Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

A problem with automated queries to search engines [Solved]

Started by Dilettante , Jul 02 2014 11:16 PM

This topic is locked

#1
Dilettante

Posted 02 July 2014 - 11:16 PM

Member

Member
21 posts

Hello. I have some issues with my home network which might be caused by malware infection I cannot locate by myself, and I will appreciate someone's help with this.

I have a little home network with 4 devices in it: Android phone, notebook and desktop PC on WinXP, another desktop on Win7 Pro.

They are connected via cables and WiFi to a router, and to the ISP.

I'm 99% sure that noone else is using my WiFi connection, so the source of problem should be in my computers.

(I'm only saying all this to give as much useful (?) info as I can.)

The problem:

Time to time when using Firefox search bar, I find I can't use Google. Sometimes I face the captcha, and sometimes plain message:

We're sorry, but your computer or network may be sending automated queries. to protect our users, we can't ptocess your request right now. See Google Help for more information.

After some time, the search becomes usable again, but it's incredibly frustrating.

Sometimes I cannot use Firefox search bar, but I can go to google.com start page and use it's search. Which is incredibly weird.

Sometimes I cannot use Google at all.

I also had similar experiences with Bing and Yahoo which I had to use as backup serch engines when Google refused to tolerate me, they blocked me as well.

But I'm not hijacked, I'm not redirected to some third-party websites, nothing like this.

There is no visible pattern at when this happens and when search becomes usable again. I can be good for a day or two and have no issues.

There is no visible connection to what devices do I use, so I am not sure which one might be infected, or all of them are.

I had Kaspersky Antivirus on PCs and notebook, and it shows nothing. I tried Avast and BitDefender on my main PC, they found nothing.

Out of sheer anger, I've reinstalled Windows on every machine, and the problem persists.

I had similar problems with search in completely different city while travelling with my notebook, so we might well suggest the source of problem is my gear, and not ISP or dynamic IP (this sounds stupid, but I'm not sure at the moment if I have dynamic IP or static). Or, this still might be just a coincidence, must allow for this as well.

I would be very grateful for some guidance on how to pinpoint the source of problem, and either clean up my PC(s), or understand where it comes from.

Because for now I'm not even 100% sure that my computers are indeed infected.

Is this even a known problem? I've did some search myself, but mostly found threads about hijacking issues, and a few threads about automated queries are few years old.

Thanks in advance, and I will try to show my skills in following instructions.

#2
Dilettante

Posted 02 July 2014 - 11:17 PM

Member

Topic Starter
Member
21 posts

OTL logfile created on: 03.07.2014 7:59:47 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Download
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000422 | Country: Ukraine | Language: UKR | Date Format: dd.MM.yyyy

11,98 Gb Total Physical Memory | 9,32 Gb Available Physical Memory | 77,76% Memory free
23,96 Gb Paging File | 20,06 Gb Available in Paging File | 83,72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 195,21 Gb Total Space | 116,71 Gb Free Space | 59,78% Space Free | Partition Type: NTFS
Drive D: | 270,45 Gb Total Space | 229,09 Gb Free Space | 84,71% Space Free | Partition Type: NTFS
Drive E: | 443,23 Gb Total Space | 213,29 Gb Free Space | 48,12% Space Free | Partition Type: NTFS
Drive F: | 488,28 Gb Total Space | 319,64 Gb Free Space | 65,46% Space Free | Partition Type: NTFS
Drive G: | 465,76 Gb Total Space | 144,72 Gb Free Space | 31,07% Space Free | Partition Type: NTFS
Drive X: | 732,06 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: USER-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.07.03 07:59:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Download\OTL.exe
PRC - [2014.06.18 12:40:05 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014.06.17 04:40:41 | 001,869,488 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
PRC - [2014.06.14 16:38:44 | 000,390,256 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
PRC - [2014.05.28 01:37:52 | 001,271,376 | ---- | M] (BitTorrent Inc.) -- C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
PRC - [2014.04.09 00:11:34 | 000,614,744 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
PRC - [2014.03.20 23:02:30 | 001,797,064 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014.03.04 12:19:52 | 003,696,912 | ---- | M] (Disc Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2012.03.09 16:26:58 | 001,073,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
PRC - [2012.01.18 06:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2010.10.25 15:13:42 | 000,821,144 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
PRC - [2010.04.20 21:39:46 | 013,797,296 | ---- | M] (Ritlabs S.R.L.) -- D:\Installed\TheBatPortable\App\TheBat\thebat.exe
PRC - [2009.12.29 01:28:24 | 000,055,567 | ---- | M] (PortableAppZ.blogspot.com) -- D:\Installed\TheBatPortable\TheBatPortable.exe

========== Modules (No Company Name) ==========

MOD - [2014.06.30 06:20:19 | 000,016,384 | ---- | M] () -- C:\Temp\nsf7959.tmp\Registry.dll
MOD - [2014.06.30 06:20:19 | 000,008,704 | ---- | M] () -- C:\Temp\nsf7959.tmp\newadvsplash.dll
MOD - [2014.06.18 12:40:05 | 003,852,912 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014.06.17 04:40:41 | 017,024,688 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll
MOD - [2014.06.14 16:38:45 | 003,022,960 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
MOD - [2014.06.14 16:38:45 | 000,158,832 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\nsldap32v60.dll
MOD - [2014.06.14 16:38:45 | 000,023,152 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\nsldappr32v60.dll
MOD - [2014.03.15 01:05:14 | 000,204,280 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender\antispam32\txmlutil.dll
MOD - [2012.03.09 16:26:54 | 000,100,352 | ---- | M] () -- C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\zlib1.dll

========== Services (SafeList) ==========

SRV:64bit: - [2014.05.30 12:21:05 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014.05.21 12:29:33 | 001,526,800 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender\vsserv.exe -- (VSSERV)
SRV:64bit: - [2013.11.21 19:41:50 | 000,077,632 | ---- | M] (Bitdefender) [Disabled | Stopped] -- C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe -- (BdDesktopParental)
SRV:64bit: - [2013.10.07 12:33:30 | 000,067,320 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe -- (UPDATESRV)
SRV:64bit: - [2013.05.27 08:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010.11.30 13:27:58 | 000,336,824 | ---- | M] (arvato digital services llc) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2_x64)
SRV:64bit: - [2009.07.14 04:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014.06.18 12:40:05 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014.04.03 20:21:48 | 000,315,008 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.09.11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012.01.18 06:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.06.11 00:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014.05.26 20:18:20 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013.12.02 12:58:48 | 000,635,392 | ---- | M] (BitDefender) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\avckf.sys -- (avckf)
DRV:64bit: - [2013.12.02 12:56:50 | 000,893,440 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avc3.sys -- (avc3)
DRV:64bit: - [2013.11.13 16:41:29 | 000,093,600 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- c:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys -- (BdfNdisf)
DRV:64bit: - [2013.11.04 16:47:36 | 000,082,824 | ---- | M] (BitDefender SRL) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bdsandbox.sys -- (BDSandBox)
DRV:64bit: - [2013.10.02 05:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013.08.23 13:48:49 | 000,150,256 | ---- | M] (BitDefender LLC) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\gzflt.sys -- (gzflt)
DRV:64bit: - [2013.08.07 13:46:28 | 000,389,240 | ---- | M] (BitDefender S.R.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\trufos.sys -- (trufos)
DRV:64bit: - [2013.07.02 14:04:11 | 000,121,928 | ---- | M] (Bitdefender SRL) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys -- (bdfwfpf_pc)
DRV:64bit: - [2013.01.03 04:31:20 | 000,301,256 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xhcdrv.sys -- (xhcdrv)
DRV:64bit: - [2013.01.03 04:31:18 | 000,231,112 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ViaHub3.sys -- (VUSB3HUB)
DRV:64bit: - [2012.11.02 14:17:46 | 000,261,056 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avchv.sys -- (avchv)
DRV:64bit: - [2012.08.23 17:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.03.01 09:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.18 06:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012.01.18 06:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2011.11.14 20:16:37 | 000,103,504 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys -- (bdfwfpf)
DRV:64bit: - [2011.08.23 16:57:24 | 000,565,352 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.03.11 09:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 09:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 16:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 04:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 04:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 04:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 23:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 23:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 23:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 23:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 04:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A2 B1 AC 6A FA 78 CF 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "РЇРЅРґРµРєСЃ.РЎР»РѕРІР°СЂРё. РџРµСЂРµРІРѕРґ"
FF - prefs.js..browser.search.selectedEngine: "РЇРЅРґРµРєСЃ.РЎР»РѕРІР°СЂРё. РџРµСЂРµРІРѕРґ"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: google%40hitachi.com:0.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER\BDTBEXT [2014.05.22 15:35:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014.05.28 15:21:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\ [2014.05.22 15:36:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.6.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.6.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014.05.22 15:35:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 24.6.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 24.6.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

[2014.05.27 01:09:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\Mozilla\Extensions
[2014.06.05 23:43:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\degkl1z6.default\extensions
[2014.06.05 23:43:15 | 000,368,105 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\degkl1z6.default\extensions\[email protected]
[2014.06.05 13:22:04 | 000,967,387 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\degkl1z6.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014.06.21 19:02:53 | 000,002,262 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\degkl1z6.default\searchplugins\-.xml
[2014.05.31 02:01:49 | 000,001,497 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\degkl1z6.default\searchplugins\zonealarm.xml
[2014.06.18 12:40:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014.06.18 12:40:05 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2014.05.28 15:22:59 | 000,000,854 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2:64bit: - BHO: (Bitdefender Wallet ) - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
O2 - BHO: (Bitdefender Wallet) - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\antispam32\pmbxie.dll (Bitdefender)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Bdagent] C:\Program Files\Bitdefender\Bitdefender\bdagent.exe (Bitdefender)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [Bitdefender Wallet] C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe (Bitdefender)
O4 - HKCU..\Run: [Bitdefender Wallet Agent] C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe (Bitdefender)
O4 - HKCU..\Run: [Bitdefender Wallet Application Agent] C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe (Bitdefender)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [uTorrent] C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{53043D52-E17F-47DB-9297-42209112E626}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014.07.03 06:42:49 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Audacity
[2014.07.03 06:42:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity
[2014.06.24 03:11:29 | 000,076,944 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\bdvedisk.sys
[2014.06.24 03:09:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender
[2014.06.24 03:09:12 | 000,000,000 | ---D | C] -- C:\ProgramData\BDLogging
[2014.06.24 03:08:58 | 000,093,600 | ---- | C] (BitDefender LLC) -- C:\Windows\SysNative\drivers\BdfNdisf6.sys
[2014.06.24 03:08:58 | 000,082,824 | ---- | C] (BitDefender SRL) -- C:\Windows\SysNative\drivers\bdsandbox.sys
[2014.06.24 03:08:58 | 000,074,512 | ---- | C] (BitDefender SRL) -- C:\Windows\SysWow64\bdsandboxuiskin32.dll
[2014.06.24 03:08:56 | 000,893,440 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avc3.sys
[2014.06.24 03:08:56 | 000,635,392 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avckf.sys
[2014.06.24 03:08:56 | 000,261,056 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avchv.sys
[2014.06.24 03:01:37 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Bitdefender
[2014.06.24 02:57:43 | 000,150,256 | ---- | C] (BitDefender LLC) -- C:\Windows\SysNative\drivers\gzflt.sys
[2014.06.24 02:57:43 | 000,084,848 | ---- | C] (BitDefender SRL) -- C:\Windows\SysNative\BDSandBoxUISkin.dll
[2014.06.24 02:57:43 | 000,074,512 | ---- | C] (BitDefender SRL) -- C:\Windows\SysNative\bdsandboxuiskin32.dll
[2014.06.24 02:57:43 | 000,034,384 | ---- | C] (BitDefender SRL) -- C:\Windows\SysNative\BDSandBoxUH.dll
[2014.06.24 02:57:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Bitdefender
[2014.06.24 02:57:41 | 000,389,240 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\SysNative\drivers\trufos.sys
[2014.06.24 02:57:41 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender
[2014.06.24 02:57:16 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\QuickScan
[2014.06.24 02:53:46 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014.06.24 02:52:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
[2014.06.24 02:51:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Bitdefender
[2014.06.24 02:41:52 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Microsoft
[2014.06.24 02:31:06 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2014.06.24 02:31:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HiJack
[2014.06.23 15:21:28 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\Билеты - Белая церковь
[2014.06.21 16:04:01 | 000,000,000 | ---D | C] -- C:\Users\User\.android
[2014.06.18 18:39:42 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\New folder
[2014.06.18 12:40:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014.06.17 05:46:13 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Adobe
[2014.06.16 00:39:50 | 001,039,096 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsnx.sys.1402868417631
[2014.06.16 00:39:50 | 000,423,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsp.sys.1402868417631
[2014.06.16 00:35:41 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014.06.08 18:39:00 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\PACE Anti-Piracy
[2014.06.08 18:39:00 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\PACE Anti-Piracy
[2014.06.08 18:39:00 | 000,000,000 | ---D | C] -- C:\ProgramData\PACE Anti-Piracy
[2014.06.08 18:38:50 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Adobe
[2014.06.05 00:38:24 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt

========== Files - Modified Within 30 Days ==========

[2014.07.03 07:26:37 | 000,015,506 | ---- | M] () -- C:\Users\User\Desktop\Capture.PNG
[2014.07.03 06:42:43 | 000,001,017 | ---- | M] () -- C:\Users\Public\Desktop\Audacity.lnk
[2014.07.02 18:49:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.07.01 19:21:00 | 000,015,168 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.07.01 19:21:00 | 000,015,168 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.07.01 14:59:02 | 000,062,454 | ---- | M] () -- C:\Users\User\Desktop\ticket(3_.PNG
[2014.07.01 14:57:44 | 000,217,798 | ---- | M] () -- C:\Users\User\Desktop\img743(1).jpg
[2014.07.01 14:57:33 | 000,157,198 | ---- | M] () -- C:\Users\User\Desktop\img744(1).jpg
[2014.06.29 13:18:20 | 000,795,870 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.06.29 13:18:20 | 000,663,138 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.06.29 13:18:20 | 000,126,164 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.06.29 13:13:25 | 1058,553,854 | -HS- | M] () -- C:\hiberfil.sys
[2014.06.26 09:22:12 | 002,135,650 | ---- | M] () -- C:\Users\User\Desktop\img744.jpg
[2014.06.26 09:21:30 | 002,470,122 | ---- | M] () -- C:\Users\User\Desktop\img743.jpg
[2014.06.24 03:11:30 | 000,074,512 | ---- | M] (BitDefender SRL) -- C:\Windows\SysNative\bdsandboxuiskin32.dll
[2014.06.24 03:11:29 | 000,076,944 | ---- | M] (BitDefender) -- C:\Windows\SysNative\drivers\bdvedisk.sys
[2014.06.24 03:10:05 | 001,401,755 | ---- | M] () -- C:\ProgramData\1403567836.bdinstall.bin
[2014.06.24 03:09:54 | 000,000,385 | ---- | M] () -- C:\Windows\SysNative\user_gensett.xml
[2014.06.24 03:09:34 | 000,253,404 | -H-- | M] () -- C:\bdr-ld01
[2014.06.24 03:09:34 | 000,009,216 | -H-- | M] () -- C:\bdr-ld01.mbr
[2014.06.24 03:09:34 | 000,000,684 | -H-- | M] () -- C:\bdr-cf01
[2014.06.24 03:09:24 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2014.06.21 14:57:27 | 535,106,257 | ---- | M] () -- C:\Users\User\Desktop\VID_20140621_145727.mp4
[2014.06.20 14:42:09 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2014.06.19 15:54:39 | 000,967,372 | ---- | M] () -- C:\Users\User\Desktop\IMG_20140526_144125.jpg
[2014.06.16 12:06:24 | 001,812,535 | ---- | M] () -- C:\Users\User\Desktop\PANO_20140613_201132.jpg
[2014.06.16 00:39:46 | 001,039,096 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsnx.sys.1402868417631
[2014.06.16 00:39:46 | 000,423,240 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsp.sys.1402868417631
[2014.06.14 16:38:48 | 000,002,120 | ---- | M] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2014.06.07 21:50:12 | 000,015,884 | ---- | M] () -- C:\Users\User\Desktop\tickets(2).html
[2014.06.03 12:34:20 | 005,144,240 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

========== Files Created - No Company Name ==========

[2014.07.03 07:26:37 | 000,015,506 | ---- | C] () -- C:\Users\User\Desktop\Capture.PNG
[2014.07.03 06:42:43 | 000,001,017 | ---- | C] () -- C:\Users\Public\Desktop\Audacity.lnk
[2014.07.03 06:42:42 | 000,001,029 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
[2014.07.01 14:59:02 | 000,062,454 | ---- | C] () -- C:\Users\User\Desktop\ticket(3_.PNG
[2014.07.01 14:57:42 | 000,217,798 | ---- | C] () -- C:\Users\User\Desktop\img743(1).jpg
[2014.07.01 14:57:28 | 000,157,198 | ---- | C] () -- C:\Users\User\Desktop\img744(1).jpg
[2014.06.26 10:24:11 | 002,470,122 | ---- | C] () -- C:\Users\User\Desktop\img743.jpg
[2014.06.26 10:24:11 | 002,135,650 | ---- | C] () -- C:\Users\User\Desktop\img744.jpg
[2014.06.24 03:10:05 | 001,401,755 | ---- | C] () -- C:\ProgramData\1403567836.bdinstall.bin
[2014.06.24 03:09:54 | 000,000,385 | ---- | C] () -- C:\Windows\SysNative\user_gensett.xml
[2014.06.24 03:09:34 | 000,000,684 | -H-- | C] () -- C:\bdr-cf01
[2014.06.24 03:09:24 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2014.06.24 03:01:35 | 003,271,472 | -H-- | C] () -- C:\bdr-bz01
[2014.06.24 03:01:35 | 000,009,216 | -H-- | C] () -- C:\bdr-ld01.mbr
[2014.06.24 03:01:34 | 046,879,860 | -H-- | C] () -- C:\bdr-im01.gz
[2014.06.24 03:01:34 | 000,253,404 | -H-- | C] () -- C:\bdr-ld01
[2014.06.22 23:03:14 | 1452,644,352 | ---- | C] () -- C:\Users\User\Desktop\Rosencrantz and Guildenstern Are Dead - (Rus, Zavgorodny).avi
[2014.06.21 16:05:22 | 535,106,257 | ---- | C] () -- C:\Users\User\Desktop\VID_20140621_145727.mp4
[2014.06.20 14:42:09 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2014.06.19 15:54:37 | 000,967,372 | ---- | C] () -- C:\Users\User\Desktop\IMG_20140526_144125.jpg
[2014.06.16 12:06:24 | 001,812,535 | ---- | C] () -- C:\Users\User\Desktop\PANO_20140613_201132.jpg
[2014.06.07 21:50:22 | 000,015,884 | ---- | C] () -- C:\Users\User\Desktop\tickets(2).html
[2014.05.27 03:47:39 | 000,007,604 | ---- | C] () -- C:\Users\User\AppData\Local\Resmon.ResmonCfg
[2014.05.26 18:59:29 | 000,779,736 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014.05.26 14:50:45 | 001,186,161 | ---- | C] () -- C:\Windows\unins000.exe
[2014.05.26 14:50:45 | 000,001,130 | ---- | C] () -- C:\Windows\unins000.dat
[2014.05.26 14:49:05 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini

========== ZeroAccess Check ==========

[2009.07.14 07:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014.03.25 05:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.03.25 05:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 04:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 15:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 04:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014.07.03 07:27:17 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Audacity
[2014.05.30 02:33:09 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Avid
[2014.06.24 03:01:37 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Bitdefender
[2014.05.31 02:01:49 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Check Point Software Technologies LTD
[2014.05.26 20:19:51 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DAEMON Tools Lite
[2014.05.27 03:14:14 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\iZotope
[2014.05.27 02:51:52 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Lexicon PCM Native
[2014.05.27 01:58:35 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\MAGIX
[2014.05.30 13:58:53 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Neuratron
[2014.06.08 18:39:00 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\PACE Anti-Piracy
[2014.06.24 02:57:16 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\QuickScan
[2014.06.01 23:14:16 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2014.05.27 20:24:23 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Thunderbird
[2014.06.04 01:14:06 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Tropico 5
[2014.07.03 08:03:20 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\uTorrent
[2014.07.03 01:51:03 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Waves Audio

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 1263 bytes -> C:\Users\User\AppData\Local\tWtFevmrG:oumsuwoNlXsyt8Iq9FdJ6P
@Alternate Data Stream - 1253 bytes -> C:\Temp:atYxz5bW8isrhZBnx1

< End of report >

#3
Naathim

Posted 10 July 2014 - 07:31 AM

GeekU Minion

Expert
4,568 posts

Minion%20Welcome.jpg

My name's Naathim and I'm a GeekU Minion! Now that we are mates and will be working together to clean your machine out of any junkware, feel free to call me Naat

I am terribly sorry that we have missed you, but this forum is a quite busy one and it just happens sometimes. As it has been some days after your last post and if you still need assistance, I will be glad to guide you.

Before we start please note the following:

Analysis and research take some time, also sometimes real life gets in the way, please be patient.
Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
Paste the logs in your posts, attachments make my work harder and more complicated.
Stay with me to the end, the absence of symtoms doesn't mean that your machine is fully operational.
Note that we may live in totally different time zones, what may cause some delays between answers.

I can't foresee everything, so if anything unexpected happens, please stop and inform me!
There are no silly questions. Never be afraid to ask if in doubt!

Let's start and enjoy the fight!

As your logs may not exactly show the most current state of your system, please provide me a fresh one.

Scan with ZOEK

Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

Right-click on icon and select Run as Administrator to start the tool.
Wait patiently until the main console will appear, it may take a minute or two.

In the main box please paste in the following script:

createsrpoint;
process;
services-list;
systemspecs;
startupall;
skipfix-iedefaults;
firefoxlook;
chromelook;
filesrcm;
installedprogs;

Make sure that Scan All Users option is checked.
Push Run Script and wait patiently. The scan may take a couple of minutes.
When the scan completes, a zoek-results logfile should open in notepad.
If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Post its content into your next reply.

Cheers,
Naat

#4
Dilettante

Posted 13 July 2014 - 02:16 AM

Member

Topic Starter
Member
21 posts

Hello Naathim, and thank you for your answer.

For some reason, I didn't get e-mail notification on it, even though I'm following the thread. Thus the delay. Luckily I checked the thread just in case.

Now I'm here, still appreciate any help.

I did a scan by ZOEK without major troubles, except I failed to convince BitDefender to not quarantine the file, so we parted ways, no BitDefender on my PC now. Didn't like it anyway.

Also, after a scan I tried to open Firefox, and my system froze for like 20-something seconds. After it, it unfroze and looks working, and this might be just an aftershock after scan, or something, but I thought I will note this anyway, because this is something I don't see regularly on my PC.

Here's the ZOEK log.

Zoek.exe v5.0.0.0 Updated 12-July-2014
Tool run by User on 13.07.2014 at 11:05:22,95.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\User\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

13.07.2014 11:07:01 Zoek.exe System Restore Point Created Succesfully.

==== Installed Programs ======================

Adobe Acrobat X Pro - English, Fran§ais, Deutsch
Adobe AIR
Adobe Flash Player 14 Plugin
Adobe Help Manager
Audacity 2.0.5
Avid License Control
Camtasia Studio 7
CorelDRAW Graphics Suite X6 - Capture (x64)
CorelDRAW Graphics Suite X6 - Common (x64)
CorelDRAW Graphics Suite X6 - Connect (x64)
CorelDRAW Graphics Suite X6 - Custom Data (x64)
CorelDRAW Graphics Suite X6 - Draw (x64)
CorelDRAW Graphics Suite X6 - EN (x64)
CorelDRAW Graphics Suite X6 - Filters (x64)
CorelDRAW Graphics Suite X6 - FontNav (x64)
CorelDRAW Graphics Suite X6 - IPM
CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x64)
CorelDRAW Graphics Suite X6 - Photozoom Plugin (x64)
CorelDRAW Graphics Suite X6 - Redist (x64)
CorelDRAW Graphics Suite X6 - Setup Files (x64)
CorelDRAW Graphics Suite X6 - VBA (x64)
CorelDRAW Graphics Suite X6 - VideoBrowser (x64)
CorelDRAW Graphics Suite X6 - VSTA (x64)
CorelDRAW Graphics Suite X6 - Writing Tools (x64)
CorelDRAW Graphics Suite X6 (64-Bit)
CorelDRAW Graphics Suite X6 (x64)
DAEMON Tools Lite
HiJackThis
MAGIX Burn routines (64-Bit)
MAGIX Low Latency Driver (64-Bit)
MAGIX Speed burnR (MSI)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 4.5.1
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
Microsoft_VC80_CRT_x86
Microsoft_VC90_CRT_x86
ModifyRegistry version 0.1
Mozilla Firefox 30.0 (x86 en-US)
Mozilla Maintenance Service
Mozilla Thunderbird 24.6.0 (x86 en-US)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2758694)
Native Instruments Kontakt 5
NVIDIA Control Panel 335.23
NVIDIA Graphics Driver 335.23
NVIDIA Install Application
NVIDIA Update 10.4.0
NVIDIA Update Core
PCM Native Reverb Bundle
PDF Settings CS6
Platform
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Samplitude Pro X Suite Download Version
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Sibelius 7 OpenType Fonts
Sibelius 7.5
SkypeT 6.16
The KMPlayer (remove only)
Total Commander Extended
VIA Platform Device Manager
Waves Complete V9r14
WinRAR 5.01 (64-bit)
зTorrent

==== Running Processes ======================

C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\User\Desktop\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe

==== Services (whitelist) ======================
Powered by E Dev

R2 - [nvsvc] - NVIDIA Display Driver Service - "C:\Windows\system32\nvvsvc.exe"
R2 - [PSI_SVC_2_x64] - Protexis Licensing V2 x64 - "c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe"
R2 - [sppsvc] - Software Protection - C:\Windows\system32\sppsvc.exe
R2 - [UMVPFSrv] - UMVPFSrv - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
R2 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - "C:\Program Files\Windows Media Player\wmpnetwk.exe"
R2 - [WSearch] - Windows Search - C:\Windows\system32\SearchIndexer.exe /Embedding
R3 - [TrustedInstaller] - Windows Modules Installer - C:\Windows\servicing\TrustedInstaller.exe
R3 - [VSS] - Volume Shadow Copy - C:\Windows\system32\vssvc.exe
S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
S2 - [clr_optimization_v4.0.30319_64] - Microsoft .NET Framework NGEN v4.0.30319_X64 - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
S2 - [SkypeUpdate] - Skype Updater - "C:\Program Files (x86)\Skype\Updater\Updater.exe"
S2 - [ZAPrivacyService] - ZoneAlarm Privacy Service - "C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe"
S3 - [ALG] - Application Layer Gateway Service - C:\Windows\System32\alg.exe
S3 - [COMSysApp] - COM+ System Application - C:\Windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
S3 - [ehRecvr] - Windows Media Center Receiver Service - C:\Windows\ehome\ehRecvr.exe
S3 - [ehSched] - Windows Media Center Scheduler Service - C:\Windows\ehome\ehsched.exe
S3 - [Fax] - Fax - C:\Windows\system32\fxssvc.exe
S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - C:\Windows\system32\IEEtwCollector.exe /V
S3 - [MozillaMaintenance] - Mozilla Maintenance Service - "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe"
S3 - [MSDTC] - Distributed Transaction Coordinator - C:\Windows\System32\msdtc.exe
S3 - [msiserver] - Windows Installer - C:\Windows\system32\msiexec.exe /V
S3 - [ose] - Office Source Engine - "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
S3 - [osppsvc] - Office Software Protection Platform - "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
S3 - [PerfHost] - Performance Counter DLL Host - C:\Windows\SysWow64\perfhost.exe
S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - C:\Windows\system32\locator.exe
S3 - [SNMPTRAP] - SNMP Trap - C:\Windows\System32\snmptrap.exe
S3 - [SwitchBoard] - Adobe SwitchBoard - "C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
S3 - [vds] - Virtual Disk - C:\Windows\System32\vds.exe
S3 - [WatAdminSvc] - Windows Activation Technologies Service - C:\Windows\system32\Wat\WatAdminSvc.exe
S3 - [wbengine] - Block Level Backup Engine Service - "C:\Windows\system32\wbengine.exe"
S3 - [wmiApSrv] - WMI Performance Adapter - C:\Windows\system32\wbem\WmiApSrv.exe
S4 - [aspnet_state] - ASP.NET State Service - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
S4 - [clr_optimization_v2.0.50727_64] - Microsoft .NET Framework NGEN v2.0.50727_X64 - C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

==== System Specs ======================

Windows: Windows 7 Professional Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 12269 MB
CPU Info: AMD Phenom™ II X4 965 Processor
CPU Speed: 3403,3 MHz
Sound Card: Speakers (Realtek High Definiti |
Display Adapters: NVIDIA GeForce GTX 650 | NVIDIA GeForce GTX 650 | NVIDIA GeForce GTX 650 | NVIDIA GeForce GTX 650 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; SyncMaster F2380 (Digital) |
Screen Resolution: 1920 X 1080 - 32 bit
Network: Network Present
Network Adapters: Realtek PCIe GBE Family Controller
CD / DVD Drives: 2x (X: | Z: | ) X: DTSOFT BDROM            | Z: Optiarc DVD RW AD-7280S
Ports: COM Ports NOT Present. LPT Port NOT Present.
Mouse: 3 Button Wheel Mouse Present
Hard Disks: C: 195,2GB | D: 270,4GB | E: 443,2GB | F: 488,3GB | G: 465,8GB
Hard Disks - Free: C: 105,7GB | D: 220,3GB | E: 214,9GB | F: 324,3GB | G: 144,7GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 04/08/13 | ALASKA - 1072009
Time Zone: FLE Standard Time
Motherboard *: Gigabyte Technology Co., Ltd. 970A-DS3P
Country: Ukraine
Language: UKR

==== System Specs (Software) ======================

Anti-Spyware: Windows Defender disabled (Outdated)
Default Browser: Firefox   30.0
Internet Explorer Version: 11.0.9600.17207
Mozilla Firefox version: 30.0 (x86 en-US)
Flash Player version: 14.0.0.125

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2014-06-24 00:08:58   9130CCE19B5DB3D2E31F9F789263FC4A   511328   ----a-w-   C:\Windows\capicom.dll
====== C:\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2014-07-09 03:06:10   E3065F51EE0BB099EAAE48C3FC3A25B6   592896   ----a-w-   C:\Windows\SysWOW64\jscript9diag.dll
2014-07-09 03:06:10   7C44C697BA6D0B698B91AC6516A731C3   1139200   ----a-w-   C:\Windows\SysWOW64\urlmon.dll
2014-07-09 03:06:10   67EA1BB7F6428A10C64D5A732976F871   69632   ----a-w-   C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 03:06:10   448854C4FE94C0FA329CC38FF103DC74   51200   ----a-w-   C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-09 03:06:09   E739AEDCA67F214F96C2520BA293B12B   526336   ----a-w-   C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 03:06:09   DFA59840BB1220AFD261FDAE83543959   17276416   ----a-w-   C:\Windows\SysWOW64\mshtml.dll
2014-07-09 03:06:09   BE0EA764820239F7785410CBE3880086   32256   ----a-w-   C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-09 03:06:09   9385D7C5DF2566D01B1FB150F381D50B   367616   ----a-w-   C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 03:06:09   91CF46BBB827E461C498A1D7D1A71AD6   32768   ----a-w-   C:\Windows\SysWOW64\iernonce.dll
2014-07-09 03:06:09   42BF66A4DC35DAD3564065173372CCE9   2724864   ----a-w-   C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 03:06:08   F2A99A4293CAF7956FF7801D36D5A3B2   442368   ----a-w-   C:\Windows\SysWOW64\ieui.dll
2014-07-09 03:06:08   CE94480E78CC3A1A17B53F2BB65639BD   61952   ----a-w-   C:\Windows\SysWOW64\iesetup.dll
2014-07-09 03:06:08   A9F8343A3234FC7A42DDA4569827B411   43008   ----a-w-   C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 03:06:08   A98E303FCB7058C6E78FD1FBBCBB5EEF   240824   ----a-w-   C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 03:06:08   573E522A27210701EB8A6C476D36FFF6   239616   ----a-w-   C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 03:06:08   4B774E842F268D51DB942EF9637828B9   1964544   ----a-w-   C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 03:06:08   084FB28A790685F32A6D7D003777696D   2179072   ----a-w-   C:\Windows\SysWOW64\iertutil.dll
2014-07-09 03:06:07   FC733FD7721200D5136F6F8112E97B00   11742208   ----a-w-   C:\Windows\SysWOW64\ieframe.dll
2014-07-09 03:06:06   FDA05E78813F543A6E9AC6B23EC696F2   1068032   ----a-w-   C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-09 03:06:06   CCC198257901BEEA2FBF8EB1E7678356   1791488   ----a-w-   C:\Windows\SysWOW64\wininet.dll
2014-07-09 03:06:06   98C7B1AFA0A99EE3BE99EAABEFB72CA0   4254720   ----a-w-   C:\Windows\SysWOW64\jscript9.dll
2014-07-09 03:06:06   8046CF629D8AE766C22145F4A6AFFBE1   164864   ----a-w-   C:\Windows\SysWOW64\msrating.dll
2014-07-09 03:06:06   557D60DF85D61C290A1D09E7115B294B   62464   ----a-w-   C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-09 03:06:06   175A663547805367C10746FC416D4605   704512   ----a-w-   C:\Windows\SysWOW64\ieapfltr.dll
2014-07-09 03:06:06   09CBE4B1AEF497FC05493B09EA2C1757   112128   ----a-w-   C:\Windows\SysWOW64\ieUnatt.exe
2014-07-09 03:06:06   045A91095A605BB20FF2B37546FE62B0   455168   ----a-w-   C:\Windows\SysWOW64\vbscript.dll
2014-07-09 03:05:21   A0E053D8D97ED0F913D56E6AF21DD26F   22016   ----a-w-   C:\Windows\SysWOW64\secur32.dll
2014-07-09 03:05:21   230AAF45031E87638CA4053C0399C1E6   96768   ----a-w-   C:\Windows\SysWOW64\sspicli.dll
2014-07-09 03:05:07   F95E1E9D97D25C11F29CA34C843A6F4D   247808   ----a-w-   C:\Windows\SysWOW64\schannel.dll
2014-07-09 03:05:07   C71CC796F0E2E9BD542C87532706FCFE   172032   ----a-w-   C:\Windows\SysWOW64\wdigest.dll
2014-07-09 03:05:07   C61DDFE40204F3BE3DF111981D91560E   220160   ----a-w-   C:\Windows\SysWOW64\ncrypt.dll
2014-07-09 03:05:07   8BA721F76C97A219599E88722AA48875   259584   ----a-w-   C:\Windows\SysWOW64\msv1_0.dll
2014-07-09 03:05:07   6CB2616152ADCDF39F05B08E4858F476   65536   ----a-w-   C:\Windows\SysWOW64\TSpkg.dll
2014-07-09 03:05:07   1A0BE0092646F564FAF204E678AF8E03   550912   ----a-w-   C:\Windows\SysWOW64\kerberos.dll
2014-07-09 03:05:06   E3ECF5FFE3DEDF61DC6877B6A99ACBBF   17408   ----a-w-   C:\Windows\SysWOW64\credssp.dll
2014-07-09 03:05:02   C6A991D7DF17EBD8DE4739CD1F283133   646144   ----a-w-   C:\Windows\SysWOW64\osk.exe
2014-07-09 03:04:55   492FF9C530EC0352B3C904CE9898269D   509440   ----a-w-   C:\Windows\SysWOW64\qedit.dll
2014-07-06 15:00:00   D888E9D684BF06C5BF989DE1C1443BD3   28672   ----a-w-   C:\Windows\SysWOW64\KAWAELIC.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-07-09 03:06:10   FC50DF22550C565DD096ACFAF18A37ED   33792   ----a-w-   C:\Windows\Sysnative\iernonce.dll
2014-07-09 03:06:10   DA5BAC4C5BDB22BBC6771534EA95AD33   2724864   ----a-w-   C:\Windows\Sysnative\mshtml.tlb
2014-07-09 03:06:09   C2F62DF01E3552DB0571FEF4D514675B   48640   ----a-w-   C:\Windows\Sysnative\ieetwproxystub.dll
2014-07-09 03:06:09   C0F9F52C36E584C0339406ABF6DA1FBA   266424   ----a-w-   C:\Windows\Sysnative\iedkcs32.dll
2014-07-09 03:06:09   5E646AD50848A409291418B5759595B9   38400   ----a-w-   C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2014-07-09 03:06:08   D8E6706AECD7AA50764E126CE3F36555   631808   ----a-w-   C:\Windows\Sysnative\msfeeds.dll
2014-07-09 03:06:08   73C7D1FCF6F58F3BF077FB42B0214BC0   1393664   ----a-w-   C:\Windows\Sysnative\urlmon.dll
2014-07-09 03:06:08   7176CB0FFAAC3E54ABB2014E821120F9   111616   ----a-w-   C:\Windows\Sysnative\ieetwcollector.exe
2014-07-09 03:06:08   391D68668CFC061F26BE593A61F745E0   4096   ----a-w-   C:\Windows\Sysnative\ieetwcollectorres.dll
2014-07-09 03:06:08   2E40D5E11BCC597352EE0314AF629A0F   452608   ----a-w-   C:\Windows\Sysnative\dxtmsft.dll
2014-07-09 03:06:07   CA67F68CEC788C0C69AD47C5125DDD8E   608768   ----a-w-   C:\Windows\Sysnative\ie4uinit.exe
2014-07-09 03:06:07   A21C6231459F4CAC212676A9367A1A68   2768384   ----a-w-   C:\Windows\Sysnative\iertutil.dll
2014-07-09 03:06:07   7469D4E046BD7D155CAC2697BD28B58B   66048   ----a-w-   C:\Windows\Sysnative\iesetup.dll
2014-07-09 03:06:07   1685AA234852657C4A6D253CCBBE84E0   2040832   ----a-w-   C:\Windows\Sysnative\inetcpl.cpl
2014-07-09 03:06:06   8B2ADE09864BF3F7AA6D395DAFEC41B5   51200   ----a-w-   C:\Windows\Sysnative\jsproxy.dll
2014-07-09 03:06:05   CD76B3D60D28634A67B0AD7CB2E45929   139264   ----a-w-   C:\Windows\Sysnative\ieUnatt.exe
2014-07-09 03:06:05   945FA19B388FCF0FEA6124B5FD71C72F   1249280   ----a-w-   C:\Windows\Sysnative\mshtmlmedia.dll
2014-07-09 03:06:05   854C5F171F5CEE272232AC0286F3B3B9   598016   ----a-w-   C:\Windows\Sysnative\ieui.dll
2014-07-09 03:06:05   50FF2DD806CC6CF3B3F98F9A1A711603   752640   ----a-w-   C:\Windows\Sysnative\jscript9diag.dll
2014-07-09 03:06:05   415DF2B045167D6D85223CFFF00FCFC7   292864   ----a-w-   C:\Windows\Sysnative\dxtrans.dll
2014-07-09 03:06:05   366FA6D38406DC8BED62825C196144D1   13527040   ----a-w-   C:\Windows\Sysnative\ieframe.dll
2014-07-09 03:06:05   1FD6C2F6AC489C271565730F6E9E1A05   85504   ----a-w-   C:\Windows\Sysnative\mshtmled.dll
2014-07-09 03:06:04   F876957CA193B20A21D52F91418657D7   195584   ----a-w-   C:\Windows\Sysnative\msrating.dll
2014-07-09 03:06:04   BDD4A74421B023C81DA63168BD10C01B   846336   ----a-w-   C:\Windows\Sysnative\ieapfltr.dll
2014-07-09 03:06:04   89A53CDE0DA5680AF48A181D82C752CA   83968   ----a-w-   C:\Windows\Sysnative\MshtmlDac.dll
2014-07-09 03:06:04   4EC7738394D2BC7BCB5F7A3657F57252   5721088   ----a-w-   C:\Windows\Sysnative\jscript9.dll
2014-07-09 03:06:04   2EE102DF0EDD8A1EDD3D1E9B99A91BEC   2266112   ----a-w-   C:\Windows\Sysnative\wininet.dll
2014-07-09 03:06:04   00401347C3BC466E5F2516387EBBCA7D   548352   ----a-w-   C:\Windows\Sysnative\vbscript.dll
2014-07-09 03:06:03   FEC19C351EF1B2C998A85D1BFD765675   23464448   ----a-w-   C:\Windows\Sysnative\mshtml.dll
2014-07-09 03:06:03   52012C83F7E9AF65D13F04415F0508F5   940032   ----a-w-   C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2014-07-09 03:05:21   D4CCE15190269486A5E6D4D4E597F798   1460736   ----a-w-   C:\Windows\Sysnative\lsasrv.dll
2014-07-09 03:05:08   980394E1FF94E460C4D71C1B098A0B4F   424448   ----a-w-   C:\Windows\Sysnative\aeinv.dll
2014-07-09 03:05:08   03282D1ADC4F64D27D697CBB63F972C2   519168   ----a-w-   C:\Windows\Sysnative\aepdu.dll
2014-07-09 03:05:07   E8E98B3B7A6E1250F4AA7AF8FA17D5BB   340992   ----a-w-   C:\Windows\Sysnative\schannel.dll
2014-07-09 03:05:07   E23BA7A7BD97FC6B8AB5EA32A46D05CD   307200   ----a-w-   C:\Windows\Sysnative\ncrypt.dll
2014-07-09 03:05:07   BFC98590EAB40C785D6134B1FA818A62   210944   ----a-w-   C:\Windows\Sysnative\wdigest.dll
2014-07-09 03:05:07   A805B5E68262302D1A60BE3DED5846C9   728064   ----a-w-   C:\Windows\Sysnative\kerberos.dll
2014-07-09 03:05:07   7D1017ED11B7C3B162628069742B5E58   314880   ----a-w-   C:\Windows\Sysnative\msv1_0.dll
2014-07-09 03:05:07   79EE13A5A406E4603874686B8005DA72   86528   ----a-w-   C:\Windows\Sysnative\TSpkg.dll
2014-07-09 03:05:06   C9DD5C0D5AF2D7A54BA32E8FBD3B67F1   22016   ----a-w-   C:\Windows\Sysnative\credssp.dll
2014-07-09 03:05:02   F1726E14C8F7B40CD828345890AAF764   3157504   ----a-w-   C:\Windows\Sysnative\win32k.sys
2014-07-09 03:05:02   A064A1D9CBD7F6959AAEAEAFF96DB2E9   692736   ----a-w-   C:\Windows\Sysnative\osk.exe
2014-07-09 03:04:55   D6AFBAA93169E6772565A1BC896D666B   624128   ----a-w-   C:\Windows\Sysnative\qedit.dll
2014-07-06 15:00:00   0C8A6E477C17EE8B149FFCAE12D6DF07   24064   ----a-w-   C:\Windows\Sysnative\KAWAELIC.dll
====== C:\Windows\Sysnative\drivers =====
2014-07-09 03:04:54   FA886682CFC5D36718D3E436AACF10B9   497152   ----a-w-   C:\Windows\Sysnative\drivers\afd.sys
2014-06-24 00:09:24   D41D8CD98F00B204E9800998ECF8427E   0   ---ha-w-   C:\Windows\Sysnative\drivers\Msft_Kernel_avchv_01009.Wdf
2014-06-20 11:42:09   D41D8CD98F00B204E9800998ECF8427E   0   ---ha-w-   C:\Windows\Sysnative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-06-15 21:39:50   5545FB5B49268C903F311849DB1942ED   423240   ----a-w-   C:\Windows\Sysnative\drivers\aswsp.sys.1402868417631
2014-06-15 21:39:50   1C159A357210CAB8974D5FBA068DC38F   1039096   ----a-w-   C:\Windows\Sysnative\drivers\aswsnx.sys.1402868417631
2014-06-14 13:00:01   17F685B67C74B8F7BFED4308790B71DE   288192   ----a-w-   C:\Windows\Sysnative\drivers\FWPKCLNT.SYS
2014-06-14 13:00:01   04ADD18EE5CC9FBEDAEC1DD1CD0CB45E   1903552   ----a-w-   C:\Windows\Sysnative\drivers\tcpip.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-06-23 23:57:41   --------   d-----w-   C:\Program Files\Bitdefender
2014-06-23 23:52:15   --------   d-----w-   C:\Program Files\Common Files\Bitdefender
======= C:\PROGRA~2 =====
2014-07-09 01:39:42   --------   d-----w-   C:\PROGRA~2\Arturia
2014-07-07 00:36:30   --------   d-----w-   C:\PROGRA~2\QuickTime
2014-07-07 00:36:25   --------   d-----w-   C:\PROGRA~2\COMMON~1\TechSmith Shared
2014-07-07 00:36:24   --------   d-----w-   C:\PROGRA~2\TechSmith
2014-07-03 03:42:36   --------   d-----w-   C:\PROGRA~2\Audacity
2014-06-23 23:51:59   --------   d-----w-   C:\PROGRA~2\COMMON~1\Bitdefender
2014-06-23 23:31:06   --------   d-----w-   C:\PROGRA~2\HiJack
======= C: =====
====== C:\Users\User\AppData\Roaming ======
2014-07-12 11:16:40   --------   d-sh--w-   C:\Users\User\AppData\Local\EmieUserList
2014-07-12 11:16:40   --------   d-sh--w-   C:\Users\User\AppData\Local\EmieSiteList
2014-07-09 01:39:42   --------   d-----w-   C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Arturia
2014-07-07 00:44:04   --------   d-----w-   C:\Users\User\AppData\Local\TechSmith
2014-07-07 00:43:04   4811927EFD7E9E2E149A525576A824C8   5120   ----a-w-   C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-03 03:42:49   --------   d-----w-   C:\Users\User\AppData\Roaming\Audacity
2014-06-24 00:09:52   --------   d-----w-   C:\Windows\SysNative\config\systemprofile\AppData\Roaming\QuickScan
2014-06-23 23:57:16   --------   d-----w-   C:\Users\User\AppData\Roaming\QuickScan
2014-06-23 13:23:03   --------   d-sh--w-   C:\Users\User\AppData\Locallow\EmieSiteList
2014-06-17 02:46:13   --------   d-----w-   C:\Users\User\AppData\Local\Adobe
====== C:\Users\User ======
2014-07-13 08:01:20   DCCFA642A3485FCB5B1A489994E35A43   253181   ----a-w-   C:\ProgramData\1405238309.bdinstall.bin
2014-07-09 01:39:45   --------   d-----w-   C:\ProgramData\Arturia
2014-07-07 00:36:36   --------   d-----w-   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camtasia Studio 7
2014-07-07 00:36:25   --------   d-----w-   C:\ProgramData\TechSmith
2014-07-05 03:48:21   A70A6BAF44BC6BBE45479CD0B9A53591   102273   ----a-w-   C:\ProgramData\1404532092.bdinstall.bin
2014-06-24 00:10:05   8C6209DF3773C18CE32ABE3C55159E2D   1401755   ----a-w-   C:\ProgramData\1403567836.bdinstall.bin
2014-06-21 13:04:01   --------   d-----w-   C:\Users\User\.android

====== C: exe-files ==
2014-07-09 03:06:10   61FF1A9683EDD471797FE0F56057FD09   222720   ----a-w-   C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2014-07-09 03:06:10   24868C9D422EDB5B249C0C81B01A0C19   810160   ----a-w-   C:\Program Files\Internet Explorer\iexplore.exe
2014-07-09 03:06:08   CD900EFB4F8946A2BB1950D9F45915C2   812216   ----a-w-   C:\Program Files (x86)\Internet Explorer\iexplore.exe
2014-07-09 03:06:08   7176CB0FFAAC3E54ABB2014E821120F9   111616   ----a-w-   C:\Windows\System32\ieetwcollector.exe
2014-07-09 03:06:08   65D0ECD485C8605B07C8338708224818   222720   ----a-w-   C:\Program Files\Internet Explorer\ielowutil.exe
2014-07-09 03:06:08   2168067C03FADB690B77633104A2E64B   470016   ----a-w-   C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2014-07-09 03:06:07   CA67F68CEC788C0C69AD47C5125DDD8E   608768   ----a-w-   C:\Windows\System32\ie4uinit.exe
2014-07-09 03:06:07   8395829B1CE9E11C6441753257DC7591   482816   ----a-w-   C:\Program Files\Internet Explorer\ieinstal.exe
2014-07-09 03:06:06   09CBE4B1AEF497FC05493B09EA2C1757   112128   ----a-w-   C:\Windows\SysWOW64\ieUnatt.exe
2014-07-09 03:06:05   CD76B3D60D28634A67B0AD7CB2E45929   139264   ----a-w-   C:\Windows\System32\ieUnatt.exe
2014-07-09 03:06:03   52012C83F7E9AF65D13F04415F0508F5   940032   ----a-w-   C:\Windows\System32\MsSpellCheckingFacility.exe
2014-07-09 03:05:11   A1CF92651A2274E887189DABD2929DEF   82944   ----a-w-   C:\Windows\SysWOW64\Dism\DismHost.exe
2014-07-09 03:05:11   516A5FCE06BB388499238A5F9286CB74   96768   ----a-w-   C:\Windows\System32\Dism\DismHost.exe
2014-07-09 03:05:08   B1544CE66FD0135A170F09B66A9E7800   172200   ----a-w-   C:\Windows\System32\CompatTel\QueryAppBlock.exe
2014-07-09 03:05:08   679A800CFFBB8EA970506887045F2E41   46752   ----a-w-   C:\Windows\System32\CompatTel\wicainventory.exe
2014-07-09 03:05:02   C6A991D7DF17EBD8DE4739CD1F283133   646144   ----a-w-   C:\Windows\SysWOW64\osk.exe
2014-07-09 03:05:02   A064A1D9CBD7F6959AAEAEAFF96DB2E9   692736   ----a-w-   C:\Windows\System32\osk.exe
2014-07-09 03:05:02   89D2706FCD45E33CECFBD46BCBAD7E16   10240   ----a-w-   C:\Program Files (x86)\Common Files\microsoft shared\ink\TabTip32.exe
2014-07-09 03:05:02   20235ED4653CFDDCDEF721F5126A1C47   224768   ----a-w-   C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe
2014-07-09 01:40:01   105E79D192361C8938ACE8DEEE9F3924   335737   ----a-w-   C:\Program Files (x86)\VSTPlugIns\Arturia\Vox Conitinental V\uninstall.exe
2014-07-07 15:00:00   BBBE0ABDD108B78630F09EE69E6130E2   9392640   ----a-w-   C:\Program Files (x86)\Arturia\Vox Conitinental V\Vox V.exe
=== C: other files ==
2014-07-12 10:30:40   C16D6BF6CE7B0F86E16C67846CD0E71A   19698   ----a-w-   C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\degkl1z6.default\extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi
2014-07-12 08:36:11   4397C0506069DD0CF0B3CB04A95DCBFD   73612   ----a-w-   C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\degkl1z6.default\extensions\{ce7e73df-6a44-4028-8079-5927a588c948}.xpi
2014-07-12 08:35:42   64CC35E3C4315970F67EE905FAE05C88   8001   ----a-w-   C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\degkl1z6.default\extensions\[email protected]
2014-07-09 03:05:02   F1726E14C8F7B40CD828345890AAF764   3157504   ----a-w-   C:\Windows\System32\win32k.sys
2014-07-09 03:04:54   FA886682CFC5D36718D3E436AACF10B9   497152   ----a-w-   C:\Windows\System32\drivers\afd.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Bitdefender Wallet Agent"="C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
"Bitdefender Wallet"="C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe --hidden --nowizard"
"Bitdefender Wallet Application Agent"="C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3403200650-3170960564-2564201062-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"uTorrent"="C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"Bitdefender Wallet Agent"="C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
"Bitdefender Wallet"="C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe --hidden --nowizard"
"Bitdefender Wallet Application Agent"="C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft..../?LinkID=122915 /build:7601"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft..../?LinkID=122915 /build:7601"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Acrobat Speed Launcher"="C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
"Acrobat Assistant 8.0"="C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
"SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
"AdobeCS6ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"uTorrent"="C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"InstallerLauncher"="C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe /run:C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\Installer.exe"

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"[email protected]"="C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn" [28.05.2014 15:21]

==== Firefox Extensions ======================

ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\degkl1z6.default
- TinEye Reverse Image Search - %ProfilePath%\extensions\[email protected]
- Download YouTube Videos as MP4 - %ProfilePath%\extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi
- Search By Image by Google - %ProfilePath%\extensions\{ce7e73df-6a44-4028-8079-5927a588c948}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

ProfilePath: C:\Users\User\AppData\Roaming\Thunderbird\Profiles\6pzlajyg.default
- Russian spellchecking dictionary - %ProfilePath%\extensions\[email protected]
- Google Contacts - %ProfilePath%\extensions\{BDD92442-0534-4D6F-A966-BAB7D561D781}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\degkl1z6.default
738C29EAC995029E13333034C1402F56   - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll -   Shockwave Flash

==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/...ox&FORM=IE11SR"

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== EOF on 13.07.2014 at 11:10:59,27 ======================

#5
Naathim

Posted 13 July 2014 - 01:29 PM

GeekU Minion

Expert
4,568 posts

Hi

Greetings from Poland! How can I call you?

Let's see what this portion of scans will reveal. I'm going also to remove some BitDefender leftovers.

P2P warning!

uTorrent

P2P programs, as they are legal itself, are often used to obtain some illegal downloads. Currently it's one of the best ways to get infected. There have been some extreme cases in which passwords, private or financial data was exposed to file sharing network because of bad P2P configuration.

I strongly recommend full uninstallation of any P2P apps. To do so:

Press the + R on your keyboard at the same time. Type appwiz.cpl and click OK.
Search for previously mentioned program(s), right-click the entry and click Uninstall.

This is optional, but please consider this. In case of leaving it installed, please refrain from using it while we're cleaning your machine.

Scan with ZOEK

Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

Right-click on icon and select Run as Administrator to start the tool.
Wait patiently until the main console will appear, it may take a minute or two.

In the main box please paste in the following script:

createsrpoint;
РЇРЅРґРµРєСЃ.РЎР»РѕРІР°СЂРё. РџРµСЂРµРІРѕРґ;ff
C:\Users\User\AppData\Local\tWtFevmrG;f
C:\Temp;f
C:\Program Files\Bitdefender;fs
C:\Program Files\Common Files\Bitdefender;fs
C:\PROGRA~2\COMMON~1\Bitdefender;fs
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run];r
"Bitdefender Wallet Agent"=-;r
"Bitdefender Wallet"=-;r
"Bitdefender Wallet Application Agent"=-;r
"C:\Program Files\Bitdefender";fs
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run];r
"Bitdefender Wallet Agent"=-;r
"Bitdefender Wallet"=-;r
"Bitdefender Wallet Application Agent"=-;r
autoclean;
process;
services-list;
systemspecs;
startupall;
skipfix-iedefaults;
firefoxlook;
chromelook;
filesrcm;
installedprogs;

Make sure that Scan All Users option is checked.
Push Run Script and wait patiently. The scan may take a couple of minutes.
When the scan completes, a zoek-results logfile should open in notepad.
If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Post its content into your next reply.

Scan with TDSSKiller

Please download TDSSKiller by Kaspersky and save it to your desktop.

Right-click on icon and select Run as Administrator to start the tool.
Click on Change parameters and put a checkmark beside Loaded modules. A reboot will be needed to apply the changes, allow it to do so.
Your machine may appear very slow and unusable after that - it's normal.
TDSSKiller will run automaticaly. Click on Change parameters and click OK.
Click the Start Scan button and wait patiently.

If anything will be found follow this guidelines:

If a suspicious object is detected, the default action will be Skip, click on Continue.
If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
If Cure is not available, please choose Skip instead.
Do not choose Delete unless instructed!

A report will be created in your root directory, (usually C:\ drive) in the form of TDSSKiller.[Version]_[Date]_[Time]_log.txt. Please include the contents of that file in your next post.

Scan with CKScanner

Download CKScanner by askey127 and save it to your desktop.

Right-click on icon and select Run as Administrator to start the tool.
click Search For Files.
When finished, click Save List To File.
Remember to run this tool once only, if not asked to run it again.

Please include the content of CKFiles.txt in your next reply.

Cheers,
Minion

#6
Dilettante

Posted 14 July 2014 - 02:27 AM

Member

Topic Starter
Member
21 posts

Hello Naathim, and greetings from Ukraine.

You safely may call me Dilettante, as this pretty much summarizes my approach to my career. In real life I'm Vladimir, if you prefer this.

Back to the topic.

I would prefer to leave uTorrent for now, as ridiculous as this sounds, I actually need for my job. Don't ask. I promise I will be super careful with it and won't mess anything even more.

Also, thanks for taking care about BitDefender leftovers, I was thinking of asking you about this at some point.

But that's when I faced some issues. I ran ZOEK with the script you've provided, and it worked for like 10 minutes and then stopped for no apparent reason, and it doesn;t look like the task was finished successfully. Or maybe it did, I'm not even sure. I've expected some message about successfully finishing the task, but I don't see it.

So I decided to stop right here and not do anything else, not running ZOEK again, and not doing next steps.

Please see what ZOEK shows in logs.

This is the log in ZOEK window:

And this is the log in C:\

Zoek.exe v5.0.0.0 Updated 13-July-2014
Tool run by User on 14.07.2014 at 0:48:31,99.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\User\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-07-13-081059.log 31544 bytes

==== System Restore Info ======================

14.07.2014 0:49:26 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Installed Programs ======================

Adobe Acrobat X Pro - English, Fran§ais, Deutsch
Adobe AIR
Adobe Flash Player 14 Plugin
Adobe Help Manager
Audacity 2.0.5
Avid License Control
Camtasia Studio 7
CorelDRAW Graphics Suite X6 - Capture (x64)
CorelDRAW Graphics Suite X6 - Common (x64)
CorelDRAW Graphics Suite X6 - Connect (x64)
CorelDRAW Graphics Suite X6 - Custom Data (x64)
CorelDRAW Graphics Suite X6 - Draw (x64)
CorelDRAW Graphics Suite X6 - EN (x64)
CorelDRAW Graphics Suite X6 - Filters (x64)
CorelDRAW Graphics Suite X6 - FontNav (x64)
CorelDRAW Graphics Suite X6 - IPM
CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x64)
CorelDRAW Graphics Suite X6 - Photozoom Plugin (x64)
CorelDRAW Graphics Suite X6 - Redist (x64)
CorelDRAW Graphics Suite X6 - Setup Files (x64)
CorelDRAW Graphics Suite X6 - VBA (x64)
CorelDRAW Graphics Suite X6 - VideoBrowser (x64)
CorelDRAW Graphics Suite X6 - VSTA (x64)
CorelDRAW Graphics Suite X6 - Writing Tools (x64)
CorelDRAW Graphics Suite X6 (64-Bit)
CorelDRAW Graphics Suite X6 (x64)
DAEMON Tools Lite
HiJackThis
MAGIX Burn routines (64-Bit)
MAGIX Low Latency Driver (64-Bit)
MAGIX Speed burnR (MSI)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 4.5.1
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
Microsoft_VC80_CRT_x86
Microsoft_VC90_CRT_x86
ModifyRegistry version 0.1
Mozilla Firefox 30.0 (x86 en-US)
Mozilla Maintenance Service
Mozilla Thunderbird 24.6.0 (x86 en-US)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2758694)
Native Instruments Kontakt 5
NVIDIA Control Panel 335.23
NVIDIA Graphics Driver 335.23
NVIDIA Install Application
NVIDIA Update 10.4.0
NVIDIA Update Core
PCM Native Reverb Bundle
PDF Settings CS6
Platform
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Samplitude Pro X Suite Download Version
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Sibelius 7 OpenType Fonts
Sibelius 7.5
SkypeT 6.16
The KMPlayer (remove only)
Total Commander Extended
VIA Platform Device Manager
Waves Complete V9r14
WinRAR 5.01 (64-bit)
зTorrent

==== Running Processes ======================

C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
D:\Installed\TheBatPortable\TheBatPortable.exe
D:\Installed\TheBatPortable\App\TheBat\thebat.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\User\Desktop\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe

==== Deleting Services ======================

==== FireFox Fix ======================

ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\degkl1z6.default

---- Lines zonealarm removed from prefs.js ----
user_pref("extensions.zonealarm.admin", false);
user_pref("extensions.zonealarm.aflt", "1001");
user_pref("extensions.zonealarm.appId", "{C56C48A0-DA4E-46F6-9859-1553DC865F84}");
user_pref("extensions.zonealarm.autoRvrt", "false");
user_pref("extensions.zonealarm.dfltLng", "EN");
user_pref("extensions.zonealarm.excTlbr", false);
user_pref("extensions.zonealarm.ffxUnstlRst", false);
user_pref("extensions.zonealarm.id", "625c4b1e00000000000074d4355b6736");
user_pref("extensions.zonealarm.instlDay", "16220");
user_pref("extensions.zonealarm.instlRef", "ZLN123323265549964-1001");
user_pref("extensions.zonealarm.newTab", false);
user_pref("extensions.zonealarm.prdct", "zonealarm");
user_pref("extensions.zonealarm.prtnrId", "checkpoint");
user_pref("extensions.zonealarm.rvrt", "false");
user_pref("extensions.zonealarm.smplGrp", "NewUSR");
user_pref("extensions.zonealarm.tlbrId", "HFA5");
user_pref("extensions.zonealarm.tlbrSrchUrl", "http://search.zoneal...3e2b597d799cb
user_pref("extensions.zonealarm.vrsn", "1.8.29.17");
user_pref("extensions.zonealarm.vrsni", "1.8.29.17");
user_pref("extensions.zonealarm.vrsnTs", "1.8.29.172:01:49");
---- Lines zonealarm removed from user.js ----

user_pref("extensions.zonealarm.tlbrSrchUrl", "http://search.zoneal...Id=&ver=&&q=");
user_pref("extensions.zonealarm.id", "625c4b1e00000000000074d4355b6736");
user_pref("extensions.zonealarm.appId", "{C56C48A0-DA4E-46F6-9859-1553DC865F84}");
user_pref("extensions.zonealarm.instlDay", "16220");
user_pref("extensions.zonealarm.vrsn", "1.8.29.17");
user_pref("extensions.zonealarm.vrsni", "1.8.29.17");
user_pref("extensions.zonealarm.vrsnTs", "1.8.29.172:01:49");
user_pref("extensions.zonealarm.prtnrId", "checkpoint");
user_pref("extensions.zonealarm.prdct", "zonealarm");
user_pref("extensions.zonealarm.aflt", "1001");
user_pref("extensions.zonealarm.smplGrp", "NewUSR");
user_pref("extensions.zonealarm.tlbrId", "HFA5");
user_pref("extensions.zonealarm.instlRef", "ZLN123323265549964-1001");
user_pref("extensions.zonealarm.dfltLng", "EN");
user_pref("extensions.zonealarm.excTlbr", false);
user_pref("extensions.zonealarm.ffxUnstlRst", false);
user_pref("extensions.zonealarm.admin", false);
user_pref("extensions.zonealarm.autoRvrt", "false");
user_pref("extensions.zonealarm.rvrt", "false");
user_pref("extensions.zonealarm.newTab", false);

---- FireFox user.js and prefs.js backups ----

user__0054_.backup
prefs__0054_.backup

ProfilePath: C:\Users\User\AppData\Roaming\Thunderbird\Profiles\6pzlajyg.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs__0054_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Bitdefender Wallet Agent"=-
"Bitdefender Wallet"=-
"Bitdefender Wallet Application Agent"=-
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"Bitdefender Wallet Agent"=-
"Bitdefender Wallet"=-
"Bitdefender Wallet Application Agent"=-

Does this looks right? I don't think ZOEK was able to finish the job, but it didn't show any error messages, or something.

Edited by Dilettante, 14 July 2014 - 02:27 AM.

#7
Naathim

Posted 14 July 2014 - 02:44 AM

GeekU Minion

Expert
4,568 posts

Hi Vlad
My real name is Radek, but you may call me whatever you like to. Most of my real-life friends call me Naat.

ZOEK log provided dosn't look like completed. Please proceed with TDSSKiller, I will investigate further what to do with ZOEK.

Cheers,
Naat

#8
Dilettante

Posted 14 July 2014 - 03:10 AM

Member

Topic Starter
Member
21 posts

Hello Naat.

TDSSKiller scan went smoothly and very fast. No suspicious objects found.

It provided me with 2 logs (I suppose, 1st one is before reboot) that I provide for you.

12:03:49.0660 0x117c TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
12:03:59.0690 0x117c ============================================================
12:03:59.0690 0x117c Current date / time: 2014/07/14 12:03:59.0690
12:03:59.0690 0x117c SystemInfo:
12:03:59.0690 0x117c
12:03:59.0690 0x117c OS Version: 6.1.7601 ServicePack: 1.0
12:03:59.0690 0x117c Product type: Workstation
12:03:59.0690 0x117c ComputerName: USER-PC
12:03:59.0690 0x117c UserName: User
12:03:59.0690 0x117c Windows directory: C:\Windows
12:03:59.0690 0x117c System windows directory: C:\Windows
12:03:59.0690 0x117c Running under WOW64
12:03:59.0690 0x117c Processor architecture: Intel x64
12:03:59.0690 0x117c Number of processors: 4
12:03:59.0690 0x117c Page size: 0x1000
12:03:59.0690 0x117c Boot type: Normal boot
12:03:59.0690 0x117c ============================================================
12:04:01.0200 0x117c KLMD registered as C:\Windows\system32\drivers\18013860.sys
12:04:01.0390 0x117c System UUID: {06B2CF87-1FBA-1342-E594-7D2BFFB1C532}
12:04:01.0740 0x117c Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:04:05.0430 0x117c Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:04:08.0970 0x117c Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:04:08.0990 0x117c ============================================================
12:04:08.0990 0x117c \Device\Harddisk0\DR0:
12:04:08.0990 0x117c MBR partitions:
12:04:08.0990 0x117c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:04:08.0990 0x117c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1866D800
12:04:08.0990 0x117c \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x186A0000, BlocksNum 0x21CE5000
12:04:08.0990 0x117c \Device\Harddisk1\DR1:
12:04:08.0990 0x117c MBR partitions:
12:04:08.0990 0x117c \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
12:04:08.0990 0x117c \Device\Harddisk2\DR2:
12:04:08.0990 0x117c MBR partitions:
12:04:08.0990 0x117c \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x37675800
12:04:08.0990 0x117c \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x37676000, BlocksNum 0x3D08F800
12:04:08.0990 0x117c ============================================================
12:04:09.0010 0x117c C: <-> \Device\Harddisk0\DR0\Partition2
12:04:09.0020 0x117c E: <-> \Device\Harddisk2\DR2\Partition1
12:04:09.0040 0x117c D: <-> \Device\Harddisk0\DR0\Partition3
12:04:09.0090 0x117c F: <-> \Device\Harddisk2\DR2\Partition2
12:04:09.0110 0x117c G: <-> \Device\Harddisk1\DR1\Partition1
12:04:09.0110 0x117c ============================================================
12:04:09.0110 0x117c Initialize success
12:04:09.0110 0x117c ============================================================
12:04:26.0300 0x0668 KLMD registered as C:\Windows\system32\drivers\51956926.sys
12:04:27.0480 0x0668 Deinitialize success

12:06:02.0113 0x0a70 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
12:06:02.0113 0x0a70 ============================================================
12:06:02.0113 0x0a70 Current date / time: 2014/07/14 12:06:02.0113
12:06:02.0113 0x0a70 SystemInfo:
12:06:02.0113 0x0a70
12:06:02.0113 0x0a70 OS Version: 6.1.7601 ServicePack: 1.0
12:06:02.0113 0x0a70 Product type: Workstation
12:06:02.0113 0x0a70 ComputerName: USER-PC
12:06:02.0113 0x0a70 UserName: User
12:06:02.0113 0x0a70 Windows directory: C:\Windows
12:06:02.0113 0x0a70 System windows directory: C:\Windows
12:06:02.0113 0x0a70 Running under WOW64
12:06:02.0113 0x0a70 Processor architecture: Intel x64
12:06:02.0113 0x0a70 Number of processors: 4
12:06:02.0113 0x0a70 Page size: 0x1000
12:06:02.0113 0x0a70 Boot type: Normal boot
12:06:02.0113 0x0a70 ============================================================
12:06:02.0129 0x0a70 BG loaded
12:06:02.0410 0x0a70 System UUID: {06B2CF87-1FBA-1342-E594-7D2BFFB1C532}
12:06:03.0860 0x0a70 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:06:03.0876 0x0a70 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:06:03.0907 0x0a70 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:06:03.0907 0x0a70 ============================================================
12:06:03.0907 0x0a70 \Device\Harddisk0\DR0:
12:06:03.0938 0x0a70 MBR partitions:
12:06:03.0938 0x0a70 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:06:03.0938 0x0a70 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1866D800
12:06:03.0938 0x0a70 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x186A0000, BlocksNum 0x21CE5000
12:06:03.0938 0x0a70 \Device\Harddisk1\DR1:
12:06:03.0938 0x0a70 MBR partitions:
12:06:03.0938 0x0a70 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
12:06:03.0938 0x0a70 \Device\Harddisk2\DR2:
12:06:03.0938 0x0a70 MBR partitions:
12:06:03.0938 0x0a70 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x37675800
12:06:03.0938 0x0a70 \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x37676000, BlocksNum 0x3D08F800
12:06:03.0938 0x0a70 ============================================================
12:06:04.0204 0x0a70 C: <-> \Device\Harddisk0\DR0\Partition2
12:06:04.0219 0x0a70 E: <-> \Device\Harddisk2\DR2\Partition1
12:06:04.0406 0x0a70 D: <-> \Device\Harddisk0\DR0\Partition3
12:06:04.0422 0x0a70 F: <-> \Device\Harddisk2\DR2\Partition2
12:06:04.0500 0x0a70 G: <-> \Device\Harddisk1\DR1\Partition1
12:06:04.0500 0x0a70 ============================================================
12:06:04.0500 0x0a70 Initialize success
12:06:04.0500 0x0a70 ============================================================
12:06:29.0038 0x0fbc ============================================================
12:06:29.0038 0x0fbc Scan started
12:06:29.0038 0x0fbc Mode: Manual;
12:06:29.0038 0x0fbc ============================================================
12:06:29.0038 0x0fbc KSN ping started
12:06:32.0558 0x0fbc KSN ping finished: true
12:06:43.0348 0x0fbc ================ Scan system memory ========================
12:06:43.0348 0x0fbc System memory - ok
12:06:43.0348 0x0fbc ================ Scan services =============================
12:06:43.0578 0x0fbc [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
12:06:43.0598 0x0fbc 1394ohci - ok
12:06:43.0628 0x0fbc [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
12:06:43.0638 0x0fbc ACPI - ok
12:06:43.0668 0x0fbc [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
12:06:43.0668 0x0fbc AcpiPmi - ok
12:06:43.0708 0x0fbc [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
12:06:43.0728 0x0fbc adp94xx - ok
12:06:43.0738 0x0fbc [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
12:06:43.0748 0x0fbc adpahci - ok
12:06:43.0758 0x0fbc [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
12:06:43.0768 0x0fbc adpu320 - ok
12:06:43.0788 0x0fbc [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:06:43.0788 0x0fbc AeLookupSvc - ok
12:06:43.0828 0x0fbc [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
12:06:43.0838 0x0fbc AFD - ok
12:06:43.0858 0x0fbc [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
12:06:43.0858 0x0fbc agp440 - ok
12:06:43.0868 0x0fbc [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
12:06:43.0868 0x0fbc ALG - ok
12:06:43.0898 0x0fbc [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:06:43.0898 0x0fbc aliide - ok
12:06:43.0918 0x0fbc [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
12:06:43.0918 0x0fbc amdide - ok
12:06:43.0978 0x0fbc [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
12:06:43.0978 0x0fbc AmdK8 - ok
12:06:44.0008 0x0fbc [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
12:06:44.0008 0x0fbc AmdPPM - ok
12:06:44.0048 0x0fbc [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
12:06:44.0058 0x0fbc amdsata - ok
12:06:44.0098 0x0fbc [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
12:06:44.0118 0x0fbc amdsbs - ok
12:06:44.0138 0x0fbc [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
12:06:44.0148 0x0fbc amdxata - ok
12:06:44.0188 0x0fbc [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
12:06:44.0188 0x0fbc AppID - ok
12:06:44.0218 0x0fbc [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:06:44.0218 0x0fbc AppIDSvc - ok
12:06:44.0248 0x0fbc [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
12:06:44.0248 0x0fbc Appinfo - ok
12:06:44.0288 0x0fbc [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
12:06:44.0308 0x0fbc AppMgmt - ok
12:06:44.0338 0x0fbc [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
12:06:44.0348 0x0fbc arc - ok
12:06:44.0358 0x0fbc [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
12:06:44.0368 0x0fbc arcsas - ok
12:06:44.0448 0x0fbc [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:06:44.0468 0x0fbc aspnet_state - ok
12:06:44.0488 0x0fbc [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:06:44.0498 0x0fbc AsyncMac - ok
12:06:44.0518 0x0fbc [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
12:06:44.0518 0x0fbc atapi - ok
12:06:44.0588 0x0fbc [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:06:44.0608 0x0fbc AudioEndpointBuilder - ok
12:06:44.0628 0x0fbc [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
12:06:44.0638 0x0fbc AudioSrv - ok
12:06:44.0668 0x0fbc [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:06:44.0668 0x0fbc AxInstSV - ok
12:06:44.0698 0x0fbc [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
12:06:44.0708 0x0fbc b06bdrv - ok
12:06:44.0748 0x0fbc [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
12:06:44.0758 0x0fbc b57nd60a - ok
12:06:44.0788 0x0fbc [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
12:06:44.0788 0x0fbc BDESVC - ok
12:06:44.0798 0x0fbc [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:06:44.0798 0x0fbc Beep - ok
12:06:44.0858 0x0fbc [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
12:06:44.0878 0x0fbc BFE - ok
12:06:44.0918 0x0fbc [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
12:06:44.0928 0x0fbc BITS - ok
12:06:44.0948 0x0fbc [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
12:06:44.0948 0x0fbc blbdrive - ok
12:06:44.0978 0x0fbc [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:06:44.0978 0x0fbc bowser - ok
12:06:45.0008 0x0fbc [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:06:45.0008 0x0fbc BrFiltLo - ok
12:06:45.0028 0x0fbc [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:06:45.0028 0x0fbc BrFiltUp - ok
12:06:45.0058 0x0fbc [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
12:06:45.0068 0x0fbc Browser - ok
12:06:45.0118 0x0fbc [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
12:06:45.0128 0x0fbc Brserid - ok
12:06:45.0138 0x0fbc [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
12:06:45.0138 0x0fbc BrSerWdm - ok
12:06:45.0148 0x0fbc [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
12:06:45.0158 0x0fbc BrUsbMdm - ok
12:06:45.0158 0x0fbc [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
12:06:45.0158 0x0fbc BrUsbSer - ok
12:06:45.0168 0x0fbc [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
12:06:45.0178 0x0fbc BTHMODEM - ok
12:06:45.0198 0x0fbc [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
12:06:45.0198 0x0fbc bthserv - ok
12:06:45.0218 0x0fbc [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:06:45.0218 0x0fbc cdfs - ok
12:06:45.0268 0x0fbc [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
12:06:45.0278 0x0fbc cdrom - ok
12:06:45.0308 0x0fbc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
12:06:45.0318 0x0fbc CertPropSvc - ok
12:06:45.0348 0x0fbc [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
12:06:45.0358 0x0fbc circlass - ok
12:06:45.0408 0x0fbc [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
12:06:45.0428 0x0fbc CLFS - ok
12:06:45.0478 0x0fbc [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:06:45.0478 0x0fbc clr_optimization_v2.0.50727_32 - ok
12:06:45.0508 0x0fbc [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:06:45.0518 0x0fbc clr_optimization_v2.0.50727_64 - ok
12:06:45.0578 0x0fbc [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:06:45.0628 0x0fbc clr_optimization_v4.0.30319_32 - ok
12:06:45.0658 0x0fbc [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:06:45.0718 0x0fbc clr_optimization_v4.0.30319_64 - ok
12:06:45.0758 0x0fbc [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
12:06:45.0758 0x0fbc CmBatt - ok
12:06:45.0768 0x0fbc [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:06:45.0778 0x0fbc cmdide - ok
12:06:45.0808 0x0fbc [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
12:06:45.0818 0x0fbc CNG - ok
12:06:45.0838 0x0fbc [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
12:06:45.0838 0x0fbc Compbatt - ok
12:06:45.0848 0x0fbc [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
12:06:45.0848 0x0fbc CompositeBus - ok
12:06:45.0858 0x0fbc COMSysApp - ok
12:06:45.0878 0x0fbc [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
12:06:45.0878 0x0fbc crcdisk - ok
12:06:45.0908 0x0fbc [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:06:45.0908 0x0fbc CryptSvc - ok
12:06:45.0998 0x0fbc [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
12:06:46.0008 0x0fbc CSC - ok
12:06:46.0118 0x0fbc [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
12:06:46.0138 0x0fbc CscService - ok
12:06:46.0158 0x0fbc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:06:46.0168 0x0fbc DcomLaunch - ok
12:06:46.0228 0x0fbc [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
12:06:46.0238 0x0fbc defragsvc - ok
12:06:46.0258 0x0fbc [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:06:46.0268 0x0fbc DfsC - ok
12:06:46.0288 0x0fbc [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:06:46.0298 0x0fbc Dhcp - ok
12:06:46.0308 0x0fbc [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
12:06:46.0318 0x0fbc discache - ok
12:06:46.0338 0x0fbc [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
12:06:46.0348 0x0fbc Disk - ok
12:06:46.0368 0x0fbc [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:06:46.0378 0x0fbc Dnscache - ok
12:06:46.0418 0x0fbc [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:06:46.0438 0x0fbc dot3svc - ok
12:06:46.0478 0x0fbc [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
12:06:46.0488 0x0fbc DPS - ok
12:06:46.0518 0x0fbc [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:06:46.0518 0x0fbc drmkaud - ok
12:06:46.0558 0x0fbc [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
12:06:46.0568 0x0fbc dtsoftbus01 - ok
12:06:46.0618 0x0fbc [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:06:46.0638 0x0fbc DXGKrnl - ok
12:06:46.0668 0x0fbc [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
12:06:46.0668 0x0fbc EapHost - ok
12:06:46.0818 0x0fbc [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
12:06:46.0948 0x0fbc ebdrv - ok
12:06:46.0968 0x0fbc [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
12:06:46.0968 0x0fbc EFS - ok
12:06:47.0068 0x0fbc [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:06:47.0088 0x0fbc ehRecvr - ok
12:06:47.0138 0x0fbc [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
12:06:47.0148 0x0fbc ehSched - ok
12:06:47.0228 0x0fbc [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
12:06:47.0238 0x0fbc elxstor - ok
12:06:47.0278 0x0fbc [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:06:47.0278 0x0fbc ErrDev - ok
12:06:47.0318 0x0fbc [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
12:06:47.0318 0x0fbc EventSystem - ok
12:06:47.0338 0x0fbc [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
12:06:47.0338 0x0fbc exfat - ok
12:06:47.0348 0x0fbc [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:06:47.0358 0x0fbc fastfat - ok
12:06:47.0398 0x0fbc [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
12:06:47.0408 0x0fbc Fax - ok
12:06:47.0438 0x0fbc [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
12:06:47.0448 0x0fbc fdc - ok
12:06:47.0478 0x0fbc [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
12:06:47.0478 0x0fbc fdPHost - ok
12:06:47.0498 0x0fbc [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:06:47.0498 0x0fbc FDResPub - ok
12:06:47.0528 0x0fbc [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:06:47.0538 0x0fbc FileInfo - ok
12:06:47.0548 0x0fbc [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:06:47.0558 0x0fbc Filetrace - ok
12:06:47.0568 0x0fbc [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
12:06:47.0578 0x0fbc flpydisk - ok
12:06:47.0598 0x0fbc [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:06:47.0608 0x0fbc FltMgr - ok
12:06:47.0688 0x0fbc [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
12:06:47.0708 0x0fbc FontCache - ok
12:06:47.0778 0x0fbc [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:06:47.0798 0x0fbc FontCache3.0.0.0 - ok
12:06:47.0828 0x0fbc [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:06:47.0828 0x0fbc FsDepends - ok
12:06:47.0858 0x0fbc [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:06:47.0858 0x0fbc Fs_Rec - ok
12:06:47.0918 0x0fbc [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:06:47.0928 0x0fbc fvevol - ok
12:06:47.0948 0x0fbc [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
12:06:47.0948 0x0fbc gagp30kx - ok
12:06:47.0958 0x0fbc gdrv - ok
12:06:47.0998 0x0fbc [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
12:06:48.0008 0x0fbc gpsvc - ok
12:06:48.0018 0x0fbc [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
12:06:48.0028 0x0fbc hcw85cir - ok
12:06:48.0058 0x0fbc [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:06:48.0058 0x0fbc HdAudAddService - ok
12:06:48.0078 0x0fbc [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
12:06:48.0078 0x0fbc HDAudBus - ok
12:06:48.0088 0x0fbc [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
12:06:48.0088 0x0fbc HidBatt - ok
12:06:48.0098 0x0fbc [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
12:06:48.0108 0x0fbc HidBth - ok
12:06:48.0118 0x0fbc [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
12:06:48.0118 0x0fbc HidIr - ok
12:06:48.0138 0x0fbc [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
12:06:48.0138 0x0fbc hidserv - ok
12:06:48.0148 0x0fbc [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
12:06:48.0158 0x0fbc HidUsb - ok
12:06:48.0188 0x0fbc [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:06:48.0198 0x0fbc hkmsvc - ok
12:06:48.0228 0x0fbc [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:06:48.0228 0x0fbc HomeGroupListener - ok
12:06:48.0258 0x0fbc [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:06:48.0268 0x0fbc HomeGroupProvider - ok
12:06:48.0288 0x0fbc [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
12:06:48.0288 0x0fbc HpSAMD - ok
12:06:48.0338 0x0fbc [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:06:48.0348 0x0fbc HTTP - ok
12:06:48.0358 0x0fbc [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
12:06:48.0358 0x0fbc hwpolicy - ok
12:06:48.0378 0x0fbc [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
12:06:48.0378 0x0fbc i8042prt - ok
12:06:48.0408 0x0fbc [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
12:06:48.0418 0x0fbc iaStorV - ok
12:06:48.0448 0x0fbc [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:06:48.0468 0x0fbc idsvc - ok
12:06:48.0468 0x0fbc IEEtwCollectorService - ok
12:06:48.0498 0x0fbc [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
12:06:48.0498 0x0fbc iirsp - ok
12:06:48.0578 0x0fbc [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
12:06:48.0598 0x0fbc IKEEXT - ok
12:06:48.0778 0x0fbc [ 7A93DBF7DD86A28C0B941F4D39B85A0E, DBA4AE976CD01C599B85933E9B8741D7F01FD88F5BEAF01DDA3BCCDD1550607A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:06:48.0848 0x0fbc IntcAzAudAddService - ok
12:06:48.0868 0x0fbc [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
12:06:48.0868 0x0fbc intelide - ok
12:06:48.0898 0x0fbc [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
12:06:48.0898 0x0fbc intelppm - ok
12:06:48.0928 0x0fbc [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:06:48.0938 0x0fbc IPBusEnum - ok
12:06:48.0958 0x0fbc [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:06:48.0968 0x0fbc IpFilterDriver - ok
12:06:49.0038 0x0fbc [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:06:49.0058 0x0fbc iphlpsvc - ok
12:06:49.0088 0x0fbc [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
12:06:49.0098 0x0fbc IPMIDRV - ok
12:06:49.0118 0x0fbc [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
12:06:49.0128 0x0fbc IPNAT - ok
12:06:49.0148 0x0fbc [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:06:49.0158 0x0fbc IRENUM - ok
12:06:49.0178 0x0fbc [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:06:49.0178 0x0fbc isapnp - ok
12:06:49.0218 0x0fbc [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
12:06:49.0238 0x0fbc iScsiPrt - ok
12:06:49.0248 0x0fbc [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
12:06:49.0248 0x0fbc kbdclass - ok
12:06:49.0278 0x0fbc [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
12:06:49.0278 0x0fbc kbdhid - ok
12:06:49.0288 0x0fbc [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
12:06:49.0288 0x0fbc KeyIso - ok
12:06:49.0338 0x0fbc [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:06:49.0348 0x0fbc KSecDD - ok
12:06:49.0378 0x0fbc [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
12:06:49.0388 0x0fbc KSecPkg - ok
12:06:49.0418 0x0fbc [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
12:06:49.0418 0x0fbc ksthunk - ok
12:06:49.0478 0x0fbc [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:06:49.0488 0x0fbc KtmRm - ok
12:06:49.0518 0x0fbc [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
12:06:49.0528 0x0fbc LanmanServer - ok
12:06:49.0548 0x0fbc [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:06:49.0558 0x0fbc LanmanWorkstation - ok
12:06:49.0578 0x0fbc [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:06:49.0578 0x0fbc lltdio - ok
12:06:49.0628 0x0fbc [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:06:49.0648 0x0fbc lltdsvc - ok
12:06:49.0668 0x0fbc [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:06:49.0668 0x0fbc lmhosts - ok
12:06:49.0678 0x0fbc [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
12:06:49.0688 0x0fbc LSI_FC - ok
12:06:49.0698 0x0fbc [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
12:06:49.0698 0x0fbc LSI_SAS - ok
12:06:49.0718 0x0fbc [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:06:49.0728 0x0fbc LSI_SAS2 - ok
12:06:49.0728 0x0fbc [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:06:49.0748 0x0fbc LSI_SCSI - ok
12:06:49.0758 0x0fbc [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
12:06:49.0758 0x0fbc luafv - ok
12:06:49.0808 0x0fbc [ 0C85B2B6FB74B36A251792D45E0EF860, 2E04204560C1159ABC25F273B0B7F81FDF9BA5E88C17929FD924C4E945DE5020 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
12:06:49.0818 0x0fbc LVRS64 - ok
12:06:50.0018 0x0fbc [ FF3A488924B0032B1A9CA6948C1FA9E8, 6F05852B75498210926F5CDF49D2A6DD97C39CD93D32E3200D7240AADA3E7BEE ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
12:06:50.0098 0x0fbc LVUVC64 - ok
12:06:50.0128 0x0fbc [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:06:50.0148 0x0fbc Mcx2Svc - ok
12:06:50.0178 0x0fbc [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
12:06:50.0188 0x0fbc megasas - ok
12:06:50.0218 0x0fbc [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
12:06:50.0228 0x0fbc MegaSR - ok
12:06:50.0258 0x0fbc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
12:06:50.0258 0x0fbc MMCSS - ok
12:06:50.0268 0x0fbc [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
12:06:50.0268 0x0fbc Modem - ok
12:06:50.0288 0x0fbc [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:06:50.0288 0x0fbc monitor - ok
12:06:50.0298 0x0fbc [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
12:06:50.0298 0x0fbc mouclass - ok
12:06:50.0318 0x0fbc [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:06:50.0318 0x0fbc mouhid - ok
12:06:50.0338 0x0fbc [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
12:06:50.0338 0x0fbc mountmgr - ok
12:06:50.0408 0x0fbc [ 26EA1DAD601EE3ACAC301D66F07BA219, C9594BB15D53D4AC2156CCCD2DB65B2C20620F1F60DA85F48D1586FC10028096 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:06:50.0418 0x0fbc MozillaMaintenance - ok
12:06:50.0448 0x0fbc [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:06:50.0458 0x0fbc mpio - ok
12:06:50.0478 0x0fbc [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:06:50.0478 0x0fbc mpsdrv - ok
12:06:50.0558 0x0fbc [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:06:50.0578 0x0fbc MpsSvc - ok
12:06:50.0638 0x0fbc [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:06:50.0648 0x0fbc MRxDAV - ok
12:06:50.0688 0x0fbc [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:06:50.0698 0x0fbc mrxsmb - ok
12:06:50.0778 0x0fbc [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:06:50.0798 0x0fbc mrxsmb10 - ok
12:06:50.0808 0x0fbc [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:06:50.0818 0x0fbc mrxsmb20 - ok
12:06:50.0838 0x0fbc [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
12:06:50.0838 0x0fbc msahci - ok
12:06:50.0848 0x0fbc [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:06:50.0858 0x0fbc msdsm - ok
12:06:50.0878 0x0fbc [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
12:06:50.0878 0x0fbc MSDTC - ok
12:06:50.0908 0x0fbc [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:06:50.0908 0x0fbc Msfs - ok
12:06:50.0918 0x0fbc [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
12:06:50.0928 0x0fbc mshidkmdf - ok
12:06:50.0948 0x0fbc [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:06:50.0948 0x0fbc msisadrv - ok
12:06:50.0988 0x0fbc [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:06:50.0998 0x0fbc MSiSCSI - ok
12:06:51.0008 0x0fbc msiserver - ok
12:06:51.0028 0x0fbc [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:06:51.0028 0x0fbc MSKSSRV - ok
12:06:51.0038 0x0fbc [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:06:51.0038 0x0fbc MSPCLOCK - ok
12:06:51.0048 0x0fbc [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:06:51.0048 0x0fbc MSPQM - ok
12:06:51.0078 0x0fbc [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:06:51.0098 0x0fbc MsRPC - ok
12:06:51.0108 0x0fbc [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
12:06:51.0118 0x0fbc mssmbios - ok
12:06:51.0118 0x0fbc [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:06:51.0128 0x0fbc MSTEE - ok
12:06:51.0128 0x0fbc [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
12:06:51.0128 0x0fbc MTConfig - ok
12:06:51.0148 0x0fbc [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
12:06:51.0148 0x0fbc Mup - ok
12:06:51.0188 0x0fbc [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
12:06:51.0198 0x0fbc napagent - ok
12:06:51.0238 0x0fbc [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:06:51.0248 0x0fbc NativeWifiP - ok
12:06:51.0298 0x0fbc [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:06:51.0328 0x0fbc NDIS - ok
12:06:51.0358 0x0fbc [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:06:51.0358 0x0fbc NdisCap - ok
12:06:51.0378 0x0fbc [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:06:51.0378 0x0fbc NdisTapi - ok
12:06:51.0408 0x0fbc [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:06:51.0408 0x0fbc Ndisuio - ok
12:06:51.0448 0x0fbc [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:06:51.0458 0x0fbc NdisWan - ok
12:06:51.0478 0x0fbc [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:06:51.0478 0x0fbc NDProxy - ok
12:06:51.0488 0x0fbc [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:06:51.0488 0x0fbc NetBIOS - ok
12:06:51.0518 0x0fbc [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:06:51.0518 0x0fbc NetBT - ok
12:06:51.0548 0x0fbc [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
12:06:51.0548 0x0fbc Netlogon - ok
12:06:51.0658 0x0fbc [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
12:06:51.0668 0x0fbc Netman - ok
12:06:51.0718 0x0fbc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:06:51.0758 0x0fbc NetMsmqActivator - ok
12:06:51.0768 0x0fbc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:06:51.0778 0x0fbc NetPipeActivator - ok
12:06:51.0818 0x0fbc [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
12:06:51.0828 0x0fbc netprofm - ok
12:06:51.0848 0x0fbc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:06:51.0858 0x0fbc NetTcpActivator - ok
12:06:51.0858 0x0fbc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:06:51.0868 0x0fbc NetTcpPortSharing - ok
12:06:51.0898 0x0fbc [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
12:06:51.0898 0x0fbc nfrd960 - ok
12:06:51.0918 0x0fbc [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:06:51.0928 0x0fbc NlaSvc - ok
12:06:51.0928 0x0fbc [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:06:51.0928 0x0fbc Npfs - ok
12:06:51.0948 0x0fbc [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
12:06:51.0948 0x0fbc nsi - ok
12:06:51.0958 0x0fbc [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:06:51.0958 0x0fbc nsiproxy - ok
12:06:52.0168 0x0fbc [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:06:52.0208 0x0fbc Ntfs - ok
12:06:52.0218 0x0fbc [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
12:06:52.0218 0x0fbc Null - ok
12:06:52.0228 0x0fbc NVHDA - ok
12:06:52.0568 0x0fbc [ 757ACE4D4C9FF0571F86AA5D586B45E8, E7F23CC1DE26E2DAA690B78B05FC001EE0051F0ED9B9BCE9E7FA4E9684D4F3D4 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:06:52.0758 0x0fbc nvlddmkm - ok
12:06:52.0808 0x0fbc [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:06:52.0808 0x0fbc nvraid - ok
12:06:52.0818 0x0fbc [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:06:52.0828 0x0fbc nvstor - ok
12:06:52.0868 0x0fbc [ 1C7CC708AC4A02A3BE8915539780534A, 0EBDE100880963BF1EC05002BA244CA7700693E958D1974CDD2AC3927D93224F ] nvsvc           C:\Windows\system32\nvvsvc.exe
12:06:52.0878 0x0fbc nvsvc - ok
12:06:52.0898 0x0fbc [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:06:52.0898 0x0fbc nv_agp - ok
12:06:52.0918 0x0fbc [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
12:06:52.0928 0x0fbc ohci1394 - ok
12:06:52.0998 0x0fbc [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:06:53.0018 0x0fbc ose - ok
12:06:53.0208 0x0fbc [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:06:53.0358 0x0fbc osppsvc - ok
12:06:53.0418 0x0fbc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:06:53.0438 0x0fbc p2pimsvc - ok
12:06:53.0508 0x0fbc [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
12:06:53.0528 0x0fbc p2psvc - ok
12:06:53.0568 0x0fbc [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
12:06:53.0578 0x0fbc Parport - ok
12:06:53.0598 0x0fbc [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:06:53.0598 0x0fbc partmgr - ok
12:06:53.0618 0x0fbc [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:06:53.0618 0x0fbc PcaSvc - ok
12:06:53.0638 0x0fbc [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
12:06:53.0648 0x0fbc pci - ok
12:06:53.0658 0x0fbc [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
12:06:53.0668 0x0fbc pciide - ok
12:06:53.0688 0x0fbc [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
12:06:53.0698 0x0fbc pcmcia - ok
12:06:53.0718 0x0fbc [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
12:06:53.0718 0x0fbc pcw - ok
12:06:53.0748 0x0fbc [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:06:53.0758 0x0fbc PEAUTH - ok
12:06:53.0838 0x0fbc [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
12:06:53.0888 0x0fbc PeerDistSvc - ok
12:06:53.0948 0x0fbc [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
12:06:53.0958 0x0fbc PerfHost - ok
12:06:54.0078 0x0fbc [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
12:06:54.0168 0x0fbc pla - ok
12:06:54.0198 0x0fbc [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:06:54.0208 0x0fbc PlugPlay - ok
12:06:54.0228 0x0fbc [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
12:06:54.0238 0x0fbc PNRPAutoReg - ok
12:06:54.0268 0x0fbc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:06:54.0278 0x0fbc PNRPsvc - ok
12:06:54.0318 0x0fbc [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:06:54.0328 0x0fbc PolicyAgent - ok
12:06:54.0358 0x0fbc [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
12:06:54.0358 0x0fbc Power - ok
12:06:54.0388 0x0fbc [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:06:54.0388 0x0fbc PptpMiniport - ok
12:06:54.0408 0x0fbc [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
12:06:54.0408 0x0fbc Processor - ok
12:06:54.0438 0x0fbc [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
12:06:54.0458 0x0fbc ProfSvc - ok
12:06:54.0468 0x0fbc [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:06:54.0468 0x0fbc ProtectedStorage - ok
12:06:54.0498 0x0fbc [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:06:54.0498 0x0fbc Psched - ok
12:06:54.0548 0x0fbc [ 788CB65D49D1162C5EE6814AFE5B0A70, 74072698692C8237F5041BB111C4E24B6583456FDA084895EA00B677B6FF64FC ] PSI_SVC_2_x64   c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
12:06:54.0578 0x0fbc PSI_SVC_2_x64 - ok
12:06:54.0638 0x0fbc [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
12:06:54.0688 0x0fbc ql2300 - ok
12:06:54.0708 0x0fbc [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
12:06:54.0708 0x0fbc ql40xx - ok
12:06:54.0738 0x0fbc [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
12:06:54.0738 0x0fbc QWAVE - ok
12:06:54.0758 0x0fbc [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:06:54.0758 0x0fbc QWAVEdrv - ok
12:06:54.0768 0x0fbc [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:06:54.0768 0x0fbc RasAcd - ok
12:06:54.0808 0x0fbc [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
12:06:54.0808 0x0fbc RasAgileVpn - ok
12:06:54.0818 0x0fbc [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
12:06:54.0818 0x0fbc RasAuto - ok
12:06:54.0848 0x0fbc [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:06:54.0848 0x0fbc Rasl2tp - ok
12:06:54.0908 0x0fbc [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
12:06:54.0938 0x0fbc RasMan - ok
12:06:54.0978 0x0fbc [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:06:54.0988 0x0fbc RasPppoe - ok
12:06:55.0018 0x0fbc [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:06:55.0018 0x0fbc RasSstp - ok
12:06:55.0088 0x0fbc [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:06:55.0108 0x0fbc rdbss - ok
12:06:55.0128 0x0fbc [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
12:06:55.0128 0x0fbc rdpbus - ok
12:06:55.0138 0x0fbc [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:06:55.0138 0x0fbc RDPCDD - ok
12:06:55.0188 0x0fbc [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
12:06:55.0198 0x0fbc RDPDR - ok
12:06:55.0228 0x0fbc [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:06:55.0228 0x0fbc RDPENCDD - ok
12:06:55.0258 0x0fbc [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
12:06:55.0258 0x0fbc RDPREFMP - ok
12:06:55.0298 0x0fbc [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:06:55.0298 0x0fbc RdpVideoMiniport - ok
12:06:55.0348 0x0fbc [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:06:55.0368 0x0fbc RDPWD - ok
12:06:55.0418 0x0fbc [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:06:55.0428 0x0fbc rdyboost - ok
12:06:55.0458 0x0fbc [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:06:55.0468 0x0fbc RemoteAccess - ok
12:06:55.0478 0x0fbc [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:06:55.0488 0x0fbc RemoteRegistry - ok
12:06:55.0498 0x0fbc [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:06:55.0508 0x0fbc RpcEptMapper - ok
12:06:55.0508 0x0fbc [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
12:06:55.0518 0x0fbc RpcLocator - ok
12:06:55.0548 0x0fbc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
12:06:55.0558 0x0fbc RpcSs - ok
12:06:55.0588 0x0fbc [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:06:55.0588 0x0fbc rspndr - ok
12:06:55.0658 0x0fbc [ 9140DB0911DE035FED0A9A77A2D156EA, 07C9D7E2978062ABD84B58B390360D4C0F72C6A5A2310444579DC095943BD008 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
12:06:55.0668 0x0fbc RTL8167 - ok
12:06:55.0688 0x0fbc [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
12:06:55.0688 0x0fbc s3cap - ok
12:06:55.0698 0x0fbc [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
12:06:55.0698 0x0fbc SamSs - ok
12:06:55.0718 0x0fbc [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:06:55.0718 0x0fbc sbp2port - ok
12:06:55.0738 0x0fbc [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:06:55.0748 0x0fbc SCardSvr - ok
12:06:55.0768 0x0fbc [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:06:55.0768 0x0fbc scfilter - ok
12:06:55.0838 0x0fbc [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
12:06:55.0868 0x0fbc Schedule - ok
12:06:55.0888 0x0fbc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:06:55.0888 0x0fbc SCPolicySvc - ok
12:06:55.0938 0x0fbc [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:06:55.0948 0x0fbc SDRSVC - ok
12:06:55.0988 0x0fbc [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:06:55.0988 0x0fbc secdrv - ok
12:06:55.0998 0x0fbc [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
12:06:56.0008 0x0fbc seclogon - ok
12:06:56.0038 0x0fbc [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
12:06:56.0038 0x0fbc SENS - ok
12:06:56.0048 0x0fbc [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:06:56.0048 0x0fbc SensrSvc - ok
12:06:56.0068 0x0fbc [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
12:06:56.0068 0x0fbc Serenum - ok
12:06:56.0078 0x0fbc [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
12:06:56.0088 0x0fbc Serial - ok
12:06:56.0098 0x0fbc [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
12:06:56.0108 0x0fbc sermouse - ok
12:06:56.0128 0x0fbc [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
12:06:56.0138 0x0fbc SessionEnv - ok
12:06:56.0158 0x0fbc [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
12:06:56.0168 0x0fbc sffdisk - ok
12:06:56.0188 0x0fbc [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:06:56.0188 0x0fbc sffp_mmc - ok
12:06:56.0208 0x0fbc [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
12:06:56.0208 0x0fbc sffp_sd - ok
12:06:56.0228 0x0fbc [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
12:06:56.0228 0x0fbc sfloppy - ok
12:06:56.0258 0x0fbc [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:06:56.0268 0x0fbc SharedAccess - ok
12:06:56.0338 0x0fbc [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:06:56.0348 0x0fbc ShellHWDetection - ok
12:06:56.0368 0x0fbc [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:06:56.0388 0x0fbc SiSRaid2 - ok
12:06:56.0398 0x0fbc [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
12:06:56.0398 0x0fbc SiSRaid4 - ok
12:06:56.0458 0x0fbc [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
12:06:56.0468 0x0fbc SkypeUpdate - ok
12:06:56.0478 0x0fbc [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:06:56.0488 0x0fbc Smb - ok
12:06:56.0508 0x0fbc [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:06:56.0508 0x0fbc SNMPTRAP - ok
12:06:56.0518 0x0fbc [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
12:06:56.0518 0x0fbc spldr - ok
12:06:56.0588 0x0fbc [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
12:06:56.0598 0x0fbc Spooler - ok
12:06:56.0728 0x0fbc [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
12:06:56.0848 0x0fbc sppsvc - ok
12:06:56.0878 0x0fbc [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
12:06:56.0878 0x0fbc sppuinotify - ok
12:06:56.0908 0x0fbc [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:06:56.0918 0x0fbc srv - ok
12:06:56.0968 0x0fbc [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:06:56.0978 0x0fbc srv2 - ok
12:06:57.0018 0x0fbc [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:06:57.0018 0x0fbc srvnet - ok
12:06:57.0078 0x0fbc [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:06:57.0098 0x0fbc SSDPSRV - ok
12:06:57.0128 0x0fbc [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:06:57.0148 0x0fbc SstpSvc - ok
12:06:57.0178 0x0fbc [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
12:06:57.0188 0x0fbc stexstor - ok
12:06:57.0248 0x0fbc [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
12:06:57.0258 0x0fbc stisvc - ok
12:06:57.0288 0x0fbc [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
12:06:57.0298 0x0fbc storflt - ok
12:06:57.0308 0x0fbc [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
12:06:57.0318 0x0fbc StorSvc - ok
12:06:57.0338 0x0fbc [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
12:06:57.0338 0x0fbc storvsc - ok
12:06:57.0358 0x0fbc [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
12:06:57.0358 0x0fbc swenum - ok
12:06:57.0488 0x0fbc [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
12:06:57.0498 0x0fbc SwitchBoard - ok
12:06:57.0568 0x0fbc [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
12:06:57.0598 0x0fbc swprv - ok
12:06:57.0688 0x0fbc [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
12:06:57.0718 0x0fbc SysMain - ok
12:06:57.0738 0x0fbc [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:06:57.0748 0x0fbc TabletInputService - ok
12:06:57.0758 0x0fbc [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:06:57.0768 0x0fbc TapiSrv - ok
12:06:57.0788 0x0fbc [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
12:06:57.0788 0x0fbc TBS - ok
12:06:57.0848 0x0fbc [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:06:57.0898 0x0fbc Tcpip - ok
12:06:57.0948 0x0fbc [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
12:06:57.0978 0x0fbc TCPIP6 - ok
12:06:58.0008 0x0fbc [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:06:58.0008 0x0fbc tcpipreg - ok
12:06:58.0038 0x0fbc [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:06:58.0048 0x0fbc TDPIPE - ok
12:06:58.0068 0x0fbc [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:06:58.0078 0x0fbc TDTCP - ok
12:06:58.0108 0x0fbc [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:06:58.0118 0x0fbc tdx - ok
12:06:58.0148 0x0fbc [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
12:06:58.0148 0x0fbc TermDD - ok
12:06:58.0208 0x0fbc [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
12:06:58.0238 0x0fbc TermService - ok
12:06:58.0258 0x0fbc [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
12:06:58.0258 0x0fbc Themes - ok
12:06:58.0278 0x0fbc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
12:06:58.0278 0x0fbc THREADORDER - ok
12:06:58.0298 0x0fbc [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
12:06:58.0308 0x0fbc TrkWks - ok
12:06:58.0388 0x0fbc [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:06:58.0408 0x0fbc TrustedInstaller - ok
12:06:58.0428 0x0fbc [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:06:58.0428 0x0fbc tssecsrv - ok
12:06:58.0468 0x0fbc [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
12:06:58.0468 0x0fbc TsUsbFlt - ok
12:06:58.0518 0x0fbc [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:06:58.0528 0x0fbc tunnel - ok
12:06:58.0548 0x0fbc [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
12:06:58.0548 0x0fbc uagp35 - ok
12:06:58.0578 0x0fbc [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:06:58.0588 0x0fbc udfs - ok
12:06:58.0618 0x0fbc [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:06:58.0628 0x0fbc UI0Detect - ok
12:06:58.0668 0x0fbc [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:06:58.0668 0x0fbc uliagpkx - ok
12:06:58.0698 0x0fbc [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
12:06:58.0698 0x0fbc umbus - ok
12:06:58.0708 0x0fbc [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
12:06:58.0718 0x0fbc UmPass - ok
12:06:58.0738 0x0fbc [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
12:06:58.0738 0x0fbc UmRdpService - ok
12:06:58.0798 0x0fbc [ 67A95B9D129ED5399E7965CD09CF30E7, F1F2F684146F1CCB293BB9871117B8CFC1D04588A830F67CE5D3F0D034D93B2A ] UMVPFSrv        C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
12:06:58.0808 0x0fbc UMVPFSrv - ok
12:06:58.0848 0x0fbc [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
12:06:58.0858 0x0fbc upnphost - ok
12:06:58.0888 0x0fbc [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
12:06:58.0898 0x0fbc usbaudio - ok
12:06:58.0938 0x0fbc [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:06:58.0938 0x0fbc usbccgp - ok
12:06:58.0978 0x0fbc [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:06:58.0988 0x0fbc usbcir - ok
12:06:59.0008 0x0fbc [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
12:06:59.0008 0x0fbc usbehci - ok
12:06:59.0048 0x0fbc [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:06:59.0058 0x0fbc usbhub - ok
12:06:59.0058 0x0fbc [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
12:06:59.0058 0x0fbc usbohci - ok
12:06:59.0078 0x0fbc [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
12:06:59.0078 0x0fbc usbprint - ok
12:06:59.0098 0x0fbc [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:06:59.0108 0x0fbc USBSTOR - ok
12:06:59.0118 0x0fbc [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
12:06:59.0118 0x0fbc usbuhci - ok
12:06:59.0148 0x0fbc [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
12:06:59.0148 0x0fbc UxSms - ok
12:06:59.0148 0x0fbc [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
12:06:59.0158 0x0fbc VaultSvc - ok
12:06:59.0168 0x0fbc [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
12:06:59.0168 0x0fbc vdrvroot - ok
12:06:59.0198 0x0fbc [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
12:06:59.0208 0x0fbc vds - ok
12:06:59.0238 0x0fbc [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:06:59.0238 0x0fbc vga - ok
12:06:59.0248 0x0fbc [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:06:59.0248 0x0fbc VgaSave - ok
12:06:59.0308 0x0fbc [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
12:06:59.0318 0x0fbc vhdmp - ok
12:06:59.0368 0x0fbc [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
12:06:59.0368 0x0fbc viaide - ok
12:06:59.0418 0x0fbc [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
12:06:59.0428 0x0fbc vmbus - ok
12:06:59.0448 0x0fbc [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
12:06:59.0448 0x0fbc VMBusHID - ok
12:06:59.0458 0x0fbc [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:06:59.0468 0x0fbc volmgr - ok
12:06:59.0498 0x0fbc [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:06:59.0508 0x0fbc volmgrx - ok
12:06:59.0528 0x0fbc [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:06:59.0548 0x0fbc volsnap - ok
12:06:59.0568 0x0fbc [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
12:06:59.0578 0x0fbc vsmraid - ok
12:06:59.0668 0x0fbc [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
12:06:59.0708 0x0fbc VSS - ok
12:06:59.0738 0x0fbc [ A138BA7B5EB4FDA2346FD688C1332A32, CB7E3B609C99130F14B1FCDDC6852DE833E94719996B45341DB22DC83AC17AB2 ] VUSB3HUB        C:\Windows\system32\DRIVERS\ViaHub3.sys
12:06:59.0738 0x0fbc VUSB3HUB - ok
12:06:59.0748 0x0fbc [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
12:06:59.0748 0x0fbc vwifibus - ok
12:06:59.0778 0x0fbc [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
12:06:59.0788 0x0fbc W32Time - ok
12:06:59.0848 0x0fbc [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
12:06:59.0898 0x0fbc WacomPen - ok
12:07:00.0008 0x0fbc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
12:07:00.0018 0x0fbc WANARP - ok
12:07:00.0048 0x0fbc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:07:00.0058 0x0fbc Wanarpv6 - ok
12:07:00.0288 0x0fbc [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
12:07:00.0338 0x0fbc WatAdminSvc - ok
12:07:00.0598 0x0fbc [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
12:07:00.0648 0x0fbc wbengine - ok
12:07:00.0668 0x0fbc [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
12:07:00.0688 0x0fbc WbioSrvc - ok
12:07:00.0728 0x0fbc [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:07:00.0738 0x0fbc wcncsvc - ok
12:07:00.0768 0x0fbc [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:07:00.0768 0x0fbc WcsPlugInService - ok
12:07:00.0788 0x0fbc [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
12:07:00.0798 0x0fbc Wd - ok
12:07:00.0968 0x0fbc [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:07:01.0018 0x0fbc Wdf01000 - ok
12:07:01.0028 0x0fbc [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:07:01.0028 0x0fbc WdiServiceHost - ok
12:07:01.0038 0x0fbc [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:07:01.0038 0x0fbc WdiSystemHost - ok
12:07:01.0078 0x0fbc [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
12:07:01.0088 0x0fbc WebClient - ok
12:07:01.0128 0x0fbc [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:07:01.0148 0x0fbc Wecsvc - ok
12:07:01.0168 0x0fbc [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:07:01.0168 0x0fbc wercplsupport - ok
12:07:01.0178 0x0fbc [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:07:01.0188 0x0fbc WerSvc - ok
12:07:01.0208 0x0fbc [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
12:07:01.0208 0x0fbc WfpLwf - ok
12:07:01.0218 0x0fbc [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
12:07:01.0218 0x0fbc WIMMount - ok
12:07:01.0228 0x0fbc WinDefend - ok
12:07:01.0248 0x0fbc WinHttpAutoProxySvc - ok
12:07:01.0288 0x0fbc [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:07:01.0298 0x0fbc Winmgmt - ok
12:07:01.0368 0x0fbc [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
12:07:01.0418 0x0fbc WinRM - ok
12:07:01.0458 0x0fbc [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
12:07:01.0458 0x0fbc WinUsb - ok
12:07:01.0518 0x0fbc [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:07:01.0538 0x0fbc Wlansvc - ok
12:07:01.0558 0x0fbc [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
12:07:01.0568 0x0fbc WmiAcpi - ok
12:07:01.0598 0x0fbc [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:07:01.0608 0x0fbc wmiApSrv - ok
12:07:01.0618 0x0fbc WMPNetworkSvc - ok
12:07:01.0638 0x0fbc [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:07:01.0638 0x0fbc WPCSvc - ok
12:07:01.0658 0x0fbc [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:07:01.0668 0x0fbc WPDBusEnum - ok
12:07:01.0698 0x0fbc [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:07:01.0698 0x0fbc ws2ifsl - ok
12:07:01.0708 0x0fbc [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
12:07:01.0718 0x0fbc wscsvc - ok
12:07:01.0718 0x0fbc WSearch - ok
12:07:01.0788 0x0fbc [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
12:07:01.0858 0x0fbc wuauserv - ok
12:07:01.0888 0x0fbc [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:07:01.0888 0x0fbc WudfPf - ok
12:07:01.0918 0x0fbc [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:07:01.0928 0x0fbc WUDFRd - ok
12:07:01.0938 0x0fbc [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:07:01.0938 0x0fbc wudfsvc - ok
12:07:01.0968 0x0fbc [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
12:07:01.0978 0x0fbc WwanSvc - ok
12:07:02.0008 0x0fbc [ E541EE779B0861BFA36B4EFCE1A30486, EEC0898691DA9F3D82C5F72BD4F523DC0E2D0EA84FCA3E253E8BD3A600BC459B ] xhcdrv          C:\Windows\system32\DRIVERS\xhcdrv.sys
12:07:02.0018 0x0fbc xhcdrv - ok
12:07:02.0018 0x0fbc ZAPrivacyService - ok
12:07:02.0028 0x0fbc ================ Scan global ===============================
12:07:02.0038 0x0fbc [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:07:02.0058 0x0fbc [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:07:02.0078 0x0fbc [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:07:02.0098 0x0fbc [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:07:02.0118 0x0fbc [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
12:07:02.0128 0x0fbc [ Global ] - ok
12:07:02.0128 0x0fbc ================ Scan MBR ==================================
12:07:02.0138 0x0fbc [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:07:02.0808 0x0fbc \Device\Harddisk0\DR0 - ok
12:07:02.0818 0x0fbc [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
12:07:02.0818 0x0fbc \Device\Harddisk1\DR1 - ok
12:07:02.0828 0x0fbc [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
12:07:02.0848 0x0fbc \Device\Harddisk2\DR2 - ok
12:07:02.0848 0x0fbc ================ Scan VBR ==================================
12:07:02.0858 0x0fbc [ 04EE1D387CD2E0CB73E6058CE79C9703 ] \Device\Harddisk0\DR0\Partition1
12:07:02.0878 0x0fbc \Device\Harddisk0\DR0\Partition1 - ok
12:07:02.0898 0x0fbc [ 513DE513F66B657818E09673BFF2D856 ] \Device\Harddisk0\DR0\Partition2
12:07:02.0908 0x0fbc \Device\Harddisk0\DR0\Partition2 - ok
12:07:02.0928 0x0fbc [ 32F5574A0177F57897ADB60EFB9ED2D2 ] \Device\Harddisk0\DR0\Partition3
12:07:02.0958 0x0fbc \Device\Harddisk0\DR0\Partition3 - ok
12:07:02.0978 0x0fbc [ B27E412469123A1B63E30D1EA0583786 ] \Device\Harddisk1\DR1\Partition1
12:07:02.0988 0x0fbc \Device\Harddisk1\DR1\Partition1 - ok
12:07:02.0988 0x0fbc [ A6543CE4FFC79D540E7815BFA6492176 ] \Device\Harddisk2\DR2\Partition1
12:07:03.0038 0x0fbc \Device\Harddisk2\DR2\Partition1 - ok
12:07:03.0048 0x0fbc [ BF62C101B30CCD1721B4C40AACA352B6 ] \Device\Harddisk2\DR2\Partition2
12:07:03.0048 0x0fbc \Device\Harddisk2\DR2\Partition2 - ok
12:07:03.0048 0x0fbc ================ Scan active images ========================
12:07:03.0058 0x0fbc [ 3E588B60EC061686BA05D33574A344C6, 19D2D863F95CCC4493A2328B6BEB04248B6A80F957532E58C1D1D868C19FDCCB ] C:\Windows\System32\drivers\crashdmp.sys
12:07:03.0058 0x0fbc C:\Windows\System32\drivers\crashdmp.sys - ok
12:07:03.0068 0x0fbc [ 839B5FE3D48E9F35B22C21A3D5103F6C, A9CEA695E43092B72B0E988063E00A7C0BCE90095344E9A2F380218482BCE77F ] C:\Windows\System32\drivers\Dumpata.sys
12:07:03.0068 0x0fbc C:\Windows\System32\drivers\Dumpata.sys - ok
12:07:03.0068 0x0fbc [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] C:\Windows\System32\drivers\atapi.sys
12:07:03.0068 0x0fbc C:\Windows\System32\drivers\atapi.sys - ok
12:07:03.0068 0x0fbc [ 814DB88F2641691575A455CF25354098, 79C50F0CD72612733217A0316BEFEA0B6D819C3159D9452EAB89AC26A18A0F89 ] C:\Windows\System32\drivers\dumpfve.sys
12:07:03.0068 0x0fbc C:\Windows\System32\drivers\dumpfve.sys - ok
12:07:03.0078 0x0fbc [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] C:\Windows\System32\drivers\dtsoftbus01.sys
12:07:03.0078 0x0fbc C:\Windows\System32\drivers\dtsoftbus01.sys - ok
12:07:03.0078 0x0fbc [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] C:\Windows\System32\drivers\cdrom.sys
12:07:03.0078 0x0fbc C:\Windows\System32\drivers\cdrom.sys - ok
12:07:03.0088 0x0fbc [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] C:\Windows\System32\drivers\beep.sys
12:07:03.0088 0x0fbc C:\Windows\System32\drivers\beep.sys - ok
12:07:03.0088 0x0fbc [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] C:\Windows\System32\drivers\msfs.sys
12:07:03.0088 0x0fbc C:\Windows\System32\drivers\msfs.sys - ok
12:07:03.0088 0x0fbc [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] C:\Windows\System32\drivers\npfs.sys
12:07:03.0088 0x0fbc C:\Windows\System32\drivers\npfs.sys - ok
12:07:03.0098 0x0fbc [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] C:\Windows\System32\drivers\null.sys
12:07:03.0098 0x0fbc C:\Windows\System32\drivers\null.sys - ok
12:07:03.0098 0x0fbc [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] C:\Windows\System32\drivers\RDPCDD.sys
12:07:03.0098 0x0fbc C:\Windows\System32\drivers\RDPCDD.sys - ok
12:07:03.0098 0x0fbc [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] C:\Windows\System32\drivers\RDPENCDD.sys
12:07:03.0098 0x0fbc C:\Windows\System32\drivers\RDPENCDD.sys - ok
12:07:03.0108 0x0fbc [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] C:\Windows\System32\drivers\RDPREFMP.sys
12:07:03.0108 0x0fbc C:\Windows\System32\drivers\RDPREFMP.sys - ok
12:07:03.0108 0x0fbc [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] C:\Windows\System32\drivers\vga.sys
12:07:03.0108 0x0fbc C:\Windows\System32\drivers\vga.sys - ok
12:07:03.0108 0x0fbc [ E7353D59C9842BC7299FAEB7E7E09340, C37ED1025E07BAC2F535DCFED6C6C509515D95722EADE5AF94F1FC5D8B1DC783 ] C:\Windows\System32\drivers\videoprt.sys
12:07:03.0108 0x0fbc C:\Windows\System32\drivers\videoprt.sys - ok
12:07:03.0108 0x0fbc [ FC438D1430B28618E2D0C7C332A710AD, 873957B202E454E2C8F625E5799F278CAC16EC5EEAEE2C33E2FE5D1FF0408CB2 ] C:\Windows\System32\drivers\watchdog.sys
12:07:03.0108 0x0fbc C:\Windows\System32\drivers\watchdog.sys - ok
12:07:03.0118 0x0fbc [ 6F020A220388ECA0AB6062DC27BD16B6, 48655230E482DEB7B4B50EF05818EBB29CA61E780AEFCD9D31B02DE4DF9D9540 ] C:\Windows\System32\drivers\tdi.sys
12:07:03.0118 0x0fbc C:\Windows\System32\drivers\tdi.sys - ok
12:07:03.0118 0x0fbc [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] C:\Windows\System32\drivers\tdx.sys
12:07:03.0118 0x0fbc C:\Windows\System32\drivers\tdx.sys - ok
12:07:03.0118 0x0fbc [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] C:\Windows\System32\drivers\afd.sys
12:07:03.0118 0x0fbc C:\Windows\System32\drivers\afd.sys - ok
12:07:03.0128 0x0fbc [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] C:\Windows\System32\drivers\netbt.sys
12:07:03.0128 0x0fbc C:\Windows\System32\drivers\netbt.sys - ok
12:07:03.0128 0x0fbc [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] C:\Windows\System32\drivers\wfplwf.sys
12:07:03.0128 0x0fbc C:\Windows\System32\drivers\wfplwf.sys - ok
12:07:03.0128 0x0fbc [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] C:\Windows\System32\drivers\netbios.sys
12:07:03.0128 0x0fbc C:\Windows\System32\drivers\netbios.sys - ok
12:07:03.0138 0x0fbc [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] C:\Windows\System32\drivers\pacer.sys
12:07:03.0138 0x0fbc C:\Windows\System32\drivers\pacer.sys - ok
12:07:03.0138 0x0fbc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] C:\Windows\System32\drivers\wanarp.sys
12:07:03.0138 0x0fbc C:\Windows\System32\drivers\wanarp.sys - ok
12:07:03.0138 0x0fbc [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] C:\Windows\System32\drivers\termdd.sys
12:07:03.0138 0x0fbc C:\Windows\System32\drivers\termdd.sys - ok
12:07:03.0138 0x0fbc [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] C:\Windows\System32\drivers\nsiproxy.sys
12:07:03.0138 0x0fbc C:\Windows\System32\drivers\nsiproxy.sys - ok
12:07:03.0148 0x0fbc [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] C:\Windows\System32\drivers\rdbss.sys
12:07:03.0148 0x0fbc C:\Windows\System32\drivers\rdbss.sys - ok
12:07:03.0148 0x0fbc [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] C:\Windows\System32\drivers\discache.sys
12:07:03.0148 0x0fbc C:\Windows\System32\drivers\discache.sys - ok
12:07:03.0148 0x0fbc [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] C:\Windows\System32\drivers\mssmbios.sys
12:07:03.0148 0x0fbc C:\Windows\System32\drivers\mssmbios.sys - ok
12:07:03.0158 0x0fbc [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] C:\Windows\System32\drivers\blbdrive.sys
12:07:03.0158 0x0fbc C:\Windows\System32\drivers\blbdrive.sys - ok
12:07:03.0158 0x0fbc [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] C:\Windows\System32\drivers\csc.sys
12:07:03.0158 0x0fbc C:\Windows\System32\drivers\csc.sys - ok
12:07:03.0158 0x0fbc [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] C:\Windows\System32\drivers\dfsc.sys
12:07:03.0158 0x0fbc C:\Windows\System32\drivers\dfsc.sys - ok
12:07:03.0158 0x0fbc [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] C:\Windows\System32\drivers\tunnel.sys
12:07:03.0158 0x0fbc C:\Windows\System32\drivers\tunnel.sys - ok
12:07:03.0168 0x0fbc [ CAAAC014C5C56A69F710B5F1B836DE22, DA98EF2EBF9A7F180344A88CC2C74F69101E17BBAB58B1C46176FD6EE7AA2E6A ] C:\Windows\System32\ntdll.dll
12:07:03.0168 0x0fbc C:\Windows\System32\ntdll.dll - ok
12:07:03.0168 0x0fbc [ F0970A4BC8395659C22BF53D0FADF16F, 23BE3066D89A5ACBF8130899640D377476E78B6C3D19E2D13C32238464A83E21 ] C:\Windows\System32\smss.exe
12:07:03.0168 0x0fbc C:\Windows\System32\smss.exe - ok
12:07:03.0168 0x0fbc [ 3B536A8BEC3B4F23FFDFD78B11A2AB93, 7BC847CE6C2D29C334F0D1600BBBDE3933FF45F6BEE5186F442E6270A3F9EC4E ] C:\Windows\System32\autochk.exe
12:07:03.0168 0x0fbc C:\Windows\System32\autochk.exe - ok
12:07:03.0178 0x0fbc [ 757ACE4D4C9FF0571F86AA5D586B45E8, E7F23CC1DE26E2DAA690B78B05FC001EE0051F0ED9B9BCE9E7FA4E9684D4F3D4 ] C:\Windows\System32\drivers\nvlddmkm.sys
12:07:03.0178 0x0fbc C:\Windows\System32\drivers\nvlddmkm.sys - ok
12:07:03.0178 0x0fbc [ 56325BB1FF19F2A5AC8713756AC41140, B2124E57783312EE37D2621E689D8FB4C43A04BDBD4F481225C21038605A28CE ] C:\Windows\System32\gdi32.dll
12:07:03.0178 0x0fbc C:\Windows\System32\gdi32.dll - ok
12:07:03.0178 0x0fbc [ EAF32CB8C1F810E4715B4DFBE785C7FF, DB6AD07FDED42433E669508AB73FAFF6DAFF04575D6F1D016FE3EB6ECEC4DD5D ] C:\Windows\System32\shlwapi.dll
12:07:03.0178 0x0fbc C:\Windows\System32\shlwapi.dll - ok
12:07:03.0178 0x0fbc [ F7CE0C81C545364020ED8203CF0A633E, 24B47A7492B7048096AF87E26786E8108455ADBD1A374B6A0466DE008505B8A9 ] C:\Windows\System32\difxapi.dll
12:07:03.0178 0x0fbc C:\Windows\System32\difxapi.dll - ok
12:07:03.0188 0x0fbc [ 4E4FFB09D895AA000DD56D1404F69A7E, D999E04BB35780088480EAB322176570591A21E311D204BDCAB010A63B34D24C ] C:\Windows\System32\Wldap32.dll
12:07:03.0188 0x0fbc C:\Windows\System32\Wldap32.dll - ok
12:07:03.0188 0x0fbc [ 83404DCBCE4925B6A5A77C5170F46D86, D669614D0B4461DB244AD99FBE1BA92CEB9B4ED5EC8E987E23764E77D9AC7074 ] C:\Windows\System32\sechost.dll
12:07:03.0188 0x0fbc C:\Windows\System32\sechost.dll - ok
12:07:03.0188 0x0fbc [ 088CF6AFCD5CDD44E40C0ACDE3C1A5E0, AC6AFCAE3A58AAABC972B3D6A1ED383A59910C689F38D9D4A059A0A535BA1039 ] C:\Windows\System32\usp10.dll
12:07:03.0188 0x0fbc C:\Windows\System32\usp10.dll - ok
12:07:03.0198 0x0fbc [ 044FE45FFD6AD40E3BBBE60B7F41BABE, A1688A5E6E0F7037C850699462C2655006A7D873C97F9AB406C59D81749B6F09 ] C:\Windows\System32\nsi.dll
12:07:03.0198 0x0fbc C:\Windows\System32\nsi.dll - ok
12:07:03.0198 0x0fbc [ 9835E63E09F824D22B689D2BB789BAB9, 5BCFFAFB894D69FBCDDB91E64D30A356F4BD57098E8B4C51B98AFAF6581BDB63 ] C:\Windows\System32\comdlg32.dll
12:07:03.0198 0x0fbc C:\Windows\System32\comdlg32.dll - ok
12:07:03.0198 0x0fbc [ 4BBFA57F594F7E8A8EDC8F377184C3F0, 9F3AC5DEA5A6250C3DBB97AF79C81C0A48429486521F807355A1D7D3D861B75F ] C:\Windows\System32\ws2_32.dll
12:07:03.0198 0x0fbc C:\Windows\System32\ws2_32.dll - ok
12:07:03.0198 0x0fbc [ 6C60B5ACA7442EFB794082CDACFC001C, FC1D9124856A70FF232EF3057D66BEE803295847624CE23B4D0217F23AF52C75 ] C:\Windows\System32\ole32.dll
12:07:03.0198 0x0fbc C:\Windows\System32\ole32.dll - ok
12:07:03.0208 0x0fbc [ C431EAF5CAA1C82CAC2534A2EAB348A3, ADDF850128DC675E67FABA9A3D0D27E684F01F733962CA22927BB94503549E44 ] C:\Windows\System32\msctf.dll
12:07:03.0208 0x0fbc C:\Windows\System32\msctf.dll - ok
12:07:03.0208 0x0fbc [ 26036E228D2467DE6975AD819C22C043, B4A30EC7ABAEFFF55DE662F4A17415F2BD737BD563215638C86C580B8F3EA907 ] C:\Windows\System32\rpcrt4.dll
12:07:03.0208 0x0fbc C:\Windows\System32\rpcrt4.dll - ok
12:07:03.0208 0x0fbc [ 427015D56DF17241F634611557146C57, BCDC51FE0D88AA8FB3815B401A682D38F24BE7D9CAC8B9F9588295A66D036DDB ] C:\Windows\System32\shell32.dll
12:07:03.0208 0x0fbc C:\Windows\System32\shell32.dll - ok
12:07:03.0218 0x0fbc [ 28C0B5024F5C5A438E78B188CFC81B7F, AB81FB63F2908CE316B45609077ACBD85F4B2AAD1606B1E9030F06DB82EDDFAD ] C:\Windows\System32\normaliz.dll
12:07:03.0218 0x0fbc C:\Windows\System32\normaliz.dll - ok
12:07:03.0218 0x0fbc [ 5D8E6C95156ED1F79A63D1EADE6F9ED5, 12130837D7F89A2C7E9D25747A8E5B9001E0A38D545178B49B450C23AE62664A ] C:\Windows\System32\setupapi.dll
12:07:03.0218 0x0fbc C:\Windows\System32\setupapi.dll - ok
12:07:03.0218 0x0fbc [ 63A580C88CFAF72A92550940054569EF, A66C89123D1833446ACC31D5CF536B0D0EC24D2F805C022A637596CF98429D9F ] C:\Windows\System32\advapi32.dll
12:07:03.0218 0x0fbc C:\Windows\System32\advapi32.dll - ok
12:07:03.0228 0x0fbc [ C391FC68282A000CDF953F8B6B55D2EF, 1CB0DAB84545D9FDEA5A7865A1E7132CEAC91DECF8B100285B63098D7B09E584 ] C:\Windows\System32\msvcrt.dll
12:07:03.0228 0x0fbc C:\Windows\System32\msvcrt.dll - ok
12:07:03.0228 0x0fbc [ A21C6231459F4CAC212676A9367A1A68, E81DDC876AB50D483552D9440A8843C22F5C9830879FCBC17CD5F678C6A3498B ] C:\Windows\System32\iertutil.dll
12:07:03.0228 0x0fbc C:\Windows\System32\iertutil.dll - ok
12:07:03.0228 0x0fbc [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] C:\Windows\System32\drivers\dxgkrnl.sys
12:07:03.0228 0x0fbc C:\Windows\System32\drivers\dxgkrnl.sys - ok
12:07:03.0228 0x0fbc [ 1F04CFB79DD5FB7694468CE3FB3DCC31, A40C0BF6D1EC6C4281611A830EA7B22FEF523A3E197E5A8F59332D64E90376B6 ] C:\Windows\System32\drivers\dxgmms1.sys
12:07:03.0228 0x0fbc C:\Windows\System32\drivers\dxgmms1.sys - ok
12:07:03.0238 0x0fbc [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] C:\Windows\System32\drivers\hdaudbus.sys
12:07:03.0238 0x0fbc C:\Windows\System32\drivers\hdaudbus.sys - ok
12:07:03.0238 0x0fbc [ FFA06EF43987ED0DD42AD59B260C0C78, 260518D5E077E55E0F2099037DBEFA93016FD4D4655456DDB3147AF9CBE7BF6B ] C:\Windows\System32\drivers\usbd.sys
12:07:03.0238 0x0fbc C:\Windows\System32\drivers\usbd.sys - ok
12:07:03.0238 0x0fbc [ E541EE779B0861BFA36B4EFCE1A30486, EEC0898691DA9F3D82C5F72BD4F523DC0E2D0EA84FCA3E253E8BD3A600BC459B ] C:\Windows\System32\drivers\xhcdrv.sys
12:07:03.0238 0x0fbc C:\Windows\System32\drivers\xhcdrv.sys - ok
12:07:03.0248 0x0fbc [ 9140DB0911DE035FED0A9A77A2D156EA, 07C9D7E2978062ABD84B58B390360D4C0F72C6A5A2310444579DC095943BD008 ] C:\Windows\System32\drivers\Rt64win7.sys
12:07:03.0248 0x0fbc C:\Windows\System32\drivers\Rt64win7.sys - ok
12:07:03.0248 0x0fbc [ 25983DE69B57142039AC8D95E71CD9C9, A677DA7EBCBCB6073D27E8A38809F51E971E83ED379BC599AAAD6EF4216348DA ] C:\Windows\System32\clbcatq.dll
12:07:03.0248 0x0fbc C:\Windows\System32\clbcatq.dll - ok
12:07:03.0248 0x0fbc [ D87E1E59C73C1F98D5DED5B3850C40F5, 536419BFF9F877D4314B5D0C045D9A6E729489C389863FADF07E382050BC84FD ] C:\Windows\System32\psapi.dll
12:07:03.0248 0x0fbc C:\Windows\System32\psapi.dll - ok
12:07:03.0248 0x0fbc [ 796B47A4B82EF1C39F13435B88834C48, AFC3E89476BAAD8A71663F0DB8D15E00FF9D131F1306A2F69D728E3AD1184602 ] C:\Windows\System32\lpk.dll
12:07:03.0248 0x0fbc C:\Windows\System32\lpk.dll - ok
12:07:03.0258 0x0fbc [ B4F29F65AD3114051F01E9403346047F, 7EB58545211C51E95B3F45C47C1F7CCE05B707D168E7C20F46D36E19EE3D8DFC ] C:\Windows\System32\imagehlp.dll
12:07:03.0258 0x0fbc C:\Windows\System32\imagehlp.dll - ok
12:07:03.0258 0x0fbc [ AA2C08CE85653B1A0D2E4AB407FA176C, 83DFD0C119B20AEDB07114C9D1CF9CE2DFA938D0F1070256B0591A9E2C3997FA ] C:\Windows\System32\imm32.dll
12:07:03.0258 0x0fbc C:\Windows\System32\imm32.dll - ok
12:07:03.0258 0x0fbc [ FE70103391A64039A921DBFFF9C7AB1B, F7D219D75037BC98F6C69143B00AB6000A31F8B5E211E0AF514F4F4B681522A0 ] C:\Windows\System32\user32.dll
12:07:03.0258 0x0fbc C:\Windows\System32\user32.dll - ok
12:07:03.0268 0x0fbc [ C06B32165E23A72A898B7A89679AD754, 721405158F6E9F1A7FE7BB33EF642D91332726629D0D3B07DF3CF3152A91C85D ] C:\Windows\System32\oleaut32.dll
12:07:03.0268 0x0fbc C:\Windows\System32\oleaut32.dll - ok
12:07:03.0268 0x0fbc [ D2A513EE880D71BDE7F0257F38B9D019, 7BDBFEA312061C0498E4C09EF5E4B3AAA23309E7448028F67EAA6F8F7188E871 ] C:\Windows\System32\kernel32.dll
12:07:03.0268 0x0fbc C:\Windows\System32\kernel32.dll - ok
12:07:03.0268 0x0fbc [ 73C7D1FCF6F58F3BF077FB42B0214BC0, D3C5AFACB8DCD9E8566576E8F22C7B8B5B2B8FAA65DDBD2DD8962CA3932E2408 ] C:\Windows\System32\urlmon.dll
12:07:03.0268 0x0fbc C:\Windows\System32\urlmon.dll - ok
12:07:03.0268 0x0fbc [ 2EE102DF0EDD8A1EDD3D1E9B99A91BEC, EB6256C57E4769669D9D8F1D3F36A492E65B75E1D8064550000EB8299A356356 ] C:\Windows\System32\wininet.dll
12:07:03.0268 0x0fbc C:\Windows\System32\wininet.dll - ok
12:07:03.0278 0x0fbc [ 9028D1621C43DF8DFBD1C76860412A11, A1D48D9B33180BDE50D2FA9BB07E9520B7B7788C39B3AABB4A06AE4B1AACA755 ] C:\Windows\System32\comctl32.dll
12:07:03.0278 0x0fbc C:\Windows\System32\comctl32.dll - ok
12:07:03.0278 0x0fbc [ 9094039A00485F71C4DE64BF51F64C46, 4ACFEF4C747ADF806A4FDEDDFD9CC48168DFB05075306C77D3F3927749DD7484 ] C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
12:07:03.0278 0x0fbc C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll - ok
12:07:03.0278 0x0fbc [ 12FEB33791920678F8433701C822BCFD, 7D1AD944CF0532D5AF951ACCE064EA9288F068964603674854CD7658D2B96039 ] C:\Windows\System32\drivers\usbport.sys
12:07:03.0278 0x0fbc C:\Windows\System32\drivers\usbport.sys - ok
12:07:03.0288 0x0fbc [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] C:\Windows\System32\drivers\usbohci.sys
12:07:03.0288 0x0fbc C:\Windows\System32\drivers\usbohci.sys - ok
12:07:03.0288 0x0fbc [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] C:\Windows\System32\drivers\usbehci.sys
12:07:03.0288 0x0fbc C:\Windows\System32\drivers\usbehci.sys - ok
12:07:03.0288 0x0fbc [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] C:\Windows\System32\drivers\agilevpn.sys
12:07:03.0288 0x0fbc C:\Windows\System32\drivers\agilevpn.sys - ok
12:07:03.0288 0x0fbc [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] C:\Windows\System32\drivers\amdppm.sys
12:07:03.0288 0x0fbc C:\Windows\System32\drivers\amdppm.sys - ok
12:07:03.0298 0x0fbc [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] C:\Windows\System32\drivers\CompositeBus.sys
12:07:03.0298 0x0fbc C:\Windows\System32\drivers\CompositeBus.sys - ok
12:07:03.0298 0x0fbc [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] C:\Windows\System32\drivers\rasl2tp.sys
12:07:03.0298 0x0fbc C:\Windows\System32\drivers\rasl2tp.sys - ok
12:07:03.0298 0x0fbc [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] C:\Windows\System32\drivers\ndistapi.sys
12:07:03.0298 0x0fbc C:\Windows\System32\drivers\ndistapi.sys - ok
12:07:03.0308 0x0fbc [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] C:\Windows\System32\drivers\ndiswan.sys
12:07:03.0308 0x0fbc C:\Windows\System32\drivers\ndiswan.sys - ok
12:07:03.0308 0x0fbc [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] C:\Windows\System32\drivers\raspppoe.sys
12:07:03.0308 0x0fbc C:\Windows\System32\drivers\raspppoe.sys - ok
12:07:03.0308 0x0fbc [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] C:\Windows\System32\drivers\raspptp.sys
12:07:03.0308 0x0fbc C:\Windows\System32\drivers\raspptp.sys - ok
12:07:03.0308 0x0fbc [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] C:\Windows\System32\drivers\rassstp.sys
12:07:03.0308 0x0fbc C:\Windows\System32\drivers\rassstp.sys - ok
12:07:03.0318 0x0fbc [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] C:\Windows\System32\drivers\rdpbus.sys
12:07:03.0318 0x0fbc C:\Windows\System32\drivers\rdpbus.sys - ok
12:07:03.0318 0x0fbc [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] C:\Windows\System32\drivers\kbdclass.sys
12:07:03.0318 0x0fbc C:\Windows\System32\drivers\kbdclass.sys - ok
12:07:03.0318 0x0fbc [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] C:\Windows\System32\drivers\mouclass.sys
12:07:03.0318 0x0fbc C:\Windows\System32\drivers\mouclass.sys - ok
12:07:03.0328 0x0fbc [ 24FBF5CC5C04150073C315A7C83521EE, 581BD5F15B5E57B3BAA762E421FFD859FDA46DDB8515C2A7AAFF208D784E906C ] C:\Windows\System32\drivers\ks.sys
12:07:03.0328 0x0fbc C:\Windows\System32\drivers\ks.sys - ok
12:07:03.0328 0x0fbc [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] C:\Windows\System32\drivers\swenum.sys
12:07:03.0328 0x0fbc C:\Windows\System32\drivers\swenum.sys - ok
12:07:03.0328 0x0fbc [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] C:\Windows\System32\drivers\umbus.sys
12:07:03.0328 0x0fbc C:\Windows\System32\drivers\umbus.sys - ok
12:07:03.0338 0x0fbc [ 7A17485DC7D8A7AC81321A42CD034519, 88D8705FA901793FC8C1CFD0175E49A6502BF0FC94A066BA573D2FD13AA5F04A ] C:\Windows\System32\userenv.dll
12:07:03.0338 0x0fbc C:\Windows\System32\userenv.dll - ok
12:07:03.0338 0x0fbc [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] C:\Windows\System32\drivers\usbhub.sys
12:07:03.0338 0x0fbc C:\Windows\System32\drivers\usbhub.sys - ok
12:07:03.0338 0x0fbc [ 0E6FBF19D9DFBB77316C23DF91F8A101, 680F88E1BC55EA3342AACE6F2E3511BF877AC8F03276D028FEE84EEFE8B5611A ] C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
12:07:03.0338 0x0fbc C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
12:07:03.0338 0x0fbc [ AFC3DB5C6EB8CA8017DDB81D6C0AD02A, 445C2857398252756FD25BB94DAFCCEFF573DE55F1F8BF9094C191F409FE6437 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
12:07:03.0338 0x0fbc C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
12:07:03.0348 0x0fbc [ F49E92B50CED5C9F1725D3C0329FD933, 6155FA4D8242F07FC578FF746890C2EE19FC3D6A20ED8AE4C6F021DB2DAC184F ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
12:07:03.0348 0x0fbc C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
12:07:03.0348 0x0fbc [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] C:\Windows\System32\drivers\ndproxy.sys
12:07:03.0348 0x0fbc C:\Windows\System32\drivers\ndproxy.sys - ok
12:07:03.0348 0x0fbc [ E0D3CD5841E5C7BE7B94BA946AF1E498, 4EAE1B226255623DA41A047633994D6902F6D4CA5757BF5D85E227378336227F ] C:\Windows\System32\drivers\drmk.sys
12:07:03.0348 0x0fbc C:\Windows\System32\drivers\drmk.sys - ok
12:07:03.0358 0x0fbc [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] C:\Windows\System32\drivers\HdAudio.sys
12:07:03.0358 0x0fbc C:\Windows\System32\drivers\HdAudio.sys - ok
12:07:03.0358 0x0fbc [ 1E0B4CBBA91C6B041A14ECC2186F7E24, 63039A317F906454A0652704DA2D646658A148B9B55BFB5D2F4B27997F357DF9 ] C:\Windows\System32\drivers\portcls.sys
12:07:03.0358 0x0fbc C:\Windows\System32\drivers\portcls.sys - ok
12:07:03.0358 0x0fbc [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] C:\Windows\System32\drivers\ksthunk.sys
12:07:03.0358 0x0fbc C:\Windows\System32\drivers\ksthunk.sys - ok
12:07:03.0368 0x0fbc [ A138BA7B5EB4FDA2346FD688C1332A32, CB7E3B609C99130F14B1FCDDC6852DE833E94719996B45341DB22DC83AC17AB2 ] C:\Windows\System32\drivers\ViaHub3.sys
12:07:03.0368 0x0fbc C:\Windows\System32\drivers\ViaHub3.sys - ok
12:07:03.0368 0x0fbc [ 7A93DBF7DD86A28C0B941F4D39B85A0E, DBA4AE976CD01C599B85933E9B8741D7F01FD88F5BEAF01DDA3BCCDD1550607A ] C:\Windows\System32\drivers\RTKVHD64.sys
12:07:03.0368 0x0fbc C:\Windows\System32\drivers\RTKVHD64.sys - ok
12:07:03.0368 0x0fbc [ 72723D3E4781BADC62C3180C137E7B23, 0BDA5292928578C5DA79C761E15B8A892B9D4A3DA26D3635E714797C653CF492 ] C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
12:07:03.0368 0x0fbc C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll - ok
12:07:03.0368 0x0fbc [ 2477A28081BDAEE622CF045ACF8EE124, 00A09CAF9129E84FEEA98FA03CE9012C9F961B64FEE15C4F268822C0F82ACC3C ] C:\Windows\System32\cfgmgr32.dll
12:07:03.0368 0x0fbc C:\Windows\System32\cfgmgr32.dll - ok
12:07:03.0378 0x0fbc [ 780F6ECC4F55D76C9730E6B6C9B31913, 1AEA642AFA210A672A92AAA49CFDE52D9E48ED41248F7644FAADE760E8A0E72E ] C:\Windows\System32\crypt32.dll
12:07:03.0378 0x0fbc C:\Windows\System32\crypt32.dll - ok
12:07:03.0378 0x0fbc [ 851BB346CD59D9B3BC8854384C7DD5C3, 0CA1BCBDA6CB8CAC1186B3BE13C3937EDF46264FDFFCEBDF94C7EB10DE957DC6 ] C:\Windows\System32\KernelBase.dll
12:07:03.0378 0x0fbc C:\Windows\System32\KernelBase.dll - ok
12:07:03.0378 0x0fbc [ 06FEC9E8117103BB1141A560E98077DA, C5E61B11DDBBBBBA3D9488970524F0975EA5FBDF16E2FA31F579F8BFA48353B1 ] C:\Windows\System32\devobj.dll
12:07:03.0378 0x0fbc C:\Windows\System32\devobj.dll - ok
12:07:03.0388 0x0fbc [ 959041D7014C97133D859B45BCA0FC58, 282D34828DA7404470949483CB9789A8B4861D188093F0FBD07138A37F60B94B ] C:\Windows\System32\wintrust.dll
12:07:03.0388 0x0fbc C:\Windows\System32\wintrust.dll - ok
12:07:03.0388 0x0fbc [ 64A4AB126E24FD3F58EBE64852773DB5, ED425BBC91EB8BEF54C363036A770C551C97EF324F1AE31049CA750D0E2D6776 ] C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
12:07:03.0388 0x0fbc C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
12:07:03.0388 0x0fbc [ 884415BD4269C02EAF8E2613BF85500D, EFE771709EC942694FD206AC8D0A48ED7DCD35036F074268E4AECD68AC982CEA ] C:\Windows\System32\msasn1.dll
12:07:03.0388 0x0fbc C:\Windows\System32\msasn1.dll - ok
12:07:03.0388 0x0fbc [ 2C942733A5983DD4502219FF37C7EBC7, 34B20B6B0D7274E4B5B783F1D2345BC3DD9888964D5C2C65712F041A00CF5B45 ] C:\Windows\System32\profapi.dll
12:07:03.0388 0x0fbc C:\Windows\System32\profapi.dll - ok
12:07:03.0398 0x0fbc [ 856E76B3641746ABBC2946BED1372098, FD93CC7F72560F72CA49AD5609C079E25B8A3A4802E72B127B63A9E7B4884710 ] C:\Windows\System32\drivers\hidparse.sys
12:07:03.0398 0x0fbc C:\Windows\System32\drivers\hidparse.sys - ok
12:07:03.0398 0x0fbc [ 597C3699384E53CC59587ED50CCE5CA2, 4F61E9B5BEB3BD1634D733983381E516664BD7E250DF4B0150B168E05EFD652A ] C:\Windows\System32\drivers\hidclass.sys
12:07:03.0398 0x0fbc C:\Windows\System32\drivers\hidclass.sys - ok
12:07:03.0398 0x0fbc [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] C:\Windows\System32\drivers\hidusb.sys
12:07:03.0398 0x0fbc C:\Windows\System32\drivers\hidusb.sys - ok
12:07:03.0408 0x0fbc [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] C:\Windows\System32\drivers\mouhid.sys
12:07:03.0408 0x0fbc C:\Windows\System32\drivers\mouhid.sys - ok
12:07:03.0408 0x0fbc [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] C:\Windows\System32\drivers\usbccgp.sys
12:07:03.0408 0x0fbc C:\Windows\System32\drivers\usbccgp.sys - ok
12:07:03.0408 0x0fbc [ FF3A488924B0032B1A9CA6948C1FA9E8, 6F05852B75498210926F5CDF49D2A6DD97C39CD93D32E3200D7240AADA3E7BEE ] C:\Windows\System32\drivers\lvuvc64.sys
12:07:03.0408 0x0fbc C:\Windows\System32\drivers\lvuvc64.sys - ok
12:07:03.0408 0x0fbc [ 0C85B2B6FB74B36A251792D45E0EF860, 2E04204560C1159ABC25F273B0B7F81FDF9BA5E88C17929FD924C4E945DE5020 ] C:\Windows\System32\drivers\lvrs64.sys
12:07:03.0408 0x0fbc C:\Windows\System32\drivers\lvrs64.sys - ok
12:07:03.0418 0x0fbc [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] C:\Windows\System32\drivers\USBAUDIO.sys
12:07:03.0418 0x0fbc C:\Windows\System32\drivers\USBAUDIO.sys - ok
12:07:03.0418 0x0fbc [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] C:\Windows\System32\drivers\kbdhid.sys
12:07:03.0418 0x0fbc C:\Windows\System32\drivers\kbdhid.sys - ok
12:07:03.0418 0x0fbc [ 9C278785347BCC991F8EA2999D90F58D, EA680C3642A6ABF627415AEE019956FAC702DC6A8F4B4D0FC8A4FB21EADD3896 ] C:\Windows\SysWOW64\normaliz.dll
12:07:03.0418 0x0fbc C:\Windows\SysWOW64\normaliz.dll - ok
12:07:03.0428 0x0fbc [ BF24D6F2ED97FE830BFD52B246F98E67, 6BBF4C4221A245462EF653798F6B416EEB12594AD1CB4E8BC8908A8CB2F53384 ] C:\Windows\System32\drivers\dxapi.sys
12:07:03.0428 0x0fbc C:\Windows\System32\drivers\dxapi.sys - ok
12:07:03.0428 0x0fbc [ F1726E14C8F7B40CD828345890AAF764, 3DC0B17CDF609DD8530ECA640258CB3EEB5285B63CDF19DDA26947FBD478FAC9 ] C:\Windows\System32\win32k.sys
12:07:03.0428 0x0fbc C:\Windows\System32\win32k.sys - ok
12:07:03.0428 0x0fbc [ 216BABD555BC550952320EEA89C25DDF, 1BBB92415280032CD18F361382A69D0D91266AAD56FC88A99C804B0053743D72 ] C:\Windows\System32\csrsrv.dll
12:07:03.0428 0x0fbc C:\Windows\System32\csrsrv.dll - ok
12:07:03.0438 0x0fbc [ 60C2862B4BF0FD9F582EF344C2B1EC72, CB1C6018FC5C15483AC5BB96E5C2E2E115BB0C0E1314837D77201BAB37E8C03A ] C:\Windows\System32\csrss.exe
12:07:03.0438 0x0fbc C:\Windows\System32\csrss.exe - ok
12:07:03.0438 0x0fbc [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\System32\basesrv.dll
12:07:03.0438 0x0fbc C:\Windows\System32\basesrv.dll - ok
12:07:03.0438 0x0fbc [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\System32\winsrv.dll
12:07:03.0438 0x0fbc C:\Windows\System32\winsrv.dll - ok
12:07:03.0438 0x0fbc [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] C:\Windows\System32\drivers\monitor.sys
12:07:03.0438 0x0fbc C:\Windows\System32\drivers\monitor.sys - ok
12:07:03.0448 0x0fbc [ F29FE765E1448EF371CFE05BFAC74ADB, F251581222D78543272FD4B14A6A59F4B0E0CC44A5FCBCF56DE4CA5783F78A75 ] C:\Windows\System32\tsddd.dll
12:07:03.0448 0x0fbc C:\Windows\System32\tsddd.dll - ok
12:07:03.0448 0x0fbc [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\System32\sxssrv.dll
12:07:03.0448 0x0fbc C:\Windows\System32\sxssrv.dll - ok
12:07:03.0448 0x0fbc [ 94355C28C1970635A31B3FE52EB7CEBA, C4E98F07170CEC69CACDD5CEDB8927E48A2A299CB1B8CDA87526E768AF6174F0 ] C:\Windows\System32\wininit.exe
12:07:03.0448 0x0fbc C:\Windows\System32\wininit.exe - ok
12:07:03.0458 0x0fbc [ 943F527DF79E6B400104341AA7023C75, 53C7B9426181D3D172E6B1A07E6DF8A0CB8FCA27D3A03CE5F544D3209B5F4651 ] C:\Windows\System32\cdd.dll
12:07:03.0458 0x0fbc C:\Windows\System32\cdd.dll - ok
12:07:03.0458 0x0fbc [ 78523A26F5604C0568FE9D1CE86E36F4, 534A7228BF69719106F581616A32EAEF0B770DDB36DCE94F84E7D52FDB1382B5 ] C:\Windows\System32\KBDUS.DLL
12:07:03.0458 0x0fbc C:\Windows\System32\KBDUS.DLL - ok
12:07:03.0458 0x0fbc [ C2A8CB1275ECB85D246A9ECC02A728E3, 3603FADCA0060BD201148F9D59E4E2627F024609A6463AB525B5D1AD17BDCD10 ] C:\Windows\System32\RpcRtRemote.dll
12:07:03.0458 0x0fbc C:\Windows\System32\RpcRtRemote.dll - ok
12:07:03.0458 0x0fbc [ B26B1801356760841C3BC69F9F91537F, 83B9DF333E36C09E81D44E12AE5BE14650126FDA0CF4A0EA853BF40C5780EF81 ] C:\Windows\System32\WlS0WndH.dll
12:07:03.0458 0x0fbc C:\Windows\System32\WlS0WndH.dll - ok
12:07:03.0468 0x0fbc [ 9CEAD32E79A62150FE9F8557E58E008B, AFE4C1725EE94D7DE0749AE1495A4E5CC33C369F29B2A589DA66FFE27FF9777E ] C:\Windows\System32\sxs.dll
12:07:03.0468 0x0fbc C:\Windows\System32\sxs.dll - ok
12:07:03.0468 0x0fbc [ 784FA3DF338E2E8F5F0389D6FAC428AF, 9C8AA0CFDEB9E38AAF8EB08626070E0F0364F4F8A793CFE3532EC6C007980C34 ] C:\Windows\System32\cryptbase.dll
12:07:03.0468 0x0fbc C:\Windows\System32\cryptbase.dll - ok
12:07:03.0468 0x0fbc [ 88AB9B72B4BF3963A0DE0820B4B0B06C, 29EFEADCB26E408CD41492FCEC6D411A018099D6FF5ECA9526ED59564975F3E6 ] C:\Windows\System32\winlogon.exe
12:07:03.0468 0x0fbc C:\Windows\System32\winlogon.exe - ok
12:07:03.0478 0x0fbc [ 0D9764D58C5EFD672B7184854B152E5E, 9827B43DABBEC39AB2E2294408D9C5304EF27A684903C5234C6070387723D49E ] C:\Windows\System32\winsta.dll
12:07:03.0478 0x0fbc C:\Windows\System32\winsta.dll - ok
12:07:03.0478 0x0fbc [ 90499F3163A9F815CF196A205EA3CD5D, 29B4ED3795CEC1177EB367132914CE21C194CDEC5DB9DC923FD928C85E94D821 ] C:\Windows\System32\apphelp.dll
12:07:03.0478 0x0fbc C:\Windows\System32\apphelp.dll - ok
12:07:03.0478 0x0fbc [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] C:\Windows\System32\lsass.exe
12:07:03.0478 0x0fbc C:\Windows\System32\lsass.exe - ok
12:07:03.0478 0x0fbc [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\System32\services.exe
12:07:03.0478 0x0fbc C:\Windows\System32\services.exe - ok
12:07:03.0488 0x0fbc [ 8098627D0AA1706D69C5AF3F74332ABB, 9582F6162A8405DC568FFBEA08A9090FE92FE2C9DB640077BD7F23AC4FABF700 ] C:\Windows\System32\sspisrv.dll
12:07:03.0488 0x0fbc C:\Windows\System32\sspisrv.dll - ok
12:07:03.0488 0x0fbc [ 9662EE182644511439F1C53745DC1C88, D205B2C163E78AB42A5D67D7664EF6B75EA0374FF0924467D624F9DB0611F0AD ] C:\Windows\System32\lsm.exe
12:07:03.0488 0x0fbc C:\Windows\System32\lsm.exe - ok
12:07:03.0488 0x0fbc [ C072064F95579C0D6D86AF5B3DC53192, CF4A088DF97F4D4963BEAB9CBDBF69FEA2D4773159054A0AF8B8DFFDF83E18DA ] C:\Windows\System32\sspicli.dll
12:07:03.0488 0x0fbc C:\Windows\System32\sspicli.dll - ok
12:07:03.0498 0x0fbc [ 68083118797CAF30FB2EA3E71494D67E, 5F1BCDFCB00A20CD60CBC70A2FD97405EF0F7173DD0E404BBA7B06D39DB37364 ] C:\Windows\System32\sysntfy.dll
12:07:03.0498 0x0fbc C:\Windows\System32\sysntfy.dll - ok
12:07:03.0498 0x0fbc [ DEE7267C5D232A3B816866872CE199E6, A1994FD37667C52E7CBF873514C190DA61A3D1349786D187BFAE0006F61799AE ] C:\Windows\System32\wmsgapi.dll
12:07:03.0498 0x0fbc C:\Windows\System32\wmsgapi.dll - ok
12:07:03.0498 0x0fbc [ E914A50A151DFFE63D3935226DB5E2C1, 7DCCE4060344E1C771679F1C20378A0BEB3C1F06DB684072F07B98921A62A299 ] C:\Windows\System32\scext.dll
12:07:03.0498 0x0fbc C:\Windows\System32\scext.dll - ok
12:07:03.0498 0x0fbc [ 39312B37C5FE5138F99680A49ACD3AEA, B9566B4117FBBECF77A0D3F49E9DF302088B9D483F817720B22E4F9C5754264A ] C:\Windows\System32\secur32.dll
12:07:03.0498 0x0fbc C:\Windows\System32\secur32.dll - ok
12:07:03.0508 0x0fbc [ D4CCE15190269486A5E6D4D4E597F798, B3F1D01526BE95F0384CFB459D220EBA61BAC50D5A4B5E9417840713EC98DCC3 ] C:\Windows\System32\lsasrv.dll
12:07:03.0508 0x0fbc C:\Windows\System32\lsasrv.dll - ok
12:07:03.0508 0x0fbc [ BBCDF350817BA86416C0F06B6981BE8D, D064438F97852B9BD6015C8B19377C61C671E0969E09506B8359FE7B1F373A61 ] C:\Windows\System32\scesrv.dll
12:07:03.0508 0x0fbc C:\Windows\System32\scesrv.dll - ok
12:07:03.0508 0x0fbc [ 3A9C9BAF610B0DD4967086040B3B62A9, E8E9A0F42B1EE7806EDCEED08AA024D037215D06CA317E3678BD5364AD513D23 ] C:\Windows\System32\srvcli.dll
12:07:03.0508 0x0fbc C:\Windows\System32\srvcli.dll - ok
12:07:03.0518 0x0fbc [ A744BA6E04C8AA4592818178DBF89521, 9E7C85D842DF16F9B8FED7B06AF309B5ECCBFD465F5552347D4C3F1FEFDC6F7A ] C:\Windows\System32\samsrv.dll
12:07:03.0518 0x0fbc C:\Windows\System32\samsrv.dll - ok
12:07:03.0518 0x0fbc [ 3A061472B38233BAFF9CFEFF2E49C46B, DF29B14C8D22A8A16AA336A09A6152E2C7FCA6CAF4E76F0C5DCB55BEF9D00515 ] C:\Windows\System32\cryptdll.dll
12:07:03.0518 0x0fbc C:\Windows\System32\cryptdll.dll - ok
12:07:03.0518 0x0fbc [ 3C073B0C596A0AF84933E7406766B040, 4698BBA678F553E15AD4B07AD7FB236281F872DEFEE97BFD637114476C8F97B3 ] C:\Windows\System32\wevtapi.dll
12:07:03.0518 0x0fbc C:\Windows\System32\wevtapi.dll - ok
12:07:03.0518 0x0fbc [ 7FBEBD2229EA5FD48D41B199EC2D541C, A465975D445A8D50CAF3EF29BD33354B320D11173C127BE30D5EBBFF7008CDCE ] C:\Windows\System32\authz.dll
12:07:03.0518 0x0fbc C:\Windows\System32\authz.dll - ok
12:07:03.0528 0x0fbc [ 86FE1B1F8FD42CD0DB641AB1CDB13093, 8C4BB4415105CE82FFFE658879EAE9D259A24C0F6DFC7D25507352DC99241BE2 ] C:\Windows\System32\cngaudit.dll
12:07:03.0528 0x0fbc C:\Windows\System32\cngaudit.dll - ok
12:07:03.0528 0x0fbc [ E23BA7A7BD97FC6B8AB5EA32A46D05CD, 593564F84B36451A5CDCA9B04DCFC7886DB124F7CA95464B67B1E65E041A1EC6 ] C:\Windows\System32\ncrypt.dll
12:07:03.0528 0x0fbc C:\Windows\System32\ncrypt.dll - ok
12:07:03.0528 0x0fbc [ B9A95365E52F421A20E1501935FADDA5, DDB4CB575139233EFAF2C59B7E9B04AF36BBCCC63190181F3B2A7E6BFC86E77E ] C:\Windows\System32\bcrypt.dll
12:07:03.0528 0x0fbc C:\Windows\System32\bcrypt.dll - ok
12:07:03.0538 0x0fbc [ 02B64609F865A39365FF88580DF11738, 2F676B93898E1B6131AF6227BB7AB731EB9C29477F9BD4C2C60F0FC1E35CD968 ] C:\Windows\System32\msprivs.dll
12:07:03.0538 0x0fbc C:\Windows\System32\msprivs.dll - ok
12:07:03.0538 0x0fbc [ 50532FCD7ECF02DD169CE5C485F02534, 8EE5D9D0EA53DC72BCC300692E521ACADD56AB09BFA3E78149D8B5A90648512C ] C:\Windows\System32\negoexts.dll
12:07:03.0538 0x0fbc C:\Windows\System32\negoexts.dll - ok
12:07:03.0538 0x0fbc [ C6505DE3561537BA1004D638C2F93F2F, 3E4FDF374B1A9E43A8F61FD2D79E0515390ECABFDAF72C4BD44A7B6429039AF6 ] C:\Windows\System32\netjoin.dll
12:07:03.0538 0x0fbc C:\Windows\System32\netjoin.dll - ok
12:07:03.0538 0x0fbc [ A805B5E68262302D1A60BE3DED5846C9, 425301E7014D386EB4591A7785CF782FF2155BCB4EF68592790A99FD9B43F20E ] C:\Windows\System32\kerberos.dll
12:07:03.0538 0x0fbc C:\Windows\System32\kerberos.dll - ok
12:07:03.0548 0x0fbc [ E1BB958681BE311E7CFF06CFEC5F1F2B, C2FDFC6C7350788A07DCB99A6A54FB9A96A6A578013DF46D0E5094A3CBF6E862 ] C:\Windows\System32\atmfd.dll
12:07:03.0548 0x0fbc C:\Windows\System32\atmfd.dll - ok
12:07:03.0548 0x0fbc [ D0C2FBB6D97416B0166478FC7AE2B212, 7EAB6C37F0A845E645CA44CC060AC6C56E386C7EF7A64716C6786C9602AD8C9D ] C:\Windows\System32\cryptsp.dll
12:07:03.0548 0x0fbc C:\Windows\System32\cryptsp.dll - ok
12:07:03.0548 0x0fbc [ 9A9F9F1A77D6A80EE28B57664F00013E, 0D441638E086EF1342FCDC43E826BF9E9CC6B2E8AE100D89BFC70163F987DE91 ] C:\Windows\System32\mswsock.dll
12:07:03.0548 0x0fbc C:\Windows\System32\mswsock.dll - ok
12:07:03.0558 0x0fbc [ 7D1017ED11B7C3B162628069742B5E58, 0553ABF5C84469370748CA2496BA82655039E5048980C675742A88B761DED967 ] C:\Windows\System32\msv1_0.dll
12:07:03.0558 0x0fbc C:\Windows\System32\msv1_0.dll - ok
12:07:03.0558 0x0fbc [ EC7CBFF96B05ECF3D366355B3C64ADCF, F69ED45EBEDCA9CF000AC03281F0EC2C351F98513FBA90E63394E4E561D6C7A2 ] C:\Windows\System32\wship6.dll
12:07:03.0558 0x0fbc C:\Windows\System32\wship6.dll - ok
12:07:03.0558 0x0fbc [ AA339DD8BB128EF66660DFBBB59043D3, 76D9F849AFDDA38E04549EB67B4163478776F1B6EF46434168278F84FEB8FC5C ] C:\Windows\System32\netlogon.dll
12:07:03.0558 0x0fbc C:\Windows\System32\netlogon.dll - ok
12:07:03.0558 0x0fbc [ 492D07D79E7024CA310867B526D9636D, F2FE647AB85C6C3C1AA3DF4BCE6E4D42B9676C9D837E11388C235AE8DB20044F ] C:\Windows\System32\dnsapi.dll
12:07:03.0558 0x0fbc C:\Windows\System32\dnsapi.dll - ok
12:07:03.0568 0x0fbc [ 8FFE297B8449386E7B6851458B6E474E, E149B37E11091D69D926242517E5655596594A6F01FEF06EB65D6BA5B354E326 ] C:\Windows\System32\logoncli.dll
12:07:03.0568 0x0fbc C:\Windows\System32\logoncli.dll - ok
12:07:03.0568 0x0fbc [ E8E98B3B7A6E1250F4AA7AF8FA17D5BB, 36EA8779A04E40B93961C8F4B1B6FF7E26254D38B30EA9B1031066B3FC02A776 ] C:\Windows\System32\schannel.dll
12:07:03.0568 0x0fbc C:\Windows\System32\schannel.dll - ok
12:07:03.0568 0x0fbc [ BFC98590EAB40C785D6134B1FA818A62, 3A0136DE59815C36ADD2E960D610371733B119635D2EBA15588DB62A05B928C8 ] C:\Windows\System32\wdigest.dll
12:07:03.0568 0x0fbc C:\Windows\System32\wdigest.dll - ok
12:07:03.0578 0x0fbc [ 5D8874A8C11DDDDE29E12DE0E2013493, 3E9A57137BF622AF83E3E4D58971E2C0200559CCA7545D16CF263AA03EE9C7D2 ] C:\Windows\System32\rsaenh.dll
12:07:03.0578 0x0fbc C:\Windows\System32\rsaenh.dll - ok
12:07:03.0578 0x0fbc [ E08088A97F95345E181C3DFCE2C615EF, DEF3B087DF5E10E4F8418029DB6E82546E62FEFA39694B7BD6A48CE8AAFD1B96 ] C:\Windows\System32\pku2u.dll
12:07:03.0578 0x0fbc C:\Windows\System32\pku2u.dll - ok
12:07:03.0578 0x0fbc [ 79EE13A5A406E4603874686B8005DA72, 3FC9C9463AFF70D9778C9CEDFCE6CEFDEE342A13BDE8EF2FF0420FE48421412B ] C:\Windows\System32\TSpkg.dll
12:07:03.0578 0x0fbc C:\Windows\System32\TSpkg.dll - ok
12:07:03.0578 0x0fbc [ D6C7780A364C6BBACFA796BAB9F1B374, 3B5ED1A030BFD0BB73D4FFCD67A6A0B8501EF70293F223EFAA12F430ADF270F9 ] C:\Windows\System32\bcryptprimitives.dll
12:07:03.0578 0x0fbc C:\Windows\System32\bcryptprimitives.dll - ok
12:07:03.0588 0x0fbc [ 90BDEFC5DF334E5100EAA781D798DE1A, F48B650D811B6D57D2252E326C0C9CC74534BE9D510E7D3403F91D1C5C36281E ] C:\Windows\System32\efslsaext.dll
12:07:03.0588 0x0fbc C:\Windows\System32\efslsaext.dll - ok
12:07:03.0588 0x0fbc [ C9DD5C0D5AF2D7A54BA32E8FBD3B67F1, 1EDB25297A9C8A87A7F33A9E9C5148F476D74BBDBF272036E5ACA46355D4A866 ] C:\Windows\System32\credssp.dll
12:07:03.0588 0x0fbc C:\Windows\System32\credssp.dll - ok
12:07:03.0588 0x0fbc [ ED78427259134C63ED69804D2132B86C, F6F51B8B35881ABCA5580ED111AAC80E466E6474ABAE31EC8BE46C23EDCA77B2 ] C:\Windows\System32\scecli.dll
12:07:03.0588 0x0fbc C:\Windows\System32\scecli.dll - ok
12:07:03.0598 0x0fbc [ 7CC7DF5B654DA579613F811D8C637E29, 70EAC059C1ED814810C75DBB9F4D188428CB942FFD8869D692158D384EB6BB35 ] C:\Windows\System32\ubpm.dll
12:07:03.0598 0x0fbc C:\Windows\System32\ubpm.dll - ok
12:07:03.0598 0x0fbc [ C78655BC80301D76ED4FEF1C1EA40A7D, 93B2ED4004ED5F7F3039DD7ECBD22C7E4E24B6373B4D9EF8D6E45A179B13A5E8 ] C:\Windows\System32\svchost.exe
12:07:03.0598 0x0fbc C:\Windows\System32\svchost.exe - ok
12:07:03.0598 0x0fbc [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] C:\Windows\System32\umpnpmgr.dll
12:07:03.0598 0x0fbc C:\Windows\System32\umpnpmgr.dll - ok
12:07:03.0598 0x0fbc [ E6EB44ABAAF1F330119F854856C53EBE, 77279972FFBFA984578DD4F17EB615F5D2D93590AF3A9FEFEFDB9128206C9887 ] C:\Windows\System32\SPInf.dll
12:07:03.0598 0x0fbc C:\Windows\System32\SPInf.dll - ok
12:07:03.0608 0x0fbc [ CD1B5AD07E5F7FEF30E055DCC9E96180, 63C58551F32B0B09377F64A6AE1FA81AF93B8A707A57A8C18722086906AD3046 ] C:\Windows\System32\devrtl.dll
12:07:03.0608 0x0fbc C:\Windows\System32\devrtl.dll - ok
12:07:03.0608 0x0fbc [ 9C9307C95671AC962F3D6EB3A4A89BAE, D1433791C9B8BCEEAD8937EC18D33E89E4E2012B5975228A8500FD141BC30078 ] C:\Windows\System32\gpapi.dll
12:07:03.0608 0x0fbc C:\Windows\System32\gpapi.dll - ok
12:07:03.0608 0x0fbc [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] C:\Windows\System32\umpo.dll
12:07:03.0608 0x0fbc C:\Windows\System32\umpo.dll - ok
12:07:03.0618 0x0fbc [ F6C011B46FAEEF33536B2E80F48B5CBE, BDD149D3D6F9F6C8F6F34C311219BE5618CEEFBC7D35E37473A47F1D5D015067 ] C:\Windows\System32\pcwum.dll
12:07:03.0618 0x0fbc C:\Windows\System32\pcwum.dll - ok
12:07:03.0618 0x0fbc [ 716175021BDA290504CE434273F666BC, FA18CA2D8A5F4335E051E2933147D3C1E7308F7D446E2AEB6596CDEF6E2AFC88 ] C:\Windows\System32\powrprof.dll
12:07:03.0618 0x0fbc C:\Windows\System32\powrprof.dll - ok
12:07:03.0618 0x0fbc [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] C:\Windows\System32\drivers\luafv.sys
12:07:03.0618 0x0fbc C:\Windows\System32\drivers\luafv.sys - ok
12:07:03.0618 0x0fbc [ 1C7CC708AC4A02A3BE8915539780534A, 0EBDE100880963BF1EC05002BA244CA7700693E958D1974CDD2AC3927D93224F ] C:\Windows\System32\nvvsvc.exe
12:07:03.0618 0x0fbc C:\Windows\System32\nvvsvc.exe - ok
12:07:03.0628 0x0fbc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] C:\Windows\System32\rpcss.dll
12:07:03.0628 0x0fbc C:\Windows\System32\rpcss.dll - ok
12:07:03.0628 0x0fbc [ BD3674BE7FC9D8D3732C83E8499576ED, E6716A5895D629263A4D21959F48840429AB6F4B55A5FA2663EE5E86C9CA2BF1 ] C:\Windows\System32\wtsapi32.dll
12:07:03.0628 0x0fbc C:\Windows\System32\wtsapi32.dll - ok
12:07:03.0628 0x0fbc [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] C:\Windows\System32\RpcEpMap.dll
12:07:03.0628 0x0fbc C:\Windows\System32\RpcEpMap.dll - ok
12:07:03.0638 0x0fbc [ 16E964ABF6D1E0F0CC7822FCA9BA754D, 0E461387ACFD641DA22EE542A3C68AF5F7D3A7F967D974E3B198143D461ABE39 ] C:\Windows\System32\wshqos.dll
12:07:03.0638 0x0fbc C:\Windows\System32\wshqos.dll - ok
12:07:03.0638 0x0fbc [ 31559F3244C6BC00A52030CAA83B6B91, B2025742B5F0025ACE9821D5722DE3F997EEEAB21D2F381C9E307882DF422579 ] C:\Windows\System32\WSHTCPIP.DLL
12:07:03.0638 0x0fbc C:\Windows\System32\WSHTCPIP.DLL - ok
12:07:03.0638 0x0fbc [ 9AD9E06F8656F296D91FAE8EE5B95A27, 53384747D5864D699BCC4F48E0A5E656430EDAA65DCDAB4B11EA68FC7106459E ] C:\Windows\System32\FirewallAPI.dll
12:07:03.0638 0x0fbc C:\Windows\System32\FirewallAPI.dll - ok
12:07:03.0648 0x0fbc [ 94E026870A55AAEAFF7853C1754091E9, B2F5D5629D12BDFA98DBED3898368F37D9009C7531B6909C7285A2C11C9A0F93 ] C:\Windows\System32\version.dll
12:07:03.0648 0x0fbc C:\Windows\System32\version.dll - ok
12:07:03.0648 0x0fbc [ 6011714C8C5C55CBFFAD24D61E879FBD, 75D615082A1C71C6ED3ABB49EDAF660EE538D112CF79B9C8AF0A583D1CE1BBB0 ] C:\Windows\System32\wevtsvc.dll
12:07:03.0648 0x0fbc C:\Windows\System32\wevtsvc.dll - ok
12:07:03.0648 0x0fbc [ 715F03B4C7223349768013EA95D9E5B7, 09AB0535A54C2E2962F0FD06988D99060F8CECA39B07AC00A63204C773B95893 ] C:\Windows\System32\LogonUI.exe
12:07:03.0648 0x0fbc C:\Windows\System32\LogonUI.exe - ok
12:07:03.0648 0x0fbc [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] C:\Windows\System32\audiosrv.dll
12:07:03.0648 0x0fbc C:\Windows\System32\audiosrv.dll - ok
12:07:03.0658 0x0fbc [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] C:\Windows\System32\FntCache.dll
12:07:03.0658 0x0fbc C:\Windows\System32\FntCache.dll - ok
12:07:03.0658 0x0fbc [ 78A1E65207484B7F8D3217507745F47C, 35F413ADB9D157F3666DD15DD58104D629CD9143198A1AB914B73A4A3C9903DD ] C:\Windows\System32\avrt.dll
12:07:03.0658 0x0fbc C:\Windows\System32\avrt.dll - ok
12:07:03.0658 0x0fbc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] C:\Windows\System32\mmcss.dll
12:07:03.0658 0x0fbc C:\Windows\System32\mmcss.dll - ok
12:07:03.0668 0x0fbc [ 1F4492FE41767CDB8B89D17655847CDD, 184547FAC0C3D7148FAA3F601929A7089DE393BD19929A137DAD743331DD3F77 ] C:\Windows\System32\ntmarta.dll
12:07:03.0668 0x0fbc C:\Windows\System32\ntmarta.dll - ok
12:07:03.0668 0x0fbc [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] C:\Windows\System32\netprofm.dll
12:07:03.0668 0x0fbc C:\Windows\System32\netprofm.dll - ok
12:07:03.0668 0x0fbc [ 34152997FB906895290E0199AC94B85F, 6AEEB989FA6E4354F96F70D0169CC6CAAA56EEE3056F1CD20F5FE846EAC058C1 ] C:\Windows\System32\authui.dll
12:07:03.0668 0x0fbc C:\Windows\System32\authui.dll - ok
12:07:03.0678 0x0fbc [ FE05D03B73000CFF476E1D29109F3A84, 7880B025413338A7B114BECB5DC67605FC7A97142C26FD12F765A64A21805842 ] C:\Program Files\Windows Defender\MpEvMsg.dll
12:07:03.0678 0x0fbc C:\Program Files\Windows Defender\MpEvMsg.dll - ok
12:07:03.0678 0x0fbc [ 588CD0C78A7FAAE4186B5EEA0AF3ED67, E957E4463D318A44BA5109EE3428624DE901C5FF2BA358986DF6C6F059DDBCC2 ] C:\Windows\System32\adtschema.dll
12:07:03.0678 0x0fbc C:\Windows\System32\adtschema.dll - ok
12:07:03.0678 0x0fbc [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] C:\Windows\System32\MPSSVC.dll
12:07:03.0678 0x0fbc C:\Windows\System32\MPSSVC.dll - ok
12:07:03.0678 0x0fbc [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] C:\Windows\System32\drivers\fltMgr.sys
12:07:03.0678 0x0fbc C:\Windows\System32\drivers\fltMgr.sys - ok
12:07:03.0688 0x0fbc [ 50544D04AD845C43130B70212EC05CCD, B2E6B558DE7D273512226685FF53ED17C9B4BF81B739FBCA5D3FC82DF8D2BCF7 ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
12:07:03.0688 0x0fbc C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
12:07:03.0688 0x0fbc [ 67A95B9D129ED5399E7965CD09CF30E7, F1F2F684146F1CCB293BB9871117B8CFC1D04588A830F67CE5D3F0D034D93B2A ] C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
12:07:03.0688 0x0fbc C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe - ok
12:07:03.0688 0x0fbc [ A2B0924D50F4435FD389499047CE553A, 8D16D5CAAD71AAAAA1479F8477D2928B66581C79932A49A21EDF93DB2803AB9C ] C:\Windows\SysWOW64\ntdll.dll
12:07:03.0688 0x0fbc C:\Windows\SysWOW64\ntdll.dll - ok
12:07:03.0698 0x0fbc [ 2A107B611C91CD256466C58C0D776E9D, 58EA4F6E0FE7EFB8D3024AE71EE16848C2A00BA5224C8054C80134F99D9A72AB ] C:\Windows\System32\wow64.dll
12:07:03.0698 0x0fbc C:\Windows\System32\wow64.dll - ok
12:07:03.0698 0x0fbc [ 7434E01FBCA3CB86539C39412A31D5E1, E40D5AEBB3A5D8F53C76E3FBF0C07B9C0227914C869F57622EA44A212383EE6D ] C:\Windows\System32\wow64win.dll
12:07:03.0698 0x0fbc C:\Windows\System32\wow64win.dll - ok
12:07:03.0698 0x0fbc [ 0F090A77E664CB0F70AB8D3B230B760C, A08EA0409B3BF88AB12792F721FA3A692BBE640DF2A06641E142843A7044EC5E ] C:\Windows\System32\wow64cpu.dll
12:07:03.0698 0x0fbc C:\Windows\System32\wow64cpu.dll - ok
12:07:03.0708 0x0fbc [ 76161B9D78A275F8F28DD67436013110, E4AE9648BDED9035D39DF20C3A6F453F67D49D7899038B21D88FFD4EFFCC4C08 ] C:\Windows\SysWOW64\kernel32.dll
12:07:03.0708 0x0fbc C:\Windows\SysWOW64\kernel32.dll - ok
12:07:03.0708 0x0fbc [ 461B713DE7F353C6447B744F1A049930, 3551C57128DAFA009C9DB3EE0D798D94B269D1605F74897566D7E79E5FDD437B ] C:\Windows\SysWOW64\KernelBase.dll
12:07:03.0708 0x0fbc C:\Windows\SysWOW64\KernelBase.dll - ok
12:07:03.0708 0x0fbc [ 10FB16B50AFFDA6D44588F3C445DC273, 6CDA17DA9B44D11E69F7C6682FA633EA75731623BB21B429A0FE2086ED4495A7 ] C:\Windows\SysWOW64\setupapi.dll
12:07:03.0708 0x0fbc C:\Windows\SysWOW64\setupapi.dll - ok
12:07:03.0708 0x0fbc [ 227E2C382A1E02F8D4965E664D3BBE43, 1CFF20A8BF87ACE4FA4935EBEED72BFB1A1FE902A754899E2F50798D67DF5642 ] C:\Windows\System32\MMDevAPI.dll
12:07:03.0708 0x0fbc C:\Windows\System32\MMDevAPI.dll - ok
12:07:03.0718 0x0fbc [ F06BB4E336EA57511FDBAFAFCC47DE62, BE43EC62548E9FF89A9495A1722E22DBB76EEC3764F86E64057B636F27D15765 ] C:\Windows\System32\propsys.dll
12:07:03.0718 0x0fbc C:\Windows\System32\propsys.dll - ok
12:07:03.0718 0x0fbc [ F436E847FA799ECD75AD8C313673F450, 3C8BF3F0C08C7FA8DE5CD9C60AD9D00B742E84EB1FEBEEBA0F7159844BAAA471 ] C:\Windows\SysWOW64\cfgmgr32.dll
12:07:03.0718 0x0fbc C:\Windows\SysWOW64\cfgmgr32.dll - ok
12:07:03.0718 0x0fbc [ 9DC80A8AAAAAC397BDAB3C67165A824E, 051636BFDFF7AB0E4191354E846BD0DACCA1A01FCC13C1AFED91D8DBFE17127A ] C:\Windows\SysWOW64\msvcrt.dll
12:07:03.0718 0x0fbc C:\Windows\SysWOW64\msvcrt.dll - ok
12:07:03.0728 0x0fbc [ F08F6FCD09F9BE94C37ACC1B344685FF, DE48D766258B46EFEAB16579421C4BD97ACC6883F782D00E9857F4A0CE7E8A34 ] C:\Windows\SysWOW64\cryptbase.dll
12:07:03.0728 0x0fbc C:\Windows\SysWOW64\cryptbase.dll - ok
12:07:03.0728 0x0fbc [ 4DC999CED9429939D75682EBD7D48901, 4E2DB6E4C500980488010AF1125A73D0F958889379F05DB304A220B4BB2D1834 ] C:\Windows\SysWOW64\rpcrt4.dll
12:07:03.0728 0x0fbc C:\Windows\SysWOW64\rpcrt4.dll - ok
12:07:03.0728 0x0fbc [ CFC97F07904067A1E5FAE195D534DA3A, EB4D2D127312EB09E2ACCA3276779E80F90FAF77322684BABF72B8EC6E1F906C ] C:\Windows\SysWOW64\sechost.dll
12:07:03.0728 0x0fbc C:\Windows\SysWOW64\sechost.dll - ok
12:07:03.0728 0x0fbc [ 230AAF45031E87638CA4053C0399C1E6, 2ABEA493D8B4EC6A4C72546644D8311F0B9A88D6879942CFB2A8A5175260400F ] C:\Windows\SysWOW64\sspicli.dll
12:07:03.0728 0x0fbc C:\Windows\SysWOW64\sspicli.dll - ok
12:07:03.0738 0x0fbc [ D67472125471784DE7147946EDA25FEB, F41960118F412B6CA5E80AE5E8DB9AECDD043A7DB34388FF57C6F9C5A0056F91 ] C:\Windows\SysWOW64\advapi32.dll
12:07:03.0738 0x0fbc C:\Windows\SysWOW64\advapi32.dll - ok
12:07:03.0738 0x0fbc [ 56E3313690866F99CD17AA1342F64AE1, 4AD4E105C1A6E9BAB9568CA21B15A38C59702EF605AA9058490C56DA070CF846 ] C:\Windows\SysWOW64\gdi32.dll
12:07:03.0738 0x0fbc C:\Windows\SysWOW64\gdi32.dll - ok
12:07:03.0738 0x0fbc [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3, 01EB95FA3943CF3C6B1A21E473A5C3CB9FCBCE46913B15C96CAC14E4F04075B4 ] C:\Windows\SysWOW64\user32.dll
12:07:03.0738 0x0fbc C:\Windows\SysWOW64\user32.dll - ok
12:07:03.0748 0x0fbc [ CC23295DA8F7B5C53F93804D2F5D30EB, B290D96C40FBA934DE6CFF82D9BBA6780922CC5012C61599BD5006DAEDC82DDB ] C:\Windows\SysWOW64\lpk.dll
12:07:03.0748 0x0fbc C:\Windows\SysWOW64\lpk.dll - ok
12:07:03.0748 0x0fbc [ A5F833506BF6A1B5D693E1499DEE2444, 045874B7D37F49216E37D551076FF440E29DB5196564E714207DF753DF7FDDEE ] C:\Windows\SysWOW64\usp10.dll
12:07:03.0748 0x0fbc C:\Windows\SysWOW64\usp10.dll - ok
12:07:03.0748 0x0fbc [ 6C765E82B57F2E66CE9C54AC238471D9, 97F410023F5C08B4BC5DBF89A642200E76F4025ADD9707C24FD89D673675BB43 ] C:\Windows\SysWOW64\oleaut32.dll
12:07:03.0748 0x0fbc C:\Windows\SysWOW64\oleaut32.dll - ok
12:07:03.0748 0x0fbc [ 928CF7268086631F54C3D8E17238C6DD, F058FAFB04E7EBD5CADE9B48195B7AA7C3508F332A89F5E6E5F3F071E8CADD4A ] C:\Windows\SysWOW64\ole32.dll
12:07:03.0748 0x0fbc C:\Windows\SysWOW64\ole32.dll - ok
12:07:03.0758 0x0fbc [ 2EEFF4502F5E13B1BED4A04CCAD64C08, 209FF1B6D46D1AC99518FCF54F2F726143B2DBF2C5FDA90212FBEF7526F7CBF5 ] C:\Windows\SysWOW64\devobj.dll
12:07:03.0758 0x0fbc C:\Windows\SysWOW64\devobj.dll - ok
12:07:03.0758 0x0fbc [ A3DB3C17EE6CAE65D53602B4E80BCCBC, D802A7C6161F937DC42A6E45FE1BB2C8272819F92C294C180EBCDF8FF72CBFDC ] C:\Windows\System32\PSHED.DLL
12:07:03.0758 0x0fbc C:\Windows\System32\PSHED.DLL - ok
12:07:03.0758 0x0fbc [ A6F09E5669D9A19035F6D942CAA15882, 68C8AF0CC1923E3A7245392F2480EE665D265DF300A609D2540BF7C6D9C1A1BE ] C:\Windows\SysWOW64\imm32.dll
12:07:03.0758 0x0fbc C:\Windows\SysWOW64\imm32.dll - ok
12:07:03.0768 0x0fbc [ 702254574E7E52052DE39408457B7149, 645CA9E88DA21C63710A04A0F54421018DF415A3D612112C71A255C49325C082 ] C:\Windows\SysWOW64\version.dll
12:07:03.0768 0x0fbc C:\Windows\SysWOW64\version.dll - ok
12:07:03.0768 0x0fbc [ C9618BC9B2B0FD7C1138D8774795A79B, 0AC170669C2626519FA7A745C56BFBA6B83B8537488F5B9EB7BA72448E5E7A43 ] C:\Windows\SysWOW64\msctf.dll
12:07:03.0768 0x0fbc C:\Windows\SysWOW64\msctf.dll - ok
12:07:03.0768 0x0fbc [ D5CCA1453B98A5801E6D5FF0FF89DC6C, 85F2C2480AAC31B6092187B431A562D79D4CFB1324F925C85055ABAB2483264B ] C:\Windows\System32\audiodg.exe
12:07:03.0768 0x0fbc C:\Windows\System32\audiodg.exe - ok
12:07:03.0768 0x0fbc [ CC09E0C9A2D89C6E71D093DC8BD121B7, 5F92457E27D817541EBA92FED984D2E6C1E35AD4E4E4CAE0F0778B795C260FAA ] C:\Windows\SysWOW64\crypt32.dll
12:07:03.0768 0x0fbc C:\Windows\SysWOW64\crypt32.dll - ok
12:07:03.0778 0x0fbc [ 68EAAEDF0365168B804E8728368FA946, 1FA25087E8B247B099B729F780DBF24F77FD34F58186A1C94329261CF3D18B8E ] C:\Windows\SysWOW64\wintrust.dll
12:07:03.0778 0x0fbc C:\Windows\SysWOW64\wintrust.dll - ok
12:07:03.0778 0x0fbc [ 938F39B50BAFE13D6F58C7790682C010, 902000EE51EFEABAF6A4B30F880AA37083D2232C6FC622CA513C4A823390FEDA ] C:\Windows\SysWOW64\msasn1.dll
12:07:03.0778 0x0fbc C:\Windows\SysWOW64\msasn1.dll - ok
12:07:03.0778 0x0fbc [ B0945E538CF906BBDDC5A11C8EE868CC, 5F3459F6512918835F7C9400905EC7C1FAEAA7114E0D28C522040C359E3B93F7 ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
12:07:03.0778 0x0fbc C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
12:07:03.0788 0x0fbc [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] C:\Windows\System32\cscsvc.dll
12:07:03.0788 0x0fbc C:\Windows\System32\cscsvc.dll - ok
12:07:03.0788 0x0fbc [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] C:\Windows\System32\profsvc.dll
12:07:03.0788 0x0fbc C:\Windows\System32\profsvc.dll - ok
12:07:03.0788 0x0fbc [ 58775492FFD419248B08325E583C527F, DBB013971F5894F25C222C2D4D50A29DB6DF3C413792EE9CCC1A9E6D85469093 ] C:\Windows\System32\atl.dll
12:07:03.0788 0x0fbc C:\Windows\System32\atl.dll - ok
12:07:03.0788 0x0fbc [ 29910D50542B1AA0F162EF3339C61B6D, 018F0922384A5757390652865BB2DF876E9DA08B0858BC619B41D2CD14533ED4 ] C:\Windows\System32\PeerDist.dll
12:07:03.0788 0x0fbc C:\Windows\System32\PeerDist.dll - ok
12:07:03.0798 0x0fbc [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] C:\Windows\System32\themeservice.dll
12:07:03.0798 0x0fbc C:\Windows\System32\themeservice.dll - ok
12:07:03.0798 0x0fbc [ BAAFAF9CEAEC0B73C2A3550A01F6CECB, 018CB95A43CEA2063EA24691C71D51EF60D522C21502ABA8AD93876363D4B857 ] C:\Windows\System32\taskschd.dll
12:07:03.0798 0x0fbc C:\Windows\System32\taskschd.dll - ok
12:07:03.0798 0x0fbc [ 862596399AAFD2A21DB2AF9270CD4F70, 24CAA19EE791FB3440CE742C9064FCE0CB755EF0789D3CE62058A2CFEF0FF6D2 ] C:\Windows\System32\mstask.dll
12:07:03.0798 0x0fbc C:\Windows\System32\mstask.dll - ok
12:07:03.0808 0x0fbc [ 7FA8FDC2C2A27817FD0F624E78D3B50C, 7B63F6AA2CD6D4D07EA3C595B868B1A0749BB11620027A2BD9B935E3055481E4 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
12:07:03.0808 0x0fbc C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
12:07:03.0808 0x0fbc [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] C:\Windows\System32\es.dll
12:07:03.0808 0x0fbc C:\Windows\System32\es.dll - ok
12:07:03.0808 0x0fbc [ 1A47D52E303B7543E4E6026595B95422, C577CD3837546A7CED5D2E8E97FA2EDACA133B4A8595770EF96CAE519BFE280F ] C:\Windows\System32\comres.dll
12:07:03.0808 0x0fbc C:\Windows\System32\comres.dll - ok
12:07:03.0808 0x0fbc [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] C:\Windows\System32\Sens.dll
12:07:03.0808 0x0fbc C:\Windows\System32\Sens.dll - ok
12:07:03.0818 0x0fbc [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] C:\Windows\System32\gpsvc.dll
12:07:03.0818 0x0fbc C:\Windows\System32\gpsvc.dll - ok
12:07:03.0818 0x0fbc [ 46BB91A169B9B31FF44EB04C48EC1D41, 8115B533D3A5BE07633FA54FA8847E3DEC00C5BEB193CF2FBE88428D23E2B3D6 ] C:\Windows\System32\nlaapi.dll
12:07:03.0818 0x0fbc C:\Windows\System32\nlaapi.dll - ok
12:07:03.0818 0x0fbc [ B3BFBD758506ECB50C5804AAA76318F9, 34E079A6AB2D41D1E0B3887B6AE31C43941061B7176FFF2801C3F465C2C89578 ] C:\Windows\System32\cryptui.dll
12:07:03.0818 0x0fbc C:\Windows\System32\cryptui.dll - ok
12:07:03.0828 0x0fbc [ 5B3EBFC3DA142324B388DDCC4465E1FF, 5D58642305311F9BC9B779C9598BFC4E7433B3EA58404BF1FF9466838A2328C7 ] C:\Windows\System32\samlib.dll
12:07:03.0828 0x0fbc C:\Windows\System32\samlib.dll - ok
12:07:03.0828 0x0fbc [ 4E9C2DB10F7E6AE91BF761139D4B745B, 8F63F78294F5585D599A114AF449DCC447CCB239D0F0B490BFE6B34A2146E730 ] C:\Windows\System32\shacct.dll
12:07:03.0828 0x0fbc C:\Windows\System32\shacct.dll - ok
12:07:03.0828 0x0fbc [ D29E998E8277666982B4F0303BF4E7AF, 4F19AB5DC173E278EBE45832F6CEAA40E2DF6A2EDDC81B2828122442FE5D376C ] C:\Windows\System32\uxtheme.dll
12:07:03.0828 0x0fbc C:\Windows\System32\uxtheme.dll - ok
12:07:03.0828 0x0fbc [ A9A87481B1A6589898C1DAB37C03E4AB, 803DB46E9FEE4E45B63A13A8CE3E589D7498532B8A7D8C3424E210E6A9AAC61F ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18455_none_2b283fd671e9bf4d\GdiPlus.dll
12:07:03.0828 0x0fbc C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18455_none_2b283fd671e9bf4d\GdiPlus.dll - ok
12:07:03.0838 0x0fbc [ 3CB6A7286422C72C34DAB54A5DFF1A34, 98D21EFFF511E407336A226420701E82554DA01FA05661303836B6860D63749D ] C:\Windows\System32\dui70.dll
12:07:03.0838 0x0fbc C:\Windows\System32\dui70.dll - ok
12:07:03.0838 0x0fbc [ 8CCDE014A4CDF84564E03ACE064CA753, DD663029B2EB7B12FDB00FCE403D8326141E540E3B9CE84CD5871473D3E2E2CF ] C:\Windows\System32\duser.dll
12:07:03.0838 0x0fbc C:\Windows\System32\duser.dll - ok
12:07:03.0838 0x0fbc [ D7F1EF374A90709B31591823B002F918, 05FD2837C9B03D14BB2A969C1AD77CAEF047D93DC5D0F6C2ACBF0888E8F7B359 ] C:\Windows\System32\SndVolSSO.dll
12:07:03.0838 0x0fbc C:\Windows\System32\SndVolSSO.dll - ok
12:07:03.0848 0x0fbc [ DA1B7075260F3872585BFCDD668C648B, 3E10EF6E1A5C341B478322CB78A0AB7BFC70AD8023779B8B4542A7CB4CA756AB ] C:\Windows\System32\dwmapi.dll
12:07:03.0848 0x0fbc C:\Windows\System32\dwmapi.dll - ok
12:07:03.0848 0x0fbc [ 896F15A6434D93EDB42519D5E18E6B50, 9263F0CEC58D45EBE3FB9C3061FB9392C55A7933B84B4592E6EE13CFC86D5A50 ] C:\Windows\System32\hid.dll
12:07:03.0848 0x0fbc C:\Windows\System32\hid.dll - ok
12:07:03.0848 0x0fbc [ 6F8B48F3D343E4B186AB6A9E302B7E16, 54DB52FC56509E61DF68BD251B3286E6CBE1A91D9BC4D950940A61FE2DA04DF8 ] C:\Windows\System32\xmllite.dll
12:07:03.0848 0x0fbc C:\Windows\System32\xmllite.dll - ok
12:07:03.0848 0x0fbc [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] C:\Windows\System32\drivers\lltdio.sys
12:07:03.0848 0x0fbc C:\Windows\System32\drivers\lltdio.sys - ok
12:07:03.0858 0x0fbc [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] C:\Windows\System32\drivers\rspndr.sys
12:07:03.0858 0x0fbc C:\Windows\System32\drivers\rspndr.sys - ok
12:07:03.0858 0x0fbc [ A77BE7CB3222B4FB0AC6C71D1C2698D4, 73566223914BF670DF6B5931FA213E546713531B10391ED65B5256BBD7ABDE7F ] C:\Windows\System32\dsrole.dll
12:07:03.0858 0x0fbc C:\Windows\System32\dsrole.dll - ok
12:07:03.0858 0x0fbc [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] C:\Windows\System32\lmhsvc.dll
12:07:03.0858 0x0fbc C:\Windows\System32\lmhsvc.dll - ok
12:07:03.0868 0x0fbc [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] C:\Windows\System32\nsisvc.dll
12:07:03.0868 0x0fbc C:\Windows\System32\nsisvc.dll - ok
12:07:03.0868 0x0fbc [ BE097F5BB10F9079FCEB2DC4E7E20F02, 90A88986C8C5F30FB153EC803FEDA6572B2C2630A6C9578FCC017800692694D5 ] C:\Windows\System32\slc.dll
12:07:03.0868 0x0fbc C:\Windows\System32\slc.dll - ok
12:07:03.0868 0x0fbc [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] C:\Windows\System32\uxsms.dll
12:07:03.0868 0x0fbc C:\Windows\System32\uxsms.dll - ok
12:07:03.0868 0x0fbc [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] C:\Windows\System32\dnsrslvr.dll
12:07:03.0868 0x0fbc C:\Windows\System32\dnsrslvr.dll - ok
12:07:03.0878 0x0fbc [ 4C9210E8F4E052F6A4EB87716DA0C24C, 460F7990BDADB7D58D6DC95B094D30A2EFDC4CEED444B18A2F36E8D9076FB8B9 ] C:\Windows\System32\winnsi.dll
12:07:03.0878 0x0fbc C:\Windows\System32\winnsi.dll - ok
12:07:03.0878 0x0fbc [ 885D0942E0F28DB90919BE3129ECF279, 5A10D90EE656ECE3DCA174D6F924641509819FC20CB6EF46B5E1723E52DE85BE ] C:\Windows\System32\dnsext.dll
12:07:03.0878 0x0fbc C:\Windows\System32\dnsext.dll - ok
12:07:03.0878 0x0fbc [ D07EB640618F96490DB88C3CE58DB608, 0C553971259632031E6856A94EEB937D571627FC7CF061CCFC040F4BF0CFF259 ] C:\Windows\System32\FWPUCLNT.DLL
12:07:03.0878 0x0fbc C:\Windows\System32\FWPUCLNT.DLL - ok
12:07:03.0888 0x0fbc [ 2B81776DA02017A37FE26C662827470E, A656353C50EE08422145D00DB9CFD9F6D3E664753B3C454B171E2A56A8AA94DC ] C:\Windows\System32\IPHLPAPI.DLL
12:07:03.0888 0x0fbc C:\Windows\System32\IPHLPAPI.DLL - ok
12:07:03.0888 0x0fbc [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] C:\Windows\System32\dhcpcore.dll
12:07:03.0888 0x0fbc C:\Windows\System32\dhcpcore.dll - ok
12:07:03.0888 0x0fbc [ F568F7C08458D69E4FCD8675BBB107E4, A5FA25ECF248999A68CCECFBB508BFA1ADD18A23E20A9A9081A87C41CAAA36C0 ] C:\Windows\System32\dhcpcsvc.dll
12:07:03.0888 0x0fbc C:\Windows\System32\dhcpcsvc.dll - ok
12:07:03.0888 0x0fbc [ 3C06D5A929B798D0B13F6481242A0FD2, CE6127A31AB09E21A912CA16E4BDF663E9D05C254CCF9090A8B5A9A2E055EFF3 ] C:\Windows\System32\dhcpcsvc6.dll
12:07:03.0888 0x0fbc C:\Windows\System32\dhcpcsvc6.dll - ok
12:07:03.0898 0x0fbc [ B73A6E4B319AFFE64582AC5C1801BB3F, 274EEA0743DC659180E691654CBB17136E9E9D83B07E302B47EA5B103EA57710 ] C:\Windows\System32\nrpsrv.dll
12:07:03.0898 0x0fbc C:\Windows\System32\nrpsrv.dll - ok
12:07:03.0898 0x0fbc [ 3CC16A849E6092E43909F48EF0E60306, 610B576654A69415E4F2FEDB6BA384C77715944E4F89BD2821B311968CA8D810 ] C:\Windows\System32\dhcpcore6.dll
12:07:03.0898 0x0fbc C:\Windows\System32\dhcpcore6.dll - ok
12:07:03.0898 0x0fbc [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] C:\Windows\System32\shsvcs.dll
12:07:03.0898 0x0fbc C:\Windows\System32\shsvcs.dll - ok
12:07:03.0908 0x0fbc [ AFCA5C1ECEAF948FC815178BC077680E, D052C18EF455E1A272332F2E11FD4F36DA071FAB3B81CA312FB75BF8702ED72D ] C:\Windows\System32\WindowsCodecs.dll
12:07:03.0908 0x0fbc C:\Windows\System32\WindowsCodecs.dll - ok
12:07:03.0908 0x0fbc [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] C:\Windows\System32\schedsvc.dll
12:07:03.0908 0x0fbc C:\Windows\System32\schedsvc.dll - ok
12:07:03.0908 0x0fbc [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D, 19959D18601712901F03B83150D15E34EBCAB355BB4692C9A28511A72F57FC66 ] C:\Windows\System32\winbrand.dll
12:07:03.0908 0x0fbc C:\Windows\System32\winbrand.dll - ok
12:07:03.0918 0x0fbc [ EEEA40F0EDB0A6E5359E539E15D0BC77, BFCBF777239C29C6AC4BC5B59591308571647B7C7FDB5571903F7403DD241E8E ] C:\Windows\System32\netapi32.dll
12:07:03.0918 0x0fbc C:\Windows\System32\netapi32.dll - ok
12:07:03.0918 0x0fbc [ 6CECA4C6A489C9B2E6073AFDAAE3F607, 127506D1DB38275614CBEB047C133718EF9D03266BA9C98BE55EC7847CFC9C3D ] C:\Windows\System32\netutils.dll
12:07:03.0918 0x0fbc C:\Windows\System32\netutils.dll - ok
12:07:03.0918 0x0fbc [ 3C91392D448F6E5D525A85B7550D8BA9, 6FD0DC73DBE7519E2C643554C2A7F8FBE4F9A678C4241BB54B3C6E65D2ABCF3A ] C:\Windows\System32\wkscli.dll
12:07:03.0918 0x0fbc C:\Windows\System32\wkscli.dll - ok
12:07:03.0918 0x0fbc [ BC414631876B2F28B8DAB08E849C12C5, 5973654AA3E90E6B699B0A43F645B893D95BAA803129B6967D746C8239AB26E3 ] C:\Windows\System32\ktmw32.dll
12:07:03.0918 0x0fbc C:\Windows\System32\ktmw32.dll - ok
12:07:03.0928 0x0fbc [ 945E54F23C72D37B8CD1987AF0DB63BF, C2B217C94DBCA0A31ED834B9D492B53B25B235DDD02B1D1200E76609D32772EA ] C:\Windows\System32\fveapi.dll
12:07:03.0928 0x0fbc C:\Windows\System32\fveapi.dll - ok
12:07:03.0928 0x0fbc [ 891ECFD08E2C538B7948CBC45106D697, 628D0D618FF3A70E9FBE3B2C7206C9365ED2297784A5F10FFA05BD2C56657013 ] C:\Windows\System32\fvecerts.dll
12:07:03.0928 0x0fbc C:\Windows\System32\fvecerts.dll - ok
12:07:03.0928 0x0fbc [ 694865362F0965779F92BCFE97712323, 825EB75E37AFE9B738869FB5D95020D4F44AD419C2F6C5A658F82A5242FDEF6C ] C:\Windows\System32\tbs.dll
12:07:03.0928 0x0fbc C:\Windows\System32\tbs.dll - ok
12:07:03.0938 0x0fbc [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7, 4BC5A1279885EEFBEB27333AF719622A5FCDD9606697692C1978E434CE264D80 ] C:\Windows\System32\taskcomp.dll
12:07:03.0938 0x0fbc C:\Windows\System32\taskcomp.dll - ok
12:07:03.0938 0x0fbc [ C2762A57DF0EE85E63CE4893C5215313, DDE22212D78353633CEDE27D7210469DE674563991105563CF64CCCE2D0743BD ] C:\Windows\System32\VaultCredProvider.dll
12:07:03.0938 0x0fbc C:\Windows\System32\VaultCredProvider.dll - ok
12:07:03.0938 0x0fbc [ 8563BA40DF4F1E93A61B70E2C8B60CF8, E5CAA520CBE61FAF3EAA784A51ED30E0CB2FD78EFD8AE1D5C6B0FE43A1009F39 ] C:\Windows\System32\SmartcardCredentialProvider.dll
12:07:03.0938 0x0fbc C:\Windows\System32\SmartcardCredentialProvider.dll - ok
12:07:03.0938 0x0fbc [ BF352E73615F5461AA6884472435A544, 4B059E79325C5F08CD6FBBE6352E17ADB64B9608CC9EDB36A2DF4D148060C309 ] C:\Windows\System32\BioCredProv.dll
12:07:03.0938 0x0fbc C:\Windows\System32\BioCredProv.dll - ok
12:07:03.0948 0x0fbc [ 8269210DAF3B12BC8300631B28A2A442, EABEB792C2EA8D4A1A7B13281CF557C194D5667AE0BA2A2D5664908D8269113D ] C:\Windows\System32\wiarpc.dll
12:07:03.0948 0x0fbc C:\Windows\System32\wiarpc.dll - ok
12:07:03.0948 0x0fbc [ 796B8123A7859AFD3A4AE10514DBAEB5, E76F69FAFEC3D66263ED95F3FA9EE309BDDACB287E30583A147DC97F6EEB8844 ] C:\Windows\System32\winbio.dll
12:07:03.0948 0x0fbc C:\Windows\System32\winbio.dll - ok
12:07:03.0948 0x0fbc [ 4403D5ECE7D8323CAF1207D1AA38FA01, BD0B34DCF658D3CB91C1B55E9E730C5F7C571AFC2BFA09270C377B72B6830D48 ] C:\Windows\System32\credui.dll
12:07:03.0948 0x0fbc C:\Windows\System32\credui.dll - ok
12:07:03.0958 0x0fbc [ 44B9C66177651F3F53C87B665D58D17A, 3FC426115FF87570889DB28D71970B82B525D2A4B9A00EDD273BF083B77A05CE ] C:\Windows\System32\vaultcli.dll
12:07:03.0958 0x0fbc C:\Windows\System32\vaultcli.dll - ok
12:07:03.0958 0x0fbc [ 972C3301DB3DA91AE06A95F6B4160B1B, 678B533A06C306295FE97DC26CE9BAFFC8EAF1FB7405ACB040719099717744D5 ] C:\Windows\System32\certCredProvider.dll
12:07:03.0958 0x0fbc C:\Windows\System32\certCredProvider.dll - ok
12:07:03.0958 0x0fbc [ FC51229C7D4AFA0D6F186133728B95AB, 37E58C8E1C8437D1981725A5DCDACA7316CEFBB570370CEFC8D122F523B96AC0 ] C:\Windows\System32\samcli.dll
12:07:03.0958 0x0fbc C:\Windows\System32\samcli.dll - ok
12:07:03.0968 0x0fbc [ 87FA0C48C3B2E9FEE518818FE26B15B5, DA4042DE9897397AEDCEFF9F69746726237305DDE64464309B6DCC45E05E42F4 ] C:\Windows\System32\rasplap.dll
12:07:03.0968 0x0fbc C:\Windows\System32\rasplap.dll - ok
12:07:03.0968 0x0fbc [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] C:\Windows\System32\drivers\http.sys
12:07:03.0968 0x0fbc C:\Windows\System32\drivers\http.sys - ok
12:07:03.0968 0x0fbc [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] C:\Windows\System32\spoolsv.exe
12:07:03.0968 0x0fbc C:\Windows\System32\spoolsv.exe - ok
12:07:03.0968 0x0fbc [ 019CD868461B646E09BDF04474C19341, 01837EFACB02E52BC6E90C90C4CB01B11D56E449A37EA4FC2695507FF85EA9FE ] C:\Windows\System32\rasapi32.dll
12:07:03.0968 0x0fbc C:\Windows\System32\rasapi32.dll - ok
12:07:03.0978 0x0fbc [ B28DEEC597C8DEB70C744C7CF9210E3E, E777F192D822990CA6301B3FEA2AEA213FA7901438EB3328914ADF02B6C39DB9 ] C:\Windows\System32\rasman.dll
12:07:03.0978 0x0fbc C:\Windows\System32\rasman.dll - ok
12:07:03.0978 0x0fbc [ B53C4B69B695EDA1B7E41D35CA4244E2, 3D98E9B263CADA576E4057E059AFC867F6E3F1001F3B73C8BCF9066763A45D9D ] C:\Windows\System32\rtutils.dll
12:07:03.0978 0x0fbc C:\Windows\System32\rtutils.dll - ok
12:07:03.0978 0x0fbc [ E43BFE036DC44E864E211BE5761D81A6, 9BAE70A8950C0CF5D8318CB0F0F51F7D8734388AFC19B872E1E220FA652FCDE3 ] C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll
12:07:03.0978 0x0fbc C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll - ok
12:07:03.0988 0x0fbc [ CF74414BF4FE2F69D336AC05738217DC, 4A7539B5B878C4182B84C0D409833B40626652E84EEFA4DDC244400BCAB8D507 ] C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
12:07:03.0988 0x0fbc C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe - ok
12:07:03.0988 0x0fbc [ 9BC8610C32C96A2983A65DC21CAFA921, 2A4195F663C9D55939E3D8FEAA208090FDB0B8801A60164A7325B53104797CBC ] C:\Windows\System32\UXInit.dll
12:07:03.0988 0x0fbc C:\Windows\System32\UXInit.dll - ok
12:07:03.0988 0x0fbc [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] C:\Windows\System32\BFE.DLL
12:07:03.0988 0x0fbc C:\Windows\System32\BFE.DLL - ok
12:07:03.0998 0x0fbc [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] C:\Windows\System32\drivers\bowser.sys
12:07:03.0998 0x0fbc C:\Windows\System32\drivers\bowser.sys - ok
12:07:03.0998 0x0fbc [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] C:\Windows\System32\drivers\mpsdrv.sys
12:07:03.0998 0x0fbc C:\Windows\System32\drivers\mpsdrv.sys - ok
12:07:03.0998 0x0fbc [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] C:\Windows\System32\drivers\mrxsmb.sys
12:07:03.0998 0x0fbc C:\Windows\System32\drivers\mrxsmb.sys - ok
12:07:03.0998 0x0fbc [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] C:\Windows\System32\drivers\mrxsmb10.sys
12:07:03.0998 0x0fbc C:\Windows\System32\drivers\mrxsmb10.sys - ok
12:07:04.0008 0x0fbc [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] C:\Windows\System32\drivers\mrxsmb20.sys
12:07:04.0008 0x0fbc C:\Windows\System32\drivers\mrxsmb20.sys - ok
12:07:04.0008 0x0fbc [ C67F8A962B2534224D5908D16D2AD3CE, CAC1821F5E867285638AEE7AE33CE574BCCF16277AC5AD805650B48F7759B4B4 ] C:\Windows\System32\wfapigp.dll
12:07:04.0008 0x0fbc C:\Windows\System32\wfapigp.dll - ok
12:07:04.0008 0x0fbc [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] C:\Windows\System32\wkssvc.dll
12:07:04.0008 0x0fbc C:\Windows\System32\wkssvc.dll - ok
12:07:04.0018 0x0fbc [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] C:\Windows\System32\cryptsvc.dll
12:07:04.0018 0x0fbc C:\Windows\System32\cryptsvc.dll - ok
12:07:04.0018 0x0fbc [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] C:\Windows\System32\dps.dll
12:07:04.0018 0x0fbc C:\Windows\System32\dps.dll - ok
12:07:04.0018 0x0fbc [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] C:\Windows\System32\IKEEXT.DLL
12:07:04.0018 0x0fbc C:\Windows\System32\IKEEXT.DLL - ok
12:07:04.0028 0x0fbc [ A6B726DCA228F7878E38368A1BDC68BE, 30E8300B09B876E3D4B2A9215C9CC070EADF915E1268F425B6F8E0596A0D3539 ] C:\Windows\System32\cryptnet.dll
12:07:04.0028 0x0fbc C:\Windows\System32\cryptnet.dll - ok
12:07:04.0028 0x0fbc [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] C:\Windows\System32\nlasvc.dll
12:07:04.0028 0x0fbc C:\Windows\System32\nlasvc.dll - ok
12:07:04.0028 0x0fbc [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] C:\Windows\System32\pcasvc.dll
12:07:04.0028 0x0fbc C:\Windows\System32\pcasvc.dll - ok
12:07:04.0028 0x0fbc [ 1727B2A2F379A32B864C096FA794AADC, 87B77A5DF95F3A1C5ED6DEF820C7E384BEFCBAA2FE1BB4781AC6F777A081E5CC ] C:\Windows\System32\aepic.dll
12:07:04.0028 0x0fbc C:\Windows\System32\aepic.dll - ok
12:07:04.0038 0x0fbc [ D4FAC263861BAE06971C7F7D0A8EBF15, D494DEF0024288B9CC56EC6B500FF5828144BE9B8E7033340509EC5E68F8DED0 ] C:\Windows\System32\ncsi.dll
12:07:04.0038 0x0fbc C:\Windows\System32\ncsi.dll - ok
12:07:04.0038 0x0fbc [ C6DCD1D11ED6827F05C00773C3E7053C, EA23BE261C9C04F44215D254D7A80FD0AEE84C6F192D0FEE49A7CF74ED3CB1A6 ] C:\Windows\System32\sfc.dll
12:07:04.0038 0x0fbc C:\Windows\System32\sfc.dll - ok
12:07:04.0038 0x0fbc [ 895C9AB0A855547445C4181195230757, 89BDA385D8CCB75C3D7B1BDFA567AC441A931F4E499C0835FEE9D010343FABB6 ] C:\Windows\System32\sfc_os.dll
12:07:04.0038 0x0fbc C:\Windows\System32\sfc_os.dll - ok
12:07:04.0048 0x0fbc [ 58F4493BF748A3A89689997B7BD00E95, EC5DEEC73E357C7C87B001275C4E635011A9CF39419F2B86E2C2B8D7E388C551 ] C:\Windows\System32\winhttp.dll
12:07:04.0048 0x0fbc C:\Windows\System32\winhttp.dll - ok
12:07:04.0048 0x0fbc [ 603EBD34E216C5654A2D774EAC98D278, ACE0171BB780DB2C1B1A8BF6FA8CF51C529D7E09141FA504C7199AF764FD9A36 ] C:\Windows\System32\webio.dll
12:07:04.0048 0x0fbc C:\Windows\System32\webio.dll - ok
12:07:04.0048 0x0fbc [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] C:\Windows\System32\drivers\PEAuth.sys
12:07:04.0048 0x0fbc C:\Windows\System32\drivers\PEAuth.sys - ok
12:07:04.0058 0x0fbc [ 77B5035BC6EDF4D1B6265391AECEE4C0, FE69B715F04446BD42AF1B672E6AC54E954CFE0C847BFD2056CB11CF017B1844 ] C:\Windows\System32\vpnikeapi.dll
12:07:04.0058 0x0fbc C:\Windows\System32\vpnikeapi.dll - ok
12:07:04.0058 0x0fbc [ 788CB65D49D1162C5EE6814AFE5B0A70, 74072698692C8237F5041BB111C4E24B6583456FDA084895EA00B677B6FF64FC ] C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
12:07:04.0058 0x0fbc C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe - ok
12:07:04.0058 0x0fbc [ 0E2F58F6E698EDCB9E58FAD0CBCD0567, 426FB40A065FEF61980C803EF72D0D326C623340C3AE99CA8AFFDEFB81E8D49D ] C:\Windows\System32\vssapi.dll
12:07:04.0058 0x0fbc C:\Windows\System32\vssapi.dll - ok
12:07:04.0068 0x0fbc [ 287923557447D7E4BDD7E65B1F0F5428, 14D85A0F036F28D77AA9723C3D7E8C4DA9BDFF8A1AD9BEA6FE5756DBF5D00F08 ] C:\Windows\System32\vsstrace.dll
12:07:04.0068 0x0fbc C:\Windows\System32\vsstrace.dll - ok
12:07:04.0068 0x0fbc [ 2BBF3FDB70B8965DFA0258CBAB41ECCE, 4EFA41765E46E90C6CBDB0DC1E0CD375D7AB3307C477171EBAA6A16AC32E5211 ] C:\Windows\System32\ssdpapi.dll
12:07:04.0068 0x0fbc C:\Windows\System32\ssdpapi.dll - ok
12:07:04.0068 0x0fbc [ 5AA945234E9D4CCE4F715276B9AA712C, 65165BD131056816F009D987FC78AC86FFE0C3C38A27E73F873586B7FF4D59CF ] C:\Windows\System32\imageres.dll
12:07:04.0068 0x0fbc C:\Windows\System32\imageres.dll - ok
12:07:04.0078 0x0fbc [ 3F36301C48180EF463B07C1763EB613B, 0D25AE8D86B2D4F239DEBDC2123BE127E38EF2E37C043A795997FD83F7410DEB ] C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll
12:07:04.0078 0x0fbc C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll - ok
12:07:04.0078 0x0fbc [ CF83B6B8BD9CB08902C9CCBA4FB21992, FEE8ED20225E74346B0EE795A2B42E28BB8BE218C88092F376FB1F6C2ACF25AC ] C:\Windows\System32\nvsvc64.dll
12:07:04.0078 0x0fbc C:\Windows\System32\nvsvc64.dll - ok
12:07:04.0078 0x0fbc [ 1834B31C749B86DAC233BBBA1C03BC48, 27FCA9196842C0BB53CCAD895870A0EB10D2F8ED67E5486A4437067BD4BC4448 ] C:\Windows\System32\mscms.dll
12:07:04.0078 0x0fbc C:\Windows\System32\mscms.dll - ok
12:07:04.0078 0x0fbc [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] C:\Windows\System32\snmptrap.exe
12:07:04.0078 0x0fbc C:\Windows\System32\snmptrap.exe - ok
12:07:04.0088 0x0fbc [ 4004299B7AF4CBFF6540F1798899A11F, 5DD3AE149B7228A769F2FE95355795AC98ACD8CDFB78954A423A357F717203C3 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
12:07:04.0088 0x0fbc C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
12:07:04.0088 0x0fbc [ 2147C5330F983D76A36B73F4A804F778, 4B201E86B701FEA4754139BB3873DEB132932732F1B8EEEAE7C9DB891CC64D2E ] C:\Windows\System32\RdpGroupPolicyExtension.dll
12:07:04.0088 0x0fbc C:\Windows\System32\RdpGroupPolicyExtension.dll - ok
12:07:04.0088 0x0fbc [ 210FCACAF902B2CD47CF9FD17D846146, 3F77AC721E084864C5966FF5337A90185F62203DC19C685328675500D629CB87 ] C:\Windows\System32\aeevts.dll
12:07:04.0088 0x0fbc C:\Windows\System32\aeevts.dll - ok
12:07:04.0098 0x0fbc [ EF2AE43BCD46ABB13FC3E5B2B1935C73, 81FC06F306F620845D7DD8D06E706309E70BC89B589C81F3478302A3F5F73431 ] C:\Windows\System32\winmm.dll
12:07:04.0098 0x0fbc C:\Windows\System32\winmm.dll - ok
12:07:04.0098 0x0fbc [ E424B3EF666B184CEE0B6871AAA8C9F6, D182D9B3A813C75F88CA16A9C236AB6167DF5861D155B5DC016B90918C4BD579 ] C:\Windows\System32\msimg32.dll
12:07:04.0098 0x0fbc C:\Windows\System32\msimg32.dll - ok
12:07:04.0098 0x0fbc [ 44026ACD2B0E90D1FDD0E00FCA79805D, E8D15AE46F81CFDD905AF80584216AE852C8DC1B5B9E03A212377D933F0E3008 ] C:\Windows\System32\nvapi64.dll
12:07:04.0098 0x0fbc C:\Windows\System32\nvapi64.dll - ok
12:07:04.0108 0x0fbc [ 26323CF529FDDDD6259C58EC9874EEFC, 9762D36D11695E9B4CE1CC893A2B437C27F57FD0A748431E81F246FF84CC8E52 ] C:\Windows\System32\nvsvcr.dll
12:07:04.0108 0x0fbc C:\Windows\System32\nvsvcr.dll - ok
12:07:04.0108 0x0fbc [ A8EDB86FC2A4D6D1285E4C70384AC35A, 61B8955CE0A2AA9D0719920B30216717B349B6FBE11C697C31CFA84F859CC1AE ] C:\Windows\System32\dllhost.exe
12:07:04.0108 0x0fbc C:\Windows\System32\dllhost.exe - ok
12:07:04.0108 0x0fbc [ 9028D1621C43DF8DFBD1C76860412A11, A1D48D9B33180BDE50D2FA9BB07E9520B7B7788C39B3AABB4A06AE4B1AACA755 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll
12:07:04.0108 0x0fbc C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll - ok
12:07:04.0108 0x0fbc [ 0015ACFBBDD164A8A730009908868CA7, E1FF243AD2CF959FAB81EFE701592414991C03416FF296ADC93906E76B707C4D ] C:\Windows\System32\winspool.drv
12:07:04.0108 0x0fbc C:\Windows\System32\winspool.drv - ok
12:07:04.0118 0x0fbc [ CF636C92B762B26F0B39B38E92380A09, F7B8B0EA4536CE3BA33EE1BD0783F6AAD8C0EF69714E874D4A30B720A04C7A18 ] C:\Windows\System32\oleacc.dll
12:07:04.0118 0x0fbc C:\Windows\System32\oleacc.dll - ok
12:07:04.0118 0x0fbc [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] C:\Program Files (x86)\Skype\Updater\Updater.exe
12:07:04.0118 0x0fbc C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
12:07:04.0118 0x0fbc [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] C:\Windows\System32\drivers\secdrv.sys
12:07:04.0118 0x0fbc C:\Windows\System32\drivers\secdrv.sys - ok
12:07:04.0128 0x0fbc [ C733D233B623B7FFCE5031E4B756EE26, 33CC8B140B0E4A9B702E3468BE2646AEE4273F20C6EA5BAC6C3D8FC8EDEF0881 ] C:\Windows\SysWOW64\profapi.dll
12:07:04.0128 0x0fbc C:\Windows\SysWOW64\profapi.dll - ok
12:07:04.0128 0x0fbc [ A543AC1F7138376D778D630A35FCBC4C, 2D824C66A97FC8C39DAFA397CC47495B712D175EEF393486946DA8936BDD466A ] C:\Windows\SysWOW64\psapi.dll
12:07:04.0128 0x0fbc C:\Windows\SysWOW64\psapi.dll - ok
12:07:04.0128 0x0fbc [ 8CC3C111D653E96F3EA1590891491D71, 1D326D7D116D76876EE2B14A5BFB7B4328E21DB9B5AAAB9CB67F8EFB93924230 ] C:\Windows\SysWOW64\shlwapi.dll
12:07:04.0128 0x0fbc C:\Windows\SysWOW64\shlwapi.dll - ok
12:07:04.0138 0x0fbc [ D15618A0FF8DBC2C5BF3726BACC75A0B, ADD81EA1D208907D67802F0E96EC0327BA89021F870BA22B9C7E3A19013A6AE7 ] C:\Windows\SysWOW64\userenv.dll
12:07:04.0138 0x0fbc C:\Windows\SysWOW64\userenv.dll - ok
12:07:04.0138 0x0fbc [ 6A6B2EE4565A178035BE2A4FF6F2C968, E2E231F1C2E2CE19583483ACC53318651FA7CA2DE46BCB89B4CBF97CA0525122 ] C:\Windows\SysWOW64\wtsapi32.dll
12:07:04.0138 0x0fbc C:\Windows\SysWOW64\wtsapi32.dll - ok
12:07:04.0138 0x0fbc [ FF5688D309347F2720911D8796912834, 3B0D73C50D40A6F42629B7750F99F656BF5C1C50237D5F98B6C0F2CE5E2DA359 ] C:\Windows\SysWOW64\clbcatq.dll
12:07:04.0138 0x0fbc C:\Windows\SysWOW64\clbcatq.dll - ok
12:07:04.0138 0x0fbc [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] C:\Windows\System32\drivers\srvnet.sys
12:07:04.0138 0x0fbc C:\Windows\System32\drivers\srvnet.sys - ok
12:07:04.0148 0x0fbc [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] C:\Windows\System32\sysmain.dll
12:07:04.0148 0x0fbc C:\Windows\System32\sysmain.dll - ok
12:07:04.0148 0x0fbc [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] C:\Windows\System32\wiaservc.dll
12:07:04.0148 0x0fbc C:\Windows\System32\wiaservc.dll - ok
12:07:04.0148 0x0fbc [ 7321F18D1F820612ED0E9F2D4B578A7E, 612BD7DE1DFBD100BD6ACB37A38565D88C39842D990D296B9B8E1FB75C3A94E7 ] C:\Windows\SysWOW64\cryptsp.dll
12:07:04.0148 0x0fbc C:\Windows\SysWOW64\cryptsp.dll - ok
12:07:04.0158 0x0fbc [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] C:\Windows\System32\drivers\tcpipreg.sys
12:07:04.0158 0x0fbc C:\Windows\System32\drivers\tcpipreg.sys - ok
12:07:04.0158 0x0fbc [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5, BDA403E6CACC249C467671FB1FAF7B77FB019326BC18F9F6CF377104520E2654 ] C:\Windows\System32\wiatrace.dll
12:07:04.0158 0x0fbc C:\Windows\System32\wiatrace.dll - ok
12:07:04.0158 0x0fbc [ 5997D769CDB108390DCFAEBF442BF816, 0E25CA984C0EEB629184423FAA9BC6D4356DF9A93F281E06DC83B4AC638AEC4A ] C:\Windows\SysWOW64\RpcRtRemote.dll
12:07:04.0158 0x0fbc C:\Windows\SysWOW64\RpcRtRemote.dll - ok
12:07:04.0168 0x0fbc [ ED8EC63F7522DF4852147C84EC62C36A, 75633011CD28DCBD4834211A9D415F17DE15BFCD80FB9FF6CE25CBBD4E9899AF ] C:\Windows\SysWOW64\rsaenh.dll
12:07:04.0168 0x0fbc C:\Windows\SysWOW64\rsaenh.dll - ok
12:07:04.0168 0x0fbc [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] C:\Windows\System32\trkwks.dll
12:07:04.0168 0x0fbc C:\Windows\System32\trkwks.dll - ok
12:07:04.0168 0x0fbc [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] C:\Windows\System32\wbem\WMIsvc.dll
12:07:04.0168 0x0fbc C:\Windows\System32\wbem\WMIsvc.dll - ok
12:07:04.0168 0x0fbc [ 91A8E32B00BF7899EDAB6783287DDDA6, 49451722317AB42B3DE407EFCB9CC560C1455217AC3E2F11F74D08C1708473C5 ] C:\Windows\System32\PeerDistSh.dll
12:07:04.0168 0x0fbc C:\Windows\System32\PeerDistSh.dll - ok
12:07:04.0178 0x0fbc [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] C:\Windows\System32\provsvc.dll
12:07:04.0178 0x0fbc C:\Windows\System32\provsvc.dll - ok
12:07:04.0178 0x0fbc [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] C:\Windows\System32\sstpsvc.dll
12:07:04.0178 0x0fbc C:\Windows\System32\sstpsvc.dll - ok
12:07:04.0178 0x0fbc [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] C:\Windows\System32\drivers\srv2.sys
12:07:04.0178 0x0fbc C:\Windows\System32\drivers\srv2.sys - ok
12:07:04.0188 0x0fbc [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] C:\Windows\System32\drivers\srv.sys
12:07:04.0188 0x0fbc C:\Windows\System32\drivers\srv.sys - ok
12:07:04.0188 0x0fbc [ 7DB5AA22A8A8E5C2D335F44853C1F6DE, A734A20357026C42950394682A52CBC3AF956D09F1949E1B4E95467E999BC428 ] C:\Windows\System32\wbemcomn.dll
12:07:04.0188 0x0fbc C:\Windows\System32\wbemcomn.dll - ok
12:07:04.0188 0x0fbc [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] C:\Windows\System32\iphlpsvc.dll
12:07:04.0188 0x0fbc C:\Windows\System32\iphlpsvc.dll - ok
12:07:04.0188 0x0fbc [ 0C52762C606BCF6A377D5E4688191A6B, C58C9A73AD07E3B93AB186D0D47C5F1CB7197771DBEE40646C3B801645BB388F ] C:\Windows\System32\wbem\WmiDcPrv.dll
12:07:04.0198 0x0fbc C:\Windows\System32\wbem\WmiDcPrv.dll - ok
12:07:04.0198 0x0fbc [ 27B9E163740A226B65E4B9E186117911, 17411C6A6C1E699BC4B0C04D782FD9AA09CF577DBA41E743F7588904D489CB9F ] C:\Windows\System32\sqmapi.dll
12:07:04.0198 0x0fbc C:\Windows\System32\sqmapi.dll - ok
12:07:04.0198 0x0fbc [ A3F5E8EC1316C3E2562B82694A251C9E, F3DC6AA6A9D3B5BBC730668FC52C1D4BB5D515D404578BDDD3D4869A7ED58822 ] C:\Windows\System32\wbem\fastprox.dll
12:07:04.0198 0x0fbc C:\Windows\System32\wbem\fastprox.dll - ok
12:07:04.0198 0x0fbc [ 7B38D7916A7CD058C16A0A6CA5077901, 3F6DD990E2DA5D3BD6D65A72CBFB0FE79EB30B118A8AD71B6C9BB5581A622DCE ] C:\Windows\System32\wdscore.dll
12:07:04.0198 0x0fbc C:\Windows\System32\wdscore.dll - ok
12:07:04.0208 0x0fbc [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] C:\Windows\System32\browser.dll
12:07:04.0208 0x0fbc C:\Windows\System32\browser.dll - ok
12:07:04.0208 0x0fbc [ EE26D130808D16C0E417BBBED0451B34, 4886DCE4FAEF146A40BABD492A8000A2022FEA542A6135A9BAFD4CD09297B4E5 ] C:\Windows\System32\ntdsapi.dll
12:07:04.0208 0x0fbc C:\Windows\System32\ntdsapi.dll - ok
12:07:04.0208 0x0fbc [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] C:\Windows\System32\srvsvc.dll
12:07:04.0208 0x0fbc C:\Windows\System32\srvsvc.dll - ok
12:07:04.0218 0x0fbc [ CFEFA40DDE34659BE5211966EAD86437, AC0A3AD8AA47012C40785013E2273FC571F416BC9C9FFDA418FE72B3123C1FB0 ] C:\Windows\System32\netmsg.dll
12:07:04.0218 0x0fbc C:\Windows\System32\netmsg.dll - ok
12:07:04.0218 0x0fbc [ 0255C22D99602534F15CBB8D9B6F152F, 43CD89D6CA56E0B633142F7C86DA9E072EE0723B5EBC4CE8CCBCA58C396ECF54 ] C:\Windows\System32\wbem\WinMgmtR.dll
12:07:04.0218 0x0fbc C:\Windows\System32\wbem\WinMgmtR.dll - ok
12:07:04.0218 0x0fbc [ 666A60F6F5E719856FF6254E0966EFF7, 58C072E7E215991E19C1CA062C476081982F7B9F039714539AE7FEB4981C200F ] C:\Windows\System32\wbem\wbemprox.dll
12:07:04.0218 0x0fbc C:\Windows\System32\wbem\wbemprox.dll - ok
12:07:04.0218 0x0fbc [ A0A2C1D812C231C9BFE119FDC68E341B, F94446594EE17505956A715DFB28B51D09F00A7A65E56950661B889A57DE8FA8 ] C:\Windows\System32\IDStore.dll
12:07:04.0218 0x0fbc C:\Windows\System32\IDStore.dll - ok
12:07:04.0228 0x0fbc [ 4BB6C4E0EEF465A3437DC0DA5AA3DA2C, 23F76E636151856CE9A5084A11FB21DABEB2CBC1C5B225945012E589FB777E33 ] C:\Windows\System32\nvcpl.dll
12:07:04.0228 0x0fbc C:\Windows\System32\nvcpl.dll - ok
12:07:04.0228 0x0fbc [ 3F347AE13155C6B85DC5D8F9C4D63340, E97B2F21BF9FEED62BF929CFBFC880FD134D0D1C777D699EB45FCD1789D42C74 ] C:\Program Files\NVIDIA Corporation\Display\nvui.dll
12:07:04.0228 0x0fbc C:\Program Files\NVIDIA Corporation\Display\nvui.dll - ok
12:07:04.0228 0x0fbc [ FE4B17BC98CED4B2ED30B7933E82A27D, 2C3C356E8DB829C3E290EF2D708C888F0666C0D8B79E5821A2FB43303FFCB5D4 ] C:\Windows\System32\nvumdshimx.dll
12:07:04.0228 0x0fbc C:\Windows\System32\nvumdshimx.dll - ok
12:07:04.0238 0x0fbc [ 1C30CC9EBE1F9A405BF1C705608BBE12, 5F69BAC2FD2A6ADB1CB6D2817C5B2EBDA98FCA8F474218D442B56CF5C33E3D74 ] C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll
12:07:04.0238 0x0fbc C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll - ok
12:07:04.0238 0x0fbc [ 3B367397320C26DBA890B260F80D1B1B, 50BBE71B4380B5E86E197AF86F5C08266DD6B12344BA4ABDEA604B8C774C4147 ] C:\Windows\System32\hnetcfg.dll
12:07:04.0238 0x0fbc C:\Windows\System32\hnetcfg.dll - ok
12:07:04.0238 0x0fbc [ FF80CAD87555E8E4D2CFD7B9058343F8, 07653773FBEC1996408B8507B08E0E1E812830063F932F897F4B39EE63DDCDC4 ] C:\Windows\System32\sscore.dll
12:07:04.0238 0x0fbc C:\Windows\System32\sscore.dll - ok
12:07:04.0248 0x0fbc [ 03706015DB44368375AEBE6339490E66, 02EB28B5156E320C1EBABC03D37E94EB770A721B99E1DD276F8DC2A50D76C381 ] C:\Windows\System32\netcfgx.dll
12:07:04.0248 0x0fbc C:\Windows\System32\netcfgx.dll - ok
12:07:04.0248 0x0fbc [ 81749E073AC5857B044A686B406E5244, 3884EE705CA34235B29942FEDA8FEA654A21139B8C2A1D5E009C7D07D6E6ADF1 ] C:\Windows\System32\clusapi.dll
12:07:04.0248 0x0fbc C:\Windows\System32\clusapi.dll - ok
12:07:04.0248 0x0fbc [ 344FCC9850C3A8A3B4D3C65151AF8E4C, C38853454E153B1AB4AEAE1AAFB7CB4B2E6234208CF24C09F3B2AFE25E271C5C ] C:\Windows\System32\resutils.dll
12:07:04.0248 0x0fbc C:\Windows\System32\resutils.dll - ok
12:07:04.0248 0x0fbc [ 639774C9ACD063F028F6084ABF5593AD, 9DFD80610CBBC9188F6C6BC85C87016B0AE42254FC289C2B578E85282BDD9C23 ] C:\Windows\System32\taskhost.exe
12:07:04.0248 0x0fbc C:\Windows\System32\taskhost.exe - ok
12:07:04.0258 0x0fbc [ FEB91B4DA0D540865260A33838654FA3, 8636B008BA329D3E6CC235D08BA4C914EFF45DBFCB9297C893CCDA8D907BA946 ] C:\Windows\System32\nci.dll
12:07:04.0258 0x0fbc C:\Windows\System32\nci.dll - ok
12:07:04.0258 0x0fbc [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051, 8EFD0A6DE6F4E335D342782190008FB5AC84A6ADE49170B310DEC9AC48E623E8 ] C:\Windows\System32\localspl.dll
12:07:04.0258 0x0fbc C:\Windows\System32\localspl.dll - ok
12:07:04.0258 0x0fbc [ 88351B29B622B30962D2FEB6CA8D860B, A16CAD7D94C1C9807083BB36E9B4C3C14E6482C4CA2BDFACBCC86E737DDCE42E ] C:\Windows\System32\rasadhlp.dll
12:07:04.0258 0x0fbc C:\Windows\System32\rasadhlp.dll - ok
12:07:04.0268 0x0fbc [ 9FCA3A84338ADEF2AFF67CDA46EF8539, 087DF72096852AE98C56990EE6E68835BE95E7E49ECDDE8B54DAC11C9E07FE94 ] C:\Windows\System32\umb.dll
12:07:04.0268 0x0fbc C:\Windows\System32\umb.dll - ok
12:07:04.0268 0x0fbc [ 5EB55F661DEBF156E126160BCD4D89F8, 948D1F627AA55D55FB3B558BA61B8366C5481A6041820631F24408F75EA5D2CC ] C:\Windows\System32\wbem\wbemcore.dll
12:07:04.0268 0x0fbc C:\Windows\System32\wbem\wbemcore.dll - ok
12:07:04.0268 0x0fbc [ 3285481F5C12305CA104A6C493CA5A0B, ADB39B15D26A954B0F347C7BAFCC76DE5E3CF3CF05736E8987E0832AA7F8563C ] C:\Windows\System32\spoolss.dll
12:07:04.0268 0x0fbc C:\Windows\System32\spoolss.dll - ok
12:07:04.0278 0x0fbc [ FED24B6873814C0222E0F2705B893188, DF3C0BFF25DD7533F0459FA8A1FDEE03AB6FF21C705E480D34916946D806771F ] C:\Windows\System32\AdobePDF.dll
12:07:04.0278 0x0fbc C:\Windows\System32\AdobePDF.dll - ok
12:07:04.0278 0x0fbc [ C5AC93CF3BA30D367FB49148A2B673B9, 07B556039BBA841BC9F28979C3AD5D238B55391F921C9C805F3AFC9EFB437766 ] C:\Windows\System32\PrintIsolationProxy.dll
12:07:04.0278 0x0fbc C:\Windows\System32\PrintIsolationProxy.dll - ok
12:07:04.0278 0x0fbc [ 19E41CCCEE697CC9465396B370929792, A9FC4C33C71C3677FE57779380E55FDE2AC0B0C70A9DBCBA0D0B6FA92C709A7F ] C:\Windows\System32\FXSMON.dll
12:07:04.0278 0x0fbc C:\Windows\System32\FXSMON.dll - ok
12:07:04.0278 0x0fbc [ 32A3C8600AF124CBAAD845F13CFAE3CB, F36FE9E57D5C509FEECE890F9F8717F9CC6F762E32AE0B7DB7E0153370CE0B9D ] C:\Windows\System32\tcpmon.dll
12:07:04.0278 0x0fbc C:\Windows\System32\tcpmon.dll - ok
12:07:04.0288 0x0fbc [ 0E3A7EC2B9590EA7767BBB1823630DEA, 6858B7050465DB8505CF9E932868B123B925376C05363EA5A9198B2AE15CF728 ] C:\Windows\System32\msxml6.dll
12:07:04.0288 0x0fbc C:\Windows\System32\msxml6.dll - ok
12:07:04.0288 0x0fbc [ 93518C6EDE0B61BCBD02BDB02BD05FEE, 3637F5E5F15093AFB501EE910368CF900B422AC22669391FFA4198BBAE6F8FCB ] C:\Windows\System32\snmpapi.dll
12:07:04.0288 0x0fbc C:\Windows\System32\snmpapi.dll - ok
12:07:04.0288 0x0fbc [ FFF9D00CF16397C64317F213484F94BD, 94D0584E14BDB27F61F59A7BCEA529A1594261BE0CE74502C13E8865843BA414 ] C:\Windows\System32\wsnmp32.dll
12:07:04.0288 0x0fbc C:\Windows\System32\wsnmp32.dll - ok
12:07:04.0298 0x0fbc [ DF72A9936D0C3F517083119648814B09, 6BA4DCAC2F55A393A266ED0B2AF92B38141654D1666E3E143D85BBAF21663E1E ] C:\Windows\System32\usbmon.dll
12:07:04.0298 0x0fbc C:\Windows\System32\usbmon.dll - ok
12:07:04.0298 0x0fbc [ A1D7E3ADCDB07DDB6F423862DCB1A52B, 6191C33D2AE090F6F055D6AE211096CE8F003EC5518A5333EE1E376052176BAB ] C:\Windows\System32\WSDMon.dll
12:07:04.0298 0x0fbc C:\Windows\System32\WSDMon.dll - ok
12:07:04.0298 0x0fbc [ F1B205F932F62F94506A5F332C895DAF, F02F01F20F655DD919C71AE814E4C3DD43330AAD1425FC5B1497F1613917CCDE ] C:\Windows\System32\WSDApi.dll
12:07:04.0298 0x0fbc C:\Windows\System32\WSDApi.dll - ok
12:07:04.0298 0x0fbc [ C55516D98DD5D8F0153C2A9B4227DA86, DBC62B776CF06D0873A4C7CFCDF5B6F5C6E6C41917C326C090BCE58DC66EE09C ] C:\Windows\System32\webservices.dll
12:07:04.0298 0x0fbc C:\Windows\System32\webservices.dll - ok
12:07:04.0308 0x0fbc [ 4581716B4BF76ACFD8E167EB0B26D82A, 39D822527114EEED68044CCE4D542767F53978D9E0A7F72638F1CA9A016DE13B ] C:\Windows\System32\fdPnp.dll
12:07:04.0308 0x0fbc C:\Windows\System32\fdPnp.dll - ok
12:07:04.0308 0x0fbc [ B5055B51BAA0FD0A736A88653DA3C1C0, A3BD057C7E8C926930BA7E9D11427D26FB37267026A0B72AB4021101EE424F74 ] C:\Windows\System32\fundisc.dll
12:07:04.0308 0x0fbc C:\Windows\System32\fundisc.dll - ok
12:07:04.0308 0x0fbc [ 1D626FE2E13C1CE49CA0136CFF214E93, 4F02DD92045CF244979FFD074B2BDE6925A909227A474C60DCABE4384D916218 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
12:07:04.0308 0x0fbc C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
12:07:04.0318 0x0fbc [ 67CF11E00D026A5C0C88EA5F84D501E5, 5081A87466116232CF07F58229967B6C0CD3738B64A56EFC6BB3EBDA62E378F6 ] C:\Windows\System32\win32spl.dll
12:07:04.0318 0x0fbc C:\Windows\System32\win32spl.dll - ok
12:07:04.0318 0x0fbc [ 507D5567A0A4EE86C4B0CE2CE1777025, 408770B00CED498BF7782054F17A5CB361CF65429B0C816403D70E416E0EEF23 ] C:\Windows\System32\inetpp.dll
12:07:04.0318 0x0fbc C:\Windows\System32\inetpp.dll - ok
12:07:04.0318 0x0fbc [ 1BF0CB861A48FEB1638228760750F3CB, 37C781A8C546EAD8B4D28BD7D730B9AC78EB799599AD69DAD9054B6F9F1DD6BD ] C:\Windows\System32\cscapi.dll
12:07:04.0318 0x0fbc C:\Windows\System32\cscapi.dll - ok
12:07:04.0328 0x0fbc [ 087D8668C71634A3A3761135ABF16EEE, B7348A63299CFF4FFBF375E645A4850AE0F108D48D13AB25434CFAE7CF3D61FD ] C:\Windows\System32\wbem\esscli.dll
12:07:04.0328 0x0fbc C:\Windows\System32\wbem\esscli.dll - ok
12:07:04.0328 0x0fbc [ 5E36F8E4034A4B148CBA14EB535C47CA, C722B1F64CDC3035362D920047AF7E1933203468A59CEE13DDA4DFAF437AB110 ] C:\Windows\System32\KBDRU.DLL
12:07:04.0328 0x0fbc C:\Windows\System32\KBDRU.DLL - ok
12:07:04.0328 0x0fbc [ 008A367634CF8B0729CA5F5EAE1D9084, 3553178D38DEAEDD7DE39FD26E29B2D9457DDEA6FE3008B48F63B132AC51A65A ] C:\Windows\System32\KBDUR1.DLL
12:07:04.0328 0x0fbc C:\Windows\System32\KBDUR1.DLL - ok
12:07:04.0338 0x0fbc [ 718B6F51AB7F6FE2988A36868F9AD3AB, 76141B4E94C2766E2C34CEF523092948771A7893212EFADBE88D2171B85FF012 ] C:\Windows\System32\wbem\wbemsvc.dll
12:07:04.0338 0x0fbc C:\Windows\System32\wbem\wbemsvc.dll - ok
12:07:04.0338 0x0fbc [ 6CEF7856A3EFAC59470F6208F0F585CE, 0F7A80DB821FDE6580E9481B6DA44844F717DDB4983B0E3D562BE43726153951 ] C:\Windows\System32\mpr.dll
12:07:04.0338 0x0fbc C:\Windows\System32\mpr.dll - ok
12:07:04.0338 0x0fbc [ 94EEAC26F57811BD1AEFC164412F7FCE, 7390BCD7709D48DE75D7D6E06AA7356D1C58EE63F3CC2E07ABCD2E2FF6CC81CF ] C:\Windows\System32\PlaySndSrv.dll
12:07:04.0338 0x0fbc C:\Windows\System32\PlaySndSrv.dll - ok
12:07:04.0338 0x0fbc [ F162D5F5E845B9DC352DD1BAD8CEF1BC, 8A7B7528DB30AB123B060D8E41954D95913C07BB40CDAE32E97F9EDB0BAF79C7 ] C:\Windows\System32\dwm.exe
12:07:04.0338 0x0fbc C:\Windows\System32\dwm.exe - ok
12:07:04.0348 0x0fbc [ BAFE84E637BF7388C96EF48D4D3FDD53, 11C194D9ADCE90027272C627D7FBF3BA5025FF0F7B26A8333F764E11E1382CF9 ] C:\Windows\System32\userinit.exe
12:07:04.0348 0x0fbc C:\Windows\System32\userinit.exe - ok
12:07:04.0348 0x0fbc [ 4BA77A5EF71C14C764B0ED4701683E3E, 066A064CDBE09BF8BE1DF5B259F30FF6C124A1C3D637800D3E19E8E25EDB950E ] C:\Windows\System32\dwmcore.dll
12:07:04.0348 0x0fbc C:\Windows\System32\dwmcore.dll - ok
12:07:04.0348 0x0fbc [ FCFCD1101C5DA23B4B95F93D02B2C169, 040A086875B6C5475490A2F8B0CF4FF20DDB4FEDFE5FCABBA49692AA05F40527 ] C:\Windows\System32\dwmredir.dll
12:07:04.0348 0x0fbc C:\Windows\System32\dwmredir.dll - ok
12:07:04.0358 0x0fbc [ 9AE80F6A66B30E3ED8CDF858CF28B11B, A93E470DC54E3C74C10979D49CABB9A34893F9E847F88491F935DB44EEC3541A ] C:\Windows\System32\d3d10_1.dll
12:07:04.0358 0x0fbc C:\Windows\System32\d3d10_1.dll - ok
12:07:04.0358 0x0fbc [ 63F72417CA38D8FC8F53709649B589E3, 39AE8AFFCFB8A9E345FC4C6F11926F25552C464380F88CDECD299FD27AF7866B ] C:\Windows\System32\d3d10_1core.dll
12:07:04.0358 0x0fbc C:\Windows\System32\d3d10_1core.dll - ok
12:07:04.0358 0x0fbc [ 8DFB5752FCE145A6B295093C0A8BE131, F38029C8B36EFD46B1F6CCA0089FF4EFB0AB246497E38EDFF6A67FAC804D4A97 ] C:\Windows\System32\dxgi.dll
12:07:04.0358 0x0fbc C:\Windows\System32\dxgi.dll - ok
12:07:04.0368 0x0fbc [ 9BB99503D6A4DD62569EDE9E5E2672A5, 6F4EA5BC50B1F929735246485263078BEF1B3BEB33F78CB1F483F13AA226C27E ] C:\Windows\System32\HotStartUserAgent.dll
12:07:04.0368 0x0fbc C:\Windows\System32\HotStartUserAgent.dll - ok
12:07:04.0368 0x0fbc [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA, 8A6ACEFAB95E5275CBFBE6CCB5A6C3A6A471260B279B9063E86B9C7765E18656 ] C:\Windows\System32\MsCtfMonitor.dll
12:07:04.0368 0x0fbc C:\Windows\System32\MsCtfMonitor.dll - ok
12:07:04.0368 0x0fbc [ 4C92EB7535CAA1681A77D928FBF9771F, 7D02B2357CA02393CA711C3C499AAD86B792EEFFDC67F2CE52F7F7BB8A28DE79 ] C:\Windows\System32\d3d11.dll
12:07:04.0368 0x0fbc C:\Windows\System32\d3d11.dll - ok
12:07:04.0368 0x0fbc [ 332FEAB1435662FC6C672E25BEB37BE3, 6BED1A3A956A859EF4420FEB2466C040800EAF01EF53214EF9DAB53AEFF1CFF0 ] C:\Windows\explorer.exe
12:07:04.0368 0x0fbc C:\Windows\explorer.exe - ok
12:07:04.0378 0x0fbc [ F94E505636D9D913A33F79329E2F7998, 6384050295C0887EBFDE321E5506990F2515F3CAA5E0571B0BBFBCA36742CC5B ] C:\Windows\System32\nvwgf2umx.dll
12:07:04.0378 0x0fbc C:\Windows\System32\nvwgf2umx.dll - ok
12:07:04.0378 0x0fbc [ EED05D42D91835064703E2318552ED25, E9EE1E2253445B207B76F5D3073C612ED979A982522C1515E0FE8FA9641AE568 ] C:\Windows\System32\ExplorerFrame.dll
12:07:04.0378 0x0fbc C:\Windows\System32\ExplorerFrame.dll - ok
12:07:04.0378 0x0fbc [ 024352FEEC9042260BB4CFB4D79A206B, 60CB39086E10C5B66EBC15E4DF219620B344B4358D2918AB6BB3448A0AC8BE36 ] C:\Windows\System32\EhStorShell.dll
12:07:04.0378 0x0fbc C:\Windows\System32\EhStorShell.dll - ok
12:07:04.0388 0x0fbc [ 32802C0F6FC7C8F561B9D91F52A46421, EE02CF54FC3626D85849EF14D9B7B57419F12D1DD0735C25ECBD987EE53F634B ] C:\Windows\System32\cscui.dll
12:07:04.0388 0x0fbc C:\Windows\System32\cscui.dll - ok
12:07:04.0388 0x0fbc [ 7EE5F17A21D9A9101207DF4BC37B085D, C07A56D52449B9F126B617FB4EFDC22EFE043C9B257B01967EA2FCCCA6216763 ] C:\Windows\System32\cscdll.dll
12:07:04.0388 0x0fbc C:\Windows\System32\cscdll.dll - ok
12:07:04.0388 0x0fbc [ 037A719DAD50603202C978CD802623E4, BD4C222913D32D7CF5FE0201FEBE7BD67FC39DF47A7A672C2D6C228A6E13B5DE ] C:\Windows\System32\ntshrui.dll
12:07:04.0388 0x0fbc C:\Windows\System32\ntshrui.dll - ok
12:07:04.0398 0x0fbc [ 1D63F4366288B8A7595397E27010FD44, 99EA4DDD88D9C4A4CC9B238F533CB4D2C062D46239173997E8594D8A75811A01 ] C:\Windows\System32\IconCodecService.dll
12:07:04.0398 0x0fbc C:\Windows\System32\IconCodecService.dll - ok
12:07:04.0398 0x0fbc [ 0143DB80DACFB7C2B5B7009ED9063353, 252885CF7C1BAB89B86908373546E5F5D674BEF7AACBDDCF321AD877CB9150A9 ] C:\Windows\System32\wbem\wmiutils.dll
12:07:04.0398 0x0fbc C:\Windows\System32\wbem\wmiutils.dll - ok
12:07:04.0398 0x0fbc [ 0AB34456654C283DAA13B8D2BA21439B, 4B70FC5195DE39564E951C8542020BA3D4257E3D4488F69825F67A6099CB7549 ] C:\Windows\System32\wbem\repdrvfs.dll
12:07:04.0398 0x0fbc C:\Windows\System32\wbem\repdrvfs.dll - ok
12:07:04.0408 0x0fbc [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] C:\Windows\System32\hidserv.dll
12:07:04.0408 0x0fbc C:\Windows\System32\hidserv.dll - ok
12:07:04.0408 0x0fbc [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] C:\Windows\System32\wpdbusenum.dll
12:07:04.0408 0x0fbc C:\Windows\System32\wpdbusenum.dll - ok
12:07:04.0408 0x0fbc [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] C:\Windows\System32\appinfo.dll
12:07:04.0408 0x0fbc C:\Windows\System32\appinfo.dll - ok
12:07:04.0418 0x0fbc [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] C:\Windows\System32\wdi.dll
12:07:04.0418 0x0fbc C:\Windows\System32\wdi.dll - ok
12:07:04.0418 0x0fbc [ F7073C962C4FB7C415565DDE109DE49F, 781E7088DCEFBC34A808C3E7DA41A56112B3F23ABE9F54B5EF4D5CD9CD016B1D ] C:\Windows\System32\npmproxy.dll
12:07:04.0418 0x0fbc C:\Windows\System32\npmproxy.dll - ok
12:07:04.0418 0x0fbc [ 49E5753D923F1AC63B22D3DCB0B47E00, 14CEC0BF5F625FF839A8D79B4A6B7C4AC0CBB705FD197C6B7FF8617C6C3E34FE ] C:\Windows\System32\uDWM.dll
12:07:04.0418 0x0fbc C:\Windows\System32\uDWM.dll - ok
12:07:04.0428 0x0fbc [ 4449D23E8F197862F1B16F1E6C89C36C, 93AF52BF8E870C0381F027D3BB8F6829E449242074472F1593EB8172D7EB6559 ] C:\Windows\System32\diagperf.dll
12:07:04.0428 0x0fbc C:\Windows\System32\diagperf.dll - ok
12:07:04.0428 0x0fbc [ 9719E3D834F5C8C43F56A93DFA497023, 4D78D4BD4835C0A237821967156C19DF4B90384A6BCB1F48CEAF35D003A0099A ] C:\Windows\System32\pnpts.dll
12:07:04.0428 0x0fbc C:\Windows\System32\pnpts.dll - ok
12:07:04.0428 0x0fbc [ E811F8510B133E70CF6E509FB809824F, 82541F2B15748250462B67B6C77530D4F7C45A1482237EC49B28F9FA5A414108 ] C:\Windows\System32\wdiasqmmodule.dll
12:07:04.0428 0x0fbc C:\Windows\System32\wdiasqmmodule.dll - ok
12:07:04.0438 0x0fbc [ 025E7DBDB98866ED3CB2D4DDA70B364D, 78962F23F066E362AF1A4B98FA7D5E30AF30C561307438503031D30C944B6A6E ] C:\Windows\System32\runonce.exe
12:07:04.0438 0x0fbc C:\Windows\System32\runonce.exe - ok
12:07:04.0438 0x0fbc [ D44741F65A1D71F65814A12CF6E2400A, C6721F830675ADC7E7FDE2B5E822E56F6A063146F5066F1E25EBFE86F0A87136 ] C:\Windows\SysWOW64\runonce.exe
12:07:04.0438 0x0fbc C:\Windows\SysWOW64\runonce.exe - ok
12:07:04.0438 0x0fbc [ DDD0357A92FA843EFF8915ED17253D6C, 0C78B1D41F0A7821186ADF653504F2BFF067CB512CB0E932047C301378BBADB6 ] C:\Windows\System32\wbem\WmiPrvSD.dll
12:07:04.0438 0x0fbc C:\Windows\System32\wbem\WmiPrvSD.dll - ok
12:07:04.0448 0x0fbc [ D41FEBD098234F02485A4EA98D4730A4, 462DC8168C444F35B43BA3B8F7D77734665D84F1C6D25CAD7391C0145961628F ] C:\Windows\System32\ncobjapi.dll
12:07:04.0448 0x0fbc C:\Windows\System32\ncobjapi.dll - ok
12:07:04.0448 0x0fbc [ 6F40D6FB05E0C1E5402812B426971AF0, E41F138F0F2DB057F8DBB1587237C6FA8A2059B3D64EC894D1DC492A18DBBDED ] C:\Windows\System32\wbem\wbemess.dll
12:07:04.0448 0x0fbc C:\Windows\System32\wbem\wbemess.dll - ok
12:07:04.0448 0x0fbc [ 352B3DC62A0D259A82A052238425C872, 393B24E0D6007C74AEE2FB2EE2C18623D37DF64E279B6767952DCFEE0EACBB10 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
12:07:04.0448 0x0fbc C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
12:07:04.0448 0x0fbc [ E9D88493FBDB36D4B65C6F2F7F122C95, 226B05B57C1F509A48C7EC22B71E60202AC34995ECA50075EE16B87EAC366BF5 ] C:\Windows\SysWOW64\shell32.dll
12:07:04.0448 0x0fbc C:\Windows\SysWOW64\shell32.dll - ok
12:07:04.0458 0x0fbc [ 43964FA89CCF97BA6BE34D69455AC65F, 10E3B89A5470E1BB6F73382135DD2352F5073C1EE8485D7476CFB5122D4AAA2F ] C:\Windows\SysWOW64\uxtheme.dll
12:07:04.0458 0x0fbc C:\Windows\SysWOW64\uxtheme.dll - ok
12:07:04.0458 0x0fbc [ 12C45E3CB6D65F73209549E2D02ECA7A, 9DFD9C58B90257C34D52B7156C1D2566BE32EE7BD4699DDE164A5F190EC4D44A ] C:\Windows\SysWOW64\propsys.dll
12:07:04.0458 0x0fbc C:\Windows\SysWOW64\propsys.dll - ok
12:07:04.0458 0x0fbc [ 7C44C697BA6D0B698B91AC6516A731C3, AD563098060DC213FBE3E7490D8EA4FA34C070CA2BBA05D27166A4E3CC2C6825 ] C:\Windows\SysWOW64\urlmon.dll
12:07:04.0458 0x0fbc C:\Windows\SysWOW64\urlmon.dll - ok
12:07:04.0468 0x0fbc [ 1C60E09CA1C3A045BC4D367F67C915B7, DF1ED88CB57DA1AB1A4245AE0D5B42AFA3396EBF67B99411FFFB0DD06DE1AEAF ] C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
12:07:04.0468 0x0fbc C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
12:07:04.0468 0x0fbc [ 6A13B4F3B3F575F1E24B877B9359AABA, 676AD5F8F709D4A9DCE9938D82DEEE329C9A385A6969C169B3DF37AA75F1E4C7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
12:07:04.0468 0x0fbc C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
12:07:04.0468 0x0fbc [ 2E33DFD10F28F86C3FC40EE123CC3904, 57C65671A04EFCA437A69E8E97B2FCA17897EE4608C7DB69F77D44FBD3490B50 ] C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
12:07:04.0468 0x0fbc C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
12:07:04.0478 0x0fbc [ 6951562DC4625EEFC6EACD52AD165866, 44A0B3EA0232D613A5B4115492DF2A7CEF25B35300E6A3E3E50C9544C5D1049E ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
12:07:04.0478 0x0fbc C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
12:07:04.0478 0x0fbc [ 589CBC4989F750E1DA35625AB481CF43, B93E1B8C3775F9C995FD5451C685A06DEFD24AE1DF0DD99D19D5E4B9AC0010F9 ] C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
12:07:04.0478 0x0fbc C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll - ok
12:07:04.0478 0x0fbc [ 3BE0D923AA45A4DBE091C2D84F0B4FE7, 603EEC55D6F646150FC3F0F2C939CFE434C02FC7A7AB23B1FEC8B5C77E4C8381 ] C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
12:07:04.0478 0x0fbc C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll - ok
12:07:04.0478 0x0fbc [ 084FB28A790685F32A6D7D003777696D, A7227798EA4F4D069F9D560A8B699AA2E12603363FA89BC24EB86EB76AA7B7F6 ] C:\Windows\SysWOW64\iertutil.dll
12:07:04.0478 0x0fbc C:\Windows\SysWOW64\iertutil.dll - ok
12:07:04.0488 0x0fbc [ CCC198257901BEEA2FBF8EB1E7678356, 49171A3BDE4331F079424428D2308673F43E3F4CE6F45480C10A18FE5283F5AB ] C:\Windows\SysWOW64\wininet.dll
12:07:04.0488 0x0fbc C:\Windows\SysWOW64\wininet.dll - ok
12:07:04.0488 0x0fbc [ 49ACA548B2423F1C67898E6AC719A9A6, 23D84137EAB9AFDD31CBB6776B6B25AD135A120AF7F7885EB5BBF9E0A2CCC4C1 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
12:07:04.0488 0x0fbc C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
12:07:04.0488 0x0fbc [ A0E053D8D97ED0F913D56E6AF21DD26F, 99B8A1DABDDD28E3C0D377D3245C15B1B788FBE444BD625252E4E513B1DD4F17 ] C:\Windows\SysWOW64\secur32.dll
12:07:04.0488 0x0fbc C:\Windows\SysWOW64\secur32.dll - ok
12:07:04.0498 0x0fbc [ 863F793D15B4026B1A5FDECA873D4D84, AF7ABD95BB5467551562F129F03C7AC9D52A021F7E547609F40A80E66932C942 ] C:\Windows\SysWOW64\apphelp.dll
12:07:04.0498 0x0fbc C:\Windows\SysWOW64\apphelp.dll - ok
12:07:04.0498 0x0fbc [ AD7B9C14083B52BC532FBA5948342B98, 17F746D82695FA9B35493B41859D39D786D32B23A9D2E00F4011DEC7A02402AE ] C:\Windows\SysWOW64\cmd.exe
12:07:04.0498 0x0fbc C:\Windows\SysWOW64\cmd.exe - ok
12:07:04.0498 0x0fbc [ E1B22739C933BE33F53DB58C5393ADD3, 26EE0DD091D2E00DECC774DC1EEDFFDE69AF74B0C769CCBE091AFC32C66E4207 ] C:\Windows\System32\Apphlpdm.dll
12:07:04.0498 0x0fbc C:\Windows\System32\Apphlpdm.dll - ok
12:07:04.0508 0x0fbc [ 46863C4CC5B68EB09EA2D5EEF0F1193A, 9B5593E1F484AC8F96F89A5995FB1FE9C51CB2F0F545607F6850751191150CFE ] C:\Windows\System32\radardt.dll
12:07:04.0508 0x0fbc C:\Windows\System32\radardt.dll - ok
12:07:04.0508 0x0fbc [ 1075AB2C077B415760C0E948856B5126, D67804B4A038FC06BD84CBF9C047DD4C13073622027F825371DB98867EF4E9B9 ] C:\Windows\System32\wer.dll
12:07:04.0508 0x0fbc C:\Windows\System32\wer.dll - ok
12:07:04.0508 0x0fbc [ E64D9EC8018C55873B40FDEE9DBEF5B3, 2DB11E7C631A9887CB75AFEAD2C79EC65F82C51F5F073CEFC8CDDF664EFF29C1 ] C:\Windows\System32\PortableDeviceApi.dll
12:07:04.0508 0x0fbc C:\Windows\System32\PortableDeviceApi.dll - ok
12:07:04.0508 0x0fbc [ AFA79C343F9D1555F7E5D5FA70BB2A14, 440EF3ADC1F5C7A5ED3E872C8D8DFA61B039454C3CA67F8A51CA8BDCFDC4BA4A ] C:\Windows\System32\PortableDeviceConnectApi.dll
12:07:04.0508 0x0fbc C:\Windows\System32\PortableDeviceConnectApi.dll - ok
12:07:04.0518 0x0fbc [ F5CEF064C7E6D95DA86B9D064A56A969, F118CD4364690F37A07AE458E043E8CFBA98F332DC9E7228C83409CF26F6EF6D ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
12:07:04.0518 0x0fbc C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
12:07:04.0518 0x0fbc [ E629F1A051C82795DDFFD3E8D4855811, 6E4DFFEAB2795C98EA6DCAF10EA6D97413D0F8CA0C04869CB20B74FF4D6FE679 ] C:\Windows\System32\dimsjob.dll
12:07:04.0518 0x0fbc C:\Windows\System32\dimsjob.dll - ok
12:07:04.0518 0x0fbc [ F09A9A1AD21FE618C4C8B0A0D830C886, 29831DDAB2AB105358FBC067CDF96428220B6743CD6019F6FE74BAC7AF325E7E ] C:\Windows\System32\msutb.dll
12:07:04.0518 0x0fbc C:\Windows\System32\msutb.dll - ok
12:07:04.0528 0x0fbc [ BF4AC709BE5BF64F331F5D67773A0C82, 96E5A2A12D386B8A7976FEC76FD350E6A3EEBDF5763F4BBF4AB18880E9F269E0 ] C:\Windows\System32\perftrack.dll
12:07:04.0528 0x0fbc C:\Windows\System32\perftrack.dll - ok
12:07:04.0528 0x0fbc [ 522B0466ED967A0762E9AF5B37D8F40A, B14C62D059BC7CF430E1B0F6E18E31EFD1959EFB3025A2B0EBB11751F38DD6D4 ] C:\Windows\System32\esent.dll
12:07:04.0528 0x0fbc C:\Windows\System32\esent.dll - ok
12:07:04.0528 0x0fbc [ 35CB97CBC3EDC463418ED4997AAB29B6, EE60EABE2D87CEDD68FB8985B6C5D70930015FB2B8DB9FDCB4044587BC6ECA4C ] C:\Windows\System32\pautoenr.dll
12:07:04.0528 0x0fbc C:\Windows\System32\pautoenr.dll - ok
12:07:04.0528 0x0fbc [ BF95EA5809E3BBF55370F7CB309FEBD0, 62ADBA6E1A7DDDEFA971580161F30896DFFC27EB4EB82E3CC72062D57DA66500 ] C:\Windows\System32\conhost.exe
12:07:04.0528 0x0fbc C:\Windows\System32\conhost.exe - ok
12:07:04.0538 0x0fbc [ 326C7F76A29897A892AA7726E91C1C67, 64305346B06EC14976130B0B80F14B4D5AB63E5B2A6A7B872EC9CE2BF8FADCD2 ] C:\Windows\SysWOW64\winbrand.dll
12:07:04.0538 0x0fbc C:\Windows\SysWOW64\winbrand.dll - ok
12:07:04.0538 0x0fbc [ FC733FD7721200D5136F6F8112E97B00, 28391C155B2E1183F8E77F1ED21244DC8FAF982E61A0D324AE2372447349E183 ] C:\Windows\SysWOW64\ieframe.dll
12:07:04.0538 0x0fbc C:\Windows\SysWOW64\ieframe.dll - ok
12:07:04.0538 0x0fbc [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] C:\Windows\System32\aelupsvc.dll
12:07:04.0538 0x0fbc C:\Windows\System32\aelupsvc.dll - ok
12:07:04.0548 0x0fbc [ 60F4AEFA103D421EA4A40E31409B4756, 037A8605CA504A4FF43E9D4DE9017CEA1E26D3556C975872C747E24D8B0835EF ] C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
12:07:04.0548 0x0fbc C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
12:07:04.0548 0x0fbc [ D40E7B5FBB8E0EAA7C5C294389AF95AB, 8EFD521DF1F335AF416DEC15D5C0C6538903803AA1A8ED93AA704B384A29876B ] C:\Temp\{A28F616B-F5E9-4ECA-A2E3-C722268C910C}.exe
12:07:04.0548 0x0fbc C:\Temp\{A28F616B-F5E9-4ECA-A2E3-C722268C910C}.exe - ok
12:07:04.0548 0x0fbc [ 2C4A87CA8C00E98EFDCFA2E8EC9A3503, DA59CE662E98E56D89E2894D2AC8B9F324C16DA23C860640EDC2C82E0AD06097 ] C:\Windows\SysWOW64\shdocvw.dll
12:07:04.0548 0x0fbc C:\Windows\SysWOW64\shdocvw.dll - ok
12:07:04.0548 0x0fbc [ E7B9D5FF20FFDD4AAE2EF1D1B8C27A37, 689D126B1B42140D5049015E3E324268E6542D4BC6CC14E31D8B89A25B94BAA5 ] C:\Windows\SysWOW64\imagehlp.dll
12:07:04.0548 0x0fbc C:\Windows\SysWOW64\imagehlp.dll - ok
12:07:04.0558 0x0fbc [ C61DDFE40204F3BE3DF111981D91560E, 450D5E608D344B2186A73F5421CAF1792902BFB428182D6C5A971C5E0686842F ] C:\Windows\SysWOW64\ncrypt.dll
12:07:04.0558 0x0fbc C:\Windows\SysWOW64\ncrypt.dll - ok
12:07:04.0558 0x0fbc [ CE71B9119A258EDD0A05B37D7B0F92E3, D9310C5BBFE089B8C81E259C462EC1E6D7A7A87FA59FC1F174ED5C58D409AE7A ] C:\Windows\SysWOW64\bcrypt.dll
12:07:04.0558 0x0fbc C:\Windows\SysWOW64\bcrypt.dll - ok
12:07:04.0558 0x0fbc [ E8449FE262D7406BCB2AC2A45C53EC5F, 6C118C9FB26404D1943824CF3990F36E12986547FFACB7CC0DF975A913065D78 ] C:\Windows\SysWOW64\bcryptprimitives.dll
12:07:04.0558 0x0fbc C:\Windows\SysWOW64\bcryptprimitives.dll - ok
12:07:04.0568 0x0fbc [ 1097F3035BAF46CED8B332B3564C5108, C69781683CA963A1335780DABBBC60E2C3CEF0888738D3425D358D12E8D0AF58 ] C:\Windows\SysWOW64\gpapi.dll
12:07:04.0568 0x0fbc C:\Windows\SysWOW64\gpapi.dll - ok
12:07:04.0568 0x0fbc [ 7B851A8018B1EA00A69707A390004884, DAE654713EF1DC66C8C2D27752B659081794063A7D522D1F680AA9A6E7FBA9FD ] C:\Windows\SysWOW64\cryptnet.dll
12:07:04.0568 0x0fbc C:\Windows\SysWOW64\cryptnet.dll - ok
12:07:04.0568 0x0fbc [ 6F8E3B7B70E1BBA871212940C1FBDF60, 3F9D4EE64E4210340C6FEE0DE81BFE3C613DDBE608EC09D63817D24CE24BFC5E ] C:\Windows\SysWOW64\SensApi.dll
12:07:04.0568 0x0fbc C:\Windows\SysWOW64\SensApi.dll - ok
12:07:04.0568 0x0fbc [ A8BB45F9ECAD993461E0FEF8E2A99152, ACB756EA54E71F124D928829666B5B439785593877FF7C0C76ADCF954F4E6C94 ] C:\Windows\SysWOW64\Wldap32.dll
12:07:04.0568 0x0fbc C:\Windows\SysWOW64\Wldap32.dll - ok
12:07:04.0578 0x0fbc [ 94DFBB481BF51158B216E23C5C1C9D6E, 0199086A70B9B63E48A7A15C8AE5442E9C6BC0173BD80A104DE1BE6A6C25F202 ] C:\Windows\System32\certcli.dll
12:07:04.0578 0x0fbc C:\Windows\System32\certcli.dll - ok
12:07:04.0578 0x0fbc [ 263B26106606A010CF877472B535E4BB, 43ECE89E428D2BB34244894BEBA1B946B0767649D15B1C715223E4E471A9E504 ] C:\Windows\System32\CertEnroll.dll
12:07:04.0578 0x0fbc C:\Windows\System32\CertEnroll.dll - ok
12:07:04.0578 0x0fbc [ CA9F7888B524D8100B977C81F44C3234, 57F3353F89724147D8AC8B69B12C1303DF26978309776F5F8CCF074526A915D3 ] C:\Windows\SysWOW64\winhttp.dll
12:07:04.0578 0x0fbc C:\Windows\SysWOW64\winhttp.dll - ok
12:07:04.0588 0x0fbc [ FB19FC5951A88F3C523E35C2C98D23C0, FF0DB8BF0C68DA0D09272E8181D2B5409C8850BB2F31AEA3AC4CD14C5A420A59 ] C:\Windows\SysWOW64\webio.dll
12:07:04.0588 0x0fbc C:\Windows\SysWOW64\webio.dll - ok
12:07:04.0588 0x0fbc [ 6377051C63D5552A311935C67E9FDFDC, 3FB82988AAB66813567E8DB951D4EE87F156201070F005FDBF52EF998A323E65 ] C:\Windows\SysWOW64\nsi.dll
12:07:04.0588 0x0fbc C:\Windows\SysWOW64\nsi.dll - ok
12:07:04.0588 0x0fbc [ 7FF15A4F092CD4A96055BA69F903E3E9, 1B594E6D057C632ABB3A8CF838157369024BD6B9F515CA8E774B22FE71A11627 ] C:\Windows\SysWOW64\ws2_32.dll
12:07:04.0588 0x0fbc C:\Windows\SysWOW64\ws2_32.dll - ok
12:07:04.0588 0x0fbc [ E3ECF5FFE3DEDF61DC6877B6A99ACBBF, 2944FE9035882830799F18B7A98112BA66F16994694CA0CFFC77306775F5EDB2 ] C:\Windows\SysWOW64\credssp.dll
12:07:04.0588 0x0fbc C:\Windows\SysWOW64\credssp.dll - ok
12:07:04.0598 0x0fbc [ E94C583CDE2348950155F2AF2876F34D, D00C7E0D665E467B712C68A446CC5BE14FDA743A2301878B3CEB72CDD0A8B8E7 ] C:\Windows\SysWOW64\mswsock.dll
12:07:04.0598 0x0fbc C:\Windows\SysWOW64\mswsock.dll - ok
12:07:04.0598 0x0fbc [ 81F6C1AE23B1C493D9E996C3103915D7, E22408B4D2EDE2F89E686A4FDCD4057BE27B86D050E9CB489F0FFB39C72AEC1D ] C:\Windows\SysWOW64\dhcpcsvc6.dll
12:07:04.0598 0x0fbc C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
12:07:04.0598 0x0fbc [ A90DC9ABD65DB1A8902F361103029952, 26798758976CE53251AC342B966BE0363AE1794BD965C452F5DEBC33E18969F0 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
12:07:04.0598 0x0fbc C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
12:07:04.0608 0x0fbc [ CFF35B879D1618D42C86644C717BA947, 1837275202628D3320867A3BF8CFDA15491730C4B74215F7C0D7E140BF01AC3C ] C:\Windows\SysWOW64\winnsi.dll
12:07:04.0608 0x0fbc C:\Windows\SysWOW64\winnsi.dll - ok
12:07:04.0608 0x0fbc [ 73E8667A19FEEDD856DF2695E9E511D4, 68D66C36D1F293D10ADCC6A33C870F989A29743537592CF172F02E794BEAFD1C ] C:\Windows\SysWOW64\wship6.dll
12:07:04.0608 0x0fbc C:\Windows\SysWOW64\wship6.dll - ok
12:07:04.0608 0x0fbc [ EE5C8E27C37B79CB54A2FCEEED2DC262, 0A5E200FD65A491756B951A4A0ED39B88B7B313E97C2BBF3C91AC4C290772BB7 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
12:07:04.0608 0x0fbc C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
12:07:04.0608 0x0fbc [ 9A85ABCE0FDD1AF8E79E731EB0B679F3, 2A610BEB16610FE2F2E9A50477A62A05481E8A5843A814955A0EDFF45D0304B3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
12:07:04.0608 0x0fbc C:\Windows\SysWOW64\dhcpcsvc.dll - ok
12:07:04.0618 0x0fbc [ 58A0CDABEA255616827B1C22C9994466, 4FE1140AA8D3995579DE8CDF4ECAD1978804D05351EABB4079A63B303EF1B451 ] C:\Windows\System32\NapiNSP.dll
12:07:04.0618 0x0fbc C:\Windows\System32\NapiNSP.dll - ok
12:07:04.0618 0x0fbc [ 613C8CE10A5FDE582BA5FA64C4D56AAA, 30507B6BA79E1A271B07BBA58B4FF463678BE0960266A1D5E88031E932D768B6 ] C:\Windows\System32\pnrpnsp.dll
12:07:04.0618 0x0fbc C:\Windows\System32\pnrpnsp.dll - ok
12:07:04.0618 0x0fbc [ 2E2072EB48238FCA8FBB7A9F5FABAC45, AC70B9FC24847EEC2E18008F2894DCDAC19A9C90D5D88729326E493CA524F5C3 ] C:\Windows\System32\winrnr.dll
12:07:04.0618 0x0fbc C:\Windows\System32\winrnr.dll - ok
12:07:04.0628 0x0fbc [ 39C5F32747B3414D1BB216FDB1DEFC58, 6FAE64CB9748304090113903A5AE9E7154BE16BA2EEA7AB3EF04AB9D79B81380 ] C:\Windows\SysWOW64\dwmapi.dll
12:07:04.0628 0x0fbc C:\Windows\SysWOW64\dwmapi.dll - ok
12:07:04.0628 0x0fbc [ A054EA8FBE16D4D34F06D81A4F0088E2, 1CD4EECFDA374C8A7B8AD4E664DC057B9C75813AF776A616DC6D845905567CBD ] C:\Windows\SysWOW64\WindowsCodecs.dll
12:07:04.0628 0x0fbc C:\Windows\SysWOW64\WindowsCodecs.dll - ok
12:07:04.0628 0x0fbc [ 846D0E4DB261CFAF363902E41498E961, D7E5591B7604FD583AF7FDA19E30928B24A6145318A3944E7D207F0CCEEB30D0 ] C:\Windows\SysWOW64\EhStorShell.dll
12:07:04.0628 0x0fbc C:\Windows\SysWOW64\EhStorShell.dll - ok
12:07:04.0638 0x0fbc [ 03F3B770DFBED6131653CEDA8CA780F0, 77373919DCA647F09851E7E460AE78FBD89F21516B961F84AC4446304E51E09C ] C:\Windows\SysWOW64\ntshrui.dll
12:07:04.0638 0x0fbc C:\Windows\SysWOW64\ntshrui.dll - ok
12:07:04.0638 0x0fbc [ 465BEA35F7ED4A4A57686DEA7EA10F47, 7F1B3CA09AB045F805DA5765BE7DD270F5DDACE3073017F7386FF1E2FA82D6FB ] C:\Windows\SysWOW64\cscapi.dll
12:07:04.0638 0x0fbc C:\Windows\SysWOW64\cscapi.dll - ok
12:07:04.0638 0x0fbc [ 827CB0D6C3F8057EA037FF271F8E9795, 82760DBDDD38D2A31CAAF51D065DF4E7E1D0F0C22733A0AF653776EBF7B79470 ] C:\Windows\SysWOW64\imageres.dll
12:07:04.0638 0x0fbc C:\Windows\SysWOW64\imageres.dll - ok
12:07:04.0638 0x0fbc [ 8B74CEC6980D4816B0037AE9A27E538F, 8721EDB4C51BF6020002FA5DDB1987C68590F9F433A2F18D9756B2DAC7542CB6 ] C:\Windows\SysWOW64\slc.dll
12:07:04.0638 0x0fbc C:\Windows\SysWOW64\slc.dll - ok
12:07:04.0648 0x0fbc [ 5CCDCD40E732D54E0F7451AC66AC1C87, 66F4DA105BD72E41250CD59E2B3CD931B47AC9FDB6C784B9E33C5EE1AC29841F ] C:\Windows\SysWOW64\srvcli.dll
12:07:04.0648 0x0fbc C:\Windows\SysWOW64\srvcli.dll - ok
12:07:04.0648 0x0fbc [ C7063A0EBCF735A37DC96866BFD789D1, FE39A30A371E0B6734DF47D00D251CCD21A85F96A4AED5C1C0E203612903A546 ] C:\Program Files\NVIDIA Corporation\Display\nvsmartmax64.dll
12:07:04.0648 0x0fbc C:\Program Files\NVIDIA Corporation\Display\nvsmartmax64.dll - ok
12:07:04.0648 0x0fbc [ D837FD1004DEF703D4AD32081915A5F6, C8A2C1AE084EDD43787F269F7DF5B78554E9CDE3024C61E1C7707A14D3870CF9 ] C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
12:07:04.0648 0x0fbc C:\Program Files\NVIDIA Corporation\Display\nvtray.exe - ok
12:07:04.0658 0x0fbc [ AE3A2A6FC65E865A0D259416EB4A6658, E50EADA2FE1A8FF19FD0519BC7D0E9826A1EA1C856F09BD315D2DF2D65F070D1 ] C:\Program Files\NVIDIA Corporation\Display\nvuir.dll
12:07:04.0658 0x0fbc C:\Program Files\NVIDIA Corporation\Display\nvuir.dll - ok
12:07:04.0658 0x0fbc [ E65AF17EC218CB23D679C19D10530D26, 0FB2DADC8515E3EA7B7FEBFFE73C351AB14972A4D69E20449A75D627E343C4F4 ] C:\Program Files\NVIDIA Corporation\Update Core\NvUpdt.dll
12:07:04.0658 0x0fbc C:\Program Files\NVIDIA Corporation\Update Core\NvUpdt.dll - ok
12:07:04.0658 0x0fbc [ 85A96A4EF967ADB0BDF2F9F3F143C0AC, 3EFA9AA6BAEFFE0876984C7E131C226333B519056D8D720F4765E54DE4095EFB ] C:\Program Files\NVIDIA Corporation\Update Core\NvBackendAPI64.dll
12:07:04.0658 0x0fbc C:\Program Files\NVIDIA Corporation\Update Core\NvBackendAPI64.dll - ok
12:07:04.0668 0x0fbc [ 4F46EA70C7579052F764D0F9B81D23C2, EABE443ABC39AFDA49762A78711FAB4C7367680BE4F0B79F3144362D4A272238 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
12:07:04.0668 0x0fbc C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe - ok
12:07:04.0668 0x0fbc [ 3FD15B4611D9BDA3F8013548C0ECAECA, B47A8D9985D9B71EB870816A0AB2B6403D394CCBDF7DE5378D5721D58D68D28D ] C:\Windows\SysWOW64\ntmarta.dll
12:07:04.0668 0x0fbc C:\Windows\SysWOW64\ntmarta.dll - ok
12:07:04.0668 0x0fbc [ 0B7E85364CB878E2AD531DB7B601A9E5, F5AD3018427F1CD68450EE5CB55AA9572546322580E0FB1E7888702A291C2380 ] C:\Windows\SysWOW64\NapiNSP.dll
12:07:04.0668 0x0fbc C:\Windows\SysWOW64\NapiNSP.dll - ok
12:07:04.0668 0x0fbc [ 0BA65122FFA7E37564EE86422DBF7AE8, 3A37FC503D3228D021473AECA285427382518CC36C197E4C9912745BDF3AB757 ] C:\Windows\SysWOW64\nlaapi.dll
12:07:04.0668 0x0fbc C:\Windows\SysWOW64\nlaapi.dll - ok
12:07:04.0678 0x0fbc [ 5CF640EDDB1E40A5AB1BB743BCDEC610, 0313AA3F713C9F5B84DBB0B4DE78A96B173E9F7B4CF61C10FDC7DAE952DB04E5 ] C:\Windows\SysWOW64\pnrpnsp.dll
12:07:04.0678 0x0fbc C:\Windows\SysWOW64\pnrpnsp.dll - ok
12:07:04.0678 0x0fbc [ B40420876B9288E0A1C8CCA8A84E5DC9, 0D3C73B45BC708D7B1E26DFB6D4F64031A998548FEA0FB5CE198ED716F7DC9A0 ] C:\Windows\SysWOW64\dnsapi.dll
12:07:04.0678 0x0fbc C:\Windows\SysWOW64\dnsapi.dll - ok
12:07:04.0678 0x0fbc [ F0D0E883EBBDC7615DC9EDEA0FFB2817, 58F1395445018CB16ED4D3710443FB5B0E087043F6A69F7B10D72D0455958954 ] C:\Windows\SysWOW64\FWPUCLNT.DLL
12:07:04.0678 0x0fbc C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
12:07:04.0688 0x0fbc [ 5DF5D8CFD9B9573FA3B2C89D9061A240, 990EA273B640DF2D7E800C0CFF18550259C605A4951CD82CD9F1E7B6FF0C9533 ] C:\Windows\SysWOW64\winrnr.dll
12:07:04.0688 0x0fbc C:\Windows\SysWOW64\winrnr.dll - ok
12:07:04.0688 0x0fbc [ ED6EE83D61EBC683C2CD8E899EA6FEBE, F82592908D038C44D9F2E5C5B7BC663A2D370FC565F40420E1138A9E55F0E7EB ] C:\Windows\SysWOW64\rasadhlp.dll
12:07:04.0688 0x0fbc C:\Windows\SysWOW64\rasadhlp.dll - ok
12:07:04.0688 0x0fbc [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9, E18D66455D00A6D2A2D7CC0833C233FE8A6DD910B59D6B5B5F82EF91450858DF ] C:\Windows\SysWOW64\sfc.dll
12:07:04.0688 0x0fbc C:\Windows\SysWOW64\sfc.dll - ok
12:07:04.0688 0x0fbc [ 162D247E995EAEBF3EF4289069E1111C, 19E858E9902E2D570FFD24AE2CB4165273F5BAB1FF7B04758B11AB5CD41FD752 ] C:\Windows\SysWOW64\devrtl.dll
12:07:04.0688 0x0fbc C:\Windows\SysWOW64\devrtl.dll - ok
12:07:04.0698 0x0fbc [ 84799328D87B3091A3BDD251E1AD31F9, F85521215924388830DBB13580688DB70B46AF4C7D82D549D09086438F8D237B ] C:\Windows\SysWOW64\sfc_os.dll
12:07:04.0698 0x0fbc C:\Windows\SysWOW64\sfc_os.dll - ok
12:07:04.0698 0x0fbc [ B9A8CBCFCD3EC9D2EA4740AF347BF108, 97FA304E3880BC863D999F441AE47CB8ADF00D2DEC2A52ACD8FBD02CC096786A ] C:\Windows\SysWOW64\mpr.dll
12:07:04.0698 0x0fbc C:\Windows\SysWOW64\mpr.dll - ok
12:07:04.0698 0x0fbc [ 20B3934DB73EABA2B49B7177873CB81F, 492EAC5C51472B43DE11825358AEC4B9E3A081DACFD7513C696D6FE40F302EE5 ] C:\Windows\SysWOW64\netutils.dll
12:07:04.0698 0x0fbc C:\Windows\SysWOW64\netutils.dll - ok
12:07:04.0708 0x0fbc [ FB10715E4099AF9FA389C71873245226, 6A4CB43880B822A0C4714D6E52EB3EB2CE1E69C3AA9CA65EAAD6B131AE43F274 ] C:\Windows\System32\timedate.cpl
12:07:04.0708 0x0fbc C:\Windows\System32\timedate.cpl - ok
12:07:04.0708 0x0fbc [ E6F0F82788E8BD0F7A616350EFA0761C, 13091DCB3E3F4F52C3FF210E93AAF1DCE142CFC09F671AEAC5B922393B23E67B ] C:\Windows\System32\actxprxy.dll
12:07:04.0708 0x0fbc C:\Windows\System32\actxprxy.dll - ok
12:07:04.0708 0x0fbc [ 23B001185B7C3CB1F4BDEB143E6B45B7, AB3A5AB346F6353B43B06FBE20B7785DA988975E2C8B73A6588F107FFAAACC47 ] C:\Windows\System32\shdocvw.dll
12:07:04.0708 0x0fbc C:\Windows\System32\shdocvw.dll - ok
12:07:04.0708 0x0fbc [ A0A65D306A5490D2EB8E7DE66898ECFD, CE5DA408F4EDD5E81CE0925867F03C9A35172CF1571FE4C4C052E45AB69822BB ] C:\Windows\System32\linkinfo.dll
12:07:04.0708 0x0fbc C:\Windows\System32\linkinfo.dll - ok
12:07:04.0718 0x0fbc [ 2BCBA6052374959A30BD7948444DBB79, 46224A2B729026FEEBC3C6A09E69919D477097848DB2CA0C2F5B166CDF379660 ] C:\Windows\System32\gameux.dll
12:07:04.0718 0x0fbc C:\Windows\System32\gameux.dll - ok
12:07:04.0718 0x0fbc [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86, E15ED4FEFC3010C213694331DDFDC03767682325C898D773AB243E2DC8B08461 ] C:\Windows\System32\msftedit.dll
12:07:04.0718 0x0fbc C:\Windows\System32\msftedit.dll - ok
12:07:04.0718 0x0fbc [ 2EBD0C5B090125AECF017C57344C45AB, 4FF8F2460115C60AD164EE0DC2079E1601B8AA21A1BA8033B7B731FAF85411B6 ] C:\Windows\System32\msls31.dll
12:07:04.0718 0x0fbc C:\Windows\System32\msls31.dll - ok
12:07:04.0728 0x0fbc [ 80041798F2F049259241393A2017DB02, 59B8913A129EC26FB111C2C614C0C7440D521F65BAF32E57CA48E34337C0DDEE ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
12:07:04.0728 0x0fbc C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
12:07:04.0728 0x0fbc [ 5EB6E9C8BE1ACC5830780E0F9A846255, AC5EDC6DBC9CA204584E35878E18F6524DE002CE3D90657C37599790A5DDD1F1 ] C:\Windows\System32\msi.dll
12:07:04.0728 0x0fbc C:\Windows\System32\msi.dll - ok
12:07:04.0728 0x0fbc [ 69754747274B76E7FAF287239333D7E6, A0BAEC1E56E4B1A17C0D41B317526AF5BB11E7E488C7016067A6229346A23B16 ] C:\Windows\System32\msiltcfg.dll
12:07:04.0728 0x0fbc C:\Windows\System32\msiltcfg.dll - ok
12:07:04.0738 0x0fbc [ A95B965C141A3FC74E7C246163253B0E, CB7DA2873231A7188CF7DC1CECF1F7F51F6EBDAF6DC5FA355381D000C372B734 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
12:07:04.0738 0x0fbc C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok
12:07:04.0738 0x0fbc [ 24F4B480F335A6C724AF352253C5D98B, 011413B236CAD7B78CE0A0EEC3E3085D48C7576A3205D025BA6EBFDF590538E4 ] C:\Windows\System32\thumbcache.dll
12:07:04.0738 0x0fbc C:\Windows\System32\thumbcache.dll - ok
12:07:04.0738 0x0fbc [ 4C2C4640BF23AAFCF90519E0F34436CE, 8ACCDA77C2DC5BE2DAED05134310122AFECC872A8D118612E55DD229BFE4D844 ] C:\Windows\System32\DeviceCenter.dll
12:07:04.0738 0x0fbc C:\Windows\System32\DeviceCenter.dll - ok
12:07:04.0738 0x0fbc [ 405F4D32D2185F1F1BD753D8EEAFFB3A, CAC42C3E09C43BE96592B670D70821386014DB22D8239A9CFB9E33E54FB5C3D5 ] C:\Windows\System32\networkexplorer.dll
12:07:04.0738 0x0fbc C:\Windows\System32\networkexplorer.dll - ok
12:07:04.0748 0x0fbc [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\Temp\{9F2DF707-11A9-4029-999E-3B413BBB0C3B}\{27B4A0E6-0323-46D1-9677-1D9C7AE272DA}.tmp
12:07:04.0748 0x0fbc C:\Temp\{9F2DF707-11A9-4029-999E-3B413BBB0C3B}\{27B4A0E6-0323-46D1-9677-1D9C7AE272DA}.tmp - ok
12:07:04.0748 0x0fbc [ 80808656078CFCC32CF8BFEB0DD66279, 383F37599ABF16EEDEB2A60242DB7EDCC3D210A2A59DD61169047059F7041C5C ] C:\Temp\{9F2DF707-11A9-4029-999E-3B413BBB0C3B}\{06151C4B-3C80-4EB8-9638-B685850FAB9B}.tmp
12:07:04.0748 0x0fbc C:\Temp\{9F2DF707-11A9-4029-999E-3B413BBB0C3B}\{06151C4B-3C80-4EB8-9638-B685850FAB9B}.tmp - ok
12:07:04.0748 0x0fbc [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\Temp\{9F2DF707-11A9-4029-999E-3B413BBB0C3B}\{5AF32DB2-AC1A-462B-83B9-055175C9789B}.tmp
12:07:04.0748 0x0fbc C:\Temp\{9F2DF707-11A9-4029-999E-3B413BBB0C3B}\{5AF32DB2-AC1A-462B-83B9-055175C9789B}.tmp - ok
12:07:04.0758 0x0fbc [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\Temp\{9F2DF707-11A9-4029-999E-3B413BBB0C3B}\{7C41B3C0-709D-4160-8185-2D6E2EBFBE1B}.tmp
12:07:04.0758 0x0fbc C:\Temp\{9F2DF707-11A9-4029-999E-3B413BBB0C3B}\{7C41B3C0-709D-4160-8185-2D6E2EBFBE1B}.tmp - ok
12:07:04.0758 0x0fbc [ 1315C5C5C54CE2AA37A155F97027DB59, 70CDA6AE7FF4FD08FAD931477C524957952EDC89985696FD988B9786A349C565 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
12:07:04.0758 0x0fbc C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe - ok
12:07:04.0758 0x0fbc [ F73154E180105822A5F9B755BA933737, 1CD775B6CE3736A70EC5FC7A6B77A2FEDA70D59B49A66046CC20B341005501D9 ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
12:07:04.0758 0x0fbc C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe - ok
12:07:04.0768 0x0fbc [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\Temp\{9F2DF707-11A9-4029-999E-3B413BBB0C3B}\{364C5684-431E-4839-A947-3D1E58B5F2D0}.tmp
12:07:04.0768 0x0fbc C:\Temp\{9F2DF707-11A9-4029-999E-3B413BBB0C3B}\{364C5684-431E-4839-A947-3D1E58B5F2D0}.tmp - ok
12:07:04.0768 0x0fbc [ 8C46AD1E382018E0B4D6E31B9AB27E5C, F6B6F53E2E2C5D733CB1A1C12148B9F5C01A2F450148C96D6899A7016B09B82B ] C:\Program Files (x86)\Skype\Phone\Skype.exe
12:07:04.0768 0x0fbc C:\Program Files (x86)\Skype\Phone\Skype.exe - ok
12:07:04.0768 0x0fbc [ 2FCA0D2C59A855C54BAFA22AA329DF0F, ED9D26F539065D62FCCEDEEC8E509B30F4D15F8DA586C1F657ACEFE9DABAACD0 ] C:\Windows\SysWOW64\netapi32.dll
12:07:04.0768 0x0fbc C:\Windows\SysWOW64\netapi32.dll - ok
12:07:04.0778 0x0fbc [ E5A4A1326A02F8E7B59E6C3270CE7202, DCB76016F9AC47E631540874DA208A089F9D529DA9628705A2869B954526BFE0 ] C:\Windows\SysWOW64\wkscli.dll
12:07:04.0778 0x0fbc C:\Windows\SysWOW64\wkscli.dll - ok
12:07:04.0778 0x0fbc [ 544EFF88AC6C85DF5A4D6F18DFE08CFC, D688381F42062FD5D868E7770857C5951C41BA20A1B6E6F60B5D9536C02CD293 ] C:\Windows\SysWOW64\taskschd.dll
12:07:04.0778 0x0fbc C:\Windows\SysWOW64\taskschd.dll - ok
12:07:04.0778 0x0fbc [ 3433CF435F84B24965A8202118F41A7A, 18A9C06FDEC96CF8ABA818786B266DABC3A22077AF55A39B76AAF24DA63DE3FD ] C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
12:07:04.0778 0x0fbc C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe - ok
12:07:04.0778 0x0fbc [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\Temp\{9F2DF707-11A9-4029-999E-3B413BBB0C3B}\{9B677A96-422F-4933-8FBD-42BBA2FF7A63}.tmp
12:07:04.0778 0x0fbc C:\Temp\{9F2DF707-11A9-4029-999E-3B413BBB0C3B}\{9B677A96-422F-4933-8FBD-42BBA2FF7A63}.tmp - ok
12:07:04.0788 0x0fbc [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\Temp\{9F2DF707-11A9-4029-999E-3B413BBB0C3B}\{DA421765-8511-4B56-B9BD-3F6895221006}.tmp
12:07:04.0788 0x0fbc C:\Temp\{9F2DF707-11A9-4029-999E-3B413BBB0C3B}\{DA421765-8511-4B56-B9BD-3F6895221006}.tmp - ok
12:07:04.0788 0x0fbc [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\Temp\{9F2DF707-11A9-4029-999E-3B413BBB0C3B}\{C14C592E-1081-4A42-BAF7-0B9A9D813691}.tmp
12:07:04.0788 0x0fbc C:\Temp\{9F2DF707-11A9-4029-999E-3B413BBB0C3B}\{C14C592E-1081-4A42-BAF7-0B9A9D813691}.tmp - ok
12:07:04.0798 0x0fbc [ 1473768973453DE50DC738C2955FC4DD, 14BC5DA2442CB726ACC1F277DDBECCF5D61E3A0A3E083A55A0BB610191E35220 ] C:\Windows\System32\wdmaud.drv
12:07:04.0798 0x0fbc C:\Windows\System32\wdmaud.drv - ok
12:07:04.0798 0x0fbc [ D1DE1EAFDE97BE41CF6585027FF3E732, 76F17D4DF440D6734DC8157092D94EB18C2A73A0A49BEEA289E7B3EDE30E86A2 ] C:\Windows\SysWOW64\comdlg32.dll
12:07:04.0798 0x0fbc C:\Windows\SysWOW64\comdlg32.dll - ok
12:07:04.0798 0x0fbc [ BAD6BEA0DE1F69C82BDB74378CE0C20A, ADA84B75173E9D03C180B527E31475ACA16CB19532C3EDA11357BD37049927E3 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
12:07:04.0798 0x0fbc C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
12:07:04.0808 0x0fbc [ 67BD916F01424DEB8AB8CD9E0096F277, D1E4A7BA332DA229138E89E5C4550A58ADD896B85728DF6BA33F1DE57D586E77 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
12:07:04.0808 0x0fbc C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe - ok
12:07:04.0808 0x0fbc [ B3892E6DA8E2C8CE4B0A9D3EB9A185E5, AE163388201EF2F119E11265586E7DA32C6E5B348E0CC32E3F72E21EBFD0843B ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll
12:07:04.0808 0x0fbc C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll - ok
12:07:04.0808 0x0fbc [ 5D2C953FE671D29E8941B17265C74649, AF4044E6FFFDE8FD46DE3B319D49212E851B17F8EE90B1D4BE09CA2847CB6F43 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrobat_sl.exe
12:07:04.0808 0x0fbc C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrobat_sl.exe - ok
12:07:04.0818 0x0fbc [ A3A82800FF19B26B94D2327A2F11067E, E0EA7AB1B4CACFA3A4B95F548BB4CA124F24AFE6E9D1E35EAA6794412EBC59FA ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
12:07:04.0818 0x0fbc C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe - ok
12:07:04.0818 0x0fbc [ 8FE651ACBA3344E645CFEB6286FFF6B8, ECE4DFFEB7EB0B19B6790FD0F619A5C4B23CA0BA9CC3F25924925F8EA07264B6 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
12:07:04.0818 0x0fbc C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe - ok
12:07:04.0818 0x0fbc [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
12:07:04.0818 0x0fbc C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe - ok
12:07:04.0828 0x0fbc [ DB001FAEA818AE2E14A74E0ADC530FC0, 45CB405589C92BF74C47B7C90E299A5732A99403C51F301A5B60579CAF3116E7 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcp90.dll
12:07:04.0828 0x0fbc C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcp90.dll - ok
12:07:04.0828 0x0fbc [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\Temp\{9F2DF707-11A9-4029-999E-3B413BBB0C3B}\{11641153-2000-4FBA-8545-136D5594B6A7}.tmp
12:07:04.0828 0x0fbc C:\Temp\{9F2DF707-11A9-4029-999E-3B413BBB0C3B}\{11641153-2000-4FBA-8545-136D5594B6A7}.tmp - ok
12:07:04.0828 0x0fbc [ 8560FFFC8EB3A806DCD4F82252CFC8C6, CC27BC092369A89D6147B16568FEDEB68B584D5738CD686C31F7FAE22ED17B3B ] C:\Windows\System32\ksuser.dll
12:07:04.0828 0x0fbc C:\Windows\System32\ksuser.dll - ok
12:07:04.0838 0x0fbc [ DC220AE6F64819099F7EBD6F137E32E7, B8FE13B859FA83500DD95637FA6D4A5B8392C2A363E41D014D3B5374F636E1DE ] C:\Windows\System32\AudioSes.dll
12:07:04.0838 0x0fbc C:\Windows\System32\AudioSes.dll - ok
12:07:04.0838 0x0fbc [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8, B1A9B2EF000917214C0198958CBD239D1D91B1720EC40DF041262A34D302AD74 ] C:\Windows\SysWOW64\winspool.drv
12:07:04.0838 0x0fbc C:\Windows\SysWOW64\winspool.drv - ok
12:07:04.0838 0x0fbc [ 2635B1A6B11105AACE0440CEC6830189, 800C74D10450901E23E816F1256867B85546B35A46A66C750693CF5543A1E753 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\VulcanControl.dll
12:07:04.0838 0x0fbc C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\VulcanControl.dll - ok
12:07:04.0848 0x0fbc [ BC83108B18756547013ED443B8CDB31B, B2AD109C15EAA92079582787B7772BA0A2F034F7D075907FF87028DF0EAEA671 ] C:\Windows\SysWOW64\msvcp100.dll
12:07:04.0848 0x0fbc C:\Windows\SysWOW64\msvcp100.dll - ok
12:07:04.0848 0x0fbc [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\Temp\{9F2DF707-11A9-4029-999E-3B413BBB0C3B}\{76641D08-8B2D-437B-A217-49BE3B5E7519}.tmp
12:07:04.0848 0x0fbc C:\Temp\{9F2DF707-11A9-4029-999E-3B413BBB0C3B}\{76641D08-8B2D-437B-A217-49BE3B5E7519}.tmp - ok
12:07:04.0848 0x0fbc [ 0E37FBFA79D349D672456923EC5FBBE3, 8793353461826FBD48F25EA8B835BE204B758CE7510DB2AF631B28850355BD18 ] C:\Windows\SysWOW64\msvcr100.dll
12:07:04.0848 0x0fbc C:\Windows\SysWOW64\msvcr100.dll - ok
12:07:04.0858 0x0fbc [ D83947A58613E9091B4C9CC0F1546A8D, C71DF6E18E2099FC462717B8658D39C607A62C7E7A1E5CD0E258C17434535AD0 ] C:\Windows\SysWOW64\mscoree.dll
12:07:04.0858 0x0fbc C:\Windows\SysWOW64\mscoree.dll - ok
12:07:04.0858 0x0fbc [ 8E01332CC4B68BC6B5B7EFFE374442AA, A4AD1D2FD3EC2F26949DBBC388F9FFF3713AD7EB4E9220AF817EBB5223E467C6 ] C:\Windows\SysWOW64\oleacc.dll
12:07:04.0858 0x0fbc C:\Windows\SysWOW64\oleacc.dll - ok
12:07:04.0858 0x0fbc [ 75F5E1FE8D55CF8E577E0EC5F2290D3F, F4E2C81F0834018052A481AE8D7DF4780302A6844160CCDC09F7D82D3B992BDE ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll
12:07:04.0858 0x0fbc C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll - ok
12:07:04.0868 0x0fbc [ 1C3F8D315C8B16C24A460831AB729BEA, 7234A0978E1CBE57908A81F48514F52AAF42DF73193A64E94238C8D48ABB790C ] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_14_0_0_125_Plugin.exe
12:07:04.0868 0x0fbc C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_14_0_0_125_Plugin.exe - ok
12:07:04.0868 0x0fbc [ 10AC5CE9F78DC281A1BBD9B8CC587B8A, 72288C0A88916D3C3828DBD948DBDB0928F26106319F8E60102D6C9004514D60 ] C:\Windows\System32\msacm32.dll
12:07:04.0868 0x0fbc C:\Windows\System32\msacm32.dll - ok
12:07:04.0868 0x0fbc [ 1B7C3A37362C7B2890168C5FC61C8D9B, 03727930E5BB5F9D91BAB901FC9A2E3B795D68E2AEE6A2CC3477F356C45A9C54 ] C:\Windows\System32\msacm32.drv
12:07:04.0868 0x0fbc C:\Windows\System32\msacm32.drv - ok
12:07:04.0868 0x0fbc [ 5E3C0E5FFDA48C5DA35BBFB8EFFF8066, E2BBCC111DB1CE6072CB796F21677E4529029CE66DDC471EC793278F81F1FCF6 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
12:07:04.0868 0x0fbc C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
12:07:04.0878 0x0fbc [ CA2A0750ED830678997695FF61B04C30, E84860CD97AA3C4565ABB2D5D406A5C42B1AD2D8BA1B8CF81FE564D91F15F976 ] C:\Windows\System32\midimap.dll
12:07:04.0878 0x0fbc C:\Windows\System32\midimap.dll - ok
12:07:04.0878 0x0fbc [ 5EDBB34736DD7AC1A73CF8792A835E10, 15E87C449AAF2095273341DD9355D8DF2690340D1DEFAF0DFF034F1CDF4316F8 ] C:\Windows\System32\AudioEng.dll
12:07:04.0878 0x0fbc C:\Windows\System32\AudioEng.dll - ok
12:07:04.0878 0x0fbc [ EE19C85CA685A275BE346EC41F1870F9, F071D88C38C62E9D88DDE29F451B2B581499758A7E60BDA6DED3376280C5A635 ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18455_none_72d576ad8665e853\GdiPlus.dll
12:07:04.0878 0x0fbc C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18455_none_72d576ad8665e853\GdiPlus.dll - ok
12:07:04.0888 0x0fbc [ A6C29DB53ECA94FA8591C5388D604B82, F25E95BA669422286A8FA3A68E0C639A2F06319B6DC8FA641C965CFB27A50BD6 ] C:\Windows\SysWOW64\msi.dll
12:07:04.0888 0x0fbc C:\Windows\SysWOW64\msi.dll - ok
12:07:04.0888 0x0fbc [ C1395286B822E306B4FE1568A8A77813, 0642B6C793BE0EED5E7D1D2533FC5A01417C50040FC60A8E89BD97CE4A119388 ] C:\Windows\System32\AUDIOKSE.dll
12:07:04.0888 0x0fbc C:\Windows\System32\AUDIOKSE.dll - ok
12:07:04.0888 0x0fbc [ F80C1B1B4617109CC1FA8CE06FB76D30, 721255FDD3DB5C6C739928CCDC7AEBF51A7BB135DEC033DB6CE5CAF780CF80AF ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Esl\Aiod.dll
12:07:04.0888 0x0fbc C:\Program Files (x86)\Adobe\Acrobat 10.0\Esl\Aiod.dll - ok
12:07:04.0898 0x0fbc [ 9D143DE584AF0B120766B74AA41D1F28, A6292835ABD188E3D0E0A7377B19460ADDB2A52CFD84E389E43F88735C8321C5 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\libcurl.dll
12:07:04.0898 0x0fbc C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\libcurl.dll - ok
12:07:04.0898 0x0fbc [ 2E5B4A993514375DC6092DD211262757, 70D0AB3C281F62BC69997F0445B2DFED56429F6371A58487107A2A70EA1DB187 ] C:\Windows\System32\MBWrp64.dll
12:07:04.0898 0x0fbc C:\Windows\System32\MBWrp64.dll - ok
12:07:04.0898 0x0fbc [ 282431231CADCA5D67D1DD33B9847022, 5F8BB6EAF02CB58087F81B547104EBE3EE17C5E0C9C4736437425B2F2234AC5F ] C:\Windows\System32\RtkAPO64.dll
12:07:04.0898 0x0fbc C:\Windows\System32\RtkAPO64.dll - ok
12:07:04.0908 0x0fbc [ 3E0AB1C6506F149CC5ABA66433D35E62, 962DBAE610AF406C9FFD035608B71389AECA576FEB96E762E1C72F8EFACCDC48 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\libeay32.dll
12:07:04.0908 0x0fbc C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\libeay32.dll - ok
12:07:04.0908 0x0fbc [ 18AB2E5A40064ED5F7791AC5946A90F3, B7536CE56702C23B1CEC3E1B6C78866E0A76808B85A92AF3733D9ED9429E004C ] C:\Windows\SysWOW64\msimg32.dll
12:07:04.0908 0x0fbc C:\Windows\SysWOW64\msimg32.dll - ok
12:07:04.0908 0x0fbc [ F10E5311E5093FA3C00FF88C54C32FCA, B557F5B00D77F030850D9AAC0FFEFC4C2A759EC4081C8459C9DEAE51BAAACC65 ] C:\Windows\SysWOW64\atl.dll
12:07:04.0908 0x0fbc C:\Windows\SysWOW64\atl.dll - ok
12:07:04.0918 0x0fbc [ D5AEFAD57C08349A4393D987DF7C715D, C36A45BC2448DF30CD17BD2F8A17FC196FAFB685612CACCEB22DC7B58515C201 ] C:\Windows\SysWOW64\winmm.dll
12:07:04.0918 0x0fbc C:\Windows\SysWOW64\winmm.dll - ok
12:07:04.0918 0x0fbc [ 0E85C11F8850D524B02181C6E02BA9AE, 8703566931067CCF949E9779E4D328DD21210329DD687459300C83DDD06390A8 ] C:\Windows\SysWOW64\dsound.dll
12:07:04.0918 0x0fbc C:\Windows\SysWOW64\dsound.dll - ok
12:07:04.0918 0x0fbc [ E7E86478E23C0A7606A48609E66660A3, BCF24FB44DC92F210F56FB37D28C9EDAB67FE4BE98516CFF95CF771A325DB2E7 ] C:\Program Files (x86)\DAEMON Tools Lite\DTCommonRes.dll
12:07:04.0918 0x0fbc C:\Program Files (x86)\DAEMON Tools Lite\DTCommonRes.dll - ok
12:07:04.0918 0x0fbc [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] C:\Windows\SysWOW64\netprofm.dll
12:07:04.0918 0x0fbc C:\Windows\SysWOW64\netprofm.dll - ok
12:07:04.0928 0x0fbc [ 539C49CEBB3C50957AC8A09D95ECD880, 49E75CDB556FBCE72C44648F8930CF2209C1360F9311C5B4CEB19E13B11E6B75 ] C:\Windows\SysWOW64\shfolder.dll
12:07:04.0928 0x0fbc C:\Windows\SysWOW64\shfolder.dll - ok
12:07:04.0928 0x0fbc [ 08DFDBD2FD4EA951DC46B1C7661ED35A, D926530C659DDAF80770663F46F1EFD94FFB4AAB475C4E3367CB531AF4A734E1 ] C:\Windows\SysWOW64\powrprof.dll
12:07:04.0928 0x0fbc C:\Windows\SysWOW64\powrprof.dll - ok
12:07:04.0928 0x0fbc [ 83502D796852329CDFC906FEE2B5EDE4, CFDF8B760AFDFE34C0EE943FAF9452B4DE438836E03990F983883C1F51BE5E26 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\ssleay32.dll
12:07:04.0928 0x0fbc C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\ssleay32.dll - ok
12:07:04.0938 0x0fbc [ D717CC3ED8EA2BE11A6BCA11617167F2, 01B68A0C13032BB59F262ED94D2DAF85E50FAD7A1502A3097029B66B7EB4F903 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrodist.exe
12:07:04.0938 0x0fbc C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrodist.exe - ok
12:07:04.0938 0x0fbc [ 936F728E04ACCF3F38801CFFCF1E3F40, 59CA86096F4B928E364B6A3C0408615F068BB8BC02DCFC5EAF4873EC6D6E0797 ] C:\Windows\SysWOW64\oledlg.dll
12:07:04.0938 0x0fbc C:\Windows\SysWOW64\oledlg.dll - ok
12:07:04.0938 0x0fbc [ 6EF5F3F18413C367195F06E503AB86A6, 6F8B87FB4D67F9E76A51EF759B58A95D903C4AAC9C789A65A3FA1FC4F253D978 ] C:\Windows\SysWOW64\d3d9.dll
12:07:04.0938 0x0fbc C:\Windows\SysWOW64\d3d9.dll - ok
12:07:04.0948 0x0fbc [ A26ECF874B429774F5086DC068A5D1E7, 281529DBD6C45CC1706D5CD66456B5C983AA5E6E3DC64723779D9B2BD48B769D ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe
12:07:04.0948 0x0fbc C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe - ok
12:07:04.0948 0x0fbc [ 4823DFE702BAE876CB31F58573D7EB55, A78A3A612127DEC214B9F3AC860F5B5836B61BE89FFD2BF55CBEA71EAE72B8FF ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\IMSLib.dll
12:07:04.0948 0x0fbc C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\IMSLib.dll - ok
12:07:04.0948 0x0fbc [ D90DAD5EEA33A178BAC56FFF2847D4C2, 104162A59E7784E1FE2EC0B7DB8836E1EB905ABFD1602A05D86DEBE930B40CBF ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\zlib1.dll
12:07:04.0948 0x0fbc C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\zlib1.dll - ok
12:07:04.0958 0x0fbc [ 3F50200237961034FACE602373838980, F97D72CC75D921CF8F8E0544614407358AEFF97A8F48E4A89F82689EE8F2FC86 ] C:\Windows\SysWOW64\FirewallAPI.dll
12:07:04.0958 0x0fbc C:\Windows\SysWOW64\FirewallAPI.dll - ok
12:07:04.0958 0x0fbc [ 41438013AF21E8FA0031C6FCA89EB848, E8E7DC8B0E5ED467EE1337507ADE53EA81D3C2F2BC42A9067B9930E256CA5436 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrodistdll.dll
12:07:04.0958 0x0fbc C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrodistdll.dll - ok
12:07:04.0958 0x0fbc [ 102CF6879887BBE846A00C459E6D4ABC, A4C51C79CF95D5C79DCEFB02946A09A987FEAF83CE2EE1BA7677EBA90869AC80 ] C:\Windows\SysWOW64\riched20.dll
12:07:04.0958 0x0fbc C:\Windows\SysWOW64\riched20.dll - ok
12:07:04.0968 0x0fbc [ E2A17BCC08D92F42E08AF6BA2F93ABA7, 5FC9D47BF4B1094BECC0C0DDCD5CD4318DD3E4495D982F8785331616D5B82599 ] C:\Windows\SysWOW64\ExplorerFrame.dll
12:07:04.0968 0x0fbc C:\Windows\SysWOW64\ExplorerFrame.dll - ok
12:07:04.0968 0x0fbc [ 77B1471A490B53B24EFE136F09F76550, A650C3A244306F8E605BDA8E74BFE438356BA4403B0CB61E980D3183E3F0A7C7 ] C:\Windows\SysWOW64\d3d8thk.dll
12:07:04.0968 0x0fbc C:\Windows\SysWOW64\d3d8thk.dll - ok
12:07:04.0968 0x0fbc [ 7F8678C59F188528D60104E697C2361E, 9B4D262B10CB09543ACA9A78482F4EDD905791D2C8C518B574EBA440A71A85B7 ] C:\Windows\SysWOW64\mscms.dll
12:07:04.0968 0x0fbc C:\Windows\SysWOW64\mscms.dll - ok
12:07:04.0978 0x0fbc [ 487F44B08EFEAF5AD087878357B9403D, B02C99850940588D52B3E6DB30DB64582F294E0BD62101067BECFEA1483010C6 ] C:\Windows\SysWOW64\pdh.dll
12:07:04.0978 0x0fbc C:\Windows\SysWOW64\pdh.dll - ok
12:07:04.0978 0x0fbc [ 6383C60EC0133B14F5705F96369421B2, EAB3FA2344B853148F199F744E716FBB8E9331B9DB588F784274599B6BCE2335 ] C:\Windows\SysWOW64\hnetcfg.dll
12:07:04.0978 0x0fbc C:\Windows\SysWOW64\hnetcfg.dll - ok
12:07:04.0978 0x0fbc [ 8B8D1CEF498678CAB9DF17145D34BC64, B833545CC592BBF77F4F3E6BA9961D10673AA3F4E2CF6369F6A3BDAF1BC02026 ] C:\Windows\SysWOW64\msxml3.dll
12:07:04.0978 0x0fbc C:\Windows\SysWOW64\msxml3.dll - ok
12:07:04.0978 0x0fbc [ 53223B673A3FA2F9A4D1C31C8D3F6CD8, B07A12E3ECD5E418A3F99F00C56E7F482F68CADE330E7C079DCCDFFAD2E21299 ] C:\Windows\SysWOW64\dbghelp.dll
12:07:04.0978 0x0fbc C:\Windows\SysWOW64\dbghelp.dll - ok
12:07:04.0988 0x0fbc [ 90FB1802D488FFA9029854A77D4F3F27, FBEAB2065307A2BD9C78D3ABB4F80B8311F3EA68B2F23FD1EF80C24E1DBA1F4D ] C:\Windows\SysWOW64\oleaccrc.dll
12:07:04.0988 0x0fbc C:\Windows\SysWOW64\oleaccrc.dll - ok
12:07:04.0988 0x0fbc [ 85683DF1F917E4D7F6BE1A04986BF1C8, D68D9F525D31C1843B6EC8FA950166FA1F34DB71222716E7B22DD33981C152B6 ] C:\Windows\SysWOW64\msacm32.dll
12:07:04.0988 0x0fbc C:\Windows\SysWOW64\msacm32.dll - ok
12:07:04.0988 0x0fbc [ 15E298B5EC5B89C5994A59863969D9FF, 8D38B2E023462D0804F72E907D11FF72CE84540EA3B8D83F411C602C3F6A1177 ] C:\Windows\SysWOW64\npmproxy.dll
12:07:04.0988 0x0fbc C:\Windows\SysWOW64\npmproxy.dll - ok
12:07:04.0998 0x0fbc [ 007863E45F25AA47A4C30D0930BBFD85, 60F2ABA40D520FCA2C57FA2DB72E111C14F21821DA17F662837506B80C269634 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
12:07:04.0998 0x0fbc C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
12:07:04.0998 0x0fbc [ 139D3AB6AA920C34C50CBFFB9EB7D222, 5A5D205E16E6AFDCC965E4144FE6E104157DE7541D31727520363F2670513940 ] C:\Windows\SysWOW64\avrt.dll
12:07:04.0998 0x0fbc C:\Windows\SysWOW64\avrt.dll - ok
12:07:04.0998 0x0fbc [ DFA59840BB1220AFD261FDAE83543959, 2D62CBB66570236F6B38D2E14B687E7BF5E418B40A3F7E18B28587EFFB2436C6 ] C:\Windows\SysWOW64\mshtml.dll
12:07:04.0998 0x0fbc C:\Windows\SysWOW64\mshtml.dll - ok
12:07:05.0008 0x0fbc [ B010CF886420EE29C2C276646721D255, CBCD032D679ADE3A9942A1D116648D6A9ECC71F66F8630629E724E5EE23F9F73 ] C:\Windows\SysWOW64\wlanapi.dll
12:07:05.0008 0x0fbc C:\Windows\SysWOW64\wlanapi.dll - ok
12:07:05.0008 0x0fbc [ 1D6A771D1D702AE07919DB52C889A249, E5F3378AC40AEE6114EEAF3BF11DC1059466891CAE353E80C08622A60485C954 ] C:\Windows\SysWOW64\wlanutil.dll
12:07:05.0008 0x0fbc C:\Windows\SysWOW64\wlanutil.dll - ok
12:07:05.0008 0x0fbc [ 703FFD301AB900B047337C5D40FD6F96, C09909B89183B89BA87CAC8C5BEBD0E995C5CB08CC9B9D1E88352103EE958857 ] C:\Windows\SysWOW64\olepro32.dll
12:07:05.0008 0x0fbc C:\Windows\SysWOW64\olepro32.dll - ok
12:07:05.0008 0x0fbc [ 6F3C559B82F2912354BE5B098744CC8C, EB64E5C02C81588921A65194E1256E80699A1317E7D9A57395CD38C2639C8B08 ] C:\Windows\System32\WMALFXGFXDSP.dll
12:07:05.0008 0x0fbc C:\Windows\System32\WMALFXGFXDSP.dll - ok
12:07:05.0018 0x0fbc [ 28CA821606669BB9215CE010767720FA, C8A1F0D6704F8F37CF8AADDFAD511FF27E56E8BCFFD4AC948DFA0329DB1F3A1E ] C:\Windows\SysWOW64\cryptui.dll
12:07:05.0018 0x0fbc C:\Windows\SysWOW64\cryptui.dll - ok
12:07:05.0018 0x0fbc [ ED971520839C0918CF4224D92FBE3E59, A8633EBBE3A25A07E307438C08390F937141E01B298E4A4A48EF444043E5F1EE ] C:\Temp\{2A5FB41B-5CD4-409C-AB0E-1A3022F52FD9}\fpb.tmp
12:07:05.0018 0x0fbc C:\Temp\{2A5FB41B-5CD4-409C-AB0E-1A3022F52FD9}\fpb.tmp - ok
12:07:05.0018 0x0fbc [ 5E08AC958BE05247FF1539E0D1CE7905, C6E7419EA72D1703F72292743A999F4A6CF0C6734BA1EE92C6AF18BA8B1A3A23 ] C:\Windows\SysWOW64\dinput8.dll
12:07:05.0018 0x0fbc C:\Windows\SysWOW64\dinput8.dll - ok
12:07:05.0028 0x0fbc [ 6E1F8165C365D35C8E3C045AF0CDD481, B861360D0A014265A0BEB4CC2FE31EA05AE95120E8B07820C13A044D64C00E2B ] C:\Windows\SysWOW64\duser.dll
12:07:05.0028 0x0fbc C:\Windows\SysWOW64\duser.dll - ok
12:07:05.0028 0x0fbc [ EE06B85BC69F18826302348A2AD089E0, 417205797CC9F6C986A863A61179784D9ADCAF1961EF8A4D9042D73C5A86509A ] C:\Windows\SysWOW64\dui70.dll
12:07:05.0028 0x0fbc C:\Windows\SysWOW64\dui70.dll - ok
12:07:05.0028 0x0fbc [ 54B5DCD55B223BC5DF50B82E1E9E86B1, 025294DD69A421FE4EACAA463F8CB797610D8F3A7A3C61656AE83D0CEE07A9BF ] C:\Windows\System32\mfplat.dll
12:07:05.0028 0x0fbc C:\Windows\System32\mfplat.dll - ok
12:07:05.0038 0x0fbc [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6, 4F40D5CCE264290C8DD73A5766062A55ED4CF77D8F6B59D453DDB6F88B640D7E ] C:\Windows\SysWOW64\mapi32.dll
12:07:05.0038 0x0fbc C:\Windows\SysWOW64\mapi32.dll - ok
12:07:05.0038 0x0fbc [ 919001D2BB17DF06CA3F8AC16AD039F6, 5169ACFBE9E9D4C4012773ECDD28231C952675EF0C272A40F226E7B5D671B18B ] C:\Windows\SysWOW64\sxs.dll
12:07:05.0038 0x0fbc C:\Windows\SysWOW64\sxs.dll - ok
12:07:05.0038 0x0fbc [ AEF8C2A48BF6B9E4C41998EF32809041, A30DAE824F1557FBBA54649A56EB2E4FCDD6A7D05D7D490C4FB9CC688D51B90E ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\ahclient.dll
12:07:05.0038 0x0fbc C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\ahclient.dll - ok
12:07:05.0038 0x0fbc [ 06CABCD25920159660B4F73B8BE85D5A, C4E057A55508891D9DFA484619BE31C5821E819E57D30D0AF534B7762DEBDE49 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeXMP.dll
12:07:05.0038 0x0fbc C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeXMP.dll - ok
12:07:05.0048 0x0fbc [ 819EB5ABEAE5B1728EDFF0AC8B696769, 2EEE1CE0A373BB9CB4DF18EAF5CBF751ED0EFAE464F762F284DE62BCABF91BB4 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\ACE.dll
12:07:05.0048 0x0fbc C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\ACE.dll - ok
12:07:05.0048 0x0fbc [ 49A96CFD5A2A2FD2D67E930D4C543CC7, 8E350464265E8D185FF730C293BDDE6A82028EEBF05D63FDEB056A105EBE971F ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobePDFL.dll
12:07:05.0048 0x0fbc C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobePDFL.dll - ok
12:07:05.0048 0x0fbc [ 9110FFAD124283F37D38771BB60556AF, BB495FDF86B7C3DD7878C496090A624CE8FE68F61166C91A4C99EF1140F0AD23 ] C:\Windows\System32\dsound.dll
12:07:05.0048 0x0fbc C:\Windows\System32\dsound.dll - ok
12:07:05.0058 0x0fbc [ C8CEC2A540DBA03596CE173507830C2C, F5B0738CDDDAABA004D934B5752C7F785501EAE67ED86986DED7EB5922A6DD6F ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\JP2KLib.dll
12:07:05.0058 0x0fbc C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\JP2KLib.dll - ok
12:07:05.0058 0x0fbc [ 263E9A047D17CD50BAA9D3C02910D18D, F526648358AD121001D2776E0ACC333EC4AC168CA07B40A3D3C06C5CE6A361C3 ] C:\Windows\System32\oledlg.dll
12:07:05.0058 0x0fbc C:\Windows\System32\oledlg.dll - ok
12:07:05.0058 0x0fbc [ 759D71FC9442AB5A9B5749C0F6C0C263, 109647F58E7E8386A4C025F2C8175A4D638E5C0E62768953390764010EA22A2E ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\BIB.dll
12:07:05.0058 0x0fbc C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\BIB.dll - ok
12:07:05.0068 0x0fbc [ B05953F956EB87A02E62096EAAFA9C5F, 2C6F95D32C4A4515A298DF14C8510B31BA445931CCC5EF4EE92969FB6A2918DA ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\BIBUtils.dll
12:07:05.0068 0x0fbc C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\BIBUtils.dll - ok
12:07:05.0068 0x0fbc [ 0CD1441C8E92B345E31AC1D95F6527F9, 94D8589869F21FFBD4F2251A06806B0EDB464CF5E6AED0D5749FD764591E8308 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AGM.dll
12:07:05.0068 0x0fbc C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AGM.dll - ok
12:07:05.0068 0x0fbc [ 991626D8EA95D3F22A87789DC20B6FB1, 9F1BC87AAE2AB5B8F34D4FFB263CBB51B4662F0FCF20A57ADD92B6A20A984993 ] C:\Program Files (x86)\DAEMON Tools Lite\Engine.dll
12:07:05.0068 0x0fbc C:\Program Files (x86)\DAEMON Tools Lite\Engine.dll - ok
12:07:05.0078 0x0fbc [ 0805289E121F3E3C458C970B08314EB2, D9B448A04C09F525F599D0369CF9A197F471AABDA0A97201760C46D2EB8F3CDE ] C:\Windows\System32\RtkCfg64.dll
12:07:05.0078 0x0fbc C:\Windows\System32\RtkCfg64.dll - ok
12:07:05.0078 0x0fbc [ 6F3234B2B71254AC140D75D20EDD385F, 85DB38020D9ABE7ADEB5B142DAA44009B62072B502E2112AC6F2280A717FDB56 ] C:\Program Files\Internet Explorer\sqmapi.dll
12:07:05.0078 0x0fbc C:\Program Files\Internet Explorer\sqmapi.dll - ok
12:07:05.0078 0x0fbc [ C3761661C17C2248A9379A8FB89E3DE1, CE3477FA2B4058EB80739E0161FE957545F13CF86D313F6422732901D35F75F2 ] C:\Windows\System32\stobject.dll
12:07:05.0078 0x0fbc C:\Windows\System32\stobject.dll - ok
12:07:05.0088 0x0fbc [ 900DCE1A1FF4AAA64BDA12DABFD44651, 451A934F5797ED124D9CF2BACF96A3B687248A1549C579AFCC8CF3436D977342 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\CoolType.dll
12:07:05.0088 0x0fbc C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\CoolType.dll - ok
12:07:05.0088 0x0fbc [ 8EE6BDE1D572677AA35707C52C585F75, 588A08C0FC3881186CD673F749E46A154F58BE39CA7AE8A2E1F25539B2299752 ] C:\Windows\SysWOW64\mlang.dll
12:07:05.0088 0x0fbc C:\Windows\SysWOW64\mlang.dll - ok
12:07:05.0088 0x0fbc [ 56F80C7292E97CF71A669E121FAE821A, 4382427F1C0C10459443E675389B9320A091DBDDE08F91A567E3BFC272B39B79 ] C:\Program Files (x86)\DAEMON Tools Lite\imgengine.dll
12:07:05.0088 0x0fbc C:\Program Files (x86)\DAEMON Tools Lite\imgengine.dll - ok
12:07:05.0098 0x0fbc [ F832EEEA97CDDA1AF577E721F652A0D1, EBBB7CA199BA4DF231123922BD310D43DE0104C6185B70FE0281B938D5336F2E ] C:\Windows\System32\batmeter.dll
12:07:05.0098 0x0fbc C:\Windows\System32\batmeter.dll - ok
12:07:05.0098 0x0fbc [ 98C7B1AFA0A99EE3BE99EAABEFB72CA0, 491832033265B5276998FA908E62A0444F83E48536C48F985AA16FB3170F21F5 ] C:\Windows\SysWOW64\jscript9.dll
12:07:05.0098 0x0fbc C:\Windows\SysWOW64\jscript9.dll - ok
12:07:05.0098 0x0fbc [ 1F27643C4C626457FCE8F047AE1CD7E1, 68E2367B9AA21C1BDE7FEA566D5F0DBDF1E246CB53E949622F8EDC810AA95956 ] C:\Windows\SysWOW64\dxva2.dll
12:07:05.0098 0x0fbc C:\Windows\SysWOW64\dxva2.dll - ok
12:07:05.0098 0x0fbc [ 34380BB6EE71F38D97CE4C08681B7DEF, 5064428965C944B067BC1AF8B9CC62D8C29B0DC6CFC973FC176427A446FA7022 ] C:\Windows\SysWOW64\nvd3dum.dll
12:07:05.0098 0x0fbc C:\Windows\SysWOW64\nvd3dum.dll - ok
12:07:05.0108 0x0fbc [ 04CB7C8FDC6D9640DD82A527208F72C4, 0F8A327B0234A29EAB1F03D9102A3DF7DB4515BF580163198C5A8C174C98DE4F ] C:\Windows\System32\UIAnimation.dll
12:07:05.0108 0x0fbc C:\Windows\System32\UIAnimation.dll - ok
12:07:05.0108 0x0fbc [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122, E7EA375A3BDE8FC764CB09524344370B9EE25F98AD6C83E6F37A569EB8D277D6 ] C:\Windows\System32\prnfldr.dll
12:07:05.0108 0x0fbc C:\Windows\System32\prnfldr.dll - ok
12:07:05.0108 0x0fbc [ 0CFB90C28768E26498834D780FBBD754, 5B3434727CD6805870550C4912E23543D3F9B58A19D32C412B8978D1515E1229 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AXE8SharedExpat.dll
12:07:05.0108 0x0fbc C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AXE8SharedExpat.dll - ok
12:07:05.0118 0x0fbc [ 1D1EAA16D193C6A2D45981ED3914D22A, 587228942AA867FBA0D2A04F52A3431F33453B2C2735E4C45D621A4358BB9BB0 ] C:\Windows\SysWOW64\msimtf.dll
12:07:05.0118 0x0fbc C:\Windows\SysWOW64\msimtf.dll - ok
12:07:05.0118 0x0fbc [ 79BFC537A2D5005EDE7CBDE543B2C114, 7932D2350705D030249D0CAD9E8E8770C9D82C77C187A2D4FA0118EA6B59BB9F ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\ARE.dll
12:07:05.0118 0x0fbc C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\ARE.dll - ok
12:07:05.0118 0x0fbc [ 14800BD31701A5047AC3145BB1E698AE, 05B4E33B14B9623EE065634708D9C4CDC7226146F9614C4F374E6B097BB35A50 ] C:\Windows\SysWOW64\d2d1.dll
12:07:05.0118 0x0fbc C:\Windows\SysWOW64\d2d1.dll - ok
12:07:05.0128 0x0fbc [ 8E5A83FF1613B75942B163D3FEB3548E, ADF259B6BDE45B5E63E865237C93F775D0259B89C149804309AC7152387303A2 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Adist.dll
12:07:05.0128 0x0fbc C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Adist.dll - ok
12:07:05.0128 0x0fbc [ 5B245BBDA1D766B87E0AD8100CC558EB, 63985998D980C7BB116950E0D0F636B90F21F1F017621523F9E47D9A972AF169 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\adistres.dll
12:07:05.0128 0x0fbc C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\adistres.dll - ok
12:07:05.0128 0x0fbc [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\System32\rundll32.exe
12:07:05.0128 0x0fbc C:\Windows\System32\rundll32.exe - ok
12:07:05.0138 0x0fbc [ 42A9CB6906D9A8BEDC83B57163E62924, E18522D3137653140757829EFBFCE624A5BAA5842E2BBA10B9E5AB6C84BE49E1 ] C:\Windows\System32\DXP.dll
12:07:05.0138 0x0fbc C:\Windows\System32\DXP.dll - ok
12:07:05.0138 0x0fbc [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891, 0A82A475301202791A7C10F978F952EAB7DB146A702D4EA67E24E2C98BC19638 ] C:\Windows\System32\Syncreg.dll
12:07:05.0138 0x0fbc C:\Windows\System32\Syncreg.dll - ok
12:07:05.0138 0x0fbc [ C836175870E00ACC546066632E15BD10, 4347F3319C26DA1C38F395C74DBD67AF886149C8F29EDE765DD96C8480A3054A ] C:\Windows\ehome\ehSSO.dll
12:07:05.0138 0x0fbc C:\Windows\ehome\ehSSO.dll - ok
12:07:05.0138 0x0fbc [ E227B810296AA27E6C69307A7B6456E5, 0FBF1C90362EA0D12B4B0E18A2FB3E3AC90E116C30BE4CBE95F12EB4882FB985 ] C:\Windows\SysWOW64\msxml6.dll
12:07:05.0138 0x0fbc C:\Windows\SysWOW64\msxml6.dll - ok
12:07:05.0148 0x0fbc [ A42F2C1EB3B66C54FB3C7B79D30C1A6D, A63836DB3B01835DC1311526A95198D6EBCCB1DC9DDAFBC38EC36C128CDB98B9 ] C:\Windows\System32\netshell.dll
12:07:05.0148 0x0fbc C:\Windows\System32\netshell.dll - ok
12:07:05.0148 0x0fbc [ 4277F5164DE9B7C665BB928B9145BEE0, B977BF5D20BD4AA3B5FFFAF42C02D95E9883625E79820531A77C470C8D29CA37 ] C:\Windows\SysWOW64\DWrite.dll
12:07:05.0148 0x0fbc C:\Windows\SysWOW64\DWrite.dll - ok
12:07:05.0148 0x0fbc [ D4F264FE23F8953D840904418220C15E, 72EAF30265A0CC88DEC0FCA7869734D8C93572457C61A2BF1BDFFB20C061DBCD ] C:\Windows\SysWOW64\dxgi.dll
12:07:05.0148 0x0fbc C:\Windows\SysWOW64\dxgi.dll - ok
12:07:05.0158 0x0fbc [ 81F08948A0F1475894C99D4D19A158A8, 93334DA369BF976E498265E432CAF63D898D378C6B32947DF355366ABE2A0FAC ] C:\Windows\SysWOW64\wshqos.dll
12:07:05.0158 0x0fbc C:\Windows\SysWOW64\wshqos.dll - ok
12:07:05.0158 0x0fbc [ 6DE66FE7C526637E74CD066461C7C871, 7E8980A3751762180D795EAC38458303BEAF8D1F85AB5F2D10D9CE7013090CBE ] C:\Windows\SysWOW64\d3d11.dll
12:07:05.0158 0x0fbc C:\Windows\SysWOW64\d3d11.dll - ok
12:07:05.0158 0x0fbc [ E7368F0A8D19445EAF5C5D0DBB8B8DAB, CF9082360E32A7C3E13A67AC2C6192F4A76870D43DA9FF2936993A637F712761 ] C:\Windows\System32\AltTab.dll
12:07:05.0158 0x0fbc C:\Windows\System32\AltTab.dll - ok
12:07:05.0168 0x0fbc [ 10F815BE90A66AAFC6C713D1BD626064, 01139FC04BC53594296F6A0E16B8D20B940F64BC8119FE7705C03C4947958F39 ] C:\Windows\System32\pnidui.dll
12:07:05.0168 0x0fbc C:\Windows\System32\pnidui.dll - ok
12:07:05.0168 0x0fbc [ D96106CF60505734B14F6AE80AAA4B07, 900B5186D665FBDCFB2F367C30013F07D16EE65EC959528D72E9C5339007CF2E ] C:\Windows\SysWOW64\d3d10warp.dll
12:07:05.0168 0x0fbc C:\Windows\SysWOW64\d3d10warp.dll - ok
12:07:05.0168 0x0fbc [ B9F0A4020AA98B7A20287BF7FE99A1FD, 21138F161EEEA46198890C7A2D073F2C82829E15676131BDAD9F237EDC7477CD ] C:\Windows\System32\QUTIL.DLL
12:07:05.0168 0x0fbc C:\Windows\System32\QUTIL.DLL - ok
12:07:05.0168 0x0fbc [ C8FDF0FA9E97E2FAAF3F814716AAA881, DD24A1CAB44D943B0E1A795A347AD25D9305FC7F012A2566A6A14BD47221831F ] C:\Windows\System32\WPDShServiceObj.dll
12:07:05.0168 0x0fbc C:\Windows\System32\WPDShServiceObj.dll - ok
12:07:05.0178 0x0fbc [ 4F3CD1C59EA71401E155C432BCECE180, 6D4118A627CAE509E43D0CC0062EECAA0990C955BB15AE24834460551B2F51A2 ] C:\Windows\System32\PortableDeviceTypes.dll
12:07:05.0178 0x0fbc C:\Windows\System32\PortableDeviceTypes.dll - ok
12:07:05.0178 0x0fbc [ 234AFA322624B3203A2E720F08292B03, 0C0ACDD63FD82EDD34442E9E0763872BA6BF6AC73AB89147EA5FDD1E0229CC0A ] C:\Windows\System32\cscobj.dll
12:07:05.0178 0x0fbc C:\Windows\System32\cscobj.dll - ok
12:07:05.0178 0x0fbc [ E0B340996A41C9A75DFA3B99BBA9C500, D029AD8ABBD2267B1E44DF5172B93C3F832B4C21F930F5512C24E800F5CE4F8B ] C:\Windows\System32\SearchIndexer.exe
12:07:05.0178 0x0fbc C:\Windows\System32\SearchIndexer.exe - ok
12:07:05.0188 0x0fbc [ 8569E35D00F45972E506502EEE622BA4, 01FE851C03DB88C8373099C279F995A559D962B08932E193032FA3EAD522FB01 ] C:\Windows\System32\srchadmin.dll
12:07:05.0188 0x0fbc C:\Windows\System32\srchadmin.dll - ok
12:07:05.0188 0x0fbc [ 589DF683A6C81424A6CECE52ABF98A50, 8CE0D07B2FC1F1BF8C07434FAFCDC63FDD3B75007C3B2EED130DB69D2D16E90A ] C:\Windows\System32\tquery.dll
12:07:05.0188 0x0fbc C:\Windows\System32\tquery.dll - ok
12:07:05.0188 0x0fbc [ F7A256EC899C72B4ECDD2C02CB592EFD, 9C1AA9322E83CABB94AEA4375EAEB0C44700E1F33B8BE98649BA1DF4DDFAD326 ] C:\Windows\System32\bthprops.cpl
12:07:05.0188 0x0fbc C:\Windows\System32\bthprops.cpl - ok
12:07:05.0198 0x0fbc [ 366FA6D38406DC8BED62825C196144D1, B5A507DDF854664C38E410C2AF841554BC0D459B13DD101691E77BD5E3AE82DA ] C:\Windows\System32\ieframe.dll
12:07:05.0198 0x0fbc C:\Windows\System32\ieframe.dll - ok
12:07:05.0198 0x0fbc [ E24FE90E9DE8D8AE70E59F7B01675DEF, DDB0691488DB424CC203505E27364B24E4410E599A972CF2C1AFF4E2F3E3C04F ] C:\Windows\SysWOW64\avicap32.dll
12:07:05.0198 0x0fbc C:\Windows\SysWOW64\avicap32.dll - ok
12:07:05.0198 0x0fbc [ 5BB8C06EB5EA4BA22EE8A678F2D79B25, 019E9274DE2F5BAB16B4632B8A2E93DFC8DF0C08EC4EEA947B337FD29EB2E0CC ] C:\Windows\SysWOW64\devenum.dll
12:07:05.0198 0x0fbc C:\Windows\SysWOW64\devenum.dll - ok
12:07:05.0198 0x0fbc [ 7069AAB8536F29ED7323140973A2894B, 04B7FB6C64BFA3B80549F35CEF36D5DAE5D19A40E42444B3665B6BEFDF98EB5F ] C:\Windows\SysWOW64\msdmo.dll
12:07:05.0198 0x0fbc C:\Windows\SysWOW64\msdmo.dll - ok
12:07:05.0208 0x0fbc [ C335EC1182AC10B188705554E0BC1186, 963CD11CEF7A79559361134FDF9C07B8EA829A40D3996D77E95C291DD17AAD2B ] C:\Windows\SysWOW64\msvfw32.dll
12:07:05.0208 0x0fbc C:\Windows\SysWOW64\msvfw32.dll - ok
12:07:05.0208 0x0fbc [ 24498D084FAA7A459C91066EC241E1CE, 5214A26D8B441F7A55414DC2935AF6C76DB8C8D55F8677DA97D19943C69D765E ] C:\Windows\SysWOW64\vfwwdm32.dll
12:07:05.0208 0x0fbc C:\Windows\SysWOW64\vfwwdm32.dll - ok
12:07:05.0208 0x0fbc [ C140F86932B5B61F54A4D836E2D34AB2, 94821597EC70F27BF11A747D5EED474C57F389F20A2E0C3F1D0CB3F00974A53B ] C:\Windows\SysWOW64\ksproxy.ax
12:07:05.0208 0x0fbc C:\Windows\SysWOW64\ksproxy.ax - ok
12:07:05.0218 0x0fbc [ 7568CC720ACE4D03B84AF97817E745EF, 7155144CB0B260B969C398A36BC277C97BEADB5DB137D19A4F7E5AF61C3E24D4 ] C:\Windows\System32\mssrch.dll
12:07:05.0218 0x0fbc C:\Windows\System32\mssrch.dll - ok
12:07:05.0218 0x0fbc [ 9C67F6BBDA3881CFD02095160CF91576, 6CE97C6F0AD8BE183DE935A7AAB7D46821E8DE9E55A4BFF54ACB49D056826A94 ] C:\Windows\SysWOW64\ksuser.dll
12:07:05.0218 0x0fbc C:\Windows\SysWOW64\ksuser.dll - ok
12:07:05.0218 0x0fbc [ 4DDACA8A66B95ABA02812FF3C13DE198, FC14FA85367B29A5DA6479D198B9FA1D9A41C965685F51D5F0166D72A9F4668E ] C:\Windows\SysWOW64\vidcap.ax
12:07:05.0218 0x0fbc C:\Windows\SysWOW64\vidcap.ax - ok
12:07:05.0228 0x0fbc [ 630A31F277349109299E590856A4B004, E686938BE16163976BA048C19E0F23F27CFFBDEB044C0C038176BA3435C67C0B ] C:\Windows\SysWOW64\Kswdmcap.ax
12:07:05.0228 0x0fbc C:\Windows\SysWOW64\Kswdmcap.ax - ok
12:07:05.0228 0x0fbc [ DC6612A9EE015A36BA2A27BC9CC12537, F4456A3E4028BE3BDE46363290CCC1E8420034A122596D86272CE4B554C78DB5 ] C:\Windows\SysWOW64\mfc42.dll
12:07:05.0228 0x0fbc C:\Windows\SysWOW64\mfc42.dll - ok
12:07:05.0228 0x0fbc [ 3121A79D13A61562BE9CC902CD46B542, 00A5833A48338A4A9A5530844924AF4F1FAB618DA46D7EBBC6E2165C32ED376C ] C:\Windows\System32\msidle.dll
12:07:05.0228 0x0fbc C:\Windows\System32\msidle.dll - ok
12:07:05.0228 0x0fbc [ ACE1BB07E0377E37A2C514CD2EC119B1, A9AFA4774DFA875496764D6E541A6333A3ACD3C5D2BBEF753C2D80BA83B4AC15 ] C:\Windows\System32\mssprxy.dll
12:07:05.0228 0x0fbc C:\Windows\System32\mssprxy.dll - ok
12:07:05.0238 0x0fbc [ C9FB9038B15036CA28CF0B4BE2BED9BD, 0F56384E798B3F725FFEFC6E31A980DA31F620DB847F601273EF19E8CE74A226 ] C:\Windows\System32\en-US\tquery.dll.mui
12:07:05.0238 0x0fbc C:\Windows\System32\en-US\tquery.dll.mui - ok
12:07:05.0238 0x0fbc [ 7D34AF98A706230CC2DEDFE0CABF87AB, 93237B839C2BC6E84C2C675BB211CA0FB781B348A033EF648A9AA5BDAC1EFDAE ] C:\Windows\SysWOW64\odbc32.dll
12:07:05.0238 0x0fbc C:\Windows\SysWOW64\odbc32.dll - ok
12:07:05.0238 0x0fbc [ ABA457BFC7EC0B5E130B2F1E0F549DFF, C944C75C351A276952D0A869F9ED3DF8674E9479797EE7B03D13E8FDCDEB2DC4 ] C:\Windows\SysWOW64\odbcint.dll
12:07:05.0238 0x0fbc C:\Windows\SysWOW64\odbcint.dll - ok
12:07:05.0248 0x0fbc [ 4446374C3A03EBC85574A0878779254B, 21C2C0CA2F8330F778AC0A502F0DA0738626F6095F52D2AD98D2D2BC97A6DA92 ] C:\Program Files (x86)\Skype\Updater\Updater.dll
12:07:05.0248 0x0fbc C:\Program Files (x86)\Skype\Updater\Updater.dll - ok
12:07:05.0248 0x0fbc [ 5987EA8A82C53359BCD2C29D6588583E, 59E2DF91F8DA9E33DE65FA67A6A49A7C3F524618A87EAEFC8A28C5304E7FAB85 ] C:\Windows\SysWOW64\linkinfo.dll
12:07:05.0248 0x0fbc C:\Windows\SysWOW64\linkinfo.dll - ok
12:07:05.0248 0x0fbc [ 92DBF0A4C9239169010FC6E07859C82E, 00FB2CF4420F0FFEF519AFE732A708CF249640121E2A891CAA164313ABD7F804 ] C:\Windows\System32\ActionCenter.dll
12:07:05.0248 0x0fbc C:\Windows\System32\ActionCenter.dll - ok
12:07:05.0258 0x0fbc [ 9108540E866F75C7AF2B91DD921A8091, 7208C8E05E818781D7F2703B86848FC90651E0D8BE10362863250F2283CEC511 ] C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
12:07:05.0258 0x0fbc C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
12:07:05.0258 0x0fbc [ C746F3BF98E92FB137B5BD2B8B5925BD, 67A8990F3D491D149E65C90042909259793C65E671DC953FDA1F7590FAC23D9E ] C:\Windows\System32\FXSST.dll
12:07:05.0258 0x0fbc C:\Windows\System32\FXSST.dll - ok
12:07:05.0258 0x0fbc [ 650CAEA856943E29F25A25D31E004B18, DCA63D2AF4C6F14B27EA006F200E58A5C13AC940A51947A40F668908A446CC4E ] C:\Windows\System32\FXSAPI.dll
12:07:05.0258 0x0fbc C:\Windows\System32\FXSAPI.dll - ok
12:07:05.0268 0x0fbc [ C8E8B8239FCF17BEA10E751BE5854631, CB869195E78AB613CEF50AE3B247F0E4E42F233A7AAF5B2BFC5ADEA2C45C5F8D ] C:\Windows\System32\FXSRESM.dll
12:07:05.0268 0x0fbc C:\Windows\System32\FXSRESM.dll - ok
12:07:05.0268 0x0fbc [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] C:\Windows\System32\FXSSVC.exe
12:07:05.0268 0x0fbc C:\Windows\System32\FXSSVC.exe - ok
12:07:05.0268 0x0fbc [ F00AE7B953ABEF1B53FBBA187DFC8238, 6FFA160FB6821A725A7D81E1BECE1DE89E3E022B33E56A7468E2E0B4C8B2AE31 ] C:\Windows\System32\webcheck.dll
12:07:05.0268 0x0fbc C:\Windows\System32\webcheck.dll - ok
12:07:05.0268 0x0fbc [ 101797BA603D227946B4B5109867EB19, EBF2B48D1A4FE148F455EA32023ABC0D479215D48C7CE76E765F199CD3C80AF8 ] C:\Windows\System32\SyncCenter.dll
12:07:05.0268 0x0fbc C:\Windows\System32\SyncCenter.dll - ok
12:07:05.0278 0x0fbc [ 8130391F82D52D36C0441F714136957F, 1FD4FEE7CAF63E450F27729E07EA2A2F09288629FD872DBB6E8710B16D8DBD5D ] C:\Windows\System32\imapi2.dll
12:07:05.0278 0x0fbc C:\Windows\System32\imapi2.dll - ok
12:07:05.0278 0x0fbc [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] C:\Windows\System32\netman.dll
12:07:05.0278 0x0fbc C:\Windows\System32\netman.dll - ok
12:07:05.0278 0x0fbc [ D2155709E336C3BC15729EB87FEC6064, 682A84C0F2D892E7A6CEE4E5937B4799E352AAE3B71E7037F2A343373467443C ] C:\Windows\System32\rasdlg.dll
12:07:05.0278 0x0fbc C:\Windows\System32\rasdlg.dll - ok
12:07:05.0288 0x0fbc [ 6A5C1A8AC0B572679361026D0E900420, B5E693B48B462E97738A3D4E58B60846159649EB15F4D11074B4BC107CC88562 ] C:\Windows\System32\hgcpl.dll
12:07:05.0288 0x0fbc C:\Windows\System32\hgcpl.dll - ok
12:07:05.0288 0x0fbc [ 2DF29664ED261F0FC448E58F338F0671, 4EFE79C383D0AF126FC4EE668D822563F8F037B1E61D73747A35FE11AAFDB8CE ] C:\Windows\System32\mprapi.dll
12:07:05.0288 0x0fbc C:\Windows\System32\mprapi.dll - ok
12:07:05.0288 0x0fbc [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2, E8ACB693B1A78FAEF292111BE3F9B10BA95C76833C06C931A08EAAAE39A21334 ] C:\Windows\System32\dot3api.dll
12:07:05.0288 0x0fbc C:\Windows\System32\dot3api.dll - ok
12:07:05.0288 0x0fbc [ 0D753307D274F3688BD21C377B616700, 5DD08E77A11F2561FB96BA212FDDFE21D4394C69C34C3EB88F7F5CD068EE55BF ] C:\Windows\System32\eappcfg.dll
12:07:05.0288 0x0fbc C:\Windows\System32\eappcfg.dll - ok
12:07:05.0298 0x0fbc [ 73FCB7919DEE80EE556F2E498594EBAE, D0F7A0AD3BC33263E9C2CF9787DD326436F9E0C9F5031D769F8A43C64C08A762 ] C:\Windows\System32\onex.dll
12:07:05.0298 0x0fbc C:\Windows\System32\onex.dll - ok
12:07:05.0298 0x0fbc [ 357BE883C5236BFC7341CB9E82308908, 4DDB697FD9B7C516CF99D73C8799EA35BB97E2431216CD7C1045F17B06109FBF ] C:\Windows\System32\wlanapi.dll
12:07:05.0298 0x0fbc C:\Windows\System32\wlanapi.dll - ok
12:07:05.0298 0x0fbc [ E4FCA0F99A41E460C84016DEFD31E6EF, 8EB14AF2025EADC7C86280E8417D8F286E8271B4F88B31696E33DFD72B3A0EF2 ] C:\Windows\System32\wlanhlp.dll
12:07:05.0298 0x0fbc C:\Windows\System32\wlanhlp.dll - ok
12:07:05.0308 0x0fbc [ 7F1B4C6FF3B85F9ADF74055187B8A22C, CC95DA5662638AACBE9643DCB236464C2C2095A8D5CDC8A747045870BE9D0E7D ] C:\Windows\System32\wlanutil.dll
12:07:05.0308 0x0fbc C:\Windows\System32\wlanutil.dll - ok
12:07:05.0308 0x0fbc [ 65522E77A1360DBC8D199DA3BF5EFFE4, E9D748070FA478A3D37F15049F998D340885C0DC5FCE03BFCE5D521C9EBA7350 ] C:\Windows\System32\eappprxy.dll
12:07:05.0308 0x0fbc C:\Windows\System32\eappprxy.dll - ok
12:07:05.0308 0x0fbc [ 5DA219F57A9076FB6FBD3C9C3713A672, 274FE616625B336D81841FDC752C8053D4CD6926565B899760D298D145CBA1A3 ] C:\Windows\System32\WWanAPI.dll
12:07:05.0308 0x0fbc C:\Windows\System32\WWanAPI.dll - ok
12:07:05.0318 0x0fbc [ 62C7AACC746C9723468A8F2169ED3E85, 40E901F3EAFE52DF11D6BC4EF0E79F666EBDACE0B3C090CAD2358076E893EA47 ] C:\Windows\System32\wwapi.dll
12:07:05.0318 0x0fbc C:\Windows\System32\wwapi.dll - ok
12:07:05.0318 0x0fbc [ 6B851E682A36453E1B1EE297FFB6E2AB, A641D3FD9463C4788B45B8B5584EA4489C1F63A71B4B595AE85FF3482CD5EDA6 ] C:\Windows\System32\QAGENT.DLL
12:07:05.0318 0x0fbc C:\Windows\System32\QAGENT.DLL - ok
12:07:05.0318 0x0fbc [ 243974EC02F7AE49E4179C54624143AB, 755FA67F7BF10E3C6336788D297FBAA70F28F630852A43A78D3F7D7E3A7ECED0 ] C:\Windows\SysWOW64\MMDevAPI.dll
12:07:05.0318 0x0fbc C:\Windows\SysWOW64\MMDevAPI.dll - ok
12:07:05.0318 0x0fbc [ C940F2F5C60B3727C5F18840735B229C, EFC3F465FD6C570505C214A92644357ACD01B1843ED25B5FCCCE10533403485C ] C:\Windows\SysWOW64\AudioSes.dll
12:07:05.0318 0x0fbc C:\Windows\SysWOW64\AudioSes.dll - ok
12:07:05.0328 0x0fbc [ 418E881201583A3039D81F43E39E6C78, C96AAC161E09BE12815A4E931E65F66DB1A456C03253EF1111AE66F44B1515FF ] C:\Windows\SysWOW64\winsta.dll
12:07:05.0328 0x0fbc C:\Windows\SysWOW64\winsta.dll - ok
12:07:05.0328 0x0fbc [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] C:\Windows\System32\fdPHost.dll
12:07:05.0328 0x0fbc C:\Windows\System32\fdPHost.dll - ok
12:07:05.0328 0x0fbc [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] C:\Windows\System32\FDResPub.dll
12:07:05.0328 0x0fbc C:\Windows\System32\FDResPub.dll - ok
12:07:05.0338 0x0fbc [ 171D7DB433314A868507C4326E8209DC, 254E0D9F99CE47104CF21D8E968D89D6A09B9CE47168E760BAB28AD5A1E9E6A3 ] C:\Windows\System32\fdWSD.dll
12:07:05.0338 0x0fbc C:\Windows\System32\fdWSD.dll - ok
12:07:05.0338 0x0fbc [ 6699A112A3BDC9B52338512894EBA9D6, 10888BB9C3799E1E8B010C0F9088CED376AAD63A509FCE1727C457B022CDC717 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
12:07:05.0338 0x0fbc C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
12:07:05.0338 0x0fbc [ 8494E126F0B10180F3293AF861CE1F7A, 538B1F30423DB2398E611BC46C80150C090698E633BABF7362F7060DBF0C3064 ] C:\Windows\System32\mlang.dll
12:07:05.0338 0x0fbc C:\Windows\System32\mlang.dll - ok
12:07:05.0348 0x0fbc [ BCEA9AB347E53BC03B2E36BE0B8BA0EF, 868DEFB78767E91694E83F931725257DF3FF79A4BFED3B914D27F3493EB7A8D0 ] C:\Windows\System32\httpapi.dll
12:07:05.0348 0x0fbc C:\Windows\System32\httpapi.dll - ok
12:07:05.0348 0x0fbc [ A2E5B2D20954210DCE1A75A1FC8CC36D, 1EA240AC37ECA4EC3E542F9E6DF72753EBA1DF76CBA8691EC61ABCC51EE6FCB2 ] C:\Windows\System32\fdSSDP.dll
12:07:05.0348 0x0fbc C:\Windows\System32\fdSSDP.dll - ok
12:07:05.0348 0x0fbc [ C7494C67A6BF6FE914808E42F8265FEF, 3A3871983F2D9A57739C70365DC3F417D9BF02F5C0C4CC3272EA9F3D380EF962 ] C:\Program Files\Windows Media Player\wmpnssci.dll
12:07:05.0348 0x0fbc C:\Program Files\Windows Media Player\wmpnssci.dll - ok
12:07:05.0358 0x0fbc [ 2A436796758BF2555A26C770FE8A6FEE, 9E42AF3A3CB05E323CBB7F93FE7C454CD251672C5D9F5E94909131A5D8F9204A ] C:\Windows\System32\fdProxy.dll
12:07:05.0358 0x0fbc C:\Windows\System32\fdProxy.dll - ok
12:07:05.0358 0x0fbc [ A9F3BFC9345F49614D5859EC95B9E994, 306467D280E99D0616E839278A4DB5BED684F002AE284C3678CABB5251459CB3 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
12:07:05.0358 0x0fbc C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
12:07:05.0358 0x0fbc [ E36112A8A6C7F840169A7E92C12F4203, 52795B2E6ECCE751EEF5074AF52FDE376A382D0A1C43B90DD4F77A397C00FBC5 ] C:\Windows\System32\wsock32.dll
12:07:05.0358 0x0fbc C:\Windows\System32\wsock32.dll - ok
12:07:05.0358 0x0fbc [ 423982DD851406A52B6399DDB196C606, 5FFBA6D1E9398E7C5D18553EE1C485F59174013622332F7BD8D461F707F1EC93 ] C:\Windows\System32\wmdrmdev.dll
12:07:05.0358 0x0fbc C:\Windows\System32\wmdrmdev.dll - ok
12:07:05.0368 0x0fbc [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] C:\Windows\System32\ListSvc.dll
12:07:05.0368 0x0fbc C:\Windows\System32\ListSvc.dll - ok
12:07:05.0368 0x0fbc [ B6411CED931AFD059E48C52DBFBA95B4, 4E275A691E6A1C07D72DC8DA16B58B6634286A5058C3F4AC0ABD92B9A57FB5D5 ] C:\Windows\System32\P2P.dll
12:07:05.0368 0x0fbc C:\Windows\System32\P2P.dll - ok
12:07:05.0368 0x0fbc [ 4A82EA2807B16FF577AEAF8ADB8779FF, C7F9A45FF80DFDE804D81BEE23C748A465AEB729DF2C9E327374CDD94E300547 ] C:\Windows\System32\IdListen.dll
12:07:05.0368 0x0fbc C:\Windows\System32\IdListen.dll - ok
12:07:05.0378 0x0fbc [ 92E0508D924512F63FFEEFE498CBD11F, 1158011E4A1298DEC79133B40888AA87B06F5B64BA2AB461B58C22F5F9211D0C ] C:\Windows\System32\p2pcollab.dll
12:07:05.0378 0x0fbc C:\Windows\System32\p2pcollab.dll - ok
12:07:05.0378 0x0fbc [ A0524499F4C63CADA7E1529FC77F5DC1, DCAF3C89B7363139EB128C6240CA2B301090BF18C57688B0990FC2BBF680752F ] C:\Windows\System32\hgprint.dll
12:07:05.0378 0x0fbc C:\Windows\System32\hgprint.dll - ok
12:07:05.0378 0x0fbc [ 2C1055E2C6D42753241FB2A129136994, A8E858B4CB8E1E13C7574330C703E0060AEE8B7B19B682F9AE5B4A02BDC659E2 ] C:\Windows\System32\drmv2clt.dll
12:07:05.0378 0x0fbc C:\Windows\System32\drmv2clt.dll - ok
12:07:05.0388 0x0fbc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] C:\Windows\System32\pnrpsvc.dll
12:07:05.0388 0x0fbc C:\Windows\System32\pnrpsvc.dll - ok
12:07:05.0388 0x0fbc [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] C:\Windows\System32\QAGENTRT.DLL
12:07:05.0388 0x0fbc C:\Windows\System32\QAGENTRT.DLL - ok
12:07:05.0388 0x0fbc [ 506A83A3BEEE9FCA09F0170DE9FC7D1B, 2DFBD792B68F3EBEF0843183CAE5D52B6FA04163808AFACF6C0D738455898C36 ] C:\Windows\System32\fveui.dll
12:07:05.0388 0x0fbc C:\Windows\System32\fveui.dll - ok
12:07:05.0388 0x0fbc [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] C:\Windows\System32\p2psvc.dll
12:07:05.0388 0x0fbc C:\Windows\System32\p2psvc.dll - ok
12:07:05.0398 0x0fbc [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1, 13E0350F82C61ED03E9A09FF991610EEDA214B2EBAF042396F29D3D49A6298A9 ] C:\Windows\System32\P2PGraph.dll
12:07:05.0398 0x0fbc C:\Windows\System32\P2PGraph.dll - ok
12:07:05.0398 0x0fbc [ 8CBBB27369F9F07BC5E874E750EAF9D0, 4C4BEA5AD454692E0A56ACFC83C495CA44B7BB2393388A5582CE3EBE5D81E2E1 ] C:\Windows\System32\wmp.dll
12:07:05.0398 0x0fbc C:\Windows\System32\wmp.dll - ok
12:07:05.0398 0x0fbc [ 509E88FF7B257885775791FAF0965D6A, FECD6785984DBB61C6C0EA8A3D8DAF034346E47C88ECA90564F855C2548E40B2 ] C:\Windows\System32\mobsync.exe
12:07:05.0398 0x0fbc C:\Windows\System32\mobsync.exe - ok
12:07:05.0408 0x0fbc [ 770DCACACBC43878C789A984A638CEC7, 39A4A036DC7842B368A8F3B6268C6F196FF0091CF648BFDE3319619082C07520 ] C:\Windows\System32\SyncInfrastructure.dll
12:07:05.0408 0x0fbc C:\Windows\System32\SyncInfrastructure.dll - ok
12:07:05.0408 0x0fbc [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C, 78889511D6F471009674CC958F8BB77B4A79C952634B18E8AFF4A75AA6A60E87 ] C:\Windows\System32\ndiscapCfg.dll
12:07:05.0408 0x0fbc C:\Windows\System32\ndiscapCfg.dll - ok
12:07:05.0408 0x0fbc [ 3D6AF45673C4B31CDECD7F80AF09D443, 7D711D138C107816155AFA5E5FDC6892734074BEFF604B5904177B5D9ACE4670 ] C:\Windows\System32\rascfg.dll
12:07:05.0408 0x0fbc C:\Windows\System32\rascfg.dll - ok
12:07:05.0418 0x0fbc [ 1CF21800E337F4039AAD4C94B4280EE4, EF434CEF6E62A202B85E8EC7916EB998E20B10675437CDE90084CDA938C0AA3F ] C:\Windows\System32\mprmsg.dll
12:07:05.0418 0x0fbc C:\Windows\System32\mprmsg.dll - ok
12:07:05.0418 0x0fbc [ 55DE45B116711881C852D2841E4C84DD, 18E5021530BB44042C85087BAE4FEDA633E01CDCBA09C90A5941B74C75133A35 ] C:\Windows\System32\tcpipcfg.dll
12:07:05.0418 0x0fbc C:\Windows\System32\tcpipcfg.dll - ok
12:07:05.0418 0x0fbc [ A4B9395F5519803EC6146CEAECCA496B, 39E5F1942220153C44BDDBCFFF3A1892C6652CC739FE0527880F778A8ACCAA19 ] C:\Program Files\Internet Explorer\ieproxy.dll
12:07:05.0418 0x0fbc C:\Program Files\Internet Explorer\ieproxy.dll - ok
12:07:05.0418 0x0fbc [ FB4045578F5180BDB1963AB352B78548, 8E645A63436EE6CDDB78E6064AEB04ECE39208F760A3EF13A3F49FDF41505E21 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
12:07:05.0418 0x0fbc C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
12:07:05.0428 0x0fbc [ 2D9E979E6636C9367765E22A6DC1CB3C, 2EE3CD2D48945AA9CDF213E6CECA6884A1BC2AEFD4B3D87CDA8EFFC131DDEC26 ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
12:07:05.0428 0x0fbc C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL - ok
12:07:05.0428 0x0fbc [ F95E1E9D97D25C11F29CA34C843A6F4D, 97DF01FA582425B72EFE54BE1CE8B28C4A8BA680A081F4D32797C5A0425FFB41 ] C:\Windows\SysWOW64\schannel.dll
12:07:05.0428 0x0fbc C:\Windows\SysWOW64\schannel.dll - ok
12:07:05.0428 0x0fbc [ F11A57E91FDAECFB41A5CB21EB1EBC8E, 904DA963F2274ADF521660E3131DAC781E59C6FAEB393E57802A3B5638C09283 ] C:\Windows\System32\dssenh.dll
12:07:05.0428 0x0fbc C:\Windows\System32\dssenh.dll - ok
12:07:05.0438 0x0fbc [ AB272BBFB05A8585C3405EFA9F605774, 2E019FB20769BDBAAC5C55B0055602A5AAEC4F93494F4B2A686756ADA3B3D4E2 ] C:\Windows\System32\wmploc.DLL
12:07:05.0438 0x0fbc C:\Windows\System32\wmploc.DLL - ok
12:07:05.0438 0x0fbc [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] C:\Windows\System32\ssdpsrv.dll
12:07:05.0438 0x0fbc C:\Windows\System32\ssdpsrv.dll - ok
12:07:05.0438 0x0fbc [ 2E7ADF9B0389CD94605717784D7E416A, A8E478A2FAE9013921B41E8929F92006AC17B7961FA60D807E9BA6C1C66E1DC6 ] C:\Windows\System32\drttransport.dll
12:07:05.0438 0x0fbc C:\Windows\System32\drttransport.dll - ok
12:07:05.0448 0x0fbc [ C57BC99A4467B3E8F1CC2184A3F46729, 5DF1CFE59E597CEC6E6C1C3945D5FA4DE487E811F08D4E1A6ACC83932D5FDB42 ] C:\Windows\System32\drt.dll
12:07:05.0448 0x0fbc C:\Windows\System32\drt.dll - ok
12:07:05.0448 0x0fbc [ 97A891E2BF7FDA830BCFC6269DA3F5E9, 7C8D68F0B0A7E4FF93820CC37D666FBA5400F8689860CFEB215E4A204F2C216B ] C:\Windows\System32\blackbox.dll
12:07:05.0448 0x0fbc C:\Windows\System32\blackbox.dll - ok
12:07:05.0448 0x0fbc [ 96DB78C9C50CEED9DA5050EFFEE272A2, 51CF3E1F96555A4E4B5BC0DE2598CE5A0199F495644A91C2105F25A5A4CF10E3 ] C:\Windows\System32\upnp.dll
12:07:05.0448 0x0fbc C:\Windows\System32\upnp.dll - ok
12:07:05.0458 0x0fbc [ 355A138ABDFD43FBABCAE3A1B06AB93D, 26015CE72D27E2F7FA7322203CDF236896A079F8325F1B24975CA12C57FD4B7B ] C:\Windows\System32\wmpps.dll
12:07:05.0458 0x0fbc C:\Windows\System32\wmpps.dll - ok
12:07:05.0458 0x0fbc [ F149E8CAE538DBF7059B00326673F602, 8B576A68AE43B506D0C7E91C63E8EF1DB9E73F0E87E48CF57086BCE51E5F8C36 ] C:\Windows\System32\wmpmde.dll
12:07:05.0458 0x0fbc C:\Windows\System32\wmpmde.dll - ok
12:07:05.0458 0x0fbc [ 021287C2050FD5DB4A8B084E2C38139C, EA27C640FE0F1E8BAE70BEF98E663E68A35336BB6D52D56B2367297D22C50648 ] C:\Windows\System32\WinSATAPI.dll
12:07:05.0458 0x0fbc C:\Windows\System32\WinSATAPI.dll - ok
12:07:05.0458 0x0fbc [ 41905052445D8481457E824C27DB14A2, 782340F6CBE9328A86F606272438A1434755EDC9181FF2088109FF6E1B74D83A ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
12:07:05.0458 0x0fbc C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL - ok
12:07:05.0468 0x0fbc [ 0D7BE936A44E6B70F822D272A5CEBC22, 280E44BF707AD46DB480287975BFDC58C416E05193171836610FBFA2FFBA8AF3 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcr90.dll
12:07:05.0468 0x0fbc C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcr90.dll - ok
12:07:05.0468 0x0fbc [ 28A7D7C7E2FDD1D55F12F750CD6331EC, 0CC0159D3F5682307439D8F3651A080430C7EAB8EFA25BA246AADF4665297E8D ] C:\Windows\System32\MSMPEG2ENC.DLL
12:07:05.0468 0x0fbc C:\Windows\System32\MSMPEG2ENC.DLL - ok
12:07:05.0468 0x0fbc [ 46767946E7B559D981C1DC04EC0AB36F, 69137AA9AEF9727FFD1B65AA4D658C6E8AAD3A062717B447260502B4D7DB90C6 ] C:\Windows\System32\devenum.dll
12:07:05.0468 0x0fbc C:\Windows\System32\devenum.dll - ok
12:07:05.0478 0x0fbc [ 558C42D165DB5799B4072DC0A9C27C0B, 2385E16ACF07252D5567EC091C1B39D39BB8199F60854D5A91EDC948C57B3A3F ] C:\Windows\System32\msdmo.dll
12:07:05.0478 0x0fbc C:\Windows\System32\msdmo.dll - ok
12:07:05.0478 0x0fbc [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] C:\Windows\System32\upnphost.dll
12:07:05.0478 0x0fbc C:\Windows\System32\upnphost.dll - ok
12:07:05.0478 0x0fbc [ 619A67C9F617B7E69315BB28ECD5E1DF, F34F231D117CCDFEBB9CB35C8D6FDFA7051DA27FDC1204FCCFF361FC0B13A0FF ] C:\Windows\System32\wbem\WmiPrvSE.exe
12:07:05.0478 0x0fbc C:\Windows\System32\wbem\WmiPrvSE.exe - ok
12:07:05.0488 0x0fbc [ 07AD88DF9EF73215458867EFC1BFFE9E, 8C659B6F31111C09448B68889623886658C96467E7E5C95C1714E18AD3924463 ] C:\Windows\System32\wbem\wmiprov.dll
12:07:05.0488 0x0fbc C:\Windows\System32\wbem\wmiprov.dll - ok
12:07:05.0488 0x0fbc [ ECA6AC33BD9E441F7B47D173D715D268, 5B9017F80BD8C7823CFE1AB4C21D91388E1B31BF0D77058A98791D2FACA11EB6 ] C:\Windows\System32\msxml3.dll
12:07:05.0488 0x0fbc C:\Windows\System32\msxml3.dll - ok
12:07:05.0488 0x0fbc [ 71E68F2443A80BD4DA89181889C457EA, 8665D3DDF92B05EF287FB6EC43782512C23A1437764CF6F4DE0B00547F3C696B ] C:\Windows\System32\udhisapi.dll
12:07:05.0488 0x0fbc C:\Windows\System32\udhisapi.dll - ok
12:07:05.0488 0x0fbc ================ Scan generic autorun ======================
12:07:05.0818 0x0fbc [ A95B965C141A3FC74E7C246163253B0E, CB7DA2873231A7188CF7DC1CECF1F7F51F6EBDAF6DC5FA355381D000C372B734 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
12:07:06.0008 0x0fbc RtHDVCpl - ok
12:07:06.0078 0x0fbc [ 4F46EA70C7579052F764D0F9B81D23C2, EABE443ABC39AFDA49762A78711FAB4C7367680BE4F0B79F3144362D4A272238 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
12:07:06.0108 0x0fbc NvBackend - ok
12:07:06.0178 0x0fbc [ 1315C5C5C54CE2AA37A155F97027DB59, 70CDA6AE7FF4FD08FAD931477C524957952EDC89985696FD988B9786A349C565 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
12:07:06.0188 0x0fbc AdobeAAMUpdater-1.0 - ok
12:07:06.0188 0x0fbc InstallerLauncher - ok
12:07:06.0248 0x0fbc [ 67BD916F01424DEB8AB8CD9E0096F277, D1E4A7BA332DA229138E89E5C4550A58ADD896B85728DF6BA33F1DE57D586E77 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
12:07:06.0248 0x0fbc BCSSync - ok
12:07:06.0278 0x0fbc [ BAD6BEA0DE1F69C82BDB74378CE0C20A, ADA84B75173E9D03C180B527E31475ACA16CB19532C3EDA11357BD37049927E3 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
12:07:06.0298 0x0fbc Adobe ARM - ok
12:07:06.0348 0x0fbc [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:07:06.0378 0x0fbc Sidebar - ok
12:07:06.0398 0x0fbc [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:07:06.0398 0x0fbc mctadmin - ok
12:07:06.0438 0x0fbc [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:07:06.0458 0x0fbc Sidebar - ok
12:07:06.0458 0x0fbc [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:07:06.0468 0x0fbc mctadmin - ok
12:07:06.0578 0x0fbc [ F73154E180105822A5F9B755BA933737, 1CD775B6CE3736A70EC5FC7A6B77A2FEDA70D59B49A66046CC20B341005501D9 ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
12:07:06.0628 0x0fbc DAEMON Tools Lite - ok
12:07:06.0648 0x0fbc Skype - ok
12:07:06.0748 0x0fbc [ 3433CF435F84B24965A8202118F41A7A, 18A9C06FDEC96CF8ABA818786B266DABC3A22077AF55A39B76AAF24DA63DE3FD ] C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
12:07:06.0758 0x0fbc uTorrent - ok
12:07:06.0878 0x0fbc Win FW state via NFP2: enabled
12:07:06.0878 0x0fbc ============================================================
12:07:06.0878 0x0fbc Scan finished
12:07:06.0878 0x0fbc ============================================================
12:07:06.0888 0x0fb4 Detected object count: 0
12:07:06.0888 0x0fb4 Actual detected object count: 0
12:07:17.0078 0x0a3c Deinitialize success

#9
Dilettante

Posted 14 July 2014 - 03:14 AM

Member

Topic Starter
Member
21 posts

It also might be worth of mention that I have no issues with search engines for last three days, even though I'm absolutely sure I haven't done anything lately that could have cured any of my computers.

#10
Naathim

Posted 14 July 2014 - 03:21 AM

GeekU Minion

Expert
4,568 posts

I still think that we need to investigate your issue further.

Please also post me the report from CKScanner.

Будьмо!
Radek/Naat

#11
Dilettante

Posted 14 July 2014 - 03:51 AM

Member

Topic Starter
Member
21 posts

Yes, Naat, I totally agree we must do what we can to make sure if there's any problems. Just mentioned to ease my consciousness in case we wil end up finding nothing.

Here's a report from CKScanner

CKScanner 2.4 - Additional Security Risks - These are not necessarily bad
c:\program files\adobe\adobe premiere pro cs6\plug-ins\en_us\vstplugins\decrackler1.dll
c:\program files\adobe\adobe premiere pro cs6\plug-ins\en_us\vstplugins\decrackler2.dll
c:\program files\adobe\adobe premiere pro cs6\plug-ins\en_us\vstplugins\decrackler6.dll
c:\program files\adobe\adobe premiere pro cs6\plug-ins\zh_cn\vstplugins\decrackler1.dll
c:\program files\adobe\adobe premiere pro cs6\plug-ins\zh_cn\vstplugins\decrackler2.dll
c:\program files\adobe\adobe premiere pro cs6\plug-ins\zh_cn\vstplugins\decrackler6.dll
c:\program files\common files\native instruments\kontakt 5\presets\effects\convolution\05 drum reverbs\0.4s firecracker snare orven.nkp
c:\program files (x86)\izotope\alloy 2\presets\global presets\drums (individual)\snare\snare on crack.xml
c:\program files (x86)\magix\samplitude_pro_x_suite_download_version\bitmaps\mxgui.4.0\dsp_hostbar_modernse_declickerdecrackler.ini
c:\program files (x86)\waves\plug-ins\documents\x-crackle.pdf.lnk
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\desktop.ini
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\x-crackle.ico
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources.tar
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\linux32\xlgn
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\linux32\xlmc
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\x-crackle.pdf
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\adut\1
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\agrc\1
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\crsr\1228
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\crsr\1229
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\crsr\1230
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\crsr\1231
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\crsr\128
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\crsr\129
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\crsr\130
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\crsr\131
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\crsr\132
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\crsr\133
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\crsr\134
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\crsr\135
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\crsr\136
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\crsr\137
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\crsr\138
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\crsr\139
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\crsr\140
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\crsr\141
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\crsr\142
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\crsr\143
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\crsr\144
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\crsr\53
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\dae_\1
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\dmrk\1
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\dsh_\1
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\mrkc\1
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\mvs3\1000
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\mxss\1
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\nrkc\1
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\png_\10128
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\png_\10129
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\png_\10130
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\png_\10131
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\png_\10140
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\png_\10156
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\png_\10157
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\png_\10158
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\png_\10159
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\png_\10160
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\png_\10161
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\png_\10162
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\png_\10164
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\png_\10200
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\png_\128
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\png_\129
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\png_\130
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\png_\131
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\png_\14600
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\png_\14601
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\png_\400
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\png_\401
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\png_\402
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\png_\403
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\png_\404
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\png_\405
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\png_\406
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\png_\407
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\png_\408
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\png_\409
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\png_\410
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\png_\411
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\png_\412
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\png_\413
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\png_\414
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\png_\415
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\png_\416
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\png_\417
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\png_\418
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\png_\419
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\test\1
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\vst2\1
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\ws56\5200
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\ws56\5201
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\ws56\5210
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\ws56\5211
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\xalg\1001
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\xcli\1000
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\xcli\1001
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\xdae\1000
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\xgui\1000
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\xinf\1000
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\xpgt\3950
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\xpll\1001
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\xprm\1000
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\xpst\1000
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\xsig\1
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\resources\xwic\1100
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\win32\genericmulticoreprocessor.dll
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\win32\genericwinprocess.dll
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\win32\x-crackle.dll
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\win64\genericmulticoreprocessor.dll
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\win64\genericwinprocess.dll
c:\program files (x86)\waves\plug-ins\x-crackle.bundle\contents\win64\x-crackle.dll
c:\users\user\documents\plug and mix\plug-in settings\pm-vinylizer\01-factory presets\amy crackhouse.dcprg
hosts 127.0.0.1 activate.adobe.com
scanner sequence 3.ZZ.11.RVAPLZ
----- EOF -----

That looks weird. Like it listed anything with 'crack' in it, including many of my audio processing VST plugins DLLs and their folders. :headscratch:

#12
Naathim

Posted 14 July 2014 - 04:09 AM

GeekU Minion

Expert
4,568 posts

No, that doesn't look weird. I'd say that it looks pretty good

Give me some time to assess our situation, I should come back to you later this afternoon

Minion

#13
Naathim

Posted 14 July 2014 - 04:43 AM

GeekU Minion

Expert
4,568 posts

OK Vlad, one more detailed scan to go.

Scan with Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool x64 and save it to your Desktop.

Right-click on icon and select Run as Administrator to start the tool.
(XP users click run after receipt of Windows Security Warning - Open File).
When the tool opens click Yes to disclaimer.
Make sure that Addition option is checked.
Press Scan button and wait.
The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please copy and paste their content into your next reply.

#14
Dilettante

Posted 14 July 2014 - 06:10 AM

Member

Topic Starter
Member
21 posts

He again, Naat.

here's the content of FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-07-2014
Ran by User (administrator) on USER-PC on 14-07-2014 15:05:24
Running from C:\Users\User\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(BitTorrent Inc.) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaire.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13213840 2012-10-26] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1797064 2014-03-20] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\Installer.exe"
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2010-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [821144 2010-10-25] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2014-05-26] (Microsoft Corporation)
HKU\S-1-5-21-3403200650-3170960564-2564201062-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3403200650-3170960564-2564201062-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21445248 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3403200650-3170960564-2564201062-1000\...\Run: [uTorrent] => C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe [1322832 2014-07-03] (BitTorrent Inc.)
HKU\S-1-5-21-3403200650-3170960564-2564201062-1000\...\Run: [AdobeBridge] => [X]
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA2B1AC6AFA78CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.co...age={startPage}
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\degkl1z6.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\degkl1z6.default\searchplugins\-.xml
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\degkl1z6.default\searchplugins\zonealarm.xml
FF Extension: TinEye Reverse Image Search - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\degkl1z6.default\Extensions\[email protected] [2014-07-12]
FF Extension: Download YouTube Videos as MP4 - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\degkl1z6.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2014-07-12]
FF Extension: Search By Image (by Google) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\degkl1z6.default\Extensions\{ce7e73df-6a44-4028-8079-5927a588c948}.xpi [2014-07-12]
FF Extension: Adblock Plus - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\degkl1z6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-28]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-05-28]

==================== Services (Whitelisted) =================

R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S2 ZAPrivacyService; "C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe" [X]

==================== Drivers (Whitelisted) ====================

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-05-26] (Disc Soft Ltd)
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [231112 2013-01-03] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [301256 2013-01-03] (VIA Technologies, Inc.)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-07-14 15:05 - 2014-07-14 15:06 - 00009633 _____ () C:\Users\User\Desktop\FRST.txt
2014-07-14 15:05 - 2014-07-14 15:05 - 00000000 ____D () C:\FRST
2014-07-14 15:04 - 2014-07-14 15:04 - 02086912 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2014-07-14 12:46 - 2014-07-14 12:46 - 00009774 _____ () C:\Users\User\Desktop\ckfiles.txt
2014-07-14 12:34 - 2014-07-14 12:34 - 00468480 _____ () C:\Users\User\Desktop\CKScanner.exe
2014-07-14 12:01 - 2014-07-14 12:01 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\User\Desktop\tdsskiller.exe
2014-07-14 00:54 - 2014-07-14 00:54 - 00000021 _____ () C:\folders.log
2014-07-14 00:54 - 2014-07-14 00:54 - 00000000 ____D () C:\zoek
2014-07-14 00:49 - 2014-07-13 11:10 - 00031544 _____ () C:\zoek-results2014-07-13-081059.log
2014-07-14 00:48 - 2014-07-14 00:55 - 00003006 _____ () C:\runcheck.txt
2014-07-13 11:06 - 2014-07-14 00:55 - 00009009 _____ () C:\zoek-results.log
2014-07-13 11:05 - 2014-07-14 00:55 - 00000000 ____D () C:\zoek_backup
2014-07-13 11:05 - 2014-07-13 11:05 - 01285120 _____ () C:\Users\User\Desktop\zoek.exe
2014-07-13 11:01 - 2014-07-13 11:01 - 00253181 _____ () C:\ProgramData\1405238309.bdinstall.bin
2014-07-09 06:06 - 2014-06-20 23:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 06:06 - 2014-06-20 22:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 06:06 - 2014-06-19 04:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 06:06 - 2014-06-19 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 06:06 - 2014-06-19 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 06:06 - 2014-06-19 03:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 06:06 - 2014-06-19 03:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 06:06 - 2014-06-19 03:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 06:06 - 2014-06-19 03:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-09 06:06 - 2014-06-19 03:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-09 06:06 - 2014-06-19 03:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 06:06 - 2014-06-19 03:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 06:06 - 2014-06-19 03:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 06:06 - 2014-06-19 03:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 06:06 - 2014-06-19 03:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 06:06 - 2014-06-19 03:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-09 06:06 - 2014-06-19 03:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 06:06 - 2014-06-19 03:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 06:06 - 2014-06-19 03:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 06:06 - 2014-06-19 02:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 06:06 - 2014-06-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 06:06 - 2014-06-19 02:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 06:06 - 2014-06-19 02:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 06:06 - 2014-06-19 02:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 06:06 - 2014-06-19 02:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 06:06 - 2014-06-19 02:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 06:06 - 2014-06-19 02:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-09 06:06 - 2014-06-19 02:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 06:06 - 2014-06-19 02:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-09 06:06 - 2014-06-19 02:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-09 06:06 - 2014-06-19 02:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 06:06 - 2014-06-19 02:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 06:06 - 2014-06-19 02:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 06:06 - 2014-06-19 02:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 06:06 - 2014-06-19 02:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 06:06 - 2014-06-19 02:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 06:06 - 2014-06-19 02:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-09 06:06 - 2014-06-19 02:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-09 06:06 - 2014-06-19 02:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-09 06:06 - 2014-06-19 02:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 06:06 - 2014-06-19 02:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-09 06:06 - 2014-06-19 02:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 06:06 - 2014-06-19 01:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 06:06 - 2014-06-19 01:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 06:06 - 2014-06-19 01:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 06:06 - 2014-06-19 01:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 06:06 - 2014-06-19 01:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 06:06 - 2014-06-19 01:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 06:06 - 2014-06-19 01:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-09 06:06 - 2014-06-19 01:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 06:06 - 2014-06-19 01:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 06:06 - 2014-06-19 01:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 06:06 - 2014-06-19 01:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 06:06 - 2014-06-19 01:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 06:06 - 2014-06-19 01:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 06:06 - 2014-06-19 01:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-09 06:05 - 2014-06-30 05:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-09 06:05 - 2014-06-30 05:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-09 06:05 - 2014-06-18 05:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 06:05 - 2014-06-18 04:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 06:05 - 2014-06-18 04:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 06:05 - 2014-06-05 17:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 06:05 - 2014-06-05 17:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-09 06:05 - 2014-06-05 17:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-09 06:05 - 2014-05-30 11:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-09 06:05 - 2014-05-30 11:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-09 06:05 - 2014-05-30 11:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-09 06:05 - 2014-05-30 11:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-09 06:05 - 2014-05-30 11:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-09 06:05 - 2014-05-30 11:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-09 06:05 - 2014-05-30 11:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-09 06:05 - 2014-05-30 10:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-09 06:05 - 2014-05-30 10:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-09 06:05 - 2014-05-30 10:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-09 06:05 - 2014-05-30 10:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-09 06:05 - 2014-05-30 10:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-09 06:05 - 2014-05-30 10:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-09 06:05 - 2014-05-30 10:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-09 06:04 - 2014-06-06 13:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 06:04 - 2014-06-06 12:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 06:04 - 2014-05-30 09:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 04:39 - 2014-07-09 04:39 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Arturia
2014-07-09 04:39 - 2014-07-09 04:39 - 00000000 ____D () C:\ProgramData\Arturia
2014-07-09 04:39 - 2014-07-09 04:39 - 00000000 ____D () C:\Program Files (x86)\Arturia
2014-07-07 03:44 - 2014-07-07 03:44 - 00000000 ____D () C:\Users\User\Documents\Camtasia Studio
2014-07-07 03:36 - 2014-07-07 03:36 - 00000000 ____D () C:\Windows\SysWOW64\QuickTime
2014-07-07 03:36 - 2014-07-07 03:36 - 00000000 ____D () C:\ProgramData\TechSmith
2014-07-07 03:36 - 2014-07-07 03:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camtasia Studio 7
2014-07-07 03:36 - 2014-07-07 03:36 - 00000000 ____D () C:\Program Files (x86)\TechSmith
2014-07-07 03:36 - 2014-07-07 03:36 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-07-06 18:00 - 2014-07-06 18:00 - 00028672 _____ () C:\Windows\SysWOW64\KAWAELIC.dll
2014-07-06 18:00 - 2014-07-06 18:00 - 00024064 _____ () C:\Windows\system32\KAWAELIC.dll
2014-07-05 06:48 - 2014-07-05 06:48 - 00102273 _____ () C:\ProgramData\1404532092.bdinstall.bin
2014-07-03 06:42 - 2014-07-04 13:14 - 00000000 ____D () C:\Users\User\AppData\Roaming\Audacity
2014-07-03 06:42 - 2014-07-03 06:42 - 00001029 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2014-07-03 06:42 - 2014-07-03 06:42 - 00000000 ____D () C:\Program Files (x86)\Audacity
2014-06-30 04:53 - 2014-06-30 18:39 - 00002313 _____ () C:\Users\User\Desktop\монеты.txt
2014-06-29 13:14 - 2014-06-29 13:14 - 00000385 _____ () C:\Users\User\AppData\Roaminguser_gensett.xml
2014-06-24 03:10 - 2014-06-24 03:10 - 01401755 _____ () C:\ProgramData\1403567836.bdinstall.bin
2014-06-24 03:09 - 2014-06-24 03:09 - 00000385 _____ () C:\Windows\system32\user_gensett.xml
2014-06-24 03:09 - 2014-06-24 03:09 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-06-24 03:09 - 2014-06-24 03:09 - 00000000 ____D () C:\ProgramData\BDLogging
2014-06-24 03:09 - 2009-07-15 01:21 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2014-06-24 03:08 - 2013-11-04 16:47 - 00074512 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll
2014-06-24 03:08 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll
2014-06-24 02:57 - 2014-06-24 03:11 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2014-06-24 02:57 - 2014-06-24 02:57 - 00000000 ____D () C:\Users\User\AppData\Roaming\QuickScan
2014-06-24 02:57 - 2013-11-04 16:47 - 00084848 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUISkin.dll
2014-06-24 02:57 - 2013-11-04 16:46 - 00034384 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUH.dll
2014-06-24 02:31 - 2014-06-24 02:31 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-06-24 02:31 - 2014-06-24 02:31 - 00000000 ____D () C:\Program Files (x86)\HiJack
2014-06-22 23:03 - 2008-07-22 04:25 - 1452644352 _____ () C:\Users\User\Desktop\Rosencrantz and Guildenstern Are Dead - (Rus, Zavgorodny).avi
2014-06-21 16:05 - 2014-06-21 14:57 - 535106257 ____N () C:\Users\User\Desktop\VID_20140621_145727.mp4
2014-06-20 14:42 - 2014-06-20 14:42 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-06-18 18:39 - 2014-06-18 18:39 - 00000000 ____D () C:\Users\User\Desktop\New folder
2014-06-18 12:40 - 2014-06-18 12:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-16 00:39 - 2014-06-16 00:39 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1402868417631
2014-06-16 00:39 - 2014-06-16 00:39 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1402868417631
2014-06-16 00:35 - 2014-06-24 02:50 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-06-14 16:00 - 2014-05-08 12:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-14 16:00 - 2014-05-08 12:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-14 16:00 - 2014-04-05 05:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-14 16:00 - 2014-04-05 05:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-14 15:59 - 2014-04-25 05:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-14 15:59 - 2014-04-25 05:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-14 15:59 - 2014-03-26 17:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-14 15:59 - 2014-03-26 17:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-14 15:59 - 2014-03-26 17:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-14 15:59 - 2014-03-26 17:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-14 15:59 - 2014-03-26 17:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-14 15:59 - 2014-03-26 17:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-14 15:59 - 2014-03-26 17:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-14 15:59 - 2014-03-26 17:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll

==================== One Month Modified Files and Folders =======

2014-07-14 15:06 - 2014-07-14 15:05 - 00009633 _____ () C:\Users\User\Desktop\FRST.txt
2014-07-14 15:06 - 2014-05-26 18:19 - 00000000 ____D () C:\Temp
2014-07-14 15:05 - 2014-07-14 15:05 - 00000000 ____D () C:\FRST
2014-07-14 15:05 - 2014-05-28 01:37 - 00000000 ____D () C:\Users\User\AppData\Roaming\uTorrent
2014-07-14 15:04 - 2014-07-14 15:04 - 02086912 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2014-07-14 14:59 - 2014-05-27 14:01 - 00000000 ____D () C:\Users\User\AppData\Roaming\Skype
2014-07-14 12:46 - 2014-07-14 12:46 - 00009774 _____ () C:\Users\User\Desktop\ckfiles.txt
2014-07-14 12:34 - 2014-07-14 12:34 - 00468480 _____ () C:\Users\User\Desktop\CKScanner.exe
2014-07-14 12:22 - 2009-07-14 07:45 - 00015168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-14 12:22 - 2009-07-14 07:45 - 00015168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-14 12:19 - 2014-05-26 14:47 - 01823126 _____ () C:\Windows\WindowsUpdate.log
2014-07-14 12:19 - 2009-07-14 08:13 - 00795870 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-14 12:15 - 2009-07-14 08:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-14 12:15 - 2009-07-14 07:51 - 00035434 _____ () C:\Windows\setupact.log
2014-07-14 12:05 - 2014-05-26 17:20 - 00482676 _____ () C:\Windows\PFRO.log
2014-07-14 12:01 - 2014-07-14 12:01 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\User\Desktop\tdsskiller.exe
2014-07-14 00:55 - 2014-07-14 00:48 - 00003006 _____ () C:\runcheck.txt
2014-07-14 00:55 - 2014-07-13 11:06 - 00009009 _____ () C:\zoek-results.log
2014-07-14 00:55 - 2014-07-13 11:05 - 00000000 ____D () C:\zoek_backup
2014-07-14 00:54 - 2014-07-14 00:54 - 00000021 _____ () C:\folders.log
2014-07-14 00:54 - 2014-07-14 00:54 - 00000000 ____D () C:\zoek
2014-07-13 11:10 - 2014-07-14 00:49 - 00031544 _____ () C:\zoek-results2014-07-13-081059.log
2014-07-13 11:05 - 2014-07-13 11:05 - 01285120 _____ () C:\Users\User\Desktop\zoek.exe
2014-07-13 11:01 - 2014-07-13 11:01 - 00253181 _____ () C:\ProgramData\1405238309.bdinstall.bin
2014-07-12 14:16 - 2014-05-28 01:53 - 00000000 ____D () C:\Program Files (x86)\The KMPlayer
2014-07-10 18:10 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\rescache
2014-07-10 12:00 - 2009-07-14 07:45 - 05143560 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-10 11:57 - 2014-05-26 19:58 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-10 11:57 - 2009-07-14 10:47 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 11:57 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-10 11:57 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-09 06:08 - 2014-05-26 15:15 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-09 06:07 - 2014-05-26 15:15 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-09 04:39 - 2014-07-09 04:39 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Arturia
2014-07-09 04:39 - 2014-07-09 04:39 - 00000000 ____D () C:\ProgramData\Arturia
2014-07-09 04:39 - 2014-07-09 04:39 - 00000000 ____D () C:\Program Files (x86)\Arturia
2014-07-09 04:39 - 2014-05-27 02:15 - 00000000 ____D () C:\Program Files (x86)\VSTPlugIns
2014-07-07 03:44 - 2014-07-07 03:44 - 00000000 ____D () C:\Users\User\Documents\Camtasia Studio
2014-07-07 03:36 - 2014-07-07 03:36 - 00000000 ____D () C:\Windows\SysWOW64\QuickTime
2014-07-07 03:36 - 2014-07-07 03:36 - 00000000 ____D () C:\ProgramData\TechSmith
2014-07-07 03:36 - 2014-07-07 03:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camtasia Studio 7
2014-07-07 03:36 - 2014-07-07 03:36 - 00000000 ____D () C:\Program Files (x86)\TechSmith
2014-07-07 03:36 - 2014-07-07 03:36 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-07-06 18:00 - 2014-07-06 18:00 - 00028672 _____ () C:\Windows\SysWOW64\KAWAELIC.dll
2014-07-06 18:00 - 2014-07-06 18:00 - 00024064 _____ () C:\Windows\system32\KAWAELIC.dll
2014-07-05 06:48 - 2014-07-05 06:48 - 00102273 _____ () C:\ProgramData\1404532092.bdinstall.bin
2014-07-04 13:14 - 2014-07-03 06:42 - 00000000 ____D () C:\Users\User\AppData\Roaming\Audacity
2014-07-04 12:10 - 2014-05-27 03:14 - 00000000 ____D () C:\Users\User\AppData\Roaming\iZotope
2014-07-03 06:42 - 2014-07-03 06:42 - 00001029 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2014-07-03 06:42 - 2014-07-03 06:42 - 00000000 ____D () C:\Program Files (x86)\Audacity
2014-07-03 01:51 - 2014-05-27 02:46 - 00000000 ____D () C:\Users\User\AppData\Roaming\Waves Audio
2014-06-30 18:39 - 2014-06-30 04:53 - 00002313 _____ () C:\Users\User\Desktop\монеты.txt
2014-06-30 07:34 - 2014-05-28 15:21 - 00000000 ____D () C:\ProgramData\Adobe
2014-06-30 07:34 - 2014-05-26 20:04 - 00000000 ____D () C:\Users\User\AppData\Roaming\Adobe
2014-06-30 05:09 - 2014-07-09 06:05 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-30 05:04 - 2014-07-09 06:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-29 13:14 - 2014-06-29 13:14 - 00000385 _____ () C:\Users\User\AppData\Roaminguser_gensett.xml
2014-06-24 03:11 - 2014-06-24 02:57 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2014-06-24 03:10 - 2014-06-24 03:10 - 01401755 _____ () C:\ProgramData\1403567836.bdinstall.bin
2014-06-24 03:09 - 2014-06-24 03:09 - 00000385 _____ () C:\Windows\system32\user_gensett.xml
2014-06-24 03:09 - 2014-06-24 03:09 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-06-24 03:09 - 2014-06-24 03:09 - 00000000 ____D () C:\ProgramData\BDLogging
2014-06-24 02:57 - 2014-06-24 02:57 - 00000000 ____D () C:\Users\User\AppData\Roaming\QuickScan
2014-06-24 02:50 - 2014-06-16 00:35 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-06-24 02:50 - 2014-05-27 01:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-24 02:31 - 2014-06-24 02:31 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-06-24 02:31 - 2014-06-24 02:31 - 00000000 ____D () C:\Program Files (x86)\HiJack
2014-06-21 14:57 - 2014-06-21 16:05 - 535106257 ____N () C:\Users\User\Desktop\VID_20140621_145727.mp4
2014-06-20 23:14 - 2014-07-09 06:06 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-20 22:39 - 2014-07-09 06:06 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-06-20 14:42 - 2014-06-20 14:42 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-06-19 04:39 - 2014-07-09 06:06 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-19 04:06 - 2014-07-09 06:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-19 04:06 - 2014-07-09 06:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-19 03:48 - 2014-07-09 06:06 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-19 03:42 - 2014-07-09 06:06 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-19 03:42 - 2014-07-09 06:06 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-19 03:41 - 2014-07-09 06:06 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-06-19 03:41 - 2014-07-09 06:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-19 03:32 - 2014-07-09 06:06 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-19 03:31 - 2014-07-09 06:06 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-19 03:26 - 2014-07-09 06:06 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-19 03:24 - 2014-07-09 06:06 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-19 03:24 - 2014-07-09 06:06 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-19 03:23 - 2014-07-09 06:06 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-19 03:16 - 2014-07-09 06:06 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-19 03:14 - 2014-07-09 06:06 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-19 03:09 - 2014-07-09 06:06 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-19 02:59 - 2014-07-09 06:06 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-19 02:56 - 2014-07-09 06:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-19 02:53 - 2014-07-09 06:06 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-19 02:51 - 2014-07-09 06:06 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-19 02:50 - 2014-07-09 06:06 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-19 02:48 - 2014-07-09 06:06 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-19 02:39 - 2014-07-09 06:06 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-19 02:38 - 2014-07-09 06:06 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-19 02:37 - 2014-07-09 06:06 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-19 02:36 - 2014-07-09 06:06 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-19 02:35 - 2014-07-09 06:06 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-06-19 02:33 - 2014-07-09 06:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-19 02:32 - 2014-07-09 06:06 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-19 02:28 - 2014-07-09 06:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-19 02:28 - 2014-07-09 06:06 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-19 02:27 - 2014-07-09 06:06 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-19 02:27 - 2014-07-09 06:06 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-19 02:25 - 2014-07-09 06:06 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-19 02:23 - 2014-07-09 06:06 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-19 02:22 - 2014-07-09 06:06 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-19 02:12 - 2014-07-09 06:06 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-19 02:06 - 2014-07-09 06:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-19 02:01 - 2014-07-09 06:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-19 01:59 - 2014-07-09 06:06 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-19 01:58 - 2014-07-09 06:06 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-19 01:58 - 2014-07-09 06:06 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-19 01:52 - 2014-07-09 06:06 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-19 01:51 - 2014-07-09 06:06 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-19 01:49 - 2014-07-09 06:06 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-19 01:46 - 2014-07-09 06:06 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-19 01:45 - 2014-07-09 06:06 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-19 01:35 - 2014-07-09 06:06 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-19 01:34 - 2014-07-09 06:06 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-19 01:15 - 2014-07-09 06:06 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-19 01:13 - 2014-07-09 06:06 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-19 01:09 - 2014-07-09 06:06 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-19 01:07 - 2014-07-09 06:06 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-18 18:39 - 2014-06-18 18:39 - 00000000 ____D () C:\Users\User\Desktop\New folder
2014-06-18 12:40 - 2014-06-18 12:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-18 05:18 - 2014-07-09 06:05 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-06-18 04:51 - 2014-07-09 06:05 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-06-18 04:10 - 2014-07-09 06:05 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-06-17 04:40 - 2014-05-27 01:21 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-17 04:40 - 2014-05-27 01:21 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-16 00:39 - 2014-06-16 00:39 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1402868417631
2014-06-16 00:39 - 2014-06-16 00:39 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1402868417631
2014-06-14 16:38 - 2014-05-27 20:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-07-08 00:23

==================== End Of Log ============================

#15
Dilettante

Posted 14 July 2014 - 06:12 AM

Member

Topic Starter
Member
21 posts

And here's Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-07-2014
Ran by User at 2014-07-14 15:06:20
Running from C:\Users\User\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32126 - BitTorrent Inc.)
Adobe Acrobat X Pro - English, Franзais, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.0.0 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avid License Control (HKLM-x32\...\{F187D064-F101-4E95-8D05-4027809AA0F8}) (Version: 3.0.1 - Avid Technology, Inc.)
Camtasia Studio 7 (HKLM-x32\...\{C0E8FE43-C35B-451D-B35F-D4BD056D70E7}) (Version: 7.1.1 - Корпорация TechSmith)
CorelDRAW Graphics Suite X6 - Capture (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Common (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Connect (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Custom Data (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Draw (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - EN (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Filters (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - FontNav (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IPM (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Photozoom Plugin (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Redist (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Setup Files (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VBA (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VideoBrowser (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VSTA (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Writing Tools (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 (64-Bit) (HKLM\...\_{BDBFAC49-8877-472F-876B-75ADB7DBC955}) (Version: 16.0.0.707 - Corel Corporation)
CorelDRAW Graphics Suite X6 (x64) (Version: 16.0 - Corel Corporation) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
MAGIX Burn routines (64-Bit) (HKLM\...\{49146694-5F5F-4B1F-AD15-6587F47A0FD7}) (Version: 9.0.0.212 - MAGIX AG)
MAGIX Low Latency Driver (64-Bit) (HKLM\...\{42976FDB-5756-4077-A491-095F228E99E2}) (Version: 2.10.2011.0 - MAGIX AG)
MAGIX Speed burnR (MSI) (HKLM-x32\...\{29F291A9-F1FB-4DD3-A72D-CF15A486CD90}) (Version: 7.0.1.27 - MAGIX AG)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
ModifyRegistry version 0.1 (HKLM-x32\...\{1D5BE6B5-7FD4-4A78-90F2-AF6B53BC8C1C}_is1) (Version: 0.1 - VIA Technologies, Inc.)
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 en-US)) (Version: 24.6.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Native Instruments Kontakt 5 (Version: 5.2.1.6382 - Native Instruments) Hidden
NVIDIA Control Panel 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.145.1024 - NVIDIA Corporation) Hidden
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
NVIDIA Update Core (Version: 10.4.0 - NVIDIA Corporation) Hidden
PCM Native Reverb Bundle (HKLM-x32\...\PCM Native Reverb Bundle) (Version: - Lexicon)
PCM Native Reverb Bundle (x32 Version: 1.1.3 - Lexicon) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Platform (x32 Version: 1.40 - VIA Technologies, Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6767 - Realtek Semiconductor Corp.)
Samplitude Pro X Suite Download Version (HKLM-x32\...\MAGIX_MSI_SamProX_Suite) (Version: 12.0.0.59 - MAGIX AG)
Samplitude Pro X Suite Download Version (x32 Version: 12.0.0.59 - MAGIX AG) Hidden
Sibelius 7 OpenType Fonts (HKLM-x32\...\{623C2BD8-1B28-4F98-B578-E9D139827269}) (Version: 7.1.3 - Avid)
Sibelius 7.5 (HKLM\...\{BBADBAB3-56A4-444B-834E-D8730B574C3E}) (Version: 7.5.0.164 - Avid Technology)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.9.0.124 - PandoraTV)
Total Commander Extended (HKCU\...\Total Commander Extended) (Version: 7.5 - BurSoft)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.40 - VIA Technologies, Inc.)
Waves Complete V9r14 (HKLM-x32\...\{91000001-C561-4E32-99EB-3C5AD3683A70}) (Version: 9.1.14 - Waves)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Restore Points =========================

02-07-2014 01:29:30 Scheduled Checkpoint
07-07-2014 00:35:53 Установлено: Camtasia Studio 7
09-07-2014 03:06:19 Windows Update
13-07-2014 08:06:45 zoek.exe restore point
13-07-2014 11:02:47 Windows Update
13-07-2014 21:49:14 zoek.exe restore point

==================== Hosts content: ==========================

2009-07-14 05:34 - 2014-05-28 15:22 - 00000854 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com

==================== Scheduled Tasks (whitelisted) =============

==================== Loaded Modules (whitelisted) =============

2014-05-26 15:14 - 2014-03-04 16:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-27 20:23 - 2014-06-14 16:38 - 03022960 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-05-27 20:23 - 2014-06-14 16:38 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-05-27 20:23 - 2014-06-14 16:38 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2014-06-18 12:40 - 2014-06-18 12:40 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Temp:atYxz5bW8isrhZBnx1

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\91654085.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\91654085.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

==================== MSCONFIG/TASK MANAGER disabled items =========

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (07/14/2014 00:22:11 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1".Error in manifest or policy file "WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" on line WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (07/14/2014 00:22:11 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1".Error in manifest or policy file "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" on line WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (07/14/2014 00:22:11 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1".Error in manifest or policy file "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" on line WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (07/13/2014 01:01:46 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1".Error in manifest or policy file "WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" on line WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (07/13/2014 01:01:46 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1".Error in manifest or policy file "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" on line WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (07/13/2014 01:01:46 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1".Error in manifest or policy file "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" on line WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (07/12/2014 00:54:29 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1".Error in manifest or policy file "WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" on line WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (07/12/2014 00:54:29 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1".Error in manifest or policy file "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" on line WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (07/12/2014 00:54:29 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1".Error in manifest or policy file "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" on line WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (07/11/2014 00:10:00 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1".Error in manifest or policy file "WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" on line WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

System errors:
=============
Error: (07/14/2014 02:43:40 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (07/14/2014 00:15:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The ZoneAlarm Privacy Service service failed to start due to the following error:
%%2

Error: (07/14/2014 00:05:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The ZoneAlarm Privacy Service service failed to start due to the following error:
%%2

Error: (07/14/2014 00:54:59 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (07/14/2014 00:54:58 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (07/14/2014 00:54:58 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (07/14/2014 00:54:57 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (07/14/2014 00:54:57 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (07/13/2014 03:50:06 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (07/13/2014 01:17:31 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Microsoft Office Sessions:
=========================
Error: (07/14/2014 00:22:11 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0"c:\program files (x86)\Waves\applications\wlc.exec:\program files (x86)\Waves\applications\WavesQtLibs_4.8.2_Win32_Release\WavesQtLibs_4.8.2_Win32_Release.MANIFEST8

Error: (07/14/2014 00:22:11 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0"c:\program files (x86)\Waves\applications\GTR 3.5.exec:\program files (x86)\Waves\applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST8

Error: (07/14/2014 00:22:11 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0"c:\program files (x86)\Waves\applications\Element App.exec:\program files (x86)\Waves\applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST8

Error: (07/13/2014 01:01:46 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0"c:\program files (x86)\Waves\applications\wlc.exec:\program files (x86)\Waves\applications\WavesQtLibs_4.8.2_Win32_Release\WavesQtLibs_4.8.2_Win32_Release.MANIFEST8

Error: (07/13/2014 01:01:46 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0"c:\program files (x86)\Waves\applications\GTR 3.5.exec:\program files (x86)\Waves\applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST8

Error: (07/13/2014 01:01:46 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0"c:\program files (x86)\Waves\applications\Element App.exec:\program files (x86)\Waves\applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST8

Error: (07/12/2014 00:54:29 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0"c:\program files (x86)\Waves\applications\wlc.exec:\program files (x86)\Waves\applications\WavesQtLibs_4.8.2_Win32_Release\WavesQtLibs_4.8.2_Win32_Release.MANIFEST8

Error: (07/12/2014 00:54:29 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0"c:\program files (x86)\Waves\applications\GTR 3.5.exec:\program files (x86)\Waves\applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST8

Error: (07/12/2014 00:54:29 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0"c:\program files (x86)\Waves\applications\Element App.exec:\program files (x86)\Waves\applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST8

Error: (07/11/2014 00:10:00 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0"c:\program files (x86)\Waves\applications\wlc.exec:\program files (x86)\Waves\applications\WavesQtLibs_4.8.2_Win32_Release\WavesQtLibs_4.8.2_Win32_Release.MANIFEST8

==================== Memory info ===========================

Percentage of memory in use: 19%
Total physical RAM: 12268.69 MB
Available physical RAM: 9854.25 MB
Total Pagefile: 24535.55 MB
Available Pagefile: 22064.11 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:195.21 GB) (Free:103.86 GB) NTFS
Drive d: (Settings) (Fixed) (Total:270.45 GB) (Free:218.55 GB) NTFS
Drive e: (Media) (Fixed) (Total:443.23 GB) (Free:214.95 GB) NTFS
Drive f: (Work) (Fixed) (Total:488.28 GB) (Free:324.31 GB) NTFS
Drive g: (Resources) (Fixed) (Total:465.76 GB) (Free:144.72 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 3B0ADC1E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=195 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=270 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: 72C0E67D)
Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 8FEBCCC1)
Partition 1: (Not Active) - (Size=443 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=488 GB) - (Type=07 NTFS)

==================== End Of Log ============================