Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Black screen all the time on firefox [Solved]

Started by macca2 , Aug 16 2014 10:50 AM

  • This topic is locked This topic is locked

#1
macca2
Posted 16 August 2014 - 10:50 AM

macca2

    Member

  • Member
  • PipPip
  • 30 posts

slow computer, pop up about unresponsive scripts

 

 

 

OTL logfile created on: 16/08/2014 17:41:53 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Chris\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
2.99 Gb Total Physical Memory | 1.38 Gb Available Physical Memory | 46.30% Memory free
6.21 Gb Paging File | 4.14 Gb Available in Paging File | 66.72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.32 Gb Total Space | 184.32 Gb Free Space | 63.93% Space Free | Partition Type: NTFS
Drive D: | 9.77 Gb Total Space | 3.88 Gb Free Space | 39.78% Space Free | Partition Type: NTFS
 
Computer Name: DELL-530 | User Name: Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/08/16 17:41:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Chris\Desktop\OTL.exe
PRC - [2014/08/07 04:20:57 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2014/08/02 22:54:09 | 004,085,896 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2014/08/02 22:52:58 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/08/02 22:52:34 | 000,106,488 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2014/07/29 22:40:48 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2014/06/04 09:50:12 | 000,360,592 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Exploit\mbae-svc.exe
PRC - [2014/06/04 09:48:24 | 000,382,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe
PRC - [2014/05/12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014/05/12 07:24:34 | 006,970,168 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
PRC - [2013/12/21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/08/14 15:19:22 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2013/03/08 10:54:00 | 003,246,944 | ---- | M] (PANTERASoft) -- C:\Program Files\HDD Health\hddhealth.exe
PRC - [2013/03/08 10:54:00 | 000,017,760 | ---- | M] () -- C:\Program Files\HDD Health\HDDHealthService.exe
PRC - [2009/04/11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/01/21 03:23:32 | 000,397,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Mail\WinMail.exe
PRC - [2008/01/17 08:22:20 | 004,907,008 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/12/05 07:17:24 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTSrv.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/08/07 04:20:55 | 000,353,096 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\36.0.1985.143\ppgooglenaclpluginchrome.dll
MOD - [2014/08/07 04:20:53 | 008,537,928 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\36.0.1985.143\pdf.dll
MOD - [2014/08/07 04:20:46 | 001,732,936 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
MOD - [2014/08/02 22:53:13 | 019,329,904 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/08/02 22:53:02 | 000,301,152 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\aswProperty.dll
MOD - [2014/07/29 22:40:46 | 003,800,688 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2014/08/02 22:52:58 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014/08/02 22:52:34 | 000,106,488 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2014/07/29 22:40:46 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/07/23 17:51:43 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/06/04 09:50:12 | 000,360,592 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Exploit\mbae-svc.exe -- (MbaeSvc)
SRV - [2014/05/12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/12/21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/08/14 15:19:22 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2013/03/08 10:54:00 | 000,017,760 | ---- | M] () [Auto | Running] -- C:\Program Files\HDD Health\HDDHealthService.exe -- (HDDHealth)
SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/05 07:17:24 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AERTSrv.exe -- (AERTFilters)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Chris\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2014/08/16 17:11:43 | 000,110,296 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2014/08/02 22:54:06 | 000,414,520 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsp.sys -- (aswSP)
DRV - [2014/08/02 22:53:17 | 000,779,536 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2014/08/02 22:53:17 | 000,192,352 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014/08/02 22:53:17 | 000,057,800 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2014/08/02 22:53:16 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014/08/02 22:53:16 | 000,055,112 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2014/08/02 22:53:16 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2014/08/02 22:53:16 | 000,024,184 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2014/08/02 22:52:53 | 000,026,136 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2014/08/02 22:52:35 | 000,252,872 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2014/08/02 22:52:35 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdis.sys -- (aswNdis)
DRV - [2014/06/04 10:24:32 | 000,044,760 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Malwarebytes Anti-Exploit\mbae.sys -- (ESProtectionDriver)
DRV - [2014/05/12 07:26:04 | 000,051,928 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV - [2014/05/12 07:25:54 | 000,023,256 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013/09/12 17:24:14 | 000,032,552 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\gttap1.sys -- (gttap1)
DRV - [2013/06/21 01:07:52 | 000,181,912 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2013/06/21 01:07:52 | 000,084,248 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2013/04/29 09:17:34 | 000,047,632 | ---- | M] (Panda Security, S.L.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PSKMAD.sys -- (PSKMAD)
DRV - [2009/12/10 21:48:26 | 000,043,520 | ---- | M] (--) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MOSUMAC.SYS -- (MOSUMAC)
DRV - [2009/07/14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2008/01/21 03:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2006/11/02 08:30:56 | 000,044,544 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://uk.yahoo.com...t&type=avastbcl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://uk.search.ya...p={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://uk.yahoo.com...t&type=avastbcl
IE - HKLM\..\SearchScopes,DefaultScope = {9CB96984-43C3-4D44-90EF-01466EFCF7BB}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}: "URL" = https://uk.search.ya...p={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://uk.yahoo.com...t&type=avastbcl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://uk.search.ya...p={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://uk.yahoo.com...t&type=avastbcl
IE - HKCU\..\SearchScopes,DefaultScope = {9CB96984-43C3-4D44-90EF-01466EFCF7BB}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}: "URL" = https://uk.search.ya...p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Yahoo! (Avast)"
FF - prefs.js..browser.search.defaultthis.engineName: "Yahoo! (Avast)"
FF - prefs.js..browser.search.defaulturl: "https://uk.search.ya...com/yhs/search"
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.8.36
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20131118
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2021.112
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:31.0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2013/05/06 13:44:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/09/08 15:33:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/09/08 15:33:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/08/02 22:53:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014/07/29 22:40:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/08/16 09:29:55 | 000,000,000 | ---D | M]
 
[2012/07/03 05:03:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\Extensions
[2014/08/01 19:11:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\7lzzykuh.default-1388230871395\extensions
[2014/08/01 19:11:56 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Chris\AppData\Roaming\mozilla\Firefox\Profiles\7lzzykuh.default-1388230871395\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2014/07/29 23:59:31 | 000,538,675 | ---- | M] () (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\firefox\profiles\7lzzykuh.default-1388230871395\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2014/07/23 16:46:52 | 000,967,685 | ---- | M] () (No name found) -- C:\Users\Chris\AppData\Roaming\mozilla\firefox\profiles\7lzzykuh.default-1388230871395\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/07/29 22:40:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/07/29 22:40:49 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/08/02 22:53:24 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2013/09/08 15:27:18 | 000,124,504 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
 
========== Chrome  ==========
 
CHR - default_search_provider:  (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: https://uk.yahoo.com...t&type=avastbcl
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Google Drive = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: YouTube = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\
CHR - Extension: avast! Online Security = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2022.121_0\
CHR - Extension: RealDownloader = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.3_1\
CHR - Extension: Google Wallet = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2014/07/28 21:34:16 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Malwarebytes Anti-Exploit] C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKCU..\Run: [GoTrusted] C:\Program Files\GoTrusted.com\GoTrusted Secure Tunnel v2.3.5.9\GoTrusted Secure Tunnel.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPath = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{24808C3F-DF8E-4DBB-B40F-D7DB39A51B71}: DhcpNameServer = 192.168.0.203
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C010AF49-0C76-4353-BB35-19AE24C74C4F}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Chris\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Chris\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/08/16 17:41:12 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Chris\Desktop\OTL.exe
[2014/08/07 05:56:28 | 000,000,000 | ---D | C] -- C:\Windows\System32\14080601_stream
[2014/08/02 22:55:21 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\AVAST Software
[2014/08/02 22:54:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/08/02 22:53:40 | 000,057,800 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2014/08/02 22:53:39 | 000,779,536 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2014/08/02 22:53:38 | 000,414,520 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswsp.sys
[2014/08/02 22:53:36 | 000,067,824 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014/08/02 22:53:35 | 000,055,112 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2014/08/02 22:53:32 | 000,252,872 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswNdis2.sys
[2014/08/02 22:53:32 | 000,026,136 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswKbd.sys
[2014/08/02 22:53:27 | 000,276,432 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/08/02 22:53:14 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/08/02 22:52:35 | 000,012,112 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswNdis.sys
[2014/08/02 22:48:53 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/08/01 19:04:54 | 000,000,000 | ---D | C] -- C:\Users\Chris\Desktop\Is it infected  - Resolved HijackThis Logs - Malwarebytes Forum_files
[2014/07/31 00:22:08 | 000,110,296 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\04DD0EF2.sys
[2014/07/30 21:56:47 | 281,572,600 | ---- | C] (Symantec Corporation) -- C:\Users\Chris\Desktop\NIS-ESD-21.3.0.12-EN.exe
[2014/07/30 21:44:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC
[2014/07/30 21:44:27 | 000,000,000 | ---D | C] -- C:\Program Files\MPC-HC
[2014/07/29 23:52:21 | 000,414,392 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswsp.sys.1406674367993
[2014/07/29 23:31:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
[2014/07/29 23:31:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes Anti-Exploit
[2014/07/29 23:31:47 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Exploit
[2014/07/29 23:25:40 | 002,650,408 | ---- | C] (Malwarebytes                                                ) -- C:\Users\Chris\Documents\mbae-setup-1.03.1.1220.exe
[2014/07/29 22:40:37 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/07/28 21:36:35 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014/07/28 21:36:28 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2014/07/28 21:36:28 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\temp
[2014/07/25 11:45:39 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\System32\sqlite3.dll
[2014/07/23 17:39:16 | 000,000,000 | ---D | C] -- C:\32520c3c60a76c33778286
[2011/12/28 15:52:30 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Chris\AppData\Roaming\pcouffin.sys
 
========== Files - Modified Within 30 Days ==========
 
[2014/08/16 17:43:37 | 000,046,080 | ---- | M] () -- C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/08/16 17:41:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Chris\Desktop\OTL.exe
[2014/08/16 17:11:43 | 000,110,296 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2014/08/16 17:01:18 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/08/16 16:47:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/08/16 15:56:46 | 000,005,184 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/08/16 15:56:46 | 000,005,184 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/08/16 09:23:41 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/08/15 21:05:53 | 000,001,931 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/08/15 16:03:34 | 000,647,420 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/08/15 16:03:34 | 000,124,420 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/08/15 15:57:59 | 003,610,720 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/08/15 15:56:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/08/02 22:54:40 | 000,001,899 | ---- | M] () -- C:\Users\Public\Desktop\avast! SafeZone.lnk
[2014/08/02 22:54:40 | 000,001,839 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2014/08/02 22:54:06 | 000,414,520 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswsp.sys
[2014/08/02 22:53:17 | 000,779,536 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2014/08/02 22:53:17 | 000,192,352 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/08/02 22:53:17 | 000,057,800 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2014/08/02 22:53:16 | 000,067,824 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014/08/02 22:53:16 | 000,055,112 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2014/08/02 22:53:16 | 000,049,944 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014/08/02 22:53:16 | 000,024,184 | ---- | M] () -- C:\Windows\System32\drivers\aswHwid.sys
[2014/08/02 22:53:14 | 000,276,432 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/08/02 22:53:14 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/08/02 22:52:53 | 000,026,136 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswKbd.sys
[2014/08/02 22:52:35 | 000,252,872 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswNdis2.sys
[2014/08/02 22:52:35 | 000,012,112 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswNdis.sys
[2014/08/02 22:47:37 | 000,001,737 | ---- | M] () -- C:\Users\Chris\Desktop\license 3109.avastlic
[2014/08/01 19:04:56 | 000,388,830 | ---- | M] () -- C:\Users\Chris\Desktop\Is it infected  - Resolved HijackThis Logs - Malwarebytes Forum.htm
[2014/07/31 00:22:08 | 000,110,296 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\04DD0EF2.sys
[2014/07/30 22:02:49 | 281,572,600 | ---- | M] (Symantec Corporation) -- C:\Users\Chris\Desktop\NIS-ESD-21.3.0.12-EN.exe
[2014/07/30 21:43:45 | 000,000,819 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/07/30 00:10:27 | 000,000,680 | ---- | M] () -- C:\Users\Chris\AppData\Local\d3d9caps.dat
[2014/07/30 00:09:29 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2014/07/29 23:52:06 | 000,414,392 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswsp.sys.1406674367993
[2014/07/29 23:31:56 | 000,000,899 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Exploit.lnk
[2014/07/29 23:25:50 | 002,650,408 | ---- | M] (Malwarebytes                                                ) -- C:\Users\Chris\Documents\mbae-setup-1.03.1.1220.exe
[2014/07/28 21:34:16 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
 
========== Files Created - No Company Name ==========
 
[2014/08/02 22:54:40 | 000,001,899 | ---- | C] () -- C:\Users\Public\Desktop\avast! SafeZone.lnk
[2014/08/02 22:54:40 | 000,001,839 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2014/08/02 22:53:39 | 000,192,352 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/08/02 22:53:37 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014/08/02 22:53:36 | 000,024,184 | ---- | C] () -- C:\Windows\System32\drivers\aswHwid.sys
[2014/08/02 22:47:36 | 000,001,737 | ---- | C] () -- C:\Users\Chris\Desktop\license 3109.avastlic
[2014/08/01 19:04:53 | 000,388,830 | ---- | C] () -- C:\Users\Chris\Desktop\Is it infected  - Resolved HijackThis Logs - Malwarebytes Forum.htm
[2014/07/29 23:31:56 | 000,000,899 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Exploit.lnk
[2014/06/06 03:09:19 | 000,000,000 | ---- | C] () -- C:\Program Files\Mozilla Firefoxsafeguard-secure-search.xml
[2014/03/15 04:48:39 | 000,031,848 | ---- | C] () -- C:\Windows\System32\drivers\DasPtct.SYS
[2013/08/24 21:40:31 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys.sum
[2013/08/24 21:40:31 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswSP.sys.sum
[2013/08/24 21:40:31 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswSnx.sys.sum
[2013/06/10 19:39:44 | 000,029,239 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\UserTile.png
[2013/06/02 12:53:21 | 000,015,616 | ---- | C] () -- C:\Windows\System32\drivers\TrueSight.sys
[2013/05/06 14:42:38 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2013/05/06 12:27:02 | 000,000,680 | ---- | C] () -- C:\Users\Chris\AppData\Local\d3d9caps.dat
[2013/01/13 18:03:01 | 003,610,720 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/06/03 09:55:32 | 000,046,080 | ---- | C] () -- C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/04/11 11:10:35 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012/01/13 09:10:03 | 000,910,996 | ---- | C] () -- C:\Users\Chris\AppData\Local\census.cache
[2012/01/13 09:09:35 | 000,163,945 | ---- | C] () -- C:\Users\Chris\AppData\Local\ars.cache
[2012/01/13 08:12:43 | 000,000,036 | ---- | C] () -- C:\Users\Chris\AppData\Local\housecall.guid.cache
[2011/12/28 15:52:30 | 000,007,887 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\pcouffin.cat
[2011/12/28 15:52:30 | 000,001,144 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\pcouffin.inf
 
========== ZeroAccess Check ==========
 
[2006/11/02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/25 14:26:04 | 011,587,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 00:28:20 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 00:28:26 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2014/08/02 22:55:21 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\AVAST Software
[2012/03/30 08:47:31 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2014/03/25 06:27:15 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\HDDHealth
[2012/03/18 21:07:26 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Leawo
[2012/03/19 14:38:23 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\OpenOffice.org
[2013/04/04 18:40:11 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Opera
[2013/04/08 22:04:11 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\QuickScan
[2013/10/24 11:24:01 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Samsung
[2012/06/16 00:21:58 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Temp
[2012/03/18 21:08:09 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\tiger-k
[2014/06/02 21:55:26 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\TuneUp Software
[2013/12/23 23:43:40 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Vso
 
========== Purity Check ==========
 
 

< End of report >
 


  • 0

Advertisements

#2
Naathim
Posted 16 August 2014 - 02:37 PM

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Minion%20Welcome.jpg


My name's Naathim and I'm a GeekU Minion! Now that we are mates and will be working together to clean your machine out of any junkware, feel free to call me Naat :)

Before we start please note the following:

icon_arrow.gif Analysis and research take some time, also sometimes real life gets in the way, please be patient.
icon_arrow.gif Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
icon_arrow.gif Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
icon_arrow.gif Paste the logs in your posts, attachments make my work harder and more complicated.
icon_arrow.gif Stay with me to the end, the absence of symtoms doesn't mean that your machine is fully operational.
icon_arrow.gif Note that we may live in totally different time zones, what may cause some delays between answers.

icon_idea.gif I can't foresee everything, so if anything unexpected happens, please stop and inform me!
icon_idea.gif There are no silly questions. Never be afraid to ask if in doubt!

Let's start and enjoy the fight! :)



51a612a8b27e2-Zoek.png Scan with ZOEK
Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on 51a612a8b27e2-Zoek.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait patiently until the main console will appear, it may take a minute or two.
  • In the main box please paste in the following script:
    createsrpoint;
process;
services-list;
systemspecs;
startupall;
skipfix-iedefaults;
firefoxlook;
chromelook;
filesrcm;
installedprogs;
  • Make sure that Scan All Users option is checked.
  • Push Run Script and wait patiently. The scan may take a couple of minutes.
  • When the scan completes, a zoek-results logfile should open in notepad.
  • If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Please include its content in your next reply.
Don't forget to re-enable your switched-off protection software!



gmericon.png Scan with Gmer

This type of scan often produces false positives. At any point do not take any action for any suspicious entries you may see there. Instead post the log to be analyzed.

Please download GMER by Gmer and save the file to your desktop.
It will come as a randomly named file (like a6ge38b4.exe) - that's absolutely normal.

Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
If you are a user of CD emulation software (like Daemon Tools or Alcohol) also disable it for the cleaning process - instructions here.

  • Right-click on randomly named gmericon.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • It is very important that you do not use your computer while Gmer is running!
  • Gmer will open to the Rootkit/Malware tab and perform an automatic quick scan.
  • If you receive a warning about rootkit activity and are asked to fully scan your system click NO!

When the pre-scan is completed, please do the following:

  • Please check in the Quick scan box.
  • Please uncheck the IAT/EAT and Show All.
  • Click Scan.
  • If you see a rootkit warning window click OK.
  • When the scan is finished, Save the results to your desktop as gmer.log.

Please include the content of this file in your next reply.
Don't forget to re-enable previously switched-off protection software!

icon_idea.gif If you encounter any problems, try running GMER in Safe Mode.
icon_idea.gif If GMER crashes or keeps resulting in a Blue Screen of Death, uncheck Devices on the right side before scanning.


  • 0

#3
macca2
Posted 16 August 2014 - 03:26 PM

macca2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

Zoek.exe v5.0.0.0 Updated 15-08-2014
Tool run by Chris on 16/08/2014 at 22:19:08.28.
Microsoft® Windows Vista™ Home Premium  6.0.6002 Service Pack 2 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Chris\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

16/08/2014 22:20:07 Zoek.exe System Restore Point Created Succesfully.

==== Installed Programs ======================

 Leawo Video Converter version  5.1.0.0  
Adobe AIR  
Adobe Community Help  
Adobe Download Assistant  
Adobe Flash Player 14 ActiveX  
Adobe Flash Player 14 Plugin  
Adobe Reader XI (11.0.08)  
Adobe Shockwave Player 12.1  
Apple Application Support  
Apple Software Update  
avast Internet Security  
CCleaner  
ConvertXtoDVD 4.0.9.322  
EasyBCD 1.7  
ffdshow [rev 2180] [2008-10-04]  
Google Chrome  
Google Update Helper  
HDD Health v4.2  
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)  
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)  
Intel® Graphics Media Accelerator Driver  
K-Lite Codec Pack 7.0.0 (Standard)  
Malwarebytes Anti-Exploit version 1.03.1.1220  
Malwarebytes Anti-Malware version 2.0.2.1012  
Microsoft .NET Framework 3.5 SP1  
Microsoft .NET Framework 4.5.1  
Microsoft Office Excel Viewer 2003  
Microsoft Office Word Viewer 2003  
Microsoft Silverlight  
Microsoft Visual C++ 2005 Redistributable  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161  
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219  
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106  
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106  
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106  
Microsoft_VC80_ATL_x86  
Microsoft_VC80_CRT_x86  
Microsoft_VC80_MFC_x86  
Microsoft_VC80_MFCLOC_x86  
Microsoft_VC90_ATL_x86  
Microsoft_VC90_CRT_x86  
Microsoft_VC90_MFC_x86  
Microsoft_VC90_MFCLOC_x86  
Mozilla Firefox 31.0 (x86 en-US)  
Mozilla Maintenance Service  
MPC-HC 1.7.0  
MSXML 4.0 SP3 Parser  
MSXML 4.0 SP3 Parser (KB2721691)  
MSXML 4.0 SP3 Parser (KB2758694)  
MSXML 4.0 SP3 Parser (KB973685)  
Nero 7 Lite 7.10.1.2  
neroxml  
QuickTime 7  
RealDownloader  
RealNetworks - Microsoft Visual C++ 2008 Runtime  
RealNetworks - Microsoft Visual C++ 2010 Runtime  
RealPlayer  
Realtek High Definition Audio Driver  
RealUpgrade 1.1  
Samsung Story Album Viewer  
SAMSUNG USB Driver for Mobile Phones  
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)  
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)  
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)  
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)  
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)  
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)  
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)  
Shockwave Director 11.0  
Skitch  
swMSM  
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)  
Visual Studio 2012 x86 Redistributables  
VLC media player  
Windows Media Player Firefox Plugin  
WinRAR 5.01 (32-bit)  
YouTube Downloader App 3.00  

==== Running Processes ======================

C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\AERTSrv.exe
C:\Program Files\HDD Health\HDDHealthService.exe
C:\Program Files\Malwarebytes Anti-Exploit\mbae-svc.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HDD Health\hddhealth.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Chris\Desktop\OTL.exe
C:\Windows\notepad.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Chris\Downloads\zoek.exe
C:\Windows\system32\vssvc.exe
C:\Program Files\AVAST Software\Avast\setup\instup.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k swprv

==== Services (whitelist) ======================
Powered by E Dev

R2 - [AdobeARMservice] - Adobe Acrobat Update Service - "C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe"
R2 - [AERTFilters] - Andrea RT Filters Service - C:\Windows\system32\AERTSrv.exe
R2 - [HDDHealth] - HDDHealth - C:\Program Files\HDD Health\HDDHealthService.exe
R2 - [MbaeSvc] - Malwarebytes Anti-Exploit Service - C:\Program Files\Malwarebytes Anti-Exploit\mbae-svc.exe
R2 - [MBAMScheduler] - MBAMScheduler - "C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe"
R2 - [MBAMService] - MBAMService - "C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe"
R2 - [RealNetworks Downloader Resolver Service] - RealNetworks Downloader Resolver Service - "C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe"
R2 - [slsvc] - Software Licensing - C:\Windows\system32\SLsvc.exe
R2 - [WSearch] - Windows Search - C:\Windows\system32\SearchIndexer.exe /Embedding
R3 - [VSS] - Volume Shadow Copy - C:\Windows\system32\vssvc.exe
R3 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - "C:\Program Files\Windows Media Player\wmpnetwk.exe"
S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
S2 - [gupdate] - Google Update Service (gupdate) - "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc
S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
S3 - [ALG] - Application Layer Gateway Service - C:\Windows\System32\alg.exe
S3 - [COMSysApp] - COM+ System Application - C:\Windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
S3 - [DFSR] - DFS Replication - C:\Windows\system32\DFSR.exe
S3 - [ehRecvr] - Windows Media Center Receiver Service - C:\Windows\ehome\ehRecvr.exe
S3 - [ehSched] - Windows Media Center Scheduler Service - C:\Windows\ehome\ehsched.exe
S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
S3 - [gupdatem] - Google Update Service (gupdatem) - "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc
S3 - [MozillaMaintenance] - Mozilla Maintenance Service - "C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe"
S3 - [MSDTC] - Distributed Transaction Coordinator - C:\Windows\System32\msdtc.exe
S3 - [msiserver] - Windows Installer - C:\Windows\system32\msiexec.exe /V
S3 - [ose] - Office Source Engine - "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - C:\Windows\system32\locator.exe
S3 - [SNMPTRAP] - SNMP Trap - C:\Windows\System32\snmptrap.exe
S3 - [TrustedInstaller] - Windows Modules Installer - C:\Windows\servicing\TrustedInstaller.exe
S3 - [vds] - Virtual Disk - C:\Windows\System32\vds.exe
S3 - [wmiApSrv] - WMI Performance Adapter - C:\Windows\system32\wbem\WmiApSrv.exe
S3 - [WPFFontCache_v0400] - Windows Presentation Foundation Font Cache 4.0.0.0 - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
S4 - [aspnet_state] - ASP.NET State Service - C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

==== System Specs ======================

Windows: Windows Vista Home Premium Edition Service Pack 2 (Build 6002)
Memory (RAM): 3061 MB
CPU Info: Intel® Core™2 Duo CPU     E6750  @ 2.66GHz
CPU Speed: 2712.3 MHz
Sound Card: Speakers (Realtek High Definiti |
Display Adapters: Intel® G33/G31 Express Chipset Family | RDPDD Chained DD | RDP Encoder Mirror Driver
Monitors: 1x; Generic PnP Monitor |
Screen Resolution: 1920 X 1080 - 32 bit
Network: Network Present
Network Adapters: GoTrusted Adapter | Intel® 82562V 10/100 Network Connection
CD / DVD Drives: 1x (E: | ) E: Optiarc DVD+-RW AD-7200S
Ports: COM Ports NOT Present. LPT Port NOT Present.
Mouse: 5 Button Mouse Present
Hard Disks: C:  288.3GB | D:  9.8GB
Hard Disks - Free: C:  183.9GB | D:  3.9GB
Manufacturer *: Dell Inc.
BIOS Info: AT/AT COMPATIBLE | 06/20/08 | DELL   - 42302e31
Time Zone: GMT Standard Time
Motherboard *: Dell Inc. 0K216C
Country: United Kingdom
Language: ENG

==== System Specs (Software) ======================

Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: avast! Antivirus disabled (Outdated)
Firewall: avast! Antivirus disabled
Default Browser: Firefox    31.0
Internet Explorer Version: 9.0.8112.16421
Mozilla Firefox version: 31.0 (x86 en-US)
Google Chrome version: 36.0.1985.143
Adobe Reader version: 11.0.8.4
Flash Player version: 14.0.0.145
Shockwave Player version: 12.1.3r153

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2014-08-02 21:53:14    357CEBBCD99C8928A2D1A61A6CACC168    43152    ----a-w-    C:\Windows\avastSS.scr
====== C:\Users\Chris\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\system32 =====
2014-08-14 16:59:33    A86F5EEC0ACEC16906532F2B1A7C00B6    8856    ----a-w-    C:\Windows\System32\icardres.dll
2014-08-14 16:59:33    667A4DAAD3AA57B1051484BAC057CF7C    619664    ----a-w-    C:\Windows\System32\icardagt.exe
2014-08-14 16:59:33    3662E6500C477AC0DFAECE4CF7B163B8    99480    ----a-w-    C:\Windows\System32\infocardapi.dll
2014-08-14 16:59:26    E66A29C118DE2FE3E5766E5C7A2E8E2B    35480    ----a-w-    C:\Windows\System32\TsWpfWrp.exe
2014-08-14 16:28:31    5E50B8E904FCB8DFC7C29BD3FEB7A593    82432    ----a-w-    C:\Windows\System32\consent.exe
2014-08-14 16:28:31    1BD89641D9B1012796AFADAB9A659974    1993728    ----a-w-    C:\Windows\System32\authui.dll
2014-08-14 16:28:31    11CFE871D27B4C3485E84BE9E48FFF5E    2263552    ----a-w-    C:\Windows\System32\msi.dll
2014-08-14 16:28:30    8FAD1550A16432D56CF6F40953797345    332800    ----a-w-    C:\Windows\System32\msihnd.dll
2014-08-14 16:28:30    8F7D200717A58E9800D391F4C2101577    33280    ----a-w-    C:\Windows\System32\appinfo.dll
2014-08-14 16:28:26    31F57ACBE76A0E17976E18614DE58399    37376    ----a-w-    C:\Windows\System32\cdd.dll
2014-08-14 16:28:21    7191E1CBF4A7A1C0EEC08DED6F6A18A3    2048    ----a-w-    C:\Windows\System32\tzres.dll
2014-08-14 16:28:10    CD599FE695689CADD969134A6DFF536A    717824    ----a-w-    C:\Windows\System32\jscript.dll
2014-08-14 16:28:10    8A807EB890A68CB9664751D054283473    1810432    ----a-w-    C:\Windows\System32\jscript9.dll
2014-08-14 16:28:10    526014FFF6F612D9D0E86C874E7B0C36    1129472    ----a-w-    C:\Windows\System32\wininet.dll
2014-08-14 16:28:10    3100F61A0A7921EF93232DF79EB9665B    353792    ----a-w-    C:\Windows\System32\dxtmsft.dll
2014-08-14 16:28:10    05B803F48B167FED703D968E41C8FF57    421376    ----a-w-    C:\Windows\System32\vbscript.dll
2014-08-14 16:28:09    9BC276FEBE9095BA13CB7FF9D86D35C8    176640    ----a-w-    C:\Windows\System32\ieui.dll
2014-08-14 16:28:09    03BFA69E881E2A6B4555B156CCC89BE1    223232    ----a-w-    C:\Windows\System32\dxtrans.dll
2014-08-14 16:28:09    02A1A3C2447C6C61C993CD0458CB9644    73216    ----a-w-    C:\Windows\System32\mshtmled.dll
2014-08-14 16:28:08    601FCEB3AB6B81F48CCF1E22FFA5E6D4    12356608    ----a-w-    C:\Windows\System32\mshtml.dll
2014-08-14 16:28:06    E1DACCBC452185F5F93246B6ABF61043    41472    ----a-w-    C:\Windows\System32\msfeedsbs.dll
2014-08-14 16:28:06    B9F7ADFBF9373D4751193F507C187421    607744    ----a-w-    C:\Windows\System32\msfeeds.dll
2014-08-14 16:28:06    98CAD7C19474E10C5E8B4F6D44284020    65536    ----a-w-    C:\Windows\System32\jsproxy.dll
2014-08-14 16:28:06    831B93C9E1D4F14A14FBE37B433C5CE5    10752    ----a-w-    C:\Windows\System32\msfeedssync.exe
2014-08-14 16:28:06    7F60324132E77497DB2CBEA7DAE47B11    1137664    ----a-w-    C:\Windows\System32\urlmon.dll
2014-08-14 16:28:06    11F23B8F92E4A99F462C000F15F96CD9    11776    ----a-w-    C:\Windows\System32\mshta.exe
2014-08-14 16:28:05    F2CE7AFE641AF857B0EA0F22F93A5127    142848    ----a-w-    C:\Windows\System32\ieUnatt.exe
2014-08-14 16:28:05    F2645503E6773B1D3E9224A192BB9557    1427968    ----a-w-    C:\Windows\System32\inetcpl.cpl
2014-08-14 16:28:05    BAB1E65F3BB0EA5D388CF46C22231C04    2382848    ----a-w-    C:\Windows\System32\mshtml.tlb
2014-08-14 16:28:05    1CBF77E333C1251DD3AF76FD9F67C5D1    1802240    ----a-w-    C:\Windows\System32\iertutil.dll
2014-08-14 16:28:04    C6B790771A2BBB4B964329936B22D8D4    9739264    ----a-w-    C:\Windows\System32\ieframe.dll
2014-08-14 16:28:04    5E46C4016F81F1B16777787A5AAF1364    231936    ----a-w-    C:\Windows\System32\url.dll
2014-08-14 16:27:52    825EDAE0F2A55CD3578B0FF081595885    2054656    ----a-w-    C:\Windows\System32\win32k.sys
2014-08-14 16:27:52    16386E2989663F325A6A89991DE5ADFB    297984    ----a-w-    C:\Windows\System32\gdi32.dll
2014-08-02 21:53:27    588C2C48CB267E1C4B5A9EB5ACFF0116    276432    ----a-w-    C:\Windows\System32\aswBoot.exe
====== C:\Windows\system32\drivers =====
2014-08-14 16:28:26    5C2C209CDEFBC51D83D66E8A53B2BE89    638400    ----a-w-    C:\Windows\System32\drivers\dxgkrnl.sys
2014-08-02 21:53:40    26C51C289E39E8EE0F12B8B06B71E436    57800    ----a-w-    C:\Windows\System32\drivers\aswTdi.sys
2014-08-02 21:53:39    90BEE0170D70D6744CEF2355EEAF8086    192352    ----a-w-    C:\Windows\System32\drivers\aswVmm.sys
2014-08-02 21:53:39    51FDE588D860857A97E4C4B560E40C9B    779536    ----a-w-    C:\Windows\System32\drivers\aswSnx.sys
2014-08-02 21:53:38    1AEB8CDB797666AF709A291B47AE81E0    414520    ----a-w-    C:\Windows\System32\drivers\aswsp.sys
2014-08-02 21:53:37    B7750AF7EDFD95674EB7CA92BCDD3358    49944    ----a-w-    C:\Windows\System32\drivers\aswRvrt.sys
2014-08-02 21:53:36    C3014C735F450FE822C97FFBB0627113    67824    ----a-w-    C:\Windows\System32\drivers\aswMonFlt.sys
2014-08-02 21:53:36    3BFBB5DAE801CB893B8B46345FED6437    24184    ----a-w-    C:\Windows\System32\drivers\aswHwid.sys
2014-08-02 21:53:35    D6C9024F5D14843D33ADA8A6A10A1BE1    55112    ----a-w-    C:\Windows\System32\drivers\aswRdr.sys
2014-08-02 21:53:32    8807767A4C1137A131A26546ED9EBDCB    252872    ----a-w-    C:\Windows\System32\drivers\aswNdis2.sys
2014-08-02 21:53:32    4E39E113E8F5FEE3C49160A0D657A4D5    26136    ----a-w-    C:\Windows\System32\drivers\aswKbd.sys
2014-08-02 21:52:35    7B948E3657BEA62E437BC46CA6EF6012    12112    ----a-w-    C:\Windows\System32\drivers\aswNdis.sys
2014-07-30 23:22:08    12E71DA845D76665B56753AD149E32B3    110296    ----a-w-    C:\Windows\System32\drivers\04DD0EF2.sys
2014-07-29 22:52:21    E8D396EBB6EB971C604D53569D8F0F4A    414392    ----a-w-    C:\Windows\System32\drivers\aswsp.sys.1406674367993
2014-07-23 16:44:35    F5272A105F59A7B3B345D9D6D87DA7AD    273408    ----a-w-    C:\Windows\System32\drivers\afd.sys
====== C:\Windows\Tasks ======
2014-07-29 22:52:39    A479040C5D6A683EE5A3D379F2328F92    4182    ----a-w-    C:\Windows\system32\Tasks\avast! Emergency Update
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-07-30 20:44:27    --------    d-----w-    C:\Program Files\MPC-HC
======= C: =====
====== C:\Users\Chris\AppData\Roaming ======
2014-07-28 20:36:28    --------    d-----w-    C:\Users\Public\AppData\Local\temp
2014-07-28 20:36:28    --------    d-----w-    C:\Users\Default\AppData\Local\temp
2014-07-28 20:36:28    --------    d-----w-    C:\Users\Default User\AppData\Local\temp
2014-07-28 20:36:28    --------    d-----w-    C:\Users\Chris\AppData\Local\temp
====== C:\Users\Chris ======
2014-08-16 16:41:12    4ADCFEE16EE9978F06157634669D36FB    602112    ----a-w-    C:\Users\Chris\Desktop\OTL.exe
2014-08-02 21:54:40    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-07-30 20:44:29    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC
2014-07-30 20:44:29    --------    d-----r-    C:\Windows\system32\config\systemprofile\Desktop

====== C: exe-files ==
2014-08-16 16:41:12    4ADCFEE16EE9978F06157634669D36FB    602112    ----a-w-    C:\Users\Chris\Desktop\OTL.exe
2014-08-15 20:01:51    C56CB929FDC62BA6AFA025C0DF95CA73    1836624    ----a-w-    C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\36.0.1985.143\36.0.1985.143_36.0.1985.125_chrome_updater.exe
2014-08-14 16:59:33    667A4DAAD3AA57B1051484BAC057CF7C    619664    ----a-w-    C:\Windows\System32\icardagt.exe
2014-08-14 16:59:26    E66A29C118DE2FE3E5766E5C7A2E8E2B    35480    ----a-w-    C:\Windows\System32\TsWpfWrp.exe
2014-08-14 16:28:31    5E50B8E904FCB8DFC7C29BD3FEB7A593    82432    ----a-w-    C:\Windows\System32\consent.exe
2014-08-14 16:28:21    3716C202039D542081CF1C14A7C767DC    19456    ----a-w-    C:\Windows\servicing\GC32\tzupd.exe
2014-08-14 16:28:06    831B93C9E1D4F14A14FBE37B433C5CE5    10752    ----a-w-    C:\Windows\System32\msfeedssync.exe
2014-08-14 16:28:06    6AECB1303D69A5B2098A07A2D3F87D40    223232    ----a-w-    C:\Program Files\Internet Explorer\ielowutil.exe
2014-08-14 16:28:06    24E81DD09DC95A57E540CBE0DB82F2DC    22528    ----a-w-    C:\Program Files\Internet Explorer\ExtExport.exe
2014-08-14 16:28:06    11F23B8F92E4A99F462C000F15F96CD9    11776    ----a-w-    C:\Windows\System32\mshta.exe
2014-08-14 16:28:05    F2CE7AFE641AF857B0EA0F22F93A5127    142848    ----a-w-    C:\Windows\System32\ieUnatt.exe
2014-08-14 16:28:05    4284E58A38F0A0E69205B9122E15AED3    469504    ----a-w-    C:\Program Files\Internet Explorer\ieinstal.exe
2014-08-14 16:28:04    76F9BA272D99BB7859695A4F9207178E    757976    ----a-w-    C:\Program Files\Internet Explorer\iexplore.exe
=== C: other files ==
2014-08-14 16:28:26    5C2C209CDEFBC51D83D66E8A53B2BE89    638400    ----a-w-    C:\Windows\System32\drivers\dxgkrnl.sys
2014-08-14 16:27:52    825EDAE0F2A55CD3578B0FF081595885    2054656    ----a-w-    C:\Windows\System32\win32k.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-3299710142-3868310564-1978959094-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"GoTrusted"="C:\Program Files\GoTrusted.com\GoTrusted Secure Tunnel v2.3.5.9\GoTrusted Secure Tunnel.exe"
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe"
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"Malwarebytes Anti-Exploit"="C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe"
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoTrusted"="C:\Program Files\GoTrusted.com\GoTrusted Secure Tunnel v2.3.5.9\GoTrusted Secure Tunnel.exe"
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TkBellExe]


==== Startup Folders ======================

2014-03-25 05:27:09    841    ----a-w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HDDHealth.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [23/07/2014 17:51]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3299710142-3868310564-1978959094-1001" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\system32\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3299710142-3868310564-1978959094-1001" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\system32\tasks\RealUpgradeLogonTaskS-1-5-21-3299710142-3868310564-1978959094-1001" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\system32\tasks\RealUpgradeScheduledTaskS-1-5-21-3299710142-3868310564-1978959094-1001" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\system32\tasks\User_Feed_Synchronization-{890E34AE-B7D2-4C9D-B64B-88DB364A18E6}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"[email protected]"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [02/08/2014 22:53]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\7lzzykuh.default-1388230871395
- avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
- WOT - %ProfilePath%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
- NoScript - %ProfilePath%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\7lzzykuh.default-1388230871395
005EBE4A4E6E9C9A7967F6C3F413C1DF    - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll -    Adobe Acrobat
421CB2C1010522B3BF7C00725520B844    - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll -    Adobe Acrobat
4390CCD3790F8D9C427C0C29590C62D7    - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll -    Shockwave Flash
0CA4180B21C6B728578F3B0433BB740E    - C:\Program Files\VideoLAN\VLC\npvlc.dll -    VLC Web Plugin
FB5621842FDABF9F8359775573498FBC    - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll -    Google Update
DCB0BCEF594E2C410793C4A823C318F3    - C:\Windows\system32\Adobe\Director\np32dsw_1213153.dll -    Shockwave for Director / Shockwave for Director
6B34823748BD3C10EB2816858025AFE9    - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll -    QuickTime Plug-in 7.7.5
233F187A5425045011A0DD51F8B48E0F    - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll -    QuickTime Plug-in 7.7.5
81CB790A6AD230090086C644DC871FC3    - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll -    QuickTime Plug-in 7.7.5
4AD1613FEDB87B4B18CADE745235A625    - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll -    QuickTime Plug-in 7.7.5
1FBB6E454767A5B43DD980C7DE5D89F6    - C:\Program Files\QuickTime\Plugins\npqtplugin.dll -    QuickTime Plug-in 7.7.5
893BF7D2261C56C24F813405D9D018E0    - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll -    Silverlight Plug-In
3A9E1940B4459CC97FDCBB24FCB69004    - c:\program files\real\realplayer\Netscape6\nppl3260.dll -    RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit)
0FCEAA7D12B7B0BA825E5C770B1DCA48    - c:\program files\real\realplayer\Netscape6\nprpplugin.dll -    RealPlayer Download Plugin
BE126CB7049E89ED6F3038016668B502    - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll -    RealNetworks™ RealDownloader Chrome Background Extension Plug-In (32-bit)
EAC427FEF96A13058C1ACD17C38966CF    - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll -    RealNetworks™ RealDownloader PepperFlashVideoShim Plug-In (32-bit)
96B3689320E9B16EDF38B7A5001C35F0    - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll -    RealNetworks™ RealDownloader HTML5VideoShim Plug-In (32-bit)
F8CB60A5ACA5D73807ECBD9942A8BCB7    - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll -    RealDownloader Plugin
555E65306A5D3A5978BE74E1DD62CDD9    - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll -    RealNetworks™ Chrome Background Extension Plug-In (32-bit)
E32771B0AE3F18CEFFC12D682025238A    - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll -    RealPlayer™ HTML5VideoShim Plug-In (32-bit)
AB87EEFFD18F2BAAFC274E7075EA6C67    - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll -    Windows Presentation Foundation / Windows Presentation Foundation
8DA2ED6B04EA33F2EAE8BA883F903729    - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrlui.dll -    Microsoft® Silverlight


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[02/08/2014 22:52]
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[14/08/2013 15:24]

SiteAdvisor - Chris\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho
RealPlayer HTML5Video Downloader Extension - Chris\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk
Google Docs - Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Google Voice Search Hotword (Beta) - Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
YouTube - Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
avast Online Security - Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
RealDownloader - Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji
Google Wallet - Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "https://uk.yahoo.com...type=avastbcl",
"startup_urls": [ "https://uk.yahoo.com...t&type=avastbcl" ],


==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://uk.yahoo.com...&type=avastbcl"
"Search Page"="https://uk.search.ya...={searchTerms}"
"Search Bar"="https://uk.yahoo.com...&type=avastbcl"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://uk.yahoo.com...&type=avastbcl"
"Search Page"="https://uk.search.ya...={searchTerms}"
"Search Bar"="https://uk.yahoo.com...&type=avastbcl"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{9CB96984-43C3-4D44-90EF-01466EFCF7BB}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512  Url="http://www.bing.com/...s}&FORM=IE8SRC"
{9CB96984-43C3-4D44-90EF-01466EFCF7BB} Yahoo! (Avast) Url="https://uk.search.ya...={searchTerms}"

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== EOF on 16/08/2014 at 22:25:11.88 ======================
 


  • 0

#4
Naathim
Posted 16 August 2014 - 03:37 PM

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts
Great :thumbsup:

How about Gmer?
  • 0

#5
macca2
Posted 16 August 2014 - 03:42 PM

macca2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-08-16 22:42:13
Windows 6.0.6002 Service Pack 2 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST3320613AS rev.DE11 298.09GB
Running: yj9ndfwf.exe; Driver: C:\Users\Chris\AppData\Local\Temp\kfriapod.sys


---- System - GMER 2.1 ----

SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                              ZwAddBootEntry [0x8F86DBA6]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                              ZwAssignProcessToJobObject [0x8F86E684]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                              ZwCreateEvent [0x8F87A6F8]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                              ZwCreateEventPair [0x8F87A744]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                              ZwCreateIoCompletion [0x8F87A8DE]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                              ZwCreateMutant [0x8F87A666]
SSDT            \SystemRoot\system32\drivers\aswSP.sys                                                               ZwCreateSection [0x8F924DF0]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                              ZwCreateSemaphore [0x8F87A6AE]
SSDT            \SystemRoot\system32\drivers\aswSP.sys                                                               ZwCreateThread [0x8F925080]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                              ZwCreateTimer [0x8F87A898]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                              ZwDebugActiveProcess [0x8F86F472]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                              ZwDeleteBootEntry [0x8F86DC0C]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                              ZwDuplicateObject [0x8F872C68]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                              ZwLoadDriver [0x8F86D7F8]
SSDT            \SystemRoot\system32\drivers\aswSP.sys                                                               ZwMapViewOfSection [0x8F924ED0]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                              ZwModifyBootEntry [0x8F86DC72]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                              ZwNotifyChangeKey [0x8F87305E]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                              ZwNotifyChangeMultipleKeys [0x8F86FF5A]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                              ZwOpenEvent [0x8F87A722]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                              ZwOpenEventPair [0x8F87A766]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                              ZwOpenIoCompletion [0x8F87A902]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                              ZwOpenMutant [0x8F87A68C]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                              ZwOpenProcess [0x8F872560]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                              ZwOpenSection [0x8F87A816]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                              ZwOpenSemaphore [0x8F87A6D6]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                              ZwOpenThread [0x8F87294C]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                              ZwOpenTimer [0x8F87A8BC]
SSDT            \SystemRoot\system32\drivers\aswSP.sys                                                               ZwProtectVirtualMemory [0x8F924C6E]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                              ZwQueryObject [0x8F86FDCE]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                              ZwQueueApcThread [0x8F86F924]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                              ZwSetBootEntryOrder [0x8F86DCD8]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                              ZwSetBootOptions [0x8F86DD3E]
SSDT            \SystemRoot\system32\drivers\aswSP.sys                                                               ZwSetContextThread [0x8F924FCC]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                              ZwSetSystemInformation [0x8F86D892]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                              ZwSetSystemPowerState [0x8F86DA64]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                              ZwShutdownSystem [0x8F86D9F2]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                              ZwSuspendProcess [0x8F86F63C]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                              ZwSuspendThread [0x8F86F79E]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                              ZwSystemDebugControl [0x8F86DAEC]
SSDT            \SystemRoot\system32\drivers\aswSP.sys                                                               ZwTerminateProcess [0x8F924D3C]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                              ZwTerminateThread [0x8F86F2CC]
SSDT            \SystemRoot\system32\drivers\aswSnx.sys                                                              ZwVdmControl [0x8F86DDA4]
SSDT            \SystemRoot\system32\drivers\aswSP.sys                                                               ZwWriteVirtualMemory [0x8F924BA0]
SSDT            \SystemRoot\system32\drivers\aswSP.sys                                                               ZwCreateThreadEx [0x8F92516A]

---- Kernel code sections - GMER 2.1 ----

.text           ntkrnlpa.exe!KeSetEvent + 10D                                                                        82AF6758 4 Bytes  [A6, DB, 86, 8F]
.text           ntkrnlpa.exe!KeSetEvent + 191                                                                        82AF67DC 4 Bytes  [84, E6, 86, 8F]
.text           ntkrnlpa.exe!KeSetEvent + 1D1                                                                        82AF681C 8 Bytes  [F8, A6, 87, 8F, 44, A7, 87, ...] {CLC ; CMPSB ; XCHG [EDI-0x707858bc], ECX}
.text           ntkrnlpa.exe!KeSetEvent + 1DD                                                                        82AF6828 4 Bytes  [DE, A8, 87, 8F]
.text           ntkrnlpa.exe!KeSetEvent + 1F5                                                                        82AF6840 4 Bytes  [66, A6, 87, 8F]
.text           ...                                                                                                  
PAGE            ntkrnlpa.exe!ZwReplyWaitReceivePortEx + 110                                                          82C8400F 4 Bytes  CALL 8F870641 \SystemRoot\system32\drivers\aswSnx.sys
PAGE            ntkrnlpa.exe!ZwAlpcSendWaitReceivePort + 121                                                         82C87C83 4 Bytes  CALL 8F870657 \SystemRoot\system32\drivers\aswSnx.sys

---- User code sections - GMER 2.1 ----

.text           C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[516] kernel32.dll!GetBinaryTypeW + 70         771B252F 1 Byte  [62]
.text           C:\Program Files\Windows Mail\WinMail.exe[532] kernel32.dll!GetBinaryTypeW + 70                      771B252F 1 Byte  [62]
.text           C:\Windows\system32\csrss.exe[632] KERNEL32.dll!GetBinaryTypeW + 70                                  771B252F 1 Byte  [62]
.text           C:\Windows\system32\AERTSrv.exe[636] kernel32.dll!GetBinaryTypeW + 70                                771B252F 1 Byte  [62]
.text           C:\Windows\system32\wininit.exe[672] kernel32.dll!GetBinaryTypeW + 70                                771B252F 1 Byte  [62]
.text           ...                                                                                                  
.text           C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1540] kernel32.dll!SetUnhandledExceptionFilter    7718A9BD 8 Bytes  [31, C0, C2, 04, 00, 90, 90, ...] {XOR EAX, EAX; RET 0x4; NOP ; NOP ; NOP }
.text           C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1540] kernel32.dll!GetBinaryTypeW + 70            771B252F 1 Byte  [62]
.text           C:\Windows\system32\svchost.exe[1564] kernel32.dll!GetBinaryTypeW + 70                               771B252F 1 Byte  [62]
.text           C:\Program Files\AVAST Software\Avast\afwServ.exe[1624] kernel32.dll!SetUnhandledExceptionFilter     7718A9BD 8 Bytes  [31, C0, C2, 04, 00, 90, 90, ...] {XOR EAX, EAX; RET 0x4; NOP ; NOP ; NOP }
.text           C:\Program Files\AVAST Software\Avast\afwServ.exe[1624] kernel32.dll!GetBinaryTypeW + 70             771B252F 1 Byte  [62]
.text           C:\Windows\System32\spoolsv.exe[1808] kernel32.dll!GetBinaryTypeW + 70                               771B252F 1 Byte  [62]
.text           C:\Windows\system32\svchost.exe[1832] kernel32.dll!GetBinaryTypeW + 70                               771B252F 1 Byte  [62]
.text           C:\Program Files\HDD Health\HDDHealthService.exe[2084] kernel32.dll!GetBinaryTypeW + 70              771B252F 1 Byte  [62]
.text           C:\Windows\system32\NOTEPAD.EXE[2116] kernel32.dll!GetBinaryTypeW + 70                               771B252F 1 Byte  [62]
.text           ...                                                                                                  
.text           C:\Program Files\AVAST Software\Avast\avastui.exe[3052] kernel32.dll!SetUnhandledExceptionFilter     7718A9BD 8 Bytes  [31, C0, C2, 04, 00, 90, 90, ...] {XOR EAX, EAX; RET 0x4; NOP ; NOP ; NOP }
.text           C:\Program Files\AVAST Software\Avast\avastui.exe[3052] kernel32.dll!GetBinaryTypeW + 70             771B252F 1 Byte  [62]
.text           C:\Program Files\Windows Media Player\wmpnscfg.exe[3160] kernel32.dll!GetBinaryTypeW + 70            771B252F 1 Byte  [62]
.text           C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe[3272] kernel32.dll!GetBinaryTypeW + 70           771B252F 1 Byte  [62]
.text           C:\Windows\system32\wbem\wmiprvse.exe[3356] kernel32.dll!GetBinaryTypeW + 70                         771B252F 1 Byte  [62]
.text           C:\Program Files\Malwarebytes Anti-Malware\mbam.exe[3384] kernel32.dll!GetBinaryTypeW + 70           771B252F 1 Byte  [62]
.text           ...                                                                                                  
.text           C:\Program Files\HDD Health\hddhealth.exe[4072] ntdll.dll!LdrAccessResource                          7727CFA9 5 Bytes  JMP 00518940 C:\Program Files\HDD Health\hddhealth.exe
.text           C:\Program Files\HDD Health\hddhealth.exe[4072] ntdll.dll!LdrFindResource_U                          7727DE7F 5 Bytes  JMP 005188B0 C:\Program Files\HDD Health\hddhealth.exe
.text           C:\Program Files\HDD Health\hddhealth.exe[4072] kernel32.dll!GetBinaryTypeW + 70                     771B252F 1 Byte  [62]
.text           C:\Program Files\HDD Health\hddhealth.exe[4072] user32.dll!LoadStringA                               77406243 5 Bytes  JMP 005187C0 C:\Program Files\HDD Health\hddhealth.exe
.text           C:\Program Files\HDD Health\hddhealth.exe[4072] user32.dll!LoadStringW                               77419CCB 5 Bytes  JMP 00518850 C:\Program Files\HDD Health\hddhealth.exe
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] ntdll.dll!LdrLoadDll                     77269378 5 Bytes  JMP 008B01F8
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] ntdll.dll!LdrUnloadDll                   7727B680 5 Bytes  JMP 008B03FC
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] ntdll.dll!NtAllocateVirtualMemory        772A3FC4 3 Bytes  [FF, 25, 1E]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] ntdll.dll!NtAllocateVirtualMemory + 4    772A3FC8 2 Bytes  [A7, 71]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] ntdll.dll!NtCreateFile + 6               772A426A 4 Bytes  [28, 68, 76, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] ntdll.dll!NtCreateFile + B               772A426F 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] ntdll.dll!NtMapViewOfSection + 6         772A49BA 4 Bytes  [28, 6B, 76, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] ntdll.dll!NtMapViewOfSection + B         772A49BF 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] ntdll.dll!NtOpenFile + 6                 772A4A4A 4 Bytes  [68, 68, 76, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] ntdll.dll!NtOpenFile + B                 772A4A4F 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] ntdll.dll!NtOpenProcess + 6              772A4ACA 4 Bytes  [A8, 69, 76, 00] {TEST AL, 0x69; JBE 0x4}
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] ntdll.dll!NtOpenProcess + B              772A4ACF 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] ntdll.dll!NtOpenProcessToken + 6         772A4ADA 4 Bytes  CALL 762AC148 C:\Windows\system32\SHELL32.dll
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] ntdll.dll!NtOpenProcessToken + B         772A4ADF 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] ntdll.dll!NtOpenProcessTokenEx + 6       772A4AEA 4 Bytes  [A8, 6A, 76, 00] {TEST AL, 0x6a; JBE 0x4}
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] ntdll.dll!NtOpenProcessTokenEx + B       772A4AEF 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] ntdll.dll!NtOpenThread + 6               772A4B3A 4 Bytes  [68, 69, 76, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] ntdll.dll!NtOpenThread + B               772A4B3F 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] ntdll.dll!NtOpenThreadToken + 6          772A4B4A 4 Bytes  [68, 6A, 76, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] ntdll.dll!NtOpenThreadToken + B          772A4B4F 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] ntdll.dll!NtOpenThreadTokenEx + 6        772A4B5A 4 Bytes  CALL 762AC1C9 C:\Windows\system32\SHELL32.dll
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] ntdll.dll!NtOpenThreadTokenEx + B        772A4B5F 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] ntdll.dll!NtProtectVirtualMemory         772A4BC4 3 Bytes  [FF, 25, 1E]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] ntdll.dll!NtProtectVirtualMemory + 4     772A4BC8 2 Bytes  [AE, 71]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] ntdll.dll!NtQueryAttributesFile + 6      772A4BEA 4 Bytes  [A8, 68, 76, 00] {TEST AL, 0x68; JBE 0x4}
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] ntdll.dll!NtQueryAttributesFile + B      772A4BEF 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] ntdll.dll!NtQueryFullAttributesFile + 6  772A4C9A 4 Bytes  CALL 762AC307 C:\Windows\system32\SHELL32.dll
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] ntdll.dll!NtQueryFullAttributesFile + B  772A4C9F 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] ntdll.dll!NtSetInformationFile + 6       772A517A 4 Bytes  [28, 69, 76, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] ntdll.dll!NtSetInformationFile + B       772A517F 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] ntdll.dll!NtSetInformationThread + 6     772A51CA 4 Bytes  [28, 6A, 76, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] ntdll.dll!NtSetInformationThread + B     772A51CF 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] ntdll.dll!NtUnmapViewOfSection + 6       772A546A 4 Bytes  [68, 6B, 76, 00]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] ntdll.dll!NtUnmapViewOfSection + B       772A546F 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] KERNEL32.dll!CreateProcessW              77161BF3 6 Bytes  JMP 7190000A
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] KERNEL32.dll!CreateProcessA              77161C28 6 Bytes  JMP 718D000A
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] KERNEL32.dll!WriteProcessMemory          77161CB8 6 Bytes  JMP 719F000A
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] KERNEL32.dll!MoveFileW                   7716A2F2 6 Bytes  JMP 7178000A
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] KERNEL32.dll!CopyFileW                   771702A9 6 Bytes  JMP 717E000A
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] KERNEL32.dll!CreateProcessInternalW      77185477 3 Bytes  [FF, 25, 1E]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] KERNEL32.dll!CreateProcessInternalW + 4  7718547B 2 Bytes  [95, 71]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] KERNEL32.dll!CreateProcessInternalA      77188D19 3 Bytes  [FF, 25, 1E]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] KERNEL32.dll!CreateProcessInternalA + 4  77188D1D 2 Bytes  [92, 71]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] KERNEL32.dll!LoadLibraryExW + 173        771894E7 4 Bytes  JMP 71AC000A
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] KERNEL32.dll!HeapCreate                  77189EA3 6 Bytes  JMP 719C000A
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] KERNEL32.dll!VirtualProtectEx            7718DD42 6 Bytes  JMP 71A2000A
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] KERNEL32.dll!VirtualAllocEx              771AAFDC 6 Bytes  JMP 71A5000A
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] KERNEL32.dll!CreateFileW                 771AB1AB 6 Bytes  JMP 7187000A
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] KERNEL32.dll!CreateFileA                 771AD13F 6 Bytes  JMP 718A000A
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] KERNEL32.dll!GetBinaryTypeW + 70         771B252F 1 Byte  [62]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] KERNEL32.dll!CopyFileA                   771B271B 6 Bytes  JMP 7181000A
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] KERNEL32.dll!MoveFileA                   771EFDF9 6 Bytes  JMP 717B000A
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] KERNEL32.dll!SetProcessDEPPolicy         771F63D8 6 Bytes  JMP 7199000A
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] KERNEL32.dll!WinExec                     771F67CA 6 Bytes  JMP 7175000A
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] SHELL32.dll!ShellExecuteW                75CE9725 6 Bytes  JMP 7184000A
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] WININET.dll!HttpOpenRequestA             76945761 6 Bytes  JMP 716C000A
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] WININET.dll!HttpOpenRequestW             76945FEF 6 Bytes  JMP 716F000A
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4108] WS2_32.dll!WSAStartup                    76EBA639 6 Bytes  JMP 7172000A
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4464] ntdll.dll!LdrLoadDll                     77269378 5 Bytes  JMP 000601F8
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4464] ntdll.dll!LdrUnloadDll                   7727B680 5 Bytes  JMP 000603FC
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4464] ntdll.dll!NtAllocateVirtualMemory        772A3FC4 3 Bytes  [FF, 25, 1E]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4464] ntdll.dll!NtAllocateVirtualMemory + 4    772A3FC8 2 Bytes  [A7, 71]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4464] ntdll.dll!NtMapViewOfSection + 6         772A49BA 4 Bytes  [18, 10, FD, 70]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4464] ntdll.dll!NtMapViewOfSection + B         772A49BF 1 Byte  [E2]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4464] ntdll.dll!NtProtectVirtualMemory         772A4BC4 3 Bytes  [FF, 25, 1E]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4464] ntdll.dll!NtProtectVirtualMemory + 4     772A4BC8 2 Bytes  [AE, 71]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4464] KERNEL32.dll!CreateProcessW              77161BF3 6 Bytes  JMP 7190000A
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4464] KERNEL32.dll!CreateProcessA              77161C28 6 Bytes  JMP 718D000A
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4464] KERNEL32.dll!WriteProcessMemory          77161CB8 6 Bytes  JMP 719F000A
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4464] KERNEL32.dll!MoveFileW                   7716A2F2 6 Bytes  JMP 7178000A
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4464] KERNEL32.dll!CopyFileW                   771702A9 6 Bytes  JMP 717E000A
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4464] KERNEL32.dll!CreateProcessInternalW      77185477 3 Bytes  [FF, 25, 1E]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4464] KERNEL32.dll!CreateProcessInternalW + 4  7718547B 2 Bytes  [95, 71]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4464] KERNEL32.dll!CreateProcessInternalA      77188D19 3 Bytes  [FF, 25, 1E]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4464] KERNEL32.dll!CreateProcessInternalA + 4  77188D1D 2 Bytes  [92, 71]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4464] KERNEL32.dll!LoadLibraryExW + 173        771894E7 4 Bytes  JMP 71AC000A
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4464] KERNEL32.dll!HeapCreate                  77189EA3 6 Bytes  JMP 719C000A
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4464] KERNEL32.dll!VirtualProtectEx            7718DD42 6 Bytes  JMP 71A2000A
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4464] KERNEL32.dll!VirtualAllocEx              771AAFDC 6 Bytes  JMP 71A5000A
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4464] KERNEL32.dll!CreateFileW                 771AB1AB 6 Bytes  JMP 7187000A
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4464] KERNEL32.dll!CreateFileA                 771AD13F 6 Bytes  JMP 718A000A
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4464] KERNEL32.dll!GetBinaryTypeW + 70         771B252F 1 Byte  [62]
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4464] KERNEL32.dll!CopyFileA                   771B271B 6 Bytes  JMP 7181000A
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4464] KERNEL32.dll!MoveFileA                   771EFDF9 6 Bytes  JMP 717B000A
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4464] KERNEL32.dll!SetProcessDEPPolicy         771F63D8 6 Bytes  JMP 7199000A
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4464] KERNEL32.dll!WinExec                     771F67CA 6 Bytes  JMP 7175000A
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4464] SHELL32.dll!ShellExecuteW                75CE9725 6 Bytes  JMP 7184000A
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4464] WS2_32.dll!WSAStartup                    76EBA639 6 Bytes  JMP 7172000A
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4464] WININET.dll!HttpOpenRequestA             76945761 6 Bytes  JMP 7163000A
.text           C:\Program Files\Google\Chrome\Application\chrome.exe[4464] WININET.dll!HttpOpenRequestW             76945FEF 6 Bytes  JMP 7167000A
.text           C:\Users\Chris\Desktop\yj9ndfwf.exe[5000] kernel32.dll!GetBinaryTypeW + 70                           771B252F 1 Byte  [62]
.text           C:\Windows\notepad.exe[5120] kernel32.dll!GetBinaryTypeW + 70                                        771B252F 1 Byte  [62]
.text           C:\Windows\system32\cmd.exe[5168] kernel32.dll!GetBinaryTypeW + 70                                   771B252F 1 Byte  [62]
.text           C:\Windows\system32\notepad.exe[5772] kernel32.dll!GetBinaryTypeW + 70                               771B252F 1 Byte  [62]
.text           C:\Program Files\Mozilla Firefox\firefox.exe[5824] ntdll.dll!LdrLoadDll                              77269378 5 Bytes  JMP 71F61F4C C:\Program Files\Mozilla Firefox\mozglue.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[5824] ntdll.dll!LdrUnloadDll                            7727B680 5 Bytes  JMP 000603FC
.text           C:\Program Files\Mozilla Firefox\firefox.exe[5824] ntdll.dll!NtAllocateVirtualMemory                 772A3FC4 3 Bytes  [FF, 25, 1E]
.text           C:\Program Files\Mozilla Firefox\firefox.exe[5824] ntdll.dll!NtAllocateVirtualMemory + 4             772A3FC8 2 Bytes  [A7, 71]
.text           C:\Program Files\Mozilla Firefox\firefox.exe[5824] ntdll.dll!NtCreateFile                            772A4264 5 Bytes  JMP 57563D20 C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[5824] ntdll.dll!NtFlushBuffersFile                      772A4764 5 Bytes  JMP 5754C661 C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[5824] ntdll.dll!NtProtectVirtualMemory                  772A4BC4 3 Bytes  [FF, 25, 1E]
.text           C:\Program Files\Mozilla Firefox\firefox.exe[5824] ntdll.dll!NtProtectVirtualMemory + 4              772A4BC8 2 Bytes  [AE, 71]
.text           C:\Program Files\Mozilla Firefox\firefox.exe[5824] ntdll.dll!NtQueryFullAttributesFile               772A4C94 5 Bytes  JMP 57563820 C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[5824] ntdll.dll!NtReadFile                              772A4EC4 5 Bytes  JMP 5754C750 C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[5824] ntdll.dll!NtReadFileScatter                       772A4ED4 5 Bytes  JMP 57DEE1FF C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[5824] ntdll.dll!NtWriteFile                             772A54D4 5 Bytes  JMP 575643D0 C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[5824] ntdll.dll!NtWriteFileGather                       772A54E4 5 Bytes  JMP 57DEE1AE C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[5824] KERNEL32.dll!CreateProcessW                       77161BF3 6 Bytes  JMP 7190000A
.text           C:\Program Files\Mozilla Firefox\firefox.exe[5824] KERNEL32.dll!CreateProcessA                       77161C28 6 Bytes  JMP 718D000A
.text           C:\Program Files\Mozilla Firefox\firefox.exe[5824] KERNEL32.dll!WriteProcessMemory                   77161CB8 6 Bytes  JMP 719F000A
.text           C:\Program Files\Mozilla Firefox\firefox.exe[5824] KERNEL32.dll!MoveFileW                            7716A2F2 6 Bytes  JMP 7178000A
.text           C:\Program Files\Mozilla Firefox\firefox.exe[5824] KERNEL32.dll!CopyFileW                            771702A9 6 Bytes  JMP 717E000A
.text           C:\Program Files\Mozilla Firefox\firefox.exe[5824] KERNEL32.dll!CreateProcessInternalW               77185477 3 Bytes  [FF, 25, 1E]
.text           C:\Program Files\Mozilla Firefox\firefox.exe[5824] KERNEL32.dll!CreateProcessInternalW + 4           7718547B 2 Bytes  [95, 71]
.text           C:\Program Files\Mozilla Firefox\firefox.exe[5824] KERNEL32.dll!CreateProcessInternalA               77188D19 3 Bytes  [FF, 25, 1E]
.text           C:\Program Files\Mozilla Firefox\firefox.exe[5824] KERNEL32.dll!CreateProcessInternalA + 4           77188D1D 2 Bytes  [92, 71]
.text           C:\Program Files\Mozilla Firefox\firefox.exe[5824] KERNEL32.dll!LoadLibraryExW + 173                 771894E7 4 Bytes  JMP 71AC000A
.text           C:\Program Files\Mozilla Firefox\firefox.exe[5824] KERNEL32.dll!HeapCreate                           77189EA3 6 Bytes  JMP 719C000A
.text           C:\Program Files\Mozilla Firefox\firefox.exe[5824] KERNEL32.dll!HeapSetInformation + 26              7718A9B8 7 Bytes  JMP 575606F3 C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[5824] KERNEL32.dll!VirtualProtectEx                     7718DD42 6 Bytes  JMP 71A2000A
.text           C:\Program Files\Mozilla Firefox\firefox.exe[5824] KERNEL32.dll!LockResource + C                     771A6BD3 7 Bytes  JMP 57D8F55F C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[5824] KERNEL32.dll!VirtualAllocEx                       771AAFDC 6 Bytes  JMP 71A5000A
.text           C:\Program Files\Mozilla Firefox\firefox.exe[5824] KERNEL32.dll!VirtualAllocEx + 54                  771AB030 7 Bytes  JMP 57D8F582 C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[5824] KERNEL32.dll!CreateFileW                          771AB1AB 6 Bytes  JMP 7187000A
.text           C:\Program Files\Mozilla Firefox\firefox.exe[5824] KERNEL32.dll!CreateFileA                          771AD13F 6 Bytes  JMP 718A000A
.text           C:\Program Files\Mozilla Firefox\firefox.exe[5824] KERNEL32.dll!GetBinaryTypeW + 70                  771B252F 1 Byte  [62]
.text           C:\Program Files\Mozilla Firefox\firefox.exe[5824] KERNEL32.dll!CopyFileA                            771B271B 6 Bytes  JMP 7181000A
.text           C:\Program Files\Mozilla Firefox\firefox.exe[5824] KERNEL32.dll!MoveFileA                            771EFDF9 6 Bytes  JMP 717B000A
.text           C:\Program Files\Mozilla Firefox\firefox.exe[5824] KERNEL32.dll!SetProcessDEPPolicy                  771F63D8 6 Bytes  JMP 7199000A
.text           C:\Program Files\Mozilla Firefox\firefox.exe[5824] KERNEL32.dll!WinExec                              771F67CA 6 Bytes  JMP 7175000A
.text           C:\Program Files\Mozilla Firefox\firefox.exe[5824] USER32.dll!GetWindowInfo                          7741428E 5 Bytes  JMP 57C9E5A9 C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[5824] GDI32.dll!SetStretchBltMode + 256                 768C745C 7 Bytes  JMP 57D8F4E0 C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[5824] SHELL32.dll!ShellExecuteW                         75CE9725 6 Bytes  JMP 7184000A
.text           C:\Program Files\Mozilla Firefox\firefox.exe[5824] WS2_32.dll!WSAStartup                             76EBA639 6 Bytes  JMP 7172000A
.text           C:\Program Files\Mozilla Firefox\firefox.exe[5824] WININET.dll!HttpOpenRequestA                      76945761 6 Bytes  JMP 716F000A
.text           C:\Program Files\Mozilla Firefox\firefox.exe[5824] WININET.dll!HttpOpenRequestW                      76945FEF 6 Bytes  JMP 7169000A
.text           C:\Windows\system32\SearchIndexer.exe[5940] kernel32.dll!GetBinaryTypeW + 70                         771B252F 1 Byte  [62]
.text           C:\Users\Chris\Downloads\zoek.exe[6016] kernel32.dll!GetBinaryTypeW + 70                             771B252F 1 Byte  [62]

---- Devices - GMER 2.1 ----

AttachedDevice  \Driver\tdx \Device\Tcp                                                                              aswNdis2.sys
AttachedDevice  \Driver\tdx \Device\Udp                                                                              aswNdis2.sys

---- EOF - GMER 2.1 ----
 


  • 0

#6
Naathim
Posted 16 August 2014 - 04:53 PM

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts
Is Firefox the only one affected browser?
  • 0

#7
macca2
Posted 16 August 2014 - 11:36 PM

macca2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

yes but always happens on a few others too


  • 0

#8
Naathim
Posted 17 August 2014 - 12:28 PM

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Hi :)



TDSSKiller_Kaspersky.png Scan with TDSSKiller

Please download TDSSKiller by Kaspersky and save it to your desktop.

  • Right-click on TDSSKiller_Kaspersky.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Click on Change parameters and put a checkmark beside Loaded modules. A reboot will be needed to apply the changes, allow it to do so.
  • Your machine may appear very slow and unusable after that - it's normal.
  • TDSSKiller will run automaticaly. Click on Change parameters and click OK.
  • Make sure that Verify driver digital signatures & Detect TDLFS File System are marked and click OK.
  • Click the Start Scan button and wait patiently.
  • If anything will be found follow this guidelines:
    • If a suspicious object is detected, the default action will be Skip, click on Continue.
    • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
      Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
      If Cure is not available, please choose Skip instead.
    • Do not choose Delete unless instructed!

A report will be created in your root directory, (usually C:\ drive) in the form of TDSSKiller.[Version]_[Date]_[Time]_log.txt. Please include the contents of that file in your next post.


51a46ae42d560-malwarebytes_anti_malware. Scan with Malwarebytes' Anti-Malware

Please re-run 51a46ae42d560-malwarebytes_anti_malware. Malwarebytes' Anti-Malware.

  • First of all, select update.
  • Once updated, click the Settings tab, in the left panel choose Detctions & protection and tick Scan for rootkits.
  • Click the Scan tab, choose Threat Scan is checked and click Scan Now.
  • If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs and double-click the newest Scan Log.
  • At the bottom click Export and choose Text file.

Save the file to your desktop and include its content in your next reply.


  • 0

#9
macca2
Posted 17 August 2014 - 01:39 PM

macca2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

the link for tdskiller didnt work . got page 404

had to google it

tds didnt find anthing

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 17/08/2014
Scan Time: 20:23:39
Logfile: aa.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.08.17.05
Rootkit Database: v2014.08.16.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows Vista Service Pack 2
CPU: x86
File System: NTFS
User: Chris

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 280417
Time Elapsed: 13 min, 37 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)


  • 0

#10
Naathim
Posted 18 August 2014 - 07:06 AM

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

OK, let's try someting different.

51e15692b05a4-MiniToolbox.PNG Scan with MiniToolBox

Please download MiniToolBox by Farbar and save it to your desktop.

  • Right-click on 51e15692b05a4-MiniToolbox.PNG icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • In the main window please checkmark the following checkboxes:
    • Flush DNS;
    • Report IE Proxy Settings;
    • Reset IE Proxy Settings;
    • Report FF Proxy Settings;
    • Reset FF Proxy Settings;
    • List content of Hosts;
    • List IP configuration;
    • List Winsock Entries;
    • List last 10 Event Viewer log;
    • List Installed Programs;
    • List Devices (Only problems);
    • List Users, Partitions and Memory size;
    • List Minidump Files.
  • Click Go and wait paiently.
  • Upon completion (a reboot may be needed) a file called Result.txt will be saved on your desktop.

Please include the content of that file in your next reply.


After that


FRST.gif Scan with Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool and save it to your Desktop.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • When the tool opens click Yes to disclaimer.
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please copy and paste their content into your next reply.

 

 

Also please search for the TDSSKiller logfile as mentioned prior and post its logfile for me.


  • 0

Advertisements

#11
macca2
Posted 19 August 2014 - 04:36 AM

macca2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

MiniToolBox by Farbar  Version: 21-07-2014
Ran by Chris (administrator) on 19-08-2014 at 11:35:43
Running from "C:\Users\Chris\Desktop"
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

Intel® 82562V 10/100 Network Connection = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : DELL-530
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection* 6:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : GoTrusted Adapter
   Physical Address. . . . . . . . . : 00-FF-79-3E-D1-CD
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel® 82562V 10/100 Network Connection
   Physical Address. . . . . . . . . : 00-1E-C9-82-BA-AF
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::3010:def5:a2ad:9e00%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.2(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 17 August 2014 20:17:43
   Lease Expires . . . . . . . . . . : 20 August 2014 08:17:42
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 251666121
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-DD-8D-BF-00-1E-C9-82-BA-AF
   DNS Servers . . . . . . . . . . . : 192.168.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{C010AF49-0C76-4353-BB35-19AE24C74C4F}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{793ED1CD-EDC2-40C6-9B31-3A7C67AA8F66}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  www.routerlogin.com
Address:  192.168.0.1

Name:    google.com
Addresses:  2a00:1450:4009:80c::1007
      74.125.230.238
      74.125.230.233
      74.125.230.229
      74.125.230.226
      74.125.230.228
      74.125.230.224
      74.125.230.225
      74.125.230.231
      74.125.230.232
      74.125.230.227
      74.125.230.230



Pinging google.com [74.125.230.99] with 32 bytes of data:

General failure.

Reply from 74.125.230.99: bytes=32 time=35ms TTL=56



Ping statistics for 74.125.230.99:

    Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),

Approximate round trip times in milli-seconds:

    Minimum = 35ms, Maximum = 35ms, Average = 35ms

Server:  www.routerlogin.com
Address:  192.168.0.1

Name:    yahoo.com
Addresses:  206.190.36.45
      98.138.253.109
      98.139.183.24



Pinging yahoo.com [206.190.36.45] with 32 bytes of data:

General failure.

Reply from 206.190.36.45: bytes=32 time=193ms TTL=50



Ping statistics for 206.190.36.45:

    Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),

Approximate round trip times in milli-seconds:

    Minimum = 193ms, Maximum = 193ms, Average = 193ms



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
 13 ...00 ff 79 3e d1 cd ...... GoTrusted Adapter
 11 ...00 1e c9 82 ba af ...... Intel® 82562V 10/100 Network Connection
  1 ........................... Software Loopback Interface 1
 14 ...00 00 00 00 00 00 00 e0  isatap.{C010AF49-0C76-4353-BB35-19AE24C74C4F}
 10 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
 22 ...00 00 00 00 00 00 00 e0  isatap.{793ED1CD-EDC2-40C6-9B31-3A7C67AA8F66}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1      192.168.0.2     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link       192.168.0.2    276
      192.168.0.2  255.255.255.255         On-link       192.168.0.2    276
    192.168.0.255  255.255.255.255         On-link       192.168.0.2    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.0.2    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.0.2    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 11    276 fe80::/64                On-link
 11    276 fe80::3010:def5:a2ad:9e00/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/16/2014 10:34:21 PM) (Source: Perflib) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (08/16/2014 05:32:36 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\7LZZYKUH.DEFAULT-1388230871395\CACHE\7\80> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (08/16/2014 05:32:36 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\7LZZYKUH.DEFAULT-1388230871395\CACHE\7\80> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (08/16/2014 05:32:36 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\7LZZYKUH.DEFAULT-1388230871395\CACHE\C\8A> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (08/16/2014 05:32:36 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\7LZZYKUH.DEFAULT-1388230871395\CACHE\C\8A> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (08/16/2014 05:32:36 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\7LZZYKUH.DEFAULT-1388230871395\CACHE\B\FC> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (08/16/2014 05:32:36 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\7LZZYKUH.DEFAULT-1388230871395\CACHE\B\FC> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (08/16/2014 05:32:36 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\7LZZYKUH.DEFAULT-1388230871395\CACHE\A\AB> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (08/16/2014 05:32:36 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\7LZZYKUH.DEFAULT-1388230871395\CACHE\A\AB> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (08/16/2014 05:32:36 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\7LZZYKUH.DEFAULT-1388230871395\CACHE\F\81> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)


System errors:
=============
Error: (08/16/2014 10:47:28 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 22:45:32 on 16/08/2014 was unexpected.

Error: (08/16/2014 09:29:55 AM) (Source: Service Control Manager) (User: )
Description: Windows Search%%1053

Error: (08/16/2014 09:29:55 AM) (Source: Service Control Manager) (User: )
Description: 30000Windows Search

Error: (08/16/2014 09:29:55 AM) (Source: DCOM) (User: )
Description: 1053WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (08/14/2014 05:37:07 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: 0x80070643Definition Update for Windows Defender - KB915597 (Definition 1.179.2798.0){81ECCF3F-B3C7-44E4-A13D-FCB149AC2693}200

Error: (08/09/2014 10:01:28 AM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.0.2 for the Network Card with network address 001EC982BAAF has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).

Error: (08/08/2014 07:49:05 PM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.0.2 for the Network Card with network address 001EC982BAAF has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).

Error: (08/08/2014 07:49:04 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 19:47:17 on 08/08/2014 was unexpected.

Error: (08/08/2014 01:02:39 PM) (Source: DCOM) (User: )
Description: {4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (08/08/2014 01:01:15 PM) (Source: Service Control Manager) (User: )
Description: 30000WPDBusEnum


Microsoft Office Sessions:
=========================
Error: (08/16/2014 10:34:21 PM) (Source: Perflib)(User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (08/16/2014 05:32:36 PM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\7LZZYKUH.DEFAULT-1388230871395\CACHE\7\80

Error: (08/16/2014 05:32:36 PM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\7LZZYKUH.DEFAULT-1388230871395\CACHE\7\80

Error: (08/16/2014 05:32:36 PM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\7LZZYKUH.DEFAULT-1388230871395\CACHE\C\8A

Error: (08/16/2014 05:32:36 PM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\7LZZYKUH.DEFAULT-1388230871395\CACHE\C\8A

Error: (08/16/2014 05:32:36 PM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\7LZZYKUH.DEFAULT-1388230871395\CACHE\B\FC

Error: (08/16/2014 05:32:36 PM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\7LZZYKUH.DEFAULT-1388230871395\CACHE\B\FC

Error: (08/16/2014 05:32:36 PM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\7LZZYKUH.DEFAULT-1388230871395\CACHE\A\AB

Error: (08/16/2014 05:32:36 PM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\7LZZYKUH.DEFAULT-1388230871395\CACHE\A\AB

Error: (08/16/2014 05:32:36 PM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\7LZZYKUH.DEFAULT-1388230871395\CACHE\F\81


CodeIntegrity Errors:
===================================
  Date: 2014-08-19 11:04:00.628
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-08-19 11:04:00.472
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-08-19 11:04:00.301
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-08-19 11:04:00.145
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-08-19 03:55:52.919
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-08-19 03:55:52.716
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-08-19 03:55:52.542
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-08-19 03:55:52.380
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-08-19 02:45:37.924
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-08-19 02:45:37.745
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.



 Leawo Video Converter version  5.1.0.0 (HKLM\...\{331ED3CF-3A1B-467C-9A62-899E2D3B20C4}_is1) (Version:  - )
=========================== Installed Programs ============================
Adobe AIR (HKLM\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe AIR (Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Community Help (Version: 3.4.980 - Adobe Systems Incorporated.) Hidden
Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.6 - Adobe Systems Incorporated)
Adobe Download Assistant (Version: 1.0.6 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.176 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
avast! Internet Security (HKLM\...\Avast) (Version: 9.0.2021 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
ConvertXtoDVD 4.0.9.322 (HKLM\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.0.9.322 - )
EasyBCD 1.7 (HKLM\...\EasyBCD) (Version: 1.7 - NeoSmart Technologies)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
ffdshow [rev 2180] [2008-10-04] (HKLM\...\ffdshow_is1) (Version: 1.0 - )
Google Chrome (HKLM\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
HDD Health v4.2 (HKLM\...\HDD Health_is1) (Version:  - )
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
K-Lite Codec Pack 7.0.0 (Standard) (HKLM\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
Malwarebytes Anti-Exploit version 1.03.1.1220 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.03.1.1220 - Malwarebytes)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Excel Viewer 2003 (HKLM\...\{90840409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 31.0 (x86 en-US) (HKLM\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MPC-HC 1.7.0 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.0.7858 - MPC-HC Team)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Nero 7 Lite 7.10.1.2 (HKLM\...\Nero7Lite_is1) (Version: 7.10.1.2 - UpdatePack.nl)
neroxml (Version: 1.0.0 - Nero AG) Hidden
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version:  - )
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Samsung Story Album Viewer (HKLM\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
Skitch (HKLM\...\Skitch 1.0.2.0) (Version: 2.2.0.4 - Evernote Corp.)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
YouTube Downloader App 3.00 (HKLM\...\YouTube Downloader App) (Version: 3.00 - Regensoft)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 49%
Total physical RAM: 3060.45 MB
Available physical RAM: 1559.21 MB
Total Pagefile: 6357.91 MB
Available Pagefile: 4331.13 MB
Total Virtual: 2047.88 MB
Available Virtual: 1953.89 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:288.32 GB) (Free:180.05 GB) NTFS
2 Drive d: (Recovery) (Fixed) (Total:9.77 GB) (Free:3.88 GB) NTFS

========================= Users: ========================================

User accounts for \\DELL-530

Administrator            Chris                    Guest                    

========================= Minidump Files ==================================

No minidump file found


**** End of log ****
 


  • 0

#12
Naathim
Posted 19 August 2014 - 04:54 AM

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts
Hi :)

What about FRST & TDSSKiller?
  • 0

#13
macca2
Posted 19 August 2014 - 01:32 PM

macca2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

dditional scan result of Farbar Recovery Scan Tool (x86) Version:17-08-2014 01
Ran by Chris at 2014-08-19 11:38:09
Running from C:\Users\Chris\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Leawo Video Converter version  5.1.0.0 (HKLM\...\{331ED3CF-3A1B-467C-9A62-899E2D3B20C4}_is1) (Version:  - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe AIR (Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Community Help (Version: 3.4.980 - Adobe Systems Incorporated.) Hidden
Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.6 - Adobe Systems Incorporated)
Adobe Download Assistant (Version: 1.0.6 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.176 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
avast! Internet Security (HKLM\...\Avast) (Version: 9.0.2021 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
ConvertXtoDVD 4.0.9.322 (HKLM\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.0.9.322 - )
EasyBCD 1.7 (HKLM\...\EasyBCD) (Version: 1.7 - NeoSmart Technologies)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
ffdshow [rev 2180] [2008-10-04] (HKLM\...\ffdshow_is1) (Version: 1.0 - )
Google Chrome (HKLM\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
HDD Health v4.2 (HKLM\...\HDD Health_is1) (Version:  - )
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
K-Lite Codec Pack 7.0.0 (Standard) (HKLM\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
Malwarebytes Anti-Exploit version 1.03.1.1220 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.03.1.1220 - Malwarebytes)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Excel Viewer 2003 (HKLM\...\{90840409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 31.0 (x86 en-US) (HKLM\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MPC-HC 1.7.0 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.0.7858 - MPC-HC Team)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Nero 7 Lite 7.10.1.2 (HKLM\...\Nero7Lite_is1) (Version: 7.10.1.2 - UpdatePack.nl)
neroxml (Version: 1.0.0 - Nero AG) Hidden
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version:  - )
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Samsung Story Album Viewer (HKLM\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
Skitch (HKLM\...\Skitch 1.0.2.0) (Version: 2.2.0.4 - Evernote Corp.)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
YouTube Downloader App 3.00 (HKLM\...\YouTube Downloader App) (Version: 3.00 - Regensoft)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

30-07-2014 00:24:11 Scheduled Checkpoint
30-07-2014 20:51:31 Removed GoTrusted Secure Tunnel v2.3.5.9
31-07-2014 23:41:49 Scheduled Checkpoint
01-08-2014 21:05:27 Scheduled Checkpoint
01-08-2014 23:46:35 Windows Update
02-08-2014 14:58:20 Removed Kaspersky Internet Security.
02-08-2014 21:48:19 avast! antivirus system restore point
03-08-2014 23:09:14 Scheduled Checkpoint
04-08-2014 23:00:01 Scheduled Checkpoint
08-08-2014 12:13:21 Windows Update
09-08-2014 23:00:01 Scheduled Checkpoint
10-08-2014 23:00:01 Scheduled Checkpoint
11-08-2014 23:00:02 Scheduled Checkpoint
12-08-2014 11:01:04 Scheduled Checkpoint
14-08-2014 16:22:46 Windows Update
14-08-2014 16:52:23 Windows Update
15-08-2014 15:35:45 Scheduled Checkpoint
16-08-2014 21:19:53 zoek.exe restore point
17-08-2014 20:05:44 Scheduled Checkpoint
18-08-2014 23:00:03 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-01-28 16:22 - 2014-07-28 21:34 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {08955F4D-C035-4807-95F0-4727CEBEE83D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-02] (AVAST Software)
Task: {0945E1CB-16D0-411C-8521-E36129FC4CAD} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3299710142-3868310564-1978959094-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {0E85FA89-016D-4346-B9F7-05F4D0C132EE} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {55BCF811-A564-4112-86D0-CE9A15394CF0} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3299710142-3868310564-1978959094-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {6092D648-6209-4D6F-9B67-908F6DA777DD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {677CD573-8156-4B83-8781-B7646D6B0415} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-19] (Adobe Systems Incorporated)
Task: {6AB10674-89F8-4900-9832-2CF880C72577} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3299710142-3868310564-1978959094-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {8214B684-CA5F-4C69-89AA-C1D18ACA5CB0} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3299710142-3868310564-1978959094-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {85281012-34B8-4BAA-9EF3-93B5EA5F07FC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-06-02] (Google Inc.)
Task: {8A6403D3-82D2-4E66-8DBE-0E6A1517755E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-06-02] (Google Inc.)
Task: {DC0B49E4-3258-40BE-81A6-B40E45F2E425} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-08-02 22:53 - 2014-08-02 22:53 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-08-18 08:39 - 2014-08-18 08:39 - 02797568 _____ () C:\Program Files\AVAST Software\Avast\defs\14081800\algo.dll
2014-03-25 06:27 - 2013-03-08 10:54 - 00017760 _____ () C:\Program Files\HDD Health\HDDHealthService.exe
2013-08-14 15:19 - 2013-08-14 15:19 - 00039056 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-08-02 22:53 - 2014-08-02 22:53 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-07-29 22:40 - 2014-07-29 22:40 - 03800688 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Chris\Downloads\(Movie) The Gambler (1974) (PeRfEcTo).avi:TOC.WMV
AlternateDataStreams: C:\Users\Chris\Downloads\20120317_142032-trim-03-17-trim-03-18-00-17-38.3gp:TOC.WMV
AlternateDataStreams: C:\Users\Chris\Downloads\a.3gp:TOC.WMV
AlternateDataStreams: C:\Users\Chris\Downloads\classic emmerdale 2006.01.09.tvrip.xvid.(4254).robinhood99.avi:TOC.WMV
AlternateDataStreams: C:\Users\Chris\Downloads\emandme.MPG:TOC.WMV
AlternateDataStreams: C:\Users\Chris\Downloads\Luck.S01E02.HDTV.XviD-2HD.avi:TOC.WMV
AlternateDataStreams: C:\Users\Chris\Downloads\Luck.S01E03.HDTV.XviD-FQM.avi:TOC.WMV
AlternateDataStreams: C:\Users\Chris\Downloads\Luck.S01E04.HDTV.XviD-ASAP.avi:TOC.WMV
AlternateDataStreams: C:\Users\Chris\Downloads\Luck.S01E05.HDTV.x264-ASAP.mp4:TOC.WMV
AlternateDataStreams: C:\Users\Chris\Downloads\Luck.S01E06.HDTV.XviD-FQM.avi:TOC.WMV
AlternateDataStreams: C:\Users\Chris\Downloads\Luck.S01E07.HDTV.XviD-FQM.avi:TOC.WMV
AlternateDataStreams: C:\Users\Chris\Downloads\Luck.S01E08.HDTV.x264-ASAP.mp4:TOC.WMV
AlternateDataStreams: C:\Users\Chris\Downloads\Luck.S01E09.HDTV.x264-ASAP.mp4:TOC.WMV
AlternateDataStreams: C:\Users\Chris\Downloads\McKenzie_Lee_-_Cumshot_Compilation.avi:TOC.WMV
AlternateDataStreams: C:\Users\Chris\Downloads\MOV00687.MP4:TOC.WMV
AlternateDataStreams: C:\Users\Chris\Downloads\SizableSend.com-Upload-01-26-2013-1453018---George-Orwell-1984-DVD-RIP.avi:TOC.WMV
AlternateDataStreams: C:\Users\Chris\Downloads\vid2.3gp:TOC.WMV

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\84145054.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\84145054.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: QuickTime Task =>
MSCONFIG\startupreg: TkBellExe =>

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/16/2014 10:34:21 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (08/16/2014 05:32:36 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\7LZZYKUH.DEFAULT-1388230871395\CACHE\7\80> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (08/16/2014 05:32:36 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\7LZZYKUH.DEFAULT-1388230871395\CACHE\7\80> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (08/16/2014 05:32:36 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\7LZZYKUH.DEFAULT-1388230871395\CACHE\C\8A> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (08/16/2014 05:32:36 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\7LZZYKUH.DEFAULT-1388230871395\CACHE\C\8A> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (08/16/2014 05:32:36 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\7LZZYKUH.DEFAULT-1388230871395\CACHE\B\FC> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (08/16/2014 05:32:36 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\7LZZYKUH.DEFAULT-1388230871395\CACHE\B\FC> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (08/16/2014 05:32:36 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\7LZZYKUH.DEFAULT-1388230871395\CACHE\A\AB> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (08/16/2014 05:32:36 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\7LZZYKUH.DEFAULT-1388230871395\CACHE\A\AB> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (08/16/2014 05:32:36 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\7LZZYKUH.DEFAULT-1388230871395\CACHE\F\81> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)


System errors:
=============
Error: (08/16/2014 10:47:28 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 22:45:32 on 16/08/2014 was unexpected.

Error: (08/16/2014 09:29:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Windows Search%%1053

Error: (08/16/2014 09:29:55 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Windows Search

Error: (08/16/2014 09:29:55 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1053WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (08/14/2014 05:37:07 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: 0x80070643Definition Update for Windows Defender - KB915597 (Definition 1.179.2798.0){81ECCF3F-B3C7-44E4-A13D-FCB149AC2693}200

Error: (08/09/2014 10:01:28 AM) (Source: Dhcp) (EventID: 1002) (User: )
Description: The IP address lease 192.168.0.2 for the Network Card with network address 001EC982BAAF has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).

Error: (08/08/2014 07:49:05 PM) (Source: Dhcp) (EventID: 1002) (User: )
Description: The IP address lease 192.168.0.2 for the Network Card with network address 001EC982BAAF has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).

Error: (08/08/2014 07:49:04 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 19:47:17 on 08/08/2014 was unexpected.

Error: (08/08/2014 01:02:39 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (08/08/2014 01:01:15 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000WPDBusEnum


Microsoft Office Sessions:
=========================
Error: (08/16/2014 10:34:21 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (08/16/2014 05:32:36 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\7LZZYKUH.DEFAULT-1388230871395\CACHE\7\80

Error: (08/16/2014 05:32:36 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\7LZZYKUH.DEFAULT-1388230871395\CACHE\7\80

Error: (08/16/2014 05:32:36 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\7LZZYKUH.DEFAULT-1388230871395\CACHE\C\8A

Error: (08/16/2014 05:32:36 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\7LZZYKUH.DEFAULT-1388230871395\CACHE\C\8A

Error: (08/16/2014 05:32:36 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\7LZZYKUH.DEFAULT-1388230871395\CACHE\B\FC

Error: (08/16/2014 05:32:36 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\7LZZYKUH.DEFAULT-1388230871395\CACHE\B\FC

Error: (08/16/2014 05:32:36 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\7LZZYKUH.DEFAULT-1388230871395\CACHE\A\AB

Error: (08/16/2014 05:32:36 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\7LZZYKUH.DEFAULT-1388230871395\CACHE\A\AB

Error: (08/16/2014 05:32:36 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\CHRIS\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\7LZZYKUH.DEFAULT-1388230871395\CACHE\F\81


CodeIntegrity Errors:
===================================
  Date: 2014-08-19 11:04:00.628
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-08-19 11:04:00.472
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-08-19 11:04:00.301
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-08-19 11:04:00.145
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-08-19 03:55:52.919
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-08-19 03:55:52.716
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-08-19 03:55:52.542
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-08-19 03:55:52.380
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-08-19 02:45:37.924
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-08-19 02:45:37.745
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™2 Duo CPU E6750 @ 2.66GHz
Percentage of memory in use: 49%
Total physical RAM: 3060.45 MB
Available physical RAM: 1535.54 MB
Total Pagefile: 6357.91 MB
Available Pagefile: 4304.38 MB
Total Virtual: 2047.88 MB
Available Virtual: 1899.69 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:288.32 GB) (Free:179.95 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Recovery) (Fixed) (Total:9.77 GB) (Free:3.88 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 5ED7C68A)
Partition 1: (Active) - (Size=288.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=9.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:17-08-2014 01
Ran by Chris (administrator) on DELL-530 on 19-08-2014 11:37:29
Running from C:\Users\Chris\Desktop
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Andrea Electronics Corporation) C:\Windows\System32\AERTSrv.exe
() C:\Program Files\HDD Health\HDDHealthService.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Exploit\mbae-svc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(PANTERASoft) C:\Program Files\HDD Health\hddhealth.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\BrowserCleanup.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\Run: [GoTrusted] => C:\Program Files\GoTrusted.com\GoTrusted Secure Tunnel v2.3.5.9\GoTrusted Secure Tunnel.exe
HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HDDHealth.lnk
ShortcutTarget: HDDHealth.lnk -> C:\Program Files\HDD Health\hddhealth.exe (PANTERASoft)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://uk.search.ya...p={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://uk.yahoo.com...t&type=avastbcl
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://uk.yahoo.com...t&type=avastbcl
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://uk.yahoo.com...t&type=avastbcl
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://uk.search.ya...p={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://uk.yahoo.com...t&type=avastbcl
SearchScopes: HKLM - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://uk.search.ya...p={searchTerms}
SearchScopes: HKLM - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://uk.search.ya...p={searchTerms}
SearchScopes: HKCU - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://uk.search.ya...p={searchTerms}
SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://uk.search.ya...p={searchTerms}
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.m...ash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\7lzzykuh.default-1388230871395
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF Extension: WOT - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\7lzzykuh.default-1388230871395\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-08-01]
FF Extension: NoScript - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\7lzzykuh.default-1388230871395\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-03-16]
FF Extension: Adblock Plus - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\7lzzykuh.default-1388230871395\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-16]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-02-04]
FF HKLM\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-08-16]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-08]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-02]

Chrome:
=======
CHR HomePage: https://uk.yahoo.com...t&type=avastbcl
CHR StartupUrls: "https://uk.yahoo.com...&type=avastbcl"
CHR Extension: (Google Docs) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-04-16]
CHR Extension: (Google Drive) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-04-16]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-16]
CHR Extension: (YouTube) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-16]
CHR Extension: (Google Search) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-16]
CHR Extension: (AdBlock) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-17]
CHR Extension: (avast! Online Security) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-06-02]
CHR Extension: (RealDownloader) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-04-16]
CHR Extension: (Google Wallet) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-02]
CHR Extension: (ScriptSafe) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf [2014-08-17]
CHR Extension: (Gmail) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-16]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-02]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AERTFilters; C:\Windows\system32\AERTSrv.exe [77824 2007-12-05] (Andrea Electronics Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-02] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-08-02] (AVAST Software)
R2 HDDHealth; C:\Program Files\HDD Health\HDDHealthService.exe [17760 2013-03-08] () [File not signed]
R2 MbaeSvc; C:\Program Files\Malwarebytes Anti-Exploit\mbae-svc.exe [360592 2014-06-04] (Malwarebytes Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-08-02] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [26136 2014-08-02] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-08-02] (AVAST Software)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12112 2014-08-02] (ALWIL Software)
R0 aswNdis2; C:\Windows\system32\Drivers\aswNdis2.sys [252872 2014-08-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55112 2014-08-02] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-08-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-08-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-08-02] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57800 2014-08-02] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-08-02] ()
R1 ESProtectionDriver; C:\Program Files\Malwarebytes Anti-Exploit\mbae.sys [44760 2014-06-04] ()
R3 gttap1; C:\Windows\System32\DRIVERS\gttap1.sys [32552 2013-09-12] (The OpenVPN Project)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-08-19] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
S3 MOSUMAC; C:\Windows\System32\DRIVERS\MOSUMAC.SYS [43520 2009-12-10] (--)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Chris\AppData\Local\Temp\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-19 11:37 - 2014-08-19 11:37 - 00016225 _____ () C:\Users\Chris\Desktop\FRST.txt
2014-08-19 11:37 - 2014-08-19 11:37 - 00000000 ____D () C:\FRST
2014-08-19 11:36 - 2014-08-19 11:36 - 01093632 _____ (Farbar) C:\Users\Chris\Desktop\FRST.exe
2014-08-19 11:35 - 2014-08-19 11:36 - 00029419 _____ () C:\Users\Chris\Desktop\Result.txt
2014-08-19 11:34 - 2014-08-19 11:34 - 00401920 _____ (Farbar) C:\Users\Chris\Desktop\MiniToolBox(1).exe
2014-08-19 00:42 - 2014-08-19 00:42 - 00401920 _____ (Farbar) C:\Users\Chris\Downloads\MiniToolBox.exe
2014-08-17 20:38 - 2014-08-17 20:38 - 00001055 _____ () C:\Users\Chris\Desktop\aa.txt
2014-08-17 20:14 - 2014-08-17 20:14 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Chris\Desktop\tdsskiller.exe
2014-08-16 22:42 - 2014-08-16 22:42 - 00033972 _____ () C:\Users\Chris\Desktop\home.log
2014-08-16 22:26 - 2014-08-16 22:26 - 00380416 _____ () C:\Users\Chris\Desktop\yj9ndfwf.exe
2014-08-16 22:19 - 2014-08-16 22:25 - 00029790 _____ () C:\zoek-results.log
2014-08-16 22:19 - 2014-08-16 22:25 - 00000816 _____ () C:\runcheck.txt
2014-08-16 22:19 - 2014-08-16 22:19 - 00000000 ____D () C:\zoek_backup
2014-08-16 22:17 - 2014-08-16 22:18 - 01288704 _____ () C:\Users\Chris\Downloads\zoek.exe
2014-08-16 17:50 - 2014-08-16 17:50 - 00071950 _____ () C:\Users\Chris\Desktop\OTL.Txt
2014-08-16 17:50 - 2014-08-16 17:50 - 00030160 _____ () C:\Users\Chris\Desktop\Extras.Txt
2014-08-16 17:41 - 2014-08-16 17:41 - 00602112 _____ (OldTimer Tools) C:\Users\Chris\Desktop\OTL.exe
2014-08-14 17:59 - 2014-06-26 23:17 - 00619664 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 17:59 - 2014-06-26 23:17 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 17:59 - 2014-06-26 23:17 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 17:59 - 2014-06-06 05:28 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-14 17:28 - 2014-07-24 19:07 - 12356608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-14 17:28 - 2014-07-24 18:58 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-14 17:28 - 2014-07-24 18:57 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-14 17:28 - 2014-07-24 18:52 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-14 17:28 - 2014-07-24 18:51 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-14 17:28 - 2014-07-24 18:51 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-14 17:28 - 2014-07-24 18:50 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-14 17:28 - 2014-07-24 18:50 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-14 17:28 - 2014-07-24 18:49 - 01802240 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-14 17:28 - 2014-07-24 18:49 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-14 17:28 - 2014-07-24 18:49 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-14 17:28 - 2014-07-24 18:49 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-14 17:28 - 2014-07-24 18:49 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-14 17:28 - 2014-07-24 18:48 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-14 17:28 - 2014-07-24 18:48 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-14 17:28 - 2014-07-24 18:48 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-14 17:28 - 2014-07-24 18:48 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-14 17:28 - 2014-07-24 18:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-14 17:28 - 2014-07-24 18:48 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-14 17:28 - 2014-07-24 18:48 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-14 17:28 - 2014-07-24 18:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-14 17:28 - 2014-07-08 01:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-14 17:28 - 2014-06-14 01:44 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-14 17:28 - 2014-06-14 01:33 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-08-14 17:28 - 2014-06-02 11:31 - 02263552 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-14 17:28 - 2014-06-02 11:31 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-14 17:28 - 2014-06-02 11:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-14 17:28 - 2014-06-02 11:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-08-14 17:28 - 2014-06-02 09:56 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-14 17:27 - 2014-07-25 05:26 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-14 17:27 - 2014-07-25 03:53 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-07 05:56 - 2014-08-07 05:56 - 00000000 ____D () C:\Windows\system32\14080601_stream
2014-08-02 22:55 - 2014-08-02 22:55 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\AVAST Software
2014-08-02 22:54 - 2014-08-02 22:54 - 00001899 _____ () C:\Users\Public\Desktop\avast! SafeZone.lnk
2014-08-02 22:54 - 2014-08-02 22:54 - 00001839 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-08-02 22:54 - 2014-08-02 22:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-08-02 22:53 - 2014-08-02 22:54 - 00414520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-08-02 22:53 - 2014-08-02 22:53 - 00779536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-08-02 22:53 - 2014-08-02 22:53 - 00276432 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-08-02 22:53 - 2014-08-02 22:53 - 00192352 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-08-02 22:53 - 2014-08-02 22:53 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-08-02 22:53 - 2014-08-02 22:53 - 00057800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2014-08-02 22:53 - 2014-08-02 22:53 - 00055112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2014-08-02 22:53 - 2014-08-02 22:53 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-08-02 22:53 - 2014-08-02 22:53 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-02 22:53 - 2014-08-02 22:53 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-08-02 22:53 - 2014-08-02 22:52 - 00252872 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdis2.sys
2014-08-02 22:53 - 2014-08-02 22:52 - 00026136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-08-02 22:52 - 2014-08-02 22:52 - 00012112 _____ (ALWIL Software) C:\Windows\system32\Drivers\aswNdis.sys
2014-08-02 22:48 - 2014-08-02 22:48 - 00000000 ____D () C:\Program Files\AVAST Software
2014-08-02 22:47 - 2014-08-02 22:47 - 00001737 _____ () C:\Users\Chris\Desktop\license 3109.avastlic
2014-08-02 22:45 - 2014-08-02 22:45 - 04834344 _____ (AVAST Software) C:\Users\Chris\Downloads\avast_internet_security_setup_online.exe
2014-08-01 19:13 - 2014-08-01 19:13 - 02347384 _____ (ESET) C:\Users\Chris\Downloads\esetsmartinstaller_enu.exe
2014-08-01 19:04 - 2014-08-01 19:04 - 00448512 _____ (OldTimer Tools) C:\Users\Chris\Downloads\TFC.exe
2014-08-01 19:04 - 2014-08-01 19:04 - 00388830 _____ () C:\Users\Chris\Desktop\Is it infected  - Resolved HijackThis Logs - Malwarebytes Forum.htm
2014-08-01 19:04 - 2014-08-01 19:04 - 00000000 ____D () C:\Users\Chris\Desktop\Is it infected  - Resolved HijackThis Logs - Malwarebytes Forum_files
2014-07-31 00:22 - 2014-07-31 00:22 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\04DD0EF2.sys
2014-07-30 21:56 - 2014-07-30 22:02 - 281572600 _____ (Symantec Corporation) C:\Users\Chris\Desktop\NIS-ESD-21.3.0.12-EN.exe
2014-07-30 21:44 - 2014-07-30 21:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC
2014-07-30 21:44 - 2014-07-30 21:44 - 00000000 ____D () C:\Program Files\MPC-HC
2014-07-30 21:40 - 2014-07-30 21:43 - 00000756 _____ () C:\Windows\SecuniaPackage.log
2014-07-30 21:40 - 2014-07-30 21:40 - 00813232 _____ (RealNetworks, Inc.) C:\Users\Chris\Downloads\RealPlayer(1).exe
2014-07-30 21:29 - 2014-07-30 21:30 - 05329480 _____ (Secunia) C:\Users\Chris\Downloads\PSISetup(1).exe
2014-07-30 00:18 - 2014-07-30 00:18 - 12846640 _____ (Adobe Systems Inc.) C:\Users\Chris\Downloads\Shockwave_Installer_Full.exe
2014-07-30 00:16 - 2014-07-30 00:16 - 00264757 _____ () C:\Users\Chris\Downloads\FHSetup(3).exe
2014-07-29 23:52 - 2014-07-29 23:52 - 00414392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1406674367993
2014-07-29 23:31 - 2014-08-16 17:33 - 00000000 ____D () C:\ProgramData\Malwarebytes Anti-Exploit
2014-07-29 23:31 - 2014-07-29 23:31 - 00000899 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Exploit.lnk
2014-07-29 23:31 - 2014-07-29 23:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2014-07-29 23:31 - 2014-07-29 23:31 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Exploit
2014-07-29 23:25 - 2014-07-29 23:25 - 02650408 _____ (Malwarebytes ) C:\Users\Chris\Documents\mbae-setup-1.03.1.1220.exe
2014-07-29 22:40 - 2014-07-29 22:40 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-07-25 11:45 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-07-23 17:44 - 2014-06-06 09:59 - 00506880 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-23 17:44 - 2014-05-30 07:53 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-23 17:39 - 2014-07-23 17:39 - 00000000 ____D () C:\32520c3c60a76c33778286
2014-07-23 16:38 - 2014-08-16 22:47 - 01236838 _____ () C:\Windows\PFRO.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-19 11:37 - 2014-08-19 11:37 - 00016225 _____ () C:\Users\Chris\Desktop\FRST.txt
2014-08-19 11:37 - 2014-08-19 11:37 - 00000000 ____D () C:\FRST
2014-08-19 11:36 - 2014-08-19 11:36 - 01093632 _____ (Farbar) C:\Users\Chris\Desktop\FRST.exe
2014-08-19 11:36 - 2014-08-19 11:35 - 00029419 _____ () C:\Users\Chris\Desktop\Result.txt
2014-08-19 11:34 - 2014-08-19 11:34 - 00401920 _____ (Farbar) C:\Users\Chris\Desktop\MiniToolBox(1).exe
2014-08-19 11:03 - 2014-06-02 22:10 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2014-08-19 11:01 - 2014-06-02 22:04 - 00000884 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-19 10:47 - 2012-12-13 20:48 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-19 10:17 - 2006-11-02 13:47 - 00005184 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-19 10:17 - 2006-11-02 13:47 - 00005184 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-19 03:00 - 2012-06-09 17:42 - 01192818 _____ () C:\Windows\WindowsUpdate.log
2014-08-19 01:20 - 2012-12-13 20:48 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-08-19 01:20 - 2012-12-13 20:48 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-08-19 00:42 - 2014-08-19 00:42 - 00401920 _____ (Farbar) C:\Users\Chris\Downloads\MiniToolBox.exe
2014-08-18 19:01 - 2014-06-02 22:04 - 00000880 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-17 20:38 - 2014-08-17 20:38 - 00001055 _____ () C:\Users\Chris\Desktop\aa.txt
2014-08-17 20:17 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-17 20:16 - 2006-11-02 14:01 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-17 20:14 - 2014-08-17 20:14 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Chris\Desktop\tdsskiller.exe
2014-08-17 06:35 - 2013-07-23 22:29 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\vlc
2014-08-16 23:05 - 2012-03-26 14:25 - 670151961 _____ () C:\Users\Chris\Downloads\Luck.S01E09.HDTV.x264-ASAP.mp4
2014-08-16 23:05 - 2012-03-21 15:46 - 397912178 _____ () C:\Users\Chris\Downloads\Luck.S01E08.HDTV.x264-ASAP.mp4
2014-08-16 23:05 - 2012-03-12 10:36 - 576821360 _____ () C:\Users\Chris\Downloads\Luck.S01E07.HDTV.XviD-FQM.avi
2014-08-16 23:05 - 2012-03-05 19:36 - 576855038 _____ () C:\Users\Chris\Downloads\Luck.S01E06.HDTV.XviD-FQM.avi
2014-08-16 23:05 - 2012-02-27 06:14 - 356452428 _____ () C:\Users\Chris\Downloads\Luck.S01E05.HDTV.x264-ASAP.mp4
2014-08-16 23:05 - 2012-02-20 15:12 - 576626606 _____ () C:\Users\Chris\Downloads\Luck.S01E04.HDTV.XviD-ASAP.avi
2014-08-16 23:05 - 2012-02-15 23:21 - 576731670 _____ () C:\Users\Chris\Downloads\Luck.S01E03.HDTV.XviD-FQM.avi
2014-08-16 23:05 - 2012-02-11 00:12 - 576149790 _____ () C:\Users\Chris\Downloads\Luck.S01E02.HDTV.XviD-2HD.avi
2014-08-16 22:47 - 2014-07-23 16:38 - 01236838 _____ () C:\Windows\PFRO.log
2014-08-16 22:42 - 2014-08-16 22:42 - 00033972 _____ () C:\Users\Chris\Desktop\home.log
2014-08-16 22:26 - 2014-08-16 22:26 - 00380416 _____ () C:\Users\Chris\Desktop\yj9ndfwf.exe
2014-08-16 22:25 - 2014-08-16 22:19 - 00029790 _____ () C:\zoek-results.log
2014-08-16 22:25 - 2014-08-16 22:19 - 00000816 _____ () C:\runcheck.txt
2014-08-16 22:19 - 2014-08-16 22:19 - 00000000 ____D () C:\zoek_backup
2014-08-16 22:18 - 2014-08-16 22:17 - 01288704 _____ () C:\Users\Chris\Downloads\zoek.exe
2014-08-16 17:50 - 2014-08-16 17:50 - 00071950 _____ () C:\Users\Chris\Desktop\OTL.Txt
2014-08-16 17:50 - 2014-08-16 17:50 - 00030160 _____ () C:\Users\Chris\Desktop\Extras.Txt
2014-08-16 17:43 - 2012-06-03 09:55 - 00046080 _____ () C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-16 17:41 - 2014-08-16 17:41 - 00602112 _____ (OldTimer Tools) C:\Users\Chris\Desktop\OTL.exe
2014-08-16 17:33 - 2014-07-29 23:31 - 00000000 ____D () C:\ProgramData\Malwarebytes Anti-Exploit
2014-08-16 17:31 - 2011-12-31 14:09 - 00000000 ____D () C:\Users\Chris\AppData\Local\CrashDumps
2014-08-15 21:05 - 2014-06-02 22:05 - 00001931 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-15 16:19 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-08-15 16:12 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\rescache
2014-08-15 16:03 - 2006-11-02 11:33 - 00759582 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-15 15:57 - 2013-01-13 18:03 - 03610720 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-14 18:03 - 2013-08-14 03:08 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 18:01 - 2006-11-02 11:24 - 96303304 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-08-10 08:23 - 2012-10-25 16:53 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-08-10 08:23 - 2012-10-25 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-08-10 08:22 - 2008-10-23 13:07 - 00000000 ____D () C:\Program Files\WinRAR
2014-08-07 05:56 - 2014-08-07 05:56 - 00000000 ____D () C:\Windows\system32\14080601_stream
2014-08-05 09:20 - 2011-02-04 14:29 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-02 22:55 - 2014-08-02 22:55 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\AVAST Software
2014-08-02 22:54 - 2014-08-02 22:54 - 00001899 _____ () C:\Users\Public\Desktop\avast! SafeZone.lnk
2014-08-02 22:54 - 2014-08-02 22:54 - 00001839 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-08-02 22:54 - 2014-08-02 22:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-08-02 22:54 - 2014-08-02 22:53 - 00414520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-08-02 22:53 - 2014-08-02 22:53 - 00779536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-08-02 22:53 - 2014-08-02 22:53 - 00276432 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-08-02 22:53 - 2014-08-02 22:53 - 00192352 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-08-02 22:53 - 2014-08-02 22:53 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-08-02 22:53 - 2014-08-02 22:53 - 00057800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2014-08-02 22:53 - 2014-08-02 22:53 - 00055112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2014-08-02 22:53 - 2014-08-02 22:53 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-08-02 22:53 - 2014-08-02 22:53 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-02 22:53 - 2014-08-02 22:53 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-08-02 22:52 - 2014-08-02 22:53 - 00252872 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdis2.sys
2014-08-02 22:52 - 2014-08-02 22:53 - 00026136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-08-02 22:52 - 2014-08-02 22:52 - 00012112 _____ (ALWIL Software) C:\Windows\system32\Drivers\aswNdis.sys
2014-08-02 22:48 - 2014-08-02 22:48 - 00000000 ____D () C:\Program Files\AVAST Software
2014-08-02 22:48 - 2012-02-22 22:55 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-08-02 22:47 - 2014-08-02 22:47 - 00001737 _____ () C:\Users\Chris\Desktop\license 3109.avastlic
2014-08-02 22:45 - 2014-08-02 22:45 - 04834344 _____ (AVAST Software) C:\Users\Chris\Downloads\avast_internet_security_setup_online.exe
2014-08-02 16:00 - 2006-11-02 12:18 - 00000000 ___RD () C:\Users\Public
2014-08-01 21:06 - 2013-01-28 09:08 - 942385152 _____ () C:\Users\Chris\Downloads\SizableSend.com-Upload-01-26-2013-1453018---George-Orwell-1984-DVD-RIP.avi
2014-08-01 21:06 - 2012-02-29 00:31 - 270105706 _____ () C:\Users\Chris\Downloads\McKenzie_Lee_-_Cumshot_Compilation.avi
2014-08-01 21:06 - 2012-01-11 22:38 - 00294365 _____ () C:\Users\Chris\Downloads\vid2.3gp
2014-08-01 21:06 - 2012-01-11 21:25 - 10555954 _____ () C:\Users\Chris\Downloads\MOV00687.MP4
2014-08-01 21:05 - 2012-03-18 01:20 - 05032325 _____ () C:\Users\Chris\Downloads\20120317_142032-trim-03-17-trim-03-18-00-17-38.3gp
2014-08-01 21:05 - 2012-02-29 05:55 - 735026018 _____ () C:\Users\Chris\Downloads\(Movie) The Gambler (1974) (PeRfEcTo).avi
2014-08-01 21:05 - 2012-01-11 22:39 - 01327423 _____ () C:\Users\Chris\Downloads\a.3gp
2014-08-01 21:04 - 2012-01-11 21:22 - 07718796 _____ () C:\Users\Chris\Downloads\emandme.MPG
2014-08-01 21:02 - 2012-06-24 04:02 - 183541760 _____ () C:\Users\Chris\Downloads\classic emmerdale 2006.01.09.tvrip.xvid.(4254).robinhood99.avi
2014-08-01 19:13 - 2014-08-01 19:13 - 02347384 _____ (ESET) C:\Users\Chris\Downloads\esetsmartinstaller_enu.exe
2014-08-01 19:04 - 2014-08-01 19:04 - 00448512 _____ (OldTimer Tools) C:\Users\Chris\Downloads\TFC.exe
2014-08-01 19:04 - 2014-08-01 19:04 - 00388830 _____ () C:\Users\Chris\Desktop\Is it infected  - Resolved HijackThis Logs - Malwarebytes Forum.htm
2014-08-01 19:04 - 2014-08-01 19:04 - 00000000 ____D () C:\Users\Chris\Desktop\Is it infected  - Resolved HijackThis Logs - Malwarebytes Forum_files
2014-07-31 00:22 - 2014-07-31 00:22 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\04DD0EF2.sys
2014-07-30 22:02 - 2014-07-30 21:56 - 281572600 _____ (Symantec Corporation) C:\Users\Chris\Desktop\NIS-ESD-21.3.0.12-EN.exe
2014-07-30 21:52 - 2011-12-26 23:01 - 00000000 ____D () C:\Program Files\FileHippo.com
2014-07-30 21:44 - 2014-07-30 21:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC
2014-07-30 21:44 - 2014-07-30 21:44 - 00000000 ____D () C:\Program Files\MPC-HC
2014-07-30 21:43 - 2014-07-30 21:40 - 00000756 _____ () C:\Windows\SecuniaPackage.log
2014-07-30 21:43 - 2013-08-17 03:35 - 00000819 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-07-30 21:43 - 2013-08-17 03:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-07-30 21:41 - 2012-03-30 08:47 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR
2014-07-30 21:40 - 2014-07-30 21:40 - 00813232 _____ (RealNetworks, Inc.) C:\Users\Chris\Downloads\RealPlayer(1).exe
2014-07-30 21:30 - 2014-07-30 21:29 - 05329480 _____ (Secunia) C:\Users\Chris\Downloads\PSISetup(1).exe
2014-07-30 00:18 - 2014-07-30 00:18 - 12846640 _____ (Adobe Systems Inc.) C:\Users\Chris\Downloads\Shockwave_Installer_Full.exe
2014-07-30 00:16 - 2014-07-30 00:16 - 00264757 _____ () C:\Users\Chris\Downloads\FHSetup(3).exe
2014-07-30 00:10 - 2013-05-06 12:27 - 00000680 _____ () C:\Users\Chris\AppData\Local\d3d9caps.dat
2014-07-30 00:09 - 2013-05-06 14:42 - 00000069 _____ () C:\Windows\NeroDigital.ini
2014-07-29 23:58 - 2013-10-31 01:26 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-07-29 23:52 - 2014-07-29 23:52 - 00414392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1406674367993
2014-07-29 23:31 - 2014-07-29 23:31 - 00000899 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Exploit.lnk
2014-07-29 23:31 - 2014-07-29 23:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2014-07-29 23:31 - 2014-07-29 23:31 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Exploit
2014-07-29 23:30 - 2014-05-04 22:44 - 00003976 _____ () C:\DelFix.txt
2014-07-29 23:25 - 2014-07-29 23:25 - 02650408 _____ (Malwarebytes ) C:\Users\Chris\Documents\mbae-setup-1.03.1.1220.exe
2014-07-29 22:40 - 2014-07-29 22:40 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-07-28 21:34 - 2006-11-02 11:23 - 00000215 _____ () C:\Windows\system.ini
2014-07-25 11:47 - 2013-05-08 16:51 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-25 05:26 - 2014-08-14 17:27 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-07-25 03:53 - 2014-08-14 17:27 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-25 03:01 - 2013-05-08 16:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-24 19:07 - 2014-08-14 17:28 - 12356608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-24 18:58 - 2014-08-14 17:28 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-24 18:57 - 2014-08-14 17:28 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-24 18:52 - 2014-08-14 17:28 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-24 18:51 - 2014-08-14 17:28 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-24 18:51 - 2014-08-14 17:28 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-24 18:50 - 2014-08-14 17:28 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-07-24 18:50 - 2014-08-14 17:28 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-24 18:49 - 2014-08-14 17:28 - 01802240 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-24 18:49 - 2014-08-14 17:28 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-24 18:49 - 2014-08-14 17:28 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-24 18:49 - 2014-08-14 17:28 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-24 18:49 - 2014-08-14 17:28 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-24 18:48 - 2014-08-14 17:28 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-24 18:48 - 2014-08-14 17:28 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-24 18:48 - 2014-08-14 17:28 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-24 18:48 - 2014-08-14 17:28 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-24 18:48 - 2014-08-14 17:28 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-07-24 18:48 - 2014-08-14 17:28 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-07-24 18:48 - 2014-08-14 17:28 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-07-24 18:47 - 2014-08-14 17:28 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-23 18:16 - 2006-11-02 13:37 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-23 17:39 - 2014-07-23 17:39 - 00000000 ____D () C:\32520c3c60a76c33778286

Some content of TEMP:
====================
C:\Users\Chris\AppData\Local\temp\7za.exe
C:\Users\Chris\AppData\Local\temp\hijackthis.exe
C:\Users\Chris\AppData\Local\temp\NirCmd.exe
C:\Users\Chris\AppData\Local\temp\PEVZ.EXE
C:\Users\Chris\AppData\Local\temp\remove.exe
C:\Users\Chris\AppData\Local\temp\sed.exe
C:\Users\Chris\AppData\Local\temp\shortcut.exe
C:\Users\Chris\AppData\Local\temp\swreg.exe
C:\Users\Chris\AppData\Local\temp\swxcacls.exe
C:\Users\Chris\AppData\Local\temp\wget.exe
C:\Users\Chris\AppData\Local\temp\zoek-delete.exe
C:\Users\Chris\AppData\Local\temp\{02D04974-D8DF-4DA1-97ED-617E906FD7A4}.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-19 08:46

==================== End Of Log ============================


  • 0

#14
macca2
Posted 19 August 2014 - 01:32 PM

macca2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

20:19:31.0482 0x0c8c  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
20:19:33.0494 0x0c8c  ============================================================
20:19:33.0494 0x0c8c  Current date / time: 2014/08/17 20:19:33.0494
20:19:33.0494 0x0c8c  SystemInfo:
20:19:33.0494 0x0c8c  
20:19:33.0494 0x0c8c  OS Version: 6.0.6002 ServicePack: 2.0
20:19:33.0494 0x0c8c  Product type: Workstation
20:19:33.0494 0x0c8c  ComputerName: DELL-530
20:19:33.0494 0x0c8c  UserName: Chris
20:19:33.0494 0x0c8c  Windows directory: C:\Windows
20:19:33.0494 0x0c8c  System windows directory: C:\Windows
20:19:33.0494 0x0c8c  Processor architecture: Intel x86
20:19:33.0494 0x0c8c  Number of processors: 2
20:19:33.0494 0x0c8c  Page size: 0x1000
20:19:33.0494 0x0c8c  Boot type: Normal boot
20:19:33.0494 0x0c8c  ============================================================
20:19:33.0494 0x0c8c  BG loaded
20:19:34.0243 0x0c8c  System UUID: {063AE146-6BF1-B610-C935-AFF57B61E7F0}
20:19:36.0100 0x0c8c  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:19:36.0162 0x0c8c  ============================================================
20:19:36.0178 0x0c8c  \Device\Harddisk0\DR0:
20:19:36.0240 0x0c8c  MBR partitions:
20:19:36.0240 0x0c8c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x240A5800
20:19:36.0240 0x0c8c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x240A6000, BlocksNum 0x1388000
20:19:36.0240 0x0c8c  ============================================================
20:19:36.0833 0x0c8c  C: <-> \Device\Harddisk0\DR0\Partition1
20:19:37.0145 0x0c8c  D: <-> \Device\Harddisk0\DR0\Partition2
20:19:37.0145 0x0c8c  ============================================================
20:19:37.0145 0x0c8c  Initialize success
20:19:37.0145 0x0c8c  ============================================================
20:20:50.0272 0x168c  ============================================================
20:20:50.0272 0x168c  Scan started
20:20:50.0272 0x168c  Mode: Manual; SigCheck; TDLFS;
20:20:50.0272 0x168c  ============================================================
20:20:50.0272 0x168c  KSN ping started
20:20:56.0100 0x168c  KSN ping finished: true
20:20:57.0915 0x168c  ================ Scan system memory ========================
20:20:57.0915 0x168c  System memory - ok
20:20:57.0918 0x168c  ================ Scan services =============================
20:20:58.0509 0x168c  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
20:20:58.0733 0x168c  ACPI - ok
20:20:58.0842 0x168c  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:20:58.0854 0x168c  AdobeARMservice - ok
20:20:58.0985 0x168c  [ A6B6AB9502B63F43A9A56AE6AFB22078, DD1F0BA3D8F3333F52A71EAE3719A001F6EF844D647FFABF0E4C56C6C764ACA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:20:59.0012 0x168c  AdobeFlashPlayerUpdateSvc - ok
20:20:59.0111 0x168c  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
20:20:59.0141 0x168c  adp94xx - ok
20:20:59.0184 0x168c  [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
20:20:59.0204 0x168c  adpahci - ok
20:20:59.0226 0x168c  [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
20:20:59.0241 0x168c  adpu160m - ok
20:20:59.0257 0x168c  [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
20:20:59.0272 0x168c  adpu320 - ok
20:20:59.0314 0x168c  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:20:59.0400 0x168c  AeLookupSvc - ok
20:20:59.0446 0x168c  [ 330A1E4DF07C2E29949ED8631CD8828E, 139127405B2D635B0252FF8D7308D671546F20B051C93C50A9013E7AB9D54835 ] AERTFilters     C:\Windows\system32\AERTSrv.exe
20:20:59.0491 0x168c  AERTFilters - ok
20:20:59.0578 0x168c  [ F5272A105F59A7B3B345D9D6D87DA7AD, 9E84776994D04240BF2537330DBB555EDE16DFCFC59DEDCBA05A44ED7F70BEFA ] AFD             C:\Windows\system32\drivers\afd.sys
20:20:59.0626 0x168c  AFD - ok
20:20:59.0695 0x168c  [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440          C:\Windows\system32\drivers\agp440.sys
20:20:59.0735 0x168c  agp440 - ok
20:20:59.0924 0x168c  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
20:21:00.0040 0x168c  aic78xx - ok
20:21:00.0090 0x168c  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
20:21:00.0177 0x168c  ALG - ok
20:21:00.0196 0x168c  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B40EB044A318319F ] aliide          C:\Windows\system32\drivers\aliide.sys
20:21:00.0235 0x168c  aliide - ok
20:21:00.0255 0x168c  [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
20:21:00.0291 0x168c  amdagp - ok
20:21:00.0318 0x168c  [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B613F5553B145C7B ] amdide          C:\Windows\system32\drivers\amdide.sys
20:21:00.0334 0x168c  amdide - ok
20:21:00.0375 0x168c  [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
20:21:00.0451 0x168c  AmdK7 - ok
20:21:00.0485 0x168c  [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
20:21:00.0557 0x168c  AmdK8 - ok
20:21:00.0629 0x168c  [ 8F7D200717A58E9800D391F4C2101577, F07CF0F5636F46D8F3D5133284943E991E8739E5A644BCA5F18BB896B374620D ] Appinfo         C:\Windows\System32\appinfo.dll
20:21:00.0642 0x168c  Appinfo - ok
20:21:00.0704 0x168c  [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc             C:\Windows\system32\drivers\arc.sys
20:21:00.0727 0x168c  arc - ok
20:21:00.0769 0x168c  [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
20:21:00.0786 0x168c  arcsas - ok
20:21:00.0911 0x168c  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:21:00.0975 0x168c  aspnet_state - ok
20:21:01.0020 0x168c  [ 3BFBB5DAE801CB893B8B46345FED6437, 2C2B71C1294585265D4871E74F17541500CA20DE34AC516F2A906DD81964C833 ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
20:21:01.0073 0x168c  aswHwid - ok
20:21:01.0125 0x168c  [ 4E39E113E8F5FEE3C49160A0D657A4D5, AAB66B7C0EC63FD457F579ABDC21ED96F5E11C546AA7067AF2BA79BADCDE00B2 ] aswKbd          C:\Windows\system32\drivers\aswKbd.sys
20:21:01.0136 0x168c  aswKbd - ok
20:21:01.0176 0x168c  [ C3014C735F450FE822C97FFBB0627113, 1CCFE845AED1757B8C1F52D310933076FF1EC197D82E499DB4592B09D66137B0 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
20:21:01.0187 0x168c  aswMonFlt - ok
20:21:01.0246 0x168c  [ 7B948E3657BEA62E437BC46CA6EF6012, D518FEB29DBCC1406FFFAF7F618A4475B0A469D4C2714313859D7AD402283A5C ] aswNdis         C:\Windows\system32\DRIVERS\aswNdis.sys
20:21:01.0264 0x168c  aswNdis - ok
20:21:01.0339 0x168c  [ 8807767A4C1137A131A26546ED9EBDCB, 6EA5A474B0126289B051BB246525FB7F424E965DE271ACB8F2A3CE25C1179C78 ] aswNdis2        C:\Windows\system32\drivers\aswNdis2.sys
20:21:01.0402 0x168c  aswNdis2 - ok
20:21:01.0442 0x168c  [ D6C9024F5D14843D33ADA8A6A10A1BE1, D40022D0A360FD4010D3D5D452BBC4CE9EE68224DEAB9584626E6F435E128857 ] aswRdr          C:\Windows\system32\drivers\aswRdr.sys
20:21:01.0456 0x168c  aswRdr - ok
20:21:01.0473 0x168c  [ B7750AF7EDFD95674EB7CA92BCDD3358, A097577004F3CF71E2F9465F02B073D39926D7DEE2E2A9516D888158A5CB19E9 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
20:21:01.0488 0x168c  aswRvrt - ok
20:21:01.0567 0x168c  [ 51FDE588D860857A97E4C4B560E40C9B, 8A3AC3E55249DAE6CCD95593989F8B100D5C4712A16681A36E5D0F2F08BD57AA ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
20:21:01.0639 0x168c  aswSnx - ok
20:21:01.0719 0x168c  [ 1AEB8CDB797666AF709A291B47AE81E0, 12AC4DBC6338BA5E5C04B449FF8362E7EC8EBFCA675C4F21BE847DFDCAE8F7C9 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
20:21:01.0747 0x168c  aswSP - ok
20:21:01.0804 0x168c  [ 26C51C289E39E8EE0F12B8B06B71E436, 81382FC3E836698432EE832A166F09251CC9164B17584E90F73037A1FA54E4F7 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
20:21:01.0816 0x168c  aswTdi - ok
20:21:01.0841 0x168c  [ 90BEE0170D70D6744CEF2355EEAF8086, 8F9FF53F529B854934020E2F8163605DC794FF48464D3D4439BAAF70ECE8E963 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
20:21:01.0887 0x168c  aswVmm - ok
20:21:01.0950 0x168c  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:21:02.0015 0x168c  AsyncMac - ok
20:21:02.0132 0x168c  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys
20:21:02.0145 0x168c  atapi - ok
20:21:02.0308 0x168c  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:21:02.0428 0x168c  AudioEndpointBuilder - ok
20:21:02.0464 0x168c  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
20:21:02.0498 0x168c  Audiosrv - ok
20:21:02.0771 0x168c  [ 73F5C13B431915BAE35254B4E95DFB71, 393A045859382C44133C004598B1512048046BCC129FED2247A77FDBFCDB6DFF ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
20:21:02.0782 0x168c  avast! Antivirus - ok
20:21:02.0902 0x168c  [ D386D51B1839E208EF7CCFBFA964638E, 56BF72AE80DFBB5A99A060591A9250BA0D4B9FDF1BEF23C87B61169D2D0EF111 ] avast! Firewall C:\Program Files\AVAST Software\Avast\afwServ.exe
20:21:02.0918 0x168c  avast! Firewall - ok
20:21:03.0180 0x168c  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:21:03.0236 0x168c  Beep - ok
20:21:03.0341 0x168c  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
20:21:03.0423 0x168c  BFE - ok
20:21:03.0535 0x168c  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\system32\qmgr.dll
20:21:03.0667 0x168c  BITS - ok
20:21:03.0716 0x168c  [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
20:21:03.0816 0x168c  blbdrive - ok
20:21:03.0870 0x168c  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:21:03.0892 0x168c  bowser - ok
20:21:04.0430 0x168c  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
20:21:04.0520 0x168c  BrFiltLo - ok
20:21:04.0539 0x168c  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
20:21:04.0585 0x168c  BrFiltUp - ok
20:21:04.0648 0x168c  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
20:21:04.0787 0x168c  Browser - ok
20:21:04.0829 0x168c  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
20:21:04.0936 0x168c  Brserid - ok
20:21:04.0981 0x168c  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
20:21:05.0144 0x168c  BrSerWdm - ok
20:21:05.0213 0x168c  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
20:21:05.0387 0x168c  BrUsbMdm - ok
20:21:05.0418 0x168c  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
20:21:05.0523 0x168c  BrUsbSer - ok
20:21:05.0588 0x168c  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
20:21:05.0682 0x168c  BTHMODEM - ok
20:21:06.0037 0x168c  catchme - ok
20:21:06.0128 0x168c  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:21:06.0209 0x168c  cdfs - ok
20:21:06.0264 0x168c  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
20:21:06.0317 0x168c  cdrom - ok
20:21:06.0390 0x168c  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
20:21:06.0439 0x168c  CertPropSvc - ok
20:21:06.0461 0x168c  [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass        C:\Windows\system32\drivers\circlass.sys
20:21:06.0496 0x168c  circlass - ok
20:21:06.0612 0x168c  [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS            C:\Windows\system32\CLFS.sys
20:21:06.0744 0x168c  CLFS - ok
20:21:06.0806 0x168c  [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:21:06.0856 0x168c  clr_optimization_v2.0.50727_32 - ok
20:21:06.0886 0x168c  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:21:06.0983 0x168c  clr_optimization_v4.0.30319_32 - ok
20:21:07.0003 0x168c  [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC4652953091E5C5 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:21:07.0018 0x168c  cmdide - ok
20:21:07.0031 0x168c  [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
20:21:07.0050 0x168c  Compbatt - ok
20:21:07.0056 0x168c  COMSysApp - ok
20:21:07.0099 0x168c  [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
20:21:07.0135 0x168c  crcdisk - ok
20:21:07.0158 0x168c  [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
20:21:07.0189 0x168c  Crusoe - ok
20:21:07.0258 0x168c  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:21:07.0298 0x168c  CryptSvc - ok
20:21:07.0443 0x168c  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:21:07.0525 0x168c  DcomLaunch - ok
20:21:07.0553 0x168c  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:21:07.0590 0x168c  DfsC - ok
20:21:07.0695 0x168c  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
20:21:07.0869 0x168c  DFSR - ok
20:21:07.0937 0x168c  [ 54D0B8343CE8C22412A5F29D32EFD211, D78BF09680FF19523C84E862593B45637D91A079C79CAB63A13726E7ACA8ABBF ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
20:21:08.0006 0x168c  dg_ssudbus - ok
20:21:08.0112 0x168c  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
20:21:08.0141 0x168c  Dhcp - ok
20:21:08.0172 0x168c  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
20:21:08.0189 0x168c  disk - ok
20:21:08.0213 0x168c  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:21:08.0252 0x168c  Dnscache - ok
20:21:08.0298 0x168c  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
20:21:08.0366 0x168c  dot3svc - ok
20:21:08.0454 0x168c  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
20:21:08.0508 0x168c  DPS - ok
20:21:08.0542 0x168c  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:21:08.0628 0x168c  drmkaud - ok
20:21:08.0726 0x168c  [ 5C2C209CDEFBC51D83D66E8A53B2BE89, 7AE68672A6BEEF601017BE28AA0BF3673318EFE97AA08E70F58A9391C54DF71F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:21:08.0755 0x168c  DXGKrnl - ok
20:21:08.0813 0x168c  [ 908ED85B7806E8AF3AF5E9B74F7809D4, 9A763D247035578A946094D2C1CE8204E6EDFFD7237C7BF2058B5F4ECC0306E0 ] e1express       C:\Windows\system32\DRIVERS\e1e6032.sys
20:21:08.0868 0x168c  e1express - ok
20:21:08.0928 0x168c  [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
20:21:08.0963 0x168c  E1G60 - ok
20:21:08.0992 0x168c  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
20:21:09.0046 0x168c  EapHost - ok
20:21:09.0119 0x168c  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache          C:\Windows\system32\drivers\ecache.sys
20:21:09.0140 0x168c  Ecache - ok
20:21:09.0291 0x168c  [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
20:21:09.0315 0x168c  ehRecvr - ok
20:21:09.0374 0x168c  [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched         C:\Windows\ehome\ehsched.exe
20:21:09.0423 0x168c  ehSched - ok
20:21:09.0454 0x168c  [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart         C:\Windows\ehome\ehstart.dll
20:21:09.0491 0x168c  ehstart - ok
20:21:09.0555 0x168c  [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
20:21:09.0609 0x168c  elxstor - ok
20:21:09.0674 0x168c  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
20:21:09.0736 0x168c  EMDMgmt - ok
20:21:09.0773 0x168c  [ 3DB974F3935483555D7148663F726C61, C288CFC04213B0340ABEC752C0A7B308B29122B5F51E68387BA1D9E9D7166FDD ] ErrDev          C:\Windows\system32\drivers\errdev.sys
20:21:09.0829 0x168c  ErrDev - ok
20:21:09.0907 0x168c  [ D34D4AB8D612B7D5B04CC60A0F820A07, 375BE18E2A872C9949E0B3390E263EA4E691E2DCE7CCDAE9A3607B88796DB81D ] ESProtectionDriver C:\Program Files\Malwarebytes Anti-Exploit\mbae.sys
20:21:09.0920 0x168c  ESProtectionDriver - ok
20:21:09.0976 0x168c  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
20:21:10.0008 0x168c  EventSystem - ok
20:21:10.0124 0x168c  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
20:21:10.0164 0x168c  exfat - ok
20:21:10.0200 0x168c  [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:21:10.0333 0x168c  fastfat - ok
20:21:10.0397 0x168c  [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
20:21:10.0459 0x168c  fdc - ok
20:21:10.0487 0x168c  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
20:21:10.0543 0x168c  fdPHost - ok
20:21:10.0560 0x168c  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
20:21:10.0641 0x168c  FDResPub - ok
20:21:10.0669 0x168c  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:21:10.0686 0x168c  FileInfo - ok
20:21:10.0712 0x168c  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:21:10.0759 0x168c  Filetrace - ok
20:21:10.0774 0x168c  [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
20:21:10.0830 0x168c  flpydisk - ok
20:21:10.0867 0x168c  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:21:10.0884 0x168c  FltMgr - ok
20:21:10.0969 0x168c  [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache       C:\Windows\system32\FntCache.dll
20:21:11.0104 0x168c  FontCache - ok
20:21:11.0173 0x168c  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:21:11.0275 0x168c  FontCache3.0.0.0 - ok
20:21:11.0291 0x168c  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:21:11.0354 0x168c  Fs_Rec - ok
20:21:11.0382 0x168c  [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
20:21:11.0417 0x168c  gagp30kx - ok
20:21:11.0476 0x168c  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll
20:21:11.0597 0x168c  gpsvc - ok
20:21:11.0628 0x168c  [ CB751449CD98244B358682362B45BF48, C2F97001F5B4203A3F885EEB7BB9CDF5F44A53FC71984728CA2B3AED835F3074 ] gttap1          C:\Windows\system32\DRIVERS\gttap1.sys
20:21:11.0643 0x168c  gttap1 - ok
20:21:11.0756 0x168c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
20:21:11.0769 0x168c  gupdate - ok
20:21:11.0780 0x168c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
20:21:11.0793 0x168c  gupdatem - ok
20:21:11.0862 0x168c  [ 3F90E001369A07243763BD5A523D8722, 25907F85787D879E75C3FE74C93567382AFB2D528BEEC61D71E3A6BE2D71DFBE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:21:11.0910 0x168c  HdAudAddService - ok
20:21:11.0970 0x168c  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
20:21:12.0035 0x168c  HDAudBus - ok
20:21:12.0147 0x168c  [ 5DC84FEF6A9050019678C30B1D01C8E8, 923B1CDAEDF153FA280EF301A8BEE0F44DF4B13716A8FE6B0785433F85884D6C ] HDDHealth       C:\Program Files\HDD Health\HDDHealthService.exe
20:21:12.0186 0x168c  HDDHealth - detected UnsignedFile.Multi.Generic ( 1 )
20:21:14.0727 0x168c  Detect skipped due to KSN trusted
20:21:14.0727 0x168c  HDDHealth - ok
20:21:14.0766 0x168c  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
20:21:14.0808 0x168c  HidBth - ok
20:21:14.0848 0x168c  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
20:21:14.0899 0x168c  HidIr - ok
20:21:14.0967 0x168c  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\System32\hidserv.dll
20:21:15.0040 0x168c  hidserv - ok
20:21:15.0092 0x168c  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
20:21:15.0199 0x168c  HidUsb - ok
20:21:15.0326 0x168c  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:21:15.0353 0x168c  hkmsvc - ok
20:21:15.0425 0x168c  [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
20:21:15.0582 0x168c  HpCISSs - ok
20:21:15.0903 0x168c  [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:21:15.0974 0x168c  HTTP - ok
20:21:16.0051 0x168c  [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
20:21:16.0131 0x168c  i2omp - ok
20:21:16.0390 0x168c  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
20:21:17.0051 0x168c  i8042prt - ok
20:21:17.0218 0x168c  [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
20:21:17.0276 0x168c  iaStorV - ok
20:21:17.0461 0x168c  [ DD386C45D2B5863740166783448A2E7A, 10B912BA70306644BE73A53AF4DCDFF63880C4C5860FF6DBA92B0914EB566718 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:21:17.0552 0x168c  idsvc - ok
20:21:17.0749 0x168c  [ 63C56DAC467EF814B60FF2AA2286C917, C3CF0FEE8FF3C7300D3561217717F53ECD22DEE55D9C904C8E990BE5F9A3D99F ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
20:21:18.0068 0x168c  igfx - ok
20:21:18.0140 0x168c  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
20:21:18.0153 0x168c  iirsp - ok
20:21:18.0380 0x168c  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll
20:21:18.0466 0x168c  IKEEXT - ok
20:21:19.0493 0x168c  [ F8F53C5449F15B23D4C61D51D2701DA8, BDAE41E3A5798FA11E979DAE84EB5F21D9C271196A757429ED1DACD732822CF9 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
20:21:19.0678 0x168c  IntcAzAudAddService - ok
20:21:19.0758 0x168c  [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide        C:\Windows\system32\drivers\intelide.sys
20:21:19.0801 0x168c  intelide - ok
20:21:19.0899 0x168c  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
20:21:19.0951 0x168c  intelppm - ok
20:21:20.0016 0x168c  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:21:20.0072 0x168c  IPBusEnum - ok
20:21:20.0133 0x168c  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:21:20.0203 0x168c  IpFilterDriver - ok
20:21:20.0277 0x168c  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:21:20.0348 0x168c  iphlpsvc - ok
20:21:20.0382 0x168c  [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
20:21:20.0453 0x168c  IPMIDRV - ok
20:21:20.0508 0x168c  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
20:21:20.0616 0x168c  IPNAT - ok
20:21:20.0669 0x168c  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:21:20.0911 0x168c  IRENUM - ok
20:21:20.0970 0x168c  [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:21:21.0169 0x168c  isapnp - ok
20:21:21.0257 0x168c  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
20:21:21.0276 0x168c  iScsiPrt - ok
20:21:21.0312 0x168c  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
20:21:21.0404 0x168c  iteatapi - ok
20:21:21.0445 0x168c  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
20:21:21.0463 0x168c  iteraid - ok
20:21:21.0504 0x168c  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
20:21:21.0549 0x168c  kbdclass - ok
20:21:21.0607 0x168c  [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
20:21:21.0669 0x168c  kbdhid - ok
20:21:21.0732 0x168c  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe
20:21:21.0809 0x168c  KeyIso - ok
20:21:22.0185 0x168c  [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:21:22.0247 0x168c  KSecDD - ok
20:21:22.0328 0x168c  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:21:22.0405 0x168c  KtmRm - ok
20:21:22.0455 0x168c  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\System32\srvsvc.dll
20:21:22.0538 0x168c  LanmanServer - ok
20:21:22.0667 0x168c  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:21:22.0729 0x168c  LanmanWorkstation - ok
20:21:22.0767 0x168c  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:21:22.0812 0x168c  lltdio - ok
20:21:22.0951 0x168c  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:21:23.0044 0x168c  lltdsvc - ok
20:21:23.0095 0x168c  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:21:23.0156 0x168c  lmhosts - ok
20:21:23.0265 0x168c  [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
20:21:23.0350 0x168c  LSI_FC - ok
20:21:23.0426 0x168c  [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
20:21:23.0495 0x168c  LSI_SAS - ok
20:21:23.0518 0x168c  [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
20:21:23.0587 0x168c  LSI_SCSI - ok
20:21:23.0653 0x168c  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
20:21:23.0714 0x168c  luafv - ok
20:21:23.0807 0x168c  [ 4BC55ED4E547AD01F692853AE208461A, 1615A10AC09D6627FC2705D6301553E1991E80A864A87E38611B1357C78599BA ] MbaeSvc         C:\Program Files\Malwarebytes Anti-Exploit\mbae-svc.exe
20:21:23.0856 0x168c  MbaeSvc - ok
20:21:23.0981 0x168c  [ 8683C1B450F4B3872839308D836E0F92, C6CEEEA780D2191AEAC2537FD96324FF5501D92CE46313FB95ABB51765D919ED ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
20:21:23.0990 0x168c  MBAMProtector - ok
20:21:24.0590 0x168c  [ D84AEA3F3329D622DFC1297DDDF6163B, 316FE56CC30ED1473A917253F46B79EAA12F4ABD5B4B1ADB03929DFEE940F577 ] MBAMScheduler   C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
20:21:24.0684 0x168c  MBAMScheduler - ok
20:21:25.0023 0x168c  [ 4F45ED469906494F9BF754E476390DBD, D8FF6AFD73D8C191F5732DF9737E6F83B2B52B06A3A6CD4CC6EAC9464CBB2772 ] MBAMService     C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
20:21:25.0146 0x168c  MBAMService - ok
20:21:25.0512 0x168c  [ 12E71DA845D76665B56753AD149E32B3, 0E403710CCBACD5AB85FD4C32AAB6CB2C27BC1F043E8008EE49EE96ECA944146 ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
20:21:25.0526 0x168c  MBAMSwissArmy - ok
20:21:25.0601 0x168c  [ 799613BA73D25641402AA81B6403EFF8, 55FFF9248C0798346888071A60BF42C809C5D4C7BBA92C97B617F7B6681E00F3 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
20:21:25.0615 0x168c  MBAMWebAccessControl - ok
20:21:25.0697 0x168c  [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
20:21:25.0930 0x168c  Mcx2Svc - ok
20:21:26.0149 0x168c  [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas         C:\Windows\system32\drivers\megasas.sys
20:21:26.0278 0x168c  megasas - ok
20:21:26.0581 0x168c  [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
20:21:27.0113 0x168c  MegaSR - ok
20:21:27.0404 0x168c  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
20:21:27.0597 0x168c  MMCSS - ok
20:21:27.0803 0x168c  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
20:21:28.0030 0x168c  Modem - ok
20:21:28.0375 0x168c  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:21:28.0497 0x168c  monitor - ok
20:21:28.0577 0x168c  [ E07AFAF733D3004F5DC64AA3A47700B1, FD3126FAA0D74F03E5104485438B07CB321530E8AAC57B99AF7BF39078982FDA ] MOSUMAC         C:\Windows\system32\DRIVERS\MOSUMAC.SYS
20:21:28.0680 0x168c  MOSUMAC - ok
20:21:28.0713 0x168c  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:21:28.0727 0x168c  mouclass - ok
20:21:28.0778 0x168c  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:21:28.0932 0x168c  mouhid - ok
20:21:29.0004 0x168c  [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
20:21:29.0248 0x168c  MountMgr - ok
20:21:29.0561 0x168c  [ 4E9D8041D352A33332FD6F59A3A78B03, D4E6229B07EF9866993EEE4F6223DC7F1FF1108273FE14A3DC74E65C181DE56A ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:21:29.0789 0x168c  MozillaMaintenance - ok
20:21:30.0033 0x168c  [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio            C:\Windows\system32\drivers\mpio.sys
20:21:30.0706 0x168c  mpio - ok
20:21:31.0230 0x168c  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:21:32.0305 0x168c  mpsdrv - ok
20:21:33.0428 0x168c  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:21:33.0806 0x168c  MpsSvc - ok
20:21:33.0897 0x168c  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
20:21:33.0945 0x168c  Mraid35x - ok
20:21:34.0081 0x168c  [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:21:34.0383 0x168c  MRxDAV - ok
20:21:34.0510 0x168c  [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:21:34.0524 0x168c  mrxsmb - ok
20:21:34.0729 0x168c  [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:21:34.0751 0x168c  mrxsmb10 - ok
20:21:35.0000 0x168c  [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:21:35.0499 0x168c  mrxsmb20 - ok
20:21:35.0611 0x168c  [ 28023E86F17001F7CD9B15A5BC9AE07D, FC7EAA592C5F796E3BCD7F7EF261709CD899B33FC8486E594A480F143D0D6320 ] msahci          C:\Windows\system32\drivers\msahci.sys
20:21:35.0644 0x168c  msahci - ok
20:21:35.0683 0x168c  [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
20:21:35.0736 0x168c  msdsm - ok
20:21:35.0811 0x168c  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
20:21:35.0976 0x168c  MSDTC - ok
20:21:36.0079 0x168c  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:21:36.0106 0x168c  Msfs - ok
20:21:36.0270 0x168c  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:21:36.0327 0x168c  msisadrv - ok
20:21:36.0405 0x168c  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:21:36.0516 0x168c  MSiSCSI - ok
20:21:36.0552 0x168c  msiserver - ok
20:21:36.0658 0x168c  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:21:36.0756 0x168c  MSKSSRV - ok
20:21:36.0804 0x168c  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:21:36.0864 0x168c  MSPCLOCK - ok
20:21:37.0054 0x168c  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:21:37.0160 0x168c  MSPQM - ok
20:21:37.0248 0x168c  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:21:37.0343 0x168c  MsRPC - ok
20:21:37.0384 0x168c  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
20:21:37.0404 0x168c  mssmbios - ok
20:21:37.0480 0x168c  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:21:37.0537 0x168c  MSTEE - ok
20:21:37.0567 0x168c  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
20:21:37.0580 0x168c  Mup - ok
20:21:37.0676 0x168c  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
20:21:37.0752 0x168c  napagent - ok
20:21:37.0946 0x168c  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:21:38.0025 0x168c  NativeWifiP - ok
20:21:38.0220 0x168c  [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:21:38.0397 0x168c  NDIS - ok
20:21:38.0443 0x168c  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:21:38.0498 0x168c  NdisTapi - ok
20:21:38.0542 0x168c  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:21:38.0630 0x168c  Ndisuio - ok
20:21:38.0696 0x168c  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:21:38.0733 0x168c  NdisWan - ok
20:21:38.0782 0x168c  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:21:38.0831 0x168c  NDProxy - ok
20:21:38.0847 0x168c  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:21:38.0905 0x168c  NetBIOS - ok
20:21:39.0013 0x168c  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
20:21:39.0123 0x168c  netbt - ok
20:21:39.0179 0x168c  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe
20:21:39.0194 0x168c  Netlogon - ok
20:21:39.0548 0x168c  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
20:21:39.0640 0x168c  Netman - ok
20:21:39.0783 0x168c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:21:39.0998 0x168c  NetMsmqActivator - ok
20:21:40.0031 0x168c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:21:40.0051 0x168c  NetPipeActivator - ok
20:21:40.0114 0x168c  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
20:21:40.0181 0x168c  netprofm - ok
20:21:40.0301 0x168c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:21:40.0322 0x168c  NetTcpActivator - ok
20:21:40.0412 0x168c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:21:40.0429 0x168c  NetTcpPortSharing - ok
20:21:40.0480 0x168c  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
20:21:40.0521 0x168c  nfrd960 - ok
20:21:40.0656 0x168c  [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:21:40.0684 0x168c  NlaSvc - ok
20:21:40.0887 0x168c  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:21:40.0962 0x168c  Npfs - ok
20:21:41.0131 0x168c  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
20:21:41.0163 0x168c  nsi - ok
20:21:41.0230 0x168c  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:21:41.0362 0x168c  nsiproxy - ok
20:21:42.0169 0x168c  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:21:42.0672 0x168c  Ntfs - ok
20:21:42.0705 0x168c  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
20:21:42.0813 0x168c  ntrigdigi - ok
20:21:42.0839 0x168c  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
20:21:42.0924 0x168c  Null - ok
20:21:42.0973 0x168c  [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:21:43.0036 0x168c  nvraid - ok
20:21:43.0094 0x168c  [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:21:43.0115 0x168c  nvstor - ok
20:21:43.0145 0x168c  [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:21:43.0334 0x168c  nv_agp - ok
20:21:43.0438 0x168c  [ BE32DA025A0BE1878F0EE8D6D9386CD5, B9D6CB4626FC67D108D713467C9ED8D0E2A071D98621B5531AD9D0C172FE7B89 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
20:21:43.0543 0x168c  ohci1394 - ok
20:21:43.0950 0x168c  [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:21:44.0102 0x168c  ose - ok
20:21:44.0402 0x168c  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
20:21:44.0746 0x168c  p2pimsvc - ok
20:21:44.0891 0x168c  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
20:21:44.0936 0x168c  p2psvc - ok
20:21:44.0977 0x168c  [ 8A79FDF04A73428597E2CAF9D0D67850, DB438FDE5510AB2F350ED1AC4CF0E99D3CC665FE46533A438A8FDA4DAF950F93 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
20:21:45.0048 0x168c  Parport - ok
20:21:45.0117 0x168c  [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:21:45.0151 0x168c  partmgr - ok
20:21:45.0187 0x168c  [ 6C580025C81CAF3AE9E3617C22CAD00E, 64F9061196462085E5DCD3ACB97A0D8FC67CA9A96DDD6E2103AFFF1593AE236A ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
20:21:45.0290 0x168c  Parvdm - ok
20:21:45.0344 0x168c  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:21:45.0366 0x168c  PcaSvc - ok
20:21:45.0420 0x168c  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
20:21:45.0468 0x168c  pci - ok
20:21:45.0490 0x168c  [ 1636D43F10416AEB483BC6001097B26C, 36E61A993693A46538FE0F726D67BB28886F61D53384AD600D1282296A27662E ] pciide          C:\Windows\system32\drivers\pciide.sys
20:21:45.0502 0x168c  pciide - ok
20:21:45.0516 0x168c  [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
20:21:45.0551 0x168c  pcmcia - ok
20:21:45.0591 0x168c  [ 5B6C11DE7E839C05248CED8825470FEF, DB57DFD02C18461B1B383DF759730FFEE9C7FA8577E1679FD4740A590303EE79 ] pcouffin        C:\Windows\system32\Drivers\pcouffin.sys
20:21:45.0614 0x168c  pcouffin - ok
20:21:45.0725 0x168c  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:21:45.0813 0x168c  PEAUTH - ok
20:21:45.0919 0x168c  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
20:21:46.0189 0x168c  pla - ok
20:21:46.0267 0x168c  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:21:46.0317 0x168c  PlugPlay - ok
20:21:46.0459 0x168c  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
20:21:46.0530 0x168c  PNRPAutoReg - ok
20:21:46.0625 0x168c  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
20:21:46.0668 0x168c  PNRPsvc - ok
20:21:46.0771 0x168c  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:21:46.0833 0x168c  PolicyAgent - ok
20:21:46.0898 0x168c  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:21:46.0972 0x168c  PptpMiniport - ok
20:21:47.0065 0x168c  [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor       C:\Windows\system32\drivers\processr.sys
20:21:47.0181 0x168c  Processor - ok
20:21:47.0228 0x168c  [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc         C:\Windows\system32\profsvc.dll
20:21:47.0304 0x168c  ProfSvc - ok
20:21:47.0332 0x168c  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
20:21:47.0351 0x168c  ProtectedStorage - ok
20:21:47.0377 0x168c  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
20:21:47.0447 0x168c  PSched - ok
20:21:47.0646 0x168c  [ 05A0C2744CEAC6F1B723EC469B650EF0, D9F2E0E4431217C6A7CDE38D36362CD5A06E93B9F45F92638120EF151089B370 ] PSKMAD          C:\Windows\system32\DRIVERS\PSKMAD.sys
20:21:47.0727 0x168c  PSKMAD - ok
20:21:47.0879 0x168c  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300          C:\Windows\system32\drivers\ql2300.sys
20:21:47.0970 0x168c  ql2300 - ok
20:21:48.0008 0x168c  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
20:21:48.0050 0x168c  ql40xx - ok
20:21:48.0132 0x168c  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
20:21:48.0182 0x168c  QWAVE - ok
20:21:48.0225 0x168c  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:21:48.0281 0x168c  QWAVEdrv - ok
20:21:48.0305 0x168c  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:21:48.0357 0x168c  RasAcd - ok
20:21:48.0379 0x168c  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
20:21:48.0467 0x168c  RasAuto - ok
20:21:48.0507 0x168c  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:21:48.0553 0x168c  Rasl2tp - ok
20:21:48.0716 0x168c  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
20:21:48.0777 0x168c  RasMan - ok
20:21:48.0805 0x168c  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:21:48.0851 0x168c  RasPppoe - ok
20:21:48.0880 0x168c  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:21:48.0919 0x168c  RasSstp - ok
20:21:48.0954 0x168c  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:21:48.0985 0x168c  rdbss - ok
20:21:49.0006 0x168c  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:21:49.0062 0x168c  RDPCDD - ok
20:21:49.0077 0x168c  [ FBC0BACD9C3D7F6956853F64A66E252D, 7672B10C7039295B152C02C96903E869FF2C0A88A2C3FA89BAE9F1D593B43569 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
20:21:49.0114 0x168c  rdpdr - ok
20:21:49.0139 0x168c  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:21:49.0167 0x168c  RDPENCDD - ok
20:21:49.0184 0x168c  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:21:49.0235 0x168c  RDPWD - ok
20:21:49.0298 0x168c  [ 96EFEC24346A8EB1157E80523079ADDC, 7F8FC284029856C754E400B6C954369FFE27763C81D8F4AF4E58BFDD44CBC24A ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
20:21:49.0308 0x168c  RealNetworks Downloader Resolver Service - ok
20:21:49.0362 0x168c  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:21:49.0387 0x168c  RemoteAccess - ok
20:21:49.0415 0x168c  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:21:49.0460 0x168c  RemoteRegistry - ok
20:21:49.0506 0x168c  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
20:21:49.0521 0x168c  RpcLocator - ok
20:21:49.0661 0x168c  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\System32\rpcss.dll
20:21:49.0743 0x168c  RpcSs - ok
20:21:49.0810 0x168c  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:21:49.0893 0x168c  rspndr - ok
20:21:49.0996 0x168c  [ 283392AF1860ECDB5E0F8EBD7F3D72DF, B947025A41D7A16C48330ECE469860023D2109537A3DDC631C8EF9672687FF93 ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys
20:21:50.0096 0x168c  RTL8169 - ok
20:21:50.0122 0x168c  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe
20:21:50.0140 0x168c  SamSs - ok
20:21:50.0295 0x168c  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:21:50.0473 0x168c  sbp2port - ok
20:21:50.0529 0x168c  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:21:50.0582 0x168c  SCardSvr - ok
20:21:50.0645 0x168c  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule        C:\Windows\system32\schedsvc.dll
20:21:50.0738 0x168c  Schedule - ok
20:21:50.0870 0x168c  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:21:50.0894 0x168c  SCPolicySvc - ok
20:21:50.0939 0x168c  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:21:51.0086 0x168c  SDRSVC - ok
20:21:51.0151 0x168c  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:21:51.0274 0x168c  secdrv - ok
20:21:51.0296 0x168c  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
20:21:51.0333 0x168c  seclogon - ok
20:21:51.0363 0x168c  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\system32\sens.dll
20:21:51.0449 0x168c  SENS - ok
20:21:51.0487 0x168c  [ CE9EC966638EF0B10B864DDEDF62A099, 2DEC5A8C947D87C12B342F15B8A552A0D49B979A2AC32D2C97FC7A3A76C34524 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
20:21:51.0596 0x168c  Serenum - ok
20:21:51.0650 0x168c  [ 6D663022DB3E7058907784AE14B69898, 54263888C64A7F010D3B5E399369B0F3FF3AF0A0DE8ADB502B98277533E4D45F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
20:21:51.0751 0x168c  Serial - ok
20:21:51.0787 0x168c  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
20:21:51.0852 0x168c  sermouse - ok
20:21:51.0901 0x168c  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
20:21:51.0987 0x168c  SessionEnv - ok
20:21:52.0049 0x168c  [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
20:21:52.0077 0x168c  sffdisk - ok
20:21:52.0144 0x168c  [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
20:21:52.0284 0x168c  sffp_mmc - ok
20:21:52.0314 0x168c  [ 3D0EA348784B7AC9EA9BD9F317980979, 2500CE188C9B71C50E966FA575303AEFE50934E376C530AECEC7C7533C15EF08 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
20:21:52.0379 0x168c  sffp_sd - ok
20:21:52.0410 0x168c  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
20:21:52.0496 0x168c  sfloppy - ok
20:21:52.0587 0x168c  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:21:52.0618 0x168c  SharedAccess - ok
20:21:52.0646 0x168c  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:21:52.0690 0x168c  ShellHWDetection - ok
20:21:52.0717 0x168c  [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
20:21:52.0730 0x168c  sisagp - ok
20:21:52.0831 0x168c  [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
20:21:52.0888 0x168c  SiSRaid2 - ok
20:21:52.0937 0x168c  [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
20:21:52.0954 0x168c  SiSRaid4 - ok
20:21:53.0147 0x168c  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
20:21:53.0398 0x168c  slsvc - ok
20:21:53.0469 0x168c  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
20:21:53.0528 0x168c  SLUINotify - ok
20:21:53.0576 0x168c  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
20:21:53.0596 0x168c  Smb - ok
20:21:53.0649 0x168c  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:21:53.0668 0x168c  SNMPTRAP - ok
20:21:53.0706 0x168c  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
20:21:53.0721 0x168c  spldr - ok
20:21:53.0770 0x168c  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
20:21:53.0822 0x168c  Spooler - ok
20:21:53.0863 0x168c  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:21:53.0920 0x168c  srv - ok
20:21:54.0002 0x168c  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:21:54.0028 0x168c  srv2 - ok
20:21:54.0059 0x168c  [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:21:54.0139 0x168c  srvnet - ok
20:21:54.0176 0x168c  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:21:54.0214 0x168c  SSDPSRV - ok
20:21:54.0259 0x168c  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:21:54.0283 0x168c  SstpSvc - ok
20:21:54.0341 0x168c  [ D2C02234E3E87EA5FE420F045068099B, A5BFB342FFF50E6EAF5586A72BCBE56E9DA4F7AE612EDE7D20D77DB59472D3FE ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
20:21:54.0384 0x168c  ssudmdm - ok
20:21:54.0440 0x168c  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
20:21:54.0503 0x168c  stisvc - ok
20:21:54.0531 0x168c  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
20:21:54.0545 0x168c  swenum - ok
20:21:54.0615 0x168c  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
20:21:54.0651 0x168c  swprv - ok
20:21:54.0678 0x168c  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
20:21:54.0698 0x168c  Symc8xx - ok
20:21:54.0730 0x168c  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
20:21:54.0747 0x168c  Sym_hi - ok
20:21:54.0770 0x168c  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
20:21:54.0794 0x168c  Sym_u3 - ok
20:21:54.0846 0x168c  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
20:21:55.0009 0x168c  SysMain - ok
20:21:55.0046 0x168c  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:21:55.0064 0x168c  TabletInputService - ok
20:21:55.0136 0x168c  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:21:55.0190 0x168c  TapiSrv - ok
20:21:55.0243 0x168c  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
20:21:55.0290 0x168c  TBS - ok
20:21:55.0397 0x168c  [ A4196D394207369E1431E8681B373312, BEF96BAB70FDF94F8CB2942BDEA9B4D934443E5305E3FD737809C3F7524B1E8E ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:21:55.0647 0x168c  Tcpip - ok
20:21:55.0837 0x168c  [ A4196D394207369E1431E8681B373312, BEF96BAB70FDF94F8CB2942BDEA9B4D934443E5305E3FD737809C3F7524B1E8E ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
20:21:55.0883 0x168c  Tcpip6 - ok
20:21:55.0931 0x168c  [ 95389980F70FC4990A4395A0B8BBE1D6, FB5CBC85733A4EC4FB9F210A5D4E5989F6A3F2995D895F5B41163CDFC04DB82C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:21:55.0981 0x168c  tcpipreg - ok
20:21:56.0118 0x168c  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:21:56.0233 0x168c  TDPIPE - ok
20:21:56.0291 0x168c  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
20:21:56.0397 0x168c  TDTCP - ok
20:21:56.0445 0x168c  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:21:56.0472 0x168c  tdx - ok
20:21:56.0490 0x168c  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
20:21:56.0506 0x168c  TermDD - ok
20:21:56.0694 0x168c  [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService     C:\Windows\System32\termsrv.dll
20:21:56.0740 0x168c  TermService - ok
20:21:56.0761 0x168c  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
20:21:56.0792 0x168c  Themes - ok
20:21:56.0826 0x168c  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
20:21:56.0852 0x168c  THREADORDER - ok
20:21:56.0893 0x168c  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
20:21:56.0921 0x168c  TrkWks - ok
20:21:57.0008 0x168c  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:21:57.0051 0x168c  TrustedInstaller - ok
20:21:57.0133 0x168c  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:21:57.0175 0x168c  tssecsrv - ok
20:21:57.0215 0x168c  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
20:21:57.0228 0x168c  tunmp - ok
20:21:57.0253 0x168c  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:21:57.0266 0x168c  tunnel - ok
20:21:57.0282 0x168c  [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
20:21:57.0295 0x168c  uagp35 - ok
20:21:57.0317 0x168c  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:21:57.0349 0x168c  udfs - ok
20:21:57.0365 0x168c  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:21:57.0398 0x168c  UI0Detect - ok
20:21:57.0414 0x168c  [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:21:57.0431 0x168c  uliagpkx - ok
20:21:57.0444 0x168c  [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
20:21:57.0467 0x168c  uliahci - ok
20:21:57.0486 0x168c  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
20:21:57.0503 0x168c  UlSata - ok
20:21:57.0512 0x168c  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
20:21:57.0528 0x168c  ulsata2 - ok
20:21:57.0535 0x168c  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
20:21:57.0565 0x168c  umbus - ok
20:21:57.0585 0x168c  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
20:21:57.0619 0x168c  upnphost - ok
20:21:57.0631 0x168c  [ 8BD3AE150D97BA4E633C6C5C51B41AE1, 6B529901B0311197CB67B9D9A2DED7D79B820F66E75BEF0FA912EFE50F941217 ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
20:21:57.0689 0x168c  usbccgp - ok
20:21:57.0705 0x168c  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
20:21:57.0757 0x168c  usbcir - ok
20:21:57.0799 0x168c  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
20:21:57.0812 0x168c  usbehci - ok
20:21:57.0833 0x168c  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
20:21:57.0850 0x168c  usbhub - ok
20:21:57.0869 0x168c  [ 7BDB7B0E7D45AC0402D78B90789EF47C, 321C70DFB8F21AFF236C815F2BCC5F778177A83C7238177DA73B82A906CC116E ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
20:21:58.0020 0x168c  usbohci - ok
20:21:58.0046 0x168c  [ B51E52ACF758BE00EF3A58EA452FE360, 79E629EC5DE8AB7F31B0EE9AE94C71E8F703FED5C09A816228726974F7790C85 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
20:21:58.0127 0x168c  usbprint - ok
20:21:58.0135 0x168c  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:21:58.0161 0x168c  USBSTOR - ok
20:21:58.0191 0x168c  [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
20:21:58.0207 0x168c  usbuhci - ok
20:21:58.0252 0x168c  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
20:21:58.0279 0x168c  UxSms - ok
20:21:58.0319 0x168c  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
20:21:58.0389 0x168c  vds - ok
20:21:58.0428 0x168c  [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
20:21:58.0487 0x168c  vga - ok
20:21:58.0511 0x168c  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
20:21:58.0540 0x168c  VgaSave - ok
20:21:58.0562 0x168c  [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
20:21:58.0583 0x168c  viaagp - ok
20:21:58.0601 0x168c  [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
20:21:58.0631 0x168c  ViaC7 - ok
20:21:58.0649 0x168c  [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C1B76F0F994E06D ] viaide          C:\Windows\system32\drivers\viaide.sys
20:21:58.0664 0x168c  viaide - ok
20:21:58.0684 0x168c  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:21:58.0700 0x168c  volmgr - ok
20:21:58.0723 0x168c  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:21:58.0747 0x168c  volmgrx - ok
20:21:58.0770 0x168c  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:21:58.0792 0x168c  volsnap - ok
20:21:58.0802 0x168c  [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
20:21:58.0819 0x168c  vsmraid - ok
20:21:58.0882 0x168c  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
20:21:59.0012 0x168c  VSS - ok
20:21:59.0121 0x168c  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
20:21:59.0159 0x168c  W32Time - ok
20:21:59.0174 0x168c  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
20:21:59.0252 0x168c  WacomPen - ok
20:21:59.0280 0x168c  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
20:21:59.0307 0x168c  Wanarp - ok
20:21:59.0315 0x168c  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:21:59.0339 0x168c  Wanarpv6 - ok
20:21:59.0470 0x168c  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:21:59.0528 0x168c  wcncsvc - ok
20:21:59.0562 0x168c  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:21:59.0621 0x168c  WcsPlugInService - ok
20:21:59.0707 0x168c  [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd              C:\Windows\system32\drivers\wd.sys
20:21:59.0764 0x168c  Wd - ok
20:21:59.0940 0x168c  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:21:59.0976 0x168c  Wdf01000 - ok
20:22:00.0026 0x168c  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:22:00.0128 0x168c  WdiServiceHost - ok
20:22:00.0172 0x168c  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:22:00.0206 0x168c  WdiSystemHost - ok
20:22:00.0328 0x168c  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient       C:\Windows\System32\webclnt.dll
20:22:00.0408 0x168c  WebClient - ok
20:22:00.0422 0x168c  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:22:00.0483 0x168c  Wecsvc - ok
20:22:00.0513 0x168c  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:22:00.0577 0x168c  wercplsupport - ok
20:22:00.0609 0x168c  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:22:00.0647 0x168c  WerSvc - ok
20:22:00.0777 0x168c  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
20:22:00.0835 0x168c  WinDefend - ok
20:22:00.0856 0x168c  WinHttpAutoProxySvc - ok
20:22:01.0120 0x168c  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:22:01.0156 0x168c  Winmgmt - ok
20:22:01.0450 0x168c  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
20:22:01.0666 0x168c  WinRM - ok
20:22:01.0780 0x168c  [ 30FC6E5448D0CBAAA95280EEEF7FEDAE, 04374450882504D9031951F4E9317E5A128EBA5A22A3555ACD28BC742861AF9C ] WinUSB          C:\Windows\system32\DRIVERS\WinUSB.sys
20:22:01.0855 0x168c  WinUSB - ok
20:22:01.0944 0x168c  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
20:22:01.0976 0x168c  Wlansvc - ok
20:22:02.0062 0x168c  [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
20:22:02.0084 0x168c  WmiAcpi - ok
20:22:02.0163 0x168c  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:22:02.0222 0x168c  wmiApSrv - ok
20:22:02.0439 0x168c  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
20:22:02.0691 0x168c  WMPNetworkSvc - ok
20:22:02.0782 0x168c  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:22:02.0806 0x168c  WPCSvc - ok
20:22:02.0820 0x168c  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:22:02.0860 0x168c  WPDBusEnum - ok
20:22:02.0929 0x168c  [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
20:22:02.0975 0x168c  WpdUsb - ok
20:22:03.0518 0x168c  [ F8D3544ACBCE9110362119F7C10D848E, 31C49201A931751A36286874AC0B929D886F490D7CE48CCC9283850A56AD9FD9 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:22:03.0564 0x168c  WPFFontCache_v0400 - ok
20:22:03.0627 0x168c  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:22:03.0656 0x168c  ws2ifsl - ok
20:22:03.0706 0x168c  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\system32\wscsvc.dll
20:22:03.0730 0x168c  wscsvc - ok
20:22:03.0740 0x168c  WSearch - ok
20:22:03.0907 0x168c  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
20:22:04.0096 0x168c  wuauserv - ok
20:22:04.0140 0x168c  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:22:04.0236 0x168c  WudfPf - ok
20:22:04.0343 0x168c  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
20:22:04.0435 0x168c  WUDFRd - ok
20:22:04.0476 0x168c  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:22:04.0530 0x168c  wudfsvc - ok
20:22:04.0563 0x168c  ================ Scan global ===============================
20:22:04.0590 0x168c  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
20:22:04.0692 0x168c  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
20:22:04.0786 0x168c  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
20:22:04.0874 0x168c  [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
20:22:04.0885 0x168c  [ Global ] - ok
20:22:04.0885 0x168c  ================ Scan MBR ==================================
20:22:04.0910 0x168c  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
20:22:07.0576 0x168c  \Device\Harddisk0\DR0 - ok
20:22:07.0577 0x168c  ================ Scan VBR ==================================
20:22:07.0616 0x168c  [ 3DFD8F055873D9238E5377622DA9FB66 ] \Device\Harddisk0\DR0\Partition1
20:22:07.0660 0x168c  \Device\Harddisk0\DR0\Partition1 - ok
20:22:07.0694 0x168c  [ C16041381DB22404C8FC65DDE425FB44 ] \Device\Harddisk0\DR0\Partition2
20:22:07.0763 0x168c  \Device\Harddisk0\DR0\Partition2 - ok
20:22:07.0764 0x168c  ================ Scan active images ========================
20:22:07.0766 0x168c  [ 36975327EF03949CC378AB01E316B574, C64CEF47DE41486F4532B9A38EBB05F2043B1A84762B8A4749BB01573B7F8FB5 ] C:\Windows\System32\drivers\crashdmp.sys
20:22:07.0766 0x168c  C:\Windows\System32\drivers\crashdmp.sys - ok
20:22:07.0770 0x168c  [ C67EBF9C05531C406E1E079FF669A2E6, 5B457E9C981CB0FEB4A5C9FFA16412D129186CB090127FC517B827BC530CBBE3 ] C:\Windows\System32\drivers\Dumpata.sys
20:22:07.0770 0x168c  C:\Windows\System32\drivers\Dumpata.sys - ok
20:22:07.0774 0x168c  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] C:\Windows\System32\drivers\atapi.sys
20:22:07.0774 0x168c  C:\Windows\System32\drivers\atapi.sys - ok
20:22:07.0778 0x168c  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] C:\Windows\System32\drivers\tunnel.sys
20:22:07.0778 0x168c  C:\Windows\System32\drivers\tunnel.sys - ok
20:22:07.0781 0x168c  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] C:\Windows\System32\drivers\TUNMP.SYS
20:22:07.0781 0x168c  C:\Windows\System32\drivers\TUNMP.SYS - ok
20:22:07.0785 0x168c  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] C:\Windows\System32\drivers\intelppm.sys
20:22:07.0785 0x168c  C:\Windows\System32\drivers\intelppm.sys - ok
20:22:07.0789 0x168c  [ 63C56DAC467EF814B60FF2AA2286C917, C3CF0FEE8FF3C7300D3561217717F53ECD22DEE55D9C904C8E990BE5F9A3D99F ] C:\Windows\System32\drivers\igdkmd32.sys
20:22:07.0789 0x168c  C:\Windows\System32\drivers\igdkmd32.sys - ok
20:22:07.0793 0x168c  [ 5C2C209CDEFBC51D83D66E8A53B2BE89, 7AE68672A6BEEF601017BE28AA0BF3673318EFE97AA08E70F58A9391C54DF71F ] C:\Windows\System32\drivers\dxgkrnl.sys
20:22:07.0793 0x168c  C:\Windows\System32\drivers\dxgkrnl.sys - ok
20:22:07.0797 0x168c  [ 4A5C31E2C1646034E6A60EBA4C747FF6, CC5473E0B07014AAD4FCC2EE01C9E607FE43422A5A5851B2AD38E37C0AB7CDCF ] C:\Windows\System32\drivers\watchdog.sys
20:22:07.0797 0x168c  C:\Windows\System32\drivers\watchdog.sys - ok
20:22:07.0801 0x168c  [ 908ED85B7806E8AF3AF5E9B74F7809D4, 9A763D247035578A946094D2C1CE8204E6EDFFD7237C7BF2058B5F4ECC0306E0 ] C:\Windows\System32\drivers\e1e6032.sys
20:22:07.0801 0x168c  C:\Windows\System32\drivers\e1e6032.sys - ok
20:22:07.0805 0x168c  [ B09C74A41F26B08149707EA5E7F956C2, E6ECA1E437E5390A3A43DAA5E1B5C384D70C114707CA34018DB1A6AE37219E9B ] C:\Windows\System32\drivers\usbport.sys
20:22:07.0805 0x168c  C:\Windows\System32\drivers\usbport.sys - ok
20:22:07.0809 0x168c  [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] C:\Windows\System32\drivers\usbuhci.sys
20:22:07.0809 0x168c  C:\Windows\System32\drivers\usbuhci.sys - ok
20:22:07.0812 0x168c  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] C:\Windows\System32\drivers\usbehci.sys
20:22:07.0812 0x168c  C:\Windows\System32\drivers\usbehci.sys - ok
20:22:07.0817 0x168c  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] C:\Windows\System32\drivers\hdaudbus.sys
20:22:07.0817 0x168c  C:\Windows\System32\drivers\hdaudbus.sys - ok
20:22:07.0821 0x168c  [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] C:\Windows\System32\drivers\fdc.sys
20:22:07.0821 0x168c  C:\Windows\System32\drivers\fdc.sys - ok
20:22:07.0825 0x168c  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] C:\Windows\System32\drivers\cdrom.sys
20:22:07.0825 0x168c  C:\Windows\System32\drivers\cdrom.sys - ok
20:22:07.0829 0x168c  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] C:\Windows\System32\drivers\msiscsi.sys
20:22:07.0829 0x168c  C:\Windows\System32\drivers\msiscsi.sys - ok
20:22:07.0834 0x168c  [ 47E55AFE1ED1D5AFF09690DB226F4A7A, 6D9EF6C4A70BD9C5DD98F70516257C377D97C30AFD4ABA7E1C721D84672C9084 ] C:\Windows\System32\drivers\Storport.sys
20:22:07.0834 0x168c  C:\Windows\System32\drivers\Storport.sys - ok
20:22:07.0838 0x168c  [ 77937EFF009AC696B90E09F671F9D0A4, EF51316C44529E17B2C09EA06D55B4EF7BCC8B6EB8FEC02DE64005F99AA32C95 ] C:\Windows\System32\drivers\tdi.sys
20:22:07.0838 0x168c  C:\Windows\System32\drivers\tdi.sys - ok
20:22:07.0841 0x168c  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] C:\Windows\System32\drivers\rasl2tp.sys
20:22:07.0841 0x168c  C:\Windows\System32\drivers\rasl2tp.sys - ok
20:22:07.0847 0x168c  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] C:\Windows\System32\drivers\ndistapi.sys
20:22:07.0847 0x168c  C:\Windows\System32\drivers\ndistapi.sys - ok
20:22:07.0850 0x168c  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] C:\Windows\System32\drivers\ndiswan.sys
20:22:07.0850 0x168c  C:\Windows\System32\drivers\ndiswan.sys - ok
20:22:07.0857 0x168c  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] C:\Windows\System32\drivers\raspppoe.sys
20:22:07.0857 0x168c  C:\Windows\System32\drivers\raspppoe.sys - ok
20:22:07.0860 0x168c  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] C:\Windows\System32\drivers\raspptp.sys
20:22:07.0860 0x168c  C:\Windows\System32\drivers\raspptp.sys - ok
20:22:07.0864 0x168c  [ CB751449CD98244B358682362B45BF48, C2F97001F5B4203A3F885EEB7BB9CDF5F44A53FC71984728CA2B3AED835F3074 ] C:\Windows\System32\drivers\gttap1.sys
20:22:07.0864 0x168c  C:\Windows\System32\drivers\gttap1.sys - ok
20:22:07.0871 0x168c  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] C:\Windows\System32\drivers\rassstp.sys
20:22:07.0871 0x168c  C:\Windows\System32\drivers\rassstp.sys - ok
20:22:07.0874 0x168c  [ 5B6C11DE7E839C05248CED8825470FEF, DB57DFD02C18461B1B383DF759730FFEE9C7FA8577E1679FD4740A590303EE79 ] C:\Windows\System32\drivers\pcouffin.sys
20:22:07.0874 0x168c  C:\Windows\System32\drivers\pcouffin.sys - ok
20:22:07.0878 0x168c  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] C:\Windows\System32\drivers\termdd.sys
20:22:07.0878 0x168c  C:\Windows\System32\drivers\termdd.sys - ok
20:22:07.0881 0x168c  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] C:\Windows\System32\drivers\kbdclass.sys
20:22:07.0881 0x168c  C:\Windows\System32\drivers\kbdclass.sys - ok
20:22:07.0885 0x168c  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] C:\Windows\System32\drivers\mouclass.sys
20:22:07.0885 0x168c  C:\Windows\System32\drivers\mouclass.sys - ok
20:22:07.0889 0x168c  [ EF73C1E29FBE7B0FD0274BF4394E346A, F0C0524E6FE2E0EB9230995230868A4FFAA510129B7464BD7DB8AE9C8EAE4CF5 ] C:\Windows\System32\drivers\ks.sys
20:22:07.0889 0x168c  C:\Windows\System32\drivers\ks.sys - ok
20:22:07.0894 0x168c  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] C:\Windows\System32\drivers\swenum.sys
20:22:07.0894 0x168c  C:\Windows\System32\drivers\swenum.sys - ok
20:22:07.0897 0x168c  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] C:\Windows\System32\drivers\mssmbios.sys
20:22:07.0897 0x168c  C:\Windows\System32\drivers\mssmbios.sys - ok
20:22:07.0900 0x168c  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] C:\Windows\System32\drivers\umbus.sys
20:22:07.0900 0x168c  C:\Windows\System32\drivers\umbus.sys - ok
20:22:07.0903 0x168c  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] C:\Windows\System32\drivers\usbhub.sys
20:22:07.0904 0x168c  C:\Windows\System32\drivers\usbhub.sys - ok
20:22:07.0906 0x168c  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] C:\Windows\System32\drivers\ndproxy.sys
20:22:07.0906 0x168c  C:\Windows\System32\drivers\ndproxy.sys - ok
20:22:07.0909 0x168c  [ 2A63675F6FA8EF0FF9F5C72695584CAA, 35828A7FF9242EF161639E3B9E6D98EFCFE82D683F7E219FCAEF9F6D9C89007B ] C:\Windows\System32\drivers\drmk.sys
20:22:07.0909 0x168c  C:\Windows\System32\drivers\drmk.sys - ok
20:22:07.0913 0x168c  [ 6DBA75306DD9B242B6F1C343179AD201, DC20492A07685588E6FE9F7B7AE01CA23EC9315CEA198F3BC58EE1CB6D0A1FD4 ] C:\Windows\System32\drivers\portcls.sys
20:22:07.0913 0x168c  C:\Windows\System32\drivers\portcls.sys - ok
20:22:07.0921 0x168c  [ F8F53C5449F15B23D4C61D51D2701DA8, BDAE41E3A5798FA11E979DAE84EB5F21D9C271196A757429ED1DACD732822CF9 ] C:\Windows\System32\drivers\RTKVHDA.sys
20:22:07.0921 0x168c  C:\Windows\System32\drivers\RTKVHDA.sys - ok
20:22:07.0927 0x168c  [ 51FDE588D860857A97E4C4B560E40C9B, 8A3AC3E55249DAE6CCD95593989F8B100D5C4712A16681A36E5D0F2F08BD57AA ] C:\Windows\System32\drivers\aswSnx.sys
20:22:07.0927 0x168c  C:\Windows\System32\drivers\aswSnx.sys - ok
20:22:07.0933 0x168c  [ 1AEB8CDB797666AF709A291B47AE81E0, 12AC4DBC6338BA5E5C04B449FF8362E7EC8EBFCA675C4F21BE847DFDCAE8F7C9 ] C:\Windows\System32\drivers\aswsp.sys
20:22:07.0933 0x168c  C:\Windows\System32\drivers\aswsp.sys - ok
20:22:07.0939 0x168c  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] C:\Windows\System32\drivers\beep.sys
20:22:07.0940 0x168c  C:\Windows\System32\drivers\beep.sys - ok
20:22:07.0944 0x168c  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] C:\Windows\System32\drivers\fs_rec.sys
20:22:07.0944 0x168c  C:\Windows\System32\drivers\fs_rec.sys - ok
20:22:07.0947 0x168c  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] C:\Windows\System32\drivers\null.sys
20:22:07.0948 0x168c  C:\Windows\System32\drivers\null.sys - ok
20:22:07.0953 0x168c  [ BE4AD4045D7A6C6AF4ECCBD5F6B7F8D8, 980EB88D5B52AA1E9BE7FC7B92BFF02578DD643928A1B14488F0729F0B762EEE ] C:\Windows\System32\drivers\hidparse.sys
20:22:07.0953 0x168c  C:\Windows\System32\drivers\hidparse.sys - ok
20:22:07.0957 0x168c  [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] C:\Windows\System32\drivers\kbdhid.sys
20:22:07.0957 0x168c  C:\Windows\System32\drivers\kbdhid.sys - ok
20:22:07.0960 0x168c  [ 4E39E113E8F5FEE3C49160A0D657A4D5, AAB66B7C0EC63FD457F579ABDC21ED96F5E11C546AA7067AF2BA79BADCDE00B2 ] C:\Windows\System32\drivers\aswKbd.sys
20:22:07.0960 0x168c  C:\Windows\System32\drivers\aswKbd.sys - ok
20:22:07.0963 0x168c  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] C:\Windows\System32\drivers\vga.sys
20:22:07.0963 0x168c  C:\Windows\System32\drivers\vga.sys - ok
20:22:07.0966 0x168c  [ C048D2C33D27441A0CDCAAE2651EB03D, CD7F755400EF36C9EC689480AC425B8A8395F649B2843DE762997524C9B381DF ] C:\Windows\System32\drivers\videoprt.sys
20:22:07.0966 0x168c  C:\Windows\System32\drivers\videoprt.sys - ok
20:22:07.0969 0x168c  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] C:\Windows\System32\drivers\RDPCDD.sys
20:22:07.0969 0x168c  C:\Windows\System32\drivers\RDPCDD.sys - ok
20:22:07.0972 0x168c  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] C:\Windows\System32\drivers\RDPENCDD.sys
20:22:07.0972 0x168c  C:\Windows\System32\drivers\RDPENCDD.sys - ok
20:22:07.0975 0x168c  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] C:\Windows\System32\drivers\msfs.sys
20:22:07.0975 0x168c  C:\Windows\System32\drivers\msfs.sys - ok
20:22:07.0978 0x168c  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] C:\Windows\System32\drivers\npfs.sys
20:22:07.0978 0x168c  C:\Windows\System32\drivers\npfs.sys - ok
20:22:07.0981 0x168c  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] C:\Windows\System32\drivers\rasacd.sys
20:22:07.0981 0x168c  C:\Windows\System32\drivers\rasacd.sys - ok
20:22:07.0984 0x168c  [ 26C51C289E39E8EE0F12B8B06B71E436, 81382FC3E836698432EE832A166F09251CC9164B17584E90F73037A1FA54E4F7 ] C:\Windows\System32\drivers\aswTdi.sys
20:22:07.0984 0x168c  C:\Windows\System32\drivers\aswTdi.sys - ok
20:22:07.0986 0x168c  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] C:\Windows\System32\drivers\tdx.sys
20:22:07.0986 0x168c  C:\Windows\System32\drivers\tdx.sys - ok
20:22:07.0989 0x168c  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] C:\Windows\System32\drivers\smb.sys
20:22:07.0989 0x168c  C:\Windows\System32\drivers\smb.sys - ok
20:22:07.0992 0x168c  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] C:\Windows\System32\drivers\netbt.sys
20:22:07.0992 0x168c  C:\Windows\System32\drivers\netbt.sys - ok
20:22:07.0996 0x168c  [ F5272A105F59A7B3B345D9D6D87DA7AD, 9E84776994D04240BF2537330DBB555EDE16DFCFC59DEDCBA05A44ED7F70BEFA ] C:\Windows\System32\drivers\afd.sys
20:22:07.0996 0x168c  C:\Windows\System32\drivers\afd.sys - ok
20:22:08.0001 0x168c  [ D6C9024F5D14843D33ADA8A6A10A1BE1, D40022D0A360FD4010D3D5D452BBC4CE9EE68224DEAB9584626E6F435E128857 ] C:\Windows\System32\drivers\aswRdr.sys
20:22:08.0001 0x168c  C:\Windows\System32\drivers\aswRdr.sys - ok
20:22:08.0008 0x168c  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] C:\Windows\System32\drivers\ws2ifsl.sys
20:22:08.0008 0x168c  C:\Windows\System32\drivers\ws2ifsl.sys - ok
20:22:08.0012 0x168c  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] C:\Windows\System32\drivers\pacer.sys
20:22:08.0012 0x168c  C:\Windows\System32\drivers\pacer.sys - ok
20:22:08.0015 0x168c  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] C:\Windows\System32\drivers\netbios.sys
20:22:08.0015 0x168c  C:\Windows\System32\drivers\netbios.sys - ok
20:22:08.0020 0x168c  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] C:\Windows\System32\drivers\wanarp.sys
20:22:08.0020 0x168c  C:\Windows\System32\drivers\wanarp.sys - ok
20:22:08.0024 0x168c  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] C:\Windows\System32\drivers\rdbss.sys
20:22:08.0024 0x168c  C:\Windows\System32\drivers\rdbss.sys - ok
20:22:08.0028 0x168c  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] C:\Windows\System32\drivers\nsiproxy.sys
20:22:08.0028 0x168c  C:\Windows\System32\drivers\nsiproxy.sys - ok
20:22:08.0032 0x168c  [ D34D4AB8D612B7D5B04CC60A0F820A07, 375BE18E2A872C9949E0B3390E263EA4E691E2DCE7CCDAE9A3607B88796DB81D ] C:\Program Files\Malwarebytes Anti-Exploit\mbae.sys
20:22:08.0033 0x168c  C:\Program Files\Malwarebytes Anti-Exploit\mbae.sys - ok
20:22:08.0037 0x168c  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] C:\Windows\System32\drivers\dfsc.sys
20:22:08.0037 0x168c  C:\Windows\System32\drivers\dfsc.sys - ok
20:22:08.0040 0x168c  [ B9FDFF876B0E7B4FECBAA5708C6ED616, 588B9677758DB19186ABE59D256D7E7CF224CA1923A60E37BFBDD03E8DAB9DB7 ] C:\Windows\System32\ntdll.dll
20:22:08.0040 0x168c  C:\Windows\System32\ntdll.dll - ok
20:22:08.0043 0x168c  [ BE7480C91E89EB82FC080F772C220AE4, 31A63BAA21B73B7395A2271A219E0A9B100E9CDEB275FF906F5C05B0A433BAB5 ] C:\Windows\System32\smss.exe
20:22:08.0043 0x168c  C:\Windows\System32\smss.exe - ok
20:22:08.0046 0x168c  [ 10761177A6EBE45843F443E99509F5E7, BB51065931E61EDBC920924D96B502D46E2967FFAFCE589171FC0D3AD43463CB ] C:\Windows\System32\autochk.exe
20:22:08.0046 0x168c  C:\Windows\System32\autochk.exe - ok
20:22:08.0049 0x168c  [ 5961CADB7CAD938368D2028725EF771D, F688F8FF3B2F104295B779749977779BAAF79392965A92B33074B6088168DB46 ] C:\Windows\System32\drivers\hidclass.sys
20:22:08.0049 0x168c  C:\Windows\System32\drivers\hidclass.sys - ok
20:22:08.0051 0x168c  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] C:\Windows\System32\drivers\hidusb.sys
20:22:08.0052 0x168c  C:\Windows\System32\drivers\hidusb.sys - ok
20:22:08.0054 0x168c  [ FE619ED13CE12F5B43C04E3EA061BBD6, DDED6F0C5987CCF81AC1FA8C670D84153C8F7A3492C4139B273DA7F8C98BE55A ] C:\Windows\System32\drivers\usbd.sys
20:22:08.0054 0x168c  C:\Windows\System32\drivers\usbd.sys - ok
20:22:08.0057 0x168c  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] C:\Windows\System32\drivers\mouhid.sys
20:22:08.0057 0x168c  C:\Windows\System32\drivers\mouhid.sys - ok
20:22:08.0060 0x168c  [ 1CBF77E333C1251DD3AF76FD9F67C5D1, 16FB6520E40E2B79F74E55D81E6121CF777282F4C61AD2B69BEC2ECC2F3433CA ] C:\Windows\System32\iertutil.dll
20:22:08.0060 0x168c  C:\Windows\System32\iertutil.dll - ok
20:22:08.0063 0x168c  [ 75510147B94598407666F4802797C75A, D9F989669EB0AAF384AA5462DD632999BF9C5A6BDB75C4F8857A6E9BDBE82B64 ] C:\Windows\System32\user32.dll
20:22:08.0063 0x168c  C:\Windows\System32\user32.dll - ok
20:22:08.0065 0x168c  [ 17AF64D727545F2804F6E6D998327E3F, CAD50C5321BF522CA6CA74662D032A98705ADD04A8BE38576B8EF0B8CE6DBA8A ] C:\Windows\System32\msvcrt.dll
20:22:08.0066 0x168c  C:\Windows\System32\msvcrt.dll - ok
20:22:08.0068 0x168c  [ EB0E02749CE5C488741C9A0ABEAB5DEC, 558C6304AFD4DA12F8976F699E39D6C1749F28A2AD4308B1C9E6D56288405FBD ] C:\Windows\System32\lpk.dll
20:22:08.0068 0x168c  C:\Windows\System32\lpk.dll - ok
20:22:08.0073 0x168c  [ B218342214D9BBA0F54EA12BA2E9278C, 0B68D881F3B60068C250A97492B81DB8463FFB4FDADC26CD14E2255472A6A2A0 ] C:\Windows\System32\oleaut32.dll
20:22:08.0073 0x168c  C:\Windows\System32\oleaut32.dll - ok
20:22:08.0076 0x168c  [ 09EA40F4DAD2EDB3587E5E0BAA9C3E15, 45EDA279BD838BD65702762E4EFEDA8F4178F9478E21678B8C75D1AA4015906E ] C:\Windows\System32\imagehlp.dll
20:22:08.0076 0x168c  C:\Windows\System32\imagehlp.dll - ok
20:22:08.0079 0x168c  [ C8BDCECEE082B54F0BAC838BF0A34597, 8C451FA2BA8E38D83E50EBF1D9F56FCBCBC7E2C6898C15254FE9F337F279E0C1 ] C:\Windows\System32\imm32.dll
20:22:08.0079 0x168c  C:\Windows\System32\imm32.dll - ok
20:22:08.0082 0x168c  [ 4AA2A0E26CEF1A803741253DCF9A1503, 8718BF6DC8678BDC5AF627F82D14E2D857D94A760529FF00F1D7B066F46CA832 ] C:\Windows\System32\comdlg32.dll
20:22:08.0082 0x168c  C:\Windows\System32\comdlg32.dll - ok
20:22:08.0083 0x168c  [ 551F51B66E5EA87A38D8197EB3BDB57A, 2006D0418848EAA2361C26D18246D0BAA646B6F25F2C0035BDC82967E9BD73F1 ] C:\Windows\System32\setupapi.dll
20:22:08.0083 0x168c  C:\Windows\System32\setupapi.dll - ok
20:22:08.0086 0x168c  [ E389C328AC7FE5673593ECAD269E7A54, 4EACF7F293D736941BC9F1FA5E70C11EF55CCF74664ECDEF56DA53BA043C0C38 ] C:\Windows\System32\rpcrt4.dll
20:22:08.0086 0x168c  C:\Windows\System32\rpcrt4.dll - ok
20:22:08.0089 0x168c  [ 526014FFF6F612D9D0E86C874E7B0C36, 0E704D56E95F2AA4FF99D21064EAECC407D40B23E77330F3A7AA81236066697E ] C:\Windows\System32\wininet.dll
20:22:08.0089 0x168c  C:\Windows\System32\wininet.dll - ok
20:22:08.0092 0x168c  [ 6F29236AB5926100972924BD29D9D225, E8B517FC36F25C4AE07021473B0BCDCDDD4B6E3FE004E6B0AD449C030267674C ] C:\Windows\System32\normaliz.dll
20:22:08.0092 0x168c  C:\Windows\System32\normaliz.dll - ok
20:22:08.0095 0x168c  [ B8A609FB5EFB4E44FC1355B1C01C64BC, BB84036F8F16C6E2069FD8B18078A7E6CC98B513285FB1A8DC727B395C9E3A12 ] C:\Windows\System32\Wldap32.dll
20:22:08.0095 0x168c  C:\Windows\System32\Wldap32.dll - ok
20:22:08.0098 0x168c  [ E3C3BD69701CE6B7B17101E4F7740534, 9D6A308A961A1942D7BF8ABEABE6CA87EB13F7710D40F2F767CE4545C18864C6 ] C:\Windows\System32\msctf.dll
20:22:08.0098 0x168c  C:\Windows\System32\msctf.dll - ok
20:22:08.0101 0x168c  [ FB3E5FD7F74BFC301AD3FB7DE670EDCB, 286EB6EA24FC2A29FE8ABBE84DDEDB1B1061ACA2C6CE2D3975CD55C477CD6944 ] C:\Windows\System32\usp10.dll
20:22:08.0101 0x168c  C:\Windows\System32\usp10.dll - ok
20:22:08.0103 0x168c  [ 7F60324132E77497DB2CBEA7DAE47B11, 4CAC27606435912C115BFACB0CB2645816D37E31CDC979C32EBD9188737044A0 ] C:\Windows\System32\urlmon.dll
20:22:08.0103 0x168c  C:\Windows\System32\urlmon.dll - ok
20:22:08.0106 0x168c  [ B304D47D5744BA20FCB99FB8B2C07B0B, 16AAD9264CAB5B5489E2CF8F118132EA46FE9066B4C4320C0259BE88EBD111C8 ] C:\Windows\System32\ws2_32.dll
20:22:08.0106 0x168c  C:\Windows\System32\ws2_32.dll - ok
20:22:08.0109 0x168c  [ 50CAA7072C171B9887215C83D52069E4, AA1961787F24A6AFF9DD5D0A6110686EA654595D2EB941F5DA702498A662880D ] C:\Windows\System32\advapi32.dll
20:22:08.0109 0x168c  C:\Windows\System32\advapi32.dll - ok
20:22:08.0113 0x168c  [ 420B075CD71AB9E58D15DD258958FBA3, EDD96EDD4D3F1C05E34C769F9C4A1D966DA9B51A3B01CF25E9C5E30281E01AE2 ] C:\Windows\System32\shlwapi.dll
20:22:08.0113 0x168c  C:\Windows\System32\shlwapi.dll - ok
20:22:08.0115 0x168c  [ C394079EB162E812D682C73FA96AF6E4, 639F482DBC82E1E8E7254A5F6FF0F60661EA4BE44D86CA13238913DABFA522F8 ] C:\Windows\System32\clbcatq.dll
20:22:08.0115 0x168c  C:\Windows\System32\clbcatq.dll - ok
20:22:08.0118 0x168c  [ 16386E2989663F325A6A89991DE5ADFB, 7F78DB0A40E7F0A947555F20605E1CE145AAF7441BC9AE194796F84555DAC7D8 ] C:\Windows\System32\gdi32.dll
20:22:08.0118 0x168c  C:\Windows\System32\gdi32.dll - ok
20:22:08.0121 0x168c  [ A64AEBC6C78B4CFD7F41A7277879DF8F, 2283E1D5D5ACF66B6C71A7755577F0A03DB5FC213E5D7DB067C9B7B6E805C202 ] C:\Windows\System32\nsi.dll
20:22:08.0121 0x168c  C:\Windows\System32\nsi.dll - ok
20:22:08.0124 0x168c  [ 8C4836F71F2DB629A99CF5A774594C66, 4045FB24E7F90EEA07D011AF73B2A309A908795362AE85114276650F78AA607C ] C:\Windows\System32\shell32.dll
20:22:08.0124 0x168c  C:\Windows\System32\shell32.dll - ok
20:22:08.0127 0x168c  [ 695DB97B018FB06F693F37108322AA1E, 20F438F5B143944DEA74D77851AB7668893A816B1E43ED87273E1EECDB8B7704 ] C:\Windows\System32\kernel32.dll
20:22:08.0127 0x168c  C:\Windows\System32\kernel32.dll - ok
20:22:08.0129 0x168c  [ 9586E7CB2255A8B097A7E4538202585E, 7A65B6268940279D77CE08D695306150A8F8DD9A6878D2A322799AC576960C6B ] C:\Windows\System32\ole32.dll
20:22:08.0129 0x168c  C:\Windows\System32\ole32.dll - ok
20:22:08.0132 0x168c  [ 58035212AB7869A5FC3AF186ACBA8F09, BCBEE41B2E65560A71D9D9199C0F8D7657085EEE4F73CD2F04D0474823ED4200 ] C:\Windows\System32\comctl32.dll
20:22:08.0132 0x168c  C:\Windows\System32\comctl32.dll - ok
20:22:08.0137 0x168c  [ 93A1732F7F997E36A5C3893539E2FF02, 40B6F7A67F90E5D9948385418BD22BBD29DE86A151B35D1001081A61CA5FC612 ] C:\Windows\System32\psapi.dll
20:22:08.0137 0x168c  C:\Windows\System32\psapi.dll - ok
20:22:08.0142 0x168c  [ EAAAFEF04FBB45665C9576E525D45A12, 3472378C4E150B158B1C4E16760E278B0564BA10563D2CB181EFD17091056D87 ] C:\Windows\System32\drivers\dxapi.sys
20:22:08.0142 0x168c  C:\Windows\System32\drivers\dxapi.sys - ok
20:22:08.0145 0x168c  [ 825EDAE0F2A55CD3578B0FF081595885, D1734EFFC9164D14AA14C6663036CDC6471B7E1CFE6330F32B749FE72C0002ED ] C:\Windows\System32\win32k.sys
20:22:08.0145 0x168c  C:\Windows\System32\win32k.sys - ok
20:22:08.0153 0x168c  [ 33F84B64D4765BCDFA0AB8464122DA14, 89FBC019E656B36A3B87F3F546C45A8DD033799606B05532FAC3E695DFD9701A ] C:\Windows\System32\csrsrv.dll
20:22:08.0153 0x168c  C:\Windows\System32\csrsrv.dll - ok
20:22:08.0160 0x168c  [ ABCA209EBA02CB59233614DB83B4F50D, CF48E43B33B14234F5004F9F3BF0D973B17A501108F39FB42CF9548FD2124960 ] C:\Windows\System32\csrss.exe
20:22:08.0160 0x168c  C:\Windows\System32\csrss.exe - ok
20:22:08.0166 0x168c  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\System32\basesrv.dll
20:22:08.0166 0x168c  C:\Windows\System32\basesrv.dll - ok
20:22:08.0171 0x168c  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\System32\winsrv.dll
20:22:08.0171 0x168c  C:\Windows\System32\winsrv.dll - ok
20:22:08.0175 0x168c  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] C:\Windows\System32\drivers\monitor.sys
20:22:08.0175 0x168c  C:\Windows\System32\drivers\monitor.sys - ok
20:22:08.0180 0x168c  [ CC21507D246861671A0BF97E75CE1B00, C36089B27D80F4FFD208A807310413DE3DCC7850F14D1B56F97670CC10F5566D ] C:\Windows\System32\tsddd.dll
20:22:08.0180 0x168c  C:\Windows\System32\tsddd.dll - ok
20:22:08.0182 0x168c  [ 101BA3EA053480BB5D957EF37C06B5ED, 9A02771DA9C226552A1766C2DD0295ECA8B5B80AAE13076FFCE6A806FA5C21B8 ] C:\Windows\System32\wininit.exe
20:22:08.0182 0x168c  C:\Windows\System32\wininit.exe - ok
20:22:08.0187 0x168c  [ 665417528489096BBCB8AEA46D3DA924, BB0D895B481EFA6ED024C979238F5F482DF0A53912575A47EB4E9C643919112A ] C:\Windows\System32\userenv.dll
20:22:08.0187 0x168c  C:\Windows\System32\userenv.dll - ok
20:22:08.0192 0x168c  [ C2383A7FA2608D384ACAE1CDDE19A9F2, 3660398BDA5B10722521BCB96C23358F61EDFA83CBF7E193B242DEEEABFD3369 ] C:\Windows\System32\KBDUK.DLL
20:22:08.0192 0x168c  C:\Windows\System32\KBDUK.DLL - ok
20:22:08.0196 0x168c  [ D602FEDBD9155FC2DED6863FB60C950F, 5EADF6A70F3BB8CCF758AD645C96AF4034D7E8EEFE44C5008499809C510691EE ] C:\Windows\System32\secur32.dll
20:22:08.0196 0x168c  C:\Windows\System32\secur32.dll - ok
20:22:08.0199 0x168c  [ 92283D9E33EC5F41ECC0B430B7459241, 9BE390D924438950025842667924819E6EB1E821893C9EFE5E06AB30CBD037BF ] C:\Windows\System32\WlS0WndH.dll
20:22:08.0199 0x168c  C:\Windows\System32\WlS0WndH.dll - ok
20:22:08.0203 0x168c  [ 1107BD574A84367735FEC38B9BD64E6B, 682D5372B533817C810F1DCB1C7AE42C44A786ED114601E56DF85FE1C41D5989 ] C:\Windows\System32\apphelp.dll
20:22:08.0203 0x168c  C:\Windows\System32\apphelp.dll - ok
20:22:08.0207 0x168c  [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\System32\services.exe
20:22:08.0207 0x168c  C:\Windows\System32\services.exe - ok
20:22:08.0212 0x168c  [ BE6FAC6F0745C67DAE7522C96406D083, 5FBDE0193F6C6752C8BAB88D945F536D1259B3290073FE73E97FD4D9603D9AD6 ] C:\Windows\System32\sxs.dll
20:22:08.0212 0x168c  C:\Windows\System32\sxs.dll - ok
20:22:08.0216 0x168c  [ 31F57ACBE76A0E17976E18614DE58399, F4EF3099DD1B736B65808CB6D6A1EEEAB04530347093486E55E548C0DA2BAF4A ] C:\Windows\System32\cdd.dll
20:22:08.0216 0x168c  C:\Windows\System32\cdd.dll - ok
20:22:08.0220 0x168c  [ 898E7C06A350D4A1A64A9EA264D55452, 0530B49018B59D4DCD3ECBC19E95B81438208AF34BC876BD07129A79896B4D7E ] C:\Windows\System32\winlogon.exe
20:22:08.0220 0x168c  C:\Windows\System32\winlogon.exe - ok
20:22:08.0223 0x168c  [ 4AAFC7461633848AA87A363B2CBEC522, F2A452B5B71293011EED8CD5ABFA8D0B0761A92D4579CF9D98B1D2DC06D16791 ] C:\Windows\System32\winsta.dll
20:22:08.0223 0x168c  C:\Windows\System32\winsta.dll - ok
20:22:08.0228 0x168c  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] C:\Windows\System32\lsass.exe
20:22:08.0228 0x168c  C:\Windows\System32\lsass.exe - ok
20:22:08.0232 0x168c  [ D90911B3FA05D7B930C1286084B404DE, 200577AD30F9B3FBEAA2988B6858ED6811F7E75B0183F5F35F18207A0C932694 ] C:\Windows\System32\scesrv.dll
20:22:08.0232 0x168c  C:\Windows\System32\scesrv.dll - ok
20:22:08.0235 0x168c  [ 1AE011BB950A5E0B05023D2AFEC3666D, 4602DB22B7D1643780DBE7A34A4887C119A0516C65E4063A9C2074CF39A495DC ] C:\Windows\System32\authz.dll
20:22:08.0235 0x168c  C:\Windows\System32\authz.dll - ok
20:22:08.0239 0x168c  [ 98B656EAF128CD06F625B09C84D959E1, 3E6502E629F15E697A813FC56A9B1F13F5A6F3D0C20550AB3459B2507F868156 ] C:\Windows\System32\netapi32.dll
20:22:08.0239 0x168c  C:\Windows\System32\netapi32.dll - ok
20:22:08.0243 0x168c  [ 2FA16465F64DB54B1F7F511395EB4FD7, 9BC7865CC2EC9CE08E2848F8E8FB9E73715858A31243CB280C317578DDD97EDA ] C:\Windows\System32\ncobjapi.dll
20:22:08.0243 0x168c  C:\Windows\System32\ncobjapi.dll - ok
20:22:08.0246 0x168c  [ 4774AD6C447E02E954BD9A793614EBEC, 7BA75A26DA67FD10BB3E0A2404A7319F8D8938B0330BA0978A9E21EBC8CD9BA4 ] C:\Windows\System32\lsm.exe
20:22:08.0247 0x168c  C:\Windows\System32\lsm.exe - ok
20:22:08.0249 0x168c  [ 178FAC2B7C66E9A4400CE7AC37623E3F, 30BF99E3F6B02566A83DCC072F5654DA28311ACC5308CFB25BE02C1BD3B5CEE3 ] C:\Windows\System32\lsasrv.dll
20:22:08.0249 0x168c  C:\Windows\System32\lsasrv.dll - ok
20:22:08.0252 0x168c  [ 7808BF0E367ED7348808879CEF482AB3, BAC633E351F0A2CF69C288E7CD983ED5986FE0CC180BF769A5C2EB5F8CABBE8A ] C:\Windows\System32\samsrv.dll
20:22:08.0252 0x168c  C:\Windows\System32\samsrv.dll - ok
20:22:08.0255 0x168c  [ 459B48188494490707DCA8BAA91AA185, E108A46F446A273BF118A73D4790FC85D49D6CE8ECC581AAEB942A1558D21327 ] C:\Windows\System32\cryptdll.dll
20:22:08.0255 0x168c  C:\Windows\System32\cryptdll.dll - ok
20:22:08.0257 0x168c  [ 85E861D0B88DB2B54ACB0839654C09F7, 751E4F1F282C3798712AFF551D1525D5D65B5E8229689862AAB0BBDCC35A5925 ] C:\Windows\System32\dnsapi.dll
20:22:08.0257 0x168c  C:\Windows\System32\dnsapi.dll - ok
20:22:08.0260 0x168c  [ 453DE2958C885527E20C79A3FEFE6AF7, AC40DC0D1224A2F6FAA1A3396345371CAE7312C6D7EF0923602B2E89ED22BA2B ] C:\Windows\System32\samlib.dll
20:22:08.0260 0x168c  C:\Windows\System32\samlib.dll - ok
20:22:08.0263 0x168c  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] C:\Windows\System32\aelupsvc.dll
20:22:08.0263 0x168c  C:\Windows\System32\aelupsvc.dll - ok
20:22:08.0265 0x168c  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] C:\Windows\System32\alg.exe
20:22:08.0265 0x168c  C:\Windows\System32\alg.exe - ok
20:22:08.0268 0x168c  [ EE2FF9A3FC4404234BE3B7C6AA383AF8, 51BF3C48BE9BF81A800EF5B247E03C78980B3FFFF37688C42C0F253351EEF4C1 ] C:\Windows\System32\msasn1.dll
20:22:08.0268 0x168c  C:\Windows\System32\msasn1.dll - ok
20:22:08.0271 0x168c  [ 8F7D200717A58E9800D391F4C2101577, F07CF0F5636F46D8F3D5133284943E991E8739E5A644BCA5F18BB896B374620D ] C:\Windows\System32\appinfo.dll
20:22:08.0271 0x168c  C:\Windows\System32\appinfo.dll - ok
20:22:08.0273 0x168c  [ 7F0F1D4B0D847696F8E309423D227DCE, 4460A2E8B27EB74E951DF328DABFC6C905DD1538D2F2BEE59B2FDA05482CE9F7 ] C:\Windows\System32\ntdsapi.dll
20:22:08.0273 0x168c  C:\Windows\System32\ntdsapi.dll - ok
20:22:08.0276 0x168c  [ 965AC9FBF2C67231C157E99C03C58D24, 732E6307AE0C8916F47CB0E74562C7991CF44D5656C5E071D3FBDF31EA734409 ] C:\Windows\System32\feclient.dll
20:22:08.0276 0x168c  C:\Windows\System32\feclient.dll - ok
20:22:08.0279 0x168c  [ 1F94EA31C9543B855F53BDAC7792DA4E, 3697D031632C47FC5AAB4208C05A7C4098DF390103CFDE99A512F685AD057F40 ] C:\Windows\System32\mpr.dll
20:22:08.0279 0x168c  C:\Windows\System32\mpr.dll - ok
20:22:08.0282 0x168c  [ 3464DAE0E801F5A81A23C571D86F30B2, A5C0256618215A96BC8CB68357E5278DBF01C3E2CFFDC77EB4A703F1342687D2 ] C:\Windows\System32\rascfg.dll
20:22:08.0282 0x168c  C:\Windows\System32\rascfg.dll - ok
20:22:08.0284 0x168c  [ 71F5A7104FDF16C0AC5283A6CE666553, 481D688B87CC4155FB98AEB816B5F331F2EC8A1B409B01BA270A67660CE9564A ] C:\Windows\System32\sysntfy.dll
20:22:08.0284 0x168c  C:\Windows\System32\sysntfy.dll - ok
20:22:08.0287 0x168c  [ F0321DA5203F1E71917F3B7A13DC4912, 2F40733CBDD6491DAA3182AFDB3CA9FBAE5C3EE15CD9FCFF20E2D74E98CA374F ] C:\Windows\System32\wmsgapi.dll
20:22:08.0287 0x168c  C:\Windows\System32\wmsgapi.dll - ok
20:22:08.0290 0x168c  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] C:\Windows\System32\audiosrv.dll
20:22:08.0290 0x168c  C:\Windows\System32\audiosrv.dll - ok
20:22:08.0292 0x168c  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] C:\Windows\System32\BFE.DLL
20:22:08.0292 0x168c  C:\Windows\System32\BFE.DLL - ok
20:22:08.0295 0x168c  [ 0317420D419E1885894B3ED9D375D245, 17F4C64CA4FE560F09DA4C1D13D62B525B5C7B6FDD44B846C6953D595D83CF3D ] C:\Windows\System32\crypt32.dll
20:22:08.0295 0x168c  C:\Windows\System32\crypt32.dll - ok
20:22:08.0298 0x168c  [ C6DF7A87063D006ECF1FD8156CB6DE3F, 921AB6B88444B364F05D8EDF0EDDFA0892353A862CD3580F7EDA311E4FDC26B6 ] C:\Windows\System32\SLC.dll
20:22:08.0298 0x168c  C:\Windows\System32\SLC.dll - ok
20:22:08.0301 0x168c  [ 4DE3C4D07BAFDE616EFA0ADE076CBAC2, 9088837534980C39A885BF9FE2B0945166A433F0263DE7F8E9D4F5E153A70DF3 ] C:\Windows\System32\wevtapi.dll
20:22:08.0301 0x168c  C:\Windows\System32\wevtapi.dll - ok
20:22:08.0303 0x168c  [ 4FE8425F21B3F0F8C4B4726351D43EAA, F45C1429BD60EEAB7BE8C2114B9C819CED7583249CEE1AB234A8A05A484528A9 ] C:\Windows\System32\IPHLPAPI.DLL
20:22:08.0304 0x168c  C:\Windows\System32\IPHLPAPI.DLL - ok
20:22:08.0306 0x168c  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] C:\Windows\System32\dhcpcsvc.dll
20:22:08.0307 0x168c  C:\Windows\System32\dhcpcsvc.dll - ok
20:22:08.0309 0x168c  [ 7F15B4953378C8B5161D65C26D5FED4D, 70C80736225273D083F071E625CC47E5C889E8D7426D8D3461F87D41286F06D0 ] C:\Windows\System32\cngaudit.dll
20:22:08.0310 0x168c  C:\Windows\System32\cngaudit.dll - ok
20:22:08.0312 0x168c  [ DFB6B71CDABA9DFB49C9D2B318B97A1A, F380B9A28D56DEC902154A0251B58BD3576355EDE2CD13CF47D7F4DBE3D61C97 ] C:\Windows\System32\dhcpcsvc6.dll
20:22:08.0312 0x168c  C:\Windows\System32\dhcpcsvc6.dll - ok
20:22:08.0315 0x168c  [ 6B09105742C75DF80CEF21700F20F55A, D781C5F22BEBB5C51B7792EBB4421C170F2CC5FE28E9245E9D6B9D22E33423AB ] C:\Windows\System32\winnsi.dll
20:22:08.0315 0x168c  C:\Windows\System32\winnsi.dll - ok
20:22:08.0318 0x168c  [ DE0DD9AE3430F84A96B5501112A696BE, 28ED17BCAE5DB58885547213B5241F8E6599ADE3BB7834A54AC2F10D3285C45F ] C:\Windows\System32\bcrypt.dll
20:22:08.0318 0x168c  C:\Windows\System32\bcrypt.dll - ok
20:22:08.0321 0x168c  [ 13CC59C1B04E9F20A87987C68CD4BE3F, E65363E112CF58007CA650782997413EAFFFDAC25B66976BC7B3A2CBD5ED3933 ] C:\Windows\System32\ncrypt.dll
20:22:08.0321 0x168c  C:\Windows\System32\ncrypt.dll - ok
20:22:08.0334 0x168c  [ 26F139DDEC6407508071930D3D07337E, 90EF02DCA67C68AFBEB8E2BE2E1BD6E400F2A386C3CE8AF5573E9F89B7636688 ] C:\Windows\System32\credssp.dll
20:22:08.0334 0x168c  C:\Windows\System32\credssp.dll - ok
20:22:08.0340 0x168c  [ ABE9EEA1EABEA0711610A637A7B1C25D, 973F8BE8E411E1037DFC3FE3F979412450D268E4D34C0F38F3F015D2E00CD8AC ] C:\Windows\System32\msprivs.dll
20:22:08.0340 0x168c  C:\Windows\System32\msprivs.dll - ok
20:22:08.0344 0x168c  [ AA01497884F9CBAC89470120AF78D2B1, FACE3C2E7B0796A690B2E25175579575153453D90EB9B08FB164356575FA7614 ] C:\Windows\System32\kerberos.dll
20:22:08.0344 0x168c  C:\Windows\System32\kerberos.dll - ok
20:22:08.0347 0x168c  [ 9E80FF0752E365F97FD2D1D68C2AFDA1, 07924F0966A05A992130D29BBF634214D0DFE4081851ED18B1E334437DD008D0 ] C:\Windows\System32\wship6.dll
20:22:08.0347 0x168c  C:\Windows\System32\wship6.dll - ok
20:22:08.0350 0x168c  [ 05C3B38DB95BA5585817A4F898EE5581, 227357221F00BA91D7907966FF251F6834D69ABD630174A56F9A6C98723C1625 ] C:\Windows\System32\wshqos.dll
20:22:08.0350 0x168c  C:\Windows\System32\wshqos.dll - ok
20:22:08.0353 0x168c  [ 22CFAEB9172F5F198048401485CD0571, 94E0B8590268BD21B035297F5B0C01A4E8958A1DB39A5AA654EA1805BD30CEC2 ] C:\Windows\System32\WSHTCPIP.DLL
20:22:08.0353 0x168c  C:\Windows\System32\WSHTCPIP.DLL - ok
20:22:08.0356 0x168c  [ FC62A635063B762E1C3C60EA77279378, 9C7ADE37C9F2F9CC5A79D75260736C3791C7A73FB84BE6B7E575CA31A4B99667 ] C:\Windows\System32\NapiNSP.dll
20:22:08.0356 0x168c  C:\Windows\System32\NapiNSP.dll - ok
20:22:08.0359 0x168c  [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] C:\Windows\System32\nlasvc.dll
20:22:08.0359 0x168c  C:\Windows\System32\nlasvc.dll - ok
20:22:08.0361 0x168c  [ 690D41DF1D555F96D4898A0F54EBA065, 3A8C9304D49657765DF0FCCEAE2A529982025D8677CCA5930824921F77B8F404 ] C:\Windows\System32\pnrpnsp.dll
20:22:08.0362 0x168c  C:\Windows\System32\pnrpnsp.dll - ok
20:22:08.0364 0x168c  [ 4ABCE74D012971305249E45E095E9EA6, 6D53BB81F781694577ED8F6DBF41D0900C552DEC2F433206E5B087E80B239DE3 ] C:\Windows\System32\msv1_0.dll
20:22:08.0364 0x168c  C:\Windows\System32\msv1_0.dll - ok
20:22:08.0367 0x168c  [ 8617350C9B590B63E620881092751BCB, 4D16A2197F9ED9062CFD93061294FB8E1068071D03E72B6CF3C7256F1B454A9B ] C:\Windows\System32\mswsock.dll
20:22:08.0367 0x168c  C:\Windows\System32\mswsock.dll - ok
20:22:08.0370 0x168c  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] C:\Windows\System32\qmgr.dll
20:22:08.0370 0x168c  C:\Windows\System32\qmgr.dll - ok
20:22:08.0373 0x168c  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] C:\Windows\System32\browser.dll
20:22:08.0373 0x168c  C:\Windows\System32\browser.dll - ok
20:22:08.0376 0x168c  [ 95DAECF0FB120A7B5DA679CC54E37DDE, 492129AB9AF4F11CDE46148F6CC3AB6841D0F715DEF5E387B33CD8C79F5298BC ] C:\Windows\System32\netlogon.dll
20:22:08.0376 0x168c  C:\Windows\System32\netlogon.dll - ok
20:22:08.0379 0x168c  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] C:\Windows\System32\certprop.dll
20:22:08.0379 0x168c  C:\Windows\System32\certprop.dll - ok
20:22:08.0382 0x168c  [ 4211249955AF9133E2E357CC92B54DFD, 5868F1B809783723C45D3A60DC6B2A21C216E9329D131B282A5851E38603DF55 ] C:\Windows\System32\comres.dll
20:22:08.0382 0x168c  C:\Windows\System32\comres.dll - ok
20:22:08.0384 0x168c  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] C:\Windows\System32\cryptsvc.dll
20:22:08.0384 0x168c  C:\Windows\System32\cryptsvc.dll - ok
20:22:08.0387 0x168c  [ 72910BC4A218C49EA8E43D1FAEC403A5, AAC5026C440BA588D532703A582386EC33B2BCAE2D7A6EF7798498FDDF6F617A ] C:\Windows\System32\winbrand.dll
20:22:08.0387 0x168c  C:\Windows\System32\winbrand.dll - ok
20:22:08.0390 0x168c  [ 08D6D1692B62C9EE4062E1FA04D8FE2F, 0DDB6D64524CDED04DE6521FC834BC4507ECF4C51C9F9BC407B510222E4F0343 ] C:\Windows\System32\oleres.dll
20:22:08.0390 0x168c  C:\Windows\System32\oleres.dll - ok
20:22:08.0393 0x168c  [ 74F380C8EC8813626C670D46E8A714D1, 25E20A08048DB18CB1B1071B6FF916561A809561F587E26306FB75A8AA173FE3 ] C:\Windows\System32\dfsrres.dll
20:22:08.0393 0x168c  C:\Windows\System32\dfsrres.dll - ok
20:22:08.0396 0x168c  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] C:\Windows\System32\dot3svc.dll
20:22:08.0396 0x168c  C:\Windows\System32\dot3svc.dll - ok
20:22:08.0399 0x168c  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] C:\Windows\System32\dps.dll
20:22:08.0399 0x168c  C:\Windows\System32\dps.dll - ok
20:22:08.0402 0x168c  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] C:\Windows\System32\eapsvc.dll
20:22:08.0402 0x168c  C:\Windows\System32\eapsvc.dll - ok
20:22:08.0404 0x168c  [ 50E3E76B0901BB4FC029BB88BFA5CE79, 2633FB41F30C68EB68B6241F89C035B3F66CBF51EDB6B4E2FFFE562CE3EEA745 ] C:\Windows\System32\schannel.dll
20:22:08.0404 0x168c  C:\Windows\System32\schannel.dll - ok
20:22:08.0407 0x168c  [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] C:\Windows\ehome\ehrecvr.exe
20:22:08.0407 0x168c  C:\Windows\ehome\ehrecvr.exe - ok
20:22:08.0410 0x168c  [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] C:\Windows\ehome\ehsched.exe
20:22:08.0410 0x168c  C:\Windows\ehome\ehsched.exe - ok
20:22:08.0412 0x168c  [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] C:\Windows\ehome\ehstart.dll
20:22:08.0412 0x168c  C:\Windows\ehome\ehstart.dll - ok
20:22:08.0415 0x168c  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] C:\Windows\System32\emdmgmt.dll
20:22:08.0415 0x168c  C:\Windows\System32\emdmgmt.dll - ok
20:22:08.0421 0x168c  [ A1B40A28F38D27A7E3229EE4C7064434, 76CD78FAFC99C472CDFCE848B1E31037811D4D645849C9FDA1B22161A1191A2D ] C:\Windows\System32\wevtsvc.dll
20:22:08.0421 0x168c  C:\Windows\System32\wevtsvc.dll - ok
20:22:08.0424 0x168c  [ 93620229F3CC3B67A3528BF39F064C30, BB5CD222902D528030DD6CB458691DD37BAFCCC0E35119F3C127DB5C55244780 ] C:\Windows\System32\wdigest.dll
20:22:08.0424 0x168c  C:\Windows\System32\wdigest.dll - ok
20:22:08.0429 0x168c  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] C:\Windows\System32\fdPHost.dll
20:22:08.0429 0x168c  C:\Windows\System32\fdPHost.dll - ok
20:22:08.0433 0x168c  [ E14170AEA125119B98FA2BDE3FF4F462, 939758ADA9D1A7E3B6BA1DB6D9E41D3FA27A7013C156F0B63010A0FB62DD64F8 ] C:\Windows\System32\rsaenh.dll
20:22:08.0433 0x168c  C:\Windows\System32\rsaenh.dll - ok
20:22:08.0438 0x168c  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] C:\Windows\System32\FDResPub.dll
20:22:08.0438 0x168c  C:\Windows\System32\FDResPub.dll - ok
20:22:08.0443 0x168c  [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] C:\Windows\System32\FntCache.dll
20:22:08.0443 0x168c  C:\Windows\System32\FntCache.dll - ok
20:22:08.0445 0x168c  [ 302964DCAC79D618CC7B72C778DA9FD2, 7F2980AA49592B308E5D4C1A311AE837F65E9FB35761734A936626E81F0A7F10 ] C:\Windows\System32\PresentationHost.exe
20:22:08.0445 0x168c  C:\Windows\System32\PresentationHost.exe - ok
20:22:08.0451 0x168c  [ 0F420E81062757EA8363CBACD4D40D6D, 9FC3A7C512B065F18B520FE93B821717BB8B4C36BD976E8D014F71116073CF50 ] C:\Windows\System32\gpapi.dll
20:22:08.0451 0x168c  C:\Windows\System32\gpapi.dll - ok
20:22:08.0454 0x168c  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] C:\Windows\System32\hidserv.dll
20:22:08.0454 0x168c  C:\Windows\System32\hidserv.dll - ok
20:22:08.0459 0x168c  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] C:\Windows\System32\KMSVC.DLL
20:22:08.0459 0x168c  C:\Windows\System32\KMSVC.DLL - ok
20:22:08.0461 0x168c  [ F8873D15018F411588BEC02C1725BADA, 7E90B1D820733C80B438287D89FC3D4219B2C97BD878EB5BA2DBFF64BBF3938A ] C:\Windows\System32\TSpkg.dll
20:22:08.0461 0x168c  C:\Windows\System32\TSpkg.dll - ok
20:22:08.0467 0x168c  [ A136094368CA45BA50BF4E2703E93B82, F7232B62AB8D88FE142E8E14FD31A1140455963D9320A5871669E8E23DCEEA5A ] C:\Windows\System32\atmfd.dll
20:22:08.0467 0x168c  C:\Windows\System32\atmfd.dll - ok
20:22:08.0470 0x168c  [ 0CB9D236129BFFEF9B68999761F3A697, 80F4991D01BA686C024958F5D75ACCB9B476AC410E3028D5135920619094BEEB ] C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
20:22:08.0470 0x168c  C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok
20:22:08.0478 0x168c  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] C:\Windows\System32\IKEEXT.DLL
20:22:08.0478 0x168c  C:\Windows\System32\IKEEXT.DLL - ok
20:22:08.0481 0x168c  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] C:\Windows\System32\IPBusEnum.dll
20:22:08.0481 0x168c  C:\Windows\System32\IPBusEnum.dll - ok
20:22:08.0486 0x168c  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] C:\Windows\System32\iphlpsvc.dll
20:22:08.0486 0x168c  C:\Windows\System32\iphlpsvc.dll - ok
20:22:08.0491 0x168c  [ 74C2F29CC612B2B34231BEBD824D2FB2, 0C0888AB3B2D8C8F17CA57A503C61F867C8F12A6E6F645DEFE7A2C299AA59AD8 ] C:\Windows\System32\keyiso.dll
20:22:08.0491 0x168c  C:\Windows\System32\keyiso.dll - ok
20:22:08.0495 0x168c  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] C:\Windows\System32\srvsvc.dll
20:22:08.0495 0x168c  C:\Windows\System32\srvsvc.dll - ok
20:22:08.0500 0x168c  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] C:\Windows\System32\wkssvc.dll
20:22:08.0500 0x168c  C:\Windows\System32\wkssvc.dll - ok
20:22:08.0505 0x168c  [ 132F6237FA3BF3E9715F63A1CCF72BF1, E877AACC2DE4E93A00C76D537D471AA268DC3B983D48407C6707FC682982DBF5 ] C:\Windows\ehome\ehres.dll
20:22:08.0505 0x168c  C:\Windows\ehome\ehres.dll - ok
20:22:08.0509 0x168c  [ FA0593D936C9B95FB6FAA32AD1595D49, E7DEC36E708D62D6E95649F3F82DD1CB3E4A77934ABC86FD44FE1F37826901B0 ] C:\Windows\System32\lltdres.dll
20:22:08.0509 0x168c  C:\Windows\System32\lltdres.dll - ok
20:22:08.0515 0x168c  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] C:\Windows\System32\lmhsvc.dll
20:22:08.0515 0x168c  C:\Windows\System32\lmhsvc.dll - ok
20:22:08.0517 0x168c  [ 95F1EB99B81CFD6F581C85F0A0AA9B2B, 65EE7016E6235880C4443119BF32CF12D4A9A9CA3810B974B575AD31D380A7FB ] C:\Windows\System32\FirewallAPI.dll
20:22:08.0517 0x168c  C:\Windows\System32\FirewallAPI.dll - ok
20:22:08.0521 0x168c  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] C:\Windows\System32\mmcss.dll
20:22:08.0521 0x168c  C:\Windows\System32\mmcss.dll - ok
20:22:08.0523 0x168c  [ EA822412BBBA9B7D2B1A3748AD50EFB8, 10BA6E240FEC5BB1A0A7C0D75E0495D99FD48D68CA69C0985DD921658835225C ] C:\Windows\System32\iscsidsc.dll
20:22:08.0524 0x168c  C:\Windows\System32\iscsidsc.dll - ok
20:22:08.0526 0x168c  [ ED21401F1E2F6BC2F54C462BB66D0D6B, 7E3874AFB57CA6B7CDA3833DB0E43E9D2BEE7C5C70AC1182260740CCA40291CA ] C:\Windows\System32\msimsg.dll
20:22:08.0526 0x168c  C:\Windows\System32\msimsg.dll - ok
20:22:08.0531 0x168c  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] C:\Windows\System32\QAGENTRT.DLL
20:22:08.0531 0x168c  C:\Windows\System32\QAGENTRT.DLL - ok
20:22:08.0534 0x168c  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] C:\Windows\System32\netman.dll
20:22:08.0534 0x168c  C:\Windows\System32\netman.dll - ok
20:22:08.0538 0x168c  [ 43DF1E019494642C3F7AED0FCB231D27, E79E4A431ABDF9F5E024558782981FFB3FE7D3648833ADD6F82CD62467800CAB ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll
20:22:08.0538 0x168c  C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll - ok
20:22:08.0542 0x168c  [ ED640F4CE585058119B824CC76591D9C, B8FA63CEE5105DD034084F34D0FDB223EAC1228888EDBD9EB48BF1B64F720C0E ] C:\Windows\System32\netprof.dll
20:22:08.0542 0x168c  C:\Windows\System32\netprof.dll - ok
20:22:08.0544 0x168c  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] C:\Windows\System32\nsisvc.dll
20:22:08.0544 0x168c  C:\Windows\System32\nsisvc.dll - ok
20:22:08.0547 0x168c  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] C:\Windows\System32\p2psvc.dll
20:22:08.0547 0x168c  C:\Windows\System32\p2psvc.dll - ok
20:22:08.0550 0x168c  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] C:\Windows\System32\pcasvc.dll
20:22:08.0550 0x168c  C:\Windows\System32\pcasvc.dll - ok
20:22:08.0554 0x168c  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] C:\Windows\System32\pla.dll
20:22:08.0554 0x168c  C:\Windows\System32\pla.dll - ok
20:22:08.0558 0x168c  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] C:\Windows\System32\umpnpmgr.dll
20:22:08.0558 0x168c  C:\Windows\System32\umpnpmgr.dll - ok
20:22:08.0561 0x168c  [ 64B28D672B5B6A01E87B0C3096B1E047, D4E5875A25E0EBEFD4AE38A3BA508CF99DD7278E7D4E1C95C7E1B8E42F381A10 ] C:\Windows\System32\polstore.dll
20:22:08.0561 0x168c  C:\Windows\System32\polstore.dll - ok
20:22:08.0564 0x168c  [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] C:\Windows\System32\profsvc.dll
20:22:08.0564 0x168c  C:\Windows\System32\profsvc.dll - ok
20:22:08.0567 0x168c  [ 08F9134A2215B7ED985409A4DF60AC60, BAFFCA0BA71A11FE63AB8411D8951E9AE087E31E04E9D226CCB21E82B79F2DCE ] C:\Windows\System32\psbase.dll
20:22:08.0567 0x168c  C:\Windows\System32\psbase.dll - ok
20:22:08.0570 0x168c  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] C:\Windows\System32\qwave.dll
20:22:08.0570 0x168c  C:\Windows\System32\qwave.dll - ok
20:22:08.0572 0x168c  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] C:\Windows\System32\drivers\qwavedrv.sys
20:22:08.0573 0x168c  C:\Windows\System32\drivers\qwavedrv.sys - ok
20:22:08.0575 0x168c  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] C:\Windows\System32\rasauto.dll
20:22:08.0575 0x168c  C:\Windows\System32\rasauto.dll - ok
20:22:08.0578 0x168c  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] C:\Windows\System32\rasmans.dll
20:22:08.0578 0x168c  C:\Windows\System32\rasmans.dll - ok
20:22:08.0581 0x168c  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] C:\Windows\System32\sstpsvc.dll
20:22:08.0581 0x168c  C:\Windows\System32\sstpsvc.dll - ok
20:22:08.0584 0x168c  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] C:\Windows\System32\mprdim.dll
20:22:08.0584 0x168c  C:\Windows\System32\mprdim.dll - ok
20:22:08.0586 0x168c  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] C:\Windows\System32\regsvc.dll
20:22:08.0586 0x168c  C:\Windows\System32\regsvc.dll - ok
20:22:08.0588 0x168c  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] C:\Windows\System32\Locator.exe
20:22:08.0588 0x168c  C:\Windows\System32\Locator.exe - ok
20:22:08.0591 0x168c  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] C:\Windows\System32\SCardSvr.dll
20:22:08.0591 0x168c  C:\Windows\System32\SCardSvr.dll - ok
20:22:08.0594 0x168c  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] C:\Windows\System32\schedsvc.dll
20:22:08.0594 0x168c  C:\Windows\System32\schedsvc.dll - ok
20:22:08.0597 0x168c  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] C:\Windows\System32\sdrsvc.dll
20:22:08.0597 0x168c  C:\Windows\System32\sdrsvc.dll - ok
20:22:08.0600 0x168c  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] C:\Windows\System32\seclogon.dll
20:22:08.0600 0x168c  C:\Windows\System32\seclogon.dll - ok
20:22:08.0603 0x168c  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] C:\Windows\System32\Sens.dll
20:22:08.0603 0x168c  C:\Windows\System32\Sens.dll - ok
20:22:08.0606 0x168c  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] C:\Windows\System32\SessEnv.dll
20:22:08.0606 0x168c  C:\Windows\System32\SessEnv.dll - ok
20:22:08.0609 0x168c  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] C:\Windows\System32\ipnathlp.dll
20:22:08.0609 0x168c  C:\Windows\System32\ipnathlp.dll - ok
20:22:08.0611 0x168c  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] C:\Windows\System32\shsvcs.dll
20:22:08.0611 0x168c  C:\Windows\System32\shsvcs.dll - ok
20:22:08.0614 0x168c  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] C:\Windows\System32\SLsvc.exe
20:22:08.0615 0x168c  C:\Windows\System32\SLsvc.exe - ok
20:22:08.0619 0x168c  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] C:\Windows\System32\SLUINotify.dll
20:22:08.0619 0x168c  C:\Windows\System32\SLUINotify.dll - ok
20:22:08.0623 0x168c  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] C:\Windows\System32\snmptrap.exe
20:22:08.0623 0x168c  C:\Windows\System32\snmptrap.exe - ok
20:22:08.0628 0x168c  [ E4060CFE50F87C72316CB0FDB20E4913, FC7D21327E5FAA424798097FBE5A2F7821BE8A1E54F80E81A620A52DC8E933AA ] C:\Windows\System32\tcpipcfg.dll
20:22:08.0628 0x168c  C:\Windows\System32\tcpipcfg.dll - ok
20:22:08.0633 0x168c  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] C:\Windows\System32\spoolsv.exe
20:22:08.0633 0x168c  C:\Windows\System32\spoolsv.exe - ok
20:22:08.0636 0x168c  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] C:\Windows\System32\ssdpsrv.dll
20:22:08.0636 0x168c  C:\Windows\System32\ssdpsrv.dll - ok
20:22:08.0639 0x168c  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] C:\Windows\System32\wiaservc.dll
20:22:08.0639 0x168c  C:\Windows\System32\wiaservc.dll - ok
20:22:08.0643 0x168c  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] C:\Windows\System32\swprv.dll
20:22:08.0643 0x168c  C:\Windows\System32\swprv.dll - ok
20:22:08.0646 0x168c  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] C:\Windows\System32\sysmain.dll
20:22:08.0646 0x168c  C:\Windows\System32\sysmain.dll - ok
20:22:08.0650 0x168c  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] C:\Windows\System32\TabSvc.dll
20:22:08.0650 0x168c  C:\Windows\System32\TabSvc.dll - ok
20:22:08.0653 0x168c  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] C:\Windows\System32\tapisrv.dll
20:22:08.0653 0x168c  C:\Windows\System32\tapisrv.dll - ok
20:22:08.0666 0x168c  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] C:\Windows\System32\tbssvc.dll
20:22:08.0666 0x168c  C:\Windows\System32\tbssvc.dll - ok
20:22:08.0669 0x168c  [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] C:\Windows\System32\termsrv.dll
20:22:08.0669 0x168c  C:\Windows\System32\termsrv.dll - ok
20:22:08.0672 0x168c  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] C:\Windows\System32\trkwks.dll
20:22:08.0672 0x168c  C:\Windows\System32\trkwks.dll - ok
20:22:08.0675 0x168c  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] C:\Windows\servicing\TrustedInstaller.exe
20:22:08.0675 0x168c  C:\Windows\servicing\TrustedInstaller.exe - ok
20:22:08.0678 0x168c  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] C:\Windows\System32\UI0Detect.exe
20:22:08.0678 0x168c  C:\Windows\System32\UI0Detect.exe - ok
20:22:08.0681 0x168c  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] C:\Windows\System32\upnphost.dll
20:22:08.0681 0x168c  C:\Windows\System32\upnphost.dll - ok
20:22:08.0685 0x168c  [ 01DD1004181FD46ECDC3628228EB269D, 8AED6773AE1C8B65B4CAD6229BD05E224D348CF2A9D9F7D50F2513A9B1E14F66 ] C:\Windows\System32\dwm.exe
20:22:08.0685 0x168c  C:\Windows\System32\dwm.exe - ok
20:22:08.0688 0x168c  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] C:\Windows\System32\vds.exe
20:22:08.0688 0x168c  C:\Windows\System32\vds.exe - ok
20:22:08.0690 0x168c  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] C:\Windows\System32\VSSVC.exe
20:22:08.0690 0x168c  C:\Windows\System32\VSSVC.exe - ok
20:22:08.0693 0x168c  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] C:\Windows\System32\w32time.dll
20:22:08.0693 0x168c  C:\Windows\System32\w32time.dll - ok
20:22:08.0696 0x168c  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] C:\Windows\System32\wcncsvc.dll
20:22:08.0696 0x168c  C:\Windows\System32\wcncsvc.dll - ok
20:22:08.0699 0x168c  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] C:\Windows\System32\WcsPlugInService.dll
20:22:08.0699 0x168c  C:\Windows\System32\WcsPlugInService.dll - ok
20:22:08.0702 0x168c  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] C:\Windows\System32\drivers\Wdf01000.sys
20:22:08.0702 0x168c  C:\Windows\System32\drivers\Wdf01000.sys - ok
20:22:08.0704 0x168c  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] C:\Windows\System32\wdi.dll
20:22:08.0704 0x168c  C:\Windows\System32\wdi.dll - ok
20:22:08.0707 0x168c  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] C:\Windows\System32\WebClnt.dll
20:22:08.0707 0x168c  C:\Windows\System32\WebClnt.dll - ok
20:22:08.0710 0x168c  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] C:\Windows\System32\wecsvc.dll
20:22:08.0710 0x168c  C:\Windows\System32\wecsvc.dll - ok
20:22:08.0713 0x168c  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] C:\Windows\System32\wercplsupport.dll
20:22:08.0713 0x168c  C:\Windows\System32\wercplsupport.dll - ok
20:22:08.0715 0x168c  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] C:\Windows\System32\wersvc.dll
20:22:08.0715 0x168c  C:\Windows\System32\wersvc.dll - ok
20:22:08.0722 0x168c  [ DBD02E3E6F061EBBBF9B99A9D7CBA30B, 2C65C129BD1D4279B78E7EDF83F6FB398B705A56A99942F4CA61C9E52D21D25A ] C:\Windows\System32\winhttp.dll
20:22:08.0722 0x168c  C:\Windows\System32\winhttp.dll - ok
20:22:08.0728 0x168c  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] C:\Windows\System32\wbem\WMIsvc.dll
20:22:08.0728 0x168c  C:\Windows\System32\wbem\WMIsvc.dll - ok
20:22:08.0732 0x168c  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] C:\Windows\System32\WsmSvc.dll
20:22:08.0733 0x168c  C:\Windows\System32\WsmSvc.dll - ok
20:22:08.0736 0x168c  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] C:\Windows\System32\wlansvc.dll
20:22:08.0736 0x168c  C:\Windows\System32\wlansvc.dll - ok
20:22:08.0740 0x168c  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] C:\Windows\System32\wbem\WmiApSrv.exe
20:22:08.0740 0x168c  C:\Windows\System32\wbem\WmiApSrv.exe - ok
20:22:08.0743 0x168c  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] C:\Program Files\Windows Media Player\wmpnetwk.exe
20:22:08.0744 0x168c  C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
20:22:08.0747 0x168c  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] C:\Windows\System32\wpcsvc.dll
20:22:08.0747 0x168c  C:\Windows\System32\wpcsvc.dll - ok
20:22:08.0750 0x168c  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] C:\Windows\System32\wpdbusenum.dll
20:22:08.0750 0x168c  C:\Windows\System32\wpdbusenum.dll - ok
20:22:08.0753 0x168c  [ F8D3544ACBCE9110362119F7C10D848E, 31C49201A931751A36286874AC0B929D886F490D7CE48CCC9283850A56AD9FD9 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:22:08.0753 0x168c  C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe - ok
20:22:08.0755 0x168c  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] C:\Windows\System32\wscsvc.dll
20:22:08.0755 0x168c  C:\Windows\System32\wscsvc.dll - ok
20:22:08.0758 0x168c  [ AED0DFF80C6B3914769407E78D7AB21A, 5B9779B163302F80A256AACBBE2E22B827EDDEC491F109C439184CBD5B343151 ] C:\Windows\System32\SearchIndexer.exe
20:22:08.0758 0x168c  C:\Windows\System32\SearchIndexer.exe - ok
20:22:08.0761 0x168c  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] C:\Windows\System32\wuaueng.dll
20:22:08.0761 0x168c  C:\Windows\System32\wuaueng.dll - ok
20:22:08.0765 0x168c  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] C:\Windows\System32\drivers\WUDFPf.sys
20:22:08.0765 0x168c  C:\Windows\System32\drivers\WUDFPf.sys - ok
20:22:08.0768 0x168c  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] C:\Windows\System32\WUDFSvc.dll
20:22:08.0768 0x168c  C:\Windows\System32\WUDFSvc.dll - ok
20:22:08.0770 0x168c  [ 8FC182167381E9915651267044105EE1, A0F0039496CA0755C07E7F249D4101D66FA64AFA5C8CE036428060AB106A1250 ] C:\Windows\System32\scecli.dll
20:22:08.0771 0x168c  C:\Windows\System32\scecli.dll - ok
20:22:08.0773 0x168c  [ CD08EEC61C591AF59A39F4363C567D30, 6A8413BE885A07235F59846FAD986B7A65CF009EAD78DD378114B6362DDDB371 ] C:\Windows\System32\ntmarta.dll
20:22:08.0773 0x168c  C:\Windows\System32\ntmarta.dll - ok
20:22:08.0777 0x168c  [ 3794B461C45882E06856F282EEF025AF, D4F79D7BC639FE86AC68961E6273836B9D7AF491773FD054395B33D317017BEB ] C:\Windows\System32\svchost.exe
20:22:08.0777 0x168c  C:\Windows\System32\svchost.exe - ok
20:22:08.0780 0x168c  [ 9A7F4B2EDACD11444D048AA19CBB26AF, 2CC3632D39484C959855B8A27DDED12A44765D7723CCF150E9F8B70015F1AA2E ] C:\Windows\System32\powrprof.dll
20:22:08.0780 0x168c  C:\Windows\System32\powrprof.dll - ok
20:22:08.0783 0x168c  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] C:\Windows\System32\drivers\luafv.sys
20:22:08.0783 0x168c  C:\Windows\System32\drivers\luafv.sys - ok
20:22:08.0786 0x168c  [ C3014C735F450FE822C97FFBB0627113, 1CCFE845AED1757B8C1F52D310933076FF1EC197D82E499DB4592B09D66137B0 ] C:\Windows\System32\drivers\aswMonFlt.sys
20:22:08.0786 0x168c  C:\Windows\System32\drivers\aswMonFlt.sys - ok
20:22:08.0789 0x168c  [ 8683C1B450F4B3872839308D836E0F92, C6CEEEA780D2191AEAC2537FD96324FF5501D92CE46313FB95ABB51765D919ED ] C:\Windows\System32\drivers\mbam.sys
20:22:08.0789 0x168c  C:\Windows\System32\drivers\mbam.sys - ok
20:22:08.0791 0x168c  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] C:\Windows\System32\rpcss.dll
20:22:08.0791 0x168c  C:\Windows\System32\rpcss.dll - ok
20:22:08.0795 0x168c  [ 69827805A221C21450BA22F4326A2EE3, 2580CEB58BE4AEF7DEB134F3AD251188CAED05BC992B4FA977CCD11BD583BE5E ] C:\Windows\System32\version.dll
20:22:08.0795 0x168c  C:\Windows\System32\version.dll - ok
20:22:08.0798 0x168c  [ 62D577288B48998FC6667BF22DC5B690, 2AE9E184BA655EB56488A3DEFF1C7C37B1C99EEB821E961390FCE2EFCE6D7CBF ] C:\Windows\System32\LogonUI.exe
20:22:08.0798 0x168c  C:\Windows\System32\LogonUI.exe - ok
20:22:08.0800 0x168c  [ 1BD89641D9B1012796AFADAB9A659974, F892ACD91D13CC98F21146A6E4FACB15FA36253F5B9EA0540480488097DE08F1 ] C:\Windows\System32\authui.dll
20:22:08.0800 0x168c  C:\Windows\System32\authui.dll - ok
20:22:08.0803 0x168c  [ BE3C082837866C4C291ADAF163C10EA6, 9C65ABFE6E11B05C9309B86A87ADDD3557C043D4582E1A29530EBC36D470B13D ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
20:22:08.0803 0x168c  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll - ok
20:22:08.0807 0x168c  [ 2EC53B5A351C4D443896DBAD117F7E82, E158AD22F1905B41D7975E3725D7A870FB192D7258C4330DF06CD4AC02A7CFE4 ] C:\Windows\System32\msimg32.dll
20:22:08.0807 0x168c  C:\Windows\System32\msimg32.dll - ok
20:22:08.0813 0x168c  [ 999D69DEB576C2C424294DF025891CC6, ED634C9829E87F4D016446F2E2F44B542A263F166F69EF5759BBE964A457ECBE ] C:\Windows\System32\uxtheme.dll
20:22:08.0813 0x168c  C:\Windows\System32\uxtheme.dll - ok
20:22:08.0817 0x168c  [ 33F571D9F4B0B4107E60323075F64980, A5C8FE2BDED4C10D0CB4F0AF26F644C95C613EF49AAA44CF1A0047532652C92A ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.19096_none_9e59a14eca0fa8de\GdiPlus.dll
20:22:08.0817 0x168c  C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.19096_none_9e59a14eca0fa8de\GdiPlus.dll - ok
20:22:08.0820 0x168c  [ 75EB73E64F5B4655D9797D20F26DE320, 4AA94D039AC5BD7D39766C4E2A4F7DFCDD46782D3B2483677D722949A7B790FC ] C:\Windows\System32\duser.dll
20:22:08.0820 0x168c  C:\Windows\System32\duser.dll - ok
20:22:08.0823 0x168c  [ 56B5914070B2C243DFB3D186070DA89D, 657EBC48F8AE297F76898C5417797C3542B086C40F84D32F7D76FA14893B2C08 ] C:\Windows\System32\MMDevAPI.dll
20:22:08.0823 0x168c  C:\Windows\System32\MMDevAPI.dll - ok
20:22:08.0826 0x168c  [ F42483814FC39170B3982A184EC5AAA2, DD8A1E7C6714DF07742EFDF6CA5AB93CDC547F56EB8C1066C56A68E83A818DD2 ] C:\Windows\System32\wtsapi32.dll
20:22:08.0826 0x168c  C:\Windows\System32\wtsapi32.dll - ok
20:22:08.0829 0x168c  [ D16A740186870C32941C0E61DF4F1298, 070E994DC851F9E397CCABCB2227D3E4E096463E89BF34E3C09896BF9A08C91E ] C:\Windows\System32\wintrust.dll
20:22:08.0829 0x168c  C:\Windows\System32\wintrust.dll - ok
20:22:08.0833 0x168c  [ C9244BCAC83B259B920BBEE18A97BFE1, 9EA58407433F86BAAC3B4A6C334FB3BC59032FF4EB50EFA7CD639AA56D96E908 ] C:\Windows\System32\avrt.dll
20:22:08.0833 0x168c  C:\Windows\System32\avrt.dll - ok
20:22:08.0835 0x168c  [ 1908CC7673F72601AFFDCA022689CEDF, 57E9F87421D7D7447F0BE5B6746D90DECFBCF82972E9A08E2F3943F6CDAE9F84 ] C:\Windows\System32\xmllite.dll
20:22:08.0835 0x168c  C:\Windows\System32\xmllite.dll - ok
20:22:08.0838 0x168c  [ 3437B9E218A2E4586BEF4F7A3BD00777, 01FBFA70A741B1717430FCA58F675C2154B83907BD35D75A444C191FB2C2B1A2 ] C:\Windows\System32\audiodg.exe
20:22:08.0839 0x168c  C:\Windows\System32\audiodg.exe - ok
20:22:08.0842 0x168c  [ D1A84F7D4CAFCFE2A32149FF418056E5, 1BF29E5E1C541F36DEDCD0DDCCCA0F35D19E94D2655055EE2477439940BAAFF1 ] C:\Windows\System32\nlaapi.dll
20:22:08.0842 0x168c  C:\Windows\System32\nlaapi.dll - ok
20:22:08.0844 0x168c  [ B25DBBA6C63A61FF4AFDB5ADAB4E70CB, 272C4175900FD4DD36E863BF6658AA1DB863C01573E0C89E354754938AA32EDF ] C:\Windows\System32\SmartcardCredentialProvider.dll
20:22:08.0844 0x168c  C:\Windows\System32\SmartcardCredentialProvider.dll - ok
20:22:08.0847 0x168c  [ 9DC3723519F52B6BC63EACD4BD411313, 7EA9EC9AD518AA9E575100E052CAC44EC2443501C4E133E9C7C70A05A171D239 ] C:\Windows\System32\rasplap.dll
20:22:08.0847 0x168c  C:\Windows\System32\rasplap.dll - ok
20:22:08.0850 0x168c  [ 3CB863B78642405371CB3A71C07E2382, 571D43BBB0D0D54A7D508E9D0E70CDF5F1F3B147B4F6B15EB3D893401BB6F40F ] C:\Windows\System32\rasapi32.dll
20:22:08.0850 0x168c  C:\Windows\System32\rasapi32.dll - ok
20:22:08.0853 0x168c  [ 3A1DDA77F331D107BA40DB06E4D666E9, 544A63148756AD0E993DD79F0656E73E23386BF0DA54394000044FD0972C838D ] C:\Windows\System32\rasman.dll
20:22:08.0853 0x168c  C:\Windows\System32\rasman.dll - ok
20:22:08.0856 0x168c  [ 70F08ECE7A30A639D3F0C8C433685C7D, E7B852E949D0DB9C3D63C4F49DECF9C93781142EAC6F6D66C9FC8E0027E904F4 ] C:\Windows\System32\tapi32.dll
20:22:08.0856 0x168c  C:\Windows\System32\tapi32.dll - ok
20:22:08.0859 0x168c  [ A7F8BAD9590ADDC425B4003E94780DFA, 52F742BA0DF75CBD3625808FC38119C3F417A074AB65C6CC2B07610168D89CB7 ] C:\Windows\System32\drivers\spsys.sys
20:22:08.0859 0x168c  C:\Windows\System32\drivers\spsys.sys - ok
20:22:08.0861 0x168c  [ 3D418A22A56471295AEB1CEB9027C3DA, C1D5E63B7400E6436E348AE1D9E2B3701174856DDAACE39C00134DC89497AACF ] C:\Windows\System32\rtutils.dll
20:22:08.0861 0x168c  C:\Windows\System32\rtutils.dll - ok
20:22:08.0867 0x168c  [ DC15AB7168C0309D8F04FD95B6240422, C94550429403C710A2BD26EA67AEF698522CF4826C0A4C4A7D2CBC3145AB40A6 ] C:\Windows\System32\oleacc.dll
20:22:08.0868 0x168c  C:\Windows\System32\oleacc.dll - ok
20:22:08.0872 0x168c  [ 14FF750EFE13B0C21E5A06507C3A97B1, 6962EE642FB635442D3E75CE022BAFE78FA453DD6E8E3DAC8B484C699454AF0F ] C:\Windows\System32\winmm.dll
20:22:08.0872 0x168c  C:\Windows\System32\winmm.dll - ok
20:22:08.0874 0x168c  [ 627920CFF5DFCF8CF54CF2D592D61307, 5339B6E9EA04AD8FCFF976E0DEBB62C1591980E50906DC0D11640EB6CD6CF183 ] C:\Windows\System32\WinSCard.dll
20:22:08.0874 0x168c  C:\Windows\System32\WinSCard.dll - ok
20:22:08.0880 0x168c  [ 801F1E963F7EEFFDA3F9EF89DB3EF133, AD1A7A589E6484E0063CCBCE1DD6F1C9D59C9629C11D6D6F95CD19F48F2ED33B ] C:\Windows\System32\radardt.dll
20:22:08.0880 0x168c  C:\Windows\System32\radardt.dll - ok
20:22:08.0886 0x168c  [ 70932D6C3D59B416CBD2BE5A3B3D4BE6, E2590A9E0343B5FE5CB68AFFB33D3DD5320002A5228B6316FC71468BABD19DC8 ] C:\Windows\System32\shacct.dll
20:22:08.0886 0x168c  C:\Windows\System32\shacct.dll - ok
20:22:08.0890 0x168c  [ 12A1DF1B84FB45A00D47B2CDE2CEEBBA, 66CE19049421B34597E201843577E8299462D9338B87461FDEC477D54C04DD36 ] C:\Windows\System32\shgina.dll
20:22:08.0890 0x168c  C:\Windows\System32\shgina.dll - ok
20:22:08.0894 0x168c  [ 7DACD94118E2D8B6D72F47ADEB0367BF, 6467DE36C7DB6502AF17210148194F16BE76A9BA793105FAC763536CC14CE693 ] C:\Windows\System32\propsys.dll
20:22:08.0894 0x168c  C:\Windows\System32\propsys.dll - ok
20:22:08.0898 0x168c  [ 919CC2A0476D5A6A4C935D4B88E29912, E9884E7565BAA72CEF0B805908B1B78C759074E9402CB5CC563A2F73B875DCBA ] C:\Windows\System32\ksuser.dll
20:22:08.0898 0x168c  C:\Windows\System32\ksuser.dll - ok
20:22:08.0901 0x168c  [ 4DF066ECEE5A7B20BF8B39EF4D646600, CA1859155E0187388E3C774B796A27B773C026E4D06C9193EF6B23C6990E4E8E ] C:\Windows\System32\wdmaud.drv
20:22:08.0901 0x168c  C:\Windows\System32\wdmaud.drv - ok
20:22:08.0904 0x168c  [ 7258434974EA735725FD2D4A65C5E821, 4D4BCEEDAA3B293B599CED5777E3695C8B1A07805FE84223A72A5785CA68E6F4 ] C:\Windows\System32\AudioSes.dll
20:22:08.0904 0x168c  C:\Windows\System32\AudioSes.dll - ok
20:22:08.0907 0x168c  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] C:\Windows\System32\gpsvc.dll
20:22:08.0907 0x168c  C:\Windows\System32\gpsvc.dll - ok
20:22:08.0910 0x168c  [ DB7F4AB85298F3FE522C5512B8B0F56D, A659963B55DBF26657920B718E6598F0B64975B292BA9AB5FCFB4485B5CF9DDF ] C:\Windows\System32\AudioEng.dll
20:22:08.0910 0x168c  C:\Windows\System32\AudioEng.dll - ok
20:22:08.0913 0x168c  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] C:\Windows\System32\es.dll
20:22:08.0913 0x168c  C:\Windows\System32\es.dll - ok
20:22:08.0917 0x168c  [ 409F36C8BD06FCE184631EB4142B009A, 5DEEA3B8937B9C3DD716060819E78A1C12AD00A7D0EC8CB47823B7EE856CCFE1 ] C:\Windows\System32\atl.dll
20:22:08.0917 0x168c  C:\Windows\System32\atl.dll - ok
20:22:08.0920 0x168c  [ 83199EF88D691E730B80666E29F90D58, A7D3E5CA5AE7308201159A25BE59C0A90C079F88F0D588BEA7CE98BBD2838FB0 ] C:\Windows\System32\midimap.dll
20:22:08.0920 0x168c  C:\Windows\System32\midimap.dll - ok
20:22:08.0923 0x168c  [ BDBB449425991154135E5ED1559927E6, C89AE8DD76EC8F669B5FFA9F8CBB4531743D3E1D8975B416EF2CB5AB35DB4EF2 ] C:\Windows\System32\msacm32.dll
20:22:08.0923 0x168c  C:\Windows\System32\msacm32.dll - ok
20:22:08.0926 0x168c  [ 166F004D73EA2CF4AC61800CA469458D, 7C1D83DC49505E452D7AFD843312B1B197BBB613D604BFF41FD4235B06F24EF3 ] C:\Windows\System32\msacm32.drv
20:22:08.0926 0x168c  C:\Windows\System32\msacm32.drv - ok
20:22:08.0929 0x168c  [ 296937202E4D930AAE98085B99D744D8, 65F569B7291307FD2B0F782888F18E23027A8F986CFB7B719CA53E93FA3B1367 ] C:\Windows\System32\AUDIOKSE.dll
20:22:08.0929 0x168c  C:\Windows\System32\AUDIOKSE.dll - ok
20:22:08.0932 0x168c  [ 6836D001FC733F205ACB80A7986CB6C9, C56ACEBA2597649BE1C5D00407C57FC8A9D5F9715491884E5DB0D58940CFEB34 ] C:\Windows\System32\WindowsCodecs.dll
20:22:08.0932 0x168c  C:\Windows\System32\WindowsCodecs.dll - ok
20:22:08.0935 0x168c  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] C:\Windows\System32\uxsms.dll
20:22:08.0935 0x168c  C:\Windows\System32\uxsms.dll - ok
20:22:08.0939 0x168c  [ D76EF22D86646EFE8B1B3CCBB362D4CC, AC60794FB2038EA4F59E084834770D835744691C2DC65C41698C058C92F13067 ] C:\Windows\System32\DaisyWrp.dll
20:22:08.0939 0x168c  C:\Windows\System32\DaisyWrp.dll - ok
20:22:08.0942 0x168c  [ D5CF1536137026ACDED95BF6CBF849F6, 1F98483A28319F06716F4EC4E1F48DE3B2DC07783D6406EED9B4DBADC9C17E65 ] C:\Windows\System32\WUDFPlatform.dll
20:22:08.0942 0x168c  C:\Windows\System32\WUDFPlatform.dll - ok
20:22:08.0945 0x168c  [ 6F766EB966D33DFF62810C0B3190FCF7, 1AE0BCF5D70CFDFBAF1DF6759258E8E42A2391E2808E61D1DF94FE2A2F173664 ] C:\Windows\System32\CTAPO32.dll
20:22:08.0945 0x168c  C:\Windows\System32\CTAPO32.dll - ok
20:22:08.0948 0x168c  [ 8269CC01940A202BBB9FDF26705DBD67, 70DAB5CBEB5B2855784A9F6E3A52FD36C6FE18415FB01176481F85AEF5B3E67B ] C:\Windows\System32\hid.dll
20:22:08.0948 0x168c  C:\Windows\System32\hid.dll - ok
20:22:08.0950 0x168c  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] C:\Windows\System32\drivers\lltdio.sys
20:22:08.0951 0x168c  C:\Windows\System32\drivers\lltdio.sys - ok
20:22:08.0954 0x168c  [ EC43D9CC95C3BB5FEFDBCF22D375E1F5, 088BF98E433F7E25889262549DC1C27FB0DF8C26905B5BF4A0F69AA3DA0995E5 ] C:\Windows\System32\adtschema.dll
20:22:08.0954 0x168c  C:\Windows\System32\adtschema.dll - ok
20:22:08.0956 0x168c  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] C:\Windows\System32\drivers\rspndr.sys
20:22:08.0956 0x168c  C:\Windows\System32\drivers\rspndr.sys - ok
20:22:08.0959 0x168c  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] C:\Windows\System32\dnsrslvr.dll
20:22:08.0959 0x168c  C:\Windows\System32\dnsrslvr.dll - ok
20:22:08.0962 0x168c  [ C76672234D46FA1A81547F97332EB5D6, FF2794DAA9DD8DBC3BC5B08977BDB280AE4E06846AB577A54EFCFF2B510A6B7E ] C:\Windows\System32\RtkAPO.dll
20:22:08.0962 0x168c  C:\Windows\System32\RtkAPO.dll - ok
20:22:08.0965 0x168c  [ 73F5C13B431915BAE35254B4E95DFB71, 393A045859382C44133C004598B1512048046BCC129FED2247A77FDBFCDB6DFF ] C:\Program Files\AVAST Software\Avast\AvastSvc.exe
20:22:08.0965 0x168c  C:\Program Files\AVAST Software\Avast\AvastSvc.exe - ok
20:22:08.0968 0x168c  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] C:\Windows\System32\drivers\fltMgr.sys
20:22:08.0968 0x168c  C:\Windows\System32\drivers\fltMgr.sys - ok
20:22:08.0971 0x168c  [ 57418956DDAE128D1023C508E7D07071, 94C77D511983CD139D909C3E157BA5DF579EB3D559C58CB69517B8895D591034 ] C:\Windows\System32\PSHED.DLL
20:22:08.0971 0x168c  C:\Windows\System32\PSHED.DLL - ok
20:22:08.0974 0x168c  [ 70C6489D56008D75DEDF73226FA63C11, 7AB4C89D7A259BB7DD6F24C5CA181749C3015A06B160B91593F2F1FC1E4AEDCE ] C:\Windows\System32\dimsjob.dll
20:22:08.0974 0x168c  C:\Windows\System32\dimsjob.dll - ok
20:22:08.0977 0x168c  [ 41DFDCFCEF4878407AF1F6DCCA1CE905, A2EB1BAEDE62752C5705B37D0261D98CA65EA5A6FD6A94AFF1C73FF7D969D242 ] C:\Windows\System32\WMALFXGFXDSP.dll
20:22:08.0977 0x168c  C:\Windows\System32\WMALFXGFXDSP.dll - ok
20:22:08.0981 0x168c  [ 3946A82CCD0F2086B3F4A909C05241C7, 10F04E8EAA4AEFED877028ABDFBF89A39DCEAEE401261D4ADBEC4A2F91A75910 ] C:\Program Files\AVAST Software\Avast\ashbase.dll
20:22:08.0981 0x168c  C:\Program Files\AVAST Software\Avast\ashbase.dll - ok
20:22:08.0985 0x168c  [ E582816A4855914DEFFC212E12B3B744, B59C692FE8D19A2D9615D12C6026854C3467B25B3630183D766A32A9584C3115 ] C:\Windows\System32\wsock32.dll
20:22:08.0985 0x168c  C:\Windows\System32\wsock32.dll - ok
20:22:08.0988 0x168c  [ BF142D4F8C61ED3629A9CDD7BA867900, B7928A0143945CB5F19AE888BC1ED1B9C450807A5B8C65FDC139A46777B2827F ] C:\Windows\System32\mfplat.dll
20:22:08.0988 0x168c  C:\Windows\System32\mfplat.dll - ok
20:22:08.0991 0x168c  [ 1BA6666ED0C7B576088A36E911199033, AA36977AB3C3E06BDCED4A3E3D3A466F793F9858AFECE06B8B3818A363CF6DE8 ] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
20:22:08.0991 0x168c  C:\Program Files\AVAST Software\Avast\aswCmnBS.dll - ok
20:22:08.0994 0x168c  [ B57FD7DD0FAF85F737DC3D483A9D63BB, 6A34D5C7F63BF2B60F77A5BD52EC9704DBB58778F7403429C2D286FCFED3B2A0 ] C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
20:22:08.0994 0x168c  C:\Program Files\AVAST Software\Avast\aswCmnIS.dll - ok
20:22:08.0998 0x168c  [ 4BA25D2CBE1587A841DCFB8C8C4A6EA6, B30160E759115E24425B9BCDF606EF6EBCE4657487525EDE7F1AC40B90FF7E49 ] C:\Windows\winsxs\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\msvcr110.dll
20:22:08.0998 0x168c  C:\Windows\winsxs\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\msvcr110.dll - ok
20:22:09.0001 0x168c  [ 3CED666BC61431DCD928E03ED4ABCAEA, C92FC8270B210566D4909032FFCA6D4D7332145120DEF8372C23B491BE128858 ] C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
20:22:09.0001 0x168c  C:\Program Files\AVAST Software\Avast\aswCmnOS.dll - ok
20:22:09.0004 0x168c  [ 3E29914113EC4B968BA5EB1F6D194A0A, C8D5572CA8D7624871188F0ACABC3AE60D4C5A4F6782D952B9038DE3BC28B39A ] C:\Windows\winsxs\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\msvcp110.dll
20:22:09.0004 0x168c  C:\Windows\winsxs\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\msvcp110.dll - ok
20:22:09.0008 0x168c  [ 7486BA75019D8C3A13EBA7867FAABE7D, 084A8973A9F7325241E156BD4D1218F732543C5707098F12273212B4E7A6BFE0 ] C:\Program Files\AVAST Software\Avast\avastIP.dll
20:22:09.0008 0x168c  C:\Program Files\AVAST Software\Avast\avastIP.dll - ok
20:22:09.0013 0x168c  [ 8D113C7490621FF50F9BA46C7D8C423E, 2DD3B7BBD1F849C1EE93AA3511D5D3673E5B554E06240A07EC5963BB7D7A33B6 ] C:\Program Files\AVAST Software\Avast\aswcommchannel.dll
20:22:09.0013 0x168c  C:\Program Files\AVAST Software\Avast\aswcommchannel.dll - ok
20:22:09.0015 0x168c  [ 77F8C2F976899F7656C5E34D145B13F2, C1D95B0BBE111420CE7A163E8AB90DA107BC5ADC44212EEF4CFE9D4722CC6FBC ] C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
20:22:09.0016 0x168c  C:\Program Files\AVAST Software\Avast\aswEngLdr.dll - ok
20:22:09.0019 0x168c  [ E7FFA9306A4C10B22CA1F48B1BB72E05, 60A955ED7FEEC418C54FAF2E0C0F54216BC295074FA899114BCFF566D1D76C80 ] C:\Program Files\AVAST Software\Avast\avBugReport.exe
20:22:09.0019 0x168c  C:\Program Files\AVAST Software\Avast\avBugReport.exe - ok
20:22:09.0022 0x168c  [ 5C5E3AFD499E5146FEF1DA5EF8A23205, 9A26FFAFFB26FA6549C6DA75F76238A903CA723F9DAD356FBA8D91067FE312FD ] C:\Program Files\AVAST Software\Avast\dbghelp.dll
20:22:09.0022 0x168c  C:\Program Files\AVAST Software\Avast\dbghelp.dll - ok
20:22:09.0025 0x168c  [ E63502580C17C4CC96C98817158EF65E, 6E2A6823AC443515368582BDD5A34AAC1295876A720C0452A90897CD95BCA370 ] C:\Program Files\AVAST Software\Avast\2057\Base.dll
20:22:09.0025 0x168c  C:\Program Files\AVAST Software\Avast\2057\Base.dll - ok
20:22:09.0028 0x168c  [ 10505F2B5A89B60971192505824A5EF3, D05CED486A0AEF2D36336AC0CC50F95D756DDD3A4BE741F88AEC8D43606186F4 ] C:\Program Files\AVAST Software\Avast\ssleay32.dll
20:22:09.0028 0x168c  C:\Program Files\AVAST Software\Avast\ssleay32.dll - ok
20:22:09.0031 0x168c  [ 2D44EBD52EC34E25DDA0EEE07032C418, FC2FFEF053CDAED588675E69A49AAA4202B2911C4462183AD70A8976C194FD05 ] C:\Program Files\AVAST Software\Avast\AavmRpch.dll
20:22:09.0031 0x168c  C:\Program Files\AVAST Software\Avast\AavmRpch.dll - ok
20:22:09.0034 0x168c  [ 62CC8C657AFFEA3D06FE2CA98883B5D8, BC7595D626C9D3F0769F90DC3DFF208FB807D8A20230B28EB3B9376D0D38952D ] C:\Program Files\AVAST Software\Avast\libeay32.dll
20:22:09.0034 0x168c  C:\Program Files\AVAST Software\Avast\libeay32.dll - ok
20:22:09.0037 0x168c  [ D386D51B1839E208EF7CCFBFA964638E, 56BF72AE80DFBB5A99A060591A9250BA0D4B9FDF1BEF23C87B61169D2D0EF111 ] C:\Program Files\AVAST Software\Avast\afwServ.exe
20:22:09.0037 0x168c  C:\Program Files\AVAST Software\Avast\afwServ.exe - ok
20:22:09.0041 0x168c  [ BE37D90FA0349B08B036BD33E85141C9, D3BD67325C322CCE81B5C5130E46BCBACE516637F74E13EE6244190815DD4C0B ] C:\Program Files\AVAST Software\Avast\ashServ.dll
20:22:09.0041 0x168c  C:\Program Files\AVAST Software\Avast\ashServ.dll - ok
20:22:09.0044 0x168c  [ 29FE98D9412388243E41869143D1805B, 71CB5EE45086BF76597295C1677F9C84212ABBD1BA4BB37375A64EBB89FBEC46 ] C:\Program Files\AVAST Software\Avast\aswProperty.dll
20:22:09.0044 0x168c  C:\Program Files\AVAST Software\Avast\aswProperty.dll - ok
20:22:09.0047 0x168c  [ 94820FCF95752A72BBCA3CF829AB44CB, A4D24AB8A249A44156AD6807A2E28774DC9B128D3A49503C77B3BA5700072D7D ] C:\Program Files\AVAST Software\Avast\aavm4h.dll
20:22:09.0047 0x168c  C:\Program Files\AVAST Software\Avast\aavm4h.dll - ok
20:22:09.0050 0x168c  [ E4B7E7985CB75DE4E48E96D35A0DBF97, 07A2A8D51945B9C461738EC897269CE8746AC2980F7206FBA266D86BA4AB4E67 ] C:\Program Files\AVAST Software\Avast\ashTask.dll
20:22:09.0050 0x168c  C:\Program Files\AVAST Software\Avast\ashTask.dll - ok
20:22:09.0053 0x168c  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] C:\Windows\System32\drivers\asyncmac.sys
20:22:09.0053 0x168c  C:\Windows\System32\drivers\asyncmac.sys - ok
20:22:09.0056 0x168c  [ 3211E20DA6C5EBE28CF7E4C3A55278E4, 304B5D66836B7797E6544A9996D635835A0CCBF061EB8C5537798A3B2D4C1CFF ] C:\Program Files\AVAST Software\Avast\aswAux.dll
20:22:09.0056 0x168c  C:\Program Files\AVAST Software\Avast\aswAux.dll - ok
20:22:09.0059 0x168c  [ 426082B04FEA366B232959B13C00A02F, B4E4DFC8A1493DEEB5C2AC18125EF785814C0422C6436D2F193C3A0D2D196070 ] C:\Program Files\AVAST Software\Avast\afwCoreServ.dll
20:22:09.0059 0x168c  C:\Program Files\AVAST Software\Avast\afwCoreServ.dll - ok
20:22:09.0062 0x168c  [ 44574EAFCDDA003A22E4DF3EA73840AF, DF7E7CEF8FB7A20C7BCDF3DBF841535EB596E1D015A6972CCD186A117E1BB033 ] C:\Program Files\AVAST Software\Avast\aswLog.dll
20:22:09.0062 0x168c  C:\Program Files\AVAST Software\Avast\aswLog.dll - ok
20:22:09.0065 0x168c  [ 829189FD5B9B2A08652048770F65027B, 329B743B6C3B9483BE25DF29EEBBEEE977FD3F69EB2DDB1866E1C6A455FE1246 ] C:\Program Files\AVAST Software\Avast\afwCoreClient.dll
20:22:09.0065 0x168c  C:\Program Files\AVAST Software\Avast\afwCoreClient.dll - ok
20:22:09.0068 0x168c  [ C30BEB2365677974EFA19B791E1AAD85, 17FCE54869DF45EDDA9989A9C0FBA4C94AF6F579EF78E6548E05ED20F8C0E849 ] C:\Program Files\AVAST Software\Avast\aswSqLt.dll
20:22:09.0068 0x168c  C:\Program Files\AVAST Software\Avast\aswSqLt.dll - ok
20:22:09.0071 0x168c  [ 148BD366092C1E8B0D433B577E14FC21, 33D4A068614C9EE8263F357101A6B529A3182E75BCF9308AD035B86879D41361 ] C:\Program Files\AVAST Software\Avast\afwRpc.dll
20:22:09.0071 0x168c  C:\Program Files\AVAST Software\Avast\afwRpc.dll - ok
20:22:09.0074 0x168c  [ 95884E0E8EAE21F7DF7A8916A7E058CF, D9A76E7685408ADBBA755FB3DC39948799CEB330A8C774262733F09C27972F8B ] C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
20:22:09.0074 0x168c  C:\Program Files\AVAST Software\Avast\ashTaskEx.dll - ok
20:22:09.0077 0x168c  [ 43053265169D7D068DD702E865750A85, 9AD3D097A2E9AB75BAE786E3195E7F9B8762C24DDBF4C75B8CA551ACE0A38418 ] C:\Program Files\AVAST Software\Avast\afwCore.dll
20:22:09.0077 0x168c  C:\Program Files\AVAST Software\Avast\afwCore.dll - ok
20:22:09.0080 0x168c  [ 5A9BD26D965F1E4DAC668C8F0C738FB7, 5359C2C8989C25195B3BE5B9F2FE5107F4860220AC16626F64AF2CCC606BC7CB ] C:\Program Files\AVAST Software\Avast\aswStrm.dll
20:22:09.0080 0x168c  C:\Program Files\AVAST Software\Avast\aswStrm.dll - ok
20:22:09.0083 0x168c  [ 9E462AD17956F607F43A7C957CD4CB41, 77C55AE784254153221133A91A3CEAA48465313EFD9E567DA2281206686642A5 ] C:\Program Files\AVAST Software\Avast\afwGeoIP.dll
20:22:09.0083 0x168c  C:\Program Files\AVAST Software\Avast\afwGeoIP.dll - ok
20:22:09.0084 0x168c  [ D0A95E567224B4C347CBDD6541E5D928, 6CF5AA0B5C48B783A8C300B95E8C75366BC0859B434ACBE5D334AC987462886E ] C:\Windows\System32\wscisvif.dll
20:22:09.0084 0x168c  C:\Windows\System32\wscisvif.dll - ok
20:22:09.0087 0x168c  [ A0F4852A5DB9754BEC06F84B400AE743, B233988541B738FC8082F6A286A88DE40679476D3914E9E541D75B89E451C476 ] C:\Windows\System32\wscapi.dll
20:22:09.0087 0x168c  C:\Windows\System32\wscapi.dll - ok
20:22:09.0090 0x168c  [ CA0B849566776A17F35F0339BE17DFD9, 527FFE08A427703F3620DB7C44E096A7F9D0C88AD1FD8F0623815B7E7D78687A ] C:\Windows\System32\ktmw32.dll
20:22:09.0090 0x168c  C:\Windows\System32\ktmw32.dll - ok
20:22:09.0093 0x168c  [ 8EC440BAD50FAE69F29F25D4EC3C0BA9, 121FB4704A1AB3697EAA486AF1AD3F1311B2E73964B5ED3DC763A262D9076A37 ] C:\Program Files\AVAST Software\Avast\defs\14081700\aswEngin.dll
20:22:09.0093 0x168c  C:\Program Files\AVAST Software\Avast\defs\14081700\aswEngin.dll - ok
20:22:09.0100 0x168c  [ 9474AD3584430D24DA87517F9DB0CBB2, 62AF2AD461E255B2B646F7462A7F2592BC7CE2FCAC980F09B5E8AC54F3C912D0 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\comctl32.dll
20:22:09.0100 0x168c  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\comctl32.dll - ok
20:22:09.0103 0x168c  [ 547AA2A17C792C10E9CF8804CE145EEE, DEE9FD29B8CE626ABFF64B12C7D0A7DCAE4787ADCC803417DDBB917CA28CB0F9 ] C:\Program Files\AVAST Software\Avast\defs\14081700\aswCmnIS.dll
20:22:09.0104 0x168c  C:\Program Files\AVAST Software\Avast\defs\14081700\aswCmnIS.dll - ok
20:22:09.0107 0x168c  [ DC3E3C293A03541045D76491F10F330B, 12B65CB74CFC3C0ABDD62C6F84CB84D2909F5F56D059D77A65D4CE18C2E24FC3 ] C:\Program Files\AVAST Software\Avast\defs\14081700\aswCmnOS.dll
20:22:09.0108 0x168c  C:\Program Files\AVAST Software\Avast\defs\14081700\aswCmnOS.dll - ok
20:22:09.0110 0x168c  [ 73FE2E5FA55088A241AA2732F5D387D6, EB8822FD08C0C85441BBE86FE55349BFE2D8297A042249B2934B44121D132CCB ] C:\Windows\System32\wiarpc.dll
20:22:09.0111 0x168c  C:\Windows\System32\wiarpc.dll - ok
20:22:09.0115 0x168c  [ 20AE7E93B2C36A09B1B70D9D4EAA9475, ACDA755D008310361480B5A80912BE9A4B2914E3D28BD6A2DB591FC6CE9955F6 ] C:\Program Files\AVAST Software\Avast\defs\14081700\aswCmnBS.dll
20:22:09.0115 0x168c  C:\Program Files\AVAST Software\Avast\defs\14081700\aswCmnBS.dll - ok
20:22:09.0118 0x168c  [ 0EF334711734C266060EE600DB957E4D, AF3A782578E632386D219600E36DBE6C4B31B550273F10A7094F3473885FC00C ] C:\Program Files\AVAST Software\Avast\defs\14081700\aswScan.dll
20:22:09.0118 0x168c  C:\Program Files\AVAST Software\Avast\defs\14081700\aswScan.dll - ok
20:22:09.0121 0x168c  [ 2A6A2C09ECC2CB495628E45F1379ECE8, 4E9232EB29AEA58C4EC5B505301F01F62EFB0C1BC5F8B5F9CE1B4C91284FD97D ] C:\Windows\System32\taskcomp.dll
20:22:09.0121 0x168c  C:\Windows\System32\taskcomp.dll - ok
20:22:09.0125 0x168c  [ FA72A403D49F9879E5BF5B8964462C49, F4A7ED75D84BB458057581C302D5B96C0DB9ADDFB3F5B01E80B1E4F44D50609E ] C:\Program Files\AVAST Software\Avast\defs\14081700\aswRep.dll
20:22:09.0125 0x168c  C:\Program Files\AVAST Software\Avast\defs\14081700\aswRep.dll - ok
20:22:09.0129 0x168c  [ 5E32E7C5542D95E04E8ABE8B3F676D11, E1B5958ABE040C581A3B580F26372C7AC58A610877BB0C1D33A03D7C754AF172 ] C:\Program Files\AVAST Software\Avast\defs\14081700\aswFiDb.dll
20:22:09.0129 0x168c  C:\Program Files\AVAST Software\Avast\defs\14081700\aswFiDb.dll - ok
20:22:09.0132 0x168c  [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] C:\Windows\System32\drivers\http.sys
20:22:09.0132 0x168c  C:\Windows\System32\drivers\http.sys - ok
20:22:09.0135 0x168c  [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] C:\Windows\System32\drivers\srvnet.sys
20:22:09.0135 0x168c  C:\Windows\System32\drivers\srvnet.sys - ok
20:22:09.0139 0x168c  [ E79FDA8D320147FDC347C504B3487F87, 7BAF7C9828A285875BCF92EF33E1F0F5A2ED8A25289333985A9428E2913DF3CC ] C:\Windows\System32\spoolss.dll
20:22:09.0139 0x168c  C:\Windows\System32\spoolss.dll - ok
20:22:09.0142 0x168c  [ EE16F3E01C4A6C77383F1BBBD10AD6C2, 204BF3757B362EDBCEC29C0576B7F666D6B9422C72491F4C566B27D20F45A031 ] C:\Windows\System32\FWPUCLNT.DLL
20:22:09.0142 0x168c  C:\Windows\System32\FWPUCLNT.DLL - ok
20:22:09.0144 0x168c  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] C:\Windows\System32\drivers\bowser.sys
20:22:09.0144 0x168c  C:\Windows\System32\drivers\bowser.sys - ok
20:22:09.0147 0x168c  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] C:\Windows\System32\drivers\mpsdrv.sys
20:22:09.0147 0x168c  C:\Windows\System32\drivers\mpsdrv.sys - ok
20:22:09.0150 0x168c  [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] C:\Windows\System32\drivers\mrxdav.sys
20:22:09.0150 0x168c  C:\Windows\System32\drivers\mrxdav.sys - ok
20:22:09.0153 0x168c  [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] C:\Windows\System32\drivers\mrxsmb.sys
20:22:09.0153 0x168c  C:\Windows\System32\drivers\mrxsmb.sys - ok
20:22:09.0156 0x168c  [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] C:\Windows\System32\drivers\mrxsmb10.sys
20:22:09.0156 0x168c  C:\Windows\System32\drivers\mrxsmb10.sys - ok
20:22:09.0159 0x168c  [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] C:\Windows\System32\drivers\mrxsmb20.sys
20:22:09.0159 0x168c  C:\Windows\System32\drivers\mrxsmb20.sys - ok
20:22:09.0162 0x168c  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] C:\Windows\System32\drivers\srv2.sys
20:22:09.0162 0x168c  C:\Windows\System32\drivers\srv2.sys - ok
20:22:09.0165 0x168c  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] C:\Windows\System32\MPSSVC.dll
20:22:09.0165 0x168c  C:\Windows\System32\MPSSVC.dll - ok
20:22:09.0168 0x168c  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] C:\Windows\System32\drivers\srv.sys
20:22:09.0168 0x168c  C:\Windows\System32\drivers\srv.sys - ok
20:22:09.0171 0x168c  [ DD7C647E9E83EE382B438F8805889290, BFA8DDCA3E42BECDD4C8E2E83D63F33D3F0DDEA8EDBABB175843DBC5CAF31714 ] C:\Program Files\AVAST Software\Avast\defs\14081700\algo.dll
20:22:09.0171 0x168c  C:\Program Files\AVAST Software\Avast\defs\14081700\algo.dll - ok
20:22:09.0176 0x168c  [ A324D72A06C110152E7607745F39BFA1, 7E33A108B090840FC98953358216A1D84C122D965E37B37335B0EF6152CA9FC0 ] C:\Windows\System32\netmsg.dll
20:22:09.0176 0x168c  C:\Windows\System32\netmsg.dll - ok
20:22:09.0180 0x168c  [ 0745D6EAD386710110817FBEC03F5161, FF725C5361087985973BA21DF9BD37B96377CB3305B8BBA99DD3368D440CEAD1 ] C:\Windows\System32\wfapigp.dll
20:22:09.0180 0x168c  C:\Windows\System32\wfapigp.dll - ok
20:22:09.0183 0x168c  [ 452341E471D2D961229DFE0842957272, 43C3DEEFCD27F10DCFF81D8637EBDE5050ADC3E530A5DCC459D1CFF80BFD0067 ] C:\Windows\System32\sscore.dll
20:22:09.0183 0x168c  C:\Windows\System32\sscore.dll - ok
20:22:09.0186 0x168c  [ 5F1DEC3824E566457F53F24F493FEF08, 8ED9B269E5195BD11FF7ED6EBBC19FA32027AD068DF357660C9E5084922329B5 ] C:\Windows\System32\mscms.dll
20:22:09.0186 0x168c  C:\Windows\System32\mscms.dll - ok
20:22:09.0189 0x168c  [ D333058925CE305E39DE8D5AD2B52A46, 29E40E6DCAB4F3559B34A848AEDA34B5D436C9167565856451028DE25A529EDF ] C:\Windows\System32\clusapi.dll
20:22:09.0189 0x168c  C:\Windows\System32\clusapi.dll - ok
20:22:09.0192 0x168c  [ 6468C3FF6D0C7874FA8C619AF3E23B22, 2A8A01D5164453544A9DD1B850C24B82EFE6ACAABED56084B8A0388AC383802B ] C:\Windows\System32\activeds.dll
20:22:09.0192 0x168c  C:\Windows\System32\activeds.dll - ok
20:22:09.0195 0x168c  [ 4A1E806032413883BAF1E9A6047BC668, 4D8EA2B36B57C7ABF131193B9C23B1A7209A3464C2716C471C7F8C11E0FA9E62 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelEvents.dll
20:22:09.0195 0x168c  C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelEvents.dll - ok
20:22:09.0198 0x168c  [ E9B9C1B98C8D6D48407E1C1203EAC659, A7B836B37935475E7D7277F9A7828E347B2EBD14958836499E5610AC5A922265 ] C:\Windows\System32\adsldpc.dll
20:22:09.0198 0x168c  C:\Windows\System32\adsldpc.dll - ok
20:22:09.0200 0x168c  [ E230F3776F373F4C5E788794B53101E4, 5E1B28C8A0EC67F1EC720AC7800021288A69B4E13C5DF3603EC4FCCDBE42DAFA ] C:\Windows\System32\plasrv.exe
20:22:09.0200 0x168c  C:\Windows\System32\plasrv.exe - ok
20:22:09.0203 0x168c  [ 93E317D7AD783D8EAEE2E3500BFE889D, 12D3ACCBF470E025EEBD77CF3407964950DADCF6991959A97B5319A9FAE219C1 ] C:\Windows\System32\credui.dll
20:22:09.0203 0x168c  C:\Windows\System32\credui.dll - ok
20:22:09.0206 0x168c  [ B9F3FF52B84FD9E3CAFB29B8EE385E5B, 3944E3C0FCD8E927A8A6470D8A603C96D298695AE62831DBE6DA656C5D74EC05 ] C:\Windows\System32\resutils.dll
20:22:09.0206 0x168c  C:\Windows\System32\resutils.dll - ok
20:22:09.0209 0x168c  [ 0B7E753C9B148C3EEE59A5AF9D276D87, FF9844B2249C678FBC19F5CAE5E3570CCFCC5F9CA9DF354B5B0296FA70FB7DEA ] C:\Program Files\AVAST Software\Avast\defs\14081700\fwAux.dll
20:22:09.0209 0x168c  C:\Program Files\AVAST Software\Avast\defs\14081700\fwAux.dll - ok
20:22:09.0213 0x168c  [ A9542FF2E9A82CF100E5729EC79068F0, DE0E39246536BD63CC5DFF8CE9E379121126573AB284BAD3782E5B217239F858 ] C:\Windows\System32\fltLib.dll
20:22:09.0213 0x168c  C:\Windows\System32\fltLib.dll - ok
20:22:09.0216 0x168c  [ E693A3AC10F2FC6AA0DB865A04108022, D1286A49D82796831FE985E90CE35DCAB8A1DBCFFEF460CC9E5676730C693892 ] C:\Program Files\AVAST Software\Avast\AhResMai.dll
20:22:09.0216 0x168c  C:\Program Files\AVAST Software\Avast\AhResMai.dll - ok
20:22:09.0219 0x168c  [ 906134B67DE4E08AFECB562F1C1AF4C6, 9EEA2BBA5BE5C2A43D7AA41091C1FAB1BD608291CE777D19E011D91638EBB987 ] C:\Program Files\AVAST Software\Avast\AhResSpm.dll
20:22:09.0219 0x168c  C:\Program Files\AVAST Software\Avast\AhResSpm.dll - ok
20:22:09.0222 0x168c  [ 33EDF6CCC9DEB9E6EFD8D7FC423D6123, 272C775A6026CDD6A1E4FE7E6712E5BD39240C34929074AE0817FD9CD428A33E ] C:\Program Files\AVAST Software\Avast\AhResStd.dll
20:22:09.0222 0x168c  C:\Program Files\AVAST Software\Avast\AhResStd.dll - ok
20:22:09.0225 0x168c  [ 0ACFC95EE2AF5C5E568621D097CC4FA2, 99B94A7AAA24CFC276C518910FE69380A306AE435D7FE97BDF41D0B25E7F0A71 ] C:\Program Files\AVAST Software\Avast\AhResWS.dll
20:22:09.0225 0x168c  C:\Program Files\AVAST Software\Avast\AhResWS.dll - ok
20:22:09.0229 0x168c  [ 2122FEEF03BCB6CFE5C67483666B2A62, D4D8DA36518BD6BF338E5FB39EBB6F3851AC48CE6578B447BB1641637161526E ] C:\Program Files\AVAST Software\Avast\AhResWS2.dll
20:22:09.0229 0x168c  C:\Program Files\AVAST Software\Avast\AhResWS2.dll - ok
20:22:09.0232 0x168c  [ 17C0E094BEE5BC03CF491972F71AA6EF, 801E500A8B3C6DC7881E1C26AD3AFF4D105D5F2C8F58AFED84EF1A101F3AC10A ] C:\Windows\System32\wlanapi.dll
20:22:09.0232 0x168c  C:\Windows\System32\wlanapi.dll - ok
20:22:09.0235 0x168c  [ B64AC7967D6B9FB2D6152AC768A1CB88, D4F46C3DCAE8A7578102961285BB90BFE1BDE31028CC56E2CEFE0DE8FF32FB85 ] C:\Windows\System32\onex.dll
20:22:09.0235 0x168c  C:\Windows\System32\onex.dll - ok
20:22:09.0238 0x168c  [ 9D9FFC923FADBB575E0452EA0BBB15BD, 700A292EFEC71EDF2EF7F20D147F6E23E0FAA5BAF1D930CB96C40FC70D206D35 ] C:\Windows\System32\eappprxy.dll
20:22:09.0238 0x168c  C:\Windows\System32\eappprxy.dll - ok
20:22:09.0241 0x168c  [ 5D0FE613570CABE3992F7DBCD68E61D1, 68A6D6DA722E9A5120DE240194F9682ACBB485CEBDD8A6A099AE0E76359302B9 ] C:\Windows\System32\eappcfg.dll
20:22:09.0241 0x168c  C:\Windows\System32\eappcfg.dll - ok
20:22:09.0243 0x168c  [ EB2170D0DDF3B2A92506AE16BC524B0B, 95E296024DC16657BA36DB72E7AB774C68A6F8029B2ACB18460FC50E44AE5DA9 ] C:\Windows\System32\wlanutil.dll
20:22:09.0243 0x168c  C:\Windows\System32\wlanutil.dll - ok
20:22:09.0246 0x168c  [ E98E402067978DB38282158F9E8609CA, 63AA9BA292F5A62C0B6C668BE27E4B0BF1761CD5D961D405CAEDE2DC7C54A2E2 ] C:\Windows\System32\netshell.dll
20:22:09.0246 0x168c  C:\Windows\System32\netshell.dll - ok
20:22:09.0249 0x168c  [ 8074FB74D7E599BAFEA3691DC1381E2F, 1690407E840CE567F7EA76B9826C7881486653847D5CC79701B1257414BCEEBE ] C:\Program Files\AVAST Software\Avast\ashmaisv.dll
20:22:09.0249 0x168c  C:\Program Files\AVAST Software\Avast\ashmaisv.dll - ok
20:22:09.0252 0x168c  [ 90EB173A54E28CA09B89D4AFDEBC2F1A, 3657D6E7BB40DAB75C2F06AA13C1EFB87EC1B9777792D821987162F30A1AA6AB ] C:\Program Files\AVAST Software\Avast\defs\14081700\exts.dll
20:22:09.0252 0x168c  C:\Program Files\AVAST Software\Avast\defs\14081700\exts.dll - ok
20:22:09.0255 0x168c  [ E67F6199A9AE98AB4A53150A6EB6DAC3, 1AD07FFF6249E381DB42C034509ECC3437A299239FBFFE7B235F0EE66B8978E6 ] C:\Program Files\AVAST Software\Avast\ashWebSv.dll
20:22:09.0255 0x168c  C:\Program Files\AVAST Software\Avast\ashWebSv.dll - ok
20:22:09.0258 0x168c  [ C411C80F90D6732380352B98B37BBD53, FC5A45F208072249CAA1CA9A602FEBAD24A87166628275AC15FE37B7EEF00A40 ] C:\Windows\System32\winrnr.dll
20:22:09.0258 0x168c  C:\Windows\System32\winrnr.dll - ok
20:22:09.0261 0x168c  [ A7D525E5C0D91C8C1D84C6BCD25AD77D, BD3D51E302587E33901E5995367B6227743D2385F1420E12C712A62063150318 ] C:\Windows\System32\rasadhlp.dll
20:22:09.0261 0x168c  C:\Windows\System32\rasadhlp.dll - ok
20:22:09.0264 0x168c  [ C5164F0E10AAA9F38E90036FE9F3E99F, 7CCDF70DE476A6177F08F5A02B6CC3A100C6CDF6C146BEF9DAE77D3C3ACCD876 ] C:\Program Files\AVAST Software\Avast\ashWsFtr.dll
20:22:09.0264 0x168c  C:\Program Files\AVAST Software\Avast\ashWsFtr.dll - ok
20:22:09.0267 0x168c  [ 0A990AFB9F2726323D61C8ECB8B70B17, 27BC7CBFFB211DE930C7FA97DCDCA783CC74987EDB5FC17D33C422E93BA91242 ] C:\Windows\System32\security.dll
20:22:09.0267 0x168c  C:\Windows\System32\security.dll - ok
20:22:09.0270 0x168c  [ 0637FE70271FD13F5F45405F1ABC858A, 8996A35FE417320B9C7D0DD71FDD78BC7806A2853CBB4BF7BC80C69D08B14DB7 ] C:\Program Files\AVAST Software\Avast\aswSpam.dll
20:22:09.0270 0x168c  C:\Program Files\AVAST Software\Avast\aswSpam.dll - ok
20:22:09.0273 0x168c  [ ADEC2C33C3B5931CA842BE8155FAB66A, AD35806A89FE8E0A6894BC089B96DE35845CBAC55C6496D862EEE2BEF53B0946 ] C:\Program Files\AVAST Software\Avast\winspamcatcher.dll
20:22:09.0273 0x168c  C:\Program Files\AVAST Software\Avast\winspamcatcher.dll - ok
20:22:09.0276 0x168c  [ 2080DCEBE27D92F29AAB5FCFF77613A2, EBBBB3E92B01F1F1FF6330AFFA7D8C281AB5BB9AEE1C900F5CF1AAF1E6813E42 ] C:\Program Files\AVAST Software\Avast\setup\instup.exe
20:22:09.0276 0x168c  C:\Program Files\AVAST Software\Avast\setup\instup.exe - ok
20:22:09.0279 0x168c  [ 863144CF4095F9FD99B884644F84645B, C2A731F2DAD56235ACB7A66493FFFC8D0CC64092B3FAAA38276227B893877EBE ] C:\Program Files\AVAST Software\Avast\setup\instup.dll
20:22:09.0279 0x168c  C:\Program Files\AVAST Software\Avast\setup\instup.dll - ok
20:22:09.0282 0x168c  [ 80BD4B26E2CBC0D65445D0463DFF6FC2, 3C36ACAABF7D0EE528424599E151DC9D19A1D2D50E97CAA141E427774F11076D ] C:\Windows\System32\oledlg.dll
20:22:09.0282 0x168c  C:\Windows\System32\oledlg.dll - ok
20:22:09.0285 0x168c  [ 5EC8FB83F31AA2D6F421F02C3F4F4475, CC325D32700AED6CEA6FA1190C04FEDA9A52DABB3E47D3923BA9BBE06A5EB556 ] C:\Windows\System32\winspool.drv
20:22:09.0285 0x168c  C:\Windows\System32\winspool.drv - ok
20:22:09.0288 0x168c  [ 1DACD1530C6E58AEAE9F6DE7DA851935, 923C936B935BDCCBE7DD0D6F2921CFA5980FC15F950E29B72E649AC0B9867EB2 ] C:\Windows\System32\shimeng.dll
20:22:09.0288 0x168c  C:\Windows\System32\shimeng.dll - ok
20:22:09.0290 0x168c  [ 62EF42A999F202B75BD6CCE2A410C1B4, D3F82E7A8CC2D66C49F06E33EA1C3DACD77780BB779DE4991596FD6DBE1EBB12 ] C:\Program Files\AVAST Software\Avast\defs\14081700\aswAR.dll
20:22:09.0290 0x168c  C:\Program Files\AVAST Software\Avast\defs\14081700\aswAR.dll - ok
20:22:09.0293 0x168c  [ 81D5C2D6232FCDBC7916AF659B12C8B7, F70F355E75AE0F1674BC31F743BD6D6B11DF90D37B5F6E19032ADCAD88FF6AE5 ] C:\Program Files\AVAST Software\Avast\defs\14081700\aswRawFS.dll
20:22:09.0294 0x168c  C:\Program Files\AVAST Software\Avast\defs\14081700\aswRawFS.dll - ok
20:22:09.0297 0x168c  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:22:09.0297 0x168c  C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
20:22:09.0300 0x168c  [ CDBE9690CF2B8409FACAD94FAC9479C9, 8E7FE1A1F3550C479FFD86A77BC9D10686D47F8727025BB891D8F4F0259354C8 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
20:22:09.0300 0x168c  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
20:22:09.0305 0x168c  [ 330A1E4DF07C2E29949ED8631CD8828E, 139127405B2D635B0252FF8D7308D671546F20B051C93C50A9013E7AB9D54835 ] C:\Windows\System32\AERTSrv.exe
20:22:09.0305 0x168c  C:\Windows\System32\AERTSrv.exe - ok
20:22:09.0310 0x168c  [ 3BFBB5DAE801CB893B8B46345FED6437, 2C2B71C1294585265D4871E74F17541500CA20DE34AC516F2A906DD81964C833 ] C:\Windows\System32\drivers\aswHwid.sys
20:22:09.0310 0x168c  C:\Windows\System32\drivers\aswHwid.sys - ok
20:22:09.0315 0x168c  [ E7D0F91E44D9D3B2116FA549BDCDB756, 96363C567D7BAE7F8D3DE763AF84A1DDD6F2B0B7C790FD1CC3D5D0197E64868F ] C:\Windows\System32\wdscore.dll
20:22:09.0315 0x168c  C:\Windows\System32\wdscore.dll - ok
20:22:09.0318 0x168c  [ AD48183027CAFCEBC322CB9CAC60F9B8, 08ABF5E3E8ABAFEC30C97B59711DB1094A1A7C515B161856547FEFF95397C4B6 ] C:\Windows\System32\WSDApi.dll
20:22:09.0318 0x168c  C:\Windows\System32\WSDApi.dll - ok
20:22:09.0322 0x168c  [ 52E129522C1775DBB8CC252E7A0655C7, 5A3946551605380998FB83EBF6DC88279876F968754A0DFB9D5D91C906228E2A ] C:\Windows\System32\taskschd.dll
20:22:09.0322 0x168c  C:\Windows\System32\taskschd.dll - ok
20:22:09.0325 0x168c  [ F86293D93760C70ADF4F19E66E3FA5E8, 444C1B9321D40A0EAB29BBBE72E400A47384D5ED60531441F7D0CDDFFB0244D2 ] C:\Windows\System32\httpapi.dll
20:22:09.0325 0x168c  C:\Windows\System32\httpapi.dll - ok
20:22:09.0328 0x168c  [ 17FC3EDA0162F513E858B8C8FA7FA6E0, 6A1EE9DA1AB4A038258B6343E28C6F288AAFBBF3075C88BFBADB98C763F906AC ] C:\Windows\System32\vssapi.dll
20:22:09.0328 0x168c  C:\Windows\System32\vssapi.dll - ok
20:22:09.0331 0x168c  [ 4EDA94333BDB75B1BC0A7610BED34F00, 093FBB55253B8B4168D64DC0518D812C90D6BCFBB2DFA5A441BF339F3634FF84 ] C:\Windows\System32\fundisc.dll
20:22:09.0332 0x168c  C:\Windows\System32\fundisc.dll - ok
20:22:09.0335 0x168c  [ BE01E566D1F569AAB32D0335613E1EEA, 997B248BFBDB290206A8496722D6102903634EC0D397694569BC237A681C088F ] C:\Windows\System32\dllhost.exe
20:22:09.0335 0x168c  C:\Windows\System32\dllhost.exe - ok
20:22:09.0337 0x168c  [ DC3AE9F1554DCD97F90983DDBDACD83D, 9D3B4E273FDDA77B5B8A258525FA44616C184E58CE1312B47512AAAD5915E073 ] C:\Windows\System32\vsstrace.dll
20:22:09.0337 0x168c  C:\Windows\System32\vsstrace.dll - ok
20:22:09.0340 0x168c  [ 71B479749F0F52C4FEC726C6FFA2CE1C, ED0F1D94620696941E9633F55AC4130EFBDA3B883CA356BB34D268F4FC7F94F1 ] C:\Windows\System32\cryptnet.dll
20:22:09.0340 0x168c  C:\Windows\System32\cryptnet.dll - ok
20:22:09.0343 0x168c  [ D0D44370770D491E6BA472C855883422, 53DF6D40663F5FDF0C20D5561C64CC6C25876593C74F34B6275FA215BFA7CE44 ] C:\Windows\System32\msxml3.dll
20:22:09.0343 0x168c  C:\Windows\System32\msxml3.dll - ok
20:22:09.0346 0x168c  [ 3D50C4B10352367D5CB20ED1F50F8DA2, 03C2732F2DF18CE8CC3CB9EBF2F811A2333C96D8BBC9111F6CCE15A09D8E63E6 ] C:\Windows\System32\taskeng.exe
20:22:09.0346 0x168c  C:\Windows\System32\taskeng.exe - ok
20:22:09.0360 0x168c  [ 5DC84FEF6A9050019678C30B1D01C8E8, 923B1CDAEDF153FA280EF301A8BEE0F44DF4B13716A8FE6B0785433F85884D6C ] C:\Program Files\HDD Health\HDDHealthService.exe
20:22:09.0360 0x168c  C:\Program Files\HDD Health\HDDHealthService.exe - ok
20:22:09.0364 0x168c  [ 3CD1B69551236977918E60F9543C89A2, 75468494E37A0C0CF3F182C49A5B45C92661E2C64491418714B9F347138F8492 ] C:\Windows\System32\AtBroker.exe
20:22:09.0364 0x168c  C:\Windows\System32\AtBroker.exe - ok
20:22:09.0368 0x168c  [ EC760B0B76A4353DE49D66520EB2141F, ADBF30D100D3837C35695B1ABE3E7EB03FD6B9200B9C1C337325D9E0A3A3ACE4 ] C:\Windows\System32\SensApi.dll
20:22:09.0368 0x168c  C:\Windows\System32\SensApi.dll - ok
20:22:09.0371 0x168c  [ 0E37FBFA79D349D672456923EC5FBBE3, 8793353461826FBD48F25EA8B835BE204B758CE7510DB2AF631B28850355BD18 ] C:\Windows\System32\msvcr100.dll
20:22:09.0371 0x168c  C:\Windows\System32\msvcr100.dll - ok
20:22:09.0375 0x168c  [ 0E135526E9785D085BCD9AEDE6FBCBF9, 75EEA7E5AE90D857B777361A0166F9A82E354F229FD5250AF8738364E6FB45DB ] C:\Windows\System32\userinit.exe
20:22:09.0375 0x168c  C:\Windows\System32\userinit.exe - ok
20:22:09.0378 0x168c  [ E45051C374F845EDF3DB02A35BA13193, A42F9E45F7B6733AE4FB9A10E8CEB30508CAE94AC0CFC4CDF352AC2D153A0957 ] C:\Windows\System32\umb.dll
20:22:09.0378 0x168c  C:\Windows\System32\umb.dll - ok
20:22:09.0381 0x168c  [ 9B96F6952186336CC6E3D4E08BE2E0AF, B7DFB14DB60D84062B7E2A2293A4F3F5EF986108EF3C9C1E1CDC284F61981731 ] C:\Windows\System32\dwmapi.dll
20:22:09.0381 0x168c  C:\Windows\System32\dwmapi.dll - ok
20:22:09.0384 0x168c  [ 63396CBB1365769D520E0FD89C2419F2, 897613C16C11E3836F75EA5E645DB2ECEF99B403F50F6E7361B4A7CC80C54904 ] C:\Windows\System32\localspl.dll
20:22:09.0384 0x168c  C:\Windows\System32\localspl.dll - ok
20:22:09.0386 0x168c  [ B11FDCA4410D6252964EF97F9A47DE74, 085EDBF22392265B35F0D8A73B1B5DFC0D1CEB4C3493F11361BF4CF6C2223FC5 ] C:\Windows\System32\TSChannel.dll
20:22:09.0387 0x168c  C:\Windows\System32\TSChannel.dll - ok
20:22:09.0389 0x168c  [ F4E1AA5D59C849A4AB47E895DC76B9C8, 0C93E63372D619393D9DDD3EFCA2317A6652276A9FDE0530CD2A06135EE6B46D ] C:\Windows\System32\sfc.dll
20:22:09.0389 0x168c  C:\Windows\System32\sfc.dll - ok
20:22:09.0394 0x168c  [ D80C6539C00CB4F5D59066865479C308, 53AC27856FC65361FEA6FDF97A94ABEC530AB81113A64428E9F9F8618DCE6D4B ] C:\Windows\System32\dwmredir.dll
20:22:09.0394 0x168c  C:\Windows\System32\dwmredir.dll - ok
20:22:09.0396 0x168c  [ BB0EB921877A1A7EF15AE2D97A71CBA9, 8F197D95D054A67AA01131ABFFF37743004D6A270D45D37C753EC07AB9461F94 ] C:\Windows\System32\tcpmon.dll
20:22:09.0396 0x168c  C:\Windows\System32\tcpmon.dll - ok
20:22:09.0399 0x168c  [ AF24A9DF84637BF9858EC6FB88EBA7B2, 0F77BA28FACD1E0BD8C9C8AB7F89EBCF095C6A9D1522FA7158E848ACE3446B4C ] C:\Windows\System32\snmpapi.dll
20:22:09.0399 0x168c  C:\Windows\System32\snmpapi.dll - ok
20:22:09.0403 0x168c  [ 1EDE113859276E4B0F19B80F39E2CC95, 5467FBB97D1A192B720644A008752C27D14287998B328AF8FFF6DB4CB95D92EE ] C:\Windows\System32\wsnmp32.dll
20:22:09.0403 0x168c  C:\Windows\System32\wsnmp32.dll - ok
20:22:09.0406 0x168c  [ C99403A5B641520DAED0021DDA06F272, 5E337BDA9D4899A7102F35592766F24699F41BE27A18D0EDF4902B27BE9EA0AF ] C:\Windows\System32\milcore.dll
20:22:09.0406 0x168c  C:\Windows\System32\milcore.dll - ok
20:22:09.0409 0x168c  [ D07D4C3038F3578FFCE1C0237F2A1253, 135DD05678C8997B45982D77298DBDD98061C9D4FE43D77866846012EB061A04 ] C:\Windows\explorer.exe
20:22:09.0409 0x168c  C:\Windows\explorer.exe - ok
20:22:09.0413 0x168c  [ 1E06779EDB55D035DD3F4A2B7432A291, 247E0A741C23D2C9CA1784CECF63211EA0D4ED924CDA866DAA6F51256230BB32 ] C:\Windows\System32\msxml6.dll
20:22:09.0413 0x168c  C:\Windows\System32\msxml6.dll - ok
20:22:09.0415 0x168c  [ 5091452DC719281CF1DD69367E13B494, 565345BA7155D82503445AF74DFC3D34BC58B230DD5AEF32A0DDF41C200576C9 ] C:\Windows\System32\tcpmib.dll
20:22:09.0415 0x168c  C:\Windows\System32\tcpmib.dll - ok
20:22:09.0419 0x168c  [ B4F5DE3DAD8E6B97272F45DB97674878, 31136700BE3EDACBD1FC6E795F607950A5ECD8129898C57D74B3CE6573DD250E ] C:\Windows\System32\mgmtapi.dll
20:22:09.0419 0x168c  C:\Windows\System32\mgmtapi.dll - ok
20:22:09.0421 0x168c  [ 0BF0BB276F17B6AD61A8694D2551EC28, 4A2843F02DC6A83BDB3A6602FCAEA50D8C11AD32E5B4B070095C59D6B35AF51D ] C:\Windows\System32\usbmon.dll
20:22:09.0421 0x168c  C:\Windows\System32\usbmon.dll - ok
20:22:09.0424 0x168c  [ 2A356FA2650E30E139F0476979548BF6, C11BC218A72A6978E0590FD09CC0EDD8800B497441777F2A282DAF8F14F5AB76 ] C:\Program Files\Real\RealUpgrade\realupgrade.exe
20:22:09.0424 0x168c  C:\Program Files\Real\RealUpgrade\realupgrade.exe - ok
20:22:09.0427 0x168c  [ BC83108B18756547013ED443B8CDB31B, B2AD109C15EAA92079582787B7772BA0A2F034F7D075907FF87028DF0EAEA671 ] C:\Windows\System32\msvcp100.dll
20:22:09.0427 0x168c  C:\Windows\System32\msvcp100.dll - ok
20:22:09.0430 0x168c  [ 4BC55ED4E547AD01F692853AE208461A, 1615A10AC09D6627FC2705D6301553E1991E80A864A87E38611B1357C78599BA ] C:\Program Files\Malwarebytes Anti-Exploit\mbae-svc.exe
20:22:09.0430 0x168c  C:\Program Files\Malwarebytes Anti-Exploit\mbae-svc.exe - ok
20:22:09.0433 0x168c  [ 0EB1CC5EBFCAAB7DBAEE881E2887F7F9, 0D9AEEDE0B46C104A9472C214B3A6D695972451B5EB6E16D80093EA93CF8ABBE ] C:\Windows\System32\WSDMon.dll
20:22:09.0433 0x168c  C:\Windows\System32\WSDMon.dll - ok
20:22:09.0436 0x168c  [ 8AAEEE8E59A70F37579993D118A34EE0, 9DC8618557B0D852EEA1163CF312EB68F8DF42486E4E76A74926CF99DB06AC92 ] C:\Windows\System32\d3d9.dll
20:22:09.0436 0x168c  C:\Windows\System32\d3d9.dll - ok
20:22:09.0440 0x168c  [ 167AC31450C0C53A01FA1491E94D7678, 951744503EF72C6D6DC49720C4E6E65DC1DBB9C8252C89FEE18B396E2ED67EA5 ] C:\Windows\System32\shdocvw.dll
20:22:09.0440 0x168c  C:\Windows\System32\shdocvw.dll - ok
20:22:09.0444 0x168c  [ 1A09CB187440993FA5E24DE1EEB7B916, DE0ABF6A3D7AD303A10E2E114EAA0E8F064EF5298270FC9548028010DBE4FFAC ] C:\Windows\System32\cfgmgr32.dll
20:22:09.0444 0x168c  C:\Windows\System32\cfgmgr32.dll - ok
20:22:09.0448 0x168c  [ A4E7946B71BBDF8708C7AC97FD9E9008, 3C382EDC2BE010B11006EC41097123C5EE4D2D6FB079B795DAAF37F423864BFD ] C:\Windows\System32\win32spl.dll
20:22:09.0448 0x168c  C:\Windows\System32\win32spl.dll - ok
20:22:09.0451 0x168c  [ 97095558BD2654D259D4DC726F741B1B, FE90DA526320540D190E1F00B6613C59EEF9D91B82F71433E3C30FCD5167EBE3 ] C:\Program Files\Malwarebytes Anti-Exploit\mb-lib.dll
20:22:09.0451 0x168c  C:\Program Files\Malwarebytes Anti-Exploit\mb-lib.dll - ok
20:22:09.0454 0x168c  [ 4504819D18FAC09B6108D8728467E5B2, 46736DE57B2A0592BE1DC53B337A607C8962C305F678E5899D5734D3D4630135 ] C:\Windows\System32\browseui.dll
20:22:09.0454 0x168c  C:\Windows\System32\browseui.dll - ok
20:22:09.0456 0x168c  [ 4BF053944E973C073339BE841C9ECF28, CDE922AEC912F978C1847C17FA8233D860C38AC249CF095134D2CEA355A6D26A ] C:\Windows\System32\netrap.dll
20:22:09.0456 0x168c  C:\Windows\System32\netrap.dll - ok
20:22:09.0459 0x168c  [ CD6DA5770CAE9D5E6E86722E17B442E0, 9F0EE70460FFA43E869C3821F0AF6646D97E0F463A87B50B167ECAD44DF2E523 ] C:\Windows\System32\d3d8thk.dll
20:22:09.0459 0x168c  C:\Windows\System32\d3d8thk.dll - ok
20:22:09.0463 0x168c  [ 2D3D47B93E0BE86EEBB261734AB5B6A1, F83A5AB187DA9A3784367C8762AACB07B28871F435B4B39672114BDADB05B894 ] C:\Windows\System32\printcom.dll
20:22:09.0463 0x168c  C:\Windows\System32\printcom.dll - ok
20:22:09.0466 0x168c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Program Files\Google\Update\GoogleUpdate.exe
20:22:09.0466 0x168c  C:\Program Files\Google\Update\GoogleUpdate.exe - ok
20:22:09.0469 0x168c  [ 2E8E30F3B318A9FDA5A2485723F4C2B3, A2EE1F104D05ACBC7D6A01DDC324391ECC9A40776786DFF310B424193C1B9659 ] C:\Windows\System32\inetpp.dll
20:22:09.0469 0x168c  C:\Windows\System32\inetpp.dll - ok
20:22:09.0472 0x168c  [ BBB566945FFF427EE2EE9536EF6593EE, 1C75864314A8C19DCE43A033E93ABE8AAD0467081D0B4F610402E42908136D5B ] C:\Windows\System32\igdumdx32.dll
20:22:09.0472 0x168c  C:\Windows\System32\igdumdx32.dll - ok
20:22:09.0475 0x168c  [ 0AA25A2F866FE94747B3EDE7FE9FAA77, D1C71E6CC8DBCD1D8770FEDD0DD281D0042978AE9A61A807CB44AB3A6A8DE8C8 ] C:\Program Files\AVAST Software\Avast\ashShell.dll
20:22:09.0475 0x168c  C:\Program Files\AVAST Software\Avast\ashShell.dll - ok
20:22:09.0477 0x168c  [ 11CFE871D27B4C3485E84BE9E48FFF5E, E6B87FA200AB571056B961794D8EF280C357C740AFC733511EFFF3EECA9E2C78 ] C:\Windows\System32\msi.dll
20:22:09.0478 0x168c  C:\Windows\System32\msi.dll - ok
20:22:09.0481 0x168c  [ 74789F05600EBB80EE1C31CC8EF50616, 81194D54AF291F3CC8E5D4E75D0DD456C8697E2F9DB3F0406CC6F1BB14F94BA4 ] C:\Windows\System32\igdumd32.dll
20:22:09.0481 0x168c  C:\Windows\System32\igdumd32.dll - ok
20:22:09.0484 0x168c  [ D84AEA3F3329D622DFC1297DDDF6163B, 316FE56CC30ED1473A917253F46B79EAA12F4ABD5B4B1ADB03929DFEE940F577 ] C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
20:22:09.0484 0x168c  C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe - ok
20:22:09.0487 0x168c  [ 14E4470BF8ACA69A85D741BA99F75F96, B9DA437B42D56FAF29EF8227A22D842A852F80D5611E114E27FC8A3864E6DEA5 ] C:\Windows\System32\EhStorShell.dll
20:22:09.0487 0x168c  C:\Windows\System32\EhStorShell.dll - ok
20:22:09.0490 0x168c  [ 7A623F6B4C51F6F2BC1A31D5787FC0A7, 673A7F086251CC5CB6473BC392A7572566F58A11F4DE1B8D7B3C281A1A5AE11C ] C:\Windows\System32\uDWM.dll
20:22:09.0490 0x168c  C:\Windows\System32\uDWM.dll - ok
20:22:09.0493 0x168c  [ 9B48E38C35F08FA831B387A0B27C40AA, A36F22314DC6D183DE1853FCAB4ED8A9C7A851B62F34A7DD5E059B6485B34C2C ] C:\Program Files\Malwarebytes Anti-Malware\mbamsrv.dll
20:22:09.0493 0x168c  C:\Program Files\Malwarebytes Anti-Malware\mbamsrv.dll - ok
20:22:09.0496 0x168c  [ 111C47816F39A91EAAA18DA0A54E8E63, 6910253AA5DFD7E2656C65B7227E7D546648D6C55600552D79FA275D0331AA00 ] C:\Windows\System32\imageres.dll
20:22:09.0496 0x168c  C:\Windows\System32\imageres.dll - ok
20:22:09.0499 0x168c  [ 30490EED6A1E20E8259C0B9C58F488FE, C8CE687EFFED31AD75D79A52D49E83F39BEE5FD9A1A67EC586BA930650A73D6C ] C:\Program Files\Malwarebytes Anti-Malware\QtCore4.dll
20:22:09.0499 0x168c  C:\Program Files\Malwarebytes Anti-Malware\QtCore4.dll - ok
20:22:09.0502 0x168c  [ E4B829081E639E42985853BAE754A53D, C94E8E6CE2999ED05D6738A2498F1FD521CE68466CDD3EDC3DDAD71278497879 ] C:\Program Files\Malwarebytes Anti-Malware\msvcp100.dll
20:22:09.0502 0x168c  C:\Program Files\Malwarebytes Anti-Malware\msvcp100.dll - ok
20:22:09.0505 0x168c  [ 782C8019C89920A77B1907AD3B4C8FF9, B38C1B9C022B2B2CCC860845ABC7CE2803A251477D07F1DE7B7F7AAB02376EDB ] C:\Windows\System32\HotStartUserAgent.dll
20:22:09.0505 0x168c  C:\Windows\System32\HotStartUserAgent.dll - ok
20:22:09.0508 0x168c  [ 80FCEDBE920E9CBE30D9D3665BD6EFED, 5BCA95D4EADADE3046F5F95F9FAD97DF585638B49CCA2184BD0157AE374727C8 ] C:\Program Files\Malwarebytes Anti-Malware\msvcr100.dll
20:22:09.0508 0x168c  C:\Program Files\Malwarebytes Anti-Malware\msvcr100.dll - ok
20:22:09.0511 0x168c  [ 77E585EDD4C7EB7AB2ACC36BC1DC32A5, 57BF4D683CA66AAC2A4B7FEDF9F7FB254860BE77E1F4A6DD2C40410783B5C113 ] C:\Program Files\Google\Update\1.3.24.15\goopdate.dll
20:22:09.0511 0x168c  C:\Program Files\Google\Update\1.3.24.15\goopdate.dll - ok
20:22:09.0513 0x168c  [ D922592AB65C5D9B88B30B4510A3464E, E6226CFD77C6DDAE5737C4CC6F8B347DF474CF8DFD93E32ABE6AE63D9AB0A586 ] C:\Windows\System32\cscapi.dll
20:22:09.0513 0x168c  C:\Windows\System32\cscapi.dll - ok
20:22:09.0516 0x168c  [ 4934241CD20AC87D78121352E3BA8318, DACD7A7E0A41B011AD306972876568F27CDCF064EDFF71024BC0D4B595B666A7 ] C:\Windows\System32\dbghelp.dll
20:22:09.0516 0x168c  C:\Windows\System32\dbghelp.dll - ok
20:22:09.0521 0x168c  [ 4F45ED469906494F9BF754E476390DBD, D8FF6AFD73D8C191F5732DF9737E6F83B2B52B06A3A6CD4CC6EAC9464CBB2772 ] C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
20:22:09.0521 0x168c  C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe - ok
20:22:09.0525 0x168c  [ F722FA26739EAFCBD8D5F3829B632CD7, 8C7356AFF03748C4D565F3B6CBD4E289910253A3CA6CAE3A118F2C7E419CF649 ] C:\Program Files\Malwarebytes Anti-Malware\mbamcore.dll
20:22:09.0525 0x168c  C:\Program Files\Malwarebytes Anti-Malware\mbamcore.dll - ok
20:22:09.0530 0x168c  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] C:\Windows\System32\drivers\PEAuth.sys
20:22:09.0530 0x168c  C:\Windows\System32\drivers\PEAuth.sys - ok
20:22:09.0533 0x168c  [ 08578F3CA5365F896D90CE2BF97FD000, B081E6B39D69141B3AD31E127DA18756EBB68F47E649635D78D45B25EBDC2511 ] C:\Windows\System32\IconCodecService.dll
20:22:09.0533 0x168c  C:\Windows\System32\IconCodecService.dll - ok
20:22:09.0537 0x168c  [ F4D9ED6BD74AD7CC0BEC83C43A1CB76B, 18F167DEC8464AC42B9C7C2C69638D812C1C2CF867DBF3E833F4B880C26BD1D2 ] C:\Windows\System32\ncsi.dll
20:22:09.0537 0x168c  C:\Windows\System32\ncsi.dll - ok
20:22:09.0540 0x168c  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] C:\Windows\System32\IPSECSVC.DLL
20:22:09.0540 0x168c  C:\Windows\System32\IPSECSVC.DLL - ok
20:22:09.0543 0x168c  [ 01BCD91CC2B0EFDA4890F547010750BD, 34B99B58AC2CEC8EF089C9B82D3ADEAD721B32B5F884399E8A9D2252B8AB5C02 ] C:\Windows\System32\ssdpapi.dll
20:22:09.0543 0x168c  C:\Windows\System32\ssdpapi.dll - ok
20:22:09.0546 0x168c  [ 57125869A7B9638A5D11DD685AA65EB4, ADDEA7198DD1586D1D4E4DC1091369BC5702CED5E4FF8A0B42A06626D8DA28D7 ] C:\Windows\System32\PlaySndSrv.dll
20:22:09.0546 0x168c  C:\Windows\System32\PlaySndSrv.dll - ok
20:22:09.0549 0x168c  [ 42608AE9AF2641EE473A1797C25CFFC2, 64FCAEDFAE7B530522A630BD41880180C3B5D78924DF80DC54862A0D666EBA5F ] C:\Windows\System32\FwRemoteSvr.dll
20:22:09.0549 0x168c  C:\Windows\System32\FwRemoteSvr.dll - ok
20:22:09.0553 0x168c  [ 96EFEC24346A8EB1157E80523079ADDC, 7F8FC284029856C754E400B6C954369FFE27763C81D8F4AF4E58BFDD44CBC24A ] C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
20:22:09.0553 0x168c  C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe - ok
20:22:09.0556 0x168c  [ E0564E0B6D729D7D25B3C3F71CEDEC21, A8D1214580389912C70A40AE271BB2BB10EFD936310C16952AA4586C1180C642 ] C:\Program Files\Real\RealUpgrade\Common\hxmedpltfm.dll
20:22:09.0556 0x168c  C:\Program Files\Real\RealUpgrade\Common\hxmedpltfm.dll - ok
20:22:09.0559 0x168c  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] C:\Windows\System32\drivers\secdrv.sys
20:22:09.0559 0x168c  C:\Windows\System32\drivers\secdrv.sys - ok
20:22:09.0562 0x168c  [ 428FF21418ADCD6FAD6189CD9520A67B, E9021A9B74AC6C4F7317704DF6A66B1A5C3D05DD2535989942005D638340010D ] C:\Windows\System32\wiatrace.dll
20:22:09.0562 0x168c  C:\Windows\System32\wiatrace.dll - ok
20:22:09.0565 0x168c  [ 4DBA143F06BAD1DF935CB9603140CF2A, DE2D3A13993046CCC7691C9614702DCBC43C788282A2B722A8F3F4829281BC1A ] C:\Windows\System32\wsdchngr.dll
20:22:09.0565 0x168c  C:\Windows\System32\wsdchngr.dll - ok
20:22:09.0568 0x168c  [ 95389980F70FC4990A4395A0B8BBE1D6, FB5CBC85733A4EC4FB9F210A5D4E5989F6A3F2995D895F5B41163CDFC04DB82C ] C:\Windows\System32\drivers\tcpipreg.sys
20:22:09.0568 0x168c  C:\Windows\System32\drivers\tcpipreg.sys - ok
20:22:09.0571 0x168c  [ 351FA1DF82CFFDEDA801604246E63E95, AD030032C0C4C0E2A8EEDA3E45338BE7DFD75AED330EBC266183C49687E7A3D0 ] C:\Windows\System32\icaapi.dll
20:22:09.0571 0x168c  C:\Windows\System32\icaapi.dll - ok
20:22:09.0574 0x168c  [ 43E1054C713C48D252A1826C5E14AACA, 46B6A5011EC63F1B8DDC6A2BE013C2BBB59B81310644766C609CAAF4B9A18278 ] C:\Windows\System32\MsCtfMonitor.dll
20:22:09.0574 0x168c  C:\Windows\System32\MsCtfMonitor.dll - ok
20:22:09.0577 0x168c  [ C6DA42ADA0C5FC8CB05744229D632B47, 1C0FFD6B1CB0C72DF079F279E24243D2617F37D9DD5142140C3AB5AA3E4647BD ] C:\Windows\System32\msutb.dll
20:22:09.0577 0x168c  C:\Windows\System32\msutb.dll - ok
20:22:09.0580 0x168c  [ DEB9D08750423069647C3A066CEC7A1B, 5570DF2EFB4D3B6BD2F8839F8FDB89C107424F9C3113238A34F3384285AB940F ] C:\Windows\System32\tquery.dll
20:22:09.0580 0x168c  C:\Windows\System32\tquery.dll - ok
20:22:09.0582 0x168c  [ 74B8C2EA72D43727142D12397D5A49F9, 37E8858211D7BF9DE90CBD22863B18A939C43BA64CAD06229E994A417BD46B0D ] C:\Windows\System32\wbemcomn.dll
20:22:09.0582 0x168c  C:\Windows\System32\wbemcomn.dll - ok
20:22:09.0585 0x168c  [ 2205A220A264E8C8B86492BF3D112907, F3B702AE3242B8910260F2649D8B387B07AF8830FF5F495B6F713FCABD26A4E9 ] C:\Windows\System32\PortableDeviceApi.dll
20:22:09.0585 0x168c  C:\Windows\System32\PortableDeviceApi.dll - ok
20:22:09.0587 0x168c  [ 1F18B9EA1BBFF033413414C3BEA13AD6, EC549203DD16A70F3275500CF1754198FDD4F619A0EC973FF8D4A9934DAACE6B ] C:\Windows\System32\wbem\WinMgmtR.dll
20:22:09.0587 0x168c  C:\Windows\System32\wbem\WinMgmtR.dll - ok
20:22:09.0590 0x168c  [ 293C5CCD99D332ECC94637FEDA38D1F2, A220C2F2F2C2075B724EFBD15A3F354824859AE28C3A548E76306DD6AE1FB723 ] C:\Windows\System32\TMM.dll
20:22:09.0590 0x168c  C:\Windows\System32\TMM.dll - ok
20:22:09.0593 0x168c  [ B53BD9E63867CD9FD853F666CA172713, 08951AC63A257696F5F1FC79137C3FFBF0972B9AE43BD4BE02C2CACB9176C3DA ] C:\Windows\System32\PortableDeviceConnectApi.dll
20:22:09.0593 0x168c  C:\Windows\System32\PortableDeviceConnectApi.dll - ok
20:22:09.0596 0x168c  [ BDE89AB6F15F0093A2A7861D1FC413ED, CDD703B147DD2B49FB4DD3EF8E8E97A9496782462AF8D65AC70D3075E4E0514A ] C:\Windows\System32\QAGENT.DLL
20:22:09.0596 0x168c  C:\Windows\System32\QAGENT.DLL - ok
20:22:09.0599 0x168c  [ 218B73EA8341EA9FDF018D43052E790A, 35696A2107490EB6E81A442CBE0F3DE36DBED103A0A18677F2686DB2A157FE3C ] C:\Windows\System32\mssrch.dll
20:22:09.0599 0x168c  C:\Windows\System32\mssrch.dll - ok
20:22:09.0602 0x168c  [ 769D027B977CED05658C85E698D3C5B1, AD17B98BC2E2CEA59CC603264F171098AE77F16B7E9C61080F7E2DC50EE74637 ] C:\Windows\System32\QUTIL.DLL
20:22:09.0602 0x168c  C:\Windows\System32\QUTIL.DLL - ok
20:22:09.0605 0x168c  [ 9D87F98E6841652E08D7F3A87FDCEB93, 8332D3A263026F63BD626B1A3C6B356819AEAEF2D32A56596FFFCD4DEC88EED2 ] C:\Windows\System32\igfxTMM.dll
20:22:09.0605 0x168c  C:\Windows\System32\igfxTMM.dll - ok
20:22:09.0607 0x168c  [ 4FBC630768570E6AC35C3DE8F6EC79F5, CF4E271683AA4AADF763A5B3081B8135C9D69F2C6D9DED9C3717B085A1BF14CF ] C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
20:22:09.0608 0x168c  C:\Program Files\Malwarebytes Anti-Malware\mbam.exe - ok
20:22:09.0610 0x168c  [ AAB5FEAABF4CB6F76D794203831C8D94, 2E773665AEC22EAE334F4123F1B1D183790FA165E54C126246E32B8DAB4CD67F ] C:\Windows\System32\msidle.dll
20:22:09.0610 0x168c  C:\Windows\System32\msidle.dll - ok
20:22:09.0613 0x168c  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] C:\Windows\System32\netprofm.dll
20:22:09.0613 0x168c  C:\Windows\System32\netprofm.dll - ok
20:22:09.0616 0x168c  [ BF7E4D6F60A6D9E866432855C6F8C262, 6E99AA4BD3867867C6DE1B37F0EA8A1332190D23CD72752889B7A5C90DDC610F ] C:\Windows\System32\sqmapi.dll
20:22:09.0617 0x168c  C:\Windows\System32\sqmapi.dll - ok
20:22:09.0620 0x168c  [ 6BC5FCEF351E4CB5A269C1E84B5A06DA, A5CAB1752E7AB7A37E1F8B943FBBDF6FACAFC228FF6D0321E61D2501D2653BB7 ] C:\Windows\System32\netcfgx.dll
20:22:09.0620 0x168c  C:\Windows\System32\netcfgx.dll - ok
20:22:09.0623 0x168c  [ DFCAB29E8FD38F95650CC1E203E8D318, 96B444CF2FA218447A29BC5BF4308E3A5A47203555A460E79056EE6AC4875F9A ] C:\Windows\System32\npmproxy.dll
20:22:09.0623 0x168c  C:\Windows\System32\npmproxy.dll - ok
20:22:09.0626 0x168c  [ A99871BA522CB2539AE275AC18CACC8F, CBE1F5B357AAE3EA03E8E0AE2E1A1DE4EDF8F35AD056DCF1DC4E413284C86FC3 ] C:\Windows\System32\cabinet.dll
20:22:09.0626 0x168c  C:\Windows\System32\cabinet.dll - ok
20:22:09.0629 0x168c  [ B458B58F7BB97C48D01AC3CF5805AAAC, C72F88E1CF47B3645177E8CC78E3AE3D098E6401EF7EF598E4C02F75A466B78C ] C:\Windows\System32\Query.dll
20:22:09.0629 0x168c  C:\Windows\System32\Query.dll - ok
20:22:09.0631 0x168c  [ D32C2A98859CB22D57A665F15F351E7D, CD50473C7DD0E57F2784B137F3490DF710BEEAA31E4961DCC90CF6A70632B481 ] C:\Program Files\Malwarebytes Anti-Malware\mbam.dll
20:22:09.0632 0x168c  C:\Program Files\Malwarebytes Anti-Malware\mbam.dll - ok
20:22:09.0634 0x168c  [ 1D6B95871DC006190964B04E5657E35F, 813F546ECB052166851B3E402DA13BF82CC83D36DA02AF3DED3780FEFFBA3277 ] C:\Windows\System32\rastapi.dll
20:22:09.0634 0x168c  C:\Windows\System32\rastapi.dll - ok
20:22:09.0637 0x168c  [ FEA6D21F78922D641A0C9346D885133B, 258B920BFA67A5F5A85A455EC7CCF18119C786F94A708087F09F3B5660CD783C ] C:\Windows\System32\mssprxy.dll
20:22:09.0637 0x168c  C:\Windows\System32\mssprxy.dll - ok
20:22:09.0640 0x168c  [ B96B60EC821F86D445C9739A0F3DED59, 5BBB1C4AE7EB45403435D875598A8CC576698FD081977F5D51D438BA43140588 ] C:\Windows\System32\unimdm.tsp
20:22:09.0640 0x168c  C:\Windows\System32\unimdm.tsp - ok
20:22:09.0643 0x168c  [ 15E21AA7D0C0C994CD565EEB96D13C20, 6B9AC59F8C17C639929E9BF911C20DA55459FA55F490E7E0CC284A9FBC077274 ] C:\Program Files\Malwarebytes Anti-Malware\QtGui4.dll
20:22:09.0643 0x168c  C:\Program Files\Malwarebytes Anti-Malware\QtGui4.dll - ok
20:22:09.0646 0x168c  [ A952D0DED445F26AEFCF593A935AB300, 3A5D7D33D6445B146C9F1ABAE7A705EB53E5C4800CE3F04A9392C42E0D9ECBBD ] C:\Windows\System32\hnetcfg.dll
20:22:09.0646 0x168c  C:\Windows\System32\hnetcfg.dll - ok
20:22:09.0650 0x168c  [ DFBAADF1B624DC71E88D34D86B3595BE, AFEEA1CF788DC67833C4FA14CCE681B5E30F480A8D9059B9192D636359F8D8DD ] C:\Windows\System32\uniplat.dll
20:22:09.0650 0x168c  C:\Windows\System32\uniplat.dll - ok
20:22:09.0653 0x168c  [ 30F0DC266B46118E9FBCF5B2A30EB1DB, 72C59BBD1590EAD91D92C07B3434BE308639CE773E8A2E72751E5396B4B10BA5 ] C:\Windows\System32\wbem\wbemprox.dll
20:22:09.0653 0x168c  C:\Windows\System32\wbem\wbemprox.dll - ok
20:22:09.0656 0x168c  [ FC1EEE57EB9CD57279D70BA2A9131C38, 3154EF4F545CE40C7C67B8D5A4DF23D37B2A6F0CA8C5EC656CF81D96A7BE3CE9 ] C:\Windows\System32\wbem\wbemcore.dll
20:22:09.0656 0x168c  C:\Windows\System32\wbem\wbemcore.dll - ok
20:22:09.0658 0x168c  [ 953193A9DEA40348C1086D171F6440AE, D09D2A3238A56C823010F7AB5A92C88D315F7A01093C3EB0CF70C0F058055C93 ] C:\Windows\System32\kmddsp.tsp
20:22:09.0658 0x168c  C:\Windows\System32\kmddsp.tsp - ok
20:22:09.0661 0x168c  [ 2F6776ACEFE41EE889C464EA407918F2, 67401F5B8B6DBA6E7478D1D05D1ED91680C8623E66CA66AFB44377D63DD5F13C ] C:\Windows\System32\ndptsp.tsp
20:22:09.0661 0x168c  C:\Windows\System32\ndptsp.tsp - ok
20:22:09.0665 0x168c  [ D7588D42E29080C32A003BEE465160D8, 03C23580F133C976A93F0BB5088E811BC2EC8AEB20A81FE54C9ED608B010C506 ] C:\Program Files\Malwarebytes Anti-Malware\QtNetwork4.dll
20:22:09.0665 0x168c  C:\Program Files\Malwarebytes Anti-Malware\QtNetwork4.dll - ok
20:22:09.0668 0x168c  [ B4B59AC042EE3733A862F26CBC0B17FC, 4EB571061FF1C0CEF66C450FBB266D81A583B7EA2AFD4A32F3ED7079969D7949 ] C:\Windows\System32\hidphone.tsp
20:22:09.0668 0x168c  C:\Windows\System32\hidphone.tsp - ok
20:22:09.0670 0x168c  [ C10E13721B0AAEBEB5EBA914F1D18181, D30BA6FF257A840D67BFA6AF332ADBDC0E79C70EDCEFB10FAACD7071FB431458 ] C:\Windows\System32\wbem\esscli.dll
20:22:09.0670 0x168c  C:\Windows\System32\wbem\esscli.dll - ok
20:22:09.0673 0x168c  [ BC5A34B6A14C93BF04E3F4E8EA57090A, 55F71740FBA3A079B81A045C81088C39176D44358ED28F568C198F338400E017 ] C:\Windows\System32\wbem\fastprox.dll
20:22:09.0673 0x168c  C:\Windows\System32\wbem\fastprox.dll - ok
20:22:09.0676 0x168c  [ DB0F37DBA4C245C61E5936DDBDE62438, 2DB2979BAF792DA74584E380055F233B9CEF51BCBF992CA84A79AD81A23C1663 ] C:\Windows\System32\wbem\wbemsvc.dll
20:22:09.0676 0x168c  C:\Windows\System32\wbem\wbemsvc.dll - ok
20:22:09.0679 0x168c  [ 8B645890A93F1FBBC7DA3E07CC72D762, 9D7054729CC860F2311060C236F7123567CBB2780966A72B6ADEB96185CB5D7B ] C:\Windows\System32\rasppp.dll
20:22:09.0680 0x168c  C:\Windows\System32\rasppp.dll - ok
20:22:09.0682 0x168c  [ 56E315ACFB08A177B4D01E42B9044DB5, 230B5AC4EB6654C854046CD210A80929345AA5D049EFA7C329048723A3A32345 ] C:\Windows\System32\mprapi.dll
20:22:09.0682 0x168c  C:\Windows\System32\mprapi.dll - ok
20:22:09.0686 0x168c  [ 88225070DD2F7B0B2ED51E7935078641, 9DC31DE93783EBC7285B8CBEA50E73976AA221B9701C3AE6CED56960F19AB298 ] C:\Windows\System32\rasqec.dll
20:22:09.0686 0x168c  C:\Windows\System32\rasqec.dll - ok
20:22:09.0689 0x168c  [ 2C3B09E586BDA2CC49A292BE7BADC589, E8AA356380E11A75DA0B51DA9C8BD9D3EA05885206AB9D4D1A69A96D8E9777AE ] C:\Windows\System32\wbem\wmiutils.dll
20:22:09.0689 0x168c  C:\Windows\System32\wbem\wmiutils.dll - ok
20:22:09.0692 0x168c  [ 82A79D5BE740D0AE9C91AA6DE4B3AC5A, C7E9FB7FE06626931A64846AE628655FC5469D840E42315E5E70C89810E622B3 ] C:\Windows\System32\raschap.dll
20:22:09.0692 0x168c  C:\Windows\System32\raschap.dll - ok
20:22:09.0695 0x168c  [ B8A21907FE2F1A113F3487D9AB60BEF9, 00BC900F04C2594E177A5C13CF613194926292FF92A2E5320E98AFD94A9524D0 ] C:\Windows\System32\en-US\tquery.dll.mui
20:22:09.0695 0x168c  C:\Windows\System32\en-US\tquery.dll.mui - ok
20:22:09.0698 0x168c  [ 834933F16EA839AC5AC7CBF88638DF27, 5A91A23ACD760F81E4DF7976DE1FA27E80EF8D35B680EEC859E08AF9588ACBE4 ] C:\Windows\System32\wbem\repdrvfs.dll
20:22:09.0698 0x168c  C:\Windows\System32\wbem\repdrvfs.dll - ok
20:22:09.0700 0x168c  [ 3B0489DE8CC3058B48471660C60A7B75, A4EE12ACE2EB2E48E0D40A8845E3DCE8CF5A9D07EF29EE38F25A7F5BE3566919 ] C:\Windows\System32\rastls.dll
20:22:09.0700 0x168c  C:\Windows\System32\rastls.dll - ok
20:22:09.0703 0x168c  [ 248A1F31ABB58DDDDC01490EF0BDC777, 5E5CF3FEAB07628BB1EAE37BED9207E231AB3AEE38907C58D909B1BA391D18A8 ] C:\Windows\System32\cryptui.dll
20:22:09.0703 0x168c  C:\Windows\System32\cryptui.dll - ok
20:22:09.0706 0x168c  [ 22DC784B32BEE306A99F50D6DC2460BC, 5144BDCEAFC593817545869E82A7D78104F310A8B0188E0EC49648F929F6E1C2 ] C:\Windows\System32\esent.dll
20:22:09.0706 0x168c  C:\Windows\System32\esent.dll - ok
20:22:09.0708 0x168c  [ C2C6C014B96581EC8BF0C8604DE1743E, 5641A4B4EEB85C247A6C5718D3DDBAC9BD8C00E1D474721E8F27CFC7E7C25FBC ] C:\Windows\System32\wbem\WmiPrvSD.dll
20:22:09.0708 0x168c  C:\Windows\System32\wbem\WmiPrvSD.dll - ok
20:22:09.0711 0x168c  [ F85134BF76CB335A39F8D7BC4173D4FB, F6D1FA04D5BEA86625016FC460B9BF713C0D47694D84E9EA31AB927AD7527F37 ] C:\Windows\System32\msscb.dll
20:22:09.0711 0x168c  C:\Windows\System32\msscb.dll - ok
20:22:09.0714 0x168c  [ A609A192E98934A8D352704C99AB8577, E4E4B8FEDBDFAC148E416190C7E88F8634269FFB2395E197D92BCB3CD7CDF662 ] C:\Windows\System32\wbem\wbemess.dll
20:22:09.0714 0x168c  C:\Windows\System32\wbem\wbemess.dll - ok
20:22:09.0717 0x168c  [ 64B9B821CA1A2AB37E3780D743A29AEB, 4A2B438A913CACCA2BDC5C700D0429889B019943E0DD14B4424917F973E37E64 ] C:\Program Files\AVAST Software\Avast\aswjsscan.dll
20:22:09.0717 0x168c  C:\Program Files\AVAST Software\Avast\aswjsscan.dll - ok
20:22:09.0721 0x168c  [ 1DFC366D2154EF2B381A7F2CB165C7F4, BE21632FD644AEFD6B608E7098F73705F82B65CBFD0FCE93C0AF2BF9DE02E063 ] C:\Windows\System32\diagperf.dll
20:22:09.0721 0x168c  C:\Windows\System32\diagperf.dll - ok
20:22:09.0724 0x168c  [ F0062778F50838145AC46B384FFB4FA3, 7EC4509AB87062D2BA00E3B7AD59F3D6D2F01AF66E4AEFB70BFAFD1B89E7BFEF ] C:\Windows\System32\pcadm.dll
20:22:09.0724 0x168c  C:\Windows\System32\pcadm.dll - ok
20:22:09.0727 0x168c  [ 21322832C99E8DE85BD047689A2A69DB, EDEA0659E65AD8C081BDF82A8AFF0999E7DD3B31F2AB0FBCEDDAEE893E90B9EB ] C:\Windows\System32\pnpts.dll
20:22:09.0727 0x168c  C:\Windows\System32\pnpts.dll - ok
20:22:09.0730 0x168c  [ 8E8D82756F3DDC86D53651E3FB432B9D, A99A1A7334BAE818D40E8323DBBC01BC66860D7005CDFFCF0BE84025FFBF0AEC ] C:\Program Files\AVAST Software\Avast\aswPatchMgt.dll
20:22:09.0730 0x168c  C:\Program Files\AVAST Software\Avast\aswPatchMgt.dll - ok
20:22:09.0733 0x168c  [ 3F33D9CB732275D87D5E583CF87A6D3A, 9C2CB8909067517FECDE3CF69C01036AF2BC0A3D9BCFE000A361BBFCE22FCB13 ] C:\Program Files\Real\RealUpgrade\Plugins\upgrade.dll
20:22:09.0733 0x168c  C:\Program Files\Real\RealUpgrade\Plugins\upgrade.dll - ok
20:22:09.0736 0x168c  [ 3192ED5E2FFDF5B630541B9643AE1AA3, 5F2A25A3B49E312D39CFD5C3D9E058AC3807016A09458F991894FABEFE029A56 ] C:\Windows\System32\upnp.dll
20:22:09.0736 0x168c  C:\Windows\System32\upnp.dll - ok
20:22:09.0738 0x168c  [ B5D4502861F953A83B9C2C73495B9547, 29D48442DBABA888CF4EB7907FCD638C12612E9A6E9F032A831FF0A6A313D82D ] C:\Program Files\AVAST Software\Avast\defs\14081700\swhealthex.dll
20:22:09.0738 0x168c  C:\Program Files\AVAST Software\Avast\defs\14081700\swhealthex.dll - ok
20:22:09.0741 0x168c  [ 3606CE1AC3D6A9A9CB7DB35D7F5C54EC, 220911A88EF333BAC01062CC9E83566DBC12B1564D5B58C3A8A039DFDFDB7C6C ] C:\Windows\System32\shfolder.dll
20:22:09.0741 0x168c  C:\Windows\System32\shfolder.dll - ok
20:22:09.0744 0x168c  [ F21F255B91CA4F04E4250DECD2067CBB, F2EDAFA1C4CDF9608F16DD14C3D053A4E63673C6D16736E3F9691CA313D8C0D2 ] C:\Windows\System32\bitsperf.dll
20:22:09.0744 0x168c  C:\Windows\System32\bitsperf.dll - ok
20:22:09.0747 0x168c  [ 9A6A653ADF28D9D69670B48F535E6B90, 72351645184693A879CFF7FD171A182F24B7F72EA313E8D42F2744D0421FE188 ] C:\Windows\System32\runonce.exe
20:22:09.0747 0x168c  C:\Windows\System32\runonce.exe - ok
20:22:09.0750 0x168c  [ 74F26FC01B180D4A99A168ED69C30A53, D2FD623D70340F650BFAC8C31102E1B9168FE1750C141A23ACCC1A21F9F93A94 ] C:\Windows\System32\cmd.exe
20:22:09.0750 0x168c  C:\Windows\System32\cmd.exe - ok
20:22:09.0752 0x168c  [ 632557F2495931D952161465AA177B3B, 6D45FBC384E0EE3B2C4E1119947BC5DD098F8A8CD55E59815661DC853FFF2C9A ] C:\Windows\System32\bitsigd.dll
20:22:09.0752 0x168c  C:\Windows\System32\bitsigd.dll - ok
20:22:09.0755 0x168c  [ C8DBFEF835FF54467425C8F3ABCF7046, F9F20D4AD8144B17F53927AF4D901092B2047E1C4300620B6B31232703304356 ] C:\Windows\System32\dssenh.dll
20:22:09.0755 0x168c  C:\Windows\System32\dssenh.dll - ok
20:22:09.0769 0x168c  [ 397D14958D6C9C2B365469A857B2AC4E, 1465D7DC50A27A2C75FFC477E8A453B0884D1E298F804233483B63A47634B7EA ] C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe
20:22:09.0769 0x168c  C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe - ok
20:22:09.0772 0x168c  [ C6B790771A2BBB4B964329936B22D8D4, 816279777FBA4A329D5BBE1F7123511E97CBEE8D938B1EAE371D749AC0410DB7 ] C:\Windows\System32\ieframe.dll
20:22:09.0772 0x168c  C:\Windows\System32\ieframe.dll - ok
20:22:09.0775 0x168c  [ 26B558B2D31C7425B455B00E562EAD93, B64D128A2F1FC42BA4376F8EB08D70F4B705745CB983D0631DB45851BF34BBDF ] C:\Program Files\AVAST Software\Avast\avastui.exe
20:22:09.0776 0x168c  C:\Program Files\AVAST Software\Avast\avastui.exe - ok
20:22:09.0779 0x168c  [ 10F13FFF542FEC4A2C4FA734EEBE56B9, 97D6F3009DAC29AABEC6063FE0AD676BFF92775602135B24D050E9E5D34807E0 ] C:\Windows\System32\qmgrprxy.dll
20:22:09.0779 0x168c  C:\Windows\System32\qmgrprxy.dll - ok
20:22:09.0782 0x168c  [ E59F533C26C8375CD120B4791482217E, FFF66E33DB80C549BD77FAC31FA54C0C5FBD505E2BCE7DDB10B873EA4471D55F ] C:\Program Files\Malwarebytes Anti-Malware\imageformats\qgif4.dll
20:22:09.0782 0x168c  C:\Program Files\Malwarebytes Anti-Malware\imageformats\qgif4.dll - ok
20:22:09.0785 0x168c  [ CC29FDF0E680C0F3531C9F2A834CA2A6, F1F4C852CF19F77A117E55431F64ADECF81A0D13D987685B90373FD0A85154AE ] C:\Program Files\VideoLAN\VLC\vlc.exe
20:22:09.0785 0x168c  C:\Program Files\VideoLAN\VLC\vlc.exe - ok
20:22:09.0788 0x168c  [ 0BDAE865738D27A4D84D50591C8C9D2D, 70010EBA09129858AF32F03079E70E974EBFF8700F5F93DCA2EC8A6B0991E2AC ] C:\Program Files\Google\Chrome\Application\chrome.exe
20:22:09.0788 0x168c  C:\Program Files\Google\Chrome\Application\chrome.exe - ok
20:22:09.0792 0x168c  [ 73FD66B14D3C4252F7A524B8836A4359, 04656A6290E9DFE79FCCD427FC4BBCF65E5C6B9525953D780FF42966C93468CF ] C:\Windows\System32\mstask.dll
20:22:09.0792 0x168c  C:\Windows\System32\mstask.dll - ok
20:22:09.0796 0x168c  [ D4CDE6545A12115345ED865A0C837013, 7FFE931AE0E72566C4388702DBB9E058890CE7F47677F9D61B797E1D30CA5602 ] C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.dll
20:22:09.0796 0x168c  C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.dll - ok
20:22:09.0799 0x168c  [ E90BF9E1562F40140161573B79CD5720, 6C3D141FB8D6227B0B18B8A85EC3DEE55FE4E67D45CB9E851B73A900CFE3C148 ] C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbam-setup.exe
20:22:09.0799 0x168c  C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbam-setup.exe - ok
20:22:09.0802 0x168c  [ 22F73612087430A94DBE912AB58E0C79, 0F6C82603B20FD118DC70040809294E6695DF9A16BFE5016DE2CFF9F07D7C215 ] C:\Windows\System32\ci.dll
20:22:09.0802 0x168c  C:\Windows\System32\ci.dll - ok
20:22:09.0805 0x168c  [ 3E091B612243DD674B4A28F91D337316, A94E52BF0735B14963A0C4E81CD3366FB08E423FD22BEB8ABBBFC1DF3256A834 ] C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll
20:22:09.0805 0x168c  C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll - ok
20:22:09.0808 0x168c  [ 7D38928A1D2F4F5295C4C62C375997BA, 787468833555D7834A59743B0A36360D682CA186F4505818A7454AD0E2CB25B8 ] C:\Program Files\WinRAR\WinRAR.exe
20:22:09.0808 0x168c  C:\Program Files\WinRAR\WinRAR.exe - ok
20:22:09.0811 0x168c  [ 601FCEB3AB6B81F48CCF1E22FFA5E6D4, 7E42FD36591D91D8FCE0984CE37A4DE8FAA187F62DF649641FE7183AD391DD03 ] C:\Windows\System32\mshtml.dll
20:22:09.0811 0x168c  C:\Windows\System32\mshtml.dll - ok
20:22:09.0814 0x168c  [ 8EC440BAD50FAE69F29F25D4EC3C0BA9, 121FB4704A1AB3697EAA486AF1AD3F1311B2E73964B5ED3DC763A262D9076A37 ] C:\Program Files\AVAST Software\Avast\defs\14081701\aswEngin.dll
20:22:09.0814 0x168c  C:\Program Files\AVAST Software\Avast\defs\14081701\aswEngin.dll - ok
20:22:09.0817 0x168c  [ C8AE490A93C3CC2E537B6E06247785A1, AE4978ADCBBE8047B3409969752230DC1A2C10B7ADC876859A3965196B7F6203 ] C:\Windows\System32\wbem\NCProv.dll
20:22:09.0818 0x168c  C:\Windows\System32\wbem\NCProv.dll - ok
20:22:09.0821 0x168c  [ 799613BA73D25641402AA81B6403EFF8, 55FFF9248C0798346888071A60BF42C809C5D4C7BBA92C97B617F7B6681E00F3 ] C:\Windows\System32\drivers\mwac.sys
20:22:09.0821 0x168c  C:\Windows\System32\drivers\mwac.sys - ok
20:22:09.0825 0x168c  [ 20AE7E93B2C36A09B1B70D9D4EAA9475, ACDA755D008310361480B5A80912BE9A4B2914E3D28BD6A2DB591FC6CE9955F6 ] C:\Program Files\AVAST Software\Avast\defs\14081701\aswCmnBS.dll
20:22:09.0825 0x168c  C:\Program Files\AVAST Software\Avast\defs\14081701\aswCmnBS.dll - ok
20:22:09.0828 0x168c  [ 547AA2A17C792C10E9CF8804CE145EEE, DEE9FD29B8CE626ABFF64B12C7D0A7DCAE4787ADCC803417DDBB917CA28CB0F9 ] C:\Program Files\AVAST Software\Avast\defs\14081701\aswCmnIS.dll
20:22:09.0828 0x168c  C:\Program Files\AVAST Software\Avast\defs\14081701\aswCmnIS.dll - ok
20:22:09.0831 0x168c  [ DC3E3C293A03541045D76491F10F330B, 12B65CB74CFC3C0ABDD62C6F84CB84D2909F5F56D059D77A65D4CE18C2E24FC3 ] C:\Program Files\AVAST Software\Avast\defs\14081701\aswCmnOS.dll
20:22:09.0831 0x168c  C:\Program Files\AVAST Software\Avast\defs\14081701\aswCmnOS.dll - ok
20:22:09.0834 0x168c  [ BADC359C9A0D9C217B7E8DA17BF3F5BB, F3DAD07D80FFF1631AE21C66362757263BD9D6D2D6DE692A618191F84EE46827 ] C:\Windows\System32\ntshrui.dll
20:22:09.0834 0x168c  C:\Windows\System32\ntshrui.dll - ok
20:22:09.0836 0x168c  [ 0EF334711734C266060EE600DB957E4D, AF3A782578E632386D219600E36DBE6C4B31B550273F10A7094F3473885FC00C ] C:\Program Files\AVAST Software\Avast\defs\14081701\aswScan.dll
20:22:09.0836 0x168c  C:\Program Files\AVAST Software\Avast\defs\14081701\aswScan.dll - ok
20:22:09.0839 0x168c  [ E3F535656B5ABF249702EB64F3CF9AF0, 8669E7586FC1020E2C382997CF5A3B55BBF4A0135554921F1BC00CF9400FBC75 ] C:\Windows\System32\wbem\wbemcons.dll
20:22:09.0839 0x168c  C:\Windows\System32\wbem\wbemcons.dll - ok
20:22:09.0842 0x168c  [ D40E7B5FBB8E0EAA7C5C294389AF95AB, 8EFD521DF1F335AF416DEC15D5C0C6538903803AA1A8ED93AA704B384A29876B ] C:\Users\Chris\AppData\Local\temp\{02D04974-D8DF-4DA1-97ED-617E906FD7A4}.exe
20:22:09.0842 0x168c  C:\Users\Chris\AppData\Local\temp\{02D04974-D8DF-4DA1-97ED-617E906FD7A4}.exe - ok
20:22:09.0845 0x168c  [ 4A406BD2BC818A539A078B71573AABC8, 42C2A0397EDF5ED0CC44D992B4982EC39573A7468F6B57D7009B8AC08AAD8DD7 ] C:\Program Files\AVAST Software\Avast\defs\14081701\algo.dll
20:22:09.0846 0x168c  C:\Program Files\AVAST Software\Avast\defs\14081701\algo.dll - ok
20:22:09.0849 0x168c  [ 898ABECCD5F0B9A8E8F1318DDB234685, CD9B0AE2FDF22B694FD2E3FD92C751AAECDDD85779D6F8CCD7EFCD3CC8C1161B ] C:\Windows\System32\dot3api.dll
20:22:09.0849 0x168c  C:\Windows\System32\dot3api.dll - ok
20:22:09.0852 0x168c  [ 12E71DA845D76665B56753AD149E32B3, 0E403710CCBACD5AB85FD4C32AAB6CB2C27BC1F043E8008EE49EE96ECA944146 ] C:\Windows\System32\drivers\mbamswissarmy.sys
20:22:09.0852 0x168c  C:\Windows\System32\drivers\mbamswissarmy.sys - ok
20:22:09.0854 0x168c  [ 9E5C1D19851FAE2ACDBA118AB20D55AC, 848A4ADCBC9207DB6D274763DBD082843A3BB4AEB2BF8BCC11B2B6C2F8B43E84 ] C:\Windows\System32\EhStorAPI.dll
20:22:09.0854 0x168c  C:\Windows\System32\EhStorAPI.dll - ok
20:22:09.0859 0x168c  [ 98638A4CA187245C469DA0DEC4F04A45, AE352C68D11888AA27109F366BFFA308CA8EE8E222599C74E2C0B1A1AA9B60A3 ] C:\Windows\System32\pautoenr.dll
20:22:09.0859 0x168c  C:\Windows\System32\pautoenr.dll - ok
20:22:09.0864 0x168c  [ 8D544AC1B7AA7FB9DFF0C3E7DA6AD295, 745FA882709CCD6CEBD9881A001B9F26D9F09BE5D64582D61A6557E1C8E6C58F ] C:\Windows\System32\wlanhlp.dll
20:22:09.0864 0x168c  C:\Windows\System32\wlanhlp.dll - ok
20:22:09.0869 0x168c  [ 5CAAE5333EF36DB4A8D294418AB37E80, 0FAC92CDED62CEFDD44B3DC714FC3A453FEAAF44653F3AB75FB5A093A1DA71E9 ] C:\Windows\System32\p2pcollab.dll
20:22:09.0869 0x168c  C:\Windows\System32\p2pcollab.dll - ok
20:22:09.0871 0x168c  [ AC48FD62E22C4425879FCA5A63F50497, 36234D6835F8CCDE2DEF4AAD2C9AD42C47FC7A5BDD9CFC9BE8FFE6995FB3DE1B ] C:\Windows\System32\certcli.dll
20:22:09.0871 0x168c  C:\Windows\System32\certcli.dll - ok
20:22:09.0875 0x168c  [ 9F522B2708CAB181C0F137ABBCD1DE2E, 498B73A45A4301C8045109621E0831DA806C4D3AEDED63DF81979D36D0284BA7 ] C:\Program Files\Malwarebytes Anti-Malware\7z.dll
20:22:09.0875 0x168c  C:\Program Files\Malwarebytes Anti-Malware\7z.dll - ok
20:22:09.0878 0x168c  [ 0053319C4438CDE659AA75C19BBD22F1, F0EE45AAB3DC43DECF7DA6B7A5DC4AAEF9A660D3BE1B571EA5FD2C6779A583FB ] C:\Windows\System32\CertEnroll.dll
20:22:09.0878 0x168c  C:\Windows\System32\CertEnroll.dll - ok
20:22:09.0882 0x168c  [ FA72A403D49F9879E5BF5B8964462C49, F4A7ED75D84BB458057581C302D5B96C0DB9ADDFB3F5B01E80B1E4F44D50609E ] C:\Program Files\AVAST Software\Avast\defs\14081701\aswRep.dll
20:22:09.0882 0x168c  C:\Program Files\AVAST Software\Avast\defs\14081701\aswRep.dll - ok
20:22:09.0888 0x168c  [ 5E32E7C5542D95E04E8ABE8B3F676D11, E1B5958ABE040C581A3B580F26372C7AC58A610877BB0C1D33A03D7C754AF172 ] C:\Program Files\AVAST Software\Avast\defs\14081701\aswFiDb.dll
20:22:09.0888 0x168c  C:\Program Files\AVAST Software\Avast\defs\14081701\aswFiDb.dll - ok
20:22:09.0900 0x168c  [ 90EB173A54E28CA09B89D4AFDEBC2F1A, 3657D6E7BB40DAB75C2F06AA13C1EFB87EC1B9777792D821987162F30A1AA6AB ] C:\Program Files\AVAST Software\Avast\defs\14081701\exts.dll
20:22:09.0900 0x168c  C:\Program Files\AVAST Software\Avast\defs\14081701\exts.dll - ok
20:22:09.0904 0x168c  [ B5D4502861F953A83B9C2C73495B9547, 29D48442DBABA888CF4EB7907FCD638C12612E9A6E9F032A831FF0A6A313D82D ] C:\Program Files\AVAST Software\Avast\defs\14081701\swhealthex.dll
20:22:09.0904 0x168c  C:\Program Files\AVAST Software\Avast\defs\14081701\swhealthex.dll - ok
20:22:09.0907 0x168c  [ 0B7E753C9B148C3EEE59A5AF9D276D87, FF9844B2249C678FBC19F5CAE5E3570CCFCC5F9CA9DF354B5B0296FA70FB7DEA ] C:\Program Files\AVAST Software\Avast\defs\14081701\fwAux.dll
20:22:09.0907 0x168c  C:\Program Files\AVAST Software\Avast\defs\14081701\fwAux.dll - ok
20:22:09.0910 0x168c  [ 3FCB7347D2DE38488C85A31EA7838A3C, B14B008C04370320382237120164AED21AEC1C9C956484D04F7070B058ECC24C ] C:\Windows\System32\WinSATAPI.dll
20:22:09.0911 0x168c  C:\Windows\System32\WinSATAPI.dll - ok
20:22:09.0916 0x168c  [ F9F9E7F0D4EBAC06334C9BF76C9E11B4, 8CCDEE1EB9E28266F51E486D1D72A0978263E831E81E5C38F15F430BB59F9ED1 ] C:\Windows\System32\sud.dll
20:22:09.0916 0x168c  C:\Windows\System32\sud.dll - ok
20:22:09.0921 0x168c  [ 81B08EFBB3402E4C51BCF00C2364353E, 47C9896ED84FB5DDECC86DA78E580DF3B82C5E8B9B52E94D0636152FBCE4BE45 ] C:\Program Files\AVAST Software\Avast\setup\iplugins\IStats.dll
20:22:09.0921 0x168c  C:\Program Files\AVAST Software\Avast\setup\iplugins\IStats.dll - ok
20:22:09.0924 0x168c  [ 4C96E5B53EAF63BCBEA6FA79C9A0AE59, CED99AD3DF223893DFC13614785831A08E6FE16A45324DC30E17CEB2FDA3B27D ] C:\Windows\System32\VAN.dll
20:22:09.0924 0x168c  C:\Windows\System32\VAN.dll - ok
20:22:09.0927 0x168c  [ A9662BCF218BC76869A8D91635D5F93A, 7DD1AFFD3F897798F734EEA22305EBC92E41434B938ABA06CCBA3AD2CF55DE4F ] C:\Windows\System32\Wpc.dll
20:22:09.0928 0x168c  C:\Windows\System32\Wpc.dll - ok
20:22:09.0930 0x168c  [ 12BCF4DAD8E5A1B3D5FA7AB4A79DA105, 613F0D184E08CBE1FFEEB8F845ADCA79577FB3CF59EA1FEE6B2346D9930763AB ] C:\Windows\System32\sfc_os.dll
20:22:09.0930 0x168c  C:\Windows\System32\sfc_os.dll - ok
20:22:09.0933 0x168c  [ C0B8B96D018849FD8CCF15FED84E8782, E107AA4ADE150DC309C39BBF47292E7A7F8DD439FAB30791676BC8A1133B9AFD ] C:\Windows\System32\ie4uinit.exe
20:22:09.0933 0x168c  C:\Windows\System32\ie4uinit.exe - ok
20:22:09.0938 0x168c  [ F0FEFB0B5D25A75D478A4317139D937E, CB6EB2891130A410A80F6A1BF0CAC66C429DB7D4ADD0D8484CA4F83D17856441 ] C:\Windows\System32\iedkcs32.dll
20:22:09.0938 0x168c  C:\Windows\System32\iedkcs32.dll - ok
20:22:09.0940 0x168c  [ 5E46C4016F81F1B16777787A5AAF1364, 24017EBFE5CB9E2A6733A1CAAEB0C54B70802E6D7B198B08AF8B04EA874C2BD4 ] C:\Windows\System32\url.dll
20:22:09.0940 0x168c  C:\Windows\System32\url.dll - ok
20:22:09.0944 0x168c  [ 4B19A9A4191353007E9819A832B81186, 02B78FB11F80763CCB0E30E383247BD76FAC8A25DEE4971E8958EF19A08A719A ] C:\Windows\System32\timedate.cpl
20:22:09.0944 0x168c  C:\Windows\System32\timedate.cpl - ok
20:22:09.0947 0x168c  [ 8D78BA30DB4AE040A52EDEE725782715, 15099FC7A90B2E8D718D46E02D56026D56B3F043124C3455E79B7B44A027DD11 ] C:\Windows\System32\actxprxy.dll
20:22:09.0947 0x168c  C:\Windows\System32\actxprxy.dll - ok
20:22:09.0950 0x168c  [ FF41E1AC301F51E16F61AD7C0F45467C, 8E8F7C932C4A6EE239BC6F48D064C55872ED309C8F77263159729D0C2EC675DA ] C:\Windows\System32\msshsq.dll
20:22:09.0950 0x168c  C:\Windows\System32\msshsq.dll - ok
20:22:09.0952 0x168c  [ 1CE4A2790EB4A96F4ED1E4264866AFE6, EA079AABE19E4E15674AB6EC0B92EFBB382CEDE1D43CFF8A118127F7FF891FDA ] C:\Windows\System32\NaturalLanguage6.dll
20:22:09.0952 0x168c  C:\Windows\System32\NaturalLanguage6.dll - ok
20:22:09.0955 0x168c  [ AA111488C03C58A2BF66509ABB4FDE60, E7E0E3305DB8ECE1E4312D8C664BE0C25B62236C97ABB19ABF5B4FD1E75C83E2 ] C:\Windows\System32\NlsData0009.dll
20:22:09.0955 0x168c  C:\Windows\System32\NlsData0009.dll - ok
20:22:09.0958 0x168c  [ 8629B71343F61E1140243581C63BC0C7, DF03E90AC77E2559294385B8502AF8F6BAF5B2B40BE843F1AD50CD5848538F0D ] C:\Windows\System32\NlsLexicons0009.dll
20:22:09.0958 0x168c  C:\Windows\System32\NlsLexicons0009.dll - ok
20:22:09.0965 0x168c  [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\Users\Chris\AppData\Local\temp\{9761D11E-4ED3-414B-9C1F-853F77B7D39C}\{BE0FDB11-79AD-4E03-97EA-C5D3E7606D01}.tmp
20:22:09.0965 0x168c  C:\Users\Chris\AppData\Local\temp\{9761D11E-4ED3-414B-9C1F-853F77B7D39C}\{BE0FDB11-79AD-4E03-97EA-C5D3E7606D01}.tmp - ok
20:22:09.0967 0x168c  [ 24F90AEFEBE601D427CB4511E74CDCB6, 0FEBBE1F81E6A48DA0D8967E256259B6F92F6E79804DF9CAC9422FEC47CB9BF2 ] C:\Windows\System32\linkinfo.dll
20:22:09.0967 0x168c  C:\Windows\System32\linkinfo.dll - ok
20:22:09.0970 0x168c  [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\Users\Chris\AppData\Local\temp\{9761D11E-4ED3-414B-9C1F-853F77B7D39C}\{E5EF996E-AAB7-4EF7-A28F-77FC37FE3B95}.tmp
20:22:09.0971 0x168c  C:\Users\Chris\AppData\Local\temp\{9761D11E-4ED3-414B-9C1F-853F77B7D39C}\{E5EF996E-AAB7-4EF7-A28F-77FC37FE3B95}.tmp - ok
20:22:09.0974 0x168c  [ 80808656078CFCC32CF8BFEB0DD66279, 383F37599ABF16EEDEB2A60242DB7EDCC3D210A2A59DD61169047059F7041C5C ] C:\Users\Chris\AppData\Local\temp\{9761D11E-4ED3-414B-9C1F-853F77B7D39C}\{F13E6DDA-C5AE-4D43-AEAC-908C29FFD333}.tmp
20:22:09.0974 0x168c  C:\Users\Chris\AppData\Local\temp\{9761D11E-4ED3-414B-9C1F-853F77B7D39C}\{F13E6DDA-C5AE-4D43-AEAC-908C29FFD333}.tmp - ok
20:22:09.0977 0x168c  [ B503285B5D1CAC5AE445D60C690DCFF9, FE62BEC9A594B1D7BFE597EF1F4713C038E7F4A6231A307D5FF3A70AF8BC01A1 ] C:\Windows\RtHDVCpl.exe
20:22:09.0977 0x168c  C:\Windows\RtHDVCpl.exe - ok
20:22:09.0980 0x168c  [ 04044BF8E6989BE45FA718C24407CA28, C88D19AA791793313551B26DF2A33A59BEBE366F2F2930ABDE0865AE932BFD7E ] C:\Windows\System32\networkexplorer.dll
20:22:09.0980 0x168c  C:\Windows\System32\networkexplorer.dll - ok
20:22:09.0983 0x168c  [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\Users\Chris\AppData\Local\temp\{9761D11E-4ED3-414B-9C1F-853F77B7D39C}\{9E053049-5D80-4F3A-9390-A374E080E92B}.tmp
20:22:09.0983 0x168c  C:\Users\Chris\AppData\Local\temp\{9761D11E-4ED3-414B-9C1F-853F77B7D39C}\{9E053049-5D80-4F3A-9390-A374E080E92B}.tmp - ok
20:22:09.0987 0x168c  [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\Users\Chris\AppData\Local\temp\{9761D11E-4ED3-414B-9C1F-853F77B7D39C}\{04C9BDBB-FB2B-47BE-8C5D-294A149FBA5D}.tmp
20:22:09.0987 0x168c  C:\Users\Chris\AppData\Local\temp\{9761D11E-4ED3-414B-9C1F-853F77B7D39C}\{04C9BDBB-FB2B-47BE-8C5D-294A149FBA5D}.tmp - ok
20:22:09.0990 0x168c  [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\Users\Chris\AppData\Local\temp\{9761D11E-4ED3-414B-9C1F-853F77B7D39C}\{FCEA79E8-FCF3-4464-B4F5-983AEECCE483}.tmp
20:22:09.0990 0x168c  C:\Users\Chris\AppData\Local\temp\{9761D11E-4ED3-414B-9C1F-853F77B7D39C}\{FCEA79E8-FCF3-4464-B4F5-983AEECCE483}.tmp - ok
20:22:09.0996 0x168c  [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\Users\Chris\AppData\Local\temp\{9761D11E-4ED3-414B-9C1F-853F77B7D39C}\{8C865AE2-51F9-48D5-AB40-682A53391BD9}.tmp
20:22:09.0996 0x168c  C:\Users\Chris\AppData\Local\temp\{9761D11E-4ED3-414B-9C1F-853F77B7D39C}\{8C865AE2-51F9-48D5-AB40-682A53391BD9}.tmp - ok
20:22:09.0999 0x168c  [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\Users\Chris\AppData\Local\temp\{9761D11E-4ED3-414B-9C1F-853F77B7D39C}\{20E14775-A1EC-4566-8B52-D07512021F95}.tmp
20:22:09.0999 0x168c  C:\Users\Chris\AppData\Local\temp\{9761D11E-4ED3-414B-9C1F-853F77B7D39C}\{20E14775-A1EC-4566-8B52-D07512021F95}.tmp - ok
20:22:10.0002 0x168c  [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\Users\Chris\AppData\Local\temp\{9761D11E-4ED3-414B-9C1F-853F77B7D39C}\{66A549BA-A35E-4FC6-947A-2C1E694F911A}.tmp
20:22:10.0002 0x168c  C:\Users\Chris\AppData\Local\temp\{9761D11E-4ED3-414B-9C1F-853F77B7D39C}\{66A549BA-A35E-4FC6-947A-2C1E694F911A}.tmp - ok
20:22:10.0005 0x168c  [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\Users\Chris\AppData\Local\temp\{9761D11E-4ED3-414B-9C1F-853F77B7D39C}\{24A831F6-2CAB-4747-8578-BAB6AAF80066}.tmp
20:22:10.0005 0x168c  C:\Users\Chris\AppData\Local\temp\{9761D11E-4ED3-414B-9C1F-853F77B7D39C}\{24A831F6-2CAB-4747-8578-BAB6AAF80066}.tmp - ok
20:22:10.0008 0x168c  [ 9DE4B5530631138C6826D415C1D129D8, 49B493ACD51B4DB72472FC7FA9EC0B09C367CC0A25DDC4BE3FDF3358948AD4FA ] C:\Microgaming\Casino\32red\casinogame.exe
20:22:10.0008 0x168c  C:\Microgaming\Casino\32red\casinogame.exe - ok
20:22:10.0014 0x168c  [ 84B8827562B005C118CADBA0F25DB2C6, 3AA79E62EDCFB994200B29A89C267E5391BBF4DA6E5508814DA52DB801C80FE2 ] C:\Windows\System32\dsound.dll
20:22:10.0014 0x168c  C:\Windows\System32\dsound.dll - ok
20:22:10.0017 0x168c  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
20:22:10.0017 0x168c  C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
20:22:10.0022 0x168c  [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
20:22:10.0023 0x168c  C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
20:22:10.0029 0x168c  [ 5016B8FC59AD616F03813FBE63295081, D5141F87D456CBF12E7C227A9C5D3918A675D20953E7705A49ED1BE5426C69EB ] C:\Windows\System32\thumbcache.dll
20:22:10.0029 0x168c  C:\Windows\System32\thumbcache.dll - ok
20:22:10.0034 0x168c  [ AE7C1340E78F991E2930CF2EB2069DFF, 968E22FBF6883402F1FDE80B6BB1C0DC2AB622F6FCCCE283F7A1AB29B677DD0B ] C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe
20:22:10.0034 0x168c  C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe - ok
20:22:10.0039 0x168c  [ 027E5E14C9CFF810377701BDEAD8210F, 053BE912C3F536DFA8734603B9BDFB314B61934404C84B368ABC8CA8C68F2CE5 ] C:\Windows\System32\control.exe
20:22:10.0039 0x168c  C:\Windows\System32\control.exe - ok
20:22:10.0044 0x168c  [ 877F2939794EBA4F3D1BB967007E99E8, E1F3F3E09B2B68B4B7CC2CDC6EA9E658C8C2B27191FC6E25AA600CA00FAD04DC ] C:\Windows\System32\osk.exe
20:22:10.0044 0x168c  C:\Windows\System32\osk.exe - ok
20:22:10.0048 0x168c  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC, 372AF797353F9335915CD06D4076BAB8410775DCAF2DAC0593197D7C41BBFFB2 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
20:22:10.0049 0x168c  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
20:22:10.0052 0x168c  [ C9564CF4976E7E96B4052737AA2492B4, C3AC989C8489A23BB96400B1856F5325FFC67E844F04651EA5D61BC20A991C6D ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
20:22:10.0052 0x168c  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
20:22:10.0055 0x168c  [ 80942B137077DA7D2375B3041DA9127F, B3EB3C63A8E1EB55C2F3AEF975E3C9638A2BFF6F5C2D10FF16E7B5E12EE75BE7 ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll
20:22:10.0056 0x168c  C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
20:22:10.0059 0x168c  [ 35937EAD711207544E219C2A19A78A7D, EE6E5EAE00F577D7C3FFB8C0D8EE484552A337CEAA27FCB107174A9879FE7362 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
20:22:10.0059 0x168c  C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
20:22:10.0062 0x168c  [ 0CFCDE5D9D074D96B78D1F1CBF1AAB1D, 15A579FDE0288BC732DF0C092A8269159D4D7B8AAC13E78B1D444899EE1CE478 ] C:\Windows\System32\riched20.dll
20:22:10.0062 0x168c  C:\Windows\System32\riched20.dll - ok
20:22:10.0065 0x168c  [ 28A4F10C67C182843195CD2166F7D4E7, 097BEB28F1F03288FC06E3C765A7A2A01E32603415FE1F7633B403A7186B3F8F ] C:\Program Files\HDD Health\hddhealth.exe
20:22:10.0065 0x168c  C:\Program Files\HDD Health\hddhealth.exe - ok
20:22:10.0068 0x168c  [ 790222D6CCFC576F0D07D418E6115D85, F1B1B9CC64822CE16629B1569121FB782A1A5F4E49E97AB9238BCBCD81E58AF9 ] C:\Program Files\Windows Calendar\WinCal.exe
20:22:10.0068 0x168c  C:\Program Files\Windows Calendar\WinCal.exe - ok
20:22:10.0071 0x168c  [ 06164026C38AA5366E4D127E2E36FDE8, 9E2D88DFF9906F929F0F4C343E818DE8FDF0B49DDFA8B0851CF3E1DB66462F2C ] C:\Program Files\Windows Mail\wab.exe
20:22:10.0071 0x168c  C:\Program Files\Windows Mail\wab.exe - ok
20:22:10.0074 0x168c  [ FED96A7CA1154437416C2CD01BC5FE45, 1347BD6C3530EAE91A5D90CF1F69B490A072F244601CD9A22B91D4A52FE48D7E ] C:\Windows\System32\joy.cpl
20:22:10.0074 0x168c  C:\Windows\System32\joy.cpl - ok
20:22:10.0077 0x168c  [ C8BC9A2DC599F1A52DC6B42FDD47B01E, F32F869EFA1E8ACECC9BDE7D0C9460EF3C85482629A22C4C7BEABE644B9C7E97 ] C:\Windows\System32\Macromed\Flash\FlashUtil32_14_0_0_145_Plugin.exe
20:22:10.0077 0x168c  C:\Windows\System32\Macromed\Flash\FlashUtil32_14_0_0_145_Plugin.exe - ok
20:22:10.0080 0x168c  [ A542FB84BE5D4B1BB1D3E6544925709C, 6E8FD7EB8486E3D4F2991D9B550B73D22F1E1AD71EB86BD78FC1CA8991DF0CF5 ] C:\Program Files\Malwarebytes Anti-Exploit\mbae-api.dll
20:22:10.0080 0x168c  C:\Program Files\Malwarebytes Anti-Exploit\mbae-api.dll - ok
20:22:10.0083 0x168c  [ 395335431AD55C167CFDBBAB8420DA73, F9945DA83998BA22F40D334C42D960B2E4A82DE98522637A0F7D14DC6B708CB5 ] C:\Program Files\Movie Maker\DVDMaker.exe
20:22:10.0083 0x168c  C:\Program Files\Movie Maker\DVDMaker.exe - ok
20:22:10.0086 0x168c  [ 7E38DA8C11833B99766A97CEE3F80F07, 032D920A92E624D9CFEB337750E64D9890AA69D2A4FA215B157D9EAAF4DA491D ] C:\Windows\System32\oleaccrc.dll
20:22:10.0086 0x168c  C:\Windows\System32\oleaccrc.dll - ok
20:22:10.0088 0x168c  [ 957B8D50D4E8139BE10AB46B09974B9C, 153B708437C8C825F65AA50F2DD754C85C5ED1770FC751906BF0EDB90CB588EF ] C:\Users\Chris\AppData\Local\temp\{F210AD75-F963-4545-9C7E-745531A099B5}\fpb.tmp
20:22:10.0088 0x168c  C:\Users\Chris\AppData\Local\temp\{F210AD75-F963-4545-9C7E-745531A099B5}\fpb.tmp - ok
20:22:10.0091 0x168c  [ 30A742FFCEA6661E501C44DC273C77B1, 444B26B20D942C572322B8922C8AB317A2187D300B4139CEA2EAF6D5CC3C7914 ] C:\Windows\System32\dinput8.dll
20:22:10.0091 0x168c  C:\Windows\System32\dinput8.dll - ok
20:22:10.0094 0x168c  [ 61216539E55DDF2F78E421E7EF140650, 0897EEA53F8924441FD2F61EB0FCE96142A6526EDB857B1638FEDD9304AD3561 ] C:\Windows\System32\ExplorerFrame.dll
20:22:10.0094 0x168c  C:\Windows\System32\ExplorerFrame.dll - ok
20:22:10.0097 0x168c  [ B5950DF243837D8217F4E597919B224A, 3E675AFDE75E4DB9C528343569F5A9DE495BBCCB699EBE3FE41A2B5199F25E97 ] C:\Windows\System32\stobject.dll
20:22:10.0097 0x168c  C:\Windows\System32\stobject.dll - ok
20:22:10.0100 0x168c  [ 10F36FB8CD6218CD7F818268E0F3F9C6, BF4D880A2E3A2EC0EAADA95CC87C25916D36D50D3C4C0ED4F89F4E295A62B58F ] C:\Program Files\Mozilla Firefox\firefox.exe
20:22:10.0101 0x168c  C:\Program Files\Mozilla Firefox\firefox.exe - ok
20:22:10.0104 0x168c  [ EC69B16644C613F41A57169F8D068F1D, 400CD49D44643CC72129A918B2E2B4FEDB5DD26A9709D7A686B01432F73F0474 ] C:\Windows\System32\batmeter.dll
20:22:10.0104 0x168c  C:\Windows\System32\batmeter.dll - ok
20:22:10.0107 0x168c  [ B7ED332A57FC78CA29E40D3619550225, 6C04CFAE566E8979DBC495F1B9D4FAFCFDF1F061278B5D9794CD6E5FDC7406D7 ] C:\Windows\ehome\ehshell.exe
20:22:10.0107 0x168c  C:\Windows\ehome\ehshell.exe - ok
20:22:10.0109 0x168c  [ DE7F813217EC88C0A6D4D8F2F39D7949, F749DA3DC87DDA8579B02F27951CC3BBEADFC25362D892E9484146616A0ACF47 ] C:\Windows\System32\msiltcfg.dll
20:22:10.0109 0x168c  C:\Windows\System32\msiltcfg.dll - ok
20:22:10.0116 0x168c  [ 30F02D9C55053367E26A11482F51E255, A1CE545DBB8983BD71C82FAC1C3F2633E571FAC7EFDDD8E99E73C7A308A31861 ] C:\Windows\System32\SndVolSSO.dll
20:22:10.0116 0x168c  C:\Windows\System32\SndVolSSO.dll - ok
20:22:10.0120 0x168c  [ 91E6B2F642DC66C7519EF55C4BA5C9F1, BB13F1DA5CB8D8A4E5F7D6325341F8A45A1F3C32799BC7EECFF356CF7F85789F ] C:\Windows\System32\clb.dll
20:22:10.0121 0x168c  C:\Windows\System32\clb.dll - ok
20:22:10.0124 0x168c  [ 313B30189557A2E2793F845DE0F0A4D5, AC3B725CF44C214FACB7F48784CE3CAB7CA2F94B6C3E7C2549AD0C94070DE849 ] C:\Windows\ehome\ehSSO.dll
20:22:10.0124 0x168c  C:\Windows\ehome\ehSSO.dll - ok
20:22:10.0127 0x168c  [ 75AD59B9B12EB194486BE8D97B062994, 603ECA45F49420EE4F8549FB11C6CB814990E0A562786E6DEB3AF434A1D42E39 ] C:\Windows\System32\pnidui.dll
20:22:10.0127 0x168c  C:\Windows\System32\pnidui.dll - ok
20:22:10.0130 0x168c  [ E1DDC372856277744BD6EA9DBBB60198, 9FF7399672C72A8AC669F6EA27B70F4B4D9199A17610F5AF0E8070924C4358AF ] C:\Program Files\AVAST Software\Avast\snxhk.dll
20:22:10.0130 0x168c  C:\Program Files\AVAST Software\Avast\snxhk.dll - ok
20:22:10.0133 0x168c  [ ABAEAEE763E287BDD39094C4165E1F3F, 7AEF1623E585A42620D423309BC48FE386B8ACC52315F03B946947B6E6F434B6 ] C:\Windows\System32\fdProxy.dll
20:22:10.0133 0x168c  C:\Windows\System32\fdProxy.dll - ok
20:22:10.0136 0x168c  [ 52BC119E49F88F2A5D1466230B1275C7, 948EC013DBD86AC61FA3C0CEE4778866161383EF25AD715BD6160B5697BDF5A8 ] C:\Program Files\Windows Collaboration\WinCollab.exe
20:22:10.0136 0x168c  C:\Program Files\Windows Collaboration\WinCollab.exe - ok
20:22:10.0139 0x168c  [ 2DD6AF8E97F59C9D39329BBC2A81F13F, 53D9DD827F010DFC555C330296B552276E2F0DB2ECFFB9578FA92F4D4DD77945 ] C:\Windows\System32\rasdlg.dll
20:22:10.0139 0x168c  C:\Windows\System32\rasdlg.dll - ok
20:22:10.0142 0x168c  [ 67EC459E42D3081DD8FD34356F7CAFC1, 1221A09484964A6F38AF5E34EE292B9AFEFCCB3DC6E55435FD3AAF7C235D9067 ] C:\Program Files\Mozilla Firefox\msvcr100.dll
20:22:10.0142 0x168c  C:\Program Files\Mozilla Firefox\msvcr100.dll - ok
20:22:10.0145 0x168c  [ C4AB08459CD7B59B410ACFC04D90E87B, 503A3D8590246C9BE313AF0CA0A322509A27AFBAE33A1D0CE2173DBC48170154 ] C:\Program Files\Movie Maker\MOVIEMK.exe
20:22:10.0145 0x168c  C:\Program Files\Movie Maker\MOVIEMK.exe - ok
20:22:10.0148 0x168c  [ 51CA79683B3140ACD6A91F3704D51454, 6B8DDED4CB83B12D07797B261DCE39907C39ECB23ADE81F892F423599F9A2521 ] C:\Program Files\Mozilla Firefox\mozglue.dll
20:22:10.0148 0x168c  C:\Program Files\Mozilla Firefox\mozglue.dll - ok
20:22:10.0151 0x168c  [ 4BAEC13BCAA595639EBB5185278DEFEA, 9326D08AE3D0547A319777BBEEBAB17B75452F70B3CC40049ABDCA634E366658 ] C:\Windows\System32\fdWSD.dll
20:22:10.0151 0x168c  C:\Windows\System32\fdWSD.dll - ok
20:22:10.0154 0x168c  [ C03AC1FBCD625F93D2C245D97E06F270, C8B29DA440C32B305FDC734DFA02DBB50B6FD47BC94582A8FAF86B4674534B35 ] C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe
20:22:10.0154 0x168c  C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe - ok
20:22:10.0157 0x168c  [ 3EB6D30D82F0E300FCFBAD0498F654FD, 12A9CA74619AE147FC097A8A2142B6DF9318AE8ED0ADAF04A783BC0995039071 ] C:\Windows\System32\mlang.dll
20:22:10.0157 0x168c  C:\Windows\System32\mlang.dll - ok
20:22:10.0160 0x168c  [ 03E9314004F504A14A61C3D364B62F66, A3BA6421991241BEA9C8334B62C3088F8F131AB906C3CC52113945D05016A35F ] C:\Program Files\Mozilla Firefox\msvcp100.dll
20:22:10.0160 0x168c  C:\Program Files\Mozilla Firefox\msvcp100.dll - ok
20:22:10.0163 0x168c  [ 443C5961CACD4ABC16648874AF06E4A0, 89AB98F2503CD4A36A9FAE668B62431EC219FF5E8428EC7786F6CC4F26BB0A28 ] C:\Windows\System32\fdSSDP.dll
20:22:10.0163 0x168c  C:\Windows\System32\fdSSDP.dll - ok
20:22:10.0165 0x168c  [ 2B6D8C932BDFCF135B72A3CF533F2439, CEC4DE1EDC8C4F30F312730BB190EB5468495790485D92236B6C9A3CCCBDFA12 ] C:\Program Files\Malwarebytes Anti-Exploit\mbae.dll
20:22:10.0165 0x168c  C:\Program Files\Malwarebytes Anti-Exploit\mbae.dll - ok
20:22:10.0170 0x168c  [ 069385484EA57B663D688894C88975C5, 878148BBC052241F5CA78EA4CF708D21F0B31F9EA67EE2BCE07D2BDAD9F67241 ] C:\Windows\System32\wuapp.exe
20:22:10.0170 0x168c  C:\Windows\System32\wuapp.exe - ok
20:22:10.0172 0x168c  [ 530D9DC68000B7A3AD00210D270925B5, 40996CEAFDFDBAE0C0928C396B5F4DC8C2B76F2184AEE0C0ADEF1BDAAAD1F5DC ] C:\Program Files\Mozilla Firefox\nss3.dll
20:22:10.0172 0x168c  C:\Program Files\Mozilla Firefox\nss3.dll - ok
20:22:10.0175 0x168c  [ 0E3DBAB333B4DAB6E423B21DF63EE963, 9796607B93972F57D800C1751B8692357D9CC85AE92F00E32E92AFD197CCD5D9 ] C:\Program Files\AVAST Software\Avast\libcef.dll
20:22:10.0175 0x168c  C:\Program Files\AVAST Software\Avast\libcef.dll - ok
20:22:10.0178 0x168c  [ D1D4B87FCC936EA0A7C30BC3E335BAEC, ED820C61C179FA27BB63305B5C18DBE913AEA38CECC27835D3B3E51007E7D575 ] C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
20:22:10.0178 0x168c  C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe - ok
20:22:10.0181 0x168c  [ 5E2DEFD1229B914CB06EC14CA718DA05, 629538B0ABE03A95E0C0DF5339AC17ECD2FE6D5992AD37703D6E7EE384980B73 ] C:\Program Files\Mozilla Firefox\mozjs.dll
20:22:10.0181 0x168c  C:\Program Files\Mozilla Firefox\mozjs.dll - ok
20:22:10.0184 0x168c  [ 365828E555E9479246EFD9090C41C2D7, 96BA30B9F733567E93426ADE5BB89F2C39B17E458BB557E8028E5A790FC145F7 ] C:\Windows\System32\sti.dll
20:22:10.0184 0x168c  C:\Windows\System32\sti.dll - ok
20:22:10.0187 0x168c  [ 4A839160ED1963F9A1526DDA2D1233B2, 1586B0D89994C37DF8DC045AEA91BA6A26B59DBDF9FB57C4BB7482922CC5B0F2 ] C:\Windows\System32\AltTab.dll
20:22:10.0187 0x168c  C:\Windows\System32\AltTab.dll - ok
20:22:10.0190 0x168c  [ 8D6947D64263FE10DE773433FBDE7A1D, AFAD11807765309DC105ECC4AB50239BFD019229FF51D4755B6AFF2A98BEE4A6 ] C:\Program Files\Mozilla Firefox\icuin52.dll
20:22:10.0190 0x168c  C:\Program Files\Mozilla Firefox\icuin52.dll - ok
20:22:10.0194 0x168c  [ 6B5C53E0932C510606D700B7A896EF73, 760ECED5F0CA82EBA3B346FEAF7C46543C5CF89A7B624E8AFD5B4A00D3D4EDE9 ] C:\Windows\System32\WPDShServiceObj.dll
20:22:10.0194 0x168c  C:\Windows\System32\WPDShServiceObj.dll - ok
20:22:10.0196 0x168c  [ 4E0582BE451CAD39F8CBC0C101E94213, 22235BD9426DB1E4C8D8EBBD14BF45CE3FC07181722DE76804D18E344E6402B5 ] C:\Program Files\Mozilla Firefox\icuuc52.dll
20:22:10.0197 0x168c  C:\Program Files\Mozilla Firefox\icuuc52.dll - ok
20:22:10.0200 0x168c  [ 883D02AB5D350BC45E0F60E8CFA97FDC, 3F955D79F65DAE098B1F6AFC0475041C0C1A012195160E59C2D8C08287CE1D05 ] C:\Windows\System32\PortableDeviceTypes.dll
20:22:10.0200 0x168c  C:\Windows\System32\PortableDeviceTypes.dll - ok
20:22:10.0203 0x168c  [ 6D41F6AA35220E7A54543075B27E8F83, 3350373F3443954B4DABE39955FD9B3C7FC223B73CC1429793A920ED17FB8A06 ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll
20:22:10.0203 0x168c  C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
20:22:10.0207 0x168c  [ 605BECCDDC18A93335172CA97214458C, 429F4EB4F3EC9DC7E8C2D839653DE5E42606633D6CBC55827BDAEBF6210E1E15 ] C:\Program Files\Mozilla Firefox\icudt52.dll
20:22:10.0207 0x168c  C:\Program Files\Mozilla Firefox\icudt52.dll - ok
20:22:10.0210 0x168c  [ B60FF0CC532B9D3E28610F614CDEDB64, C3FCDB73C3F4C3FD823D803CB8AE829458EBD8FAA84FC8BB3739BC4DFAF15C0F ] C:\Program Files\AVAST Software\Avast\aswUtil.dll
20:22:10.0210 0x168c  C:\Program Files\AVAST Software\Avast\aswUtil.dll - ok
20:22:10.0214 0x168c  [ D5862C49CB0128DE426B9A6D815FD9EA, EBA358E4CF96E68D90DB5650F108B97DE3D65205B7D0DB7DFB1226A908E09FED ] C:\Program Files\AVAST Software\Avast\aswJsFlt.dll
20:22:10.0214 0x168c  C:\Program Files\AVAST Software\Avast\aswJsFlt.dll - ok
20:22:10.0217 0x168c  [ 9869A4DD5F6699B794047A74D2891304, A11261B5835B85252556F2D59109C9BF08E874D9FC90BD9AE4BF80D236575D4E ] C:\Program Files\Mozilla Firefox\mozalloc.dll
20:22:10.0217 0x168c  C:\Program Files\Mozilla Firefox\mozalloc.dll - ok
20:22:10.0221 0x168c  [ 744F08CF9ACFFB1C715191D04DEEE907, 22FD4A3BA5F6424EEC0310AF9D0184599F1F820201CF643311FB6527A0BC2016 ] C:\Windows\System32\srchadmin.dll
20:22:10.0221 0x168c  C:\Windows\System32\srchadmin.dll - ok
20:22:10.0225 0x168c  [ E46A4765F8E6D631C9C9CB0B083602F5, 180581A843D59F8C33F4A167B545A29F36CECAADE224A0CF1CBB0B50C2D0F1E2 ] C:\Program Files\Windows Media Player\wmpnssci.dll
20:22:10.0225 0x168c  C:\Program Files\Windows Media Player\wmpnssci.dll - ok
20:22:10.0228 0x168c  [ 6953E980ADCA0BE816C7FF463695499A, 86FF463C3997B790BC6CFE8D5605FE858BF0FF841A61481C8890C7EFCEE28351 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
20:22:10.0228 0x168c  C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
20:22:10.0232 0x168c  [ 5193DE33F3284C447E0D31DAFBF92570, EA0F12B0C2F9DD4EA651BD96FC88AE5584364F2C0D4138E8E3D4F18F226717FE ] C:\Windows\System32\webcheck.dll
20:22:10.0232 0x168c  C:\Windows\System32\webcheck.dll - ok
20:22:10.0235 0x168c  [ 4ACEA0C4BB15ACE55E3AE5EC4E88DD55, 3014464C3A1E4D653A378CE6DFB22911B1B0F98EA8D3F6AD9AAD7399E319795C ] C:\Windows\System32\SyncCenter.dll
20:22:10.0235 0x168c  C:\Windows\System32\SyncCenter.dll - ok
20:22:10.0238 0x168c  [ 648AB74D9C104FB500B6C4EEDC6A8772, A73C065525C6165E410A03F07782B0FCB4F1AF66473C6DF83EF988C8351BD8FC ] C:\Windows\System32\wmpmde.dll
20:22:10.0238 0x168c  C:\Windows\System32\wmpmde.dll - ok
20:22:10.0241 0x168c  [ B8DE851298E99A005BFD34AA906B3FE8, 33F631C0B561199B5FEB9020FAA99E50EFA9F421D7484FFA640C5561494726DA ] C:\Windows\winsxs\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\mfc110u.dll
20:22:10.0241 0x168c  C:\Windows\winsxs\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\mfc110u.dll - ok
20:22:10.0244 0x168c  [ C5A72042F0D571F774D9011BFF71F1CF, 2C1A0FF180059FABC8DE5F0069D51C7BB690D9DF2081102D07C28F6BA179D000 ] C:\Program Files\Mozilla Firefox\gkmedias.dll
20:22:10.0244 0x168c  C:\Program Files\Mozilla Firefox\gkmedias.dll - ok
20:22:10.0247 0x168c  [ 67D16247C56C26A4F0D79D1A7F272B8F, E7AF5DB84961B1EBAB44E1515075DCD522FF0185EBAFBCB576AAB0B6B138A5A5 ] C:\Windows\System32\mf.dll
20:22:10.0247 0x168c  C:\Windows\System32\mf.dll - ok
20:22:10.0250 0x168c  [ 54152706627F5F33952340D90ADA50EE, 5D7F240B054AD448B24E339E00C4A2C6ECC65F6CF43CB8C76ACDC4486CDF34EA ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
20:22:10.0250 0x168c  C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
20:22:10.0253 0x168c  [ 0B5AC46982E77CAF3EC1D55C9AC6AB56, D13A98929C5A4F0BBC24F2C5DEC13D850563E6745EACA0196179D7DCBA0DE8DC ] C:\Windows\System32\wscntfy.dll
20:22:10.0253 0x168c  C:\Windows\System32\wscntfy.dll - ok
20:22:10.0256 0x168c  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] C:\Windows\System32\drivers\cdfs.sys
20:22:10.0256 0x168c  C:\Windows\System32\drivers\cdfs.sys - ok
20:22:10.0259 0x168c  [ 78865ABC5F5D13190F8B35BD9044714A, A16E0158129AE76AE459D9424D246C01ECECCC87A27C40D8DB0232330D2F5458 ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
20:22:10.0259 0x168c  C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok
20:22:10.0262 0x168c  [ 9B0726A03B790E5B82BED44D24009BEF, F82F3379C2D399B64BE4A9B10B85B4CE8D3C75F7BAA5BF3938A6E5DFC2826F13 ] C:\Windows\System32\imapi2.dll
20:22:10.0262 0x168c  C:\Windows\System32\imapi2.dll - ok
20:22:10.0264 0x168c  [ 87CDFFCBD09C1CA03A068343D5D93250, 6689791268ACB44D02BBF0616E448CE20CF414E3A20E189441D0ED26F036394B ] C:\Windows\System32\wmi.dll
20:22:10.0265 0x168c  C:\Windows\System32\wmi.dll - ok
20:22:10.0267 0x168c  [ 2495C4204C63678F8FD5D488CA7DAD26, 33D6F281AE815028A3EB217BA477F7C46326D8CBB7D113467E678ADB2D632416 ] C:\Windows\System32\evr.dll
20:22:10.0267 0x168c  C:\Windows\System32\evr.dll - ok
20:22:10.0270 0x168c  [ 3F7CD7873FA942C38F9831F286698414, 5D7F7D7E999BD5A4DD0D31D5DFFC325E53F52496B14D2DA179192FDB149DCF0A ] C:\Program Files\Adobe\Reader 11.0\Reader\reader_sl.exe
20:22:10.0270 0x168c  C:\Program Files\Adobe\Reader 11.0\Reader\reader_sl.exe - ok
20:22:10.0273 0x168c  [ 4DF10CE50010D70152944B51E03588B0, 47531C889E61DF42A79C5F8283D3DB73D9DD63D1747709B3538BEB10B2047CE8 ] C:\Windows\System32\wmdrmsdk.dll
20:22:10.0273 0x168c  C:\Windows\System32\wmdrmsdk.dll - ok
20:22:10.0276 0x168c  [ EFD278F8129EE12F1D4AE0250494B791, DD8DA066EBFE938334BEBCDF70340F79C8FFB5AF328FE5DF2472AE6C7987FE1F ] C:\Windows\System32\dxva2.dll
20:22:10.0276 0x168c  C:\Windows\System32\dxva2.dll - ok
20:22:10.0279 0x168c  [ C0ABD66F31C0B84CD944802E6D3D02C2, FCB7316FBA1F37EAA0036CE6A075C55FBBCB58C4444B053963E540517E95D636 ] C:\Windows\System32\bthprops.cpl
20:22:10.0279 0x168c  C:\Windows\System32\bthprops.cpl - ok
20:22:10.0282 0x168c  [ A3A66ACAC11248BA2E55141DC67C7EC3, A0D62A10C12CEBFB9ED6EF9E64E52099AAAF80C780B193C1F598E88D379393E3 ] C:\Program Files\Mozilla Firefox\xul.dll
20:22:10.0282 0x168c  C:\Program Files\Mozilla Firefox\xul.dll - ok
20:22:10.0285 0x168c  [ FF9831030678C7B6D70BAC00F68F8976, BFA9DA98F93910B8FE09EA06F917AB1F5435FCE9F786EABDF1970E19B2C63FDC ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
20:22:10.0285 0x168c  C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
20:22:10.0288 0x168c  [ 467A3B03E924B7B7EDD16D34740574B0, 35B8FC703AE064800C08578BA21BC79AD501FE002786CA0AEE883199F3E956BB ] C:\Windows\regedit.exe
20:22:10.0288 0x168c  C:\Windows\regedit.exe - ok
20:22:10.0291 0x168c  [ 015E99A7634B93E8BB0380C70F3D2CC3, 7D26E8C7A4771A5FB886CF15874301138ADE5464384B20F585C941A6374B032E ] C:\Windows\System32\wmp.dll
20:22:10.0291 0x168c  C:\Windows\System32\wmp.dll - ok
20:22:10.0293 0x168c  [ 85119F3E330CC4F2D201A6CAF64C6D42, EA8D2EB9F384834E15E0837A450B23F4A3D16D17E0C2AC64AB0D068074E64277 ] C:\Windows\is-L5DGO.exe
20:22:10.0293 0x168c  C:\Windows\is-L5DGO.exe - ok
20:22:10.0299 0x168c  [ 43884E42D858BE983526D53661F3C879, E5F1F004F96EC02F9CCFA0D2590E5BC1E50B958711C1F232C00394245B8C1A19 ] C:\Program Files\Mozilla Firefox\browser\components\browsercomps.dll
20:22:10.0299 0x168c  C:\Program Files\Mozilla Firefox\browser\components\browsercomps.dll - ok
20:22:10.0303 0x168c  [ 7191E1CBF4A7A1C0EEC08DED6F6A18A3, 01B65AB1FD88842162A2ECABBEB4E8B85944136F5084D02895AE6BB5014D6C31 ] C:\Windows\System32\tzres.dll
20:22:10.0303 0x168c  C:\Windows\System32\tzres.dll - ok
20:22:10.0307 0x168c  [ EACACA0F2FF4CC54A909E3C5721FCDE8, DC1D8AC5E8C50E9FBFA1092E7D3D1D3626C77B6826A9A9190534C49E4CA7A35A ] C:\Windows\System32\msvfw32.dll
20:22:10.0307 0x168c  C:\Windows\System32\msvfw32.dll - ok
20:22:10.0310 0x168c  [ FCC0222CF1B1A6049D17378D2640FC95, A6761E2C8B181346D43EE1739C6A7E9D0D65D5EF7BE5B0BC3B131766E7AEBAF5 ] C:\Windows\winhlp32.exe
20:22:10.0310 0x168c  C:\Windows\winhlp32.exe - ok
20:22:10.0314 0x168c  [ 9441A231C0AA0712F7CF3B10D9CFCF76, A1136DBCD62DCDEEA012CC97E7B6EFAE712267B94B8EA9B417E23CEC34FBDBA7 ] C:\Windows\System32\wmploc.DLL
20:22:10.0314 0x168c  C:\Windows\System32\wmploc.DLL - ok
20:22:10.0327 0x168c  [ E5B6D88B36BDDAD5039764FBF80284DD, DAEA4712E2ACA7055279DFFEF317FCEE923AC240D7FC26419B1DCEA48CA832B1 ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
20:22:10.0327 0x168c  C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok
20:22:10.0330 0x168c  [ 1D75BC73585969F41BA7EF0C882DFF2B, 86DD31172DAAAAB5F7848ADA46A8848F891D413E84FAF732C7F4DE16526AAC9F ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
20:22:10.0330 0x168c  C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
20:22:10.0334 0x168c  [ 9BD443B52350D2784544B637F103EBCF, 5E776B7D469A4E7D4CCFD1B0A9340CC4BDDEA10561CFD829D96CD8E30EBCF241 ] C:\Windows\System32\DWrite.dll
20:22:10.0334 0x168c  C:\Windows\System32\DWrite.dll - ok
20:22:10.0337 0x168c  [ 617F9A5813E69F6E9ED94B811EC75396, F3973DAF4E47A832FECE78AFA7A8C30C5D092E652F073BDFFED30A98E940F591 ] C:\Windows\System32\wmpps.dll
20:22:10.0337 0x168c  C:\Windows\System32\wmpps.dll - ok
20:22:10.0340 0x168c  [ 1959E5AAEE0D988C10F19CEC7DFF2242, 751D8A5FA875EDD321E4D1CA9AAFC3C8BD794594D0F96AE201F36E7E86AA23A3 ] C:\Windows\System32\wdc.dll
20:22:10.0340 0x168c  C:\Windows\System32\wdc.dll - ok
20:22:10.0343 0x168c  [ 295363D4317820AED0D527E15B90A8ED, 685282E64CA23FEEEE97795ED47520A5C2304B12E9F5DC7065C4D2055CD1A92D ] C:\Windows\System32\pdh.dll
20:22:10.0343 0x168c  C:\Windows\System32\pdh.dll - ok
20:22:10.0346 0x168c  [ B64607864E8FF80DE35DB20D1F6BF489, AFDDA7AD5181BC52C00CE8EACDCA82D038488B75C15F9F609AE757FDE161D1A7 ] C:\Windows\System32\en-US\svchost.exe.mui
20:22:10.0347 0x168c  C:\Windows\System32\en-US\svchost.exe.mui - ok
20:22:10.0349 0x168c  [ 9495FCC01D7AB7B60E5B8BA7AEFE9E3D, 93F3EA0BAAD54B7ABF6558B15818BFD239BBFDA395BC909BF9D987C72BC1D1FB ] C:\Windows\System32\wbem\WmiPrvSE.exe
20:22:10.0349 0x168c  C:\Windows\System32\wbem\WmiPrvSE.exe - ok
20:22:10.0352 0x168c  [ FC7A868DECC3AB027F29178EC8A7F252, 69623FF219EDF12CC0A49E7FFE9AFBB5E09EE2F6FA7A29DBF190AFB7592D9DE6 ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
20:22:10.0352 0x168c  C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll - ok
20:22:10.0355 0x168c  [ 8A38B5E8493A9D103083B8620AC5F3A1, E63EE1CF4DE179089F016B6D4598733B0536FE293B0E470D68368606E6ACEA24 ] C:\Windows\System32\tdh.dll
20:22:10.0355 0x168c  C:\Windows\System32\tdh.dll - ok
20:22:10.0358 0x168c  [ A194808A2D7726151CAA835D69605BD2, 9BF897BF2E578B166EC8840F206B1D0BC92A6D5B49FF16B2ECD454DAA8E707BA ] C:\Windows\System32\en-US\user32.dll.mui
20:22:10.0358 0x168c  C:\Windows\System32\en-US\user32.dll.mui - ok
20:22:10.0361 0x168c  [ A9FF57EC69F8C593AA3712B3C8F02002, 880E429951D21FE28E2A644B40C267CDF590321EE5EEAC3B3EB56547746BF65F ] C:\Program Files\AVAST Software\Avast\HTMLayout.dll
20:22:10.0361 0x168c  C:\Program Files\AVAST Software\Avast\HTMLayout.dll - ok
20:22:10.0364 0x168c  [ F6FD367C9EAAEDF90CD7A7952AE0B336, 65DF0688F18EC3DEC27E725DC3A2F0D656F321832BDFA45253C0933620214AAF ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
20:22:10.0364 0x168c  C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok
20:22:10.0367 0x168c  [ F723422A11CD6FA13036746272200993, 14C03AC5E4BC3ACA4FAA99A0604B43DF853AFABC3EB3124200F69AAE5B6F7898 ] C:\Windows\System32\wbem\cimwin32.dll
20:22:10.0367 0x168c  C:\Windows\System32\wbem\cimwin32.dll - ok
20:22:10.0370 0x168c  [ 67BB7141F7F5F37411F796943B3418B6, 8E054889C3A3C429ECB64CCDC9675CA725C8832353BF67855123046EFD915337 ] C:\Windows\System32\framedynos.dll
20:22:10.0370 0x168c  C:\Windows\System32\framedynos.dll - ok
20:22:10.0373 0x168c  [ C0B86087107AF863F2D39A604FB53BEC, 2820ED607AC58374D1D66E371D9333D2A345E33CC60882689BD8E3F071CEF059 ] C:\Program Files\Mozilla Firefox\softokn3.dll
20:22:10.0373 0x168c  C:\Program Files\Mozilla Firefox\softokn3.dll - ok
20:22:10.0376 0x168c  [ 91012AF713DC587607EF7A5A3D0B995A, 77B8210EDA73402C07E41C0D39E7B059C4A97EE1743C1387238701FB5DEE868B ] C:\Program Files\Mozilla Firefox\nssdbm3.dll
20:22:10.0376 0x168c  C:\Program Files\Mozilla Firefox\nssdbm3.dll - ok
20:22:10.0379 0x168c  [ A20AE283691ED0538C2CD7E79F65792E, 4EBEC72447211F26F0A455ABA693DF7041306866377932ECE1DD010A6C5B660C ] C:\Program Files\Mozilla Firefox\freebl3.dll
20:22:10.0379 0x168c  C:\Program Files\Mozilla Firefox\freebl3.dll - ok
20:22:10.0381 0x168c  [ 816269864C56D84C88F818379EA00DB1, C5D25C9235A5D4E4B9A52291AB4AA7C488D52CBDA8E66ABFC48B047560C3C096 ] C:\Program Files\Mozilla Firefox\nssckbi.dll
20:22:10.0381 0x168c  C:\Program Files\Mozilla Firefox\nssckbi.dll - ok
20:22:10.0385 0x168c  [ 3141224EEBA075BC085175E60CD14782, C87D33435A342B64392658C11CA4E46D1EC87687B9FF85E16E3BD7D7B2953495 ] C:\Windows\System32\msra.exe
20:22:10.0385 0x168c  C:\Windows\System32\msra.exe - ok
20:22:10.0388 0x168c  [ 5C9541EFCE477BFCFFD0EF9B1A175457, 067FF1E6D63DCBD1C83EC0AAF7446CDE6C35AB60FCDC837D400C8476E54C3559 ] C:\Windows\System32\ulib.dll
20:22:10.0388 0x168c  C:\Windows\System32\ulib.dll - ok
20:22:10.0390 0x168c  [ F36BCEEEC0FFA4E14087E2D24E2BDD40, 9B35B9E6AB2323EA156AA93A1EA839DC01BE7A57AE62A8B6E8F3D03F603F8C4C ] C:\Program Files\QuickTime\QuickTimePlayer.exe
20:22:10.0391 0x168c  C:\Program Files\QuickTime\QuickTimePlayer.exe - ok
20:22:10.0394 0x168c  [ 2D821AFA5A1A9CA7F9F997A1AAD09E72, AC91012BC25E45C4AD0441F55C47B83E21C52C0EF6A7762909C4D371AC0DC5A1 ] C:\Program Files\Windows Media Player\wmplayer.exe
20:22:10.0394 0x168c  C:\Program Files\Windows Media Player\wmplayer.exe - ok
20:22:10.0396 0x168c  [ AAAE543C535ED596ECAD2AB8761C2C6F, E10E03D5E7A8A7257EA29EA3D045B9E169099BF7B224458806EC2918BD7AD161 ] C:\Windows\System32\dxgi.dll
20:22:10.0396 0x168c  C:\Windows\System32\dxgi.dll - ok
20:22:10.0399 0x168c  [ 490C755CD179B16E0C9EB7804BD9E578, FB937F26741BEEB3F6659CCB01DFD6CCD3E73D1845AE8BEE800745005676E4F2 ] C:\Windows\System32\intl.cpl
20:22:10.0399 0x168c  C:\Windows\System32\intl.cpl - ok
20:22:10.0402 0x168c  [ 12B437CAD5FC07B3B33CE1C1355BBCC6, 5801749490920DD8CA14C0FC39E8738E5C4024304B639B30983F0B67B317A62E ] C:\Program Files\AVAST Software\Avast\aswAra.dll
20:22:10.0402 0x168c  C:\Program Files\AVAST Software\Avast\aswAra.dll - ok
20:22:10.0405 0x168c  [ CE7F6F3E9C107382A72F7D33B1E2C9FA, 7E2258FCB04D1C9C46C39DDA8709010F7339AE1BF676EBB4A82EEE283346E5D2 ] C:\Windows\System32\main.cpl
20:22:10.0405 0x168c  C:\Windows\System32\main.cpl - ok
20:22:10.0407 0x168c  [ 62C92BE2414AC9D0BC0196CA52D2CD2B, 167422607FF787CCE3D5A91B04E1B027DAE649166CF169B88837E5F8661C84AC ] C:\Windows\System32\wscui.cpl
20:22:10.0407 0x168c  C:\Windows\System32\wscui.cpl - ok
20:22:10.0410 0x168c  [ FA2A3AFADC4FB47DBC234A4E57F92CDB, D8394B8BD8919D3CACA73ECB23B156B460D18E463FCF7436E4856208F17434AF ] C:\Windows\System32\ddraw.dll
20:22:10.0410 0x168c  C:\Windows\System32\ddraw.dll - ok
20:22:10.0413 0x168c  [ 1FA026C5208D0568F0D069387222B058, 8D137648121E370D84709EECDDFF8B6EE4F8BCF29B9FA1363612A7B56185933C ] C:\Windows\System32\cic.dll
20:22:10.0413 0x168c  C:\Windows\System32\cic.dll - ok
20:22:10.0416 0x168c  [ E66587751D859A88FA61149C9CC2C15C, 92AFB5469AFCB0862CBE153AFC8A9D6F4F0D375A91852523F031781731A8D838 ] C:\Windows\System32\wer.dll
20:22:10.0416 0x168c  C:\Windows\System32\wer.dll - ok
20:22:10.0418 0x168c  [ A5CBDC87E694154F90DBA134733E7E8B, 2EE57A63782D6CC2DD029A6DB98FA2A62C0E8858A2219AEE0F0DC76FC26F7C0B ] C:\Windows\System32\brcpl.dll
20:22:10.0418 0x168c  C:\Windows\System32\brcpl.dll - ok
20:22:10.0421 0x168c  [ 2C7B4E944A48B9A07B7BF2AB262F197E, C674A532A82B015E96ADF2AC78702CFE810828F7EAA1F2C40BDC4DD3A8D85557 ] C:\Windows\System32\icm32.dll
20:22:10.0421 0x168c  C:\Windows\System32\icm32.dll - ok
20:22:10.0424 0x168c  [ 1A617835452EEE5060976C9B9F5FE635, DCCAAB049681BE876B73F0880EA32196CDA7EC954D452768A48D366096C5BD53 ] C:\Windows\System32\wuapi.dll
20:22:10.0424 0x168c  C:\Windows\System32\wuapi.dll - ok
20:22:10.0427 0x168c  [ A623666C8A8EC9A57DCA07915A3F1EC6, 00A864005315166E6E0E517945915362A31975A31478C0E41ABE8BA73BDC6AEA ] C:\Windows\System32\sdclt.exe
20:22:10.0427 0x168c  C:\Windows\System32\sdclt.exe - ok
20:22:10.0430 0x168c  [ 12C8D6C564702B0776512932290A3F6B, D7AC82B7307694B6FDB3AC08C83C415005DFA26FD92D3AA3043B3600984792DA ] C:\Windows\System32\KBDUS.DLL
20:22:10.0430 0x168c  C:\Windows\System32\KBDUS.DLL - ok
20:22:10.0432 0x168c  [ 771AF583BC58373A84496CCD52C36E33, C16D99A58402B989677B09407A175DD8CF9629C624C9211BFC88A3B5AA1340FA ] C:\Windows\System32\mssvp.dll
20:22:10.0432 0x168c  C:\Windows\System32\mssvp.dll - ok
20:22:10.0435 0x168c  [ 69405254E704895F4F519422818D35B6, 53C4804DA9B5A233C2549EA12749F5AD5DA1B132FF761E9AB4B43D134861EF3D ] C:\Windows\System32\mmsys.cpl
20:22:10.0435 0x168c  C:\Windows\System32\mmsys.cpl - ok
20:22:10.0438 0x168c  [ DA887F28054D78EE8637BEBB924A2DB5, 59FD437C4DC766210A1111764EA0D88138F471851068E4660D989ECD42D92DF7 ] C:\Windows\System32\slwga.dll
20:22:10.0438 0x168c  C:\Windows\System32\slwga.dll - ok
20:22:10.0441 0x168c  [ 351319EF11C263C95FB721AC76F436D6, FFDC593618FAC95B89B648ACFD95393FFFA7F7D450B2E4C273EBDBF85679272F ] C:\Windows\System32\mssph.dll
20:22:10.0441 0x168c  C:\Windows\System32\mssph.dll - ok
20:22:10.0444 0x168c  [ 7EBD87A09658779205891D08F37AB234, 7A65E37BCA021422851110E0C06E8A60F94F4E954FDF86E6DC19E53FBCC0FD8A ] C:\Program Files\AVAST Software\Avast\aswData.dll
20:22:10.0444 0x168c  C:\Program Files\AVAST Software\Avast\aswData.dll - ok
20:22:10.0447 0x168c  [ 08886EFE112F7E5437711FCF6D8B04C1, FFA0A0B387F5B02E7F8C86405373421803C8C13A3EB5C3244BB6EEF932E0AB4D ] C:\Windows\System32\itss.dll
20:22:10.0447 0x168c  C:\Windows\System32\itss.dll - ok
20:22:10.0450 0x168c  [ 09C91E1F199C53E1114396B59B3B4D9E, C1A078E7FEFEEB376D51E3F3712177658D69D5BFA13B72496679708AEF73CAEF ] C:\Windows\System32\aclui.dll
20:22:10.0450 0x168c  C:\Windows\System32\aclui.dll - ok
20:22:10.0453 0x168c  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:22:10.0453 0x168c  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
20:22:10.0456 0x168c  [ DE7CF7DE23DE43272E708062D0A049B8, 9AF165CD9A4419B1B7B8449A4FBFC4DA1EDACECC8B3DAFD334C93058FC7519A2 ] C:\Windows\System32\ucsvc.exe
20:22:10.0456 0x168c  C:\Windows\System32\ucsvc.exe - ok
20:22:10.0459 0x168c  [ 74B514A1FB5742CFB0DDC700D832D166, EBEA35453EFEE6FDB9BE4D27B5952BAFF4BA052E3D92435232950CA2639EDA9B ] C:\Windows\System32\scksp.dll
20:22:10.0459 0x168c  C:\Windows\System32\scksp.dll - ok
20:22:10.0462 0x168c  [ 1AD8512A5C40AD1A0558498D8E0AC2AA, 7DCA8A7C130243FF41B1E04F50D0BA3EBB48E6A37C275FD0FF0AA8509FD2A555 ] C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
20:22:10.0462 0x168c  C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe - ok
20:22:10.0465 0x168c  [ 5CAA965A14ADBDEF4359F3D2BEA9D9F7, 430693AF60E0E71FDE0775AFB6BEE5CD7CEBC6D4C26517068407C7F5AFB017E2 ] C:\Windows\System32\devmgr.dll
20:22:10.0465 0x168c  C:\Windows\System32\devmgr.dll - ok
20:22:10.0468 0x168c  [ 128DD9AF8640DBCC711940903C8B554F, 46E9715F3CD09F32FBEAA5379991E9E7DACCBD2407C2D061FDA3A04F05108133 ] C:\Windows\System32\mscoree.dll
20:22:10.0468 0x168c  C:\Windows\System32\mscoree.dll - ok
20:22:10.0471 0x168c  [ 0DCA5F8AF83975061D9D8340DC471B5C, 71C8549419F46ABB4826B1847BF325374FA5C237CE14DB8B1DD8BB6FDABF6138 ] C:\Windows\System32\msvcr110_clr0400.dll
20:22:10.0471 0x168c  C:\Windows\System32\msvcr110_clr0400.dll - ok
20:22:10.0474 0x168c  [ 489D84933B080F78251ADE6CA28A3847, E33814D17B74BA535E5FD7A97C9B63EE08156BA13E51ABBA2CD5698A3BF03C05 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoree.tlb
20:22:10.0474 0x168c  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoree.tlb - ok
20:22:10.0477 0x168c  [ D5213329522F620A50EF2DBDC7F4D0D7, 01DE2A877C4CD3D11A47F49F22715AB285A9682F3855AA35D130D4B3438B86EB ] C:\Windows\System32\stdole2.tlb
20:22:10.0477 0x168c  C:\Windows\System32\stdole2.tlb - ok
20:22:10.0480 0x168c  [ CE683F9B7482B31D0EC5D04FD7533F54, 7A28DCCB8AB1FC011C292AFA5985725A40460FADA5E35F7B8E15E108AD9D2DCF ] C:\Windows\System32\adsldp.dll
20:22:10.0480 0x168c  C:\Windows\System32\adsldp.dll - ok
20:22:10.0483 0x168c  [ 5E3C0E5FFDA48C5DA35BBFB8EFFF8066, E2BBCC111DB1CE6072CB796F21677E4529029CE66DDC471EC793278F81F1FCF6 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
20:22:10.0483 0x168c  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
20:22:10.0486 0x168c  [ 0731BBFBEE3718B2AB72ACE8BC92E441, D7B46A799CC5D684413CB7B8C9F4AF9D3F120D817E28188865C4DC5E22E6E72F ] C:\Program Files\AVAST Software\Avast\aswRvrt.dll
20:22:10.0486 0x168c  C:\Program Files\AVAST Software\Avast\aswRvrt.dll - ok
20:22:10.0489 0x168c  [ 191B6A8D70404267691F46E23B45ABC2, 28A347D77A6E1AAD349613F3ED0071D61DC49ED34B44AD10A6AF136CD8AE45C7 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
20:22:10.0489 0x168c  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
20:22:10.0492 0x168c  [ 868D537A681A81DC6DD1C0CD08A9BBD2, D6F2A5ACD149B321166F54263E1659C5A658FB6EE5F98411575BCABC33DE8A3D ] C:\Program Files\AVAST Software\Avast\2057\uiLangRes.dll
20:22:10.0492 0x168c  C:\Program Files\AVAST Software\Avast\2057\uiLangRes.dll - ok
20:22:10.0495 0x168c  [ 790FE685ECC6210244B120347E54CF62, 757462F4EC5A8EB5A97F428E1B130BAA6187ED1D90DD723C2FBBBC69F66369A5 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7767c4821b2d4d32f63d0df3ea24e6b2\mscorlib.ni.dll
20:22:10.0495 0x168c  C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7767c4821b2d4d32f63d0df3ea24e6b2\mscorlib.ni.dll - ok
20:22:10.0498 0x168c  [ 59FD0296E32362CD7A3E66A028B56B9A, 1D1BFCCDAFCAC4EF522067B098A4EF336BD4E7785B43FBCCAC8B74C9B262B72D ] C:\Program Files\AVAST Software\Avast\CommonRes.dll
20:22:10.0498 0x168c  C:\Program Files\AVAST Software\Avast\CommonRes.dll - ok
20:22:10.0501 0x168c  [ A8E2F76F136A0E664B68A48028D4AF93, DAEDB44FA71B60871D24EFD332A49F468532D06C411EB93E1A006C8E50391895 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
20:22:10.0501 0x168c  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
20:22:10.0504 0x168c  [ 19DF185D42AA0DE80AD78C58D4A4E936, 8515E70CEDEA1D118F38933C69B665320DBDB6BCD6FAF1F93F605CBBC412357E ] C:\Windows\System32\appwiz.cpl
20:22:10.0504 0x168c  C:\Windows\System32\appwiz.cpl - ok
20:22:10.0507 0x168c  [ A070DA313CD8339EEB8B1EF7392E5FEB, 472378C16D2F5B2520245360F9028FCD00A2A2D78C20640DB54BF89730E3F210 ] C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
20:22:10.0507 0x168c  C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll - ok
20:22:10.0511 0x168c  [ 1C9279122415243F236D337A09BF5360, AF7948C239B28F38491907CEE5CDE17D1CE66CB1D62F8CF7377A1C33C02016CF ] C:\Program Files\AVAST Software\Avast\aswRemoteCache.dll
20:22:10.0511 0x168c  C:\Program Files\AVAST Software\Avast\aswRemoteCache.dll - ok
20:22:10.0514 0x168c  [ 3FE6C3CDB01F039110152B1B0AE4980F, 1CBFA3D8CE8B768CEB71EA2CCA3C61C444EF282B43108CB863D28C4FB217CD0C ] C:\Windows\assembly\GAC_MSIL\System.Data.Entity.Design\3.5.0.0__b77a5c561934e089\System.Data.Entity.Design.dll
20:22:10.0514 0x168c  C:\Windows\assembly\GAC_MSIL\System.Data.Entity.Design\3.5.0.0__b77a5c561934e089\System.Data.Entity.Design.dll - ok
20:22:10.0517 0x168c  [ 70352EFA22EAFF59D50F0ADF7D27D918, 925602271610761DFB6BB4D81B8A7924A914C0360C490AAD2BEF0884805C2FB3 ] C:\Windows\System32\nlhtml.dll
20:22:10.0517 0x168c  C:\Windows\System32\nlhtml.dll - ok
20:22:10.0520 0x168c  [ 12370C8DB68F1A9239315B18B3CC1F89, 7CFEA28DB139953DE541C4C0EDD2379A1789B4888784D222BE2886B4D3505008 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\e2be7a2aad6294f583264df0e9f27bb7\System.ni.dll
20:22:10.0520 0x168c  C:\Windows\assembly\NativeImages_v2.0.50727_32\System\e2be7a2aad6294f583264df0e9f27bb7\System.ni.dll - ok
20:22:10.0524 0x168c  [ 1CD379DEA582B44D5A367F73EEB79A81, E8A2B8811FA5AFE790C0171AF04A8AD21E54E7CCC924CDA6B4060EF77F8856A4 ] C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
20:22:10.0524 0x168c  C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll - ok
20:22:10.0527 0x168c  [ 6C636F85AE27B1B2C789599BB1136F9D, ECF094DEA718A6FDA4AA35F4030AD705B6FDF560FAD2249B48A93BE5A394E259 ] C:\Program Files\AVAST Software\Avast\aswResourceLib.dll
20:22:10.0527 0x168c  C:\Program Files\AVAST Software\Avast\aswResourceLib.dll - ok
20:22:10.0530 0x168c  [ 283BC42AA4C34FD39A8A1D5D6B499A33, 422A6060DF82041A449909ACD62B318229FC1EC66B72D7164242108752291E38 ] C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
20:22:10.0530 0x168c  C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll - ok
20:22:10.0533 0x168c  [ AF25ECAA3D7F85DC13E348A6F79AD40D, AC7B4A21A7B344DBBF850F2ACE29002C1543078A841583AD0271EA87A04E4766 ] C:\Windows\System32\vss_ps.dll
20:22:10.0533 0x168c  C:\Windows\System32\vss_ps.dll - ok
20:22:10.0536 0x168c  [ E67DAF21DDBE6D4B5771E12902902EEA, 247D7E77AC5B3F67B855C2F3518F543CABFEB39128B391E017A1F515E2F900B5 ] C:\Windows\System32\rdpwsx.dll
20:22:10.0536 0x168c  C:\Windows\System32\rdpwsx.dll - ok
20:22:10.0539 0x168c  [ 197A6855F30CE60D3C93E6072EF742A7, C55E31A862A8090A00FA0738421B18FBE402A9FD7AAEC64CDE5240BFD5D4D632 ] C:\Windows\System32\tsgqec.dll
20:22:10.0539 0x168c  C:\Windows\System32\tsgqec.dll - ok
20:22:10.0543 0x168c  [ F8AE4460F62F54F6E855AD336BE7DBB7, E84B0A92B9C9882609BEE8569A15D0B8FB868809E8457C48ED62AFD24D049E8D ] C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
20:22:10.0543 0x168c  C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll - ok
20:22:10.0546 0x168c  [ CF0D4211E19F06762309E38C597478DD, 3F5D8A7637F8687F0ED4BFAE745E6668DC271F2698B3C0DFF72AC45AE04F1381 ] C:\Windows\System32\en-US\crypt32.dll.mui
20:22:10.0546 0x168c  C:\Windows\System32\en-US\crypt32.dll.mui - ok
20:22:10.0549 0x168c  [ 5AC7D82F2E4F63D400F3A2E17A8381F2, 111D06FB5999ADCFEB37A8F02FAB78583B4BDC693273A22CB7EFA29B28EA07AB ] C:\Windows\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll
20:22:10.0549 0x168c  C:\Windows\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll - ok
20:22:10.0552 0x168c  [ 582EFE56FC0858E58A6CEBA2A64B02C7, 569F05DC50651165FD734C19767C10E7C9DFF03157B8222C59544A35A38E1C75 ] C:\Windows\System32\drprov.dll
20:22:10.0552 0x168c  C:\Windows\System32\drprov.dll - ok
20:22:10.0555 0x168c  [ CB351A275A42D5E6D3C34993E0B5C1D7, F0475F0F9CCEA650EAD282E5DDC5F8BE270FFFCFCE3BA5376E64E320D711726F ] C:\Windows\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll
20:22:10.0555 0x168c  C:\Windows\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll - ok
20:22:10.0557 0x168c  [ B5EF1DA337DB9859709A387638AC5E07, E4CBB9A6BCE42EDDAEDB13411565472223DC60F0A2E9D5B903284E7EA9EF5258 ] C:\Windows\System32\SearchProtocolHost.exe
20:22:10.0557 0x168c  C:\Windows\System32\SearchProtocolHost.exe - ok
20:22:10.0561 0x168c  [ 8481BCDE6B82F5501430BE7143CD5D41, 5E99C2423E06BFE33F1916BBC65DEED3207C174EC8F6CB825EA247ACE6AC9E3F ] C:\Windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
20:22:10.0561 0x168c  C:\Windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll - ok
20:22:10.0564 0x168c  [ 9C50130E941A24805A608E6F3D2A3C8F, D38FA579EC1C0B21066E76513D20A4999E25C0C936F9D3D82354826342036051 ] C:\Windows\System32\wshext.dll
20:22:10.0564 0x168c  C:\Windows\System32\wshext.dll - ok
20:22:10.0568 0x168c  [ 64890F03B79E4B0458AACAE680CBF749, 930134323C5B2BB7E12AA04FDAB495F787998C2691D83E3C64EBAE033B616A50 ] C:\Windows\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
20:22:10.0568 0x168c  C:\Windows\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll - ok
20:22:10.0571 0x168c  [ 582BE479E7E286BB3B31C5A4C3DC3987, AC6B03E0B79CDF18F07351CF7749898F4309D1FD0A213E840F136C02E30D2CB2 ] C:\Windows\System32\msshooks.dll
20:22:10.0571 0x168c  C:\Windows\System32\msshooks.dll - ok
20:22:10.0574 0x168c  [ 98C77FD99F3DB37B2C03F32B8F837B65, F336058CD255F672E89B8680B114CC1C0AEDD685D49DE38BCE1B76484BAE931B ] C:\Windows\System32\mapi32.dll
20:22:10.0574 0x168c  C:\Windows\System32\mapi32.dll - ok
20:22:10.0578 0x168c  [ 338104E0E18307CD65604FE317B5FB8D, 7E3A7DD657A3014CB330BF7385E5C6722ED85D8FC80DD2036083F4B4DE71FE90 ] C:\Windows\System32\mblctr.exe
20:22:10.0578 0x168c  C:\Windows\System32\mblctr.exe - ok
20:22:10.0584 0x168c  [ A6250DF429D0D78DACFBC6B87074E584, 0C0FC4F1B5CADB8AE9D4182C732F01921979EB839E46462564181F87AE4376F6 ] C:\Windows\System32\regapi.dll
20:22:10.0584 0x168c  C:\Windows\System32\regapi.dll - ok
20:22:10.0587 0x168c  [ B9F7ADFBF9373D4751193F507C187421, 56C522C4EF67F387A0B4BAB7871CDB1CE3FB6FCB07D8C6EB2894A46E59644A95 ] C:\Windows\System32\msfeeds.dll
20:22:10.0587 0x168c  C:\Windows\System32\msfeeds.dll - ok
20:22:10.0589 0x168c  [ 8F59BB5F948D317316C0A35ED93F75BC, 62CDE5AC3EC703FE22F4B5740018973CD9D15B7F8DCE6250F723417EADFE16A2 ] C:\Windows\fveupdate.exe
20:22:10.0589 0x168c  C:\Windows\fveupdate.exe - ok
20:22:10.0593 0x168c  [ 5BE1CD443E2D6495E22CBB40D532E1F0, 4C7CE9A5C2FC18EE5A58F88EBEA209138DFBB9721BE91611FB5C613AA64CABAE ] C:\Program Files\AVAST Software\Avast\icudt.dll
20:22:10.0593 0x168c  C:\Program Files\AVAST Software\Avast\icudt.dll - ok
20:22:10.0595 0x168c  [ 2327C11B043FCEB80BE00CC8D077E9AA, F25601023B837FF7032AE47C67DF05F146F989B24DC40C4585DC65CA75C19D22 ] C:\Windows\System32\dfrgui.exe
20:22:10.0595 0x168c  C:\Windows\System32\dfrgui.exe - ok
20:22:10.0598 0x168c  [ CBEC3FB2F1F095A046E15DCA0C2093CE, D7AA14E6B885290F366D6362F235A8F4A9BE6BA7AB9A3EEC79EDA4610DBE2076 ] C:\Program Files\Google\Update\1.3.24.15\goopdateres_en-GB.dll
20:22:10.0598 0x168c  C:\Program Files\Google\Update\1.3.24.15\goopdateres_en-GB.dll - ok
20:22:10.0601 0x168c  [ 96DD35AB1C1420E0CD70EF9ECD32B825, 0A5372D1430332931F9466FED31E54CCA556CB3695DB59437E064D40AF3B3BA8 ] C:\Windows\System32\SndVol.exe
20:22:10.0601 0x168c  C:\Windows\System32\SndVol.exe - ok
20:22:10.0604 0x168c  [ 7CA6D2B544EFF9387579DBA45622D663, A0C1398626C2212165253F540FEB3F5A0C388A9F5883B0DF3B2353CF346F0E9C ] C:\Windows\IME\SPTIP.DLL
20:22:10.0604 0x168c  C:\Windows\IME\SPTIP.DLL - ok
20:22:10.0606 0x168c  [ C9EE7FF225EAC1CB9C78C413667CDB80, 12B80F326B0408C883CAB63CB11EEEE1F89F2A919E54D408C56FFD628DFCFA47 ] C:\Windows\System32\SearchFilterHost.exe
20:22:10.0606 0x168c  C:\Windows\System32\SearchFilterHost.exe - ok
20:22:10.0610 0x168c  [ 1289C97AE8D5EEA1C197BED8F94B3C25, 8E94AFE3484A56596732EFE1E73C8DBD8B3B2A1913B73C621A2D6956F8C45F43 ] C:\Windows\System32\nci.dll
20:22:10.0610 0x168c  C:\Windows\System32\nci.dll - ok
20:22:10.0613 0x168c  [ 35AAE2E841AA1A949775168E119482C9, 2457985F6113E565DCEBE58A14C644EAE1397CDB50393C03A2A94F279C053D93 ] C:\Windows\System32\msls31.dll
20:22:10.0613 0x168c  C:\Windows\System32\msls31.dll - ok
20:22:10.0615 0x168c  [ E6AA6695662F37C54747257B79187391, 83C6A25F6CB20F0A4758D8078F7E4BA236D526A95029308E2F608019A87E75F4 ] C:\Windows\System32\hdwwiz.cpl
20:22:10.0616 0x168c  C:\Windows\System32\hdwwiz.cpl - ok
20:22:10.0618 0x168c  [ A7D9D1A6C9BDFA4B0B5095A6E8837275, 1847ED8987148E262D1B67A32B3D37D92F6082C7575AAE1C4B7E327DEBF3A0F4 ] C:\Windows\System32\dispci.dll
20:22:10.0618 0x168c  C:\Windows\System32\dispci.dll - ok
20:22:10.0621 0x168c  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] C:\Windows\System32\msdtckrm.dll
20:22:10.0621 0x168c  C:\Windows\System32\msdtckrm.dll - ok
20:22:10.0623 0x168c  [ E73F6BFA83D8EF06727160E1D0ECD7CE, 5FCFFDE61F098CE438FAF9CCF3240683DCEF721ABFFCE9269BC4DCC07B64EEE9 ] C:\Windows\System32\collab.cpl
20:22:10.0623 0x168c  C:\Windows\System32\collab.cpl - ok
20:22:10.0626 0x168c  [ 13727E82864605BADA7DCE7E386F03FC, 774B028330F13514E9382C55D9C101938692B429146EE7A88264584F3ECEC742 ] C:\Program Files\AVAST Software\Avast\defs\14081701\uiext.dll
20:22:10.0626 0x168c  C:\Program Files\AVAST Software\Avast\defs\14081701\uiext.dll - ok
20:22:10.0629 0x168c  [ 8274C87726D4561EE8750D883764ACC1, 78F96E2D1AB6731EA64AEDFBE365AA574DE0280FF97D86DD0C89AD94ACC30E1A ] C:\Windows\System32\wbem\unsecapp.exe
20:22:10.0629 0x168c  C:\Windows\System32\wbem\unsecapp.exe - ok
20:22:10.0632 0x168c  [ FAF53B680C7DE42328EAE23638934D10, 85F09E1B01165204402511240237DA831FD7D4308C47F1DE9F340D1BA8F7257C ] C:\Windows\System32\mimefilt.dll
20:22:10.0632 0x168c  C:\Windows\System32\mimefilt.dll - ok
20:22:10.0635 0x168c  [ 5E41139EC6EFBCAFFD96D46925E544AB, 1A3C469A29D35CC0D66150B739EBF0BD551E8AF613E58270E0BB12B65D249090 ] C:\Windows\System32\mspatcha.dll
20:22:10.0635 0x168c  C:\Windows\System32\mspatcha.dll - ok
20:22:10.0638 0x168c  [ FE3702015BE4D214808A2FBC07B8E5FF, D1C9254994D5266F54349A62B5DEB2C989ADFF65ED460D8B65C20F4063CFACD1 ] C:\Windows\System32\wscproxystub.dll
20:22:10.0638 0x168c  C:\Windows\System32\wscproxystub.dll - ok
20:22:10.0640 0x168c  [ 3458EDA96E30FBD0477A2800D3FB1909, BDF84362E4D8A102E7FB5F352D950B84D1A8E1E7928521B68E7671D4176803C5 ] C:\Windows\System32\wups.dll
20:22:10.0640 0x168c  C:\Windows\System32\wups.dll - ok
20:22:10.0643 0x168c  [ 13820B972D74B3DE4F6552A57AC799A7, B85C6840A98E93BE928A61E46F8C712874B10D942BB9A8377045623AC877F8E4 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
20:22:10.0643 0x168c  C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
20:22:10.0646 0x168c  [ 8FFDEB99EAC611D617016F2174D48FC6, B0832924014425F92294CCADD0BC83C81F0C6551911443BC5739CCB10E5AE166 ] C:\Windows\System32\inetcomm.dll
20:22:10.0646 0x168c  C:\Windows\System32\inetcomm.dll - ok
20:22:10.0649 0x168c  [ B8AEFF80ABD57E6ABC6A46EAC7F4515F, E0387BFB1CA6875D697FB7B95868BF70F4353E336F830446E543453BDA2544C0 ] C:\Windows\System32\msdmo.dll
20:22:10.0649 0x168c  C:\Windows\System32\msdmo.dll - ok
20:22:10.0652 0x168c  [ 214460565D2AC0BC124D14B785ADAE06, C506292678F96AE5188EBCAB9EA7AE4EFA2E0A993D47B516AD10484EB602E733 ] C:\Windows\System32\msoert2.dll
20:22:10.0652 0x168c  C:\Windows\System32\msoert2.dll - ok
20:22:10.0655 0x168c  [ A7DDDDE163F16AB49DF3DE9EEC715495, 00F83712F55C4B54F5B54595CDA2BCCDFCB72F0B31EED8274F87232106995EA6 ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
20:22:10.0655 0x168c  C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
20:22:10.0658 0x168c  [ E1B80644E7125231AAEF62FC2C81C8FE, 27382B42B437E68417B05435CC4F0303A119B0CA335EC174DAFC19889212A032 ] C:\Windows\System32\newdev.dll
20:22:10.0658 0x168c  C:\Windows\System32\newdev.dll - ok
20:22:10.0661 0x168c  [ 64B0D18454E65B61B39D3704A9C8EA4D, CF25DF6061DE91D54A95E8CC68D98550AA0D88D7CC4EC1393FB268F5333D5F21 ] C:\Windows\System32\INETRES.dll
20:22:10.0661 0x168c  C:\Windows\System32\INETRES.dll - ok
20:22:10.0664 0x168c  [ 0A855F27A1E48991D14C593CB930D2B2, 43D11DDFA64BE9A2EEB94574F21FD45334E4598506F3D5AE1446C7A0ADD10300 ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
20:22:10.0664 0x168c  C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
20:22:10.0668 0x168c  [ A84509C6AB1C764C592F192AA89DA830, 1A6DA207875BF886BDB93725BC87C2137543D9DD6B0CAD49A2A0B78C90735801 ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
20:22:10.0668 0x168c  C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok
20:22:10.0671 0x168c  [ 1BAF5FE4C31D20CF805B2FA7A7C2B886, 8B8D6FE8D0FF88A2B88D2BF098FE3E2FE4C0215ED85B2C2A57FF31E10933D97A ] C:\Windows\System32\hdwwiz.exe
20:22:10.0671 0x168c  C:\Windows\System32\hdwwiz.exe - ok
20:22:10.0674 0x168c  [ 02F8883595A2B3D7FFA11C71EAC68473, EAF8145F5A45818358B1797F6A2D91B15B81DEAF4D4194C0DBDA47D7CF8893D8 ] C:\Program Files\Mozilla Firefox\plugin-container.exe
20:22:10.0674 0x168c  C:\Program Files\Mozilla Firefox\plugin-container.exe - ok
20:22:10.0677 0x168c  [ 4390CCD3790F8D9C427C0C29590C62D7, 39B0B445275E40E1F9F7D045AE7330F8CD2A24ACE18E17D6E9B4EB6BA067DBA1 ] C:\Windows\System32\Macromed\Flash\NPSWF32_14_0_0_145.dll
20:22:10.0677 0x168c  C:\Windows\System32\Macromed\Flash\NPSWF32_14_0_0_145.dll - ok
20:22:10.0680 0x168c  [ BDC0C99E472176C8C2C853A68ADC5073, 9A0A0CEE321C9BAF5545D6CB0BE3E725228B694F331FFACCEB770350AAF2C8C3 ] C:\Windows\System32\wups2.dll
20:22:10.0680 0x168c  C:\Windows\System32\wups2.dll - ok
20:22:10.0683 0x168c  [ B284E6B52A5EFDD420B4A1AAA8137149, FCC86B193E9B1770779D6A186AC1B419D932DCB4F7346F1B51F9DD713930634D ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
20:22:10.0683 0x168c  C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok
20:22:10.0686 0x168c  [ 192FFD3F99A0847740670AE711CB455A, 3C2B86FC1955BEF331B9A18B451E8A7A3E8A030C88BBD232360AA7510339C6A9 ] C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
20:22:10.0687 0x168c  C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe - ok
20:22:10.0690 0x168c  [ D0CAF531E33112D5B9CE5D6C338D4C73, C481EFE36C504E4D499DCE8DC453D2FC854F2D15B310E556CAC30367D69DAD6C ] C:\Windows\System32\en-US\setupapi.dll.mui
20:22:10.0690 0x168c  C:\Windows\System32\en-US\setupapi.dll.mui - ok
20:22:10.0692 0x168c  [ 92175EF139BD8FB53BE879CA685445BD, 1F77B9D2CB696BCA57CC718DCF2DE53A29CFB6945990FF81D913F7229AD22B1D ] C:\Windows\System32\NlsData0000.dll
20:22:10.0693 0x168c  C:\Windows\System32\NlsData0000.dll - ok
20:22:10.0696 0x168c  [ 7BE8835CA7E2975F2E865CEEE8821EB6, 7A8A03068182F984364670221A4D29AD29F25EE5A80460FDE0CDB7CD1A9A7B91 ] C:\Windows\System32\mfreadwrite.dll
20:22:10.0696 0x168c  C:\Windows\System32\mfreadwrite.dll - ok
20:22:10.0699 0x168c  [ AC6B8F8058EE27932F9AF8A2D959D201, 64DA78BC39DFECCB74584BB795155EF13BE8A0F35C245FA967F38AC633FDD195 ] C:\Windows\System32\msimtf.dll
20:22:10.0699 0x168c  C:\Windows\System32\msimtf.dll - ok
20:22:10.0702 0x168c  [ 60B4F624BB87A3B21D3EC68F38DA6B61, 69C566776488423A611DAC2CAA9B11D9717DA6768F573B0F1293FAEFAF76B3B7 ] C:\Windows\System32\inseng.dll
20:22:10.0702 0x168c  C:\Windows\System32\inseng.dll - ok
20:22:10.0706 0x168c  [ C43DECDAC58C0A43E0376A216590F40A, ABA49C9F5CE0E25E915CC8921794F20DBD6BAC8B1FF429D92C5CD4234FB9F2CB ] C:\Windows\System32\quartz.dll
20:22:10.0706 0x168c  C:\Windows\System32\quartz.dll - ok
20:22:10.0709 0x168c  [ 2955A48BE10FD1F7A112B0A890A6271D, 059963196F5CFEF1561DFFA4DB2914B278DE052ABADB6AFB5431CEFD0EDFDC50 ] C:\Windows\System32\msisip.dll
20:22:10.0709 0x168c  C:\Windows\System32\msisip.dll - ok
20:22:10.0711 0x168c  [ B79C844619AB577AD1A898DAF61D3EEF, D8F893B044657CDAE9980E50247E9BD3C54D511C7ED2F51D83808A94F6F0EE66 ] C:\Windows\System32\ndfetw.dll
20:22:10.0711 0x168c  C:\Windows\System32\ndfetw.dll - ok
20:22:10.0717 0x168c  [ 01DDF42F77DA1348173C5DC8CB28BDC2, 0115B5AA6A00E3BE18810EF5CD006492B0EAA1BC56D49E3610C82A7FFFDF944E ] C:\Windows\System32\scrobj.dll
20:22:10.0717 0x168c  C:\Windows\System32\scrobj.dll - ok
20:22:10.0719 0x168c  [ 38DAFDBCDBF8661B19D7713C9BD5A3B0, E6606F43A4BF3BAFB995B0B25B0900DA572FC5029D522260BB1D4B7CCCAF13B1 ] C:\Windows\System32\KBDUSA.DLL
20:22:10.0719 0x168c  C:\Windows\System32\KBDUSA.DLL - ok
20:22:10.0723 0x168c  [ 8FAD1550A16432D56CF6F40953797345, FD8B2ACECB9C0B5D6CAD264492E4BF13754068494D019BC2214603AE1054ACE6 ] C:\Windows\System32\msihnd.dll
20:22:10.0723 0x168c  C:\Windows\System32\msihnd.dll - ok
20:22:10.0726 0x168c  [ 3A2EEE8444A8E5C1A454C57B2198F5FC, 6B21A65BBCF9E86193BD8ABC3FAE897B4EB55758E52BE4B9F24BE1C98C73A333 ] C:\Windows\System32\ntlanman.dll
20:22:10.0726 0x168c  C:\Windows\System32\ntlanman.dll - ok
20:22:10.0729 0x168c  [ CFBD2E1FE18B50748A76703A2DC6D4E3, 5D553B3CBCC404555DEE7F58102B62A02A968EEDB99E1029624327F0A914D08E ] C:\Windows\System32\davclnt.dll
20:22:10.0729 0x168c  C:\Windows\System32\davclnt.dll - ok
20:22:10.0731 0x168c  [ C1BB3EF5FAFCBC9573DEEB57E8DF9309, 1644CAE5C8E120D6D4E61965B21B1594EEF56020953C55928A43058D83D8596E ] C:\Windows\System32\cscdll.dll
20:22:10.0731 0x168c  C:\Windows\System32\cscdll.dll - ok
20:22:10.0734 0x168c  [ 76543EEBCC6DC4D0063BE2C75CE86733, 648B6CDD6E407CCFD3376C511A34EF1B0B58CBA4995EB1B3E37B6A3299CA2132 ] C:\Windows\System32\icacls.exe
20:22:10.0734 0x168c  C:\Windows\System32\icacls.exe - ok
20:22:10.0737 0x168c  [ 6C9FF16DA8BFDDA8A57DA0A6769AC8D5, FA71F8923B798B61C550FBF5F951C87AC9C8DDED11D3382B5947E23F76FF2B10 ] C:\Windows\System32\d3dxof.dll
20:22:10.0737 0x168c  C:\Windows\System32\d3dxof.dll - ok
20:22:10.0741 0x168c  [ 6ECCE07B6A918E8A8639EA1178BDF32D, 8DA55275B84806532C274C189A8DC862A9235B39D1A18E3862CBCC6AA4F1FC85 ] C:\Windows\System32\syncui.dll
20:22:10.0741 0x168c  C:\Windows\System32\syncui.dll - ok
20:22:10.0744 0x168c  [ 95D5AC5CCBE10E8B4B8A0DF41022568D, E76C56ADC3263DEA09933BDFFA84CAE40D82F34F7AC640C2DA08164876D9D018 ] C:\Windows\System32\rstrui.exe
20:22:10.0744 0x168c  C:\Windows\System32\rstrui.exe - ok
20:22:10.0747 0x168c  [ 1E3137F06CD92ED2654B59D010B13BE7, 7040BCE82C9F8FA7F2127091D1241B766C60A2DDACB0448BE3B83D8817744C39 ] C:\Windows\System32\wpccpl.dll
20:22:10.0747 0x168c  C:\Windows\System32\wpccpl.dll - ok
20:22:10.0750 0x168c  [ A8D6C462D16BD9DDBDB3FE34BAE76425, B8AB9444977B5BE62C4CACACF347A4C2CF66E0277AD33F02FFFBE8445984106A ] C:\Windows\System32\KBDHEPT.DLL
20:22:10.0750 0x168c  C:\Windows\System32\KBDHEPT.DLL - ok
20:22:10.0753 0x168c  [ 3EC9043C392B7A335AE4D79A2FF4FB38, A597C61574231925B8242984D054A0FACB68549267762498DA8B279E446C6EE2 ] C:\Windows\System32\dsuiext.dll
20:22:10.0753 0x168c  C:\Windows\System32\dsuiext.dll - ok
20:22:10.0756 0x168c  [ 6A11BC4DD8C913723FF67D709E6BCADC, 8130B237229A08755CBEB900532C300D098FCAF1CE191406DF93501D52C12B0B ] C:\Windows\System32\localui.dll
20:22:10.0756 0x168c  C:\Windows\System32\localui.dll - ok
20:22:10.0758 0x168c  [ BB4910DE8B6C5E30DF39EC97308D44BA, F7D91D4EFEBCA4E20BCA41EA8ACA9B769B72C59763484B6AD7AC2876A9C35EF7 ] C:\Windows\System32\charmap.exe
20:22:10.0759 0x168c  C:\Windows\System32\charmap.exe - ok
20:22:10.0761 0x168c  [ 950343D413EEDC3A24472BB2046CFB59, CC077B763285E0FEE06283631E794A62C7F5CC8FFC6E19D1C63BC9BB47AD1B1B ] C:\Windows\System32\synceng.dll
20:22:10.0761 0x168c  C:\Windows\System32\synceng.dll - ok
20:22:10.0764 0x168c  [ 7D80F287AEEDD39C03E118E0EBD3311E, 4F5C83E2E048448B0E0D83D0EE2C4EBDFB797A7D7004CE201991A167B8B101CC ] C:\Windows\System32\zipfldr.dll
20:22:10.0764 0x168c  C:\Windows\System32\zipfldr.dll - ok
20:22:10.0767 0x168c  [ 3100F61A0A7921EF93232DF79EB9665B, B272E84425A55322028945DAFBEA1C2EF7360753E6508B7290B18DB61B83E618 ] C:\Windows\System32\dxtmsft.dll
20:22:10.0767 0x168c  C:\Windows\System32\dxtmsft.dll - ok
20:22:10.0770 0x168c  [ 49C1942EB424D8928989992F0EF7B84C, FDA4CE041987CA5A19EDD0551105879C4754AF509888E5DA575191ACC2CAC5C1 ] C:\Windows\System32\ppChain.dll
20:22:10.0771 0x168c  C:\Windows\System32\ppChain.dll - ok
20:22:10.0774 0x168c  [ C4F3693767A2B93A64C6D67CFC2DAC63, C4EE856F2419BBA5A809F93809B94537123599DF6A61B95BB6773EC323874FB0 ] C:\Windows\System32\printui.dll
20:22:10.0774 0x168c  C:\Windows\System32\printui.dll - ok
20:22:10.0777 0x168c  [ 8D865A3E7E2C78317EDE4EAE8316284F, 39FDF71B4E2468597CD81830799B0F1841AC0B0A2FB1FC26246FEEAB9F90EA67 ] C:\Windows\System32\MdSched.exe
20:22:10.0777 0x168c  C:\Windows\System32\MdSched.exe - ok
20:22:10.0780 0x168c  [ 5E50B8E904FCB8DFC7C29BD3FEB7A593, 56A674DF596B82996C6049F28721521C68FC76BD16426FEBDD5275DE468F3CAD ] C:\Windows\System32\consent.exe
20:22:10.0780 0x168c  C:\Windows\System32\consent.exe - ok
20:22:10.0783 0x168c  [ DBD9448D06E67FE6F29261FFAD205B68, C1ACC264F7542464C5B6B80D3D9EAB82AF21BA624B1746DF98142D8D4C383C64 ] C:\Windows\System32\themeui.dll
20:22:10.0783 0x168c  C:\Windows\System32\themeui.dll - ok
20:22:10.0786 0x168c  [ 110A5D004181FB45DD2BADAD8282EF29, AF886B468E70FC53EC27E21FF1CA80E6DFC87E092A0FC169E2CFD3A98A5E730A ] C:\Windows\System32\dvdplay.exe
20:22:10.0786 0x168c  C:\Windows\System32\dvdplay.exe - ok
20:22:10.0788 0x168c  [ 18C911651B469069F2D3968A59D736B2, 3D0E378E12794A3F05DE937B039FC3AF77678FED6D0B071C1F1A464627B2A281 ] C:\Windows\System32\igfxpph.dll
20:22:10.0789 0x168c  C:\Windows\System32\igfxpph.dll - ok
20:22:10.0791 0x168c  [ 06588D3E301B53D24281DACEE3C34FE3, 97307BD217958C3093D1DE06EBDB80FCA31553EC16E7BCB63BBE461CA4C09684 ] C:\Windows\System32\offfilt.dll
20:22:10.0791 0x168c  C:\Windows\System32\offfilt.dll - ok
20:22:10.0794 0x168c  [ B1AFF0B6DED627A1D22A6817DD58AC0F, 4AE0622BF4C17144A82589F9751234533EBD1CC8AF70B59816AAE574C95A0217 ] C:\Windows\System32\NetProj.exe
20:22:10.0794 0x168c  C:\Windows\System32\NetProj.exe - ok
20:22:10.0798 0x168c  [ 29CA1C7955371C2D012A8D3E8E0B5854, A11CF48023BEE9211FD5A3F4B27234D71F4F75684EC8DF910121268B1D7B49CB ] C:\Windows\System32\igfxcpl.cpl
20:22:10.0798 0x168c  C:\Windows\System32\igfxcpl.cpl - ok
20:22:10.0801 0x168c  [ 0BA42FAEEE97512603876A908EDB6BF4, E47482851B144874E396EF5EBA86F282F297686DB7AD06AD6F2D8E060F61CCC0 ] C:\Windows\System32\wcnwiz2.dll
20:22:10.0801 0x168c  C:\Windows\System32\wcnwiz2.dll - ok
20:22:10.0805 0x168c  [ 1B84845FB7372D457B3CBC3CE518F997, 2D467A46756A10CD764ABF3D8344050066B027C8F368E96237EF0E9E69C923C2 ] C:\Windows\System32\muzoggsp.ax
20:22:10.0805 0x168c  C:\Windows\System32\muzoggsp.ax - ok
20:22:10.0807 0x168c  [ 2999CA596EB9E4BEDBA65EF2A47EECB1, 69AF5B8AFA6D1FC99AA68899007B6AC41A80EEB36A3BCE4BF72D4DA01B197638 ] C:\Windows\System32\WcnNetsh.dll
20:22:10.0808 0x168c  C:\Windows\System32\WcnNetsh.dll - ok
20:22:10.0810 0x168c  [ 734DAA4FEAC6905BCFB30410D6C7E003, 885BDA2C8836EEDE2205E080E642BA547E4EC5F408E4BE9DEF2E6F958F6ECD7E ] C:\Windows\System32\ddrawex.dll
20:22:10.0810 0x168c  C:\Windows\System32\ddrawex.dll - ok
20:22:10.0813 0x168c  [ 1303F1E8C79BDB50EA942B7494761EB8, 0F392506A2293F3CDAA05FB9F54881EE5CD359BD25A0E8D11369E98F7D1DB7FC ] C:\Windows\System32\eapp3hst.dll
20:22:10.0813 0x168c  C:\Windows\System32\eapp3hst.dll - ok
20:22:10.0816 0x168c  [ 72F1789EBA824BB977DB83B0A0B57B26, 829F5A160D81FA99204CC29CA14F49157B7E955A603DA78B2F80C948ACF24162 ] C:\Windows\System32\whealogr.dll
20:22:10.0816 0x168c  C:\Windows\System32\whealogr.dll - ok
20:22:10.0819 0x168c  [ 8C5E15D746A51F52B9F0737F764C9506, CE891FA8155874E9B5BBE6AF6DE899FC44F3250ECEC9ABD2313B2C31F572D07F ] C:\Windows\System32\nshipsec.dll
20:22:10.0819 0x168c  C:\Windows\System32\nshipsec.dll - ok
20:22:10.0821 0x168c  [ EE62862E6CA53940951CA2B9AA1456C6, 6DBFFB12510EA9968A8B4585DCF286EFE119C06771C7BD0089A0DB485492C083 ] C:\Windows\System32\xmlprovi.dll
20:22:10.0821 0x168c  C:\Windows\System32\xmlprovi.dll - ok
20:22:10.0824 0x168c  [ 22FDF4E1E171F248766A74CB2F680FAA, E4BB094BF342A36DD0FBCA6E7F9DD77036711F07C2121A6BB3732B9B5B89C549 ] C:\Windows\System32\fontview.exe
20:22:10.0825 0x168c  C:\Windows\System32\fontview.exe - ok
20:22:10.0830 0x168c  [ 03BFA69E881E2A6B4555B156CCC89BE1, C676BF82C689E243E88BA95D16CA1229C4AE54A0457F62612606D6F8C2A8963C ] C:\Windows\System32\dxtrans.dll
20:22:10.0830 0x168c  C:\Windows\System32\dxtrans.dll - ok
20:22:10.0832 0x168c  [ 1C06D56C732BA24F73CD03D50B92D4E4, 5160F116D4AFD5128223917D54B9D780A48979B804A5428A30FB77DE89CE17E4 ] C:\Windows\System32\TabletPC.cpl
20:22:10.0832 0x168c  C:\Windows\System32\TabletPC.cpl - ok
20:22:10.0835 0x168c  [ 9EFDF7F0153C066BE619450E3D5D59DD, CD98DB7D043CCA581082E5A358EA9F7DD123BA9B373A9D7C9F2FA255D1E0C7A6 ] C:\Windows\System32\avifil32.dll
20:22:10.0835 0x168c  C:\Windows\System32\avifil32.dll - ok
20:22:10.0837 0x168c  [ 27BB54357A51594D9F9B6257B5B9A879, 1CD98BA315CCED6BAFABA5A86B9F2729442A8E104F64F39F05B5C563610C1D5F ] C:\Windows\System32\Narrator.exe
20:22:10.0837 0x168c  C:\Windows\System32\Narrator.exe - ok
20:22:10.0840 0x168c  [ A052F8FF7D6C6C32BCDCDA745134E569, E560EA1F04D2A877660D65E165B5049403825B457EB068A9AFA596C0B55D6D35 ] C:\Windows\System32\sqlsrv32.dll
20:22:10.0840 0x168c  C:\Windows\System32\sqlsrv32.dll - ok
20:22:10.0843 0x168c  [ DCB19845AAB3C0C958DF4340B36586DF, 1FCC7A7EC1B6D8C33135C60866BC91EB6E954F82896B7DD224CD67CD164C31DF ] C:\Windows\System32\wshnetbs.dll
20:22:10.0843 0x168c  C:\Windows\System32\wshnetbs.dll - ok
20:22:10.0846 0x168c  [ 8D43735C8B4519CCC473D68E25F24C1D, 2D8BEA00C4393A8289614E3B07ADC74EEC8C97E4F81EF370E390DFDA0E7F7E66 ] C:\Windows\System32\msvbvm60.dll
20:22:10.0846 0x168c  C:\Windows\System32\msvbvm60.dll - ok
20:22:10.0850 0x168c  [ B002170C361FB39FF799330BB9619C4D, 7713369616AF9827FD7006226B50C3E6E37A808ABF0C8E8F947995ED90D4A770 ] C:\Windows\System32\racpldlg.dll
20:22:10.0850 0x168c  C:\Windows\System32\racpldlg.dll - ok
20:22:10.0853 0x168c  [ F2645503E6773B1D3E9224A192BB9557, C1DE7716F6100D4CAD024D0A037D807AE650375456FCBCD9745C00C8E3891505 ] C:\Windows\System32\inetcpl.cpl
20:22:10.0853 0x168c  C:\Windows\System32\inetcpl.cpl - ok
20:22:10.0856 0x168c  [ 8A64A3F68F0E24917759852C842DCD74, 08B68B8F4756122F920F9B338F61CAC95528B33AD5F4C9AF6C46D4A0CB368E70 ] C:\Windows\System32\l3codeca.acm
20:22:10.0856 0x168c  C:\Windows\System32\l3codeca.acm - ok
20:22:10.0859 0x168c  [ EF764E33878B3A4A9E5A2FB5D0D031D0, 02D5A718AE02F07B304377B4A1FF7BC4456489F020CFE797B6E98A0344EA63DE ] C:\Windows\System32\dciman32.dll
20:22:10.0859 0x168c  C:\Windows\System32\dciman32.dll - ok
20:22:10.0863 0x168c  [ 3A72AB0BAF2DC1AE0BA6E1EE28FFCC0B, 18E49D5B2E0B055683FB63DD9A2CC1DECFA22C210C6C8F09C79D7E73C9B01451 ] C:\Windows\System32\msftedit.dll
20:22:10.0863 0x168c  C:\Windows\System32\msftedit.dll - ok
20:22:10.0867 0x168c  [ 3A9E8A35137CA77250F23DAEB1CC191A, CD80D16876F70F113214B982A2DBA2222F367E4B236E676A3BC4EE07017E719A ] C:\Windows\System32\igfxCoIn_v1472.dll
20:22:10.0867 0x168c  C:\Windows\System32\igfxCoIn_v1472.dll - ok
20:22:10.0871 0x168c  [ 665790240511DF6BC40A30E01731F49F, 529E3E4271696EB4D53E95EB6983328A8F4B8C34CD84FF36A86A69BF55429066 ] C:\Windows\System32\irprops.cpl
20:22:10.0872 0x168c  C:\Windows\System32\irprops.cpl - ok
20:22:10.0876 0x168c  [ 9F8E9C1021FB88CDD057EFAD97F7FB58, 2B2F82B2D541851893F25E298EB9474A5B09FA38FAA050045A48D313FE542FB4 ] C:\Windows\System32\bitsprx4.dll
20:22:10.0876 0x168c  C:\Windows\System32\bitsprx4.dll - ok
20:22:10.0880 0x168c  [ 465B48A225A741F723DF9773914E5613, BDEC778E29C1C3ECD8CEBA65AB988C43B4703B8EF9C7A7FFB07DB718317F32E1 ] C:\Program Files\AVAST Software\Avast\setup\aswOfferTool.exe
20:22:10.0880 0x168c  C:\Program Files\AVAST Software\Avast\setup\aswOfferTool.exe - ok
20:22:10.0884 0x168c  [ 2067598D57CCD988A88BBBDDD6EAE13D, 7FC9F14149184100687CC716EBA0A1F66A5E4D8AE3499304B8C57B8B312CE844 ] C:\Windows\System32\d3d10core.dll
20:22:10.0884 0x168c  C:\Windows\System32\d3d10core.dll - ok
20:22:10.0888 0x168c  [ 3630722DCAA17C8B40C226C202D8D682, F51429F170E4292985CA11C7CA8E02BFD0E3BCA21666634FBB516A5542C79C20 ] C:\Program Files\AVAST Software\Avast\setup\gcapi_14083032424760.dll
20:22:10.0888 0x168c  C:\Program Files\AVAST Software\Avast\setup\gcapi_14083032424760.dll - ok
20:22:10.0891 0x168c  [ 031DA76A5A7DC13F015DD3491394865E, C53D7545A76069ECAB234DD4B935CB6C62E7411B8FAFD656416A4ADA7B3F221A ] C:\Windows\System32\advpack.dll
20:22:10.0891 0x168c  C:\Windows\System32\advpack.dll - ok
20:22:10.0895 0x168c  [ 639426BADF39254D66AE4BB72BD9FD03, 84A77BB2108BF27948F9C72E068FD5A647AEF7F37C70D6478329A03058E0422D ] C:\Windows\System32\NlsData0011.dll
20:22:10.0895 0x168c  C:\Windows\System32\NlsData0011.dll - ok
20:22:10.0899 0x168c  [ 776033D8A737612A6D936634F132B534, 89A281D84CD70C886536FEC21F5282393897445087CE2562908382133E8E4565 ] C:\Windows\System32\NlsData0020.dll
20:22:10.0899 0x168c  C:\Windows\System32\NlsData0020.dll - ok
20:22:10.0903 0x168c  [ 2DB373D7E3C2C09698D71539B7F82660, B9838F994C17E71D667871ECBC41CE7774901921B85CE9C76FCDBF17883AB77B ] C:\Windows\System32\Macromed\Flash\Flash32_14_0_0_145.ocx
20:22:10.0903 0x168c  C:\Windows\System32\Macromed\Flash\Flash32_14_0_0_145.ocx - ok
20:22:10.0907 0x168c  [ 68563AC389F92EE79F1C714288BA1DCE, 0C02C6832065E464F057C7095CF172D5FBDCABCE1AC7517F6B1498E625743F51 ] C:\Windows\System32\imgutil.dll
20:22:10.0907 0x168c  C:\Windows\System32\imgutil.dll - ok
20:22:10.0910 0x168c  [ 23A732A29E183E9874C86FD93CC7B9B9, 19D9063E136E734566824B1A87F234CEB95FC2743C6609CFE40C193C9F79624A ] C:\Windows\System32\basecsp.dll
20:22:10.0910 0x168c  C:\Windows\System32\basecsp.dll - ok
20:22:10.0914 0x168c  [ E47C854A28A81F2939F42CBE9FEA994C, 7C47B5F1C184DBAEA87A3E7A66FA778619E6AF06DC4DFAAFCF8355205A770017 ] C:\Windows\System32\Magnify.exe
20:22:10.0914 0x168c  C:\Windows\System32\Magnify.exe - ok
20:22:10.0918 0x168c  [ C559672F31ABE6BA7277DD73C4502238, DCE701A4B6A824F5B71CC9BE150A87D07B2B581CB06E5AD91CC5757C67386975 ] C:\Windows\System32\msiexec.exe
20:22:10.0918 0x168c  C:\Windows\System32\msiexec.exe - ok
20:22:10.0922 0x168c  [ 9B89B3BB79EA1ACF041F40A7B6FC5827, B84A1F43C19D596BC0AE11D3E2ADF0B70172648CB4A488BF3F2AB371E819632F ] C:\Windows\System32\mobsync.exe
20:22:10.0922 0x168c  C:\Windows\System32\mobsync.exe - ok
20:22:10.0925 0x168c  [ CD599FE695689CADD969134A6DFF536A, A34445C10E90A26BE0A43EC22B370DC1952773CA87716FAE07627747DA358858 ] C:\Windows\System32\jscript.dll
20:22:10.0925 0x168c  C:\Windows\System32\jscript.dll - ok
20:22:10.0928 0x168c  [ 0DAAF8032546D1B4543D7B101B53FD6C, B8872D5F3ED3F737C4F055E4E54B2107AD87E39960853835208198C75902CEE8 ] C:\Windows\System32\odbcint.dll
20:22:10.0928 0x168c  C:\Windows\System32\odbcint.dll - ok
20:22:10.0931 0x168c  [ 387C0A29C7491F1128578B8516622AB8, 2EB75FE7D457152E5029DDCB010AC417F4CBA60C95798313E66F791F4E2CF014 ] C:\Users\Chris\Downloads\install_flashplayer14x32au_mssd_aaa_aih.exe
20:22:10.0931 0x168c  C:\Users\Chris\Downloads\install_flashplayer14x32au_mssd_aaa_aih.exe - ok
20:22:10.0935 0x168c  [ 04A8B2F67825380BC0C7C46D56776133, 2328181FC962CFEEC4F24AB60F1091AA40BC128B9B484C6C1888BCED6C600ECA ] C:\Windows\System32\pngfilt.dll
20:22:10.0935 0x168c  C:\Windows\System32\pngfilt.dll - ok
20:22:10.0938 0x168c  [ E3CE1997725EE8E14F7B4A7CD746538E, 6DC7C2BBD1C38484FE4A72AA9BE626D5762DEE98101B4732B57DA32ACB8334E1 ] C:\Windows\System32\usercpl.dll
20:22:10.0938 0x168c  C:\Windows\System32\usercpl.dll - ok
20:22:10.0940 0x168c  [ D40E7B5FBB8E0EAA7C5C294389AF95AB, 8EFD521DF1F335AF416DEC15D5C0C6538903803AA1A8ED93AA704B384A29876B ] C:\Users\Chris\Desktop\tdsskiller.exe
20:22:10.0941 0x168c  C:\Users\Chris\Desktop\tdsskiller.exe - ok
20:22:10.0943 0x168c  [ 88198AEB7F71DD2F8B6176533D70F63E, C33CAC9414D0ECC5599C5B130CE25C19F5A294A551EEBF49A20726609CED7AB9 ] C:\Windows\System32\fontext.dll
20:22:10.0943 0x168c  C:\Windows\System32\fontext.dll - ok
20:22:10.0946 0x168c  [ 4B555106290BD117334E9A08761C035A, 8A3808FBC197040BF0C65084514E8441E35FFFF8E31980F9CE1F41ED65E08437 ] C:\Windows\System32\rundll32.exe
20:22:10.0946 0x168c  C:\Windows\System32\rundll32.exe - ok
20:22:10.0949 0x168c  [ BF2156D8D9866983B55D95382131DC4A, 51C0D5038A23BC81829B63505D5E2DCC304C1AEFA0443C7F0B4D65B734D544DB ] C:\Windows\System32\lsmproxy.dll
20:22:10.0949 0x168c  C:\Windows\System32\lsmproxy.dll - ok
20:22:10.0952 0x168c  [ 1C474C0C4CB5F15A555FE912CBF4549C, DDC7199EB11BB49EC74AFBC9FDADFED5C1F45F42187F0309B3F97A410DA9E53B ] C:\Windows\System32\odbcad32.exe
20:22:10.0953 0x168c  C:\Windows\System32\odbcad32.exe - ok
20:22:10.0955 0x168c  [ 02A1A3C2447C6C61C993CD0458CB9644, DE4A12A1F4BC547A7587CC063638C5A0BB507AB295B925BDAD8BC736EB208ED7 ] C:\Windows\System32\mshtmled.dll
20:22:10.0955 0x168c  C:\Windows\System32\mshtmled.dll - ok
20:22:10.0959 0x168c  [ 0ADED25D371AE14665CE514E413988E7, 1DA0DCD583BB7D11A9328C78881C80AAE966368C16069D6BE0F0B851C2DD693A ] C:\Windows\System32\AuthFWGP.dll
20:22:10.0959 0x168c  C:\Windows\System32\AuthFWGP.dll - ok
20:22:10.0962 0x168c  [ A577868F76CEE16D6A82625FD55F379A, 8AC251A8B630EFAD3F3AA317248AAEED211DB25435D9FC45C14BED22B9E667A3 ] C:\Windows\System32\NetProjW.dll
20:22:10.0962 0x168c  C:\Windows\System32\NetProjW.dll - ok
20:22:10.0967 0x168c  [ 05B803F48B167FED703D968E41C8FF57, A4ADE9EC069904B318FF6C9012A08073C5CA6B3527F37B8DC5D6EFC7AAACAACC ] C:\Windows\System32\vbscript.dll
20:22:10.0967 0x168c  C:\Windows\System32\vbscript.dll - ok
20:22:10.0969 0x168c  [ 2CB350B72FEA6FB5A010099A4444B636, 3207800438D1E04D52270D85796E485799795C81C2184263E4ED7DD728321650 ] C:\Windows\System32\mycomput.dll
20:22:10.0969 0x168c  C:\Windows\System32\mycomput.dll - ok
20:22:10.0973 0x168c  [ C9B520028498E5DA23651619F8A556D4, CC42716E8D2635CDBD5A7FF62F9F7935EC8DC2AD94DCCC06E0C4AB0BD62AFA2C ] C:\Windows\System32\StikyNot.exe
20:22:10.0973 0x168c  C:\Windows\System32\StikyNot.exe - ok
20:22:10.0976 0x168c  [ 86AB3F6C784197DC1D994A83AF4259CD, 5CEE76B39BBFFCCF727CC8F920191059A087B0B0DCA21C13282A607082F821FB ] C:\Windows\System32\cleanmgr.exe
20:22:10.0976 0x168c  C:\Windows\System32\cleanmgr.exe - ok
20:22:10.0978 0x168c  [ 3AB4023CBD406AC33AB8CDFF6C8079A0, BEAC47A3930E7E0A38540DAD16C934A45CD129251C621B1334715CF8FB6073CA ] C:\Windows\System32\eapphost.dll
20:22:10.0978 0x168c  C:\Windows\System32\eapphost.dll - ok
20:22:10.0981 0x168c  [ B275BDB3E1718652EA30AFB3209BB975, EB1A53E9449F14EA91A75743979689FBC8289908684C536FCF1155653FD29DBB ] C:\Users\Chris\Downloads\FHSetup(3).exe
20:22:10.0981 0x168c  C:\Users\Chris\Downloads\FHSetup(3).exe - ok
20:22:10.0984 0x168c  [ CC1959AB3929997F4198AA69C854086F, B60D0CB690E8490152691DFBC5E2321FB1CA4CBCE343F42C141BEEF9D76D531F ] C:\Windows\System32\regsvr32.exe
20:22:10.0984 0x168c  C:\Windows\System32\regsvr32.exe - ok
20:22:10.0987 0x168c  [ E92143D1B2E32FAF6CC56FD97B908F6A, BB0286776E59A58A363000FDC276CD82DF436539A874A753E69C76F7682F01CF ] C:\Windows\System32\wpdshext.dll
20:22:10.0987 0x168c  C:\Windows\System32\wpdshext.dll - ok
20:22:10.0989 0x168c  [ D8B9844FDFD05CD495F110FFF11C1EE5, 99912D5EFD94FC93131612A6F0C6A4DCA3919D32727B5FD4F46DF8FD08D8056D ] C:\Users\Chris\Downloads\PSISetup(1).exe
20:22:10.0989 0x168c  C:\Users\Chris\Downloads\PSISetup(1).exe - ok
20:22:10.0993 0x168c  [ 8DDC387167FA0234F3656EB34C78BFFB, F655BC32B9D7036B39CF04950203BC8C80C04617A7DFA8AD0034AF4EC9CE3A60 ] C:\Windows\System32\powercpl.dll
20:22:10.0993 0x168c  C:\Windows\System32\powercpl.dll - ok
20:22:10.0995 0x168c  [ F84D0B1B90404D0A27E86F159FBDAC81, 73DA13C5A453F4FAB7187DEA32C910F5B1BCB8810F853F61C3A41E79CC7B606F ] C:\Windows\System32\iscsicpl.dll
20:22:10.0996 0x168c  C:\Windows\System32\iscsicpl.dll - ok
20:22:10.0998 0x168c  [ 1CB1B95D67BC380FBCCFAEA3CF2DDA80, F43195AC44D40FE3AF8AA09BA619069DF410693B13F076264E9ABDB356444300 ] C:\Windows\System32\iscsicpl.exe
20:22:10.0998 0x168c  C:\Windows\System32\iscsicpl.exe - ok
20:22:11.0001 0x168c  [ 69FD110DB660FA0B9B48332B2CF8169A, 2A0F531CA23076E10DD33645BA756C9F33406762E8123ECF2E17E6D493EEA91C ] C:\Program Files\Windows Mail\MSOERES.dll
20:22:11.0001 0x168c  C:\Program Files\Windows Mail\MSOERES.dll - ok
20:22:11.0004 0x168c  [ 210FFD034BDB5108B55B6EC23CD4CE6E, 3FC6D8F4C8B3CD7CE19BD4B7F28932233E55F3DCE9F6412A41AD0F6C04039A97 ] C:\Windows\System32\wsecedit.dll
20:22:11.0004 0x168c  C:\Windows\System32\wsecedit.dll - ok
20:22:11.0007 0x168c  [ 8F58544719E1C435BC36A8B207096581, 8C228AA8EAE056B7E149C520D636F6B2AC2144F23211E2F2634148264484F150 ] C:\Windows\System32\verclsid.exe
20:22:11.0007 0x168c  C:\Windows\System32\verclsid.exe - ok
20:22:11.0010 0x168c  [ 7629E9BB2FF06EACA62580A2C1D4FE6A, 7D6DE55767F98644BF6695752FA70BE7E62009D4D6CD4B32D66E4517756AF5BE ] C:\Windows\System32\msconfig.exe
20:22:11.0010 0x168c  C:\Windows\System32\msconfig.exe - ok
20:22:11.0014 0x168c  [ 85B8E9132595601813D62DC6D6142F90, 51D5670EDAE0E81979B8106FF7933C60CE008782514F4A1411B039E8F936DFAF ] C:\Program Files\Windows Mail\OESpamFilter.dll
20:22:11.0014 0x168c  C:\Program Files\Windows Mail\OESpamFilter.dll - ok
20:22:11.0017 0x168c  [ 57CF7F07E92195E84AB41B2F96FF627F, 0A9ABEF05AA0A640610D3444F6CC9B4EAD56D06E0C7A5675C555E1EE31DFE8A1 ] C:\Windows\System32\unregmp2.exe
20:22:11.0017 0x168c  C:\Windows\System32\unregmp2.exe - ok
20:22:11.0019 0x168c  [ 2AE61DEF9112DA8948EEAB3631FF4525, 9B8F251990CCCD0EDA2EF1C648FB3541BA1F5399EC8EC1EDA50CBBCE64FB039C ] C:\Windows\System32\autoplay.dll
20:22:11.0019 0x168c  C:\Windows\System32\autoplay.dll - ok
20:22:11.0022 0x168c  [ 421CB2C1010522B3BF7C00725520B844, D8E23D55780556CA383E753928730F37AA3F03C7A081C6D135C75283B17A4A3C ] C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
20:22:11.0022 0x168c  C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll - ok
20:22:11.0025 0x168c  [ D3D1CE8FF30786D50272DA3085149904, 7D3ECEAAE9A77DC6B28CB126493F3BEA4A423016E729404B1D6A0FF5EC3B87FD ] C:\Windows\System32\msinfo32.exe
20:22:11.0025 0x168c  C:\Windows\System32\msinfo32.exe - ok
20:22:11.0028 0x168c  [ 9B0FFD2266ACCD0DC5C349542315767D, F9E17F3E3DCA17CFE0713D629EFBCE50DBD1F30FD233649F211CB507CDCF7C54 ] C:\Program Files\Common Files\Ahead\Lib\AdvrCntr2.dll
20:22:11.0028 0x168c  C:\Program Files\Common Files\Ahead\Lib\AdvrCntr2.dll - ok
20:22:11.0032 0x168c  [ EE60FC8F65B94C392DE0F75533C014FB, 28266E2F196363AC13D06421172A530E09FC5D4A8F23D9D2018D5DC580BB1673 ] C:\Windows\System32\mstlsapi.dll
20:22:11.0032 0x168c  C:\Windows\System32\mstlsapi.dll - ok
20:22:11.0035 0x168c  [ 0FCEAA7D12B7B0BA825E5C770B1DCA48, 4E9568E74E07957465C29DB8E5A431E231A9D8FFC103F92AA1CF8327BE6053D4 ] C:\Program Files\Mozilla Firefox\Plugins\nprpplugin.dll
20:22:11.0035 0x168c  C:\Program Files\Mozilla Firefox\Plugins\nprpplugin.dll - ok
20:22:11.0038 0x168c  [ 4AD1613FEDB87B4B18CADE745235A625, 62D0D066C36DAFF51157CF0E7C6307D4D4159BD58C6493409AEE3C05FBD2188F ] C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
20:22:11.0038 0x168c  C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll - ok
20:22:11.0040 0x168c  [ A86F5EEC0ACEC16906532F2B1A7C00B6, 638B45FEC61A48EB71194226847DC5A5023834CF5E0CCE32380C0FCAB3D2F597 ] C:\Windows\System32\icardres.dll
20:22:11.0040 0x168c  C:\Windows\System32\icardres.dll - ok
20:22:11.0043 0x168c  [ 90438B514A5AC6A23602484A907E20A7, 7A75A30540473D6DDDC795B1A4C6456A42639DEB76BEAEDBCED759B449FB64F0 ] C:\Windows\System32\filemgmt.dll
20:22:11.0043 0x168c  C:\Windows\System32\filemgmt.dll - ok
20:22:11.0046 0x168c  [ 4A1FEEBF039B283258B0E479FA135DBA, 817A21A1F30FD73A790A6083E9DF94B15429489DD60E6B9E923331E2BD2D69B6 ] C:\Windows\System32\osbaseln.dll
20:22:11.0046 0x168c  C:\Windows\System32\osbaseln.dll - ok
20:22:11.0047 0x168c  ================ Scan generic autorun ======================
20:22:11.0638 0x168c  [ B503285B5D1CAC5AE445D60C690DCFF9, FE62BEC9A594B1D7BFE597EF1F4713C038E7F4A6231A307D5FF3A70AF8BC01A1 ] C:\Windows\RtHDVCpl.exe
20:22:12.0124 0x168c  RtHDVCpl - ok
20:22:12.0423 0x168c  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
20:22:12.0469 0x168c  Adobe ARM - ok
20:22:12.0654 0x168c  [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
20:22:12.0667 0x168c  APSDaemon - ok
20:22:12.0807 0x168c  [ AE7C1340E78F991E2930CF2EB2069DFF, 968E22FBF6883402F1FDE80B6BB1C0DC2AB622F6FCCCE283F7A1AB29B677DD0B ] C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe
20:22:12.0825 0x168c  Malwarebytes Anti-Exploit - ok
20:22:13.0189 0x168c  [ 26B558B2D31C7425B455B00E562EAD93, B64D128A2F1FC42BA4376F8EB08D70F4B705745CB983D0631DB45851BF34BBDF ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
20:22:13.0937 0x168c  AvastUI.exe - ok
20:22:14.0085 0x168c  GoTrusted - ok
20:22:14.0130 0x168c  [ 35937EAD711207544E219C2A19A78A7D, EE6E5EAE00F577D7C3FFB8C0D8EE484552A337CEAA27FCB107174A9879FE7362 ] C:\Program Files\Windows Media Player\WMPNSCFG.exe
20:22:14.0150 0x168c  WMPNSCFG - ok
20:22:14.0154 0x168c  Waiting for KSN requests completion. In queue: 6
20:22:15.0154 0x168c  Waiting for KSN requests completion. In queue: 6
20:22:16.0154 0x168c  Waiting for KSN requests completion. In queue: 6
20:22:17.0228 0x168c  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2021.515 ), 0x41000 ( enabled : updated )
20:22:17.0232 0x168c  FW detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2021.515 ), 0x41010 ( enabled )
20:22:19.0663 0x168c  ============================================================
20:22:19.0663 0x168c  Scan finished
20:22:19.0663 0x168c  ============================================================
20:22:19.0673 0x1684  Detected object count: 0
20:22:19.0674 0x1684  Actual detected object count: 0
20:35:42.0962 0x0b78  Deinitialize success
 


  • 0

#15
Naathim
Posted 20 August 2014 - 01:16 AM

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

warning.gif Illegal downloads warning!

Please stay away from this type of files. Our forum doesn't support piracy and documented illegal files may prevent me from helping you, so please bare in mind my expectation to get them removed from your machine.
I'm referring especially to all kind of porn, movies and series that are visible in your logfiles.

 

 

Regards,

Naat


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP