Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Generic User Avatar

I've been advised to post here - original post 11/05 - thanks


  • Please log in to reply
8 replies to this topic

#1 KerryJo2712

KerryJo2712

  •  Avatar image
  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Manchester
  • Local time:05:11 AM

Posted 21 May 2018 - 06:03 PM

Hello there, I have posted in 3 seperate threads and received only 1 reply directing me to post here since posting this particular thread on the 11th May......I have included links to the other 2 posts below, I received lots of help through this site around a year ago and would appreciate it if anyone could direct me in running checks and analyzing the subsequent data.....I'm being targeted online for various reasons, not through any wrong doing of my own but because I dared to stand up to bullies so any help with this persistent threat would be greatly appreciated

 

 

 

https://www.bleepingcomputer.com/forums/t/677322/facebook-source-code-cavalry-keylogger-active-listening/#entry4499399

 

 

Many thanks

 

 

 

https://www.bleepingcomputer.com/forums/t/677317/new-hp-laptop-c-drive-full-virtual-memory-full-am-i-infected/

 

https://www.bleepingcomputer.com/forums/t/677321/i-think-my-router-has-been-hacked-cloned-or-streaming-audiovideo/

 



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  •  Avatar image
  • Helper Emeritus
  • 85,296 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:11 AM

Posted 24 May 2018 - 10:36 AM

Hello, start with these scans.

MiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP conf[iguration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
SXvL3ZF.pngTDSSKiller
  • Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
And finally I'd like us to scan your machine with ESET OnlineScan:
  • It is recommended to turn off your antivirus program. Click on the E5rfZI9.png button to see which antivirus is currently enabled:
c4VVzVO.png
  • Turn off your antivirus program. See here how to do this.
  • Check the option beside: Enable detection of potentially unwanted applications.
  • Now click on Advanced Settings and make sure that the option Clean threats automatically is NOT checked, and select the following:
Enable detection of potentially unsafe applications
Enable detection of suspicious applications
Scan archives
Enable Anti-Stealth Technology
  • Click on the Change button and select only Operating memory, Autostart locations and drive C:\ to be scanned.
yKulboi.jpg
  • Push the dtoGjAL.png button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
8L8IBHJ.png
  • When the scan completes a list of found threats will open automatically (if any malicious files are found).
imxEgHt.png
  • Push thecRhRYZ8.png button and save the file to your desktop using a unique name, such as ESETScan.txt. Include the contents of this report in your next reply.
  • Push the 9IjfdXq.png button.
  • Check the box beside RHzfZB1.png to uninstall the application when closed.
  • Push Vc3btaC.png and the close the application clicking the X in upper right corner.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 KerryJo2712

KerryJo2712
  • Topic Starter

  •  Avatar image
  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Manchester
  • Local time:05:11 AM

Posted 28 May 2018 - 12:30 PM

Hello there, thank you for your help with this and apologies for the delay I've had no internet connection...here is MTB results just ran now

MiniToolBox by Farbar  Version: 17-06-2016
Ran by Boss (administrator) on 28-05-2018 at 18:20:52
Running from "C:\Documents and Settings\Boss\My Documents\Kerrys docs"
Microsoft Windows XP Professional Service Pack 3, v.6419 (X86)
Model: EG780AA-ABU a1228.uk Manufacturer: HP Pavilion 061
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================
Windows IP ConfigurationSuccessfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ============================== 

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ============================== 


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

Hosts file not detected in the default directory

Hosts file not detected in the default directory
========================= IP Configuration: ================================

1394 Net Adapter = 1394 Connection (Connected)
Intel(R) PRO/100 VE Network Connection = Local Area Connection (Connected)


# ---------------------------------- 
# Interface IP Configuration         
# ---------------------------------- 
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp 
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration


Windows IP Configuration        Host Name . . . . . . . . . . . . : yesitsme        Primary Dns Suffix  . . . . . . . :         Node Type . . . . . . . . . . . . : Unknown        IP Routing Enabled. . . . . . . . : No        WINS Proxy Enabled. . . . . . . . : Yes        DNS Suffix Search List. . . . . . : lanEthernet adapter Local Area Connection:        Connection-specific DNS Suffix  . : lan        Description . . . . . . . . . . . : Intel(R) PRO/100 VE Network Connection        Physical Address. . . . . . . . . : 00-13-D3-91-F9-D1        Dhcp Enabled. . . . . . . . . . . : Yes        Autoconfiguration Enabled . . . . : Yes        IP Address. . . . . . . . . . . . : 192.168.1.68        Subnet Mask . . . . . . . . . . . : 255.255.255.0        Default Gateway . . . . . . . . . : 192.168.1.254        DHCP Server . . . . . . . . . . . : 192.168.1.254        DNS Servers . . . . . . . . . . . : 192.168.1.254        Lease Obtained. . . . . . . . . . : Monday, May 28, 2018 6:13:24 PM        Lease Expires . . . . . . . . . . : Tuesday, May 29, 2018 6:13:24 PMServer:  UnKnown
Address:  192.168.1.254

Pinging google.com [216.58.210.46] with 32 bytes of data:Reply from 216.58.210.46: bytes=32 time=13ms TTL=54Reply from 216.58.210.46: bytes=32 time=13ms TTL=54Ping statistics for 216.58.210.46:    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds:    Minimum = 13ms, Maximum = 13ms, Average = 13msServer:  UnKnown
Address:  192.168.1.254

Pinging yahoo.com [98.137.246.8] with 32 bytes of data:Reply from 98.137.246.8: bytes=32 time=153ms TTL=49Reply from 98.137.246.8: bytes=32 time=152ms TTL=49Ping statistics for 98.137.246.8:    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds:    Minimum = 152ms, Maximum = 153ms, Average = 152msPinging 127.0.0.1 with 32 bytes of data:Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Ping statistics for 127.0.0.1:    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds:    Minimum = 0ms, Maximum = 0ms, Average = 0ms===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 13 d3 91 f9 d1 ...... Intel(R) PRO/100 VE Network Connection - McAfee Core NDIS Intermediate Filter Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254    192.168.1.68	  20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1	  1
      192.168.1.0    255.255.255.0     192.168.1.68    192.168.1.68	  20
     192.168.1.68  255.255.255.255        127.0.0.1       127.0.0.1	  20
    192.168.1.255  255.255.255.255     192.168.1.68    192.168.1.68	  20
        224.0.0.0        240.0.0.0     192.168.1.68    192.168.1.68	  20
  255.255.255.255  255.255.255.255     192.168.1.68    192.168.1.68	  1
Default Gateway:     192.168.1.254
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\system32\nwprovau.dll [142336] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 20 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 21 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 22 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 23 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 24 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 25 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 26 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 27 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 28 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/28/2018 06:09:39 PM) (Source: EventSystem) (User: )
Description: The COM+ Event System detected a bad return code during its internal processing.  HRESULT was 800706BF from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.  Please contact Microsoft Product Support Services to report this error.

Error: (05/28/2018 11:26:49 AM) (Source: Application Error) (User: )
Description: Faulting application amazon music helper.exe, version 0.0.0.0, faulting module unknown, version 0.0.0.0, fault address 0x001501f0.
Processing media-specific event for [amazon music helper.exe!ws!]

Error: (05/25/2018 01:57:09 PM) (Source: Application Error) (User: )
Description: Faulting application explorer.exe, version 6.0.2900.3311, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [explorer.exe!ws!]

Error: (05/25/2018 09:34:19 AM) (Source: Application Error) (User: )
Description: Faulting application wmplayer.exe, version 11.0.5721.5145, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [wmplayer.exe!ws!]

Error: (05/25/2018 04:57:51 AM) (Source: Application Error) (User: )
Description: Faulting application firefox.exe, version 52.8.0.6607, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [firefox.exe!ws!]

Error: (05/25/2018 04:44:45 AM) (Source: Application Error) (User: )
Description: Faulting application firefox.exe, version 52.8.0.6694, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [firefox.exe!ws!]

Error: (05/25/2018 01:56:11 AM) (Source: Application Error) (User: )
Description: Faulting application McSvHost.exe, version 3.8.703.0, faulting module unknown, version 0.0.0.0, fault address 0x00640068.
Processing media-specific event for [McSvHost.exe!ws!]

Error: (05/25/2018 01:42:56 AM) (Source: Application Error) (User: )
Description: Faulting application hwupdchk.exe, version 13.8.703.0, faulting module hwupdchk.exe, version 13.8.703.0, fault address 0x0004113e.
Error in creating result PEAP-TLV in response to received PEAP-TLV (hwupdchk.exe!ld!)

Error: (05/25/2018 12:42:02 AM) (Source: Application Hang) (User: )
Description: Hanging application HelpCtr.exe, version 5.1.2600.3311, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (05/24/2018 02:08:57 PM) (Source: Application Hang) (User: )
Description: Hanging application WINWORD.EXE, version 14.0.7208.5000, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


System errors:
=============
Error: (05/28/2018 06:17:15 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {209500FC-6B45-4693-8871-6296C4843751} did not register with DCOM within the required timeout.

Error: (05/28/2018 06:16:42 PM) (Source: Service Control Manager) (User: )
Description: The Office Software Protection Platform service failed to start due to the following error: 
%%1053 = The service did not respond to the start or control request in a timely fashion.


Error: (05/28/2018 06:16:42 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Office Software Protection Platform service to connect.

Error: (05/28/2018 06:16:12 PM) (Source: Service Control Manager) (User: )
Description: The Office Software Protection Platform service failed to start due to the following error: 
%%1053 = The service did not respond to the start or control request in a timely fashion.


Error: (05/28/2018 06:16:12 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Office Software Protection Platform service to connect.

Error: (05/28/2018 06:14:29 PM) (Source: DCOM) (User: YESITSME)
Description: The server {D085A4AB-CAB1-4729-9DF8-FCEEDDBD19E4} did not register with DCOM within the required timeout.

Error: (05/28/2018 06:13:24 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
{DCBCA92E-7DBE-4EDA-8B7B-3AAEA4DD412B}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18).  This security permission can be modified using the Component Services administrative tool.

Error: (05/28/2018 06:11:10 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the mcpltsvc service.

Error: (05/28/2018 06:10:40 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the McNaiAnn service.

Error: (05/28/2018 06:10:10 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the McMPFSvc service.


Microsoft Office Sessions:
=========================
Error: (05/28/2018 06:09:39 PM) (Source: EventSystem)(User: )
Description: d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp44800706BF

Error: (05/28/2018 11:26:49 AM) (Source: Application Error)(User: )
Description: amazon music helper.exe0.0.0.0unknown0.0.0.0001501f0

Error: (05/25/2018 01:57:09 PM) (Source: Application Error)(User: )
Description: explorer.exe6.0.2900.3311unknown0.0.0.000000000

Error: (05/25/2018 09:34:19 AM) (Source: Application Error)(User: )
Description: wmplayer.exe11.0.5721.5145unknown0.0.0.000000000

Error: (05/25/2018 04:57:51 AM) (Source: Application Error)(User: )
Description: firefox.exe52.8.0.6607unknown0.0.0.000000000

Error: (05/25/2018 04:44:45 AM) (Source: Application Error)(User: )
Description: firefox.exe52.8.0.6694unknown0.0.0.000000000

Error: (05/25/2018 01:56:11 AM) (Source: Application Error)(User: )
Description: McSvHost.exe3.8.703.0unknown0.0.0.000640068

Error: (05/25/2018 01:42:56 AM) (Source: Application Error)(User: )
Description: hwupdchk.exe13.8.703.0hwupdchk.exe13.8.703.00004113e

Error: (05/25/2018 12:42:02 AM) (Source: Application Hang)(User: )
Description: HelpCtr.exe5.1.2600.3311hungapp0.0.0.000000000

Error: (05/24/2018 02:08:57 PM) (Source: Application Hang)(User: )
Description: WINWORD.EXE14.0.7208.5000hungapp0.0.0.000000000


=========================== Installed Programs ============================

Adobe Flash Player 29 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 29.0.0.113 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM\...\Adobe Shockwave Player) (Version: 11.5.6.606 - Adobe Systems, Inc.)
Agere Systems PCI Soft Modem (HKLM\...\Agere Systems Soft Modem) (Version:  - )
AiO_Scan (HKLM\...\{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}) (Version: 50.0.227.000 - Hewlett-Packard) Hidden
Apple Application Support (HKLM\...\{EE6097DD-05F4-4178-9719-D3170BF098E8}) (Version: 1.4.1 - Apple Inc.)
Citrix Receiver (Enterprise) (HKLM\...\CitrixOnlinePluginFull) (Version: 13.4.0.25 - Citrix Systems, Inc.)
Citrix Receiver (HDX Flash Redirection) (HKLM\...\{0E8DC723-F1CD-424A-96CC-12428E7A1B4B}) (Version: 13.4.0.25 - Citrix Systems, Inc.) Hidden
Citrix Receiver Inside (HKLM\...\{9D431014-9F90-4335-A58E-8A14B0BD77F1}) (Version: 3.4.0.29585 - Citrix Systems, Inc.) Hidden
Citrix Receiver(Aero) (HKLM\...\{E3A60962-B768-4EA3-B0B6-DA671276B81A}) (Version: 13.4.0.25 - Citrix Systems, Inc.) Hidden
Citrix Receiver(DV) (HKLM\...\{D29DDA9B-FE05-48F1-A9D1-F6346A0A301A}) (Version: 13.4.0.25 - Citrix Systems, Inc.) Hidden
Citrix Receiver(PNA) (HKLM\...\{7093E21A-5E1F-4EB0-B867-F11D1FC0E9AD}) (Version: 13.4.0.25 - Citrix Systems, Inc.) Hidden
Citrix Receiver(SSON) (HKLM\...\{D0992620-D8C1-4C65-ABD7-56E217415791}) (Version: 13.4.0.25 - Citrix Systems, Inc.) Hidden
Citrix Receiver(USB) (HKLM\...\{3068513C-3AAC-410B-BAE7-C7837FFF8DEB}) (Version: 13.4.0.25 - Citrix Systems, Inc.) Hidden
Epson Easy Photo Print 2 (HKLM\...\{A02D7029-C4EF-44C1-9FD4-C0D3CA518113}) (Version: 2.2.4.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM\...\{8A17C27D-0325-400C-8AA9-DAA6B16CBD74}) (Version: 2.40.0009 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON SX130 Series Printer Uninstall (HKLM\...\EPSON SX130 Series) (Version:  - SEIKO EPSON Corporation)
FVD Downloader Module (HKLM\...\{A3F74A3C-6824-4878-AB46-21280389D09F}) (Version: 1.0.8 - Nimbus)
GearDrvs (HKLM\...\{CB84F0F2-927B-458D-9DC5-87832E3DC653}) (Version: 1.00.0000 - GEAR Software) Hidden
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
HP Product Detection (HKLM\...\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}) (Version: 10.7.9.0 - Hewlett-Packard Company)
HP PSC & OfficeJet 5.3.B (HKLM\...\{49FB31C1-26EC-44c6-AB47-73C66E2BC41E}) (Version:  - HP)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: 6.14.10.4363 - )
Intel(R) PRO Network Connections Drivers (HKLM\...\PROSet) (Version:  - )
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.500.3 - McAfee, Inc.)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 52.8.0 ESR (x86 en-US) (HKLM\...\Mozilla Firefox 52.8.0 ESR (x86 en-US)) (Version: 52.8.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 52.8.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 6.0 Parser (HKLM\...\{AEB9948B-4FF2-47C9-990E-47014492A0FE}) (Version: 6.00.3883.8 - Microsoft Corporation)
Online Plug-in (HKLM\...\{7BD3DC6D-A2BE-4345-B6EE-D146193DB18F}) (Version: 13.4.0.25 - Citrix Systems, Inc.) Hidden
PC Connectivity Solution (HKLM\...\{AC599724-5755-48C1-ABE7-ABB857652930}) (Version: 8.15.0.0 - Nokia)
Picture Control Utility (HKLM\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.2.2 - Nikon)
Plusnet Protect (HKLM\...\MSC) (Version: 12.8.992 - McAfee, Inc.)
QFolder (HKLM\...\{8777AC6D-89F9-4793-8266-DE406F343E89}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5605 - Realtek Semiconductor Corp.)
Recover Keys (HKLM\...\Recover Keys_is1) (Version: 10.0.4.201 - Recover Keys)
SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version:  - )
Samsung Mobile Modem Device Software (HKLM\...\Samsung Mobile Modem Device) (Version:  - )
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version:  - )
Samsung Mobile phone USB driver Software (HKLM\...\Samsung Mobile phone USB driver) (Version:  - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version:  - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version:  - )
Samsung New PC Studio USB Driver Installer (HKLM\...\{AF7E85DC-317C-47F5-810E-B82EE093A612}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
Samsung New PC Studio USB Driver Installer (HKLM\...\InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Mobile Device Software (HKLM\...\SAMSUNG USB Mobile Device) (Version:  - )
SamsungConnectivityCableDriver (HKLM\...\{7E84FAC8-C518-40F9-9807-7455301D6D25}) (Version: 6.83.6.2.1 - Samsung)
Scan (HKLM\...\{C506A18C-1469-4678-B094-F4EC9DAE6DB7}) (Version: 5.2.0.0 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{09A9DF49-DA06-4093-A2FD-F339211E39EA}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{09A9DF49-DA06-4093-A2FD-F339211E39EA}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{ECC1D579-DC17-4B90-929C-B4A0BB35F7B3}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{ECC1D579-DC17-4B90-929C-B4A0BB35F7B3}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{8C5A05B6-FF56-480F-A0E6-9F4BCA4B4CAC}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{8C5A05B6-FF56-480F-A0E6-9F4BCA4B4CAC}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{945F1D43-451D-4383-9BBE-241F37950B15}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{8DD50F3B-E0BD-4E39-AF1F-2F316B4FC528}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{8DD50F3B-E0BD-4E39-AF1F-2F316B4FC528}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{8DD50F3B-E0BD-4E39-AF1F-2F316B4FC528}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SiteAdvisor (HKLM\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.203 - McAfee, Inc.)
Update for Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2607712) (HKLM\...\KB2607712) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2616676) (HKLM\...\KB2616676) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB961503) (HKLM\...\KB961503) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
User's Guide EPSON SX130 Series (HKLM\...\EPSON SX130 Series Useg) (Version:  - )
WebFldrs XP (HKLM\...\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}) (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Driver Package - MobileTop (sshpmdm) Modem  (02/23/2007 2.5.0.0) (HKLM\...\6194C28A8F62DD817EA1B918E6E46E806A21B452) (Version: 02/23/2007 2.5.0.0 - MobileTop)
Windows Driver Package - MobileTop (sshpusb) USB  (02/23/2007 2.5.0.0) (HKLM\...\65B6FE5418CE28F4D72543FB2D964C3CEC83F161) (Version: 02/23/2007 2.5.0.0 - MobileTop)
Windows Driver Package - Nokia pccsmcfd  (10/12/2007 6.85.4.0) (HKLM\...\3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F) (Version: 10/12/2007 6.85.4.0 - Nokia)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Internet Explorer 7 (HKLM\...\ie7) (Version: 20070813.185237 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows PowerShell(TM) 1.0 (HKLM\...\KB926139-v2) (Version: 2 - Microsoft Corporation)

========================= Memory info: ===================================

Percentage of memory in use: 66%
Total physical RAM: 1015.36 MB
Available physical RAM: 336.96 MB
Total Virtual: 1718.49 MB
Available Virtual: 902.59 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:142.07 GB) (Free:112.88 GB) NTFS
3 Drive e: () (Removable) (Total:0.06 GB) (Free:0.06 GB) FAT
6 Drive h: (HP_RECOVERY) (Fixed) (Total:6.96 GB) (Free:3.25 GB) FAT32
8 Drive j: (EXT STORE I) (Removable) (Total:28.95 GB) (Free:26.09 GB) FAT32

========================= Users: ========================================

User accounts for \\YESITSME

Administrator            Boss                     Guest                    


**** End of log ****


#4 boopme

boopme

    To Insanity and Beyond


  •  Avatar image
  • Helper Emeritus
  • 85,296 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:11 AM

Posted 29 May 2018 - 11:05 AM

OK will wait for further logs.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 KerryJo2712

KerryJo2712
  • Topic Starter

  •  Avatar image
  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Manchester
  • Local time:05:11 AM

Posted 30 May 2018 - 07:44 PM

01:17:23.0031 0x098c  TDSS rootkit removing tool 3.1.0.17 Apr 20 2018 12:12:17
01:17:24.0671 0x098c  

============================================================
01:17:24.0671 0x098c  Current date / time: 2018/05/31 01:17:24.0671
01:17:24.0671 0x098c  SystemInfo:
01:17:24.0671 0x098c  
01:17:24.0671 0x098c  OS Version: 5.1.2600 ServicePack: 3.0
01:17:24.0671 0x098c  Product type: Workstation
01:17:24.0671 0x098c  ComputerName: YESITSME
01:17:24.0671 0x098c  UserName: Boss
01:17:24.0671 0x098c  Windows directory: C:\WINDOWS
01:17:24.0671 0x098c  System windows directory: C:\WINDOWS
01:17:24.0671 0x098c  Processor architecture: Intel x86
01:17:24.0671 0x098c  Number of processors: 1
01:17:24.0671 0x098c  Page size: 0x1000
01:17:24.0671 0x098c  Boot type: Normal boot
01:17:24.0671 0x098c  

============================================================
01:17:24.0671 0x098c  KLMD ARK init status: drvProperties = 0xFFFF00, osBuild = 2600.6419,

osProperties = 0x0
01:17:24.0671 0x098c  KLMD BG init status: drvProperties = 0xFFFF00, osBuild = 2600.6419,

osProperties = 0x0
01:17:24.0671 0x098c  BG loaded
01:17:28.0796 0x098c  System UUID: {F7F5308D-235B-E013-430E-C35D7979173F}
01:18:03.0218 0x098c  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 ( 149.05 Gb ),

SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type

'K0', Flags 0x00000054
01:18:03.0281 0x098c  Drive \Device\Harddisk1\DR3 - Size: 0x3B80000 ( 0.06 Gb ),

SectorSize: 0x200, Cylinders: 0x7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
01:18:03.0437 0x098c  

============================================================
01:18:03.0437 0x098c  \Device\Harddisk0\DR0:
01:18:03.0625 0x098c  MBR partitions:
01:18:03.0625 0x098c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x3F,

BlocksNum 0xDF11CF
01:18:03.0625 0x098c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA

0xDF120E, BlocksNum 0x11C239F2
01:18:03.0625 0x098c  \Device\Harddisk1\DR3:
01:18:03.0640 0x098c  MBR partitions:
01:18:03.0640 0x098c  \Device\Harddisk1\DR3\Partition1: MBR, Type 0xE, StartLBA 0x27,

BlocksNum 0x1DBD9
01:18:03.0640 0x098c  

============================================================
01:18:04.0484 0x098c  C: <-> \Device\Harddisk0\DR0\Partition2
01:18:04.0828 0x098c  H: <-> \Device\Harddisk0\DR0\Partition1
01:18:04.0875 0x098c  

============================================================
01:18:04.0875 0x098c  Initialize success
01:18:04.0875 0x098c  

============================================================
01:18:19.0875 0x0cf4  

============================================================
01:18:19.0875 0x0cf4  Scan started
01:18:19.0875 0x0cf4  Mode: Manual; SigCheck; TDLFS;
01:18:19.0875 0x0cf4  

============================================================
01:18:19.0875 0x0cf4  KSN ping started
01:18:22.0515 0x0cf4  KSN ping finished: true
01:18:41.0812 0x0cf4  ================ Scan system memory

========================
01:18:41.0843 0x0cf4  System memory - ok
01:18:41.0843 0x0cf4  ================ Scan services

=============================
01:18:49.0125 0x0cf4  Abiosdsk - ok
01:18:49.0125 0x0cf4  abp480n5 - ok
01:18:49.0187 0x0cf4  ACDaemon - ok
01:18:49.0234 0x0cf4  [ 6F2130D1F91CFAAA53A0202F22CC23AF,

581DA5E6257F27D75DADDF01BB101B1361ED466CA8E2EDD3771D4CE0F991A9E7 ] ACPI         

   C:\WINDOWS\system32\DRIVERS\ACPI.sys
01:19:05.0734 0x0cf4  ACPI - ok
01:19:06.0453 0x0cf4  [ 9859C0F6936E723E4892D7141B1327D5,

5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC     

     C:\WINDOWS\system32\drivers\ACPIEC.sys
01:19:07.0593 0x0cf4  ACPIEC - ok
01:19:08.0953 0x0cf4  [ C237E820E6FB291557108324E6A0AAAC,

9C98C0E6A0E0BB46CBAB253B4CF98A830D84A7AD1EFA903206F8E1E8D21B08CC ]

AdobeFlashPlayerUpdateSvc

C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
01:19:09.0671 0x0cf4  AdobeFlashPlayerUpdateSvc - detected UnsignedFile.Multi.Generic (

1 )
01:19:20.0421 0x0cf4  AdobeFlashPlayerUpdateSvc ( UnsignedFile.Multi.Generic ) -

warning
01:19:40.0484 0x0cf4  adpu160m - ok
01:19:40.0609 0x0cf4  [ 8BED39E3C35D6A489438B8141717A557,

1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             

C:\WINDOWS\system32\drivers\aec.sys
01:19:41.0421 0x0cf4  aec - ok
01:19:41.0562 0x0cf4  [ 1E44BC1E83D8FD2305F8D452DB109CF9,

CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD           

  C:\WINDOWS\System32\drivers\afd.sys
01:19:42.0046 0x0cf4  AFD - ok
01:19:42.0625 0x0cf4  [ 34F27C7D71F1C49C7D3857F28B42F544,

C307405BC92E174BF696F9A5EC844A95AD983AE2C4223C89F445D89A3361A232 ]

AgereSoftModem  C:\WINDOWS\system32\DRIVERS\AGRSM.sys
01:19:45.0625 0x0cf4  AgereSoftModem - ok
01:19:45.0640 0x0cf4  Aha154x - ok
01:19:45.0671 0x0cf4  aic78u2 - ok
01:19:45.0671 0x0cf4  aic78xx - ok
01:19:46.0031 0x0cf4  [ A437A28E5B21807583F2CE2AC5F76192,

574FD8B9C79E003D76F00AB1CD3E0ED38EAE94ED1B9BFB65AC07CA47409BEAEC ] Alerter      

   C:\WINDOWS\system32\alrsvc.dll
01:19:46.0609 0x0cf4  Alerter - ok
01:19:46.0906 0x0cf4  [ B3F4D7870D95478A4771EB42B7927EAB,

DDFAA116F0807CB1D84A9C13105BEE66E4E5844D0CF9A93BDBBB33B49F82F613 ] ALG            

 C:\WINDOWS\System32\alg.exe
01:19:47.0281 0x0cf4  ALG - ok
01:19:47.0281 0x0cf4  AliIde - ok
01:19:47.0296 0x0cf4  amsint - ok
01:19:48.0000 0x0cf4  [ A4DDB52FE0846A7F90C79CE9C655AD0A,

1E94EE38D068829172C8C8EEC5F14EF130A39814793F79E95D57A07B0BEB88A5 ] AppMgmt    

     C:\WINDOWS\System32\appmgmts.dll
01:19:48.0781 0x0cf4  AppMgmt - ok
01:19:50.0500 0x0cf4  [ 9EEBF325F8B4683973F0AF30C6CF150E,

916EDE7005A4EC1854BC3E27E2FA3EE034EF4122FF75697E8991156F018ECFE4 ] Arp1394         

C:\WINDOWS\system32\DRIVERS\arp1394.sys
01:19:51.0812 0x0cf4  Arp1394 - ok
01:19:51.0828 0x0cf4  asc - ok
01:19:51.0828 0x0cf4  asc3350p - ok
01:19:51.0875 0x0cf4  asc3550 - ok
01:20:11.0281 0x0cf4  [ 0E5E4957549056E2BF2C49F4F6B601AD,

F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ]

aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
01:20:11.0703 0x0cf4  aspnet_state - ok
01:20:11.0828 0x0cf4  [ 8F619CF1D0750066A4AAB48F38907D22,

141419C184E7923B32DDB213BF6EFAA022055EE21E90BBA93B9EC4783803C2C1 ] AsyncMac

       C:\WINDOWS\system32\DRIVERS\asyncmac.sys
01:20:12.0203 0x0cf4  AsyncMac - ok
01:20:12.0312 0x0cf4  [ 7316AFA8EFA110621D6D90722AF3EFE6,

717FA969665699EF1F2DA789F29D011C490B3F8125D7EE8CD1CEEB414B471997 ] atapi           

C:\WINDOWS\system32\DRIVERS\atapi.sys
01:20:12.0671 0x0cf4  atapi - ok
01:20:12.0687 0x0cf4  Atdisk - ok
01:20:12.0828 0x0cf4  [ AF6F35D96B0220D1355318351E9B9FBE,

3ED2E8098F4C96D151D0851C35195220C1D67273D9AD03E218DB88E0A32F0607 ] Atmarpc   

      C:\WINDOWS\system32\DRIVERS\atmarpc.sys
01:20:13.0281 0x0cf4  Atmarpc - ok
01:20:13.0484 0x0cf4  [ 1B66662A027EFBE4541783F0723D71D5,

2B8795B4F61D9FA3A5A7DD2FA2CA93F7DA000EB36B3ADB0243C60FD7E70DD1BE ] AudioSrv

       C:\WINDOWS\System32\audiosrv.dll
01:20:13.0750 0x0cf4  AudioSrv - ok
01:20:14.0000 0x0cf4  [ D9F724AA26C010A217C97606B160ED68,

329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub     

    C:\WINDOWS\system32\DRIVERS\audstub.sys
01:20:14.0312 0x0cf4  audstub - ok
01:20:14.0515 0x0cf4  [ DA1F27D85E0D1525F6621372E7B685E9,

5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep     

       C:\WINDOWS\system32\drivers\Beep.sys
01:20:14.0781 0x0cf4  Beep - ok
01:20:15.0656 0x0cf4  [ D9FF0A70A51FB61F5ABD0CEA62749E03,

B58EC65F60F37D20CD727DE814A510EC90F5B67E8430F79E0D7D8C9C58DA74E3 ] BITS            

C:\WINDOWS\system32\qmgr.dll
01:20:16.0843 0x0cf4  BITS - ok
01:20:16.0937 0x0cf4  [ CFD4E51402DA9838B5A04AE680AF54A0,

5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser        

 C:\WINDOWS\System32\browser.dll
01:20:17.0390 0x0cf4  Browser - ok
01:20:17.0593 0x0cf4  [ 90A673FC8E12A79AFBED2576F6A7AAF9,

BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k       

  C:\WINDOWS\system32\drivers\cbidf2k.sys
01:20:18.0140 0x0cf4  cbidf2k - ok
01:20:18.0171 0x0cf4  cd20xrnt - ok
01:20:18.0265 0x0cf4  [ C1B486A7658353D33A10CC15211A873B,

AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio    

     C:\WINDOWS\system32\drivers\Cdaudio.sys
01:20:18.0718 0x0cf4  Cdaudio - ok
01:20:18.0828 0x0cf4  [ B7E6F9E557905F038D6EFD115B4FF618,

B70B3F452385E7BB845EAD97542C1C6631C7F6DA6DFB3019C477109D4F80B806 ] Cdfs            

C:\WINDOWS\system32\drivers\Cdfs.sys
01:20:19.0062 0x0cf4  Cdfs - ok
01:20:19.0171 0x0cf4  [ F18AB264458913B1304FE899F5FA68FB,

D7250EF6DC09DCAE45E25E69DDD037183BEE192ACA4C8E97975E559A935512DE ] Cdrom     

      C:\WINDOWS\system32\DRIVERS\cdrom.sys
01:20:20.0171 0x0cf4  Cdrom - ok
01:20:20.0203 0x0cf4  [ 0DAAE43A50E7A0BE59052E05E2DACA5D,

FC9F3C9E1CA86CAA5451C3D23F1443DEDACFE0F327B4321BD2B441C69183B51D ] cfwids     

     C:\WINDOWS\system32\drivers\cfwids.sys
01:20:21.0015 0x0cf4  cfwids - ok
01:20:21.0031 0x0cf4  Changer - ok
01:20:21.0203 0x0cf4  [ D8EF9DDF0D8EB0C3ED59C0FABA97D499,

885B492603D55C4CB26A0616E1D7EE3ACFC1F35569C90E3B13B19F3FE313736A ] CiSvc          

 C:\WINDOWS\system32\cisvc.exe
01:20:39.0781 0x0cf4  CiSvc - ok
01:20:39.0906 0x0cf4  [ 764609692A63D7EA9B7051B923900301,

6B043466B065BB2DED97B06F0071D86DA044EB4D9FEE4DC08A7D6D12BA28A15E ] ClipSrv      

   C:\WINDOWS\system32\clipsrv.exe
01:20:50.0453 0x0cf4  ClipSrv - ok
01:20:50.0562 0x0cf4  [ D87ACAED61E417BBA546CED5E7E36D9C,

14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ]

clr_optimization_v2.0.50727_32

c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:20:55.0640 0x0cf4  clr_optimization_v2.0.50727_32 - ok
01:20:55.0656 0x0cf4  CmdIde - ok
01:20:55.0656 0x0cf4  COMSysApp - ok
01:20:55.0843 0x0cf4  Cpqarray - ok
01:20:55.0906 0x0cf4  [ F81F67B1ACA9B7473F3DF67B24A66D61,

40C04EE9E460D1B0B36ACB818CFB18F405788A1E01C88D880BB6588D8593AF2A ] CryptSvc   

     C:\WINDOWS\System32\cryptsvc.dll
01:21:01.0125 0x0cf4  CryptSvc - ok
01:21:01.0171 0x0cf4  [ ECDB9665937F737A7AB26390A6C68573,

8E9D3DBC1C75202F11F3B6D9071673C8F37994BD4341A3F259526D6B15E970D4 ] ctxusbm     

    C:\WINDOWS\system32\DRIVERS\ctxusbm.sys
01:21:07.0125 0x0cf4  ctxusbm - ok
01:21:07.0171 0x0cf4  dac2w2k - ok
01:21:07.0281 0x0cf4  dac960nt - ok
01:21:07.0828 0x0cf4  [ 6B27A5C03DFB94B4245739065431322C,

6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ]

DcomLaunch      C:\WINDOWS\system32\rpcss.dll
01:21:08.0828 0x0cf4  DcomLaunch - ok
01:21:08.0953 0x0cf4  [ 7EF07645D1AF5ACA0762F95E6F80D27F,

709D168F106876E1F170DB372E28F77AE6DC63F04E1FCA78EFE3AE4E6A9D26F2 ] Dhcp            

C:\WINDOWS\System32\dhcpcsvc.dll
01:21:10.0515 0x0cf4  Dhcp - ok
01:21:10.0625 0x0cf4  [ 40A52785370971E2CD137A5811E11AA4,

842C76E628F99816E5CE64B8441C0EF82FBA9AD303F7709080713CC6A619DE3A ] Disk            

C:\WINDOWS\system32\DRIVERS\disk.sys
01:21:13.0843 0x0cf4  Disk - ok
01:21:13.0875 0x0cf4  dmadmin - ok
01:21:14.0203 0x0cf4  [ FC6189CC82BD4A5738C0F2F08B478762,

FAE1982AA53D6B94912EF0554EB15A9DBB54D0484A223A0BB7F41EB015A92A36 ] dmboot     

     C:\WINDOWS\system32\drivers\dmboot.sys
01:21:20.0937 0x0cf4  dmboot - ok
01:21:21.0031 0x0cf4  [ 672B7AF1E9AB4040D74370A3500E5E5C,

4D894DCED5158456E4DF63B7DB9A7C41AEC20D98691DF7472371B50850161FD9 ] dmio         

   C:\WINDOWS\system32\drivers\dmio.sys
01:21:22.0171 0x0cf4  dmio - ok
01:21:22.0265 0x0cf4  [ E9317282A63CA4D188C0DF5E09C6AC5F,

D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          

C:\WINDOWS\system32\drivers\dmload.sys
01:21:23.0500 0x0cf4  dmload - ok
01:21:23.0750 0x0cf4  [ 4CFF9FF7E1A6414B23D001100EEA5FF7,

8BE62E94687B39DA7FA7AD63677F999687FFA6CDC62C720F510E2A05D4201DCD ] dmserver

       C:\WINDOWS\System32\dmserver.dll
01:21:24.0796 0x0cf4  dmserver - ok
01:21:25.0468 0x0cf4  [ 08F31922388CB31D32841690ACA1379A,

3D848BE892BF193DC8BC3BAA00E8E8BDCF16D151DA318ADE1DED580662CE1F08 ] DMusic    

      C:\WINDOWS\system32\drivers\DMusic.sys
01:21:26.0500 0x0cf4  DMusic - ok
01:21:26.0609 0x0cf4  [ 5F7E24FA9EAB896051FFB87F840730D2,

356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ]

Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
01:21:28.0390 0x0cf4  Dnscache - ok
01:21:28.0687 0x0cf4  [ 241D6D615124B79D576C37D4C3C1B320,

169AE444BA34682FD0F6F71B95C4A7A22D1A07FCF011B02B9086EDE3F3E42A81 ] Dot3svc      

   C:\WINDOWS\System32\dot3svc.dll
01:21:29.0671 0x0cf4  Dot3svc - ok
01:21:29.0687 0x0cf4  dpti2o - ok
01:21:29.0968 0x0cf4  [ 780426DAD0CEB30124A61A85D71E77D3,

4F5B861940E32AA1BE4BFA91432576640858CEC12FF9C98E863EEC20D8F81DFD ] drmkaud     

    C:\WINDOWS\system32\drivers\drmkaud.sys
01:21:31.0359 0x0cf4  drmkaud - ok
01:21:31.0453 0x0cf4  [ 95974E66D3DE4951D29E28E8BC0B644C,

5737A2FB4D95AAB61A50E25CC570D78FC91C1A7B02754211B1B57DC4209A7D58 ] E100B     

      C:\WINDOWS\system32\DRIVERS\e100b325.sys
01:21:32.0062 0x0cf4  E100B - ok
01:21:32.0140 0x0cf4  [ 531E7657D42B6849EE52AEB8C9DD601C,

2272D69C09AB1A7ED1F670C75FE3BA03065730A84CB2A0E57676D97E0307DFC5 ] EapHost    

     C:\WINDOWS\System32\eapsvc.dll
01:21:32.0812 0x0cf4  EapHost - ok
01:21:32.0875 0x0cf4  [ C74E4CAD632295421255781787844C58,

50DAE9EC594FE82F2E5E1BB49F77224EF87A00CCB0E0B2D34A6BAB9143F3A2D7 ] ERSvc          

 C:\WINDOWS\System32\ersvc.dll
01:21:33.0593 0x0cf4  ERSvc - ok
01:21:33.0656 0x0cf4  [ 65DF52F5B8B6E9BBD183505225C37315,

59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog    

    C:\WINDOWS\system32\services.exe
01:21:33.0796 0x0cf4  Eventlog - ok
01:21:33.0859 0x0cf4  [ D4991D98F2DB73C60D042F1AEF79EFAE,

58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ]

EventSystem     C:\WINDOWS\system32\Es.dll
01:21:34.0171 0x0cf4  EventSystem - ok
01:21:34.0234 0x0cf4  [ C473E4A84355A32B53F2F4CE3A0406EE,

31355D762D01AB33FB0AFC2985BFFB9DEF85880D1C025F93889F6A9527EAD030 ] Fastfat         

C:\WINDOWS\system32\drivers\Fastfat.sys
01:21:36.0187 0x0cf4  Fastfat - ok
01:21:36.0390 0x0cf4  [ 99BC0B50F511924348BE19C7C7313BBF,

A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ]

FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
01:21:37.0218 0x0cf4  FastUserSwitchingCompatibility - ok
01:21:37.0312 0x0cf4  [ FA2D4AD77C535C75B00C799942FEE927,

BD685B891186CDE6268FF64B370EA6EFE1271F49908AF5F0284BC61CB459B38D ] Fdc             

C:\WINDOWS\system32\DRIVERS\fdc.sys
01:21:38.0140 0x0cf4  Fdc - ok
01:21:38.0484 0x0cf4  [ 532B70A154643DC5D722EEC7E82B8446,

CAEACADF94A04B5F1826073D85668372F1633A40B0E106488DBA9011CCB0134A ] Fips          

  C:\WINDOWS\system32\drivers\Fips.sys
01:21:39.0250 0x0cf4  Fips - ok
01:21:39.0312 0x0cf4  [ B91B6DEF9522CDC7310ED88563FABC37,

E2E3D3A5EE360FB34D2EEA14044C8B49EDF056054F94FF228C9696DB9050D9A4 ] Flpydisk       

 C:\WINDOWS\system32\drivers\Flpydisk.sys
01:21:39.0906 0x0cf4  Flpydisk - ok
01:21:39.0968 0x0cf4  [ CDCACF60EB651F84F6307C7A4D5D26A0,

B1C832450ECAB4C3AF2CC3727DD9C74912C0BF6461F171F24BF992E1889B6932 ] FltMgr        

  C:\WINDOWS\system32\DRIVERS\fltMgr.sys
01:21:40.0750 0x0cf4  FltMgr - ok
01:21:40.0921 0x0cf4  [ 8BA7C024070F2B7FDD98ED8A4BA41789,

47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ]

FontCache3.0.0.0

c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
01:21:41.0250 0x0cf4  FontCache3.0.0.0 - ok
01:21:41.0562 0x0cf4  [ 02763B58A5FBADC5A5EDED4C4797ADAB,

F58BA7570E8AF5895795E1C03025C0801D9A3B7D8385CDE0B4E0C24A4E79F095 ]

FortiSslvpnDaemon C:\WINDOWS\system32\FortiSSLVPNdaemon.exe
01:21:41.0984 0x0cf4  FortiSslvpnDaemon - ok
01:21:42.0093 0x0cf4  [ 790A4CA68F44BE35967B3DF61F3E4675,

7CBC77C620ABA75FEF4BA8AD9C38766D50CD18106EBA4693F162F2C5A7D46AA8 ]

FsUsbExDisk     C:\WINDOWS\system32\FsUsbExDisk.SYS
01:21:42.0234 0x0cf4  FsUsbExDisk - detected UnsignedFile.Multi.Generic ( 1 )
01:21:52.0234 0x0cf4  FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
01:21:57.0171 0x0cf4  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A,

EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          

C:\WINDOWS\system32\drivers\Fs_Rec.sys
01:21:58.0343 0x0cf4  Fs_Rec - ok
01:21:58.0406 0x0cf4  [ 6AC26732762483366C3969C9E4D2259D,

FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          

C:\WINDOWS\system32\DRIVERS\ftdisk.sys
01:21:59.0640 0x0cf4  Ftdisk - ok
01:21:59.0937 0x0cf4  [ AB8A6A87D9D7255C3884D5B9541A6E80,

D073B5D8A06EFA6415E8F22DFE486DE913113AE23F59CFC5EEF1B3E694CE86F3 ]

GEARAspiWDM     C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
01:22:00.0265 0x0cf4  GEARAspiWDM - ok
01:22:01.0125 0x0cf4  [ A68D8864E187D6B4B60BBD9ABD51F57D,

484121122F9CC54CD093C34347B73452AAEB05FCF3004EC826D9ADE15D2EE3BB ] Gpc          

   C:\WINDOWS\system32\DRIVERS\msgpc.sys
01:22:01.0828 0x0cf4  Gpc - ok
01:22:03.0234 0x0cf4  [ 605CCC9CE1839BC5583017DF7CAE27A6,

F1F67830FC3531DFBDAF5315F59422438AB9F243D89491AC75D1818E7ED98B5D ] gupdate     

    C:\Program Files\Google\Update\GoogleUpdate.exe
01:22:03.0703 0x0cf4  gupdate - ok
01:22:03.0781 0x0cf4  [ 605CCC9CE1839BC5583017DF7CAE27A6,

F1F67830FC3531DFBDAF5315F59422438AB9F243D89491AC75D1818E7ED98B5D ] gupdatem  

      C:\Program Files\Google\Update\GoogleUpdate.exe
01:22:04.0234 0x0cf4  gupdatem - ok
01:22:07.0828 0x0cf4  [ 5D4BC124FAAE6730AC002CDB67BF1A1C,

00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc       

    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
01:22:08.0453 0x0cf4  gusvc - ok
01:22:10.0828 0x0cf4  [ 2A013E7530BEAB6E569FAA83F517E836,

481390EE00AF49BB54B8C885801FCAC0F87F4EF3D935ABBBA42B7C063EFDDB8F ]

HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
01:22:11.0171 0x0cf4  HdAudAddService - detected UnsignedFile.Multi.Generic ( 1 )
01:22:13.0984 0x0cf4  Detect skipped due to KSN trusted
01:22:13.0984 0x0cf4  HdAudAddService - ok
01:22:18.0609 0x0cf4  [ 3FCC124B6E08EE0E9351F717DD136939,

EBFE0FB51E14570A1A1D64C8E5383F3FF28509361D13945B79A9C551EB522012 ] HDAudBus    

    C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
01:22:18.0734 0x0cf4  HDAudBus - detected UnsignedFile.Multi.Generic ( 1 )
01:22:21.0234 0x0cf4  Detect skipped due to KSN trusted
01:22:21.0234 0x0cf4  HDAudBus - ok
01:22:22.0031 0x0cf4  [ 9000FA63CFEAFDFD1D39655F8F111903,

866DEB075CDEFD40EA679DAADC97C07891D40392D6B6B34ACDAEF6CE68ED06A7 ]

helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
01:22:22.0406 0x0cf4  helpsvc - ok
01:22:25.0812 0x0cf4  [ 56296857059FA06E084AF9D0B1A9325D,

FD0629A486987126E0E47EBD936DECD1D4F50233E4636330875ABE73F6EF6C22 ] HidServ        

 C:\WINDOWS\System32\hidserv.dll
01:22:26.0578 0x0cf4  HidServ - ok
01:22:27.0156 0x0cf4  [ FFAFDE8424D92B4AEB72670F446D8F22,

1E0A0AA86E70A2B21DA188510E57F350620B3E006A09D3F15B5B605174934BF7 ] hidusb         

 C:\WINDOWS\system32\DRIVERS\hidusb.sys
01:22:27.0640 0x0cf4  hidusb - ok
01:22:28.0656 0x0cf4  [ 156765F692192EA9039A6C4A809312FD,

73400BC5E5C92A2E7834CB8EB33B3D78BF73C875C98B1AD91B0112FBB8DB19E3 ] HipShieldK

     C:\WINDOWS\system32\drivers\HipShieldK.sys
01:22:29.0078 0x0cf4  HipShieldK - ok
01:22:29.0140 0x0cf4  [ 1DDD16693D34768F3DE24411F5735E86,

30324438A0A2F2E5AC47961519CDC02ED5C9246442440955F0D76C3E9DF99729 ] hkmsvc     

     C:\WINDOWS\System32\kmsvc.dll
01:22:30.0421 0x0cf4  hkmsvc - ok
01:22:35.0171 0x0cf4  [ 5007E21208DA68F60EBF43352BDFE6D0,

698B6AB8260E05D6A2D168939E8D7F9F1CC1C78FDEC4F6B9D1A7289FD83C841B ]

HomeNetSvc      C:\Program Files\Common

Files\Mcafee\Platform\McSvcHost\McSvHost.exe
01:22:35.0343 0x0cf4  HomeNetSvc - ok
01:22:35.0359 0x0cf4  hpn - ok
01:22:36.0234 0x0cf4  [ 9F1D80908658EB7F1BF70809E0B51470,

84FD62D34BC63BA41027DD2164B1E4F86BC8783E8A601E9F189627A4B3D54AAA ] HPZid412  

      C:\WINDOWS\system32\DRIVERS\HPZid412.sys
01:22:37.0000 0x0cf4  HPZid412 - ok
01:22:37.0687 0x0cf4  [ F7E3E9D50F9CD3DE28085A8FDAA0A1C3,

886A5222940A6E14B359B45AA158390468B601FB58949E7F5BEC93B5459AF689 ] HPZipr12       

 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
01:22:38.0234 0x0cf4  HPZipr12 - ok
01:22:38.0718 0x0cf4  [ CF1B7951B4EC8D13F3C93B74BB2B461B,

3A1B8A9A9AB0E916288AD6198C377E3A4D278DB3D8DCD4299F0ADC83973F0495 ]

HPZius12        C:\WINDOWS\system32\DRIVERS\HPZius12.sys
01:22:39.0765 0x0cf4  HPZius12 - ok
01:22:44.0109 0x0cf4  [ F80A415EF82CD06FFAF0D971528EAD38,

524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            

C:\WINDOWS\system32\Drivers\HTTP.sys
01:22:44.0656 0x0cf4  HTTP - ok
01:22:45.0703 0x0cf4  [ BD8081AA24F116B2CA3CB91AB32A278A,

719083BBDA006D9571C5EEB373A809C277FEC6414F719DA91F5BE25D4B7ADD69 ] HTTPFilter   

   C:\WINDOWS\System32\w3ssl.dll
01:22:46.0265 0x0cf4  HTTPFilter - ok
01:22:46.0265 0x0cf4  i2omgmt - ok
01:22:46.0281 0x0cf4  i2omp - ok
01:22:47.0125 0x0cf4  [ 72229484FDBB55A76CF2BF0A33C07199,

DE9AB328C18BDB1C5C8148E46E5F8A21AA273D213BEAF5FCE779B561F066B792 ] i8042prt     

   C:\WINDOWS\system32\DRIVERS\i8042prt.sys
01:22:47.0328 0x0cf4  i8042prt - ok
01:22:53.0234 0x0cf4  [ 240D0F5D7CAAFD87BD8D801A97BBE041,

37CA330CE08A1A35C767D4512EA4832C98268B899B88E87A6F59FF5245652157 ] ialm           

 C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
01:22:54.0968 0x0cf4  ialm - ok
01:23:03.0015 0x0cf4  [ 1CF03C69B49ACB70C722DF92755C0C8C,

C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT     

   C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
01:23:03.0609 0x0cf4  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
01:23:13.0437 0x0cf4  Detect skipped due to KSN trusted
01:23:13.0437 0x0cf4  IDriverT - ok
01:23:17.0437 0x0cf4  [ C01AC32DC5C03076CFB852CB5DA5229C,

A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc         

  c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication

Foundation\infocard.exe
01:23:18.0593 0x0cf4  idsvc - ok
01:23:18.0687 0x0cf4  [ AAAE7F1F575C1C6573084E910660BE1B,

45A3D8B074470421BD4D63BBF31DB7D2CE059EAD55A1D485CE1AF00358830576 ] Imapi       

    C:\WINDOWS\system32\DRIVERS\imapi.sys
01:23:35.0531 0x0cf4  Imapi - ok
01:23:44.0125 0x0cf4  [ CA6D1EE11B36A2FD7D2E4F82D8C0A429,

037D97C6D1B13FA4161157E287D642C6E85A1821441EA6D2AD8C28182B53DBBA ]

ImapiService    C:\WINDOWS\system32\imapi.exe
01:23:44.0500 0x0cf4  ImapiService - ok
01:23:44.0515 0x0cf4  ini910u - ok
01:23:56.0171 0x0cf4  [ B2957D6C1226F029230DAC2C46D34286,

C581D967C96DD3EC1DFFEDF01087A3042FED333CFF389698FCC7396B79B8C13F ]

IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
01:24:00.0718 0x0cf4  IntcAzAudAddService - ok
01:24:00.0796 0x0cf4  [ 6EB87B5EC638903470F6B0402EAD6599,

55A8F2EDB22974D8ECC41286F256E767FC85859A13C1F2AB881F00B026F53259 ] IntelIde        

C:\WINDOWS\system32\DRIVERS\intelide.sys
01:24:12.0437 0x0cf4  IntelIde - ok
01:24:12.0609 0x0cf4  [ 514C5EE514CB699FBED51E74A220E261,

758C2D2A7F94A2805222763ED754C094BECB9A65EFA8855AC15A02C0BE02553C ] intelppm

       C:\WINDOWS\system32\DRIVERS\intelppm.sys
01:24:13.0109 0x0cf4  intelppm - ok
01:24:13.0234 0x0cf4  [ C0E5E466FC2C126429728060B5CD92D9,

86C16FF88E66CCB92EE35022647DD94A46633534C3BC120C81AB719B4E0FF7C2 ] Ip6Fw         

  C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
01:24:13.0656 0x0cf4  Ip6Fw - ok
01:24:13.0781 0x0cf4  [ 731F22BA402EE4B62748ADAF6363C182,

5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ]

IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
01:24:15.0046 0x0cf4  IpFilterDriver - ok
01:24:15.0109 0x0cf4  [ 87DCEC7A87E8344E79DA035A5EDF8B0A,

3E866676CE0A0576F11C5C96FE18190B6E01A4B7BA8A7EA6822442C66036ABF7 ] IpInIp         

 C:\WINDOWS\system32\DRIVERS\ipinip.sys
01:24:15.0484 0x0cf4  IpInIp - ok
01:24:15.0671 0x0cf4  [ 8EB436E01A5535DCD0ADA273CBD4F7B0,

779A9B40447E26FBD31F46B85BB9735FD74FD26E5EB5C038FF658A9F3A10AD75 ] IpNat           

C:\WINDOWS\system32\DRIVERS\ipnat.sys
01:24:16.0000 0x0cf4  IpNat - ok
01:24:16.0265 0x0cf4  [ 13F79A5C92BB6A07540B7A37AC2C4AAD,

1C6686738B6677DD961CCD4B8EC4F7B1ABADA67F3C904F6566ADA56FE77D68F4 ] IPSec       

    C:\WINDOWS\system32\DRIVERS\ipsec.sys
01:24:17.0015 0x0cf4  IPSec - ok
01:24:17.0250 0x0cf4  [ 6FA444F11B5213AD2048EA1ED5D58159,

627A3E89D329B90F22876B0211029D973A26C9536F6278B84BCDF269265DCEDE ] IRENUM      

    C:\WINDOWS\system32\DRIVERS\irenum.sys
01:24:17.0656 0x0cf4  IRENUM - ok
01:24:17.0734 0x0cf4  [ 554AC08FFD31A9A4ED4337BA5F2B8702,

97B8D35324CA8A3C4ED14F33DC817434FF3CA521B42F634AD724528DF578CFCB ] isapnp     

     C:\WINDOWS\system32\DRIVERS\isapnp.sys
01:24:18.0328 0x0cf4  isapnp - ok
01:24:18.0453 0x0cf4  [ 6946E7C9B6ACB20CDDAC1F12E08FEB58,

6B27C44519E91A19971C6EF9AA21804EFE8E1206BDAA45BECA05B173B9A5C8F8 ] Kbdclass   

     C:\WINDOWS\system32\DRIVERS\kbdclass.sys
01:24:18.0765 0x0cf4  Kbdclass - ok
01:24:18.0875 0x0cf4  [ DF27EE324113679647D7CDB4C2322458,

42CD14B6F5CA12B8A65B7781A188A29C81C38292A3B22B473EB85D6240D1BCC0 ] kbdhid   

       C:\WINDOWS\system32\DRIVERS\kbdhid.sys
01:24:19.0187 0x0cf4  kbdhid - ok
01:24:19.0484 0x0cf4  [ 17566366EC1A5E48B9BA024DB7869B3D,

186C118FDCB156B1075BA6A28F3430E6AD19A123B17A0721F2E2210E92FBE6AF ] kmixer        

  C:\WINDOWS\system32\drivers\kmixer.sys
01:24:19.0703 0x0cf4  kmixer - ok
01:24:19.0984 0x0cf4  [ B467646C54CC746128904E1654C750C1,

3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD     

     C:\WINDOWS\system32\drivers\KSecDD.sys
01:24:20.0671 0x0cf4  KSecDD - ok
01:24:21.0062 0x0cf4  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527,

0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ]

LanmanServer    C:\WINDOWS\System32\srvsvc.dll
01:24:27.0062 0x0cf4  LanmanServer - ok
01:24:27.0312 0x0cf4  [ A8888A5327621856C0CEC4E385F69309,

B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ]

lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
01:24:28.0218 0x0cf4  lanmanworkstation - ok
01:24:28.0218 0x0cf4  lbrtfdc - ok
01:24:28.0312 0x0cf4  [ D53F9AED00F107A77D421A82BC8CEA6A,

C17B8D3C3B6794FC761B42B5B6A962AD577FDD1F930111D90E4FD84A147FD910 ] LmHosts     

    C:\WINDOWS\System32\lmhsvc.dll
01:24:30.0109 0x0cf4  LmHosts - ok
01:24:30.0109 0x0cf4  massfilter - ok
01:24:30.0312 0x0cf4  MBAMSwissArmy - ok
01:24:30.0687 0x0cf4  [ 0C422D003BB2EF1C98B4733C295B4F04,

DA1F484454D4EC80809AC301ED96683817D3AE4A6C26539B746582FD56C0B268 ] McAfee

SiteAdvisor Service c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
01:24:30.0828 0x0cf4  McAfee SiteAdvisor Service - ok
01:24:31.0343 0x0cf4  [ 16B115E3706F493BE99FCA5D75EE54CF,

CAEC1D17894EBBE303A23BD33B6E9DB9EFB670E31C7393812BCFB8B418FCD816 ] McAPExe   

      C:\Program Files\McAfee\MSC\McAPExe.exe
01:24:31.0828 0x0cf4  McAPExe - ok
01:24:32.0140 0x0cf4  [ 5007E21208DA68F60EBF43352BDFE6D0,

698B6AB8260E05D6A2D168939E8D7F9F1CC1C78FDEC4F6B9D1A7289FD83C841B ]

McMPFSvc        C:\Program Files\Common

Files\Mcafee\Platform\McSvcHost\McSvHost.exe
01:24:32.0640 0x0cf4  McMPFSvc - ok
01:24:32.0796 0x0cf4  [ 5007E21208DA68F60EBF43352BDFE6D0,

698B6AB8260E05D6A2D168939E8D7F9F1CC1C78FDEC4F6B9D1A7289FD83C841B ]

McNaiAnn        C:\Program Files\Common

Files\McAfee\Platform\McSvcHost\McSvHost.exe
01:24:32.0828 0x0cf4  McNaiAnn - ok
01:24:33.0406 0x0cf4  [ F86C81CEAC145BC440BA18B55D88605B,

ABC3EEB7FEE3DEBBA4CA474AC7A61489424BB8F9D08281DFA0E3BA91BF7862E3 ] McODS     

      C:\Program Files\McAfee\VirusScan\mcods.exe
01:24:34.0796 0x0cf4  McODS - ok
01:24:35.0109 0x0cf4  [ 5007E21208DA68F60EBF43352BDFE6D0,

698B6AB8260E05D6A2D168939E8D7F9F1CC1C78FDEC4F6B9D1A7289FD83C841B ] mcpltsvc  

      C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
01:24:35.0156 0x0cf4  mcpltsvc - ok
01:24:35.0187 0x0cf4  [ 5007E21208DA68F60EBF43352BDFE6D0,

698B6AB8260E05D6A2D168939E8D7F9F1CC1C78FDEC4F6B9D1A7289FD83C841B ] McProxy   

      C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
01:24:35.0218 0x0cf4  McProxy - ok
01:24:35.0390 0x0cf4  [ 571F38CFF87053ECEDCA3D2CDA963956,

83FB333B93B06B19FC6F753D1CDF1096966B302E0EE4C06F0E3F509773282A16 ] Messenger    

   C:\WINDOWS\System32\msgsvc.dll
01:24:36.0062 0x0cf4  Messenger - ok
01:24:36.0468 0x0cf4  [ BD40B4F2E6282ADABE9D82E963DB42FB,

B35E94445B0178D750F9CFE0A260E576DCB0DD280E8B00F0767568C170690073 ] mfeapfk      

   C:\WINDOWS\system32\drivers\mfeapfk.sys
01:24:36.0671 0x0cf4  mfeapfk - ok
01:24:36.0968 0x0cf4  [ 2AED3FE3E34AE751F4FD7EDF97B411F0,

A19836AC942375662E3F3D5E13A75AC16994432C2EAB5F56934DDA97E2FFEB40 ] mfeavfk    

     C:\WINDOWS\system32\drivers\mfeavfk.sys
01:24:37.0640 0x0cf4  mfeavfk - ok
01:24:37.0843 0x0cf4  [ 4DA6C7377F721C1A621FBE0474A77D60,

25FA62B4D4198609F97F58C7E2DE50533337E21D768EC74C1E00141B08D76E40 ] mfebopk      

   C:\WINDOWS\system32\drivers\mfebopk.sys
01:24:38.0062 0x0cf4  mfebopk - ok
01:24:38.0640 0x0cf4  [ E30103A209E0E0316E9B12B9C43F8063,

4BBA45946AF83BDAF167D43AEA9C8CCBF7F4E5A07E2E431AFB9863D0ECE83171 ] mfecore   

      C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
01:24:54.0171 0x0cf4  mfecore - ok
01:24:54.0546 0x0cf4  [ 8020C7C06B9DDC3372A9A84844C03136,

24C0FCBBDCEEB9A804D6A160C904DBEFD2DF5C576856255CAC2206EC9A6C9809 ] mfefire  

       C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
01:24:54.0578 0x0cf4  mfefire - ok
01:24:54.0609 0x0cf4  [ 496FA40A3D40A1158978498CFB814D9E,

FD31EC8114C784F741602AC7D584CD244482BB098BA2C2F49B06D2943BBA74A5 ] mfefirek   

     C:\WINDOWS\system32\drivers\mfefirek.sys
01:24:55.0500 0x0cf4  mfefirek - ok
01:24:56.0218 0x0cf4  [ 7A4C47EB5772B5E4E99D01734A60679B,

7D6CE9EFC9AEA2A6A1C1CE12477BC7B21436CE4E497F04E1C43FA392C8092136 ] mfehidk   

      C:\WINDOWS\system32\drivers\mfehidk.sys
01:24:57.0843 0x0cf4  mfehidk - ok
01:24:58.0281 0x0cf4  [ D7BDDB18EBAC819C627631EF0DBDB1E4,

1E2E64CD6FF61577308645705B79E72E70099F3B7E2C54E9837E7B3787F620A2 ] mfencbdc      

  C:\WINDOWS\system32\DRIVERS\mfencbdc.sys
01:24:59.0390 0x0cf4  mfencbdc - ok
01:24:59.0500 0x0cf4  [ CF97DC38DFFCD838F0278F39910624CD,

E06857A891ADDC699B7D4D3D75FF25CC3CB31E8F1C21E9C8C21F5FB172CD86AA ] mfencrk

        C:\WINDOWS\system32\DRIVERS\mfencrk.sys
01:24:59.0718 0x0cf4  mfencrk - ok
01:24:59.0796 0x0cf4  [ C4CEBD21C39E2E7DBD156BC458F8EC7D,

8120677ECBA8A12F0C711986D9BF5154CE9D48C9463DB79445672C5595F3FC64 ] mfendisk   

     C:\WINDOWS\system32\DRIVERS\mfendisk.sys
01:25:00.0187 0x0cf4  mfendisk - ok
01:25:00.0265 0x0cf4  [ C4CEBD21C39E2E7DBD156BC458F8EC7D,

8120677ECBA8A12F0C711986D9BF5154CE9D48C9463DB79445672C5595F3FC64 ]

mfendiskmp      C:\WINDOWS\system32\DRIVERS\mfendisk.sys
01:25:00.0312 0x0cf4  mfendiskmp - ok


01:25:00.0390 0x0cf4  [ C453856A058C6B3EB84D054173DDDC4D,

AFC25C058CE4255AA6E0A61CD4F3A0713015164F8F005313C88F2C9FB5A47B86 ] mfetdi2k   

     C:\WINDOWS\system32\drivers\mfetdi2k.sys
01:25:00.0406 0x0cf4  mfetdi2k - ok
01:25:00.0546 0x0cf4  [ 9ECA2FA155897ED17E42AFC70F0CE01D,

D646CA71A99241D3E5C8A9521D5B18B17BB8F85115271C476FB0ED3E4A21987A ] mfevtp      

    C:\WINDOWS\system32\mfevtps.exe
01:25:00.0984 0x0cf4  mfevtp - ok
01:25:01.0406 0x0cf4  Microsoft SharePoint Workspace Audit Service - ok
01:25:01.0578 0x0cf4  [ 4AE068242760A1FB6E1A44BF4E16AFA6,

1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd     

      C:\WINDOWS\system32\drivers\mnmdd.sys
01:25:36.0343 0x0cf4  mnmdd - ok
01:25:36.0656 0x0cf4  [ FA7D23D3DD5E7CE0F6869A246C7FC7C3,

2856F2D86F000B74341C689B657E2D02F050831D6632029D389320894A278EA5 ] mnmsrvc     

    C:\WINDOWS\system32\mnmsrvc.exe
01:25:40.0125 0x0cf4  mnmsrvc - ok
01:25:40.0812 0x0cf4  [ 24CFF4697702785872313159EC2434A2,

E8181A4E991F8AB33DB4C0378606A10033FEA06115C432C55142699E502D486D ] Mobile

Broadband HL Service C:\Documents and Settings\All Users\Application

Data\MobileBrServ\mbbservice.exe
01:25:42.0062 0x0cf4  Mobile Broadband HL Service - ok
01:25:42.0125 0x0cf4  [ 906499C774232C4C9444CC93425F05E2,

A4E24777112D69A6CFF4281A0398BFD89D7E98A6C21005C196063C3CD5215852 ] Modem    

       C:\WINDOWS\system32\drivers\Modem.sys
01:25:43.0281 0x0cf4  Modem - ok
01:25:43.0421 0x0cf4  [ DB03590221F87989BE31209394E112D1,

565F6A8D5895118053A13BFDDB35F1A20C8891DB94EFA0BCA6D6283902F0A467 ] Mouclass  

      C:\WINDOWS\system32\DRIVERS\mouclass.sys
01:25:44.0546 0x0cf4  Mouclass - ok
01:25:44.0656 0x0cf4  [ B1C303E17FB9D46E87A98E4BA6769685,

161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid    

      C:\WINDOWS\system32\DRIVERS\mouhid.sys
01:25:45.0718 0x0cf4  mouhid - ok
01:25:45.0859 0x0cf4  [ 14FFB41E7DB770E282080E54240A6339,

71827917DBF688D9BAB555036DD21EB30C9853D6A032E80062BC6B3C07459AA4 ]

MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
01:25:46.0812 0x0cf4  MountMgr - ok
01:25:47.0031 0x0cf4  [ 88430BB53A4374E3D150C589F143E752,

CAFF8EBDE77742AAF07C47133931F6ECE17D48042782B20C9A57CCF5220CC01E ]

MozillaMaintenance C:\Program Files\Mozilla Maintenance

Service\maintenanceservice.exe
01:25:47.0328 0x0cf4  MozillaMaintenance - ok
01:25:47.0343 0x0cf4  mraid35x - ok
01:25:47.0484 0x0cf4  [ DC60415365C36FABEC85F02510D33A5C,

195B16E98B007F3B7186B413BC3304FECBDB628FE24E36ED612C267D5630B49E ] MRxDAV       

   C:\WINDOWS\system32\DRIVERS\mrxdav.sys
01:25:48.0031 0x0cf4  MRxDAV - ok
01:25:48.0828 0x0cf4  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0,

DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb  

        C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
01:25:49.0468 0x0cf4  MRxSmb - ok
01:25:49.0609 0x0cf4  [ D4214476456F54ECF207F27F4A19AF30,

45ECDDB3F26EF9EA6090305FBC9391C81D8DDA4D98BC2437CA2C5CA6C7D06392 ] MSDTC  

         C:\WINDOWS\system32\msdtc.exe
01:25:50.0640 0x0cf4  MSDTC - ok
01:25:50.0843 0x0cf4  [ E09362C993B1DFA569166DA45C7E0CB8,

6E52AA0CE81954407BA610D6F5F7691BBE69448DBEAD01E5E9C26D07CDEA7918 ] Msfs          

  C:\WINDOWS\system32\drivers\Msfs.sys
01:25:52.0656 0x0cf4  Msfs - ok
01:25:52.0656 0x0cf4  MSIServer - ok
01:25:52.0796 0x0cf4  [ 4159DBFF2C48D4BD59CD7130318BBECB,

311D55166479BA7AD1F7ACA59A6D82D2A77BF44AEA5E4C23FC44B93F215AE772 ]

MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
01:25:54.0218 0x0cf4  MSKSSRV - ok
01:25:54.0328 0x0cf4  [ 74BE6D8014EBC0996D43F29515442295,

A2EE5F4E93620459DCF94EB118164FECFADB07C4413F5EE6C64BCC2D41970305 ] MSPCLOCK

       C:\WINDOWS\system32\drivers\MSPCLOCK.sys
01:25:57.0437 0x0cf4  MSPCLOCK - ok
01:25:58.0078 0x0cf4  [ 9730536657538F248EE95973216DFF59,

4AE153D384A683114CA81A1E792D2F052286D664A6FD506E5D9A2D68D1F061BC ] MSPQM   

        C:\WINDOWS\system32\drivers\MSPQM.sys
01:26:08.0687 0x0cf4  MSPQM - ok
01:26:08.0906 0x0cf4  [ 6A6F1B5F2E6079B6CEAC7FC0580961F3,

E417FAA2E6E005965A2B8A020D3A1F43EFFD8479F028B0FAC49A1723B34B5D61 ] mssmbios   

     C:\WINDOWS\system32\DRIVERS\mssmbios.sys
01:26:10.0328 0x0cf4  mssmbios - ok
01:26:10.0453 0x0cf4  [ DE6A75F5C270E756C5508D94B6CF68F5,

FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup          

   C:\WINDOWS\system32\drivers\Mup.sys
01:26:11.0671 0x0cf4  Mup - ok
01:26:12.0062 0x0cf4  [ 82A50BA9567F710A8BA6E0AFDE613104,

AC674184C9F322EA8BE3D0C08A4BE1FD59858C4D403E3820028A86C2234A286A ]

napagent        C:\WINDOWS\System32\qagentrt.dll
01:26:12.0984 0x0cf4  napagent - ok
01:26:13.0140 0x0cf4  [ 104EFCE994264E4B36C1B6F5A846EB60,

BCC9ADD954CA7869032E197DD521E96AF66FD9AF0E105D52B1D42D1E322C72EF ] NDIS        

    C:\WINDOWS\system32\drivers\NDIS.sys
01:26:13.0921 0x0cf4  NDIS - ok
01:26:14.0093 0x0cf4  [ 0109C4F3850DFBAB279542515386AE22,

4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi    

    C:\WINDOWS\system32\DRIVERS\ndistapi.sys
01:26:15.0281 0x0cf4  NdisTapi - ok
01:26:15.0531 0x0cf4  [ 4B51239904FFB424BF6ED20EE6860836,

AD67E3333A7D49CB41EAF3B9DC988CF35657A388A0DAF4CB1AB36EABA9FC4F9A ] Ndisuio

        C:\WINDOWS\system32\DRIVERS\ndisuio.sys
01:26:16.0203 0x0cf4  Ndisuio - ok
01:26:16.0531 0x0cf4  [ 6CC11A564FCD95313B0385C6787BBFFE,

95F3725DBE60D0CB30D1B63BA34E4A7B1A776CB5E8555DAC68AF49CEDD88FEFB ] NdisWan  

       C:\WINDOWS\system32\DRIVERS\ndiswan.sys
01:26:17.0234 0x0cf4  NdisWan - ok
01:26:17.0484 0x0cf4  [ 2F597BB467E05B1FE3830EABD821B8E0,

141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy    

     C:\WINDOWS\system32\drivers\NDProxy.sys
01:26:17.0828 0x0cf4  NDProxy - ok
01:26:17.0921 0x0cf4  [ A012EC6D73B1ACBB876DC0EFBE0FAFEE,

27F07379BAAED37B1A3D3E25D7A8E3D0A8F88E0C9CEAD283540BFEA314FD3635 ] NetBIOS   

      C:\WINDOWS\system32\DRIVERS\netbios.sys
01:26:18.0625 0x0cf4  NetBIOS - ok
01:26:18.0812 0x0cf4  [ B24ED3A4966D1A9251899025759DC847,

1A1A03CAE4AE456A84E8C505788C938F28A23B28EBBBF36E06D468C9DEE97438 ] NetBT        

   C:\WINDOWS\system32\DRIVERS\netbt.sys
01:26:25.0562 0x0cf4  NetBT - ok
01:26:25.0734 0x0cf4  [ C57B297C446A41FC2C7732F483382553,

99B803C9ECFB4BE963D89B148C9073A8A62B4C5012022A22AB0B876E2C993B01 ] NetDDE     

     C:\WINDOWS\system32\netdde.exe
01:26:26.0406 0x0cf4  NetDDE - ok
01:26:26.0515 0x0cf4  [ C57B297C446A41FC2C7732F483382553,

99B803C9ECFB4BE963D89B148C9073A8A62B4C5012022A22AB0B876E2C993B01 ]

NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
01:26:27.0171 0x0cf4  NetDDEdsdm - ok
01:26:27.0250 0x0cf4  [ 70885577298B92939F3B7AF54D5F8943,

98E33AD38AF6ADC5499E1416711CF522F5263D6800281F125460C16137DE43EB ] Netlogon    

    C:\WINDOWS\system32\lsass.exe
01:26:28.0015 0x0cf4  Netlogon - ok
01:26:28.0187 0x0cf4  [ A6F2589CD87CB2C53CA8B7F2BDC855DF,

4C3B247FFBB57F8F0AAC65EA1AB5B20DD5424868823D00CAD0A44A31872A59C1 ] Netman

         C:\WINDOWS\System32\netman.dll
01:26:28.0812 0x0cf4  Netman - ok
01:26:29.0437 0x0cf4  [ D34612C5D02D026535B3095D620626AE,

1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ]

NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows

Communication Foundation\SMSvcHost.exe
01:26:29.0953 0x0cf4  NetTcpPortSharing - ok
01:26:30.0046 0x0cf4  [ 1BC1CBE1423F6E5AF2630FAFCA6C6C72,

0BB48FEB4663A229C82B4F74A737855CD8653789CE541AF4078A482A3BFB9830 ] NIC1394     

    C:\WINDOWS\system32\DRIVERS\nic1394.sys
01:26:30.0421 0x0cf4  NIC1394 - ok
01:26:30.0578 0x0cf4  [ 943337D786A56729263071623BBB9DE5,

B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla             

C:\WINDOWS\System32\mswsock.dll
01:26:31.0562 0x0cf4  Nla - ok
01:26:31.0625 0x0cf4  [ C636EB36039B02E6C595D6D7C31D0F1C,

1E87B326616A5799C70CA7D494E005FB0A718E4A1A4BDC726D81AF390F860431 ] nm            

  C:\WINDOWS\system32\DRIVERS\NMnt.sys
01:26:31.0953 0x0cf4  nm - ok
01:26:32.0093 0x0cf4  [ 8209AEFF434C0D37543930AAD855BB79,

62E35233A356ACD8B198E9F979C6B940E262DCEBE9DBA996532AE4D647F913DA ] Npfs          

  C:\WINDOWS\system32\drivers\Npfs.sys
01:26:34.0234 0x0cf4  Npfs - ok
01:26:34.0718 0x0cf4  [ 3E8A141DCBEB618ADD4126A61CF264DD,

C8EB329B05D9993EC33EB21332BB00B654815C33506FD50F9A6CDA527C062EDD ] Ntfs            

C:\WINDOWS\system32\drivers\Ntfs.sys
01:26:36.0343 0x0cf4  Ntfs - ok
01:26:36.0546 0x0cf4  [ 70885577298B92939F3B7AF54D5F8943,

98E33AD38AF6ADC5499E1416711CF522F5263D6800281F125460C16137DE43EB ] NtLmSsp     

    C:\WINDOWS\system32\lsass.exe
01:26:37.0453 0x0cf4  NtLmSsp - ok
01:26:37.0953 0x0cf4  [ 05D072BADDAC2FF15D5382A391F0897A,

37A1E901FAF5243EB4EEA81481B6C67D33EF62403BAEE390F3185FE6763FA17E ] NtmsSvc        

 C:\WINDOWS\system32\ntmssvc.dll
01:26:40.0062 0x0cf4  NtmsSvc - ok
01:26:40.0156 0x0cf4  [ 73C1E1F395918BC2C6DD67AF7591A3AD,

B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            

C:\WINDOWS\system32\drivers\Null.sys
01:26:41.0687 0x0cf4  Null - ok
01:26:42.0000 0x0cf4  [ BA53B9653D079E32BC8E8737117B5BFC,

2C5784AEA591CFBA392057D90D1460801BCD44EE42A46918ED46EA6DC25A617E ]

NWCWorkstation  C:\WINDOWS\System32\nwwks.dll
01:26:45.0359 0x0cf4  NWCWorkstation - ok
01:26:45.0562 0x0cf4  [ B305F3FAD35083837EF46A0BBCE2FC57,

9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt   

     C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
01:26:46.0281 0x0cf4  NwlnkFlt - ok
01:26:46.0421 0x0cf4  [ C99B3415198D1AAB7227F2C88FD664B9,

DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd

       C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
01:26:47.0312 0x0cf4  NwlnkFwd - ok
01:26:47.0531 0x0cf4  [ DBC474CA8EFE2501ED38B688DA94DD08,

D1940127C5E20867190014BE74AA59F38234C9AE9EA1E6BA15EDA98B25B67CDC ] NwlnkIpx

       C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
01:26:48.0531 0x0cf4  NwlnkIpx - ok
01:26:48.0609 0x0cf4  [ 56D34A67C05E94E16377C60609741FF8,

ABE48D3E7D38DB20E9D4884FC6FE42FAE0C5FAFD3AC86F1E585A4BB17C6F09C5 ] NwlnkNb  

       C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
01:26:49.0609 0x0cf4  NwlnkNb - ok
01:26:49.0890 0x0cf4  [ C0BB7D1615E1ACBDC99757F6CEAF8CF0,

899905C0EB182ABCDAE0D0D749C0BC39CD231B9FAEE733D5DFDAE86EB8BC755B ]

NwlnkSpx        C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
01:26:51.0109 0x0cf4  NwlnkSpx - ok
01:26:51.0343 0x0cf4  [ 9FB5C83D05AE3EB2B691F574F61F51E3,

5A023D50C7B26B6CD72E17B1A982133E781C57436DCCEF218D32AFCEDC6C9223 ] NWRDR   

        C:\WINDOWS\system32\DRIVERS\nwrdr.sys
01:27:10.0812 0x0cf4  NWRDR - ok
01:27:11.0125 0x0cf4  [ 4B83FCBBE72AF5F99D109798653E8B78,

E646F6D365392890A3618D54D25EC4E1182400C4FF258158DBA24F814BC8C990 ]

NwSapAgent      C:\WINDOWS\System32\ipxsap.dll
01:27:11.0687 0x0cf4  NwSapAgent - ok
01:27:11.0796 0x0cf4  [ DB8294873A9CFC7482E76BFCABBE7BE5,

54D7AADB42444E746FE9227B973369E50A65DD999256C273DE59E2FCB6DAF1BE ] ohci1394   

     C:\WINDOWS\system32\DRIVERS\ohci1394.sys
01:27:12.0281 0x0cf4  ohci1394 - ok
01:27:12.0578 0x0cf4  [ C3E24FBFA4C3291A5E5310609A58DB2E,

CC49A52348B880B68CF403D27FB82A2FA4DE0450F37A5F45A40E101D41E5F984 ] ose             

C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:27:12.0609 0x0cf4  ose - ok
01:27:13.0671 0x0cf4  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7,

F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc        

 C:\Program Files\Common Files\Microsoft

Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
01:27:25.0046 0x0cf4  osppsvc - ok
01:27:25.0218 0x0cf4  [ 31ACEC5ABBBC4F9037DB1333F1663FCD,

F0EF83370420B6C0A5570F0D29BDFDA9EE2CF80DFBB6C1A762B8F8A7409DBABF ] Parport       

  C:\WINDOWS\system32\DRIVERS\parport.sys
01:27:50.0625 0x0cf4  Parport - ok
01:27:50.0765 0x0cf4  [ 07F08CDC6BCF2257BD884C3EE91288DB,

46AF692E242074FA212123E48EEEE36AD940D9EC8F2FA54270CBA6B76194FA8E ] PartMgr       

  C:\WINDOWS\system32\drivers\PartMgr.sys
01:27:51.0421 0x0cf4  PartMgr - ok
01:27:51.0656 0x0cf4  [ 70E98B3FD8E963A6A46A2E6247E0BEA1,

6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm      

    C:\WINDOWS\system32\drivers\ParVdm.sys
01:27:52.0578 0x0cf4  ParVdm - ok
01:27:52.0843 0x0cf4  [ 175CC28DCF819F78CAA3FBD44AD9E52A,

C00F17040440E5C10439FF8110368A7813BD197E96338FD3703C86E399E27128 ] pccsmcfd     

   C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
01:28:00.0359 0x0cf4  pccsmcfd - ok
01:28:00.0500 0x0cf4  [ 5DE1E01E77255550E0038EFF628F202E,

F1DF76DE2E97AC95F526E36783CA27D97B632A3E7A228A7D32834C553A61E459 ] PCI            

 C:\WINDOWS\system32\DRIVERS\pci.sys
01:28:02.0140 0x0cf4  PCI - ok
01:28:02.0265 0x0cf4  PCIDump - ok
01:28:02.0375 0x0cf4  [ CCF5F451BB1A5A2A522A76E670000FF0,

D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde        

  C:\WINDOWS\system32\drivers\PCIIde.sys
01:28:04.0109 0x0cf4  PCIIde - ok
01:28:04.0562 0x0cf4  [ BB7884FD8831691778F009A9A827401C,

1DFA7EC0473ECA16642021A4EB43CE52798D07A198DEAEF527E051551E751746 ] Pcmcia      

    C:\WINDOWS\system32\drivers\Pcmcia.sys
01:28:07.0484 0x0cf4  Pcmcia - ok
01:28:07.0484 0x0cf4  PDCOMP - ok
01:28:07.0500 0x0cf4  PDFRAME - ok
01:28:07.0500 0x0cf4  PDRELI - ok
01:28:07.0515 0x0cf4  PDRFRAME - ok
01:28:07.0515 0x0cf4  perc2 - ok
01:28:07.0531 0x0cf4  perc2hib - ok
01:28:07.0609 0x0cf4  [ 65DF52F5B8B6E9BBD183505225C37315,

59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay    

    C:\WINDOWS\system32\services.exe
01:28:09.0671 0x0cf4  PlugPlay - ok
01:28:10.0343 0x0cf4  [ 9D84376931440F3679BEEF2A414FA493,

C800227A67C3C10A26114DB54F5390D2A475D36BE65E87CB890A6819B0BB4884 ] Pml

Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
01:28:11.0203 0x0cf4  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
01:28:22.0125 0x0cf4  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
01:28:22.0203 0x0cf4  Force sending object to P2P due to detect: Pml Driver HPZ12
01:28:33.0515 0x0cf4  Object send P2P result: true
01:28:37.0531 0x0cf4  [ 70885577298B92939F3B7AF54D5F8943,

98E33AD38AF6ADC5499E1416711CF522F5263D6800281F125460C16137DE43EB ]

PolicyAgent     C:\WINDOWS\system32\lsass.exe
01:29:03.0968 0x0cf4  PolicyAgent - ok
01:29:04.0671 0x0cf4  [ 4FB133321E33CF310B0010F7F3631536,

FC31C0BC624FC1D2FFD839044B99BE6B361AED0A82FB553DA9FCA6F6CDE1FDFD ] pppop     

      C:\WINDOWS\system32\DRIVERS\pppop.sys
01:29:05.0250 0x0cf4  pppop - ok
01:29:07.0250 0x0cf4  [ 6F8D4E8942170430E1E8E1392BE1C7E2,

6348B949FE12FEB3DD9ECD82D852165EEA4F03C045E9B99AE0857ABF6735BB96 ]

PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
01:29:27.0312 0x0cf4  PptpMiniport - ok
01:29:27.0640 0x0cf4  [ 70885577298B92939F3B7AF54D5F8943,

98E33AD38AF6ADC5499E1416711CF522F5263D6800281F125460C16137DE43EB ]

ProtectedStorage C:\WINDOWS\system32\lsass.exe
01:29:27.0953 0x0cf4  ProtectedStorage - ok
01:29:28.0718 0x0cf4  [ 5F03F871DC8C223334BA91FC980E8EAF,

E5C9955428B2A6BBFBE99AF87EBAC14B287A920CC4423BD1846B6725755DFCAA ] PSched    

      C:\WINDOWS\system32\DRIVERS\psched.sys
01:29:29.0281 0x0cf4  PSched - ok
01:29:29.0406 0x0cf4  [ 80D317BD1C3DBC5D4FE7B1678C60CADD,

DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink        

 C:\WINDOWS\system32\DRIVERS\ptilink.sys
01:29:29.0734 0x0cf4  Ptilink - ok
01:29:29.0734 0x0cf4  ql1080 - ok
01:29:29.0750 0x0cf4  Ql10wnt - ok
01:29:29.0750 0x0cf4  ql12160 - ok
01:29:29.0796 0x0cf4  ql1240 - ok
01:29:29.0796 0x0cf4  ql1280 - ok
01:29:31.0171 0x0cf4  [ FE0D99D6F31E4FAD8159F690D68DED9C,

998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          

C:\WINDOWS\system32\DRIVERS\rasacd.sys
01:29:31.0468 0x0cf4  RasAcd - ok
01:29:32.0406 0x0cf4  [ C2605EA65BF1B052E42D752FA7FCFDA5,

F8E93E2F0DADE459E022D951A65D45A267C121043692BAFB635D101F16492BB3 ] RasAuto      

   C:\WINDOWS\System32\rasauto.dll
01:29:34.0968 0x0cf4  RasAuto - ok
01:29:36.0062 0x0cf4  [ 0ACC9422B1029011D057FBABEC4C5FA9,

75A5FAF7E0A4E81BBADEFAFA1E35631CC7668491840D3A641EB3CC50D8602B1A ] Rasl2tp    

     C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
01:29:36.0484 0x0cf4  Rasl2tp - ok
01:29:36.0859 0x0cf4  [ 67872BE9182B9FF39B2759E91EAC5D06,

A463B28927CB085838B8946A657D1D6C5E78033D4BEADA798168F78A08842E19 ] RasMan    

      C:\WINDOWS\System32\rasmans.dll
01:29:37.0562 0x0cf4  RasMan - ok
01:29:39.0453 0x0cf4  [ 11C361AA15FB8E72118BD8415E6DBD7F,

0AE124F11E9B5BCA53FB7FBB977D663BB4FAE8D0D03ED19BC1460B61797BB39A ] RasPppoe   

     C:\WINDOWS\system32\DRIVERS\raspppoe.sys
01:29:40.0312 0x0cf4  RasPppoe - ok
01:29:41.0125 0x0cf4  [ FDBB1D60066FCFBB7452FD8F9829B242,

10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti      

    C:\WINDOWS\system32\DRIVERS\raspti.sys
01:29:41.0718 0x0cf4  Raspti - ok
01:29:41.0984 0x0cf4  [ 567B201561F77ED347C5BE8820D55B2D,

6CBC82464846C5DABFC537AA80DF6901C41773A1C611F626DF3F7922B7764D68 ] Rdbss       

    C:\WINDOWS\system32\DRIVERS\rdbss.sys
01:29:42.0796 0x0cf4  Rdbss - ok
01:29:43.0578 0x0cf4  [ 4912D5B403614CE99C28420F75353332,

975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD        

  C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
01:29:43.0968 0x0cf4  RDPCDD - ok
01:29:44.0359 0x0cf4  [ 689D94F2D76C44EEEF04113B74F652E4,

91DA8843C790FB7C3B939B6ED30FFF6BEEEE8BDCC655E70654A21E880C3BB2DC ] rdpdr         

  C:\WINDOWS\system32\DRIVERS\rdpdr.sys
01:29:45.0421 0x0cf4  rdpdr - ok
01:29:46.0968 0x0cf4  [ 43AF5212BD8FB5BA6EED9754358BD8F7,

AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD   

        C:\WINDOWS\system32\drivers\RDPWD.sys
01:29:49.0250 0x0cf4  RDPWD - ok
01:29:50.0218 0x0cf4  [ 25DBECA33C5FE916490B6FAAE307DE55,

F845A972F94981E5D47C564072BF619DB646F922C78CAF8EC5956980469B9E03 ] RDSessMgr   

    C:\WINDOWS\system32\sessmgr.exe
01:29:51.0593 0x0cf4  RDSessMgr - ok
01:29:52.0328 0x0cf4  [ EBE526E35F00189AFBD4FE379C76E416,

5E60736BCE339D08B78F5CE37DF51233AAEFC60D74CF5C892B529FAB9438868D ] redbook    

     C:\WINDOWS\system32\DRIVERS\redbook.sys
01:29:53.0265 0x0cf4  redbook - ok
01:29:55.0734 0x0cf4  [ 7A11E5CDF3F6FCDFDEA885B5889B2369,

C1C12852786FDAEA478001E3B2FFE85EB8220C387772DB05BDA8781E9BA412EC ]

RemoteAccess    C:\WINDOWS\System32\mprdim.dll
01:29:56.0328 0x0cf4  RemoteAccess - ok
01:29:58.0406 0x0cf4  [ 14EB586446F5A6C17CCC685DDA3B91BE,

707F8F0D8A742A5E6E984C8AC69E115A9A8223ECFBF20929ECF08F1F3BA18CF4 ]

RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
01:29:59.0281 0x0cf4  RemoteRegistry - ok
01:30:01.0406 0x0cf4  [ AD60DCBEDADA52BF6C03717E822F176D,

A1E74C6BD2A447F0FE1C2460E731DDFFB9893DDB07663F9B62C3C2598E6BC2FA ]

RpcLocator      C:\WINDOWS\system32\locator.exe
01:30:02.0031 0x0cf4  RpcLocator - ok
01:30:03.0187 0x0cf4  [ 6B27A5C03DFB94B4245739065431322C,

6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs        

   C:\WINDOWS\system32\rpcss.dll
01:30:04.0359 0x0cf4  RpcSs - ok
01:30:10.0328 0x0cf4  [ 471B3F9741D762ABE75E9DEEA4787E47,

D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP     

       C:\WINDOWS\system32\rsvp.exe
01:30:10.0953 0x0cf4  RSVP - ok
01:30:12.0437 0x0cf4  [ 70885577298B92939F3B7AF54D5F8943,

98E33AD38AF6ADC5499E1416711CF522F5263D6800281F125460C16137DE43EB ] SamSs         

  C:\WINDOWS\system32\lsass.exe
01:30:13.0484 0x0cf4  SamSs - ok
01:30:14.0765 0x0cf4  [ 191626FB54124AEFB11948D9CBB56AA8,

2AFFB5ACBAAA9D3089F77B37BA323C4A51F12FFFD79DC571C2239E1D3583EAA7 ]

SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
01:30:20.0046 0x0cf4  SCardSvr - ok
01:30:20.0546 0x0cf4  [ B1AAF8F173BB05E9FF544642D12936F6,

6D3D5976A86530EFC774E75E7A1050FEDDC8F8F18FBCD820E4285E4262D0930B ] Schedule    

    C:\WINDOWS\system32\schedsvc.dll
01:30:21.0453 0x0cf4  Schedule - ok
01:30:22.0437 0x0cf4  [ 90A3935D05B494A5A39D37E71F09A677,

F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv       

   C:\WINDOWS\system32\DRIVERS\secdrv.sys
01:30:23.0625 0x0cf4  Secdrv - ok
01:30:24.0890 0x0cf4  [ F11FD54B991831EE3E64D677008F862F,

EB24675DF3018CE61F560DF555E88A8DC0E63C22F76996DB2D3E72E8428294DD ] seclogon    

    C:\WINDOWS\System32\seclogon.dll
01:30:25.0609 0x0cf4  seclogon - ok
01:30:26.0546 0x0cf4  [ 8A85AE71E0B5B01E565582B8DA6A70B3,

06A2CFB7176FD47DBA7122F2C3DC4FD77FE9E12A0058E2022BC48072FBEBE3EA ] SENS           

 C:\WINDOWS\system32\sens.dll
01:30:27.0000 0x0cf4  SENS - ok
01:30:28.0468 0x0cf4  [ D39C4A6ACB529BE4FFA5E49EECCBBC5B,

7603395B6CD312A5F87E796BD4B1C629430CDCF9ADE6F1C683F179E36A1A37A0 ] Serial        

  C:\WINDOWS\system32\drivers\Serial.sys
01:30:28.0890 0x0cf4  Serial - ok
01:30:30.0968 0x0cf4  [ 9D38320BB32230349379DF5DDBBF7FCE,

8AAA8B0B60E65F596C3276DCCD0D8146B40172B6D509B597EDFDA46AC8A72A4C ]

ServiceLayer    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe


01:30:31.0953 0x0cf4  ServiceLayer - detected UnsignedFile.Multi.Generic ( 1 )
01:30:35.0140 0x0cf4  Detect skipped due to KSN trusted
01:30:35.0140 0x0cf4  ServiceLayer - ok
01:30:35.0421 0x0cf4  [ 16C82920B49D58548DDE524BD91FE275,

1E4B417504E2023C026303878912C6FED58FBA439647E6DF877DE69FFD115F22 ] Sfloppy         

C:\WINDOWS\system32\drivers\Sfloppy.sys
01:30:36.0062 0x0cf4  Sfloppy - ok
01:30:37.0343 0x0cf4  [ CF0E8BD38C8E3FF71E4659B2ED9F7220,

86497B0071FA254D57F69D0E871490C625A01CCADA1C750817545DB181E415E7 ]

SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
01:30:38.0906 0x0cf4  SharedAccess - ok
01:30:40.0187 0x0cf4  [ 99BC0B50F511924348BE19C7C7313BBF,

A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ]

ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
01:30:41.0234 0x0cf4  ShellHWDetection - ok
01:30:41.0234 0x0cf4  Simbad - ok
01:30:41.0250 0x0cf4  Sparrow - ok
01:30:41.0968 0x0cf4  [ 56D1314C6B52622B7B33F4B5941C07BC,

4F0A9F9A27926597E75B3A08CCB6B27DA5E99C62C47A300D111595FCC4236CE6 ] splitter     

   C:\WINDOWS\system32\drivers\splitter.sys
01:30:42.0312 0x0cf4  splitter - ok
01:30:42.0984 0x0cf4  [ 60784F891563FB1B767F70117FC2428F,

E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler        

 C:\WINDOWS\system32\spoolsv.exe
01:30:43.0734 0x0cf4  Spooler - ok
01:30:44.0671 0x0cf4  [ F434259611A11E8B9F9E94454171DCDB,

0CAB9FC49FBA288B745DE5DB844BEBF95EDDCF336D80FBB16ECB2DB55174E605 ] sr              

C:\WINDOWS\system32\DRIVERS\sr.sys
01:30:45.0359 0x0cf4  sr - ok
01:30:46.0390 0x0cf4  [ C48C9775ADF79320DE07A354D3F2FA48,

D6CAE90ED5149DE44071B7D115EE6A686081D0AC519D5613D4E2BDC80D300445 ] srservice

      C:\WINDOWS\system32\srsvc.dll
01:30:47.0250 0x0cf4  srservice - ok
01:30:48.0234 0x0cf4  [ 959F0206D46CE43F1EB0A5B4D508B35F,

2A672E2CFD9C4D1A3EE1E1174EE8D7E54EFAF782902194CF53089690BE993702 ]

SRS_HDAL_Service C:\WINDOWS\system32\drivers\SRS_HDAL_i386.sys
01:30:49.0921 0x0cf4  SRS_HDAL_Service - ok
01:30:50.0718 0x0cf4  [ 47DDFC2F003F7F9F0592C6874962A2E7,

17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             

C:\WINDOWS\system32\DRIVERS\srv.sys
01:30:52.0250 0x0cf4  Srv - ok
01:30:52.0687 0x0cf4  [ 42A3A34B5D59D3CF54C683FEEF5AB900,

E24E638D42F27897AEE84CD7B1EE561BC4D30BCF436F90355DC115D18D47AA56 ] SSDPSRV   

      C:\WINDOWS\System32\ssdpsrv.dll
01:30:53.0093 0x0cf4  SSDPSRV - ok
01:30:54.0156 0x0cf4  [ CC01384090411493D4F5439D0C70716B,

F4E2B5CE16510AD143E95D384B3308105BAEB6228018A32948F4EF4D119F2771 ] stisvc          

C:\WINDOWS\system32\wiaservc.dll
01:30:56.0921 0x0cf4  stisvc - ok
01:30:57.0156 0x0cf4  [ 0C749E7ECE8794AE1794099C1953DB9E,

AF3DFBCBA6FB0A89DD8104CDBE2CABFA51526ADFB66183AFCF3FFBAD5C2E00CD ]

swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
01:30:58.0171 0x0cf4  swenum - ok
01:30:58.0250 0x0cf4  [ D0DCD940E9301ADD51DF993313F3115B,

4B2A33658B4873961B6899B8A8B012A6D10354B323624D0CF01F144E6FBE8AB5 ] swmidi         

 C:\WINDOWS\system32\drivers\swmidi.sys
01:30:59.0296 0x0cf4  swmidi - ok
01:30:59.0312 0x0cf4  SwPrv - ok
01:30:59.0328 0x0cf4  symc810 - ok
01:30:59.0328 0x0cf4  symc8xx - ok
01:30:59.0343 0x0cf4  SymIM - ok
01:30:59.0359 0x0cf4  SymIMMP - ok
01:30:59.0359 0x0cf4  sym_hi - ok
01:30:59.0375 0x0cf4  sym_u3 - ok
01:30:59.0656 0x0cf4  [ 1E993BDA05D911D49FF5531EA6D1B8CD,

8ABAED03EF72C186A40EA54F10F9A8C592F7FA820D26DE2E8F0F4538785E8D8B ] sysaudio     

   C:\WINDOWS\system32\drivers\sysaudio.sys
01:31:00.0453 0x0cf4  sysaudio - ok
01:31:01.0312 0x0cf4  [ 1C6A886F04E74A20183DD032C6CE6456,

D0C6CEEA14997C83424694521342903F0F9AD49E16568C3CDB3CA6DB65809388 ]

SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
01:31:02.0062 0x0cf4  SysmonLog - ok
01:31:03.0187 0x0cf4  [ 74F2AE529878B494BD928CB64B490220,

FFF69DE198F5E4C8FCF2E11A98CC962F335BD79E39256389C1333F103B3E7155 ] TapiSrv         

C:\WINDOWS\System32\tapisrv.dll
01:31:03.0953 0x0cf4  TapiSrv - ok
01:31:04.0562 0x0cf4  [ 9AEFA14BD6B182D61E3119FA5F436D3D,

EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip          

 C:\WINDOWS\system32\DRIVERS\tcpip.sys
01:31:05.0718 0x0cf4  Tcpip - ok
01:31:06.0156 0x0cf4  [ FC56140FDBB88B504E9D745C1E3ABB1C,

97D947BBD572C4BA9D9326F1E52D100B36C4EC9A477CD0BAAC559CD3C3BB8285 ] TDPIPE   

       C:\WINDOWS\system32\drivers\TDPIPE.sys
01:31:06.0796 0x0cf4  TDPIPE - ok
01:31:07.0218 0x0cf4  [ 66B2C34BFFE6E5FF9FC226F7DDDECEF5,

E5CEE937C35EF2D8966145C6224A4428B1BD76F99D4DE89D0FE90E9F6531A6B0 ] TDTCP          

 C:\WINDOWS\system32\drivers\TDTCP.sys
01:31:07.0671 0x0cf4  TDTCP - ok
01:31:07.0718 0x0cf4  TeamViewer4 - ok
01:31:08.0375 0x0cf4  [ 3CA25BF3B7391D4AD0C6F1DC8D1B717D,

67DB6A52B7C974884F0D13028437C34B5D12FD1A8E7D83AB258592BCF70F5C24 ] TermDD     

     C:\WINDOWS\system32\DRIVERS\termdd.sys
01:31:13.0046 0x0cf4  TermDD - ok
01:31:15.0140 0x0cf4  [ 6BD9B61403E1A9B366FB46FD66464940,

29AA5540CF4F96150D0699A8A20AFBA35909E7B3FEDC6139F43D729452347531 ]

TermService     C:\WINDOWS\System32\termsrv.dll
01:31:17.0109 0x0cf4  TermService - ok
01:31:17.0281 0x0cf4  [ 99BC0B50F511924348BE19C7C7313BBF,

A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes     

     C:\WINDOWS\System32\shsvcs.dll
01:31:17.0609 0x0cf4  Themes - ok
01:31:18.0109 0x0cf4  [ 51FB761031E14B1FA7AFDA9E01C22A1E,

CC3D6F577EB7881D55E957AAD364E4F58433E8D9E4286DF95E9E1EBCA9A87E8A ] TlntSvr        

 C:\WINDOWS\system32\tlntsvr.exe
01:31:19.0531 0x0cf4  TlntSvr - ok
01:31:19.0546 0x0cf4  TosIde - ok
01:31:19.0578 0x0cf4  [ 1C968E4691B63F5B86C4C65C12D7D206,

55BCF8CC630185793A9DEA39431E3A7514E7B0C33C10D80BD1D14BDA3CE65885 ] TrkWks    

      C:\WINDOWS\system32\trkwks.dll
01:31:21.0015 0x0cf4  TrkWks - ok
01:31:21.0500 0x0cf4  [ 885ED0A5A38E4DB0B97837B647E26F5F,

94EEB4D8B73CA254141DFAC116F4F7DD003FB17749214EA5F1FE434637CAEA28 ] Udfs            

C:\WINDOWS\system32\drivers\Udfs.sys
01:31:22.0265 0x0cf4  Udfs - ok
01:31:22.0343 0x0cf4  ultra - ok
01:31:23.0734 0x0cf4  [ A2CE1DAB37EDB7A596966FA4BAA93BBD,

F31F4EDC3168541ED1BE89D42D38821DB26F7EE62BF584AD6E080F352BC5B5F8 ] Update         

 C:\WINDOWS\system32\DRIVERS\update.sys
01:31:24.0515 0x0cf4  Update - ok
01:31:25.0250 0x0cf4  [ 3F8D788E067268FEEA1C79B5907B9556,

64DBABFE31452FC5FC187434A6040F1CE8C26FA2CA8EF62591E677FF69A51613 ] upnphost    

    C:\WINDOWS\System32\upnphost.dll
01:31:25.0468 0x0cf4  upnphost - ok
01:31:26.0125 0x0cf4  [ E876879DEC4509FFD26CAC208FDCB4FE,

3F55BA66BACBB6586797D115D4C21C61305740919221BBA59CD97FA29162FADA ] UPS          

   C:\WINDOWS\System32\ups.exe
01:31:27.0140 0x0cf4  UPS - ok
01:31:27.0859 0x0cf4  [ 1B611611C28D2DF25BC057D79C6F13FC,

B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp    

     C:\WINDOWS\system32\DRIVERS\usbccgp.sys
01:31:28.0187 0x0cf4  usbccgp - ok
01:31:29.0250 0x0cf4  [ 4BAC8DF07F1D8434FC640E677A62204E,

76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci        

 C:\WINDOWS\system32\DRIVERS\usbehci.sys
01:31:35.0078 0x0cf4  usbehci - ok
01:31:35.0156 0x0cf4  [ 23397705CAE15D9C3AB04B6CCB51F588,

0537D09B6DA65290DB70AA268521E6DACD8236464339595E53110D001704A4D3 ] usbhub    

      C:\WINDOWS\system32\DRIVERS\usbhub.sys
01:31:35.0515 0x0cf4  usbhub - ok
01:31:37.0703 0x0cf4  [ 2B772ECE9D1701B875259EBBDB0BAAD7,

ABA36A5A186B906A0E25A8EC2735DD4F0F27FDFD5B6EB015BB4D8244C097A291 ] usbprint   

     C:\WINDOWS\system32\DRIVERS\usbprint.sys
01:31:39.0171 0x0cf4  usbprint - ok
01:31:39.0468 0x0cf4  [ F8EDE2B6928970DCE3D5614C27D9E7F6,

6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan   

      C:\WINDOWS\system32\DRIVERS\usbscan.sys
01:31:39.0812 0x0cf4  usbscan - ok
01:31:39.0843 0x0cf4  [ BA215DD63AE739565ECB443D265CE0C6,

C7416E6A379C67CF758B9FC8FCFA04E91CDFD631D68FF4DD24485402197160DA ] usbstor     

    C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
01:31:40.0218 0x0cf4  usbstor - ok
01:31:42.0046 0x0cf4  [ 49470AA99527B811CE4A46D2F6DF5ACE,

CC7719D6F3A1CB0BDC72FD605E7E56BBBF5554E399BD7A5A1CE02D7B6E4A7D1A ] usbuhci  

       C:\WINDOWS\system32\DRIVERS\usbuhci.sys
01:31:42.0546 0x0cf4  usbuhci - ok
01:31:44.0312 0x0cf4  [ B4D7B7AD8A9F7C063C5CC3E2C1A0724E,

CFA47A71403419CA7C94333B4F7766DFC97C5DCDBC3AD1B106044B93C979A5C5 ]

usb_rndisx      C:\WINDOWS\system32\DRIVERS\usb8023x.sys
01:31:44.0859 0x0cf4  usb_rndisx - ok
01:31:46.0562 0x0cf4  [ 5437703622D5E398E45F5A0578A191BA,

DFD6A24E169F5B31138D7E27788B25EC09BCEE7365ECAD7B0E5965704796D826 ] VgaSave    

     C:\WINDOWS\System32\drivers\vga.sys
01:31:47.0140 0x0cf4  VgaSave - ok
01:31:47.0140 0x0cf4  ViaIde - ok
01:31:48.0484 0x0cf4  [ 4B7A8D499374EDE1FDC7CEC22094E12E,

AC0E0079C908798FB3C1FD60A9A534041B73F145F4AD8751308E0D9FFC8A539D ] VolSnap    

     C:\WINDOWS\system32\drivers\VolSnap.sys
01:31:49.0609 0x0cf4  VolSnap - ok
01:31:50.0640 0x0cf4  [ 19BDE11A7EE797908E252677932A0964,

E342C64B125745DD9187F1E55AA5D41B28FD04F13B5AA5E1B681B881F012E381 ] VSS             

C:\WINDOWS\System32\vssvc.exe
01:31:51.0078 0x0cf4  VSS - ok
01:31:51.0531 0x0cf4  [ DB5633CF64637919A002B5AECC76A9B5,

6EECF5F4CB63791E6BB75228FDE1D236731D129CC7490569489F52646B92A165 ] W32Time      

   C:\WINDOWS\system32\w32time.dll
01:31:51.0953 0x0cf4  W32Time - ok
01:31:52.0468 0x0cf4  [ 91A407C7F833BCF97240564FD44B1A66,

B6A9AE1FB53D8E0B868694B0F758D1C09F8256F1C2D562B36CC673DA8482E60A ] Wanarp     

     C:\WINDOWS\system32\DRIVERS\wanarp.sys
01:31:52.0734 0x0cf4  Wanarp - ok
01:31:52.0734 0x0cf4  WDICA - ok
01:31:52.0796 0x0cf4  [ 76E4B15C066144E711464F72D7B27AF3,

3D91304EBEDEE3788C647697D1082CE7DB5C91F12A7ED46B568BD7BC224A1398 ] wdmaud   

       C:\WINDOWS\system32\drivers\wdmaud.sys
01:31:54.0046 0x0cf4  wdmaud - ok
01:31:54.0515 0x0cf4  [ F98737AD88563DD7A5CEB01A6F14C273,

2D62B880C0A326B993BD76B76DC130E2FDF9CA2F4FC53D159F09C2DE623E7EC8 ]

WebClient       C:\WINDOWS\System32\webclnt.dll
01:31:55.0296 0x0cf4  WebClient - ok
01:31:56.0625 0x0cf4  [ 6A5011B6CDC97EFB2624DC84CEEE10A0,

78DA902E8EF669ED1C4100734AD8F2F65A37C621F1579078CAF2B5EB67CAAF14 ] winmgmt  

       C:\WINDOWS\system32\wbem\WMIsvc.dll
01:31:58.0671 0x0cf4  winmgmt - ok
01:31:59.0250 0x0cf4  [ C51B4A5C05A5475708E3C81C7765B71D,

F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ]

WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
01:32:00.0296 0x0cf4  WmdmPmSN - ok
01:32:00.0546 0x0cf4  [ E76F8807070ED04E7408A86D6D3A6137,

BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi           

  C:\WINDOWS\System32\advapi32.dll
01:32:01.0750 0x0cf4  Wmi - ok
01:32:02.0625 0x0cf4  [ 1176656B002BB4983185279A560D6CDC,

9D7AFAC5D9833FD94D76ADB23223E7AE09E0A94EB50FD847EB9EBD6CB529300F ]

WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
01:32:04.0234 0x0cf4  WmiApSrv - ok
01:32:07.0234 0x0cf4  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B,

C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ]

WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
01:32:09.0468 0x0cf4  WMPNetworkSvc - ok
01:32:10.0656 0x0cf4  [ CF4DEF1BF66F06964DC0D91844239104,

CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb   

       C:\WINDOWS\system32\DRIVERS\wpdusb.sys
01:32:11.0093 0x0cf4  WpdUsb - ok
01:32:12.0109 0x0cf4  [ 6ABE6E225ADB5A751622A9CC3BC19CE8,

4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL       

  C:\WINDOWS\System32\drivers\ws2ifsl.sys
01:32:12.0390 0x0cf4  WS2IFSL - ok
01:32:12.0546 0x0cf4  [ 7D9199D9006D8FCBCCF3C6416F939B16,

720F29755D1DACF19D640A94FB60CC1E55C6931DC5726DF0A51DD089129AEDA8 ] wscsvc  

        C:\WINDOWS\system32\wscsvc.dll
01:32:12.0828 0x0cf4  wscsvc - ok
01:32:13.0468 0x0cf4  [ D17E3330856C16B51651F9431FE197AC,

D0DAB5ABED706DDEC7817D7FA8B7D753A69D24BE41FA7CA42C61C2C3FC79735B ]

wuauserv        C:\WINDOWS\system32\wuauserv.dll
01:32:13.0812 0x0cf4  wuauserv - ok
01:32:14.0359 0x0cf4  [ F15FEAFFFBB3644CCC80C5DA584E6311,

79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf          

C:\WINDOWS\system32\DRIVERS\WudfPf.sys
01:32:15.0093 0x0cf4  WudfPf - ok
01:32:15.0609 0x0cf4  [ 28B524262BCE6DE1F7EF9F510BA3985B,

AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd        

  C:\WINDOWS\system32\DRIVERS\wudfrd.sys
01:32:15.0843 0x0cf4  WudfRd - ok
01:32:16.0656 0x0cf4  [ 05231C04253C5BC30B26CBAAE680ED89,

5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc    

     C:\WINDOWS\System32\WUDFSvc.dll
01:32:16.0984 0x0cf4  WudfSvc - ok
01:32:18.0843 0x0cf4  [ 578F0A329CF1AB10715AB437CFAF8DDA,

D919409126307C89F02BD7165C2123F5452D469751FD4D4954D73CEC7FB89852 ] WZCSVC     

     C:\WINDOWS\System32\wzcsvc.dll
01:32:19.0875 0x0cf4  WZCSVC - ok
01:32:20.0078 0x0cf4  [ 57F89D9888665E43C9CC14537C8EE465,

088B3EBC6E470EE71BEA514ED1EF94CF57D44C547FCD959970E3E5271493D61F ] xmlprov       

  C:\WINDOWS\System32\xmlprov.dll
01:32:20.0421 0x0cf4  xmlprov - ok
01:32:20.0500 0x0cf4  ZTEusbmdm6k - ok
01:32:20.0578 0x0cf4  ZTEusbnmea - ok
01:32:20.0609 0x0cf4  ZTEusbser6k - ok
01:32:20.0921 0x0cf4  ================ Scan global

===============================
01:32:21.0937 0x0cf4  [ CC6C9961669EA568BEF904B3C021400A,

A69F19FC88F11B7FB6BFA77E48221997F286AF8F420292F0B77BC7F95EB0B4C9 ]

C:\WINDOWS\system32\basesrv.dll
01:32:23.0140 0x0cf4  [ 69AE2B2E6968C316536E5B10B9702E63,

D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ]

C:\WINDOWS\system32\winsrv.dll
01:32:25.0062 0x0cf4  [ 69AE2B2E6968C316536E5B10B9702E63,

D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ]

C:\WINDOWS\system32\winsrv.dll
01:32:25.0093 0x0cf4  [ 65DF52F5B8B6E9BBD183505225C37315,

59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ]

C:\WINDOWS\system32\services.exe
01:32:25.0218 0x0cf4  [ Global ] - ok
01:32:25.0234 0x0cf4  ================ Scan MBR

==================================
01:32:26.0203 0x0cf4  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
01:33:20.0578 0x0cf4  \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
01:33:20.0578 0x0cf4  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
01:33:35.0609 0x0cf4  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR3
01:33:36.0734 0x0cf4  \Device\Harddisk1\DR3 - ok
01:33:36.0734 0x0cf4  ================ Scan VBR

==================================
01:33:36.0921 0x0cf4  [ A01C37FD692844334BFB51BA5A242959 ]

\Device\Harddisk0\DR0\Partition1
01:33:37.0031 0x0cf4  \Device\Harddisk0\DR0\Partition1 - ok
01:33:37.0187 0x0cf4  [ 98D4DF7763E9A31F4D7999E7322846ED ]

\Device\Harddisk0\DR0\Partition2
01:33:37.0343 0x0cf4  \Device\Harddisk0\DR0\Partition2 - ok
01:33:37.0359 0x0cf4  [ 4D3A561E27E04DD90604852103E212E7 ]

\Device\Harddisk1\DR3\Partition1
01:33:37.0375 0x0cf4  \Device\Harddisk1\DR3\Partition1 - ok
01:33:37.0375 0x0cf4  ================ Scan active images

========================
01:33:37.0375 0x0cf4  [ 514C5EE514CB699FBED51E74A220E261,

758C2D2A7F94A2805222763ED754C094BECB9A65EFA8855AC15A02C0BE02553C ]

C:\WINDOWS\system32\drivers\intelppm.sys
01:33:37.0375 0x0cf4  C:\WINDOWS\system32\drivers\intelppm.sys - ok
01:33:37.0375 0x0cf4  [ D4548661AC07876D04759AF39826F8B3,

A7CBA3B0255AE5C7F92E69E0B6C18E2A687BE275A0177475165B7A71AD9B2A58 ]

C:\WINDOWS\system32\drivers\videoprt.sys
01:33:37.0375 0x0cf4  C:\WINDOWS\system32\drivers\videoprt.sys - ok
01:33:37.0375 0x0cf4  [ 240D0F5D7CAAFD87BD8D801A97BBE041,

37CA330CE08A1A35C767D4512EA4832C98268B899B88E87A6F59FF5245652157 ]

C:\WINDOWS\system32\drivers\ialmnt5.sys
01:33:37.0375 0x0cf4  C:\WINDOWS\system32\drivers\ialmnt5.sys - ok
01:33:37.0390 0x0cf4  [ 3FCC124B6E08EE0E9351F717DD136939,

EBFE0FB51E14570A1A1D64C8E5383F3FF28509361D13945B79A9C551EB522012 ]

C:\WINDOWS\system32\drivers\hdaudbus.sys
01:33:37.0390 0x0cf4  C:\WINDOWS\system32\drivers\hdaudbus.sys - ok
01:33:37.0390 0x0cf4  [ 6DF35CA139C3BC15CC74390ABB114EFE,

5401724E49243625C43B3F9032E592EF43605C2510E809C1D318A7792AB9FBBA ]

C:\WINDOWS\system32\drivers\usbport.sys
01:33:37.0390 0x0cf4  C:\WINDOWS\system32\drivers\usbport.sys - ok
01:33:37.0390 0x0cf4  [ 49470AA99527B811CE4A46D2F6DF5ACE,

CC7719D6F3A1CB0BDC72FD605E7E56BBBF5554E399BD7A5A1CE02D7B6E4A7D1A ]

C:\WINDOWS\system32\drivers\usbuhci.sys
01:33:37.0390 0x0cf4  C:\WINDOWS\system32\drivers\usbuhci.sys - ok
01:33:37.0406 0x0cf4  [ 4BAC8DF07F1D8434FC640E677A62204E,

76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ]

C:\WINDOWS\system32\drivers\usbehci.sys
01:33:37.0406 0x0cf4  C:\WINDOWS\system32\drivers\usbehci.sys - ok
01:33:37.0421 0x0cf4  [ D3F0349D5AE463CD2155A7B7653104BB,

BC977E3D69180F98A81649AEDCC9213645329FBDDFAA52F8298C4047C854F2F1 ]

C:\WINDOWS\system32\drivers\ks.sys
01:33:37.0421 0x0cf4  C:\WINDOWS\system32\drivers\ks.sys - ok
01:33:37.0421 0x0cf4  [ 34F27C7D71F1C49C7D3857F28B42F544,

C307405BC92E174BF696F9A5EC844A95AD983AE2C4223C89F445D89A3361A232 ]

C:\WINDOWS\system32\drivers\AGRSM.sys
01:33:37.0421 0x0cf4  C:\WINDOWS\system32\drivers\AGRSM.sys - ok
01:33:37.0421 0x0cf4  [ 906499C774232C4C9444CC93425F05E2,

A4E24777112D69A6CFF4281A0398BFD89D7E98A6C21005C196063C3CD5215852 ]

C:\WINDOWS\system32\drivers\modem.sys
01:33:37.0421 0x0cf4  C:\WINDOWS\system32\drivers\modem.sys - ok
01:33:37.0421 0x0cf4  [ 95974E66D3DE4951D29E28E8BC0B644C,

5737A2FB4D95AAB61A50E25CC570D78FC91C1A7B02754211B1B57DC4209A7D58 ]

C:\WINDOWS\system32\drivers\e100b325.sys
01:33:37.0421 0x0cf4  C:\WINDOWS\system32\drivers\e100b325.sys - ok
01:33:37.0437 0x0cf4  [ FA2D4AD77C535C75B00C799942FEE927,

BD685B891186CDE6268FF64B370EA6EFE1271F49908AF5F0284BC61CB459B38D ]

C:\WINDOWS\system32\drivers\fdc.sys
01:33:37.0437 0x0cf4  C:\WINDOWS\system32\drivers\fdc.sys - ok
01:33:37.0437 0x0cf4  [ 1BC1CBE1423F6E5AF2630FAFCA6C6C72,

0BB48FEB4663A229C82B4F74A737855CD8653789CE541AF4078A482A3BFB9830 ]

C:\WINDOWS\system32\drivers\nic1394.sys
01:33:37.0437 0x0cf4  C:\WINDOWS\system32\drivers\nic1394.sys - ok
01:33:37.0437 0x0cf4  [ 31ACEC5ABBBC4F9037DB1333F1663FCD,

F0EF83370420B6C0A5570F0D29BDFDA9EE2CF80DFBB6C1A762B8F8A7409DBABF ]

C:\WINDOWS\system32\drivers\parport.sys
01:33:37.0437 0x0cf4  C:\WINDOWS\system32\drivers\parport.sys - ok
01:33:37.0453 0x0cf4  [ D9F724AA26C010A217C97606B160ED68,

329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ]

C:\WINDOWS\system32\drivers\audstub.sys
01:33:37.0453 0x0cf4  C:\WINDOWS\system32\drivers\audstub.sys - ok
01:33:37.0453 0x0cf4  [ F18AB264458913B1304FE899F5FA68FB,

D7250EF6DC09DCAE45E25E69DDD037183BEE192ACA4C8E97975E559A935512DE ]

C:\WINDOWS\system32\drivers\cdrom.sys
01:33:37.0453 0x0cf4  C:\WINDOWS\system32\drivers\cdrom.sys - ok
01:33:37.0453 0x0cf4  [ AB8A6A87D9D7255C3884D5B9541A6E80,

D073B5D8A06EFA6415E8F22DFE486DE913113AE23F59CFC5EEF1B3E694CE86F3 ]

C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
01:33:37.0453 0x0cf4  C:\WINDOWS\system32\drivers\GEARAspiWDM.sys - ok
01:33:37.0468 0x0cf4  [ AAAE7F1F575C1C6573084E910660BE1B,

45A3D8B074470421BD4D63BBF31DB7D2CE059EAD55A1D485CE1AF00358830576 ]

C:\WINDOWS\system32\drivers\imapi.sys
01:33:37.0468 0x0cf4  C:\WINDOWS\system32\drivers\imapi.sys - ok
01:33:37.0468 0x0cf4  [ EBE526E35F00189AFBD4FE379C76E416,

5E60736BCE339D08B78F5CE37DF51233AAEFC60D74CF5C892B529FAB9438868D ]

C:\WINDOWS\system32\drivers\redbook.sys
01:33:37.0468 0x0cf4  C:\WINDOWS\system32\drivers\redbook.sys - ok
01:33:37.0468 0x0cf4  [ C4CEBD21C39E2E7DBD156BC458F8EC7D,

8120677ECBA8A12F0C711986D9BF5154CE9D48C9463DB79445672C5595F3FC64 ]

C:\WINDOWS\system32\drivers\mfendisk.sys
01:33:37.0468 0x0cf4  C:\WINDOWS\system32\drivers\mfendisk.sys - ok
01:33:37.0468 0x0cf4  [ 0109C4F3850DFBAB279542515386AE22,

4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ]

C:\WINDOWS\system32\drivers\ndistapi.sys
01:33:37.0468 0x0cf4  C:\WINDOWS\system32\drivers\ndistapi.sys - ok
01:33:37.0484 0x0cf4  [ 6CC11A564FCD95313B0385C6787BBFFE,

95F3725DBE60D0CB30D1B63BA34E4A7B1A776CB5E8555DAC68AF49CEDD88FEFB ]

C:\WINDOWS\system32\drivers\ndiswan.sys
01:33:37.0484 0x0cf4  C:\WINDOWS\system32\drivers\ndiswan.sys - ok
01:33:37.0484 0x0cf4  [ 0ACC9422B1029011D057FBABEC4C5FA9,

75A5FAF7E0A4E81BBADEFAFA1E35631CC7668491840D3A641EB3CC50D8602B1A ]

C:\WINDOWS\system32\drivers\rasl2tp.sys
01:33:37.0484 0x0cf4  C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
01:33:37.0484 0x0cf4  [ 11C361AA15FB8E72118BD8415E6DBD7F,

0AE124F11E9B5BCA53FB7FBB977D663BB4FAE8D0D03ED19BC1460B61797BB39A ]

C:\WINDOWS\system32\drivers\raspppoe.sys
01:33:37.0484 0x0cf4  C:\WINDOWS\system32\drivers\raspppoe.sys - ok
01:33:37.0484 0x0cf4  [ 6F8D4E8942170430E1E8E1392BE1C7E2,

6348B949FE12FEB3DD9ECD82D852165EEA4F03C045E9B99AE0857ABF6735BB96 ]

C:\WINDOWS\system32\drivers\raspptp.sys
01:33:37.0484 0x0cf4  C:\WINDOWS\system32\drivers\raspptp.sys - ok
01:33:37.0500 0x0cf4  [ D8B19A32CB30C3D4F4D332CF0D9C416C,

4A08A8235F9724AD0AE63D6CBF06D75B906CDA1C05EA844D48D671D2413080AF ]

C:\WINDOWS\system32\drivers\tdi.sys
01:33:37.0500 0x0cf4  C:\WINDOWS\system32\drivers\tdi.sys - ok
01:33:37.0500 0x0cf4  [ A68D8864E187D6B4B60BBD9ABD51F57D,

484121122F9CC54CD093C34347B73452AAEB05FCF3004EC826D9ADE15D2EE3BB ]

C:\WINDOWS\system32\drivers\msgpc.sys
01:33:37.0500 0x0cf4  C:\WINDOWS\system32\drivers\msgpc.sys - ok
01:33:37.0500 0x0cf4  [ 5F03F871DC8C223334BA91FC980E8EAF,

E5C9955428B2A6BBFBE99AF87EBAC14B287A920CC4423BD1846B6725755DFCAA ]

C:\WINDOWS\system32\drivers\psched.sys
01:33:37.0500 0x0cf4  C:\WINDOWS\system32\drivers\psched.sys - ok
01:33:37.0515 0x0cf4  [ 2AED3FE3E34AE751F4FD7EDF97B411F0,

A19836AC942375662E3F3D5E13A75AC16994432C2EAB5F56934DDA97E2FFEB40 ]

C:\WINDOWS\system32\drivers\mfeavfk.sys
01:33:37.0515 0x0cf4  C:\WINDOWS\system32\drivers\mfeavfk.sys - ok
01:33:37.0515 0x0cf4  [ 496FA40A3D40A1158978498CFB814D9E,

FD31EC8114C784F741602AC7D584CD244482BB098BA2C2F49B06D2943BBA74A5 ]

C:\WINDOWS\system32\drivers\mfefirek.sys
01:33:37.0515 0x0cf4  C:\WINDOWS\system32\drivers\mfefirek.sys - ok
01:33:37.0515 0x0cf4  [ D7BDDB18EBAC819C627631EF0DBDB1E4,

1E2E64CD6FF61577308645705B79E72E70099F3B7E2C54E9837E7B3787F620A2 ]

C:\WINDOWS\system32\drivers\mfencbdc.sys
01:33:37.0515 0x0cf4  C:\WINDOWS\system32\drivers\mfencbdc.sys - ok
01:33:37.0515 0x0cf4  [ 80D317BD1C3DBC5D4FE7B1678C60CADD,

DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ]

C:\WINDOWS\system32\drivers\ptilink.sys
01:33:37.0515 0x0cf4  C:\WINDOWS\system32\drivers\ptilink.sys - ok
01:33:37.0531 0x0cf4  [ 4FB133321E33CF310B0010F7F3631536,

FC31C0BC624FC1D2FFD839044B99BE6B361AED0A82FB553DA9FCA6F6CDE1FDFD ]

C:\WINDOWS\system32\drivers\pppop.sys
01:33:37.0531 0x0cf4  C:\WINDOWS\system32\drivers\pppop.sys - ok
01:33:37.0531 0x0cf4  [ FDBB1D60066FCFBB7452FD8F9829B242,

10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ]

C:\WINDOWS\system32\drivers\raspti.sys
01:33:37.0531 0x0cf4  C:\WINDOWS\system32\drivers\raspti.sys - ok
01:33:37.0531 0x0cf4  [ 689D94F2D76C44EEEF04113B74F652E4,

91DA8843C790FB7C3B939B6ED30FFF6BEEEE8BDCC655E70654A21E880C3BB2DC ]

C:\WINDOWS\system32\drivers\rdpdr.sys
01:33:37.0531 0x0cf4  C:\WINDOWS\system32\drivers\rdpdr.sys - ok
01:33:37.0546 0x0cf4  [ 3CA25BF3B7391D4AD0C6F1DC8D1B717D,

67DB6A52B7C974884F0D13028437C34B5D12FD1A8E7D83AB258592BCF70F5C24 ]

C:\WINDOWS\system32\drivers\termdd.sys
01:33:37.0546 0x0cf4  C:\WINDOWS\system32\drivers\termdd.sys - ok
01:33:37.0546 0x0cf4  [ 6946E7C9B6ACB20CDDAC1F12E08FEB58,

6B27C44519E91A19971C6EF9AA21804EFE8E1206BDAA45BECA05B173B9A5C8F8 ]

C:\WINDOWS\system32\drivers\kbdclass.sys
01:33:37.0546 0x0cf4  C:\WINDOWS\system32\drivers\kbdclass.sys - ok
01:33:37.0546 0x0cf4  [ DB03590221F87989BE31209394E112D1,

565F6A8D5895118053A13BFDDB35F1A20C8891DB94EFA0BCA6D6283902F0A467 ]

C:\WINDOWS\system32\drivers\mouclass.sys
01:33:37.0546 0x0cf4  C:\WINDOWS\system32\drivers\mouclass.sys - ok
01:33:37.0546 0x0cf4  [ 0C749E7ECE8794AE1794099C1953DB9E,

AF3DFBCBA6FB0A89DD8104CDBE2CABFA51526ADFB66183AFCF3FFBAD5C2E00CD ]

C:\WINDOWS\system32\drivers\swenum.sys
01:33:37.0546 0x0cf4  C:\WINDOWS\system32\drivers\swenum.sys - ok
01:33:37.0562 0x0cf4  [ A2CE1DAB37EDB7A596966FA4BAA93BBD,

F31F4EDC3168541ED1BE89D42D38821DB26F7EE62BF584AD6E080F352BC5B5F8 ]

C:\WINDOWS\system32\drivers\update.sys
01:33:37.0562 0x0cf4  C:\WINDOWS\system32\drivers\update.sys - ok
01:33:37.0562 0x0cf4  [ 6A6F1B5F2E6079B6CEAC7FC0580961F3,

E417FAA2E6E005965A2B8A020D3A1F43EFFD8479F028B0FAC49A1723B34B5D61 ]

C:\WINDOWS\system32\drivers\mssmbios.sys
01:33:37.0562 0x0cf4  C:\WINDOWS\system32\drivers\mssmbios.sys - ok
01:33:37.0562 0x0cf4  [ 2F597BB467E05B1FE3830EABD821B8E0,

141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ]

C:\WINDOWS\system32\drivers\ndproxy.sys
01:33:37.0562 0x0cf4  C:\WINDOWS\system32\drivers\ndproxy.sys - ok
01:33:37.0578 0x0cf4  [ 46DFA070FBB267DF73C97239A18FABE0,

2064ED5EF64E7AC078500D21995AB13EEE45280427503A4CCFC6F70B39F4A0FD ]

C:\WINDOWS\system32\drivers\drmk.sys
01:33:37.0578 0x0cf4  C:\WINDOWS\system32\drivers\drmk.sys - ok
01:33:37.0578 0x0cf4  [ 281F73D9354B069A77F45CE2EFFC1445,

4C1D69DC90D822DE91CE8415E8A012903A78A04799557B935795039396C08A91 ]

C:\WINDOWS\system32\drivers\portcls.sys
01:33:37.0578 0x0cf4  C:\WINDOWS\system32\drivers\portcls.sys - ok
01:33:37.0578 0x0cf4  [ B2957D6C1226F029230DAC2C46D34286,

C581D967C96DD3EC1DFFEDF01087A3042FED333CFF389698FCC7396B79B8C13F ]

C:\WINDOWS\system32\drivers\RtkHDAud.sys
01:33:37.0578 0x0cf4  C:\WINDOWS\system32\drivers\RtkHDAud.sys - ok
01:33:37.0578 0x0cf4  [ 04FE5EF6ED4818EC4839EA5C611A6310,

666479AF6789FC5DF2EA8D4B6216FDA9A4998D252F95BD003619D9376B1DC9E7 ]

C:\WINDOWS\system32\drivers\usbd.sys
01:33:37.0578 0x0cf4  C:\WINDOWS\system32\drivers\usbd.sys - ok
01:33:37.0593 0x0cf4  [ 23397705CAE15D9C3AB04B6CCB51F588,

0537D09B6DA65290DB70AA268521E6DACD8236464339595E53110D001704A4D3 ]

C:\WINDOWS\system32\drivers\usbhub.sys
01:33:37.0593 0x0cf4  C:\WINDOWS\system32\drivers\usbhub.sys - ok
01:33:37.0593 0x0cf4  [ C1B486A7658353D33A10CC15211A873B,

AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ]

C:\WINDOWS\system32\drivers\cdaudio.sys
01:33:37.0593 0x0cf4  C:\WINDOWS\system32\drivers\cdaudio.sys - ok
01:33:37.0593 0x0cf4  [ B91B6DEF9522CDC7310ED88563FABC37,

E2E3D3A5EE360FB34D2EEA14044C8B49EDF056054F94FF228C9696DB9050D9A4 ]

C:\WINDOWS\system32\drivers\flpydisk.sys
01:33:37.0593 0x0cf4  C:\WINDOWS\system32\drivers\flpydisk.sys - ok
01:33:37.0609 0x0cf4  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A,

EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ]

C:\WINDOWS\system32\drivers\fs_rec.sys
01:33:37.0609 0x0cf4  C:\WINDOWS\system32\drivers\fs_rec.sys - ok
01:33:37.0609 0x0cf4  [ 16C82920B49D58548DDE524BD91FE275,

1E4B417504E2023C026303878912C6FED58FBA439647E6DF877DE69FFD115F22 ]

C:\WINDOWS\system32\drivers\sfloppy.sys
01:33:37.0609 0x0cf4  C:\WINDOWS\system32\drivers\sfloppy.sys - ok
01:33:37.0609 0x0cf4  [ DA1F27D85E0D1525F6621372E7B685E9,

5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ]

C:\WINDOWS\system32\drivers\beep.sys
01:33:37.0609 0x0cf4  C:\WINDOWS\system32\drivers\beep.sys - ok
01:33:37.0625 0x0cf4  [ C569EF030B11F896E123A30AC92678DB,

F851E99B968BBAB82E3B0D1D2F985AEE1EAD10C3BBACDD02BAB2ACEE57CB048A ]

C:\WINDOWS\system32\drivers\hidparse.sys
01:33:37.0625 0x0cf4  C:\WINDOWS\system32\drivers\hidparse.sys - ok
01:33:37.0625 0x0cf4  [ 72229484FDBB55A76CF2BF0A33C07199,

DE9AB328C18BDB1C5C8148E46E5F8A21AA273D213BEAF5FCE779B561F066B792 ]

C:\WINDOWS\system32\drivers\i8042prt.sys
01:33:37.0625 0x0cf4  C:\WINDOWS\system32\drivers\i8042prt.sys - ok
01:33:37.0625 0x0cf4  [ DF27EE324113679647D7CDB4C2322458,

42CD14B6F5CA12B8A65B7781A188A29C81C38292A3B22B473EB85D6240D1BCC0 ]

C:\WINDOWS\system32\drivers\kbdhid.sys
01:33:37.0625 0x0cf4  C:\WINDOWS\system32\drivers\kbdhid.sys - ok
01:33:37.0625 0x0cf4  [ 73C1E1F395918BC2C6DD67AF7591A3AD,

B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ]

C:\WINDOWS\system32\drivers\null.sys
01:33:37.0625 0x0cf4  C:\WINDOWS\system32\drivers\null.sys - ok
01:33:37.0640 0x0cf4  [ 5437703622D5E398E45F5A0578A191BA,

DFD6A24E169F5B31138D7E27788B25EC09BCEE7365ECAD7B0E5965704796D826 ]

C:\WINDOWS\system32\drivers\vga.sys


01:33:37.0640 0x0cf4  C:\WINDOWS\system32\drivers\vga.sys - ok
01:33:37.0640 0x0cf4  [ 4AE068242760A1FB6E1A44BF4E16AFA6,

1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ]

C:\WINDOWS\system32\drivers\mnmdd.sys
01:33:37.0640 0x0cf4  C:\WINDOWS\system32\drivers\mnmdd.sys - ok
01:33:37.0640 0x0cf4  [ E09362C993B1DFA569166DA45C7E0CB8,

6E52AA0CE81954407BA610D6F5F7691BBE69448DBEAD01E5E9C26D07CDEA7918 ]

C:\WINDOWS\system32\drivers\msfs.sys
01:33:37.0640 0x0cf4  C:\WINDOWS\system32\drivers\msfs.sys - ok
01:33:37.0656 0x0cf4  [ 4912D5B403614CE99C28420F75353332,

975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ]

C:\WINDOWS\system32\drivers\rdpcdd.sys
01:33:37.0656 0x0cf4  C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
01:33:37.0656 0x0cf4  [ 8209AEFF434C0D37543930AAD855BB79,

62E35233A356ACD8B198E9F979C6B940E262DCEBE9DBA996532AE4D647F913DA ]

C:\WINDOWS\system32\drivers\npfs.sys
01:33:37.0656 0x0cf4  C:\WINDOWS\system32\drivers\npfs.sys - ok
01:33:37.0656 0x0cf4  [ FE0D99D6F31E4FAD8159F690D68DED9C,

998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ]

C:\WINDOWS\system32\drivers\rasacd.sys
01:33:37.0656 0x0cf4  C:\WINDOWS\system32\drivers\rasacd.sys - ok
01:33:37.0656 0x0cf4  [ 13F79A5C92BB6A07540B7A37AC2C4AAD,

1C6686738B6677DD961CCD4B8EC4F7B1ABADA67F3C904F6566ADA56FE77D68F4 ]

C:\WINDOWS\system32\drivers\ipsec.sys
01:33:37.0656 0x0cf4  C:\WINDOWS\system32\drivers\ipsec.sys - ok
01:33:37.0671 0x0cf4  [ 9AEFA14BD6B182D61E3119FA5F436D3D,

EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ]

C:\WINDOWS\system32\drivers\tcpip.sys
01:33:37.0671 0x0cf4  C:\WINDOWS\system32\drivers\tcpip.sys - ok
01:33:37.0671 0x0cf4  [ C453856A058C6B3EB84D054173DDDC4D,

AFC25C058CE4255AA6E0A61CD4F3A0713015164F8F005313C88F2C9FB5A47B86 ]

C:\WINDOWS\system32\drivers\mfetdi2k.sys
01:33:37.0671 0x0cf4  C:\WINDOWS\system32\drivers\mfetdi2k.sys - ok
01:33:37.0671 0x0cf4  [ 1E44BC1E83D8FD2305F8D452DB109CF9,

CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ]

C:\WINDOWS\system32\drivers\afd.sys
01:33:37.0671 0x0cf4  C:\WINDOWS\system32\drivers\afd.sys - ok
01:33:37.0687 0x0cf4  [ 8EB436E01A5535DCD0ADA273CBD4F7B0,

779A9B40447E26FBD31F46B85BB9735FD74FD26E5EB5C038FF658A9F3A10AD75 ]

C:\WINDOWS\system32\drivers\ipnat.sys
01:33:37.0687 0x0cf4  C:\WINDOWS\system32\drivers\ipnat.sys - ok
01:33:37.0687 0x0cf4  [ B24ED3A4966D1A9251899025759DC847,

1A1A03CAE4AE456A84E8C505788C938F28A23B28EBBBF36E06D468C9DEE97438 ]

C:\WINDOWS\system32\drivers\netbt.sys
01:33:37.0687 0x0cf4  C:\WINDOWS\system32\drivers\netbt.sys - ok
01:33:37.0687 0x0cf4  [ A012EC6D73B1ACBB876DC0EFBE0FAFEE,

27F07379BAAED37B1A3D3E25D7A8E3D0A8F88E0C9CEAD283540BFEA314FD3635 ]

C:\WINDOWS\system32\drivers\netbios.sys
01:33:37.0687 0x0cf4  C:\WINDOWS\system32\drivers\netbios.sys - ok
01:33:37.0687 0x0cf4  [ 567B201561F77ED347C5BE8820D55B2D,

6CBC82464846C5DABFC537AA80DF6901C41773A1C611F626DF3F7922B7764D68 ]

C:\WINDOWS\system32\drivers\rdbss.sys
01:33:37.0687 0x0cf4  C:\WINDOWS\system32\drivers\rdbss.sys - ok
01:33:37.0703 0x0cf4  [ 91A407C7F833BCF97240564FD44B1A66,

B6A9AE1FB53D8E0B868694B0F758D1C09F8256F1C2D562B36CC673DA8482E60A ]

C:\WINDOWS\system32\drivers\wanarp.sys
01:33:37.0703 0x0cf4  C:\WINDOWS\system32\drivers\wanarp.sys - ok
01:33:37.0703 0x0cf4  [ 9EEBF325F8B4683973F0AF30C6CF150E,

916EDE7005A4EC1854BC3E27E2FA3EE034EF4122FF75697E8991156F018ECFE4 ]

C:\WINDOWS\system32\drivers\arp1394.sys
01:33:37.0703 0x0cf4  C:\WINDOWS\system32\drivers\arp1394.sys - ok
01:33:37.0703 0x0cf4  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0,

DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ]

C:\WINDOWS\system32\drivers\mrxsmb.sys
01:33:37.0703 0x0cf4  C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
01:33:37.0718 0x0cf4  [ 532B70A154643DC5D722EEC7E82B8446,

CAEACADF94A04B5F1826073D85668372F1633A40B0E106488DBA9011CCB0134A ]

C:\WINDOWS\system32\drivers\fips.sys
01:33:37.0718 0x0cf4  C:\WINDOWS\system32\drivers\fips.sys - ok
01:33:37.0718 0x0cf4  [ ECDB9665937F737A7AB26390A6C68573,

8E9D3DBC1C75202F11F3B6D9071673C8F37994BD4341A3F259526D6B15E970D4 ]

C:\WINDOWS\system32\drivers\ctxusbm.sys
01:33:37.0718 0x0cf4  C:\WINDOWS\system32\drivers\ctxusbm.sys - ok
01:33:37.0718 0x0cf4  [ F8F0D25CA553E39DDE485D8FC7FCCE89,

54DF909101AAEC63234A5C33B51D6689FEF58B943942BFFA9606864F43EC1085 ]

C:\WINDOWS\system32\ntdll.dll
01:33:37.0718 0x0cf4  C:\WINDOWS\system32\ntdll.dll - ok
01:33:37.0718 0x0cf4  [ A6A6E04496E41962384ACDD9D026F20C,

0787CBE59D38054F80E9A7F69F527D2CEA16FFB9E1D09CB8FDE221287E7353EE ]

C:\WINDOWS\system32\smss.exe
01:33:37.0718 0x0cf4  C:\WINDOWS\system32\smss.exe - ok
01:33:37.0734 0x0cf4  [ 54F16317A4863F55DA696DC6CA8D7BB0,

7261374D0B12CC492624911017B65A6AC72CFFF9A6143920C6465758C291BFDE ]

C:\WINDOWS\system32\autochk.exe
01:33:37.0734 0x0cf4  C:\WINDOWS\system32\autochk.exe - ok
01:33:37.0734 0x0cf4  [ C473E4A84355A32B53F2F4CE3A0406EE,

31355D762D01AB33FB0AFC2985BFFB9DEF85880D1C025F93889F6A9527EAD030 ]

C:\WINDOWS\system32\drivers\fastfat.sys
01:33:37.0734 0x0cf4  C:\WINDOWS\system32\drivers\fastfat.sys - ok
01:33:37.0734 0x0cf4  [ 1B611611C28D2DF25BC057D79C6F13FC,

B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ]

C:\WINDOWS\system32\drivers\usbccgp.sys
01:33:37.0734 0x0cf4  C:\WINDOWS\system32\drivers\usbccgp.sys - ok
01:33:37.0734 0x0cf4  [ 1F7A2A5C1416FA73469216BFCCDA9395,

3EE850804C55C35C6F8FE5B54D4BF6D96728712EBEBB961925502C8C3EF7F479 ]

C:\WINDOWS\system32\sfcfiles.dll
01:33:37.0734 0x0cf4  C:\WINDOWS\system32\sfcfiles.dll - ok
01:33:37.0750 0x0cf4  [ 43D1517F157E495C70AB6BBF24FF5024,

242B95C594AB7728C0D2BC704A57812D1FA4C42A07299568CDAADA41B1745B11 ]

C:\WINDOWS\system32\drivers\hidclass.sys
01:33:37.0750 0x0cf4  C:\WINDOWS\system32\drivers\hidclass.sys - ok
01:33:37.0750 0x0cf4  [ FFAFDE8424D92B4AEB72670F446D8F22,

1E0A0AA86E70A2B21DA188510E57F350620B3E006A09D3F15B5B605174934BF7 ]

C:\WINDOWS\system32\drivers\hidusb.sys
01:33:37.0750 0x0cf4  C:\WINDOWS\system32\drivers\hidusb.sys - ok
01:33:37.0750 0x0cf4  [ BA215DD63AE739565ECB443D265CE0C6,

C7416E6A379C67CF758B9FC8FCFA04E91CDFD631D68FF4DD24485402197160DA ]

C:\WINDOWS\system32\drivers\usbstor.sys
01:33:37.0750 0x0cf4  C:\WINDOWS\system32\drivers\usbstor.sys - ok
01:33:37.0765 0x0cf4  [ B1C303E17FB9D46E87A98E4BA6769685,

161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ]

C:\WINDOWS\system32\drivers\mouhid.sys
01:33:37.0765 0x0cf4  C:\WINDOWS\system32\drivers\mouhid.sys - ok
01:33:37.0765 0x0cf4  [ 2F31B7F954BED437F2C75026C65CAF7B,

1F8D6CBB01AD403BC89D1E987012E2F63CDFD9C49F402F358B64B31C13E4DD14 ]

C:\WINDOWS\system32\drivers\wmilib.sys
01:33:37.0765 0x0cf4  C:\WINDOWS\system32\drivers\wmilib.sys - ok
01:33:37.0765 0x0cf4  [ 7316AFA8EFA110621D6D90722AF3EFE6,

717FA969665699EF1F2DA789F29D011C490B3F8125D7EE8CD1CEEB414B471997 ]

C:\WINDOWS\system32\drivers\atapi.sys
01:33:37.0765 0x0cf4  C:\WINDOWS\system32\drivers\atapi.sys - ok
01:33:37.0765 0x0cf4  [ FE97D0343ACFDEBDD578FC67CC91FA87,

FE26FBA13079189EF96A1C994036EA472A4BF34FA14C163C693AD481BF31E676 ]

C:\WINDOWS\system32\drivers\dxapi.sys
01:33:37.0765 0x0cf4  C:\WINDOWS\system32\drivers\dxapi.sys - ok
01:33:37.0781 0x0cf4  [ 4B2E5C90222DA43B73AE554204718646,

F28B4C41B2E57EB12E3CCE27861CA9F1CB533D8DE10EA4C036E43E5B98F75E42 ]

C:\WINDOWS\system32\watchdog.sys
01:33:37.0781 0x0cf4  C:\WINDOWS\system32\watchdog.sys - ok
01:33:37.0781 0x0cf4  [ 80AAA73D56272FD54DC6DE8643D10E9F,

0DC91699D5AF322C78AF7783CF3D55A1F561219EE32DC8DA186F2255704D52FC ]

C:\WINDOWS\system32\win32k.sys
01:33:37.0781 0x0cf4  C:\WINDOWS\system32\win32k.sys - ok
01:33:37.0781 0x0cf4  [ CC6C9961669EA568BEF904B3C021400A,

A69F19FC88F11B7FB6BFA77E48221997F286AF8F420292F0B77BC7F95EB0B4C9 ]

C:\WINDOWS\system32\basesrv.dll
01:33:37.0781 0x0cf4  C:\WINDOWS\system32\basesrv.dll - ok
01:33:37.0796 0x0cf4  [ DD40363ABAD230A84C5E2178B11EFA88,

E4B406C0B10686CF245EC0053A03424CE1FB8AC7FB3545525F13BB3BC5086FF1 ]

C:\WINDOWS\system32\csrsrv.dll
01:33:37.0796 0x0cf4  C:\WINDOWS\system32\csrsrv.dll - ok
01:33:37.0796 0x0cf4  [ 71E0CA2CE812D14EB9599830CD9CDBFD,

92B7E4BD2BF03683C32868B91761F9C95D6D6B504D5F344F89F444F32DB19CA2 ]

C:\WINDOWS\system32\csrss.exe
01:33:37.0796 0x0cf4  C:\WINDOWS\system32\csrss.exe - ok
01:33:37.0796 0x0cf4  [ 69AE2B2E6968C316536E5B10B9702E63,

D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ]

C:\WINDOWS\system32\winsrv.dll
01:33:37.0796 0x0cf4  C:\WINDOWS\system32\winsrv.dll - ok
01:33:37.0796 0x0cf4  [ AFFE0B7126A86603D3F49A19A5B7DC46,

63C91B4726F583C1DC1B3F26CC8DC39C519401CF0005F223EE17A363BDBEA22F ]

C:\WINDOWS\system32\gdi32.dll
01:33:37.0812 0x0cf4  C:\WINDOWS\system32\gdi32.dll - ok
01:33:37.0812 0x0cf4  [ 4A45B692D2BAA74124DF57472D5EA2F1,

DFC6B595BBADFEF4930CCCF48E9FE55551CF0891571257E3E0A0DE328077A89B ]

C:\WINDOWS\system32\kernel32.dll
01:33:37.0812 0x0cf4  C:\WINDOWS\system32\kernel32.dll - ok
01:33:37.0812 0x0cf4  [ 7E02D28A2BDB710887815C41189014C1,

5E0302A43A39B731E08E5E205958BDAA59FD00D2FD1B07115FA000720C9373FE ]

C:\WINDOWS\system32\user32.dll
01:33:37.0812 0x0cf4  C:\WINDOWS\system32\user32.dll - ok
01:33:37.0812 0x0cf4  [ DD8DDA7140E749D0FE202A73F260D237,

0D46D6792D287EC5FDAA97D2D2DC2AE309A9C0C1EB0EE7F24C6BF264AABF44BE ]

C:\WINDOWS\system32\drivers\dxg.sys
01:33:37.0812 0x0cf4  C:\WINDOWS\system32\drivers\dxg.sys - ok
01:33:37.0828 0x0cf4  [ A73F5D6705B1D820C19B18782E176EFD,

C36486504C3A596FDCA487143F6D3B43C0BEE01321F6F1F3071976556533C419 ]

C:\WINDOWS\system32\drivers\dxgthk.sys
01:33:37.0828 0x0cf4  C:\WINDOWS\system32\drivers\dxgthk.sys - ok
01:33:37.0828 0x0cf4  [ CC29CF5BA4F3AD6BED8E424866810223,

FC685B76D6A35939CE6D572AE1250C476156E17ADC3E6947E1A7ECF2C3861F67 ]

C:\WINDOWS\system32\ialmdnt5.dll
01:33:37.0828 0x0cf4  C:\WINDOWS\system32\ialmdnt5.dll - ok
01:33:37.0828 0x0cf4  [ 9E57AF3D019BA7C1523B663C8FA7733D,

6A4338440930968332B9829C3DBBB481F1D96A3C48E9D639E4E408AF44994319 ]

C:\WINDOWS\system32\ialmrnt5.dll
01:33:37.0828 0x0cf4  C:\WINDOWS\system32\ialmrnt5.dll - ok
01:33:37.0828 0x0cf4  [ ECB7591870F8BFB1A4C17B718AD5A4AA,

67E8D218F107F78F9C62999F560E47AEC799E4B4DC4AB3EBC0DC61670BFE3E3D ]

C:\WINDOWS\system32\vga.dll
01:33:37.0828 0x0cf4  C:\WINDOWS\system32\vga.dll - ok
01:33:37.0843 0x0cf4  [ F0683C310687E88FB4D1B814BDFB82A3,

35CE13B392E0E6075354E06F5E7E0CFAC898A6998D7DA42BDFC935C4397E60C4 ]

C:\WINDOWS\system32\ialmdev5.dll
01:33:37.0843 0x0cf4  C:\WINDOWS\system32\ialmdev5.dll - ok
01:33:37.0843 0x0cf4  [ 85091A542F424FCC77027C7CBC5FA87E,

EC449617FC2ACA290367819D0E26F8C3786A70A69872C855A97DFA0E3DC0E766 ]

C:\WINDOWS\system32\ialmdd5.dll
01:33:37.0843 0x0cf4  C:\WINDOWS\system32\ialmdd5.dll - ok
01:33:37.0843 0x0cf4  [ 57021A062C8E266C0A2A636450364B43,

62C5B5F17A316B83F85D3EA381CBC780FD06F3D16CBF1A3552C495EE0D6BBFB5 ]

C:\WINDOWS\system32\winlogon.exe
01:33:37.0843 0x0cf4  C:\WINDOWS\system32\winlogon.exe - ok
01:33:37.0859 0x0cf4  [ E76F8807070ED04E7408A86D6D3A6137,

BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ]

C:\WINDOWS\system32\advapi32.dll
01:33:37.0859 0x0cf4  C:\WINDOWS\system32\advapi32.dll - ok
01:33:37.0859 0x0cf4  [ 3DF05BAF56CBDC3C5E68D31573645532,

6600A0790F642E2716FA85A7C0F4A43F428812205618F8BCED54A478ECD3F506 ]

C:\WINDOWS\system32\authz.dll
01:33:37.0859 0x0cf4  C:\WINDOWS\system32\authz.dll - ok
01:33:37.0859 0x0cf4  [ 44C164B34A72F29087ECA32411F2ED44,

112761CCEFE8F4B936AC58FF1F13589C0DBA3BE1AC348584D874B65DAB1EDED6 ]

C:\WINDOWS\system32\rpcrt4.dll
01:33:37.0859 0x0cf4  C:\WINDOWS\system32\rpcrt4.dll - ok
01:33:37.0859 0x0cf4  [ 5357826C8A8DD6A07F17C48BB45BE46E,

E081B04F8C8A31951A0ADEC889E6CA4DEED5FF738446D5A5614B11B113000BCA ]

C:\WINDOWS\system32\secur32.dll
01:33:37.0859 0x0cf4  C:\WINDOWS\system32\secur32.dll - ok
01:33:37.0875 0x0cf4  [ 636DF3FF20A1B69B3F9D21325E7115C7,

6B38CF96E92273995F40B6D7029D20B4041342D6EDD5B6CA73967A401823D4F5 ]

C:\WINDOWS\system32\crypt32.dll
01:33:37.0875 0x0cf4  C:\WINDOWS\system32\crypt32.dll - ok
01:33:37.0875 0x0cf4  [ C3445D36DFEAB5A69D7226A59225B248,

B7E1D64DEFCA7E4BF52F572C08E8313101D748A9728285294C46A32C186DA578 ]

C:\WINDOWS\system32\msvcrt.dll
01:33:37.0875 0x0cf4  C:\WINDOWS\system32\msvcrt.dll - ok
01:33:37.0875 0x0cf4  [ 04D898830DF96A17A20FD35D7590F87E,

09C75D1D434FF6BBE9B3F5E0A8E63944ACB34E364C4A89676DED2204DBD1AEF5 ]

C:\WINDOWS\system32\msasn1.dll
01:33:37.0875 0x0cf4  C:\WINDOWS\system32\msasn1.dll - ok
01:33:37.0890 0x0cf4  [ 5B9A8DF11461A1689D64F7052545DF41,

99961338E7A98436589741288FCBEC06EB90441B045E97920DD025C31F9AF342 ]

C:\WINDOWS\system32\nddeapi.dll
01:33:37.0890 0x0cf4  C:\WINDOWS\system32\nddeapi.dll - ok
01:33:37.0890 0x0cf4  [ CAC752BF84DB4666ED3CE0948E6EA937,

C84F9D57C076DE6ACC1720B66147D0CA963C65714593FAFD7FB1FE1F01CC464B ]

C:\WINDOWS\system32\netapi32.dll
01:33:37.0890 0x0cf4  C:\WINDOWS\system32\netapi32.dll - ok
01:33:37.0890 0x0cf4  [ 092BF6E5DD04D60FDA21482628930509,

49B112FBB77B58B0C0AA797F1DF3AC1D6EE1602C3A5C567B9DE6860A77B9DA61 ]

C:\WINDOWS\system32\profmap.dll
01:33:37.0890 0x0cf4  C:\WINDOWS\system32\profmap.dll - ok
01:33:37.0890 0x0cf4  [ 39202C36B754959DE8D02CC263504E2D,

C339A3703E2BB369FE8321F37D5CE0B4B5DE8B19D661DA67B72913C618BFFE59 ]

C:\WINDOWS\system32\userenv.dll
01:33:37.0890 0x0cf4  C:\WINDOWS\system32\userenv.dll - ok
01:33:37.0906 0x0cf4  [ 61B11FBDD0D0EC69740DDBCC664E66FB,

E12B84AF23C004934F9D44DAF877C6F6D4E8E18BF5CF0704C6923A3411206D04 ]

C:\WINDOWS\system32\psapi.dll
01:33:37.0906 0x0cf4  C:\WINDOWS\system32\psapi.dll - ok
01:33:37.0906 0x0cf4  [ 72F0159BBCE770746D9342137F3E61DF,

F6B8207641EDF2F8D9EB473C233EF0B0DE333B35225399D04CC2800DF0D9D287 ]

C:\WINDOWS\system32\regapi.dll
01:33:37.0906 0x0cf4  C:\WINDOWS\system32\regapi.dll - ok
01:33:37.0906 0x0cf4  [ 8D403C48F57674A018D5D18FCD2BF2A5,

5953B791B6FD85D9C8FAD661E1A025F912961C8054B165016CD4BDF0479B50C0 ]

C:\WINDOWS\system32\setupapi.dll
01:33:37.0906 0x0cf4  C:\WINDOWS\system32\setupapi.dll - ok
01:33:37.0921 0x0cf4  [ 16E916243BDDBAF44D98E623B2D0CEAD,

A1C56AC378EDA9ACBE73342BEE0897E028BDD368288552108FC77A7AA1478690 ]

C:\WINDOWS\system32\imagehlp.dll
01:33:37.0921 0x0cf4  C:\WINDOWS\system32\imagehlp.dll - ok
01:33:37.0921 0x0cf4  [ 93D7B4F777BB2D4D265162E1876DE191,

3D45F82C4931D0719DE473D90D8E1D944E853B8EDDBF496701358A6ED612C3D5 ]

C:\WINDOWS\system32\version.dll
01:33:37.0921 0x0cf4  C:\WINDOWS\system32\version.dll - ok
01:33:37.0921 0x0cf4  [ 38E3107FA6C9CB5B4E2D2F926209C529,

70C00E6CEFCE40C3F0CDC4510D47DC70DB34D5A2BDAABE449479E540AB41D504 ]

C:\WINDOWS\system32\winsta.dll
01:33:37.0921 0x0cf4  C:\WINDOWS\system32\winsta.dll - ok
01:33:37.0921 0x0cf4  [ D458B738B4C2CE33174CFB2CE12412DB,

C8FCA4B1BE8358B1F14BB25F39899A18804133544701DFCF40E8782C2487C912 ]

C:\WINDOWS\system32\wintrust.dll
01:33:37.0921 0x0cf4  C:\WINDOWS\system32\wintrust.dll - ok
01:33:37.0937 0x0cf4  [ 9E3867D09706F3B7A93C401AEA09E5CF,

ED21A1D4749406752A428F42743F7D1EBB25192E3150EFAFC02E6D8B87475EE5 ]

C:\WINDOWS\system32\ws2help.dll
01:33:37.0937 0x0cf4  C:\WINDOWS\system32\ws2help.dll - ok
01:33:37.0937 0x0cf4  [ 96163A36BFB5D8D66190FA6066A4A84C,

8AA457AF85238C7BB7F314360861EA0C4E8BB74FFBAE4E5B496E11CA0A12F547 ]

C:\WINDOWS\system32\ws2_32.dll
01:33:37.0937 0x0cf4  C:\WINDOWS\system32\ws2_32.dll - ok
01:33:37.0953 0x0cf4  [ F3213AAEE090451EAF9B3218658E1872,

85591F1388DDB8D57D1FFD6976ECD490DA8ADDAAF7ED6D6E75EF0FFC0D93E68B ]

C:\PROGRA~1\Citrix\ICACLI~1\RSHook.dll
01:33:37.0953 0x0cf4  C:\PROGRA~1\Citrix\ICACLI~1\RSHook.dll - ok
01:33:37.0953 0x0cf4  [ 4368E21DAA2A7859B5B6D6F89C8DF99F,

7751DF5458558B4B1DD9CEF724FE99DFD9F627F959143BAB33CE184F1F1742C9 ]

C:\WINDOWS\system32\imm32.dll
01:33:37.0953 0x0cf4  C:\WINDOWS\system32\imm32.dll - ok
01:33:37.0953 0x0cf4  [ 1A0B58CAE9E9CA959DECAD29D2E286FF,

23CF7B1B4C43E16DF5C27140A2DA71391AA1FB432B91CCF58DB6E9C62DFD693F ]

C:\WINDOWS\system32\sxs.dll
01:33:37.0953 0x0cf4  C:\WINDOWS\system32\sxs.dll - ok
01:33:37.0953 0x0cf4  [ 34EE4D69CDD4176C8FD0B3E9EB9E738C,

0E8EC3B86123523EE4423003C5B5C54894240BD277E8773BBB91A3AE95CDBEC6 ]

C:\Program Files\Citrix\ICA Client\ShellHook.dll
01:33:37.0953 0x0cf4  C:\Program Files\Citrix\ICA Client\ShellHook.dll - ok
01:33:37.0968 0x0cf4  [ 59B408E5B8489B0B36A0D783D150EDCC,

CB234B25502B0CE0C1E6CFA883FDDF64DAB7A6E50A6AD36CAB3B30A7C872B403 ]

C:\WINDOWS\system32\ole32.dll
01:33:37.0968 0x0cf4  C:\WINDOWS\system32\ole32.dll - ok
01:33:37.0968 0x0cf4  [ C448A248B743F5FB935C787A5D97268B,

26E88FF449F938B218FAED6D8F3F095577216A29D656D17ACEA7F6C16E638BED ]

C:\WINDOWS\system32\shlwapi.dll
01:33:37.0968 0x0cf4  C:\WINDOWS\system32\shlwapi.dll - ok
01:33:37.0968 0x0cf4  [ 6843D54BC4A40CC8C5741AF750233D10,

D998B54B7D23A986DD14D8BC56169A10EE43267F4F1914FBDD55B6B028993FAC ]

C:\WINDOWS\system32\shell32.dll
01:33:37.0968 0x0cf4  C:\WINDOWS\system32\shell32.dll - ok
01:33:37.0968 0x0cf4  [ 736B12B725AEB2B07F0241A9F680CB10,

9EF1406CAEE256117DA8C8904BCB20FB8F9421F02F812B4DC2CE1F16D2B315F2 ]

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2

600.6028_x-ww_61e65202\comctl32.dll
01:33:37.0968 0x0cf4  

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2

600.6028_x-ww_61e65202\comctl32.dll - ok
01:33:37.0984 0x0cf4  [ 93AFB83FBC1F9443CAC722FCA63D73BF,

853C4A03A153F232E5CAF219F7FD732CB82CB62171F077DE737B32169F7832AB ]

C:\WINDOWS\system32\comctl32.dll
01:33:37.0984 0x0cf4  C:\WINDOWS\system32\comctl32.dll - ok
01:33:37.0984 0x0cf4  [ 56C5B179FE3308B655EB6208C3256FEC,

C70BCE54E5DF47D37C835804EAAEC7C06C1A226EFA2003226BE290D1D552126F ]

C:\WINDOWS\system32\kbdus.dll
01:33:37.0984 0x0cf4  C:\WINDOWS\system32\kbdus.dll - ok
01:33:37.0984 0x0cf4  [ BDAC6A0D197004C46F44599BCF13D19A,

404E79C09C5ACCA52C5D9693FEAD03D1209DA4D56A83C5D15925A1EDD3A1DEED ]

C:\WINDOWS\system32\msgina.dll
01:33:37.0984 0x0cf4  C:\WINDOWS\system32\msgina.dll - ok
01:33:38.0000 0x0cf4  [ 40B0F98BAD16AD5DEF894E88C3EF8014,

916B7BFC23BB5A3F757160BCF2013A8260D9382EFDE6AADAFC4D297828C71003 ]

C:\WINDOWS\system32\odbc32.dll
01:33:38.0000 0x0cf4  C:\WINDOWS\system32\odbc32.dll - ok
01:33:38.0000 0x0cf4  [ 299B07BCF132B7B0448DB7284ED72CDE,

2B8D0AF2F22A3F8E1E1BC7DCE78FF76A0DB5466C4B5CC426B1068E373A166CAF ]

C:\WINDOWS\system32\comdlg32.dll
01:33:38.0000 0x0cf4  C:\WINDOWS\system32\comdlg32.dll - ok
01:33:38.0000 0x0cf4  [ 9818BF587BE59D2E75985C640C27883E,

C610A670C1565BA33D64DB31083975BFDD7448AAD044FFBD61CAAC0234288976 ]

C:\WINDOWS\system32\odbcint.dll
01:33:38.0000 0x0cf4  C:\WINDOWS\system32\odbcint.dll - ok
01:33:38.0000 0x0cf4  [ 99BC0B50F511924348BE19C7C7313BBF,

A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ]

C:\WINDOWS\system32\shsvcs.dll
01:33:38.0000 0x0cf4  C:\WINDOWS\system32\shsvcs.dll - ok
01:33:38.0015 0x0cf4  [ 692D64203772EE801D1A0C36E8435143,

6670CD37FAAF1440E1875BBFF8335B35386B0A0E7F78AE26869108BF5566E4ED ]

C:\WINDOWS\system32\apphelp.dll
01:33:38.0015 0x0cf4  C:\WINDOWS\system32\apphelp.dll - ok
01:33:38.0015 0x0cf4  [ 9BACF227D6CD85D05A3A2B7A2F78C110,

5F6B238F76AAF84205586E1E4F0F6FECD547A44BCCDDFD30720863A10A442E37 ]

C:\WINDOWS\system32\sfc.dll
01:33:38.0015 0x0cf4  C:\WINDOWS\system32\sfc.dll - ok
01:33:38.0015 0x0cf4  [ 2F915F6AF939CF10EDBF13C96650140B,

BC749A8F9CAE58F7D79E804463E9D7E3F7F48F05FD83F85A46D310982890AFB7 ]

C:\WINDOWS\system32\sfc_os.dll
01:33:38.0015 0x0cf4  C:\WINDOWS\system32\sfc_os.dll - ok
01:33:38.0031 0x0cf4  [ 70885577298B92939F3B7AF54D5F8943,

98E33AD38AF6ADC5499E1416711CF522F5263D6800281F125460C16137DE43EB ]

C:\WINDOWS\system32\lsass.exe
01:33:38.0031 0x0cf4  C:\WINDOWS\system32\lsass.exe - ok
01:33:38.0031 0x0cf4  [ 65DF52F5B8B6E9BBD183505225C37315,

59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ]

C:\WINDOWS\system32\services.exe
01:33:38.0031 0x0cf4  C:\WINDOWS\system32\services.exe - ok
01:33:38.0031 0x0cf4  [ BD31DC6DBE9333C4FBD4BDF0899F2160,

545D83178CCD74C68B72C607201EF9E1C8A5FC26A08288F8D3A77106964D1034 ]

C:\WINDOWS\system32\lsasrv.dll
01:33:38.0031 0x0cf4  C:\WINDOWS\system32\lsasrv.dll - ok
01:33:38.0031 0x0cf4  [ C30241CA2A0F0A0AE7A43BD5D26F4C1C,

2D7419812D5358B7D9D869556CCDE932F6B36C0DD3FBDD2D3B76DDCA76F84BCB ]

C:\WINDOWS\system32\msvcp60.dll
01:33:38.0031 0x0cf4  C:\WINDOWS\system32\msvcp60.dll - ok
01:33:38.0046 0x0cf4  [ 06C7DE7A95515F25FD160D8142B65B83,

75EFA7B7BACCD1E73E1E705975E7F3F805C0BAEA152A2FDFAC6419670EFFF477 ]

C:\WINDOWS\system32\ncobjapi.dll
01:33:38.0046 0x0cf4  C:\WINDOWS\system32\ncobjapi.dll - ok
01:33:38.0046 0x0cf4  [ FF7A7926E553DF76BD92B630C6153C81,

79643B3A7F7BDD144E1E40449D7C10E71B525A09CE30FFD0798BC39C9BFD4678 ]

C:\WINDOWS\system32\scesrv.dll
01:33:38.0046 0x0cf4  C:\WINDOWS\system32\scesrv.dll - ok
01:33:38.0046 0x0cf4  [ 45FAA17EE1755899E7F4CD009150E3C1,

03CB7D7158DF566E99304918EFF055C5C51C15FBDB7E354F348AC1DA6340D87F ]

C:\WINDOWS\system32\umpnpmgr.dll
01:33:38.0046 0x0cf4  C:\WINDOWS\system32\umpnpmgr.dll - ok
01:33:38.0062 0x0cf4  [ 748E7E6C3EB677218E7177DE228D6E81,

0C3AECFED1D3950F34A17E1BB7ADDED2BF903EC50B2F6EC3372202E03272EB87 ]

C:\WINDOWS\system32\shimeng.dll
01:33:38.0062 0x0cf4  C:\WINDOWS\system32\shimeng.dll - ok
01:33:38.0062 0x0cf4  [ 1F813C0C2A77BCC7AAAE4133DAD1A11D,

B614AF3E829C2EF21E88BFFABEDECA5FFAD250887101E907FA7B5CD752022A30 ]

C:\WINDOWS\AppPatch\AcAdProc.dll
01:33:38.0062 0x0cf4  C:\WINDOWS\AppPatch\AcAdProc.dll - ok
01:33:38.0062 0x0cf4  [ B54C22A12DA8F3872388E6FEFBAA4E5B,

89C405473240F83BCEAD8556A342E72C8A70BFDEC82D1717EBD3982ED2EDB3C4 ]

C:\WINDOWS\system32\mpr.dll
01:33:38.0062 0x0cf4  C:\WINDOWS\system32\mpr.dll - ok
01:33:38.0062 0x0cf4  [ 389496118B3B03C2328024AF320132AC,

11F85CA49596CE12B1F80B5BC059B6F5549FC09A43E2C47841A688F2ACEBB8B8 ]

C:\WINDOWS\system32\dnsapi.dll
01:33:38.0062 0x0cf4  C:\WINDOWS\system32\dnsapi.dll - ok
01:33:38.0078 0x0cf4  [ 64C73947FE9B73C64C993D0A83B5A18A,

4D2C17B0CDB51DD8A2E9CDB248E8934061691796CC1E532D240C0E66453ECD49 ]

C:\WINDOWS\system32\ntdsapi.dll
01:33:38.0078 0x0cf4  C:\WINDOWS\system32\ntdsapi.dll - ok
01:33:38.0078 0x0cf4  [ 6CA878FFBC95E9E1528BD159E53301CD,

462809F6F32DFF9E154411CD25E06775A5AE6F35A6BCA3BDF6079BA60656E4DD ]

C:\WINDOWS\system32\wldap32.dll
01:33:38.0078 0x0cf4  C:\WINDOWS\system32\wldap32.dll - ok
01:33:38.0078 0x0cf4  [ F080D8EFCFA53DF4722A43B9C8728A8E,

61EAC65E9CA6211B2AA60914A4E99F10B7AACCCCD7700DE83F3741D35F2552A3 ]

C:\WINDOWS\system32\samlib.dll
01:33:38.0078 0x0cf4  C:\WINDOWS\system32\samlib.dll - ok
01:33:38.0093 0x0cf4  [ 1E41FB250D47B26323A54211BF7158FD,

76AC6716124850DD1D55304D7E7A87795F24F31EEAE0E5DF75D8843EEE4C25DD ]

C:\WINDOWS\system32\samsrv.dll
01:33:38.0093 0x0cf4  C:\WINDOWS\system32\samsrv.dll - ok
01:33:38.0093 0x0cf4  [ AA53AFD7F2031C7F7273D4C4A66E9DA0,

CA5A61ADF32B85B4D019D92F85E3DD46A7095299CBDC659F707881814944B244 ]

C:\WINDOWS\system32\cryptdll.dll
01:33:38.0093 0x0cf4  C:\WINDOWS\system32\cryptdll.dll - ok
01:33:38.0093 0x0cf4  [ DDEBC6E500AAFBDA03D2D76E4B12FF0E,

DD0EC442B91A07857FC0EE8EB52AFD52C7732B587B2A24B3F72886925E17AF88 ]

C:\WINDOWS\AppPatch\AcGenral.dll
01:33:38.0093 0x0cf4  C:\WINDOWS\AppPatch\AcGenral.dll - ok
01:33:38.0093 0x0cf4  [ 4A953F13942867BA8FB41F141EC1B80C,

BAE05A8CEDA4411324E38DB8A2153A988C6A3FAC8AD7CB27EE14E18FE7C47569 ]

C:\WINDOWS\system32\winmm.dll
01:33:38.0093 0x0cf4  C:\WINDOWS\system32\winmm.dll - ok
01:33:38.0109 0x0cf4  [ 2D2013D32E7E4A3F1BC6F11480479275,

20BCF681CEDE2C99DEA80386C40DC19C9313B54B5ABC0CD92FF095E811525EA8 ]

C:\WINDOWS\system32\msacm32.dll
01:33:38.0109 0x0cf4  C:\WINDOWS\system32\msacm32.dll - ok
01:33:38.0109 0x0cf4  [ EFF03460E542EEA6B0ABDEC6BF19C897,

C2A0DDE6E8B49B152C295E97CFC35557391DEEE5A3A0B1BB4E445C405C716C55 ]

C:\WINDOWS\system32\oleaut32.dll
01:33:38.0109 0x0cf4  C:\WINDOWS\system32\oleaut32.dll - ok
01:33:38.0109 0x0cf4  [ CEE0377BEE20904FFD6C9094C0B85BE4,

DAE6720763099375A2258485DDA855C5D05D7CE3F4C42D262BAF6CFC37BF9E0D ]

C:\WINDOWS\system32\uxtheme.dll
01:33:38.0109 0x0cf4  C:\WINDOWS\system32\uxtheme.dll - ok
01:33:38.0125 0x0cf4  [ 63904130079AAD117DE1C527F40C56BB,

43A756944A54EA68ADD432DA637700FAC3265A85F61DDB873BBAE7471C41182B ]

C:\WINDOWS\system32\msapsspc.dll
01:33:38.0125 0x0cf4  C:\WINDOWS\system32\msapsspc.dll - ok
01:33:38.0125 0x0cf4  [ 83D10CEEA8EA24A0C08F17A7E322718F,

6CF9DDAA5993BD76D0DBEE86BE8484DE889A242525C743DA90606BDBD5EA1C12 ]

C:\WINDOWS\system32\msvcrt40.dll
01:33:38.0125 0x0cf4  C:\WINDOWS\system32\msvcrt40.dll - ok
01:33:38.0125 0x0cf4  [ 0F64207B49390C8063C36AE7CBF9C2DB,

52C4A7A38EE11CA247001EB0A3C67BFEB1A09E9AC406486132D5AC38BE3A6A6F ]

C:\WINDOWS\system32\schannel.dll
01:33:38.0125 0x0cf4  C:\WINDOWS\system32\schannel.dll - ok
01:33:38.0125 0x0cf4  [ 4FB30F6C23C74D290ACFA55F474A3094,

FB3F44233BD822A547C51E17DBB69F071D0C551D60236375932C6A1BC2725CE5 ]

C:\WINDOWS\system32\digest.dll
01:33:38.0125 0x0cf4  C:\WINDOWS\system32\digest.dll - ok
01:33:38.0140 0x0cf4  [ 42466B87D281CF37F6FC3254D1E0345D,

F05B28BE764B42A2FE850695467B2137D8B333EC812CC129C397A456CCB33B04 ]

C:\WINDOWS\system32\msnsspc.dll
01:33:38.0140 0x0cf4  C:\WINDOWS\system32\msnsspc.dll - ok
01:33:38.0140 0x0cf4  [ 3F790874A85819E94574F3E7AF9C5806,

9D398D6752ED407C1E7F9B08A79DA77ACFFC060D28FA0F357C0BD5D4DE8AAD97 ]

C:\WINDOWS\system32\msctfime.ime
01:33:38.0140 0x0cf4  C:\WINDOWS\system32\msctfime.ime - ok
01:33:38.0203 0x0cf4  [ 976EF073DC1CC5685B5B354A431A66D8,

2185B557CF47A9B5F58FC310A311EBD9A876D3C366D7A2919784F94B743E69D9 ]

C:\WINDOWS\system32\msprivs.dll
01:33:38.0203 0x0cf4  C:\WINDOWS\system32\msprivs.dll - ok
01:33:38.0203 0x0cf4  [ 318FAA70D9B0FB8DD168D4ED628E27B2,

2C407FFDA4A02D4A1CB9592C6FA4293BA31BE8852670436F1187A8107572ED41 ]

C:\WINDOWS\system32\atmfd.dll
01:33:38.0203 0x0cf4  C:\WINDOWS\system32\atmfd.dll - ok
01:33:38.0203 0x0cf4  [ A525C96C51D55111FDF3BEA9FFFFC7AE,

AA5B080E01573B96A37E67F871F97AE975E1E9519EDB16476472AA3FA2144643 ]

C:\WINDOWS\system32\kerberos.dll
01:33:38.0203 0x0cf4  C:\WINDOWS\system32\kerberos.dll - ok
01:33:38.0218 0x0cf4  [ 517561A1113B04E51D936CD018DE1C1F,

A5F572C3557705F28F7A465970F0432F55B616EFD208BA0CBDFFBF7A41F07C04 ]

C:\WINDOWS\system32\msv1_0.dll
01:33:38.0218 0x0cf4  C:\WINDOWS\system32\msv1_0.dll - ok
01:33:38.0218 0x0cf4  [ 9221096E036FE61BF8E00C2BA337E445,

B8A40F103C9CF5049F93A423628E1930A9145961106B8871DEC99815CBD75975 ]

C:\WINDOWS\system32\iphlpapi.dll
01:33:38.0218 0x0cf4  C:\WINDOWS\system32\iphlpapi.dll - ok
01:33:38.0218 0x0cf4  [ 77A2F0D267E6158E4AA53D654547A6C6,

D9BE69A1BDB307AD7DA319224A9180E90879E47897F6C0ECBAC5C459539BDDD5 ]

C:\WINDOWS\system32\netlogon.dll
01:33:38.0218 0x0cf4  C:\WINDOWS\system32\netlogon.dll - ok
01:33:38.0218 0x0cf4  [ DB5633CF64637919A002B5AECC76A9B5,

6EECF5F4CB63791E6BB75228FDE1D236731D129CC7490569489F52646B92A165 ]

C:\WINDOWS\system32\w32time.dll
01:33:38.0218 0x0cf4  C:\WINDOWS\system32\w32time.dll - ok
01:33:38.0234 0x0cf4  [ 3AAF9B35939FF9E58CCD18D41655C2FC,

AF7358AB0A507D77569A8D38D2392C224BFBEFD1264C069BBC6C677BC20C6B8B ]

C:\WINDOWS\system32\wdigest.dll
01:33:38.0234 0x0cf4  C:\WINDOWS\system32\wdigest.dll - ok
01:33:38.0234 0x0cf4  [ 63FAE12497EF7AEADDF2DFFC2BF6CF14,

29A52542C77493A5F92E961149920764F710771297C36091D775F933FD44A981 ]

C:\WINDOWS\system32\rsaenh.dll
01:33:38.0234 0x0cf4  C:\WINDOWS\system32\rsaenh.dll - ok
01:33:38.0234 0x0cf4  [ 1C5E2F3907349EDDB0CCFF8073F02AF6,

3338FEAC5DF9FBCDFC6B676782C485034C640FE2565A742A8A0B63F9EF80DDA4 ]

C:\WINDOWS\system32\nwprovau.dll
01:33:38.0234 0x0cf4  C:\WINDOWS\system32\nwprovau.dll - ok
01:33:38.0250 0x0cf4  [ 8AFFB97822CA94DC40F3E2F725199377,

7B78553D6981DE377B5900C0892978E743A7418E3797E16CF2E00B3D29C99EED ]

C:\WINDOWS\system32\winscard.dll
01:33:38.0250 0x0cf4  C:\WINDOWS\system32\winscard.dll - ok
01:33:38.0250 0x0cf4  [ AB903FACB331F43EBC73289EFDBF6514,

4DF5593F8A5ACFFF5BFD8E13922796F9F95EDE22E862B5F86373D9C186641FA4 ]

C:\WINDOWS\system32\wtsapi32.dll
01:33:38.0250 0x0cf4  C:\WINDOWS\system32\wtsapi32.dll - ok
01:33:38.0250 0x0cf4  [ 1FC0B879C83F7E6E5D975617F7A85C5F,

28A9F262C542984206E357748A32E26F20E71F6C5B45B333926F9A773416351E ]

C:\WINDOWS\system32\scecli.dll
01:33:38.0250 0x0cf4  C:\WINDOWS\system32\scecli.dll - ok
01:33:38.0250 0x0cf4  [ 0C54D685CFA1D5054F59F08ADAF71248,

FF342937FD2641A7B56E3AF7901A195A2B647CC1B58655C519CA7652250E802B ]

C:\WINDOWS\system32\svchost.exe
01:33:38.0250 0x0cf4  C:\WINDOWS\system32\svchost.exe - ok
01:33:38.0265 0x0cf4  [ F0E0CF7626912BA131AE75BFBEDC9A4A,

EDB5BF8B381C236C4F53477FBAD95F05E1599A184B96F3E94DB9A0EB28246AD6 ]

C:\WINDOWS\system32\ntmarta.dll
01:33:38.0265 0x0cf4  C:\WINDOWS\system32\ntmarta.dll - ok
01:33:38.0265 0x0cf4  [ 6B27A5C03DFB94B4245739065431322C,

6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ]

C:\WINDOWS\system32\rpcss.dll
01:33:38.0265 0x0cf4  C:\WINDOWS\system32\rpcss.dll - ok
01:33:38.0281 0x0cf4  [ 47D075E6D9592FFCD24089F87D76830B,

CAF900A6B23A4DEF7B4BAEBB1F6769FA64C088E890854288062E566A81F38ACE ]

C:\WINDOWS\system32\xpsp2res.dll
01:33:38.0281 0x0cf4  C:\WINDOWS\system32\xpsp2res.dll - ok
01:33:38.0296 0x0cf4  [ 9FE2545FF4234A165368B6C3EC587E8C,

EDB0A77BBA687CA1752A131D90567196B4ECA079F1F955E6B5F3B5373E9FFC00 ]

C:\WINDOWS\system32\eventlog.dll
01:33:38.0296 0x0cf4  C:\WINDOWS\system32\eventlog.dll - ok
01:33:38.0296 0x0cf4  [ 943337D786A56729263071623BBB9DE5,

B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ]

C:\WINDOWS\system32\mswsock.dll
01:33:38.0296 0x0cf4  C:\WINDOWS\system32\mswsock.dll - ok
01:33:38.0296 0x0cf4  [ 04CF0F38382C273727849EE12A3CC09D,

64955AFE3A771D4E2D4A10826421FF545AFA3E50152A021E671A3D027708B8C9 ]

C:\WINDOWS\system32\hnetcfg.dll
01:33:38.0296 0x0cf4  C:\WINDOWS\system32\hnetcfg.dll - ok
01:33:38.0312 0x0cf4  [ 811BB60991FC03A63F2F844A3F9C6488,

4E26BEBA2B24516B447BFAFC405692C53121F28815B7312F1E4F38D5CBCEA678 ]

C:\WINDOWS\system32\wshisn.dll
01:33:38.0312 0x0cf4  C:\WINDOWS\system32\wshisn.dll - ok
01:33:38.0312 0x0cf4  [ 68EF61CE3AD0615487675462D14E6C9B,

28BB6168FD969C22EC379B5AC47C4399F4233CA37F7C52B3FA9566D029578D6E ]

C:\WINDOWS\system32\wshtcpip.dll
01:33:38.0312 0x0cf4  C:\WINDOWS\system32\wshtcpip.dll - ok
01:33:38.0312 0x0cf4  [ 4C0B5C802738058C533462AD62B1A9E6,

695D9A9B27ED6C8E6E95C8132E9CFB4DE9387DA297BF81E1317440C269D75566 ]

C:\WINDOWS\system32\rasadhlp.dll
01:33:38.0312 0x0cf4  C:\WINDOWS\system32\rasadhlp.dll - ok
01:33:38.0328 0x0cf4  [ 5058FB4E1A27E3D424392519DED2F22C,

C5DEEED3D5A23C40ED85FB5268C5F643610B06966CBFE8DE7A41A582F7AA4043 ]

C:\WINDOWS\system32\winrnr.dll
01:33:38.0328 0x0cf4  C:\WINDOWS\system32\winrnr.dll - ok
01:33:38.0328 0x0cf4  [ 760F1C23AEC41B6D97AEF8C588F73351,

279F36087BEC7215EB6AAB20EDAF24942D86E5A4DB4ECA91BEE409F3716EC9A1 ]

C:\WINDOWS\system32\wsock32.dll
01:33:38.0328 0x0cf4  C:\WINDOWS\system32\wsock32.dll - ok
01:33:38.0328 0x0cf4  [ 736A9F2429BF354E0445D5FCBDE07FD9,

2BA985E99677F98A13EEAFB53E9023F470332E990D2784102361726A31950614 ]

C:\WINDOWS\system32\cscdll.dll
01:33:38.0328 0x0cf4  C:\WINDOWS\system32\cscdll.dll - ok
01:33:38.0343 0x0cf4  [ C5CABEDF677DB6B0D96B8BE62AC25B64,

3C2F98E33C0FDEBC40936DBA60211051CA19D79615384E3CDD5C68453867E43C ]

C:\WINDOWS\system32\dimsntfy.dll
01:33:38.0343 0x0cf4  C:\WINDOWS\system32\dimsntfy.dll - ok
01:33:38.0343 0x0cf4  [ 6F5AD5476EDABE63CFEADC49D2E18659,

840D0164FEE10806217FF16D09528B52F5D3E9759AA12B02CF7A73AA3F8D2F2F ]

C:\WINDOWS\system32\winspool.drv
01:33:38.0343 0x0cf4  C:\WINDOWS\system32\winspool.drv - ok
01:33:38.0343 0x0cf4  [ AF771ABB00FB4D77C44E51A25AE2A665,

C5ABE2B76FB92B606180572FC58C013CB945E15F5D85D4B4CF03C8EC250DE093 ]

C:\WINDOWS\system32\wlnotify.dll
01:33:38.0343 0x0cf4  C:\WINDOWS\system32\wlnotify.dll - ok
01:33:38.0343 0x0cf4  [ 02CF580510234E519736559A7F19EA20,

93DC16678B01DF2E12672AB93778151FDD7FF10C30CEF7A921553D86F97C3819 ]

C:\WINDOWS\system32\WgaLogon.dll
01:33:38.0343 0x0cf4  C:\WINDOWS\system32\WgaLogon.dll - ok
01:33:38.0359 0x0cf4  [ 05231C04253C5BC30B26CBAAE680ED89,

5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ]

C:\WINDOWS\system32\WudfSvc.dll
01:33:38.0359 0x0cf4  C:\WINDOWS\system32\WudfSvc.dll - ok
01:33:38.0359 0x0cf4  [ 5CAF91E865FE0C85048A233E594544D2,

23B16D6CB30E124D37949EFCF261BCD9D9872FE2F3852FC345F32283E3D04178 ]

C:\WINDOWS\system32\WudfPlatform.dll
01:33:38.0359 0x0cf4  C:\WINDOWS\system32\WudfPlatform.dll - ok
01:33:38.0359 0x0cf4  [ 5AD440B71AAF1C64DBAD8E2D1100FD1C,

0DE7CEC01F3C6CBA59C1BF8BB632FE5C1F51DF726580DA25BC6C916B211C6627 ]

C:\WINDOWS\system32\clbcatq.dll
01:33:38.0359 0x0cf4  C:\WINDOWS\system32\clbcatq.dll - ok
01:33:38.0375 0x0cf4  [ B7398412F2F22C44C31290CAFDDCA842,

563CAF01158F9CAF028798429A0BC753B1FC87E9EA990EA9B7E16AEFC9F6E9EA ]

C:\WINDOWS\system32\comres.dll
01:33:38.0375 0x0cf4  C:\WINDOWS\system32\comres.dll - ok
01:33:38.0375 0x0cf4  [ 03A02D5A2D50198BDF6C62AF209438D0,

7A2577BB31B937436689EB8E3F415F71D3744209EFFC110C9B12C42025F36C88 ]

C:\WINDOWS\system32\msxml3.dll
01:33:38.0375 0x0cf4  C:\WINDOWS\system32\msxml3.dll - ok
01:33:38.0390 0x0cf4  [ DBC474CA8EFE2501ED38B688DA94DD08,

D1940127C5E20867190014BE74AA59F38234C9AE9EA1E6BA15EDA98B25B67CDC ]

C:\WINDOWS\system32\drivers\nwlnkipx.sys
01:33:38.0390 0x0cf4  C:\WINDOWS\system32\drivers\nwlnkipx.sys - ok
01:33:38.0390 0x0cf4  [ 4B51239904FFB424BF6ED20EE6860836,

AD67E3333A7D49CB41EAF3B9DC988CF35657A388A0DAF4CB1AB36EABA9FC4F9A ]

C:\WINDOWS\system32\drivers\ndisuio.sys
01:33:38.0390 0x0cf4  C:\WINDOWS\system32\drivers\ndisuio.sys - ok
01:33:38.0390 0x0cf4  [ 56D34A67C05E94E16377C60609741FF8,

ABE48D3E7D38DB20E9D4884FC6FE42FAE0C5FAFD3AC86F1E585A4BB17C6F09C5 ]

C:\WINDOWS\system32\drivers\nwlnknb.sys
01:33:38.0390 0x0cf4  C:\WINDOWS\system32\drivers\nwlnknb.sys - ok
01:33:38.0406 0x0cf4  [ AD5C82A2A8E7B30BDD7C3441BA095243,

2B57855FF5E82B75B4C1A6EF00D18EBED80446A288BBCCAB9B2FE6863BF850C5 ]

C:\WINDOWS\system32\msimg32.dll
01:33:38.0406 0x0cf4  C:\WINDOWS\system32\msimg32.dll - ok
01:33:38.0406 0x0cf4  [ 7EF07645D1AF5ACA0762F95E6F80D27F,

709D168F106876E1F170DB372E28F77AE6DC63F04E1FCA78EFE3AE4E6A9D26F2 ]

C:\WINDOWS\system32\dhcpcsvc.dll
01:33:38.0406 0x0cf4  C:\WINDOWS\system32\dhcpcsvc.dll - ok
01:33:38.0406 0x0cf4  [ 5F7E24FA9EAB896051FFB87F840730D2,

356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ]

C:\WINDOWS\system32\dnsrslvr.dll
01:33:38.0406 0x0cf4  C:\WINDOWS\system32\dnsrslvr.dll - ok
01:33:38.0406 0x0cf4  [ D53F9AED00F107A77D421A82BC8CEA6A,

C17B8D3C3B6794FC761B42B5B6A962AD577FDD1F930111D90E4FD84A147FD910 ]

C:\WINDOWS\system32\lmhsvc.dll
01:33:38.0406 0x0cf4  C:\WINDOWS\system32\lmhsvc.dll - ok
01:33:38.0421 0x0cf4  [ 578F0A329CF1AB10715AB437CFAF8DDA,

D919409126307C89F02BD7165C2123F5452D469751FD4D4954D73CEC7FB89852 ]

C:\WINDOWS\system32\wzcsvc.dll
01:33:38.0421 0x0cf4  C:\WINDOWS\system32\wzcsvc.dll - ok
01:33:38.0421 0x0cf4  [ 09C172317408F9327E368F9E7DFEF752,

A46519061E97DAB173F30DB2479FE778626C48764AACA0767F6597A0FFD936E3 ]

C:\WINDOWS\system32\eapolqec.dll
01:33:38.0421 0x0cf4  C:\WINDOWS\system32\eapolqec.dll - ok
01:33:38.0421 0x0cf4  [ 874E22661AFD3A3FAE1DC5C58E2313DD,

7D2A6A2EB95C80103DC855A4AF18A82B16FB9FC8E2AE6D9500193A822D4C66ED ]

C:\WINDOWS\system32\rtutils.dll
01:33:38.0421 0x0cf4  C:\WINDOWS\system32\rtutils.dll - ok
01:33:38.0437 0x0cf4  [ 4D40D85707FCC530E9E703D8C094AC65,

02D14F69DA4F2C358D5C2E011A27AD8B2051F91B41C0791A784C2FB818F28972 ]

C:\WINDOWS\system32\wmi.dll
01:33:38.0437 0x0cf4  C:\WINDOWS\system32\wmi.dll - ok
01:33:38.0437 0x0cf4  [ 224FB925C641DA16CEB6D60F40CA4C75,

2DDB3B019D2A22B359C5974DC366EC9B95F4382DB1BF7F1958CFF0EC277895C7 ]

C:\WINDOWS\system32\atl.dll
01:33:38.0437 0x0cf4  C:\WINDOWS\system32\atl.dll - ok
01:33:38.0437 0x0cf4  [ 6EB5E03A1C829D4D9043A780F8E36461,

AF12A56F3A5372495DB775A66F566660EDA2BFDBE8D565D1325A076CE060CB2D ]

C:\WINDOWS\system32\dot3api.dll
01:33:38.0437 0x0cf4  C:\WINDOWS\system32\dot3api.dll - ok
01:33:38.0437 0x0cf4  [ B20CF28D96AC54170E777566CFCF0175,

87BC08331F8F75171465B212E5891EF304108195C54F3DAD3E569B1BEBB37432 ]

C:\WINDOWS\system32\esent.dll
01:33:38.0437 0x0cf4  C:\WINDOWS\system32\esent.dll - ok
01:33:38.0453 0x0cf4  [ E750A34D54A7987DDAAE814EDD79903F,

34AE118DB5121758E570C15CAC29E067738F73C1B062329960E16AB005F1DE4F ]

C:\WINDOWS\system32\qutil.dll
01:33:38.0453 0x0cf4  C:\WINDOWS\system32\qutil.dll - ok
01:33:38.0453 0x0cf4  [ 115B7EE1072343A51B94C85B09446739,

1084B3622FFBFCBD066A987FCE31827FE85182A13AA0AB65F18CE7BC5BCBA2DA ]

C:\WINDOWS\system32\qagent.dll
01:33:38.0453 0x0cf4  C:\WINDOWS\system32\qagent.dll - ok
01:33:38.0453 0x0cf4  [ A39BE37C9237DB5F1990D61B268EA555,

ABAB9D73DF10D2AC78F00A6C5E5318C4DE166CDF70683408D83D218CB39B7449 ]

C:\WINDOWS\system32\rastls.dll
01:33:38.0453 0x0cf4  C:\WINDOWS\system32\rastls.dll - ok
01:33:38.0468 0x0cf4  [ 63EAC479A80D48E1390725AF4E123D52,

C359E66AD76CCD1ECA9414FF6DE6674A01820EA7EB1565EC830B006CE5F502E4 ]

C:\WINDOWS\system32\cryptui.dll
01:33:38.0468 0x0cf4  C:\WINDOWS\system32\cryptui.dll - ok
01:33:38.0468 0x0cf4  [ EB14594F0EB92CA4169081DE6268EB1A,

35E293C87A6B3E42CCC6D9B402ADB9919FE7B5ABB4B967754D4D19E394D3C7A5 ]

C:\WINDOWS\system32\wininet.dll
01:33:38.0468 0x0cf4  C:\WINDOWS\system32\wininet.dll - ok
01:33:38.0468 0x0cf4  [ CDC0E34AD20FB8F2895622928407187C,

8BC38F79927EC1FEB0287B90F51FA5E2D21FE014660A7F5DD8BDEF9598F975F1 ]

C:\WINDOWS\system32\activeds.dll
01:33:38.0468 0x0cf4  C:\WINDOWS\system32\activeds.dll - ok
01:33:38.0468 0x0cf4  [ 25E5395B9F87000F25520B5EA3D86B68,

7D7AD7980093C47554519C58CB6FA09068B7E58B484392C2A423D91D20C8BD61 ]

C:\WINDOWS\system32\iertutil.dll
01:33:38.0468 0x0cf4  C:\WINDOWS\system32\iertutil.dll - ok
01:33:38.0484 0x0cf4  [ B63FA0BDA5109E11AA3ADABF315D462E,

918E2456BDCB88854F118AE2436BE0F01CC5F571037359BC040E0FD6A083D877 ]

C:\WINDOWS\system32\mprapi.dll
01:33:38.0484 0x0cf4  C:\WINDOWS\system32\mprapi.dll - ok
01:33:38.0484 0x0cf4  [ 10753A3ADC3E39A3B10CC3F08E98E6B4,

99C7B1B04CD593139917ED3D68BEC36C63BCE76663505CB5D026B62AF39BB383 ]

C:\WINDOWS\system32\normaliz.dll
01:33:38.0484 0x0cf4  C:\WINDOWS\system32\normaliz.dll - ok
01:33:38.0484 0x0cf4  [ 3DF8CA56B6AC4CEC3569640889313794,

0548DC366CE9B9ABE476ADCEF77B93724F812C0732D8EC47AEDAEA898F11A290 ]

C:\WINDOWS\system32\adsldpc.dll
01:33:38.0484 0x0cf4  C:\WINDOWS\system32\adsldpc.dll - ok
01:33:38.0484 0x0cf4  [ 157A7865B4C7F99D55A29034184CD413,

2046B70C98D471670349B8E3198836E2C80A67A38A98DDA2716794BFC641E8E7 ]

C:\WINDOWS\system32\rasapi32.dll
01:33:38.0484 0x0cf4  C:\WINDOWS\system32\rasapi32.dll - ok
01:33:38.0500 0x0cf4  [ 20652C2A3C1402FA2529225F8A8CC39A,

45872370C707CA88B5E712085B6FB6AF602AD1B0004F8BCB8F3CAAAE58154F55 ]

C:\WINDOWS\system32\rasman.dll
01:33:38.0500 0x0cf4  C:\WINDOWS\system32\rasman.dll - ok
01:33:38.0500 0x0cf4  [ B0B3FFAE6837A04848533B4BC7ACFED5,

D722C031230C98B3BC1808D335E11E1FA36E774CA6EFC93B8BCAA42F2FC143A2 ]

C:\WINDOWS\system32\tapi32.dll
01:33:38.0500 0x0cf4  C:\WINDOWS\system32\tapi32.dll - ok
01:33:38.0500 0x0cf4  [ B468367E0CBC5E7EA847567BDC81D458,

8B762387EB0C5B7CABD3F8F763B65D1A16D70FF2431EB38DCC5376C89D1CE48E ]

C:\WINDOWS\system32\riched20.dll
01:33:38.0500 0x0cf4  C:\WINDOWS\system32\riched20.dll - ok
01:33:38.0515 0x0cf4  [ 56CE97FF94B7662A300D359CD6F4D601,

D67A792E176AE3394CEB8FEF16F9E56DC614D7D4F58F6B9202E49EFD42BAE9E4 ]

C:\WINDOWS\system32\raschap.dll
01:33:38.0515 0x0cf4  C:\WINDOWS\system32\raschap.dll - ok
01:33:38.0515 0x0cf4  [ B1AAF8F173BB05E9FF544642D12936F6,

6D3D5976A86530EFC774E75E7A1050FEDDC8F8F18FBCD820E4285E4262D0930B ]

C:\WINDOWS\system32\schedsvc.dll
01:33:38.0515 0x0cf4  C:\WINDOWS\system32\schedsvc.dll - ok
01:33:38.0515 0x0cf4  [ A020A648D9126DEB762058108946D005,

D7951FF192FC8A3076822531D9E5419C80A9D813101090346E7B596CA625621B ]

C:\WINDOWS\system32\msidle.dll
01:33:38.0515 0x0cf4  C:\WINDOWS\system32\msidle.dll - ok
01:33:38.0515 0x0cf4  [ 60784F891563FB1B767F70117FC2428F,

E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ]

C:\WINDOWS\system32\spoolsv.exe
01:33:38.0515 0x0cf4  C:\WINDOWS\system32\spoolsv.exe - ok
01:33:38.0531 0x0cf4  [ 1B66662A027EFBE4541783F0723D71D5,

2B8795B4F61D9FA3A5A7DD2FA2CA93F7DA000EB36B3ADB0243C60FD7E70DD1BE ]

C:\WINDOWS\system32\audiosrv.dll
01:33:38.0531 0x0cf4  C:\WINDOWS\system32\audiosrv.dll - ok
01:33:38.0531 0x0cf4  [ A8888A5327621856C0CEC4E385F69309,

B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ]

C:\WINDOWS\system32\wkssvc.dll
01:33:38.0531 0x0cf4  C:\WINDOWS\system32\wkssvc.dll - ok
01:33:38.0531 0x0cf4  [ 9FB5C83D05AE3EB2B691F574F61F51E3,

5A023D50C7B26B6CD72E17B1A982133E781C57436DCCEF218D32AFCEDC6C9223 ]

C:\WINDOWS\system32\drivers\nwrdr.sys
01:33:38.0531 0x0cf4  C:\WINDOWS\system32\drivers\nwrdr.sys - ok
01:33:38.0546 0x0cf4  [ A60BC1B3D9F704230BC4D6CD4AFDF309,

D9EC00345D4F65953D10F7B4A9284000115416C2B0BEEA1E3AC3FC4B235583F6 ]

C:\WINDOWS\system32\nwapi32.dll
01:33:38.0546 0x0cf4  C:\WINDOWS\system32\nwapi32.dll - ok
01:33:38.0546 0x0cf4  [ BA53B9653D079E32BC8E8737117B5BFC,

2C5784AEA591CFBA392057D90D1460801BCD44EE42A46918ED46EA6DC25A617E ]

C:\WINDOWS\system32\nwwks.dll
01:33:38.0546 0x0cf4  C:\WINDOWS\system32\nwwks.dll - ok
01:33:38.0546 0x0cf4  [ DC60415365C36FABEC85F02510D33A5C,

195B16E98B007F3B7186B413BC3304FECBDB628FE24E36ED612C267D5630B49E ]

C:\WINDOWS\system32\drivers\mrxdav.sys
01:33:38.0546 0x0cf4  C:\WINDOWS\system32\drivers\mrxdav.sys - ok
01:33:38.0546 0x0cf4  [ F98737AD88563DD7A5CEB01A6F14C273,

2D62B880C0A326B993BD76B76DC130E2FDF9CA2F4FC53D159F09C2DE623E7EC8 ]

C:\WINDOWS\system32\webclnt.dll
01:33:38.0546 0x0cf4  C:\WINDOWS\system32\webclnt.dll - ok
01:33:38.0562 0x0cf4  [ C0BB7D1615E1ACBDC99757F6CEAF8CF0,

899905C0EB182ABCDAE0D0D749C0BC39CD231B9FAEE733D5DFDAE86EB8BC755B ]

C:\WINDOWS\system32\drivers\nwlnkspx.sys
01:33:38.0562 0x0cf4  C:\WINDOWS\system32\drivers\nwlnkspx.sys - ok
01:33:38.0562 0x0cf4  [ A7E06854EA2A20AEE8EC32BD8C754298,

C23ACA5939C29C59B0BD6DF247650F0B640E675A759D6C6484D9710BC923515A ]

C:\WINDOWS\system32\mpnotify.exe
01:33:38.0562 0x0cf4  C:\WINDOWS\system32\mpnotify.exe - ok
01:33:38.0562 0x0cf4  [ B5AD83B72553ACDADEBEB36FBF565D99,

1C8C9E6F5CBF402CD22041C833E5F017C4FEAEF655BC1A60A8E6D056EE12A3D3 ]

C:\Program Files\Citrix\ICA Client\pnsson.dll
01:33:38.0562 0x0cf4  C:\Program Files\Citrix\ICA Client\pnsson.dll - ok
01:33:38.0578 0x0cf4  [ C9564CF4976E7E96B4052737AA2492B4,

C3AC989C8489A23BB96400B1856F5325FFC67E844F04651EA5D61BC20A991C6D ]

C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_

44262b86\msvcr80.dll
01:33:38.0578 0x0cf4  

C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_

44262b86\msvcr80.dll - ok
01:33:38.0578 0x0cf4  [ 8C22083ED515DC94D575438662F0BE6A,

67DC2A393AE31764C090BE2AEFAD3E20220538152157BAEBF366112166FEAB23 ]

C:\WINDOWS\system32\msi.dll
01:33:38.0578 0x0cf4  C:\WINDOWS\system32\msi.dll - ok
01:33:38.0578 0x0cf4  [ C0BDE89D912B78445D60E20683257D76,

B554B180C9EAB7D23703DF8DB0BC84BEE8B5973C35A63992D6DF5FCC47374A59 ]

C:\Program Files\Citrix\ICA Client\ssoncom.exe
01:33:38.0578 0x0cf4  C:\Program Files\Citrix\ICA Client\ssoncom.exe - ok
01:33:38.0593 0x0cf4  [ 71F3012E3EAAC35A3BDA88330C3962FD,

15F79666B8EA0220DAF7060FD665062CC4E74791E7041EF0A0E702AFC8F914B3 ]

C:\Program Files\Citrix\ICA Client\ssonstub.dll
01:33:38.0593 0x0cf4  C:\Program Files\Citrix\ICA Client\ssonstub.dll - ok
01:33:38.0593 0x0cf4  [ 2215EF9C72AC77E378AE7A5DA29C4630,

1B02DE9C332580F228CD3111B6CB795675FD194EFD70EBEA122D781029B8D264 ]

C:\Program Files\Citrix\ICA Client\ssonsvr.exe
01:33:38.0593 0x0cf4  C:\Program Files\Citrix\ICA Client\ssonsvr.exe - ok
01:33:38.0593 0x0cf4  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC,

372AF797353F9335915CD06D4076BAB8410775DCAF2DAC0593197D7C41BBFFB2 ]

C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_

44262b86\msvcp80.dll
01:33:38.0593 0x0cf4  

C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_

44262b86\msvcp80.dll - ok
01:33:38.0593 0x0cf4  [ D274FC44B899AE5D103373CD6E5FA3FC,

12372A68B3BD8435E1230023C22872B771531A85573BE561548541669F27F1E0 ]

C:\WINDOWS\system32\cscui.dll
01:33:38.0593 0x0cf4  C:\WINDOWS\system32\cscui.dll - ok
01:33:38.0609 0x0cf4  [ C57B297C446A41FC2C7732F483382553,

99B803C9ECFB4BE963D89B148C9073A8A62B4C5012022A22AB0B876E2C993B01 ]

C:\WINDOWS\system32\netdde.exe
01:33:38.0609 0x0cf4  C:\WINDOWS\system32\netdde.exe - ok
01:33:38.0609 0x0cf4  [ D7E95933BACE768AFFA0FB8577888AE9,

D4CBE5FCD5ECD82014F1EDE0D0A250C10E901BECE2BAAD06F558B911AFEB52CC ]

C:\WINDOWS\system32\nddenb32.dll
01:33:38.0609 0x0cf4  C:\WINDOWS\system32\nddenb32.dll - ok
01:33:38.0609 0x0cf4  [ FA18078DA0F79D1B32D1646431A79171,

91E68CDEE63263712BB9C777FA2BE4509D3F17CA9FD0EEDFB060F286E3EC4A04 ]

C:\WINDOWS\system32\powrprof.dll
01:33:38.0609 0x0cf4  C:\WINDOWS\system32\powrprof.dll - ok
01:33:38.0625 0x0cf4  [ ED873EF1A0C4DC95F879C8A61781C2B5,

408576F9107F753D0A3791BDB9BCA1F1C779ADF2234C17456D3B297713A53422 ]

C:\WINDOWS\system32\dpcdll.dll
01:33:38.0625 0x0cf4  C:\WINDOWS\system32\dpcdll.dll - ok
01:33:38.0625 0x0cf4  [ B85B8A3E8D4B15EAFEB7592333716B96,

E4B5C18B67BAD81F5BAFD53145E01B295431228B52073171C454E345EAFF8567 ]

C:\WINDOWS\system32\wdmaud.drv
01:33:38.0625 0x0cf4  C:\WINDOWS\system32\wdmaud.drv - ok
01:33:38.0625 0x0cf4  [ 76E4B15C066144E711464F72D7B27AF3,

3D91304EBEDEE3788C647697D1082CE7DB5C91F12A7ED46B568BD7BC224A1398 ]

C:\WINDOWS\system32\drivers\wdmaud.sys
01:33:38.0625 0x0cf4  C:\WINDOWS\system32\drivers\wdmaud.sys - ok
01:33:38.0640 0x0cf4  [ 1E993BDA05D911D49FF5531EA6D1B8CD,

8ABAED03EF72C186A40EA54F10F9A8C592F7FA820D26DE2E8F0F4538785E8D8B ]

C:\WINDOWS\system32\drivers\sysaudio.sys
01:33:38.0640 0x0cf4  C:\WINDOWS\system32\drivers\sysaudio.sys - ok
01:33:38.0640 0x0cf4  [ 56D1314C6B52622B7B33F4B5941C07BC,

4F0A9F9A27926597E75B3A08CCB6B27DA5E99C62C47A300D111595FCC4236CE6 ]

C:\WINDOWS\system32\drivers\splitter.sys
01:33:38.0640 0x0cf4  C:\WINDOWS\system32\drivers\splitter.sys - ok
01:33:38.0640 0x0cf4  [ 8BED39E3C35D6A489438B8141717A557,

1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ]

C:\WINDOWS\system32\drivers\aec.sys
01:33:38.0640 0x0cf4  C:\WINDOWS\system32\drivers\aec.sys - ok
01:33:38.0640 0x0cf4  [ E7FA45622EA5F16C9BC7379591262B25,

7266981BD2828F0A79A2DA204ECB75CECDCCFC6EFBDA6F1F51CD6D71909463FA ]

C:\WINDOWS\system32\userinit.exe
01:33:38.0640 0x0cf4  C:\WINDOWS\system32\userinit.exe - ok
01:33:38.0656 0x0cf4  [ B1296D52B0D2096EC4759EEEB806D759,

4F291E1513D5E79BD3EE54E644138468778A80D6C49DF01EA93E291897E433B5 ]

C:\WINDOWS\system32\WgaTray.exe
01:33:38.0656 0x0cf4  C:\WINDOWS\system32\WgaTray.exe - ok
01:33:38.0656 0x0cf4  [ FE2571A8C9FFAB1D45502D6B0BF472AA,

1442FC0180B555BC4F9B97B9A0D7674F75E67A6F61B87A6D690A20AE7D1EF360 ]

C:\WINDOWS\system32\xp_eos.exe
01:33:38.0656 0x0cf4  C:\WINDOWS\system32\xp_eos.exe - ok
01:33:38.0656 0x0cf4  [ 08F31922388CB31D32841690ACA1379A,

3D848BE892BF193DC8BC3BAA00E8E8BDCF16D151DA318ADE1DED580662CE1F08 ]

C:\WINDOWS\system32\drivers\DMusic.sys
01:33:38.0656 0x0cf4  C:\WINDOWS\system32\drivers\DMusic.sys - ok
01:33:38.0671 0x0cf4  [ D0DCD940E9301ADD51DF993313F3115B,

4B2A33658B4873961B6899B8A8B012A6D10354B323624D0CF01F144E6FBE8AB5 ]

C:\WINDOWS\system32\drivers\swmidi.sys
01:33:38.0671 0x0cf4  C:\WINDOWS\system32\drivers\swmidi.sys - ok
01:33:38.0671 0x0cf4  [ 17566366EC1A5E48B9BA024DB7869B3D,

186C118FDCB156B1075BA6A28F3430E6AD19A123B17A0721F2E2210E92FBE6AF ]

C:\WINDOWS\system32\drivers\kmixer.sys
01:33:38.0671 0x0cf4  C:\WINDOWS\system32\drivers\kmixer.sys - ok
01:33:38.0671 0x0cf4  [ 780426DAD0CEB30124A61A85D71E77D3,

4F5B861940E32AA1BE4BFA91432576640858CEC12FF9C98E863EEC20D8F81DFD ]

C:\WINDOWS\system32\drivers\drmkaud.sys
01:33:38.0671 0x0cf4  C:\WINDOWS\system32\drivers\drmkaud.sys - ok
01:33:38.0671 0x0cf4  [ 50B427A34DA2E13C9CF947A33197CBB3,

09931D1E68B5FF2A20DD015ABF0523AD149747D5E8C74F2D25599BBE834D4A0D ]

C:\WINDOWS\system32\mstask.dll
01:33:38.0671 0x0cf4  C:\WINDOWS\system32\mstask.dll - ok
01:33:38.0687 0x0cf4  [ CB7C9E2BA846DA0AFABD19DE6B6F2006,

78E76BD22036F7EBE960534C2A20FC57E245D3C051A6EF334DD1619C7F0FAF07 ]

C:\WINDOWS\explorer.exe
01:33:38.0687 0x0cf4  C:\WINDOWS\explorer.exe - ok
01:33:38.0687 0x0cf4  [ 9A3BD5F55AADFF859539142F6328A66E,

B8165F650F0E24D380601D54BC81A84C06D886A6CF995EA6CA63EABCFA75554A ]

C:\WINDOWS\system32\msacm32.drv
01:33:38.0687 0x0cf4  C:\WINDOWS\system32\msacm32.drv - ok
01:33:38.0687 0x0cf4  [ 77FFE8395568F5D1B73972A2C4EC4693,

26ADE4574C914EDF383030ED396EBD191E394144C6F6F366975A4EF03B2BB52E ]

C:\WINDOWS\system32\midimap.dll
01:33:38.0687 0x0cf4  C:\WINDOWS\system32\midimap.dll - ok
01:33:38.0703 0x0cf4  [ 1A044AAD6460265849FFFB95F3C4C690,

39A4B65A05253B045752D428C7F0A056F58D438EC6D8952F1F2AD691C1D435F6 ]

C:\WINDOWS\system32\browseui.dll
01:33:38.0703 0x0cf4  C:\WINDOWS\system32\browseui.dll - ok
01:33:38.0703 0x0cf4  [ FA5BAFC42914E1C50633704C1F14B2FA,

0BCD41D57187210D0EE916829FBDBF68EDEA1CC4949AE4B567ABCF3BD43B3EF8 ]

C:\WINDOWS\system32\shdocvw.dll
01:33:38.0703 0x0cf4  C:\WINDOWS\system32\shdocvw.dll - ok
01:33:38.0703 0x0cf4  [ 3307A07B81206F354F0D4BEFEE922437,

4BB29D65667AE99C923147F0F507CF8E680A5C230AAA6DFC88EC79F7D4408955 ]

C:\WINDOWS\system32\LegitCheckControl.DLL
01:33:38.0703 0x0cf4  C:\WINDOWS\system32\LegitCheckControl.DLL - ok
01:33:38.0703 0x0cf4  [ CF62156FF10FBF7B1675064908AE55CF,

1E8D2D423D52AEED554634844BCCDCA8883860C1C9E29CB30C2623BD9759F98C ]

C:\WINDOWS\system32\wbem\wbemcomn.dll
01:33:38.0703 0x0cf4  C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
01:33:38.0718 0x0cf4  [ 1FB0CD53ACC76A083C92F83C3D0A5895,

B936FE34C6ED8D84C4E740708C237B765AD3983A4E8FA60E526E27A967A4B302 ]

C:\WINDOWS\system32\wbem\wbemprox.dll
01:33:38.0718 0x0cf4  C:\WINDOWS\system32\wbem\wbemprox.dll - ok
01:33:38.0718 0x0cf4  [ 30F88258703D26127258F4B23B150D41,

61DA544E19701705B2B9D20BD4CB9C54A2D0648E968F8CE9BFC2EBCEE304A900 ]

C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
01:33:38.0718 0x0cf4  C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL - ok
01:33:38.0718 0x0cf4  [ CDBE9690CF2B8409FACAD94FAC9479C9,

8E7FE1A1F3550C479FFD86A77BC9D10686D47F8727025BB891D8F4F0259354C8 ]

C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_

31a54e43\msvcr90.dll
01:33:38.0718 0x0cf4  

C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_

31a54e43\msvcr90.dll - ok
01:33:38.0718 0x0cf4  [ 58A14C45A5CD2528F10A889E7B0C3FC2,

81521B27F6DE4F2451C5441DFA93781B6687EE8F9AE62A8FE76D61DE7965E6EF ]

C:\WINDOWS\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_

92453bb7\atl90.dll
01:33:38.0718 0x0cf4  

C:\WINDOWS\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_

92453bb7\atl90.dll - ok
01:33:38.0734 0x0cf4  [ 4C39358EBDD2FFCD9132A30E1EC31E16,

06918CF99AD26CD6CF106881C0D5BDB212DC0BAC4549805C9F5906E3D03D152C ]

C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_

31a54e43\msvcp90.dll
01:33:38.0734 0x0cf4  

C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_

31a54e43\msvcp90.dll - ok
01:33:38.0734 0x0cf4  [ 883D87AA9D3C15C3D57B11BABC180B4E,

D1AAC11A9D4145F9DB01386D1B5D048CF052171FFF52AF083288677974F31A0F ]

C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF
01:33:38.0734 0x0cf4  

C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok
01:33:38.0734 0x0cf4  [ 676CCC08D9E9A3F4CA39CB04E97048DF,

AD7361AB05A6169705C57C36AAF015130124737720B13BA6102102299B49D629 ]

C:\PROGRA~1\MICROS~2\Office14\1033\GrooveIntlResource.dll
01:33:38.0734 0x0cf4  C:\PROGRA~1\MICROS~2\Office14\1033\GrooveIntlResource.dll -

ok
01:33:38.0750 0x0cf4  [ FAB2565C4959E92E8EED8BD1104C7A1B,

D6F71E48498845877074F14E4551A76CB8E43D2A6CA55EA4CDBACE513F354827 ]

C:\WINDOWS\system32\desk.cpl
01:33:38.0750 0x0cf4  C:\WINDOWS\system32\desk.cpl - ok
01:33:38.0750 0x0cf4  [ EE9710428FFB95FD3845D41E7148AC31,

5CFBE4B7BCCB136B958E21EACB965E09F7D6CC0CB29DEA9022047809582B1065 ]

C:\WINDOWS\system32\themeui.dll
01:33:38.0750 0x0cf4  C:\WINDOWS\system32\themeui.dll - ok
01:33:38.0750 0x0cf4  [ 4DCEE7F44B494D6AD8D917074F637FBF,

0EBFB78DC8186C996EF3603CAC6C709359756A1F7EF73E2623381D9F9E486C26 ]

C:\WINDOWS\system32\actxprxy.dll
01:33:38.0765 0x0cf4  C:\WINDOWS\system32\actxprxy.dll - ok
01:33:38.0765 0x0cf4  [ A439D729A44E7C04399A905E37C05CB7,

AD4A2D746A16BD498DAB6B72B986A441A890F2B81ABC0AD649D8157138155637 ]

C:\WINDOWS\system32\urlmon.dll
01:33:38.0765 0x0cf4  C:\WINDOWS\system32\urlmon.dll - ok
01:33:38.0781 0x0cf4  [ 4E3C58B30D49DE501485E444797F4816,

93D314AA8C67AB46342D8FA1ADF65B84131EC76DCF1061B536F6E5E63B74F75D ]

C:\WINDOWS\system32\cmd.exe
01:33:38.0781 0x0cf4  C:\WINDOWS\system32\cmd.exe - ok
01:33:38.0781 0x0cf4  [ 965171D089D48415EA5B607E049ABA68,

73E29B6902F3F37A1D2D6A8DC153352D8048D38F38A54A39E4864CD3D1E7776E ]

C:\WINDOWS\system32\ieframe.dll
01:33:38.0781 0x0cf4  C:\WINDOWS\system32\ieframe.dll - ok
01:33:38.0781 0x0cf4  [ 70E98B3FD8E963A6A46A2E6247E0BEA1,

6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ]

C:\WINDOWS\system32\drivers\parvdm.sys
01:33:38.0781 0x0cf4  C:\WINDOWS\system32\drivers\parvdm.sys - ok
01:33:38.0796 0x0cf4  [ D39C4A6ACB529BE4FFA5E49EECCBBC5B,

7603395B6CD312A5F87E796BD4B1C629430CDCF9ADE6F1C683F179E36A1A37A0 ]

C:\WINDOWS\system32\drivers\serial.sys
01:33:38.0796 0x0cf4  C:\WINDOWS\system32\drivers\serial.sys - ok
01:33:38.0796 0x0cf4  [ A437A28E5B21807583F2CE2AC5F76192,

574FD8B9C79E003D76F00AB1CD3E0ED38EAE94ED1B9BFB65AC07CA47409BEAEC ]

C:\WINDOWS\system32\alrsvc.dll
01:33:38.0796 0x0cf4  C:\WINDOWS\system32\alrsvc.dll - ok
01:33:38.0796 0x0cf4  [ D9FF0A70A51FB61F5ABD0CEA62749E03,

B58EC65F60F37D20CD727DE814A510EC90F5B67E8430F79E0D7D8C9C58DA74E3 ]

C:\WINDOWS\system32\qmgr.dll
01:33:38.0796 0x0cf4  C:\WINDOWS\system32\qmgr.dll - ok
01:33:38.0796 0x0cf4  [ 764609692A63D7EA9B7051B923900301,

6B043466B065BB2DED97B06F0071D86DA044EB4D9FEE4DC08A7D6D12BA28A15E ]

C:\WINDOWS\system32\clipsrv.exe
01:33:38.0796 0x0cf4  C:\WINDOWS\system32\clipsrv.exe - ok
01:33:38.0812 0x0cf4  [ 55194E8FB4E44D23202372C3C7B7D72B,

52FA2BD92CCBA9371F165DAAB51D8200ED9CBD7425C0B01E5A8E7150287E0134 ]

C:\WINDOWS\system32\shfolder.dll
01:33:38.0812 0x0cf4  C:\WINDOWS\system32\shfolder.dll - ok
01:33:38.0812 0x0cf4  [ 684559A03CBC1D05BA120A18B0D8BA5D,

7425F27C8EF8CEF26B071D7FD5FED538C74EF524AEF73E427B1781F3A3C16C42 ]

C:\WINDOWS\system32\winhttp.dll
01:33:38.0812 0x0cf4  C:\WINDOWS\system32\winhttp.dll - ok
01:33:38.0812 0x0cf4  [ A6F2589CD87CB2C53CA8B7F2BDC855DF,

4C3B247FFBB57F8F0AAC65EA1AB5B20DD5424868823D00CAD0A44A31872A59C1 ]

C:\WINDOWS\system32\netman.dll
01:33:38.0812 0x0cf4  C:\WINDOWS\system32\netman.dll - ok
01:33:38.0828 0x0cf4  [ AFE5D105FC25EB99528BF810F9026C75,

6F2FDBB3F6C5A0B83F7442D5C2B570E591DACCEF836FBA9E69283EE0DB273BBC ]

C:\WINDOWS\system32\netshell.dll
01:33:38.0828 0x0cf4  C:\WINDOWS\system32\netshell.dll - ok
01:33:38.0828 0x0cf4  [ 98B4D196C1E42219F8A65B1AEE612E45,

C67067DF7F5B29BA18015703D0F71F58EFEBE602034B7A499C2B793CC661B0ED ]

C:\WINDOWS\system32\credui.dll
01:33:38.0828 0x0cf4  C:\WINDOWS\system32\credui.dll - ok
01:33:38.0828 0x0cf4  [ 709C600D917BE54798084AE0A8759814,

F39B6A9D628FC7D5E2C4FA0EC3DEB44A49F3AEEA5394317306E441C4E1894760 ]

C:\WINDOWS\system32\dot3dlg.dll
01:33:38.0828 0x0cf4  C:\WINDOWS\system32\dot3dlg.dll - ok
01:33:38.0828 0x0cf4  [ FE712E0DFA25AA5E905195408C453705,

75FC8A3F9ABF0F2F6833EBAF1A0617017B58EEF68100B2548FDB99D2D828E28D ]

C:\WINDOWS\system32\eappcfg.dll
01:33:38.0828 0x0cf4  C:\WINDOWS\system32\eappcfg.dll - ok
01:33:38.0843 0x0cf4  [ E04D374CBE1693A2193953D7952E63CE,

CD5A81418A10435C7F30D26924B406F115D9272E48F20A55550E00F29CC81B5D ]

C:\WINDOWS\system32\onex.dll
01:33:38.0843 0x0cf4  C:\WINDOWS\system32\onex.dll - ok
01:33:38.0843 0x0cf4  [ 3D88DC443F22A52A791FD30E269F896F,

235010BDE4ECBD4855A95EB15E8A85248692814553CD3CB83C7CF654C4E41C73 ]

C:\WINDOWS\system32\eappprxy.dll
01:33:38.0843 0x0cf4  C:\WINDOWS\system32\eappprxy.dll - ok
01:33:38.0843 0x0cf4  [ D141974D6F4752478C3BEB94559F4955,

E8C903BF5FD414757E09B8B9252E9C0428BF093F190E6C712689C4D9A4344EDF ]

C:\WINDOWS\system32\wzcsapi.dll
01:33:38.0843 0x0cf4  C:\WINDOWS\system32\wzcsapi.dll - ok
01:33:38.0859 0x0cf4  [ 2CCE68E6EA824A6DDA99E020370F9A78,

EEDF3FF1BA5360E6FFCF37E2A3F009C97039EC8F28E0B310397FACBDCB750C33 ]

C:\WINDOWS\system32\certcli.dll
01:33:38.0859 0x0cf4  C:\WINDOWS\system32\certcli.dll - ok
01:33:38.0859 0x0cf4  [ F81F67B1ACA9B7473F3DF67B24A66D61,

40C04EE9E460D1B0B36ACB818CFB18F405788A1E01C88D880BB6588D8593AF2A ]

C:\WINDOWS\system32\cryptsvc.dll
01:33:38.0859 0x0cf4  C:\WINDOWS\system32\cryptsvc.dll - ok
01:33:38.0859 0x0cf4  [ 4CFF9FF7E1A6414B23D001100EEA5FF7,

8BE62E94687B39DA7FA7AD63677F999687FFA6CDC62C720F510E2A05D4201DCD ]

C:\WINDOWS\system32\dmserver.dll
01:33:38.0859 0x0cf4  C:\WINDOWS\system32\dmserver.dll - ok
01:33:38.0859 0x0cf4  [ C74E4CAD632295421255781787844C58,

50DAE9EC594FE82F2E5E1BB49F77224EF87A00CCB0E0B2D34A6BAB9143F3A2D7 ]

C:\WINDOWS\system32\ersvc.dll
01:33:38.0859 0x0cf4  C:\WINDOWS\system32\ersvc.dll - ok
01:33:38.0875 0x0cf4  [ D4991D98F2DB73C60D042F1AEF79EFAE,

58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ]

C:\WINDOWS\system32\es.dll
01:33:38.0875 0x0cf4  C:\WINDOWS\system32\es.dll - ok
01:33:38.0875 0x0cf4  [ 02763B58A5FBADC5A5EDED4C4797ADAB,

F58BA7570E8AF5895795E1C03025C0801D9A3B7D8385CDE0B4E0C24A4E79F095 ]

C:\WINDOWS\system32\FortiSSLVPNdaemon.exe
01:33:38.0875 0x0cf4  C:\WINDOWS\system32\FortiSSLVPNdaemon.exe - ok
01:33:38.0875 0x0cf4  [ 779F84028213F2014CEB7131F97FA515,

F31F8A383EFE64BEE840E07424AE26A666D0A2815CB080842DEDFB53D1CB25EA ]

C:\DOCUME~1\Boss\LOCALS~1\Temp\{1CE9F49D-309C-4D7E-A2C8-021AB0E3FD16}\{512

B5050-1315-45D4-9D90-CCE887257109}.exe
01:33:38.0875 0x0cf4  

C:\DOCUME~1\Boss\LOCALS~1\Temp\{1CE9F49D-309C-4D7E-A2C8-021AB0E3FD16}\{512

B5050-1315-45D4-9D90-CCE887257109}.exe - ok
01:33:38.0890 0x0cf4  [ 605CCC9CE1839BC5583017DF7CAE27A6,

F1F67830FC3531DFBDAF5315F59422438AB9F243D89491AC75D1818E7ED98B5D ]

C:\Program Files\Google\Update\GoogleUpdate.exe
01:33:38.0890 0x0cf4  C:\Program Files\Google\Update\GoogleUpdate.exe - ok
01:33:38.0890 0x0cf4  [ 0E3D30F8CDD82E7E64938459CA90D9F0,

8F84A3D4ED0FCEBD38A952A9ED865D24B1814714DAD3584E89D85D94F5F316D6 ]

C:\PROGRA~1\WINDOW~2\wmpband.dll
01:33:38.0890 0x0cf4  C:\PROGRA~1\WINDOW~2\wmpband.dll - ok
01:33:38.0890 0x0cf4  [ 0C783C8127AFC2F7DAE6A443ECEEA80E,

84BBC8494750395EA5F515616849E78F7CE47A67B5906EE5828CCBD61B8FF0AA ]

C:\WINDOWS\system32\msutb.dll
01:33:38.0890 0x0cf4  C:\WINDOWS\system32\msutb.dll - ok
01:33:38.0890 0x0cf4  [ 463A426DA94FC2418A713CEEBB799E22,

EAF6EDE3CC4EFB047CEDAD32A9B3C2A138AD872991E3BEE4F66DD8FBE08133B2 ]

C:\Program Files\Google\Update\1.3.33.17\goopdate.dll
01:33:38.0890 0x0cf4  C:\Program Files\Google\Update\1.3.33.17\goopdate.dll - ok
01:33:38.0906 0x0cf4  [ B604FE4E8C01FDF4DFABD10F59CC72FA,

9F4F8F3C12E007027C08D8D35CCA140E86268EA12007A018CBDD53951359BEA5 ]

C:\WINDOWS\system32\MSCTF.dll
01:33:38.0906 0x0cf4  C:\WINDOWS\system32\MSCTF.dll - ok
01:33:38.0906 0x0cf4  [ 6CF0030E5351075A8B69501A8FDA6ABF,

77265788588D34F156C2A922CB1FC2A258D054FF4D6281A5E486F46E2D98CC8A ]

C:\WINDOWS\system32\linkinfo.dll
01:33:38.0906 0x0cf4  C:\WINDOWS\system32\linkinfo.dll - ok
01:33:38.0906 0x0cf4  [ 1358ED8ED84017786B196CEF142731E7,

358DAC0AA46B7E2D33C066606C3D641D05320A1586A660085E98F5C64E8C19FC ]

C:\WINDOWS\system32\ntshrui.dll
01:33:38.0906 0x0cf4  C:\WINDOWS\system32\ntshrui.dll - ok
01:33:38.0921 0x0cf4  [ 712246FF455EEE9D17CA623B2A332C2D,

AC4E7901245C3CEA4FFEB429BAD88BF76A3B799044635E0E1B7B09F3D93E7F2A ]

C:\WINDOWS\system32\verclsid.exe
01:33:38.0921 0x0cf4  C:\WINDOWS\system32\verclsid.exe - ok
01:33:38.0921 0x0cf4  [ 81A1A3A6969BDC5D4FC56C7A3D68F2FF,

F0E255BA9E486F18BC8958A788EED9A8C42338BDE6DEB2864AC494DE12AEF694 ]

C:\WINDOWS\system32\dbghelp.dll
01:33:38.0921 0x0cf4  C:\WINDOWS\system32\dbghelp.dll - ok
01:33:38.0921 0x0cf4  [ 9C3B2302B60FB0EFB13BC880A5E3E93E,

16F32AB74A57B521FF431F2C36609DE5F6ABE0DCD3111B4954471DEED700A66B ]

C:\WINDOWS\system32\HDAShCut.exe
01:33:38.0921 0x0cf4  C:\WINDOWS\system32\HDAShCut.exe - ok
01:33:38.0921 0x0cf4  [ 0D034E8C4F88C5B2B0C1AF3CF438CC4F,

F44F9A6BBA0AE6D350F98CDBF2D5B09D56D9B1CF46F4CB9F50566232B32F8BAE ]

C:\WINDOWS\SoundMan.exe
01:33:38.0921 0x0cf4  C:\WINDOWS\SoundMan.exe - ok
01:33:38.0937 0x0cf4  [ ED7FB962F5EA840C27DF60AE4346A913,

60FE7FD0D5736011BCCAE74E41C5DF05F993600E140058295EB413512001825E ] C:\Program

Files\Citrix\ICA Client\redirector.exe
01:33:38.0937 0x0cf4  C:\Program Files\Citrix\ICA Client\redirector.exe - ok
01:33:38.0937 0x0cf4  [ EAB725D225382A73F1435EF7347CD3FB,

2EF49398BFE78673078AB7F1583DB8C8C3C863396484594B3CCFEAC84629432A ]

C:\WINDOWS\system32\HdAudRes.dll
01:33:38.0937 0x0cf4  C:\WINDOWS\system32\HdAudRes.dll - ok
01:33:38.0937 0x0cf4  [ 4B10675852FE8862521024778E264D5F,

5520A4D16517708807A01954DF977A790DDD1715B0CF90D48DCE490C5AF60455 ]

C:\WINDOWS\system32\igfxpers.exe
01:33:38.0937 0x0cf4  C:\WINDOWS\system32\igfxpers.exe - ok
01:33:38.0953 0x0cf4  [ 42344DDF30337979216EA6AFA58BB42A,

565EB63BE814F959BB0E547218C963B5ECA455A394455D411BD1889A66B31E54 ]

C:\WINDOWS\system32\hkcmd.exe
01:33:38.0953 0x0cf4  C:\WINDOWS\system32\hkcmd.exe - ok
01:33:38.0953 0x0cf4  [ 79B5A7857A31648F946AB82E73C1EA5E,

5BD262AC84B6774BBBC13882CBDB2AC772C8BB1F85E4652D39837E57B29D9194 ]

C:\WINDOWS\system32\hid.dll
01:33:38.0953 0x0cf4  C:\WINDOWS\system32\hid.dll - ok
01:33:38.0953 0x0cf4  [ BF0EE37A14144C88A9F6FDA7B44981BB,

91648E51C6DB3E61B3DFE196C878B33ED493C57218D3BB0374108DDC06990041 ]

C:\Program Files\Epson Software\Event Manager\EEventManager.exe
01:33:38.0953 0x0cf4  C:\Program Files\Epson Software\Event

Manager\EEventManager.exe - ok
01:33:38.0953 0x0cf4  [ F5CADBA8DC2E27D8C6E76E1C5E11B72E,

96368E528F6803EB530A67EC6558B40D1E19728181C70EAD78AC96BF14B3E27A ]

C:\WINDOWS\system32\browselc.dll
01:33:38.0953 0x0cf4  C:\WINDOWS\system32\browselc.dll - ok
01:33:38.0968 0x0cf4  [ 3EA40C03BB20A68F5F49798296112EF9,

7371AD8474007F4589BF08EA73BBDA0433EFA766D8358DDA25745D00415D31EC ]

C:\WINDOWS\system32\hccutils.dll
01:33:38.0968 0x0cf4  C:\WINDOWS\system32\hccutils.dll - ok
01:33:38.0968 0x0cf4  [ 87F20C71E9A429F7E5D1ABE486025F0E,

838873292CA958B2C05CA85ED228538CF46B21CCD83D241458A562BF1F445EFE ]

C:\Program Files\Citrix\ICA Client\CCMSDK.dll
01:33:38.0968 0x0cf4  C:\Program Files\Citrix\ICA Client\CCMSDK.dll - ok
01:33:38.0968 0x0cf4  [ 2C045AAE1F27DED48CECACBB613DB946,

45A184E4639EC51A1038CF639598865CBF1CD5ED492A955229D2EB924088FDB9 ]

C:\WINDOWS\system32\mlang.dll
01:33:38.0968 0x0cf4  C:\WINDOWS\system32\mlang.dll - ok
01:33:38.0968 0x0cf4  [ 9000FA63CFEAFDFD1D39655F8F111903,

866DEB075CDEFD40EA679DAADC97C07891D40392D6B6B34ACDAEF6CE68ED06A7 ]

C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
01:33:38.0968 0x0cf4  C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
01:33:38.0984 0x0cf4  [ 56296857059FA06E084AF9D0B1A9325D,

FD0629A486987126E0E47EBD936DECD1D4F50233E4636330875ABE73F6EF6C22 ]

C:\WINDOWS\system32\hidserv.dll
01:33:38.0984 0x0cf4  C:\WINDOWS\system32\hidserv.dll - ok
01:33:38.0984 0x0cf4  [ 0C422D003BB2EF1C98B4733C295B4F04,

DA1F484454D4EC80809AC301ED96683817D3AE4A6C26539B746582FD56C0B268 ]

C:\PROGRA~1\McAfee\SITEAD~1\McSACore.exe
01:33:38.0984 0x0cf4  C:\PROGRA~1\McAfee\SITEAD~1\McSACore.exe - ok
01:33:38.0984 0x0cf4  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527,

0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ]

C:\WINDOWS\system32\srvsvc.dll
01:33:38.0984 0x0cf4  C:\WINDOWS\system32\srvsvc.dll - ok


01:33:39.0000 0x0cf4  [ 476A0876C16D2CC3F5A46697CF37BEE7,

6860C50217C2E6A938915BC74D64B58A429A0C93410530B899F7F78014A9B714 ]

C:\WINDOWS\system32\igfxsrvc.exe
01:33:39.0000 0x0cf4  C:\WINDOWS\system32\igfxsrvc.exe - ok
01:33:39.0000 0x0cf4  [ 20FD44370267CCD0A64A1B31861C21D2,

D98194A17D1C63434EC6449742C10033F1B94D80826B20464519B1DD4DE1DB5F ]

C:\WINDOWS\system32\netmsg.dll
01:33:39.0000 0x0cf4  C:\WINDOWS\system32\netmsg.dll - ok
01:33:39.0000 0x0cf4  [ F0AD6FB996D4BE1E364934FA7A6BD094,

B747580F2D3211B3350368B59B418D8737F009A6D4D066897F60B670A0C33F4F ] C:\Program

Files\Citrix\ICA Client\concentr.exe
01:33:39.0000 0x0cf4  C:\Program Files\Citrix\ICA Client\concentr.exe - ok
01:33:39.0000 0x0cf4  [ 47DDFC2F003F7F9F0592C6874962A2E7,

17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ]

C:\WINDOWS\system32\drivers\srv.sys
01:33:39.0000 0x0cf4  C:\WINDOWS\system32\drivers\srv.sys - ok
01:33:39.0015 0x0cf4  [ 187F4C75A89E3F412322C94526320074,

D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ]

C:\Program Files\Microsoft Office\Office14\BCSSync.exe
01:33:39.0015 0x0cf4  C:\Program Files\Microsoft Office\Office14\BCSSync.exe - ok
01:33:39.0015 0x0cf4  [ 2031DCC0083A134AF9451CD1402FFCE3,

4E2646A5607C543648F9324A5B59FB389E683F6B652004A736B8FFAC7E0112CD ]

C:\Program Files\Epson Software\Event Manager\LcMgr.dll
01:33:39.0015 0x0cf4  C:\Program Files\Epson Software\Event Manager\LcMgr.dll - ok
01:33:39.0015 0x0cf4  [ EC05E964058693D1F71D1B5506B5CF09,

B1E126AA040800FEC99CAE2C675A225183D50A6F3D24262051A5FB5D96E61012 ]

C:\WINDOWS\alcwzrd.exe
01:33:39.0015 0x0cf4  C:\WINDOWS\alcwzrd.exe - ok
01:33:39.0031 0x0cf4  [ 5007E21208DA68F60EBF43352BDFE6D0,

698B6AB8260E05D6A2D168939E8D7F9F1CC1C78FDEC4F6B9D1A7289FD83C841B ]

C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
01:33:39.0031 0x0cf4  C:\Program Files\Common

Files\McAfee\Platform\McSvcHost\McSvHost.exe - ok
01:33:39.0031 0x0cf4  [ 08A73B0E7EE6E32983B5F9E540A8E380,

D9FC89B19C9131C2246D82942D5E6A09F20CB488C26EF007695F1CABB53C8F91 ]

C:\WINDOWS\system32\mscoree.dll
01:33:39.0031 0x0cf4  C:\WINDOWS\system32\mscoree.dll - ok
01:33:39.0031 0x0cf4  [ 8B4CBBA1EA526830C7F97E7822E2493A,

1DFD05B1C0050DB44F5B4293E5574BFC292AF804A63FC0A70131BB498C326977 ]

C:\WINDOWS\Alcmtr.exe
01:33:39.0031 0x0cf4  C:\WINDOWS\Alcmtr.exe - ok
01:33:39.0031 0x0cf4  [ FE8DBB071F3868C95A4F88025E188805,

97F349ED243068DC433E5CB4F5F3901388C7B226CB8518ECA79763336CDB2430 ]

C:\WINDOWS\system32\sti.dll
01:33:39.0031 0x0cf4  C:\WINDOWS\system32\sti.dll - ok
01:33:39.0046 0x0cf4  [ DBC8C303281D0D6D5421DB7EE2B200A1,

1B5B8AA57BF3F42370108280805E3BF17FF701552306F8DAB2D667FC8FA225E6 ] C:\Program

Files\Citrix\ICA Client\ctxmui.dll
01:33:39.0046 0x0cf4  C:\Program Files\Citrix\ICA Client\ctxmui.dll - ok
01:33:39.0046 0x0cf4  [ 48BE298F7FD1BEF4D8FBACB04D8D95C4,

D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ]

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
01:33:39.0046 0x0cf4  C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe -

ok
01:33:39.0046 0x0cf4  [ 900A3701405475E7651E6DCB4A0611DC,

3525764E6B1EE7987FD7512DE807AC3C52B7212FA408A92C3EF1C589B851BD14 ]

C:\WINDOWS\system32\dsound.dll
01:33:39.0046 0x0cf4  C:\WINDOWS\system32\dsound.dll - ok
01:33:39.0062 0x0cf4  [ ABD704750AE964284E8FE9227479F451,

7EA74FB5E59013D03CC49FF23ADDA971CF9675D9EDE2A10573EC8844CD4D0CB7 ]

C:\WINDOWS\system32\cfgmgr32.dll
01:33:39.0062 0x0cf4  C:\WINDOWS\system32\cfgmgr32.dll - ok
01:33:39.0062 0x0cf4  [ 841A401331B3EC5C5662517FFFD3EA12,

73C47415988E597DD31FCF9CEDFC63ACF621DC234BEB258D9908383126E0DC4C ]

C:\WINDOWS\system32\igfxsrvc.dll
01:33:39.0062 0x0cf4  C:\WINDOWS\system32\igfxsrvc.dll - ok
01:33:39.0062 0x0cf4  [ 0D2357A8BDA4790A5294F3F919AC8AB5,

2826644888F46C5D014314B3517E6E49283FE10E5943E8FF38B6BE4605A772DC ]

C:\WINDOWS\system32\cryptnet.dll
01:33:39.0062 0x0cf4  C:\WINDOWS\system32\cryptnet.dll - ok
01:33:39.0062 0x0cf4  [ BFC2A40FE739C453F5D02B7EEF41CA28,

1A28E8A09D494FFEF35385C0F3D0E712C29F698922DCFC038E0E2B2D627E9D78 ]

C:\WINDOWS\system32\igfxdev.dll
01:33:39.0062 0x0cf4  C:\WINDOWS\system32\igfxdev.dll - ok
01:33:39.0078 0x0cf4  [ 2431617F77D591AC79FF02A978C1CAC5,

9EA0CB5B87BE21E70518248AEE2424D3C0D08083E336AEC611761A3BB239F208 ]

C:\WINDOWS\system32\sensapi.dll
01:33:39.0078 0x0cf4  C:\WINDOWS\system32\sensapi.dll - ok
01:33:39.0078 0x0cf4  [ 84E54181481B72144672AF9C044DAC7B,

BCC4A7D3853C08976FA34B57CF3F8A5BB0349ED5B5D00D270610577C3E59DEB6 ]

C:\WINDOWS\system32\igfxres.dll
01:33:39.0078 0x0cf4  C:\WINDOWS\system32\igfxres.dll - ok
01:33:39.0078 0x0cf4  [ 6C718849D436A7CCEBED72538F8BD04B,

617DEF10FB5CD04434532E2803F07489A82494F76DC177E0CE7E8C70F66729C0 ]

C:\Program Files\Google\Update\1.3.33.17\GoogleCrashHandler.exe
01:33:39.0078 0x0cf4  C:\Program

Files\Google\Update\1.3.33.17\GoogleCrashHandler.exe - ok
01:33:39.0093 0x0cf4  [ 5169B13D265645241CBC1A633E35EB07,

826D55CF429A484BC169A2AB7E9B56A61EDB6FA243FB282FDBD109BE7F062C08 ]

C:\Program Files\Epson Software\Event Manager\ScanEngine30.dll
01:33:39.0093 0x0cf4  C:\Program Files\Epson Software\Event Manager\ScanEngine30.dll

- ok
01:33:39.0093 0x0cf4  [ E2A0F8FD51D821D2F0A2B7DFD38F5709,

DCE7A6706E1DC897D4FA5C344B9B7A6C7AE68F93364546A3392DEA63A2896A1C ]

C:\Program Files\Common Files\McAfee\Platform\McSvcHost\LogCntrl.dll
01:33:39.0093 0x0cf4  C:\Program Files\Common

Files\McAfee\Platform\McSvcHost\LogCntrl.dll - ok
01:33:39.0093 0x0cf4  [ 00C608CDFC203846B20EB12E2AB41F3A,

C67279A51C4ACFDF3DBEA0D006DE8DB67DA3F5B61D3B2B7D6F0E6EAB6C180A06 ]

C:\Program Files\McAfee.com\Agent\mcagent.exe
01:33:39.0093 0x0cf4  C:\Program Files\McAfee.com\Agent\mcagent.exe - ok
01:33:39.0093 0x0cf4  [ FCA6749F902E41ED78382FC008210141,

6F2F2E34A1E5C1A62C3D9F41F6081A331254DF143BEF9C8E070B5D450EA95870 ]

C:\Program Files\Epson Software\Event Manager\ScnMgr10.dll
01:33:39.0093 0x0cf4  C:\Program Files\Epson Software\Event Manager\ScnMgr10.dll - ok
01:33:39.0109 0x0cf4  [ 4C422B4954D348099C705E8DE4792D9C,

193BDA9E658BCE479A3EC0D382BAE6015E733816EED1645D90FAE53CA84DDE31 ]

C:\WINDOWS\system32\cabinet.dll
01:33:39.0109 0x0cf4  C:\WINDOWS\system32\cabinet.dll - ok
01:33:39.0109 0x0cf4  [ 55E84058EE13F6A1B43579C3E2F1B7FC,

C09F03EA32AAED8206A81AF924049721F91B617442E076391BBBDAEC9AF984E9 ]

C:\WINDOWS\system32\msftedit.dll
01:33:39.0109 0x0cf4  C:\WINDOWS\system32\msftedit.dll - ok
01:33:39.0109 0x0cf4  [ D3B20160C457F30B26FF3907F2A0FA42,

C18E4ECB8B4CCCCFF50D590C2165F59D0AC67D20C526D80F42A1E85066488F49 ]

C:\PROGRA~1\McAfee\SITEAD~1\SaSSHMod.dll
01:33:39.0109 0x0cf4  C:\PROGRA~1\McAfee\SITEAD~1\SaSSHMod.dll - ok
01:33:39.0125 0x0cf4  [ 31D0F1020BA9B007DC347F27E680AA84,

918C5CAB62C19CAC3DFB0CD8625E64028331218803C07F415AC16D20C6050C41 ]

C:\Program Files\Citrix\ICA Client\resource\en\ctxmuiUI.dll
01:33:39.0125 0x0cf4  C:\Program Files\Citrix\ICA Client\resource\en\ctxmuiUI.dll - ok
01:33:39.0125 0x0cf4  [ A8A86A8EF957899930F77FAC85D7651C,

289E1C0D9873E9D866EA096A8010E7EB780412D17AAA36F28E263318022F776B ]

C:\Program Files\Citrix\ICA Client\resource\en\concenUI.dll
01:33:39.0125 0x0cf4  C:\Program Files\Citrix\ICA Client\resource\en\concenUI.dll - ok
01:33:39.0125 0x0cf4  [ F6D0A852AF986198BF28D2255C71A532,

0A8C2A2E59F001CCD604A13A78F34F352AEB501A1624D4DCBDC441A9F8213037 ]

C:\WINDOWS\twain_32.dll
01:33:39.0125 0x0cf4  C:\WINDOWS\twain_32.dll - ok
01:33:39.0125 0x0cf4  [ F0374DF25BE9E004E29956C85EBAA1B4,

94E164272B8C174F9D64C347145595934F178F300AB882536035ACD651E3F200 ]

C:\PROGRA~1\COMMON~1\McAfee\Platform\mcutil.dll
01:33:39.0125 0x0cf4  C:\PROGRA~1\COMMON~1\McAfee\Platform\mcutil.dll - ok
01:33:39.0140 0x0cf4  [ 06F6DB72ADABC5E858F38EF69014CE52,

B4AEABF3EA6FCABBED879D642BA070DF9C244E28DB5BDC3211205C7B8DB97BFB ]

C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
01:33:39.0140 0x0cf4  C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE - ok
01:33:39.0140 0x0cf4  [ A3F00130A3177AF0A263AE640DFCFE4C,

C2577FB798DD7F84505F0F5BBAFE06754DBF69B3D8A07E795DFF2C44B6780653 ]

C:\WINDOWS\system32\ctfmon.exe
01:33:39.0140 0x0cf4  C:\WINDOWS\system32\ctfmon.exe - ok
01:33:39.0140 0x0cf4  [ 20616E7A9E9A1D231FD232FC3ACAE46D,

017D06196BFE0B1D71D4BAA5BDD716E8320C8F64882B512540DA8739B4CD0C4A ]

C:\Documents and Settings\Boss\Local Settings\Application Data\Amazon

Music\Amazon Music Helper.exe
01:33:39.0140 0x0cf4  C:\Documents and Settings\Boss\Local Settings\Application

Data\Amazon Music\Amazon Music Helper.exe - ok
01:33:39.0156 0x0cf4  [ 74557BFD04530E512DBB9C151C4DA110,

D199A72388A7770C37374BDF31D8EA88CDB576FAB62262CC8D3ECD05E70657E8 ]

C:\PROGRA~1\COMMON~1\McAfee\Platform\McUICnt.exe
01:33:39.0156 0x0cf4  C:\PROGRA~1\COMMON~1\McAfee\Platform\McUICnt.exe - ok
01:33:39.0156 0x0cf4  [ B7E6F9E557905F038D6EFD115B4FF618,

B70B3F452385E7BB845EAD97542C1C6631C7F6DA6DFB3019C477109D4F80B806 ]

C:\WINDOWS\system32\drivers\cdfs.sys
01:33:39.0156 0x0cf4  C:\WINDOWS\system32\drivers\cdfs.sys - ok
01:33:39.0156 0x0cf4  [ C6CB81DA0C5ECA52D83CBB3BCB62ADCA,

072C6B00987310838E306A07DA6C03DD5CFAA29BFA11790B81D081C1C6E70E77 ]

C:\WINDOWS\system32\webcheck.dll
01:33:39.0156 0x0cf4  C:\WINDOWS\system32\webcheck.dll - ok
01:33:39.0156 0x0cf4  [ B53E59A66CE2E2CCEB0897720B5879A8,

D68AE7535B208006B29FDFB8ABB18AD1BFC455C8F17A1F701CC3E2A0969EA5C7 ]

C:\WINDOWS\ime\SPTIP.dll
01:33:39.0156 0x0cf4  C:\WINDOWS\ime\SPTIP.dll - ok
01:33:39.0171 0x0cf4  [ F4F7C86191A981C804326E2EF6F3604F,

1ECE05E643AFFB27A148A8B86615F6C167875EF29D6FF7E2FD15B8DCBE6B8A16 ]

C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
01:33:39.0171 0x0cf4  C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe - ok
01:33:39.0171 0x0cf4  [ 317C54DCAB9EE29CD4B9F55D197A90D1,

050B753DD504324CA6F36DD825B588F8DBD586440FCDA438C49BFD11D6F176EA ]

C:\WINDOWS\system32\msisip.dll
01:33:39.0171 0x0cf4  C:\WINDOWS\system32\msisip.dll - ok
01:33:39.0171 0x0cf4  [ FCAFCF99B3FD96A004F54229A5155C46,

1D926FBB111FB4D731F61BCFCBF55C09CBBA28958877668B02FA533C25188BBE ]

C:\PROGRA~1\COMMON~1\McAfee\Platform\mcuifw.dll
01:33:39.0171 0x0cf4  C:\PROGRA~1\COMMON~1\McAfee\Platform\mcuifw.dll - ok
01:33:39.0187 0x0cf4  [ 67FCF51A75E283BA371E881982ACFABF,

C6E531163A533BD64FEA7C68A33A6DC9875C82BAA1DA988799E26490CDA1B6C6 ]

C:\WINDOWS\system32\stobject.dll
01:33:39.0187 0x0cf4  C:\WINDOWS\system32\stobject.dll - ok
01:33:39.0187 0x0cf4  [ F7FD3E11B1FABF54D265F739D121D848,

C4D687536374D9359A6DA583ECE3DE7422CC41D3A2F2A0A767D11DC8E7C7E962 ]

C:\WINDOWS\system32\batmeter.dll
01:33:39.0187 0x0cf4  C:\WINDOWS\system32\batmeter.dll - ok
01:33:39.0187 0x0cf4  [ 20200EE3CFE10E9F0C028D8653BE11C6,

3ACF2110D72509CBA3BF780C5D6D662BAFEEA6CA423BE8B0F97288B953127035 ]

C:\WINDOWS\system32\oleacc.dll
01:33:39.0187 0x0cf4  C:\WINDOWS\system32\oleacc.dll - ok
01:33:39.0203 0x0cf4  [ 3A6D465F379E5C815F4AD565391E654C,

EE40580ED71282B1D5D95752DD843DCC30689196B22051AF8CDF6127B985411E ]

C:\WINDOWS\system32\wshext.dll
01:33:39.0203 0x0cf4  C:\WINDOWS\system32\wshext.dll - ok
01:33:39.0203 0x0cf4  [ 045E228F71C31901084B64BE59093499,

BA463D9EC2C2D266A34DBAC542CFA0403BFB03DDF3037FBD043BB691A8E493FA ]

C:\WINDOWS\system32\WPDShServiceObj.dll
01:33:39.0203 0x0cf4  C:\WINDOWS\system32\WPDShServiceObj.dll - ok
01:33:39.0203 0x0cf4  [ 55985B314E1AB161AE54D63A732EE0EC,

8F2FD546991BAA324E515676BB07C722E9910811ACD52D99D436A133E4CDD535 ]

C:\WINDOWS\twain_32\escndv\nx130.ds
01:33:39.0203 0x0cf4  C:\WINDOWS\twain_32\escndv\nx130.ds - ok
01:33:39.0203 0x0cf4  [ 8C3885D48AC93E6C1BC33C18C47B66BB,

48320ECE80FBCBACB5B878CCC26A522A20A3A5FB24F1A024CACEE9A237477843 ]

C:\WINDOWS\twain_32\hpsj_0000\hpsj_0000.ds
01:33:39.0203 0x0cf4  C:\WINDOWS\twain_32\hpsj_0000\hpsj_0000.ds - ok
01:33:39.0218 0x0cf4  [ 4664ABADE37F75551CAB943EA6077946,

128493971AE2F0D3F4EE95B21CCC9BD9B33F7478B1936D13BC1704B3C8C42068 ]

C:\Program Files\Microsoft Office\Office14\1033\ospintl.dll
01:33:39.0218 0x0cf4  C:\Program Files\Microsoft Office\Office14\1033\ospintl.dll - ok
01:33:39.0218 0x0cf4  [ 70939CBCFD57DA39B62F925410B92D76,

864579A950F6D39F6B8509B4EA6D98BDD39C2742C7BFACB3849D1FF3883D2A3C ]

C:\Documents and Settings\Boss\Local Settings\Application

Data\Citrix\Receiver\WindowsAppRHelper_concentr.exe.dll
01:33:39.0218 0x0cf4  C:\Documents and Settings\Boss\Local Settings\Application

Data\Citrix\Receiver\WindowsAppRHelper_concentr.exe.dll - ok
01:33:39.0218 0x0cf4  [ 4D197238FDFAA5793D1B0961AAEF649A,

0BD4D2B2FAB316E2B6167CBA5029721EB5848087645EF44F2CCB09F1108383FD ] C:\Program

Files\Epson Software\Event Manager\Mfc42.dll
01:33:39.0218 0x0cf4  C:\Program Files\Epson Software\Event Manager\Mfc42.dll - ok
01:33:39.0218 0x0cf4  [ F3AD8EA144F411A6292775FA2B230DE5,

9494D77B6C1A35B9A39F4EC3AF3E1076CFABDEAF8C8F0FDF7019E9A5D41A6165 ]

C:\WINDOWS\system32\windowspowershell\v1.0\pwrshsip.dll
01:33:39.0218 0x0cf4  C:\WINDOWS\system32\windowspowershell\v1.0\pwrshsip.dll - ok
01:33:39.0234 0x0cf4  [ D262634491B717793E0113F7581C4A02,

CA3FFDD1C77E9D6ECA9CDC507629844B8C0FCEC15C81760046E9957A832CB858 ]

C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll
01:33:39.0234 0x0cf4  C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll - ok
01:33:39.0234 0x0cf4  [ 7BED8EE6F51C75D9FC335FCB1B155910,

AC368A3C23168F893ACF35D3228202C6325050D2084EDE57D42AFB92E8208A87 ]

C:\Program Files\Common Files\Microsoft Shared\OFFICE14\RICHED20.DLL
01:33:39.0234 0x0cf4  C:\Program Files\Common Files\Microsoft

Shared\OFFICE14\RICHED20.DLL - ok
01:33:39.0234 0x0cf4  [ B7899C3E21B299D7A3C0DA96CAE340BD,

8F61F7F1397772444A2DAD543230397EDF26FF0C6E92ADB89A0502A2B2156A00 ]

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
01:33:39.0234 0x0cf4  C:\Program Files\Common Files\Microsoft Shared\Windows

Live\WindowsLiveLogin.dll - ok
01:33:39.0250 0x0cf4  [ 29ECDA17BA5E6D98430F698587569ACC,

9C37D92CCBED1F9ED4E585F98E7FB17C6AD083712B078ABCB40476310BCDB7F8 ]

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.23084_

x-ww_f3f35550\GdiPlus.dll
01:33:39.0250 0x0cf4  

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.23084_

x-ww_f3f35550\GdiPlus.dll - ok
01:33:39.0250 0x0cf4  [ 944F5A8AD85A77340B0A435A1D50B271,

97936B925C8E690BC45C85C1C324A41513669C4979C74BABBFDE08511AF8471C ]

C:\WINDOWS\twain_32\wiatwain.ds
01:33:39.0250 0x0cf4  C:\WINDOWS\twain_32\wiatwain.ds - ok
01:33:39.0250 0x0cf4  [ 0CCF464CAE4C48EBF4872950BCF3779C,

4BACC49CB116CD4FE024DB8CDFF4BC3D74DE0A0BC446BB2D373ABD022D855224 ]

C:\WINDOWS\system32\wiadss.dll
01:33:39.0250 0x0cf4  C:\WINDOWS\system32\wiadss.dll - ok
01:33:39.0265 0x0cf4  [ 040563206B8B2EC9162C2CAC0DB5A239,

50EB2A4946FB7336D4DC93270DE7F1B7E5A9A55B014CFB7949A97702BD7C7D7F ]

C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
01:33:39.0265 0x0cf4  C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll -

ok
01:33:39.0281 0x0cf4  [ 99304F195EA03F36D18E0EB47F541D8A,

5EC361FE3D5AA80FB54D40046EB2A6E4597CE1E7458243AC247645295FDAE0B7 ]

C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSPTLS.DLL
01:33:39.0281 0x0cf4  C:\Program Files\Common Files\Microsoft

Shared\OFFICE14\MSPTLS.DLL - ok
01:33:39.0281 0x0cf4  [ 39FDD74DA37A0867C04D4B3EFDE9EF2B,

79BF9E07779E46F3A66A5EE3BBAEC3B1D738C9794736C8DAE53E02422E1F9E5B ]

C:\WINDOWS\system32\mydocs.dll
01:33:39.0281 0x0cf4  C:\WINDOWS\system32\mydocs.dll - ok
01:33:39.0281 0x0cf4  [ 75474DD8ED127828A3A1D4F71C5A497A,

BD7D1B29CBBA739ED8EA061C4FC99276FB6C632F39B6885C9D7E94BA3CD8FBD4 ]

C:\PROGRA~1\McAfee\SITEAD~1\saupkeep.dll
01:33:39.0281 0x0cf4  C:\PROGRA~1\McAfee\SITEAD~1\saupkeep.dll - ok
01:33:39.0296 0x0cf4  [ 22358578CB321F3325496A3723029409,

44535E0EFC20714CEF8FFAE51294CFC6AC53F12E464E048ECD92CDC2CA54A312 ]

C:\WINDOWS\system32\PortableDeviceTypes.dll
01:33:39.0296 0x0cf4  C:\WINDOWS\system32\PortableDeviceTypes.dll - ok
01:33:39.0296 0x0cf4  [ 39E458524EE1944EC1A5D6166DCF989D,

31DD5A3013BD3DD58F5CD6704EEA70033409C5F70A20B805343F6EB0E556D57D ]

C:\Program Files\McAfee\VirusScan\vsann.dll
01:33:39.0296 0x0cf4  C:\Program Files\McAfee\VirusScan\vsann.dll - ok
01:33:39.0296 0x0cf4  [ 9794492BBF08287A94B427D466D368D3,

0C9BD085603A50E6FD4C4D6CAEFB5F8FB59F3E4C27754059398A6D39CAF7DBC7 ]

C:\Program Files\McAfee\VirusScan\mcvsocfg.dll
01:33:39.0296 0x0cf4  C:\Program Files\McAfee\VirusScan\mcvsocfg.dll - ok
01:33:39.0312 0x0cf4  [ 571F38CFF87053ECEDCA3D2CDA963956,

83FB333B93B06B19FC6F753D1CDF1096966B302E0EE4C06F0E3F509773282A16 ]

C:\WINDOWS\system32\msgsvc.dll
01:33:39.0312 0x0cf4  C:\WINDOWS\system32\msgsvc.dll - ok
01:33:39.0312 0x0cf4  [ 9ECA2FA155897ED17E42AFC70F0CE01D,

D646CA71A99241D3E5C8A9521D5B18B17BB8F85115271C476FB0ED3E4A21987A ]

C:\WINDOWS\system32\mfevtps.exe
01:33:39.0312 0x0cf4  C:\WINDOWS\system32\mfevtps.exe - ok
01:33:39.0312 0x0cf4  [ 24CFF4697702785872313159EC2434A2,

E8181A4E991F8AB33DB4C0378606A10033FEA06115C432C55142699E502D486D ]

C:\Documents and Settings\All Users\Application Data\MobileBrServ\mbbService.exe
01:33:39.0312 0x0cf4  C:\Documents and Settings\All Users\Application

Data\MobileBrServ\mbbService.exe - ok
01:33:39.0312 0x0cf4  [ 9D45B2201D0ECF9F42136C7B99DEB8B2,

0251BE4C23EAACE2A9725243936C5E5AC4C0BCEE10EDE85017D91936FEE8CB31 ]

C:\WINDOWS\system32\PortableDeviceApi.dll
01:33:39.0312 0x0cf4  C:\WINDOWS\system32\PortableDeviceApi.dll - ok
01:33:39.0328 0x0cf4  [ 118931434C850C316C2DCDB1349BB10E,

5C1B368FE813EB0836C8A9B827813C4A961EE863038343769CC52F64A314A46F ]

C:\WINDOWS\system32\ksuser.dll
01:33:39.0328 0x0cf4  C:\WINDOWS\system32\ksuser.dll - ok
01:33:39.0328 0x0cf4  [ 34B480ABF60DC98C0BF3BFD89B7A5D90,

CBE651AF96BFCAB66E03CEB97BF59D06AABCFDD2973F8F2952C421D3C04074AB ]

C:\Program Files\McAfee\VirusScan\mcvsoshl.dll
01:33:39.0328 0x0cf4  C:\Program Files\McAfee\VirusScan\mcvsoshl.dll - ok
01:33:39.0328 0x0cf4  [ D34612C5D02D026535B3095D620626AE,

1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ]

C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication

Foundation\SMSvcHost.exe
01:33:39.0328 0x0cf4  C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows

Communication Foundation\SMSvcHost.exe - ok
01:33:39.0328 0x0cf4  [ EF22596B7C443716F5F97DCA1ED7A1E2,

A559E0DDD73A643F67297273B23D472EE855D5906E3F6CCBFF195A80F886A067 ]

C:\Program Files\Citrix\ICA Client\Receiver\Receiver.exe
01:33:39.0328 0x0cf4  C:\Program Files\Citrix\ICA Client\Receiver\Receiver.exe - ok
01:33:39.0343 0x0cf4  [ F2F6B9AFBF78583D17AEE268B18EDD22,

28C8C5C221EB54B66D8BA747E7F62AB1A5606A82A4DC8D0D3413767C7A6677F8 ]

C:\PROGRA~1\COMMON~1\McAfee\Platform\PLATFO~1.DLL
01:33:39.0343 0x0cf4  C:\PROGRA~1\COMMON~1\McAfee\Platform\PLATFO~1.DLL - ok
01:33:39.0343 0x0cf4  [ 72AD40A73635662717B036D51236BE06,

AA406F40D0656A3009F7C23F90F875BD2C0D45F6353D714A96645AB634ECAD5E ]

C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Csi.dll
01:33:39.0343 0x0cf4  C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Csi.dll

- ok
01:33:39.0343 0x0cf4  [ F18A83298348C2C25D08E5881E2CDD35,

9918519BDF3655BC61F59B209EDCC068F0D61AD4CC6464FDAEEA0A3C3B2AF20F ]

C:\WINDOWS\system32\duser.dll
01:33:39.0343 0x0cf4  C:\WINDOWS\system32\duser.dll - ok
01:33:39.0359 0x0cf4  [ FEB6F2493EB75F0BFCF23D7AD618C3AE,

8D2CA1B318DDCB36BDB8DAE30D577C680D46B4693B0500530941E351049D9F2C ]

C:\Program Files\Microsoft Office\Office14\GROOVE.EXE
01:33:39.0359 0x0cf4  C:\Program Files\Microsoft Office\Office14\GROOVE.EXE - ok
01:33:39.0359 0x0cf4  [ 60F36ED5A02B41F9F60CB29D88A9CD01,

15745EB7355A350C9414BBF2054155EDE054088EB17A8F121632EB3EB8AC72F0 ]

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
01:33:39.0359 0x0cf4  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll -

ok
01:33:39.0359 0x0cf4  [ 2D5AAFECAEE330D8A57C53D5FCC44F5F,

7C17228A65853EFA6268750E44036B63BB9363EA22AEEC16E7594ACB5BC95367 ]

C:\Program Files\Citrix\ICA Client\Receiver\Xerces-c_3_1.dll
01:33:39.0359 0x0cf4  C:\Program Files\Citrix\ICA Client\Receiver\Xerces-c_3_1.dll - ok
01:33:39.0359 0x0cf4  [ 11558DFC11B66284BD132A02DFFEA503,

E99F54C830B815097FE6E32687D703BF25665CC77DA88E8DB451000F70DD2298 ]

C:\PROGRA~1\McAfee\MSC\MCPRTM~1.DLL
01:33:39.0359 0x0cf4  C:\PROGRA~1\McAfee\MSC\MCPRTM~1.DLL - ok
01:33:39.0375 0x0cf4  [ EDC6DC4B25EEC0CDCC60A997BD6C781B,

484992EA5E8376278567DFAD9B106B7DEB9286EE357089997D105268C83311B1 ]

C:\Program Files\Microsoft Office\Office14\MSOHEVI.DLL
01:33:39.0375 0x0cf4  C:\Program Files\Microsoft Office\Office14\MSOHEVI.DLL - ok
01:33:39.0375 0x0cf4  [ 93D9C3D6D6F6F56F7DD08A19A9FD8951,

855B2288A0C1FC4C3A604F49B843B6DD222A48B859A4B8DE9882EA18A5925850 ]

C:\Program Files\Common Files\McAfee\Platform\McRTMui.dll
01:33:39.0375 0x0cf4  C:\Program Files\Common Files\McAfee\Platform\McRTMui.dll - ok
01:33:39.0375 0x0cf4  [ 944A7A08B0FF1E2720470C5A1CD10A69,

DAB1A9D18158D687271472C36B52EA5BF7B1E09FDB50B4BC4F22B4846E4568A8 ]

C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll
01:33:39.0375 0x0cf4  C:\Program Files\Common

Files\Adobe\Acrobat\ActiveX\pdfshell.dll - ok
01:33:39.0390 0x0cf4  [ C7A4C339D37BA8FDC7F492E0A4291FCD,

EDCB25C8E14382AEF4ED21C7DFBFDC5FC3973134E2C0E6CB8D145A80FA9E3ECE ]

C:\Program Files\Common Files\McAfee\Platform\LangSel.dll
01:33:39.0390 0x0cf4  C:\Program Files\Common Files\McAfee\Platform\LangSel.dll - ok
01:33:39.0390 0x0cf4  [ EFAAC839BAB1FCA26768913289BD3474,

C8F9F5C6C9AE706FE0C29BE246B7EA50EEAA7D9C50AE864BE9C98A18D8E967BC ]

C:\Program Files\Citrix\ICA Client\Receiver\ResourceKeeper.dll
01:33:39.0390 0x0cf4  C:\Program Files\Citrix\ICA Client\Receiver\ResourceKeeper.dll -

ok
01:33:39.0390 0x0cf4  [ 98AFAA462C5F08F44DC7AC09C6C327F3,

696714FA9C55C28ED274F2EDA3C55289851EBD670E2D933ADAD2E96F8BE5E8E1 ]

C:\Program Files\Citrix\ICA Client\Receiver\NativeMessageBox.dll
01:33:39.0390 0x0cf4  C:\Program Files\Citrix\ICA Client\Receiver\NativeMessageBox.dll -

ok
01:33:39.0406 0x0cf4  [ 09DEF3ABB6A196749299359AC5578DD8,

056D88D5A6E7C3D0C5EB1CB0C3EF3B03AB5E34D48E53121B674040804620A6FB ]

C:\WINDOWS\system32\msxml4.dll
01:33:39.0406 0x0cf4  C:\WINDOWS\system32\msxml4.dll - ok
01:33:39.0406 0x0cf4  [ 6A4BC7CDF2833063F79A9FF2CBD1A3B5,

654FAC4EE060823FEA5E0DC8EEA9EC283C1C0E12B7DA59C0E2BE5D047CE2CB4E ]

C:\Program Files\Citrix\ICA Client\Receiver\NativeSystrayUE.dll
01:33:39.0406 0x0cf4  C:\Program Files\Citrix\ICA Client\Receiver\NativeSystrayUE.dll - ok
01:33:39.0406 0x0cf4  [ D642715F68EFBF35869F8F24AD8E5E14,

4A97E21E9A35773EE07965FCA7D5C7A9C757F5AA2B293D7A5511A5C4539EF55D ]

C:\Program Files\Citrix\ICA Client\Receiver\ProgressNotification.dll
01:33:39.0406 0x0cf4  C:\Program Files\Citrix\ICA Client\Receiver\ProgressNotification.dll

- ok
01:33:39.0406 0x0cf4  [ 70939CBCFD57DA39B62F925410B92D76,

864579A950F6D39F6B8509B4EA6D98BDD39C2742C7BFACB3849D1FF3883D2A3C ]

C:\Program Files\Citrix\ICA Client\Receiver\WindowsAppRHelper.dll
01:33:39.0406 0x0cf4  C:\Program Files\Citrix\ICA

Client\Receiver\WindowsAppRHelper.dll - ok
01:33:39.0421 0x0cf4  [ 409E9E5357DAB450FB3C3A4BF2CE245B,

FC91546755AB3CF917432B9F32190408C35CB137468132D4ACE3FD2EAE05058A ]

C:\Program Files\Citrix\ICA Client\Receiver\Toaster.dll
01:33:39.0421 0x0cf4  C:\Program Files\Citrix\ICA Client\Receiver\Toaster.dll - ok
01:33:39.0421 0x0cf4  [ 5AF575F654377327F7FFB7DA8A1D5F23,

CEEF82AB016E37F8A5F4845467003B0A3682B6B480C688BE24ED9200B874F9EF ]

C:\WINDOWS\system32\dssenh.dll
01:33:39.0421 0x0cf4  C:\WINDOWS\system32\dssenh.dll - ok
01:33:39.0421 0x0cf4  [ 75235B10934331D3D23329B0CD92C85F,

8758E529978F686EA7752494C45FEDDFC0FF87634AFFAC99996CA8949F5E8183 ]

C:\WINDOWS\system32\upnp.dll
01:33:39.0421 0x0cf4  C:\WINDOWS\system32\upnp.dll - ok
01:33:39.0437 0x0cf4  [ A0CCABAD081ADFC1658DD6E1A454F065,

054656FA69FF97C9CA46EEF6F921CB19DCB5B37D0F109261E0371278448AFCC0 ]

C:\WINDOWS\system32\ssdpapi.dll
01:33:39.0437 0x0cf4  C:\WINDOWS\system32\ssdpapi.dll - ok
01:33:39.0437 0x0cf4  [ E027A6E99EF709AFD195FD6329224C47,

B31B85BF369DC36363B0E527AE3B8E95B33699D17D09C6313C43E7373A3E6874 ]

C:\DOCUME~1\Boss\LOCALS~1\Temp\{496EFA21-63AD-43AA-9CAB-A9741B614BC0}\{09

5CEF93-E357-4223-B54D-3F863BCF8C84}.tmp
01:33:39.0437 0x0cf4  

C:\DOCUME~1\Boss\LOCALS~1\Temp\{496EFA21-63AD-43AA-9CAB-A9741B614BC0}\{09

5CEF93-E357-4223-B54D-3F863BCF8C84}.tmp - ok
01:33:39.0437 0x0cf4  [ DDE302BAA0B7F48E0DE796EECBFC1670,

0AA2C03C4E997ADF449456F659AA31F2BE8643B31353B906B72E35872E1E8D0B ]

C:\Program Files\McAfee\MSC\mcoemres.dll
01:33:39.0437 0x0cf4  C:\Program Files\McAfee\MSC\mcoemres.dll - ok
01:33:39.0437 0x0cf4  [ 261B614C3FBFDA520D8BC35DE4335020,

2BFB40B3B48CCF45043D6A42C04DB6813C2A503E29380323C297B4B51BC4EFF2 ]

C:\Program Files\McAfee\MSC\oemui.dll
01:33:39.0437 0x0cf4  C:\Program Files\McAfee\MSC\oemui.dll - ok
01:33:39.0453 0x0cf4  [ 5CF697DECD07DC4858CA05CD55F70598,

8F01B947AAAAD6F3BDE23B3A7896A60A01E6F15763FBDDA2E5AE4B52DBC06BA2 ]

C:\Program Files\McAfee\MSC\mcprlres.dll
01:33:39.0453 0x0cf4  C:\Program Files\McAfee\MSC\mcprlres.dll - ok
01:33:39.0453 0x0cf4  [ AB67816718E5C65CC326BE56AC0B9E73,

D6F19026CB87C9BB5521D668B13347B68F297FCE34C5F1BFE530574B16ADB2D5 ]

C:\DOCUME~1\Boss\LOCALS~1\Temp\{496EFA21-63AD-43AA-9CAB-A9741B614BC0}\{7B

21440D-ABF7-41CA-A187-F8FF985285F1}.tmp
01:33:39.0453 0x0cf4  

C:\DOCUME~1\Boss\LOCALS~1\Temp\{496EFA21-63AD-43AA-9CAB-A9741B614BC0}\{7B

21440D-ABF7-41CA-A187-F8FF985285F1}.tmp - ok
01:33:39.0453 0x0cf4  [ 50D8D8247A966DE019DA9D006C7BB706,

E197FCD9FE7ED1E00194A088EDA39F13CC4D6F3FD6555CEB868B5A849A36CA73 ]

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\dae02331a443fb52216c

a83292cb2f21\mscorlib.ni.dll
01:33:39.0453 0x0cf4  

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\dae02331a443fb52216c

a83292cb2f21\mscorlib.ni.dll - ok
01:33:39.0468 0x0cf4  [ DF08B7602218FAE594A2120641DAF5F1,

083CA7BE30F1484B4606F01463514696C94E0006855646AF12672353B81745BD ] C:\Program

Files\Common Files\Microsoft Shared\OFFICE14\MSO.DLL
01:33:39.0468 0x0cf4  C:\Program Files\Common Files\Microsoft

Shared\OFFICE14\MSO.DLL - ok
01:33:39.0468 0x0cf4  [ 5D1BF8D62D85C962969D661382AF7C49,

4BE876D16BE35ADA3CA45D6843A8CC76560BEAE6383A9478011E71A9E49F08B9 ]

C:\DOCUME~1\Boss\LOCALS~1\Temp\{496EFA21-63AD-43AA-9CAB-A9741B614BC0}\{FD

54260A-2674-4A8F-BB5F-21F085E7FB91}.tmp
01:33:39.0468 0x0cf4  

C:\DOCUME~1\Boss\LOCALS~1\Temp\{496EFA21-63AD-43AA-9CAB-A9741B614BC0}\{FD

54260A-2674-4A8F-BB5F-21F085E7FB91}.tmp - ok
01:33:39.0468 0x0cf4  [ DC6DB08D85337C9675F94B01043279AE,

B09E491113F9E95F4EE00BB51BB21D4967BAC333C0DCD030A10AEA9B9E52032B ]

C:\DOCUME~1\Boss\LOCALS~1\Temp\{496EFA21-63AD-43AA-9CAB-A9741B614BC0}\{31

ECE76F-7750-466A-96B2-BA5D53709CC1}.tmp
01:33:39.0468 0x0cf4  

C:\DOCUME~1\Boss\LOCALS~1\Temp\{496EFA21-63AD-43AA-9CAB-A9741B614BC0}\{31

ECE76F-7750-466A-96B2-BA5D53709CC1}.tmp - ok
01:33:39.0468 0x0cf4  [ C74D46C1F542F5FEB9B7E1A8EC04986D,

FA83733A81BA8D96EDFD15C1914D5A6056D73C61540C8747E9AE1343DA47A63D ]

C:\DOCUME~1\Boss\LOCALS~1\Temp\{496EFA21-63AD-43AA-9CAB-A9741B614BC0}\{51

AE83EB-9EE4-4195-9087-906BD2120478}.tmp
01:33:39.0468 0x0cf4  

C:\DOCUME~1\Boss\LOCALS~1\Temp\{496EFA21-63AD-43AA-9CAB-A9741B614BC0}\{51

AE83EB-9EE4-4195-9087-906BD2120478}.tmp - ok
01:33:39.0484 0x0cf4  [ 7CF4CEEEEDF8C1B9F45656C28F594854,

D682C494D944844E3AFCFEA35EB758DC1ED7C7A55DF8630DB46F3FB8700D8985 ]

C:\Program Files\Common Files\McAfee\AMCore\McShieldClient.dll
01:33:39.0484 0x0cf4  C:\Program Files\Common

Files\McAfee\AMCore\McShieldClient.dll - ok
01:33:39.0484 0x0cf4  [ 517ECD823EB9A03368294C6C33A695D0,

7BA4EF2C5E9D15A4EE8ACC169CA233010DF8D1BC7088665E06C9E71BBA0CD40C ]

C:\DOCUME~1\Boss\LOCALS~1\Temp\{496EFA21-63AD-43AA-9CAB-A9741B614BC0}\{61

810FF7-FC7D-4BC3-B557-36035C5CD2F2}.tmp
01:33:39.0484 0x0cf4  

C:\DOCUME~1\Boss\LOCALS~1\Temp\{496EFA21-63AD-43AA-9CAB-A9741B614BC0}\{61

810FF7-FC7D-4BC3-B557-36035C5CD2F2}.tmp - ok
01:33:39.0484 0x0cf4  [ 3428F170E1953B4C4EA10A5F58B55908,

B554E04021472C3C2BBDED2B4BBB4F6648932356F8DA409A2A7F6AC02E54B306 ]

C:\DOCUME~1\Boss\LOCALS~1\Temp\{496EFA21-63AD-43AA-9CAB-A9741B614BC0}\{25

398B85-0334-4204-856B-1F4467E7D5F6}.tmp
01:33:39.0484 0x0cf4  

C:\DOCUME~1\Boss\LOCALS~1\Temp\{496EFA21-63AD-43AA-9CAB-A9741B614BC0}\{25

398B85-0334-4204-856B-1F4467E7D5F6}.tmp - ok
01:33:39.0484 0x0cf4  [ 67514C4C7C69EB3BCAE48F99EA963DE0,

58E79E0A4D3217A8F761E1D810B670822888E8E01B73EEB35287406A675EEF47 ]

C:\PROGRA~1\COMMON~1\McAfee\Platform\sqlite3.dll
01:33:39.0484 0x0cf4  C:\PROGRA~1\COMMON~1\McAfee\Platform\sqlite3.dll - ok
01:33:39.0500 0x0cf4  [ 8D80F5436BBEA238BD97AA98885D8B21,

8C595FDCB6F2CEA3B8AB26ED146D1A38CBC68C98BDEB40F2F23B5C1E79D68F19 ]

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\4b0455ae94e3cecca4bb3

ba8c96828c9\System.ni.dll
01:33:39.0500 0x0cf4  

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\4b0455ae94e3cecca4bb3

ba8c96828c9\System.ni.dll - ok
01:33:39.0500 0x0cf4  [ 09BF8BE6565A61C599A17D8882165F03,

190AD33A5FD36EA5F2A368A2EA18D21027532A203AAEFCAC3DC7CBB62FFB6C1D ]

C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\MSOINTL.DLL
01:33:39.0500 0x0cf4  C:\Program Files\Common Files\Microsoft

Shared\OFFICE14\1033\MSOINTL.DLL - ok
01:33:39.0500 0x0cf4  [ 00000000000000000000000000000000,

0000000000000000000000000000000000000000000000000000000000000000 ] C:\Program

Files\Common Files\Microsoft Shared\OFFICE14\MSORES.DLL
01:33:39.0500 0x0cf4  C:\Program Files\Common Files\Microsoft

Shared\OFFICE14\MSORES.DLL - ok
01:33:39.0515 0x0cf4  [ ADABAB8458E46048BB62FBDD4F7045FB,

D5496D0309D161DDF41B32AC1AE01E393BA71ACDDC0AADBEA67C5A328A08CF63 ]

C:\PROGRA~1\McAfee\MSC\McTelemetryAPI.dll
01:33:39.0515 0x0cf4  C:\PROGRA~1\McAfee\MSC\McTelemetryAPI.dll - ok
01:33:39.0515 0x0cf4  [ 96D681B7DE0BA6BFA1DC55915003CD05,

26CDA6A9A67F20A494F0EF3577D14F5DDA1F0D4428891DBD271A757833285939 ]

C:\DOCUME~1\Boss\LOCALS~1\Temp\{496EFA21-63AD-43AA-9CAB-A9741B614BC0}\{6F

67E945-7206-48C9-B2D2-6AE7322C967C}.tmp
01:33:39.0515 0x0cf4  

C:\DOCUME~1\Boss\LOCALS~1\Temp\{496EFA21-63AD-43AA-9CAB-A9741B614BC0}\{6F

67E945-7206-48C9-B2D2-6AE7322C967C}.tmp - ok
01:33:39.0515 0x0cf4  [ 4B334F7C0ECBA7A9F6B5A47D9FFEDD25,

999FFECAAFA6D313E584556B4F673BC53553FDB7239AB928A6F3687B59A4E59C ]

C:\PROGRA~1\McAfee\MSC\mclwapi.dll
01:33:39.0515 0x0cf4  C:\PROGRA~1\McAfee\MSC\mclwapi.dll - ok
01:33:39.0531 0x0cf4  [ 85D8D497E3CFCD66607DAD332378DE8B,

FEB2FF9315B41A7D13C9F3EB4CFDD612C951CA02330BC5A9129881E148769C7F ]

C:\DOCUME~1\Boss\LOCALS~1\Temp\{496EFA21-63AD-43AA-9CAB-A9741B614BC0}\{A1

C9F5EF-5EA1-4C6A-B438-51DD1571AAB0}.tmp
01:33:39.0531 0x0cf4  

C:\DOCUME~1\Boss\LOCALS~1\Temp\{496EFA21-63AD-43AA-9CAB-A9741B614BC0}\{A1

C9F5EF-5EA1-4C6A-B438-51DD1571AAB0}.tmp - ok
01:33:39.0531 0x0cf4  [ E0D990C3BDEC95F9163C9CEA73BD78CF,

19B97BE23FE7759B1BDA1276142644E036EEBBA6353EE166BA03053406D60F02 ]

C:\WINDOWS\system32\spoolss.dll
01:33:39.0531 0x0cf4  C:\WINDOWS\system32\spoolss.dll - ok
01:33:39.0531 0x0cf4  [ CD0DAF878147B723108C428370FF0355,

A5C3D8A516FD0A15DAAB442DA424E996112C355239B985413EAA4DC1FAB76303 ]

C:\DOCUME~1\Boss\LOCALS~1\Temp\{496EFA21-63AD-43AA-9CAB-A9741B614BC0}\{9F

769FE4-4FE8-4C21-852C-75842C036957}.tmp
01:33:39.0531 0x0cf4  

C:\DOCUME~1\Boss\LOCALS~1\Temp\{496EFA21-63AD-43AA-9CAB-A9741B614BC0}\{9F

769FE4-4FE8-4C21-852C-75842C036957}.tmp - ok
01:33:39.0531 0x0cf4  [ 5677DFE438EC1F009273FC84FEED6B10,

44B62CC4D138E13C22FC29E9751CB7ED0B0C6C8897A8E6469172F8642B0527BE ]

C:\WINDOWS\system32\localspl.dll
01:33:39.0531 0x0cf4  C:\WINDOWS\system32\localspl.dll - ok
01:33:39.0546 0x0cf4  [ 3EA5261F8FE8FF74874819053AC14466,

D2240A7529B3C9CD8F03F883135E67B2B9CE9A50AB2DD9E923510B36542C8613 ]

C:\WINDOWS\system32\cnbjmon.dll
01:33:39.0546 0x0cf4  C:\WINDOWS\system32\cnbjmon.dll - ok
01:33:39.0546 0x0cf4  [ 2D4744FF25906C84E47ED702A14CCEB5,

A344086E59D4AAA65B1EB270B585AA47A0A7EF499B2BF69A19341952F8BFD917 ]

C:\WINDOWS\system32\E_FLBHJE.DLL
01:33:39.0546 0x0cf4  C:\WINDOWS\system32\E_FLBHJE.DLL - ok
01:33:39.0546 0x0cf4  [ 4BCC428872F88E40947C18E6CB6BC273,

BB35CE7A801CDC717236FC3FDF839E6C302C801B8765902330CAD16D640C315B ]

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SMSvcHost\0858a864485f468a88c

becb1c8a5e9fc\SMSvcHost.ni.exe
01:33:39.0546 0x0cf4  

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SMSvcHost\0858a864485f468a88c

becb1c8a5e9fc\SMSvcHost.ni.exe - ok
01:33:39.0562 0x0cf4  [ F69FEE651241D77D5F6BBE89FBFD5F5C,

2EC4466C49639DF3C95127EF4AD3E4A2E5A28A6AB2DB00B519013C0BC355F64D ]

C:\WINDOWS\system32\hpinkstsCE11LM.dll
01:33:39.0562 0x0cf4  C:\WINDOWS\system32\hpinkstsCE11LM.dll - ok
01:33:39.0562 0x0cf4  [ A64F876BC373F97C8AAB613082206C53,

C972B394F8FAB3111151D73F84020E3E5EBDD44678B409D18F4C6AC715D55717 ]

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\ff1a0afc7a73669bc

a0ac4dffd8ee7c4\SMDiagnostics.ni.dll
01:33:39.0562 0x0cf4  

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\ff1a0afc7a73669bc

a0ac4dffd8ee7c4\SMDiagnostics.ni.dll - ok
01:33:39.0562 0x0cf4  [ A2973A14FD05F6A5BD61F3528DFAE922,

A4DE8166DC9655D6471B35B35861DF9067FB832046FA33DE7804F7BA3242481D ]

C:\WINDOWS\system32\hpzsnt12.dll
01:33:39.0562 0x0cf4  C:\WINDOWS\system32\hpzsnt12.dll - ok
01:33:39.0562 0x0cf4  [ 7EEF92697C962900B1298F28673D3E0B,

0E78667E3C1A1EFC34E5860AF11FD0C3AFA765A85E6E523C3DA003D2C71C20D7 ]

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8cd995f008

48816e3ec49dc326e3d49b\System.ServiceProcess.ni.dll
01:33:39.0562 0x0cf4  

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8cd995f008

48816e3ec49dc326e3d49b\System.ServiceProcess.ni.dll - ok
01:33:39.0578 0x0cf4  [ 8431721B2E8DD6668CD36B3F4C6336DB,

281C07F1595D3FA04F46FBC99DCB9A554836B9517A5745998B644C3BA1325D9C ]

C:\WINDOWS\system32\pjlmon.dll
01:33:39.0578 0x0cf4  C:\WINDOWS\system32\pjlmon.dll - ok
01:33:39.0578 0x0cf4  [ E952CC82F0382B1F0AE3433B07A1B470,

21F2633DD09E37574E45CDFE94E400761C658469CE9AFEC284F1A4557372319C ]

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\80743209bc

c0a3af8305acd51569b483\System.ServiceModel.ni.dll
01:33:39.0578 0x0cf4  

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\80743209bc

c0a3af8305acd51569b483\System.ServiceModel.ni.dll - ok
01:33:39.0578 0x0cf4  [ 52893E7BAE3BDF35DBC834B7AA19F203,

04476C98F40CABA12480B31CAD31EDCF421532C383FD1D4F75A8B6EE5D6CA5C6 ]

C:\WINDOWS\system32\tcpmon.dll
01:33:39.0578 0x0cf4  C:\WINDOWS\system32\tcpmon.dll - ok
01:33:39.0593 0x0cf4  [ 83ABE6A441DD301AF90CD41EF2A377EB,

7CDBCA03DB57BC6026ED072E4DEF61A1E9BD4ED5F035D0E8F290E3D5414911B8 ]

C:\WINDOWS\system32\usbmon.dll
01:33:39.0593 0x0cf4  C:\WINDOWS\system32\usbmon.dll - ok
01:33:39.0593 0x0cf4  [ EEE7F12D9FF46F68FBC0DA059A359E9E,

1D0D5AC87ACDF3F041D9C31A92BFE7B1B81CBAD81F8F7CE8183FC3F61CAFF8CC ]

C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
01:33:39.0593 0x0cf4  

C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
01:33:39.0593 0x0cf4  [ 1D9C3D7A1F8838E6280FA3F7D1FE4ED8,

0BD922965118D54D1027CDB628FA0DFB7AD1D6DF0910C80DB3F140C9255101D8 ]

C:\Program Files\Common Files\Microsoft

Shared\OfficeSoftwareProtectionPlatform\OSPPC.DLL
01:33:39.0593 0x0cf4  C:\Program Files\Common Files\Microsoft

Shared\OfficeSoftwareProtectionPlatform\OSPPC.DLL - ok
01:33:39.0609 0x0cf4  [ 8D05E96BEA9A17743BEC4F9DAD967080,

C32BB2DBFB7134F5077592ACB3AAED40BFD9685219D6D1626B37B296A0828D0B ]

C:\WINDOWS\system32\win32spl.dll
01:33:39.0609 0x0cf4  C:\WINDOWS\system32\win32spl.dll - ok
01:33:39.0609 0x0cf4  [ 38C225B607DB9277C5941512A858506C,

14B16BC0E426651B256F17AC540F9E008C4A2928540D1F4518FD8BE2C47FFF94 ]

C:\WINDOWS\system32\netrap.dll
01:33:39.0609 0x0cf4  C:\WINDOWS\system32\netrap.dll - ok
01:33:39.0609 0x0cf4  [ 569C2891D7BFA5DAE2EF466A0DB369CB,

500AF65FA861AFC05D0418DCA33EB2E781261B59592643907FD8B4E43BE67DD5 ]

C:\WINDOWS\system32\inetpp.dll
01:33:39.0609 0x0cf4  C:\WINDOWS\system32\inetpp.dll - ok
01:33:39.0609 0x0cf4  [ 667A1CD2CF247E1F7E17FEF747FADD94,

7B43DCA3A720F0803B96A268E8B8B4ACF181784476353BFD52681C1FDF2BD3D9 ]

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\184f0202841

84651f03aa3cbc2bbccb6\System.IdentityModel.ni.dll
01:33:39.0609 0x0cf4  

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\184f0202841

84651f03aa3cbc2bbccb6\System.IdentityModel.ni.dll - ok
01:33:39.0625 0x0cf4  [ F75FCFB7AEDD50DAF38EA7F53F751B98,

EC2AE798FFF3288B4CA1B85EA6D4EFFDAA7E10CFBFE337EFF630852DB36D142B ]

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\4b6e70acd

99dc22e29b7fc8f9ac340c4\System.Configuration.ni.dll
01:33:39.0625 0x0cf4  

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\4b6e70acd

99dc22e29b7fc8f9ac340c4\System.Configuration.ni.dll - ok
01:33:39.0625 0x0cf4  [ 9D84376931440F3679BEEF2A414FA493,

C800227A67C3C10A26114DB54F5390D2A475D36BE65E87CB890A6819B0BB4884 ]

C:\WINDOWS\system32\HPZipm12.exe
01:33:39.0625 0x0cf4  C:\WINDOWS\system32\HPZipm12.exe - ok
01:33:39.0625 0x0cf4  [ 4B83FCBBE72AF5F99D109798653E8B78,

E646F6D365392890A3618D54D25EC4E1182400C4FF258158DBA24F814BC8C990 ]

C:\WINDOWS\system32\ipxsap.dll
01:33:39.0625 0x0cf4  C:\WINDOWS\system32\ipxsap.dll - ok
01:33:39.0640 0x0cf4  [ B92A85618A470F4406CEE8785CE89B4F,

AE410CB0DE68E7FA408C3749E55401512F8BAA7414BF6B9042D7ECEC49FFBA04 ]

C:\WINDOWS\system32\rtm.dll
01:33:39.0640 0x0cf4  C:\WINDOWS\system32\rtm.dll - ok
01:33:39.0640 0x0cf4  [ D05AB88927849DF74CF4F1C303DAEB4F,

5E80CFAC3818FF04959BEB6AADCA7CFB5AF477FB917E44C9E5AF4C78299FD154 ]

C:\WINDOWS\system32\adptif.dll
01:33:39.0640 0x0cf4  C:\WINDOWS\system32\adptif.dll - ok
01:33:39.0640 0x0cf4  [ 492EDE030195B1C41B046FB46D30A2C3,

8B7737EC9C4D0A65A8DFFE905533279889AE61849DA5F0F04A2C38C01B865C83 ]

C:\WINDOWS\system32\ipsecsvc.dll
01:33:39.0640 0x0cf4  C:\WINDOWS\system32\ipsecsvc.dll - ok
01:33:39.0640 0x0cf4  [ 584C4DA856450CB22EBBE7A68CC6250F,

56030767CFD2DAFDAE8CC767DC1EED39DD2E6E42152BFAE7904C2C8826B2C3E2 ]

C:\WINDOWS\system32\oakley.dll
01:33:39.0640 0x0cf4  C:\WINDOWS\system32\oakley.dll - ok
01:33:39.0656 0x0cf4  [ 7653843D86E779F4265C68C5E10FA923,

D43936100D5D79C3BC52251338599B106D7824106EECC023EE9AD7DB588DD948 ]

C:\WINDOWS\system32\winipsec.dll
01:33:39.0656 0x0cf4  C:\WINDOWS\system32\winipsec.dll - ok
01:33:39.0656 0x0cf4  [ 68D7E81F8BD290A937A925F99C8DA289,

5472F446969A9647D1443F84BFE2BF6200353672A02ADD0ACB486D46D8E274F1 ]

C:\WINDOWS\system32\pstorsvc.dll
01:33:39.0656 0x0cf4  C:\WINDOWS\system32\pstorsvc.dll - ok
01:33:39.0656 0x0cf4  [ 7A11E5CDF3F6FCDFDEA885B5889B2369,

C1C12852786FDAEA478001E3B2FFE85EB8220C387772DB05BDA8781E9BA412EC ]

C:\WINDOWS\system32\mprdim.dll
01:33:39.0656 0x0cf4  C:\WINDOWS\system32\mprdim.dll - ok
01:33:39.0671 0x0cf4  [ 14EB586446F5A6C17CCC685DDA3B91BE,

707F8F0D8A742A5E6E984C8AC69E115A9A8223ECFBF20929ECF08F1F3BA18CF4 ]

C:\WINDOWS\system32\regsvc.dll
01:33:39.0671 0x0cf4  C:\WINDOWS\system32\regsvc.dll - ok
01:33:39.0671 0x0cf4  [ 625C6AAB87950EA4936C3AADF28263F9,

169BADE8622C435FB7867E4E6F029E4B9297AF42624F1FC65DEAD3089B59AA64 ]

C:\WINDOWS\system32\psbase.dll
01:33:39.0671 0x0cf4  C:\WINDOWS\system32\psbase.dll - ok
01:33:39.0671 0x0cf4  [ F11FD54B991831EE3E64D677008F862F,

EB24675DF3018CE61F560DF555E88A8DC0E63C22F76996DB2D3E72E8428294DD ]

C:\WINDOWS\system32\seclogon.dll
01:33:39.0671 0x0cf4  C:\WINDOWS\system32\seclogon.dll - ok
01:33:39.0671 0x0cf4  [ C48C9775ADF79320DE07A354D3F2FA48,

D6CAE90ED5149DE44071B7D115EE6A686081D0AC519D5613D4E2BDC80D300445 ]

C:\WINDOWS\system32\srsvc.dll
01:33:39.0671 0x0cf4  C:\WINDOWS\system32\srsvc.dll - ok
01:33:39.0687 0x0cf4  [ DA3F1F670F4BFD9258BE48B1B634BBEC,

E9123EA8134027BE3A8F932168E479988462C2C2DF16E9336DF48E0A7D4AC2B1 ]

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\7faf645dc46781225cb

722edf9e1e738\System.Xml.ni.dll
01:33:39.0687 0x0cf4  

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\7faf645dc46781225cb

722edf9e1e738\System.Xml.ni.dll - ok
01:33:39.0687 0x0cf4  [ C9B32143E92AF77211D2D520180C45C0,

F8D9634931D77095B11BC87E3DF65206D3682C1039D3967A38D63350D4C94DF0 ]

C:\WINDOWS\system32\iprtrmgr.dll
01:33:39.0687 0x0cf4  C:\WINDOWS\system32\iprtrmgr.dll - ok
01:33:39.0687 0x0cf4  [ B5247F381EC1E2C568421F182867EC8A,

04F17C68268F581CBFE971E26A137929A7E712BD3B1D9AC4B432EE5D5C27A50D ]

C:\WINDOWS\system32\iprtprio.dll
01:33:39.0687 0x0cf4  C:\WINDOWS\system32\iprtprio.dll - ok
01:33:39.0703 0x0cf4  [ 8A85AE71E0B5B01E565582B8DA6A70B3,

06A2CFB7176FD47DBA7122F2C3DC4FD77FE9E12A0058E2022BC48072FBEBE3EA ]

C:\WINDOWS\system32\sens.dll
01:33:39.0703 0x0cf4  C:\WINDOWS\system32\sens.dll - ok
01:33:39.0703 0x0cf4  [ EB255169EDF1FABC69DF70498C8840E0,

85F2479C4ECD1D7AC0BD9EEB3699F49ABCFAB0F4EFC9CD52425070A0E1CFB3E7 ]

C:\WINDOWS\system32\ipxrtmgr.dll
01:33:39.0703 0x0cf4  C:\WINDOWS\system32\ipxrtmgr.dll - ok
01:33:39.0703 0x0cf4  [ 51FB761031E14B1FA7AFDA9E01C22A1E,

CC3D6F577EB7881D55E957AAD364E4F58433E8D9E4286DF95E9E1EBCA9A87E8A ]

C:\WINDOWS\system32\tlntsvr.exe
01:33:39.0703 0x0cf4  C:\WINDOWS\system32\tlntsvr.exe - ok
01:33:39.0703 0x0cf4  [ CC01384090411493D4F5439D0C70716B,

F4E2B5CE16510AD143E95D384B3308105BAEB6228018A32948F4EF4D119F2771 ]

C:\WINDOWS\system32\wiaservc.dll
01:33:39.0703 0x0cf4  C:\WINDOWS\system32\wiaservc.dll - ok
01:33:39.0718 0x0cf4  [ ACBEC106AFD0BAA406433897AF16DDDB,

2F4A020881DDA1868E8F0924428AB3E2731628B08CADD856E5923D81DE5D8A1A ]

C:\WINDOWS\system32\rasppp.dll
01:33:39.0718 0x0cf4  C:\WINDOWS\system32\rasppp.dll - ok
01:33:39.0718 0x0cf4  [ C59BF15DFEDD6D11A91A0CE7B228F65D,

40AADD4EF9171D8A1D68A946BC839F5B55E26CA70D8475D55AF335A544EF09AE ]

C:\WINDOWS\system32\ntlsapi.dll
01:33:39.0718 0x0cf4  C:\WINDOWS\system32\ntlsapi.dll - ok
01:33:39.0718 0x0cf4  [ 6B76E67D6E1BA202757F9967646AC5CB,

21312D98F9103506D51E02527053E67EF85C154A39B77417A44A7E645490CCCA ]

C:\WINDOWS\system32\regsvr32.exe
01:33:39.0718 0x0cf4  C:\WINDOWS\system32\regsvr32.exe - ok
01:33:39.0734 0x0cf4  [ 1C968E4691B63F5B86C4C65C12D7D206,

55BCF8CC630185793A9DEA39431E3A7514E7B0C33C10D80BD1D14BDA3CE65885 ]

C:\WINDOWS\system32\trkwks.dll
01:33:39.0734 0x0cf4  C:\WINDOWS\system32\trkwks.dll - ok
01:33:39.0734 0x0cf4  [ 4AC2FA4A6F0DF2511BAC13393C06EFF1,

502B9D43EB6305508E8CDF034528C3F1DDF4525727C1B7663EA835BE2307FF20 ]

C:\WINDOWS\system32\mscms.dll
01:33:39.0734 0x0cf4  C:\WINDOWS\system32\mscms.dll - ok
01:33:39.0734 0x0cf4  [ 01248E6223FEBF6E0D087665C8F0DCDD,

5BEF0DB809B7A173694AD21CA4D1B32B82B05B2B8A898675CFE60784265C1AF4 ]

C:\WINDOWS\system32\ipxwan.dll
01:33:39.0734 0x0cf4  C:\WINDOWS\system32\ipxwan.dll - ok
01:33:39.0734 0x0cf4  [ 6A5011B6CDC97EFB2624DC84CEEE10A0,

78DA902E8EF669ED1C4100734AD8F2F65A37C621F1579078CAF2B5EB67CAAF14 ]

C:\WINDOWS\system32\wbem\wmisvc.dll
01:33:39.0734 0x0cf4  C:\WINDOWS\system32\wbem\wmisvc.dll - ok
01:33:39.0750 0x0cf4  [ 2572A5452E06D761C0BCFFBE1FA417AA,

E326D6C012F5046CEBBAECB361B647F084AE3887113E9B669E08C43352CF7D5B ]

C:\WINDOWS\system32\vssapi.dll
01:33:39.0750 0x0cf4  C:\WINDOWS\system32\vssapi.dll - ok
01:33:39.0750 0x0cf4  [ 16B115E3706F493BE99FCA5D75EE54CF,

CAEC1D17894EBBE303A23BD33B6E9DB9EFB670E31C7393812BCFB8B418FCD816 ]

C:\Program Files\McAfee\MSC\McAPExe.exe
01:33:39.0750 0x0cf4  C:\Program Files\McAfee\MSC\McAPExe.exe - ok
01:33:39.0750 0x0cf4  [ 9DB8A88FAA38E78641C415672158D696,

580FDE63C2CA9AB299F349B1F477BCCC27D804F36C1B1A0A96EC47FBB38259FE ]

C:\WINDOWS\system32\tlntsvrp.dll
01:33:39.0750 0x0cf4  C:\WINDOWS\system32\tlntsvrp.dll - ok
01:33:39.0765 0x0cf4  [ E30103A209E0E0316E9B12B9C43F8063,

4BBA45946AF83BDAF167D43AEA9C8CCBF7F4E5A07E2E431AFB9863D0ECE83171 ]

C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
01:33:39.0765 0x0cf4  C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe -

ok
01:33:39.0765 0x0cf4  [ 314DFA40C0A57C45E3AD80EB4DA31DEC,

F85691018259ABA656948321A7E2F2574BE9D510AC20059818DD3F6794846A7D ]

C:\Program Files\Common Files\McAfee\SystemCore\mfeapfa.dll
01:33:39.0765 0x0cf4  C:\Program Files\Common Files\McAfee\SystemCore\mfeapfa.dll -

ok
01:33:39.0765 0x0cf4  [ C3200506FB212A0F4FB736A80E646C40,

19D041704CB052BD52BD0DFD70E66E7A55EDEE56888DEEF56A9739476AF91944 ]

C:\WINDOWS\system32\lz32.dll
01:33:39.0765 0x0cf4  C:\WINDOWS\system32\lz32.dll - ok
01:33:39.0765 0x0cf4  [ 403FE61338A08024118DF2D317E6791A,

36662196F90AC1C3B11390912671AD52A27850C28E58E33F475A205F8D3DF84C ]

C:\Program Files\Common Files\McAfee\SystemCore\mfehida.dll
01:33:39.0765 0x0cf4  C:\Program Files\Common Files\McAfee\SystemCore\mfehida.dll -

ok
01:33:39.0781 0x0cf4  [ BD40B4F2E6282ADABE9D82E963DB42FB,

B35E94445B0178D750F9CFE0A260E576DCB0DD280E8B00F0767568C170690073 ]

C:\WINDOWS\system32\drivers\mfeapfk.sys
01:33:39.0781 0x0cf4  C:\WINDOWS\system32\drivers\mfeapfk.sys - ok
01:33:39.0781 0x0cf4  [ CFD4E51402DA9838B5A04AE680AF54A0,

5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ]

C:\WINDOWS\system32\browser.dll
01:33:39.0781 0x0cf4  C:\WINDOWS\system32\browser.dll - ok
01:33:39.0781 0x0cf4  [ FC3EC24FCE372C89423E015A2AC1A31E,

8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ]

C:\WINDOWS\system32\wuaueng.dll
01:33:39.0781 0x0cf4  C:\WINDOWS\system32\wuaueng.dll - ok
01:33:39.0781 0x0cf4  [ D17E3330856C16B51651F9431FE197AC,

D0DAB5ABED706DDEC7817D7FA8B7D753A69D24BE41FA7CA42C61C2C3FC79735B ]

C:\WINDOWS\system32\wuauserv.dll
01:33:39.0781 0x0cf4  C:\WINDOWS\system32\wuauserv.dll - ok
01:33:39.0796 0x0cf4  [ B32BCECCE79C398E595314EB34352FB4,

6975D1FD8E12C9A8A825548C5872711B82DEA66A1A9E9AA416617A23A5D51EA6 ]

C:\Program Files\Common Files\McAfee\SystemCore\mfeavfa.dll
01:33:39.0796 0x0cf4  C:\Program Files\Common Files\McAfee\SystemCore\mfeavfa.dll -

ok
01:33:39.0796 0x0cf4  [ AFED369B26E5B30B0A9F88BB602D7D26,

1F6C96F1FB583F066CB42E01ADE9EBD6B04BFAAE645B441ADDD8958100F37CD4 ]

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\9860da66bf

0219612908e7412b0a6e2e\System.Runtime.Serialization.ni.dll
01:33:39.0796 0x0cf4  

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\9860da66bf

0219612908e7412b0a6e2e\System.Runtime.Serialization.ni.dll - ok
01:33:39.0796 0x0cf4  [ 646B73E3115C6D17AA971D67C5AE6CDF,

9C83212D3EA43FB1E8558C0A55013D38AC03F9D2633D59AA497FE505B00D898D ]

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\f0b0625c2db624ba9

c97ad1b12490d79\System.Web.ni.dll
01:33:39.0796 0x0cf4  

C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\f0b0625c2db624ba9

c97ad1b12490d79\System.Web.ni.dll - ok
01:33:39.0812 0x0cf4  [ 8049BD45ED56E2C697D844D299939AB9,

8DD0815A2FBB4A8C7172215F1451884697D6B5D8E02F59E4B765734136DFDDEC ]

C:\Program Files\Common Files\McAfee\AMCore\quarantine.dll
01:33:39.0812 0x0cf4  C:\Program Files\Common Files\McAfee\AMCore\quarantine.dll -

ok
01:33:39.0812 0x0cf4  [ B60E60F5DD93650E77BA2DEC66B9DD02,

EAFF67B3B3B94DD289F05EFD4BBB6A7BB4BA97E0086E35B61DA2810CEA05303A ]

C:\Program Files\Common Files\McAfee\AMCore\mfeunzip.dll
01:33:39.0812 0x0cf4  C:\Program Files\Common Files\McAfee\AMCore\mfeunzip.dll - ok
01:33:39.0812 0x0cf4  [ 416B0FB13CE10D065753C3BB530595CC,

654BDD25E3FC94B6A0F2E1B00E9A9CA2F7ABC2E58860EE48B9CEC4F7BBCE2A10 ]

C:\Program Files\Common Files\McAfee\AMCore\mfezip.dll
01:33:39.0812 0x0cf4  C:\Program Files\Common Files\McAfee\AMCore\mfezip.dll - ok
01:33:39.0812 0x0cf4  [ 8020C7C06B9DDC3372A9A84844C03136,

24C0FCBBDCEEB9A804D6A160C904DBEFD2DF5C576856255CAC2206EC9A6C9809 ]

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
01:33:39.0812 0x0cf4  C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -

ok
01:33:39.0828 0x0cf4  [ 2520074EFCE6A705AF997A5E530308B7,

621E60CD81682AB9A43BB3CE5F620F6AAE2EA415ED3AD58976322705C22CDE23 ]

C:\Program Files\Common Files\McAfee\AMCore\MFE_DS.dll
01:33:39.0828 0x0cf4  C:\Program Files\Common Files\McAfee\AMCore\MFE_DS.dll - ok
01:33:39.0828 0x0cf4  [ A544D0F6F3B703026F7F6C8102CEA409,

22BC391CB425352998A7593BE34CA4E33459F6A82083C51C08C01F19172AEAA9 ]

C:\Program Files\Common Files\McAfee\AMCore\lua_lib.dll
01:33:39.0828 0x0cf4  C:\Program Files\Common Files\McAfee\AMCore\lua_lib.dll - ok
01:33:39.0828 0x0cf4  [ 614B353ADE213AE246E68E3613145A7D,

1989D034709DCEB14A7739FBC58F66FBC3F90CF6ACD32747A6698CB9EE51379E ]

C:\Program Files\Common Files\McAfee\AMCore\MFE_CS.dll
01:33:39.0828 0x0cf4  C:\Program Files\Common Files\McAfee\AMCore\MFE_CS.dll - ok
01:33:39.0843 0x0cf4  [ 24D133E4D7AEB337DDC4A3DCD381FA0F,

E2810A170F21F6B33073B366323872957E7CC72F46B1668110E83A4C4D30AFD1 ]

C:\Program Files\Common Files\McAfee\AMCore\ncapi.dll
01:33:39.0843 0x0cf4  C:\Program Files\Common Files\McAfee\AMCore\ncapi.dll - ok
01:33:39.0843 0x0cf4  [ 3649632022709D55E6C6955B64FBC687,

54E0258F495129FDEB8DD44E2DF5C48675B6311A4B79A8FF0CBB81AC3CB89384 ]

C:\Program Files\Common Files\McAfee\AMCore\EMMain.dll
01:33:39.0843 0x0cf4  C:\Program Files\Common Files\McAfee\AMCore\EMMain.dll - ok
01:33:39.0843 0x0cf4  [ 0B6665428850D8A56EB72FF3495885CB,

6BC4C165E2996DB51F3F195785EF113055FED87D3937F778EC237A56C9567ECA ]

C:\PROGRA~1\COMMON~1\McAfee\MHN\HOMENE~3.DLL
01:33:39.0843 0x0cf4  C:\PROGRA~1\COMMON~1\McAfee\MHN\HOMENE~3.DLL - ok
01:33:39.0843 0x0cf4  [ E6D493A61979D2327A35DD1E7F3D6E0C,

3542CFD614C3F86BE4D98E5275C3B600398B15A942468CB0A3342C49004DCD05 ]

C:\WINDOWS\system32\xmllite.dll
01:33:39.0843 0x0cf4  C:\WINDOWS\system32\xmllite.dll - ok
01:33:39.0859 0x0cf4  [ D9FA3D98680125541A6D44F66E6F526D,

11B0E4CF8662AE7A43FD2D14979772986E773B7A43EA8F0C6EFF3CFBD07F20D0 ]

C:\PROGRA~1\McAfee\MPF\MpfSvc.dll
01:33:39.0859 0x0cf4  C:\PROGRA~1\McAfee\MPF\MpfSvc.dll - ok
01:33:39.0859 0x0cf4  [ 7AFA1ECE3D81F540D3C07E16CE5A69BA,

CBACF8063EC4AA66E5885B515F4082D34E92837B51E378B651AD829A657A54E3 ]

C:\Program Files\Common Files\McAfee\McProxy\McProxy.dll
01:33:39.0859 0x0cf4  C:\Program Files\Common Files\McAfee\McProxy\McProxy.dll - ok
01:33:39.0859 0x0cf4  [ E034B0D22AC0AB435F1EF9906DA003E2,

6DDEDCB03646014EE471B55F3FB98615EC7D8C4225BE53C6A1AEC7C8C919B46E ]

C:\WINDOWS\system32\mspatcha.dll
01:33:39.0859 0x0cf4  C:\WINDOWS\system32\mspatcha.dll - ok
01:33:39.0875 0x0cf4  [ CF0E8BD38C8E3FF71E4659B2ED9F7220,

86497B0071FA254D57F69D0E871490C625A01CCADA1C750817545DB181E415E7 ]

C:\WINDOWS\system32\ipnathlp.dll
01:33:39.0875 0x0cf4  C:\WINDOWS\system32\ipnathlp.dll - ok
01:33:39.0875 0x0cf4  [ 91876C6436B8ED54964DE4E464E60221,

FE1D6662CA9DA754FE0D283B0FBB24323F42DB8C77F86F5A05770500E1C3D27D ]

C:\PROGRA~1\McAfee\MPS\mps.dll
01:33:39.0875 0x0cf4  C:\PROGRA~1\McAfee\MPS\mps.dll - ok
01:33:39.0875 0x0cf4  [ E9A9452B5B775D8FB0D89C8EE6ACACF7,

2455D46DEBA0EE37B8E49B24CF3DD029ACE274E7A9EDB769017792885D47F1BE ]

C:\Program Files\Common Files\McAfee\SystemCore\mfefwctl.dll
01:33:39.0875 0x0cf4  C:\Program Files\Common Files\McAfee\SystemCore\mfefwctl.dll -

ok
01:33:39.0890 0x0cf4  [ 7D9199D9006D8FCBCCF3C6416F939B16,

720F29755D1DACF19D640A94FB60CC1E55C6931DC5726DF0A51DD089129AEDA8 ]

C:\WINDOWS\system32\wscsvc.dll
01:33:39.0890 0x0cf4  C:\WINDOWS\system32\wscsvc.dll - ok
01:33:39.0890 0x0cf4  [ D603990D9BDA99D2A4C21B4EA1936A54,

5D6E3E5E3915D6618410AC79F994B5B9E444439998E7C753DC7DAB6E47A2D5CD ]

C:\WINDOWS\system32\netcfgx.dll
01:33:39.0890 0x0cf4  C:\WINDOWS\system32\netcfgx.dll - ok
01:33:39.0890 0x0cf4  [ 4E386317ACDB4C09336BA1E5413335EB,

D66578D891D24380D4C2D9277D68C6DA809F406E8D12DEEE8E87AA7E69666759 ]

C:\WINDOWS\system32\wbem\wbemcore.dll
01:33:39.0890 0x0cf4  C:\WINDOWS\system32\wbem\wbemcore.dll - ok
01:33:39.0890 0x0cf4  [ 427C044B7B5EBB76F4B4D01472F210AF,

3CE156D496536BCA4BEBDA78690399318107EE1630230E54F015A81AB2D36184 ]

C:\PROGRA~1\McAfee\MPS\mpscfg.dll
01:33:39.0890 0x0cf4  C:\PROGRA~1\McAfee\MPS\mpscfg.dll - ok
01:33:39.0906 0x0cf4  [ EA078E44F37C51D3B0B42770C09D0D4E,

D0C97120959483CC8CED95E88A8D20EC8A457FBC00FB1CBDEC3FE6FC7C9B0C60 ]

C:\WINDOWS\system32\wbem\esscli.dll
01:33:39.0906 0x0cf4  C:\WINDOWS\system32\wbem\esscli.dll - ok
01:33:39.0906 0x0cf4  [ 22217AB00FA1D982FC79955E30C455B7,

08990BE77F02A11C93092528E24DB7462B60461D0E5976DB221144CB014EDA78 ]

C:\WINDOWS\system32\clusapi.dll
01:33:39.0906 0x0cf4  C:\WINDOWS\system32\clusapi.dll - ok
01:33:39.0906 0x0cf4  [ 378A0AEFB11D8B0DC8C27B9F7604B88D,

D0D6863FCE412B75B9B5FC38EA923759201E7193ED40CFBAA674630E2DE56FD3 ]

C:\WINDOWS\system32\wbem\fastprox.dll
01:33:39.0906 0x0cf4  C:\WINDOWS\system32\wbem\fastprox.dll - ok
01:33:39.0906 0x0cf4  [ 72367B2A960265E4D435B26BF9170418,

6D130C873C736D1FF9AE0C1DD41198C867E6AB31BC1F04A75D7A3F38E0E7B684 ]

C:\Program Files\Common

Files\McAfee\AMContent\scanners\x86\gti\1.32.197.1\amgti.dat
01:33:39.0906 0x0cf4  C:\Program Files\Common

Files\McAfee\AMContent\scanners\x86\gti\1.32.197.1\amgti.dat - ok
01:33:39.0921 0x0cf4  [ 9279C2C99EF72911EE649C061C7C731B,

0E63D01E006C0A609FD0AA3C27D67BCD4CF61F7C4EB76E29050E5B7D796EB1FB ]

C:\WINDOWS\system32\comsvcs.dll
01:33:39.0921 0x0cf4  C:\WINDOWS\system32\comsvcs.dll - ok
01:33:39.0921 0x0cf4  [ 936B3A0F42A2582028F151060B1D4C21,

990B0562115F02B108E5D43275D704303873040A67BE357CC67751575098F0D7 ] C:\Program

Files\Common Files\McAfee\AMContent\scanners\x86\gti\1.32.197.1\ts.dat
01:33:39.0921 0x0cf4  C:\Program Files\Common

Files\McAfee\AMContent\scanners\x86\gti\1.32.197.1\ts.dat - ok
01:33:39.0921 0x0cf4  [ 74F53B37D050405E3F70D9B1A671EFAB,

E0951471BF0903D09CB9D6651B5B8D41DFE02AE944AD55EC23DEE2A21E2B0C35 ]

C:\PROGRA~1\McAfee\MPF\MpfEvt.dll
01:33:39.0921 0x0cf4  C:\PROGRA~1\McAfee\MPF\MpfEvt.dll - ok
01:33:39.0937 0x0cf4  [ D3D912E8CEA72FFB0AC65DEEC27459D4,

82D759671BCF4A6A8171706792117B5765D08F80BA576430FE659B7B82DDD37F ]

C:\WINDOWS\system32\colbact.dll
01:33:39.0937 0x0cf4  C:\WINDOWS\system32\colbact.dll - ok
01:33:39.0937 0x0cf4  [ 36795A645EAA47FE31D2A8F136A2C69B,

D681D7DFC4A2A2F10658D76A93F009BDBFC6117E245E0883C509A286DC952EAD ]

C:\WINDOWS\system32\mtxclu.dll
01:33:39.0937 0x0cf4  C:\WINDOWS\system32\mtxclu.dll - ok
01:33:39.0937 0x0cf4  [ 6D21F73F3E41F67AD5979785E6363372,

8475440157EDFFBC231B62DD211A46C8DFC54146C921E131C22C8D5FFB3AD6B5 ]

C:\WINDOWS\system32\resutils.dll
01:33:39.0937 0x0cf4  C:\WINDOWS\system32\resutils.dll - ok
01:33:39.0937 0x0cf4  [ 841551C5B5A18ED8873AF0016CEFCDB8,

4C7A122C6628540E12A94AED98D11653F320BB443CA8103272C0A94352C41524 ]

C:\Program Files\Common

Files\McAfee\AMContent\scanners\x86\avengine\5900.7806\mcscan32.dat
01:33:39.0953 0x0cf4  C:\Program Files\Common

Files\McAfee\AMContent\scanners\x86\avengine\5900.7806\mcscan32.dat - ok
01:33:39.0968 0x0cf4  [ 687B7E2FD5B6A4F77B696EE419934123,

49F7A2A1054A973A163B7C3A0F4CAC62FBF2644F5D8BA019E8D13DFA9AE02F25 ]

C:\WINDOWS\system32\wbem\wbemsvc.dll
01:33:39.0968 0x0cf4  C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
01:33:39.0968 0x0cf4  [ 3458EDA96E30FBD0477A2800D3FB1909,

BDF84362E4D8A102E7FB5F352D950B84D1A8E1E7928521B68E7671D4176803C5 ]

C:\WINDOWS\system32\wups.dll
01:33:39.0968 0x0cf4  C:\WINDOWS\system32\wups.dll - ok
01:33:39.0984 0x0cf4  [ BDC0C99E472176C8C2C853A68ADC5073,

9A0A0CEE321C9BAF5545D6CB0BE3E725228B694F331FFACCEB770350AAF2C8C3 ]

C:\WINDOWS\system32\wups2.dll
01:33:39.0984 0x0cf4  C:\WINDOWS\system32\wups2.dll - ok
01:33:39.0984 0x0cf4  [ E539155149B4C6A66B94C64824D71D10,

4BF0C61B301E6D1674102E7DC464C3F25BCA3623D60BC06ADEE3E2F4A3526870 ]

C:\WINDOWS\system32\wbem\wmiutils.dll
01:33:39.0984 0x0cf4  C:\WINDOWS\system32\wbem\wmiutils.dll - ok
01:33:39.0984 0x0cf4  [ 82AEFEA06D8EB10D8C7F134A5CA4B74C,

1D5DB8B01BC663F292736B6798E2F7AD259AD54B9CC66A4AA249872D65A04E9A ]

C:\WINDOWS\system32\wbem\repdrvfs.dll
01:33:39.0984 0x0cf4  C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
01:33:39.0984 0x0cf4  [ 071143F687B4F887E21461CA6CC7EB29,

92C849517F985F19926E6425CD99E21029E1CA14FC92C9E40091DC79D4A723F2 ]

C:\WINDOWS\system32\wbem\wmiprvsd.dll
01:33:39.0984 0x0cf4  C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
01:33:40.0000 0x0cf4  [ A1435CD8121BE0FBE34FA12F9062053F,

91381A75B2B8F89CAFF9F3921FF27588117277A7415B5EEF78C7761FD9E734EE ]

C:\WINDOWS\system32\wbem\wbemess.dll
01:33:40.0000 0x0cf4  C:\WINDOWS\system32\wbem\wbemess.dll - ok
01:33:40.0000 0x0cf4  [ 2E0B0A051FFAA86E358465BB0880D453,

493CF6150DE95B269727631D50FE21405A41E449C4FF43E94F93D27559EA5624 ]

C:\WINDOWS\system32\wuauclt.exe
01:33:40.0000 0x0cf4  C:\WINDOWS\system32\wuauclt.exe - ok
01:33:40.0000 0x0cf4  [ 917A85C7B0F221CBF778D1F62F846434,

DCC0431EA3E5F222D209246A1726A7A483021E0E9E295838DF02D1F1C52216CF ]

C:\WINDOWS\system32\mobsync.exe
01:33:40.0000 0x0cf4  C:\WINDOWS\system32\mobsync.exe - ok
01:33:40.0015 0x0cf4  [ 1A617835452EEE5060976C9B9F5FE635,

DCCAAB049681BE876B73F0880EA32196CDA7EC954D452768A48D366096C5BD53 ]

C:\WINDOWS\system32\wuapi.dll
01:33:40.0015 0x0cf4  C:\WINDOWS\system32\wuapi.dll - ok
01:33:40.0015 0x0cf4  [ D61331CD7D6A3BE088E7C4D8C931874A,

9B867E7CF9B4949A58443C9BD32FABFAE823B9740BE1FD43517C6F909E508AA5 ]

C:\PROGRA~1\COMMON~1\McAfee\HACKER~1\HWAPI.dll
01:33:40.0015 0x0cf4  C:\PROGRA~1\COMMON~1\McAfee\HACKER~1\HWAPI.dll - ok
01:33:40.0015 0x0cf4  [ 39DA4E7E8B14E0E7504400BA70A6DCAA,

41640CA941EC2EA54FDC010846E95B3435BC774ECECAB12F53045D10C5630D65 ]

C:\PROGRA~1\COMMON~1\McAfee\Platform\Core\McEvtBrk.dll
01:33:40.0015 0x0cf4  C:\PROGRA~1\COMMON~1\McAfee\Platform\Core\McEvtBrk.dll -

ok
01:33:40.0031 0x0cf4  [ B28D8EF0442EE84ED09A74C7807B37C8,

B4A42F22125C0F9C4D414A53987B29FC61F43664E83B9F380C431A79D418457E ]

C:\WINDOWS\system32\wbem\ncprov.dll
01:33:40.0031 0x0cf4  C:\WINDOWS\system32\wbem\ncprov.dll - ok
01:33:40.0031 0x0cf4  [ DC21A4E064E86D61F1AC9FCF8069013D,

C12D3C3FF6E7935E4E1FE21CCDF1872FC40B60329B9C7F9DB0C6B5A6AD526C08 ]

C:\Program Files\Common Files\McAfee\VSCore_3_8\Lockdown.dll
01:33:40.0031 0x0cf4  C:\Program Files\Common Files\McAfee\VSCore_3_8\Lockdown.dll

- ok
01:33:40.0031 0x0cf4  [ D6AE1857232261C3272EA4BF4386808C,

7B7AB1DA74A676F3ECF5AB72834EEF36236935B8B76F381D563A66EE2ED9B223 ]

C:\WINDOWS\system32\mmc.exe
01:33:40.0031 0x0cf4  C:\WINDOWS\system32\mmc.exe - ok
01:33:40.0031 0x0cf4  [ 9482289261EE59D00736D8DF81498327,

E19C8A4DB300B261F9D964FC2EEE408D960CC729A35113BEAA7A39DB1A13AB1E ]

C:\WINDOWS\system32\mobsync.dll
01:33:40.0031 0x0cf4  C:\WINDOWS\system32\mobsync.dll - ok
01:33:40.0046 0x0cf4  [ F6F2BFC17069EB335ACCEEF7595F9302,

7434C4353DD2B2E5C8F3690CEF2E1F7E234C2402E6E3BFCBF29DCB1494125F8A ]

C:\WINDOWS\system32\mfc42u.dll
01:33:40.0046 0x0cf4  C:\WINDOWS\system32\mfc42u.dll - ok
01:33:40.0046 0x0cf4  [ 4C431AAA4B735355D26CD38B51ABF3E5,

FF629DDAF24FF42870D32FB0BB104947CAD08F256FE814ABD8E3D8FA7BCA7E95 ]

C:\Program Files\McAfee\MPF\L10N.dll
01:33:40.0046 0x0cf4  C:\Program Files\McAfee\MPF\L10N.dll - ok
01:33:40.0046 0x0cf4  [ 0D2003473E4D1B8A704685D2AFAEDD29,

308B01D8F6280955A64CBEC50A9FF8A4DD5BDD6F322874AADC05BF0D1325D6C1 ]

C:\WINDOWS\system32\drprov.dll
01:33:40.0046 0x0cf4  C:\WINDOWS\system32\drprov.dll - ok
01:33:40.0062 0x0cf4  [ D8D11AA424F4A024229BA10FBEC611EB,

FB5E69C0858A4E031CEEC1A2C021C26AB6FAE618AD9D767BB6C41AACD8A57906 ]

C:\WINDOWS\system32\mmcbase.dll
01:33:40.0062 0x0cf4  C:\WINDOWS\system32\mmcbase.dll - ok
01:33:40.0062 0x0cf4  [ B4B5D90E57F4047D61FB23C08CA9B57D,

515B90CA64EB2C847883518EBE332AD5FF25A5D03843771A9AA4F4C9DAF4EA0E ]

C:\WINDOWS\system32\ntlanman.dll
01:33:40.0062 0x0cf4  C:\WINDOWS\system32\ntlanman.dll - ok
01:33:40.0062 0x0cf4  [ A2DDDE878AAB55B50CAE01E4FEFF666D,

25BC3634DD535B4871D49316D0162676DE23D60225DE7E1F9C4E88D19E4977FA ]

C:\WINDOWS\system32\netui0.dll
01:33:40.0062 0x0cf4  C:\WINDOWS\system32\netui0.dll - ok
01:33:40.0062 0x0cf4  [ E3BB1A144FAAE3018E18694E3661CCA3,

0033121B405C60319A8003C570D84B8FBE8D20BF65D9B34380E00D744096D0DE ]

C:\WINDOWS\system32\netui1.dll
01:33:40.0062 0x0cf4  C:\WINDOWS\system32\netui1.dll - ok
01:33:40.0078 0x0cf4  [ B4B66E743BE3997AB7C17DA03EA11A6F,

25654F0EE70D9DF0CD701B3BD928F77125E0F8A366172141506547A4113ED792 ]

C:\WINDOWS\system32\davclnt.dll
01:33:40.0078 0x0cf4  C:\WINDOWS\system32\davclnt.dll - ok
01:33:40.0078 0x0cf4  [ 88F380E2BC857E227D746AB19D3CF253,

ABB72DB450CE5688BE51365CA23CEA22AD8185964C9F83501B2CD41121F9692A ]

C:\WINDOWS\system32\mmcndmgr.dll
01:33:40.0078 0x0cf4  C:\WINDOWS\system32\mmcndmgr.dll - ok
01:33:40.0078 0x0cf4  [ 798A9E6828997EEF4517ADA8A2259831,

64389FAD94D54E2D43A7292AD3C57CB16F90F2C80EA44099E02D11E19E390A5B ]

C:\WINDOWS\system32\wbem\wmiprvse.exe
01:33:40.0078 0x0cf4  C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
01:33:40.0093 0x0cf4  [ F784184DB39C84950C87B7C2438AA0D7,

E5E856ADAAABBC93296B33A7160B2D006BB907DD99D294CA1CD2597939C351E7 ]

C:\WINDOWS\system32\wbem\cimwin32.dll
01:33:40.0093 0x0cf4  C:\WINDOWS\system32\wbem\cimwin32.dll - ok
01:33:40.0093 0x0cf4  [ FBA8573905059AC03349270989528E66,

2AA8A402FBE80F7BD671CA5ED79D073F263F0BAD4302632CFB2B0137676BE06C ]

C:\WINDOWS\system32\wbem\framedyn.dll
01:33:40.0093 0x0cf4  C:\WINDOWS\system32\wbem\framedyn.dll - ok
01:33:40.0093 0x0cf4  [ 9E049D0A4F2D1712C0BEA12060F10489,

22A12E316DF58013BD2ED3F65B64701C0748D3BD191D5B0E1541740F565C83CA ]

C:\Program Files\Citrix\ICA Client\wfcrun32.exe
01:33:40.0093 0x0cf4  C:\Program Files\Citrix\ICA Client\wfcrun32.exe - ok
01:33:40.0093 0x0cf4  ================ Scan generic autorun

======================
01:33:40.0187 0x0cf4  [ 9C3B2302B60FB0EFB13BC880A5E3E93E,

16F32AB74A57B521FF431F2C36609DE5F6ABE0DCD3111B4954471DEED700A66B ]

C:\WINDOWS\system32\HDAShCut.exe
01:33:40.0484 0x0cf4  Ярлык для страницы свойств High Definition Audio - detected

UnsignedFile.Multi.Generic ( 1 )
01:33:42.0968 0x0cf4  Detect skipped due to KSN trusted
01:33:42.0968 0x0cf4  Ярлык для страницы свойств High Definition Audio - ok
01:33:43.0093 0x0cf4  [ 917A85C7B0F221CBF778D1F62F846434,

DCC0431EA3E5F222D209246A1726A7A483021E0E9E295838DF02D1F1C52216CF ]

C:\WINDOWS\system32\mobsync.exe
01:33:44.0734 0x0cf4  Synchronization Manager - ok
01:33:44.0812 0x0cf4  [ 0D034E8C4F88C5B2B0C1AF3CF438CC4F,

F44F9A6BBA0AE6D350F98CDBF2D5B09D56D9B1CF46F4CB9F50566232B32F8BAE ]

C:\WINDOWS\SOUNDMAN.EXE
01:33:47.0109 0x0cf4  SoundMan - ok
01:33:48.0937 0x0cf4  [ ED7FB962F5EA840C27DF60AE4346A913,

60FE7FD0D5736011BCCAE74E41C5DF05F993600E140058295EB413512001825E ] C:\Program

Files\Citrix\ICA Client\redirector.exe
01:33:49.0156 0x0cf4  Redirector - ok
01:33:49.0234 0x0cf4  [ 4B10675852FE8862521024778E264D5F,

5520A4D16517708807A01954DF977A790DDD1715B0CF90D48DCE490C5AF60455 ]

C:\WINDOWS\system32\igfxpers.exe
01:33:51.0312 0x0cf4  igfxpers - ok
01:33:51.0359 0x0cf4  [ 42344DDF30337979216EA6AFA58BB42A,

565EB63BE814F959BB0E547218C963B5ECA455A394455D411BD1889A66B31E54 ]

C:\WINDOWS\system32\hkcmd.exe
01:33:51.0562 0x0cf4  igfxhkcmd - ok
01:33:52.0078 0x0cf4  [ BF0EE37A14144C88A9F6FDA7B44981BB,

91648E51C6DB3E61B3DFE196C878B33ED493C57218D3BB0374108DDC06990041 ]

C:\Program Files\Epson Software\Event Manager\EEventManager.exe
01:33:52.0453 0x0cf4  EEventManager - ok
01:33:52.0609 0x0cf4  [ F0AD6FB996D4BE1E364934FA7A6BD094,

B747580F2D3211B3350368B59B418D8737F009A6D4D066897F60B670A0C33F4F ] C:\Program

Files\Citrix\ICA Client\concentr.exe
01:33:52.0906 0x0cf4  ConnectionCenter - ok
01:33:53.0390 0x0cf4  [ 187F4C75A89E3F412322C94526320074,

D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ]

C:\Program Files\Microsoft Office\Office14\BCSSync.exe
01:33:53.0718 0x0cf4  BCSSync - ok
01:33:54.0625 0x0cf4  [ EC05E964058693D1F71D1B5506B5CF09,

B1E126AA040800FEC99CAE2C675A225183D50A6F3D24262051A5FB5D96E61012 ]

C:\WINDOWS\ALCWZRD.EXE
01:33:56.0046 0x0cf4  AlcWzrd - ok
01:33:56.0156 0x0cf4  [ 8B4CBBA1EA526830C7F97E7822E2493A,

1DFD05B1C0050DB44F5B4293E5574BFC292AF804A63FC0A70131BB498C326977 ]

C:\WINDOWS\ALCMTR.EXE
01:33:56.0406 0x0cf4  Alcmtr - ok
01:33:57.0281 0x0cf4  [ 48BE298F7FD1BEF4D8FBACB04D8D95C4,

D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ]

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
01:33:57.0562 0x0cf4  Adobe ARM - ok
01:33:57.0765 0x0cf4  [ 00C608CDFC203846B20EB12E2AB41F3A,

C67279A51C4ACFDF3DBEA0D006DE8DB67DA3F5B61D3B2B7D6F0E6EAB6C180A06 ]

C:\Program Files\McAfee.com\Agent\mcagent.exe
01:33:58.0171 0x0cf4  mcpltui_exe - ok
01:33:58.0406 0x0cf4  [ 06F6DB72ADABC5E858F38EF69014CE52,

B4AEABF3EA6FCABBED879D642BA070DF9C244E28DB5BDC3211205C7B8DB97BFB ]

C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
01:33:59.0921 0x0cf4  OfficeSyncProcess - ok
01:34:00.0062 0x0cf4  [ A3F00130A3177AF0A263AE640DFCFE4C,

C2577FB798DD7F84505F0F5BBAFE06754DBF69B3D8A07E795DFF2C44B6780653 ]

C:\WINDOWS\system32\ctfmon.exe
01:34:05.0125 0x0cf4  ctfmon.exe - ok
01:34:05.0125 0x0cf4  SRSHDAudioLab - ok
01:34:06.0890 0x0cf4  [ 20616E7A9E9A1D231FD232FC3ACAE46D,

017D06196BFE0B1D71D4BAA5BDD716E8320C8F64882B512540DA8739B4CD0C4A ]

C:\Documents and Settings\Boss\Local Settings\Application Data\Amazon

Music\Amazon Music Helper.exe
01:34:09.0968 0x0cf4  Amazon Music - ok
01:34:10.0015 0x0cf4  Waiting for KSN requests completion. In queue: 2
01:34:11.0015 0x0cf4  Waiting for KSN requests completion. In queue: 2
01:34:12.0015 0x0cf4  Waiting for KSN requests completion. In queue: 2
01:34:15.0859 0x0cf4  AV detected via SS1: McAfee Anti-Virus and Anti-Spyware, ,

enabled, updated
01:34:15.0859 0x0cf4  FW detected via SS1: McAfee Firewall, , enabled
01:34:18.0375 0x0cf4  

============================================================
01:34:18.0375 0x0cf4  Scan finished
01:34:18.0375 0x0cf4  

============================================================
01:34:20.0671 0x0cec  Detected object count: 4
01:34:20.0671 0x0cec  Actual detected object count: 4
01:34:30.0687 0x0cec  

C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe - copied to

quarantine
01:34:30.0750 0x0cec  AdobeFlashPlayerUpdateSvc ( UnsignedFile.Multi.Generic ) - User

select action: Quarantine
01:34:32.0406 0x0cec  C:\WINDOWS\system32\FsUsbExDisk.SYS - copied to quarantine
01:34:32.0812 0x0cec  FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action:

Quarantine
01:34:34.0000 0x0cec  C:\WINDOWS\system32\HPZipm12.exe - copied to quarantine
01:34:34.0000 0x0cec  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action:

Quarantine
01:34:34.0906 0x0cec  \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
01:34:35.0265 0x0cec  \Device\Harddisk0\DR0\TDLFS\tdlcmd.dll - copied to quarantine
01:34:35.0296 0x0cec  \Device\Harddisk0\DR0\TDLFS\tdlwsp.dll - copied to quarantine
01:34:35.0296 0x0cec  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action:

Quarantine
 



#6 KerryJo2712

KerryJo2712
  • Topic Starter

  •  Avatar image
  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Manchester
  • Local time:05:11 AM

Posted 30 May 2018 - 07:46 PM

Again sorry for the delay, as I've found a virus using TDSS I think that could be why it wouldn't let me run it until now, my desktop has also turned black and I've got the warniong about counterfit copy of windows at bottom right of screen also asks me to resolve on login

 

Thanks again will try run other logs now



#7 KerryJo2712

KerryJo2712
  • Topic Starter

  •  Avatar image
  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Manchester
  • Local time:05:11 AM

Posted 30 May 2018 - 07:54 PM

Ok so I've tried downloading and running ADW cleaner at least 10 times now and I get the following "Unable to locate component..... dwmapi.dll was not found.reinstalling the application may fix this problem"



#8 KerryJo2712

KerryJo2712
  • Topic Starter

  •  Avatar image
  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Manchester
  • Local time:05:11 AM

Posted 02 June 2018 - 12:17 PM

These are all the logs I am able to run....adw cleaner won't download and the online scanner stops a quarter of the way through



#9 boopme

boopme

    To Insanity and Beyond


  •  Avatar image
  • Helper Emeritus
  • 85,296 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:11 AM

Posted 04 June 2018 - 01:31 PM

Ok, we need one n one help for you.. Please make a new topic by doing steps 6 and 7....
"cannot run malware Tools"

Please follow this Preparation Guide and post in a new topic.
Let me know if all went well..
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users