:\Windows\System32\AltTab.dll - ok
05:48:08.0136 0x0b60 [ C8FDF0FA9E97E2FAAF3F814716AAA881, DD24A1CAB44D943B0E1A795A347AD25D9305FC7F012A2566A6A14BD47221831F ] C:\Windows\System32\WPDShServiceObj.dll
05:48:08.0136 0x0b60 C:\Windows\System32\WPDShServiceObj.dll - ok
05:48:08.0151 0x0b60 [ 236F286E103FD44BD85FDD93097FD5DD, C369C98E76FEFBB05A12ABEECCF89C75132419B56866ED9AB77F61F84BA62785 ] C:\Windows\SysWOW64\SearchIndexer.exe
05:48:08.0151 0x0b60 C:\Windows\SysWOW64\SearchIndexer.exe - ok
05:48:08.0151 0x0b60 [ 10F815BE90A66AAFC6C713D1BD626064, 01139FC04BC53594296F6A0E16B8D20B940F64BC8119FE7705C03C4947958F39 ] C:\Windows\System32\pnidui.dll
05:48:08.0151 0x0b60 C:\Windows\System32\pnidui.dll - ok
05:48:08.0151 0x0b60 [ 28CAAA8B3DAC4604B6871F311C6B9F49, 27552F9FF89C48275FA430190F9E8281F2A83A26C9F9CDE2E7D3B4DD1C199B6A ] C:\Windows\SysWOW64\NlsData0000.dll
05:48:08.0151 0x0b60 C:\Windows\SysWOW64\NlsData0000.dll - ok
05:48:08.0167 0x0b60 [ B9F0A4020AA98B7A20287BF7FE99A1FD, 21138F161EEEA46198890C7A2D073F2C82829E15676131BDAD9F237EDC7477CD ] C:\Windows\System32\QUTIL.DLL
05:48:08.0167 0x0b60 C:\Windows\System32\QUTIL.DLL - ok
05:48:08.0167 0x0b60 [ E1AC89F6C5252057E6062843E36A6701, 32BE52836F2A011D46957AD60ABA48986B87026FD50ED09D8495460C7F1AB23E ] C:\Windows\SysWOW64\SearchProtocolHost.exe
05:48:08.0167 0x0b60 C:\Windows\SysWOW64\SearchProtocolHost.exe - ok
05:48:08.0167 0x0b60 [ 234AFA322624B3203A2E720F08292B03, 0C0ACDD63FD82EDD34442E9E0763872BA6BF6AC73AB89147EA5FDD1E0229CC0A ] C:\Windows\System32\cscobj.dll
05:48:08.0167 0x0b60 C:\Windows\System32\cscobj.dll - ok
05:48:08.0183 0x0b60 [ 8444A7364D6877922049E99BF4B78C5C, 8BA2EEE84D61743CAA6286D59839963C5ED9AB7C857A4B9926EB640BBE43C425 ] C:\Windows\SysWOW64\ELSCore.dll
05:48:08.0183 0x0b60 C:\Windows\SysWOW64\ELSCore.dll - ok
05:48:08.0183 0x0b60 [ 8569E35D00F45972E506502EEE622BA4, 01FE851C03DB88C8373099C279F995A559D962B08932E193032FA3EAD522FB01 ] C:\Windows\System32\srchadmin.dll
05:48:08.0183 0x0b60 C:\Windows\System32\srchadmin.dll - ok
05:48:08.0183 0x0b60 [ 465DBF63A5049E4DB4BC5C12FFE781CB, D12F6A9FB92144B2CFFD28BD72C234BA42F882EF22122DB83CE5EB1B8EBE9017 ] C:\Windows\SysWOW64\tquery.dll
05:48:08.0183 0x0b60 C:\Windows\SysWOW64\tquery.dll - ok
05:48:08.0198 0x0b60 [ 0241CB16136B9A4939CA0395768AE286, E7A3A0BDB4AC4BD718C93BE650541F96603739BDB3DB6860665DCC073DA8007D ] C:\Windows\SysWOW64\mssrch.dll
05:48:08.0198 0x0b60 C:\Windows\SysWOW64\mssrch.dll - ok
05:48:08.0198 0x0b60 [ 256503028879103E9741A276FA24D65D, 6F32B44826FCA3365D77127361F93A009D70A8A63C8825A8B8235B237C60FF41 ] C:\Windows\SysWOW64\esent.dll
05:48:08.0198 0x0b60 C:\Windows\SysWOW64\esent.dll - ok
05:48:08.0198 0x0b60 [ 53EC01707439C113AA7B495FFB24A0AB, 774B41A30A597EEEA66318F8D918D474E2EE2F8F54966962EC61BC7ADD502EC3 ] C:\Windows\SysWOW64\en-US\SearchIndexer.exe.mui
05:48:08.0198 0x0b60 C:\Windows\SysWOW64\en-US\SearchIndexer.exe.mui - ok
05:48:08.0214 0x0b60 [ 92DBF0A4C9239169010FC6E07859C82E, 00FB2CF4420F0FFEF519AFE732A708CF249640121E2A891CAA164313ABD7F804 ] C:\Windows\System32\ActionCenter.dll
05:48:08.0214 0x0b60 C:\Windows\System32\ActionCenter.dll - ok
05:48:08.0214 0x0b60 [ 81600E2E27ED61427AAD865B9BCDDB9D, 0D7D39C0A5A2C24FAADCA41658A1C62D13180B462C78103BDF6DBD76B64DD79A ] C:\Windows\SysWOW64\msidle.dll
05:48:08.0214 0x0b60 C:\Windows\SysWOW64\msidle.dll - ok
05:48:08.0229 0x0b60 [ 71C4F42DC8DB668E826DA79462EA741E, 69452DBC1CD4E09B27A42A535827B359FA9A2762A106E91653DDB7BF00A9C029 ] C:\Windows\SysWOW64\KBDUS.DLL
05:48:08.0229 0x0b60 C:\Windows\SysWOW64\KBDUS.DLL - ok
05:48:08.0229 0x0b60 [ 13337A3FB17F2242487FD45488ED0485, C174F8652118876494336AB88A65D594E0E6CCBAB20CC6BA08E6B253855A01CA ] C:\Windows\SysWOW64\vssapi.dll
05:48:08.0229 0x0b60 C:\Windows\SysWOW64\vssapi.dll - ok
05:48:08.0229 0x0b60 [ B940289C83121046BD6A60ACC6028593, EBD1C2C0A8EBB201924536AB5C6E032C12B9E081A153CC079748E1D6D625F0DF ] C:\Windows\SysWOW64\vsstrace.dll
05:48:08.0229 0x0b60 C:\Windows\SysWOW64\vsstrace.dll - ok
05:48:08.0245 0x0b60 [ F343D80C26B3BDFCA8066BD5FD397E73, D39CF8FB49E9FB47968065202D41E492C020B9CBC0CE911C366C3199CDD37C2E ] C:\Windows\SysWOW64\en-US\vsstrace.dll.mui
05:48:08.0245 0x0b60 C:\Windows\SysWOW64\en-US\vsstrace.dll.mui - ok
05:48:08.0245 0x0b60 [ B1D00F879817E58D51452ECA7EEF0B04, 94543BDA812290C64B234C2F62D2E66945D654D1517A554096B7DDA105E2AC73 ] C:\Windows\SysWOW64\en-US\ESENT.dll.mui
05:48:08.0245 0x0b60 C:\Windows\SysWOW64\en-US\ESENT.dll.mui - ok
05:48:08.0245 0x0b60 [ B63E24E9271E99FD4540E3CA22A937DA, A9E75FBF482C4447E887E5B6EBAD96FE827F0BBD1101F1D8B54EE178D3AEAA7E ] C:\Windows\SysWOW64\en-US\tquery.dll.mui
05:48:08.0245 0x0b60 C:\Windows\SysWOW64\en-US\tquery.dll.mui - ok
05:48:08.0261 0x0b60 [ A6CD6B3F71E13E2E45B727FB8A47EA87, 4D84F6B03185DA961543ADFB927CBC17A1A9F216AC24E9A9228780AD7DD0222E ] C:\Windows\SysWOW64\SearchFilterHost.exe
05:48:08.0261 0x0b60 C:\Windows\SysWOW64\SearchFilterHost.exe - ok
05:48:08.0261 0x0b60 [ 8B57A1AD493653BB57F281FE75DD175B, 65A54DDCA45CED94F7CF079632F127C247DD9E5E4D2B074593F89621F8CC6C55 ] C:\Windows\SysWOW64\NaturalLanguage6.dll
05:48:08.0261 0x0b60 C:\Windows\SysWOW64\NaturalLanguage6.dll - ok
05:48:08.0261 0x0b60 [ 2992932C1AB1D29A1A4A9E8CB8530CBF, 894FB2246F09FAC7E78FA1DC0159E888944AD3F4E66844BCE01A967B789CC82B ] C:\Windows\SysWOW64\NlsData0009.dll
05:48:08.0261 0x0b60 C:\Windows\SysWOW64\NlsData0009.dll - ok
05:48:08.0276 0x0b60 [ C8CB301BF896C7C556BBE963FADF5BB6, 94ABF348C70E4BE391B9344CC730A0A98D6EB042EA1D031840DA3DB74A76849C ] C:\Windows\SysWOW64\NlsLexicons0009.dll
05:48:08.0276 0x0b60 C:\Windows\SysWOW64\NlsLexicons0009.dll - ok
05:48:08.0276 0x0b60 [ 7B3FD36359DE5D2EE49D213CCAD13427, 1903FAB91028CCE19AF4B88154EBE2B175F3C4535B0FAE8F2DBB5A83E74C7DD1 ] C:\Windows\SysWOW64\elsTrans.dll
05:48:08.0276 0x0b60 C:\Windows\SysWOW64\elsTrans.dll - ok
05:48:08.0276 0x0b60 [ 02A2ED8497F437EA200DF3ACED255AFE, 228EF857617715297C31349C9A568E9759D5AA58D5800E9C048AD3F1B9482777 ] C:\Windows\SysWOW64\elslad.dll
05:48:08.0276 0x0b60 C:\Windows\SysWOW64\elslad.dll - ok
05:48:08.0292 0x0b60 [ 72332C91BCBFC62CE5C5EB3634C24090, 405C98D776805C052E141E5C44FB10885829722B9E0DB8AD0E688A80332F70B0 ] C:\Windows\SysWOW64\en-US\elscore.dll.mui
05:48:08.0292 0x0b60 C:\Windows\SysWOW64\en-US\elscore.dll.mui - ok
05:48:08.0292 0x0b60 [ 0B7E85364CB878E2AD531DB7B601A9E5, F5AD3018427F1CD68450EE5CB55AA9572546322580E0FB1E7888702A291C2380 ] C:\Windows\SysWOW64\NapiNSP.dll
05:48:08.0292 0x0b60 C:\Windows\SysWOW64\NapiNSP.dll - ok
05:48:08.0292 0x0b60 [ 5CF640EDDB1E40A5AB1BB743BCDEC610, 0313AA3F713C9F5B84DBB0B4DE78A96B173E9F7B4CF61C10FDC7DAE952DB04E5 ] C:\Windows\SysWOW64\pnrpnsp.dll
05:48:08.0292 0x0b60 C:\Windows\SysWOW64\pnrpnsp.dll - ok
05:48:08.0307 0x0b60 [ 589DF683A6C81424A6CECE52ABF98A50, 8CE0D07B2FC1F1BF8C07434FAFCDC63FDD3B75007C3B2EED130DB69D2D16E90A ] C:\Windows\System32\tquery.dll
05:48:08.0307 0x0b60 C:\Windows\System32\tquery.dll - ok
05:48:08.0307 0x0b60 [ 5DF5D8CFD9B9573FA3B2C89D9061A240, 990EA273B640DF2D7E800C0CFF18550259C605A4951CD82CD9F1E7B6FF0C9533 ] C:\Windows\SysWOW64\winrnr.dll
05:48:08.0307 0x0b60 C:\Windows\SysWOW64\winrnr.dll - ok
05:48:08.0307 0x0b60 [ 7568CC720ACE4D03B84AF97817E745EF, 7155144CB0B260B969C398A36BC277C97BEADB5DB137D19A4F7E5AF61C3E24D4 ] C:\Windows\System32\mssrch.dll
05:48:08.0307 0x0b60 C:\Windows\System32\mssrch.dll - ok
05:48:08.0323 0x0b60 [ D63F0353F632FB1EDE724173BE6DB5B5, 82FC79B99BD5D99231CE6701CBACA94ED6F6EC5B7EC0F00F63FC942B2D06568E ] C:\Windows\System32\esent.dll
05:48:08.0323 0x0b60 C:\Windows\System32\esent.dll - ok
05:48:08.0323 0x0b60 [ 3121A79D13A61562BE9CC902CD46B542, 00A5833A48338A4A9A5530844924AF4F1FAB618DA46D7EBBC6E2165C32ED376C ] C:\Windows\System32\msidle.dll
05:48:08.0323 0x0b60 C:\Windows\System32\msidle.dll - ok
05:48:08.0323 0x0b60 [ ACE1BB07E0377E37A2C514CD2EC119B1, A9AFA4774DFA875496764D6E541A6333A3ACD3C5D2BBEF753C2D80BA83B4AC15 ] C:\Windows\System32\mssprxy.dll
05:48:08.0323 0x0b60 C:\Windows\System32\mssprxy.dll - ok
05:48:08.0339 0x0b60 [ D39DA70FEA6BD713682F70635587DA9E, FF18C97642F48C711D75F32115B1260FE0BDF6072403E5A9226E9BE780AF1969 ] C:\Windows\SysWOW64\rasdlg.dll
05:48:08.0339 0x0b60 C:\Windows\SysWOW64\rasdlg.dll - ok
05:48:08.0339 0x0b60 [ C9FB9038B15036CA28CF0B4BE2BED9BD, 0F56384E798B3F725FFEFC6E31A980DA31F620DB847F601273EF19E8CE74A226 ] C:\Windows\System32\en-US\tquery.dll.mui
05:48:08.0339 0x0b60 C:\Windows\System32\en-US\tquery.dll.mui - ok
05:48:08.0339 0x0b60 [ D2155709E336C3BC15729EB87FEC6064, 682A84C0F2D892E7A6CEE4E5937B4799E352AAE3B71E7037F2A343373467443C ] C:\Windows\System32\rasdlg.dll
05:48:08.0339 0x0b60 C:\Windows\System32\rasdlg.dll - ok
05:48:08.0354 0x0b60 [ D4191EFAB91E00FC09257AA5EBAF503B, 161B572CF4C65984EAFDBA95357373BC712AA414B52DDA23523F84151240E337 ] C:\Windows\SysWOW64\mprapi.dll
05:48:08.0354 0x0b60 C:\Windows\SysWOW64\mprapi.dll - ok
05:48:08.0354 0x0b60 [ 2DF29664ED261F0FC448E58F338F0671, 4EFE79C383D0AF126FC4EE668D822563F8F037B1E61D73747A35FE11AAFDB8CE ] C:\Windows\System32\mprapi.dll
05:48:08.0354 0x0b60 C:\Windows\System32\mprapi.dll - ok
05:48:08.0354 0x0b60 [ 1FF7E4F548C7C372C804938F0D5B36AE, F20409733F67853CBF51FD83E4DB73260FED7B7A4F361C6B3482D78C990E16FC ] C:\Windows\SysWOW64\netcfgx.dll
05:48:08.0354 0x0b60 C:\Windows\SysWOW64\netcfgx.dll - ok
05:48:08.0370 0x0b60 [ 04B88428A872390D235BE52D38A9D4EF, F6954D514B67547738EB012456342D65289B0B18A0304BBAD5BDAA3436181C77 ] C:\Windows\SysWOW64\dot3api.dll
05:48:08.0370 0x0b60 C:\Windows\SysWOW64\dot3api.dll - ok
05:48:08.0370 0x0b60 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2, E8ACB693B1A78FAEF292111BE3F9B10BA95C76833C06C931A08EAAAE39A21334 ] C:\Windows\System32\dot3api.dll
05:48:08.0370 0x0b60 C:\Windows\System32\dot3api.dll - ok
05:48:08.0385 0x0b60 [ 5A5FEDDF02588B8F9FE4A95E5E7EAE97, 364A2DC446E9AB091A216D0EED559CEA334AA46EC0BC693CBD6CE1DE0F89317B ] C:\Windows\SysWOW64\eappcfg.dll
05:48:08.0385 0x0b60 C:\Windows\SysWOW64\eappcfg.dll - ok
05:48:08.0385 0x0b60 [ 0D753307D274F3688BD21C377B616700, 5DD08E77A11F2561FB96BA212FDDFE21D4394C69C34C3EB88F7F5CD068EE55BF ] C:\Windows\System32\eappcfg.dll
05:48:08.0385 0x0b60 C:\Windows\System32\eappcfg.dll - ok
05:48:08.0385 0x0b60 [ 8063046AA70B97CA9985672B8848FB2E, C7A7F2D216D1F0D7F28A22E4933DB3D821AC52CC2EF7AE8BA08D18104FCF8B81 ] C:\Windows\SysWOW64\wlanhlp.dll
05:48:08.0385 0x0b60 C:\Windows\SysWOW64\wlanhlp.dll - ok
05:48:08.0401 0x0b60 [ E4FCA0F99A41E460C84016DEFD31E6EF, 8EB14AF2025EADC7C86280E8417D8F286E8271B4F88B31696E33DFD72B3A0EF2 ] C:\Windows\System32\wlanhlp.dll
05:48:08.0401 0x0b60 C:\Windows\System32\wlanhlp.dll - ok
05:48:08.0401 0x0b60 [ 357BE883C5236BFC7341CB9E82308908, 4DDB697FD9B7C516CF99D73C8799EA35BB97E2431216CD7C1045F17B06109FBF ] C:\Windows\System32\wlanapi.dll
05:48:08.0401 0x0b60 C:\Windows\System32\wlanapi.dll - ok
05:48:08.0401 0x0b60 [ 7F1B4C6FF3B85F9ADF74055187B8A22C, CC95DA5662638AACBE9643DCB236464C2C2095A8D5CDC8A747045870BE9D0E7D ] C:\Windows\System32\wlanutil.dll
05:48:08.0401 0x0b60 C:\Windows\System32\wlanutil.dll - ok
05:48:08.0417 0x0b60 [ F748F53FE09D21D8ECBB6421E6792024, 38F737673F8B089B2540CE7015A4DF7081754F7CC83BFF85199B70555AF32ED0 ] C:\Windows\SysWOW64\onex.dll
05:48:08.0417 0x0b60 C:\Windows\SysWOW64\onex.dll - ok
05:48:08.0417 0x0b60 [ 73FCB7919DEE80EE556F2E498594EBAE, D0F7A0AD3BC33263E9C2CF9787DD326436F9E0C9F5031D769F8A43C64C08A762 ] C:\Windows\System32\onex.dll
05:48:08.0417 0x0b60 C:\Windows\System32\onex.dll - ok
05:48:08.0417 0x0b60 [ D7CEAEDD5F75D2C8A2E80887D7C114CE, 44D7D7BBF8643D4168A3B0369AB88C83A156943FB6295FAF8E131C55F080ED19 ] C:\Windows\System32\webcheck.dll
05:48:08.0417 0x0b60 C:\Windows\System32\webcheck.dll - ok
05:48:08.0432 0x0b60 [ 52B97C4ECC089D9E037437FE37328341, F171A132B906362CE17FEFAA140719A0FCE60A685639B24A0FBCC338FBD3A440 ] C:\Windows\System32\ieframe.dll
05:48:08.0432 0x0b60 C:\Windows\System32\ieframe.dll - ok
05:48:08.0432 0x0b60 [ 666E57B6B51824D1D235F80A3DD70A13, B2ACCABDD5D8B23E502FE691C1DEE4A2C0EA20EDCDE5B4000557579D56D411EC ] C:\Windows\SysWOW64\eappprxy.dll
05:48:08.0432 0x0b60 C:\Windows\SysWOW64\eappprxy.dll - ok
05:48:08.0432 0x0b60 [ 65522E77A1360DBC8D199DA3BF5EFFE4, E9D748070FA478A3D37F15049F998D340885C0DC5FCE03BFCE5D521C9EBA7350 ] C:\Windows\System32\eappprxy.dll
05:48:08.0432 0x0b60 C:\Windows\System32\eappprxy.dll - ok
05:48:08.0448 0x0b60 [ 6383C60EC0133B14F5705F96369421B2, EAB3FA2344B853148F199F744E716FBB8E9331B9DB588F784274599B6BCE2335 ] C:\Windows\SysWOW64\hnetcfg.dll
05:48:08.0448 0x0b60 C:\Windows\SysWOW64\hnetcfg.dll - ok
05:48:08.0448 0x0b60 [ C5B0324DB461559ADD070E632A6919FA, AB09CACB5B7DD372B27921A5E01220552A611CECA27EF87961001FA467FDED45 ] C:\Windows\SysWOW64\wbem\wbemprox.dll
05:48:08.0448 0x0b60 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
05:48:08.0448 0x0b60 [ 704314FD398C81D5F342CAA5DF7B7F21, CDA660E1E8AAE0789780B6B9604B138E67B2BDD1404A5E4C2354B35879D43085 ] C:\Windows\SysWOW64\wbemcomn.dll
05:48:08.0448 0x0b60 C:\Windows\SysWOW64\wbemcomn.dll - ok
05:48:08.0463 0x0b60 [ 776AE0564F8B1C282E331FD95A1BDC5F, 601CFCA3922FFEA46A54AD323845A76A12FC6AF9FF64E9B0AE294FBB1AFCF4CB ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
05:48:08.0463 0x0b60 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
05:48:08.0463 0x0b60 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A, 61B4D669C692775EF361445293163E84FAD8636AC49C8047BE806DB4E4093291 ] C:\Windows\SysWOW64\wbem\fastprox.dll
05:48:08.0463 0x0b60 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
05:48:08.0463 0x0b60 [ E3E811471DE781900FF21C1FD84E941E, 2A47FF52D1D6480AAD1919382E783EA184BF926311F8C7E466FEBE9F6FB88FD6 ] C:\Windows\SysWOW64\ntdsapi.dll
05:48:08.0463 0x0b60 C:\Windows\SysWOW64\ntdsapi.dll - ok
05:48:08.0479 0x0b60 [ CF636C92B762B26F0B39B38E92380A09, F7B8B0EA4536CE3BA33EE1BD0783F6AAD8C0EF69714E874D4A30B720A04C7A18 ] C:\Windows\System32\oleacc.dll
05:48:08.0479 0x0b60 C:\Windows\System32\oleacc.dll - ok
05:48:08.0479 0x0b60 [ 8494E126F0B10180F3293AF861CE1F7A, 538B1F30423DB2398E611BC46C80150C090698E633BABF7362F7060DBF0C3064 ] C:\Windows\System32\mlang.dll
05:48:08.0479 0x0b60 C:\Windows\System32\mlang.dll - ok
05:48:08.0479 0x0b60 [ 101797BA603D227946B4B5109867EB19, EBF2B48D1A4FE148F455EA32023ABC0D479215D48C7CE76E765F199CD3C80AF8 ] C:\Windows\System32\SyncCenter.dll
05:48:08.0479 0x0b60 C:\Windows\System32\SyncCenter.dll - ok
05:48:08.0495 0x0b60 [ 8130391F82D52D36C0441F714136957F, 1FD4FEE7CAF63E450F27729E07EA2A2F09288629FD872DBB6E8710B16D8DBD5D ] C:\Windows\System32\imapi2.dll
05:48:08.0495 0x0b60 C:\Windows\System32\imapi2.dll - ok
05:48:08.0495 0x0b60 [ 6A5C1A8AC0B572679361026D0E900420, B5E693B48B462E97738A3D4E58B60846159649EB15F4D11074B4BC107CC88562 ] C:\Windows\System32\hgcpl.dll
05:48:08.0495 0x0b60 C:\Windows\System32\hgcpl.dll - ok
05:48:08.0495 0x0b60 [ 5DA219F57A9076FB6FBD3C9C3713A672, 274FE616625B336D81841FDC752C8053D4CD6926565B899760D298D145CBA1A3 ] C:\Windows\System32\WWanAPI.dll
05:48:08.0495 0x0b60 C:\Windows\System32\WWanAPI.dll - ok
05:48:08.0510 0x0b60 [ 6B851E682A36453E1B1EE297FFB6E2AB, A641D3FD9463C4788B45B8B5584EA4489C1F63A71B4B595AE85FF3482CD5EDA6 ] C:\Windows\System32\QAGENT.DLL
05:48:08.0510 0x0b60 C:\Windows\System32\QAGENT.DLL - ok
05:48:08.0510 0x0b60 [ 62C7AACC746C9723468A8F2169ED3E85, 40E901F3EAFE52DF11D6BC4EF0E79F666EBDACE0B3C090CAD2358076E893EA47 ] C:\Windows\System32\wwapi.dll
05:48:08.0510 0x0b60 C:\Windows\System32\wwapi.dll - ok
05:48:08.0526 0x0b60 [ F7A256EC899C72B4ECDD2C02CB592EFD, 9C1AA9322E83CABB94AEA4375EAEB0C44700E1F33B8BE98649BA1DF4DDFAD326 ] C:\Windows\System32\bthprops.cpl
05:48:08.0526 0x0b60 C:\Windows\System32\bthprops.cpl - ok
05:48:08.0526 0x0b60 [ 7D4DC95A1F5E0818E74A399960569EA1, C2C3B735D5FA128B192C97E237F39CF084F64A2F455E678028ABCA3E2A1E40F6 ] C:\Windows\SysWOW64\wuapi.dll
05:48:08.0526 0x0b60 C:\Windows\SysWOW64\wuapi.dll - ok
05:48:08.0526 0x0b60 [ C47F35CC6FA4F1BDBEF8F87AC1A46537, 82EC7041317666D5370690BD2176CF00F5957036C29429319F45045BFFAE9EC2 ] C:\Windows\System32\wuapi.dll
05:48:08.0526 0x0b60 C:\Windows\System32\wuapi.dll - ok
05:48:08.0541 0x0b60 [ 7A6986DD659B96398A11AF5173892715, FB7818952B9015F433418E7DC656A2C20CD682056AB981A55C1722020142D578 ] C:\Windows\SysWOW64\cabinet.dll
05:48:08.0541 0x0b60 C:\Windows\SysWOW64\cabinet.dll - ok
05:48:08.0541 0x0b60 [ FA43D418BC945D27D0625B697B8442B5, 035DE0FEA440D2E3AD255EE84B388DDA538E778877033FDB54B8A61BB0AADE56 ] C:\Windows\System32\cabinet.dll
05:48:08.0541 0x0b60 C:\Windows\System32\cabinet.dll - ok
05:48:08.0541 0x0b60 [ FB633DCC8664E4CCACF562DB5BAE38CF, F2AF7C52717BBBE3A45D58B60A0D947497634F9F6DB23D64AE18F817CC0019A5 ] C:\Windows\SysWOW64\wups.dll
05:48:08.0541 0x0b60 C:\Windows\SysWOW64\wups.dll - ok
05:48:08.0557 0x0b60 [ E746ED90132C6B6313CE9179F56BD31D, CCE0367148E54AA1413C52CCE752CC75EA9E3A8232ECFC263C62A634B8CAEF5F ] C:\Windows\System32\wups.dll
05:48:08.0557 0x0b60 C:\Windows\System32\wups.dll - ok
05:48:08.0557 0x0b60 Waiting for KSN requests completion. In queue: 262
05:48:09.0571 0x0b60 Waiting for KSN requests completion. In queue: 262
05:48:10.0585 0x0b60 Waiting for KSN requests completion. In queue: 262
05:48:11.0599 0x0b60 Waiting for KSN requests completion. In queue: 262
05:48:12.0613 0x0b60 Waiting for KSN requests completion. In queue: 262
05:48:13.0783 0x0b60 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.5.216.0 ), 0x61000 ( enabled : updated )
05:48:13.0814 0x0b60 Win FW state via NFP2: enabled
05:48:17.0402 0x0b60 ============================================================
05:48:17.0402 0x0b60 Scan finished
05:48:17.0402 0x0b60 ============================================================
05:48:17.0402 0x086c Detected object count: 0
05:48:17.0402 0x086c Actual detected object count: 0
05:49:00.0474 0x0a68 Deinitialize success

 

 

4 ADWCLEANER LOGS (as of today, sorted according to time, recent being the last)

 

 

 

# AdwCleaner v3.023 - Report created 06/04/2014 at 00:20:56
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Tribu - TRIBU-PC
# Running from : C:\Users\Aswang2K\Downloads\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v0.0.0.0

-\\ Google Chrome v33.0.1750.154

[ File : C:\Users\Tribu\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\Aswang2K\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [928 octets] - [05/04/2014 22:36:55]
AdwCleaner[R1].txt - [903 octets] - [05/04/2014 22:38:17]
AdwCleaner[R2].txt - [826 octets] - [06/04/2014 00:20:56]
AdwCleaner[S0].txt - [963 octets] - [05/04/2014 22:39:54]

########## EOF - \AdwCleaner\AdwCleaner[R2].txt - [944 octets] ##########

 

 

# AdwCleaner v3.023 - Report created 06/04/2014 at 00:25:10
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Tribu - TRIBU-PC
# Running from : C:\Users\Aswang2K\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v0.0.0.0

-\\ Google Chrome v33.0.1750.154

[ File : C:\Users\Tribu\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\Aswang2K\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [928 octets] - [05/04/2014 22:36:55]
AdwCleaner[R1].txt - [903 octets] - [05/04/2014 22:38:17]
AdwCleaner[R2].txt - [1021 octets] - [06/04/2014 00:20:56]
AdwCleaner[S0].txt - [963 octets] - [05/04/2014 22:39:54]
AdwCleaner[S1].txt - [946 octets] - [06/04/2014 00:25:10]

########## EOF - \AdwCleaner\AdwCleaner[S1].txt - [1005 octets] ##########

 

 

# AdwCleaner v3.023 - Report created 06/04/2014 at 00:34:00
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Tribu - TRIBU-PC
# Running from : C:\Users\Aswang2K\Downloads\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v0.0.0.0

-\\ Google Chrome v33.0.1750.154

[ File : C:\Users\Tribu\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\Aswang2K\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [928 octets] - [05/04/2014 22:36:55]
AdwCleaner[R1].txt - [903 octets] - [05/04/2014 22:38:17]
AdwCleaner[R2].txt - [1021 octets] - [06/04/2014 00:20:56]
AdwCleaner[R3].txt - [886 octets] - [06/04/2014 00:34:00]
AdwCleaner[S0].txt - [963 octets] - [05/04/2014 22:39:54]
AdwCleaner[S1].txt - [1083 octets] - [06/04/2014 00:25:10]

########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [1064 octets] ##########

 

 

# AdwCleaner v3.023 - Report created 06/04/2014 at 00:34:31
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Tribu - TRIBU-PC
# Running from : C:\Users\Aswang2K\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v0.0.0.0

-\\ Google Chrome v33.0.1750.154

[ File : C:\Users\Tribu\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\Aswang2K\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [928 octets] - [05/04/2014 22:36:55]
AdwCleaner[R1].txt - [903 octets] - [05/04/2014 22:38:17]
AdwCleaner[R2].txt - [1021 octets] - [06/04/2014 00:20:56]
AdwCleaner[R3].txt - [1144 octets] - [06/04/2014 00:34:00]
AdwCleaner[S0].txt - [963 octets] - [05/04/2014 22:39:54]
AdwCleaner[S1].txt - [1083 octets] - [06/04/2014 00:25:10]
AdwCleaner[S2].txt - [1066 octets] - [06/04/2014 00:34:31]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1126 octets] ##########

 

 

RKILL LOG (safemode)

 

 

Rkill 2.6.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingc...opic308364.html

Program started at: 04/06/2014 12:16:28 AM in x64 mode. (Safe Mode)
Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * Base Filtering Engine (BFE) is not Running.
   Startup Type set to: Automatic

 * DHCP Client (Dhcp) is not Running.
   Startup Type set to: Automatic

 * DNS Client (Dnscache) is not Running.
   Startup Type set to: Automatic

 * COM+ Event System (EventSystem) is not Running.
   Startup Type set to: Automatic

 * Windows Firewall (MpsSvc) is not Running.
   Startup Type set to: Automatic

 * Network Connections (Netman) is not Running.
   Startup Type set to: Manual

 * Network Store Interface Service (nsi) is not Running.
   Startup Type set to: Automatic

 * Security Center (wscsvc) is not Running.
   Startup Type set to: Automatic (Delayed Start)

 * Windows Update (wuauserv) is not Running.
   Startup Type set to: Automatic (Delayed Start)

 * Ancillary Function Driver for Winsock (AFD) is not Running.
   Startup Type set to: System

 * Windows Firewall Authorization Driver (mpsdrv) is not Running.
   Startup Type set to: Manual

 * NetBT (NetBT) is not Running.
   Startup Type set to: System

 * NSI proxy service driver. (nsiproxy) is not Running.
   Startup Type set to: System

 * NetIO Legacy TDI Support Driver (tdx) is not Running.
   Startup Type set to: System

 * WMPNetworkSvc [Missing Service]

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * HOSTS file entries found:

   127.0.0.1       localhost
   ::1             localhost
  0.0.0.0 fr.a2dfp.net
  0.0.0.0 m.fr.a2dfp.net
  0.0.0.0 mfr.a2dfp.net
  0.0.0.0 ad.a8.net
  0.0.0.0 asy.a8ww.net
  0.0.0.0 static.a-ads.com
  0.0.0.0 abcstats.com
  0.0.0.0 ad4.abradio.cz
  0.0.0.0 a.abv.bg
  0.0.0.0 adserver.abv.bg
  0.0.0.0 adv.abv.bg
  0.0.0.0 bimg.abv.bg
  0.0.0.0 ca.abv.bg
  0.0.0.0 www2.a-counter.kiev.ua
  0.0.0.0 track.acclaimnetwork.com
  0.0.0.0 accuserveadsystem.com
  0.0.0.0 www.accuserveadsystem.com
  0.0.0.0 achmedia.com

  20 out of 13821 HOSTS entries shown.
  Please review HOSTS file for further entries.

Program finished at: 04/06/2014 12:18:28 AM
Execution time: 0 hours(s), 1 minute(s), and 59 seconds(s)

 

 

 FARBAR SERVICES SCANNER (with all boxes checked)

 

Farbar Service Scanner Version: 25-02-2014
Ran by Tribu (administrator) on 06-04-2014 at 12:53:25
Running from "C:\Users\Tribu\Desktop"
Microsoft Windows 7 Ultimate  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is unreachable
Attempt to access Google.com returned error: Google.com is unreachable
Attempt to access Yahoo.com returned error: Yahoo.com is unreachable

Windows Firewall:
=============

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Disabled Policy:
========================

Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.

Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****

 

 

 

 

NOTE: The time for this logs (for each tool) are not in the order by which they were generated. But for the individual tool, I checked it to be in the order according to their timestamps.

 

 

THANKS FOR HAVING THE TIME TO LOOK THROUGH THE LOGS. I REALLY APPRECIATE IT.


  • 0

#5
Aswang2K

Aswang2K

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

Note these logs are not recently done. I may have CCleaned, uninstalled programs, deleted orphaned entries using autoruns program, blocked ports in the wireless router IN-BETWEEN these logs.

 

I can redo the scans for each tools from this point if that would help.


Edited by Aswang2K, 05 April 2014 - 11:10 PM.

  • 0

#6
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,913 posts
Hi Aswang2K, :)
I implore you to contact your ISP about your situation since this issue may occur to you if you are on a shared network and one of the PCs in your network was infected. In addition, since it a fresh copy of Windows it is hardly possible that the infection is still present. Do the following fix and report me your condition.

 
  • Step #1 Run ESET Services repair tool
    • Please download ESET Services Repair Tool and save it to your Desktop;
    • Right click and choose Run as administrator;
    • If security notifications appear, click Continue or Run and then click Yes when asked if you want to proceed;
    • Once the tool has finished, you will be prompted to restart your computer. Click Yes to restart.
Regards,
Valinorum
  • 0

#7
Aswang2K

Aswang2K

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

Thanks for helping me out bro !

 

I will contact my ISP again regarding the IP change thing. I also visited dnsbl.info to check if my IP is blacklisted by other blacklisting authorities and only 2 sites marked my IP "red" : b.barracudacentral.org and cbl.abuseat.org. Which is quite comforting, I guess, just in case my ISP is that stubborn to renew my IP.

Anyway, I played around with bleepingcomputer tools last night and earlier today after downloading windows updates. Everything is about fine but I still have this gut feeling that something is not right.

Here are the summary and logs from the tools (I had fun scanning and reading notes from this forum, apologies for doing the scan without being told):

 

•RKill
•Chameleon and Malwarebytes - nothing found
•TDSSKILLER - (nothing found, but you be the judge)
•Junkware Removal Tool (fixed some registry and found nothing)
•AdwCleaner (found nothing but the ever persistent Chrome user preferences .. even with Chrome uninstalled)
•ESET Online Scanner ( found nothing on drive C:\   ... I didn't include drive D in scanning as my important files are there. I will just clean it up as soon as the windows partition is okay.)

 

I am now concerned with the Windows Power Shell residing in %SystemRoot%\syswow64\ , %windir%\system32\ , %windir%\sysWOW64\, and %SystemRoot%\system32\ . Is it safe to remove it and if so how ? I am also concerned with the number of Services running in Task Manager even when I turned off everything in Control Panel Programs and Features except for Internet Explorer 11 and Windows Search. I'd appreciate if you can help me disable Services and dll's that I don't really need. I have downloaded Farbar Recovery Scan Tool, OTL and ComboFix just in case.

 

Currently installed programs:

Adobe Flash Player 12 Active X
CCleaner
MalwareBytes Anti Malware version 1.75.0.1300 (Trial )
Microsoft Security Essentials
Microsoft Visual C++ 2010 x64 Redistributable 10.0.40219
Nvidia Graphics Driver 307.83

=============================
THE LOGS

 

1. RKill

Rkill 2.6.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingc...opic308364.html

Program started at: 04/07/2014 09:05:23 AM in x64 mode.
Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * WMPNetworkSvc [Missing Service]

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * HOSTS file entries found:

  127.0.0.1       localhost

Program finished at: 04/07/2014 09:05:58 AM
Execution time: 0 hours(s), 0 minute(s), and 34 seconds(s)

 

 

2. Chameleon and Malwarebytes

 

Downloaded Chameleon zip, extract and run Malwarebytes Chameleon just to make sure MalwareBytes is not taken over by a suspect malware. Chameleon.chm won't open so I switched to mbam-chameleon.com program.

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2014.04.07.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
Tribu :: TRIBU-PC [administrator]

Protection: Enabled

4/7/2014 9:23:48 AM
mbam-log-2014-04-07 (09-23-48).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 249634
Time elapsed: 2 minute(s), 4 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

3. TDSSKILLER (nothing found, but you be the judge)

 

09:30:16.0560 0x0a30  TDSS rootkit removing tool 3.0.0.28 Apr  4 2014 12:43:10
09:30:30.0537 0x0a30  ============================================================
09:30:30.0537 0x0a30  Current date / time: 2014/04/07 09:30:30.0537
09:30:30.0537 0x0a30  SystemInfo:
09:30:30.0537 0x0a30
09:30:30.0537 0x0a30  OS Version: 6.1.7601 ServicePack: 1.0
09:30:30.0537 0x0a30  Product type: Workstation
09:30:30.0537 0x0a30  ComputerName: TRIBU-PC
09:30:30.0537 0x0a30  UserName: Tribu
09:30:30.0537 0x0a30  Windows directory: C:\Windows
09:30:30.0537 0x0a30  System windows directory: C:\Windows
09:30:30.0537 0x0a30  Running under WOW64
09:30:30.0537 0x0a30  Processor architecture: Intel x64
09:30:30.0537 0x0a30  Number of processors: 2
09:30:30.0537 0x0a30  Page size: 0x1000
09:30:30.0537 0x0a30  Boot type: Normal boot
09:30:30.0537 0x0a30  ============================================================
09:30:31.0863 0x0a30  KLMD registered as C:\Windows\system32\drivers\66517590.sys
09:30:32.0097 0x0a30  System UUID: {24C1C236-A5BC-3BAA-9C07-99CF1F28B0B1}
09:30:32.0908 0x0a30  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:30:32.0908 0x0a30  ============================================================
09:30:32.0908 0x0a30  \Device\Harddisk0\DR0:
09:30:32.0908 0x0a30  MBR partitions:
09:30:32.0908 0x0a30  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
09:30:32.0908 0x0a30  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC350000
09:30:32.0908 0x0a30  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xC382800, BlocksNum 0x2E002800
09:30:32.0908 0x0a30  ============================================================
09:30:32.0924 0x0a30  C: <-> \Device\Harddisk0\DR0\Partition2
09:30:32.0986 0x0a30  D: <-> \Device\Harddisk0\DR0\Partition3
09:30:32.0986 0x0a30  ============================================================
09:30:32.0986 0x0a30  Initialize success
09:30:32.0986 0x0a30  ============================================================
09:31:30.0504 0x0b24  KLMD registered as C:\Windows\system32\drivers\73078231.sys
09:31:31.0674 0x0b24  Deinitialize success

09:35:20.0529 0x08c0  TDSS rootkit removing tool 3.0.0.28 Apr  4 2014 12:43:10
09:35:22.0307 0x08c0  ============================================================
09:35:22.0307 0x08c0  Current date / time: 2014/04/07 09:35:22.0307
09:35:22.0307 0x08c0  SystemInfo:
09:35:22.0307 0x08c0
09:35:22.0307 0x08c0  OS Version: 6.1.7601 ServicePack: 1.0
09:35:22.0307 0x08c0  Product type: Workstation
09:35:22.0307 0x08c0  ComputerName: TRIBU-PC
09:35:22.0307 0x08c0  UserName: Tribu
09:35:22.0307 0x08c0  Windows directory: C:\Windows
09:35:22.0307 0x08c0  System windows directory: C:\Windows
09:35:22.0307 0x08c0  Running under WOW64
09:35:22.0307 0x08c0  Processor architecture: Intel x64
09:35:22.0307 0x08c0  Number of processors: 2
09:35:22.0307 0x08c0  Page size: 0x1000
09:35:22.0307 0x08c0  Boot type: Normal boot
09:35:22.0307 0x08c0  ============================================================
09:35:22.0307 0x08c0  BG loaded
09:35:22.0703 0x08c0  System UUID: {24C1C236-A5BC-3BAA-9C07-99CF1F28B0B1}
09:35:23.0773 0x08c0  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:35:23.0788 0x08c0  ============================================================
09:35:23.0788 0x08c0  \Device\Harddisk0\DR0:
09:35:23.0788 0x08c0  MBR partitions:
09:35:23.0788 0x08c0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
09:35:23.0788 0x08c0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC350000
09:35:23.0788 0x08c0  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xC382800, BlocksNum 0x2E002800
09:35:23.0788 0x08c0  ============================================================
09:35:23.0819 0x08c0  C: <-> \Device\Harddisk0\DR0\Partition2
09:35:23.0897 0x08c0  D: <-> \Device\Harddisk0\DR0\Partition3
09:35:23.0897 0x08c0  ============================================================
09:35:23.0897 0x08c0  Initialize success
09:35:23.0897 0x08c0  ============================================================
09:35:43.0070 0x0aa8  ============================================================
09:35:43.0070 0x0aa8  Scan started
09:35:43.0070 0x0aa8  Mode: Manual;
09:35:43.0070 0x0aa8  ============================================================
09:35:43.0070 0x0aa8  KSN ping started
09:35:46.0751 0x0aa8  KSN ping finished: true
09:35:48.0405 0x0aa8  ================ Scan system memory ========================
09:35:48.0405 0x0aa8  System memory - ok
09:35:48.0405 0x0aa8  ================ Scan services =============================
09:35:48.0608 0x0aa8  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
09:35:48.0608 0x0aa8  1394ohci - ok
09:35:48.0655 0x0aa8  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
09:35:48.0670 0x0aa8  ACPI - ok
09:35:48.0686 0x0aa8  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
09:35:48.0686 0x0aa8  AcpiPmi - ok
09:35:48.0733 0x0aa8  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
09:35:48.0748 0x0aa8  adp94xx - ok
09:35:48.0764 0x0aa8  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
09:35:48.0779 0x0aa8  adpahci - ok
09:35:48.0795 0x0aa8  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
09:35:48.0795 0x0aa8  adpu320 - ok
09:35:48.0842 0x0aa8  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
09:35:48.0842 0x0aa8  AeLookupSvc - ok
09:35:48.0889 0x0aa8  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
09:35:48.0904 0x0aa8  AFD - ok
09:35:48.0935 0x0aa8  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
09:35:48.0935 0x0aa8  agp440 - ok
09:35:48.0967 0x0aa8  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
09:35:48.0967 0x0aa8  ALG - ok
09:35:48.0998 0x0aa8  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
09:35:48.0998 0x0aa8  aliide - ok
09:35:49.0013 0x0aa8  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
09:35:49.0013 0x0aa8  amdide - ok
09:35:49.0029 0x0aa8  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
09:35:49.0029 0x0aa8  AmdK8 - ok
09:35:49.0060 0x0aa8  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
09:35:49.0060 0x0aa8  AmdPPM - ok
09:35:49.0123 0x0aa8  [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
09:35:49.0123 0x0aa8  amdsata - ok
09:35:49.0154 0x0aa8  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
09:35:49.0169 0x0aa8  amdsbs - ok
09:35:49.0169 0x0aa8  [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
09:35:49.0185 0x0aa8  amdxata - ok
09:35:49.0232 0x0aa8  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
09:35:49.0232 0x0aa8  AppID - ok
09:35:49.0263 0x0aa8  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
09:35:49.0263 0x0aa8  AppIDSvc - ok
09:35:49.0294 0x0aa8  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
09:35:49.0310 0x0aa8  Appinfo - ok
09:35:49.0341 0x0aa8  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
09:35:49.0341 0x0aa8  AppMgmt - ok
09:35:49.0388 0x0aa8  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
09:35:49.0403 0x0aa8  arc - ok
09:35:49.0419 0x0aa8  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
09:35:49.0435 0x0aa8  arcsas - ok
09:35:49.0450 0x0aa8  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
09:35:49.0450 0x0aa8  AsyncMac - ok
09:35:49.0466 0x0aa8  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
09:35:49.0481 0x0aa8  atapi - ok
09:35:49.0513 0x0aa8  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:35:49.0528 0x0aa8  AudioEndpointBuilder - ok
09:35:49.0559 0x0aa8  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
09:35:49.0575 0x0aa8  AudioSrv - ok
09:35:49.0606 0x0aa8  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
09:35:49.0606 0x0aa8  AxInstSV - ok
09:35:49.0669 0x0aa8  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
09:35:49.0669 0x0aa8  b06bdrv - ok
09:35:49.0715 0x0aa8  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
09:35:49.0715 0x0aa8  b57nd60a - ok
09:35:49.0747 0x0aa8  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
09:35:49.0747 0x0aa8  BDESVC - ok
09:35:49.0778 0x0aa8  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
09:35:49.0778 0x0aa8  Beep - ok
09:35:49.0825 0x0aa8  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
09:35:49.0871 0x0aa8  BFE - ok
09:35:49.0981 0x0aa8  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
09:35:49.0996 0x0aa8  BITS - ok
09:35:50.0027 0x0aa8  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
09:35:50.0043 0x0aa8  blbdrive - ok
09:35:50.0059 0x0aa8  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
09:35:50.0059 0x0aa8  bowser - ok
09:35:50.0090 0x0aa8  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:35:50.0090 0x0aa8  BrFiltLo - ok
09:35:50.0090 0x0aa8  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:35:50.0090 0x0aa8  BrFiltUp - ok
09:35:50.0137 0x0aa8  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
09:35:50.0137 0x0aa8  BridgeMP - ok
09:35:50.0183 0x0aa8  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
09:35:50.0183 0x0aa8  Browser - ok
09:35:50.0215 0x0aa8  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
09:35:50.0215 0x0aa8  Brserid - ok
09:35:50.0230 0x0aa8  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
09:35:50.0230 0x0aa8  BrSerWdm - ok
09:35:50.0230 0x0aa8  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
09:35:50.0230 0x0aa8  BrUsbMdm - ok
09:35:50.0230 0x0aa8  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
09:35:50.0246 0x0aa8  BrUsbSer - ok
09:35:50.0246 0x0aa8  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
09:35:50.0246 0x0aa8  BTHMODEM - ok
09:35:50.0277 0x0aa8  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
09:35:50.0293 0x0aa8  bthserv - ok
09:35:50.0308 0x0aa8  catchme - ok
09:35:50.0324 0x0aa8  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
09:35:50.0339 0x0aa8  cdfs - ok
09:35:50.0371 0x0aa8  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
09:35:50.0371 0x0aa8  cdrom - ok
09:35:50.0417 0x0aa8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
09:35:50.0417 0x0aa8  CertPropSvc - ok
09:35:50.0449 0x0aa8  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
09:35:50.0449 0x0aa8  circlass - ok
09:35:50.0480 0x0aa8  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
09:35:50.0495 0x0aa8  CLFS - ok
09:35:50.0605 0x0aa8  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:35:50.0605 0x0aa8  clr_optimization_v2.0.50727_32 - ok
09:35:50.0651 0x0aa8  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:35:50.0651 0x0aa8  clr_optimization_v2.0.50727_64 - ok
09:35:50.0698 0x0aa8  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
09:35:50.0698 0x0aa8  CmBatt - ok
09:35:50.0714 0x0aa8  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
09:35:50.0714 0x0aa8  cmdide - ok
09:35:50.0761 0x0aa8  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
09:35:50.0776 0x0aa8  CNG - ok
09:35:50.0792 0x0aa8  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
09:35:50.0807 0x0aa8  Compbatt - ok
09:35:50.0823 0x0aa8  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
09:35:50.0823 0x0aa8  CompositeBus - ok
09:35:50.0839 0x0aa8  COMSysApp - ok
09:35:50.0854 0x0aa8  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
09:35:50.0870 0x0aa8  crcdisk - ok
09:35:50.0901 0x0aa8  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
09:35:50.0917 0x0aa8  CryptSvc - ok
09:35:50.0963 0x0aa8  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
09:35:50.0963 0x0aa8  CSC - ok
09:35:51.0026 0x0aa8  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
09:35:51.0041 0x0aa8  CscService - ok
09:35:51.0088 0x0aa8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
09:35:51.0088 0x0aa8  DcomLaunch - ok
09:35:51.0135 0x0aa8  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
09:35:51.0135 0x0aa8  defragsvc - ok
09:35:51.0166 0x0aa8  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
09:35:51.0166 0x0aa8  DfsC - ok
09:35:51.0229 0x0aa8  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
09:35:51.0229 0x0aa8  Dhcp - ok
09:35:51.0244 0x0aa8  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
09:35:51.0244 0x0aa8  discache - ok
09:35:51.0275 0x0aa8  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
09:35:51.0275 0x0aa8  Disk - ok
09:35:51.0322 0x0aa8  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
09:35:51.0322 0x0aa8  Dnscache - ok
09:35:51.0369 0x0aa8  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
09:35:51.0369 0x0aa8  dot3svc - ok
09:35:51.0400 0x0aa8  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
09:35:51.0400 0x0aa8  DPS - ok
09:35:51.0431 0x0aa8  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
09:35:51.0447 0x0aa8  drmkaud - ok
09:35:51.0509 0x0aa8  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
09:35:51.0525 0x0aa8  DXGKrnl - ok
09:35:51.0556 0x0aa8  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
09:35:51.0572 0x0aa8  EapHost - ok
09:35:51.0697 0x0aa8  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
09:35:51.0775 0x0aa8  ebdrv - ok
09:35:51.0806 0x0aa8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
09:35:51.0821 0x0aa8  EFS - ok
09:35:51.0853 0x0aa8  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
09:35:51.0868 0x0aa8  elxstor - ok
09:35:51.0899 0x0aa8  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
09:35:51.0899 0x0aa8  ErrDev - ok
09:35:51.0931 0x0aa8  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
09:35:51.0946 0x0aa8  EventSystem - ok
09:35:51.0962 0x0aa8  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
09:35:51.0977 0x0aa8  exfat - ok
09:35:51.0977 0x0aa8  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
09:35:51.0993 0x0aa8  fastfat - ok
09:35:51.0993 0x0aa8  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
09:35:51.0993 0x0aa8  fdc - ok
09:35:52.0009 0x0aa8  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
09:35:52.0009 0x0aa8  fdPHost - ok
09:35:52.0040 0x0aa8  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
09:35:52.0040 0x0aa8  FDResPub - ok
09:35:52.0055 0x0aa8  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
09:35:52.0055 0x0aa8  FileInfo - ok
09:35:52.0055 0x0aa8  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
09:35:52.0055 0x0aa8  Filetrace - ok
09:35:52.0071 0x0aa8  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
09:35:52.0071 0x0aa8  flpydisk - ok
09:35:52.0102 0x0aa8  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
09:35:52.0118 0x0aa8  FltMgr - ok
09:35:52.0180 0x0aa8  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
09:35:52.0211 0x0aa8  FontCache - ok
09:35:52.0274 0x0aa8  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:35:52.0274 0x0aa8  FontCache3.0.0.0 - ok
09:35:52.0305 0x0aa8  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
09:35:52.0305 0x0aa8  FsDepends - ok
09:35:52.0321 0x0aa8  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
09:35:52.0321 0x0aa8  Fs_Rec - ok
09:35:52.0367 0x0aa8  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
09:35:52.0367 0x0aa8  fvevol - ok
09:35:52.0383 0x0aa8  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
09:35:52.0383 0x0aa8  gagp30kx - ok
09:35:52.0414 0x0aa8  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
09:35:52.0430 0x0aa8  gpsvc - ok
09:35:52.0445 0x0aa8  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
09:35:52.0461 0x0aa8  hcw85cir - ok
09:35:52.0508 0x0aa8  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:35:52.0508 0x0aa8  HdAudAddService - ok
09:35:52.0539 0x0aa8  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
09:35:52.0539 0x0aa8  HDAudBus - ok
09:35:52.0570 0x0aa8  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
09:35:52.0570 0x0aa8  HidBatt - ok
09:35:52.0570 0x0aa8  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
09:35:52.0586 0x0aa8  HidBth - ok
09:35:52.0586 0x0aa8  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
09:35:52.0586 0x0aa8  HidIr - ok
09:35:52.0617 0x0aa8  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
09:35:52.0617 0x0aa8  hidserv - ok
09:35:52.0648 0x0aa8  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
09:35:52.0664 0x0aa8  HidUsb - ok
09:35:52.0679 0x0aa8  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
09:35:52.0679 0x0aa8  hkmsvc - ok
09:35:52.0695 0x0aa8  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:35:52.0711 0x0aa8  HomeGroupListener - ok
09:35:52.0742 0x0aa8  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:35:52.0742 0x0aa8  HomeGroupProvider - ok
09:35:52.0757 0x0aa8  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
09:35:52.0757 0x0aa8  HpSAMD - ok
09:35:52.0804 0x0aa8  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
09:35:52.0820 0x0aa8  HTTP - ok
09:35:52.0851 0x0aa8  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
09:35:52.0851 0x0aa8  hwpolicy - ok
09:35:52.0867 0x0aa8  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
09:35:52.0867 0x0aa8  i8042prt - ok
09:35:52.0913 0x0aa8  [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
09:35:52.0913 0x0aa8  iaStorV - ok
09:35:52.0976 0x0aa8  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:35:52.0991 0x0aa8  idsvc - ok
09:35:53.0007 0x0aa8  IEEtwCollectorService - ok
09:35:53.0038 0x0aa8  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
09:35:53.0038 0x0aa8  iirsp - ok
09:35:53.0085 0x0aa8  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
09:35:53.0132 0x0aa8  IKEEXT - ok
09:35:53.0163 0x0aa8  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
09:35:53.0163 0x0aa8  intelide - ok
09:35:53.0194 0x0aa8  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
09:35:53.0194 0x0aa8  intelppm - ok
09:35:53.0225 0x0aa8  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
09:35:53.0225 0x0aa8  IPBusEnum - ok
09:35:53.0241 0x0aa8  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:35:53.0241 0x0aa8  IpFilterDriver - ok
09:35:53.0272 0x0aa8  [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
09:35:53.0288 0x0aa8  iphlpsvc - ok
09:35:53.0319 0x0aa8  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
09:35:53.0319 0x0aa8  IPMIDRV - ok
09:35:53.0350 0x0aa8  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
09:35:53.0350 0x0aa8  IPNAT - ok
09:35:53.0366 0x0aa8  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
09:35:53.0366 0x0aa8  IRENUM - ok
09:35:53.0381 0x0aa8  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
09:35:53.0381 0x0aa8  isapnp - ok
09:35:53.0413 0x0aa8  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
09:35:53.0413 0x0aa8  iScsiPrt - ok
09:35:53.0444 0x0aa8  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
09:35:53.0444 0x0aa8  kbdclass - ok
09:35:53.0459 0x0aa8  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
09:35:53.0459 0x0aa8  kbdhid - ok
09:35:53.0475 0x0aa8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
09:35:53.0475 0x0aa8  KeyIso - ok
09:35:53.0506 0x0aa8  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
09:35:53.0506 0x0aa8  KSecDD - ok
09:35:53.0522 0x0aa8  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
09:35:53.0522 0x0aa8  KSecPkg - ok
09:35:53.0537 0x0aa8  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
09:35:53.0553 0x0aa8  ksthunk - ok
09:35:53.0584 0x0aa8  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
09:35:53.0600 0x0aa8  KtmRm - ok
09:35:53.0631 0x0aa8  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
09:35:53.0647 0x0aa8  LanmanServer - ok
09:35:53.0662 0x0aa8  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:35:53.0662 0x0aa8  LanmanWorkstation - ok
09:35:53.0709 0x0aa8  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
09:35:53.0709 0x0aa8  lltdio - ok
09:35:53.0725 0x0aa8  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
09:35:53.0740 0x0aa8  lltdsvc - ok
09:35:53.0756 0x0aa8  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
09:35:53.0756 0x0aa8  lmhosts - ok
09:35:53.0771 0x0aa8  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
09:35:53.0771 0x0aa8  LSI_FC - ok
09:35:53.0787 0x0aa8  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
09:35:53.0787 0x0aa8  LSI_SAS - ok
09:35:53.0803 0x0aa8  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:35:53.0803 0x0aa8  LSI_SAS2 - ok
09:35:53.0803 0x0aa8  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:35:53.0803 0x0aa8  LSI_SCSI - ok
09:35:53.0818 0x0aa8  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
09:35:53.0818 0x0aa8  luafv - ok
09:35:53.0865 0x0aa8  [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
09:35:53.0865 0x0aa8  MBAMProtector - ok
09:35:53.0927 0x0aa8  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
09:35:53.0990 0x0aa8  MBAMScheduler - ok
09:35:54.0021 0x0aa8  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
09:35:54.0037 0x0aa8  MBAMService - ok
09:35:54.0052 0x0aa8  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
09:35:54.0052 0x0aa8  megasas - ok
09:35:54.0068 0x0aa8  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
09:35:54.0083 0x0aa8  MegaSR - ok
09:35:54.0115 0x0aa8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
09:35:54.0115 0x0aa8  MMCSS - ok
09:35:54.0130 0x0aa8  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
09:35:54.0130 0x0aa8  Modem - ok
09:35:54.0161 0x0aa8  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
09:35:54.0177 0x0aa8  monitor - ok
09:35:54.0208 0x0aa8  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
09:35:54.0208 0x0aa8  mouclass - ok
09:35:54.0224 0x0aa8  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
09:35:54.0224 0x0aa8  mouhid - ok
09:35:54.0255 0x0aa8  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
09:35:54.0255 0x0aa8  mountmgr - ok
09:35:54.0302 0x0aa8  [ 9EB89625A82AC961F25E7C865947BF9A, 91DB9530CDE883DC60BE621AC4210ACD069631D9466E37411D9D6AEE587098D9 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
09:35:54.0302 0x0aa8  MpFilter - ok
09:35:54.0317 0x0aa8  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
09:35:54.0333 0x0aa8  mpio - ok
09:35:54.0364 0x0aa8  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
09:35:54.0364 0x0aa8  mpsdrv - ok
09:35:54.0411 0x0aa8  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
09:35:54.0427 0x0aa8  MpsSvc - ok
09:35:54.0458 0x0aa8  [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
09:35:54.0458 0x0aa8  MRxDAV - ok
09:35:54.0489 0x0aa8  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
09:35:54.0489 0x0aa8  mrxsmb - ok
09:35:54.0505 0x0aa8  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:35:54.0505 0x0aa8  mrxsmb10 - ok
09:35:54.0520 0x0aa8  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:35:54.0520 0x0aa8  mrxsmb20 - ok
09:35:54.0536 0x0aa8  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
09:35:54.0536 0x0aa8  msahci - ok
09:35:54.0551 0x0aa8  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
09:35:54.0567 0x0aa8  msdsm - ok
09:35:54.0583 0x0aa8  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
09:35:54.0583 0x0aa8  MSDTC - ok
09:35:54.0614 0x0aa8  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
09:35:54.0614 0x0aa8  Msfs - ok
09:35:54.0629 0x0aa8  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
09:35:54.0629 0x0aa8  mshidkmdf - ok
09:35:54.0645 0x0aa8  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
09:35:54.0645 0x0aa8  msisadrv - ok
09:35:54.0692 0x0aa8  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
09:35:54.0692 0x0aa8  MSiSCSI - ok
09:35:54.0692 0x0aa8  msiserver - ok
09:35:54.0723 0x0aa8  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
09:35:54.0723 0x0aa8  MSKSSRV - ok
09:35:54.0801 0x0aa8  [ 89F2AEDC2788696702141AB82C3E7866, E166CBD8D3C708737C37172221945D8E56C25C2CC750889C3CE14AA2DE750F33 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
09:35:54.0801 0x0aa8  MsMpSvc - ok
09:35:54.0801 0x0aa8  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
09:35:54.0801 0x0aa8  MSPCLOCK - ok
09:35:54.0801 0x0aa8  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
09:35:54.0817 0x0aa8  MSPQM - ok
09:35:54.0832 0x0aa8  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
09:35:54.0848 0x0aa8  MsRPC - ok
09:35:54.0863 0x0aa8  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
09:35:54.0863 0x0aa8  mssmbios - ok
09:35:54.0895 0x0aa8  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
09:35:54.0895 0x0aa8  MSTEE - ok
09:35:54.0910 0x0aa8  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
09:35:54.0910 0x0aa8  MTConfig - ok
09:35:54.0926 0x0aa8  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
09:35:54.0926 0x0aa8  Mup - ok
09:35:54.0957 0x0aa8  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
09:35:54.0957 0x0aa8  napagent - ok
09:35:54.0988 0x0aa8  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
09:35:55.0004 0x0aa8  NativeWifiP - ok
09:35:55.0051 0x0aa8  [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS            C:\Windows\system32\drivers\ndis.sys
09:35:55.0082 0x0aa8  NDIS - ok
09:35:55.0097 0x0aa8  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
09:35:55.0113 0x0aa8  NdisCap - ok
09:35:55.0129 0x0aa8  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
09:35:55.0129 0x0aa8  NdisTapi - ok
09:35:55.0160 0x0aa8  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
09:35:55.0160 0x0aa8  Ndisuio - ok
09:35:55.0191 0x0aa8  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
09:35:55.0191 0x0aa8  NdisWan - ok
09:35:55.0207 0x0aa8  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
09:35:55.0207 0x0aa8  NDProxy - ok
09:35:55.0222 0x0aa8  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
09:35:55.0222 0x0aa8  NetBIOS - ok
09:35:55.0253 0x0aa8  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
09:35:55.0253 0x0aa8  NetBT - ok
09:35:55.0269 0x0aa8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
09:35:55.0269 0x0aa8  Netlogon - ok
09:35:55.0300 0x0aa8  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
09:35:55.0316 0x0aa8  Netman - ok
09:35:55.0331 0x0aa8  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
09:35:55.0331 0x0aa8  netprofm - ok
09:35:55.0363 0x0aa8  [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:35:55.0363 0x0aa8  NetTcpPortSharing - ok
09:35:55.0378 0x0aa8  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
09:35:55.0378 0x0aa8  nfrd960 - ok
09:35:55.0409 0x0aa8  [ C3E0696C3B42F694C5822776AA6FFFDF, 80C3DEC2C48500F96C9E677450EFC1ADA9FE9FBB70F4CC2D7D9244B1A515418B ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
09:35:55.0409 0x0aa8  NisDrv - ok
09:35:55.0441 0x0aa8  [ DCEE3592299B2229A0DB98CB415059A2, 709AAA095DF44DDCB6159CE1635AB05EC666D845445790E569F56B297DC64AC3 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
09:35:55.0441 0x0aa8  NisSrv - ok
09:35:55.0472 0x0aa8  [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] NlaSvc          C:\Windows\System32\nlasvc.dll
09:35:55.0472 0x0aa8  NlaSvc - ok
09:35:55.0487 0x0aa8  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
09:35:55.0487 0x0aa8  Npfs - ok
09:35:55.0519 0x0aa8  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
09:35:55.0519 0x0aa8  nsi - ok
09:35:55.0534 0x0aa8  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
09:35:55.0534 0x0aa8  nsiproxy - ok
09:35:55.0612 0x0aa8  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
09:35:55.0643 0x0aa8  Ntfs - ok
09:35:55.0659 0x0aa8  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
09:35:55.0659 0x0aa8  Null - ok
09:35:56.0049 0x0aa8  [ 8E6247F418B4C8AE9EEB0B532CABCC21, 42AD2588CBC8C9478F289955AB1391C65788D0564CCA7E0F9A41B8498A8BA117 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:35:56.0299 0x0aa8  nvlddmkm - ok
09:35:56.0345 0x0aa8  [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
09:35:56.0345 0x0aa8  nvraid - ok
09:35:56.0377 0x0aa8  [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
09:35:56.0377 0x0aa8  nvstor - ok
09:35:56.0423 0x0aa8  [ 41B97DCE2B2D113B831EB197F02A7398, 3168C646327E5C72741A326C12AD46A73234DA6A67DC21F66FF1D195A971FBFE ] nvsvc           C:\Windows\system32\nvvsvc.exe
09:35:56.0455 0x0aa8  nvsvc - ok
09:35:56.0470 0x0aa8  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
09:35:56.0470 0x0aa8  nv_agp - ok
09:35:56.0501 0x0aa8  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
09:35:56.0501 0x0aa8  ohci1394 - ok
09:35:56.0533 0x0aa8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
09:35:56.0548 0x0aa8  p2pimsvc - ok
09:35:56.0564 0x0aa8  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
09:35:56.0579 0x0aa8  p2psvc - ok
09:35:56.0611 0x0aa8  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
09:35:56.0611 0x0aa8  Parport - ok
09:35:56.0626 0x0aa8  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
09:35:56.0642 0x0aa8  partmgr - ok
09:35:56.0673 0x0aa8  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
09:35:56.0673 0x0aa8  PcaSvc - ok
09:35:56.0689 0x0aa8  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
09:35:56.0689 0x0aa8  pci - ok
09:35:56.0720 0x0aa8  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
09:35:56.0720 0x0aa8  pciide - ok
09:35:56.0735 0x0aa8  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
09:35:56.0751 0x0aa8  pcmcia - ok
09:35:56.0767 0x0aa8  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
09:35:56.0767 0x0aa8  pcw - ok
09:35:56.0798 0x0aa8  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
09:35:56.0798 0x0aa8  PEAUTH - ok
09:35:56.0860 0x0aa8  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
09:35:56.0891 0x0aa8  PeerDistSvc - ok
09:35:56.0954 0x0aa8  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
09:35:56.0954 0x0aa8  PerfHost - ok
09:35:57.0032 0x0aa8  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
09:35:57.0063 0x0aa8  pla - ok
09:35:57.0094 0x0aa8  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
09:35:57.0110 0x0aa8  PlugPlay - ok
09:35:57.0141 0x0aa8  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
09:35:57.0141 0x0aa8  PNRPAutoReg - ok
09:35:57.0157 0x0aa8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
09:35:57.0157 0x0aa8  PNRPsvc - ok
09:35:57.0203 0x0aa8  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
09:35:57.0219 0x0aa8  PolicyAgent - ok
09:35:57.0250 0x0aa8  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
09:35:57.0250 0x0aa8  Power - ok
09:35:57.0281 0x0aa8  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
09:35:57.0281 0x0aa8  PptpMiniport - ok
09:35:57.0297 0x0aa8  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
09:35:57.0297 0x0aa8  Processor - ok
09:35:57.0328 0x0aa8  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
09:35:57.0328 0x0aa8  ProfSvc - ok
09:35:57.0359 0x0aa8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
09:35:57.0359 0x0aa8  ProtectedStorage - ok
09:35:57.0375 0x0aa8  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
09:35:57.0391 0x0aa8  Psched - ok
09:35:57.0437 0x0aa8  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
09:35:57.0484 0x0aa8  ql2300 - ok
09:35:57.0500 0x0aa8  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
09:35:57.0500 0x0aa8  ql40xx - ok
09:35:57.0515 0x0aa8  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
09:35:57.0531 0x0aa8  QWAVE - ok
09:35:57.0562 0x0aa8  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
09:35:57.0562 0x0aa8  QWAVEdrv - ok
09:35:57.0562 0x0aa8  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
09:35:57.0578 0x0aa8  RasAcd - ok
09:35:57.0593 0x0aa8  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
09:35:57.0593 0x0aa8  RasAgileVpn - ok
09:35:57.0609 0x0aa8  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
09:35:57.0609 0x0aa8  RasAuto - ok
09:35:57.0640 0x0aa8  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
09:35:57.0640 0x0aa8  Rasl2tp - ok
09:35:57.0687 0x0aa8  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
09:35:57.0687 0x0aa8  RasMan - ok
09:35:57.0718 0x0aa8  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
09:35:57.0718 0x0aa8  RasPppoe - ok
09:35:57.0734 0x0aa8  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
09:35:57.0734 0x0aa8  RasSstp - ok
09:35:57.0765 0x0aa8  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
09:35:57.0781 0x0aa8  rdbss - ok
09:35:57.0781 0x0aa8  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
09:35:57.0781 0x0aa8  rdpbus - ok
09:35:57.0796 0x0aa8  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
09:35:57.0796 0x0aa8  RDPCDD - ok
09:35:57.0812 0x0aa8  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
09:35:57.0827 0x0aa8  RDPDR - ok
09:35:57.0859 0x0aa8  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
09:35:57.0859 0x0aa8  RDPENCDD - ok
09:35:57.0859 0x0aa8  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
09:35:57.0859 0x0aa8  RDPREFMP - ok
09:35:57.0905 0x0aa8  [ 70CBA1A0C98600A2AA1863479B35CB90, 91A133297921B4955817176251AFC5283DA3C7D2099700C4C92ECC94DBE9A99E ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
09:35:57.0905 0x0aa8  RdpVideoMiniport - ok
09:35:57.0921 0x0aa8  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
09:35:57.0921 0x0aa8  RDPWD - ok
09:35:57.0952 0x0aa8  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
09:35:57.0968 0x0aa8  rdyboost - ok
09:35:57.0983 0x0aa8  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
09:35:57.0983 0x0aa8  RemoteAccess - ok
09:35:58.0015 0x0aa8  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
09:35:58.0015 0x0aa8  RemoteRegistry - ok
09:35:58.0046 0x0aa8  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
09:35:58.0046 0x0aa8  RpcEptMapper - ok
09:35:58.0061 0x0aa8  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
09:35:58.0061 0x0aa8  RpcLocator - ok
09:35:58.0077 0x0aa8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\System32\rpcss.dll
09:35:58.0093 0x0aa8  RpcSs - ok
09:35:58.0108 0x0aa8  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
09:35:58.0124 0x0aa8  rspndr - ok
09:35:58.0155 0x0aa8  [ ABCB5A38A0D85BDF69B7877E1AD1EED5, 44DF1A92E8FA53677A04C46088B0AD49F1F6A090820BE550A514C4FBFD91444D ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
09:35:58.0155 0x0aa8  RTL8167 - ok
09:35:58.0186 0x0aa8  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
09:35:58.0186 0x0aa8  s3cap - ok
09:35:58.0202 0x0aa8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
09:35:58.0202 0x0aa8  SamSs - ok
09:35:58.0217 0x0aa8  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
09:35:58.0217 0x0aa8  sbp2port - ok
09:35:58.0249 0x0aa8  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
09:35:58.0249 0x0aa8  SCardSvr - ok
09:35:58.0280 0x0aa8  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
09:35:58.0280 0x0aa8  scfilter - ok
09:35:58.0327 0x0aa8  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
09:35:58.0358 0x0aa8  Schedule - ok
09:35:58.0373 0x0aa8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
09:35:58.0373 0x0aa8  SCPolicySvc - ok
09:35:58.0405 0x0aa8  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
09:35:58.0405 0x0aa8  SDRSVC - ok
09:35:58.0420 0x0aa8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
09:35:58.0436 0x0aa8  secdrv - ok
09:35:58.0436 0x0aa8  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
09:35:58.0451 0x0aa8  seclogon - ok
09:35:58.0467 0x0aa8  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
09:35:58.0467 0x0aa8  SENS - ok
09:35:58.0483 0x0aa8  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
09:35:58.0483 0x0aa8  SensrSvc - ok
09:35:58.0498 0x0aa8  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
09:35:58.0514 0x0aa8  Serenum - ok
09:35:58.0529 0x0aa8  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
09:35:58.0529 0x0aa8  Serial - ok
09:35:58.0545 0x0aa8  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
09:35:58.0545 0x0aa8  sermouse - ok
09:35:58.0576 0x0aa8  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
09:35:58.0576 0x0aa8  SessionEnv - ok
09:35:58.0592 0x0aa8  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
09:35:58.0592 0x0aa8  sffdisk - ok
09:35:58.0607 0x0aa8  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
09:35:58.0607 0x0aa8  sffp_mmc - ok
09:35:58.0623 0x0aa8  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
09:35:58.0623 0x0aa8  sffp_sd - ok
09:35:58.0639 0x0aa8  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
09:35:58.0639 0x0aa8  sfloppy - ok
09:35:58.0685 0x0aa8  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
09:35:58.0685 0x0aa8  SharedAccess - ok
09:35:58.0717 0x0aa8  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:35:58.0717 0x0aa8  ShellHWDetection - ok
09:35:58.0732 0x0aa8  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:35:58.0732 0x0aa8  SiSRaid2 - ok
09:35:58.0748 0x0aa8  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
09:35:58.0748 0x0aa8  SiSRaid4 - ok
09:35:58.0748 0x0aa8  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
09:35:58.0763 0x0aa8  Smb - ok
09:35:58.0795 0x0aa8  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
09:35:58.0795 0x0aa8  SNMPTRAP - ok
09:35:58.0810 0x0aa8  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
09:35:58.0810 0x0aa8  spldr - ok
09:35:58.0841 0x0aa8  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler         C:\Windows\System32\spoolsv.exe
09:35:58.0857 0x0aa8  Spooler - ok
09:35:58.0966 0x0aa8  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
09:35:59.0029 0x0aa8  sppsvc - ok
09:35:59.0060 0x0aa8  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
09:35:59.0060 0x0aa8  sppuinotify - ok
09:35:59.0091 0x0aa8  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
09:35:59.0107 0x0aa8  srv - ok
09:35:59.0122 0x0aa8  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
09:35:59.0138 0x0aa8  srv2 - ok
09:35:59.0153 0x0aa8  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
09:35:59.0153 0x0aa8  srvnet - ok
09:35:59.0185 0x0aa8  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
09:35:59.0185 0x0aa8  SSDPSRV - ok
09:35:59.0200 0x0aa8  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
09:35:59.0200 0x0aa8  SstpSvc - ok
09:35:59.0216 0x0aa8  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
09:35:59.0216 0x0aa8  stexstor - ok
09:35:59.0263 0x0aa8  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
09:35:59.0278 0x0aa8  stisvc - ok
09:35:59.0309 0x0aa8  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
09:35:59.0325 0x0aa8  storflt - ok
09:35:59.0341 0x0aa8  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
09:35:59.0341 0x0aa8  storvsc - ok
09:35:59.0356 0x0aa8  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
09:35:59.0356 0x0aa8  swenum - ok
09:35:59.0387 0x0aa8  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
09:35:59.0403 0x0aa8  swprv - ok
09:35:59.0419 0x0aa8  Synth3dVsc - ok
09:35:59.0481 0x0aa8  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
09:35:59.0512 0x0aa8  SysMain - ok
09:35:59.0543 0x0aa8  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:35:59.0559 0x0aa8  TabletInputService - ok
09:35:59.0575 0x0aa8  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
09:35:59.0590 0x0aa8  TapiSrv - ok
09:35:59.0606 0x0aa8  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
09:35:59.0606 0x0aa8  TBS - ok
09:35:59.0668 0x0aa8  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
09:35:59.0731 0x0aa8  Tcpip - ok
09:35:59.0793 0x0aa8  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
09:35:59.0824 0x0aa8  TCPIP6 - ok
09:35:59.0855 0x0aa8  [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
09:35:59.0855 0x0aa8  tcpipreg - ok
09:35:59.0887 0x0aa8  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
09:35:59.0887 0x0aa8  TDPIPE - ok
09:35:59.0902 0x0aa8  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
09:35:59.0902 0x0aa8  TDTCP - ok
09:35:59.0933 0x0aa8  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
09:35:59.0933 0x0aa8  tdx - ok
09:35:59.0965 0x0aa8  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
09:35:59.0965 0x0aa8  TermDD - ok
09:35:59.0996 0x0aa8  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
09:36:00.0011 0x0aa8  TermService - ok
09:36:00.0043 0x0aa8  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
09:36:00.0043 0x0aa8  Themes - ok
09:36:00.0043 0x0aa8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
09:36:00.0043 0x0aa8  THREADORDER - ok
09:36:00.0074 0x0aa8  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
09:36:00.0074 0x0aa8  TrkWks - ok
09:36:00.0121 0x0aa8  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:36:00.0121 0x0aa8  TrustedInstaller - ok
09:36:00.0152 0x0aa8  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
09:36:00.0183 0x0aa8  tssecsrv - ok
09:36:00.0199 0x0aa8  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
09:36:00.0199 0x0aa8  TsUsbFlt - ok
09:36:00.0199 0x0aa8  tsusbhub - ok
09:36:00.0230 0x0aa8  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
09:36:00.0230 0x0aa8  tunnel - ok
09:36:00.0245 0x0aa8  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
09:36:00.0261 0x0aa8  uagp35 - ok
09:36:00.0277 0x0aa8  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
09:36:00.0292 0x0aa8  udfs - ok
09:36:00.0323 0x0aa8  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
09:36:00.0323 0x0aa8  UI0Detect - ok
09:36:00.0339 0x0aa8  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
09:36:00.0339 0x0aa8  uliagpkx - ok
09:36:00.0355 0x0aa8  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
09:36:00.0355 0x0aa8  umbus - ok
09:36:00.0355 0x0aa8  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
09:36:00.0370 0x0aa8  UmPass - ok
09:36:00.0386 0x0aa8  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
09:36:00.0401 0x0aa8  UmRdpService - ok
09:36:00.0417 0x0aa8  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
09:36:00.0433 0x0aa8  upnphost - ok
09:36:00.0448 0x0aa8  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
09:36:00.0464 0x0aa8  usbccgp - ok
09:36:00.0495 0x0aa8  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
09:36:00.0495 0x0aa8  usbcir - ok
09:36:00.0526 0x0aa8  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
09:36:00.0526 0x0aa8  usbehci - ok
09:36:00.0573 0x0aa8  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
09:36:00.0589 0x0aa8  usbhub - ok
09:36:00.0604 0x0aa8  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
09:36:00.0620 0x0aa8  usbohci - ok
09:36:00.0635 0x0aa8  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
09:36:00.0635 0x0aa8  usbprint - ok
09:36:00.0667 0x0aa8  [ D76510CFA0FC09023077F22C2F979D86, 5662281C6D515423255D3C262EA368DBAFC250235E535FBFA3E59D3487695439 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:36:00.0667 0x0aa8  USBSTOR - ok
09:36:00.0698 0x0aa8  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
09:36:00.0698 0x0aa8  usbuhci - ok
09:36:00.0729 0x0aa8  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
09:36:00.0729 0x0aa8  UxSms - ok
09:36:00.0729 0x0aa8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
09:36:00.0745 0x0aa8  VaultSvc - ok
09:36:00.0745 0x0aa8  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
09:36:00.0745 0x0aa8  vdrvroot - ok
09:36:00.0791 0x0aa8  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
09:36:00.0807 0x0aa8  vds - ok
09:36:00.0838 0x0aa8  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
09:36:00.0838 0x0aa8  vga - ok
09:36:00.0854 0x0aa8  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
09:36:00.0854 0x0aa8  VgaSave - ok
09:36:00.0869 0x0aa8  VGPU - ok
09:36:00.0901 0x0aa8  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
09:36:00.0901 0x0aa8  vhdmp - ok
09:36:00.0932 0x0aa8  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
09:36:00.0932 0x0aa8  viaide - ok
09:36:00.0947 0x0aa8  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
09:36:00.0963 0x0aa8  vmbus - ok
09:36:00.0979 0x0aa8  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
09:36:00.0979 0x0aa8  VMBusHID - ok
09:36:00.0994 0x0aa8  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
09:36:01.0010 0x0aa8  volmgr - ok
09:36:01.0025 0x0aa8  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
09:36:01.0041 0x0aa8  volmgrx - ok
09:36:01.0072 0x0aa8  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
09:36:01.0072 0x0aa8  volsnap - ok
09:36:01.0103 0x0aa8  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
09:36:01.0103 0x0aa8  vsmraid - ok
09:36:01.0166 0x0aa8  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
09:36:01.0213 0x0aa8  VSS - ok
09:36:01.0228 0x0aa8  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
09:36:01.0228 0x0aa8  vwifibus - ok
09:36:01.0259 0x0aa8  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
09:36:01.0275 0x0aa8  W32Time - ok
09:36:01.0275 0x0aa8  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
09:36:01.0275 0x0aa8  WacomPen - ok
09:36:01.0322 0x0aa8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
09:36:01.0322 0x0aa8  WANARP - ok
09:36:01.0322 0x0aa8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
09:36:01.0322 0x0aa8  Wanarpv6 - ok
09:36:01.0400 0x0aa8  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
09:36:01.0447 0x0aa8  WatAdminSvc - ok
09:36:01.0509 0x0aa8  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
09:36:01.0556 0x0aa8  wbengine - ok
09:36:01.0587 0x0aa8  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
09:36:01.0587 0x0aa8  WbioSrvc - ok
09:36:01.0634 0x0aa8  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
09:36:01.0634 0x0aa8  wcncsvc - ok
09:36:01.0649 0x0aa8  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:36:01.0649 0x0aa8  WcsPlugInService - ok
09:36:01.0681 0x0aa8  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
09:36:01.0681 0x0aa8  Wd - ok
09:36:01.0727 0x0aa8  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
09:36:01.0743 0x0aa8  Wdf01000 - ok
09:36:01.0759 0x0aa8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
09:36:01.0774 0x0aa8  WdiServiceHost - ok
09:36:01.0774 0x0aa8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
09:36:01.0774 0x0aa8  WdiSystemHost - ok
09:36:01.0805 0x0aa8  [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient       C:\Windows\System32\webclnt.dll
09:36:01.0805 0x0aa8  WebClient - ok
09:36:01.0837 0x0aa8  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
09:36:01.0852 0x0aa8  Wecsvc - ok
09:36:01.0852 0x0aa8  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
09:36:01.0868 0x0aa8  wercplsupport - ok
09:36:01.0883 0x0aa8  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
09:36:01.0883 0x0aa8  WerSvc - ok
09:36:01.0915 0x0aa8  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
09:36:01.0915 0x0aa8  WfpLwf - ok
09:36:01.0915 0x0aa8  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
09:36:01.0930 0x0aa8  WIMMount - ok
09:36:01.0961 0x0aa8  WinDefend - ok
09:36:01.0977 0x0aa8  WinHttpAutoProxySvc - ok
09:36:02.0024 0x0aa8  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
09:36:02.0039 0x0aa8  Winmgmt - ok
09:36:02.0102 0x0aa8  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
09:36:02.0164 0x0aa8  WinRM - ok
09:36:02.0211 0x0aa8  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
09:36:02.0242 0x0aa8  Wlansvc - ok
09:36:02.0258 0x0aa8  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
09:36:02.0258 0x0aa8  WmiAcpi - ok
09:36:02.0289 0x0aa8  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
09:36:02.0305 0x0aa8  wmiApSrv - ok
09:36:02.0336 0x0aa8  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
09:36:02.0336 0x0aa8  WPCSvc - ok
09:36:02.0367 0x0aa8  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
09:36:02.0367 0x0aa8  WPDBusEnum - ok
09:36:02.0383 0x0aa8  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
09:36:02.0383 0x0aa8  ws2ifsl - ok
09:36:02.0398 0x0aa8  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
09:36:02.0398 0x0aa8  wscsvc - ok
09:36:02.0398 0x0aa8  WSearch - ok
09:36:02.0492 0x0aa8  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
09:36:02.0539 0x0aa8  wuauserv - ok
09:36:02.0570 0x0aa8  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
09:36:02.0570 0x0aa8  WudfPf - ok
09:36:02.0585 0x0aa8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
09:36:02.0601 0x0aa8  WUDFRd - ok
09:36:02.0632 0x0aa8  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
09:36:02.0632 0x0aa8  wudfsvc - ok
09:36:02.0663 0x0aa8  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
09:36:02.0663 0x0aa8  WwanSvc - ok
09:36:02.0679 0x0aa8  ================ Scan global ===============================
09:36:02.0710 0x0aa8  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
09:36:02.0726 0x0aa8  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
09:36:02.0773 0x0aa8  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
09:36:02.0788 0x0aa8  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
09:36:02.0819 0x0aa8  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
09:36:02.0819 0x0aa8  [ Global ] - ok
09:36:02.0819 0x0aa8  ================ Scan MBR ==================================
09:36:02.0835 0x0aa8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:36:03.0319 0x0aa8  \Device\Harddisk0\DR0 - ok
09:36:03.0319 0x0aa8  ================ Scan VBR ==================================
09:36:03.0319 0x0aa8  [ 1FFFC9519A7729B51F4961B8F9991A5E ] \Device\Harddisk0\DR0\Partition1
09:36:03.0334 0x0aa8  \Device\Harddisk0\DR0\Partition1 - ok
09:36:03.0334 0x0aa8  [ 30DFE5E7E9E7A05BAE29E69D5923CE81 ] \Device\Harddisk0\DR0\Partition2
09:36:03.0334 0x0aa8  \Device\Harddisk0\DR0\Partition2 - ok
09:36:03.0334 0x0aa8  [ AD4E339BBE9FE116850C17FA7DA2F24F ] \Device\Harddisk0\DR0\Partition3
09:36:03.0334 0x0aa8  \Device\Harddisk0\DR0\Partition3 - ok
09:36:03.0334 0x0aa8  ================ Scan active images ========================
09:36:03.0350 0x0aa8  [ 3E588B60EC061686BA05D33574A344C6, 19D2D863F95CCC4493A2328B6BEB04248B6A80F957532E58C1D1D868C19FDCCB ] C:\Windows\System32\drivers\crashdmp.sys
09:36:03.0350 0x0aa8  C:\Windows\System32\drivers\crashdmp.sys - ok
09:36:03.0350 0x0aa8  [ 9BBD8B5855BC6578957F82341F9CDE5A, 7EFEE3053BA99EC3704CCBD71C987DA846F3DD5DB8F9FC2DACA8C328FA55662E ] C:\Windows\System32\drivers\Diskdump.sys
09:36:03.0350 0x0aa8  C:\Windows\System32\drivers\Diskdump.sys - ok
09:36:03.0350 0x0aa8  [ 814DB88F2641691575A455CF25354098, 79C50F0CD72612733217A0316BEFEA0B6D819C3159D9452EAB89AC26A18A0F89 ] C:\Windows\System32\drivers\dumpfve.sys
09:36:03.0350 0x0aa8  C:\Windows\System32\drivers\dumpfve.sys - ok
09:36:03.0365 0x0aa8  [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] C:\Windows\System32\drivers\nvstor.sys
09:36:03.0365 0x0aa8  C:\Windows\System32\drivers\nvstor.sys - ok
09:36:03.0365 0x0aa8  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] C:\Windows\System32\drivers\null.sys
09:36:03.0365 0x0aa8  C:\Windows\System32\drivers\null.sys - ok
09:36:03.0365 0x0aa8  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] C:\Windows\System32\drivers\beep.sys
09:36:03.0365 0x0aa8  C:\Windows\System32\drivers\beep.sys - ok
09:36:03.0381 0x0aa8  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] C:\Windows\System32\drivers\RDPCDD.sys
09:36:03.0381 0x0aa8  C:\Windows\System32\drivers\RDPCDD.sys - ok
09:36:03.0381 0x0aa8  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] C:\Windows\System32\drivers\RDPENCDD.sys
09:36:03.0381 0x0aa8  C:\Windows\System32\drivers\RDPENCDD.sys - ok
09:36:03.0381 0x0aa8  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] C:\Windows\System32\drivers\vga.sys
09:36:03.0381 0x0aa8  C:\Windows\System32\drivers\vga.sys - ok
09:36:03.0397 0x0aa8  [ E7353D59C9842BC7299FAEB7E7E09340, C37ED1025E07BAC2F535DCFED6C6C509515D95722EADE5AF94F1FC5D8B1DC783 ] C:\Windows\System32\drivers\videoprt.sys
09:36:03.0397 0x0aa8  C:\Windows\System32\drivers\videoprt.sys - ok
09:36:03.0397 0x0aa8  [ FC438D1430B28618E2D0C7C332A710AD, 873957B202E454E2C8F625E5799F278CAC16EC5EEAEE2C33E2FE5D1FF0408CB2 ] C:\Windows\System32\drivers\watchdog.sys
09:36:03.0397 0x0aa8  C:\Windows\System32\drivers\watchdog.sys - ok
09:36:03.0397 0x0aa8  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] C:\Windows\System32\drivers\msfs.sys
09:36:03.0397 0x0aa8  C:\Windows\System32\drivers\msfs.sys - ok
09:36:03.0412 0x0aa8  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] C:\Windows\System32\drivers\RDPREFMP.sys
09:36:03.0412 0x0aa8  C:\Windows\System32\drivers\RDPREFMP.sys - ok
09:36:03.0412 0x0aa8  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] C:\Windows\System32\drivers\npfs.sys
09:36:03.0412 0x0aa8  C:\Windows\System32\drivers\npfs.sys - ok
09:36:03.0412 0x0aa8  [ 6F020A220388ECA0AB6062DC27BD16B6, 48655230E482DEB7B4B50EF05818EBB29CA61E780AEFCD9D31B02DE4DF9D9540 ] C:\Windows\System32\drivers\tdi.sys
09:36:03.0412 0x0aa8  C:\Windows\System32\drivers\tdi.sys - ok
09:36:03.0428 0x0aa8  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] C:\Windows\System32\drivers\tdx.sys
09:36:03.0428 0x0aa8  C:\Windows\System32\drivers\tdx.sys - ok
09:36:03.0428 0x0aa8  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] C:\Windows\System32\drivers\afd.sys
09:36:03.0428 0x0aa8  C:\Windows\System32\drivers\afd.sys - ok
09:36:03.0428 0x0aa8  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] C:\Windows\System32\drivers\netbt.sys
09:36:03.0428 0x0aa8  C:\Windows\System32\drivers\netbt.sys - ok
09:36:03.0443 0x0aa8  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] C:\Windows\System32\drivers\ws2ifsl.sys
09:36:03.0443 0x0aa8  C:\Windows\System32\drivers\ws2ifsl.sys - ok
09:36:03.0443 0x0aa8  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] C:\Windows\System32\drivers\wfplwf.sys
09:36:03.0443 0x0aa8  C:\Windows\System32\drivers\wfplwf.sys - ok
09:36:03.0443 0x0aa8  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] C:\Windows\System32\drivers\pacer.sys
09:36:03.0443 0x0aa8  C:\Windows\System32\drivers\pacer.sys - ok
09:36:03.0459 0x0aa8  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] C:\Windows\System32\drivers\netbios.sys
09:36:03.0459 0x0aa8  C:\Windows\System32\drivers\netbios.sys - ok
09:36:03.0459 0x0aa8  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] C:\Windows\System32\drivers\serial.sys
09:36:03.0459 0x0aa8  C:\Windows\System32\drivers\serial.sys - ok
09:36:03.0459 0x0aa8  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] C:\Windows\System32\drivers\termdd.sys
09:36:03.0459 0x0aa8  C:\Windows\System32\drivers\termdd.sys - ok
09:36:03.0475 0x0aa8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] C:\Windows\System32\drivers\wanarp.sys
09:36:03.0475 0x0aa8  C:\Windows\System32\drivers\wanarp.sys - ok
09:36:03.0475 0x0aa8  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] C:\Windows\System32\drivers\mssmbios.sys
09:36:03.0475 0x0aa8  C:\Windows\System32\drivers\mssmbios.sys - ok
09:36:03.0475 0x0aa8  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] C:\Windows\System32\drivers\nsiproxy.sys
09:36:03.0475 0x0aa8  C:\Windows\System32\drivers\nsiproxy.sys - ok
09:36:03.0490 0x0aa8  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] C:\Windows\System32\drivers\rdbss.sys
09:36:03.0490 0x0aa8  C:\Windows\System32\drivers\rdbss.sys - ok
09:36:03.0490 0x0aa8  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] C:\Windows\System32\drivers\discache.sys
09:36:03.0490 0x0aa8  C:\Windows\System32\drivers\discache.sys - ok
09:36:03.0490 0x0aa8  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] C:\Windows\System32\drivers\csc.sys
09:36:03.0490 0x0aa8  C:\Windows\System32\drivers\csc.sys - ok
09:36:03.0506 0x0aa8  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] C:\Windows\System32\drivers\dfsc.sys
09:36:03.0506 0x0aa8  C:\Windows\System32\drivers\dfsc.sys - ok
09:36:03.0506 0x0aa8  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] C:\Windows\System32\drivers\blbdrive.sys
09:36:03.0506 0x0aa8  C:\Windows\System32\drivers\blbdrive.sys - ok
09:36:03.0506 0x0aa8  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] C:\Windows\System32\drivers\tunnel.sys
09:36:03.0506 0x0aa8  C:\Windows\System32\drivers\tunnel.sys - ok
09:36:03.0521 0x0aa8  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] C:\Windows\System32\drivers\amdppm.sys
09:36:03.0521 0x0aa8  C:\Windows\System32\drivers\amdppm.sys - ok
09:36:03.0521 0x0aa8  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] C:\Windows\System32\drivers\serenum.sys
09:36:03.0521 0x0aa8  C:\Windows\System32\drivers\serenum.sys - ok
09:36:03.0521 0x0aa8  [ 12FEB33791920678F8433701C822BCFD, 7D1AD944CF0532D5AF951ACCE064EA9288F068964603674854CD7658D2B96039 ] C:\Windows\System32\drivers\usbport.sys
09:36:03.0521 0x0aa8  C:\Windows\System32\drivers\usbport.sys - ok
09:36:03.0537 0x0aa8  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] C:\Windows\System32\drivers\usbehci.sys
09:36:03.0537 0x0aa8  C:\Windows\System32\drivers\usbehci.sys - ok
09:36:03.0537 0x0aa8  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] C:\Windows\System32\drivers\usbohci.sys
09:36:03.0537 0x0aa8  C:\Windows\System32\drivers\usbohci.sys - ok
09:36:03.0537 0x0aa8  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] C:\Windows\System32\drivers\hdaudbus.sys
09:36:03.0537 0x0aa8  C:\Windows\System32\drivers\hdaudbus.sys - ok
09:36:03.0553 0x0aa8  [ ABCB5A38A0D85BDF69B7877E1AD1EED5, 44DF1A92E8FA53677A04C46088B0AD49F1F6A090820BE550A514C4FBFD91444D ] C:\Windows\System32\drivers\Rt64win7.sys
09:36:03.0553 0x0aa8  C:\Windows\System32\drivers\Rt64win7.sys - ok
09:36:03.0553 0x0aa8  [ F0970A4BC8395659C22BF53D0FADF16F, 23BE3066D89A5ACBF8130899640D377476E78B6C3D19E2D13C32238464A83E21 ] C:\Windows\System32\smss.exe
09:36:03.0553 0x0aa8  C:\Windows\System32\smss.exe - ok
09:36:03.0553 0x0aa8  [ CAAAC014C5C56A69F710B5F1B836DE22, DA98EF2EBF9A7F180344A88CC2C74F69101E17BBAB58B1C46176FD6EE7AA2E6A ] C:\Windows\System32\ntdll.dll
09:36:03.0553 0x0aa8  C:\Windows\System32\ntdll.dll - ok
09:36:03.0568 0x0aa8  [ 8E6247F418B4C8AE9EEB0B532CABCC21, 42AD2588CBC8C9478F289955AB1391C65788D0564CCA7E0F9A41B8498A8BA117 ] C:\Windows\System32\drivers\nvlddmkm.sys
09:36:03.0568 0x0aa8  C:\Windows\System32\drivers\nvlddmkm.sys - ok
09:36:03.0568 0x0aa8  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] C:\Windows\System32\drivers\dxgkrnl.sys
09:36:03.0568 0x0aa8  C:\Windows\System32\drivers\dxgkrnl.sys - ok
09:36:03.0584 0x0aa8  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] C:\Windows\System32\drivers\CompositeBus.sys
09:36:03.0584 0x0aa8  C:\Windows\System32\drivers\CompositeBus.sys - ok
09:36:03.0584 0x0aa8  [ 1F04CFB79DD5FB7694468CE3FB3DCC31, A40C0BF6D1EC6C4281611A830EA7B22FEF523A3E197E5A8F59332D64E90376B6 ] C:\Windows\System32\drivers\dxgmms1.sys
09:36:03.0584 0x0aa8  C:\Windows\System32\drivers\dxgmms1.sys - ok
09:36:03.0584 0x0aa8  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] C:\Windows\System32\drivers\agilevpn.sys
09:36:03.0584 0x0aa8  C:\Windows\System32\drivers\agilevpn.sys - ok
09:36:03.0584 0x0aa8  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] C:\Windows\System32\drivers\ndistapi.sys
09:36:03.0599 0x0aa8  C:\Windows\System32\drivers\ndistapi.sys - ok
09:36:03.0599 0x0aa8  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] C:\Windows\System32\drivers\rasl2tp.sys
09:36:03.0599 0x0aa8  C:\Windows\System32\drivers\rasl2tp.sys - ok
09:36:03.0599 0x0aa8  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] C:\Windows\System32\drivers\ndiswan.sys
09:36:03.0599 0x0aa8  C:\Windows\System32\drivers\ndiswan.sys - ok
09:36:03.0599 0x0aa8  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] C:\Windows\System32\drivers\raspppoe.sys
09:36:03.0599 0x0aa8  C:\Windows\System32\drivers\raspppoe.sys - ok
09:36:03.0615 0x0aa8  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] C:\Windows\System32\drivers\raspptp.sys
09:36:03.0615 0x0aa8  C:\Windows\System32\drivers\raspptp.sys - ok
09:36:03.0615 0x0aa8  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] C:\Windows\System32\drivers\kbdclass.sys
09:36:03.0615 0x0aa8  C:\Windows\System32\drivers\kbdclass.sys - ok
09:36:03.0631 0x0aa8  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] C:\Windows\System32\drivers\mouclass.sys
09:36:03.0631 0x0aa8  C:\Windows\System32\drivers\mouclass.sys - ok
09:36:03.0631 0x0aa8  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] C:\Windows\System32\drivers\rassstp.sys
09:36:03.0631 0x0aa8  C:\Windows\System32\drivers\rassstp.sys - ok
09:36:03.0631 0x0aa8  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] C:\Windows\System32\drivers\rdpbus.sys
09:36:03.0631 0x0aa8  C:\Windows\System32\drivers\rdpbus.sys - ok
09:36:03.0646 0x0aa8  [ 24FBF5CC5C04150073C315A7C83521EE, 581BD5F15B5E57B3BAA762E421FFD859FDA46DDB8515C2A7AAFF208D784E906C ] C:\Windows\System32\drivers\ks.sys
09:36:03.0646 0x0aa8  C:\Windows\System32\drivers\ks.sys - ok
09:36:03.0646 0x0aa8  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] C:\Windows\System32\drivers\swenum.sys
09:36:03.0646 0x0aa8  C:\Windows\System32\drivers\swenum.sys - ok
09:36:03.0646 0x0aa8  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] C:\Windows\System32\drivers\umbus.sys
09:36:03.0646 0x0aa8  C:\Windows\System32\drivers\umbus.sys - ok
09:36:03.0662 0x0aa8  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] C:\Windows\System32\drivers\usbhub.sys
09:36:03.0662 0x0aa8  C:\Windows\System32\drivers\usbhub.sys - ok
09:36:03.0662 0x0aa8  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] C:\Windows\System32\drivers\ndproxy.sys
09:36:03.0662 0x0aa8  C:\Windows\System32\drivers\ndproxy.sys - ok
09:36:03.0662 0x0aa8  [ E0D3CD5841E5C7BE7B94BA946AF1E498, 4EAE1B226255623DA41A047633994D6902F6D4CA5757BF5D85E227378336227F ] C:\Windows\System32\drivers\drmk.sys
09:36:03.0662 0x0aa8  C:\Windows\System32\drivers\drmk.sys - ok
09:36:03.0677 0x0aa8  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] C:\Windows\System32\drivers\HdAudio.sys
09:36:03.0677 0x0aa8  C:\Windows\System32\drivers\HdAudio.sys - ok
09:36:03.0677 0x0aa8  [ 1E0B4CBBA91C6B041A14ECC2186F7E24, 63039A317F906454A0652704DA2D646658A148B9B55BFB5D2F4B27997F357DF9 ] C:\Windows\System32\drivers\portcls.sys
09:36:03.0677 0x0aa8  C:\Windows\System32\drivers\portcls.sys - ok
09:36:03.0677 0x0aa8  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] C:\Windows\System32\drivers\ksthunk.sys
09:36:03.0677 0x0aa8  C:\Windows\System32\drivers\ksthunk.sys - ok
09:36:03.0693 0x0aa8  [ 3B536A8BEC3B4F23FFDFD78B11A2AB93, 7BC847CE6C2D29C334F0D1600BBBDE3933FF45F6BEE5186F442E6270A3F9EC4E ] C:\Windows\System32\autochk.exe
09:36:03.0693 0x0aa8  C:\Windows\System32\autochk.exe - ok
09:36:03.0693 0x0aa8  [ FFA06EF43987ED0DD42AD59B260C0C78, 260518D5E077E55E0F2099037DBEFA93016FD4D4655456DDB3147AF9CBE7BF6B ] C:\Windows\System32\drivers\usbd.sys
09:36:03.0693 0x0aa8  C:\Windows\System32\drivers\usbd.sys - ok
09:36:03.0693 0x0aa8  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] C:\Windows\System32\drivers\usbccgp.sys
09:36:03.0693 0x0aa8  C:\Windows\System32\drivers\usbccgp.sys - ok
09:36:03.0709 0x0aa8  [ 9835E63E09F824D22B689D2BB789BAB9, 5BCFFAFB894D69FBCDDB91E64D30A356F4BD57098E8B4C51B98AFAF6581BDB63 ] C:\Windows\System32\comdlg32.dll
09:36:03.0709 0x0aa8  C:\Windows\System32\comdlg32.dll - ok
09:36:03.0709 0x0aa8  [ 26036E228D2467DE6975AD819C22C043, B4A30EC7ABAEFFF55DE662F4A17415F2BD737BD563215638C86C580B8F3EA907 ] C:\Windows\System32\rpcrt4.dll
09:36:03.0709 0x0aa8  C:\Windows\System32\rpcrt4.dll - ok
09:36:03.0709 0x0aa8  [ 25983DE69B57142039AC8D95E71CD9C9, A677DA7EBCBCB6073D27E8A38809F51E971E83ED379BC599AAAD6EF4216348DA ] C:\Windows\System32\clbcatq.dll
09:36:03.0709 0x0aa8  C:\Windows\System32\clbcatq.dll - ok
09:36:03.0724 0x0aa8  [ 6C60B5ACA7442EFB794082CDACFC001C, FC1D9124856A70FF232EF3057D66BEE803295847624CE23B4D0217F23AF52C75 ] C:\Windows\System32\ole32.dll
09:36:03.0724 0x0aa8  C:\Windows\System32\ole32.dll - ok
09:36:03.0724 0x0aa8  [ 4BBFA57F594F7E8A8EDC8F377184C3F0, 9F3AC5DEA5A6250C3DBB97AF79C81C0A48429486521F807355A1D7D3D861B75F ] C:\Windows\System32\ws2_32.dll
09:36:03.0724 0x0aa8  C:\Windows\System32\ws2_32.dll - ok
09:36:03.0724 0x0aa8  [ 092F3E7D054FDF779054E29A0A0D4267, 55E249042D824D3D2F3801814881928EDA03F0091E7EEF579FF664CD9D2D483C ] C:\Windows\System32\iertutil.dll
09:36:03.0724 0x0aa8  C:\Windows\System32\iertutil.dll - ok
09:36:03.0740 0x0aa8  [ C391FC68282A000CDF953F8B6B55D2EF, 1CB0DAB84545D9FDEA5A7865A1E7132CEAC91DECF8B100285B63098D7B09E584 ] C:\Windows\System32\msvcrt.dll
09:36:03.0740 0x0aa8  C:\Windows\System32\msvcrt.dll - ok
09:36:03.0740 0x0aa8  [ 56325BB1FF19F2A5AC8713756AC41140, B2124E57783312EE37D2621E689D8FB4C43A04BDBD4F481225C21038605A28CE ] C:\Windows\System32\gdi32.dll
09:36:03.0740 0x0aa8  C:\Windows\System32\gdi32.dll - ok
09:36:03.0740 0x0aa8  [ B4F29F65AD3114051F01E9403346047F, 7EB58545211C51E95B3F45C47C1F7CCE05B707D168E7C20F46D36E19EE3D8DFC ] C:\Windows\System32\imagehlp.dll
09:36:03.0740 0x0aa8  C:\Windows\System32\imagehlp.dll - ok
09:36:03.0740 0x0aa8  [ D8973E71F1B35CD3F3DEA7C12D49D0F0, 23CAE14BF9D7208CD2A0B2691B1A64313A24A23E6D70F40AA0572ED37E8B542C ] C:\Windows\System32\kernel32.dll
09:36:03.0740 0x0aa8  C:\Windows\System32\kernel32.dll - ok
09:36:03.0755 0x0aa8  [ 856E76B3641746ABBC2946BED1372098, FD93CC7F72560F72CA49AD5609C079E25B8A3A4802E72B127B63A9E7B4884710 ] C:\Windows\System32\drivers\hidparse.sys
09:36:03.0755 0x0aa8  C:\Windows\System32\drivers\hidparse.sys - ok
09:36:03.0755 0x0aa8  [ 597C3699384E53CC59587ED50CCE5CA2, 4F61E9B5BEB3BD1634D733983381E516664BD7E250DF4B0150B168E05EFD652A ] C:\Windows\System32\drivers\hidclass.sys
09:36:03.0755 0x0aa8  C:\Windows\System32\drivers\hidclass.sys - ok
09:36:03.0755 0x0aa8  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] C:\Windows\System32\drivers\hidusb.sys
09:36:03.0755 0x0aa8  C:\Windows\System32\drivers\hidusb.sys - ok
09:36:03.0771 0x0aa8  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] C:\Windows\System32\drivers\kbdhid.sys
09:36:03.0771 0x0aa8  C:\Windows\System32\drivers\kbdhid.sys - ok
09:36:03.0771 0x0aa8  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] C:\Windows\System32\drivers\mouhid.sys
09:36:03.0771 0x0aa8  C:\Windows\System32\drivers\mouhid.sys - ok
09:36:03.0771 0x0aa8  [ EAF32CB8C1F810E4715B4DFBE785C7FF, DB6AD07FDED42433E669508AB73FAFF6DAFF04575D6F1D016FE3EB6ECEC4DD5D ] C:\Windows\System32\shlwapi.dll
09:36:03.0771 0x0aa8  C:\Windows\System32\shlwapi.dll - ok
09:36:03.0787 0x0aa8  [ 43D9CE875F8FC8370C6BA2F74D50D01C, 331381A17331EE56F22E3E535068F95CDBC2EB8C1FFD2D3C9FF43F24A54CC2E4 ] C:\Windows\System32\urlmon.dll
09:36:03.0787 0x0aa8  C:\Windows\System32\urlmon.dll - ok
09:36:03.0787 0x0aa8  [ 796B47A4B82EF1C39F13435B88834C48, AFC3E89476BAAD8A71663F0DB8D15E00FF9D131F1306A2F69D728E3AD1184602 ] C:\Windows\System32\lpk.dll
09:36:03.0787 0x0aa8  C:\Windows\System32\lpk.dll - ok
09:36:03.0787 0x0aa8  [ E6CB36B85BE59095337427E853A5B65A, 5E02299FE1805CF79330971C59F116DD560244DE9A0BED4A2DB8791C8C1E93DF ] C:\Windows\System32\wininet.dll
09:36:03.0787 0x0aa8  C:\Windows\System32\wininet.dll - ok
09:36:03.0802 0x0aa8  [ F7CE0C81C545364020ED8203CF0A633E, 24B47A7492B7048096AF87E26786E8108455ADBD1A374B6A0466DE008505B8A9 ] C:\Windows\System32\difxapi.dll
09:36:03.0802 0x0aa8  C:\Windows\System32\difxapi.dll - ok
09:36:03.0802 0x0aa8  [ 83404DCBCE4925B6A5A77C5170F46D86, D669614D0B4461DB244AD99FBE1BA92CEB9B4ED5EC8E987E23764E77D9AC7074 ] C:\Windows\System32\sechost.dll
09:36:03.0802 0x0aa8  C:\Windows\System32\sechost.dll - ok
09:36:03.0802 0x0aa8  [ AA2C08CE85653B1A0D2E4AB407FA176C, 83DFD0C119B20AEDB07114C9D1CF9CE2DFA938D0F1070256B0591A9E2C3997FA ] C:\Windows\System32\imm32.dll
09:36:03.0802 0x0aa8  C:\Windows\System32\imm32.dll - ok
09:36:03.0818 0x0aa8  [ C431EAF5CAA1C82CAC2534A2EAB348A3, ADDF850128DC675E67FABA9A3D0D27E684F01F733962CA22927BB94503549E44 ] C:\Windows\System32\msctf.dll
09:36:03.0818 0x0aa8  C:\Windows\System32\msctf.dll - ok
09:36:03.0818 0x0aa8  [ C06B32165E23A72A898B7A89679AD754, 721405158F6E9F1A7FE7BB33EF642D91332726629D0D3B07DF3CF3152A91C85D ] C:\Windows\System32\oleaut32.dll
09:36:03.0818 0x0aa8  C:\Windows\System32\oleaut32.dll - ok
09:36:03.0818 0x0aa8  [ 28C0B5024F5C5A438E78B188CFC81B7F, AB81FB63F2908CE316B45609077ACBD85F4B2AAD1606B1E9030F06DB82EDDFAD ] C:\Windows\System32\normaliz.dll
09:36:03.0818 0x0aa8  C:\Windows\System32\normaliz.dll - ok
09:36:03.0833 0x0aa8  [ 4E4FFB09D895AA000DD56D1404F69A7E, D999E04BB35780088480EAB322176570591A21E311D204BDCAB010A63B34D24C ] C:\Windows\System32\Wldap32.dll
09:36:03.0833 0x0aa8  C:\Windows\System32\Wldap32.dll - ok
09:36:03.0833 0x0aa8  [ DBF99FD9CAF75CA66D042BD8D050FF71, D11A863EAEDE80A731FD7A63F744E518D3921043CC3982BAA87992F9E82F044F ] C:\Windows\System32\usp10.dll
09:36:03.0833 0x0aa8  C:\Windows\System32\usp10.dll - ok
09:36:03.0833 0x0aa8  [ AD662B34B161198B9D66A564EDDA7D43, 335807AA4E88234BF2C639781E92D0DBC41D973754D61AB1DA6C8BA4E108AEBD ] C:\Windows\System32\shell32.dll
09:36:03.0833 0x0aa8  C:\Windows\System32\shell32.dll - ok
09:36:03.0849 0x0aa8  [ D87E1E59C73C1F98D5DED5B3850C40F5, 536419BFF9F877D4314B5D0C045D9A6E729489C389863FADF07E382050BC84FD ] C:\Windows\System32\psapi.dll
09:36:03.0849 0x0aa8  C:\Windows\System32\psapi.dll - ok
09:36:03.0849 0x0aa8  [ 5D8E6C95156ED1F79A63D1EADE6F9ED5, 12130837D7F89A2C7E9D25747A8E5B9001E0A38D545178B49B450C23AE62664A ] C:\Windows\System32\setupapi.dll
09:36:03.0849 0x0aa8  C:\Windows\System32\setupapi.dll - ok
09:36:03.0849 0x0aa8  [ 63A580C88CFAF72A92550940054569EF, A66C89123D1833446ACC31D5CF536B0D0EC24D2F805C022A637596CF98429D9F ] C:\Windows\System32\advapi32.dll
09:36:03.0849 0x0aa8  C:\Windows\System32\advapi32.dll - ok
09:36:03.0865 0x0aa8  [ 044FE45FFD6AD40E3BBBE60B7F41BABE, A1688A5E6E0F7037C850699462C2655006A7D873C97F9AB406C59D81749B6F09 ] C:\Windows\System32\nsi.dll
09:36:03.0865 0x0aa8  C:\Windows\System32\nsi.dll - ok
09:36:03.0865 0x0aa8  [ FE70103391A64039A921DBFFF9C7AB1B, F7D219D75037BC98F6C69143B00AB6000A31F8B5E211E0AF514F4F4B681522A0 ] C:\Windows\System32\user32.dll
09:36:03.0865 0x0aa8  C:\Windows\System32\user32.dll - ok
09:36:03.0865 0x0aa8  [ F49E92B50CED5C9F1725D3C0329FD933, 6155FA4D8242F07FC578FF746890C2EE19FC3D6A20ED8AE4C6F021DB2DAC184F ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
09:36:03.0865 0x0aa8  C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
09:36:03.0880 0x0aa8  [ 9094039A00485F71C4DE64BF51F64C46, 4ACFEF4C747ADF806A4FDEDDFD9CC48168DFB05075306C77D3F3927749DD7484 ] C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
09:36:03.0880 0x0aa8  C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll - ok
09:36:03.0880 0x0aa8  [ 780F6ECC4F55D76C9730E6B6C9B31913, 1AEA642AFA210A672A92AAA49CFDE52D9E48ED41248F7644FAADE760E8A0E72E ] C:\Windows\System32\crypt32.dll
09:36:03.0880 0x0aa8  C:\Windows\System32\crypt32.dll - ok
09:36:03.0880 0x0aa8  [ 9028D1621C43DF8DFBD1C76860412A11, A1D48D9B33180BDE50D2FA9BB07E9520B7B7788C39B3AABB4A06AE4B1AACA755 ] C:\Windows\System32\comctl32.dll
09:36:03.0880 0x0aa8  C:\Windows\System32\comctl32.dll - ok
09:36:03.0896 0x0aa8  [ B22C00ED0491FD7B8803D7DDE2849F4C, 11AB01BF17A4130A3C4EF493A42406DF106B0923DD6DCBFF5958F5C886B9DA93 ] C:\Windows\System32\KernelBase.dll
09:36:03.0896 0x0aa8  C:\Windows\System32\KernelBase.dll - ok
09:36:03.0896 0x0aa8  [ 959041D7014C97133D859B45BCA0FC58, 282D34828DA7404470949483CB9789A8B4861D188093F0FBD07138A37F60B94B ] C:\Windows\System32\wintrust.dll
09:36:03.0896 0x0aa8  C:\Windows\System32\wintrust.dll - ok
09:36:03.0896 0x0aa8  [ 2477A28081BDAEE622CF045ACF8EE124, 00A09CAF9129E84FEEA98FA03CE9012C9F961B64FEE15C4F268822C0F82ACC3C ] C:\Windows\System32\cfgmgr32.dll
09:36:03.0896 0x0aa8  C:\Windows\System32\cfgmgr32.dll - ok
09:36:03.0911 0x0aa8  [ 64A4AB126E24FD3F58EBE64852773DB5, ED425BBC91EB8BEF54C363036A770C551C97EF324F1AE31049CA750D0E2D6776 ] C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
09:36:03.0911 0x0aa8  C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
09:36:03.0911 0x0aa8  [ 0E6FBF19D9DFBB77316C23DF91F8A101, 680F88E1BC55EA3342AACE6F2E3511BF877AC8F03276D028FEE84EEFE8B5611A ] C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
09:36:03.0911 0x0aa8  C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
09:36:03.0927 0x0aa8  [ AFC3DB5C6EB8CA8017DDB81D6C0AD02A, 445C2857398252756FD25BB94DAFCCEFF573DE55F1F8BF9094C191F409FE6437 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
09:36:03.0927 0x0aa8  C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
09:36:03.0927 0x0aa8  [ 72723D3E4781BADC62C3180C137E7B23, 0BDA5292928578C5DA79C761E15B8A892B9D4A3DA26D3635E714797C653CF492 ] C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
09:36:03.0927 0x0aa8  C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll - ok
09:36:03.0927 0x0aa8  [ 06FEC9E8117103BB1141A560E98077DA, C5E61B11DDBBBBBA3D9488970524F0975EA5FBDF16E2FA31F579F8BFA48353B1 ] C:\Windows\System32\devobj.dll
09:36:03.0927 0x0aa8  C:\Windows\System32\devobj.dll - ok
09:36:03.0943 0x0aa8  [ 884415BD4269C02EAF8E2613BF85500D, EFE771709EC942694FD206AC8D0A48ED7DCD35036F074268E4AECD68AC982CEA ] C:\Windows\System32\msasn1.dll
09:36:03.0943 0x0aa8  C:\Windows\System32\msasn1.dll - ok
09:36:03.0943 0x0aa8  [ 9C278785347BCC991F8EA2999D90F58D, EA680C3642A6ABF627415AEE019956FAC702DC6A8F4B4D0FC8A4FB21EADD3896 ] C:\Windows\SysWOW64\normaliz.dll
09:36:03.0943 0x0aa8  C:\Windows\SysWOW64\normaliz.dll - ok
09:36:03.0943 0x0aa8  [ BF24D6F2ED97FE830BFD52B246F98E67, 6BBF4C4221A245462EF653798F6B416EEB12594AD1CB4E8BC8908A8CB2F53384 ] C:\Windows\System32\drivers\dxapi.sys
09:36:03.0943 0x0aa8  C:\Windows\System32\drivers\dxapi.sys - ok
09:36:03.0958 0x0aa8  [ E918C0DE5CF2AE6BEDBF387C09627D93, B45B0CE2BDD41CD46DE2AC76CF7753DF38C29435DCF833B5CFF1DB9329559F3C ] C:\Windows\System32\win32k.sys
09:36:03.0958 0x0aa8  C:\Windows\System32\win32k.sys - ok
09:36:03.0958 0x0aa8  [ 216BABD555BC550952320EEA89C25DDF, 1BBB92415280032CD18F361382A69D0D91266AAD56FC88A99C804B0053743D72 ] C:\Windows\System32\csrsrv.dll
09:36:03.0958 0x0aa8  C:\Windows\System32\csrsrv.dll - ok
09:36:03.0958 0x0aa8  [ 60C2862B4BF0FD9F582EF344C2B1EC72, CB1C6018FC5C15483AC5BB96E5C2E2E115BB0C0E1314837D77201BAB37E8C03A ] C:\Windows\System32\csrss.exe
09:36:03.0958 0x0aa8  C:\Windows\System32\csrss.exe - ok
09:36:03.0974 0x0aa8  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\System32\basesrv.dll
09:36:03.0974 0x0aa8  C:\Windows\System32\basesrv.dll - ok
09:36:03.0974 0x0aa8  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\System32\winsrv.dll
09:36:03.0974 0x0aa8  C:\Windows\System32\winsrv.dll - ok
09:36:03.0974 0x0aa8  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] C:\Windows\System32\drivers\monitor.sys
09:36:03.0974 0x0aa8  C:\Windows\System32\drivers\monitor.sys - ok
09:36:03.0989 0x0aa8  [ F29FE765E1448EF371CFE05BFAC74ADB, F251581222D78543272FD4B14A6A59F4B0E0CC44A5FCBCF56DE4CA5783F78A75 ] C:\Windows\System32\tsddd.dll
09:36:03.0989 0x0aa8  C:\Windows\System32\tsddd.dll - ok
09:36:03.0989 0x0aa8  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\System32\sxssrv.dll
09:36:03.0989 0x0aa8  C:\Windows\System32\sxssrv.dll - ok
09:36:03.0989 0x0aa8  [ 94355C28C1970635A31B3FE52EB7CEBA, C4E98F07170CEC69CACDD5CEDB8927E48A2A299CB1B8CDA87526E768AF6174F0 ] C:\Windows\System32\wininit.exe
09:36:03.0989 0x0aa8  C:\Windows\System32\wininit.exe - ok
09:36:03.0989 0x0aa8  [ 78523A26F5604C0568FE9D1CE86E36F4, 534A7228BF69719106F581616A32EAEF0B770DDB36DCE94F84E7D52FDB1382B5 ] C:\Windows\System32\KBDUS.DLL
09:36:03.0989 0x0aa8  C:\Windows\System32\KBDUS.DLL - ok
09:36:04.0005 0x0aa8  [ 2C942733A5983DD4502219FF37C7EBC7, 34B20B6B0D7274E4B5B783F1D2345BC3DD9888964D5C2C65712F041A00CF5B45 ] C:\Windows\System32\profapi.dll
09:36:04.0005 0x0aa8  C:\Windows\System32\profapi.dll - ok
09:36:04.0005 0x0aa8  [ C2A8CB1275ECB85D246A9ECC02A728E3, 3603FADCA0060BD201148F9D59E4E2627F024609A6463AB525B5D1AD17BDCD10 ] C:\Windows\System32\RpcRtRemote.dll
09:36:04.0005 0x0aa8  C:\Windows\System32\RpcRtRemote.dll - ok
09:36:04.0005 0x0aa8  [ 943F527DF79E6B400104341AA7023C75, 53C7B9426181D3D172E6B1A07E6DF8A0CB8FCA27D3A03CE5F544D3209B5F4651 ] C:\Windows\System32\cdd.dll
09:36:04.0005 0x0aa8  C:\Windows\System32\cdd.dll - ok
09:36:04.0021 0x0aa8  [ 9CEAD32E79A62150FE9F8557E58E008B, AFE4C1725EE94D7DE0749AE1495A4E5CC33C369F29B2A589DA66FFE27FF9777E ] C:\Windows\System32\sxs.dll
09:36:04.0021 0x0aa8  C:\Windows\System32\sxs.dll - ok
09:36:04.0021 0x0aa8  [ B26B1801356760841C3BC69F9F91537F, 83B9DF333E36C09E81D44E12AE5BE14650126FDA0CF4A0EA853BF40C5780EF81 ] C:\Windows\System32\WlS0WndH.dll
09:36:04.0021 0x0aa8  C:\Windows\System32\WlS0WndH.dll - ok
09:36:04.0021 0x0aa8  [ 784FA3DF338E2E8F5F0389D6FAC428AF, 9C8AA0CFDEB9E38AAF8EB08626070E0F0364F4F8A793CFE3532EC6C007980C34 ] C:\Windows\System32\cryptbase.dll
09:36:04.0021 0x0aa8  C:\Windows\System32\cryptbase.dll - ok
09:36:04.0036 0x0aa8  [ 90499F3163A9F815CF196A205EA3CD5D, 29B4ED3795CEC1177EB367132914CE21C194CDEC5DB9DC923FD928C85E94D821 ] C:\Windows\System32\apphelp.dll
09:36:04.0036 0x0aa8  C:\Windows\System32\apphelp.dll - ok
09:36:04.0036 0x0aa8  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] C:\Windows\System32\lsass.exe
09:36:04.0036 0x0aa8  C:\Windows\System32\lsass.exe - ok
09:36:04.0036 0x0aa8  [ 9662EE182644511439F1C53745DC1C88, D205B2C163E78AB42A5D67D7664EF6B75EA0374FF0924467D624F9DB0611F0AD ] C:\Windows\System32\lsm.exe
09:36:04.0036 0x0aa8  C:\Windows\System32\lsm.exe - ok
09:36:04.0052 0x0aa8  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\System32\services.exe
09:36:04.0052 0x0aa8  C:\Windows\System32\services.exe - ok
09:36:04.0052 0x0aa8  [ 7C46EC9CCDE6E793713FA01DB2EB918E, 36647EF5E68B39A972AE2EDBE446F4CCC59ADAC5C4C172F2A66D79139E66BB30 ] C:\Windows\System32\sspisrv.dll
09:36:04.0052 0x0aa8  C:\Windows\System32\sspisrv.dll - ok
09:36:04.0052 0x0aa8  [ 086F906B1D30C0A5D35FE0F6362DAB21, C4C8CD9C60C6426E0402A4BE1D30CE30792D0A5FE1057266467E0C143DD1050C ] C:\Windows\System32\lsasrv.dll
09:36:04.0052 0x0aa8  C:\Windows\System32\lsasrv.dll - ok
09:36:04.0067 0x0aa8  [ B08EA91C774AA734E0B9881F85CD9F42, C0757F98D190D426EBF5B0B6C151BFFD0A128344BAA4A1BA36DB28C16BB4A0F2 ] C:\Windows\System32\sspicli.dll
09:36:04.0067 0x0aa8  C:\Windows\System32\sspicli.dll - ok
09:36:04.0067 0x0aa8  [ BBCDF350817BA86416C0F06B6981BE8D, D064438F97852B9BD6015C8B19377C61C671E0969E09506B8359FE7B1F373A61 ] C:\Windows\System32\scesrv.dll
09:36:04.0067 0x0aa8  C:\Windows\System32\scesrv.dll - ok
09:36:04.0067 0x0aa8  [ E914A50A151DFFE63D3935226DB5E2C1, 7DCCE4060344E1C771679F1C20378A0BEB3C1F06DB684072F07B98921A62A299 ] C:\Windows\System32\scext.dll
09:36:04.0067 0x0aa8  C:\Windows\System32\scext.dll - ok
09:36:04.0083 0x0aa8  [ 208EAAFF40DA400190AA0605C797BEA2, 24C349881E7102267D1648F9CA6A9AF871F1CAA3290AC96CEABCC3724D833C5B ] C:\Windows\System32\secur32.dll
09:36:04.0083 0x0aa8  C:\Windows\System32\secur32.dll - ok
09:36:04.0083 0x0aa8  [ A744BA6E04C8AA4592818178DBF89521, 9E7C85D842DF16F9B8FED7B06AF309B5ECCBFD465F5552347D4C3F1FEFDC6F7A ] C:\Windows\System32\samsrv.dll
09:36:04.0083 0x0aa8  C:\Windows\System32\samsrv.dll - ok
09:36:04.0083 0x0aa8  [ 3A9C9BAF610B0DD4967086040B3B62A9, E8E9A0F42B1EE7806EDCEED08AA024D037215D06CA317E3678BD5364AD513D23 ] C:\Windows\System32\srvcli.dll
09:36:04.0083 0x0aa8  C:\Windows\System32\srvcli.dll - ok
09:36:04.0099 0x0aa8  [ 68083118797CAF30FB2EA3E71494D67E, 5F1BCDFCB00A20CD60CBC70A2FD97405EF0F7173DD0E404BBA7B06D39DB37364 ] C:\Windows\System32\sysntfy.dll
09:36:04.0099 0x0aa8  C:\Windows\System32\sysntfy.dll - ok
09:36:04.0099 0x0aa8  [ DEE7267C5D232A3B816866872CE199E6, A1994FD37667C52E7CBF873514C190DA61A3D1349786D187BFAE0006F61799AE ] C:\Windows\System32\wmsgapi.dll
09:36:04.0099 0x0aa8  C:\Windows\System32\wmsgapi.dll - ok
09:36:04.0099 0x0aa8  [ 3A061472B38233BAFF9CFEFF2E49C46B, DF29B14C8D22A8A16AA336A09A6152E2C7FCA6CAF4E76F0C5DCB55BEF9D00515 ] C:\Windows\System32\cryptdll.dll
09:36:04.0099 0x0aa8  C:\Windows\System32\cryptdll.dll - ok
09:36:04.0114 0x0aa8  [ 3C073B0C596A0AF84933E7406766B040, 4698BBA678F553E15AD4B07AD7FB236281F872DEFEE97BFD637114476C8F97B3 ] C:\Windows\System32\wevtapi.dll
09:36:04.0114 0x0aa8  C:\Windows\System32\wevtapi.dll - ok
09:36:04.0114 0x0aa8  [ 7FBEBD2229EA5FD48D41B199EC2D541C, A465975D445A8D50CAF3EF29BD33354B320D11173C127BE30D5EBBFF7008CDCE ] C:\Windows\System32\authz.dll
09:36:04.0114 0x0aa8  C:\Windows\System32\authz.dll - ok
09:36:04.0114 0x0aa8  [ 86FE1B1F8FD42CD0DB641AB1CDB13093, 8C4BB4415105CE82FFFE658879EAE9D259A24C0F6DFC7D25507352DC99241BE2 ] C:\Windows\System32\cngaudit.dll
09:36:04.0114 0x0aa8  C:\Windows\System32\cngaudit.dll - ok
09:36:04.0130 0x0aa8  [ 747B9BA5412422F27934CB21131F0A3E, 2441F925C3B46A15141A0A1E1AA9DFCCA2891D823D55C6E6DA0E30C2DE3A7341 ] C:\Windows\System32\ncrypt.dll
09:36:04.0130 0x0aa8  C:\Windows\System32\ncrypt.dll - ok
09:36:04.0130 0x0aa8  [ 1151B1BAA6F350B1DB6598E0FEA7C457, B1506E0A7E826EFF0F5252EF5026070C46E2235438403A9A24D73EE69C0B8A49 ] C:\Windows\System32\winlogon.exe
09:36:04.0130 0x0aa8  C:\Windows\System32\winlogon.exe - ok
09:36:04.0130 0x0aa8  [ B9A95365E52F421A20E1501935FADDA5, DDB4CB575139233EFAF2C59B7E9B04AF36BBCCC63190181F3B2A7E6BFC86E77E ] C:\Windows\System32\bcrypt.dll
09:36:04.0130 0x0aa8  C:\Windows\System32\bcrypt.dll - ok
09:36:04.0145 0x0aa8  [ 02B64609F865A39365FF88580DF11738, 2F676B93898E1B6131AF6227BB7AB731EB9C29477F9BD4C2C60F0FC1E35CD968 ] C:\Windows\System32\msprivs.dll
09:36:04.0145 0x0aa8  C:\Windows\System32\msprivs.dll - ok
09:36:04.0145 0x0aa8  [ 0D9764D58C5EFD672B7184854B152E5E, 9827B43DABBEC39AB2E2294408D9C5304EF27A684903C5234C6070387723D49E ] C:\Windows\System32\winsta.dll
09:36:04.0145 0x0aa8  C:\Windows\System32\winsta.dll - ok
09:36:04.0145 0x0aa8  [ C6505DE3561537BA1004D638C2F93F2F, 3E4FDF374B1A9E43A8F61FD2D79E0515390ECABFDAF72C4BD44A7B6429039AF6 ] C:\Windows\System32\netjoin.dll
09:36:04.0145 0x0aa8  C:\Windows\System32\netjoin.dll - ok
09:36:04.0161 0x0aa8  [ 50532FCD7ECF02DD169CE5C485F02534, 8EE5D9D0EA53DC72BCC300692E521ACADD56AB09BFA3E78149D8B5A90648512C ] C:\Windows\System32\negoexts.dll
09:36:04.0161 0x0aa8  C:\Windows\System32\negoexts.dll - ok
09:36:04.0161 0x0aa8  [ 44E1A196DFCB53B01FE4B855C3B56A15, EDC31276EC325B642D07EE79F6E9021CBB7F8AFC32F9A408C91844175BF6B6E2 ] C:\Windows\System32\kerberos.dll
09:36:04.0161 0x0aa8  C:\Windows\System32\kerberos.dll - ok
09:36:04.0161 0x0aa8  [ D0C2FBB6D97416B0166478FC7AE2B212, 7EAB6C37F0A845E645CA44CC060AC6C56E386C7EF7A64716C6786C9602AD8C9D ] C:\Windows\System32\cryptsp.dll
09:36:04.0161 0x0aa8  C:\Windows\System32\cryptsp.dll - ok
09:36:04.0177 0x0aa8  [ 9A9F9F1A77D6A80EE28B57664F00013E, 0D441638E086EF1342FCDC43E826BF9E9CC6B2E8AE100D89BFC70163F987DE91 ] C:\Windows\System32\mswsock.dll
09:36:04.0177 0x0aa8  C:\Windows\System32\mswsock.dll - ok
09:36:04.0177 0x0aa8  [ EF12B8385AA2849999008A977918F96B, ADEF9F5D2B0C2A30CB1B395C774E7FE75437135A09D3D4E6F97EE8656CE139B4 ] C:\Windows\System32\msv1_0.dll
09:36:04.0177 0x0aa8  C:\Windows\System32\msv1_0.dll - ok
09:36:04.0177 0x0aa8  [ EC7CBFF96B05ECF3D366355B3C64ADCF, F69ED45EBEDCA9CF000AC03281F0EC2C351F98513FBA90E63394E4E561D6C7A2 ] C:\Windows\System32\wship6.dll
09:36:04.0177 0x0aa8  C:\Windows\System32\wship6.dll - ok
09:36:04.0192 0x0aa8  [ AA339DD8BB128EF66660DFBBB59043D3, 76D9F849AFDDA38E04549EB67B4163478776F1B6EF46434168278F84FEB8FC5C ] C:\Windows\System32\netlogon.dll
09:36:04.0192 0x0aa8  C:\Windows\System32\netlogon.dll - ok
09:36:04.0192 0x0aa8  [ 492D07D79E7024CA310867B526D9636D, F2FE647AB85C6C3C1AA3DF4BCE6E4D42B9676C9D837E11388C235AE8DB20044F ] C:\Windows\System32\dnsapi.dll
09:36:04.0192 0x0aa8  C:\Windows\System32\dnsapi.dll - ok
09:36:04.0192 0x0aa8  [ 8FFE297B8449386E7B6851458B6E474E, E149B37E11091D69D926242517E5655596594A6F01FEF06EB65D6BA5B354E326 ] C:\Windows\System32\logoncli.dll
09:36:04.0192 0x0aa8  C:\Windows\System32\logoncli.dll - ok
09:36:04.0208 0x0aa8  [ 31FFED18C7B836CEC1B559347E32E151, 80BA8E74EC60BF50240D95FC526485FD6A18F2316A4C4E2804C451164676EDEE ] C:\Windows\System32\schannel.dll
09:36:04.0208 0x0aa8  C:\Windows\System32\schannel.dll - ok
09:36:04.0208 0x0aa8  [ 95FB6CA4374E343DDD653FCC43F9D26B, 911A240F9C1DD155C2B1CD85FE4A8044EB2816AF166CD8CB66EEB905CA352881 ] C:\Windows\System32\wdigest.dll
09:36:04.0208 0x0aa8  C:\Windows\System32\wdigest.dll - ok
09:36:04.0208 0x0aa8  [ 5D8874A8C11DDDDE29E12DE0E2013493, 3E9A57137BF622AF83E3E4D58971E2C0200559CCA7545D16CF263AA03EE9C7D2 ] C:\Windows\System32\rsaenh.dll
09:36:04.0208 0x0aa8  C:\Windows\System32\rsaenh.dll - ok
09:36:04.0223 0x0aa8  [ 8A25506B6948EFBD5A7F37E53CCD36D9, 2A20562ED33ABD1D15C7BE9F4F1E623E3604BCC0F7214D067CD8C3D16B9EC6A7 ] C:\Windows\System32\TSpkg.dll
09:36:04.0223 0x0aa8  C:\Windows\System32\TSpkg.dll - ok
09:36:04.0223 0x0aa8  [ E08088A97F95345E181C3DFCE2C615EF, DEF3B087DF5E10E4F8418029DB6E82546E62FEFA39694B7BD6A48CE8AAFD1B96 ] C:\Windows\System32\pku2u.dll
09:36:04.0223 0x0aa8  C:\Windows\System32\pku2u.dll - ok
09:36:04.0223 0x0aa8  [ D6C7780A364C6BBACFA796BAB9F1B374, 3B5ED1A030BFD0BB73D4FFCD67A6A0B8501EF70293F223EFAA12F430ADF270F9 ] C:\Windows\System32\bcryptprimitives.dll
09:36:04.0223 0x0aa8  C:\Windows\System32\bcryptprimitives.dll - ok
09:36:04.0239 0x0aa8  [ 90BDEFC5DF334E5100EAA781D798DE1A, F48B650D811B6D57D2252E326C0C9CC74534BE9D510E7D3403F91D1C5C36281E ] C:\Windows\System32\efslsaext.dll
09:36:04.0239 0x0aa8  C:\Windows\System32\efslsaext.dll - ok
09:36:04.0239 0x0aa8  [ 52D3D5E3586988D4D9E34ACAAC33105C, C61B60BA962B25B8334F0941C3535EA4ACA1CC060B8A196E396CA3E11CEEF8A1 ] C:\Windows\System32\credssp.dll
09:36:04.0239 0x0aa8  C:\Windows\System32\credssp.dll - ok
09:36:04.0239 0x0aa8  [ ED78427259134C63ED69804D2132B86C, F6F51B8B35881ABCA5580ED111AAC80E466E6474ABAE31EC8BE46C23EDCA77B2 ] C:\Windows\System32\scecli.dll
09:36:04.0239 0x0aa8  C:\Windows\System32\scecli.dll - ok
09:36:04.0255 0x0aa8  [ 7CC7DF5B654DA579613F811D8C637E29, 70EAC059C1ED814810C75DBB9F4D188428CB942FFD8869D692158D384EB6BB35 ] C:\Windows\System32\ubpm.dll
09:36:04.0255 0x0aa8  C:\Windows\System32\ubpm.dll - ok
09:36:04.0255 0x0aa8  [ C78655BC80301D76ED4FEF1C1EA40A7D, 93B2ED4004ED5F7F3039DD7ECBD22C7E4E24B6373B4D9EF8D6E45A179B13A5E8 ] C:\Windows\System32\svchost.exe
09:36:04.0255 0x0aa8  C:\Windows\System32\svchost.exe - ok
09:36:04.0255 0x0aa8  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] C:\Windows\System32\umpnpmgr.dll
09:36:04.0255 0x0aa8  C:\Windows\System32\umpnpmgr.dll - ok
09:36:04.0270 0x0aa8  [ CD1B5AD07E5F7FEF30E055DCC9E96180, 63C58551F32B0B09377F64A6AE1FA81AF93B8A707A57A8C18722086906AD3046 ] C:\Windows\System32\devrtl.dll
09:36:04.0270 0x0aa8  C:\Windows\System32\devrtl.dll - ok
09:36:04.0270 0x0aa8  [ E6EB44ABAAF1F330119F854856C53EBE, 77279972FFBFA984578DD4F17EB615F5D2D93590AF3A9FEFEFDB9128206C9887 ] C:\Windows\System32\SPInf.dll
09:36:04.0270 0x0aa8  C:\Windows\System32\SPInf.dll - ok
09:36:04.0270 0x0aa8  [ 7A17485DC7D8A7AC81321A42CD034519, 88D8705FA901793FC8C1CFD0175E49A6502BF0FC94A066BA573D2FD13AA5F04A ] C:\Windows\System32\userenv.dll
09:36:04.0270 0x0aa8  C:\Windows\System32\userenv.dll - ok
09:36:04.0270 0x0aa8  [ 9C9307C95671AC962F3D6EB3A4A89BAE, D1433791C9B8BCEEAD8937EC18D33E89E4E2012B5975228A8500FD141BC30078 ] C:\Windows\System32\gpapi.dll
09:36:04.0270 0x0aa8  C:\Windows\System32\gpapi.dll - ok
09:36:04.0286 0x0aa8  [ F6C011B46FAEEF33536B2E80F48B5CBE, BDD149D3D6F9F6C8F6F34C311219BE5618CEEFBC7D35E37473A47F1D5D015067 ] C:\Windows\System32\pcwum.dll
09:36:04.0286 0x0aa8  C:\Windows\System32\pcwum.dll - ok
09:36:04.0286 0x0aa8  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] C:\Windows\System32\umpo.dll
09:36:04.0286 0x0aa8  C:\Windows\System32\umpo.dll - ok
09:36:04.0301 0x0aa8  [ 716175021BDA290504CE434273F666BC, FA18CA2D8A5F4335E051E2933147D3C1E7308F7D446E2AEB6596CDEF6E2AFC88 ] C:\Windows\System32\powrprof.dll
09:36:04.0301 0x0aa8  C:\Windows\System32\powrprof.dll - ok
09:36:04.0301 0x0aa8  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] C:\Windows\System32\drivers\luafv.sys
09:36:04.0301 0x0aa8  C:\Windows\System32\drivers\luafv.sys - ok
09:36:04.0301 0x0aa8  [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] C:\Windows\System32\drivers\mbam.sys
09:36:04.0301 0x0aa8  C:\Windows\System32\drivers\mbam.sys - ok
09:36:04.0317 0x0aa8  [ 41B97DCE2B2D113B831EB197F02A7398, 3168C646327E5C72741A326C12AD46A73234DA6A67DC21F66FF1D195A971FBFE ] C:\Windows\System32\nvvsvc.exe
09:36:04.0317 0x0aa8  C:\Windows\System32\nvvsvc.exe - ok
09:36:04.0317 0x0aa8  [ BD3674BE7FC9D8D3732C83E8499576ED, E6716A5895D629263A4D21959F48840429AB6F4B55A5FA2663EE5E86C9CA2BF1 ] C:\Windows\System32\wtsapi32.dll
09:36:04.0317 0x0aa8  C:\Windows\System32\wtsapi32.dll - ok
09:36:04.0317 0x0aa8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] C:\Windows\System32\rpcss.dll
09:36:04.0317 0x0aa8  C:\Windows\System32\rpcss.dll - ok
09:36:04.0333 0x0aa8  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] C:\Windows\System32\RpcEpMap.dll
09:36:04.0333 0x0aa8  C:\Windows\System32\RpcEpMap.dll - ok
09:36:04.0333 0x0aa8  [ 31559F3244C6BC00A52030CAA83B6B91, B2025742B5F0025ACE9821D5722DE3F997EEEAB21D2F381C9E307882DF422579 ] C:\Windows\System32\WSHTCPIP.DLL
09:36:04.0333 0x0aa8  C:\Windows\System32\WSHTCPIP.DLL - ok
09:36:04.0333 0x0aa8  [ 16E964ABF6D1E0F0CC7822FCA9BA754D, 0E461387ACFD641DA22EE542A3C68AF5F7D3A7F967D974E3B198143D461ABE39 ] C:\Windows\System32\wshqos.dll
09:36:04.0333 0x0aa8  C:\Windows\System32\wshqos.dll - ok
09:36:04.0348 0x0aa8  [ 89F2AEDC2788696702141AB82C3E7866, E166CBD8D3C708737C37172221945D8E56C25C2CC750889C3CE14AA2DE750F33 ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
09:36:04.0348 0x0aa8  C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
09:36:04.0348 0x0aa8  [ 715F03B4C7223349768013EA95D9E5B7, 09AB0535A54C2E2962F0FD06988D99060F8CECA39B07AC00A63204C773B95893 ] C:\Windows\System32\LogonUI.exe
09:36:04.0348 0x0aa8  C:\Windows\System32\LogonUI.exe - ok
09:36:04.0348 0x0aa8  [ 92A0FCE28889EE68552C0D9132096639, 796C1224CA13AD21BD317C6B001125D9759BE6776CBB00D9DB1D6D3D2997EF73 ] C:\Program Files\Microsoft Security Client\MpSvc.dll
09:36:04.0348 0x0aa8  C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
09:36:04.0364 0x0aa8  [ F50B9765F2F4B4506F5EF86B888B4350, DBD78B89C51B10DD4F330CBB083FBB9CA63F23E8B5FC7EFD68945645969B58E2 ] C:\Program Files\Microsoft Security Client\MpClient.dll
09:36:04.0364 0x0aa8  C:\Program Files\Microsoft Security Client\MpClient.dll - ok
09:36:04.0364 0x0aa8  [ 9AD9E06F8656F296D91FAE8EE5B95A27, 53384747D5864D699BCC4F48E0A5E656430EDAA65DCDAB4B11EA68FC7106459E ] C:\Windows\System32\FirewallAPI.dll
09:36:04.0364 0x0aa8  C:\Windows\System32\FirewallAPI.dll - ok
09:36:04.0364 0x0aa8  [ 94E026870A55AAEAFF7853C1754091E9, B2F5D5629D12BDFA98DBED3898368F37D9009C7531B6909C7285A2C11C9A0F93 ] C:\Windows\System32\version.dll
09:36:04.0364 0x0aa8  C:\Windows\System32\version.dll - ok
09:36:04.0379 0x0aa8  [ 3EF480BFED1B5947A32585E30A58D4ED, 798FECC095721EFB1C2B1DF3438DDABEEEA668EA00CB702164F2A0A0C30F1726 ] C:\Windows\System32\authui.dll
09:36:04.0379 0x0aa8  C:\Windows\System32\authui.dll - ok
09:36:04.0379 0x0aa8  [ B3BFBD758506ECB50C5804AAA76318F9, 34E079A6AB2D41D1E0B3887B6AE31C43941061B7176FFF2801C3F465C2C89578 ] C:\Windows\System32\cryptui.dll
09:36:04.0379 0x0aa8  C:\Windows\System32\cryptui.dll - ok
09:36:04.0379 0x0aa8  [ 7FA8FDC2C2A27817FD0F624E78D3B50C, 7B63F6AA2CD6D4D07EA3C595B868B1A0749BB11620027A2BD9B935E3055481E4 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
09:36:04.0379 0x0aa8  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
09:36:04.0395 0x0aa8  [ 5B3EBFC3DA142324B388DDCC4465E1FF, 5D58642305311F9BC9B779C9598BFC4E7433B3EA58404BF1FF9466838A2328C7 ] C:\Windows\System32\samlib.dll
09:36:04.0395 0x0aa8  C:\Windows\System32\samlib.dll - ok
09:36:04.0395 0x0aa8  [ 4E9C2DB10F7E6AE91BF761139D4B745B, 8F63F78294F5585D599A114AF449DCC447CCB239D0F0B490BFE6B34A2146E730 ] C:\Windows\System32\shacct.dll
09:36:04.0395 0x0aa8  C:\Windows\System32\shacct.dll - ok
09:36:04.0395 0x0aa8  [ 1F4492FE41767CDB8B89D17655847CDD, 184547FAC0C3D7148FAA3F601929A7089DE393BD19929A137DAD743331DD3F77 ] C:\Windows\System32\ntmarta.dll
09:36:04.0395 0x0aa8  C:\Windows\System32\ntmarta.dll - ok
09:36:04.0411 0x0aa8  [ F06BB4E336EA57511FDBAFAFCC47DE62, BE43EC62548E9FF89A9495A1722E22DBB76EEC3764F86E64057B636F27D15765 ] C:\Windows\System32\propsys.dll
09:36:04.0411 0x0aa8  C:\Windows\System32\propsys.dll - ok
09:36:04.0411 0x0aa8  [ D29E998E8277666982B4F0303BF4E7AF, 4F19AB5DC173E278EBE45832F6CEAA40E2DF6A2EDDC81B2828122442FE5D376C ] C:\Windows\System32\uxtheme.dll
09:36:04.0411 0x0aa8  C:\Windows\System32\uxtheme.dll - ok
09:36:04.0411 0x0aa8  [ 18CAAF21CBA3EAEE17BBA5D3807F29B8, 59C4FE015CCBE922F7AB3838D7F34CACC08DD437B2BAD62926BF4A9C416F7C19 ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_2b25b14c71ebf230\GdiPlus.dll
09:36:04.0411 0x0aa8  C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_2b25b14c71ebf230\GdiPlus.dll - ok
09:36:04.0426 0x0aa8  [ 3CB6A7286422C72C34DAB54A5DFF1A34, 98D21EFFF511E407336A226420701E82554DA01FA05661303836B6860D63749D ] C:\Windows\System32\dui70.dll
09:36:04.0426 0x0aa8  C:\Windows\System32\dui70.dll - ok
09:36:04.0426 0x0aa8  [ 8CCDE014A4CDF84564E03ACE064CA753, DD663029B2EB7B12FDB00FCE403D8326141E540E3B9CE84CD5871473D3E2E2CF ] C:\Windows\System32\duser.dll
09:36:04.0426 0x0aa8  C:\Windows\System32\duser.dll - ok
09:36:04.0426 0x0aa8  [ D7F1EF374A90709B31591823B002F918, 05FD2837C9B03D14BB2A969C1AD77CAEF047D93DC5D0F6C2ACBF0888E8F7B359 ] C:\Windows\System32\SndVolSSO.dll
09:36:04.0426 0x0aa8  C:\Windows\System32\SndVolSSO.dll - ok
09:36:04.0442 0x0aa8  [ 896F15A6434D93EDB42519D5E18E6B50, 9263F0CEC58D45EBE3FB9C3061FB9392C55A7933B84B4592E6EE13CFC86D5A50 ] C:\Windows\System32\hid.dll
09:36:04.0442 0x0aa8  C:\Windows\System32\hid.dll - ok
09:36:04.0442 0x0aa8  [ 227E2C382A1E02F8D4965E664D3BBE43, 1CFF20A8BF87ACE4FA4935EBEED72BFB1A1FE902A754899E2F50798D67DF5642 ] C:\Windows\System32\MMDevAPI.dll
09:36:04.0442 0x0aa8  C:\Windows\System32\MMDevAPI.dll - ok
09:36:04.0442 0x0aa8  [ DA1B7075260F3872585BFCDD668C648B, 3E10EF6E1A5C341B478322CB78A0AB7BFC70AD8023779B8B4542A7CB4CA756AB ] C:\Windows\System32\dwmapi.dll
09:36:04.0442 0x0aa8  C:\Windows\System32\dwmapi.dll - ok
09:36:04.0457 0x0aa8  [ 6F8B48F3D343E4B186AB6A9E302B7E16, 54DB52FC56509E61DF68BD251B3286E6CBE1A91D9BC4D950940A61FE2DA04DF8 ] C:\Windows\System32\xmllite.dll
09:36:04.0457 0x0aa8  C:\Windows\System32\xmllite.dll - ok
09:36:04.0457 0x0aa8  [ BDDF242A49E7B7DC5CCEC291BCE53ACB, D31B46678556369DC0866C7D184E83DE3F1D45442323C70460A4BE4D617E5674 ] C:\Windows\System32\WindowsCodecs.dll
09:36:04.0457 0x0aa8  C:\Windows\System32\WindowsCodecs.dll - ok
09:36:04.0457 0x0aa8  [ C2762A57DF0EE85E63CE4893C5215313, DDE22212D78353633CEDE27D7210469DE674563991105563CF64CCCE2D0743BD ] C:\Windows\System32\VaultCredProvider.dll
09:36:04.0457 0x0aa8  C:\Windows\System32\VaultCredProvider.dll - ok
09:36:04.0473 0x0aa8  [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D, 19959D18601712901F03B83150D15E34EBCAB355BB4692C9A28511A72F57FC66 ] C:\Windows\System32\winbrand.dll
09:36:04.0473 0x0aa8  C:\Windows\System32\winbrand.dll - ok
09:36:04.0473 0x0aa8  [ CA2985996BB49924B677113DF95CFEA7, 91F63863B1B597AE421CD2C3D8A3E00578B17876E5F5B828D25C2C9B349ECCCD ] C:\Windows\System32\SmartcardCredentialProvider.dll
09:36:04.0473 0x0aa8  C:\Windows\System32\SmartcardCredentialProvider.dll - ok
09:36:04.0473 0x0aa8  [ BF352E73615F5461AA6884472435A544, 4B059E79325C5F08CD6FBBE6352E17ADB64B9608CC9EDB36A2DF4D148060C309 ] C:\Windows\System32\BioCredProv.dll
09:36:04.0473 0x0aa8  C:\Windows\System32\BioCredProv.dll - ok
09:36:04.0489 0x0aa8  [ 796B8123A7859AFD3A4AE10514DBAEB5, E76F69FAFEC3D66263ED95F3FA9EE309BDDACB287E30583A147DC97F6EEB8844 ] C:\Windows\System32\winbio.dll
09:36:04.0489 0x0aa8  C:\Windows\System32\winbio.dll - ok
09:36:04.0489 0x0aa8  [ CC0AB40F02D2C2A12209715A3C1B07B8, 90EB303A4E151340DB382248361FEFC5346C31394791DF83663086C8219C2B20 ] C:\Windows\System32\credui.dll
09:36:04.0489 0x0aa8  C:\Windows\System32\credui.dll - ok
09:36:04.0489 0x0aa8  [ 44B9C66177651F3F53C87B665D58D17A, 3FC426115FF87570889DB28D71970B82B525D2A4B9A00EDD273BF083B77A05CE ] C:\Windows\System32\vaultcli.dll
09:36:04.0489 0x0aa8  C:\Windows\System32\vaultcli.dll - ok
09:36:04.0504 0x0aa8  [ EEEA40F0EDB0A6E5359E539E15D0BC77, BFCBF777239C29C6AC4BC5B59591308571647B7C7FDB5571903F7403DD241E8E ] C:\Windows\System32\netapi32.dll
09:36:04.0504 0x0aa8  C:\Windows\System32\netapi32.dll - ok
09:36:04.0504 0x0aa8  [ 6CECA4C6A489C9B2E6073AFDAAE3F607, 127506D1DB38275614CBEB047C133718EF9D03266BA9C98BE55EC7847CFC9C3D ] C:\Windows\System32\netutils.dll
09:36:04.0504 0x0aa8  C:\Windows\System32\netutils.dll - ok
09:36:04.0504 0x0aa8  [ 3C91392D448F6E5D525A85B7550D8BA9, 6FD0DC73DBE7519E2C643554C2A7F8FBE4F9A678C4241BB54B3C6E65D2ABCF3A ] C:\Windows\System32\wkscli.dll
09:36:04.0504 0x0aa8  C:\Windows\System32\wkscli.dll - ok
09:36:04.0520 0x0aa8  [ 972C3301DB3DA91AE06A95F6B4160B1B, 678B533A06C306295FE97DC26CE9BAFFC8EAF1FB7405ACB040719099717744D5 ] C:\Windows\System32\certCredProvider.dll
09:36:04.0520 0x0aa8  C:\Windows\System32\certCredProvider.dll - ok
09:36:04.0520 0x0aa8  [ FC51229C7D4AFA0D6F186133728B95AB, 37E58C8E1C8437D1981725A5DCDACA7316CEFBB570370CEFC8D122F523B96AC0 ] C:\Windows\System32\samcli.dll
09:36:04.0520 0x0aa8  C:\Windows\System32\samcli.dll - ok
09:36:04.0520 0x0aa8  [ 87FA0C48C3B2E9FEE518818FE26B15B5, DA4042DE9897397AEDCEFF9F69746726237305DDE64464309B6DCC45E05E42F4 ] C:\Windows\System32\rasplap.dll
09:36:04.0520 0x0aa8  C:\Windows\System32\rasplap.dll - ok
09:36:04.0535 0x0aa8  [ 019CD868461B646E09BDF04474C19341, 01837EFACB02E52BC6E90C90C4CB01B11D56E449A37EA4FC2695507FF85EA9FE ] C:\Windows\System32\rasapi32.dll
09:36:04.0535 0x0aa8  C:\Windows\System32\rasapi32.dll - ok
09:36:04.0535 0x0aa8  [ B28DEEC597C8DEB70C744C7CF9210E3E, E777F192D822990CA6301B3FEA2AEA213FA7901438EB3328914ADF02B6C39DB9 ] C:\Windows\System32\rasman.dll
09:36:04.0535 0x0aa8  C:\Windows\System32\rasman.dll - ok
09:36:04.0535 0x0aa8  [ B53C4B69B695EDA1B7E41D35CA4244E2, 3D98E9B263CADA576E4057E059AFC867F6E3F1001F3B73C8BCF9066763A45D9D ] C:\Windows\System32\rtutils.dll
09:36:04.0535 0x0aa8  C:\Windows\System32\rtutils.dll - ok
09:36:04.0551 0x0aa8  [ 84B9BEE43277716291F9079E1CB03FF1, 44C3FC4F37BE0578DF62CA97C04C5A7E48A24628C02AFFE02FB956AFC1F4AB43 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
09:36:04.0551 0x0aa8  C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
09:36:04.0551 0x0aa8  [ 6011714C8C5C55CBFFAD24D61E879FBD, 75D615082A1C71C6ED3ABB49EDAF660EE538D112CF79B9C8AF0A583D1CE1BBB0 ] C:\Windows\System32\wevtsvc.dll
09:36:04.0551 0x0aa8  C:\Windows\System32\wevtsvc.dll - ok
09:36:04.0551 0x0aa8  [ 801F3E903818B49BA55D925211FB9584, FDFEFED29EF2B909AE998B1D2BD6DEBED9A035C8BDA78A4B8F4BFB8C0EEAAB68 ] C:\Program Files\Microsoft Security Client\MpCommu.dll
09:36:04.0551 0x0aa8  C:\Program Files\Microsoft Security Client\MpCommu.dll - ok
09:36:04.0567 0x0aa8  [ 58F4493BF748A3A89689997B7BD00E95, EC5DEEC73E357C7C87B001275C4E635011A9CF39419F2B86E2C2B8D7E388C551 ] C:\Windows\System32\winhttp.dll
09:36:04.0567 0x0aa8  C:\Windows\System32\winhttp.dll - ok
09:36:04.0567 0x0aa8  [ 603EBD34E216C5654A2D774EAC98D278, ACE0171BB780DB2C1B1A8BF6FA8CF51C529D7E09141FA504C7199AF764FD9A36 ] C:\Windows\System32\webio.dll
09:36:04.0567 0x0aa8  C:\Windows\System32\webio.dll - ok
09:36:04.0567 0x0aa8  [ DE4BCD4F7BEA7E654812049B86B87837, 972CD913A072943AAFD20C81B05220854F4B2868ABFA927D3D903F0329737433 ] C:\Program Files\Microsoft Security Client\MpRTP.dll
09:36:04.0567 0x0aa8  C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
09:36:04.0582 0x0aa8  [ 8CBEA4AABFA48C69832B299E23607029, D8ACD3DE8E86D79A9DDF4BF3492C8F8D85B7F141C77516BBB3BE4BC035F4FCA4 ] C:\Program Files\Microsoft Security Client\MsMpLics.dll
09:36:04.0582 0x0aa8  C:\Program Files\Microsoft Security Client\MsMpLics.dll - ok
09:36:04.0582 0x0aa8  [ 9EB89625A82AC961F25E7C865947BF9A, 91DB9530CDE883DC60BE621AC4210ACD069631D9466E37411D9D6AEE587098D9 ] C:\Windows\System32\drivers\MpFilter.sys
09:36:04.0582 0x0aa8  C:\Windows\System32\drivers\MpFilter.sys - ok
09:36:04.0582 0x0aa8  [ F3D202F53A222D5F6944D459B73CF967, E9F1D48EB333D32331BCFD0348FE07BEE7D5352292E6020571DA395F596AFFE7 ] C:\Windows\System32\fltLib.dll
09:36:04.0582 0x0aa8  C:\Windows\System32\fltLib.dll - ok
09:36:04.0598 0x0aa8  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] C:\Windows\System32\audiosrv.dll
09:36:04.0598 0x0aa8  C:\Windows\System32\audiosrv.dll - ok
09:36:04.0598 0x0aa8  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] C:\Windows\System32\profsvc.dll
09:36:04.0598 0x0aa8  C:\Windows\System32\profsvc.dll - ok
09:36:04.0598 0x0aa8  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] C:\Windows\System32\FntCache.dll
09:36:04.0598 0x0aa8  C:\Windows\System32\FntCache.dll - ok
09:36:04.0613 0x0aa8  [ 78A1E65207484B7F8D3217507745F47C, 35F413ADB9D157F3666DD15DD58104D629CD9143198A1AB914B73A4A3C9903DD ] C:\Windows\System32\avrt.dll
09:36:04.0613 0x0aa8  C:\Windows\System32\avrt.dll - ok
09:36:04.0613 0x0aa8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] C:\Windows\System32\mmcss.dll
09:36:04.0613 0x0aa8  C:\Windows\System32\mmcss.dll - ok
09:36:04.0613 0x0aa8  [ 159116B914ADA81E2C071E00C9183DED, CCFEEC40FB6602BB9256C8CAB051589BD298CC8CD8100CD052E75D156DBB96C5 ] C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll
09:36:04.0613 0x0aa8  C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll - ok
09:36:04.0629 0x0aa8  [ 588CD0C78A7FAAE4186B5EEA0AF3ED67, E957E4463D318A44BA5109EE3428624DE901C5FF2BA358986DF6C6F059DDBCC2 ] C:\Windows\System32\adtschema.dll
09:36:04.0629 0x0aa8  C:\Windows\System32\adtschema.dll - ok
09:36:04.0629 0x0aa8  [ 023A9AB1DB18386DC65728F66DA99A04, FEF2437AC3600ECB4427255F5FCDB7FA7455F7D08A19FFFE0DF245E415CABEF0 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1CED01D0-4851-4469-8F04-18C4D9A24829}\mpengine.dll
09:36:04.0629 0x0aa8  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1CED01D0-4851-4469-8F04-18C4D9A24829}\mpengine.dll - ok
09:36:04.0629 0x0aa8  [ 50544D04AD845C43130B70212EC05CCD, B2E6B558DE7D273512226685FF53ED17C9B4BF81B739FBCA5D3FC82DF8D2BCF7 ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
09:36:04.0629 0x0aa8  C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
09:36:04.0645 0x0aa8  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] C:\Windows\System32\drivers\fltMgr.sys
09:36:04.0645 0x0aa8  C:\Windows\System32\drivers\fltMgr.sys - ok
09:36:04.0645 0x0aa8  [ D5CCA1453B98A5801E6D5FF0FF89DC6C, 85F2C2480AAC31B6092187B431A562D79D4CFB1324F925C85055ABAB2483264B ] C:\Windows\System32\audiodg.exe
09:36:04.0645 0x0aa8  C:\Windows\System32\audiodg.exe - ok
09:36:04.0645 0x0aa8  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] C:\Windows\System32\netprofm.dll
09:36:04.0645 0x0aa8  C:\Windows\System32\netprofm.dll - ok
09:36:04.0660 0x0aa8  [ 58775492FFD419248B08325E583C527F, DBB013971F5894F25C222C2D4D50A29DB6DF3C413792EE9CCC1A9E6D85469093 ] C:\Windows\System32\atl.dll
09:36:04.0660 0x0aa8  C:\Windows\System32\atl.dll - ok
09:36:04.0660 0x0aa8  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] C:\Windows\System32\cscsvc.dll
09:36:04.0660 0x0aa8  C:\Windows\System32\cscsvc.dll - ok
09:36:04.0660 0x0aa8  [ A3DB3C17EE6CAE65D53602B4E80BCCBC, D802A7C6161F937DC42A6E45FE1BB2C8272819F92C294C180EBCDF8FF72CBFDC ] C:\Windows\System32\PSHED.DLL
09:36:04.0660 0x0aa8  C:\Windows\System32\PSHED.DLL - ok
09:36:04.0676 0x0aa8  [ EF2AE43BCD46ABB13FC3E5B2B1935C73, 81FC06F306F620845D7DD8D06E706309E70BC89B589C81F3478302A3F5F73431 ] C:\Windows\System32\winmm.dll
09:36:04.0676 0x0aa8  C:\Windows\System32\winmm.dll - ok
09:36:04.0676 0x0aa8  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] C:\Windows\System32\gpsvc.dll
09:36:04.0676 0x0aa8  C:\Windows\System32\gpsvc.dll - ok
09:36:04.0676 0x0aa8  [ 1473768973453DE50DC738C2955FC4DD, 14BC5DA2442CB726ACC1F277DDBECCF5D61E3A0A3E083A55A0BB610191E35220 ] C:\Windows\System32\wdmaud.drv
09:36:04.0676 0x0aa8  C:\Windows\System32\wdmaud.drv - ok
09:36:04.0691 0x0aa8  [ B0945E538CF906BBDDC5A11C8EE868CC, 5F3459F6512918835F7C9400905EC7C1FAEAA7114E0D28C522040C359E3B93F7 ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
09:36:04.0691 0x0aa8  C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
09:36:04.0691 0x0aa8  [ DC220AE6F64819099F7EBD6F137E32E7, B8FE13B859FA83500DD95637FA6D4A5B8392C2A363E41D014D3B5374F636E1DE ] C:\Windows\System32\AudioSes.dll
09:36:04.0691 0x0aa8  C:\Windows\System32\AudioSes.dll - ok
09:36:04.0691 0x0aa8  [ 8560FFFC8EB3A806DCD4F82252CFC8C6, CC27BC092369A89D6147B16568FEDEB68B584D5738CD686C31F7FAE22ED17B3B ] C:\Windows\System32\ksuser.dll
09:36:04.0691 0x0aa8  C:\Windows\System32\ksuser.dll - ok
09:36:04.0707 0x0aa8  [ 10AC5CE9F78DC281A1BBD9B8CC587B8A, 72288C0A88916D3C3828DBD948DBDB0928F26106319F8E60102D6C9004514D60 ] C:\Windows\System32\msacm32.dll
09:36:04.0707 0x0aa8  C:\Windows\System32\msacm32.dll - ok
09:36:04.0707 0x0aa8  [ 1B7C3A37362C7B2890168C5FC61C8D9B, 03727930E5BB5F9D91BAB901FC9A2E3B795D68E2AEE6A2CC3477F356C45A9C54 ] C:\Windows\System32\msacm32.drv
09:36:04.0707 0x0aa8  C:\Windows\System32\msacm32.drv - ok
09:36:04.0707 0x0aa8  [ 2DF36F15B2BC1571A6A542A3C2107920, A918F1EE95269DF973421AF2F5713DEEAF15EF0F77BAA7E8C515FFB69896FB7A ] C:\Windows\System32\nlaapi.dll
09:36:04.0707 0x0aa8  C:\Windows\System32\nlaapi.dll - ok
09:36:04.0723 0x0aa8  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] C:\Windows\System32\themeservice.dll
09:36:04.0723 0x0aa8  C:\Windows\System32\themeservice.dll - ok
09:36:04.0723 0x0aa8  [ A77BE7CB3222B4FB0AC6C71D1C2698D4, 73566223914BF670DF6B5931FA213E546713531B10391ED65B5256BBD7ABDE7F ] C:\Windows\System32\dsrole.dll
09:36:04.0723 0x0aa8  C:\Windows\System32\dsrole.dll - ok
09:36:04.0723 0x0aa8  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] C:\Windows\System32\es.dll
09:36:04.0723 0x0aa8  C:\Windows\System32\es.dll - ok
09:36:04.0738 0x0aa8  [ CA2A0750ED830678997695FF61B04C30, E84860CD97AA3C4565ABB2D5D406A5C42B1AD2D8BA1B8CF81FE564D91F15F976 ] C:\Windows\System32\midimap.dll
09:36:04.0738 0x0aa8  C:\Windows\System32\midimap.dll - ok
09:36:04.0738 0x0aa8  [ 29910D50542B1AA0F162EF3339C61B6D, 018F0922384A5757390652865BB2DF876E9DA08B0858BC619B41D2CD14533ED4 ] C:\Windows\System32\PeerDist.dll
09:36:04.0738 0x0aa8  C:\Windows\System32\PeerDist.dll - ok
09:36:04.0738 0x0aa8  [ BE097F5BB10F9079FCEB2DC4E7E20F02, 90A88986C8C5F30FB153EC803FEDA6572B2C2630A6C9578FCC017800692694D5 ] C:\Windows\System32\slc.dll
09:36:04.0738 0x0aa8  C:\Windows\System32\slc.dll - ok
09:36:04.0754 0x0aa8  [ 5EDBB34736DD7AC1A73CF8792A835E10, 15E87C449AAF2095273341DD9355D8DF2690340D1DEFAF0DFF034F1CDF4316F8 ] C:\Windows\System32\AudioEng.dll
09:36:04.0754 0x0aa8  C:\Windows\System32\AudioEng.dll - ok
09:36:04.0754 0x0aa8  [ BAAFAF9CEAEC0B73C2A3550A01F6CECB, 018CB95A43CEA2063EA24691C71D51EF60D522C21502ABA8AD93876363D4B857 ] C:\Windows\System32\taskschd.dll
09:36:04.0754 0x0aa8  C:\Windows\System32\taskschd.dll - ok
09:36:04.0754 0x0aa8  [ C1395286B822E306B4FE1568A8A77813, 0642B6C793BE0EED5E7D1D2533FC5A01417C50040FC60A8E89BD97CE4A119388 ] C:\Windows\System32\AUDIOKSE.dll
09:36:04.0754 0x0aa8  C:\Windows\System32\AUDIOKSE.dll - ok
09:36:04.0769 0x0aa8  [ 1A47D52E303B7543E4E6026595B95422, C577CD3837546A7CED5D2E8E97FA2EDACA133B4A8595770EF96CAE519BFE280F ] C:\Windows\System32\comres.dll
09:36:04.0769 0x0aa8  C:\Windows\System32\comres.dll - ok
09:36:04.0769 0x0aa8  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] C:\Windows\System32\Sens.dll
09:36:04.0769 0x0aa8  C:\Windows\System32\Sens.dll - ok
09:36:04.0769 0x0aa8  [ 6F3C559B82F2912354BE5B098744CC8C, EB64E5C02C81588921A65194E1256E80699A1317E7D9A57395CD38C2639C8B08 ] C:\Windows\System32\WMALFXGFXDSP.dll
09:36:04.0769 0x0aa8  C:\Windows\System32\WMALFXGFXDSP.dll - ok
09:36:04.0785 0x0aa8  [ 862596399AAFD2A21DB2AF9270CD4F70, 24CAA19EE791FB3440CE742C9064FCE0CB755EF0789D3CE62058A2CFEF0FF6D2 ] C:\Windows\System32\mstask.dll
09:36:04.0785 0x0aa8  C:\Windows\System32\mstask.dll - ok
09:36:04.0785 0x0aa8  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] C:\Windows\System32\drivers\lltdio.sys
09:36:04.0785 0x0aa8  C:\Windows\System32\drivers\lltdio.sys - ok
09:36:04.0785 0x0aa8  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] C:\Windows\System32\drivers\rspndr.sys
09:36:04.0785 0x0aa8  C:\Windows\System32\drivers\rspndr.sys - ok
09:36:04.0801 0x0aa8  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] C:\Windows\System32\uxsms.dll
09:36:04.0801 0x0aa8  C:\Windows\System32\uxsms.dll - ok
09:36:04.0801 0x0aa8  [ 9BC8610C32C96A2983A65DC21CAFA921, 2A4195F663C9D55939E3D8FEAA208090FDB0B8801A60164A7325B53104797CBC ] C:\Windows\System32\UXInit.dll
09:36:04.0801 0x0aa8  C:\Windows\System32\UXInit.dll - ok
09:36:04.0801 0x0aa8  [ 2B81776DA02017A37FE26C662827470E, A656353C50EE08422145D00DB9CFD9F6D3E664753B3C454B171E2A56A8AA94DC ] C:\Windows\System32\IPHLPAPI.DLL
09:36:04.0801 0x0aa8  C:\Windows\System32\IPHLPAPI.DLL - ok
09:36:04.0816 0x0aa8  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] C:\Windows\System32\lmhsvc.dll
09:36:04.0816 0x0aa8  C:\Windows\System32\lmhsvc.dll - ok
09:36:04.0816 0x0aa8  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] C:\Windows\System32\nsisvc.dll
09:36:04.0816 0x0aa8  C:\Windows\System32\nsisvc.dll - ok
09:36:04.0816 0x0aa8  [ 54B5DCD55B223BC5DF50B82E1E9E86B1, 025294DD69A421FE4EACAA463F8CB797610D8F3A7A3C61656AE83D0CEE07A9BF ] C:\Windows\System32\mfplat.dll
09:36:04.0816 0x0aa8  C:\Windows\System32\mfplat.dll - ok
09:36:04.0832 0x0aa8  [ B73A6E4B319AFFE64582AC5C1801BB3F, 274EEA0743DC659180E691654CBB17136E9E9D83B07E302B47EA5B103EA57710 ] C:\Windows\System32\nrpsrv.dll
09:36:04.0832 0x0aa8  C:\Windows\System32\nrpsrv.dll - ok
09:36:04.0832 0x0aa8  [ 4C9210E8F4E052F6A4EB87716DA0C24C, 460F7990BDADB7D58D6DC95B094D30A2EFDC4CEED444B18A2F36E8D9076FB8B9 ] C:\Windows\System32\winnsi.dll
09:36:04.0832 0x0aa8  C:\Windows\System32\winnsi.dll - ok
09:36:04.0832 0x0aa8  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] C:\Windows\System32\dhcpcore.dll
09:36:04.0832 0x0aa8  C:\Windows\System32\dhcpcore.dll - ok
09:36:04.0847 0x0aa8  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] C:\Windows\System32\dnsrslvr.dll
09:36:04.0847 0x0aa8  C:\Windows\System32\dnsrslvr.dll - ok
09:36:04.0847 0x0aa8  [ D07EB640618F96490DB88C3CE58DB608, 0C553971259632031E6856A94EEB937D571627FC7CF061CCFC040F4BF0CFF259 ] C:\Windows\System32\FWPUCLNT.DLL
09:36:04.0847 0x0aa8  C:\Windows\System32\FWPUCLNT.DLL - ok
09:36:04.0847 0x0aa8  [ 71C7B65B6557B75B99907E76956AE4B8, 38AD0E96D6AD36C0643761D5F5DB7A2802E059008C0984ABF61F4D8703DE4B3B ] C:\Windows\System32\dhcpcore6.dll
09:36:04.0847 0x0aa8  C:\Windows\System32\dhcpcore6.dll - ok
09:36:04.0863 0x0aa8  [ 885D0942E0F28DB90919BE3129ECF279, 5A10D90EE656ECE3DCA174D6F924641509819FC20CB6EF46B5E1723E52DE85BE ] C:\Windows\System32\dnsext.dll
09:36:04.0863 0x0aa8  C:\Windows\System32\dnsext.dll - ok
09:36:04.0863 0x0aa8  [ 4CBCC37856EA2039C27A2FB661DDA0E5, 74CBFAB3092A9564BDDFCB84DB3E3F8BCFD1492938ADF187423D3355D73D21C6 ] C:\Windows\System32\dhcpcsvc6.dll
09:36:04.0863 0x0aa8  C:\Windows\System32\dhcpcsvc6.dll - ok
09:36:04.0863 0x0aa8  [ 5AA945234E9D4CCE4F715276B9AA712C, 65165BD131056816F009D987FC78AC86FFE0C3C38A27E73F873586B7FF4D59CF ] C:\Windows\System32\imageres.dll
09:36:04.0863 0x0aa8  C:\Windows\System32\imageres.dll - ok
09:36:04.0879 0x0aa8  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] C:\Windows\System32\shsvcs.dll
09:36:04.0879 0x0aa8  C:\Windows\System32\shsvcs.dll - ok
09:36:04.0879 0x0aa8  [ F568F7C08458D69E4FCD8675BBB107E4, A5FA25ECF248999A68CCECFBB508BFA1ADD18A23E20A9A9081A87C41CAAA36C0 ] C:\Windows\System32\dhcpcsvc.dll
09:36:04.0879 0x0aa8  C:\Windows\System32\dhcpcsvc.dll - ok
09:36:04.0879 0x0aa8  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] C:\Windows\System32\schedsvc.dll
09:36:04.0879 0x0aa8  C:\Windows\System32\schedsvc.dll - ok
09:36:04.0894 0x0aa8  [ BC414631876B2F28B8DAB08E849C12C5, 5973654AA3E90E6B699B0A43F645B893D95BAA803129B6967D746C8239AB26E3 ] C:\Windows\System32\ktmw32.dll
09:36:04.0894 0x0aa8  C:\Windows\System32\ktmw32.dll - ok
09:36:04.0894 0x0aa8  [ 945E54F23C72D37B8CD1987AF0DB63BF, C2B217C94DBCA0A31ED834B9D492B53B25B235DDD02B1D1200E76609D32772EA ] C:\Windows\System32\fveapi.dll
09:36:04.0894 0x0aa8  C:\Windows\System32\fveapi.dll - ok
09:36:04.0894 0x0aa8  [ 694865362F0965779F92BCFE97712323, 825EB75E37AFE9B738869FB5D95020D4F44AD419C2F6C5A658F82A5242FDEF6C ] C:\Windows\System32\tbs.dll
09:36:04.0894 0x0aa8  C:\Windows\System32\tbs.dll - ok
09:36:04.0910 0x0aa8  [ 891ECFD08E2C538B7948CBC45106D697, 628D0D618FF3A70E9FBE3B2C7206C9365ED2297784A5F10FFA05BD2C56657013 ] C:\Windows\System32\fvecerts.dll
09:36:04.0910 0x0aa8  C:\Windows\System32\fvecerts.dll - ok
09:36:04.0910 0x0aa8  [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7, 4BC5A1279885EEFBEB27333AF719622A5FCDD9606697692C1978E434CE264D80 ] C:\Windows\System32\taskcomp.dll
09:36:04.0910 0x0aa8  C:\Windows\System32\taskcomp.dll - ok
09:36:04.0910 0x0aa8  [ 8269210DAF3B12BC8300631B28A2A442, EABEB792C2EA8D4A1A7B13281CF557C194D5667AE0BA2A2D5664908D8269113D ] C:\Windows\System32\wiarpc.dll
09:36:04.0910 0x0aa8  C:\Windows\System32\wiarpc.dll - ok
09:36:04.0925 0x0aa8  [ B0193804FA7DC1EAC86F9E81F9928EE4, 79B4E517F26C8F7A83970EA53929EAE3B2F6413D1DD9AA7FD23040D841F30E6F ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1CED01D0-4851-4469-8F04-18C4D9A24829}\mpasbase.vdm
09:36:04.0925 0x0aa8  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1CED01D0-4851-4469-8F04-18C4D9A24829}\mpasbase.vdm - ok
09:36:04.0925 0x0aa8  [ CE3BFCD5415DCEC2C8D5B2023F809431, 88C0B1DEEEF89EDB1B147D5DE5A3A0A3984BA8CF2EC14797EB6A2B163E591F24 ] C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
09:36:04.0925 0x0aa8  C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe - ok
09:36:04.0925 0x0aa8  [ 86847EF9FAE8D8BD810EF2A815D29EA9, CDB1667525E23EC63CA0F87B7147A12D57ACA5BD20A6814F8AE8E8B326405D67 ] C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll
09:36:04.0925 0x0aa8  C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll - ok
09:36:04.0941 0x0aa8  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] C:\Windows\System32\drivers\http.sys
09:36:04.0941 0x0aa8  C:\Windows\System32\drivers\http.sys - ok
09:36:04.0941 0x0aa8  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] C:\Windows\System32\spoolsv.exe
09:36:04.0941 0x0aa8  C:\Windows\System32\spoolsv.exe - ok
09:36:04.0941 0x0aa8  [ 370D926EF54455EBC244549B462CF80F, 8238A076956F88154529649CA8F70591BD93B146B58C47FB040DDED2A0EABB87 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1CED01D0-4851-4469-8F04-18C4D9A24829}\mpasdlta.vdm
09:36:04.0941 0x0aa8  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1CED01D0-4851-4469-8F04-18C4D9A24829}\mpasdlta.vdm - ok
09:36:04.0957 0x0aa8  [ 00000000000000000000000000000000, 0000000000000000000000000000000000000000000000000000000000000000 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1CED01D0-4851-4469-8F04-18C4D9A24829}\mpavbase.vdm
09:36:04.0957 0x0aa8  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1CED01D0-4851-4469-8F04-18C4D9A24829}\mpavbase.vdm - ok
09:36:04.0957 0x0aa8  [ 34C22880F66E36C455612C4C94DF4E0F, 12339D969722A72357ABA9CD6671C78539A2BC55218B804EE0C38F9D39765FEC ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1CED01D0-4851-4469-8F04-18C4D9A24829}\mpavdlta.vdm
09:36:04.0957 0x0aa8  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1CED01D0-4851-4469-8F04-18C4D9A24829}\mpavdlta.vdm - ok
09:36:04.0972 0x0aa8  [ 28BA06C0FB3E463782B647770AD1E4AF, E7B20BEC0F9BF01AF71B792BE982C211C8AD2806EFFA3EC8AC8C8E75FD3ED4C7 ] C:\Program Files\NVIDIA Corporation\Display\nvui.dll
09:36:04.0972 0x0aa8  C:\Program Files\NVIDIA Corporation\Display\nvui.dll - ok
09:36:04.0972 0x0aa8  [ D233E1A32CE6AF918C9DE1BC44AFEB2A, 223E0200DF44A43D8363D15188AE83248163602713DB6FAA16FF37C3AECBCE77 ] C:\Windows\System32\mshtml.dll
09:36:04.0972 0x0aa8  C:\Windows\System32\mshtml.dll - ok
09:36:04.0972 0x0aa8  [ F798BAF277AD51BB8A2A1B20624874FF, 275A9F8AEB14D8CA6B419D78B4A5849AA0C5B289D4DFBB170231BEF6BD899266 ] C:\Windows\System32\nvsvc64.dll
09:36:04.0972 0x0aa8  C:\Windows\System32\nvsvc64.dll - ok
09:36:04.0972 0x0aa8  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] C:\Windows\System32\BFE.DLL
09:36:04.0972 0x0aa8  C:\Windows\System32\BFE.DLL - ok
09:36:04.0988 0x0aa8  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] C:\Windows\System32\drivers\bowser.sys
09:36:04.0988 0x0aa8  C:\Windows\System32\drivers\bowser.sys - ok
09:36:04.0988 0x0aa8  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] C:\Windows\System32\drivers\mpsdrv.sys
09:36:04.0988 0x0aa8  C:\Windows\System32\drivers\mpsdrv.sys - ok
09:36:04.0988 0x0aa8  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] C:\Windows\System32\MPSSVC.dll
09:36:04.0988 0x0aa8  C:\Windows\System32\MPSSVC.dll - ok
09:36:05.0003 0x0aa8  [ C67F8A962B2534224D5908D16D2AD3CE, CAC1821F5E867285638AEE7AE33CE574BCCF16277AC5AD805650B48F7759B4B4 ] C:\Windows\System32\wfapigp.dll
09:36:05.0003 0x0aa8  C:\Windows\System32\wfapigp.dll - ok
09:36:05.0003 0x0aa8  [ 1834B31C749B86DAC233BBBA1C03BC48, 27FCA9196842C0BB53CCAD895870A0EB10D2F8ED67E5486A4437067BD4BC4448 ] C:\Windows\System32\mscms.dll
09:36:05.0003 0x0aa8  C:\Windows\System32\mscms.dll - ok
09:36:05.0019 0x0aa8  [ E424B3EF666B184CEE0B6871AAA8C9F6, D182D9B3A813C75F88CA16A9C236AB6167DF5861D155B5DC016B90918C4BD579 ] C:\Windows\System32\msimg32.dll
09:36:05.0019 0x0aa8  C:\Windows\System32\msimg32.dll - ok
09:36:05.0019 0x0aa8  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] C:\Windows\System32\pcasvc.dll
09:36:05.0019 0x0aa8  C:\Windows\System32\pcasvc.dll - ok
09:36:05.0019 0x0aa8  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] C:\Windows\System32\snmptrap.exe
09:36:05.0019 0x0aa8  C:\Windows\System32\snmptrap.exe - ok
09:36:05.0019 0x0aa8  [ 91A8E32B00BF7899EDAB6783287DDDA6, 49451722317AB42B3DE407EFCB9CC560C1455217AC3E2F11F74D08C1708473C5 ] C:\Windows\System32\PeerDistSh.dll
09:36:05.0019 0x0aa8  C:\Windows\System32\PeerDistSh.dll - ok
09:36:05.0035 0x0aa8  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] C:\Windows\System32\provsvc.dll
09:36:05.0035 0x0aa8  C:\Windows\System32\provsvc.dll - ok
09:36:05.0035 0x0aa8  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] C:\Windows\System32\sstpsvc.dll
09:36:05.0035 0x0aa8  C:\Windows\System32\sstpsvc.dll - ok
09:36:05.0035 0x0aa8  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] C:\Windows\System32\drivers\mrxsmb.sys
09:36:05.0035 0x0aa8  C:\Windows\System32\drivers\mrxsmb.sys - ok
09:36:05.0050 0x0aa8  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] C:\Windows\System32\drivers\mrxsmb10.sys
09:36:05.0050 0x0aa8  C:\Windows\System32\drivers\mrxsmb10.sys - ok
09:36:05.0050 0x0aa8  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] C:\Windows\System32\drivers\mrxsmb20.sys
09:36:05.0050 0x0aa8  C:\Windows\System32\drivers\mrxsmb20.sys - ok
09:36:05.0066 0x0aa8  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] C:\Windows\System32\wkssvc.dll
09:36:05.0066 0x0aa8  C:\Windows\System32\wkssvc.dll - ok
09:36:05.0066 0x0aa8  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] C:\Windows\System32\cryptsvc.dll
09:36:05.0066 0x0aa8  C:\Windows\System32\cryptsvc.dll - ok
09:36:05.0066 0x0aa8  [ 0C043B0ABBB5E14E68906AB80365395B, A57A6FAF713EA4F46566A941DE7C2273ED4EB50F9E30B70276E810873AF6900B ] C:\Windows\System32\efssvc.dll
09:36:05.0066 0x0aa8  C:\Windows\System32\efssvc.dll - ok
09:36:05.0066 0x0aa8  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] C:\Windows\System32\dps.dll
09:36:05.0066 0x0aa8  C:\Windows\System32\dps.dll - ok
09:36:05.0081 0x0aa8  [ 7F8E83B9466A0A002D4AB15C104062A7, D2D64B95079243F04479A7950AFB9DD086C43BF0236E72E74FC45C6945A765E4 ] C:\Windows\System32\efscore.dll
09:36:05.0081 0x0aa8  C:\Windows\System32\efscore.dll - ok
09:36:05.0081 0x0aa8  [ 58283053C781AD3A579C95D7765C1FA0, 9F7641C9B5E64797E14A2E307D94E31D6F51A721964BD5CE8CEFF6B523A69DB8 ] C:\Windows\System32\efsutil.dll
09:36:05.0081 0x0aa8  C:\Windows\System32\efsutil.dll - ok
09:36:05.0081 0x0aa8  [ A6B726DCA228F7878E38368A1BDC68BE, 30E8300B09B876E3D4B2A9215C9CC070EADF915E1268F425B6F8E0596A0D3539 ] C:\Windows\System32\cryptnet.dll
09:36:05.0081 0x0aa8  C:\Windows\System32\cryptnet.dll - ok
09:36:05.0097 0x0aa8  [ 0E2F58F6E698EDCB9E58FAD0CBCD0567, 426FB40A065FEF61980C803EF72D0D326C623340C3AE99CA8AFFDEFB81E8D49D ] C:\Windows\System32\vssapi.dll
09:36:05.0097 0x0aa8  C:\Windows\System32\vssapi.dll - ok
09:36:05.0097 0x0aa8  [ 287923557447D7E4BDD7E65B1F0F5428, 14D85A0F036F28D77AA9723C3D7E8C4DA9BDFF8A1AD9BEA6FE5756DBF5D00F08 ] C:\Windows\System32\vsstrace.dll
09:36:05.0097 0x0aa8  C:\Windows\System32\vsstrace.dll - ok
09:36:05.0097 0x0aa8  [ 9028D1621C43DF8DFBD1C76860412A11, A1D48D9B33180BDE50D2FA9BB07E9520B7B7788C39B3AABB4A06AE4B1AACA755 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll
09:36:05.0097 0x0aa8  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll - ok
09:36:05.0113 0x0aa8  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
09:36:05.0113 0x0aa8  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
09:36:05.0113 0x0aa8  [ A2B0924D50F4435FD389499047CE553A, 8D16D5CAAD71AAAAA1479F8477D2928B66581C79932A49A21EDF93DB2803AB9C ] C:\Windows\SysWOW64\ntdll.dll
09:36:05.0113 0x0aa8  C:\Windows\SysWOW64\ntdll.dll - ok
09:36:05.0113 0x0aa8  [ 0015ACFBBDD164A8A730009908868CA7, E1FF243AD2CF959FAB81EFE701592414991C03416FF296ADC93906E76B707C4D ] C:\Windows\System32\winspool.drv
09:36:05.0113 0x0aa8  C:\Windows\System32\winspool.drv - ok
09:36:05.0128 0x0aa8  [ 70833F5A59F65908698093889C34BCA2, 25777B910664827FC5C8258E4956CC936E0A1E42A9C7F2F390A83025E685D728 ] C:\Windows\System32\wow64.dll
09:36:05.0128 0x0aa8  C:\Windows\System32\wow64.dll - ok
09:36:05.0128 0x0aa8  [ 5674E21E82CFBEA36DDAD5DB285D6DBC, FBD2AC69D3E66E39651C5F2C88C0087EDC3CD1FD999FC2A574C97E9DDF2C1441 ] C:\Windows\System32\wow64win.dll
09:36:05.0128 0x0aa8  C:\Windows\System32\wow64win.dll - ok
09:36:05.0128 0x0aa8  [ CF636C92B762B26F0B39B38E92380A09, F7B8B0EA4536CE3BA33EE1BD0783F6AAD8C0EF69714E874D4A30B720A04C7A18 ] C:\Windows\System32\oleacc.dll
09:36:05.0128 0x0aa8  C:\Windows\System32\oleacc.dll - ok
09:36:05.0144 0x0aa8  [ 3EE3AA76D8AB6D5644C4C8F34471CEB3, FCF173B0A324FA4780824CBD8C8FE4E402F27EACF1A41AAFEA636FA0B3AE7B35 ] C:\Windows\System32\wow64cpu.dll
09:36:05.0144 0x0aa8  C:\Windows\System32\wow64cpu.dll - ok
09:36:05.0144 0x0aa8  [ 365A5034093AD9E04F433046C4CDF6AB, 5D5B30A883B273D59C6C64286E0BA79DA0BDF1B7EBC791278248A9196701DDDF ] C:\Windows\SysWOW64\kernel32.dll
09:36:05.0144 0x0aa8  C:\Windows\SysWOW64\kernel32.dll - ok
09:36:05.0144 0x0aa8  [ 1B7343C3765638D4D17CB925F84F8ABE, FDD4F8B409A6C6870C56BBCDCD07902D825FCB13ABB316FD804B6AAAF996600B ] C:\Windows\SysWOW64\KernelBase.dll
09:36:05.0144 0x0aa8  C:\Windows\SysWOW64\KernelBase.dll - ok
09:36:05.0159 0x0aa8  [ EF39CCCC9AD927A25334AE0B41A8A343, EC5FB376F84697F42B632BC9775D362CF6C54A68E26A0CF027D90F5A419BEA74 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
09:36:05.0159 0x0aa8  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll - ok
09:36:05.0159 0x0aa8  [ 8CC3C111D653E96F3EA1590891491D71, 1D326D7D116D76876EE2B14A5BFB7B4328E21DB9B5AAAB9CB67F8EFB93924230 ] C:\Windows\SysWOW64\shlwapi.dll
09:36:05.0159 0x0aa8  C:\Windows\SysWOW64\shlwapi.dll - ok
09:36:05.0159 0x0aa8  [ 56E3313690866F99CD17AA1342F64AE1, 4AD4E105C1A6E9BAB9568CA21B15A38C59702EF605AA9058490C56DA070CF846 ] C:\Windows\SysWOW64\gdi32.dll
09:36:05.0159 0x0aa8  C:\Windows\SysWOW64\gdi32.dll - ok
09:36:05.0175 0x0aa8  [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3, 01EB95FA3943CF3C6B1A21E473A5C3CB9FCBCE46913B15C96CAC14E4F04075B4 ] C:\Windows\SysWOW64\user32.dll
09:36:05.0175 0x0aa8  C:\Windows\SysWOW64\user32.dll - ok
09:36:05.0175 0x0aa8  [ D67472125471784DE7147946EDA25FEB, F41960118F412B6CA5E80AE5E8DB9AECDD043A7DB34388FF57C6F9C5A0056F91 ] C:\Windows\SysWOW64\advapi32.dll
09:36:05.0175 0x0aa8  C:\Windows\SysWOW64\advapi32.dll - ok
09:36:05.0175 0x0aa8  [ 9DC80A8AAAAAC397BDAB3C67165A824E, 051636BFDFF7AB0E4191354E846BD0DACCA1A01FCC13C1AFED91D8DBFE17127A ] C:\Windows\SysWOW64\msvcrt.dll
09:36:05.0175 0x0aa8  C:\Windows\SysWOW64\msvcrt.dll - ok
09:36:05.0191 0x0aa8  [ 4DC999CED9429939D75682EBD7D48901, 4E2DB6E4C500980488010AF1125A73D0F958889379F05DB304A220B4BB2D1834 ] C:\Windows\SysWOW64\rpcrt4.dll
09:36:05.0191 0x0aa8  C:\Windows\SysWOW64\rpcrt4.dll - ok
09:36:05.0191 0x0aa8  [ CFC97F07904067A1E5FAE195D534DA3A, EB4D2D127312EB09E2ACCA3276779E80F90FAF77322684BABF72B8EC6E1F906C ] C:\Windows\SysWOW64\sechost.dll
09:36:05.0191 0x0aa8  C:\Windows\SysWOW64\sechost.dll - ok
09:36:05.0191 0x0aa8  [ 0AB6CC7CB55AD512DB0B722A926BD9F8, F5C54AAE01E8DD1744FDEF3F83BD842E37BC33B5B65928407B52BFFD9F8D18F6 ] C:\Program Files\NVIDIA Corporation\Display\nvuir.dll
09:36:05.0191 0x0aa8  C:\Program Files\NVIDIA Corporation\Display\nvuir.dll - ok
09:36:05.0206 0x0aa8  [ B4DCD843B97BAB317717A057C72796E0, A1727B2C7E158663A824135AC5C7C5B735CBE87E1C8125785C4F814151338509 ] C:\Windows\System32\nvsvcr.dll
09:36:05.0206 0x0aa8  C:\Windows\System32\nvsvcr.dll - ok
09:36:05.0206 0x0aa8  [ F08F6FCD09F9BE94C37ACC1B344685FF, DE48D766258B46EFEAB16579421C4BD97ACC6883F782D00E9857F4A0CE7E8A34 ] C:\Windows\SysWOW64\cryptbase.dll
09:36:05.0206 0x0aa8  C:\Windows\SysWOW64\cryptbase.dll - ok
09:36:05.0206 0x0aa8  [ 6CCB62D4A9764C6410D34DFCF082ADD6, 13C57E4BE590619F02085C9305F8F87246A0AB9B722116E36E93E13E2A55FAB7 ] C:\Program Files\Microsoft Security Client\MpAsDesc.dll
09:36:05.0206 0x0aa8  C:\Program Files\Microsoft Security Client\MpAsDesc.dll - ok
09:36:05.0222 0x0aa8  [ 218A400108F280428FA22282D3268BBC, 7712687ABAEF6616E90AE5A321044C102E79EC23F4A1EAFB4278C93724873CB3 ] C:\Windows\System32\wscapi.dll
09:36:05.0222 0x0aa8  C:\Windows\System32\wscapi.dll - ok
09:36:05.0222 0x0aa8  [ B7230010D97787AF3D25E4C82F2B06B9, C795E9811CD461F8E98D1738667EB0C265A57065EA3420CE596D5038E7430C1E ] C:\Windows\SysWOW64\usp10.dll
09:36:05.0222 0x0aa8  C:\Windows\SysWOW64\usp10.dll - ok
09:36:05.0222 0x0aa8  [ CC23295DA8F7B5C53F93804D2F5D30EB, B290D96C40FBA934DE6CFF82D9BBA6780922CC5012C61599BD5006DAEDC82DDB ] C:\Windows\SysWOW64\lpk.dll
09:36:05.0222 0x0aa8  C:\Windows\SysWOW64\lpk.dll - ok
09:36:05.0237 0x0aa8  [ 42B924C5F3924C1EB2539F22C10D7DF1, 5C922A6B9F4B5320ECEF67E81B37E6736BF01AF964A6966E24C8B29D0DDDDA3B ] C:\Windows\SysWOW64\sspicli.dll
09:36:05.0237 0x0aa8  C:\Windows\SysWOW64\sspicli.dll - ok
09:36:05.0237 0x0aa8  [ 312A1D65C1DD37FBF695DF0EC21BEB72, 60A8ADF81E5F6C05A366FE7F7BB2D879A11A9D00B595DD288856C9D0970EA800 ] C:\Windows\System32\nvapi64.dll
09:36:05.0237 0x0aa8  C:\Windows\System32\nvapi64.dll - ok
09:36:05.0237 0x0aa8  [ 027680A156C337A39CC543A436A745E3, 93833C81E4DADE8429D3CE1A13F18DB75724882B3D86D9B9BF0AA6521DB24E56 ] C:\Windows\System32\nvcpl.dll
09:36:05.0237 0x0aa8  C:\Windows\System32\nvcpl.dll - ok
09:36:05.0253 0x0aa8  [ E02781D4871844DCD30DF1D69A650F78, DC77302F06CD6CF7FC2C3B0F433A4AE41DF869B9F342C0656CCD8A125B3D3318 ] C:\Windows\SysWOW64\shell32.dll
09:36:05.0253 0x0aa8  C:\Windows\SysWOW64\shell32.dll - ok
09:36:05.0253 0x0aa8  [ 5AA5DB4512FB9F3DCEA0F53491CA35E9, 1E0BF448D036EFACC4E6E22CFD5CEA1C228B30290EC437078425809FCC41566A ] C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll
09:36:05.0253 0x0aa8  C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll - ok
09:36:05.0253 0x0aa8  [ F5CEF064C7E6D95DA86B9D064A56A969, F118CD4364690F37A07AE458E043E8CFBA98F332DC9E7228C83409CF26F6EF6D ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
09:36:05.0253 0x0aa8  C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
09:36:05.0269 0x0aa8  [ CB598B5B2A74AC0DE63783A08BCB6F34, 4505F351D679E762667DD389B93933AEE1F5FB8E2D842FA65132B0A86795E114 ] C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll
09:36:05.0269 0x0aa8  C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll - ok
09:36:05.0269 0x0aa8  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
09:36:05.0269 0x0aa8  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe - ok
09:36:05.0284 0x0aa8  [ A8EDB86FC2A4D6D1285E4C70384AC35A, 61B8955CE0A2AA9D0719920B30216717B349B6FBE11C697C31CFA84F859CC1AE ] C:\Windows\System32\dllhost.exe
09:36:05.0284 0x0aa8  C:\Windows\System32\dllhost.exe - ok
09:36:05.0284 0x0aa8  [ A90DC9ABD65DB1A8902F361103029952, 26798758976CE53251AC342B966BE0363AE1794BD965C452F5DEBC33E18969F0 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
09:36:05.0284 0x0aa8  C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
09:36:05.0284 0x0aa8  [ 6377051C63D5552A311935C67E9FDFDC, 3FB82988AAB66813567E8DB951D4EE87F156201070F005FDBF52EF998A323E65 ] C:\Windows\SysWOW64\nsi.dll
09:36:05.0284 0x0aa8  C:\Windows\SysWOW64\nsi.dll - ok
09:36:05.0284 0x0aa8  [ CFF35B879D1618D42C86644C717BA947, 1837275202628D3320867A3BF8CFDA15491730C4B74215F7C0D7E140BF01AC3C ] C:\Windows\SysWOW64\winnsi.dll
09:36:05.0284 0x0aa8  C:\Windows\SysWOW64\winnsi.dll - ok
09:36:05.0300 0x0aa8  [ 6A6B2EE4565A178035BE2A4FF6F2C968, E2E231F1C2E2CE19583483ACC53318651FA7CA2DE46BCB89B4CBF97CA0525122 ] C:\Windows\SysWOW64\wtsapi32.dll
09:36:05.0300 0x0aa8  C:\Windows\SysWOW64\wtsapi32.dll - ok
09:36:05.0300 0x0aa8  [ A0A2C1D812C231C9BFE119FDC68E341B, F94446594EE17505956A715DFB28B51D09F00A7A65E56950661B889A57DE8FA8 ] C:\Windows\System32\IDStore.dll
09:36:05.0300 0x0aa8  C:\Windows\System32\IDStore.dll - ok
09:36:05.0315 0x0aa8  [ 639774C9ACD063F028F6084ABF5593AD, 9DFD80610CBBC9188F6C6BC85C87016B0AE42254FC289C2B578E85282BDD9C23 ] C:\Windows\System32\taskhost.exe
09:36:05.0315 0x0aa8  C:\Windows\System32\taskhost.exe - ok
09:36:05.0315 0x0aa8  [ 65EA57712340C09B1B0C427B4848AE05, 5FDCF73191BFF9DBB03886755FFCF0BC15849F0E216884A5A8B9BB375FA7C1A5 ] C:\Windows\System32\taskeng.exe
09:36:05.0315 0x0aa8  C:\Windows\System32\taskeng.exe - ok
09:36:05.0315 0x0aa8  [ 702254574E7E52052DE39408457B7149, 645CA9E88DA21C63710A04A0F54421018DF415A3D612112C71A255C49325C082 ] C:\Windows\SysWOW64\version.dll
09:36:05.0315 0x0aa8  C:\Windows\SysWOW64\version.dll - ok
09:36:05.0315 0x0aa8  [ 6CEF7856A3EFAC59470F6208F0F585CE, 0F7A80DB821FDE6580E9481B6DA44844F717DDB4983B0E3D562BE43726153951 ] C:\Windows\System32\mpr.dll
09:36:05.0315 0x0aa8  C:\Windows\System32\mpr.dll - ok
09:36:05.0331 0x0aa8  [ 88351B29B622B30962D2FEB6CA8D860B, A16CAD7D94C1C9807083BB36E9B4C3C14E6482C4CA2BDFACBCC86E737DDCE42E ] C:\Windows\System32\rasadhlp.dll
09:36:05.0331 0x0aa8  C:\Windows\System32\rasadhlp.dll - ok
09:36:05.0331 0x0aa8  [ BAFE84E637BF7388C96EF48D4D3FDD53, 11C194D9ADCE90027272C627D7FBF3BA5025FF0F7B26A8333F764E11E1382CF9 ] C:\Windows\System32\userinit.exe
09:36:05.0331 0x0aa8  C:\Windows\System32\userinit.exe - ok
09:36:05.0331 0x0aa8  [ F162D5F5E845B9DC352DD1BAD8CEF1BC, 8A7B7528DB30AB123B060D8E41954D95913C07BB40CDAE32E97F9EDB0BAF79C7 ] C:\Windows\System32\dwm.exe
09:36:05.0331 0x0aa8  C:\Windows\System32\dwm.exe - ok
09:36:05.0347 0x0aa8  [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051, 8EFD0A6DE6F4E335D342782190008FB5AC84A6ADE49170B310DEC9AC48E623E8 ] C:\Windows\System32\localspl.dll
09:36:05.0347 0x0aa8  C:\Windows\System32\localspl.dll - ok
09:36:05.0347 0x0aa8  [ 9FCA3A84338ADEF2AFF67CDA46EF8539, 087DF72096852AE98C56990EE6E68835BE95E7E49ECDDE8B54DAC11C9E07FE94 ] C:\Windows\System32\umb.dll
09:36:05.0347 0x0aa8  C:\Windows\System32\umb.dll - ok
09:36:05.0347 0x0aa8  [ FCFCD1101C5DA23B4B95F93D02B2C169, 040A086875B6C5475490A2F8B0CF4FF20DDB4FEDFE5FCABBA49692AA05F40527 ] C:\Windows\System32\dwmredir.dll
09:36:05.0347 0x0aa8  C:\Windows\System32\dwmredir.dll - ok
09:36:05.0362 0x0aa8  [ 94EEAC26F57811BD1AEFC164412F7FCE, 7390BCD7709D48DE75D7D6E06AA7356D1C58EE63F3CC2E07ABCD2E2FF6CC81CF ] C:\Windows\System32\PlaySndSrv.dll
09:36:05.0362 0x0aa8  C:\Windows\System32\PlaySndSrv.dll - ok
09:36:05.0362 0x0aa8  [ 4BA77A5EF71C14C764B0ED4701683E3E, 066A064CDBE09BF8BE1DF5B259F30FF6C124A1C3D637800D3E19E8E25EDB950E ] C:\Windows\System32\dwmcore.dll
09:36:05.0362 0x0aa8  C:\Windows\System32\dwmcore.dll - ok
09:36:05.0362 0x0aa8  [ 805A52C5AE26C28E88FDD9BCCFE6F312, 4FF28D3658C31722B7DD036DED9D544B14841C0E0B94D31A8EC5AB92128DA020 ] C:\Windows\System32\TSChannel.dll
09:36:05.0362 0x0aa8  C:\Windows\System32\TSChannel.dll - ok
09:36:05.0378 0x0aa8  [ 3285481F5C12305CA104A6C493CA5A0B, ADB39B15D26A954B0F347C7BAFCC76DE5E3CF3CF05736E8987E0832AA7F8563C ] C:\Windows\System32\spoolss.dll
09:36:05.0378 0x0aa8  C:\Windows\System32\spoolss.dll - ok
09:36:05.0378 0x0aa8  [ 9275F02BEA644F43A459E316A932658F, A4B9A716BEF1ADFDDA4C44D4838EC57BD77DEE29C4B4737B58A9375C2366A87F ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll
09:36:05.0378 0x0aa8  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll - ok
09:36:05.0378 0x0aa8  [ 9BB99503D6A4DD62569EDE9E5E2672A5, 6F4EA5BC50B1F929735246485263078BEF1B3BEB33F78CB1F483F13AA226C27E ] C:\Windows\System32\HotStartUserAgent.dll
09:36:05.0378 0x0aa8  C:\Windows\System32\HotStartUserAgent.dll - ok
09:36:05.0393 0x0aa8  [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA, 8A6ACEFAB95E5275CBFBE6CCB5A6C3A6A471260B279B9063E86B9C7765E18656 ] C:\Windows\System32\MsCtfMonitor.dll
09:36:05.0393 0x0aa8  C:\Windows\System32\MsCtfMonitor.dll - ok
09:36:05.0393 0x0aa8  [ F09A9A1AD21FE618C4C8B0A0D830C886, 29831DDAB2AB105358FBC067CDF96428220B6743CD6019F6FE74BAC7AF325E7E ] C:\Windows\System32\msutb.dll
09:36:05.0393 0x0aa8  C:\Windows\System32\msutb.dll - ok
09:36:05.0393 0x0aa8  [ C5AC93CF3BA30D367FB49148A2B673B9, 07B556039BBA841BC9F28979C3AD5D238B55391F921C9C805F3AFC9EFB437766 ] C:\Windows\System32\PrintIsolationProxy.dll
09:36:05.0393 0x0aa8  C:\Windows\System32\PrintIsolationProxy.dll - ok
09:36:05.0409 0x0aa8  [ 32A3C8600AF124CBAAD845F13CFAE3CB, F36FE9E57D5C509FEECE890F9F8717F9CC6F762E32AE0B7DB7E0153370CE0B9D ] C:\Windows\System32\tcpmon.dll
09:36:05.0409 0x0aa8  C:\Windows\System32\tcpmon.dll - ok
09:36:05.0409 0x0aa8  [ B2742EA6ED844D747E2348A504E491CB, 38D2A3B32A77FE2ADCCACB74F7A8EAD6A4589A5E22D2A6E7DFEADACDAE66DA85 ] C:\Windows\System32\dxva2.dll
09:36:05.0409 0x0aa8  C:\Windows\System32\dxva2.dll - ok
09:36:05.0409 0x0aa8  [ 93518C6EDE0B61BCBD02BDB02BD05FEE, 3637F5E5F15093AFB501EE910368CF900B422AC22669391FFA4198BBAE6F8FCB ] C:\Windows\System32\snmpapi.dll
09:36:05.0409 0x0aa8  C:\Windows\System32\snmpapi.dll - ok
09:36:05.0425 0x0aa8  [ FFF9D00CF16397C64317F213484F94BD, 94D0584E14BDB27F61F59A7BCEA529A1594261BE0CE74502C13E8865843BA414 ] C:\Windows\System32\wsnmp32.dll
09:36:05.0425 0x0aa8  C:\Windows\System32\wsnmp32.dll - ok
09:36:05.0425 0x0aa8  [ 99B91C5D2FCEF218CAD3600ECB62A799, E28F2903F86D39C5A69B5F89CCD6594E93A1BF1E4ACD613A0F2E2348DFA88D65 ] C:\Windows\System32\msxml6.dll
09:36:05.0425 0x0aa8  C:\Windows\System32\msxml6.dll - ok
09:36:05.0425 0x0aa8  [ D63F0353F632FB1EDE724173BE6DB5B5, 82FC79B99BD5D99231CE6701CBACA94ED6F6EC5B7EC0F00F63FC942B2D06568E ] C:\Windows\System32\esent.dll
09:36:05.0425 0x0aa8  C:\Windows\System32\esent.dll - ok
09:36:05.0440 0x0aa8  [ AC4C51EB24AA95B77F705AB159189E24, 6A671B92A69755DE6FD063FCBE4BA926D83B49F78C42DBAEED8CDB6BBC57576A ] C:\Windows\explorer.exe
09:36:05.0440 0x0aa8  C:\Windows\explorer.exe - ok
09:36:05.0440 0x0aa8  [ 9AE80F6A66B30E3ED8CDF858CF28B11B, A93E470DC54E3C74C10979D49CABB9A34893F9E847F88491F935DB44EEC3541A ] C:\Windows\System32\d3d10_1.dll
09:36:05.0440 0x0aa8  C:\Windows\System32\d3d10_1.dll - ok
09:36:05.0440 0x0aa8  [ 63F72417CA38D8FC8F53709649B589E3, 39AE8AFFCFB8A9E345FC4C6F11926F25552C464380F88CDECD299FD27AF7866B ] C:\Windows\System32\d3d10_1core.dll
09:36:05.0440 0x0aa8  C:\Windows\System32\d3d10_1core.dll - ok
09:36:05.0456 0x0aa8  [ CC09E0C9A2D89C6E71D093DC8BD121B7, 5F92457E27D817541EBA92FED984D2E6C1E35AD4E4E4CAE0F0778B795C260FAA ] C:\Windows\SysWOW64\crypt32.dll
09:36:05.0456 0x0aa8  C:\Windows\SysWOW64\crypt32.dll - ok
09:36:05.0456 0x0aa8  [ 938F39B50BAFE13D6F58C7790682C010, 902000EE51EFEABAF6A4B30F880AA37083D2232C6FC622CA513C4A823390FEDA ] C:\Windows\SysWOW64\msasn1.dll
09:36:05.0456 0x0aa8  C:\Windows\SysWOW64\msasn1.dll - ok
09:36:05.0456 0x0aa8  [ 7FF15A4F092CD4A96055BA69F903E3E9, 1B594E6D057C632ABB3A8CF838157369024BD6B9F515CA8E774B22FE71A11627 ] C:\Windows\SysWOW64\ws2_32.dll
09:36:05.0456 0x0aa8  C:\Windows\SysWOW64\ws2_32.dll - ok
09:36:05.0471 0x0aa8  [ DF72A9936D0C3F517083119648814B09, 6BA4DCAC2F55A393A266ED0B2AF92B38141654D1666E3E143D85BBAF21663E1E ] C:\Windows\System32\usbmon.dll
09:36:05.0471 0x0aa8  C:\Windows\System32\usbmon.dll - ok
09:36:05.0471 0x0aa8  [ A1D7E3ADCDB07DDB6F423862DCB1A52B, 6191C33D2AE090F6F055D6AE211096CE8F003EC5518A5333EE1E376052176BAB ] C:\Windows\System32\WSDMon.dll
09:36:05.0471 0x0aa8  C:\Windows\System32\WSDMon.dll - ok
09:36:05.0471 0x0aa8  [ 8DFB5752FCE145A6B295093C0A8BE131, F38029C8B36EFD46B1F6CCA0089FF4EFB0AB246497E38EDFF6A67FAC804D4A97 ] C:\Windows\System32\dxgi.dll
09:36:05.0471 0x0aa8  C:\Windows\System32\dxgi.dll - ok
09:36:05.0487 0x0aa8  [ F1B205F932F62F94506A5F332C895DAF, F02F01F20F655DD919C71AE814E4C3DD43330AAD1425FC5B1497F1613917CCDE ] C:\Windows\System32\WSDApi.dll
09:36:05.0487 0x0aa8  C:\Windows\System32\WSDApi.dll - ok
09:36:05.0487 0x0aa8  [ 4C92EB7535CAA1681A77D928FBF9771F, 7D02B2357CA02393CA711C3C499AAD86B792EEFFDC67F2CE52F7F7BB8A28DE79 ] C:\Windows\System32\d3d11.dll
09:36:05.0487 0x0aa8  C:\Windows\System32\d3d11.dll - ok
09:36:05.0487 0x0aa8  [ 80D8679BF84A9383BFF33E07D5D9FC35, 0986806F2504C8A66FA8DEF7923A69E90A2390DD447BE53AD1824240CE68EC1E ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll
09:36:05.0487 0x0aa8  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll - ok
09:36:05.0503 0x0aa8  [ C55516D98DD5D8F0153C2A9B4227DA86, DBC62B776CF06D0873A4C7CFCDF5B6F5C6E6C41917C326C090BCE58DC66EE09C ] C:\Windows\System32\webservices.dll
09:36:05.0503 0x0aa8  C:\Windows\System32\webservices.dll - ok
09:36:05.0503 0x0aa8  [ EED05D42D91835064703E2318552ED25, E9EE1E2253445B207B76F5D3073C612ED979A982522C1515E0FE8FA9641AE568 ] C:\Windows\System32\ExplorerFrame.dll
09:36:05.0503 0x0aa8  C:\Windows\System32\ExplorerFrame.dll - ok
09:36:05.0503 0x0aa8  [ 928CF7268086631F54C3D8E17238C6DD, F058FAFB04E7EBD5CADE9B48195B7AA7C3508F332A89F5E6E5F3F071E8CADD4A ] C:\Windows\SysWOW64\ole32.dll
09:36:05.0503 0x0aa8  C:\Windows\SysWOW64\ole32.dll - ok
09:36:05.0518 0x0aa8  [ B5055B51BAA0FD0A736A88653DA3C1C0, A3BD057C7E8C926930BA7E9D11427D26FB37267026A0B72AB4021101EE424F74 ] C:\Windows\System32\fundisc.dll
09:36:05.0518 0x0aa8  C:\Windows\System32\fundisc.dll - ok
09:36:05.0518 0x0aa8  [ 4581716B4BF76ACFD8E167EB0B26D82A, 39D822527114EEED68044CCE4D542767F53978D9E0A7F72638F1CA9A016DE13B ] C:\Windows\System32\fdPnp.dll
09:36:05.0518 0x0aa8  C:\Windows\System32\fdPnp.dll - ok
09:36:05.0518 0x0aa8  [ B9A8CBCFCD3EC9D2EA4740AF347BF108, 97FA304E3880BC863D999F441AE47CB8ADF00D2DEC2A52ACD8FBD02CC096786A ] C:\Windows\SysWOW64\mpr.dll
09:36:05.0518 0x0aa8  C:\Windows\SysWOW64\mpr.dll - ok
09:36:05.0534 0x0aa8  [ C733D233B623B7FFCE5031E4B756EE26, 33CC8B140B0E4A9B702E3468BE2646AEE4273F20C6EA5BAC6C3D8FC8EDEF0881 ] C:\Windows\SysWOW64\profapi.dll
09:36:05.0534 0x0aa8  C:\Windows\SysWOW64\profapi.dll - ok
09:36:05.0534 0x0aa8  [ D15618A0FF8DBC2C5BF3726BACC75A0B, ADD81EA1D208907D67802F0E96EC0327BA89021F870BA22B9C7E3A19013A6AE7 ] C:\Windows\SysWOW64\userenv.dll
09:36:05.0534 0x0aa8  C:\Windows\SysWOW64\userenv.dll - ok
09:36:05.0534 0x0aa8  [ A543AC1F7138376D778D630A35FCBC4C, 2D824C66A97FC8C39DAFA397CC47495B712D175EEF393486946DA8936BDD466A ] C:\Windows\SysWOW64\psapi.dll
09:36:05.0534 0x0aa8  C:\Windows\SysWOW64\psapi.dll - ok
09:36:05.0549 0x0aa8  [ 68EAAEDF0365168B804E8728368FA946, 1FA25087E8B247B099B729F780DBF24F77FD34F58186A1C94329261CF3D18B8E ] C:\Windows\SysWOW64\wintrust.dll
09:36:05.0549 0x0aa8  C:\Windows\SysWOW64\wintrust.dll - ok
09:36:05.0549 0x0aa8  [ AE84B591B83012E2F6902D7E961CA4F5, C5B5EEAE1368D45AD594020F2E76D9894EAE3ED70346D4FD9542A32F36689F49 ] C:\Windows\System32\nvd3dumx.dll
09:36:05.0549 0x0aa8  C:\Windows\System32\nvd3dumx.dll - ok
09:36:05.0549 0x0aa8  [ 1D626FE2E13C1CE49CA0136CFF214E93, 4F02DD92045CF244979FFD074B2BDE6925A909227A474C60DCABE4384D916218 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
09:36:05.0549 0x0aa8  C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
09:36:05.0565 0x0aa8  [ A6F09E5669D9A19035F6D942CAA15882, 68C8AF0CC1923E3A7245392F2480EE665D265DF300A609D2540BF7C6D9C1A1BE ] C:\Windows\SysWOW64\imm32.dll
09:36:05.0565 0x0aa8  C:\Windows\SysWOW64\imm32.dll - ok
09:36:05.0565 0x0aa8  [ C9618BC9B2B0FD7C1138D8774795A79B, 0AC170669C2626519FA7A745C56BFBA6B83B8537488F5B9EB7BA72448E5E7A43 ] C:\Windows\SysWOW64\msctf.dll
09:36:05.0565 0x0aa8  C:\Windows\SysWOW64\msctf.dll - ok
09:36:05.0565 0x0aa8  [ C3E0696C3B42F694C5822776AA6FFFDF, 80C3DEC2C48500F96C9E677450EFC1ADA9FE9FBB70F4CC2D7D9244B1A515418B ] C:\Windows\System32\drivers\NisDrvWFP.sys
09:36:05.0565 0x0aa8  C:\Windows\System32\drivers\NisDrvWFP.sys - ok
09:36:05.0581 0x0aa8  [ 024352FEEC9042260BB4CFB4D79A206B, 60CB39086E10C5B66EBC15E4DF219620B344B4358D2918AB6BB3448A0AC8BE36 ] C:\Windows\System32\EhStorShell.dll
09:36:05.0581 0x0aa8  C:\Windows\System32\EhStorShell.dll - ok
09:36:05.0581 0x0aa8  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] C:\Windows\System32\netman.dll
09:36:05.0581 0x0aa8  C:\Windows\System32\netman.dll - ok
09:36:05.0581 0x0aa8  [ 7321F18D1F820612ED0E9F2D4B578A7E, 612BD7DE1DFBD100BD6ACB37A38565D88C39842D990D296B9B8E1FB75C3A94E7 ] C:\Windows\SysWOW64\cryptsp.dll
09:36:05.0581 0x0aa8  C:\Windows\SysWOW64\cryptsp.dll - ok
09:36:05.0596 0x0aa8  [ ED8EC63F7522DF4852147C84EC62C36A, 75633011CD28DCBD4834211A9D415F17DE15BFCD80FB9FF6CE25CBBD4E9899AF ] C:\Windows\SysWOW64\rsaenh.dll
09:36:05.0596 0x0aa8  C:\Windows\SysWOW64\rsaenh.dll - ok
09:36:05.0596 0x0aa8  [ 67CF11E00D026A5C0C88EA5F84D501E5, 5081A87466116232CF07F58229967B6C0CD3738B64A56EFC6BB3EBDA62E378F6 ] C:\Windows\System32\win32spl.dll
09:36:05.0596 0x0aa8  C:\Windows\System32\win32spl.dll - ok
09:36:05.0596 0x0aa8  [ 3FD15B4611D9BDA3F8013548C0ECAECA, B47A8D9985D9B71EB870816A0AB2B6403D394CCBDF7DE5378D5721D58D68D28D ] C:\Windows\SysWOW64\ntmarta.dll
09:36:05.0596 0x0aa8  C:\Windows\SysWOW64\ntmarta.dll - ok
09:36:05.0612 0x0aa8  [ A8BB45F9ECAD993461E0FEF8E2A99152, ACB756EA54E71F124D928829666B5B439785593877FF7C0C76ADCF954F4E6C94 ] C:\Windows\SysWOW64\Wldap32.dll
09:36:05.0612 0x0aa8  C:\Windows\SysWOW64\Wldap32.dll - ok
09:36:05.0612 0x0aa8  [ 32802C0F6FC7C8F561B9D91F52A46421, EE02CF54FC3626D85849EF14D9B7B57419F12D1DD0735C25ECBD987EE53F634B ] C:\Windows\System32\cscui.dll
09:36:05.0612 0x0aa8  C:\Windows\System32\cscui.dll - ok
09:36:05.0612 0x0aa8  [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] C:\Windows\System32\nlasvc.dll
09:36:05.0612 0x0aa8  C:\Windows\System32\nlasvc.dll - ok
09:36:05.0627 0x0aa8  [ 4A435F95B940E93A88FEC144BD409789, 12775F6F54AD9BCBCD4F91F371D8911772CA7B14316DAFFDC28B971D1FDCC182 ] C:\Windows\System32\ncsi.dll
09:36:05.0627 0x0aa8  C:\Windows\System32\ncsi.dll - ok
09:36:05.0627 0x0aa8  [ 2BBF3FDB70B8965DFA0258CBAB41ECCE, 4EFA41765E46E90C6CBDB0DC1E0CD375D7AB3307C477171EBAA6A16AC32E5211 ] C:\Windows\System32\ssdpapi.dll
09:36:05.0627 0x0aa8  C:\Windows\System32\ssdpapi.dll - ok
09:36:05.0627 0x0aa8  [ 1727B2A2F379A32B864C096FA794AADC, 87B77A5DF95F3A1C5ED6DEF820C7E384BEFCBAA2FE1BB4781AC6F777A081E5CC ] C:\Windows\System32\aepic.dll
09:36:05.0627 0x0aa8  C:\Windows\System32\aepic.dll - ok
09:36:05.0643 0x0aa8  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] C:\Windows\System32\drivers\PEAuth.sys
09:36:05.0643 0x0aa8  C:\Windows\System32\drivers\PEAuth.sys - ok
09:36:05.0643 0x0aa8  [ 418E881201583A3039D81F43E39E6C78, C96AAC161E09BE12815A4E931E65F66DB1A456C03253EF1111AE66F44B1515FF ] C:\Windows\SysWOW64\winsta.dll
09:36:05.0643 0x0aa8  C:\Windows\SysWOW64\winsta.dll - ok
09:36:05.0643 0x0aa8  [ C6DCD1D11ED6827F05C00773C3E7053C, EA23BE261C9C04F44215D254D7A80FD0AEE84C6F192D0FEE49A7CF74ED3CB1A6 ] C:\Windows\System32\sfc.dll
09:36:05.0643 0x0aa8  C:\Windows\System32\sfc.dll - ok
09:36:05.0659 0x0aa8  [ 895C9AB0A855547445C4181195230757, 89BDA385D8CCB75C3D7B1BDFA567AC441A931F4E499C0835FEE9D010343FABB6 ] C:\Windows\System32\sfc_os.dll
09:36:05.0659 0x0aa8  C:\Windows\System32\sfc_os.dll - ok
09:36:05.0659 0x0aa8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] C:\Windows\System32\drivers\secdrv.sys
09:36:05.0659 0x0aa8  C:\Windows\System32\drivers\secdrv.sys - ok
09:36:05.0659 0x0aa8  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] C:\Windows\System32\seclogon.dll
09:36:05.0659 0x0aa8  C:\Windows\System32\seclogon.dll - ok
09:36:05.0674 0x0aa8  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] C:\Windows\System32\sppsvc.exe
09:36:05.0674 0x0aa8  C:\Windows\System32\sppsvc.exe - ok
09:36:05.0674 0x0aa8  [ 1BF0CB861A48FEB1638228760750F3CB, 37C781A8C546EAD8B4D28BD7D730B9AC78EB799599AD69DAD9054B6F9F1DD6BD ] C:\Windows\System32\cscapi.dll
09:36:05.0674 0x0aa8  C:\Windows\System32\cscapi.dll - ok
09:36:05.0674 0x0aa8  [ 2E483EC51216B52C711C7EC642798BB7, 98DFAAEA25FE4A450FEA18F36E0B0AA6143A0D1C89CB406857BEE5154D5931BB ] C:\Windows\System32\sti.dll
09:36:05.0674 0x0aa8  C:\Windows\System32\sti.dll - ok
09:36:05.0690 0x0aa8  [ 7EE5F17A21D9A9101207DF4BC37B085D, C07A56D52449B9F126B617FB4EFDC22EFE043C9B257B01967EA2FCCCA6216763 ] C:\Windows\System32\cscdll.dll
09:36:05.0690 0x0aa8  C:\Windows\System32\cscdll.dll - ok
09:36:05.0690 0x0aa8  [ 037A719DAD50603202C978CD802623E4, BD4C222913D32D7CF5FE0201FEBE7BD67FC39DF47A7A672C2D6C228A6E13B5DE ] C:\Windows\System32\ntshrui.dll
09:36:05.0690 0x0aa8  C:\Windows\System32\ntshrui.dll - ok
09:36:05.0690 0x0aa8  [ D1D5DAB39DCB4BE0359943738D87409B, 0BA45FE28568E852502879AE83C081517BB8103359BD5783328833EC59A54681 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
09:36:05.0690 0x0aa8  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe - ok
09:36:05.0705 0x0aa8  [ 863F793D15B4026B1A5FDECA873D4D84, AF7ABD95BB5467551562F129F03C7AC9D52A021F7E547609F40A80E66932C942 ] C:\Windows\SysWOW64\apphelp.dll
09:36:05.0705 0x0aa8  C:\Windows\SysWOW64\apphelp.dll - ok
09:36:05.0705 0x0aa8  [ 1D63F4366288B8A7595397E27010FD44, 99EA4DDD88D9C4A4CC9B238F533CB4D2C062D46239173997E8594D8A75811A01 ] C:\Windows\System32\IconCodecService.dll
09:36:05.0705 0x0aa8  C:\Windows\System32\IconCodecService.dll - ok
09:36:05.0705 0x0aa8  [ 352B3DC62A0D259A82A052238425C872, 393B24E0D6007C74AEE2FB2EE2C18623D37DF64E279B6767952DCFEE0EACBB10 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
09:36:05.0705 0x0aa8  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
09:36:05.0721 0x0aa8  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] C:\Windows\System32\drivers\srvnet.sys
09:36:05.0721 0x0aa8  C:\Windows\System32\drivers\srvnet.sys - ok
09:36:05.0721 0x0aa8  [ FFF95479C7AB1550F0750A5D01744211, FF67F892AABCE1C2B695FF4C0816339566F5745C1498D48FAC050E5196C1CE09 ] C:\Windows\System32\drivers\spsys.sys
09:36:05.0721 0x0aa8  C:\Windows\System32\drivers\spsys.sys - ok
09:36:05.0721 0x0aa8  [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] C:\Windows\System32\drivers\tcpipreg.sys
09:36:05.0721 0x0aa8  C:\Windows\System32\drivers\tcpipreg.sys - ok
09:36:05.0737 0x0aa8  [ BCEA9AB347E53BC03B2E36BE0B8BA0EF, 868DEFB78767E91694E83F931725257DF3FF79A4BFED3B914D27F3493EB7A8D0 ] C:\Windows\System32\httpapi.dll
09:36:05.0737 0x0aa8  C:\Windows\System32\httpapi.dll - ok
09:36:05.0737 0x0aa8  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] C:\Windows\System32\sysmain.dll
09:36:05.0737 0x0aa8  C:\Windows\System32\sysmain.dll - ok
09:36:05.0737 0x0aa8  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] C:\Windows\System32\tapisrv.dll
09:36:05.0737 0x0aa8  C:\Windows\System32\tapisrv.dll - ok
09:36:05.0752 0x0aa8  [ F6F22291024906E43D135A4B1705FEAC, C1B66012799D247033E8AB8386B51BC86A4E2255E6D0B163AC000B215C51B42A ] C:\Windows\System32\sppwinob.dll
09:36:05.0752 0x0aa8  C:\Windows\System32\sppwinob.dll - ok
09:36:05.0752 0x0aa8  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] C:\Windows\System32\drivers\srv2.sys
09:36:05.0752 0x0aa8  C:\Windows\System32\drivers\srv2.sys - ok
09:36:05.0752 0x0aa8  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] C:\Windows\System32\trkwks.dll
09:36:05.0768 0x0aa8  C:\Windows\System32\trkwks.dll - ok
09:36:05.0768 0x0aa8  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] C:\Windows\System32\drivers\srv.sys
09:36:05.0768 0x0aa8  C:\Windows\System32\drivers\srv.sys - ok
09:36:05.0768 0x0aa8  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] C:\Windows\System32\wbem\WMIsvc.dll
09:36:05.0768 0x0aa8  C:\Windows\System32\wbem\WMIsvc.dll - ok
09:36:05.0783 0x0aa8  [ 7DB5AA22A8A8E5C2D335F44853C1F6DE, A734A20357026C42950394682A52CBC3AF956D09F1949E1B4E95467E999BC428 ] C:\Windows\System32\wbemcomn.dll
09:36:05.0783 0x0aa8  C:\Windows\System32\wbemcomn.dll - ok
09:36:05.0783 0x0aa8  [ 39C5F32747B3414D1BB216FDB1DEFC58, 6FAE64CB9748304090113903A5AE9E7154BE16BA2EEA7AB3EF04AB9D79B81380 ] C:\Windows\SysWOW64\dwmapi.dll
09:36:05.0783 0x0aa8  C:\Windows\SysWOW64\dwmapi.dll - ok
09:36:05.0783 0x0aa8  [ 43964FA89CCF97BA6BE34D69455AC65F, 10E3B89A5470E1BB6F73382135DD2352F5073C1EE8485D7476CFB5122D4AAA2F ] C:\Windows\SysWOW64\uxtheme.dll
09:36:05.0783 0x0aa8  C:\Windows\SysWOW64\uxtheme.dll - ok
09:36:05.0799 0x0aa8  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] C:\Windows\System32\rasmans.dll
09:36:05.0799 0x0aa8  C:\Windows\System32\rasmans.dll - ok
09:36:05.0799 0x0aa8  [ 2B373B5F7E36B5ED5DA176D4400EF091, A7E220CC3661429D786693B277A7F39D5D9E24284B1D9E55DB6295AF7D97D104 ] C:\Windows\System32\sppobjs.dll
09:36:05.0799 0x0aa8  C:\Windows\System32\sppobjs.dll - ok
09:36:05.0799 0x0aa8  [ 3834316FE8A653227282196525E07DFE, F4796CD8D6064916E7930C0F2EBED202AB18C99264F8A00C26D332362A98ADE6 ] C:\Windows\System32\d3d10level9.dll
09:36:05.0799 0x0aa8  C:\Windows\System32\d3d10level9.dll - ok
09:36:05.0815 0x0aa8  [ 65522E77A1360DBC8D199DA3BF5EFFE4, E9D748070FA478A3D37F15049F998D340885C0DC5FCE03BFCE5D521C9EBA7350 ] C:\Windows\System32\eappprxy.dll
09:36:05.0815 0x0aa8  C:\Windows\System32\eappprxy.dll - ok
09:36:05.0815 0x0aa8  [ 44C96B48112EB24AE7764EBF1C527000, 6691D008C834686906B4841EF27604B0F0E70E668C09CEE19369426BF168AF44 ] C:\Windows\System32\rastapi.dll
09:36:05.0815 0x0aa8  C:\Windows\System32\rastapi.dll - ok
09:36:05.0815 0x0aa8  [ FAFAE01E889DC9C05A6CA2138CFC220B, 192CFDE3593ED0A9B397461D912074C0F062015C23E6F6658571C7C2864D9A51 ] C:\Windows\System32\tapi32.dll
09:36:05.0815 0x0aa8  C:\Windows\System32\tapi32.dll - ok
09:36:05.0815 0x0aa8  [ 0C52762C606BCF6A377D5E4688191A6B, C58C9A73AD07E3B93AB186D0D47C5F1CB7197771DBEE40646C3B801645BB388F ] C:\Windows\System32\wbem\WmiDcPrv.dll
09:36:05.0830 0x0aa8  C:\Windows\System32\wbem\WmiDcPrv.dll - ok
09:36:05.0830 0x0aa8  [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] C:\Windows\System32\iphlpsvc.dll
09:36:05.0830 0x0aa8  C:\Windows\System32\iphlpsvc.dll - ok
09:36:05.0830 0x0aa8  [ A3F5E8EC1316C3E2562B82694A251C9E, F3DC6AA6A9D3B5BBC730668FC52C1D4BB5D515D404578BDDD3D4869A7ED58822 ] C:\Windows\System32\wbem\fastprox.dll
09:36:05.0830 0x0aa8  C:\Windows\System32\wbem\fastprox.dll - ok
09:36:05.0846 0x0aa8  [ EE26D130808D16C0E417BBBED0451B34, 4886DCE4FAEF146A40BABD492A8000A2022FEA542A6135A9BAFD4CD09297B4E5 ] C:\Windows\System32\ntdsapi.dll
09:36:05.0846 0x0aa8  C:\Windows\System32\ntdsapi.dll - ok
09:36:05.0846 0x0aa8  [ 27B9E163740A226B65E4B9E186117911, 17411C6A6C1E699BC4B0C04D782FD9AA09CF577DBA41E743F7588904D489CB9F ] C:\Windows\System32\sqmapi.dll
09:36:05.0846 0x0aa8  C:\Windows\System32\sqmapi.dll - ok
09:36:05.0846 0x0aa8  [ 666A60F6F5E719856FF6254E0966EFF7, 58C072E7E215991E19C1CA062C476081982F7B9F039714539AE7FEB4981C200F ] C:\Windows\System32\wbem\wbemprox.dll
09:36:05.0846 0x0aa8  C:\Windows\System32\wbem\wbemprox.dll - ok
09:36:05.0861 0x0aa8  [ 7B38D7916A7CD058C16A0A6CA5077901, 3F6DD990E2DA5D3BD6D65A72CBFB0FE79EB30B118A8AD71B6C9BB5581A622DCE ] C:\Windows\System32\wdscore.dll
09:36:05.0861 0x0aa8  C:\Windows\System32\wdscore.dll - ok
09:36:05.0861 0x0aa8  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] C:\Windows\System32\srvsvc.dll
09:36:05.0861 0x0aa8  C:\Windows\System32\srvsvc.dll - ok
09:36:05.0861 0x0aa8  [ 49E5753D923F1AC63B22D3DCB0B47E00, 14CEC0BF5F625FF839A8D79B4A6B7C4AC0CBB705FD197C6B7FF8617C6C3E34FE ] C:\Windows\System32\uDWM.dll
09:36:05.0861 0x0aa8  C:\Windows\System32\uDWM.dll - ok
09:36:05.0877 0x0aa8  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] C:\Windows\System32\browser.dll
09:36:05.0877 0x0aa8  C:\Windows\System32\browser.dll - ok
09:36:05.0877 0x0aa8  [ CFEFA40DDE34659BE5211966EAD86437, AC0A3AD8AA47012C40785013E2273FC571F416BC9C9FFDA418FE72B3123C1FB0 ] C:\Windows\System32\netmsg.dll
09:36:05.0877 0x0aa8  C:\Windows\System32\netmsg.dll - ok
09:36:05.0877 0x0aa8  [ 0255C22D99602534F15CBB8D9B6F152F, 43CD89D6CA56E0B633142F7C86DA9E072EE0723B5EBC4CE8CCBCA58C396ECF54 ] C:\Windows\System32\wbem\WinMgmtR.dll
09:36:05.0877 0x0aa8  C:\Windows\System32\wbem\WinMgmtR.dll - ok
09:36:05.0893 0x0aa8  [ 81749E073AC5857B044A686B406E5244, 3884EE705CA34235B29942FEDA8FEA654A21139B8C2A1D5E009C7D07D6E6ADF1 ] C:\Windows\System32\clusapi.dll
09:36:05.0893 0x0aa8  C:\Windows\System32\clusapi.dll - ok
09:36:05.0893 0x0aa8  [ FF80CAD87555E8E4D2CFD7B9058343F8, 07653773FBEC1996408B8507B08E0E1E812830063F932F897F4B39EE63DDCDC4 ] C:\Windows\System32\sscore.dll
09:36:05.0893 0x0aa8  C:\Windows\System32\sscore.dll - ok
09:36:05.0893 0x0aa8  [ 344FCC9850C3A8A3B4D3C65151AF8E4C, C38853454E153B1AB4AEAE1AAFB7CB4B2E6234208CF24C09F3B2AFE25E271C5C ] C:\Windows\System32\resutils.dll
09:36:05.0893 0x0aa8  C:\Windows\System32\resutils.dll - ok
09:36:05.0908 0x0aa8  [ D2A0FFA75AB181B19B5EB93BB29C7686, AC282D5EFFB191492F14638EB80F18E53C4A3D26C94A00A949366B3564D6C3E2 ] C:\Windows\System32\unimdm.tsp
09:36:05.0908 0x0aa8  C:\Windows\System32\unimdm.tsp - ok
09:36:05.0908 0x0aa8  [ 03706015DB44368375AEBE6339490E66, 02EB28B5156E320C1EBABC03D37E94EB770A721B99E1DD276F8DC2A50D76C381 ] C:\Windows\System32\netcfgx.dll
09:36:05.0908 0x0aa8  C:\Windows\System32\netcfgx.dll - ok
09:36:05.0908 0x0aa8  [ 3B367397320C26DBA890B260F80D1B1B, 50BBE71B4380B5E86E197AF86F5C08266DD6B12344BA4ABDEA604B8C774C4147 ] C:\Windows\System32\hnetcfg.dll
09:36:05.0908 0x0aa8  C:\Windows\System32\hnetcfg.dll - ok
09:36:05.0924 0x0aa8  [ 41326DD08ACC0CDC5F8177AF96C066E8, 9C21BB553EEDD28272E865396C9EF94655EC1CF216290A56581AEF7908B7AFDD ] C:\Windows\System32\kmddsp.tsp
09:36:05.0924 0x0aa8  C:\Windows\System32\kmddsp.tsp - ok
09:36:05.0924 0x0aa8  [ 94B7DF336815B47236724019FAB24B7C, 43549F1FB89D0585A0E0333BB8E1DDED2EBD0F3C0EC3EA93B238EA037188AA41 ] C:\Windows\System32\uniplat.dll
09:36:05.0924 0x0aa8  C:\Windows\System32\uniplat.dll - ok
09:36:05.0924 0x0aa8  [ 7C1BAE7D23D4874FEE256A2B9C00E019, 4EE87C2F0CACE557AA159349133474A5857B6667DDB976BA5A18489A3333F798 ] C:\Windows\System32\hidphone.tsp
09:36:05.0924 0x0aa8  C:\Windows\System32\hidphone.tsp - ok
09:36:05.0939 0x0aa8  [ 1D6BC2769DA66C1145F4DA5A65F52E61, B38EFF16652E751BF3B3BD85DA6EA33AB9B7F4228C59F741074E33085DB66ED0 ] C:\Windows\System32\ndptsp.tsp
09:36:05.0939 0x0aa8  C:\Windows\System32\ndptsp.tsp - ok
09:36:05.0939 0x0aa8  [ 210FCACAF902B2CD47CF9FD17D846146, 3F77AC721E084864C5966FF5337A90185F62203DC19C685328675500D629CB87 ] C:\Windows\System32\aeevts.dll
09:36:05.0939 0x0aa8  C:\Windows\System32\aeevts.dll - ok
09:36:05.0939 0x0aa8  [ FEB91B4DA0D540865260A33838654FA3, 8636B008BA329D3E6CC235D08BA4C914EFF45DBFCB9297C893CCDA8D907BA946 ] C:\Windows\System32\nci.dll
09:36:05.0939 0x0aa8  C:\Windows\System32\nci.dll - ok
09:36:05.0955 0x0aa8  [ 5EB55F661DEBF156E126160BCD4D89F8, 948D1F627AA55D55FB3B558BA61B8366C5481A6041820631F24408F75EA5D2CC ] C:\Windows\System32\wbem\wbemcore.dll
09:36:05.0955 0x0aa8  C:\Windows\System32\wbem\wbemcore.dll - ok
09:36:05.0955 0x0aa8  [ 087D8668C71634A3A3761135ABF16EEE, B7348A63299CFF4FFBF375E645A4850AE0F108D48D13AB25434CFAE7CF3D61FD ] C:\Windows\System32\wbem\esscli.dll
09:36:05.0955 0x0aa8  C:\Windows\System32\wbem\esscli.dll - ok
09:36:05.0955 0x0aa8  [ A717A35120DBAB5AB707AB40662AF9DD, DE117E70D0AC7FC26BBCEAAB45A0270A1065B36CC8B062B4128B561F2AAA9E04 ] C:\Windows\System32\rasppp.dll
09:36:05.0955 0x0aa8  C:\Windows\System32\rasppp.dll - ok
09:36:05.0955 0x0aa8  [ 0D753307D274F3688BD21C377B616700, 5DD08E77A11F2561FB96BA212FDDFE21D4394C69C34C3EB88F7F5CD068EE55BF ] C:\Windows\System32\eappcfg.dll
09:36:05.0971 0x0aa8  C:\Windows\System32\eappcfg.dll - ok
09:36:05.0971 0x0aa8  [ 0FE5CD5F9C9248F42D1EF56E495B182E, 1EBD40C119A3D3251A19A8D15669D9DCB5D3CFBC3AFCF1CD00101C31320243E1 ] C:\Windows\System32\vpnike.dll
09:36:05.0971 0x0aa8  C:\Windows\System32\vpnike.dll - ok
09:36:05.0971 0x0aa8  [ 6A84E68B538B8B04608BF2F0D426CE6F, 59CE1C06364D1BBEE853DA4AEC1E8B678D6E181723ACCF6DB9F9776CAD47BBDA ] C:\Windows\System32\raschap.dll
09:36:05.0971 0x0aa8  C:\Windows\System32\raschap.dll - ok
09:36:05.0986 0x0aa8  [ 718B6F51AB7F6FE2988A36868F9AD3AB, 76141B4E94C2766E2C34CEF523092948771A7893212EFADBE88D2171B85FF012 ] C:\Windows\System32\wbem\wbemsvc.dll
09:36:05.0986 0x0aa8  C:\Windows\System32\wbem\wbemsvc.dll - ok
09:36:05.0986 0x0aa8  [ 0143DB80DACFB7C2B5B7009ED9063353, 252885CF7C1BAB89B86908373546E5F5D674BEF7AACBDDCF321AD877CB9150A9 ] C:\Windows\System32\wbem\wmiutils.dll
09:36:05.0986 0x0aa8  C:\Windows\System32\wbem\wmiutils.dll - ok
09:36:05.0986 0x0aa8  [ 0AB34456654C283DAA13B8D2BA21439B, 4B70FC5195DE39564E951C8542020BA3D4257E3D4488F69825F67A6099CB7549 ] C:\Windows\System32\wbem\repdrvfs.dll
09:36:05.0986 0x0aa8  C:\Windows\System32\wbem\repdrvfs.dll - ok
09:36:06.0002 0x0aa8  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] C:\Windows\System32\ipnathlp.dll
09:36:06.0002 0x0aa8  C:\Windows\System32\ipnathlp.dll - ok
09:36:06.0002 0x0aa8  [ 2DF29664ED261F0FC448E58F338F0671, 4EFE79C383D0AF126FC4EE668D822563F8F037B1E61D73747A35FE11AAFDB8CE ] C:\Windows\System32\mprapi.dll
09:36:06.0002 0x0aa8  C:\Windows\System32\mprapi.dll - ok
09:36:06.0002 0x0aa8  [ A42F2C1EB3B66C54FB3C7B79D30C1A6D, A63836DB3B01835DC1311526A95198D6EBCCB1DC9DDAFBC38EC36C128CDB98B9 ] C:\Windows\System32\netshell.dll
09:36:06.0002 0x0aa8  C:\Windows\System32\netshell.dll - ok
09:36:06.0002 0x0aa8  [ DDD0357A92FA843EFF8915ED17253D6C, 0C78B1D41F0A7821186ADF653504F2BFF067CB512CB0E932047C301378BBADB6 ] C:\Windows\System32\wbem\WmiPrvSD.dll
09:36:06.0002 0x0aa8  C:\Windows\System32\wbem\WmiPrvSD.dll - ok
09:36:06.0017 0x0aa8  [ D41FEBD098234F02485A4EA98D4730A4, 462DC8168C444F35B43BA3B8F7D77734665D84F1C6D25CAD7391C0145961628F ] C:\Windows\System32\ncobjapi.dll
09:36:06.0017 0x0aa8  C:\Windows\System32\ncobjapi.dll - ok
09:36:06.0017 0x0aa8  [ 6F40D6FB05E0C1E5402812B426971AF0, E41F138F0F2DB057F8DBB1587237C6FA8A2059B3D64EC894D1DC492A18DBBDED ] C:\Windows\System32\wbem\wbemess.dll
09:36:06.0017 0x0aa8  C:\Windows\System32\wbem\wbemess.dll - ok
09:36:06.0033 0x0aa8  [ DCEE3592299B2229A0DB98CB415059A2, 709AAA095DF44DDCB6159CE1635AB05EC666D845445790E569F56B297DC64AC3 ] C:\Program Files\Microsoft Security Client\NisSrv.exe
09:36:06.0033 0x0aa8  C:\Program Files\Microsoft Security Client\NisSrv.exe - ok
09:36:06.0033 0x0aa8  [ F7073C962C4FB7C415565DDE109DE49F, 781E7088DCEFBC34A808C3E7DA41A56112B3F23ABE9F54B5EF4D5CD9CD016B1D ] C:\Windows\System32\npmproxy.dll
09:36:06.0033 0x0aa8  C:\Windows\System32\npmproxy.dll - ok
09:36:06.0033 0x0aa8  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] C:\Windows\System32\appinfo.dll
09:36:06.0033 0x0aa8  C:\Windows\System32\appinfo.dll - ok
09:36:06.0049 0x0aa8  [ B7762D1AEAAE5C4AAA5F1677EC3B1512, DC075848BC8F74B583354320BFC87E231CB39F6470A2FC3307ECCDFB13751BF9 ] C:\Program Files\Microsoft Security Client\NisLog.dll
09:36:06.0049 0x0aa8  C:\Program Files\Microsoft Security Client\NisLog.dll - ok
09:36:06.0049 0x0aa8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] C:\Windows\System32\wdi.dll
09:36:06.0049 0x0aa8  C:\Windows\System32\wdi.dll - ok
09:36:06.0049 0x0aa8  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] C:\Windows\System32\wpdbusenum.dll
09:36:06.0049 0x0aa8  C:\Windows\System32\wpdbusenum.dll - ok
09:36:06.0064 0x0aa8  [ E629F1A051C82795DDFFD3E8D4855811, 6E4DFFEAB2795C98EA6DCAF10EA6D97413D0F8CA0C04869CB20B74FF4D6FE679 ] C:\Windows\System32\dimsjob.dll
09:36:06.0064 0x0aa8  C:\Windows\System32\dimsjob.dll - ok
09:36:06.0064 0x0aa8  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] C:\Windows\System32\hidserv.dll
09:36:06.0064 0x0aa8  C:\Windows\System32\hidserv.dll - ok
09:36:06.0064 0x0aa8  [ BF4AC709BE5BF64F331F5D67773A0C82, 96E5A2A12D386B8A7976FEC76FD350E6A3EEBDF5763F4BBF4AB18880E9F269E0 ] C:\Windows\System32\perftrack.dll
09:36:06.0064 0x0aa8  C:\Windows\System32\perftrack.dll - ok
09:36:06.0080 0x0aa8  [ 4449D23E8F197862F1B16F1E6C89C36C, 93AF52BF8E870C0381F027D3BB8F6829E449242074472F1593EB8172D7EB6559 ] C:\Windows\System32\diagperf.dll
09:36:06.0080 0x0aa8  C:\Windows\System32\diagperf.dll - ok
09:36:06.0080 0x0aa8  [ E64D9EC8018C55873B40FDEE9DBEF5B3, 2DB11E7C631A9887CB75AFEAD2C79EC65F82C51F5F073CEFC8CDDF664EFF29C1 ] C:\Windows\System32\PortableDeviceApi.dll
09:36:06.0080 0x0aa8  C:\Windows\System32\PortableDeviceApi.dll - ok
09:36:06.0080 0x0aa8  [ 35CB97CBC3EDC463418ED4997AAB29B6, EE60EABE2D87CEDD68FB8985B6C5D70930015FB2B8DB9FDCB4044587BC6ECA4C ] C:\Windows\System32\pautoenr.dll
09:36:06.0080 0x0aa8  C:\Windows\System32\pautoenr.dll - ok
09:36:06.0095 0x0aa8  [ 94DFBB481BF51158B216E23C5C1C9D6E, 0199086A70B9B63E48A7A15C8AE5442E9C6BC0173BD80A104DE1BE6A6C25F202 ] C:\Windows\System32\certcli.dll
09:36:06.0095 0x0aa8  C:\Windows\System32\certcli.dll - ok
09:36:06.0095 0x0aa8  [ 263B26106606A010CF877472B535E4BB, 43ECE89E428D2BB34244894BEBA1B946B0767649D15B1C715223E4E471A9E504 ] C:\Windows\System32\CertEnroll.dll
09:36:06.0095 0x0aa8  C:\Windows\System32\CertEnroll.dll - ok
09:36:06.0095 0x0aa8  [ E1B22739C933BE33F53DB58C5393ADD3, 26EE0DD091D2E00DECC774DC1EEDFFDE69AF74B0C769CCBE091AFC32C66E4207 ] C:\Windows\System32\Apphlpdm.dll
09:36:06.0095 0x0aa8  C:\Windows\System32\Apphlpdm.dll - ok
09:36:06.0111 0x0aa8  [ 46863C4CC5B68EB09EA2D5EEF0F1193A, 9B5593E1F484AC8F96F89A5995FB1FE9C51CB2F0F545607F6850751191150CFE ] C:\Windows\System32\radardt.dll
09:36:06.0111 0x0aa8  C:\Windows\System32\radardt.dll - ok
09:36:06.0111 0x0aa8  [ 1075AB2C077B415760C0E948856B5126, D67804B4A038FC06BD84CBF9C047DD4C13073622027F825371DB98867EF4E9B9 ] C:\Windows\System32\wer.dll
09:36:06.0111 0x0aa8  C:\Windows\System32\wer.dll - ok
09:36:06.0111 0x0aa8  [ 9719E3D834F5C8C43F56A93DFA497023, 4D78D4BD4835C0A237821967156C19DF4B90384A6BCB1F48CEAF35D003A0099A ] C:\Windows\System32\pnpts.dll
09:36:06.0111 0x0aa8  C:\Windows\System32\pnpts.dll - ok
09:36:06.0127 0x0aa8  [ E811F8510B133E70CF6E509FB809824F, 82541F2B15748250462B67B6C77530D4F7C45A1482237EC49B28F9FA5A414108 ] C:\Windows\System32\wdiasqmmodule.dll
09:36:06.0127 0x0aa8  C:\Windows\System32\wdiasqmmodule.dll - ok
09:36:06.0127 0x0aa8  [ AFA79C343F9D1555F7E5D5FA70BB2A14, 440EF3ADC1F5C7A5ED3E872C8D8DFA61B039454C3CA67F8A51CA8BDCFDC4BA4A ] C:\Windows\System32\PortableDeviceConnectApi.dll
09:36:06.0127 0x0aa8  C:\Windows\System32\PortableDeviceConnectApi.dll - ok
09:36:06.0127 0x0aa8  [ 7A865523E3E0F4FA421787FAED4A04CD, E8A3F10D44E1EB704BFAB5B69C541AC80F52E16061AA7ADF1AB0827860D3FE90 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C1032175-AD63-40A8-B3C6-EB6B359BD3E0}\gapaengine.dll
09:36:06.0127 0x0aa8  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C1032175-AD63-40A8-B3C6-EB6B359BD3E0}\gapaengine.dll - ok
09:36:06.0127 0x0aa8  [ B97DDC89024A70CB6058FA7D70029A56, 53B87D9DC07E715C1DB34D1049E1B3AEAE4B7A724AFA6DEAD8E476C0982D5451 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C1032175-AD63-40A8-B3C6-EB6B359BD3E0}\nisfull.vdm
09:36:06.0127 0x0aa8  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C1032175-AD63-40A8-B3C6-EB6B359BD3E0}\nisfull.vdm - ok
09:36:06.0142 0x0aa8  [ 025E7DBDB98866ED3CB2D4DDA70B364D, 78962F23F066E362AF1A4B98FA7D5E30AF30C561307438503031D30C944B6A6E ] C:\Windows\System32\runonce.exe
09:36:06.0142 0x0aa8  C:\Windows\System32\runonce.exe - ok
09:36:06.0142 0x0aa8  [ 92E0508D924512F63FFEEFE498CBD11F, 1158011E4A1298DEC79133B40888AA87B06F5B64BA2AB461B58C22F5F9211D0C ] C:\Windows\System32\p2pcollab.dll
09:36:06.0142 0x0aa8  C:\Windows\System32\p2pcollab.dll - ok
09:36:06.0142 0x0aa8  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] C:\Windows\System32\QAGENTRT.DLL
09:36:06.0142 0x0aa8  C:\Windows\System32\QAGENTRT.DLL - ok
09:36:06.0158 0x0aa8  [ D44741F65A1D71F65814A12CF6E2400A, C6721F830675ADC7E7FDE2B5E822E56F6A063146F5066F1E25EBFE86F0A87136 ] C:\Windows\SysWOW64\runonce.exe
09:36:06.0158 0x0aa8  C:\Windows\SysWOW64\runonce.exe - ok
09:36:06.0158 0x0aa8  [ 506A83A3BEEE9FCA09F0170DE9FC7D1B, 2DFBD792B68F3EBEF0843183CAE5D52B6FA04163808AFACF6C0D738455898C36 ] C:\Windows\System32\fveui.dll
09:36:06.0158 0x0aa8  C:\Windows\System32\fveui.dll - ok
09:36:06.0173 0x0aa8  [ 6C765E82B57F2E66CE9C54AC238471D9, 97F410023F5C08B4BC5DBF89A642200E76F4025ADD9707C24FD89D673675BB43 ] C:\Windows\SysWOW64\oleaut32.dll
09:36:06.0173 0x0aa8  C:\Windows\SysWOW64\oleaut32.dll - ok
09:36:06.0173 0x0aa8  [ FF5688D309347F2720911D8796912834, 3B0D73C50D40A6F42629B7750F99F656BF5C1C50237D5F98B6C0F2CE5E2DA359 ] C:\Windows\SysWOW64\clbcatq.dll
09:36:06.0173 0x0aa8  C:\Windows\SysWOW64\clbcatq.dll - ok
09:36:06.0173 0x0aa8  [ 10FB16B50AFFDA6D44588F3C445DC273, 6CDA17DA9B44D11E69F7C6682FA633EA75731623BB21B429A0FE2086ED4495A7 ] C:\Windows\SysWOW64\setupapi.dll
09:36:06.0173 0x0aa8  C:\Windows\SysWOW64\setupapi.dll - ok
09:36:06.0189 0x0aa8  [ F436E847FA799ECD75AD8C313673F450, 3C8BF3F0C08C7FA8DE5CD9C60AD9D00B742E84EB1FEBEEBA0F7159844BAAA471 ] C:\Windows\SysWOW64\cfgmgr32.dll
09:36:06.0189 0x0aa8  C:\Windows\SysWOW64\cfgmgr32.dll - ok
09:36:06.0189 0x0aa8  [ 2EEFF4502F5E13B1BED4A04CCAD64C08, 209FF1B6D46D1AC99518FCF54F2F726143B2DBF2C5FDA90212FBEF7526F7CBF5 ] C:\Windows\SysWOW64\devobj.dll
09:36:06.0189 0x0aa8  C:\Windows\SysWOW64\devobj.dll - ok
09:36:06.0189 0x0aa8  [ 12C45E3CB6D65F73209549E2D02ECA7A, 9DFD9C58B90257C34D52B7156C1D2566BE32EE7BD4699DDE164A5F190EC4D44A ] C:\Windows\SysWOW64\propsys.dll
09:36:06.0189 0x0aa8  C:\Windows\SysWOW64\propsys.dll - ok
09:36:06.0205 0x0aa8  [ 58A0CDABEA255616827B1C22C9994466, 4FE1140AA8D3995579DE8CDF4ECAD1978804D05351EABB4079A63B303EF1B451 ] C:\Windows\System32\NapiNSP.dll
09:36:06.0205 0x0aa8  C:\Windows\System32\NapiNSP.dll - ok
09:36:06.0205 0x0aa8  [ 613C8CE10A5FDE582BA5FA64C4D56AAA, 30507B6BA79E1A271B07BBA58B4FF463678BE0960266A1D5E88031E932D768B6 ] C:\Windows\System32\pnrpnsp.dll
09:36:06.0205 0x0aa8  C:\Windows\System32\pnrpnsp.dll - ok
09:36:06.0205 0x0aa8  [ 2E2072EB48238FCA8FBB7A9F5FABAC45, AC70B9FC24847EEC2E18008F2894DCDAC19A9C90D5D88729326E493CA524F5C3 ] C:\Windows\System32\winrnr.dll
09:36:06.0205 0x0aa8  C:\Windows\System32\winrnr.dll - ok
09:36:06.0220 0x0aa8  [ 662BA98309818AF2C17D4E48BF4021C4, 57B3FFAECE3DF5E22B6764A95D2B8523AA02CCCB4BD0779025C11D02EEBF4B1E ] C:\Program Files\Windows Defender\MpClient.dll
09:36:06.0220 0x0aa8  C:\Program Files\Windows Defender\MpClient.dll - ok
09:36:06.0220 0x0aa8  [ 2EE1E467D73642AFDDB03019F58C252B, 5A7D5DAFE22082B3ED035D640578ED7B5005EDFE80E5C911774EC77A2CAFF1B3 ] C:\Windows\SysWOW64\urlmon.dll
09:36:06.0220 0x0aa8  C:\Windows\SysWOW64\urlmon.dll - ok
09:36:06.0220 0x0aa8  [ 1C60E09CA1C3A045BC4D367F67C915B7, DF1ED88CB57DA1AB1A4245AE0D5B42AFA3396EBF67B99411FFFB0DD06DE1AEAF ] C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
09:36:06.0220 0x0aa8  C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
09:36:06.0236 0x0aa8  [ F0D0E883EBBDC7615DC9EDEA0FFB2817, 58F1395445018CB16ED4D3710443FB5B0E087043F6A69F7B10D72D0455958954 ] C:\Windows\SysWOW64\FWPUCLNT.DLL
09:36:06.0236 0x0aa8  C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
09:36:06.0236 0x0aa8  [ 6951562DC4625EEFC6EACD52AD165866, 44A0B3EA0232D613A5B4115492DF2A7CEF25B35300E6A3E3E50C9544C5D1049E ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
09:36:06.0236 0x0aa8  C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
09:36:06.0236 0x0aa8  [ 6A13B4F3B3F575F1E24B877B9359AABA, 676AD5F8F709D4A9DCE9938D82DEEE329C9A385A6969C169B3DF37AA75F1E4C7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
09:36:06.0236 0x0aa8  C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
09:36:06.0251 0x0aa8  [ 589CBC4989F750E1DA35625AB481CF43, B93E1B8C3775F9C995FD5451C685A06DEFD24AE1DF0DD99D19D5E4B9AC0010F9 ] C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
09:36:06.0251 0x0aa8  C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll - ok
09:36:06.0251 0x0aa8  [ 3BE0D923AA45A4DBE091C2D84F0B4FE7, 603EEC55D6F646150FC3F0F2C939CFE434C02FC7A7AB23B1FEC8B5C77E4C8381 ] C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
09:36:06.0251 0x0aa8  C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll - ok
09:36:06.0251 0x0aa8  [ 2E33DFD10F28F86C3FC40EE123CC3904, 57C65671A04EFCA437A69E8E97B2FCA17897EE4608C7DB69F77D44FBD3490B50 ] C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
09:36:06.0251 0x0aa8  C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
09:36:06.0267 0x0aa8  [ B68750104FBA545C633B7E9AEA660208, 7D07BD6C3B2907B3B181B14DBC0F8C0B40690EA9FF5A51253400BDE83C4272C7 ] C:\Windows\SysWOW64\iertutil.dll
09:36:06.0267 0x0aa8  C:\Windows\SysWOW64\iertutil.dll - ok
09:36:06.0267 0x0aa8  [ B5EB5BD3066959611E1F7A80FD6CC172, 1FFB68A66F28F604ADCAE9C135F8DCF301316AB7FDA8EBD294583C56DD26F7CC ] C:\Windows\SysWOW64\wininet.dll
09:36:06.0267 0x0aa8  C:\Windows\SysWOW64\wininet.dll - ok
09:36:06.0267 0x0aa8  [ 372948BB5E41CE42341C4398DE572E56, A12A3CB0C04FD02A17E202FEE79EA1B4009DAE4B5DB8B9B9D4919D1FFB270CF3 ] C:\Windows\SysWOW64\secur32.dll
09:36:06.0267 0x0aa8  C:\Windows\SysWOW64\secur32.dll - ok
09:36:06.0283 0x0aa8  [ 49ACA548B2423F1C67898E6AC719A9A6, 23D84137EAB9AFDD31CBB6776B6B25AD135A120AF7F7885EB5BBF9E0A2CCC4C1 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
09:36:06.0283 0x0aa8  C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
09:36:06.0283 0x0aa8  [ B6381489F9C8612AFFD4A2765ABD341C, 194EDB7DC64680BF2597B53E95FADEF85B7BFCD2350FE821C55CA51518F6DE19 ] C:\Users\Tribu\Desktop\mbam-chameleon-1.62.1.1000\mbam-chameleon.exe
09:36:06.0283 0x0aa8  C:\Users\Tribu\Desktop\mbam-chameleon-1.62.1.1000\mbam-chameleon.exe - ok
09:36:06.0283 0x0aa8  [ 2C4A87CA8C00E98EFDCFA2E8EC9A3503, DA59CE662E98E56D89E2894D2AC8B9F324C16DA23C860640EDC2C82E0AD06097 ] C:\Windows\SysWOW64\shdocvw.dll
09:36:06.0283 0x0aa8  C:\Windows\SysWOW64\shdocvw.dll - ok
09:36:06.0298 0x0aa8  [ E7B9D5FF20FFDD4AAE2EF1D1B8C27A37, 689D126B1B42140D5049015E3E324268E6542D4BC6CC14E31D8B89A25B94BAA5 ] C:\Windows\SysWOW64\imagehlp.dll
09:36:06.0298 0x0aa8  C:\Windows\SysWOW64\imagehlp.dll - ok
09:36:06.0298 0x0aa8  [ AD7FB087A238883D1618F29F7BBBD584, D9541CA4D2AADFEEEC195863133B16C2EC94CA63F842F5646F7834F2D0E85FF3 ] C:\Windows\SysWOW64\ncrypt.dll
09:36:06.0298 0x0aa8  C:\Windows\SysWOW64\ncrypt.dll - ok
09:36:06.0298 0x0aa8  [ CE71B9119A258EDD0A05B37D7B0F92E3, D9310C5BBFE089B8C81E259C462EC1E6D7A7A87FA59FC1F174ED5C58D409AE7A ] C:\Windows\SysWOW64\bcrypt.dll
09:36:06.0298 0x0aa8  C:\Windows\SysWOW64\bcrypt.dll - ok
09:36:06.0314 0x0aa8  [ E8449FE262D7406BCB2AC2A45C53EC5F, 6C118C9FB26404D1943824CF3990F36E12986547FFACB7CC0DF975A913065D78 ] C:\Windows\SysWOW64\bcryptprimitives.dll
09:36:06.0314 0x0aa8  C:\Windows\SysWOW64\bcryptprimitives.dll - ok
09:36:06.0314 0x0aa8  [ 1097F3035BAF46CED8B332B3564C5108, C69781683CA963A1335780DABBBC60E2C3CEF0888738D3425D358D12E8D0AF58 ] C:\Windows\SysWOW64\gpapi.dll
09:36:06.0314 0x0aa8  C:\Windows\SysWOW64\gpapi.dll - ok
09:36:06.0314 0x0aa8  [ 7B851A8018B1EA00A69707A390004884, DAE654713EF1DC66C8C2D27752B659081794063A7D522D1F680AA9A6E7FBA9FD ] C:\Windows\SysWOW64\cryptnet.dll
09:36:06.0314 0x0aa8  C:\Windows\SysWOW64\cryptnet.dll - ok
09:36:06.0329 0x0aa8  [ 6F8E3B7B70E1BBA871212940C1FBDF60, 3F9D4EE64E4210340C6FEE0DE81BFE3C613DDBE608EC09D63817D24CE24BFC5E ] C:\Windows\SysWOW64\SensApi.dll
09:36:06.0329 0x0aa8  C:\Windows\SysWOW64\SensApi.dll - ok
09:36:06.0329 0x0aa8  [ 3BCECD87AB4E6743BFB45B352AD1A529, 2C4BEDC26D9D96783C0833AE49CE716658D74664E3BBC1960232CD04976DDEF2 ] C:\Windows\SysWOW64\WindowsCodecs.dll
09:36:06.0329 0x0aa8  C:\Windows\SysWOW64\WindowsCodecs.dll - ok
09:36:06.0329 0x0aa8  [ 846D0E4DB261CFAF363902E41498E961, D7E5591B7604FD583AF7FDA19E30928B24A6145318A3944E7D207F0CCEEB30D0 ] C:\Windows\SysWOW64\EhStorShell.dll
09:36:06.0329 0x0aa8  C:\Windows\SysWOW64\EhStorShell.dll - ok
09:36:06.0345 0x0aa8  [ 03F3B770DFBED6131653CEDA8CA780F0, 77373919DCA647F09851E7E460AE78FBD89F21516B961F84AC4446304E51E09C ] C:\Windows\SysWOW64\ntshrui.dll
09:36:06.0345 0x0aa8  C:\Windows\SysWOW64\ntshrui.dll - ok
09:36:06.0345 0x0aa8  [ 5CCDCD40E732D54E0F7451AC66AC1C87, 66F4DA105BD72E41250CD59E2B3CD931B47AC9FDB6C784B9E33C5EE1AC29841F ] C:\Windows\SysWOW64\srvcli.dll
09:36:06.0345 0x0aa8  C:\Windows\SysWOW64\srvcli.dll - ok
09:36:06.0345 0x0aa8  [ 465BEA35F7ED4A4A57686DEA7EA10F47, 7F1B3CA09AB045F805DA5765BE7DD270F5DDACE3073017F7386FF1E2FA82D6FB ] C:\Windows\SysWOW64\cscapi.dll
09:36:06.0345 0x0aa8  C:\Windows\SysWOW64\cscapi.dll - ok
09:36:06.0361 0x0aa8  [ 8B74CEC6980D4816B0037AE9A27E538F, 8721EDB4C51BF6020002FA5DDB1987C68590F9F433A2F18D9756B2DAC7542CB6 ] C:\Windows\SysWOW64\slc.dll
09:36:06.0361 0x0aa8  C:\Windows\SysWOW64\slc.dll - ok
09:36:06.0361 0x0aa8  [ 827CB0D6C3F8057EA037FF271F8E9795, 82760DBDDD38D2A31CAAF51D065DF4E7E1D0F0C22733A0AF653776EBF7B79470 ] C:\Windows\SysWOW64\imageres.dll
09:36:06.0361 0x0aa8  C:\Windows\SysWOW64\imageres.dll - ok
09:36:06.0361 0x0aa8  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] C:\Windows\System32\aelupsvc.dll
09:36:06.0361 0x0aa8  C:\Windows\System32\aelupsvc.dll - ok
09:36:06.0376 0x0aa8  [ 256503028879103E9741A276FA24D65D, 6F32B44826FCA3365D77127361F93A009D70A8A63C8825A8B8235B237C60FF41 ] C:\Windows\SysWOW64\esent.dll
09:36:06.0376 0x0aa8  C:\Windows\SysWOW64\esent.dll - ok
09:36:06.0376 0x0aa8  [ 08DFDBD2FD4EA951DC46B1C7661ED35A, D926530C659DDAF80770663F46F1EFD94FFB4AAB475C4E3367CB531AF4A734E1 ] C:\Windows\SysWOW64\powrprof.dll
09:36:06.0376 0x0aa8  C:\Windows\SysWOW64\powrprof.dll - ok
09:36:06.0376 0x0aa8  [ 7313A885F675B72A0A0DC0C812D0B936, F6E5E4D1028A682D5885CD5194AA32F70712C4830F47245E0185B8B429D0D658 ] C:\Program Files\NVIDIA Corporation\Display\nvsmartmax64.dll
09:36:06.0376 0x0aa8  C:\Program Files\NVIDIA Corporation\Display\nvsmartmax64.dll - ok
09:36:06.0392 0x0aa8  [ 220159496484D34009DE71CA1A68E0D4, 94BD3DEB4E84F95D80BE5775E5A612EFF181ECB212FB668674C67AD19194DE69 ] C:\Windows\System32\wbem\NCProv.dll
09:36:06.0392 0x0aa8  C:\Windows\System32\wbem\NCProv.dll - ok
09:36:06.0392 0x0aa8  [ 5575DB32AA0CC5A97CA4DC87511CBF0C, 0257A38C86266CE6185B36A61A9A9BF10065152F78290483A4FC44DF916EAD01 ] C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
09:36:06.0392 0x0aa8  C:\Program Files\NVIDIA Corporation\Display\nvtray.exe - ok
09:36:06.0392 0x0aa8  [ 812A161FC470FA832C3F0CC3D7ACA2F9, E4117C9023AE3193F22316A48F2B1B2C05373CCA64226D91190C17EBED9AFD26 ] C:\Windows\SysWOW64\apisetschema.dll
09:36:06.0392 0x0aa8  C:\Windows\SysWOW64\apisetschema.dll - ok
09:36:06.0407 0x0aa8  [ 18AB2E5A40064ED5F7791AC5946A90F3, B7536CE56702C23B1CEC3E1B6C78866E0A76808B85A92AF3733D9ED9429E004C ] C:\Windows\SysWOW64\msimg32.dll
09:36:06.0407 0x0aa8  C:\Windows\SysWOW64\msimg32.dll - ok
09:36:06.0407 0x0aa8  [ D1DE1EAFDE97BE41CF6585027FF3E732, 76F17D4DF440D6734DC8157092D94EB18C2A73A0A49BEEA289E7B3EDE30E86A2 ] C:\Windows\SysWOW64\comdlg32.dll
09:36:06.0407 0x0aa8  C:\Windows\SysWOW64\comdlg32.dll - ok
09:36:06.0407 0x0aa8  [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8, B1A9B2EF000917214C0198958CBD239D1D91B1720EC40DF041262A34D302AD74 ] C:\Windows\SysWOW64\winspool.drv
09:36:06.0407 0x0aa8  C:\Windows\SysWOW64\winspool.drv - ok
09:36:06.0423 0x0aa8  [ 8E01332CC4B68BC6B5B7EFFE374442AA, A4AD1D2FD3EC2F26949DBBC388F9FFF3713AD7EB4E9220AF817EBB5223E467C6 ] C:\Windows\SysWOW64\oleacc.dll
09:36:06.0423 0x0aa8  C:\Windows\SysWOW64\oleacc.dll - ok
09:36:06.0423 0x0aa8  [ D5AEFAD57C08349A4393D987DF7C715D, C36A45BC2448DF30CD17BD2F8A17FC196FAFB685612CACCEB22DC7B58515C201 ] C:\Windows\SysWOW64\winmm.dll
09:36:06.0423 0x0aa8  C:\Windows\SysWOW64\winmm.dll - ok
09:36:06.0423 0x0aa8  [ 90FB1802D488FFA9029854A77D4F3F27, FBEAB2065307A2BD9C78D3ABB4F80B8311F3EA68B2F23FD1EF80C24E1DBA1F4D ] C:\Windows\SysWOW64\oleaccrc.dll
09:36:06.0423 0x0aa8  C:\Windows\SysWOW64\oleaccrc.dll - ok
09:36:06.0439 0x0aa8  [ 4EC2C3B15B9EC41AD0D6CD918D20376E, 3B570DF35051A0AD79EA9B66BB2355E44BF9232472102361615F6E1F5E8D67CA ] C:\Windows\SysWOW64\tzres.dll
09:36:06.0439 0x0aa8  C:\Windows\SysWOW64\tzres.dll - ok
09:36:06.0439 0x0aa8  [ 1A7C23CE433FCB732A5C769DCD0F9222, C6B1860184F2DDD579024C3E70410F8D4D5CA3999144AA330A468D7A5F7CB772 ] C:\Windows\SysWOW64\en-US\tzres.dll.mui
09:36:06.0439 0x0aa8  C:\Windows\SysWOW64\en-US\tzres.dll.mui - ok
09:36:06.0439 0x0aa8  [ 4E5FE39C1076D115EC8BFCFE14D75B80, F1D02BCA6F664DCDD0CCDE269D31787C7553CD38C7208A8DD8B80B9EA09FEB1C ] C:\Windows\SysWOW64\credssp.dll
09:36:06.0439 0x0aa8  C:\Windows\SysWOW64\credssp.dll - ok
09:36:06.0454 0x0aa8  [ B837D1528CE2E3CB79F09496BC08DDC6, ACD54CE61CFE94F23DC283537AD8FFBEB3D6041BD30317B60BA7A10FCB240A27 ] C:\Windows\System32\SensApi.dll
09:36:06.0454 0x0aa8  C:\Windows\System32\SensApi.dll - ok
09:36:06.0454 0x0aa8  [ BF95EA5809E3BBF55370F7CB309FEBD0, 62ADBA6E1A7DDDEFA971580161F30896DFFC27EB4EB82E3CC72062D57DA66500 ] C:\Windows\System32\conhost.exe
09:36:06.0454 0x0aa8  C:\Windows\System32\conhost.exe - ok
09:36:06.0454 0x0aa8  [ B998AB59D5541777A1E43175A9ACBE83, 8026C0FEA64591B1C8013A1DC77E6FAB0D82D84D70C0D8E0C3C00C18A5A65B2E ] C:\Windows\System32\en-US\conhost.exe.mui
09:36:06.0454 0x0aa8  C:\Windows\System32\en-US\conhost.exe.mui - ok
09:36:06.0470 0x0aa8  [ 6B63EA7979F501C37FC55A26CA162ACD, A2118847A624B2AEB133131EC1D28541221F779879FBAAE934D1198609221809 ] C:\Windows\SysWOW64\en-US\user32.dll.mui
09:36:06.0470 0x0aa8  C:\Windows\SysWOW64\en-US\user32.dll.mui - ok
09:36:06.0470 0x0aa8  [ AD7B9C14083B52BC532FBA5948342B98, 17F746D82695FA9B35493B41859D39D786D32B23A9D2E00F4011DEC7A02402AE ] C:\Windows\SysWOW64\cmd.exe
09:36:06.0470 0x0aa8  C:\Windows\SysWOW64\cmd.exe - ok
09:36:06.0470 0x0aa8  [ 326C7F76A29897A892AA7726E91C1C67, 64305346B06EC14976130B0B80F14B4D5AB63E5B2A6A7B872EC9CE2BF8FADCD2 ] C:\Windows\SysWOW64\winbrand.dll
09:36:06.0470 0x0aa8  C:\Windows\SysWOW64\winbrand.dll - ok
09:36:06.0485 0x0aa8  [ 84FA403E67CCF1A031FAEB39A091A7C0, 6AAF47281E52B184D6E58CAC0822DAE59EB719F2AF63360ECF645E1255E8644B ] C:\Windows\SysWOW64\en-US\cmd.exe.mui
09:36:06.0485 0x0aa8  C:\Windows\SysWOW64\en-US\cmd.exe.mui - ok
09:36:06.0485 0x0aa8  [ 18F02C555FBC9885DF9DB77754D6BB9B, 28FEB2FEC791EF44CF24A61C4BF175B00DBA030B53AB1B5B36AED898A2F5CF37 ] C:\Windows\SysWOW64\findstr.exe
09:36:06.0485 0x0aa8  C:\Windows\SysWOW64\findstr.exe - ok
09:36:06.0485 0x0aa8  [ 0297BC851D4C2187E80466362E0D5FA8, 2178F2C356413AAB2B9E335B70B2DE86E5875BA9FCA4918989798C9DA614A604 ] C:\Windows\SysWOW64\sort.exe
09:36:06.0485 0x0aa8  C:\Windows\SysWOW64\sort.exe - ok
09:36:06.0501 0x0aa8  [ 22868FAAF9C851BFA924B8D7EDB6CBC1, 6FF03FE38B5991F06D5253BAB95A1DED8E7B33400A8297EFA6BF909599E9DB4E ] C:\Windows\SysWOW64\ieframe.dll
09:36:06.0501 0x0aa8  C:\Windows\SysWOW64\ieframe.dll - ok
09:36:06.0501 0x0aa8  [ 60F4AEFA103D421EA4A40E31409B4756, 037A8605CA504A4FF43E9D4DE9017CEA1E26D3556C975872C747E24D8B0835EF ] C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
09:36:06.0501 0x0aa8  C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
09:36:06.0501 0x0aa8  [ C87BA2C40185BBE1513A5DF6D2B2DA20, ECB7D9F900D2AC2309981F9598DCAA99598CA6804A6A7B59CDCF26D801728F96 ] C:\Users\Tribu\AppData\Local\temp\{3BC6EB5E-53B1-4ACD-8958-120F8B907574}.exe
09:36:06.0501 0x0aa8  C:\Users\Tribu\AppData\Local\temp\{3BC6EB5E-53B1-4ACD-8958-120F8B907574}.exe - ok
09:36:06.0517 0x0aa8  [ 243974EC02F7AE49E4179C54624143AB, 755FA67F7BF10E3C6336788D297FBAA70F28F630852A43A78D3F7D7E3A7ECED0 ] C:\Windows\SysWOW64\MMDevAPI.dll
09:36:06.0517 0x0aa8  C:\Windows\SysWOW64\MMDevAPI.dll - ok
09:36:06.0517 0x0aa8  [ D205C24A9D069049FE2DF2A1B38726A7, B98F420B57A34FDA24F9A655319245EEF86EF4A952014FFA018070A01D5CBC4C ] C:\Windows\SysWOW64\wdmaud.drv
09:36:06.0517 0x0aa8  C:\Windows\SysWOW64\wdmaud.drv - ok
09:36:06.0517 0x0aa8  [ 9C67F6BBDA3881CFD02095160CF91576, 6CE97C6F0AD8BE183DE935A7AAB7D46821E8DE9E55A4BFF54ACB49D056826A94 ] C:\Windows\SysWOW64\ksuser.dll
09:36:06.0517 0x0aa8  C:\Windows\SysWOW64\ksuser.dll - ok
09:36:06.0532 0x0aa8  [ 139D3AB6AA920C34C50CBFFB9EB7D222, 5A5D205E16E6AFDCC965E4144FE6E104157DE7541D31727520363F2670513940 ] C:\Windows\SysWOW64\avrt.dll
09:36:06.0532 0x0aa8  C:\Windows\SysWOW64\avrt.dll - ok
09:36:06.0532 0x0aa8  [ C940F2F5C60B3727C5F18840735B229C, EFC3F465FD6C570505C214A92644357ACD01B1843ED25B5FCCCE10533403485C ] C:\Windows\SysWOW64\AudioSes.dll
09:36:06.0532 0x0aa8  C:\Windows\SysWOW64\AudioSes.dll - ok
09:36:06.0532 0x0aa8  [ 07393A09C46083588E751B63B03C8301, 36E2351CF5FA05FEAAEB340B5E04B107B53C8174F8333559D8AEA40BEB94F678 ] C:\Windows\SysWOW64\msacm32.drv
09:36:06.0532 0x0aa8  C:\Windows\SysWOW64\msacm32.drv - ok
09:36:06.0548 0x0aa8  [ 85683DF1F917E4D7F6BE1A04986BF1C8, D68D9F525D31C1843B6EC8FA950166FA1F34DB71222716E7B22DD33981C152B6 ] C:\Windows\SysWOW64\msacm32.dll
09:36:06.0548 0x0aa8  C:\Windows\SysWOW64\msacm32.dll - ok
09:36:06.0548 0x0aa8  [ 5A12C364AD1D4FCC0AD0E56DBBC34462, 5FDF434BE4E15311AC83754CF85B5451F5A219D768A5DE3DC4FD9AE0B57B0AD9 ] C:\Windows\SysWOW64\midimap.dll
09:36:06.0548 0x0aa8  C:\Windows\SysWOW64\midimap.dll - ok
09:36:06.0548 0x0aa8  [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9, E18D66455D00A6D2A2D7CC0833C233FE8A6DD910B59D6B5B5F82EF91450858DF ] C:\Windows\SysWOW64\sfc.dll
09:36:06.0563 0x0aa8  C:\Windows\SysWOW64\sfc.dll - ok
09:36:06.0563 0x0aa8  [ 84799328D87B3091A3BDD251E1AD31F9, F85521215924388830DBB13580688DB70B46AF4C7D82D549D09086438F8D237B ] C:\Windows\SysWOW64\sfc_os.dll
09:36:06.0563 0x0aa8  C:\Windows\SysWOW64\sfc_os.dll - ok
09:36:06.0563 0x0aa8  [ 162D247E995EAEBF3EF4289069E1111C, 19E858E9902E2D570FFD24AE2CB4165273F5BAB1FF7B04758B11AB5CD41FD752 ] C:\Windows\SysWOW64\devrtl.dll
09:36:06.0563 0x0aa8  C:\Windows\SysWOW64\devrtl.dll - ok
09:36:06.0563 0x0aa8  [ 20B3934DB73EABA2B49B7177873CB81F, 492EAC5C51472B43DE11825358AEC4B9E3A081DACFD7513C696D6FE40F302EE5 ] C:\Windows\SysWOW64\netutils.dll
09:36:06.0579 0x0aa8  C:\Windows\SysWOW64\netutils.dll - ok
09:36:06.0579 0x0aa8  [ CA9F7888B524D8100B977C81F44C3234, 57F3353F89724147D8AC8B69B12C1303DF26978309776F5F8CCF074526A915D3 ] C:\Windows\SysWOW64\winhttp.dll
09:36:06.0579 0x0aa8  C:\Windows\SysWOW64\winhttp.dll - ok
09:36:06.0579 0x0aa8  [ FB19FC5951A88F3C523E35C2C98D23C0, FF0DB8BF0C68DA0D09272E8181D2B5409C8850BB2F31AEA3AC4CD14C5A420A59 ] C:\Windows\SysWOW64\webio.dll
09:36:06.0579 0x0aa8  C:\Windows\SysWOW64\webio.dll - ok
09:36:06.0579 0x0aa8  [ 5997D769CDB108390DCFAEBF442BF816, 0E25CA984C0EEB629184423FAA9BC6D4356DF9A93F281E06DC83B4AC638AEC4A ] C:\Windows\SysWOW64\RpcRtRemote.dll
09:36:06.0579 0x0aa8  C:\Windows\SysWOW64\RpcRtRemote.dll - ok
09:36:06.0595 0x0aa8  [ 2CFA4569350B7F84F815E9EC34E85766, 8DE5F880F23435256E697C24BDDFA9B8994ACC3FAA063AF274BEC918FE012788 ] C:\Windows\SysWOW64\SndVolSSO.dll
09:36:06.0595 0x0aa8  C:\Windows\SysWOW64\SndVolSSO.dll - ok
09:36:06.0595 0x0aa8  [ 63DF770DF74ACB370EF5A16727069AAF, B8F96336BF87F1153C245D19606CBD10FBE7CF2795BCC762F2A1B57CB7C39116 ] C:\Windows\SysWOW64\hid.dll
09:36:06.0595 0x0aa8  C:\Windows\SysWOW64\hid.dll - ok
09:36:06.0610 0x0aa8  [ 7E9917D5309A90E7576653BFE39F80D8, 3525795CA69EF165AAAA20C878A20DF5A5F183CF6F8358A0132A88153E6459C6 ] C:\Windows\SysWOW64\timedate.cpl
09:36:06.0610 0x0aa8  C:\Windows\SysWOW64\timedate.cpl - ok
09:36:06.0610 0x0aa8  [ FB10715E4099AF9FA389C71873245226, 6A4CB43880B822A0C4714D6E52EB3EB2CE1E69C3AA9CA65EAAD6B131AE43F274 ] C:\Windows\System32\timedate.cpl
09:36:06.0610 0x0aa8  C:\Windows\System32\timedate.cpl - ok
09:36:06.0610 0x0aa8  [ F10E5311E5093FA3C00FF88C54C32FCA, B557F5B00D77F030850D9AAC0FFEFC4C2A759EC4081C8459C9DEAE51BAAACC65 ] C:\Windows\SysWOW64\atl.dll
09:36:06.0610 0x0aa8  C:\Windows\SysWOW64\atl.dll - ok
09:36:06.0610 0x0aa8  [ D2958325C1AE1AE37A83334C6229E3BC, D8263CB39A25447442B75A8D8E8111DF671D645DA90A33865C089DEDA9706904 ] C:\Windows\SysWOW64\actxprxy.dll
09:36:06.0610 0x0aa8  C:\Windows\SysWOW64\actxprxy.dll - ok
09:36:06.0626 0x0aa8  [ E6F0F82788E8BD0F7A616350EFA0761C, 13091DCB3E3F4F52C3FF210E93AAF1DCE142CFC09F671AEAC5B922393B23E67B ] C:\Windows\System32\actxprxy.dll
09:36:06.0626 0x0aa8  C:\Windows\System32\actxprxy.dll - ok
09:36:06.0626 0x0aa8  [ E94C583CDE2348950155F2AF2876F34D, D00C7E0D665E467B712C68A446CC5BE14FDA743A2301878B3CEB72CDD0A8B8E7 ] C:\Windows\SysWOW64\mswsock.dll
09:36:06.0626 0x0aa8  C:\Windows\SysWOW64\mswsock.dll - ok
09:36:06.0626 0x0aa8  [ F14A9B1778376D0B1788E402AC1F831A, 6110F29669E03F8163B5CD7124BE0FF329F36C18529FA3B8FF70FC00B2D8AA02 ] C:\Windows\SysWOW64\shacct.dll
09:36:06.0626 0x0aa8  C:\Windows\SysWOW64\shacct.dll - ok
09:36:06.0641 0x0aa8  [ C30A3E5DEEEBA22E782AC54C5AF5F352, 80939A7B5354032256706C6CA0C3CCC7E67CD1C1C81EAEA2CBC74997C0863662 ] C:\Windows\SysWOW64\samlib.dll
09:36:06.0641 0x0aa8  C:\Windows\SysWOW64\samlib.dll - ok
09:36:06.0641 0x0aa8  [ EE5C8E27C37B79CB54A2FCEEED2DC262, 0A5E200FD65A491756B951A4A0ED39B88B7B313E97C2BBF3C91AC4C290772BB7 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
09:36:06.0641 0x0aa8  C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
09:36:06.0657 0x0aa8  [ 68ECCA523ED760AAFC03C5D587569859, CDD734279C8F9F24EA2538BAD8E91EB8C3DD74C33032DB6B2D85C19576B42707 ] C:\Windows\SysWOW64\samcli.dll
09:36:06.0657 0x0aa8  C:\Windows\SysWOW64\samcli.dll - ok
09:36:06.0657 0x0aa8  [ 73E8667A19FEEDD856DF2695E9E511D4, 68D66C36D1F293D10ADCC6A33C870F989A29743537592CF172F02E794BEAFD1C ] C:\Windows\SysWOW64\wship6.dll
09:36:06.0657 0x0aa8  C:\Windows\SysWOW64\wship6.dll - ok
09:36:06.0657 0x0aa8  [ B40420876B9288E0A1C8CCA8A84E5DC9, 0D3C73B45BC708D7B1E26DFB6D4F64031A998548FEA0FB5CE198ED716F7DC9A0 ] C:\Windows\SysWOW64\dnsapi.dll
09:36:06.0657 0x0aa8  C:\Windows\SysWOW64\dnsapi.dll - ok
09:36:06.0657 0x0aa8  [ EDF2A5E96BEC469DA3F64E9BDD386111, 63C91BBDFA2E087293B010A4E45625FBD1BFCAF655BFADE2F8B1C36CF804B118 ] C:\Windows\SysWOW64\xmllite.dll
09:36:06.0657 0x0aa8  C:\Windows\SysWOW64\xmllite.dll - ok
09:36:06.0673 0x0aa8  [ ED6EE83D61EBC683C2CD8E899EA6FEBE, F82592908D038C44D9F2E5C5B7BC663A2D370FC565F40420E1138A9E55F0E7EB ] C:\Windows\SysWOW64\rasadhlp.dll
09:36:06.0673 0x0aa8  C:\Windows\SysWOW64\rasadhlp.dll - ok
09:36:06.0673 0x0aa8  [ 3A16EA01FCFAAB40882DB5BFEE632322, 04ED66BEFDB822181EBD1D84CBF0B17AAADF8455AE742F44D7ADCB26AB07BDAD ] C:\Windows\SysWOW64\msftedit.dll
09:36:06.0673 0x0aa8  C:\Windows\SysWOW64\msftedit.dll - ok
09:36:06.0673 0x0aa8  [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86, E15ED4FEFC3010C213694331DDFDC03767682325C898D773AB243E2DC8B08461 ] C:\Windows\System32\msftedit.dll
09:36:06.0673 0x0aa8  C:\Windows\System32\msftedit.dll - ok
09:36:06.0688 0x0aa8  [ 298FDE634538B62CEEEC266D8773B21A, E6E445282D17CEAFEAB66A5A1E0124DD50F2438205BCE5649DB998BDAED06CB7 ] C:\Windows\SysWOW64\msls31.dll
09:36:06.0688 0x0aa8  C:\Windows\SysWOW64\msls31.dll - ok
09:36:06.0688 0x0aa8  [ 2EBD0C5B090125AECF017C57344C45AB, 4FF8F2460115C60AD164EE0DC2079E1601B8AA21A1BA8033B7B731FAF85411B6 ] C:\Windows\System32\msls31.dll
09:36:06.0688 0x0aa8  C:\Windows\System32\msls31.dll - ok
09:36:06.0688 0x0aa8  [ E904178851A6A44BFA97E064EF779E9D, B90C66EFACBCFEC5CDA218363408C27D4BD54E99F14E974B6B9CE9E2CEA946E7 ] C:\Windows\SysWOW64\authui.dll
09:36:06.0688 0x0aa8  C:\Windows\SysWOW64\authui.dll - ok
09:36:06.0704 0x0aa8  [ 28CA821606669BB9215CE010767720FA, C8A1F0D6704F8F37CF8AADDFAD511FF27E56E8BCFFD4AC948DFA0329DB1F3A1E ] C:\Windows\SysWOW64\cryptui.dll
09:36:06.0704 0x0aa8  C:\Windows\SysWOW64\cryptui.dll - ok
09:36:06.0704 0x0aa8  [ 4C2C4640BF23AAFCF90519E0F34436CE, 8ACCDA77C2DC5BE2DAED05134310122AFECC872A8D118612E55DD229BFE4D844 ] C:\Windows\System32\DeviceCenter.dll
09:36:06.0704 0x0aa8  C:\Windows\System32\DeviceCenter.dll - ok
09:36:06.0704 0x0aa8  [ 23B001185B7C3CB1F4BDEB143E6B45B7, AB3A5AB346F6353B43B06FBE20B7785DA988975E2C8B73A6588F107FFAAACC47 ] C:\Windows\System32\shdocvw.dll
09:36:06.0704 0x0aa8  C:\Windows\System32\shdocvw.dll - ok
09:36:06.0719 0x0aa8  [ 569AC1376B12D4083FC66CC7A304F234, DD209F09573F10A77D710E30EF3D0461D2E8F4E5F18106B18EFB587C88393460 ] C:\Program Files\Microsoft Security Client\msseces.exe
09:36:06.0719 0x0aa8  C:\Program Files\Microsoft Security Client\msseces.exe - ok
09:36:06.0719 0x0aa8  [ 5987EA8A82C53359BCD2C29D6588583E, 59E2DF91F8DA9E33DE65FA67A6A49A7C3F524618A87EAEFC8A28C5304E7FAB85 ] C:\Windows\SysWOW64\linkinfo.dll
09:36:06.0719 0x0aa8  C:\Windows\SysWOW64\linkinfo.dll - ok
09:36:06.0719 0x0aa8  [ A0A65D306A5490D2EB8E7DE66898ECFD, CE5DA408F4EDD5E81CE0925867F03C9A35172CF1571FE4C4C052E45AB69822BB ] C:\Windows\System32\linkinfo.dll
09:36:06.0719 0x0aa8  C:\Windows\System32\linkinfo.dll - ok
09:36:06.0735 0x0aa8  [ 539C49CEBB3C50957AC8A09D95ECD880, 49E75CDB556FBCE72C44648F8930CF2209C1360F9311C5B4CEB19E13B11E6B75 ] C:\Windows\SysWOW64\shfolder.dll
09:36:06.0735 0x0aa8  C:\Windows\SysWOW64\shfolder.dll - ok
09:36:06.0735 0x0aa8  [ 672D7C5080ACB003343006405DA2E621, 5F28C83A20ECB1F20894B60725477BEF0D672817DFDB9822FB345A3270A0C095 ] C:\Windows\SysWOW64\thumbcache.dll
09:36:06.0735 0x0aa8  C:\Windows\SysWOW64\thumbcache.dll - ok
09:36:06.0751 0x0aa8  [ 24F4B480F335A6C724AF352253C5D98B, 011413B236CAD7B78CE0A0EEC3E3085D48C7576A3205D025BA6EBFDF590538E4 ] C:\Windows\System32\thumbcache.dll
09:36:06.0751 0x0aa8  C:\Windows\System32\thumbcache.dll - ok
09:36:06.0751 0x0aa8  [ 3D57FFBAD3ED16B63DE3879BAB0FB56F, 6BEAF5AFC98961190B004E8DE57CD5F9F39117287AE18D59DDB2EC5C0A0C6622 ] C:\Windows\SysWOW64\networkexplorer.dll
09:36:06.0751 0x0aa8  C:\Windows\SysWOW64\networkexplorer.dll - ok
09:36:06.0751 0x0aa8  [ 8709FAA3CAECB05046F63CDA2C97CECC, 1EBE49A8E1E7DCF50FB9D6D60561B20F8A1F5CC5B8747676CAE12FE0D3343422 ] C:\Windows\SysWOW64\en-US\crypt32.dll.mui
09:36:06.0751 0x0aa8  C:\Windows\SysWOW64\en-US\crypt32.dll.mui - ok
09:36:06.0766 0x0aa8  [ 405F4D32D2185F1F1BD753D8EEAFFB3A, CAC42C3E09C43BE96592B670D70821386014DB22D8239A9CFB9E33E54FB5C3D5 ] C:\Windows\System32\networkexplorer.dll
09:36:06.0766 0x0aa8  C:\Windows\System32\networkexplorer.dll - ok
09:36:06.0766 0x0aa8  [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\Users\Tribu\AppData\Local\temp\{2C691B82-6BA8-45EB-BEC2-7F49579D1C54}\{1AB64913-006C-4A4A-8FAA-263C6C6DD456}.tmp
09:36:06.0766 0x0aa8  C:\Users\Tribu\AppData\Local\temp\{2C691B82-6BA8-45EB-BEC2-7F49579D1C54}\{1AB64913-006C-4A4A-8FAA-263C6C6DD456}.tmp - ok
09:36:06.0766 0x0aa8  [ E4561704CBFA193761743E5AF746C669, DCABD67A2B988BEF70BDD0613B4271BCFD572FAF8018CFA2EA60B8AEFE08C73B ] C:\Windows\SysWOW64\msxml3.dll
09:36:06.0766 0x0aa8  C:\Windows\SysWOW64\msxml3.dll - ok
09:36:06.0782 0x0aa8  [ CE7803953FE7314061B3F9188D310EB2, 75078CCE3A7277B5B60E806FA000FC437C4B06E2AD80EAB5BC99C8960810F295 ] C:\Windows\SysWOW64\en-US\KernelBase.dll.mui
09:36:06.0782 0x0aa8  C:\Windows\SysWOW64\en-US\KernelBase.dll.mui - ok
09:36:06.0782 0x0aa8  [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\Users\Tribu\AppData\Local\temp\{2C691B82-6BA8-45EB-BEC2-7F49579D1C54}\{36F29D17-47B5-4568-8804-0D1CC35FD7B8}.tmp
09:36:06.0782 0x0aa8  C:\Users\Tribu\AppData\Local\temp\{2C691B82-6BA8-45EB-BEC2-7F49579D1C54}\{36F29D17-47B5-4568-8804-0D1CC35FD7B8}.tmp - ok
09:36:06.0782 0x0aa8  [ 80808656078CFCC32CF8BFEB0DD66279, 383F37599ABF16EEDEB2A60242DB7EDCC3D210A2A59DD61169047059F7041C5C ] C:\Users\Tribu\AppData\Local\temp\{2C691B82-6BA8-45EB-BEC2-7F49579D1C54}\{1E577F82-2882-4D55-9301-90808B1BEFBB}.tmp
09:36:06.0782 0x0aa8  C:\Users\Tribu\AppData\Local\temp\{2C691B82-6BA8-45EB-BEC2-7F49579D1C54}\{1E577F82-2882-4D55-9301-90808B1BEFBB}.tmp - ok
09:36:06.0797 0x0aa8  [ 17B06F23237FCD731FA2E10ECD6EDFE1, 93741E72A4CF813D79F7E9C58CD036243CC2265991B79A235743BC4BBC393489 ] C:\Windows\SysWOW64\msxml3r.dll
09:36:06.0797 0x0aa8  C:\Windows\SysWOW64\msxml3r.dll - ok
09:36:06.0797 0x0aa8  [ B64F4CC4C2172D401CA63967311D20B6, 071A381154B4CE3B3327481363DEC83DDAB00EFE03A4F150CDAC85F77CFF30FA ] C:\Program Files\Microsoft Security Client\MsMpRes.dll
09:36:06.0797 0x0aa8  C:\Program Files\Microsoft Security Client\MsMpRes.dll - ok
09:36:06.0797 0x0aa8  [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\Users\Tribu\AppData\Local\temp\{2C691B82-6BA8-45EB-BEC2-7F49579D1C54}\{5864BB24-D421-446B-A3A9-406CC24CE681}.tmp
09:36:06.0797 0x0aa8  C:\Users\Tribu\AppData\Local\temp\{2C691B82-6BA8-45EB-BEC2-7F49579D1C54}\{5864BB24-D421-446B-A3A9-406CC24CE681}.tmp - ok
09:36:06.0813 0x0aa8  [ AD1FBB07B0A2D3BF666D36344744A049, 67E3369884C6D07812B004017AAEB23442A6FF8CEED6813BF6E05D6045C81F19 ] C:\Program Files\Microsoft Security Client\en-us\MsMpRes.dll.mui
09:36:06.0813 0x0aa8  C:\Program Files\Microsoft Security Client\en-us\MsMpRes.dll.mui - ok
09:36:06.0813 0x0aa8  [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\Users\Tribu\AppData\Local\temp\{2C691B82-6BA8-45EB-BEC2-7F49579D1C54}\{82F1B696-98B4-46A1-9784-EC9705AE697C}.tmp
09:36:06.0813 0x0aa8  C:\Users\Tribu\AppData\Local\temp\{2C691B82-6BA8-45EB-BEC2-7F49579D1C54}\{82F1B696-98B4-46A1-9784-EC9705AE697C}.tmp - ok
09:36:06.0813 0x0aa8  [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\Users\Tribu\AppData\Local\temp\{2C691B82-6BA8-45EB-BEC2-7F49579D1C54}\{3E494B4C-8855-4F05-9998-01213A02BDE1}.tmp
09:36:06.0813 0x0aa8  C:\Users\Tribu\AppData\Local\temp\{2C691B82-6BA8-45EB-BEC2-7F49579D1C54}\{3E494B4C-8855-4F05-9998-01213A02BDE1}.tmp - ok
09:36:06.0829 0x0aa8  [ 93812FDC01AA864195816CD814445F95, E5CB2576DA2905177AFD342DBE63E17CF626F93F430DEBC55155C18C60166BEE ] C:\Program Files\Microsoft Security Client\SqmApi.dll
09:36:06.0829 0x0aa8  C:\Program Files\Microsoft Security Client\SqmApi.dll - ok
09:36:06.0829 0x0aa8  [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\Users\Tribu\AppData\Local\temp\{2C691B82-6BA8-45EB-BEC2-7F49579D1C54}\{C511B24C-1DC1-49A0-9892-4945ECC6222F}.tmp
09:36:06.0829 0x0aa8  C:\Users\Tribu\AppData\Local\temp\{2C691B82-6BA8-45EB-BEC2-7F49579D1C54}\{C511B24C-1DC1-49A0-9892-4945ECC6222F}.tmp - ok
09:36:06.0829 0x0aa8  [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\Users\Tribu\AppData\Local\temp\{2C691B82-6BA8-45EB-BEC2-7F49579D1C54}\{B5541BE2-01AD-4B39-B0F4-9F79DE291CCB}.tmp
09:36:06.0829 0x0aa8  C:\Users\Tribu\AppData\Local\temp\{2C691B82-6BA8-45EB-BEC2-7F49579D1C54}\{B5541BE2-01AD-4B39-B0F4-9F79DE291CCB}.tmp - ok
09:36:06.0844 0x0aa8  [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\Users\Tribu\AppData\Local\temp\{2C691B82-6BA8-45EB-BEC2-7F49579D1C54}\{CDBA7695-CF17-4CAB-8CE5-7A24CCF2B15C}.tmp
09:36:06.0844 0x0aa8  C:\Users\Tribu\AppData\Local\temp\{2C691B82-6BA8-45EB-BEC2-7F49579D1C54}\{CDBA7695-CF17-4CAB-8CE5-7A24CCF2B15C}.tmp - ok
09:36:06.0844 0x0aa8  [ 5704351536FDEACEBC4291D570826F17, 084CD39CE6AD1D70749E9335293CC58D0736E3134E5BD70DFF4EC234DB45454B ] C:\Windows\SysWOW64\en-US\imageres.dll.mui
09:36:06.0844 0x0aa8  C:\Windows\SysWOW64\en-US\imageres.dll.mui - ok
09:36:06.0860 0x0aa8  [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\Users\Tribu\AppData\Local\temp\{2C691B82-6BA8-45EB-BEC2-7F49579D1C54}\{0C6EBBAF-ACCE-4954-844E-68A01DE59A88}.tmp
09:36:06.0860 0x0aa8  C:\Users\Tribu\AppData\Local\temp\{2C691B82-6BA8-45EB-BEC2-7F49579D1C54}\{0C6EBBAF-ACCE-4954-844E-68A01DE59A88}.tmp - ok
09:36:06.0860 0x0aa8  [ 2FCA0D2C59A855C54BAFA22AA329DF0F, ED9D26F539065D62FCCEDEEC8E509B30F4D15F8DA586C1F657ACEFE9DABAACD0 ] C:\Windows\SysWOW64\netapi32.dll
09:36:06.0860 0x0aa8  C:\Windows\SysWOW64\netapi32.dll - ok
09:36:06.0860 0x0aa8  [ E5A4A1326A02F8E7B59E6C3270CE7202, DCB76016F9AC47E631540874DA208A089F9D529DA9628705A2869B954526BFE0 ] C:\Windows\SysWOW64\wkscli.dll
09:36:06.0860 0x0aa8  C:\Windows\SysWOW64\wkscli.dll - ok
09:36:06.0875 0x0aa8  [ A6C29DB53ECA94FA8591C5388D604B82, F25E95BA669422286A8FA3A68E0C639A2F06319B6DC8FA641C965CFB27A50BD6 ] C:\Windows\SysWOW64\msi.dll
09:36:06.0875 0x0aa8  C:\Windows\SysWOW64\msi.dll - ok
09:36:06.0875 0x0aa8  [ 0D298133C359AB8CB9EB4FA178BF3947, C876CE5E463BB116E41D1C90105D75F2DFCAEBF5FDE2A68AED0D2988470CEB31 ] C:\Windows\System32\msxml3.dll
09:36:06.0875 0x0aa8  C:\Windows\System32\msxml3.dll - ok
09:36:06.0875 0x0aa8  [ 102CF6879887BBE846A00C459E6D4ABC, A4C51C79CF95D5C79DCEFB02946A09A987FEAF83CE2EE1BA7677EBA90869AC80 ] C:\Windows\SysWOW64\riched20.dll
09:36:06.0875 0x0aa8  C:\Windows\SysWOW64\riched20.dll - ok
09:36:06.0891 0x0aa8  [ E2A17BCC08D92F42E08AF6BA2F93ABA7, 5FC9D47BF4B1094BECC0C0DDCD5CD4318DD3E4495D982F8785331616D5B82599 ] C:\Windows\SysWOW64\ExplorerFrame.dll
09:36:06.0891 0x0aa8  C:\Windows\SysWOW64\ExplorerFrame.dll - ok
09:36:06.0891 0x0aa8  [ 6E1F8165C365D35C8E3C045AF0CDD481, B861360D0A014265A0BEB4CC2FE31EA05AE95120E8B07820C13A044D64C00E2B ] C:\Windows\SysWOW64\duser.dll
09:36:06.0891 0x0aa8  C:\Windows\SysWOW64\duser.dll - ok
09:36:06.0891 0x0aa8  [ EE06B85BC69F18826302348A2AD089E0, 417205797CC9F6C986A863A61179784D9ADCAF1961EF8A4D9042D73C5A86509A ] C:\Windows\SysWOW64\dui70.dll
09:36:06.0891 0x0aa8  C:\Windows\SysWOW64\dui70.dll - ok
09:36:06.0907 0x0aa8  [ 64E211E0FDFCE4D186DF58BB7D0503BC, 6B9E12979119BAD721D493A9CEFDC7B4150121D5590222069FD1B8D80F9AC5C0 ] C:\Windows\SysWOW64\gameux.dll
09:36:06.0907 0x0aa8  C:\Windows\SysWOW64\gameux.dll - ok
09:36:06.0907 0x0aa8  [ 2BCBA6052374959A30BD7948444DBB79, 46224A2B729026FEEBC3C6A09E69919D477097848DB2CA0C2F5B166CDF379660 ] C:\Windows\System32\gameux.dll
09:36:06.0907 0x0aa8  C:\Windows\System32\gameux.dll - ok
09:36:06.0907 0x0aa8  [ 4F8CCD3E7D9F17A7C60FA0AE2466CACF, 77849DD78145EA879E63A42AE1481C0DEA3E16D89BB067229203317E9EDD340D ] C:\Windows\SysWOW64\wer.dll
09:36:06.0907 0x0aa8  C:\Windows\SysWOW64\wer.dll - ok
09:36:06.0922 0x0aa8  [ 8B285BDAB7735FDFB18E6F7122923B77, DE3DBDDBF0E999CDE4A53B194128094671684708CDBED2C4D5362316CAA3A8CD ] C:\Windows\SysWOW64\UIAnimation.dll
09:36:06.0922 0x0aa8  C:\Windows\SysWOW64\UIAnimation.dll - ok
09:36:06.0922 0x0aa8  [ 04CB7C8FDC6D9640DD82A527208F72C4, 0F8A327B0234A29EAB1F03D9102A3DF7DB4515BF580163198C5A8C174C98DE4F ] C:\Windows\System32\UIAnimation.dll
09:36:06.0922 0x0aa8  C:\Windows\System32\UIAnimation.dll - ok
09:36:06.0922 0x0aa8  [ 912649A1B3F9E6ACB3899FBDABA2ED5F, 049DFA9EA45A888B984E459B927A0F8AA4C10B9D36C6C0A0FE57F6329BEAF555 ] C:\Windows\SysWOW64\stobject.dll
09:36:06.0922 0x0aa8  C:\Windows\SysWOW64\stobject.dll - ok
09:36:06.0922 0x0aa8  [ C3761661C17C2248A9379A8FB89E3DE1, CE3477FA2B4058EB80739E0161FE957545F13CF86D313F6422732901D35F75F2 ] C:\Windows\System32\stobject.dll
09:36:06.0922 0x0aa8  C:\Windows\System32\stobject.dll - ok
09:36:06.0938 0x0aa8  [ 67C1B58706B47EEBA4E117AC197289E6, 9213E55DA854563E3A99369A4FAD853C0A97241A4F6D93F98444C57ADEEF89C1 ] C:\Windows\SysWOW64\batmeter.dll
09:36:06.0938 0x0aa8  C:\Windows\SysWOW64\batmeter.dll - ok
09:36:06.0938 0x0aa8  [ F832EEEA97CDDA1AF577E721F652A0D1, EBBB7CA199BA4DF231123922BD310D43DE0104C6185B70FE0281B938D5336F2E ] C:\Windows\System32\batmeter.dll
09:36:06.0938 0x0aa8  C:\Windows\System32\batmeter.dll - ok
09:36:06.0938 0x0aa8  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] C:\Windows\SysWOW64\es.dll
09:36:06.0938 0x0aa8  C:\Windows\SysWOW64\es.dll - ok
09:36:06.0953 0x0aa8  [ C8333F1F77A1B2E25F2202E892CAF634, 7A614AA4353ECE8175B6AB7B25EE26FAB22DF2A53C9A5A694B3A3B56F6C783A7 ] C:\Windows\SysWOW64\prnfldr.dll
09:36:06.0953 0x0aa8  C:\Windows\SysWOW64\prnfldr.dll - ok
09:36:06.0953 0x0aa8  [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122, E7EA375A3BDE8FC764CB09524344370B9EE25F98AD6C83E6F37A569EB8D277D6 ] C:\Windows\System32\prnfldr.dll
09:36:06.0953 0x0aa8  C:\Windows\System32\prnfldr.dll - ok
09:36:06.0953 0x0aa8  [ 51138BEEA3E2C21EC44D0932C71762A8, 5AD3C37E6F2B9DB3EE8B5AEEDC474645DE90C66E3D95F8620C48102F1EBA4124 ] C:\Windows\SysWOW64\rundll32.exe
09:36:06.0953 0x0aa8  C:\Windows\SysWOW64\rundll32.exe - ok
09:36:06.0969 0x0aa8  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\System32\rundll32.exe
09:36:06.0969 0x0aa8  C:\Windows\System32\rundll32.exe - ok
09:36:06.0969 0x0aa8  [ BF164444875AF45D34936684DF87CF40, 05A75F8A6A13238026C258C58703F3E0EAD07412C59D7C258718030A41C147A4 ] C:\Windows\SysWOW64\en-US\rundll32.exe.mui
09:36:06.0969 0x0aa8  C:\Windows\SysWOW64\en-US\rundll32.exe.mui - ok
09:36:06.0969 0x0aa8  [ 3BFAA4560430DC2B1B86E7EAD4A63F91, B403428AA2A0258CAEE5AA77EA9E24E9F07B7C1717A89C501F6B7F9DB7C3D6AE ] C:\Windows\SysWOW64\en-US\setupapi.dll.mui
09:36:06.0969 0x0aa8  C:\Windows\SysWOW64\en-US\setupapi.dll.mui - ok
09:36:06.0985 0x0aa8  [ 42A9CB6906D9A8BEDC83B57163E62924, E18522D3137653140757829EFBFCE624A5BAA5842E2BBA10B9E5AB6C84BE49E1 ] C:\Windows\System32\DXP.dll
09:36:06.0985 0x0aa8  C:\Windows\System32\DXP.dll - ok
09:36:06.0985 0x0aa8  [ 856CFFCD835528136367BB1A8FE1DB87, 97EE0B243F460BE737D18B634559BC6389064BA013890E69B650E5152AB873C8 ] C:\Windows\SysWOW64\Syncreg.dll
09:36:06.0985 0x0aa8  C:\Windows\SysWOW64\Syncreg.dll - ok
09:36:06.0985 0x0aa8  [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891, 0A82A475301202791A7C10F978F952EAB7DB146A702D4EA67E24E2C98BC19638 ] C:\Windows\System32\Syncreg.dll
09:36:06.0985 0x0aa8  C:\Windows\System32\Syncreg.dll - ok
09:36:07.0000 0x0aa8  [ EAB975DB4C2805927FE5BD047D05C9AA, 8F5497B1A2652B5EAA5D35BD314B5F90C5140207427DAE6068D665FA44D3FD56 ] C:\Windows\SysWOW64\netshell.dll
09:36:07.0000 0x0aa8  C:\Windows\SysWOW64\netshell.dll - ok
09:36:07.0000 0x0aa8  [ 104A1070E90F1C530328E69B49718841, C5EBDD404F92E185467C390CC30DB4BD7BE0193536DD5708277662D4B0EA38D1 ] C:\Windows\SysWOW64\nlaapi.dll
09:36:07.0000 0x0aa8  C:\Windows\SysWOW64\nlaapi.dll - ok
09:36:07.0000 0x0aa8  [ B2B3DAE040F6B5AE1DF52B0CD7631A18, 062680EFF24EB83FF34DDD76043DB9ABB476C8FEE7BBE869A1E7F7FC8891314F ] C:\Windows\SysWOW64\AltTab.dll
09:36:07.0000 0x0aa8  C:\Windows\SysWOW64\AltTab.dll - ok
09:36:07.0016 0x0aa8  [ E7368F0A8D19445EAF5C5D0DBB8B8DAB, CF9082360E32A7C3E13A67AC2C6192F4A76870D43DA9FF2936993A637F712761 ] C:\Windows\System32\AltTab.dll
09:36:07.0016 0x0aa8  C:\Windows\System32\AltTab.dll - ok
09:36:07.0016 0x0aa8  [ 735263DA17BF5BAF9CCD483843BF9D5A, A493F9191EA3F37A53474E94B3917EA038B29545FC62B1634CE47F05EA2FF5C6 ] C:\Windows\SysWOW64\WPDShServiceObj.dll
09:36:07.0016 0x0aa8  C:\Windows\SysWOW64\WPDShServiceObj.dll - ok
09:36:07.0016 0x0aa8  [ C8FDF0FA9E97E2FAAF3F814716AAA881, DD24A1CAB44D943B0E1A795A347AD25D9305FC7F012A2566A6A14BD47221831F ] C:\Windows\System32\WPDShServiceObj.dll
09:36:07.0016 0x0aa8  C:\Windows\System32\WPDShServiceObj.dll - ok
09:36:07.0031 0x0aa8  [ ADB45A977BD9E45790CA496DB84BA148, BB251C9A5D2F5C6BDFB22C6BA235748472FC28AF2ADAF1CE7948352301DDE3C1 ] C:\Windows\SysWOW64\PortableDeviceTypes.dll
09:36:07.0031 0x0aa8  C:\Windows\SysWOW64\PortableDeviceTypes.dll - ok
09:36:07.0031 0x0aa8  [ 4F3CD1C59EA71401E155C432BCECE180, 6D4118A627CAE509E43D0CC0062EECAA0990C955BB15AE24834460551B2F51A2 ] C:\Windows\System32\PortableDeviceTypes.dll
09:36:07.0031 0x0aa8  C:\Windows\System32\PortableDeviceTypes.dll - ok
09:36:07.0031 0x0aa8  [ E98278865E8DABA21CFE5FE4BE34210A, 3BB431A9F6476EA98C17DF46BA5DFA265E74328D84875E402236ED12E50B6330 ] C:\Windows\SysWOW64\PortableDeviceApi.dll
09:36:07.0031 0x0aa8  C:\Windows\SysWOW64\PortableDeviceApi.dll - ok
09:36:07.0047 0x0aa8  [ 3D6F22551D422F97AACB0BB927E4C846, 9AB7C9F2E7F3D1CEC4553D0DF57E074121957055A9A4349946D354ACB6FC4579 ] C:\Windows\SysWOW64\pnidui.dll
09:36:07.0047 0x0aa8  C:\Windows\SysWOW64\pnidui.dll - ok
09:36:07.0047 0x0aa8  [ 10F815BE90A66AAFC6C713D1BD626064, 01139FC04BC53594296F6A0E16B8D20B940F64BC8119FE7705C03C4947958F39 ] C:\Windows\System32\pnidui.dll
09:36:07.0047 0x0aa8  C:\Windows\System32\pnidui.dll - ok
09:36:07.0047 0x0aa8  [ BD626EF05967D14C772B8096292731A3, FE3838B41DCAFC52089D909E7F411186D993C08AC149E093352D691D57C9BE71 ] C:\Windows\SysWOW64\QUTIL.DLL
09:36:07.0047 0x0aa8  C:\Windows\SysWOW64\QUTIL.DLL - ok
09:36:07.0063 0x0aa8  [ B9F0A4020AA98B7A20287BF7FE99A1FD, 21138F161EEEA46198890C7A2D073F2C82829E15676131BDAD9F237EDC7477CD ] C:\Windows\System32\QUTIL.DLL
09:36:07.0063 0x0aa8  C:\Windows\System32\QUTIL.DLL - ok
09:36:07.0063 0x0aa8  [ 82C089EA2A3EEFADF3588EA71E8BDADA, 2F3BB32EE2C0673058A74DEEB2D405E5E79F833F33C4D289A93EB3C618A86E75 ] C:\Windows\SysWOW64\wevtapi.dll
09:36:07.0063 0x0aa8  C:\Windows\SysWOW64\wevtapi.dll - ok
09:36:07.0063 0x0aa8  [ CF4274CEEA9F7791FB7FC40A066BC2C7, C153EC0D420261185001B354955DF85C6E842334D34E70BB69CECC3AFC8CE36C ] C:\Windows\SysWOW64\cscobj.dll
09:36:07.0063 0x0aa8  C:\Windows\SysWOW64\cscobj.dll - ok
09:36:07.0078 0x0aa8  [ 236F286E103FD44BD85FDD93097FD5DD, C369C98E76FEFBB05A12ABEECCF89C75132419B56866ED9AB77F61F84BA62785 ] C:\Windows\SysWOW64\SearchIndexer.exe
09:36:07.0078 0x0aa8  C:\Windows\SysWOW64\SearchIndexer.exe - ok
09:36:07.0078 0x0aa8  [ 234AFA322624B3203A2E720F08292B03, 0C0ACDD63FD82EDD34442E9E0763872BA6BF6AC73AB89147EA5FDD1E0229CC0A ] C:\Windows\System32\cscobj.dll
09:36:07.0078 0x0aa8  C:\Windows\System32\cscobj.dll - ok
09:36:07.0078 0x0aa8  [ 544EFF88AC6C85DF5A4D6F18DFE08CFC, D688381F42062FD5D868E7770857C5951C41BA20A1B6E6F60B5D9536C02CD293 ] C:\Windows\SysWOW64\taskschd.dll
09:36:07.0078 0x0aa8  C:\Windows\SysWOW64\taskschd.dll - ok
09:36:07.0094 0x0aa8  [ E0B340996A41C9A75DFA3B99BBA9C500, D029AD8ABBD2267B1E44DF5172B93C3F832B4C21F930F5512C24E800F5CE4F8B ] C:\Windows\System32\SearchIndexer.exe
09:36:07.0094 0x0aa8  C:\Windows\System32\SearchIndexer.exe - ok
09:36:07.0094 0x0aa8  [ 674B0C0F6A448EB185CAAB9C51D44032, 6722351F46BF70BA967844D3239CD801DFC4538A4EB6C478D8497F27F7FD9F1D ] C:\Windows\SysWOW64\srchadmin.dll
09:36:07.0094 0x0aa8  C:\Windows\SysWOW64\srchadmin.dll - ok
09:36:07.0094 0x0aa8  [ 8569E35D00F45972E506502EEE622BA4, 01FE851C03DB88C8373099C279F995A559D962B08932E193032FA3EAD522FB01 ] C:\Windows\System32\srchadmin.dll
09:36:07.0094 0x0aa8  C:\Windows\System32\srchadmin.dll - ok
09:36:07.0109 0x0aa8  [ 28CAAA8B3DAC4604B6871F311C6B9F49, 27552F9FF89C48275FA430190F9E8281F2A83A26C9F9CDE2E7D3B4DD1C199B6A ] C:\Windows\SysWOW64\NlsData0000.dll
09:36:07.0109 0x0aa8  C:\Windows\SysWOW64\NlsData0000.dll - ok
09:36:07.0109 0x0aa8  [ E3D5E244807AD655787FCD25477CC1BC, 8A378249C936914DBFEDAE310D6ACB93D488C8F490EC4AAB435861C413A5BB0F ] C:\Windows\SysWOW64\bthprops.cpl
09:36:07.0109 0x0aa8  C:\Windows\SysWOW64\bthprops.cpl - ok
09:36:07.0109 0x0aa8  [ F7A256EC899C72B4ECDD2C02CB592EFD, 9C1AA9322E83CABB94AEA4375EAEB0C44700E1F33B8BE98649BA1DF4DDFAD326 ] C:\Windows\System32\bthprops.cpl
09:36:07.0109 0x0aa8  C:\Windows\System32\bthprops.cpl - ok
09:36:07.0125 0x0aa8  [ E1AC89F6C5252057E6062843E36A6701, 32BE52836F2A011D46957AD60ABA48986B87026FD50ED09D8495460C7F1AB23E ] C:\Windows\SysWOW64\SearchProtocolHost.exe
09:36:07.0125 0x0aa8  C:\Windows\SysWOW64\SearchProtocolHost.exe - ok
09:36:07.0125 0x0aa8  [ 8444A7364D6877922049E99BF4B78C5C, 8BA2EEE84D61743CAA6286D59839963C5ED9AB7C857A4B9926EB640BBE43C425 ] C:\Windows\SysWOW64\ELSCore.dll
09:36:07.0125 0x0aa8  C:\Windows\SysWOW64\ELSCore.dll - ok
09:36:07.0125 0x0aa8  [ 9A39A2A5F443A756C568C6ED5748AFE4, 13C2790985CBA9CD325BA20364A665DB50B769B7DDE93E6BE20F25427BDB34F8 ] C:\Windows\SysWOW64\ActionCenter.dll
09:36:07.0125 0x0aa8  C:\Windows\SysWOW64\ActionCenter.dll - ok
09:36:07.0141 0x0aa8  [ 92DBF0A4C9239169010FC6E07859C82E, 00FB2CF4420F0FFEF519AFE732A708CF249640121E2A891CAA164313ABD7F804 ] C:\Windows\System32\ActionCenter.dll
09:36:07.0141 0x0aa8  C:\Windows\System32\ActionCenter.dll - ok
09:36:07.0141 0x0aa8  [ 465DBF63A5049E4DB4BC5C12FFE781CB, D12F6A9FB92144B2CFFD28BD72C234BA42F882EF22122DB83CE5EB1B8EBE9017 ] C:\Windows\SysWOW64\tquery.dll
09:36:07.0141 0x0aa8  C:\Windows\SysWOW64\tquery.dll - ok
09:36:07.0141 0x0aa8  [ 0241CB16136B9A4939CA0395768AE286, E7A3A0BDB4AC4BD718C93BE650541F96603739BDB3DB6860665DCC073DA8007D ] C:\Windows\SysWOW64\mssrch.dll
09:36:07.0141 0x0aa8  C:\Windows\SysWOW64\mssrch.dll - ok
09:36:07.0156 0x0aa8  [ 81600E2E27ED61427AAD865B9BCDDB9D, 0D7D39C0A5A2C24FAADCA41658A1C62D13180B462C78103BDF6DBD76B64DD79A ] C:\Windows\SysWOW64\msidle.dll
09:36:07.0156 0x0aa8  C:\Windows\SysWOW64\msidle.dll - ok
09:36:07.0156 0x0aa8  [ A6CD6B3F71E13E2E45B727FB8A47EA87, 4D84F6B03185DA961543ADFB927CBC17A1A9F216AC24E9A9228780AD7DD0222E ] C:\Windows\SysWOW64\SearchFilterHost.exe
09:36:07.0156 0x0aa8  C:\Windows\SysWOW64\SearchFilterHost.exe - ok
09:36:07.0156 0x0aa8  [ 8B57A1AD493653BB57F281FE75DD175B, 65A54DDCA45CED94F7CF079632F127C247DD9E5E4D2B074593F89621F8CC6C55 ] C:\Windows\SysWOW64\NaturalLanguage6.dll
09:36:07.0156 0x0aa8  C:\Windows\SysWOW64\NaturalLanguage6.dll - ok
09:36:07.0172 0x0aa8  [ 2992932C1AB1D29A1A4A9E8CB8530CBF, 894FB2246F09FAC7E78FA1DC0159E888944AD3F4E66844BCE01A967B789CC82B ] C:\Windows\SysWOW64\NlsData0009.dll
09:36:07.0172 0x0aa8  C:\Windows\SysWOW64\NlsData0009.dll - ok
09:36:07.0172 0x0aa8  [ 95951E6A277F78FA13A85F2F408F4C0B, C70D3BCD3200816375E3C1D5E0CF8EC008C4072C3360E7A45BB5433B733F825B ] C:\Windows\System32\ieframe.dll
09:36:07.0172 0x0aa8  C:\Windows\System32\ieframe.dll - ok
09:36:07.0172 0x0aa8  [ 7B3FD36359DE5D2EE49D213CCAD13427, 1903FAB91028CCE19AF4B88154EBE2B175F3C4535B0FAE8F2DBB5A83E74C7DD1 ] C:\Windows\SysWOW64\elsTrans.dll
09:36:07.0172 0x0aa8  C:\Windows\SysWOW64\elsTrans.dll - ok
09:36:07.0187 0x0aa8  [ 02A2ED8497F437EA200DF3ACED255AFE, 228EF857617715297C31349C9A568E9759D5AA58D5800E9C048AD3F1B9482777 ] C:\Windows\SysWOW64\elslad.dll
09:36:07.0187 0x0aa8  C:\Windows\SysWOW64\elslad.dll - ok
09:36:07.0187 0x0aa8  [ 1CBF15FDB0310345A68972EB5C5B948F, E1EDCE6216B24037B243AC68CEEBD510646B2EFD70BC118E68303F9ED85D1973 ] C:\Windows\SysWOW64\mssprxy.dll
09:36:07.0187 0x0aa8  C:\Windows\SysWOW64\mssprxy.dll - ok
09:36:07.0187 0x0aa8  [ 53EC01707439C113AA7B495FFB24A0AB, 774B41A30A597EEEA66318F8D918D474E2EE2F8F54966962EC61BC7ADD502EC3 ] C:\Windows\SysWOW64\en-US\SearchIndexer.exe.mui
09:36:07.0187 0x0aa8  C:\Windows\SysWOW64\en-US\SearchIndexer.exe.mui - ok
09:36:07.0203 0x0aa8  [ 71C4F42DC8DB668E826DA79462EA741E, 69452DBC1CD4E09B27A42A535827B359FA9A2762A106E91653DDB7BF00A9C029 ] C:\Windows\SysWOW64\KBDUS.DLL
09:36:07.0203 0x0aa8  C:\Windows\SysWOW64\KBDUS.DLL - ok
09:36:07.0203 0x0aa8  [ B63E24E9271E99FD4540E3CA22A937DA, A9E75FBF482C4447E887E5B6EBAD96FE827F0BBD1101F1D8B54EE178D3AEAA7E ] C:\Windows\SysWOW64\en-US\tquery.dll.mui
09:36:07.0203 0x0aa8  C:\Windows\SysWOW64\en-US\tquery.dll.mui - ok
09:36:07.0203 0x0aa8  [ B1D00F879817E58D51452ECA7EEF0B04, 94543BDA812290C64B234C2F62D2E66945D654D1517A554096B7DDA105E2AC73 ] C:\Windows\SysWOW64\en-US\ESENT.dll.mui
09:36:07.0203 0x0aa8  C:\Windows\SysWOW64\en-US\ESENT.dll.mui - ok
09:36:07.0219 0x0aa8  [ 9108540E866F75C7AF2B91DD921A8091, 7208C8E05E818781D7F2703B86848FC90651E0D8BE10362863250F2283CEC511 ] C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
09:36:07.0219 0x0aa8  C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
09:36:07.0219 0x0aa8  [ 370349F79315D4DB86CD992CACEFEE61, 436D5622AE0D820D4FAB7E6DD7FFC38F9752AE4822505989D77DB1CFAA4BF416 ] C:\Windows\SysWOW64\VAN.dll
09:36:07.0219 0x0aa8  C:\Windows\SysWOW64\VAN.dll - ok
09:36:07.0219 0x0aa8  [ 13337A3FB17F2242487FD45488ED0485, C174F8652118876494336AB88A65D594E0E6CCBAB20CC6BA08E6B253855A01CA ] C:\Windows\SysWOW64\vssapi.dll
09:36:07.0219 0x0aa8  C:\Windows\SysWOW64\vssapi.dll - ok
09:36:07.0234 0x0aa8  [ B940289C83121046BD6A60ACC6028593, EBD1C2C0A8EBB201924536AB5C6E032C12B9E081A153CC079748E1D6D625F0DF ] C:\Windows\SysWOW64\vsstrace.dll
09:36:07.0234 0x0aa8  C:\Windows\SysWOW64\vsstrace.dll - ok
09:36:07.0234 0x0aa8  [ 9EDB0A8337529D69F96DD1B2E70FA2F7, EB73C5060FDFA4C0F823914682B2BECF24B36EFA0E51D1627DA1ADC542CC14DE ] C:\Windows\System32\VAN.dll
09:36:07.0234 0x0aa8  C:\Windows\System32\VAN.dll - ok
09:36:07.0234 0x0aa8  [ F343D80C26B3BDFCA8066BD5FD397E73, D39CF8FB49E9FB47968065202D41E492C020B9CBC0CE911C366C3199CDD37C2E ] C:\Windows\SysWOW64\en-US\vsstrace.dll.mui
09:36:07.0234 0x0aa8  C:\Windows\SysWOW64\en-US\vsstrace.dll.mui - ok
09:36:07.0250 0x0aa8  [ 5D68F68E12B8BCD35ADE5A7B4FE5F456, D4514803EDFCF9B83D2F439570C9A0E84A75DF07BF7821FB4E2BB002F8BD5E83 ] C:\Windows\System32\wwanmm.dll
09:36:07.0250 0x0aa8  C:\Windows\System32\wwanmm.dll - ok
09:36:07.0250 0x0aa8  [ 919001D2BB17DF06CA3F8AC16AD039F6, 5169ACFBE9E9D4C4012773ECDD28231C952675EF0C272A40F226E7B5D671B18B ] C:\Windows\SysWOW64\sxs.dll
09:36:07.0250 0x0aa8  C:\Windows\SysWOW64\sxs.dll - ok
09:36:07.0250 0x0aa8  [ F2ED6D00921CA138289E5E0CCB9ABF87, 528F249CE0835CA4D8B7C4940F5132DF1155EB344177BEA4CD7FCF9B8DCCCA4B ] C:\Windows\SysWOW64\wwapi.dll
09:36:07.0250 0x0aa8  C:\Windows\SysWOW64\wwapi.dll - ok
09:36:07.0265 0x0aa8  [ 62C7AACC746C9723468A8F2169ED3E85, 40E901F3EAFE52DF11D6BC4EF0E79F666EBDACE0B3C090CAD2358076E893EA47 ] C:\Windows\System32\wwapi.dll
09:36:07.0265 0x0aa8  C:\Windows\System32\wwapi.dll - ok
09:36:07.0265 0x0aa8  [ D53519D8BB92559350125447991DCFA8, 553C06E8FDD9F516B05D64DC6C4CDC15575B5CB130060AE8F3325C564FAE02C0 ] C:\Windows\SysWOW64\mssitlb.dll
09:36:07.0265 0x0aa8  C:\Windows\SysWOW64\mssitlb.dll - ok
09:36:07.0265 0x0aa8  [ 27F3D44B29E14658EDE13D7D044E7420, 7BC9C70D8B38D300BDAFF09F1991B9AB24A1B39D8FEABC3252335C9EAE2CFC71 ] C:\Windows\SysWOW64\RASMM.dll
09:36:07.0265 0x0aa8  C:\Windows\SysWOW64\RASMM.dll - ok
09:36:07.0281 0x0aa8  [ 89F4D0DD6606A2FE15931E6888DBBC8D, 513D9F6DB0D993DB6D720DF1FF4FED2C6A9B067522CDEE389CA40D3B618B6A55 ] C:\Windows\SysWOW64\stdole2.tlb
09:36:07.0281 0x0aa8  C:\Windows\SysWOW64\stdole2.tlb - ok
09:36:07.0281 0x0aa8  [ 18C27789FCFDDDB8D45C1EC4BC77CC8C, 588CA4582AAC716E93F7A26E53786FE25B02DFFDF12609D01562439BF54EE3FD ] C:\Windows\System32\RASMM.dll
09:36:07.0281 0x0aa8  C:\Windows\System32\RASMM.dll - ok
09:36:07.0281 0x0aa8  [ C8CB301BF896C7C556BBE963FADF5BB6, 94ABF348C70E4BE391B9344CC730A0A98D6EB042EA1D031840DA3DB74A76849C ] C:\Windows\SysWOW64\NlsLexicons0009.dll
09:36:07.0281 0x0aa8  C:\Windows\SysWOW64\NlsLexicons0009.dll - ok
09:36:07.0297 0x0aa8  [ 839F96DBAAFD3353E0B248A5E0BD2A51, 11DA5AD3EA5FF4766C12B99FB520B3CBE08581ECAF1A2FD1DC5AC835CA78FAC2 ] C:\Windows\SysWOW64\rasapi32.dll
09:36:07.0297 0x0aa8  C:\Windows\SysWOW64\rasapi32.dll - ok
09:36:07.0297 0x0aa8  [ FFA7172354B9256DBB2CDD75F16F33FE, 85B2F014C67C2E52540F17D561793C6633C9E98F12639CCD3854EB1EC34DD035 ] C:\Windows\SysWOW64\rasman.dll
09:36:07.0297 0x0aa8  C:\Windows\SysWOW64\rasman.dll - ok
09:36:07.0297 0x0aa8  [ 4B8441782918424827F2937CFB669136, 7203084C05D2DE7B6636247947DA801445DD5D89ECE2D8776DDA69AADE067881 ] C:\Windows\SysWOW64\WlanMM.dll
09:36:07.0297 0x0aa8  C:\Windows\SysWOW64\WlanMM.dll - ok
09:36:07.0312 0x0aa8  [ 589DF683A6C81424A6CECE52ABF98A50, 8CE0D07B2FC1F1BF8C07434FAFCDC63FDD3B75007C3B2EED130DB69D2D16E90A ] C:\Windows\System32\tquery.dll
09:36:07.0312 0x0aa8  C:\Windows\System32\tquery.dll - ok
09:36:07.0312 0x0aa8  [ 448DE6CDB7976373B35CA03B6BF9BE48, C88987F084375DDBCF2F209274543157443031B6A6C644EEF96AD7489BA8B804 ] C:\Windows\System32\WlanMM.dll
09:36:07.0312 0x0aa8  C:\Windows\System32\WlanMM.dll - ok
09:36:07.0312 0x0aa8  [ 7568CC720ACE4D03B84AF97817E745EF, 7155144CB0B260B969C398A36BC277C97BEADB5DB137D19A4F7E5AF61C3E24D4 ] C:\Windows\System32\mssrch.dll
09:36:07.0312 0x0aa8  C:\Windows\System32\mssrch.dll - ok
09:36:07.0328 0x0aa8  [ 8063046AA70B97CA9985672B8848FB2E, C7A7F2D216D1F0D7F28A22E4933DB3D821AC52CC2EF7AE8BA08D18104FCF8B81 ] C:\Windows\SysWOW64\wlanhlp.dll
09:36:07.0328 0x0aa8  C:\Windows\SysWOW64\wlanhlp.dll - ok
09:36:07.0328 0x0aa8  [ E4FCA0F99A41E460C84016DEFD31E6EF, 8EB14AF2025EADC7C86280E8417D8F286E8271B4F88B31696E33DFD72B3A0EF2 ] C:\Windows\System32\wlanhlp.dll
09:36:07.0328 0x0aa8  C:\Windows\System32\wlanhlp.dll - ok
09:36:07.0328 0x0aa8  [ B010CF886420EE29C2C276646721D255, CBCD032D679ADE3A9942A1D116648D6A9ECC71F66F8630629E724E5EE23F9F73 ] C:\Windows\SysWOW64\wlanapi.dll
09:36:07.0328 0x0aa8  C:\Windows\SysWOW64\wlanapi.dll - ok
09:36:07.0343 0x0aa8  [ 357BE883C5236BFC7341CB9E82308908, 4DDB697FD9B7C516CF99D73C8799EA35BB97E2431216CD7C1045F17B06109FBF ] C:\Windows\System32\wlanapi.dll
09:36:07.0343 0x0aa8  C:\Windows\System32\wlanapi.dll - ok
09:36:07.0343 0x0aa8  [ 1D6A771D1D702AE07919DB52C889A249, E5F3378AC40AEE6114EEAF3BF11DC1059466891CAE353E80C08622A60485C954 ] C:\Windows\SysWOW64\wlanutil.dll
09:36:07.0343 0x0aa8  C:\Windows\SysWOW64\wlanutil.dll - ok
09:36:07.0343 0x0aa8  [ 3121A79D13A61562BE9CC902CD46B542, 00A5833A48338A4A9A5530844924AF4F1FAB618DA46D7EBBC6E2165C32ED376C ] C:\Windows\System32\msidle.dll
09:36:07.0343 0x0aa8  C:\Windows\System32\msidle.dll - ok
09:36:07.0359 0x0aa8  [ 7F1B4C6FF3B85F9ADF74055187B8A22C, CC95DA5662638AACBE9643DCB236464C2C2095A8D5CDC8A747045870BE9D0E7D ] C:\Windows\System32\wlanutil.dll
09:36:07.0359 0x0aa8  C:\Windows\System32\wlanutil.dll - ok
09:36:07.0359 0x0aa8  [ F748F53FE09D21D8ECBB6421E6792024, 38F737673F8B089B2540CE7015A4DF7081754F7CC83BFF85199B70555AF32ED0 ] C:\Windows\SysWOW64\onex.dll
09:36:07.0359 0x0aa8  C:\Windows\SysWOW64\onex.dll - ok
09:36:07.0359 0x0aa8  [ ACE1BB07E0377E37A2C514CD2EC119B1, A9AFA4774DFA875496764D6E541A6333A3ACD3C5D2BBEF753C2D80BA83B4AC15 ] C:\Windows\System32\mssprxy.dll
09:36:07.0359 0x0aa8  C:\Windows\System32\mssprxy.dll - ok
09:36:07.0375 0x0aa8  [ 73FCB7919DEE80EE556F2E498594EBAE, D0F7A0AD3BC33263E9C2CF9787DD326436F9E0C9F5031D769F8A43C64C08A762 ] C:\Windows\System32\onex.dll
09:36:07.0375 0x0aa8  C:\Windows\System32\onex.dll - ok
09:36:07.0375 0x0aa8  [ 666E57B6B51824D1D235F80A3DD70A13, B2ACCABDD5D8B23E502FE691C1DEE4A2C0EA20EDCDE5B4000557579D56D411EC ] C:\Windows\SysWOW64\eappprxy.dll
09:36:07.0375 0x0aa8  C:\Windows\SysWOW64\eappprxy.dll - ok
09:36:07.0390 0x0aa8  [ 5A5FEDDF02588B8F9FE4A95E5E7EAE97, 364A2DC446E9AB091A216D0EED559CEA334AA46EC0BC693CBD6CE1DE0F89317B ] C:\Windows\SysWOW64\eappcfg.dll
09:36:07.0390 0x0aa8  C:\Windows\SysWOW64\eappcfg.dll - ok
09:36:07.0390 0x0aa8  [ C9FB9038B15036CA28CF0B4BE2BED9BD, 0F56384E798B3F725FFEFC6E31A980DA31F620DB847F601273EF19E8CE74A226 ] C:\Windows\System32\en-US\tquery.dll.mui
09:36:07.0390 0x0aa8  C:\Windows\System32\en-US\tquery.dll.mui - ok
09:36:07.0390 0x0aa8  [ D39DA70FEA6BD713682F70635587DA9E, FF18C97642F48C711D75F32115B1260FE0BDF6072403E5A9226E9BE780AF1969 ] C:\Windows\SysWOW64\rasdlg.dll
09:36:07.0390 0x0aa8  C:\Windows\SysWOW64\rasdlg.dll - ok
09:36:07.0390 0x0aa8  [ D2155709E336C3BC15729EB87FEC6064, 682A84C0F2D892E7A6CEE4E5937B4799E352AAE3B71E7037F2A343373467443C ] C:\Windows\System32\rasdlg.dll
09:36:07.0390 0x0aa8  C:\Windows\System32\rasdlg.dll - ok
09:36:07.0406 0x0aa8  [ D4191EFAB91E00FC09257AA5EBAF503B, 161B572CF4C65984EAFDBA95357373BC712AA414B52DDA23523F84151240E337 ] C:\Windows\SysWOW64\mprapi.dll
09:36:07.0406 0x0aa8  C:\Windows\SysWOW64\mprapi.dll - ok
09:36:07.0406 0x0aa8  [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159, ACE7F85685EB92FC3AB4215122B0469E32F23B196C49F08CDA7791D3122C45DC ] C:\Windows\SysWOW64\rtutils.dll
09:36:07.0406 0x0aa8  C:\Windows\SysWOW64\rtutils.dll - ok
09:36:07.0406 0x0aa8  [ 2F040CF0613A6D64DCBBA9EE81F5A5AE, DA16117429AF47230CD7C136407C81951B8D2E45A8B7A9DC6948407AA2EC4ADD ] C:\Windows\SysWOW64\dsrole.dll
09:36:07.0421 0x0aa8  C:\Windows\SysWOW64\dsrole.dll - ok
09:36:07.0421 0x0aa8  [ 1FF7E4F548C7C372C804938F0D5B36AE, F20409733F67853CBF51FD83E4DB73260FED7B7A4F361C6B3482D78C990E16FC ] C:\Windows\SysWOW64\netcfgx.dll
09:36:07.0421 0x0aa8  C:\Windows\SysWOW64\netcfgx.dll - ok
09:36:07.0421 0x0aa8  [ 04B88428A872390D235BE52D38A9D4EF, F6954D514B67547738EB012456342D65289B0B18A0304BBAD5BDAA3436181C77 ] C:\Windows\SysWOW64\dot3api.dll
09:36:07.0421 0x0aa8  C:\Windows\SysWOW64\dot3api.dll - ok
09:36:07.0421 0x0aa8  [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2, E8ACB693B1A78FAEF292111BE3F9B10BA95C76833C06C931A08EAAAE39A21334 ] C:\Windows\System32\dot3api.dll
09:36:07.0421 0x0aa8  C:\Windows\System32\dot3api.dll - ok
09:36:07.0437 0x0aa8  [ 6383C60EC0133B14F5705F96369421B2, EAB3FA2344B853148F199F744E716FBB8E9331B9DB588F784274599B6BCE2335 ] C:\Windows\SysWOW64\hnetcfg.dll
09:36:07.0437 0x0aa8  C:\Windows\SysWOW64\hnetcfg.dll - ok
09:36:07.0437 0x0aa8  [ C5B0324DB461559ADD070E632A6919FA, AB09CACB5B7DD372B27921A5E01220552A611CECA27EF87961001FA467FDED45 ] C:\Windows\SysWOW64\wbem\wbemprox.dll
09:36:07.0437 0x0aa8  C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
09:36:07.0437 0x0aa8  [ 03B3541AE6986602CF9CB5B3AD169C33, FC4B0ABA53EDB19DCBA00B8FEBE807643A4AB2D6B8337EE05CE2D0283BEF0F4E ] C:\Windows\SysWOW64\webcheck.dll
09:36:07.0437 0x0aa8  C:\Windows\SysWOW64\webcheck.dll - ok
09:36:07.0453 0x0aa8  [ 704314FD398C81D5F342CAA5DF7B7F21, CDA660E1E8AAE0789780B6B9604B138E67B2BDD1404A5E4C2354B35879D43085 ] C:\Windows\SysWOW64\wbemcomn.dll
09:36:07.0453 0x0aa8  C:\Windows\SysWOW64\wbemcomn.dll - ok
09:36:07.0453 0x0aa8  [ F00AE7B953ABEF1B53FBBA187DFC8238, 6FFA160FB6821A725A7D81E1BECE1DE89E3E022B33E56A7468E2E0B4C8B2AE31 ] C:\Windows\System32\webcheck.dll
09:36:07.0453 0x0aa8  C:\Windows\System32\webcheck.dll - ok
09:36:07.0468 0x0aa8  [ 776AE0564F8B1C282E331FD95A1BDC5F, 601CFCA3922FFEA46A54AD323845A76A12FC6AF9FF64E9B0AE294FBB1AFCF4CB ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
09:36:07.0468 0x0aa8  C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
09:36:07.0468 0x0aa8  [ 2DDEA2C345DA5BC589EFD398F220DB0E, B515B15BE7CB66F94B7A9B802719DAF7D50E1FE2832B66B6883AC0023060800D ] C:\Windows\SysWOW64\SyncCenter.dll
09:36:07.0468 0x0aa8  C:\Windows\SysWOW64\SyncCenter.dll - ok
09:36:07.0468 0x0aa8  [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A, 61B4D669C692775EF361445293163E84FAD8636AC49C8047BE806DB4E4093291 ] C:\Windows\SysWOW64\wbem\fastprox.dll
09:36:07.0468 0x0aa8  C:\Windows\SysWOW64\wbem\fastprox.dll - ok
09:36:07.0484 0x0aa8  [ 101797BA603D227946B4B5109867EB19, EBF2B48D1A4FE148F455EA32023ABC0D479215D48C7CE76E765F199CD3C80AF8 ] C:\Windows\System32\SyncCenter.dll
09:36:07.0484 0x0aa8  C:\Windows\System32\SyncCenter.dll - ok
09:36:07.0484 0x0aa8  [ E3E811471DE781900FF21C1FD84E941E, 2A47FF52D1D6480AAD1919382E783EA184BF926311F8C7E466FEBE9F6FB88FD6 ] C:\Windows\SysWOW64\ntdsapi.dll
09:36:07.0484 0x0aa8  C:\Windows\SysWOW64\ntdsapi.dll - ok
09:36:07.0484 0x0aa8  [ 2D11BC8B460957E62E4420373A0D8BDA, 56105E84333998D43DFCDA9E8A4D70EAC43076CFF8389B2E525EC5C3017DC5FD ] C:\Windows\SysWOW64\imapi2.dll
09:36:07.0484 0x0aa8  C:\Windows\SysWOW64\imapi2.dll - ok
09:36:07.0484 0x0aa8  [ 8130391F82D52D36C0441F714136957F, 1FD4FEE7CAF63E450F27729E07EA2A2F09288629FD872DBB6E8710B16D8DBD5D ] C:\Windows\System32\imapi2.dll
09:36:07.0484 0x0aa8  C:\Windows\System32\imapi2.dll - ok
09:36:07.0499 0x0aa8  [ 15E298B5EC5B89C5994A59863969D9FF, 8D38B2E023462D0804F72E907D11FF72CE84540EA3B8D83F411C602C3F6A1177 ] C:\Windows\SysWOW64\npmproxy.dll
09:36:07.0499 0x0aa8  C:\Windows\SysWOW64\npmproxy.dll - ok
09:36:07.0499 0x0aa8  [ C7952D0A4C43A965A1741916BB134751, 84EF222159E8C444A1D9D2E6509245716E4106C8032861DBFF399001A529BF94 ] C:\Windows\SysWOW64\hgcpl.dll
09:36:07.0499 0x0aa8  C:\Windows\SysWOW64\hgcpl.dll - ok
09:36:07.0515 0x0aa8  [ 6A5C1A8AC0B572679361026D0E900420, B5E693B48B462E97738A3D4E58B60846159649EB15F4D11074B4BC107CC88562 ] C:\Windows\System32\hgcpl.dll
09:36:07.0515 0x0aa8  C:\Windows\System32\hgcpl.dll - ok
09:36:07.0515 0x0aa8  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] C:\Windows\SysWOW64\provsvc.dll
09:36:07.0515 0x0aa8  C:\Windows\SysWOW64\provsvc.dll - ok
09:36:07.0515 0x0aa8  [ C02AA67276FEE0C15CC4D6D616BDE95E, 24B0FFA2903CC77FEDE6B491647BB759C4AE054E38A19EFA0D2662AC2959570B ] C:\Windows\SysWOW64\WWanAPI.dll
09:36:07.0515 0x0aa8  C:\Windows\SysWOW64\WWanAPI.dll - ok
09:36:07.0531 0x0aa8  [ 5DA219F57A9076FB6FBD3C9C3713A672, 274FE616625B336D81841FDC752C8053D4CD6926565B899760D298D145CBA1A3 ] C:\Windows\System32\WWanAPI.dll
09:36:07.0531 0x0aa8  C:\Windows\System32\WWanAPI.dll - ok
09:36:07.0531 0x0aa8  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] C:\Windows\SysWOW64\netprofm.dll
09:36:07.0531 0x0aa8  C:\Windows\SysWOW64\netprofm.dll - ok
09:36:07.0531 0x0aa8  [ 75EA62927355189876081EF863064982, 2B0139C8BD7CB8A1C6DC92937F9D8CBB2526615021FE6EE979D9373EA3B640B7 ] C:\Windows\SysWOW64\ncsi.dll
09:36:07.0531 0x0aa8  C:\Windows\SysWOW64\ncsi.dll - ok
09:36:07.0546 0x0aa8  [ 29CA5974FAB0E8AE4AA7814FE05CF832, ADE54D406AAB7C364851AAD278A569426C9ADD4F7FB543BB08428CED963BF541 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
09:36:07.0546 0x0aa8  C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
09:36:07.0546 0x0aa8  [ 9A85ABCE0FDD1AF8E79E731EB0B679F3, 2A610BEB16610FE2F2E9A50477A62A05481E8A5843A814955A0EDFF45D0304B3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
09:36:07.0546 0x0aa8  C:\Windows\SysWOW64\dhcpcsvc.dll - ok
09:36:07.0546 0x0aa8  [ D9E21CBF9E6A87847AFFD39EA3FA28EE, B2AE0BBF907D4108DE3485E6059DF8D10C39707CD508A55A2D9627A66D01AE78 ] C:\Windows\System32\SearchProtocolHost.exe
09:36:07.0546 0x0aa8  C:\Windows\System32\SearchProtocolHost.exe - ok
09:36:07.0562 0x0aa8  [ 02530B0B7E048DD5AC8D52DAEACAEB2B, 2DEB454F8B71EC54C59185E2F1D679F7EC1C7AEFCD1D59761FDD3D70CABE0254 ] C:\Windows\SysWOW64\QAGENT.DLL
09:36:07.0562 0x0aa8  C:\Windows\SysWOW64\QAGENT.DLL - ok
09:36:07.0562 0x0aa8  [ 6B851E682A36453E1B1EE297FFB6E2AB, A641D3FD9463C4788B45B8B5584EA4489C1F63A71B4B595AE85FF3482CD5EDA6 ] C:\Windows\System32\QAGENT.DLL
09:36:07.0562 0x0aa8  C:\Windows\System32\QAGENT.DLL - ok
09:36:07.0562 0x0aa8  [ A5D237B8673025B052C0E6FDB6A883E8, 0DAE34965C08F7450938A5145D2B53C68AA917744B8C6FCB130A35C03C5CEF6F ] C:\Windows\SysWOW64\msshooks.dll
09:36:07.0562 0x0aa8  C:\Windows\SysWOW64\msshooks.dll - ok
09:36:07.0577 0x0aa8  [ D2A5B2B09F2AF5ED13BF494508B09788, 3FA04E84EC5A575E7804E44BA3BF1C4143E53C4ACF6C823CD029711529B0BE2C ] C:\Windows\System32\msshooks.dll
09:36:07.0577 0x0aa8  C:\Windows\System32\msshooks.dll - ok
09:36:07.0577 0x0aa8  [ 49A3AD5CE578CD77F445F3D244AEAB2D, 1D200547C6277C4A878A9ADD94045F7ACCC583609985C592AAE9B9B9CA7B812A ] C:\Windows\System32\SearchFilterHost.exe
09:36:07.0577 0x0aa8  C:\Windows\System32\SearchFilterHost.exe - ok
09:36:07.0577 0x0aa8  [ D83947A58613E9091B4C9CC0F1546A8D, C71DF6E18E2099FC462717B8658D39C607A62C7E7A1E5CD0E258C17434535AD0 ] C:\Windows\SysWOW64\mscoree.dll
09:36:07.0577 0x0aa8  C:\Windows\SysWOW64\mscoree.dll - ok
09:36:07.0593 0x0aa8  [ A08C010D859F8EB42BDD7E1D55B8CA27, F86EAFBF7AA41D8425156C07398EDC3BD42F1690BD3E15D27AEF2EDA86549F15 ] C:\Windows\System32\mscoree.dll
09:36:07.0593 0x0aa8  C:\Windows\System32\mscoree.dll - ok
09:36:07.0593 0x0aa8  [ 987323F0247D023AD1AE52195540ECE0, 74DE9609D81C58E5BF11A6EB5E8EEC18F0253834DB64BEF444339640D545F093 ] C:\Windows\SysWOW64\mssvp.dll
09:36:07.0593 0x0aa8  C:\Windows\SysWOW64\mssvp.dll - ok
09:36:07.0593 0x0aa8  [ E503E15C88B4BBDA3F6345E34FED3E92, 40C09CFBC7AAAE12BCAE32B5047E4A54DFB362434EBD5F54D8A5C8F6DBDA719A ] C:\Windows\System32\mssvp.dll
09:36:07.0593 0x0aa8  C:\Windows\System32\mssvp.dll - ok
09:36:07.0609 0x0aa8  [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6, 4F40D5CCE264290C8DD73A5766062A55ED4CF77D8F6B59D453DDB6F88B640D7E ] C:\Windows\SysWOW64\mapi32.dll
09:36:07.0609 0x0aa8  C:\Windows\SysWOW64\mapi32.dll - ok
09:36:07.0609 0x0aa8  [ 8F4BB0CFECED925D440ABC2481278360, 0A87E7E1B38300E211F2ECA10BFB9831CF79B128DEB9D7AB0AA6A715197FF2DD ] C:\Windows\System32\mapi32.dll
09:36:07.0609 0x0aa8  C:\Windows\System32\mapi32.dll - ok
09:36:07.0609 0x0aa8  [ 01E2855FB06C422E721D890AF201C2D7, 9CAA197D5CE95AABFC8C09EA2137E73C7A0EF37CE0459508C663F7B2D758E57F ] C:\Windows\System32\NaturalLanguage6.dll
09:36:07.0609 0x0aa8  C:\Windows\System32\NaturalLanguage6.dll - ok
09:36:07.0624 0x0aa8  [ 701D9F5F3F21580936638D5C5F86B460, 2F187684F61C72AACF8274EA29B48DAAC6C8377F791843914AABF5DAB3760980 ] C:\Windows\System32\NlsData0009.dll
09:36:07.0624 0x0aa8  C:\Windows\System32\NlsData0009.dll - ok
09:36:07.0624 0x0aa8  [ 148A733B93A2AC104280495DA09D3CC2, 443E46865090C610B84A82DB23DF8D1F22001FEA8B10F5619A10D25D7FEA29CC ] C:\Windows\System32\NlsLexicons0009.dll
09:36:07.0624 0x0aa8  C:\Windows\System32\NlsLexicons0009.dll - ok
09:36:07.0624 0x0aa8  [ 0B7E85364CB878E2AD531DB7B601A9E5, F5AD3018427F1CD68450EE5CB55AA9572546322580E0FB1E7888702A291C2380 ] C:\Windows\SysWOW64\NapiNSP.dll
09:36:07.0624 0x0aa8  C:\Windows\SysWOW64\NapiNSP.dll - ok
09:36:07.0640 0x0aa8  [ 5CF640EDDB1E40A5AB1BB743BCDEC610, 0313AA3F713C9F5B84DBB0B4DE78A96B173E9F7B4CF61C10FDC7DAE952DB04E5 ] C:\Windows\SysWOW64\pnrpnsp.dll
09:36:07.0640 0x0aa8  C:\Windows\SysWOW64\pnrpnsp.dll - ok
09:36:07.0640 0x0aa8  [ 5DF5D8CFD9B9573FA3B2C89D9061A240, 990EA273B640DF2D7E800C0CFF18550259C605A4951CD82CD9F1E7B6FF0C9533 ] C:\Windows\SysWOW64\winrnr.dll
09:36:07.0640 0x0aa8  C:\Windows\SysWOW64\winrnr.dll - ok
09:36:07.0640 0x0aa8  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] C:\Windows\System32\wscsvc.dll
09:36:07.0640 0x0aa8  C:\Windows\System32\wscsvc.dll - ok
09:36:07.0655 0x0aa8  [ 53223B673A3FA2F9A4D1C31C8D3F6CD8, B07A12E3ECD5E418A3F99F00C56E7F482F68CADE330E7C079DCCDFFAD2E21299 ] C:\Windows\SysWOW64\dbghelp.dll
09:36:07.0655 0x0aa8  C:\Windows\SysWOW64\dbghelp.dll - ok
09:36:07.0655 0x0aa8  [ A7A8CA53D9C9FD90C07AB0EB38E5316B, B98722E76601A98F038F40703C4B8BD21B5EC3B65DC1B07B7C367C06448F8A0E ] C:\Windows\System32\dbghelp.dll
09:36:07.0655 0x0aa8  C:\Windows\System32\dbghelp.dll - ok
09:36:07.0655 0x0aa8  [ 7D4DC95A1F5E0818E74A399960569EA1, C2C3B735D5FA128B192C97E237F39CF084F64A2F455E678028ABCA3E2A1E40F6 ] C:\Windows\SysWOW64\wuapi.dll
09:36:07.0655 0x0aa8  C:\Windows\SysWOW64\wuapi.dll - ok
09:36:07.0671 0x0aa8  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] C:\Windows\System32\wuaueng.dll
09:36:07.0671 0x0aa8  C:\Windows\System32\wuaueng.dll - ok
09:36:07.0671 0x0aa8  [ C47F35CC6FA4F1BDBEF8F87AC1A46537, 82EC7041317666D5370690BD2176CF00F5957036C29429319F45045BFFAE9EC2 ] C:\Windows\System32\wuapi.dll
09:36:07.0671 0x0aa8  C:\Windows\System32\wuapi.dll - ok
09:36:07.0671 0x0aa8  [ 7A6986DD659B96398A11AF5173892715, FB7818952B9015F433418E7DC656A2C20CD682056AB981A55C1722020142D578 ] C:\Windows\SysWOW64\cabinet.dll
09:36:07.0671 0x0aa8  C:\Windows\SysWOW64\cabinet.dll - ok
09:36:07.0687 0x0aa8  [ FA43D418BC945D27D0625B697B8442B5, 035DE0FEA440D2E3AD255EE84B388DDA538E778877033FDB54B8A61BB0AADE56 ] C:\Windows\System32\cabinet.dll
09:36:07.0687 0x0aa8  C:\Windows\System32\cabinet.dll - ok
09:36:07.0687 0x0aa8  [ 387A8A473ECC5BA02CF453277C1F3274, 3F36D3088B0F7CB0CC2C31E8F908527EC5502F0D3153D20332745B7BBF8B04D7 ] C:\Windows\SysWOW64\mspatcha.dll
09:36:07.0687 0x0aa8  C:\Windows\SysWOW64\mspatcha.dll - ok
09:36:07.0687 0x0aa8  [ FB633DCC8664E4CCACF562DB5BAE38CF, F2AF7C52717BBBE3A45D58B60A0D947497634F9F6DB23D64AE18F817CC0019A5 ] C:\Windows\SysWOW64\wups.dll
09:36:07.0687 0x0aa8  C:\Windows\SysWOW64\wups.dll - ok
09:36:07.0702 0x0aa8  [ 617F6EC0AC677C685479C1D0D1E76C6F, 77B22C0817558CE70EF7D3BBE04A275FFA35ED2E4AFB17DBDF353DF9932DC693 ] C:\Windows\System32\mspatcha.dll
09:36:07.0702 0x0aa8  C:\Windows\System32\mspatcha.dll - ok
09:36:07.0702 0x0aa8  [ E746ED90132C6B6313CE9179F56BD31D, CCE0367148E54AA1413C52CCE752CC75EA9E3A8232ECFC263C62A634B8CAEF5F ] C:\Windows\System32\wups.dll
09:36:07.0702 0x0aa8  C:\Windows\System32\wups.dll - ok
09:36:07.0702 0x0aa8  [ D412B1B72C5AB020218E9A047D90CA05, A9CF8134DB968D259DF4DCC736159841BCB8DF309BEED4FB44F99033B8D31B39 ] C:\Windows\SysWOW64\wmsgapi.dll
09:36:07.0702 0x0aa8  C:\Windows\SysWOW64\wmsgapi.dll - ok
09:36:07.0718 0x0aa8  [ 7FE0D0C8F53735EA17C9AE93EFE7AD5A, 7F67FE1E0453CCCFA5097BFC9087BA5F4B213CCA8AC17FC05D7ED02A52112E05 ] C:\Windows\System32\wups2.dll
09:36:07.0718 0x0aa8  C:\Windows\System32\wups2.dll - ok
09:36:07.0718 0x0aa8  Waiting for KSN requests completion. In queue: 264
09:36:08.0732 0x0aa8  Waiting for KSN requests completion. In queue: 264
09:36:09.0746 0x0aa8  Waiting for KSN requests completion. In queue: 264
09:36:10.0760 0x0aa8  Waiting for KSN requests completion. In queue: 264
09:36:11.0914 0x0aa8  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.5.216.0 ), 0x61000 ( enabled : updated )
09:36:11.0977 0x0aa8  Win FW state via NFP2: enabled
09:36:15.0487 0x0aa8  ============================================================
09:36:15.0487 0x0aa8  Scan finished
09:36:15.0487 0x0aa8  ============================================================
09:36:15.0487 0x0344  Detected object count: 0
09:36:15.0487 0x0344  Actual detected object count: 0
09:36:51.0289 0x0ba4  Deinitialize success

 

4. Junkware Removal Tool (fixed some registry and found nothing)

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x64
Ran by Tribu on Mon 04/07/2014 at  9:40:36.33
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-904592080-3486822256-927163821-1000\Software\Microsoft\Internet Explorer\Main\\Start Page

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~ Event Viewer Logs were cleared

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 04/07/2014 at  9:46:10.00
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

5. AdwCleaner (found nothing but the ever persistent Chrome user preferences .. even with Chrome uninstalled)

# AdwCleaner v3.023 - Report created 07/04/2014 at 09:50:09
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Tribu - TRIBU-PC
# Running from : C:\Users\Tribu\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Google Chrome v

[ File : C:\Users\Tribu\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\Aswang2K\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R6].txt - [836 octets] - [07/04/2014 09:49:10]
AdwCleaner[S5].txt - [758 octets] - [07/04/2014 09:50:09]

########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [817 octets] ##########

6. Rogue Killer (found a few Registry entries and fixed Shortcuts/hidden files)

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.co...es/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Tribu [Admin rights]
Mode : Scan -- Date : 04/07/2014 09:56:14
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 6 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_TrackProgs (0) -> FOUND
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1       localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ SCSI) Hitachi HDS721050CLA SCSI Disk Device +++++
--- User ---
[MBR] 21fe9da24d5107971f299d92ea959768
[BSP] 4e33b6f8cfc1ffac65253129ef3ca4f3 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 100000 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 205006848 | Size: 376837 MB
User = LL1 ... OK!
Error reading LL2 MBR! ([0x1] Incorrect function. )

Finished : << RKreport[0]_S_04072014_095614.txt >>

-Host

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.co...es/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Tribu [Admin rights]
Mode : HOSTSFix -- Date : 04/07/2014 09:57:32
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 0 ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1       localhost

¤¤¤ Reset HOSTS: ¤¤¤
127.0.0.1 localhost

Finished : << RKreport[0]_H_04072014_095732.txt >>
RKreport[0]_D_04072014_095719.txt;RKreport[0]_S_04072014_095614.txt

-Proxy

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.co...es/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Tribu [Admin rights]
Mode : ProxyFix -- Date : 04/07/2014 09:57:39
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

Finished : << RKreport[0]_PR_04072014_095739.txt >>
RKreport[0]_D_04072014_095719.txt;RKreport[0]_H_04072014_095732.txt;RKreport[0]_S_04072014_095614.txt

-DNS

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.co...es/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Tribu [Admin rights]
Mode : DNSFix -- Date : 04/07/2014 09:57:48
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 0 ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

Finished : << RKreport[0]_DN_04072014_095748.txt >>
RKreport[0]_D_04072014_095719.txt;RKreport[0]_H_04072014_095732.txt;RKreport[0]_S_04072014_095614.txt

-Shortcuts

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.co...es/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Tribu [Admin rights]
Mode : Shortcuts HJfix -- Date : 04/07/2014 09:58:06
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ File attributes restored: ¤¤¤
Desktop: Success 0 / Fail 0
Quick launch: Success 0 / Fail 0
Programs: Success 0 / Fail 0
Start menu: Success 0 / Fail 0
User folder: Success 0 / Fail 0
My documents: Success 0 / Fail 0
My favorites: Success 0 / Fail 0
My pictures: Success 0 / Fail 0
My music: Success 0 / Fail 0
My videos: Success 0 / Fail 0
Local drives: Success 0 / Fail 2
Backup: [NOT FOUND]

Drives:
[C:] \Device\HarddiskVolume2 -- 0x3 --> Restored
[D:] \Device\HarddiskVolume3 -- 0x3 --> Restored

¤¤¤ Infection :  ¤¤¤

Finished : << RKreport[0]_SC_04072014_095806.txt >>
RKreport[0]_D_04072014_095719.txt;RKreport[0]_H_04072014_095732.txt;RKreport[0]_S_04072014_095614.txt

 

7. ESET Online Scanner ( found nothing on drive C:\ )

Will post the downloaded and installed ESET Scan log in a few minutes. It is still doing it's scanning thing. Maybe it can catch something that others didn't.


Edited by Aswang2K, 06 April 2014 - 11:02 PM.

  • 0

#8
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,913 posts
I askedyou to do this.

apologies for doing the scan without being told):

While a helper is attending to your situation it is expected that you won't perform any self-fixes. It will make the helper confuse.
 

I am now concerned with the Windows Power Shell residing in %SystemRoot%\syswow64\ , %windir%\system32\ , %windir%\sysWOW64\, and %SystemRoot%\system32\ . Is it safe to remove it and if so how ?

No. This is an important Windows feature.
 

I am also concerned with the number of Services running in Task Manager even when I turned off everything in Control Panel Programs and Features except for Internet Explorer 11 and Windows Search

Numerous services are run behind your eyes to make the Windows function properly.
 

I have downloaded Farbar Recovery Scan Tool, OTL and ComboFix just in case.

ComboFix is one of the most powerful malware removal tools ever created if not the most. The slightest mistake can make your machine un-bootable. Please, do not do anything unless told.
  • 0

#9
Aswang2K

Aswang2K

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

Here's the log bro. Looks like it restored a few Services. Awesome

 

ESET Services Repair Tool  Log

Log Opened: 2014-04-07 @ 14:12:20
14:12:20 - -----------------
14:12:20 - | Begin Logging |
14:12:20 - -----------------
14:12:20 - Fix started on a WIN_7 X64 computer
14:12:20 - Prep in progress.  Please Wait.
14:12:22 - Prep complete
14:12:22 - Repairing Services Now.  Please wait...
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\BFE.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\SubLayer>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\Provider>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\Filter>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\BootTime\Filter>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\BootTime>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\BITS.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Performance>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\iphlpsvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Teredo\{FA88062C-9A61-4C1E-AC45-7143F8F01AAD}>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Isatap\{8AD2FB26-F91E-44F1-9B24-3C0AE56C9CE0}>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Isatap>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\IPHTTPS>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Interfaces>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\config>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\MpsSvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\RPC-EPMap>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSOut>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSIn>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\DHCP>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\SharedAccess.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static\System>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable\System>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Epoch2>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Epoch>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\StandardProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\StandardProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\PublicProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\PublicProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\FirewallRules>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\DomainProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\DomainProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\WinDefend.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\TriggerInfo\0>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\TriggerInfo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\wscsvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\wuauserv.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv>

SetACL finished successfully.
14:12:23 - Services Repair Complete.
14:12:31 - Reboot Initiated


  • 0

#10
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,913 posts
What issues are you facing presently?
  • 0

Advertisements


#11
Aswang2K

Aswang2K

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

No idea really. Just wary of that Windows PowerShell lurking there and God-knows-what  it's doing, done or will be doing. http://www.v3.co.uk/...ved-tor-malware


  • 0

#12
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,913 posts
Let's be honest. You are being way too paranoid and it won't help if not make the matter worse. Read about Power Shell here. You came here for assistance and two people that includes myself and an expert(who is over-viewing my response) are assisting you. I am being trained to eradicate malware from a system. I ask for your forbearance and restrain yourself from reading every article you find and doubt legitimate programs. Yes, every program can be patched by hackers and can be used for malicious purpose. That is why I am here.
That being said, I await your ESET Scan log since you started this already and refrain from downloading and running tools unless told otherwise.
  • 0

#13
Aswang2K

Aswang2K

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

Let's be honest. You are being way too paranoid and it won't help if not make the matter worse. Read about Power Shell here. You came here for assistance and two people that includes myself and an expert(who is over-viewing my response) are assisting you. I am being trained to eradicate malware from a system. I ask for your forbearance and restrain yourself from reading every article you find and doubt legitimate programs. Yes, every program can be patched by hackers and can be used for malicious purpose. That is why I am here.
That being said, I await your ESET Scan log since you started this already and refrain from downloading and running tools unless told otherwise.

 

ESET didn't find anything when I scanned PC yesterday (at least the C drive). If my IP is being red-flagged and listed as part of a spam botnet, is it not a valid reason to be paranoid ?


  • 0

#14
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,913 posts

If my IP is being red-flagged and listed as part of a spam botnet, is it not a valid reason to be paranoid ?

Throwing away each an every tools you can find on it won't make things better if that what you are implying. Like I mentioned earlier, if on a shared network, if one PC gets infected or takes part on a botnet, all the other connected PC will be IP blacklisted as the website that flagged you does not know which PC took part in the attack. This happened to many people including myself.
  • 0

#15
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,913 posts
From another clean PC, please change your email and other online accounts passwords please. People unknowingly take part in botnet via password theft.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP