iexplorer keeps replicating creating large files

**blueskygal** · 2014-07-09, 02:00

Hello and thanks for your help in advance

I have acquired a virus of some sort that replicates windows explorer multiple times and the process becomes very large until the computer runs out of space.

spybot isolated the malware to one folder:

users/NAME/AppData/Local

I have run the spybot scan twice and when I hit "fix" the system freezes and never executes the fixes.

1. i have downloaded and run ERUNT
2. i ran dds but it only created the attach file (attached)
3. i ran aswmbr and have attached the output
4. I have the home edition and was not able to located where to turn TeaTimer off. I will try that later.
5. Before I got spybot i did do a registry clean (sorry) per someone else's advice.

I await your advice...
blueskygal

**OCD** · 2014-07-10, 04:34

Hi blueskygal,

My name is OCD. I would be more than happy to take a look at your log and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:

I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
The fixes are specific to your problem and should only be used for the issues on this machine.
Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
It's often worth reading through these instructions and printing them for ease of reference.
If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
Please reply to this thread. Do not start a new topic.
Copy and Paste logs directly into the reply window. DO NOT attach the logs unless specifically instructed to do so.

IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your Operating System and losing all your programs and data.

Please stay with this topic until I let you know that your system appears to be "All Clear"

Important: All tools MUST be run from the Desktop.

=========================

The logs you provided appear to be incomplete. Please run the following scans and post the logs requested.

=========================

Security Check

Download Security Check by screen317 from here or here.

Save it to your Desktop.
- Windows XP : Double click on the icon to run it.
- Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=========================

aswMBR

Download aswMBR.exe and save it to your desktop.

- Windows XP : Double click on the icon to run it.
- Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
When asked if you want to download Avast's virus definitions please select Yes.
Click Scan
Upon completion of the scan, click Save log and save it to your desktop, and post that log in your next reply for review. Note - do NOT attempt any Fix yet.
You will also notice another file created on the desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) file. Attach that zipped file in your next reply as well.

=========================

Download Farbar Recovery Scan Tool and save to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Right click and select "Run as Administrator" to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply

=========================

In your next post please provide the following:
checkup.txt
aswMBR.txt
attach MBR.zip
FRST.txt
Addition.txt

**blueskygal** · 2014-07-10, 22:01

Hi OCD,

I ran the security check several times and it came up repeatedly with
"system cannot find specified file."

More luck with aswMBR. Files attached. Thanks!

Blueskygal

**blueskygal** · 2014-07-10, 22:43

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:10-07-2014
Ran by Colleen (administrator) on COLLEEN-PC on 10-07-2014 13:29:39
Running from C:\Users\Colleen\Downloads
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Safe Mode (with Networking)

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/down...an-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/down...an-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(WebEx Communications, Inc.) C:\Windows\System32\atashost.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Opera Software) C:\Program Files\Opera\22.0.1471.70\opera.exe
(Opera Software) C:\Program Files\Opera\22.0.1471.70\opera.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Farbar) C:\Users\Colleen\Downloads\FRST (1).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Easy Dock] => [X]
HKLM\...\Run: [LXCJCATS] => C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCJtime.dll [106496 2006-11-21] (Lexmark International Inc.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5181456 2014-05-13] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [CommonToolkitTray] => C:\Program Files\Fighters\Tray\FightersTray.exe [1497120 2013-04-29] (SPAMfighter ApS)
HKLM\...\Run: [sfagent] => C:\Program Files\Fighters\SPAMfighter\sfagent.exe [1065504 2013-06-14] (SPAMfighter ApS)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [3784704 2006-11-09] (Realtek Semiconductor)
HKLM\...\Run: [EfficientPIM] => [X]
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [TkBellExe] => c:\program files\real\realplayer\Update\realsched.exe [295512 2014-03-12] (RealNetworks, Inc.)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-02-13] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-09] ()
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-2114738196-1747254254-1146559385-1000\...\Run: [Easy Dock] => [X]
HKU\S-1-5-21-2114738196-1747254254-1146559385-1000\...\Run: [Google Update] => C:\Users\Colleen\AppData\Local\Google\Update\GoogleUpdate.exe [133104 2009-01-24] (Google Inc.)
HKU\S-1-5-21-2114738196-1747254254-1146559385-1000\...\Run: [cdloader] => C:\Users\Colleen\AppData\Roaming\mjusbsp\cdloader2.exe [50592 2012-02-01] (magicJack L.P.)
HKU\S-1-5-21-2114738196-1747254254-1146559385-1000\...\Run: [Advanced SystemCare 6] => C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe [491840 2013-04-18] (IObit)
HKU\S-1-5-21-2114738196-1747254254-1146559385-1000\...\Run: [HP Deskjet 3510 series (NET)] => C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2114738196-1747254254-1146559385-1000\...\Run: [Amazon Cloud Player] => C:\Users\Colleen\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2014-05-08] ()
HKU\S-1-5-21-2114738196-1747254254-1146559385-1000\...\Run: [sljwnape] => C:\Users\Colleen\AppData\Local\iogossul.exe [147456 2014-06-26] ()
HKU\S-1-5-21-2114738196-1747254254-1146559385-1000\...\Run: [cqibmelw] => C:\Users\Colleen\AppData\Local\aeqltsel.exe [131072 2014-06-27] ()
HKU\S-1-5-21-2114738196-1747254254-1146559385-1000\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\system32\Macromed\Flash\FlashUtil32_13_0_0_214_ActiveX.exe [847536 2014-05-14] (Adobe Systems Incorporated)
HKU\S-1-5-21-2114738196-1747254254-1146559385-1000\...\Policies\Explorer: [NoDriveAutoRun] 0x00000000
HKU\S-1-5-21-2114738196-1747254254-1146559385-1000\...\MountPoints2: {0f57a5df-ad60-11df-acb7-0016d48ced5c} - E:\rcaeasyrip_setup.exe
HKU\S-1-5-21-2114738196-1747254254-1146559385-1000\...\MountPoints2: {22c098ed-bbc9-11df-b0fe-0016d48ced5c} - E:\rcaeasyrip_setup.exe
HKU\S-1-5-21-2114738196-1747254254-1146559385-1000\...\MountPoints2: {69ac5fda-0d5d-11df-ba7b-0016d48ced5c} - E:\rcaeasyrip_setup.exe
HKU\S-1-5-21-2114738196-1747254254-1146559385-1000\...\MountPoints2: {93e9c021-d11b-11e2-a15f-0016d48ced5c} - E:\menu.exe
HKU\S-1-5-21-2114738196-1747254254-1146559385-1000\...\InprocServer32: [Default-pngfilt] <==== ATTENTION!

Startup: C:\Users\Colleen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EfficientPIM.lnk
ShortcutTarget: EfficientPIM.lnk -> C:\Program Files\EfficientPIM\EfficientPIM.exe (Efficient Software)
Startup: C:\Users\Colleen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
ShortcutTarget: ERUNT AutoBackup.lnk -> C:\Program Files\ERUNT\AUTOBACK.EXE ()
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKLM - (No Name) - {9ee802e8-c931-47ab-b570-aa8f791598ca} - No File
URLSearchHook: HKCU - (No Name) - {9ee802e8-c931-47ab-b570-aa8f791598ca} - No File
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1641676
SearchScopes: HKCU - Yahoo! URL = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={E193F4C5-F373-46B8-B35A-B3DEFCDD880B}&mid=c69ac0678e2d6391eb38988c0bd4732a-43718684b57e539fbe5a9a735e71288613c12102&lang=us&ds=AVG&pr=fr&d=2013-06-04 11:40:48&v=15.2.0.5&pid=avg&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1641676
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
BHO: No Name - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll (Microsoft Corporation)
Toolbar: HKLM - Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
Toolbar: HKLM - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKCU - No Name - {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {9EE802E8-C931-47AB-B570-AA8F791598CA} - No File
Toolbar: HKCU - No Name - {A057A204-BACC-4D26-9990-79A187E2698E} - No File
Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKCU - No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} http://www.musicnotes.com/download/mnviewer.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downlo...eckControl.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab
DPF: {CAFEEFAC-0017-0000-0055-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/ge...sh/swflash.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://toolbox.webex.com/client/T26...rt/ieatgpc.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: lbxfile - {56831180-F115-11d2-B6AA-00104B2B9943} - C:\Program Files\Libronix DLS\System\FileProt.dll (Libronix Corporation)
Handler: lbxres - {24508F1B-9E94-40EE-9759-9AF5795ADF52} - C:\Program Files\Libronix DLS\System\ResProt.dll (Libronix Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\Windows\system\msdxm.ocx (Microsoft Corporation)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [77824 2008-05-13] (SuperAdBlocker.com)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 68.105.28.12 68.105.29.12 68.105.28.11

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @emusic.com/dlm-plugin - C:\Program Files\eMusic Download Manager\plugin\npemusic.dll (eMusic.com)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa2,version=2.0.0 - C:\Program Files\Picasa2\npPicasa2.dll No File
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @IObit.com/np_Asc_Plugin - C:\Program Files\IObit\Advanced SystemCare 6\BrowerProtect\np_Asc_plugin.dll (IObit)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.3 - C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @mozilla.zeniko.ch/PDFlite_Browser_Plugin - C:\Program Files\PDFlite\npPdfViewer.dll No File
FF Plugin: @Musicnotes.com/Musicnotes Viewer,version=1.18.9 - C:\Program Files\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @real.com/RhapsodyPlayerEngine,version=1.1 - C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @Sibelius.com/Scorch Plugin,version=6.2.0.88 - C:\Program Files\Musicnotes\npsibelius.dll ()
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\Colleen\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKCU: @emusic.com/dlm-plugin - C:\Program Files\eMusic Download Manager\plugin\npemusic.dll (eMusic.com)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Colleen\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Colleen\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-02-06]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-03-12]

Chrome:
=======
CHR HomePage: hxxp://my.netzero.net/start/sp.do
CHR Plugin: (Shockwave Flash) - C:\Users\Colleen\AppData\Local\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Colleen\AppData\Local\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Colleen\AppData\Local\Google\Chrome\Application\34.0.1847.131\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.150.3) - C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U17) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll No File
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll No File
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll No File
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll No File
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll No File
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Updater) - C:\Program Files\Google\Google Updater\2.4.1851.5542\npCIDetect14.dll No File
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Musicnotes) - C:\Program Files\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
CHR Plugin: (ScorchPlugin) - C:\Program Files\Musicnotes\npsibelius.dll ()
CHR Plugin: (RealNetworks Rhapsody Player Engine) - C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
CHR Plugin: (eMusic Remote Plugin) - C:\Program Files\eMusic Download Manager\plugin\npemusic.dll (eMusic.com)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (BrowserPlus (from Yahoo!) v2.9.8) - C:\Users\Colleen\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (RealDownloader) - C:\Users\Colleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-03-12]
CHR Extension: (WeatherBug (Legacy App)) - C:\Users\Colleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihdkejbciahopmbagpnjmmkkdpfpaaak [2013-08-16]
CHR Extension: (FastestFox for Chrome) - C:\Users\Colleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm [2013-10-27]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Colleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2013-08-15]
CHR Extension: (Google Wallet) - C:\Users\Colleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Readability) - C:\Users\Colleen\AppData\Local\Google\Chrome\User Data\Default\Extensions\oknpjjbmpnndlpmnhmekjpocelpnlfdi [2014-04-29]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePlugin.crx [2013-06-04]

========================== Services (Whitelisted) =================

S2 AdvancedSystemCareService6; C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe [574272 2013-04-18] (IObit)
S2 Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [132424 2008-11-07] (Apple Inc.)
S2 astcc; C:\Windows\system32\AstSrv.exe [53248 2008-06-11] ( Advanced Software Technologies) [File not signed]
S2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3644432 2014-05-13] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [292424 2014-05-13] (AVG Technologies CZ, s.r.o.)
S2 CFSvcs; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960 2006-11-14] (TOSHIBA CORPORATION) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S2 lxcj_device; C:\Windows\system32\lxcjcoms.exe [537520 2007-02-08] ( )
S2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
S2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S2 SPAMfighter Update Service; C:\Program Files\Fighters\SPAMfighter\sfus.exe [216608 2013-06-14] (SPAMfighter ApS)
S2 Suite Service; C:\Program Files\Fighters\FighterSuiteService.exe [1281568 2013-05-29] (SPAMfighter ApS)
S2 Swupdtmr; c:\Toshiba\IVP\swupdate\swupdtmr.exe [40960 2006-07-20] () [File not signed]
S2 TODDSrv; C:\Windows\system32\TODDSrv.exe [114688 2006-05-25] (TOSHIBA Corporation) [File not signed]
S2 TosCoSrv; C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe [425648 2006-11-22] (TOSHIBA Corporation) [File not signed]
S2 TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [77824 2006-10-31] (TOSHIBA CORPORATION) [File not signed]
S2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.) [File not signed]

==================== Drivers (Whitelisted) ====================

S1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [122136 2014-05-13] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [198936 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [149784 2014-05-13] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-05-13] (AVG Technologies CZ, s.r.o.)
S1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [192280 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [237848 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [107288 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [210200 2014-05-13] (AVG Technologies CZ, s.r.o.)
S2 elagopro; C:\Windows\System32\DRIVERS\elagopro.sys [28672 2007-03-22] (Gteko Ltd.)
S2 elaunidr; C:\Windows\System32\DRIVERS\elaunidr.sys [5376 2007-03-22] (Gteko Ltd.)
S4 KR10I; C:\Windows\system32\drivers\kr10i.sys [216320 2006-02-14] (TOSHIBA CORPORATION) [File not signed]
S4 KR3NPXP; C:\Windows\system32\drivers\kr3npxp.sys [479488 2006-09-27] (TOSHIBA CORPORATION) [File not signed]
R0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [19456 2006-07-28] (COMPAL ELECTRONIC INC.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-06-29] (Malwarebytes Corporation)
S2 RVIEG01; C:\Program Files\Roland\Virtual Sound Canvas DXi\RVIEg01.sys [187992 2001-04-13] (Roland) [File not signed]
S2 RVIEGVST; C:\Program Files\Roland\Virtual Sound Canvas VST\RVIEg01VST.sys [188276 2001-04-13] (Roland) [File not signed]
S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12872 2010-02-17] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [68168 2010-05-06] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SDHookDriver; C:\Program Files\Spybot - Search & Destroy 2\SDHookDrv32.sys [46336 2014-04-25] ()
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [15672 2013-05-22] ()
S3 StMp3Rec; C:\Windows\System32\Drivers\StMp3Rec.sys [68204 2005-09-12] (Microsoft Corporation) [File not signed]
U3 aswMBR; C:\Users\Colleen\AppData\Local\Temp\aswMBR.sys [54656 2014-07-10] () [File not signed]
U5 Tosrfusb; C:\Windows\System32\Drivers\Tosrfusb.sys [40960 2006-10-28] (TOSHIBA CORPORATION)
U3 aswVmm; \??\C:\Users\Colleen\AppData\Local\Temp\aswVmm.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-07-10 13:29 - 2014-07-10 13:31 - 00026192 _____ () C:\Users\Colleen\Downloads\FRST.txt
2014-07-10 13:26 - 2014-07-10 13:29 - 00000000 ____D () C:\FRST
2014-07-10 13:24 - 2014-07-10 13:24 - 01075200 _____ (Farbar) C:\Users\Colleen\Downloads\FRST (1).exe
2014-07-10 13:23 - 2014-07-10 13:23 - 01075200 _____ (Farbar) C:\Users\Colleen\Downloads\FRST.exe
2014-07-10 13:18 - 2014-07-10 13:18 - 00000437 _____ () C:\Users\Colleen\Desktop\FRST.exe - Shortcut.lnk
2014-07-10 13:07 - 2014-07-10 13:07 - 01075200 _____ (Farbar) C:\Users\Colleen\Desktop\FRST.exe
2014-07-10 12:55 - 2014-07-10 12:56 - 00854390 _____ () C:\Users\Colleen\Desktop\SecurityCheck.exe
2014-07-10 12:54 - 2014-07-10 12:54 - 00000554 _____ () C:\Users\Colleen\Desktop\MBR.zip
2014-07-10 12:53 - 2014-07-10 12:53 - 00002290 _____ () C:\Users\Colleen\Desktop\aswMBR.txt
2014-07-10 12:53 - 2014-07-10 12:53 - 00000512 _____ () C:\Users\Colleen\Desktop\MBR.dat
2014-07-10 11:21 - 2014-07-10 11:22 - 05185536 _____ (AVAST Software) C:\Users\Colleen\Desktop\aswMBR (3).exe
2014-07-10 11:21 - 2014-07-10 11:22 - 05185536 _____ (AVAST Software) C:\Users\Colleen\Desktop\aswMBR (2).exe
2014-07-10 11:20 - 2014-07-10 11:21 - 05185536 _____ (AVAST Software) C:\Users\Colleen\Desktop\aswMBR (1).exe
2014-07-10 11:13 - 2014-07-10 11:13 - 00000443 _____ () C:\Users\Colleen\Desktop\Pictures - Shortcut.lnk
2014-07-10 11:04 - 2014-07-10 11:04 - 00000370 _____ () C:\Users\Colleen\Desktop\Downloads - Shortcut.lnk
2014-07-10 10:51 - 2014-07-10 10:51 - 00854390 _____ () C:\Users\Colleen\Desktop\SecurityCheck (1).exe
2014-07-08 16:44 - 2014-07-08 16:44 - 00000000 ____D () C:\Users\Colleen\Documents\ProcAlyzer Dumps
2014-07-08 16:17 - 2014-07-08 16:17 - 00688992 ____R (Swearware) C:\Users\Colleen\Downloads\dds (2).com
2014-07-01 10:47 - 2014-07-01 10:48 - 00688992 ____R (Swearware) C:\Users\Colleen\Downloads\dds (1).com
2014-07-01 10:07 - 2014-07-01 10:07 - 00688992 ____R (Swearware) C:\Users\Colleen\Downloads\dds.com
2014-07-01 10:04 - 2014-07-10 11:09 - 00000000 ____D () C:\Windows\ERDNT
2014-07-01 10:04 - 2014-07-01 10:04 - 00000725 _____ () C:\Users\Colleen\Desktop\ERUNT.lnk
2014-07-01 10:04 - 2014-07-01 10:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-07-01 10:04 - 2014-07-01 10:04 - 00000000 ____D () C:\Program Files\ERUNT
2014-07-01 10:03 - 2014-07-01 10:03 - 00791393 _____ (Lars Hederer ) C:\Users\Colleen\Downloads\erunt-setup.exe
2014-06-29 13:07 - 2014-06-29 13:07 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-06-28 08:19 - 2014-06-28 08:19 - 00114696 _____ () C:\Users\Colleen\AppData\Local\knxdsdhe.exe
2014-06-27 17:29 - 2014-06-28 09:00 - 00000816 _____ () C:\Windows\Tasks\Security Center Update - 1680377330.job
2014-06-27 17:29 - 2014-06-27 17:30 - 00000000 ____D () C:\Users\Colleen\AppData\Roaming\Iryhwed
2014-06-27 17:28 - 2014-06-27 17:26 - 00450609 ____R () C:\Windows\system32\Drivers\etc\hosts.20140627-172834.backup
2014-06-27 17:26 - 2006-09-18 14:41 - 00000736 _____ () C:\Windows\system32\Drivers\etc\hosts.20140627-172634.backup
2014-06-27 17:14 - 2014-06-27 17:14 - 00560968 _____ (Safer-Networking Ltd. ) C:\Users\Colleen\Downloads\spybot2-license (1).exe
2014-06-27 17:13 - 2014-06-27 17:13 - 00560968 _____ (Safer-Networking Ltd. ) C:\Users\Colleen\Downloads\spybot2-license.exe
2014-06-27 16:31 - 2014-06-28 08:52 - 00000644 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-06-27 16:31 - 2014-06-27 17:18 - 00000618 _____ () C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2014-06-27 16:31 - 2014-06-27 17:18 - 00000448 _____ () C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2014-06-27 16:30 - 2014-06-27 16:30 - 00001981 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-06-27 16:30 - 2014-06-27 16:30 - 00001969 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-06-27 16:30 - 2014-06-27 16:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-06-27 16:29 - 2014-06-27 21:32 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-27 16:29 - 2014-06-27 17:14 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-06-27 16:29 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
2014-06-27 16:24 - 2014-06-27 16:26 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Colleen\Downloads\spybot-2.3 (2).exe
2014-06-27 16:21 - 2014-06-27 16:22 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Colleen\Downloads\spybot-2.3 (1).exe
2014-06-27 16:18 - 2014-06-27 16:20 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Colleen\Downloads\spybot-2.3.exe
2014-06-27 16:14 - 2014-06-27 16:14 - 00001190 _____ () C:\Windows\IE9_main.log
2014-06-27 16:13 - 2014-06-27 16:13 - 00453424 _____ (Microsoft Corporation) C:\Users\Colleen\Downloads\IE9-WindowsVista-x86-enu.exe
2014-06-27 15:32 - 2014-06-27 15:32 - 00003420 _____ () C:\Windows\PFRO.log
2014-06-27 15:19 - 2014-06-27 15:19 - 03010560 _____ () C:\Users\Colleen\Downloads\My+Information-140210+102523 (1).effxbak
2014-06-27 15:19 - 2014-06-27 15:19 - 03010560 _____ () C:\Users\Colleen\Downloads\My Information-140210 102523.effxbak
2014-06-27 14:59 - 2014-06-27 15:00 - 03010560 _____ () C:\Users\Colleen\Downloads\My+Information-140210+102523.effxbak
2014-06-27 13:31 - 2014-06-27 13:31 - 00131072 _____ () C:\Users\Colleen\AppData\Local\aeqltsel.exe
2014-06-27 12:54 - 2014-06-27 14:01 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-27 12:54 - 2014-06-27 12:54 - 00000815 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-06-26 17:59 - 2014-06-26 17:59 - 00147456 _____ () C:\Users\Colleen\AppData\Local\iogossul.exe
2014-06-26 13:50 - 2014-06-26 13:50 - 00000910 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-26 13:49 - 2014-06-26 13:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-26 13:49 - 2014-06-26 13:49 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-06-26 13:49 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-26 13:49 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-26 11:12 - 2014-06-26 11:14 - 00000000 ____D () C:\Users\Colleen\AppData\Roaming\Keakil
2014-06-25 11:54 - 2014-06-25 11:54 - 00068609 _____ () C:\Users\Colleen\AppData\Local\ffageekw
2014-06-24 10:34 - 2014-06-24 10:35 - 01116105 _____ () C:\Users\Colleen\Downloads\Copper Wear Campaign Breakouts! Tuesday June 24th 10 am and Noon EST.zip
2014-06-21 14:58 - 2014-06-21 14:58 - 00019364 _____ () C:\Users\Colleen\Downloads\IOB Agent Performance Report 6-16-14 to 6-20-14.zip
2014-06-19 15:45 - 2014-06-19 15:45 - 00019286 _____ () C:\Users\Colleen\Downloads\IOB Agent Performance Report 6-16-14 to 6-17-14 (1).zip
2014-06-19 15:40 - 2014-06-19 15:40 - 00019286 _____ () C:\Users\Colleen\Downloads\IOB Agent Performance Report 6-16-14 to 6-17-14.zip
2014-06-19 15:39 - 2014-06-19 15:39 - 00020314 _____ () C:\Users\Colleen\Downloads\IOB Agent Performance Report 6-9-14 to 6-15-14.zip
2014-06-12 10:22 - 2014-06-12 10:22 - 01974784 _____ () C:\Users\Colleen\Downloads\world_time_zones_sl.xls
2014-06-10 18:25 - 2014-05-28 09:48 - 12356608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-10 18:25 - 2014-05-28 09:39 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-10 18:25 - 2014-05-28 09:38 - 09711104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-10 18:25 - 2014-05-28 09:33 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-10 18:25 - 2014-05-28 09:32 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-10 18:25 - 2014-05-28 09:32 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-10 18:25 - 2014-05-28 09:31 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-06-10 18:25 - 2014-05-28 09:31 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-10 18:25 - 2014-05-28 09:30 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-10 18:25 - 2014-05-28 09:30 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-10 18:25 - 2014-05-28 09:30 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-10 18:25 - 2014-05-28 09:30 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-10 18:25 - 2014-05-28 09:30 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-10 18:25 - 2014-05-28 09:30 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-10 18:25 - 2014-05-28 09:30 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-06-10 18:25 - 2014-05-28 09:29 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-10 18:25 - 2014-05-28 09:29 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-10 18:25 - 2014-05-28 09:29 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-10 18:25 - 2014-05-28 09:29 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-06-10 18:25 - 2014-05-28 09:29 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-06-10 18:25 - 2014-05-28 09:28 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-10 18:25 - 2014-04-26 09:01 - 00502784 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-10 18:25 - 2014-04-04 19:42 - 00905664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-10 18:25 - 2014-03-09 18:22 - 01401344 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-10 18:25 - 2014-03-09 18:22 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

==================== One Month Modified Files and Folders =======

2014-07-10 13:31 - 2014-07-10 13:29 - 00026192 _____ () C:\Users\Colleen\Downloads\FRST.txt
2014-07-10 13:29 - 2014-07-10 13:26 - 00000000 ____D () C:\FRST
2014-07-10 13:24 - 2014-07-10 13:24 - 01075200 _____ (Farbar) C:\Users\Colleen\Downloads\FRST (1).exe
2014-07-10 13:24 - 2007-08-10 05:54 - 00001356 _____ () C:\Users\Colleen\AppData\Local\d3d9caps.dat
2014-07-10 13:23 - 2014-07-10 13:23 - 01075200 _____ (Farbar) C:\Users\Colleen\Downloads\FRST.exe
2014-07-10 13:18 - 2014-07-10 13:18 - 00000437 _____ () C:\Users\Colleen\Desktop\FRST.exe - Shortcut.lnk
2014-07-10 13:07 - 2014-07-10 13:07 - 01075200 _____ (Farbar) C:\Users\Colleen\Desktop\FRST.exe
2014-07-10 12:56 - 2014-07-10 12:55 - 00854390 _____ () C:\Users\Colleen\Desktop\SecurityCheck.exe
2014-07-10 12:54 - 2014-07-10 12:54 - 00000554 _____ () C:\Users\Colleen\Desktop\MBR.zip
2014-07-10 12:53 - 2014-07-10 12:53 - 00002290 _____ () C:\Users\Colleen\Desktop\aswMBR.txt
2014-07-10 12:53 - 2014-07-10 12:53 - 00000512 _____ () C:\Users\Colleen\Desktop\MBR.dat
2014-07-10 11:22 - 2014-07-10 11:21 - 05185536 _____ (AVAST Software) C:\Users\Colleen\Desktop\aswMBR (3).exe
2014-07-10 11:22 - 2014-07-10 11:21 - 05185536 _____ (AVAST Software) C:\Users\Colleen\Desktop\aswMBR (2).exe
2014-07-10 11:21 - 2014-07-10 11:20 - 05185536 _____ (AVAST Software) C:\Users\Colleen\Desktop\aswMBR (1).exe
2014-07-10 11:14 - 2007-07-02 20:03 - 06866952 ____R () C:\Users\Colleen\Documents\My Money Backup.mbf
2014-07-10 11:14 - 2007-07-01 17:52 - 06864896 _____ () C:\Users\Colleen\Documents\My Money.mny
2014-07-10 11:13 - 2014-07-10 11:13 - 00000443 _____ () C:\Users\Colleen\Desktop\Pictures - Shortcut.lnk
2014-07-10 11:09 - 2014-07-01 10:04 - 00000000 ____D () C:\Windows\ERDNT
2014-07-10 11:04 - 2014-07-10 11:04 - 00000370 _____ () C:\Users\Colleen\Desktop\Downloads - Shortcut.lnk
2014-07-10 10:51 - 2014-07-10 10:51 - 00854390 _____ () C:\Users\Colleen\Desktop\SecurityCheck (1).exe
2014-07-08 16:44 - 2014-07-08 16:44 - 00000000 ____D () C:\Users\Colleen\Documents\ProcAlyzer Dumps
2014-07-08 16:17 - 2014-07-08 16:17 - 00688992 ____R (Swearware) C:\Users\Colleen\Downloads\dds (2).com
2014-07-01 10:48 - 2014-07-01 10:47 - 00688992 ____R (Swearware) C:\Users\Colleen\Downloads\dds (1).com
2014-07-01 10:07 - 2014-07-01 10:07 - 00688992 ____R (Swearware) C:\Users\Colleen\Downloads\dds.com
2014-07-01 10:04 - 2014-07-01 10:04 - 00000725 _____ () C:\Users\Colleen\Desktop\ERUNT.lnk
2014-07-01 10:04 - 2014-07-01 10:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-07-01 10:04 - 2014-07-01 10:04 - 00000000 ____D () C:\Program Files\ERUNT
2014-07-01 10:03 - 2014-07-01 10:03 - 00791393 _____ (Lars Hederer ) C:\Users\Colleen\Downloads\erunt-setup.exe
2014-06-29 13:08 - 2010-06-07 15:34 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2014-06-29 13:07 - 2014-06-29 13:07 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-06-28 09:05 - 2006-11-02 06:01 - 00032642 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-28 09:05 - 2006-11-02 06:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-28 09:05 - 2006-11-02 05:47 - 00003296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-28 09:05 - 2006-11-02 05:47 - 00003296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-28 09:04 - 2007-01-10 15:30 - 01165282 _____ () C:\Windows\WindowsUpdate.log
2014-06-28 09:00 - 2014-06-27 17:29 - 00000816 _____ () C:\Windows\Tasks\Security Center Update - 1680377330.job
2014-06-28 09:00 - 2014-03-12 10:59 - 00000300 _____ () C:\Windows\Tasks\Digital Sites.job
2014-06-28 08:59 - 2006-11-02 03:33 - 00703388 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-28 08:58 - 2009-12-22 23:09 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-28 08:52 - 2014-06-27 16:31 - 00000644 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-06-28 08:51 - 2009-12-22 23:09 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-28 08:47 - 2014-02-10 10:42 - 00000000 ____D () C:\Users\Colleen\Documents\Efficient Organizer AutoBackup
2014-06-28 08:23 - 2013-06-18 21:06 - 00000000 ____D () C:\ProgramData\MFAData
2014-06-28 08:19 - 2014-06-28 08:19 - 00114696 _____ () C:\Users\Colleen\AppData\Local\knxdsdhe.exe
2014-06-28 08:13 - 2007-09-01 08:47 - 00000256 _____ () C:\Windows\Tasks\Check Updates for Windows Live Toolbar.job
2014-06-27 21:50 - 2009-06-30 21:59 - 00000864 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2114738196-1747254254-1146559385-1000Core.job
2014-06-27 21:32 - 2014-06-27 16:29 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-27 17:43 - 2013-06-04 11:29 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-27 17:34 - 2014-03-06 13:01 - 00000574 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2114738196-1747254254-1146559385-1000.job
2014-06-27 17:30 - 2014-06-27 17:29 - 00000000 ____D () C:\Users\Colleen\AppData\Roaming\Iryhwed
2014-06-27 17:27 - 2009-06-30 21:59 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2114738196-1747254254-1146559385-1000UA.job
2014-06-27 17:26 - 2014-06-27 17:28 - 00450609 ____R () C:\Windows\system32\Drivers\etc\hosts.20140627-172834.backup
2014-06-27 17:18 - 2014-06-27 16:31 - 00000618 _____ () C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2014-06-27 17:18 - 2014-06-27 16:31 - 00000448 _____ () C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2014-06-27 17:14 - 2014-06-27 17:14 - 00560968 _____ (Safer-Networking Ltd. ) C:\Users\Colleen\Downloads\spybot2-license (1).exe
2014-06-27 17:14 - 2014-06-27 16:29 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-06-27 17:13 - 2014-06-27 17:13 - 00560968 _____ (Safer-Networking Ltd. ) C:\Users\Colleen\Downloads\spybot2-license.exe
2014-06-27 16:30 - 2014-06-27 16:30 - 00001981 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-06-27 16:30 - 2014-06-27 16:30 - 00001969 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-06-27 16:30 - 2014-06-27 16:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-06-27 16:26 - 2014-06-27 16:24 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Colleen\Downloads\spybot-2.3 (2).exe
2014-06-27 16:22 - 2014-06-27 16:21 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Colleen\Downloads\spybot-2.3 (1).exe
2014-06-27 16:20 - 2014-06-27 16:18 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Colleen\Downloads\spybot-2.3.exe
2014-06-27 16:14 - 2014-06-27 16:14 - 00001190 _____ () C:\Windows\IE9_main.log
2014-06-27 16:13 - 2014-06-27 16:13 - 00453424 _____ (Microsoft Corporation) C:\Users\Colleen\Downloads\IE9-WindowsVista-x86-enu.exe
2014-06-27 15:43 - 2014-04-21 15:05 - 00000000 ____D () C:\Users\Colleen\Documents\A NexRep
2014-06-27 15:32 - 2014-06-27 15:32 - 00003420 _____ () C:\Windows\PFRO.log
2014-06-27 15:32 - 2006-11-30 17:44 - 00000000 ____D () C:\Program Files\Google
2014-06-27 15:19 - 2014-06-27 15:19 - 03010560 _____ () C:\Users\Colleen\Downloads\My+Information-140210+102523 (1).effxbak
2014-06-27 15:19 - 2014-06-27 15:19 - 03010560 _____ () C:\Users\Colleen\Downloads\My Information-140210 102523.effxbak
2014-06-27 15:00 - 2014-06-27 14:59 - 03010560 _____ () C:\Users\Colleen\Downloads\My+Information-140210+102523.effxbak
2014-06-27 14:32 - 2007-05-26 14:20 - 00000000 ____D () C:\Users\Colleen\AppData\Roaming\Mozilla
2014-06-27 14:32 - 2007-05-26 14:19 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-27 14:31 - 2006-11-30 17:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA Games
2014-06-27 14:31 - 2006-11-30 17:37 - 00000000 ____D () C:\Program Files\TOSHIBA Games
2014-06-27 14:30 - 2006-11-02 03:23 - 00000375 _____ () C:\Windows\win.ini
2014-06-27 14:15 - 2006-11-30 17:39 - 00000000 ____D () C:\ProgramData\WildTangent
2014-06-27 14:01 - 2014-06-27 12:54 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-27 13:31 - 2014-06-27 13:31 - 00131072 _____ () C:\Users\Colleen\AppData\Local\aeqltsel.exe
2014-06-27 13:07 - 2006-11-30 16:26 - 00000000 ____D () C:\Windows\Panther
2014-06-27 12:54 - 2014-06-27 12:54 - 00000815 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-06-27 12:35 - 2007-02-04 10:28 - 00000000 ____D () C:\Users\Colleen\AppData\Local\Google
2014-06-27 12:35 - 2006-11-30 17:44 - 00000000 ____D () C:\ProgramData\Google
2014-06-26 17:59 - 2014-06-26 17:59 - 00147456 _____ () C:\Users\Colleen\AppData\Local\iogossul.exe
2014-06-26 17:30 - 2009-04-05 13:18 - 00000000 ____D () C:\Users\Colleen\AppData\Roaming\IObit
2014-06-26 13:50 - 2014-06-26 13:50 - 00000910 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-26 13:50 - 2014-06-26 13:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-26 13:49 - 2014-06-26 13:49 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-06-26 13:49 - 2010-06-07 15:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-26 11:14 - 2014-06-26 11:12 - 00000000 ____D () C:\Users\Colleen\AppData\Roaming\Keakil
2014-06-26 10:59 - 2014-03-12 11:59 - 00000040 _____ () C:\Users\Colleen\AppData\Roaming\WB.CFG
2014-06-25 12:04 - 2014-04-24 13:20 - 00000000 ____D () C:\Users\Colleen\AppData\Roaming\Five9
2014-06-25 11:54 - 2014-06-25 11:54 - 00068609 _____ () C:\Users\Colleen\AppData\Local\ffageekw
2014-06-25 11:53 - 2013-10-03 22:41 - 00000000 ____D () C:\ProgramData\AVG2014
2014-06-24 10:35 - 2014-06-24 10:34 - 01116105 _____ () C:\Users\Colleen\Downloads\Copper Wear Campaign Breakouts! Tuesday June 24th 10 am and Noon EST.zip
2014-06-23 15:22 - 2006-11-02 04:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-06-23 14:49 - 2013-12-02 10:59 - 50753536 _____ () C:\Windows\system32\config\software.iobit
2014-06-23 14:49 - 2013-12-02 10:59 - 38883328 _____ () C:\Windows\system32\config\components.iobit
2014-06-23 14:49 - 2013-12-02 10:59 - 00274432 _____ () C:\Windows\system32\config\default.iobit
2014-06-23 14:49 - 2013-12-02 10:59 - 00057344 _____ () C:\Windows\system32\config\sam.iobit
2014-06-23 14:49 - 2013-12-02 10:59 - 00028672 _____ () C:\Windows\system32\config\security.iobit
2014-06-21 14:58 - 2014-06-21 14:58 - 00019364 _____ () C:\Users\Colleen\Downloads\IOB Agent Performance Report 6-16-14 to 6-20-14.zip
2014-06-21 14:58 - 2014-05-23 10:57 - 00000000 ____D () C:\Users\Colleen\DocumentA NexRep
2014-06-19 15:45 - 2014-06-19 15:45 - 00019286 _____ () C:\Users\Colleen\Downloads\IOB Agent Performance Report 6-16-14 to 6-17-14 (1).zip
2014-06-19 15:40 - 2014-06-19 15:40 - 00019286 _____ () C:\Users\Colleen\Downloads\IOB Agent Performance Report 6-16-14 to 6-17-14.zip
2014-06-19 15:39 - 2014-06-19 15:39 - 00020314 _____ () C:\Users\Colleen\Downloads\IOB Agent Performance Report 6-9-14 to 6-15-14.zip
2014-06-18 07:56 - 2013-06-05 14:31 - 00000000 ____D () C:\Program Files\Opera
2014-06-16 20:18 - 2010-01-02 20:35 - 00000000 ____D () C:\Users\Colleen\AppData\Local\Bible Explorer 4
2014-06-16 08:12 - 2014-02-10 10:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EfficientPIM
2014-06-16 08:12 - 2014-02-10 10:29 - 00000000 ____D () C:\Program Files\EfficientPIM
2014-06-13 12:35 - 2008-07-03 10:15 - 00000000 ____D () C:\Users\Colleen\Documents\Money
2014-06-13 12:31 - 2007-12-20 16:01 - 00000000 _____ () C:\Users\Colleen\Documents\NEWSOFT
2014-06-12 10:22 - 2014-06-12 10:22 - 01974784 _____ () C:\Users\Colleen\Downloads\world_time_zones_sl.xls
2014-06-11 08:35 - 2006-11-30 18:18 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-11 08:32 - 2013-08-18 10:32 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-11 08:24 - 2006-11-02 03:24 - 92708840 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

Files to move or delete:
====================
C:\Users\Colleen\lametritonus_en.dll
C:\Users\Colleen\lame_enc_en.dll

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-07-10 12:17

==================== End Of Log ============================

**OCD** · 2014-07-11, 05:17

Hi blueskygal,

Please don't attach the logs unless requested to do so. When you attach the log I must download it before I can view it. Most logs will fit in the reply window. If the forum should give you a warning that the file is to large, simply break the log up into multiple posts.

Multiple Anti-Virus Programs Installed

I notice that you have multiple Anti-Virus programs installed at the same time. Having more than one antivirus program running at the same time can seriously degrade the performance of your system.

AVG AntiVirus Free Edition 2014
Spybot - Search and Destroy

Please uninstall one (1) (which ever you prefer) using either the provided uninstall feature that is part of the antivirus program or through Add/Remove Programs (for Vista and Win 7 users to go to Programs and Features in the Control Panel). As a rule of thumb one should run one firewall, one antivirus program in memory, and one anti-spyware utility in memory. It's fine to have other security tools available on an as-needed or on-demand basis, but when multiple tools simultaneously perform the same function, you're asking for trouble.

AVG AntiVirus Free Edition 2014
Spybot - Search and Destroy

=========================

I noticed by your logs that you ran these scan is Safe Mode w/Networking. Can the computer boot in Normal Mode?

Please try and run this next step in Normal Mode. If you cannot boot in Normal Mode then run the in Safe Mode w/Networking.

=========================

You have a Rootkit infection on your computer. Please read through the instructions to familiarize yourself with the steps before you start. If you are more comfortable you can print them out for reference as you work though the steps.

TDSSKiller

Please download TDSSKiller.zip - Extract it to your desktop

TDSSKiller.exe
- Windows XP : Double click on the icon to run it.
- Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
After program loads, click on Change parameters.
Put a check-mark beside Loaded modules.
A reboot will be needed to apply the changes. Do it.
TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
Then click on Change parameters in TDSSKiller.
Check all boxes then click OK.
Press Start Scan
The scan should take no longer than 2 minutes.
If a suspicious object is detected, the default action will be Skip, click on Continue
Any entries like this: \Device\Harddisk0\DR0 ( TDSS File System ) - please choose Skip.
If in doubt about an entry....please ask or choose Skip
If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
- IMPORTANT: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
Copy and paste the log in your next reply
- A copy of the log will be saved automatically to the root of the drive (typically C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt.

=========================

In your next post please provide the following:
TDSSKiller log

**blueskygal** · 2014-07-12, 01:26

OCD,

1. Deleted AVG

does run faster!
2. While running program spybot found a problem but i told it to allow it figuring tdsskiller would get it.

15:54:31.0117 0x0a54 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
15:54:31.0569 0x0a54 ============================================================
15:54:31.0569 0x0a54 Current date / time: 2014/07/11 15:54:31.0569
15:54:31.0569 0x0a54 SystemInfo:
15:54:31.0569 0x0a54
15:54:31.0569 0x0a54 OS Version: 6.0.6002 ServicePack: 2.0
15:54:31.0569 0x0a54 Product type: Workstation
15:54:31.0569 0x0a54 ComputerName: COLLEEN-PC
15:54:31.0569 0x0a54 UserName: Colleen
15:54:31.0569 0x0a54 Windows directory: C:\Windows
15:54:31.0569 0x0a54 System windows directory: C:\Windows
15:54:31.0569 0x0a54 Processor architecture: Intel x86
15:54:31.0569 0x0a54 Number of processors: 2
15:54:31.0569 0x0a54 Page size: 0x1000
15:54:31.0569 0x0a54 Boot type: Normal boot
15:54:31.0569 0x0a54 ============================================================
15:54:31.0585 0x0a54 BG loaded
15:54:33.0036 0x0a54 System UUID: {D7C73EAA-3184-3AB6-D3C6-0DB06BF1B4CD}
15:54:35.0376 0x0a54 Drive \Device\Harddisk0\DR0 - Size: 0x174A446000 ( 93.16 Gb ), SectorSize: 0x200, Cylinders: 0x2F81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:54:35.0438 0x0a54 ============================================================
15:54:35.0438 0x0a54 \Device\Harddisk0\DR0:
15:54:35.0485 0x0a54 MBR partitions:
15:54:35.0485 0x0a54 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0xB763800
15:54:35.0485 0x0a54 ============================================================
15:54:35.0922 0x0a54 C: <-> \Device\Harddisk0\DR0\Partition1
15:54:35.0922 0x0a54 ============================================================
15:54:35.0922 0x0a54 Initialize success
15:54:35.0922 0x0a54 ============================================================
15:55:25.0193 0x0c70 ============================================================
15:55:25.0193 0x0c70 Scan started
15:55:25.0193 0x0c70 Mode: Manual; SigCheck; TDLFS;
15:55:25.0193 0x0c70 ============================================================
15:55:25.0193 0x0c70 KSN ping started
15:56:09.0045 0x0c70 KSN ping finished: true
15:56:28.0670 0x0c70 ================ Scan system memory ========================
15:56:28.0670 0x0c70 System memory - ok
15:56:28.0919 0x0c70 ================ Scan services =============================
15:56:29.0606 0x0c70 [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI C:\Windows\system32\drivers\acpi.sys
15:56:29.0996 0x0c70 ACPI - ok
15:56:31.0135 0x0c70 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:56:31.0213 0x0c70 AdobeARMservice - ok
15:56:31.0790 0x0c70 [ A6B6AB9502B63F43A9A56AE6AFB22078, DD1F0BA3D8F3333F52A71EAE3719A001F6EF844D647FFABF0E4C56C6C764ACA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:56:32.0086 0x0c70 AdobeFlashPlayerUpdateSvc - ok
15:56:32.0492 0x0c70 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB, 0342700760874683A6DF4F149DACACEF0569D40C45FC5958C67100B3C5D9BBBC ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:56:32.0773 0x0c70 adp94xx - ok
15:56:32.0866 0x0c70 [ B84088CA3CDCA97DA44A984C6CE1CCAD, 87009809FB101BF51483FA32318CBCD209386582880C82417BE4FFAD1B04C8C1 ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:56:33.0334 0x0c70 adpahci - ok
15:56:33.0631 0x0c70 [ 7880C67BCCC27C86FD05AA2AFB5EA469, C8B06E203EEA6EAD19651F212432005ABADFF21E2AA5699E34040527394F2677 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
15:56:34.0005 0x0c70 adpu160m - ok
15:56:34.0395 0x0c70 [ 9AE713F8E30EFC2ABCCD84904333DF4D, B0C7801AC6E0811C38F0474703F34283914C8873D851F59EE232834F7C0D8087 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:56:34.0738 0x0c70 adpu320 - ok
15:56:35.0674 0x0c70 [ 9243229DFCCC99B5441750EBA49F1B14, 1292D9A049F07E74F3E60068D839E9166BBC090A63972FBE5432D4818AA9DF47 ] AdvancedSystemCareService6 C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
15:56:35.0893 0x0c70 AdvancedSystemCareService6 - ok
15:56:36.0002 0x0c70 [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:56:38.0186 0x0c70 AeLookupSvc - ok
15:56:38.0669 0x0c70 [ 3911B972B55FEA0478476B2E777B29FA, 62545B90C7DD3F73777E62CD8264E611A4D71B6956CABFD2D820D25F41F471FD ] AFD C:\Windows\system32\drivers\afd.sys
15:56:41.0259 0x0c70 AFD - ok
15:56:41.0493 0x0c70 [ 1CB677BF1DABD3BAF4F944E2C90D6C73, 099466E899BB7BA176C42DB15D0D4946DC15845CA051BDACF3BE767157AB90BD ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
15:56:41.0852 0x0c70 AgereModemAudio - ok
15:56:42.0179 0x0c70 [ 4E6294A06BE883C9BD685A8DFD9FCD4E, 981293F10047FEB0DA7D421E0F36653360BCF709F7BB8F0750CE6D298F739D73 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
15:56:42.0491 0x0c70 AgereSoftModem - ok
15:56:42.0772 0x0c70 [ EF23439CDD587F64C2C1B8825CEAD7D8, 762665CFC202B3E16CA2338887896FDF996331A363DC709F1EC088BF927133A3 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:56:42.0866 0x0c70 agp440 - ok
15:56:42.0944 0x0c70 [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
15:56:43.0006 0x0c70 aic78xx - ok
15:56:43.0084 0x0c70 [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG C:\Windows\System32\alg.exe
15:56:44.0223 0x0c70 ALG - ok
15:56:44.0473 0x0c70 [ 90395B64600EBB4552E26E178C94B2E4, 73095893964DC7915983B58A567184FC51949C99341E7E0D04D70CC4C4F95E37 ] aliide C:\Windows\system32\drivers\aliide.sys
15:56:44.0519 0x0c70 aliide - ok
15:56:44.0582 0x0c70 [ 2B13E304C9DFDFA5EB582F6A149FA2C7, 196CCE13E0376526B79D9C43D4071990576C4DD210A48E9E922B438AA11C95E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
15:56:44.0597 0x0c70 amdagp - ok
15:56:44.0644 0x0c70 [ 0577DF1D323FE75A739C787893D300EA, 079EF3CA18FB847DB7E62929071BFF007FAF390E1DBF4C59F28DAAC6B9C2DE51 ] amdide C:\Windows\system32\drivers\amdide.sys
15:56:44.0660 0x0c70 amdide - ok
15:56:44.0691 0x0c70 [ DC487885BCEF9F28EECE6FAC0E5DDFC5, 24A62F6E628AD46273BC226F7BC3453A9C7B76F81ABB9FB801EBEFADB2AB7C9B ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
15:56:45.0034 0x0c70 AmdK7 - ok
15:56:45.0065 0x0c70 [ 0CA0071DA4315B00FC1328CA86B425DA, 4F816FA2197166A83A266084F9D5ED68876D0521D378F90F1314DD53C6FB8814 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:56:45.0237 0x0c70 AmdK8 - ok
15:56:45.0362 0x0c70 [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] Appinfo C:\Windows\System32\appinfo.dll
15:56:45.0440 0x0c70 Appinfo - ok
15:56:45.0549 0x0c70 [ A8AA9D47F971570A5162B862B80F87E8, D33A9A2B7838288E99B56B95A10E6B62E4EFF973CF7FFA0073CC2A9145C0E11D ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
15:56:45.0580 0x0c70 Apple Mobile Device - ok
15:56:45.0752 0x0c70 [ 5F673180268BB1FDB69C99B6619FE379, C4307A861163F96648109046A6C7D53AB1C9B10D0B841DD1A7D147D22F462649 ] arc C:\Windows\system32\drivers\arc.sys
15:56:45.0877 0x0c70 arc - ok
15:56:46.0001 0x0c70 [ 957F7540B5E7F602E44648C7DE5A1C05, F03C7708A6C9D2579ECE5A7413AFA068E1067D7191EC653A78BA4FEDE76CFBD8 ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:56:46.0048 0x0c70 arcsas - ok
15:56:46.0204 0x0c70 [ C2DF2E3C676414D6F8C8F35F0EA46C60, 0D1BB71306D0C103A5B55A1C5CDBC7B93F72FEA24BFA1BDA5C7AEBC1D27C4362 ] astcc C:\Windows\system32\AstSrv.exe
15:56:46.0251 0x0c70 astcc - detected UnsignedFile.Multi.Generic ( 1 )
15:56:51.0368 0x0c70 Detect skipped due to KSN trusted
15:56:51.0368 0x0c70 astcc - ok
15:56:51.0555 0x0c70 [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:56:51.0758 0x0c70 AsyncMac - ok
15:56:51.0836 0x0c70 [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi C:\Windows\system32\drivers\atapi.sys
15:56:51.0867 0x0c70 atapi - ok
15:56:52.0085 0x0c70 [ 47CCA447C98AA4258EC43C924A883A45, 98E4C1AC4CB59E361E09B5DB04A88483F807F53B7EEED32BA27E77D281D5AE4E ] atashost C:\Windows\system32\atashost.exe
15:56:52.0101 0x0c70 atashost - ok
15:56:52.0663 0x0c70 [ 8BE56F8300E1C37B578DA23C71816B7A, C214C8B070E60ED2C8144D875969DAB3B3999532AE0B7E8732813DCC0408826F ] athr C:\Windows\system32\DRIVERS\athr.sys
15:56:53.0068 0x0c70 athr - ok
15:56:53.0287 0x0c70 [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:56:53.0333 0x0c70 AudioEndpointBuilder - ok
15:56:53.0396 0x0c70 [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv C:\Windows\System32\Audiosrv.dll
15:56:53.0505 0x0c70 Audiosrv - ok
15:56:53.0739 0x0c70 [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep C:\Windows\system32\drivers\Beep.sys
15:56:53.0926 0x0c70 Beep - ok
15:56:54.0160 0x0c70 [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE C:\Windows\System32\bfe.dll
15:56:54.0269 0x0c70 BFE - ok
15:56:54.0737 0x0c70 [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS C:\Windows\System32\qmgr.dll
15:56:55.0486 0x0c70 BITS - ok
15:56:55.0689 0x0c70 [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:56:55.0767 0x0c70 bowser - ok
15:56:55.0876 0x0c70 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
15:56:55.0985 0x0c70 BrFiltLo - ok
15:56:56.0204 0x0c70 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
15:56:56.0375 0x0c70 BrFiltUp - ok
15:56:56.0469 0x0c70 [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser C:\Windows\System32\browser.dll
15:56:56.0547 0x0c70 Browser - ok
15:56:56.0734 0x0c70 [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid C:\Windows\system32\drivers\brserid.sys
15:56:57.0171 0x0c70 Brserid - ok
15:56:57.0249 0x0c70 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
15:56:57.0717 0x0c70 BrSerWdm - ok
15:56:57.0748 0x0c70 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
15:56:57.0982 0x0c70 BrUsbMdm - ok
15:56:58.0216 0x0c70 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
15:56:58.0965 0x0c70 BrUsbSer - ok
15:56:59.0402 0x0c70 [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
15:56:59.0527 0x0c70 BTHMODEM - ok
15:57:00.0197 0x0c70 [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:57:00.0338 0x0c70 cdfs - ok
15:57:00.0572 0x0c70 [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:57:00.0681 0x0c70 cdrom - ok
15:57:00.0993 0x0c70 [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc C:\Windows\System32\certprop.dll
15:57:01.0430 0x0c70 CertPropSvc - ok
15:57:02.0277 0x0c70 [ C82162949BBA6CC5D006C7BD008F3CF1, 635E5B5C5AF3ACECA6115DAC8E576390B258C6590EE9727DB6FA68B13FD85297 ] CFSvcs C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
15:57:02.0417 0x0c70 CFSvcs - detected UnsignedFile.Multi.Generic ( 1 )
15:57:12.0918 0x0c70 CFSvcs ( UnsignedFile.Multi.Generic ) - warning
15:57:17.0876 0x0c70 [ DA8E0AFC7BAA226C538EF53AC2F90897, 2BBB9966671A3B8325D215DBC29FBD7D912C13ADC562A0D4521D1FF9A6F445C0 ] circlass C:\Windows\system32\drivers\circlass.sys
15:57:18.0100 0x0c70 circlass - ok
15:57:18.0208 0x0c70 [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS C:\Windows\system32\CLFS.sys
15:57:18.0561 0x0c70 CLFS - ok
15:57:18.0821 0x0c70 [ 8EE772032E2FE80A924F3B8DD5082194, B743DF91563A22CC15D9B44105804B5866A29D3DFC156DBE88DFAFEF903B94C0 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:57:20.0287 0x0c70 clr_optimization_v2.0.50727_32 - ok
15:57:20.0496 0x0c70 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:57:21.0124 0x0c70 clr_optimization_v4.0.30319_32 - ok
15:57:21.0454 0x0c70 [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:57:21.0633 0x0c70 CmBatt - ok
15:57:21.0759 0x0c70 [ 45201046C776FFDAF3FC8A0029C581C8, 68A68CF2B76598BC8610EB5B2D3FD5BDC9D51CFC6F51FB7A0B0C92A2BE910FC6 ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:57:21.0775 0x0c70 cmdide - ok
15:57:22.0107 0x0c70 [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:57:22.0228 0x0c70 Compbatt - ok
15:57:22.0252 0x0c70 COMSysApp - ok
15:57:22.0361 0x0c70 [ 2A213AE086BBEC5E937553C7D9A2B22C, 1F91ACC0426E0ED1717555B282F65629EF15021375B24A63C29C89ADE916EE2A ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:57:23.0007 0x0c70 crcdisk - ok
15:57:23.0201 0x0c70 [ 22A7F883508176489F559EE745B5BF5D, D6341E3FBC8A46D2D1F0477FA60EC4828B585D35B14609CD02868FD04ECD14DB ] Crusoe C:\Windows\system32\drivers\crusoe.sys
15:57:23.0829 0x0c70 Crusoe - ok
15:57:24.0670 0x0c70 [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:57:25.0276 0x0c70 CryptSvc - ok
15:57:25.0779 0x0c70 [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:57:26.0010 0x0c70 DcomLaunch - ok
15:57:26.0099 0x0c70 [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:57:26.0311 0x0c70 DfsC - ok
15:57:27.0518 0x0c70 [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR C:\Windows\system32\DFSR.exe
15:57:28.0870 0x0c70 DFSR - ok
15:57:29.0229 0x0c70 [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp C:\Windows\System32\dhcpcsvc.dll
15:57:29.0307 0x0c70 Dhcp - ok
15:57:29.0588 0x0c70 [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk C:\Windows\system32\drivers\disk.sys
15:57:30.0883 0x0c70 disk - ok
15:57:31.0101 0x0c70 [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:57:31.0226 0x0c70 Dnscache - ok
15:57:31.0304 0x0c70 [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc C:\Windows\System32\dot3svc.dll
15:57:31.0709 0x0c70 dot3svc - ok
15:57:31.0865 0x0c70 [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS C:\Windows\system32\dps.dll
15:57:32.0443 0x0c70 DPS - ok
15:57:32.0521 0x0c70 [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:57:32.0708 0x0c70 drmkaud - ok
15:57:33.0425 0x0c70 [ 988670D8343EF9835FB3659DB71B2EFA, 5F5370FDD08C4BFF0828341952E98E95F722CB779EEC08C9DD6212C4DF3CD33B ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:57:33.0942 0x0c70 DXGKrnl - ok
15:57:34.0092 0x0c70 [ F88FB26547FD2CE6D0A5AF2985892C48, F02E06E16830F5D3FAF61991F5A91E54BB3461F58AFE3BFB7A9066CD302B879F ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
15:57:39.0691 0x0c70 E1G60 - ok
15:57:39.0987 0x0c70 [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost C:\Windows\System32\eapsvc.dll
15:57:40.0190 0x0c70 EapHost - ok
15:57:40.0424 0x0c70 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache C:\Windows\system32\drivers\ecache.sys
15:57:40.0517 0x0c70 Ecache - ok
15:57:40.0689 0x0c70 [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:57:40.0881 0x0c70 ehRecvr - ok
15:57:40.0920 0x0c70 [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched C:\Windows\ehome\ehsched.exe
15:57:41.0164 0x0c70 ehSched - ok
15:57:41.0195 0x0c70 [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart C:\Windows\ehome\ehstart.dll
15:57:41.0273 0x0c70 ehstart - ok
15:57:41.0336 0x0c70 [ 7EC42EC12A4BAC14BCCA99FB06F2D125, 6C4761B6727430D11D463C2E3BD0202755BE6598F3585A2B4B8E24DBA6A2EF7B ] elagopro C:\Windows\system32\DRIVERS\elagopro.sys
15:57:41.0460 0x0c70 elagopro - ok
15:57:41.0507 0x0c70 [ DFEABB7CFFFADEA4A912AB95BDC3177A, 9A93956CF826F419ACB2B3CA8809917E345ACFD43B102EAB18DB46F49859D1C7 ] elaunidr C:\Windows\system32\DRIVERS\elaunidr.sys
15:57:41.0741 0x0c70 elaunidr - ok
15:57:41.0866 0x0c70 [ E8F3F21A71720C84BCF423B80028359F, 63114E6120F634224A0E83A5047B37C7D6F26CF99FE3C01CFC0AB8B1763BB084 ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:57:42.0022 0x0c70 elxstor - ok
15:57:42.0131 0x0c70 [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
15:57:42.0318 0x0c70 EMDMgmt - ok
15:57:42.0459 0x0c70 [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem C:\Windows\system32\es.dll
15:57:42.0568 0x0c70 EventSystem - ok
15:57:42.0880 0x0c70 [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat C:\Windows\system32\drivers\exfat.sys
15:57:43.0847 0x0c70 exfat - ok
15:57:43.0972 0x0c70 [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:57:44.0066 0x0c70 fastfat - ok
15:57:44.0172 0x0c70 [ 63BDADA84951B9C03E641800E176898A, AD3EA20CAD0E0C438422D5D39AEA9E0AAD9E1DC866A696AE503C76F5FAC4BE6E ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:57:44.0432 0x0c70 fdc - ok
15:57:44.0562 0x0c70 [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost C:\Windows\system32\fdPHost.dll
15:57:44.0652 0x0c70 fdPHost - ok
15:57:44.0702 0x0c70 [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub C:\Windows\system32\fdrespub.dll
15:57:44.0832 0x0c70 FDResPub - ok
15:57:44.0972 0x0c70 [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:57:45.0002 0x0c70 FileInfo - ok
15:57:45.0092 0x0c70 [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:57:45.0162 0x0c70 Filetrace - ok
15:57:45.0252 0x0c70 [ 6603957EFF5EC62D25075EA8AC27DE68, B52D112301A6BFBD60959D7D2502AB2E1EB6BB7F5DCED46899F1F006C7F1E887 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:57:45.0352 0x0c70 flpydisk - ok
15:57:45.0492 0x0c70 [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:57:45.0522 0x0c70 FltMgr - ok
15:57:45.0902 0x0c70 [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache C:\Windows\system32\FntCache.dll
15:57:46.0782 0x0c70 FontCache - ok
15:57:46.0942 0x0c70 [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:57:46.0982 0x0c70 FontCache3.0.0.0 - ok
15:57:47.0042 0x0c70 [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:57:47.0122 0x0c70 Fs_Rec - ok
15:57:47.0192 0x0c70 [ 4E1CD0A45C50A8882616CAE5BF82F3C5, 1B909AF150F7119A5685999451A85012F4A92F15F38390A281EA507E2D247BAE ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:57:47.0232 0x0c70 gagp30kx - ok
15:57:47.0372 0x0c70 [ AB8A6A87D9D7255C3884D5B9541A6E80, D073B5D8A06EFA6415E8F22DFE486DE913113AE23F59CFC5EEF1B3E694CE86F3 ] GEARAspiWDM C:\Windows\system32\Drivers\GEARAspiWDM.sys
15:57:47.0392 0x0c70 GEARAspiWDM - ok
15:57:47.0542 0x0c70 [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc C:\Windows\System32\gpsvc.dll
15:57:47.0652 0x0c70 gpsvc - ok
15:57:47.0892 0x0c70 [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
15:57:47.0907 0x0c70 gupdate - ok
15:57:47.0985 0x0c70 [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
15:57:48.0001 0x0c70 gupdatem - ok
15:57:48.0102 0x0c70 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
15:57:48.0162 0x0c70 gusvc - ok
15:57:48.0272 0x0c70 [ CB04C744BE0A61B1D648FAED182C3B59, 61DC0FF94325DAFCCB7B3980A48727EFBF1283FCF753EC16EF04C730525994C0 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:57:48.0402 0x0c70 HdAudAddService - ok
15:57:48.0502 0x0c70 [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:57:48.0712 0x0c70 HDAudBus - ok
15:57:48.0772 0x0c70 [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth C:\Windows\system32\drivers\hidbth.sys
15:57:48.0902 0x0c70 HidBth - ok
15:57:48.0982 0x0c70 [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr C:\Windows\system32\drivers\hidir.sys
15:57:49.0112 0x0c70 HidIr - ok
15:57:49.0252 0x0c70 [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv C:\Windows\system32\hidserv.dll
15:57:49.0462 0x0c70 hidserv - ok
15:57:49.0632 0x0c70 [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:57:49.0822 0x0c70 HidUsb - ok
15:57:49.0922 0x0c70 [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc C:\Windows\system32\kmsvc.dll
15:57:49.0992 0x0c70 hkmsvc - ok
15:57:50.0102 0x0c70 [ DF353B401001246853763C4B7AAA6F50, 05C043493BDD99DEFBB0F5C3D8C475B06C2BF5629565ACF6F3B754002519B836 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
15:57:50.0132 0x0c70 HpCISSs - ok
15:57:50.0312 0x0c70 [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:57:50.0432 0x0c70 HTTP - ok
15:57:50.0492 0x0c70 [ 324C2152FF2C61ABAE92D09F3CCA4D63, 2D09964C8003277F7DB1FFAA0DAEF15B205F3C4100FF601950BC9E544DC0B91F ] i2omp C:\Windows\system32\drivers\i2omp.sys
15:57:50.0522 0x0c70 i2omp - ok
15:57:50.0672 0x0c70 [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:57:50.0742 0x0c70 i8042prt - ok
15:57:51.0502 0x0c70 [ 9378D57E2B96C0A185D844770AD49948, AED244DDF125C867091D0A926B275EC1C60C89844C69595B1D1FC586F60F118A ] ialm C:\Windows\system32\DRIVERS\igdkmd32.sys
15:57:52.0827 0x0c70 ialm - ok
15:57:53.0045 0x0c70 [ C957BF4B5D80B46C5017BF0101E6C906, 6B9186335E50E7E0DBAF574A224E524EC526B57AA02F509E4A8D0F905C9CE880 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
15:57:53.0092 0x0c70 iaStorV - ok
15:57:53.0248 0x0c70 [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
15:57:53.0326 0x0c70 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
15:57:58.0178 0x0c70 Detect skipped due to KSN trusted
15:57:58.0178 0x0c70 IDriverT - ok
15:57:58.0614 0x0c70 [ 98477B08E61945F974ED9FDC4CB6BDAB, C7E8F661F6FBF6AB493E950D2E70363496E155B1838CE7B490B981BD840B04FC ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:58:00.0065 0x0c70 idsvc - ok
15:58:01.0298 0x0c70 [ 9378D57E2B96C0A185D844770AD49948, AED244DDF125C867091D0A926B275EC1C60C89844C69595B1D1FC586F60F118A ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
15:58:05.0868 0x0c70 igfx - ok
15:58:06.0024 0x0c70 [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:58:06.0087 0x0c70 iirsp - ok
15:58:06.0227 0x0c70 [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT C:\Windows\System32\ikeext.dll
15:58:06.0695 0x0c70 IKEEXT - ok
15:58:07.0132 0x0c70 [ A47B2875680AD67B35C6150BD0203056, 2087CF6D1EEA7C0DB09EB3211713B2D0F36877960878A08CF6CEC99252316417 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
15:58:07.0631 0x0c70 IntcAzAudAddService - ok
15:58:07.0772 0x0c70 [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide C:\Windows\system32\drivers\intelide.sys
15:58:07.0803 0x0c70 intelide - ok
15:58:07.0896 0x0c70 [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:58:07.0974 0x0c70 intelppm - ok
15:58:08.0052 0x0c70 [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:58:08.0130 0x0c70 IPBusEnum - ok
15:58:08.0208 0x0c70 [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:58:08.0349 0x0c70 IpFilterDriver - ok
15:58:08.0442 0x0c70 [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:58:08.0536 0x0c70 iphlpsvc - ok
15:58:08.0583 0x0c70 [ 40F34F8ABA2A015D780E4B09138B6C17, 22F86888C6B4F76836E863A90730D8F0DBD518305D87A399A159387E79E9D2F7 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
15:58:08.0723 0x0c70 IPMIDRV - ok
15:58:08.0786 0x0c70 [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
15:58:08.0926 0x0c70 IPNAT - ok
15:58:09.0129 0x0c70 [ 62937A89470AF8FF172F0980CA8AEFC9, E9F9853190EDB8B5805816C1B363FE357C61D3CD86CA4DEA6673FE4715AAFF89 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:58:09.0207 0x0c70 iPod Service - ok
15:58:09.0254 0x0c70 [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:58:09.0503 0x0c70 IRENUM - ok
15:58:09.0550 0x0c70 [ 350FCA7E73CF65BCEF43FAE1E4E91293, 68403FE3F4DC40919CD26A2CC42BE4386AE6874F47DD382348FFD79080721A13 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:58:09.0566 0x0c70 isapnp - ok
15:58:09.0690 0x0c70 [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
15:58:09.0706 0x0c70 iScsiPrt - ok
15:58:09.0753 0x0c70 [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
15:58:09.0800 0x0c70 iteatapi - ok
15:58:10.0002 0x0c70 [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid C:\Windows\system32\drivers\iteraid.sys
15:58:10.0034 0x0c70 iteraid - ok
15:58:10.0127 0x0c70 [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:58:10.0143 0x0c70 kbdclass - ok
15:58:10.0283 0x0c70 [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:58:10.0424 0x0c70 kbdhid - ok
15:58:10.0580 0x0c70 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso C:\Windows\system32\lsass.exe
15:58:10.0704 0x0c70 KeyIso - ok
15:58:10.0782 0x0c70 [ 1E0D65F7FFEB4E99B2EEC1CCB5754CC8, FE56EA89A4D7751EAB089C58514A824FBEDB44065CF3132B897AC613E211B46B ] KR10I C:\Windows\system32\drivers\kr10i.sys
15:58:10.0798 0x0c70 KR10I - detected UnsignedFile.Multi.Generic ( 1 )
15:58:17.0350 0x0c70 Detect skipped due to KSN trusted
15:58:17.0350 0x0c70 KR10I - ok
15:58:17.0584 0x0c70 [ 485E005CD51FF502FB16483EB4B69C17, 8294524C21C18BA5A32B926BD497C67A4ED49FB3654C93D11681C01D30769998 ] KR3NPXP C:\Windows\system32\drivers\kr3npxp.sys
15:58:18.0146 0x0c70 KR3NPXP - detected UnsignedFile.Multi.Generic ( 1 )
15:58:23.0122 0x0c70 Detect skipped due to KSN trusted
15:58:23.0122 0x0c70 KR3NPXP - ok
15:58:24.0729 0x0c70 [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:58:24.0807 0x0c70 KSecDD - ok
15:58:24.0978 0x0c70 [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm C:\Windows\system32\msdtckrm.dll
15:58:25.0103 0x0c70 KtmRm - ok
15:58:25.0181 0x0c70 [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer C:\Windows\system32\srvsvc.dll
15:58:25.0290 0x0c70 LanmanServer - ok
15:58:25.0368 0x0c70 [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:58:25.0462 0x0c70 LanmanWorkstation - ok
15:58:25.0571 0x0c70 [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:58:25.0634 0x0c70 lltdio - ok
15:58:25.0758 0x0c70 [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:58:25.0868 0x0c70 lltdsvc - ok
15:58:25.0914 0x0c70 [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:58:26.0055 0x0c70 lmhosts - ok
15:58:26.0164 0x0c70 [ 515FC18CABEE0158A324B08B1C2667CF, E044C731C795EB27E85DDD09F574D7002BC230D6341340078655892CAB3BA2E6 ] LPCFilter C:\Windows\system32\DRIVERS\LPCFilter.sys
15:58:26.0258 0x0c70 LPCFilter - ok
15:58:26.0290 0x0c70 [ A2262FB9F28935E862B4DB46438C80D2, 792684A68726BC007ACABB584682FDF4F059AE60888FB5B47ED68A97EA0BB5E6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:58:26.0317 0x0c70 LSI_FC - ok
15:58:26.0364 0x0c70 [ 30D73327D390F72A62F32C103DAF1D6D, 7BB5BFB0DCF33AF9907539B52DF7BA1943C1E75A17715B58DBC702ACA6D406EA ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:58:26.0404 0x0c70 LSI_SAS - ok
15:58:26.0431 0x0c70 [ E1E36FEFD45849A95F1AB81DE0159FE3, DA02B23A881D156A02D3874B41E6D042F84AD558B434280A6A6AC6B619668647 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:58:26.0475 0x0c70 LSI_SCSI - ok
15:58:26.0598 0x0c70 [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv C:\Windows\system32\drivers\luafv.sys
15:58:26.0673 0x0c70 luafv - ok
15:58:26.0807 0x0c70 lxcj_device - ok
15:58:26.0931 0x0c70 [ 12E71DA845D76665B56753AD149E32B3, 0E403710CCBACD5AB85FD4C32AAB6CB2C27BC1F043E8008EE49EE96ECA944146 ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
15:58:26.0961 0x0c70 MBAMSwissArmy - ok
15:58:27.0058 0x0c70 [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:58:27.0120 0x0c70 Mcx2Svc - ok
15:58:27.0227 0x0c70 [ D153B14FC6598EAE8422A2037553ADCE, D5408B07B6EBA0146A605F11106497DC3DF8EC72E0DCC44BE1366A2A58ABE478 ] megasas C:\Windows\system32\drivers\megasas.sys
15:58:27.0286 0x0c70 megasas - ok
15:58:27.0384 0x0c70 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS C:\Windows\system32\mmcss.dll
15:58:27.0490 0x0c70 MMCSS - ok
15:58:27.0600 0x0c70 [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem C:\Windows\system32\drivers\modem.sys
15:58:37.0630 0x0c70 Modem - ok
15:58:37.0850 0x0c70 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:58:37.0974 0x0c70 monitor - ok
15:58:38.0013 0x0c70 [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:58:38.0032 0x0c70 mouclass - ok
15:58:38.0359 0x0c70 [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:58:39.0045 0x0c70 mouhid - ok
15:58:39.0136 0x0c70 [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
15:58:39.0220 0x0c70 MountMgr - ok
15:58:39.0418 0x0c70 [ 583A41F26278D9E0EA548163D6139397, 1F09D2FEEE1A8D4F1D9E53596158154099FD436A408F7E72E40F50778A3838A1 ] mpio C:\Windows\system32\drivers\mpio.sys
15:58:39.0556 0x0c70 mpio - ok
15:58:39.0840 0x0c70 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:58:39.0960 0x0c70 mpsdrv - ok
15:58:40.0153 0x0c70 [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:58:40.0363 0x0c70 MpsSvc - ok
15:58:40.0506 0x0c70 [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
15:58:40.0534 0x0c70 Mraid35x - ok
15:58:40.0644 0x0c70 [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:58:40.0704 0x0c70 MRxDAV - ok
15:58:40.0774 0x0c70 [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:58:40.0864 0x0c70 mrxsmb - ok
15:58:40.0927 0x0c70 [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:58:41.0023 0x0c70 mrxsmb10 - ok
15:58:41.0065 0x0c70 [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:58:41.0117 0x0c70 mrxsmb20 - ok
15:58:41.0179 0x0c70 [ 742AED7939E734C36B7E8D6228CE26B7, 6F727144BBD42C9C5555087CA51DE8D501B5CBEFB9967866CC578733E3C5E681 ] msahci C:\Windows\system32\drivers\msahci.sys
15:58:41.0203 0x0c70 msahci - ok
15:58:41.0278 0x0c70 [ 3FC82A2AE4CC149165A94699183D3028, 8575BE62A209672A5D8C68D75BBBB4FF06220CA73A939B0793442DAD2272598C ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:58:41.0307 0x0c70 msdsm - ok
15:58:41.0408 0x0c70 [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC C:\Windows\System32\msdtc.exe
15:58:41.0607 0x0c70 MSDTC - ok
15:58:41.0793 0x0c70 [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:58:41.0901 0x0c70 Msfs - ok
15:58:42.0037 0x0c70 [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:58:42.0059 0x0c70 msisadrv - ok
15:58:42.0137 0x0c70 [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:58:42.0290 0x0c70 MSiSCSI - ok
15:58:42.0315 0x0c70 msiserver - ok
15:58:42.0423 0x0c70 [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:58:42.0548 0x0c70 MSKSSRV - ok
15:58:42.0717 0x0c70 [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:58:42.0791 0x0c70 MSPCLOCK - ok
15:58:42.0890 0x0c70 [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:58:42.0984 0x0c70 MSPQM - ok
15:58:43.0323 0x0c70 [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:58:43.0432 0x0c70 MsRPC - ok
15:58:43.0816 0x0c70 [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:58:43.0853 0x0c70 mssmbios - ok
15:58:43.0976 0x0c70 [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:58:44.0115 0x0c70 MSTEE - ok
15:58:44.0187 0x0c70 [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup C:\Windows\system32\Drivers\mup.sys
15:58:44.0226 0x0c70 Mup - ok
15:58:44.0355 0x0c70 [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent C:\Windows\system32\qagentRT.dll
15:58:44.0402 0x0c70 napagent - ok
15:58:44.0544 0x0c70 [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:58:44.0579 0x0c70 NativeWifiP - ok
15:58:44.0738 0x0c70 [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:58:44.0965 0x0c70 NDIS - ok
15:58:45.0085 0x0c70 [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:58:45.0150 0x0c70 NdisTapi - ok
15:58:45.0224 0x0c70 [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:58:45.0297 0x0c70 Ndisuio - ok
15:58:45.0395 0x0c70 [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:58:45.0504 0x0c70 NdisWan - ok
15:58:45.0567 0x0c70 [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:58:45.0604 0x0c70 NDProxy - ok
15:58:45.0743 0x0c70 [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:58:45.0795 0x0c70 NetBIOS - ok
15:58:45.0862 0x0c70 [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt C:\Windows\system32\DRIVERS\netbt.sys
15:58:45.0971 0x0c70 netbt - ok
15:58:46.0014 0x0c70 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon C:\Windows\system32\lsass.exe
15:58:46.0040 0x0c70 Netlogon - ok
15:58:46.0133 0x0c70 [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman C:\Windows\System32\netman.dll
15:58:46.0277 0x0c70 Netman - ok
15:58:46.0365 0x0c70 [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm C:\Windows\System32\netprofm.dll
15:58:46.0527 0x0c70 netprofm - ok
15:58:46.0689 0x0c70 [ D6C4E4A39A36029AC0813D476FBD0248, A0907D98580D1CD3007365CBBB53E84BEF39001E05912776F68EB0564B54B6EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:58:46.0780 0x0c70 NetTcpPortSharing - ok
15:58:46.0848 0x0c70 [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:58:46.0898 0x0c70 nfrd960 - ok
15:58:46.0985 0x0c70 [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc C:\Windows\System32\nlasvc.dll
15:58:47.0060 0x0c70 NlaSvc - ok
15:58:47.0150 0x0c70 [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:58:47.0192 0x0c70 Npfs - ok
15:58:47.0292 0x0c70 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi C:\Windows\system32\nsisvc.dll
15:58:47.0377 0x0c70 nsi - ok
15:58:47.0497 0x0c70 [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:58:47.0594 0x0c70 nsiproxy - ok
15:58:48.0042 0x0c70 [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:58:48.0587 0x0c70 Ntfs - ok
15:58:48.0693 0x0c70 [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
15:58:48.0853 0x0c70 ntrigdigi - ok
15:58:49.0009 0x0c70 [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null C:\Windows\system32\drivers\Null.sys
15:58:49.0097 0x0c70 Null - ok
15:58:49.0197 0x0c70 [ E69E946F80C1C31C53003BFBF50CBB7C, A0A4BC57822B2CBC75602A969E28DCEDE04B41CC084E1EF1532B1BCDAEAA43BB ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:58:49.0247 0x0c70 nvraid - ok
15:58:49.0330 0x0c70 [ 9E0BA19A28C498A6D323D065DB76DFFC, EA9E33ED2820ED39932FAE114A9CF1D87780ED6605D0260A6F22F920B48F34E9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:58:49.0359 0x0c70 nvstor - ok
15:58:49.0555 0x0c70 [ 07C186427EB8FCC3D8D7927187F260F7, 9AFDE1CB7B7232BD019804BFC691580B9CC2E51A5BC0E5584B23907D532600D8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:58:49.0768 0x0c70 nv_agp - ok
15:58:50.0238 0x0c70 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:58:50.0463 0x0c70 odserv - ok
15:58:50.0850 0x0c70 [ 6F310E890D46E246E0E261A63D9B36B4, 7050B0C43CC0DF2DDAD3EB8D2FF9EEE425A627C68654CBB154D55A4B1A47AA08 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
15:58:50.0913 0x0c70 ohci1394 - ok
15:58:51.0077 0x0c70 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:58:51.0098 0x0c70 ose - ok
15:58:51.0349 0x0c70 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc C:\Windows\system32\p2psvc.dll
15:58:51.0514 0x0c70 p2pimsvc - ok
15:58:51.0595 0x0c70 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc C:\Windows\system32\p2psvc.dll
15:58:51.0919 0x0c70 p2psvc - ok
15:58:51.0986 0x0c70 [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport C:\Windows\system32\drivers\parport.sys
15:59:01.0069 0x0c70 Parport - ok
15:59:01.0860 0x0c70 [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:59:01.0991 0x0c70 partmgr - ok
15:59:02.0107 0x0c70 [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
15:59:02.0432 0x0c70 Parvdm - ok
15:59:02.0620 0x0c70 [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc C:\Windows\System32\pcasvc.dll
15:59:03.0012 0x0c70 PcaSvc - ok
15:59:03.0200 0x0c70 [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci C:\Windows\system32\drivers\pci.sys
15:59:03.0310 0x0c70 pci - ok
15:59:03.0522 0x0c70 [ 3B1901E401473E03EB8C874271E50C26, 3C7931F419E29FDD0155D8D05D97289430A2852FCB3DBAD1B338FE2241458E72 ] pciide C:\Windows\system32\drivers\pciide.sys
15:59:03.0794 0x0c70 pciide - ok
15:59:03.0946 0x0c70 [ 3BB2244F343B610C29C98035504C9B75, DA61EC2600199DFA32020D0484E9BBF5E0742E7C8C952370BF6FAF91C914A999 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:59:04.0065 0x0c70 pcmcia - ok
15:59:04.0396 0x0c70 [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:59:05.0059 0x0c70 PEAUTH - ok
15:59:05.0390 0x0c70 [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla C:\Windows\system32\pla.dll
15:59:06.0018 0x0c70 pla - ok
15:59:06.0184 0x0c70 [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:59:06.0241 0x0c70 PlugPlay - ok
15:59:06.0546 0x0c70 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
15:59:06.0812 0x0c70 PNRPAutoReg - ok

**blueskygal** · 2014-07-12, 01:28

15:59:07.0222 0x0c70 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc C:\Windows\system32\p2psvc.dll
15:59:07.0420 0x0c70 PNRPsvc - ok
15:59:07.0767 0x0c70 [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:59:08.0712 0x0c70 PolicyAgent - ok
15:59:09.0006 0x0c70 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:59:09.0100 0x0c70 PptpMiniport - ok
15:59:09.0193 0x0c70 [ 0E3CEF5D28B40CF273281D620C50700A, 8ADA99B4563AE2129B95136295EE92A94102B035EBBC83D4C8587ECE8B0DEE60 ] Processor C:\Windows\system32\drivers\processr.sys
15:59:09.0318 0x0c70 Processor - ok
15:59:09.0478 0x0c70 [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc C:\Windows\system32\profsvc.dll
15:59:09.0518 0x0c70 ProfSvc - ok
15:59:09.0603 0x0c70 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
15:59:09.0627 0x0c70 ProtectedStorage - ok
15:59:09.0727 0x0c70 [ 390C204CED3785609AB24E9C52054A84, D997A9EAAE4A7FED9C2FEBD1AA7D1171431B9C9D56F8BFB587DCAE26203FF4D2 ] Ps2 C:\Windows\system32\DRIVERS\PS2.sys
15:59:09.0796 0x0c70 Ps2 - ok
15:59:09.0878 0x0c70 [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
15:59:09.0955 0x0c70 PSched - ok
15:59:10.0075 0x0c70 [ 49452BFCEC22F36A7A9B9C2181BC3042, C01A2005E9897B142FF9BC6155770F70C19725C425E48D14239195E81E2E42D0 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
15:59:10.0109 0x0c70 PxHelp20 - ok
15:59:10.0537 0x0c70 [ CCDAC889326317792480C0A67156A1EC, 3D3B561B6D4E12DE442C98993C929765F002AF5CFB5A00EFACE6ABE957F7E8AF ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:59:11.0618 0x0c70 ql2300 - ok
15:59:11.0688 0x0c70 [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:59:11.0741 0x0c70 ql40xx - ok
15:59:12.0127 0x0c70 [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE C:\Windows\system32\qwave.dll
15:59:18.0373 0x0c70 QWAVE - ok
15:59:18.0471 0x0c70 [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:59:18.0618 0x0c70 QWAVEdrv - ok
15:59:18.0767 0x0c70 [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:59:18.0838 0x0c70 RasAcd - ok
15:59:18.0978 0x0c70 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto C:\Windows\System32\rasauto.dll
15:59:19.0134 0x0c70 RasAuto - ok
15:59:19.0205 0x0c70 [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:59:19.0285 0x0c70 Rasl2tp - ok
15:59:19.0559 0x0c70 [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan C:\Windows\System32\rasmans.dll
15:59:19.0607 0x0c70 RasMan - ok
15:59:19.0706 0x0c70 [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:59:19.0799 0x0c70 RasPppoe - ok
15:59:19.0967 0x0c70 [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:59:20.0060 0x0c70 RasSstp - ok
15:59:20.0249 0x0c70 [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:59:20.0299 0x0c70 rdbss - ok
15:59:20.0381 0x0c70 [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:59:20.0422 0x0c70 RDPCDD - ok
15:59:20.0940 0x0c70 [ E8BD98D46F2ED77132BA927FCCB47D8B, 5187CF8F00AD67EDDF27DF675F3210C0D72E552578A89C58DF6953B1D5BEBCB8 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
15:59:21.0461 0x0c70 rdpdr - ok
15:59:21.0586 0x0c70 [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:59:21.0820 0x0c70 RDPENCDD - ok
15:59:21.0957 0x0c70 [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:59:23.0038 0x0c70 RDPWD - ok
15:59:23.0794 0x0c70 [ 96EFEC24346A8EB1157E80523079ADDC, 7F8FC284029856C754E400B6C954369FFE27763C81D8F4AF4E58BFDD44CBC24A ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
15:59:23.0844 0x0c70 RealNetworks Downloader Resolver Service - ok
15:59:24.0149 0x0c70 [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess C:\Windows\System32\mprdim.dll
15:59:24.0266 0x0c70 RemoteAccess - ok
15:59:24.0361 0x0c70 [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:59:24.0412 0x0c70 RemoteRegistry - ok
15:59:24.0539 0x0c70 [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator C:\Windows\system32\locator.exe
15:59:25.0143 0x0c70 RpcLocator - ok
15:59:25.0374 0x0c70 [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs C:\Windows\system32\rpcss.dll
15:59:27.0286 0x0c70 RpcSs - ok
15:59:27.0423 0x0c70 [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:59:27.0563 0x0c70 rspndr - ok
15:59:28.0281 0x0c70 [ 5163F804256DEB8CF1EF64B780A18CAA, 52C81583CEFA5E3EC503F48D759B93DA47C15BEA109022514CFAFFFDD5E9CB27 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
15:59:28.0823 0x0c70 RTL8169 - ok
15:59:29.0126 0x0c70 [ 93F66FAEA8BF047D4242AC85AADA403D, EAC5EA048B255EA255E120FD8FCF6BC682843E08A57838FB731050A7B9B9EDCC ] RVIEG01 C:\Program Files\Roland\Virtual Sound Canvas DXi\RVIEg01.sys
15:59:29.0516 0x0c70 RVIEG01 - detected UnsignedFile.Multi.Generic ( 1 )
15:59:34.0583 0x0c70 RVIEG01 ( UnsignedFile.Multi.Generic ) - warning
15:59:39.0767 0x0c70 [ 3C74D9FDB1D9831EC932E89F3D874F00, 193577197D2EE5E91A282B8DF945A1A5459C4D44F8C93F7FD5D67801BEEF988B ] RVIEGVST C:\Program Files\Roland\Virtual Sound Canvas VST\RVIEg01VST.sys
15:59:39.0871 0x0c70 RVIEGVST - detected UnsignedFile.Multi.Generic ( 1 )
15:59:44.0970 0x0c70 RVIEGVST ( UnsignedFile.Multi.Generic ) - warning
15:59:44.0970 0x0c70 Force sending object to P2P due to detect: RVIEGVST
15:59:50.0222 0x0c70 Object send P2P result: true
15:59:55.0386 0x0c70 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs C:\Windows\system32\lsass.exe
15:59:55.0401 0x0c70 SamSs - ok
15:59:55.0557 0x0c70 [ A3281AEC37E0720A2BC28034C2DF2A56, E8C122D17DD695D4EEAD115A5E1A388605EB77E5F2E8DA98C7BD93E0FDCFD01A ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
15:59:55.0573 0x0c70 SASDIFSV - ok
15:59:55.0698 0x0c70 [ 4FD72291A89793049104CA0A7E353CD4, 73FBA55854C2191B5786E79DF6861A79044DF3A3531D2F991D6F61B72BCDCF0B ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
15:59:55.0713 0x0c70 SASKUTIL - ok
15:59:55.0760 0x0c70 [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:59:55.0822 0x0c70 sbp2port - ok
15:59:55.0916 0x0c70 [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:59:55.0947 0x0c70 SCardSvr - ok
15:59:56.0197 0x0c70 [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule C:\Windows\system32\schedsvc.dll
15:59:56.0446 0x0c70 Schedule - ok
15:59:56.0478 0x0c70 [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc C:\Windows\System32\certprop.dll
15:59:56.0509 0x0c70 SCPolicySvc - ok
15:59:56.0634 0x0c70 [ 8F36B54688C31EED4580129040C6A3D3, DC150689CBAEEC94B9DE0CA6A633FAD16CDDDC452521232E0C2A44BAE61E08D9 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
15:59:56.0665 0x0c70 sdbus - ok
15:59:56.0852 0x0c70 [ 77B6853F0BDAE72C9D2D504E85C89E7E, 80ECB518EF5C9DECE4CAD604ED03C984CF90BCC346E141CEF4DC17E82110522F ] SDHookDriver C:\Program Files\Spybot - Search & Destroy 2\SDHookDrv32.sys
15:59:57.0273 0x0c70 SDHookDriver - ok
15:59:57.0445 0x0c70 [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:59:57.0710 0x0c70 SDRSVC - ok
15:59:58.0162 0x0c70 [ 11D94599270AA1603F75CB5ACBBD266F, 950746109BD7AA5BCF2F4320F40CFD268B34CB3DBE6073616B75A5254FE00469 ] SDScannerService C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
15:59:58.0584 0x0c70 SDScannerService - ok
15:59:59.0036 0x0c70 [ D91D8344E73283999777083BF17D54E2, 018F500DD49A192617E57998A2E9833C5C9EB72A2B186AF25B5CB91329B1E267 ] SDUpdateService C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
15:59:59.0535 0x0c70 SDUpdateService - ok
15:59:59.0676 0x0c70 [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
15:59:59.0769 0x0c70 SDWSCService - ok
15:59:59.0847 0x0c70 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:59:59.0956 0x0c70 secdrv - ok
16:00:00.0097 0x0c70 [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon C:\Windows\system32\seclogon.dll
16:00:00.0190 0x0c70 seclogon - ok
16:00:00.0268 0x0c70 [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS C:\Windows\System32\sens.dll
16:00:00.0378 0x0c70 SENS - ok
16:00:00.0424 0x0c70 [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum C:\Windows\system32\drivers\serenum.sys
16:00:00.0549 0x0c70 Serenum - ok
16:00:00.0705 0x0c70 [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial C:\Windows\system32\drivers\serial.sys
16:00:00.0892 0x0c70 Serial - ok
16:00:00.0955 0x0c70 [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:00:01.0002 0x0c70 sermouse - ok
16:00:01.0158 0x0c70 [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv C:\Windows\system32\sessenv.dll
16:00:01.0267 0x0c70 SessionEnv - ok
16:00:01.0392 0x0c70 [ 103B79418DA647736EE95645F305F68A, E4D356FD8C62B616D3584FE84905995A1CEE452288E3A456CC358FF41FEAB1B7 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:00:01.0532 0x0c70 sffdisk - ok
16:00:01.0688 0x0c70 [ 8FD08A310645FE872EEEC6E08C6BF3EE, 702A148C9DE172E7B5E331F057487255E0729FD42F949BB0FF2D5A01775933CF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:00:01.0828 0x0c70 sffp_mmc - ok
16:00:01.0860 0x0c70 [ 9CFA05FCFCB7124E69CFC812B72F9614, E9CFCE695E4D1AF146781CFAA295878536E573F06AEA65438878DE29EC9959AD ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:00:01.0969 0x0c70 sffp_sd - ok
16:00:02.0047 0x0c70 [ C33BFBD6E9E41FCD9FFEF9729E9FAED6, 490C29DC9E9FE8D5010E6DB18DE7DA808BCE84F014CFDEE0530735CBED788073 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
16:00:02.0094 0x0c70 sfloppy - ok
16:00:02.0140 0x0c70 [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:00:02.0218 0x0c70 SharedAccess - ok
16:00:02.0343 0x0c70 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:00:02.0468 0x0c70 ShellHWDetection - ok
16:00:02.0515 0x0c70 [ D2A595D6EEBEEAF4334F8E50EFBC9931, 851B8205C657BF806C4D815DC75356E99B4246016B6E1C1F51BAF8AD1E6D5299 ] sisagp C:\Windows\system32\drivers\sisagp.sys
16:00:02.0546 0x0c70 sisagp - ok
16:00:02.0562 0x0c70 [ CEDD6F4E7D84E9F98B34B3FE988373AA, E102977E6FAC30B5ABEEC0B412A9F2A10C5C42F4D9C3AD69296BF9E1E88B6141 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
16:00:02.0593 0x0c70 SiSRaid2 - ok
16:00:02.0608 0x0c70 [ DF843C528C4F69D12CE41CE462E973A7, A2BEC74FCB8D8B6B9D8DD4746C013DFDF1DD662AEFE9B88CA495E5B83B4A76F9 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:00:02.0640 0x0c70 SiSRaid4 - ok
16:00:03.0139 0x0c70 [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc C:\Windows\system32\SLsvc.exe
16:00:03.0638 0x0c70 slsvc - ok
16:00:03.0778 0x0c70 [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify C:\Windows\system32\SLUINotify.dll
16:00:03.0872 0x0c70 SLUINotify - ok
16:00:03.0934 0x0c70 [ 46B40982AF166BF89C3F51FB13E60D6D, C95C4EEF37D270BFB59B8A706AF76EE5859E14030C7F042C9D8C1101A672DB8E ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
16:00:03.0966 0x0c70 SmartDefragDriver - ok
16:00:04.0044 0x0c70 [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:00:04.0137 0x0c70 Smb - ok
16:00:04.0200 0x0c70 [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:00:04.0278 0x0c70 SNMPTRAP - ok
16:00:04.0496 0x0c70 [ 1D244DB37B89D84A5DD46C0FFD41D733, B66AB3BEF4C1B26578FFCAD74FAF95E3069C6BC3F933FF318F96E4CDCC3A4285 ] SPAMfighter Update Service C:\Program Files\Fighters\SPAMfighter\sfus.exe
16:00:04.0527 0x0c70 SPAMfighter Update Service - ok
16:00:04.0605 0x0c70 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr C:\Windows\system32\drivers\spldr.sys
16:00:04.0636 0x0c70 spldr - ok
16:00:04.0730 0x0c70 [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler C:\Windows\System32\spoolsv.exe
16:00:04.0839 0x0c70 Spooler - ok
16:00:04.0964 0x0c70 [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv C:\Windows\system32\DRIVERS\srv.sys
16:00:05.0089 0x0c70 srv - ok
16:00:05.0167 0x0c70 [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:00:05.0245 0x0c70 srv2 - ok
16:00:05.0307 0x0c70 [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:00:05.0401 0x0c70 srvnet - ok
16:00:05.0479 0x0c70 [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:00:05.0541 0x0c70 SSDPSRV - ok
16:00:05.0619 0x0c70 [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:00:05.0682 0x0c70 SstpSvc - ok
16:00:05.0744 0x0c70 [ EF70B3D22B4BFFDA6EA851ECB063EFAA, 1666572F8F988805C3A2E949FA6B060B35B72DBB115B86F4CFC710FB6A86C3E3 ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
16:00:05.0822 0x0c70 StillCam - ok
16:00:05.0931 0x0c70 [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc C:\Windows\System32\wiaservc.dll
16:00:06.0087 0x0c70 stisvc - ok
16:00:06.0212 0x0c70 [ 336CF3DDC43BB2EF25823892D73581F7, FE640E43B8EE9387419CCA5CCD7A693ABB27EA82452F537716249B0E69867493 ] StMp3Rec C:\Windows\system32\Drivers\StMp3Rec.sys
16:00:06.0243 0x0c70 StMp3Rec - detected UnsignedFile.Multi.Generic ( 1 )
16:00:11.0594 0x0c70 Detect skipped due to KSN trusted
16:00:11.0594 0x0c70 StMp3Rec - ok
16:00:11.0844 0x0c70 [ 64421ADAEE91E036A0799E3B82526BAD, AE4D9C280DB0AB0CAAD0BFD07B1596E379E37DA249E122F02AC5FFB3979B5083 ] Suite Service C:\Program Files\Fighters\FighterSuiteService.exe
16:00:12.0202 0x0c70 Suite Service - ok
16:00:12.0249 0x0c70 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:00:12.0265 0x0c70 swenum - ok
16:00:12.0468 0x0c70 [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv C:\Windows\System32\swprv.dll
16:00:12.0546 0x0c70 swprv - ok
16:00:12.0655 0x0c70 [ 7330D477B7496CB42BF11EFF2D374C6A, 080AAE6294358A96BE5EE0D16F5631354DF5FB8E313A51C486876739423AC5CF ] Swupdtmr c:\Toshiba\IVP\swupdate\swupdtmr.exe
16:00:12.0702 0x0c70 Swupdtmr - detected UnsignedFile.Multi.Generic ( 1 )
16:00:17.0648 0x0c70 Detect skipped due to KSN trusted
16:00:17.0648 0x0c70 Swupdtmr - ok
16:00:17.0710 0x0c70 [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
16:00:17.0741 0x0c70 Symc8xx - ok
16:00:17.0804 0x0c70 [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
16:00:17.0819 0x0c70 Sym_hi - ok
16:00:17.0851 0x0c70 [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
16:00:17.0866 0x0c70 Sym_u3 - ok
16:00:18.0131 0x0c70 [ 5EFCEDCF3DAF5C8D9E8B77A34A4EEC99, 4F9DFCBB1AAA1C6AD4123ECA4AF6A6F2334D9CED4D3D8945F45744DCDCD100A2 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
16:00:18.0163 0x0c70 SynTP - ok
16:00:18.0256 0x0c70 [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain C:\Windows\system32\sysmain.dll
16:00:18.0365 0x0c70 SysMain - ok
16:00:18.0553 0x0c70 [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:00:18.0568 0x0c70 TabletInputService - ok
16:00:18.0709 0x0c70 [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:00:18.0771 0x0c70 TapiSrv - ok
16:00:18.0896 0x0c70 [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS C:\Windows\System32\tbssvc.dll
16:00:18.0974 0x0c70 TBS - ok
16:00:19.0161 0x0c70 [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:00:19.0333 0x0c70 Tcpip - ok
16:00:19.0442 0x0c70 [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
16:00:19.0645 0x0c70 Tcpip6 - ok
16:00:19.0754 0x0c70 [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:00:19.0816 0x0c70 tcpipreg - ok
16:00:19.0879 0x0c70 [ 1825BCEB47BF41C5A9F0E44DE82FC27A, 6E5F2654852060A61728686A1877A1EA93645EEED0D2612842D951B4E83750A3 ] tdcmdpst C:\Windows\system32\DRIVERS\tdcmdpst.sys
16:00:19.0910 0x0c70 tdcmdpst - ok
16:00:19.0957 0x0c70 [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:00:20.0050 0x0c70 TDPIPE - ok
16:00:20.0175 0x0c70 [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:00:20.0269 0x0c70 TDTCP - ok
16:00:20.0378 0x0c70 [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:00:20.0409 0x0c70 tdx - ok
16:00:20.0503 0x0c70 [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:00:20.0518 0x0c70 TermDD - ok
16:00:20.0673 0x0c70 [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService C:\Windows\System32\termsrv.dll
16:00:20.0773 0x0c70 TermService - ok
16:00:20.0843 0x0c70 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes C:\Windows\system32\shsvcs.dll
16:00:20.0873 0x0c70 Themes - ok
16:00:20.0963 0x0c70 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER C:\Windows\system32\mmcss.dll
16:00:21.0053 0x0c70 THREADORDER - ok
16:00:21.0163 0x0c70 [ F779BA4CD37963AB4600C9871B7752A3, 57CDADC5F089D03A800EF52F02C0B2F77B0AA9EFDF3CFD837452D699404A058E ] tifm21 C:\Windows\system32\drivers\tifm21.sys
16:00:21.0243 0x0c70 tifm21 - ok
16:00:21.0293 0x0c70 [ D540858E65BFA6FDED41AD2495ECE344, DB85A860F4C07D1370F34AA7F39FAE5DF7E47C1BE65B4D39954FC37CA703A199 ] TODDSrv C:\Windows\system32\TODDSrv.exe
16:00:21.0303 0x0c70 TODDSrv - detected UnsignedFile.Multi.Generic ( 1 )
16:00:31.0307 0x0c70 TODDSrv ( UnsignedFile.Multi.Generic ) - warning
16:00:31.0307 0x0c70 Force sending object to P2P due to detect: TODDSrv
16:00:31.0367 0x0c70 Object send P2P result: false
16:00:31.0607 0x0c70 [ 3EDF206DA2B97519B8448ADDFCC098FF, D10D4072B4A408B851ECD3FDF5719E71092D3C2416742AFD2EC2C6E9E8E48A91 ] TosCoSrv C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
16:00:31.0757 0x0c70 TosCoSrv - detected UnsignedFile.Multi.Generic ( 1 )
16:00:31.0757 0x0c70 TosCoSrv ( UnsignedFile.Multi.Generic ) - warning
16:00:31.0757 0x0c70 Force sending object to P2P due to detect: TosCoSrv
16:00:31.0767 0x0c70 Object send P2P result: false
16:00:31.0867 0x0c70 [ 76148C3159718B701252F87B067904A6, 90DDCF15A9A447D00213CAFF9FEF24720703EB5398388126DA8F58AFE7DF09BE ] TOSHIBA Bluetooth Service C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
16:00:31.0877 0x0c70 TOSHIBA Bluetooth Service - detected UnsignedFile.Multi.Generic ( 1 )
16:00:31.0877 0x0c70 TOSHIBA Bluetooth Service ( UnsignedFile.Multi.Generic ) - warning
16:00:31.0947 0x0c70 [ 5BA1CA3B3CDDB1DDC67DF473F05D1EC2, 52D7505291268878712B4E6AE9B3E440D8D6125E2D61AA3F6719300B931385E0 ] Tosrfcom C:\Windows\system32\drivers\Tosrfcom.sys
16:00:32.0027 0x0c70 Tosrfcom - ok
16:00:32.0057 0x0c70 [ 5C4103544612E5011EF46301B93D1AA6, B26BBDE22AB60A7B692A8D6F11F40343146D0D3FD0099E3E0DB8ECCF87ECD2B3 ] tosrfec C:\Windows\system32\DRIVERS\tosrfec.sys
16:00:32.0157 0x0c70 tosrfec - ok
16:00:32.0217 0x0c70 [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks C:\Windows\System32\trkwks.dll
16:00:32.0277 0x0c70 TrkWks - ok
16:00:32.0547 0x0c70 [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:00:32.0607 0x0c70 TrustedInstaller - ok
16:00:32.0707 0x0c70 [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:00:32.0797 0x0c70 tssecsrv - ok
16:00:32.0857 0x0c70 [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
16:00:32.0937 0x0c70 tunmp - ok
16:00:32.0987 0x0c70 [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:00:33.0037 0x0c70 tunnel - ok
16:00:33.0117 0x0c70 [ 792A8B80F8188ABA4B2BE271583F3E46, BFE96D13926F3CB7D807CEBB5E190736B742EB5C93F7FED08AA5D145F4B6A874 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
16:00:33.0157 0x0c70 TVALZ - ok
16:00:33.0237 0x0c70 [ C3ADE15414120033A36C0F293D4A4121, 74A002C4B5EBD94E33EDEACB6639AF44ED72A8DDE3083C6DE71C1EE937EF1A9C ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:00:33.0257 0x0c70 uagp35 - ok
16:00:33.0417 0x0c70 [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:00:33.0477 0x0c70 udfs - ok
16:00:33.0587 0x0c70 [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:00:33.0687 0x0c70 UI0Detect - ok
16:00:34.0637 0x0c70 [ 332D341D92B933600D41953B08360DFB, 213A5C84ABB0D627C05B355084A26A5081645D4EC398FF19EF6BBCB690B10055 ] UleadBurningHelper C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
16:00:34.0687 0x0c70 UleadBurningHelper - detected UnsignedFile.Multi.Generic ( 1 )
16:00:34.0687 0x0c70 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - warning
16:00:34.0687 0x0c70 Force sending object to P2P due to detect: UleadBurningHelper
16:00:34.0687 0x0c70 Object send P2P result: false
16:00:34.0737 0x0c70 [ 75E6890EBFCE0841D3291B02E7A8BDB0, FDF9CDCCCCC0AA2A52623C5A67AC5F5224557EE4C8F6487CB13CAEB012575E2A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:00:34.0827 0x0c70 uliagpkx - ok
16:00:34.0937 0x0c70 [ 3CD4EA35A6221B85DCC25DAA46313F8D, 100A7E12B8EA395F70A00874328E87B930CE88FF442F3576FE88B105A22E04C5 ] uliahci C:\Windows\system32\drivers\uliahci.sys
16:00:34.0997 0x0c70 uliahci - ok
16:00:35.0077 0x0c70 [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata C:\Windows\system32\drivers\ulsata.sys
16:00:35.0107 0x0c70 UlSata - ok
16:00:35.0177 0x0c70 [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
16:00:35.0207 0x0c70 ulsata2 - ok
16:00:35.0267 0x0c70 [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:00:35.0337 0x0c70 umbus - ok
16:00:35.0497 0x0c70 [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost C:\Windows\System32\upnphost.dll
16:00:35.0587 0x0c70 upnphost - ok
16:00:35.0717 0x0c70 [ 1114579556DB85E9FAF9590DBC64CD62, 10479A3C12BBBB9B5759082358FE11AC20BAEFA6B4977C8AE6E60AA17BE6C7FA ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
16:00:35.0807 0x0c70 usbaudio - ok
16:00:35.0897 0x0c70 [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:00:35.0967 0x0c70 usbccgp - ok
16:00:36.0037 0x0c70 [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:00:36.0197 0x0c70 usbcir - ok
16:00:36.0267 0x0c70 [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:00:36.0297 0x0c70 usbehci - ok
16:00:36.0367 0x0c70 [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:00:36.0487 0x0c70 usbhub - ok
16:00:36.0557 0x0c70 [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:00:36.0747 0x0c70 usbohci - ok
16:00:36.0817 0x0c70 [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:00:36.0927 0x0c70 usbprint - ok
16:00:37.0037 0x0c70 [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
16:00:37.0137 0x0c70 usbscan - ok
16:00:37.0217 0x0c70 [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:00:37.0287 0x0c70 USBSTOR - ok
16:00:37.0387 0x0c70 [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
16:00:37.0457 0x0c70 usbuhci - ok
16:00:37.0547 0x0c70 [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms C:\Windows\System32\uxsms.dll
16:00:37.0627 0x0c70 UxSms - ok
16:00:37.0727 0x0c70 [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds C:\Windows\System32\vds.exe
16:00:37.0877 0x0c70 vds - ok
16:00:37.0977 0x0c70 [ 7D92BE0028ECDEDEC74617009084B5EF, D0749CE6FA3415BA4364299F8D6D53F133E8D2F44C6F1057996243415A540A53 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:00:38.0217 0x0c70 vga - ok
16:00:38.0287 0x0c70 [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave C:\Windows\System32\drivers\vga.sys
16:00:38.0367 0x0c70 VgaSave - ok
16:00:38.0437 0x0c70 [ 045D9961E591CF0674A920B6BA3BA5CB, EBF498A0424CEA0F7ECBAAE144A8669CE6B5DD67115DE22CEC5A46AED26CD90B ] viaagp C:\Windows\system32\drivers\viaagp.sys
16:00:38.0467 0x0c70 viaagp - ok
16:00:38.0547 0x0c70 [ 56A4DE5F02F2E88182B0981119B4DD98, 36FC94BCFD41907838DBCB02E6EA24065FDED4224239CD19E90D14433BE9108B ] ViaC7 C:\Windows\system32\drivers\viac7.sys
16:00:38.0697 0x0c70 ViaC7 - ok
16:00:38.0817 0x0c70 [ FD2E3175FCADA350C7AB4521DCA187EC, 1C914B184478611A27E0141F90EBC34FC63DFB2A83441DD36DFA43D945FB1C52 ] viaide C:\Windows\system32\drivers\viaide.sys
16:00:38.0847 0x0c70 viaide - ok
16:00:38.0907 0x0c70 [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:00:38.0967 0x0c70 volmgr - ok
16:00:39.0097 0x0c70 [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:00:39.0137 0x0c70 volmgrx - ok
16:00:39.0227 0x0c70 [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:00:39.0287 0x0c70 volsnap - ok
16:00:39.0547 0x0c70 [ D984439746D42B30FC65A4C3546C6829, B134A9890638C2B4964A9C30812A2828A3E0CC641690CBF22D9FCE65EE3C2385 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:00:39.0697 0x0c70 vsmraid - ok
16:00:39.0937 0x0c70 [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS C:\Windows\system32\vssvc.exe
16:00:40.0947 0x0c70 VSS - ok
16:00:41.0157 0x0c70 [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time C:\Windows\system32\w32time.dll
16:00:41.0277 0x0c70 W32Time - ok
16:00:41.0317 0x0c70 [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:00:41.0417 0x0c70 WacomPen - ok
16:00:41.0727 0x0c70 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
16:00:41.0777 0x0c70 Wanarp - ok
16:00:41.0827 0x0c70 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:00:41.0867 0x0c70 Wanarpv6 - ok
16:00:42.0087 0x0c70 [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:00:42.0247 0x0c70 wcncsvc - ok
16:00:42.0327 0x0c70 [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:00:42.0377 0x0c70 WcsPlugInService - ok
16:00:42.0427 0x0c70 [ AFC5AD65B991C1E205CF25CFDBF7A6F4, 544173AE85A11B99B9221DB30B6803DAEB3EB7FCA57FE62F0D13EF70B9C69A89 ] Wd C:\Windows\system32\drivers\wd.sys
16:00:42.0457 0x0c70 Wd - ok
16:00:42.0557 0x0c70 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:00:42.0807 0x0c70 Wdf01000 - ok
16:00:42.0917 0x0c70 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:00:43.0037 0x0c70 WdiServiceHost - ok
16:00:43.0057 0x0c70 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:00:43.0117 0x0c70 WdiSystemHost - ok
16:00:43.0257 0x0c70 [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient C:\Windows\System32\webclnt.dll
16:00:43.0317 0x0c70 WebClient - ok
16:00:43.0437 0x0c70 [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:00:43.0657 0x0c70 Wecsvc - ok
16:00:43.0747 0x0c70 [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:00:43.0897 0x0c70 wercplsupport - ok
16:00:43.0987 0x0c70 [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc C:\Windows\System32\WerSvc.dll
16:00:44.0137 0x0c70 WerSvc - ok
16:00:44.0237 0x0c70 [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
16:00:44.0277 0x0c70 WinDefend - ok
16:00:44.0297 0x0c70 WinHttpAutoProxySvc - ok
16:00:44.0377 0x0c70 [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:00:44.0437 0x0c70 Winmgmt - ok
16:00:44.0867 0x0c70 [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM C:\Windows\system32\WsmSvc.dll
16:00:45.0837 0x0c70 WinRM - ok
16:00:45.0957 0x0c70 [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:00:46.0117 0x0c70 Wlansvc - ok
16:00:46.0167 0x0c70 [ 701A9F884A294327E9141D73746EE279, C8A46B8C32F9EAC7848D385473F6B5C4B6DA719A941A75AD5F081757FC07A09D ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:00:46.0237 0x0c70 WmiAcpi - ok
16:00:46.0307 0x0c70 [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:00:46.0357 0x0c70 wmiApSrv - ok
16:00:46.0517 0x0c70 [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
16:00:46.0807 0x0c70 WMPNetworkSvc - ok
16:00:46.0877 0x0c70 [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:00:46.0957 0x0c70 WPCSvc - ok
16:00:47.0127 0x0c70 [ 396D406292B0CD26E3504FFE82784702, 5F9015BB515AC13D4DFE8F4B532352CF2C5B61DEFD3D0D61BCD82C781D36E7AF ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:00:47.0367 0x0c70 WPDBusEnum - ok
16:00:47.0437 0x0c70 [ 0CEC23084B51B8288099EB710224E955, E1AAB1E08E1745313D0A149A645AA878148D2DBE5CCC23C4ECCFC5003945C22B ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
16:00:47.0527 0x0c70 WpdUsb - ok
16:00:47.0797 0x0c70 [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
16:00:47.0947 0x0c70 WPFFontCache_v0400 - ok
16:00:48.0047 0x0c70 [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:00:48.0107 0x0c70 ws2ifsl - ok
16:00:48.0197 0x0c70 [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc C:\Windows\System32\wscsvc.dll
16:00:48.0287 0x0c70 wscsvc - ok
16:00:48.0307 0x0c70 WSearch - ok
16:00:48.0577 0x0c70 [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv C:\Windows\system32\wuaueng.dll
16:00:50.0307 0x0c70 wuauserv - ok
16:00:50.0407 0x0c70 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:00:50.0527 0x0c70 WudfPf - ok
16:00:50.0617 0x0c70 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:00:50.0677 0x0c70 WUDFRd - ok
16:00:50.0887 0x0c70 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:00:51.0037 0x0c70 wudfsvc - ok
16:00:51.0277 0x0c70 ================ Scan global ===============================
16:00:51.0417 0x0c70 [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
16:00:51.0767 0x0c70 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
16:00:51.0867 0x0c70 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
16:00:51.0957 0x0c70 [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
16:00:52.0017 0x0c70 [ Global ] - ok

**blueskygal** · 2014-07-12, 01:35

16:00:52.0027 0x0c70 ================ Scan MBR ==================================
16:00:52.0047 0x0c70 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
16:00:58.0997 0x0c70 \Device\Harddisk0\DR0 - ok
16:00:58.0997 0x0c70 ================ Scan VBR ==================================
16:00:59.0027 0x0c70 [ 1E3A50083251ED0FEAB68B0338011B81 ] \Device\Harddisk0\DR0\Partition1
16:00:59.0107 0x0c70 \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
16:00:59.0107 0x0c70 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
16:00:59.0107 0x0c70 ================ Scan active images ========================
16:00:59.0117 0x0c70 [ 36975327EF03949CC378AB01E316B574, C64CEF47DE41486F4532B9A38EBB05F2043B1A84762B8A4749BB01573B7F8FB5 ] C:\Windows\System32\drivers\crashdmp.sys
16:00:59.0117 0x0c70 C:\Windows\System32\drivers\crashdmp.sys - ok
16:00:59.0127 0x0c70 [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] C:\Windows\System32\drivers\tunnel.sys
16:00:59.0127 0x0c70 C:\Windows\System32\drivers\tunnel.sys - ok
16:00:59.0137 0x0c70 [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] C:\Windows\System32\drivers\TUNMP.SYS
16:00:59.0137 0x0c70 C:\Windows\System32\drivers\TUNMP.SYS - ok
16:00:59.0147 0x0c70 [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] C:\Windows\System32\drivers\intelppm.sys
16:00:59.0147 0x0c70 C:\Windows\System32\drivers\intelppm.sys - ok
16:00:59.0167 0x0c70 [ 9378D57E2B96C0A185D844770AD49948, AED244DDF125C867091D0A926B275EC1C60C89844C69595B1D1FC586F60F118A ] C:\Windows\System32\drivers\igdkmd32.sys
16:00:59.0167 0x0c70 C:\Windows\System32\drivers\igdkmd32.sys - ok
16:00:59.0177 0x0c70 [ 988670D8343EF9835FB3659DB71B2EFA, 5F5370FDD08C4BFF0828341952E98E95F722CB779EEC08C9DD6212C4DF3CD33B ] C:\Windows\System32\drivers\dxgkrnl.sys
16:00:59.0177 0x0c70 C:\Windows\System32\drivers\dxgkrnl.sys - ok
16:00:59.0187 0x0c70 [ 4A5C31E2C1646034E6A60EBA4C747FF6, CC5473E0B07014AAD4FCC2EE01C9E607FE43422A5A5851B2AD38E37C0AB7CDCF ] C:\Windows\System32\drivers\watchdog.sys
16:00:59.0187 0x0c70 C:\Windows\System32\drivers\watchdog.sys - ok
16:00:59.0197 0x0c70 [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] C:\Windows\System32\drivers\hdaudbus.sys
16:00:59.0197 0x0c70 C:\Windows\System32\drivers\hdaudbus.sys - ok
16:00:59.0217 0x0c70 [ 8BE56F8300E1C37B578DA23C71816B7A, C214C8B070E60ED2C8144D875969DAB3B3999532AE0B7E8732813DCC0408826F ] C:\Windows\System32\drivers\athr.sys
16:00:59.0217 0x0c70 C:\Windows\System32\drivers\athr.sys - ok
16:00:59.0227 0x0c70 [ 5163F804256DEB8CF1EF64B780A18CAA, 52C81583CEFA5E3EC503F48D759B93DA47C15BEA109022514CFAFFFDD5E9CB27 ] C:\Windows\System32\drivers\Rtlh86.sys
16:00:59.0227 0x0c70 C:\Windows\System32\drivers\Rtlh86.sys - ok
16:00:59.0237 0x0c70 [ B09C74A41F26B08149707EA5E7F956C2, E6ECA1E437E5390A3A43DAA5E1B5C384D70C114707CA34018DB1A6AE37219E9B ] C:\Windows\System32\drivers\usbport.sys
16:00:59.0237 0x0c70 C:\Windows\System32\drivers\usbport.sys - ok
16:00:59.0247 0x0c70 [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] C:\Windows\System32\drivers\usbuhci.sys
16:00:59.0247 0x0c70 C:\Windows\System32\drivers\usbuhci.sys - ok
16:00:59.0257 0x0c70 [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] C:\Windows\System32\drivers\usbehci.sys
16:00:59.0257 0x0c70 C:\Windows\System32\drivers\usbehci.sys - ok
16:00:59.0277 0x0c70 [ 0349BE02F329F4F48F1D48097FD65974, 228A8620AF8B25223BC4D5F0ACDD60FBFBBDFB0BD63BD78029BE79FB7550095F ] C:\Windows\System32\drivers\1394bus.sys
16:00:59.0277 0x0c70 C:\Windows\System32\drivers\1394bus.sys - ok
16:00:59.0297 0x0c70 [ 6F310E890D46E246E0E261A63D9B36B4, 7050B0C43CC0DF2DDAD3EB8D2FF9EEE425A627C68654CBB154D55A4B1A47AA08 ] C:\Windows\System32\drivers\ohci1394.sys
16:00:59.0297 0x0c70 C:\Windows\System32\drivers\ohci1394.sys - ok
16:00:59.0307 0x0c70 [ F779BA4CD37963AB4600C9871B7752A3, 57CDADC5F089D03A800EF52F02C0B2F77B0AA9EFDF3CFD837452D699404A058E ] C:\Windows\System32\drivers\tifm21.sys
16:00:59.0307 0x0c70 C:\Windows\System32\drivers\tifm21.sys - ok
16:00:59.0317 0x0c70 [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] C:\Windows\System32\drivers\CmBatt.sys
16:00:59.0317 0x0c70 C:\Windows\System32\drivers\CmBatt.sys - ok
16:00:59.0327 0x0c70 [ 8F36B54688C31EED4580129040C6A3D3, DC150689CBAEEC94B9DE0CA6A633FAD16CDDDC452521232E0C2A44BAE61E08D9 ] C:\Windows\System32\drivers\sdbus.sys
16:00:59.0327 0x0c70 C:\Windows\System32\drivers\sdbus.sys - ok
16:00:59.0337 0x0c70 [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] C:\Windows\System32\drivers\i8042prt.sys
16:00:59.0337 0x0c70 C:\Windows\System32\drivers\i8042prt.sys - ok
16:00:59.0357 0x0c70 [ 390C204CED3785609AB24E9C52054A84, D997A9EAAE4A7FED9C2FEBD1AA7D1171431B9C9D56F8BFB587DCAE26203FF4D2 ] C:\Windows\System32\drivers\PS2.sys
16:00:59.0357 0x0c70 C:\Windows\System32\drivers\PS2.sys - ok
16:00:59.0367 0x0c70 [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] C:\Windows\System32\drivers\kbdclass.sys
16:00:59.0367 0x0c70 C:\Windows\System32\drivers\kbdclass.sys - ok
16:00:59.0377 0x0c70 [ 5EFCEDCF3DAF5C8D9E8B77A34A4EEC99, 4F9DFCBB1AAA1C6AD4123ECA4AF6A6F2334D9CED4D3D8945F45744DCDCD100A2 ] C:\Windows\System32\drivers\SynTP.sys
16:00:59.0377 0x0c70 C:\Windows\System32\drivers\SynTP.sys - ok
16:00:59.0397 0x0c70 [ FE619ED13CE12F5B43C04E3EA061BBD6, DDED6F0C5987CCF81AC1FA8C670D84153C8F7A3492C4139B273DA7F8C98BE55A ] C:\Windows\System32\drivers\usbd.sys
16:00:59.0397 0x0c70 C:\Windows\System32\drivers\usbd.sys - ok
16:00:59.0407 0x0c70 [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] C:\Windows\System32\drivers\mouclass.sys
16:00:59.0407 0x0c70 C:\Windows\System32\drivers\mouclass.sys - ok
16:00:59.0417 0x0c70 [ 1825BCEB47BF41C5A9F0E44DE82FC27A, 6E5F2654852060A61728686A1877A1EA93645EEED0D2612842D951B4E83750A3 ] C:\Windows\System32\drivers\tdcmdpst.sys
16:00:59.0417 0x0c70 C:\Windows\System32\drivers\tdcmdpst.sys - ok
16:00:59.0427 0x0c70 [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] C:\Windows\System32\drivers\cdrom.sys
16:00:59.0427 0x0c70 C:\Windows\System32\drivers\cdrom.sys - ok
16:00:59.0447 0x0c70 [ AB8A6A87D9D7255C3884D5B9541A6E80, D073B5D8A06EFA6415E8F22DFE486DE913113AE23F59CFC5EEF1B3E694CE86F3 ] C:\Windows\System32\drivers\GEARAspiWDM.sys
16:00:59.0447 0x0c70 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
16:00:59.0477 0x0c70 [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] C:\Windows\System32\drivers\msiscsi.sys
16:00:59.0477 0x0c70 C:\Windows\System32\drivers\msiscsi.sys - ok
16:00:59.0497 0x0c70 [ 47E55AFE1ED1D5AFF09690DB226F4A7A, 6D9EF6C4A70BD9C5DD98F70516257C377D97C30AFD4ABA7E1C721D84672C9084 ] C:\Windows\System32\drivers\Storport.sys
16:00:59.0497 0x0c70 C:\Windows\System32\drivers\Storport.sys - ok
16:00:59.0517 0x0c70 [ 77937EFF009AC696B90E09F671F9D0A4, EF51316C44529E17B2C09EA06D55B4EF7BCC8B6EB8FEC02DE64005F99AA32C95 ] C:\Windows\System32\drivers\tdi.sys
16:00:59.0527 0x0c70 C:\Windows\System32\drivers\tdi.sys - ok
16:00:59.0527 0x0c70 [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] C:\Windows\System32\drivers\ndistapi.sys
16:00:59.0527 0x0c70 C:\Windows\System32\drivers\ndistapi.sys - ok
16:00:59.0547 0x0c70 [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] C:\Windows\System32\drivers\rasl2tp.sys
16:00:59.0547 0x0c70 C:\Windows\System32\drivers\rasl2tp.sys - ok
16:00:59.0557 0x0c70 [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] C:\Windows\System32\drivers\ndiswan.sys
16:00:59.0557 0x0c70 C:\Windows\System32\drivers\ndiswan.sys - ok
16:00:59.0577 0x0c70 [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] C:\Windows\System32\drivers\raspppoe.sys
16:00:59.0577 0x0c70 C:\Windows\System32\drivers\raspppoe.sys - ok
16:00:59.0597 0x0c70 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] C:\Windows\System32\drivers\raspptp.sys
16:00:59.0597 0x0c70 C:\Windows\System32\drivers\raspptp.sys - ok
16:00:59.0607 0x0c70 [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] C:\Windows\System32\drivers\rassstp.sys
16:00:59.0607 0x0c70 C:\Windows\System32\drivers\rassstp.sys - ok
16:00:59.0617 0x0c70 [ EF70B3D22B4BFFDA6EA851ECB063EFAA, 1666572F8F988805C3A2E949FA6B060B35B72DBB115B86F4CFC710FB6A86C3E3 ] C:\Windows\System32\drivers\serscan.sys
16:00:59.0617 0x0c70 C:\Windows\System32\drivers\serscan.sys - ok
16:00:59.0627 0x0c70 [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] C:\Windows\System32\drivers\termdd.sys
16:00:59.0627 0x0c70 C:\Windows\System32\drivers\termdd.sys - ok
16:00:59.0647 0x0c70 [ EF73C1E29FBE7B0FD0274BF4394E346A, F0C0524E6FE2E0EB9230995230868A4FFAA510129B7464BD7DB8AE9C8EAE4CF5 ] C:\Windows\System32\drivers\ks.sys
16:00:59.0647 0x0c70 C:\Windows\System32\drivers\ks.sys - ok
16:00:59.0657 0x0c70 [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] C:\Windows\System32\drivers\mssmbios.sys
16:00:59.0657 0x0c70 C:\Windows\System32\drivers\mssmbios.sys - ok
16:00:59.0667 0x0c70 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] C:\Windows\System32\drivers\swenum.sys
16:00:59.0667 0x0c70 C:\Windows\System32\drivers\swenum.sys - ok
16:00:59.0677 0x0c70 [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] C:\Windows\System32\drivers\umbus.sys
16:00:59.0677 0x0c70 C:\Windows\System32\drivers\umbus.sys - ok
16:00:59.0687 0x0c70 [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] C:\Windows\System32\drivers\usbhub.sys
16:00:59.0687 0x0c70 C:\Windows\System32\drivers\usbhub.sys - ok
16:00:59.0697 0x0c70 [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] C:\Windows\System32\drivers\ndproxy.sys
16:00:59.0707 0x0c70 C:\Windows\System32\drivers\ndproxy.sys - ok
16:00:59.0717 0x0c70 [ 2A63675F6FA8EF0FF9F5C72695584CAA, 35828A7FF9242EF161639E3B9E6D98EFCFE82D683F7E219FCAEF9F6D9C89007B ] C:\Windows\System32\drivers\drmk.sys
16:00:59.0717 0x0c70 C:\Windows\System32\drivers\drmk.sys - ok
16:00:59.0737 0x0c70 [ 6DBA75306DD9B242B6F1C343179AD201, DC20492A07685588E6FE9F7B7AE01CA23EC9315CEA198F3BC58EE1CB6D0A1FD4 ] C:\Windows\System32\drivers\portcls.sys
16:00:59.0737 0x0c70 C:\Windows\System32\drivers\portcls.sys - ok
16:00:59.0757 0x0c70 [ A47B2875680AD67B35C6150BD0203056, 2087CF6D1EEA7C0DB09EB3211713B2D0F36877960878A08CF6CEC99252316417 ] C:\Windows\System32\drivers\RTKVHDA.sys
16:00:59.0757 0x0c70 C:\Windows\System32\drivers\RTKVHDA.sys - ok
16:00:59.0767 0x0c70 [ 4E6294A06BE883C9BD685A8DFD9FCD4E, 981293F10047FEB0DA7D421E0F36653360BCF709F7BB8F0750CE6D298F739D73 ] C:\Windows\System32\drivers\AGRSM.sys
16:00:59.0767 0x0c70 C:\Windows\System32\drivers\AGRSM.sys - ok
16:00:59.0777 0x0c70 [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] C:\Windows\System32\drivers\modem.sys
16:00:59.0777 0x0c70 C:\Windows\System32\drivers\modem.sys - ok
16:00:59.0797 0x0c70 [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] C:\Windows\System32\drivers\beep.sys
16:00:59.0797 0x0c70 C:\Windows\System32\drivers\beep.sys - ok
16:00:59.0807 0x0c70 [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] C:\Windows\System32\drivers\fs_rec.sys
16:00:59.0807 0x0c70 C:\Windows\System32\drivers\fs_rec.sys - ok
16:00:59.0827 0x0c70 [ BE4AD4045D7A6C6AF4ECCBD5F6B7F8D8, 980EB88D5B52AA1E9BE7FC7B92BFF02578DD643928A1B14488F0729F0B762EEE ] C:\Windows\System32\drivers\hidparse.sys
16:00:59.0827 0x0c70 C:\Windows\System32\drivers\hidparse.sys - ok
16:00:59.0827 0x0c70 [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] C:\Windows\System32\drivers\kbdhid.sys
16:00:59.0827 0x0c70 C:\Windows\System32\drivers\kbdhid.sys - ok
16:00:59.0847 0x0c70 [ C048D2C33D27441A0CDCAAE2651EB03D, CD7F755400EF36C9EC689480AC425B8A8395F649B2843DE762997524C9B381DF ] C:\Windows\System32\drivers\videoprt.sys
16:00:59.0847 0x0c70 C:\Windows\System32\drivers\videoprt.sys - ok
16:00:59.0857 0x0c70 [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] C:\Windows\System32\drivers\vga.sys
16:00:59.0857 0x0c70 C:\Windows\System32\drivers\vga.sys - ok
16:00:59.0877 0x0c70 [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] C:\Windows\System32\drivers\RDPCDD.sys
16:00:59.0877 0x0c70 C:\Windows\System32\drivers\RDPCDD.sys - ok
16:00:59.0887 0x0c70 [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] C:\Windows\System32\drivers\RDPENCDD.sys
16:00:59.0887 0x0c70 C:\Windows\System32\drivers\RDPENCDD.sys - ok
16:00:59.0897 0x0c70 [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] C:\Windows\System32\drivers\msfs.sys
16:00:59.0897 0x0c70 C:\Windows\System32\drivers\msfs.sys - ok
16:00:59.0917 0x0c70 [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] C:\Windows\System32\drivers\npfs.sys
16:00:59.0917 0x0c70 C:\Windows\System32\drivers\npfs.sys - ok
16:00:59.0937 0x0c70 [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] C:\Windows\System32\drivers\rasacd.sys
16:00:59.0937 0x0c70 C:\Windows\System32\drivers\rasacd.sys - ok
16:00:59.0947 0x0c70 [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] C:\Windows\System32\drivers\tdx.sys
16:00:59.0947 0x0c70 C:\Windows\System32\drivers\tdx.sys - ok
16:00:59.0957 0x0c70 [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] C:\Windows\System32\drivers\netbt.sys
16:00:59.0957 0x0c70 C:\Windows\System32\drivers\netbt.sys - ok
16:00:59.0967 0x0c70 [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] C:\Windows\System32\drivers\smb.sys
16:00:59.0967 0x0c70 C:\Windows\System32\drivers\smb.sys - ok
16:00:59.0977 0x0c70 [ 3911B972B55FEA0478476B2E777B29FA, 62545B90C7DD3F73777E62CD8264E611A4D71B6956CABFD2D820D25F41F471FD ] C:\Windows\System32\drivers\afd.sys
16:00:59.0977 0x0c70 C:\Windows\System32\drivers\afd.sys - ok
16:00:59.0997 0x0c70 [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] C:\Windows\System32\drivers\pacer.sys
16:00:59.0997 0x0c70 C:\Windows\System32\drivers\pacer.sys - ok
16:01:00.0007 0x0c70 [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] C:\Windows\System32\drivers\netbios.sys
16:01:00.0007 0x0c70 C:\Windows\System32\drivers\netbios.sys - ok
16:01:00.0027 0x0c70 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] C:\Windows\System32\drivers\wanarp.sys
16:01:00.0027 0x0c70 C:\Windows\System32\drivers\wanarp.sys - ok
16:01:00.0037 0x0c70 [ 5BA1CA3B3CDDB1DDC67DF473F05D1EC2, 52D7505291268878712B4E6AE9B3E440D8D6125E2D61AA3F6719300B931385E0 ] C:\Windows\System32\drivers\tosrfcom.sys
16:01:00.0037 0x0c70 C:\Windows\System32\drivers\tosrfcom.sys - ok
16:01:00.0047 0x0c70 [ 77B6853F0BDAE72C9D2D504E85C89E7E, 80ECB518EF5C9DECE4CAD604ED03C984CF90BCC346E141CEF4DC17E82110522F ] C:\Program Files\Spybot - Search & Destroy 2\SDHookDrv32.sys
16:01:00.0047 0x0c70 C:\Program Files\Spybot - Search & Destroy 2\SDHookDrv32.sys - ok
16:01:00.0057 0x0c70 [ 4FD72291A89793049104CA0A7E353CD4, 73FBA55854C2191B5786E79DF6861A79044DF3A3531D2F991D6F61B72BCDCF0B ] C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
16:01:00.0057 0x0c70 C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS - ok
16:01:00.0077 0x0c70 [ A3281AEC37E0720A2BC28034C2DF2A56, E8C122D17DD695D4EEAD115A5E1A388605EB77E5F2E8DA98C7BD93E0FDCFD01A ] C:\Program Files\SUPERAntiSpyware\sasdifsv.sys
16:01:00.0077 0x0c70 C:\Program Files\SUPERAntiSpyware\sasdifsv.sys - ok
16:01:00.0087 0x0c70 [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] C:\Windows\System32\drivers\rdbss.sys
16:01:00.0087 0x0c70 C:\Windows\System32\drivers\rdbss.sys - ok
16:01:00.0097 0x0c70 [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] C:\Windows\System32\drivers\nsiproxy.sys
16:01:00.0097 0x0c70 C:\Windows\System32\drivers\nsiproxy.sys - ok
16:01:00.0117 0x0c70 [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] C:\Windows\System32\drivers\dfsc.sys
16:01:00.0117 0x0c70 C:\Windows\System32\drivers\dfsc.sys - ok
16:01:00.0127 0x0c70 [ BE7480C91E89EB82FC080F772C220AE4, 31A63BAA21B73B7395A2271A219E0A9B100E9CDEB275FF906F5C05B0A433BAB5 ] C:\Windows\System32\smss.exe
16:01:00.0127 0x0c70 C:\Windows\System32\smss.exe - ok
16:01:00.0137 0x0c70 [ B9FDFF876B0E7B4FECBAA5708C6ED616, 588B9677758DB19186ABE59D256D7E7CF224CA1923A60E37BFBDD03E8DAB9DB7 ] C:\Windows\System32\ntdll.dll
16:01:00.0137 0x0c70 C:\Windows\System32\ntdll.dll - ok
16:01:00.0157 0x0c70 [ 10761177A6EBE45843F443E99509F5E7, BB51065931E61EDBC920924D96B502D46E2967FFAFCE589171FC0D3AD43463CB ] C:\Windows\System32\autochk.exe
16:01:00.0157 0x0c70 C:\Windows\System32\autochk.exe - ok
16:01:00.0167 0x0c70 [ 55CEF8FE478E41C8EBCF7B27AF991A3F, 2527C2AAF7FF599CE91BF047017941C388B81836EE11F28948940AE0F97AAA05 ] C:\Windows\System32\sdnclean.exe
16:01:00.0167 0x0c70 C:\Windows\System32\sdnclean.exe - ok
16:01:00.0217 0x0c70 [ 50CAA7072C171B9887215C83D52069E4, AA1961787F24A6AFF9DD5D0A6110686EA654595D2EB941F5DA702498A662880D ] C:\Windows\System32\advapi32.dll
16:01:00.0217 0x0c70 C:\Windows\System32\advapi32.dll - ok
16:01:00.0247 0x0c70 [ FB3E5FD7F74BFC301AD3FB7DE670EDCB, 286EB6EA24FC2A29FE8ABBE84DDEDB1B1061ACA2C6CE2D3975CD55C477CD6944 ] C:\Windows\System32\usp10.dll
16:01:00.0247 0x0c70 C:\Windows\System32\usp10.dll - ok
16:01:00.0257 0x0c70 [ B218342214D9BBA0F54EA12BA2E9278C, 0B68D881F3B60068C250A97492B81DB8463FFB4FDADC26CD14E2255472A6A2A0 ] C:\Windows\System32\oleaut32.dll
16:01:00.0257 0x0c70 C:\Windows\System32\oleaut32.dll - ok
16:01:00.0277 0x0c70 [ 75510147B94598407666F4802797C75A, D9F989669EB0AAF384AA5462DD632999BF9C5A6BDB75C4F8857A6E9BDBE82B64 ] C:\Windows\System32\user32.dll
16:01:00.0277 0x0c70 C:\Windows\System32\user32.dll - ok
16:01:00.0287 0x0c70 [ 695DB97B018FB06F693F37108322AA1E, 20F438F5B143944DEA74D77851AB7668893A816B1E43ED87273E1EECDB8B7704 ] C:\Windows\System32\kernel32.dll
16:01:00.0287 0x0c70 C:\Windows\System32\kernel32.dll - ok
16:01:00.0297 0x0c70 [ 9F5AC4090D7C9F2591060DAC310FD294, EDE40CCC3435E04BE53A33B247435B5E2188E1E0BBFDF1D1F7EA60DA14C01AF2 ] C:\Windows\System32\urlmon.dll
16:01:00.0297 0x0c70 C:\Windows\System32\urlmon.dll - ok
16:01:00.0317 0x0c70 [ 872363237F24BCB03D73E2A3B4FBF38D, E5A64299C4D4F501E0A55FC8FE6823949C98327BCB68507A7AF9EECC893A2378 ] C:\Windows\System32\gdi32.dll
16:01:00.0317 0x0c70 C:\Windows\System32\gdi32.dll - ok
16:01:00.0337 0x0c70 [ 8C4836F71F2DB629A99CF5A774594C66, 4045FB24E7F90EEA07D011AF73B2A309A908795362AE85114276650F78AA607C ] C:\Windows\System32\shell32.dll
16:01:00.0337 0x0c70 C:\Windows\System32\shell32.dll - ok
16:01:00.0347 0x0c70 [ EB0E02749CE5C488741C9A0ABEAB5DEC, 558C6304AFD4DA12F8976F699E39D6C1749F28A2AD4308B1C9E6D56288405FBD ] C:\Windows\System32\lpk.dll
16:01:00.0347 0x0c70 C:\Windows\System32\lpk.dll - ok
16:01:00.0367 0x0c70 [ C8BDCECEE082B54F0BAC838BF0A34597, 8C451FA2BA8E38D83E50EBF1D9F56FCBCBC7E2C6898C15254FE9F337F279E0C1 ] C:\Windows\System32\imm32.dll
16:01:00.0367 0x0c70 C:\Windows\System32\imm32.dll - ok
16:01:00.0387 0x0c70 [ B304D47D5744BA20FCB99FB8B2C07B0B, 16AAD9264CAB5B5489E2CF8F118132EA46FE9066B4C4320C0259BE88EBD111C8 ] C:\Windows\System32\ws2_32.dll
16:01:00.0387 0x0c70 C:\Windows\System32\ws2_32.dll - ok
16:01:00.0397 0x0c70 [ 4AA2A0E26CEF1A803741253DCF9A1503, 8718BF6DC8678BDC5AF627F82D14E2D857D94A760529FF00F1D7B066F46CA832 ] C:\Windows\System32\comdlg32.dll
16:01:00.0397 0x0c70 C:\Windows\System32\comdlg32.dll - ok
16:01:00.0417 0x0c70 [ 551F51B66E5EA87A38D8197EB3BDB57A, 2006D0418848EAA2361C26D18246D0BAA646B6F25F2C0035BDC82967E9BD73F1 ] C:\Windows\System32\setupapi.dll
16:01:00.0417 0x0c70 C:\Windows\System32\setupapi.dll - ok
16:01:00.0427 0x0c70 [ 09EA40F4DAD2EDB3587E5E0BAA9C3E15, 45EDA279BD838BD65702762E4EFEDA8F4178F9478E21678B8C75D1AA4015906E ] C:\Windows\System32\imagehlp.dll
16:01:00.0427 0x0c70 C:\Windows\System32\imagehlp.dll - ok
16:01:00.0447 0x0c70 [ CFD26829131439B71D0109F9D5345573, D79B316D1F931EF4F030AF89A16E22594EB1F0867B5F44F49CC0E9000D7BC62E ] C:\Windows\System32\wininet.dll
16:01:00.0447 0x0c70 C:\Windows\System32\wininet.dll - ok
16:01:00.0457 0x0c70 [ E3C3BD69701CE6B7B17101E4F7740534, 9D6A308A961A1942D7BF8ABEABE6CA87EB13F7710D40F2F767CE4545C18864C6 ] C:\Windows\System32\msctf.dll
16:01:00.0457 0x0c70 C:\Windows\System32\msctf.dll - ok
16:01:00.0467 0x0c70 [ C394079EB162E812D682C73FA96AF6E4, 639F482DBC82E1E8E7254A5F6FF0F60661EA4BE44D86CA13238913DABFA522F8 ] C:\Windows\System32\clbcatq.dll
16:01:00.0467 0x0c70 C:\Windows\System32\clbcatq.dll - ok
16:01:00.0487 0x0c70 [ 6F29236AB5926100972924BD29D9D225, E8B517FC36F25C4AE07021473B0BCDCDDD4B6E3FE004E6B0AD449C030267674C ] C:\Windows\System32\normaliz.dll
16:01:00.0487 0x0c70 C:\Windows\System32\normaliz.dll - ok
16:01:00.0497 0x0c70 [ 9586E7CB2255A8B097A7E4538202585E, 7A65B6268940279D77CE08D695306150A8F8DD9A6878D2A322799AC576960C6B ] C:\Windows\System32\ole32.dll
16:01:00.0497 0x0c70 C:\Windows\System32\ole32.dll - ok
16:01:00.0507 0x0c70 [ 420B075CD71AB9E58D15DD258958FBA3, EDD96EDD4D3F1C05E34C769F9C4A1D966DA9B51A3B01CF25E9C5E30281E01AE2 ] C:\Windows\System32\shlwapi.dll
16:01:00.0507 0x0c70 C:\Windows\System32\shlwapi.dll - ok
16:01:00.0517 0x0c70 [ AA5456C16D7F4B73177FD46AD63A12C4, 8FFE91312B1252212E59E0EDE04F928AECAE5E501526D27E4023CFFCAEA0CB4A ] C:\Windows\System32\iertutil.dll
16:01:00.0517 0x0c70 C:\Windows\System32\iertutil.dll - ok
16:01:00.0527 0x0c70 [ 17AF64D727545F2804F6E6D998327E3F, CAD50C5321BF522CA6CA74662D032A98705ADD04A8BE38576B8EF0B8CE6DBA8A ] C:\Windows\System32\msvcrt.dll
16:01:00.0527 0x0c70 C:\Windows\System32\msvcrt.dll - ok
16:01:00.0547 0x0c70 [ A64AEBC6C78B4CFD7F41A7277879DF8F, 2283E1D5D5ACF66B6C71A7755577F0A03DB5FC213E5D7DB067C9B7B6E805C202 ] C:\Windows\System32\nsi.dll
16:01:00.0547 0x0c70 C:\Windows\System32\nsi.dll - ok
16:01:00.0557 0x0c70 [ E389C328AC7FE5673593ECAD269E7A54, 4EACF7F293D736941BC9F1FA5E70C11EF55CCF74664ECDEF56DA53BA043C0C38 ] C:\Windows\System32\rpcrt4.dll
16:01:00.0557 0x0c70 C:\Windows\System32\rpcrt4.dll - ok
16:01:00.0567 0x0c70 [ B8A609FB5EFB4E44FC1355B1C01C64BC, BB84036F8F16C6E2069FD8B18078A7E6CC98B513285FB1A8DC727B395C9E3A12 ] C:\Windows\System32\Wldap32.dll
16:01:00.0567 0x0c70 C:\Windows\System32\Wldap32.dll - ok
16:01:00.0607 0x0c70 [ 58035212AB7869A5FC3AF186ACBA8F09, BCBEE41B2E65560A71D9D9199C0F8D7657085EEE4F73CD2F04D0474823ED4200 ] C:\Windows\System32\comctl32.dll
16:01:00.0607 0x0c70 C:\Windows\System32\comctl32.dll - ok
16:01:00.0617 0x0c70 [ 93A1732F7F997E36A5C3893539E2FF02, 40B6F7A67F90E5D9948385418BD22BBD29DE86A151B35D1001081A61CA5FC612 ] C:\Windows\System32\psapi.dll
16:01:00.0617 0x0c70 C:\Windows\System32\psapi.dll - ok
16:01:00.0647 0x0c70 [ EAAAFEF04FBB45665C9576E525D45A12, 3472378C4E150B158B1C4E16760E278B0564BA10563D2CB181EFD17091056D87 ] C:\Windows\System32\drivers\dxapi.sys
16:01:00.0647 0x0c70 C:\Windows\System32\drivers\dxapi.sys - ok
16:01:00.0657 0x0c70 [ 7DEEA31FD41B77B433C17903B3416507, DE424D824FF5AB4A32E5F4742C2BED562857821474F0685DCFCD83F68F4B90E6 ] C:\Windows\System32\win32k.sys
16:01:00.0657 0x0c70 C:\Windows\System32\win32k.sys - ok
16:01:00.0677 0x0c70 [ ABCA209EBA02CB59233614DB83B4F50D, CF48E43B33B14234F5004F9F3BF0D973B17A501108F39FB42CF9548FD2124960 ] C:\Windows\System32\csrss.exe
16:01:00.0677 0x0c70 C:\Windows\System32\csrss.exe - ok
16:01:00.0697 0x0c70 [ 33F84B64D4765BCDFA0AB8464122DA14, 89FBC019E656B36A3B87F3F546C45A8DD033799606B05532FAC3E695DFD9701A ] C:\Windows\System32\csrsrv.dll
16:01:00.0697 0x0c70 C:\Windows\System32\csrsrv.dll - ok
16:01:00.0737 0x0c70 [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\System32\basesrv.dll
16:01:00.0737 0x0c70 C:\Windows\System32\basesrv.dll - ok
16:01:00.0747 0x0c70 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\System32\winsrv.dll
16:01:00.0747 0x0c70 C:\Windows\System32\winsrv.dll - ok
16:01:00.0757 0x0c70 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] C:\Windows\System32\drivers\monitor.sys
16:01:00.0757 0x0c70 C:\Windows\System32\drivers\monitor.sys - ok
16:01:00.0767 0x0c70 [ CC21507D246861671A0BF97E75CE1B00, C36089B27D80F4FFD208A807310413DE3DCC7850F14D1B56F97670CC10F5566D ] C:\Windows\System32\tsddd.dll
16:01:00.0767 0x0c70 C:\Windows\System32\tsddd.dll - ok
16:01:00.0797 0x0c70 [ 101BA3EA053480BB5D957EF37C06B5ED, 9A02771DA9C226552A1766C2DD0295ECA8B5B80AAE13076FFCE6A806FA5C21B8 ] C:\Windows\System32\wininit.exe
16:01:00.0797 0x0c70 C:\Windows\System32\wininit.exe - ok
16:01:00.0807 0x0c70 [ 665417528489096BBCB8AEA46D3DA924, BB0D895B481EFA6ED024C979238F5F482DF0A53912575A47EB4E9C643919112A ] C:\Windows\System32\userenv.dll
16:01:00.0807 0x0c70 C:\Windows\System32\userenv.dll - ok
16:01:00.0827 0x0c70 [ D602FEDBD9155FC2DED6863FB60C950F, 5EADF6A70F3BB8CCF758AD645C96AF4034D7E8EEFE44C5008499809C510691EE ] C:\Windows\System32\secur32.dll
16:01:00.0827 0x0c70 C:\Windows\System32\secur32.dll - ok
16:01:00.0847 0x0c70 [ 12C8D6C564702B0776512932290A3F6B, D7AC82B7307694B6FDB3AC08C83C415005DFA26FD92D3AA3043B3600984792DA ] C:\Windows\System32\KBDUS.DLL
16:01:00.0847 0x0c70 C:\Windows\System32\KBDUS.DLL - ok
16:01:00.0867 0x0c70 [ D6F0260D9051C0B60998F4CDBE9B2CC6, D5805D6170FA05A7A8A592F0FB6B0E7E83A725313B499DA2F3394EA6060D0BB1 ] C:\Windows\System32\cdd.dll
16:01:00.0867 0x0c70 C:\Windows\System32\cdd.dll - ok
16:01:00.0877 0x0c70 [ 92283D9E33EC5F41ECC0B430B7459241, 9BE390D924438950025842667924819E6EB1E821893C9EFE5E06AB30CBD037BF ] C:\Windows\System32\WlS0WndH.dll
16:01:00.0877 0x0c70 C:\Windows\System32\WlS0WndH.dll - ok
16:01:00.0897 0x0c70 [ 1107BD574A84367735FEC38B9BD64E6B, 682D5372B533817C810F1DCB1C7AE42C44A786ED114601E56DF85FE1C41D5989 ] C:\Windows\System32\apphelp.dll
16:01:00.0897 0x0c70 C:\Windows\System32\apphelp.dll - ok
16:01:00.0907 0x0c70 [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\System32\services.exe
16:01:00.0907 0x0c70 C:\Windows\System32\services.exe - ok
16:01:00.0917 0x0c70 [ 898E7C06A350D4A1A64A9EA264D55452, 0530B49018B59D4DCD3ECBC19E95B81438208AF34BC876BD07129A79896B4D7E ] C:\Windows\System32\winlogon.exe
16:01:00.0917 0x0c70 C:\Windows\System32\winlogon.exe - ok
16:01:00.0937 0x0c70 [ BE6FAC6F0745C67DAE7522C96406D083, 5FBDE0193F6C6752C8BAB88D945F536D1259B3290073FE73E97FD4D9603D9AD6 ] C:\Windows\System32\sxs.dll
16:01:00.0937 0x0c70 C:\Windows\System32\sxs.dll - ok
16:01:00.0947 0x0c70 [ 4AAFC7461633848AA87A363B2CBEC522, F2A452B5B71293011EED8CD5ABFA8D0B0761A92D4579CF9D98B1D2DC06D16791 ] C:\Windows\System32\winsta.dll
16:01:00.0947 0x0c70 C:\Windows\System32\winsta.dll - ok
16:01:00.0957 0x0c70 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] C:\Windows\System32\lsass.exe
16:01:00.0957 0x0c70 C:\Windows\System32\lsass.exe - ok
16:01:00.0977 0x0c70 [ D90911B3FA05D7B930C1286084B404DE, 200577AD30F9B3FBEAA2988B6858ED6811F7E75B0183F5F35F18207A0C932694 ] C:\Windows\System32\scesrv.dll
16:01:00.0977 0x0c70 C:\Windows\System32\scesrv.dll - ok
16:01:00.0987 0x0c70 [ 1AE011BB950A5E0B05023D2AFEC3666D, 4602DB22B7D1643780DBE7A34A4887C119A0516C65E4063A9C2074CF39A495DC ] C:\Windows\System32\authz.dll
16:01:00.0987 0x0c70 C:\Windows\System32\authz.dll - ok
16:01:00.0997 0x0c70 [ 4774AD6C447E02E954BD9A793614EBEC, 7BA75A26DA67FD10BB3E0A2404A7319F8D8938B0330BA0978A9E21EBC8CD9BA4 ] C:\Windows\System32\lsm.exe
16:01:00.0997 0x0c70 C:\Windows\System32\lsm.exe - ok
16:01:01.0017 0x0c70 [ 178FAC2B7C66E9A4400CE7AC37623E3F, 30BF99E3F6B02566A83DCC072F5654DA28311ACC5308CFB25BE02C1BD3B5CEE3 ] C:\Windows\System32\lsasrv.dll
16:01:01.0017 0x0c70 C:\Windows\System32\lsasrv.dll - ok
16:01:01.0037 0x0c70 [ 98B656EAF128CD06F625B09C84D959E1, 3E6502E629F15E697A813FC56A9B1F13F5A6F3D0C20550AB3459B2507F868156 ] C:\Windows\System32\netapi32.dll
16:01:01.0037 0x0c70 C:\Windows\System32\netapi32.dll - ok
16:01:01.0047 0x0c70 [ 71F5A7104FDF16C0AC5283A6CE666553, 481D688B87CC4155FB98AEB816B5F331F2EC8A1B409B01BA270A67660CE9564A ] C:\Windows\System32\sysntfy.dll
16:01:01.0047 0x0c70 C:\Windows\System32\sysntfy.dll - ok
16:01:01.0057 0x0c70 [ 2FA16465F64DB54B1F7F511395EB4FD7, 9BC7865CC2EC9CE08E2848F8E8FB9E73715858A31243CB280C317578DDD97EDA ] C:\Windows\System32\ncobjapi.dll
16:01:01.0057 0x0c70 C:\Windows\System32\ncobjapi.dll - ok
16:01:01.0077 0x0c70 [ F0321DA5203F1E71917F3B7A13DC4912, 2F40733CBDD6491DAA3182AFDB3CA9FBAE5C3EE15CD9FCFF20E2D74E98CA374F ] C:\Windows\System32\wmsgapi.dll
16:01:01.0077 0x0c70 C:\Windows\System32\wmsgapi.dll - ok
16:01:01.0077 0x0c70 [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] C:\Windows\System32\aelupsvc.dll
16:01:01.0087 0x0c70 C:\Windows\System32\aelupsvc.dll - ok
16:01:01.0097 0x0c70 [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] C:\Windows\System32\alg.exe
16:01:01.0097 0x0c70 C:\Windows\System32\alg.exe - ok
16:01:01.0107 0x0c70 [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] C:\Windows\System32\appinfo.dll
16:01:01.0107 0x0c70 C:\Windows\System32\appinfo.dll - ok
16:01:01.0117 0x0c70 [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] C:\Windows\System32\audiosrv.dll
16:01:01.0117 0x0c70 C:\Windows\System32\audiosrv.dll - ok
16:01:01.0137 0x0c70 [ 7808BF0E367ED7348808879CEF482AB3, BAC633E351F0A2CF69C288E7CD983ED5986FE0CC180BF769A5C2EB5F8CABBE8A ] C:\Windows\System32\samsrv.dll
16:01:01.0137 0x0c70 C:\Windows\System32\samsrv.dll - ok
16:01:01.0147 0x0c70 [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] C:\Windows\System32\BFE.DLL
16:01:01.0147 0x0c70 C:\Windows\System32\BFE.DLL - ok
16:01:01.0157 0x0c70 [ 459B48188494490707DCA8BAA91AA185, E108A46F446A273BF118A73D4790FC85D49D6CE8ECC581AAEB942A1558D21327 ] C:\Windows\System32\cryptdll.dll
16:01:01.0157 0x0c70 C:\Windows\System32\cryptdll.dll - ok
16:01:01.0167 0x0c70 [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] C:\Windows\System32\qmgr.dll
16:01:01.0167 0x0c70 C:\Windows\System32\qmgr.dll - ok
16:01:01.0187 0x0c70 [ 85E861D0B88DB2B54ACB0839654C09F7, 751E4F1F282C3798712AFF551D1525D5D65B5E8229689862AAB0BBDCC35A5925 ] C:\Windows\System32\dnsapi.dll
16:01:01.0187 0x0c70 C:\Windows\System32\dnsapi.dll - ok
16:01:01.0197 0x0c70 [ 453DE2958C885527E20C79A3FEFE6AF7, AC40DC0D1224A2F6FAA1A3396345371CAE7312C6D7EF0923602B2E89ED22BA2B ] C:\Windows\System32\samlib.dll
16:01:01.0197 0x0c70 C:\Windows\System32\samlib.dll - ok
16:01:01.0217 0x0c70 [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] C:\Windows\System32\browser.dll
16:01:01.0217 0x0c70 C:\Windows\System32\browser.dll - ok
16:01:01.0247 0x0c70 [ EE2FF9A3FC4404234BE3B7C6AA383AF8, 51BF3C48BE9BF81A800EF5B247E03C78980B3FFFF37688C42C0F253351EEF4C1 ] C:\Windows\System32\msasn1.dll
16:01:01.0247 0x0c70 C:\Windows\System32\msasn1.dll - ok
16:01:01.0257 0x0c70 [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] C:\Windows\System32\certprop.dll
16:01:01.0257 0x0c70 C:\Windows\System32\certprop.dll - ok
16:01:01.0277 0x0c70 [ 7F0F1D4B0D847696F8E309423D227DCE, 4460A2E8B27EB74E951DF328DABFC6C905DD1538D2F2BEE59B2FDA05482CE9F7 ] C:\Windows\System32\ntdsapi.dll
16:01:01.0277 0x0c70 C:\Windows\System32\ntdsapi.dll - ok
16:01:01.0287 0x0c70 [ 4211249955AF9133E2E357CC92B54DFD, 5868F1B809783723C45D3A60DC6B2A21C216E9329D131B282A5851E38603DF55 ] C:\Windows\System32\comres.dll
16:01:01.0287 0x0c70 C:\Windows\System32\comres.dll - ok
16:01:01.0297 0x0c70 [ 965AC9FBF2C67231C157E99C03C58D24, 732E6307AE0C8916F47CB0E74562C7991CF44D5656C5E071D3FBDF31EA734409 ] C:\Windows\System32\feclient.dll
16:01:01.0297 0x0c70 C:\Windows\System32\feclient.dll - ok
16:01:01.0317 0x0c70 [ 1F94EA31C9543B855F53BDAC7792DA4E, 3697D031632C47FC5AAB4208C05A7C4098DF390103CFDE99A512F685AD057F40 ] C:\Windows\System32\mpr.dll
16:01:01.0317 0x0c70 C:\Windows\System32\mpr.dll - ok
16:01:01.0327 0x0c70 [ 0317420D419E1885894B3ED9D375D245, 17F4C64CA4FE560F09DA4C1D13D62B525B5C7B6FDD44B846C6953D595D83CF3D ] C:\Windows\System32\crypt32.dll
16:01:01.0327 0x0c70 C:\Windows\System32\crypt32.dll - ok
16:01:01.0347 0x0c70 [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] C:\Windows\System32\cryptsvc.dll
16:01:01.0347 0x0c70 C:\Windows\System32\cryptsvc.dll - ok
16:01:01.0377 0x0c70 [ C6DF7A87063D006ECF1FD8156CB6DE3F, 921AB6B88444B364F05D8EDF0EDDFA0892353A862CD3580F7EDA311E4FDC26B6 ] C:\Windows\System32\SLC.dll
16:01:01.0377 0x0c70 C:\Windows\System32\SLC.dll - ok
16:01:01.0397 0x0c70 [ 08D6D1692B62C9EE4062E1FA04D8FE2F, 0DDB6D64524CDED04DE6521FC834BC4507ECF4C51C9F9BC407B510222E4F0343 ] C:\Windows\System32\oleres.dll
16:01:01.0397 0x0c70 C:\Windows\System32\oleres.dll - ok
16:01:01.0407 0x0c70 [ 4DE3C4D07BAFDE616EFA0ADE076CBAC2, 9088837534980C39A885BF9FE2B0945166A433F0263DE7F8E9D4F5E153A70DF3 ] C:\Windows\System32\wevtapi.dll
16:01:01.0407 0x0c70 C:\Windows\System32\wevtapi.dll - ok
16:01:01.0437 0x0c70 [ 74F380C8EC8813626C670D46E8A714D1, 25E20A08048DB18CB1B1071B6FF916561A809561F587E26306FB75A8AA173FE3 ] C:\Windows\System32\dfsrres.dll
16:01:01.0437 0x0c70 C:\Windows\System32\dfsrres.dll - ok
16:01:01.0447 0x0c70 [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] C:\Windows\System32\dhcpcsvc.dll
16:01:01.0447 0x0c70 C:\Windows\System32\dhcpcsvc.dll - ok
16:01:01.0467 0x0c70 [ 4FE8425F21B3F0F8C4B4726351D43EAA, F45C1429BD60EEAB7BE8C2114B9C819CED7583249CEE1AB234A8A05A484528A9 ] C:\Windows\System32\IPHLPAPI.DLL
16:01:01.0467 0x0c70 C:\Windows\System32\IPHLPAPI.DLL - ok
16:01:01.0477 0x0c70 [ 6B09105742C75DF80CEF21700F20F55A, D781C5F22BEBB5C51B7792EBB4421C170F2CC5FE28E9245E9D6B9D22E33423AB ] C:\Windows\System32\winnsi.dll
16:01:01.0477 0x0c70 C:\Windows\System32\winnsi.dll - ok
16:01:01.0497 0x0c70 [ DFB6B71CDABA9DFB49C9D2B318B97A1A, F380B9A28D56DEC902154A0251B58BD3576355EDE2CD13CF47D7F4DBE3D61C97 ] C:\Windows\System32\dhcpcsvc6.dll
16:01:01.0497 0x0c70 C:\Windows\System32\dhcpcsvc6.dll - ok
16:01:01.0507 0x0c70 [ 7F15B4953378C8B5161D65C26D5FED4D, 70C80736225273D083F071E625CC47E5C889E8D7426D8D3461F87D41286F06D0 ] C:\Windows\System32\cngaudit.dll
16:01:01.0507 0x0c70 C:\Windows\System32\cngaudit.dll - ok
16:01:01.0527 0x0c70 [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] C:\Windows\System32\dot3svc.dll
16:01:01.0527 0x0c70 C:\Windows\System32\dot3svc.dll - ok
16:01:01.0537 0x0c70 [ 13CC59C1B04E9F20A87987C68CD4BE3F, E65363E112CF58007CA650782997413EAFFFDAC25B66976BC7B3A2CBD5ED3933 ] C:\Windows\System32\ncrypt.dll
16:01:01.0537 0x0c70 C:\Windows\System32\ncrypt.dll - ok
16:01:01.0547 0x0c70 [ DE0DD9AE3430F84A96B5501112A696BE, 28ED17BCAE5DB58885547213B5241F8E6599ADE3BB7834A54AC2F10D3285C45F ] C:\Windows\System32\bcrypt.dll
16:01:01.0547 0x0c70 C:\Windows\System32\bcrypt.dll - ok
16:01:01.0567 0x0c70 [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] C:\Windows\System32\dps.dll
16:01:01.0567 0x0c70 C:\Windows\System32\dps.dll - ok
16:01:01.0577 0x0c70 [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] C:\Windows\System32\eapsvc.dll
16:01:01.0577 0x0c70 C:\Windows\System32\eapsvc.dll - ok
16:01:01.0587 0x0c70 [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] C:\Windows\ehome\ehrecvr.exe
16:01:01.0587 0x0c70 C:\Windows\ehome\ehrecvr.exe - ok
16:01:01.0597 0x0c70 [ 26F139DDEC6407508071930D3D07337E, 90EF02DCA67C68AFBEB8E2BE2E1BD6E400F2A386C3CE8AF5573E9F89B7636688 ] C:\Windows\System32\credssp.dll
16:01:01.0597 0x0c70 C:\Windows\System32\credssp.dll - ok
16:01:01.0607 0x0c70 [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] C:\Windows\ehome\ehsched.exe
16:01:01.0607 0x0c70 C:\Windows\ehome\ehsched.exe - ok
16:01:01.0627 0x0c70 [ ABE9EEA1EABEA0711610A637A7B1C25D, 973F8BE8E411E1037DFC3FE3F979412450D268E4D34C0F38F3F015D2E00CD8AC ] C:\Windows\System32\msprivs.dll
16:01:01.0627 0x0c70 C:\Windows\System32\msprivs.dll - ok
16:01:01.0637 0x0c70 [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] C:\Windows\ehome\ehstart.dll
16:01:01.0637 0x0c70 C:\Windows\ehome\ehstart.dll - ok
16:01:01.0657 0x0c70 [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] C:\Windows\System32\emdmgmt.dll
16:01:01.0657 0x0c70 C:\Windows\System32\emdmgmt.dll - ok
16:01:01.0667 0x0c70 [ AA01497884F9CBAC89470120AF78D2B1, FACE3C2E7B0796A690B2E25175579575153453D90EB9B08FB164356575FA7614 ] C:\Windows\System32\kerberos.dll
16:01:01.0667 0x0c70 C:\Windows\System32\kerberos.dll - ok
16:01:01.0687 0x0c70 [ 22CFAEB9172F5F198048401485CD0571, 94E0B8590268BD21B035297F5B0C01A4E8958A1DB39A5AA654EA1805BD30CEC2 ] C:\Windows\System32\WSHTCPIP.DLL
16:01:01.0687 0x0c70 C:\Windows\System32\WSHTCPIP.DLL - ok
16:01:01.0707 0x0c70 [ 9E80FF0752E365F97FD2D1D68C2AFDA1, 07924F0966A05A992130D29BBF634214D0DFE4081851ED18B1E334437DD008D0 ] C:\Windows\System32\wship6.dll
16:01:01.0707 0x0c70 C:\Windows\System32\wship6.dll - ok
16:01:01.0717 0x0c70 [ 05C3B38DB95BA5585817A4F898EE5581, 227357221F00BA91D7907966FF251F6834D69ABD630174A56F9A6C98723C1625 ] C:\Windows\System32\wshqos.dll
16:01:01.0717 0x0c70 C:\Windows\System32\wshqos.dll - ok
16:01:01.0747 0x0c70 [ A1B40A28F38D27A7E3229EE4C7064434, 76CD78FAFC99C472CDFCE848B1E31037811D4D645849C9FDA1B22161A1191A2D ] C:\Windows\System32\wevtsvc.dll
16:01:01.0747 0x0c70 C:\Windows\System32\wevtsvc.dll - ok
16:01:01.0767 0x0c70 [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] C:\Windows\System32\nlasvc.dll
16:01:01.0767 0x0c70 C:\Windows\System32\nlasvc.dll - ok
16:01:01.0777 0x0c70 [ FC62A635063B762E1C3C60EA77279378, 9C7ADE37C9F2F9CC5A79D75260736C3791C7A73FB84BE6B7E575CA31A4B99667 ] C:\Windows\System32\NapiNSP.dll
16:01:01.0777 0x0c70 C:\Windows\System32\NapiNSP.dll - ok
16:01:01.0777 0x0c70 [ 690D41DF1D555F96D4898A0F54EBA065, 3A8C9304D49657765DF0FCCEAE2A529982025D8677CCA5930824921F77B8F404 ] C:\Windows\System32\pnrpnsp.dll
16:01:01.0777 0x0c70 C:\Windows\System32\pnrpnsp.dll - ok
16:01:01.0807 0x0c70 [ 8617350C9B590B63E620881092751BCB, 4D16A2197F9ED9062CFD93061294FB8E1068071D03E72B6CF3C7256F1B454A9B ] C:\Windows\System32\mswsock.dll
16:01:01.0807 0x0c70 C:\Windows\System32\mswsock.dll - ok
16:01:01.0817 0x0c70 [ 4ABCE74D012971305249E45E095E9EA6, 6D53BB81F781694577ED8F6DBF41D0900C552DEC2F433206E5B087E80B239DE3 ] C:\Windows\System32\msv1_0.dll
16:01:01.0817 0x0c70 C:\Windows\System32\msv1_0.dll - ok
16:01:01.0857 0x0c70 [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] C:\Windows\System32\fdPHost.dll
16:01:01.0857 0x0c70 C:\Windows\System32\fdPHost.dll - ok
16:01:01.0877 0x0c70 [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] C:\Windows\System32\FDResPub.dll
16:01:01.0877 0x0c70 C:\Windows\System32\FDResPub.dll - ok
16:01:01.0887 0x0c70 [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] C:\Windows\System32\FntCache.dll
16:01:01.0887 0x0c70 C:\Windows\System32\FntCache.dll - ok
16:01:01.0897 0x0c70 [ 95DAECF0FB120A7B5DA679CC54E37DDE, 492129AB9AF4F11CDE46148F6CC3AB6841D0F715DEF5E387B33CD8C79F5298BC ] C:\Windows\System32\netlogon.dll
16:01:01.0897 0x0c70 C:\Windows\System32\netlogon.dll - ok
16:01:01.0917 0x0c70 [ 302964DCAC79D618CC7B72C778DA9FD2, 7F2980AA49592B308E5D4C1A311AE837F65E9FB35761734A936626E81F0A7F10 ] C:\Windows\System32\PresentationHost.exe
16:01:01.0917 0x0c70 C:\Windows\System32\PresentationHost.exe - ok
16:01:01.0927 0x0c70 [ 72910BC4A218C49EA8E43D1FAEC403A5, AAC5026C440BA588D532703A582386EC33B2BCAE2D7A6EF7798498FDDF6F617A ] C:\Windows\System32\winbrand.dll
16:01:01.0927 0x0c70 C:\Windows\System32\winbrand.dll - ok
16:01:01.0937 0x0c70 [ 0F420E81062757EA8363CBACD4D40D6D, 9FC3A7C512B065F18B520FE93B821717BB8B4C36BD976E8D014F71116073CF50 ] C:\Windows\System32\gpapi.dll
16:01:01.0937 0x0c70 C:\Windows\System32\gpapi.dll - ok
16:01:01.0947 0x0c70 [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] C:\Windows\System32\hidserv.dll
16:01:01.0947 0x0c70 C:\Windows\System32\hidserv.dll - ok
16:01:01.0957 0x0c70 [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] C:\Windows\System32\KMSVC.DLL
16:01:01.0957 0x0c70 C:\Windows\System32\KMSVC.DLL - ok
16:01:01.0977 0x0c70 [ 05586F5438AB0DA4F5149159E0E5FD4B, D022FF63300D88DE959EA1B415A5ADC6578059088B2B39DC9DB60A0D29F45935 ] C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
16:01:01.0977 0x0c70 C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok
16:01:01.0997 0x0c70 [ 50E3E76B0901BB4FC029BB88BFA5CE79, 2633FB41F30C68EB68B6241F89C035B3F66CBF51EDB6B4E2FFFE562CE3EEA745 ] C:\Windows\System32\schannel.dll
16:01:01.0997 0x0c70 C:\Windows\System32\schannel.dll - ok
16:01:01.0997 0x0c70 [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] C:\Windows\System32\IKEEXT.DLL
16:01:01.0997 0x0c70 C:\Windows\System32\IKEEXT.DLL - ok
16:01:02.0007 0x0c70 [ 93620229F3CC3B67A3528BF39F064C30, BB5CD222902D528030DD6CB458691DD37BAFCCC0E35119F3C127DB5C55244780 ] C:\Windows\System32\wdigest.dll
16:01:02.0007 0x0c70 C:\Windows\System32\wdigest.dll - ok
16:01:02.0027 0x0c70 [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] C:\Windows\System32\IPBusEnum.dll
16:01:02.0027 0x0c70 C:\Windows\System32\IPBusEnum.dll - ok
16:01:02.0037 0x0c70 [ 3464DAE0E801F5A81A23C571D86F30B2, A5C0256618215A96BC8CB68357E5278DBF01C3E2CFFDC77EB4A703F1342687D2 ] C:\Windows\System32\rascfg.dll
16:01:02.0037 0x0c70 C:\Windows\System32\rascfg.dll - ok
16:01:02.0047 0x0c70 [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] C:\Windows\System32\iphlpsvc.dll
16:01:02.0057 0x0c70 C:\Windows\System32\iphlpsvc.dll - ok
16:01:02.0067 0x0c70 [ 74C2F29CC612B2B34231BEBD824D2FB2, 0C0888AB3B2D8C8F17CA57A503C61F867C8F12A6E6F645DEFE7A2C299AA59AD8 ] C:\Windows\System32\keyiso.dll
16:01:02.0067 0x0c70 C:\Windows\System32\keyiso.dll - ok
16:01:02.0077 0x0c70 [ E14170AEA125119B98FA2BDE3FF4F462, 939758ADA9D1A7E3B6BA1DB6D9E41D3FA27A7013C156F0B63010A0FB62DD64F8 ] C:\Windows\System32\rsaenh.dll
16:01:02.0077 0x0c70 C:\Windows\System32\rsaenh.dll - ok
16:01:02.0087 0x0c70 [ F8873D15018F411588BEC02C1725BADA, 7E90B1D820733C80B438287D89FC3D4219B2C97BD878EB5BA2DBFF64BBF3938A ] C:\Windows\System32\TSpkg.dll
16:01:02.0087 0x0c70 C:\Windows\System32\TSpkg.dll - ok
16:01:02.0107 0x0c70 [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] C:\Windows\System32\srvsvc.dll
16:01:02.0107 0x0c70 C:\Windows\System32\srvsvc.dll - ok
16:01:02.0117 0x0c70 [ A136094368CA45BA50BF4E2703E93B82, F7232B62AB8D88FE142E8E14FD31A1140455963D9320A5871669E8E23DCEEA5A ] C:\Windows\System32\atmfd.dll
16:01:02.0117 0x0c70 C:\Windows\System32\atmfd.dll - ok
16:01:02.0127 0x0c70 [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] C:\Windows\System32\wkssvc.dll
16:01:02.0127 0x0c70 C:\Windows\System32\wkssvc.dll - ok
16:01:02.0147 0x0c70 [ FA0593D936C9B95FB6FAA32AD1595D49, E7DEC36E708D62D6E95649F3F82DD1CB3E4A77934ABC86FD44FE1F37826901B0 ] C:\Windows\System32\lltdres.dll
16:01:02.0147 0x0c70 C:\Windows\System32\lltdres.dll - ok
16:01:02.0157 0x0c70 [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] C:\Windows\System32\lmhsvc.dll
16:01:02.0157 0x0c70 C:\Windows\System32\lmhsvc.dll - ok
16:01:02.0177 0x0c70 [ 132F6237FA3BF3E9715F63A1CCF72BF1, E877AACC2DE4E93A00C76D537D471AA268DC3B983D48407C6707FC682982DBF5 ] C:\Windows\ehome\ehres.dll
16:01:02.0177 0x0c70 C:\Windows\ehome\ehres.dll - ok
16:01:02.0197 0x0c70 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] C:\Windows\System32\mmcss.dll
16:01:02.0197 0x0c70 C:\Windows\System32\mmcss.dll - ok
16:01:02.0207 0x0c70 [ 95F1EB99B81CFD6F581C85F0A0AA9B2B, 65EE7016E6235880C4443119BF32CF12D4A9A9CA3810B974B575AD31D380A7FB ] C:\Windows\System32\FirewallAPI.dll
16:01:02.0207 0x0c70 C:\Windows\System32\FirewallAPI.dll - ok
16:01:02.0227 0x0c70 [ EA822412BBBA9B7D2B1A3748AD50EFB8, 10BA6E240FEC5BB1A0A7C0D75E0495D99FD48D68CA69C0985DD921658835225C ] C:\Windows\System32\iscsidsc.dll
16:01:02.0227 0x0c70 C:\Windows\System32\iscsidsc.dll - ok
16:01:02.0247 0x0c70 [ ED21401F1E2F6BC2F54C462BB66D0D6B, 7E3874AFB57CA6B7CDA3833DB0E43E9D2BEE7C5C70AC1182260740CCA40291CA ] C:\Windows\System32\msimsg.dll
16:01:02.0247 0x0c70 C:\Windows\System32\msimsg.dll - ok
16:01:02.0257 0x0c70 [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] C:\Windows\System32\QAGENTRT.DLL
16:01:02.0257 0x0c70 C:\Windows\System32\QAGENTRT.DLL - ok
16:01:02.0277 0x0c70 [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] C:\Windows\System32\netman.dll
16:01:02.0277 0x0c70 C:\Windows\System32\netman.dll - ok
16:01:02.0287 0x0c70 [ ED640F4CE585058119B824CC76591D9C, B8FA63CEE5105DD034084F34D0FDB223EAC1228888EDBD9EB48BF1B64F720C0E ] C:\Windows\System32\netprof.dll
16:01:02.0287 0x0c70 C:\Windows\System32\netprof.dll - ok
16:01:02.0307 0x0c70 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] C:\Windows\System32\nsisvc.dll
16:01:02.0307 0x0c70 C:\Windows\System32\nsisvc.dll - ok
16:01:02.0317 0x0c70 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] C:\Windows\System32\p2psvc.dll
16:01:02.0317 0x0c70 C:\Windows\System32\p2psvc.dll - ok
16:01:02.0337 0x0c70 [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] C:\Windows\System32\pcasvc.dll
16:01:02.0337 0x0c70 C:\Windows\System32\pcasvc.dll - ok
16:01:02.0347 0x0c70 [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] C:\Windows\System32\pla.dll
16:01:02.0347 0x0c70 C:\Windows\System32\pla.dll - ok
16:01:02.0357 0x0c70 [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] C:\Windows\System32\umpnpmgr.dll
16:01:02.0357 0x0c70 C:\Windows\System32\umpnpmgr.dll - ok
16:01:02.0367 0x0c70 [ 64B28D672B5B6A01E87B0C3096B1E047, D4E5875A25E0EBEFD4AE38A3BA508CF99DD7278E7D4E1C95C7E1B8E42F381A10 ] C:\Windows\System32\polstore.dll
16:01:02.0367 0x0c70 C:\Windows\System32\polstore.dll - ok
16:01:02.0387 0x0c70 [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] C:\Windows\System32\profsvc.dll
16:01:02.0387 0x0c70 C:\Windows\System32\profsvc.dll - ok
16:01:02.0397 0x0c70 [ 08F9134A2215B7ED985409A4DF60AC60, BAFFCA0BA71A11FE63AB8411D8951E9AE087E31E04E9D226CCB21E82B79F2DCE ] C:\Windows\System32\psbase.dll
16:01:02.0397 0x0c70 C:\Windows\System32\psbase.dll - ok
16:01:02.0407 0x0c70 [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] C:\Windows\System32\qwave.dll
16:01:02.0407 0x0c70 C:\Windows\System32\qwave.dll - ok
16:01:02.0427 0x0c70 [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] C:\Windows\System32\drivers\qwavedrv.sys
16:01:02.0427 0x0c70 C:\Windows\System32\drivers\qwavedrv.sys - ok
16:01:02.0437 0x0c70 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] C:\Windows\System32\rasauto.dll
16:01:02.0437 0x0c70 C:\Windows\System32\rasauto.dll - ok
16:01:02.0447 0x0c70 [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] C:\Windows\System32\rasmans.dll
16:01:02.0447 0x0c70 C:\Windows\System32\rasmans.dll - ok
16:01:02.0457 0x0c70 [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] C:\Windows\System32\sstpsvc.dll
16:01:02.0457 0x0c70 C:\Windows\System32\sstpsvc.dll - ok
16:01:02.0477 0x0c70 [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] C:\Windows\System32\mprdim.dll
16:01:02.0477 0x0c70 C:\Windows\System32\mprdim.dll - ok
16:01:02.0487 0x0c70 [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] C:\Windows\System32\regsvc.dll
16:01:02.0487 0x0c70 C:\Windows\System32\regsvc.dll - ok
16:01:02.0517 0x0c70 [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] C:\Windows\System32\Locator.exe
16:01:02.0517 0x0c70 C:\Windows\System32\Locator.exe - ok
16:01:02.0587 0x0c70 [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] C:\Windows\System32\SCardSvr.dll
16:01:02.0587 0x0c70 C:\Windows\System32\SCardSvr.dll - ok
16:01:02.0597 0x0c70 [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] C:\Windows\System32\schedsvc.dll
16:01:02.0597 0x0c70 C:\Windows\System32\schedsvc.dll - ok
16:01:02.0607 0x0c70 [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] C:\Windows\System32\sdrsvc.dll
16:01:02.0607 0x0c70 C:\Windows\System32\sdrsvc.dll - ok
16:01:02.0617 0x0c70 [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] C:\Windows\System32\seclogon.dll
16:01:02.0617 0x0c70 C:\Windows\System32\seclogon.dll - ok
16:01:02.0637 0x0c70 [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] C:\Windows\System32\Sens.dll
16:01:02.0637 0x0c70 C:\Windows\System32\Sens.dll - ok
16:01:02.0647 0x0c70 [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] C:\Windows\System32\SessEnv.dll
16:01:02.0647 0x0c70 C:\Windows\System32\SessEnv.dll - ok
16:01:02.0667 0x0c70 [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] C:\Windows\System32\ipnathlp.dll
16:01:02.0667 0x0c70 C:\Windows\System32\ipnathlp.dll - ok
16:01:02.0697 0x0c70 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] C:\Windows\System32\shsvcs.dll
16:01:02.0697 0x0c70 C:\Windows\System32\shsvcs.dll - ok
16:01:02.0707 0x0c70 [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] C:\Windows\System32\SLsvc.exe
16:01:02.0707 0x0c70 C:\Windows\System32\SLsvc.exe - ok
16:01:02.0717 0x0c70 [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] C:\Windows\System32\SLUINotify.dll
16:01:02.0717 0x0c70 C:\Windows\System32\SLUINotify.dll - ok
16:01:02.0727 0x0c70 [ E4060CFE50F87C72316CB0FDB20E4913, FC7D21327E5FAA424798097FBE5A2F7821BE8A1E54F80E81A620A52DC8E933AA ] C:\Windows\System32\tcpipcfg.dll
16:01:02.0727 0x0c70 C:\Windows\System32\tcpipcfg.dll - ok
16:01:02.0747 0x0c70 [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] C:\Windows\System32\snmptrap.exe
16:01:02.0747 0x0c70 C:\Windows\System32\snmptrap.exe - ok
16:01:02.0757 0x0c70 [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] C:\Windows\System32\spoolsv.exe
16:01:02.0757 0x0c70 C:\Windows\System32\spoolsv.exe - ok
16:01:02.0767 0x0c70 [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] C:\Windows\System32\ssdpsrv.dll
16:01:02.0767 0x0c70 C:\Windows\System32\ssdpsrv.dll - ok

**blueskygal** · 2014-07-12, 01:37

16:01:02.0777 0x0c70 [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] C:\Windows\System32\wiaservc.dll
16:01:02.0777 0x0c70 C:\Windows\System32\wiaservc.dll - ok
16:01:02.0787 0x0c70 [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] C:\Windows\System32\swprv.dll
16:01:02.0787 0x0c70 C:\Windows\System32\swprv.dll - ok
16:01:02.0797 0x0c70 [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] C:\Windows\System32\sysmain.dll
16:01:02.0797 0x0c70 C:\Windows\System32\sysmain.dll - ok
16:01:02.0807 0x0c70 [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] C:\Windows\System32\TabSvc.dll
16:01:02.0807 0x0c70 C:\Windows\System32\TabSvc.dll - ok
16:01:02.0827 0x0c70 [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] C:\Windows\System32\tapisrv.dll
16:01:02.0827 0x0c70 C:\Windows\System32\tapisrv.dll - ok
16:01:02.0837 0x0c70 [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] C:\Windows\System32\tbssvc.dll
16:01:02.0837 0x0c70 C:\Windows\System32\tbssvc.dll - ok
16:01:02.0847 0x0c70 [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] C:\Windows\System32\termsrv.dll
16:01:02.0847 0x0c70 C:\Windows\System32\termsrv.dll - ok
16:01:02.0867 0x0c70 [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] C:\Windows\System32\trkwks.dll
16:01:02.0867 0x0c70 C:\Windows\System32\trkwks.dll - ok
16:01:02.0887 0x0c70 [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] C:\Windows\servicing\TrustedInstaller.exe
16:01:02.0887 0x0c70 C:\Windows\servicing\TrustedInstaller.exe - ok
16:01:02.0897 0x0c70 [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] C:\Windows\System32\UI0Detect.exe
16:01:02.0897 0x0c70 C:\Windows\System32\UI0Detect.exe - ok
16:01:02.0907 0x0c70 [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] C:\Windows\System32\upnphost.dll
16:01:02.0907 0x0c70 C:\Windows\System32\upnphost.dll - ok
16:01:02.0917 0x0c70 [ 01DD1004181FD46ECDC3628228EB269D, 8AED6773AE1C8B65B4CAD6229BD05E224D348CF2A9D9F7D50F2513A9B1E14F66 ] C:\Windows\System32\dwm.exe
16:01:02.0917 0x0c70 C:\Windows\System32\dwm.exe - ok
16:01:02.0937 0x0c70 [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] C:\Windows\System32\vds.exe
16:01:02.0937 0x0c70 C:\Windows\System32\vds.exe - ok
16:01:02.0957 0x0c70 [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] C:\Windows\System32\VSSVC.exe
16:01:02.0957 0x0c70 C:\Windows\System32\VSSVC.exe - ok
16:01:02.0977 0x0c70 [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] C:\Windows\System32\w32time.dll
16:01:02.0977 0x0c70 C:\Windows\System32\w32time.dll - ok
16:01:02.0987 0x0c70 [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] C:\Windows\System32\wcncsvc.dll
16:01:02.0987 0x0c70 C:\Windows\System32\wcncsvc.dll - ok
16:01:02.0997 0x0c70 [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] C:\Windows\System32\WcsPlugInService.dll
16:01:02.0997 0x0c70 C:\Windows\System32\WcsPlugInService.dll - ok
16:01:03.0007 0x0c70 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] C:\Windows\System32\drivers\Wdf01000.sys
16:01:03.0007 0x0c70 C:\Windows\System32\drivers\Wdf01000.sys - ok
16:01:03.0017 0x0c70 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] C:\Windows\System32\wdi.dll
16:01:03.0017 0x0c70 C:\Windows\System32\wdi.dll - ok
16:01:03.0027 0x0c70 [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] C:\Windows\System32\WebClnt.dll
16:01:03.0027 0x0c70 C:\Windows\System32\WebClnt.dll - ok
16:01:03.0047 0x0c70 [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] C:\Windows\System32\wecsvc.dll
16:01:03.0047 0x0c70 C:\Windows\System32\wecsvc.dll - ok
16:01:03.0067 0x0c70 [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] C:\Windows\System32\wercplsupport.dll
16:01:03.0067 0x0c70 C:\Windows\System32\wercplsupport.dll - ok
16:01:03.0067 0x0c70 [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] C:\Windows\System32\wersvc.dll
16:01:03.0067 0x0c70 C:\Windows\System32\wersvc.dll - ok
16:01:03.0087 0x0c70 [ 62DB790A860CDFC4278D2F03CC5675D8, FE5CA54BC7E89ED539BED3C578ADC745E42F3B5623A84FE52AF593CA24895F39 ] C:\Program Files\Windows Defender\MsMpRes.dll
16:01:03.0087 0x0c70 C:\Program Files\Windows Defender\MsMpRes.dll - ok
16:01:03.0097 0x0c70 [ DBD02E3E6F061EBBBF9B99A9D7CBA30B, 2C65C129BD1D4279B78E7EDF83F6FB398B705A56A99942F4CA61C9E52D21D25A ] C:\Windows\System32\winhttp.dll
16:01:03.0097 0x0c70 C:\Windows\System32\winhttp.dll - ok
16:01:03.0117 0x0c70 [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] C:\Windows\System32\wbem\WMIsvc.dll
16:01:03.0117 0x0c70 C:\Windows\System32\wbem\WMIsvc.dll - ok
16:01:03.0137 0x0c70 [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] C:\Windows\System32\WsmSvc.dll
16:01:03.0137 0x0c70 C:\Windows\System32\WsmSvc.dll - ok
16:01:03.0147 0x0c70 [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] C:\Windows\System32\wlansvc.dll
16:01:03.0147 0x0c70 C:\Windows\System32\wlansvc.dll - ok
16:01:03.0167 0x0c70 [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] C:\Windows\System32\wbem\WmiApSrv.exe
16:01:03.0167 0x0c70 C:\Windows\System32\wbem\WmiApSrv.exe - ok
16:01:03.0187 0x0c70 [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] C:\Program Files\Windows Media Player\wmpnetwk.exe
16:01:03.0197 0x0c70 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
16:01:03.0197 0x0c70 [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] C:\Windows\System32\wpcsvc.dll
16:01:03.0197 0x0c70 C:\Windows\System32\wpcsvc.dll - ok
16:01:03.0217 0x0c70 [ 396D406292B0CD26E3504FFE82784702, 5F9015BB515AC13D4DFE8F4B532352CF2C5B61DEFD3D0D61BCD82C781D36E7AF ] C:\Windows\System32\wpdbusenum.dll
16:01:03.0217 0x0c70 C:\Windows\System32\wpdbusenum.dll - ok
16:01:03.0237 0x0c70 [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
16:01:03.0237 0x0c70 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe - ok
16:01:03.0257 0x0c70 [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] C:\Windows\System32\wscsvc.dll
16:01:03.0257 0x0c70 C:\Windows\System32\wscsvc.dll - ok
16:01:03.0277 0x0c70 [ AED0DFF80C6B3914769407E78D7AB21A, 5B9779B163302F80A256AACBBE2E22B827EDDEC491F109C439184CBD5B343151 ] C:\Windows\System32\SearchIndexer.exe
16:01:03.0277 0x0c70 C:\Windows\System32\SearchIndexer.exe - ok
16:01:03.0287 0x0c70 [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] C:\Windows\System32\wuaueng.dll
16:01:03.0287 0x0c70 C:\Windows\System32\wuaueng.dll - ok
16:01:03.0307 0x0c70 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] C:\Windows\System32\drivers\WUDFPf.sys
16:01:03.0307 0x0c70 C:\Windows\System32\drivers\WUDFPf.sys - ok
16:01:03.0317 0x0c70 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] C:\Windows\System32\WUDFSvc.dll
16:01:03.0317 0x0c70 C:\Windows\System32\WUDFSvc.dll - ok
16:01:03.0327 0x0c70 [ 8FC182167381E9915651267044105EE1, A0F0039496CA0755C07E7F249D4101D66FA64AFA5C8CE036428060AB106A1250 ] C:\Windows\System32\scecli.dll
16:01:03.0327 0x0c70 C:\Windows\System32\scecli.dll - ok
16:01:03.0347 0x0c70 [ CD08EEC61C591AF59A39F4363C567D30, 6A8413BE885A07235F59846FAD986B7A65CF009EAD78DD378114B6362DDDB371 ] C:\Windows\System32\ntmarta.dll
16:01:03.0347 0x0c70 C:\Windows\System32\ntmarta.dll - ok
16:01:03.0367 0x0c70 [ 3794B461C45882E06856F282EEF025AF, D4F79D7BC639FE86AC68961E6273836B9D7AF491773FD054395B33D317017BEB ] C:\Windows\System32\svchost.exe
16:01:03.0367 0x0c70 C:\Windows\System32\svchost.exe - ok
16:01:03.0387 0x0c70 [ 9A7F4B2EDACD11444D048AA19CBB26AF, 2CC3632D39484C959855B8A27DDED12A44765D7723CCF150E9F8B70015F1AA2E ] C:\Windows\System32\powrprof.dll
16:01:03.0387 0x0c70 C:\Windows\System32\powrprof.dll - ok
16:01:03.0397 0x0c70 [ 9243229DFCCC99B5441750EBA49F1B14, 1292D9A049F07E74F3E60068D839E9166BBC090A63972FBE5432D4818AA9DF47 ] C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
16:01:03.0397 0x0c70 C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe - ok
16:01:03.0417 0x0c70 [ DDB9BCFF8CBF73638A15579FEC223229, A89D6AC3A25D32AEBA0A1203446A29412AC33BA942E2C0B6A056E65387D16910 ] C:\Program Files\IObit\Advanced SystemCare 6\rtl120.bpl
16:01:03.0417 0x0c70 C:\Program Files\IObit\Advanced SystemCare 6\rtl120.bpl - ok
16:01:03.0427 0x0c70 [ 69827805A221C21450BA22F4326A2EE3, 2580CEB58BE4AEF7DEB134F3AD251188CAED05BC992B4FA977CCD11BD583BE5E ] C:\Windows\System32\version.dll
16:01:03.0427 0x0c70 C:\Windows\System32\version.dll - ok
16:01:03.0447 0x0c70 [ E582816A4855914DEFFC212E12B3B744, B59C692FE8D19A2D9615D12C6026854C3467B25B3630183D766A32A9584C3115 ] C:\Windows\System32\wsock32.dll
16:01:03.0447 0x0c70 C:\Windows\System32\wsock32.dll - ok
16:01:03.0457 0x0c70 [ DC15AB7168C0309D8F04FD95B6240422, C94550429403C710A2BD26EA67AEF698522CF4826C0A4C4A7D2CBC3145AB40A6 ] C:\Windows\System32\oleacc.dll
16:01:03.0457 0x0c70 C:\Windows\System32\oleacc.dll - ok
16:01:03.0477 0x0c70 [ 8290E04F8A4D9594BFB53D520B677B8A, FD6DBD30286A28540C003796A4E30A5DFA5A6A94CDF65D2C720BDEA90124F993 ] C:\Program Files\IObit\Advanced SystemCare 6\vcl120.bpl
16:01:03.0477 0x0c70 C:\Program Files\IObit\Advanced SystemCare 6\vcl120.bpl - ok
16:01:03.0487 0x0c70 [ 2EC53B5A351C4D443896DBAD117F7E82, E158AD22F1905B41D7975E3725D7A870FB192D7258C4330DF06CD4AC02A7CFE4 ] C:\Windows\System32\msimg32.dll
16:01:03.0487 0x0c70 C:\Windows\System32\msimg32.dll - ok
16:01:03.0497 0x0c70 [ 9474AD3584430D24DA87517F9DB0CBB2, 62AF2AD461E255B2B646F7462A7F2592BC7CE2FCAC980F09B5E8AC54F3C912D0 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\comctl32.dll
16:01:03.0497 0x0c70 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\comctl32.dll - ok
16:01:03.0507 0x0c70 [ 5EC8FB83F31AA2D6F421F02C3F4F4475, CC325D32700AED6CEA6FA1190C04FEDA9A52DABB3E47D3923BA9BBE06A5EB556 ] C:\Windows\System32\winspool.drv
16:01:03.0507 0x0c70 C:\Windows\System32\winspool.drv - ok
16:01:03.0527 0x0c70 [ 80BD4B26E2CBC0D65445D0463DFF6FC2, 3C36ACAABF7D0EE528424599E151DC9D19A1D2D50E97CAA141E427774F11076D ] C:\Windows\System32\oledlg.dll
16:01:03.0527 0x0c70 C:\Windows\System32\oledlg.dll - ok
16:01:03.0537 0x0c70 [ E73310D7895B2889A1F2A560285A68EE, 2C04407380812F3A3E8E1DED806C03EF246B818B296DAAF277595DDA9D2D4BC1 ] C:\Program Files\IObit\Advanced SystemCare 6\sqlite3.dll
16:01:03.0537 0x0c70 C:\Program Files\IObit\Advanced SystemCare 6\sqlite3.dll - ok
16:01:03.0547 0x0c70 [ 14FF750EFE13B0C21E5A06507C3A97B1, 6962EE642FB635442D3E75CE022BAFE78FA453DD6E8E3DAC8B484C699454AF0F ] C:\Windows\System32\winmm.dll
16:01:03.0557 0x0c70 C:\Windows\System32\winmm.dll - ok
16:01:03.0567 0x0c70 [ BE3C082837866C4C291ADAF163C10EA6, 9C65ABFE6E11B05C9309B86A87ADDD3557C043D4582E1A29530EBC36D470B13D ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
16:01:03.0567 0x0c70 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll - ok
16:01:03.0587 0x0c70 [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] C:\Windows\System32\rpcss.dll
16:01:03.0587 0x0c70 C:\Windows\System32\rpcss.dll - ok
16:01:03.0597 0x0c70 [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] C:\Windows\System32\drivers\luafv.sys
16:01:03.0597 0x0c70 C:\Windows\System32\drivers\luafv.sys - ok
16:01:03.0617 0x0c70 [ 62D577288B48998FC6667BF22DC5B690, 2AE9E184BA655EB56488A3DEFF1C7C37B1C99EEB821E961390FCE2EFCE6D7CBF ] C:\Windows\System32\LogonUI.exe
16:01:03.0617 0x0c70 C:\Windows\System32\LogonUI.exe - ok
16:01:03.0647 0x0c70 [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] C:\Program Files\Windows Defender\MpSvc.dll
16:01:03.0647 0x0c70 C:\Program Files\Windows Defender\MpSvc.dll - ok
16:01:03.0657 0x0c70 [ 58C2521D87C494831A625202C80354AD, 6C5D9503E587904F5207E0AB470325DBEA0C32EB6693521DE669DF2D0BD935D4 ] C:\Windows\System32\authui.dll
16:01:03.0657 0x0c70 C:\Windows\System32\authui.dll - ok
16:01:03.0667 0x0c70 [ D16A740186870C32941C0E61DF4F1298, 070E994DC851F9E397CCABCB2227D3E4E096463E89BF34E3C09896BF9A08C91E ] C:\Windows\System32\wintrust.dll
16:01:03.0667 0x0c70 C:\Windows\System32\wintrust.dll - ok
16:01:03.0687 0x0c70 [ 1BD363738B672A394EBE3B8A78EAB9D3, 68D405EE3AE5A013E631892D6F4AAA8C654C2BCE30D749E9DAA3C49823006BA9 ] C:\Program Files\Windows Defender\MpClient.dll
16:01:03.0687 0x0c70 C:\Program Files\Windows Defender\MpClient.dll - ok
16:01:03.0697 0x0c70 [ 999D69DEB576C2C424294DF025891CC6, ED634C9829E87F4D016446F2E2F44B542A263F166F69EF5759BBE964A457ECBE ] C:\Windows\System32\uxtheme.dll
16:01:03.0697 0x0c70 C:\Windows\System32\uxtheme.dll - ok
16:01:03.0717 0x0c70 [ 33F571D9F4B0B4107E60323075F64980, A5C8FE2BDED4C10D0CB4F0AF26F644C95C613EF49AAA44CF1A0047532652C92A ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.19096_none_9e59a14eca0fa8de\GdiPlus.dll
16:01:03.0717 0x0c70 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.19096_none_9e59a14eca0fa8de\GdiPlus.dll - ok
16:01:03.0727 0x0c70 [ C9244BCAC83B259B920BBEE18A97BFE1, 9EA58407433F86BAAC3B4A6C334FB3BC59032FF4EB50EFA7CD639AA56D96E908 ] C:\Windows\System32\avrt.dll
16:01:03.0727 0x0c70 C:\Windows\System32\avrt.dll - ok
16:01:03.0737 0x0c70 [ 75EB73E64F5B4655D9797D20F26DE320, 4AA94D039AC5BD7D39766C4E2A4F7DFCDD46782D3B2483677D722949A7B790FC ] C:\Windows\System32\duser.dll
16:01:03.0737 0x0c70 C:\Windows\System32\duser.dll - ok
16:01:03.0757 0x0c70 [ 56B5914070B2C243DFB3D186070DA89D, 657EBC48F8AE297F76898C5417797C3542B086C40F84D32F7D76FA14893B2C08 ] C:\Windows\System32\MMDevAPI.dll
16:01:03.0757 0x0c70 C:\Windows\System32\MMDevAPI.dll - ok
16:01:03.0767 0x0c70 [ F42483814FC39170B3982A184EC5AAA2, DD8A1E7C6714DF07742EFDF6CA5AB93CDC547F56EB8C1066C56A68E83A818DD2 ] C:\Windows\System32\wtsapi32.dll
16:01:03.0767 0x0c70 C:\Windows\System32\wtsapi32.dll - ok
16:01:03.0777 0x0c70 [ 801F1E963F7EEFFDA3F9EF89DB3EF133, AD1A7A589E6484E0063CCBCE1DD6F1C9D59C9629C11D6D6F95CD19F48F2ED33B ] C:\Windows\System32\radardt.dll
16:01:03.0777 0x0c70 C:\Windows\System32\radardt.dll - ok
16:01:03.0787 0x0c70 [ A99871BA522CB2539AE275AC18CACC8F, CBE1F5B357AAE3EA03E8E0AE2E1A1DE4EDF8F35AD056DCF1DC4E413284C86FC3 ] C:\Windows\System32\cabinet.dll
16:01:03.0787 0x0c70 C:\Windows\System32\cabinet.dll - ok
16:01:03.0797 0x0c70 [ EC43D9CC95C3BB5FEFDBCF22D375E1F5, 088BF98E433F7E25889262549DC1C27FB0DF8C26905B5BF4A0F69AA3DA0995E5 ] C:\Windows\System32\adtschema.dll
16:01:03.0797 0x0c70 C:\Windows\System32\adtschema.dll - ok
16:01:03.0807 0x0c70 [ 1908CC7673F72601AFFDCA022689CEDF, 57E9F87421D7D7447F0BE5B6746D90DECFBCF82972E9A08E2F3943F6CDAE9F84 ] C:\Windows\System32\xmllite.dll
16:01:03.0807 0x0c70 C:\Windows\System32\xmllite.dll - ok
16:01:03.0817 0x0c70 [ B25DBBA6C63A61FF4AFDB5ADAB4E70CB, 272C4175900FD4DD36E863BF6658AA1DB863C01573E0C89E354754938AA32EDF ] C:\Windows\System32\SmartcardCredentialProvider.dll
16:01:03.0817 0x0c70 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
16:01:03.0827 0x0c70 [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] C:\Windows\System32\drivers\drmkaud.sys
16:01:03.0827 0x0c70 C:\Windows\System32\drivers\drmkaud.sys - ok
16:01:03.0847 0x0c70 [ 9DC3723519F52B6BC63EACD4BD411313, 7EA9EC9AD518AA9E575100E052CAC44EC2443501C4E133E9C7C70A05A171D239 ] C:\Windows\System32\rasplap.dll
16:01:03.0847 0x0c70 C:\Windows\System32\rasplap.dll - ok
16:01:03.0867 0x0c70 [ 70C6489D56008D75DEDF73226FA63C11, 7AB4C89D7A259BB7DD6F24C5CA181749C3015A06B160B91593F2F1FC1E4AEDCE ] C:\Windows\System32\dimsjob.dll
16:01:03.0867 0x0c70 C:\Windows\System32\dimsjob.dll - ok
16:01:03.0867 0x0c70 [ 3437B9E218A2E4586BEF4F7A3BD00777, 01FBFA70A741B1717430FCA58F675C2154B83907BD35D75A444C191FB2C2B1A2 ] C:\Windows\System32\audiodg.exe
16:01:03.0867 0x0c70 C:\Windows\System32\audiodg.exe - ok
16:01:03.0877 0x0c70 [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] C:\Windows\System32\drivers\fltMgr.sys
16:01:03.0877 0x0c70 C:\Windows\System32\drivers\fltMgr.sys - ok
16:01:03.0897 0x0c70 [ 3CB863B78642405371CB3A71C07E2382, 571D43BBB0D0D54A7D508E9D0E70CDF5F1F3B147B4F6B15EB3D893401BB6F40F ] C:\Windows\System32\rasapi32.dll
16:01:03.0897 0x0c70 C:\Windows\System32\rasapi32.dll - ok
16:01:03.0907 0x0c70 [ 22F73612087430A94DBE912AB58E0C79, 0F6C82603B20FD118DC70040809294E6695DF9A16BFE5016DE2CFF9F07D7C215 ] C:\Windows\System32\ci.dll
16:01:03.0907 0x0c70 C:\Windows\System32\ci.dll - ok
16:01:03.0917 0x0c70 [ 3A1DDA77F331D107BA40DB06E4D666E9, 544A63148756AD0E993DD79F0656E73E23386BF0DA54394000044FD0972C838D ] C:\Windows\System32\rasman.dll
16:01:03.0917 0x0c70 C:\Windows\System32\rasman.dll - ok
16:01:03.0927 0x0c70 [ 70F08ECE7A30A639D3F0C8C433685C7D, E7B852E949D0DB9C3D63C4F49DECF9C93781142EAC6F6D66C9FC8E0027E904F4 ] C:\Windows\System32\tapi32.dll
16:01:03.0927 0x0c70 C:\Windows\System32\tapi32.dll - ok
16:01:03.0947 0x0c70 [ 3D418A22A56471295AEB1CEB9027C3DA, C1D5E63B7400E6436E348AE1D9E2B3701174856DDAACE39C00134DC89497AACF ] C:\Windows\System32\rtutils.dll
16:01:03.0947 0x0c70 C:\Windows\System32\rtutils.dll - ok
16:01:03.0947 0x0c70 [ 627920CFF5DFCF8CF54CF2D592D61307, 5339B6E9EA04AD8FCFF976E0DEBB62C1591980E50906DC0D11640EB6CD6CF183 ] C:\Windows\System32\WinSCard.dll
16:01:03.0947 0x0c70 C:\Windows\System32\WinSCard.dll - ok
16:01:03.0967 0x0c70 [ D1A84F7D4CAFCFE2A32149FF418056E5, 1BF29E5E1C541F36DEDCD0DDCCCA0F35D19E94D2655055EE2477439940BAAFF1 ] C:\Windows\System32\nlaapi.dll
16:01:03.0967 0x0c70 C:\Windows\System32\nlaapi.dll - ok
16:01:03.0977 0x0c70 [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] C:\Windows\System32\gpsvc.dll
16:01:03.0977 0x0c70 C:\Windows\System32\gpsvc.dll - ok
16:01:03.0987 0x0c70 [ 57418956DDAE128D1023C508E7D07071, 94C77D511983CD139D909C3E157BA5DF579EB3D559C58CB69517B8895D591034 ] C:\Windows\System32\PSHED.DLL
16:01:03.0987 0x0c70 C:\Windows\System32\PSHED.DLL - ok
16:01:04.0007 0x0c70 [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] C:\Windows\System32\es.dll
16:01:04.0007 0x0c70 C:\Windows\System32\es.dll - ok
16:01:04.0017 0x0c70 [ 12A1DF1B84FB45A00D47B2CDE2CEEBBA, 66CE19049421B34597E201843577E8299462D9338B87461FDEC477D54C04DD36 ] C:\Windows\System32\shgina.dll
16:01:04.0017 0x0c70 C:\Windows\System32\shgina.dll - ok
16:01:04.0027 0x0c70 [ 409F36C8BD06FCE184631EB4142B009A, 5DEEA3B8937B9C3DD716060819E78A1C12AD00A7D0EC8CB47823B7EE856CCFE1 ] C:\Windows\System32\atl.dll
16:01:04.0027 0x0c70 C:\Windows\System32\atl.dll - ok
16:01:04.0037 0x0c70 [ 70932D6C3D59B416CBD2BE5A3B3D4BE6, E2590A9E0343B5FE5CB68AFFB33D3DD5320002A5228B6316FC71468BABD19DC8 ] C:\Windows\System32\shacct.dll
16:01:04.0037 0x0c70 C:\Windows\System32\shacct.dll - ok
16:01:04.0047 0x0c70 [ 7DACD94118E2D8B6D72F47ADEB0367BF, 6467DE36C7DB6502AF17210148194F16BE76A9BA793105FAC763536CC14CE693 ] C:\Windows\System32\propsys.dll
16:01:04.0047 0x0c70 C:\Windows\System32\propsys.dll - ok
16:01:04.0067 0x0c70 [ A7F8BAD9590ADDC425B4003E94780DFA, 52F742BA0DF75CBD3625808FC38119C3F417A074AB65C6CC2B07610168D89CB7 ] C:\Windows\System32\drivers\spsys.sys
16:01:04.0067 0x0c70 C:\Windows\System32\drivers\spsys.sys - ok
16:01:04.0077 0x0c70 [ 6836D001FC733F205ACB80A7986CB6C9, C56ACEBA2597649BE1C5D00407C57FC8A9D5F9715491884E5DB0D58940CFEB34 ] C:\Windows\System32\WindowsCodecs.dll
16:01:04.0077 0x0c70 C:\Windows\System32\WindowsCodecs.dll - ok
16:01:04.0107 0x0c70 [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] C:\Windows\System32\uxsms.dll
16:01:04.0107 0x0c70 C:\Windows\System32\uxsms.dll - ok
16:01:04.0117 0x0c70 [ D5CF1536137026ACDED95BF6CBF849F6, 1F98483A28319F06716F4EC4E1F48DE3B2DC07783D6406EED9B4DBADC9C17E65 ] C:\Windows\System32\WUDFPlatform.dll
16:01:04.0117 0x0c70 C:\Windows\System32\WUDFPlatform.dll - ok
16:01:04.0127 0x0c70 [ 8269CC01940A202BBB9FDF26705DBD67, 70DAB5CBEB5B2855784A9F6E3A52FD36C6FE18415FB01176481F85AEF5B3E67B ] C:\Windows\System32\hid.dll
16:01:04.0127 0x0c70 C:\Windows\System32\hid.dll - ok
16:01:04.0147 0x0c70 [ 7EC42EC12A4BAC14BCCA99FB06F2D125, 6C4761B6727430D11D463C2E3BD0202755BE6598F3585A2B4B8E24DBA6A2EF7B ] C:\Windows\System32\drivers\elagopro.sys
16:01:04.0147 0x0c70 C:\Windows\System32\drivers\elagopro.sys - ok
16:01:04.0157 0x0c70 [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] C:\Windows\System32\drivers\lltdio.sys
16:01:04.0157 0x0c70 C:\Windows\System32\drivers\lltdio.sys - ok
16:01:04.0217 0x0c70 [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] C:\Windows\System32\drivers\nwifi.sys
16:01:04.0217 0x0c70 C:\Windows\System32\drivers\nwifi.sys - ok
16:01:04.0247 0x0c70 [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] C:\Windows\System32\drivers\ndisuio.sys
16:01:04.0247 0x0c70 C:\Windows\System32\drivers\ndisuio.sys - ok
16:01:04.0287 0x0c70 [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] C:\Windows\System32\drivers\rspndr.sys
16:01:04.0297 0x0c70 C:\Windows\System32\drivers\rspndr.sys - ok
16:01:04.0327 0x0c70 [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] C:\Windows\System32\dnsrslvr.dll
16:01:04.0327 0x0c70 C:\Windows\System32\dnsrslvr.dll - ok
16:01:04.0357 0x0c70 [ 3AB4023CBD406AC33AB8CDFF6C8079A0, BEAC47A3930E7E0A38540DAD16C934A45CD129251C621B1334715CF8FB6073CA ] C:\Windows\System32\eapphost.dll
16:01:04.0357 0x0c70 C:\Windows\System32\eapphost.dll - ok
16:01:04.0367 0x0c70 [ 3B0489DE8CC3058B48471660C60A7B75, A4EE12ACE2EB2E48E0D40A8845E3DCE8CF5A9D07EF29EE38F25A7F5BE3566919 ] C:\Windows\System32\rastls.dll
16:01:04.0367 0x0c70 C:\Windows\System32\rastls.dll - ok
16:01:04.0387 0x0c70 [ 82A79D5BE740D0AE9C91AA6DE4B3AC5A, C7E9FB7FE06626931A64846AE628655FC5469D840E42315E5E70C89810E622B3 ] C:\Windows\System32\raschap.dll
16:01:04.0387 0x0c70 C:\Windows\System32\raschap.dll - ok
16:01:04.0407 0x0c70 [ E45051C374F845EDF3DB02A35BA13193, A42F9E45F7B6733AE4FB9A10E8CEB30508CAE94AC0CFC4CDF352AC2D153A0957 ] C:\Windows\System32\umb.dll
16:01:04.0417 0x0c70 C:\Windows\System32\umb.dll - ok
16:01:04.0427 0x0c70 [ 3727F8B85E24BBDD325BFF75F029DDE3, 18772D32845D44D36A6257379942952B301CF8357B1C7A55387A4F2661CE3FBA ] C:\Windows\System32\wlanmsm.dll
16:01:04.0427 0x0c70 C:\Windows\System32\wlanmsm.dll - ok
16:01:04.0437 0x0c70 [ 4662AF853DFAD5648CE3814E7D9EF3D6, 47AF7FAA6378FC1484521465EF3258E55530ADEF880454EA523B03B302166268 ] C:\Windows\System32\wlansec.dll
16:01:04.0437 0x0c70 C:\Windows\System32\wlansec.dll - ok
16:01:04.0447 0x0c70 [ B64AC7967D6B9FB2D6152AC768A1CB88, D4F46C3DCAE8A7578102961285BB90BFE1BDE31028CC56E2CEFE0DE8FF32FB85 ] C:\Windows\System32\onex.dll
16:01:04.0447 0x0c70 C:\Windows\System32\onex.dll - ok
16:01:04.0487 0x0c70 [ 9D9FFC923FADBB575E0452EA0BBB15BD, 700A292EFEC71EDF2EF7F20D147F6E23E0FAA5BAF1D930CB96C40FC70D206D35 ] C:\Windows\System32\eappprxy.dll
16:01:04.0487 0x0c70 C:\Windows\System32\eappprxy.dll - ok
16:01:04.0497 0x0c70 [ 5D0FE613570CABE3992F7DBCD68E61D1, 68A6D6DA722E9A5120DE240194F9682ACBB485CEBDD8A6A099AE0E76359302B9 ] C:\Windows\System32\eappcfg.dll
16:01:04.0497 0x0c70 C:\Windows\System32\eappcfg.dll - ok
16:01:04.0517 0x0c70 [ 91D995A67D9447592A1BF21CBC15C628, B9C034997481150E3F6EB0EC83EA30AFE04CFF6B1273AC6EC6795C57DF853C64 ] C:\Windows\System32\wlgpclnt.dll
16:01:04.0517 0x0c70 C:\Windows\System32\wlgpclnt.dll - ok
16:01:04.0527 0x0c70 [ 19FFAD68A02AF1BF0BC336EE26CD6767, C3E6E79A1E6681CE988591F3CADB3F08E37ACAB2D8478A250D9D6881F6C716A6 ] C:\Windows\System32\l2gpstore.dll
16:01:04.0537 0x0c70 C:\Windows\System32\l2gpstore.dll - ok
16:01:04.0547 0x0c70 [ EB2170D0DDF3B2A92506AE16BC524B0B, 95E296024DC16657BA36DB72E7AB774C68A6F8029B2ACB18460FC50E44AE5DA9 ] C:\Windows\System32\wlanutil.dll
16:01:04.0547 0x0c70 C:\Windows\System32\wlanutil.dll - ok
16:01:04.0557 0x0c70 [ BE01E566D1F569AAB32D0335613E1EEA, 997B248BFBDB290206A8496722D6102903634EC0D397694569BC237A681C088F ] C:\Windows\System32\dllhost.exe
16:01:04.0557 0x0c70 C:\Windows\System32\dllhost.exe - ok
16:01:04.0567 0x0c70 [ 1DACD1530C6E58AEAE9F6DE7DA851935, 923C936B935BDCCBE7DD0D6F2921CFA5980FC15F950E29B72E649AC0B9867EB2 ] C:\Windows\System32\shimeng.dll
16:01:04.0567 0x0c70 C:\Windows\System32\shimeng.dll - ok
16:01:04.0587 0x0c70 [ 1E06779EDB55D035DD3F4A2B7432A291, 247E0A741C23D2C9CA1784CECF63211EA0D4ED924CDA866DAA6F51256230BB32 ] C:\Windows\System32\msxml6.dll
16:01:04.0587 0x0c70 C:\Windows\System32\msxml6.dll - ok
16:01:04.0607 0x0c70 [ 3CD1B69551236977918E60F9543C89A2, 75468494E37A0C0CF3F182C49A5B45C92661E2C64491418714B9F347138F8492 ] C:\Windows\System32\AtBroker.exe
16:01:04.0607 0x0c70 C:\Windows\System32\AtBroker.exe - ok
16:01:04.0617 0x0c70 [ 0E135526E9785D085BCD9AEDE6FBCBF9, 75EEA7E5AE90D857B777361A0166F9A82E354F229FD5250AF8738364E6FB45DB ] C:\Windows\System32\userinit.exe
16:01:04.0617 0x0c70 C:\Windows\System32\userinit.exe - ok
16:01:04.0637 0x0c70 [ 9B96F6952186336CC6E3D4E08BE2E0AF, B7DFB14DB60D84062B7E2A2293A4F3F5EF986108EF3C9C1E1CDC284F61981731 ] C:\Windows\System32\dwmapi.dll
16:01:04.0637 0x0c70 C:\Windows\System32\dwmapi.dll - ok
16:01:04.0647 0x0c70 [ CA0B849566776A17F35F0339BE17DFD9, 527FFE08A427703F3620DB7C44E096A7F9D0C88AD1FD8F0623815B7E7D78687A ] C:\Windows\System32\ktmw32.dll
16:01:04.0647 0x0c70 C:\Windows\System32\ktmw32.dll - ok
16:01:04.0657 0x0c70 [ D80C6539C00CB4F5D59066865479C308, 53AC27856FC65361FEA6FDF97A94ABEC530AB81113A64428E9F9F8618DCE6D4B ] C:\Windows\System32\dwmredir.dll
16:01:04.0657 0x0c70 C:\Windows\System32\dwmredir.dll - ok
16:01:04.0687 0x0c70 [ 6BC5FCEF351E4CB5A269C1E84B5A06DA, A5CAB1752E7AB7A37E1F8B943FBBDF6FACAFC228FF6D0321E61D2501D2653BB7 ] C:\Windows\System32\netcfgx.dll
16:01:04.0687 0x0c70 C:\Windows\System32\netcfgx.dll - ok
16:01:04.0717 0x0c70 [ C99403A5B641520DAED0021DDA06F272, 5E337BDA9D4899A7102F35592766F24699F41BE27A18D0EDF4902B27BE9EA0AF ] C:\Windows\System32\milcore.dll
16:01:04.0717 0x0c70 C:\Windows\System32\milcore.dll - ok
16:01:04.0737 0x0c70 [ 2A6A2C09ECC2CB495628E45F1379ECE8, 4E9232EB29AEA58C4EC5B505301F01F62EFB0C1BC5F8B5F9CE1B4C91284FD97D ] C:\Windows\System32\taskcomp.dll
16:01:04.0737 0x0c70 C:\Windows\System32\taskcomp.dll - ok
16:01:04.0747 0x0c70 [ 73FE2E5FA55088A241AA2732F5D387D6, EB8822FD08C0C85441BBE86FE55349BFE2D8297A042249B2934B44121D132CCB ] C:\Windows\System32\wiarpc.dll
16:01:04.0747 0x0c70 C:\Windows\System32\wiarpc.dll - ok
16:01:04.0757 0x0c70 [ D07D4C3038F3578FFCE1C0237F2A1253, 135DD05678C8997B45982D77298DBDD98061C9D4FE43D77866846012EB061A04 ] C:\Windows\explorer.exe
16:01:04.0757 0x0c70 C:\Windows\explorer.exe - ok
16:01:04.0767 0x0c70 [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] C:\Windows\System32\drivers\http.sys
16:01:04.0767 0x0c70 C:\Windows\System32\drivers\http.sys - ok
16:01:04.0787 0x0c70 [ E79FDA8D320147FDC347C504B3487F87, 7BAF7C9828A285875BCF92EF33E1F0F5A2ED8A25289333985A9428E2913DF3CC ] C:\Windows\System32\spoolss.dll
16:01:04.0787 0x0c70 C:\Windows\System32\spoolss.dll - ok
16:01:04.0807 0x0c70 [ 8AAEEE8E59A70F37579993D118A34EE0, 9DC8618557B0D852EEA1163CF312EB68F8DF42486E4E76A74926CF99DB06AC92 ] C:\Windows\System32\d3d9.dll
16:01:04.0807 0x0c70 C:\Windows\System32\d3d9.dll - ok
16:01:04.0817 0x0c70 [ 3D50C4B10352367D5CB20ED1F50F8DA2, 03C2732F2DF18CE8CC3CB9EBF2F811A2333C96D8BBC9111F6CCE15A09D8E63E6 ] C:\Windows\System32\taskeng.exe
16:01:04.0817 0x0c70 C:\Windows\System32\taskeng.exe - ok
16:01:04.0827 0x0c70 [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] C:\Windows\System32\drivers\srvnet.sys
16:01:04.0827 0x0c70 C:\Windows\System32\drivers\srvnet.sys - ok
16:01:04.0837 0x0c70 [ EE16F3E01C4A6C77383F1BBBD10AD6C2, 204BF3757B362EDBCEC29C0576B7F666D6B9422C72491F4C566B27D20F45A031 ] C:\Windows\System32\FWPUCLNT.DLL
16:01:04.0837 0x0c70 C:\Windows\System32\FWPUCLNT.DLL - ok
16:01:04.0877 0x0c70 [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] C:\Windows\System32\drivers\bowser.sys
16:01:04.0877 0x0c70 C:\Windows\System32\drivers\bowser.sys - ok
16:01:04.0897 0x0c70 [ B11FDCA4410D6252964EF97F9A47DE74, 085EDBF22392265B35F0D8A73B1B5DFC0D1CEB4C3493F11361BF4CF6C2223FC5 ] C:\Windows\System32\TSChannel.dll
16:01:04.0897 0x0c70 C:\Windows\System32\TSChannel.dll - ok
16:01:04.0897 0x0c70 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] C:\Windows\System32\drivers\mpsdrv.sys
16:01:04.0897 0x0c70 C:\Windows\System32\drivers\mpsdrv.sys - ok
16:01:04.0937 0x0c70 [ 58F0BC29B0E19A8397ABD5FB8472EB7D, 642C000C27EF9BC0DFE7ADA8045C4127365ECD1BA6F0BFBD336522AAB0170A4A ] C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
16:01:04.0937 0x0c70 C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe - ok
16:01:04.0987 0x0c70 [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] C:\Windows\System32\MPSSVC.dll
16:01:04.0987 0x0c70 C:\Windows\System32\MPSSVC.dll - ok
16:01:04.0997 0x0c70 [ 167AC31450C0C53A01FA1491E94D7678, 951744503EF72C6D6DC49720C4E6E65DC1DBB9C8252C89FEE18B396E2ED67EA5 ] C:\Windows\System32\shdocvw.dll
16:01:04.0997 0x0c70 C:\Windows\System32\shdocvw.dll - ok
16:01:05.0017 0x0c70 [ CD6DA5770CAE9D5E6E86722E17B442E0, 9F0EE70460FFA43E869C3821F0AF6646D97E0F463A87B50B167ECAD44DF2E523 ] C:\Windows\System32\d3d8thk.dll
16:01:05.0017 0x0c70 C:\Windows\System32\d3d8thk.dll - ok
16:01:05.0027 0x0c70 [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] C:\Windows\System32\drivers\mrxsmb.sys
16:01:05.0027 0x0c70 C:\Windows\System32\drivers\mrxsmb.sys - ok
16:01:05.0047 0x0c70 [ 784485B6BF7F0156D3CF64E8A91D1CE6, E0E15D6207FDB53292E48C7B09F18DE35E376EA1963FBE2D438A7724E8029786 ] C:\Windows\System32\igdumd32.dll
16:01:05.0047 0x0c70 C:\Windows\System32\igdumd32.dll - ok
16:01:05.0047 0x0c70 [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] C:\Windows\System32\drivers\mrxsmb10.sys
16:01:05.0047 0x0c70 C:\Windows\System32\drivers\mrxsmb10.sys - ok
16:01:05.0067 0x0c70 [ 0745D6EAD386710110817FBEC03F5161, FF725C5361087985973BA21DF9BD37B96377CB3305B8BBA99DD3368D440CEAD1 ] C:\Windows\System32\wfapigp.dll
16:01:05.0067 0x0c70 C:\Windows\System32\wfapigp.dll - ok
16:01:05.0087 0x0c70 [ 5F1DEC3824E566457F53F24F493FEF08, 8ED9B269E5195BD11FF7ED6EBBC19FA32027AD068DF357660C9E5084922329B5 ] C:\Windows\System32\mscms.dll
16:01:05.0087 0x0c70 C:\Windows\System32\mscms.dll - ok
16:01:05.0117 0x0c70 [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] C:\Windows\System32\drivers\mrxsmb20.sys
16:01:05.0117 0x0c70 C:\Windows\System32\drivers\mrxsmb20.sys - ok
16:01:05.0137 0x0c70 [ 4504819D18FAC09B6108D8728467E5B2, 46736DE57B2A0592BE1DC53B337A607C8962C305F678E5899D5734D3D4630135 ] C:\Windows\System32\browseui.dll
16:01:05.0137 0x0c70 C:\Windows\System32\browseui.dll - ok
16:01:05.0157 0x0c70 [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] C:\Windows\System32\drivers\srv2.sys
16:01:05.0157 0x0c70 C:\Windows\System32\drivers\srv2.sys - ok
16:01:05.0197 0x0c70 [ 1311171CF8F6D2954441EF2A42693035, 516FFF8E8DCEE409EF525276EAEB62DB67BA63448D9ED4B53F412F70A587799C ] C:\Windows\System32\WsmRes.dll
16:01:05.0197 0x0c70 C:\Windows\System32\WsmRes.dll - ok
16:01:05.0217 0x0c70 [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] C:\Windows\System32\drivers\srv.sys
16:01:05.0217 0x0c70 C:\Windows\System32\drivers\srv.sys - ok
16:01:05.0227 0x0c70 [ A324D72A06C110152E7607745F39BFA1, 7E33A108B090840FC98953358216A1D84C122D965E37B37335B0EF6152CA9FC0 ] C:\Windows\System32\netmsg.dll
16:01:05.0227 0x0c70 C:\Windows\System32\netmsg.dll - ok
16:01:05.0247 0x0c70 [ E230F3776F373F4C5E788794B53101E4, 5E1B28C8A0EC67F1EC720AC7800021288A69B4E13C5DF3603EC4FCCDBE42DAFA ] C:\Windows\System32\plasrv.exe
16:01:05.0247 0x0c70 C:\Windows\System32\plasrv.exe - ok
16:01:05.0307 0x0c70 [ 452341E471D2D961229DFE0842957272, 43C3DEEFCD27F10DCFF81D8637EBDE5050ADC3E530A5DCC459D1CFF80BFD0067 ] C:\Windows\System32\sscore.dll
16:01:05.0307 0x0c70 C:\Windows\System32\sscore.dll - ok
16:01:05.0327 0x0c70 [ D333058925CE305E39DE8D5AD2B52A46, 29E40E6DCAB4F3559B34A848AEDA34B5D436C9167565856451028DE25A529EDF ] C:\Windows\System32\clusapi.dll
16:01:05.0327 0x0c70 C:\Windows\System32\clusapi.dll - ok
16:01:05.0337 0x0c70 [ 6468C3FF6D0C7874FA8C619AF3E23B22, 2A8A01D5164453544A9DD1B850C24B82EFE6ACAABED56084B8A0388AC383802B ] C:\Windows\System32\activeds.dll
16:01:05.0337 0x0c70 C:\Windows\System32\activeds.dll - ok
16:01:05.0417 0x0c70 [ E9B9C1B98C8D6D48407E1C1203EAC659, A7B836B37935475E7D7277F9A7828E347B2EBD14958836499E5610AC5A922265 ] C:\Windows\System32\adsldpc.dll
16:01:05.0417 0x0c70 C:\Windows\System32\adsldpc.dll - ok
16:01:05.0427 0x0c70 [ 93E317D7AD783D8EAEE2E3500BFE889D, 12D3ACCBF470E025EEBD77CF3407964950DADCF6991959A97B5319A9FAE219C1 ] C:\Windows\System32\credui.dll
16:01:05.0427 0x0c70 C:\Windows\System32\credui.dll - ok
16:01:05.0477 0x0c70 [ B9F3FF52B84FD9E3CAFB29B8EE385E5B, 3944E3C0FCD8E927A8A6470D8A603C96D298695AE62831DBE6DA656C5D74EC05 ] C:\Windows\System32\resutils.dll
16:01:05.0477 0x0c70 C:\Windows\System32\resutils.dll - ok
16:01:05.0487 0x0c70 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
16:01:05.0487 0x0c70 C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
16:01:05.0507 0x0c70 [ 14E4470BF8ACA69A85D741BA99F75F96, B9DA437B42D56FAF29EF8227A22D842A852F80D5611E114E27FC8A3864E6DEA5 ] C:\Windows\System32\EhStorShell.dll
16:01:05.0507 0x0c70 C:\Windows\System32\EhStorShell.dll - ok
16:01:05.0527 0x0c70 [ 111C47816F39A91EAAA18DA0A54E8E63, 6910253AA5DFD7E2656C65B7227E7D546648D6C55600552D79FA275D0331AA00 ] C:\Windows\System32\imageres.dll
16:01:05.0567 0x0c70 C:\Windows\System32\imageres.dll - ok
16:01:05.0577 0x0c70 [ 7A623F6B4C51F6F2BC1A31D5787FC0A7, 673A7F086251CC5CB6473BC392A7572566F58A11F4DE1B8D7B3C281A1A5AE11C ] C:\Windows\System32\uDWM.dll
16:01:05.0577 0x0c70 C:\Windows\System32\uDWM.dll - ok
16:01:05.0587 0x0c70 [ CDBE9690CF2B8409FACAD94FAC9479C9, 8E7FE1A1F3550C479FFD86A77BC9D10686D47F8727025BB891D8F4F0259354C8 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
16:01:05.0587 0x0c70 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
16:01:05.0617 0x0c70 [ 1CB677BF1DABD3BAF4F944E2C90D6C73, 099466E899BB7BA176C42DB15D0D4946DC15845CA051BDACF3BE767157AB90BD ] C:\Windows\System32\agrsmsvc.exe
16:01:05.0617 0x0c70 C:\Windows\System32\agrsmsvc.exe - ok
16:01:05.0627 0x0c70 [ A8AA9D47F971570A5162B862B80F87E8, D33A9A2B7838288E99B56B95A10E6B62E4EFF973CF7FFA0073CC2A9145C0E11D ] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
16:01:05.0627 0x0c70 C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe - ok
16:01:05.0637 0x0c70 [ C2DF2E3C676414D6F8C8F35F0EA46C60, 0D1BB71306D0C103A5B55A1C5CDBC7B93F72FEA24BFA1BDA5C7AEBC1D27C4362 ] C:\Windows\System32\AstSrv.exe
16:01:05.0637 0x0c70 C:\Windows\System32\AstSrv.exe - ok
16:01:05.0657 0x0c70 [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] C:\Program Files\Google\Update\GoogleUpdate.exe
16:01:05.0657 0x0c70 C:\Program Files\Google\Update\GoogleUpdate.exe - ok
16:01:05.0667 0x0c70 [ 47CCA447C98AA4258EC43C924A883A45, 98E4C1AC4CB59E361E09B5DB04A88483F807F53B7EEED32BA27E77D281D5AE4E ] C:\Windows\System32\atashost.exe
16:01:05.0667 0x0c70 C:\Windows\System32\atashost.exe - ok
16:01:05.0757 0x0c70 [ 782C8019C89920A77B1907AD3B4C8FF9, B38C1B9C022B2B2CCC860845ABC7CE2803A251477D07F1DE7B7F7AAB02376EDB ] C:\Windows\System32\HotStartUserAgent.dll
16:01:05.0757 0x0c70 C:\Windows\System32\HotStartUserAgent.dll - ok
16:01:05.0777 0x0c70 [ 57125869A7B9638A5D11DD685AA65EB4, ADDEA7198DD1586D1D4E4DC1091369BC5702CED5E4FF8A0B42A06626D8DA28D7 ] C:\Windows\System32\PlaySndSrv.dll
16:01:05.0777 0x0c70 C:\Windows\System32\PlaySndSrv.dll - ok
16:01:05.0787 0x0c70 [ 43E1054C713C48D252A1826C5E14AACA, 46B6A5011EC63F1B8DDC6A2BE013C2BBB59B81310644766C609CAAF4B9A18278 ] C:\Windows\System32\MsCtfMonitor.dll
16:01:05.0787 0x0c70 C:\Windows\System32\MsCtfMonitor.dll - ok
16:01:05.0807 0x0c70 [ 4C867B62F6100C107A3A8F5E7A10461D, 890A90A16B0ED6B2F5EE16B140C22586B2068389CAF25F630B11CAAC336D7007 ] C:\Program Files\Spybot - Search & Destroy 2\rtl150.bpl

**blueskygal** · 2014-07-12, 01:38

16:01:05.0807 0x0c70 C:\Program Files\Spybot - Search & Destroy 2\rtl150.bpl - ok
16:01:05.0827 0x0c70 [ C6DA42ADA0C5FC8CB05744229D632B47, 1C0FFD6B1CB0C72DF079F279E24243D2617F37D9DD5142140C3AB5AA3E4647BD ] C:\Windows\System32\msutb.dll
16:01:05.0827 0x0c70 C:\Windows\System32\msutb.dll - ok
16:01:05.0857 0x0c70 [ 77E585EDD4C7EB7AB2ACC36BC1DC32A5, 57BF4D683CA66AAC2A4B7FEDF9F7FB254860BE77E1F4A6DD2C40410783B5C113 ] C:\Program Files\Google\Update\1.3.24.15\goopdate.dll
16:01:05.0857 0x0c70 C:\Program Files\Google\Update\1.3.24.15\goopdate.dll - ok
16:01:05.0867 0x0c70 [ 293C5CCD99D332ECC94637FEDA38D1F2, A220C2F2F2C2075B724EFBD15A3F354824859AE28C3A548E76306DD6AE1FB723 ] C:\Windows\System32\TMM.dll
16:01:05.0867 0x0c70 C:\Windows\System32\TMM.dll - ok
16:01:05.0877 0x0c70 [ C82162949BBA6CC5D006C7BD008F3CF1, 635E5B5C5AF3ACECA6115DAC8E576390B258C6590EE9727DB6FA68B13FD85297 ] C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
16:01:05.0877 0x0c70 C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe - ok
16:01:05.0897 0x0c70 [ 2B30E34B957EC1B1C38F30AB87BF790E, 6EA7AFCEB64AFC94B5E44410015574D16FBE5609C393F1D809F19434370F2762 ] C:\Program Files\Toshiba\ConfigFree\NDSAPI.dll
16:01:05.0897 0x0c70 C:\Program Files\Toshiba\ConfigFree\NDSAPI.dll - ok
16:01:05.0907 0x0c70 [ 9B1A6646F87ACABD82039A38C18E6B19, ECCC360606D9FB4202E2396AF818CAD5800E4575B0F9F7C92EBE48C13444CB29 ] C:\Program Files\Toshiba\ConfigFree\CFWlApi.dll
16:01:05.0907 0x0c70 C:\Program Files\Toshiba\ConfigFree\CFWlApi.dll - ok
16:01:05.0917 0x0c70 [ 17C0E094BEE5BC03CF491972F71AA6EF, 801E500A8B3C6DC7881E1C26AD3AFF4D105D5F2C8F58AFED84EF1A101F3AC10A ] C:\Windows\System32\wlanapi.dll
16:01:05.0917 0x0c70 C:\Windows\System32\wlanapi.dll - ok
16:01:05.0937 0x0c70 [ 60CAA8A76E0E101F4F42AA6598CA53F4, 9AEC03522F7B81A5574EE9B6144736B116B8F94D35C9A2AA4FAFEAE9BEF15C31 ] C:\Program Files\IObit\Advanced SystemCare 6\Monitor.exe
16:01:05.0937 0x0c70 C:\Program Files\IObit\Advanced SystemCare 6\Monitor.exe - ok
16:01:05.0937 0x0c70 [ 2A356FA2650E30E139F0476979548BF6, C11BC218A72A6978E0590FD09CC0EDD8800B497441777F2A282DAF8F14F5AB76 ] C:\Program Files\Real\RealUpgrade\realupgrade.exe
16:01:05.0937 0x0c70 C:\Program Files\Real\RealUpgrade\realupgrade.exe - ok
16:01:05.0957 0x0c70 [ BDE89AB6F15F0093A2A7861D1FC413ED, CDD703B147DD2B49FB4DD3EF8E8E97A9496782462AF8D65AC70D3075E4E0514A ] C:\Windows\System32\QAGENT.DLL
16:01:05.0957 0x0c70 C:\Windows\System32\QAGENT.DLL - ok
16:01:05.0977 0x0c70 [ 1F5AFD468EB5E09E9ED75A087529EAB5, 8204DBCC054C1E54B6065BACB78C55716681AD91759E25111B4E4797E51D0AA3 ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll
16:01:05.0977 0x0c70 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll - ok
16:01:05.0987 0x0c70 [ C9564CF4976E7E96B4052737AA2492B4, C3AC989C8489A23BB96400B1856F5325FFC67E844F04651EA5D61BC20A991C6D ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
16:01:05.0987 0x0c70 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
16:01:06.0017 0x0c70 [ 455727C2E04F1E967AD2DC0FEA9DB830, 8D7CE72CB34C64ED45FC0478B79DEAC5BFB9B10BC5C8C05397A40B84CFE99DEC ] C:\Program Files\Toshiba\ConfigFree\IpAdrSet.dll
16:01:06.0017 0x0c70 C:\Program Files\Toshiba\ConfigFree\IpAdrSet.dll - ok
16:01:06.0027 0x0c70 [ 769D027B977CED05658C85E698D3C5B1, AD17B98BC2E2CEA59CC603264F171098AE77F16B7E9C61080F7E2DC50EE74637 ] C:\Windows\System32\QUTIL.DLL
16:01:06.0027 0x0c70 C:\Windows\System32\QUTIL.DLL - ok
16:01:06.0047 0x0c70 [ 2DD6AF8E97F59C9D39329BBC2A81F13F, 53D9DD827F010DFC555C330296B552276E2F0DB2ECFFB9578FA92F4D4DD77945 ] C:\Windows\System32\rasdlg.dll
16:01:06.0047 0x0c70 C:\Windows\System32\rasdlg.dll - ok
16:01:06.0057 0x0c70 [ 3606CE1AC3D6A9A9CB7DB35D7F5C54EC, 220911A88EF333BAC01062CC9E83566DBC12B1564D5B58C3A8A039DFDFDB7C6C ] C:\Windows\System32\shfolder.dll
16:01:06.0057 0x0c70 C:\Windows\System32\shfolder.dll - ok
16:01:06.0067 0x0c70 [ 401DFFDBBBD3F07C747ED1AE2BB88106, 596B0CDB80274D52BD631605FD74030DF1579AD7CF8CB209CB3983FEF3675114 ] C:\Windows\System32\msi.dll
16:01:06.0067 0x0c70 C:\Windows\System32\msi.dll - ok
16:01:06.0087 0x0c70 [ D9AF104F7E21FA859EFA3C67E5522E88, F821D0A103BCEF48ABECE5EF52F5B48DE19351B196EDCD2A2B1D48DA94A83443 ] C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl
16:01:06.0087 0x0c70 C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl - ok
16:01:06.0107 0x0c70 [ 412C0E1B515AB44F45037CD495D6A1BE, CAEC37D8D0C0CA95085A6C7458AC7634BA3454CA4E510ECB0C28AD77570CC0AC ] C:\Windows\System32\igfxTMM.dll
16:01:06.0117 0x0c70 C:\Windows\System32\igfxTMM.dll - ok
16:01:06.0127 0x0c70 [ 08578F3CA5365F896D90CE2BF97FD000, B081E6B39D69141B3AD31E127DA18756EBB68F47E649635D78D45B25EBDC2511 ] C:\Windows\System32\IconCodecService.dll
16:01:06.0127 0x0c70 C:\Windows\System32\IconCodecService.dll - ok
16:01:06.0257 0x0c70 [ 9A6A653ADF28D9D69670B48F535E6B90, 72351645184693A879CFF7FD171A182F24B7F72EA313E8D42F2744D0421FE188 ] C:\Windows\System32\runonce.exe
16:01:06.0257 0x0c70 C:\Windows\System32\runonce.exe - ok
16:01:06.0327 0x0c70 [ 4DF066ECEE5A7B20BF8B39EF4D646600, CA1859155E0187388E3C774B796A27B773C026E4D06C9193EF6B23C6990E4E8E ] C:\Windows\System32\wdmaud.drv
16:01:06.0327 0x0c70 C:\Windows\System32\wdmaud.drv - ok
16:01:06.0347 0x0c70 [ 56E315ACFB08A177B4D01E42B9044DB5, 230B5AC4EB6654C854046CD210A80929345AA5D049EFA7C329048723A3A32345 ] C:\Windows\System32\mprapi.dll
16:01:06.0347 0x0c70 C:\Windows\System32\mprapi.dll - ok
16:01:06.0367 0x0c70 [ 74F26FC01B180D4A99A168ED69C30A53, D2FD623D70340F650BFAC8C31102E1B9168FE1750C141A23ACCC1A21F9F93A94 ] C:\Windows\System32\cmd.exe
16:01:06.0367 0x0c70 C:\Windows\System32\cmd.exe - ok
16:01:06.0387 0x0c70 [ 919CC2A0476D5A6A4C935D4B88E29912, E9884E7565BAA72CEF0B805908B1B78C759074E9402CB5CC563A2F73B875DCBA ] C:\Windows\System32\ksuser.dll
16:01:06.0387 0x0c70 C:\Windows\System32\ksuser.dll - ok
16:01:06.0437 0x0c70 [ 28A09777D2D952122567A8A82F1A2C7B, 772260DF36AE85A0619C51402DE416E0C329976B724C8E9C4F8C013CBB7C7289 ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll
16:01:06.0437 0x0c70 C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll - ok
16:01:06.0457 0x0c70 [ 7258434974EA735725FD2D4A65C5E821, 4D4BCEEDAA3B293B599CED5777E3695C8B1A07805FE84223A72A5785CA68E6F4 ] C:\Windows\System32\AudioSes.dll
16:01:06.0457 0x0c70 C:\Windows\System32\AudioSes.dll - ok
16:01:06.0467 0x0c70 [ DFEABB7CFFFADEA4A912AB95BDC3177A, 9A93956CF826F419ACB2B3CA8809917E345ACFD43B102EAB18DB46F49859D1C7 ] C:\Windows\System32\drivers\elaunidr.sys
16:01:06.0467 0x0c70 C:\Windows\System32\drivers\elaunidr.sys - ok
16:01:06.0477 0x0c70 [ 114CF6C8F5897162DFC00A7C920DDF16, CEBD61BFB33DE3543FCBB3C52A44ABBA24AD531E9DA1CEF6C768C27E7D6C087D ] C:\Program Files\IObit\Advanced SystemCare 6\madexcept_.bpl
16:01:06.0477 0x0c70 C:\Program Files\IObit\Advanced SystemCare 6\madexcept_.bpl - ok
16:01:06.0487 0x0c70 [ 4CFC2D1810769682E60D002AFC33B0E6, 5A7D8006429A426E7898EF8D3184016BE007619B0CF311F734A8529DE374F16F ] C:\Windows\System32\lxcjcoms.exe
16:01:06.0487 0x0c70 C:\Windows\System32\lxcjcoms.exe - ok
16:01:06.0497 0x0c70 [ 52E129522C1775DBB8CC252E7A0655C7, 5A3946551605380998FB83EBF6DC88279876F968754A0DFB9D5D91C906228E2A ] C:\Windows\System32\taskschd.dll
16:01:06.0497 0x0c70 C:\Windows\System32\taskschd.dll - ok
16:01:06.0547 0x0c70 [ E7D0F91E44D9D3B2116FA549BDCDB756, 96363C567D7BAE7F8D3DE763AF84A1DDD6F2B0B7C790FD1CC3D5D0197E64868F ] C:\Windows\System32\wdscore.dll
16:01:06.0547 0x0c70 C:\Windows\System32\wdscore.dll - ok
16:01:06.0567 0x0c70 [ DB7F4AB85298F3FE522C5512B8B0F56D, A659963B55DBF26657920B718E6598F0B64975B292BA9AB5FCFB4485B5CF9DDF ] C:\Windows\System32\AudioEng.dll
16:01:06.0567 0x0c70 C:\Windows\System32\AudioEng.dll - ok
16:01:06.0577 0x0c70 [ 17FC3EDA0162F513E858B8C8FA7FA6E0, 6A1EE9DA1AB4A038258B6343E28C6F288AAFBBF3075C88BFBADB98C763F906AC ] C:\Windows\System32\vssapi.dll
16:01:06.0587 0x0c70 C:\Windows\System32\vssapi.dll - ok
16:01:06.0667 0x0c70 [ AD48183027CAFCEBC322CB9CAC60F9B8, 08ABF5E3E8ABAFEC30C97B59711DB1094A1A7C515B161856547FEFF95397C4B6 ] C:\Windows\System32\WSDApi.dll
16:01:06.0667 0x0c70 C:\Windows\System32\WSDApi.dll - ok
16:01:06.0687 0x0c70 [ F86293D93760C70ADF4F19E66E3FA5E8, 444C1B9321D40A0EAB29BBBE72E400A47384D5ED60531441F7D0CDDFFB0244D2 ] C:\Windows\System32\httpapi.dll
16:01:06.0687 0x0c70 C:\Windows\System32\httpapi.dll - ok
16:01:06.0707 0x0c70 [ 166F004D73EA2CF4AC61800CA469458D, 7C1D83DC49505E452D7AFD843312B1B197BBB613D604BFF41FD4235B06F24EF3 ] C:\Windows\System32\msacm32.drv
16:01:06.0707 0x0c70 C:\Windows\System32\msacm32.drv - ok
16:01:06.0757 0x0c70 [ 4EDA94333BDB75B1BC0A7610BED34F00, 093FBB55253B8B4168D64DC0518D812C90D6BCFBB2DFA5A441BF339F3634FF84 ] C:\Windows\System32\fundisc.dll
16:01:06.0757 0x0c70 C:\Windows\System32\fundisc.dll - ok
16:01:06.0777 0x0c70 [ D1844AD9D6D4AE52B7C76D1610C5E22E, 27EC99FBEC994381D1F19C98B8CC352728708B109F66638A3A2C6F8F2C30961C ] C:\Windows\System32\lxcjserv.dll
16:01:06.0777 0x0c70 C:\Windows\System32\lxcjserv.dll - ok
16:01:06.0847 0x0c70 [ 1DFC366D2154EF2B381A7F2CB165C7F4, BE21632FD644AEFD6B608E7098F73705F82B65CBFD0FCE93C0AF2BF9DE02E063 ] C:\Windows\System32\diagperf.dll
16:01:06.0847 0x0c70 C:\Windows\System32\diagperf.dll - ok
16:01:06.0867 0x0c70 [ BDBB449425991154135E5ED1559927E6, C89AE8DD76EC8F669B5FFA9F8CBB4531743D3E1D8975B416EF2CB5AB35DB4EF2 ] C:\Windows\System32\msacm32.dll
16:01:06.0867 0x0c70 C:\Windows\System32\msacm32.dll - ok
16:01:06.0877 0x0c70 [ 83199EF88D691E730B80666E29F90D58, A7D3E5CA5AE7308201159A25BE59C0A90C079F88F0D588BEA7CE98BBD2838FB0 ] C:\Windows\System32\midimap.dll
16:01:06.0877 0x0c70 C:\Windows\System32\midimap.dll - ok
16:01:06.0917 0x0c70 [ D0D44370770D491E6BA472C855883422, 53DF6D40663F5FDF0C20D5561C64CC6C25876593C74F34B6275FA215BFA7CE44 ] C:\Windows\System32\msxml3.dll
16:01:06.0917 0x0c70 C:\Windows\System32\msxml3.dll - ok
16:01:06.0937 0x0c70 [ D922592AB65C5D9B88B30B4510A3464E, E6226CFD77C6DDAE5737C4CC6F8B347DF474CF8DFD93E32ABE6AE63D9AB0A586 ] C:\Windows\System32\cscapi.dll
16:01:06.0937 0x0c70 C:\Windows\System32\cscapi.dll - ok
16:01:06.0947 0x0c70 [ DC3AE9F1554DCD97F90983DDBDACD83D, 9D3B4E273FDDA77B5B8A258525FA44616C184E58CE1312B47512AAAD5915E073 ] C:\Windows\System32\vsstrace.dll
16:01:06.0947 0x0c70 C:\Windows\System32\vsstrace.dll - ok
16:01:06.0957 0x0c70 [ 4934241CD20AC87D78121352E3BA8318, DACD7A7E0A41B011AD306972876568F27CDCF064EDFF71024BC0D4B595B666A7 ] C:\Windows\System32\dbghelp.dll
16:01:06.0957 0x0c70 C:\Windows\System32\dbghelp.dll - ok
16:01:06.0967 0x0c70 [ 71B479749F0F52C4FEC726C6FFA2CE1C, ED0F1D94620696941E9633F55AC4130EFBDA3B883CA356BB34D268F4FC7F94F1 ] C:\Windows\System32\cryptnet.dll
16:01:06.0967 0x0c70 C:\Windows\System32\cryptnet.dll - ok
16:01:06.0977 0x0c70 [ EC760B0B76A4353DE49D66520EB2141F, ADBF30D100D3837C35695B1ABE3E7EB03FD6B9200B9C1C337325D9E0A3A3ACE4 ] C:\Windows\System32\SensApi.dll
16:01:06.0977 0x0c70 C:\Windows\System32\SensApi.dll - ok
16:01:07.0007 0x0c70 [ 072283EF1720E1F9694357F6E9673898, 9C3F845EA2871D0DCF18F8160142EDB8DB4A4FFC53C99A2B0FE7D51DDD70F2BE ] C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
16:01:07.0007 0x0c70 C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl - ok
16:01:07.0097 0x0c70 [ F4D9ED6BD74AD7CC0BEC83C43A1CB76B, 18F167DEC8464AC42B9C7C2C69638D812C1C2CF867DBF3E833F4B880C26BD1D2 ] C:\Windows\System32\ncsi.dll
16:01:07.0097 0x0c70 C:\Windows\System32\ncsi.dll - ok
16:01:07.0107 0x0c70 [ 1A09CB187440993FA5E24DE1EEB7B916, DE0ABF6A3D7AD303A10E2E114EAA0E8F064EF5298270FC9548028010DBE4FFAC ] C:\Windows\System32\cfgmgr32.dll
16:01:07.0107 0x0c70 C:\Windows\System32\cfgmgr32.dll - ok
16:01:07.0157 0x0c70 [ C484BD3B4EC3B038440832FF1FD85645, EB891E888304B6F43D9DB6132DD3941A0EB4017F47CC223571927A5650A32FB0 ] C:\Program Files\Spybot - Search & Destroy 2\snlBase150.bpl
16:01:07.0157 0x0c70 C:\Program Files\Spybot - Search & Destroy 2\snlBase150.bpl - ok
16:01:07.0167 0x0c70 [ 01BCD91CC2B0EFDA4890F547010750BD, 34B99B58AC2CEC8EF089C9B82D3ADEAD721B32B5F884399E8A9D2252B8AB5C02 ] C:\Windows\System32\ssdpapi.dll
16:01:07.0167 0x0c70 C:\Windows\System32\ssdpapi.dll - ok
16:01:07.0177 0x0c70 [ 4ADF36502EADF4A67101AEFB0A7C393B, 22E1D3341674876DE15CC2DE643293B250AA507C104C597F7319559470BE2307 ] C:\Windows\System32\lxcjinpa.dll
16:01:07.0177 0x0c70 C:\Windows\System32\lxcjinpa.dll - ok
16:01:07.0197 0x0c70 [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] C:\Windows\System32\drivers\PEAuth.sys
16:01:07.0197 0x0c70 C:\Windows\System32\drivers\PEAuth.sys - ok
16:01:07.0207 0x0c70 [ 6306F5C04E4F18E851CCAEA5D58AEE82, 1E291DF6DBBBBA288B7515C20BAAEECBE7A2CCD03BC54FF7E12F7C6A9F369EF0 ] C:\Windows\System32\lxcjiesc.dll
16:01:07.0207 0x0c70 C:\Windows\System32\lxcjiesc.dll - ok
16:01:07.0217 0x0c70 [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] C:\Windows\System32\IPSECSVC.DLL
16:01:07.0217 0x0c70 C:\Windows\System32\IPSECSVC.DLL - ok
16:01:07.0237 0x0c70 [ 96EFEC24346A8EB1157E80523079ADDC, 7F8FC284029856C754E400B6C954369FFE27763C81D8F4AF4E58BFDD44CBC24A ] C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
16:01:07.0237 0x0c70 C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe - ok
16:01:07.0247 0x0c70 [ F58732600FC92413A8B2451FEC5B2FC9, 5869D4CC5A740AE0B2F12E3021433C06A0EC26F1AC7F491C174A6E27B88433CA ] C:\Program Files\IObit\Advanced SystemCare 6\madbasic_.bpl
16:01:07.0247 0x0c70 C:\Program Files\IObit\Advanced SystemCare 6\madbasic_.bpl - ok
16:01:07.0257 0x0c70 [ B653A9F6AF36466E2B839C91DA64F16F, 2D4B9C7E1A14EAD7A4CD77116F659852DE520D5AB8AE6BA844201284C2D90606 ] C:\Program Files\Spybot - Search & Destroy 2\Jcl150.bpl
16:01:07.0257 0x0c70 C:\Program Files\Spybot - Search & Destroy 2\Jcl150.bpl - ok
16:01:07.0277 0x0c70 [ 42608AE9AF2641EE473A1797C25CFFC2, 64FCAEDFAE7B530522A630BD41880180C3B5D78924DF80DC54862A0D666EBA5F ] C:\Windows\System32\FwRemoteSvr.dll
16:01:07.0277 0x0c70 C:\Windows\System32\FwRemoteSvr.dll - ok
16:01:07.0297 0x0c70 [ 06C878A8527BC5829C87AFE85E0605C2, F49672141D288CFED05A3E9E9829980108B1CDDB2612C64524DFB4CDBC47A5D3 ] C:\Windows\System32\lxcjusb1.dll
16:01:07.0297 0x0c70 C:\Windows\System32\lxcjusb1.dll - ok
16:01:07.0317 0x0c70 [ 0E37FBFA79D349D672456923EC5FBBE3, 8793353461826FBD48F25EA8B835BE204B758CE7510DB2AF631B28850355BD18 ] C:\Windows\System32\msvcr100.dll
16:01:07.0317 0x0c70 C:\Windows\System32\msvcr100.dll - ok
16:01:07.0327 0x0c70 [ 93F66FAEA8BF047D4242AC85AADA403D, EAC5EA048B255EA255E120FD8FCF6BC682843E08A57838FB731050A7B9B9EDCC ] C:\Program Files\Roland\Virtual Sound Canvas DXi\RVIEg01.sys
16:01:07.0327 0x0c70 C:\Program Files\Roland\Virtual Sound Canvas DXi\RVIEg01.sys - ok
16:01:07.0337 0x0c70 [ 3C74D9FDB1D9831EC932E89F3D874F00, 193577197D2EE5E91A282B8DF945A1A5459C4D44F8C93F7FD5D67801BEEF988B ] C:\Program Files\Roland\Virtual Sound Canvas VST\RVIEg01VST.sys
16:01:07.0337 0x0c70 C:\Program Files\Roland\Virtual Sound Canvas VST\RVIEg01VST.sys - ok
16:01:07.0347 0x0c70 [ ADBDF381754191B3BE14EA7771ACD29B, A672CF6FD8589CF54D6905B82CF1C861C618C3065571BD7C8416309A7C9F1737 ] C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
16:01:07.0347 0x0c70 C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl - ok
16:01:07.0367 0x0c70 [ 11D94599270AA1603F75CB5ACBBD266F, 950746109BD7AA5BCF2F4320F40CFD268B34CB3DBE6073616B75A5254FE00469 ] C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
16:01:07.0367 0x0c70 C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe - ok
16:01:07.0387 0x0c70 [ AD2C67A381CC7148BB98A66BB04DDF5B, 5AD11D1B1B3E60B79755630712FA70157E3240F09355A6EF9523845E1934251D ] C:\Windows\System32\ieframe.dll
16:01:07.0387 0x0c70 C:\Windows\System32\ieframe.dll - ok
16:01:07.0397 0x0c70 [ 8838B1D35DA190061890A8FED8596EAE, 1975C044E5422DD5164CB0152AA28BF7F1FFBCD6116952306F2634B9716A99A4 ] C:\Program Files\IObit\Advanced SystemCare 6\maddisAsm_.bpl
16:01:07.0397 0x0c70 C:\Program Files\IObit\Advanced SystemCare 6\maddisAsm_.bpl - ok
16:01:07.0407 0x0c70 [ 1A188C66E4C52BA5B8A9A5F24FFA2E02, 7F4C48DADC5C08221A734E2651DDD98811C45BC74C420C26EC24D1B17C89DD16 ] C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
16:01:07.0407 0x0c70 C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl - ok
16:01:07.0427 0x0c70 [ 5422CB64444C33F029483552A8FACE37, D7DE9BF855EA616F066C7FB681FF60C0784AF66C6F6A48706E1A6993B3F7F4BC ] C:\Program Files\Spybot - Search & Destroy 2\vclx150.bpl
16:01:07.0427 0x0c70 C:\Program Files\Spybot - Search & Destroy 2\vclx150.bpl - ok
16:01:07.0437 0x0c70 [ 4AA01BD5CC7DA9888AF33C5FAB5BF1DD, 84065A4C02345363874664D92BDE0F0A04DBD93A444D68929CB2624A659360EF ] C:\Program Files\Spybot - Search & Destroy 2\vclimg150.bpl
16:01:07.0437 0x0c70 C:\Program Files\Spybot - Search & Destroy 2\vclimg150.bpl - ok
16:01:07.0447 0x0c70 [ 4A0C434F611E058B78FFBC9B89C679C4, EAD82E564F2996D1ABD28BCCEDD35F5EF642CDCCBEB391869282D10EE278C2EF ] C:\Program Files\IObit\Advanced SystemCare 6\taskmgr.dll
16:01:07.0447 0x0c70 C:\Program Files\IObit\Advanced SystemCare 6\taskmgr.dll - ok
16:01:07.0467 0x0c70 [ 1CB3C50832603B742F9D068D3508DDEE, 22487D3213A8416B31B93E7383ECF636D26A6EE4480FC0ABC7D2E1D0D0C3C1EA ] C:\Windows\System32\lxcjhbn3.dll
16:01:07.0467 0x0c70 C:\Windows\System32\lxcjhbn3.dll - ok
16:01:07.0477 0x0c70 [ D09E0F39C136E43F67AA36B27FCA5E08, AA64A66D7F0FCCDFD8633F57E14271F5B69BB7A79040A9DE2D5E9B41DD241163 ] C:\Windows\System32\lxcjhcp.dll
16:01:07.0477 0x0c70 C:\Windows\System32\lxcjhcp.dll - ok
16:01:07.0487 0x0c70 [ BC83108B18756547013ED443B8CDB31B, B2AD109C15EAA92079582787B7772BA0A2F034F7D075907FF87028DF0EAEA671 ] C:\Windows\System32\msvcp100.dll
16:01:07.0487 0x0c70 C:\Windows\System32\msvcp100.dll - ok
16:01:07.0507 0x0c70 [ C411C80F90D6732380352B98B37BBD53, FC5A45F208072249CAA1CA9A602FEBAD24A87166628275AC15FE37B7EEF00A40 ] C:\Windows\System32\winrnr.dll
16:01:07.0507 0x0c70 C:\Windows\System32\winrnr.dll - ok
16:01:07.0517 0x0c70 [ 14361FB2FD630988816A4F46AEAF0684, 62444B8B9CF07B281966DD9D22811B67B0F721DE199BCE07C2D3405EAED6B570 ] C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
16:01:07.0517 0x0c70 C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll - ok
16:01:07.0537 0x0c70 [ 7BA5B7DEDE25D44F3E664D5BA067E3CD, 57FEAE599516C86666DDF0F7D9C7368E516D3E73A5CCBC1C667F97916B9FF55A ] C:\Program Files\Internet Explorer\iexplore.exe
16:01:07.0537 0x0c70 C:\Program Files\Internet Explorer\iexplore.exe - ok
16:01:07.0547 0x0c70 [ 397D14958D6C9C2B365469A857B2AC4E, 1465D7DC50A27A2C75FFC477E8A453B0884D1E298F804233483B63A47634B7EA ] C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe
16:01:07.0547 0x0c70 C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe - ok
16:01:07.0557 0x0c70 [ A944A73CEC5921B871542FE5CC5E03E4, CBFAA80631A6A332697494160A7453645478AC535DCF5F72F75C27D3F325CE88 ] C:\Windows\System32\olepro32.dll
16:01:07.0557 0x0c70 C:\Windows\System32\olepro32.dll - ok
16:01:07.0567 0x0c70 [ BA7CC0D3170EB03FA610BA8EA3A01E9D, F23CA5918040C300F5F32D7CFAA8604C8A62EF4E090AAD0E27C7F8161DD656C5 ] C:\Windows\System32\jsproxy.dll
16:01:07.0567 0x0c70 C:\Windows\System32\jsproxy.dll - ok
16:01:07.0577 0x0c70 [ 31C364E11F4F37160AF8716861BB5039, 4269921230F38BEC5FA36BDF4EC0730EB8B77425DDD435A3596744D7E2234D27 ] C:\Program Files\IObit\Advanced SystemCare 6\datastate.dll
16:01:07.0577 0x0c70 C:\Program Files\IObit\Advanced SystemCare 6\datastate.dll - ok
16:01:07.0597 0x0c70 [ D21AB32F16E8DE67D45E5A383B5E52BA, 29870BFD4337A80BE9C96897C59CBBF412971EE67CB65BA9C0622CAD90FA3CB5 ] C:\Program Files\Spybot - Search & Destroy 2\ssleay32.dll
16:01:07.0597 0x0c70 C:\Program Files\Spybot - Search & Destroy 2\ssleay32.dll - ok
16:01:07.0597 0x0c70 [ 9B375BB63F99B113C065A5DB4E632E23, 842627E881B8E4D32CBACFD1C13A640603C2709CAFAFB9AF2A5A2AFD0BB569DE ] C:\Program Files\Spybot - Search & Destroy 2\av\scan.dll
16:01:07.0597 0x0c70 C:\Program Files\Spybot - Search & Destroy 2\av\scan.dll - ok
16:01:07.0617 0x0c70 [ B009D6171147BE129636A49C4178E487, DBAA8C7FDD8F6A55AE10F9E1537CE71283A34920BFAD5CD386BA3EC05C1F4E76 ] C:\Program Files\Spybot - Search & Destroy 2\libeay32.dll
16:01:07.0617 0x0c70 C:\Program Files\Spybot - Search & Destroy 2\libeay32.dll - ok
16:01:07.0627 0x0c70 [ 91A7D4B3CCE541505F783707E4FF2E13, 0B4E678FB80A36755293DF3334705A35CBCC1E939D2836CC18DF794B0CB6053D ] C:\Program Files\Spybot - Search & Destroy 2\SDFileScanLibrary.dll
16:01:07.0627 0x0c70 C:\Program Files\Spybot - Search & Destroy 2\SDFileScanLibrary.dll - ok
16:01:07.0637 0x0c70 [ E0564E0B6D729D7D25B3C3F71CEDEC21, A8D1214580389912C70A40AE271BB2BB10EFD936310C16952AA4586C1180C642 ] C:\Program Files\Real\RealUpgrade\Common\hxmedpltfm.dll
16:01:07.0647 0x0c70 C:\Program Files\Real\RealUpgrade\Common\hxmedpltfm.dll - ok
16:01:07.0657 0x0c70 [ B7363143940197BD9F16FD957B4F8131, 4786BEE09944F4C148A1A3DE3567CBAC72B3A0AD50638C44A62AA4FD7A0A26DE ] C:\Windows\System32\mshtml.dll
16:01:07.0657 0x0c70 C:\Windows\System32\mshtml.dll - ok
16:01:07.0667 0x0c70 [ BC8E5F6AAF447364A6F6A00D3F8FAF29, 72BE1F1F7B6D31F3E98324BBABB49FAC21689A86DC90DB41706000ED56D81C05 ] C:\Windows\System32\srclient.dll
16:01:07.0667 0x0c70 C:\Windows\System32\srclient.dll - ok
16:01:07.0677 0x0c70 [ 43AEF7355D24090CA7C24C83846BD981, 9F7B568C5B1478168B6E3D566B47CD96349575BF9DD854294B3F7E3C40FE0146 ] C:\Windows\System32\spp.dll
16:01:07.0677 0x0c70 C:\Windows\System32\spp.dll - ok
16:01:07.0697 0x0c70 [ D40E7B5FBB8E0EAA7C5C294389AF95AB, 8EFD521DF1F335AF416DEC15D5C0C6538903803AA1A8ED93AA704B384A29876B ] C:\Users\Colleen\AppData\Local\Temp\{924C70D2-1712-450D-999A-DDC2EB101BB8}.exe
16:01:07.0697 0x0c70 C:\Users\Colleen\AppData\Local\Temp\{924C70D2-1712-450D-999A-DDC2EB101BB8}.exe - ok
16:01:07.0707 0x0c70 [ 2D5871BA7E1F5C044E35D3934F273429, 0A6B9E320241C41E9F06A0EB6F8259A511EA5EEECAA4B00B9B55D1D13A93EE91 ] C:\Program Files\Spybot - Search & Destroy 2\SDLicense.dll
16:01:07.0707 0x0c70 C:\Program Files\Spybot - Search & Destroy 2\SDLicense.dll - ok
16:01:07.0717 0x0c70 [ 5CAAE5333EF36DB4A8D294418AB37E80, 0FAC92CDED62CEFDD44B3DC714FC3A453FEAAF44653F3AB75FB5A093A1DA71E9 ] C:\Windows\System32\p2pcollab.dll
16:01:07.0717 0x0c70 C:\Windows\System32\p2pcollab.dll - ok
16:01:07.0727 0x0c70 [ 0DE5BA4CEFB5BC123C45B974A182557D, 65D7ABCD2DC3A18351AF87A57D666C588F31BAD2A1A90BD9BEC41482D1B826C6 ] C:\Program Files\IObit\Advanced SystemCare 6\webres.dll
16:01:07.0727 0x0c70 C:\Program Files\IObit\Advanced SystemCare 6\webres.dll - ok
16:01:07.0737 0x0c70 [ EE9D715AF1B928982F417238B9914484, 89A55A54F4513ECA86DF9442E752F0642D73018B2D5D9F05590789AB1F98B4D0 ] C:\Windows\System32\ieapfltr.dll
16:01:07.0737 0x0c70 C:\Windows\System32\ieapfltr.dll - ok
16:01:07.0747 0x0c70 [ 0740D38A057081D172A5E155468D6F74, 6807DB85B83509EC8B95186CB7BAA12FC9CD93116139021188F2494AE37F3118 ] C:\Program Files\Spybot - Search & Destroy 2\SDLists.dll
16:01:07.0747 0x0c70 C:\Program Files\Spybot - Search & Destroy 2\SDLists.dll - ok
16:01:07.0757 0x0c70 [ 22DC784B32BEE306A99F50D6DC2460BC, 5144BDCEAFC593817545869E82A7D78104F310A8B0188E0EC49648F929F6E1C2 ] C:\Windows\System32\esent.dll
16:01:07.0757 0x0c70 C:\Windows\System32\esent.dll - ok
16:01:07.0767 0x0c70 [ AC6B8F8058EE27932F9AF8A2D959D201, 64DA78BC39DFECCB74584BB795155EF13BE8A0F35C245FA967F38AC633FDD195 ] C:\Windows\System32\msimtf.dll
16:01:07.0767 0x0c70 C:\Windows\System32\msimtf.dll - ok
16:01:07.0777 0x0c70 [ 35AAE2E841AA1A949775168E119482C9, 2457985F6113E565DCEBE58A14C644EAE1397CDB50393C03A2A94F279C053D93 ] C:\Windows\System32\msls31.dll
16:01:07.0777 0x0c70 C:\Windows\System32\msls31.dll - ok
16:01:07.0787 0x0c70 [ E828C391BB999BD85C15DA20B51CDF9C, D6133176C868FEEA16169B4EBFF08A382650844726D21D78577E48C89BC35DD3 ] C:\Windows\System32\d2d1.dll
16:01:07.0787 0x0c70 C:\Windows\System32\d2d1.dll - ok
16:01:07.0797 0x0c70 [ 9BD443B52350D2784544B637F103EBCF, 5E776B7D469A4E7D4CCFD1B0A9340CC4BDDEA10561CFD829D96CD8E30EBCF241 ] C:\Windows\System32\DWrite.dll
16:01:07.0797 0x0c70 C:\Windows\System32\DWrite.dll - ok
16:01:07.0817 0x0c70 [ A7D525E5C0D91C8C1D84C6BCD25AD77D, BD3D51E302587E33901E5995367B6227743D2385F1420E12C712A62063150318 ] C:\Windows\System32\rasadhlp.dll
16:01:07.0817 0x0c70 C:\Windows\System32\rasadhlp.dll - ok
16:01:07.0827 0x0c70 [ 2D90310ED56ED2D6D3735BA8A0A1F1F2, 1CA50A326BC295E7CA3844248D3F7EB131D2AF297E5066B3729BA251DBFF6046 ] C:\Program Files\IObit\Advanced SystemCare 6\AutoSweep.exe
16:01:07.0827 0x0c70 C:\Program Files\IObit\Advanced SystemCare 6\AutoSweep.exe - ok
16:01:07.0837 0x0c70 [ 3F33D9CB732275D87D5E583CF87A6D3A, 9C2CB8909067517FECDE3CF69C01036AF2BC0A3D9BCFE000A361BBFCE22FCB13 ] C:\Program Files\Real\RealUpgrade\Plugins\upgrade.dll
16:01:07.0847 0x0c70 C:\Program Files\Real\RealUpgrade\Plugins\upgrade.dll - ok
16:01:07.0867 0x0c70 [ 73FD66B14D3C4252F7A524B8836A4359, 04656A6290E9DFE79FCCD427FC4BBCF65E5C6B9525953D780FF42966C93468CF ] C:\Windows\System32\mstask.dll
16:01:07.0867 0x0c70 C:\Windows\System32\mstask.dll - ok
16:01:07.0887 0x0c70 [ 6B01DAD4CB6B2BB507A268DD0DFEF04F, 371311A551B89A6051BF46E97A59EC519C0C4132FBD37A20AD27ED315A887CAC ] C:\Windows\System32\igfxdev.dll
16:01:07.0887 0x0c70 C:\Windows\System32\igfxdev.dll - ok
16:01:07.0907 0x0c70 [ C6FD3425B1ADD739B95DC4D661FF4DD3, 310C99B78305F9A0E33C7108477734D81DD9F7AA3C6FB6B735FD19CE939EDB10 ] C:\Windows\System32\PresentationSettings.exe
16:01:07.0907 0x0c70 C:\Windows\System32\PresentationSettings.exe - ok
16:01:07.0927 0x0c70 [ D91D8344E73283999777083BF17D54E2, 018F500DD49A192617E57998A2E9833C5C9EB72A2B186AF25B5CB91329B1E267 ] C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
16:01:07.0927 0x0c70 C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe - ok
16:01:07.0937 0x0c70 [ F4E1AA5D59C849A4AB47E895DC76B9C8, 0C93E63372D619393D9DDD3EFCA2317A6652276A9FDE0530CD2A06135EE6B46D ] C:\Windows\System32\sfc.dll
16:01:07.0937 0x0c70 C:\Windows\System32\sfc.dll - ok
16:01:07.0957 0x0c70 [ 12BCF4DAD8E5A1B3D5FA7AB4A79DA105, 613F0D184E08CBE1FFEEB8F845ADCA79577FB3CF59EA1FEE6B2346D9930763AB ] C:\Windows\System32\sfc_os.dll
16:01:07.0957 0x0c70 C:\Windows\System32\sfc_os.dll - ok
16:01:07.0967 0x0c70 [ C0B8B96D018849FD8CCF15FED84E8782, E107AA4ADE150DC309C39BBF47292E7A7F8DD439FAB30791676BC8A1133B9AFD ] C:\Windows\System32\ie4uinit.exe
16:01:07.0967 0x0c70 C:\Windows\System32\ie4uinit.exe - ok
16:01:07.0977 0x0c70 [ F0FEFB0B5D25A75D478A4317139D937E, CB6EB2891130A410A80F6A1BF0CAC66C429DB7D4ADD0D8484CA4F83D17856441 ] C:\Windows\System32\iedkcs32.dll
16:01:07.0977 0x0c70 C:\Windows\System32\iedkcs32.dll - ok
16:01:07.0987 0x0c70 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] C:\Windows\System32\drivers\secdrv.sys
16:01:07.0997 0x0c70 C:\Windows\System32\drivers\secdrv.sys - ok
16:01:08.0007 0x0c70 [ 4B19A9A4191353007E9819A832B81186, 02B78FB11F80763CCB0E30E383247BD76FAC8A25DEE4971E8958EF19A08A719A ] C:\Windows\System32\timedate.cpl
16:01:08.0007 0x0c70 C:\Windows\System32\timedate.cpl - ok
16:01:08.0017 0x0c70 [ 1D244DB37B89D84A5DD46C0FFD41D733, B66AB3BEF4C1B26578FFCAD74FAF95E3069C6BC3F933FF318F96E4CDCC3A4285 ] C:\Program Files\Fighters\SPAMfighter\sfus.exe
16:01:08.0017 0x0c70 C:\Program Files\Fighters\SPAMfighter\sfus.exe - ok
16:01:08.0037 0x0c70 [ 428FF21418ADCD6FAD6189CD9520A67B, E9021A9B74AC6C4F7317704DF6A66B1A5C3D05DD2535989942005D638340010D ] C:\Windows\System32\wiatrace.dll
16:01:08.0037 0x0c70 C:\Windows\System32\wiatrace.dll - ok
16:01:08.0047 0x0c70 [ 4DBA143F06BAD1DF935CB9603140CF2A, DE2D3A13993046CCC7691C9614702DCBC43C788282A2B722A8F3F4829281BC1A ] C:\Windows\System32\wsdchngr.dll
16:01:08.0047 0x0c70 C:\Windows\System32\wsdchngr.dll - ok
16:01:08.0057 0x0c70 [ 64421ADAEE91E036A0799E3B82526BAD, AE4D9C280DB0AB0CAAD0BFD07B1596E379E37DA249E122F02AC5FFB3979B5083 ] C:\Program Files\Fighters\FighterSuiteService.exe
16:01:08.0057 0x0c70 C:\Program Files\Fighters\FighterSuiteService.exe - ok
16:01:08.0067 0x0c70 [ 8D78BA30DB4AE040A52EDEE725782715, 15099FC7A90B2E8D718D46E02D56026D56B3F043124C3455E79B7B44A027DD11 ] C:\Windows\System32\actxprxy.dll
16:01:08.0067 0x0c70 C:\Windows\System32\actxprxy.dll - ok
16:01:08.0077 0x0c70 [ 2AC2716E2083A949437CEDB2B6A2E89A, 53713692E86BF76053EA22C71742B977B8B9CA2690A87871DC48F874E3D0BF85 ] C:\PROGRA~1\WI4EB4~1\wmpband.dll
16:01:08.0077 0x0c70 C:\PROGRA~1\WI4EB4~1\wmpband.dll - ok
16:01:08.0097 0x0c70 [ B5A9AE7B79C331569A4DB12F109E1F47, EB5DEBE263629B9FD148A23CE6879DFD3AEF5AD304A170D519246CE7A10760AC ] C:\Program Files\Fighters\MachineIdGateway.dll
16:01:08.0097 0x0c70 C:\Program Files\Fighters\MachineIdGateway.dll - ok

Thread: iexplorer keeps replicating creating large files

Thread Tools

Display

iexplorer keeps replicating creating large files

aswMBR and security check

FRST.txt

Tdsskiller log #1

Tdsskiller log #2

Tdsskiller log #3

Tdsskiller log #4

Tdsskiller log #5

Posting Permissions