Malware redirect rocket-find has taken over my browsers. Any help removing would be appreciated.
Thank you,
John
Need to get rid of http://rocket-find.com/ redirect? [Solved]
Started by
jfavata
, Jun 09 2014 07:10 PM
-
This topic is locked
#2
Posted 09 June 2014 - 07:27 PM
pystryker
-
- Malware Removal
-
- 3,912 posts
Trusted Helper
Hello and welcome to Geeks to Go! My nickname is Pystryker 
, and I will be helping you with your issue today.
Before we get started, I have a few things I need to go over with you
Hello, let's get a look at your machine and see what's going on.
Step 1: Scan with Farbar's Recovery Scan Tool (FRST)
Please download Farbar Recovery Scan Tool and save it to your Desktop.
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
FRST Log
Addition.txt Log
aswMBR
, and I will be helping you with your issue today.Before we get started, I have a few things I need to go over with you
- Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process.
- Please do not attach your logs or put them inside code/quote tags. Do a Copy/Paste of the entire contents of the log file and submit it inside your post unless directed otherwise.
- At the top of your post, please click on the "Follow this topic" button and make sure that the "Received notification" box is checked and set to "Instantly" This will send an email to you as soon as I reply to your topic, allowing us to solve your problem faster.
- If any of your security programs give you a warning about any tool I ask you to use, please do not worry. All the links and tools I provide to you will be safe.
- Please read through my instructions carefully and completely before executing them. I will lay the instructions out in a step by step order to make them easy to follow.
- Please make sure that all the programs I ask you to download are downloaded to and run from your Desktop.
- Please make sure you (if you are able) to print out these instructions so that you will be able to refer to them while working on your machine. Part of the solution(s) to your problem may involve us working in Safe Mode and you will need them to go by.
- Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.
- This is a complicated process. It requires several steps, patience, and careful following of my instructions in the order they are given to diagnose your problems to get your machine back in working order.
- Please stay with me until the end of all steps and procedures and I declare your system clean. Just because there is a lack of symptoms does not indicate a clean machine. I promise to do the same for you.
- Please make sure you reply within 3 days to my responses, if there is no reply within 3 days, the topic will be closed and you will need to request the topic be reopened.
- Before we get started, please remember we will do our best to get your machine repaired. However, there are some cases where the only solution is a reformat and reinstall of the operating system. This is a worst case scenario though.
- It is impossible for me to know what interactions may happen between your computer's software and the tools we will use to clean your machine. Therefore, I highly recommend you backup any critical personal files on your machine before we start.
- If possible, please have your original Windows installation disks handy, just in case.
- If you have any questions at all, please don't hesitate to ask. There's no such thing as a stupid question when dealing with malware.
- If you are unsure of an instruction I give you, or if something unexepected occurs, Do NOT proceed! Stop and ask for clarification of the instruction or tell me what occurred.
- Please remember, the fixes are for your machine and your machine ONLY! Do not use these fixes on any other machine, each fix is tailor made for your system only. Using a fix on another machine can and will cause serious damage.
- Once we have cleaned your machine, we'll have some cleanup and prevention steps to go through. We will also provide you with some information about how to reduce your chances of infection and get some protections in place to help defend you against this in the future
- Please be patient while I am analyzing your logs. I know you are probably scared and very frustrated with this problem, but I am a volunteer and sometimes life does get in the way.
Hello, let's get a look at your machine and see what's going on.
Step 1: Scan with Farbar's Recovery Scan Tool (FRST)
Please download Farbar Recovery Scan Tool and save it to your Desktop.
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
- Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
- Place a check in the box marked Addition.txt
- Press Scan button.
- It will produce a log called FRST.txt in the same directory the tool is run from.
- Please copy and paste log back here.
- The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
- Please download aswMBR.exe to your desktop.
- Double click the file to run it.
- It will ask if you want to download the latest Avast! virus definitions, please answer yes.
- Click the Scan button to begin the scan.
- Once the scan has finished, click on Save Log, save it to your desktop as asw.txt, and please post it in your next reply.
- Click Exit
FRST Log
Addition.txt Log
aswMBR
#3
Posted 09 June 2014 - 07:30 PM
jfavata
- Topic Starter
-
- Member
-
- 29 posts
Member
Sorry I forgot to tell you I tried uninstalling the rocket-find program from the uninstall menu but it is still redirecting my browsers. Also I did not post the log previously:
OTL logfile created on: 6/9/2014 9:19:15 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\John F\AppData\Local\Microsoft\Windows\INetCache\IE\H9RFW5R8
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17031)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
7.86 Gb Total Physical Memory | 6.03 Gb Available Physical Memory | 76.75% Memory free
9.11 Gb Paging File | 7.22 Gb Available in Paging File | 79.28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.17 Gb Total Space | 891.35 Gb Free Space | 95.72% Space Free | Partition Type: NTFS
Computer Name: JOHN | User Name: John F | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/06/09 21:19:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\John F\AppData\Local\Microsoft\Windows\INetCache\IE\H9RFW5R8\OTL.exe
PRC - [2014/06/09 21:06:46 | 000,317,728 | ---- | M] () -- C:\Program Files (x86)\Greener Web\bin\utilGreenerWeb.exe
PRC - [2014/06/09 17:49:22 | 000,317,728 | ---- | M] () -- C:\Program Files (x86)\Greener Web\updateGreenerWeb.exe
PRC - [2014/06/09 15:24:21 | 000,096,544 | ---- | M] () -- C:\Program Files (x86)\Greener Web\bin\GreenerWeb.BrowserAdapter.exe
PRC - [2014/05/13 19:40:56 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/04/19 13:18:07 | 000,061,512 | ---- | M] (VER_COMPANY_NAME) -- C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbrmon.exe
PRC - [2012/10/04 04:27:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/09/06 08:50:40 | 001,124,288 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2012/08/27 12:45:56 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2012/07/17 18:57:22 | 000,365,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012/07/17 18:57:20 | 000,277,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012/06/25 14:57:14 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2009/01/09 17:49:08 | 000,405,639 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
========== Modules (No Company Name) ==========
MOD - [2014/06/09 15:24:21 | 000,096,544 | ---- | M] () -- C:\Program Files (x86)\Greener Web\bin\GreenerWeb.BrowserAdapter.exe
MOD - [2014/05/13 19:40:54 | 000,414,536 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppgooglenaclpluginchrome.dll
MOD - [2014/05/13 19:40:50 | 004,217,672 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
MOD - [2014/05/13 19:40:45 | 000,716,616 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
MOD - [2014/05/13 19:40:44 | 000,126,280 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
MOD - [2014/05/13 19:40:43 | 001,732,424 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
========== Services (SafeList) ==========
SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp)
SRV:64bit: - [2014/04/23 07:25:23 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/03/23 22:31:14 | 000,347,880 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/03/23 22:31:14 | 000,023,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/03/08 01:41:25 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/03/06 03:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/03/06 02:34:46 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/02/22 11:53:10 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/02/22 05:57:16 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/02/22 05:26:58 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/02/22 05:25:39 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/02/22 05:25:14 | 000,269,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/02/22 05:23:58 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014/01/27 11:38:59 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2013/12/10 03:35:18 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013/11/23 00:50:00 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/09/30 00:03:27 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2013/08/22 08:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013/08/22 07:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 07:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 07:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 07:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 07:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 06:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 06:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 05:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 05:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 05:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 05:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 05:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 05:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 05:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 05:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/04/20 18:16:12 | 000,635,104 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV - [2014/06/09 21:06:46 | 000,317,728 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Greener Web\bin\utilGreenerWeb.exe -- (Util Greener Web)
SRV - [2014/06/09 17:49:22 | 000,317,728 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Greener Web\updateGreenerWeb.exe -- (Update Greener Web)
SRV - [2014/05/14 00:41:31 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/04/12 18:30:29 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/10/03 23:43:02 | 000,279,000 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013/09/30 00:03:26 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013/08/22 08:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/08/21 23:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/21 22:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2012/10/04 04:27:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/09/06 08:50:40 | 001,124,288 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2012/08/27 12:45:56 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2012/07/17 18:57:22 | 000,365,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/17 18:57:20 | 000,277,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/07/13 05:02:15 | 002,451,456 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2012/06/25 14:57:14 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014/06/09 12:24:20 | 000,061,016 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64.sys -- ({a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64)
DRV:64bit: - [2014/03/23 22:30:57 | 000,257,880 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/03/23 22:30:57 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/03/23 22:27:03 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/03/19 23:41:20 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/03/13 08:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/03/08 16:40:16 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/03/08 16:35:45 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/02/22 12:00:25 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/02/22 11:50:31 | 000,054,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/02/22 11:49:51 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/02/22 11:49:49 | 000,384,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/02/22 11:49:49 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/02/22 11:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/02/22 11:49:47 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/02/22 11:44:13 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/02/22 08:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014/01/22 08:52:10 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2014/01/22 08:52:10 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013/12/04 14:41:54 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2013/11/10 22:48:41 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013/11/01 07:39:53 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/10/25 21:54:32 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013/10/05 11:25:54 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/10/03 23:42:44 | 004,185,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2013/09/30 00:03:25 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/09/29 23:51:06 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/09/29 23:51:01 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/09/26 05:08:22 | 000,039,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2013/09/26 05:08:22 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2013/09/05 02:37:00 | 000,030,496 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2013/09/04 18:03:50 | 003,345,376 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwew00.sys -- (NETwNe64)
DRV:64bit: - [2013/09/04 13:58:11 | 000,175,528 | ---- | M] (Trend Micro Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tmcomm.sys -- (tmcomm)
DRV:64bit: - [2013/09/04 13:58:11 | 000,109,072 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmactmon.sys -- (tmactmon)
DRV:64bit: - [2013/09/04 13:58:11 | 000,077,184 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV:64bit: - [2013/08/22 09:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 09:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 08:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 08:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 08:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 08:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 08:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 08:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 08:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 08:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 08:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 08:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 08:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 08:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 08:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 08:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 08:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 08:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 08:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 08:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 08:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 08:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 08:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 08:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 08:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 08:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 08:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 08:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 08:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 07:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 07:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 07:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 07:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 07:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 07:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 07:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 07:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 07:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 07:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 07:38:17 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2013/08/22 07:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 07:38:16 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb80236.sys -- (usbrndis6)
DRV:64bit: - [2013/08/22 07:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 07:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 07:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 07:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 07:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 07:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 07:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 07:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 07:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013/08/22 07:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 07:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 04:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/12 19:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/09 20:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 14:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 15:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/06/18 10:46:17 | 000,591,360 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012/12/26 23:35:20 | 000,092,456 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmusa.sys -- (tmusa)
DRV:64bit: - [2012/12/07 14:33:04 | 000,094,520 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tmeevw.sys -- (tmeevw)
DRV:64bit: - [2012/10/27 03:02:10 | 000,651,832 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012/09/19 01:46:20 | 000,447,864 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2012/08/29 12:36:54 | 000,857,472 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2012/08/23 20:07:14 | 000,046,392 | ---- | M] (Trend Micro Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TMEBC64.sys -- (TMEBC)
DRV:64bit: - [2012/08/06 15:07:08 | 000,068,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:64bit: - [2012/07/27 00:18:20 | 000,034,224 | ---- | M] (Trend Micro Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\tmel.sys -- (tmel)
DRV:64bit: - [2012/07/02 19:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/06/15 01:50:46 | 000,315,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUVStor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2008/12/31 01:00:22 | 000,172,032 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2007/05/14 16:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://rocket-find.c...cr=312955327=
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://rocket-find.c...cr=312955327=
IE:64bit: - HKLM\..\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://rocket-find.c...cr=312955327=
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8B 68 35 61 7D A6 CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://rocket-find.c...cr=312955327=
IE - HKCU\..\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://sportscar365.com/"
FF - prefs.js..extensions.enabledAddons: %7Ba3f28269-ad17-41a8-b032-3e0313ef8979%7D:1.0.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@TrendMicro.com/FFExtension: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll (Trend Micro Inc.)
FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher: C:\Users\John F\AppData\Local\Roblox\Versions\version-23a4f309f57a496c\\NPRobloxProxy.dll ()
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\John F\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\PROGRAM FILES\TREND MICRO\AMSP\MODULE\20002\7.5.1137\7.5.1137\FIREFOXEXTENSION [2014/04/11 18:32:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1137\7.5.1137\firefoxextension [2014/04/11 18:32:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22181a4d-af90-4ca3-a569-faed9118d6bc}: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2013/08/31 14:32:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{21541D23-FDA1-4bf3-8AF2-8F623BF70B07}: C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension\ [2014/04/11 18:34:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2014/03/08 03:15:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\John F\AppData\Roaming\mozilla\Extensions
[2014/06/09 20:46:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\John F\AppData\Roaming\mozilla\Firefox\Profiles\x18llnv2.default\extensions
[2014/06/09 20:37:45 | 000,000,000 | ---D | M] ("Rocket New Tab") -- C:\Users\John F\AppData\Roaming\mozilla\Firefox\Profiles\x18llnv2.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}
[2014/06/09 17:49:22 | 000,009,083 | ---- | M] () (No name found) -- C:\Users\John F\AppData\Roaming\mozilla\firefox\profiles\x18llnv2.default\extensions\{a3f28269-ad17-41a8-b032-3e0313ef8979}.xpi
[2014/03/08 03:16:23 | 000,957,290 | ---- | M] () (No name found) -- C:\Users\John F\AppData\Roaming\mozilla\firefox\profiles\x18llnv2.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/06/09 20:38:09 | 000,009,602 | ---- | M] () -- C:\Users\John F\AppData\Roaming\mozilla\firefox\profiles\x18llnv2.default\searchplugins\ask-web-search.xml
[2014/06/09 20:37:55 | 000,002,779 | ---- | M] () -- C:\Users\John F\AppData\Roaming\mozilla\firefox\profiles\x18llnv2.default\searchplugins\WSE Rocket.xml
[2014/04/12 18:30:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/04/12 18:30:30 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: https://www.google.com/?gws_rd=ssl
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Intel® Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel® Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Trend Micro Titanium (Enabled) = C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll
CHR - Extension: Google Docs = C:\Users\John F\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\
CHR - Extension: Google Drive = C:\Users\John F\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\John F\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_0\
CHR - Extension: YouTube = C:\Users\John F\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: TrendMicro BEP Extension = C:\Users\John F\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmiabdepfhhiieiipmeecdmeljggmfee\7.5.0.1137_0\
CHR - Extension: Google Search = C:\Users\John F\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: TrendMicro Toolbar = C:\Users\John F\AppData\Local\Google\Chrome\User Data\Default\Extensions\heoldelcflnigdllmlopiefhkkobendj\6.0.0.2030_0\
CHR - Extension: Rocket New Tab = C:\Users\John F\AppData\Local\Google\Chrome\User Data\Default\Extensions\kembfcmnocipgabpfmkeannjggpjaeak\9.4.16_0\
CHR - Extension: Google Wallet = C:\Users\John F\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\John F\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2013/08/22 09:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1221\1.0.1221\TmopIEPlg.dll (Trend Micro Inc.)
O2:64bit: - BHO: (TSToolbarBHO) - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
O2:64bit: - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1137\7.5.1137\TmBpIe64.dll (Trend Micro Inc.)
O2 - BHO: (Greener Web) - {1973d53b-7311-45d7-8270-f44571c041a0} - C:\Program Files (x86)\Greener Web\GreenerWebBHO.dll (Greener Web)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1221\1.0.1221\TmopIEPlg32.dll (Trend Micro Inc.)
O2 - BHO: (TSToolbarBHO) - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1137\7.5.1137\TmBpIe32.dll (Trend Micro Inc.)
O3:64bit: - HKLM\..\Toolbar: (TrendMicro Toolbar) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
O3 - HKLM\..\Toolbar: (Trend Micro Toolbar) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll (Motorola Solutions, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4:64bit: - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [GamingWonderland Browser Plugin Loader 64] C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbrmon64.exe (VER_COMPANY_NAME)
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_4F1AF1F43665083A862D2FA853077FC7] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKLM..\RunOnce: [GamingWonderlandbar Uninstall] C:\Program Files (x86)\gtUninstall GamingWonderland.dll (Mindspark)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O8 - Extra context menu item: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 65.32.5.111 65.32.5.112
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{36ECE9FA-9DB6-4F28-90CF-BEDBD1795BB1}: DhcpNameServer = 65.32.5.111 65.32.5.112
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E65D12F1-205C-4BF0-963A-46B39414B3EC}: DhcpNameServer = 65.32.5.111 65.32.5.112
O18:64bit: - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1137\7.5.1137\TmBpIe64.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1221\1.0.1221\TmopIEPlg.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\tmtbim - No CLSID value found
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1137\7.5.1137\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1221\1.0.1221\TmopIEPlg32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtbim {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (c:\windows\syswow64\nvinit.dll) - c:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{25eb7e26-4291-11e3-be83-84a6c8f22bef}\Shell - "" = AutoRun
O33 - MountPoints2\{25eb7e26-4291-11e3-be83-84a6c8f22bef}\Shell\AutoRun\command - "" = "E:\VZW_Software_upgrade_assistant.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/06/09 21:21:09 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\John F\Desktop\OTL.exe
[2014/06/09 21:08:00 | 000,061,016 | ---- | C] (StdLib) -- C:\WINDOWS\SysNative\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64.sys
[2014/06/09 20:45:21 | 000,860,232 | ---- | C] (Mindspark) -- C:\Program Files (x86)\gtUninstall GamingWonderland.dll
[2014/06/09 20:12:06 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/06/09 20:07:10 | 000,000,000 | ---D | C] -- C:\Users\John F\Documents\Optimizer Pro
[2014/06/09 20:07:09 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2014/06/09 20:04:47 | 000,000,000 | ---D | C] -- C:\Users\John F\AppData\Local\Rocket
[2014/06/09 20:04:07 | 000,000,000 | ---D | C] -- C:\Users\John F\AppData\Roaming\RocketUpdater
[2014/06/09 20:03:46 | 000,000,000 | ---D | C] -- C:\Users\John F\AppData\Roaming\UpdaterEX
[2014/06/09 20:02:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Greener Web
[2014/06/09 20:01:46 | 000,000,000 | ---D | C] -- C:\Users\John F\AppData\Local\Programs
========== Files - Modified Within 30 Days ==========
[2014/06/09 21:21:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\John F\Desktop\OTL.exe
[2014/06/09 21:04:02 | 000,000,308 | ---- | M] () -- C:\WINDOWS\tasks\Rocket Updater.job
[2014/06/09 20:56:00 | 000,000,908 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/06/09 20:41:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/06/09 20:36:29 | 000,002,205 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/06/09 20:36:15 | 000,000,904 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/09 20:35:49 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/06/09 20:33:45 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/06/09 20:33:42 | 2457,026,559 | -HS- | M] () -- C:\hiberfil.sys
[2014/06/09 20:04:03 | 000,418,829 | ---- | M] () -- C:\Users\John F\AppData\Local\speedial.crx
[2014/06/09 20:03:49 | 000,000,044 | ---- | M] () -- C:\Users\John F\AppData\Roaming\WB.CFG
[2014/06/09 20:03:47 | 000,000,308 | ---- | M] () -- C:\WINDOWS\tasks\UpdaterEX.job
[2014/06/09 19:59:22 | 000,001,146 | ---- | M] () -- C:\Users\John F\Desktop\Continue flvplayer Installation.lnk
[2014/06/09 12:24:20 | 000,061,016 | ---- | M] (StdLib) -- C:\WINDOWS\SysNative\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64.sys
[2014/05/19 08:00:23 | 000,001,403 | ---- | M] () -- C:\Users\John F\Desktop\uhyj7k.lnk
[2014/05/19 08:00:23 | 000,001,218 | ---- | M] () -- C:\Users\John F\Desktop\ROBLOX Studio 2013.lnk
========== Files Created - No Company Name ==========
[2014/06/09 20:45:21 | 000,197,000 | ---- | C] () -- C:\Program Files (x86)\gtres.dll
[2014/06/09 20:04:07 | 000,000,308 | ---- | C] () -- C:\WINDOWS\tasks\Rocket Updater.job
[2014/06/09 20:04:03 | 000,418,829 | ---- | C] () -- C:\Users\John F\AppData\Local\speedial.crx
[2014/06/09 20:03:49 | 000,000,044 | ---- | C] () -- C:\Users\John F\AppData\Roaming\WB.CFG
[2014/06/09 20:03:47 | 000,000,308 | ---- | C] () -- C:\WINDOWS\tasks\UpdaterEX.job
[2014/06/09 19:59:22 | 000,001,146 | ---- | C] () -- C:\Users\John F\Desktop\Continue flvplayer Installation.lnk
[2014/04/23 07:35:56 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014/03/18 21:05:33 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2013/10/27 14:10:50 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013/10/03 23:42:46 | 000,343,040 | ---- | C] () -- C:\WINDOWS\SysWow64\igdmd32.dll
[2013/10/03 23:42:40 | 000,180,736 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2013/10/03 23:42:38 | 000,142,848 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2013/08/31 14:26:25 | 000,000,036 | ---- | C] () -- C:\Users\John F\AppData\Local\housecall.guid.cache
[2013/08/22 11:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 11:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 10:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 03:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/21 23:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/21 19:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/21 19:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/02/20 16:33:42 | 000,000,075 | RHS- | C] () -- C:\WINDOWS\CT4CET.bin
========== ZeroAccess Check ==========
[2014/06/09 20:02:41 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/27 05:12:37 | 021,225,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/27 03:48:28 | 018,679,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 05:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 22:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 05:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014/06/09 20:04:07 | 000,000,000 | ---D | M] -- C:\Users\John F\AppData\Roaming\RocketUpdater
[2014/06/09 20:03:46 | 000,000,000 | ---D | M] -- C:\Users\John F\AppData\Roaming\UpdaterEX
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 237 bytes -> C:\Users\John F\SkyDrive:ms-properties
< End of report >
#4
Posted 09 June 2014 - 07:34 PM
pystryker
-
- Malware Removal
-
- 3,912 posts
Trusted Helper
Sorry I forgot to tell you I tried uninstalling the rocket-find program from the uninstall menu but it is still redirecting my browsers. Also I did not post the log previously:
Ok, no worries.
Please run the aswMBR scan and post that log. Also, when you ran OTL the first time, another log was produced called Extras.txt located in the same place as where you ran OTL from. In this case here: C:\Users\John F\AppData\Local\Microsoft\Windows\INetCache\IE\H9RFW5R8Also, please move OTL.exe to your desktop as it runs better from there.
Things I need to see in your next post:
Extras.txt Log
aswMBR Log
#5
Posted 09 June 2014 - 08:05 PM
jfavata
- Topic Starter
-
- Member
-
- 29 posts
Member
Extras.txt
OTL Extras logfile created on: 6/9/2014 9:19:15 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\John F\AppData\Local\Microsoft\Windows\INetCache\IE\H9RFW5R8
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17031)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
7.86 Gb Total Physical Memory | 6.03 Gb Available Physical Memory | 76.75% Memory free
9.11 Gb Paging File | 7.22 Gb Available in Paging File | 79.28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.17 Gb Total Space | 891.35 Gb Free Space | 95.72% Space Free | Partition Type: NTFS
Computer Name: JOHN | User Name: John F | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2D188AD0-F0C6-40C4-877B-A395616870C8}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3F2F6146-4570-4B03-8F6F-35FF0BB5791D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{553D8F2C-BEB3-41FB-8585-74E40562C062}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6AFF44B4-C5DF-45E8-BBF8-0DED9F6A9B03}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{77281E11-0F40-48E5-87A9-0269D713D260}" = lport=10243 | protocol=6 | dir=in | app=system |
"{7B5DA665-0B0E-4F66-B249-1238573F55AD}" = rport=10243 | protocol=6 | dir=out | app=system |
"{88B9E2E5-A9CE-4874-A34F-1F486E7C1AC1}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8B5CD9AD-CEB6-4B1E-A36B-45277B354472}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BF2B678B-E438-48B4-AD21-788F0F11EAFD}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03D5CE41-FC0A-4E76-8125-C55E718EAAE4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{03DA0E33-E46E-4972-A4FB-32D8C83361BB}" = dir=out | name=f5 vpn |
"{089BD2EB-9211-44CB-B9A5-0B01C01800A8}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{0C3FD132-B44C-4AEF-BC1D-E692907AE25A}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{12448B48-FF35-464F-9D04-25F14D804DB3}" = dir=out | name=@{microsoft.bingnews_3.0.2.261_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{12BA60CC-2729-480C-807E-1D0CAA953C35}" = protocol=6 | dir=out | app=system |
"{133646E3-72D8-4152-93A2-F51CEBE1636C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{15D34986-A352-42D8-B808-63B4B939D225}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{16063740-C036-42FE-AB45-822EE46DB353}" = dir=out | name=juniper networks junos pulse |
"{1936B3D2-44FE-45D3-B97F-8A84C815885E}" = dir=in | name=juniper networks junos pulse |
"{1CD95367-DCA2-415D-9C58-2A05B018C805}" = dir=out | name=windows_ie_ac_001 |
"{1FD7F2B9-A309-4007-9F88-A8A3219D6D88}" = dir=out | name=@{microsoft.bingfinance_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{2F3BD074-EA86-4DC3-A0BA-D84147528063}" = dir=out | name=@{microsoft.zunemusic_2.2.902.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{353E3C0D-030D-409E-B93B-C9B6AC276BB0}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{35514EA6-8AF8-4C49-9D7E-CAC554BEE0AE}" = dir=out | name=windows_ie_ac_001 |
"{362ECC7D-CAA8-403D-874D-0B29920EE359}" = dir=out | name=skype |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{44111E02-509F-4F0C-89AF-B01D58DC3607}" = dir=out | name=windows_ie_ac_001 |
"{4A46BB3C-38EA-46C3-981E-6AB157E4026A}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{51680549-788D-47E2-BB07-1741C1313B88}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{5E51103F-9976-4683-8844-1C80C0248C44}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{6FDA23D5-65E0-4C3A-BFB2-576531999B25}" = dir=out | name=@{microsoft.bingmaps_2.1.2922.2139_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{728B2FA8-3A0E-4707-8BEE-392A16D5676F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{79168C22-5417-4A0B-9917-92F75EC57299}" = dir=in | name=f5 vpn |
"{7E5580A4-DBD1-4DA5-A0DB-F31D4EC4F1B4}" = dir=out | name=windows_ie_ac_001 |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{815B85B2-401A-4F26-8649-D6AAF375DE30}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{842C2372-6453-418B-8919-F5E26637661A}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{868AEA87-75D9-4316-A239-48FD4DCE235D}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{8700BE4D-96F6-4BF6-B683-1836944918DD}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{87FC2F26-CA93-4ED7-BDEC-EBB3A8BE7C70}" = dir=out | name=@{microsoft.bingsports_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{8D5907C6-11E1-48EB-A88C-270AF085834A}" = dir=out | name=windows_ie_ac_001 |
"{8FC02ED1-7067-4F1C-BD67-54644449FAE8}" = dir=out | name=check point vpn |
"{9AD5B6E9-7719-40A6-A88C-5487233C8E40}" = dir=out | name=windows_ie_ac_001 |
"{9C7CF094-A564-4D7C-9314-19ECAB9432EE}" = dir=out | name=@{microsoft.bingtravel_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{A20DDE39-7570-4A65-8D92-DC6337AB437C}" = dir=in | name=check point vpn |
"{A254C797-497A-469B-8F18-7B79F7AF34B6}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{A9AA8E3D-E4C7-43EE-8AF0-E95EC05FF19F}" = dir=in | name=sonicwall mobile connect |
"{B1BAEEED-4C98-4376-9B40-96A46754845E}" = dir=in | name=skype |
"{BC6E7637-15DD-4561-A521-BE710E01FC86}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BCC56F52-E841-4514-89CF-A8A47014F4DC}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{C1A82DB7-A094-42C5-A6FF-AA17388469B7}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{C58B5133-8B55-4B35-B94E-829DBB9ACED6}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{C6645E19-E017-42A1-935A-2FF9F219489D}" = dir=out | name=@{microsoft.bingweather_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{CDCBE961-1021-4450-B9A9-B45659C3E1A7}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{CF6E4C5A-4A72-433C-B535-278FD21D2B38}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CFED670F-C026-4260-BC7B-4389455A4746}" = dir=out | name=@{microsoft.zunevideo_2.2.902.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{D3219D30-3358-4E72-8585-26ADF22E5DE4}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{D5A82D2B-808D-40AF-A35D-AF481ECC1B54}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{D5E6D1B8-F3D8-4A6D-9833-5C5F74E95D2E}" = dir=out | name=sonicwall mobile connect |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{E51C86BA-C5B0-471E-BB69-130CD8CE5739}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{E633E70E-AD0D-49F5-B067-288F5CE50F71}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{F342807E-FF17-4D04-B8FA-514A35921E7F}" = dir=out | name=girl dress up |
"{F4C5F4C4-38FF-4A69-AB88-347A8D1574D7}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F7204F97-4BBA-4963-9E69-788A04BB0AE7}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{FD8C5479-26FF-4416-9709-F3F0C1850D6A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0728A184-F899-4356-B93D-8228674F0DEB}" = Intel® PROSet/Wireless Software for Bluetooth® Technology
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium Internet Security
"{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 327.02
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 307.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"Greener Web" = Greener Web
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}" = Google Earth Plug-in
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Dell Webcam Central" = Dell Webcam Central
"Google Chrome" = Google Chrome
"Mozilla Firefox 28.0 (x86 en-US)" = Mozilla Firefox 28.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Zoola Games" = Zoola Games
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{373B1718-8CC5-4567-8EE2-9033AD08A680}" = ROBLOX Player for John F
"UnityWebPlayer" = Unity Web Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 5/25/2014 8:19:42 PM | Computer Name = John | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe_DPS, version: 6.3.9600.16384,
time stamp: 0x5215dfe3 Faulting module name: energyprov.dll, version: 6.3.9600.16384,
time stamp: 0x5215e106 Exception code: 0xc0000005 Fault offset: 0x00000000000082d3
Faulting
process id: 0x5e4 Faulting application start time: 0x01cf775b204d3748 Faulting application
path: C:\WINDOWS\system32\svchost.exe Faulting module path: C:\WINDOWS\System32\energyprov.dll
Report
Id: 6e8b42c5-e46b-11e3-beb1-84a6c8f22bef Faulting package full name: Faulting package-relative
application ID:
Error - 5/26/2014 11:50:43 AM | Computer Name = John | Source = Application Error | ID = 1000
Description = Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17037,
time stamp: 0x5312c30a Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0xc0000005 Fault offset: 0x21087190 Faulting process id:
0x433c Faulting application start time: 0x01cf787f092d6efe Faulting application path:
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Faulting module path: unknown
Report
Id: 7e1c0071-e4ed-11e3-beb1-84a6c8f22bef Faulting package full name: Faulting package-relative
application ID:
Error - 5/26/2014 11:55:09 AM | Computer Name = John | Source = Application Error | ID = 1000
Description = Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17037,
time stamp: 0x5312c30a Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0xc0000005 Fault offset: 0x40d89ce8 Faulting process id:
0x8770 Faulting application start time: 0x01cf78fa4ccf6369 Faulting application path:
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Faulting module path: unknown
Report
Id: 1cb9fcff-e4ee-11e3-beb1-84a6c8f22bef Faulting package full name: Faulting package-relative
application ID:
Error - 5/26/2014 11:56:18 AM | Computer Name = John | Source = Application Error | ID = 1000
Description = Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17037,
time stamp: 0x5312c30a Faulting module name: Flash.ocx, version: 13.0.0.214, time
stamp: 0x5359d1d9 Exception code: 0xc0000005 Fault offset: 0x0073a52f Faulting process
id: 0x1db4 Faulting application start time: 0x01cf78fa9390839e Faulting application
path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Faulting module path:
C:\Windows\SYSTEM32\Macromed\Flash\Flash.ocx Report Id: 45d6dfea-e4ee-11e3-beb1-84a6c8f22bef
Faulting
package full name: Faulting package-relative application ID:
Error - 5/30/2014 10:44:46 PM | Computer Name = John | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 11.0.9600.17037 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 6558 Start
Time: 01cf7c7a30086ffa Termination Time: 8 Application Path: C:\Program Files\Internet
Explorer\iexplore.exe Report Id: 82e6caeb-e86d-11e3-beb1-84a6c8f22bef Faulting package
full name: Faulting package-relative application ID:
Error - 5/31/2014 1:45:40 PM | Computer Name = John | Source = Application Error | ID = 1000
Description = Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17037,
time stamp: 0x5312c30a Faulting module name: Flash.ocx, version: 13.0.0.214, time
stamp: 0x5359d1d9 Exception code: 0xc0000005 Fault offset: 0x00875cfa Faulting process
id: 0x12d8 Faulting application start time: 0x01cf7cf7fa5727c6 Faulting application
path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Faulting module path:
C:\Windows\SYSTEM32\Macromed\Flash\Flash.ocx Report Id: 6147035b-e8eb-11e3-beb1-84a6c8f22bef
Faulting
package full name: Faulting package-relative application ID:
Error - 6/1/2014 2:58:19 PM | Computer Name = John | Source = Application Error | ID = 1000
Description = Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17037,
time stamp: 0x5312c30a Faulting module name: igd10iumd32.dll, version: 10.18.10.3316,
time stamp: 0x524b007a Exception code: 0xc0000005 Fault offset: 0x00093ef7 Faulting
process id: 0x199c Faulting application start time: 0x01cf7d88d175309c Faulting application
path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Faulting module path:
C:\WINDOWS\system32\igd10iumd32.dll Report Id: b1e7800c-e9be-11e3-beb1-84a6c8f22bef
Faulting
package full name: Faulting package-relative application ID:
Error - 6/1/2014 7:14:01 PM | Computer Name = John | Source = Application Error | ID = 1000
Description = Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17037,
time stamp: 0x5312c30a Faulting module name: igd10iumd32.dll, version: 10.18.10.3316,
time stamp: 0x524b007a Exception code: 0xc0000005 Fault offset: 0x00093e67 Faulting
process id: 0x8248 Faulting application start time: 0x01cf7dc6e30c52aa Faulting application
path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Faulting module path:
C:\WINDOWS\system32\igd10iumd32.dll Report Id: 6a1879a0-e9e2-11e3-beb1-84a6c8f22bef
Faulting
package full name: Faulting package-relative application ID:
Error - 6/2/2014 10:18:57 AM | Computer Name = John | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 6/5/2014 11:58:07 PM | Computer Name = John | Source = Customer Experience Improvement Program | ID = 1008
Description =
[ System Events ]
Error - 5/24/2014 10:12:56 AM | Computer Name = John | Source = EventLog | ID = 6008
Description = The previous system shutdown at 10:05:21 AM on ?5/?24/?2014 was unexpected.
Error - 5/24/2014 10:17:05 AM | Computer Name = John | Source = EventLog | ID = 6008
Description = The previous system shutdown at 10:12:56 AM on ?5/?24/?2014 was unexpected.
Error - 5/24/2014 10:19:01 AM | Computer Name = John | Source = EventLog | ID = 6008
Description = The previous system shutdown at 10:17:05 AM on ?5/?24/?2014 was unexpected.
Error - 5/24/2014 10:18:50 AM | Computer Name = John | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 5/25/2014 9:09:46 AM | Computer Name = John | Source = DCOM | ID = 10010
Description =
Error - 5/25/2014 9:09:46 AM | Computer Name = John | Source = DCOM | ID = 10010
Description =
Error - 5/25/2014 8:19:43 PM | Computer Name = John | Source = Service Control Manager | ID = 7031
Description = The Base Filtering Engine service terminated unexpectedly. It has
done this 1 time(s). The following corrective action will be taken in 120000 milliseconds:
Restart the service.
Error - 5/25/2014 8:19:43 PM | Computer Name = John | Source = Service Control Manager | ID = 7031
Description = The Diagnostic Policy Service service terminated unexpectedly. It
has done this 1 time(s). The following corrective action will be taken in 120000
milliseconds: Restart the service.
Error - 5/25/2014 8:19:43 PM | Computer Name = John | Source = Service Control Manager | ID = 7031
Description = The Windows Firewall service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 120000 milliseconds:
Restart the service.
Error - 5/25/2014 8:19:43 PM | Computer Name = John | Source = Service Control Manager | ID = 7031
Description = The Network Connected Devices Auto-Setup service terminated unexpectedly.
It has done this 1 time(s). The following corrective action will be taken in
120000 milliseconds: Restart the service.
< End of report >
The 2nd one aswMBR keeps giving me an error in the middle of running:
"avast! Antirootkit has stopped working"
#6
Posted 09 June 2014 - 08:10 PM
pystryker
-
- Malware Removal
-
- 3,912 posts
Trusted Helper
The 2nd one aswMBR keeps giving me an error in the middle of running:
Ok, we'll hold up just a moment on scanning for rootkits. I'm almost ready with instructions, and once we get rid of the adware, we'll run a different tool to take a look. I'll be back shortly.
#8
Posted 09 June 2014 - 08:18 PM
pystryker
-
- Malware Removal
-
- 3,912 posts
Trusted Helper
Hello, let's get to work.
Note: Please make sure that OTL.exe is on the desktop before starting these steps.
Step 1: Program Uninstalls and Remove Chrome Extension
Please uninstall the following program from your machine:
Greener Web
Chrome Extension Removal
There is an extension in Chrome that need to be removed, please follow the instructions below to remove it.
Start Chrome and type this into the address bar: chrome:extensions
This will display a page of all the installed extensions. Please remove the extension Rocket New Tab by clicking the trash can icon.
Step 2: OTL Fix
Let's run an OTL fix:
Warning: This fix is to be used on this system and this system ONLY. Using this fix on any other machine other than yours can seriously damage it.
Be advised that when the fix commences, it will shut down all running processes and you may lose the desktop and icons, they will return on reboot.
Run OTL by double clicking it (Windows Vista, Windows 7, and 8, right click and select "Run as Administrator)
Step 3: AdwCleaner
Download ADWcleaner by clicking here. Please save it to your Desktop
Please download Junkware Removal Tool to your desktop.
OTL Fix Log
AdwCleaner Log
Junkware Removal Tool Log
Question: How is the computer running?
Note: Please make sure that OTL.exe is on the desktop before starting these steps.
Step 1: Program Uninstalls and Remove Chrome Extension
Please uninstall the following program from your machine:
Greener Web
Chrome Extension Removal
There is an extension in Chrome that need to be removed, please follow the instructions below to remove it.
Start Chrome and type this into the address bar: chrome:extensions
This will display a page of all the installed extensions. Please remove the extension Rocket New Tab by clicking the trash can icon.
Step 2: OTL Fix
Let's run an OTL fix:
Warning: This fix is to be used on this system and this system ONLY. Using this fix on any other machine other than yours can seriously damage it.
Be advised that when the fix commences, it will shut down all running processes and you may lose the desktop and icons, they will return on reboot.
Run OTL by double clicking it (Windows Vista, Windows 7, and 8, right click and select "Run as Administrator)
- Copy the text in the quote box below (do not copy the word "quote") and paste in the in the box marked Custom Scans/Fixes as shown in the graphic below.
:Commands
[createrestorepoint]
:OTL
SRV - [2014/06/09 21:06:46 | 000,317,728 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Greener Web\bin\utilGreenerWeb.exe -- (Util Greener Web)
SRV - [2014/06/09 17:49:22 | 000,317,728 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Greener Web\updateGreenerWeb.exe -- (Update Greener Web)
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://rocket-find.c...cr=312955327=
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://rocket-find.c...cr=312955327=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://rocket-find.c...cr=312955327=
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://rocket-find.c...cr=312955327=
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
[2014/06/09 20:37:45 | 000,000,000 | ---D | M] ("Rocket New Tab") -- C:\Users\John F\AppData\Roaming\mozilla\Firefox\Profiles\x18llnv2.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}
[2014/06/09 20:38:09 | 000,009,602 | ---- | M] () -- C:\Users\John F\AppData\Roaming\mozilla\firefox\profiles\x18llnv2.default\searchplugins\ask-web-search.xml
[2014/06/09 20:37:55 | 000,002,779 | ---- | M] () -- C:\Users\John F\AppData\Roaming\mozilla\firefox\profiles\x18llnv2.default\searchplugins\WSE Rocket.xml
O2 - BHO: (Greener Web) - {1973d53b-7311-45d7-8270-f44571c041a0} - C:\Program Files (x86)\Greener Web\GreenerWebBHO.dll (Greener Web)
O4 - HKLM..\Run: [GamingWonderland Browser Plugin Loader 64] C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbrmon64.exe (VER_COMPANY_NAME)
O4 - HKLM..\RunOnce: [GamingWonderlandbar Uninstall] C:\Program Files (x86)\gtUninstall GamingWonderland.dll (Mindspark)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O33 - MountPoints2\{25eb7e26-4291-11e3-be83-84a6c8f22bef}\Shell\AutoRun\command - "" = "E:\VZW_Software_upgrade_assistant.exe"
[2014/06/09 20:45:21 | 000,860,232 | ---- | C] (Mindspark) -- C:\Program Files (x86)\gtUninstall GamingWonderland.dll
[2014/06/09 20:07:10 | 000,000,000 | ---D | C] -- C:\Users\John F\Documents\Optimizer Pro
[2014/06/09 20:04:47 | 000,000,000 | ---D | C] -- C:\Users\John F\AppData\Local\Rocket
[2014/06/09 20:04:07 | 000,000,000 | ---D | C] -- C:\Users\John F\AppData\Roaming\RocketUpdater
[2014/06/09 20:03:46 | 000,000,000 | ---D | C] -- C:\Users\John F\AppData\Roaming\UpdaterEX
[2014/06/09 20:02:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Greener Web
[2014/06/09 21:04:02 | 000,000,308 | ---- | M] () -- C:\WINDOWS\tasks\Rocket Updater.job
[2014/06/09 20:04:03 | 000,418,829 | ---- | M] () -- C:\Users\John F\AppData\Local\speedial.crx
:Files
C:\Program Files (x86)\GamingWonderland
C:\Program Files (x86)\Greener Web
netsh advfirewall reset /c
netsh advfirewall set allprofiles state on /c
ipconfig /flushdns /c
:Commands
[emptytemp]
- Click the Run Fix button at the top of the OTL control panel.
- Let the program run until it's finished and then reboot the computer.
- Once your machine has rebooted, a log will open. Please post that log in your next reply.
Step 3: AdwCleaner
Download ADWcleaner by clicking here. Please save it to your Desktop
- Double click (Vista and 7 Users)right click the adwcleaner.exe file and click Run as Adminstrator and accept the UAC prompt to run AdwCleaner
- Close any open windows or browsers.
- Pause your Anti-Virus program if it is running.
- Once it starts, click on the Scan button.
- Let the scan complete itself. This may take a few minutes.
- Once the scan has finished, it will say "Pending, uncheck elements you don't want to remove.", don't worry about unchecking anything and then click the Clean button. When finished, it will ask to reboot. Please reboot.
- When the machine has rebooted, a log will be produced. Please copy/paste that in your next reply. Here's how:
- Click the Report button and the log will open. Copy and Paste the contents of the log file into your next reply.
Please download Junkware Removal Tool to your desktop.- Shut down your protection software now to avoid potential conflicts.
- Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
- The tool will open and start scanning your system.
- Please be patient as this can take a while to complete depending on your system's specifications.
- On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
- Post the contents of JRT.txt into your next message.
- Start OTL and this time click the Quick Scan button
- OTL will scan your system and produce one log when finished.
- Please post that log in your next reply.
OTL Fix Log
AdwCleaner Log
Junkware Removal Tool Log
Question: How is the computer running?
#9
Posted 09 June 2014 - 09:10 PM
jfavata
- Topic Starter
-
- Member
-
- 29 posts
Member
OTLfixlog
All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Error: No service named Util Greener Web was found to stop!
Service\Driver key Util Greener Web not found.
File C:\Program Files (x86)\Greener Web\bin\utilGreenerWeb.exe not found.
Error: No service named Update Greener Web was found to stop!
Service\Driver key Update Greener Web not found.
File C:\Program Files (x86)\Greener Web\updateGreenerWeb.exe not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
C:\Users\John F\AppData\Roaming\mozilla\Firefox\Profiles\x18llnv2.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\_locales\en-US folder moved successfully.
C:\Users\John F\AppData\Roaming\mozilla\Firefox\Profiles\x18llnv2.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\_locales folder moved successfully.
C:\Users\John F\AppData\Roaming\mozilla\Firefox\Profiles\x18llnv2.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\resources folder moved successfully.
C:\Users\John F\AppData\Roaming\mozilla\Firefox\Profiles\x18llnv2.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\info folder moved successfully.
C:\Users\John F\AppData\Roaming\mozilla\Firefox\Profiles\x18llnv2.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\favorites folder moved successfully.
C:\Users\John F\AppData\Roaming\mozilla\Firefox\Profiles\x18llnv2.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images\chrome folder moved successfully.
C:\Users\John F\AppData\Roaming\mozilla\Firefox\Profiles\x18llnv2.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\images folder moved successfully.
C:\Users\John F\AppData\Roaming\mozilla\Firefox\Profiles\x18llnv2.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins\css folder moved successfully.
C:\Users\John F\AppData\Roaming\mozilla\Firefox\Profiles\x18llnv2.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\plugins folder moved successfully.
C:\Users\John F\AppData\Roaming\mozilla\Firefox\Profiles\x18llnv2.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\resources folder moved successfully.
C:\Users\John F\AppData\Roaming\mozilla\Firefox\Profiles\x18llnv2.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images\patterns folder moved successfully.
C:\Users\John F\AppData\Roaming\mozilla\Firefox\Profiles\x18llnv2.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\images folder moved successfully.
C:\Users\John F\AppData\Roaming\mozilla\Firefox\Profiles\x18llnv2.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab\css folder moved successfully.
C:\Users\John F\AppData\Roaming\mozilla\Firefox\Profiles\x18llnv2.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\newtab folder moved successfully.
C:\Users\John F\AppData\Roaming\mozilla\Firefox\Profiles\x18llnv2.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\icons folder moved successfully.
C:\Users\John F\AppData\Roaming\mozilla\Firefox\Profiles\x18llnv2.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\gallery folder moved successfully.
C:\Users\John F\AppData\Roaming\mozilla\Firefox\Profiles\x18llnv2.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin\external folder moved successfully.
C:\Users\John F\AppData\Roaming\mozilla\Firefox\Profiles\x18llnv2.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\skin folder moved successfully.
C:\Users\John F\AppData\Roaming\mozilla\Firefox\Profiles\x18llnv2.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\newtab folder moved successfully.
C:\Users\John F\AppData\Roaming\mozilla\Firefox\Profiles\x18llnv2.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\external folder moved successfully.
C:\Users\John F\AppData\Roaming\mozilla\Firefox\Profiles\x18llnv2.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\data folder moved successfully.
C:\Users\John F\AppData\Roaming\mozilla\Firefox\Profiles\x18llnv2.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content\browser folder moved successfully.
C:\Users\John F\AppData\Roaming\mozilla\Firefox\Profiles\x18llnv2.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}\content folder moved successfully.
C:\Users\John F\AppData\Roaming\mozilla\Firefox\Profiles\x18llnv2.default\extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b} folder moved successfully.
C:\Users\John F\AppData\Roaming\mozilla\firefox\profiles\x18llnv2.default\searchplugins\ask-web-search.xml moved successfully.
C:\Users\John F\AppData\Roaming\mozilla\firefox\profiles\x18llnv2.default\searchplugins\WSE Rocket.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1973d53b-7311-45d7-8270-f44571c041a0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1973d53b-7311-45d7-8270-f44571c041a0}\ not found.
File C:\Program Files (x86)\Greener Web\GreenerWebBHO.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\GamingWonderland Browser Plugin Loader 64 deleted successfully.
C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbrmon64.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\GamingWonderlandbar Uninstall deleted successfully.
C:\Program Files (x86)\gtUninstall GamingWonderland.dll moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{25eb7e26-4291-11e3-be83-84a6c8f22bef}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25eb7e26-4291-11e3-be83-84a6c8f22bef}\ not found.
File "E:\VZW_Software_upgrade_assistant.exe" not found.
File C:\Program Files (x86)\gtUninstall GamingWonderland.dll not found.
C:\Users\John F\Documents\Optimizer Pro folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\pnacl folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\User StyleSheets folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Session Storage folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Local Storage folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\JumpListIconsOld folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\JumpListIcons folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\IndexedDB\chrome-extension_ibnjmihbbanannlbobkbmnmckjnmdnom_0.indexeddb.leveldb folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\IndexedDB folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\GPUCache folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\zh_TW folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\zh_CN folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\vi folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\uk folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\tr folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\th folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sv folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sr folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sl folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\sk folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ru folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ro folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\pt_PT folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\pt_BR folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\pl folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\nl folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\nb folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\lv folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\lt folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ko folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ja folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\it folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\id folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\hu folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\hr folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\hi folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\fr folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\fil folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\fi folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\et folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\es_419 folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\es folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\en_GB folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\en folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\el folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\de folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\da folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\cs folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\ca folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales\bg folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\_locales folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\images folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\html folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\css folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0 folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\_locales\tr folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\_locales\ru folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\_locales\pt_BR folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\_locales\pl folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\_locales\nl folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\_locales\ja folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\_locales\it folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\_locales\he folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\_locales\fr folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\_locales\es folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\_locales\en folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\_locales\de folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\_locales\ar folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\_locales folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\locales folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\lib folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\js folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\img\user folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\img\themes\sunset folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\img\themes\strips folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\img\themes\space folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\img\themes\sea folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\img\themes\planets folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\img\themes\mountains folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\img\themes\forest folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\img\themes\fishing folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\img\themes\disco folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\img\themes\city folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\img\themes\buttons folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\img\themes\bubbles folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\img\themes folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\img\search folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\img\review-gifs\cat folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\img\review-gifs folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\img\previews folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\img\phone folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\img\notifications folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\img\loaders folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\img\image-upload folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\img\icons\pageAction folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\img\icons folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\img\ftue folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\img\favorites folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\img\discovery folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\img\apps folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\img\about folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\img folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\css folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\app\spots\weather\images folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\app\spots\weather folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\app\spots\gallery\images\blackfriday folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\app\spots\gallery\images folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\app\spots\gallery\data folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\app\spots\gallery folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\app\spots\facebook\images\carousel\screenshots folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\app\spots\facebook\images\carousel folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\app\spots\facebook\images folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\app\spots\facebook folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\app\spots folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0\app folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom\0.1.33_0 folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Extensions folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\databases folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default\Cache folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data\Default folder moved successfully.
C:\Users\John F\AppData\Local\Rocket\User Data folder moved successfully.
C:\Users\John F\AppData\Local\Rocket folder moved successfully.
C:\Users\John F\AppData\Roaming\RocketUpdater\UpdateProc folder moved successfully.
C:\Users\John F\AppData\Roaming\RocketUpdater folder moved successfully.
C:\Users\John F\AppData\Roaming\UpdaterEX\UpdateProc folder moved successfully.
C:\Users\John F\AppData\Roaming\UpdaterEX folder moved successfully.
Folder C:\Program Files (x86)\Greener Web\ not found.
C:\Windows\Tasks\Rocket Updater.job moved successfully.
C:\Users\John F\AppData\Local\speedial.crx moved successfully.
========== FILES ==========
C:\Program Files (x86)\GamingWonderland\bar\1.bin folder moved successfully.
C:\Program Files (x86)\GamingWonderland\bar folder moved successfully.
C:\Program Files (x86)\GamingWonderland folder moved successfully.
File\Folder C:\Program Files (x86)\Greener Web not found.
< netsh advfirewall reset /c >
Ok.
C:\Users\John F\Desktop\cmd.bat deleted successfully.
C:\Users\John F\Desktop\cmd.txt deleted successfully.
< netsh advfirewall set allprofiles state on /c >
Ok.
C:\Users\John F\Desktop\cmd.bat deleted successfully.
C:\Users\John F\Desktop\cmd.txt deleted successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\John F\Desktop\cmd.bat deleted successfully.
C:\Users\John F\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default.migrated
User: John F
->Temp folder emptied: 278573350 bytes
->Temporary Internet Files folder emptied: 1246277704 bytes
->FireFox cache emptied: 3870114 bytes
->Google Chrome cache emptied: 6099312 bytes
->Flash cache emptied: 214597 bytes
User: Public
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 107157288 bytes
RecycleBin emptied: 735268015 bytes
Total Files Cleaned = 2,267.00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 06092014_222534
Files\Folders moved on Reboot...
C:\Users\John F\AppData\Local\Microsoft\Windows\INetCache\Low\IE\YAXTRAV5\17[1].htm moved successfully.
C:\Users\John F\AppData\Local\Microsoft\Windows\INetCache\Low\IE\YAXTRAV5\fastbuttonXAHKDZIQ.htm moved successfully.
C:\Users\John F\AppData\Local\Microsoft\Windows\INetCache\Low\IE\YAXTRAV5\fastbutton[10].htm moved successfully.
C:\Users\John F\AppData\Local\Microsoft\Windows\INetCache\Low\IE\YAXTRAV5\like[8].htm moved successfully.
C:\Users\John F\AppData\Local\Microsoft\Windows\INetCache\Low\IE\VLA38NMO\xjAJXh38I15wypJXxuGMBobN6UDyHWBl620a-IRfuBk[1].woff moved successfully.
C:\Users\John F\AppData\Local\Microsoft\Windows\INetCache\Low\IE\SYYBMPWC\0[5].js moved successfully.
C:\Users\John F\AppData\Local\Microsoft\Windows\INetCache\Low\IE\SR5SFTAY\18[1].htm moved successfully.
C:\Users\John F\AppData\Local\Microsoft\Windows\INetCache\Low\IE\SR5SFTAY\33[1].htm moved successfully.
C:\Users\John F\AppData\Local\Microsoft\Windows\INetCache\Low\IE\SR5SFTAY\fastbutton[3].htm moved successfully.
C:\Users\John F\AppData\Local\Microsoft\Windows\INetCache\Low\IE\SR5SFTAY\fastbutton[4].htm moved successfully.
C:\Users\John F\AppData\Local\Microsoft\Windows\INetCache\Low\IE\SR5SFTAY\like[6].htm moved successfully.
C:\Users\John F\AppData\Local\Microsoft\Windows\INetCache\Low\IE\SR5SFTAY\like[7].htm moved successfully.
C:\Users\John F\AppData\Local\Microsoft\Windows\INetCache\Low\IE\SR5SFTAY\like_box[1].htm moved successfully.
C:\Users\John F\AppData\Local\Microsoft\Windows\INetCache\Low\IE\SR5SFTAY\YBVK7U0V.htm moved successfully.
C:\Users\John F\AppData\Local\Microsoft\Windows\INetCache\Low\IE\R5UY65PM\PRmiXeptR36kaC0GEAetxjqR_3kx9_hJXbbyU8S6IN0[1].woff moved successfully.
C:\Users\John F\AppData\Local\Microsoft\Windows\INetCache\Low\IE\Q81JH3O4\sh162[1].htm moved successfully.
C:\Users\John F\AppData\Local\Microsoft\Windows\INetCache\Low\IE\Q81JH3O4\V80PAcvrynR[1].htm moved successfully.
C:\Users\John F\AppData\Local\Microsoft\Windows\INetCache\Low\IE\IOU05IKG\hub[1].htm moved successfully.
C:\Users\John F\AppData\Local\Microsoft\Windows\INetCache\Low\IE\IOU05IKG\hub[2].htm moved successfully.
C:\Users\John F\AppData\Local\Microsoft\Windows\INetCache\Low\IE\BEV9OS6U\339778-need-to-get-rid-of-httprocket-findcom-redirect[1].htm moved successfully.
C:\Users\John F\AppData\Local\Microsoft\Windows\INetCache\Low\IE\BEV9OS6U\3qPfgRJhy_o6IWGjH-pPcw[1].eot moved successfully.
C:\Users\John F\AppData\Local\Microsoft\Windows\INetCache\Low\IE\BEV9OS6U\ad[1].htm moved successfully.
C:\Users\John F\AppData\Local\Microsoft\Windows\INetCache\Low\IE\BEV9OS6U\http___www.motorsport[1].htm moved successfully.
C:\Users\John F\AppData\Local\Microsoft\Windows\INetCache\Low\IE\BEV9OS6U\k3k702ZOKiLJc3WVjuplzHhCUOGz7vYGh680lGh-uXM[1].woff moved successfully.
C:\Users\John F\AppData\Local\Microsoft\Windows\INetCache\Low\IE\9OM4JFPK\ad[1].htm moved successfully.
C:\Users\John F\AppData\Local\Microsoft\Windows\INetCache\Low\IE\9OM4JFPK\aswmbr[1] moved successfully.
C:\Users\John F\AppData\Local\Microsoft\Windows\INetCache\Low\IE\9OM4JFPK\aswmbr[1].exe moved successfully.
C:\Users\John F\AppData\Local\Microsoft\Windows\INetCache\Low\IE\9OM4JFPK\ba[1].htm moved successfully.
C:\Users\John F\AppData\Local\Microsoft\Windows\INetCache\Low\IE\9OM4JFPK\click[2].htm moved successfully.
C:\Users\John F\AppData\Local\Microsoft\Windows\INetCache\Low\IE\60LMARYB\cJZKeOuBrn4kERxqtaUH3T8E0i7KZn-EPnyo3HZu7kw[1].woff moved successfully.
C:\Users\John F\AppData\Local\Microsoft\Windows\INetCache\Low\IE\60LMARYB\livefyre[1].htm moved successfully.
C:\Users\John F\AppData\Local\Microsoft\Windows\INetCache\Low\IE\60LMARYB\V80PAcvrynR[2].htm moved successfully.
C:\Users\John F\AppData\Local\Microsoft\Windows\INetCache\Low\IE\3TUUQQOB\gsd[1].htm moved successfully.
C:\Users\John F\AppData\Local\Microsoft\Windows\INetCache\Low\IE\3TUUQQOB\postmessageRelay[1].htm moved successfully.
C:\Users\John F\AppData\Local\Microsoft\Windows\INetCache\Low\IE\3TUUQQOB\tweet_button.1401325387[2].htm moved successfully.
C:\Users\John F\AppData\Local\Microsoft\Windows\INetCache\Low\IE\35D2UNSB\AOJM2IU1.htm moved successfully.
C:\Users\John F\AppData\Local\Microsoft\Windows\INetCache\Low\MSIMGSIZ.DAT moved successfully.
C:\Users\John F\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
AdwCleaner Log:
# AdwCleaner v3.212 - Report created 09/06/2014 at 22:42:58
# Updated 05/06/2014 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : John F - JOHN
# Running from : C:\Users\John F\Desktop\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Users\John F\AppData\Local\SearchProtect
Folder Deleted : C:\Users\John F\AppData\Roaming\Mozilla\Firefox\Profiles\x18llnv2.default\GamingWonderland
File Deleted : C:\END
File Deleted : C:\Users\John F\AppData\Roaming\Mozilla\Firefox\Profiles\x18llnv2.default\user.js
File Deleted : C:\WINDOWS\Tasks\UpdaterEX.job
File Deleted : C:\WINDOWS\System32\Tasks\UpdaterEX
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\UpdaterEX
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17037
-\\ Mozilla Firefox v28.0 (en-US)
[ File : C:\Users\John F\AppData\Roaming\Mozilla\Firefox\Profiles\x18llnv2.default\prefs.js ]
Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled", false);
Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "");
Line Deleted : user_pref("extensions.toolbar.mindspark.lastInstalled", "[email protected]");
-\\ Google Chrome v35.0.1916.114
[ File : C:\Users\John F\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Startup_urls] : hxxp://rocket-find.com/?f=1&a=rckt_dnldstr_14_24_ie&cd=2XzuyEtN2Y1L1QzuzzyE0AyC0Czz0FtBtB0B0E0Fzz0ByCzztN0D0Tzu0SzzzytCtN1L2XzutBtFtBtBtFtDtFyBtN1L1Czu0R1F1R1J1P2ZtN1L1G1B1V1N2Y1L1Qzu2StB0EyEtDyC0FyDyDtGzz0E0A0BtG0Azz0D0FtGyCyByC0EtGyDtBtDzz0FyEtD0AyCzz0B0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0Bzz0FyCtAtBtBtGzz0B0F0CtG0DyCtA0CtGyDzzyDtDtGyDtA0A0D0B0BzzyB0A0E0ByD2Q&cr=312955327&ir=
*************************
AdwCleaner[R0].txt - [3270 octets] - [09/06/2014 22:41:27]
AdwCleaner[S0].txt - [3028 octets] - [09/06/2014 22:42:58]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3088 octets] ##########
Junkware Removal
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 x64
Ran by John F on Mon 06/09/2014 at 22:50:09.91
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\John F\appdata\locallow\gamingwonderlandei"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 06/09/2014 at 22:53:50.22
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
OTL Final log:
OTL logfile created on: 6/9/2014 10:55:24 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\John F\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17031)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
7.86 Gb Total Physical Memory | 6.50 Gb Available Physical Memory | 82.67% Memory free
9.11 Gb Paging File | 7.72 Gb Available in Paging File | 84.76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.17 Gb Total Space | 893.07 Gb Free Space | 95.91% Space Free | Partition Type: NTFS
Computer Name: JOHN | User Name: John F | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/06/09 21:21:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\John F\Desktop\OTL.exe
PRC - [2012/10/04 04:27:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/09/06 08:50:40 | 001,124,288 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2012/08/27 12:45:56 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2012/07/17 18:57:22 | 000,365,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012/07/17 18:57:20 | 000,277,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012/06/25 14:57:14 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2009/01/09 17:49:08 | 000,405,639 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
========== Modules (No Company Name) ==========
========== Services (SafeList) ==========
SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp)
SRV:64bit: - [2014/04/23 07:25:23 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/03/23 22:31:14 | 000,347,880 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/03/23 22:31:14 | 000,023,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/03/08 01:41:25 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/03/06 03:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/03/06 02:34:46 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/02/22 11:53:10 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/02/22 05:57:16 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/02/22 05:26:58 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/02/22 05:25:39 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/02/22 05:25:14 | 000,269,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/02/22 05:23:58 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014/01/27 11:38:59 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2013/12/10 03:35:18 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013/11/23 00:50:00 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/09/30 00:03:27 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2013/08/22 08:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013/08/22 07:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 07:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 07:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 07:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 07:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 06:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 06:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 06:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 05:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 05:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 05:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 05:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 05:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 05:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 05:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 05:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/04/20 18:16:12 | 000,635,104 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV - [2014/05/14 00:41:31 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/04/12 18:30:29 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/10/03 23:43:02 | 000,279,000 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013/09/30 00:03:26 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013/08/22 08:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/08/21 23:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/21 22:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2012/10/04 04:27:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/09/06 08:50:40 | 001,124,288 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2012/08/27 12:45:56 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2012/07/17 18:57:22 | 000,365,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/17 18:57:20 | 000,277,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/07/13 05:02:15 | 002,451,456 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2012/06/25 14:57:14 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014/06/09 12:24:20 | 000,061,016 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64.sys -- ({a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64)
DRV:64bit: - [2014/03/23 22:30:57 | 000,257,880 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/03/23 22:30:57 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/03/23 22:27:03 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/03/19 23:41:20 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/03/13 08:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/03/08 16:40:16 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/03/08 16:35:45 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/02/22 12:00:25 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/02/22 11:50:31 | 000,054,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/02/22 11:49:51 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/02/22 11:49:49 | 000,384,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/02/22 11:49:49 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/02/22 11:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/02/22 11:49:47 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/02/22 11:44:13 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/02/22 08:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014/01/22 08:52:10 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2014/01/22 08:52:10 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013/12/04 14:41:54 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2013/11/10 22:48:41 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013/11/01 07:39:53 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/10/25 21:54:32 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013/10/05 11:25:54 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/10/03 23:42:44 | 004,185,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2013/09/30 00:03:25 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/09/29 23:51:06 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/09/29 23:51:01 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/09/26 05:08:22 | 000,039,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2013/09/26 05:08:22 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2013/09/05 02:37:00 | 000,030,496 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2013/09/04 18:03:50 | 003,345,376 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwew00.sys -- (NETwNe64)
DRV:64bit: - [2013/09/04 13:58:11 | 000,175,528 | ---- | M] (Trend Micro Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tmcomm.sys -- (tmcomm)
DRV:64bit: - [2013/09/04 13:58:11 | 000,109,072 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmactmon.sys -- (tmactmon)
DRV:64bit: - [2013/09/04 13:58:11 | 000,077,184 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV:64bit: - [2013/08/22 09:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 09:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 08:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 08:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 08:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 08:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 08:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 08:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 08:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 08:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 08:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 08:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 08:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 08:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 08:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 08:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 08:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 08:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 08:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 08:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 08:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 08:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 08:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 08:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 08:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 08:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 08:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 08:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 08:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 07:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 07:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 07:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 07:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 07:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 07:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 07:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 07:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 07:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 07:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 07:38:17 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2013/08/22 07:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 07:38:16 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb80236.sys -- (usbrndis6)
DRV:64bit: - [2013/08/22 07:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 07:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 07:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 07:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 07:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 07:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 07:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 07:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 07:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013/08/22 07:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 07:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 04:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/12 19:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/09 20:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 14:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 15:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/06/18 10:46:17 | 000,591,360 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012/12/26 23:35:20 | 000,092,456 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmusa.sys -- (tmusa)
DRV:64bit: - [2012/12/07 14:33:04 | 000,094,520 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tmeevw.sys -- (tmeevw)
DRV:64bit: - [2012/10/27 03:02:10 | 000,651,832 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012/09/19 01:46:20 | 000,447,864 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2012/08/29 12:36:54 | 000,857,472 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2012/08/23 20:07:14 | 000,046,392 | ---- | M] (Trend Micro Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TMEBC64.sys -- (TMEBC)
DRV:64bit: - [2012/08/06 15:07:08 | 000,068,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:64bit: - [2012/07/27 00:18:20 | 000,034,224 | ---- | M] (Trend Micro Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\tmel.sys -- (tmel)
DRV:64bit: - [2012/07/02 19:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/06/15 01:50:46 | 000,315,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUVStor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2008/12/31 01:00:22 | 000,172,032 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2007/05/14 16:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8B 68 35 61 7D A6 CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: %7Ba3f28269-ad17-41a8-b032-3e0313ef8979%7D:1.0.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@TrendMicro.com/FFExtension: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll (Trend Micro Inc.)
FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher: C:\Users\John F\AppData\Local\Roblox\Versions\version-23a4f309f57a496c\\NPRobloxProxy.dll ()
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\John F\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\PROGRAM FILES\TREND MICRO\AMSP\MODULE\20002\7.5.1137\7.5.1137\FIREFOXEXTENSION [2014/04/11 18:32:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1137\7.5.1137\firefoxextension [2014/04/11 18:32:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22181a4d-af90-4ca3-a569-faed9118d6bc}: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2013/08/31 14:32:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{21541D23-FDA1-4bf3-8AF2-8F623BF70B07}: C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension\ [2014/04/11 18:34:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2014/03/08 03:15:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\John F\AppData\Roaming\mozilla\Extensions
[2014/06/09 22:26:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\John F\AppData\Roaming\mozilla\Firefox\Profiles\x18llnv2.default\extensions
[2014/03/08 03:16:23 | 000,957,290 | ---- | M] () (No name found) -- C:\Users\John F\AppData\Roaming\mozilla\firefox\profiles\x18llnv2.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/04/12 18:30:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/04/12 18:30:30 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\USERS\JOHN F\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X18LLNV2.DEFAULT\EXTENSIONS\{A3F28269-AD17-41A8-B032-3E0313EF8979}.XPI
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: https://www.google.com/?gws_rd=ssl
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Intel® Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel® Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Trend Micro Titanium (Enabled) = C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll
CHR - Extension: Google Docs = C:\Users\John F\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\
CHR - Extension: Google Drive = C:\Users\John F\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\John F\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_0\
CHR - Extension: YouTube = C:\Users\John F\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: TrendMicro BEP Extension = C:\Users\John F\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmiabdepfhhiieiipmeecdmeljggmfee\7.5.0.1137_0\
CHR - Extension: Google Search = C:\Users\John F\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: TrendMicro Toolbar = C:\Users\John F\AppData\Local\Google\Chrome\User Data\Default\Extensions\heoldelcflnigdllmlopiefhkkobendj\6.0.0.2030_0\
CHR - Extension: Google Wallet = C:\Users\John F\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\John F\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2013/08/22 09:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1221\1.0.1221\TmopIEPlg.dll (Trend Micro Inc.)
O2:64bit: - BHO: (TSToolbarBHO) - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
O2:64bit: - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1137\7.5.1137\TmBpIe64.dll (Trend Micro Inc.)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1221\1.0.1221\TmopIEPlg32.dll (Trend Micro Inc.)
O2 - BHO: (TSToolbarBHO) - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1137\7.5.1137\TmBpIe32.dll (Trend Micro Inc.)
O3:64bit: - HKLM\..\Toolbar: (TrendMicro Toolbar) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
O3 - HKLM\..\Toolbar: (Trend Micro Toolbar) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll (Motorola Solutions, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4:64bit: - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_4F1AF1F43665083A862D2FA853077FC7] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O8 - Extra context menu item: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O1364bit: - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 65.32.5.111 65.32.5.112
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{36ECE9FA-9DB6-4F28-90CF-BEDBD1795BB1}: DhcpNameServer = 65.32.5.111 65.32.5.112
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E65D12F1-205C-4BF0-963A-46B39414B3EC}: DhcpNameServer = 65.32.5.111 65.32.5.112
O18:64bit: - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1137\7.5.1137\TmBpIe64.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1221\1.0.1221\TmopIEPlg.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\tmtbim - No CLSID value found
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1137\7.5.1137\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1221\1.0.1221\TmopIEPlg32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtbim {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (c:\windows\syswow64\nvinit.dll) - c:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/06/09 22:50:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2014/06/09 22:49:35 | 001,016,261 | ---- | C] (Thisisu) -- C:\Users\John F\Desktop\JRT.exe
[2014/06/09 22:41:40 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\WINDOWS\SysWow64\sqlite3.dll
[2014/06/09 22:36:20 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/06/09 22:25:34 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/06/09 21:59:38 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\John F\Desktop\aswmbr.exe
[2014/06/09 21:40:29 | 000,000,000 | ---D | C] -- C:\FRST
[2014/06/09 21:35:23 | 002,080,768 | ---- | C] (Farbar) -- C:\Users\John F\Desktop\FRST64.exe
[2014/06/09 21:21:09 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\John F\Desktop\OTL.exe
[2014/06/09 21:08:00 | 000,061,016 | ---- | C] (StdLib) -- C:\WINDOWS\SysNative\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64.sys
[2014/06/09 20:12:06 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/06/09 20:07:09 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2014/06/09 20:01:46 | 000,000,000 | ---D | C] -- C:\Users\John F\AppData\Local\Programs
========== Files - Modified Within 30 Days ==========
[2014/06/09 22:56:00 | 000,000,908 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/06/09 22:49:36 | 001,016,261 | ---- | M] (Thisisu) -- C:\Users\John F\Desktop\JRT.exe
[2014/06/09 22:47:23 | 000,002,205 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/06/09 22:46:43 | 000,000,904 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/09 22:46:12 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/06/09 22:44:08 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/06/09 22:44:05 | 2457,026,559 | -HS- | M] () -- C:\hiberfil.sys
[2014/06/09 22:41:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/06/09 22:36:09 | 001,333,465 | ---- | M] () -- C:\Users\John F\Desktop\AdwCleaner.exe
[2014/06/09 21:59:38 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\John F\Desktop\aswmbr.exe
[2014/06/09 21:50:57 | 000,000,512 | ---- | M] () -- C:\Users\John F\Desktop\MBR.dat
[2014/06/09 21:35:41 | 000,024,646 | ---- | M] () -- C:\Users\John F\Desktop\farbar-recovery-scan-tool.htm
[2014/06/09 21:35:23 | 002,080,768 | ---- | M] (Farbar) -- C:\Users\John F\Desktop\FRST64.exe
[2014/06/09 21:21:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\John F\Desktop\OTL.exe
[2014/06/09 20:03:49 | 000,000,044 | ---- | M] () -- C:\Users\John F\AppData\Roaming\WB.CFG
[2014/06/09 19:59:22 | 000,001,146 | ---- | M] () -- C:\Users\John F\Desktop\Continue flvplayer Installation.lnk
[2014/06/09 12:24:20 | 000,061,016 | ---- | M] (StdLib) -- C:\WINDOWS\SysNative\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64.sys
[2014/05/19 08:00:23 | 000,001,403 | ---- | M] () -- C:\Users\John F\Desktop\uhyj7k.lnk
[2014/05/19 08:00:23 | 000,001,218 | ---- | M] () -- C:\Users\John F\Desktop\ROBLOX Studio 2013.lnk
========== Files Created - No Company Name ==========
[2014/06/09 22:36:09 | 001,333,465 | ---- | C] () -- C:\Users\John F\Desktop\AdwCleaner.exe
[2014/06/09 21:50:57 | 000,000,512 | ---- | C] () -- C:\Users\John F\Desktop\MBR.dat
[2014/06/09 21:34:36 | 000,024,646 | ---- | C] () -- C:\Users\John F\Desktop\farbar-recovery-scan-tool.htm
[2014/06/09 20:45:21 | 000,197,000 | ---- | C] () -- C:\Program Files (x86)\gtres.dll
[2014/06/09 20:03:49 | 000,000,044 | ---- | C] () -- C:\Users\John F\AppData\Roaming\WB.CFG
[2014/06/09 19:59:22 | 000,001,146 | ---- | C] () -- C:\Users\John F\Desktop\Continue flvplayer Installation.lnk
[2014/04/23 07:35:56 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014/03/18 21:05:33 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2013/10/27 14:10:50 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013/10/03 23:42:46 | 000,343,040 | ---- | C] () -- C:\WINDOWS\SysWow64\igdmd32.dll
[2013/10/03 23:42:40 | 000,180,736 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2013/10/03 23:42:38 | 000,142,848 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2013/08/31 14:26:25 | 000,000,036 | ---- | C] () -- C:\Users\John F\AppData\Local\housecall.guid.cache
[2013/08/22 11:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 11:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 10:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 03:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/21 23:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/21 19:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/21 19:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/02/20 16:33:42 | 000,000,075 | RHS- | C] () -- C:\WINDOWS\CT4CET.bin
========== ZeroAccess Check ==========
[2014/06/09 20:02:41 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/27 05:12:37 | 021,225,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/27 03:48:28 | 018,679,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 05:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 22:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 05:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 237 bytes -> C:\Users\John F\SkyDrive:ms-properties
< End of report >
How is the computer running?
Computer seems to be running just fine and the browsers are running correct no.
#10
Posted 09 June 2014 - 09:24 PM
pystryker
-
- Malware Removal
-
- 3,912 posts
Trusted Helper
Computer seems to be running just fine and the browsers are running correct no.
Hello, that's good to hear.
Let's take a look for rootkits before we run some scans for remnants.
Please download the latest version of TDSSKiller from here and save it to your Desktop.
- Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
- Put a checkmark beside loaded modules.
- A reboot will be needed to apply the changes. Do it.
- TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
- Then click on Change parameters in TDSSKiller.
- Check all boxes then click OK.
- Click the Start Scan button.
- The scan should take no longer than 2 minutes.
- If a suspicious object is detected, the default action will be Skip, click on Continue.
- If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed. - A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
#11
Posted 09 June 2014 - 09:44 PM
jfavata
- Topic Starter
-
- Member
-
- 29 posts
Member
23:33:46.0962 0x0d14 TDSS rootkit removing tool 3.0.0.39 Jun 5 2014 20:35:54
23:33:48.0315 0x0d14 ============================================================
23:33:48.0315 0x0d14 Current date / time: 2014/06/09 23:33:48.0315
23:33:48.0315 0x0d14 SystemInfo:
23:33:48.0315 0x0d14
23:33:48.0315 0x0d14 OS Version: 6.3.9600 ServicePack: 0.0
23:33:48.0315 0x0d14 Product type: Workstation
23:33:48.0315 0x0d14 ComputerName: JOHN
23:33:48.0315 0x0d14 UserName: John F
23:33:48.0315 0x0d14 Windows directory: C:\WINDOWS
23:33:48.0315 0x0d14 System windows directory: C:\WINDOWS
23:33:48.0315 0x0d14 Running under WOW64
23:33:48.0315 0x0d14 Processor architecture: Intel x64
23:33:48.0315 0x0d14 Number of processors: 8
23:33:48.0315 0x0d14 Page size: 0x1000
23:33:48.0315 0x0d14 Boot type: Normal boot
23:33:48.0315 0x0d14 ============================================================
23:33:48.0315 0x0d14 BG loaded
23:33:49.0481 0x0d14 System UUID: {EA951A83-D218-73CF-AF9E-1DB7BD7AD5B8}
23:33:52.0850 0x0d14 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:33:52.0928 0x0d14 ============================================================
23:33:52.0928 0x0d14 \Device\Harddisk0\DR0:
23:33:52.0928 0x0d14 MBR partitions:
23:33:52.0928 0x0d14 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAF000
23:33:52.0928 0x0d14 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xAF800, BlocksNum 0x74656800
23:33:52.0928 0x0d14 ============================================================
23:33:53.0006 0x0d14 C: <-> \Device\Harddisk0\DR0\Partition2
23:33:53.0006 0x0d14 ============================================================
23:33:53.0006 0x0d14 Initialize success
23:33:53.0006 0x0d14 ============================================================
23:37:08.0326 0x1768 ============================================================
23:37:08.0326 0x1768 Scan started
23:37:08.0326 0x1768 Mode: Manual; SigCheck; TDLFS;
23:37:08.0326 0x1768 ============================================================
23:37:08.0326 0x1768 KSN ping started
23:37:10.0759 0x1768 KSN ping finished: true
23:37:19.0080 0x1768 ================ Scan system memory ========================
23:37:19.0080 0x1768 System memory - ok
23:37:19.0081 0x1768 ================ Scan services =============================
23:37:19.0479 0x1768 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
23:37:19.0631 0x1768 1394ohci - ok
23:37:19.0650 0x1768 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
23:37:19.0671 0x1768 3ware - ok
23:37:19.0724 0x1768 [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
23:37:19.0748 0x1768 ACPI - ok
23:37:19.0763 0x1768 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
23:37:19.0770 0x1768 acpiex - ok
23:37:19.0783 0x1768 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
23:37:19.0816 0x1768 acpipagr - ok
23:37:19.0843 0x1768 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
23:37:19.0883 0x1768 AcpiPmi - ok
23:37:19.0897 0x1768 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
23:37:19.0921 0x1768 acpitime - ok
23:37:20.0067 0x1768 [ 09E7C37DF4A911C8A9AA8BF88ACD10AA, E881E0BBDCED58F28E0BA8DC27372EDFFFF2C57EE31CD13A032FDC9F7C831B5A ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:37:20.0101 0x1768 AdobeFlashPlayerUpdateSvc - ok
23:37:20.0137 0x1768 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
23:37:20.0175 0x1768 ADP80XX - ok
23:37:20.0214 0x1768 [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
23:37:20.0280 0x1768 AeLookupSvc - ok
23:37:20.0316 0x1768 [ 239268BAB58EAE9A3FF4E08334C00451, 13F927730DF9BAEDB3A7AB6F7238270A20E4CDEB3D5324A1C471DF2209F3D239 ] AFD C:\WINDOWS\system32\drivers\afd.sys
23:37:20.0380 0x1768 AFD - ok
23:37:20.0418 0x1768 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
23:37:20.0449 0x1768 agp440 - ok
23:37:20.0546 0x1768 [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
23:37:20.0627 0x1768 ahcache - ok
23:37:20.0651 0x1768 [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG C:\WINDOWS\System32\alg.exe
23:37:20.0711 0x1768 ALG - ok
23:37:20.0733 0x1768 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
23:37:20.0811 0x1768 AmdK8 - ok
23:37:20.0834 0x1768 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
23:37:20.0875 0x1768 AmdPPM - ok
23:37:20.0903 0x1768 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
23:37:20.0919 0x1768 amdsata - ok
23:37:20.0973 0x1768 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
23:37:21.0006 0x1768 amdsbs - ok
23:37:21.0020 0x1768 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
23:37:21.0027 0x1768 amdxata - ok
23:37:21.0183 0x1768 [ 1E7B61301E75B734BC2D60DB0E15183B, 18A06552FFBD9960061B8CC9D22186B694114026BDCD04E50FD30B812452C714 ] Amsp C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
23:37:21.0203 0x1768 Amsp - ok
23:37:21.0249 0x1768 [ B05D249879ED6B04D4C4C9C88AF2BD44, DC80CF71AD8F9E103EA8C4E8B809340D91952ED568F6EF5678488856D6837CF8 ] ApfiltrService C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
23:37:21.0290 0x1768 ApfiltrService - ok
23:37:21.0393 0x1768 [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID C:\WINDOWS\system32\drivers\appid.sys
23:37:21.0481 0x1768 AppID - ok
23:37:21.0510 0x1768 [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
23:37:21.0544 0x1768 AppIDSvc - ok
23:37:21.0662 0x1768 [ 8D6F535461F6CFF75A8ADDF83024C904, F2A97EC4A6284F28B685A3CE2D450F61E75EE8692D718A6AA352D5734BBBAD7B ] Appinfo C:\WINDOWS\System32\appinfo.dll
23:37:21.0701 0x1768 Appinfo - ok
23:37:21.0742 0x1768 [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
23:37:21.0819 0x1768 AppReadiness - ok
23:37:21.0902 0x1768 [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
23:37:21.0946 0x1768 AppXSvc - ok
23:37:21.0973 0x1768 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
23:37:21.0983 0x1768 arcsas - ok
23:37:21.0996 0x1768 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
23:37:22.0003 0x1768 atapi - ok
23:37:22.0117 0x1768 [ F83D49F4B10E813A1F9AC8B92F16592D, E7B2F508D33861A9826F2C7B2087F14F6937C9B8F660D6363F737BAC60BD4578 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
23:37:22.0428 0x1768 AudioEndpointBuilder - ok
23:37:22.0566 0x1768 [ 9A71BD2E4B8EB550D0022AFDF8616014, 34D595684624114F23265CE8031ADC9E03AD374A5AFEEBB794AC57796A3CDA2F ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
23:37:22.0610 0x1768 Audiosrv - ok
23:37:22.0663 0x1768 [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
23:37:22.0718 0x1768 AxInstSV - ok
23:37:22.0747 0x1768 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
23:37:22.0781 0x1768 b06bdrv - ok
23:37:22.0800 0x1768 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
23:37:22.0835 0x1768 BasicDisplay - ok
23:37:22.0867 0x1768 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
23:37:22.0925 0x1768 BasicRender - ok
23:37:22.0945 0x1768 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
23:37:22.0958 0x1768 bcmfn2 - ok
23:37:23.0002 0x1768 [ 5BD3A2351BEFCAC8757626271F8EFA89, 6508673210129CF7EFCA93EC7874208FAD361E37814EB4FE9E0EC034E73D5F16 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
23:37:23.0075 0x1768 BDESVC - ok
23:37:23.0119 0x1768 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys
23:37:23.0192 0x1768 Beep - ok
23:37:23.0430 0x1768 [ BBE15881FE11BE37112F8320C41DAFB9, 5CE92563628812FF6E00556D8E2DAD6ADCAAF0F4C3B90123F1D98ED6E3BB6DAD ] BFE C:\WINDOWS\System32\bfe.dll
23:37:23.0512 0x1768 BFE - ok
23:37:23.0603 0x1768 [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS C:\WINDOWS\System32\qmgr.dll
23:37:23.0661 0x1768 BITS - ok
23:37:23.0790 0x1768 [ 13C358D27CBFAF537FA7CA48B9052CF3, BC6AD061DA6B348774E9B65750C986F43148B78E8F97CCBE9AA99EA7D8759620 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
23:37:23.0815 0x1768 Bluetooth Device Monitor - ok
23:37:23.0837 0x1768 [ 7525C93645FDA8E9D8F677FEA833798A, 9878B88C57119580EF1F5D1DF93C62A3CFFFD0AC4E764D9AC05C727D0D1B2EED ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
23:37:23.0858 0x1768 Bluetooth OBEX Service - ok
23:37:23.0895 0x1768 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
23:37:23.0939 0x1768 bowser - ok
23:37:23.0976 0x1768 [ F2559A492AF8D653D1F47ADABA4C3E97, 77347915FB433023769699DFC9511F54E69C7FC7AB75F57FDC1A58E64A7126DE ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
23:37:24.0035 0x1768 BrokerInfrastructure - ok
23:37:24.0068 0x1768 [ D528D6A92D187777691993DD757AF19A, 2C79978310193431E5FC462368424A172858D5351C92D4815C2A7E35B5DDE50C ] Browser C:\WINDOWS\System32\browser.dll
23:37:24.0107 0x1768 Browser - ok
23:37:24.0289 0x1768 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
23:37:24.0421 0x1768 BthAvrcpTg - ok
23:37:24.0439 0x1768 [ 131F1C8573E7BFB41C54FBF5309CCD94, DAFE51E3BADBD82A33B580F212B2D6520A120877C23F6D675521FEA2F4BA5A1F ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys
23:37:24.0485 0x1768 BthEnum - ok
23:37:24.0501 0x1768 [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
23:37:24.0536 0x1768 BthHFEnum - ok
23:37:24.0552 0x1768 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
23:37:24.0587 0x1768 bthhfhid - ok
23:37:24.0708 0x1768 [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\WINDOWS\System32\drivers\BthLEEnum.sys
23:37:24.0756 0x1768 BthLEEnum - ok
23:37:24.0770 0x1768 [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
23:37:24.0801 0x1768 BTHMODEM - ok
23:37:24.0823 0x1768 [ 3AFE71D80EDF5D4DE0C5731352905669, 3E370169B8C5D301954D1F1DA302F7A0DB2A034990E10B3D64458C48E5693205 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
23:37:24.0871 0x1768 BthPan - ok
23:37:25.0002 0x1768 [ AB8CD3914AD779C15B27DDD9F53F7434, 6E9911C146A038192B95916387FA9D94D952BEFE158E6CBA44F1500A304221A3 ] BTHPORT C:\WINDOWS\System32\Drivers\BTHport.sys
23:37:25.0038 0x1768 BTHPORT - ok
23:37:25.0078 0x1768 [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv C:\WINDOWS\system32\bthserv.dll
23:37:25.0110 0x1768 bthserv - ok
23:37:25.0177 0x1768 [ 23E75BED9076F856B36F5F934BBD5795, CCEB72B788522B7D52A6C07646005EBC68F9599D3714ECACF3A194CA47A1BE85 ] BTHUSB C:\WINDOWS\System32\Drivers\BTHUSB.sys
23:37:25.0227 0x1768 BTHUSB - ok
23:37:25.0296 0x1768 [ 76D0DDD58A773CA1BFB4D30AAE03517A, E631CAAEEA5D1F632FF0A60F4466664A6FD9DA19F4A28A379294D8E6690ADAD9 ] btmhsf C:\WINDOWS\system32\DRIVERS\btmhsf.sys
23:37:25.0323 0x1768 btmhsf - ok
23:37:25.0341 0x1768 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
23:37:25.0361 0x1768 cdfs - ok
23:37:25.0378 0x1768 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
23:37:25.0401 0x1768 cdrom - ok
23:37:25.0419 0x1768 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
23:37:25.0495 0x1768 CertPropSvc - ok
23:37:25.0532 0x1768 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
23:37:25.0555 0x1768 circlass - ok
23:37:25.0601 0x1768 [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
23:37:25.0621 0x1768 CLFS - ok
23:37:25.0652 0x1768 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
23:37:25.0671 0x1768 CmBatt - ok
23:37:25.0704 0x1768 [ 4627C1FBF2802425A408A2D2AF28CF85, 8B91C1BE1104BE93C0D689A20315FD106D89A076267493319B104EE73A90CDCB ] CNG C:\WINDOWS\system32\Drivers\cng.sys
23:37:25.0723 0x1768 CNG - ok
23:37:25.0737 0x1768 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
23:37:25.0759 0x1768 CompositeBus - ok
23:37:25.0762 0x1768 COMSysApp - ok
23:37:25.0773 0x1768 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys
23:37:25.0801 0x1768 condrv - ok
23:37:25.0843 0x1768 [ 034643AFE2973A175E782AE530A0683C, C488572B971144D8A10F6EC8480175868913942896144D38BF49E3D8D1BC54F3 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
23:37:25.0950 0x1768 cphs - ok
23:37:25.0978 0x1768 [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
23:37:26.0035 0x1768 CryptSvc - ok
23:37:26.0068 0x1768 [ FC1F55BA03832FBB0DAF965F746C47BB, 9871EABD0BE909C6AD85375F8270A3622BB0BE243B4BBFA86D487D1F56D94F7C ] CtClsFlt C:\WINDOWS\system32\DRIVERS\CtClsFlt.sys
23:37:26.0119 0x1768 CtClsFlt - ok
23:37:26.0139 0x1768 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\WINDOWS\system32\drivers\dam.sys
23:37:26.0159 0x1768 dam - ok
23:37:26.0346 0x1768 [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
23:37:26.0389 0x1768 DcomLaunch - ok
23:37:26.0520 0x1768 [ 78089FCDE082FD4FA471C30A7C2DC736, C4816D7125C39290C3B0B1F580CEE8BB7FFC004F727EA9E9767671D3EDB946AE ] defragsvc C:\WINDOWS\System32\defragsvc.dll
23:37:26.0577 0x1768 defragsvc - ok
23:37:26.0616 0x1768 [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\WINDOWS\system32\das.dll
23:37:26.0663 0x1768 DeviceAssociationService - ok
23:37:26.0692 0x1768 [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
23:37:26.0732 0x1768 DeviceInstall - ok
23:37:26.0751 0x1768 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
23:37:26.0792 0x1768 Dfsc - ok
23:37:26.0819 0x1768 [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
23:37:26.0901 0x1768 dg_ssudbus - ok
23:37:26.0940 0x1768 [ 8B107F55FD61654A6C9F1B819AEC5FC4, 773B1B9D3583F17B7C89BDE1EC4487ABB0AE039DF4583F8746460425443DA291 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
23:37:27.0008 0x1768 Dhcp - ok
23:37:27.0035 0x1768 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\WINDOWS\system32\drivers\disk.sys
23:37:27.0049 0x1768 disk - ok
23:37:27.0081 0x1768 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
23:37:27.0122 0x1768 dmvsc - ok
23:37:27.0154 0x1768 [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
23:37:27.0200 0x1768 Dnscache - ok
23:37:27.0239 0x1768 [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc C:\WINDOWS\System32\dot3svc.dll
23:37:27.0284 0x1768 dot3svc - ok
23:37:27.0303 0x1768 [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS C:\WINDOWS\system32\dps.dll
23:37:27.0364 0x1768 DPS - ok
23:37:27.0387 0x1768 [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
23:37:27.0394 0x1768 drmkaud - ok
23:37:27.0416 0x1768 [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
23:37:27.0442 0x1768 DsmSvc - ok
23:37:27.0525 0x1768 [ C7D252742946DD395670649742FBD73D, 333CC984CF318D36EA8C5867077A1732A214445EB6B7CF7AC2E8F1C8259CD9C7 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
23:37:27.0565 0x1768 DXGKrnl - ok
23:37:27.0595 0x1768 [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost C:\WINDOWS\System32\eapsvc.dll
23:37:27.0646 0x1768 Eaphost - ok
23:37:27.0799 0x1768 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
23:37:27.0917 0x1768 ebdrv - ok
23:37:27.0958 0x1768 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS C:\WINDOWS\System32\lsass.exe
23:37:27.0965 0x1768 EFS - ok
23:37:27.0971 0x1768 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
23:37:27.0997 0x1768 EhStorClass - ok
23:37:28.0010 0x1768 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
23:37:28.0020 0x1768 EhStorTcgDrv - ok
23:37:28.0036 0x1768 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
23:37:28.0058 0x1768 ErrDev - ok
23:37:28.0106 0x1768 [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem C:\WINDOWS\system32\es.dll
23:37:28.0166 0x1768 EventSystem - ok
23:37:28.0182 0x1768 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
23:37:28.0208 0x1768 exfat - ok
23:37:28.0226 0x1768 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
23:37:28.0238 0x1768 fastfat - ok
23:37:28.0275 0x1768 [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax C:\WINDOWS\system32\fxssvc.exe
23:37:28.0322 0x1768 Fax - ok
23:37:28.0337 0x1768 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
23:37:28.0355 0x1768 fdc - ok
23:37:28.0385 0x1768 [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost C:\WINDOWS\system32\fdPHost.dll
23:37:28.0409 0x1768 fdPHost - ok
23:37:28.0412 0x1768 [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub C:\WINDOWS\system32\fdrespub.dll
23:37:28.0436 0x1768 FDResPub - ok
23:37:28.0452 0x1768 [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc C:\WINDOWS\system32\fhsvc.dll
23:37:28.0488 0x1768 fhsvc - ok
23:37:28.0534 0x1768 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
23:37:28.0554 0x1768 FileInfo - ok
23:37:28.0571 0x1768 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
23:37:28.0598 0x1768 Filetrace - ok
23:37:28.0613 0x1768 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
23:37:28.0629 0x1768 flpydisk - ok
23:37:28.0663 0x1768 [ 46D1DF775FFF14585218BBE16E5B2C9A, F39EF615B18CEC7BA3F68C7639B636C06812AD9DBEDE90EB7B2C04C64396FC9E ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
23:37:28.0678 0x1768 FltMgr - ok
23:37:28.0728 0x1768 [ 183CA7699474FDE235853967D1DA4D9B, 8FBD5997F1E39AFFD8C4322520DF4D2227279B5149017D825C188D7411BA99AF ] FontCache C:\WINDOWS\system32\FntCache.dll
23:37:28.0855 0x1768 FontCache - ok
23:37:28.0992 0x1768 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:37:29.0023 0x1768 FontCache3.0.0.0 - ok
23:37:29.0044 0x1768 [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
23:37:29.0063 0x1768 FsDepends - ok
23:37:29.0081 0x1768 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:37:29.0090 0x1768 Fs_Rec - ok
23:37:29.0133 0x1768 [ B2BD017231836DA9F63F41E3A075D73E, 31B1DD677FE8B4F90B8AB5A131DA0105439AC2D91BC0CEDC972D2D87E595A686 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
23:37:29.0181 0x1768 fvevol - ok
23:37:29.0193 0x1768 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
23:37:29.0202 0x1768 FxPPM - ok
23:37:29.0211 0x1768 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
23:37:29.0219 0x1768 gagp30kx - ok
23:37:29.0250 0x1768 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
23:37:29.0273 0x1768 gencounter - ok
23:37:29.0300 0x1768 [ EF3AE7773394DF49CE74AF78A1C8D23D, CB12FF004C460A89F12AFF2467512B479A07CA10D4280CD4E624A5A9CDAB9C1B ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
23:37:29.0311 0x1768 GPIOClx0101 - ok
23:37:29.0381 0x1768 [ 58C11DCCC6241CC13861A559E31A69F0, 78B38BBC362C9209B06849CC79301EC595AFCE3E2BDE402A0B1F2725D3EDEFA3 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
23:37:29.0427 0x1768 gpsvc - ok
23:37:29.0485 0x1768 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:37:29.0498 0x1768 gupdate - ok
23:37:29.0504 0x1768 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:37:29.0512 0x1768 gupdatem - ok
23:37:29.0563 0x1768 [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
23:37:29.0596 0x1768 HdAudAddService - ok
23:37:29.0617 0x1768 [ 03909BDBFF0DCACCABF2B2D4ADEE44DC, 42E631B23BB004F5C2128BAD334C21AB20FAD08AFED9E8191AE9373531BC73DD ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
23:37:29.0643 0x1768 HDAudBus - ok
23:37:29.0663 0x1768 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
23:37:29.0677 0x1768 HidBatt - ok
23:37:29.0699 0x1768 [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
23:37:29.0894 0x1768 HidBth - ok
23:37:29.0978 0x1768 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
23:37:30.0022 0x1768 hidi2c - ok
23:37:30.0042 0x1768 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
23:37:30.0063 0x1768 HidIr - ok
23:37:30.0092 0x1768 [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv C:\WINDOWS\system32\hidserv.dll
23:37:30.0113 0x1768 hidserv - ok
23:37:30.0137 0x1768 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
23:37:30.0181 0x1768 HidUsb - ok
23:37:30.0211 0x1768 [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
23:37:30.0241 0x1768 hkmsvc - ok
23:37:30.0262 0x1768 [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
23:37:30.0303 0x1768 HomeGroupListener - ok
23:37:30.0333 0x1768 [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
23:37:30.0365 0x1768 HomeGroupProvider - ok
23:37:30.0373 0x1768 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
23:37:30.0381 0x1768 HpSAMD - ok
23:37:30.0412 0x1768 [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
23:37:30.0441 0x1768 HTTP - ok
23:37:30.0470 0x1768 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
23:37:30.0490 0x1768 hwpolicy - ok
23:37:30.0544 0x1768 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
23:37:30.0579 0x1768 hyperkbd - ok
23:37:30.0602 0x1768 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
23:37:30.0621 0x1768 HyperVideo - ok
23:37:30.0650 0x1768 [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
23:37:30.0689 0x1768 i8042prt - ok
23:37:30.0705 0x1768 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
23:37:30.0711 0x1768 iaLPSSi_GPIO - ok
23:37:30.0725 0x1768 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
23:37:30.0733 0x1768 iaLPSSi_I2C - ok
23:37:30.0765 0x1768 [ 459016E8A4FA6426EDB5A9456A6E5E58, 92B73EE5559ABD8783EC5AF8A2B6EBDE0D937745B4BEDBEA6DF06DD8606AE56C ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
23:37:30.0779 0x1768 iaStorA - ok
23:37:30.0852 0x1768 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
23:37:30.0883 0x1768 iaStorAV - ok
23:37:30.0908 0x1768 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
23:37:30.0926 0x1768 iaStorV - ok
23:37:30.0956 0x1768 [ C430482AC892D52CED021EDDD4D368A2, C54C12EAC14F40BE3E7D7159F8876A664D00CA928000E25306071D28B52EA33A ] iBtFltCoex C:\WINDOWS\system32\DRIVERS\iBtFltCoex.sys
23:37:30.0970 0x1768 iBtFltCoex - ok
23:37:31.0106 0x1768 [ ABEFA4BD23329FD9BD47496BF2E58774, 9689D4C6380735EE1CC7F480696CDDC229E0FA511942AC813314D353584D82DD ] IconMan_R C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
23:37:31.0153 0x1768 IconMan_R - detected UnsignedFile.Multi.Generic ( 1 )
23:37:33.0698 0x1768 Detect skipped due to KSN trusted
23:37:33.0699 0x1768 IconMan_R - ok
23:37:33.0705 0x1768 IEEtwCollectorService - ok
23:37:33.0881 0x1768 [ 7A5A61997B5404C8EDDFCC62378164DC, C2BCA8A2AA2DFCCF3489FC7F0F366ABBDC8606CFC6397CD7B17C8CD4A28DD17F ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
23:37:34.0019 0x1768 igfx - ok
23:37:34.0151 0x1768 [ CFE7F0267B0C3077042FF291949B5546, 7B8C432632D0210119BFF57D4994F2B8F75307A9D6867353AF93BBA3F561595B ] IKEEXT C:\WINDOWS\System32\ikeext.dll
23:37:34.0203 0x1768 IKEEXT - ok
23:37:34.0221 0x1768 [ 4011430BC9DA46ADFAE9915EFEC312FB, 925DDDA187AE7C46C94FBBFA18FC602260957B6BA891D65DFC09385B6DDEAB58 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
23:37:34.0232 0x1768 intaud_WaveExtensible - ok
23:37:34.0407 0x1768 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
23:37:34.0875 0x1768 Intel® Capability Licensing Service Interface - ok
23:37:34.0914 0x1768 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
23:37:34.0933 0x1768 intelide - ok
23:37:34.0953 0x1768 [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
23:37:34.0970 0x1768 intelpep - ok
23:37:34.0996 0x1768 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
23:37:35.0022 0x1768 intelppm - ok
23:37:35.0034 0x1768 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:37:35.0055 0x1768 IpFilterDriver - ok
23:37:35.0114 0x1768 [ DFC4050D58565ADBEE793A8D4AEBDAE6, 89B900408F030CD45753A11D6AE6CBAB87E8B0E3F8401402D2D8713C045BF488 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
23:37:35.0170 0x1768 iphlpsvc - ok
23:37:35.0200 0x1768 [ FD9C9E9E3F0ED51502C7E8C066BE26B9, 290E74380F1543DD22C9F3821513B3E2FB42E995724238D8779CBBCB4FC386C8 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
23:37:35.0242 0x1768 IPMIDRV - ok
23:37:35.0269 0x1768 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
23:37:35.0306 0x1768 IPNAT - ok
23:37:35.0334 0x1768 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
23:37:35.0603 0x1768 IRENUM - ok
23:37:35.0634 0x1768 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
23:37:35.0664 0x1768 isapnp - ok
23:37:35.0760 0x1768 [ 034D4BD9DC67C64F3A4C8A049B5173BF, C68AF5A5AD4092AA1C871BD38473AEF84EC3ECF4D06FBEB5F6C09972EF1B8A81 ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
23:37:35.0780 0x1768 iScsiPrt - ok
23:37:35.0809 0x1768 [ EE03564B7FAFE2E44EDA33D52E83B4A3, 53C917EEC92B813EB0C86B225E9887C9CDFDD7708AEA71BFAC0A3039E26D7BEB ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
23:37:35.0823 0x1768 iwdbus - ok
23:37:35.0863 0x1768 [ 78ABBE558F57144047F10A0F50FE4B2F, 6BE608F7697D83FD6C7E6EA422AC5637933BDC96B1044C12DE9A419CE7D6F6CE ] jhi_service C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
23:37:35.0882 0x1768 jhi_service - ok
23:37:35.0908 0x1768 [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
23:37:35.0917 0x1768 kbdclass - ok
23:37:36.0005 0x1768 [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
23:37:36.0240 0x1768 kbdhid - ok
23:37:36.0259 0x1768 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
23:37:36.0303 0x1768 kdnic - ok
23:37:36.0324 0x1768 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso C:\WINDOWS\system32\lsass.exe
23:37:36.0336 0x1768 KeyIso - ok
23:37:36.0358 0x1768 [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
23:37:36.0366 0x1768 KSecDD - ok
23:37:36.0394 0x1768 [ F88CC88F4A6D8476F1664E805CA18CC2, 2C61EE5EEA4FD45AA3FA927CC16E34EF90BD44324EAB14198AF65C3A27617991 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
23:37:36.0404 0x1768 KSecPkg - ok
23:37:36.0416 0x1768 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
23:37:36.0425 0x1768 ksthunk - ok
23:37:36.0455 0x1768 [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
23:37:36.0481 0x1768 KtmRm - ok
23:37:36.0505 0x1768 [ 27B58E16CF895AC1F1A97C04814C2239, D4336155331DDBF91952CDC6C446C68FF524F979099BA8D9B3A578758F97B2BE ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
23:37:36.0538 0x1768 LanmanServer - ok
23:37:36.0578 0x1768 [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
23:37:36.0610 0x1768 LanmanWorkstation - ok
23:37:36.0655 0x1768 [ EE289BD147FDFF95EF1B9BD65D3B974A, EFD9D0F6C73E7D2D52DBE2E2A8D3009BFB6AB24776A100CA528A8365002C6105 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
23:37:36.0704 0x1768 lfsvc - ok
23:37:36.0734 0x1768 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
23:37:36.0759 0x1768 lltdio - ok
23:37:36.0789 0x1768 [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
23:37:36.0803 0x1768 lltdsvc - ok
23:37:36.0829 0x1768 [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
23:37:36.0848 0x1768 lmhosts - ok
23:37:36.0871 0x1768 [ 2C24DC448DBE8DB9BE1441B824C57E79, DA2257EEC964A47D03C2BB13317FD788E51D4685E2395B303ED7B2575FEF3B19 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
23:37:36.0880 0x1768 LMS - ok
23:37:37.0142 0x1768 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
23:37:37.0437 0x1768 LSI_SAS - ok
23:37:37.0672 0x1768 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
23:37:37.0782 0x1768 LSI_SAS2 - ok
23:37:37.0827 0x1768 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
23:37:37.0854 0x1768 LSI_SAS3 - ok
23:37:37.0877 0x1768 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
23:37:37.0889 0x1768 LSI_SSS - ok
23:37:37.0944 0x1768 [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM C:\WINDOWS\System32\lsm.dll
23:37:37.0995 0x1768 LSM - ok
23:37:38.0040 0x1768 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
23:37:38.0135 0x1768 luafv - ok
23:37:38.0162 0x1768 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys
23:37:38.0181 0x1768 megasas - ok
23:37:38.0227 0x1768 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
23:37:38.0260 0x1768 megasr - ok
23:37:38.0278 0x1768 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
23:37:38.0284 0x1768 MEIx64 - ok
23:37:38.0315 0x1768 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS C:\WINDOWS\system32\mmcss.dll
23:37:38.0353 0x1768 MMCSS - ok
23:37:38.0366 0x1768 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys
23:37:38.0385 0x1768 Modem - ok
23:37:38.0399 0x1768 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
23:37:38.0425 0x1768 monitor - ok
23:37:38.0443 0x1768 [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
23:37:38.0450 0x1768 mouclass - ok
23:37:38.0469 0x1768 [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
23:37:38.0495 0x1768 mouhid - ok
23:37:38.0515 0x1768 [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
23:37:38.0524 0x1768 mountmgr - ok
23:37:38.0575 0x1768 [ AEE4E9CC59CDEB55B1ECB0E596E796BE, 674F6F38D86D238AFD6223E03A862F8B43DD8499FBC2D4B7A04E510EC5EACF3B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:37:38.0598 0x1768 MozillaMaintenance - ok
23:37:38.0606 0x1768 [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
23:37:38.0636 0x1768 mpsdrv - ok
23:37:38.0683 0x1768 [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
23:37:38.0721 0x1768 MpsSvc - ok
23:37:38.0766 0x1768 [ 1D55DADC22D21883A2F80297F5A5AE48, B79DF4AFC2A9CBC54E74233596544D6E41C8CAA0516BD57CA695D051EC780265 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
23:37:38.0802 0x1768 MRxDAV - ok
23:37:38.0826 0x1768 [ C997E6A37BA8915224B3FB5024A34F69, 43E1B83072DF9E878151D276DDB6EB7B3801D72494C43E9B9ABECA4B2DCFD606 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:37:38.0842 0x1768 mrxsmb - ok
23:37:38.0861 0x1768 [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
23:37:38.0926 0x1768 mrxsmb10 - ok
23:37:38.0961 0x1768 [ AAF56E4E84D35411B4E446C445732DFE, 7AC41CAA0842AE4DA4EEF976202C58D7923DAA367F0D7E800D432323D5E7DE1A ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
23:37:39.0010 0x1768 mrxsmb20 - ok
23:37:39.0027 0x1768 [ 4E888019078AC363076A5433E89AA4F8, 3DEBDA290230B3E83F956C902C960E39463B7EFE86439199521356762769FD91 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
23:37:39.0060 0x1768 MsBridge - ok
23:37:39.0091 0x1768 [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC C:\WINDOWS\System32\msdtc.exe
23:37:39.0102 0x1768 MSDTC - ok
23:37:39.0136 0x1768 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
23:37:39.0146 0x1768 Msfs - ok
23:37:39.0163 0x1768 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
23:37:39.0171 0x1768 msgpiowin32 - ok
23:37:39.0185 0x1768 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
23:37:39.0192 0x1768 mshidkmdf - ok
23:37:39.0200 0x1768 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
23:37:39.0227 0x1768 mshidumdf - ok
23:37:39.0266 0x1768 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
23:37:39.0273 0x1768 msisadrv - ok
23:37:39.0313 0x1768 [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
23:37:39.0341 0x1768 MSiSCSI - ok
23:37:39.0344 0x1768 msiserver - ok
23:37:39.0361 0x1768 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
23:37:39.0386 0x1768 MSKSSRV - ok
23:37:39.0408 0x1768 [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
23:37:39.0431 0x1768 MsLldp - ok
23:37:39.0434 0x1768 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
23:37:39.0443 0x1768 MSPCLOCK - ok
23:37:39.0446 0x1768 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
23:37:39.0456 0x1768 MSPQM - ok
23:37:39.0465 0x1768 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
23:37:39.0479 0x1768 MsRPC - ok
23:37:39.0492 0x1768 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
23:37:39.0500 0x1768 mssmbios - ok
23:37:39.0518 0x1768 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
23:37:39.0525 0x1768 MSTEE - ok
23:37:39.0542 0x1768 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
23:37:39.0558 0x1768 MTConfig - ok
23:37:39.0574 0x1768 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\WINDOWS\system32\Drivers\mup.sys
23:37:39.0582 0x1768 Mup - ok
23:37:39.0596 0x1768 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
23:37:39.0605 0x1768 mvumis - ok
23:37:39.0648 0x1768 [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent C:\WINDOWS\system32\qagentRT.dll
23:37:39.0666 0x1768 napagent - ok
23:37:39.0786 0x1768 [ 647C7652FA19F98CADF2BFDA2164BFEC, 711A4A06309393922A70D7FBE5684938CD634F5DED158D847BFADDD5ACF9E44C ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
23:37:39.0845 0x1768 NativeWifiP - ok
23:37:40.0039 0x1768 [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
23:37:40.0086 0x1768 NcaSvc - ok
23:37:40.0106 0x1768 [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService C:\WINDOWS\System32\ncbservice.dll
23:37:40.0164 0x1768 NcbService - ok
23:37:40.0178 0x1768 [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
23:37:40.0244 0x1768 NcdAutoSetup - ok
23:37:40.0320 0x1768 [ F21B77B4D74092A543807D3CEB711A88, 5C3C17A10E990070FAB317C0C5333DE768E408CAF43EC4FA9D18116C6EE3B3DC ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
23:37:40.0352 0x1768 NDIS - ok
23:37:40.0373 0x1768 [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
23:37:40.0424 0x1768 NdisCap - ok
23:37:40.0448 0x1768 [ 9F1DA20E943BE7AA4ED5F3E1EBA78B37, CCD99962917BBE256F64AE14CCC9FD12433C72B5DB98E0E57CA8F212A11B3C8F ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
23:37:40.0480 0x1768 NdisImPlatform - ok
23:37:40.0507 0x1768 [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:37:40.0535 0x1768 NdisTapi - ok
23:37:40.0550 0x1768 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
23:37:40.0574 0x1768 Ndisuio - ok
23:37:40.0594 0x1768 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
23:37:40.0616 0x1768 NdisVirtualBus - ok
23:37:40.0640 0x1768 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:37:40.0671 0x1768 NdisWan - ok
23:37:40.0679 0x1768 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:37:40.0692 0x1768 NdisWanLegacy - ok
23:37:40.0713 0x1768 [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
23:37:40.0737 0x1768 NDProxy - ok
23:37:40.0754 0x1768 [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
23:37:40.0781 0x1768 Ndu - ok
23:37:40.0784 0x1768 [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
23:37:40.0801 0x1768 NetBIOS - ok
23:37:40.0808 0x1768 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
23:37:40.0826 0x1768 NetBT - ok
23:37:40.0850 0x1768 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon C:\WINDOWS\system32\lsass.exe
23:37:40.0857 0x1768 Netlogon - ok
23:37:40.0919 0x1768 [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman C:\WINDOWS\System32\netman.dll
23:37:40.0957 0x1768 Netman - ok
23:37:40.0989 0x1768 [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
23:37:41.0025 0x1768 netprofm - ok
23:37:41.0116 0x1768 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:37:41.0181 0x1768 NetTcpPortSharing - ok
23:37:41.0196 0x1768 [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc C:\WINDOWS\system32\DRIVERS\netvsc63.sys
23:37:41.0208 0x1768 netvsc - ok
23:37:41.0344 0x1768 [ 75B9B86878CC159FBC40C4F9202ADBE3, 80D9176112BAFB42E6568E723781E5C03BD5472AB382496C1BD784DB9B2FB6E6 ] NETwNe64 C:\WINDOWS\system32\DRIVERS\NETwew00.sys
23:37:41.0427 0x1768 NETwNe64 - ok
23:37:41.0489 0x1768 [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
23:37:41.0533 0x1768 NlaSvc - ok
23:37:41.0547 0x1768 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
23:37:41.0559 0x1768 Npfs - ok
23:37:41.0582 0x1768 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
23:37:41.0608 0x1768 npsvctrig - ok
23:37:41.0612 0x1768 [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi C:\WINDOWS\system32\nsisvc.dll
23:37:41.0634 0x1768 nsi - ok
23:37:41.0638 0x1768 [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
23:37:41.0650 0x1768 nsiproxy - ok
23:37:41.0719 0x1768 [ 1C80517BE6836A812F6A9B99B8321351, 7DBED4633820E201C9C242D961EF6F25BA2B1D5593BA60F707CC71A4014C2D4B ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
23:37:41.0772 0x1768 Ntfs - ok
23:37:41.0791 0x1768 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys
23:37:41.0810 0x1768 Null - ok
23:37:42.0544 0x1768 [ 9B93CC9C70EDE60A9C486E7719DB9E8D, 8E31BE72797D3308D8AF136E9F4C6199BCF4592F88E9FEB361752FF768225EC9 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
23:37:42.0886 0x1768 nvlddmkm - ok
23:37:42.0927 0x1768 [ F76296368BB813E0C6996501A3271C7C, FA1C127F881C09C5066CB83A686AFD7A40D731922185EA4001A52ABA230FD812 ] nvpciflt C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
23:37:42.0951 0x1768 nvpciflt - ok
23:37:42.0990 0x1768 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
23:37:43.0031 0x1768 nvraid - ok
23:37:43.0053 0x1768 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
23:37:43.0078 0x1768 nvstor - ok
23:37:43.0213 0x1768 [ FB50E60564ED30DDC855F0CE435C8467, C9A56D74F58739B8A069336FF5456FC5F3CE89371B8CFE8144B8D06A9C79C6AB ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
23:37:43.0232 0x1768 nvsvc - ok
23:37:43.0314 0x1768 [ 7591C54361CE812997CF0A814AC41AEF, 95736166FB359375509B62BD2144783AE7B67D26147B8BD2D90D9844EE4878A7 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
23:37:43.0345 0x1768 nvUpdatusService - ok
23:37:43.0364 0x1768 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
23:37:43.0384 0x1768 nv_agp - ok
23:37:43.0434 0x1768 [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
23:37:43.0477 0x1768 p2pimsvc - ok
23:37:43.0609 0x1768 [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc C:\WINDOWS\system32\p2psvc.dll
23:37:43.0664 0x1768 p2psvc - ok
23:37:43.0683 0x1768 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys
23:37:43.0740 0x1768 Parport - ok
23:37:43.0757 0x1768 [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
23:37:43.0777 0x1768 partmgr - ok
23:37:43.0820 0x1768 [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
23:37:43.0857 0x1768 PcaSvc - ok
23:37:43.0897 0x1768 [ 275AFE3FA35E8D78BE97695DF49817C6, 447CEBB16285AE073B4251D2DA71399306EF2DCB7F56286ABE2F0BD6C83EB489 ] pci C:\WINDOWS\system32\drivers\pci.sys
23:37:43.0911 0x1768 pci - ok
23:37:43.0924 0x1768 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
23:37:43.0932 0x1768 pciide - ok
23:37:43.0949 0x1768 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
23:37:43.0959 0x1768 pcmcia - ok
23:37:43.0961 0x1768 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
23:37:43.0969 0x1768 pcw - ok
23:37:43.0994 0x1768 [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
23:37:44.0003 0x1768 pdc - ok
23:37:44.0047 0x1768 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
23:37:44.0097 0x1768 PEAUTH - ok
23:37:44.0163 0x1768 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
23:37:44.0232 0x1768 PerfHost - ok
23:37:44.0376 0x1768 [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla C:\WINDOWS\system32\pla.dll
23:37:44.0484 0x1768 pla - ok
23:37:44.0578 0x1768 [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
23:37:44.0592 0x1768 PlugPlay - ok
23:37:44.0618 0x1768 [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
23:37:44.0656 0x1768 PNRPAutoReg - ok
23:37:44.0680 0x1768 [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
23:37:44.0694 0x1768 PNRPsvc - ok
23:37:44.0792 0x1768 [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
23:37:44.0853 0x1768 PolicyAgent - ok
23:37:44.0884 0x1768 [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power C:\WINDOWS\system32\umpo.dll
23:37:44.0934 0x1768 Power - ok
23:37:45.0390 0x1768 [ B7DB57A000D46D4DE75BC0C563E58072, 8183EB09DC4D44DFF027CA0AAA8C09921A14F088C1BC427B6ACA42340AAF69E6 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
23:37:45.0678 0x1768 PrintNotify - ok
23:37:45.0712 0x1768 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys
23:37:45.0736 0x1768 Processor - ok
23:37:45.0778 0x1768 [ B2A890D96C05E33FDD2BF3F3D4D0DF92, 3A29E17424429A5654D906E420D938148F09F57457356EFA72DA003B73F2D81E ] ProfSvc C:\WINDOWS\system32\profsvc.dll
23:37:45.0827 0x1768 ProfSvc - ok
23:37:45.0860 0x1768 [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
23:37:45.0887 0x1768 Psched - ok
23:37:45.0922 0x1768 [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE C:\WINDOWS\system32\qwave.dll
23:37:45.0972 0x1768 QWAVE - ok
23:37:45.0987 0x1768 [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
23:37:46.0014 0x1768 QWAVEdrv - ok
23:37:46.0035 0x1768 [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:37:46.0049 0x1768 RasAcd - ok
23:37:46.0082 0x1768 [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto C:\WINDOWS\System32\rasauto.dll
23:37:46.0100 0x1768 RasAuto - ok
23:37:46.0230 0x1768 [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan C:\WINDOWS\System32\rasmans.dll
23:37:46.0282 0x1768 RasMan - ok
23:37:46.0303 0x1768 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:37:46.0334 0x1768 RasPppoe - ok
23:37:46.0370 0x1768 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:37:46.0405 0x1768 rdbss - ok
23:37:46.0433 0x1768 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
23:37:46.0478 0x1768 rdpbus - ok
23:37:46.0508 0x1768 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
23:37:46.0537 0x1768 RDPDR - ok
23:37:46.0550 0x1768 [ 858776908AF838E3790F3261B799CDA6, 5BE4658540382D1B2F46E503CE175D74E3870FE492B8B8F37C3CFB34FF8E2DA8 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
23:37:46.0557 0x1768 RdpVideoMiniport - ok
23:37:46.0585 0x1768 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
23:37:46.0598 0x1768 rdyboost - ok
23:37:46.0693 0x1768 [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
23:37:46.0727 0x1768 ReFS - ok
23:37:46.0752 0x1768 [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
23:37:46.0793 0x1768 RemoteAccess - ok
23:37:46.0826 0x1768 [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
23:37:46.0855 0x1768 RemoteRegistry - ok
23:37:46.0893 0x1768 [ 0527EF6E23B9FAB37DDCBC479C6CFA28, C004CE600074AC434F8B24A3383F8C0ACFA5476D9E3B1493B40911C78B028D64 ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys
23:37:46.0919 0x1768 RFCOMM - ok
23:37:46.0942 0x1768 [ 7B04C9843921AB1F695FB395422C5360, C9B02BE0384357FD242613C2A12029B45322AF9A795CD69F33500CA7530899A7 ] RimUsb C:\WINDOWS\System32\Drivers\RimUsb_AMD64.sys
23:37:46.0969 0x1768 RimUsb - ok
23:37:46.0995 0x1768 [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
23:37:47.0022 0x1768 RpcEptMapper - ok
23:37:47.0046 0x1768 [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator C:\WINDOWS\system32\locator.exe
23:37:47.0065 0x1768 RpcLocator - ok
23:37:47.0116 0x1768 [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs C:\WINDOWS\system32\rpcss.dll
23:37:47.0145 0x1768 RpcSs - ok
23:37:47.0191 0x1768 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
23:37:47.0224 0x1768 rspndr - ok
23:37:47.0250 0x1768 [ 8EB6DCEB7473C232D8BC9A886E3183AC, D81B089443306AD9D89F59DBC5F9C2F5B6A86112B4AB59316B97EE7D8B97D2FA ] RSUSBVSTOR C:\WINDOWS\System32\Drivers\RtsUVStor.sys
23:37:47.0261 0x1768 RSUSBVSTOR - ok
23:37:47.0306 0x1768 [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
23:37:47.0351 0x1768 RTL8168 - ok
23:37:47.0375 0x1768 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
23:37:47.0400 0x1768 s3cap - ok
23:37:47.0417 0x1768 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs C:\WINDOWS\system32\lsass.exe
23:37:47.0425 0x1768 SamSs - ok
23:37:47.0465 0x1768 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
23:37:47.0498 0x1768 sbp2port - ok
23:37:47.0520 0x1768 [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
23:37:47.0542 0x1768 SCardSvr - ok
23:37:47.0559 0x1768 [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
23:37:47.0572 0x1768 ScDeviceEnum - ok
23:37:47.0589 0x1768 [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
23:37:47.0618 0x1768 scfilter - ok
23:37:47.0670 0x1768 [ A95838FFFAEAA7500263D491575F7E0C, FEB79ECAE6D9AB0C29D9AFE12F60502A8357B3A382C0FACF4C6DA4852B6ECFA4 ] Schedule C:\WINDOWS\system32\schedsvc.dll
23:37:47.0727 0x1768 Schedule - ok
23:37:47.0800 0x1768 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
23:37:47.0827 0x1768 SCPolicySvc - ok
23:37:47.0930 0x1768 [ FDEC5799BA499D18AFA3A540538866E7, 551EE0945FE4EC213FFF623E524500B57531EFEA2D76FA7ED1D2D605E7E2168F ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
23:37:47.0954 0x1768 sdbus - ok
23:37:47.0987 0x1768 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
23:37:48.0008 0x1768 sdstor - ok
23:37:48.0043 0x1768 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
23:37:48.0064 0x1768 secdrv - ok
23:37:48.0077 0x1768 [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon C:\WINDOWS\system32\seclogon.dll
23:37:48.0109 0x1768 seclogon - ok
23:37:48.0140 0x1768 [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS C:\WINDOWS\System32\sens.dll
23:37:48.0173 0x1768 SENS - ok
23:37:48.0196 0x1768 [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
23:37:48.0239 0x1768 SensrSvc - ok
23:37:48.0265 0x1768 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
23:37:48.0277 0x1768 SerCx - ok
23:37:48.0303 0x1768 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
23:37:48.0318 0x1768 SerCx2 - ok
23:37:48.0328 0x1768 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
23:37:48.0346 0x1768 Serenum - ok
23:37:48.0366 0x1768 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys
23:37:48.0376 0x1768 Serial - ok
23:37:48.0385 0x1768 [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
23:37:48.0395 0x1768 sermouse - ok
23:37:48.0432 0x1768 [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
23:37:48.0470 0x1768 SessionEnv - ok
23:37:48.0481 0x1768 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
23:37:48.0488 0x1768 sfloppy - ok
23:37:48.0609 0x1768 [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
23:37:48.0676 0x1768 SharedAccess - ok
23:37:48.0743 0x1768 [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
23:37:48.0787 0x1768 ShellHWDetection - ok
23:37:48.0801 0x1768 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
23:37:48.0809 0x1768 SiSRaid2 - ok
23:37:48.0822 0x1768 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
23:37:48.0830 0x1768 SiSRaid4 - ok
23:37:48.0859 0x1768 [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost C:\WINDOWS\System32\smphost.dll
23:37:48.0905 0x1768 smphost - ok
23:37:48.0957 0x1768 [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
23:37:48.0986 0x1768 SNMPTRAP - ok
23:37:49.0015 0x1768 [ 87765EF43C33BE342F4ACB0E3FBF89A6, 3C1DDED7F96F796702F1BC73D5CEE5251DD16011AA349FE4EE1D9C002E0171C6 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
23:37:49.0033 0x1768 spaceport - ok
23:37:49.0045 0x1768 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
23:37:49.0054 0x1768 SpbCx - ok
23:37:49.0079 0x1768 [ FE0CB40F36D3FCDD3A1B312EF72C38D5, 42EA50869752164764DFE8CE7E1C247BE8342A0C15F39158DC808E8A692C460F ] Spooler C:\WINDOWS\System32\spoolsv.exe
23:37:49.0130 0x1768 Spooler - ok
23:37:49.0359 0x1768 [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\WINDOWS\system32\sppsvc.exe
23:37:49.0487 0x1768 sppsvc - ok
23:37:49.0595 0x1768 [ 2B78788A1485F9B99A578A299DF42C02, A87183A9B13585C9E850437A45237105D39D7F3212ADB079D6AB430B67A59643 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
23:37:49.0631 0x1768 srv - ok
23:37:49.0681 0x1768 [ E62EAEF0BAC9DD61BF22D4A7F2F18571, 910D85FDDBAF0E003A0CA0C23D27615F1B7D6145FB9E3A1661E93498196B303A ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
23:37:49.0703 0x1768 srv2 - ok
23:37:49.0726 0x1768 [ 466BDC0006103F2547D308DD3CD64398, 334E0729B369C7F7CBB9878F423B53E05476D1288A8ECEB18240318ABF2370C1 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
23:37:49.0752 0x1768 srvnet - ok
23:37:49.0790 0x1768 [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
23:37:49.0814 0x1768 SSDPSRV - ok
23:37:49.0841 0x1768 [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
23:37:49.0853 0x1768 SstpSvc - ok
23:37:49.0883 0x1768 [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
23:37:49.0902 0x1768 ssudmdm - ok
23:37:49.0930 0x1768 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
23:37:49.0937 0x1768 stexstor - ok
23:37:49.0989 0x1768 [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc C:\WINDOWS\System32\wiaservc.dll
23:37:50.0031 0x1768 stisvc - ok
23:37:50.0042 0x1768 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
23:37:50.0051 0x1768 storahci - ok
23:37:50.0068 0x1768 [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
23:37:50.0076 0x1768 storflt - ok
23:37:50.0094 0x1768 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
23:37:50.0101 0x1768 stornvme - ok
23:37:50.0114 0x1768 [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc C:\WINDOWS\system32\storsvc.dll
23:37:50.0161 0x1768 StorSvc - ok
23:37:50.0176 0x1768 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
23:37:50.0183 0x1768 storvsc - ok
23:37:50.0194 0x1768 [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc C:\WINDOWS\system32\svsvc.dll
23:37:50.0220 0x1768 svsvc - ok
23:37:50.0237 0x1768 [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
23:37:50.0244 0x1768 swenum - ok
23:37:50.0286 0x1768 [ E3C92D60F6AD7763961D1E7628002844, A33EED7CB3EE0EF4890AAD095F989FCA7F44CA1055E03D3892AB543DEE74C9B6 ] swprv C:\WINDOWS\System32\swprv.dll
23:37:50.0329 0x1768 swprv - ok
23:37:50.0429 0x1768 [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain C:\WINDOWS\system32\sysmain.dll
23:37:50.0513 0x1768 SysMain - ok
23:37:50.0551 0x1768 [ D65B1C952AEB864C2BAC7A770B17ECCE, 3EFAAFFF73390D9CB660E0F42B305512396CF66ED06E4A20ED67E8722FB4355B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
23:37:50.0592 0x1768 SystemEventsBroker - ok
23:37:50.0617 0x1768 [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
23:37:50.0634 0x1768 TabletInputService - ok
23:37:50.0654 0x1768 [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
23:37:50.0669 0x1768 TapiSrv - ok
23:37:50.0779 0x1768 [ FEEFE783D87C9063CDAC6DBDCF95F533, EBD00EEE90AC657823A88190BBBED6DA47AF597510C201F3392F4325069D2669 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
23:37:50.0844 0x1768 Tcpip - ok
23:37:50.0907 0x1768 [ FEEFE783D87C9063CDAC6DBDCF95F533, EBD00EEE90AC657823A88190BBBED6DA47AF597510C201F3392F4325069D2669 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
23:37:50.0959 0x1768 TCPIP6 - ok
23:37:51.0014 0x1768 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
23:37:51.0060 0x1768 tcpipreg - ok
23:37:51.0092 0x1768 [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
23:37:51.0103 0x1768 tdx - ok
23:37:51.0154 0x1768 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
23:37:51.0166 0x1768 terminpt - ok
23:37:51.0205 0x1768 [ 2C77831737491F4D684D315B95C62883, 90A2574A281F19646CFCDA5FDF40063220058290D2D5523AD91B7E709EC36D3D ] TermService C:\WINDOWS\System32\termsrv.dll
23:37:51.0249 0x1768 TermService - ok
23:37:51.0280 0x1768 [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes C:\WINDOWS\system32\themeservice.dll
23:37:51.0303 0x1768 Themes - ok
23:37:51.0341 0x1768 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER C:\WINDOWS\system32\mmcss.dll
23:37:51.0362 0x1768 THREADORDER - ok
23:37:51.0386 0x1768 [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
23:37:51.0410 0x1768 TimeBroker - ok
23:37:51.0444 0x1768 [ 11BA90E951B9C156F574A112B543269A, E6CC15C5E533CC073E14D0D7BC282861C00D78E80F5A5D2C2AA2D8D63E63C96B ] tmactmon C:\WINDOWS\system32\DRIVERS\tmactmon.sys
23:37:51.0451 0x1768 tmactmon - ok
23:37:51.0471 0x1768 [ A7CF9B841956293F20E25E08D53718D6, C0B223AD25058CB3921B19FC86AB65DF6D45E7AE4381D36B6553C7C17643AB3E ] tmcomm C:\WINDOWS\system32\DRIVERS\tmcomm.sys
23:37:51.0479 0x1768 tmcomm - ok
23:37:51.0502 0x1768 [ 9D86A57FB83E39A967CD8D3AAE8A170A, 6D1A345D64F2E8919ACA1352FB70F4B5E325B302EEF49DDB3982040A4178E834 ] TMEBC C:\WINDOWS\system32\DRIVERS\TMEBC64.sys
23:37:51.0508 0x1768 TMEBC - ok
23:37:51.0521 0x1768 [ 684AEC0A24E2E8F7A6723DA92078BFC1, 89E8E607A2C1085D26D1A87EFD836D8672EF494175C682A9F18945AD8AF3F8D4 ] tmeevw C:\WINDOWS\system32\DRIVERS\tmeevw.sys
23:37:51.0527 0x1768 tmeevw - ok
23:37:51.0552 0x1768 [ C6FCD93938DC5F4EE3994270496FECEB, 713E5B8A51BBA2CBB0A7EBC462C113AB0842CD2616E4A92DF19AD7B15B0294BE ] tmel C:\WINDOWS\system32\DRIVERS\tmel.sys
23:37:51.0560 0x1768 tmel - ok
23:37:51.0576 0x1768 [ 5050F9BC7EC8B1F7E8B7959F5C889486, 08A8521B31315F88E0B3AF872994BA78ECA1922E2FBA710E31DFE8EFD49F9CEC ] tmevtmgr C:\WINDOWS\system32\DRIVERS\tmevtmgr.sys
23:37:51.0582 0x1768 tmevtmgr - ok
23:37:51.0586 0x1768 [ B53B20410925D1D67805FE9461D0E09F, 965F117DE3213E8E128E72A892EFC468ACD7D27F82E200697F2C06E098C7AFF2 ] tmusa C:\WINDOWS\system32\DRIVERS\tmusa.sys
23:37:51.0592 0x1768 tmusa - ok
23:37:51.0615 0x1768 [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\WINDOWS\system32\drivers\tpm.sys
23:37:51.0626 0x1768 TPM - ok
23:37:51.0643 0x1768 [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks C:\WINDOWS\System32\trkwks.dll
23:37:51.0670 0x1768 TrkWks - ok
23:37:51.0745 0x1768 [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
23:37:51.0792 0x1768 TrustedInstaller - ok
23:37:51.0824 0x1768 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
23:37:51.0865 0x1768 TsUsbFlt - ok
23:37:51.0877 0x1768 [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
23:37:51.0909 0x1768 TsUsbGD - ok
23:37:51.0930 0x1768 [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
23:37:51.0947 0x1768 tunnel - ok
23:37:51.0969 0x1768 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
23:37:51.0981 0x1768 uagp35 - ok
23:37:52.0000 0x1768 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
23:37:52.0013 0x1768 UASPStor - ok
23:37:52.0047 0x1768 [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
23:37:52.0074 0x1768 UCX01000 - ok
23:37:52.0096 0x1768 [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
23:37:52.0129 0x1768 udfs - ok
23:37:52.0140 0x1768 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
23:37:52.0148 0x1768 UEFI - ok
23:37:52.0173 0x1768 [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
23:37:52.0183 0x1768 UI0Detect - ok
23:37:52.0194 0x1768 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
23:37:52.0202 0x1768 uliagpkx - ok
23:37:52.0219 0x1768 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
23:37:52.0226 0x1768 umbus - ok
23:37:52.0240 0x1768 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
23:37:52.0249 0x1768 UmPass - ok
23:37:52.0289 0x1768 [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
23:37:52.0336 0x1768 UmRdpService - ok
23:37:52.0419 0x1768 [ E1A119AD21F5AFE22EB516C549306D3D, 48769D5E7A78B7A2C00F1F6798AC133CF3E0B2C76F71D3719BD741DDD8F2D229 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
23:37:52.0444 0x1768 UNS - ok
23:37:52.0525 0x1768 [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost C:\WINDOWS\System32\upnphost.dll
23:37:52.0565 0x1768 upnphost - ok
23:37:52.0596 0x1768 [ 433ECDE01A52691FA7ACA51C10C09B70, B896296A3F8EF2AF3AC5F0091B9848156608586F1E10A95D70700BAB51E8062A ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
23:37:52.0607 0x1768 usbccgp - ok
23:37:52.0648 0x1768 [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
23:37:52.0657 0x1768 usbcir - ok
23:37:52.0673 0x1768 [ 5477D6E27C7D266EF8C152B9A25ADE5E, FEE81677D284A78A0C0FB60F887A952CFC759AE78B01206D73F59FE33612C519 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
23:37:52.0681 0x1768 usbehci - ok
23:37:52.0701 0x1768 [ DF56C2C04EFA328D7A66B69007130266, 719316EB25A8C7B82C7941D1C5B964CC4EDA4A997732F481526DE7356F6FC0D8 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
23:37:52.0718 0x1768 usbhub - ok
23:37:52.0740 0x1768 [ CFC52C49BEFE4D70D87FFA900EAB9777, 09A2F5D8AB07C3AE3F2B092F4DD7AE5838736CDC263016F188B442B32EC928F8 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
23:37:52.0759 0x1768 USBHUB3 - ok
23:37:52.0775 0x1768 [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
23:37:52.0783 0x1768 usbohci - ok
23:37:52.0798 0x1768 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
23:37:52.0823 0x1768 usbprint - ok
23:37:52.0838 0x1768 [ F3F90825C416B264D016AA9D02C244C4, EEBB594BFF2FB52521995211858C9DB90CD317C5C0E2FB61BF837078BC438FD3 ] usbrndis6 C:\WINDOWS\system32\DRIVERS\usb80236.sys
23:37:52.0886 0x1768 usbrndis6 - ok
23:37:52.0919 0x1768 [ EA23453240137F6773174E0D93F61A69, 579AD09FB428C2BB8B4055128620A7AADD1B606C1EA44B87A01D69A84232A5D9 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
23:37:52.0930 0x1768 USBSTOR - ok
23:37:52.0942 0x1768 [ BA4FA655E0FC577DB7436FC963932CE4, 3336FDECD4AEC6B316D4C0803E22A12719EBEDD1A9427C0DF5D3B263BE600EE6 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
23:37:52.0951 0x1768 usbuhci - ok
23:37:52.0966 0x1768 [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
23:37:52.0997 0x1768 usbvideo - ok
23:37:53.0031 0x1768 [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
23:37:53.0045 0x1768 USBXHCI - ok
23:37:53.0058 0x1768 [ 3CAAB947B1F247A570DE15983BEDEBCF, 81480D999F67A1755D5C21CE046FB439F0FBD743F73D23C19BC8C4DEB78A4F91 ] usb_rndisx C:\WINDOWS\system32\DRIVERS\usb8023x.sys
23:37:53.0065 0x1768 usb_rndisx - ok
23:37:53.0087 0x1768 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc C:\WINDOWS\system32\lsass.exe
23:37:53.0094 0x1768 VaultSvc - ok
23:37:53.0106 0x1768 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
23:37:53.0122 0x1768 vdrvroot - ok
23:37:53.0174 0x1768 [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds C:\WINDOWS\System32\vds.exe
23:37:53.0226 0x1768 vds - ok
23:37:53.0588 0x1768 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
23:37:53.0614 0x1768 VerifierExt - ok
23:37:53.0740 0x1768 [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
23:37:53.0762 0x1768 vhdmp - ok
23:37:53.0775 0x1768 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
23:37:53.0782 0x1768 viaide - ok
23:37:53.0798 0x1768 [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
23:37:53.0807 0x1768 vmbus - ok
23:37:53.0824 0x1768 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
23:37:53.0845 0x1768 VMBusHID - ok
23:37:53.0884 0x1768 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
23:37:53.0916 0x1768 vmicguestinterface - ok
23:37:53.0926 0x1768 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
23:37:53.0942 0x1768 vmicheartbeat - ok
23:37:53.0953 0x1768 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
23:37:53.0968 0x1768 vmickvpexchange - ok
23:37:54.0028 0x1768 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
23:37:54.0048 0x1768 vmicrdv - ok
23:37:54.0059 0x1768 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
23:37:54.0074 0x1768 vmicshutdown - ok
23:37:54.0088 0x1768 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
23:37:54.0104 0x1768 vmictimesync - ok
23:37:54.0114 0x1768 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
23:37:54.0129 0x1768 vmicvss - ok
23:37:54.0206 0x1768 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
23:37:54.0234 0x1768 volmgr - ok
23:37:54.0259 0x1768 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
23:37:54.0278 0x1768 volmgrx - ok
23:37:54.0402 0x1768 [ 3595FBDF25F8BA6256072D103937D7D6, 547AA103804790E31F6E5658923627945948B48F36354EEA2FC0FE09098F9FD5 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
23:37:54.0430 0x1768 volsnap - ok
23:37:54.0463 0x1768 [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
23:37:54.0485 0x1768 vpci - ok
23:37:54.0513 0x1768 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
23:37:54.0524 0x1768 vsmraid - ok
23:37:54.0696 0x1768 [ 4957B27219515B93A508B91068B87BF5, 5B6B37A57FC8F4FC8B119C013338292550C63AB5295A596D382D8DCF26D751A2 ] VSS C:\WINDOWS\system32\vssvc.exe
23:37:54.0743 0x1768 VSS - ok
23:37:54.0766 0x1768 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
23:37:54.0780 0x1768 VSTXRAID - ok
23:37:54.0796 0x1768 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
23:37:54.0825 0x1768 vwifibus - ok
23:37:54.0847 0x1768 [ 6B26AD573CCDD5209DF4397438B76354, 2C8AC314EC471F6D8B0B12D49D621360A10DCADA7C52E73596730C954FF89FCF ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
23:37:54.0878 0x1768 vwififlt - ok
23:37:54.0894 0x1768 [ 0B48E0DFB44EE475F4FD8A8EE599AF30, 28271D4CA0C642304CD8826A3D514F44E3391F9D6D07A1595BB30CE65E7E3494 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
23:37:54.0923 0x1768 vwifimp - ok
23:37:54.0961 0x1768 [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time C:\WINDOWS\system32\w32time.dll
23:37:54.0980 0x1768 W32Time - ok
23:37:54.0992 0x1768 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
23:37:55.0001 0x1768 WacomPen - ok
23:37:55.0099 0x1768 [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine C:\WINDOWS\system32\wbengine.exe
23:37:55.0144 0x1768 wbengine - ok
23:37:55.0187 0x1768 [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
23:37:55.0248 0x1768 WbioSrvc - ok
23:37:55.0331 0x1768 [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
23:37:55.0375 0x1768 Wcmsvc - ok
23:37:55.0407 0x1768 [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
23:37:55.0456 0x1768 wcncsvc - ok
23:37:55.0481 0x1768 [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
23:37:55.0510 0x1768 WcsPlugInService - ok
23:37:55.0524 0x1768 [ F5D4FA3E1F4879C361FFF3855259D2C2, 48C60FE4AAB011E2250157506FF0624031BFA346F8F2F8C6DFDF6F3CAA4F3F42 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
23:37:55.0531 0x1768 WdBoot - ok
23:37:55.0568 0x1768 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
23:37:55.0591 0x1768 Wdf01000 - ok
23:37:55.0626 0x1768 [ 019CC610AD95FF47EAD7C08B7A683B96, BB9D42F8ED90ECA2E7B8C906E06A1EA859FAD9BD1B3492BB1E28C0D00004812A ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
23:37:55.0655 0x1768 WdFilter - ok
23:37:55.0671 0x1768 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
23:37:55.0703 0x1768 WdiServiceHost - ok
23:37:55.0706 0x1768 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
23:37:55.0719 0x1768 WdiSystemHost - ok
23:37:55.0744 0x1768 [ 6CC1BB8F6851A262E2E824F0E92D5EEF, 45A88A984179BBA38C1F4434C4D6C2823C1FE6AFBE8CB0F656DAE0092D1D5611 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
23:37:55.0753 0x1768 WdNisDrv - ok
23:37:55.0777 0x1768 WdNisSvc - ok
23:37:55.0799 0x1768 [ 6588A957873326361AB1CAC4E76F8394, BE17880CEDCAE5ED3B983443E3777842646A3E48B661422A717656E11F6DBA94 ] WebClient C:\WINDOWS\System32\webclnt.dll
23:37:55.0836 0x1768 WebClient - ok
23:37:55.0870 0x1768 [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
23:37:55.0900 0x1768 Wecsvc - ok
23:37:55.0918 0x1768 [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
23:37:55.0945 0x1768 WEPHOSTSVC - ok
23:37:55.0981 0x1768 [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
23:37:56.0033 0x1768 wercplsupport - ok
23:37:56.0064 0x1768 [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
23:37:56.0113 0x1768 WerSvc - ok
23:37:56.0175 0x1768 [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
23:37:56.0213 0x1768 WFPLWFS - ok
23:37:56.0242 0x1768 [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
23:37:56.0278 0x1768 WiaRpc - ok
23:37:56.0315 0x1768 [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
23:37:56.0343 0x1768 WIMMount - ok
23:37:56.0347 0x1768 WinDefend - ok
23:37:56.0478 0x1768 [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
23:37:56.0509 0x1768 WinHttpAutoProxySvc - ok
23:37:56.0612 0x1768 [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
23:37:56.0662 0x1768 Winmgmt - ok
23:37:56.0846 0x1768 [ C8D6344BDE2691A196E61C0D3372EAB7, FF8EB79D8A7E298343C22B83276FF68293D08A9DA438BB22600BEFC4CA93A91D ] WinRM C:\WINDOWS\system32\WsmSvc.dll
23:37:56.0928 0x1768 WinRM - ok
23:37:56.0966 0x1768 [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\WINDOWS\system32\DRIVERS\WinUsb.sys
23:37:56.0975 0x1768 WinUsb - ok
23:37:57.0031 0x1768 [ 5A917027826D759CC3238C7D3CEC3438, A8FFA28B6D8A314692AA08788FC9E2E0F03D8AD1FCD662826ABA71DB39C3605A ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
23:37:57.0063 0x1768 WlanSvc - ok
23:37:57.0222 0x1768 [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
23:37:57.0299 0x1768 wlidsvc - ok
23:37:57.0334 0x1768 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
23:37:57.0360 0x1768 WmiAcpi - ok
23:37:57.0407 0x1768 [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
23:37:57.0455 0x1768 wmiApSrv - ok
23:37:57.0476 0x1768 WMPNetworkSvc - ok
23:37:57.0522 0x1768 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys
23:37:57.0546 0x1768 Wof - ok
23:37:57.0658 0x1768 [ 65C65F3BD784158C456E721DDC9F0EA2, CBD3ADFD960456BD4B9557BF691E12D31153499549F5D3D08258BD62013952ED ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
23:37:57.0729 0x1768 workfolderssvc - ok
23:37:57.0765 0x1768 [ C1F564F324685C088ECAB1933576CF91, 022F0EC160352AB73AF7DA557D1A5798964231B82C556F22F4163E8B3E4088B2 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
23:37:57.0775 0x1768 wpcfltr - ok
23:37:57.0798 0x1768 [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
23:37:57.0815 0x1768 WPCSvc - ok
23:37:57.0830 0x1768 [ D27491CFCE452C154CECFA155AD0EBC8, 1F3F74C253E3B07DE7EFE27C34DD9AF08617C7B03BB44C2902F69BA9DA3F21F2 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
23:37:57.0854 0x1768 WPDBusEnum - ok
23:37:57.0879 0x1768 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
23:37:57.0886 0x1768 WpdUpFltr - ok
23:37:57.0899 0x1768 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
23:37:57.0921 0x1768 ws2ifsl - ok
23:37:57.0952 0x1768 [ 515583507D3828E827FF6352C9ACCEFA, D0C42020FA787804DA26FE07D67C8880FE027A230BD9EB6A706862D89181F2BE ] wscsvc C:\WINDOWS\System32\wscsvc.dll
23:37:57.0993 0x1768 wscsvc - ok
23:37:57.0995 0x1768 WSearch - ok
23:37:58.0203 0x1768 [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService C:\WINDOWS\System32\WSService.dll
23:37:58.0275 0x1768 WSService - ok
23:37:58.0594 0x1768 [ 7E609FBF50774CC5A239420FE34EBB9C, 69B643B11717D51BC5D3F1CDE47D4C9E198AB8D9160C852DBE9B940E40AD8A57 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
23:37:58.0742 0x1768 wuauserv - ok
23:37:58.0774 0x1768 [ 2FEAE33E9B2B56104596E1BA444405A9, 0A142F50E06F6224B9CB36B3CE62BE0B36DE8B8DB9F9E05D287DFB884CC7826E ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
23:37:58.0801 0x1768 WudfPf - ok
23:37:58.0822 0x1768 [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
23:37:58.0844 0x1768 WUDFRd - ok
23:37:58.0850 0x1768 [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFSensorLP C:\WINDOWS\System32\drivers\WUDFRd.sys
23:37:58.0861 0x1768 WUDFSensorLP - ok
23:37:58.0892 0x1768 [ BB73CBC65AABC4EA0A5C6A1474A0A743, D644B3C6A7202CADDADB3B68FE1B2A7C76B023FE58F667EED4D538C1F4A65D64 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
23:37:58.0922 0x1768 wudfsvc - ok
23:37:58.0929 0x1768 [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
23:37:58.0939 0x1768 WUDFWpdFs - ok
23:37:58.0946 0x1768 [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
23:37:58.0957 0x1768 WUDFWpdMtp - ok
23:37:58.0978 0x1768 [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
23:37:59.0006 0x1768 WwanSvc - ok
23:37:59.0068 0x1768 [ 29C50636FA1886D819CD95FF1FE2B5DF, A3A074A814295B74E6C178F8BEEAD85105714F45D71435089F6243387319F800 ] {a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64 C:\WINDOWS\system32\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64.sys
23:37:59.0097 0x1768 {a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64 - ok
23:37:59.0107 0x1768 ================ Scan global ===============================
23:37:59.0154 0x1768 [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll
23:37:59.0245 0x1768 [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\WINDOWS\system32\winsrv.dll
23:37:59.0278 0x1768 [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll
23:37:59.0313 0x1768 [ B4B610BBCB002EC478C6FD80CF915697, CE22B87A7C7C0D325CE66FB97E7318B4A41EE0BD14D902A410126A1EBBEAA6FB ] C:\WINDOWS\system32\services.exe
23:37:59.0323 0x1768 [ Global ] - ok
23:37:59.0324 0x1768 ================ Scan MBR ==================================
23:37:59.0346 0x1768 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:37:59.0700 0x1768 \Device\Harddisk0\DR0 - ok
23:37:59.0701 0x1768 ================ Scan VBR ==================================
23:37:59.0705 0x1768 [ 9CDBA0298D5BEF64DE3F7B6DE86BE505 ] \Device\Harddisk0\DR0\Partition1
23:37:59.0792 0x1768 \Device\Harddisk0\DR0\Partition1 - ok
23:37:59.0796 0x1768 [ E4D1AFE3F811DE0DFDE8DA9C2AAA48A6 ] \Device\Harddisk0\DR0\Partition2
23:37:59.0955 0x1768 \Device\Harddisk0\DR0\Partition2 - ok
23:37:59.0955 0x1768 ================ Scan active images ========================
23:37:59.0959 0x1768 [ FA47B0AA255B7CF4519E995C6404AE22, F7B315B96E27D1CA00FDB181646B4DF10A0B5AAA7D407AAECAABD7C2348D339F ] C:\Windows\System32\drivers\crashdmp.sys
23:37:59.0959 0x1768 C:\Windows\System32\drivers\crashdmp.sys - ok
23:37:59.0964 0x1768 [ 224C2CB37497472C345CB2A02DF11363, 73FE60B2D1D7395E1B97B673CC296A5FE36BA4F4AD9EAD13F3F545134DAC7B70 ] C:\Windows\System32\drivers\Diskdump.sys
23:37:59.0964 0x1768 C:\Windows\System32\drivers\Diskdump.sys - ok
23:37:59.0970 0x1768 [ 459016E8A4FA6426EDB5A9456A6E5E58, 92B73EE5559ABD8783EC5AF8A2B6EBDE0D937745B4BEDBEA6DF06DD8606AE56C ] C:\Windows\System32\drivers\iaStorA.sys
23:37:59.0970 0x1768 C:\Windows\System32\drivers\iaStorA.sys - ok
23:37:59.0975 0x1768 [ 61A1C2641321A6B89A2B41C5D481EF48, A88596BD3095AB603151BE1C9FB2299039C4A049F940A300FBBBD69EC9D30914 ] C:\Windows\System32\drivers\dumpfve.sys
23:37:59.0975 0x1768 C:\Windows\System32\drivers\dumpfve.sys - ok
23:37:59.0982 0x1768 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] C:\Windows\System32\drivers\BasicRender.sys
23:37:59.0982 0x1768 C:\Windows\System32\drivers\BasicRender.sys - ok
23:37:59.0988 0x1768 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] C:\Windows\System32\drivers\beep.sys
23:37:59.0988 0x1768 C:\Windows\System32\drivers\beep.sys - ok
23:37:59.0993 0x1768 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] C:\Windows\System32\drivers\cdrom.sys
23:37:59.0993 0x1768 C:\Windows\System32\drivers\cdrom.sys - ok
23:37:59.0998 0x1768 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] C:\Windows\System32\drivers\null.sys
23:37:59.0999 0x1768 C:\Windows\System32\drivers\null.sys - ok
23:38:00.0004 0x1768 [ C7D252742946DD395670649742FBD73D, 333CC984CF318D36EA8C5867077A1732A214445EB6B7CF7AC2E8F1C8259CD9C7 ] C:\Windows\System32\drivers\dxgkrnl.sys
23:38:00.0004 0x1768 C:\Windows\System32\drivers\dxgkrnl.sys - ok
23:38:00.0008 0x1768 [ 9CC0003FB8ED3763B977B43F1012FF63, 6FDB6FFE1D77F9BA0ABDCA387BFD9AE2C547DB8D89C20BB8D5C31798E569BFB7 ] C:\Windows\System32\drivers\watchdog.sys
23:38:00.0008 0x1768 C:\Windows\System32\drivers\watchdog.sys - ok
23:38:00.0011 0x1768 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] C:\Windows\System32\drivers\BasicDisplay.sys
23:38:00.0011 0x1768 C:\Windows\System32\drivers\BasicDisplay.sys - ok
23:38:00.0014 0x1768 [ 4030CB06B8D963A45CED9E60C9F2A11E, 886EF96B7A8E8C503CBDFC64BBC8B01AB52978DDC9A5AC3A847CA25627E8ADD0 ] C:\Windows\System32\drivers\dxgmms1.sys
23:38:00.0014 0x1768 C:\Windows\System32\drivers\dxgmms1.sys - ok
23:38:00.0017 0x1768 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] C:\Windows\System32\drivers\msfs.sys
23:38:00.0017 0x1768 C:\Windows\System32\drivers\msfs.sys - ok
23:38:00.0020 0x1768 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] C:\Windows\System32\drivers\npfs.sys
23:38:00.0020 0x1768 C:\Windows\System32\drivers\npfs.sys - ok
23:38:00.0024 0x1768 [ 3C7361E0A5A6966DB957B94ECF924A9E, 6AE6BFD1E6987E85F4C134639F7AC2A92523B9E9A638A7FA0A98E3B195430D24 ] C:\Windows\System32\drivers\tdi.sys
23:38:00.0024 0x1768 C:\Windows\System32\drivers\tdi.sys - ok
23:38:00.0027 0x1768 [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] C:\Windows\System32\drivers\tdx.sys
23:38:00.0027 0x1768 C:\Windows\System32\drivers\tdx.sys - ok
23:38:00.0031 0x1768 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] C:\Windows\System32\drivers\netbt.sys
23:38:00.0031 0x1768 C:\Windows\System32\drivers\netbt.sys - ok
23:38:00.0034 0x1768 [ 29C50636FA1886D819CD95FF1FE2B5DF, A3A074A814295B74E6C178F8BEEAD85105714F45D71435089F6243387319F800 ] C:\Windows\System32\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64.sys
23:38:00.0034 0x1768 C:\Windows\System32\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64.sys - ok
23:38:00.0037 0x1768 [ 239268BAB58EAE9A3FF4E08334C00451, 13F927730DF9BAEDB3A7AB6F7238270A20E4CDEB3D5324A1C471DF2209F3D239 ] C:\Windows\System32\drivers\afd.sys
23:38:00.0037 0x1768 C:\Windows\System32\drivers\afd.sys - ok
23:38:00.0039 0x1768 [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] C:\Windows\System32\drivers\pacer.sys
23:38:00.0039 0x1768 C:\Windows\System32\drivers\pacer.sys - ok
23:38:00.0041 0x1768 [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] C:\Windows\System32\drivers\netbios.sys
23:38:00.0041 0x1768 C:\Windows\System32\drivers\netbios.sys - ok
23:38:00.0043 0x1768 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] C:\Windows\System32\drivers\rdbss.sys
23:38:00.0043 0x1768 C:\Windows\System32\drivers\rdbss.sys - ok
23:38:00.0045 0x1768 [ 11BA90E951B9C156F574A112B543269A, E6CC15C5E533CC073E14D0D7BC282861C00D78E80F5A5D2C2AA2D8D63E63C96B ] C:\Windows\System32\drivers\tmactmon.sys
23:38:00.0045 0x1768 C:\Windows\System32\drivers\tmactmon.sys - ok
23:38:00.0047 0x1768 [ 5050F9BC7EC8B1F7E8B7959F5C889486, 08A8521B31315F88E0B3AF872994BA78ECA1922E2FBA710E31DFE8EFD49F9CEC ] C:\Windows\System32\drivers\tmevtmgr.sys
23:38:00.0047 0x1768 C:\Windows\System32\drivers\tmevtmgr.sys - ok
23:38:00.0049 0x1768 [ 6B26AD573CCDD5209DF4397438B76354, 2C8AC314EC471F6D8B0B12D49D621360A10DCADA7C52E73596730C954FF89FCF ] C:\Windows\System32\drivers\vwififlt.sys
23:38:00.0049 0x1768 C:\Windows\System32\drivers\vwififlt.sys - ok
23:38:00.0051 0x1768 [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] C:\Windows\System32\drivers\nsiproxy.sys
23:38:00.0051 0x1768 C:\Windows\System32\drivers\nsiproxy.sys - ok
23:38:00.0053 0x1768 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] C:\Windows\System32\drivers\dfsc.sys
23:38:00.0053 0x1768 C:\Windows\System32\drivers\dfsc.sys - ok
23:38:00.0055 0x1768 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] C:\Windows\System32\drivers\mssmbios.sys
23:38:00.0055 0x1768 C:\Windows\System32\drivers\mssmbios.sys - ok
23:38:00.0058 0x1768 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] C:\Windows\System32\drivers\npsvctrig.sys
23:38:00.0058 0x1768 C:\Windows\System32\drivers\npsvctrig.sys - ok
23:38:00.0060 0x1768 [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] C:\Windows\System32\drivers\ahcache.sys
23:38:00.0060 0x1768 C:\Windows\System32\drivers\ahcache.sys - ok
23:38:00.0062 0x1768 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] C:\Windows\System32\drivers\dam.sys
23:38:00.0062 0x1768 C:\Windows\System32\drivers\dam.sys - ok
23:38:00.0064 0x1768 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] C:\Windows\System32\drivers\CompositeBus.sys
23:38:00.0064 0x1768 C:\Windows\System32\drivers\CompositeBus.sys - ok
23:38:00.0066 0x1768 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] C:\Windows\System32\drivers\kdnic.sys
23:38:00.0066 0x1768 C:\Windows\System32\drivers\kdnic.sys - ok
23:38:00.0068 0x1768 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] C:\Windows\System32\drivers\umbus.sys
23:38:00.0068 0x1768 C:\Windows\System32\drivers\umbus.sys - ok
23:38:00.0070 0x1768 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] C:\Windows\System32\drivers\wmiacpi.sys
23:38:00.0070 0x1768 C:\Windows\System32\drivers\wmiacpi.sys - ok
23:38:00.0072 0x1768 [ 9B93CC9C70EDE60A9C486E7719DB9E8D, 8E31BE72797D3308D8AF136E9F4C6199BCF4592F88E9FEB361752FF768225EC9 ] C:\Windows\System32\drivers\nvlddmkm.sys
23:38:00.0072 0x1768 C:\Windows\System32\drivers\nvlddmkm.sys - ok
23:38:00.0074 0x1768 [ 939B63CB5C350802ACE33E5C7AC037FD, F376EE28D5183ABEA5BC96023C8D58F8DAF911D1204DB823094F899C5D2474B4 ] C:\Windows\System32\ntdll.dll
23:38:00.0074 0x1768 C:\Windows\System32\ntdll.dll - ok
23:38:00.0076 0x1768 [ D8564418BAC13776E43DB5F6B4FA775E, FC8EF5704C871187AE4945000DB3D3758E8B867E90F8E530B0F12C6438D17D35 ] C:\Windows\System32\smss.exe
23:38:00.0076 0x1768 C:\Windows\System32\smss.exe - ok
23:38:00.0078 0x1768 [ 7A5A61997B5404C8EDDFCC62378164DC, C2BCA8A2AA2DFCCF3489FC7F0F366ABBDC8606CFC6397CD7B17C8CD4A28DD17F ] C:\Windows\System32\drivers\igdkmd64.sys
23:38:00.0078 0x1768 C:\Windows\System32\drivers\igdkmd64.sys - ok
23:38:00.0080 0x1768 [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] C:\Windows\System32\drivers\USBXHCI.SYS
23:38:00.0080 0x1768 C:\Windows\System32\drivers\USBXHCI.SYS - ok
23:38:00.0082 0x1768 [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] C:\Windows\System32\drivers\UCX01000.SYS
23:38:00.0082 0x1768 C:\Windows\System32\drivers\UCX01000.SYS - ok
23:38:00.0084 0x1768 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] C:\Windows\System32\drivers\HECIx64.sys
23:38:00.0084 0x1768 C:\Windows\System32\drivers\HECIx64.sys - ok
23:38:00.0086 0x1768 [ 32F2E6BAD9FA8E14B55E97280661801E, 5F0DAEE71A96262834759C897D3EE6F952978418A97F41B35E497D9A6A2E0E36 ] C:\Windows\System32\drivers\usbport.sys
23:38:00.0086 0x1768 C:\Windows\System32\drivers\usbport.sys - ok
23:38:00.0088 0x1768 [ 5477D6E27C7D266EF8C152B9A25ADE5E, FEE81677D284A78A0C0FB60F887A952CFC759AE78B01206D73F59FE33612C519 ] C:\Windows\System32\drivers\usbehci.sys
23:38:00.0088 0x1768 C:\Windows\System32\drivers\usbehci.sys - ok
23:38:00.0090 0x1768 [ 387A1E98BE548E4F199343CBA01E9D6D, 4A2B66E5587BE0BDEC99C1EC758DB67F35D1988B1FCD916355D6473E3BCDD13E ] C:\Windows\System32\autochk.exe
23:38:00.0090 0x1768 C:\Windows\System32\autochk.exe - ok
23:38:00.0092 0x1768 [ 03909BDBFF0DCACCABF2B2D4ADEE44DC, 42E631B23BB004F5C2128BAD334C21AB20FAD08AFED9E8191AE9373531BC73DD ] C:\Windows\System32\drivers\hdaudbus.sys
23:38:00.0092 0x1768 C:\Windows\System32\drivers\hdaudbus.sys - ok
23:38:00.0095 0x1768 [ 75B9B86878CC159FBC40C4F9202ADBE3, 80D9176112BAFB42E6568E723781E5C03BD5472AB382496C1BD784DB9B2FB6E6 ] C:\Windows\System32\drivers\NETwew00.sys
23:38:00.0095 0x1768 C:\Windows\System32\drivers\NETwew00.sys - ok
23:38:00.0097 0x1768 [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] C:\Windows\System32\drivers\Rt630x64.sys
23:38:00.0097 0x1768 C:\Windows\System32\drivers\Rt630x64.sys - ok
23:38:00.0099 0x1768 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] C:\Windows\System32\drivers\vwifibus.sys
23:38:00.0099 0x1768 C:\Windows\System32\drivers\vwifibus.sys - ok
23:38:00.0101 0x1768 [ B05D249879ED6B04D4C4C9C88AF2BD44, DC80CF71AD8F9E103EA8C4E8B809340D91952ED568F6EF5678488856D6837CF8 ] C:\Windows\System32\drivers\Apfiltr.sys
23:38:00.0101 0x1768 C:\Windows\System32\drivers\Apfiltr.sys - ok
23:38:00.0103 0x1768 [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] C:\Windows\System32\drivers\i8042prt.sys
23:38:00.0103 0x1768 C:\Windows\System32\drivers\i8042prt.sys - ok
23:38:00.0105 0x1768 [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] C:\Windows\System32\drivers\kbdclass.sys
23:38:00.0105 0x1768 C:\Windows\System32\drivers\kbdclass.sys - ok
23:38:00.0107 0x1768 [ 99387C515F80270F097F6DD9B5315649, 01DBF3B69DCA897AD45271DF0DF96F3503274881800DAD36AB37FCE97167C6E5 ] C:\Windows\System32\drivers\battc.sys
23:38:00.0107 0x1768 C:\Windows\System32\drivers\battc.sys - ok
23:38:00.0109 0x1768 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] C:\Windows\System32\drivers\CmBatt.sys
23:38:00.0109 0x1768 C:\Windows\System32\drivers\CmBatt.sys - ok
23:38:00.0111 0x1768 [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] C:\Windows\System32\drivers\mouclass.sys
23:38:00.0111 0x1768 C:\Windows\System32\drivers\mouclass.sys - ok
23:38:00.0113 0x1768 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] C:\Windows\System32\drivers\intelppm.sys
23:38:00.0113 0x1768 C:\Windows\System32\drivers\intelppm.sys - ok
23:38:00.0115 0x1768 [ 233A4C961703D6B3EBA4EC1A3E85AACE, 9BEF1EAC87BF94668C457515F1E0891E631548FA665C9836A9E8644DA09CF468 ] C:\Windows\System32\drivers\ks.sys
23:38:00.0115 0x1768 C:\Windows\System32\drivers\ks.sys - ok
23:38:00.0117 0x1768 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] C:\Windows\System32\drivers\NdisVirtualBus.sys
23:38:00.0117 0x1768 C:\Windows\System32\drivers\NdisVirtualBus.sys - ok
23:38:00.0119 0x1768 [ EE03564B7FAFE2E44EDA33D52E83B4A3, 53C917EEC92B813EB0C86B225E9887C9CDFDD7708AEA71BFAC0A3039E26D7BEB ] C:\Windows\System32\drivers\iwdbus.sys
23:38:00.0119 0x1768 C:\Windows\System32\drivers\iwdbus.sys - ok
23:38:00.0121 0x1768 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] C:\Windows\System32\drivers\rdpbus.sys
23:38:00.0121 0x1768 C:\Windows\System32\drivers\rdpbus.sys - ok
23:38:00.0123 0x1768 [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] C:\Windows\System32\drivers\swenum.sys
23:38:00.0123 0x1768 C:\Windows\System32\drivers\swenum.sys - ok
23:38:00.0125 0x1768 [ 882222A9961418A75A08CB68671679D5, 836E22C68E3BB08E612DA3680C772EB3AD94A30377D82CB35BFDE92493D5ED33 ] C:\Windows\System32\drivers\usbd.sys
23:38:00.0125 0x1768 C:\Windows\System32\drivers\usbd.sys - ok
23:38:00.0127 0x1768 [ DF56C2C04EFA328D7A66B69007130266, 719316EB25A8C7B82C7941D1C5B964CC4EDA4A997732F481526DE7356F6FC0D8 ] C:\Windows\System32\drivers\usbhub.sys
23:38:00.0128 0x1768 C:\Windows\System32\drivers\usbhub.sys - ok
23:38:00.0129 0x1768 [ FADE737DEAFE3BF4CFC151AD0F548A47, D8E58838F966E69507EA60B3F2B15B088FA70F6A9536F5C8D7CA2794FD481894 ] C:\Windows\System32\wow64.dll
23:38:00.0129 0x1768 C:\Windows\System32\wow64.dll - ok
23:38:00.0131 0x1768 [ B65523C830308241407F6EBCC6484E70, 0045EE4010BF5FB60886F1B02EA73590BBEEED78CE4577989EE55B4BF2B74923 ] C:\Windows\System32\sechost.dll
23:38:00.0131 0x1768 C:\Windows\System32\sechost.dll - ok
23:38:00.0133 0x1768 [ 74B258D5896FC8F8256E8D03459AC2A2, B37DC91EA21A9E16DF4CA19099FA940063A690704E499D335F5104954E91715D ] C:\Windows\System32\lpk.dll
23:38:00.0133 0x1768 C:\Windows\System32\lpk.dll - ok
23:38:00.0135 0x1768 [ 4983684E2DDB7B617AA8EA94E037360F, B77720623D78D5BE64D041D4EC49E259C658D2637B3E1D778B8F6FA447B0BEBB ] C:\Windows\System32\imm32.dll
23:38:00.0135 0x1768 C:\Windows\System32\imm32.dll - ok
23:38:00.0137 0x1768 [ CFC52C49BEFE4D70D87FFA900EAB9777, 09A2F5D8AB07C3AE3F2B092F4DD7AE5838736CDC263016F188B442B32EC928F8 ] C:\Windows\System32\drivers\USBHUB3.SYS
23:38:00.0137 0x1768 C:\Windows\System32\drivers\USBHUB3.SYS - ok
23:38:00.0139 0x1768 [ F3523E611AB0B0977B048263A12DCF2A, 85243102F253AD4FB3E593A4BC2E3801256995F9E1E2FCA28B28B1E326D57BEC ] C:\Windows\System32\kernel32.dll
23:38:00.0139 0x1768 C:\Windows\System32\kernel32.dll - ok
23:38:00.0141 0x1768 [ 3103BBAB41F0C75BE6FA302439C9B9D6, CC0D62B5B5A0E6193B27CA7E3BCDD3E5FFB5F1EFDA97CE1EB76FCA7D1B159FEF ] C:\Windows\System32\drivers\drmk.sys
23:38:00.0141 0x1768 C:\Windows\System32\drivers\drmk.sys - ok
23:38:00.0143 0x1768 [ 8685379B82AC81187813225905531D1E, 9220153F68B58DF79B5847F53C9275CAD0BF1E47151EEA0C21BC55489DC2042C ] C:\Windows\System32\drivers\portcls.sys
23:38:00.0143 0x1768 C:\Windows\System32\drivers\portcls.sys - ok
23:38:00.0145 0x1768 [ 905A32D35E8CC1F08F040F77B03697FF, CA1B6E1B52E9DA5977C5105C28E3FA5142B4CBF16391B532A6037B396A2F7884 ] C:\Windows\System32\shlwapi.dll
23:38:00.0145 0x1768 C:\Windows\System32\shlwapi.dll - ok
23:38:00.0148 0x1768 [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] C:\Windows\System32\drivers\HdAudio.sys
23:38:00.0148 0x1768 C:\Windows\System32\drivers\HdAudio.sys - ok
23:38:00.0150 0x1768 [ 5BCABCE516486337E39DDD005BCBB1CA, 6D04CF09BC3BA0B4917B30CBE11FEE0A4F6324BA6F177DB750AA02756B0A9FD4 ] C:\Windows\System32\GdiPlus.dll
23:38:00.0150 0x1768 C:\Windows\System32\GdiPlus.dll - ok
23:38:00.0152 0x1768 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] C:\Windows\System32\drivers\ksthunk.sys
23:38:00.0152 0x1768 C:\Windows\System32\drivers\ksthunk.sys - ok
23:38:00.0154 0x1768 [ 9E2ABB0CAB26EBD775D968EAB1C1F6EC, C71BA2C89FDD1395BDD2E8C4F7B00C2CF0BE428EA8DF59945CDCC5575922BCA4 ] C:\Windows\System32\normaliz.dll
23:38:00.0154 0x1768 C:\Windows\System32\normaliz.dll - ok
23:38:00.0156 0x1768 [ 75428240F81D41B9F8F7CE5DDB07CA0F, B420AD4B2DE3C6222F86E2FDE7F8FAB73675D81E817CD81EAEFC7E8FD076E50B ] C:\Windows\System32\nsi.dll
23:38:00.0156 0x1768 C:\Windows\System32\nsi.dll - ok
23:38:00.0158 0x1768 [ DACC0040F6BB7F524BAE1D653B9FC329, 1FD3FC4E7C7D3FADA6DA29D4CA4D8F124A23F3565CDAC92BDF987AD7B7EA89D7 ] C:\Windows\System32\Wldap32.dll
23:38:00.0158 0x1768 C:\Windows\System32\Wldap32.dll - ok
23:38:00.0161 0x1768 [ B7564AB4F8A12A16C568F256EC6C429B, DD4E34227A1227F10BFD2DF1BA40D3EEB905FF6E9FF4905BE3323102ACD45F28 ] C:\Windows\System32\psapi.dll
23:38:00.0161 0x1768 C:\Windows\System32\psapi.dll - ok
23:38:00.0162 0x1768 [ D04D884242F02CC02E9264A4DBF532DB, 9240087846AB1975F7DFABD1A143E26A2F587CE8B8CD28C64CC448FAE2366036 ] C:\Windows\System32\wow64win.dll
23:38:00.0162 0x1768 C:\Windows\System32\wow64win.dll - ok
23:38:00.0164 0x1768 [ 48EBD5B3241D2324A92BA8EB993B2076, D4714B0913F5A4E79A6302A8C849B7948277ACB1C2A6353C1D86D01D53D55B0C ] C:\Windows\System32\oleaut32.dll
23:38:00.0164 0x1768 C:\Windows\System32\oleaut32.dll - ok
23:38:00.0166 0x1768 [ CEB069C882A0DFEDBE5C1590D44B1052, AF8AFB0B0F9818CCAD5C2EE336337A31FD9E8F8BE54569305904DFE82DB9414A ] C:\Windows\System32\user32.dll
23:38:00.0166 0x1768 C:\Windows\System32\user32.dll - ok
23:38:00.0168 0x1768 [ 332E5E35DE9E8175A9550501E57E0612, AA07A34F20225EE4619A7F1948DDD81EAC45BD499D9D2D1DCA979974FBB487F5 ] C:\Windows\System32\ole32.dll
23:38:00.0168 0x1768 C:\Windows\System32\ole32.dll - ok
23:38:00.0170 0x1768 [ 1AEFA4B25F72772F131D760F664ED7E1, 13C4A554F34FBB54257EEA8832AAFB37453410B563D2589F9A533639D80B54C7 ] C:\Windows\System32\difxapi.dll
23:38:00.0170 0x1768 C:\Windows\System32\difxapi.dll - ok
23:38:00.0172 0x1768 [ 06070D4CC64300D473C55ABDC887B63C, A3BF0EF490AFA61CC3498666E86E10C0A48F75552FF66D554447EB071C8A8BC8 ] C:\Windows\System32\shell32.dll
23:38:00.0172 0x1768 C:\Windows\System32\shell32.dll - ok
23:38:00.0174 0x1768 [ 6AFE9D20019BA4C76188A458573F4461, B7E9C9E6FD59521672553947833AEC7BB84E6B1DFFD7E4850B64171EB67C7D7D ] C:\Windows\System32\combase.dll
23:38:00.0174 0x1768 C:\Windows\System32\combase.dll - ok
23:38:00.0176 0x1768 [ 561F1AB95F4F01C691BDABA5FD5C67FC, 4C6184C1A72B2F84BB1CA5A72F89CC44F9F37FF225D834EBCEFF26F820635BED ] C:\Windows\System32\advapi32.dll
23:38:00.0176 0x1768 C:\Windows\System32\advapi32.dll - ok
23:38:00.0178 0x1768 [ CFDEF7C849D5AFDB689473073B0EE82D, DFA9D516746FF563371F8614B386ACD3009C6297C812E2A13091109B059E7A8C ] C:\Windows\System32\comdlg32.dll
23:38:00.0178 0x1768 C:\Windows\System32\comdlg32.dll - ok
23:38:00.0180 0x1768 [ 6F997D98C6A30D79C622811FBAB9119E, 730BD302DEF13201B7E197524F373CB2E422D167C8ACBE190F551F6AC153D13C ] C:\Windows\System32\ws2_32.dll
23:38:00.0180 0x1768 C:\Windows\System32\ws2_32.dll - ok
23:38:00.0182 0x1768 [ 7D7C2B72B81BABF192F1033460A3C434, 28B317BEBCC5EAA3A4694830637033CF7675CA2ABCE581908DC7D95991768218 ] C:\Windows\System32\msctf.dll
23:38:00.0182 0x1768 C:\Windows\System32\msctf.dll - ok
23:38:00.0184 0x1768 [ E7F88B66FD5C0DA438371C998273FD0D, 674B6C08F58183949D775C5B2713A485F79AEBAAA86F8F67292576694C17F36C ] C:\Windows\System32\setupapi.dll
23:38:00.0184 0x1768 C:\Windows\System32\setupapi.dll - ok
23:38:00.0186 0x1768 [ 7CE4D5AB5626A26A6E6DFC7397179841, 871E24E52C58BBECB251083F1705261E7B3D3D8E017089FCD52D7582571B59F1 ] C:\Windows\System32\msvcrt.dll
23:38:00.0186 0x1768 C:\Windows\System32\msvcrt.dll - ok
23:38:00.0188 0x1768 [ 433ECDE01A52691FA7ACA51C10C09B70, B896296A3F8EF2AF3AC5F0091B9848156608586F1E10A95D70700BAB51E8062A ] C:\Windows\System32\drivers\usbccgp.sys
23:38:00.0188 0x1768 C:\Windows\System32\drivers\usbccgp.sys - ok
23:38:00.0190 0x1768 [ 447CB6699A8EAD2BC516991738A16277, 1A58913C5A51B26FBB87AE26C34A0C9F2F4444D7F50CEF90635EDE17DBED77CC ] C:\Windows\System32\imagehlp.dll
23:38:00.0190 0x1768 C:\Windows\System32\imagehlp.dll - ok
23:38:00.0192 0x1768 [ CC29613C244DA266D40DBACC108FEAB5, B92B10664D811EDF4A16A19AF01B0C5D9721748BDD2852B32F18DB9C9C267042 ] C:\Windows\System32\wow64cpu.dll
23:38:00.0192 0x1768 C:\Windows\System32\wow64cpu.dll - ok
23:38:00.0194 0x1768 [ 42F4D353A2AC24F7112FB4D6BD2D4F7C, 0C079D79CEF0F878004B8B57E0C4A5AF3755F0FF30517C919E7AB166E82E406E ] C:\Windows\System32\gdi32.dll
23:38:00.0194 0x1768 C:\Windows\System32\gdi32.dll - ok
23:38:00.0196 0x1768 [ A4B86A08CEC7841895C817430CB76CE2, 1185171CDAB5373460EE225F5A2DBF7C89F5CFBEC19F2A02609F65241FFAD0DA ] C:\Windows\System32\clbcatq.dll
23:38:00.0196 0x1768 C:\Windows\System32\clbcatq.dll - ok
23:38:00.0198 0x1768 [ CFCDAAA210D62B277A2183F62FEE068F, 47450EAB0FBCBC24AEEBBAFB392D312B63DDF8F8D762ACB0C09F4143673EC284 ] C:\Windows\System32\rpcrt4.dll
23:38:00.0198 0x1768 C:\Windows\System32\rpcrt4.dll - ok
23:38:00.0200 0x1768 [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] C:\Windows\System32\drivers\usbvideo.sys
23:38:00.0200 0x1768 C:\Windows\System32\drivers\usbvideo.sys - ok
23:38:00.0202 0x1768 [ FC1F55BA03832FBB0DAF965F746C47BB, 9871EABD0BE909C6AD85375F8270A3622BB0BE243B4BBFA86D487D1F56D94F7C ] C:\Windows\System32\drivers\CtClsFlt.sys
23:38:00.0202 0x1768 C:\Windows\System32\drivers\CtClsFlt.sys - ok
23:38:00.0204 0x1768 [ 8D2DF744C20A8960C022BF71505D3B45, CF29FDDA58CD2A30EEDFC44E7E8D8D2C378330CC71930A0BB65652AE7AD76B8B ] C:\Windows\System32\cfgmgr32.dll
23:38:00.0204 0x1768 C:\Windows\System32\cfgmgr32.dll - ok
23:38:00.0206 0x1768 [ 980CDCBF3EDB80CA20921F2C88260406, 48CBFB7B8DB7A6B5F268D94D28D19711E93EE4E54415921AE233B66BEADAB9D0 ] C:\Windows\System32\comctl32.dll
23:38:00.0206 0x1768 C:\Windows\System32\comctl32.dll - ok
23:38:00.0208 0x1768 [ 6EFAF0D87291F9FBD7C0ED3BD56511AA, 039895A75791F7107B98428EAA797D240E1A160312DC841973F8D9D1DC4D30E8 ] C:\Windows\System32\crypt32.dll
23:38:00.0208 0x1768 C:\Windows\System32\crypt32.dll - ok
23:38:00.0210 0x1768 [ B0630FEE31D7A9B73E49A2F31CF61C1C, 4BF013BB13407F3450BB6354D2A5B31FD12BAD25A79BC362C9DC8E4BA056DCD2 ] C:\Windows\System32\KernelBase.dll
23:38:00.0210 0x1768 C:\Windows\System32\KernelBase.dll - ok
23:38:00.0212 0x1768 [ C430482AC892D52CED021EDDD4D368A2, C54C12EAC14F40BE3E7D7159F8876A664D00CA928000E25306071D28B52EA33A ] C:\Windows\System32\drivers\iBtFltCoex.sys
23:38:00.0212 0x1768 C:\Windows\System32\drivers\iBtFltCoex.sys - ok
23:38:00.0214 0x1768 [ 76D0DDD58A773CA1BFB4D30AAE03517A, E631CAAEEA5D1F632FF0A60F4466664A6FD9DA19F4A28A379294D8E6690ADAD9 ] C:\Windows\System32\drivers\btmhsf.sys
23:38:00.0214 0x1768 C:\Windows\System32\drivers\btmhsf.sys - ok
23:38:00.0216 0x1768 [ AB8CD3914AD779C15B27DDD9F53F7434, 6E9911C146A038192B95916387FA9D94D952BEFE158E6CBA44F1500A304221A3 ] C:\Windows\System32\drivers\bthport.sys
23:38:00.0216 0x1768 C:\Windows\System32\drivers\bthport.sys - ok
23:38:00.0218 0x1768 [ 23E75BED9076F856B36F5F934BBD5795, CCEB72B788522B7D52A6C07646005EBC68F9599D3714ECACF3A194CA47A1BE85 ] C:\Windows\System32\drivers\BTHUSB.SYS
23:38:00.0218 0x1768 C:\Windows\System32\drivers\BTHUSB.SYS - ok
23:38:00.0220 0x1768 [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] C:\Windows\System32\drivers\BthLEEnum.sys
23:38:00.0220 0x1768 C:\Windows\System32\drivers\BthLEEnum.sys - ok
23:38:00.0222 0x1768 [ 0527EF6E23B9FAB37DDCBC479C6CFA28, C004CE600074AC434F8B24A3383F8C0ACFA5476D9E3B1493B40911C78B028D64 ] C:\Windows\System32\drivers\rfcomm.sys
23:38:00.0222 0x1768 C:\Windows\System32\drivers\rfcomm.sys - ok
23:38:00.0225 0x1768 [ 131F1C8573E7BFB41C54FBF5309CCD94, DAFE51E3BADBD82A33B580F212B2D6520A120877C23F6D675521FEA2F4BA5A1F ] C:\Windows\System32\drivers\bthenum.sys
23:38:00.0225 0x1768 C:\Windows\System32\drivers\bthenum.sys - ok
23:38:00.0227 0x1768 [ 3AFE71D80EDF5D4DE0C5731352905669, 3E370169B8C5D301954D1F1DA302F7A0DB2A034990E10B3D64458C48E5693205 ] C:\Windows\System32\drivers\bthpan.sys
23:38:00.0227 0x1768 C:\Windows\System32\drivers\bthpan.sys - ok
23:38:00.0229 0x1768 [ DE871131FCFA31032A4F977D4152A446, 6342ECBA08B2D5C2BD7683098F5AB7E22C7091A2BCD4C176A427261F1DDB59BB ] C:\Windows\System32\wintrust.dll
23:38:00.0229 0x1768 C:\Windows\System32\wintrust.dll - ok
23:38:00.0231 0x1768 [ 7DA935827BC3F48AE146BA4B2755F1AD, BB5A9394BFCEAB681BDA3A32C9F5E6222BE4FA8D0D70BA9639FBA722F4D7B2C5 ] C:\Windows\System32\msasn1.dll
23:38:00.0231 0x1768 C:\Windows\System32\msasn1.dll - ok
23:38:00.0233 0x1768 [ 32F9650CD23F6F36706E9EA23ECCF484, 742C036C9018CCAE53719D50E3AAFDED2088C8EA67CE59595B7AA575BD116B06 ] C:\Windows\SysWOW64\lpk.dll
23:38:00.0233 0x1768 C:\Windows\SysWOW64\lpk.dll - ok
23:38:00.0235 0x1768 [ 00542019B2969529C5E9C68C83BD6F88, A5EA5B5DD71A05E16CA6E32622825D415FF1BEE2A9C5DA7F4B8A8065EDEAAE36 ] C:\Windows\SysWOW64\normaliz.dll
23:38:00.0235 0x1768 C:\Windows\SysWOW64\normaliz.dll - ok
23:38:00.0237 0x1768 [ 7FFB24B4A54B1ACD46CF6899D879CC9F, 7EBFADD2B35386226C69A21631A69FF82D66B855899C9B1CEE96987A3A64094D ] C:\Windows\System32\drivers\hidparse.sys
23:38:00.0237 0x1768 C:\Windows\System32\drivers\hidparse.sys - ok
23:38:00.0239 0x1768 [ 76BA56848B718C980FDEAE248EB32F1B, 448E79898A94A5F2D8FFAC0FA1A35D82B9495A910775D6F1D78AED4F10354A8E ] C:\Windows\System32\win32k.sys
23:38:00.0239 0x1768 C:\Windows\System32\win32k.sys - ok
23:38:00.0241 0x1768 [ 885901A37E73FA25F3F87A848BA8033F, 4335F74947E1C4FC8442E62D2BC61264D0019030F2F2D2E5D4D668548A411B01 ] C:\Windows\System32\csrsrv.dll
23:38:00.0241 0x1768 C:\Windows\System32\csrsrv.dll - ok
23:38:00.0243 0x1768 [ B2D3F07F5E8A13AF988A8B3C0A800880, CB41E9D0E8107AA9337DBD1C56F22461131AD0952A2472B4477E2649D16ECB15 ] C:\Windows\System32\csrss.exe
23:38:00.0243 0x1768 C:\Windows\System32\csrss.exe - ok
23:38:00.0245 0x1768 [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\Windows\System32\basesrv.dll
23:38:00.0246 0x1768 C:\Windows\System32\basesrv.dll - ok
23:38:00.0247 0x1768 [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\Windows\System32\winsrv.dll
23:38:00.0247 0x1768 C:\Windows\System32\winsrv.dll - ok
23:38:00.0249 0x1768 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] C:\Windows\System32\drivers\monitor.sys
23:38:00.0249 0x1768 C:\Windows\System32\drivers\monitor.sys - ok
23:38:00.0251 0x1768 [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\Windows\System32\sxssrv.dll
23:38:00.0251 0x1768 C:\Windows\System32\sxssrv.dll - ok
23:38:00.0253 0x1768 [ 8D3421127B05432B743719C239ABF80F, 51BB0D8B68FB8AD9CF47DFB452DA633670D0B0183B912F512E807D92D2255517 ] C:\Windows\System32\tsddd.dll
23:38:00.0253 0x1768 C:\Windows\System32\tsddd.dll - ok
23:38:00.0255 0x1768 [ 48CFA7BE561A7BE144C29BB912055016, 64BE1AFD9F55C2BD636914D1F808AD209C68BF97AA3D0B73568C2C1E48BE2800 ] C:\Windows\System32\wininit.exe
23:38:00.0255 0x1768 C:\Windows\System32\wininit.exe - ok
23:38:00.0257 0x1768 [ 14BEA911F78B44E47CBD18210E541A43, 49228F2B8757D7FD12011E86B963DCE177CE330EE208BE9528386A386983362C ] C:\Windows\System32\cdd.dll
23:38:00.0257 0x1768 C:\Windows\System32\cdd.dll - ok
23:38:00.0259 0x1768 [ A7B9FCF37B64E878310EC62E6DCB9059, 44B1DB4BBE1F054FDEA79C6F8B7A97B300E21304F28471E96132D23AD2F6DAB6 ] C:\Windows\System32\KBDUS.DLL
23:38:00.0259 0x1768 C:\Windows\System32\KBDUS.DLL - ok
23:38:00.0261 0x1768 [ 56B51C38689CFF64ECF63D4F459E6AE0, 2010E13F0331000417E3577E73D1D35AE23AFF61324BC1DD7348E21E28FD99FA ] C:\Windows\System32\nvinitx.dll
23:38:00.0261 0x1768 C:\Windows\System32\nvinitx.dll - ok
23:38:00.0263 0x1768 [ 8ED638461EFFCF584AF5A8C291A2F9DF, C8414D68E423D345212E90524897B781B944034C385123DED4ACA508FADDD11E ] C:\Windows\System32\profapi.dll
23:38:00.0263 0x1768 C:\Windows\System32\profapi.dll - ok
23:38:00.0266 0x1768 [ 55D0BC5BA19B1BA3A82F75A33828BCC0, D30254D004A13746377D1554961C11BF3B5D7F06E361993D6FF396741A281D31 ] C:\Windows\System32\wininitext.dll
23:38:00.0266 0x1768 C:\Windows\System32\wininitext.dll - ok
23:38:00.0268 0x1768 [ 306EB21E5B480AE9065EA55AC8C35936, 50088738F54E9F7903DBD3E3C97E72B049C96025CD539523062D4FB0DA61C612 ] C:\Windows\System32\winlogon.exe
23:38:00.0268 0x1768 C:\Windows\System32\winlogon.exe - ok
23:38:00.0270 0x1768 [ 833D2DE53608A1C5B9DD71C867718448, E2BF767339E66053270B269C4D30CAAC2A9695F1BB95031D6EEA6EA62F696211 ] C:\Windows\System32\powrprof.dll
23:38:00.0270 0x1768 C:\Windows\System32\powrprof.dll - ok
23:38:00.0272 0x1768 [ BC18914CB16B0A7BF5D103A65359FAE4, 3CFD06E3B377CA9E777C8D6C7E77B5CC914EC60D8EF8D7B50F0505F48834B4D9 ] C:\Windows\System32\WlS0WndH.dll
23:38:00.0272 0x1768 C:\Windows\System32\WlS0WndH.dll - ok
23:38:00.0274 0x1768 [ 04F8A9CC544B08634EC932E017434457, FFA322DAB1C2FB6C56EF413210CBC4DF0981D9CE301F67A67DE38DE7CCEFB17E ] C:\Windows\System32\winlogonext.dll
23:38:00.0274 0x1768 C:\Windows\System32\winlogonext.dll - ok
23:38:00.0276 0x1768 [ BCECD25BCFFE2FC4498374BF2E572DBE, E8DF45593BBD7D9387EE127DC9CDFCB9695723D0AC47F9A615CB7203ACC8F190 ] C:\Windows\System32\sxs.dll
23:38:00.0276 0x1768 C:\Windows\System32\sxs.dll - ok
23:38:00.0278 0x1768 [ B83B06508CADBC204B3DAEECC395A571, 10045637ABA4EF52F93602F5F78E8A50F2C2D9B2E646D0D0CC91E684C2AD1030 ] C:\Windows\System32\cryptbase.dll
23:38:00.0278 0x1768 C:\Windows\System32\cryptbase.dll - ok
23:38:00.0280 0x1768 [ A41455649982EE080BE5CA8A72153808, 2C86808D30875C83CBE7F1D34834349D5BD429DFBCA8BD17B7ED4E8E75735FF7 ] C:\Windows\System32\winsta.dll
23:38:00.0280 0x1768 C:\Windows\System32\winsta.dll - ok
23:38:00.0282 0x1768 [ CBFC4C292C125A86DA4D2BC831CD4634, D6EE5E0B1909C7D745BFB7FE0C72458B8C1A1487BF4144BC85ADD26100B91975 ] C:\Windows\System32\bcryptprimitives.dll
23:38:00.0282 0x1768 C:\Windows\System32\bcryptprimitives.dll - ok
23:38:00.0284 0x1768 [ B4B610BBCB002EC478C6FD80CF915697, CE22B87A7C7C0D325CE66FB97E7318B4A41EE0BD14D902A410126A1EBBEAA6FB ] C:\Windows\System32\services.exe
23:38:00.0284 0x1768 C:\Windows\System32\services.exe - ok
23:38:00.0286 0x1768 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] C:\Windows\System32\lsass.exe
23:38:00.0286 0x1768 C:\Windows\System32\lsass.exe - ok
23:38:00.0288 0x1768 [ 0D85B43A59FB7A63782F6A8969B5BB43, 8B6C5BDC6DCDFE3A060D5147AE2DA40CC47009160E9667A68701A83246A4850C ] C:\Windows\System32\sspisrv.dll
23:38:00.0288 0x1768 C:\Windows\System32\sspisrv.dll - ok
23:38:00.0290 0x1768 [ 540B29C770E4864C8FB5B6278526776E, B303C2B06F2C40F375C0309596B3079D26911BB59BFA85B2E1A68DD876C75FC8 ] C:\Windows\System32\lsasrv.dll
23:38:00.0290 0x1768 C:\Windows\System32\lsasrv.dll - ok
23:38:00.0292 0x1768 [ 652D7E7BC8D6A909480FF2BBD0E46210, 9871C9EBA42B9385A62C20AB23AE6A99ADB8D2043E85083454482075611AA510 ] C:\Windows\System32\sspicli.dll
23:38:00.0292 0x1768 C:\Windows\System32\sspicli.dll - ok
23:38:00.0295 0x1768 [ 7A5CCEC20CF6AA21FF7CC51C0AEBF648, 8D03F0573B0ACC1776A7BC85FA88EFB43AF7C9E3EC1EEAA4AD8EB3ABA3E797E5 ] C:\Windows\System32\dabapi.dll
23:38:00.0295 0x1768 C:\Windows\System32\dabapi.dll - ok
23:38:00.0297 0x1768 [ 1B0FCDBFDA0AD5DFCE2D99832BAAF5EC, 10C4613831A829680106468924A7C5DCB36B8A5A4F5A22EB3149D0C79A30920F ] C:\Windows\System32\scext.dll
23:38:00.0297 0x1768 C:\Windows\System32\scext.dll - ok
23:38:00.0299 0x1768 [ 61BAE7A83A8650CFC976E8242CE2E4DE, 4277EB563DCE5882D7BF0913082A02E5B6797EDF9CC35BF30951AB1CF1B47B99 ] C:\Windows\System32\EventAggregation.dll
23:38:00.0299 0x1768 C:\Windows\System32\EventAggregation.dll - ok
23:38:00.0302 0x1768 [ AA9973F611039A02C8D1F71A65F8C775, 2CFCE559BED5BE35B1970DF544E0606AF6559E02EF8381BA09270ED5FB8E1BF5 ] C:\Windows\System32\srvcli.dll
23:38:00.0302 0x1768 C:\Windows\System32\srvcli.dll - ok
23:38:00.0304 0x1768 [ 13E04B8546D3F0D9533DA880A3357F12, F38A7F63E7D0D4AD61A575E874FE20EDF6DF8CAEC683441D2CC02A17BF3EF409 ] C:\Windows\System32\SPInf.dll
23:38:00.0304 0x1768 C:\Windows\System32\SPInf.dll - ok
23:38:00.0306 0x1768 [ 59245D8023A7C5D192C2ED7A1BD80F36, 6537220FC5E1D58575E4041BEC5C16E7A17B9CC749A57A1BDAAAF5B9A770D1CD ] C:\Windows\System32\samsrv.dll
23:38:00.0306 0x1768 C:\Windows\System32\samsrv.dll - ok
23:38:00.0308 0x1768 [ F56ACDD6374CAFC64E8339D387CB70E4, 59DFA1C33BFBE53C73B6F384816B0BA95F7C39A028B3EC1E9830B6F4DB1EC880 ] C:\Windows\System32\bcrypt.dll
23:38:00.0308 0x1768 C:\Windows\System32\bcrypt.dll - ok
23:38:00.0310 0x1768 [ BED41BC388BAF9D31152E9B0B4F88360, 2017B8D8F6A240E2940D7EC4ED39340F3A2B75464E22A4DFDEB2A46F17AB75C6 ] C:\Windows\System32\ncrypt.dll
23:38:00.0310 0x1768 C:\Windows\System32\ncrypt.dll - ok
23:38:00.0312 0x1768 [ 5AF14A9AEB3092F4304F5E5EC4328B67, 27D3C53087A952882CEEB66F02684863478D7BE96609095966546DD16115B62D ] C:\Windows\System32\ntasn1.dll
23:38:00.0312 0x1768 C:\Windows\System32\ntasn1.dll - ok
23:38:00.0314 0x1768 [ FF6AE8D9D0F0264656DC55C7F60C1EE5, 0D2275B424D72207ADFBFBAC37A6D1FE4B410C953DA03178B8BA395025B915EE ] C:\Windows\System32\msprivs.dll
23:38:00.0314 0x1768 C:\Windows\System32\msprivs.dll - ok
23:38:00.0316 0x1768 [ EECF7FE667129D5B52B1CCD54CB9EEF2, D01B2FCBF400AD3250CBE5467F3B42BD1DEC319E9E4CD013A098DDABC83ACDE7 ] C:\Windows\System32\netjoin.dll
23:38:00.0316 0x1768 C:\Windows\System32\netjoin.dll - ok
23:38:00.0318 0x1768 [ 7D4665483FF800B8972E517748726AB6, 9F1DF7095B4A1038DD33F808426AAB246ABD5FC61B60EEC473C63E8C3286E97B ] C:\Windows\System32\negoexts.dll
23:38:00.0318 0x1768 C:\Windows\System32\negoexts.dll - ok
23:38:00.0320 0x1768 [ 853037685DDFA140E8386BA66A096BF8, 0CA7E08FDDB210F6F4DC423331D275220191F1664387450661F4B18605A1904F ] C:\Windows\System32\cryptdll.dll
23:38:00.0320 0x1768 C:\Windows\System32\cryptdll.dll - ok
23:38:00.0322 0x1768 [ 7CDB6060224CFAD4D5AC49FFC5414F41, 2FDFD85E7B25069B077DD089D8DEBCBE8BDC3B118758B4BB4B9BF960F9365AA2 ] C:\Windows\System32\kerberos.dll
23:38:00.0322 0x1768 C:\Windows\System32\kerberos.dll - ok
23:38:00.0324 0x1768 [ 51DA757F8E4B7FB3DCB14184304C9328, 40181110E080C5D3B370D4F04DF0AB759FDC63073177AB972F6E6297A8FFFEAA ] C:\Windows\System32\cryptsp.dll
23:38:00.0324 0x1768 C:\Windows\System32\cryptsp.dll - ok
23:38:00.0327 0x1768 [ 53DC027553EB54B3F84B07122DEEE0CC, F6DDCA5EA12E2E79BBD3A59991A66486D54C82FA94348FDA1B1E6B19BF22B2B8 ] C:\Windows\System32\msv1_0.dll
23:38:00.0327 0x1768 C:\Windows\System32\msv1_0.dll - ok
23:38:00.0329 0x1768 [ 896B307E803430F67EC772807F9CC023, 84EA5BAF8824631C28BFF0FEDF41A4B78F9C63E376D0CB01121177DF0D728397 ] C:\Windows\System32\mswsock.dll
23:38:00.0329 0x1768 C:\Windows\System32\mswsock.dll - ok
23:38:00.0330 0x1768 [ 2468C21E34C49E4735B4BA430D448E91, B750294EB5076D44B814E01425594D33A281B2ED218997B1AFC2C9047CC95EB3 ] C:\Windows\System32\netlogon.dll
23:38:00.0330 0x1768 C:\Windows\System32\netlogon.dll - ok
23:38:00.0332 0x1768 [ B7E51F949ED8C3A75C1D3121AF9A4B6C, 6472E85CDB4D0FD393BEEFF48A41781317180D224DFD114A359FA1AE2648C69E ] C:\Windows\System32\dnsapi.dll
23:38:00.0333 0x1768 C:\Windows\System32\dnsapi.dll - ok
23:38:00.0334 0x1768 [ 66385FE1DDCEA70EDFB25F57C8507D7B, A32A2D23E6AE228CCE37302DB78B461811CBA3A00096F3EA07900B8ACA4A6997 ] C:\Windows\System32\logoncli.dll
23:38:00.0334 0x1768 C:\Windows\System32\logoncli.dll - ok
23:38:00.0337 0x1768 [ 16E9AD0F7A34C4F071E40CDD76E7C86D, D3846459CCD934642EB797D26EB4DC7B56D9939B39C9771969F9D16E75547FEB ] C:\Windows\System32\userenv.dll
23:38:00.0337 0x1768 C:\Windows\System32\userenv.dll - ok
23:38:00.0338 0x1768 [ 40B10EAB69F4087C60DC21B5C92A4702, D73A9C7D32383BDF305E1B0D9DDEC01CE8CBCC6F867FE31697A01E02A0576891 ] C:\Windows\System32\TSpkg.dll
23:38:00.0338 0x1768 C:\Windows\System32\TSpkg.dll - ok
23:38:00.0341 0x1768 [ C51CF4D9DA57EA894967752090F6E2CF, 0040F439FAFD4DAA6DE1CE653CD79BFAB147C4BF6476BC85BC5BA8402A6632E8 ] C:\Windows\System32\pku2u.dll
23:38:00.0341 0x1768 C:\Windows\System32\pku2u.dll - ok
23:38:00.0343 0x1768 [ D617071B11C99CFE5C4BD0FD82C0609C, BA1107A301771E0060FAC32590FA4F126E271D1780F1C6E742FDBFD0F5F65875 ] C:\Windows\System32\livessp.dll
23:38:00.0343 0x1768 C:\Windows\System32\livessp.dll - ok
23:38:00.0345 0x1768 [ 4CB3F50D37FD6CF3282D018011FE6E87, FF95089CF9F00C0127DC32B9643BC09AD2D9891803A7873B18E77667C67F7BBD ] C:\Windows\System32\rsaenh.dll
23:38:00.0345 0x1768 C:\Windows\System32\rsaenh.dll - ok
23:38:00.0347 0x1768 [ 45E4A2FADA3579F6DC68F2A0998C3419, 804DC0E59DA78591D6598A0ED3125A8F4A04C84E85FBB55BDC05D2E859FD8121 ] C:\Windows\System32\wdigest.dll
23:38:00.0347 0x1768 C:\Windows\System32\wdigest.dll - ok
23:38:00.0349 0x1768 [ 8F8356461CE4BF9CFBC8C31A9B118237, 12138F60FDBE6E176ACD61EB5D96421977A49EDCBECAD63674828445DD3FECDF ] C:\Windows\System32\schannel.dll
23:38:00.0349 0x1768 C:\Windows\System32\schannel.dll - ok
23:38:00.0351 0x1768 [ 995F43F02C9C99A895A72AAF8310CFE1, F2920363861198AF90C084384F91C4CA20A1E00AF81268E93ABA74C482564D9C ] C:\Windows\System32\dpapisrv.dll
23:38:00.0351 0x1768 C:\Windows\System32\dpapisrv.dll - ok
23:38:00.0353 0x1768 [ 5EBAF77D01D75CAFEF78B47840C75569, 29E2CC1E434BB35698E90C3E78B68E774EF511108EF8EC5A1D500BBF0819123B ] C:\Windows\System32\efslsaext.dll
23:38:00.0353 0x1768 C:\Windows\System32\efslsaext.dll - ok
23:38:00.0355 0x1768 [ 700BB3365D04B1606A03FB1D6B19C138, F784DA339E5AE4F4C7CF73C4FC745F178FB8352D686567FE0FA1EE797D95CB4F ] C:\Windows\System32\credssp.dll
23:38:00.0355 0x1768 C:\Windows\System32\credssp.dll - ok
23:38:00.0357 0x1768 [ 1F1B8D07708E40E54C55B392C78ECCE2, 965AC70B88E49B832204BA3710F5798FEAC08BBB794A079CC32035C326AB57A4 ] C:\Windows\System32\scecli.dll
23:38:00.0357 0x1768 C:\Windows\System32\scecli.dll - ok
23:38:00.0359 0x1768 [ 7172D44ED18787964B43146863466672, E87A98746079081395AD9BA2E7C048C470A5265A03182C542A4B9CF5B36A07C9 ] C:\Windows\System32\scesrv.dll
23:38:00.0359 0x1768 C:\Windows\System32\scesrv.dll - ok
23:38:00.0361 0x1768 [ 1A74CE3B49A227D0189712D9886D7772, 75DD245EF26DBDD430E65A894D1DFB4F15674F208E812005049DFFD9528C45E3 ] C:\Windows\System32\authz.dll
23:38:00.0361 0x1768 C:\Windows\System32\authz.dll - ok
23:38:00.0363 0x1768 [ 296823744D624E98A46759AD58911FC3, DFB6E863CB492E76AC970FC94BDF7DD1500D319B5DB52B5A7BD8F977EEA07E6E ] C:\Windows\System32\netutils.dll
23:38:00.0363 0x1768 C:\Windows\System32\netutils.dll - ok
23:38:00.0365 0x1768 [ E4CA434F251681590D0538BC21C32D2F, 99E7587D1744BF62086FEB06A778CF3966199F1CC2DFB91FDA53A9166A2A3AEC ] C:\Windows\System32\svchost.exe
23:38:00.0365 0x1768 C:\Windows\System32\svchost.exe - ok
23:38:00.0367 0x1768 [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] C:\Windows\System32\umpnpmgr.dll
23:38:00.0367 0x1768 C:\Windows\System32\umpnpmgr.dll - ok
23:38:00.0369 0x1768 [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] C:\Windows\System32\umpo.dll
23:38:00.0369 0x1768 C:\Windows\System32\umpo.dll - ok
23:38:00.0371 0x1768 [ 45F36BBDFD50134488ECA96BB9231818, A02BAA2F6FA640E4FCE55A126EC983A03A406FE329134524D3BDDB6C1B32C7CF ] C:\Windows\System32\pcwum.dll
23:38:00.0371 0x1768 C:\Windows\System32\pcwum.dll - ok
23:38:00.0373 0x1768 [ 9FF64147DB9078337C15F41A6043C74F, 79ADBEE555855E9B27A30091632AB4EDECAD9E243CA7D533C437657FC329CCA6 ] C:\Windows\System32\umpoext.dll
23:38:00.0373 0x1768 C:\Windows\System32\umpoext.dll - ok
23:38:00.0375 0x1768 [ 2788CA31DD51CF747D9C94772CE93E02, F7D5684629A800B048FCC54265C0ADE4ED53E9475762E38B2821B431FE0BADC9 ] C:\Windows\System32\gpapi.dll
23:38:00.0375 0x1768 C:\Windows\System32\gpapi.dll - ok
23:38:00.0377 0x1768 [ 85936A752E6BBE740D9FCF156E1AC5E1, 45C71EB035AA246A6774DB784F01DEA73285909805CBA42FC4B9616D69ADB8A8 ] C:\Windows\System32\hid.dll
23:38:00.0377 0x1768 C:\Windows\System32\hid.dll - ok
23:38:00.0379 0x1768 [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] C:\Windows\System32\rpcss.dll
23:38:00.0379 0x1768 C:\Windows\System32\rpcss.dll - ok
23:38:00.0381 0x1768 [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] C:\Windows\System32\RpcEpMap.dll
23:38:00.0381 0x1768 C:\Windows\System32\RpcEpMap.dll - ok
23:38:00.0383 0x1768 [ 0D86DEB93CC1D2B32CAF658439350241, 77E04DA09A6B59BCAA04BC8B99F56EF2F8A9C18C3A030A93C2934A5DAFC3F10C ] C:\Windows\System32\RpcRtRemote.dll
23:38:00.0383 0x1768 C:\Windows\System32\RpcRtRemote.dll - ok
23:38:00.0385 0x1768 [ F2559A492AF8D653D1F47ADABA4C3E97, 77347915FB433023769699DFC9511F54E69C7FC7AB75F57FDC1A58E64A7126DE ] C:\Windows\System32\bisrv.dll
23:38:00.0385 0x1768 C:\Windows\System32\bisrv.dll - ok
23:38:00.0387 0x1768 [ E804E9734A493A01316F209BA99F1F48, 028741BA864F6F4AD473C53C1F6389F1EB304F1C11159575022EC3E41AD659DF ] C:\Windows\System32\psmsrv.dll
23:38:00.0387 0x1768 C:\Windows\System32\psmsrv.dll - ok
23:38:00.0389 0x1768 [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] C:\Windows\System32\lsm.dll
23:38:00.0389 0x1768 C:\Windows\System32\lsm.dll - ok
23:38:00.0391 0x1768 [ 3260D5308DD9AE069FE4881D65389A84, 22150707B4606964F9008A1734BD885D2824B2E1515D073729427049FA6B999C ] C:\Windows\System32\FirewallAPI.dll
23:38:00.0391 0x1768 C:\Windows\System32\FirewallAPI.dll - ok
23:38:00.0393 0x1768 [ 9A1175EF7B9E297FDC0ADD33783EF8FF, 0FC1A3942E0F3F1B5FBA09598247FCB073150D485B25C4784710904A392B6CCD ] C:\Windows\System32\sysntfy.dll
23:38:00.0393 0x1768 C:\Windows\System32\sysntfy.dll - ok
23:38:00.0395 0x1768 [ 5B19A3ED994EB972FBD99AC18D0AEA13, 5764DA74BB394013087AEFFD271C306207F98049B633352CB9F52C3805539826 ] C:\Windows\System32\devobj.dll
23:38:00.0395 0x1768 C:\Windows\System32\devobj.dll - ok
23:38:00.0397 0x1768 [ 48385DE15FCE72342DAC5A6AC518AB7E, 8AC37BB958AF4AAB07DAB261193BDAC4C914D1BC01FAB1639D00E8F92C7B1468 ] C:\Windows\System32\UXInit.dll
23:38:00.0397 0x1768 C:\Windows\System32\UXInit.dll - ok
23:38:00.0399 0x1768 [ E55B850489F154F85110AE3B436A40D6, BF783B6EEDED6DE52F3C3217EEBF3B43A8A1FA549EC182EC52915011CB83FE55 ] C:\Windows\System32\wmsgapi.dll
23:38:00.0399 0x1768 C:\Windows\System32\wmsgapi.dll - ok
23:38:00.0401 0x1768 [ 561A97E82FA0645CB786C19B8D442C31, 74671D2827E586C33C91B0B77268CE558F3B29CE11D9966EDFD73A7C0C58ACD6 ] C:\Windows\System32\uxtheme.dll
23:38:00.0401 0x1768 C:\Windows\System32\uxtheme.dll - ok
23:38:00.0403 0x1768 [ 92ABF534E992C61730C24F003BBE192A, 5F7D4A471A066B53460193B3D9FB7217B87ACDB342E4258404699424D36E9C8D ] C:\Windows\System32\dpapi.dll
23:38:00.0403 0x1768 C:\Windows\System32\dpapi.dll - ok
23:38:00.0405 0x1768 [ 0D50F3C3D50B878CEAE21B9BE3F6A638, BF0B1A5D4CEA656695FFB45D930F6ADD63519AEAE9F8AED21E4E50708FE5E84C ] C:\Windows\System32\kernel.appcore.dll
23:38:00.0405 0x1768 C:\Windows\System32\kernel.appcore.dll - ok
23:38:00.0407 0x1768 [ D65B1C952AEB864C2BAC7A770B17ECCE, 3EFAAFFF73390D9CB660E0F42B305512396CF66ED06E4A20ED67E8722FB4355B ] C:\Windows\System32\SystemEventsBrokerServer.dll
23:38:00.0407 0x1768 C:\Windows\System32\SystemEventsBrokerServer.dll - ok
23:38:00.0409 0x1768 [ CD45E3FE736150D45EFDC9145DA53757, 8E04D55117A6D44AF51528413DC0AAF347FD43580CB9FCA84F5928135A3B0FF3 ] C:\Windows\System32\bi.dll
23:38:00.0409 0x1768 C:\Windows\System32\bi.dll - ok
23:38:00.0411 0x1768 [ F5ED5BA1243201C5078764F916B0387E, 31285E78A6CEF4AC030A8765FC464BE666776A4721C45033E75F042FE5DE1C80 ] C:\Windows\System32\dab.dll
23:38:00.0411 0x1768 C:\Windows\System32\dab.dll - ok
23:38:00.0412 0x1768 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] C:\Windows\System32\drivers\luafv.sys
23:38:00.0412 0x1768 C:\Windows\System32\drivers\luafv.sys - ok
23:38:00.0415 0x1768 [ 1524579B894C9B99F42A695B86881254, F42AFBBD25B999D39526EAE376569BEE8ABE1E8AB74F308F3868563FAF652F15 ] C:\Windows\System32\apphelp.dll
23:38:00.0415 0x1768 C:\Windows\System32\apphelp.dll - ok
23:38:00.0416 0x1768 [ 2E3340A90140E1F0965DAD96C5B28A41, 4D4771F439A2D532C58A06F6DF81B4C4635E3FE438BDEC26173C0260B7267DB0 ] C:\Windows\System32\dwm.exe
23:38:00.0416 0x1768 C:\Windows\System32\dwm.exe - ok
23:38:00.0419 0x1768 [ 3710A8A7508B36AD96A97CE79E17403E, DD9807B58607825F1B4E13602B147B5FF6F3D72559136B718DB3B99D42D015F6 ] C:\Windows\System32\LogonUI.exe
23:38:00.0419 0x1768 C:\Windows\System32\LogonUI.exe - ok
23:38:00.0420 0x1768 [ 8C569B429D897647A26A83D9901D3225, 1C0634325661420E1A3E193463AA4CFBCDB763D68B1CE1CBD98B4E5ADD8070CE ] C:\Windows\System32\dwmredir.dll
23:38:00.0420 0x1768 C:\Windows\System32\dwmredir.dll - ok
23:38:00.0423 0x1768 [ FB50E60564ED30DDC855F0CE435C8467, C9A56D74F58739B8A069336FF5456FC5F3CE89371B8CFE8144B8D06A9C79C6AB ] C:\Windows\System32\nvvsvc.exe
23:38:00.0423 0x1768 C:\Windows\System32\nvvsvc.exe - ok
23:38:00.0425 0x1768 [ 8721643ED5447F245762DF0A976AB87A, 4208D723A105B22229C7502CBB6803C7A67F6BB1798D74F7EBE33BF58B177495 ] C:\Windows\System32\wtsapi32.dll
23:38:00.0425 0x1768 C:\Windows\System32\wtsapi32.dll - ok
23:38:00.0427 0x1768 [ 5886CF4473849179FC8D2831CD629340, E1E0803CB2FF2A1CBA2401D2E34C2287CCFDDD1D460D1792F3CF17B72C4C2380 ] C:\Windows\System32\dwmcore.dll
23:38:00.0427 0x1768 C:\Windows\System32\dwmcore.dll - ok
23:38:00.0429 0x1768 [ 6EF180C3695A4C1745F4A32E1D9EE8A9, AE1FC5F41607B561A2FC4C734541B1952EADF0DD4EBA0BEC9343EA1AFAE66184 ] C:\Windows\System32\authui.dll
23:38:00.0429 0x1768 C:\Windows\System32\authui.dll - ok
23:38:00.0431 0x1768 [ C253B8484DCABB3EBE6D60E67CADB373, 681D29A4A6DD428D2013C82D41E302BB72BAD501E8C3F5E2A8E113E34E138C92 ] C:\Windows\System32\dcomp.dll
23:38:00.0431 0x1768 C:\Windows\System32\dcomp.dll - ok
23:38:00.0433 0x1768 [ 5914E9132A6D61A6B73A0D3EC99B9997, 8BFA70A6512982AB0AE52EC2B9B4664439513C9315E63BCDE3ACFEFFF5758313 ] C:\Program Files\NVIDIA Corporation\coprocmanager\detoured.dll
23:38:00.0433 0x1768 C:\Program Files\NVIDIA Corporation\coprocmanager\detoured.dll - ok
23:38:00.0435 0x1768 [ CBE142AAF990CDA24CDEFF8FF3EBB201, 7188C5606E5CD23B45E5FE95B3374F17136B9AC022B9E7A78C613697A765E726 ] C:\Windows\System32\SHCore.dll
23:38:00.0435 0x1768 C:\Windows\System32\SHCore.dll - ok
23:38:00.0437 0x1768 [ 837F8649A2FE7880899711FAA25A2AE3, E178ABF12B4BF18DE71F7F5A69ED84CA737C30354EDFB5CAE68E222AC4307DCF ] C:\Windows\System32\dui70.dll
23:38:00.0437 0x1768 C:\Windows\System32\dui70.dll - ok
23:38:00.0439 0x1768 [ 8B0199094F3309D098B5A58EF1304C0C, 5EE38A1B41E99AE2B619F23E6B2EC3C94A934235F87D9704CC476B176D23E171 ] C:\Windows\System32\dwmapi.dll
23:38:00.0439 0x1768 C:\Windows\System32\dwmapi.dll - ok
23:38:00.0441 0x1768 [ A02FFD8FB0B253698E8642727AE0CADF, E448487EDACFF1E1DE4FED5D8C617E6B246D8E456DC700431D65500001068777 ] C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll
23:38:00.0441 0x1768 C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll - ok
23:38:00.0443 0x1768 [ F73AE30945F674DF57D2CBFD6397C85F, FEE953730CE8BDC20CE6216993D6E63F29A7F75AEAC4488D60A34DDE621D4726 ] C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
23:38:00.0443 0x1768 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe - ok
23:38:00.0445 0x1768 [ 9755E3606F7FAC7BF0F155503BC1B590, 382DFD2D8E0DFB8D1B729A309CFDA91DF97ECD1EB00E80B316A1E6020807F112 ] C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll
23:38:00.0445 0x1768 C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll - ok
23:38:00.0447 0x1768 [ 9860C19010CFB3F70DC6EDAEB1F1A5E2, 9551D542B1F9398C468157BA0633072BEB339EC0955D1088F0F909769B03DA86 ] C:\Windows\System32\wevtsvc.dll
23:38:00.0447 0x1768 C:\Windows\System32\wevtsvc.dll - ok
23:38:00.0449 0x1768 [ 6D0F9D62DE8D5991959D05A778870DDB, BA325D0628ADAED30F93B64E325BBD4D7CF6835058B8B26AE8B6F1FD015AEFD0 ] C:\Windows\System32\nvsvc64.dll
23:38:00.0449 0x1768 C:\Windows\System32\nvsvc64.dll - ok
23:38:00.0451 0x1768 [ 5FF3970FE7577088F1C01E6E6707598C, 5AD0FF53092F430C28CA4900F8ECBE892760439FFE7B038CDB29ADCDB5054BDE ] C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1\comctl32.dll
23:38:00.0451 0x1768 C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1\comctl32.dll - ok
23:38:00.0454 0x1768 [ C7FF829A4579738B750A822A2191FC4E, 15EDE893FC44CD7A0FD50B6294705ABE5296C3752BA8C090C98A97651A8701FD ] C:\Program Files\NVIDIA Corporation\coprocmanager\Nvd3d9wrapx.dll
23:38:00.0454 0x1768 C:\Program Files\NVIDIA Corporation\coprocmanager\Nvd3d9wrapx.dll - ok
23:38:00.0456 0x1768 [ DF51FDF09E5306B0582A7245E1906DB8, D16D5A8D6E45DCFCC7A5A79F7D10F0C7CDC65A52220DBC74278829615EADA8AD ] C:\Program Files\NVIDIA Corporation\coprocmanager\nvdxgiwrapx.dll
23:38:00.0456 0x1768 C:\Program Files\NVIDIA Corporation\coprocmanager\nvdxgiwrapx.dll - ok
23:38:00.0458 0x1768 [ B83C0950E4F89CE586C2D38BD50218C6, BE4DBAB4BA6D75C0BD3ECC8AEECAF3C40115B5294DCBDF7BBE7E382D92024072 ] C:\Windows\System32\WindowsCodecs.dll
23:38:00.0458 0x1768 C:\Windows\System32\WindowsCodecs.dll - ok
23:38:00.0460 0x1768 [ E475BEF9B460F4F678972F88C5FF50D2, 4437CA70280C5C41DF29B684AF2500D98FBBE28B225DF9C84428916BA0130B5F ] C:\Windows\System32\wmiclnt.dll
23:38:00.0460 0x1768 C:\Windows\System32\wmiclnt.dll - ok
23:38:00.0462 0x1768 [ 5CF2ACE68693A0AF652BF0AE6708235B, 5566E9B519E9EC743E990765A1D06B0A3CE6747EA1B08D0C23884ABE2B5435FB ] C:\Program Files\NVIDIA Corporation\Display\nvui.dll
23:38:00.0462 0x1768 C:\Program Files\NVIDIA Corporation\Display\nvui.dll - ok
23:38:00.0464 0x1768 [ 37A1B06AB3493CB276195B7358A6A805, E175ACF33F519E21AD85CF2917AF7671D05F4F12EB5888D4B6EA82A58D3490C9 ] C:\Windows\System32\avrt.dll
23:38:00.0464 0x1768 C:\Windows\System32\avrt.dll - ok
23:38:00.0466 0x1768 [ 5BCABCE516486337E39DDD005BCBB1CA, 6D04CF09BC3BA0B4917B30CBE11FEE0A4F6324BA6F177DB750AA02756B0A9FD4 ] C:\Windows\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.9600.17056_none_932f2645474c8242\GdiPlus.dll
23:38:00.0466 0x1768 C:\Windows\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.9600.17056_none_932f2645474c8242\GdiPlus.dll - ok
23:38:00.0468 0x1768 [ 3B03178E65E6903328644E329B24D8B2, 5B951EF351DB32E3E3623992231ECC8DAB34171E28304916C5359D4710278EDE ] C:\Windows\System32\version.dll
23:38:00.0468 0x1768 C:\Windows\System32\version.dll - ok
23:38:00.0470 0x1768 [ 6A5C1EA6E0B31B168FDE21A1FDC078C2, 7DB716456F61905F9D038FA0E518E9C416614A3F7ED990308BF6F899376FB8D2 ] C:\Windows\System32\msimg32.dll
23:38:00.0470 0x1768 C:\Windows\System32\msimg32.dll - ok
23:38:00.0472 0x1768 [ 92A481F0E8971A4FDF571A1E4406B3C7, B8C35E2CCF652A5C9F25EE88827E3A913D0CC8F9D3FEC8D235F3476551AC58CF ] C:\Windows\System32\winspool.drv
23:38:00.0472 0x1768 C:\Windows\System32\winspool.drv - ok
23:38:00.0475 0x1768 [ 8E5C2B32EE4166A3084B133183A00F2A, B94A122E537FFDED0622AF1E002037AC33AF634390CCC4755E663CC404168CCB ] C:\Windows\System32\d3d11.dll
23:38:00.0475 0x1768 C:\Windows\System32\d3d11.dll - ok
23:38:00.0477 0x1768 [ 88225B3D5685777AFAA1297FD612DF9A, AFB21EAC838C2F40DFF485C6AE0FD1018A932E86F45B811753EFBC77FA2E4441 ] C:\Windows\System32\dxgi.dll
23:38:00.0477 0x1768 C:\Windows\System32\dxgi.dll - ok
23:38:00.0479 0x1768 [ 58C11DCCC6241CC13861A559E31A69F0, 78B38BBC362C9209B06849CC79301EC595AFCE3E2BDE402A0B1F2725D3EDEFA3 ] C:\Windows\System32\gpsvc.dll
23:38:00.0479 0x1768 C:\Windows\System32\gpsvc.dll - ok
23:38:00.0481 0x1768 [ 835D33D2EF07743028475486D0BA5696, 763BAD8395CDC537DE7B4A821117218187CC669410DFDDFB95C6759F32EBBE4F ] C:\Windows\System32\wevtapi.dll
23:38:00.0481 0x1768 C:\Windows\System32\wevtapi.dll - ok
23:38:00.0483 0x1768 [ E5DFD54D2DAA70738F581D1AC74C09CD, A07F817EE75AA84A60290A4074DE059CA891E9E4932972531A1771BBA69A103E ] C:\Windows\System32\nlaapi.dll
23:38:00.0483 0x1768 C:\Windows\System32\nlaapi.dll - ok
23:38:00.0485 0x1768 [ C7DE2ECAECC66E5710304939622B4F0B, 859F696F673B9488E145BC09B6B81BE080CBB04C6142AFBA3BBB7D01879E5101 ] C:\Windows\System32\nvumdshimx.dll
23:38:00.0485 0x1768 C:\Windows\System32\nvumdshimx.dll - ok
23:38:00.0487 0x1768 [ 503AA3DD9125F1462399D6B175217C9C, BB761EBD9453AEC5603876B44036F90C961F2A1900675E2E060BDC5EDDE9CB89 ] C:\Windows\System32\mscms.dll
23:38:00.0487 0x1768 C:\Windows\System32\mscms.dll - ok
23:38:00.0489 0x1768 [ 6AA868B3C2A014AE76ECF53B667BF086, 51B4C02D0A48A98A3D5EF0E038BE423594A6349D5B1DDC36DE6706BA4EEF74A4 ] C:\Windows\System32\winmm.dll
23:38:00.0489 0x1768 C:\Windows\System32\winmm.dll - ok
23:38:00.0491 0x1768 [ F12D8EB9E944BEB0FB4C5E4F1336401B, 9C09CE3AFB8E19851DFB6A684A759A3067263AE018C34E2CCF1E5C1F4835DC4D ] C:\Windows\System32\winmmbase.dll
23:38:00.0491 0x1768 C:\Windows\System32\winmmbase.dll - ok
23:38:00.0493 0x1768 [ 4C66C21B6244A09DD671485D67D13DB9, 842FA6DBE0B32D23E74E0A0165752C583C45A13D507208772A5A5ECD60DB9866 ] C:\Windows\System32\duser.dll
23:38:00.0493 0x1768 C:\Windows\System32\duser.dll - ok
23:38:00.0495 0x1768 [ 28C9DE1421145049FF83BB018C89545D, 17026FA8184A3BFD27EC8911738C7580B9A3AEC5D26CD91C89B62A8DC8279041 ] C:\Windows\System32\nvapi64.dll
23:38:00.0495 0x1768 C:\Windows\System32\nvapi64.dll - ok
23:38:00.0497 0x1768 [ AB6ADF3E3B774A1CF3FA83DB1A4D45DF, DBFF2D43620EA3356C772B0A7F7FB6722D7AD4239FE818DAB42EC6937590A2A2 ] C:\Windows\System32\SndVolSSO.dll
23:38:00.0497 0x1768 C:\Windows\System32\SndVolSSO.dll - ok
23:38:00.0499 0x1768 [ 0341F92E52A8FF814671761179C103FB, 49037E34D4B572CAB85BBF29330D3DA188D1FBA65FA5E41728B47D1DD2206804 ] C:\Windows\System32\dsrole.dll
23:38:00.0499 0x1768 C:\Windows\System32\dsrole.dll - ok
23:38:00.0501 0x1768 [ 1169646AAD0239C23CCF9C46BA00B2D6, 1CD37D98AD15EB9BD161AC126DD663054449C0C9AF8280489C696B9787EA1D3C ] C:\Windows\System32\MMDevAPI.dll
23:38:00.0501 0x1768 C:\Windows\System32\MMDevAPI.dll - ok
23:38:00.0504 0x1768 [ B2A890D96C05E33FDD2BF3F3D4D0DF92, 3A29E17424429A5654D906E420D938148F09F57457356EFA72DA003B73F2D81E ] C:\Windows\System32\profsvc.dll
23:38:00.0504 0x1768 C:\Windows\System32\profsvc.dll - ok
23:38:00.0506 0x1768 [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] C:\Windows\System32\themeservice.dll
23:38:00.0506 0x1768 C:\Windows\System32\themeservice.dll - ok
23:38:00.0508 0x1768 [ A5F79CC03396AAC79F79C1368DA08A95, 5488DB19AADA6E711958A4FFF88AAE608DF27FCAF01058B5EC46AE76C9A10176 ] C:\Windows\System32\ntdsapi.dll
23:38:00.0508 0x1768 C:\Windows\System32\ntdsapi.dll - ok
23:38:00.0510 0x1768 [ C77D967840F17DED03DA4BA9D3C40FDB, 53A2FFFD3060E000537963B3CBF7D38BD296137011F88A83804E39AA0ACF980A ] C:\Windows\System32\profsvcext.dll
23:38:00.0510 0x1768 C:\Windows\System32\profsvcext.dll - ok
23:38:00.0512 0x1768 [ BA25717D6694B6C472129AD93893A03D, 28F38C38914E093CC7BDF720E358D9F9D8E518CA16CAF69A60CBB4807D2C672B ] C:\Windows\System32\netapi32.dll
23:38:00.0512 0x1768 C:\Windows\System32\netapi32.dll - ok
23:38:00.0514 0x1768 [ D60F99ECBFCE0C01BE4C5B06E09435DB, F45B7C70F23DF412E721FD50CF0197CA73A082A051B231C5D07929A346A07589 ] C:\Windows\System32\atl.dll
23:38:00.0514 0x1768 C:\Windows\System32\atl.dll - ok
23:38:00.0516 0x1768 [ F71E12EBA575EBD58B499BC7C39D0CD0, 47B384EAB195C13C07CC56CA9245CD90F2C27C846F5DB4C97D3466304A75CE70 ] C:\Windows\System32\wkscli.dll
23:38:00.0516 0x1768 C:\Windows\System32\wkscli.dll - ok
23:38:00.0518 0x1768 [ 389C4E97E3A498159B625A7A13EA4560, F493C5B5BC5353B13AED2B538DD947FA5E708E6D021E9F7830250F921F26B99A ] C:\Windows\System32\d3d10warp.dll
23:38:00.0518 0x1768 C:\Windows\System32\d3d10warp.dll - ok
23:38:00.0520 0x1768 [ 244816133458D6D4EC3BDD88B20814B6, 00435CB4F4E25BC1BFA74A140E1A8C5A928F3C1CEF4C6E7A76826DC481A6CDC9 ] C:\Windows\System32\igd10iumd64.dll
23:38:00.0520 0x1768 C:\Windows\System32\igd10iumd64.dll - ok
23:38:00.0522 0x1768 [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] C:\Windows\System32\es.dll
23:38:00.0522 0x1768 C:\Windows\System32\es.dll - ok
23:38:00.0524 0x1768 [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] C:\Windows\System32\Sens.dll
23:38:00.0524 0x1768 C:\Windows\System32\Sens.dll - ok
23:38:00.0526 0x1768 [ F83D49F4B10E813A1F9AC8B92F16592D, E7B2F508D33861A9826F2C7B2087F14F6937C9B8F660D6363F737BAC60BD4578 ] C:\Windows\System32\AudioEndpointBuilder.dll
23:38:00.0526 0x1768 C:\Windows\System32\AudioEndpointBuilder.dll - ok
23:38:00.0528 0x1768 [ B1C2856F8199A9386C22E8325BC34D87, 2BB32BCE899CA5D7E1EF40647B6C2ECB557F4E554DBB1D6E3CA9E2012CA081AD ] C:\Windows\System32\slc.dll
23:38:00.0528 0x1768 C:\Windows\System32\slc.dll - ok
23:38:00.0530 0x1768 [ C1D7228D5743995256A17D8225FDC704, B90360E706DECA71B418B2C1D61D99D47ACC26ECA94678035439C6EB902150DE ] C:\Windows\System32\sppc.dll
23:38:00.0530 0x1768 C:\Windows\System32\sppc.dll - ok
23:38:00.0532 0x1768 [ 3B85C2DC57230C3EA71E2AF88EEB9DEC, 6CEF9EF6A02321C5968AA4560C376569E242A03BD0E68E8BA8E1BB842BA0C9E0 ] C:\Windows\System32\BCP47Langs.dll
23:38:00.0532 0x1768 C:\Windows\System32\BCP47Langs.dll - ok
23:38:00.0534 0x1768 [ 906664AF9FCE80DD4FDA268A3506FF13, 8CE423F95352FA31A77703064DA96285D8FF0A6B6D4D955B2B58B99643EDAC12 ] C:\Windows\System32\DWrite.dll
23:38:00.0534 0x1768 C:\Windows\System32\DWrite.dll - ok
23:38:00.0536 0x1768 [ E521CCD352373B1825BEA80DEC2B7D97, CFA01810D4531A07BD9749DBCA34634DA749B846887315D26671CBA53B8D12A4 ] C:\Windows\System32\oleacc.dll
23:38:00.0536 0x1768 C:\Windows\System32\oleacc.dll - ok
23:38:00.0538 0x1768 [ 2898E39D1E0CB9074C18988A2F8B73D3, D397C26A4216603D369E136ABF6A8EF714FC23A7CAAB03B6AF1E37BC52BC7425 ] C:\Windows\System32\SmartcardCredentialProvider.dll
23:38:00.0538 0x1768 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
23:38:00.0540 0x1768 [ 183CA7699474FDE235853967D1DA4D9B, 8FBD5997F1E39AFFD8C4322520DF4D2227279B5149017D825C188D7411BA99AF ] C:\Windows\System32\FntCache.dll
23:38:00.0541 0x1768 C:\Windows\System32\FntCache.dll - ok
23:38:00.0543 0x1768 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] C:\Windows\System32\mmcss.dll
23:38:00.0543 0x1768 C:\Windows\System32\mmcss.dll - ok
23:38:00.0545 0x1768 [ 5E47B467A1CD51943C370BF781E1A4F1, 17B679389382129E6E1193F2FD3C236B5FA6EE8B5621219D54A859476116B8DD ] C:\Windows\System32\taskschd.dll
23:38:00.0545 0x1768 C:\Windows\System32\taskschd.dll - ok
23:38:00.0547 0x1768 [ D381B446466B468D27BF23A7A372D205, 833DABCC53EDE71667C7EE24AC63DB759D8B3DD878B034CEBDCEF1F2EF7BAE31 ] C:\Windows\System32\cngcredui.dll
23:38:00.0547 0x1768 C:\Windows\System32\cngcredui.dll - ok
23:38:00.0549 0x1768 [ 9A71BD2E4B8EB550D0022AFDF8616014, 34D595684624114F23265CE8031ADC9E03AD374A5AFEEBB794AC57796A3CDA2F ] C:\Windows\System32\audiosrv.dll
23:38:00.0549 0x1768 C:\Windows\System32\audiosrv.dll - ok
23:38:00.0551 0x1768 [ 766B12FB02BD1E5D0BBA9488E091EE6D, 1F4FCABB403200447D2D41184612A2FC4D645436BFAE2C05D4B96C2CC320CE1A ] C:\Windows\System32\BioCredProv.dll
23:38:00.0551 0x1768 C:\Windows\System32\BioCredProv.dll - ok
23:38:00.0553 0x1768 [ 8BDD004DC92D09CCD1F3922C59983019, 4471FD9A339D3AEB51BE33BC176E8BA10E5B3FC6E3C375C36FCC650D78D1C58E ] C:\Windows\System32\winbio.dll
23:38:00.0553 0x1768 C:\Windows\System32\winbio.dll - ok
23:38:00.0555 0x1768 [ A956CC9503FD75F2372A6B673E1C07B2, 334D9180357E6BF209C16BA680AB691B09DB36CF58EA4320DFC46946F6A9D94E ] C:\Windows\System32\UIAnimation.dll
23:38:00.0555 0x1768 C:\Windows\System32\UIAnimation.dll - ok
23:38:00.0557 0x1768 [ F3C88687207F4F75773D288A6D4B61F7, D71AA9E00EE120FF8659770776405B3F15EAA0FC39E0D5834DFD88A621F14361 ] C:\Windows\System32\certCredProvider.dll
23:38:00.0557 0x1768 C:\Windows\System32\certCredProvider.dll - ok
23:38:00.0559 0x1768 [ 119CE6CF93183EB144F5EA9A4A5A6AB3, A396903C90712CA8125D56AE690E36593EFEE6B7D9BE4B351CE36A3AD503FEA8 ] C:\Windows\System32\rasplap.dll
23:38:00.0559 0x1768 C:\Windows\System32\rasplap.dll - ok
23:38:00.0561 0x1768 [ 629152E8745B63E63978FD1848ABC7AE, 62C104E98908100535DF7888DF17B9AEEC675D799DDC6141D0761097C311D596 ] C:\Windows\System32\wlidcredprov.dll
23:38:00.0561 0x1768 C:\Windows\System32\wlidcredprov.dll - ok
23:38:00.0563 0x1768 [ 7C75BF2879AEAD311DAE25CB5F1A2C83, 9C25E41BADF1E2D216ADB29B75B8790AC4E4DFB1F631C416762FA2FCE52D1C1F ] C:\Windows\System32\rasapi32.dll
23:38:00.0563 0x1768 C:\Windows\System32\rasapi32.dll - ok
23:38:00.0565 0x1768 [ 950E87673E2AE1A536869BCC4E711D67, 1EE759FD810A3D199CF069454069D34522AE6AB332741E4F680CCF80A3AF9ED3 ] C:\Windows\System32\rtutils.dll
23:38:00.0565 0x1768 C:\Windows\System32\rtutils.dll - ok
23:38:00.0567 0x1768 [ 8420491FFA891600A88FD12F5059A54C, 7A8750A5827198168BC6B92E9CA3AD6CA1F4498764094302A7714B265DE84A58 ] C:\Windows\System32\ksuser.dll
23:38:00.0567 0x1768 C:\Windows\System32\ksuser.dll - ok
23:38:00.0569 0x1768 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] C:\Windows\System32\drivers\lltdio.sys
23:38:00.0569 0x1768 C:\Windows\System32\drivers\lltdio.sys - ok
23:38:00.0571 0x1768 [ B8C9BC3542EDA9DB99B95543555877BC, AA812707DCCAAF172C6348FF4EBB93375AE40D0CE478651FFB3C44682FED191A ] C:\Windows\System32\samlib.dll
23:38:00.0571 0x1768 C:\Windows\System32\samlib.dll - ok
23:38:00.0574 0x1768 [ C24F08828546972461FD53592E8831FA, E2E99D2E6209CBCBBDA670F0BCFAC92FC9B0CAA4E2C34DB536BC1E5D6D1FE4E0 ] C:\Windows\System32\igdusc64.dll
23:38:00.0574 0x1768 C:\Windows\System32\igdusc64.dll - ok
23:38:00.0576 0x1768 [ A883D96A736F19CD014C2AA8C3DD29F0, C7FA8483190277CB83C75EA302E7A0DD8CE956B1F7A8D459C6DFEA49993D69D4 ] C:\Windows\System32\nvsvcr.dll
23:38:00.0576 0x1768 C:\Windows\System32\nvsvcr.dll - ok
23:38:00.0578 0x1768 [ 647C7652FA19F98CADF2BFDA2164BFEC, 711A4A06309393922A70D7FBE5684938CD634F5DED158D847BFADDD5ACF9E44C ] C:\Windows\System32\drivers\nwifi.sys
23:38:00.0578 0x1768 C:\Windows\System32\drivers\nwifi.sys - ok
23:38:00.0580 0x1768 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] C:\Windows\System32\drivers\ndisuio.sys
23:38:00.0580 0x1768 C:\Windows\System32\drivers\ndisuio.sys - ok
23:38:00.0582 0x1768 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] C:\Windows\System32\drivers\rspndr.sys
23:38:00.0582 0x1768 C:\Windows\System32\drivers\rspndr.sys - ok
23:38:00.0584 0x1768 [ 0D12F606DE18A5739AF27F12A32C6A6E, 5F2231EDB58B3C81BC85CC94807D0DA4235034DD89C429EABE5DF540AA9100BC ] C:\Windows\System32\IPHLPAPI.DLL
23:38:00.0584 0x1768 C:\Windows\System32\IPHLPAPI.DLL - ok
23:38:00.0587 0x1768 [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] C:\Windows\System32\lmhsvc.dll
23:38:00.0587 0x1768 C:\Windows\System32\lmhsvc.dll - ok
23:38:00.0588 0x1768 [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] C:\Windows\System32\nsisvc.dll
23:38:00.0588 0x1768 C:\Windows\System32\nsisvc.dll - ok
23:38:00.0591 0x1768 [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] C:\Windows\System32\dnsrslvr.dll
23:38:00.0591 0x1768 C:\Windows\System32\dnsrslvr.dll - ok
23:38:00.0593 0x1768 [ DB9657253BD51C172B3262B9CD5463F3, DCD61909A2A875E721EDBF312A1814D00B49F868F169396767E9FD2FA177991C ] C:\Windows\System32\nrpsrv.dll
23:38:00.0593 0x1768 C:\Windows\System32\nrpsrv.dll - ok
23:38:00.0595 0x1768 [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] C:\Windows\System32\wcmsvc.dll
23:38:00.0595 0x1768 C:\Windows\System32\wcmsvc.dll - ok
23:38:00.0596 0x1768 [ FD9683552D97156E0C5B948BDABA2569, 5BB19966FAA3C5F786DBCC9F8416182BD865851906122AB84FF572E38AA8881F ] C:\Windows\System32\winnsi.dll
23:38:00.0596 0x1768 C:\Windows\System32\winnsi.dll - ok
23:38:00.0598 0x1768 [ 883B5FE0605EF11BCF90B0117AEBBA07, 24AB34D80E1D2A76A357C04C0CAEB730424C4288C522C9AF39112CFE2FFD3A49 ] C:\Windows\System32\wcmcsp.dll
23:38:00.0599 0x1768 C:\Windows\System32\wcmcsp.dll - ok
23:38:00.0600 0x1768 [ 5A917027826D759CC3238C7D3CEC3438, A8FFA28B6D8A314692AA08788FC9E2E0F03D8AD1FCD662826ABA71DB39C3605A ] C:\Windows\System32\wlansvc.dll
23:38:00.0600 0x1768 C:\Windows\System32\wlansvc.dll - ok
23:38:00.0602 0x1768 [ 8B107F55FD61654A6C9F1B819AEC5FC4, 773B1B9D3583F17B7C89BDE1EC4487ABB0AE039DF4583F8746460425443DA291 ] C:\Windows\System32\dhcpcore.dll
23:38:00.0603 0x1768 C:\Windows\System32\dhcpcore.dll - ok
23:38:00.0604 0x1768 [ 1946308C7FF73E4CD47579F34F9F6E1B, EE9FE65762D95F0694188801D8B1A8427763EA6DC46382E0AA5AFE7B3B5AF396 ] C:\Windows\System32\dhcpcore6.dll
23:38:00.0604 0x1768 C:\Windows\System32\dhcpcore6.dll - ok
23:38:00.0607 0x1768 [ 23F2B10A7EDF5E6A87CAE43129F83495, 69D7CBE9E3D47BC360D24132C4E0DDF47DA8FDFE7E9A32B4A446EBDEEBB847AE ] C:\Windows\System32\uDWM.dll
23:38:00.0607 0x1768 C:\Windows\System32\uDWM.dll - ok
23:38:00.0608 0x1768 [ 8D25DE2AC85BC807DC19D4DAF6AA6D27, CB6238AB8AC9DDDF7170511C6E512FF134E9E79831F58BCB670DE327F70D0AD8 ] C:\Windows\System32\dnsext.dll
23:38:00.0608 0x1768 C:\Windows\System32\dnsext.dll - ok
23:38:00.0610 0x1768 [ 5ABA673EF6433BE68AAE77AE5C5FAFAA, EDD85F776957D1FAB93F27F27A2D60924C423E3EA161A5258F27FABCC6B45CF3 ] C:\Windows\System32\FWPUCLNT.DLL
23:38:00.0611 0x1768 C:\Windows\System32\FWPUCLNT.DLL - ok
23:38:00.0612 0x1768 [ 3378C5241A1FE2F1D34BCC3ABC99F435, BE82C59E9CB0A7561401D956B97C2E4A9B383BB5CF00E5DC004633C031F35748 ] C:\Windows\System32\dhcpcsvc.dll
23:38:00.0612 0x1768 C:\Windows\System32\dhcpcsvc.dll - ok
23:38:00.0614 0x1768 [ D4CFAC89188EC0B887CFFCA7C80E495D, 2145D5DC03E79B361764F7281E2255318DA303B47E2D01BEC5E9E3D8DBFF586B ] C:\Windows\System32\dhcpcsvc6.dll
23:38:00.0614 0x1768 C:\Windows\System32\dhcpcsvc6.dll - ok
23:38:00.0616 0x1768 [ 9FB85E37238FEA836E5E6779A93DA461, 9CFBC92BB5C730AB194EC18A993640FD62F2FE3503D16B77C055242C7B84B800 ] C:\Windows\System32\rasman.dll
23:38:00.0616 0x1768 C:\Windows\System32\rasman.dll - ok
23:38:00.0618 0x1768 [ 61E9834E1CA04DB74F0053BD8AE67BFC, 5623E63A40CFA9913FA0B0F0DF2DEC2F621B96480D575C47B821AE0D4103BC53 ] C:\Windows\System32\winbrand.dll
23:38:00.0618 0x1768 C:\Windows\System32\winbrand.dll - ok
23:38:00.0620 0x1768 [ F14178562B63C54D3183839F77FB9542, DD71428F55398EBE94D40A45C562ED714E1557E2EF1DFD529404004793FB1854 ] C:\Windows\System32\wlanmsm.dll
23:38:00.0620 0x1768 C:\Windows\System32\wlanmsm.dll - ok
23:38:00.0622 0x1768 [ F5946BC89C6D350ADADDA9676DF28CF3, EA70848F403DE98A743C02D4020CEE31AAE01861A3EC6A4AE3CEA4DD971A3519 ] C:\Windows\System32\eappprxy.dll
23:38:00.0622 0x1768 C:\Windows\System32\eappprxy.dll - ok
23:38:00.0624 0x1768 [ 59C04629522B5815BF39F8A310FD2C81, 02096C293E4D6726DD944D1A1D66D2A41D0CDBE887809E8A30ABA95F53D289FA ] C:\Windows\System32\onex.dll
23:38:00.0624 0x1768 C:\Windows\System32\onex.dll - ok
23:38:00.0626 0x1768 [ FD786AFD9B85D65E5FD6B86944BB1D9A, 42DD479F9C843DA9CE6BD0DDD8B0C8FD1BDD6864EF82B9FB4CE3FAFA9D8C4BAB ] C:\Windows\System32\wlansec.dll
23:38:00.0626 0x1768 C:\Windows\System32\wlansec.dll - ok
23:38:00.0628 0x1768 [ 3B04158DE50AB283B3A5FB5E70C48FB4, 4C50337D26E7AA6523E74212195A4AE9EE9971CE87EA7A2E4FA653F97A6221B1 ] C:\Windows\System32\wlansvcpal.dll
23:38:00.0628 0x1768 C:\Windows\System32\wlansvcpal.dll - ok
23:38:00.0630 0x1768 [ 1B2CAD40A6FD2E9DC336F3A338293B29, 7CB8C03D1ED687940BE55520887574138F457BB379824C52CC86BBB052A034F7 ] C:\Windows\System32\msxml6.dll
23:38:00.0630 0x1768 C:\Windows\System32\msxml6.dll - ok
23:38:00.0632 0x1768 [ 1A96706BA38633F1A275DC81802B5DFA, 8D67E88ECA59B489002C8717D239991029F0F17CEDA1AAA28E051AACE0E0FCFE ] C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll
23:38:00.0633 0x1768 C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll - ok
23:38:00.0635 0x1768 [ 0DF0FA32C2841537B0610B4179320A3A, 0B998280F28072CDF99BD9DE23A98D04CB07F5B83E412D941004FA3A20E6830C ] C:\Windows\System32\TetheringIeProvider.dll
23:38:00.0635 0x1768 C:\Windows\System32\TetheringIeProvider.dll - ok
23:38:00.0637 0x1768 [ 77BA0D87906CC2D86588D89A75372EC7, 8CCBFDF6197D76594B59FBF31F438495FCC074341D1101E14ADBD753369F3859 ] C:\Windows\System32\WiFiDisplay.dll
23:38:00.0637 0x1768 C:\Windows\System32\WiFiDisplay.dll - ok
23:38:00.0639 0x1768 [ A9B68F20F1E6E62B189C7C4815EB42B9, 4437269065F51D7E5051A859FFA59456888C2356DAF641E767FFCA1A087B6A43 ] C:\Windows\System32\wlanapi.dll
23:38:00.0639 0x1768 C:\Windows\System32\wlanapi.dll - ok
23:38:00.0641 0x1768 [ 8DAE6957A4F0EC461575F68239E0A13E, DB788A4374618B111EAA052AB8FED6808F1426BE79FD5214A2A9751C6700216A ] C:\Windows\System32\l2gpstore.dll
23:38:00.0641 0x1768 C:\Windows\System32\l2gpstore.dll - ok
23:38:00.0643 0x1768 [ 938DC1C1D13682C01886F365E6682CA7, 87EF8750AA826B91033A4CF330796DF67760EF944A400579584DE0BE6B4867CA ] C:\Windows\System32\wlanhlp.dll
23:38:00.0643 0x1768 C:\Windows\System32\wlanhlp.dll - ok
23:38:00.0645 0x1768 [ 682C1B06C4E00A9DC995E4B2FD626CB2, 52B2820171D1A345EDB6FF61FA27D4B03F86ED91D9C0BC997F9820A5646B1ED2 ] C:\Windows\System32\wlgpclnt.dll
23:38:00.0645 0x1768 C:\Windows\System32\wlgpclnt.dll - ok
23:38:00.0647 0x1768 [ 4897A55EEBC1D3F6DFEB1CD94C241F48, A68C504A5BF10D4C4C082EA4E92EC4358B4E09E87FB8C49A16080ABB900C4523 ] C:\Windows\System32\SubscriptionMgr.dll
23:38:00.0647 0x1768 C:\Windows\System32\SubscriptionMgr.dll - ok
23:38:00.0649 0x1768 [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] C:\Windows\System32\shsvcs.dll
23:38:00.0649 0x1768 C:\Windows\System32\shsvcs.dll - ok
23:38:00.0651 0x1768 [ D790CBCB9C38320B4438D697AA33FF55, AA37C9135CBB4DB3F8F523FF485ABB3C71403AABA94A7078811E390E3B298328 ] C:\Windows\System32\fveapi.dll
23:38:00.0651 0x1768 C:\Windows\System32\fveapi.dll - ok
23:38:00.0653 0x1768 [ DD5DF99540AB97806DF63B1494C809A8, 754575FDD0A256527B970D8EF347E2BB9FF93612294FE0604B9349FDF5CC51C6 ] C:\Windows\System32\netcfgx.dll
23:38:00.0653 0x1768 C:\Windows\System32\netcfgx.dll - ok
23:38:00.0655 0x1768 [ 1547E5B7D2EF477D422EBE0FE58508CC, 3EC11F4414C6C856972D654DB2627037AAF37F010C81B6E4612C2035C6EDD5B7 ] C:\Windows\System32\AuthExt.dll
23:38:00.0655 0x1768 C:\Windows\System32\AuthExt.dll - ok
23:38:00.0657 0x1768 [ E797B1571003E524526F384CE5EE3555, BB54D70CDB29A82541131E1D83E4DE881A3BE28F9264193F8D2D4F0F50A45E99 ] C:\Windows\System32\propsys.dll
23:38:00.0657 0x1768 C:\Windows\System32\propsys.dll - ok
23:38:00.0659 0x1768 [ 0B48E0DFB44EE475F4FD8A8EE599AF30, 28271D4CA0C642304CD8826A3D514F44E3391F9D6D07A1595BB30CE65E7E3494 ] C:\Windows\System32\drivers\vwifimp.sys
23:38:00.0659 0x1768 C:\Windows\System32\drivers\vwifimp.sys - ok
23:38:00.0661 0x1768 [ 14CF2EAFCFA0BDC736BFDA130BD95EB2, F462FF5F64900F4069A55E58943FE9C9E9B25F3B0622922BA34BCB4ECC70562A ] C:\Windows\System32\bcd.dll
23:38:00.0661 0x1768 C:\Windows\System32\bcd.dll - ok
23:38:00.0662 0x1768 [ D50705D14E8C876A47FF14B999B4A6C3, 56D28EDB5F039F48DF1000FC7FB736556FF9A0A583D9A567F2533620F3A8FB96 ] C:\Windows\System32\fvecerts.dll
23:38:00.0662 0x1768 C:\Windows\System32\fvecerts.dll - ok
23:38:00.0664 0x1768 [ A95838FFFAEAA7500263D491575F7E0C, FEB79ECAE6D9AB0C29D9AFE12F60502A8357B3A382C0FACF4C6DA4852B6ECFA4 ] C:\Windows\System32\schedsvc.dll
23:38:00.0664 0x1768 C:\Windows\System32\schedsvc.dll - ok
23:38:00.0666 0x1768 [ E04863DDDA4D5386895D316B9A26958F, 326E1DC9AB3871F86A0DBAACEC1952A5018A0440269AF84EF9129C121440CC16 ] C:\Windows\System32\ktmw32.dll
23:38:00.0666 0x1768 C:\Windows\System32\ktmw32.dll - ok
23:38:00.0668 0x1768 [ 68CB2B575F0C67BB14590D1471285287, D3E8238CC5A63AEF556F3165F438745806A4827E627383CD0D48F09F3448EB20 ] C:\Windows\System32\ubpm.dll
23:38:00.0668 0x1768 C:\Windows\System32\ubpm.dll - ok
23:38:00.0670 0x1768 [ 9543FE667E9709640F1D9852BCF97A17, 3EF13E6A9E551AAF552A54CB2347CCD9C42099B941794F4AC9D2DFD9DFBBEEDC ] C:\Windows\System32\xmllite.dll
23:38:00.0670 0x1768 C:\Windows\System32\xmllite.dll - ok
23:38:00.0673 0x1768 [ 5B9290D5540BDC461500DB84FC3606F0, 5F7DD7581C21D107A933460085C126751DA535D01878C86D9159320194EF886E ] C:\Windows\System32\CSystemEventsBrokerClient.dll
23:38:00.0673 0x1768 C:\Windows\System32\CSystemEventsBrokerClient.dll - ok
23:38:00.0675 0x1768 [ 1E10B23560C34A90A0FA6ECD26E8565F, 497927962EE856AF72DA6C3DBFA2A5F99E0EE576BFB34F75FCDD7498F75B5BC0 ] C:\Windows\System32\ProximityService.dll
23:38:00.0675 0x1768 C:\Windows\System32\ProximityService.dll - ok
23:38:00.0678 0x1768 [ 02C6DF84328E271C3F844E477CB25169, 04A345135E7150A869AC1B410B138746D53A7BE0934B748EF0C73D36E71487AF ] C:\Windows\System32\ProximityServicePal.dll
23:38:00.0678 0x1768 C:\Windows\System32\ProximityServicePal.dll - ok
23:38:00.0680 0x1768 [ 02E72187BE9329E4D9255BC5AE6D8286, F5CAF4A710052559715D2E7FBF6A6D04A83BFB31B76F8D7A758295936543E74A ] C:\Windows\System32\ProximityCommon.dll
23:38:00.0680 0x1768 C:\Windows\System32\ProximityCommon.dll - ok
23:38:00.0682 0x1768 [ 1EE65FEAA57FBC2050AE153D07C8DC3F, 5B3878780D3B3EE4EDA0B880E7D41949CB1D3C69937ACC56B8CDCA17014CF111 ] C:\Windows\System32\ProximityCommonPal.dll
23:38:00.0682 0x1768 C:\Windows\System32\ProximityCommonPal.dll - ok
23:38:00.0684 0x1768 [ EC2DB85DD72A3506D60B428A36F5E27E, 1E3DD6DD0DF3737E0207569A11F3AC9CDEB0A2D13EF4737E69F526EF1A00D91B ] C:\Windows\System32\NetworkStatus.dll
23:38:00.0684 0x1768 C:\Windows\System32\NetworkStatus.dll - ok
23:38:00.0686 0x1768 [ 68DEABD4CB0CF3920D3B6CCAA36173BC, C87F86DE3E366975919D2A5722E9942F643D9B81185E06B49968D3A7BD1D76C0 ] C:\Windows\System32\taskcomp.dll
23:38:00.0686 0x1768 C:\Windows\System32\taskcomp.dll - ok
23:38:00.0688 0x1768 [ 5D9B166EFBA673C8221C5C97CCFB5BFE, 63F99158CB660FD4BC838B12DE1F4C2F3DAE43AF88EBC68FE73A43B62AF8D257 ] C:\Windows\System32\wcmapi.dll
23:38:00.0688 0x1768 C:\Windows\System32\wcmapi.dll - ok
23:38:00.0690 0x1768 [ 1CE1F2BBF92DF79CF8638FDA04DB4F10, FBE8183204175B892DF543A0CC9296FE91C281E818CE9C343C6B16F4E6BEA006 ] C:\Windows\System32\shacct.dll
23:38:00.0690 0x1768 C:\Windows\System32\shacct.dll - ok
23:38:00.0692 0x1768 [ 053472337FDD116BD010C88DB0C34DF1, 970D80D6C67A9D66AF03D1223AE663C205484232C22A482584C55AB1E1BC49D4 ] C:\Windows\System32\d2d1.dll
23:38:00.0692 0x1768 C:\Windows\System32\d2d1.dll - ok
23:38:00.0694 0x1768 [ 070B4DE2729515E9F22E4AAFD7B2497C, 1353572251F10FAA92B586D5B483BD3684B86AA2292EF0D180B2E84910914624 ] C:\Windows\System32\ntmarta.dll
23:38:00.0694 0x1768 C:\Windows\System32\ntmarta.dll - ok
23:38:00.0696 0x1768 [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] C:\Windows\System32\drivers\http.sys
23:38:00.0696 0x1768 C:\Windows\System32\drivers\http.sys - ok
23:38:00.0698 0x1768 [ FE0CB40F36D3FCDD3A1B312EF72C38D5, 42EA50869752164764DFE8CE7E1C247BE8342A0C15F39158DC808E8A692C460F ] C:\Windows\System32\spoolsv.exe
23:38:00.0698 0x1768 C:\Windows\System32\spoolsv.exe - ok
23:38:00.0700 0x1768 [ BBE15881FE11BE37112F8320C41DAFB9, 5CE92563628812FF6E00556D8E2DAD6ADCAAF0F4C3B90123F1D98ED6E3BB6DAD ] C:\Windows\System32\BFE.DLL
23:38:00.0700 0x1768 C:\Windows\System32\BFE.DLL - ok
23:38:00.0702 0x1768 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] C:\Windows\System32\drivers\bowser.sys
23:38:00.0702 0x1768 C:\Windows\System32\drivers\bowser.sys - ok
23:38:00.0704 0x1768 [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] C:\Windows\System32\drivers\mpsdrv.sys
23:38:00.0704 0x1768 C:\Windows\System32\drivers\mpsdrv.sys - ok
23:38:00.0707 0x1768 [ C997E6A37BA8915224B3FB5024A34F69, 43E1B83072DF9E878151D276DDB6EB7B3801D72494C43E9B9ABECA4B2DCFD606 ] C:\Windows\System32\drivers\mrxsmb.sys
23:38:00.0707 0x1768 C:\Windows\System32\drivers\mrxsmb.sys - ok
23:38:00.0709 0x1768 [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] C:\Windows\System32\MPSSVC.dll
23:38:00.0709 0x1768 C:\Windows\System32\MPSSVC.dll - ok
23:38:00.0711 0x1768 [ AAF56E4E84D35411B4E446C445732DFE, 7AC41CAA0842AE4DA4EEF976202C58D7923DAA367F0D7E800D432323D5E7DE1A ] C:\Windows\System32\drivers\mrxsmb20.sys
23:38:00.0711 0x1768 C:\Windows\System32\drivers\mrxsmb20.sys - ok
23:38:00.0712 0x1768 [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] C:\Windows\System32\wkssvc.dll
23:38:00.0712 0x1768 C:\Windows\System32\wkssvc.dll - ok
23:38:00.0715 0x1768 [ 8CF4AE81A247E1F6103FD1635C8816AF, 7C4CF85F036C404F8D3D09AE1EF01C0B3FE6FC68D60495CBB4A272A743261F0E ] C:\Windows\System32\InputSwitch.dll
23:38:00.0715 0x1768 C:\Windows\System32\InputSwitch.dll - ok
23:38:00.0716 0x1768 [ 9B95FCB49595A869F27034916382FE57, C9C98C5837D4562CF706B96C4B25AD264E3CA65BD442090F6093C235E1B7AE5E ] C:\Windows\System32\adhapi.dll
23:38:00.0716 0x1768 C:\Windows\System32\adhapi.dll - ok
23:38:00.0719 0x1768 [ 11C2A9D3D34632FC17EF8B3411AA972B, 279261AF81308E7A256EC7A0F5E6511218697EA451425020AAF6DA459172BD0A ] C:\Windows\System32\Windows.UI.Immersive.dll
23:38:00.0719 0x1768 C:\Windows\System32\Windows.UI.Immersive.dll - ok
23:38:00.0720 0x1768 [ F22BC2C1BD805F874540B7595F0C804D, C4AF63DC87DA9CC642C6E4942B77C081625FB4C1D7C3D5E7228DC4704E38643D ] C:\Windows\System32\IDStore.dll
23:38:00.0720 0x1768 C:\Windows\System32\IDStore.dll - ok
23:38:00.0723 0x1768 [ 9DF590DEA96B6756CF8D73C2525797BE, 3FDF4B8794C800CD6586310A85A46F78AA0130E10712BF72CE442BC7C23715A0 ] C:\Windows\System32\wfapigp.dll
23:38:00.0723 0x1768 C:\Windows\System32\wfapigp.dll - ok
23:38:00.0725 0x1768 [ 5EC234995AFB7356A8B1A22C9244F243, 28B890FD933638C110DD227CABA929795DA148964E3D7201A10E1B4DD48F3B85 ] C:\Windows\System32\wuaext.dll
23:38:00.0725 0x1768 C:\Windows\System32\wuaext.dll - ok
23:38:00.0727 0x1768 [ 46E0F92B51247ECCE5A837D613517182, CC45C388704E0D55C559AF9C79605B60820CA0A40B758B2B85B0D87CBD0D8845 ] C:\Windows\System32\samcli.dll
23:38:00.0727 0x1768 C:\Windows\System32\samcli.dll - ok
23:38:00.0729 0x1768 [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] C:\Windows\System32\wbiosrvc.dll
23:38:00.0729 0x1768 C:\Windows\System32\wbiosrvc.dll - ok
23:38:00.0731 0x1768 [ 1E7B61301E75B734BC2D60DB0E15183B, 18A06552FFBD9960061B8CC9D22186B694114026BDCD04E50FD30B812452C714 ] C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
23:38:00.0731 0x1768 C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe - ok
23:38:00.0733 0x1768 [ CB0B95F5FB3F70FCDD9277EC4A1AF9C7, DE835E5D218E2CC377BDE327328DFD189009374F1478BE20D514D01554F2DABB ] C:\Program Files\Trend Micro\AMSP\utilDebugLog.dll
23:38:00.0733 0x1768 C:\Program Files\Trend Micro\AMSP\utilDebugLog.dll - ok
23:38:00.0735 0x1768 [ BE399977E4EDAD96977E552D9A449097, 64AF8D46FAC8C8CB1D801380562E9668D8916B51DAC0027F361B64B8BC95385A ] C:\Program Files\Trend Micro\AMSP\utilGenericLoader.dll
23:38:00.0735 0x1768 C:\Program Files\Trend Micro\AMSP\utilGenericLoader.dll - ok
23:38:00.0737 0x1768 [ F3FA3ED4DD8FC618E9667F4910298D67, C22517501E5E45FAB366579F14A489569D8225C5808B78392BBCB6ABAD4E7E74 ] C:\Program Files\Trend Micro\AMSP\utilInstallation.dll
23:38:00.0737 0x1768 C:\Program Files\Trend Micro\AMSP\utilInstallation.dll - ok
23:38:00.0739 0x1768 [ 3711306C8D1A859351D735D93090C1C0, 4FFFCB8BBDE656C5078BA890F0468556C4481FB21A1DA30803DB14461C234164 ] C:\Windows\System32\taskhost.exe
23:38:00.0739 0x1768 C:\Windows\System32\taskhost.exe - ok
23:38:00.0741 0x1768 [ 1E8C23B0C11090FFCB42679289855451, 908CBC925255162AFB3AF7FA2690FCD5A17E703D7CCA4C07CA78AA794DEB9155 ] C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.8428_none_88dcdb0b2fb19957\msvcp80.dll
23:38:00.0741 0x1768 C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.8428_none_88dcdb0b2fb19957\msvcp80.dll - ok
23:38:00.0743 0x1768 [ 1B7F53CBD0429CC3EE15A545F5E2BF62, B2C58878E532E806F084D81191C310C5858C9D2732CAFB889EAE11864D5961F3 ] C:\Windows\System32\MrmCoreR.dll
23:38:00.0744 0x1768 C:\Windows\System32\MrmCoreR.dll - ok
23:38:00.0746 0x1768 [ 03CC7C6D00212DF6D6CB5C93432410ED, C8ED6DAB3F69A4993AD41E40742E6ECBB848CFC3D3817CFEAEEFE99BDA50AB3F ] C:\Windows\System32\UIAutomationCore.dll
23:38:00.0746 0x1768 C:\Windows\System32\UIAutomationCore.dll - ok
23:38:00.0748 0x1768 [ 1CD1B2F038D2697EA7AA7127551ED429, 60AA0E874929ED13E305FB51345C48AE0058C0DDC900F0007B7CAC8AD9FBA88F ] C:\Windows\System32\wlidres.dll
23:38:00.0748 0x1768 C:\Windows\System32\wlidres.dll - ok
23:38:00.0750 0x1768 [ 7A001F5336992791865549450D606D41, D018CDD5EB103B9290F1F857E760A6F7419F9EB731624D9099E48265C11ACB7B ] C:\Windows\System32\urlmon.dll
23:38:00.0750 0x1768 C:\Windows\System32\urlmon.dll - ok
23:38:00.0752 0x1768 [ 0FDB2D284B0DEA2FAFFB7577A72D343F, 7F353D352749890ED9D965D74E4B53A6569A9E25F54FAE30A166786E6D9D3455 ] C:\Windows\System32\iertutil.dll
23:38:00.0752 0x1768 C:\Windows\System32\iertutil.dll - ok
23:38:00.0754 0x1768 [ 65C36A29A131A3A5D64B29FAC4EF6DD6, 5AC018A2A5F931054DA7EA655023C325E7282AEAFA244A75D1137697366D9905 ] C:\Windows\System32\wininet.dll
23:38:00.0754 0x1768 C:\Windows\System32\wininet.dll - ok
23:38:00.0756 0x1768 [ D2D08C4A5EAFE12CEF7D48BC5A3CCED5, 276BB4F7E61C09EEA128B9A1E42FFDA5193C549E49C630E45A5581FD43814F25 ] C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.8428_none_88dcdb0b2fb19957\msvcr80.dll
23:38:00.0756 0x1768 C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.8428_none_88dcdb0b2fb19957\msvcr80.dll - ok
23:38:00.0759 0x1768 [ 872B28B559AB214346D31A9A5AAF8381, 271FE3C76FDA2CBDD31734078BC40A7D0D8E8B697930A878C1A2DC543224D05E ] C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_49.dll
23:38:00.0759 0x1768 C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_49.dll - ok
23:38:00.0761 0x1768 [ 0FCD79A682AFF4957ECBC017FF085841, 6BD448C59B77A94534EE6B420A2C5488EDF359A15E23A8B897A6AD375AB8050A ] C:\Program Files\Trend Micro\AMSP\utilComponentInfo.dll
23:38:00.0761 0x1768 C:\Program Files\Trend Micro\AMSP\utilComponentInfo.dll - ok
23:38:00.0763 0x1768 [ 059D36ABEC9F2D3F677B8EA9240405CD, B4CD58747DBA0E9C1C22DDFB049302662D7875C6ABF04DA76565FCDFE5AA82C3 ] C:\Windows\System32\batmeter.dll
23:38:00.0763 0x1768 C:\Windows\System32\batmeter.dll - ok
23:38:00.0765 0x1768 [ BA247631B40720DAEA89BEFAA4632EB6, D18B009631F89A350B9BA81B11EE49AADF9295E7CDC6B15EE61983A935551A64 ] C:\Windows\System32\PhotoMetadataHandler.dll
23:38:00.0765 0x1768 C:\Windows\System32\PhotoMetadataHandler.dll - ok
23:38:00.0767 0x1768 [ 6BB64E7787DD119CE02A26B1F3393C6A, E0AFFC08AFAC46BBD97F93A09034E6405F4DA8232949D341A4E563D122D87CC2 ] C:\Program Files\Trend Micro\AMSP\utilThread.dll
23:38:00.0767 0x1768 C:\Program Files\Trend Micro\AMSP\utilThread.dll - ok
23:38:00.0769 0x1768 [ DF61F49C9D61E00D38B4818A148777F0, 873A089F34D14ADA5EF55B580A0681B194BA33E05447643C7761809747BDBE39 ] C:\Program Files\Trend Micro\AMSP\utilMsgBuffer.dll
23:38:00.0769 0x1768 C:\Program Files\Trend Micro\AMSP\utilMsgBuffer.dll - ok
23:38:00.0771 0x1768 [ 865E3C79BB0DB64D4AB2F6BA8FF5BD2C, 4CD5500CAB1DE72F5D2E6032D7CFB0CC90166F45D1F20309FE907122DAE00813 ] C:\Windows\System32\Windows.Globalization.dll
23:38:00.0771 0x1768 C:\Windows\System32\Windows.Globalization.dll - ok
23:38:00.0773 0x1768 [ 398990EFC34218C3B6C4E6384502083B, CA1E756F89551B740465B01ACB2F41881CFC7BECA280299E7B78AB1A455F6DD7 ] C:\Windows\System32\msftedit.dll
23:38:00.0773 0x1768 C:\Windows\System32\msftedit.dll - ok
23:38:00.0775 0x1768 [ BA0655E1856A16A14C9BC1FB27B111B9, 974BA0A5ABD08F2579B4A28DE5A8579641B4B3E40EFDFFAA3A0DD733AADE3D01 ] C:\Windows\System32\TpmTasks.dll
23:38:00.0775 0x1768 C:\Windows\System32\TpmTasks.dll - ok
23:38:00.0777 0x1768 [ F77C9F8A5F926CC77B41C45DB5ACAA26, F95C184A4F7330A47AE1F185BB200E5EF4B3C279CE5DB64E5B47E0045DBE1633 ] C:\Windows\System32\aepic.dll
23:38:00.0777 0x1768 C:\Windows\System32\aepic.dll - ok
23:38:00.0779 0x1768 [ D1A3B6C2F8F39EC7F75D03740A8112A1, CE3EC47954CCC70F78A4E49F8A585CC64B04A2B725A310034571902B663FEBED ] C:\Windows\System32\tbs.dll
23:38:00.0779 0x1768 C:\Windows\System32\tbs.dll - ok
23:38:00.0781 0x1768 [ 770D71782A90BE9C48C4310C5C35E25B, 00B9E8B04786D1E93A78F42896023AF2095D69ED70A56042B6C98EB531778779 ] C:\Windows\System32\sfc_os.dll
23:38:00.0781 0x1768 C:\Windows\System32\sfc_os.dll - ok
23:38:00.0783 0x1768 [ 7A1BAB2BDCF59A506588DDF58ED43E21, C7191778058E0CE498E6B21ADEA8A6928AE8B8669B2F00AB639728538ADDDA64 ] C:\Windows\System32\globinputhost.dll
23:38:00.0783 0x1768 C:\Windows\System32\globinputhost.dll - ok
23:38:00.0785 0x1768 [ ED3387CE1F9F848A3F3BAA3FCE86E315, 044706F8EFBF67CEE73FB5B406CC17815C3681B7859E8EDB59F80D3F8ADB019D ] C:\Windows\System32\ninput.dll
23:38:00.0785 0x1768 C:\Windows\System32\ninput.dll - ok
23:38:00.0787 0x1768 [ C7DFBE21051D5E44B479CBF74B968335, BF0759D9DF2DB1A7F8C39FCD8BB3BF742259B8CC47BA02F5214F4B44477FDCDC ] C:\Windows\System32\dbghelp.dll
23:38:00.0787 0x1768 C:\Windows\System32\dbghelp.dll - ok
23:38:00.0789 0x1768 [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] C:\Windows\System32\cryptsvc.dll
23:38:00.0789 0x1768 C:\Windows\System32\cryptsvc.dll - ok
23:38:00.0791 0x1768 [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] C:\Windows\System32\das.dll
23:38:00.0791 0x1768 C:\Windows\System32\das.dll - ok
23:38:00.0793 0x1768 [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] C:\Windows\System32\dps.dll
23:38:00.0793 0x1768 C:\Windows\System32\dps.dll - ok
23:38:00.0795 0x1768 [ 76B7BB05C1BCC11C69162FB7C2CE8901, 7BE750CD2AE40A6632E9FEFC973B8AD66B1D31B19902D53851F4A1F5AF1037F9 ] C:\Windows\System32\dasHost.exe
23:38:00.0795 0x1768 C:\Windows\System32\dasHost.exe - ok
23:38:00.0797 0x1768 [ C5D4CB415B66955CFEF7E524B6053FF5, CFF74A07B662B5706A13F013BE37AFF36F6609264AF995377E78ABF82789BAB5 ] C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
23:38:00.0797 0x1768 C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe - ok
23:38:00.0799 0x1768 [ CDDF0C2CDCA1CC659517E24F1EA85798, 7720E2D69918416914E589EE0B6E9C6E81E732D5D9DF6BA53B644E483F7398ED ] C:\Program Files\Trend Micro\AMSP\utilRollback.exe
23:38:00.0799 0x1768 C:\Program Files\Trend Micro\AMSP\utilRollback.exe - ok
23:38:00.0801 0x1768 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] C:\Windows\System32\drivers\condrv.sys
23:38:00.0801 0x1768 C:\Windows\System32\drivers\condrv.sys - ok
23:38:00.0803 0x1768 [ 6AB51A84C2400F1346CCD6B65766DDCD, EA4871C90E4026618A1415F394367599C5E005D33EBD590B6C8409BCC3DD01B7 ] C:\Windows\System32\cryptcatsvc.dll
23:38:00.0803 0x1768 C:\Windows\System32\cryptcatsvc.dll - ok
23:38:00.0805 0x1768 [ ED8901D9AF4023CAD4738D3A4DF9645B, 487DE071FAC1ACB1421DF9F3C770315795BC69031AA40ABB66627574110214C7 ] C:\Windows\System32\crypttpmeksvc.dll
23:38:00.0806 0x1768 C:\Windows\System32\crypttpmeksvc.dll - ok
23:38:00.0808 0x1768 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] C:\Program Files\Intel\iCLS Client\HeciServer.exe
23:38:00.0808 0x1768 C:\Program Files\Intel\iCLS Client\HeciServer.exe - ok
23:38:00.0810 0x1768 [ 8FA4755F3BA513F4BAE0A2AF1BE8C5F7, 39748E6B58142793F44DDC89A0F3130022533D4BF38832B8D118915788C24461 ] C:\Windows\System32\vssapi.dll
23:38:00.0810 0x1768 C:\Windows\System32\vssapi.dll - ok
23:38:00.0812 0x1768 [ 941EDC6791A09356EEBEC309C1633CA2, 4E1F5843C96FAEE37D553D37FA25005D7412266A4E5DA47487C5420CE1F8ED42 ] C:\Windows\System32\vsstrace.dll
23:38:00.0812 0x1768 C:\Windows\System32\vsstrace.dll - ok
23:38:00.0814 0x1768 [ 3CA1EE5BE6C9D92DD672FC5A09E17AE2, B8D14953D307F7DBE6E7C8CA911FA3201AD63BEA3882F142A48E428A23DAB43A ] C:\Windows\System32\conhost.exe
23:38:00.0814 0x1768 C:\Windows\System32\conhost.exe - ok
23:38:00.0816 0x1768 [ ACAD8ABC566D8D5491F69A1A7FCFAFBE, 6AD944AD932B6188685AD7898946F62DAA5DA65A362986724A529F70063301DE ] C:\Program Files\Trend Micro\AMSP\coreConfigRepository.dll
23:38:00.0816 0x1768 C:\Program Files\Trend Micro\AMSP\coreConfigRepository.dll - ok
23:38:00.0818 0x1768 [ A93982600ED8B058A4582240B5DF4A2E, 008E52C2D3C6A5E162D151FBC4DF150E52062F8E8F546AD848FB9EB52C70444E ] C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
23:38:00.0818 0x1768 C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe - ok
23:38:00.0820 0x1768 [ 6DFA32353FE0F20D05F276686B751CB1, B1FB086A8965F250E55915024587A6EF41BDC1238DE7333BB60D37FD2A2D9D94 ] C:\Program Files\Trend Micro\AMSP\AMSP_LogServer.exe
23:38:00.0820 0x1768 C:\Program Files\Trend Micro\AMSP\AMSP_LogServer.exe - ok
23:38:00.0822 0x1768 [ 31936787AA45748B2CB8B269D58201EE, D309F8CBF1933C46C5487CBDBAA2EB6CAE40B7CAAFBFE8D45BCD169C2F0BAE4C ] C:\Program Files\Trend Micro\AMSP\outer_AMSP_ClientLibrary.dll
23:38:00.0822 0x1768 C:\Program Files\Trend Micro\AMSP\outer_AMSP_ClientLibrary.dll - ok
23:38:00.0824 0x1768 [ 3450B487086D58F2E220E11F3E2D4301, 60625CE2E016064AA442CECAD395A984CE305DF41E8B1691FB6E118FCE82C332 ] C:\Program Files\Trend Micro\AMSP\utilIPC.dll
23:38:00.0824 0x1768 C:\Program Files\Trend Micro\AMSP\utilIPC.dll - ok
23:38:00.0826 0x1768 [ F59ABF64B729602C7D0274908D8675FE, 880346F898631B2DFC1E27679773ABF10EA9DDC05F553765D2900D7CC784BF38 ] C:\Program Files\Trend Micro\AMSP\utilRPC.dll
23:38:00.0826 0x1768 C:\Program Files\Trend Micro\AMSP\utilRPC.dll - ok
23:38:00.0828 0x1768 [ 6766306FD9DDDB4FC181B26121E120A7, 1D46020B8C0C35DFA3256BCE95CB36F6D416D38A7A8F6ED026006DC286E5CA0E ] C:\Program Files\Trend Micro\AMSP\sqlite3.dll
23:38:00.0828 0x1768 C:\Program Files\Trend Micro\AMSP\sqlite3.dll - ok
23:38:00.0831 0x1768 [ 415CC6E051BC88468CE051AF0D1DEFEF, 33B4C71CB03E6A45082233CF6A974F7EB5C6AFCD591B31F66E8917BA0E337B0C ] C:\Windows\System32\ieframe.dll
23:38:00.0831 0x1768 C:\Windows\System32\ieframe.dll - ok
23:38:00.0833 0x1768 [ 78ABBE558F57144047F10A0F50FE4B2F, 6BE608F7697D83FD6C7E6EA422AC5637933BDC96B1044C12DE9A419CE7D6F6CE ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
23:38:00.0833 0x1768 C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe - ok
23:38:00.0835 0x1768 [ 1F841EC579E4A3B1E3C0CE626C8F9F23, EEE376F01E4D1700B73E3ABEE212F0999ABF49D491563A8B2355A8F3AC648FD3 ] C:\Windows\SysWOW64\ntdll.dll
23:38:00.0835 0x1768 C:\Windows\SysWOW64\ntdll.dll - ok
23:38:00.0837 0x1768 [ 595653478434F2A8451EDA55CD954CED, B81A6648827D60CC2CD856344988F22A5A8570A5789F85835AA65745949EA598 ] C:\Windows\SysWOW64\kernel32.dll
23:38:00.0837 0x1768 C:\Windows\SysWOW64\kernel32.dll - ok
23:38:00.0839 0x1768 [ 55237559D07288EEEA3133451FE4F386, EF769338F34B96415F6C4E42EFA5A36493B4AD36266BCAE426835CC06039F2B8 ] C:\Windows\SysWOW64\KernelBase.dll
23:38:00.0839 0x1768 C:\Windows\SysWOW64\KernelBase.dll - ok
23:38:00.0841 0x1768 [ C7099D6A46B880EE194F7A4473D71E10, 0BCEA2731F27308DC51DE0390BA5C3190A602DDB28998AF4BE434449BFB7AA39 ] C:\Windows\SysWOW64\user32.dll
23:38:00.0841 0x1768 C:\Windows\SysWOW64\user32.dll - ok
23:38:00.0843 0x1768 [ 421D685787762BBAE821159279B3000C, 536A851E1D24F6468F6313830AB91AC4991129F8691F01606A7AE553CEF7CF7D ] C:\Windows\SysWOW64\advapi32.dll
23:38:00.0843 0x1768 C:\Windows\SysWOW64\advapi32.dll - ok
23:38:00.0845 0x1768 [ 2BDB085AA7ECA65D1793D150CEC960AF, EE8E25DEEC45230D85EBEFE7DC1FA7CB154427E6723AE401EA914C558B335A6B ] C:\Windows\SysWOW64\ole32.dll
23:38:00.0845 0x1768 C:\Windows\SysWOW64\ole32.dll - ok
23:38:00.0847 0x1768 [ 9DB8537C03BE40548968C445FC595753, 31BDE2BD41364DAB244C4A8143EB923C255C207190538DF1CC565C70739EA293 ] C:\Windows\SysWOW64\oleaut32.dll
23:38:00.0847 0x1768 C:\Windows\SysWOW64\oleaut32.dll - ok
23:38:00.0849 0x1768 [ BC83108B18756547013ED443B8CDB31B, B2AD109C15EAA92079582787B7772BA0A2F034F7D075907FF87028DF0EAEA671 ] C:\Windows\SysWOW64\msvcp100.dll
23:38:00.0849 0x1768 C:\Windows\SysWOW64\msvcp100.dll - ok
23:38:00.0851 0x1768 [ 0E37FBFA79D349D672456923EC5FBBE3, 8793353461826FBD48F25EA8B835BE204B758CE7510DB2AF631B28850355BD18 ] C:\Windows\SysWOW64\msvcr100.dll
23:38:00.0851 0x1768 C:\Windows\SysWOW64\msvcr100.dll - ok
23:38:00.0853 0x1768 [ F9EA1AF4C99275C56B47F2C1F436B5E9, 80A3272F5EA513C6940C53F8F1E2744859462B60789D58C31D58D3533852C0F9 ] C:\Windows\SysWOW64\gdi32.dll
23:38:00.0853 0x1768 C:\Windows\SysWOW64\gdi32.dll - ok
23:38:00.0855 0x1768 [ 6EBA4AA97BA64CEB363C1C8CE12214F9, 8DFCEF622E810C3AC2C3B0CED1303E18E3FB745460572B24722E556A5BE4E68F ] C:\Windows\SysWOW64\msvcrt.dll
23:38:00.0855 0x1768 C:\Windows\SysWOW64\msvcrt.dll - ok
23:38:00.0857 0x1768 [ 2294AB089A055F4621FDE40DDFAD4D7E, 5261EF53E78A3BE324609AF5A6D9E90C81B76204765118AFC53A1489992A47EC ] C:\Windows\SysWOW64\rpcrt4.dll
23:38:00.0857 0x1768 C:\Windows\SysWOW64\rpcrt4.dll - ok
23:38:00.0859 0x1768 [ 3503F1397CB9BEE0D9684A7CA4C1C315, A2F786D75653A46ED086A83CC85941DEA72F7F814325A9891F4420521BFED45D ] C:\Windows\SysWOW64\sechost.dll
23:38:00.0859 0x1768 C:\Windows\SysWOW64\sechost.dll - ok
23:38:00.0861 0x1768 [ D47C2645C635D42AE5C1F5B2644EA093, 8D6D0F178793EE4004C3A70F0572BCAE8B33DFFA885E56CC5EC024EA63C190F8 ] C:\Windows\SysWOW64\combase.dll
23:38:00.0861 0x1768 C:\Windows\SysWOW64\combase.dll - ok
23:38:00.0863 0x1768 [ C70E652B7D507AAB25208E1602B29B89, AF903E8815CD60A23C9F91BF071A263D7B5D3202576AB92CFC30429F379DA947 ] C:\Windows\SysWOW64\cryptbase.dll
23:38:00.0863 0x1768 C:\Windows\SysWOW64\cryptbase.dll - ok
23:38:00.0865 0x1768 [ 1CF1F62F2484C996DFB99D511E18D662, F807C9B5F39F4A00101C411657DB585B5571E89D9D1B34EBEC757237E886BB9C ] C:\Windows\SysWOW64\sspicli.dll
23:38:00.0865 0x1768 C:\Windows\SysWOW64\sspicli.dll - ok
23:38:00.0867 0x1768 [ C6AD0070469803D274E1F828D637A107, F1B2F5E1448435EA6AE12E0E9C617FA940F1AB96BF5D0B7F2965698BEEBC1CFB ] C:\Windows\SysWOW64\bcryptprimitives.dll
23:38:00.0867 0x1768 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
23:38:00.0869 0x1768 [ 66E66E35658BA3F24EBF5AB35EFD508D, 4F9377BBB880B4D9BED66F1830B5AB1B923E9C1FD55EC7553000BEB7AED49148 ] C:\Windows\SysWOW64\nvinit.dll
23:38:00.0869 0x1768 C:\Windows\SysWOW64\nvinit.dll - ok
23:38:00.0871 0x1768 [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] C:\Windows\System32\drivers\mrxsmb10.sys
23:38:00.0871 0x1768 C:\Windows\System32\drivers\mrxsmb10.sys - ok
23:38:00.0874 0x1768 [ 428AF7FA03FF09CE1CD373ABFEBAD8A3, 43B3F6953DA33D87F58BA03295877ABA89FC9F36C0229A9D0D4A423B21629988 ] C:\Windows\SysWOW64\ws2_32.dll
23:38:00.0874 0x1768 C:\Windows\SysWOW64\ws2_32.dll - ok
23:38:00.0875 0x1768 [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] C:\Windows\System32\drivers\Ndu.sys
23:38:00.0875 0x1768 C:\Windows\System32\drivers\Ndu.sys - ok
23:38:00.0877 0x1768 [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] C:\Windows\System32\nlasvc.dll
23:38:00.0877 0x1768 C:\Windows\System32\nlasvc.dll - ok
23:38:00.0879 0x1768 [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] C:\Windows\System32\pcasvc.dll
23:38:00.0879 0x1768 C:\Windows\System32\pcasvc.dll - ok
23:38:00.0881 0x1768 [ 64A5D80882CF405F515A1A1D3F136B6A, 954ECB5540F3DCDABCB4BDC738B2AB0ADC063E78F376247E5650DCA9C2B9F504 ] C:\Windows\SysWOW64\nsi.dll
23:38:00.0881 0x1768 C:\Windows\SysWOW64\nsi.dll - ok
23:38:00.0883 0x1768 [ 5B4FF009D24F73F6FC6EB4870A789843, C542A72F67F667D7A83815CF434BDD12EB0C1CE03D98736862CCD763230BFDE5 ] C:\Windows\SysWOW64\mswsock.dll
23:38:00.0883 0x1768 C:\Windows\SysWOW64\mswsock.dll - ok
23:38:00.0885 0x1768 [ FF0EE1B87E5DD7A82F7BB124D5CA8BB6, 9C4DA645D6EC97AA88D81CDC81F87C8B7A3434AF35A16F8622A097839EBFAB16 ] C:\Windows\SysWOW64\dnsapi.dll
23:38:00.0885 0x1768 C:\Windows\SysWOW64\dnsapi.dll - ok
23:38:00.0887 0x1768 [ AFFB4EB53FC1D04495C8A5EC80B1EBCD, 60A43F23B6357BD9E6B6BEA099CE9C745CA297CC99910E8E79C46ADBBED2536D ] C:\Windows\SysWOW64\FWPUCLNT.DLL
23:38:00.0887 0x1768 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
23:38:00.0889 0x1768 [ B6C010F42053ED92E421EE5476E10645, 37B4DFF10DC8B276D979A1D04741A1D564720193E121B1D2A7B68020EF67DE38 ] C:\Windows\SysWOW64\rasadhlp.dll
23:38:00.0889 0x1768 C:\Windows\SysWOW64\rasadhlp.dll - ok
23:38:00.0891 0x1768 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] C:\Windows\System32\drivers\PEAuth.sys
23:38:00.0891 0x1768 C:\Windows\System32\drivers\PEAuth.sys - ok
23:38:00.0893 0x1768 [ 380AA537624F698F4C51C55806D30E69, D27FC209A99E4EE175659590AD5CFD543D77667C0F0D2BC12535EA1E34C88430 ] C:\Windows\System32\ncsi.dll
23:38:00.0893 0x1768 C:\Windows\System32\ncsi.dll - ok
23:38:00.0895 0x1768 [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] C:\Windows\System32\winhttp.dll
23:38:00.0895 0x1768 C:\Windows\System32\winhttp.dll - ok
23:38:00.0897 0x1768 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] C:\Windows\System32\drivers\secdrv.sys
23:38:00.0897 0x1768 C:\Windows\System32\drivers\secdrv.sys - ok
23:38:00.0899 0x1768 [ 466BDC0006103F2547D308DD3CD64398, 334E0729B369C7F7CBB9878F423B53E05476D1288A8ECEB18240318ABF2370C1 ] C:\Windows\System32\drivers\srvnet.sys
23:38:00.0899 0x1768 C:\Windows\System32\drivers\srvnet.sys - ok
23:38:00.0901 0x1768 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] C:\Windows\System32\drivers\tcpipreg.sys
23:38:00.0901 0x1768 C:\Windows\System32\drivers\tcpipreg.sys - ok
23:38:00.0903 0x1768 [ 90B06AD0BA271ABDD56A77040B39C525, 8838337E09B4555FBD165EB02119B3DE5BC074E33D1A9D39FFFB82B0402F12AE ] C:\Windows\System32\ssdpapi.dll
23:38:00.0903 0x1768 C:\Windows\System32\ssdpapi.dll - ok
23:38:00.0905 0x1768 [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] C:\Windows\System32\sysmain.dll
23:38:00.0905 0x1768 C:\Windows\System32\sysmain.dll - ok
23:38:00.0908 0x1768 [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] C:\Windows\System32\wiaservc.dll
23:38:00.0908 0x1768 C:\Windows\System32\wiaservc.dll - ok
23:38:00.0910 0x1768 [ C5784EFEEADA38050706FF368B6DD21F, 29515E525E4B21F90557E919BD9E7FE568AE0C11166E7A798871611FCA20A83D ] C:\Windows\System32\deviceassociation.dll
23:38:00.0910 0x1768 C:\Windows\System32\deviceassociation.dll - ok
23:38:00.0912 0x1768 [ 6E49FFDFBAC4AC6CB45238C67E3E15F2, AC2EC3D322E9227CD8C7637444D86F5737175BED5C770805A1782ED47BBCE50D ] C:\Windows\System32\wiatrace.dll
23:38:00.0912 0x1768 C:\Windows\System32\wiatrace.dll - ok
23:38:00.0913 0x1768 [ 536175601D6FDA57917D18D21476915A, 3482E67616FACA092128498829B726791A921A40281ECBA00484375B89E93FA7 ] C:\Windows\System32\wsdchngr.dll
23:38:00.0913 0x1768 C:\Windows\System32\wsdchngr.dll - ok
23:38:00.0915 0x1768 [ B53B20410925D1D67805FE9461D0E09F, 965F117DE3213E8E128E72A892EFC468ACD7D27F82E200697F2C06E098C7AFF2 ] C:\Windows\System32\drivers\tmusa.sys
23:38:00.0915 0x1768 C:\Windows\System32\drivers\tmusa.sys - ok
23:38:00.0917 0x1768 [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] C:\Windows\System32\trkwks.dll
23:38:00.0917 0x1768 C:\Windows\System32\trkwks.dll - ok
23:38:00.0920 0x1768 [ ED70EDCC4107F3727973C312E0049BD5, A72EA60BE2ADB8F15BBEC86910DC1C1F41ABE888FB87B1F3F902DCAA85E774F6 ] C:\Program Files\Windows Defender\MsMpEng.exe
23:38:00.0920 0x1768 C:\Program Files\Windows Defender\MsMpEng.exe - ok
23:38:00.0922 0x1768 [ 16BF6ADAED1427A7AF08125DD14BA52C, BE50645151FB85FA044FF29A23ADA5E46001A42ACD0BF204B9AE377CC78AD5DB ] C:\Windows\System32\fdPnp.dll
23:38:00.0922 0x1768 C:\Windows\System32\fdPnp.dll - ok
23:38:00.0924 0x1768 [ B801371569B9E310BBD068E21D486F1A, 9A98B5ABD1918BE548A4239B4C25C1604FDAE85D865DBE16F2E415399A09707D ] C:\Windows\System32\fundisc.dll
23:38:00.0924 0x1768 C:\Windows\System32\fundisc.dll - ok
23:38:00.0926 0x1768 [ 522FBA7CCAAC50E43E41C3B6269FD381, 0608C7FAAA6F0ED80E6A7FF6F8AD0875F6D24090D04DDA03FC981C08AAAB4784 ] C:\Program Files\Windows Defender\MpSvc.dll
23:38:00.0926 0x1768 C:\Program Files\Windows Defender\MpSvc.dll - ok
23:38:00.0928 0x1768 [ C878C66B13FA7F6DC0B0F869D85FA3A1, 0D89CA5191506F9947399011075244600C8A93106C9D933B5B5AA602F2FEB373 ] C:\Program Files\Windows Defender\MpClient.dll
23:38:00.0928 0x1768 C:\Program Files\Windows Defender\MpClient.dll - ok
23:38:00.0930 0x1768 [ E372BBF897005442ECEB7843CEB394D2, 25EDE9135ECDBE26E1D07DA1292081532474B743F69E75AC895850A70B78AC58 ] C:\Windows\System32\rasadhlp.dll
23:38:00.0930 0x1768 C:\Windows\System32\rasadhlp.dll - ok
23:38:00.0932 0x1768 [ E62EAEF0BAC9DD61BF22D4A7F2F18571, 910D85FDDBAF0E003A0CA0C23D27615F1B7D6145FB9E3A1661E93498196B303A ] C:\Windows\System32\drivers\srv2.sys
23:38:00.0932 0x1768 C:\Windows\System32\drivers\srv2.sys - ok
23:38:00.0934 0x1768 [ 27B58E16CF895AC1F1A97C04814C2239, D4336155331DDBF91952CDC6C446C68FF524F979099BA8D9B3A578758F97B2BE ] C:\Windows\System32\srvsvc.dll
23:38:00.0934 0x1768 C:\Windows\System32\srvsvc.dll - ok
23:38:00.0936 0x1768 [ 056A7F991CCBDACB5A132419FA244C3E, DD979234DAD651999617EA4721679D2D9B12CF2B82F228448CE3E893066EBAB0 ] C:\Windows\System32\mi.dll
23:38:00.0936 0x1768 C:\Windows\System32\mi.dll - ok
23:38:00.0938 0x1768 [ 830445350C7CDEC426FA5E1F9E1B0DAD, D32B25C7E7F093718DCA6E5BD348F3A2C2F4EAF95C4B4F59096B792B4C47D2FD ] C:\Windows\System32\sscore.dll
23:38:00.0938 0x1768 C:\Windows\System32\sscore.dll - ok
23:38:00.0940 0x1768 [ 3A8A50121A2600AEC63E4713AF6F25E7, 16D93213978146DFAEA42DAB1F62BD450E379C695D8AF285EF3BB71E245A0309 ] C:\Windows\System32\sscoreext.dll
23:38:00.0940 0x1768 C:\Windows\System32\sscoreext.dll - ok
23:38:00.0942 0x1768 [ E8E50E7703204AE06C6B5FEFE2F701E7, BFAA008194FE873F6EE36FD769CC8202F9C55C41B02098B96EB6CCF127587363 ] C:\Windows\System32\miutils.dll
23:38:00.0942 0x1768 C:\Windows\System32\miutils.dll - ok
23:38:00.0945 0x1768 [ 527429623E2A20C53DB246C51E6F2726, C3B714A70D58A2F31B6D3CB9527FF007E23D49A49EED4DF5F75BBE1BDA01D571 ] C:\Windows\System32\wbemcomn.dll
23:38:00.0945 0x1768 C:\Windows\System32\wbemcomn.dll - ok
23:38:00.0947 0x1768 [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] C:\Windows\System32\wbem\WMIsvc.dll
23:38:00.0947 0x1768 C:\Windows\System32\wbem\WMIsvc.dll - ok
23:38:00.0949 0x1768 [ 2B78788A1485F9B99A578A299DF42C02, A87183A9B13585C9E850437A45237105D39D7F3212ADB079D6AB430B67A59643 ] C:\Windows\System32\drivers\srv.sys
23:38:00.0949 0x1768 C:\Windows\System32\drivers\srv.sys - ok
23:38:00.0951 0x1768 [ DFC4050D58565ADBEE793A8D4AEBDAE6, 89B900408F030CD45753A11D6AE6CBAB87E8B0E3F8401402D2D8713C045BF488 ] C:\Windows\System32\iphlpsvc.dll
23:38:00.0951 0x1768 C:\Windows\System32\iphlpsvc.dll - ok
23:38:00.0953 0x1768 [ 70DAA70A39D15868A0DDEDC46B7A823F, 8AAE9195D41BB14C51EDC9C5D011CE6EE28C6960A52D8AB1CA8B386858715C54 ] C:\Windows\System32\httpprxm.dll
23:38:00.0953 0x1768 C:\Windows\System32\httpprxm.dll - ok
23:38:00.0955 0x1768 [ 1B8B4F73EE08B5A6EC5A70C96DA90667, 0C93947BC6326D1DC044D8A8198EF81B053EA2131E1F3217AAA050F456140E70 ] C:\Windows\System32\adhsvc.dll
23:38:00.0955 0x1768 C:\Windows\System32\adhsvc.dll - ok
23:38:00.0958 0x1768 [ 907456C38231601FA003ACF3F6ED4F77, 792F2E631854757E8B9B504267A66E4A354DAF845E2BFF066221A4C6F7FB2F1E ] C:\Program Files\Windows Defender\MpRtp.dll
23:38:00.0958 0x1768 C:\Program Files\Windows Defender\MpRtp.dll - ok
23:38:00.0960 0x1768 [ EA0DF4EA576FC466598499C8E98A7ECA, 8A63EA848450CE72C0050BB13C972AB235A21B14C2A45BA746761E2F88CA93BD ] C:\Program Files\Windows Defender\NisIpsPlugin.dll
23:38:00.0960 0x1768 C:\Program Files\Windows Defender\NisIpsPlugin.dll - ok
23:38:00.0962 0x1768 [ 57540FE9167823B79A6B9582732ABE50, DC9A0BCB3B9215EFE42FE9E494F74F6424D861016809AE15FECD4C148CC10DA5 ] C:\Windows\System32\fltLib.dll
23:38:00.0962 0x1768 C:\Windows\System32\fltLib.dll - ok
23:38:00.0964 0x1768 [ 509B7B27A6495374AF80A215EC190175, 77F9CE18BE8E33F0090E1345B72805895E86D2D1FE3D61BE37011ED8F29530A9 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{991FB0A5-1E15-4DB1-B307-AB943F099E02}\mpengine.dll
23:38:00.0964 0x1768 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{991FB0A5-1E15-4DB1-B307-AB943F099E02}\mpengine.dll - ok
23:38:00.0966 0x1768 [ 4BA57ED44973409C15406EE0CAD58778, 1110AA8A14D5AE41E37F1C9E519C143DCA31E6797525861E40B14EE723588912 ] C:\Windows\System32\sqmapi.dll
23:38:00.0966 0x1768 C:\Windows\System32\sqmapi.dll - ok
23:38:00.0968 0x1768 [ 38DF4E3D3559F58793E70ED8093A6F2B, F20F4ABA2EC8F8AE488B029D002347356D5607E1C0507DECD2E66D942441D928 ] C:\Windows\System32\wmidcom.dll
23:38:00.0968 0x1768 C:\Windows\System32\wmidcom.dll - ok
23:38:00.0971 0x1768 [ 5FE61B0E223FAC7316526A7B588E9F2D, 5AA77AA71A3BD0E0A6AB64A0771E51D3B1055A8D20D2A328C6BF77747633660B ] C:\Windows\System32\wdscore.dll
23:38:00.0971 0x1768 C:\Windows\System32\wdscore.dll - ok
23:38:00.0973 0x1768 [ 66F78ECB93F16BBDA095D9EA71CD712B, 6F67F61874669C2D5E88E9B567553B73D61C131D1E1ACBB5229A74865A741516 ] C:\Windows\System32\resutils.dll
23:38:00.0973 0x1768 C:\Windows\System32\resutils.dll - ok
23:38:00.0975 0x1768 [ 81AF2BB862A3C6DDB9F2E3A7956B0417, D554573C6B9CCD4ACF12B31A8AABA723CD2EC0326D992977B2CD199F20B59506 ] C:\Windows\System32\clusapi.dll
23:38:00.0975 0x1768 C:\Windows\System32\clusapi.dll - ok
23:38:00.0977 0x1768 [ D0BAD4E2BCA23BD0DC9930EE4DEA6658, 2B71B72A13DF699C4E5A9C98EF2FF13FDA82C7E6D534A0B61B2E058CB0BACA7D ] C:\Windows\System32\dafupnp.dll
23:38:00.0977 0x1768 C:\Windows\System32\dafupnp.dll - ok
23:38:00.0979 0x1768 [ 6E98157791491AEBF64B1392293E48A7, 89E6499C150341730113DBA193C0F778FC809E3AAE49A9227FC11A026DACD5EE ] C:\Windows\System32\nci.dll
23:38:00.0980 0x1768 C:\Windows\System32\nci.dll - ok
23:38:00.0981 0x1768 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] C:\Windows\System32\wdi.dll
23:38:00.0981 0x1768 C:\Windows\System32\wdi.dll - ok
23:38:00.0984 0x1768 [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] C:\Windows\System32\bthserv.dll
23:38:00.0984 0x1768 C:\Windows\System32\bthserv.dll - ok
23:38:00.0986 0x1768 [ 7AA2C803C0D6A07085843D5F6C9E99F2, 23094C02CF8393167E25E8DF9DC1511908DB7AB349E5C675AA531074656DC704 ] C:\Windows\System32\dafBth.dll
23:38:00.0986 0x1768 C:\Windows\System32\dafBth.dll - ok
23:38:00.0989 0x1768 [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] C:\Windows\System32\ssdpsrv.dll
23:38:00.0989 0x1768 C:\Windows\System32\ssdpsrv.dll - ok
23:38:00.0991 0x1768 [ 5CEC21295040B8FA8F26CB07D650954D, 549240C2308AFDB19561940EC3B7DC98AEF39F6655DAB8D541B2A0D4C508E70D ] C:\Windows\System32\netprofm.dll
23:38:00.0991 0x1768 C:\Windows\System32\netprofm.dll - ok
23:38:00.0993 0x1768 [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] C:\Windows\System32\netprofmsvc.dll
23:38:00.0993 0x1768 C:\Windows\System32\netprofmsvc.dll - ok
23:38:00.0995 0x1768 [ 03694A8350222AC9F0E8693986E92BE2, 44FB5A8143A5782CB2E6056B04B73CB8E967585BFBED6D98C4AB49CA5AAA3730 ] C:\Windows\System32\diagperf.dll
23:38:00.0995 0x1768 C:\Windows\System32\diagperf.dll - ok
23:38:00.0998 0x1768 [ 1062C1D05E95306D878FFFE0A23B84C0, 75E27BB97A24CB5161B3CC7C48B9F0A48B587643B8FBD56EC72AF0162F9B5EEE ] C:\Windows\System32\perftrack.dll
23:38:00.0998 0x1768 C:\Windows\System32\perftrack.dll - ok
23:38:01.0000 0x1768 [ 89C84BF2D5A2A5DD867E046488B8DDE3, 174C0BF9B1FB3504D36FEE0D37A0A957FB5D7B38A7878428399EEC6EB4537D44 ] C:\Windows\System32\BluetoothApis.dll
23:38:01.0000 0x1768 C:\Windows\System32\BluetoothApis.dll - ok
23:38:01.0002 0x1768 [ D27491CFCE452C154CECFA155AD0EBC8, 1F3F74C253E3B07DE7EFE27C34DD9AF08617C7B03BB44C2902F69BA9DA3F21F2 ] C:\Windows\System32\wpdbusenum.dll
23:38:01.0002 0x1768 C:\Windows\System32\wpdbusenum.dll - ok
23:38:01.0004 0x1768 [ F0DF4F8D9F1F8FA36BA30ACAC213D03D, 1DC17A432EED9612E9A1308B319FEC037930B79A5E03B292909A3B0031F60A34 ] C:\Windows\System32\PortableDeviceApi.dll
23:38:01.0004 0x1768 C:\Windows\System32\PortableDeviceApi.dll - ok
23:38:01.0006 0x1768 [ 22C3168D2AAA6C0546FE215CD079DBBB, 484D982D3BDAA4090D75C84226582D9B0344F19E32EFE3F12909C4ED125F5F6C ] C:\Windows\System32\wer.dll
23:38:01.0006 0x1768 C:\Windows\System32\wer.dll - ok
23:38:01.0008 0x1768 [ 28C35503056748FA88499DAECF3D5557, 95CA9A24B5A782340D75A6268F8503513C4A51FDABE0897300471FD5EE78E960 ] C:\Windows\System32\npmproxy.dll
23:38:01.0008 0x1768 C:\Windows\System32\npmproxy.dll - ok
23:38:01.0011 0x1768 [ B4FC38795A0AFC18539E220F56348764, A7ACAD98BDE191EAE99E89145E476E92AE75AAA020406ABFFF36CC3DA2509A7C ] C:\Windows\System32\PortableDeviceConnectApi.dll
23:38:01.0011 0x1768 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
23:38:01.0013 0x1768 [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] C:\Windows\System32\fdPHost.dll
23:38:01.0013 0x1768 C:\Windows\System32\fdPHost.dll - ok
23:38:01.0015 0x1768 [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] C:\Windows\System32\FDResPub.dll
23:38:01.0015 0x1768 C:\Windows\System32\FDResPub.dll - ok
23:38:01.0017 0x1768 [ 205B59C8B291A707B24C97B123834E70, 04034B153F3D9EF07E08615449250EAA6A3930AE28EB58B1CC1A40D34A812BD0 ] C:\Windows\System32\pnpts.dll
23:38:01.0017 0x1768 C:\Windows\System32\pnpts.dll - ok
23:38:01.0019 0x1768 [ E90A3C2460984362BE38F572842C890A, 11EB6472B843FCF4CCDAA9C67EBDA071748AAE50C3D150C13143C6F90A352078 ] C:\Windows\System32\activeds.dll
23:38:01.0019 0x1768 C:\Windows\System32\activeds.dll - ok
23:38:01.0021 0x1768 [ E7CD6B5449030F4F9B29C742664B63B3, 290C95E4865E4F72EB849C458F8AE76BB31F86D20C9C02D2BDF075CA653D6E12 ] C:\Windows\System32\adsldpc.dll
23:38:01.0021 0x1768 C:\Windows\System32\adsldpc.dll - ok
23:38:01.0023 0x1768 [ 0488E461EEE18F5CFCE7C1774BBFCBB3, AE7BF9A458547DE3454958320CA97F65EF03430825117C96E53D8D53C7450E17 ] C:\Windows\System32\adsldp.dll
23:38:01.0023 0x1768 C:\Windows\System32\adsldp.dll - ok
23:38:01.0025 0x1768 [ 448D8F8B51F785EAB56947D94EBDFC66, DFA1B360613DD5A8659313D7C390EE4989FEAF8D8BE0A75C3A617F90B8EA4E43 ] C:\Windows\System32\hnetcfg.dll
23:38:01.0025 0x1768 C:\Windows\System32\hnetcfg.dll - ok
23:38:01.0027 0x1768 [ 647B3E3A60DED8DAECF4F798A058EADB, 9A9DE6F0781FF01512E965D44514CD60DC645DCE8ECAAF0B3001DBA7379BB917 ] C:\Windows\System32\srumsvc.dll
23:38:01.0027 0x1768 C:\Windows\System32\srumsvc.dll - ok
23:38:01.0029 0x1768 [ AB8DC63BB90A2A3DE13B38D8B64B4DC6, A6B9F9BD48C0EFFDB93C66F5C33607BCB32ABC1B36D183B1EF62FB9451E64585 ] C:\Windows\System32\cscapi.dll
23:38:01.0029 0x1768 C:\Windows\System32\cscapi.dll - ok
23:38:01.0031 0x1768 [ DD02C0806C03506E03A24C984502B92B, 9CC961D4161D06F2AE49F5E98331C6D110A14DBD9255ED9C4C32A9490FB53329 ] C:\Windows\System32\secur32.dll
23:38:01.0031 0x1768 C:\Windows\System32\secur32.dll - ok
23:38:01.0033 0x1768 [ CBCA90CF2ACE96038571ED0A7BD3D756, EF9031E493E9E1B4FBD556DA0FB2F0E89313CB8853F379AA277EE3519DED7D64 ] C:\Windows\System32\esent.dll
23:38:01.0033 0x1768 C:\Windows\System32\esent.dll - ok
23:38:01.0035 0x1768 [ 45E8FB1F9A9191B1F7DF09DE346B81A7, AB31FBCB97E335BF3946BB3F77E5EC641784EA80C960A849FCB2018057DD973B ] C:\Windows\System32\fdWSD.dll
23:38:01.0035 0x1768 C:\Windows\System32\fdWSD.dll - ok
23:38:01.0037 0x1768 [ 93664065662467289E77F0982FA61D37, 8FC996A36B25988BE2773E3F3850B89415A49123E131BA8485536D44EC542ECA ] C:\Windows\System32\WSDApi.dll
23:38:01.0037 0x1768 C:\Windows\System32\WSDApi.dll - ok
23:38:01.0039 0x1768 [ 480C100DFBDACA7A702736E0F81F5080, BA13C27B12B9B996110045A82FDBE7CAEBB84D9E3E1EEEE4F07730DF1EE9A26D ] C:\Windows\System32\PCPKsp.dll
23:38:01.0039 0x1768 C:\Windows\System32\PCPKsp.dll - ok
23:38:01.0041 0x1768 [ BCCB98D8E406576180B5E808731510BF, 3A9B25557BBA086BB4C00D409340F5D6E1E9AC8818910DFA5E8B45846892865B ] C:\Windows\System32\PCPTpm12.dll
23:38:01.0041 0x1768 C:\Windows\System32\PCPTpm12.dll - ok
23:38:01.0043 0x1768 [ D9053149D55CEB13C66A69A00A1B6D7D, 5C90FDC824E17435C6A1C868D8DE0947380D01143097501F878017FFD8298AD1 ] C:\Windows\System32\wbem\wbemprox.dll
23:38:01.0043 0x1768 C:\Windows\System32\wbem\wbemprox.dll - ok
23:38:01.0045 0x1768 [ 6AF7948D08E59B5690D3559AEB8E0F93, 66E825B05FE666BE7E8B79BB33E7AF9942D05F2CC6EB2702BA3D2183FB4C4598 ] C:\Windows\System32\wdiasqmmodule.dll
23:38:01.0046 0x1768 C:\Windows\System32\wdiasqmmodule.dll - ok
23:38:01.0048 0x1768 [ 7C2E3117F0BF7B6F010B8C071253404C, 51E936168C8E51F4352A26FDA591F23C0BE1BED6A27FA93BAC18654143A018D7 ] C:\Windows\System32\cryptnet.dll
23:38:01.0048 0x1768 C:\Windows\System32\cryptnet.dll - ok
23:38:01.0050 0x1768 [ F0D53BA526018350E227F6E3E80C3966, B070DEEF36B23A33142F7991B1F8655F61CD7761AE991F809B006FA50C519BDC ] C:\Windows\System32\webservices.dll
23:38:01.0050 0x1768 C:\Windows\System32\webservices.dll - ok
23:38:01.0052 0x1768 [ 7969580698D60958265942B9DDC12B63, 2EBA4EA7C2F5220C91259AA20D027A4CF6EFE024B8F174C48CC80FECBCFB9FDD ] C:\Windows\System32\fdSSDP.dll
23:38:01.0052 0x1768 C:\Windows\System32\fdSSDP.dll - ok
23:38:01.0054 0x1768 [ E1D793FCCD26B862839217612830ECFC, 4A96199D07370BB44B9BF73F945DC65C6B165593419B41E9F5A5CB82E1A2B7B9 ] C:\Windows\System32\wbem\wbemcore.dll
23:38:01.0054 0x1768 C:\Windows\System32\wbem\wbemcore.dll - ok
23:38:01.0056 0x1768 [ 2C6B75D50B9917766FE7BA0C11A1FA23, C510F813EB9CE28E1AEB75740A068AAAEE4A21B21E7E8399CBDC96D95D8CEB9A ] C:\Windows\System32\wbem\esscli.dll
23:38:01.0056 0x1768 C:\Windows\System32\wbem\esscli.dll - ok
23:38:01.0058 0x1768 [ C510810D292782189F8BE12A1B0E366E, 486B8DE1FD5F8125276D423D153BEA653EB47E6C9358417A3F37D71730913B02 ] C:\Windows\System32\wbem\fastprox.dll
23:38:01.0058 0x1768 C:\Windows\System32\wbem\fastprox.dll - ok
23:38:01.0060 0x1768 [ 36BC2FF91264BB032FEB927B03DE4C29, 9073945F67C3833D6C4F4841BCFC972068EF9B74F86766B9BEF96DB26A398413 ] C:\Windows\System32\wbem\wbemsvc.dll
23:38:01.0060 0x1768 C:\Windows\System32\wbem\wbemsvc.dll - ok
23:38:01.0062 0x1768 [ 5FB52C4367FCABB27373F701C714192C, 99ECC9D01120A7FBAE2E47CF11A66F56ACC2B4ADC377AC6DB6BA377EF59BF6E1 ] C:\Windows\System32\wbem\wmiutils.dll
23:38:01.0062 0x1768 C:\Windows\System32\wbem\wmiutils.dll - ok
23:38:01.0064 0x1768 [ 589DBCBC569A0536010D854928D10EA1, 177DEED3758CCE7BA40CF68190B06C99C453434EFE95E41838B0E85A9CCACAF2 ] C:\Windows\System32\httpapi.dll
23:38:01.0064 0x1768 C:\Windows\System32\httpapi.dll - ok
23:38:01.0066 0x1768 [ 8449B6B3E281AF44BEA98D318D7481A5, 74463B6DC0D88B29F3CB28A55C922887102DDD9450EF99242314238FBF488CB7 ] C:\Windows\System32\nduprov.dll
23:38:01.0066 0x1768 C:\Windows\System32\nduprov.dll - ok
23:38:01.0068 0x1768 [ 4845FC917AB257CAE4F16A80ADC15412, 6267D746031947F05F08E7D95C98272E22020F89ACC75C545A1B42D03D1C13EA ] C:\Windows\System32\wbem\repdrvfs.dll
23:38:01.0068 0x1768 C:\Windows\System32\wbem\repdrvfs.dll - ok
23:38:01.0070 0x1768 [ BEA157D1857FA63205558750720D9071, EC7FA0E0BBC2B0A826903D6E1989AFE73E5D06780306F478FE715A7E4A73EA7C ] C:\Windows\System32\appsruprov.dll
23:38:01.0070 0x1768 C:\Windows\System32\appsruprov.dll - ok
23:38:01.0072 0x1768 [ D3F794546CE8666B663A0A906CA97DCA, 9A9133B07FE27AC43716E018260ADB2B24519B2B582254E0FCA2B7DF7394BD36 ] C:\Windows\System32\wpnsruprov.dll
23:38:01.0072 0x1768 C:\Windows\System32\wpnsruprov.dll - ok
23:38:01.0074 0x1768 [ F06F60158842691FA4B5DE0E08F55B29, 240C38803AD124CB67CCBDB5F8BAC98E9094ADBC7E56221CC4D8AD5106CBCDED ] C:\Windows\System32\ncuprov.dll
23:38:01.0074 0x1768 C:\Windows\System32\ncuprov.dll - ok
23:38:01.0076 0x1768 [ F12B563360D2BA8AD323A74986AF8A5B, AACCCB30F031940CB04926D32F6ED9FE89B93FD58DCB7B207B9EC0AB65D9B9FE ] C:\Windows\System32\wwapi.dll
23:38:01.0076 0x1768 C:\Windows\System32\wwapi.dll - ok
23:38:01.0078 0x1768 [ E32D2083EB6EC8EBD56D1A509268492B, 1DC6D89EA38F08EE0D631FB61F1D006000A5CD5255407BCD0CEA981CFCFCA864 ] C:\Windows\System32\energyprov.dll
23:38:01.0078 0x1768 C:\Windows\System32\energyprov.dll - ok
23:38:01.0080 0x1768 [ 90AC8D4574103FCF8942C526998F46BF, 82B55E3C466526B04DC67EE8C2AEC30247C30C32C914DE34D63F0BF82CDB88D0 ] C:\Windows\System32\srumapi.dll
23:38:01.0080 0x1768 C:\Windows\System32\srumapi.dll - ok
23:38:01.0083 0x1768 [ 521ED020A6708FECA2473AF00B73FC4D, 83BAB477E38AF04EBA694B84A27C8BF914294F55B7596FBF13E6F47E68077B08 ] C:\Windows\System32\dimsjob.dll
23:38:01.0083 0x1768 C:\Windows\System32\dimsjob.dll - ok
23:38:01.0085 0x1768 [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] C:\Windows\System32\provsvc.dll
23:38:01.0085 0x1768 C:\Windows\System32\provsvc.dll - ok
23:38:01.0087 0x1768 [ D528D6A92D187777691993DD757AF19A, 2C79978310193431E5FC462368424A172858D5351C92D4815C2A7E35B5DDE50C ] C:\Windows\System32\browser.dll
23:38:01.0087 0x1768 C:\Windows\System32\browser.dll - ok
23:38:01.0089 0x1768 [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] C:\Windows\System32\ListSvc.dll
23:38:01.0089 0x1768 C:\Windows\System32\ListSvc.dll - ok
23:38:01.0091 0x1768 [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] C:\Windows\System32\NcdAutoSetup.dll
23:38:01.0091 0x1768 C:\Windows\System32\NcdAutoSetup.dll - ok
23:38:01.0093 0x1768 [ 465E8A5B79FF5134CECE8E43031ADBE1, 093FA94EBF9B69247296DB9697F73809AED620808AD779DA68FE00F7D617555C ] C:\Windows\System32\dtsh.dll
23:38:01.0093 0x1768 C:\Windows\System32\dtsh.dll - ok
23:38:01.0095 0x1768 [ 52564ADAFDECBCD05B83C11F4401826C, 16F10709E5FE6BF276AE854D29E4079EA51C50F5D59FF3FE22D52A90D2EE51F4 ] C:\Windows\System32\P2P.dll
23:38:01.0095 0x1768 C:\Windows\System32\P2P.dll - ok
23:38:01.0097 0x1768 [ 2F60047076D57730FFD1981F53ACE052, D107405E9FE819E193279FF34A5FEEBFF521ACD07A2110999DAD62C35041FB25 ] C:\Windows\System32\fdProxy.dll
23:38:01.0097 0x1768 C:\Windows\System32\fdProxy.dll - ok
23:38:01.0099 0x1768 [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] C:\Windows\System32\pnrpsvc.dll
23:38:01.0099 0x1768 C:\Windows\System32\pnrpsvc.dll - ok
23:38:01.0101 0x1768 [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] C:\Windows\System32\p2psvc.dll
23:38:01.0101 0x1768 C:\Windows\System32\p2psvc.dll - ok
23:38:01.0103 0x1768 [ E74B152C1ED467FBA246EB2E826FA9FD, C754760633D54D1B338FCB53F1846CAF7817C52E1E29ECA522156FA0F55E56D8 ] C:\Windows\System32\P2PGraph.dll
23:38:01.0103 0x1768 C:\Windows\System32\P2PGraph.dll - ok
23:38:01.0105 0x1768 [ 80D6B89F62395284E3CE5DE2E5F4D6A0, C40E1A61DCADE4EE3FF8F50489BBB4C9053F47B3EAE76022694C08CC44B64D4F ] C:\Windows\System32\webio.dll
23:38:01.0105 0x1768 C:\Windows\System32\webio.dll - ok
23:38:01.0107 0x1768 [ EEB074B2C0282AAE03ED54361DE23946, 081007D5FF0B1A7D011A456B78DD401E100CC5D93937A31F00EF44D1362CBBC9 ] C:\Windows\System32\actxprxy.dll
23:38:01.0107 0x1768 C:\Windows\System32\actxprxy.dll - ok
23:38:01.0109 0x1768 [ 55D6A7C1A1AA9E118140C9F87016A58A, 492758B45CE12CDFAD1594CB4E1931EB0017AC2ACBA8AFDF1EDE58FE37953BFA ] C:\Windows\System32\fhlisten.dll
23:38:01.0109 0x1768 C:\Windows\System32\fhlisten.dll - ok
23:38:01.0111 0x1768 [ EBE2E282ED098C9C5FEE4341713A950F, EB4295083EC0F4496C57756DB7EFE6A7F8782FB69BCC92F22E037A6E3E7D325A ] C:\Windows\System32\hgprint.dll
23:38:01.0111 0x1768 C:\Windows\System32\hgprint.dll - ok
23:38:01.0113 0x1768 [ EA9AB560BA0A9C8E0E4A50C84733E088, 11956C282C4663265862B620C21A795D7BC3110BA10664444EA288D539F379A7 ] C:\Windows\System32\IdListen.dll
23:38:01.0113 0x1768 C:\Windows\System32\IdListen.dll - ok
23:38:01.0115 0x1768 [ 4F32FE0318A902949E461F699030DA45, 2B0FD05FC6F2BBD79B613BE03432075C38CB7EE33087E1CE2B3A4040F4368477 ] C:\Windows\System32\DAFWSD.dll
23:38:01.0115 0x1768 C:\Windows\System32\DAFWSD.dll - ok
23:38:01.0117 0x1768 [ 6CC1BB8F6851A262E2E824F0E92D5EEF, 45A88A984179BBA38C1F4434C4D6C2823C1FE6AFBE8CB0F656DAE0092D1D5611 ] C:\Windows\System32\drivers\WdNisDrv.sys
23:38:01.0117 0x1768 C:\Windows\System32\drivers\WdNisDrv.sys - ok
23:38:01.0119 0x1768 [ 9371F0B982A5ECCABE5DB9266C6D447A, F5670F349C359E06025DDD3774C7CAB212C323FD640DCE20D4476F39E3CDEE94 ] C:\Windows\System32\wscapi.dll
23:38:01.0119 0x1768 C:\Windows\System32\wscapi.dll - ok
23:38:01.0122 0x1768 [ CDFFBC50C8F2B2E7841D2A29727D78AE, 410D9C35DFC1CFFFBFB0FD18E0D5B934E48C4968A00E8E9B5694BC1D81052E3B ] C:\Program Files\Windows Defender\NisLog.dll
23:38:01.0122 0x1768 C:\Program Files\Windows Defender\NisLog.dll - ok
23:38:01.0124 0x1768 [ CA9E3DB0D7C822F35D55D356F731FD2F, 750AB8E99E95E351C7319A9D837D24303BD426675661AE821350E20E42A0B1A4 ] C:\Program Files\Windows Defender\NisSrv.exe
23:38:01.0124 0x1768 C:\Program Files\Windows Defender\NisSrv.exe - ok
23:38:01.0126 0x1768 [ 824BC775A6B475D872431F6B36DD8BA3, B36C99A9B76DE63CE08794C8BFC49081E2D35D4BB7F993B949DD681F8EB991F8 ] C:\Windows\System32\wbem\WmiPrvSD.dll
23:38:01.0126 0x1768 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
23:38:01.0128 0x1768 [ A19F9B39E739E89698E662896F4A76B5, 230D95FFE6A47CBB6619A9D66FD097AE83093C48C650E39B953139160F4135EF ] C:\Windows\System32\ncobjapi.dll
23:38:01.0128 0x1768 C:\Windows\System32\ncobjapi.dll - ok
23:38:01.0130 0x1768 [ B2CF1AF98C13B3C19FDD7EF1EF56C05F, 016BE1B76DE48572DABBF20797ABAD87F73FB1CBD0A8E293D69B8CA6A1063550 ] C:\Windows\System32\wbem\wbemess.dll
23:38:01.0130 0x1768 C:\Windows\System32\wbem\wbemess.dll - ok
23:38:01.0132 0x1768 [ 9556649383B375E4D871F994F8E1A328, 34A96798D0AF9A03EE3FCFBF94799A037E682ED212E3F58E2A67762FD0858800 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7D8E3141-6A26-4E6A-AD04-11B267E545C8}\gapaengine.dll
23:38:01.0132 0x1768 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7D8E3141-6A26-4E6A-AD04-11B267E545C8}\gapaengine.dll - ok
23:38:01.0134 0x1768 [ 0BDB5190B3AFAEFF93800F149781F942, 7385F8DD65010ADF32EBF5F065C39FF18D8033F0A9BFF0DD9E619430EFF09B12 ] C:\Windows\System32\pautoenr.dll
23:38:01.0134 0x1768 C:\Windows\System32\pautoenr.dll - ok
23:38:01.0136 0x1768 [ B344479C30A24B05C2E08EE35EF69530, 2D48C2C27E93DF1781760BAD773F9E41F11E93D0E504397610B9D8B611777253 ] C:\Windows\System32\certca.dll
23:38:01.0136 0x1768 C:\Windows\System32\certca.dll - ok
23:38:01.0138 0x1768 [ F99300CAF66307E295438355E9B11ACD, 3BFB0F6633011964B29ECA3BC54E6F7B79D99A01A16622F2196A935F6CDD30D2 ] C:\Windows\System32\CertEnroll.dll
23:38:01.0138 0x1768 C:\Windows\System32\CertEnroll.dll - ok
23:38:01.0140 0x1768 [ F916298AF3C6AC9887427E545C7E3A69, 5B346CED483C70A8B3A1B54E342D0522225CF56A5260AC5FF9C02324D9605B6D ] C:\Windows\System32\pnrpnsp.dll
23:38:01.0140 0x1768 C:\Windows\System32\pnrpnsp.dll - ok
23:38:01.0142 0x1768 [ 02959B2556E18276DE7DDE527CFCB502, 05CC7A39FF3A26640C3C9C49CD89438AF6265AB06FD3DA71411610603F228EBD ] C:\Windows\System32\ncryptprov.dll
23:38:01.0142 0x1768 C:\Windows\System32\ncryptprov.dll - ok
23:38:01.0144 0x1768 [ 2203F8DA390024C0EEF00DB8472C534D, BEC5AFEB9D3D342F3E3A827298BA358EADCD58F6E5920B3333DA6EE7E256C016 ] C:\Windows\System32\ncryptsslp.dll
23:38:01.0144 0x1768 C:\Windows\System32\ncryptsslp.dll - ok
23:38:01.0146 0x1768 [ D9D960D70B1866A513BCBBA2FBEE6144, DB3AB9AAEFF452B6DC1ECEAFB23EEF8C5AD8AB8159F3C151CDFE06766EA992F3 ] C:\Windows\System32\dssenh.dll
23:38:01.0146 0x1768 C:\Windows\System32\dssenh.dll - ok
23:38:01.0148 0x1768 [ 1ADF42CE2ABD1DA523DCD5B71A7C314C, 81AB3F9B0E4D0708469EB6C3A9D733AA565133A7E0D78A50663F253E2358B93E ] C:\Windows\System32\drt.dll
23:38:01.0148 0x1768 C:\Windows\System32\drt.dll - ok
23:38:01.0150 0x1768 [ 04666E7A3CDCE8625B93DC4AB27EE883, 27E5C21586FB31B1A0C6253E36644A1573CA8563F86DCF77EDE892B2E0E1CD33 ] C:\Windows\System32\drttransport.dll
23:38:01.0150 0x1768 C:\Windows\System32\drttransport.dll - ok
23:38:01.0152 0x1768 [ 722B1ED8A1C3115E0B215215FB56738D, 8528E7E9BD6A15F15D017DACDB0636A27D52F27AA1806CFFB51A89F6EED792D2 ] C:\Windows\System32\SettingSyncCore.dll
23:38:01.0152 0x1768 C:\Windows\System32\SettingSyncCore.dll - ok
23:38:01.0154 0x1768 [ 0934499394EB3D8027B8AB78C07D56CB, 83D97B1EDD425C391B686141DC3325AB653F4A6DC0F422D1B2BB2F925841507B ] C:\Windows\System32\dllhost.exe
23:38:01.0154 0x1768 C:\Windows\System32\dllhost.exe - ok
23:38:01.0156 0x1768 [ 9F0759C6D691E7030BF33105EDA2C690, 5EDDC4475FFA96287D25D203F7EA45E6D770635C1ED6532D713BD9E6C76F745E ] C:\Windows\System32\CredentialMigrationHandler.dll
23:38:01.0156 0x1768 C:\Windows\System32\CredentialMigrationHandler.dll - ok
23:38:01.0158 0x1768 [ CE6D08350D0A1278E9A97D94023D1800, 54AACAADDD25CC44B59A7637C3A1E7E3A8392CC6D22F4D2C5A202D29BF44AFC1 ] C:\Windows\System32\wbem\WmiPrvSE.exe
23:38:01.0158 0x1768 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
23:38:01.0160 0x1768 [ 48F25CC79C6CCFD4B776C8FDA9ED7271, 6D05A934678A8E0862C2F906FC7CAC277F30A0E187319D5D11BDE76B68C8B799 ] C:\Windows\System32\AppxAllUserStore.dll
23:38:01.0160 0x1768 C:\Windows\System32\AppxAllUserStore.dll - ok
23:38:01.0162 0x1768 [ 183360914EFC9D25E2A13D335D5E9EB8, 37A277D69DB0493410B58941D1B9C44B8C6D403AF6F31B2C47E910DF3056EF50 ] C:\Windows\System32\taskeng.exe
23:38:01.0162 0x1768 C:\Windows\System32\taskeng.exe - ok
23:38:01.0164 0x1768 [ 1D8303D3ED5F8C403984A8820E5E599A, EC63C7C6B7C07D088DE336C6148D2CEE9B130000286DA0E4C1970F9385FD72EF ] C:\Windows\System32\taskhostex.exe
23:38:01.0164 0x1768 C:\Windows\System32\taskhostex.exe - ok
23:38:01.0166 0x1768 [ BFC0069A46E1D1F38AFB253F76964471, A52ABDD2018F0D9C31CF08668A848E85897A7FB646F5082BA5DBD7000593011E ] C:\Windows\System32\wbem\wmiprov.dll
23:38:01.0166 0x1768 C:\Windows\System32\wbem\wmiprov.dll - ok
23:38:01.0168 0x1768 [ 0DA4B7E7EFB6CC0546FA407DFE8C531D, 560D35A8D1CD6C645B675260267097154FB2E1D42E524B5096A2602657FB065F ] C:\Windows\System32\AtBroker.exe
23:38:01.0168 0x1768 C:\Windows\System32\AtBroker.exe - ok
23:38:01.0170 0x1768 [ E41C0291E2F2FDFBF2875E4473F81031, F0BE14072B7E40ACA27BDFC302C8F99B3ACDD28393339F5B4BA41075B10D6732 ] C:\Windows\System32\mpr.dll
23:38:01.0170 0x1768 C:\Windows\System32\mpr.dll - ok
23:38:01.0172 0x1768 [ 494BB20A0251BC1315ED380687EEBAA1, 02A5ABCC313FB23086B9515F429F0CB0237F1C0E0A6094114F73C3800B46C9D8 ] C:\Windows\System32\TSChannel.dll
23:38:01.0172 0x1768 C:\Windows\System32\TSChannel.dll - ok
23:38:01.0174 0x1768 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:38:01.0174 0x1768 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
23:38:01.0176 0x1768 [ AC7C39F7A866BF81103042244CE85827, 5FD4A8E9FC53B85054E254294696BF10523DCF469A09C7D43092C7F386DB3232 ] C:\Windows\System32\msxml3.dll
23:38:01.0176 0x1768 C:\Windows\System32\msxml3.dll - ok
23:38:01.0178 0x1768 [ 08C191B2917862BE90C33E31CB6B6D79, E8CC905FA3CF0D1A7BB631963BF7B7CCE1D4B52B8358CB76DDDBB2D442189A0B ] C:\Windows\System32\userinit.exe
23:38:01.0178 0x1768 C:\Windows\System32\userinit.exe - ok
23:38:01.0180 0x1768 [ 6CB5CFF7F48B8E226523BF2E849AA6E5, A92EEF4B85C2F246447F3061156527305D9C410B0491ED79F6FF11684CD4BD06 ] C:\Windows\SysWOW64\shlwapi.dll
23:38:01.0180 0x1768 C:\Windows\SysWOW64\shlwapi.dll - ok
23:38:01.0182 0x1768 [ 81394C91B7B5A7C799E249AE82491F13, 17D641820B51A10F10872A609ED1E9A93EB97593ECC33BA48B049E6701A75C94 ] C:\Windows\explorer.exe
23:38:01.0182 0x1768 C:\Windows\explorer.exe - ok
23:38:01.0184 0x1768 [ D8EB154CC954E526970E7C56B724E659, A83E896C33FE43C24E0B077B8ED2CB86C90FF5E02BDE6CB5A588B9D6C071CA55 ] C:\Windows\System32\userinitext.dll
23:38:01.0184 0x1768 C:\Windows\System32\userinitext.dll - ok
23:38:01.0186 0x1768 [ ECCE051BB49773BEE210B515669AFC6E, 64627A706833FD1AA149363894028A000E1158A82CD8B87A788EABB5CA2E4ABD ] C:\Windows\System32\keyiso.dll
23:38:01.0186 0x1768 C:\Windows\System32\keyiso.dll - ok
23:38:01.0189 0x1768 [ 2C727D11CDF4F8B2477FC2B1B305ECB9, B4F83DAA73E99EF8AD88A4A9C5553ABC4A99E2FD22234C968D90A0BAE97104F8 ] C:\Windows\System32\wlidprov.dll
23:38:01.0189 0x1768 C:\Windows\System32\wlidprov.dll - ok
23:38:01.0191 0x1768 [ 9A1190B2934CFAB102D1B62F74971A0B, 491958273AED58879BDF245789F105A68283C05E55B2CEABA9441A2E8C26E88D ] C:\Windows\System32\twinapi.dll
23:38:01.0191 0x1768 C:\Windows\System32\twinapi.dll - ok
23:38:01.0193 0x1768 [ C7DE2ECAECC66E5710304939622B4F0B, 859F696F673B9488E145BC09B6B81BE080CBB04C6142AFBA3BBB7D01879E5101 ] C:\Windows\System32\NV\igdumdim64.dll
23:38:01.0193 0x1768 C:\Windows\System32\NV\igdumdim64.dll - ok
23:38:01.0195 0x1768 [ 1FC8997292BE3362A5B40EBBBD137982, 68CE9F15131B4375987EF19D1FD66DAC9818C59CAD9C767112AE7B8075C4CE3B ] C:\Windows\System32\radardt.dll
23:38:01.0195 0x1768 C:\Windows\System32\radardt.dll - ok
23:38:01.0197 0x1768 [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] C:\Windows\System32\wlidsvc.dll
23:38:01.0197 0x1768 C:\Windows\System32\wlidsvc.dll - ok
23:38:01.0199 0x1768 [ C7DE2ECAECC66E5710304939622B4F0B, 859F696F673B9488E145BC09B6B81BE080CBB04C6142AFBA3BBB7D01879E5101 ] C:\Windows\System32\NV\igd10iumd64.dll
23:38:01.0199 0x1768 C:\Windows\System32\NV\igd10iumd64.dll - ok
23:38:01.0201 0x1768 [ 91F27BC87BEB6DFDC709FF484F64F1D4, F4D1AE178C714CA454D9447113D707AADA9E3AE3236955EE3171D071FC98F1F3 ] C:\Windows\System32\PlaySndSrv.dll
23:38:01.0201 0x1768 C:\Windows\System32\PlaySndSrv.dll - ok
23:38:01.0203 0x1768 [ 5E536FD2C9EBFB9388DD76BCC56C7232, BE0116CF45D5FE09219E6F8B4AA43EDFB717B2B323BC1ED8794DD2307D8FC3FA ] C:\Windows\System32\MsCtfMonitor.dll
23:38:01.0203 0x1768 C:\Windows\System32\MsCtfMonitor.dll - ok
23:38:01.0205 0x1768 [ 9729D3F9896B6F309DC50CE3769AC9C1, CA8BF2ADC0FFC87A1B3C5958D762010D308DC998C8727B963431FD2A6D07549A ] C:\Windows\System32\msutb.dll
23:38:01.0205 0x1768 C:\Windows\System32\msutb.dll - ok
23:38:01.0207 0x1768 [ 8D6F535461F6CFF75A8ADDF83024C904, F2A97EC4A6284F28B685A3CE2D450F61E75EE8692D718A6AA352D5734BBBAD7B ] C:\Windows\System32\appinfo.dll
23:38:01.0207 0x1768 C:\Windows\System32\appinfo.dll - ok
23:38:01.0209 0x1768 [ 17C9CEA667906DA7CAA1175DE437F4FC, 45677EA1918DD4D68C3342B333D0A57EB69E14BA88FFDD3D67DD21CED303B07C ] C:\Windows\System32\runonce.exe
23:38:01.0209 0x1768 C:\Windows\System32\runonce.exe - ok
23:38:01.0211 0x1768 [ 8BE1C89BD0C6F659C3AE3A2C8D0955C4, 50D26482997BB44EBB55DA50D177459F76A708EBC23AB866330295E730EE71A9 ] C:\Windows\SysWOW64\runonce.exe
23:38:01.0211 0x1768 C:\Windows\SysWOW64\runonce.exe - ok
23:38:01.0213 0x1768 [ 6180E1E88377D1A9834D98B4BF12094E, 28AE4A1C42A3515D2792B4D612F091C56C9C91153B0C500744043947A11249C3 ] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7\comctl32.dll
23:38:01.0213 0x1768 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7\comctl32.dll - ok
23:38:01.0215 0x1768 [ B5507F49CB2E2516746BD55B9F671925, 2403AC77A516B21940BDBC9136ECC49BB7F48D1879CA27B0E1EF9221F891917E ] C:\Windows\SysWOW64\shell32.dll
23:38:01.0215 0x1768 C:\Windows\SysWOW64\shell32.dll - ok
23:38:01.0217 0x1768 [ 81B57798E73112445D7F0F92315B729E, AEC06DE2D14AC63A8B23A45047D74BB5B17E09B8EB7DBEA48F11FF3AB022A093 ] C:\Windows\SysWOW64\SHCore.dll
23:38:01.0217 0x1768 C:\Windows\SysWOW64\SHCore.dll - ok
23:38:01.0219 0x1768 [ DA24EDFC1D6C1B67C010D34652B7052F, 0499E99F7B794C1FE8E8C03658F0DCDFC3B0FF5315A1871FCB0C33D612A15BD1 ] C:\Program Files (x86)\Google\Update\1.3.24.7\goopdate.dll
23:38:01.0219 0x1768 C:\Program Files (x86)\Google\Update\1.3.24.7\goopdate.dll - ok
23:38:01.0222 0x1768 [ 62969A88DE12FD62D59A6C7821A929BC, 47B49F37B11DAB2E686DC47616623D2332F6F889529820DA82CB6DC67B81884E ] C:\Windows\SysWOW64\imm32.dll
23:38:01.0222 0x1768 C:\Windows\SysWOW64\imm32.dll - ok
23:38:01.0223 0x1768 [ F5C43BFE7EF27521ED25B912C9366CD9, A43758C33AB96CC2DE883B975C04B02B026663F9E7A523FEC99D15DA38DFFEE2 ] C:\Windows\SysWOW64\msctf.dll
23:38:01.0223 0x1768 C:\Windows\SysWOW64\msctf.dll - ok
23:38:01.0226 0x1768 [ ACBA82820AF2B51B31969A0570A993F7, CCE1DB7255B3C0D1B3001EE8BFA322E25F1C955446F6A91B5DB3506803FD7462 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
23:38:01.0226 0x1768 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
23:38:01.0228 0x1768 [ A5BD16CF06D4ECB6445BFCAC9C0A366F, 07283D52AE5FB402A0155DCAD2141180D55C840F4E872C03F9F13EA66BADD719 ] C:\Windows\SysWOW64\netapi32.dll
23:38:01.0228 0x1768 C:\Windows\SysWOW64\netapi32.dll - ok
23:38:01.0230 0x1768 [ 9FAC7693213C54B25D0DC48BC20686CF, 9C9485DA86EED0399A5E91EE8C687C442435C97B239424983E76E201DDF852F7 ] C:\Windows\SysWOW64\crypt32.dll
23:38:01.0230 0x1768 C:\Windows\SysWOW64\crypt32.dll - ok
23:38:01.0232 0x1768 [ AA21423B380157AFAA2F82E96D910E0F, 5E037AD0B3AF9D5B1A6F82BBA8026CEA8DD5C8C0AECB8ED71F1ADAA940954C5D ] C:\Windows\SysWOW64\kernel.appcore.dll
23:38:01.0232 0x1768 C:\Windows\SysWOW64\kernel.appcore.dll - ok
23:38:01.0234 0x1768 [ 2716EEC7A0B6016F11B0A0F8B423DBBE, C3A96C1C6DC9B98E84AF6F5173F6041FF4C6B6BDD775C011D8567E67CAE4328F ] C:\Windows\SysWOW64\uxtheme.dll
23:38:01.0234 0x1768 C:\Windows\SysWOW64\uxtheme.dll - ok
23:38:01.0236 0x1768 [ 5AA28997F6A30EB196A5AB09F684B7BE, E05770774B05836B2EF59A5B2089256268CCB53B41ADC6F3EB3985AC96194F4B ] C:\Windows\SysWOW64\imagehlp.dll
23:38:01.0236 0x1768 C:\Windows\SysWOW64\imagehlp.dll - ok
23:38:01.0238 0x1768 [ 8491F03503076D67196436D29D153A2C, 6733FC235A99CC4E3564F2D8EEAF3A88F19B30BBF67CB414E54D329FE3072B06 ] C:\Windows\SysWOW64\msi.dll
23:38:01.0238 0x1768 C:\Windows\SysWOW64\msi.dll - ok
23:38:01.0240 0x1768 [ C500954647E81A00700D3767C2B3CC4B, C8B9BD1EF3BC4B9CC4DF9AC11752CDB750276DDF823F7FFD9791E182DEA821F1 ] C:\Windows\SysWOW64\setupapi.dll
23:38:01.0240 0x1768 C:\Windows\SysWOW64\setupapi.dll - ok
23:38:01.0242 0x1768 [ A56878CE81935A6E3269C1B1669F9354, 03E2544B3ED333FC735E2F49118BDA4F2DB2FA1E2AFCA58E344C970173F6A511 ] C:\Windows\SysWOW64\cfgmgr32.dll
23:38:01.0242 0x1768 C:\Windows\SysWOW64\cfgmgr32.dll - ok
23:38:01.0244 0x1768 [ A7DDBD5DA334F3BA342EB828012FD1A5, B9A86EC9BB107F1BB6FAE103EE9E571B639564AFBD036040F0A91C06E5C26522 ] C:\Windows\SysWOW64\clbcatq.dll
23:38:01.0244 0x1768 C:\Windows\SysWOW64\clbcatq.dll - ok
23:38:01.0246 0x1768 [ 3D7B4D033FE80A86B1FC530A03A53754, F926597A11B05948282008F5A3CB959BD40C187700BE6D9B241B9334319A4274 ] C:\Windows\SysWOW64\msimg32.dll
23:38:01.0246 0x1768 C:\Windows\SysWOW64\msimg32.dll - ok
23:38:01.0248 0x1768 [ F89C2BDB6E385ED6CA2AC0085BB6643A, B8E3B7752C06407BAB23AFC5BB040030186D97A9712DEFBF74A3ABCBE50259B1 ] C:\Windows\SysWOW64\wininet.dll
23:38:01.0248 0x1768 C:\Windows\SysWOW64\wininet.dll - ok
23:38:01.0250 0x1768 [ 25BBBE926A40DFC775292EE0F30E53A1, EED52B75AE10BA8BF9C40701F03539244A8C6DAAA9F6D2EC4C0B4BD17ACA55AD ] C:\Windows\SysWOW64\propsys.dll
23:38:01.0250 0x1768 C:\Windows\SysWOW64\propsys.dll - ok
23:38:01.0252 0x1768 [ 3DA80D0C5E850A6C8D1DE566AAB736DA, 4A886F635230199F6C3B4FD22285834C0F3CB493B88012FBE0EAC0CCB5E573D8 ] C:\Windows\SysWOW64\wintrust.dll
23:38:01.0252 0x1768 C:\Windows\SysWOW64\wintrust.dll - ok
23:38:01.0254 0x1768 [ 3265F568468AB87950342764F6D77E78, 62D063F00323145860C3D2E21C99A4D961E01CED0DC142089FAD25BFFC6CEFE8 ] C:\Windows\SysWOW64\winnsi.dll
23:38:01.0254 0x1768 C:\Windows\SysWOW64\winnsi.dll - ok
23:38:01.0256 0x1768 [ 0E9317A95DD3E678AFCD457DAAD01DA5, E5790F6E2F526CE67C4DEE6277AEF29AD71ACC6C75FC865F96C9E9A86E693D0E ] C:\Windows\SysWOW64\netutils.dll
23:38:01.0256 0x1768 C:\Windows\SysWOW64\netutils.dll - ok
23:38:01.0258 0x1768 [ CC877931A205C47710456FFEE0BEF29D, 3A063C6B064BBE812FCB9A54AC3AFF946A86C022028B48416AB8A164953CC67E ] C:\Windows\SysWOW64\profapi.dll
23:38:01.0258 0x1768 C:\Windows\SysWOW64\profapi.dll - ok
23:38:01.0260 0x1768 [ 9D519CCC49EBEF2AB0F3282C097B141B, D1C88FA2DBD3D20C3FA5EB39472F49E5F43F9FC3C6B01B487FD8D31C963F756C ] C:\Windows\SysWOW64\cryptsp.dll
23:38:01.0260 0x1768 C:\Windows\SysWOW64\cryptsp.dll - ok
23:38:01.0262 0x1768 [ 522BF7088E69948A20DD5C89D359B2C4, 20949159376225C7DB8B4CBBA1F0C06113E2DED7369B59329AF00D3295BC627B ] C:\Windows\SysWOW64\srvcli.dll
23:38:01.0262 0x1768 C:\Windows\SysWOW64\srvcli.dll - ok
23:38:01.0264 0x1768 [ 46DAF6EFC4D7E1C8AC9E0179EFB4B3A9, 13FA959D4D82336A22A118EFC6B59E4F64B90AF0FDEB7FD10ACF0C2556AB4D44 ] C:\Windows\SysWOW64\wkscli.dll
23:38:01.0264 0x1768 C:\Windows\SysWOW64\wkscli.dll - ok
23:38:01.0266 0x1768 [ 8685F31A9319FB0FA882C736783F5F5E, D772A7FEAEBC794B403EAB98C7E816DDE87A1C1F4AA7B756AA64DF117BD18085 ] C:\Windows\SysWOW64\msasn1.dll
23:38:01.0266 0x1768 C:\Windows\SysWOW64\msasn1.dll - ok
23:38:01.0268 0x1768 [ 68516BC692B58959933B5029747F2A2A, 2984B01D549168AAEE6B7699D7AD76E9D7598C8EBC4631AADCB9FF7EC8D2A89B ] C:\Windows\SysWOW64\rsaenh.dll
23:38:01.0268 0x1768 C:\Windows\SysWOW64\rsaenh.dll - ok
23:38:01.0270 0x1768 [ 0979EF30634ACCEB83CF7311DF094A0C, E387EEDA472BBC2CC7F94F5678C3B89E634ABCFCC7EB38436359170096F6E05F ] C:\Windows\SysWOW64\iertutil.dll
23:38:01.0270 0x1768 C:\Windows\SysWOW64\iertutil.dll - ok
23:38:01.0272 0x1768 [ 9281FA6B56D3B7A64CB140CE310686DE, D0854FA97D8C25A7F1308A7F46CA32BAFDE568C645B99F650E33C74A9888EA19 ] C:\Windows\SysWOW64\bcrypt.dll
23:38:01.0272 0x1768 C:\Windows\SysWOW64\bcrypt.dll - ok
23:38:01.0274 0x1768 [ BAFF898DD7A27C7CF7CAF937A3947A08, 96C50C1953234B1A546D8A4FE4415B077A85109694A1D1B065C8653B8767C529 ] C:\Windows\SysWOW64\urlmon.dll
23:38:01.0274 0x1768 C:\Windows\SysWOW64\urlmon.dll - ok
23:38:01.0276 0x1768 [ BD9306F715EA9B959EDB892614F6D581, C654ADB865FA1254FA0081D1DAAB47FCF91DA5EA7AD83CFB062DACF951639EC5 ] C:\Windows\SysWOW64\userenv.dll
23:38:01.0276 0x1768 C:\Windows\SysWOW64\userenv.dll - ok
23:38:01.0278 0x1768 [ DB530B4C83DC2439EA2397613C841AF4, 8ACB4700FF1A9F195E70D2FDD7326425B6197F8CD322A712080423BD973E5AF5 ] C:\Windows\SysWOW64\version.dll
23:38:01.0278 0x1768 C:\Windows\SysWOW64\version.dll - ok
23:38:01.0280 0x1768 [ 2C4965FA375C7C2C1FBD18EFD75F61CF, 5E9870E2034272F0CA7661DA6AD49D90E5D62F5DF5AF1B873342DA65DE193630 ] C:\Windows\SysWOW64\cscapi.dll
23:38:01.0280 0x1768 C:\Windows\SysWOW64\cscapi.dll - ok
23:38:01.0282 0x1768 [ D6AE16663985EA7E81E17A1A810AC547, 550A0A765765BC3FDDDD5504FB6BA0159ED459541181F24FF7E9A5926E50621E ] C:\Windows\SysWOW64\ntmarta.dll
23:38:01.0282 0x1768 C:\Windows\SysWOW64\ntmarta.dll - ok
23:38:01.0284 0x1768 [ F5033F3C6F8E706D78ACB9351EBF7B3E, 6E7C68A3BC532852860284B6D7687BE6BF1BC8F92D299A46C433F5BDCEB6F1F8 ] C:\Windows\SysWOW64\dbghelp.dll
23:38:01.0284 0x1768 C:\Windows\SysWOW64\dbghelp.dll - ok
23:38:01.0287 0x1768 [ E572557FD4CA855642A0B26CC9F3C788, 891D833853FB1CDEB57E6FBDF985360DADC7CB7642AD7A0107C15119CAD40C6E ] C:\Windows\SysWOW64\secur32.dll
23:38:01.0287 0x1768 C:\Windows\SysWOW64\secur32.dll - ok
23:38:01.0289 0x1768 [ 59A1D4FACD7B333F76C4142CD42D3ABA, E1A080E61FB1BAF0DA629D34BAEE6F0F9D0E0337BF6CED9F4B3AB9B1C23D91BA ] C:\Windows\SysWOW64\cmd.exe
23:38:01.0289 0x1768 C:\Windows\SysWOW64\cmd.exe - ok
23:38:01.0291 0x1768 [ 4B76E621AFB97D0441F36978611A961C, 620C211E83325C609961413815BF301C10A3C00C57B7FA9E34A103CA1EE25EF1 ] C:\Windows\SysWOW64\apphelp.dll
23:38:01.0291 0x1768 C:\Windows\SysWOW64\apphelp.dll - ok
23:38:01.0293 0x1768 [ D5A444B63637EC0932172C6719A10252, 5B2F51B102EB3FE551A5D727D5280BA9417C3AC62E224997A3549F19677EAEE0 ] C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
23:38:01.0293 0x1768 C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe - ok
23:38:01.0295 0x1768 [ 4C50680BDC98B551CE5C173BAB1C62D7, 040FA269D72978BC51F42BC3E056539F83F425CDCF1C20CB17C6E7D9FDEA2526 ] C:\Windows\SysWOW64\cmdext.dll
23:38:01.0295 0x1768 C:\Windows\SysWOW64\cmdext.dll - ok
23:38:01.0297 0x1768 [ 720546B84ED5229E1584C8F3533A2F12, AB3C09C7F4B34D82786484439BCF78E7D7D202D1A75120ECFD140A74B8D36E86 ] C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
23:38:01.0298 0x1768 C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe - ok
23:38:01.0300 0x1768 [ 728497F5AEC183D2E16A05E2746D3B8A, E6793BACF97E90E7116CF9F61D699DF55420A8E5364B94BB902EBC39491DD91D ] C:\Windows\SysWOW64\shdocvw.dll
23:38:01.0300 0x1768 C:\Windows\SysWOW64\shdocvw.dll - ok
23:38:01.0302 0x1768 [ 81C566C60F67B22906E43C4F1A8DFB1B, 5E8ECDA44CCDEA090ABFB0C7A217E0B7841A982A3D4F0655B9FB94898C43450B ] C:\Windows\SysWOW64\apprepapi.dll
23:38:01.0302 0x1768 C:\Windows\SysWOW64\apprepapi.dll - ok
23:38:01.0304 0x1768 [ 4979F824373153BF1E79AFEC41B7FF46, 998B381FD19B0F94FA81C3410AB2FE2F1471E5A21778118B7269D99A40A7BE0E ] C:\Windows\SysWOW64\tbs.dll
23:38:01.0304 0x1768 C:\Windows\SysWOW64\tbs.dll - ok
23:38:01.0306 0x1768 [ 25759488763C8FCCCB68690D152F0A65, F863BF011FA091623A2155029D51A96A387D68991DAB3E38774F7190B88BBFCC ] C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\setup.exe
23:38:01.0306 0x1768 C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\setup.exe - ok
23:38:01.0308 0x1768 [ 88244F5A24F9CD98E74472FDFA827FA2, 40F2C8493A44F629A6D56D5A34721861A4CB7252FAFFD18FD33B7E895FF75F73 ] C:\Windows\SysWOW64\ncrypt.dll
23:38:01.0308 0x1768 C:\Windows\SysWOW64\ncrypt.dll - ok
23:38:01.0310 0x1768 [ 13B9417E93437480E168669EDE36298B, 6DA9F600805AF0D5C056E64387FCD17D593C7D57E1329CC90EA3ED6F13C2BF23 ] C:\Windows\SysWOW64\ntasn1.dll
23:38:01.0310 0x1768 C:\Windows\SysWOW64\ntasn1.dll - ok
23:38:01.0312 0x1768 [ 73E50B6C22F18C6FBC4553B9ED983B9B, 8FA2FC362DFD1AAA3520E8418ECEE908F5521B730A420B78CFC934156347E5CA ] C:\Windows\SysWOW64\gpapi.dll
23:38:01.0312 0x1768 C:\Windows\SysWOW64\gpapi.dll - ok
23:38:01.0314 0x1768 [ 1BA05E6A8212AFBA262635D5131D4CA9, C7F6FB11C3F2A954805C8C6B62B7B1EF9D95AF0037016C07F14BDDA07266D058 ] C:\Windows\SysWOW64\cryptnet.dll
23:38:01.0314 0x1768 C:\Windows\SysWOW64\cryptnet.dll - ok
23:38:01.0317 0x1768 [ D4E028B34B8069DF1906EB9ADAF285FA, E34577A779C56B0989EFE30C9DC99CFB04F5C30DAF620087A9DD22A32F0DE8EA ] C:\Windows\SysWOW64\Wldap32.dll
23:38:01.0317 0x1768 C:\Windows\SysWOW64\Wldap32.dll - ok
23:38:01.0319 0x1768 [ 8DBA497E4C9D1B4BBFCC70A887B9A984, 857FED17F11605D75DC1D681B7BF42CC0ADB1FB65C69BCE6A2AE195CE0060289 ] C:\Windows\SysWOW64\webservices.dll
23:38:01.0319 0x1768 C:\Windows\SysWOW64\webservices.dll - ok
23:38:01.0321 0x1768 [ 8B623D50C30C128C027602637E6EB7F3, 0C668522C11FE0E774705C20AC3232C5B917FE9CF8B70A525011EF17AF7436F3 ] C:\Windows\SysWOW64\OnDemandConnRouteHelper.dll
23:38:01.0321 0x1768 C:\Windows\SysWOW64\OnDemandConnRouteHelper.dll - ok
23:38:01.0323 0x1768 [ 984B3226C7A4CFC9FE91D7BACA133D8D, B8058FC049217DE89F13730425207C19B1967194F3BE3C8CAE2F8AA3BD932721 ] C:\Windows\SysWOW64\winhttp.dll
23:38:01.0323 0x1768 C:\Windows\SysWOW64\winhttp.dll - ok
23:38:01.0325 0x1768 [ 0FF2E68E46E2B8278B8CD717A866F9BF, 27FFAA28649FC4ED9CAF7750731E3467E86956F4FEBE8894B23583392E6A566C ] C:\Program Files\Internet Explorer\sqmapi.dll
23:38:01.0325 0x1768 C:\Program Files\Internet Explorer\sqmapi.dll - ok
23:38:01.0327 0x1768 [ DA4AEA90705604A44AF5E06418A3AA79, 45D93A72CB3CC7E873760B3956BBB3C21F1A5C38D7083F43A7A373C453B13483 ] C:\Windows\SysWOW64\schannel.dll
23:38:01.0327 0x1768 C:\Windows\SysWOW64\schannel.dll - ok
23:38:01.0329 0x1768 [ ABCCF220548BA6EE8A27DA85951D0569, D378A45C1B2547BDF87F53DA452DB1D977B91CF6C8B183BC8406E20039BEDB9A ] C:\Windows\SysWOW64\ncryptsslp.dll
23:38:01.0329 0x1768 C:\Windows\SysWOW64\ncryptsslp.dll - ok
23:38:01.0331 0x1768 [ 94E3A2D6251A35ED69DB3221329E8584, EE55890F58C13E5A2540196ECFC0789EE027FCD4819B2040162D76F7AE2C6A68 ] C:\Users\John F\AppData\Local\Temp\{E2BB3C14-D5A5-49C4-B956-265400362F2E}.exe
23:38:01.0331 0x1768 C:\Users\John F\AppData\Local\Temp\{E2BB3C14-D5A5-49C4-B956-265400362F2E}.exe - ok
23:38:01.0333 0x1768 [ 0320929A497A57A243ED157BA082896D, 8454D4EFA24D042A11550B2C6424B4F845D8167C86FBFF1BE411BF4F47C3410C ] C:\Windows\SysWOW64\pcacli.dll
23:38:01.0333 0x1768 C:\Windows\SysWOW64\pcacli.dll - ok
23:38:01.0335 0x1768 [ 5D7148704D8715482695A534887359FA, A194BE35CFB3B5B157E4DEF24E4615EBE8C04156ABFD19718AA906598D26487E ] C:\Windows\SysWOW64\mpr.dll
23:38:01.0335 0x1768 C:\Windows\SysWOW64\mpr.dll - ok
23:38:01.0337 0x1768 [ EB5BB44DBA9F55DB59076E58F6E42C03, DB19B33CC13427CB915BBB1C9AC564AD91A8663AAB4CC64168DA40FAB0711817 ] C:\Windows\SysWOW64\sfc_os.dll
23:38:01.0337 0x1768 C:\Windows\SysWOW64\sfc_os.dll - ok
23:38:01.0339 0x1768 [ C3C9B251ABFA347AA454B6AA17068FA1, 1909A393E1CB19FEE787095C3BAAEBF202BEADCEE40EF0BE4A5D9319A35179E3 ] C:\Windows\SysWOW64\devrtl.dll
23:38:01.0339 0x1768 C:\Windows\SysWOW64\devrtl.dll - ok
23:38:01.0341 0x1768 [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] C:\Windows\System32\aelupsvc.dll
23:38:01.0341 0x1768 C:\Windows\System32\aelupsvc.dll - ok
23:38:01.0343 0x1768 [ E9286577AD0D3BE9158DCE178A879123, 5B404587CE415CF47A4ABC219FB2376002C6BFFAB6C010FC8DD1FA9DE815F6AC ] C:\Windows\System32\devrtl.dll
23:38:01.0343 0x1768 C:\Windows\System32\devrtl.dll - ok
23:38:01.0345 0x1768 [ 2C161B551FDEEA7069CB87F3BE5E34C6, 515A0F1D71793D3C9509E929334557EB441D36BF4870273583E4D68A331B09FD ] C:\Windows\apppatch\AcGenral.dll
23:38:01.0345 0x1768 C:\Windows\apppatch\AcGenral.dll - ok
23:38:01.0347 0x1768 [ 59D079196F554E01CA59F52EFA117CB4, 233298BA99255EE05FD89A001E8F16C408205E7DB4B8DB69FF2911D2DA303B58 ] C:\Windows\System32\themeui.dll
23:38:01.0347 0x1768 C:\Windows\System32\themeui.dll - ok
23:38:01.0349 0x1768 [ 71CDF9791C2EB5935F10DD48FA1C5045, AE66183C71B897538F273F8185BA302C87E5D5A11480746BA95B3AA0B56600B0 ] C:\Windows\SysWOW64\dwmapi.dll
23:38:01.0349 0x1768 C:\Windows\SysWOW64\dwmapi.dll - ok
23:38:01.0351 0x1768 [ 739F99ADA1F0A4188F683918809FE7AC, 92CB2AC69B143558F2E317668AC15FD8A3BC7BF59EF676F1B2C9169A84B8EA80 ] C:\Windows\System32\twinui.dll
23:38:01.0351 0x1768 C:\Windows\System32\twinui.dll - ok
23:38:01.0353 0x1768 [ 4CEC4C390F0B53AC8AEA2407D88A0ABF, EEC7FBC4B7087C669DAAC0EA07B305C762EDF18B7C02B3FBD8B895D1F4FDD0F6 ] C:\Windows\SysWOW64\webio.dll
23:38:01.0353 0x1768 C:\Windows\SysWOW64\webio.dll - ok
23:38:01.0355 0x1768 [ 7AF1074DAB6D56D0A575F507B6AC266E, FAC5F0F88D4EE13505E04B2DF6EB01212ADEFA72637F54CE36DFF62473718B36 ] C:\Windows\SysWOW64\mstask.dll
23:38:01.0355 0x1768 C:\Windows\SysWOW64\mstask.dll - ok
23:38:01.0357 0x1768 [ 8A606C90276DCAC67F3D45A0A235ECD6, A6D717D28153C277CA1002A6AF901C7CCABAA1C8FF95D11751FC7B774D1AFE16 ] C:\Windows\SysWOW64\winmm.dll
23:38:01.0357 0x1768 C:\Windows\SysWOW64\winmm.dll - ok
23:38:01.0359 0x1768 [ 766DCDC7032C4C98E47B8A9F71239E38, BA8153BA42D21C375CB021C24153425D27FD0BFC9F8713EC86E1AEE02ECF86DF ] C:\Windows\System32\twinapi.appcore.dll
23:38:01.0359 0x1768 C:\Windows\System32\twinapi.appcore.dll - ok
23:38:01.0361 0x1768 [ 10B3D632CA42A042F9E38CC30830A800, B114B2E12B7FBCCCA34DBBABFB113AD3193EAD27F3DFCD7B4137AB9763FB2912 ] C:\Windows\System32\ExplorerFrame.dll
23:38:01.0361 0x1768 C:\Windows\System32\ExplorerFrame.dll - ok
23:38:01.0363 0x1768 [ A76A00A5244DA1CE40DE8BFBAD1E2C4E, F5035080E7629D0A0568F4F36F171D548331B99415A8EDC925FFE9401FB0D864 ] C:\Windows\SysWOW64\samcli.dll
23:38:01.0363 0x1768 C:\Windows\SysWOW64\samcli.dll - ok
23:38:01.0365 0x1768 [ 0D70F07EB0BCCE2B13652EFFF0DDD75F, FC244FEC0A9745B94C772C68779DFFBE9A162BE8C03103ADE8CFA410B008B4F0 ] C:\Windows\SysWOW64\msacm32.dll
23:38:01.0365 0x1768 C:\Windows\SysWOW64\msacm32.dll - ok
23:38:01.0367 0x1768 [ 74541452095D89F4A9F5426AC53CB416, D1AB2EE30EB577A9D4C0450887914AA8F4EBA9233740C0BB15D21CC9F89545C8 ] C:\Windows\System32\windows.immersiveshell.serviceprovider.dll
23:38:01.0367 0x1768 C:\Windows\System32\windows.immersiveshell.serviceprovider.dll - ok
23:38:01.0370 0x1768 [ 63CB763FE4CEADFFF5F047332814E8F9, 814EB47BE61F80D88C1B8877E86FB3DBEB85B95019F4005C9FD4F9EEE832A169 ] C:\Windows\System32\wldp.dll
23:38:01.0370 0x1768 C:\Windows\System32\wldp.dll - ok
23:38:01.0372 0x1768 [ 5F74A7DB62F6D560B0C858A096A37B59, 8E55009D6B6FFA35EE9F766757ECBA3559018F8C909B04BB8461E18384B30D13 ] C:\Windows\System32\twinui.appcore.dll
23:38:01.0372 0x1768 C:\Windows\System32\twinui.appcore.dll - ok
23:38:01.0374 0x1768 [ 4A87A56606776CC9E1520D8A2741E9AE, 565A99728A5833D2DE0BB01BA6A2F1424BCD88DF895BD096E2D78EEE42B7B279 ] C:\Windows\System32\WinTypes.dll
23:38:01.0374 0x1768 C:\Windows\System32\WinTypes.dll - ok
23:38:01.0376 0x1768 [ CE10041A39A0E6F598BFA50A5AB64CF3, D9738F27B1F16D3F2666B12FF080D82360F3DFCD285081DB90E7D4E46AD762E4 ] C:\Windows\System32\wpncore.dll
23:38:01.0376 0x1768 C:\Windows\System32\wpncore.dll - ok
23:38:01.0378 0x1768 [ 152152B5EE3512ED85C526967C350355, 13E0C65D85E8905C05FAF41221C94773B730361122CA277B50E69B4D4CA22B1D ] C:\Windows\System32\thumbcache.dll
23:38:01.0378 0x1768 C:\Windows\System32\thumbcache.dll - ok
23:38:01.0380 0x1768 [ 812F9BECC3D67371B4B6A41E09E1AEFE, 8B6426F2409797E80BA6A91E83D3BDFE424E524D99DD5AEB3A9117A88E090362 ] C:\Windows\System32\Windows.Networking.Connectivity.dll
23:38:01.0380 0x1768 C:\Windows\System32\Windows.Networking.Connectivity.dll - ok
23:38:01.0383 0x1768 [ D4E3BC36A7A0D7A445DCF7342DCB3566, 1816BDBAAFC44D04947FA6B5AE93278E32C1E45E38CDB309EC352CB444AA9C87 ] C:\Windows\System32\ELSCore.dll
23:38:01.0383 0x1768 C:\Windows\System32\ELSCore.dll - ok
23:38:01.0385 0x1768 [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] C:\Windows\System32\ncbservice.dll
23:38:01.0385 0x1768 C:\Windows\System32\ncbservice.dll - ok
23:38:01.0387 0x1768 [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] C:\Windows\System32\TimeBrokerServer.dll
23:38:01.0387 0x1768 C:\Windows\System32\TimeBrokerServer.dll - ok
23:38:01.0389 0x1768 [ 4CB85D450E4816BEDBBDB8ABD697F597, 8190B08A59FF468000D06C7F757201FDE437A82CF560929F47673FC3CD81514E ] C:\Windows\System32\elslad.dll
23:38:01.0389 0x1768 C:\Windows\System32\elslad.dll - ok
23:38:01.0391 0x1768 [ 121BCF3FB6C1F8AA214EB83C76B944FB, 601696238E353AF241C28B20A1FCBD75B3CE92D6FE6B1A427E9D653FCFA8BA5A ] C:\Windows\System32\elsTrans.dll
23:38:01.0391 0x1768 C:\Windows\System32\elsTrans.dll - ok
23:38:01.0393 0x1768 [ E8511D133B449BEE41CABFCA6EB35526, 38D635B18B195AC1626E3B54B63A7EB0807409D234620697D7FB520680CDDED5 ] C:\Windows\System32\BrokerLib.dll
23:38:01.0393 0x1768 C:\Windows\System32\BrokerLib.dll - ok
23:38:01.0395 0x1768 [ 3FC7A2314C12F33674ABAC15F8C2094B, 773FAE237F0C868C151E417A336034967CE0A8B3A47049385D9FB9DAF51D00E4 ] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\livecomm.exe
23:38:01.0395 0x1768 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\livecomm.exe - ok
23:38:01.0397 0x1768 [ AACECE80A24B309935DF4023F25C129E, 044CDDF37BA1EA774C251F4B8C9FD1F361581C4B32978DBA76CEB2D2CE7163D6 ] C:\Windows\System32\SettingSyncPolicy.dll
23:38:01.0397 0x1768 C:\Windows\System32\SettingSyncPolicy.dll - ok
23:38:01.0399 0x1768 [ 8F464EE568C36C174DC403EFC8F85A21, 1FB87547C90A4ABFE40078C74C9C9E3DB9428AA6B2A0E15CEF6E1635C94C4686 ] C:\Windows\System32\stobject.dll
23:38:01.0399 0x1768 C:\Windows\System32\stobject.dll - ok
23:38:01.0401 0x1768 [ 2B96525A8E9A3FDD6516A0FFB6E7C0AF, 09EA43A3309965049FE264C121F164FE0F63AC9BADE07F2529B3AA43F3CBFAFB ] C:\Windows\System32\prnfldr.dll
23:38:01.0401 0x1768 C:\Windows\System32\prnfldr.dll - ok
23:38:01.0403 0x1768 [ 931BE81031C762956D82D1D2F95AF3C5, 11A7F522CEC0F2BA944DE7A3A80BDB4F97881FCF78CDCF735C1CA903FA514BA6 ] C:\Windows\SysWOW64\winspool.drv
23:38:01.0403 0x1768 C:\Windows\SysWOW64\winspool.drv - ok
23:38:01.0405 0x1768 [ 090E4DE444439DF828CB726D60EA9CFD, BCC7F55572FE855B264600F85A298007756A74A67FDFFDB92D856707C2F1240A ] C:\Windows\System32\ActionCenter.dll
23:38:01.0405 0x1768 C:\Windows\System32\ActionCenter.dll - ok
23:38:01.0407 0x1768 [ A6306E2A24C11555D5A4E572291C551D, 764337B658D24DDFBF370C5BBBC97F039D1B796DB8F1B735B419AB6F9846DE49 ] C:\Windows\System32\ntshrui.dll
23:38:01.0407 0x1768 C:\Windows\System32\ntshrui.dll - ok
23:38:01.0409 0x1768 [ B232087914F1D97B79B712AF4CBF4AEF, 41068262D1440C6C03DB0FE32576A411FA6CBABDA9CF1912CBD823442DCE9EE5 ] C:\Windows\SysWOW64\winmmbase.dll
23:38:01.0409 0x1768 C:\Windows\SysWOW64\winmmbase.dll - ok
23:38:01.0411 0x1768 [ E494AC90229C06ADB8ACC8D20A3F27CB, 2DDBA644739D3FC43C2444C104452E992B0D3FD6E3E2DB36C9496BEF52E8E6E0 ] C:\Windows\SysWOW64\devobj.dll
23:38:01.0411 0x1768 C:\Windows\SysWOW64\devobj.dll - ok
23:38:01.0413 0x1768 [ 6031CF57D972421469B15770AF8FF942, 504D914FF3257717723F336BA988E8499327D76111FCCE4A26F344890DD81768 ] C:\Windows\System32\AudioSes.dll
23:38:01.0413 0x1768 C:\Windows\System32\AudioSes.dll - ok
23:38:01.0415 0x1768 [ EB34CE5EFA1591915F973EB30C77A1D8, 86D608B89997A5BF9A6BFD5386A26CFCFACB88A6E3A2D6B4BC9C375085F2AE7E ] C:\Windows\System32\Windows.Globalization.Fontgroups.dll
23:38:01.0415 0x1768 C:\Windows\System32\Windows.Globalization.Fontgroups.dll - ok
23:38:01.0416 0x1768 [ EB248189E980B367D09C36A1C2A6FC3D, 9D0AC50AA86E0650D0D3797FE5B38C82B919C2A16A9CD206A34793B412B31414 ] C:\Windows\System32\linkinfo.dll
23:38:01.0416 0x1768 C:\Windows\System32\linkinfo.dll - ok
23:38:01.0419 0x1768 [ 9415D8364F64C603853D4CA27CECB3BA, 6D22ECE460948AEE682E72269C2907E2C04474FEE8ADFC4AC4619690F5DE7680 ] C:\Windows\System32\DXP.dll
23:38:01.0419 0x1768 C:\Windows\System32\DXP.dll - ok
23:38:01.0421 0x1768 [ 9EE220DEE3DA294D3815E2D4EB56A7D9, B6537D24229797ACD5BDDA7D69463F26706B2AF71DC9B8C3962B4C2DAF5733B0 ] C:\Windows\SysWOW64\wtsapi32.dll
23:38:01.0421 0x1768 C:\Windows\SysWOW64\wtsapi32.dll - ok
23:38:01.0423 0x1768 [ 17F26A480391D5AB4935AE77D4F6F18A, 909A0F6DA49DC3E1D4200BA93C8690AFB5583B649AB135EE7EF6CFCC7B839FE0 ] C:\Windows\System32\shdocvw.dll
23:38:01.0423 0x1768 C:\Windows\System32\shdocvw.dll - ok
23:38:01.0425 0x1768 [ 9590CA2728AACAD7ECE35008D789C3B6, E8F0E0A09EE74EB4E1BCEB82FC166B08A1D5D98649C6478F02D74CD8BC0B2D5B ] C:\Windows\System32\Syncreg.dll
23:38:01.0425 0x1768 C:\Windows\System32\Syncreg.dll - ok
23:38:01.0427 0x1768 [ 7668892E7ABC6FE867DCB097B36B6F3C, D182F048289DA6F24A628A57E54E46C3E7CF4EFBC4E1815B9E933A75D8F8D632 ] C:\Windows\System32\Windows.UI.dll
23:38:01.0427 0x1768 C:\Windows\System32\Windows.UI.dll - ok
23:38:01.0429 0x1768 [ C4D32A2A0032C65587993E637F2B78F6, 01384FCDEEDE02D88A49332CC6069345C5BA243C37ECC25F8BF9A45ACA7D4A26 ] C:\Windows\System32\AltTab.dll
23:38:01.0429 0x1768 C:\Windows\System32\AltTab.dll - ok
23:38:01.0431 0x1768 [ 7FF1EBF5A376F5B17421E6868F353627, 6ADE337B227FA50489287169979593E5E05DBED4DB8F3B4271CEEBC3CCD76A72 ] C:\Windows\System32\pnidui.dll
23:38:01.0431 0x1768 C:\Windows\System32\pnidui.dll - ok
23:38:01.0433 0x1768 [ 776F9D8FA4186E2976DBC89D99CB59A6, 65CE3346E0149889494A7B6E05393D0AA24879D9B913571DA2F94DD01BE10E81 ] C:\Windows\System32\WPDShServiceObj.dll
23:38:01.0433 0x1768 C:\Windows\System32\WPDShServiceObj.dll - ok
23:38:01.0435 0x1768 [ 7101124E9C48FDBCD7C3DA690990010B, E4FC33B2D38CC75BF0C98A69DA2860F000BC17FFC86C96B342BDFDDE6C247C00 ] C:\Windows\System32\bthprops.cpl
23:38:01.0435 0x1768 C:\Windows\System32\bthprops.cpl - ok
23:38:01.0438 0x1768 [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\Users\JOHNF~1\AppData\Local\Temp\{AE324ACC-C060-45C1-9A4D-A30771F270AB}\{A48CF56B-0187-4D91-B94B-067E9119D054}.tmp
23:38:01.0438 0x1768 C:\Users\JOHNF~1\AppData\Local\Temp\{AE324ACC-C060-45C1-9A4D-A30771F270AB}\{A48CF56B-0187-4D91-B94B-067E9119D054}.tmp - ok
23:38:01.0440 0x1768 [ 4F6908A61CBC7FD263BB424671431623, EE95E97E1387CB1C42249A91D3BF1AE9AA68DE221836E8F84D586C014CBA7391 ] C:\Windows\System32\SearchFolder.dll
23:38:01.0440 0x1768 C:\Windows\System32\SearchFolder.dll - ok
23:38:01.0442 0x1768 [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\Users\JOHNF~1\AppData\Local\Temp\{AE324ACC-C060-45C1-9A4D-A30771F270AB}\{4F670075-BCB3-4E61-87D3-E6424E78E2BB}.tmp
23:38:01.0442 0x1768 C:\Users\JOHNF~1\AppData\Local\Temp\{AE324ACC-C060-45C1-9A4D-A30771F270AB}\{4F670075-BCB3-4E61-87D3-E6424E78E2BB}.tmp - ok
23:38:01.0445 0x1768 [ DE320127B1ED10BF465AF9FB7EBD4557, BFF3F36E8398A089406F33C596398289CD20221E2F82235B3C9897540E6EE02E ] C:\Windows\System32\PortableDeviceTypes.dll
23:38:01.0445 0x1768 C:\Windows\System32\PortableDeviceTypes.dll - ok
23:38:01.0447 0x1768 [ 80F4C728FC12B324156486806AB3357E, 2E3AE8E1AA8F489D3A71F9163BF5329EA8EC8BB3FF076289B5F924AB5170883F ] C:\Windows\System32\Windows.UI.Search.dll
23:38:01.0447 0x1768 C:\Windows\System32\Windows.UI.Search.dll - ok
23:38:01.0449 0x1768 [ 80808656078CFCC32CF8BFEB0DD66279, 383F37599ABF16EEDEB2A60242DB7EDCC3D210A2A59DD61169047059F7041C5C ] C:\Users\JOHNF~1\AppData\Local\Temp\{AE324ACC-C060-45C1-9A4D-A30771F270AB}\{8FFAC901-A328-40FD-A261-F270D8B7D438}.tmp
23:38:01.0449 0x1768 C:\Users\JOHNF~1\AppData\Local\Temp\{AE324ACC-C060-45C1-9A4D-A30771F270AB}\{8FFAC901-A328-40FD-A261-F270D8B7D438}.tmp - ok
23:38:01.0451 0x1768 [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\Users\JOHNF~1\AppData\Local\Temp\{AE324ACC-C060-45C1-9A4D-A30771F270AB}\{59B5BC9B-4456-4E6C-AF47-34B67E477941}.tmp
23:38:01.0451 0x1768 C:\Users\JOHNF~1\AppData\Local\Temp\{AE324ACC-C060-45C1-9A4D-A30771F270AB}\{59B5BC9B-4456-4E6C-AF47-34B67E477941}.tmp - ok
23:38:01.0454 0x1768 [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\Users\JOHNF~1\AppData\Local\Temp\{AE324ACC-C060-45C1-9A4D-A30771F270AB}\{A2809880-0363-4839-A30F-C71950BEC2C1}.tmp
23:38:01.0454 0x1768 C:\Users\JOHNF~1\AppData\Local\Temp\{AE324ACC-C060-45C1-9A4D-A30771F270AB}\{A2809880-0363-4839-A30F-C71950BEC2C1}.tmp - ok
23:38:01.0456 0x1768 [ F26EF8EB298CD2BE8A2F6B9BACA3EEF3, 44EE7145FEC69FACBFF75485E83F4258DD7EDD63BC7A554A5E12BA67B6B19398 ] C:\Windows\System32\VAN.dll
23:38:01.0456 0x1768 C:\Windows\System32\VAN.dll - ok
23:38:01.0458 0x1768 [ 6E0BDFBEEED65B017F2E4C2C910B0520, 54D798C2E2804DCDB84E9650EA4A032C669B10C586B396D5505F16235D83882C ] C:\Windows\System32\rundll32.exe
23:38:01.0458 0x1768 C:\Windows\System32\rundll32.exe - ok
23:38:01.0460 0x1768 [ 1BE37BA07974AB07A02C0C3F86DA5644, 5CFBF4F826304BEE1A0A6D461E5F183FC9738728E47C8DF8E8648B0FF9449099 ] C:\Windows\System32\nvcpl.dll
23:38:01.0460 0x1768 C:\Windows\System32\nvcpl.dll - ok
23:38:01.0462 0x1768 [ 98A755F17458A425CCE6389346BA6540, D4B117BF19D6FD2D284D7CB6A7D24B91F023F5F8B0B3EB9894616BD60431552E ] C:\Windows\System32\wincorlib.dll
23:38:01.0462 0x1768 C:\Windows\System32\wincorlib.dll - ok
23:38:01.0464 0x1768 [ 30EC406493F585A43BC3F6E813E266A7, 0AF4F6941FA321AF916443443F268A15E1DA61342B7CDA9D1C911EBE17972749 ] C:\Windows\System32\WSClient.dll
23:38:01.0464 0x1768 C:\Windows\System32\WSClient.dll - ok
23:38:01.0466 0x1768 [ BB8609D796C1D93561DBFBB11A920168, 895CC78BA000A6FDFC2B3798687BDC22E32B3E567DEFEC59176660CFFAC5FD6C ] C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
23:38:01.0466 0x1768 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe - ok
23:38:01.0468 0x1768 [ AF1BC4F5421023D59F1D472C1A4E01CF, 995B6A09728BA513CBE5238DEC98C613525D3B13AA00E1B967BE3C17776AC226 ] C:\Windows\System32\WSShared.dll
23:38:01.0468 0x1768 C:\Windows\System32\WSShared.dll - ok
23:38:01.0470 0x1768 [ DFF645AB6292512CE5DEB5A35DC0C7A2, 60198DAA3B80372C4696DAAC56D9F7B317731DB1E265E99C721F6F1EB0155195 ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll
23:38:01.0470 0x1768 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll - ok
23:38:01.0472 0x1768 [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\Users\JOHNF~1\AppData\Local\Temp\{AE324ACC-C060-45C1-9A4D-A30771F270AB}\{D991F725-A4DA-4AA5-85C8-A528A203827A}.tmp
23:38:01.0472 0x1768 C:\Users\JOHNF~1\AppData\Local\Temp\{AE324ACC-C060-45C1-9A4D-A30771F270AB}\{D991F725-A4DA-4AA5-85C8-A528A203827A}.tmp - ok
23:38:01.0475 0x1768 [ 839CF25B9B8614CE7319BC5CF1F5C01F, 586DA741CF98840E349EB08EE6102E42D69FD0CED41DCF5C34DD33411BDA5A4B ] C:\Windows\System32\WSSync.dll
23:38:01.0475 0x1768 C:\Windows\System32\WSSync.dll - ok
23:38:01.0477 0x1768 [ 29CAE0205F1749741308FC3D9E7433C0, EADD80911C65821FB9A335610E325BD49C0F0C5D1A17C2E7F053A9B8E6F9DE0A ] C:\Program Files\Windows Portable Devices\sqmapi.dll
23:38:01.0477 0x1768 C:\Program Files\Windows Portable Devices\sqmapi.dll - ok
23:38:01.0479 0x1768 [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\Users\JOHNF~1\AppData\Local\Temp\{AE324ACC-C060-45C1-9A4D-A30771F270AB}\{B2E80FCA-D9C9-4DB0-881B-C626FEDDD8B3}.tmp
23:38:01.0479 0x1768 C:\Users\JOHNF~1\AppData\Local\Temp\{AE324ACC-C060-45C1-9A4D-A30771F270AB}\{B2E80FCA-D9C9-4DB0-881B-C626FEDDD8B3}.tmp - ok
23:38:01.0481 0x1768 [ DD6BF469816E35DB19489D6722B98A7B, E8AD82A62E929B0E5BA46D6BA9A71131EA7FDAE9E8DD5B7426149F8F76720EDB ] C:\Windows\System32\dxtrans.dll
23:38:01.0481 0x1768 C:\Windows\System32\dxtrans.dll - ok
23:38:01.0483 0x1768 [ AB7892A876ED44FC9C1D80FD9F3046E0, F5AA37343F8BF3B6AD811F3F88CB227CDD7D02EA1A42BAF6A273087C0FAAA24A ] C:\Windows\System32\StructuredQuery.dll
23:38:01.0483 0x1768 C:\Windows\System32\StructuredQuery.dll - ok
23:38:01.0485 0x1768 [ 7A370E208159AFA453B5D64625556BE5, FA6FBD5AC3BF9B9BC970BC6F03750217A0B277D268541C02788E86DB18F3D763 ] C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU64.dll
23:38:01.0485 0x1768 C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU64.dll - ok
23:38:01.0487 0x1768 [ 0512FCA695595018A289C032A409EA64, 608922D1970E8FAC02DA0F01920C4E3706BE75C116018322FBCB926DC90882E7 ] C:\Windows\System32\SettingMonitor.dll
23:38:01.0487 0x1768 C:\Windows\System32\SettingMonitor.dll - ok
23:38:01.0489 0x1768 [ 817005B17E25BD6E2369635D5A33DA51, D9BF3391AC1DA28804FA1B83753C054D63F0BFB3A5E0020A36F00FA9247EFEC9 ] C:\Windows\System32\AepRoam.dll
23:38:01.0489 0x1768 C:\Windows\System32\AepRoam.dll - ok
23:38:01.0491 0x1768 [ 7FB2433AD4F18556CAB45092AF621FA2, C1EB54CCF21B0270ABDA820B741B0F30A3974065BE189168AC55CD3D0837D116 ] C:\Windows\System32\wpnprv.dll
23:38:01.0492 0x1768 C:\Windows\System32\wpnprv.dll - ok
23:38:01.0494 0x1768 [ A030B48F73CB01B89AD5CF725240401A, 3334AFA0C57F2A9EFF0FC466B62AAD6513191360BF46CEB337E089650AD5A474 ] C:\Windows\System32\OnDemandConnRouteHelper.dll
23:38:01.0494 0x1768 C:\Windows\System32\OnDemandConnRouteHelper.dll - ok
23:38:01.0496 0x1768 [ 60F597E81A3E0BB5F52D60B5BA7FDFA2, E407400D0C6BF94A5F89A52E336F8F3D7AEBEAD6939A57B5FBC393FF579ED7F3 ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll
23:38:01.0496 0x1768 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll - ok
23:38:01.0498 0x1768 [ AD776C2F3396AA47ACF6CEAD8EC446C1, 170E9E525286388010EB9F8BA6A1B38C775188F55B3D46F7DDA75877DD2DEEB4 ] C:\Windows\System32\Windows.Security.Authentication.OnlineId.dll
23:38:01.0498 0x1768 C:\Windows\System32\Windows.Security.Authentication.OnlineId.dll - ok
23:38:01.0500 0x1768 [ 5764E8261620179F4B9472D2E589E5D9, 41510D4A21AAE673DEC295183DC59CF93036893CCDBAE826267E212E144A7301 ] C:\Windows\System32\TimeBrokerClient.dll
23:38:01.0500 0x1768 C:\Windows\System32\TimeBrokerClient.dll - ok
23:38:01.0503 0x1768 [ 76C3A3F212D8ABE96B0B4BDA2A67F66F, 593DF65B95EE88B88008797C6BC5032FFAA9FFFECA5EEBF4FA2FBAD3BAB78D50 ] C:\Windows\System32\Windows.Networking.Sockets.PushEnabledApplication.dll
23:38:01.0503 0x1768 C:\Windows\System32\Windows.Networking.Sockets.PushEnabledApplication.dll - ok
23:38:01.0505 0x1768 [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\Users\JOHNF~1\AppData\Local\Temp\{AE324ACC-C060-45C1-9A4D-A30771F270AB}\{2B36BF12-3FCB-47F9-A958-970C3F5DC2D3}.tmp
23:38:01.0505 0x1768 C:\Users\JOHNF~1\AppData\Local\Temp\{AE324ACC-C060-45C1-9A4D-A30771F270AB}\{2B36BF12-3FCB-47F9-A958-970C3F5DC2D3}.tmp - ok
23:38:01.0507 0x1768 [ 991FB4D35BCA212FF14314D9AB34833E, 91EECF388C14FCCCC3B7665019202EE3B2D0FED4939DFAD9F1B785C4A9BDCEAB ] C:\Windows\System32\PackageStateRoaming.dll
23:38:01.0507 0x1768 C:\Windows\System32\PackageStateRoaming.dll - ok
23:38:01.0510 0x1768 [ 854DA94B8CB68D74CB7480B2F426CA2A, 56E0F1CE7C58E33F89CC8292F0BC49554ED45F5B763B994DA126291D5DFFE621 ] C:\Windows\System32\ddraw.dll
23:38:01.0510 0x1768 C:\Windows\System32\ddraw.dll - ok
23:38:01.0511 0x1768 [ 5A2B802CB2588979BB969F7BA3BD9F21, E6845A7A56A38EA5176C3834202B8AE9C8C0BC281A697ACF06EB9B0E0A5C93A5 ] C:\Windows\System32\ddrawex.dll
23:38:01.0511 0x1768 C:\Windows\System32\ddrawex.dll - ok
23:38:01.0513 0x1768 [ D66289A41D9931DE7CDF470949C9BC24, D377A23950789315A9C9746F322BC55CADB0504274E1FC38D2B667376013C502 ] C:\Windows\System32\imgutil.dll
23:38:01.0513 0x1768 C:\Windows\System32\imgutil.dll - ok
23:38:01.0515 0x1768 [ 4CD5B246B2DB81DC403B7C9041456B0E, 333D19A56324AC3916B93DCD51EF3AFAD15256754EC306F0BE308B55352C1B37 ] C:\Windows\System32\NapiNSP.dll
23:38:01.0515 0x1768 C:\Windows\System32\NapiNSP.dll - ok
23:38:01.0517 0x1768 [ 218F874A78CB670172280A39A58B8F8A, F5DFBC4502FBA2FB430C578744040C88129C94A3E8468227120B692D20907D22 ] C:\Windows\System32\winrnr.dll
23:38:01.0517 0x1768 C:\Windows\System32\winrnr.dll - ok
23:38:01.0520 0x1768 [ B78C9FB3D92F4502079BB1F07470BE60, CEE5A0DA49093AAA92A7913F1ACB98F240CAD2D45088BF666045AE2A32EDD0E5 ] C:\Windows\System32\wshbth.dll
23:38:01.0520 0x1768 C:\Windows\System32\wshbth.dll - ok
23:38:01.0521 0x1768 [ E6B65614304E4695C87FC4BD8894F3B3, 22B99BC0B863D6834D272B4AFF0A52F6C968056BFBFE8D73114C33C89CB8432A ] C:\Windows\System32\networkexplorer.dll
23:38:01.0521 0x1768 C:\Windows\System32\networkexplorer.dll - ok
23:38:01.0523 0x1768 [ E5DA9DD3E5972CE969EA445492954280, 41EED849562015916D37675D73686F3A4F949DB6E18B8C1B2B7EBB978479DFA1 ] C:\Windows\System32\Windows.UI.Xaml.dll
23:38:01.0523 0x1768 C:\Windows\System32\Windows.UI.Xaml.dll - ok
23:38:01.0526 0x1768 [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\Users\JOHNF~1\AppData\Local\Temp\{AE324ACC-C060-45C1-9A4D-A30771F270AB}\{717F59DE-A954-4762-93FE-50172C3D2739}.tmp
23:38:01.0526 0x1768 C:\Users\JOHNF~1\AppData\Local\Temp\{AE324ACC-C060-45C1-9A4D-A30771F270AB}\{717F59DE-A954-4762-93FE-50172C3D2739}.tmp - ok
23:38:01.0528 0x1768 [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\Users\JOHNF~1\AppData\Local\Temp\{AE324ACC-C060-45C1-9A4D-A30771F270AB}\{71A08325-87BD-44F7-BF6E-4BA24BBE744C}.tmp
23:38:01.0528 0x1768 C:\Users\JOHNF~1\AppData\Local\Temp\{AE324ACC-C060-45C1-9A4D-A30771F270AB}\{71A08325-87BD-44F7-BF6E-4BA24BBE744C}.tmp - ok
23:38:01.0530 0x1768 [ B4E9D29333302BAF9E809EC150355D47, 69F030FBB0F22C012FDC1FDAFF8D3C6459F4BFBDBB6703D352220390F1279B72 ] C:\Windows\System32\dciman32.dll
23:38:01.0530 0x1768 C:\Windows\System32\dciman32.dll - ok
23:38:01.0532 0x1768 [ 82838B5FEDF57C74BF3227B5C8AF8131, D80191E8D5CA334653175867FCA2F82EF16A46EB701C0842727CBF79AFB029CD ] C:\Windows\System32\pngfilt.dll
23:38:01.0532 0x1768 C:\Windows\System32\pngfilt.dll - ok
23:38:01.0534 0x1768 [ 9D2136DDE6753B36A0771FF34337B5D1, 8F139C765BFA080EE15BFC64EC357C9B5EB0BEB20A929E58AB00E19EDBE90254 ] C:\Windows\SysWOW64\riched20.dll
23:38:01.0534 0x1768 C:\Windows\SysWOW64\riched20.dll - ok
23:38:01.0536 0x1768 [ A2D053D11E3756DB3C5642AACA84E69B, 0915A5CEF05CBCC0C8AB16A19DFE025CAF1BF04EE0EA80846D23973A372AF5CA ] C:\Windows\SysWOW64\usp10.dll
23:38:01.0536 0x1768 C:\Windows\SysWOW64\usp10.dll - ok
23:38:01.0538 0x1768 [ 51E0339BAA4C418D894B0BF888A344A6, 0CBF88CEAB09615BCFE242BFF5E02872F2516EBFB19E6856E3B4710366140855 ] C:\Windows\System32\EhStorShell.dll
23:38:01.0538 0x1768 C:\Windows\System32\EhStorShell.dll - ok
23:38:01.0540 0x1768 [ 91AA701CC14DEDD1DD62E27CCADFD99B, 7977DAAC0F7584369D24C6DD6C14204F74DB99367367419469908738FF01A9A2 ] C:\Windows\System32\ThumbnailExtractionHost.exe
23:38:01.0540 0x1768 C:\Windows\System32\ThumbnailExtractionHost.exe - ok
23:38:01.0542 0x1768 [ DBC61FE275917E75AE077A04E701C474, B9CE006FCC2B9892D689BD6DA831854514C6F6890B58FF8F87B19026266492E9 ] C:\Windows\System32\SearchIndexer.exe
23:38:01.0542 0x1768 C:\Windows\System32\SearchIndexer.exe - ok
23:38:01.0544 0x1768 [ 2FE534AC99FE081D9A6950C0C8032751, DF0AA724E9762B124B2B05EA7DA6061A44C470906A220D34017D3F912E64E3AA ] C:\Windows\SysWOW64\msls31.dll
23:38:01.0544 0x1768 C:\Windows\SysWOW64\msls31.dll - ok
23:38:01.0546 0x1768 [ EFF09C9865290B159F79980113358299, DCBDB210155712CEBE3FADF082C1C622A4637639A7EED4F43C60D246EF80297D ] C:\Windows\System32\tquery.dll
23:38:01.0546 0x1768 C:\Windows\System32\tquery.dll - ok
23:38:01.0548 0x1768 [ 2EC3B52F3359E87461F88C3D485B85C2, D9B0D3F87752201DDC7E64FC48B0345ABE49619B2BA73D8AC4ADC1249109B0C7 ] C:\Windows\System32\WWanAPI.dll
23:38:01.0548 0x1768 C:\Windows\System32\WWanAPI.dll - ok
23:38:01.0550 0x1768 [ C3243F65447388A35107A996AC8B30C2, 51709134C24205DB62537F85CBC36B17DBD3BF034614115560CF72D379216880 ] C:\Windows\SysWOW64\ExplorerFrame.dll
23:38:01.0550 0x1768 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
23:38:01.0553 0x1768 [ 19AF77545FD61995E1062277320A92AF, 0A65204F9815AC2165387783F08D86382F33714439BD045C87DB766603B80634 ] C:\Windows\System32\mssrch.dll
23:38:01.0553 0x1768 C:\Windows\System32\mssrch.dll - ok
23:38:01.0555 0x1768 [ 3BDB77EBDBC4AA34E75DB4A5CF7B477F, 706BBB7E8DF004542EA91038FCB3FA9DCFCCB743B78953AE860E9BC2BA8960B5 ] C:\Program Files\WindowsApps\Microsoft.VCLibs.120.00_12.0.21005.1_x64__8wekyb3d8bbwe\msvcr120_app.dll
23:38:01.0555 0x1768 C:\Program Files\WindowsApps\Microsoft.VCLibs.120.00_12.0.21005.1_x64__8wekyb3d8bbwe\msvcr120_app.dll - ok
23:38:01.0558 0x1768 [ 951AECDFBE4925B59769D49873DD8051, B35B8ACFA0386A5E2BD3884498FF53BD676CF985D595D539F98A9C5183F6FD14 ] C:\Windows\System32\msidle.dll
23:38:01.0558 0x1768 C:\Windows\System32\msidle.dll - ok
23:38:01.0560 0x1768 [ 5B6EAF5BBB526E2B042016A1F061AC4D, 6E90F69E76C48F2ABD0E03B5DF2C2544C9AEA3BAD8B3DF0112528277CB05E380 ] C:\Windows\System32\mssprxy.dll
23:38:01.0560 0x1768 C:\Windows\System32\mssprxy.dll - ok
23:38:01.0562 0x1768 [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] C:\Windows\System32\qmgr.dll
23:38:01.0562 0x1768 C:\Windows\System32\qmgr.dll - ok
23:38:01.0564 0x1768 [ CFE23A35E84A2CCA5DE8DF34DC238782, 1E570819CF4104F563D0895259A210E4062B29BD6AECE408793417E38B2422F3 ] C:\Windows\SysWOW64\duser.dll
23:38:01.0564 0x1768 C:\Windows\SysWOW64\duser.dll - ok
23:38:01.0565 0x1768 [ CBD8F6EAC15E1EF69917B3961315C4D4, FB80B32C5CCDA14BC1AC5A9215CBCB57A71A8BF9D6014B193F7E77E6976F791A ] C:\Windows\System32\bitsperf.dll
23:38:01.0566 0x1768 C:\Windows\System32\bitsperf.dll - ok
23:38:01.0568 0x1768 [ 25F83CCBFA07077EFB4EEFCFF3CC3E7A, F0B62CCB2751E5FADFA357CB77F489564FB4BAA4C670B55F445577E7BC8210A3 ] C:\Windows\System32\bitsigd.dll
23:38:01.0568 0x1768 C:\Windows\System32\bitsigd.dll - ok
23:38:01.0570 0x1768 [ 16A19EB29CDE3883DF43DC83D14F1817, CED0BCDF22D12D79A35DC3A00F97E5E2AD27A0CE2CDBA7356D41BD705206B267 ] C:\Windows\System32\upnp.dll
23:38:01.0570 0x1768 C:\Windows\System32\upnp.dll - ok
23:38:01.0572 0x1768 [ A5BFF3597F39015F18AC756F2B475D58, 9DFCC63C0010F4A988C64BEDD863A85B07FC7B068E6B3B07838B14C9ACF2FDF8 ] C:\Windows\SysWOW64\dui70.dll
23:38:01.0572 0x1768 C:\Windows\SysWOW64\dui70.dll - ok
23:38:01.0574 0x1768 [ 319A44F3656F89E045BCFAFD544810F5, E17540A2B2D6C178C8EA08A9115479995CE45713ECD53A0C21362EF7EC1BF2DC ] C:\Windows\System32\qmgrprxy.dll
23:38:01.0574 0x1768 C:\Windows\System32\qmgrprxy.dll - ok
23:38:01.0576 0x1768 [ 4235066EB3F3FE7F3153D7AC3BCD059A, BCEB88E9652709ECA05875BC99ADBBD2A5ECE226CBE2E831A4F5FCAD82101CE8 ] C:\Windows\System32\bitsprx2.dll
23:38:01.0576 0x1768 C:\Windows\System32\bitsprx2.dll - ok
23:38:01.0578 0x1768 [ 50126883FF1D1F690FE477B0B6593DAA, 90657796B3633B0834502C0155996B50979CE54F5935DDC59DBB688D09CFD555 ] C:\Windows\System32\SkyDrive.exe
23:38:01.0578 0x1768 C:\Windows\System32\SkyDrive.exe - ok
23:38:01.0580 0x1768 [ DAF25B7F36517AAEA748819E78DCF6BD, C44B2E73E422976CCBE1A2FE22D59A93DF508CED6CFB9E54BA56E9D814A8EBD1 ] C:\Windows\System32\bitsprx7.dll
23:38:01.0580 0x1768 C:\Windows\System32\bitsprx7.dll - ok
23:38:01.0582 0x1768 [ B8EB489B9CB8E4E29D3B5FA33F59F7EB, 023F97220F8E8174ABA8FBD628AD6F74D90E84970859525A4C121E1AA3F8815A ] C:\Windows\System32\SkyDriveTelemetry.dll
23:38:01.0582 0x1768 C:\Windows\System32\SkyDriveTelemetry.dll - ok
23:38:01.0584 0x1768 [ C5746CE22A4338896338A48687CB9345, 0753D76D715FDB142B52701EA77D59EA71E78F973F345FD0BCE77EF592F8E96E ] C:\Windows\System32\SyncEngine.dll
23:38:01.0584 0x1768 C:\Windows\System32\SyncEngine.dll - ok
23:38:01.0586 0x1768 [ D121570F6E7A06B5C26686C3C3AF1127, C642DB311CEAA5A4A9EB05B26D7CBDC125B16AE3D97B79D4ADA0617DEADAA7BB ] C:\Windows\System32\bitsprx5.dll
23:38:01.0586 0x1768 C:\Windows\System32\bitsprx5.dll - ok
23:38:01.0588 0x1768 [ CD3B0300647818BBF24350C32BA21004, 38764C5E49E3D4362D3BC702C0D9698AA7EF938C6EFC9530CB02AABAF3CA354A ] C:\Windows\System32\bitsprx3.dll
23:38:01.0588 0x1768 C:\Windows\System32\bitsprx3.dll - ok
23:38:01.0590 0x1768 [ 144E6549AAA4966F36160588907A45FB, 0F4FE531C7070304B7DB3742CE83CB3BD8BBAB9F2DF16D1F0E8867AF4B534EBD ] C:\Windows\System32\winbici.dll
23:38:01.0590 0x1768 C:\Windows\System32\winbici.dll - ok
23:38:01.0592 0x1768 [ FCD3596AC11042A543CF54294A54B579, 50373666C941D4DC61DF2F2FAB5C7C214D3C61DA11433A65B998843548460580 ] C:\Windows\System32\gameux.dll
23:38:01.0592 0x1768 C:\Windows\System32\gameux.dll - ok
23:38:01.0594 0x1768 [ E4B40D5609F2E5513E616F5BF9D32689, BCB94CCD277EE5B86E08B9841182FCECA9401E44088AF8D23526CB101546A8FE ] C:\Windows\System32\loadperf.dll
23:38:01.0594 0x1768 C:\Windows\System32\loadperf.dll - ok
23:38:01.0596 0x1768 [ B988BF577B74C88A59B3C3A20C11135B, 9F7C4A1F6AC9CE79BFCA70901A604C49EDAB690E687FB70FF2224DFD3C2BEF72 ] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\wllog.dll
23:38:01.0596 0x1768 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\wllog.dll - ok
23:38:01.0598 0x1768 [ DDE972537280676F685DEC67CE28932D, 781C862035C226C03008533B2CFAD3906661417C689E8A070C2D9639868F1C0B ] C:\Windows\System32\SearchProtocolHost.exe
23:38:01.0598 0x1768 C:\Windows\System32\SearchProtocolHost.exe - ok
23:38:01.0600 0x1768 [ 629F14BFCF14C89D128618CA5A09CB03, C047EFDC352396DF58EDD900CA1B8FE86FC0C62585A2F7FF9E591F95AE982E7E ] C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
23:38:01.0601 0x1768 C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll - ok
23:38:01.0603 0x1768 [ B117A586AF354814BA3BF653A8DBBEBB, 382EEADC2A4EE39FBB86902F5D43D83D1DD166B98128B061B6F72B881D37AB3F ] C:\Windows\System32\msshooks.dll
23:38:01.0603 0x1768 C:\Windows\System32\msshooks.dll - ok
23:38:01.0605 0x1768 [ FF48213516573E515185F3E03ED9DAFC, 890536A7BB3AC1BFD01EAC137D9DB9B1845A8599A0DE0647A42262C43AD30985 ] C:\Windows\System32\SearchFilterHost.exe
23:38:01.0605 0x1768 C:\Windows\System32\SearchFilterHost.exe - ok
23:38:01.0607 0x1768 [ 858E46BB06924EB01C3DF8AEF2DC1CDF, 9A1B03FB12FF5F9CA1E51F2B0CBBD67669561CE3D8728718FAE1547CAA6C230C ] C:\Windows\System32\mssph.dll
23:38:01.0607 0x1768 C:\Windows\System32\mssph.dll - ok
23:38:01.0609 0x1768 [ 4A895F718857F9A7F6198951F3B106CB, 8377EBDB9F8C1AA7A82F338A93B110DA1473D0B517E3D8B2A0E8187384899DAA ] C:\Windows\System32\mapi32.dll
23:38:01.0609 0x1768 C:\Windows\System32\mapi32.dll - ok
23:38:01.0610 0x1768 [ 50C869BBB4D1441C0E9760FB3830B241, 5F9289BC81D749E91E5FAA8B4B30B58315650E6D2CDCDC0FE726F8CDBD3267A2 ] C:\Windows\System32\SkyDriveShell.dll
23:38:01.0610 0x1768 C:\Windows\System32\SkyDriveShell.dll - ok
23:38:01.0612 0x1768 [ B087305F29D8CE043DD31AD69AFDF1A9, 2241F42C148B4AD5D1DC3D9548A009B16FAB2B5C36792B474256474E12551C1B ] C:\Windows\System32\mssvp.dll
23:38:01.0612 0x1768 C:\Windows\System32\mssvp.dll - ok
23:38:01.0615 0x1768 [ 03CD7592B2A8927D940BA3CA8823F237, 3BEBB6085651DEFB37CCB2FF4B2558489A0A2AB96CE2355D7130AE376923881A ] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\microsoft.windowslive.platform.service.dll
23:38:01.0615 0x1768 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\microsoft.windowslive.platform.service.dll - ok
23:38:01.0617 0x1768 [ 5577CAB1056C24B8E1A887A6402A1110, 79BFF145582D0E101DEEAA599548C22A36B21994B6C24583CEE957A8AA1F022E ] C:\Windows\System32\Windows.Storage.ApplicationData.dll
23:38:01.0617 0x1768 C:\Windows\System32\Windows.Storage.ApplicationData.dll - ok
23:38:01.0619 0x1768 [ D3EC1112BE0E06ED94308A7B97C929EF, 4BB9690070EC72713F656D9F08090EC579515A1806CC4FDE84BEF433F68A6996 ] C:\Windows\System32\srchadmin.dll
23:38:01.0619 0x1768 C:\Windows\System32\srchadmin.dll - ok
23:38:01.0621 0x1768 [ C96F89190AF08D147B76C538EBF7C9D3, 67C4A9C8389EC53544A48DFF8CFB003EA3EA852E0A56B8839C4FA2160E83AC83 ] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\bici.dll
23:38:01.0621 0x1768 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\bici.dll - ok
23:38:01.0623 0x1768 [ DE6533132FC2BD8A2ED5D370D41CBED3, 4CF0CBCF3ADC42614CF4C132FA52EFBBAE6FB69059AB6FA72735FB53B326D162 ] C:\Windows\System32\SyncCenter.dll
23:38:01.0623 0x1768 C:\Windows\System32\SyncCenter.dll - ok
23:38:01.0625 0x1768 [ 13FD5C8E6451BAB58ADD147356ACA41F, E82A08C91E377831C7585330363FF37AC5FC2C6DF7014C73D6BDE1A55CBCA944 ] C:\Windows\System32\threadpoolwinrt.dll
23:38:01.0625 0x1768 C:\Windows\System32\threadpoolwinrt.dll - ok
23:38:01.0627 0x1768 [ 0515B5D282D87678EE47D23AF95A948A, FC0757685C1E3155058F7602CD4462FEFC584918F7EA3F218DC8E76C0DB630D6 ] C:\Windows\System32\imapi2.dll
23:38:01.0627 0x1768 C:\Windows\System32\imapi2.dll - ok
23:38:01.0629 0x1768 [ BC786FF9CF7253BDD416E18420519B09, 2CEFE15D594D0B13C038E80669B2B39F0560953406BDDF1954BECDCB7C6A484C ] C:\Windows\System32\biwinrt.dll
23:38:01.0629 0x1768 C:\Windows\System32\biwinrt.dll - ok
23:38:01.0631 0x1768 [ 7C514A95C3EAB34547DDBEA9AB09FC19, 9C807A35AB9C8B9EDB4DDFAB37B97A4C85BEF4EBE6ED8A3FDA6DC80C09CF044B ] C:\Windows\System32\hgcpl.dll
23:38:01.0631 0x1768 C:\Windows\System32\hgcpl.dll - ok
23:38:01.0634 0x1768 [ 8937901B415DDB06C196B008FB695994, 3F3FFBB8DC107DA1BCC8A95E9E9DD3AE59DC6CD5901591ADCF11F1F81636A21B ] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\microsoft.windowslive.platform.dll
23:38:01.0634 0x1768 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\microsoft.windowslive.platform.dll - ok
23:38:01.0636 0x1768 [ 04B470896143EA0BCCB210467DC69498, A2A577462A8C649D98D14C83EA88AA5A061768C86718BA09560FA6BB0E902DEA ] C:\Windows\System32\apprepapi.dll
23:38:01.0636 0x1768 C:\Windows\System32\apprepapi.dll - ok
23:38:01.0638 0x1768 [ 53FB52AC29DF3DF005273AC179141E62, A060C479E6F46CD0BB0438BCAB9259521DD8A0C5FB1D7480632D060ACA0C8CA6 ] C:\Windows\System32\drprov.dll
23:38:01.0638 0x1768 C:\Windows\System32\drprov.dll - ok
23:38:01.0640 0x1768 [ EDC796C4C9588D28CCB6031E365C4F32, 5526715B3B8D4D09750A8E400B97E1B8A8E475B0CD4EF650480B56B3783BD9D4 ] C:\Windows\System32\ntlanman.dll
23:38:01.0640 0x1768 C:\Windows\System32\ntlanman.dll - ok
23:38:01.0642 0x1768 [ 19F84D6153C06FE71203517BDAC9EA9F, 14B95B657CAE351D8E7E1400EAECDE66892C10B4B32FB37935B6C3CAE6203D72 ] C:\Windows\System32\davclnt.dll
23:38:01.0642 0x1768 C:\Windows\System32\davclnt.dll - ok
23:38:01.0644 0x1768 [ 8F37ADC302D59D09E0A9D29B9A78D3A6, D2438D5D5A1FE00ABEF14C1BBE1F89FD15F2CFD7DAE6773E35EEF371754884A9 ] C:\Windows\System32\davhlpr.dll
23:38:01.0644 0x1768 C:\Windows\System32\davhlpr.dll - ok
23:38:01.0647 0x1768 [ CD025287F85E55599C8BF514BBE9ADD8, F2A5516FA43B3ACE2CF0E3E6D6CE079E8A84B64E2BCB31C1E79A89150AB9CECA ] C:\Windows\System32\CertPolEng.dll
23:38:01.0647 0x1768 C:\Windows\System32\CertPolEng.dll - ok
23:38:01.0649 0x1768 [ DC225130BCAE999B1A660EEBF3D2E813, 563CB862B9DA11739A66C4D7E6AAFC3BAADD1CF8638A354D4ABC5AC11C2C88D4 ] C:\Windows\System32\MSWB7.dll
23:38:01.0649 0x1768 C:\Windows\System32\MSWB7.dll - ok
23:38:01.0651 0x1768 [ 51F358BE1583FB3246020E36DEEB3E0F, 23E096D57FF2D45168FF5AFF48C10A2E0A144708CD046B1C4F3897205CC8A147 ] C:\Windows\System32\igfxtray.exe
23:38:01.0651 0x1768 C:\Windows\System32\igfxtray.exe - ok
23:38:01.0653 0x1768 [ A5B2C3F4797F1C560E0B23D0DBD66291, DCC887587129EA374D83814E0556681EBB67FCEBA34B3A5B9972F6EB4FEA3C46 ] C:\Windows\System32\hccutils.dll
23:38:01.0653 0x1768 C:\Windows\System32\hccutils.dll - ok
23:38:01.0655 0x1768 [ 83F65B02082862BB470703C1F1C14946, 6E46EB4EC69ABCFC63AFB7EACD66E22D9265E5733B67EA991054E7F7BAE6812E ] C:\Windows\System32\SystemEventsBrokerClient.dll
23:38:01.0655 0x1768 C:\Windows\System32\SystemEventsBrokerClient.dll - ok
23:38:01.0657 0x1768 [ 055E17395ED551AA3138967846BC3892, 4DF5C02D5E12A9466F0CEDBA9863D8D476006134455AAB4733DC36544BC7E0FE ] C:\Windows\System32\igfxsrvc.exe
23:38:01.0657 0x1768 C:\Windows\System32\igfxsrvc.exe - ok
23:38:01.0659 0x1768 [ 1218C5653632440C18ECEA89D1CA4575, AF0E7AA60890C52A257D3501FFE652E95F095407A7C6F6F4F00162A9F7DE7C2D ] C:\Windows\System32\hkcmd.exe
23:38:01.0659 0x1768 C:\Windows\System32\hkcmd.exe - ok
23:38:01.0661 0x1768 [ E51FE35D9E2F2BFEE61805BD298D0422, A4C24D6DCD6823D363D150E5B89C6AAF51CE410F5A48D1E9E294AEDE933056BE ] C:\Windows\System32\igfxsrvc.dll
23:38:01.0661 0x1768 C:\Windows\System32\igfxsrvc.dll - ok
23:38:01.0663 0x1768 [ 921F7B5C082491E54E98FB108F15C824, A35AF55AB5FA0BBA3BCC24820F08E0C80DE5D7ED16FD0815896CD5B353C3C5DE ] C:\Windows\System32\ploptin.dll
23:38:01.0663 0x1768 C:\Windows\System32\ploptin.dll - ok
23:38:01.0665 0x1768 [ CDB36B74E69DE3553E381AEE387FDAD2, EF3917625EB1ED9155AF8730353EA60C147CF2F7BC5E0AA19AC30D8C51BA9A69 ] C:\Windows\System32\igfxdev.dll
23:38:01.0665 0x1768 C:\Windows\System32\igfxdev.dll - ok
23:38:01.0666 0x1768 [ 7B7B7DC98921D6EA5DBF132A72C4E395, A36CBBEB135BE09E7321B3B3B979B37538DF4BD3EBA20916DBB174C4AA2E7D9B ] C:\Windows\System32\opengl32.dll
23:38:01.0666 0x1768 C:\Windows\System32\opengl32.dll - ok
23:38:01.0668 0x1768 [ D85D513A0C4DADD8E61EB4D9101F562C, BE1CBB5DEC6230C2BF0A92A7D8494B3B9C8ED61159AA10EDBB55A534D3D3C6FB ] C:\Windows\System32\glu32.dll
23:38:01.0669 0x1768 C:\Windows\System32\glu32.dll - ok
23:38:01.0670 0x1768 [ 5804847F97837D30AFEA8FA5C3BA8F3B, 64D59340C3DA8CD9C6AA8DA734EDB6C87F7932B2134A821F414CF36C3C4E4AD4 ] C:\Windows\System32\igfxrenu.lrc
23:38:01.0670 0x1768 C:\Windows\System32\igfxrenu.lrc - ok
23:38:01.0672 0x1768 [ D99D2ED17F9B4B45DFCFA947204942B2, BE4E0A69F06032A5839109677D17FEB8880EA141F8645900A0652414C47DECC3 ] C:\Windows\System32\igfxress.dll
23:38:01.0672 0x1768 C:\Windows\System32\igfxress.dll - ok
23:38:01.0674 0x1768 [ CC8EB098AEDF4BC97D3004A182099EED, 6ADFB7CB5047C47D86C769F21191B12D2F3FD3BC96665B4CCFD8C8DA44C64ED9 ] C:\Windows\System32\igfxpers.exe
23:38:01.0674 0x1768 C:\Windows\System32\igfxpers.exe - ok
23:38:01.0676 0x1768 [ 105CFE016CCB20175BEACEC146F175AB, BA21F40CDBF159EE4EACCBFB2A7D20EB9E1C2758883AF089A8E53EE478002E83 ] C:\Windows\System32\IccLibDll_x64.dll
23:38:01.0676 0x1768 C:\Windows\System32\IccLibDll_x64.dll - ok
23:38:01.0678 0x1768 [ 43131394028DAB1506A23DB188281C58, 573B05D258634216FD3B25FCEAF1FF7F7C2A40B82BFC202318AA099528C401B3 ] C:\Program Files\Windows Defender\MpCmdRun.exe
23:38:01.0678 0x1768 C:\Program Files\Windows Defender\MpCmdRun.exe - ok
23:38:01.0680 0x1768 [ 62D2F0DEED2F7A6B2A7F84977DF9A23A, 4DDC1D1BD1FADC764C7C17E018107064BCC0A1C5E71C4A80EFE8C7BD4803D473 ] C:\Windows\System32\cabinet.dll
23:38:01.0680 0x1768 C:\Windows\System32\cabinet.dll - ok
23:38:01.0682 0x1768 [ 42289DFF55D504A33EA2D434911EE364, D9475591C21F5A20C09894063A896C97364AFAF5546DB862D2A60D070182A46E ] C:\Program Files\Windows Defender\MpCommu.dll
23:38:01.0682 0x1768 C:\Program Files\Windows Defender\MpCommu.dll - ok
23:38:01.0685 0x1768 [ 4B20F64E6BE11C7BD05B51435FF2D6BC, F62259E102C4A2C8DE3B58FE44B1980EB357861D65AF98A9CB9F83D1A82D6A1F ] C:\Program Files\DellTPad\Apoint.exe
23:38:01.0685 0x1768 C:\Program Files\DellTPad\Apoint.exe - ok
23:38:01.0687 0x1768 [ B7A8A51EC2AD40E8437DF885034ED4A8, 3C8B42FE0ECF096E5E66ADB5621021D3CE68670494CF4B37E200C71ABBA84E7A ] C:\Program Files\DellTPad\Apoint.dll
23:38:01.0687 0x1768 C:\Program Files\DellTPad\Apoint.dll - ok
23:38:01.0688 0x1768 [ 8311CAF3B483E407530EBA8CD30E8CA9, 5E2D131BD40844B3562EB3D96AB84BE64196DD7A9C2C9E87A7ECEC71019F7769 ] C:\Windows\System32\Vxdif.dll
23:38:01.0689 0x1768 C:\Windows\System32\Vxdif.dll - ok
23:38:01.0691 0x1768 [ C7A19342A231D19BAB0579597C0F7ECC, 70E13288C87BFA0A77EF4A02F404EE8E62CF47A656837035B5144F864CBB78A7 ] C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll
23:38:01.0691 0x1768 C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll - ok
23:38:01.0693 0x1768 [ 67611DEA70471375E1913A4CFC6A6575, A176C6DFCFB69D053FEC446D81AAF67E2BB713C00A5D87BEBE21D3AEE5C7A227 ] C:\Program Files\DellTPad\EzAuto.dll
23:38:01.0693 0x1768 C:\Program Files\DellTPad\EzAuto.dll - ok
23:38:01.0695 0x1768 [ 8744C75FA75ADF473F38B040541143F1, 7776B907A79FD7CB45A86D3D68296362ED1C879201234DD4D65F6C858F4B4E43 ] C:\Program Files\DellTPad\ApMsgFwd.exe
23:38:01.0695 0x1768 C:\Program Files\DellTPad\ApMsgFwd.exe - ok
23:38:01.0697 0x1768 [ CCF8BED843882F5C01FC93F6FEC5A8A7, 63CF7ADFC851304A06704976D157D292496F7DD57598E6B34414A745A1F04D76 ] C:\Windows\System32\consent.exe
23:38:01.0697 0x1768 C:\Windows\System32\consent.exe - ok
23:38:01.0699 0x1768 [ 1B868226750CEA988926F8734953EB5A, 5006F352280839F851DE728BD12F44C517E680C93562F86BFFEF185B442A4916 ] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe
23:38:01.0699 0x1768 C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe - ok
23:38:01.0701 0x1768 [ E0BC37F2051E1CB6B768A53D9514E3FA, FC7826A54D179321ACDA91115DB54DB427C185BE6AD0858127DB187E8E6692B9 ] C:\Windows\System32\pcacli.dll
23:38:01.0701 0x1768 C:\Windows\System32\pcacli.dll - ok
23:38:01.0704 0x1768 [ 1620FE36666F4BBC2314B7F360FB1965, EAC638C55DCB8C9CAA60040EBD9D08CCCD029E6450A882CF394B3331583390C7 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
23:38:01.0704 0x1768 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - ok
23:38:01.0706 0x1768 [ 7AD47F1F78EB1AEC7D8F262878204DEC, B2130382A74D14F2C7A8CA9E7EBAE1A8D2E12C8C984051D0F0CB0755BBAF3D2B ] C:\Program Files\Trend Micro\Titanium\UIFramework\utilDebugLog.dll
23:38:01.0706 0x1768 C:\Program Files\Trend Micro\Titanium\UIFramework\utilDebugLog.dll - ok
23:38:01.0709 0x1768 [ 6BD2C65C3CC612891B552EBB3A7F5370, 640AE6AECA016289DC4C146B07EA9021F0F4FC6EB661A8422C2985A00EB271FA ] C:\Program Files\Trend Micro\Titanium\UIFramework\libcef.dll
23:38:01.0709 0x1768 C:\Program Files\Trend Micro\Titanium\UIFramework\libcef.dll - ok
23:38:01.0711 0x1768 [ F8E11363E39E75C7E5A92BA6ACDB06BA, F2D455D8047FE4FE3BC1D4CBA6DC996B2FDA9859D2BB5B3E099006901E06E34F ] C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\chrome_elf.dll
23:38:01.0711 0x1768 C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\chrome_elf.dll - ok
23:38:01.0714 0x1768 [ E2C48CD0132D4D1DC7D0DF9A6BEF686A, 52D1A8AA992AF2F727DA4B16522D604648D700997B1620CCB67D05838C127674 ] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll
23:38:01.0714 0x1768 C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll - ok
23:38:01.0716 0x1768 [ A58E3C42883F36D743F9BE9B21BFC990, FE98BCA2B98568FD18B8E7F16CA8D258B71DA3D2DDED131712E066F51173B104 ] C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.8428_none_d08a11e2442dc25d\msvcr80.dll
23:38:01.0716 0x1768 C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.8428_none_d08a11e2442dc25d\msvcr80.dll - ok
23:38:01.0719 0x1768 [ 89D638BB3665B1748E90C2562563C325, EBCC07B525CF0FD6407FEA2F9E5C91318169205EDB9B5D643A502F04D79E2DB7 ] C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
23:38:01.0719 0x1768 C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe - ok
23:38:01.0721 0x1768 [ 81388CF9AD3235C778924A685EC08F8D, 89ECFB8C704AB000100BF44C3DBB805DE4D1514D5CA25D237F888F6521A769D4 ] C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\chrome.dll
23:38:01.0721 0x1768 C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\chrome.dll - ok
23:38:01.0723 0x1768 [ A6880BA9A4F02D3C742DF956EA9CC44D, 00E57D66282AA4BE95AF32627B0BCEBA28C85DCE19517A53108E1CF2F41E4578 ] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.9600.17056_none_dadc5d1c5bc8ab48\GdiPlus.dll
23:38:01.0723 0x1768 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.9600.17056_none_dadc5d1c5bc8ab48\GdiPlus.dll - ok
23:38:01.0725 0x1768 [ 52EF8037A22F0EB0083AA29EAC706495, 31E4790C685DF7530E8E6A50CE73651144C51F82D91985D4F48F4B8696499122 ] C:\Windows\SysWOW64\psapi.dll
23:38:01.0725 0x1768 C:\Windows\SysWOW64\psapi.dll - ok
23:38:01.0727 0x1768 [ 20EEE90079E24853739B94C8E6E49165, E6F2B280B268CEDB01A6FF7496DBFEBAEB191DED5936A392787A97EF90096836 ] C:\Program Files\Trend Micro\AMSP\utilJsonHandle.dll
23:38:01.0727 0x1768 C:\Program Files\Trend Micro\AMSP\utilJsonHandle.dll - ok
23:38:01.0729 0x1768 [ C5928ACC75D5684516860CC7DD20A971, 14815B991507A466F63F83E71CDB4F4475B5F7FE049C45EDDAF18B423F6BB818 ] C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.8428_none_d08a11e2442dc25d\msvcp80.dll
23:38:01.0730 0x1768 C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.8428_none_d08a11e2442dc25d\msvcp80.dll - ok
23:38:01.0732 0x1768 [ 204A549F6AA4DC2F4CAF371FAA16747A, 323560257E409347D3BA1A3AC431C3EF0CD6C350F6BB1D5B5288A577F3F156ED ] C:\Windows\SysWOW64\oleacc.dll
23:38:01.0732 0x1768 C:\Windows\SysWOW64\oleacc.dll - ok
23:38:01.0734 0x1768 [ 8DB526FBAE35EAFBB25BA8BF5F491027, 68DC497E13F5AA9F79907719534DFB5FDCE2C282DBF6283EBFD32B69B523BB9A ] C:\Windows\SysWOW64\credui.dll
23:38:01.0734 0x1768 C:\Windows\SysWOW64\credui.dll - ok
23:38:01.0736 0x1768 [ EBDB50C7BD8023CE98380A4648857F4B, F892B02C462B2B816125F529E22AE57616382E9006608FDF4AB5D489FD206E9D ] C:\Windows\System32\msauserext.dll
23:38:01.0736 0x1768 C:\Windows\System32\msauserext.dll - ok
23:38:01.0738 0x1768 [ D199A538404FB72FC0AB036595D20E1F, AE45AAD6EA30F241F77513FA84FCC86C09930BEE96F68C5EB3A47F2AD16E923D ] C:\Windows\System32\wdmaud.drv
23:38:01.0738 0x1768 C:\Windows\System32\wdmaud.drv - ok
23:38:01.0740 0x1768 [ B1FDCFFF7609E121C10751A669AB1611, 1181542D9CFD63FB00C76242567446513E6773EA37DB6211545629BA2ECF26A1 ] C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\mfc80u.dll
23:38:01.0740 0x1768 C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\mfc80u.dll - ok
23:38:01.0742 0x1768 [ FD97807051658AE27799BE3A557D3776, 114E111F1E195BE203BF35B12B2C1442B6708E12D0B68E9577D31A778B116D25 ] C:\Program Files\DellTPad\ApntEx.exe
23:38:01.0742 0x1768 C:\Program Files\DellTPad\ApntEx.exe - ok
23:38:01.0745 0x1768 [ 23065815C35146F455985878E0FEA1A8, E276CC29355CCB73DA4D3601A9586324E12C38FBDBD2F2468AF7E36F25EE36A8 ] C:\Windows\System32\AuthBroker.dll
23:38:01.0745 0x1768 C:\Windows\System32\AuthBroker.dll - ok
23:38:01.0747 0x1768 [ 0E85438D4EDEE1548266F8BB22B73AAE, 04353C0FBD4223713F7070F94E9106176862F2136108199A31CE6BB87308F5C4 ] C:\Windows\SysWOW64\ntdsapi.dll
23:38:01.0747 0x1768 C:\Windows\SysWOW64\ntdsapi.dll - ok
23:38:01.0749 0x1768 [ 1B0E5412AB8F30B8ED2AEAC2C530EB90, C3EA2387C1C8BD0FBBB72F825612CCE2B78F1B20216214EF431C37E652CCA404 ] C:\Program Files\DellTPad\hidfind.exe
23:38:01.0749 0x1768 C:\Program Files\DellTPad\hidfind.exe - ok
23:38:01.0751 0x1768 [ ADB4E145B99352A3058A6AB502BB99A1, D91C0A14E0D0CAD0E00D5F68B84C2289FF953A43BE1052F15040E58727D16D48 ] C:\Windows\System32\msacm32.drv
23:38:01.0751 0x1768 C:\Windows\System32\msacm32.drv - ok
23:38:01.0753 0x1768 [ 1FFE84F20C3FCCC0445999DC9725F0E4, A0407922CCF9186FE7538D1E81DC63A7DA6F29D9FF0E6AC7DF0CB324F6984FCD ] C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_49.dll
23:38:01.0753 0x1768 C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_49.dll - ok
23:38:01.0755 0x1768 [ A2A6F802D87CCE216C39B045FC118F60, 2CDE46BD38984D6382CA6E7E8055FFFE5E7110ABA582DAA463F20171CB465E07 ] C:\Windows\SysWOW64\hid.dll
23:38:01.0755 0x1768 C:\Windows\SysWOW64\hid.dll - ok
23:38:01.0758 0x1768 [ 34AC6CD413369AEBBD283976011FE321, 475E694E6912752F34768DD28746C5D84586AC282DEA0F6F5A2EA49F00FA71F1 ] C:\Windows\System32\msacm32.dll
23:38:01.0758 0x1768 C:\Windows\System32\msacm32.dll - ok
23:38:01.0760 0x1768 [ 442235AC4F20B195F932990CAE47408E, 811A03A5D7C03802676D2613D741BE690B3461022EA925EB6B2651A5BE740A4C ] C:\Windows\WinSxS\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_bc20f59b0bdd1acd\mfc80ENU.dll
23:38:01.0760 0x1768 C:\Windows\WinSxS\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_bc20f59b0bdd1acd\mfc80ENU.dll - ok
23:38:01.0762 0x1768 [ D72877D08AC821E3983C185D12034B19, 1194806EFBD672F8CE77EA97303076BDC642454C967662A2447A5BA264118270 ] C:\Windows\System32\midimap.dll
23:38:01.0762 0x1768 C:\Windows\System32\midimap.dll - ok
23:38:01.0764 0x1768 [ 513D72C4C9CDD33D55E8B2D1FD320C9D, AEE65086E10A9F1BD706FC0560E7CCD5D06FF3C92BE76733D2907B3DFCEE917D ] C:\Program Files\Trend Micro\AMSP\instInstallationLibrary.dll
23:38:01.0764 0x1768 C:\Program Files\Trend Micro\AMSP\instInstallationLibrary.dll - ok
23:38:01.0766 0x1768 [ 4B3F35E39B380B4E7CA504311C2E0816, D1BA5584E2EDA8CFCF09E0F997B827E6D2699B55AF35617B26B9A92BBD7C88F5 ] C:\Windows\SysWOW64\KBDUS.DLL
23:38:01.0767 0x1768 C:\Windows\SysWOW64\KBDUS.DLL - ok
23:38:01.0769 0x1768 [ 97A8DD53D83D5DAC15EDAB1320D305B4, 993FE82BEEDEB4B5A566B022C4D8DCE10B799EE687F99952DAEEEB4108E43D82 ] C:\Windows\System32\audiodg.exe
23:38:01.0769 0x1768 C:\Windows\System32\audiodg.exe - ok
23:38:01.0771 0x1768 [ F604350906CE4E3F67D81384566DE3E4, 5A5AC4A42E40B34193DA41002133F2CBE4B48310408185A8846E3F112852029F ] C:\Windows\SysWOW64\nlaapi.dll
23:38:01.0771 0x1768 C:\Windows\SysWOW64\nlaapi.dll - ok
23:38:01.0773 0x1768 [ BA817B48BE43A89EF46F3E75FA711F01, 3EF8FC3E7A58A9B9E85B336775E6DCBA2E37D7FEC58B09EA848CAA95A736DF55 ] C:\Program Files\Trend Micro\UniClient\UiFrmwrk\utilUIProfile.dll
23:38:01.0773 0x1768 C:\Program Files\Trend Micro\UniClient\UiFrmwrk\utilUIProfile.dll - ok
23:38:01.0775 0x1768 [ 8F36F399F9EFBA4FA7B6A4E5305817EA, 1AB0A065FA6F58CBFCDCEFDBA282E44AFCBC131F360300D840D113A7022C3F7C ] C:\Windows\SysWOW64\dhcpcsvc6.dll
23:38:01.0775 0x1768 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
23:38:01.0777 0x1768 [ FF841AB46649E68B8BEBE8E249AF9C04, D72984E6C54832F05CE2A359C2A619C9507A5EE6540A5791C19C24FB20B6C2D0 ] C:\Windows\SysWOW64\AudioSes.dll
23:38:01.0777 0x1768 C:\Windows\SysWOW64\AudioSes.dll - ok
23:38:01.0779 0x1768 [ 2E894F4B62CF32830FC70647A6857256, C28D52A00C8D177060A606F2C9019CA665FA20538915BF2FEA1C021237401CE0 ] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
23:38:01.0779 0x1768 C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe - ok
23:38:01.0781 0x1768 [ E64AD4877B41F1DB4CC3C99BA8372857, 0FE3612112987B6C2D0948BD813F0C2DB0475BDC2EFB7A999B3945BC09F2BAC9 ] C:\Windows\System32\AudioEng.dll
23:38:01.0781 0x1768 C:\Windows\System32\AudioEng.dll - ok
23:38:01.0783 0x1768 [ 0F3CE8CD921AC76BA344CA35921FCC90, 33C4FF1EA2D0DD939C783A3B3F6C55F3C6CA67816D6BE36181CE40AF024DE944 ] C:\Program Files\Trend Micro\Titanium\UIFramework\boost_thread-vc80-mt-1_49.dll
23:38:01.0783 0x1768 C:\Program Files\Trend Micro\Titanium\UIFramework\boost_thread-vc80-mt-1_49.dll - ok
23:38:01.0785 0x1768 [ FAF28A6151A26D94555E0EE518762479, C2C25EC88737AB5FA52B4E080A02CB584FD915D97104408859397106C70E264F ] C:\Windows\System32\AUDIOKSE.dll
23:38:01.0785 0x1768 C:\Windows\System32\AUDIOKSE.dll - ok
23:38:01.0787 0x1768 [ AA195EEF529D57407B4E75D0ADF2CEF1, C88B7C4B1747AABE0842471F4C8026718CE92AE7B0ACFF0760C2C948B9025DCA ] C:\Windows\SysWOW64\powrprof.dll
23:38:01.0787 0x1768 C:\Windows\SysWOW64\powrprof.dll - ok
23:38:01.0789 0x1768 [ CFBF24322AF177B3C3A81A862B4C3353, 72DBA924C0228BB69F7DFB2B983601CD0D0F9DB20CF12F9300BECB3E370777C1 ] C:\Program Files\Trend Micro\Titanium\UIFramework\boost_date_time-vc80-mt-1_49.dll
23:38:01.0789 0x1768 C:\Program Files\Trend Micro\Titanium\UIFramework\boost_date_time-vc80-mt-1_49.dll - ok
23:38:01.0792 0x1768 [ 7EC611582CF2124499A28946AEEBC3B4, C4B1837A67C9217822588AA43ADA21B98267DDB16B63C69980CB681FF2AD14AE ] C:\Windows\SysWOW64\MMDevAPI.dll
23:38:01.0792 0x1768 C:\Windows\SysWOW64\MMDevAPI.dll - ok
23:38:01.0794 0x1768 [ 97476BB3F51FBD0A944ACC9BFAFD97D8, 64D7F95E431262E3F241D345ABACB6B2C366D1156CAE88F85CDCB46DE5CF585B ] C:\Program Files\Trend Micro\Titanium\UIFramework\outer_AMSP_ClientLibrary.dll
23:38:01.0794 0x1768 C:\Program Files\Trend Micro\Titanium\UIFramework\outer_AMSP_ClientLibrary.dll - ok
23:38:01.0796 0x1768 [ D229F8699331DE4F5E812CEC5701031D, B0D0151F342B069FF03436F79E6C309486E696E781FCB18BB36AAB4704EC03BB ] C:\Windows\SysWOW64\dhcpcsvc.dll
23:38:01.0796 0x1768 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
23:38:01.0798 0x1768 [ F299BD172B73C6D0E50E6CB6ADC9020C, 17BE2F57211874BEDCED5066E1B157B607D9A8C69B1F433D1D8CA7E4FA18B204 ] C:\Windows\System32\deviceaccess.dll
23:38:01.0798 0x1768 C:\Windows\System32\deviceaccess.dll - ok
23:38:01.0800 0x1768 [ 604064FB0094B0B7433C5EB8BF91512A, 4CA0B5780AD681EDE96BD2E785A3731F88C50D6E3E48B107DFC6ECE6BEFB27BD ] C:\Windows\System32\WMALFXGFXDSP.dll
23:38:01.0800 0x1768 C:\Windows\System32\WMALFXGFXDSP.dll - ok
23:38:01.0802 0x1768 [ DEB46802F1183A90D3E029566B690E84, F82F0D0ACB2D28207DAA11490781C230A6095A6867D45B03FFB347ED454FAA9B ] C:\Program Files\Trend Micro\Titanium\UIFramework\utilInstallation.dll
23:38:01.0802 0x1768 C:\Program Files\Trend Micro\Titanium\UIFramework\utilInstallation.dll - ok
23:38:01.0804 0x1768 [ C70734AD4525B99B8C1F065898DE6EEF, 3B932AD3A4D7D7393286E2A05422A78754D18A175659092C359A0624ECD93160 ] C:\Windows\System32\mfplat.dll
23:38:01.0804 0x1768 C:\Windows\System32\mfplat.dll - ok
23:38:01.0806 0x1768 [ 3F59765B24EB6770252ACC314BD69D97, 5A014C940A4BE8DF6FA401044044F9BA6F5E06B262EEBAD3643747C9B8160468 ] C:\Program Files\Trend Micro\Titanium\UIFramework\utilMsgBuffer.dll
23:38:01.0806 0x1768 C:\Program Files\Trend Micro\Titanium\UIFramework\utilMsgBuffer.dll - ok
23:38:01.0808 0x1768 [ 16DF8849D099979B878755DCD258E7B0, 905C9AC105B03E545FF45D0A5DC15CF98181686023DB22F9DBA3F84CDF3D9B10 ] C:\Windows\System32\RTWorkQ.dll
23:38:01.0809 0x1768 C:\Windows\System32\RTWorkQ.dll - ok
23:38:01.0811 0x1768 [ 5D13AAA8BC57278BFD45F6FC94AE74ED, E36A15866157358CAAE4D4C67BCADF67DD8037C11D95252D485103014A352CE0 ] C:\Program Files\Trend Micro\Titanium\UIFramework\utilJsonHandle.dll
23:38:01.0811 0x1768 C:\Program Files\Trend Micro\Titanium\UIFramework\utilJsonHandle.dll - ok
23:38:01.0813 0x1768 [ 9F534F974C13C3A94BBC515621AC0D35, 6DEF2E7A7D6BDA902570CA4FC9AD335936EEEE880DE619CB394D42469CEE05A1 ] C:\Windows\SysWOW64\comdlg32.dll
23:38:01.0813 0x1768 C:\Windows\SysWOW64\comdlg32.dll - ok
23:38:01.0815 0x1768 [ 96BBE8E6333157796177D9B8975F2BF1, 718CE6DF030027FBA337BC29AD72939FE823E1E44275A028B55A1D543D7CD228 ] C:\Program Files\Internet Explorer\ieproxy.dll
23:38:01.0815 0x1768 C:\Program Files\Internet Explorer\ieproxy.dll - ok
23:38:01.0817 0x1768 [ 21095E7FAE3EC5E927F54E19CC63BA2A, DE7A826E3EBE8AF31A249577D6C821F5329A5DF13D1FA930782058700610AD26 ] C:\Program Files\Trend Micro\Titanium\UIFramework\utilIPC.dll
23:38:01.0817 0x1768 C:\Program Files\Trend Micro\Titanium\UIFramework\utilIPC.dll - ok
23:38:01.0819 0x1768 [ B015ECD030DA9A979E6D1A3D25F8FD86, FA03FECDB200E28366ECFBD3CEDD82E1606BEBE17CF9C32126F17C5EA34BE6DD ] C:\Program Files\Internet Explorer\iexplore.exe
23:38:01.0819 0x1768 C:\Program Files\Internet Explorer\iexplore.exe - ok
23:38:01.0821 0x1768 [ E1EBB4C5F1D0680EA3E4E7A77ADCA391, 664A4086FE07B5517F3F59EB29295289C5BB5000585C6002ACE37F6135EE197C ] C:\Program Files\Trend Micro\Titanium\UIFramework\utilRPC.dll
23:38:01.0821 0x1768 C:\Program Files\Trend Micro\Titanium\UIFramework\utilRPC.dll - ok
23:38:01.0823 0x1768 [ 78CD7BD82E678C0A239010D8B2FAE4FD, D4575CE6CED267B7F2BDBEB5FC03D193746D934DAA0DBBEA24BDB40F4E1E9B31 ] C:\Program Files\Trend Micro\Titanium\UIFramework\utilComponentInfo.dll
23:38:01.0823 0x1768 C:\Program Files\Trend Micro\Titanium\UIFramework\utilComponentInfo.dll - ok
23:38:01.0826 0x1768 [ 25D83BC8E4CA8C757AB648573E94B57C, 8DA45252D5A8C95FEDE5954C7971D59B21B942919FE6D5046567AD7DE6EBD2B5 ] C:\Program Files\Trend Micro\Titanium\UIFramework\utilThread.dll
23:38:01.0826 0x1768 C:\Program Files\Trend Micro\Titanium\UIFramework\utilThread.dll - ok
23:38:01.0828 0x1768 [ 9E054D04721F4BA4ACB0C0D189C9B1CD, F6F1A6668C100246B74E6F02625DCBBDA1138BB65C92FDB068C7953500492400 ] C:\Program Files\Trend Micro\Titanium\UIFramework\utilGenericLoader.dll
23:38:01.0828 0x1768 C:\Program Files\Trend Micro\Titanium\UIFramework\utilGenericLoader.dll - ok
23:38:01.0830 0x1768 [ 56834DC536BBFCDBDDFA0C5E48974EB0, 4C4C7EA3268CD9C301FBBCB0DD943414F2D5D6C305D52EE8BCF88B551419DA70 ] C:\Program Files\Internet Explorer\IEShims.dll
23:38:01.0830 0x1768 C:\Program Files\Internet Explorer\IEShims.dll - ok
23:38:01.0832 0x1768 [ 28A09777D2D952122567A8A82F1A2C7B, 772260DF36AE85A0619C51402DE416E0C329976B724C8E9C4F8C013CBB7C7289 ] C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll
23:38:01.0832 0x1768 C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll - ok
23:38:01.0834 0x1768 [ D90B1558602CCF951F7D0FB21E30723E, 1E8B42099D24D80EEEB6F8E8A58E9D2AD97A2C64067BB06BC5CA7D2F5565BA66 ] C:\Program Files\Trend Micro\Titanium\UIFramework\instInstallationLibrary.dll
23:38:01.0835 0x1768 C:\Program Files\Trend Micro\Titanium\UIFramework\instInstallationLibrary.dll - ok
23:38:01.0837 0x1768 [ E748D0B8F4060F4F7A7ABB705E289890, 3DD81B500D2F378D7491633B4D73E6BA0EB76F7EC0A514D62EB1E1E46A838E1F ] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\mfc42u.dll
23:38:01.0837 0x1768 C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\mfc42u.dll - ok
23:38:01.0839 0x1768 [ B414587F638F02C617CEC43C21A78CD4, 6F49B98DBD76DBCCA4A6B0DD9AA46FB089955292DEC33B7FECEDDBA61F45A1FB ] C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\chrome_child.dll
23:38:01.0839 0x1768 C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\chrome_child.dll - ok
23:38:01.0841 0x1768 [ 2F65C548322123B479616DFA8238770A, 27AFF921460E0664E81D6C45C607E461A96CC261310939582B5E30869B73C930 ] C:\Windows\System32\RuntimeBroker.exe
23:38:01.0841 0x1768 C:\Windows\System32\RuntimeBroker.exe - ok
23:38:01.0844 0x1768 [ 3EBF452B807F412EC0F19141ADA060E5, 40FB671200DC37EA6F148F12152C4D5582C96BC26C767FD9BE6BF64A25C35C6D ] C:\Program Files (x86)\Internet Explorer\iexplore.exe
23:38:01.0844 0x1768 C:\Program Files (x86)\Internet Explorer\iexplore.exe - ok
23:38:01.0846 0x1768 [ F3E06B350048CF40DC99342C05278A59, 3AFD195E28CFCF1555D85124E9DDA7F04080B1E94C3C9D54E7A89F936CCA6F97 ] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.crl
23:38:01.0846 0x1768 C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.crl - ok
23:38:01.0848 0x1768 [ 5BF8E37FA1E25227480F9CD2ACA21FB6, 58D9A00888AF693B2A5222FE74CFDED32CE83E74F85B474F1CBE5987217B5A9D ] C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\d3dcompiler_46.dll
23:38:01.0848 0x1768 C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\d3dcompiler_46.dll - ok
23:38:01.0850 0x1768 [ 3EB33CA81B2259E7904F7E91D1C907EC, 0DDB764847FA2D38A3A530161B755B3B88CDC75C67E054B8B64D6A27ED5CB3D0 ] C:\Windows\System32\ieui.dll
23:38:01.0850 0x1768 C:\Windows\System32\ieui.dll - ok
23:38:01.0852 0x1768 [ E859E9B4A0300F56C94D2C69F6F65657, 95D6DC4E35FBB1143360E31756DA8CA15BABEF3C3851F2857ECC738669581DF3 ] C:\Windows\System32\wuapi.dll
23:38:01.0852 0x1768 C:\Windows\System32\wuapi.dll - ok
23:38:01.0854 0x1768 [ 787648B9C1E7503D097D49EE46D9621F, BAA64BCC89190F073DDA287BEC15E2490F889FFB9F7AB3B1515ACEFA0B6E8290 ] C:\Windows\SysWOW64\wbem\wbemprox.dll
23:38:01.0854 0x1768 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
23:38:01.0856 0x1768 [ 20CF6C36949E73BE4462F09E1CAA1951, 39F12C70D3AC3B411CA7AB7C5D6073011C98C321B427FC63EF1D74992FE168DB ] C:\Windows\SysWOW64\wbemcomn.dll
23:38:01.0856 0x1768 C:\Windows\SysWOW64\wbemcomn.dll - ok
23:38:01.0858 0x1768 [ 688FF87A0A328A880FBE32ABB1EE16BF, 9998D95045A2A55BC785378D5C4CC252E663FF0E9483CF1BE09DAE12195683F9 ] C:\Windows\SysWOW64\dpapi.dll
23:38:01.0858 0x1768 C:\Windows\SysWOW64\dpapi.dll - ok
23:38:01.0860 0x1768 [ 230FF605FE373D972EFB74B195AA756E, 9BDFDE3E90CC7C6D5360AC1CB31A6A6A64872D9E6A8A880584146DC452196A23 ] C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
23:38:01.0860 0x1768 C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll - ok
23:38:01.0862 0x1768 [ D85F310B0871AF13961D1C9A9695D756, 95895324B4A258D1FDBFA8F0D9DE163B8AF9FE207B1D846C225E2A165AEACB1A ] C:\Windows\SysWOW64\d3d9.dll
23:38:01.0862 0x1768 C:\Windows\SysWOW64\d3d9.dll - ok
23:38:01.0864 0x1768 [ 998AA337D8CA0E8832B3BB4AF8BBC7A0, BB80479723DD1E10006F8EA5C82095D37BB83A01D773D08D1CDA99DD0B51F2AB ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
23:38:01.0864 0x1768 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
23:38:01.0866 0x1768 [ 8DE93017BA7F77E95DF57E753269623D, 92238DB2684D5A1352B4BB492DFB3CFE219073AC63CE0CAE0A8D12CCF23A9A7D ] C:\Windows\SysWOW64\wbem\fastprox.dll
23:38:01.0866 0x1768 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
23:38:01.0868 0x1768 [ 04767A913945012ADD32E2FCF4B0BE4B, 584F874906DEA4B88842A8E505F9B20C7FB155BA4A42868871A8D2A55FF72118 ] C:\Windows\SysWOW64\mscms.dll
23:38:01.0869 0x1768 C:\Windows\SysWOW64\mscms.dll - ok
23:38:01.0870 0x1768 [ 1EC3AACDB335533A7470245C683ACF94, 112EBC8794E9A0D2670647EA28C76B8774964CCC524F7EB57666AD96F4419AB1 ] C:\Windows\System32\wups.dll
23:38:01.0870 0x1768 C:\Windows\System32\wups.dll - ok
23:38:01.0873 0x1768 [ 34F8F7A0B782798F6A9511157BCC3E32, 7577CBE0C62D66F058FBA000033FC94760341EF48D38281C613BE9D99A78ADC2 ] C:\Windows\System32\Windows.Graphics.dll
23:38:01.0873 0x1768 C:\Windows\System32\Windows.Graphics.dll - ok
23:38:01.0875 0x1768 [ 0BC2A483C132C5DFDD9EB1DF41594AEF, D38BCBF0EBBD44B83D1D0EBC7B2FE6DCEB08292282FCCC473DF58D452429EC84 ] C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
23:38:01.0875 0x1768 C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll - ok
23:38:01.0877 0x1768 [ 866AEEFADD9C957527C8DCE96D3F2857, 594D4F55F4C94D1657CD29728CB472213D80047C939C32695DC50846E79DA62F ] C:\Windows\SysWOW64\NV\nvumdshim.dll
23:38:01.0877 0x1768 C:\Windows\SysWOW64\NV\nvumdshim.dll - ok
23:38:01.0879 0x1768 [ 7BEF8493A7CF509B47D88F5DCDDB68A8, D3D011C26A0144D5B7B30BC336855F0E03A2C077A09338FE5742C4E34DF68CE5 ] C:\Windows\SysWOW64\Wpc.dll
23:38:01.0879 0x1768 C:\Windows\SysWOW64\Wpc.dll - ok
23:38:01.0881 0x1768 [ E2A34E0E6DC58712BC527338C7E0A8E4, 1F5FC52AD5D941BBE8FD264FA63970A4F9CA6D8D70923FC12337AD422BF9B64E ] C:\Windows\System32\SettingSync.dll
23:38:01.0881 0x1768 C:\Windows\System32\SettingSync.dll - ok
23:38:01.0883 0x1768 [ 1D170663932F69FE6A741446CDD47A9D, 0421622EFC906FBF61B557C65D39713E836E3244CE2BBD3EB1B27B30F3F725C8 ] C:\Windows\SysWOW64\igdumdim32.dll
23:38:01.0883 0x1768 C:\Windows\SysWOW64\igdumdim32.dll - ok
23:38:01.0885 0x1768 [ BC77AF87A6665EB31BB6F9AC7013C87C, F6F35045685937C0302337D7B197E68B694A3679D0A73262CE0F96286C573AD9 ] C:\Windows\System32\bitsprx6.dll
23:38:01.0885 0x1768 C:\Windows\System32\bitsprx6.dll - ok
23:38:01.0887 0x1768 [ 184A4B91C71A122B1E38FD1C7D35FE7F, 0D3B1C93AC5B822D26D1D4B52002A6647C4EB036DBBDDB8F50471DDAD0EB6E2B ] C:\Windows\SysWOW64\wevtapi.dll
23:38:01.0887 0x1768 C:\Windows\SysWOW64\wevtapi.dll - ok
23:38:01.0889 0x1768 [ 7292252136399704CC2E3FF3C907F09E, 545CC090DB3D2C80825D6556D19949FF3BA003F94A1A460209D6CB77C0C89D3D ] C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
23:38:01.0889 0x1768 C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll - ok
23:38:01.0891 0x1768 [ F79C112FCC0FEF9EBE07F903CEA05F9F, 880516E2E920027784B539971192232606D24F7F7758AEC313FA6BC7EDD33A97 ] C:\Windows\System32\SettingSyncHost.exe
23:38:01.0891 0x1768 C:\Windows\System32\SettingSyncHost.exe - ok
23:38:01.0894 0x1768 [ AB2B0473AE5C61EFE5BB8796D6631E51, B467E5C5AE01FDC40F927611C8CAA62A874B8DBE5897EF0E1300E97F3A67F365 ] C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppgooglenaclpluginchrome.dll
23:38:01.0894 0x1768 C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppgooglenaclpluginchrome.dll - ok
23:38:01.0896 0x1768 [ 61D8BAB0823A1EA885CCAFE208A3ED67, 1EE7BD040ED6C6E0016702977B8BE8E81897FB26CB74B6EEDACA953DADA27046 ] C:\Program Files\Windows Defender\MpTpmAtt.dll
23:38:01.0896 0x1768 C:\Program Files\Windows Defender\MpTpmAtt.dll - ok
23:38:01.0898 0x1768 [ 5B6BA38DD9DFD9A53EE5E97B03AA2C22, A897F8B128654FCE23DA5FFBC43C845315C6A84F03110CC7C2F7402393621F3E ] C:\Windows\SysWOW64\igdusc32.dll
23:38:01.0898 0x1768 C:\Windows\SysWOW64\igdusc32.dll - ok
23:38:01.0900 0x1768 [ 13C358D27CBFAF537FA7CA48B9052CF3, BC6AD061DA6B348774E9B65750C986F43148B78E8F97CCBE9AA99EA7D8759620 ] C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
23:38:01.0900 0x1768 C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe - ok
23:38:01.0902 0x1768 [ 33F5EE33BAAD7DEF96DA4270D0F4B308, 97A554E73AFC4BA6C638DF14F77D61423CF37C25A61509CABB17E930812C289D ] C:\Windows\System32\wbem\cimwin32.dll
23:38:01.0902 0x1768 C:\Windows\System32\wbem\cimwin32.dll - ok
23:38:01.0904 0x1768 [ 08DD4407C37B2407EF2C87DF1558BD5C, B22A65E2E88254B8D1D73BA0C9CF7B4D1A6050390F1BC9A8196F4D649CB98976 ] C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libpeerconnection.dll
23:38:01.0904 0x1768 C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libpeerconnection.dll - ok
23:38:01.0906 0x1768 [ 65E9B707B157DB2D2844AD4D4ADF4EE9, 3890877E0E1E727427ED85C46733DC4F663FB76A0AE3855CAF1C48704C29C3B2 ] C:\Windows\SysWOW64\bthprops.cpl
23:38:01.0906 0x1768 C:\Windows\SysWOW64\bthprops.cpl - ok
23:38:01.0908 0x1768 [ 7892D1F256CB6EEF313CA5A084A21213, F301F24D56A9DF1FFDE1091EDB6066D4C31AC13C3725B972581A6CA7FB4943A8 ] C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
23:38:01.0908 0x1768 C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll - ok
23:38:01.0911 0x1768 [ C32ADB033616D0409641BCD4439033F8, 195349D40A7B573DB382037BE3F49C9748F576CECCB9013FCB67A6407FA12E19 ] C:\Windows\System32\framedynos.dll
23:38:01.0911 0x1768 C:\Windows\System32\framedynos.dll - ok
23:38:01.0912 0x1768 [ 83481CF1FAD89FAA7E3CDF6AF10C11D1, 23B3C5FF5405C277E5F8336385E37E6FC4CA6D4F71F9A30E8017CBE862442CCC ] C:\Windows\System32\wpnapps.dll
23:38:01.0912 0x1768 C:\Windows\System32\wpnapps.dll - ok
23:38:01.0915 0x1768 [ 716228882A7BE5133B97D70CDDB69E6B, 9356E640B09597C81B2D6BAEFDE1A4955A673F8A9A15173BF4E9D80C3D2350EE ] C:\Windows\System32\Windows.ApplicationModel.dll
23:38:01.0915 0x1768 C:\Windows\System32\Windows.ApplicationModel.dll - ok
23:38:01.0917 0x1768 [ 72FF1F84076C0178E4F7B33AFB91BFFC, 1E9488B5260823FE7CB9117A195C41990B11FF482533891F711D7AA56A683BA3 ] C:\Windows\SysWOW64\BluetoothApis.dll
23:38:01.0917 0x1768 C:\Windows\SysWOW64\BluetoothApis.dll - ok
23:38:01.0919 0x1768 [ 4A1780F986DC1EAE2FADF3219F211C8D, E321CFD28FD347BEF6AC894C92C4DC9B403795F0191D0DD04E3CE423DFD85E70 ] C:\Windows\SysWOW64\sxs.dll
23:38:01.0919 0x1768 C:\Windows\SysWOW64\sxs.dll - ok
23:38:01.0921 0x1768 [ B953A10B98ED83C2EF7C7D9153F18924, 053E2C4E1DCE12F15FEBF6A87987F7B1A2EABC29AE002660DC2629B3A3861DB5 ] C:\Windows\System32\Windows.Networking.BackgroundTransfer.dll
23:38:01.0921 0x1768 C:\Windows\System32\Windows.Networking.BackgroundTransfer.dll - ok
23:38:01.0923 0x1768 [ E864425BF77080E8D780A3AEB3AF7E13, 4508C51327232983802B514704B70B9298B2952214F6EB454597DA5DEA2D569B ] C:\Windows\System32\wmi.dll
23:38:01.0923 0x1768 C:\Windows\System32\wmi.dll - ok
23:38:01.0925 0x1768 [ 5878613C2E0EFB4F656DDADC452551B6, C77BA7BBBE979AE507114766681B7E9F28273DA77AC410CF5BF9C850C3469B2A ] C:\Windows\SysWOW64\winsta.dll
23:38:01.0925 0x1768 C:\Windows\SysWOW64\winsta.dll - ok
23:38:01.0927 0x1768 [ 35EF036F6EE1FAFD6CF49EBE9F2471C4, E05E3B52D2A414BDE89D76D9D2AD3F5E5475F5B44D44DB4036F2DC07895AEB22 ] C:\Windows\System32\browcli.dll
23:38:01.0927 0x1768 C:\Windows\System32\browcli.dll - ok
23:38:01.0929 0x1768 [ D3DDD474C0128EBEC4B4A48896A1D2DC, 73A1A421233F6DECE8B3646685814CF1B11A8B3348427D9F9EE9D2489D5A86DF ] C:\Windows\System32\schedcli.dll
23:38:01.0929 0x1768 C:\Windows\System32\schedcli.dll - ok
23:38:01.0931 0x1768 [ A9669D7EB8431CBCE3F1382ED625A5DD, AB05D278539EEA582F8B1885CFDC41CB813510A3CD501E81DBB7F3091669C524 ] C:\Windows\SysWOW64\devenum.dll
23:38:01.0931 0x1768 C:\Windows\SysWOW64\devenum.dll - ok
23:38:01.0933 0x1768 [ 8A50547F54A3BD5BE9A1E151E15D3F92, 6FC58D65AC32DFD02FC3B6B44184C59FF8F3952B45A8E746433741FE0C64158B ] C:\Windows\System32\profext.dll
23:38:01.0933 0x1768 C:\Windows\System32\profext.dll - ok
23:38:01.0935 0x1768 [ 22CE61D271DFA62208FC07FFF7E4922E, 5CE9AA4876D4772F58A498B43171962B6B4E99A4922B9B19982BBA6613815780 ] C:\Windows\SysWOW64\ieframe.dll
23:38:01.0935 0x1768 C:\Windows\SysWOW64\ieframe.dll - ok
23:38:01.0937 0x1768 [ C0B4E207F403024DB67C79497D4B3546, 1B54F8F0EFE703E94C7D7147F0B4203115E0689F7208EFB530507769FAAAC983 ] C:\Windows\SysWOW64\avicap32.dll
23:38:01.0937 0x1768 C:\Windows\SysWOW64\avicap32.dll - ok
23:38:01.0939 0x1768 [ 2E8111191A367645DDAF84D49361B532, 279283AD95161CC6AD883627B40D301FBD3D154FA88FDE6B3EA44E42EA7F0F57 ] C:\Windows\SysWOW64\msvfw32.dll
23:38:01.0939 0x1768 C:\Windows\SysWOW64\msvfw32.dll - ok
23:38:01.0941 0x1768 [ 0117D133F318D838D03E87DF438EE699, 2D2D248CCC3F7F9BF2A2221C0D60652C79B9711545582994587675ED2DB18881 ] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\CtPinMgr.dll
23:38:01.0941 0x1768 C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\CtPinMgr.dll - ok
23:38:01.0944 0x1768 [ 4AE596D3A2F7A2322130FAFE229E06F7, 8ECE1771FC54B9B4B390AC0CE53424AE871FA340F9EE2753C17CD8A48F659A3A ] C:\Program Files (x86)\Internet Explorer\IEShims.dll
23:38:01.0945 0x1768 C:\Program Files (x86)\Internet Explorer\IEShims.dll - ok
23:38:01.0955 0x1768 [ 60D7F302ED31EB584501647FF772DD22, 63C42C6BB612BC619436376F0C603E55098F7C660C4D2730390075E4D9554EB9 ] C:\Program Files (x86)\Internet Explorer\ieproxy.dll
23:38:01.0955 0x1768 C:\Program Files (x86)\Internet Explorer\ieproxy.dll - ok
23:38:01.0962 0x1768 [ D1DFA16800B3ADB9C4A48FE6E162D964, 6F004197501996339F7DABB158DBE44CB7CE572714A7F4E714DF6107E1E7872F ] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\CTPControl.dll
23:38:01.0962 0x1768 C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\CTPControl.dll - ok
23:38:01.0971 0x1768 [ 406B28AA4CED8748CD541DB5086A1939, A9B5DCA33A63100C8D1954CD1F8FEC70B5D001DADA547E091A48A7612F563157 ] C:\Windows\SysWOW64\ksproxy.ax
23:38:01.0971 0x1768 C:\Windows\SysWOW64\ksproxy.ax - ok
23:38:01.0975 0x1768 [ 7525C93645FDA8E9D8F677FEA833798A, 9878B88C57119580EF1F5D1DF93C62A3CFFFD0AC4E764D9AC05C727D0D1B2EED ] C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
23:38:01.0975 0x1768 C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe - ok
23:38:01.0977 0x1768 [ 0757E3969B6C0FE8A8323E92219BFD65, 654ED0982CB4C7D7C10E64356335B97ED09826FB7E71534F64DF1E822C26F666 ] C:\Windows\SysWOW64\ksuser.dll
23:38:01.0977 0x1768 C:\Windows\SysWOW64\ksuser.dll - ok
23:38:01.0980 0x1768 [ A7AD0C0D77A054FE7E714139E19BD7F8, E0E421B94E8A335681D07820D95129377F99B64B9D985AFF3F32B41495629E75 ] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\CTPControl.crl
23:38:01.0980 0x1768 C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\CTPControl.crl - ok
23:38:01.0982 0x1768 [ C086ADD97AE7697CAB9FC03FC89FA4A3, C85BC961414F45B76F70A20D690DCDDEFE806B3534D587CCEAAAB436F612BF65 ] C:\Windows\SysWOW64\ieui.dll
23:38:01.0982 0x1768 C:\Windows\SysWOW64\ieui.dll - ok
23:38:01.0984 0x1768 [ DD51A0A01A20D1CFEAE681EAC9A789C6, 93B106BDA6B8DE9FDE481AF9D20E2F5D3F9CA921DAEAF24D0F02DA0871FB1BD0 ] C:\Windows\SysWOW64\msdmo.dll
23:38:01.0984 0x1768 C:\Windows\SysWOW64\msdmo.dll - ok
23:38:01.0986 0x1768 [ 5EE3F33B544E1836DB677E0E30DE30FE, 0B90D2AF4FB29E72C2247682BA52C19507F530E7492D5A6D12D85CCABFEA0AB0 ] C:\Windows\SysWOW64\vidcap.ax
23:38:01.0986 0x1768 C:\Windows\SysWOW64\vidcap.ax - ok
23:38:01.0988 0x1768 [ B0A1456EABA9EFBB0AAF0F6C687D323C, 5A8AAC23E8371E8EC971D61F36BBB5626A413D1A69557CF712C23B6DE4B018E4 ] C:\Windows\SysWOW64\Kswdmcap.ax
23:38:01.0988 0x1768 C:\Windows\SysWOW64\Kswdmcap.ax - ok
23:38:01.0990 0x1768 [ EB5347F6149D3FF25F4D609A21A3BD67, 8264130CE01BC79D3D409BB675D29749BFD80D19AD2616B0F629F08426B42F67 ] C:\Windows\SysWOW64\mshtml.dll
23:38:01.0990 0x1768 C:\Windows\SysWOW64\mshtml.dll - ok
23:38:01.0992 0x1768 [ 553DF0972BACAD324BE8199CCA05D6DC, C9DC4B18EC4C671D9D101A19E79B4C25AB64D989902DCDD0EC63F7A4BD09EF4E ] C:\Windows\SysWOW64\mfc42.dll
23:38:01.0992 0x1768 C:\Windows\SysWOW64\mfc42.dll - ok
23:38:01.0994 0x1768 [ B27C56D844AB064547D40BF4F0A96EAE, C045615FE1B44A6409610E4E94E70F1559325EB55AB1F805B0452E852771C0AE ] C:\Windows\SysWOW64\odbc32.dll
23:38:01.0994 0x1768 C:\Windows\SysWOW64\odbc32.dll - ok
23:38:01.0996 0x1768 [ C9C0B562C7AA50A672766AAC8112DF05, D7AF67B1150AC1120FE6248065F2B95E63ED8E9F6F205F963CEC7CE6F5B0643F ] C:\Windows\SysWOW64\d2d1.dll
23:38:01.0996 0x1768 C:\Windows\SysWOW64\d2d1.dll - ok
23:38:01.0998 0x1768 [ 49B8394069851C9C431C40D6EA259B20, D3670741AE89F2861716A624FD310183C285E8B5E729A5ABFA0D553720B75487 ] C:\Program Files (x86)\Internet Explorer\sqmapi.dll
23:38:01.0998 0x1768 C:\Program Files (x86)\Internet Explorer\sqmapi.dll - ok
23:38:02.0001 0x1768 [ E81AC183EE021B3EC81B4005F4CE2D7D, D2486FCE463B1392283A8F1E6AAF7BE0E79463EE83290BFFC19FE7DCF9643160 ] C:\Windows\SysWOW64\linkinfo.dll
23:38:02.0001 0x1768 C:\Windows\SysWOW64\linkinfo.dll - ok
23:38:02.0003 0x1768 [ 2ABD44418721B2502A3FF1928DB07F0B, 28B9B2F2AB153A5911FA34C942935999E86E3D402089428A92AA6F9BE7922573 ] C:\Windows\SysWOW64\DWrite.dll
23:38:02.0003 0x1768 C:\Windows\SysWOW64\DWrite.dll - ok
23:38:02.0005 0x1768 [ EFD9B12C1CD8FDFD50C48153AF0A49F3, EB5F906324DD1BC62BA92605F07EE1C2A94BCBA18845394AC2A48B22CF57F971 ] C:\Windows\SysWOW64\ntshrui.dll
23:38:02.0005 0x1768 C:\Windows\SysWOW64\ntshrui.dll - ok
23:38:02.0007 0x1768 [ 15FBE33156A5F17280C549DBA993442C, 6B17B82F7ECCEA049C5A28A6C2AF8F4915BDD58337EFD50B96DD2177E9C41298 ] C:\Windows\SysWOW64\dxgi.dll
23:38:02.0007 0x1768 C:\Windows\SysWOW64\dxgi.dll - ok
23:38:02.0009 0x1768 [ 67D2296474FB0F3B858E1758FFA3AC79, 072B8413840DFD27EC5335A8CDAF64E47702BDDAC4509B1595E4F3FC7AEF9916 ] C:\Windows\SysWOW64\d3d11.dll
23:38:02.0009 0x1768 C:\Windows\SysWOW64\d3d11.dll - ok
23:38:02.0011 0x1768 [ DB06CCC6EC5F99A4CFFC871F829B9258, AF9DD26E0FF966E75A0A176B20450A4D531AF72C0ADECC8C3A9B2F741E9C1A3D ] C:\Windows\SysWOW64\igd10iumd32.dll
23:38:02.0011 0x1768 C:\Windows\SysWOW64\igd10iumd32.dll - ok
23:38:02.0013 0x1768 [ 0379D09E8D407F5BBE07C9D06DDA783D, 38B5BF7C44B254E2E2CB08FB8507878EA68970357C94E749965D27FBF726E012 ] C:\Windows\SysWOW64\mlang.dll
23:38:02.0013 0x1768 C:\Windows\SysWOW64\mlang.dll - ok
23:38:02.0015 0x1768 [ CA65CBA869C67114321F33385589277E, 8F7CD7B78ECC9AF0F0C86BAB06663733656444C33F85D006B41703290F02B15A ] C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1221\1.0.1221\TmopIEPlg32.dll
23:38:02.0015 0x1768 C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1221\1.0.1221\TmopIEPlg32.dll - ok
23:38:02.0017 0x1768 [ 0F4A092946506F48530963D8D40CBDF1, AB36651F09DC4E0664045C6C837A507CC1C7E53E6E20777D8D4AA5BCC56DA23F ] C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1221\1.0.1221\TmOsprey32.dll
23:38:02.0017 0x1768 C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1221\1.0.1221\TmOsprey32.dll - ok
23:38:02.0019 0x1768 [ 978F30B2763003341A405BD5EC107354, 01956B7664A14F94CCF497987B2EB634776A4A275BD4625D839F2841F52C3839 ] C:\Windows\SysWOW64\SearchFolder.dll
23:38:02.0019 0x1768 C:\Windows\SysWOW64\SearchFolder.dll - ok
23:38:02.0021 0x1768 [ C7158B3985E2229C8F0C7D582DD5EA73, F7A2A38C91930E114DD1E50E7340F5851F30703F65A6D0C8191533C391753206 ] C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1137\7.5.1137\TmBpIe32.dll
23:38:02.0021 0x1768 C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1137\7.5.1137\TmBpIe32.dll - ok
23:38:02.0023 0x1768 [ 4629606D2510FE587690BEB01BFDC67C, 01940BFC07D6C0AB940FD2E8AB929BC64383F82C3EC31971830ACD2A272845E4 ] C:\Windows\SysWOW64\actxprxy.dll
23:38:02.0023 0x1768 C:\Windows\SysWOW64\actxprxy.dll - ok
23:38:02.0025 0x1768 [ 7B50AD3FE6FA23D5D0E69455740986C6, 0DD0BAE456619D78BA2162D91E6CB69817B4B8DFAF0D07A26F49482093368E5F ] C:\Windows\SysWOW64\StructuredQuery.dll
23:38:02.0025 0x1768 C:\Windows\SysWOW64\StructuredQuery.dll - ok
23:38:02.0027 0x1768 [ A7069E793D4434CC7F4E5D0AFF493939, 4E21568A4DB81549A9532FDE33F1555ABB6AC93BFD4A8D97E77C191D7BD9355C ] C:\Windows\System32\mlang.dll
23:38:02.0027 0x1768 C:\Windows\System32\mlang.dll - ok
23:38:02.0029 0x1768 [ BACD9D28E19839CDFBA3151CE52F3AA2, 9D7B6DC895D48FFF234D62114CB6D07DBA86EB4A5A160D9605137C3349117B43 ] C:\Windows\SysWOW64\ninput.dll
23:38:02.0029 0x1768 C:\Windows\SysWOW64\ninput.dll - ok
23:38:02.0031 0x1768 [ 064CCD547F0934A85A9195A92D771F59, 3E29A552F6994D8D55D4201CFEC9FFD1E9E853454390CCF9B1543C5FF2EAAD98 ] C:\Windows\SysWOW64\jscript9.dll
23:38:02.0031 0x1768 C:\Windows\SysWOW64\jscript9.dll - ok
23:38:02.0033 0x1768 [ 513D77A8EE3FF8067CC3A65DAE1A3F5A, 7592058FC708C884BB2AC46A30C481495D267DD94FCBDA7332DF8221C9A5742C ] C:\Windows\SysWOW64\msimtf.dll
23:38:02.0033 0x1768 C:\Windows\SysWOW64\msimtf.dll - ok
23:38:02.0035 0x1768 [ D30975FD233E399744E2FB083F5E5545, 5556D2CBF64DA04486AAD7CF4E4FF88A2285C9AE873FD893F5D26AF6BA052CAB ] C:\Windows\SysWOW64\dcomp.dll
23:38:02.0035 0x1768 C:\Windows\SysWOW64\dcomp.dll - ok
23:38:02.0037 0x1768 [ 43B223C4799777C4DA008469DD913813, 0E112702AC194A2020577554381958ABB6FF08ABE949AD0DDA2BBEB1D4FD60E4 ] C:\Windows\System32\wbem\NCProv.dll
23:38:02.0037 0x1768 C:\Windows\System32\wbem\NCProv.dll - ok
23:38:02.0040 0x1768 [ 37C863F568421EE07CEAD1F181138F79, 64A7B34D4A0AA598637AB57181036928D28A3AA49863FF0BD09466EF8ABC771C ] C:\Windows\SysWOW64\WindowsCodecs.dll
23:38:02.0040 0x1768 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
23:38:02.0042 0x1768 [ 947E09E9669A264420A13C24C669E7C0, DC03AD7032B184813C7A4F7D86231CA80C50D00795A4BB7688E8310F46F26512 ] C:\Windows\SysWOW64\xmllite.dll
23:38:02.0042 0x1768 C:\Windows\SysWOW64\xmllite.dll - ok
23:38:02.0044 0x1768 [ F00441CC685740BE72A333A902803E1C, 9781F6552AF5C800C536FE09B029E2D5980DB284CA43A828F9C08BDC7E1B0DED ] C:\Windows\System32\BackgroundTransferHost.exe
23:38:02.0044 0x1768 C:\Windows\System32\BackgroundTransferHost.exe - ok
23:38:02.0046 0x1768 [ 5254A52E0F354BC7955E309C4166CE0A, CD23B5E54FE07A1AAC20BF6D214A26AB4209668A07AB5CF4430CD296B4447A92 ] C:\Windows\SysWOW64\msxml3.dll
23:38:02.0046 0x1768 C:\Windows\SysWOW64\msxml3.dll - ok
23:38:02.0048 0x1768 [ BBFD73042D7CB18120EEE089A9F761EE, A4690BC2A8E958D11325A7CBDC23E3658EF1C72641D0F2E61121C4A56283D212 ] C:\Windows\SysWOW64\UIAutomationCore.dll
23:38:02.0048 0x1768 C:\Windows\SysWOW64\UIAutomationCore.dll - ok
23:38:02.0051 0x1768 [ 56768162A12E67A4EAAF74AAB8F5405B, F880F8E05FBFFB1F3E38E569958D2258CFA5B93C0247022A4C8DBE30343F9541 ] C:\Windows\SysWOW64\WindowsCodecsExt.dll
23:38:02.0051 0x1768 C:\Windows\SysWOW64\WindowsCodecsExt.dll - ok
23:38:02.0052 0x1768 [ 16B5CCB46BB172BAEC8EFEEA74DE1575, 754DE40601A0A0CA9B82C062094458576E825CF5EF54EEAC8510C8D8AB3A98A1 ] C:\Windows\SysWOW64\icm32.dll
23:38:02.0052 0x1768 C:\Windows\SysWOW64\icm32.dll - ok
23:38:02.0055 0x1768 [ 4A719EBFD075C1EF182BA0AB80B5EBA4, CC13A92FFE1B73A293D579598C0A6479A232C9D57F82BCC45F6CBC211B862A01 ] C:\Windows\SysWOW64\Macromed\Flash\Flash.ocx
23:38:02.0055 0x1768 C:\Windows\SysWOW64\Macromed\Flash\Flash.ocx - ok
23:38:02.0056 0x1768 [ C7AE6A1EAE773F8CEC7F1180CAAB2072, 93F96A178217834E3CD88BC107778E6FC7053C6B20916FBB3FFE3505A3AAEB7D ] C:\Windows\SysWOW64\dsound.dll
23:38:02.0056 0x1768 C:\Windows\SysWOW64\dsound.dll - ok
23:38:02.0059 0x1768 [ 5D7373FB7AEB1EB13348DDF1B6630FCB, 322D3DD52D77AC4B5D4C18F9F2B5E6025AE34407BAF0F2E64CA20F355DD41C4E ] C:\Windows\SysWOW64\dinput8.dll
23:38:02.0059 0x1768 C:\Windows\SysWOW64\dinput8.dll - ok
23:38:02.0060 0x1768 [ 9B1532B1BA586E1F0DB0769CDAD0F83E, AC6995763EAE919DADFAEAF9F1A5E02C9CC978DD47DF312FBB7E79E1ABD128B1 ] C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
23:38:02.0061 0x1768 C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe - ok
23:38:02.0063 0x1768 [ 5F540AD6674AEFD64C1051648FF87DE3, BA4935185BD57AD6FB975F50AA49E8B6826A60DBCF1E3CB583582FC0BA09B503 ] C:\Windows\System32\dsound.dll
23:38:02.0063 0x1768 C:\Windows\System32\dsound.dll - ok
23:38:02.0065 0x1768 [ 14D3EDC750DAA89D322743781755314C, 8581D8BF170B3CBC2B962D985809A711E47364C0C5209979A4307D42AF7BD8ED ] C:\Windows\System32\d3d9.dll
23:38:02.0065 0x1768 C:\Windows\System32\d3d9.dll - ok
23:38:02.0067 0x1768 [ 552BF16E6398EDD8E320D70FE1DF8DF4, C907AE7135098046392A04C36A7A97EE8680A7EC8399A11E85EC16990A6924A5 ] C:\Windows\System32\d3d8thk.dll
23:38:02.0067 0x1768 C:\Windows\System32\d3d8thk.dll - ok
23:38:02.0069 0x1768 [ 6462A0101D15DC0EABAFC95F998C8AA0, 8EAEC76E0DBE6C64710B04D180563C0006CF01C7A72BED67205F4D6E47E59E2C ] C:\Windows\System32\oleaccrc.dll
23:38:02.0069 0x1768 C:\Windows\System32\oleaccrc.dll - ok
23:38:02.0072 0x1768 [ 1F027F61DDA16F7831050CEF280821C3, 059920DACF0D1D123A6F022DAF5914BE250BA35D74CB2274C62391F92B285762 ] C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.dll
23:38:02.0072 0x1768 C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.dll - ok
23:38:02.0074 0x1768 [ 476D80BD1DF3D834786FA3C781B44EDD, 22D23DD0A4F298A0FDAEFAD09A3459C4F0EA65FC10152E005C7DC0460B10FCC1 ] C:\Windows\System32\dinput8.dll
23:38:02.0074 0x1768 C:\Windows\System32\dinput8.dll - ok
23:38:02.0076 0x1768 [ C58594E368B935CD001FC3F503D23A6B, D9D9009DE250F86E61F1895FC9D273B7C8C2D1234375BF7E3466113D7EF7CB4B ] C:\Windows\System32\localspl.dll
23:38:02.0076 0x1768 C:\Windows\System32\localspl.dll - ok
23:38:02.0078 0x1768 [ 024A5FF9EB31F7D1E98E1167D28C6781, ADBE1F8F94774EAF6E64C7AD326B4289564C19C0F2CCCA67B637124E32325FAB ] C:\Windows\System32\spoolss.dll
23:38:02.0078 0x1768 C:\Windows\System32\spoolss.dll - ok
23:38:02.0080 0x1768 [ 4F1E771801EED912FB37CEB838F8F153, C0868D2CAFB1AEF4342BCE53BC8EAF1DDC629C5AD2BC074D789FC574158306CD ] C:\Windows\System32\PrintIsolationProxy.dll
23:38:02.0080 0x1768 C:\Windows\System32\PrintIsolationProxy.dll - ok
23:38:02.0082 0x1768 [ 64362206C83D3C300E37267118D5936B, 80EC6B81C52C434A9EAC0EB0AAF7ADB9CC540C62515ABBE65B1DB198A625DA6C ] C:\Windows\System32\FXSMON.dll
23:38:02.0082 0x1768 C:\Windows\System32\FXSMON.dll - ok
23:38:02.0084 0x1768 [ 70179FFB5487A8A2BB4A1AB1B22219E6, 5D215C7CF76EA505763A76A56A1920C773DB0E07EDFF195B519FFBA9142292F3 ] C:\Windows\System32\tcpmon.dll
23:38:02.0084 0x1768 C:\Windows\System32\tcpmon.dll - ok
23:38:02.0086 0x1768 [ 3B17ED08AD8C86A1C6407CEE7CCF446B, C8785C39399AA883A2507FD6FC4C4B28EEC56A5DCD63F28D8D6C2308079C75FC ] C:\Windows\System32\snmpapi.dll
23:38:02.0086 0x1768 C:\Windows\System32\snmpapi.dll - ok
23:38:02.0088 0x1768 [ 91F658373C97A1A2633690730B05C081, B79B896C364BEE88E84D46B727AB7B16DFEC51FB93252089E3813679836A0947 ] C:\Windows\System32\wsnmp32.dll
23:38:02.0088 0x1768 C:\Windows\System32\wsnmp32.dll - ok
23:38:02.0090 0x1768 [ 9BE4639FD1A3F8A9FECFE958D7B04F9A, 99A0AA3083D62F64FBBCA7F547F551D025AF274F51A5885AABE518D481C67E95 ] C:\Windows\System32\usbmon.dll
23:38:02.0090 0x1768 C:\Windows\System32\usbmon.dll - ok
23:38:02.0092 0x1768 [ B29B13914A2692EA6A6E9E1D6FFB9760, F5CC89062500538A31AED8E017E2B72F934040365C02CC7F9B60237185DFC562 ] C:\Windows\System32\WSDMon.dll
23:38:02.0092 0x1768 C:\Windows\System32\WSDMon.dll - ok
23:38:02.0094 0x1768 [ EF4C4EA376D172D966AB31388B3B63B6, FF07C7B6CA66200A20D28668E4E9B401936EAB7F9A4FBD9F90BBA3D49E19AD77 ] C:\Windows\System32\drvstore.dll
23:38:02.0094 0x1768 C:\Windows\System32\drvstore.dll - ok
23:38:02.0096 0x1768 [ 07106140D0596D785328DEFE0297166A, FC024C3B551012F8AEA945FF14577C18327EFF6FF9B8109FE3834FC5C33CF5CA ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
23:38:02.0096 0x1768 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
23:38:02.0098 0x1768 [ EB1910FCBC61A478E07FCB59487B56AD, 10F1568413B570C9C9AD0F16E38BDE464A7FF49A0A0E374FE37D1A29C4A704CA ] C:\Windows\System32\win32spl.dll
23:38:02.0098 0x1768 C:\Windows\System32\win32spl.dll - ok
23:38:02.0100 0x1768 [ BE0FC6BFE7181F8621B2BD572658A83E, 919CEE8976A2D04A48F2BBE6178683C92F6B787E0BD5E8511596186B21A22D96 ] C:\Windows\System32\inetpp.dll
23:38:02.0100 0x1768 C:\Windows\System32\inetpp.dll - ok
23:38:02.0102 0x1768 [ 4D403440E2D3186482B1488462DEFFE0, 9F10355186732B5DEAB2C5113F43C194ECAD6B9DDB2B8F1AF41B63CB2CBD68D1 ] C:\Windows\System32\ieapfltr.dll
23:38:02.0102 0x1768 C:\Windows\System32\ieapfltr.dll - ok
23:38:02.0104 0x1768 [ ABEFA4BD23329FD9BD47496BF2E58774, 9689D4C6380735EE1CC7F480696CDDC229E0FA511942AC813314D353584D82DD ] C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
23:38:02.0104 0x1768 C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe - ok
23:38:02.0106 0x1768 [ 09C693F051507A134D180556A011A6C5, 9328E74476A115086B8E051CB2335D84D39474EBD248CD2587538A6E736BD49E ] C:\Windows\System32\WinSync.dll
23:38:02.0106 0x1768 C:\Windows\System32\WinSync.dll - ok
23:38:02.0108 0x1768 [ 2C24DC448DBE8DB9BE1441B824C57E79, DA2257EEC964A47D03C2BB13317FD788E51D4685E2395B303ED7B2575FEF3B19 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
23:38:02.0108 0x1768 C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe - ok
23:38:02.0110 0x1768 [ C0FCDE5B040C2F1430E15B7747B4FEB1, 4B09A77957A22C416DBBDA1FD17B9C155FA001B5CC8F70EA2E9C7A720569DBFA ] C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RsCRLib.dll
23:38:02.0110 0x1768 C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RsCRLib.dll - ok
23:38:02.0112 0x1768 [ 7591C54361CE812997CF0A814AC41AEF, 95736166FB359375509B62BD2144783AE7B67D26147B8BD2D90D9844EE4878A7 ] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
23:38:02.0112 0x1768 C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe - ok
23:38:02.0114 0x1768 [ 7A554464C1B1380C5B74ADF3DED4F663, 93BC0FFBF003982CF873B270FF845185235205E33ED1B9BD1C9811AB657F4175 ] C:\Windows\apppatch\AcLayers.dll
23:38:02.0114 0x1768 C:\Windows\apppatch\AcLayers.dll - ok
23:38:02.0116 0x1768 [ 3AA79A83EC7D1B16D296029035A9C399, 4674894D18CE9026CA54AFA9556987023C14A92EC24AFCB29030B80ABF7E0535 ] C:\Windows\SysWOW64\sfc.dll
23:38:02.0116 0x1768 C:\Windows\SysWOW64\sfc.dll - ok
23:38:02.0119 0x1768 [ 3958E82529DA716D1D2F0C44E6F14187, 4813DF3A12DFA72461CBDFB01DBC3FADAEFB9360245798F05A3416ADE4DAED34 ] C:\Windows\System32\pcadm.dll
23:38:02.0119 0x1768 C:\Windows\System32\pcadm.dll - ok
23:38:02.0121 0x1768 [ 0094AEEC1FABFAF70383D5AF89464CB5, AA234CA70DF04655013085699544D576E497D2606C585FFBF63556D92C7AB4F3 ] C:\Windows\System32\Query.dll
23:38:02.0121 0x1768 C:\Windows\System32\Query.dll - ok
23:38:02.0123 0x1768 [ 4B306F10745897D61713D1072722A988, E62BF6A4442B8A670969243C55D3F9A0882E267353667569A846F7CEC527B9E4 ] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\wlcore.dll
23:38:02.0123 0x1768 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\wlcore.dll - ok
23:38:02.0125 0x1768 [ F0AC222553EEB1D7B5F335AFBBF21A7E, A876CD2FF32EDE224EA5E19F8DA347D994639398C41B32F350D3158F4BE2A1A2 ] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\microsoft.windowslive.platform.eas.dll
23:38:02.0125 0x1768 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\microsoft.windowslive.platform.eas.dll - ok
23:38:02.0128 0x1768 [ 2AB88E411B8BEFFE896705FBF4706978, A8C3278C3877FC719561334A8E12CC386BEBE411FFC8FE700A2CA5D510630CF4 ] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\microsoft.windowslive.platform.calendar.dll
23:38:02.0128 0x1768 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\microsoft.windowslive.platform.calendar.dll - ok
23:38:02.0130 0x1768 [ 8DB30DA1FA8620A5C4AF53DEB85194D8, D106A7F3970324ED13943CA6E81626D500A6B38C117FB77A4F4F6AB18B2BA0AB ] C:\Windows\SysWOW64\NapiNSP.dll
23:38:02.0130 0x1768 C:\Windows\SysWOW64\NapiNSP.dll - ok
23:38:02.0132 0x1768 [ 4947B4C100BE88C83F027D1C8DBC4B84, 1C35AE176FA15918A8FEA50ED5D74B2BE18E3AE19928EF74A69690234FF9810F ] C:\Windows\SysWOW64\pnrpnsp.dll
23:38:02.0132 0x1768 C:\Windows\SysWOW64\pnrpnsp.dll - ok
23:38:02.0134 0x1768 [ 8700883867FBD565BF6C2DAE8B2D7810, DAD073DA251EB1AF756EE7739427B305FBE6D8F74B63D8B1CEC301ED8A2023BA ] C:\Windows\SysWOW64\winrnr.dll
23:38:02.0134 0x1768 C:\Windows\SysWOW64\winrnr.dll - ok
23:38:02.0136 0x1768 [ D349F1E9D0388A78B6AE769F1450BA3E, D3E8A419559F1C0D33DAB3EBC6CB1C7DB98BBEF1707F5C504BA9D2EDAAB41622 ] C:\Windows\SysWOW64\wshbth.dll
23:38:02.0136 0x1768 C:\Windows\SysWOW64\wshbth.dll - ok
23:38:02.0138 0x1768 [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] C:\Windows\System32\sppsvc.exe
23:38:02.0138 0x1768 C:\Windows\System32\sppsvc.exe - ok
23:38:02.0140 0x1768 [ 325D9D1D5D819BD6474BC3E674650138, 5657C46954E02A276439E385299FD3392A828DA223C37EA7A711264045D8609D ] C:\Windows\System32\cryptxml.dll
23:38:02.0140 0x1768 C:\Windows\System32\cryptxml.dll - ok
23:38:02.0142 0x1768 [ 515583507D3828E827FF6352C9ACCEFA, D0C42020FA787804DA26FE07D67C8880FE027A230BD9EB6A706862D89181F2BE ] C:\Windows\System32\wscsvc.dll
23:38:02.0142 0x1768 C:\Windows\System32\wscsvc.dll - ok
23:38:02.0144 0x1768 [ E1A119AD21F5AFE22EB516C549306D3D, 48769D5E7A78B7A2C00F1F6798AC133CF3E0B2C76F71D3719BD741DDD8F2D229 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
23:38:02.0144 0x1768 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe - ok
23:38:02.0146 0x1768 [ 3510BDECCBCCFC97A5238BE65CE1EC42, EA678D5BA9CF4990628327A2C3765AFB5BC13139360660B04A755683C07EC6ED ] C:\Windows\SysWOW64\wsock32.dll
23:38:02.0146 0x1768 C:\Windows\SysWOW64\wsock32.dll - ok
23:38:02.0148 0x1768 [ 64EE4663A3876638471F03586474DC13, E940F56893ACC0086CE44BE239AB7869BC11233D84FDDAAAF64FC1BE98110492 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
23:38:02.0148 0x1768 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll - ok
23:38:02.0150 0x1768 [ D0C751D4D43B16327566FE17F39F461D, 56AB216BC6017E8171CA51DD21AEDAECC56C8BB2DFE83A1A54403A4CC7070B79 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\WsmanClient.dll
23:38:02.0151 0x1768 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\WsmanClient.dll - ok
23:38:02.0153 0x1768 [ E2430ECA924632371CC085AA4F086E65, 0C5A418B5A2B678335CEC5D0150A89CE1D59F2D686A30AA7CC66209D2F316E56 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\Common.dll
23:38:02.0153 0x1768 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\Common.dll - ok
23:38:02.0155 0x1768 [ 7B07B798B13DB6C65DFD16FC765F7139, FC4AF97A1D580D6FA0F810BA9174CF57D3ED960E0B5BEBB42E8E7C9810687E24 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\GmsCommon.dll
23:38:02.0155 0x1768 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\GmsCommon.dll - ok
23:38:02.0157 0x1768 [ A8775E27277EB516E3D2DDD87CD34DAD, 951AD7AA028306E86D882F29AF85F257340F720069FA3CE43680ED7278BC91DC ] C:\Program Files\Windows Media Player\wmpnetwk.exe
23:38:02.0157 0x1768 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
23:38:02.0159 0x1768 [ 2120A35C9222C972AE75950A234CCB50, 101A95CFA18E8BD3380B26B2434538731F079864092CF968FFBB253C32973C66 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\Configurator.dll
23:38:02.0160 0x1768 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\Configurator.dll - ok
23:38:02.0162 0x1768 [ 4D3D037C655D35AE8FF6F8A30B11CF90, 3B85A8A6489F35FF758DD7820B24F53509EA0F212868BB0D7E9338EAA3643C3F ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\EventManager.dll
23:38:02.0162 0x1768 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\EventManager.dll - ok
23:38:02.0164 0x1768 [ CCF57046826C605CC8782D85225A77AF, FB44E868C9C19A22FB55C5EA82188965F87BDD2E3CF322D26BF1F8BAC68B3E0C ] C:\Windows\System32\wscinterop.dll
23:38:02.0164 0x1768 C:\Windows\System32\wscinterop.dll - ok
23:38:02.0166 0x1768 [ BEA61BAC330230D3B1340F29A2312DD2, 22E2439E63F27AFA596868FC31D0AE2F6DAA95A82F71D1FBF9FDFF8180F8E4CB ] C:\Windows\System32\wsock32.dll
23:38:02.0166 0x1768 C:\Windows\System32\wsock32.dll - ok
23:38:02.0168 0x1768 [ 04B16F85684A1D3F74E4A07653F6BF14, 11065B347AF9A1D446DE122D8D885083434B3528F8CBBAA6D0CF59C947A1AF69 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\StatusEventHandler.dll
23:38:02.0168 0x1768 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\StatusEventHandler.dll - ok
23:38:02.0169 0x1768 [ 081EFB3179E58A757115D129E9DB4631, 632612B44D0EC65A067D83D47B492812A9FEFADF761132600968F81B16C7F462 ] C:\Windows\System32\wscui.cpl
23:38:02.0169 0x1768 C:\Windows\System32\wscui.cpl - ok
23:38:02.0171 0x1768 [ CCCDE17347904396A0102A9EE3669555, BA1E98C97CA2C636FC6084E03B843652C86E37F6323C31B902CC45E3587508F6 ] C:\Windows\System32\werconcpl.dll
23:38:02.0171 0x1768 C:\Windows\System32\werconcpl.dll - ok
23:38:02.0173 0x1768 [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] C:\Windows\System32\wercplsupport.dll
23:38:02.0173 0x1768 C:\Windows\System32\wercplsupport.dll - ok
23:38:02.0175 0x1768 [ B5E03CD317F089DFF67483641C9B0339, AE81D3F351922DECB0D4FBF6891BEA59BDED367086E49B7DAB42FDAF3A78BA33 ] C:\Windows\System32\wmpmde.dll
23:38:02.0175 0x1768 C:\Windows\System32\wmpmde.dll - ok
23:38:02.0177 0x1768 [ D88390FF8C23957633033ECFC941D04A, 4488597DA7EBF935AC643631062E7BBA5475F02283CB676A580A6C003A75B52A ] C:\Windows\System32\hcproviders.dll
23:38:02.0177 0x1768 C:\Windows\System32\hcproviders.dll - ok
23:38:02.0179 0x1768 [ 051EA7D6EEBAC6C5219991C19D72EB32, FE343E49B1C367FDD1946CCB3C314BC6666D5E249163A59A4864AAF5FB2E25E1 ] C:\Windows\System32\mfcore.dll
23:38:02.0180 0x1768 C:\Windows\System32\mfcore.dll - ok
23:38:02.0182 0x1768 [ 03F03B8E77492EB7324F2FA979FC7E64, 95335408E86B22183908BBA5E4A686AF7E1BC4BACA37CD693219F223297F54B3 ] C:\Windows\System32\WinSATAPI.dll
23:38:02.0182 0x1768 C:\Windows\System32\WinSATAPI.dll - ok
23:38:02.0184 0x1768 [ D484A8427675AA26EBC87A12349F6B34, F320CB8305ADDDDEA4C6B0525F4507FD343BB15AF99B6B893CDEDA7720E427A6 ] C:\Windows\System32\MSMPEG2ENC.DLL
23:38:02.0184 0x1768 C:\Windows\System32\MSMPEG2ENC.DLL - ok
23:38:02.0186 0x1768 [ D18E7AD0CD8BE38AA73AB51E5C8506BE, 8A2BA1A71F4642DCB152A92606A8AFCA3130B22D49AF4EDEDB4A8484774E9D70 ] C:\Windows\System32\wscisvif.dll
23:38:02.0186 0x1768 C:\Windows\System32\wscisvif.dll - ok
23:38:02.0188 0x1768 [ CF5C99357F26148BFCE32B1490FAD47C, 3D1BB9D43BC2CEE35A9095B4AF8BAFECEE79B625692A81CA6706A8B174B7F515 ] C:\Windows\System32\wscproxystub.dll
23:38:02.0188 0x1768 C:\Windows\System32\wscproxystub.dll - ok
23:38:02.0190 0x1768 [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] C:\Windows\System32\upnphost.dll
23:38:02.0190 0x1768 C:\Windows\System32\upnphost.dll - ok
23:38:02.0192 0x1768 [ 39C288E39B7B02614F997FB2077575ED, 17CF253A688F1DC8DCF6AF815D7FB3966DAD26A5FCB2619ADF1427F2F0D504FF ] C:\Windows\System32\sppwinob.dll
23:38:02.0192 0x1768 C:\Windows\System32\sppwinob.dll - ok
23:38:02.0194 0x1768 [ 1060AE975A2E63E5E5D2F0ABDC5D557D, F2B5F711D0031612EDAD0DEE2F3E037C2E883C985087E227582750B8CF91765C ] C:\Windows\System32\sppobjs.dll
23:38:02.0194 0x1768 C:\Windows\System32\sppobjs.dll - ok
23:38:02.0196 0x1768 [ 8C726499602B715ACABFBD96FDFF8362, 928348ADDBD7025BED374A5C56D6D5EFC3A40D863369F8CB32D704C2DE15ADED ] C:\Windows\System32\easwrt.dll
23:38:02.0196 0x1768 C:\Windows\System32\easwrt.dll - ok
23:38:02.0198 0x1768 [ BBDAE44A49657B63E0EC653DFDBABD83, 3375E616CE425C0389AAD1426854E0E9DAD824C0742436F63F672E92D152FDC6 ] C:\Windows\System32\udhisapi.dll
23:38:02.0198 0x1768 C:\Windows\System32\udhisapi.dll - ok
23:38:02.0201 0x1768 [ 99984EBB7C7C3239EF2A866033827BEC, 53FAB063E372B4BF4976CA196627647C1B489BF048197D99C81A82F78360A11B ] C:\Windows\System32\Windows.Media.Streaming.dll
23:38:02.0201 0x1768 C:\Windows\System32\Windows.Media.Streaming.dll - ok
23:38:02.0203 0x1768 [ 262D217E98800CC793CB962AF35FBA00, FF68164C5BC3487BBDCBDF5A468E8D21FDFDF1B6AFAC31519EF150FA2F5FA57A ] C:\Windows\SysWOW64\UIAnimation.dll
23:38:02.0203 0x1768 C:\Windows\SysWOW64\UIAnimation.dll - ok
23:38:02.0205 0x1768 [ 2754B116D797255B6A2F2F5DB1760238, C9CC6B815A9E98AAA4FB87C84C14670A884FC312137169CCF44573C474B0A38D ] C:\Windows\SysWOW64\d3d10warp.dll
23:38:02.0205 0x1768 C:\Windows\SysWOW64\d3d10warp.dll - ok
23:38:02.0207 0x1768 [ 83058B0F0CEC63A5A7438818B71C0935, 5D0B59AEEB24DF2755C1B8C23B4EE44130DFED432BD5EB6B2D064110BE3D83C0 ] C:\Windows\SysWOW64\msxml6.dll
23:38:02.0207 0x1768 C:\Windows\SysWOW64\msxml6.dll - ok
23:38:02.0209 0x1768 [ CC4A07377E8D987CF3077B18FC6D133B, F5F6AF17028C5E9A2B6B05AE7DFD405047FC8E1DCDFAED9E6ACC4A8F9CA3AEC2 ] C:\Windows\SysWOW64\slc.dll
23:38:02.0209 0x1768 C:\Windows\SysWOW64\slc.dll - ok
23:38:02.0211 0x1768 [ 7C4829EC5B8ECF4B3C43CAFA1C175939, 18CC93B44D540FB7E5A2181890E83422FB50EAB531AEFAFFB3DB9CAA830EFE2E ] C:\Windows\SysWOW64\sppc.dll
23:38:02.0211 0x1768 C:\Windows\SysWOW64\sppc.dll - ok
23:38:02.0212 0x1768 [ E0C14929C713C104B9F0502B37DD3291, 259ACFDD1B64EC5F135AB720F259530EAB9E8597FA054C10079EAD12FE848A14 ] C:\Windows\SysWOW64\imgutil.dll
23:38:02.0212 0x1768 C:\Windows\SysWOW64\imgutil.dll - ok
23:38:02.0215 0x1768 [ F84BD8034B7D24ABCE5B27430992C286, B43064D6428CBB01F02D7C40FA11A5350530AFD5464FF254D039E7435CC59863 ] C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe
23:38:02.0215 0x1768 C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe - ok
23:38:02.0217 0x1768 [ 83F4EDAEF65B8DD10D541A57894FC7BB, 824A2C608E3061520D3D19C79462425A3FF3997B8BEBB0B9F670B2DA2C0B11B8 ] C:\Program Files\WindowsApps\Microsoft.VCLibs.120.00_12.0.21005.1_x64__8wekyb3d8bbwe\msvcp120_app.dll
23:38:02.0217 0x1768 C:\Program Files\WindowsApps\Microsoft.VCLibs.120.00_12.0.21005.1_x64__8wekyb3d8bbwe\msvcp120_app.dll - ok
23:38:02.0219 0x1768 [ 866010FA7E15B3268BCB4C702467D77D, 91B0E82D9490D2B5306067859E2EF4E81C760B1EA287C4BD6AB9CA79995FF2EA ] C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\xpsviewrasterizerstore.dll
23:38:02.0220 0x1768 C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\xpsviewrasterizerstore.dll - ok
23:38:02.0222 0x1768 [ E38C14351D91F2C2C2D980206330935A, 59BA873813A4FEFB51D2EB83221590916820236A1450B8D7C7A01F8720322D4C ] C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\microsoft.sqm.dll
23:38:02.0222 0x1768 C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\microsoft.sqm.dll - ok
23:38:02.0224 0x1768 [ D2A77B09CDF7158943BF84A91C3A1DAB, 304A2CF4F3174DE67A847706A9E409348FB0DAAEB033F7E6A8889D4B5CD0C46C ] C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\microsoft.perftrack.dll
23:38:02.0224 0x1768 C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\microsoft.perftrack.dll - ok
23:38:02.0226 0x1768 [ D33C175C081B6770C32C6F4A561E99E4, 863A4B921A57C7AC8599620BB46150ACB531F055FA21A281AFA9E9B579696F10 ] C:\Windows\System32\WWAHost.exe
23:38:02.0226 0x1768 C:\Windows\System32\WWAHost.exe - ok
23:38:02.0229 0x1768 [ B503CAB1931596B1C09ADE56D50A19D2, 3F48AA94CCA642EC4B93A0FFB26DAF4E834161922BF9B1E9DD99C754965B7475 ] C:\Windows\System32\rometadata.dll
23:38:02.0229 0x1768 C:\Windows\System32\rometadata.dll - ok
23:38:02.0231 0x1768 [ 19F72269E0B9D9BA318DE8021392F9E1, AFACDF2F9B4608C29F1072ECB57BE1E3F1AFB0E34D356E7FC766B39E933D3094 ] C:\Windows\WinStore\WinStore.UI.WinMD
23:38:02.0231 0x1768 C:\Windows\WinStore\WinStore.UI.WinMD - ok
23:38:02.0234 0x1768 [ 797E2E5C309AFF76990D5B7AF457EACA, 24D76D57D2500829429588385C7613771E7AD5D3EE864740E38FD4BBD87DD42F ] C:\Windows\System32\mshtml.dll
23:38:02.0234 0x1768 C:\Windows\System32\mshtml.dll - ok
23:38:02.0236 0x1768 [ E4ACA305526214C454CCD83BBAF70F65, 6A4CC6C4EB24715348593B422BE2FE98AEA9BAB3E9AE142601D3E3C500CDFC41 ] C:\Windows\System32\msimtf.dll
23:38:02.0236 0x1768 C:\Windows\System32\msimtf.dll - ok
23:38:02.0238 0x1768 [ 84542F9BF48E14293B72D3C72AB13F3A, C20F0A84BC7FF2A07EF66886AE165F9252FE86B89ED1FD9B7D780BE5C0F64DCE ] C:\Windows\System32\WwaApi.dll
23:38:02.0238 0x1768 C:\Windows\System32\WwaApi.dll - ok
23:38:02.0240 0x1768 [ F2EF432780FDE5E661CD0DDA6D119708, F5E3D2FB1286366CF737E883C86336293FBC0B69400B778556010658A9BDF690 ] C:\Windows\System32\jscript9.dll
23:38:02.0240 0x1768 C:\Windows\System32\jscript9.dll - ok
23:38:02.0242 0x1768 [ DE0DDFFA93A7903F789D8247B700CFE2, CA3682B3F793D517770D7C7EFA645D96C6E55CAC9EA336C5B449A9957F5CC71D ] C:\Windows\WinStore\WinStoreUI.dll
23:38:02.0242 0x1768 C:\Windows\WinStore\WinStoreUI.dll - ok
23:38:02.0244 0x1768 [ 115C4AB61FF7DAE4C4C0E241773F1FA4, 0F55CEEC06D87DE5945582882B741C2057D0795239EEB637A861DDD0807EFFBA ] C:\Windows\System32\WinMetadata\Windows.UI.winmd
23:38:02.0244 0x1768 C:\Windows\System32\WinMetadata\Windows.UI.winmd - ok
23:38:02.0246 0x1768 [ 12C9B42C959A998C408655F181AEDC53, 0532FD516E9582598E49003EA4232BEF9BA4BBE3851215AE00D6A4C4DB17E72B ] C:\Windows\System32\WinMetadata\Windows.ApplicationModel.winmd
23:38:02.0246 0x1768 C:\Windows\System32\WinMetadata\Windows.ApplicationModel.winmd - ok
23:38:02.0248 0x1768 [ 1E4C368EB15A7D384C9D0CEE482DF918, 33A90217CD41EF2422B25125A534776A04A893AFE175BA34D94B6F6FACE1A95C ] C:\Windows\System32\WinMetadata\Windows.Graphics.winmd
23:38:02.0249 0x1768 C:\Windows\System32\WinMetadata\Windows.Graphics.winmd - ok
23:38:02.0251 0x1768 [ 8D53FF4573CE6B64329619CA154A644C, B4A2669D893FC3D814A9AA52FACFD83662DACE03F794A27D43976D5583E8F45F ] C:\Windows\System32\WinMetadata\Windows.Foundation.winmd
23:38:02.0251 0x1768 C:\Windows\System32\WinMetadata\Windows.Foundation.winmd - ok
23:38:02.0253 0x1768 [ BE1FAE2B208F1E0B38FD4EF353D067C8, 27F65493FE9B4251F0C1559A317C3DFEA291229D2896181CF31C7F4112E632F7 ] C:\Windows\WinStore\WSHost.exe
23:38:02.0253 0x1768 C:\Windows\WinStore\WSHost.exe - ok
23:38:02.0255 0x1768 [ D424A5CD2E3997AF511C9865AC1EF22D, B2246B91720E9A6D261AF43BD452F1F2E1B3CF6784A69F7F8DE6AEA9521D920B ] C:\Windows\System32\Wpc.dll
23:38:02.0255 0x1768 C:\Windows\System32\Wpc.dll - ok
23:38:02.0257 0x1768 [ 7E609FBF50774CC5A239420FE34EBB9C, 69B643B11717D51BC5D3F1CDE47D4C9E198AB8D9160C852DBE9B940E40AD8A57 ] C:\Windows\System32\wuaueng.dll
23:38:02.0257 0x1768 C:\Windows\System32\wuaueng.dll - ok
23:38:02.0259 0x1768 [ 3FA61E33B20FD9D94DB7BDA9F324FBAB, 899E1AD0D118A941FEB95BC73F31770E9D5223CAD654B8CCE81D6545F617E5C3 ] C:\Windows\System32\mspatcha.dll
23:38:02.0259 0x1768 C:\Windows\System32\mspatcha.dll - ok
23:38:02.0261 0x1768 [ EC2092F3B60F4206E84F87B6B15E0DE0, DBB44A3310F445AABD59232B53AA0981DAD3F822E0F8D3D01BAA8517AF088269 ] C:\Windows\System32\wups2.dll
23:38:02.0261 0x1768 C:\Windows\System32\wups2.dll - ok
23:38:02.0263 0x1768 [ EE3ED9FF4BE5D79556EB8CC1BC889A74, DCF694734190FDC1F382F7118E58C2DED979DFCB207ECD5D33F3FD589AD17E29 ] C:\Windows\System32\security.dll
#12
Posted 09 June 2014 - 09:45 PM
jfavata
- Topic Starter
-
- Member
-
- 29 posts
Member
23:38:02.0263 0x1768 C:\Windows\System32\security.dll - ok
23:38:02.0265 0x1768 [ A75ECF09FC69DEDCF906C2021848EFE1, 1796E903A5A48416F9B919CA79462598E00ADBBD6D60A831DF3FED60840EC637 ] C:\Windows\System32\wbem\wmipcima.dll
23:38:02.0265 0x1768 C:\Windows\System32\wbem\wmipcima.dll - ok
23:38:02.0267 0x1768 [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] C:\Windows\System32\WSService.dll
23:38:02.0267 0x1768 C:\Windows\System32\WSService.dll - ok
23:38:02.0269 0x1768 [ A2BF5D466853422C143571064C7DD94F, FD8E16701597BFDA85894F6E084A3B615CAFD60945E8EA2DF15C01C7065487A2 ] C:\Windows\System32\AppXDeploymentClient.dll
23:38:02.0269 0x1768 C:\Windows\System32\AppXDeploymentClient.dll - ok
23:38:02.0271 0x1768 [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] C:\Windows\System32\AppXDeploymentServer.dll
23:38:02.0271 0x1768 C:\Windows\System32\AppXDeploymentServer.dll - ok
23:38:02.0273 0x1768 [ 65FBC4306DA606058136DF5D552A4872, 8D45636D6986A7E3561E040F5BCA780F20E8A9442E92823575E5BA10F81293E6 ] C:\Windows\System32\tdh.dll
23:38:02.0273 0x1768 C:\Windows\System32\tdh.dll - ok
23:38:02.0275 0x1768 [ BD11C5DBF7D84E4AE8703EF3B3AE794B, 52C31673A668E8163F274AF993EA36D491EC15D055809F6F2F8072B0957EB771 ] C:\Windows\System32\OpcServices.dll
23:38:02.0275 0x1768 C:\Windows\System32\OpcServices.dll - ok
23:38:02.0277 0x1768 [ C88774D3BC1A61C57C5B02AE407FD1E0, 179FB95759130C7A51E59C6372B193B40B6C0FD4259FF10D4AFD3B138045CF58 ] C:\Windows\System32\AppxPackaging.dll
23:38:02.0277 0x1768 C:\Windows\System32\AppxPackaging.dll - ok
23:38:02.0279 0x1768 [ F815391F89F7656DACF6EA11C0357682, 3C48A5677B8E2B237F2391BEA9355D38909EC7DB7D57EE6E0E45F1E3D6E5FE38 ] C:\Windows\System32\AppxApplicabilityEngine.dll
23:38:02.0279 0x1768 C:\Windows\System32\AppxApplicabilityEngine.dll - ok
23:38:02.0281 0x1768 [ 35F57F3C64A0E744F097159936DE3942, 8F1255458DF7244ADBCD103462C7B1EB5B3E355410ECC66228D5B339D7BE3ACB ] C:\Windows\System32\advpack.dll
23:38:02.0281 0x1768 C:\Windows\System32\advpack.dll - ok
23:38:02.0283 0x1768 [ EEEE240929FFF404FADA3A4160C550DF, 7F4FB6D0625586248E0A4407FC25E0E33F21BB236F3729E1A335ECDFDA13C81D ] C:\Windows\System32\mmci.dll
23:38:02.0283 0x1768 C:\Windows\System32\mmci.dll - ok
23:38:02.0285 0x1768 [ C85D3A4401D1A18340B834D87BD10588, 5B4188D77FD82AB2529CF2A6F66AD7B2B9639BB3E8A0A041C33A704ABAF88CC1 ] C:\Windows\System32\mmcico.dll
23:38:02.0285 0x1768 C:\Windows\System32\mmcico.dll - ok
23:38:02.0287 0x1768 [ 7BD3213CD4D19CE82FADACD9B87C8772, 3D9DE0202FB6911C9AA3AB6C8D22C2978F47F5A29ECACD7194BD26E6CF77E43B ] C:\Windows\System32\mdminst.dll
23:38:02.0287 0x1768 C:\Windows\System32\mdminst.dll - ok
23:38:02.0289 0x1768 [ 71EF9C55C19AA8D8AC4AF6F88DE23644, 258BE97D122840E47590F2D9D8A53481EDF8FDE17D28CA41B568106B26FE87B2 ] C:\Windows\System32\msports.dll
23:38:02.0289 0x1768 C:\Windows\System32\msports.dll - ok
23:38:02.0293 0x1768 [ 4F0834059B081FB95E925DBACD6932A8, 8B1CFE4565522E9172CBDF05BC6F2A00A061B1C3FAD081FF381F8399BEB0D811 ] C:\Windows\System32\uniplat.dll
23:38:02.0293 0x1768 C:\Windows\System32\uniplat.dll - ok
23:38:02.0296 0x1768 [ C4C552E0D1DFDCFEC0B755C05EFFEAC8, 4F37717B8CA3F5901216564ECE6511F96D4D42C46D9B60D453224265F7AB59CF ] C:\Windows\System32\wpd_ci.dll
23:38:02.0296 0x1768 C:\Windows\System32\wpd_ci.dll - ok
23:38:02.0299 0x1768 [ 0F0BEECEB4ABAFA775279E2949E949E6, 26B3D5C340153E19CA7471A1B833F4DD6469731A70410D1D52406ECD482AFD11 ] C:\Windows\System32\sppcext.dll
23:38:02.0299 0x1768 C:\Windows\System32\sppcext.dll - ok
23:38:02.0302 0x1768 [ D2B109C5B869A81AD074CBE38C0ED658, 97E0F99237F3E32FDFB6B458C0D7846E95106CC0AA4E532CAB3F423C24D604AE ] C:\Windows\System32\WinSCard.dll
23:38:02.0302 0x1768 C:\Windows\System32\WinSCard.dll - ok
23:38:02.0304 0x1768 [ BA9ADE2B12F322224145350A88A23765, 14412984BD023341090851D4D0C5B4E6AEF0F607A9B7D9770ED24E138119F48E ] C:\Windows\System32\wlaninst.dll
23:38:02.0304 0x1768 C:\Windows\System32\wlaninst.dll - ok
23:38:02.0307 0x1768 [ 400657F9C16EE39A2A1F08AF7631192F, 9428E287530402E1DC5237920154229081B166BAE65E14009617890B980B17C4 ] C:\Windows\System32\wwaninst.dll
23:38:02.0307 0x1768 C:\Windows\System32\wwaninst.dll - ok
23:38:02.0309 0x1768 [ 739F79546EC16695E613F63864132000, 51981654469D2B8986E57495A7EE56E235DDF645EAA0869793FF8DC47B699970 ] C:\Windows\System32\WUDFCoinstaller.dll
23:38:02.0310 0x1768 C:\Windows\System32\WUDFCoinstaller.dll - ok
23:38:02.0312 0x1768 [ 3E9F09C81250B892623CCB5E5FC4EB33, 17828C771B61AC2928D9A15D965727A82EF144A95681BB5E5E32FA1B11E37210 ] C:\Windows\System32\msi.dll
23:38:02.0312 0x1768 C:\Windows\System32\msi.dll - ok
23:38:02.0314 0x1768 [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] C:\Windows\servicing\TrustedInstaller.exe
23:38:02.0315 0x1768 C:\Windows\servicing\TrustedInstaller.exe - ok
23:38:02.0317 0x1768 [ EAE5F6EF53A70055EDAFF5BBD77D9E8D, 2033E604BB53D4A46F913F87EDF7C587F278B095887886F4539348FDE299AEE2 ] C:\Windows\servicing\CbsApi.dll
23:38:02.0317 0x1768 C:\Windows\servicing\CbsApi.dll - ok
23:38:02.0320 0x1768 [ 74EECFBAC0E327F54DCF41382912CF9F, 7B02C703CD93FB0B5A7F42AE59E2DA66CE82662C40571256CFFEA33B52CF40CA ] C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17031_none_fa50b3979b1bcb4a\TiWorker.exe
23:38:02.0320 0x1768 C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17031_none_fa50b3979b1bcb4a\TiWorker.exe - ok
23:38:02.0322 0x1768 [ 2B3BEEB75758B025B0DA88EC59D3871F, 538FA35D0416D4F880A2734154C000FAB6674CD79EE0E303846B3B4A208766DF ] C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17031_none_fa50b3979b1bcb4a\wdscore.dll
23:38:02.0322 0x1768 C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17031_none_fa50b3979b1bcb4a\wdscore.dll - ok
23:38:02.0325 0x1768 [ 1E57B7126F4D3D00FA94D3C7DFE957EE, 0A2F8991F583A75862FEDF968F02AA15F886655BB42D20A6930E490A74BFC3C3 ] C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17031_none_fa50b3979b1bcb4a\CbsCore.dll
23:38:02.0325 0x1768 C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17031_none_fa50b3979b1bcb4a\CbsCore.dll - ok
23:38:02.0327 0x1768 [ 2798C06AB46B4D1DEFDF6B4A7022CC1B, 7AEA788E782A68914E730E5288CBFC3E217C22B584A8D20D04A81692BC03A6F8 ] C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17031_none_fa50b3979b1bcb4a\dpx.dll
23:38:02.0328 0x1768 C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17031_none_fa50b3979b1bcb4a\dpx.dll - ok
23:38:02.0330 0x1768 [ 24C4442DAAC23231D72516E89E6FBAEC, E353D136F4D43510359BC8C01ED36C9442674AE5F9AC5B1AA09D704801EB28F2 ] C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17031_none_fa50b3979b1bcb4a\wcp.dll
23:38:02.0330 0x1768 C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17031_none_fa50b3979b1bcb4a\wcp.dll - ok
23:38:02.0333 0x1768 [ D784A59EAE299819B741CBDE80F84252, F64FED5FD9DABCD6767DCBEF9AD61B547A7768CFA7D134AAA599925DA2096712 ] C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17031_none_fa50b3979b1bcb4a\DrUpdate.dll
23:38:02.0333 0x1768 C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17031_none_fa50b3979b1bcb4a\DrUpdate.dll - ok
23:38:02.0336 0x1768 [ 9DD92A162E24854B3151750954BF678D, 3FE35565419A6F17D0300BAA572A7B7C873EE020D1B0FF8BBBA535ABB662AC8E ] C:\Windows\System32\srclient.dll
23:38:02.0336 0x1768 C:\Windows\System32\srclient.dll - ok
23:38:02.0338 0x1768 [ 06304D50B5228BF1EB6E829A72A629DB, CF51394CF9319BCDA6CD21DA740FA6C4421AFD8AF1D26205F84266E6FD15F99D ] C:\Windows\System32\spp.dll
23:38:02.0338 0x1768 C:\Windows\System32\spp.dll - ok
23:38:02.0341 0x1768 [ 50DA2DFB41F5882861B6883F880792D9, C89EF6CFC416B6279B197BA72477EAA1315AD04025353F0CC0D8255EA83B0A5D ] C:\Windows\System32\SensApi.dll
23:38:02.0341 0x1768 C:\Windows\System32\SensApi.dll - ok
23:38:02.0342 0x1768 ================ Scan generic autorun ======================
23:38:02.0379 0x1768 [ 51F358BE1583FB3246020E36DEEB3E0F, 23E096D57FF2D45168FF5AFF48C10A2E0A144708CD046B1C4F3897205CC8A147 ] C:\WINDOWS\system32\igfxtray.exe
23:38:02.0390 0x1768 IgfxTray - ok
23:38:02.0456 0x1768 [ 1218C5653632440C18ECEA89D1CA4575, AF0E7AA60890C52A257D3501FFE652E95F095407A7C6F6F4F00162A9F7DE7C2D ] C:\WINDOWS\system32\hkcmd.exe
23:38:02.0473 0x1768 HotKeysCmds - ok
23:38:02.0513 0x1768 [ CC8EB098AEDF4BC97D3004A182099EED, 6ADFB7CB5047C47D86C769F21191B12D2F3FD3BC96665B4CCFD8C8DA44C64ED9 ] C:\WINDOWS\system32\igfxpers.exe
23:38:02.0529 0x1768 Persistence - ok
23:38:02.0797 0x1768 [ 4B20F64E6BE11C7BD05B51435FF2D6BC, F62259E102C4A2C8DE3B58FE44B1980EB357861D65AF98A9CB9F83D1A82D6A1F ] C:\Program Files\DellTPad\Apoint.exe
23:38:02.0819 0x1768 Apoint - ok
23:38:02.0822 0x1768 BTMTrayAgent - ok
23:38:03.0253 0x1768 [ 1B868226750CEA988926F8734953EB5A, 5006F352280839F851DE728BD12F44C517E680C93562F86BFFEF185B442A4916 ] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe
23:38:03.0278 0x1768 Trend Micro Titanium - ok
23:38:03.0371 0x1768 [ C5D4CB415B66955CFEF7E524B6053FF5, CFF74A07B662B5706A13F013BE37AFF36F6609264AF995377E78ABF82789BAB5 ] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe
23:38:03.0377 0x1768 Trend Micro Client Framework - ok
23:38:03.0416 0x1768 [ 2E894F4B62CF32830FC70647A6857256, C28D52A00C8D177060A606F2C9019CA665FA20538915BF2FEA1C021237401CE0 ] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
23:38:03.0443 0x1768 Dell Webcam Central - detected UnsignedFile.Multi.Generic ( 1 )
23:38:06.0193 0x1768 Detect skipped due to KSN trusted
23:38:06.0193 0x1768 Dell Webcam Central - ok
23:38:06.0327 0x1768 [ 2A65AE735E0C439762072787AD61FA07, 19E4A96924BBD51F45DD5D34D18B16D614779F508B3DF5895DF2218043BEF0E0 ] C:\Program Files (x86)\Windows Mail\wab.exe
23:38:06.0363 0x1768 WAB Migrate - ok
23:38:06.0448 0x1768 [ 1620FE36666F4BBC2314B7F360FB1965, EAC638C55DCB8C9CAA60040EBD9D08CCCD029E6450A882CF394B3331583390C7 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
23:38:06.0470 0x1768 GoogleChromeAutoLaunch_4F1AF1F43665083A862D2FA853077FC7 - ok
23:38:06.0472 0x1768 Waiting for KSN requests completion. In queue: 8
23:38:07.0472 0x1768 Waiting for KSN requests completion. In queue: 8
23:38:08.0473 0x1768 Waiting for KSN requests completion. In queue: 2
23:38:09.0541 0x1768 AV detected via SS2: Trend Micro Titanium Internet Security, C:\Program Files\Trend Micro\Titanium\wschandler.exe ( 6.0.0.1318 ), 0x40000 ( disabled : updated )
23:38:09.0576 0x1768 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.5.218.0 ), 0x61100 ( enabled : updated )
23:38:09.0623 0x1768 Win FW state via NFP2: enabled
23:38:12.0094 0x1768 ============================================================
23:38:12.0094 0x1768 Scan finished
23:38:12.0094 0x1768 ============================================================
23:38:12.0105 0x1760 Detected object count: 0
23:38:12.0105 0x1760 Actual detected object count: 0
#13
Posted 09 June 2014 - 09:47 PM
pystryker
-
- Malware Removal
-
- 3,912 posts
Trusted Helper
Good, no rootkits present. Let's scan for remnants and check for any out of date programs on your machine.
Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.
Step 1: Scan with Malwarebytes
Please download Malwarebytes Anti-Malware to your desktop
Install the progamme and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits
Go back to the Dashboard and select Scan Now
If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.
On completion of the scan (or after the reboot) select View Detailed Log
Select Export > Select text file and save to the desktop
Step 2: Scan with ESET Online Scanner
Please note: You can use Internet Explorer or Firefox for this step. Either browser used will have to be ran in admin mode.
Right click on either the Internet Explorer icon or the Firefox icon in the Start Menu or Quick Launch Bar on the Task bar and select Run as Administrator from the menu.
If you use Firefox, you will be prompted to download esetsmartinstaller_enu.exe. Please do so, then double click it to install it.
Please click on this link and then click the ESET Online Scanner bar ---->
Download Security Check
by screen317 from here or here.
Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.
Step 1: Scan with Malwarebytes
Please download Malwarebytes Anti-Malware to your desktop
Install the progamme and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits
Go back to the Dashboard and select Scan Now
If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.
On completion of the scan (or after the reboot) select View Detailed Log
Select Export > Select text file and save to the desktop
Step 2: Scan with ESET Online Scanner
Please note: You can use Internet Explorer or Firefox for this step. Either browser used will have to be ran in admin mode.
Right click on either the Internet Explorer icon or the Firefox icon in the Start Menu or Quick Launch Bar on the Task bar and select Run as Administrator from the menu.
If you use Firefox, you will be prompted to download esetsmartinstaller_enu.exe. Please do so, then double click it to install it.
Please click on this link and then click the ESET Online Scanner bar ---->
- Select the option YES, I accept the Terms of Use then click on Start
- When prompted allow the Add-On/Active X to install.
- Make sure that the option Remove found threats is NOT checked.
- Make sure that the option Scan archives is checked.
- Now click on Advanced Settings and select the following:
- Scan for potentially unwanted applications
- Scan for potentially unsafe applications
- Enable Anti-Stealth Technology
- Now click on Start
- The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
- When completed the Online Scan will begin automatically. The scan may take several hours.
- Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
- Now click on Finish
- Use notepad to open the logfile located at C:\Program Files(x86)\ESET\EsetOnlineScanner\log.txt.
- Copy and paste that log as a reply to this topic.
Download Security Check
by screen317 from here or here.- Save it to your Desktop.
- Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
- NOTE: If SecurityCheck aborts and you get the following message: UNSUPPORTED OPERATING SYSTEM! ABORTED! try rebooting the system and then run SecurityCheck again.
- A Notepad document should open automatically called checkup.txt; please post the contents of that document.
- ESET Scan Log
- MBAM Log
- SecurityCheck Log
#14
Posted 09 June 2014 - 10:24 PM
jfavata
- Topic Starter
-
- Member
-
- 29 posts
Member
I cant get a log from Malwarebytes
#15
Posted 09 June 2014 - 10:28 PM
jfavata
- Topic Starter
-
- Member
-
- 29 posts
Member
When system rebooted Malwarebytes never came back up
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
