Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

computer slow down.... [Solved]

a case of dl-host gone wild

  • This topic is locked This topic is locked

#1
jamally

jamally

    Member

  • Member
  • PipPip
  • 50 posts
greetings to the world-wide conquerors of evil files !!
 
I am jamally,,
 
.. I looked in my process section of the task manager, and there was twenty or more of the dllhost
.exe Com Surrogate running. some of them was as large as 100,000.... usage percentage was up from
2-9 %  all the way to 60 %. I only noticed because my windows were opening a lot slower than usual.
     Second thing I noticed was that there was a bunch of shortcut tabs on my home page going to 
a bunch of sites that I've never heard of - like my browser was being hi-jacked by a stranger....
   I looked up that dllhost..... file and it appears that it's in the 32 folder and only about 7 kb in size.
  so i'm thinking something else may be causing these file to appear. especially since it begins it's
redundancy when I :
1 ....connect to the internet, and open tabs,,
2 ....begin a video movie
3... go into my picture files with windows photo-viewer ---
 
.... can I be helped without format ??   hope so
 
OTL logfile created on: 9/25/2014 11:25:29 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\captn\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.17089)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
7.83 Gb Total Physical Memory | 4.54 Gb Available Physical Memory | 57.96% Memory free
15.65 Gb Paging File | 11.48 Gb Available in Paging File | 73.32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1862.67 Gb Total Space | 1787.87 Gb Free Space | 95.98% Space Free | Partition Type: NTFS
 
Computer Name: 10CHOCTAW | User Name: captn | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/09/25 23:18:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\captn\Desktop\OTL.exe
PRC - [2014/09/04 08:50:02 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/08/25 11:42:20 | 003,242,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
PRC - [2014/08/25 11:38:58 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
PRC - [2014/08/25 11:37:18 | 005,188,112 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe
PRC - [2014/08/17 02:43:25 | 000,775,320 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2014/07/22 17:15:56 | 002,694,040 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
PRC - [2014/07/16 11:05:50 | 005,558,432 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
PRC - [2014/07/03 06:25:22 | 000,490,360 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
PRC - [2014/02/19 06:06:04 | 000,769,904 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
PRC - [2013/08/15 14:35:26 | 000,292,848 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2013/06/21 09:15:56 | 000,413,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013/05/16 10:38:39 | 001,826,592 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013/03/28 15:55:58 | 001,058,880 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/07/16 11:05:50 | 005,558,432 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
MOD - [2014/07/03 06:45:40 | 032,733,056 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/05/10 08:32:18 | 000,152,640 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE -- (EPSON_PM_RPCV4_06)
SRV:64bit: - [2012/05/17 00:00:00 | 000,144,560 | ---- | M] (Seiko Epson Corporation) [Auto | Running] -- C:\Windows\SysNative\escsvc64.exe -- (EpsonScanSvc)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014/09/23 17:56:11 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/09/04 08:50:02 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/08/25 11:42:20 | 003,242,000 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2014/08/25 11:38:58 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2014/03/20 18:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/08/05 22:10:03 | 000,279,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013/06/21 09:15:56 | 000,413,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/05/16 10:38:39 | 001,826,592 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/08/06 10:50:04 | 000,123,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2014/07/21 21:03:12 | 000,244,504 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2014/06/30 12:43:02 | 000,152,344 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska)
DRV:64bit: - [2014/06/17 16:21:34 | 000,235,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2014/06/17 16:07:12 | 000,328,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2014/06/17 16:06:58 | 000,269,080 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2014/06/17 16:06:24 | 000,190,744 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2014/06/17 16:06:06 | 000,031,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2013/08/15 14:34:44 | 000,020,464 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2013/08/15 14:34:38 | 000,790,000 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2013/08/15 14:34:36 | 000,368,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2013/08/05 22:09:45 | 004,438,208 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2013/08/05 22:09:22 | 000,452,088 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2013/06/21 08:02:43 | 000,448,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvstusb.sys -- (NvStUSB)
DRV:64bit: - [2013/04/30 17:09:12 | 000,838,216 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2013/02/25 01:27:45 | 000,194,848 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013/02/15 19:17:02 | 000,064,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/09/26 00:43:28 | 003,752,448 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2012/09/14 23:29:16 | 001,981,536 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2012/08/23 10:12:16 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 10:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 10:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 23:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {7A1FE267-066C-4ACD-9F7A-3C8E54890A20}
IE:64bit: - HKLM\..\SearchScopes\{7A1FE267-066C-4ACD-9F7A-3C8E54890A20}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {7A1FE267-066C-4ACD-9F7A-3C8E54890A20}
IE - HKLM\..\SearchScopes\{7A1FE267-066C-4ACD-9F7A-3C8E54890A20}: "URL" = http://www.bing.com/...rc=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 5A 12 35 50 1B B5 CF 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect_x86_64: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\captn\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
 
 
O1 HOSTS File: ([2014/09/23 03:06:43 | 000,450,712 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 15469 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Adobe Creative Cloud] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKCU..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILQE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-610 Series" /EF "HKCU" File not found
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {95B5D20C-BD31-4489-8ABF-F8C8BE748463} http://zone.msn.com/...tz.cab99160.cab (MSN Games – Hearts)
O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} http://zone.msn.com/...he.cab79352.cab (MSN Games – Texas Holdem Poker)
O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} http://zone.msn.com/...vl.cab55579.cab (ZPA_SHVL Object)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...k.cab102118.cab (MSN Games - Installer)
O16 - DPF: {CAC181B0-4D70-402D-B571-C596A47D0CE0} http://zone.msn.com/...ol.cab56649.cab (CBankshotZoneCtrl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{38993C19-1226-4D77-9C08-E6F1FE8B1104}: DhcpNameServer = 192.168.1.254
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/09/25 23:18:18 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\captn\Desktop\OTL.exe
[2014/09/23 21:18:23 | 002,480,312 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\captn\Desktop\procexp.exe
[2014/09/23 21:17:34 | 000,000,000 | ---D | C] -- C:\Users\captn\AppData\Roaming\WinRAR
[2014/09/23 21:15:03 | 000,000,000 | ---D | C] -- C:\Users\captn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014/09/23 21:15:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014/09/23 21:14:58 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2014/09/23 02:46:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2014/09/23 02:46:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2014/09/23 02:46:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2014/09/02 22:47:11 | 000,000,000 | ---D | C] -- C:\Users\captn\fantasy
[2014/08/28 01:07:46 | 000,000,000 | ---D | C] -- C:\Users\captn\AppData\Local\ToolAssistant
 
========== Files - Modified Within 30 Days ==========
 
[2014/09/25 23:18:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\captn\Desktop\OTL.exe
[2014/09/25 23:14:15 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/09/25 23:14:15 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/09/25 23:06:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/09/25 23:06:51 | 2008,457,215 | -HS- | M] () -- C:\hiberfil.sys
[2014/09/25 22:56:02 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/09/25 22:48:36 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/09/25 22:32:00 | 000,000,911 | ---- | M] () -- C:\Windows\tasks\EPSON XP-610 Series Update {111E5B54-64F2-4169-88BE-D3D2B5E442D8}.job
[2014/09/25 22:32:00 | 000,000,725 | ---- | M] () -- C:\Windows\tasks\EPSON XP-610 Series Invitation {111E5B54-64F2-4169-88BE-D3D2B5E442D8}.job
[2014/09/24 14:49:25 | 000,000,164 | ---- | M] () -- C:\Users\captn\Documents\cc_20140924_144913.reg
[2014/09/24 14:48:48 | 000,033,040 | ---- | M] () -- C:\Users\captn\Documents\cc_20140924_144835.reg
[2014/09/23 03:06:43 | 000,450,712 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/09/23 03:01:51 | 000,450,712 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20140923-030643.backup
[2014/09/23 03:00:29 | 000,000,110 | ---- | M] () -- C:\Windows\wininit.ini
[2014/09/23 02:46:21 | 000,001,308 | ---- | M] () -- C:\Users\captn\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2014/09/23 02:46:21 | 000,001,284 | ---- | M] () -- C:\Users\captn\Desktop\Spybot - Search & Destroy.lnk
[2014/09/23 00:28:09 | 000,000,828 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/09/15 20:39:06 | 000,001,159 | ---- | M] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2014/09/11 08:57:26 | 002,480,312 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\captn\Desktop\procexp.exe
[2014/09/11 03:05:19 | 000,774,592 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/09/11 03:05:19 | 000,662,384 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/09/11 03:05:19 | 000,122,252 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/09/11 03:04:13 | 000,774,592 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/09/02 16:19:12 | 000,000,975 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2014.lnk
[2014/08/28 03:17:38 | 000,268,392 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
 
========== Files Created - No Company Name ==========
 
[2014/09/24 14:49:22 | 000,000,164 | ---- | C] () -- C:\Users\captn\Documents\cc_20140924_144913.reg
[2014/09/24 14:48:37 | 000,033,040 | ---- | C] () -- C:\Users\captn\Documents\cc_20140924_144835.reg
[2014/09/23 03:00:29 | 000,000,110 | ---- | C] () -- C:\Windows\wininit.ini
[2014/09/23 02:46:21 | 000,001,308 | ---- | C] () -- C:\Users\captn\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2014/09/23 02:46:21 | 000,001,284 | ---- | C] () -- C:\Users\captn\Desktop\Spybot - Search & Destroy.lnk
[2014/06/11 22:46:01 | 000,000,036 | ---- | C] () -- C:\Windows\XP-610.ini
[2013/11/20 02:36:57 | 000,774,592 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/11/15 09:25:36 | 019,587,072 | ---- | C] () -- C:\Windows\SysWow64\igdfcl32.dll
[2013/11/15 09:25:36 | 000,241,152 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2013/11/15 09:25:36 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\igdail32.dll
 
========== ZeroAccess Check ==========
 
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/06/24 22:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/24 21:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/05/26 21:49:32 | 000,000,000 | ---D | M] -- C:\Users\captn\AppData\Roaming\Acer
[2014/05/08 00:38:13 | 000,000,000 | ---D | M] -- C:\Users\captn\AppData\Roaming\Acoustica
[2014/09/06 18:18:08 | 000,000,000 | ---D | M] -- C:\Users\captn\AppData\Roaming\Audacity
[2014/05/08 00:33:24 | 000,000,000 | ---D | M] -- C:\Users\captn\AppData\Roaming\AVG2014
[2014/05/08 00:36:11 | 000,000,000 | ---D | M] -- C:\Users\captn\AppData\Roaming\Canneverbe Limited
[2014/09/25 23:04:21 | 000,000,000 | ---D | M] -- C:\Users\captn\AppData\Roaming\DMCache
[2014/08/09 13:43:22 | 000,000,000 | ---D | M] -- C:\Users\captn\AppData\Roaming\Epson
[2014/09/25 23:04:30 | 000,000,000 | ---D | M] -- C:\Users\captn\AppData\Roaming\IDM
[2014/05/26 21:49:22 | 000,000,000 | ---D | M] -- C:\Users\captn\AppData\Roaming\Leader Technologies
[2014/05/26 21:47:34 | 000,000,000 | ---D | M] -- C:\Users\captn\AppData\Roaming\Leadertech
[2014/07/17 01:42:42 | 000,000,000 | ---D | M] -- C:\Users\captn\AppData\Roaming\Oracle
[2014/05/08 00:32:57 | 000,000,000 | ---D | M] -- C:\Users\captn\AppData\Roaming\TuneUp Software
 
========== Purity Check ==========
 
 
< End of report >
 
something the software added that shouldbe seen here ...
>
>
OTL Extras logfile created on: 9/25/2014 11:25:29 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\captn\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.17089)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
7.83 Gb Total Physical Memory | 4.54 Gb Available Physical Memory | 57.96% Memory free
15.65 Gb Paging File | 11.48 Gb Available in Paging File | 73.32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1862.67 Gb Total Space | 1787.87 Gb Free Space | 95.98% Space Free | Partition Type: NTFS
 
Computer Name: 10CHOCTAW | User Name: captn | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with FastStone] -- "C:\Program Files (x86)\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with FastStone] -- "C:\Program Files (x86)\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A20D723-3946-412F-9F49-BA4765905240}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{10AB86E7-1C6D-42AD-B282-08A0510D46B9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{11C0418D-2BB8-4E5C-AD22-587528DCB8A7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{13F5B9FC-CF97-41E3-A812-2BF8BB3D1771}" = lport=137 | protocol=17 | dir=in | app=system |
"{21093BCE-2275-4DA7-8757-513C2AEBA164}" = lport=139 | protocol=6 | dir=in | app=system |
"{28C21C88-7895-44F9-BE5A-AACCE65520EA}" = rport=138 | protocol=17 | dir=out | app=system |
"{2E333304-5F81-41E8-AAB3-4ED00F913CCE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{3A728F80-29B9-4BB5-9305-DB01E6E9FCE5}" = lport=10243 | protocol=6 | dir=in | app=system |
"{48EAF67E-4D07-4147-9309-951C12327EB9}" = rport=10243 | protocol=6 | dir=out | app=system |
"{655E1F1A-4D58-4D43-A6EE-B28491C77135}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{69B71DEE-A9A1-43C6-8B3E-FC5A806569F3}" = rport=137 | protocol=17 | dir=out | app=system |
"{7406361F-8780-47D5-91D2-933540CD6F14}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{75227E9E-4D11-4CAB-8425-2BD7E4B5A402}" = rport=445 | protocol=6 | dir=out | app=system |
"{8C7269F7-40CA-4CFB-A7C4-ADADD0FC2506}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A3B62E9F-4D2C-4C29-BCAC-41A3DBA0FD80}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B8BFBE45-E3EF-4973-B7B4-82E6AC8931E2}" = rport=139 | protocol=6 | dir=out | app=system |
"{BBF63038-7808-4EEF-A5C5-B620669601A1}" = lport=445 | protocol=6 | dir=in | app=system |
"{C0D215B4-8EEA-4981-9DC3-9F07C4C027D7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C4967022-CBDB-48A2-A21A-7825D16A99F7}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CD0F3E67-BB9F-41A3-96F9-98B7420A559D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D1DDEC19-69A8-4448-90F3-3C4C8B021500}" = lport=138 | protocol=17 | dir=in | app=system |
"{D6CCAB56-DB25-4D63-8EE0-3E6462DB4F99}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E3318C2E-E5F4-499B-95A4-12DB25A56F58}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{E58E0EDD-8904-4C23-A5DD-1C98ABAD4563}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{15F09FCF-30F5-4146-99B1-24562DE76F3B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1F840E03-7655-4378-94F9-30226F0C09D1}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
"{2A236589-69A5-4745-8481-F720335C2DC8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{41F65F74-0083-4600-9BD5-288C7E5DB1F0}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
"{436A2355-BCB0-426A-A7EB-627A84843170}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe |
"{46A6A57B-8784-4AE3-9900-7B8B2ABAC34A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4E1F026D-3514-49AB-81EB-050C83ECC3DB}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
"{5B78B119-D366-487A-9BD3-F1D215837383}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5E92EBC0-1BE4-43A0-ACA5-4087BFBBEB7D}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{61A1CE57-3DA7-4126-9846-9A63C59E648D}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe |
"{6776E962-A3F6-4567-90F7-DD04591AC0E2}" = protocol=58 | dir=in | [email protected],-28545 |
"{782A3FB2-AC22-4A29-ABDF-1C9E2E4C1974}" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\ecprintersetup\enpapp.exe |
"{7831AEAC-7FFB-4DF4-8F32-F2608C7CDD19}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7F0E840A-0487-4339-8ACC-3DA2881A0C57}" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\ecprintersetup\enpapp.exe |
"{86078FAE-6AA0-41BB-9E46-2AC9DC4A9748}" = protocol=58 | dir=out | [email protected],-28546 |
"{8AC8777B-3D7F-4343-8088-4BE06F1C1D9C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8D389281-03AE-47C1-B632-0DB181CB30E6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A726B417-71BD-43EC-8422-C14750DA5043}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
"{A9878A5B-B771-4079-8757-EA31CC29A635}" = protocol=1 | dir=in | [email protected],-28543 |
"{AE94664D-0E72-4EB9-881A-50D0CB9B495C}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B5807158-99F6-4885-AB6A-5B92D4C856DA}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe |
"{B9760FA6-5F94-4D67-B3F1-B5DD11CCA31E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C25BC930-21E1-4BFF-9FC4-8B4C9B8910A2}" = protocol=1 | dir=out | [email protected],-28544 |
"{C30D8ABC-7698-4201-B906-662590B2A54B}" = protocol=6 | dir=out | app=system |
"{C58F8841-3B83-4E06-B7D5-4510B890D760}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C879693D-3B0C-4C9F-8202-F6FC0796DF9C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CCF1B0C3-D981-4A14-B744-2D514699D7AA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D6EF8F03-EE3B-4678-B93A-AB127EB512C6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{EED50737-305C-4FAA-A8E6-65D96B455B13}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe |
"TCP Query User{25D8A8F9-0EA6-4026-9D17-C2648DF4790B}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"TCP Query User{749D1A64-0F57-41CF-A34D-E80E753DA661}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"UDP Query User{64A632F8-6E86-4588-8556-4C09FCEC0315}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"UDP Query User{C0245FAD-5A7A-4B1F-8FB5-D89524A67194}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{11FC30D9-3004-4FCA-912B-AF8CB65AED9C}" = AVG 2014
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.24.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B42D82E8-FF97-48BB-91AA-86717B2B6B16}" = AVG 2014
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{F509C1F4-0029-49F9-B145-A4C4E8DF481A}" = paint.net
"AVG" = AVG 2014
"CCleaner" = CCleaner
"EPSON XP-610 Series" = EPSON XP-610 Series Printer Uninstall
"WinRAR archiver" = WinRAR 5.11 (64-bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel® USB 3.0 eXtensible Host Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F03217067FF}" = Java 7 Update 67
"{2970697F-2A11-4588-8B7F-97322D1CCF3C}" = Epson Event Manager
"{3282FBE1-35FC-48D8-98CA-115A5EF1F9B4}" = NVIDIA PhysX
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90150000-0138-0409-0000-0000000FF1CE}" = Microsoft Office
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.12)
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{C09D747A-BD47-42A9-915E-CEB6B1BB7C11}" = Software Updater
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{D16A31F9-276D-4968-A753-FFEAC56995D0}" = Epson Print CD
"{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}" = Epson Connect Printer Setup
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"Acoustica CD/DVD Label Maker" = Acoustica CD/DVD Label Maker
"Adobe Creative Cloud" = Adobe Creative Cloud
"Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX
"Audacity_is1" = Audacity 2.0.5
"AVS Audio Editor_is1" = AVS Audio Editor 7.2
"AVS Media Player_is1" = AVS Media Player 4.2.2.104
"AVS4YOU Video Converter 7_is1" = AVS Video Converter 8.5
"CDex" = CDex - Open Source Digital Audio CD Extractor
"EPSON Scanner" = EPSON Scan
"FastStone Image Viewer" = FastStone Image Viewer 4.9
"LAME_is1" = LAME v3.99.3 (for Windows)
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.2.1012
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 8/22/2014 12:46:45 AM | Computer Name = 10choctaw | Source = ESENT | ID = 455
Description = Windows (3236) Windows: Error -1811 occurred while opening logfile
 C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS000C8.log.
 
Error - 8/22/2014 12:46:45 AM | Computer Name = 10choctaw | Source = Windows Search Service | ID = 9000
Description =
 
Error - 8/22/2014 12:46:45 AM | Computer Name = 10choctaw | Source = Windows Search Service | ID = 7040
Description =
 
Error - 8/22/2014 12:46:45 AM | Computer Name = 10choctaw | Source = Windows Search Service | ID = 7042
Description =
 
Error - 8/22/2014 12:46:45 AM | Computer Name = 10choctaw | Source = Windows Search Service | ID = 9002
Description =
 
Error - 8/22/2014 12:46:45 AM | Computer Name = 10choctaw | Source = Windows Search Service | ID = 3029
Description =
 
Error - 8/22/2014 12:46:51 AM | Computer Name = 10choctaw | Source = Windows Search Service | ID = 3029
Description =
 
Error - 8/22/2014 12:46:51 AM | Computer Name = 10choctaw | Source = Windows Search Service | ID = 3028
Description =
 
Error - 8/22/2014 12:46:51 AM | Computer Name = 10choctaw | Source = Windows Search Service | ID = 3058
Description =
 
Error - 8/22/2014 12:46:51 AM | Computer Name = 10choctaw | Source = Windows Search Service | ID = 7010
Description =
 
[ Media Center Events ]
Error - 9/24/2014 8:23:56 PM | Computer Name = 10choctaw | Source = MCUpdate | ID = 0
Description = 8:23:56 PM - Error connecting to the internet.  8:23:56 PM -     Unable
 to contact server.. 
 
Error - 9/24/2014 8:24:02 PM | Computer Name = 10choctaw | Source = MCUpdate | ID = 0
Description = 8:24:01 PM - Error connecting to the internet.  8:24:01 PM -     Unable
 to contact server.. 
 
Error - 9/24/2014 9:24:06 PM | Computer Name = 10choctaw | Source = MCUpdate | ID = 0
Description = 9:24:06 PM - Error connecting to the internet.  9:24:06 PM -     Unable
 to contact server.. 
 
Error - 9/24/2014 9:24:11 PM | Computer Name = 10choctaw | Source = MCUpdate | ID = 0
Description = 9:24:11 PM - Error connecting to the internet.  9:24:11 PM -     Unable
 to contact server.. 
 
Error - 9/24/2014 10:27:27 PM | Computer Name = 10choctaw | Source = MCUpdate | ID = 0
Description = 10:27:27 PM - Error connecting to the internet.  10:27:27 PM -     Unable
 to contact server.. 
 
Error - 9/24/2014 10:27:32 PM | Computer Name = 10choctaw | Source = MCUpdate | ID = 0
Description = 10:27:32 PM - Error connecting to the internet.  10:27:32 PM -     Unable
 to contact server.. 
 
Error - 9/25/2014 12:33:16 PM | Computer Name = 10choctaw | Source = MCUpdate | ID = 0
Description = 12:33:16 PM - Error connecting to the internet.  12:33:16 PM -     Unable
 to contact server.. 
 
Error - 9/25/2014 12:33:25 PM | Computer Name = 10choctaw | Source = MCUpdate | ID = 0
Description = 12:33:21 PM - Error connecting to the internet.  12:33:21 PM -     Unable
 to contact server.. 
 
Error - 9/25/2014 1:39:13 PM | Computer Name = 10choctaw | Source = MCUpdate | ID = 0
Description = 1:39:13 PM - Failed to retrieve SportsSchedule (Error: The remote
name could not be resolved: 'data.tvdownload.microsoft.com') 
 
Error - 9/25/2014 2:41:17 PM | Computer Name = 10choctaw | Source = MCUpdate | ID = 0
Description = 2:41:13 PM - Error connecting to the internet.  2:41:13 PM -     Unable
 to contact server.. 
 
[ System Events ]
Error - 8/4/2014 10:51:33 PM | Computer Name = 10choctaw | Source = Service Control Manager | ID = 7023
Description = The Windows Management Instrumentation service terminated with the
 following error:   %%126
 
Error - 8/4/2014 10:52:03 PM | Computer Name = 10choctaw | Source = Service Control Manager | ID = 7023
Description = The Windows Management Instrumentation service terminated with the
 following error:   %%126
 
Error - 8/4/2014 10:52:33 PM | Computer Name = 10choctaw | Source = Service Control Manager | ID = 7023
Description = The Windows Management Instrumentation service terminated with the
 following error:   %%126
 
Error - 8/4/2014 10:53:03 PM | Computer Name = 10choctaw | Source = Service Control Manager | ID = 7023
Description = The Windows Management Instrumentation service terminated with the
 following error:   %%126
 
Error - 8/4/2014 10:53:33 PM | Computer Name = 10choctaw | Source = Service Control Manager | ID = 7023
Description = The Windows Management Instrumentation service terminated with the
 following error:   %%126
 
Error - 8/4/2014 10:54:03 PM | Computer Name = 10choctaw | Source = Service Control Manager | ID = 7023
Description = The Windows Management Instrumentation service terminated with the
 following error:   %%126
 
Error - 8/4/2014 10:54:33 PM | Computer Name = 10choctaw | Source = Service Control Manager | ID = 7023
Description = The Windows Management Instrumentation service terminated with the
 following error:   %%126
 
Error - 8/4/2014 10:55:03 PM | Computer Name = 10choctaw | Source = Service Control Manager | ID = 7023
Description = The Windows Management Instrumentation service terminated with the
 following error:   %%126
 
Error - 8/4/2014 10:55:33 PM | Computer Name = 10choctaw | Source = Service Control Manager | ID = 7023
Description = The Windows Management Instrumentation service terminated with the
 following error:   %%126
 
Error - 8/4/2014 10:56:03 PM | Computer Name = 10choctaw | Source = Service Control Manager | ID = 7023
Description = The Windows Management Instrumentation service terminated with the
 following error:   %%126
 
 
< End of report >

Attached Thumbnails

  • task.jpg

Edited by Dakeyras, 26 September 2014 - 06:06 AM.
Removed email address for safety reasons etc.

  • 0

Advertisements


#2
jamally

jamally

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts

thank Dakeyras,,,,


  • 0

#3
jamally

jamally

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts

.... another item of mention.

    by using Process Explorer, I am able the click suspend on a lot of the dll listings, leaving only 1 or 2 active, and the computer speed is almost 100 %. the only thing is the photo thumbnails

>

populate very slowly, and populate only 8 of 20 photos..

Attached Thumbnails

  • dll in process suspended.jpg

Edited by jamally, 30 September 2014 - 02:44 PM.

  • 0

#4
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Hi and sorry for the delay. The forums get very busy at times. If you still need assistance on this issue I'm ready to assist. Please do the following if you are still in need. Thank you.

 

Step#1 - FRST Scan
 
1. Please download Farbar Recovery Scan Tool and save it to your Desktop.
    Note: You need to run the 64-bit Version so please ensure you download that one.
2. Right click to run as administrator. When the tool opens click Yes to disclaimer.

3. Please ensure you place a check mark in the Addition.txt check box at the bottom of the form (if it's not already) before running.
4. Press Scan button.
5. It will produce a log called FRST.txt in the same directory the tool is run from (which should now be the desktop)
6. Please copy and paste log back here.
7. The tool will generate another log (Addition.txt - also located in the same directory as FRST.exe). Please also paste that along with the FRST.txt into your reply.

 

 

 

Items for your next post

1. FRST and Addition logs

 


  • 0

#5
jamally

jamally

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-10-2014

 

Ran by captn (administrator) on 10CHOCTAW on 05-10-2014 14:54:50

 

Running from C:\Users\captn\Desktop

 

Loaded Profiles: UpdatusUser & captn (Available profiles: UpdatusUser & captn)

 

Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)

 

Internet Explorer Version 11

 

Boot Mode: Normal

 

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

 

 

==================== Processes (Whitelisted) =================

 

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

 

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

 

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

 

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe

 

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe

 

(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe

 

(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE

 

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

 

(Intel Corporation) C:\Windows\System32\igfxtray.exe

 

(Intel Corporation) C:\Windows\System32\hkcmd.exe

 

(Intel Corporation) C:\Windows\System32\igfxpers.exe

 

(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILQE.EXE

 

(Intel Corporation) C:\Windows\System32\igfxsrvc.exe

 

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

 

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe

 

(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe

 

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

 

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe

 

(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe

 

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

 

(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe

 

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe

 

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe

 

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

 

(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe

 

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe

 

() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe

 

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe

 

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe

 

(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe

 

(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe

 

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

 

(Internet Download Manager, Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\idmBroker.exe

 

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

 

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

 

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

 

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

 

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

 

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

 

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

 

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

 

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

 

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

 

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

 

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

 

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

 

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

 

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

 

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

 

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

 

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

 

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

 

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

 

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

 

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

 

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

 

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

 

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

 

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

 

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

 

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

 

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

 

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

 

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

 

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

 

 

 

==================== Registry (Whitelisted) ==================

 

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

 

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-28] (Realtek Semiconductor)

 

HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-08-15] (Intel Corporation)

 

HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5188112 2014-08-25] (AVG Technologies CZ, s.r.o.)

 

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)

 

HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058880 2013-03-28] (SEIKO EPSON CORPORATION)

 

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)

 

HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694040 2014-07-22] (Adobe Systems Incorporated)

 

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

 

HKU\S-1-5-21-825610380-2903063623-3906473893-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILQE.EXE [297024 2013-05-10] (SEIKO EPSON CORPORATION)

 

HKU\S-1-5-21-825610380-2903063623-3906473893-1001\...\Run: [SpybotSD TeaTimer] => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)

 

HKU\S-1-5-21-825610380-2903063623-3906473893-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3878480 2014-09-03] (Tonec Inc.)

 

HKU\S-1-5-21-825610380-2903063623-3906473893-1001\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 239 more characters). <==== Poweliks!

 

ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (Tonec Inc.)

 

 

==================== Internet (Whitelisted) ====================

 

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/

 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US

 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5A1235501BB5CF01

 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs

 

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

 

SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

 

BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)

 

BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)

 

BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

 

BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

 

BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

 

DPF: HKLM-x32 {95B5D20C-BD31-4489-8ABF-F8C8BE748463} http://zone.msn.com/...tz.cab99160.cab

 

DPF: HKLM-x32 {9BDF4724-10AA-43D5-BD15-AEA0D2287303} http://zone.msn.com/...he.cab79352.cab

 

DPF: HKLM-x32 {A4110378-789B-455F-AE86-3A1BFC402853} http://zone.msn.com/...vl.cab55579.cab

 

DPF: HKLM-x32 {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...k.cab102118.cab

 

DPF: HKLM-x32 {CAC181B0-4D70-402D-B571-C596A47D0CE0} http://zone.msn.com/...ol.cab56649.cab

 

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

 

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

 

 

FireFox:

 

========

 

FF Plugin: @microsoft.com/GENUINE -> disabled No File

 

FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

 

FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

 

FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

 

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

 

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)

 

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File

 

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

 

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

 

FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

 

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

 

FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)

 

FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\captn\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

 

FF HKCU\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\captn\AppData\Roaming\IDM\idmmzcc5

 

FF Extension: IDM CC - C:\Users\captn\AppData\Roaming\IDM\idmmzcc5 [2014-09-29]

 

 

Chrome:

 

=======

 

CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-09-12]

 

CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-09-12]

 

 

==================== Services (Whitelisted) =================

 

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

 

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3242000 2014-08-25] (AVG Technologies CZ, s.r.o.)

 

R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-25] (AVG Technologies CZ, s.r.o.)

 

R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)

 

R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-05-10] (SEIKO EPSON CORPORATION)

 

S2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)

 

S2 Winmgmt; C:\ProgramData\C6689E946A46C8F273167709064FF4F7\odj62vjlf.dot [X]

 

 

==================== Drivers (Whitelisted) ====================

 

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

 

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)

 

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)

 

R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)

 

R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)

 

R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)

 

R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-08-06] (AVG Technologies CZ, s.r.o.)

 

R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)

 

R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-06-17] (AVG Technologies CZ, s.r.o.)

 

 

==================== NetSvcs (Whitelisted) ===================

 

 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

 

 

 

==================== One Month Created Files and Folders ========

 

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

 

2014-10-05 14:54 - 2014-10-05 14:55 - 00014020 _____ () C:\Users\captn\Desktop\FRST.txt

 

2014-10-05 14:54 - 2014-10-05 14:54 - 00000000 ____D () C:\FRST

 

2014-10-05 14:51 - 2014-10-05 14:51 - 02109440 _____ (Farbar) C:\Users\captn\Desktop\FRST64.exe

 

2014-10-05 12:40 - 2014-10-05 12:40 - 00002894 _____ () C:\Windows\System32\Tasks\{E2B973B0-C15F-4E07-A885-1E2A5C5AD79D}

 

2014-10-03 03:00 - 2014-08-18 17:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

 

2014-10-02 19:04 - 2014-09-24 22:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll

 

2014-10-02 19:04 - 2014-09-24 21:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll

 

2014-09-30 22:25 - 2014-09-30 22:26 - 00003432 _____ () C:\Users\captn\Documents\cc_20140930_222553.reg

 

2014-09-30 19:15 - 2014-09-30 19:15 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

 

2014-09-30 19:15 - 2014-09-30 19:15 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

 

2014-09-30 19:15 - 2014-09-30 19:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

 

2014-09-30 19:15 - 2014-09-30 19:15 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

 

2014-09-30 19:15 - 2014-09-30 19:15 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

 

2014-09-30 19:15 - 2014-09-30 19:15 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

 

2014-09-30 19:12 - 2014-09-30 19:16 - 00008252 _____ () C:\Windows\IE11_main.log

 

2014-09-29 17:02 - 2014-09-29 17:02 - 00000023 _____ () C:\Users\captn\internet download manager lic..txt

 

2014-09-29 14:32 - 2014-09-29 14:32 - 00001035 _____ () C:\Users\captn\Desktop\Internet Download Manager.lnk

 

2014-09-29 14:32 - 2014-09-29 14:32 - 00000000 ____D () C:\Users\captn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager

 

2014-09-29 14:32 - 2014-09-29 14:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager

 

2014-09-29 14:18 - 2014-09-29 14:18 - 00001076 _____ () C:\Users\Public\Desktop\VLC media player.lnk

 

2014-09-29 14:18 - 2014-09-29 14:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN

 

2014-09-29 02:50 - 2014-09-29 02:50 - 00003172 _____ () C:\Windows\System32\Tasks\{0C34285A-0AA1-4481-A49F-2E4241D9B549}

 

2014-09-29 00:08 - 2014-09-29 00:08 - 00000000 ____D () C:\AdwCleaner

 

2014-09-28 18:27 - 2014-09-28 19:55 - 00000688 _____ () C:\Windows\PFRO.log

 

2014-09-27 13:27 - 2014-09-27 13:27 - 00000000 ____D () C:\Users\captn\Desktop\OTL

 

2014-09-26 01:13 - 2014-10-05 13:03 - 00001624 _____ () C:\Windows\setupact.log

 

2014-09-26 01:13 - 2014-09-26 01:13 - 00000000 _____ () C:\Windows\setuperr.log

 

2014-09-23 21:18 - 2014-09-11 08:57 - 02480312 _____ (Sysinternals - www.sysinternals.com) C:\Users\captn\Desktop\procexp.exe

 

2014-09-23 21:17 - 2014-09-23 21:17 - 00000000 ____D () C:\Users\captn\AppData\Roaming\WinRAR

 

2014-09-23 21:15 - 2014-09-23 21:17 - 00000000 ____D () C:\Users\captn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

 

2014-09-23 21:15 - 2014-09-23 21:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

 

2014-09-23 21:14 - 2014-09-23 21:16 - 00000000 ____D () C:\Program Files\WinRAR

 

2014-09-23 16:40 - 2014-09-09 18:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

 

2014-09-23 16:40 - 2014-09-09 17:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

 

2014-09-23 03:01 - 2009-06-10 17:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20140923-030151.backup

 

2014-09-23 03:00 - 2014-09-23 03:00 - 00000110 _____ () C:\Windows\wininit.ini

 

2014-09-23 02:46 - 2014-09-27 15:42 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy

 

2014-09-23 02:46 - 2014-09-23 02:54 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy

 

2014-09-23 02:46 - 2014-09-23 02:46 - 00001284 _____ () C:\Users\captn\Desktop\Spybot - Search & Destroy.lnk

 

2014-09-23 02:46 - 2014-09-23 02:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy

 

2014-09-22 23:31 - 2014-09-22 23:31 - 00000078 _____ () C:\Users\captn\watching worms.txt

 

2014-09-13 02:39 - 2014-09-13 02:39 - 00002089 _____ () C:\Users\captn\betty boop was black.txt

 

2014-09-12 07:05 - 2014-06-09 04:41 - 00180136 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys

 

2014-09-12 03:30 - 2014-09-12 03:30 - 00000588 _____ () C:\Users\captn\mason 1.txt

 

2014-09-11 03:00 - 2014-06-26 22:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll

 

2014-09-11 03:00 - 2014-06-26 21:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll

 

2014-09-10 20:22 - 2014-08-01 07:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll

 

2014-09-10 20:22 - 2014-08-01 07:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll

 

2014-09-10 20:21 - 2014-09-04 22:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

 

2014-09-10 20:21 - 2014-09-04 22:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

 

2014-09-10 20:21 - 2014-07-06 22:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

 

2014-09-10 20:21 - 2014-07-06 22:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

 

2014-09-10 20:21 - 2014-07-06 21:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

 

2014-09-10 20:21 - 2014-07-06 21:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

 

2014-09-10 20:21 - 2014-07-06 21:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

 

2014-09-10 20:21 - 2014-06-23 23:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll

 

2014-09-10 20:21 - 2014-06-23 22:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll

 

2014-09-07 03:49 - 2014-09-07 03:49 - 00001317 _____ () C:\Users\captn\news.txt

 

 

==================== One Month Modified Files and Folders =======

 

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

 

2014-10-05 14:32 - 2014-06-11 22:32 - 00000911 _____ () C:\Windows\Tasks\EPSON XP-610 Series Update {111E5B54-64F2-4169-88BE-D3D2B5E442D8}.job

 

2014-10-05 14:32 - 2014-06-11 22:32 - 00000725 _____ () C:\Windows\Tasks\EPSON XP-610 Series Invitation {111E5B54-64F2-4169-88BE-D3D2B5E442D8}.job

 

2014-10-05 14:32 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\system32\FxsTmp

 

2014-10-05 13:56 - 2014-05-10 01:12 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

 

2014-10-05 13:10 - 2009-07-14 00:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

 

2014-10-05 13:10 - 2009-07-14 00:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

 

2014-10-05 13:09 - 2014-02-24 14:43 - 01405791 _____ () C:\Windows\WindowsUpdate.log

 

2014-10-05 13:03 - 2013-11-19 07:26 - 00000000 ____D () C:\ProgramData\NVIDIA

 

2014-10-05 13:03 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

 

2014-10-05 13:01 - 2014-05-09 01:49 - 00000000 ____D () C:\Users\captn\AppData\Roaming\DMCache

 

2014-10-05 12:00 - 2014-05-08 00:19 - 00000000 ____D () C:\ProgramData\MFAData

 

2014-10-05 04:37 - 2014-05-08 00:50 - 00000000 ____D () C:\Users\captn\AppData\Roaming\vlc

 

2014-10-05 01:56 - 2014-05-09 01:49 - 00000000 ____D () C:\Users\captn\Downloads\Video

 

2014-10-03 23:23 - 2014-05-08 00:12 - 00000000 ____D () C:\Users\captn\AppData\Roaming\Adobe

 

2014-09-30 22:28 - 2014-05-09 01:49 - 00000000 ____D () C:\Users\captn\AppData\Roaming\IDM

 

2014-09-30 19:34 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions

 

2014-09-30 19:21 - 2013-11-15 08:46 - 00000000 ____D () C:\Windows\Panther

 

2014-09-29 17:02 - 2014-05-08 00:11 - 00000000 ____D () C:\Users\captn

 

2014-09-29 14:32 - 2014-05-09 01:49 - 00000000 ____D () C:\Program Files (x86)\Internet Download Manager

 

2014-09-29 14:18 - 2014-05-08 00:50 - 00000000 ____D () C:\Program Files (x86)\VideoLAN

 

2014-09-29 03:00 - 2009-07-14 01:08 - 00032552 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

 

2014-09-28 22:41 - 2014-07-06 14:07 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

 

2014-09-27 12:34 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache

 

2014-09-25 12:43 - 2014-05-09 01:49 - 00000000 ____D () C:\Users\captn\Downloads\Compressed

 

2014-09-25 01:36 - 2009-07-13 23:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy

 

2014-09-24 14:35 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF

 

2014-09-24 12:10 - 2014-09-02 22:47 - 00000000 ____D () C:\Users\captn\fantasy

 

2014-09-23 17:56 - 2014-05-10 01:12 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

 

2014-09-23 17:56 - 2014-05-10 01:12 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

 

2014-09-23 17:56 - 2014-05-10 01:12 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

 

2014-09-23 16:45 - 2014-06-12 00:17 - 00002471 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk

 

2014-09-23 03:01 - 2009-07-13 22:34 - 00450712 ____R () C:\Windows\system32\Drivers\etc\hosts.20140923-030643.backup

 

2014-09-23 00:28 - 2014-07-06 23:07 - 00000828 _____ () C:\Users\Public\Desktop\CCleaner.lnk

 

2014-09-23 00:28 - 2014-07-06 23:07 - 00000000 ____D () C:\Program Files\CCleaner

 

2014-09-19 12:50 - 2014-06-19 13:55 - 00000000 ____D () C:\Users\captn\AppData\Local\Adobe

 

2014-09-15 23:22 - 2014-05-08 00:36 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP

 

2014-09-15 20:39 - 2014-06-30 00:18 - 00001159 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk

 

2014-09-15 20:39 - 2014-05-08 00:36 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk

 

2014-09-11 03:05 - 2013-11-20 02:36 - 00774592 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI

 

2014-09-11 03:04 - 2009-07-14 01:13 - 00774592 _____ () C:\Windows\system32\PerfStringBackup.INI

 

2014-09-11 03:02 - 2014-05-18 22:24 - 00000000 ____D () C:\Windows\system32\MRT

 

2014-09-11 03:01 - 2014-05-18 22:24 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

 

2014-09-11 03:00 - 2014-05-11 03:37 - 00000000 ___SD () C:\Windows\system32\CompatTel

 

2014-09-06 18:18 - 2014-07-17 21:49 - 00000000 ____D () C:\Users\captn\AppData\Roaming\Audacity

 

 

Some content of TEMP:

 

====================

 

C:\Users\captn\AppData\Local\Temp\AdobePIM.dll

 

C:\Users\captn\AppData\Local\Temp\Creative Cloud Uninstaller.exe

 

C:\Users\captn\AppData\Local\Temp\procexp64.exe

 

 

 

==================== Bamital & volsnap Check =================

 

 

(There is no automatic fix for files that do not pass verification.)

 

 

C:\Windows\System32\winlogon.exe => File is digitally signed

 

C:\Windows\System32\wininit.exe => File is digitally signed

 

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

 

C:\Windows\explorer.exe => File is digitally signed

 

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

 

C:\Windows\System32\svchost.exe => File is digitally signed

 

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

 

C:\Windows\System32\services.exe => File is digitally signed

 

C:\Windows\System32\User32.dll => File is digitally signed

 

C:\Windows\SysWOW64\User32.dll => File is digitally signed

 

C:\Windows\System32\userinit.exe => File is digitally signed

 

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

 

C:\Windows\System32\rpcss.dll => File is digitally signed

 

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

 

LastRegBack: 2014-09-27 12:27

 

 

==================== End Of Log ============================Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-10-2014

 

Ran by captn at 2014-10-05 14:55:41

 

Running from C:\Users\captn\Desktop

 

Boot Mode: Normal

 

==========================================================

 

 

 

==================== Security Center ========================

 

 

(If an entry is included in the fixlist, it will be removed.)

 

 

 

==================== Installed Programs ======================

 

 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

 

Acoustica CD/DVD Label Maker (HKLM-x32\...\Acoustica CD/DVD Label Maker) (Version:  - )

 

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.7.1.418 - Adobe Systems Incorporated)

 

Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)

 

Adobe Reader X (10.1.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)

 

Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)

 

AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4765 - AVG Technologies)

 

AVG 2014 (Version: 14.0.4037 - AVG Technologies) Hidden

 

AVG 2014 (Version: 14.0.4765 - AVG Technologies) Hidden

 

AVS Audio Editor 7.2 (HKLM-x32\...\AVS Audio Editor_is1) (Version: 7.2.2.488 - Online Media Technologies Ltd.)

 

AVS Media Player 4.2.2.104 (HKLM-x32\...\AVS Media Player_is1) (Version: 4.2.2.104 - Online Media Technologies Ltd.)

 

AVS Video Converter 8.5 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 8.5.1.551 - Online Media Technologies Ltd.)

 

CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)

 

CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5067 - CDBurnerXP)

 

Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.2.0 - SEIKO EPSON CORPORATION)

 

Epson Event Manager (HKLM-x32\...\{2970697F-2A11-4588-8B7F-97322D1CCF3C}) (Version: 3.10.0017 - Seiko Epson Corporation)

 

Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.22.00 - SEIKO EPSON CORPORATION)

 

EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)

 

EPSON XP-610 Series Printer Uninstall (HKLM\...\EPSON XP-610 Series) (Version:  - SEIKO EPSON Corporation)

 

FastStone Image Viewer 4.9 (HKLM-x32\...\FastStone Image Viewer) (Version: 4.9 - FastStone Soft)

 

Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.1.28 - Intel Corporation)

 

Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)

 

Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)

 

Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden

 

LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )

 

Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)

 

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

 

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

 

Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)

 

Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)

 

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

 

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

 

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

 

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

 

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

 

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

 

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

 

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

 

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden

 

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden

 

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden

 

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden

 

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)

 

Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

 

Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

 

NVIDIA 3D Vision Controller Driver 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 320.49 - NVIDIA Corporation)

 

NVIDIA 3D Vision Driver 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 320.49 - NVIDIA Corporation)

 

NVIDIA Control Panel 320.49 (Version: 320.49 - NVIDIA Corporation) Hidden

 

NVIDIA Graphics Driver 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 320.49 - NVIDIA Corporation)

 

NVIDIA HD Audio Driver 1.3.24.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.24.2 - NVIDIA Corporation)

 

NVIDIA Install Application (Version: 2.1002.124.810 - NVIDIA Corporation) Hidden

 

NVIDIA PhysX (x32 Version: 9.13.0604 - NVIDIA Corporation) Hidden

 

NVIDIA PhysX System Software 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)

 

NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2049 - NVIDIA Corporation) Hidden

 

NVIDIA Update Components (Version: 4.11.9 - NVIDIA Corporation) Hidden

 

paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF481A}) (Version: 4.0.3 - dotPDN LLC)

 

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)

 

Software Updater (HKLM-x32\...\{C09D747A-BD47-42A9-915E-CEB6B1BB7C11}) (Version: 4.2.7 - SEIKO EPSON CORPORATION)

 

Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)

 

Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.3f3 - Unity Technologies ApS)

 

Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)

 

Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

 

VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)

 

Windows 7 Upgrade Advisor (HKLM-x32\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)

 

WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)

 

 

==================== Custom CLSID (selected items): ==========================

 

 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

 

 

CustomCLSID: HKU\S-1-5-21-825610380-2903063623-3906473893-1001_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 247 more characters). <==== Poweliks?

 

 

==================== Restore Points  =========================

 

 

Could not list Restore Points. Check "winmgmt" service or repair WMI.

 

 

 

==================== Hosts content: ==========================

 

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

 

2009-07-13 22:34 - 2014-09-23 03:06 - 00450712 ____R C:\Windows\system32\Drivers\etc\hosts

 

127.0.0.1 www.007guard.com

 

127.0.0.1 007guard.com

 

127.0.0.1 008i.com

 

127.0.0.1 www.008k.com

 

127.0.0.1 008k.com

 

127.0.0.1 www.00hq.com

 

127.0.0.1 00hq.com

 

127.0.0.1 010402.com

 

127.0.0.1 www.032439.com

 

127.0.0.1 032439.com

 

127.0.0.1 www.0scan.com

 

127.0.0.1 0scan.com

 

127.0.0.1 1000gratisproben.com

 

127.0.0.1 www.1000gratisproben.com

 

127.0.0.1 1001namen.com

 

127.0.0.1 www.1001namen.com

 

127.0.0.1 100888290cs.com

 

127.0.0.1 www.100888290cs.com

 

127.0.0.1 www.100sexlinks.com

 

127.0.0.1 100sexlinks.com

 

127.0.0.1 10sek.com

 

127.0.0.1 www.10sek.com

 

127.0.0.1 www.1-2005-search.com

 

127.0.0.1 1-2005-search.com

 

127.0.0.1 123fporn.info

 

127.0.0.1 www.123fporn.info

 

127.0.0.1 123haustiereundmehr.com

 

127.0.0.1 www.123haustiereundmehr.com

 

127.0.0.1 123moviedownload.com

 

 

There are 1000 more lines.

 

 

 

==================== Scheduled Tasks (whitelisted) =============

 

 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

 

 

Task: {11369B6B-1266-47E6-8A9E-C7D28A2C4E1F} - System32\Tasks\{36150F81-E723-457C-9453-AFB02FD1A80C} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2014-07-22] (Adobe Systems Incorporated)

 

Task: {1A4B1354-9984-463A-9EAD-D56D4E83A6A5} - System32\Tasks\{7420596B-3FB1-4FA2-A530-6B9E972DA57A} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2014-07-22] (Adobe Systems Incorporated)

 

Task: {1CA45C17-1623-4DB7-935B-68CE4A8CC228} - System32\Tasks\EPSON XP-610 Series Invitation {111E5B54-64F2-4169-88BE-D3D2B5E442D8} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [2013-05-10] (SEIKO EPSON CORPORATION)

 

Task: {2D7E6B39-D168-4076-AC84-E278C98077AC} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup

 

Task: {5D3BE866-BB34-412A-815B-F2F8E8C6B4B0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)

 

Task: {77FA1339-8892-4F38-8EBA-6D7955E67592} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-23] (Adobe Systems Incorporated)

 

Task: {7F4CF9C7-0DFA-408A-BA15-4F4D49D54BDE} - System32\Tasks\{E2B973B0-C15F-4E07-A885-1E2A5C5AD79D} => F:\aida32.exe

 

Task: {B8C0C139-CBD1-4753-8FB5-F630594EC972} - System32\Tasks\{1ED9F9D1-E853-4397-A661-3FF6A0D84AF0} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2014-07-22] (Adobe Systems Incorporated)

 

Task: {D3A45F8B-8508-4DAC-AF8C-A1E8900938BD} - System32\Tasks\EPSON XP-610 Series Update {111E5B54-64F2-4169-88BE-D3D2B5E442D8} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [2013-05-10] (SEIKO EPSON CORPORATION)

 

Task: {DD24DED6-D044-43CD-9B4E-1567F6A1733F} - System32\Tasks\{CF111383-A915-4DE4-A368-0F3798E091E5} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2014-07-22] (Adobe Systems Incorporated)

 

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

 

Task: C:\Windows\Tasks\EPSON XP-610 Series Invitation {111E5B54-64F2-4169-88BE-D3D2B5E442D8}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE

 

Task: C:\Windows\Tasks\EPSON XP-610 Series Update {111E5B54-64F2-4169-88BE-D3D2B5E442D8}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE

 

 

==================== Loaded Modules (whitelisted) =============

 

 

2013-11-19 07:25 - 2013-06-21 06:23 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

 

2014-07-16 11:05 - 2014-07-16 11:05 - 05558432 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe

 

2014-07-03 06:45 - 2014-07-03 06:45 - 32733056 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll

 

2014-07-03 06:45 - 2014-07-03 06:45 - 00742784 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libglesv2.dll

 

2014-07-03 06:45 - 2014-07-03 06:45 - 00136576 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libegl.dll

 

 

==================== Safe Mode (whitelisted) ===================

 

 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

 

 

==================== EXE Association (whitelisted) =============

 

 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

 

 

 

==================== MSCONFIG/TASK MANAGER disabled items =========

 

 

(Currently there is no automatic fix for this section.)

 

 

 

========================= Accounts: ==========================

 

 

Administrator (S-1-5-21-825610380-2903063623-3906473893-500 - Administrator - Disabled)

 

captn (S-1-5-21-825610380-2903063623-3906473893-1001 - Administrator - Enabled) => C:\Users\captn

 

Guest (S-1-5-21-825610380-2903063623-3906473893-501 - Limited - Disabled)

 

HomeGroupUser$ (S-1-5-21-825610380-2903063623-3906473893-1003 - Limited - Enabled)

 

UpdatusUser (S-1-5-21-825610380-2903063623-3906473893-1000 - Limited - Enabled) => C:\Users\UpdatusUser

 

 

==================== Faulty Device Manager Devices =============

 

 

Could not list Devices. Check "winmgmt" service or repair WMI.

 

 

 

==================== Event log errors: =========================

 

 

Application errors:

 

==================

 

Error: (10/05/2014 04:21:04 AM) (Source: Application Hang) (EventID: 1002) (User: )

 

Description: The program vlc.exe version 2.1.5.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

 

 

Process ID: 11e8

 

 

Start Time: 01cfe06f66115846

 

 

Termination Time: 10

 

 

Application Path: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe

 

 

Report Id: 87636f4d-4c68-11e4-813b-c03fd5421755

 

 

Error: (10/04/2014 00:31:47 AM) (Source: Application Hang) (EventID: 1002) (User: )

 

Description: The program IEXPLORE.EXE version 11.0.9600.17280 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

 

 

Process ID: 118c

 

 

Start Time: 01cfdf8b7f3532ea

 

 

Termination Time: 16

 

 

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

 

 

Report Id:

 

 

Error: (10/03/2014 04:35:40 AM) (Source: SideBySide) (EventID: 80) (User: )

 

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.

 

A component version required by the application conflicts with another component version already active.

 

Conflicting components are:.

 

Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

 

Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

 

 

Error: (10/03/2014 04:35:40 AM) (Source: SideBySide) (EventID: 80) (User: )

 

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.

 

A component version required by the application conflicts with another component version already active.

 

Conflicting components are:.

 

Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

 

Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

 

 

Error: (10/01/2014 07:53:19 PM) (Source: Application Error) (EventID: 1000) (User: )

 

Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17280, time stamp: 0x53f262ac

 

Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409, time stamp: 0x53159a86

 

Exception code: 0xe06d7363

 

Fault offset: 0x0000c42d

 

Faulting process id: 0x1323c

 

Faulting application start time: 0xIEXPLORE.EXE0

 

Faulting application path: IEXPLORE.EXE1

 

Faulting module path: IEXPLORE.EXE2

 

Report Id: IEXPLORE.EXE3

 

 

Error: (10/01/2014 03:50:29 PM) (Source: Application Error) (EventID: 1000) (User: )

 

Description: Faulting application name: iexplore.exe, version: 11.0.9600.17280, time stamp: 0x4a5bc6b7

 

Faulting module name: MSHTML.dll, version: 11.0.9600.17280, time stamp: 0x53f27d67

 

Exception code: 0xc00000fd

 

Fault offset: 0x000d4417

 

Faulting process id: 0x21f8

 

Faulting application start time: 0xiexplore.exe0

 

Faulting application path: iexplore.exe1

 

Faulting module path: iexplore.exe2

 

Report Id: iexplore.exe3

 

 

Error: (09/30/2014 07:16:59 PM) (Source: Application Error) (EventID: 1000) (User: )

 

Description: Faulting application name: IE11-Windows6.1-x64-en-us.exe, version: 11.0.9600.16428, time stamp: 0x525b8b98

 

Faulting module name: IE11-Windows6.1-x64-en-us.exe, version: 11.0.9600.16428, time stamp: 0x525b8b98

 

Exception code: 0xc0000005

 

Fault offset: 0x0000b2a1

 

Faulting process id: 0x1814

 

Faulting application start time: 0xIE11-Windows6.1-x64-en-us.exe0

 

Faulting application path: IE11-Windows6.1-x64-en-us.exe1

 

Faulting module path: IE11-Windows6.1-x64-en-us.exe2

 

Report Id: IE11-Windows6.1-x64-en-us.exe3

 

 

Error: (09/30/2014 00:34:13 PM) (Source: SideBySide) (EventID: 63) (User: )

 

Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.

 

The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

 

 

Error: (09/30/2014 00:33:59 PM) (Source: SideBySide) (EventID: 80) (User: )

 

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.

 

A component version required by the application conflicts with another component version already active.

 

Conflicting components are:.

 

Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

 

Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

 

 

Error: (09/29/2014 02:22:53 PM) (Source: Application Error) (EventID: 1000) (User: )

 

Description: Faulting application name: iexplore.exe, version: 10.0.9200.17088, time stamp: 0x4a5bc6b7

 

Faulting module name: MSHTML.dll, version: 10.0.9200.17088, time stamp: 0x53eeeef8

 

Exception code: 0xc00000fd

 

Fault offset: 0x000c7b97

 

Faulting process id: 0x2054

 

Faulting application start time: 0xiexplore.exe0

 

Faulting application path: iexplore.exe1

 

Faulting module path: iexplore.exe2

 

Report Id: iexplore.exe3

 

 

 

System errors:

 

=============

 

Error: (10/05/2014 02:58:09 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

 

Description: The Windows Management Instrumentation service terminated with the following error:

 

%%126

 

 

Error: (10/05/2014 02:57:12 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

 

Description: The Windows Management Instrumentation service terminated with the following error:

 

%%126

 

 

Error: (10/05/2014 02:56:41 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

 

Description: The Windows Management Instrumentation service terminated with the following error:

 

%%126

 

 

Error: (10/05/2014 02:56:11 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

 

Description: The Windows Management Instrumentation service terminated with the following error:

 

%%126

 

 

Error: (10/05/2014 02:55:41 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

 

Description: The Windows Management Instrumentation service terminated with the following error:

 

%%126

 

 

Error: (10/05/2014 02:52:15 PM) (Source: DCOM) (EventID: 10010) (User: )

 

Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

 

 

Error: (10/05/2014 02:51:12 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

 

Description: The Windows Management Instrumentation service terminated with the following error:

 

%%126

 

 

Error: (10/05/2014 02:05:28 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

 

Description: The Windows Management Instrumentation service terminated with the following error:

 

%%126

 

 

Error: (10/05/2014 01:29:26 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

 

Description: The Windows Management Instrumentation service terminated with the following error:

 

%%126

 

 

Error: (10/05/2014 01:28:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

 

Description: The Windows Management Instrumentation service terminated with the following error:

 

%%126

 

 

 

Microsoft Office Sessions:

 

=========================

 

Error: (10/05/2014 04:21:04 AM) (Source: Application Hang) (EventID: 1002) (User: )

 

Description: vlc.exe2.1.5.011e801cfe06f6611584610C:\Program Files (x86)\VideoLAN\VLC\vlc.exe87636f4d-4c68-11e4-813b-c03fd5421755

 

 

Error: (10/04/2014 00:31:47 AM) (Source: Application Hang) (EventID: 1002) (User: )

 

Description: IEXPLORE.EXE11.0.9600.17280118c01cfdf8b7f3532ea16C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

 

 

Error: (10/03/2014 04:35:40 AM) (Source: SideBySide) (EventID: 80) (User: )

 

Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Uninstaller.exe

 

 

Error: (10/03/2014 04:35:40 AM) (Source: SideBySide) (EventID: 80) (User: )

 

Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Uninstaller.exe

 

 

Error: (10/01/2014 07:53:19 PM) (Source: Application Error) (EventID: 1000) (User: )

 

Description: IEXPLORE.EXE11.0.9600.1728053f262acKERNELBASE.dll6.1.7601.1840953159a86e06d73630000c42d1323c01cfddd1a3d0c671C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\syswow64\KERNELBASE.dll1df3f592-49c6-11e4-a2ec-c03fd5421755

 

 

Error: (10/01/2014 03:50:29 PM) (Source: Application Error) (EventID: 1000) (User: )

 

Description: iexplore.exe11.0.9600.172804a5bc6b7MSHTML.dll11.0.9600.1728053f27d67c00000fd000d441721f801cfddb06a3fed78C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dll31c634ac-49a4-11e4-a2ec-c03fd5421755

 

 

Error: (09/30/2014 07:16:59 PM) (Source: Application Error) (EventID: 1000) (User: )

 

Description: IE11-Windows6.1-x64-en-us.exe11.0.9600.16428525b8b98IE11-Windows6.1-x64-en-us.exe11.0.9600.16428525b8b98c00000050000b2a1181401cfdd040f4ed91bC:\Windows\SoftwareDistribution\Download\Install\IE11-Windows6.1-x64-en-us.exeC:\Windows\SoftwareDistribution\Download\Install\IE11-Windows6.1-x64-en-us.exee02510a0-48f7-11e4-a03b-c03fd5421755

 

 

Error: (09/30/2014 00:34:13 PM) (Source: SideBySide) (EventID: 63) (User: )

 

Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

 

 

Error: (09/30/2014 00:33:59 PM) (Source: SideBySide) (EventID: 80) (User: )

 

Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files (x86)\Adobe\adobe creative cloud\Utils\Creative Cloud Uninstaller.exe

 

 

Error: (09/29/2014 02:22:53 PM) (Source: Application Error) (EventID: 1000) (User: )

 

Description: iexplore.exe10.0.9200.170884a5bc6b7MSHTML.dll10.0.9200.1708853eeeef8c00000fd000c7b97205401cfdc11df94009eC:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dll9ff80e26-4805-11e4-81da-c03fd5421755

 

 

 

==================== Memory info ===========================

 

 

Processor: Intel® Core™ i5-4670K CPU @ 3.40GHz

 

Percentage of memory in use: 57%

 

Total physical RAM: 8015.22 MB

 

Available physical RAM: 3440.71 MB

 

Total Pagefile: 16028.62 MB

 

Available Pagefile: 10073.27 MB

 

Total Virtual: 8192 MB

 

Available Virtual: 8191.83 MB

 

 

==================== Drives ================================

 

 

Drive c: () (Fixed) (Total:1862.67 GB) (Free:1783.61 GB) NTFS

 

Drive f: () (Removable) (Total:14.9 GB) (Free:12.1 GB) FAT32

 

 

==================== MBR & Partition Table ==================

 

 

========================================================

 

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 0B855EF6)

 

Partition 1: (Active) - (Size=356 MB) - (Type=07 NTFS)

 

Partition 2: (Not Active) - (Size=1862.7 GB) - (Type=07 NTFS)

 

 

========================================================

 

Disk: 1 (Size: 14.9 GB) (Disk ID: 00000000)

 

 

Partition: GPT Partition Type.

 

 

==================== End Of Log ============================


  • 0

#6
jamally

jamally

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-10-2014
Ran by captn at 2014-10-05 14:55:41
Running from C:\Users\captn\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acoustica CD/DVD Label Maker (HKLM-x32\...\Acoustica CD/DVD Label Maker) (Version:  - )
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.7.1.418 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4765 - AVG Technologies)
AVG 2014 (Version: 14.0.4037 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4765 - AVG Technologies) Hidden
AVS Audio Editor 7.2 (HKLM-x32\...\AVS Audio Editor_is1) (Version: 7.2.2.488 - Online Media Technologies Ltd.)
AVS Media Player 4.2.2.104 (HKLM-x32\...\AVS Media Player_is1) (Version: 4.2.2.104 - Online Media Technologies Ltd.)
AVS Video Converter 8.5 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 8.5.1.551 - Online Media Technologies Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5067 - CDBurnerXP)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.2.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{2970697F-2A11-4588-8B7F-97322D1CCF3C}) (Version: 3.10.0017 - Seiko Epson Corporation)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.22.00 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-610 Series Printer Uninstall (HKLM\...\EPSON XP-610 Series) (Version:  - SEIKO EPSON Corporation)
FastStone Image Viewer 4.9 (HKLM-x32\...\FastStone Image Viewer) (Version: 4.9 - FastStone Soft)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.1.28 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
NVIDIA 3D Vision Controller Driver 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 320.49 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 320.49 - NVIDIA Corporation)
NVIDIA Control Panel 320.49 (Version: 320.49 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 320.49 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.24.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.24.2 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.124.810 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0604 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2049 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 4.11.9 - NVIDIA Corporation) Hidden
paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF481A}) (Version: 4.0.3 - dotPDN LLC)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
Software Updater (HKLM-x32\...\{C09D747A-BD47-42A9-915E-CEB6B1BB7C11}) (Version: 4.2.7 - SEIKO EPSON CORPORATION)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.3f3 - Unity Technologies ApS)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows 7 Upgrade Advisor (HKLM-x32\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-825610380-2903063623-3906473893-1001_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 247 more characters). <==== Poweliks?

==================== Restore Points  =========================

Could not list Restore Points. Check "winmgmt" service or repair WMI.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2014-09-23 03:06 - 00450712 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com

There are 1000 more lines.

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {11369B6B-1266-47E6-8A9E-C7D28A2C4E1F} - System32\Tasks\{36150F81-E723-457C-9453-AFB02FD1A80C} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2014-07-22] (Adobe Systems Incorporated)
Task: {1A4B1354-9984-463A-9EAD-D56D4E83A6A5} - System32\Tasks\{7420596B-3FB1-4FA2-A530-6B9E972DA57A} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2014-07-22] (Adobe Systems Incorporated)
Task: {1CA45C17-1623-4DB7-935B-68CE4A8CC228} - System32\Tasks\EPSON XP-610 Series Invitation {111E5B54-64F2-4169-88BE-D3D2B5E442D8} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [2013-05-10] (SEIKO EPSON CORPORATION)
Task: {2D7E6B39-D168-4076-AC84-E278C98077AC} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {5D3BE866-BB34-412A-815B-F2F8E8C6B4B0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {77FA1339-8892-4F38-8EBA-6D7955E67592} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-23] (Adobe Systems Incorporated)
Task: {7F4CF9C7-0DFA-408A-BA15-4F4D49D54BDE} - System32\Tasks\{E2B973B0-C15F-4E07-A885-1E2A5C5AD79D} => F:\aida32.exe
Task: {B8C0C139-CBD1-4753-8FB5-F630594EC972} - System32\Tasks\{1ED9F9D1-E853-4397-A661-3FF6A0D84AF0} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2014-07-22] (Adobe Systems Incorporated)
Task: {D3A45F8B-8508-4DAC-AF8C-A1E8900938BD} - System32\Tasks\EPSON XP-610 Series Update {111E5B54-64F2-4169-88BE-D3D2B5E442D8} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [2013-05-10] (SEIKO EPSON CORPORATION)
Task: {DD24DED6-D044-43CD-9B4E-1567F6A1733F} - System32\Tasks\{CF111383-A915-4DE4-A368-0F3798E091E5} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2014-07-22] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\EPSON XP-610 Series Invitation {111E5B54-64F2-4169-88BE-D3D2B5E442D8}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE
Task: C:\Windows\Tasks\EPSON XP-610 Series Update {111E5B54-64F2-4169-88BE-D3D2B5E442D8}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE

==================== Loaded Modules (whitelisted) =============

2013-11-19 07:25 - 2013-06-21 06:23 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-07-16 11:05 - 2014-07-16 11:05 - 05558432 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2014-07-03 06:45 - 2014-07-03 06:45 - 32733056 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll
2014-07-03 06:45 - 2014-07-03 06:45 - 00742784 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libglesv2.dll
2014-07-03 06:45 - 2014-07-03 06:45 - 00136576 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libegl.dll

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-825610380-2903063623-3906473893-500 - Administrator - Disabled)
captn (S-1-5-21-825610380-2903063623-3906473893-1001 - Administrator - Enabled) => C:\Users\captn
Guest (S-1-5-21-825610380-2903063623-3906473893-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-825610380-2903063623-3906473893-1003 - Limited - Enabled)
UpdatusUser (S-1-5-21-825610380-2903063623-3906473893-1000 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============

Could not list Devices. Check "winmgmt" service or repair WMI.

==================== Event log errors: =========================

Application errors:
==================
Error: (10/05/2014 04:21:04 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program vlc.exe version 2.1.5.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 11e8

Start Time: 01cfe06f66115846

Termination Time: 10

Application Path: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe

Report Id: 87636f4d-4c68-11e4-813b-c03fd5421755

Error: (10/04/2014 00:31:47 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17280 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 118c

Start Time: 01cfdf8b7f3532ea

Termination Time: 16

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (10/03/2014 04:35:40 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (10/03/2014 04:35:40 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (10/01/2014 07:53:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17280, time stamp: 0x53f262ac
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409, time stamp: 0x53159a86
Exception code: 0xe06d7363
Fault offset: 0x0000c42d
Faulting process id: 0x1323c
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (10/01/2014 03:50:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17280, time stamp: 0x4a5bc6b7
Faulting module name: MSHTML.dll, version: 11.0.9600.17280, time stamp: 0x53f27d67
Exception code: 0xc00000fd
Fault offset: 0x000d4417
Faulting process id: 0x21f8
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (09/30/2014 07:16:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IE11-Windows6.1-x64-en-us.exe, version: 11.0.9600.16428, time stamp: 0x525b8b98
Faulting module name: IE11-Windows6.1-x64-en-us.exe, version: 11.0.9600.16428, time stamp: 0x525b8b98
Exception code: 0xc0000005
Fault offset: 0x0000b2a1
Faulting process id: 0x1814
Faulting application start time: 0xIE11-Windows6.1-x64-en-us.exe0
Faulting application path: IE11-Windows6.1-x64-en-us.exe1
Faulting module path: IE11-Windows6.1-x64-en-us.exe2
Report Id: IE11-Windows6.1-x64-en-us.exe3

Error: (09/30/2014 00:34:13 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (09/30/2014 00:33:59 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (09/29/2014 02:22:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 10.0.9200.17088, time stamp: 0x4a5bc6b7
Faulting module name: MSHTML.dll, version: 10.0.9200.17088, time stamp: 0x53eeeef8
Exception code: 0xc00000fd
Fault offset: 0x000c7b97
Faulting process id: 0x2054
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

System errors:
=============
Error: (10/05/2014 02:58:09 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Management Instrumentation service terminated with the following error:
%%126

Error: (10/05/2014 02:57:12 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Management Instrumentation service terminated with the following error:
%%126

Error: (10/05/2014 02:56:41 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Management Instrumentation service terminated with the following error:
%%126

Error: (10/05/2014 02:56:11 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Management Instrumentation service terminated with the following error:
%%126

Error: (10/05/2014 02:55:41 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Management Instrumentation service terminated with the following error:
%%126

Error: (10/05/2014 02:52:15 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (10/05/2014 02:51:12 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Management Instrumentation service terminated with the following error:
%%126

Error: (10/05/2014 02:05:28 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Management Instrumentation service terminated with the following error:
%%126

Error: (10/05/2014 01:29:26 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Management Instrumentation service terminated with the following error:
%%126

Error: (10/05/2014 01:28:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Management Instrumentation service terminated with the following error:
%%126

Microsoft Office Sessions:
=========================
Error: (10/05/2014 04:21:04 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: vlc.exe2.1.5.011e801cfe06f6611584610C:\Program Files (x86)\VideoLAN\VLC\vlc.exe87636f4d-4c68-11e4-813b-c03fd5421755

Error: (10/04/2014 00:31:47 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17280118c01cfdf8b7f3532ea16C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (10/03/2014 04:35:40 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Uninstaller.exe

Error: (10/03/2014 04:35:40 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Uninstaller.exe

Error: (10/01/2014 07:53:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.1728053f262acKERNELBASE.dll6.1.7601.1840953159a86e06d73630000c42d1323c01cfddd1a3d0c671C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\syswow64\KERNELBASE.dll1df3f592-49c6-11e4-a2ec-c03fd5421755

Error: (10/01/2014 03:50:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.172804a5bc6b7MSHTML.dll11.0.9600.1728053f27d67c00000fd000d441721f801cfddb06a3fed78C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dll31c634ac-49a4-11e4-a2ec-c03fd5421755

Error: (09/30/2014 07:16:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IE11-Windows6.1-x64-en-us.exe11.0.9600.16428525b8b98IE11-Windows6.1-x64-en-us.exe11.0.9600.16428525b8b98c00000050000b2a1181401cfdd040f4ed91bC:\Windows\SoftwareDistribution\Download\Install\IE11-Windows6.1-x64-en-us.exeC:\Windows\SoftwareDistribution\Download\Install\IE11-Windows6.1-x64-en-us.exee02510a0-48f7-11e4-a03b-c03fd5421755

Error: (09/30/2014 00:34:13 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (09/30/2014 00:33:59 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files (x86)\Adobe\adobe creative cloud\Utils\Creative Cloud Uninstaller.exe

Error: (09/29/2014 02:22:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe10.0.9200.170884a5bc6b7MSHTML.dll10.0.9200.1708853eeeef8c00000fd000c7b97205401cfdc11df94009eC:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dll9ff80e26-4805-11e4-81da-c03fd5421755

==================== Memory info ===========================

Processor: Intel® Core™ i5-4670K CPU @ 3.40GHz
Percentage of memory in use: 57%
Total physical RAM: 8015.22 MB
Available physical RAM: 3440.71 MB
Total Pagefile: 16028.62 MB
Available Pagefile: 10073.27 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1862.67 GB) (Free:1783.61 GB) NTFS
Drive f: () (Removable) (Total:14.9 GB) (Free:12.1 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 0B855EF6)
Partition 1: (Active) - (Size=356 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 14.9 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================


  • 0

#7
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Thank you. Let's get started.

 

I am currently in training and my posts will need to be reviewed by an expert, so expect a slight delay between posts.


- General Instructions -

  • Please read all instructions and fixes thoroughly. Read the ENTIRE post BEFORE performing any steps so you understand all that needs to be done.
  • I would advise printing any instructions for easy reference as some of the fixes may require you to boot in Safe mode. Access to these instructions may not be available in Safe Mode.
  • Any fixes provided by myself are for this log file only and should not be used on any other systems.
  • Do not run any other removal software or perform updates other than the ones I provide, as it will complicate the cleaning process.
  • You have 4 days to reply to each post or the topic will be closed. You will be able to request that the topic be re-opened by sending me a PM (Personal Message) or PM a moderator.
  • Please feel free to ask any questions, especially if you are having problems with my instructions.


- Save ALL Tools to your Desktop-

 

All tools that I have you download should be placed on the desktop unless otherwise stated. If you are familiar with how to save files to the desktop then you can skip this step.

 

Since you are continuing with this step then I assume you are unfamiliar with saving files to your desktop. As a result it's easiest if you configure your browser(s) to download any tools to the desktop by default. Please use the appropriate instructions below depending on the browser you are using.

Chrome.JPGGoogle Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser.Settings.JPG Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.

Firefox.JPGMozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Settings.JPG Choose Options. In the downloads section, click the Browse button, click on the Desktop folder
and the click the "Select Folder" button. Click OK to get out of the Options menu.

IE.jpgInternet Explorer - Click the Tools menu in the upper right-corner of the browser. Tools.JPG Select View downloads. Select the Options link in the lower left of the window. Click Browse and
select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.

NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.

 

- Finally Before We Start-

 

Removing malware is a complicated multiple step process, Please stay with me until I have declared your system clean. I strongly recommend you backup your personal files and folders. Although rare, attempting to remove malware can render your machine unbootable or cause data loss. Having backups of your data is your responsibility. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.

 

 

 

Step#1 - Warnings

Critical Malware Found!
 
WARNING!!! - One or more of the identified infections is known to use a backdoor.
 
This allows hackers to remotely control your computer, steal critical system information and download and execute files.
I would advice you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.
Though the infection has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
When Should I Format, How Should I Reinstall

We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do. If you decide to go through with the cleanup, please proceed with the following steps.
 

CCleaner

I see that you have CCleaner installed. This is indeed a good product but I wanted to caution you on running the registry cleaning functionality of the tool. Please avoid this as it can do more harm than good.

 

Spybot Search & Destroy

I see that you have Spybot Search & Destroy. We no longer recommend this product because of the poor testing results. I recommend uninstalling this program. If you don't want to uninstall the program then please at least disable Tea Timer while performing any of my instructions. You can re-enable it when we are all done. Instructions for that are here. If you do decide to uninstall the program, first Undo your immunization before uninstalling. You can do that by clicking the Undo button with Spybot S&D and then remove from Add/Remove programs.

immunize.JPG

 
Step#2 - Create Restore Point
1. Please click your start button, right-click on the Computer menu item and select Properties as show below.

ComputerProperties.JPG
 
2. Click on the Advanced system settings link.
AdvancedSystemSettings.JPG
 
3. Click the System Protection tab and then click the Create button.
 
SystemProperties.JPG
 
4. You will be asked to provide a description. Please type G2G and click Create
 
SystemProtection.JPG
 
5. You will get a message telling you when it's complete. Click Close on the message. Note: If you get any error message trying to create the restore point let me know and don't continue.

 

 

Step#3 - FRST Fix
 
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
1. Download attached file and save it to the Desktop. Attached File  fixlist.txt   1.17KB   73 downloads

Note. It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work (in this case...the desktop).
 
2. Run FRST64 by Right-Clicking on the file and choosing Run as administrator.
3. Press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
4. When finished FRST64 will generate a log on the Desktop (Fixlog.txt). Please post the contents of it in your reply.

 

 

Step#4 - AdWCleaner
1. Please download AdwCleaner by Xplode onto your desktop.
2. Close all open programs and internet browsers.
3. Right-click on AdwCleaner.exe and select Run as administrator to run the tool.
4. Click on Scan.
5. After the scan is complete click on "Clean"
6. Confirm each time with Ok.
7. Your computer will be rebooted automatically. A text file will open after the restart.
8. Please post the content of that logfile with your next answer.
9. If need be, you can also find the logfile at C:\AdwCleaner\AdwCleaner[S0].txt as well.

 

Step#5 - JRT
 
Note: Please disable your Antivirus Software before doing this step. You should be able to right-click the tray icon by the system time on your computer and choose disable.
1. Download Junkware Removal Tool to your desktop.
2. Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
3, The tool will open and start scanning your system.
4. Please be patient as this can take a while to complete depending on your system's specifications.
5. On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
6. Close the text file and reboot your machine.
7. After your machine is rebooted, please re-enable your antivirus.
8. Post the contents of JRT.txt into your next message.

 

Step#6 - FRST Scan
 
1. Open FRST again by right-clicking on the FRST64 file and choosing Run as Administrator. Allow if prompted.
2. Please ensure you place a check mark in the Addition.txt check box at the bottom of the form (if it's not already) before running.
3. Press Scan button.
4. It will produce a log called FRST.txt in the same directory the tool is run from (which should now be the desktop)
5. Please copy and paste log back here.
6. The tool will generate another log (Addition.txt - also located in the same directory as FRST.exe). Please also paste that along with the FRST.txt into your reply.
 
 

 

 
 
Items for your next post
1. FRST Fix Log 

2. AdwCleaner log

3. Junkware log

4. Fresh FRST and Addition logs


  • 0

#8
jamally

jamally

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 05-10-2014
Ran by captn at 2014-10-06 00:59:41 Run:1
Running from C:\Users\captn\Desktop
Loaded Profiles: UpdatusUser & captn (Available profiles: UpdatusUser & captn)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CloseProcesses:
HKU\S-1-5-21-825610380-2903063623-3906473893-1001\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 239 more characters). <==== Poweliks!
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (Tonec Inc.)
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
S2 Winmgmt; C:\ProgramData\C6689E946A46C8F273167709064FF4F7\odj62vjlf.dot [X]
2014-10-05 12:40 - 2014-10-05 12:40 - 00002894 _____ () C:\Windows\System32\Tasks\{E2B973B0-C15F-4E07-A885-1E2A5C5AD79D}
2014-09-29 02:50 - 2014-09-29 02:50 - 00003172 _____ () C:\Windows\System32\Tasks\{0C34285A-0AA1-4481-A49F-2E4241D9B549}
CustomCLSID: HKU\S-1-5-21-825610380-2903063623-3906473893-1001_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 247 more characters). <==== Poweliks?
EmptyTemp:

*****************

Processes closed successfully.
"HKU\S-1-5-21-825610380-2903063623-3906473893-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32" => Key Deleted Successfully.
"HKU\S-1-5-21-825610380-2903063623-3906473893-1001\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}" => Key deleted successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\IDM Shell Extension]" => Key not found.
"HKCR\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
Winmgmt => Service restored successfully.
C:\Windows\System32\Tasks\{E2B973B0-C15F-4E07-A885-1E2A5C5AD79D} => Moved successfully.
C:\Windows\System32\Tasks\{0C34285A-0AA1-4481-A49F-2E4241D9B549} => Moved successfully.
"HKU\S-1-5-21-825610380-2903063623-3906473893-1001_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}" => Key not found.
EmptyTemp: => Removed 19.4 GB temporary data.

The system needed a reboot.

==== End of Fixlog ====

 

AdwCleaner===

 

# AdwCleaner v3.311 - Report created 06/10/2014 at 11:37:03
# Updated 30/09/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : captn - 10CHOCTAW
# Running from : C:\Users\captn\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1CCCE0D-AE21-42A2-BE58-8E6109410995}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD4D7B0F-45C6-4bb2-A1E7-54D1754E7FC5}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKLM\SOFTWARE\AVG SafeGuard toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17280

*************************

AdwCleaner[R0].txt - [1079 octets] - [29/09/2014 00:08:05]
AdwCleaner[R1].txt - [1063 octets] - [06/10/2014 01:53:31]
AdwCleaner[R2].txt - [1124 octets] - [06/10/2014 11:29:20]
AdwCleaner[S0].txt - [1015 octets] - [06/10/2014 11:37:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1075 octets] ##########

 

 

Junkware Removal Tool --

 

Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.1 (10.06.2014:1)
OS: Windows 7 Professional x64
Ran by captn on Mon 10/06/2014 at 11:46:16.47
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

 

~~~ Files

Successfully deleted: [File] "C:\Windows\wininit.ini"

 

~~~ Folders

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 10/06/2014 at 11:47:32.36
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-10-2014
Ran by captn (administrator) on 10CHOCTAW on 06-10-2014 11:57:38
Running from C:\Users\captn\Desktop
Loaded Profiles: UpdatusUser & captn (Available profiles: UpdatusUser & captn)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILQE.EXE
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Internet Download Manager, Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMIntegrator64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Internet Download Manager, Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\idmBroker.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_15_0_0_167_ActiveX.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-28] (Realtek Semiconductor)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-08-15] (Intel Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5188112 2014-08-25] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058880 2013-03-28] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694040 2014-07-22] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-825610380-2903063623-3906473893-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILQE.EXE [297024 2013-05-10] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-825610380-2903063623-3906473893-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3878480 2014-09-03] (Tonec Inc.)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5A1235501BB5CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {95B5D20C-BD31-4489-8ABF-F8C8BE748463} http://zone.msn.com/...tz.cab99160.cab
DPF: HKLM-x32 {9BDF4724-10AA-43D5-BD15-AEA0D2287303} http://zone.msn.com/...he.cab79352.cab
DPF: HKLM-x32 {A4110378-789B-455F-AE86-3A1BFC402853} http://zone.msn.com/...vl.cab55579.cab
DPF: HKLM-x32 {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...k.cab102118.cab
DPF: HKLM-x32 {CAC181B0-4D70-402D-B571-C596A47D0CE0} http://zone.msn.com/...ol.cab56649.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\captn\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKCU\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\captn\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\captn\AppData\Roaming\IDM\idmmzcc5 [2014-09-29]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-09-12]
CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-09-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3242000 2014-08-25] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-25] (AVG Technologies CZ, s.r.o.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-05-10] (SEIKO EPSON CORPORATION)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-08-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-06-17] (AVG Technologies CZ, s.r.o.)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-06 11:57 - 2014-10-06 11:57 - 00000000 ____D () C:\Users\captn\Desktop\FRST-OlderVersion
2014-10-06 11:47 - 2014-10-06 11:47 - 00000690 _____ () C:\Users\captn\Desktop\JRT.txt
2014-10-06 11:46 - 2014-10-06 11:46 - 00000000 ____D () C:\Windows\ERUNT
2014-10-06 11:44 - 2014-10-06 11:44 - 01705141 _____ (Thisisu) C:\Users\captn\Desktop\JRT.exe
2014-10-06 01:52 - 2014-10-06 01:50 - 01375089 _____ () C:\Users\captn\Desktop\AdwCleaner.exe
2014-10-05 23:10 - 2014-10-05 23:10 - 00000938 ____R () C:\Windows\system32\Drivers\etc\hosts.20141005-231033.backup
2014-10-05 14:55 - 2014-10-05 14:58 - 00027031 _____ () C:\Users\captn\Desktop\Addition.txt
2014-10-05 14:54 - 2014-10-06 11:58 - 00011315 _____ () C:\Users\captn\Desktop\FRST.txt
2014-10-05 14:54 - 2014-10-06 11:57 - 00000000 ____D () C:\FRST
2014-10-05 14:51 - 2014-10-06 11:57 - 02109952 _____ (Farbar) C:\Users\captn\Desktop\FRST64.exe
2014-10-03 03:00 - 2014-08-18 17:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-02 19:04 - 2014-09-24 22:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-02 19:04 - 2014-09-24 21:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-30 22:25 - 2014-09-30 22:26 - 00003432 _____ () C:\Users\captn\Documents\cc_20140930_222553.reg
2014-09-30 19:15 - 2014-09-30 19:15 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-30 19:15 - 2014-09-30 19:15 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-30 19:15 - 2014-09-30 19:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-30 19:15 - 2014-09-30 19:15 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-30 19:15 - 2014-09-30 19:15 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-30 19:15 - 2014-09-30 19:15 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-09-30 19:15 - 2014-09-30 19:15 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-09-30 19:15 - 2014-09-30 19:15 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-09-30 19:15 - 2014-09-30 19:15 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-09-30 19:15 - 2014-09-30 19:15 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-09-30 19:15 - 2014-09-30 19:15 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-09-30 19:15 - 2014-09-30 19:15 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-09-30 19:15 - 2014-09-30 19:15 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-09-30 19:15 - 2014-09-30 19:15 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-30 19:15 - 2014-09-30 19:15 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-30 19:15 - 2014-09-30 19:15 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-30 19:15 - 2014-09-30 19:15 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-09-30 19:15 - 2014-09-30 19:15 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-09-30 19:15 - 2014-09-30 19:15 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-09-30 19:15 - 2014-09-30 19:15 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-09-30 19:15 - 2014-09-30 19:15 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-09-30 19:15 - 2014-09-30 19:15 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-09-30 19:15 - 2014-09-30 19:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-09-30 19:15 - 2014-09-30 19:15 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-09-30 19:15 - 2014-09-30 19:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-09-30 19:15 - 2014-09-30 19:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-09-30 19:15 - 2014-09-30 19:15 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-09-30 19:15 - 2014-09-30 19:15 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-30 19:12 - 2014-09-30 19:16 - 00008252 _____ () C:\Windows\IE11_main.log
2014-09-29 17:02 - 2014-09-29 17:02 - 00000023 _____ () C:\Users\captn\internet download manager lic..txt
2014-09-29 14:32 - 2014-09-29 14:32 - 00001035 _____ () C:\Users\captn\Desktop\Internet Download Manager.lnk
2014-09-29 14:32 - 2014-09-29 14:32 - 00000000 ____D () C:\Users\captn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2014-09-29 14:32 - 2014-09-29 14:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2014-09-29 14:18 - 2014-09-29 14:18 - 00001076 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-09-29 14:18 - 2014-09-29 14:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-09-29 00:08 - 2014-10-06 11:37 - 00000000 ____D () C:\AdwCleaner
2014-09-28 18:27 - 2014-10-06 11:38 - 00163726 _____ () C:\Windows\PFRO.log
2014-09-27 13:27 - 2014-09-27 13:27 - 00000000 ____D () C:\Users\captn\Desktop\OTL
2014-09-26 01:13 - 2014-10-06 11:51 - 00001904 _____ () C:\Windows\setupact.log
2014-09-26 01:13 - 2014-09-26 01:13 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-23 21:18 - 2014-09-11 08:57 - 02480312 _____ (Sysinternals - www.sysinternals.com) C:\Users\captn\Desktop\procexp.exe
2014-09-23 21:17 - 2014-09-23 21:17 - 00000000 ____D () C:\Users\captn\AppData\Roaming\WinRAR
2014-09-23 21:15 - 2014-09-23 21:17 - 00000000 ____D () C:\Users\captn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-09-23 21:15 - 2014-09-23 21:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-09-23 21:14 - 2014-09-23 21:16 - 00000000 ____D () C:\Program Files\WinRAR
2014-09-23 16:40 - 2014-09-09 18:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-23 16:40 - 2014-09-09 17:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-23 03:01 - 2009-06-10 17:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20140923-030151.backup
2014-09-23 02:46 - 2014-10-05 23:15 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-09-23 02:46 - 2014-10-05 23:13 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-22 23:31 - 2014-09-22 23:31 - 00000078 _____ () C:\Users\captn\watching worms.txt
2014-09-13 02:39 - 2014-09-13 02:39 - 00002089 _____ () C:\Users\captn\betty boop was black.txt
2014-09-12 07:05 - 2014-06-09 04:41 - 00180136 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys
2014-09-12 03:30 - 2014-09-12 03:30 - 00000588 _____ () C:\Users\captn\mason 1.txt
2014-09-11 03:00 - 2014-06-26 22:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-11 03:00 - 2014-06-26 21:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 20:22 - 2014-08-01 07:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-10 20:22 - 2014-08-01 07:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-10 20:21 - 2014-09-04 22:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-10 20:21 - 2014-09-04 22:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-10 20:21 - 2014-07-06 22:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 20:21 - 2014-07-06 22:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 20:21 - 2014-07-06 21:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-10 20:21 - 2014-07-06 21:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-10 20:21 - 2014-07-06 21:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-10 20:21 - 2014-06-23 23:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-10 20:21 - 2014-06-23 22:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-07 03:49 - 2014-09-07 03:49 - 00001317 _____ () C:\Users\captn\news.txt

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-06 11:56 - 2014-05-10 01:12 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-06 11:55 - 2009-07-14 01:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-06 11:54 - 2014-02-24 14:43 - 01455973 _____ () C:\Windows\WindowsUpdate.log
2014-10-06 11:51 - 2013-11-19 07:26 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-06 11:51 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-06 11:45 - 2014-05-09 01:49 - 00000000 ____D () C:\Users\captn\AppData\Roaming\DMCache
2014-10-06 11:45 - 2009-07-14 00:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-06 11:45 - 2009-07-14 00:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-06 11:32 - 2014-06-11 22:32 - 00000911 _____ () C:\Windows\Tasks\EPSON XP-610 Series Update {111E5B54-64F2-4169-88BE-D3D2B5E442D8}.job
2014-10-06 11:32 - 2014-06-11 22:32 - 00000725 _____ () C:\Windows\Tasks\EPSON XP-610 Series Invitation {111E5B54-64F2-4169-88BE-D3D2B5E442D8}.job
2014-10-06 11:32 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-10-06 11:14 - 2014-05-08 00:19 - 00000000 ____D () C:\ProgramData\MFAData
2014-10-06 00:13 - 2014-05-08 00:50 - 00000000 ____D () C:\Users\captn\AppData\Roaming\vlc
2014-10-05 21:15 - 2014-05-09 01:49 - 00000000 ____D () C:\Users\captn\Downloads\Video
2014-10-05 16:45 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-10-03 23:23 - 2014-05-08 00:12 - 00000000 ____D () C:\Users\captn\AppData\Roaming\Adobe
2014-09-30 22:28 - 2014-05-09 01:49 - 00000000 ____D () C:\Users\captn\AppData\Roaming\IDM
2014-09-30 19:34 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-09-30 19:21 - 2013-11-15 08:46 - 00000000 ____D () C:\Windows\Panther
2014-09-29 17:02 - 2014-05-08 00:11 - 00000000 ____D () C:\Users\captn
2014-09-29 14:32 - 2014-05-09 01:49 - 00000000 ____D () C:\Program Files (x86)\Internet Download Manager
2014-09-29 14:18 - 2014-05-08 00:50 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-09-29 03:00 - 2009-07-14 01:08 - 00032552 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-28 22:41 - 2014-07-06 14:07 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-25 12:43 - 2014-05-09 01:49 - 00000000 ____D () C:\Users\captn\Downloads\Compressed
2014-09-25 01:36 - 2009-07-13 23:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-09-24 14:35 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-24 12:10 - 2014-09-02 22:47 - 00000000 ____D () C:\Users\captn\fantasy
2014-09-23 17:56 - 2014-05-10 01:12 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-23 17:56 - 2014-05-10 01:12 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-23 17:56 - 2014-05-10 01:12 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-23 16:45 - 2014-06-12 00:17 - 00002471 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-09-23 03:06 - 2009-07-13 22:34 - 00450712 ____R () C:\Windows\system32\Drivers\etc\hosts.20141005-231025.backup
2014-09-23 03:01 - 2009-07-13 22:34 - 00450712 ____R () C:\Windows\system32\Drivers\etc\hosts.20140923-030643.backup
2014-09-23 00:28 - 2014-07-06 23:07 - 00000828 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-09-23 00:28 - 2014-07-06 23:07 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-19 12:50 - 2014-06-19 13:55 - 00000000 ____D () C:\Users\captn\AppData\Local\Adobe
2014-09-15 23:22 - 2014-05-08 00:36 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-09-15 20:39 - 2014-06-30 00:18 - 00001159 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-09-15 20:39 - 2014-05-08 00:36 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2014-09-11 03:05 - 2013-11-20 02:36 - 00774592 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-11 03:02 - 2014-05-18 22:24 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-11 03:01 - 2014-05-18 22:24 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-11 03:00 - 2014-05-11 03:37 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-06 18:18 - 2014-07-17 21:49 - 00000000 ____D () C:\Users\captn\AppData\Roaming\Audacity

Some content of TEMP:
====================
C:\Users\captn\AppData\Local\Temp\procexp64.exe
C:\Users\captn\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-10-06 11:26

==================== End Of Log ============================

 

additional--

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2014
Ran by captn at 2014-10-06 11:58:14
Running from C:\Users\captn\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acoustica CD/DVD Label Maker (HKLM-x32\...\Acoustica CD/DVD Label Maker) (Version:  - )
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.7.1.418 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4765 - AVG Technologies)
AVG 2014 (Version: 14.0.4037 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4765 - AVG Technologies) Hidden
AVS Audio Editor 7.2 (HKLM-x32\...\AVS Audio Editor_is1) (Version: 7.2.2.488 - Online Media Technologies Ltd.)
AVS Media Player 4.2.2.104 (HKLM-x32\...\AVS Media Player_is1) (Version: 4.2.2.104 - Online Media Technologies Ltd.)
AVS Video Converter 8.5 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 8.5.1.551 - Online Media Technologies Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5067 - CDBurnerXP)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.2.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{2970697F-2A11-4588-8B7F-97322D1CCF3C}) (Version: 3.10.0017 - Seiko Epson Corporation)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.22.00 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-610 Series Printer Uninstall (HKLM\...\EPSON XP-610 Series) (Version:  - SEIKO EPSON Corporation)
FastStone Image Viewer 4.9 (HKLM-x32\...\FastStone Image Viewer) (Version: 4.9 - FastStone Soft)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.1.28 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
NVIDIA 3D Vision Controller Driver 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 320.49 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 320.49 - NVIDIA Corporation)
NVIDIA Control Panel 320.49 (Version: 320.49 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 320.49 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.24.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.24.2 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.124.810 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0604 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2049 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 4.11.9 - NVIDIA Corporation) Hidden
paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF481A}) (Version: 4.0.3 - dotPDN LLC)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
Software Updater (HKLM-x32\...\{C09D747A-BD47-42A9-915E-CEB6B1BB7C11}) (Version: 4.2.7 - SEIKO EPSON CORPORATION)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.3f3 - Unity Technologies ApS)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows 7 Upgrade Advisor (HKLM-x32\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points  =========================

30-09-2014 23:12:30 Windows Update
03-10-2014 07:00:12 Windows Update
05-10-2014 23:00:22 Windows Backup
06-10-2014 04:54:57 G2G

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2014-10-05 23:10 - 00000938 ____R C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {11369B6B-1266-47E6-8A9E-C7D28A2C4E1F} - System32\Tasks\{36150F81-E723-457C-9453-AFB02FD1A80C} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2014-07-22] (Adobe Systems Incorporated)
Task: {1A4B1354-9984-463A-9EAD-D56D4E83A6A5} - System32\Tasks\{7420596B-3FB1-4FA2-A530-6B9E972DA57A} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2014-07-22] (Adobe Systems Incorporated)
Task: {1CA45C17-1623-4DB7-935B-68CE4A8CC228} - System32\Tasks\EPSON XP-610 Series Invitation {111E5B54-64F2-4169-88BE-D3D2B5E442D8} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [2013-05-10] (SEIKO EPSON CORPORATION)
Task: {2D7E6B39-D168-4076-AC84-E278C98077AC} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {5D3BE866-BB34-412A-815B-F2F8E8C6B4B0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {77FA1339-8892-4F38-8EBA-6D7955E67592} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-23] (Adobe Systems Incorporated)
Task: {7F4CF9C7-0DFA-408A-BA15-4F4D49D54BDE} - \{E2B973B0-C15F-4E07-A885-1E2A5C5AD79D} No Task File <==== ATTENTION
Task: {B7C86FF1-FB0E-4A2B-B49C-9A5437B022AC} - \{0C34285A-0AA1-4481-A49F-2E4241D9B549} No Task File <==== ATTENTION
Task: {B8C0C139-CBD1-4753-8FB5-F630594EC972} - System32\Tasks\{1ED9F9D1-E853-4397-A661-3FF6A0D84AF0} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2014-07-22] (Adobe Systems Incorporated)
Task: {D3A45F8B-8508-4DAC-AF8C-A1E8900938BD} - System32\Tasks\EPSON XP-610 Series Update {111E5B54-64F2-4169-88BE-D3D2B5E442D8} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [2013-05-10] (SEIKO EPSON CORPORATION)
Task: {DD24DED6-D044-43CD-9B4E-1567F6A1733F} - System32\Tasks\{CF111383-A915-4DE4-A368-0F3798E091E5} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2014-07-22] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\EPSON XP-610 Series Invitation {111E5B54-64F2-4169-88BE-D3D2B5E442D8}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE
Task: C:\Windows\Tasks\EPSON XP-610 Series Update {111E5B54-64F2-4169-88BE-D3D2B5E442D8}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE

==================== Loaded Modules (whitelisted) =============

2013-11-19 07:25 - 2013-06-21 06:23 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-07-16 11:05 - 2014-07-16 11:05 - 05558432 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2014-07-03 06:45 - 2014-07-03 06:45 - 32733056 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll
2014-07-03 06:45 - 2014-07-03 06:45 - 00742784 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libglesv2.dll
2014-07-03 06:45 - 2014-07-03 06:45 - 00136576 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libegl.dll

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-825610380-2903063623-3906473893-500 - Administrator - Disabled)
captn (S-1-5-21-825610380-2903063623-3906473893-1001 - Administrator - Enabled) => C:\Users\captn
Guest (S-1-5-21-825610380-2903063623-3906473893-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-825610380-2903063623-3906473893-1003 - Limited - Enabled)
UpdatusUser (S-1-5-21-825610380-2903063623-3906473893-1000 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (10/06/2014 11:53:07 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============

Microsoft Office Sessions:
=========================
Error: (10/06/2014 11:53:07 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

==================== Memory info ===========================

Processor: Intel® Core™ i5-4670K CPU @ 3.40GHz
Percentage of memory in use: 24%
Total physical RAM: 8015.22 MB
Available physical RAM: 6027.71 MB
Total Pagefile: 16028.62 MB
Available Pagefile: 13988.2 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1862.67 GB) (Free:1799.54 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 0B855EF6)
Partition 1: (Active) - (Size=356 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================


  • 0

#9
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Thank you for the logs. Excellent job. How is your machine doing? Let's ensure there are no hidden malware that we haven't caught yet before we declare you clean. Because of the type of malware you had extra checks are in order. Please follow the steps below.

 

Step#1 - FRST Fix
 
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
1. Download attached file and save it to the Desktop. Attached File  fixlist.txt   438bytes   55 downloads

Note. It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work (in this case...the desktop).
 
2. Run FRST64 by Right-Clicking on the file and choosing Run as administrator.
3. Press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
4. When finished FRST64 will generate a log on the Desktop (Fixlog.txt). Please post the contents of it in your reply.

 

 

Step#2 - Malwarebytes Scan

  • Open up Malwarebytes. I see you have it installed and it's current.
  • Ensure the virus definitions are allowed to update.
  • Click the Scan button at the top of the form and then click Scan Now.
    2.JPG
  • Once the scan completes click the View detailed log link.
    3.JPG
  • Then click the Copy to clipboard button and paste into your next post.
    4.JPG

 

Step#3 - ESET Online Scanner and Post Results
Before running this scan, please temporarily disable your antivirus software to avoid conflicts. You can re-enable once it's done. I believe on the taskbar, you right-click the Norton icon and then click Disable AntiVirus Auto-Protect or something similar. Instructions for doing this on many AVs are here.

  • Please go here and click on 1.JPG
  • Note: This site is optimized for Internet Explorer. Please use it for this scan. If you wish to use Firefox or Chrome you will be asked to download the ESET Smart Installer first (esetsmartinstaller_enu.exe). Go ahead and download and run this file.
  • Please accept the ESET Online Scanner EULA and click Start.
  • If prompted, allow the Add-On/Active X to install. If you have problems with this step please see this link.
  • Make sure Enable detection of potentially unwanted applications is selected.
  • Click the Advanced Settings link.
  • Make sure Remove found threats is NOT checked.
  • Make sure Scan archives IS checked.
  • Make sure Scan for potentially unsafe applications IS checked.
  • Make sure Enable Anti-Stealth technology IS checked
  • 2.JPG
     
  • Click on Start
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed make sure you first copy the contents of the logfile located at C:\Program Files (x86)\ESET\Eset Online Scanner\log.txt
    Note: Copy/Paste the contents of the log.txt file BEFORE going on to the next step or the log file will be removed.
  • Also be sure to check Uninstall Application on Close before clicking finish.
  • Paste that log as a part of your next post.

 

Step#4 - TDSSKiller - Check for Infected MBR/BCD Entries
 
Please download the latest version of TDSSKiller from here and save it to your Desktop.

  • Right-click on TDSSKiller.exe and select Run as administrator. Allow to run if prompted.
  • Accept the End User License Agreement & KSN Statement
  • Click on Change parameters.
  • Another window will appear.
  • Check "Verify file digital signatures" and "Detect TDLFS file system".
  • Check "Loaded modules" under the Objects to scan section. You will be prompted to reboot. Please do so.
  • Reboot.JPG
  • Once the computer is rebooted, TDDSKiller will open again.
  • Click the Start Scan button.
  • The scan should only take a few minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process. Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here. If there are multiple logs, please post the most current.

 

 

 

 
Items for your next post
1. How is your computer doing

2. FRST Fix Log

3. Malwarebytes log

4. ESET log

5. TDSSKiller log


  • 0

#10
jamally

jamally

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 10/6/2014
Scan Time: 8:18:41 PM
Logfile: malw.report.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.10.07.01
Rootkit Database: v2014.09.19.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: captn

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 341228
Time Elapsed: 4 min, 37 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

 

 

TdssKiller report

 

21:13:22.0852 0x0a84  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
21:13:24.0038 0x0a84  ============================================================
21:13:24.0038 0x0a84  Current date / time: 2014/10/06 21:13:24.0038
21:13:24.0038 0x0a84  SystemInfo:
21:13:24.0038 0x0a84 
21:13:24.0038 0x0a84  OS Version: 6.1.7601 ServicePack: 1.0
21:13:24.0038 0x0a84  Product type: Workstation
21:13:24.0038 0x0a84  ComputerName: 10CHOCTAW
21:13:24.0038 0x0a84  UserName: captn
21:13:24.0038 0x0a84  Windows directory: C:\Windows
21:13:24.0038 0x0a84  System windows directory: C:\Windows
21:13:24.0038 0x0a84  Running under WOW64
21:13:24.0038 0x0a84  Processor architecture: Intel x64
21:13:24.0038 0x0a84  Number of processors: 4
21:13:24.0038 0x0a84  Page size: 0x1000
21:13:24.0038 0x0a84  Boot type: Normal boot
21:13:24.0038 0x0a84  ============================================================
21:13:24.0038 0x0a84  BG loaded
21:13:25.0614 0x0a84  System UUID: {42F4434B-82D2-9E53-86D2-AE0267F9A7CB}
21:13:28.0531 0x0a84  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:13:28.0546 0x0a84  ============================================================
21:13:28.0546 0x0a84  \Device\Harddisk0\DR0:
21:13:28.0546 0x0a84  MBR partitions:
21:13:28.0546 0x0a84  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xB2000
21:13:28.0546 0x0a84  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xB2800, BlocksNum 0xE8D558B0
21:13:28.0546 0x0a84  ============================================================
21:13:28.0578 0x0a84  C: <-> \Device\Harddisk0\DR0\Partition2
21:13:28.0578 0x0a84  ============================================================
21:13:28.0578 0x0a84  Initialize success
21:13:28.0578 0x0a84  ============================================================
21:14:57.0661 0x1660  ============================================================
21:14:57.0661 0x1660  Scan started
21:14:57.0661 0x1660  Mode: Manual;
21:14:57.0661 0x1660  ============================================================
21:14:57.0661 0x1660  KSN ping started
21:15:00.0501 0x1660  KSN ping finished: true
21:15:03.0160 0x1660  ================ Scan system memory ========================
21:15:03.0160 0x1660  System memory - ok
21:15:03.0160 0x1660  ================ Scan services =============================
21:15:03.0264 0x1660  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
21:15:03.0268 0x1660  1394ohci - ok
21:15:03.0295 0x1660  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:15:03.0300 0x1660  ACPI - ok
21:15:03.0316 0x1660  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:15:03.0317 0x1660  AcpiPmi - ok
21:15:03.0385 0x1660  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:15:03.0392 0x1660  AdobeARMservice - ok
21:15:03.0449 0x1660  [ 4ECFCAAE5CB380F58934F0DCF5F64E7F, D82B37E57D93484D7A3CB65470BCD54A578A695F0203A8DD441B1348C1EEA751 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:15:03.0453 0x1660  AdobeFlashPlayerUpdateSvc - ok
21:15:03.0466 0x1660  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
21:15:03.0473 0x1660  adp94xx - ok
21:15:03.0489 0x1660  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
21:15:03.0494 0x1660  adpahci - ok
21:15:03.0508 0x1660  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
21:15:03.0511 0x1660  adpu320 - ok
21:15:03.0527 0x1660  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:15:03.0528 0x1660  AeLookupSvc - ok
21:15:03.0550 0x1660  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
21:15:03.0556 0x1660  AFD - ok
21:15:03.0568 0x1660  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
21:15:03.0569 0x1660  agp440 - ok
21:15:03.0583 0x1660  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
21:15:03.0584 0x1660  ALG - ok
21:15:03.0597 0x1660  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:15:03.0597 0x1660  aliide - ok
21:15:03.0606 0x1660  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
21:15:03.0607 0x1660  amdide - ok
21:15:03.0621 0x1660  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
21:15:03.0622 0x1660  AmdK8 - ok
21:15:03.0628 0x1660  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
21:15:03.0630 0x1660  AmdPPM - ok
21:15:03.0639 0x1660  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:15:03.0641 0x1660  amdsata - ok
21:15:03.0656 0x1660  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
21:15:03.0659 0x1660  amdsbs - ok
21:15:03.0669 0x1660  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:15:03.0670 0x1660  amdxata - ok
21:15:03.0679 0x1660  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
21:15:03.0680 0x1660  AppID - ok
21:15:03.0687 0x1660  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:15:03.0688 0x1660  AppIDSvc - ok
21:15:03.0704 0x1660  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
21:15:03.0705 0x1660  Appinfo - ok
21:15:03.0726 0x1660  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
21:15:03.0729 0x1660  AppMgmt - ok
21:15:03.0749 0x1660  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
21:15:03.0750 0x1660  arc - ok
21:15:03.0761 0x1660  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
21:15:03.0762 0x1660  arcsas - ok
21:15:03.0806 0x1660  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:15:03.0808 0x1660  aspnet_state - ok
21:15:03.0827 0x1660  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:15:03.0827 0x1660  AsyncMac - ok
21:15:03.0835 0x1660  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
21:15:03.0836 0x1660  atapi - ok
21:15:03.0907 0x1660  [ 2093F84EC032B2F59FF005D83F841144, 32FDB8B4CB929B54B8DCACE9AEC61966781A1D44A0BE3632C96B7C4CEC47406B ] athr            C:\Windows\system32\DRIVERS\athrx.sys
21:15:03.0956 0x1660  athr - ok
21:15:03.0992 0x1660  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:15:03.0999 0x1660  AudioEndpointBuilder - ok
21:15:04.0009 0x1660  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
21:15:04.0017 0x1660  AudioSrv - ok
21:15:04.0045 0x1660  [ CDE60914D4ED81291F0CCFDB2CA311B9, 414D9BFF4E7DA17194695CB99B9E7F82C1616F4C228E6E9087208D290B9ED64D ] Avgdiska        C:\Windows\system32\DRIVERS\avgdiska.sys
21:15:04.0047 0x1660  Avgdiska - ok
21:15:04.0125 0x1660  [ B6E2D865C5936A4FEE68F11E97DF6B82, 02807C38BF6DF72BF49636371BA9CDBC1C531C239DF26930F320ABD937AA1B9D ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
21:15:04.0160 0x1660  AVGIDSAgent - ok
21:15:04.0182 0x1660  [ E7E1A0AB30587BF3734A2EC66BBCE743, F2D662A2CC29B9B8C1D7AA3424CAAB18A78C60E9557D992EF14BC15DB1438B54 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
21:15:04.0184 0x1660  AVGIDSDriver - ok
21:15:04.0200 0x1660  [ B0E4A1F342A3F8B75C4A4ADB044761C9, 208D033EE04206FEDFC99102025A53D53EF2D3FB373882776DE43D663BE9A01B ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
21:15:04.0202 0x1660  AVGIDSHA - ok
21:15:04.0213 0x1660  [ 5D115BF49AE159D4D7D1EBC640CB138F, F529FB749AB8098B657DEB4637B9B87FA2DE4806F37AC9257542B7E522BA487E ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
21:15:04.0216 0x1660  Avgldx64 - ok
21:15:04.0233 0x1660  [ 197F28711B4B71E6575E5298CCEDC737, 16B7A9E59CA5EF8241029E16408CC1DD77004B195C9FE0677DE35A723FCA3DB4 ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
21:15:04.0238 0x1660  Avgloga - ok
21:15:04.0258 0x1660  [ 22B257B0A8A83924CB96D1BA2A076C2F, BA1E33DC2D76F9347160E159BFB857E673222745409686E32E707EB2847A2520 ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
21:15:04.0260 0x1660  Avgmfx64 - ok
21:15:04.0279 0x1660  [ C4F9056928B26BCAF15872E46B29184F, 0A1574937D120B8872947C4C68F1706BB9713B0D00AD62BE8082499C944114BA ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
21:15:04.0280 0x1660  Avgrkx64 - ok
21:15:04.0290 0x1660  [ 0971913995F5FAFD711B0B2426A175E9, 1009E628997B56697BA976E376A9E9D39082E7057D6EFF37D57FDCA2057B9498 ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
21:15:04.0293 0x1660  Avgtdia - ok
21:15:04.0308 0x1660  [ D7CBEEA4500BFDC63E99B06A1C512BE8, F8408E339AD022DD78D6C856A330F5A40CAF21F3B0C69FA352D66E3B8E75AA0F ] avgwd           C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
21:15:04.0311 0x1660  avgwd - ok
21:15:04.0339 0x1660  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:15:04.0341 0x1660  AxInstSV - ok
21:15:04.0364 0x1660  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
21:15:04.0370 0x1660  b06bdrv - ok
21:15:04.0389 0x1660  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
21:15:04.0393 0x1660  b57nd60a - ok
21:15:04.0408 0x1660  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:15:04.0410 0x1660  BDESVC - ok
21:15:04.0417 0x1660  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:15:04.0417 0x1660  Beep - ok
21:15:04.0433 0x1660  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
21:15:04.0440 0x1660  BFE - ok
21:15:04.0476 0x1660  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
21:15:04.0488 0x1660  BITS - ok
21:15:04.0500 0x1660  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
21:15:04.0501 0x1660  blbdrive - ok
21:15:04.0518 0x1660  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:15:04.0519 0x1660  bowser - ok
21:15:04.0535 0x1660  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
21:15:04.0536 0x1660  BrFiltLo - ok
21:15:04.0545 0x1660  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
21:15:04.0546 0x1660  BrFiltUp - ok
21:15:04.0567 0x1660  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
21:15:04.0569 0x1660  Browser - ok
21:15:04.0583 0x1660  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:15:04.0587 0x1660  Brserid - ok
21:15:04.0608 0x1660  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:15:04.0609 0x1660  BrSerWdm - ok
21:15:04.0614 0x1660  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:15:04.0615 0x1660  BrUsbMdm - ok
21:15:04.0633 0x1660  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:15:04.0634 0x1660  BrUsbSer - ok
21:15:04.0642 0x1660  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
21:15:04.0644 0x1660  BTHMODEM - ok
21:15:04.0654 0x1660  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
21:15:04.0656 0x1660  bthserv - ok
21:15:04.0663 0x1660  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:15:04.0665 0x1660  cdfs - ok
21:15:04.0675 0x1660  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:15:04.0677 0x1660  cdrom - ok
21:15:04.0696 0x1660  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
21:15:04.0698 0x1660  CertPropSvc - ok
21:15:04.0707 0x1660  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
21:15:04.0708 0x1660  circlass - ok
21:15:04.0721 0x1660  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
21:15:04.0726 0x1660  CLFS - ok
21:15:04.0755 0x1660  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:15:04.0757 0x1660  clr_optimization_v2.0.50727_32 - ok
21:15:04.0799 0x1660  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:15:04.0802 0x1660  clr_optimization_v2.0.50727_64 - ok
21:15:04.0844 0x1660  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:15:04.0847 0x1660  clr_optimization_v4.0.30319_32 - ok
21:15:04.0855 0x1660  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:15:04.0857 0x1660  clr_optimization_v4.0.30319_64 - ok
21:15:04.0870 0x1660  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
21:15:04.0871 0x1660  CmBatt - ok
21:15:04.0875 0x1660  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:15:04.0876 0x1660  cmdide - ok
21:15:04.0903 0x1660  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
21:15:04.0909 0x1660  CNG - ok
21:15:04.0920 0x1660  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
21:15:04.0920 0x1660  Compbatt - ok
21:15:04.0928 0x1660  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
21:15:04.0928 0x1660  CompositeBus - ok
21:15:04.0930 0x1660  COMSysApp - ok
21:15:04.0960 0x1660  [ 477F38FC094F21FF8D86E6CF557A7452, D79977CCE682E487F978150BCF7C67E9FEDF4845CE7786F6EF73115BECB5392B ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
21:15:04.0964 0x1660  cphs - ok
21:15:04.0984 0x1660  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
21:15:04.0985 0x1660  crcdisk - ok
21:15:04.0995 0x1660  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:15:04.0997 0x1660  CryptSvc - ok
21:15:05.0014 0x1660  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
21:15:05.0020 0x1660  CSC - ok
21:15:05.0031 0x1660  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
21:15:05.0039 0x1660  CscService - ok
21:15:05.0063 0x1660  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:15:05.0069 0x1660  DcomLaunch - ok
21:15:05.0091 0x1660  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
21:15:05.0096 0x1660  defragsvc - ok
21:15:05.0115 0x1660  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:15:05.0116 0x1660  DfsC - ok
21:15:05.0131 0x1660  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:15:05.0135 0x1660  Dhcp - ok
21:15:05.0145 0x1660  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
21:15:05.0145 0x1660  discache - ok
21:15:05.0161 0x1660  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
21:15:05.0163 0x1660  Disk - ok
21:15:05.0174 0x1660  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
21:15:05.0176 0x1660  dmvsc - ok
21:15:05.0187 0x1660  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:15:05.0190 0x1660  Dnscache - ok
21:15:05.0198 0x1660  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:15:05.0202 0x1660  dot3svc - ok
21:15:05.0215 0x1660  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
21:15:05.0217 0x1660  DPS - ok
21:15:05.0251 0x1660  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:15:05.0252 0x1660  drmkaud - ok
21:15:05.0285 0x1660  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:15:05.0296 0x1660  DXGKrnl - ok
21:15:05.0310 0x1660  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
21:15:05.0311 0x1660  EapHost - ok
21:15:05.0383 0x1660  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
21:15:05.0426 0x1660  ebdrv - ok
21:15:05.0448 0x1660  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
21:15:05.0449 0x1660  EFS - ok
21:15:05.0487 0x1660  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:15:05.0496 0x1660  ehRecvr - ok
21:15:05.0517 0x1660  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
21:15:05.0519 0x1660  ehSched - ok
21:15:05.0538 0x1660  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
21:15:05.0545 0x1660  elxstor - ok
21:15:05.0584 0x1660  [ D315FF43E23DF424ECEC2F6C930203E4, 68940EDA34DC4945CDD0D8018D96A0DA8F99F16A930946D14E4FECEE033FCB80 ] EpsonScanSvc    C:\Windows\system32\EscSvc64.exe
21:15:05.0586 0x1660  EpsonScanSvc - ok
21:15:05.0658 0x1660  [ 86032A47AD0105130FE7808C903E2086, ACCCA35483B7E8F9FC72A65031E024C469DF94FCCF2C5CC37C9B3BED4F1C676E ] EPSON_PM_RPCV4_06 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
21:15:05.0660 0x1660  EPSON_PM_RPCV4_06 - ok
21:15:05.0674 0x1660  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:15:05.0675 0x1660  ErrDev - ok
21:15:05.0707 0x1660  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
21:15:05.0711 0x1660  EventSystem - ok
21:15:05.0730 0x1660  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
21:15:05.0733 0x1660  exfat - ok
21:15:05.0744 0x1660  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:15:05.0747 0x1660  fastfat - ok
21:15:05.0768 0x1660  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
21:15:05.0776 0x1660  Fax - ok
21:15:05.0791 0x1660  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
21:15:05.0792 0x1660  fdc - ok
21:15:05.0803 0x1660  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
21:15:05.0804 0x1660  fdPHost - ok
21:15:05.0812 0x1660  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:15:05.0813 0x1660  FDResPub - ok
21:15:05.0822 0x1660  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:15:05.0824 0x1660  FileInfo - ok
21:15:05.0828 0x1660  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:15:05.0829 0x1660  Filetrace - ok
21:15:05.0842 0x1660  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
21:15:05.0843 0x1660  flpydisk - ok
21:15:05.0859 0x1660  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:15:05.0862 0x1660  FltMgr - ok
21:15:05.0911 0x1660  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
21:15:05.0924 0x1660  FontCache - ok
21:15:05.0950 0x1660  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:15:05.0951 0x1660  FontCache3.0.0.0 - ok
21:15:05.0964 0x1660  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:15:05.0965 0x1660  FsDepends - ok
21:15:05.0979 0x1660  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:15:05.0980 0x1660  Fs_Rec - ok
21:15:06.0002 0x1660  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:15:06.0005 0x1660  fvevol - ok
21:15:06.0012 0x1660  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
21:15:06.0014 0x1660  gagp30kx - ok
21:15:06.0026 0x1660  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
21:15:06.0034 0x1660  gpsvc - ok
21:15:06.0037 0x1660  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:15:06.0038 0x1660  hcw85cir - ok
21:15:06.0061 0x1660  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:15:06.0066 0x1660  HdAudAddService - ok
21:15:06.0085 0x1660  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
21:15:06.0086 0x1660  HDAudBus - ok
21:15:06.0094 0x1660  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
21:15:06.0095 0x1660  HidBatt - ok
21:15:06.0104 0x1660  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
21:15:06.0106 0x1660  HidBth - ok
21:15:06.0122 0x1660  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
21:15:06.0123 0x1660  HidIr - ok
21:15:06.0134 0x1660  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
21:15:06.0136 0x1660  hidserv - ok
21:15:06.0147 0x1660  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:15:06.0148 0x1660  HidUsb - ok
21:15:06.0156 0x1660  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:15:06.0159 0x1660  hkmsvc - ok
21:15:06.0166 0x1660  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:15:06.0169 0x1660  HomeGroupListener - ok
21:15:06.0179 0x1660  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:15:06.0182 0x1660  HomeGroupProvider - ok
21:15:06.0197 0x1660  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:15:06.0199 0x1660  HpSAMD - ok
21:15:06.0213 0x1660  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:15:06.0221 0x1660  HTTP - ok
21:15:06.0232 0x1660  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:15:06.0233 0x1660  hwpolicy - ok
21:15:06.0246 0x1660  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
21:15:06.0248 0x1660  i8042prt - ok
21:15:06.0265 0x1660  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:15:06.0270 0x1660  iaStorV - ok
21:15:06.0315 0x1660  [ B9F719B572D8D440DD8B5401C35B3B6F, 5AFC7F272ACEE118AF26FAD3E3800C56FF423050BD3FD3DA8D6BA8BFE5CB8E74 ] IDMWFP          C:\Windows\system32\DRIVERS\idmwfp.sys
21:15:06.0318 0x1660  IDMWFP - ok
21:15:06.0364 0x1660  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:15:06.0376 0x1660  idsvc - ok
21:15:06.0389 0x1660  IEEtwCollectorService - ok
21:15:06.0464 0x1660  [ 13AD8E01E974926E09D053DB370F2E41, 2D2EC184D02742001B65B92B2A4E044AAAC64794D5C230257FD3C2BAD3AD4E87 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
21:15:06.0512 0x1660  igfx - ok
21:15:06.0526 0x1660  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
21:15:06.0527 0x1660  iirsp - ok
21:15:06.0553 0x1660  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
21:15:06.0565 0x1660  IKEEXT - ok
21:15:06.0636 0x1660  [ CCEDD47ABD068C58C8513DEB785093BB, 2B5571688655265037ACB44D2F2E0CD646EC0567D823C32CA09F13A1814C241B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:15:06.0673 0x1660  IntcAzAudAddService - ok
21:15:06.0694 0x1660  [ EEE7376243CD8A4B49B885EF122D25E5, A3B89E7B513C95558C4DA41D3C136D464381263BA43E00EC136FC776DAA0BA94 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
21:15:06.0699 0x1660  IntcDAud - ok
21:15:06.0719 0x1660  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
21:15:06.0720 0x1660  intelide - ok
21:15:06.0734 0x1660  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
21:15:06.0735 0x1660  intelppm - ok
21:15:06.0747 0x1660  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:15:06.0749 0x1660  IPBusEnum - ok
21:15:06.0773 0x1660  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:15:06.0774 0x1660  IpFilterDriver - ok
21:15:06.0806 0x1660  [ F49F39620FDCAB02D12F5F28602CA636, 2686DDF20A9F962F8AC7986322A0DD89ECA99D8F27ACEB093A5862A44A1AAF88 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:15:06.0812 0x1660  iphlpsvc - ok
21:15:06.0838 0x1660  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:15:06.0840 0x1660  IPMIDRV - ok
21:15:06.0848 0x1660  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:15:06.0850 0x1660  IPNAT - ok
21:15:06.0857 0x1660  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:15:06.0858 0x1660  IRENUM - ok
21:15:06.0871 0x1660  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:15:06.0872 0x1660  isapnp - ok
21:15:06.0891 0x1660  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:15:06.0895 0x1660  iScsiPrt - ok
21:15:06.0908 0x1660  [ 626F5EAE794819A88F3A1437A6C75951, 491E9DFE7C08869585A5E56830110E245255C5DE71430051EC3948A81CF005C3 ] iusb3hcs        C:\Windows\system32\drivers\iusb3hcs.sys
21:15:06.0909 0x1660  iusb3hcs - ok
21:15:06.0919 0x1660  [ 21A002692B2A07D225E26F70E78D0BFC, 4809D0DD5CA1E0A9C7A0D2BD2E1C7775077CB99F62ED47844EBF3C0B1E91ED45 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
21:15:06.0923 0x1660  iusb3hub - ok
21:15:06.0947 0x1660  [ FBD43626F80EE4ACA8A6662EA318AFEF, 182DCFDE330399249F038D440FD73806009C809D2B61CE610194AA2131C02733 ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
21:15:06.0956 0x1660  iusb3xhc - ok
21:15:06.0967 0x1660  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:15:06.0968 0x1660  kbdclass - ok
21:15:06.0979 0x1660  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
21:15:06.0979 0x1660  kbdhid - ok
21:15:06.0990 0x1660  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
21:15:06.0991 0x1660  KeyIso - ok
21:15:07.0006 0x1660  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:15:07.0008 0x1660  KSecDD - ok
21:15:07.0021 0x1660  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:15:07.0023 0x1660  KSecPkg - ok
21:15:07.0029 0x1660  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:15:07.0030 0x1660  ksthunk - ok
21:15:07.0050 0x1660  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:15:07.0056 0x1660  KtmRm - ok
21:15:07.0072 0x1660  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:15:07.0075 0x1660  LanmanServer - ok
21:15:07.0088 0x1660  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:15:07.0090 0x1660  LanmanWorkstation - ok
21:15:07.0101 0x1660  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:15:07.0102 0x1660  lltdio - ok
21:15:07.0119 0x1660  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:15:07.0124 0x1660  lltdsvc - ok
21:15:07.0139 0x1660  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:15:07.0140 0x1660  lmhosts - ok
21:15:07.0152 0x1660  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
21:15:07.0154 0x1660  LSI_FC - ok
21:15:07.0168 0x1660  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
21:15:07.0170 0x1660  LSI_SAS - ok
21:15:07.0175 0x1660  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
21:15:07.0176 0x1660  LSI_SAS2 - ok
21:15:07.0186 0x1660  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
21:15:07.0188 0x1660  LSI_SCSI - ok
21:15:07.0207 0x1660  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
21:15:07.0209 0x1660  luafv - ok
21:15:07.0233 0x1660  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:15:07.0235 0x1660  Mcx2Svc - ok
21:15:07.0246 0x1660  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
21:15:07.0247 0x1660  megasas - ok
21:15:07.0262 0x1660  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
21:15:07.0266 0x1660  MegaSR - ok
21:15:07.0295 0x1660  [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64          C:\Windows\system32\drivers\HECIx64.sys
21:15:07.0296 0x1660  MEIx64 - ok
21:15:07.0302 0x1660  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
21:15:07.0304 0x1660  MMCSS - ok
21:15:07.0312 0x1660  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
21:15:07.0313 0x1660  Modem - ok
21:15:07.0324 0x1660  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:15:07.0325 0x1660  monitor - ok
21:15:07.0340 0x1660  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:15:07.0341 0x1660  mouclass - ok
21:15:07.0350 0x1660  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:15:07.0351 0x1660  mouhid - ok
21:15:07.0355 0x1660  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:15:07.0357 0x1660  mountmgr - ok
21:15:07.0373 0x1660  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:15:07.0375 0x1660  mpio - ok
21:15:07.0394 0x1660  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:15:07.0395 0x1660  mpsdrv - ok
21:15:07.0423 0x1660  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:15:07.0433 0x1660  MpsSvc - ok
21:15:07.0451 0x1660  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:15:07.0453 0x1660  MRxDAV - ok
21:15:07.0466 0x1660  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:15:07.0468 0x1660  mrxsmb - ok
21:15:07.0480 0x1660  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:15:07.0483 0x1660  mrxsmb10 - ok
21:15:07.0490 0x1660  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:15:07.0492 0x1660  mrxsmb20 - ok
21:15:07.0499 0x1660  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:15:07.0500 0x1660  msahci - ok
21:15:07.0508 0x1660  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:15:07.0510 0x1660  msdsm - ok
21:15:07.0526 0x1660  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
21:15:07.0529 0x1660  MSDTC - ok
21:15:07.0544 0x1660  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:15:07.0545 0x1660  Msfs - ok
21:15:07.0556 0x1660  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:15:07.0556 0x1660  mshidkmdf - ok
21:15:07.0563 0x1660  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:15:07.0564 0x1660  msisadrv - ok
21:15:07.0573 0x1660  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:15:07.0576 0x1660  MSiSCSI - ok
21:15:07.0577 0x1660  msiserver - ok
21:15:07.0594 0x1660  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:15:07.0595 0x1660  MSKSSRV - ok
21:15:07.0596 0x1660  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:15:07.0597 0x1660  MSPCLOCK - ok
21:15:07.0599 0x1660  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:15:07.0599 0x1660  MSPQM - ok
21:15:07.0606 0x1660  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:15:07.0611 0x1660  MsRPC - ok
21:15:07.0629 0x1660  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
21:15:07.0630 0x1660  mssmbios - ok
21:15:07.0632 0x1660  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:15:07.0633 0x1660  MSTEE - ok
21:15:07.0648 0x1660  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
21:15:07.0648 0x1660  MTConfig - ok
21:15:07.0659 0x1660  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
21:15:07.0660 0x1660  Mup - ok
21:15:07.0682 0x1660  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
21:15:07.0688 0x1660  napagent - ok
21:15:07.0703 0x1660  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:15:07.0707 0x1660  NativeWifiP - ok
21:15:07.0738 0x1660  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:15:07.0750 0x1660  NDIS - ok
21:15:07.0762 0x1660  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:15:07.0763 0x1660  NdisCap - ok
21:15:07.0776 0x1660  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:15:07.0776 0x1660  NdisTapi - ok
21:15:07.0789 0x1660  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:15:07.0790 0x1660  Ndisuio - ok
21:15:07.0796 0x1660  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:15:07.0799 0x1660  NdisWan - ok
21:15:07.0810 0x1660  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:15:07.0811 0x1660  NDProxy - ok
21:15:07.0818 0x1660  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:15:07.0819 0x1660  NetBIOS - ok
21:15:07.0824 0x1660  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:15:07.0827 0x1660  NetBT - ok
21:15:07.0831 0x1660  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
21:15:07.0832 0x1660  Netlogon - ok
21:15:07.0852 0x1660  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
21:15:07.0857 0x1660  Netman - ok
21:15:07.0875 0x1660  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:15:07.0877 0x1660  NetMsmqActivator - ok
21:15:07.0881 0x1660  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:15:07.0882 0x1660  NetPipeActivator - ok
21:15:07.0890 0x1660  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
21:15:07.0896 0x1660  netprofm - ok
21:15:07.0953 0x1660  [ 193C58F081747EA752DA6EFF64719BB4, D5A81BCC4A96493C7EA7B586EFD9FE237FCD7FCFAC3318E552B188B61D5BEE2A ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
21:15:07.0975 0x1660  netr28x - ok
21:15:07.0988 0x1660  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:15:07.0990 0x1660  NetTcpActivator - ok
21:15:07.0993 0x1660  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:15:07.0995 0x1660  NetTcpPortSharing - ok
21:15:08.0006 0x1660  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
21:15:08.0007 0x1660  nfrd960 - ok
21:15:08.0023 0x1660  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:15:08.0027 0x1660  NlaSvc - ok
21:15:08.0035 0x1660  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:15:08.0036 0x1660  Npfs - ok
21:15:08.0043 0x1660  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
21:15:08.0044 0x1660  nsi - ok
21:15:08.0053 0x1660  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:15:08.0053 0x1660  nsiproxy - ok
21:15:08.0101 0x1660  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:15:08.0123 0x1660  Ntfs - ok
21:15:08.0143 0x1660  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
21:15:08.0144 0x1660  Null - ok
21:15:08.0166 0x1660  [ 805F0C2B9C07E4C0F74D0EF70E9E827A, 32D3DA095788F7F7BA52AC56C8C0DD6D9D388ED3ECEAFEF23EDB8F5812FF953E ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
21:15:08.0169 0x1660  NVHDA - ok
21:15:08.0373 0x1660  [ EE6B7B6A54BCAFF516E30B1C15467495, 85D5E22593549C7980AA3523F0C9C4391E0D147B29F07500A8DA68F49D80A84F ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:15:08.0515 0x1660  nvlddmkm - ok
21:15:08.0547 0x1660  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:15:08.0549 0x1660  nvraid - ok
21:15:08.0556 0x1660  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:15:08.0558 0x1660  nvstor - ok
21:15:08.0588 0x1660  [ D833919630E744B0377B30CC87E50847, 13C0AD745BD5D978B5B6306F17D030A9DFB39CA359A89F3B2C68CFEC2DF07AA4 ] NvStUSB         C:\Windows\system32\drivers\nvstusb.sys
21:15:08.0594 0x1660  NvStUSB - ok
21:15:08.0621 0x1660  [ 25626309AD2F81D47C829CCB5E46E478, D23F9F72C064B5D2A7979674703585345A78F7BE88887794FC9CA2971818B3DC ] nvsvc           C:\Windows\system32\nvvsvc.exe
21:15:08.0632 0x1660  nvsvc - ok
21:15:08.0675 0x1660  [ A9AFE5B0648C8D7A411A72D8222F7F6E, A58AF8C615D97C769DA778D56F7E6999AAEB577C82C65455D3B2A8ED5B742777 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
21:15:08.0695 0x1660  nvUpdatusService - ok
21:15:08.0710 0x1660  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:15:08.0712 0x1660  nv_agp - ok
21:15:08.0728 0x1660  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:15:08.0729 0x1660  ohci1394 - ok
21:15:08.0747 0x1660  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:15:08.0751 0x1660  p2pimsvc - ok
21:15:08.0766 0x1660  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
21:15:08.0771 0x1660  p2psvc - ok
21:15:08.0790 0x1660  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
21:15:08.0792 0x1660  Parport - ok
21:15:08.0813 0x1660  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:15:08.0815 0x1660  partmgr - ok
21:15:08.0828 0x1660  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:15:08.0831 0x1660  PcaSvc - ok
21:15:08.0841 0x1660  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
21:15:08.0844 0x1660  pci - ok
21:15:08.0857 0x1660  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
21:15:08.0858 0x1660  pciide - ok
21:15:08.0879 0x1660  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
21:15:08.0882 0x1660  pcmcia - ok
21:15:08.0899 0x1660  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:15:08.0900 0x1660  pcw - ok
21:15:08.0918 0x1660  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:15:08.0925 0x1660  PEAUTH - ok
21:15:08.0964 0x1660  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
21:15:08.0983 0x1660  PeerDistSvc - ok
21:15:09.0002 0x1660  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:15:09.0003 0x1660  PerfHost - ok
21:15:09.0033 0x1660  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
21:15:09.0051 0x1660  pla - ok
21:15:09.0080 0x1660  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:15:09.0085 0x1660  PlugPlay - ok
21:15:09.0105 0x1660  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:15:09.0106 0x1660  PNRPAutoReg - ok
21:15:09.0122 0x1660  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:15:09.0126 0x1660  PNRPsvc - ok
21:15:09.0148 0x1660  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:15:09.0155 0x1660  PolicyAgent - ok
21:15:09.0177 0x1660  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
21:15:09.0180 0x1660  Power - ok
21:15:09.0186 0x1660  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:15:09.0188 0x1660  PptpMiniport - ok
21:15:09.0200 0x1660  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
21:15:09.0202 0x1660  Processor - ok
21:15:09.0221 0x1660  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:15:09.0224 0x1660  ProfSvc - ok
21:15:09.0231 0x1660  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:15:09.0232 0x1660  ProtectedStorage - ok
21:15:09.0241 0x1660  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:15:09.0243 0x1660  Psched - ok
21:15:09.0283 0x1660  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
21:15:09.0302 0x1660  ql2300 - ok
21:15:09.0310 0x1660  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
21:15:09.0312 0x1660  ql40xx - ok
21:15:09.0326 0x1660  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
21:15:09.0330 0x1660  QWAVE - ok
21:15:09.0343 0x1660  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:15:09.0344 0x1660  QWAVEdrv - ok
21:15:09.0362 0x1660  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:15:09.0363 0x1660  RasAcd - ok
21:15:09.0387 0x1660  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:15:09.0388 0x1660  RasAgileVpn - ok
21:15:09.0396 0x1660  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
21:15:09.0398 0x1660  RasAuto - ok
21:15:09.0410 0x1660  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:15:09.0412 0x1660  Rasl2tp - ok
21:15:09.0427 0x1660  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
21:15:09.0433 0x1660  RasMan - ok
21:15:09.0439 0x1660  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:15:09.0440 0x1660  RasPppoe - ok
21:15:09.0446 0x1660  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:15:09.0447 0x1660  RasSstp - ok
21:15:09.0456 0x1660  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:15:09.0460 0x1660  rdbss - ok
21:15:09.0478 0x1660  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
21:15:09.0479 0x1660  rdpbus - ok
21:15:09.0485 0x1660  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:15:09.0485 0x1660  RDPCDD - ok
21:15:09.0510 0x1660  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
21:15:09.0513 0x1660  RDPDR - ok
21:15:09.0524 0x1660  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:15:09.0525 0x1660  RDPENCDD - ok
21:15:09.0534 0x1660  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:15:09.0534 0x1660  RDPREFMP - ok
21:15:09.0564 0x1660  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:15:09.0565 0x1660  RdpVideoMiniport - ok
21:15:09.0589 0x1660  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:15:09.0593 0x1660  RDPWD - ok
21:15:09.0597 0x1660  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:15:09.0600 0x1660  rdyboost - ok
21:15:09.0643 0x1660  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:15:09.0645 0x1660  RemoteAccess - ok
21:15:09.0649 0x1660  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:15:09.0652 0x1660  RemoteRegistry - ok
21:15:09.0661 0x1660  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:15:09.0663 0x1660  RpcEptMapper - ok
21:15:09.0673 0x1660  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
21:15:09.0674 0x1660  RpcLocator - ok
21:15:09.0688 0x1660  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
21:15:09.0694 0x1660  RpcSs - ok
21:15:09.0702 0x1660  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:15:09.0704 0x1660  rspndr - ok
21:15:09.0732 0x1660  [ F15623B73768C35A666BB5CDCEEF497F, 80C3C5A98A740D537C8634741FEA3A128108CE82A9D5CDE80FB57D6800DC7C3C ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
21:15:09.0741 0x1660  RTL8167 - ok
21:15:09.0759 0x1660  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
21:15:09.0760 0x1660  s3cap - ok
21:15:09.0773 0x1660  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
21:15:09.0774 0x1660  SamSs - ok
21:15:09.0796 0x1660  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:15:09.0798 0x1660  sbp2port - ok
21:15:09.0812 0x1660  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:15:09.0816 0x1660  SCardSvr - ok
21:15:09.0826 0x1660  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:15:09.0828 0x1660  scfilter - ok
21:15:09.0856 0x1660  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
21:15:09.0868 0x1660  Schedule - ok
21:15:09.0887 0x1660  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:15:09.0888 0x1660  SCPolicySvc - ok
21:15:09.0907 0x1660  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:15:09.0910 0x1660  SDRSVC - ok
21:15:09.0921 0x1660  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:15:09.0922 0x1660  secdrv - ok
21:15:09.0924 0x1660  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
21:15:09.0925 0x1660  seclogon - ok
21:15:09.0929 0x1660  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
21:15:09.0930 0x1660  SENS - ok
21:15:09.0932 0x1660  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:15:09.0934 0x1660  SensrSvc - ok
21:15:09.0951 0x1660  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
21:15:09.0952 0x1660  Serenum - ok
21:15:09.0958 0x1660  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
21:15:09.0959 0x1660  Serial - ok
21:15:09.0978 0x1660  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
21:15:09.0978 0x1660  sermouse - ok
21:15:09.0984 0x1660  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
21:15:09.0986 0x1660  SessionEnv - ok
21:15:09.0988 0x1660  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:15:09.0989 0x1660  sffdisk - ok
21:15:09.0994 0x1660  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:15:09.0995 0x1660  sffp_mmc - ok
21:15:10.0005 0x1660  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:15:10.0006 0x1660  sffp_sd - ok
21:15:10.0012 0x1660  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
21:15:10.0012 0x1660  sfloppy - ok
21:15:10.0048 0x1660  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:15:10.0054 0x1660  SharedAccess - ok
21:15:10.0083 0x1660  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:15:10.0088 0x1660  ShellHWDetection - ok
21:15:10.0101 0x1660  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
21:15:10.0102 0x1660  SiSRaid2 - ok
21:15:10.0110 0x1660  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
21:15:10.0112 0x1660  SiSRaid4 - ok
21:15:10.0130 0x1660  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:15:10.0132 0x1660  Smb - ok
21:15:10.0149 0x1660  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:15:10.0150 0x1660  SNMPTRAP - ok
21:15:10.0159 0x1660  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:15:10.0160 0x1660  spldr - ok
21:15:10.0183 0x1660  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
21:15:10.0191 0x1660  Spooler - ok
21:15:10.0250 0x1660  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
21:15:10.0297 0x1660  sppsvc - ok
21:15:10.0304 0x1660  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:15:10.0305 0x1660  sppuinotify - ok
21:15:10.0327 0x1660  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:15:10.0332 0x1660  srv - ok
21:15:10.0344 0x1660  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:15:10.0349 0x1660  srv2 - ok
21:15:10.0360 0x1660  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:15:10.0362 0x1660  srvnet - ok
21:15:10.0372 0x1660  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:15:10.0375 0x1660  SSDPSRV - ok
21:15:10.0381 0x1660  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:15:10.0383 0x1660  SstpSvc - ok
21:15:10.0411 0x1660  [ 2222073BE0232E70A397B8302293AA9D, C4C5D7D11F88CBB674667371F4A2AF17C530E2E2C855BC5C417EF623C1CF8F65 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:15:10.0415 0x1660  Stereo Service - ok
21:15:10.0428 0x1660  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
21:15:10.0429 0x1660  stexstor - ok
21:15:10.0445 0x1660  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
21:15:10.0453 0x1660  stisvc - ok
21:15:10.0473 0x1660  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
21:15:10.0474 0x1660  storflt - ok
21:15:10.0485 0x1660  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
21:15:10.0486 0x1660  StorSvc - ok
21:15:10.0495 0x1660  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
21:15:10.0496 0x1660  storvsc - ok
21:15:10.0509 0x1660  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
21:15:10.0510 0x1660  swenum - ok
21:15:10.0529 0x1660  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
21:15:10.0537 0x1660  swprv - ok
21:15:10.0569 0x1660  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
21:15:10.0589 0x1660  SysMain - ok
21:15:10.0597 0x1660  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:15:10.0599 0x1660  TabletInputService - ok
21:15:10.0608 0x1660  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:15:10.0613 0x1660  TapiSrv - ok
21:15:10.0619 0x1660  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
21:15:10.0621 0x1660  TBS - ok
21:15:10.0661 0x1660  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:15:10.0686 0x1660  Tcpip - ok
21:15:10.0714 0x1660  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:15:10.0734 0x1660  TCPIP6 - ok
21:15:10.0745 0x1660  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:15:10.0746 0x1660  tcpipreg - ok
21:15:10.0769 0x1660  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:15:10.0769 0x1660  TDPIPE - ok
21:15:10.0789 0x1660  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:15:10.0790 0x1660  TDTCP - ok
21:15:10.0801 0x1660  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:15:10.0802 0x1660  tdx - ok
21:15:10.0809 0x1660  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
21:15:10.0810 0x1660  TermDD - ok
21:15:10.0832 0x1660  [ EF4469AB69EB15E5D3754E6AEAFBCD3D, 3609214C3D5181364B544EBF17E9A109952BE1C4C35BE0A8727BFA8F49ECB130 ] terminpt        C:\Windows\system32\drivers\terminpt.sys
21:15:10.0833 0x1660  terminpt - ok
21:15:10.0858 0x1660  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
21:15:10.0868 0x1660  TermService - ok
21:15:10.0880 0x1660  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
21:15:10.0881 0x1660  Themes - ok
21:15:10.0885 0x1660  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
21:15:10.0887 0x1660  THREADORDER - ok
21:15:10.0897 0x1660  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
21:15:10.0899 0x1660  TrkWks - ok
21:15:10.0934 0x1660  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:15:10.0937 0x1660  TrustedInstaller - ok
21:15:10.0950 0x1660  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:15:10.0952 0x1660  tssecsrv - ok
21:15:10.0961 0x1660  [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:15:10.0962 0x1660  TsUsbFlt - ok
21:15:10.0986 0x1660  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
21:15:10.0997 0x1660  TsUsbGD - ok
21:15:11.0001 0x1660  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:15:11.0002 0x1660  tunnel - ok
21:15:11.0015 0x1660  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
21:15:11.0016 0x1660  uagp35 - ok
21:15:11.0037 0x1660  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:15:11.0042 0x1660  udfs - ok
21:15:11.0056 0x1660  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:15:11.0057 0x1660  UI0Detect - ok
21:15:11.0069 0x1660  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:15:11.0071 0x1660  uliagpkx - ok
21:15:11.0077 0x1660  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
21:15:11.0078 0x1660  umbus - ok
21:15:11.0086 0x1660  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
21:15:11.0087 0x1660  UmPass - ok
21:15:11.0111 0x1660  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
21:15:11.0114 0x1660  UmRdpService - ok
21:15:11.0129 0x1660  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
21:15:11.0134 0x1660  upnphost - ok
21:15:11.0146 0x1660  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:15:11.0148 0x1660  usbccgp - ok
21:15:11.0171 0x1660  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:15:11.0172 0x1660  usbcir - ok
21:15:11.0201 0x1660  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
21:15:11.0202 0x1660  usbehci - ok
21:15:11.0212 0x1660  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:15:11.0216 0x1660  usbhub - ok
21:15:11.0223 0x1660  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:15:11.0224 0x1660  usbohci - ok
21:15:11.0245 0x1660  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
21:15:11.0246 0x1660  usbprint - ok
21:15:11.0273 0x1660  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
21:15:11.0274 0x1660  usbscan - ok
21:15:11.0289 0x1660  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:15:11.0290 0x1660  USBSTOR - ok
21:15:11.0301 0x1660  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
21:15:11.0302 0x1660  usbuhci - ok
21:15:11.0311 0x1660  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
21:15:11.0313 0x1660  UxSms - ok
21:15:11.0323 0x1660  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
21:15:11.0323 0x1660  VaultSvc - ok
21:15:11.0333 0x1660  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:15:11.0334 0x1660  vdrvroot - ok
21:15:11.0354 0x1660  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
21:15:11.0362 0x1660  vds - ok
21:15:11.0386 0x1660  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:15:11.0387 0x1660  vga - ok
21:15:11.0401 0x1660  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:15:11.0402 0x1660  VgaSave - ok
21:15:11.0441 0x1660  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:15:11.0444 0x1660  vhdmp - ok
21:15:11.0452 0x1660  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:15:11.0453 0x1660  viaide - ok
21:15:11.0463 0x1660  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
21:15:11.0466 0x1660  vmbus - ok
21:15:11.0477 0x1660  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
21:15:11.0477 0x1660  VMBusHID - ok
21:15:11.0487 0x1660  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:15:11.0488 0x1660  volmgr - ok
21:15:11.0506 0x1660  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:15:11.0511 0x1660  volmgrx - ok
21:15:11.0520 0x1660  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:15:11.0525 0x1660  volsnap - ok
21:15:11.0543 0x1660  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
21:15:11.0546 0x1660  vsmraid - ok
21:15:11.0577 0x1660  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
21:15:11.0598 0x1660  VSS - ok
21:15:11.0611 0x1660  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
21:15:11.0612 0x1660  vwifibus - ok
21:15:11.0617 0x1660  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
21:15:11.0618 0x1660  vwififlt - ok
21:15:11.0652 0x1660  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
21:15:11.0657 0x1660  W32Time - ok
21:15:11.0675 0x1660  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
21:15:11.0676 0x1660  WacomPen - ok
21:15:11.0690 0x1660  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:15:11.0691 0x1660  WANARP - ok
21:15:11.0694 0x1660  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:15:11.0695 0x1660  Wanarpv6 - ok
21:15:11.0737 0x1660  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
21:15:11.0754 0x1660  WatAdminSvc - ok
21:15:11.0797 0x1660  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
21:15:11.0818 0x1660  wbengine - ok
21:15:11.0829 0x1660  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:15:11.0833 0x1660  WbioSrvc - ok
21:15:11.0848 0x1660  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:15:11.0854 0x1660  wcncsvc - ok
21:15:11.0863 0x1660  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:15:11.0865 0x1660  WcsPlugInService - ok
21:15:11.0888 0x1660  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
21:15:11.0889 0x1660  Wd - ok
21:15:11.0917 0x1660  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:15:11.0927 0x1660  Wdf01000 - ok
21:15:11.0935 0x1660  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:15:11.0937 0x1660  WdiServiceHost - ok
21:15:11.0939 0x1660  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:15:11.0941 0x1660  WdiSystemHost - ok
21:15:11.0952 0x1660  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
21:15:11.0957 0x1660  WebClient - ok
21:15:11.0977 0x1660  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:15:11.0981 0x1660  Wecsvc - ok
21:15:11.0987 0x1660  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:15:11.0990 0x1660  wercplsupport - ok
21:15:11.0995 0x1660  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:15:11.0997 0x1660  WerSvc - ok
21:15:12.0007 0x1660  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:15:12.0008 0x1660  WfpLwf - ok
21:15:12.0018 0x1660  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:15:12.0019 0x1660  WIMMount - ok
21:15:12.0042 0x1660  WinDefend - ok
21:15:12.0045 0x1660  WinHttpAutoProxySvc - ok
21:15:12.0093 0x1660  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:15:12.0097 0x1660  Winmgmt - ok
21:15:12.0147 0x1660  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
21:15:12.0174 0x1660  WinRM - ok
21:15:12.0201 0x1660  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:15:12.0212 0x1660  Wlansvc - ok
21:15:12.0215 0x1660  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
21:15:12.0215 0x1660  WmiAcpi - ok
21:15:12.0223 0x1660  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:15:12.0226 0x1660  wmiApSrv - ok
21:15:12.0230 0x1660  WMPNetworkSvc - ok
21:15:12.0233 0x1660  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:15:12.0235 0x1660  WPCSvc - ok
21:15:12.0241 0x1660  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:15:12.0243 0x1660  WPDBusEnum - ok
21:15:12.0255 0x1660  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:15:12.0256 0x1660  ws2ifsl - ok
21:15:12.0265 0x1660  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
21:15:12.0268 0x1660  wscsvc - ok
21:15:12.0270 0x1660  WSearch - ok
21:15:12.0331 0x1660  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:15:12.0358 0x1660  wuauserv - ok
21:15:12.0374 0x1660  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:15:12.0376 0x1660  WudfPf - ok
21:15:12.0394 0x1660  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:15:12.0396 0x1660  WUDFRd - ok
21:15:12.0405 0x1660  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:15:12.0407 0x1660  wudfsvc - ok
21:15:12.0426 0x1660  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:15:12.0430 0x1660  WwanSvc - ok
21:15:12.0441 0x1660  ================ Scan global ===============================
21:15:12.0473 0x1660  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
21:15:12.0486 0x1660  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
21:15:12.0493 0x1660  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
21:15:12.0512 0x1660  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
21:15:12.0534 0x1660  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
21:15:12.0538 0x1660  [ Global ] - ok
21:15:12.0539 0x1660  ================ Scan MBR ==================================
21:15:12.0546 0x1660  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:15:12.0664 0x1660  \Device\Harddisk0\DR0 - ok
21:15:12.0664 0x1660  ================ Scan VBR ==================================
21:15:12.0665 0x1660  [ 87161466EE6765AC832C5F8A0597012F ] \Device\Harddisk0\DR0\Partition1
21:15:12.0724 0x1660  \Device\Harddisk0\DR0\Partition1 - ok
21:15:12.0725 0x1660  [ 03B40A748021EB05095025064FEB41C9 ] \Device\Harddisk0\DR0\Partition2
21:15:12.0764 0x1660  \Device\Harddisk0\DR0\Partition2 - ok
21:15:12.0764 0x1660  ================ Scan active images ========================
21:15:12.0765 0x1660  [ 3E588B60EC061686BA05D33574A344C6, 19D2D863F95CCC4493A2328B6BEB04248B6A80F957532E58C1D1D868C19FDCCB ] C:\Windows\System32\drivers\crashdmp.sys
21:15:12.0765 0x1660  C:\Windows\System32\drivers\crashdmp.sys - ok
21:15:12.0766 0x1660  [ 814DB88F2641691575A455CF25354098, 79C50F0CD72612733217A0316BEFEA0B6D819C3159D9452EAB89AC26A18A0F89 ] C:\Windows\System32\drivers\dumpfve.sys
21:15:12.0766 0x1660  C:\Windows\System32\drivers\dumpfve.sys - ok
21:15:12.0768 0x1660  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] C:\Windows\System32\drivers\iaStorV.sys
21:15:12.0768 0x1660  C:\Windows\System32\drivers\iaStorV.sys - ok
21:15:12.0769 0x1660  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] C:\Windows\System32\drivers\cdrom.sys
21:15:12.0769 0x1660  C:\Windows\System32\drivers\cdrom.sys - ok
21:15:12.0771 0x1660  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] C:\Windows\System32\drivers\beep.sys
21:15:12.0771 0x1660  C:\Windows\System32\drivers\beep.sys - ok
21:15:12.0772 0x1660  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] C:\Windows\System32\drivers\msfs.sys
21:15:12.0772 0x1660  C:\Windows\System32\drivers\msfs.sys - ok
21:15:12.0774 0x1660  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] C:\Windows\System32\drivers\npfs.sys
21:15:12.0774 0x1660  C:\Windows\System32\drivers\npfs.sys - ok
21:15:12.0775 0x1660  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] C:\Windows\System32\drivers\null.sys
21:15:12.0775 0x1660  C:\Windows\System32\drivers\null.sys - ok
21:15:12.0777 0x1660  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] C:\Windows\System32\drivers\RDPCDD.sys
21:15:12.0777 0x1660  C:\Windows\System32\drivers\RDPCDD.sys - ok
21:15:12.0778 0x1660  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] C:\Windows\System32\drivers\RDPENCDD.sys
21:15:12.0778 0x1660  C:\Windows\System32\drivers\RDPENCDD.sys - ok
21:15:12.0780 0x1660  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] C:\Windows\System32\drivers\RDPREFMP.sys
21:15:12.0780 0x1660  C:\Windows\System32\drivers\RDPREFMP.sys - ok
21:15:12.0781 0x1660  [ 6F020A220388ECA0AB6062DC27BD16B6, 48655230E482DEB7B4B50EF05818EBB29CA61E780AEFCD9D31B02DE4DF9D9540 ] C:\Windows\System32\drivers\tdi.sys
21:15:12.0782 0x1660  C:\Windows\System32\drivers\tdi.sys - ok
21:15:12.0783 0x1660  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] C:\Windows\System32\drivers\tdx.sys
21:15:12.0783 0x1660  C:\Windows\System32\drivers\tdx.sys - ok
21:15:12.0784 0x1660  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] C:\Windows\System32\drivers\vga.sys
21:15:12.0784 0x1660  C:\Windows\System32\drivers\vga.sys - ok
21:15:12.0786 0x1660  [ E7353D59C9842BC7299FAEB7E7E09340, C37ED1025E07BAC2F535DCFED6C6C509515D95722EADE5AF94F1FC5D8B1DC783 ] C:\Windows\System32\drivers\videoprt.sys
21:15:12.0786 0x1660  C:\Windows\System32\drivers\videoprt.sys - ok
21:15:12.0787 0x1660  [ FC438D1430B28618E2D0C7C332A710AD, 873957B202E454E2C8F625E5799F278CAC16EC5EEAEE2C33E2FE5D1FF0408CB2 ] C:\Windows\System32\drivers\watchdog.sys
21:15:12.0787 0x1660  C:\Windows\System32\drivers\watchdog.sys - ok
21:15:12.0789 0x1660  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] C:\Windows\System32\drivers\afd.sys
21:15:12.0789 0x1660  C:\Windows\System32\drivers\afd.sys - ok
21:15:12.0790 0x1660  [ 0971913995F5FAFD711B0B2426A175E9, 1009E628997B56697BA976E376A9E9D39082E7057D6EFF37D57FDCA2057B9498 ] C:\Windows\System32\drivers\avgtdia.sys
21:15:12.0790 0x1660  C:\Windows\System32\drivers\avgtdia.sys - ok
21:15:12.0792 0x1660  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] C:\Windows\System32\drivers\netbt.sys
21:15:12.0792 0x1660  C:\Windows\System32\drivers\netbt.sys - ok
21:15:12.0793 0x1660  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] C:\Windows\System32\drivers\netbios.sys
21:15:12.0793 0x1660  C:\Windows\System32\drivers\netbios.sys - ok
21:15:12.0795 0x1660  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] C:\Windows\System32\drivers\pacer.sys
21:15:12.0795 0x1660  C:\Windows\System32\drivers\pacer.sys - ok
21:15:12.0796 0x1660  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] C:\Windows\System32\drivers\termdd.sys
21:15:12.0796 0x1660  C:\Windows\System32\drivers\termdd.sys - ok
21:15:12.0798 0x1660  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] C:\Windows\System32\drivers\vwififlt.sys
21:15:12.0798 0x1660  C:\Windows\System32\drivers\vwififlt.sys - ok
21:15:12.0800 0x1660  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] C:\Windows\System32\drivers\wanarp.sys
21:15:12.0800 0x1660  C:\Windows\System32\drivers\wanarp.sys - ok
21:15:12.0801 0x1660  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] C:\Windows\System32\drivers\wfplwf.sys
21:15:12.0801 0x1660  C:\Windows\System32\drivers\wfplwf.sys - ok
21:15:12.0802 0x1660  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] C:\Windows\System32\drivers\csc.sys
21:15:12.0802 0x1660  C:\Windows\System32\drivers\csc.sys - ok
21:15:12.0804 0x1660  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] C:\Windows\System32\drivers\discache.sys
21:15:12.0804 0x1660  C:\Windows\System32\drivers\discache.sys - ok
21:15:12.0805 0x1660  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] C:\Windows\System32\drivers\mssmbios.sys
21:15:12.0805 0x1660  C:\Windows\System32\drivers\mssmbios.sys - ok
21:15:12.0807 0x1660  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] C:\Windows\System32\drivers\nsiproxy.sys
21:15:12.0807 0x1660  C:\Windows\System32\drivers\nsiproxy.sys - ok
21:15:12.0808 0x1660  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] C:\Windows\System32\drivers\rdbss.sys
21:15:12.0808 0x1660  C:\Windows\System32\drivers\rdbss.sys - ok
21:15:12.0810 0x1660  [ 5D115BF49AE159D4D7D1EBC640CB138F, F529FB749AB8098B657DEB4637B9B87FA2DE4806F37AC9257542B7E522BA487E ] C:\Windows\System32\drivers\avgldx64.sys
21:15:12.0810 0x1660  C:\Windows\System32\drivers\avgldx64.sys - ok
21:15:12.0811 0x1660  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] C:\Windows\System32\drivers\blbdrive.sys
21:15:12.0811 0x1660  C:\Windows\System32\drivers\blbdrive.sys - ok
21:15:12.0813 0x1660  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] C:\Windows\System32\drivers\dfsc.sys
21:15:12.0813 0x1660  C:\Windows\System32\drivers\dfsc.sys - ok
21:15:12.0815 0x1660  [ CDE60914D4ED81291F0CCFDB2CA311B9, 414D9BFF4E7DA17194695CB99B9E7F82C1616F4C228E6E9087208D290B9ED64D ] C:\Windows\System32\drivers\avgdiska.sys
21:15:12.0815 0x1660  C:\Windows\System32\drivers\avgdiska.sys - ok
21:15:12.0816 0x1660  [ E7E1A0AB30587BF3734A2EC66BBCE743, F2D662A2CC29B9B8C1D7AA3424CAAB18A78C60E9557D992EF14BC15DB1438B54 ] C:\Windows\System32\drivers\avgidsdrivera.sys
21:15:12.0816 0x1660  C:\Windows\System32\drivers\avgidsdrivera.sys - ok
21:15:12.0818 0x1660  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] C:\Windows\System32\drivers\tunnel.sys
21:15:12.0818 0x1660  C:\Windows\System32\drivers\tunnel.sys - ok
21:15:12.0819 0x1660  [ 13AD8E01E974926E09D053DB370F2E41, 2D2EC184D02742001B65B92B2A4E044AAAC64794D5C230257FD3C2BAD3AD4E87 ] C:\Windows\System32\drivers\igdkmd64.sys
21:15:12.0819 0x1660  C:\Windows\System32\drivers\igdkmd64.sys - ok
21:15:12.0821 0x1660  [ CAAAC014C5C56A69F710B5F1B836DE22, DA98EF2EBF9A7F180344A88CC2C74F69101E17BBAB58B1C46176FD6EE7AA2E6A ] C:\Windows\System32\ntdll.dll
21:15:12.0821 0x1660  C:\Windows\System32\ntdll.dll - ok
21:15:12.0822 0x1660  [ F0970A4BC8395659C22BF53D0FADF16F, 23BE3066D89A5ACBF8130899640D377476E78B6C3D19E2D13C32238464A83E21 ] C:\Windows\System32\smss.exe
21:15:12.0822 0x1660  C:\Windows\System32\smss.exe - ok
21:15:12.0823 0x1660  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] C:\Windows\System32\drivers\dxgkrnl.sys
21:15:12.0823 0x1660  C:\Windows\System32\drivers\dxgkrnl.sys - ok
21:15:12.0825 0x1660  [ 1F04CFB79DD5FB7694468CE3FB3DCC31, A40C0BF6D1EC6C4281611A830EA7B22FEF523A3E197E5A8F59332D64E90376B6 ] C:\Windows\System32\drivers\dxgmms1.sys
21:15:12.0825 0x1660  C:\Windows\System32\drivers\dxgmms1.sys - ok
21:15:12.0826 0x1660  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] C:\Windows\System32\drivers\hdaudbus.sys
21:15:12.0826 0x1660  C:\Windows\System32\drivers\hdaudbus.sys - ok
21:15:12.0828 0x1660  [ FBD43626F80EE4ACA8A6662EA318AFEF, 182DCFDE330399249F038D440FD73806009C809D2B61CE610194AA2131C02733 ] C:\Windows\System32\drivers\iusb3xhc.sys
21:15:12.0828 0x1660  C:\Windows\System32\drivers\iusb3xhc.sys - ok
21:15:12.0829 0x1660  [ FFA06EF43987ED0DD42AD59B260C0C78, 260518D5E077E55E0F2099037DBEFA93016FD4D4655456DDB3147AF9CBE7BF6B ] C:\Windows\System32\drivers\usbd.sys
21:15:12.0829 0x1660  C:\Windows\System32\drivers\usbd.sys - ok
21:15:12.0831 0x1660  [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] C:\Windows\System32\drivers\HECIx64.sys
21:15:12.0831 0x1660  C:\Windows\System32\drivers\HECIx64.sys - ok
21:15:12.0833 0x1660  [ 12FEB33791920678F8433701C822BCFD, 7D1AD944CF0532D5AF951ACCE064EA9288F068964603674854CD7658D2B96039 ] C:\Windows\System32\drivers\usbport.sys
21:15:12.0833 0x1660  C:\Windows\System32\drivers\usbport.sys - ok
21:15:12.0834 0x1660  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] C:\Windows\System32\drivers\usbehci.sys
21:15:12.0834 0x1660  C:\Windows\System32\drivers\usbehci.sys - ok
21:15:12.0835 0x1660  [ 193C58F081747EA752DA6EFF64719BB4, D5A81BCC4A96493C7EA7B586EFD9FE237FCD7FCFAC3318E552B188B61D5BEE2A ] C:\Windows\System32\drivers\netr28x.sys
21:15:12.0835 0x1660  C:\Windows\System32\drivers\netr28x.sys - ok
21:15:12.0837 0x1660  [ F15623B73768C35A666BB5CDCEEF497F, 80C3C5A98A740D537C8634741FEA3A128108CE82A9D5CDE80FB57D6800DC7C3C ] C:\Windows\System32\drivers\Rt64win7.sys
21:15:12.0837 0x1660  C:\Windows\System32\drivers\Rt64win7.sys - ok
21:15:12.0838 0x1660  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] C:\Windows\System32\drivers\vwifibus.sys
21:15:12.0838 0x1660  C:\Windows\System32\drivers\vwifibus.sys - ok
21:15:12.0840 0x1660  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] C:\Windows\System32\drivers\agilevpn.sys
21:15:12.0840 0x1660  C:\Windows\System32\drivers\agilevpn.sys - ok
21:15:12.0841 0x1660  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] C:\Windows\System32\drivers\CompositeBus.sys
21:15:12.0841 0x1660  C:\Windows\System32\drivers\CompositeBus.sys - ok
21:15:12.0843 0x1660  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] C:\Windows\System32\drivers\intelppm.sys
21:15:12.0843 0x1660  C:\Windows\System32\drivers\intelppm.sys - ok
21:15:12.0844 0x1660  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] C:\Windows\System32\drivers\ndistapi.sys
21:15:12.0844 0x1660  C:\Windows\System32\drivers\ndistapi.sys - ok
21:15:12.0846 0x1660  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] C:\Windows\System32\drivers\ndiswan.sys
21:15:12.0846 0x1660  C:\Windows\System32\drivers\ndiswan.sys - ok
21:15:12.0847 0x1660  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] C:\Windows\System32\drivers\rasl2tp.sys
21:15:12.0847 0x1660  C:\Windows\System32\drivers\rasl2tp.sys - ok
21:15:12.0849 0x1660  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] C:\Windows\System32\drivers\raspppoe.sys
21:15:12.0849 0x1660  C:\Windows\System32\drivers\raspppoe.sys - ok
21:15:12.0850 0x1660  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] C:\Windows\System32\drivers\kbdclass.sys
21:15:12.0850 0x1660  C:\Windows\System32\drivers\kbdclass.sys - ok
21:15:12.0852 0x1660  [ 24FBF5CC5C04150073C315A7C83521EE, 581BD5F15B5E57B3BAA762E421FFD859FDA46DDB8515C2A7AAFF208D784E906C ] C:\Windows\System32\drivers\ks.sys
21:15:12.0852 0x1660  C:\Windows\System32\drivers\ks.sys - ok
21:15:12.0853 0x1660  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] C:\Windows\System32\drivers\mouclass.sys
21:15:12.0853 0x1660  C:\Windows\System32\drivers\mouclass.sys - ok
21:15:12.0855 0x1660  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] C:\Windows\System32\drivers\raspptp.sys
21:15:12.0855 0x1660  C:\Windows\System32\drivers\raspptp.sys - ok
21:15:12.0856 0x1660  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] C:\Windows\System32\drivers\rassstp.sys
21:15:12.0856 0x1660  C:\Windows\System32\drivers\rassstp.sys - ok
21:15:12.0858 0x1660  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] C:\Windows\System32\drivers\rdpbus.sys
21:15:12.0858 0x1660  C:\Windows\System32\drivers\rdpbus.sys - ok
21:15:12.0859 0x1660  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] C:\Windows\System32\drivers\swenum.sys
21:15:12.0859 0x1660  C:\Windows\System32\drivers\swenum.sys - ok
21:15:12.0861 0x1660  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] C:\Windows\System32\drivers\umbus.sys
21:15:12.0861 0x1660  C:\Windows\System32\drivers\umbus.sys - ok
21:15:12.0862 0x1660  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] C:\Windows\System32\drivers\usbhub.sys
21:15:12.0862 0x1660  C:\Windows\System32\drivers\usbhub.sys - ok
21:15:12.0864 0x1660  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] C:\Windows\System32\drivers\ndproxy.sys
21:15:12.0864 0x1660  C:\Windows\System32\drivers\ndproxy.sys - ok
21:15:12.0866 0x1660  [ E0D3CD5841E5C7BE7B94BA946AF1E498, 4EAE1B226255623DA41A047633994D6902F6D4CA5757BF5D85E227378336227F ] C:\Windows\System32\drivers\drmk.sys
21:15:12.0866 0x1660  C:\Windows\System32\drivers\drmk.sys - ok
21:15:12.0867 0x1660  [ 1E0B4CBBA91C6B041A14ECC2186F7E24, 63039A317F906454A0652704DA2D646658A148B9B55BFB5D2F4B27997F357DF9 ] C:\Windows\System32\drivers\portcls.sys
21:15:12.0867 0x1660  C:\Windows\System32\drivers\portcls.sys - ok
21:15:12.0869 0x1660  [ EEE7376243CD8A4B49B885EF122D25E5, A3B89E7B513C95558C4DA41D3C136D464381263BA43E00EC136FC776DAA0BA94 ] C:\Windows\System32\drivers\IntcDAud.sys
21:15:12.0869 0x1660  C:\Windows\System32\drivers\IntcDAud.sys - ok
21:15:12.0870 0x1660  [ 21A002692B2A07D225E26F70E78D0BFC, 4809D0DD5CA1E0A9C7A0D2BD2E1C7775077CB99F62ED47844EBF3C0B1E91ED45 ] C:\Windows\System32\drivers\iusb3hub.sys
21:15:12.0870 0x1660  C:\Windows\System32\drivers\iusb3hub.sys - ok
21:15:12.0872 0x1660  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] C:\Windows\System32\drivers\ksthunk.sys
21:15:12.0872 0x1660  C:\Windows\System32\drivers\ksthunk.sys - ok
21:15:12.0873 0x1660  [ CCEDD47ABD068C58C8513DEB785093BB, 2B5571688655265037ACB44D2F2E0CD646EC0567D823C32CA09F13A1814C241B ] C:\Windows\System32\drivers\RTKVHD64.sys
21:15:12.0873 0x1660  C:\Windows\System32\drivers\RTKVHD64.sys - ok
21:15:12.0875 0x1660  [ 3B536A8BEC3B4F23FFDFD78B11A2AB93, 7BC847CE6C2D29C334F0D1600BBBDE3933FF45F6BEE5186F442E6270A3F9EC4E ] C:\Windows\System32\autochk.exe
21:15:12.0875 0x1660  C:\Windows\System32\autochk.exe - ok
21:15:12.0876 0x1660  [ EAF32CB8C1F810E4715B4DFBE785C7FF, DB6AD07FDED42433E669508AB73FAFF6DAFF04575D6F1D016FE3EB6ECEC4DD5D ] C:\Windows\System32\shlwapi.dll
21:15:12.0876 0x1660  C:\Windows\System32\shlwapi.dll - ok
21:15:12.0878 0x1660  [ 4BBFA57F594F7E8A8EDC8F377184C3F0, 9F3AC5DEA5A6250C3DBB97AF79C81C0A48429486521F807355A1D7D3D861B75F ] C:\Windows\System32\ws2_32.dll
21:15:12.0878 0x1660  C:\Windows\System32\ws2_32.dll - ok
21:15:12.0879 0x1660  [ AE57F6C7AB3ED244B5F14151C4EA0057, 60BAF0909C60B2387E2972EBBC77140E9E982549F0746EE26AF4EFB4E9FD77A4 ] C:\Windows\System32\shell32.dll
21:15:12.0879 0x1660  C:\Windows\System32\shell32.dll - ok
21:15:12.0881 0x1660  [ F7CE0C81C545364020ED8203CF0A633E, 24B47A7492B7048096AF87E26786E8108455ADBD1A374B6A0466DE008505B8A9 ] C:\Windows\System32\difxapi.dll
21:15:12.0881 0x1660  C:\Windows\System32\difxapi.dll - ok
21:15:12.0882 0x1660  [ D2A513EE880D71BDE7F0257F38B9D019, 7BDBFEA312061C0498E4C09EF5E4B3AAA23309E7448028F67EAA6F8F7188E871 ] C:\Windows\System32\kernel32.dll
21:15:12.0882 0x1660  C:\Windows\System32\kernel32.dll - ok
21:15:12.0884 0x1660  [ AA2C08CE85653B1A0D2E4AB407FA176C, 83DFD0C119B20AEDB07114C9D1CF9CE2DFA938D0F1070256B0591A9E2C3997FA ] C:\Windows\System32\imm32.dll
21:15:12.0884 0x1660  C:\Windows\System32\imm32.dll - ok
21:15:12.0885 0x1660  [ 860528C9E50AB84935843B23A80E665E, 1BBC4FC384A2C9B2E30DC8D84C435A6A8E1993F074CDBF0A6A3AC774A3E62AD4 ] C:\Windows\System32\gdi32.dll
21:15:12.0885 0x1660  C:\Windows\System32\gdi32.dll - ok
21:15:12.0887 0x1660  [ F947D57534E01E3CA597BCF2AD8AE65B, 498A87443CE3344F82B19D4903F128337B5B3DA49D3C208F796394DA6B3A8946 ] C:\Windows\System32\rpcrt4.dll
21:15:12.0887 0x1660  C:\Windows\System32\rpcrt4.dll - ok
21:15:12.0888 0x1660  [ C391FC68282A000CDF953F8B6B55D2EF, 1CB0DAB84545D9FDEA5A7865A1E7132CEAC91DECF8B100285B63098D7B09E584 ] C:\Windows\System32\msvcrt.dll
21:15:12.0888 0x1660  C:\Windows\System32\msvcrt.dll - ok
21:15:12.0889 0x1660  [ 044FE45FFD6AD40E3BBBE60B7F41BABE, A1688A5E6E0F7037C850699462C2655006A7D873C97F9AB406C59D81749B6F09 ] C:\Windows\System32\nsi.dll
21:15:12.0889 0x1660  C:\Windows\System32\nsi.dll - ok
21:15:12.0891 0x1660  [ 6C60B5ACA7442EFB794082CDACFC001C, FC1D9124856A70FF232EF3057D66BEE803295847624CE23B4D0217F23AF52C75 ] C:\Windows\System32\ole32.dll
21:15:12.0891 0x1660  C:\Windows\System32\ole32.dll - ok
21:15:12.0892 0x1660  [ 39EBB9708453036A74C30C9A294023FF, 2158C48C046F2FBDFEC2F449F8EBA376ED9086E427A4BEDE8033A29F7415753E ] C:\Windows\System32\wininet.dll
21:15:12.0892 0x1660  C:\Windows\System32\wininet.dll - ok
21:15:12.0894 0x1660  [ 83404DCBCE4925B6A5A77C5170F46D86, D669614D0B4461DB244AD99FBE1BA92CEB9B4ED5EC8E987E23764E77D9AC7074 ] C:\Windows\System32\sechost.dll
21:15:12.0894 0x1660  C:\Windows\System32\sechost.dll - ok
21:15:12.0895 0x1660  [ 088CF6AFCD5CDD44E40C0ACDE3C1A5E0, AC6AFCAE3A58AAABC972B3D6A1ED383A59910C689F38D9D4A059A0A535BA1039 ] C:\Windows\System32\usp10.dll
21:15:12.0895 0x1660  C:\Windows\System32\usp10.dll - ok
21:15:12.0896 0x1660  [ 25983DE69B57142039AC8D95E71CD9C9, A677DA7EBCBCB6073D27E8A38809F51E971E83ED379BC599AAAD6EF4216348DA ] C:\Windows\System32\clbcatq.dll
21:15:12.0896 0x1660  C:\Windows\System32\clbcatq.dll - ok
21:15:12.0898 0x1660  [ D87E1E59C73C1F98D5DED5B3850C40F5, 536419BFF9F877D4314B5D0C045D9A6E729489C389863FADF07E382050BC84FD ] C:\Windows\System32\psapi.dll
21:15:12.0898 0x1660  C:\Windows\System32\psapi.dll - ok
21:15:12.0900 0x1660  [ 9835E63E09F824D22B689D2BB789BAB9, 5BCFFAFB894D69FBCDDB91E64D30A356F4BD57098E8B4C51B98AFAF6581BDB63 ] C:\Windows\System32\comdlg32.dll
21:15:12.0900 0x1660  C:\Windows\System32\comdlg32.dll - ok
21:15:12.0901 0x1660  [ 28C0B5024F5C5A438E78B188CFC81B7F, AB81FB63F2908CE316B45609077ACBD85F4B2AAD1606B1E9030F06DB82EDDFAD ] C:\Windows\System32\normaliz.dll
21:15:12.0901 0x1660  C:\Windows\System32\normaliz.dll - ok
21:15:12.0902 0x1660  [ 5D8E6C95156ED1F79A63D1EADE6F9ED5, 12130837D7F89A2C7E9D25747A8E5B9001E0A38D545178B49B450C23AE62664A ] C:\Windows\System32\setupapi.dll
21:15:12.0902 0x1660  C:\Windows\System32\setupapi.dll - ok
21:15:12.0904 0x1660  [ C431EAF5CAA1C82CAC2534A2EAB348A3, ADDF850128DC675E67FABA9A3D0D27E684F01F733962CA22927BB94503549E44 ] C:\Windows\System32\msctf.dll
21:15:12.0904 0x1660  C:\Windows\System32\msctf.dll - ok
21:15:12.0905 0x1660  [ 75498A52C2AE248DEE5BDF5209768963, F200077B40B1B75004EE5436939C9E7F50871E824DDCC8403A6BA3823A2717D0 ] C:\Windows\System32\iertutil.dll
21:15:12.0905 0x1660  C:\Windows\System32\iertutil.dll - ok
21:15:12.0907 0x1660  [ B4F29F65AD3114051F01E9403346047F, 7EB58545211C51E95B3F45C47C1F7CCE05B707D168E7C20F46D36E19EE3D8DFC ] C:\Windows\System32\imagehlp.dll
21:15:12.0907 0x1660  C:\Windows\System32\imagehlp.dll - ok
21:15:12.0908 0x1660  [ C06B32165E23A72A898B7A89679AD754, 721405158F6E9F1A7FE7BB33EF642D91332726629D0D3B07DF3CF3152A91C85D ] C:\Windows\System32\oleaut32.dll
21:15:12.0908 0x1660  C:\Windows\System32\oleaut32.dll - ok
21:15:12.0909 0x1660  [ 63A580C88CFAF72A92550940054569EF, A66C89123D1833446ACC31D5CF536B0D0EC24D2F805C022A637596CF98429D9F ] C:\Windows\System32\advapi32.dll
21:15:12.0909 0x1660  C:\Windows\System32\advapi32.dll - ok
21:15:12.0910 0x1660  [ FECA80905D551074E1A9298BD98103B7, 5655D56CDDE306CB350EAF90CEFCAC645D13A6E0BF78DE9372039205AA9C7BD0 ] C:\Windows\System32\urlmon.dll
21:15:12.0910 0x1660  C:\Windows\System32\urlmon.dll - ok
21:15:12.0912 0x1660  [ FE70103391A64039A921DBFFF9C7AB1B, F7D219D75037BC98F6C69143B00AB6000A31F8B5E211E0AF514F4F4B681522A0 ] C:\Windows\System32\user32.dll
21:15:12.0912 0x1660  C:\Windows\System32\user32.dll - ok
21:15:12.0913 0x1660  [ 796B47A4B82EF1C39F13435B88834C48, AFC3E89476BAAD8A71663F0DB8D15E00FF9D131F1306A2F69D728E3AD1184602 ] C:\Windows\System32\lpk.dll
21:15:12.0913 0x1660  C:\Windows\System32\lpk.dll - ok
21:15:12.0915 0x1660  [ 4E4FFB09D895AA000DD56D1404F69A7E, D999E04BB35780088480EAB322176570591A21E311D204BDCAB010A63B34D24C ] C:\Windows\System32\Wldap32.dll
21:15:12.0915 0x1660  C:\Windows\System32\Wldap32.dll - ok
21:15:12.0917 0x1660  [ 72723D3E4781BADC62C3180C137E7B23, 0BDA5292928578C5DA79C761E15B8A892B9D4A3DA26D3635E714797C653CF492 ] C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
21:15:12.0917 0x1660  C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll - ok
21:15:12.0918 0x1660  [ F49E92B50CED5C9F1725D3C0329FD933, 6155FA4D8242F07FC578FF746890C2EE19FC3D6A20ED8AE4C6F021DB2DAC184F ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
21:15:12.0918 0x1660  C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
21:15:12.0920 0x1660  [ 06FEC9E8117103BB1141A560E98077DA, C5E61B11DDBBBBBA3D9488970524F0975EA5FBDF16E2FA31F579F8BFA48353B1 ] C:\Windows\System32\devobj.dll
21:15:12.0920 0x1660  C:\Windows\System32\devobj.dll - ok
21:15:12.0921 0x1660  [ 851BB346CD59D9B3BC8854384C7DD5C3, 0CA1BCBDA6CB8CAC1186B3BE13C3937EDF46264FDFFCEBDF94C7EB10DE957DC6 ] C:\Windows\System32\KernelBase.dll
21:15:12.0921 0x1660  C:\Windows\System32\KernelBase.dll - ok
21:15:12.0923 0x1660  [ 959041D7014C97133D859B45BCA0FC58, 282D34828DA7404470949483CB9789A8B4861D188093F0FBD07138A37F60B94B ] C:\Windows\System32\wintrust.dll
21:15:12.0923 0x1660  C:\Windows\System32\wintrust.dll - ok
21:15:12.0924 0x1660  [ 9028D1621C43DF8DFBD1C76860412A11, A1D48D9B33180BDE50D2FA9BB07E9520B7B7788C39B3AABB4A06AE4B1AACA755 ] C:\Windows\System32\comctl32.dll
21:15:12.0924 0x1660  C:\Windows\System32\comctl32.dll - ok
21:15:12.0925 0x1660  [ 856E76B3641746ABBC2946BED1372098, FD93CC7F72560F72CA49AD5609C079E25B8A3A4802E72B127B63A9E7B4884710 ] C:\Windows\System32\drivers\hidparse.sys
21:15:12.0925 0x1660  C:\Windows\System32\drivers\hidparse.sys - ok
21:15:12.0927 0x1660  [ 597C3699384E53CC59587ED50CCE5CA2, 4F61E9B5BEB3BD1634D733983381E516664BD7E250DF4B0150B168E05EFD652A ] C:\Windows\System32\drivers\hidclass.sys
21:15:12.0927 0x1660  C:\Windows\System32\drivers\hidclass.sys - ok
21:15:12.0928 0x1660  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] C:\Windows\System32\drivers\hidusb.sys
21:15:12.0928 0x1660  C:\Windows\System32\drivers\hidusb.sys - ok
21:15:12.0930 0x1660  [ 64A4AB126E24FD3F58EBE64852773DB5, ED425BBC91EB8BEF54C363036A770C551C97EF324F1AE31049CA750D0E2D6776 ] C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
21:15:12.0930 0x1660  C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
21:15:12.0932 0x1660  [ 780F6ECC4F55D76C9730E6B6C9B31913, 1AEA642AFA210A672A92AAA49CFDE52D9E48ED41248F7644FAADE760E8A0E72E ] C:\Windows\System32\crypt32.dll
21:15:12.0932 0x1660  C:\Windows\System32\crypt32.dll - ok
21:15:12.0933 0x1660  [ 0E6FBF19D9DFBB77316C23DF91F8A101, 680F88E1BC55EA3342AACE6F2E3511BF877AC8F03276D028FEE84EEFE8B5611A ] C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
21:15:12.0933 0x1660  C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
21:15:12.0935 0x1660  [ 9094039A00485F71C4DE64BF51F64C46, 4ACFEF4C747ADF806A4FDEDDFD9CC48168DFB05075306C77D3F3927749DD7484 ] C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
21:15:12.0935 0x1660  C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll - ok
21:15:12.0936 0x1660  [ 2477A28081BDAEE622CF045ACF8EE124, 00A09CAF9129E84FEEA98FA03CE9012C9F961B64FEE15C4F268822C0F82ACC3C ] C:\Windows\System32\cfgmgr32.dll
21:15:12.0936 0x1660  C:\Windows\System32\cfgmgr32.dll - ok
21:15:12.0938 0x1660  [ 7A17485DC7D8A7AC81321A42CD034519, 88D8705FA901793FC8C1CFD0175E49A6502BF0FC94A066BA573D2FD13AA5F04A ] C:\Windows\System32\userenv.dll
21:15:12.0938 0x1660  C:\Windows\System32\userenv.dll - ok
21:15:12.0939 0x1660  [ AFC3DB5C6EB8CA8017DDB81D6C0AD02A, 445C2857398252756FD25BB94DAFCCEFF573DE55F1F8BF9094C191F409FE6437 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
21:15:12.0939 0x1660  C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
21:15:12.0941 0x1660  [ 884415BD4269C02EAF8E2613BF85500D, EFE771709EC942694FD206AC8D0A48ED7DCD35036F074268E4AECD68AC982CEA ] C:\Windows\System32\msasn1.dll
21:15:12.0941 0x1660  C:\Windows\System32\msasn1.dll - ok
21:15:12.0942 0x1660  [ 2C942733A5983DD4502219FF37C7EBC7, 34B20B6B0D7274E4B5B783F1D2345BC3DD9888964D5C2C65712F041A00CF5B45 ] C:\Windows\System32\profapi.dll
21:15:12.0942 0x1660  C:\Windows\System32\profapi.dll - ok
21:15:12.0944 0x1660  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] C:\Windows\System32\drivers\USBSTOR.SYS
21:15:12.0944 0x1660  C:\Windows\System32\drivers\USBSTOR.SYS - ok
21:15:12.0945 0x1660  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] C:\Windows\System32\drivers\mouhid.sys
21:15:12.0945 0x1660  C:\Windows\System32\drivers\mouhid.sys - ok
21:15:12.0947 0x1660  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] C:\Windows\System32\drivers\kbdhid.sys
21:15:12.0947 0x1660  C:\Windows\System32\drivers\kbdhid.sys - ok
21:15:12.0949 0x1660  [ 9C278785347BCC991F8EA2999D90F58D, EA680C3642A6ABF627415AEE019956FAC702DC6A8F4B4D0FC8A4FB21EADD3896 ] C:\Windows\SysWOW64\normaliz.dll
21:15:12.0949 0x1660  C:\Windows\SysWOW64\normaliz.dll - ok
21:15:12.0950 0x1660  [ BF24D6F2ED97FE830BFD52B246F98E67, 6BBF4C4221A245462EF653798F6B416EEB12594AD1CB4E8BC8908A8CB2F53384 ] C:\Windows\System32\drivers\dxapi.sys
21:15:12.0950 0x1660  C:\Windows\System32\drivers\dxapi.sys - ok
21:15:12.0951 0x1660  [ A347EF56B7CD8360B3EF7772FEA597B9, 29FD47110ED21C4F0178C065AD05789A8387B6704CE1BA94C851C9785662CF95 ] C:\Windows\System32\win32k.sys
21:15:12.0951 0x1660  C:\Windows\System32\win32k.sys - ok
21:15:12.0953 0x1660  [ 216BABD555BC550952320EEA89C25DDF, 1BBB92415280032CD18F361382A69D0D91266AAD56FC88A99C804B0053743D72 ] C:\Windows\System32\csrsrv.dll
21:15:12.0953 0x1660  C:\Windows\System32\csrsrv.dll - ok
21:15:12.0954 0x1660  [ 60C2862B4BF0FD9F582EF344C2B1EC72, CB1C6018FC5C15483AC5BB96E5C2E2E115BB0C0E1314837D77201BAB37E8C03A ] C:\Windows\System32\csrss.exe
21:15:12.0954 0x1660  C:\Windows\System32\csrss.exe - ok
21:15:12.0956 0x1660  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\System32\basesrv.dll
21:15:12.0956 0x1660  C:\Windows\System32\basesrv.dll - ok
21:15:12.0957 0x1660  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\System32\winsrv.dll
21:15:12.0957 0x1660  C:\Windows\System32\winsrv.dll - ok
21:15:12.0959 0x1660  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] C:\Windows\System32\drivers\monitor.sys
21:15:12.0959 0x1660  C:\Windows\System32\drivers\monitor.sys - ok
21:15:12.0960 0x1660  [ F29FE765E1448EF371CFE05BFAC74ADB, F251581222D78543272FD4B14A6A59F4B0E0CC44A5FCBCF56DE4CA5783F78A75 ] C:\Windows\System32\tsddd.dll
21:15:12.0960 0x1660  C:\Windows\System32\tsddd.dll - ok
21:15:12.0961 0x1660  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\System32\sxssrv.dll
21:15:12.0961 0x1660  C:\Windows\System32\sxssrv.dll - ok
21:15:12.0963 0x1660  [ 94355C28C1970635A31B3FE52EB7CEBA, C4E98F07170CEC69CACDD5CEDB8927E48A2A299CB1B8CDA87526E768AF6174F0 ] C:\Windows\System32\wininit.exe
21:15:12.0963 0x1660  C:\Windows\System32\wininit.exe - ok
21:15:12.0964 0x1660  [ 78523A26F5604C0568FE9D1CE86E36F4, 534A7228BF69719106F581616A32EAEF0B770DDB36DCE94F84E7D52FDB1382B5 ] C:\Windows\System32\KBDUS.DLL
21:15:12.0965 0x1660  C:\Windows\System32\KBDUS.DLL - ok
21:15:12.0966 0x1660  [ C2A8CB1275ECB85D246A9ECC02A728E3, 3603FADCA0060BD201148F9D59E4E2627F024609A6463AB525B5D1AD17BDCD10 ] C:\Windows\System32\RpcRtRemote.dll
21:15:12.0966 0x1660  C:\Windows\System32\RpcRtRemote.dll - ok
21:15:12.0967 0x1660  [ 943F527DF79E6B400104341AA7023C75, 53C7B9426181D3D172E6B1A07E6DF8A0CB8FCA27D3A03CE5F544D3209B5F4651 ] C:\Windows\System32\cdd.dll
21:15:12.0967 0x1660  C:\Windows\System32\cdd.dll - ok
21:15:12.0969 0x1660  [ 9CEAD32E79A62150FE9F8557E58E008B, AFE4C1725EE94D7DE0749AE1495A4E5CC33C369F29B2A589DA66FFE27FF9777E ] C:\Windows\System32\sxs.dll
21:15:12.0969 0x1660  C:\Windows\System32\sxs.dll - ok
21:15:12.0970 0x1660  [ B26B1801356760841C3BC69F9F91537F, 83B9DF333E36C09E81D44E12AE5BE14650126FDA0CF4A0EA853BF40C5780EF81 ] C:\Windows\System32\WlS0WndH.dll
21:15:12.0970 0x1660  C:\Windows\System32\WlS0WndH.dll - ok
21:15:12.0972 0x1660  [ 784FA3DF338E2E8F5F0389D6FAC428AF, 9C8AA0CFDEB9E38AAF8EB08626070E0F0364F4F8A793CFE3532EC6C007980C34 ] C:\Windows\System32\cryptbase.dll
21:15:12.0972 0x1660  C:\Windows\System32\cryptbase.dll - ok
21:15:12.0973 0x1660  [ 88AB9B72B4BF3963A0DE0820B4B0B06C, 29EFEADCB26E408CD41492FCEC6D411A018099D6FF5ECA9526ED59564975F3E6 ] C:\Windows\System32\winlogon.exe
21:15:12.0973 0x1660  C:\Windows\System32\winlogon.exe - ok
21:15:12.0974 0x1660  [ 90499F3163A9F815CF196A205EA3CD5D, 29B4ED3795CEC1177EB367132914CE21C194CDEC5DB9DC923FD928C85E94D821 ] C:\Windows\System32\apphelp.dll
21:15:12.0974 0x1660  C:\Windows\System32\apphelp.dll - ok
21:15:12.0976 0x1660  [ 0D9764D58C5EFD672B7184854B152E5E, 9827B43DABBEC39AB2E2294408D9C5304EF27A684903C5234C6070387723D49E ] C:\Windows\System32\winsta.dll
21:15:12.0976 0x1660  C:\Windows\System32\winsta.dll - ok
21:15:12.0977 0x1660  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] C:\Windows\System32\lsass.exe
21:15:12.0977 0x1660  C:\Windows\System32\lsass.exe - ok
21:15:12.0979 0x1660  [ 9662EE182644511439F1C53745DC1C88, D205B2C163E78AB42A5D67D7664EF6B75EA0374FF0924467D624F9DB0611F0AD ] C:\Windows\System32\lsm.exe
21:15:12.0979 0x1660  C:\Windows\System32\lsm.exe - ok
21:15:12.0980 0x1660  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\System32\services.exe
21:15:12.0980 0x1660  C:\Windows\System32\services.exe - ok
21:15:12.0982 0x1660  [ 8098627D0AA1706D69C5AF3F74332ABB, 9582F6162A8405DC568FFBEA08A9090FE92FE2C9DB640077BD7F23AC4FABF700 ] C:\Windows\System32\sspisrv.dll
21:15:12.0982 0x1660  C:\Windows\System32\sspisrv.dll - ok
21:15:12.0983 0x1660  [ EE4B105F1DBE1E864AFC72E7F0315432, 0E69A25BA7ED920B3103F219D3BF117D8CEFBD4DC74C762945AE291D24772FAD ] C:\Windows\System32\lsasrv.dll
21:15:12.0983 0x1660  C:\Windows\System32\lsasrv.dll - ok
21:15:12.0985 0x1660  [ C072064F95579C0D6D86AF5B3DC53192, CF4A088DF97F4D4963BEAB9CBDBF69FEA2D4773159054A0AF8B8DFFDF83E18DA ] C:\Windows\System32\sspicli.dll
21:15:12.0985 0x1660  C:\Windows\System32\sspicli.dll - ok
21:15:12.0986 0x1660  [ 68083118797CAF30FB2EA3E71494D67E, 5F1BCDFCB00A20CD60CBC70A2FD97405EF0F7173DD0E404BBA7B06D39DB37364 ] C:\Windows\System32\sysntfy.dll
21:15:12.0986 0x1660  C:\Windows\System32\sysntfy.dll - ok
21:15:12.0987 0x1660  [ DEE7267C5D232A3B816866872CE199E6, A1994FD37667C52E7CBF873514C190DA61A3D1349786D187BFAE0006F61799AE ] C:\Windows\System32\wmsgapi.dll
21:15:12.0987 0x1660  C:\Windows\System32\wmsgapi.dll - ok
21:15:12.0989 0x1660  [ BBCDF350817BA86416C0F06B6981BE8D, D064438F97852B9BD6015C8B19377C61C671E0969E09506B8359FE7B1F373A61 ] C:\Windows\System32\scesrv.dll
21:15:12.0989 0x1660  C:\Windows\System32\scesrv.dll - ok
21:15:12.0990 0x1660  [ E914A50A151DFFE63D3935226DB5E2C1, 7DCCE4060344E1C771679F1C20378A0BEB3C1F06DB684072F07B98921A62A299 ] C:\Windows\System32\scext.dll
21:15:12.0990 0x1660  C:\Windows\System32\scext.dll - ok
21:15:12.0992 0x1660  [ 39312B37C5FE5138F99680A49ACD3AEA, B9566B4117FBBECF77A0D3F49E9DF302088B9D483F817720B22E4F9C5754264A ] C:\Windows\System32\secur32.dll
21:15:12.0992 0x1660  C:\Windows\System32\secur32.dll - ok
21:15:12.0993 0x1660  [ A744BA6E04C8AA4592818178DBF89521, 9E7C85D842DF16F9B8FED7B06AF309B5ECCBFD465F5552347D4C3F1FEFDC6F7A ] C:\Windows\System32\samsrv.dll
21:15:12.0993 0x1660  C:\Windows\System32\samsrv.dll - ok
21:15:12.0995 0x1660  [ 3A9C9BAF610B0DD4967086040B3B62A9, E8E9A0F42B1EE7806EDCEED08AA024D037215D06CA317E3678BD5364AD513D23 ] C:\Windows\System32\srvcli.dll
21:15:12.0995 0x1660  C:\Windows\System32\srvcli.dll - ok
21:15:12.0996 0x1660  [ 3A061472B38233BAFF9CFEFF2E49C46B, DF29B14C8D22A8A16AA336A09A6152E2C7FCA6CAF4E76F0C5DCB55BEF9D00515 ] C:\Windows\System32\cryptdll.dll
21:15:12.0996 0x1660  C:\Windows\System32\cryptdll.dll - ok
21:15:12.0998 0x1660  [ 3C073B0C596A0AF84933E7406766B040, 4698BBA678F553E15AD4B07AD7FB236281F872DEFEE97BFD637114476C8F97B3 ] C:\Windows\System32\wevtapi.dll
21:15:12.0998 0x1660  C:\Windows\System32\wevtapi.dll - ok
21:15:12.0999 0x1660  [ 7FBEBD2229EA5FD48D41B199EC2D541C, A465975D445A8D50CAF3EF29BD33354B320D11173C127BE30D5EBBFF7008CDCE ] C:\Windows\System32\authz.dll
21:15:12.0999 0x1660  C:\Windows\System32\authz.dll - ok
21:15:13.0001 0x1660  [ 86FE1B1F8FD42CD0DB641AB1CDB13093, 8C4BB4415105CE82FFFE658879EAE9D259A24C0F6DFC7D25507352DC99241BE2 ] C:\Windows\System32\cngaudit.dll
21:15:13.0001 0x1660  C:\Windows\System32\cngaudit.dll - ok
21:15:13.0002 0x1660  [ E23BA7A7BD97FC6B8AB5EA32A46D05CD, 593564F84B36451A5CDCA9B04DCFC7886DB124F7CA95464B67B1E65E041A1EC6 ] C:\Windows\System32\ncrypt.dll
21:15:13.0002 0x1660  C:\Windows\System32\ncrypt.dll - ok
21:15:13.0003 0x1660  [ B9A95365E52F421A20E1501935FADDA5, DDB4CB575139233EFAF2C59B7E9B04AF36BBCCC63190181F3B2A7E6BFC86E77E ] C:\Windows\System32\bcrypt.dll
21:15:13.0003 0x1660  C:\Windows\System32\bcrypt.dll - ok
21:15:13.0005 0x1660  [ 02B64609F865A39365FF88580DF11738, 2F676B93898E1B6131AF6227BB7AB731EB9C29477F9BD4C2C60F0FC1E35CD968 ] C:\Windows\System32\msprivs.dll
21:15:13.0005 0x1660  C:\Windows\System32\msprivs.dll - ok
21:15:13.0006 0x1660  [ C6505DE3561537BA1004D638C2F93F2F, 3E4FDF374B1A9E43A8F61FD2D79E0515390ECABFDAF72C4BD44A7B6429039AF6 ] C:\Windows\System32\netjoin.dll
21:15:13.0006 0x1660  C:\Windows\System32\netjoin.dll - ok
21:15:13.0008 0x1660  [ 50532FCD7ECF02DD169CE5C485F02534, 8EE5D9D0EA53DC72BCC300692E521ACADD56AB09BFA3E78149D8B5A90648512C ] C:\Windows\System32\negoexts.dll
21:15:13.0008 0x1660  C:\Windows\System32\negoexts.dll - ok
21:15:13.0009 0x1660  [ 33EF550DCCC58C93F5B65FD75BAD9832, 904DA99D4CBE5904E8D2580077FBB8909A44147F95492929D9A7A581C06645A8 ] C:\Windows\System32\kerberos.dll
21:15:13.0009 0x1660  C:\Windows\System32\kerberos.dll - ok
21:15:13.0010 0x1660  [ D0C2FBB6D97416B0166478FC7AE2B212, 7EAB6C37F0A845E645CA44CC060AC6C56E386C7EF7A64716C6786C9602AD8C9D ] C:\Windows\System32\cryptsp.dll
21:15:13.0010 0x1660  C:\Windows\System32\cryptsp.dll - ok
21:15:13.0012 0x1660  [ 9A9F9F1A77D6A80EE28B57664F00013E, 0D441638E086EF1342FCDC43E826BF9E9CC6B2E8AE100D89BFC70163F987DE91 ] C:\Windows\System32\mswsock.dll
21:15:13.0012 0x1660  C:\Windows\System32\mswsock.dll - ok
21:15:13.0013 0x1660  [ 7D1017ED11B7C3B162628069742B5E58, 0553ABF5C84469370748CA2496BA82655039E5048980C675742A88B761DED967 ] C:\Windows\System32\msv1_0.dll
21:15:13.0013 0x1660  C:\Windows\System32\msv1_0.dll - ok
21:15:13.0015 0x1660  [ AA339DD8BB128EF66660DFBBB59043D3, 76D9F849AFDDA38E04549EB67B4163478776F1B6EF46434168278F84FEB8FC5C ] C:\Windows\System32\netlogon.dll
21:15:13.0015 0x1660  C:\Windows\System32\netlogon.dll - ok
21:15:13.0016 0x1660  [ EC7CBFF96B05ECF3D366355B3C64ADCF, F69ED45EBEDCA9CF000AC03281F0EC2C351F98513FBA90E63394E4E561D6C7A2 ] C:\Windows\System32\wship6.dll
21:15:13.0016 0x1660  C:\Windows\System32\wship6.dll - ok
21:15:13.0018 0x1660  [ 492D07D79E7024CA310867B526D9636D, F2FE647AB85C6C3C1AA3DF4BCE6E4D42B9676C9D837E11388C235AE8DB20044F ] C:\Windows\System32\dnsapi.dll
21:15:13.0018 0x1660  C:\Windows\System32\dnsapi.dll - ok
21:15:13.0019 0x1660  [ 8FFE297B8449386E7B6851458B6E474E, E149B37E11091D69D926242517E5655596594A6F01FEF06EB65D6BA5B354E326 ] C:\Windows\System32\logoncli.dll
21:15:13.0019 0x1660  C:\Windows\System32\logoncli.dll - ok
21:15:13.0020 0x1660  [ E8E98B3B7A6E1250F4AA7AF8FA17D5BB, 36EA8779A04E40B93961C8F4B1B6FF7E26254D38B30EA9B1031066B3FC02A776 ] C:\Windows\System32\schannel.dll
21:15:13.0020 0x1660  C:\Windows\System32\schannel.dll - ok
21:15:13.0022 0x1660  [ BFC98590EAB40C785D6134B1FA818A62, 3A0136DE59815C36ADD2E960D610371733B119635D2EBA15588DB62A05B928C8 ] C:\Windows\System32\wdigest.dll
21:15:13.0022 0x1660  C:\Windows\System32\wdigest.dll - ok
21:15:13.0023 0x1660  [ 5D8874A8C11DDDDE29E12DE0E2013493, 3E9A57137BF622AF83E3E4D58971E2C0200559CCA7545D16CF263AA03EE9C7D2 ] C:\Windows\System32\rsaenh.dll
21:15:13.0023 0x1660  C:\Windows\System32\rsaenh.dll - ok
21:15:13.0025 0x1660  [ 79EE13A5A406E4603874686B8005DA72, 3FC9C9463AFF70D9778C9CEDFCE6CEFDEE342A13BDE8EF2FF0420FE48421412B ] C:\Windows\System32\TSpkg.dll
21:15:13.0025 0x1660  C:\Windows\System32\TSpkg.dll - ok
21:15:13.0026 0x1660  [ D6C7780A364C6BBACFA796BAB9F1B374, 3B5ED1A030BFD0BB73D4FFCD67A6A0B8501EF70293F223EFAA12F430ADF270F9 ] C:\Windows\System32\bcryptprimitives.dll
21:15:13.0026 0x1660  C:\Windows\System32\bcryptprimitives.dll - ok
21:15:13.0028 0x1660  [ E08088A97F95345E181C3DFCE2C615EF, DEF3B087DF5E10E4F8418029DB6E82546E62FEFA39694B7BD6A48CE8AAFD1B96 ] C:\Windows\System32\pku2u.dll
21:15:13.0028 0x1660  C:\Windows\System32\pku2u.dll - ok
21:15:13.0029 0x1660  [ C9DD5C0D5AF2D7A54BA32E8FBD3B67F1, 1EDB25297A9C8A87A7F33A9E9C5148F476D74BBDBF272036E5ACA46355D4A866 ] C:\Windows\System32\credssp.dll
21:15:13.0029 0x1660  C:\Windows\System32\credssp.dll - ok
21:15:13.0030 0x1660  [ 90BDEFC5DF334E5100EAA781D798DE1A, F48B650D811B6D57D2252E326C0C9CC74534BE9D510E7D3403F91D1C5C36281E ] C:\Windows\System32\efslsaext.dll
21:15:13.0030 0x1660  C:\Windows\System32\efslsaext.dll - ok
21:15:13.0032 0x1660  [ ED78427259134C63ED69804D2132B86C, F6F51B8B35881ABCA5580ED111AAC80E466E6474ABAE31EC8BE46C23EDCA77B2 ] C:\Windows\System32\scecli.dll
21:15:13.0032 0x1660  C:\Windows\System32\scecli.dll - ok
21:15:13.0033 0x1660  [ 7CC7DF5B654DA579613F811D8C637E29, 70EAC059C1ED814810C75DBB9F4D188428CB942FFD8869D692158D384EB6BB35 ] C:\Windows\System32\ubpm.dll
21:15:13.0033 0x1660  C:\Windows\System32\ubpm.dll - ok
21:15:13.0035 0x1660  [ C78655BC80301D76ED4FEF1C1EA40A7D, 93B2ED4004ED5F7F3039DD7ECBD22C7E4E24B6373B4D9EF8D6E45A179B13A5E8 ] C:\Windows\System32\svchost.exe
21:15:13.0035 0x1660  C:\Windows\System32\svchost.exe - ok
21:15:13.0036 0x1660  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] C:\Windows\System32\umpnpmgr.dll
21:15:13.0036 0x1660  C:\Windows\System32\umpnpmgr.dll - ok
21:15:13.0038 0x1660  [ CD1B5AD07E5F7FEF30E055DCC9E96180, 63C58551F32B0B09377F64A6AE1FA81AF93B8A707A57A8C18722086906AD3046 ] C:\Windows\System32\devrtl.dll
21:15:13.0038 0x1660  C:\Windows\System32\devrtl.dll - ok
21:15:13.0039 0x1660  [ E6EB44ABAAF1F330119F854856C53EBE, 77279972FFBFA984578DD4F17EB615F5D2D93590AF3A9FEFEFDB9128206C9887 ] C:\Windows\System32\SPInf.dll
21:15:13.0039 0x1660  C:\Windows\System32\SPInf.dll - ok
21:15:13.0040 0x1660  [ 9C9307C95671AC962F3D6EB3A4A89BAE, D1433791C9B8BCEEAD8937EC18D33E89E4E2012B5975228A8500FD141BC30078 ] C:\Windows\System32\gpapi.dll
21:15:13.0040 0x1660  C:\Windows\System32\gpapi.dll - ok
21:15:13.0042 0x1660  [ F6C011B46FAEEF33536B2E80F48B5CBE, BDD149D3D6F9F6C8F6F34C311219BE5618CEEFBC7D35E37473A47F1D5D015067 ] C:\Windows\System32\pcwum.dll
21:15:13.0042 0x1660  C:\Windows\System32\pcwum.dll - ok
21:15:13.0043 0x1660  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] C:\Windows\System32\umpo.dll
21:15:13.0043 0x1660  C:\Windows\System32\umpo.dll - ok
21:15:13.0044 0x1660  [ 716175021BDA290504CE434273F666BC, FA18CA2D8A5F4335E051E2933147D3C1E7308F7D446E2AEB6596CDEF6E2AFC88 ] C:\Windows\System32\powrprof.dll
21:15:13.0044 0x1660  C:\Windows\System32\powrprof.dll - ok
21:15:13.0046 0x1660  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] C:\Windows\System32\drivers\luafv.sys
21:15:13.0046 0x1660  C:\Windows\System32\drivers\luafv.sys - ok
21:15:13.0047 0x1660  [ 25626309AD2F81D47C829CCB5E46E478, D23F9F72C064B5D2A7979674703585345A78F7BE88887794FC9CA2971818B3DC ] C:\Windows\System32\nvvsvc.exe
21:15:13.0047 0x1660  C:\Windows\System32\nvvsvc.exe - ok
21:15:13.0049 0x1660  [ BD3674BE7FC9D8D3732C83E8499576ED, E6716A5895D629263A4D21959F48840429AB6F4B55A5FA2663EE5E86C9CA2BF1 ] C:\Windows\System32\wtsapi32.dll
21:15:13.0049 0x1660  C:\Windows\System32\wtsapi32.dll - ok
21:15:13.0050 0x1660  [ 2222073BE0232E70A397B8302293AA9D, C4C5D7D11F88CBB674667371F4A2AF17C530E2E2C855BC5C417EF623C1CF8F65 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:15:13.0050 0x1660  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe - ok
21:15:13.0052 0x1660  [ A2B0924D50F4435FD389499047CE553A, 8D16D5CAAD71AAAAA1479F8477D2928B66581C79932A49A21EDF93DB2803AB9C ] C:\Windows\SysWOW64\ntdll.dll
21:15:13.0052 0x1660  C:\Windows\SysWOW64\ntdll.dll - ok
21:15:13.0053 0x1660  [ 2A107B611C91CD256466C58C0D776E9D, 58EA4F6E0FE7EFB8D3024AE71EE16848C2A00BA5224C8054C80134F99D9A72AB ] C:\Windows\System32\wow64.dll
21:15:13.0053 0x1660  C:\Windows\System32\wow64.dll - ok
21:15:13.0055 0x1660  [ 0F090A77E664CB0F70AB8D3B230B760C, A08EA0409B3BF88AB12792F721FA3A692BBE640DF2A06641E142843A7044EC5E ] C:\Windows\System32\wow64cpu.dll
21:15:13.0055 0x1660  C:\Windows\System32\wow64cpu.dll - ok
21:15:13.0056 0x1660  [ 7434E01FBCA3CB86539C39412A31D5E1, E40D5AEBB3A5D8F53C76E3FBF0C07B9C0227914C869F57622EA44A212383EE6D ] C:\Windows\System32\wow64win.dll
21:15:13.0056 0x1660  C:\Windows\System32\wow64win.dll - ok
21:15:13.0057 0x1660  [ 76161B9D78A275F8F28DD67436013110, E4AE9648BDED9035D39DF20C3A6F453F67D49D7899038B21D88FFD4EFFCC4C08 ] C:\Windows\SysWOW64\kernel32.dll
21:15:13.0058 0x1660  C:\Windows\SysWOW64\kernel32.dll - ok
21:15:13.0059 0x1660  [ 461B713DE7F353C6447B744F1A049930, 3551C57128DAFA009C9DB3EE0D798D94B269D1605F74897566D7E79E5FDD437B ] C:\Windows\SysWOW64\KernelBase.dll
21:15:13.0059 0x1660  C:\Windows\SysWOW64\KernelBase.dll - ok
21:15:13.0060 0x1660  [ 9DC80A8AAAAAC397BDAB3C67165A824E, 051636BFDFF7AB0E4191354E846BD0DACCA1A01FCC13C1AFED91D8DBFE17127A ] C:\Windows\SysWOW64\msvcrt.dll
21:15:13.0060 0x1660  C:\Windows\SysWOW64\msvcrt.dll - ok
21:15:13.0062 0x1660  [ 702254574E7E52052DE39408457B7149, 645CA9E88DA21C63710A04A0F54421018DF415A3D612112C71A255C49325C082 ] C:\Windows\SysWOW64\version.dll
21:15:13.0062 0x1660  C:\Windows\SysWOW64\version.dll - ok
21:15:13.0063 0x1660  [ 10FB16B50AFFDA6D44588F3C445DC273, 6CDA17DA9B44D11E69F7C6682FA633EA75731623BB21B429A0FE2086ED4495A7 ] C:\Windows\SysWOW64\setupapi.dll
21:15:13.0063 0x1660  C:\Windows\SysWOW64\setupapi.dll - ok
21:15:13.0065 0x1660  [ F436E847FA799ECD75AD8C313673F450, 3C8BF3F0C08C7FA8DE5CD9C60AD9D00B742E84EB1FEBEEBA0F7159844BAAA471 ] C:\Windows\SysWOW64\cfgmgr32.dll
21:15:13.0065 0x1660  C:\Windows\SysWOW64\cfgmgr32.dll - ok
21:15:13.0066 0x1660  [ D8BED6BA298DBAAF6F3D746739FCD333, 83A40845EC448943F4737B730F95860983919677D84922E44EED4BECDFA71A31 ] C:\Windows\SysWOW64\rpcrt4.dll
21:15:13.0066 0x1660  C:\Windows\SysWOW64\rpcrt4.dll - ok
21:15:13.0068 0x1660  [ D67472125471784DE7147946EDA25FEB, F41960118F412B6CA5E80AE5E8DB9AECDD043A7DB34388FF57C6F9C5A0056F91 ] C:\Windows\SysWOW64\advapi32.dll
21:15:13.0068 0x1660  C:\Windows\SysWOW64\advapi32.dll - ok
21:15:13.0069 0x1660  [ F08F6FCD09F9BE94C37ACC1B344685FF, DE48D766258B46EFEAB16579421C4BD97ACC6883F782D00E9857F4A0CE7E8A34 ] C:\Windows\SysWOW64\cryptbase.dll
21:15:13.0069 0x1660  C:\Windows\SysWOW64\cryptbase.dll - ok
21:15:13.0071 0x1660  [ CFC97F07904067A1E5FAE195D534DA3A, EB4D2D127312EB09E2ACCA3276779E80F90FAF77322684BABF72B8EC6E1F906C ] C:\Windows\SysWOW64\sechost.dll
21:15:13.0071 0x1660  C:\Windows\SysWOW64\sechost.dll - ok
21:15:13.0072 0x1660  [ 10826DA2FC073702AEAB93AF3D73B066, 1B55FE13B52109F1E427FCE6F64A02CF37AB6732BE4C968479BD871DE1D38A06 ] C:\Windows\SysWOW64\sspicli.dll
21:15:13.0072 0x1660  C:\Windows\SysWOW64\sspicli.dll - ok
21:15:13.0073 0x1660  [ 980305AC3AF53C1964A11190451ABB32, D0FE0845F9FB51B1F556E3A1D327F30603033A1FAFC17DFA3D5047B93C7D4D82 ] C:\Windows\SysWOW64\gdi32.dll
21:15:13.0073 0x1660  C:\Windows\SysWOW64\gdi32.dll - ok
21:15:13.0075 0x1660  [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3, 01EB95FA3943CF3C6B1A21E473A5C3CB9FCBCE46913B15C96CAC14E4F04075B4 ] C:\Windows\SysWOW64\user32.dll
21:15:13.0075 0x1660  C:\Windows\SysWOW64\user32.dll - ok
21:15:13.0076 0x1660  [ CC23295DA8F7B5C53F93804D2F5D30EB, B290D96C40FBA934DE6CFF82D9BBA6780922CC5012C61599BD5006DAEDC82DDB ] C:\Windows\SysWOW64\lpk.dll
21:15:13.0076 0x1660  C:\Windows\SysWOW64\lpk.dll - ok
21:15:13.0078 0x1660  [ A5F833506BF6A1B5D693E1499DEE2444, 045874B7D37F49216E37D551076FF440E29DB5196564E714207DF753DF7FDDEE ] C:\Windows\SysWOW64\usp10.dll
21:15:13.0078 0x1660  C:\Windows\SysWOW64\usp10.dll - ok
21:15:13.0079 0x1660  [ 6C765E82B57F2E66CE9C54AC238471D9, 97F410023F5C08B4BC5DBF89A642200E76F4025ADD9707C24FD89D673675BB43 ] C:\Windows\SysWOW64\oleaut32.dll
21:15:13.0079 0x1660  C:\Windows\SysWOW64\oleaut32.dll - ok
21:15:13.0080 0x1660  [ 928CF7268086631F54C3D8E17238C6DD, F058FAFB04E7EBD5CADE9B48195B7AA7C3508F332A89F5E6E5F3F071E8CADD4A ] C:\Windows\SysWOW64\ole32.dll
21:15:13.0080 0x1660  C:\Windows\SysWOW64\ole32.dll - ok
21:15:13.0082 0x1660  [ 2EEFF4502F5E13B1BED4A04CCAD64C08, 209FF1B6D46D1AC99518FCF54F2F726143B2DBF2C5FDA90212FBEF7526F7CBF5 ] C:\Windows\SysWOW64\devobj.dll
21:15:13.0082 0x1660  C:\Windows\SysWOW64\devobj.dll - ok
21:15:13.0083 0x1660  [ A6F09E5669D9A19035F6D942CAA15882, 68C8AF0CC1923E3A7245392F2480EE665D265DF300A609D2540BF7C6D9C1A1BE ] C:\Windows\SysWOW64\imm32.dll
21:15:13.0083 0x1660  C:\Windows\SysWOW64\imm32.dll - ok
21:15:13.0085 0x1660  [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8, B1A9B2EF000917214C0198958CBD239D1D91B1720EC40DF041262A34D302AD74 ] C:\Windows\SysWOW64\winspool.drv
21:15:13.0085 0x1660  C:\Windows\SysWOW64\winspool.drv - ok
21:15:13.0086 0x1660  [ C9618BC9B2B0FD7C1138D8774795A79B, 0AC170669C2626519FA7A745C56BFBA6B83B8537488F5B9EB7BA72448E5E7A43 ] C:\Windows\SysWOW64\msctf.dll
21:15:13.0086 0x1660  C:\Windows\SysWOW64\msctf.dll - ok
21:15:13.0088 0x1660  [ E51E9939C1266E70D3F93D5265C1E7D0, 8761A51B9C9FDAEA8981D9CD7079521690C72F8714B78E3971B5E322227DDA21 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstres.dll
21:15:13.0088 0x1660  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstres.dll - ok
21:15:13.0089 0x1660  [ 23FF4CD0C71A23BD170DC40B33604D29, 6C4F55F335B4154E71BB570CB2555123F09EED6EDA51DB0F67E4327742A32744 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvwl.dll
21:15:13.0089 0x1660  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvwl.dll - ok
21:15:13.0091 0x1660  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] C:\Windows\System32\rpcss.dll
21:15:13.0091 0x1660  C:\Windows\System32\rpcss.dll - ok
21:15:13.0092 0x1660  [ CC09E0C9A2D89C6E71D093DC8BD121B7, 5F92457E27D817541EBA92FED984D2E6C1E35AD4E4E4CAE0F0778B795C260FAA ] C:\Windows\SysWOW64\crypt32.dll
21:15:13.0092 0x1660  C:\Windows\SysWOW64\crypt32.dll - ok
21:15:13.0094 0x1660  [ 68EAAEDF0365168B804E8728368FA946, 1FA25087E8B247B099B729F780DBF24F77FD34F58186A1C94329261CF3D18B8E ] C:\Windows\SysWOW64\wintrust.dll
21:15:13.0094 0x1660  C:\Windows\SysWOW64\wintrust.dll - ok
21:15:13.0095 0x1660  [ 938F39B50BAFE13D6F58C7790682C010, 902000EE51EFEABAF6A4B30F880AA37083D2232C6FC622CA513C4A823390FEDA ] C:\Windows\SysWOW64\msasn1.dll
21:15:13.0095 0x1660  C:\Windows\SysWOW64\msasn1.dll - ok
21:15:13.0097 0x1660  [ 3FD15B4611D9BDA3F8013548C0ECAECA, B47A8D9985D9B71EB870816A0AB2B6403D394CCBDF7DE5378D5721D58D68D28D ] C:\Windows\SysWOW64\ntmarta.dll
21:15:13.0097 0x1660  C:\Windows\SysWOW64\ntmarta.dll - ok
21:15:13.0098 0x1660  [ A8BB45F9ECAD993461E0FEF8E2A99152, ACB756EA54E71F124D928829666B5B439785593877FF7C0C76ADCF954F4E6C94 ] C:\Windows\SysWOW64\Wldap32.dll
21:15:13.0098 0x1660  C:\Windows\SysWOW64\Wldap32.dll - ok
21:15:13.0100 0x1660  [ 162D247E995EAEBF3EF4289069E1111C, 19E858E9902E2D570FFD24AE2CB4165273F5BAB1FF7B04758B11AB5CD41FD752 ] C:\Windows\SysWOW64\devrtl.dll
21:15:13.0100 0x1660  C:\Windows\SysWOW64\devrtl.dll - ok
21:15:13.0101 0x1660  [ 4BDBBE5E4208022DD794F7EEEB0F7366, 4F69BA2EDABFA63A300B9F1880349EFAE185B899DD5C561E7B3BA6AAA4B22D6A ] C:\Windows\SysWOW64\SPInf.dll
21:15:13.0101 0x1660  C:\Windows\SysWOW64\SPInf.dll - ok
21:15:13.0103 0x1660  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] C:\Windows\System32\RpcEpMap.dll
21:15:13.0103 0x1660  C:\Windows\System32\RpcEpMap.dll - ok
21:15:13.0104 0x1660  [ 16E964ABF6D1E0F0CC7822FCA9BA754D, 0E461387ACFD641DA22EE542A3C68AF5F7D3A7F967D974E3B198143D461ABE39 ] C:\Windows\System32\wshqos.dll
21:15:13.0104 0x1660  C:\Windows\System32\wshqos.dll - ok
21:15:13.0106 0x1660  [ 31559F3244C6BC00A52030CAA83B6B91, B2025742B5F0025ACE9821D5722DE3F997EEEAB21D2F381C9E307882DF422579 ] C:\Windows\System32\WSHTCPIP.DLL
21:15:13.0106 0x1660  C:\Windows\System32\WSHTCPIP.DLL - ok
21:15:13.0107 0x1660  [ 9AD9E06F8656F296D91FAE8EE5B95A27, 53384747D5864D699BCC4F48E0A5E656430EDAA65DCDAB4B11EA68FC7106459E ] C:\Windows\System32\FirewallAPI.dll
21:15:13.0107 0x1660  C:\Windows\System32\FirewallAPI.dll - ok
21:15:13.0109 0x1660  [ 715F03B4C7223349768013EA95D9E5B7, 09AB0535A54C2E2962F0FD06988D99060F8CECA39B07AC00A63204C773B95893 ] C:\Windows\System32\LogonUI.exe
21:15:13.0109 0x1660  C:\Windows\System32\LogonUI.exe - ok
21:15:13.0110 0x1660  [ 5DFFC12BF7DB53BDB401804A3C3A475E, DEACB4BFF904AD77389A8326BFCF12A490E1A7A10B68049D253552F1FC630FA3 ] C:\Windows\System32\authui.dll
21:15:13.0110 0x1660  C:\Windows\System32\authui.dll - ok
21:15:13.0112 0x1660  [ 94E026870A55AAEAFF7853C1754091E9, B2F5D5629D12BDFA98DBED3898368F37D9009C7531B6909C7285A2C11C9A0F93 ] C:\Windows\System32\version.dll
21:15:13.0112 0x1660  C:\Windows\System32\version.dll - ok
21:15:13.0113 0x1660  [ 6011714C8C5C55CBFFAD24D61E879FBD, 75D615082A1C71C6ED3ABB49EDAF660EE538D112CF79B9C8AF0A583D1CE1BBB0 ] C:\Windows\System32\wevtsvc.dll
21:15:13.0113 0x1660  C:\Windows\System32\wevtsvc.dll - ok
21:15:13.0115 0x1660  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] C:\Windows\System32\audiosrv.dll
21:15:13.0115 0x1660  C:\Windows\System32\audiosrv.dll - ok
21:15:13.0116 0x1660  [ B3BFBD758506ECB50C5804AAA76318F9, 34E079A6AB2D41D1E0B3887B6AE31C43941061B7176FFF2801C3F465C2C89578 ] C:\Windows\System32\cryptui.dll
21:15:13.0116 0x1660  C:\Windows\System32\cryptui.dll - ok
21:15:13.0118 0x1660  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] C:\Windows\System32\profsvc.dll
21:15:13.0118 0x1660  C:\Windows\System32\profsvc.dll - ok
21:15:13.0119 0x1660  [ 78A1E65207484B7F8D3217507745F47C, 35F413ADB9D157F3666DD15DD58104D629CD9143198A1AB914B73A4A3C9903DD ] C:\Windows\System32\avrt.dll
21:15:13.0119 0x1660  C:\Windows\System32\avrt.dll - ok
21:15:13.0120 0x1660  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] C:\Windows\System32\FntCache.dll
21:15:13.0121 0x1660  C:\Windows\System32\FntCache.dll - ok
21:15:13.0122 0x1660  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] C:\Windows\System32\mmcss.dll
21:15:13.0122 0x1660  C:\Windows\System32\mmcss.dll - ok
21:15:13.0123 0x1660  [ 588CD0C78A7FAAE4186B5EEA0AF3ED67, E957E4463D318A44BA5109EE3428624DE901C5FF2BA358986DF6C6F059DDBCC2 ] C:\Windows\System32\adtschema.dll
21:15:13.0123 0x1660  C:\Windows\System32\adtschema.dll - ok
21:15:13.0125 0x1660  [ 227E2C382A1E02F8D4965E664D3BBE43, 1CFF20A8BF87ACE4FA4935EBEED72BFB1A1FE902A754899E2F50798D67DF5642 ] C:\Windows\System32\MMDevAPI.dll
21:15:13.0125 0x1660  C:\Windows\System32\MMDevAPI.dll - ok
21:15:13.0126 0x1660  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] C:\Windows\System32\netprofm.dll
21:15:13.0126 0x1660  C:\Windows\System32\netprofm.dll - ok
21:15:13.0128 0x1660  [ 7FA8FDC2C2A27817FD0F624E78D3B50C, 7B63F6AA2CD6D4D07EA3C595B868B1A0749BB11620027A2BD9B935E3055481E4 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
21:15:13.0128 0x1660  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
21:15:13.0129 0x1660  [ F06BB4E336EA57511FDBAFAFCC47DE62, BE43EC62548E9FF89A9495A1722E22DBB76EEC3764F86E64057B636F27D15765 ] C:\Windows\System32\propsys.dll
21:15:13.0129 0x1660  C:\Windows\System32\propsys.dll - ok
21:15:13.0131 0x1660  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] C:\Windows\System32\wlansvc.dll
21:15:13.0131 0x1660  C:\Windows\System32\wlansvc.dll - ok
21:15:13.0133 0x1660  [ 50544D04AD845C43130B70212EC05CCD, B2E6B558DE7D273512226685FF53ED17C9B4BF81B739FBCA5D3FC82DF8D2BCF7 ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
21:15:13.0133 0x1660  C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
21:15:13.0134 0x1660  [ B1DF2D87DC8BF6072699AC8301B37796, D5A6FD1EDB627324DFA1A0555F1777A3313EF29DDE29982C3CE59DAF1ED0D105 ] C:\Windows\System32\WUDFPlatform.dll
21:15:13.0134 0x1660  C:\Windows\System32\WUDFPlatform.dll - ok
21:15:13.0135 0x1660  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] C:\Windows\System32\MPSSVC.dll
21:15:13.0135 0x1660  C:\Windows\System32\MPSSVC.dll - ok
21:15:13.0137 0x1660  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] C:\Windows\System32\drivers\fltMgr.sys
21:15:13.0137 0x1660  C:\Windows\System32\drivers\fltMgr.sys - ok
21:15:13.0138 0x1660  [ 5B3EBFC3DA142324B388DDCC4465E1FF, 5D58642305311F9BC9B779C9598BFC4E7433B3EA58404BF1FF9466838A2328C7 ] C:\Windows\System32\samlib.dll
21:15:13.0138 0x1660  C:\Windows\System32\samlib.dll - ok
21:15:13.0140 0x1660  [ 4E9C2DB10F7E6AE91BF761139D4B745B, 8F63F78294F5585D599A114AF449DCC447CCB239D0F0B490BFE6B34A2146E730 ] C:\Windows\System32\shacct.dll
21:15:13.0140 0x1660  C:\Windows\System32\shacct.dll - ok
21:15:13.0141 0x1660  [ D29E998E8277666982B4F0303BF4E7AF, 4F19AB5DC173E278EBE45832F6CEAA40E2DF6A2EDDC81B2828122442FE5D376C ] C:\Windows\System32\uxtheme.dll
21:15:13.0141 0x1660  C:\Windows\System32\uxtheme.dll - ok
21:15:13.0142 0x1660  [ A3DB3C17EE6CAE65D53602B4E80BCCBC, D802A7C6161F937DC42A6E45FE1BB2C8272819F92C294C180EBCDF8FF72CBFDC ] C:\Windows\System32\PSHED.DLL
21:15:13.0142 0x1660  C:\Windows\System32\PSHED.DLL - ok
21:15:13.0144 0x1660  [ A9A87481B1A6589898C1DAB37C03E4AB, 803DB46E9FEE4E45B63A13A8CE3E589D7498532B8A7D8C3424E210E6A9AAC61F ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18455_none_2b283fd671e9bf4d\GdiPlus.dll
21:15:13.0144 0x1660  C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18455_none_2b283fd671e9bf4d\GdiPlus.dll - ok
21:15:13.0146 0x1660  [ B0945E538CF906BBDDC5A11C8EE868CC, 5F3459F6512918835F7C9400905EC7C1FAEAA7114E0D28C522040C359E3B93F7 ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
21:15:13.0146 0x1660  C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
21:15:13.0147 0x1660  [ D5CCA1453B98A5801E6D5FF0FF89DC6C, 85F2C2480AAC31B6092187B431A562D79D4CFB1324F925C85055ABAB2483264B ] C:\Windows\System32\audiodg.exe
21:15:13.0147 0x1660  C:\Windows\System32\audiodg.exe - ok
21:15:13.0149 0x1660  [ 1F4492FE41767CDB8B89D17655847CDD, 184547FAC0C3D7148FAA3F601929A7089DE393BD19929A137DAD743331DD3F77 ] C:\Windows\System32\ntmarta.dll
21:15:13.0149 0x1660  C:\Windows\System32\ntmarta.dll - ok
21:15:13.0150 0x1660  [ 58775492FFD419248B08325E583C527F, DBB013971F5894F25C222C2D4D50A29DB6DF3C413792EE9CCC1A9E6D85469093 ] C:\Windows\System32\atl.dll
21:15:13.0150 0x1660  C:\Windows\System32\atl.dll - ok
21:15:13.0152 0x1660  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] C:\Windows\System32\cscsvc.dll
21:15:13.0152 0x1660  C:\Windows\System32\cscsvc.dll - ok
21:15:13.0153 0x1660  [ 3CB6A7286422C72C34DAB54A5DFF1A34, 98D21EFFF511E407336A226420701E82554DA01FA05661303836B6860D63749D ] C:\Windows\System32\dui70.dll
21:15:13.0153 0x1660  C:\Windows\System32\dui70.dll - ok
21:15:13.0154 0x1660  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] C:\Windows\System32\gpsvc.dll
21:15:13.0154 0x1660  C:\Windows\System32\gpsvc.dll - ok
21:15:13.0156 0x1660  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] C:\Windows\System32\es.dll
21:15:13.0156 0x1660  C:\Windows\System32\es.dll - ok
21:15:13.0157 0x1660  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] C:\Windows\System32\themeservice.dll
21:15:13.0157 0x1660  C:\Windows\System32\themeservice.dll - ok
21:15:13.0159 0x1660  [ 1A47D52E303B7543E4E6026595B95422, C577CD3837546A7CED5D2E8E97FA2EDACA133B4A8595770EF96CAE519BFE280F ] C:\Windows\System32\comres.dll
21:15:13.0159 0x1660  C:\Windows\System32\comres.dll - ok
21:15:13.0160 0x1660  [ 8CCDE014A4CDF84564E03ACE064CA753, DD663029B2EB7B12FDB00FCE403D8326141E540E3B9CE84CD5871473D3E2E2CF ] C:\Windows\System32\duser.dll
21:15:13.0160 0x1660  C:\Windows\System32\duser.dll - ok
21:15:13.0161 0x1660  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] C:\Windows\System32\Sens.dll
21:15:13.0161 0x1660  C:\Windows\System32\Sens.dll - ok
21:15:13.0162 0x1660  [ A77BE7CB3222B4FB0AC6C71D1C2698D4, 73566223914BF670DF6B5931FA213E546713531B10391ED65B5256BBD7ABDE7F ] C:\Windows\System32\dsrole.dll
21:15:13.0162 0x1660  C:\Windows\System32\dsrole.dll - ok
21:15:13.0164 0x1660  [ 46BB91A169B9B31FF44EB04C48EC1D41, 8115B533D3A5BE07633FA54FA8847E3DEC00C5BEB193CF2FBE88428D23E2B3D6 ] C:\Windows\System32\nlaapi.dll
21:15:13.0164 0x1660  C:\Windows\System32\nlaapi.dll - ok
21:15:13.0166 0x1660  [ BE097F5BB10F9079FCEB2DC4E7E20F02, 90A88986C8C5F30FB153EC803FEDA6572B2C2630A6C9578FCC017800692694D5 ] C:\Windows\System32\slc.dll
21:15:13.0166 0x1660  C:\Windows\System32\slc.dll - ok
21:15:13.0168 0x1660  [ D7F1EF374A90709B31591823B002F918, 05FD2837C9B03D14BB2A969C1AD77CAEF047D93DC5D0F6C2ACBF0888E8F7B359 ] C:\Windows\System32\SndVolSSO.dll
21:15:13.0168 0x1660  C:\Windows\System32\SndVolSSO.dll - ok
21:15:13.0169 0x1660  [ 896F15A6434D93EDB42519D5E18E6B50, 9263F0CEC58D45EBE3FB9C3061FB9392C55A7933B84B4592E6EE13CFC86D5A50 ] C:\Windows\System32\hid.dll
21:15:13.0169 0x1660  C:\Windows\System32\hid.dll - ok
21:15:13.0170 0x1660  [ 29910D50542B1AA0F162EF3339C61B6D, 018F0922384A5757390652865BB2DF876E9DA08B0858BC619B41D2CD14533ED4 ] C:\Windows\System32\PeerDist.dll
21:15:13.0170 0x1660  C:\Windows\System32\PeerDist.dll - ok
21:15:13.0172 0x1660  [ BAAFAF9CEAEC0B73C2A3550A01F6CECB, 018CB95A43CEA2063EA24691C71D51EF60D522C21502ABA8AD93876363D4B857 ] C:\Windows\System32\taskschd.dll
21:15:13.0172 0x1660  C:\Windows\System32\taskschd.dll - ok
21:15:13.0173 0x1660  [ DA1B7075260F3872585BFCDD668C648B, 3E10EF6E1A5C341B478322CB78A0AB7BFC70AD8023779B8B4542A7CB4CA756AB ] C:\Windows\System32\dwmapi.dll
21:15:13.0173 0x1660  C:\Windows\System32\dwmapi.dll - ok
21:15:13.0175 0x1660  [ 862596399AAFD2A21DB2AF9270CD4F70, 24CAA19EE791FB3440CE742C9064FCE0CB755EF0789D3CE62058A2CFEF0FF6D2 ] C:\Windows\System32\mstask.dll
21:15:13.0175 0x1660  C:\Windows\System32\mstask.dll - ok
21:15:13.0176 0x1660  [ 6F8B48F3D343E4B186AB6A9E302B7E16, 54DB52FC56509E61DF68BD251B3286E6CBE1A91D9BC4D950940A61FE2DA04DF8 ] C:\Windows\System32\xmllite.dll
21:15:13.0176 0x1660  C:\Windows\System32\xmllite.dll - ok
21:15:13.0178 0x1660  [ AFCA5C1ECEAF948FC815178BC077680E, D052C18EF455E1A272332F2E11FD4F36DA071FAB3B81CA312FB75BF8702ED72D ] C:\Windows\System32\WindowsCodecs.dll
21:15:13.0178 0x1660  C:\Windows\System32\WindowsCodecs.dll - ok
21:15:13.0179 0x1660  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] C:\Windows\System32\drivers\lltdio.sys
21:15:13.0179 0x1660  C:\Windows\System32\drivers\lltdio.sys - ok
21:15:13.0181 0x1660  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] C:\Windows\System32\drivers\ndisuio.sys
21:15:13.0181 0x1660  C:\Windows\System32\drivers\ndisuio.sys - ok
21:15:13.0182 0x1660  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] C:\Windows\System32\drivers\nwifi.sys
21:15:13.0182 0x1660  C:\Windows\System32\drivers\nwifi.sys - ok
21:15:13.0184 0x1660  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] C:\Windows\System32\uxsms.dll
21:15:13.0184 0x1660  C:\Windows\System32\uxsms.dll - ok
21:15:13.0185 0x1660  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] C:\Windows\System32\dhcpcore.dll
21:15:13.0185 0x1660  C:\Windows\System32\dhcpcore.dll - ok
21:15:13.0187 0x1660  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] C:\Windows\System32\drivers\rspndr.sys
21:15:13.0187 0x1660  C:\Windows\System32\drivers\rspndr.sys - ok
21:15:13.0188 0x1660  [ 2B81776DA02017A37FE26C662827470E, A656353C50EE08422145D00DB9CFD9F6D3E664753B3C454B171E2A56A8AA94DC ] C:\Windows\System32\IPHLPAPI.DLL
21:15:13.0189 0x1660  C:\Windows\System32\IPHLPAPI.DLL - ok
21:15:13.0190 0x1660  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] C:\Windows\System32\lmhsvc.dll
21:15:13.0190 0x1660  C:\Windows\System32\lmhsvc.dll - ok
21:15:13.0192 0x1660  [ B73A6E4B319AFFE64582AC5C1801BB3F, 274EEA0743DC659180E691654CBB17136E9E9D83B07E302B47EA5B103EA57710 ] C:\Windows\System32\nrpsrv.dll
21:15:13.0192 0x1660  C:\Windows\System32\nrpsrv.dll - ok
21:15:13.0193 0x1660  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] C:\Windows\System32\nsisvc.dll
21:15:13.0193 0x1660  C:\Windows\System32\nsisvc.dll - ok
21:15:13.0195 0x1660  [ 4C9210E8F4E052F6A4EB87716DA0C24C, 460F7990BDADB7D58D6DC95B094D30A2EFDC4CEED444B18A2F36E8D9076FB8B9 ] C:\Windows\System32\winnsi.dll
21:15:13.0195 0x1660  C:\Windows\System32\winnsi.dll - ok
21:15:13.0196 0x1660  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] C:\Windows\System32\dnsrslvr.dll
21:15:13.0196 0x1660  C:\Windows\System32\dnsrslvr.dll - ok
21:15:13.0198 0x1660  [ 87356377F31DA5F20A833811CD59499C, 4FEC1FD3AC4E4E34DCBC0109B248952604F438C84B1604EB9E2359FA721E23C4 ] C:\Windows\System32\eapphost.dll
21:15:13.0198 0x1660  C:\Windows\System32\eapphost.dll - ok
21:15:13.0200 0x1660  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] C:\Windows\System32\eapsvc.dll
21:15:13.0200 0x1660  C:\Windows\System32\eapsvc.dll - ok
21:15:13.0201 0x1660  [ F9EC845C5EECF20E9A67F9F805F2EF1F, C3DBA8CF93DBF50954B1BF6D7EF3F6F5DD1A56DC62B7EB2749C54D9B65D9BB43 ] C:\Windows\System32\keyiso.dll
21:15:13.0201 0x1660  C:\Windows\System32\keyiso.dll - ok
21:15:13.0202 0x1660  [ 3CC16A849E6092E43909F48EF0E60306, 610B576654A69415E4F2FEDB6BA384C77715944E4F89BD2821B311968CA8D810 ] C:\Windows\System32\dhcpcore6.dll
21:15:13.0202 0x1660  C:\Windows\System32\dhcpcore6.dll - ok
21:15:13.0204 0x1660  [ D07EB640618F96490DB88C3CE58DB608, 0C553971259632031E6856A94EEB937D571627FC7CF061CCFC040F4BF0CFF259 ] C:\Windows\System32\FWPUCLNT.DLL
21:15:13.0204 0x1660  C:\Windows\System32\FWPUCLNT.DLL - ok
21:15:13.0205 0x1660  [ 3C06D5A929B798D0B13F6481242A0FD2, CE6127A31AB09E21A912CA16E4BDF663E9D05C254CCF9090A8B5A9A2E055EFF3 ] C:\Windows\System32\dhcpcsvc6.dll
21:15:13.0205 0x1660  C:\Windows\System32\dhcpcsvc6.dll - ok
21:15:13.0207 0x1660  [ 885D0942E0F28DB90919BE3129ECF279, 5A10D90EE656ECE3DCA174D6F924641509819FC20CB6EF46B5E1723E52DE85BE ] C:\Windows\System32\dnsext.dll
21:15:13.0207 0x1660  C:\Windows\System32\dnsext.dll - ok
21:15:13.0208 0x1660  [ 9FCA3A84338ADEF2AFF67CDA46EF8539, 087DF72096852AE98C56990EE6E68835BE95E7E49ECDDE8B54DAC11C9E07FE94 ] C:\Windows\System32\umb.dll
21:15:13.0208 0x1660  C:\Windows\System32\umb.dll - ok
21:15:13.0210 0x1660  [ C2762A57DF0EE85E63CE4893C5215313, DDE22212D78353633CEDE27D7210469DE674563991105563CF64CCCE2D0743BD ] C:\Windows\System32\VaultCredProvider.dll
21:15:13.0210 0x1660  C:\Windows\System32\VaultCredProvider.dll - ok
21:15:13.0212 0x1660  [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D, 19959D18601712901F03B83150D15E34EBCAB355BB4692C9A28511A72F57FC66 ] C:\Windows\System32\winbrand.dll
21:15:13.0212 0x1660  C:\Windows\System32\winbrand.dll - ok
21:15:13.0213 0x1660  [ A648C4A06DE367065B24056D067B4460, 2412487D65A833DDD9AB17D039515CC08DA22D006259EC4B03E42475FAFFD2AD ] C:\Windows\System32\wlanmsm.dll
21:15:13.0213 0x1660  C:\Windows\System32\wlanmsm.dll - ok
21:15:13.0215 0x1660  [ 06A1386B6E3A0CBC368665C1840906F4, C10BCA5092A0B3F9435CE4D65C7449528C89F5C5243B410878D2EBF516DA2FB2 ] C:\Windows\System32\wlansec.dll
21:15:13.0215 0x1660  C:\Windows\System32\wlansec.dll - ok
21:15:13.0216 0x1660  [ F568F7C08458D69E4FCD8675BBB107E4, A5FA25ECF248999A68CCECFBB508BFA1ADD18A23E20A9A9081A87C41CAAA36C0 ] C:\Windows\System32\dhcpcsvc.dll
21:15:13.0216 0x1660  C:\Windows\System32\dhcpcsvc.dll - ok
21:15:13.0218 0x1660  [ 73FCB7919DEE80EE556F2E498594EBAE, D0F7A0AD3BC33263E9C2CF9787DD326436F9E0C9F5031D769F8A43C64C08A762 ] C:\Windows\System32\onex.dll
21:15:13.0218 0x1660  C:\Windows\System32\onex.dll - ok
21:15:13.0219 0x1660  [ 8563BA40DF4F1E93A61B70E2C8B60CF8, E5CAA520CBE61FAF3EAA784A51ED30E0CB2FD78EFD8AE1D5C6B0FE43A1009F39 ] C:\Windows\System32\SmartcardCredentialProvider.dll
21:15:13.0219 0x1660  C:\Windows\System32\SmartcardCredentialProvider.dll - ok
21:15:13.0221 0x1660  [ BF352E73615F5461AA6884472435A544, 4B059E79325C5F08CD6FBBE6352E17ADB64B9608CC9EDB36A2DF4D148060C309 ] C:\Windows\System32\BioCredProv.dll
21:15:13.0221 0x1660  C:\Windows\System32\BioCredProv.dll - ok
21:15:13.0222 0x1660  [ 0D753307D274F3688BD21C377B616700, 5DD08E77A11F2561FB96BA212FDDFE21D4394C69C34C3EB88F7F5CD068EE55BF ] C:\Windows\System32\eappcfg.dll
21:15:13.0222 0x1660  C:\Windows\System32\eappcfg.dll - ok
21:15:13.0224 0x1660  [ 65522E77A1360DBC8D199DA3BF5EFFE4, E9D748070FA478A3D37F15049F998D340885C0DC5FCE03BFCE5D521C9EBA7350 ] C:\Windows\System32\eappprxy.dll
21:15:13.0224 0x1660  C:\Windows\System32\eappprxy.dll - ok
21:15:13.0225 0x1660  [ 97E43F324BE1503CB2FFB058534688DA, 50C781DF38D0D38C9A5420AB1FFF8672DC13FD1ED8E9F5432B4BA3077A7435D5 ] C:\Windows\System32\l2gpstore.dll
21:15:13.0225 0x1660  C:\Windows\System32\l2gpstore.dll - ok
21:15:13.0227 0x1660  [ 730BF204A595D5B6D7DC57A247CC741C, 264C6901F4A49B738BBD04BCA1783DEE892885BADE9085B0AEA40BAE7CC0A218 ] C:\Windows\System32\wlgpclnt.dll
21:15:13.0227 0x1660  C:\Windows\System32\wlgpclnt.dll - ok
21:15:13.0228 0x1660  [ 4403D5ECE7D8323CAF1207D1AA38FA01, BD0B34DCF658D3CB91C1B55E9E730C5F7C571AFC2BFA09270C377B72B6830D48 ] C:\Windows\System32\credui.dll
21:15:13.0228 0x1660  C:\Windows\System32\credui.dll - ok
21:15:13.0229 0x1660  [ 796B8123A7859AFD3A4AE10514DBAEB5, E76F69FAFEC3D66263ED95F3FA9EE309BDDACB287E30583A147DC97F6EEB8844 ] C:\Windows\System32\winbio.dll
21:15:13.0229 0x1660  C:\Windows\System32\winbio.dll - ok
21:15:13.0231 0x1660  [ 7D5645EE0EA77D539828433D9B95F5EB, EEF81E9B2205FC456DB6095AD0AEAB38BB131D3BCD090EA6CD91D5568ACAFB7F ] C:\Windows\System32\WinSCard.dll
21:15:13.0231 0x1660  C:\Windows\System32\WinSCard.dll - ok
21:15:13.0232 0x1660  [ 7F1B4C6FF3B85F9ADF74055187B8A22C, CC95DA5662638AACBE9643DCB236464C2C2095A8D5CDC8A747045870BE9D0E7D ] C:\Windows\System32\wlanutil.dll
21:15:13.0232 0x1660  C:\Windows\System32\wlanutil.dll - ok
21:15:13.0234 0x1660  [ 0E3A7EC2B9590EA7767BBB1823630DEA, 6858B7050465DB8505CF9E932868B123B925376C05363EA5A9198B2AE15CF728 ] C:\Windows\System32\msxml6.dll
21:15:13.0234 0x1660  C:\Windows\System32\msxml6.dll - ok
21:15:13.0235 0x1660  [ EEEA40F0EDB0A6E5359E539E15D0BC77, BFCBF777239C29C6AC4BC5B59591308571647B7C7FDB5571903F7403DD241E8E ] C:\Windows\System32\netapi32.dll
21:15:13.0235 0x1660  C:\Windows\System32\netapi32.dll - ok
21:15:13.0237 0x1660  [ 6CECA4C6A489C9B2E6073AFDAAE3F607, 127506D1DB38275614CBEB047C133718EF9D03266BA9C98BE55EC7847CFC9C3D ] C:\Windows\System32\netutils.dll
21:15:13.0237 0x1660  C:\Windows\System32\netutils.dll - ok
21:15:13.0238 0x1660  [ 44B9C66177651F3F53C87B665D58D17A, 3FC426115FF87570889DB28D71970B82B525D2A4B9A00EDD273BF083B77A05CE ] C:\Windows\System32\vaultcli.dll
21:15:13.0238 0x1660  C:\Windows\System32\vaultcli.dll - ok
21:15:13.0239 0x1660  [ 3C91392D448F6E5D525A85B7550D8BA9, 6FD0DC73DBE7519E2C643554C2A7F8FBE4F9A678C4241BB54B3C6E65D2ABCF3A ] C:\Windows\System32\wkscli.dll
21:15:13.0239 0x1660  C:\Windows\System32\wkscli.dll - ok
21:15:13.0241 0x1660  [ FC51229C7D4AFA0D6F186133728B95AB, 37E58C8E1C8437D1981725A5DCDACA7316CEFBB570370CEFC8D122F523B96AC0 ] C:\Windows\System32\samcli.dll
21:15:13.0241 0x1660  C:\Windows\System32\samcli.dll - ok
21:15:13.0242 0x1660  [ 972C3301DB3DA91AE06A95F6B4160B1B, 678B533A06C306295FE97DC26CE9BAFFC8EAF1FB7405ACB040719099717744D5 ] C:\Windows\System32\certCredProvider.dll
21:15:13.0242 0x1660  C:\Windows\System32\certCredProvider.dll - ok
21:15:13.0244 0x1660  [ 87FA0C48C3B2E9FEE518818FE26B15B5, DA4042DE9897397AEDCEFF9F69746726237305DDE64464309B6DCC45E05E42F4 ] C:\Windows\System32\rasplap.dll
21:15:13.0244 0x1660  C:\Windows\System32\rasplap.dll - ok
21:15:13.0245 0x1660  [ 019CD868461B646E09BDF04474C19341, 01837EFACB02E52BC6E90C90C4CB01B11D56E449A37EA4FC2695507FF85EA9FE ] C:\Windows\System32\rasapi32.dll
21:15:13.0245 0x1660  C:\Windows\System32\rasapi32.dll - ok
21:15:13.0247 0x1660  [ B28DEEC597C8DEB70C744C7CF9210E3E, E777F192D822990CA6301B3FEA2AEA213FA7901438EB3328914ADF02B6C39DB9 ] C:\Windows\System32\rasman.dll
21:15:13.0247 0x1660  C:\Windows\System32\rasman.dll - ok
21:15:13.0248 0x1660  [ B53C4B69B695EDA1B7E41D35CA4244E2, 3D98E9B263CADA576E4057E059AFC867F6E3F1001F3B73C8BCF9066763A45D9D ] C:\Windows\System32\rtutils.dll
21:15:13.0248 0x1660  C:\Windows\System32\rtutils.dll - ok
21:15:13.0249 0x1660  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] C:\Windows\System32\shsvcs.dll
21:15:13.0249 0x1660  C:\Windows\System32\shsvcs.dll - ok
21:15:13.0251 0x1660  [ 9BC8610C32C96A2983A65DC21CAFA921, 2A4195F663C9D55939E3D8FEAA208090FDB0B8801A60164A7325B53104797CBC ] C:\Windows\System32\UXInit.dll
21:15:13.0251 0x1660  C:\Windows\System32\UXInit.dll - ok
21:15:13.0252 0x1660  [ 03706015DB44368375AEBE6339490E66, 02EB28B5156E320C1EBABC03D37E94EB770A721B99E1DD276F8DC2A50D76C381 ] C:\Windows\System32\netcfgx.dll
21:15:13.0252 0x1660  C:\Windows\System32\netcfgx.dll - ok
21:15:13.0254 0x1660  [ A8C30A4422B07B90E02FB133369DF2DE, 83E21E1812795EB38D1DA492DB74DD85B3A7E22D113981FC48A3DA5BD9BB3460 ] C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll
21:15:13.0254 0x1660  C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll - ok
21:15:13.0255 0x1660  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] C:\Windows\System32\schedsvc.dll
21:15:13.0255 0x1660  C:\Windows\System32\schedsvc.dll - ok
21:15:13.0257 0x1660  [ BC414631876B2F28B8DAB08E849C12C5, 5973654AA3E90E6B699B0A43F645B893D95BAA803129B6967D746C8239AB26E3 ] C:\Windows\System32\ktmw32.dll
21:15:13.0257 0x1660  C:\Windows\System32\ktmw32.dll - ok
21:15:13.0258 0x1660  [ 7AA8F91EEB5011A8F1241ACC0283DCEB, E322F76F8385244FA82BD3E76801DDA44FFF142D092A69D1817F3763EB9DBEDE ] C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
21:15:13.0258 0x1660  C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe - ok
21:15:13.0260 0x1660  [ 59D07A2A1558C75FB9B7A2BB8BACF866, 6192058050978E4BE291556BF9FEB5030BCD99C96E4456AE22737B28D0781634 ] C:\Windows\System32\nvsvc64.dll
21:15:13.0260 0x1660  C:\Windows\System32\nvsvc64.dll - ok
21:15:13.0261 0x1660  [ 625FBDF1C3B7FC4F5962B805ADA8DA88, EB6221A7561CF15A26FAFAB4860E2F51ED7DA071A390FB5C6197993D9E8A3819 ] C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll
21:15:13.0261 0x1660  C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll - ok
21:15:13.0262 0x1660  [ 5AA945234E9D4CCE4F715276B9AA712C, 65165BD131056816F009D987FC78AC86FFE0C3C38A27E73F873586B7FF4D59CF ] C:\Windows\System32\imageres.dll
21:15:13.0263 0x1660  C:\Windows\System32\imageres.dll - ok
21:15:13.0264 0x1660  [ 945E54F23C72D37B8CD1987AF0DB63BF, C2B217C94DBCA0A31ED834B9D492B53B25B235DDD02B1D1200E76609D32772EA ] C:\Windows\System32\fveapi.dll
21:15:13.0264 0x1660  C:\Windows\System32\fveapi.dll - ok
21:15:13.0266 0x1660  [ 1834B31C749B86DAC233BBBA1C03BC48, 27FCA9196842C0BB53CCAD895870A0EB10D2F8ED67E5486A4437067BD4BC4448 ] C:\Windows\System32\mscms.dll
21:15:13.0266 0x1660  C:\Windows\System32\mscms.dll - ok
21:15:13.0267 0x1660  [ 891ECFD08E2C538B7948CBC45106D697, 628D0D618FF3A70E9FBE3B2C7206C9365ED2297784A5F10FFA05BD2C56657013 ] C:\Windows\System32\fvecerts.dll
21:15:13.0267 0x1660  C:\Windows\System32\fvecerts.dll - ok
21:15:13.0268 0x1660  [ 694865362F0965779F92BCFE97712323, 825EB75E37AFE9B738869FB5D95020D4F44AD419C2F6C5A658F82A5242FDEF6C ] C:\Windows\System32\tbs.dll
21:15:13.0269 0x1660  C:\Windows\System32\tbs.dll - ok
21:15:13.0270 0x1660  [ EF2AE43BCD46ABB13FC3E5B2B1935C73, 81FC06F306F620845D7DD8D06E706309E70BC89B589C81F3478302A3F5F73431 ] C:\Windows\System32\winmm.dll
21:15:13.0270 0x1660  C:\Windows\System32\winmm.dll - ok
21:15:13.0271 0x1660  [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7, 4BC5A1279885EEFBEB27333AF719622A5FCDD9606697692C1978E434CE264D80 ] C:\Windows\System32\taskcomp.dll
21:15:13.0271 0x1660  C:\Windows\System32\taskcomp.dll - ok
21:15:13.0273 0x1660  [ E424B3EF666B184CEE0B6871AAA8C9F6, D182D9B3A813C75F88CA16A9C236AB6167DF5861D155B5DC016B90918C4BD579 ] C:\Windows\System32\msimg32.dll
21:15:13.0273 0x1660  C:\Windows\System32\msimg32.dll - ok
21:15:13.0274 0x1660  [ 2AB3B6BF054D96592545CB7E2AB60856, B4CC6FBF3E6DFA4367A322DDB4E2CF579D96018A102EA65B6E3292C9FCDAA4BB ] C:\Windows\System32\nvapi64.dll
21:15:13.0274 0x1660  C:\Windows\System32\nvapi64.dll - ok
21:15:13.0276 0x1660  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] C:\Windows\System32\drivers\http.sys
21:15:13.0276 0x1660  C:\Windows\System32\drivers\http.sys - ok
21:15:13.0277 0x1660  [ C07D5582F2107ACAB4564E1DAE977C64, A9AE53F7D23DDC96A05F3B93F547ABD1896233F3D835C6B07AD9E9781788BC32 ] C:\Windows\ehome\ehprivjob.exe
21:15:13.0277 0x1660  C:\Windows\ehome\ehprivjob.exe - ok
21:15:13.0279 0x1660  [ BF95EA5809E3BBF55370F7CB309FEBD0, 62ADBA6E1A7DDDEFA971580161F30896DFFC27EB4EB82E3CC72062D57DA66500 ] C:\Windows\System32\conhost.exe
21:15:13.0279 0x1660  C:\Windows\System32\conhost.exe - ok
21:15:13.0280 0x1660  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] C:\Windows\System32\spoolsv.exe
21:15:13.0280 0x1660  C:\Windows\System32\spoolsv.exe - ok
21:15:13.0282 0x1660  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] C:\Windows\System32\BFE.DLL
21:15:13.0282 0x1660  C:\Windows\System32\BFE.DLL - ok
21:15:13.0283 0x1660  [ DB76DB15EFC6E4D1153A6C5BC895948D, 71DDF02C7EE2DF66A08F1A2A08DA39802C354624880A2BE93A706EA7476422A3 ] C:\Windows\System32\sppc.dll
21:15:13.0283 0x1660  C:\Windows\System32\sppc.dll - ok
21:15:13.0284 0x1660  [ 9E0FF5DDD8B908DA5611445C35D6CD24, 2BA7EDFE35EA4CAE6A920541566F0A8359C223F055183710D549E2EA83166790 ] C:\Windows\System32\slcext.dll
21:15:13.0285 0x1660  C:\Windows\System32\slcext.dll - ok
21:15:13.0286 0x1660  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] C:\Windows\System32\drivers\bowser.sys
21:15:13.0286 0x1660  C:\Windows\System32\drivers\bowser.sys - ok
21:15:13.0287 0x1660  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] C:\Windows\System32\drivers\mpsdrv.sys
21:15:13.0287 0x1660  C:\Windows\System32\drivers\mpsdrv.sys - ok
21:15:13.0289 0x1660  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] C:\Windows\System32\drivers\mrxsmb.sys
21:15:13.0289 0x1660  C:\Windows\System32\drivers\mrxsmb.sys - ok
21:15:13.0290 0x1660  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] C:\Windows\System32\drivers\mrxsmb10.sys
21:15:13.0290 0x1660  C:\Windows\System32\drivers\mrxsmb10.sys - ok
21:15:13.0292 0x1660  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] C:\Windows\System32\drivers\mrxsmb20.sys
21:15:13.0292 0x1660  C:\Windows\System32\drivers\mrxsmb20.sys - ok
21:15:13.0293 0x1660  [ 6F5BE3F67D7F66FFA861ABBFC6A8C973, 0D01568C0ABE1682DE8AFDCB1D5421E1AA9AFBC11714B801FE886455B4F76385 ] C:\Windows\System32\sppcext.dll
21:15:13.0293 0x1660  C:\Windows\System32\sppcext.dll - ok
21:15:13.0295 0x1660  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:15:13.0295 0x1660  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
21:15:13.0296 0x1660  [ C67F8A962B2534224D5908D16D2AD3CE, CAC1821F5E867285638AEE7AE33CE574BCCF16277AC5AD805650B48F7759B4B4 ] C:\Windows\System32\wfapigp.dll
21:15:13.0296 0x1660  C:\Windows\System32\wfapigp.dll - ok
21:15:13.0298 0x1660  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] C:\Windows\System32\wkssvc.dll
21:15:13.0298 0x1660  C:\Windows\System32\wkssvc.dll - ok
21:15:13.0299 0x1660  [ B25B6B588471D8E23607CCAB922CF6C8, 059617ECC7DA8FCFCAC908AB88C465AA1C39588ED16F9DCA5AD1DE1B6B8409E7 ] C:\Program Files\NVIDIA Corporation\Display\nvui.dll
21:15:13.0299 0x1660  C:\Program Files\NVIDIA Corporation\Display\nvui.dll - ok
21:15:13.0301 0x1660  [ 8269210DAF3B12BC8300631B28A2A442, EABEB792C2EA8D4A1A7B13281CF557C194D5667AE0BA2A2D5664908D8269113D ] C:\Windows\System32\wiarpc.dll
21:15:13.0301 0x1660  C:\Windows\System32\wiarpc.dll - ok
21:15:13.0302 0x1660  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] C:\Windows\System32\pcasvc.dll
21:15:13.0302 0x1660  C:\Windows\System32\pcasvc.dll - ok
21:15:13.0304 0x1660  [ 386BF6FD9FC562B1A5558C49E1C3A6FB, 6ED5A61C911845027D0A67B2473603D87E79DB88F0C0C699CBB2D1639C1DFDA5 ] C:\Windows\SysWOW64\shell32.dll
21:15:13.0304 0x1660  C:\Windows\SysWOW64\shell32.dll - ok
21:15:13.0305 0x1660  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] C:\Windows\System32\snmptrap.exe
21:15:13.0305 0x1660  C:\Windows\System32\snmptrap.exe - ok
21:15:13.0307 0x1660  [ 4004299B7AF4CBFF6540F1798899A11F, 5DD3AE149B7228A769F2FE95355795AC98ACD8CDFB78954A423A357F717203C3 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
21:15:13.0307 0x1660  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
21:15:13.0308 0x1660  [ 58F4493BF748A3A89689997B7BD00E95, EC5DEEC73E357C7C87B001275C4E635011A9CF39419F2B86E2C2B8D7E388C551 ] C:\Windows\System32\winhttp.dll
21:15:13.0308 0x1660  C:\Windows\System32\winhttp.dll - ok
21:15:13.0310 0x1660  [ 2147C5330F983D76A36B73F4A804F778, 4B201E86B701FEA4754139BB3873DEB132932732F1B8EEEAE7C9DB891CC64D2E ] C:\Windows\System32\RdpGroupPolicyExtension.dll
21:15:13.0310 0x1660  C:\Windows\System32\RdpGroupPolicyExtension.dll - ok
21:15:13.0311 0x1660  [ 91A8E32B00BF7899EDAB6783287DDDA6, 49451722317AB42B3DE407EFCB9CC560C1455217AC3E2F11F74D08C1708473C5 ] C:\Windows\System32\PeerDistSh.dll
21:15:13.0311 0x1660  C:\Windows\System32\PeerDistSh.dll - ok
21:15:13.0312 0x1660  [ 603EBD34E216C5654A2D774EAC98D278, ACE0171BB780DB2C1B1A8BF6FA8CF51C529D7E09141FA504C7199AF764FD9A36 ] C:\Windows\System32\webio.dll
21:15:13.0312 0x1660  C:\Windows\System32\webio.dll - ok
21:15:13.0314 0x1660  [ 3BDCBB29D727C49DC3E3256253467281, 60E2505E662967064BFAC71568508212993D518E48A6477831DFA34863714B93 ] C:\Windows\System32\wmdrmsdk.dll
21:15:13.0314 0x1660  C:\Windows\System32\wmdrmsdk.dll - ok
21:15:13.0316 0x1660  [ 54B5DCD55B223BC5DF50B82E1E9E86B1, 025294DD69A421FE4EACAA463F8CB797610D8F3A7A3C61656AE83D0CEE07A9BF ] C:\Windows\System32\mfplat.dll
21:15:13.0316 0x1660  C:\Windows\System32\mfplat.dll - ok
21:15:13.0317 0x1660  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] C:\Windows\System32\sstpsvc.dll
21:15:13.0317 0x1660  C:\Windows\System32\sstpsvc.dll - ok
21:15:13.0318 0x1660  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] C:\Windows\System32\provsvc.dll
21:15:13.0318 0x1660  C:\Windows\System32\provsvc.dll - ok
21:15:13.0320 0x1660  [ 9028D1621C43DF8DFBD1C76860412A11, A1D48D9B33180BDE50D2FA9BB07E9520B7B7788C39B3AABB4A06AE4B1AACA755 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll
21:15:13.0320 0x1660  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll - ok
21:15:13.0322 0x1660  [ 0015ACFBBDD164A8A730009908868CA7, E1FF243AD2CF959FAB81EFE701592414991C03416FF296ADC93906E76B707C4D ] C:\Windows\System32\winspool.drv
21:15:13.0322 0x1660  C:\Windows\System32\winspool.drv - ok
21:15:13.0323 0x1660  [ CF636C92B762B26F0B39B38E92380A09, F7B8B0EA4536CE3BA33EE1BD0783F6AAD8C0EF69714E874D4A30B720A04C7A18 ] C:\Windows\System32\oleacc.dll
21:15:13.0323 0x1660  C:\Windows\System32\oleacc.dll - ok
21:15:13.0324 0x1660  [ 2522FE10F4059F9F3373B18DA900168B, 5494AFD3421E35D3CA416FF5813036A00A98957469934522CCF579A5ECDFC6D2 ] C:\Windows\System32\nvumdshimx.dll
21:15:13.0324 0x1660  C:\Windows\System32\nvumdshimx.dll - ok
21:15:13.0326 0x1660  [ EB22CA88194FE5EE6ADFBFCA19277727, EB0246DD26B2DE1681EE9045FB52D52FFC78F9D1128C769F3F9056CD7E991EDB ] C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll
21:15:13.0326 0x1660  C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll - ok
21:15:13.0327 0x1660  [ 8CC3C111D653E96F3EA1590891491D71, 1D326D7D116D76876EE2B14A5BFB7B4328E21DB9B5AAAB9CB67F8EFB93924230 ] C:\Windows\SysWOW64\shlwapi.dll
21:15:13.0327 0x1660  C:\Windows\SysWOW64\shlwapi.dll - ok
21:15:13.0329 0x1660  [ CDBE9690CF2B8409FACAD94FAC9479C9, 8E7FE1A1F3550C479FFD86A77BC9D10686D47F8727025BB891D8F4F0259354C8 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
21:15:13.0329 0x1660  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
21:15:13.0331 0x1660  [ B6E2D865C5936A4FEE68F11E97DF6B82, 02807C38BF6DF72BF49636371BA9CDBC1C531C239DF26930F320ABD937AA1B9D ] C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
21:15:13.0331 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe - ok
21:15:13.0333 0x1660  [ EF99E7ED371264C31A4301438556432A, 03E9138642C695C809338D913F70CDE940AE90C752DF85F5A1B125911014670C ] C:\Program Files (x86)\AVG\AVG2014\avgsysx.dll
21:15:13.0333 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgsysx.dll - ok
21:15:13.0334 0x1660  [ 4D842C5081F06E61BFF461CF87D13525, DAEAAC69D12DCC86891E88B22D130900F2AD4AA8D3CABA6F6059C38D4BF03498 ] C:\Windows\ehome\ehtrace.dll
21:15:13.0334 0x1660  C:\Windows\ehome\ehtrace.dll - ok
21:15:13.0335 0x1660  [ 3E29914113EC4B968BA5EB1F6D194A0A, C8D5572CA8D7624871188F0ACABC3AE60D4C5A4F6782D952B9038DE3BC28B39A ] C:\Windows\SysWOW64\msvcp110.dll
21:15:13.0335 0x1660  C:\Windows\SysWOW64\msvcp110.dll - ok
21:15:13.0337 0x1660  [ 4BA25D2CBE1587A841DCFB8C8C4A6EA6, B30160E759115E24425B9BCDF606EF6EBCE4657487525EDE7F1AC40B90FF7E49 ] C:\Windows\SysWOW64\msvcr110.dll
21:15:13.0337 0x1660  C:\Windows\SysWOW64\msvcr110.dll - ok
21:15:13.0338 0x1660  [ 7FF15A4F092CD4A96055BA69F903E3E9, 1B594E6D057C632ABB3A8CF838157369024BD6B9F515CA8E774B22FE71A11627 ] C:\Windows\SysWOW64\ws2_32.dll
21:15:13.0338 0x1660  C:\Windows\SysWOW64\ws2_32.dll - ok
21:15:13.0340 0x1660  [ D72E6C9A6A5E47F8EA5D1697AFCB5AAD, 6A0D1FB5A07734CBEBE00FC5BBBC3B0C9CD7FF231FCF46D10D0CF090C774C1D3 ] C:\Program Files (x86)\AVG\AVG2014\avgntopensslx.dll
21:15:13.0340 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgntopensslx.dll - ok
21:15:13.0341 0x1660  [ 6377051C63D5552A311935C67E9FDFDC, 3FB82988AAB66813567E8DB951D4EE87F156201070F005FDBF52EF998A323E65 ] C:\Windows\SysWOW64\nsi.dll
21:15:13.0341 0x1660  C:\Windows\SysWOW64\nsi.dll - ok
21:15:13.0343 0x1660  [ D937F2C7189D374F921BF5FE26A018F8, C43ED02C1995C22D7C4F8CFB01E68FA3B3D5C972299C89ADE95C5C063801DBCA ] C:\Program Files (x86)\AVG\AVG2014\avgcmlx.dll
21:15:13.0343 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgcmlx.dll - ok
21:15:13.0344 0x1660  [ 80DA4BF4827EF272BAC350B7F6AEDF23, CD7278FE7BF2CA2E5C80E0257E30D72ACB8AF879483769CE48300F56DF235932 ] C:\Program Files (x86)\AVG\AVG2014\avglogx.dll
21:15:13.0344 0x1660  C:\Program Files (x86)\AVG\AVG2014\avglogx.dll - ok
21:15:13.0346 0x1660  [ D7CBEEA4500BFDC63E99B06A1C512BE8, F8408E339AD022DD78D6C856A330F5A40CAF21F3B0C69FA352D66E3B8E75AA0F ] C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
21:15:13.0346 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe - ok
21:15:13.0347 0x1660  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] C:\Windows\System32\cryptsvc.dll
21:15:13.0347 0x1660  C:\Windows\System32\cryptsvc.dll - ok
21:15:13.0349 0x1660  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] C:\Windows\System32\dps.dll
21:15:13.0349 0x1660  C:\Windows\System32\dps.dll - ok
21:15:13.0350 0x1660  [ D315FF43E23DF424ECEC2F6C930203E4, 68940EDA34DC4945CDD0D8018D96A0DA8F99F16A930946D14E4FECEE033FCB80 ] C:\Windows\System32\escsvc64.exe
21:15:13.0350 0x1660  C:\Windows\System32\escsvc64.exe - ok
21:15:13.0352 0x1660  [ 86032A47AD0105130FE7808C903E2086, ACCCA35483B7E8F9FC72A65031E024C469DF94FCCF2C5CC37C9B3BED4F1C676E ] C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
21:15:13.0352 0x1660  C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE - ok
21:15:13.0354 0x1660  [ 645EEE21B41D13E6C07DE7918B6437E8, 699795589255D04BDE79486C92327A0A5B609B1B6E6F36EA2A2B3A2983793D04 ] C:\Program Files (x86)\AVG\AVG2014\avgcommx.dll
21:15:13.0354 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgcommx.dll - ok
21:15:13.0355 0x1660  [ B9F719B572D8D440DD8B5401C35B3B6F, 5AFC7F272ACEE118AF26FAD3E3800C56FF423050BD3FD3DA8D6BA8BFE5CB8E74 ] C:\Windows\System32\drivers\idmwfp.sys
21:15:13.0355 0x1660  C:\Windows\System32\drivers\idmwfp.sys - ok
21:15:13.0357 0x1660  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] C:\Windows\System32\FDResPub.dll
21:15:13.0357 0x1660  C:\Windows\System32\FDResPub.dll - ok
21:15:13.0358 0x1660  [ D222579C912E5871100838F5A4FCCA77, 0246BB799425BA548EB5DCC006E9D87732EFC84DD2FD4E01F5E2F3D85E891582 ] C:\Windows\System32\RpcNs4.dll
21:15:13.0358 0x1660  C:\Windows\System32\RpcNs4.dll - ok
21:15:13.0359 0x1660  [ F1B205F932F62F94506A5F332C895DAF, F02F01F20F655DD919C71AE814E4C3DD43330AAD1425FC5B1497F1613917CCDE ] C:\Windows\System32\WSDApi.dll
21:15:13.0359 0x1660  C:\Windows\System32\WSDApi.dll - ok
21:15:13.0361 0x1660  [ A6B726DCA228F7878E38368A1BDC68BE, 30E8300B09B876E3D4B2A9215C9CC070EADF915E1268F425B6F8E0596A0D3539 ] C:\Windows\System32\cryptnet.dll
21:15:13.0361 0x1660  C:\Windows\System32\cryptnet.dll - ok
21:15:13.0362 0x1660  [ 6FE849574A432A37EFB17483F7A5A2DF, A57865225303798B4E9939C12CD9D98482F1CABD4AFA7354A454E08EE81652EA ] C:\Program Files (x86)\AVG\AVG2014\avgdetallocatorx.dll
21:15:13.0362 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgdetallocatorx.dll - ok
21:15:13.0364 0x1660  [ C55516D98DD5D8F0153C2A9B4227DA86, DBC62B776CF06D0873A4C7CFCDF5B6F5C6E6C41917C326C090BCE58DC66EE09C ] C:\Windows\System32\webservices.dll
21:15:13.0364 0x1660  C:\Windows\System32\webservices.dll - ok
21:15:13.0365 0x1660  [ 6CEF7856A3EFAC59470F6208F0F585CE, 0F7A80DB821FDE6580E9481B6DA44844F717DDB4983B0E3D562BE43726153951 ] C:\Windows\System32\mpr.dll
21:15:13.0365 0x1660  C:\Windows\System32\mpr.dll - ok
21:15:13.0367 0x1660  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] C:\Windows\System32\nlasvc.dll
21:15:13.0367 0x1660  C:\Windows\System32\nlasvc.dll - ok
21:15:13.0368 0x1660  [ 16A14C0586817C2DFDC9D8004507CB17, 57B0FA0917EE62D2DC606DAE4C58BA24D6173E14B29104F7496E27F64A40CC3B ] C:\Program Files (x86)\AVG\AVG2014\avgclitx.dll
21:15:13.0368 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgclitx.dll - ok
21:15:13.0370 0x1660  [ D4FAC263861BAE06971C7F7D0A8EBF15, D494DEF0024288B9CC56EC6B500FF5828144BE9B8E7033340509EC5E68F8DED0 ] C:\Windows\System32\ncsi.dll
21:15:13.0370 0x1660  C:\Windows\System32\ncsi.dll - ok
21:15:13.0371 0x1660  [ 392FAB5D91BFF25592DD3D41705EC843, C2B122DB4B241E52CC9A56E85550C9A88159052E834F58633D53BD1A8FAB7778 ] C:\Program Files (x86)\AVG\AVG2014\avgcertx.dll
21:15:13.0371 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgcertx.dll - ok
21:15:13.0373 0x1660  [ B5055B51BAA0FD0A736A88653DA3C1C0, A3BD057C7E8C926930BA7E9D11427D26FB37267026A0B72AB4021101EE424F74 ] C:\Windows\System32\fundisc.dll
21:15:13.0373 0x1660  C:\Windows\System32\fundisc.dll - ok
21:15:13.0374 0x1660  [ 0E2F58F6E698EDCB9E58FAD0CBCD0567, 426FB40A065FEF61980C803EF72D0D326C623340C3AE99CA8AFFDEFB81E8D49D ] C:\Windows\System32\vssapi.dll
21:15:13.0374 0x1660  C:\Windows\System32\vssapi.dll - ok
21:15:13.0376 0x1660  [ E2F07E7D1FC3AC7B2A97192A626D3000, 6A1C253E517EB624546E9BAA897AB416AD61000ED3A62C857DB0323FC74FC75B ] C:\Program Files (x86)\AVG\AVG2014\avgchclx.dll
21:15:13.0376 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgchclx.dll - ok
21:15:13.0377 0x1660  [ 1617231D37C071FB3F63E3F35D4A52FD, C0A061214ABEECDC5590E7695FC2443D6055E17936E559656D927D481868788E ] C:\Program Files (x86)\AVG\AVG2014\avgcfgx.dll
21:15:13.0377 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgcfgx.dll - ok
21:15:13.0378 0x1660  [ A8EDB86FC2A4D6D1285E4C70384AC35A, 61B8955CE0A2AA9D0719920B30216717B349B6FBE11C697C31CFA84F859CC1AE ] C:\Windows\System32\dllhost.exe
21:15:13.0378 0x1660  C:\Windows\System32\dllhost.exe - ok
21:15:13.0380 0x1660  [ CA4B9477C5E17C094EBDF4E273CA3657, AABD2AFF47CFEA9B4FB814928FA3A6446469E9F69FFE26E772676DE97B9A4DB3 ] C:\Program Files (x86)\AVG\AVG2014\avgwd.dll
21:15:13.0380 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgwd.dll - ok
21:15:13.0381 0x1660  [ BCEA9AB347E53BC03B2E36BE0B8BA0EF, 868DEFB78767E91694E83F931725257DF3FF79A4BFED3B914D27F3493EB7A8D0 ] C:\Windows\System32\httpapi.dll
21:15:13.0382 0x1660  C:\Windows\System32\httpapi.dll - ok
21:15:13.0383 0x1660  [ C808A5341036B020163BD361F126F0D0, 9B7F02849F8671F4F1AAB67C2861D1A57DE02F49037DBF657C43A7D8DB32E8C2 ] C:\Program Files (x86)\AVG\AVG2014\avgcorex.dll
21:15:13.0383 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgcorex.dll - ok
21:15:13.0385 0x1660  [ A9AFE5B0648C8D7A411A72D8222F7F6E, A58AF8C615D97C769DA778D56F7E6999AAEB577C82C65455D3B2A8ED5B742777 ] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
21:15:13.0385 0x1660  C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe - ok
21:15:13.0386 0x1660  [ A0A2C1D812C231C9BFE119FDC68E341B, F94446594EE17505956A715DFB28B51D09F00A7A65E56950661B889A57DE8FA8 ] C:\Windows\System32\IDStore.dll
21:15:13.0386 0x1660  C:\Windows\System32\IDStore.dll - ok
21:15:13.0388 0x1660  [ 287923557447D7E4BDD7E65B1F0F5428, 14D85A0F036F28D77AA9723C3D7E8C4DA9BDFF8A1AD9BEA6FE5756DBF5D00F08 ] C:\Windows\System32\vsstrace.dll
21:15:13.0388 0x1660  C:\Windows\System32\vsstrace.dll - ok
21:15:13.0389 0x1660  [ 2BBF3FDB70B8965DFA0258CBAB41ECCE, 4EFA41765E46E90C6CBDB0DC1E0CD375D7AB3307C477171EBAA6A16AC32E5211 ] C:\Windows\System32\ssdpapi.dll
21:15:13.0389 0x1660  C:\Windows\System32\ssdpapi.dll - ok
21:15:13.0391 0x1660  [ B10E298D226D01FACDD0460D60E5AD3D, EAFE465C55FB2E2F57DB6728DD26F3D375B0C7BB53E98024C3C317A40AD64E67 ] C:\Program Files (x86)\AVG\AVG2014\avgpsicx.dll
21:15:13.0391 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgpsicx.dll - ok
21:15:13.0392 0x1660  [ 863F793D15B4026B1A5FDECA873D4D84, AF7ABD95BB5467551562F129F03C7AC9D52A021F7E547609F40A80E66932C942 ] C:\Windows\SysWOW64\apphelp.dll
21:15:13.0392 0x1660  C:\Windows\SysWOW64\apphelp.dll - ok
21:15:13.0393 0x1660  [ A90DC9ABD65DB1A8902F361103029952, 26798758976CE53251AC342B966BE0363AE1794BD965C452F5DEBC33E18969F0 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
21:15:13.0394 0x1660  C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
21:15:13.0395 0x1660  [ CFF35B879D1618D42C86644C717BA947, 1837275202628D3320867A3BF8CFDA15491730C4B74215F7C0D7E140BF01AC3C ] C:\Windows\SysWOW64\winnsi.dll
21:15:13.0395 0x1660  C:\Windows\SysWOW64\winnsi.dll - ok
21:15:13.0396 0x1660  [ 57EE9EAF54D6E18398418D553D033C9E, 2AE046F9C44B5E41F3E8CA8953C883D69606F373EA5E6EA8B18EFB5AF6E21C65 ] C:\Program Files (x86)\AVG\AVG2014\avgsecapix.dll
21:15:13.0396 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgsecapix.dll - ok
21:15:13.0398 0x1660  [ DD502A2E7B85EA7A3814C1034E6C23D3, 551D6C28DA6116DC65111BFA21E23BA8AE77193BEAF3DF505C343E6DC3CD5304 ] C:\Windows\AppPatch\AcGenral.dll
21:15:13.0398 0x1660  C:\Windows\AppPatch\AcGenral.dll - ok
21:15:13.0400 0x1660  [ 3101B56ABF00582C2EBE2EB3165A4146, DA9F7BE0F1B89FF1981513D78602B8896649B65D6FD23CE18436A2BB5BF9BC86 ] C:\Program Files (x86)\AVG\AVG2014\avgntsqlitex.dll
21:15:13.0400 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgntsqlitex.dll - ok
21:15:13.0401 0x1660  [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9, E18D66455D00A6D2A2D7CC0833C233FE8A6DD910B59D6B5B5F82EF91450858DF ] C:\Windows\SysWOW64\sfc.dll
21:15:13.0401 0x1660  C:\Windows\SysWOW64\sfc.dll - ok
21:15:13.0403 0x1660  [ 84799328D87B3091A3BDD251E1AD31F9, F85521215924388830DBB13580688DB70B46AF4C7D82D549D09086438F8D237B ] C:\Windows\SysWOW64\sfc_os.dll
21:15:13.0403 0x1660  C:\Windows\SysWOW64\sfc_os.dll - ok
21:15:13.0404 0x1660  [ 3AD7DD63B784BA831C142D466AA0658F, C20EEE8C9649A8CF85510F55D99566B952302BCDA4E57023F9D767EC696210B0 ] C:\Program Files (x86)\AVG\AVG2014\avgnetclix.dll
21:15:13.0404 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgnetclix.dll - ok
21:15:13.0406 0x1660  [ D090F8B8F2E67F07F4AEF1C9A3C110CA, CD66B0D8F055C41B9FA128648B233F7B9781A6D1094E1D9D9FC9F7FE4930F0D1 ] C:\Program Files (x86)\AVG\AVG2014\avgopensslx.dll
21:15:13.0406 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgopensslx.dll - ok
21:15:13.0407 0x1660  [ B094390B6B2D0456821384771020870B, 137FEDD0EFBF1CEDA4930D8CE0A012A250CFF4020931846646090BB2C99EE7CE ] C:\Windows\SysWOW64\secur32.dll
21:15:13.0407 0x1660  C:\Windows\SysWOW64\secur32.dll - ok
21:15:13.0409 0x1660  [ 43964FA89CCF97BA6BE34D69455AC65F, 10E3B89A5470E1BB6F73382135DD2352F5073C1EE8485D7476CFB5122D4AAA2F ] C:\Windows\SysWOW64\uxtheme.dll
21:15:13.0409 0x1660  C:\Windows\SysWOW64\uxtheme.dll - ok
21:15:13.0410 0x1660  [ 68ECCA523ED760AAFC03C5D587569859, CDD734279C8F9F24EA2538BAD8E91EB8C3DD74C33032DB6B2D85C19576B42707 ] C:\Windows\SysWOW64\samcli.dll
21:15:13.0410 0x1660  C:\Windows\SysWOW64\samcli.dll - ok
21:15:13.0411 0x1660  [ D5AEFAD57C08349A4393D987DF7C715D, C36A45BC2448DF30CD17BD2F8A17FC196FAFB685612CACCEB22DC7B58515C201 ] C:\Windows\SysWOW64\winmm.dll
21:15:13.0411 0x1660  C:\Windows\SysWOW64\winmm.dll - ok
21:15:13.0412 0x1660  [ 39C5F32747B3414D1BB216FDB1DEFC58, 6FAE64CB9748304090113903A5AE9E7154BE16BA2EEA7AB3EF04AB9D79B81380 ] C:\Windows\SysWOW64\dwmapi.dll
21:15:13.0412 0x1660  C:\Windows\SysWOW64\dwmapi.dll - ok
21:15:13.0414 0x1660  [ 85683DF1F917E4D7F6BE1A04986BF1C8, D68D9F525D31C1843B6EC8FA950166FA1F34DB71222716E7B22DD33981C152B6 ] C:\Windows\SysWOW64\msacm32.dll
21:15:13.0414 0x1660  C:\Windows\SysWOW64\msacm32.dll - ok
21:15:13.0416 0x1660  [ C733D233B623B7FFCE5031E4B756EE26, 33CC8B140B0E4A9B702E3468BE2646AEE4273F20C6EA5BAC6C3D8FC8EDEF0881 ] C:\Windows\SysWOW64\profapi.dll
21:15:13.0416 0x1660  C:\Windows\SysWOW64\profapi.dll - ok
21:15:13.0417 0x1660  [ 41010A88B70A2168F801DC19EBD4CB4F, FDA04D1CCACB83F070166B968B0CE0C7A72B5ADEA975D72D1B5C0E10385716C1 ] C:\Windows\SysWOW64\urlmon.dll
21:15:13.0417 0x1660  C:\Windows\SysWOW64\urlmon.dll - ok
21:15:13.0418 0x1660  [ D15618A0FF8DBC2C5BF3726BACC75A0B, ADD81EA1D208907D67802F0E96EC0327BA89021F870BA22B9C7E3A19013A6AE7 ] C:\Windows\SysWOW64\userenv.dll
21:15:13.0418 0x1660  C:\Windows\SysWOW64\userenv.dll - ok
21:15:13.0420 0x1660  [ 6A13B4F3B3F575F1E24B877B9359AABA, 676AD5F8F709D4A9DCE9938D82DEEE329C9A385A6969C169B3DF37AA75F1E4C7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
21:15:13.0420 0x1660  C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
21:15:13.0422 0x1660  [ 2E33DFD10F28F86C3FC40EE123CC3904, 57C65671A04EFCA437A69E8E97B2FCA17897EE4608C7DB69F77D44FBD3490B50 ] C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
21:15:13.0422 0x1660  C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
21:15:13.0423 0x1660  [ 1C60E09CA1C3A045BC4D367F67C915B7, DF1ED88CB57DA1AB1A4245AE0D5B42AFA3396EBF67B99411FFFB0DD06DE1AEAF ] C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
21:15:13.0423 0x1660  C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
21:15:13.0425 0x1660  [ 6951562DC4625EEFC6EACD52AD165866, 44A0B3EA0232D613A5B4115492DF2A7CEF25B35300E6A3E3E50C9544C5D1049E ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
21:15:13.0425 0x1660  C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
21:15:13.0426 0x1660  [ 589CBC4989F750E1DA35625AB481CF43, B93E1B8C3775F9C995FD5451C685A06DEFD24AE1DF0DD99D19D5E4B9AC0010F9 ] C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
21:15:13.0426 0x1660  C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll - ok
21:15:13.0428 0x1660  [ 3BE0D923AA45A4DBE091C2D84F0B4FE7, 603EEC55D6F646150FC3F0F2C939CFE434C02FC7A7AB23B1FEC8B5C77E4C8381 ] C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
21:15:13.0428 0x1660  C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll - ok
21:15:13.0430 0x1660  [ FD96C05DE700F5FD26273D6DDB6495A7, FED30D3045FA829491BB8FCAE842F6B6034288B679B1A515600A019A821AF916 ] C:\Windows\SysWOW64\iertutil.dll
21:15:13.0430 0x1660  C:\Windows\SysWOW64\iertutil.dll - ok
21:15:13.0431 0x1660  [ D58988722C72D265B51A54103DFC2C6F, AC951AFB047FCA763D9B37DB9FF0D00B6AA67DAA9E2086AD3226BACCF6B910CE ] C:\Windows\SysWOW64\wininet.dll
21:15:13.0431 0x1660  C:\Windows\SysWOW64\wininet.dll - ok
21:15:13.0433 0x1660  [ B9A8CBCFCD3EC9D2EA4740AF347BF108, 97FA304E3880BC863D999F441AE47CB8ADF00D2DEC2A52ACD8FBD02CC096786A ] C:\Windows\SysWOW64\mpr.dll
21:15:13.0433 0x1660  C:\Windows\SysWOW64\mpr.dll - ok
21:15:13.0434 0x1660  [ 1727B2A2F379A32B864C096FA794AADC, 87B77A5DF95F3A1C5ED6DEF820C7E384BEFCBAA2FE1BB4781AC6F777A081E5CC ] C:\Windows\System32\aepic.dll
21:15:13.0434 0x1660  C:\Windows\System32\aepic.dll - ok
21:15:13.0436 0x1660  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] C:\Windows\System32\drivers\PEAuth.sys
21:15:13.0436 0x1660  C:\Windows\System32\drivers\PEAuth.sys - ok
21:15:13.0437 0x1660  [ C6DCD1D11ED6827F05C00773C3E7053C, EA23BE261C9C04F44215D254D7A80FD0AEE84C6F192D0FEE49A7CF74ED3CB1A6 ] C:\Windows\System32\sfc.dll
21:15:13.0437 0x1660  C:\Windows\System32\sfc.dll - ok
21:15:13.0438 0x1660  [ 895C9AB0A855547445C4181195230757, 89BDA385D8CCB75C3D7B1BDFA567AC441A931F4E499C0835FEE9D010343FABB6 ] C:\Windows\System32\sfc_os.dll
21:15:13.0438 0x1660  C:\Windows\System32\sfc_os.dll - ok
21:15:13.0440 0x1660  [ E94C583CDE2348950155F2AF2876F34D, D00C7E0D665E467B712C68A446CC5BE14FDA743A2301878B3CEB72CDD0A8B8E7 ] C:\Windows\SysWOW64\mswsock.dll
21:15:13.0440 0x1660  C:\Windows\SysWOW64\mswsock.dll - ok
21:15:13.0441 0x1660  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] C:\Windows\System32\drivers\secdrv.sys
21:15:13.0441 0x1660  C:\Windows\System32\drivers\secdrv.sys - ok
21:15:13.0443 0x1660  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] C:\Windows\System32\drivers\srvnet.sys
21:15:13.0443 0x1660  C:\Windows\System32\drivers\srvnet.sys - ok
21:15:13.0444 0x1660  [ B40420876B9288E0A1C8CCA8A84E5DC9, 0D3C73B45BC708D7B1E26DFB6D4F64031A998548FEA0FB5CE198ED716F7DC9A0 ] C:\Windows\SysWOW64\dnsapi.dll
21:15:13.0444 0x1660  C:\Windows\SysWOW64\dnsapi.dll - ok
21:15:13.0446 0x1660  [ 0B7E85364CB878E2AD531DB7B601A9E5, F5AD3018427F1CD68450EE5CB55AA9572546322580E0FB1E7888702A291C2380 ] C:\Windows\SysWOW64\NapiNSP.dll
21:15:13.0446 0x1660  C:\Windows\SysWOW64\NapiNSP.dll - ok
21:15:13.0447 0x1660  [ 0BA65122FFA7E37564EE86422DBF7AE8, 3A37FC503D3228D021473AECA285427382518CC36C197E4C9912745BDF3AB757 ] C:\Windows\SysWOW64\nlaapi.dll
21:15:13.0447 0x1660  C:\Windows\SysWOW64\nlaapi.dll - ok
21:15:13.0449 0x1660  [ 5CF640EDDB1E40A5AB1BB743BCDEC610, 0313AA3F713C9F5B84DBB0B4DE78A96B173E9F7B4CF61C10FDC7DAE952DB04E5 ] C:\Windows\SysWOW64\pnrpnsp.dll
21:15:13.0449 0x1660  C:\Windows\SysWOW64\pnrpnsp.dll - ok
21:15:13.0450 0x1660  [ EE5C8E27C37B79CB54A2FCEEED2DC262, 0A5E200FD65A491756B951A4A0ED39B88B7B313E97C2BBF3C91AC4C290772BB7 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
21:15:13.0450 0x1660  C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
21:15:13.0452 0x1660  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] C:\Windows\System32\drivers\tcpipreg.sys
21:15:13.0452 0x1660  C:\Windows\System32\drivers\tcpipreg.sys - ok
21:15:13.0453 0x1660  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] C:\Windows\System32\sysmain.dll
21:15:13.0453 0x1660  C:\Windows\System32\sysmain.dll - ok
21:15:13.0455 0x1660  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] C:\Windows\System32\wiaservc.dll
21:15:13.0455 0x1660  C:\Windows\System32\wiaservc.dll - ok
21:15:13.0456 0x1660  [ F0D0E883EBBDC7615DC9EDEA0FFB2817, 58F1395445018CB16ED4D3710443FB5B0E087043F6A69F7B10D72D0455958954 ] C:\Windows\SysWOW64\FWPUCLNT.DLL
21:15:13.0456 0x1660  C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
21:15:13.0458 0x1660  [ 5DF5D8CFD9B9573FA3B2C89D9061A240, 990EA273B640DF2D7E800C0CFF18550259C605A4951CD82CD9F1E7B6FF0C9533 ] C:\Windows\SysWOW64\winrnr.dll
21:15:13.0458 0x1660  C:\Windows\SysWOW64\winrnr.dll - ok
21:15:13.0459 0x1660  [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5, BDA403E6CACC249C467671FB1FAF7B77FB019326BC18F9F6CF377104520E2654 ] C:\Windows\System32\wiatrace.dll
21:15:13.0459 0x1660  C:\Windows\System32\wiatrace.dll - ok
21:15:13.0461 0x1660  [ ED6EE83D61EBC683C2CD8E899EA6FEBE, F82592908D038C44D9F2E5C5B7BC663A2D370FC565F40420E1138A9E55F0E7EB ] C:\Windows\SysWOW64\rasadhlp.dll
21:15:13.0461 0x1660  C:\Windows\SysWOW64\rasadhlp.dll - ok
21:15:13.0462 0x1660  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] C:\Windows\System32\drivers\srv2.sys
21:15:13.0462 0x1660  C:\Windows\System32\drivers\srv2.sys - ok
21:15:13.0463 0x1660  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] C:\Windows\System32\trkwks.dll
21:15:13.0464 0x1660  C:\Windows\System32\trkwks.dll - ok
21:15:13.0465 0x1660  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] C:\Windows\System32\wbem\WMIsvc.dll
21:15:13.0465 0x1660  C:\Windows\System32\wbem\WMIsvc.dll - ok
21:15:13.0467 0x1660  [ 7DB5AA22A8A8E5C2D335F44853C1F6DE, A734A20357026C42950394682A52CBC3AF956D09F1949E1B4E95467E999BC428 ] C:\Windows\System32\wbemcomn.dll
21:15:13.0467 0x1660  C:\Windows\System32\wbemcomn.dll - ok
21:15:13.0468 0x1660  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] C:\Windows\System32\drivers\srv.sys
21:15:13.0468 0x1660  C:\Windows\System32\drivers\srv.sys - ok
21:15:13.0470 0x1660  [ F49F39620FDCAB02D12F5F28602CA636, 2686DDF20A9F962F8AC7986322A0DD89ECA99D8F27ACEB093A5862A44A1AAF88 ] C:\Windows\System32\iphlpsvc.dll
21:15:13.0470 0x1660  C:\Windows\System32\iphlpsvc.dll - ok
21:15:13.0471 0x1660  [ 0C52762C606BCF6A377D5E4688191A6B, C58C9A73AD07E3B93AB186D0D47C5F1CB7197771DBEE40646C3B801645BB388F ] C:\Windows\System32\wbem\WmiDcPrv.dll
21:15:13.0471 0x1660  C:\Windows\System32\wbem\WmiDcPrv.dll - ok
21:15:13.0473 0x1660  [ A3F5E8EC1316C3E2562B82694A251C9E, F3DC6AA6A9D3B5BBC730668FC52C1D4BB5D515D404578BDDD3D4869A7ED58822 ] C:\Windows\System32\wbem\fastprox.dll
21:15:13.0473 0x1660  C:\Windows\System32\wbem\fastprox.dll - ok
21:15:13.0474 0x1660  [ 27B9E163740A226B65E4B9E186117911, 17411C6A6C1E699BC4B0C04D782FD9AA09CF577DBA41E743F7588904D489CB9F ] C:\Windows\System32\sqmapi.dll
21:15:13.0474 0x1660  C:\Windows\System32\sqmapi.dll - ok
21:15:13.0475 0x1660  [ EE26D130808D16C0E417BBBED0451B34, 4886DCE4FAEF146A40BABD492A8000A2022FEA542A6135A9BAFD4CD09297B4E5 ] C:\Windows\System32\ntdsapi.dll
21:15:13.0475 0x1660  C:\Windows\System32\ntdsapi.dll - ok
21:15:13.0477 0x1660  [ 7B38D7916A7CD058C16A0A6CA5077901, 3F6DD990E2DA5D3BD6D65A72CBFB0FE79EB30B118A8AD71B6C9BB5581A622DCE ] C:\Windows\System32\wdscore.dll
21:15:13.0477 0x1660  C:\Windows\System32\wdscore.dll - ok
21:15:13.0478 0x1660  [ 666A60F6F5E719856FF6254E0966EFF7, 58C072E7E215991E19C1CA062C476081982F7B9F039714539AE7FEB4981C200F ] C:\Windows\System32\wbem\wbemprox.dll
21:15:13.0478 0x1660  C:\Windows\System32\wbem\wbemprox.dll - ok
21:15:13.0480 0x1660  [ 522B0466ED967A0762E9AF5B37D8F40A, B14C62D059BC7CF430E1B0F6E18E31EFD1959EFB3025A2B0EBB11751F38DD6D4 ] C:\Windows\System32\esent.dll
21:15:13.0480 0x1660  C:\Windows\System32\esent.dll - ok
21:15:13.0481 0x1660  [ 210FCACAF902B2CD47CF9FD17D846146, 3F77AC721E084864C5966FF5337A90185F62203DC19C685328675500D629CB87 ] C:\Windows\System32\aeevts.dll
21:15:13.0481 0x1660  C:\Windows\System32\aeevts.dll - ok
21:15:13.0483 0x1660  [ 82C089EA2A3EEFADF3588EA71E8BDADA, 2F3BB32EE2C0673058A74DEEB2D405E5E79F833F33C4D289A93EB3C618A86E75 ] C:\Windows\SysWOW64\wevtapi.dll
21:15:13.0483 0x1660  C:\Windows\SysWOW64\wevtapi.dll - ok
21:15:13.0484 0x1660  [ A636D83A94221CCC9829EDD0692D15B7, A0097FA4E62E5F8D1CAC4304C971B5D3028D8911DF1D8367E52944BF3B46EF4C ] C:\Program Files (x86)\AVG\AVG2014\avgremovalx.dll
21:15:13.0484 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgremovalx.dll - ok
21:15:13.0486 0x1660  [ 5BA5790B61ED0EEE75945DB4D4661EF6, F5B2C2D6AD3E802A0861B47D40F917CD4A1561DE32D49E36E73FEF879054CAD6 ] C:\Program Files (x86)\AVG\AVG2014\avgidpsdkx.dll
21:15:13.0486 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgidpsdkx.dll - ok
21:15:13.0488 0x1660  [ 566F4FC72D42A2ACB6A60D97D381489B, 7E7B4104799029DE0DE6DF15B54AB7C0658A9EC8034A9D1ECC3F1C6E5D6CA95E ] C:\Program Files (x86)\AVG\AVG2014\avgwdwsc.dll
21:15:13.0488 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgwdwsc.dll - ok
21:15:13.0489 0x1660  [ A8CDF3768604FF95B54669E20053D569, 2DB85B86C839341F2A879A6D25F787D17EE665D425C1BAC3E1F82BAC61F89F94 ] C:\Windows\SysWOW64\wscapi.dll
21:15:13.0489 0x1660  C:\Windows\SysWOW64\wscapi.dll - ok
21:15:13.0491 0x1660  [ DE10193EE91F4AF0B09553A5AEB84992, 30EEFD5F9068E87496E3E27668362C20DBE3B50280B7E7DF1E0A034F4D1AEA79 ] C:\Program Files (x86)\AVG\AVG2014\avgshredx.dll
21:15:13.0491 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgshredx.dll - ok
21:15:13.0492 0x1660  [ 49ACA548B2423F1C67898E6AC719A9A6, 23D84137EAB9AFDD31CBB6776B6B25AD135A120AF7F7885EB5BBF9E0A2CCC4C1 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
21:15:13.0492 0x1660  C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
21:15:13.0494 0x1660  [ FF5688D309347F2720911D8796912834, 3B0D73C50D40A6F42629B7750F99F656BF5C1C50237D5F98B6C0F2CE5E2DA359 ] C:\Windows\SysWOW64\clbcatq.dll
21:15:13.0494 0x1660  C:\Windows\SysWOW64\clbcatq.dll - ok
21:15:13.0495 0x1660  [ 7321F18D1F820612ED0E9F2D4B578A7E, 612BD7DE1DFBD100BD6ACB37A38565D88C39842D990D296B9B8E1FB75C3A94E7 ] C:\Windows\SysWOW64\cryptsp.dll
21:15:13.0495 0x1660  C:\Windows\SysWOW64\cryptsp.dll - ok
21:15:13.0497 0x1660  [ 704314FD398C81D5F342CAA5DF7B7F21, CDA660E1E8AAE0789780B6B9604B138E67B2BDD1404A5E4C2354B35879D43085 ] C:\Windows\SysWOW64\wbemcomn.dll
21:15:13.0497 0x1660  C:\Windows\SysWOW64\wbemcomn.dll - ok
21:15:13.0498 0x1660  [ C5B0324DB461559ADD070E632A6919FA, AB09CACB5B7DD372B27921A5E01220552A611CECA27EF87961001FA467FDED45 ] C:\Windows\SysWOW64\wbem\wbemprox.dll
21:15:13.0498 0x1660  C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
21:15:13.0500 0x1660  [ 467F25D27AEA318ADF1878BBC767C208, 1502BF7F0A001093AAED942E1BCDE4BB8F7F2468B0BFCC84D459519F6718AC16 ] C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
21:15:13.0500 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe - ok
21:15:13.0501 0x1660  [ 5997D769CDB108390DCFAEBF442BF816, 0E25CA984C0EEB629184423FAA9BC6D4356DF9A93F281E06DC83B4AC638AEC4A ] C:\Windows\SysWOW64\RpcRtRemote.dll
21:15:13.0501 0x1660  C:\Windows\SysWOW64\RpcRtRemote.dll - ok
21:15:13.0503 0x1660  [ ED8EC63F7522DF4852147C84EC62C36A, 75633011CD28DCBD4834211A9D415F17DE15BFCD80FB9FF6CE25CBBD4E9899AF ] C:\Windows\SysWOW64\rsaenh.dll
21:15:13.0503 0x1660  C:\Windows\SysWOW64\rsaenh.dll - ok
21:15:13.0504 0x1660  [ 9E0D505C01E74EBACF0A05261D9BDC0B, 51F067498B7C7AE7BA92B21FA5473FC04769CA2C8F4B7248411A19F7F48693EF ] C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
21:15:13.0504 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgemca.exe - ok
21:15:13.0506 0x1660  [ 812BDA29D56545D6AB9810C328FE39D1, A25BCADFA9F3900C36A680F8C5926CF9FCF4729E9D4CB2DB4A772A3280B22119 ] C:\Program Files (x86)\AVG\AVG2014\avgsysa.dll
21:15:13.0506 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgsysa.dll - ok
21:15:13.0507 0x1660  [ 5DF0DF75EBF5712DDA77BBDD4E2FCE1A, C59C946CE2F3223A9587731B00E4EB1B039A2B4961F3A4FEF4F032367E0AC488 ] C:\Program Files (x86)\AVG\AVG2014\avgsched.dll
21:15:13.0507 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgsched.dll - ok
21:15:13.0509 0x1660  [ 7C3B449F661D99A9B1033A14033D2987, AE996EDB9B050677C4F82D56092EFDC75F0ADDC97A14E2C46753E2DB3F6BD732 ] C:\Windows\System32\msvcr110.dll
21:15:13.0509 0x1660  C:\Windows\System32\msvcr110.dll - ok
21:15:13.0510 0x1660  [ 34BDA391061967A691E967DB0FBAE1AD, B94859A4E1942B54DD0168601A3C27EB227F7FD15373F13368E54D4E4D2C5846 ] C:\Program Files (x86)\AVG\AVG2014\avgcmla.dll
21:15:13.0510 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgcmla.dll - ok
21:15:13.0512 0x1660  [ 6F8E3B7B70E1BBA871212940C1FBDF60, 3F9D4EE64E4210340C6FEE0DE81BFE3C613DDBE608EC09D63817D24CE24BFC5E ] C:\Windows\SysWOW64\SensApi.dll
21:15:13.0512 0x1660  C:\Windows\SysWOW64\SensApi.dll - ok
21:15:13.0513 0x1660  [ EA6D5209F3A4D9D1ADB2E6D75818CBE2, 6DD93743826AE8C6D8A30DE348F8BB8F53E326119B81AF45536297FB2CEBBEC1 ] C:\Program Files (x86)\AVG\AVG2014\avgloga.dll
21:15:13.0513 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgloga.dll - ok
21:15:13.0515 0x1660  [ AE4EADE5F921F759DB82795666F51DEF, 1A04414DF80B729B4007006D2675096F1BFDB295C9A0D79723B992AB284CD215 ] C:\Program Files (x86)\AVG\AVG2014\avgntopenssla.dll
21:15:13.0515 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgntopenssla.dll - ok
21:15:13.0517 0x1660  [ 793EF4AA879D0F38ABC5F7A98284856A, 2B2F871CC707C2EC2174902A35769522B92AEB23E2D44AFF17DF3FA77876E385 ] C:\Program Files (x86)\AVG\AVG2014\avgcfga.dll
21:15:13.0517 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgcfga.dll - ok
21:15:13.0518 0x1660  [ E6C89CF367DFB7B75791134872928F57, CCB770FB99629DEC62031012C71291115BA7828CC9E37D1B302DC7CFE1E9DFEE ] C:\Program Files (x86)\AVG\AVG2014\avgcomma.dll
21:15:13.0518 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgcomma.dll - ok
21:15:13.0520 0x1660  [ C9B34A8C67E2D72F94DDA578D7AB7EFB, AAFFCD8B06871BCA27E202462670706FC74A7AB8B92F7CF97C49DE1A1844E335 ] C:\Program Files (x86)\AVG\AVG2014\avglnga.dll
21:15:13.0520 0x1660  C:\Program Files (x86)\AVG\AVG2014\avglnga.dll - ok
21:15:13.0521 0x1660  [ 19B12090580EE2BB2B63EDA4FE76C750, 3FEA12206DE95A015BB204E137E8C0B611C12EE24261D9324814967022575903 ] C:\Program Files (x86)\AVG\AVG2014\avgpsica.dll
21:15:13.0521 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgpsica.dll - ok
21:15:13.0523 0x1660  [ D8494ED5EF5849E491191E22B2ABBDC7, CB6EEF68953F2DEC3BAB6F2AB67CD666D981A708D71ECEC54537C1A6B8AE3AC1 ] C:\Program Files (x86)\AVG\AVG2014\avgdetallocatora.dll
21:15:13.0523 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgdetallocatora.dll - ok
21:15:13.0524 0x1660  [ CF7B4F87D7BD2AA2537897784F97BFA0, 3F53361D3BBD25365374060D0CC338DC3BF0C8D83CEEC407FBBEEC9C961F6764 ] C:\Program Files (x86)\AVG\AVG2014\avgclita.dll
21:15:13.0524 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgclita.dll - ok
21:15:13.0526 0x1660  [ DA48F88334C282739CF0221DBF64D66A, 46452EC005BC099848AA4498C59494AF0826148FCA5502941E858B24BEFA1CE8 ] C:\Program Files (x86)\AVG\AVG2014\avgcorea.dll
21:15:13.0526 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgcorea.dll - ok
21:15:13.0528 0x1660  [ 704D8A73F05B681C05A6DE83FB4F646C, 9B6D138A5E1A1520D4ADD0655FD91769588D643EB82B4DC96E8A2952E1839F33 ] C:\Program Files (x86)\AVG\AVG2014\avgntsqlitea.dll
21:15:13.0528 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgntsqlitea.dll - ok
21:15:13.0529 0x1660  [ 0DB1E59EB57E8FBE23A995B2F85F9879, 5019358C937B642B81EAAC7F85638E8916A8692947681B28168F4EDAE491617A ] C:\Program Files (x86)\AVG\AVG2014\avgxpla.dll
21:15:13.0529 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgxpla.dll - ok
21:15:13.0531 0x1660  [ 7CAA1B97A3311EB5A695E3C9028616E7, 27F394AE01D12F851F1DEE3632DEE3C5AFA1D267F7A96321D35FD43105B035AD ] C:\Windows\System32\msvcp110.dll
21:15:13.0531 0x1660  C:\Windows\System32\msvcp110.dll - ok
21:15:13.0532 0x1660  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] C:\Windows\System32\srvsvc.dll
21:15:13.0532 0x1660  C:\Windows\System32\srvsvc.dll - ok
21:15:13.0534 0x1660  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] C:\Windows\System32\browser.dll
21:15:13.0534 0x1660  C:\Windows\System32\browser.dll - ok
21:15:13.0535 0x1660  [ 81749E073AC5857B044A686B406E5244, 3884EE705CA34235B29942FEDA8FEA654A21139B8C2A1D5E009C7D07D6E6ADF1 ] C:\Windows\System32\clusapi.dll
21:15:13.0535 0x1660  C:\Windows\System32\clusapi.dll - ok
21:15:13.0536 0x1660  [ CFEFA40DDE34659BE5211966EAD86437, AC0A3AD8AA47012C40785013E2273FC571F416BC9C9FFDA418FE72B3123C1FB0 ] C:\Windows\System32\netmsg.dll
21:15:13.0536 0x1660  C:\Windows\System32\netmsg.dll - ok
21:15:13.0538 0x1660  [ FF80CAD87555E8E4D2CFD7B9058343F8, 07653773FBEC1996408B8507B08E0E1E812830063F932F897F4B39EE63DDCDC4 ] C:\Windows\System32\sscore.dll
21:15:13.0538 0x1660  C:\Windows\System32\sscore.dll - ok
21:15:13.0539 0x1660  [ 0255C22D99602534F15CBB8D9B6F152F, 43CD89D6CA56E0B633142F7C86DA9E072EE0723B5EBC4CE8CCBCA58C396ECF54 ] C:\Windows\System32\wbem\WinMgmtR.dll
21:15:13.0539 0x1660  C:\Windows\System32\wbem\WinMgmtR.dll - ok
21:15:13.0541 0x1660  [ 3B367397320C26DBA890B260F80D1B1B, 50BBE71B4380B5E86E197AF86F5C08266DD6B12344BA4ABDEA604B8C774C4147 ] C:\Windows\System32\hnetcfg.dll
21:15:13.0541 0x1660  C:\Windows\System32\hnetcfg.dll - ok
21:15:13.0542 0x1660  [ 344FCC9850C3A8A3B4D3C65151AF8E4C, C38853454E153B1AB4AEAE1AAFB7CB4B2E6234208CF24C09F3B2AFE25E271C5C ] C:\Windows\System32\resutils.dll
21:15:13.0542 0x1660  C:\Windows\System32\resutils.dll - ok
21:15:13.0543 0x1660  [ FEB91B4DA0D540865260A33838654FA3, 8636B008BA329D3E6CC235D08BA4C914EFF45DBFCB9297C893CCDA8D907BA946 ] C:\Windows\System32\nci.dll
21:15:13.0544 0x1660  C:\Windows\System32\nci.dll - ok
21:15:13.0545 0x1660  [ 5EB55F661DEBF156E126160BCD4D89F8, 948D1F627AA55D55FB3B558BA61B8366C5481A6041820631F24408F75EA5D2CC ] C:\Windows\System32\wbem\wbemcore.dll
21:15:13.0545 0x1660  C:\Windows\System32\wbem\wbemcore.dll - ok
21:15:13.0546 0x1660  [ 087D8668C71634A3A3761135ABF16EEE, B7348A63299CFF4FFBF375E645A4850AE0F108D48D13AB25434CFAE7CF3D61FD ] C:\Windows\System32\wbem\esscli.dll
21:15:13.0546 0x1660  C:\Windows\System32\wbem\esscli.dll - ok
21:15:13.0548 0x1660  [ 639774C9ACD063F028F6084ABF5593AD, 9DFD80610CBBC9188F6C6BC85C87016B0AE42254FC289C2B578E85282BDD9C23 ] C:\Windows\System32\taskhost.exe
21:15:13.0548 0x1660  C:\Windows\System32\taskhost.exe - ok
21:15:13.0550 0x1660  [ 718B6F51AB7F6FE2988A36868F9AD3AB, 76141B4E94C2766E2C34CEF523092948771A7893212EFADBE88D2171B85FF012 ] C:\Windows\System32\wbem\wbemsvc.dll
21:15:13.0550 0x1660  C:\Windows\System32\wbem\wbemsvc.dll - ok
21:15:13.0551 0x1660  [ 0143DB80DACFB7C2B5B7009ED9063353, 252885CF7C1BAB89B86908373546E5F5D674BEF7AACBDDCF321AD877CB9150A9 ] C:\Windows\System32\wbem\wmiutils.dll
21:15:13.0551 0x1660  C:\Windows\System32\wbem\wmiutils.dll - ok
21:15:13.0553 0x1660  [ 776AE0564F8B1C282E331FD95A1BDC5F, 601CFCA3922FFEA46A54AD323845A76A12FC6AF9FF64E9B0AE294FBB1AFCF4CB ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
21:15:13.0553 0x1660  C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
21:15:13.0554 0x1660  [ 0AB34456654C283DAA13B8D2BA21439B, 4B70FC5195DE39564E951C8542020BA3D4257E3D4488F69825F67A6099CB7549 ] C:\Windows\System32\wbem\repdrvfs.dll
21:15:13.0554 0x1660  C:\Windows\System32\wbem\repdrvfs.dll - ok
21:15:13.0556 0x1660  [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A, 61B4D669C692775EF361445293163E84FAD8636AC49C8047BE806DB4E4093291 ] C:\Windows\SysWOW64\wbem\fastprox.dll
21:15:13.0556 0x1660  C:\Windows\SysWOW64\wbem\fastprox.dll - ok
21:15:13.0557 0x1660  [ 23566F9723771108D2E6CD768AC27407, FAC0293DD1061B151E779BF4B245E6652C951FEDEBC602A166156DFBD38B5D67 ] C:\Windows\System32\AtBroker.exe
21:15:13.0557 0x1660  C:\Windows\System32\AtBroker.exe - ok
21:15:13.0559 0x1660  [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051, 8EFD0A6DE6F4E335D342782190008FB5AC84A6ADE49170B310DEC9AC48E623E8 ] C:\Windows\System32\localspl.dll
21:15:13.0559 0x1660  C:\Windows\System32\localspl.dll - ok
21:15:13.0560 0x1660  [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA, 8A6ACEFAB95E5275CBFBE6CCB5A6C3A6A471260B279B9063E86B9C7765E18656 ] C:\Windows\System32\MsCtfMonitor.dll
21:15:13.0560 0x1660  C:\Windows\System32\MsCtfMonitor.dll - ok
21:15:13.0561 0x1660  [ F09A9A1AD21FE618C4C8B0A0D830C886, 29831DDAB2AB105358FBC067CDF96428220B6743CD6019F6FE74BAC7AF325E7E ] C:\Windows\System32\msutb.dll
21:15:13.0561 0x1660  C:\Windows\System32\msutb.dll - ok
21:15:13.0563 0x1660  [ 88351B29B622B30962D2FEB6CA8D860B, A16CAD7D94C1C9807083BB36E9B4C3C14E6482C4CA2BDFACBCC86E737DDCE42E ] C:\Windows\System32\rasadhlp.dll
21:15:13.0563 0x1660  C:\Windows\System32\rasadhlp.dll - ok
21:15:13.0564 0x1660  [ F162D5F5E845B9DC352DD1BAD8CEF1BC, 8A7B7528DB30AB123B060D8E41954D95913C07BB40CDAE32E97F9EDB0BAF79C7 ] C:\Windows\System32\dwm.exe
21:15:13.0564 0x1660  C:\Windows\System32\dwm.exe - ok
21:15:13.0566 0x1660  [ 3285481F5C12305CA104A6C493CA5A0B, ADB39B15D26A954B0F347C7BAFCC76DE5E3CF3CF05736E8987E0832AA7F8563C ] C:\Windows\System32\spoolss.dll
21:15:13.0566 0x1660  C:\Windows\System32\spoolss.dll - ok
21:15:13.0567 0x1660  [ BAFE84E637BF7388C96EF48D4D3FDD53, 11C194D9ADCE90027272C627D7FBF3BA5025FF0F7B26A8333F764E11E1382CF9 ] C:\Windows\System32\userinit.exe
21:15:13.0567 0x1660  C:\Windows\System32\userinit.exe - ok
21:15:13.0569 0x1660  [ E3E811471DE781900FF21C1FD84E941E, 2A47FF52D1D6480AAD1919382E783EA184BF926311F8C7E466FEBE9F6FB88FD6 ] C:\Windows\SysWOW64\ntdsapi.dll
21:15:13.0569 0x1660  C:\Windows\SysWOW64\ntdsapi.dll - ok
21:15:13.0570 0x1660  [ FCFCD1101C5DA23B4B95F93D02B2C169, 040A086875B6C5475490A2F8B0CF4FF20DDB4FEDFE5FCABBA49692AA05F40527 ] C:\Windows\System32\dwmredir.dll
21:15:13.0570 0x1660  C:\Windows\System32\dwmredir.dll - ok
21:15:13.0572 0x1660  [ 4BA77A5EF71C14C764B0ED4701683E3E, 066A064CDBE09BF8BE1DF5B259F30FF6C124A1C3D637800D3E19E8E25EDB950E ] C:\Windows\System32\dwmcore.dll
21:15:13.0572 0x1660  C:\Windows\System32\dwmcore.dll - ok
21:15:13.0573 0x1660  [ 251B4176A3C66610D0EE92F2481BD13D, 1C494E0259ADE93FC5024189B9E4D1C43EC40B6F08B5079E248247804A386DBA ] C:\Windows\System32\E_ILMBLQE.DLL
21:15:13.0573 0x1660  C:\Windows\System32\E_ILMBLQE.DLL - ok
21:15:13.0574 0x1660  [ 19E41CCCEE697CC9465396B370929792, A9FC4C33C71C3677FE57779380E55FDE2AC0B0C70A9DBCBA0D0B6FA92C709A7F ] C:\Windows\System32\FXSMON.dll
21:15:13.0574 0x1660  C:\Windows\System32\FXSMON.dll - ok
21:15:13.0576 0x1660  [ C5AC93CF3BA30D367FB49148A2B673B9, 07B556039BBA841BC9F28979C3AD5D238B55391F921C9C805F3AFC9EFB437766 ] C:\Windows\System32\PrintIsolationProxy.dll
21:15:13.0576 0x1660  C:\Windows\System32\PrintIsolationProxy.dll - ok
21:15:13.0577 0x1660  [ 93518C6EDE0B61BCBD02BDB02BD05FEE, 3637F5E5F15093AFB501EE910368CF900B422AC22669391FFA4198BBAE6F8FCB ] C:\Windows\System32\snmpapi.dll
21:15:13.0577 0x1660  C:\Windows\System32\snmpapi.dll - ok
21:15:13.0579 0x1660  [ 32A3C8600AF124CBAAD845F13CFAE3CB, F36FE9E57D5C509FEECE890F9F8717F9CC6F762E32AE0B7DB7E0153370CE0B9D ] C:\Windows\System32\tcpmon.dll
21:15:13.0579 0x1660  C:\Windows\System32\tcpmon.dll - ok
21:15:13.0580 0x1660  [ FFF9D00CF16397C64317F213484F94BD, 94D0584E14BDB27F61F59A7BCEA529A1594261BE0CE74502C13E8865843BA414 ] C:\Windows\System32\wsnmp32.dll
21:15:13.0580 0x1660  C:\Windows\System32\wsnmp32.dll - ok
21:15:13.0582 0x1660  [ DF72A9936D0C3F517083119648814B09, 6BA4DCAC2F55A393A266ED0B2AF92B38141654D1666E3E143D85BBAF21663E1E ] C:\Windows\System32\usbmon.dll
21:15:13.0582 0x1660  C:\Windows\System32\usbmon.dll - ok
21:15:13.0583 0x1660  [ A1D7E3ADCDB07DDB6F423862DCB1A52B, 6191C33D2AE090F6F055D6AE211096CE8F003EC5518A5333EE1E376052176BAB ] C:\Windows\System32\WSDMon.dll
21:15:13.0583 0x1660  C:\Windows\System32\WSDMon.dll - ok
21:15:13.0585 0x1660  [ 4581716B4BF76ACFD8E167EB0B26D82A, 39D822527114EEED68044CCE4D542767F53978D9E0A7F72638F1CA9A016DE13B ] C:\Windows\System32\fdPnp.dll
21:15:13.0585 0x1660  C:\Windows\System32\fdPnp.dll - ok
21:15:13.0586 0x1660  [ 1D626FE2E13C1CE49CA0136CFF214E93, 4F02DD92045CF244979FFD074B2BDE6925A909227A474C60DCABE4384D916218 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
21:15:13.0586 0x1660  C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
21:15:13.0588 0x1660  [ 67CF11E00D026A5C0C88EA5F84D501E5, 5081A87466116232CF07F58229967B6C0CD3738B64A56EFC6BB3EBDA62E378F6 ] C:\Windows\System32\win32spl.dll
21:15:13.0588 0x1660  C:\Windows\System32\win32spl.dll - ok
21:15:13.0589 0x1660  [ 9AE80F6A66B30E3ED8CDF858CF28B11B, A93E470DC54E3C74C10979D49CABB9A34893F9E847F88491F935DB44EEC3541A ] C:\Windows\System32\d3d10_1.dll
21:15:13.0589 0x1660  C:\Windows\System32\d3d10_1.dll - ok
21:15:13.0591 0x1660  [ 9BB99503D6A4DD62569EDE9E5E2672A5, 6F4EA5BC50B1F929735246485263078BEF1B3BEB33F78CB1F483F13AA226C27E ] C:\Windows\System32\HotStartUserAgent.dll
21:15:13.0591 0x1660  C:\Windows\System32\HotStartUserAgent.dll - ok
21:15:13.0592 0x1660  [ 94EEAC26F57811BD1AEFC164412F7FCE, 7390BCD7709D48DE75D7D6E06AA7356D1C58EE63F3CC2E07ABCD2E2FF6CC81CF ] C:\Windows\System32\PlaySndSrv.dll
21:15:13.0592 0x1660  C:\Windows\System32\PlaySndSrv.dll - ok
21:15:13.0594 0x1660  [ 63F72417CA38D8FC8F53709649B589E3, 39AE8AFFCFB8A9E345FC4C6F11926F25552C464380F88CDECD299FD27AF7866B ] C:\Windows\System32\d3d10_1core.dll
21:15:13.0594 0x1660  C:\Windows\System32\d3d10_1core.dll - ok
21:15:13.0595 0x1660  [ F5CEF064C7E6D95DA86B9D064A56A969, F118CD4364690F37A07AE458E043E8CFBA98F332DC9E7228C83409CF26F6EF6D ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
21:15:13.0595 0x1660  C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
21:15:13.0597 0x1660  [ 8DFB5752FCE145A6B295093C0A8BE131, F38029C8B36EFD46B1F6CCA0089FF4EFB0AB246497E38EDFF6A67FAC804D4A97 ] C:\Windows\System32\dxgi.dll
21:15:13.0597 0x1660  C:\Windows\System32\dxgi.dll - ok
21:15:13.0598 0x1660  [ 4C92EB7535CAA1681A77D928FBF9771F, 7D02B2357CA02393CA711C3C499AAD86B792EEFFDC67F2CE52F7F7BB8A28DE79 ] C:\Windows\System32\d3d11.dll
21:15:13.0598 0x1660  C:\Windows\System32\d3d11.dll - ok
21:15:13.0600 0x1660  [ 507D5567A0A4EE86C4B0CE2CE1777025, 408770B00CED498BF7782054F17A5CB361CF65429B0C816403D70E416E0EEF23 ] C:\Windows\System32\inetpp.dll
21:15:13.0600 0x1660  C:\Windows\System32\inetpp.dll - ok
21:15:13.0601 0x1660  [ 1BF0CB861A48FEB1638228760750F3CB, 37C781A8C546EAD8B4D28BD7D730B9AC78EB799599AD69DAD9054B6F9F1DD6BD ] C:\Windows\System32\cscapi.dll
21:15:13.0601 0x1660  C:\Windows\System32\cscapi.dll - ok
21:15:13.0603 0x1660  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] C:\Windows\System32\wdi.dll
21:15:13.0603 0x1660  C:\Windows\System32\wdi.dll - ok
21:15:13.0604 0x1660  [ 4449D23E8F197862F1B16F1E6C89C36C, 93AF52BF8E870C0381F027D3BB8F6829E449242074472F1593EB8172D7EB6559 ] C:\Windows\System32\diagperf.dll
21:15:13.0604 0x1660  C:\Windows\System32\diagperf.dll - ok
21:15:13.0605 0x1660  [ F7073C962C4FB7C415565DDE109DE49F, 781E7088DCEFBC34A808C3E7DA41A56112B3F23ABE9F54B5EF4D5CD9CD016B1D ] C:\Windows\System32\npmproxy.dll
21:15:13.0605 0x1660  C:\Windows\System32\npmproxy.dll - ok
21:15:13.0607 0x1660  [ 332FEAB1435662FC6C672E25BEB37BE3, 6BED1A3A956A859EF4420FEB2466C040800EAF01EF53214EF9DAB53AEFF1CFF0 ] C:\Windows\explorer.exe
21:15:13.0607 0x1660  C:\Windows\explorer.exe - ok
21:15:13.0608 0x1660  [ 11C3AF4890C57C6936CE3DCC8D69497E, 0F598CC78D97B3EB04871AF1CA8469ED3D26A418023C5CBB5AD02D35C94DC7AF ] C:\Windows\System32\igd10iumd64.dll
21:15:13.0608 0x1660  C:\Windows\System32\igd10iumd64.dll - ok
21:15:13.0610 0x1660  [ DDD0357A92FA843EFF8915ED17253D6C, 0C78B1D41F0A7821186ADF653504F2BFF067CB512CB0E932047C301378BBADB6 ] C:\Windows\System32\wbem\WmiPrvSD.dll
21:15:13.0610 0x1660  C:\Windows\System32\wbem\WmiPrvSD.dll - ok
21:15:13.0611 0x1660  [ D41FEBD098234F02485A4EA98D4730A4, 462DC8168C444F35B43BA3B8F7D77734665D84F1C6D25CAD7391C0145961628F ] C:\Windows\System32\ncobjapi.dll
21:15:13.0611 0x1660  C:\Windows\System32\ncobjapi.dll - ok
21:15:13.0613 0x1660  [ BF4AC709BE5BF64F331F5D67773A0C82, 96E5A2A12D386B8A7976FEC76FD350E6A3EEBDF5763F4BBF4AB18880E9F269E0 ] C:\Windows\System32\perftrack.dll
21:15:13.0613 0x1660  C:\Windows\System32\perftrack.dll - ok
21:15:13.0614 0x1660  [ 9719E3D834F5C8C43F56A93DFA497023, 4D78D4BD4835C0A237821967156C19DF4B90384A6BCB1F48CEAF35D003A0099A ] C:\Windows\System32\pnpts.dll
21:15:13.0614 0x1660  C:\Windows\System32\pnpts.dll - ok
21:15:13.0616 0x1660  [ 46863C4CC5B68EB09EA2D5EEF0F1193A, 9B5593E1F484AC8F96F89A5995FB1FE9C51CB2F0F545607F6850751191150CFE ] C:\Windows\System32\radardt.dll
21:15:13.0616 0x1660  C:\Windows\System32\radardt.dll - ok
21:15:13.0617 0x1660  [ E811F8510B133E70CF6E509FB809824F, 82541F2B15748250462B67B6C77530D4F7C45A1482237EC49B28F9FA5A414108 ] C:\Windows\System32\wdiasqmmodule.dll
21:15:13.0617 0x1660  C:\Windows\System32\wdiasqmmodule.dll - ok
21:15:13.0619 0x1660  [ 6F40D6FB05E0C1E5402812B426971AF0, E41F138F0F2DB057F8DBB1587237C6FA8A2059B3D64EC894D1DC492A18DBBDED ] C:\Windows\System32\wbem\wbemess.dll
21:15:13.0619 0x1660  C:\Windows\System32\wbem\wbemess.dll - ok
21:15:13.0620 0x1660  [ EED05D42D91835064703E2318552ED25, E9EE1E2253445B207B76F5D3073C612ED979A982522C1515E0FE8FA9641AE568 ] C:\Windows\System32\ExplorerFrame.dll
21:15:13.0620 0x1660  C:\Windows\System32\ExplorerFrame.dll - ok
21:15:13.0622 0x1660  [ 024352FEEC9042260BB4CFB4D79A206B, 60CB39086E10C5B66EBC15E4DF219620B344B4358D2918AB6BB3448A0AC8BE36 ] C:\Windows\System32\EhStorShell.dll
21:15:13.0622 0x1660  C:\Windows\System32\EhStorShell.dll - ok
21:15:13.0623 0x1660  [ 32802C0F6FC7C8F561B9D91F52A46421, EE02CF54FC3626D85849EF14D9B7B57419F12D1DD0735C25ECBD987EE53F634B ] C:\Windows\System32\cscui.dll
21:15:13.0623 0x1660  C:\Windows\System32\cscui.dll - ok
21:15:13.0624 0x1660  [ 7EE5F17A21D9A9101207DF4BC37B085D, C07A56D52449B9F126B617FB4EFDC22EFE043C9B257B01967EA2FCCCA6216763 ] C:\Windows\System32\cscdll.dll
21:15:13.0624 0x1660  C:\Windows\System32\cscdll.dll - ok
21:15:13.0626 0x1660  [ 037A719DAD50603202C978CD802623E4, BD4C222913D32D7CF5FE0201FEBE7BD67FC39DF47A7A672C2D6C228A6E13B5DE ] C:\Windows\System32\ntshrui.dll
21:15:13.0626 0x1660  C:\Windows\System32\ntshrui.dll - ok
21:15:13.0627 0x1660  [ 1D63F4366288B8A7595397E27010FD44, 99EA4DDD88D9C4A4CC9B238F533CB4D2C062D46239173997E8594D8A75811A01 ] C:\Windows\System32\IconCodecService.dll
21:15:13.0627 0x1660  C:\Windows\System32\IconCodecService.dll - ok
21:15:13.0629 0x1660  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] C:\Windows\System32\appinfo.dll
21:15:13.0629 0x1660  C:\Windows\System32\appinfo.dll - ok
21:15:13.0630 0x1660  [ E611295FF38300A41C23E30EBBC4255B, 363C7CD8AE72554E2640A89B84F3CC6F6B4280E4FAA8E7F6731BBAEA37C67C89 ] C:\Windows\System32\igdusc64.dll
21:15:13.0630 0x1660  C:\Windows\System32\igdusc64.dll - ok
21:15:13.0632 0x1660  [ 49E5753D923F1AC63B22D3DCB0B47E00, 14CEC0BF5F625FF839A8D79B4A6B7C4AC0CBB705FD197C6B7FF8617C6C3E34FE ] C:\Windows\System32\uDWM.dll
21:15:13.0632 0x1660  C:\Windows\System32\uDWM.dll - ok
21:15:13.0633 0x1660  [ E64D9EC8018C55873B40FDEE9DBEF5B3, 2DB11E7C631A9887CB75AFEAD2C79EC65F82C51F5F073CEFC8CDDF664EFF29C1 ] C:\Windows\System32\PortableDeviceApi.dll
21:15:13.0633 0x1660  C:\Windows\System32\PortableDeviceApi.dll - ok
21:15:13.0635 0x1660  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] C:\Windows\System32\wpdbusenum.dll
21:15:13.0635 0x1660  C:\Windows\System32\wpdbusenum.dll - ok
21:15:13.0636 0x1660  [ E1B22739C933BE33F53DB58C5393ADD3, 26EE0DD091D2E00DECC774DC1EEDFFDE69AF74B0C769CCBE091AFC32C66E4207 ] C:\Windows\System32\Apphlpdm.dll
21:15:13.0636 0x1660  C:\Windows\System32\Apphlpdm.dll - ok
21:15:13.0638 0x1660  [ 025E7DBDB98866ED3CB2D4DDA70B364D, 78962F23F066E362AF1A4B98FA7D5E30AF30C561307438503031D30C944B6A6E ] C:\Windows\System32\runonce.exe
21:15:13.0638 0x1660  C:\Windows\System32\runonce.exe - ok
21:15:13.0639 0x1660  [ D44741F65A1D71F65814A12CF6E2400A, C6721F830675ADC7E7FDE2B5E822E56F6A063146F5066F1E25EBFE86F0A87136 ] C:\Windows\SysWOW64\runonce.exe
21:15:13.0639 0x1660  C:\Windows\SysWOW64\runonce.exe - ok
21:15:13.0641 0x1660  [ EC2F3CB489E0A3F56BA143DF69062325, DB82F1495DD99F9F28E6A00234D70D4CD49F14946666854D5104BAD3DC7DEFA6 ] C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
21:15:13.0641 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe - ok
21:15:13.0642 0x1660  [ 6765FB95D344472A1B7DE7AA2CC0B21F, 81502D65C960354DF67864F278266C80B85B353FE68C1E8207A14734C7FEE754 ] C:\Program Files (x86)\AVG\AVG2014\avgchjwa.dll
21:15:13.0642 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgchjwa.dll - ok
21:15:13.0644 0x1660  [ 8BADC22BC2DF5A5D353A42FDC63E4125, 777D6AEB71D7AEFEC01EBA9CA26D22DEFA6D709A4881529F85D0419688B73812 ] C:\Program Files (x86)\AVG\AVG2014\avgcclia.dll
21:15:13.0644 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgcclia.dll - ok
21:15:13.0645 0x1660  [ A6FCA0045256D1D6AAA0083E005A068D, 128377653565E6532741694828C299CD3624537A3982EF5F1CD18D37D064DF09 ] C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
21:15:13.0645 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe - ok
21:15:13.0647 0x1660  [ E629F1A051C82795DDFFD3E8D4855811, 6E4DFFEAB2795C98EA6DCAF10EA6D97413D0F8CA0C04869CB20B74FF4D6FE679 ] C:\Windows\System32\dimsjob.dll
21:15:13.0647 0x1660  C:\Windows\System32\dimsjob.dll - ok
21:15:13.0648 0x1660  [ 94DFBB481BF51158B216E23C5C1C9D6E, 0199086A70B9B63E48A7A15C8AE5442E9C6BC0173BD80A104DE1BE6A6C25F202 ] C:\Windows\System32\certcli.dll
21:15:13.0648 0x1660  C:\Windows\System32\certcli.dll - ok
21:15:13.0650 0x1660  [ 35CB97CBC3EDC463418ED4997AAB29B6, EE60EABE2D87CEDD68FB8985B6C5D70930015FB2B8DB9FDCB4044587BC6ECA4C ] C:\Windows\System32\pautoenr.dll
21:15:13.0650 0x1660  C:\Windows\System32\pautoenr.dll - ok
21:15:13.0651 0x1660  [ 352B3DC62A0D259A82A052238425C872, 393B24E0D6007C74AEE2FB2EE2C18623D37DF64E279B6767952DCFEE0EACBB10 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
21:15:13.0651 0x1660  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
21:15:13.0653 0x1660  [ 12C45E3CB6D65F73209549E2D02ECA7A, 9DFD9C58B90257C34D52B7156C1D2566BE32EE7BD4699DDE164A5F190EC4D44A ] C:\Windows\SysWOW64\propsys.dll
21:15:13.0653 0x1660  C:\Windows\SysWOW64\propsys.dll - ok
21:15:13.0654 0x1660  [ AD7B9C14083B52BC532FBA5948342B98, 17F746D82695FA9B35493B41859D39D786D32B23A9D2E00F4011DEC7A02402AE ] C:\Windows\SysWOW64\cmd.exe
21:15:13.0654 0x1660  C:\Windows\SysWOW64\cmd.exe - ok
21:15:13.0656 0x1660  [ 326C7F76A29897A892AA7726E91C1C67, 64305346B06EC14976130B0B80F14B4D5AB63E5B2A6A7B872EC9CE2BF8FADCD2 ] C:\Windows\SysWOW64\winbrand.dll
21:15:13.0656 0x1660  C:\Windows\SysWOW64\winbrand.dll - ok
21:15:13.0657 0x1660  [ A3560FAFC1686D5EE9830B33B5C74B66, 192DF588991B88D2F8B60C3D9A2793E869055955F0798DA01AE66C3F3BF70890 ] C:\Windows\SysWOW64\ieframe.dll
21:15:13.0657 0x1660  C:\Windows\SysWOW64\ieframe.dll - ok
21:15:13.0659 0x1660  [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C, 78889511D6F471009674CC958F8BB77B4A79C952634B18E8AFF4A75AA6A60E87 ] C:\Windows\System32\ndiscapCfg.dll
21:15:13.0659 0x1660  C:\Windows\System32\ndiscapCfg.dll - ok
21:15:13.0660 0x1660  [ 3D6AF45673C4B31CDECD7F80AF09D443, 7D711D138C107816155AFA5E5FDC6892734074BEFF604B5904177B5D9ACE4670 ] C:\Windows\System32\rascfg.dll
21:15:13.0660 0x1660  C:\Windows\System32\rascfg.dll - ok
21:15:13.0661 0x1660  [ 2DF29664ED261F0FC448E58F338F0671, 4EFE79C383D0AF126FC4EE668D822563F8F037B1E61D73747A35FE11AAFDB8CE ] C:\Windows\System32\mprapi.dll
21:15:13.0661 0x1660  C:\Windows\System32\mprapi.dll - ok
21:15:13.0663 0x1660  [ 1CF21800E337F4039AAD4C94B4280EE4, EF434CEF6E62A202B85E8EC7916EB998E20B10675437CDE90084CDA938C0AA3F ] C:\Windows\System32\mprmsg.dll
21:15:13.0663 0x1660  C:\Windows\System32\mprmsg.dll - ok
21:15:13.0664 0x1660  [ 55DE45B116711881C852D2841E4C84DD, 18E5021530BB44042C85087BAE4FEDA633E01CDCBA09C90A5941B74C75133A35 ] C:\Windows\System32\tcpipcfg.dll
21:15:13.0664 0x1660  C:\Windows\System32\tcpipcfg.dll - ok
21:15:13.0666 0x1660  [ 60F4AEFA103D421EA4A40E31409B4756, 037A8605CA504A4FF43E9D4DE9017CEA1E26D3556C975872C747E24D8B0835EF ] C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
21:15:13.0666 0x1660  C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
21:15:13.0668 0x1660  [ 2C4A87CA8C00E98EFDCFA2E8EC9A3503, DA59CE662E98E56D89E2894D2AC8B9F324C16DA23C860640EDC2C82E0AD06097 ] C:\Windows\SysWOW64\shdocvw.dll
21:15:13.0668 0x1660  C:\Windows\SysWOW64\shdocvw.dll - ok
21:15:13.0669 0x1660  [ D40E7B5FBB8E0EAA7C5C294389AF95AB, 8EFD521DF1F335AF416DEC15D5C0C6538903803AA1A8ED93AA704B384A29876B ] C:\Users\captn\AppData\Local\Temp\{785B37B3-9606-4A2E-8866-0C36D4F713C4}.exe
21:15:13.0669 0x1660  C:\Users\captn\AppData\Local\Temp\{785B37B3-9606-4A2E-8866-0C36D4F713C4}.exe - ok
21:15:13.0671 0x1660  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] C:\Windows\System32\aelupsvc.dll
21:15:13.0671 0x1660  C:\Windows\System32\aelupsvc.dll - ok
21:15:13.0672 0x1660  [ 263B26106606A010CF877472B535E4BB, 43ECE89E428D2BB34244894BEBA1B946B0767649D15B1C715223E4E471A9E504 ] C:\Windows\System32\CertEnroll.dll
21:15:13.0672 0x1660  C:\Windows\System32\CertEnroll.dll - ok
21:15:13.0674 0x1660  [ 1075AB2C077B415760C0E948856B5126, D67804B4A038FC06BD84CBF9C047DD4C13073622027F825371DB98867EF4E9B9 ] C:\Windows\System32\wer.dll
21:15:13.0674 0x1660  C:\Windows\System32\wer.dll - ok
21:15:13.0675 0x1660  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] C:\Windows\System32\drivers\WUDFRd.sys
21:15:13.0675 0x1660  C:\Windows\System32\drivers\WUDFRd.sys - ok
21:15:13.0677 0x1660  [ 58A0CDABEA255616827B1C22C9994466, 4FE1140AA8D3995579DE8CDF4ECAD1978804D05351EABB4079A63B303EF1B451 ] C:\Windows\System32\NapiNSP.dll
21:15:13.0677 0x1660  C:\Windows\System32\NapiNSP.dll - ok
21:15:13.0678 0x1660  [ 613C8CE10A5FDE582BA5FA64C4D56AAA, 30507B6BA79E1A271B07BBA58B4FF463678BE0960266A1D5E88031E932D768B6 ] C:\Windows\System32\pnrpnsp.dll
21:15:13.0678 0x1660  C:\Windows\System32\pnrpnsp.dll - ok
21:15:13.0680 0x1660  [ AFA79C343F9D1555F7E5D5FA70BB2A14, 440EF3ADC1F5C7A5ED3E872C8D8DFA61B039454C3CA67F8A51CA8BDCFDC4BA4A ] C:\Windows\System32\PortableDeviceConnectApi.dll
21:15:13.0680 0x1660  C:\Windows\System32\PortableDeviceConnectApi.dll - ok
21:15:13.0682 0x1660  [ 2E2072EB48238FCA8FBB7A9F5FABAC45, AC70B9FC24847EEC2E18008F2894DCDAC19A9C90D5D88729326E493CA524F5C3 ] C:\Windows\System32\winrnr.dll
21:15:13.0682 0x1660  C:\Windows\System32\winrnr.dll - ok
21:15:13.0683 0x1660  [ CA9F7888B524D8100B977C81F44C3234, 57F3353F89724147D8AC8B69B12C1303DF26978309776F5F8CCF074526A915D3 ] C:\Windows\SysWOW64\winhttp.dll
21:15:13.0683 0x1660  C:\Windows\SysWOW64\winhttp.dll - ok
21:15:13.0685 0x1660  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] C:\Windows\System32\drivers\WUDFPf.sys
21:15:13.0685 0x1660  C:\Windows\System32\drivers\WUDFPf.sys - ok
21:15:13.0686 0x1660  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] C:\Windows\System32\WUDFSvc.dll
21:15:13.0686 0x1660  C:\Windows\System32\WUDFSvc.dll - ok
21:15:13.0688 0x1660  [ FB10715E4099AF9FA389C71873245226, 6A4CB43880B822A0C4714D6E52EB3EB2CE1E69C3AA9CA65EAAD6B131AE43F274 ] C:\Windows\System32\timedate.cpl
21:15:13.0688 0x1660  C:\Windows\System32\timedate.cpl - ok
21:15:13.0689 0x1660  [ 8ABFE00F213F2571498F1B8FD7939A98, B557EC9EFD33612BAFE01FFD304B50EFB8C3C19763470560DA950B5AB4A9AC9C ] C:\Windows\System32\WUDFHost.exe
21:15:13.0689 0x1660  C:\Windows\System32\WUDFHost.exe - ok
21:15:13.0691 0x1660  [ FB19FC5951A88F3C523E35C2C98D23C0, FF0DB8BF0C68DA0D09272E8181D2B5409C8850BB2F31AEA3AC4CD14C5A420A59 ] C:\Windows\SysWOW64\webio.dll
21:15:13.0691 0x1660  C:\Windows\SysWOW64\webio.dll - ok
21:15:13.0692 0x1660  [ E6F0F82788E8BD0F7A616350EFA0761C, 13091DCB3E3F4F52C3FF210E93AAF1DCE142CFC09F671AEAC5B922393B23E67B ] C:\Windows\System32\actxprxy.dll
21:15:13.0692 0x1660  C:\Windows\System32\actxprxy.dll - ok
21:15:13.0694 0x1660  [ 23B001185B7C3CB1F4BDEB143E6B45B7, AB3A5AB346F6353B43B06FBE20B7785DA988975E2C8B73A6588F107FFAAACC47 ] C:\Windows\System32\shdocvw.dll
21:15:13.0694 0x1660  C:\Windows\System32\shdocvw.dll - ok
21:15:13.0695 0x1660  [ A0A65D306A5490D2EB8E7DE66898ECFD, CE5DA408F4EDD5E81CE0925867F03C9A35172CF1571FE4C4C052E45AB69822BB ] C:\Windows\System32\linkinfo.dll
21:15:13.0695 0x1660  C:\Windows\System32\linkinfo.dll - ok
21:15:13.0696 0x1660  [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86, E15ED4FEFC3010C213694331DDFDC03767682325C898D773AB243E2DC8B08461 ] C:\Windows\System32\msftedit.dll
21:15:13.0697 0x1660  C:\Windows\System32\msftedit.dll - ok
21:15:13.0698 0x1660  [ 2EBD0C5B090125AECF017C57344C45AB, 4FF8F2460115C60AD164EE0DC2079E1601B8AA21A1BA8033B7B731FAF85411B6 ] C:\Windows\System32\msls31.dll
21:15:13.0698 0x1660  C:\Windows\System32\msls31.dll - ok
21:15:13.0700 0x1660  [ 80041798F2F049259241393A2017DB02, 59B8913A129EC26FB111C2C614C0C7440D521F65BAF32E57CA48E34337C0DDEE ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
21:15:13.0700 0x1660  C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
21:15:13.0702 0x1660  [ C3DEFB0B48ED819E6C794E13D1544F19, BBB7B73FED61A5CCC391700D24B9EAF333528820B7697EEB010EBD9EC17FDF9E ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
21:15:13.0702 0x1660  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok
21:15:13.0703 0x1660  [ 2F9BB96456CB0EB9DB50003A30938EAD, E40301A3C8D3670EC46352713A8307CC707A8B8DC1EA854536F1978939D49949 ] C:\Windows\System32\hccutils.dll
21:15:13.0703 0x1660  C:\Windows\System32\hccutils.dll - ok
21:15:13.0704 0x1660  [ 98E2F3D865EAA47785CCD60A66154AD2, 9D856F44A4A6AEC0989B3F186EB930D47E42C2BBAED7D218DCEF84F89608C120 ] C:\Windows\System32\igfxtray.exe
21:15:13.0704 0x1660  C:\Windows\System32\igfxtray.exe - ok
21:15:13.0706 0x1660  [ 6625C33987985415876BBDD94197D9BD, 5F4BF8B22F12264EDFE94560654D2A7817B460D7E98B09403358D61EA1AED6CD ] C:\Windows\System32\hkcmd.exe
21:15:13.0706 0x1660  C:\Windows\System32\hkcmd.exe - ok
21:15:13.0707 0x1660  [ A1689E3E4CEC22B7925F9007941ADDC1, 40F7C13B0DB6A1CA5770BB90A67D34450BA8B7399B98FCBA7D188DDD330C2590 ] C:\Windows\System32\igfxpers.exe
21:15:13.0707 0x1660  C:\Windows\System32\igfxpers.exe - ok
21:15:13.0709 0x1660  [ EFC73875D6A2DECAD030633A9A75F00A, AA7B65649B37FFC68A6FFB23CBBE73E1BB873C840B9EA0049421D2B4C0EC364F ] C:\Windows\System32\spool\drivers\x64\3\E_IATILQE.EXE
21:15:13.0709 0x1660  C:\Windows\System32\spool\drivers\x64\3\E_IATILQE.EXE - ok
21:15:13.0710 0x1660  [ D7FE6AB93B79F1A41C15EECE58C52D40, 4B517791967FC05F2D60B2978649F13B3D36676CBF769466DE73B4409C8422CA ] C:\Windows\System32\igfxsrvc.exe
21:15:13.0710 0x1660  C:\Windows\System32\igfxsrvc.exe - ok
21:15:13.0712 0x1660  [ C481AAC703ECF8C02752C9ADD67D7E32, E97811C5F82009E5AF43920CE97E92516217660262D1C9FCC6FC4C10A2134DC6 ] C:\Windows\System32\igfxdev.dll
21:15:13.0712 0x1660  C:\Windows\System32\igfxdev.dll - ok
21:15:13.0713 0x1660  [ B1BB8205557158EFF17DC83B72D4AFCD, 585EF060EBDB8324C4646FD444C7457784C251215E367C1054CE30B2EFCD3105 ] C:\Windows\System32\igfxsrvc.dll
21:15:13.0713 0x1660  C:\Windows\System32\igfxsrvc.dll - ok
21:15:13.0715 0x1660  [ A665183399FF69C72EF18E716512F5DB, 23F4078489AE4D28ADF762185B1C5CA2673449DFA5456098D693A43ACF644278 ] C:\Windows\System32\spool\drivers\x64\3\E_IAUDLQE.DLL
21:15:13.0715 0x1660  C:\Windows\System32\spool\drivers\x64\3\E_IAUDLQE.DLL - ok
21:15:13.0717 0x1660  [ 585FED4CDB8034B8B58AEB8008255817, 13D1055929D79598C04A4AB66EF3DBAADD265F9D1C3F43E84531238D2526A1AE ] C:\Windows\System32\opengl32.dll
21:15:13.0717 0x1660  C:\Windows\System32\opengl32.dll - ok
21:15:13.0718 0x1660  [ BA56C68CCB912C4C08C97DD32C47AD31, 8B70D9BC097C8D1A4E12773B3D57E78E969C7C3ECE1DF0E4576109A4F10E0AA6 ] C:\Windows\System32\ieframe.dll
21:15:13.0718 0x1660  C:\Windows\System32\ieframe.dll - ok
21:15:13.0720 0x1660  [ 5BA69DCFDB21AC810A81DBC2A2CDB11E, 550931BD9F82C842A368821418BE0253CF6CC8B9AEFAC48BF14F2CC1FB0ADE74 ] C:\Program Files (x86)\Internet Download Manager\IDMan.exe
21:15:13.0720 0x1660  C:\Program Files (x86)\Internet Download Manager\IDMan.exe - ok
21:15:13.0721 0x1660  [ F2967C0A97C0EA67D79D7F557213950D, 65516C83DCB3F952CD4454636B61CC2F153AF6BEEBC352463791D92F7F500F52 ] C:\Windows\System32\glu32.dll
21:15:13.0721 0x1660  C:\Windows\System32\glu32.dll - ok
21:15:13.0722 0x1660  [ A6C09924C6730DE8DEED9890A12AA691, 46EACBC27D15FD43431812D6CA770982178C07246AF3A1C2E0D40D745A1D5758 ] C:\Windows\System32\ddraw.dll
21:15:13.0722 0x1660  C:\Windows\System32\ddraw.dll - ok
21:15:13.0724 0x1660  [ A5ED9421B8D09ED4F57CDA386307713E, EC2EE043E94A53302A9721220AA42D29BE72AF3448B7AA01F7EB911ECF7DC6AE ] C:\Windows\System32\dciman32.dll
21:15:13.0724 0x1660  C:\Windows\System32\dciman32.dll - ok
21:15:13.0725 0x1660  [ D1DE1EAFDE97BE41CF6585027FF3E732, 76F17D4DF440D6734DC8157092D94EB18C2A73A0A49BEEA289E7B3EDE30E86A2 ] C:\Windows\SysWOW64\comdlg32.dll
21:15:13.0725 0x1660  C:\Windows\SysWOW64\comdlg32.dll - ok
21:15:13.0727 0x1660  [ 936F728E04ACCF3F38801CFFCF1E3F40, 59CA86096F4B928E364B6A3C0408615F068BB8BC02DCFC5EAF4873EC6D6E0797 ] C:\Windows\SysWOW64\oledlg.dll
21:15:13.0727 0x1660  C:\Windows\SysWOW64\oledlg.dll - ok
21:15:13.0728 0x1660  [ 703FFD301AB900B047337C5D40FD6F96, C09909B89183B89BA87CAC8C5BEBD0E995C5CB08CC9B9D1E88352103EE958857 ] C:\Windows\SysWOW64\olepro32.dll
21:15:13.0728 0x1660  C:\Windows\SysWOW64\olepro32.dll - ok
21:15:13.0730 0x1660  [ AB663072BF103CBDC31CD229F284F8BC, D0155DE9FAB0114A4EC8D39B78EDAC9689D0B45504337D1F85F1CF59D3425E41 ] C:\Program Files (x86)\AVG\AVG2014\avgcerta.dll
21:15:13.0730 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgcerta.dll - ok
21:15:13.0731 0x1660  [ 9110FFAD124283F37D38771BB60556AF, BB495FDF86B7C3DD7878C496090A624CE8FE68F61166C91A4C99EF1140F0AD23 ] C:\Windows\System32\dsound.dll
21:15:13.0731 0x1660  C:\Windows\System32\dsound.dll - ok
21:15:13.0733 0x1660  [ E3ECF5FFE3DEDF61DC6877B6A99ACBBF, 2944FE9035882830799F18B7A98112BA66F16994694CA0CFFC77306775F5EDB2 ] C:\Windows\SysWOW64\credssp.dll
21:15:13.0733 0x1660  C:\Windows\SysWOW64\credssp.dll - ok
21:15:13.0734 0x1660  [ 73E8667A19FEEDD856DF2695E9E511D4, 68D66C36D1F293D10ADCC6A33C870F989A29743537592CF172F02E794BEAFD1C ] C:\Windows\SysWOW64\wship6.dll
21:15:13.0734 0x1660  C:\Windows\SysWOW64\wship6.dll - ok
21:15:13.0736 0x1660  [ 9108540E866F75C7AF2B91DD921A8091, 7208C8E05E818781D7F2703B86848FC90651E0D8BE10362863250F2283CEC511 ] C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
21:15:13.0736 0x1660  C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
21:15:13.0737 0x1660  [ D79408F4B3CAB3D29C6017E51A65DC36, C81B8D0724CE64C41B3E62DBE30696295FC22FB86E593F629789DE99BD20DD09 ] C:\Program Files (x86)\AVG\AVG2014\avgchcla.dll
21:15:13.0737 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgchcla.dll - ok
21:15:13.0739 0x1660  [ 4C2C4640BF23AAFCF90519E0F34436CE, 8ACCDA77C2DC5BE2DAED05134310122AFECC872A8D118612E55DD229BFE4D844 ] C:\Windows\System32\DeviceCenter.dll
21:15:13.0739 0x1660  C:\Windows\System32\DeviceCenter.dll - ok
21:15:13.0740 0x1660  [ 7E7D6EEC393B74F32CBB4367AF73C0BD, 1A5F9CF6B5D82E5F3C4033B6F86C30555552A5AF18B2AF965BBA67DF7C4703CE ] C:\Windows\System32\igfxrenu.lrc
21:15:13.0740 0x1660  C:\Windows\System32\igfxrenu.lrc - ok
21:15:13.0742 0x1660  [ 00FFA769A1358C45F1A09EF40980B52E, 5E5662F4FA0DABFE3DA6EF14D7D4A8BDA8057260F62D16F4787075B5B715843F ] C:\Windows\System32\spool\drivers\x64\3\E_ILMWLQE.DLL
21:15:13.0742 0x1660  C:\Windows\System32\spool\drivers\x64\3\E_ILMWLQE.DLL - ok
21:15:13.0743 0x1660  [ D38E57E6FF593B43D7BE013348A32CE6, ECD3BDD602B3B67106483EF8E438EA94C98FA9E0044137054DDCE10E96E72648 ] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
21:15:13.0744 0x1660  C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe - ok
21:15:13.0745 0x1660  [ 48FA17EE7D061B974A97EF811A624252, 7FF2BAC2CD352A73252E80ABFCB57D9AC7F68A65CAE556F5D5F4D221C40AF83B ] C:\Program Files (x86)\Internet Download Manager\idmvs.dll
21:15:13.0745 0x1660  C:\Program Files (x86)\Internet Download Manager\idmvs.dll - ok
21:15:13.0747 0x1660  [ 263E9A047D17CD50BAA9D3C02910D18D, F526648358AD121001D2776E0ACC333EC4AC168CA07B40A3D3C06C5CE6A361C3 ] C:\Windows\System32\oledlg.dll
21:15:13.0747 0x1660  C:\Windows\System32\oledlg.dll - ok
21:15:13.0748 0x1660  [ 5FC2D30C05487B480C2A154D5D281BA0, 51D856E6E6C4BC75E96BFE6F1CBD1E49A7D6E9C7C673963DDB03FF5504E5947F ] C:\Windows\SysWOW64\connect.dll
21:15:13.0748 0x1660  C:\Windows\SysWOW64\connect.dll - ok
21:15:13.0750 0x1660  [ 826FE01021DAC66C0C0AC8B88032AA27, 0B3C8435FD4B4367FF4864082BE2AB76BFBD7435B8ABFB3A5088F86AC8A17DE2 ] C:\Windows\System32\spool\drivers\x64\3\E_IASRLQE.DLL
21:15:13.0750 0x1660  C:\Windows\System32\spool\drivers\x64\3\E_IASRLQE.DLL - ok
21:15:13.0751 0x1660  [ DC220AE6F64819099F7EBD6F137E32E7, B8FE13B859FA83500DD95637FA6D4A5B8392C2A363E41D014D3B5374F636E1DE ] C:\Windows\System32\AudioSes.dll
21:15:13.0751 0x1660  C:\Windows\System32\AudioSes.dll - ok
21:15:13.0753 0x1660  [ 0805289E121F3E3C458C970B08314EB2, D9B448A04C09F525F599D0369CF9A197F471AABDA0A97201760C46D2EB8F3CDE ] C:\Windows\System32\RtkCfg64.dll
21:15:13.0753 0x1660  C:\Windows\System32\RtkCfg64.dll - ok
21:15:13.0754 0x1660  [ 93FC6137A37838125D386CC06AF0D615, E54BC6D4A99DFBF546BD91E2213AA1D94C677A6401A8E6D3CBFAAB7564A7224A ] C:\Windows\System32\RtkAPO64.dll
21:15:13.0754 0x1660  C:\Windows\System32\RtkAPO64.dll - ok
21:15:13.0756 0x1660  [ FB4045578F5180BDB1963AB352B78548, 8E645A63436EE6CDDB78E6064AEB04ECE39208F760A3EF13A3F49FDF41505E21 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
21:15:13.0756 0x1660  C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
21:15:13.0757 0x1660  [ 361B0893A5C6741F347568A3232D2822, A1085FD8DCEA67E3760C5204C4FC0EADAAC2A9E3A1A498B0BE2F0883EE2B1A04 ] C:\Program Files (x86)\AVG\AVG2014\avgui.exe
21:15:13.0757 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgui.exe - ok
21:15:13.0758 0x1660  [ 7099EC974D1A03F5E6D8D6C7E7FFDA1D, A80EF2850DFEF17848BA5FF0D4E0D01420CBBB563D716AB4CED6C45E6DB3845F ] C:\Windows\System32\igfxress.dll
21:15:13.0759 0x1660  C:\Windows\System32\igfxress.dll - ok
21:15:13.0760 0x1660  [ 5817CD316D961BFBF8A5ADF4FEAD9453, 951495926748601C7C77F86A23BC464728ADBA3042737047EF2715835FC35BE2 ] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
21:15:13.0760 0x1660  C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll - ok
21:15:13.0762 0x1660  [ F10E5311E5093FA3C00FF88C54C32FCA, B557F5B00D77F030850D9AAC0FFEFC4C2A759EC4081C8459C9DEAE51BAAACC65 ] C:\Windows\SysWOW64\atl.dll
21:15:13.0762 0x1660  C:\Windows\SysWOW64\atl.dll - ok
21:15:13.0763 0x1660  [ EAB975DB4C2805927FE5BD047D05C9AA, 8F5497B1A2652B5EAA5D35BD314B5F90C5140207427DAE6068D665FA44D3FD56 ] C:\Windows\SysWOW64\netshell.dll
21:15:13.0763 0x1660  C:\Windows\SysWOW64\netshell.dll - ok
21:15:13.0765 0x1660  [ 68F07A4750EEC27B4F6E85015798F26E, D7C93116FEAAB2C67655C2548BEF80ED90633C9BC1DBA5F4F12C5E6D6D6016E6 ] C:\Windows\System32\spool\drivers\x64\3\E_ILGRLQE.DLL
21:15:13.0765 0x1660  C:\Windows\System32\spool\drivers\x64\3\E_ILGRLQE.DLL - ok
21:15:13.0766 0x1660  [ 7D91EA1B48A400798C4DBD2BCCAEF965, 6101DB59D3FCA521FFFA93217014A83C14FC989A5ABA4EEAF5228788C280F412 ] C:\Windows\System32\spool\drivers\x64\3\E_IMAILQE.DLL
21:15:13.0766 0x1660  C:\Windows\System32\spool\drivers\x64\3\E_IMAILQE.DLL - ok
21:15:13.0768 0x1660  [ 5EDBB34736DD7AC1A73CF8792A835E10, 15E87C449AAF2095273341DD9355D8DF2690340D1DEFAF0DFF034F1CDF4316F8 ] C:\Windows\System32\AudioEng.dll
21:15:13.0768 0x1660  C:\Windows\System32\AudioEng.dll - ok
21:15:13.0769 0x1660  [ 787A44730AC4FC08F684729573D0C138, 4DEEF1A4399FEEC494671765632C13200F0336884D9FD5E0E25E993E4BD10520 ] C:\Windows\System32\spool\drivers\x64\3\E_IUICLQE.DLL
21:15:13.0769 0x1660  C:\Windows\System32\spool\drivers\x64\3\E_IUICLQE.DLL - ok
21:15:13.0771 0x1660  [ 25AE683DCB4AE7E6F1B193A0CB9DB35F, 9DC4BE1A51A3E94DB05369222CFCBA2125DA519EAAC46823EAECD738974463EF ] C:\Windows\System32\WUDFx.dll
21:15:13.0771 0x1660  C:\Windows\System32\WUDFx.dll - ok
21:15:13.0772 0x1660  [ EE19C85CA685A275BE346EC41F1870F9, F071D88C38C62E9D88DDE29F451B2B581499758A7E60BDA6DED3376280C5A635 ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18455_none_72d576ad8665e853\GdiPlus.dll
21:15:13.0772 0x1660  C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18455_none_72d576ad8665e853\GdiPlus.dll - ok
21:15:13.0774 0x1660  [ 839F96DBAAFD3353E0B248A5E0BD2A51, 11DA5AD3EA5FF4766C12B99FB520B3CBE08581ECAF1A2FD1DC5AC835CA78FAC2 ] C:\Windows\SysWOW64\rasapi32.dll
21:15:13.0774 0x1660  C:\Windows\SysWOW64\rasapi32.dll - ok
21:15:13.0775 0x1660  [ FFA7172354B9256DBB2CDD75F16F33FE, 85B2F014C67C2E52540F17D561793C6633C9E98F12639CCD3854EB1EC34DD035 ] C:\Windows\SysWOW64\rasman.dll
21:15:13.0775 0x1660  C:\Windows\SysWOW64\rasman.dll - ok
21:15:13.0777 0x1660  [ 102CF6879887BBE846A00C459E6D4ABC, A4C51C79CF95D5C79DCEFB02946A09A987FEAF83CE2EE1BA7677EBA90869AC80 ] C:\Windows\SysWOW64\riched20.dll
21:15:13.0777 0x1660  C:\Windows\SysWOW64\riched20.dll - ok
21:15:13.0778 0x1660  [ B5506B451BFE7148ECA7056BDA2970BD, 4E8E031342E5EA7DD24B5EFCE04B7FB96BAF0B600F548F8FB2414F0E02C54613 ] C:\Windows\SysWOW64\riched32.dll
21:15:13.0778 0x1660  C:\Windows\SysWOW64\riched32.dll - ok
21:15:13.0780 0x1660  [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159, ACE7F85685EB92FC3AB4215122B0469E32F23B196C49F08CDA7791D3122C45DC ] C:\Windows\SysWOW64\rtutils.dll
21:15:13.0780 0x1660  C:\Windows\SysWOW64\rtutils.dll - ok
21:15:13.0781 0x1660  [ B805023F8E65450193F31470871675F6, 5AC88DB4B1010F221C91796AB087D7E10D2E9902335F0299BEAAEE391553D23B ] C:\Windows\System32\spool\drivers\x64\3\E_IEPELQE.DLL
21:15:13.0781 0x1660  C:\Windows\System32\spool\drivers\x64\3\E_IEPELQE.DLL - ok
21:15:13.0783 0x1660  [ 088CF5B6380FB9002F2A4246F812225D, 3E7205FEBC5B2432EE3655CD71D630A5D5EA609995F43053B1B5EB8917C46453 ] C:\Windows\SysWOW64\asycfilt.dll
21:15:13.0783 0x1660  C:\Windows\SysWOW64\asycfilt.dll - ok
21:15:13.0785 0x1660  [ 8C6AF35602856595601F3CFFC70317D8, 5521835BE4383D57445C0B273057FA7747F3DF26D0C880E00108C32CF5B3CCCC ] C:\Program Files (x86)\Internet Download Manager\IDMGetAll.dll
21:15:13.0785 0x1660  C:\Program Files (x86)\Internet Download Manager\IDMGetAll.dll - ok
21:15:13.0786 0x1660  [ 28BA01106D559670FE64696256C60147, D23D69AD34FF189592DD61B9B5D4925D877135D5063827A15DC14081188FEA57 ] C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
21:15:13.0786 0x1660  C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll - ok
21:15:13.0788 0x1660  [ 50C2E62660C7C1D26C60D320CC61F8A6, 1C41043F1900045885AD33710848E2BFF686AEA7452A55FB8AB344CF7F8B9005 ] C:\Program Files (x86)\Internet Download Manager\downlWithIDM.dll
21:15:13.0788 0x1660  C:\Program Files (x86)\Internet Download Manager\downlWithIDM.dll - ok
21:15:13.0790 0x1660  [ 8733245B8D7A0038F46F65F945584E6F, 9D0BC98C0513272A6915CFFD5B1288A7568ABA4F198ADC6CD992BB7BE3D943F5 ] C:\Program Files (x86)\Internet Download Manager\idmfsa.dll
21:15:13.0790 0x1660  C:\Program Files (x86)\Internet Download Manager\idmfsa.dll - ok
21:15:13.0791 0x1660  [ B8DE851298E99A005BFD34AA906B3FE8, 33F631C0B561199B5FEB9020FAA99E50EFA9F421D7484FFA640C5561494726DA ] C:\Windows\SysWOW64\mfc110u.dll
21:15:13.0791 0x1660  C:\Windows\SysWOW64\mfc110u.dll - ok
21:15:13.0793 0x1660  [ 81F08948A0F1475894C99D4D19A158A8, 93334DA369BF976E498265E432CAF63D898D378C6B32947DF355366ABE2A0FAC ] C:\Windows\SysWOW64\wshqos.dll
21:15:13.0793 0x1660  C:\Windows\SysWOW64\wshqos.dll - ok
21:15:13.0794 0x1660  [ DC5B6F395F4C9C52A568CE395609579E, 4C13D9A0380AF1AC3CD2C7A87AA7F2C674CF0E21EC3D16EFAE768E8C10310FB3 ] C:\Program Files (x86)\Internet Download Manager\IDMIntegrator64.exe
21:15:13.0794 0x1660  C:\Program Files (x86)\Internet Download Manager\IDMIntegrator64.exe - ok
21:15:13.0796 0x1660  [ D38669C8091966A0F249B0512CE2297A, 2C1943A3714F06B0927A7DAF779518F7873334A16FFA0977150ECF39533DBBE9 ] C:\Program Files (x86)\Internet Download Manager\IDMNetMon64.dll
21:15:13.0796 0x1660  C:\Program Files (x86)\Internet Download Manager\IDMNetMon64.dll - ok
21:15:13.0797 0x1660  [ 22ECE0BC222B54CA73AE37D7A65EA93F, 6C60C8A634F7CF73129F23CE6A0269DB009D0692BAF71BA611884FB52B467679 ] C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll
21:15:13.0798 0x1660  C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll - ok
21:15:13.0800 0x1660  [ AC822BE8FFB08E7EA2AD573B9F87EA71, E407368144B4DAFE540CD09DD10500125897E59D8D25B3B1CAEB2B875BDD56A7 ] C:\Program Files (x86)\Internet Download Manager\IDMGetAll64.dll
21:15:13.0800 0x1660  C:\Program Files (x86)\Internet Download Manager\IDMGetAll64.dll - ok
21:15:13.0801 0x1660  [ 57A9E201F60DCDE8D5D2EE2679E57C06, BDB8A368842A9CA914B8DD26697907E8048D8DAB5C567594ABCD46C7677CBB8D ] C:\Windows\SysWOW64\mfc110enu.dll
21:15:13.0801 0x1660  C:\Windows\SysWOW64\mfc110enu.dll - ok
21:15:13.0802 0x1660  [ 18AB2E5A40064ED5F7791AC5946A90F3, B7536CE56702C23B1CEC3E1B6C78866E0A76808B85A92AF3733D9ED9429E004C ] C:\Windows\SysWOW64\msimg32.dll
21:15:13.0803 0x1660  C:\Windows\SysWOW64\msimg32.dll - ok
21:15:13.0804 0x1660  [ D0151087285B6DB1B0B7F894FF53F7B6, FB10D82B14283B6376B7E414EEB9B44B5F5FC0A624B19C594B322C2B0FD2F6E5 ] C:\Program Files (x86)\AVG\AVG2014\avgkrnlapix.dll
21:15:13.0804 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgkrnlapix.dll - ok
21:15:13.0806 0x1660  [ 7D34B9060C3319E5A9750909DCC1C902, 4C7010C02D6276200BC2187131780C1D8CF95875B73B8CC205F1F959D4827665 ] C:\Program Files (x86)\AVG\AVG2014\avgidpmx.dll
21:15:13.0806 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgidpmx.dll - ok
21:15:13.0807 0x1660  [ 6A6B2EE4565A178035BE2A4FF6F2C968, E2E231F1C2E2CE19583483ACC53318651FA7CA2DE46BCB89B4CBF97CA0525122 ] C:\Windows\SysWOW64\wtsapi32.dll
21:15:13.0807 0x1660  C:\Windows\SysWOW64\wtsapi32.dll - ok
21:15:13.0809 0x1660  [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\Users\captn\AppData\Local\Temp\{0B04A072-B1AE-478E-94C2-F8E47D9AC3CE}\{4E7FA58A-C45C-4DD0-ABBE-59106152E768}.tmp
21:15:13.0809 0x1660  C:\Users\captn\AppData\Local\Temp\{0B04A072-B1AE-478E-94C2-F8E47D9AC3CE}\{4E7FA58A-C45C-4DD0-ABBE-59106152E768}.tmp - ok
21:15:13.0810 0x1660  [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\Users\captn\AppData\Local\Temp\{0B04A072-B1AE-478E-94C2-F8E47D9AC3CE}\{E3A78635-0F82-4C2D-943C-0CA7F15F1296}.tmp
21:15:13.0810 0x1660  C:\Users\captn\AppData\Local\Temp\{0B04A072-B1AE-478E-94C2-F8E47D9AC3CE}\{E3A78635-0F82-4C2D-943C-0CA7F15F1296}.tmp - ok
21:15:13.0812 0x1660  [ 80808656078CFCC32CF8BFEB0DD66279, 383F37599ABF16EEDEB2A60242DB7EDCC3D210A2A59DD61169047059F7041C5C ] C:\Users\captn\AppData\Local\Temp\{0B04A072-B1AE-478E-94C2-F8E47D9AC3CE}\{098F7EC7-5C77-490F-9C4D-D041FB6093BD}.tmp
21:15:13.0812 0x1660  C:\Users\captn\AppData\Local\Temp\{0B04A072-B1AE-478E-94C2-F8E47D9AC3CE}\{098F7EC7-5C77-490F-9C4D-D041FB6093BD}.tmp - ok
21:15:13.0814 0x1660  [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\Users\captn\AppData\Local\Temp\{0B04A072-B1AE-478E-94C2-F8E47D9AC3CE}\{2195C6E4-A458-4640-BE96-87FAA62C72C3}.tmp
21:15:13.0814 0x1660  C:\Users\captn\AppData\Local\Temp\{0B04A072-B1AE-478E-94C2-F8E47D9AC3CE}\{2195C6E4-A458-4640-BE96-87FAA62C72C3}.tmp - ok
21:15:13.0816 0x1660  [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\Users\captn\AppData\Local\Temp\{0B04A072-B1AE-478E-94C2-F8E47D9AC3CE}\{DDE280DE-BD58-44F4-9E16-513AC2671D3D}.tmp
21:15:13.0816 0x1660  C:\Users\captn\AppData\Local\Temp\{0B04A072-B1AE-478E-94C2-F8E47D9AC3CE}\{DDE280DE-BD58-44F4-9E16-513AC2671D3D}.tmp - ok
21:15:13.0817 0x1660  [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\Users\captn\AppData\Local\Temp\{0B04A072-B1AE-478E-94C2-F8E47D9AC3CE}\{1588612C-8EFE-4AB7-9BC6-E2DDE3C81B6B}.tmp
21:15:13.0817 0x1660  C:\Users\captn\AppData\Local\Temp\{0B04A072-B1AE-478E-94C2-F8E47D9AC3CE}\{1588612C-8EFE-4AB7-9BC6-E2DDE3C81B6B}.tmp - ok
21:15:13.0819 0x1660  [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\Users\captn\AppData\Local\Temp\{0B04A072-B1AE-478E-94C2-F8E47D9AC3CE}\{64E64471-FBDF-4C13-A61D-516A1AD1D405}.tmp
21:15:13.0819 0x1660  C:\Users\captn\AppData\Local\Temp\{0B04A072-B1AE-478E-94C2-F8E47D9AC3CE}\{64E64471-FBDF-4C13-A61D-516A1AD1D405}.tmp - ok
21:15:13.0821 0x1660  [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\Users\captn\AppData\Local\Temp\{0B04A072-B1AE-478E-94C2-F8E47D9AC3CE}\{2BC934DD-62E8-4044-9BC3-2CDB5AC17161}.tmp
21:15:13.0821 0x1660  C:\Users\captn\AppData\Local\Temp\{0B04A072-B1AE-478E-94C2-F8E47D9AC3CE}\{2BC934DD-62E8-4044-9BC3-2CDB5AC17161}.tmp - ok
21:15:13.0822 0x1660  [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\Users\captn\AppData\Local\Temp\{0B04A072-B1AE-478E-94C2-F8E47D9AC3CE}\{BF2681A2-9293-4529-8281-6322D3F8AF9D}.tmp
21:15:13.0822 0x1660  C:\Users\captn\AppData\Local\Temp\{0B04A072-B1AE-478E-94C2-F8E47D9AC3CE}\{BF2681A2-9293-4529-8281-6322D3F8AF9D}.tmp - ok
21:15:13.0824 0x1660  [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\Users\captn\AppData\Local\Temp\{0B04A072-B1AE-478E-94C2-F8E47D9AC3CE}\{1A0A7235-0008-4B5F-836C-44CF908B9979}.tmp
21:15:13.0824 0x1660  C:\Users\captn\AppData\Local\Temp\{0B04A072-B1AE-478E-94C2-F8E47D9AC3CE}\{1A0A7235-0008-4B5F-836C-44CF908B9979}.tmp - ok
21:15:13.0826 0x1660  [ 2FCA0D2C59A855C54BAFA22AA329DF0F, ED9D26F539065D62FCCEDEEC8E509B30F4D15F8DA586C1F657ACEFE9DABAACD0 ] C:\Windows\SysWOW64\netapi32.dll
21:15:13.0826 0x1660  C:\Windows\SysWOW64\netapi32.dll - ok
21:15:13.0827 0x1660  [ 20B3934DB73EABA2B49B7177873CB81F, 492EAC5C51472B43DE11825358AEC4B9E3A081DACFD7513C696D6FE40F302EE5 ] C:\Windows\SysWOW64\netutils.dll
21:15:13.0827 0x1660  C:\Windows\SysWOW64\netutils.dll - ok
21:15:13.0829 0x1660  [ 5CCDCD40E732D54E0F7451AC66AC1C87, 66F4DA105BD72E41250CD59E2B3CD931B47AC9FDB6C784B9E33C5EE1AC29841F ] C:\Windows\SysWOW64\srvcli.dll
21:15:13.0829 0x1660  C:\Windows\SysWOW64\srvcli.dll - ok
21:15:13.0830 0x1660  [ E5A4A1326A02F8E7B59E6C3270CE7202, DCB76016F9AC47E631540874DA208A089F9D529DA9628705A2869B954526BFE0 ] C:\Windows\SysWOW64\wkscli.dll
21:15:13.0830 0x1660  C:\Windows\SysWOW64\wkscli.dll - ok
21:15:13.0831 0x1660  [ C212A43AA83A717AD38505F23ACDCB33, 52BFF0FB72D2C4543ECB2C2F6E1DA63E548BAFCE553EECBB18F287AC2CF5EF28 ] C:\Windows\SysWOW64\msi.dll
21:15:13.0831 0x1660  C:\Windows\SysWOW64\msi.dll - ok
21:15:13.0833 0x1660  [ 91D6F0AB79AA36FFB932157865206F35, 5C20EA92737A4409DF4601D6D256DBC7A8D0AE4C31A32F20054E873473B27781 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
21:15:13.0833 0x1660  C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
21:15:13.0834 0x1660  [ 9864D52F15AD32094A636C6B5281D9E7, 2DBECE721AA11509F6D5005C5FB965EB0DF28729D0B6C524BB35603C1243BA42 ] C:\Windows\System32\WMVCORE.DLL
21:15:13.0834 0x1660  C:\Windows\System32\WMVCORE.DLL - ok
21:15:13.0836 0x1660  [ AACC48FE239F0DF126DA2F28930A5B83, D55E7D9AA79B1875E9074CFFBBCD484024902566B49806A8639B5C04847DFF89 ] C:\Windows\System32\WMASF.DLL
21:15:13.0836 0x1660  C:\Windows\System32\WMASF.DLL - ok
21:15:13.0837 0x1660  [ 389CA818132C1D7DCF0C791E8D9035DE, 5E54799F92CC604FABEF2F97AFD97F9CAD70D01BCDBC41FAC408D60821927C12 ] C:\Windows\System32\PortableDeviceClassExtension.dll
21:15:13.0837 0x1660  C:\Windows\System32\PortableDeviceClassExtension.dll - ok
21:15:13.0839 0x1660  [ 4F3CD1C59EA71401E155C432BCECE180, 6D4118A627CAE509E43D0CC0062EECAA0990C955BB15AE24834460551B2F51A2 ] C:\Windows\System32\PortableDeviceTypes.dll
21:15:13.0839 0x1660  C:\Windows\System32\PortableDeviceTypes.dll - ok
21:15:13.0840 0x1660  [ A054EA8FBE16D4D34F06D81A4F0088E2, 1CD4EECFDA374C8A7B8AD4E664DC057B9C75813AF776A616DC6D845905567CBD ] C:\Windows\SysWOW64\WindowsCodecs.dll
21:15:13.0840 0x1660  C:\Windows\SysWOW64\WindowsCodecs.dll - ok
21:15:13.0842 0x1660  [ D233C7FEAE3FAA25F93A9E6B46815ADC, 5330682AE9C08E5F2E30C5E256B91028389BBBDDAA8C38950DF76616FCA854FF ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
21:15:13.0842 0x1660  C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
21:15:13.0843 0x1660  [ 2C4318F50415B280D318E22E18240F8B, 3529EDC6AE104E7885B01787519AB816EA09AFF597DB6563D934B360AFF97C5E ] C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
21:15:13.0844 0x1660  C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll - ok
21:15:13.0845 0x1660  [ B06190AF451B2037FF075AEB5D21E26F, 920E4FC543B01851E696A5FCF2045CE804FDDF9FBFD65C4E89C4D6A39845D352 ] C:\Program Files (x86)\Internet Download Manager\downlWithIDM64.dll
21:15:13.0845 0x1660  C:\Program Files (x86)\Internet Download Manager\downlWithIDM64.dll - ok
21:15:13.0847 0x1660  [ 2BCBA6052374959A30BD7948444DBB79, 46224A2B729026FEEBC3C6A09E69919D477097848DB2CA0C2F5B166CDF379660 ] C:\Windows\System32\gameux.dll
21:15:13.0847 0x1660  C:\Windows\System32\gameux.dll - ok
21:15:13.0848 0x1660  [ C3761661C17C2248A9379A8FB89E3DE1, CE3477FA2B4058EB80739E0161FE957545F13CF86D313F6422732901D35F75F2 ] C:\Windows\System32\stobject.dll
21:15:13.0848 0x1660  C:\Windows\System32\stobject.dll - ok
21:15:13.0850 0x1660  [ 24F4B480F335A6C724AF352253C5D98B, 011413B236CAD7B78CE0A0EEC3E3085D48C7576A3205D025BA6EBFDF590538E4 ] C:\Windows\System32\thumbcache.dll
21:15:13.0850 0x1660  C:\Windows\System32\thumbcache.dll - ok
21:15:13.0851 0x1660  [ F832EEEA97CDDA1AF577E721F652A0D1, EBBB7CA199BA4DF231123922BD310D43DE0104C6185B70FE0281B938D5336F2E ] C:\Windows\System32\batmeter.dll
21:15:13.0851 0x1660  C:\Windows\System32\batmeter.dll - ok
21:15:13.0853 0x1660  [ 9540F3F5489747E71101E8AC9850CC79, E8AD685FE1A1F58EAA1E27400D67C0F404780D8448C15CA0FE0DE4E458F38A13 ] C:\Program Files\Internet Explorer\iexplore.exe
21:15:13.0853 0x1660  C:\Program Files\Internet Explorer\iexplore.exe - ok
21:15:13.0854 0x1660  [ 101797BA603D227946B4B5109867EB19, EBF2B48D1A4FE148F455EA32023ABC0D479215D48C7CE76E765F199CD3C80AF8 ] C:\Windows\System32\SyncCenter.dll
21:15:13.0854 0x1660  C:\Windows\System32\SyncCenter.dll - ok
21:15:13.0856 0x1660  [ B5CEFCD28DA2A3B16A313243C492A62C, 2BAAB37E3FAFFEA3A15A2A61E202D02B5F99D1C0DAC0AD9A4E491C09AB81F27C ] C:\Program Files (x86)\AVG\AVG2014\avglngx.dll
21:15:13.0856 0x1660  C:\Program Files (x86)\AVG\AVG2014\avglngx.dll - ok
21:15:13.0857 0x1660  [ 405F4D32D2185F1F1BD753D8EEAFFB3A, CAC42C3E09C43BE96592B670D70821386014DB22D8239A9CFB9E33E54FB5C3D5 ] C:\Windows\System32\networkexplorer.dll
21:15:13.0857 0x1660  C:\Windows\System32\networkexplorer.dll - ok
21:15:13.0859 0x1660  [ BEFC3C586AE68B6997B462A7F2C166F7, 957C964E6A533A0064162DEF1C96B8702C019110B6282FEEC13BFC6C6D7A764E ] C:\Program Files (x86)\AVG\AVG2014\avguires.dll
21:15:13.0859 0x1660  C:\Program Files (x86)\AVG\AVG2014\avguires.dll - ok
21:15:13.0860 0x1660  [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122, E7EA375A3BDE8FC764CB09524344370B9EE25F98AD6C83E6F37A569EB8D277D6 ] C:\Windows\System32\prnfldr.dll
21:15:13.0860 0x1660  C:\Windows\System32\prnfldr.dll - ok
21:15:13.0861 0x1660  [ 69754747274B76E7FAF287239333D7E6, A0BAEC1E56E4B1A17C0D41B317526AF5BB11E7E488C7016067A6229346A23B16 ] C:\Windows\System32\msiltcfg.dll
21:15:13.0861 0x1660  C:\Windows\System32\msiltcfg.dll - ok
21:15:13.0863 0x1660  [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
21:15:13.0863 0x1660  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
21:15:13.0865 0x1660  [ 308F2EE28005510DE616409148CF077B, A2126CB185B0053086BDD6F0A16A503F6CA629AC677E4B7AE6D43C770061D087 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
21:15:13.0865 0x1660  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
21:15:13.0867 0x1660  [ 37509FE1D0802AAD5C48E4C8B665B6D9, 0EB2E75BFEF0C6E3B319ECC241547F75487A2705929AC0E77F5D1285152A26B6 ] C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
21:15:13.0867 0x1660  C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe - ok
21:15:13.0868 0x1660  [ 846D0E4DB261CFAF363902E41498E961, D7E5591B7604FD583AF7FDA19E30928B24A6145318A3944E7D207F0CCEEB30D0 ] C:\Windows\SysWOW64\EhStorShell.dll
21:15:13.0868 0x1660  C:\Windows\SysWOW64\EhStorShell.dll - ok
21:15:13.0870 0x1660  [ 03F3B770DFBED6131653CEDA8CA780F0, 77373919DCA647F09851E7E460AE78FBD89F21516B961F84AC4446304E51E09C ] C:\Windows\SysWOW64\ntshrui.dll
21:15:13.0870 0x1660  C:\Windows\SysWOW64\ntshrui.dll - ok
21:15:13.0871 0x1660  [ 465BEA35F7ED4A4A57686DEA7EA10F47, 7F1B3CA09AB045F805DA5765BE7DD270F5DDACE3073017F7386FF1E2FA82D6FB ] C:\Windows\SysWOW64\cscapi.dll
21:15:13.0871 0x1660  C:\Windows\SysWOW64\cscapi.dll - ok
21:15:13.0872 0x1660  [ 827CB0D6C3F8057EA037FF271F8E9795, 82760DBDDD38D2A31CAAF51D065DF4E7E1D0F0C22733A0AF653776EBF7B79470 ] C:\Windows\SysWOW64\imageres.dll
21:15:13.0872 0x1660  C:\Windows\SysWOW64\imageres.dll - ok
21:15:13.0874 0x1660  [ 8B74CEC6980D4816B0037AE9A27E538F, 8721EDB4C51BF6020002FA5DDB1987C68590F9F433A2F18D9756B2DAC7542CB6 ] C:\Windows\SysWOW64\slc.dll
21:15:13.0874 0x1660  C:\Windows\SysWOW64\slc.dll - ok
21:15:13.0875 0x1660  [ 418E881201583A3039D81F43E39E6C78, C96AAC161E09BE12815A4E931E65F66DB1A456C03253EF1111AE66F44B1515FF ] C:\Windows\SysWOW64\winsta.dll
21:15:13.0875 0x1660  C:\Windows\SysWOW64\winsta.dll - ok
21:15:13.0877 0x1660  [ 523CF74A52C9A1762DA8B83AEE734498, 5A739182B916738B611E1BBA9098F8BCC8C4E2CC2CFEFD1BC5CE7941D11CEDFD ] C:\Windows\SysWOW64\IconCodecService.dll
21:15:13.0877 0x1660  C:\Windows\SysWOW64\IconCodecService.dll - ok
21:15:13.0878 0x1660  [ E2A17BCC08D92F42E08AF6BA2F93ABA7, 5FC9D47BF4B1094BECC0C0DDCD5CD4318DD3E4495D982F8785331616D5B82599 ] C:\Windows\SysWOW64\ExplorerFrame.dll
21:15:13.0878 0x1660  C:\Windows\SysWOW64\ExplorerFrame.dll - ok
21:15:13.0880 0x1660  [ BD95E822E7A958BBCA842D078426A151, D057D1C009B0B5FF080DC9027E0AFB76CE1681785575ACEA25A005776DD1A5F4 ] C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
21:15:13.0880 0x1660  C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe - ok
21:15:13.0881 0x1660  [ 6E1F8165C365D35C8E3C045AF0CDD481, B861360D0A014265A0BEB4CC2FE31EA05AE95120E8B07820C13A044D64C00E2B ] C:\Windows\SysWOW64\duser.dll
21:15:13.0881 0x1660  C:\Windows\SysWOW64\duser.dll - ok
21:15:13.0883 0x1660  [ EE06B85BC69F18826302348A2AD089E0, 417205797CC9F6C986A863A61179784D9ADCAF1961EF8A4D9042D73C5A86509A ] C:\Windows\SysWOW64\dui70.dll
21:15:13.0883 0x1660  C:\Windows\SysWOW64\dui70.dll - ok
21:15:13.0884 0x1660  [ 1F1A53C41C4A2C618D7230C8CDEC3622, 3C8F4A5A71D9789A7B2774AE35A9842F04A5556E4DE75FAA9647A411AD983BED ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
21:15:13.0884 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe - ok
21:15:13.0886 0x1660  [ 3B39F9D51E4D8BAABDA6518955B58C13, 64AE407FA65096D5483C31B14AAC7FA691A4736AEA1288DC6D4BCEE3A2CE8A6F ] C:\Windows\System32\msi.dll
21:15:13.0886 0x1660  C:\Windows\System32\msi.dll - ok
21:15:13.0887 0x1660  [ A543AC1F7138376D778D630A35FCBC4C, 2D824C66A97FC8C39DAFA397CC47495B712D175EEF393486946DA8936BDD466A ] C:\Windows\SysWOW64\psapi.dll
21:15:13.0887 0x1660  C:\Windows\SysWOW64\psapi.dll - ok
21:15:13.0889 0x1660  [ 3B2574A4BCAAB325288DB198E4B9CAE6, E98A6EAA67B5B9B7FE4430847A0F8967C8F2C2DFB3C88244C616CD0BB5998DFE ] C:\Program Files (x86)\Internet Download Manager\idmmkb.dll
21:15:13.0889 0x1660  C:\Program Files (x86)\Internet Download Manager\idmmkb.dll - ok
21:15:13.0890 0x1660  [ 8E01332CC4B68BC6B5B7EFFE374442AA, A4AD1D2FD3EC2F26949DBBC388F9FFF3713AD7EB4E9220AF817EBB5223E467C6 ] C:\Windows\SysWOW64\oleacc.dll
21:15:13.0890 0x1660  C:\Windows\SysWOW64\oleacc.dll - ok
21:15:13.0892 0x1660  [ 2031DCC0083A134AF9451CD1402FFCE3, 4E2646A5607C543648F9324A5B59FB389E683F6B652004A736B8FFAC7E0112CD ] C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll
21:15:13.0892 0x1660  C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll - ok
21:15:13.0894 0x1660  [ A634431AEB7D85869CB57D527CC4D5F1, A03297789B5A784AF3765C523B33B9D54578E38A178CA67103B5E0E74F905331 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
21:15:13.0894 0x1660  C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe - ok
21:15:13.0895 0x1660  [ 1473768973453DE50DC738C2955FC4DD, 14BC5DA2442CB726ACC1F277DDBECCF5D61E3A0A3E083A55A0BB610191E35220 ] C:\Windows\System32\wdmaud.drv
21:15:13.0895 0x1660  C:\Windows\System32\wdmaud.drv - ok
21:15:13.0897 0x1660  [ A75E75473B04FB48C71AC806DAEAC5A5, B79B8AA9276E39F5821BF261DA320B48127F1AABCB478381490AAB86CEAA195D ] C:\Program Files (x86)\AVG\AVG2014\avgapps.dll
21:15:13.0897 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgapps.dll - ok
21:15:13.0899 0x1660  [ 8560FFFC8EB3A806DCD4F82252CFC8C6, CC27BC092369A89D6147B16568FEDEB68B584D5738CD686C31F7FAE22ED17B3B ] C:\Windows\System32\ksuser.dll
21:15:13.0899 0x1660  C:\Windows\System32\ksuser.dll - ok
21:15:13.0900 0x1660  [ F2A24E4AEC0F8D5DBAB10CB87A8EFED2, 1E2084BB76072596AB2E846DB45318453E1C82C1141385B7D73A1AD5EB30E8BD ] C:\Windows\SysWOW64\sti.dll
21:15:13.0900 0x1660  C:\Windows\SysWOW64\sti.dll - ok
21:15:13.0902 0x1660  [ 10AC5CE9F78DC281A1BBD9B8CC587B8A, 72288C0A88916D3C3828DBD948DBDB0928F26106319F8E60102D6C9004514D60 ] C:\Windows\System32\msacm32.dll
21:15:13.0902 0x1660  C:\Windows\System32\msacm32.dll - ok
21:15:13.0903 0x1660  [ 1B7C3A37362C7B2890168C5FC61C8D9B, 03727930E5BB5F9D91BAB901FC9A2E3B795D68E2AEE6A2CC3477F356C45A9C54 ] C:\Windows\System32\msacm32.drv
21:15:13.0903 0x1660  C:\Windows\System32\msacm32.drv - ok
21:15:13.0905 0x1660  [ 3C6C4F7225CD438D6AEA8E32976AB01C, FC949F99F4E613C8E40F7E71C85993C3CD9ABF857A0AD85001B6B8F0E61CD7F1 ] C:\Program Files (x86)\EPSON Software\Event Manager\ScanEngine30.dll
21:15:13.0905 0x1660  C:\Program Files (x86)\EPSON Software\Event Manager\ScanEngine30.dll - ok
21:15:13.0906 0x1660  [ 692F257746A7DFA5D38FF6F3D0571AFF, 91FCA7201973E11156B6504B5EE77C895F9C08303FFEB02A541A09AD2E01964E ] C:\Program Files (x86)\EPSON Software\Event Manager\ScnMgr10.dll
21:15:13.0906 0x1660  C:\Program Files (x86)\EPSON Software\Event Manager\ScnMgr10.dll - ok
21:15:13.0908 0x1660  [ CA2A0750ED830678997695FF61B04C30, E84860CD97AA3C4565ABB2D5D406A5C42B1AD2D8BA1B8CF81FE564D91F15F976 ] C:\Windows\System32\midimap.dll
21:15:13.0908 0x1660  C:\Windows\System32\midimap.dll - ok
21:15:13.0909 0x1660  [ 163A95975E1D8819E653AA3E961371CA, 05B13500741861E5384773D234D26CEFB52B115CCFBAE9F030881289EE4F3C58 ] C:\Windows\twain_32.dll
21:15:13.0909 0x1660  C:\Windows\twain_32.dll - ok
21:15:13.0910 0x1660  [ C1395286B822E306B4FE1568A8A77813, 0642B6C793BE0EED5E7D1D2533FC5A01417C50040FC60A8E89BD97CE4A119388 ] C:\Windows\System32\AUDIOKSE.dll
21:15:13.0910 0x1660  C:\Windows\System32\AUDIOKSE.dll - ok
21:15:13.0912 0x1660  [ 04CB7C8FDC6D9640DD82A527208F72C4, 0F8A327B0234A29EAB1F03D9102A3DF7DB4515BF580163198C5A8C174C98DE4F ] C:\Windows\System32\UIAnimation.dll
21:15:13.0912 0x1660  C:\Windows\System32\UIAnimation.dll - ok
21:15:13.0913 0x1660  [ 6F3C559B82F2912354BE5B098744CC8C, EB64E5C02C81588921A65194E1256E80699A1317E7D9A57395CD38C2639C8B08 ] C:\Windows\System32\WMALFXGFXDSP.dll
21:15:13.0913 0x1660  C:\Windows\System32\WMALFXGFXDSP.dll - ok
21:15:13.0914 0x1660  [ 08903BBB4B73CB2BD3114952F67A1007, ACB319D338CEB2CBD5030912C69E1B044E06C202F50BD6A01DC49E2E3F4C4075 ] C:\Users\captn\Desktop\FRST64.exe
21:15:13.0914 0x1660  C:\Users\captn\Desktop\FRST64.exe - ok
21:15:13.0916 0x1660  [ 42A9CB6906D9A8BEDC83B57163E62924, E18522D3137653140757829EFBFCE624A5BAA5842E2BBA10B9E5AB6C84BE49E1 ] C:\Windows\System32\DXP.dll
21:15:13.0916 0x1660  C:\Windows\System32\DXP.dll - ok
21:15:13.0917 0x1660  [ 12EFD5FA51597F188E5DB50BE20EE597, 948A6EF3CAF4D995E2112EAFDB728C794B46FF0064D357E5A38091D8FC739C3A ] C:\Users\captn\Desktop\AdwCleaner.exe
21:15:13.0917 0x1660  C:\Users\captn\Desktop\AdwCleaner.exe - ok
21:15:13.0919 0x1660  [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891, 0A82A475301202791A7C10F978F952EAB7DB146A702D4EA67E24E2C98BC19638 ] C:\Windows\System32\Syncreg.dll
21:15:13.0919 0x1660  C:\Windows\System32\Syncreg.dll - ok
21:15:13.0920 0x1660  [ C836175870E00ACC546066632E15BD10, 4347F3319C26DA1C38F395C74DBD67AF886149C8F29EDE765DD96C8480A3054A ] C:\Windows\ehome\ehSSO.dll
21:15:13.0920 0x1660  C:\Windows\ehome\ehSSO.dll - ok
21:15:13.0922 0x1660  [ CAA7994CCE79060FA7EA02DEDF88983E, 80701E0BED2133A1CBACF58B8B4CF7365E2A74DB252FDC47F351E55AD9C0A065 ] C:\Windows\twain_32\escndv\xp610.ds
21:15:13.0922 0x1660  C:\Windows\twain_32\escndv\xp610.ds - ok
21:15:13.0923 0x1660  [ 80279007CAB3549A5999348BD0C23732, DACAEC11F7A3E8DCED98A4440B389839DAA95DCC81C01265673B1C4F3B87B56A ] C:\Windows\SysWOW64\wiadss.dll
21:15:13.0923 0x1660  C:\Windows\SysWOW64\wiadss.dll - ok
21:15:13.0925 0x1660  [ 0503D60AFCED7CB601C7CA70C08E8CAC, 546B41843CB34CBF414D531DBEB05B1312B6676E0CABA986271B24BEEFE86F12 ] C:\Windows\twain_32\wiatwain.ds
21:15:13.0925 0x1660  C:\Windows\twain_32\wiatwain.ds - ok
21:15:13.0926 0x1660  [ 2E483EC51216B52C711C7EC642798BB7, 98DFAAEA25FE4A450FEA18F36E0B0AA6143A0D1C89CB406857BEE5154D5931BB ] C:\Windows\System32\sti.dll
21:15:13.0926 0x1660  C:\Windows\System32\sti.dll - ok
21:15:13.0927 0x1660  [ A42F2C1EB3B66C54FB3C7B79D30C1A6D, A63836DB3B01835DC1311526A95198D6EBCCB1DC9DDAFBC38EC36C128CDB98B9 ] C:\Windows\System32\netshell.dll
21:15:13.0927 0x1660  C:\Windows\System32\netshell.dll - ok
21:15:13.0929 0x1660  [ B087F2B901570F6EF62F6C2E01A480F3, 9303CB715184D161F3BD8E9EE8799009375B17FA1BD5D7EF661D7CD7555AA251 ] C:\Windows\SysWOW64\wiatrace.dll
21:15:13.0929 0x1660  C:\Windows\SysWOW64\wiatrace.dll - ok
21:15:13.0930 0x1660  [ F0204EA8D5231142EC5FFD23E8D1D257, CB9EA32F8B2015D9CCBEBBF4F32D654515965B8A6C7FE213B8A50F94DBA32239 ] C:\Program Files (x86)\EPSON Software\Event Manager\EPNSM.dll
21:15:13.0930 0x1660  C:\Program Files (x86)\EPSON Software\Event Manager\EPNSM.dll - ok
21:15:13.0932 0x1660  [ 637124CDBFF5819CB8A8478838A33048, 7B6F46A73308E26E8AB22B01C7F6A7A94032AB0469B55ACF83ACE7EB0D612699 ] C:\Program Files (x86)\EPSON Software\Event Manager\ESPSUTL.dll
21:15:13.0932 0x1660  C:\Program Files (x86)\EPSON Software\Event Manager\ESPSUTL.dll - ok
21:15:13.0934 0x1660  [ E7368F0A8D19445EAF5C5D0DBB8B8DAB, CF9082360E32A7C3E13A67AC2C6192F4A76870D43DA9FF2936993A637F712761 ] C:\Windows\System32\AltTab.dll
21:15:13.0934 0x1660  C:\Windows\System32\AltTab.dll - ok
21:15:13.0935 0x1660  [ F2C7BB8ACC97F92E987A2D4087D021B1, 142E1D688EF0568370C37187FD9F2351D7DDEDA574F8BFA9B0FA4EF42DB85AA2 ] C:\Windows\System32\notepad.exe
21:15:13.0935 0x1660  C:\Windows\System32\notepad.exe - ok
21:15:13.0936 0x1660  [ C8FDF0FA9E97E2FAAF3F814716AAA881, DD24A1CAB44D943B0E1A795A347AD25D9305FC7F012A2566A6A14BD47221831F ] C:\Windows\System32\WPDShServiceObj.dll
21:15:13.0936 0x1660  C:\Windows\System32\WPDShServiceObj.dll - ok
21:15:13.0938 0x1660  [ 6D0BCB1BA8F55A6C1107C2D9DA03DAD7, 175019D3359446DDD2416EA5462AEB82434DBC9C96E3AC4726F5E68D0728F10F ] C:\Program Files\CCleaner\CCleaner64.exe
21:15:13.0938 0x1660  C:\Program Files\CCleaner\CCleaner64.exe - ok
21:15:13.0939 0x1660  [ 10F815BE90A66AAFC6C713D1BD626064, 01139FC04BC53594296F6A0E16B8D20B940F64BC8119FE7705C03C4947958F39 ] C:\Windows\System32\pnidui.dll
21:15:13.0939 0x1660  C:\Windows\System32\pnidui.dll - ok
21:15:13.0941 0x1660  [ B9F0A4020AA98B7A20287BF7FE99A1FD, 21138F161EEEA46198890C7A2D073F2C82829E15676131BDAD9F237EDC7477CD ] C:\Windows\System32\QUTIL.DLL
21:15:13.0941 0x1660  C:\Windows\System32\QUTIL.DLL - ok
21:15:13.0942 0x1660  [ E0B340996A41C9A75DFA3B99BBA9C500, D029AD8ABBD2267B1E44DF5172B93C3F832B4C21F930F5512C24E800F5CE4F8B ] C:\Windows\System32\SearchIndexer.exe
21:15:13.0942 0x1660  C:\Windows\System32\SearchIndexer.exe - ok
21:15:13.0943 0x1660  [ 234AFA322624B3203A2E720F08292B03, 0C0ACDD63FD82EDD34442E9E0763872BA6BF6AC73AB89147EA5FDD1E0229CC0A ] C:\Windows\System32\cscobj.dll
21:15:13.0943 0x1660  C:\Windows\System32\cscobj.dll - ok
21:15:13.0945 0x1660  [ 8569E35D00F45972E506502EEE622BA4, 01FE851C03DB88C8373099C279F995A559D962B08932E193032FA3EAD522FB01 ] C:\Windows\System32\srchadmin.dll
21:15:13.0945 0x1660  C:\Windows\System32\srchadmin.dll - ok
21:15:13.0946 0x1660  [ 92DBF0A4C9239169010FC6E07859C82E, 00FB2CF4420F0FFEF519AFE732A708CF249640121E2A891CAA164313ABD7F804 ] C:\Windows\System32\ActionCenter.dll
21:15:13.0946 0x1660  C:\Windows\System32\ActionCenter.dll - ok
21:15:13.0948 0x1660  [ F4FEC311177C29BF7FF3A1B6002B3B64, A51312B76D0187BF729BE75A3AA404F3EFDA25B33DBC2D2B1B6218ECEC4E8429 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe
21:15:13.0948 0x1660  C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe - ok
21:15:13.0950 0x1660  [ 4C39358EBDD2FFCD9132A30E1EC31E16, 06918CF99AD26CD6CF106881C0D5BDB212DC0BAC4549805C9F5906E3D03D152C ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
21:15:13.0950 0x1660  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
21:15:13.0951 0x1660  [ 589DF683A6C81424A6CECE52ABF98A50, 8CE0D07B2FC1F1BF8C07434FAFCDC63FDD3B75007C3B2EED130DB69D2D16E90A ] C:\Windows\System32\tquery.dll
21:15:13.0951 0x1660  C:\Windows\System32\tquery.dll - ok
21:15:13.0952 0x1660  [ C746F3BF98E92FB137B5BD2B8B5925BD, 67A8990F3D491D149E65C90042909259793C65E671DC953FDA1F7590FAC23D9E ] C:\Windows\System32\FXSST.dll
21:15:13.0952 0x1660  C:\Windows\System32\FXSST.dll - ok
21:15:13.0954 0x1660  [ 4A3CDCEF8ED41B221F3DBEF5792FB52D, 6BB5F3A7147660DB416B838893C7D0734872ADA9F7DB68B1D019043A1CB89397 ] C:\Windows\SysWOW64\ctfmon.exe
21:15:13.0954 0x1660  C:\Windows\SysWOW64\ctfmon.exe - ok
21:15:13.0955 0x1660  [ 5EEEB1EE39B247C176F89A9159B79933, 7FC0BA22269DE60091CDCC7F5D3F5CEE95001733F68CC4367621C38832EC2A53 ] C:\Program Files (x86)\AVG\AVG2014\avgfilevaultx.dll
21:15:13.0955 0x1660  C:\Program Files (x86)\AVG\AVG2014\avgfilevaultx.dll - ok
21:15:13.0957 0x1660  [ 650CAEA856943E29F25A25D31E004B18, DCA63D2AF4C6F14B27EA006F200E58A5C13AC940A51947A40F668908A446CC4E ] C:\Windows\System32\FXSAPI.dll
21:15:13.0957 0x1660  C:\Windows\System32\FXSAPI.dll - ok
21:15:13.0958 0x1660  [ C8E8B8239FCF17BEA10E751BE5854631, CB869195E78AB613CEF50AE3B247F0E4E42F233A7AAF5B2BFC5ADEA2C45C5F8D ] C:\Windows\System32\FXSRESM.dll
21:15:13.0958 0x1660  C:\Windows\System32\FXSRESM.dll - ok
21:15:13.0960 0x1660  [ 7568CC720ACE4D03B84AF97817E745EF, 7155144CB0B260B969C398A36BC277C97BEADB5DB137D19A4F7E5AF61C3E24D4 ] C:\Windows\System32\mssrch.dll
21:15:13.0960 0x1660  C:\Windows\System32\mssrch.dll - ok
21:15:13.0961 0x1660  [ 5987EA8A82C53359BCD2C29D6588583E, 59E2DF91F8DA9E33DE65FA67A6A49A7C3F524618A87EAEFC8A28C5304E7FAB85 ] C:\Windows\SysWOW64\linkinfo.dll
21:15:13.0961 0x1660  C:\Windows\SysWOW64\linkinfo.dll - ok
21:15:13.0962 0x1660  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] C:\Windows\System32\FXSSVC.exe
21:15:13.0962 0x1660  C:\Windows\System32\FXSSVC.exe - ok
21:15:13.0964 0x1660  [ 3121A79D13A61562BE9CC902CD46B542, 00A5833A48338A4A9A5530844924AF4F1FAB618DA46D7EBBC6E2165C32ED376C ] C:\Windows\System32\msidle.dll
21:15:13.0964 0x1660  C:\Windows\System32\msidle.dll - ok
21:15:13.0965 0x1660  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] C:\Windows\System32\netman.dll
21:15:13.0965 0x1660  C:\Windows\System32\netman.dll - ok
21:15:13.0967 0x1660  [ B43687C534A49700BF4B3C9898763752, B4C371CB2C0EAC1803E6C845F629814B2CE4C568022EB6A1C9AC1F293BF74F40 ] C:\Windows\SysWOW64\MsCtfMonitor.dll
21:15:13.0967 0x1660  C:\Windows\SysWOW64\MsCtfMonitor.dll - ok
21:15:13.0968 0x1660  [ ACE1BB07E0377E37A2C514CD2EC119B1, A9AFA4774DFA875496764D6E541A6333A3ACD3C5D2BBEF753C2D80BA83B4AC15 ] C:\Windows\System32\mssprxy.dll
21:15:13.0968 0x1660  C:\Windows\System32\mssprxy.dll - ok
21:15:13.0970 0x1660  [ 56CEED370508F69A1BA04939BD1BADDA, C84F383F2B3C9581F635E51DA39567F0B5ED2D847B18CCE51022BA4B2FA7EA8D ] C:\Windows\SysWOW64\msutb.dll
21:15:13.0970 0x1660  C:\Windows\SysWOW64\msutb.dll - ok
21:15:13.0971 0x1660  [ 8494E126F0B10180F3293AF861CE1F7A, 538B1F30423DB2398E611BC46C80150C090698E633BABF7362F7060DBF0C3064 ] C:\Windows\System32\mlang.dll
21:15:13.0971 0x1660  C:\Windows\System32\mlang.dll - ok
21:15:13.0972 0x1660  [ D2155709E336C3BC15729EB87FEC6064, 682A84C0F2D892E7A6CEE4E5937B4799E352AAE3B71E7037F2A343373467443C ] C:\Windows\System32\rasdlg.dll
21:15:13.0972 0x1660  C:\Windows\System32\rasdlg.dll - ok
21:15:13.0974 0x1660  [ 9A85ABCE0FDD1AF8E79E731EB0B679F3, 2A610BEB16610FE2F2E9A50477A62A05481E8A5843A814955A0EDFF45D0304B3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
21:15:13.0974 0x1660  C:\Windows\SysWOW64\dhcpcsvc.dll - ok
21:15:13.0975 0x1660  [ 81F6C1AE23B1C493D9E996C3103915D7, E22408B4D2EDE2F89E686A4FDCD4057BE27B86D050E9CB489F0FFB39C72AEC1D ] C:\Windows\SysWOW64\dhcpcsvc6.dll
21:15:13.0975 0x1660  C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
21:15:13.0977 0x1660  [ 0531ACD2B676633B9F9365CAA1B9F9B6, 479635C7D6C7FE21C533F2510196C5FEB5209439F14CCA634D7117C8D1693A4D ] C:\Program Files\Internet Explorer\sqmapi.dll
21:15:13.0977 0x1660  C:\Program Files\Internet Explorer\sqmapi.dll - ok
21:15:13.0978 0x1660  [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2, E8ACB693B1A78FAEF292111BE3F9B10BA95C76833C06C931A08EAAAE39A21334 ] C:\Windows\System32\dot3api.dll
21:15:13.0978 0x1660  C:\Windows\System32\dot3api.dll - ok
21:15:13.0980 0x1660  [ E4FCA0F99A41E460C84016DEFD31E6EF, 8EB14AF2025EADC7C86280E8417D8F286E8271B4F88B31696E33DFD72B3A0EF2 ] C:\Windows\System32\wlanhlp.dll
21:15:13.0980 0x1660  C:\Windows\System32\wlanhlp.dll - ok
21:15:13.0981 0x1660  [ 357BE883C5236BFC7341CB9E82308908, 4DDB697FD9B7C516CF99D73C8799EA35BB97E2431216CD7C1045F17B06109FBF ] C:\Windows\System32\wlanapi.dll
21:15:13.0981 0x1660  C:\Windows\System32\wlanapi.dll - ok
21:15:13.0983 0x1660  [ C9FB9038B15036CA28CF0B4BE2BED9BD, 0F56384E798B3F725FFEFC6E31A980DA31F620DB847F601273EF19E8CE74A226 ] C:\Windows\System32\en-US\tquery.dll.mui
21:15:13.0983 0x1660  C:\Windows\System32\en-US\tquery.dll.mui - ok
21:15:13.0984 0x1660  [ 6699A112A3BDC9B52338512894EBA9D6, 10888BB9C3799E1E8B010C0F9088CED376AAD63A509FCE1727C457B022CDC717 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
21:15:13.0984 0x1660  C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
21:15:13.0986 0x1660  [ 5DA219F57A9076FB6FBD3C9C3713A672, 274FE616625B336D81841FDC752C8053D4CD6926565B899760D298D145CBA1A3 ] C:\Windows\System32\WWanAPI.dll
21:15:13.0986 0x1660  C:\Windows\System32\WWanAPI.dll - ok
21:15:13.0987 0x1660  [ 6B851E682A36453E1B1EE297FFB6E2AB, A641D3FD9463C4788B45B8B5584EA4489C1F63A71B4B595AE85FF3482CD5EDA6 ] C:\Windows\System32\QAGENT.DLL
21:15:13.0987 0x1660  C:\Windows\System32\QAGENT.DLL - ok
21:15:13.0989 0x1660  [ 62C7AACC746C9723468A8F2169ED3E85, 40E901F3EAFE52DF11D6BC4EF0E79F666EBDACE0B3C090CAD2358076E893EA47 ] C:\Windows\System32\wwapi.dll
21:15:13.0989 0x1660  C:\Windows\System32\wwapi.dll - ok
21:15:13.0990 0x1660  [ 591247795C736E82C4333C0D3BDD6044, 6D849AE47C6D4C0AAA8B73D44995C69D3CF963FB2753FD4C7104487E8EABA23C ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Core\Core.dll
21:15:13.0990 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Core\Core.dll - ok
21:15:13.0992 0x1660  [ F7A256EC899C72B4ECDD2C02CB592EFD, 9C1AA9322E83CABB94AEA4375EAEB0C44700E1F33B8BE98649BA1DF4DDFAD326 ] C:\Windows\System32\bthprops.cpl
21:15:13.0992 0x1660  C:\Windows\System32\bthprops.cpl - ok
21:15:13.0993 0x1660  [ 8B8D1CEF498678CAB9DF17145D34BC64, B833545CC592BBF77F4F3E6BA9961D10673AA3F4E2CF6369F6A3BDAF1BC02026 ] C:\Windows\SysWOW64\msxml3.dll
21:15:13.0993 0x1660  C:\Windows\SysWOW64\msxml3.dll - ok
21:15:13.0995 0x1660  [ A87154F0D1FC9A6BB8CEF4DD6A8746E7, 9540823602D2D53CBCDD0D108E0D52A4A0E401417C80E3603F0F16E1AA10F89C ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\AdobePIM.dll
21:15:13.0995 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\AdobePIM.dll - ok
21:15:13.0996 0x1660  [ C7494C67A6BF6FE914808E42F8265FEF, 3A3871983F2D9A57739C70365DC3F417D9BF02F5C0C4CC3272EA9F3D380EF962 ] C:\Program Files\Windows Media Player\wmpnssci.dll
21:15:13.0996 0x1660  C:\Program Files\Windows Media Player\wmpnssci.dll - ok
21:15:13.0998 0x1660  [ A9F3BFC9345F49614D5859EC95B9E994, 306467D280E99D0616E839278A4DB5BED684F002AE284C3678CABB5251459CB3 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
21:15:13.0998 0x1660  C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
21:15:14.0000 0x1660  [ E36112A8A6C7F840169A7E92C12F4203, 52795B2E6ECCE751EEF5074AF52FDE376A382D0A1C43B90DD4F77A397C00FBC5 ] C:\Windows\System32\wsock32.dll
21:15:14.0000 0x1660  C:\Windows\System32\wsock32.dll - ok
21:15:14.0001 0x1660  [ 423982DD851406A52B6399DDB196C606, 5FFBA6D1E9398E7C5D18553EE1C485F59174013622332F7BD8D461F707F1EC93 ] C:\Windows\System32\wmdrmdev.dll
21:15:14.0001 0x1660  C:\Windows\System32\wmdrmdev.dll - ok
21:15:14.0002 0x1660  [ 2C1055E2C6D42753241FB2A129136994, A8E858B4CB8E1E13C7574330C703E0060AEE8B7B19B682F9AE5B4A02BDC659E2 ] C:\Windows\System32\drmv2clt.dll
21:15:14.0002 0x1660  C:\Windows\System32\drmv2clt.dll - ok
21:15:14.0004 0x1660  [ 97A891E2BF7FDA830BCFC6269DA3F5E9, 7C8D68F0B0A7E4FF93820CC37D666FBA5400F8689860CFEB215E4A204F2C216B ] C:\Windows\System32\blackbox.dll
21:15:14.0004 0x1660  C:\Windows\System32\blackbox.dll - ok
21:15:14.0005 0x1660  [ 96DB78C9C50CEED9DA5050EFFEE272A2, 51CF3E1F96555A4E4B5BC0DE2598CE5A0199F495644A91C2105F25A5A4CF10E3 ] C:\Windows\System32\upnp.dll
21:15:14.0005 0x1660  C:\Windows\System32\upnp.dll - ok
21:15:14.0007 0x1660  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] C:\Windows\System32\ssdpsrv.dll
21:15:14.0007 0x1660  C:\Windows\System32\ssdpsrv.dll - ok
21:15:14.0008 0x1660  [ D9E21CBF9E6A87847AFFD39EA3FA28EE, B2AE0BBF907D4108DE3485E6059DF8D10C39707CD508A55A2D9627A66D01AE78 ] C:\Windows\System32\SearchProtocolHost.exe
21:15:14.0008 0x1660  C:\Windows\System32\SearchProtocolHost.exe - ok
21:15:14.0010 0x1660  [ F00AE7B953ABEF1B53FBBA187DFC8238, 6FFA160FB6821A725A7D81E1BECE1DE89E3E022B33E56A7468E2E0B4C8B2AE31 ] C:\Windows\System32\webcheck.dll
21:15:14.0010 0x1660  C:\Windows\System32\webcheck.dll - ok
21:15:14.0011 0x1660  [ D2A5B2B09F2AF5ED13BF494508B09788, 3FA04E84EC5A575E7804E44BA3BF1C4143E53C4ACF6C823CD029711529B0BE2C ] C:\Windows\System32\msshooks.dll
21:15:14.0011 0x1660  C:\Windows\System32\msshooks.dll - ok
21:15:14.0012 0x1660  [ 49A3AD5CE578CD77F445F3D244AEAB2D, 1D200547C6277C4A878A9ADD94045F7ACCC583609985C592AAE9B9B9CA7B812A ] C:\Windows\System32\SearchFilterHost.exe
21:15:14.0012 0x1660  C:\Windows\System32\SearchFilterHost.exe - ok
21:15:14.0014 0x1660  [ 8130391F82D52D36C0441F714136957F, 1FD4FEE7CAF63E450F27729E07EA2A2F09288629FD872DBB6E8710B16D8DBD5D ] C:\Windows\System32\imapi2.dll
21:15:14.0014 0x1660  C:\Windows\System32\imapi2.dll - ok
21:15:14.0015 0x1660  [ D44067027714CC58B8AB0AC38FDA1A0B, 56E96A58B5A53A68485F8D2F7BA286F2B174AB910BD45145258D48251F489F02 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
21:15:14.0016 0x1660  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
21:15:14.0017 0x1660  [ A08C010D859F8EB42BDD7E1D55B8CA27, F86EAFBF7AA41D8425156C07398EDC3BD42F1690BD3E15D27AEF2EDA86549F15 ] C:\Windows\System32\mscoree.dll
21:15:14.0017 0x1660  C:\Windows\System32\mscoree.dll - ok
21:15:14.0018 0x1660  [ 48041BAEB60CE5F34F13CC2A1361E49C, AF82355A4C0D872F1F45261381C23C1510C2C77DD5F040B706FD7A3D63D4BAA4 ] C:\Windows\System32\mssph.dll
21:15:14.0019 0x1660  C:\Windows\System32\mssph.dll - ok
21:15:14.0020 0x1660  [ 8F4BB0CFECED925D440ABC2481278360, 0A87E7E1B38300E211F2ECA10BFB9831CF79B128DEB9D7AB0AA6A715197FF2DD ] C:\Windows\System32\mapi32.dll
21:15:14.0020 0x1660  C:\Windows\System32\mapi32.dll - ok
21:15:14.0022 0x1660  [ B9C5CA87E73A001925B5D523DD737D7B, 4139F0F667D1AAB55FE9BA7D1DB0F014ECB14BEC3ADA491EE5DC6B37A82D6F1F ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreExt\CmdCntr.dll
21:15:14.0022 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreExt\CmdCntr.dll - ok
21:15:14.0023 0x1660  [ 362DAF31504A6D8665F3C452A4B5846A, DF24D486DD415322036E0C08338FA929A7C7B9D5EC95F93E49999AF745BDA40E ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreExt\VulcanMessage5.dll
21:15:14.0023 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreExt\VulcanMessage5.dll - ok
21:15:14.0025 0x1660  [ ED0E7BDE5FC59F159E22DA7A0DCB75B7, 3E4C89AD0ED4882DEACA46C23BB637C0DC0FD95DDE77ED8105832DF0BFE5AABC ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreExt\VulcanWrapper.dll
21:15:14.0025 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreExt\VulcanWrapper.dll - ok
21:15:14.0027 0x1660  [ 1F85A80EBC4C4C1D562094F5AB231077, 30C5C93B267FB6371281B1C5E7C1D37897196157E47E8824EB42D3C3C4D69B3B ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
21:15:14.0027 0x1660  C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe - ok
21:15:14.0028 0x1660  [ 6A5C1A8AC0B572679361026D0E900420, B5E693B48B462E97738A3D4E58B60846159649EB15F4D11074B4BC107CC88562 ] C:\Windows\System32\hgcpl.dll
21:15:14.0028 0x1660  C:\Windows\System32\hgcpl.dll - ok
21:15:14.0030 0x1660  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] C:\Windows\System32\fdPHost.dll
21:15:14.0030 0x1660  C:\Windows\System32\fdPHost.dll - ok
21:15:14.0031 0x1660  [ 171D7DB433314A868507C4326E8209DC, 254E0D9F99CE47104CF21D8E968D89D6A09B9CE47168E760BAB28AD5A1E9E6A3 ] C:\Windows\System32\fdWSD.dll
21:15:14.0031 0x1660  C:\Windows\System32\fdWSD.dll - ok
21:15:14.0033 0x1660  [ 2A436796758BF2555A26C770FE8A6FEE, 9E42AF3A3CB05E323CBB7F93FE7C454CD251672C5D9F5E94909131A5D8F9204A ] C:\Windows\System32\fdProxy.dll
21:15:14.0033 0x1660  C:\Windows\System32\fdProxy.dll - ok
21:15:14.0034 0x1660  [ A2E5B2D20954210DCE1A75A1FC8CC36D, 1EA240AC37ECA4EC3E542F9E6DF72753EBA1DF76CBA8691EC61ABCC51EE6FCB2 ] C:\Windows\System32\fdSSDP.dll
21:15:14.0034 0x1660  C:\Windows\System32\fdSSDP.dll - ok
21:15:14.0035 0x1660  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] C:\Windows\System32\ListSvc.dll
21:15:14.0035 0x1660  C:\Windows\System32\ListSvc.dll - ok
21:15:14.0037 0x1660  [ B6411CED931AFD059E48C52DBFBA95B4, 4E275A691E6A1C07D72DC8DA16B58B6634286A5058C3F4AC0ABD92B9A57FB5D5 ] C:\Windows\System32\P2P.dll
21:15:14.0037 0x1660  C:\Windows\System32\P2P.dll - ok
21:15:14.0038 0x1660  [ 92E0508D924512F63FFEEFE498CBD11F, 1158011E4A1298DEC79133B40888AA87B06F5B64BA2AB461B58C22F5F9211D0C ] C:\Windows\System32\p2pcollab.dll
21:15:14.0038 0x1660  C:\Windows\System32\p2pcollab.dll - ok
21:15:14.0040 0x1660  [ 4A82EA2807B16FF577AEAF8ADB8779FF, C7F9A45FF80DFDE804D81BEE23C748A465AEB729DF2C9E327374CDD94E300547 ] C:\Windows\System32\IdListen.dll
21:15:14.0040 0x1660  C:\Windows\System32\IdListen.dll - ok
21:15:14.0041 0x1660  [ A0524499F4C63CADA7E1529FC77F5DC1, DCAF3C89B7363139EB128C6240CA2B301090BF18C57688B0990FC2BBF680752F ] C:\Windows\System32\hgprint.dll
21:15:14.0041 0x1660  C:\Windows\System32\hgprint.dll - ok
21:15:14.0043 0x1660  [ 509E88FF7B257885775791FAF0965D6A, FECD6785984DBB61C6C0EA8A3D8DAF034346E47C88ECA90564F855C2548E40B2 ] C:\Windows\System32\mobsync.exe
21:15:14.0043 0x1660  C:\Windows\System32\mobsync.exe - ok
21:15:14.0044 0x1660  [ 770DCACACBC43878C789A984A638CEC7, 39A4A036DC7842B368A8F3B6268C6F196FF0091CF648BFDE3319619082C07520 ] C:\Windows\System32\SyncInfrastructure.dll
21:15:14.0044 0x1660  C:\Windows\System32\SyncInfrastructure.dll - ok
21:15:14.0045 0x1660  [ F7BEEFF93EEDF1F8C08597BB61AE4CD2, E21006A0A0E07E57E6DE4D1C92088B9C01F69BC6F7CDFBE4D5AF748363E4AF9D ] C:\Program Files\Internet Explorer\ieproxy.dll
21:15:14.0045 0x1660  C:\Program Files\Internet Explorer\ieproxy.dll - ok
21:15:14.0047 0x1660  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] C:\Windows\System32\pnrpsvc.dll
21:15:14.0047 0x1660  C:\Windows\System32\pnrpsvc.dll - ok
21:15:14.0048 0x1660  [ 8CBBB27369F9F07BC5E874E750EAF9D0, 4C4BEA5AD454692E0A56ACFC83C495CA44B7BB2393388A5582CE3EBE5D81E2E1 ] C:\Windows\System32\wmp.dll
21:15:14.0048 0x1660  C:\Windows\System32\wmp.dll - ok
21:15:14.0050 0x1660  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] C:\Windows\System32\QAGENTRT.DLL
21:15:14.0050 0x1660  C:\Windows\System32\QAGENTRT.DLL - ok
21:15:14.0051 0x1660  [ 506A83A3BEEE9FCA09F0170DE9FC7D1B, 2DFBD792B68F3EBEF0843183CAE5D52B6FA04163808AFACF6C0D738455898C36 ] C:\Windows\System32\fveui.dll
21:15:14.0052 0x1660  C:\Windows\System32\fveui.dll - ok
21:15:14.0053 0x1660  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] C:\Windows\System32\wuaueng.dll
21:15:14.0053 0x1660  C:\Windows\System32\wuaueng.dll - ok
21:15:14.0054 0x1660  [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1, 13E0350F82C61ED03E9A09FF991610EEDA214B2EBAF042396F29D3D49A6298A9 ] C:\Windows\System32\P2PGraph.dll
21:15:14.0054 0x1660  C:\Windows\System32\P2PGraph.dll - ok
21:15:14.0056 0x1660  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] C:\Windows\System32\p2psvc.dll
21:15:14.0056 0x1660  C:\Windows\System32\p2psvc.dll - ok
21:15:14.0057 0x1660  [ 6DAFDE030FAC231588B9A49B130490F0, 3C94B4F01B2C1A7AE7F9AA45BF3A44294BA2D2F017E8D306327E2CDC9FFAC298 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreExt\Analytics.dll
21:15:14.0057 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreExt\Analytics.dll - ok
21:15:14.0059 0x1660  [ C7801D23B292FD265B8A35EEDBDDF627, 65BBB70753DA055FE3F71FC3F83EC9FDDF7B03CF2BC69D9D20EBC5BBA6BCAC66 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreExt\LocManager.dll
21:15:14.0059 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreExt\LocManager.dll - ok
21:15:14.0061 0x1660  [ A618AB50FEB0F6421F9B9DDD71586BFD, 21A831F5D6F1C134129247886568E7A518D39252479CD08F3FF16F817E0038DE ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreExt\C3Prefs.dll
21:15:14.0061 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreExt\C3Prefs.dll - ok
21:15:14.0062 0x1660  [ E2EA884954F508D897524A93422FDD33, 733975BF1E24155FBC4C2F69312C46473B312032928B6E79449AAB445B81A4AD ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreExt\ElevationManager.dll
21:15:14.0062 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreExt\ElevationManager.dll - ok
21:15:14.0064 0x1660  [ B6BE1D68B60C4D5FD27F82237BDAA7D1, 5ECCCF07C2E1ACD00B2B948228C3B1BB0B6AC487AB119893A1137945CCFA2278 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreExt\NotificationManager.dll
21:15:14.0064 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreExt\NotificationManager.dll - ok
21:15:14.0066 0x1660  [ CD54B819F1E9D200969900D607406E93, D7428EB08644B091787D100C7C0B1F586458A568DAA2FD91F8654D5650726668 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\c3containerBL.dll
21:15:14.0066 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\c3containerBL.dll - ok
21:15:14.0068 0x1660  [ 784345B4721D0B93950A5EF21FB7921D, D9312B263433461C81AF872DA87AC6A48368EBCCFBB50FDE0C1344C40A703AFD ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\HEX.dll
21:15:14.0068 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\HEX.dll - ok
21:15:14.0069 0x1660  [ AB272BBFB05A8585C3405EFA9F605774, 2E019FB20769BDBAAC5C55B0055602A5AAEC4F93494F4B2A686756ADA3B3D4E2 ] C:\Windows\System32\wmploc.DLL
21:15:14.0069 0x1660  C:\Windows\System32\wmploc.DLL - ok
21:15:14.0070 0x1660  [ 355A138ABDFD43FBABCAE3A1B06AB93D, 26015CE72D27E2F7FA7322203CDF236896A079F8325F1B24975CA12C57FD4B7B ] C:\Windows\System32\wmpps.dll
21:15:14.0070 0x1660  C:\Windows\System32\wmpps.dll - ok
21:15:14.0072 0x1660  [ F149E8CAE538DBF7059B00326673F602, 8B576A68AE43B506D0C7E91C63E8EF1DB9E73F0E87E48CF57086BCE51E5F8C36 ] C:\Windows\System32\wmpmde.dll
21:15:14.0072 0x1660  C:\Windows\System32\wmpmde.dll - ok
21:15:14.0073 0x1660  [ 021287C2050FD5DB4A8B084E2C38139C, EA27C640FE0F1E8BAE70BEF98E663E68A35336BB6D52D56B2367297D22C50648 ] C:\Windows\System32\WinSATAPI.dll
21:15:14.0073 0x1660  C:\Windows\System32\WinSATAPI.dll - ok
21:15:14.0075 0x1660  [ 28A7D7C7E2FDD1D55F12F750CD6331EC, 0CC0159D3F5682307439D8F3651A080430C7EAB8EFA25BA246AADF4665297E8D ] C:\Windows\System32\MSMPEG2ENC.DLL
21:15:14.0075 0x1660  C:\Windows\System32\MSMPEG2ENC.DLL - ok
21:15:14.0076 0x1660  [ 46767946E7B559D981C1DC04EC0AB36F, 69137AA9AEF9727FFD1B65AA4D658C6E8AAD3A062717B447260502B4D7DB90C6 ] C:\Windows\System32\devenum.dll
21:15:14.0076 0x1660  C:\Windows\System32\devenum.dll - ok
21:15:14.0077 0x1660  [ 558C42D165DB5799B4072DC0A9C27C0B, 2385E16ACF07252D5567EC091C1B39D39BB8199F60854D5A91EDC948C57B3A3F ] C:\Windows\System32\msdmo.dll
21:15:14.0077 0x1660  C:\Windows\System32\msdmo.dll - ok
21:15:14.0079 0x1660  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] C:\Windows\System32\upnphost.dll
21:15:14.0079 0x1660  C:\Windows\System32\upnphost.dll - ok
21:15:14.0080 0x1660  [ 619A67C9F617B7E69315BB28ECD5E1DF, F34F231D117CCDFEBB9CB35C8D6FDFA7051DA27FDC1204FCCFF361FC0B13A0FF ] C:\Windows\System32\wbem\WmiPrvSE.exe
21:15:14.0080 0x1660  C:\Windows\System32\wbem\WmiPrvSE.exe - ok
21:15:14.0082 0x1660  [ 07AD88DF9EF73215458867EFC1BFFE9E, 8C659B6F31111C09448B68889623886658C96467E7E5C95C1714E18AD3924463 ] C:\Windows\System32\wbem\wmiprov.dll
21:15:14.0082 0x1660  C:\Windows\System32\wbem\wmiprov.dll - ok
21:15:14.0083 0x1660  [ ECA6AC33BD9E441F7B47D173D715D268, 5B9017F80BD8C7823CFE1AB4C21D91388E1B31BF0D77058A98791D2FACA11EB6 ] C:\Windows\System32\msxml3.dll
21:15:14.0083 0x1660  C:\Windows\System32\msxml3.dll - ok
21:15:14.0085 0x1660  [ 71E68F2443A80BD4DA89181889C457EA, 8665D3DDF92B05EF287FB6EC43782512C23A1437764CF6F4DE0B00547F3C696B ] C:\Windows\System32\udhisapi.dll
21:15:14.0085 0x1660  C:\Windows\System32\udhisapi.dll - ok
21:15:14.0086 0x1660  [ 39DF8B2585550DCB80F755D977B854AA, C44800F0F1A05D7C1952D320D50EB8B7046A379F4EF378C2BAD9494ECC6CEE9F ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll
21:15:14.0086 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll - ok
21:15:14.0088 0x1660  [ 891FCFB576E7F3376D03938366FF918E, 03E675C1F7D0957829A771BEC0A6D34F665CC15D47650EFD1428864D24FA2DAF ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\icudt.dll
21:15:14.0088 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\icudt.dll - ok
21:15:14.0090 0x1660  [ 243974EC02F7AE49E4179C54624143AB, 755FA67F7BF10E3C6336788D297FBAA70F28F630852A43A78D3F7D7E3A7ECED0 ] C:\Windows\SysWOW64\MMDevAPI.dll
21:15:14.0090 0x1660  C:\Windows\SysWOW64\MMDevAPI.dll - ok
21:15:14.0091 0x1660  [ 545DA084884ED6AD1C00E7188551FDC0, 015C89CBC83A1F5055563B8B6E142263C1C7F49C6A6E5599B38965C9A89D169F ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\NEX\NEX.dll
21:15:14.0091 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\NEX\NEX.dll - ok
21:15:14.0093 0x1660  [ 2170F1A109E238A661F62626F0293C67, 505C00E83F5B0FA542DDD2CEC805798FDE7E2C0634C06F10B9E33FA67974F248 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\c3containerUI.dll
21:15:14.0093 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\c3containerUI.dll - ok
21:15:14.0094 0x1660  [ 1C0E369575F387460E2A5F28269B2CC4, 96F26EF7483F9EB7B79DFCF50BB0261B981322BF8FB9F239D617FEACCEC466C8 ] C:\Windows\SysWOW64\DWrite.dll
21:15:14.0094 0x1660  C:\Windows\SysWOW64\DWrite.dll - ok
21:15:14.0096 0x1660  [ E1BB958681BE311E7CFF06CFEC5F1F2B, C2FDFC6C7350788A07DCB99A6A54FB9A96A6A578013DF46D0E5094A3CBF6E862 ] C:\Windows\System32\atmfd.dll
21:15:14.0096 0x1660  C:\Windows\System32\atmfd.dll - ok
21:15:14.0097 0x1660  [ D05512C593C9320AA8A8246ACDF248D4, E2C97C1969A3382F969A14B5CA4A96D8D02688CA71888FA8F640726178C3D634 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\P7\P7Native.dll
21:15:14.0097 0x1660  C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\P7\P7Native.dll - ok
21:15:14.0099 0x1660  [ 71B46B5538B4BD96D32D51E0F377C1AB, F759CEFBF1B760AEE0112690D6A0A217FAC5B21F873A33D2FCF913D8F3D452B7 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HomePanel\HomePanelBL.dll
21:15:14.0099 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HomePanel\HomePanelBL.dll - ok
21:15:14.0101 0x1660  [ B19F1F12C9B8FE96FE14F6717815B44D, 8C3D2F84E6AE06A57837F5EFBEA5ED4F5DD3BA9CD3C1616C8530EB998B72BEC4 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HomePanel\HomePanelUI.dll
21:15:14.0101 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HomePanel\HomePanelUI.dll - ok
21:15:14.0103 0x1660  [ 36E5A4B42DCB8198905FB45912F85A91, A89312E54A63CB887FA696E0BA91EF3C848C4F58C64D4F5DDFEFB3AA60D2C315 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\AppsPanel\AppsPanelBL.dll
21:15:14.0103 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\AppsPanel\AppsPanelBL.dll - ok
21:15:14.0104 0x1660  [ 131EB5E5A8CD92EB0A0A74F2D4FFA2B1, 507584C3A37F06F5049AA0A879EC71DA93CACF30B1360732EE5991C848DCA60D ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\AppsPanel\AppsPanelUI.dll
21:15:14.0104 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\AppsPanel\AppsPanelUI.dll - ok
21:15:14.0106 0x1660  [ D7ED5CE00559ABA23299B8A57F53BDA0, 6FFAA49536CD86C6CCDFB75D08395C7F22F18BB4463E24C54FD6E8087FC7BBDB ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\AssetsPanel\AssetsPanelBL.dll
21:15:14.0106 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\AssetsPanel\AssetsPanelBL.dll - ok
21:15:14.0108 0x1660  [ A2018DDEEBC1D2678068252864A7E3CA, 358311893B17CE2F36D5C2069DA64A35F53C3C1CD489D525D80D02F1460375A5 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\FilesPanel\FilesPanelBL.dll
21:15:14.0108 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\FilesPanel\FilesPanelBL.dll - ok
21:15:14.0109 0x1660  [ 39F5EEBF75A4C7191DC04B45E448A844, DA1C9C2E3466A11F9A84274FC7E98DA67E0FA5B5E31B4F7C7201429E4FBC9CD0 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\FontsPanel\FontsPanelBL.dll
21:15:14.0109 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\FontsPanel\FontsPanelBL.dll - ok
21:15:14.0111 0x1660  [ 40D08F256F5EC136AC95871FB68B6E0C, 056DCC7959208948A0F8E99417BCC99CD9C0E3A5EB3CA77A54389331AB115F58 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\MarketPanel\MarketPanelBL.dll
21:15:14.0111 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\MarketPanel\MarketPanelBL.dll - ok
21:15:14.0113 0x1660  [ F480AAE6FF6ED72678A7A9E68B92241B, 354895ECC312CF0EDD0B6BDC0C91D43BF2A2C09DFA7A31EDEAEF88A393761FA8 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\BehancePanel\BehancePanelBL.dll
21:15:14.0113 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\BehancePanel\BehancePanelBL.dll - ok
21:15:14.0114 0x1660  [ 7C6425F700DFBED0AC493836FE2A412C, BBFD62424BC3AB5D5B82F717EB13146E7E73118934B1D2115C14B4D3213B1BEA ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\BehancePanel\BehancePanelUI.dll
21:15:14.0114 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\BehancePanel\BehancePanelUI.dll - ok
21:15:14.0116 0x1660  [ 7A9C478319484CDC43C81586D37D3E4A, 76E90510BD0192B877B97F1C5742B5D35E3FEF52073515CB350CA907D18A7382 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
21:15:14.0116 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe - ok
21:15:14.0118 0x1660  [ 257D3D7399B3C9A40FCE850F108FAD77, D0AB14F8EC1ED2558C656EADCD2A7E3829B7B74324F3F184526048AE296512A7 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\P7\adobe_oobelib.dll
21:15:14.0118 0x1660  C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\P7\adobe_oobelib.dll - ok
21:15:14.0120 0x1660  [ B902538387142B0DF382AF266486BFA0, 7A52B4D4E10034B2B5C4608AA2C743315E2AA19D43459CE41B998C7A84586233 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\acsl.dll
21:15:14.0120 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\acsl.dll - ok
21:15:14.0121 0x1660  [ 54376AF77E94B3210DB7AD7B28BC1F0B, 12D5C01CBAD3A770681E18B3A183CA6ED4B329CAD58586AF9F827B0CD280199A ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\gude.dll
21:15:14.0121 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\gude.dll - ok
21:15:14.0123 0x1660  [ C001DCB281B4C913E5D515A7B6217B1C, 5C0B61C2B91A03BFDC8B908928413039BAF97838110450660880576EE4257217 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\boost_threads.dll
21:15:14.0123 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\boost_threads.dll - ok
21:15:14.0125 0x1660  [ B3EAFB85F9A7416017972AC9EFFA911E, 0352B78F610A41EEC9ADB0D391DF5F8C3CC65E521E1D7BB34C9A5E99EE51D3F9 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\dvacore.dll
21:15:14.0125 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\dvacore.dll - ok
21:15:14.0126 0x1660  [ 53223B673A3FA2F9A4D1C31C8D3F6CD8, B07A12E3ECD5E418A3F99F00C56E7F482F68CADE330E7C079DCCDFFAD2E21299 ] C:\Windows\SysWOW64\dbghelp.dll
21:15:14.0126 0x1660  C:\Windows\SysWOW64\dbghelp.dll - ok
21:15:14.0128 0x1660  [ B23BE13D02F9703CCA068983BD9428E9, E0F37132FD41B680F6429ADB7A397688F5E5E14D0FFAA41FA872118ED1D7CAFC ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\extensibility.dll
21:15:14.0128 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\extensibility.dll - ok
21:15:14.0129 0x1660  [ DF13A51A5C591887D2EC6AE64CEED0FA, DFD503AEBCAA056B2B0E669ACA52F6D26F4E6892F2DCFCCD902752C23A621653 ] C:\Windows\SysWOW64\wsock32.dll
21:15:14.0129 0x1660  C:\Windows\SysWOW64\wsock32.dll - ok
21:15:14.0131 0x1660  [ 2B010DD9B5920C8EC87EC85E4C7A510A, F7A94418E627F59D4D274456493A5A945E07C64A1F3033B17AB4D68B30459D7D ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\VulcanMessage5.dll
21:15:14.0131 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\VulcanMessage5.dll - ok
21:15:14.0133 0x1660  [ FE7A7FE4E540BEFD5430FF56BFC91FE1, B7B3D609B01F99F68E0A40865AE0DCED01E5C40D31D6CE5C0F1D74594D124748 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\plugins\ANSClient\ANSClient.dll
21:15:14.0133 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\plugins\ANSClient\ANSClient.dll - ok
21:15:14.0135 0x1660  [ B35F1A3976FF820112370AA09A491103, F7C9D58A1BE5409203D9B5EC1815462FE6C87222C14BA069BF6166E4431457AE ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\plugins\ExchangePlugin\ExchangePlugin.dll
21:15:14.0135 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\plugins\ExchangePlugin\ExchangePlugin.dll - ok
21:15:14.0137 0x1660  [ E03E5D4F58E1D824F69E94E5F13942D3, 75867A6B5BFB22FD9A175E89158FEE50783C1F8659C8C03612935F1A6E49C42D ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\plugins\LiveType\livetype.dll
21:15:14.0137 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\plugins\LiveType\livetype.dll - ok
21:15:14.0138 0x1660  [ 0959F4E708483EA61B9257C59B1503D2, 3868BB656C0B149F7281A513A75B753B1A91530C5D6872D0A088F53505284F5D ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\plugins\ExchangePlugin\ExManCoreLib\ExManCoreLibCoreSync.dll
21:15:14.0138 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\plugins\ExchangePlugin\ExManCoreLib\ExManCoreLibCoreSync.dll - ok
21:15:14.0140 0x1660  [ D5E76F79C70AF022FF9CC0CFB848F61B, 16819B40FD60D31B465EE25DB806DA2ACDBD1EE82289947A91A2045041BB2CB4 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\plugins\ExchangePlugin\ExManCoreLib\ExManZxpSign.dll
21:15:14.0140 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\plugins\ExchangePlugin\ExManCoreLib\ExManZxpSign.dll - ok
21:15:14.0142 0x1660  [ EE83863FBC16380608B0A28A3899D9A6, 1F17F289A1739ACA5028814DF0CC6D9AD65BB855500478C7954346A59B4DA0DE ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\plugins\ExchangePlugin\ExManCoreLib\libeay32.dll
21:15:14.0142 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\plugins\ExchangePlugin\ExManCoreLib\libeay32.dll - ok
21:15:14.0144 0x1660  [ C4DF5D38ED91BEFF712B27885C53DC58, F93814F7BE0B942351571233F91D6F085BA294B8F77E929509B47B1FDFAC415B ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\plugins\ExchangePlugin\ExManCoreLib\ssleay32.dll
21:15:14.0144 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\plugins\ExchangePlugin\ExManCoreLib\ssleay32.dll - ok
21:15:14.0145 0x1660  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] C:\Windows\SysWOW64\netprofm.dll
21:15:14.0145 0x1660  C:\Windows\SysWOW64\netprofm.dll - ok
21:15:14.0147 0x1660  [ 15E298B5EC5B89C5994A59863969D9FF, 8D38B2E023462D0804F72E907D11FF72CE84540EA3B8D83F411C602C3F6A1177 ] C:\Windows\SysWOW64\npmproxy.dll
21:15:14.0147 0x1660  C:\Windows\SysWOW64\npmproxy.dll - ok
21:15:14.0148 0x1660  [ 1542A92D5C6F7E1E80613F3466C9CE7F, E78B14513C47C1339D96065237E9D270F33D595D5A92F2B5C8F4F841E2A4AD5C ] C:\Windows\SysWOW64\icacls.exe
21:15:14.0148 0x1660  C:\Windows\SysWOW64\icacls.exe - ok
21:15:14.0150 0x1660  [ 7D39AB50F9156AD26284054B6BF7D94B, 140AEC3067D58FF56356D72AB718511AE9D4AAA73F60648DA45B5A5DAFA8F041 ] C:\Windows\System32\icacls.exe
21:15:14.0150 0x1660  C:\Windows\System32\icacls.exe - ok
21:15:14.0151 0x1660  [ 6607C2182C6A53ED983813AFE2F85768, FC9E718ABC4E0FBC7B0DD145F9C377A1800A7776AD832AB645796E13B1E15A1F ] C:\Windows\System32\wbem\cimwin32.dll
21:15:14.0151 0x1660  C:\Windows\System32\wbem\cimwin32.dll - ok
21:15:14.0153 0x1660  [ 1484B9EBF567346582DE571B0E164AE0, 9862BF22B2E32DABE7A82ACEE5B4EA1F0A93BDC3C71B20A6A4E568CCCD76A7A6 ] C:\Windows\System32\framedynos.dll
21:15:14.0153 0x1660  C:\Windows\System32\framedynos.dll - ok
21:15:14.0154 0x1660  [ C00DB14550E4BD49737F311C644E45FF, 7085C47DADEED82B6F98ED3903197D76B648E9D6CC67D40C789E236264D9A0DC ] C:\Windows\System32\wmi.dll
21:15:14.0154 0x1660  C:\Windows\System32\wmi.dll - ok
21:15:14.0155 0x1660  [ 5F639198C4137075DA50E61C23963C11, 3D03B3BF62B3469069AD6BE2AAEE152CB6722D36C001B8197FEBC2F3EB9ADBE0 ] C:\Windows\System32\drprov.dll
21:15:14.0155 0x1660  C:\Windows\System32\drprov.dll - ok
21:15:14.0157 0x1660  [ BC566D17914B07ABAAB3A5A385CC3300, DCE0A1D26312AA6441FB7122C6EED980AE350D58B2B4B166CB62F983306268E9 ] C:\Windows\System32\ntlanman.dll
21:15:14.0157 0x1660  C:\Windows\System32\ntlanman.dll - ok
21:15:14.0158 0x1660  [ B32AB94A432289AC2DF77A3DCAD32EED, B1021C78F940E6FA7A8992B2733B593B89DA57325A0A0D13D2767F193A78D90F ] C:\Windows\System32\davclnt.dll
21:15:14.0158 0x1660  C:\Windows\System32\davclnt.dll - ok
21:15:14.0160 0x1660  [ 45B24A357C801CE62052FE0CDC8BD4D2, 00602E41B78473825253F6B2557A5C43FBDDCCF713D806929AE7C039FF8F185C ] C:\Windows\System32\davhlpr.dll
21:15:14.0160 0x1660  C:\Windows\System32\davhlpr.dll - ok
21:15:14.0161 0x1660  [ 8F313280B04527AD2747E1BD2AE63377, 8A411BDB0FF2997A568ED27ED758A9BF08C910EAE90FFD30F45CD004CAA4BF35 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\P7\axlibv7.dll
21:15:14.0161 0x1660  C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\P7\axlibv7.dll - ok
21:15:14.0162 0x1660  [ C30A3E5DEEEBA22E782AC54C5AF5F352, 80939A7B5354032256706C6CA0C3CCC7E67CD1C1C81EAEA2CBC74997C0863662 ] C:\Windows\SysWOW64\samlib.dll
21:15:14.0162 0x1660  C:\Windows\SysWOW64\samlib.dll - ok
21:15:14.0164 0x1660  [ 012787CEB35505EB78DF82E0A0072888, FE082EF9F8462589F8C8BEEFB1D10AB06E1E3D6F4494CABF34097328C109C03E ] C:\Windows\System32\browcli.dll
21:15:14.0164 0x1660  C:\Windows\System32\browcli.dll - ok
21:15:14.0165 0x1660  [ C4BFE4B61086416B0529212F92BCE081, A5EE6FB81229885C7A4A4EF0A9C3E9EE9E7F85C1EDE9BEEE236EB0503093D8F3 ] C:\Windows\System32\schedcli.dll
21:15:14.0165 0x1660  C:\Windows\System32\schedcli.dll - ok
21:15:14.0168 0x1660  [ 5AD49F17B7D7FCD2947ED42F4F9E6874, 965DECDFA99EB500B818B1A9E7D24FF95CF355B9D28DA52C529DC388A6092192 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\P7\adobe_upgrade.dll
21:15:14.0168 0x1660  C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\P7\adobe_upgrade.dll - ok
21:15:14.0169 0x1660  [ 128689348FF25EAFE5FBAEFD113AD4FE, 9FCA53EDCDAF55F5CCB3CA0CFC4FF162177E9E0EF49F9C891277546482D2ADC9 ] C:\Program Files\NVIDIA Corporation\Display\nvsmartmax64.dll
21:15:14.0169 0x1660  C:\Program Files\NVIDIA Corporation\Display\nvsmartmax64.dll - ok
21:15:14.0171 0x1660  [ C5BEF5C18AE2199A6619769414D42BA4, 41882B9515F1D4F9E91782DC4D24F1D914EBC76EAE5D94099C3A4B429391630C ] C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
21:15:14.0171 0x1660  C:\Program Files\NVIDIA Corporation\Display\nvtray.exe - ok
21:15:14.0172 0x1660  [ F11A57E91FDAECFB41A5CB21EB1EBC8E, 904DA963F2274ADF521660E3131DAC781E59C6FAEB393E57802A3B5638C09283 ] C:\Windows\System32\dssenh.dll
21:15:14.0172 0x1660  C:\Windows\System32\dssenh.dll - ok
21:15:14.0174 0x1660  [ 37D7A787487F7EEB8E251B97D763FEC4, 095D8944669C66709837FE0A82640EECBA5C377C48FAC56A2DC7FA85736D7F73 ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll
21:15:14.0174 0x1660  C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll - ok
21:15:14.0175 0x1660  [ CCF663A34D75B59114003B63692818B6, 04801E81090E305636EDCA57B2CDB590F3EFD04FDC7E49B58390BD61181AF6B1 ] C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU64.dll
21:15:14.0175 0x1660  C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU64.dll - ok
21:15:14.0177 0x1660  [ EB78541FAA6B6114215D4F713F44FC95, C070A7830D4B2F05E529060CE048C5658E1E88B7250B5DB5F036F8AC7ED6040A ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\P7\IMSLib.dll
21:15:14.0177 0x1660  C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\P7\IMSLib.dll - ok
21:15:14.0179 0x1660  [ 8DAA13E03FE2F9369EE3385078216B91, 96646F6A44E5E1907799F1D4A2A2E762EDA7EF186DCC3900A61C1454A990E37D ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll
21:15:14.0179 0x1660  C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll - ok
21:15:14.0180 0x1660  [ F95E1E9D97D25C11F29CA34C843A6F4D, 97DF01FA582425B72EFE54BE1CE8B28C4A8BA680A081F4D32797C5A0425FFB41 ] C:\Windows\SysWOW64\schannel.dll
21:15:14.0180 0x1660  C:\Windows\SysWOW64\schannel.dll - ok
21:15:14.0182 0x1660  [ C61DDFE40204F3BE3DF111981D91560E, 450D5E608D344B2186A73F5421CAF1792902BFB428182D6C5A971C5E0686842F ] C:\Windows\SysWOW64\ncrypt.dll
21:15:14.0182 0x1660  C:\Windows\SysWOW64\ncrypt.dll - ok
21:15:14.0183 0x1660  [ CE71B9119A258EDD0A05B37D7B0F92E3, D9310C5BBFE089B8C81E259C462EC1E6D7A7A87FA59FC1F174ED5C58D409AE7A ] C:\Windows\SysWOW64\bcrypt.dll
21:15:14.0183 0x1660  C:\Windows\SysWOW64\bcrypt.dll - ok
21:15:14.0185 0x1660  [ E8449FE262D7406BCB2AC2A45C53EC5F, 6C118C9FB26404D1943824CF3990F36E12986547FFACB7CC0DF975A913065D78 ] C:\Windows\SysWOW64\bcryptprimitives.dll
21:15:14.0185 0x1660  C:\Windows\SysWOW64\bcryptprimitives.dll - ok
21:15:14.0186 0x1660  [ 1097F3035BAF46CED8B332B3564C5108, C69781683CA963A1335780DABBBC60E2C3CEF0888738D3425D358D12E8D0AF58 ] C:\Windows\SysWOW64\gpapi.dll
21:15:14.0186 0x1660  C:\Windows\SysWOW64\gpapi.dll - ok
21:15:14.0187 0x1660  [ C57BC99A4467B3E8F1CC2184A3F46729, 5DF1CFE59E597CEC6E6C1C3945D5FA4DE487E811F08D4E1A6ACC83932D5FDB42 ] C:\Windows\System32\drt.dll
21:15:14.0187 0x1660  C:\Windows\System32\drt.dll - ok
21:15:14.0189 0x1660  [ 2E7ADF9B0389CD94605717784D7E416A, A8E478A2FAE9013921B41E8929F92006AC17B7961FA60D807E9BA6C1C66E1DC6 ] C:\Windows\System32\drttransport.dll
21:15:14.0189 0x1660  C:\Windows\System32\drttransport.dll - ok
21:15:14.0191 0x1660  [ 24C60E57189A5475B439D60C64163DF0, A88BE706F100C1B292C4B8A17BDBE70B3B8E591CE890930E01DFB2A8D5AB4A84 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
21:15:14.0191 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe - ok
21:15:14.0193 0x1660  [ 75F5E1FE8D55CF8E577E0EC5F2290D3F, F4E2C81F0834018052A481AE8D7DF4780302A6844160CCDC09F7D82D3B992BDE ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll
21:15:14.0193 0x1660  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll - ok
21:15:14.0195 0x1660  [ 7B851A8018B1EA00A69707A390004884, DAE654713EF1DC66C8C2D27752B659081794063A7D522D1F680AA9A6E7FBA9FD ] C:\Windows\SysWOW64\cryptnet.dll
21:15:14.0195 0x1660  C:\Windows\SysWOW64\cryptnet.dll - ok
21:15:14.0196 0x1660  [ FC3001B4B9DF50B61F3CCA615759EFE7, 9AAE3665AD2893E7DB41965D430A7230B826AC4580603F20102E21C19C15535F ] C:\Windows\System32\PhotoMetadataHandler.dll
21:15:14.0196 0x1660  C:\Windows\System32\PhotoMetadataHandler.dll - ok
21:15:14.0198 0x1660  [ 96707DCE729F7BE5BD2360B500B785DD, A08A859743AF0EC1479E947CABE133F94F819BE58315FAEFDC609E2930642B0E ] C:\Program Files\Internet Explorer\IEShims.dll
21:15:14.0198 0x1660  C:\Program Files\Internet Explorer\IEShims.dll - ok
21:15:14.0199 0x1660  [ 6EF5F3F18413C367195F06E503AB86A6, 6F8B87FB4D67F9E76A51EF759B58A95D903C4AAC9C789A65A3FA1FC4F253D978 ] C:\Windows\SysWOW64\d3d9.dll
21:15:14.0199 0x1660  C:\Windows\SysWOW64\d3d9.dll - ok
21:15:14.0201 0x1660  [ 77B1471A490B53B24EFE136F09F76550, A650C3A244306F8E605BDA8E74BFE438356BA4403B0CB61E980D3183E3F0A7C7 ] C:\Windows\SysWOW64\d3d8thk.dll
21:15:14.0201 0x1660  C:\Windows\SysWOW64\d3d8thk.dll - ok
21:15:14.0202 0x1660  [ 1F27643C4C626457FCE8F047AE1CD7E1, 68E2367B9AA21C1BDE7FEA566D5F0DBDF1E246CB53E949622F8EDC810AA95956 ] C:\Windows\SysWOW64\dxva2.dll
21:15:14.0202 0x1660  C:\Windows\SysWOW64\dxva2.dll - ok
21:15:14.0204 0x1660  [ FDBA1DEC4F9BE4274A00B9B850C63484, 045846267BCB1D9C4931A4871C887D8496E92DF655936DD5D40375E09C950510 ] C:\Windows\SysWOW64\mf.dll
21:15:14.0204 0x1660  C:\Windows\SysWOW64\mf.dll - ok
21:15:14.0205 0x1660  [ 920BD93A0B64657A20CA66C2EBB167EA, F0E058D770418D94BAD473285720D079E9B1ED64C0E2DAF99187B8931EBC10F3 ] C:\Windows\System32\mshtml.dll
21:15:14.0205 0x1660  C:\Windows\System32\mshtml.dll - ok
21:15:14.0206 0x1660  [ 40B82688907A7DBA4DB3B5ADDE3EAB3B, 7A8A051F414A0A11252A361461A086890BCE9F49CE1AF794061184AE16517EF1 ] C:\Windows\SysWOW64\mfplat.dll
21:15:14.0206 0x1660  C:\Windows\SysWOW64\mfplat.dll - ok
21:15:14.0208 0x1660  [ 139D3AB6AA920C34C50CBFFB9EB7D222, 5A5D205E16E6AFDCC965E4144FE6E104157DE7541D31727520363F2670513940 ] C:\Windows\SysWOW64\avrt.dll
21:15:14.0208 0x1660  C:\Windows\SysWOW64\avrt.dll - ok
21:15:14.0209 0x1660  [ 9C67F6BBDA3881CFD02095160CF91576, 6CE97C6F0AD8BE183DE935A7AAB7D46821E8DE9E55A4BFF54ACB49D056826A94 ] C:\Windows\SysWOW64\ksuser.dll
21:15:14.0209 0x1660  C:\Windows\SysWOW64\ksuser.dll - ok
21:15:14.0211 0x1660  [ 2413D2216D08FAF7D7178D9E0B481AEB, 29784AB6D2B70DBBD89A893341F3063F2BF4DCDB6A7553F8BD866F938E51F37A ] C:\Windows\SysWOW64\msmpeg2vdec.dll
21:15:14.0211 0x1660  C:\Windows\SysWOW64\msmpeg2vdec.dll - ok
21:15:14.0212 0x1660  [ 53AF1750FD45DDD705C9B68C7DC58827, A379F7B8289DB02FE336EE09D02C9FED9B407DD173AEECAE98B5551FAB9D1CEB ] C:\Windows\SysWOW64\evr.dll
21:15:14.0212 0x1660  C:\Windows\SysWOW64\evr.dll - ok
21:15:14.0213 0x1660  [ 08DFDBD2FD4EA951DC46B1C7661ED35A, D926530C659DDAF80770663F46F1EFD94FFB4AAB475C4E3367CB531AF4A734E1 ] C:\Windows\SysWOW64\powrprof.dll
21:15:14.0214 0x1660  C:\Windows\SysWOW64\powrprof.dll - ok
21:15:14.0215 0x1660  [ 282F710DEF59C836E15C5BC648AA1279, 11A0EDE508FC09572B561FBC1732408FF4296212B17FA025C1A4699299FBB3D3 ] C:\Windows\SysWOW64\igdumdim32.dll
21:15:14.0215 0x1660  C:\Windows\SysWOW64\igdumdim32.dll - ok
21:15:14.0217 0x1660  [ C5EB53613C9A05B111004D0466993EA3, 4013CF0D798D42A350116AF6EB40FD0E0C39C47A4CF1DB2775D0810ECD6AE7CF ] C:\Windows\SysWOW64\igdusc32.dll
21:15:14.0217 0x1660  C:\Windows\SysWOW64\igdusc32.dll - ok
21:15:14.0218 0x1660  [ 1C9B45E87528B8BB8CFA884EA0099A85, 2F23182EC6F4889397AC4BF03D62536136C5BDBA825C7D2C4EF08C827F3A8A1C ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\d3dcompiler_43.dll
21:15:14.0218 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\d3dcompiler_43.dll - ok
21:15:14.0220 0x1660  [ EEA63B8CF19E59C4A51AD2D9A59DDA25, 32C97AB4581C6E6D0470B4F4159C6DB4D4E7306D2F2C398A128F1DD26F53110C ] C:\Program Files (x86)\Internet Explorer\iexplore.exe
21:15:14.0220 0x1660  C:\Program Files (x86)\Internet Explorer\iexplore.exe - ok
21:15:14.0221 0x1660  [ 9EFF09364ABDC86770FA0B1BCC9CA3C3, 493A7A95566AF066D78EEC32B7E22A7BD062A8CF771B0CFA5E31D7E2BDA50047 ] C:\Windows\System32\ieui.dll
21:15:14.0221 0x1660  C:\Windows\System32\ieui.dll - ok
21:15:14.0223 0x1660  [ 9273F69087B976D6AC41958CE8AE5861, B0377E8FFE536D8D408B2FF76500793208D24744CD766F4C955E337CE7C9128A ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\d3dx9_43.dll
21:15:14.0223 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\d3dx9_43.dll - ok
21:15:14.0224 0x1660  [ E6EC8284CAB854A99E2A79D541AB2069, E461324AFF7E01DDD455803327F33CB5F560F642D64F651F9BA494169892C066 ] C:\Program Files (x86)\Internet Explorer\IEShims.dll
21:15:14.0224 0x1660  C:\Program Files (x86)\Internet Explorer\IEShims.dll - ok
21:15:14.0227 0x1660  [ E4E13D6BC7A62BBD66163AF7A47337EE, 96B19A4466F89CB590D8621EF7E70D54AD5C1CA6DD60A31E07D56831FA8DE3F9 ] C:\Program Files (x86)\Internet Explorer\ieproxy.dll
21:15:14.0227 0x1660  C:\Program Files (x86)\Internet Explorer\ieproxy.dll - ok
21:15:14.0229 0x1660  [ 007863E45F25AA47A4C30D0930BBFD85, 60F2ABA40D520FCA2C57FA2DB72E111C14F21821DA17F662837506B80C269634 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
21:15:14.0229 0x1660  C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
21:15:14.0230 0x1660  [ 7BF1CE9240CB9DD27C3E30733176EB8E, 62ADA78B38E2C15A871FE02CCC3F05F943D66FB76EE69EBA5BC1ABF612AB4667 ] C:\Windows\SysWOW64\mshtml.dll
21:15:14.0230 0x1660  C:\Windows\SysWOW64\mshtml.dll - ok
21:15:14.0232 0x1660  [ 3B41DBA9C4B65CB2F9881F7A09E40C4A, 879AE1B9127DB9EA1A690C223CB693B6720789A138D7BC62E0D21A4FC591C46D ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libGLESv2.dll
21:15:14.0232 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libGLESv2.dll - ok
21:15:14.0234 0x1660  [ BCD8B1F51AD75A6218BD00C1C01FB07D, 4BC8E3938AD57FF6BC536806EF5B94EB5C8114E9849496B74522FCEB2E328CAC ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libEGL.dll
21:15:14.0234 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libEGL.dll - ok
21:15:14.0235 0x1660  [ 297EF1AB73B8FCE76BCA1365C2E49AFC, DD1C5AFEB25A81DFB94C0469183FA7F2247521E999C959FE7139BAFFC8EF6F26 ] C:\Windows\SysWOW64\ieui.dll
21:15:14.0235 0x1660  C:\Windows\SysWOW64\ieui.dll - ok
21:15:14.0236 0x1660  [ 14800BD31701A5047AC3145BB1E698AE, 05B4E33B14B9623EE065634708D9C4CDC7226146F9614C4F374E6B097BB35A50 ] C:\Windows\SysWOW64\d2d1.dll
21:15:14.0237 0x1660  C:\Windows\SysWOW64\d2d1.dll - ok
21:15:14.0238 0x1660  [ B0303EDF2A68D51C6385E90FC9C970F8, 70E0FB55AE3F6D70F53F41B4232BDE6253E4E42D26F398622005F3B280304A98 ] C:\Program Files (x86)\Internet Explorer\sqmapi.dll
21:15:14.0238 0x1660  C:\Program Files (x86)\Internet Explorer\sqmapi.dll - ok
21:15:14.0239 0x1660  [ D4F264FE23F8953D840904418220C15E, 72EAF30265A0CC88DEC0FCA7869734D8C93572457C61A2BF1BDFFB20C061DBCD ] C:\Windows\SysWOW64\dxgi.dll
21:15:14.0239 0x1660  C:\Windows\SysWOW64\dxgi.dll - ok
21:15:14.0241 0x1660  [ 6DE66FE7C526637E74CD066461C7C871, 7E8980A3751762180D795EAC38458303BEAF8D1F85AB5F2D10D9CE7013090CBE ] C:\Windows\SysWOW64\d3d11.dll
21:15:14.0241 0x1660  C:\Windows\SysWOW64\d3d11.dll - ok
21:15:14.0242 0x1660  [ 186102C8D88BD3AE771B0F9CAA3C8210, 6C39D80800E4C1AAFCD62793CFE72261B1073AEED099A34BE7C65C04FA2B8F33 ] C:\Windows\SysWOW64\igd10iumd32.dll
21:15:14.0242 0x1660  C:\Windows\SysWOW64\igd10iumd32.dll - ok
21:15:14.0244 0x1660  [ 21536AF136F35D9E960B085C905C98FB, 2E71481F13E4EC9BE780958258D23EEF28F990269B69E4769B3D5C98EB4D66B3 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
21:15:14.0244 0x1660  C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll - ok
21:15:14.0246 0x1660  [ 030992BCBD13BE4D1889A7B8C522B558, CB0118CE110D56ABCF9B37DFCDD82B18EF43334F0825A8A882C000EBA4DAC320 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
21:15:14.0246 0x1660  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll - ok
21:15:14.0247 0x1660  [ 5232105D125A448E99D8C905AB4713EE, 4311C72C931DE349E2DE64F215ACB90390D2F4D1E7425578140EC154129E2E94 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
21:15:14.0247 0x1660  C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - ok
21:15:14.0249 0x1660  [ 0A6E5E3BEF374AA2F47071E7374EAD7B, 1A5688FFD9A735F3977ADE0D7FDF29693249E351AC6C1E7D21D7F813411F0E39 ] C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
21:15:14.0249 0x1660  C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll - ok
21:15:14.0251 0x1660  [ 14D06C3796CE3F6BA8F43CDF3AD65D76, CB2DA78390219ABC9D995C7D068273628847F17CFC52706CE7309BFF5245FF04 ] C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
21:15:14.0251 0x1660  C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll - ok
21:15:14.0252 0x1660  [ 545E63EE9B530BDD10AAF477A8DD7C63, AF44CB955EF7B197C752EB330247FDED8425F12802719558A04430A44BC5AFC0 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
21:15:14.0252 0x1660  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll - ok
21:15:14.0254 0x1660  [ 7EE6B6E962FD9E02BBDBF15052E0576D, 0624032B4676C9B681BDBE922F022B9C56E7B9E35C2A6B85F09F9F38D5A90A6C ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
21:15:14.0254 0x1660  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll - ok
21:15:14.0256 0x1660  [ 566F5A07C950D52ECB5CEBDAE39DDEC0, 9FCF9E216390C58D05EB7EAAA458AE35351BCEA25341716459F7676B626848BA ] C:\Program Files (x86)\Internet Download Manager\idmBroker.exe
21:15:14.0256 0x1660  C:\Program Files (x86)\Internet Download Manager\idmBroker.exe - ok
21:15:14.0258 0x1660  [ 0CA4180B21C6B728578F3B0433BB740E, 2110B88ED2BD706C048D7DA25776D1DD90100B37C2F5E80BE854D8E369E00BF5 ] C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
21:15:14.0258 0x1660  C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll - ok
21:15:14.0259 0x1660  [ 919001D2BB17DF06CA3F8AC16AD039F6, 5169ACFBE9E9D4C4012773ECDD28231C952675EF0C272A40F226E7B5D671B18B ] C:\Windows\SysWOW64\sxs.dll
21:15:14.0259 0x1660  C:\Windows\SysWOW64\sxs.dll - ok
21:15:14.0261 0x1660  [ 2BC6A052D9B153F6DC2F0E420FB4F407, 3DC47C4CEC9E50DFA9457FDB1E67D966211E2CA22CEEF47BAADF0F173BE0E388 ] C:\Users\captn\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
21:15:14.0261 0x1660  C:\Users\captn\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - ok
21:15:14.0262 0x1660  [ 8006FC6A9A7C3168EF15DBA842C3AFC5, 64A3F76FDFE5363F51EB9C767FA4D03B30E6AA7FFC145F203EE97C11C953C972 ] C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
21:15:14.0262 0x1660  C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll - ok
21:15:14.0264 0x1660  [ 77B7DDF91F3ED2CDB6CF60224EE13433, 87C2C963C832401CB59304EC2EB8655AA81FCA8B0B50860FA822E07D14239015 ] C:\Windows\SysWOW64\jscript9.dll
21:15:14.0264 0x1660  C:\Windows\SysWOW64\jscript9.dll - ok
21:15:14.0265 0x1660  [ 1D8C086A39B9794D7131384586811B25, EBB9818AA2C12AA7C5C3BCF069E9C99506F8C0461523DD87D89BD9D3E4DE6C39 ] C:\Windows\SysWOW64\ieapfltr.dll
21:15:14.0265 0x1660  C:\Windows\SysWOW64\ieapfltr.dll - ok
21:15:14.0267 0x1660  [ 1D1EAA16D193C6A2D45981ED3914D22A, 587228942AA867FBA0D2A04F52A3431F33453B2C2735E4C45D621A4358BB9BB0 ] C:\Windows\SysWOW64\msimtf.dll
21:15:14.0267 0x1660  C:\Windows\SysWOW64\msimtf.dll - ok
21:15:14.0268 0x1660  [ 8EE6BDE1D572677AA35707C52C585F75, 588A08C0FC3881186CD673F749E46A154F58BE39CA7AE8A2E1F25539B2299752 ] C:\Windows\SysWOW64\mlang.dll
21:15:14.0268 0x1660  C:\Windows\SysWOW64\mlang.dll - ok
21:15:14.0270 0x1660  [ C17139EAF939964142C7A1AEEE02DC81, 88B56C86F5A9E6DA5E357EFDC5C62B6DDF4F314F682BC953A03D0F4CD2E7C768 ] C:\Windows\SysWOW64\ieapfltr.dat
21:15:14.0270 0x1660  C:\Windows\SysWOW64\ieapfltr.dat - ok
21:15:14.0271 0x1660  [ 7F4BDE3B60481E910D3ABF158A52FA4B, 7AC444D19AD9D7C8A26A1FE09A7052FB7C6C922CE6C4EE38798A963DF42E38EC ] C:\Windows\System32\Macromed\Flash\Flash64_15_0_0_167.ocx
21:15:14.0271 0x1660  C:\Windows\System32\Macromed\Flash\Flash64_15_0_0_167.ocx - ok
21:15:14.0273 0x1660  [ 027675ED9B34EE1B91505C3B8752649F, 78EF98AFB0EE1B680EC8B7BE40ABD87979F09534A49CDA576258BDB4CB4E29C0 ] C:\Windows\System32\Wpc.dll
21:15:14.0273 0x1660  C:\Windows\System32\Wpc.dll - ok
21:15:14.0274 0x1660  [ 7BD82EC8C664C636DCAFC7F0EE11CE3B, 7837B0C2D4709978BE3224C39965DF66691059A003438BE9760C1CFD0CABBA16 ] C:\Windows\SysWOW64\oleacchooks.dll
21:15:14.0274 0x1660  C:\Windows\SysWOW64\oleacchooks.dll - ok
21:15:14.0276 0x1660  [ C4897015260CB38A10D4A0258BD4B7F4, D00EF52820FECA020510D72CED6DB0F1E7AF071F75411FB1D5AD7F3AFC76056B ] C:\Windows\winsxs\amd64_microsoft-windows-oleacc_31bf3856ad364e35_6.1.7600.16385_none_c679af753c14c22a\oleacchooks.dll
21:15:14.0276 0x1660  C:\Windows\winsxs\amd64_microsoft-windows-oleacc_31bf3856ad364e35_6.1.7600.16385_none_c679af753c14c22a\oleacchooks.dll - ok
21:15:14.0277 0x1660  [ C92173481A58935BE15172079CF122B8, 6EF75D00AFB019ADD75F5DDE639C8FCABD20725D9827DDC712785D6186B527A1 ] C:\Windows\System32\url.dll
21:15:14.0277 0x1660  C:\Windows\System32\url.dll - ok
21:15:14.0279 0x1660  [ F1C19F0AA151B90A7416FA1D50DDB582, A4AE6B056BF65A12CE5BEDFC3ADE156F088AEAC7196EB5741C9573C64552A7C0 ] C:\Windows\System32\WindowsCodecsExt.dll
21:15:14.0279 0x1660  C:\Windows\System32\WindowsCodecsExt.dll - ok
21:15:14.0280 0x1660  [ D2958325C1AE1AE37A83334C6229E3BC, D8263CB39A25447442B75A8D8E8111DF671D645DA90A33865C089DEDA9706904 ] C:\Windows\SysWOW64\actxprxy.dll
21:15:14.0280 0x1660  C:\Windows\SysWOW64\actxprxy.dll - ok
21:15:14.0282 0x1660  [ 48DB4BFCE6F3476DFA6602546F5FB5D4, 3A47DBB1F86F2C51F3F8FB9C3A8B1309F5E182AB9AF55179959104D262CE985D ] C:\Program Files (x86)\Internet Download Manager\idmftype.dll
21:15:14.0282 0x1660  C:\Program Files (x86)\Internet Download Manager\idmftype.dll - ok
21:15:14.0283 0x1660  [ FD049C25A168D3DE310D9207B7B6367B, 48966605E7CF87996068AC1A2E563F90F6F152E710323792C633E10BCBA480E4 ] C:\Windows\SysWOW64\UIAutomationCore.dll
21:15:14.0283 0x1660  C:\Windows\SysWOW64\UIAutomationCore.dll - ok
21:15:14.0285 0x1660  [ C4B22486F50431B1AD9BE55EA7341CCF, 98B80ED66C58C76E880E661F3259066CCD14F89C78B7537589F96E9222D8D583 ] C:\Windows\SysWOW64\Macromed\Flash\Flash32_15_0_0_167.ocx
21:15:14.0285 0x1660  C:\Windows\SysWOW64\Macromed\Flash\Flash32_15_0_0_167.ocx - ok
21:15:14.0287 0x1660  [ 0E85C11F8850D524B02181C6E02BA9AE, 8703566931067CCF949E9779E4D328DD21210329DD687459300C83DDD06390A8 ] C:\Windows\SysWOW64\dsound.dll
21:15:14.0287 0x1660  C:\Windows\SysWOW64\dsound.dll - ok
21:15:14.0288 0x1660  [ 5E08AC958BE05247FF1539E0D1CE7905, C6E7419EA72D1703F72292743A999F4A6CF0C6734BA1EE92C6AF18BA8B1A3A23 ] C:\Windows\SysWOW64\dinput8.dll
21:15:14.0288 0x1660  C:\Windows\SysWOW64\dinput8.dll - ok
21:15:14.0289 0x1660  [ 7F8678C59F188528D60104E697C2361E, 9B4D262B10CB09543ACA9A78482F4EDD905791D2C8C518B574EBA440A71A85B7 ] C:\Windows\SysWOW64\mscms.dll
21:15:14.0289 0x1660  C:\Windows\SysWOW64\mscms.dll - ok
21:15:14.0291 0x1660  [ 507051D0FCAC87787EC917537AA46F8F, 0C9A9E82B338FF6C89FC951BADBA924340FE0932FAA541548B098B2EE84C7A85 ] C:\Windows\System32\Macromed\Flash\FlashUtil64_15_0_0_167_ActiveX.exe
21:15:14.0291 0x1660  C:\Windows\System32\Macromed\Flash\FlashUtil64_15_0_0_167_ActiveX.exe - ok
21:15:14.0293 0x1660  [ 4C3DAEE652B005B483F16B8E9131C99D, 188DFF96F3B18A610C52775C8F95C99ABF27FF2E1D52B50EDF9F80FE337239CD ] C:\Windows\System32\d3d9.dll
21:15:14.0293 0x1660  C:\Windows\System32\d3d9.dll - ok
21:15:14.0294 0x1660  [ 3044D07ABDF4BBEA27E2EE7B1E0C0C65, D99A8C10CC4E5C778D063E56A131DB549F01CA7F9605F6596406606BB12C0269 ] C:\Windows\System32\d3d8thk.dll
21:15:14.0294 0x1660  C:\Windows\System32\d3d8thk.dll - ok
21:15:14.0295 0x1660  [ C621FB6BF9741AA18E55377FDD2CE96F, 158F671157701BA90938F3A39D12E5EB09F35999E35D8B702C8045C324DC84C7 ] C:\Windows\System32\oleaccrc.dll
21:15:14.0295 0x1660  C:\Windows\System32\oleaccrc.dll - ok
21:15:14.0297 0x1660  [ A7A8CA53D9C9FD90C07AB0EB38E5316B, B98722E76601A98F038F40703C4B8BD21B5EC3B65DC1B07B7C367C06448F8A0E ] C:\Windows\System32\dbghelp.dll
21:15:14.0297 0x1660  C:\Windows\System32\dbghelp.dll - ok
21:15:14.0298 0x1660  [ 02546645291E75B0087D6391BFD84186, A835B14FAFE910ECEEC4D4F81FF33A1B721B496177EC0A38331FB14C6C2421C5 ] C:\Windows\System32\Macromed\Flash\FlashUtil64_15_0_0_167_ActiveX.dll
21:15:14.0298 0x1660  C:\Windows\System32\Macromed\Flash\FlashUtil64_15_0_0_167_ActiveX.dll - ok
21:15:14.0300 0x1660  [ 6E42D6759EF29A36BA321823494CCB35, 567F08044E2C31375A31CD66016CB8F9E3226F3640C9AB82F9F4FE79FC09FC6A ] C:\Windows\System32\dinput8.dll
21:15:14.0300 0x1660  C:\Windows\System32\dinput8.dll - ok
21:15:14.0302 0x1660  [ EDF2A5E96BEC469DA3F64E9BDD386111, 63C91BBDFA2E087293B010A4E45625FBD1BFCAF655BFADE2F8B1C36CF804B118 ] C:\Windows\SysWOW64\xmllite.dll
21:15:14.0302 0x1660  C:\Windows\SysWOW64\xmllite.dll - ok
21:15:14.0303 0x1660  [ 1B0EC94520CAB89A9CE1B2DA405166AF, 129102C98C8B3D403C85604C9A2AFC0471CDB1212FD2C5487D73FC089FC88F0C ] C:\Windows\SysWOW64\p2pcollab.dll
21:15:14.0303 0x1660  C:\Windows\SysWOW64\p2pcollab.dll - ok
21:15:14.0304 0x1660  [ 62A6EB5771580CAE445804389F3F7432, CC529625540204E82794E5494C063371BF7A5164823E6C3B2CCAAC030AE4D5AE ] C:\Windows\SysWOW64\WindowsCodecsExt.dll
21:15:14.0305 0x1660  C:\Windows\SysWOW64\WindowsCodecsExt.dll - ok
21:15:14.0306 0x1660  [ E227B810296AA27E6C69307A7B6456E5, 0FBF1C90362EA0D12B4B0E18A2FB3E3AC90E116C30BE4CBE95F12EB4882FB985 ] C:\Windows\SysWOW64\msxml6.dll
21:15:14.0306 0x1660  C:\Windows\SysWOW64\msxml6.dll - ok
21:15:14.0307 0x1660  [ 8B285BDAB7735FDFB18E6F7122923B77, DE3DBDDBF0E999CDE4A53B194128094671684708CDBED2C4D5362316CAA3A8CD ] C:\Windows\SysWOW64\UIAnimation.dll
21:15:14.0307 0x1660  C:\Windows\SysWOW64\UIAnimation.dll - ok
21:15:14.0309 0x1660  [ 220159496484D34009DE71CA1A68E0D4, 94BD3DEB4E84F95D80BE5775E5A612EFF181ECB212FB668674C67AD19194DE69 ] C:\Windows\System32\wbem\NCProv.dll
21:15:14.0309 0x1660  C:\Windows\System32\wbem\NCProv.dll - ok
21:15:14.0310 0x1660  ================ Scan generic autorun ======================
21:15:14.0555 0x1660  [ C3DEFB0B48ED819E6C794E13D1544F19, BBB7B73FED61A5CCC391700D24B9EAF333528820B7697EEB010EBD9EC17FDF9E ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
21:15:14.0694 0x1660  RTHDVCPL - ok
21:15:14.0721 0x1660  [ 98E2F3D865EAA47785CCD60A66154AD2, 9D856F44A4A6AEC0989B3F186EB930D47E42C2BBAED7D218DCEF84F89608C120 ] C:\Windows\system32\igfxtray.exe
21:15:14.0723 0x1660  IgfxTray - ok
21:15:14.0739 0x1660  [ 6625C33987985415876BBDD94197D9BD, 5F4BF8B22F12264EDFE94560654D2A7817B460D7E98B09403358D61EA1AED6CD ] C:\Windows\system32\hkcmd.exe
21:15:14.0743 0x1660  HotKeysCmds - ok
21:15:14.0751 0x1660  [ A1689E3E4CEC22B7925F9007941ADDC1, 40F7C13B0DB6A1CA5770BB90A67D34450BA8B7399B98FCBA7D188DDD330C2590 ] C:\Windows\system32\igfxpers.exe
21:15:14.0756 0x1660  Persistence - ok
21:15:14.0785 0x1660  [ D38E57E6FF593B43D7BE013348A32CE6, ECD3BDD602B3B67106483EF8E438EA94C98FA9E0044137054DDCE10E96E72648 ] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
21:15:14.0789 0x1660  USB3MON - ok
21:15:14.0903 0x1660  [ 361B0893A5C6741F347568A3232D2822, A1085FD8DCEA67E3760C5204C4FC0EADAAC2A9E3A1A498B0BE2F0883EE2B1A04 ] C:\Program Files (x86)\AVG\AVG2014\avgui.exe
21:15:14.0956 0x1660  AVG_UI - ok
21:15:15.0019 0x1660  [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
21:15:15.0029 0x1660  Adobe ARM - ok
21:15:15.0083 0x1660  [ 37509FE1D0802AAD5C48E4C8B665B6D9, 0EB2E75BFEF0C6E3B319ECC241547F75487A2705929AC0E77F5D1285152A26B6 ] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
21:15:15.0094 0x1660  EEventManager - ok
21:15:15.0104 0x1660  [ 308F2EE28005510DE616409148CF077B, A2126CB185B0053086BDD6F0A16A503F6CA629AC677E4B7AE6D43C770061D087 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
21:15:15.0107 0x1660  SunJavaUpdateSched - ok
21:15:15.0195 0x1660  [ 1F1A53C41C4A2C618D7230C8CDEC3622, 3C8F4A5A71D9789A7B2774AE35A9842F04A5556E4DE75FAA9647A411AD983BED ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
21:15:15.0223 0x1660  Adobe Creative Cloud - ok
21:15:15.0279 0x1660  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:15:15.0295 0x1660  Sidebar - ok
21:15:15.0324 0x1660  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:15:15.0326 0x1660  mctadmin - ok
21:15:15.0343 0x1660  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:15:15.0356 0x1660  Sidebar - ok
21:15:15.0359 0x1660  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:15:15.0360 0x1660  mctadmin - ok
21:15:15.0416 0x1660  [ EFC73875D6A2DECAD030633A9A75F00A, AA7B65649B37FFC68A6FFB23CBBE73E1BB873C840B9EA0049421D2B4C0EC364F ] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILQE.EXE
21:15:15.0419 0x1660  EPLTarget\P0000000000000000 - ok
21:15:15.0514 0x1660  [ 5BA69DCFDB21AC810A81DBC2A2CDB11E, 550931BD9F82C842A368821418BE0253CF6CC8B9AEFAC48BF14F2CC1FB0ADE74 ] C:\Program Files (x86)\Internet Download Manager\IDMan.exe
21:15:15.0554 0x1660  IDMan - ok
21:15:15.0557 0x1660  Waiting for KSN requests completion. In queue: 290
21:15:16.0557 0x1660  Waiting for KSN requests completion. In queue: 290
21:15:17.0557 0x1660  Waiting for KSN requests completion. In queue: 290
21:15:18.0557 0x1660  Waiting for KSN requests completion. In queue: 290
21:15:19.0653 0x1660  AV detected via SS2: AVG AntiVirus Free Edition 2014, C:\Program Files (x86)\AVG\AVG2014\avgwsc.exe ( 14.0.0.4765 ), 0x40000 ( disabled : updated )
21:15:19.0710 0x1660  Win FW state via NFP2: enabled
21:15:22.0518 0x1660  ============================================================
21:15:22.0518 0x1660  Scan finished
21:15:22.0518 0x1660  ============================================================
21:15:22.0522 0x1658  Detected object count: 0
21:15:22.0522 0x1658  Actual detected object count: 0
21:16:21.0603 0x060c  Deinitialize success

 

FRST64  log report

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 06-10-2014
Ran by captn at 2014-10-06 20:14:48 Run:2
Running from C:\Users\captn\Desktop
Loaded Profiles: UpdatusUser & captn (Available profiles: UpdatusUser & captn)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Task: {7F4CF9C7-0DFA-408A-BA15-4F4D49D54BDE} - \{E2B973B0-C15F-4E07-A885-1E2A5C5AD79D} No Task File <==== ATTENTION
Task: {B7C86FF1-FB0E-4A2B-B49C-9A5437B022AC} - \{0C34285A-0AA1-4481-A49F-2E4241D9B549} No Task File <==== ATTENTION
2014-09-23 02:46 - 2014-10-05 23:15 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-09-23 02:46 - 2014-10-05 23:13 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy

*****************

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7F4CF9C7-0DFA-408A-BA15-4F4D49D54BDE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7F4CF9C7-0DFA-408A-BA15-4F4D49D54BDE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E2B973B0-C15F-4E07-A885-1E2A5C5AD79D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B7C86FF1-FB0E-4A2B-B49C-9A5437B022AC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B7C86FF1-FB0E-4A2B-B49C-9A5437B022AC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0C34285A-0AA1-4481-A49F-2E4241D9B549}" => Key deleted successfully.
C:\Program Files (x86)\Spybot - Search & Destroy => Moved successfully.
C:\ProgramData\Spybot - Search & Destroy => Moved successfully.

==== End of Fixlog ====

 

 

ESET log report

 

C:\Users\captn\AppData\LocalLow\ncgwh.dll Win32/Viknok.M trojan
C:\Users\captn\AppData\LocalLow\rusog.dll Win32/Viknok.M trojan
C:\Users\captn\AppData\LocalLow\socpu.dll Win32/Viknok.M trojan
C:\Users\captn\AppData\LocalLow\vkyskp.dll Win32/Viknok.M trojan
C:\Users\captn\Downloads\Programs\ccsetup417.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\captn\Downloads\Programs\winrar-x64-511_inst.exe a variant of Win32/InstallCore.QB potentially unwanted application

 

 

computer is faster,, thumbnail problem is lots better,, process explorer isn't getting loaded any more... looking at that report...

 


Edited by jamally, 06 October 2014 - 08:21 PM.

  • 0

Advertisements


#11
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Thank you! Some final remnants were found that need cleaned up and then we're done. Please perform the following.

 

Step#1 - FRST Fix
 
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
1. Download attached file and save it to the Desktop. Attached File  fixlist.txt   188bytes   29 downloads

Note. It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work (in this case...the desktop).
 
2. Run FRST64 by Right-Clicking on the file and choosing Run as administrator.
3. Press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
4. When finished FRST64 will generate a log on the Desktop (Fixlog.txt). Please post the contents of it in your reply.

 

Step#2 - Security Check
 
1. Download Security Check from here or here.
2. Save it to your Desktop.
3. Right-click SecurityCheck.exe and select Run as administrator. Follow the onscreen instructions inside of the black box.
4. A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: Don't be alarmed if the process runs for 10 to 15 minutes before completing. If it runs for over 30 minutes, just close the program and try running it again.

 

  

 

Items for your next post

1. FRST Fix Log

2. Security Check log


  • 0

#12
jamally

jamally

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 06-10-2014
Ran by captn at 2014-10-07 17:30:01 Run:3
Running from C:\Users\captn\Desktop
Loaded Profiles: UpdatusUser & captn (Available profiles: UpdatusUser & captn)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Files:
C:\Users\captn\AppData\LocalLow\ncgwh.dll
C:\Users\captn\AppData\LocalLow\rusog.dll
C:\Users\captn\AppData\LocalLow\socpu.dll
C:\Users\captn\AppData\LocalLow\vkyskp.dll
Reboot:
*****************

Files: => Error: No automatic fix found for this entry.
C:\Users\captn\AppData\LocalLow\ncgwh.dll => Moved successfully.
C:\Users\captn\AppData\LocalLow\rusog.dll => Moved successfully.
C:\Users\captn\AppData\LocalLow\socpu.dll => Moved successfully.
C:\Users\captn\AppData\LocalLow\vkyskp.dll => Moved successfully.

The system needed a reboot.

==== End of Fixlog ====

 

 

JRT  log

>

Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.1 (10.06.2014:1)
OS: Windows 7 Professional x64
Ran by captn on Tue 10/07/2014 at 17:36:52.88
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

 

~~~ Files

 

~~~ Folders

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 10/07/2014 at 17:38:13.89
End of JRT log
~~~~~~~~~~~~~~

 

 

lettuce sea  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


  • 0

#13
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

I think you forgot the Security Check log. It looks like you posted the JRL log instead.


  • 0

#14
jamally

jamally

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts

I was going to just run the program and post the log... but I ran into this snag......

 

 

Attached Thumbnails

  • check up.jpg

  • 0

#15
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

This is a known issue with that tool. Would you mind rebooting your machine and then running SecurityCheck again and posting the log?

 

Thank you.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP